chore: update to go1.19

2022-08-09 17:36:08 +02:00 · 2022-08-09 17:36:08 +02:00 · 45453b20fa
commit 45453b20fa
parent 40d2421db9
61 changed files with 519 additions and 493 deletions
--- a/pkg/middlewares/compress/compress_test.go
+++ b/pkg/middlewares/compress/compress_test.go
@ -401,7 +401,7 @@ func BenchmarkCompress(b *testing.B) {
 			})
 			handler, _ := New(context.Background(), next, dynamic.Compress{}, "testing")

-			req, _ := http.NewRequest("GET", "/whatever", nil)
+			req, _ := http.NewRequest(http.MethodGet, "/whatever", nil)
 			req.Header.Set("Accept-Encoding", "gzip")

 			b.ReportAllocs()
--- a/pkg/middlewares/retry/retry_test.go
+++ b/pkg/middlewares/retry/retry_test.go
@ -222,7 +222,7 @@ func (l *countingRetryListener) Retried(req *http.Request, attempt int) {

 func TestRetryWithFlush(t *testing.T) {
 	next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
-		rw.WriteHeader(200)
+		rw.WriteHeader(http.StatusOK)
 		_, err := rw.Write([]byte("FULL "))
 		if err != nil {
 			http.Error(rw, err.Error(), http.StatusInternalServerError)
--- a/pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml
+++ b/pkg/provider/kubernetes/crd/fixtures/tcp/with_tls_options.yml
@ -35,7 +35,6 @@ spec:
      - secret-ca1
      - secret-ca2
    clientAuthType: VerifyClientCertIfGiven
-  preferServerCipherSuites: true
 ---
 apiVersion: v1
 kind: Secret
--- a/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml
+++ b/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options.yml
@ -35,7 +35,6 @@ spec:
      - secret-ca-default1
      - secret-ca-default2
    clientAuthType: VerifyClientCertIfGiven
-  preferServerCipherSuites: true

 ---
 apiVersion: traefik.containo.us/v1alpha1
--- a/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml
+++ b/pkg/provider/kubernetes/crd/fixtures/with_default_tls_options_default_namespace.yml
@ -35,7 +35,6 @@ spec:
      - secret-ca1
      - secret-ca2
    clientAuthType: VerifyClientCertIfGiven
-  preferServerCipherSuites: true

 ---
 apiVersion: traefik.containo.us/v1alpha1
--- a/pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml
+++ b/pkg/provider/kubernetes/crd/fixtures/with_tls_options.yml
@ -35,7 +35,6 @@ spec:
      - secret-ca1
      - secret-ca2
    clientAuthType: VerifyClientCertIfGiven
-  preferServerCipherSuites: true

 ---
 apiVersion: traefik.containo.us/v1alpha1
--- a/pkg/provider/kubernetes/crd/kubernetes.go
+++ b/pkg/provider/kubernetes/crd/kubernetes.go
@ -821,9 +821,8 @@ func buildTLSOptions(ctx context.Context, client Client) map[string]tls.Options
 				CAFiles:        clientCAs,
 				ClientAuthType: tlsOption.Spec.ClientAuth.ClientAuthType,
 			},
-			SniStrict:                tlsOption.Spec.SniStrict,
-			PreferServerCipherSuites: tlsOption.Spec.PreferServerCipherSuites,
-			ALPNProtocols:            alpnProtocols,
+			SniStrict:     tlsOption.Spec.SniStrict,
+			ALPNProtocols: alpnProtocols,
 		}
 	}

