Skip to content
GitLab
Projects
Groups
Snippets
Help
Loading...
Help
What's new
10
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Open sidebar
ai3
accountserver
Commits
81eb87b7
Commit
81eb87b7
authored
Aug 17, 2018
by
ale
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Update vendored deps
parent
00fb053f
Changes
22
Expand all
Hide whitespace changes
Inline
Side-by-side
Showing
22 changed files
with
10512 additions
and
10512 deletions
+10512
-10512
vendor/git.autistici.org/ai3/go-common/clientutil/backend.go
vendor/git.autistici.org/ai3/go-common/clientutil/backend.go
+0
-119
vendor/git.autistici.org/ai3/go-common/clientutil/json.go
vendor/git.autistici.org/ai3/go-common/clientutil/json.go
+0
-45
vendor/git.autistici.org/ai3/go-common/clientutil/retry.go
vendor/git.autistici.org/ai3/go-common/clientutil/retry.go
+0
-92
vendor/git.autistici.org/ai3/go-common/clientutil/tls.go
vendor/git.autistici.org/ai3/go-common/clientutil/tls.go
+0
-37
vendor/git.autistici.org/ai3/go-common/clientutil/transport.go
...r/git.autistici.org/ai3/go-common/clientutil/transport.go
+0
-172
vendor/git.autistici.org/ai3/go-common/ldap/pool.go
vendor/git.autistici.org/ai3/go-common/ldap/pool.go
+27
-9
vendor/github.com/cenkalti/backoff/README.md
vendor/github.com/cenkalti/backoff/README.md
+1
-1
vendor/github.com/cenkalti/backoff/context.go
vendor/github.com/cenkalti/backoff/context.go
+1
-2
vendor/github.com/cenkalti/backoff/retry.go
vendor/github.com/cenkalti/backoff/retry.go
+0
-1
vendor/github.com/cenkalti/backoff/ticker.go
vendor/github.com/cenkalti/backoff/ticker.go
+0
-2
vendor/github.com/cenkalti/backoff/tries.go
vendor/github.com/cenkalti/backoff/tries.go
+2
-2
vendor/golang.org/x/crypto/ed25519/ed25519.go
vendor/golang.org/x/crypto/ed25519/ed25519.go
+48
-12
vendor/golang.org/x/crypto/ed25519/internal/edwards25519/edwards25519.go
...rg/x/crypto/ed25519/internal/edwards25519/edwards25519.go
+22
-0
vendor/golang.org/x/net/context/context.go
vendor/golang.org/x/net/context/context.go
+0
-56
vendor/golang.org/x/net/context/go17.go
vendor/golang.org/x/net/context/go17.go
+0
-72
vendor/golang.org/x/net/context/go19.go
vendor/golang.org/x/net/context/go19.go
+0
-20
vendor/golang.org/x/net/context/pre_go17.go
vendor/golang.org/x/net/context/pre_go17.go
+0
-300
vendor/golang.org/x/net/context/pre_go19.go
vendor/golang.org/x/net/context/pre_go19.go
+0
-109
vendor/golang.org/x/net/publicsuffix/gen.go
vendor/golang.org/x/net/publicsuffix/gen.go
+713
-0
vendor/golang.org/x/net/publicsuffix/list.go
vendor/golang.org/x/net/publicsuffix/list.go
+37
-2
vendor/golang.org/x/net/publicsuffix/table.go
vendor/golang.org/x/net/publicsuffix/table.go
+9626
-9412
vendor/vendor.json
vendor/vendor.json
+35
-47
No files found.
vendor/git.autistici.org/ai3/go-common/clientutil/backend.go
deleted
100644 → 0
View file @
00fb053f
package
clientutil
import
(
"crypto/tls"
"fmt"
"net/http"
"net/url"
"sync"
"time"
)
// BackendConfig specifies the configuration to access a service.
//
// Services with multiple backends can be replicated or partitioned,
// depending on a configuration switch, making it a deployment-time
// decision. Clients are expected to compute their own sharding
// function (either by database lookup or other methods), and expose a
// 'shard' parameter on their APIs.
type
BackendConfig
struct
{
URL
string
`yaml:"url"`
Sharded
bool
`yaml:"sharded"`
TLSConfig
*
TLSClientConfig
`yaml:"tls_config"`
}
// Backend is a runtime class that provides http Clients for use with
// a specific service backend. If the service can't be partitioned,
// pass an empty string to the Client method.
type
Backend
interface
{
// URL for the service for a specific shard.
