From e0576d8cd301d1253e5342b24b94eddc9c36c020 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 15 Aug 2025 12:12:51 +0000 Subject: [PATCH] build(deps): bump go.etcd.io/etcd/client/pkg/v3 from 3.5.13 to 3.6.4 Bumps [go.etcd.io/etcd/client/pkg/v3](https://github.com/etcd-io/etcd) from 3.5.13 to 3.6.4. - [Release notes](https://github.com/etcd-io/etcd/releases) - [Commits](https://github.com/etcd-io/etcd/compare/v3.5.13...v3.6.4) --- updated-dependencies: - dependency-name: go.etcd.io/etcd/client/pkg/v3 dependency-version: 3.6.4 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 4 +- go.sum | 8 +- .../etcd/client/pkg/v3/fileutil/dir_unix.go | 3 +- .../client/pkg/v3/fileutil/dir_windows.go | 3 +- .../etcd/client/pkg/v3/fileutil/fileutil.go | 27 +- .../etcd/client/pkg/v3/fileutil/lock.go | 4 +- .../etcd/client/pkg/v3/fileutil/lock_flock.go | 4 +- .../etcd/client/pkg/v3/fileutil/lock_linux.go | 8 +- .../client/pkg/v3/fileutil/lock_solaris.go | 1 - .../etcd/client/pkg/v3/fileutil/lock_unix.go | 1 - .../client/pkg/v3/fileutil/lock_windows.go | 47 +--- .../client/pkg/v3/fileutil/preallocate.go | 6 +- .../pkg/v3/fileutil/preallocate_darwin.go | 4 +- .../pkg/v3/fileutil/preallocate_unix.go | 10 +- .../v3/fileutil/preallocate_unsupported.go | 1 - .../etcd/client/pkg/v3/fileutil/purge.go | 38 +-- .../etcd/client/pkg/v3/fileutil/sync.go | 1 - .../client/pkg/v3/fileutil/sync_darwin.go | 1 - .../etcd/client/pkg/v3/fileutil/sync_linux.go | 1 - .../etcd/client/pkg/v3/logutil/log_format.go | 42 +++ .../etcd/client/pkg/v3/logutil/zap.go | 51 ++-- .../etcd/client/pkg/v3/logutil/zap_journal.go | 5 +- .../go.etcd.io/etcd/client/pkg/v3/srv/srv.go | 16 +- .../etcd/client/pkg/v3/tlsutil/tlsutil.go | 8 +- .../pkg/v3/transport/keepalive_listener.go | 12 +- .../client/pkg/v3/transport/limit_listen.go | 4 +- .../etcd/client/pkg/v3/transport/listener.go | 240 ++++++++++-------- .../client/pkg/v3/transport/listener_opts.go | 14 + .../client/pkg/v3/transport/listener_tls.go | 11 +- .../etcd/client/pkg/v3/transport/sockopt.go | 14 + .../pkg/v3/transport/sockopt_solaris.go | 5 +- .../client/pkg/v3/transport/sockopt_unix.go | 3 +- .../client/pkg/v3/transport/sockopt_wasm.go | 30 +++ .../pkg/v3/transport/sockopt_windows.go | 21 +- .../etcd/client/pkg/v3/transport/tls.go | 3 +- .../etcd/client/pkg/v3/transport/transport.go | 13 +- .../go.etcd.io/etcd/client/pkg/v3/types/id.go | 19 +- .../etcd/client/pkg/v3/types/set.go | 2 +- .../etcd/client/pkg/v3/verify/verify.go | 80 ++++++ vendor/go.uber.org/multierr/CHANGELOG.md | 7 + vendor/go.uber.org/multierr/error.go | 32 +-- .../go.uber.org/multierr/error_post_go120.go | 19 ++ .../go.uber.org/multierr/error_pre_go120.go | 20 ++ vendor/modules.txt | 7 +- 44 files changed, 555 insertions(+), 295 deletions(-) create mode 100644 vendor/go.etcd.io/etcd/client/pkg/v3/logutil/log_format.go create mode 100644 vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_wasm.go create mode 100644 vendor/go.etcd.io/etcd/client/pkg/v3/verify/verify.go diff --git a/go.mod b/go.mod index e7d4fb11a..0e131d5db 100644 --- a/go.mod +++ b/go.mod @@ -49,7 +49,7 @@ require ( github.com/vishvananda/netlink v1.1.1-0.20210330154013-f5de75959ad5 github.com/vishvananda/netns v0.0.5 github.com/vmware/govmomi v0.51.0 - go.etcd.io/etcd/client/pkg/v3 v3.5.13 + go.etcd.io/etcd/client/pkg/v3 v3.6.4 go.etcd.io/etcd/server/v3 v3.5.13 go.uber.org/zap v1.27.0 golang.org/x/crypto v0.40.0 @@ -141,7 +141,7 @@ require ( go.opentelemetry.io/otel/sdk v1.36.0 // indirect go.opentelemetry.io/otel/sdk/metric v1.36.0 // indirect go.opentelemetry.io/otel/trace v1.36.0 // indirect - go.uber.org/multierr v1.10.0 // indirect + go.uber.org/multierr v1.11.0 // indirect go4.org v0.0.0-20201209231011-d4a079459e60 // indirect golang.org/x/sync v0.16.0 // indirect golang.org/x/term v0.33.0 // indirect diff --git a/go.sum b/go.sum index 8b36e279d..6db0b55f0 100644 --- a/go.sum +++ b/go.sum @@ -495,8 +495,8 @@ go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI= go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE= go.etcd.io/etcd/api/v3 v3.5.13 h1:8WXU2/NBge6AUF1K1gOexB6e07NgsN1hXK0rSTtgSp4= go.etcd.io/etcd/api/v3 v3.5.13/go.mod h1:gBqlqkcMMZMVTMm4NDZloEVJzxQOQIls8splbqBDa0c= -go.etcd.io/etcd/client/pkg/v3 v3.5.13 h1:RVZSAnWWWiI5IrYAXjQorajncORbS0zI48LQlE2kQWg= -go.etcd.io/etcd/client/pkg/v3 v3.5.13/go.mod h1:XxHT4u1qU12E2+po+UVPrEeL94Um6zL58ppuJWXSAB8= +go.etcd.io/etcd/client/pkg/v3 v3.6.4 h1:9HBYrjppeOfFjBjaMTRxT3R7xT0GLK8EJMVC4xg6ok0= +go.etcd.io/etcd/client/pkg/v3 v3.6.4/go.mod h1:sbdzr2cl3HzVmxNw//PH7aLGVtY4QySjQFuaCgcRFAI= go.etcd.io/etcd/client/v2 v2.305.13 h1:RWfV1SX5jTU0lbCvpVQe3iPQeAHETWdOTb6pxhd77C8= go.etcd.io/etcd/client/v2 v2.305.13/go.mod h1:iQnL7fepbiomdXMb3om1rHq96htNNGv2sJkEcZGDRRg= go.etcd.io/etcd/client/v3 v3.5.13 h1:o0fHTNJLeO0MyVbc7I3fsCf6nrOqn5d+diSarKnB2js= @@ -535,8 +535,8 @@ go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE= go.uber.org/goleak v1.3.0 h1:2K3zAYmnTNqV73imy9J1T3WC+gmCePx2hEGkimedGto= go.uber.org/goleak v1.3.0/go.mod h1:CoHD4mav9JJNrW/WLlf7HGZPjdw8EucARQHekz1X6bE= go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0= -go.uber.org/multierr v1.10.0 h1:S0h4aNzvfcFsC3dRF1jLoaov7oRaKqRGC/pUEJ2yvPQ= -go.uber.org/multierr v1.10.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= +go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= +go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q= go.uber.org/zap v1.27.0 h1:aJMhYGrd5QSmlpLMr2MftRKl7t8J8PTZPA732ud/XR8= go.uber.org/zap v1.27.0/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_unix.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_unix.go index ca82f765c..42221f4b9 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_unix.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_unix.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build !windows -// +build !windows package fileutil @@ -21,7 +20,7 @@ import "os" const ( // PrivateDirMode grants owner to make/remove files inside the directory. - PrivateDirMode = 0700 + PrivateDirMode = 0o700 ) // OpenDir opens a directory for syncing. diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_windows.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_windows.go index 849c63c87..0cb2280cd 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_windows.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/dir_windows.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build windows -// +build windows package fileutil @@ -24,7 +23,7 @@ import ( const ( // PrivateDirMode grants owner to make/remove files inside the directory. - PrivateDirMode = 0777 + PrivateDirMode = 0o777 ) // OpenDir opens a directory in windows with write access for syncing. diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/fileutil.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/fileutil.go index d31ece3e2..36394a375 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/fileutil.