--- a/pkg/provider/kubernetes/crd/kubernetes_test.go
+++ b/pkg/provider/kubernetes/crd/kubernetes_test.go
@ -666,8 +666,7 @@ func TestLoadIngressRouteTCPs(t *testing.T) {
 								},
 								ClientAuthType: "VerifyClientCertIfGiven",
 							},
-							SniStrict:                true,
-							PreferServerCipherSuites: true,
+							SniStrict: true,
 							ALPNProtocols: []string{
 								"h2",
 								"http/1.1",
@ -2748,8 +2747,7 @@ func TestLoadIngressRoutes(t *testing.T) {
 								},
 								ClientAuthType: "VerifyClientCertIfGiven",
 							},
-							SniStrict:                true,
-							PreferServerCipherSuites: true,
+							SniStrict: true,
 							ALPNProtocols: []string{
 								"h2",
 								"http/1.1",
@ -2862,8 +2860,7 @@ func TestLoadIngressRoutes(t *testing.T) {
 								},
 								ClientAuthType: "VerifyClientCertIfGiven",
 							},
-							SniStrict:                true,
-							PreferServerCipherSuites: true,
+							SniStrict: true,
 							ALPNProtocols: []string{
 								"h2",
 								"http/1.1",
--- a/pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go
+++ b/pkg/provider/kubernetes/crd/traefik/v1alpha1/tlsoption.go
@ -42,7 +42,8 @@ type TLSOptionSpec struct {
 	// SniStrict defines whether Traefik allows connections from clients connections that do not specify a server_name extension.
 	SniStrict bool `json:"sniStrict,omitempty"`
 	// PreferServerCipherSuites defines whether the server chooses a cipher suite among his own instead of among the client's.
-	// It is enabled automatically when minVersion or maxVersion are set.
+	// It is enabled automatically when minVersion or maxVersion is set.
+	// Deprecated: https://github.com/golang/go/issues/45430
 	PreferServerCipherSuites bool `json:"preferServerCipherSuites,omitempty"`
 	// ALPNProtocols defines the list of supported application level protocols for the TLS handshake, in order of preference.
 	// More info: https://doc.traefik.io/traefik/v2.8/https/tls/#alpn-protocols
--- a/pkg/redactor/redactor_config_test.go
+++ b/pkg/redactor/redactor_config_test.go
@ -442,8 +442,7 @@ func init() {
 					CAFiles:        []traefiktls.FileOrContent{"ca.pem"},
 					ClientAuthType: "RequireAndVerifyClientCert",
 				},
-				SniStrict:                true,
-				PreferServerCipherSuites: true,
+				SniStrict: true,
 			},
 		},
 		Certificates: []*traefiktls.CertAndStores{
--- a/pkg/redactor/testdata/anonymized-dynamic-config.json
+++ b/pkg/redactor/testdata/anonymized-dynamic-config.json
@ -463,8 +463,7 @@
          "foo"
        ],
        "clientAuth": {},
-        "sniStrict": true,
-        "preferServerCipherSuites": true
+        "sniStrict": true
      }
    },
    "stores": {
--- a/pkg/redactor/testdata/secured-dynamic-config.json
+++ b/pkg/redactor/testdata/secured-dynamic-config.json
@ -471,8 +471,7 @@
          ],
          "clientAuthType": "RequireAndVerifyClientCert"
        },
-        "sniStrict": true,
-        "preferServerCipherSuites": true
+        "sniStrict": true
      }
    },
    "stores": {
@ -484,4 +483,4 @@
      }
    }
  }
-}
+}
--- a/pkg/rules/parser.go
+++ b/pkg/rules/parser.go
@ -5,6 +5,8 @@ import (
 	"strings"

 	"github.com/vulcand/predicate"
+	"golang.org/x/text/cases"
+	"golang.org/x/text/language"
 )

 const (
@ -41,7 +43,7 @@ func NewParser(matchers []string) (predicate.Parser, error) {
 		parserFuncs[matcherName] = fn
 		parserFuncs[strings.ToLower(matcherName)] = fn
 		parserFuncs[strings.ToUpper(matcherName)] = fn
-		parserFuncs[strings.Title(strings.ToLower(matcherName))] = fn
+		parserFuncs[cases.Title(language.Und).String(strings.ToLower(matcherName))] = fn
 	}

 	return predicate.NewParser(predicate.Def{
--- a/pkg/server/router/router_test.go
+++ b/pkg/server/router/router_test.go
@ -827,7 +827,7 @@ func BenchmarkRouterServe(b *testing.B) {
 	b.Cleanup(func() { server.Close() })

 	res := &http.Response{
-		StatusCode: 200,
+		StatusCode: http.StatusOK,
 		Body:       io.NopCloser(strings.NewReader("")),
 	}

