os.Error API: don't export os.ErrorString, use os.NewError consistently
This is a core API change. 1) gofix misc src 2) Manual adjustments to the following files under src/pkg: gob/decode.go rpc/client.go os/error.go io/io.go bufio/bufio.go http/request.go websocket/client.go as well as: src/cmd/gofix/testdata/*.go.in (reverted) test/fixedbugs/bug243.go 3) Implemented gofix patch (oserrorstring.go) and test case (oserrorstring_test.go) Compiles and runs all tests. R=r, rsc, gri CC=golang-dev https://golang.org/cl/4607052
This commit is contained in:
Robert Griesemer
parent
35e8279c86
commit
a5b2e93aa2
4
conn.go
4
conn.go
@ -790,10 +790,10 @@ func (c *Conn) VerifyHostname(host string) os.Error {
|
||||
c.handshakeMutex.Lock()
|
||||
defer c.handshakeMutex.Unlock()
|
||||
if !c.isClient {
|
||||
return os.ErrorString("VerifyHostname called on TLS server connection")
|
||||
return os.NewError("VerifyHostname called on TLS server connection")
|
||||
}
|
||||
if !c.handshakeComplete {
|
||||
return os.ErrorString("TLS handshake has not yet been performed")
|
||||
return os.NewError("TLS handshake has not yet been performed")
|
||||
}
|
||||
return c.peerCertificates[0].VerifyHostname(host)
|
||||
}
|
||||
|
||||
@ -40,7 +40,7 @@ func (c *Conn) clientHandshake() os.Error {
|
||||
_, err := io.ReadFull(c.config.rand(), hello.random[4:])
|
||||
if err != nil {
|
||||
c.sendAlert(alertInternalError)
|
||||
return os.ErrorString("short read from Rand")
|
||||
return os.NewError("short read from Rand")
|
||||
}
|
||||
|
||||
finishedHash.Write(hello.marshal())
|
||||
@ -69,7 +69,7 @@ func (c *Conn) clientHandshake() os.Error {
|
||||
|
||||
if !hello.nextProtoNeg && serverHello.nextProtoNeg {
|
||||
c.sendAlert(alertHandshakeFailure)
|
||||
return os.ErrorString("server advertised unrequested NPN")
|
||||
return os.NewError("server advertised unrequested NPN")
|
||||
}
|
||||
|
||||
suite, suiteId := mutualCipherSuite(c.config.cipherSuites(), serverHello.cipherSuite)
|
||||
@ -92,7 +92,7 @@ func (c *Conn) clientHandshake() os.Error {
|
||||
cert, err := x509.ParseCertificate(asn1Data)
|
||||
if err != nil {
|
||||
c.sendAlert(alertBadCertificate)
|
||||
return os.ErrorString("failed to parse certificate from server: " + err.String())
|
||||
return os.NewError("failed to parse certificate from server: " + err.String())
|
||||
}
|
||||
certs[i] = cert
|
||||
}
|
||||
|
||||
@ -173,7 +173,7 @@ FindCipherSuite:
|
||||
cert, err := x509.ParseCertificate(asn1Data)
|
||||
if err != nil {
|
||||
c.sendAlert(alertBadCertificate)
|
||||
return os.ErrorString("could not parse client's certificate: " + err.String())
|
||||
return os.NewError("could not parse client's certificate: " + err.String())
|
||||
}
|
||||
certs[i] = cert
|
||||
}
|
||||
@ -182,7 +182,7 @@ FindCipherSuite:
|
||||
for i := 1; i < len(certs); i++ {
|
||||
if err := certs[i-1].CheckSignatureFrom(certs[i]); err != nil {
|
||||
c.sendAlert(alertBadCertificate)
|
||||
return os.ErrorString("could not validate certificate signature: " + err.String())
|
||||
return os.NewError("could not validate certificate signature: " + err.String())
|
||||
}
|
||||
}
|
||||
|
||||
@ -229,7 +229,7 @@ FindCipherSuite:
|
||||
err = rsa.VerifyPKCS1v15(pub, crypto.MD5SHA1, digest, certVerify.signature)
|
||||
if err != nil {
|
||||
c.sendAlert(alertBadCertificate)
|
||||
return os.ErrorString("could not validate signature of connection nonces: " + err.String())
|
||||
return os.NewError("could not validate signature of connection nonces: " + err.String())
|
||||
}
|
||||
|
||||
finishedHash.Write(certVerify.marshal())
|
||||
|
||||
@ -32,11 +32,11 @@ func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKe
|
||||
}
|
||||
|
||||
if len(ckx.ciphertext) < 2 {
|
||||
return nil, os.ErrorString("bad ClientKeyExchange")
|
||||
return nil, os.NewError("bad ClientKeyExchange")
|
||||
}
|
||||
ciphertextLen := int(ckx.ciphertext[0])<<8 | int(ckx.ciphertext[1])
|
||||
if ciphertextLen != len(ckx.ciphertext)-2 {
|
||||
return nil, os.ErrorString("bad ClientKeyExchange")
|
||||
return nil, os.NewError("bad ClientKeyExchange")
|
||||
}
|
||||
ciphertext := ckx.ciphertext[2:]
|
||||
|
||||
@ -54,7 +54,7 @@ func (ka rsaKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKe
|
||||
}
|
||||
|
||||
func (ka rsaKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) os.Error {
|
||||
return os.ErrorString("unexpected ServerKeyExchange")
|
||||