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/fileutil.go @@ -17,16 +17,18 @@ package fileutil import ( "fmt" "io" - "io/ioutil" + "io/fs" "os" "path/filepath" "go.uber.org/zap" + + "go.etcd.io/etcd/client/pkg/v3/verify" ) const ( // PrivateFileMode grants owner to read/write a file. - PrivateFileMode = 0600 + PrivateFileMode = 0o600 ) // IsDirWriteable checks if dir is writable by writing and removing a file @@ -36,7 +38,7 @@ func IsDirWriteable(dir string) error { if err != nil { return err } - if err := ioutil.WriteFile(f, []byte(""), PrivateFileMode); err != nil { + if err := os.WriteFile(f, []byte(""), PrivateFileMode); err != nil { return err } return os.Remove(f) @@ -45,8 +47,9 @@ func IsDirWriteable(dir string) error { // TouchDirAll is similar to os.MkdirAll. It creates directories with 0700 permission if any directory // does not exists. TouchDirAll also ensures the given directory is writable. func TouchDirAll(lg *zap.Logger, dir string) error { + verify.Assert(lg != nil, "nil log isn't allowed") // If path is already a directory, MkdirAll does nothing and returns nil, so, - // first check if dir exist with an expected permission mode. + // first check if dir exists with an expected permission mode. if Exist(dir) { err := CheckDirPermission(dir, PrivateDirMode) if err != nil { @@ -122,7 +125,7 @@ func CheckDirPermission(dir string, perm os.FileMode) error { if !Exist(dir) { return fmt.Errorf("directory %q empty, cannot check permission", dir) } - //check the existing permission on the directory + // check the existing permission on the directory dirInfo, err := os.Stat(dir) if err != nil { return err @@ -157,7 +160,6 @@ func RemoveMatchFile(lg *zap.Logger, dir string, matchFunc func(fileName string) lg.Error("remove file failed", zap.String("file", file), zap.Error(err)) - continue } } } @@ -166,3 +168,16 @@ func RemoveMatchFile(lg *zap.Logger, dir string, matchFunc func(fileName string) } return nil } + +// ListFiles lists files if matchFunc is true on an existing dir +// Returns error if the dir does not exist +func ListFiles(dir string, matchFunc func(fileName string) bool) ([]string, error) { + var files []string + err := filepath.Walk(dir, func(path string, info fs.FileInfo, err error) error { + if matchFunc(path) { + files = append(files, path) + } + return nil + }) + return files, err +} diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock.go index 338627f43..dd2fa545d 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock.go @@ -19,8 +19,6 @@ import ( "os" ) -var ( - ErrLocked = errors.New("fileutil: file already locked") -) +var ErrLocked = errors.New("fileutil: file already locked") type LockedFile struct{ *os.File } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_flock.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_flock.go index dcdf226cd..178c987a4 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_flock.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_flock.go @@ -13,11 +13,11 @@ // limitations under the License. //go:build !windows && !plan9 && !solaris -// +build !windows,!plan9,!solaris package fileutil import ( + "errors" "os" "syscall" ) @@ -29,7 +29,7 @@ func flockTryLockFile(path string, flag int, perm os.FileMode) (*LockedFile, err } if err = syscall.Flock(int(f.Fd()), syscall.LOCK_EX|syscall.LOCK_NB); err != nil { f.Close() - if err == syscall.EWOULDBLOCK { + if errors.Is(err, syscall.EWOULDBLOCK) { err = ErrLocked } return nil, err diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_linux.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_linux.go index d8952cc48..609ac3978 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_linux.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_linux.go @@ -13,11 +13,11 @@ // limitations under the License. //go:build linux -// +build linux package fileutil import ( + "errors" "fmt" "io" "os" @@ -59,13 +59,13 @@ func TryLockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { func ofdTryLockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { f, err := os.OpenFile(path, flag, perm) if err != nil { - return nil, fmt.Errorf("ofdTryLockFile failed to open %q (%v)", path, err) + return nil, fmt.Errorf("ofdTryLockFile failed to open %q (%w)", path, err) } flock := wrlck if err = syscall.FcntlFlock(f.Fd(), unix.F_OFD_SETLK, &flock); err != nil { f.Close() - if err == syscall.EWOULDBLOCK { + if errors.Is(err, syscall.EWOULDBLOCK) { err = ErrLocked } return nil, err @@ -80,7 +80,7 @@ func LockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { func ofdLockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { f, err := os.OpenFile(path, flag, perm) if err != nil { - return nil, fmt.Errorf("ofdLockFile failed to open %q (%v)", path, err) + return nil, fmt.Errorf("ofdLockFile failed to open %q (%w)", path, err) } flock := wrlck diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_solaris.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_solaris.go index 683cc1db9..2e892fecc 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_solaris.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_solaris.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build solaris -// +build solaris package fileutil diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_unix.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_unix.go index d89027e1f..05db53674 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_unix.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_unix.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build !windows && !plan9 && !solaris && !linux -// +build !windows,!plan9,!solaris,!linux package fileutil diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_windows.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_windows.go index 5cbf2bc3d..51010bdf8 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_windows.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/lock_windows.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build windows -// +build windows package fileutil @@ -22,31 +21,18 @@ import ( "fmt" "os" "syscall" - "unsafe" -) - -var ( - modkernel32 = syscall.NewLazyDLL("kernel32.dll") - procLockFileEx = modkernel32.NewProc("LockFileEx") - errLocked = errors.New("the process cannot access the file because another process has locked a portion of the file") + "golang.org/x/sys/windows" ) -const ( - // https://msdn.microsoft.com/en-us/library/windows/desktop/aa365203(v=vs.85).aspx - LOCKFILE_EXCLUSIVE_LOCK = 2 - LOCKFILE_FAIL_IMMEDIATELY = 1 - - // see https://msdn.microsoft.com/en-us/library/windows/desktop/ms681382(v=vs.85).aspx - errLockViolation syscall.Errno = 0x21 -) +var errLocked = errors.New("the process cannot access the file because another process has locked a portion of the file") func TryLockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { f, err := open(path, flag, perm) if err != nil { return nil, err } - if err := lockFile(syscall.Handle(f.Fd()), LOCKFILE_FAIL_IMMEDIATELY); err != nil { + if err := lockFile(windows.Handle(f.Fd()), windows.LOCKFILE_FAIL_IMMEDIATELY); err != nil { f.Close() return nil, err } @@ -58,7 +44,7 @@ func LockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { if err != nil { return nil, err } - if err := lockFile(syscall.Handle(f.Fd()), 0); err != nil { + if err := lockFile(windows.Handle(f.Fd()), 0); err != nil { f.Close() return nil, err } @@ -67,7 +53,7 @@ func LockFile(path string, flag int, perm os.FileMode) (*LockedFile, error) { func open(path string, flag int, perm os.FileMode) (*os.File, error) { if path == "" { - return nil, fmt.Errorf("cannot open empty filename") + return nil, errors.New("cannot open empty filename") } var access uint32 switch flag { @@ -95,32 +81,17 @@ func open(path string, flag int, perm os.FileMode) (*os.File, error) { return os.NewFile(uintptr(fd), path), nil } -func lockFile(fd syscall.Handle, flags uint32) error { - var flag uint32 = LOCKFILE_EXCLUSIVE_LOCK - flag |= flags - if fd == syscall.InvalidHandle { +func lockFile(fd windows.Handle, flags