URL
(
string
)
string
// Client that can be used to make a request to the service.
Client
(
string
)
*
http
.
Client
}
// NewBackend returns a new Backend with the given config.
func
NewBackend
(
config
*
BackendConfig
)
(
Backend
,
error
)
{
u
,
err
:=
url
.
Parse
(
config
.
URL
)
if
err
!=
nil
{
return
nil
,
err
}
var
tlsConfig
*
tls
.
Config
if
config
.
TLSConfig
!=
nil
{
tlsConfig
,
err
=
config
.
TLSConfig
.
TLSConfig
()
if
err
!=
nil
{
return
nil
,
err
}
}
if
config
.
Sharded
{
return
&
replicatedClient
{
u
:
u
,
c
:
newHTTPClient
(
u
,
tlsConfig
),
},
nil
}
return
&
shardedClient
{
baseURL
:
u
,
tlsConfig
:
tlsConfig
,
urls
:
make
(
map
[
string
]
*
url
.
URL
),
shards
:
make
(
map
[
string
]
*
http
.
Client
),
},
nil
}
type
replicatedClient
struct
{
c
*
http
.
Client
u
*
url
.
URL
}
func
(
r
*
replicatedClient
)
Client
(
_
string
)
*
http
.
Client
{
return
r
.
c
}
func
(
r
*
replicatedClient
)
URL
(
_
string
)
string
{
return
r
.
u
.
String
()
}
type
shardedClient
struct
{
baseURL
*
url
.
URL
tlsConfig
*
tls
.
Config
mx
sync
.
Mutex
urls
map
[
string
]
*
url
.
URL
shards
map
[
string
]
*
http
.
Client
}
func
(
s
*
shardedClient
)
getShardURL
(
shard
string
)
*
url
.
URL
{
if
shard
==
""
{
return
s
.
baseURL
}
u
,
ok
:=
s
.
urls
[
shard
]
if
!
ok
{
var
tmp
=
*
s
.
baseURL
tmp
.
Host
=
fmt
.
Sprintf
(
"%s.%s"
,
shard
,
tmp
.
Host
)
u
=
&
tmp
s
.
urls
[
shard
]
=
u
}
return
u
}
func
(
s
*
shardedClient
)
URL
(
shard
string
)
string
{
s
.
mx
.
Lock
()
defer
s
.
mx
.
Unlock
()
return
s
.
getShardURL
(
shard
)
.
String
()
}
func
(
s
*
shardedClient
)
Client
(
shard
string
)
*
http
.
Client
{
s
.
mx
.
Lock
()
defer
s
.
mx
.
Unlock
()
client
,
ok
:=
s
.
shards
[
shard
]
if
!
ok
{
u
:=
s
.
getShardURL
(
shard
)
client
=
newHTTPClient
(
u
,
s
.
tlsConfig
)
s
.
shards
[
shard
]
=
client
}
return
client
}
func
newHTTPClient
(
u
*
url
.
URL
,
tlsConfig
*
tls
.
Config
)
*
http
.
Client
{
return
&
http
.
Client
{
Transport
:
NewTransport
([]
string
{
u
.
Host
},
tlsConfig
,
nil
),
Timeout
:
30
*
time
.
Second
,
}
}
vendor/git.autistici.org/ai3/go-common/clientutil/json.go
deleted
100644 → 0
View file @
00fb053f
package
clientutil
import
(
"bytes"
"context"
"encoding/json"
"errors"
"fmt"
"net/http"
)
// DoJSONHTTPRequest makes an HTTP POST request to the specified uri,
// with a JSON-encoded request body. It will attempt to decode the
// response body as JSON.
func
DoJSONHTTPRequest
(
ctx
context
.
Context
,
client
*
http
.
Client
,
uri
string
,
req
,
resp
interface
{})
error
{
data
,
err
:=
json
.
