diff --git a/.github/workflows/code-coverage.yml b/.github/workflows/code-coverage.yml index 12f9369fd..3a5f1ed5c 100644 --- a/.github/workflows/code-coverage.yml +++ b/.github/workflows/code-coverage.yml @@ -336,11 +336,11 @@ jobs: - name: 'CLI : Mount all with secure config' timeout-minutes: 2 - run: "./cloudfuse.test unmount all\ncp ${{ env.cloudfuse_CFG }} /tmp/configMountall.yaml\necho \"mountall:\" >> /tmp/configMountall.yaml\necho \" container-allowlist:\" >> /tmp/configMountall.yaml\necho \" - abcd\" >> /tmp/configMountall.yaml\ncat /tmp/configMountall.yaml\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt_all.cov secure encrypt --config-file=/tmp/configMountall.yaml --output-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 \nif [ $? -ne 0 ]; then\n exit 1\nfi\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_all_cmd_secure.cov mount all ${{ env.MOUNT_DIR }} --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 --log-level=log_debug --foreground=true &\nif [ $? -ne 0 ]; then\n exit 1\nfi\n\nsleep 5\n./cloudfuse.test unmount all" + run: "./cloudfuse.test unmount all\ncp ${{ env.cloudfuse_CFG }} /tmp/configMountall.yaml\necho \"mountall:\" >> /tmp/configMountall.yaml\necho \" container-allowlist:\" >> /tmp/configMountall.yaml\necho \" - abcd\" >> /tmp/configMountall.yaml\ncat /tmp/configMountall.yaml\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt_all.cov secure encrypt --config-file=/tmp/configMountall.yaml --output-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= \nif [ $? -ne 0 ]; then\n exit 1\nfi\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_all_cmd_secure.cov mount all ${{ env.MOUNT_DIR }} --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= --log-level=log_debug --foreground=true &\nif [ $? -ne 0 ]; then\n exit 1\nfi\n\nsleep 5\n./cloudfuse.test unmount all" - name: 'CLI : Mount all with secure config 2' timeout-minutes: 2 - run: "./cloudfuse.test unmount all\ncp ${{ env.cloudfuse_CFG }} /tmp/configMountall.yaml\necho \"mountall:\" >> /tmp/configMountall.yaml\necho \" container-denylist:\" >> /tmp/configMountall.yaml\necho \" - abcd\" >> /tmp/configMountall.yaml\ncat /tmp/configMountall.yaml\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt_all2.cov secure encrypt --config-file=/tmp/configMountall.yaml --output-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 \nif [ $? -ne 0 ]; then\n exit 1\nfi\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_all_cmd_secure2.cov mount all ${{ env.MOUNT_DIR }} --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 --log-level=log_debug --foreground=true &\nif [ $? -ne 0 ]; then\n exit 1\nfi\n\nsleep 5\n./cloudfuse.test unmount all" + run: "./cloudfuse.test unmount all\ncp ${{ env.cloudfuse_CFG }} /tmp/configMountall.yaml\necho \"mountall:\" >> /tmp/configMountall.yaml\necho \" container-denylist:\" >> /tmp/configMountall.yaml\necho \" - abcd\" >> /tmp/configMountall.yaml\ncat /tmp/configMountall.yaml\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt_all2.cov secure encrypt --config-file=/tmp/configMountall.yaml --output-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= \nif [ $? -ne 0 ]; then\n exit 1\nfi\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_all_cmd_secure2.cov mount all ${{ env.MOUNT_DIR }} --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= --log-level=log_debug --foreground=true &\nif [ $? -ne 0 ]; then\n exit 1\nfi\n\nsleep 5\n./cloudfuse.test unmount all" - name: 'CLI : Remount test' timeout-minutes: 2 @@ -406,7 +406,7 @@ jobs: ACCOUNT_ENDPOINT: https://${{ secrets.NIGHTLY_STO_BLOB_ACC_NAME }}.blob.core.windows.net VERBOSE_LOG: false USE_HTTP: false - run: "set +x\nrm -rf ${{ env.MOUNT_DIR }}/*\nrm -rf ${{ env.TEMP_DIR }}/*\n./cloudfuse.test unmount all\n./cloudfuse.test gen-test-config --config-file=azure_key.yaml --container-name=${{ matrix.containerName }} --temp-path=${{ env.TEMP_DIR }} --output-file=${{ env.cloudfuse_CFG }}\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt.cov secure encrypt --config-file=${{ env.cloudfuse_CFG }} --output-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 \nif [ $? -ne 0 ]; then\n exit 1\nfi\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_secure.cov mount ${{ env.MOUNT_DIR }} --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 &\nsleep 10\nps -aux | grep cloudfuse\nrm -rf ${{ env.MOUNT_DIR }}/*\ncd test/e2e_tests\ngo test -v -timeout=7200s ./... -args -mnt-path=${{ env.MOUNT_DIR }} -adls=false -tmp-path=${{ env.TEMP_DIR }}\ncd -\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_set.cov secure set --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 --key=logging.level --value=log_debug\n./cloudfuse.test unmount all\nsleep 5" + run: "set +x\nrm -rf ${{ env.MOUNT_DIR }}/*\nrm -rf ${{ env.TEMP_DIR }}/*\n./cloudfuse.test unmount all\n./cloudfuse.test gen-test-config --config-file=azure_key.yaml --container-name=${{ matrix.containerName }} --temp-path=${{ env.TEMP_DIR }} --output-file=${{ env.cloudfuse_CFG }}\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt.cov secure encrypt --config-file=${{ env.cloudfuse_CFG }} --output-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= \nif [ $? -ne 0 ]; then\n exit 1\nfi\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_secure.cov mount ${{ env.MOUNT_DIR }} --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= &\nsleep 10\nps -aux | grep cloudfuse\nrm -rf ${{ env.MOUNT_DIR }}/*\ncd test/e2e_tests\ngo test -v -timeout=7200s ./... -args -mnt-path=${{ env.MOUNT_DIR }} -adls=false -tmp-path=${{ env.TEMP_DIR }}\ncd -\n\n./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_set.cov secure set --config-file=${{ runner.workspace }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= --key=logging.level --value=log_debug\n./cloudfuse.test unmount all\nsleep 5" - name: 'CLI : Health monitor stop pid' shell: bash {0} @@ -929,18 +929,18 @@ jobs: rm -rf ${{ env.TEMP_DIR }}/* ./cloudfuse.test unmount all ./cloudfuse.test gen-test-config --config-file=azure_key.yaml --container-name=${{ matrix.containerName }} --temp-path=${{ env.TEMP_DIR }} --output-file=${{ env.cloudfuse_CFG }} - ./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt.cov secure encrypt --config-file=${{ env.cloudfuse_CFG }} --output-file=${{ env.WORK_DIR }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 + ./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_encrypt.cov secure encrypt --config-file=${{ env.cloudfuse_CFG }} --output-file=${{ env.WORK_DIR }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= if [ $? -ne 0 ]; then exit 1 fi - # ./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_secure.cov mount ${{ env.MOUNT_DIR }} --config-file=${{ env.WORK_DIR }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 --foreground=true & + # ./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/mount_secure.cov mount ${{ env.MOUNT_DIR }} --config-file=${{ env.WORK_DIR }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= --foreground=true & # sleep 10 # pid=`ps -a | grep cloudfuse | tr -s ' ' | cut -d ' ' -f2` # rm -rf ${{ env.MOUNT_DIR }}/* # cd test/e2e_tests # go test -v -timeout=7200s ./... -args -mnt-path=${{ env.MOUNT_DIR }} -adls=false -tmp-path=${{ env.TEMP_DIR }} # cd - - # ./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_set.cov secure set --config-file=${{ env.WORK_DIR }}/cloudfuse.azsec --passphrase=12312312312312312312312312312312 --key=logging.level --value=log_debug + # ./cloudfuse.test -test.v -test.coverprofile=${{ env.WORK_DIR }}/secure_set.cov secure set --config-file=${{ env.WORK_DIR }}/cloudfuse.azsec --passphrase=MTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTIzMTI= --key=logging.level --value=log_debug # kill $pid # sleep 5 diff --git a/NOTICE b/NOTICE index 2530d68d1..764397caf 100644 --- a/NOTICE +++ b/NOTICE @@ -21,10 +21,9 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2 +>>> github.com/awnumar/memcall ============================================================================== - Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ @@ -205,7 +204,7 @@ APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" + boilerplate notice, with the fields enclosed by brackets "{}" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a @@ -213,7 +212,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] + Copyright {yyyy} {name of copyright owner} Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -233,10 +232,9 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream +>>> github.com/awnumar/memguard ============================================================================== - Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ @@ -417,7 +415,7 @@ APPENDIX: How to apply the Apache License to your work. To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" + boilerplate notice, with the fields enclosed by brackets "{}" replaced with your own identifying information. (Don't include the brackets!) The text should be enclosed in the appropriate comment syntax for the file format. We also recommend that a @@ -425,7 +423,7 @@ same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] + Copyright {yyyy} {name of copyright owner} Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -445,7 +443,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/config +>>> github.com/aws/aws-sdk-go-v2 ============================================================================== @@ -657,7 +655,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/credentials +>>> github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream ============================================================================== @@ -869,7 +867,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/feature/ec2/imds +>>> github.com/aws/aws-sdk-go-v2/config ============================================================================== @@ -1081,7 +1079,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/feature/s3/manager +>>> github.com/aws/aws-sdk-go-v2/credentials ============================================================================== @@ -1293,7 +1291,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/internal/configsources +>>> github.com/aws/aws-sdk-go-v2/feature/ec2/imds ============================================================================== @@ -1505,7 +1503,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 +>>> github.com/aws/aws-sdk-go-v2/feature/s3/manager ============================================================================== @@ -1717,7 +1715,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/internal/ini +>>> github.com/aws/aws-sdk-go-v2/internal/configsources ============================================================================== @@ -1929,7 +1927,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/internal/v4a +>>> github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 ============================================================================== @@ -2141,7 +2139,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding +>>> github.com/aws/aws-sdk-go-v2/internal/ini ============================================================================== @@ -2353,7 +2351,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/internal/checksum +>>> github.com/aws/aws-sdk-go-v2/internal/v4a ============================================================================== @@ -2565,7 +2563,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/internal/presigned-url +>>> github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding ============================================================================== @@ -2777,7 +2775,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/internal/s3shared +>>> github.com/aws/aws-sdk-go-v2/service/internal/checksum ============================================================================== @@ -2989,7 +2987,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/s3 +>>> github.com/aws/aws-sdk-go-v2/service/internal/presigned-url ============================================================================== @@ -3201,7 +3199,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/sso +>>> github.com/aws/aws-sdk-go-v2/service/internal/s3shared ============================================================================== @@ -3413,7 +3411,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/ssooidc +>>> github.com/aws/aws-sdk-go-v2/service/s3 ============================================================================== @@ -3625,7 +3623,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/aws-sdk-go-v2/service/sts +>>> github.com/aws/aws-sdk-go-v2/service/sso ============================================================================== @@ -3837,7 +3835,7 @@ **************************************************************************** ============================================================================ ->>> github.com/aws/smithy-go +>>> github.com/aws/aws-sdk-go-v2/service/ssooidc ============================================================================== @@ -4016,36 +4014,32 @@ incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. + END OF TERMS AND CONDITIONS + APPENDIX: How to apply the Apache License to your work. + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. -**************************************************************************** - -============================================================================ ->>> github.com/AzureAD/microsoft-authentication-library-for-go -============================================================================== - - MIT License - - Copyright (c) Microsoft Corporation. + Copyright [yyyy] [name of copyright owner] - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at - The above copyright notice and this permission notice shall be included in all - copies or substantial portions of the Software. + http://www.apache.org/licenses/LICENSE-2.0 - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. @@ -4053,123 +4047,211 @@ **************************************************************************** ============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/azcore +>>> github.com/aws/aws-sdk-go-v2/service/sts ============================================================================== -The MIT License (MIT) - -Copyright (c) Microsoft Corporation. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + 1. Definitions. + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. -**************************************************************************** + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. -============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/azidentity -============================================================================== + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. -The MIT License (MIT) + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. -Copyright (c) Microsoft Corporation. + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. -**************************************************************************** + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: -============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/internal -============================================================================== + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and -The MIT License (MIT) + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and -Copyright (c) Microsoft Corporation. + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. -**************************************************************************** + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. -============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage -============================================================================== + END OF TERMS AND CONDITIONS -The MIT License (MIT) + APPENDIX: How to apply the Apache License to your work. -Copyright (c) Microsoft Corporation. + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: + Copyright [yyyy] [name of copyright owner] -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. @@ -4177,83 +4259,268 @@ SOFTWARE. **************************************************************************** ============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/storage/azblob +>>> github.com/aws/smithy-go ============================================================================== -The MIT License (MIT) -Copyright (c) Microsoft Corporation. + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + 1. Definitions. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. -**************************************************************************** + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. -============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/storage/azdatalake -============================================================================== + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. -The MIT License (MIT) + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). -Copyright (c) Microsoft Corporation. + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and -**************************************************************************** + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and -============================================================================ ->>> github.com/cpuguy83/go-md2man/v2 -============================================================================== + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and -The MIT License (MIT) + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. -Copyright (c) 2014 Brian Goff + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. -The above copyright notice and this permission notice shall be included in all + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + + + +**************************************************************************** + +============================================================================ +>>> github.com/AzureAD/microsoft-authentication-extensions-for-go/cache +============================================================================== + + MIT License + + Copyright (c) Microsoft Corporation. + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE + + + + +**************************************************************************** + +============================================================================ +>>> github.com/AzureAD/microsoft-authentication-library-for-go +============================================================================== + + MIT License + + Copyright (c) Microsoft Corporation. + + Permission is hereby granted, free of charge, to any person obtaining a copy + of this software and associated documentation files (the "Software"), to deal + in the Software without restriction, including without limitation the rights + to use, copy, modify, merge, publish, distribute, sublicense, and/or sell + copies of the Software, and to permit persons to whom the Software is + furnished to do so, subject to the following conditions: + + The above copyright notice and this permission notice shall be included in all + copies or substantial portions of the Software. + + THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, + OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE + SOFTWARE + + + + +**************************************************************************** + +============================================================================ +>>> github.com/Azure/azure-sdk-for-go/sdk/azcore +============================================================================== + +The MIT License (MIT) + +Copyright (c) Microsoft Corporation. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR @@ -4270,24 +4537,30 @@ SOFTWARE. **************************************************************************** ============================================================================ ->>> github.com/davecgh/go-spew +>>> github.com/Azure/azure-sdk-for-go/sdk/azidentity ============================================================================== -ISC License +The MIT License (MIT) -Copyright (c) 2012-2016 Dave Collins +Copyright (c) Microsoft Corporation. -Permission to use, copy, modify, and/or distribute this software for any -purpose with or without fee is hereby granted, provided that the above -copyright notice and this permission notice appear in all copies. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: -THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES -WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR -ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN -ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF -OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. @@ -4295,12 +4568,12 @@ OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. **************************************************************************** ============================================================================ ->>> github.com/frankban/quicktest +>>> github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache ============================================================================== -MIT License +The MIT License (MIT) -Copyright (c) 2017 Canonical Ltd. +Copyright (c) Microsoft Corporation. Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal @@ -4326,34 +4599,30 @@ SOFTWARE. **************************************************************************** ============================================================================ ->>> github.com/fsnotify/fsnotify +>>> github.com/Azure/azure-sdk-for-go/sdk/internal ============================================================================== -Copyright © 2012 The Go Authors. All rights reserved. -Copyright © fsnotify Authors. All rights reserved. +The MIT License (MIT) -Redistribution and use in source and binary forms, with or without modification, -are permitted provided that the following conditions are met: +Copyright (c) Microsoft Corporation. -* Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. -* Redistributions in binary form must reproduce the above copyright notice, this - list of conditions and the following disclaimer in the documentation and/or - other materials provided with the distribution. -* Neither the name of Google Inc. nor the names of its contributors may be used - to endorse or promote products derived from this software without specific - prior written permission. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND -ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED -WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE -DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR -ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES -(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; -LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON -ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS -SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. @@ -4361,183 +4630,92 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. **************************************************************************** ============================================================================ ->>> github.com/gapra-msft/cobra +>>> github.com/Azure/azure-sdk-for-go/sdk/resourcemanager/storage/armstorage ============================================================================== - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ +The MIT License (MIT) - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION +Copyright (c) Microsoft Corporation. - 1. Definitions. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. +**************************************************************************** - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). +============================================================================ +>>> github.com/Azure/azure-sdk-for-go/sdk/storage/azblob +============================================================================== - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." +The MIT License (MIT) - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. +Copyright (c) Microsoft Corporation. - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. +**************************************************************************** - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. +============================================================================ +>>> github.com/Azure/azure-sdk-for-go/sdk/storage/azdatalake +============================================================================== - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. +The MIT License (MIT) - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. +Copyright (c) Microsoft Corporation. - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. @@ -4545,18 +4723,31 @@ SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. **************************************************************************** ============================================================================ ->>> github.com/golang-jwt/jwt/v5 +>>> github.com/cespare/xxhash/v2 ============================================================================== -Copyright (c) 2012 Dave Grijalva -Copyright (c) 2021 golang-jwt maintainers +Copyright (c) 2016 Caleb Spare -Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: +MIT License -The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. +Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE +LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION +OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION +WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. @@ -4564,70 +4755,222 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI **************************************************************************** ============================================================================ ->>> github.com/golang/mock +>>> github.com/cpuguy83/go-md2man/v2 ============================================================================== +The MIT License (MIT) - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION +Copyright (c) 2014 Brian Goff - 1. Definitions. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. +**************************************************************************** - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). +============================================================================ +>>> github.com/davecgh/go-spew +============================================================================== - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. +ISC License - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." +Copyright (c) 2012-2016 Dave Collins + +Permission to use, copy, modify, and/or distribute this software for any +purpose with or without fee is hereby granted, provided that the above +copyright notice and this permission notice appear in all copies. + +THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES +WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF +MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR +ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES +WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN +ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF +OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + + + + +**************************************************************************** + +============================================================================ +>>> github.com/dgryski/go-rendezvous +============================================================================== + +The MIT License (MIT) + +Copyright (c) 2017-2020 Damian Gryski + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. + + + + +**************************************************************************** + +============================================================================ +>>> github.com/frankban/quicktest +============================================================================== + +MIT License + +Copyright (c) 2017 Canonical Ltd. + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + + + + +**************************************************************************** + +============================================================================ +>>> github.com/fsnotify/fsnotify +============================================================================== + +Copyright © 2012 The Go Authors. All rights reserved. +Copyright © fsnotify Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +* Redistributions of source code must retain the above copyright notice, this + list of conditions and the following disclaimer. +* Redistributions in binary form must reproduce the above copyright notice, this + list of conditions and the following disclaimer in the documentation and/or + other materials provided with the distribution. +* Neither the name of Google Inc. nor the names of its contributors may be used + to endorse or promote products derived from this software without specific + prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND +ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE +DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR +ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES +(INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; +LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON +ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS +SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + + + +**************************************************************************** + +============================================================================ +>>> github.com/gapra-msft/cobra +============================================================================== + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." "Contributor" shall mean Licensor and any individual or Legal Entity on behalf of whom a Contribution has been received by Licensor and @@ -4743,32 +5086,24 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI incurred by, or claims asserted against, such Contributor by reason of your accepting any such warranty or additional liability. - END OF TERMS AND CONDITIONS - APPENDIX: How to apply the Apache License to your work. - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - Copyright [yyyy] [name of copyright owner] +**************************************************************************** - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at +============================================================================ +>>> github.com/golang-jwt/jwt/v5 +============================================================================== - http://www.apache.org/licenses/LICENSE-2.0 +Copyright (c) 2012 Dave Grijalva +Copyright (c) 2021 golang-jwt maintainers + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. @@ -4776,41 +5111,253 @@ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLI **************************************************************************** ============================================================================ ->>> github.com/google/go-cmp +>>> github.com/golang/mock ============================================================================== -Copyright (c) 2017 The Go Authors. All rights reserved. -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + 1. Definitions. + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. -**************************************************************************** + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "[]" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. + + + + +**************************************************************************** + +============================================================================ +>>> github.com/google/go-cmp +============================================================================== + +Copyright (c) 2017 The Go Authors. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + * Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + + + +**************************************************************************** ============================================================================ >>> github.com/google/uuid @@ -5164,534 +5711,80 @@ Mozilla Public License, version 2.0 character including, without limitation, damages for lost profits, loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses, even if such party shall have been - informed of the possibility of such damages. This limitation of liability - shall not apply to liability for death or personal injury resulting from such - party’s negligence to the extent applicable law prohibits such limitation. - Some jurisdictions do not allow the exclusion or limitation of incidental or - consequential damages, so this exclusion and limitation may not apply to You. - -8. Litigation - - Any litigation relating to this License may be brought only in the courts of - a jurisdiction where the defendant maintains its principal place of business - and such litigation shall be governed by laws of that jurisdiction, without - reference to its conflict-of-law provisions. Nothing in this Section shall - prevent a party’s ability to bring cross-claims or counter-claims. - -9. Miscellaneous - - This License represents the complete agreement concerning the subject matter - hereof. If any provision of this License is held to be unenforceable, such - provision shall be reformed only to the extent necessary to make it - enforceable. Any law or regulation which provides that the language of a - contract shall be construed against the drafter shall not be used to construe - this License against a Contributor. - - -10. Versions of the License - -10.1. New Versions - - Mozilla Foundation is the license steward. Except as provided in Section - 10.3, no one other than the license steward has the right to modify or - publish new versions of this License. Each version will be given a - distinguishing version number. - -10.2. Effect of New Versions - - You may distribute the Covered Software under the terms of the version of - the License under which You originally received the Covered Software, or - under the terms of any subsequent version published by the license - steward. - -10.3. Modified Versions - - If you create software not governed by this License, and you want to - create a new license for such software, you may create and use a modified - version of this License if you rename the license and remove any - references to the name of the license steward (except to note that such - modified license differs from this License). - -10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses - If You choose to distribute Source Code Form that is Incompatible With - Secondary Licenses under the terms of this version of the License, the - notice described in Exhibit B of this License must be attached. - -Exhibit A - Source Code Form License Notice - - This Source Code Form is subject to the - terms of the Mozilla Public License, v. - 2.0. If a copy of the MPL was not - distributed with this file, You can - obtain one at - http://mozilla.org/MPL/2.0/. - -If it is not possible or desirable to put the notice in a particular file, then -You may include the notice in a location (such as a LICENSE file in a relevant -directory) where a recipient would be likely to look for such a notice. - -You may add additional accurate notices of copyright ownership. - -Exhibit B - “Incompatible With Secondary Licenses” Notice - - This Source Code Form is “Incompatible - With Secondary Licenses”, as defined by - the Mozilla Public License, v. 2.0. - - - - - -**************************************************************************** - -============================================================================ ->>> github.com/inconshreveable/mousetrap -============================================================================== - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2022 Alan Shreve (@inconshreveable) - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - - - - -**************************************************************************** - -============================================================================ ->>> github.com/JeffreyRichter/enum -============================================================================== - -MIT License - -Copyright (c) 2018 Jeffrey Richter - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - - - -**************************************************************************** - -============================================================================ ->>> github.com/jmespath/go-jmespath -============================================================================== - - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. + informed of the possibility of such damages. This limitation of liability + shall not apply to liability for death or personal injury resulting from such + party’s negligence to the extent applicable law prohibits such limitation. + Some jurisdictions do not allow the exclusion or limitation of incidental or + consequential damages, so this exclusion and limitation may not apply to You. - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. +8. Litigation - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. + Any litigation relating to this License may be brought only in the courts of + a jurisdiction where the defendant maintains its principal place of business + and such litigation shall be governed by laws of that jurisdiction, without + reference to its conflict-of-law provisions. Nothing in this Section shall + prevent a party’s ability to bring cross-claims or counter-claims. - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: +9. Miscellaneous - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and + This License represents the complete agreement concerning the subject matter + hereof. If any provision of this License is held to be unenforceable, such + provision shall be reformed only to the extent necessary to make it + enforceable. Any law or regulation which provides that the language of a + contract shall be construed against the drafter shall not be used to construe + this License against a Contributor. - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and +10. Versions of the License - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. +10.1. New Versions - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. + Mozilla Foundation is the license steward. Except as provided in Section + 10.3, no one other than the license steward has the right to modify or + publish new versions of this License. Each version will be given a + distinguishing version number. - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. +10.2. Effect of New Versions - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. + You may distribute the Covered Software under the terms of the version of + the License under which You originally received the Covered Software, or + under the terms of any subsequent version published by the license + steward. - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. +10.3. Modified Versions - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. + If you create software not governed by this License, and you want to + create a new license for such software, you may create and use a modified + version of this License if you rename the license and remove any + references to the name of the license steward (except to note that such + modified license differs from this License). - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. +10.4. Distributing Source Code Form that is Incompatible With Secondary Licenses + If You choose to distribute Source Code Form that is Incompatible With + Secondary Licenses under the terms of this version of the License, the + notice described in Exhibit B of this License must be attached. - END OF TERMS AND CONDITIONS +Exhibit A - Source Code Form License Notice - APPENDIX: How to apply the Apache License to your work. + This Source Code Form is subject to the + terms of the Mozilla Public License, v. + 2.0. If a copy of the MPL was not + distributed with this file, You can + obtain one at + http://mozilla.org/MPL/2.0/. - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. +If it is not possible or desirable to put the notice in a particular file, then +You may include the notice in a location (such as a LICENSE file in a relevant +directory) where a recipient would be likely to look for such a notice. - Copyright [yyyy] [name of copyright owner] +You may add additional accurate notices of copyright ownership. - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at +Exhibit B - “Incompatible With Secondary Licenses” Notice - http://www.apache.org/licenses/LICENSE-2.0 + This Source Code Form is “Incompatible + With Secondary Licenses”, as defined by + the Mozilla Public License, v. 2.0. - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. @@ -5699,10 +5792,9 @@ SOFTWARE. **************************************************************************** ============================================================================ ->>> github.com/jmespath/go-jmespath/internal/testify +>>> github.com/inconshreveable/mousetrap ============================================================================== - Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ @@ -5891,7 +5983,7 @@ SOFTWARE. same "printed page" as the copyright notice for easier identification within third-party archives. - Copyright [yyyy] [name of copyright owner] + Copyright 2022 Alan Shreve (@inconshreveable) Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. @@ -5908,6 +6000,37 @@ SOFTWARE. +**************************************************************************** + +============================================================================ +>>> github.com/JeffreyRichter/enum +============================================================================== + +MIT License + +Copyright (c) 2018 Jeffrey Richter + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + + + + **************************************************************************** ============================================================================ @@ -5945,6 +6068,38 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +**************************************************************************** + +============================================================================ +>>> github.com/keybase/go-keychain +============================================================================== + +The MIT License (MIT) + +Copyright (c) 2015 Keybase + +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all +copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR +IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE +AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE +SOFTWARE. + + + + + **************************************************************************** ============================================================================ @@ -6788,6 +6943,41 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +**************************************************************************** + +============================================================================ +>>> github.com/redis/go-redis/v9 +============================================================================== + +Copyright (c) 2013 The github.com/redis/go-redis Authors. +All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer. + * Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution. + +THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + + + + **************************************************************************** ============================================================================ @@ -8075,38 +8265,6 @@ SOFTWARE. -**************************************************************************** - -============================================================================ ->>> github.com/stretchr/objx -============================================================================== - -The MIT License - -Copyright (c) 2014 Stretchr, Inc. -Copyright (c) 2017-2018 objx contributors - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - - - **************************************************************************** ============================================================================ @@ -8549,7 +8707,7 @@ CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. >>> golang.org/x/crypto ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8561,7 +8719,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8586,7 +8744,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/exp ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8598,7 +8756,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8623,7 +8781,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/mod ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8635,7 +8793,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8660,7 +8818,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/net ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8672,7 +8830,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8697,7 +8855,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/sync ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8709,7 +8867,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8734,7 +8892,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/sys ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8746,7 +8904,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8771,7 +8929,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/term ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8783,7 +8941,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8808,7 +8966,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/text ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8820,7 +8978,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8845,7 +9003,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/tools ============================================================================== -Copyright (c) 2009 The Go Authors. All rights reserved. +Copyright 2009 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8857,7 +9015,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -8882,7 +9040,7 @@ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. >>> golang.org/x/xerrors ============================================================================== -Copyright (c) 2019 The Go Authors. All rights reserved. +Copyright 2019 The Go Authors. Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are @@ -8894,7 +9052,7 @@ notice, this list of conditions and the following disclaimer. copyright notice, this list of conditions and the following disclaimer in the documentation and/or other materials provided with the distribution. - * Neither the name of Google Inc. nor the names of its + * Neither the name of Google LLC nor the names of its contributors may be used to endorse or promote products derived from this software without specific prior written permission. @@ -10365,196 +10523,4 @@ apply, that proxy's public statement of acceptance of any version is permanent authorization for you to choose that version for the Library. - - - - -**************************************************************************** - -============================================================================ ->>> github.com/AzureAD/microsoft-authentication-extensions-for-go/cache -============================================================================== - - MIT License - - Copyright (c) Microsoft Corporation. - - Permission is hereby granted, free of charge, to any person obtaining a copy - of this software and associated documentation files (the "Software"), to deal - in the Software without restriction, including without limitation the rights - to use, copy, modify, merge, publish, distribute, sublicense, and/or sell - copies of the Software, and to permit persons to whom the Software is - furnished to do so, subject to the following conditions: - - The above copyright notice and this permission notice shall be included in all - copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR - IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, - FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE - AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER - LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, - OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE - - - - -**************************************************************************** - -============================================================================ ->>> github.com/Azure/azure-sdk-for-go/sdk/azidentity/cache -============================================================================== - -The MIT License (MIT) - -Copyright (c) Microsoft Corporation. - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - - - -**************************************************************************** - -============================================================================ ->>> github.com/cespare/xxhash/v2 -============================================================================== - -Copyright (c) 2016 Caleb Spare - -MIT License - -Permission is hereby granted, free of charge, to any person obtaining -a copy of this software and associated documentation files (the -"Software"), to deal in the Software without restriction, including -without limitation the rights to use, copy, modify, merge, publish, -distribute, sublicense, and/or sell copies of the Software, and to -permit persons to whom the Software is furnished to do so, subject to -the following conditions: - -The above copyright notice and this permission notice shall be -included in all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, -EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF -MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND -NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE -LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION -OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION -WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. - - - - -**************************************************************************** - -============================================================================ ->>> github.com/dgryski/go-rendezvous -============================================================================== - -The MIT License (MIT) - -Copyright (c) 2017-2020 Damian Gryski - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in -all copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -THE SOFTWARE. - - - - -**************************************************************************** - -============================================================================ ->>> github.com/keybase/go-keychain -============================================================================== - -The MIT License (MIT) - -Copyright (c) 2015 Keybase - -Permission is hereby granted, free of charge, to any person obtaining a copy -of this software and associated documentation files (the "Software"), to deal -in the Software without restriction, including without limitation the rights -to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -copies of the Software, and to permit persons to whom the Software is -furnished to do so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - - - - - -**************************************************************************** - -============================================================================ ->>> github.com/redis/go-redis/v9 -============================================================================== - -Copyright (c) 2013 The github.com/redis/go-redis Authors. -All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. --------------------- END OF THIRD PARTY NOTICE -------------------------------- diff --git a/cmd/config-gen.go b/cmd/config-gen.go index 59f0d3c85..c98d452a7 100644 --- a/cmd/config-gen.go +++ b/cmd/config-gen.go @@ -40,6 +40,7 @@ import ( "strings" "github.com/Seagate/cloudfuse/common" + "github.com/awnumar/memguard" "github.com/spf13/cobra" ) @@ -48,7 +49,7 @@ type configGenOptions struct { outputConfigPath string containerName string tempDirPath string - passphrase string + passphrase []byte } var opts configGenOptions @@ -120,6 +121,8 @@ var generateConfig = &cobra.Command{ var templateConfig []byte var err error + encryptedPassphrase = memguard.NewEnclave(opts.passphrase) + templateConfig, err = os.ReadFile(opts.configFilePath) if err != nil { return fmt.Errorf("failed to read file [%s]", err.Error()) @@ -142,7 +145,7 @@ var generateConfig = &cobra.Command{ } } - cipherText, err := common.EncryptData([]byte(newConfig), opts.passphrase) + cipherText, err := common.EncryptData([]byte(newConfig), encryptedPassphrase) if err != nil { return err } @@ -168,6 +171,6 @@ func init() { generateConfig.Flags().StringVar(&opts.configFilePath, "config-file", "", "Input config file.") generateConfig.Flags().StringVar(&opts.outputConfigPath, "output-file", "", "Output config file path.") generateConfig.Flags().StringVar(&opts.tempDirPath, "temp-path", "", "Temporary file path.") - generateConfig.Flags().StringVar(&opts.passphrase, "passphrase", "", + generateConfig.Flags().BytesBase64Var(&opts.passphrase, "passphrase", nil, "Key to be used for encryption / decryption. Key length shall be 16 (AES-128), 24 (AES-192), or 32 (AES-256) bytes in length.") } diff --git a/cmd/config-gen_test.go b/cmd/config-gen_test.go index 7972c1da4..1a113c6f8 100644 --- a/cmd/config-gen_test.go +++ b/cmd/config-gen_test.go @@ -27,6 +27,7 @@ package cmd import ( "bytes" + "encoding/base64" "fmt" "io" "os" @@ -124,6 +125,7 @@ func (suite *genConfigTestSuite) TestGenConfig() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile := "config_encrypted.aes" + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile) @@ -133,7 +135,7 @@ func (suite *genConfigTestSuite) TestGenConfig() { confFile.Close() - _, err = executeCommandGen(rootCmd, "gen-config", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile), "--temp-path=/tmp") + _, err = executeCommandGen(rootCmd, "gen-config", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile), "--temp-path=/tmp") suite.assert.NoError(err) // Out file should exist @@ -144,6 +146,7 @@ func (suite *genConfigTestSuite) TestGenConfigGet() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile := "config_encrypted.aes" + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile) @@ -153,14 +156,14 @@ func (suite *genConfigTestSuite) TestGenConfigGet() { confFile.Close() - _, err = executeCommandGen(rootCmd, "gen-config", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile), "--temp-path=/tmp") + _, err = executeCommandGen(rootCmd, "gen-config", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile), "--temp-path=/tmp") suite.assert.NoError(err) // Out file should exist suite.assert.FileExists(outFile) // Gen-config should correctly set the temp path for the file_cache - path, err := executeCommandGen(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile), "--passphrase=12312312312312312312312312312312", "--key=file_cache.path") + path, err := executeCommandGen(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile), fmt.Sprintf("--passphrase=%s", passphrase), "--key=file_cache.path") suite.assert.NoError(err) suite.assert.Equal("Fetching scalar configuration\nfile_cache.path = /tmp\n", path) } diff --git a/cmd/mount.go b/cmd/mount.go index 6ec800c2d..2d582afb8 100644 --- a/cmd/mount.go +++ b/cmd/mount.go @@ -28,6 +28,7 @@ package cmd import ( "bytes" "context" + "encoding/base64" "errors" "fmt" "io/fs" @@ -46,6 +47,7 @@ import ( "github.com/Seagate/cloudfuse/common/config" "github.com/Seagate/cloudfuse/common/log" "github.com/Seagate/cloudfuse/internal" + "github.com/awnumar/memguard" "github.com/sevlyar/go-daemon" "github.com/spf13/cobra" @@ -72,7 +74,7 @@ type mountOptions struct { DefaultWorkingDir string `config:"default-working-dir"` CPUProfile string `config:"cpu-profile"` MemProfile string `config:"mem-profile"` - PassPhrase string `config:"passphrase"` + PassPhrase []byte `config:"passphrase"` SecureConfig bool `config:"secure-config"` DynamicProfiler bool `config:"dynamic-profile"` ProfilerPort int `config:"profiler-port"` @@ -225,26 +227,32 @@ func parseConfig() error { filepath.Ext(options.ConfigFile) == SecureConfigExtension { // Validate config is to be secured on write or not - if options.PassPhrase == "" { - options.PassPhrase = os.Getenv(SecureConfigEnvName) - } + if options.PassPhrase == nil || string(options.PassPhrase) == "" { + options.PassPhrase = []byte(os.Getenv(SecureConfigEnvName)) + if options.PassPhrase == nil || string(options.PassPhrase) == "" { + return errors.New("no passphrase provided to decrypt the config file.\n Either use --passphrase cli option or store passphrase in CLOUDFUSE_SECURE_CONFIG_PASSPHRASE environment variable") + } - if options.PassPhrase == "" { - return fmt.Errorf("no passphrase provided to decrypt the config file.\n Either use --passphrase cli option or store passphrase in CLOUDFUSE_SECURE_CONFIG_PASSPHRASE environment variable") + _, err := base64.StdEncoding.DecodeString(string(options.PassPhrase)) + if err != nil { + return fmt.Errorf("passphrase is not valid base64 encoded [%s]", err.Error()) + } } + encryptedPassphrase = memguard.NewEnclave(options.PassPhrase) + cipherText, err := os.ReadFile(options.ConfigFile) if err != nil { return fmt.Errorf("failed to read encrypted config file %s [%s]", options.ConfigFile, err.Error()) } - plainText, err := common.DecryptData(cipherText, options.PassPhrase) + plainText, err := common.DecryptData(cipherText, encryptedPassphrase) if err != nil { return fmt.Errorf("failed to decrypt config file %s [%s]", options.ConfigFile, err.Error()) } config.SetConfigFile(options.ConfigFile) - config.SetSecureConfigOptions(options.PassPhrase) + config.SetSecureConfigOptions(encryptedPassphrase) err = config.ReadFromConfigBuffer(plainText) if err != nil { return fmt.Errorf("invalid decrypted config file [%s]", err.Error()) @@ -681,7 +689,7 @@ func init() { mountCmd.PersistentFlags().BoolVar(&options.SecureConfig, "secure-config", false, "Encrypt auto generated config file for each container") - mountCmd.PersistentFlags().StringVar(&options.PassPhrase, "passphrase", "", + mountCmd.PersistentFlags().BytesBase64Var(&options.PassPhrase, "passphrase", []byte(""), "Base64 encoded key to decrypt config file. Can also be specified by env-variable CLOUDFUSE_SECURE_CONFIG_PASSPHRASE.\n Decoded key length shall be 16 (AES-128), 24 (AES-192), or 32 (AES-256) bytes in length.") mountCmd.PersistentFlags().String("log-type", "syslog", "Type of logger to be used by the system. Set to syslog by default. Allowed values are silent|syslog|base.") diff --git a/cmd/mount_all.go b/cmd/mount_all.go index dcbd4ae0d..53b8b872b 100644 --- a/cmd/mount_all.go +++ b/cmd/mount_all.go @@ -28,6 +28,8 @@ package cmd import ( "bytes" "context" + "encoding/base64" + "errors" "fmt" "os" "os/exec" @@ -38,6 +40,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/config" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/Seagate/cloudfuse/component/azstorage" "github.com/Seagate/cloudfuse/component/s3storage" @@ -155,12 +158,23 @@ func processCommand() error { } // Validate config is to be secured on write or not - if options.PassPhrase == "" { - options.PassPhrase = os.Getenv(SecureConfigEnvName) - } + if options.SecureConfig || + filepath.Ext(options.ConfigFile) == SecureConfigExtension { + + // Validate config is to be secured on write or not + if options.PassPhrase == nil || string(options.PassPhrase) == "" { + options.PassPhrase = []byte(os.Getenv(SecureConfigEnvName)) + if options.PassPhrase == nil || string(options.PassPhrase) == "" { + return errors.New("no passphrase provided to decrypt the config file.\n Either use --passphrase cli option or store passphrase in CLOUDFUSE_SECURE_CONFIG_PASSPHRASE environment variable") + } + + _, err := base64.StdEncoding.DecodeString(string(options.PassPhrase)) + if err != nil { + return fmt.Errorf("passphrase is not valid base64 encoded [%s]", err.Error()) + } + } - if options.SecureConfig && options.PassPhrase == "" { - return fmt.Errorf("key not provided to decrypt config file") + encryptedPassphrase = memguard.NewEnclave(options.PassPhrase) } var containerList []string @@ -395,7 +409,7 @@ func writeConfigFile(contConfigFile string) error { return fmt.Errorf("failed to marshall yaml content") } - cipherText, err := common.EncryptData(confStream, opts.passphrase) + cipherText, err := common.EncryptData(confStream, encryptedPassphrase) if err != nil { return fmt.Errorf("failed to encrypt yaml content [%s]", err.Error()) } diff --git a/cmd/mount_windows.go b/cmd/mount_windows.go index d96c57427..01cc0a9ea 100644 --- a/cmd/mount_windows.go +++ b/cmd/mount_windows.go @@ -43,7 +43,7 @@ func createDaemon(pipeline *internal.Pipeline, ctx context.Context, pidFileName // Use WinFSP to mount and if successful, add instance to persistent mount list func createMountInstance() error { - err := winservice.StartMount(options.MountPath, options.ConfigFile, options.PassPhrase) + err := winservice.StartMount(options.MountPath, options.ConfigFile, encryptedPassphrase) if err != nil { return err } diff --git a/cmd/secure.go b/cmd/secure.go index 3d4f8396f..1f8acc2f2 100644 --- a/cmd/secure.go +++ b/cmd/secure.go @@ -33,6 +33,7 @@ import ( "path/filepath" "github.com/Seagate/cloudfuse/common" + "github.com/awnumar/memguard" "github.com/spf13/cobra" ) @@ -40,7 +41,7 @@ import ( type secureOptions struct { Operation string ConfigFile string - PassPhrase string + PassPhrase []byte OutputFile string Key string Value string @@ -50,6 +51,7 @@ const SecureConfigEnvName string = "CLOUDFUSE_SECURE_CONFIG_PASSPHRASE" const SecureConfigExtension string = ".aes" var secOpts secureOptions +var encryptedPassphrase *memguard.Enclave // Section defining all the command that we have in secure feature var secureCmd = &cobra.Command{ @@ -116,15 +118,20 @@ var decryptCmd = &cobra.Command{ //--------------- command section ends func validateOptions() error { - if secOpts.PassPhrase == "" { - secOpts.PassPhrase = os.Getenv(SecureConfigEnvName) + if secOpts.PassPhrase == nil || string(secOpts.PassPhrase) == "" { + secOpts.PassPhrase = []byte(os.Getenv(SecureConfigEnvName)) + if secOpts.PassPhrase == nil || string(secOpts.PassPhrase) == "" { + return errors.New("provide the passphrase as a cli parameter or configure the CLOUDFUSE_SECURE_CONFIG_PASSPHRASE environment variable") + } } - _, err := base64.StdEncoding.DecodeString(secOpts.PassPhrase) + _, err := base64.StdEncoding.DecodeString(string(secOpts.PassPhrase)) if err != nil { - return fmt.Errorf("failed to base64 decode passphrase [%s]", err.Error()) + return fmt.Errorf("passphrase is not valid base64 encoded [%s]", err.Error()) } + encryptedPassphrase = memguard.NewEnclave(secOpts.PassPhrase) + if secOpts.ConfigFile == "" { return errors.New("config file not provided, check usage") } @@ -133,10 +140,6 @@ func validateOptions() error { return errors.New("config file does not exist") } - if secOpts.PassPhrase == "" { - return errors.New("provide the passphrase as a cli parameter or configure the CLOUDFUSE_SECURE_CONFIG_PASSPHRASE environment variable") - } - return nil } @@ -147,7 +150,7 @@ func encryptConfigFile(saveConfig bool) ([]byte, error) { return nil, err } - cipherText, err := common.EncryptData(plaintext, secOpts.PassPhrase) + cipherText, err := common.EncryptData(plaintext, encryptedPassphrase) if err != nil { return nil, err } @@ -173,7 +176,7 @@ func decryptConfigFile(saveConfig bool) ([]byte, error) { return nil, err } - plainText, err := common.DecryptData(cipherText, secOpts.PassPhrase) + plainText, err := common.DecryptData(cipherText, encryptedPassphrase) if err != nil { return nil, err } @@ -231,7 +234,7 @@ func init() { secureCmd.PersistentFlags().StringVar(&secOpts.ConfigFile, "config-file", "", "Configuration file to be encrypted / decrypted") - secureCmd.PersistentFlags().StringVar(&secOpts.PassPhrase, "passphrase", "", + secureCmd.PersistentFlags().BytesBase64Var(&secOpts.PassPhrase, "passphrase", []byte(""), "Base64 encoded key to decrypt config file. Can also be specified by env-variable CLOUDFUSE_SECURE_CONFIG_PASSPHRASE.