github/weave-scope
1
0
Fork 0
mirror of https://github.com/weaveworks/scope.git synced 2026-03-02 01:30:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1045 from weaveworks/release-0.13.0

Browse Source 
Release 0.13.0
This commit is contained in:
David
2016-02-29 14:52:38 +01:00
parent fe0ee681f9 bf3a866f77
commit dd72e32fb3
13 changed files with 875 additions and 20 deletions
Download Patch File Download Diff File Expand all files Collapse all files

159
CHANGELOG.md
View File

@@ -1,3 +1,162 @@
## Release 0.13.0
Note: This release come with big performance improvements, cutting the probe's CPU usage by 70% and the app's CPU usage by up to 85%. See detailed performance improvement-related changes below:
Performance improvements:
- Improve codec performance
[#916](https://github.com/weaveworks/scope/pull/916)
[#1002](https://github.com/weaveworks/scope/pull/1002)
[#1005](https://github.com/weaveworks/scope/pull/1005)
[#980](https://github.com/weaveworks/scope/pull/980)
- Reduce amount of objects allocated by the codec
[#1000](https://github.com/weaveworks/scope/pull/1000)
- Refactor app for multitenancy
[#997](https://github.com/weaveworks/scope/pull/997)
- Improve performance of docker stats obtention
[#989](https://github.com/weaveworks/scope/pull/989)
- Rate-limit reading proc files
[#912](https://github.com/weaveworks/scope/pull/912)
[#905](https://github.com/weaveworks/scope/pull/905)
- Compile k8s selectors once (not for each pod)
[#918](https://github.com/weaveworks/scope/pull/918)
- Fix reading of network namespace inodes
[#898](https://github.com/weaveworks/scope/pull/898)
New features and enhancements:
- Node shapes for different topologies, e.g. heptagons for Kubernetes pods
[#884](https://github.com/weaveworks/scope/pull/884)
[#1006](https://github.com/weaveworks/scope/pull/1006)
[#1037](https://github.com/weaveworks/scope/pull/1037)
- Force-relayout button that may help with topology layouts that have lots of edge crossings
[#981](https://github.com/weaveworks/scope/pull/981)
- Download button to save the current node graph as SVG file
[#1027](https://github.com/weaveworks/scope/pull/1027)
- Replace Show More buttons with carets w/ counts
[#1012](https://github.com/weaveworks/scope/pull/1012)
[#1029](https://github.com/weaveworks/scope/pull/1029)
- Improve contrast of default view
[#979](https://github.com/weaveworks/scope/pull/979)
- High contrast mode button for viewing scope on projectors
[#954](https://github.com/weaveworks/scope/pull/954)
[#984](https://github.com/weaveworks/scope/pull/984)
- Gather file descriptors as process metric
[#961](https://github.com/weaveworks/scope/pull/961)
- Show Docker Labels in their own table in details panel
[#904](https://github.com/weaveworks/scope/pull/904)
[#965](https://github.com/weaveworks/scope/pull/965)
- Improve highlighting of selected topology
[#936](https://github.com/weaveworks/scope/pull/936)
[#964](https://github.com/weaveworks/scope/pull/964)
- Details: only show important metadata by default, expand the rest
[#946](https://github.com/weaveworks/scope/pull/946)
- Reorder the children tables in the details panel by importance
[#941](https://github.com/weaveworks/scope/pull/941)
- Shorten docker container and image IDs in the details panel.
[#930](https://github.com/weaveworks/scope/pull/930)
- Shorten some details panel labels which were truncated
[#940](https://github.com/weaveworks/scope/pull/940)
- Sparklines update every second and show 60sec history
[#795](https://github.com/weaveworks/scope/pull/795)
- Add Container Count column to container images table
[#919](https://github.com/weaveworks/scope/pull/919)
- Periodically check for newer versions of scope.
[#907](https://github.com/weaveworks/scope/pull/907)
- Rename Applications -> Process, sort topologies by rank.
[#866](https://github.com/weaveworks/scope/pull/866)
- Rename 'by hostname' to 'by dns name'
[#856](https://github.com/weaveworks/scope/pull/856)
- Add container uptime and restart count to details panel.
[#853](https://github.com/weaveworks/scope/pull/853)
- Use connection directions from conntrack for improved layout flow
[#967](https://github.com/weaveworks/scope/pull/967)
- Support for container controls in Kubernetes