Marshal
(
req
)
if
err
!=
nil
{
return
err
}
httpReq
,
err
:=
http
.
NewRequest
(
"POST"
,
uri
,
bytes
.
NewReader
(
data
))
if
err
!=
nil
{
return
err
}
httpReq
.
Header
.
Set
(
"Content-Type"
,
"application/json"
)
httpReq
=
httpReq
.
WithContext
(
ctx
)
httpResp
,
err
:=
RetryHTTPDo
(
client
,
httpReq
,
NewExponentialBackOff
())
if
err
!=
nil
{
return
err
}
defer
httpResp
.
Body
.
Close
()
if
httpResp
.
StatusCode
!=
200
{
return
fmt
.
Errorf
(
"HTTP status %d"
,
httpResp
.
StatusCode
)
}
if
httpResp
.
Header
.
Get
(
"Content-Type"
)
!=
"application/json"
{
return
errors
.
New
(
"not a JSON response"
)
}
if
resp
==
nil
{
return
nil
}
return
json
.
NewDecoder
(
httpResp
.
Body
)
.
Decode
(
resp
)
}
vendor/git.autistici.org/ai3/go-common/clientutil/retry.go
deleted
100644 → 0
View file @
00fb053f
package
clientutil
import
(
"errors"
"net/http"
"time"
"github.com/cenkalti/backoff"
)
// NewExponentialBackOff creates a backoff.ExponentialBackOff object
// with our own default values.
func
NewExponentialBackOff
()
*
backoff
.
ExponentialBackOff
{
b
:=
backoff
.
NewExponentialBackOff
()
b
.
InitialInterval
=
100
*
time
.
Millisecond
//b.Multiplier = 1.4142
return
b
}
// A temporary (retriable) error is something that has a Temporary method.
type
tempError
interface
{
Temporary
()
bool
}
type
tempErrorWrapper
struct
{
error
}
func
(
t
tempErrorWrapper
)
Temporary
()
bool
{
return
true
}
// TempError makes a temporary (retriable) error out of a normal error.
func
TempError
(
err
error
)
error
{
return
tempErrorWrapper
{
err
}
}
// Retry operation op until it succeeds according to the backoff
// policy b.
//
// Note that this function reverses the error semantics of
// backoff.Operation: all errors are permanent unless explicitly
// marked as temporary (i.e. they have a Temporary() method that
// returns true). This is to better align with the errors returned by
// the net package.
func
Retry
(
op
backoff
.
Operation
,
b
backoff
.
BackOff
)
error
{
innerOp
:=
func
()
error
{
err
:=
op
()
if
err
==
nil
{
return
err
}
if
tmpErr
,
ok
:=
err
.
(
tempError
);
ok
&&
tmpErr
.
Temporary
()
{
return
err
}
return
backoff
.
Permanent
(
err
)
}
return
backoff
.
Retry
(
innerOp
,
b
)
}
var
errHTTPBackOff
=
TempError
(
errors
.
New
(
"temporary http error"
))
func
isStatusTemporary
(
code
int
)
bool
{
switch
code
{
case
http
.
StatusTooManyRequests
,
http
.
StatusBadGateway
,
http
.
StatusServiceUnavailable
,
http
.
StatusGatewayTimeout
:
return
true
default
:
return
false
}
}
// RetryHTTPDo retries an HTTP request until it succeeds, according to
// the backoff policy b. It will retry on temporary network errors and
// upon receiving specific temporary HTTP errors. It will use the
// context associated with the HTTP request object.
func
RetryHTTPDo
(
client
*
http
.
Client
,
req
*
http
.
Request
,
b
backoff
.
BackOff
)
(
*
http
.
Response
,
error
)
{
var
resp
*
http
.
Response
op
:=
func
()
error
{
// Clear up previous response if set.
if
resp
!=
nil
{
resp
.
Body
.
Close
()
}
var
err
error
resp
,
err
=
client
.
Do
(
req
)
if
err
==
nil
&&
isStatusTemporary
(
resp
.
StatusCode
)
{
resp
.
Body
.
Close
()
return
errHTTPBackOff
}
return
err
}
err
:=
Retry
(
op
,
backoff
.
WithContext
(
b
,
req
.
