Cypherpunks repositories - gostls13.git/commit

author	Russ Cox <rsc@golang.org>
	Tue, 26 Feb 2019 05:16:07 +0000 (00:16 -0500)
committer	Russ Cox <rsc@golang.org>
	Thu, 7 Mar 2019 01:45:06 +0000 (01:45 +0000)
commit	fe954ea1e28f8ece95ce00d51312ac095071b2d8
tree	f955093fbfb88a396184f61ea8718da7390a45ef	tree
parent	a6436a5655f56bb904871fece7db43a3ad3bf415	commit \| diff

cmd/go: add notary simulation and GONOVERIFY support

As an experiment to better understand the impact of
having an authoritative source of truth for module hashes
before the real notary is available, this CL adds the basic
notary authorization checks using a partial whitelist of
known go.sum values for popular modules.

In addition to the temporary whitelist, this CL adds code
implementing $GONOVERIFY, a new 'go help modules-auth',
and clearer error messages for verification mismatches.

See #25530 for notary proposal.
Filed #30601 to remove whitelist when notary lands.

Change-Id: Ibcb6ac39c5e60455edf003d8c20af6932aeb7e88
Reviewed-on: https://go-review.googlesource.com/c/go/+/165380
Reviewed-by: Bryan C. Mills <bcmills@google.com>

src/cmd/go/alldocs.go		diff \| blob \| history
src/cmd/go/internal/modfetch/fetch.go		diff \| blob \| history
src/cmd/go/internal/modfetch/notary.go	[new file with mode: 0644]	blob
src/cmd/go/internal/modfetch/notary_test.go	[new file with mode: 0644]	blob
src/cmd/go/internal/modfetch/pin.go	[new file with mode: 0644]	blob
src/cmd/go/internal/modload/help.go		diff \| blob \| history
src/cmd/go/main.go		diff \| blob \| history
src/cmd/go/script_test.go		diff \| blob \| history
src/cmd/go/testdata/mod/rsc.io_badsum_v1.0.0.txt	[new file with mode: 0644]	blob
src/cmd/go/testdata/mod/rsc.io_badsum_v1.0.1.txt	[new file with mode: 0644]	blob
src/cmd/go/testdata/script/mod_notary.txt	[new file with mode: 0644]	blob