uint32) error { + if fd == windows.InvalidHandle { return nil } - err := lockFileEx(fd, flag, 1, 0, &syscall.Overlapped{}) + err := windows.LockFileEx(fd, flags|windows.LOCKFILE_EXCLUSIVE_LOCK, 0, 1, 0, &windows.Overlapped{}) if err == nil { return nil } else if err.Error() == errLocked.Error() { return ErrLocked - } else if err != errLockViolation { + } else if err != windows.ERROR_LOCK_VIOLATION { return err } return nil } - -func lockFileEx(h syscall.Handle, flags, locklow, lockhigh uint32, ol *syscall.Overlapped) (err error) { - var reserved uint32 = 0 - r1, _, e1 := syscall.Syscall6(procLockFileEx.Addr(), 6, uintptr(h), uintptr(flags), uintptr(reserved), uintptr(locklow), uintptr(lockhigh), uintptr(unsafe.Pointer(ol))) - if r1 == 0 { - if e1 != 0 { - err = error(e1) - } else { - err = syscall.EINVAL - } - } - return err -} diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate.go index c747b7cf8..aadbff713 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate.go @@ -19,9 +19,9 @@ import ( "os" ) -// Preallocate tries to allocate the space for given -// file. This operation is only supported on linux by a -// few filesystems (btrfs, ext4, etc.). +// Preallocate tries to allocate the space for given file. This +// operation is only supported on darwin and linux by a few +// filesystems (APFS, btrfs, ext4, etc.). // If the operation is unsupported, no error will be returned. // Otherwise, the error encountered will be returned. func Preallocate(f *os.File, sizeInBytes int64, extendFile bool) error { diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_darwin.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_darwin.go index caab143dd..72430ec27 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_darwin.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_darwin.go @@ -13,11 +13,11 @@ // limitations under the License. //go:build darwin -// +build darwin package fileutil import ( + "errors" "os" "syscall" @@ -40,7 +40,7 @@ func preallocFixed(f *os.File, sizeInBytes int64) error { Length: sizeInBytes, } err := unix.FcntlFstore(f.Fd(), unix.F_PREALLOCATE, fstore) - if err == nil || err == unix.ENOTSUP { + if err == nil || errors.Is(err, unix.ENOTSUP) { return nil } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unix.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unix.go index ebb8207c3..b0a8166ae 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unix.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unix.go @@ -13,11 +13,11 @@ // limitations under the License. //go:build linux -// +build linux package fileutil import ( + "errors" "os" "syscall" ) @@ -26,10 +26,10 @@ func preallocExtend(f *os.File, sizeInBytes int64) error { // use mode = 0 to change size err := syscall.Fallocate(int(f.Fd()), 0, 0, sizeInBytes) if err != nil { - errno, ok := err.(syscall.Errno) + var errno syscall.Errno // not supported; fallback // fallocate EINTRs frequently in some environments; fallback - if ok && (errno == syscall.ENOTSUP || errno == syscall.EINTR) { + if errors.As(err, &errno) && (errno == syscall.ENOTSUP || errno == syscall.EINTR) { return preallocExtendTrunc(f, sizeInBytes) } } @@ -40,9 +40,9 @@ func preallocFixed(f *os.File, sizeInBytes int64) error { // use mode = 1 to keep size; see FALLOC_FL_KEEP_SIZE err := syscall.Fallocate(int(f.Fd()), 1, 0, sizeInBytes) if err != nil { - errno, ok := err.(syscall.Errno) + var errno syscall.Errno // treat not supported as nil error - if ok && errno == syscall.ENOTSUP { + if errors.As(err, &errno) && errno == syscall.ENOTSUP { return nil } } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unsupported.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unsupported.go index 2c46dd490..e7fd937a4 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unsupported.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/preallocate_unsupported.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build !linux && !darwin -// +build !linux,!darwin package fileutil diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/purge.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/purge.go index b314e068f..026ea0323 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/purge.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/purge.go @@ -17,7 +17,6 @@ package fileutil import ( "os" "path/filepath" - "sort" "strings" "time" @@ -58,21 +57,14 @@ func purgeFile(lg *zap.Logger, dirname string, suffix string, max uint, interval defer close(donec) } for { - fnames, err := ReadDir(dirname) + fnamesWithSuffix, err := readDirWithSuffix(dirname, suffix) if err != nil { errC <- err return } - newfnames := make([]string, 0) - for _, fname := range fnames { - if strings.HasSuffix(fname, suffix) { - newfnames = append(newfnames, fname) - } - } - sort.Strings(newfnames) - fnames = newfnames - for len(newfnames) > int(max) { - f := filepath.Join(dirname, newfnames[0]) + nPurged := 0 + for nPurged < len(fnamesWithSuffix)-int(max) { + f := filepath.Join(dirname, fnamesWithSuffix[nPurged]) var l *LockedFile if flock { l, err = TryLockFile(f, os.O_WRONLY, PrivateFileMode) @@ -94,11 +86,12 @@ func purgeFile(lg *zap.Logger, dirname string, suffix string, max uint, interval } } lg.Info("purged", zap.String("path", f)) - newfnames = newfnames[1:] + nPurged++ } + if purgec != nil { - for i := 0; i < len(fnames)-len(newfnames); i++ { - purgec <- fnames[i] + for i := 0; i < nPurged; i++ { + purgec <- fnamesWithSuffix[i] } } select { @@ -110,3 +103,18 @@ func purgeFile(lg *zap.Logger, dirname string, suffix string, max uint, interval }() return errC } + +func readDirWithSuffix(dirname string, suffix string) ([]string, error) { + fnames, err := ReadDir(dirname) + if err != nil { + return nil, err + } + // filter in place (ref. https://go.dev/wiki/SliceTricks#filtering-without-allocating) + fnamesWithSuffix := fnames[:0] + for _, fname := range fnames { + if strings.HasSuffix(fname, suffix) { + fnamesWithSuffix = append(fnamesWithSuffix, fname) + } + } + return fnamesWithSuffix, nil +} diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync.go index 0a0855309..670d01fad 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build !linux && !darwin -// +build !linux,!darwin package fileutil diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_darwin.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_darwin.go index 1923b276e..7affa78ea 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_darwin.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_darwin.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build darwin -// +build darwin package fileutil diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_linux.go b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_linux.go index b9398c23f..a3172382e 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_linux.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/fileutil/sync_linux.