Context
()))
return
resp
,
err
}
vendor/git.autistici.org/ai3/go-common/clientutil/tls.go
deleted
100644 → 0
View file @
00fb053f
package
clientutil
import
(
"crypto/tls"
common
"git.autistici.org/ai3/go-common"
)
// TLSClientConfig defines the TLS parameters for a client connection
// that should use a client X509 certificate for authentication.
type
TLSClientConfig
struct
{
Cert
string
`yaml:"cert"`
Key
string
`yaml:"key"`
CA
string
`yaml:"ca"`
}
// TLSConfig returns a tls.Config object with the current configuration.
func
(
c
*
TLSClientConfig
)
TLSConfig
()
(
*
tls
.
Config
,
error
)
{
cert
,
err
:=
tls
.
LoadX509KeyPair
(
c
.
Cert
,
c
.
Key
)
if
err
!=
nil
{
return
nil
,
err
}
tlsConf
:=
&
tls
.
Config
{
Certificates
:
[]
tls
.
Certificate
{
cert
},
}
if
c
.
CA
!=
""
{
cas
,
err
:=
common
.
LoadCA
(
c
.
CA
)
if
err
!=
nil
{
return
nil
,
err
}
tlsConf
.
RootCAs
=
cas
}
tlsConf
.
BuildNameToCertificate
()
return
tlsConf
,
nil
}
vendor/git.autistici.org/ai3/go-common/clientutil/transport.go
deleted
100644 → 0
View file @
00fb053f
package
clientutil
import
(
"context"
"crypto/tls"
"errors"
"log"
"net"
"net/http"
"sync"
"time"
)
var
errAllBackendsFailed
=
errors
.
New
(
"all backends failed"
)
type
dnsResolver
struct
{}
func
(
r
*
dnsResolver
)
ResolveIPs
(
hosts
[]
string
)
[]
string
{
var
resolved
[]
string
for
_
,
hostport
:=
range
hosts
{
host
,
port
,
err
:=
net
.
SplitHostPort
(
hostport
)
if
err
!=
nil
{
log
.
Printf
(
"error parsing %s: %v"
,
hostport
,
err
)
continue
}
hostIPs
,
err
:=
net
.
LookupIP
(
host
)
if
err
!=
nil
{
log
.
Printf
(
"error resolving %s: %v"
,
host
,
err
)
continue
}
for
_
,
ip
:=
range
hostIPs
{
resolved
=
append
(
resolved
,
net
.
JoinHostPort
(
ip
.
String
(),
port
))
}
}
return
resolved
}
var
defaultResolver
=
&
dnsResolver
{}
type
resolver
interface
{
ResolveIPs
([]
string
)
[]
string
}
// Balancer for HTTP connections. It will round-robin across available
// backends, trying to avoid ones that are erroring out, until one
// succeeds or they all fail.
//
// This object should not be used for load balancing of individual
// HTTP requests: once a new connection is established, requests will
// be sent over it until it errors out. It's meant to provide a
// *reliable* connection to a set of equivalent backends for HA
// purposes.
type
balancer
struct
{
hosts
[]
string
resolver
resolver
stop
chan
bool
// List of currently valid (or untested) backends, and ones
// that errored out at least once.
mx
sync
.
Mutex
addrs
[]
string
ok
map
[
string
]
bool
}
var
backendUpdateInterval
=
60
*
time
.
Second
// Periodically update the list of available backends.
func
(
b
*
balancer
)
updateProc
()
{
tick
:=
time
.
NewTicker
(
backendUpdateInterval
)
for
{
select
{
case
<-
b
.
stop
:
return
case
<-
tick
.
C
:
resolved
:=
b
.
resolver
.
ResolveIPs
(
b
.
hosts
)
if
len
(
resolved
)
>
0
{
b
.
mx
.
Lock
()
b
.
addrs
=
resolved
b
.
mx
.
Unlock
()
}
}
}
}
// Returns a list of all available backends, split into "good ones"
// (no errors seen since last successful connection) and "bad ones".
func
(
b
*
balancer
)
getBackends
()
([]
string
,
[]
string
)
{
b
.
mx
.
Lock
()
defer
b
.
mx
.