@ -879,7 +879,7 @@ func BenchmarkRouterServe(b *testing.B) {

 func BenchmarkService(b *testing.B) {
 	res := &http.Response{
-		StatusCode: 200,
+		StatusCode: http.StatusOK,
 		Body:       io.NopCloser(strings.NewReader("")),
 	}

--- a/pkg/server/router/tcp/router_test.go
+++ b/pkg/server/router/tcp/router_test.go
@ -9,6 +9,7 @@ import (
 	"io"
 	"net"
 	"net/http"
+	"net/url"
 	"strings"
 	"testing"
 	"time"
@ -109,8 +110,13 @@ func Test_Routing(t *testing.T) {
 		for {
 			conn, err := tcpBackendListener.Accept()
 			if err != nil {
-				var netErr net.Error
-				if errors.As(err, &netErr) && netErr.Temporary() {
+				var opErr *net.OpError
+				if errors.As(err, &opErr) && opErr.Temporary() {
+					continue
+				}
+
+				var urlErr *url.Error
+				if errors.As(err, &urlErr) && urlErr.Temporary() {
 					continue
 				}

--- a/pkg/server/server_entrypoint_tcp.go
+++ b/pkg/server/server_entrypoint_tcp.go
@ -7,6 +7,7 @@ import (
 	stdlog "log"
 	"net"
 	"net/http"
+	"net/url"
 	"os"
 	"strings"
 	"sync"
@ -195,8 +196,13 @@ func (e *TCPEntryPoint) Start(ctx context.Context) {
 		if err != nil {
 			logger.Error(err)

-			var netErr net.Error
-			if errors.As(err, &netErr) && netErr.Temporary() {
+			var opErr *net.OpError
+			if errors.As(err, &opErr) && opErr.Temporary() {
+				continue
+			}
+
+			var urlErr *url.Error
+			if errors.As(err, &urlErr) && urlErr.Temporary() {
 				continue
 			}

--- a/pkg/server/server_entrypoint_tcp_http3.go
+++ b/pkg/server/server_entrypoint_tcp_http3.go
@ -8,7 +8,6 @@ import (
 	"net"
 	"net/http"
 	"sync"
-	"time"

 	"github.com/lucas-clemente/quic-go/http3"
 	"github.com/traefik/traefik/v2/pkg/config/static"
@ -47,24 +46,17 @@ func newHTTP3Server(ctx context.Context, configuration *static.EntryPoint, https
 	}

 	h3.Server = &http3.Server{
-		Port: configuration.HTTP3.AdvertisedPort,
-		Server: &http.Server{
-			Addr:         configuration.GetAddress(),
-			Handler:      httpsServer.Server.(*http.Server).Handler,
-			ErrorLog:     httpServerLogger,
-			ReadTimeout:  time.Duration(configuration.Transport.RespondingTimeouts.ReadTimeout),
-			WriteTimeout: time.Duration(configuration.Transport.RespondingTimeouts.WriteTimeout),
-			IdleTimeout:  time.Duration(configuration.Transport.RespondingTimeouts.IdleTimeout),
-			TLSConfig:    &tls.Config{GetConfigForClient: h3.getGetConfigForClient},
-		},
+		Addr:      configuration.GetAddress(),
+		Port:      configuration.HTTP3.AdvertisedPort,
+		Handler:   httpsServer.Server.(*http.Server).Handler,
+		TLSConfig: &tls.Config{GetConfigForClient: h3.getGetConfigForClient},
 	}

 	previousHandler := httpsServer.Server.(*http.Server).Handler

 	httpsServer.Server.(*http.Server).Handler = http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
-		err := h3.Server.SetQuicHeaders(rw.Header())
-		if err != nil {
-			log.FromContext(ctx).Errorf("failed to set HTTP3 headers: %v", err)
+		if err := h3.Server.SetQuicHeaders(rw.Header()); err != nil {
+			log.FromContext(ctx).Errorf("Failed to set HTTP3 headers: %v", err)
 		}