return os.NewError("unexpected ServerKeyExchange")
|
||||
}
|
||||
|
||||
func (ka rsaKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, os.Error) {
|
||||
@ -146,7 +146,7 @@ Curve:
|
||||
md5sha1 := md5SHA1Hash(clientHello.random, hello.random, serverECDHParams)
|
||||
sig, err := rsa.SignPKCS1v15(config.rand(), config.Certificates[0].PrivateKey, crypto.MD5SHA1, md5sha1)
|
||||
if err != nil {
|
||||
return nil, os.ErrorString("failed to sign ECDHE parameters: " + err.String())
|
||||
return nil, os.NewError("failed to sign ECDHE parameters: " + err.String())
|
||||
}
|
||||
|
||||
skx := new(serverKeyExchangeMsg)
|
||||
@ -162,11 +162,11 @@ Curve:
|
||||
|
||||
func (ka *ecdheRSAKeyAgreement) processClientKeyExchange(config *Config, ckx *clientKeyExchangeMsg) ([]byte, os.Error) {
|
||||
if len(ckx.ciphertext) == 0 || int(ckx.ciphertext[0]) != len(ckx.ciphertext)-1 {
|
||||
return nil, os.ErrorString("bad ClientKeyExchange")
|
||||
return nil, os.NewError("bad ClientKeyExchange")
|
||||
}
|
||||
x, y := ka.curve.Unmarshal(ckx.ciphertext[1:])
|
||||
if x == nil {
|
||||
return nil, os.ErrorString("bad ClientKeyExchange")
|
||||
return nil, os.NewError("bad ClientKeyExchange")
|
||||
}
|
||||
x, _ = ka.curve.ScalarMult(x, y, ka.privateKey)
|
||||
preMasterSecret := make([]byte, (ka.curve.BitSize+7)>>3)
|
||||
@ -176,14 +176,14 @@ func (ka *ecdheRSAKeyAgreement) processClientKeyExchange(config *Config, ckx *cl
|
||||
return preMasterSecret, nil
|
||||
}
|
||||
|
||||
var errServerKeyExchange = os.ErrorString("invalid ServerKeyExchange")
|
||||
var errServerKeyExchange = os.NewError("invalid ServerKeyExchange")
|
||||
|
||||
func (ka *ecdheRSAKeyAgreement) processServerKeyExchange(config *Config, clientHello *clientHelloMsg, serverHello *serverHelloMsg, cert *x509.Certificate, skx *serverKeyExchangeMsg) os.Error {
|
||||
if len(skx.key) < 4 {
|
||||
return errServerKeyExchange
|
||||
}
|
||||
if skx.key[0] != 3 { // named curve
|
||||
return os.ErrorString("server selected unsupported curve")
|
||||
return os.NewError("server selected unsupported curve")
|
||||
}
|
||||
curveid := uint16(skx.key[1])<<8 | uint16(skx.key[2])
|
||||
|
||||
@ -195,7 +195,7 @@ func (ka *ecdheRSAKeyAgreement) processServerKeyExchange(config *Config, clientH
|
||||
case curveP521:
|
||||
ka.curve = elliptic.P521()
|
||||
default:
|
||||
return os.ErrorString("server selected unsupported curve")
|
||||
return os.NewError("server selected unsupported curve")
|
||||
}
|
||||
|
||||
publicLen := int(skx.key[3])
|
||||
@ -224,7 +224,7 @@ func (ka *ecdheRSAKeyAgreement) processServerKeyExchange(config *Config, clientH
|
||||
|
||||
func (ka *ecdheRSAKeyAgreement) generateClientKeyExchange(config *Config, clientHello *clientHelloMsg, cert *x509.Certificate) ([]byte, *clientKeyExchangeMsg, os.Error) {
|
||||
if ka.curve == nil {
|
||||
return nil, nil, os.ErrorString("missing ServerKeyExchange message")
|
||||
return nil, nil, os.NewError("missing ServerKeyExchange message")
|
||||
}
|
||||
priv, mx, my, err := ka.curve.GenerateKey(config.rand())
|
||||
if err != nil {
|
||||
|
||||
8
tls.go
8
tls.go
@ -147,19 +147,19 @@ func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (cert Certificate, err os.Err
|
||||
}
|
||||
|
||||
if len(cert.Certificate) == 0 {
|
||||
err = os.ErrorString("crypto/tls: failed to parse certificate PEM data")
|
||||
err = os.NewError("crypto/tls: failed to parse certificate PEM data")
|
||||
return
|
||||
}
|
||||
|
||||
keyDERBlock, _ := pem.Decode(keyPEMBlock)
|
||||
if keyDERBlock == nil {
|
||||
err = os.ErrorString("crypto/tls: failed to parse key PEM data")
|
||||
err = os.NewError("crypto/tls: failed to parse key PEM data")
|
||||
return
|
||||
}
|
||||
|
||||
key, err := x509.ParsePKCS1PrivateKey(keyDERBlock.Bytes)
|
||||
if err != nil {
|
||||
err = os.ErrorString("crypto/tls: failed to parse key: " + err.String())
|
||||
err = os.NewError("crypto/tls: failed to parse key: " + err.String())
|
||||
return
|
||||
}
|
||||
|
||||
@ -173,7 +173,7 @@ func X509KeyPair(certPEMBlock, keyPEMBlock []byte) (cert Certificate, err os.Err
|
||||
}
|
||||
|
||||
if x509Cert.PublicKeyAlgorithm != x509.RSA || x509Cert.PublicKey.(*rsa.PublicKey).N.Cmp(key.PublicKey.N) != 0 {
|
||||
err = os.ErrorString("crypto/tls: private key does not match public key")
|
||||
err = os.NewError("crypto/tls: private key does not match public key")
|
||||
return
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user