Update module lib/pq to v1.7.0 (#581)

Update module lib/pq to v1.7.0 Reviewed-on: https://kolaente.dev/vikunja/api/pulls/581
2020-06-08 21:17:38 +00:00
parent 32a5dff78d
commit bd11c9650e
160 changed files with 48 additions and 19372 deletions
--- a/vendor/github.com/lib/pq/README.md
+++ b/vendor/github.com/lib/pq/README.md
@ -19,7 +19,10 @@
 * Unix socket support
 * Notifications: `LISTEN`/`NOTIFY`
 * pgpass support
-* GSS (Kerberos) auth
+
+## Optional Features
+
+* GSS (Kerberos) auth (to use, see GoDoc)

 ## Tests

--- a/vendor/github.com/lib/pq/conn.go
+++ b/vendor/github.com/lib/pq/conn.go
@ -157,7 +157,7 @@ type conn struct {
 	notificationHandler func(*Notification)

 	// GSSAPI context
-	gss Gss
+	gss GSS
 }

 // Handle driver-side settings in parsed connection string.
@ -1158,7 +1158,10 @@ func (cn *conn) auth(r *readBuf, o values) {
 			errorf("unexpected authentication response: %q", t)
 		}
 	case 7: // GSSAPI, startup
-		cli, err := NewGSS()
+		if newGss == nil {
+			errorf("kerberos error: no GSSAPI provider registered (import github.com/lib/pq/auth/kerberos if you need Kerberos support)")
+		}
+		cli, err := newGss()
 		if err != nil {
 			errorf("kerberos error: %s", err.Error())
 		}
--- a/vendor/github.com/lib/pq/doc.go
+++ b/vendor/github.com/lib/pq/doc.go
@ -243,5 +243,21 @@ bytes by the PostgreSQL server.
 You can find a complete, working example of Listener usage at
 https://godoc.org/github.com/lib/pq/example/listen.

+
+Kerberos Support
+
+
+If you need support for Kerberos authentication, add the following to your main
+package:
+
+	import "github.com/lib/pq/auth/kerberos"
+
+	func init() {
+		pq.RegisterGSSProvider(func() (pq.Gss, error) { return kerberos.NewGSS() })
+	}
+
+This package is in a separate module so that users who don't need Kerberos
+don't have to download unnecessary dependencies.
+
 */
 package pq
--- a/vendor/github.com/lib/pq/go.mod
+++ b/vendor/github.com/lib/pq/go.mod
@ -1,14 +1,3 @@
 module github.com/lib/pq

 go 1.13
-
-require (
-	github.com/alexbrainman/sspi v0.0.0-20180613141037-e580b900e9f5 // indirect
-	github.com/jcmturner/gokrb5/v8 v8.2.0
-	golang.org/x/crypto v0.0.0-20200311171314-f7b00557c8c4 // indirect
-	gopkg.in/jcmturner/aescts.v1 v1.0.1 // indirect
-	gopkg.in/jcmturner/dnsutils.v1 v1.0.1 // indirect
-	gopkg.in/jcmturner/goidentity.v3 v3.0.0 // indirect
-	gopkg.in/jcmturner/gokrb5.v7 v7.5.0
-	gopkg.in/jcmturner/rpc.v1 v1.1.0 // indirect
-)
--- a/vendor/github.com/lib/pq/krb.go
+++ b/vendor/github.com/lib/pq/krb.go
@ -1,40 +1,27 @@
 package pq

-import (
-	"net"
-	"strings"
-)
+// NewGSSFunc creates a GSS authentication provider, for use with
+// RegisterGSSProvider.
+type NewGSSFunc func() (GSS, error)

-/*
- *  Basic GSSAPI interface to abstract Windows (SSPI) from Unix
- *  APIs within the driver
- */
+var newGss NewGSSFunc