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build linux -// +build linux package fileutil diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/log_format.go b/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/log_format.go new file mode 100644 index 000000000..286d385ba --- /dev/null +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/log_format.go @@ -0,0 +1,42 @@ +// Copyright 2019 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package logutil + +import "fmt" + +const ( + JSONLogFormat = "json" + ConsoleLogFormat = "console" + //revive:disable:var-naming + // Deprecated: Please use JSONLogFormat. + JsonLogFormat = JSONLogFormat + //revive:enable:var-naming +) + +var DefaultLogFormat = JSONLogFormat + +// ConvertToZapFormat converts and validated log format string. +func ConvertToZapFormat(format string) (string, error) { + switch format { + case ConsoleLogFormat: + return ConsoleLogFormat, nil + case JSONLogFormat: + return JSONLogFormat, nil + case "": + return DefaultLogFormat, nil + default: + return "", fmt.Errorf("unknown log format: %s, supported values json, console", format) + } +} diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap.go b/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap.go index 34f35b9f2..befa57584 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap.go @@ -15,7 +15,7 @@ package logutil import ( - "sort" + "slices" "time" "go.uber.org/zap" @@ -43,7 +43,7 @@ var DefaultZapLoggerConfig = zap.Config{ Thereafter: 100, }, - Encoding: "json", + Encoding: DefaultLogFormat, // copied from "zap.NewProductionEncoderConfig" with some updates EncoderConfig: zapcore.EncoderConfig{ @@ -58,7 +58,7 @@ var DefaultZapLoggerConfig = zap.Config{ // Custom EncodeTime function to ensure we match format and precision of historic capnslog timestamps EncodeTime: func(t time.Time, enc zapcore.PrimitiveArrayEncoder) { - enc.AppendString(t.Format("2006-01-02T15:04:05.999999Z0700")) + enc.AppendString(t.Format("2006-01-02T15:04:05.000000Z0700")) }, EncodeDuration: zapcore.StringDurationEncoder, @@ -72,37 +72,22 @@ var DefaultZapLoggerConfig = zap.Config{ // MergeOutputPaths merges logging output paths, resolving conflicts. func MergeOutputPaths(cfg zap.Config) zap.Config { - outputs := make(map[string]struct{}) - for _, v := range cfg.OutputPaths { - outputs[v] = struct{}{} - } - outputSlice := make([]string, 0) - if _, ok := outputs["/dev/null"]; ok { - // "/dev/null" to discard all - outputSlice = []string{"/dev/null"} - } else { - for k := range outputs { - outputSlice = append(outputSlice, k) - } - } - cfg.OutputPaths = outputSlice - sort.Strings(cfg.OutputPaths) + cfg.OutputPaths = mergePaths(cfg.OutputPaths) + cfg.ErrorOutputPaths = mergePaths(cfg.ErrorOutputPaths) + return cfg +} - errOutputs := make(map[string]struct{}) - for _, v := range cfg.ErrorOutputPaths { - errOutputs[v] = struct{}{} +func mergePaths(old []string) []string { + if len(old) == 0 { + // the original implementation ensures the result is non-nil + return []string{} } - errOutputSlice := make([]string, 0) - if _, ok := errOutputs["/dev/null"]; ok { - // "/dev/null" to discard all - errOutputSlice = []string{"/dev/null"} - } else { - for k := range errOutputs { - errOutputSlice = append(errOutputSlice, k) - } + // use "/dev/null" to discard all + if slices.Contains(old, "/dev/null") { + return []string{"/dev/null"} } - cfg.ErrorOutputPaths = errOutputSlice - sort.Strings(cfg.ErrorOutputPaths) - - return cfg + // clone a new one; don't modify the original, in case it matters. + dup := slices.Clone(old) + slices.Sort(dup) + return slices.Compact(dup) } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap_journal.go b/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap_journal.go index 9daa3e0aa..06dc40dac 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap_journal.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/logutil/zap_journal.go @@ -13,7 +13,6 @@ // limitations under the License. //go:build !windows -// +build !windows package logutil @@ -25,10 +24,10 @@ import ( "os" "path/filepath" - "go.etcd.io/etcd/client/pkg/v3/systemd" - "github.com/coreos/go-systemd/v22/journal" "go.uber.org/zap/zapcore" + + "go.etcd.io/etcd/client/pkg/v3/systemd" ) // NewJournalWriter wraps "io.Writer" to redirect log output diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/srv/srv.go b/vendor/go.etcd.io/etcd/client/pkg/v3/srv/srv.go index 948c68349..e0a1ccef3 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/srv/srv.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/srv/srv.go @@ -33,7 +33,6 @@ var ( // GetCluster gets the cluster information via DNS discovery. // Also sees each entry as a separate instance. func GetCluster(serviceScheme, service, name, dns string, apurls types.URLs) ([]string, error) { - tempName := int(0) tcp2ap := make(map[string]url.URL) // First, resolve the apurls @@ -45,7 +44,10 @@ func GetCluster(serviceScheme, service, name, dns string, apurls types.URLs) ([] tcp2ap[tcpAddr.String()] = url } - stringParts := []string{} + var ( + tempName int + stringParts []string + ) updateNodeMap := func(service, scheme string) error { _, addrs, err := lookupSRV(service, "tcp", dns) if err != nil { @@ -85,7 +87,7 @@ func GetCluster(serviceScheme, service, name, dns string, apurls types.URLs) ([] err := updateNodeMap(service, serviceScheme) if err != nil { - return nil, fmt.Errorf("error querying DNS SRV records for _%s %s", service, err) + return nil, fmt.Errorf("error querying DNS SRV records for _%s %w", service, err) } return stringParts, nil } @@ -97,8 +99,10 @@ type SRVClients struct { // GetClient looks up the client endpoints for a service and domain. func GetClient(service, domain string, serviceName string) (*SRVClients, error) { - var urls []*url.URL - var srvs []*net.SRV + var ( + urls []*url.URL + srvs []*net.SRV + ) updateURLs := func(service, scheme string) error { _, addrs, err := lookupSRV(service, "tcp", domain) @@ -119,7 +123,7 @@ func GetClient(service, domain string, serviceName string) (*SRVClients, error) errHTTP := updateURLs(GetSRVService(service, serviceName, "http"), "http") if errHTTPS != nil && errHTTP != nil { - return nil, fmt.Errorf("dns lookup errors: %s and %s", errHTTPS, errHTTP) + return nil, fmt.Errorf("dns lookup errors: %w and %w", errHTTPS, errHTTP) } endpoints := make([]string, len(urls)) diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/tlsutil/tlsutil.go b/vendor/go.etcd.io/etcd/client/pkg/v3/tlsutil/tlsutil.go index 3a5aef089..0f79865e8 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/tlsutil/tlsutil.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/tlsutil/tlsutil.go @@ -18,7 +18,7 @@ import ( "crypto/tls" "crypto/x509" "encoding/pem" - "io/ioutil" + "os" ) // NewCertPool creates x509 certPool with provided CA files. @@ -26,7 +26,7 @@ func NewCertPool(CAFiles []string) (*x509.CertPool, error) { certPool := x509.NewCertPool() for _, CAFile := range CAFiles { - pemByte, err := ioutil.ReadFile(CAFile) + pemByte, err := os.ReadFile(CAFile) if err != nil { return nil, err } @@ -51,12 +51,12 @@ func NewCertPool(CAFiles []string) (*x509.CertPool, error) { // NewCert generates TLS cert by using the given cert,key and parse function. func NewCert(certfile, keyfile string, parseFunc func([]byte, []byte) (tls.Certificate, error)) (*tls.Certificate, error) { - cert, err := ioutil.ReadFile(certfile) + cert, err := os.ReadFile(certfile) if err != nil { return nil, err } - key, err := ioutil.ReadFile(keyfile) + key, err := os.ReadFile(keyfile) if err != nil { return nil, err } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/keepalive_listener.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/keepalive_listener.go index d00a93dc1..d43ac4f07 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/keepalive_listener.