transport.

Sending the msgNewKeys packet and setting up the key material
now happen under a lock, preventing races with concurrent
writers.

R=kardianos, agl, jpsugar, hanwenn
CC=golang-dev
https://codereview.appspot.com/14476043

Committer: Adam Langley <agl@golang.org>

Adds readPacket() to conn, and renames conn to packetConn.
Key exchanges operate on packetConn, so they can be
unittested.

R=agl, jpsugar, dave
CC=golang-dev
https://codereview.appspot.com/13352055

Committer: Adam Langley <agl@golang.org>

Public functions affected:
-AgentKey.Key
-AgentClient.SignRequest
-ClientKeyring.Key
-MarshalPublicKey
-ParsePublicKey

R=agl, jpsugar, jmpittman
CC=golang-dev
https://codereview.appspot.com/13642043

Committer: Adam Langley <agl@golang.org>

R=agl, dave, hanwen
CC=ekg, golang-dev
https://codereview.appspot.com/13528044

Committer: Adam Langley <agl@golang.org>

Implement elliptic-curve Diffie-Hellman, including host key signature
verification.

Moves host key cryptographic verification to ClientConn.handshake(), so
RSA host keys are also verified.

Fixes issue 6158.

R=dave, agl
CC=golang-dev
https://codereview.appspot.com/13021045

Committer: Adam Langley <agl@golang.org>

R=agl, golang-dev, dave
CC=golang-dev
https://codereview.appspot.com/13176044

Committer: Adam Langley <agl@golang.org>

OpenSSH 5.

Tested with OpenSSH_5.9

R=agl, dave
CC=golang-dev
https://codereview.appspot.com/11921043

Committer: Adam Langley <agl@golang.org>

Close both on closing the listener, and on closing the
connection. Test the former case.

R=dave
CC=golang-dev
https://codereview.appspot.com/11349043

Committer: Dave Cheney <dave@cheney.net>

R=dave, agl
CC=gobot, golang-dev
https://codereview.appspot.com/9922043

Committer: Adam Langley <agl@golang.org>

Set maxPacket in forwarded connection, and use the requested port
number as key in forwardList.

R=golang-dev, agl, dave
CC=golang-dev
https://codereview.appspot.com/9753044

Committer: Dave Cheney <dave@cheney.net>

R=dave, kardianos, agl
CC=gobot, golang-dev
https://codereview.appspot.com/9738053

Committer: Adam Langley <agl@golang.org>

R=golang-dev, kardianos, dave
CC=golang-dev
https://codereview.appspot.com/8596047

Fixes issue 4552.

R=minux.ma, agl
CC=golang-dev
https://codereview.appspot.com/6948059

Committer: Adam Langley <agl@golang.org>

gofmt got better at removing trailing whitespace.

R=golang-dev, rsc
CC=golang-dev
https://codereview.appspot.com/6929044

Fixes issue 4102.

R=russross, minux.ma, rsc, agl
CC=golang-dev
http://codereview.appspot.com/6623053

Fixes issue 3810.

Fixes chanWriter Write after close behaviour bug.

Fixes serverChan writePacket after close bug.

Addresses final comments by agl on 6405064, plus various cleanups.

R=agl, kardianos, gustav.paul, fullung
CC=golang-dev
http://codereview.appspot.com/6479056

Fixes issue 3810.

This change introduces an atomic boolean to guard the close
of the clientChan. Previously the client code was quite
lax with the ordering of the close messages and could allow
window adjustment or EOF messages to leak after Close had
been signaled.

Consolidating the changes to the serverChan will be handled
in a following CL.

R=agl, kardianos, gustav.paul
CC=golang-dev
http://codereview.appspot.com/6405064

This CL scratches an itch by moving the remaining channel related code
into channel.go.