[#1043](https://github.com/weaveworks/scope/pull/1043)
- Add debug logging
[#935](https://github.com/weaveworks/scope/pull/935)
Bug fixes:
- Use TCP for weave dns to fix autoclustering
[#1038](https://github.com/weaveworks/scope/pull/1038)
- Add ping/pong to websocket protocol to prevent websocket connections being dropped when traversing loadbalancers
[#995](https://github.com/weaveworks/scope/pull/995)
- Handle closing of docker events channel gracefully
[#1014](https://github.com/weaveworks/scope/pull/1014)
- Don't show blank IPs metadata row for containers with no IP
[#960](https://github.com/weaveworks/scope/pull/960)
- Remove pointer math (comparison) from render caching, as it is unreliable
[#962](https://github.com/weaveworks/scope/pull/962)
- set TERM=xterm on execs to work around docker issue 9299
[#969](https://github.com/weaveworks/scope/pull/969)
- Fix weave tagger crash
[#976](https://github.com/weaveworks/scope/pull/976)
- Use Sirupsen/logrus logger in the Weave tagger
[#974](https://github.com/weaveworks/scope/pull/974)
- Fix JSON encoding for fixedprobe
[#975](https://github.com/weaveworks/scope/pull/975)
- Don't render any metrics/metadata for uncontained node
[#956](https://github.com/weaveworks/scope/pull/956)
- Update go-dockerclient to fix bug with docker 1.10
[#952](https://github.com/weaveworks/scope/pull/952)
- Show nice column labels when no children have metrics
[#950](https://github.com/weaveworks/scope/pull/950)
- Fixes process-by-name layout with ./foo and /foo nodes
[#948](https://github.com/weaveworks/scope/pull/948)
- Deal with starting / stopping weave whilst scope is running
[#867](https://github.com/weaveworks/scope/pull/867)
- Remove host links that link to themselves in details panel
[#917](https://github.com/weaveworks/scope/pull/917)
- Just show the untruncated label in the tooltip on children
[#911](https://github.com/weaveworks/scope/pull/911)
- Taking a read lock twice only works most of the time.
[#889](https://github.com/weaveworks/scope/pull/889)
- Details panel table header looks up label in all rows
[#895](https://github.com/weaveworks/scope/pull/895)
- Fixes some fields overflowing badly in details panel in Chrome 48
[#892](https://github.com/weaveworks/scope/pull/892)
- Stop details cards popping up over the terminal.
[#882](https://github.com/weaveworks/scope/pull/882)
- Fixes host node/details panel color mismatch
[#880](https://github.com/weaveworks/scope/pull/880)
- Don't log expected websocket errors
[#1024](https://github.com/weaveworks/scope/pull/1024)
- Overwrite /etc/weave/apps, because it might already exist
[#959](https://github.com/weaveworks/scope/pull/959)
- Log a warning when reporters or taggers take too long to generate
[#944](https://github.com/weaveworks/scope/pull/944)
- Minor refactor of backend metadata and metric rendering
[#920](https://github.com/weaveworks/scope/pull/920)
- Add some tests, and a zero-value for report.Sets
[#903](https://github.com/weaveworks/scope/pull/903)
Build improvements and cleanup:
- Disable checkpointing in tests.
[#1031](https://github.com/weaveworks/scope/pull/1031)
- Turn off GC for builds.
[#1023](https://github.com/weaveworks/scope/pull/1023)
- Bump template name to get latest version of docker.
[#998](https://github.com/weaveworks/scope/pull/998)
- Fixes building scope outside of a container.
[#901](https://github.com/weaveworks/scope/pull/901)
- Don't need sudo when DOCKER_HOST is tcp.
[#888](https://github.com/weaveworks/scope/pull/888)
- Disable npm progress to speed up build
[#894](https://github.com/weaveworks/scope/pull/894)
- Refactoring deepequal to satisfy linter
[#890](https://github.com/weaveworks/scope/pull/890)
Documentation:
- Document how to obtain profiles without `go tool pprof`
[#993](https://github.com/weaveworks/scope/pull/993)
- Use short URL for scope download
[#1018](https://github.com/weaveworks/scope/pull/1018)
- Added note about docker and go dependency to the readme
[#966](https://github.com/weaveworks/scope/pull/966)
- Update readme and images.
[#885](https://github.com/weaveworks/scope/pull/885)
- Update approach to trigger signal dumps
[#883](https://github.com/weaveworks/scope/pull/883)
## Release 0.12.0
New features and enhancements:

6
README.md
View File

@@ -62,6 +62,8 @@ available. To disable this, run:
CHECKPOINT_DISABLE=true scope launch
```
For more information, [read this](https://github.com/weaveworks/go-checkpoint).
## <a name="architecture"></a>Architecture
Weave Scope consists of two components: the app and the probe. These two
@@ -289,9 +291,9 @@ go tool pprof http://localhost:4040/debug/pprof/heap
```
go tool pprof http://localhost:4041/debug/pprof/profile
```
If you don't have `go` installed, you can use a docker container instead:
* To collect the Memory profile of the Scope App:
```

6
client/app/scripts/components/node-details/node-details-table.js
View File

@@ -70,7 +70,8 @@ export default class NodeDetailsTable extends React.Component {
renderHeaders() {
if (this.props.nodes && this.props.nodes.length > 0) {
const headers = [{id: 'label', label: this.props.label}].concat(this.props.columns);
const columns = this.props.columns || [];
const headers = [{id: 'label', label: this.props.label}].concat(columns);
const defaultSortBy = this.getDefaultSortBy();
return (
@@ -103,7 +104,8 @@ export default class NodeDetailsTable extends React.Component {
renderValues(node) {
const fields = this.getValuesForNode(node);
return this.props.columns.map(({id}) => {
const columns = this.props.columns || [];
return columns.map(({id}) => {
const field = fields[id];
if (field) {
if (field.valueType === 'metadata') {

