New Upstream Snapshot - golang-gopkg-macaroon.v1
Ready changes
Summary
Merged new upstream version: 1.0.0 (was: 0.0~git20150121.0.ab3940c).
Resulting package
Built on 2022-11-14T18:52 (took 45m44s)
The resulting binary packages can be installed (if you have the apt repository enabled) by running one of:
apt install -t fresh-snapshots golang-gopkg-macaroon.v1-dev
Lintian Result
Diff
diff --git a/debian/changelog b/debian/changelog
index b764219..6d7646a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,8 +1,12 @@
-golang-gopkg-macaroon.v1 (0.0~git20150121.0.ab3940c-2) UNRELEASED; urgency=medium
+golang-gopkg-macaroon.v1 (1.0.0-1) UNRELEASED; urgency=medium
+ [ Alexandre Viau ]
* Point Vcs-* urls to salsa.debian.org.
- -- Alexandre Viau <aviau@debian.org> Mon, 02 Apr 2018 22:07:54 -0400
+ [ Debian Janitor ]
+ * New upstream release.
+
+ -- Alexandre Viau <aviau@debian.org> Mon, 14 Nov 2022 18:39:11 -0000
golang-gopkg-macaroon.v1 (0.0~git20150121.0.ab3940c-1) unstable; urgency=medium
diff --git a/go.mod b/go.mod
new file mode 100644
index 0000000..a941b99
--- /dev/null
+++ b/go.mod
@@ -0,0 +1,9 @@
+module gopkg.in/macaroon.v1
+
+go 1.13
+
+require (
+ github.com/kr/pretty v0.1.0 // indirect
+ golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8
+ gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127
+)
diff --git a/go.sum b/go.sum
new file mode 100644
index 0000000..1f9fe8b
--- /dev/null
+++ b/go.sum
@@ -0,0 +1,14 @@
+github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
+github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
+github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
+github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
+github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8 h1:1wopBVtVdWnn03fZelqdXTqk7U7zPQCb+T4rbU9ZEoU=
+golang.org/x/crypto v0.0.0-20190611184440-5c40567a22f8/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/macaroon.go b/macaroon.go
index 71a1d57..ea208b0 100644
--- a/macaroon.go
+++ b/macaroon.go
@@ -5,7 +5,7 @@
//
// See the macaroon bakery packages at http://godoc.org/gopkg.in/macaroon-bakery.v0
// for higher level services and operations that use macaroons.
-package macaroon
+package macaroon // import "gopkg.in/macaroon.v1"
import (
"bytes"
diff --git a/macaroon_test.go b/macaroon_test.go
index e668470..1a4403d 100644
--- a/macaroon_test.go
+++ b/macaroon_test.go
@@ -504,16 +504,26 @@ func (*macaroonSuite) TestMarshalJSON(c *gc.C) {
func (*macaroonSuite) TestJSONRoundTrip(c *gc.C) {
// jsonData produced from the second example in libmacaroons
- // example README, but with the signature tweaked to
- // match our current behaviour.
- // TODO fix that behaviour so that our signatures match.