 		previousHandler.ServeHTTP(rw, req)
@ -90,3 +82,8 @@ func (e *http3server) getGetConfigForClient(info *tls.ClientHelloInfo) (*tls.Con

 	return e.getter(info)
 }
+
+func (e *http3server) Shutdown(_ context.Context) error {
+	// TODO: use e.Server.CloseGracefully() when available.
+	return e.Server.Close()
+}
--- a/pkg/server/service/proxy_test.go
+++ b/pkg/server/service/proxy_test.go
@ -20,7 +20,7 @@ func (t *staticTransport) RoundTrip(r *http.Request) (*http.Response, error) {

 func BenchmarkProxy(b *testing.B) {
 	res := &http.Response{
-		StatusCode: 200,
+		StatusCode: http.StatusOK,
 		Body:       io.NopCloser(strings.NewReader("")),
 	}

--- a/pkg/server/service/proxy_websocket_test.go
+++ b/pkg/server/service/proxy_websocket_test.go
@ -456,7 +456,7 @@ func TestWebSocketUpgradeFailed(t *testing.T) {

 	mux := http.NewServeMux()
 	mux.HandleFunc("/ws", func(w http.ResponseWriter, req *http.Request) {
-		w.WriteHeader(400)
+		w.WriteHeader(http.StatusBadRequest)
 	})
 	srv := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
 		mux.ServeHTTP(w, req)
@ -472,7 +472,7 @@ func TestWebSocketUpgradeFailed(t *testing.T) {
 			req.URL.Path = path
 			f.ServeHTTP(w, req)
 		} else {
-			w.WriteHeader(200)
+			w.WriteHeader(http.StatusOK)
 		}
 	}))
 	defer proxy.Close()
--- a/pkg/tls/tls.go
+++ b/pkg/tls/tls.go
@ -22,7 +22,7 @@ type Options struct {
 	CurvePreferences         []string   `json:"curvePreferences,omitempty" toml:"curvePreferences,omitempty" yaml:"curvePreferences,omitempty" export:"true"`
 	ClientAuth               ClientAuth `json:"clientAuth,omitempty" toml:"clientAuth,omitempty" yaml:"clientAuth,omitempty"`
 	SniStrict                bool       `json:"sniStrict,omitempty" toml:"sniStrict,omitempty" yaml:"sniStrict,omitempty" export:"true"`
-	PreferServerCipherSuites bool       `json:"preferServerCipherSuites,omitempty" toml:"preferServerCipherSuites,omitempty" yaml:"preferServerCipherSuites,omitempty" export:"true"`
+	PreferServerCipherSuites bool       `json:"preferServerCipherSuites,omitempty" toml:"preferServerCipherSuites,omitempty" yaml:"preferServerCipherSuites,omitempty" export:"true"` // Deprecated: https://github.com/golang/go/issues/45430
 	ALPNProtocols            []string   `json:"alpnProtocols,omitempty" toml:"alpnProtocols,omitempty" yaml:"alpnProtocols,omitempty" export:"true"`
 }

--- a/pkg/tls/tlsmanager.go
+++ b/pkg/tls/tlsmanager.go
@ -299,18 +299,13 @@ func buildTLSConfig(tlsOption Options) (*tls.Config, error) {
 		}
 	}

-	// Set PreferServerCipherSuites.
-	conf.PreferServerCipherSuites = tlsOption.PreferServerCipherSuites
-
 	// Set the minimum TLS version if set in the config
 	if minConst, exists := MinVersion[tlsOption.MinVersion]; exists {
-		conf.PreferServerCipherSuites = true
 		conf.MinVersion = minConst
 	}

 	// Set the maximum TLS version if set in the config TOML
 	if maxConst, exists := MaxVersion[tlsOption.MaxVersion]; exists {
-		conf.PreferServerCipherSuites = true
 		conf.MaxVersion = maxConst
 	}