5
prog/app.go
View File

@@ -50,9 +50,8 @@ func appMain() {
// Start background version checking
checkpoint.CheckInterval(&checkpoint.CheckParams{
Product: "scope-app",
Version: app.Version,
SignatureFile: signatureFile,
Product: "scope-app",
Version: app.Version,
}, versionCheckPeriod, func(r *checkpoint.CheckResponse, err error) {
if r.Outdated {
log.Infof("Scope version %s is available; please update at %s",

6
prog/probe.go
View File

@@ -35,7 +35,6 @@ import (
)
const (
signatureFile = "/etc/weave/signature"
versionCheckPeriod = 6 * time.Hour
)
@@ -51,9 +50,8 @@ func check() {
// Start background version checking
params := checkpoint.CheckParams{
Product: "scope-probe",
Version: version,
SignatureFile: signatureFile,
Product: "scope-probe",
Version: version,
}
resp, err := checkpoint.Check(&params)
handleResponse(resp, err)

5
scope
View File

@@ -90,13 +90,8 @@ check_not_running() {
}
launch_command() {
local args="-v /etc/weave:/etc/weave"
if (set +u; [ -n "$CHECKPOINT_DISABLE" ]); then
args=
fi
echo docker run --privileged -d --name=$SCOPE_CONTAINER_NAME --net=host --pid=host \
-v /var/run/docker.sock:/var/run/docker.sock \
$args \
-e CHECKPOINT_DISABLE \
$WEAVESCOPE_DOCKER_ARGS $SCOPE_IMAGE --probe.docker true "$@"
}

24
vendor/github.com/weaveworks/go-checkpoint/Makefile generated vendored Normal file
View File

@@ -0,0 +1,24 @@
BUILD_IN_CONTAINER ?= true
RM=--rm
BUILD_IMAGE=golang:1.5.3
ifeq ($(BUILD_IN_CONTAINER),true)
all test:
$(SUDO) docker run $(RM) -ti \
-v $(shell pwd):/go/src/github.com/weaveworks/go-checkpoint \
-e GOARCH -e GOOS -e BUILD_IN_CONTAINER=false \
$(BUILD_IMAGE) make -C /go/src/github.com/weaveworks/go-checkpoint $@
else
all:
go get .
go build .
test:
go get .
go test
endif

31
vendor/github.com/weaveworks/go-checkpoint/checkpoint.go generated vendored
View File

@@ -4,9 +4,11 @@ package checkpoint
import (
"crypto/rand"
"encoding/base64"
"encoding/binary"
"encoding/json"
"fmt"
"golang.org/x/crypto/scrypt"
"io"
"io/ioutil"
mrand "math/rand"
@@ -116,11 +118,15 @@ func Check(p *CheckParams) (*CheckResponse, error) {
p.OS = runtime.GOOS
}
// If we're given a SignatureFile, then attempt to read that.
// If we're not given a Signature, then attempt to read one.
signature := p.Signature
if p.Signature == "" && p.SignatureFile != "" {
if p.Signature == "" {
var err error
signature, err = checkSignature(p.SignatureFile)
if p.SignatureFile == "" {
signature, err = getSystemUUID()
} else {
signature, err = checkSignature(p.SignatureFile)
}
if err != nil {
return nil, err
}
@@ -145,6 +151,7 @@ func Check(p *CheckParams) (*CheckResponse, error) {
req.Header.Add("User-Agent", "HashiCorp/go-checkpoint")
client := cleanhttp.DefaultClient()
defer client.Transport.(*http.Transport).CloseIdleConnections()
resp, err := client.Do(req)
if err != nil {
return nil, err
@@ -154,6 +161,7 @@ func Check(p *CheckParams) (*CheckResponse, error) {
}
var r io.Reader = resp.Body
defer resp.Body.Close()
if p.CacheFile != "" {
// Make sure the directory holding our cache exists.
if err := os.MkdirAll(filepath.Dir(p.CacheFile), 0755); err != nil {
@@ -284,6 +292,23 @@ func checkResult(r io.Reader) (*CheckResponse, error) {
return &result, nil
}
// getSystemUUID returns the base64 encoded, scrypt hashed contents of
// /sys/class/dmi/id/product_uuid.
func getSystemUUID() (string, error) {
uuid, err := ioutil.ReadFile("/sys/class/dmi/id/product_uuid")
if err != nil {
return "", err
}
if len(uuid) <= 0 {
return "", fmt.Errorf("Empty system uuid")
}
hash, err := scrypt.Key(uuid, uuid, 16384, 8, 1, 32)
if err != nil {
return "", err
}
return base64.StdEncoding.EncodeToString(hash), nil
}
func checkSignature(path string) (string, error) {
_, err := os.Stat(path)
if err == nil {

77
vendor/golang.org/x/crypto/pbkdf2/pbkdf2.go generated vendored Normal file
View File