Unlock
()
var
good
,
bad
[]
string
for
_
,
addr
:=
range
b
.
addrs
{
if
ok
:=
b
.
ok
[
addr
];
ok
{
good
=
append
(
good
,
addr
)
}
else
{
bad
=
append
(
bad
,
addr
)
}
}
return
good
,
bad
}
func
(
b
*
balancer
)
notify
(
addr
string
,
ok
bool
)
{
b
.
mx
.
Lock
()
b
.
ok
[
addr
]
=
ok
b
.
mx
.
Unlock
()
}
func
netDialContext
(
ctx
context
.
Context
,
network
,
addr
string
)
(
net
.
Conn
,
error
)
{
timeout
:=
30
*
time
.
Second
// Go < 1.9 does not have net.DialContext, reimplement it in
// terms of net.DialTimeout.
if
deadline
,
ok
:=
ctx
.
Deadline
();
ok
{
timeout
=
time
.
Until
(
deadline
)
}
return
net
.
DialTimeout
(
network
,
addr
,
timeout
)
}
func
(
b
*
balancer
)
dial
(
ctx
context
.
Context
,
network
,
addr
string
)
(
net
.
Conn
,
error
)
{
// Start by attempting a connection on 'good' targets.
good
,
bad
:=
b
.
getBackends
()
for
_
,
addr
:=
range
good
{
// Go < 1.9 does not have DialContext, deal with it
conn
,
err
:=
netDialContext
(
ctx
,
network
,
addr
)
if
err
==
nil
{
return
conn
,
nil
}
else
if
err
==
context
.
Canceled
{
// A timeout might be bad, set the error bit
// on the connection.
b
.
notify
(
addr
,
false
)
return
nil
,
err
}
b
.
notify
(
addr
,
false
)
}
for
_
,
addr
:=
range
bad
{
conn
,
err
:=
netDialContext
(
ctx
,
network
,
addr
)
if
err
==
nil
{
b
.
notify
(
addr
,
true
)
return
conn
,
nil
}
else
if
err
==
context
.
Canceled
{
return
nil
,
err
}
}
return
nil
,
errAllBackendsFailed
}
// NewTransport returns a suitably configured http.RoundTripper that
// talks to a specific backend service. It performs discovery of
// available backends via DNS (using A or AAAA record lookups), tries
// to route traffic away from faulty backends.
//
// It will periodically attempt to rediscover new backends.
func
NewTransport
(
backends
[]
string
,
tlsConf
*
tls
.
Config
,
resolver
resolver
)
http
.
RoundTripper
{
if
resolver
==
nil
{
resolver
=
defaultResolver
}
addrs
:=
resolver
.
ResolveIPs
(
backends
)
b
:=
&
balancer
{
hosts
:
backends
,
resolver
:
resolver
,
addrs
:
addrs
,
ok
:
make
(
map
[
string
]
bool
),
}
go
b
.
updateProc
()
return
&
http
.
Transport
{
DialContext
:
b
.
dial
,
TLSClientConfig
:
tlsConf
,
}
}
vendor/git.autistici.org/ai3/go-common/ldap/pool.go
View file @
81eb87b7
...
...
@@ -7,11 +7,30 @@ import (
"net/url"
"time"
"git.autistici.org/ai3/go-common/clientutil"
"github.com/cenkalti/backoff"
"gopkg.in/ldap.v2"
)
// Parameters that define the exponential backoff algorithm used.
var
(
ExponentialBackOffInitialInterval
=
100
*
time
.
Millisecond
ExponentialBackOffMultiplier
=
1.4142
)
// newExponentialBackOff creates a backoff.ExponentialBackOff object
// with our own default values.
func
newExponentialBackOff
()
*
backoff
.
ExponentialBackOff
{
b
:=
backoff
.
NewExponentialBackOff
()
b
.
InitialInterval
=
ExponentialBackOffInitialInterval
b
.
Multiplier
=
ExponentialBackOffMultiplier
// Set MaxElapsedTime to 0 because we expect the overall
// timeout to be dictated by the request Context.
b
.
MaxElapsedTime
=
0
return
b
}
// ConnectionPool provides a goroutine-safe pool of long-lived LDAP
// connections that will reconnect on errors.
type
ConnectionPool
struct
{
...