R=agl
CC=golang-dev
http://codereview.appspot.com/6454126

RFC 4254 s5.2 is clear that a client must never send a data
packet larger than the value of maximum packet supplied by the
remote side during channel setup. The client was not honoring
this value, in fact it wasn't even recording it.

Thanks to Albert Strasheim for the bug report.

R=agl, fullung
CC=golang-dev
http://codereview.appspot.com/6448128

A small cleanup.

R=agl, gustav.paul
CC=golang-dev
http://codereview.appspot.com/6406043

This proposal removes the use of recover() to catch
invalid channel ids sent from the remote side. The
recover() unfortuntaly makes debugging harder as it
obscures other panic causes.

Another source of panic()s exists inside marshal.go,
which will be handled with in a later CL.

R=agl, gustav.paul
CC=golang-dev
http://codereview.appspot.com/6404046

R=agl, gustav.paul, kardianos
CC=golang-dev
http://codereview.appspot.com/6207051

R=agl, gustav.paul, kardianos
CC=golang-dev
http://codereview.appspot.com/6208043

This CL introduces a new struct, channel to hold common shared
functions.

* add a new channel struct, which is embeded in {client,server}Chan.
* move common methods from {client,server}Chan into channel.
* remove unneeded used of serverConn.lock in serverChan
 (transport.writePacket has its own mutex).
* remove filteredConn, introduce conn.

R=agl, gustav.paul
CC=golang-dev
http://codereview.appspot.com/6128059

This CL is in preparation for 6128059.

* rename channel -> serverChan
* rename chanlist -> chanList
* normalise theirId/MyId/id/peersId -> localId/remoteId

R=agl
CC=golang-dev
http://codereview.appspot.com/6174046

This was my mistake. I should have checked godoc before
submitting the previous CL.

R=agl
CC=golang-dev
http://codereview.appspot.com/6140051

* Add support for RFC4254 section 4 global requests.
* Improve clientConn.Listen to process responses properly.

R=agl, gustav.paul
CC=golang-dev
http://codereview.appspot.com/6130050

Add support for server (remote) forwarded tcpip channels.
See RFC4254 Section 7.1

R=gustav.paul, jeff, agl, lieqiewang
CC=golang-dev
http://codereview.appspot.com/6038047

This change prevents bad servers from crashing a client by sending an
invalid channel ID. It also makes the client disconnect in more cases
of invalid messages from a server and cleans up the client channels
in the event of a disconnect.

R=dave
CC=golang-dev
http://codereview.appspot.com/6099050

These are the cosmetic cleanups from the bits of code that I
rereviewed.

1) stringLength now takes a int; the length of the string. Too many
   callers were allocating with stringLength([]byte(s)) and
   stringLength only needs to call len().

2) agent.go now has sendAndReceive to remove logic that was
   duplicated.

3) We now reject negative DH values

4) We now reject empty packets rather than crashing.

R=dave, jonathan.mark.pittman
CC=golang-dev
http://codereview.appspot.com/6061052

Fixes issue 3479.

Using a channel to model window size was a mistake. Unlike stdin and
stdout, which are streams of data, window size is an variable and
should be modeled as such.

R=golang-dev, agl, gustav.paul, kardianos, dvyukov
CC=golang-dev
http://codereview.appspot.com/5986053

Fixes issue 2903.

R=golang-dev
CC=agl, golang-dev
http://codereview.appspot.com/5755054

Committer: Adam Langley <agl@golang.org>

Also, add support for hmac-sha1.

At the suggestion of AGL hmac-md5, and hmac-md5-96
support was not included.

Fixes issue 3095.

R=golang-dev, agl, huin
CC=golang-dev
http://codereview.appspot.com/5696065

Committer: Adam Langley <agl@golang.org>

Manual edits to README.
Moved from main Go repository, deleted Makefiles, ran gofix -r go1rename.

Tested with: go test code.google.com/p/go.crypto/...

R=golang-dev, bradfitz
CC=golang-dev
http://codereview.appspot.com/5564059