@@ -0,0 +1,77 @@
// Copyright 2012 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
/*
Package pbkdf2 implements the key derivation function PBKDF2 as defined in RFC
2898 / PKCS #5 v2.0.
A key derivation function is useful when encrypting data based on a password
or any other not-fully-random data. It uses a pseudorandom function to derive
a secure encryption key based on the password.
While v2.0 of the standard defines only one pseudorandom function to use,
HMAC-SHA1, the drafted v2.1 specification allows use of all five FIPS Approved
Hash Functions SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 for HMAC. To
choose, you can pass the `New` functions from the different SHA packages to
pbkdf2.Key.
*/
package pbkdf2 // import "golang.org/x/crypto/pbkdf2"
import (
"crypto/hmac"
"hash"
)
// Key derives a key from the password, salt and iteration count, returning a
// []byte of length keylen that can be used as cryptographic key. The key is
// derived based on the method described as PBKDF2 with the HMAC variant using
// the supplied hash function.
//
// For example, to use a HMAC-SHA-1 based PBKDF2 key derivation function, you
// can get a derived key for e.g. AES-256 (which needs a 32-byte key) by
// doing:
//
// dk := pbkdf2.Key([]byte("some password"), salt, 4096, 32, sha1.New)
//
// Remember to get a good random salt. At least 8 bytes is recommended by the
// RFC.
//
// Using a higher iteration count will increase the cost of an exhaustive
// search but will also make derivation proportionally slower.
func Key(password, salt []byte, iter, keyLen int, h func() hash.Hash) []byte {
prf := hmac.New(h, password)
hashLen := prf.Size()
numBlocks := (keyLen + hashLen - 1) / hashLen
var buf [4]byte
dk := make([]byte, 0, numBlocks*hashLen)
U := make([]byte, hashLen)
for block := 1; block <= numBlocks; block++ {
// N.B.: || means concatenation, ^ means XOR
// for each block T_i = U_1 ^ U_2 ^ ... ^ U_iter
// U_1 = PRF(password, salt || uint(i))
prf.Reset()
prf.Write(salt)
buf[0] = byte(block >> 24)
buf[1] = byte(block >> 16)
buf[2] = byte(block >> 8)
buf[3] = byte(block)
prf.Write(buf[:4])
dk = prf.Sum(dk)
T := dk[len(dk)-hashLen:]
copy(U, T)
// U_n = PRF(password, U_(n-1))
for n := 2; n <= iter; n++ {
prf.Reset()
prf.Write(U)
U = U[:0]
U = prf.Sum(U)
for x := range U {
T[x] ^= U[x]
}
}
}
return dk[:keyLen]
}

157
vendor/golang.org/x/crypto/pbkdf2/pbkdf2_test.go generated vendored Normal file
View File

@@ -0,0 +1,157 @@
// Copyright 2012 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package pbkdf2
import (
"bytes"
"crypto/sha1"
"crypto/sha256"
"hash"
"testing"
)
type testVector struct {
password string
salt string
iter int
output []byte
}
// Test vectors from RFC 6070, http://tools.ietf.org/html/rfc6070
var sha1TestVectors = []testVector{
{
"password",
"salt",
1,
[]byte{
0x0c, 0x60, 0xc8, 0x0f, 0x96, 0x1f, 0x0e, 0x71,
0xf3, 0xa9, 0xb5, 0x24, 0xaf, 0x60, 0x12, 0x06,
0x2f, 0xe0, 0x37, 0xa6,
},
},
{
"password",
"salt",
2,
[]byte{
0xea, 0x6c, 0x01, 0x4d, 0xc7, 0x2d, 0x6f, 0x8c,
0xcd, 0x1e, 0xd9, 0x2a, 0xce, 0x1d, 0x41, 0xf0,
0xd8, 0xde, 0x89, 0x57,
},
},
{
"password",
"salt",
4096,
[]byte{
0x4b, 0x00, 0x79, 0x01, 0xb7, 0x65, 0x48, 0x9a,
0xbe, 0xad, 0x49, 0xd9, 0x26, 0xf7, 0x21, 0xd0,
0x65, 0xa4, 0x29, 0xc1,
},
},
// // This one takes too long
// {
// "password",
// "salt",
// 16777216,
// []byte{
// 0xee, 0xfe, 0x3d, 0x61, 0xcd, 0x4d, 0xa4, 0xe4,
// 0xe9, 0x94, 0x5b, 0x3d, 0x6b, 0xa2, 0x15, 0x8c,
// 0x26, 0x34, 0xe9, 0x84,
// },
// },
{
"passwordPASSWORDpassword",
"saltSALTsaltSALTsaltSALTsaltSALTsalt",
4096,
[]byte{
0x3d, 0x2e, 0xec, 0x4f, 0xe4, 0x1c, 0x84, 0x9b,
0x80, 0xc8, 0xd8, 0x36, 0x62, 0xc0, 0xe4, 0x4a,
0x8b, 0x29, 0x1a, 0x96, 0x4c, 0xf2, 0xf0, 0x70,
0x38,
},
},
{
"pass\000word",
"sa\000lt",
4096,
[]byte{
0x56, 0xfa, 0x6a, 0xa7, 0x55, 0x48, 0x09, 0x9d,
0xcc, 0x37, 0xd7, 0xf0, 0x34, 0x25, 0xe0, 0xc3,
},
},
}
// Test vectors from
// http://stackoverflow.com/questions/5130513/pbkdf2-hmac-sha2-test-vectors
var sha256TestVectors = []testVector{
{
"password",
"salt",
1,
[]byte{
0x12, 0x0f, 0xb6, 0xcf, 0xfc, 0xf8, 0xb3, 0x2c,
0x43, 0xe7, 0x22, 0x52, 0x56, 0xc4, 0xf8, 0x37,
0xa8, 0x65, 0x48, 0xc9,
},
},
{
"password",
"salt",
2,
[]byte{
0xae, 0x4d, 0x0c, 0x95, 0xaf, 0x6b, 0x46, 0xd3,
0x2d, 0x0a, 0xdf, 0xf9, 0x28, 0xf0, 0x6d, 0xd0,
0x2a, 0x30, 0x3f, 0x8e,
},
},
{
"password",
"salt",
4096,
[]byte{
0xc5, 0xe4, 0x78, 0xd5, 0x92, 0x88, 0xc8, 0x41,
0xaa, 0x53, 0x0d, 0xb6, 0x84, 0x5c, 0x4c, 0x8d,
0x96, 0x28, 0x93, 0xa0,
},
},
{
"passwordPASSWORDpassword",
"saltSALTsaltSALTsaltSALTsaltSALTsalt",
4096,
[]byte{
0x34, 0x8c, 0x89, 0xdb, 0xcb, 0xd3, 0x2b, 0x2f,
0x32, 0xd8, 0x14, 0xb8, 0x11, 0x6e, 0x84, 0xcf,
0x2b, 0x17, 0x34, 0x7e, 0xbc, 0x18, 0x00, 0x18,
0x1c,
},
},
{
"pass\000word",
"sa\000lt",
4096,
[]byte{
0x89, 0xb6, 0x9d, 0x05, 0x16, 0xf8, 0x29, 0x89,
0x3c, 0x69, 0x62, 0x26, 0x65, 0x0a, 0x86, 0x87,
},
},
}
func testHash(t *testing.T, h func() hash.Hash, hashName string, vectors []testVector) {
for i, v := range vectors {
o := Key([]byte(v.password), []byte(v.salt), v.iter, len(v.output), h)
if !bytes.Equal(o, v.output) {
t.Errorf("%s %d: expected %x, got %x", hashName, i, v.output, o)
}
}
}
func TestWithHMACSHA1(t *testing.T) {
testHash(t, sha1.New, "SHA1", sha1TestVectors)
}
func TestWithHMACSHA256(t *testing.T) {
testHash(t, sha256.New, "SHA256", sha256TestVectors)
}