-type Gss interface {
+// RegisterGSSProvider registers a GSS authentication provider. For example, if
+// you need to use Kerberos to authenticate with your server, add this to your
+// main package:
+//
+//	import "github.com/lib/pq/auth/kerberos"
+//
+//	func init() {
+//		pq.RegisterGSSProvider(func() (pq.GSS, error) { return kerberos.NewGSS() })
+//	}
+func RegisterGSSProvider(newGssArg NewGSSFunc) {
+	newGss = newGssArg
+}
+
+// GSS provides GSSAPI authentication (e.g., Kerberos).
+type GSS interface {
 	GetInitToken(host string, service string) ([]byte, error)
 	GetInitTokenFromSpn(spn string) ([]byte, error)
 	Continue(inToken []byte) (done bool, outToken []byte, err error)
 }
-
-/*
- *  Find the A record associated with a hostname
- *  In general, hostnames supplied to the driver should be
- *  canonicalized because the KDC usually only has one
- *  principal and not one per potential alias of a host.
- */
-func canonicalizeHostname(host string) (string, error) {
-	canon := host
-
-	name, err := net.LookupCNAME(host)
-	if err != nil {
-		return "", err
-	}
-
-	name = strings.TrimSuffix(name, ".")
-
-	if name != "" {
-		canon = name
-	}
-
-	return canon, nil
-}
--- a/vendor/github.com/lib/pq/krb_unix.go
+++ b/vendor/github.com/lib/pq/krb_unix.go
@ -1,123 +0,0 @@
-// +build !windows
-
-package pq
-
-import (
-	"fmt"
-	"os"
-	"os/user"
-	"strings"
-
-	"github.com/jcmturner/gokrb5/v8/client"
-	"github.com/jcmturner/gokrb5/v8/config"
-	"github.com/jcmturner/gokrb5/v8/credentials"
-	"github.com/jcmturner/gokrb5/v8/spnego"
-)
-
-/*
- * UNIX Kerberos support, using jcmturner's pure-go
- * implementation
- */
-
-// Implements the Gss interface
-type gss struct {
-	cli *client.Client
-}
-
-func NewGSS() (Gss, error) {
-	g := &gss{}
-	err := g.init()
-
-	if err != nil {
-		return nil, err
-	}
-
-	return g, nil
-}
-
-func (g *gss) init() error {
-	cfgPath, ok := os.LookupEnv("KRB5_CONFIG")
-	if !ok {
-		cfgPath = "/etc/krb5.conf"
-	}
-
-	cfg, err := config.Load(cfgPath)
-	if err != nil {
-		return err
-	}
-
-	u, err := user.Current()
-	if err != nil {
-		return err
-	}
-
-	ccpath := "/tmp/krb5cc_" + u.Uid
-
-	ccname := os.Getenv("KRB5CCNAME")
-	if strings.HasPrefix(ccname, "FILE:") {
-		ccpath = strings.SplitN(ccname, ":", 2)[1]
-	}
-
-	ccache, err := credentials.LoadCCache(ccpath)
-	if err != nil {
-		return err
-	}
-
-	cl, err := client.NewFromCCache(ccache, cfg, client.DisablePAFXFAST(true))
-	if err != nil {
-		return err
-	}
-
-	cl.Login()
-
-	g.cli = cl
-
-	return nil
-}
-
-func (g *gss) GetInitToken(host string, service string) ([]byte, error) {
-
-	// Resolve the hostname down to an 'A' record, if required (usually, it is)
-	if g.cli.Config.LibDefaults.DNSCanonicalizeHostname {
-		var err error
-		host, err = canonicalizeHostname(host)
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	spn := service + "/" + host
-
-	return g.GetInitTokenFromSpn(spn)
-}
-
-func (g *gss) GetInitTokenFromSpn(spn string) ([]byte, error) {
-	s := spnego.SPNEGOClient(g.cli, spn)
-
-	st, err := s.InitSecContext()
-	if err != nil {
-		return nil, fmt.Errorf("kerberos error (InitSecContext): %s", err.Error())
-	}
-
-	b, err := st.Marshal()
-	if err != nil {
-		return nil, fmt.Errorf("kerberos error (Marshaling token): %s", err.Error())
-	}
-
-	return b, nil
-}
-
-func (g *gss) Continue(inToken []byte) (done bool, outToken []byte, err error) {
-	t := &spnego.SPNEGOToken{}
-	err = t.Unmarshal(inToken)
-	if err != nil {
-		return true, nil, fmt.Errorf("kerberos error (Unmarshaling token): %s", err.Error())
-	}
-
-	state := t.NegTokenResp.State()
-	if state != spnego.NegStateAcceptCompleted {
-		return true, nil, fmt.Errorf("kerberos: expected state 'Completed' - got %d", state)
-	}
-
-	return true, nil, nil
-}
--- a/vendor/github.com/lib/pq/krb_windows.go
+++ b/vendor/github.com/lib/pq/krb_windows.go
@ -1,61 +0,0 @@
-// +build windows
-
-package pq
-
-import (
-	"github.com/alexbrainman/sspi"
-	"github.com/alexbrainman/sspi/negotiate"
-)
-
-type gss struct {
-	creds *sspi.Credentials
-	ctx   *negotiate.ClientContext
-}
-
-func NewGSS() (Gss, error) {
-	g := &gss{}
-	err := g.init()
-
-	if err != nil {
-		return nil, err
-	}
-
-	return g, nil
-}
-
-func (g *gss) init() error {
-	creds, err := negotiate.AcquireCurrentUserCredentials()
-	if err != nil {
-		return err
-	}
-
-	g.creds = creds
-	return nil
-}
-
-func (g *gss) GetInitToken(host string, service string) ([]byte, error) {
-
-	host, err := canonicalizeHostname(host)
-	if err != nil {
-		return nil, err
-	}
-
-	spn := service + "/" + host
-
-	return g.GetInitTokenFromSpn(spn)
-}
-
-func (g *gss) GetInitTokenFromSpn(spn string) ([]byte, error) {
-	ctx, token, err := negotiate.NewClientContext(g.creds, spn)
-	if err != nil {
-		return nil, err
-	}
-
-	g.ctx = ctx
-
-	return token, nil
-}
-
-func (g *gss) Continue(inToken []byte) (done bool, outToken []byte, err error) {
-	return g.ctx.Update(inToken)
-}