Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch golang.org/x/crypto to gravitational fork #19579

Merged
merged 9 commits into from
Jan 4, 2023
Merged

Switch golang.org/x/crypto to gravitational fork #19579

merged 9 commits into from
Jan 4, 2023

Conversation

jakule
Copy link
Contributor

@jakule jakule commented Dec 21, 2022
edited
Loading

This PR switches Teleport from using golang.org/x/crypto to our internal fork github.com/gravitational/crypto to work around the issue with OpenSSH < 7.6.
Recently, Go crypto added support for OpenSSH 8.5+ golang/crypto@6fad3df, but they also broke the older OpenSSH compatibility. Our fork works with older and "modern" OpenSSH, including this gravitational/crypto@903e656 change (not yet available upstream).

Closes #10918
Closes #17197
Closes #17046

@jakule jakule force-pushed the jakule/switch-crypto-fork branch from 078feec to 1f4d3d1 Compare December 28, 2022 17:18
@jakule jakule marked this pull request as ready for review December 28, 2022 18:32
@github-actions github-actions bot added machine-id size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Dec 28, 2022
@jakule jakule mentioned this pull request Dec 28, 2022
Closed
hatched
hatched approved these changes Dec 28, 2022
View reviewed changes
go.mod
@@ -371,4 +366,6 @@ replace (
github.com/pkg/sftp => github.com/gravitational/sftp v1.13.6-0.20220927202521-0e74d42f8055
github.com/sirupsen/logrus => github.com/gravitational/logrus v1.4.4-0.20210817004754-047e20245621
github.com/vulcand/predicate => github.com/gravitational/predicate v1.3.0
// Use our internal crypto fork, to work around the issue with OpenSSH <= 7.6 mentioned here: https://github.com/golang/go/issues/53391
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we have an issue somewhere to track reverting this change once this issue has been resolved upstream?

@jakule jakule mentioned this pull request Dec 29, 2022
Closed
@jakule
Copy link
Contributor Author

jakule commented Jan 3, 2023

@fspmarshall Friendly ping.

@zmb3
Copy link
Collaborator

zmb3 commented Jan 3, 2023

cc @rosstimothy for awareness - we'll have to keep our fork up to date as upstream changes

@rosstimothy
Copy link
Contributor

Does this change allow us to update dependencies which in turn depend on > x/crypto v0.2.0?

codingllama
codingllama requested changes Jan 3, 2023
View reviewed changes
Copy link
Contributor

@codingllama codingllama left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Could you update the following files as well?

go.mod Outdated Show resolved Hide resolved
@codingllama codingllama mentioned this pull request Jan 3, 2023
Merged
@jakule
Copy link
Contributor Author

jakule commented Jan 3, 2023

Does this change allow us to update dependencies which in turn depend on > x/crypto v0.2.0?

@rosstimothy Yes, with this change, we can use x/crypto HEAD.

@jakule jakule force-pushed the jakule/switch-crypto-fork branch from 200c4cb to 9fa7a16 Compare January 3, 2023 18:58
@jakule jakule requested a review from codingllama January 3, 2023 18:58
@github-actions github-actions bot removed the request for review from fspmarshall January 3, 2023 18:59
@codingllama
Copy link
Contributor

Could you update the following files as well?

Missing dependabot.yml?

@jakule jakule force-pushed the jakule/switch-crypto-fork branch from 9fa7a16 to 981e541 Compare January 3, 2023 21:50
@jakule
Copy link
Contributor Author

jakule commented Jan 3, 2023

@codingllama Sorry, I missed that. Fixed 981e541

@jakule jakule force-pushed the jakule/switch-crypto-fork branch from af165c5 to 5c73691 Compare January 4, 2023 16:57
@jakule jakule enabled auto-merge (squash) January 4, 2023 19:20
@jakule jakule merged commit d68cb93 into master Jan 4, 2023
@jakule jakule mentioned this pull request Feb 7, 2023
Closed
@jakule jakule deleted the jakule/switch-crypto-fork branch March 20, 2023 16:30
@bkrypto bkrypto mentioned this pull request Aug 4, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@codingllama codingllama codingllama approved these changes

@zmb3 zmb3 zmb3 approved these changes

@hatched hatched hatched approved these changes

Assignees
No one assigned
Labels
machine-id size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport.
Projects
None yet
Milestone
No milestone
5 participants
@jakule @zmb3 @rosstimothy @codingllama @hatched