243
vendor/golang.org/x/crypto/scrypt/scrypt.go generated vendored Normal file
View File

@@ -0,0 +1,243 @@
// Copyright 2012 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
// Package scrypt implements the scrypt key derivation function as defined in
// Colin Percival's paper "Stronger Key Derivation via Sequential Memory-Hard
// Functions" (http://www.tarsnap.com/scrypt/scrypt.pdf).
package scrypt // import "golang.org/x/crypto/scrypt"
import (
"crypto/sha256"
"errors"
"golang.org/x/crypto/pbkdf2"
)
const maxInt = int(^uint(0) >> 1)
// blockCopy copies n numbers from src into dst.
func blockCopy(dst, src []uint32, n int) {
copy(dst, src[:n])
}
// blockXOR XORs numbers from dst with n numbers from src.
func blockXOR(dst, src []uint32, n int) {
for i, v := range src[:n] {
dst[i] ^= v
}
}
// salsaXOR applies Salsa20/8 to the XOR of 16 numbers from tmp and in,
// and puts the result into both both tmp and out.
func salsaXOR(tmp *[16]uint32, in, out []uint32) {
w0 := tmp[0] ^ in[0]
w1 := tmp[1] ^ in[1]
w2 := tmp[2] ^ in[2]
w3 := tmp[3] ^ in[3]
w4 := tmp[4] ^ in[4]
w5 := tmp[5] ^ in[5]
w6 := tmp[6] ^ in[6]
w7 := tmp[7] ^ in[7]
w8 := tmp[8] ^ in[8]
w9 := tmp[9] ^ in[9]
w10 := tmp[10] ^ in[10]
w11 := tmp[11] ^ in[11]
w12 := tmp[12] ^ in[12]
w13 := tmp[13] ^ in[13]
w14 := tmp[14] ^ in[14]
w15 := tmp[15] ^ in[15]
x0, x1, x2, x3, x4, x5, x6, x7, x8 := w0, w1, w2, w3, w4, w5, w6, w7, w8
x9, x10, x11, x12, x13, x14, x15 := w9, w10, w11, w12, w13, w14, w15
for i := 0; i < 8; i += 2 {
u := x0 + x12
x4 ^= u<<7 | u>>(32-7)
u = x4 + x0
x8 ^= u<<9 | u>>(32-9)
u = x8 + x4
x12 ^= u<<13 | u>>(32-13)
u = x12 + x8
x0 ^= u<<18 | u>>(32-18)
u = x5 + x1
x9 ^= u<<7 | u>>(32-7)
u = x9 + x5
x13 ^= u<<9 | u>>(32-9)
u = x13 + x9
x1 ^= u<<13 | u>>(32-13)
u = x1 + x13
x5 ^= u<<18 | u>>(32-18)
u = x10 + x6
x14 ^= u<<7 | u>>(32-7)
u = x14 + x10
x2 ^= u<<9 | u>>(32-9)
u = x2 + x14
x6 ^= u<<13 | u>>(32-13)
u = x6 + x2
x10 ^= u<<18 | u>>(32-18)
u = x15 + x11
x3 ^= u<<7 | u>>(32-7)
u = x3 + x15
x7 ^= u<<9 | u>>(32-9)
u = x7 + x3
x11 ^= u<<13 | u>>(32-13)
u = x11 + x7
x15 ^= u<<18 | u>>(32-18)
u = x0 + x3
x1 ^= u<<7 | u>>(32-7)
u = x1 + x0
x2 ^= u<<9 | u>>(32-9)
u = x2 + x1
x3 ^= u<<13 | u>>(32-13)
u = x3 + x2
x0 ^= u<<18 | u>>(32-18)
u = x5 + x4
x6 ^= u<<7 | u>>(32-7)
u = x6 + x5
x7 ^= u<<9 | u>>(32-9)
u = x7 + x6
x4 ^= u<<13 | u>>(32-13)
u = x4 + x7
x5 ^= u<<18 | u>>(32-18)
u = x10 + x9
x11 ^= u<<7 | u>>(32-7)
u = x11 + x10
x8 ^= u<<9 | u>>(32-9)
u = x8 + x11
x9 ^= u<<13 | u>>(32-13)
u = x9 + x8
x10 ^= u<<18 | u>>(32-18)
u = x15 + x14
x12 ^= u<<7 | u>>(32-7)
u = x12 + x15
x13 ^= u<<9 | u>>(32-9)
u = x13 + x12
x14 ^= u<<13 | u>>(32-13)
u = x14 + x13
x15 ^= u<<18 | u>>(32-18)
}
x0 += w0
x1 += w1
x2 += w2
x3 += w3
x4 += w4
x5 += w5
x6 += w6
x7 += w7
x8 += w8
x9 += w9
x10 += w10
x11 += w11
x12 += w12
x13 += w13
x14 += w14
x15 += w15
out[0], tmp[0] = x0, x0
out[1], tmp[1] = x1, x1
out[2], tmp[2] = x2, x2
out[3], tmp[3] = x3, x3
out[4], tmp[4] = x4, x4
out[5], tmp[5] = x5, x5
out[6], tmp[6] = x6, x6
out[7], tmp[7] = x7, x7
out[8], tmp[8] = x8, x8
out[9], tmp[9] = x9, x9
out[10], tmp[10] = x10, x10
out[11], tmp[11] = x11, x11
out[12], tmp[12] = x12, x12
out[13], tmp[13] = x13, x13
out[14], tmp[14] = x14, x14
out[15], tmp[15] = x15, x15
}
func blockMix(tmp *[16]uint32, in, out []uint32, r int) {
blockCopy(tmp[:], in[(2*r-1)*16:], 16)
for i := 0; i < 2*r; i += 2 {
salsaXOR(tmp, in[i*16:], out[i*8:])
salsaXOR(tmp, in[i*16+16:], out[i*8+r*16:])
}
}
func integer(b []uint32, r int) uint64 {
j := (2*r - 1) * 16
return uint64(b[j]) | uint64(b[j+1])<<32
}
func smix(b []byte, r, N int, v, xy []uint32) {
var tmp [16]uint32
x := xy
y := xy[32*r:]
j := 0
for i := 0; i < 32*r; i++ {
x[i] = uint32(b[j]) | uint32(b[j+1])<<8 | uint32(b[j+2])<<16 | uint32(b[j+3])<<24
j += 4
}
for i := 0; i < N; i += 2 {
blockCopy(v[i*(32*r):], x, 32*r)
blockMix(&tmp, x, y, r)
blockCopy(v[(i+1)*(32*r):], y, 32*r)
blockMix(&tmp, y, x, r)
}
for i := 0; i < N; i += 2 {
j := int(integer(x, r) & uint64(N-1))
blockXOR(x, v[j*(32*r):], 32*r)
blockMix(&tmp, x, y, r)
j = int(integer(y, r) & uint64(N-1))
blockXOR(y, v[j*(32*r):], 32*r)
blockMix(&tmp, y, x, r)
}
j = 0
for _, v := range x[:32*r] {
b[j+0] = byte(v >> 0)
b[j+1] = byte(v >> 8)
b[j+2] = byte(v >> 16)
b[j+3] = byte(v >> 24)
j += 4
}
}
// Key derives a key from the password, salt, and cost parameters, returning
// a byte slice of length keyLen that can be used as cryptographic key.
//
// N is a CPU/memory cost parameter, which must be a power of two greater than 1.
// r and p must satisfy r * p < 2³⁰. If the parameters do not satisfy the
// limits, the function returns a nil byte slice and an error.
//
// For example, you can get a derived key for e.g. AES-256 (which needs a
// 32-byte key) by doing:
//
// dk := scrypt.Key([]byte("some password"), salt, 16384, 8, 1, 32)
//
// The recommended parameters for interactive logins as of 2009 are N=16384,
// r=8, p=1. They should be increased as memory latency and CPU parallelism
// increases. Remember to get a good random salt.
func Key(password, salt []byte, N, r, p, keyLen int) ([]byte, error) {
if N <= 1 || N&(N-1) != 0 {
return nil, errors.New("scrypt: N must be > 1 and a power of 2")
}
if uint64(r)*uint64(p) >= 1<<30 || r > maxInt/128/p || r > maxInt/256 || N > maxInt/128/r {
return nil, errors.New("scrypt: parameters are too large")
}
xy := make([]uint32, 64*r)
v := make([]uint32, 32*N*r)
b := pbkdf2.Key(password, salt, 1, p*128*r, sha256.New)
for i := 0; i < p; i++ {
smix(b[i*128*r:], r, N, v, xy)
}
return pbkdf2.Key(password, b, 1, keyLen, sha256.New), nil
}