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/keepalive_listener.go @@ -16,6 +16,7 @@ package transport import ( "crypto/tls" + "errors" "fmt" "net" "time" @@ -38,7 +39,7 @@ func NewKeepAliveListener(l net.Listener, scheme string, tlscfg *tls.Config) (ne if scheme == "https" { if tlscfg == nil { - return nil, fmt.Errorf("cannot listen on TLS for given listener: KeyFile and CertFile are not presented") + return nil, errors.New("cannot listen on TLS for given listener: KeyFile and CertFile are not presented") } return newTLSKeepaliveListener(kal, tlscfg), nil } @@ -95,16 +96,17 @@ type tlsKeepaliveListener struct { // Accept waits for and returns the next incoming TLS connection. // The returned connection c is a *tls.Conn. -func (l *tlsKeepaliveListener) Accept() (c net.Conn, err error) { - c, err = l.Listener.Accept() +func (l *tlsKeepaliveListener) Accept() (net.Conn, error) { + c, err := l.Listener.Accept() if err != nil { - return + return nil, err } + c = tls.Server(c, l.config) return c, nil } -// NewListener creates a Listener which accepts connections from an inner +// newTLSKeepaliveListener creates a Listener which accepts connections from an inner // Listener and wraps each connection with Server. // The configuration config must be non-nil and must have // at least one certificate. diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/limit_listen.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/limit_listen.go index 404722ba7..bf4c4e104 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/limit_listen.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/limit_listen.go @@ -23,9 +23,7 @@ import ( "time" ) -var ( - ErrNotTCP = errors.New("only tcp connections have keepalive") -) +var ErrNotTCP = errors.New("only tcp connections have keepalive") // LimitListener returns a Listener that accepts at most n simultaneous // connections from the provided Listener. diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener.go index 150545d08..9c2d29ba9 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener.go @@ -32,10 +32,11 @@ import ( "strings" "time" + "go.uber.org/zap" + "go.etcd.io/etcd/client/pkg/v3/fileutil" "go.etcd.io/etcd/client/pkg/v3/tlsutil" - - "go.uber.org/zap" + "go.etcd.io/etcd/client/pkg/v3/verify" ) // NewListener creates a new listner. @@ -43,7 +44,7 @@ func NewListener(addr, scheme string, tlsinfo *TLSInfo) (l net.Listener, err err return newListener(addr, scheme, WithTLSInfo(tlsinfo)) } -// NewListenerWithOpts creates a new listener which accpets listener options. +// NewListenerWithOpts creates a new listener which accepts listener options. func NewListenerWithOpts(addr, scheme string, opts ...ListenerOption) (net.Listener, error) { return newListener(addr, scheme, opts...) } @@ -59,11 +60,7 @@ func newListener(addr, scheme string, opts ...ListenerOption) (net.Listener, err switch { case lnOpts.IsSocketOpts(): // new ListenConfig with socket options. - config, err := newListenConfig(lnOpts.socketOpts) - if err != nil { - return nil, err - } - lnOpts.ListenConfig = config + lnOpts.ListenConfig = newListenConfig(lnOpts.socketOpts) // check for timeout fallthrough case lnOpts.IsTimeout(), lnOpts.IsSocketOpts(): @@ -102,14 +99,17 @@ func newListener(addr, scheme string, opts ...ListenerOption) (net.Listener, err return wrapTLS(scheme, lnOpts.tlsInfo, lnOpts.Listener) } -func newKeepAliveListener(cfg *net.ListenConfig, addr string) (ln net.Listener, err error) { +func newKeepAliveListener(cfg *net.ListenConfig, addr string) (net.Listener, error) { + var ln net.Listener + var err error + if cfg != nil { ln, err = cfg.Listen(context.TODO(), "tcp", addr) } else { ln, err = net.Listen("tcp", addr) } if err != nil { - return + return nil, err } return NewKeepAliveListener(ln, "tcp", nil) @@ -125,7 +125,7 @@ func wrapTLS(scheme string, tlsinfo *TLSInfo, l net.Listener) (net.Listener, err return newTLSListener(l, tlsinfo, checkSAN) } -func newListenConfig(sopts *SocketOpts) (net.ListenConfig, error) { +func newListenConfig(sopts *SocketOpts) net.ListenConfig { lc := net.ListenConfig{} if sopts != nil { ctls := getControls(sopts) @@ -133,7 +133,7 @@ func newListenConfig(sopts *SocketOpts) (net.ListenConfig, error) { lc.Control = ctls.Control } } - return lc, nil + return lc } type TLSInfo struct { @@ -180,12 +180,23 @@ type TLSInfo struct { parseFunc func([]byte, []byte) (tls.Certificate, error) // AllowedCN is a CN which must be provided by a client. + // + // Deprecated: use AllowedCNs instead. AllowedCN string // AllowedHostname is an IP address or hostname that must match the TLS // certificate provided by a client. + // + // Deprecated: use AllowedHostnames instead. AllowedHostname string + // AllowedCNs is a list of acceptable CNs which must be provided by a client. + AllowedCNs []string + + // AllowedHostnames is a list of acceptable IP addresses or hostnames that must match the + // TLS certificate provided by a client. + AllowedHostnames []string + // Logger logs TLS errors. // If nil, all logs are discarded. Logger *zap.Logger @@ -193,6 +204,9 @@ type TLSInfo struct { // EmptyCN indicates that the cert must have empty CN. // If true, ClientConfig() will return an error for a cert with non empty CN. EmptyCN bool + + // LocalAddr is the local IP address to use when communicating with a peer. + LocalAddr string } func (info TLSInfo) String() string { @@ -203,34 +217,35 @@ func (info TLSInfo) Empty() bool { return info.CertFile == "" && info.KeyFile == "" } -func SelfCert(lg *zap.Logger, dirpath string, hosts []string, selfSignedCertValidity uint, additionalUsages ...x509.ExtKeyUsage) (info TLSInfo, err error) { - info.Logger = lg +func SelfCert(lg *zap.Logger, dirpath string, hosts []string, selfSignedCertValidity uint, additionalUsages ...x509.ExtKeyUsage) (TLSInfo, error) { + verify.Assert(lg != nil, "nil log isn't allowed") + + var err error + info := TLSInfo{Logger: lg} if selfSignedCertValidity == 0 { - err = fmt.Errorf("selfSignedCertValidity is invalid,it should be greater than 0") + err = errors.New("selfSignedCertValidity is invalid,it should be greater than 0") info.Logger.Warn( "cannot generate cert", zap.Error(err), ) - return + return info, err } err = fileutil.TouchDirAll(lg, dirpath) if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "cannot create cert directory", - zap.Error(err), - ) - } - return + info.Logger.Warn( + "cannot create cert directory", + zap.Error(err), + ) + return info, err } certPath, err := filepath.Abs(filepath.Join(dirpath, "cert.pem")) if err != nil { - return + return info, err } keyPath, err := filepath.Abs(filepath.Join(dirpath, "key.pem")) if err != nil { - return + return info, err } _, errcert := os.Stat(certPath) _, errkey := os.Stat(keyPath) @@ -240,19 +255,17 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string, selfSignedCertVali info.ClientCertFile = certPath info.ClientKeyFile = keyPath info.selfCert = true - return + return info, err } serialNumberLimit := new(big.Int).Lsh(big.NewInt(1), 128) serialNumber, err := rand.Int(rand.Reader, serialNumberLimit) if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "cannot generate random number", - zap.Error(err), - ) - } - return + info.Logger.Warn( + "cannot generate random number", + zap.Error(err), + ) + return info, err } tmpl := x509.Certificate{ @@ -261,17 +274,16 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string, selfSignedCertVali NotBefore: time.Now(), NotAfter: time.Now().Add(time.Duration(selfSignedCertValidity) * 365 * (24 * time.Hour)), - KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature, + KeyUsage: x509.KeyUsageKeyEncipherment | x509.KeyUsageDigitalSignature | x509.KeyUsageCRLSign, ExtKeyUsage: append([]x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}, additionalUsages...), BasicConstraintsValid: true, + IsCA: true, } - if info.Logger != nil { - info.Logger.Warn( - "automatically generate certificates", - zap.Time("certificate-validity-bound-not-after", tmpl.NotAfter), - ) - } + info.Logger.Warn( + "automatically generate certificates", + zap.Time("certificate-validity-bound-not-after", tmpl.NotAfter), + ) for _, host := range hosts { h, _, _ := net.SplitHostPort(host) @@ -284,24 +296,20 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string, selfSignedCertVali priv, err := ecdsa.GenerateKey(elliptic.P521(), rand.Reader) if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "cannot generate ECDSA key", - zap.Error(err), - ) - } - return + info.Logger.Warn( + "cannot generate ECDSA key", + zap.Error(err), + ) + return info, err } derBytes, err := x509.CreateCertificate(rand.Reader, &tmpl, &tmpl, &priv.PublicKey, priv) if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "cannot generate x509 certificate", - zap.Error(err), - ) - } - return + info.Logger.Warn( + "cannot generate x509 certificate", + zap.Error(err), + ) + return info, err } certOut, err := os.Create(certPath) @@ -311,34 +319,29 @@ func SelfCert(lg *zap.Logger, dirpath string, hosts []string, selfSignedCertVali zap.String("path", certPath), zap.Error(err), ) - return + return info, err } pem.Encode(certOut, &pem.Block{Type: "CERTIFICATE", Bytes: derBytes}) certOut.Close() - if info.Logger != nil { - info.Logger.Info("created cert file", zap.String("path", certPath)) - } + + info.Logger.Info("created cert file", zap.String("path", certPath)) b, err := x509.MarshalECPrivateKey(priv) if err != nil { - return + return info, err } - keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0600) + keyOut, err := os.OpenFile(keyPath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, 0o600) if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "cannot key file", - zap.String("path", keyPath), - zap.Error(err), - ) - } - return + info.Logger.Warn( + "cannot key file", + zap.String("path", keyPath), + zap.Error(err), + ) + return info, err } pem.Encode(keyOut, &pem.Block{Type: "EC PRIVATE KEY", Bytes: b}) keyOut.Close() - if info.Logger != nil { - info.Logger.Info("created key file", zap.String("path", keyPath)) - } + info.Logger.Info("created key file", zap.String("path", keyPath)) return SelfCert(lg, dirpath, hosts, selfSignedCertValidity) } @@ -407,19 +410,52 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) { // Client certificates may be verified by either an exact match on the CN, // or a more general check of the CN and SANs. var verifyCertificate func(*x509.Certificate) bool + + if info.AllowedCN != "" && len(info.AllowedCNs) > 0 { + return nil, fmt.Errorf("AllowedCN and AllowedCNs are mutually exclusive (cn=%q, cns=%q)", info.AllowedCN, info.AllowedCNs) + } + if info.AllowedHostname != "" && len(info.AllowedHostnames) > 0 { + return nil, fmt.Errorf("AllowedHostname and AllowedHostnames are mutually exclusive (hostname=%q, hostnames=%q)", info.AllowedHostname, info.AllowedHostnames) + } + if info.AllowedCN != "" && info.AllowedHostname != "" { + return nil, fmt.Errorf("AllowedCN and AllowedHostname are mutually exclusive (cn=%q, hostname=%q)", info.AllowedCN, info.AllowedHostname) + } + if len(info.AllowedCNs) > 0 && len(info.AllowedHostnames) > 0 { + return nil, fmt.Errorf("AllowedCNs and AllowedHostnames are mutually exclusive (cns=%q, hostnames=%q)", info.AllowedCNs, info.AllowedHostnames) + } + if info.AllowedCN != "" { - if info.AllowedHostname != "" { - return nil, fmt.Errorf("AllowedCN and AllowedHostname are mutually exclusive (cn=%q, hostname=%q)", info.AllowedCN, info.AllowedHostname) - } + info.Logger.Warn("AllowedCN is deprecated, use AllowedCNs instead") verifyCertificate = func(cert *x509.Certificate) bool { return info.AllowedCN == cert.Subject.CommonName } } if info.AllowedHostname != "" { + info.Logger.Warn("AllowedHostname is deprecated, use AllowedHostnames instead") verifyCertificate = func(cert *x509.Certificate) bool { return cert.VerifyHostname(info.AllowedHostname) == nil } } + if len(info.AllowedCNs) > 0 { + verifyCertificate = func(cert *x509.Certificate) bool { + for _, allowedCN := range info.AllowedCNs { + if allowedCN == cert.Subject.CommonName { + return true + } + } + return false + } + } + if len(info.AllowedHostnames) > 0 { + verifyCertificate = func(cert *x509.Certificate) bool { + for _, allowedHostname := range info.AllowedHostnames { + if cert.VerifyHostname(allowedHostname) == nil { + return true + } + } + return false + } + } if verifyCertificate != nil { cfg.VerifyPeerCertificate = func(rawCerts [][]byte, verifiedChains [][]*x509.Certificate) error { for _, chains := range verifiedChains { @@ -438,23 +474,19 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) { cfg.GetCertificate = func(clientHello *tls.ClientHelloInfo) (cert *tls.Certificate, err error) { cert, err = tlsutil.NewCert(info.CertFile, info.KeyFile, info.parseFunc) if os.IsNotExist(err) { - if info.Logger != nil { - info.Logger.Warn( - "failed to find peer cert files", - zap.String("cert-file", info.CertFile), - zap.String("key-file", info.KeyFile), - zap.Error(err), - ) - } + info.Logger.Warn( + "failed to find peer cert files", + zap.String("cert-file", info.CertFile), + zap.String("key-file", info.KeyFile), + zap.Error(err), + ) } else if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "failed to create peer certificate", - zap.String("cert-file", info.CertFile), - zap.String("key-file", info.KeyFile), - zap.Error(err), - ) - } + info.Logger.Warn( + "failed to create peer certificate", + zap.String("cert-file", info.CertFile), + zap.String("key-file", info.KeyFile), + zap.Error(err), + ) } return cert, err } @@ -465,23 +497,19 @@ func (info TLSInfo) baseConfig() (*tls.Config, error) { } cert, err = tlsutil.NewCert(certfile, keyfile, info.parseFunc) if os.IsNotExist(err) { - if info.Logger != nil { - info.Logger.Warn( - "failed to find client cert files", - zap.String("cert-file", certfile), - zap.String("key-file", keyfile), - zap.Error(err), - ) - } + info.Logger.Warn( + "failed to find client cert files", + zap.String("cert-file", certfile), + zap.String("key-file", keyfile), + zap.Error(err), + ) } else if err != nil { - if info.Logger != nil { - info.Logger.Warn( - "failed to create client certificate", - zap.String("cert-file", certfile), - zap.String("key-file", keyfile), - zap.Error(err), - ) - } + info.Logger.Warn( + "failed to create client certificate", + zap.String("cert-file", certfile), + zap.String("key-file", keyfile), + zap.Error(err), + ) } return cert, err } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_opts.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_opts.go index ad4f6904d..7536f6aff 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_opts.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_opts.go @@ -1,3 +1,17 @@ +// Copyright 2021 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package transport import ( diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_tls.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_tls.go index 6f1600945..2c9484162 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_tls.