...
@@ -129,14 +148,14 @@ func NewConnectionPool(uri, bindDN, bindPw string, cacheSize int) (*ConnectionPo
}
func
(
p
*
ConnectionPool
)
doRequest
(
ctx
context
.
Context
,
fn
func
(
*
ldap
.
Conn
)
error
)
error
{
return
clientutil
.
Retry
(
func
()
error
{
return
backoff
.
Retry
(
func
()
error
{
conn
,
err
:=
p
.
Get
(
ctx
)
if
err
!=
nil
{
// Here conn is nil, so we don't need to Release it.
if
isTemporaryLDAPError
(
err
)
{
return
clientutil
.
TempError
(
err
)
return
err
}
return
err
return
backoff
.
Permanent
(
err
)
}
if
deadline
,
ok
:=
ctx
.
Deadline
();
ok
{
...
...
@@ -144,13 +163,12 @@ func (p *ConnectionPool) doRequest(ctx context.Context, fn func(*ldap.Conn) erro
}
err
=
fn
(
conn
)
if
err
!=
nil
&&
isTemporaryLDAPError
(
err
)
{
p
.
Release
(
conn
,
err
)
return
clientutil
.
TempError
(
err
)
}
p
.
Release
(
conn
,
err
)
if
err
!=
nil
&&
!
isTemporaryLDAPError
(
err
)
{
err
=
backoff
.
Permanent
(
err
)
}
return
err
},
backoff
.
WithContext
(
clientutil
.
N
ewExponentialBackOff
(),
ctx
))
},
backoff
.
WithContext
(
n
ewExponentialBackOff
(),
ctx
))
}
// Search performs the given search request. It will retry the request
...
...
vendor/github.com/cenkalti/backoff/README.md
View file @
81eb87b7
...
...
@@ -24,7 +24,7 @@ See https://godoc.org/github.com/cenkalti/backoff#pkg-examples
[
coveralls
]:
https://coveralls.io/github/cenkalti/backoff?branch=master
[
coveralls image
]:
https://coveralls.io/repos/github/cenkalti/backoff/badge.svg?branch=master
[
google-http-java-client
]:
https://github.com/google/google-http-java-client
[
google-http-java-client
]:
https://github.com/google/google-http-java-client
/blob/da1aa993e90285ec18579f1553339b00e19b3ab5/google-http-client/src/main/java/com/google/api/client/util/ExponentialBackOff.java
[
exponential backoff wiki
]:
http://en.wikipedia.org/wiki/Exponential_backoff
[
advanced example
]:
https://godoc.org/github.com/cenkalti/backoff#example_
vendor/github.com/cenkalti/backoff/context.go
View file @
81eb87b7
package
backoff
import
(
"context"
"time"
"golang.org/x/net/context"
)
// BackOffContext is a backoff policy that stops retrying after the context
...
...
vendor/github.com/cenkalti/backoff/retry.go
View file @
81eb87b7
...
...
@@ -15,7 +15,6 @@ type Notify func(error, time.Duration)
// Retry the operation o until it does not return error or BackOff stops.
// o is guaranteed to be run at least once.
// It is the caller's responsibility to reset b after Retry returns.
//
// If o returns a *PermanentError, the operation is not retried, and the
// wrapped error is returned.
...
...
vendor/github.com/cenkalti/backoff/ticker.go
View file @
81eb87b7
package
backoff
import
(
"runtime"
"sync"
"time"
)
...
...
@@ -34,7 +33,6 @@ func NewTicker(b BackOff) *Ticker {
}
t
.
b
.
Reset
()
go
t
.
run
()
runtime
.
SetFinalizer
(
t
,
(
*
Ticker
)
.
Stop
)
return
t
}
...
...
vendor/github.com/cenkalti/backoff/tries.go
View file @
81eb87b7
...
...
@@ -3,13 +3,13 @@ package backoff
import
"time"
/*
WithMax
T
ries creates a wrapper around another BackOff, which will
WithMax
Ret
ries creates a wrapper around another BackOff, which will
return Stop if NextBackOff() has been called too many times since
the last time Reset() was called
Note: Implementa