160
vendor/golang.org/x/crypto/scrypt/scrypt_test.go generated vendored Normal file
View File

@@ -0,0 +1,160 @@
// Copyright 2012 The Go Authors. All rights reserved.
// Use of this source code is governed by a BSD-style
// license that can be found in the LICENSE file.
package scrypt
import (
"bytes"
"testing"
)
type testVector struct {
password string
salt string
N, r, p int
output []byte
}
var good = []testVector{
{
"password",
"salt",
2, 10, 10,
[]byte{
0x48, 0x2c, 0x85, 0x8e, 0x22, 0x90, 0x55, 0xe6, 0x2f,
0x41, 0xe0, 0xec, 0x81, 0x9a, 0x5e, 0xe1, 0x8b, 0xdb,
0x87, 0x25, 0x1a, 0x53, 0x4f, 0x75, 0xac, 0xd9, 0x5a,
0xc5, 0xe5, 0xa, 0xa1, 0x5f,
},
},
{
"password",
"salt",
16, 100, 100,
[]byte{
0x88, 0xbd, 0x5e, 0xdb, 0x52, 0xd1, 0xdd, 0x0, 0x18,
0x87, 0x72, 0xad, 0x36, 0x17, 0x12, 0x90, 0x22, 0x4e,
0x74, 0x82, 0x95, 0x25, 0xb1, 0x8d, 0x73, 0x23, 0xa5,
0x7f, 0x91, 0x96, 0x3c, 0x37,
},
},
{
"this is a long \000 password",
"and this is a long \000 salt",
16384, 8, 1,
[]byte{
0xc3, 0xf1, 0x82, 0xee, 0x2d, 0xec, 0x84, 0x6e, 0x70,
0xa6, 0x94, 0x2f, 0xb5, 0x29, 0x98, 0x5a, 0x3a, 0x09,
0x76, 0x5e, 0xf0, 0x4c, 0x61, 0x29, 0x23, 0xb1, 0x7f,
0x18, 0x55, 0x5a, 0x37, 0x07, 0x6d, 0xeb, 0x2b, 0x98,
0x30, 0xd6, 0x9d, 0xe5, 0x49, 0x26, 0x51, 0xe4, 0x50,
0x6a, 0xe5, 0x77, 0x6d, 0x96, 0xd4, 0x0f, 0x67, 0xaa,
0xee, 0x37, 0xe1, 0x77, 0x7b, 0x8a, 0xd5, 0xc3, 0x11,
0x14, 0x32, 0xbb, 0x3b, 0x6f, 0x7e, 0x12, 0x64, 0x40,
0x18, 0x79, 0xe6, 0x41, 0xae,
},
},
{
"p",
"s",
2, 1, 1,
[]byte{
0x48, 0xb0, 0xd2, 0xa8, 0xa3, 0x27, 0x26, 0x11, 0x98,
0x4c, 0x50, 0xeb, 0xd6, 0x30, 0xaf, 0x52,
},
},
{
"",
"",
16, 1, 1,
[]byte{
0x77, 0xd6, 0x57, 0x62, 0x38, 0x65, 0x7b, 0x20, 0x3b,
0x19, 0xca, 0x42, 0xc1, 0x8a, 0x04, 0x97, 0xf1, 0x6b,
0x48, 0x44, 0xe3, 0x07, 0x4a, 0xe8, 0xdf, 0xdf, 0xfa,
0x3f, 0xed, 0xe2, 0x14, 0x42, 0xfc, 0xd0, 0x06, 0x9d,
0xed, 0x09, 0x48, 0xf8, 0x32, 0x6a, 0x75, 0x3a, 0x0f,
0xc8, 0x1f, 0x17, 0xe8, 0xd3, 0xe0, 0xfb, 0x2e, 0x0d,
0x36, 0x28, 0xcf, 0x35, 0xe2, 0x0c, 0x38, 0xd1, 0x89,
0x06,
},
},
{
"password",
"NaCl",
1024, 8, 16,
[]byte{
0xfd, 0xba, 0xbe, 0x1c, 0x9d, 0x34, 0x72, 0x00, 0x78,
0x56, 0xe7, 0x19, 0x0d, 0x01, 0xe9, 0xfe, 0x7c, 0x6a,
0xd7, 0xcb, 0xc8, 0x23, 0x78, 0x30, 0xe7, 0x73, 0x76,
0x63, 0x4b, 0x37, 0x31, 0x62, 0x2e, 0xaf, 0x30, 0xd9,
0x2e, 0x22, 0xa3, 0x88, 0x6f, 0xf1, 0x09, 0x27, 0x9d,
0x98, 0x30, 0xda, 0xc7, 0x27, 0xaf, 0xb9, 0x4a, 0x83,
0xee, 0x6d, 0x83, 0x60, 0xcb, 0xdf, 0xa2, 0xcc, 0x06,
0x40,
},
},
{
"pleaseletmein", "SodiumChloride",
16384, 8, 1,
[]byte{
0x70, 0x23, 0xbd, 0xcb, 0x3a, 0xfd, 0x73, 0x48, 0x46,