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/listener_tls.go @@ -19,8 +19,8 @@ import ( "crypto/tls" "crypto/x509" "fmt" - "io/ioutil" "net" + "os" "strings" "sync" ) @@ -168,16 +168,16 @@ func (l *tlsListener) acceptLoop() { func checkCRL(crlPath string, cert []*x509.Certificate) error { // TODO: cache - crlBytes, err := ioutil.ReadFile(crlPath) + crlBytes, err := os.ReadFile(crlPath) if err != nil { return err } - certList, err := x509.ParseCRL(crlBytes) + certList, err := x509.ParseRevocationList(crlBytes) if err != nil { return err } revokedSerials := make(map[string]struct{}) - for _, rc := range certList.TBSCertList.RevokedCertificates { + for _, rc := range certList.RevokedCertificateEntries { revokedSerials[string(rc.SerialNumber.Bytes())] = struct{}{} } for _, c := range cert { @@ -222,7 +222,8 @@ func checkCertSAN(ctx context.Context, cert *x509.Certificate, remoteAddr string func isHostInDNS(ctx context.Context, host string, dnsNames []string) (ok bool, err error) { // reverse lookup - wildcards, names := []string{}, []string{} + var names []string + var wildcards []string for _, dns := range dnsNames { if strings.HasPrefix(dns, "*.") { wildcards = append(wildcards, dns[1:]) diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt.go index fe028c613..49b48dc87 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt.go @@ -1,3 +1,17 @@ +// Copyright 2021 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + package transport import ( diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_solaris.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_solaris.go index 495c73636..149ad5102 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_solaris.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_solaris.go @@ -13,19 +13,18 @@ // limitations under the License. //go:build solaris -// +build solaris package transport import ( - "fmt" + "errors" "syscall" "golang.org/x/sys/unix" ) func setReusePort(network, address string, c syscall.RawConn) error { - return fmt.Errorf("port reuse is not supported on Solaris") + return errors.New("port reuse is not supported on Solaris") } func setReuseAddress(network, address string, conn syscall.RawConn) error { diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_unix.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_unix.go index e2cc6f482..385eadb00 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_unix.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_unix.go @@ -12,8 +12,7 @@ // See the License for the specific language governing permissions and // limitations under the License. -//go:build !windows && !solaris -// +build !windows,!solaris +//go:build !windows && !solaris && !wasm && !js package transport diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_wasm.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_wasm.go new file mode 100644 index 000000000..c6590b1d4 --- /dev/null +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_wasm.go @@ -0,0 +1,30 @@ +// Copyright 2023 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +//go:build wasm || js + +package transport + +import ( + "errors" + "syscall" +) + +func setReusePort(network, address string, c syscall.RawConn) error { + return errors.New("port reuse is not supported on WASM") +} + +func setReuseAddress(network, addr string, conn syscall.RawConn) error { + return errors.New("address reuse is not supported on WASM") +} diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_windows.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_windows.go index 4e5af70b1..2670b4dc7 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_windows.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/sockopt_windows.go @@ -1,19 +1,32 @@ +// Copyright 2021 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + //go:build windows -// +build windows package transport import ( - "fmt" + "errors" "syscall" ) func setReusePort(network, address string, c syscall.RawConn) error { - return fmt.Errorf("port reuse is not supported on Windows") + return errors.New("port reuse is not supported on Windows") } // Windows supports SO_REUSEADDR, but it may cause undefined behavior, as // there is no protection against port hijacking. func setReuseAddress(network, addr string, conn syscall.RawConn) error { - return fmt.Errorf("address reuse is not supported on Windows") + return errors.New("address reuse is not supported on Windows") } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/tls.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/tls.go index 8c3a35b14..d5375863f 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/tls.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/tls.go @@ -16,6 +16,7 @@ package transport import ( "context" + "errors" "fmt" "strings" "time" @@ -46,7 +47,7 @@ func ValidateSecureEndpoints(tlsInfo TLSInfo, eps []string) ([]string, error) { endpoints = append(endpoints, ep) } if len(errs) != 0 { - err = fmt.Errorf("%s", strings.Join(errs, ",")) + err = errors.New(strings.Join(errs, ",")) } return endpoints, err } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/transport.go b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/transport.go index 648512772..67170d743 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/transport/transport.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/transport/transport.go @@ -30,10 +30,19 @@ func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, er return nil, err } + var ipAddr net.Addr + if info.LocalAddr != "" { + ipAddr, err = net.ResolveTCPAddr("tcp", info.LocalAddr+":0") + if err != nil { + return nil, err + } + } + t := &http.Transport{ Proxy: http.ProxyFromEnvironment, DialContext: (&net.Dialer{ - Timeout: dialtimeoutd, + Timeout: dialtimeoutd, + LocalAddr: ipAddr, // value taken from http.DefaultTransport KeepAlive: 30 * time.Second, }).DialContext, @@ -57,7 +66,7 @@ func NewTransport(info TLSInfo, dialtimeoutd time.Duration) (*http.Transport, er TLSClientConfig: cfg, // Cost of reopening connection on sockets is low, and they are mostly used in testing. // Long living unix-transport connections were leading to 'leak' test flakes. - // Alternativly the returned Transport (t) should override CloseIdleConnections to + // Alternatively the returned Transport (t) should override CloseIdleConnections to // forward it to 'tu' as well. IdleConnTimeout: time.Microsecond, } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/types/id.go b/vendor/go.etcd.io/etcd/client/pkg/v3/types/id.go index ae00388dd..7a09647b5 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/types/id.