- jsonData := `{"caveats":[{"cid":"account = 3735928559"},{"cid":"this was how we remind auth of key\/pred","vid":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA027FAuBYhtHwJ58FX6UlVNFtFsGxQHS7uD\/w\/dedwv4Jjw7UorCREw5rXbRqIKhr","cl":"http:\/\/auth.mybank\/"}],"location":"http:\/\/mybank\/","identifier":"we used our other secret key","signature":"6e315b0b391e8c6cc6f8d88fc22933a13430fb289b2fb613cf70f746bbe7d27d"}`
+ // example README with the following libmacaroons code:
+ //
+ // secret = 'this is a different super-secret key; never use the same secret twice'
+ // public = 'we used our other secret key'
+ // location = 'http://mybank/'
+ // M = macaroons.create(location, secret, public)
+ // M = M.add_first_party_caveat('account = 3735928559')
+ // caveat_key = '4; guaranteed random by a fair toss of the dice'
+ // predicate = 'user = Alice'
+ // identifier = 'this was how we remind auth of key/pred'
+ // M = M.add_third_party_caveat('http://auth.mybank/', caveat_key, identifier)
+ // m.serialize_json()
+
+ jsonData := `{"caveats":[{"cid":"account = 3735928559"},{"cid":"this was how we remind auth of key\/pred","vid":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA027FAuBYhtHwJ58FX6UlVNFtFsGxQHS7uD_w_dedwv4Jjw7UorCREw5rXbRqIKhr","cl":"http:\/\/auth.mybank\/"}],"location":"http:\/\/mybank\/","identifier":"we used our other secret key","signature":"d27db2fd1f22760e4c3dae8137e2d8fc1df6c0741c18aed4b97256bf78d1f55c"}`
var m macaroon.Macaroon
err := json.Unmarshal([]byte(jsonData), &m)
c.Assert(err, gc.IsNil)
c.Assert(hex.EncodeToString(m.Signature()), gc.Equals,
- "6e315b0b391e8c6cc6f8d88fc22933a13430fb289b2fb613cf70f746bbe7d27d")
+ "d27db2fd1f22760e4c3dae8137e2d8fc1df6c0741c18aed4b97256bf78d1f55c")
data, err := m.MarshalJSON()
c.Assert(err, gc.IsNil)
@@ -608,13 +618,13 @@ func (*macaroonSuite) TestBinaryRoundTrip(c *gc.C) {
func (*macaroonSuite) TestBinaryMarshalingAgainstLibmacaroon(c *gc.C) {
// Test that a libmacaroon marshalled macaroon can be correctly unmarshaled
- data, err := base64.StdEncoding.DecodeString(
- "MDAxN2xvY2F0aW9uIHNvbWV3aGVyZQowMDEyaWRlbnRpZmllciBpZAowMDEzY2lkIGlkZW50aWZpZXIKMDA1MXZpZCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4i9QwCgbL/wZGFvLQpsyhLOv0v6VjIo2KJv5miz+7krqCpt5EhmrL8pYO9xrhT80KMDAxM2NsIHRoaXJkIHBhcnR5CjAwMmZzaWduYXR1cmUg3BXkIDX0giAPPrgkDLbiMGYy/zsC2qPb4jU4G/dohkAK")
+ data, err := base64.RawURLEncoding.DecodeString(
+ "MDAxY2xvY2F0aW9uIGh0dHA6Ly9teWJhbmsvCjAwMmNpZGVudGlmaWVyIHdlIHVzZWQgb3VyIG90aGVyIHNlY3JldCBrZXkKMDAxZGNpZCBhY2NvdW50ID0gMzczNTkyODU1OQowMDMwY2lkIHRoaXMgd2FzIGhvdyB3ZSByZW1pbmQgYXV0aCBvZiBrZXkvcHJlZAowMDUxdmlkIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANNuxQLgWIbR8CefBV-lJVTRbRbBsUB0u7g_8P3XncL-CY8O1KKwkRMOa120aiCoawowMDFiY2wgaHR0cDovL2F1dGgubXliYW5rLwowMDJmc2lnbmF0dXJlINJ9sv0fInYOTD2ugTfi2Pwd9sB0HBiu1LlyVr940fVcCg")
c.Assert(err, gc.IsNil)
var m0 macaroon.Macaroon
err = m0.UnmarshalBinary(data)
c.Assert(err, gc.IsNil)
- jsonData := []byte(`{"caveats":[{"cid":"identifier","vid":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuIvUMAoGy/8GRhby0KbMoSzr9L+lYyKNiib+Zos/u5K6gqbeRIZqy/KWDvca4U/N","cl":"third party"}],"location":"somewhere","identifier":"id","signature":"dc15e42035f482200f3eb8240cb6e2306632ff3b02daa3dbe235381bf7688640"}`)