0x1c, 0x06, 0xcd, 0x81, 0xfd, 0x38, 0xeb, 0xfd, 0xa8,
0xfb, 0xba, 0x90, 0x4f, 0x8e, 0x3e, 0xa9, 0xb5, 0x43,
0xf6, 0x54, 0x5d, 0xa1, 0xf2, 0xd5, 0x43, 0x29, 0x55,
0x61, 0x3f, 0x0f, 0xcf, 0x62, 0xd4, 0x97, 0x05, 0x24,
0x2a, 0x9a, 0xf9, 0xe6, 0x1e, 0x85, 0xdc, 0x0d, 0x65,
0x1e, 0x40, 0xdf, 0xcf, 0x01, 0x7b, 0x45, 0x57, 0x58,
0x87,
},
},
/*
// Disabled: needs 1 GiB RAM and takes too long for a simple test.
{
"pleaseletmein", "SodiumChloride",
1048576, 8, 1,
[]byte{
0x21, 0x01, 0xcb, 0x9b, 0x6a, 0x51, 0x1a, 0xae, 0xad,
0xdb, 0xbe, 0x09, 0xcf, 0x70, 0xf8, 0x81, 0xec, 0x56,
0x8d, 0x57, 0x4a, 0x2f, 0xfd, 0x4d, 0xab, 0xe5, 0xee,
0x98, 0x20, 0xad, 0xaa, 0x47, 0x8e, 0x56, 0xfd, 0x8f,
0x4b, 0xa5, 0xd0, 0x9f, 0xfa, 0x1c, 0x6d, 0x92, 0x7c,
0x40, 0xf4, 0xc3, 0x37, 0x30, 0x40, 0x49, 0xe8, 0xa9,
0x52, 0xfb, 0xcb, 0xf4, 0x5c, 0x6f, 0xa7, 0x7a, 0x41,
0xa4,
},
},
*/
}
var bad = []testVector{
{"p", "s", 0, 1, 1, nil}, // N == 0
{"p", "s", 1, 1, 1, nil}, // N == 1
{"p", "s", 7, 8, 1, nil}, // N is not power of 2
{"p", "s", 16, maxInt / 2, maxInt / 2, nil}, // p * r too large
}
func TestKey(t *testing.T) {
for i, v := range good {
k, err := Key([]byte(v.password), []byte(v.salt), v.N, v.r, v.p, len(v.output))
if err != nil {
t.Errorf("%d: got unexpected error: %s", i, err)
}
if !bytes.Equal(k, v.output) {
t.Errorf("%d: expected %x, got %x", i, v.output, k)
}
}
for i, v := range bad {
_, err := Key([]byte(v.password), []byte(v.salt), v.N, v.r, v.p, 32)
if err == nil {
t.Errorf("%d: expected error, got nil", i)
}
}
}
func BenchmarkKey(b *testing.B) {
for i := 0; i < b.N; i++ {
Key([]byte("password"), []byte("salt"), 16384, 8, 1, 64)
}
}

16
vendor/manifest vendored
View File

@@ -803,7 +803,7 @@
{
"importpath": "github.com/weaveworks/go-checkpoint",
"repository": "https://github.com/weaveworks/go-checkpoint",
"revision": "285991b3508f51033aa288a38d242b9ad26c5274",
"revision": "a235d5b1d2bd7be80fa52ff681f6d6baa933f635",
"branch": "master"
},
{
@@ -827,6 +827,20 @@
"branch": "master",
"path": "/curve25519"
},
{
"importpath": "golang.org/x/crypto/pbkdf2",
"repository": "https://go.googlesource.com/crypto",
"revision": "1f22c0103821b9390939b6776727195525381532",
"branch": "master",
"path": "/pbkdf2"
},
{
"importpath": "golang.org/x/crypto/scrypt",
"repository": "https://go.googlesource.com/crypto",
"revision": "1f22c0103821b9390939b6776727195525381532",
"branch": "master",
"path": "/scrypt"
},
{
"importpath": "golang.org/x/crypto/ssh",
"repository": "https://go.googlesource.com/crypto",