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/types/id.go @@ -14,7 +14,10 @@ package types -import "strconv" +import ( + "strconv" + "strings" +) // ID represents a generic identifier which is canonically // stored as a uint64 but is typically represented as a @@ -37,3 +40,17 @@ type IDSlice []ID func (p IDSlice) Len() int { return len(p) } func (p IDSlice) Less(i, j int) bool { return uint64(p[i]) < uint64(p[j]) } func (p IDSlice) Swap(i, j int) { p[i], p[j] = p[j], p[i] } + +func (p IDSlice) String() string { + var b strings.Builder + if p.Len() > 0 { + b.WriteString(p[0].String()) + } + + for i := 1; i < p.Len(); i++ { + b.WriteString(",") + b.WriteString(p[i].String()) + } + + return b.String() +} diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/types/set.go b/vendor/go.etcd.io/etcd/client/pkg/v3/types/set.go index e7a3cdc9a..3e69c8d8b 100644 --- a/vendor/go.etcd.io/etcd/client/pkg/v3/types/set.go +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/types/set.go @@ -90,7 +90,7 @@ func (us *unsafeSet) Length() int { // Values returns the values of the Set in an unspecified order. func (us *unsafeSet) Values() (values []string) { - values = make([]string, 0) + values = make([]string, 0, len(us.d)) for val := range us.d { values = append(values, val) } diff --git a/vendor/go.etcd.io/etcd/client/pkg/v3/verify/verify.go b/vendor/go.etcd.io/etcd/client/pkg/v3/verify/verify.go new file mode 100644 index 000000000..a7b2097be --- /dev/null +++ b/vendor/go.etcd.io/etcd/client/pkg/v3/verify/verify.go @@ -0,0 +1,80 @@ +// Copyright 2022 The etcd Authors +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package verify + +import ( + "fmt" + "os" + "strings" +) + +const envVerify = "ETCD_VERIFY" + +type VerificationType string + +const ( + envVerifyValueAll VerificationType = "all" + envVerifyValueAssert VerificationType = "assert" +) + +func getEnvVerify() string { + return strings.ToLower(os.Getenv(envVerify)) +} + +func IsVerificationEnabled(verification VerificationType) bool { + env := getEnvVerify() + return env == string(envVerifyValueAll) || env == strings.ToLower(string(verification)) +} + +// EnableVerifications sets `envVerify` and returns a function that +// can be used to bring the original settings. +func EnableVerifications(verification VerificationType) func() { + previousEnv := getEnvVerify() + os.Setenv(envVerify, string(verification)) + return func() { + os.Setenv(envVerify, previousEnv) + } +} + +// EnableAllVerifications enables verification and returns a function +// that can be used to bring the original settings. +func EnableAllVerifications() func() { + return EnableVerifications(envVerifyValueAll) +} + +// DisableVerifications unsets `envVerify` and returns a function that +// can be used to bring the original settings. +func DisableVerifications() func() { + previousEnv := getEnvVerify() + os.Unsetenv(envVerify) + return func() { + os.Setenv(envVerify, previousEnv) + } +} + +// Verify performs verification if the assertions are enabled. +// In the default setup running in tests and skipped in the production code. +func Verify(f func()) { + if IsVerificationEnabled(envVerifyValueAssert) { + f() + } +} + +// Assert will panic with a given formatted message if the given condition is false. +func Assert(condition bool, msg string, v ...any) { + if !condition { + panic(fmt.Sprintf("assertion failed: "+msg, v...)) + } +} diff --git a/vendor/go.uber.org/multierr/CHANGELOG.md b/vendor/go.uber.org/multierr/CHANGELOG.md index cfd2e6abe..f8177b978 100644 --- a/vendor/go.uber.org/multierr/CHANGELOG.md +++ b/vendor/go.uber.org/multierr/CHANGELOG.md @@ -1,6 +1,13 @@ Releases ======== +v1.11.0 (2023-03-28) +==================== +- `Errors` now supports any error that implements multiple-error + interface. +- Add `Every` function to allow checking if all errors in the chain + satisfies `errors.Is` against the target error. + v1.10.0 (2023-03-08) ==================== diff --git a/vendor/go.uber.org/multierr/error.go b/vendor/go.uber.org/multierr/error.go index 4ee4b9f20..3a828b2df 100644 --- a/vendor/go.uber.org/multierr/error.go +++ b/vendor/go.uber.org/multierr/error.go @@ -142,6 +142,7 @@ package multierr // import "go.uber.org/multierr" import ( "bytes" + "errors" "fmt" "io" "strings" @@ -194,23 +195,7 @@ type errorGroup interface { // // Callers of this function are free to modify the returned slice. func Errors(err error) []error { - if err == nil { - return nil - } - - // Note that we're casting to multiError, not errorGroup. Our contract is - // that returned errors MAY implement errorGroup. Errors, however, only - // has special behavior for multierr-specific error objects. - // - // This behavior can be expanded in the future but I think it's prudent to - // start with as little as possible in terms of contract and possibility - // of misuse. - eg, ok := err.(*multiError) - if !ok { - return []error{err} - } - - return append(([]error)(nil), eg.Errors()...) + return extractErrors(err) } // multiError is an error that holds one or more errors. @@ -225,8 +210,6 @@ type multiError struct { errors []error } -var _ errorGroup = (*multiError)(nil) - // Errors returns the list of underlying errors. // // This slice MUST NOT be modified. @@ -252,6 +235,17 @@ func (merr *multiError) Error() string { return result } +// Every compares every error in the given err against the given target error +// using [errors.Is], and returns true only if every comparison returned true. +func Every(err error, target error) bool { + for _, e := range extractErrors(err) { + if !errors.Is(e, target) { + return false + } + } + return true +} + func (merr *multiError) Format(f fmt.State, c rune) { if c == 'v' && f.Flag('+') { merr.writeMultiline(f) diff --git a/vendor/go.uber.org/multierr/error_post_go120.go b/vendor/go.uber.org/multierr/error_post_go120.go index 0b00becf2..a173f9c25 100644 --- a/vendor/go.uber.org/multierr/error_post_go120.go +++ b/vendor/go.uber.org/multierr/error_post_go120.go @@ -27,3 +27,22 @@ package multierr func (merr *multiError) Unwrap() []error { return merr.Errors() } + +type multipleErrors interface { + Unwrap() []error +} + +func extractErrors(err error) []error { + if err == nil { + return nil + } + + // check if the given err is an Unwrapable error that + // implements multipleErrors interface. + eg, ok := err.(multipleErrors) + if !ok { + return []error{err} + } + + return append(([]error)(nil), eg.Unwrap()...) +} diff --git a/vendor/go.uber.org/multierr/error_pre_go120.go b/vendor/go.uber.org/multierr/error_pre_go120.go index 8da10f1a0..93872a3fc 100644 --- a/vendor/go.uber.org/multierr/error_pre_go120.go +++ b/vendor/go.uber.org/multierr/error_pre_go120.go @@ -57,3 +57,23 @@ func (merr *multiError) Is(target error) bool { } return false } + +func extractErrors(err error) []error { + if err == nil { + return nil + } + + // Note that we're casting to multiError, not errorGroup. Our contract is + // that returned errors MAY implement errorGroup. Errors, however, only + // has special behavior for multierr-specific error objects. + // + // This behavior can be expanded in the future but I think it's prudent to + // start with as little as possible in terms of contract and possibility + // of misuse. + eg, ok := err.(*multiError) + if !ok { + return []error{err} + } + + return append(([]error)(nil), eg.Errors()...) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 955b9e5e8..d7d9a863d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -808,8 +808,8 @@ go.etcd.io/etcd/api/v3/membershippb go.etcd.io/etcd/api/v3/mvccpb go.etcd.io/etcd/api/v3/v3rpc/rpctypes go.etcd.io/etcd/api/v3/version -# go.etcd.io/etcd/client/pkg/v3 v3.5.13 -## explicit; go 1.21 +# go.etcd.io/etcd/client/pkg/v3 v3.6.4 +## explicit; go 1.23.0 go.etcd.io/etcd/client/pkg/v3/fileutil go.etcd.io/etcd/client/pkg/v3/logutil go.etcd.io/etcd/client/pkg/v3/pathutil @@ -818,6 +818,7 @@ go.etcd.io/etcd/client/pkg/v3/systemd go.etcd.io/etcd/client/pkg/v3/tlsutil go.etcd.io/etcd/client/pkg/v3/transport go.etcd.io/etcd/client/pkg/v3/types +go.etcd.io/etcd/client/pkg/v3/verify # go.etcd.io/etcd/client/v2 v2.305.13 ## explicit; go 1.21 go.etcd.io/etcd/client/v2 @@ -935,7 +936,7 @@ go.opentelemetry.io/otel/trace go.opentelemetry.io/otel/trace/embedded go.opentelemetry.io/otel/trace/internal/telemetry go.opentelemetry.io/otel/trace/noop -# go.uber.org/multierr v1.10.0 +# go.uber.org/multierr v1.11.0 ## explicit; go 1.19 go.uber.org/multierr # go.uber.org/zap v1.27.0