+ jsonData := []byte(`{"caveats":[{"cid":"account = 3735928559"},{"cid":"this was how we remind auth of key\/pred","vid":"AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA027FAuBYhtHwJ58FX6UlVNFtFsGxQHS7uD_w_dedwv4Jjw7UorCREw5rXbRqIKhr","cl":"http:\/\/auth.mybank\/"}],"location":"http:\/\/mybank\/","identifier":"we used our other secret key","signature":"d27db2fd1f22760e4c3dae8137e2d8fc1df6c0741c18aed4b97256bf78d1f55c"}`)
var m1 macaroon.Macaroon
err = m1.UnmarshalJSON(jsonData)
c.Assert(err, gc.IsNil)
diff --git a/marshal.go b/marshal.go
index 8e36497..69c93d2 100644
--- a/marshal.go
+++ b/marshal.go
@@ -53,7 +53,7 @@ func (m *Macaroon) MarshalJSON() ([]byte, error) {
mjson.Caveats[i] = caveatJSON{
Location: m.dataStr(cav.location),
CID: m.dataStr(cav.caveatId),
- VID: base64.URLEncoding.EncodeToString(m.dataBytes(cav.verificationId)),
+ VID: base64.RawURLEncoding.EncodeToString(m.dataBytes(cav.verificationId)),
}
}
data, err := json.Marshal(mjson)
@@ -152,6 +152,7 @@ func (m *Macaroon) unmarshalBinaryNoCopy(data []byte) error {
case fieldCaveatId:
if cav.caveatId.len() != 0 {
m.caveats = append(m.caveats, cav)
+ cav = caveat{}
}
cav.caveatId = p
case fieldVerificationId:
@@ -244,16 +245,8 @@ func (s *Slice) UnmarshalBinary(data []byte) error {
// base64Decode decodes base64 data that might be missing trailing
// pad characters.
func base64Decode(b64String string) ([]byte, error) {
- paddedLen := (len(b64String) + 3) / 4 * 4
- b64data := make([]byte, len(b64String), paddedLen)
- copy(b64data, b64String)
- for i := len(b64String); i < paddedLen; i++ {
- b64data = append(b64data, '=')
+ if data, err := base64.StdEncoding.DecodeString(b64String); err == nil {
+ return data, nil
}
- data := make([]byte, base64.URLEncoding.DecodedLen(len(b64data)))
- n, err := base64.URLEncoding.Decode(data, b64data)
- if err != nil {
- return nil, err
- }
- return data[0:n], nil
+ return base64.RawURLEncoding.DecodeString(b64String)
}
diff --git a/marshal_test.go b/marshal_test.go
index 2f239ab..79b3b97 100644
--- a/marshal_test.go
+++ b/marshal_test.go
@@ -14,7 +14,13 @@ func (*marshalSuite) TestMarshalUnmarshalMacaroon(c *gc.C) {
rootKey := []byte("secret")
m := MustNew(rootKey, "some id", "a location")
- err := m.AddFirstPartyCaveat("a caveat")
+ // Adding the third party caveat before the first party caveat
+ // tests a former bug where the caveat wasn't zeroed
+ // before moving to the next caveat.
+ err := m.AddThirdPartyCaveat([]byte("shared root key"), "3rd party caveat", "remote.com")
+ c.Assert(err, gc.IsNil)
+
+ err = m.AddFirstPartyCaveat("a caveat")
c.Assert(err, gc.IsNil)
b, err := m.MarshalBinary()
Debdiff
[The following lists of changes regard files as different if they have different names, permissions or owners.]
Files in second set of .debs but not in first
-rw-r--r-- root/root /usr/share/gocode/src/gopkg.in/macaroon.v1/go.mod -rw-r--r-- root/root /usr/share/gocode/src/gopkg.in/macaroon.v1/go.sum
No differences were encountered in the control files