\n Decoded key length shall be 16 (AES-128), 24 (AES-192), or 32 (AES-256) bytes in length.") secureCmd.PersistentFlags().StringVar(&secOpts.OutputFile, "output-file", "", diff --git a/cmd/secure_set.go b/cmd/secure_set.go index 7453f7de6..e22607337 100644 --- a/cmd/secure_set.go +++ b/cmd/secure_set.go @@ -84,7 +84,7 @@ var setKeyCmd = &cobra.Command{ return fmt.Errorf("failed to marshal config [%s]", err.Error()) } - cipherText, err := common.EncryptData(confStream, secOpts.PassPhrase) + cipherText, err := common.EncryptData(confStream, encryptedPassphrase) if err != nil { return fmt.Errorf("failed to encrypt config [%s]", err.Error()) } diff --git a/cmd/secure_test.go b/cmd/secure_test.go index cb71e7945..0e6651256 100644 --- a/cmd/secure_test.go +++ b/cmd/secure_test.go @@ -27,6 +27,7 @@ package cmd import ( "bytes" + "encoding/base64" "fmt" "os" "testing" @@ -112,6 +113,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncrypt() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile, _ := os.CreateTemp("", "conf*.yaml") + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile.Name()) @@ -121,7 +123,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncrypt() { confFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile.Name())) + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile.Name())) suite.assert.NoError(err) // Config file should be deleted @@ -132,6 +134,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncryptNoOutfile() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile := confFile.Name() + SecureConfigExtension + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile) @@ -141,7 +144,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncryptNoOutfile() { confFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312") + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase)) suite.assert.NoError(err) // Config file should be deleted @@ -154,7 +157,8 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncryptNoOutfile() { func (suite *secureConfigTestSuite) TestSecureConfigEncryptNotExistent() { defer suite.cleanupTest() confFile := "abcd.yaml" - _, err := executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile), "--passphrase=12312312312312312312312312312312") + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) + _, err := executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile), fmt.Sprintf("--passphrase=%s", passphrase)) suite.assert.Error(err) } @@ -184,6 +188,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncryptInvalidKey() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile, _ := os.CreateTemp("", "conf*.yaml") + passphrase := base64.StdEncoding.EncodeToString([]byte("123")) defer os.Remove(confFile.Name()) defer os.Remove(outFile.Name()) @@ -194,7 +199,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigEncryptInvalidKey() { confFile.Close() outFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=123", fmt.Sprintf("--output-file=%s", outFile.Name())) + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile.Name())) suite.assert.Error(err) } @@ -202,6 +207,8 @@ func (suite *secureConfigTestSuite) TestSecureConfigDecrypt() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile, _ := os.CreateTemp("", "conf*.yaml") + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) + fmt.Println(passphrase) defer os.Remove(confFile.Name()) defer os.Remove(outFile.Name()) @@ -212,13 +219,13 @@ func (suite *secureConfigTestSuite) TestSecureConfigDecrypt() { confFile.Close() outFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile.Name())) + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile.Name())) suite.assert.NoError(err) // Config file should be deleted suite.assert.NoFileExists(confFile.Name()) - _, err = executeCommandSecure(rootCmd, "secure", "decrypt", fmt.Sprintf("--config-file=%s", outFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=./tmp.yaml")) + _, err = executeCommandSecure(rootCmd, "secure", "decrypt", fmt.Sprintf("--config-file=%s", outFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=./tmp.yaml")) suite.assert.NoError(err) data, err := os.ReadFile("./tmp.yaml") @@ -234,6 +241,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigDecryptNoOutputFile() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile := confFile.Name() + SecureConfigExtension + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) @@ -242,7 +250,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigDecryptNoOutputFile() { confFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312") + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase)) suite.assert.NoError(err) // Config file should be deleted @@ -251,7 +259,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigDecryptNoOutputFile() { // Encrypted file should exist suite.assert.FileExists(outFile) - _, err = executeCommandSecure(rootCmd, "secure", "decrypt", fmt.Sprintf("--config-file=%s", outFile), "--passphrase=12312312312312312312312312312312") + _, err = executeCommandSecure(rootCmd, "secure", "decrypt", fmt.Sprintf("--config-file=%s", outFile), fmt.Sprintf("--passphrase=%s", passphrase)) suite.assert.NoError(err) // Config file should exist @@ -290,6 +298,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigGet() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile, _ := os.CreateTemp("", "conf*.yaml") + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile.Name()) @@ -300,10 +309,10 @@ func (suite *secureConfigTestSuite) TestSecureConfigGet() { confFile.Close() outFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile.Name())) + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile.Name())) suite.assert.NoError(err) - _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), "--passphrase=12312312312312312312312312312312", "--key=logging.level") + _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), "--key=logging.level") suite.assert.NoError(err) } @@ -311,6 +320,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigGetInvalidKey() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile, _ := os.CreateTemp("", "conf*.yaml") + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile.Name()) @@ -321,10 +331,10 @@ func (suite *secureConfigTestSuite) TestSecureConfigGetInvalidKey() { confFile.Close() outFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile.Name())) + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile.Name())) suite.assert.NoError(err) - _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), "--passphrase=12312312312312312312312312312312", "--key=abcd.efg") + _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), "--key=abcd.efg") suite.assert.Error(err) } @@ -332,6 +342,7 @@ func (suite *secureConfigTestSuite) TestSecureConfigSet() { defer suite.cleanupTest() confFile, _ := os.CreateTemp("", "conf*.yaml") outFile, _ := os.CreateTemp("", "conf*.yaml") + passphrase := base64.StdEncoding.EncodeToString([]byte("12312312312312312312312312312312")) defer os.Remove(confFile.Name()) defer os.Remove(outFile.Name()) @@ -342,15 +353,15 @@ func (suite *secureConfigTestSuite) TestSecureConfigSet() { confFile.Close() outFile.Close() - _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), "--passphrase=12312312312312312312312312312312", fmt.Sprintf("--output-file=%s", outFile.Name())) + _, err = executeCommandSecure(rootCmd, "secure", "encrypt", fmt.Sprintf("--config-file=%s", confFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), fmt.Sprintf("--output-file=%s", outFile.Name())) suite.assert.NoError(err) - _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), "--passphrase=12312312312312312312312312312312", "--key=logging.level") + _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), "--key=logging.level") suite.assert.NoError(err) - _, err = executeCommandSecure(rootCmd, "secure", "set", fmt.Sprintf("--config-file=%s", outFile.Name()), "--passphrase=12312312312312312312312312312312", "--key=logging.level", "--value=log_err") + _, err = executeCommandSecure(rootCmd, "secure", "set", fmt.Sprintf("--config-file=%s", outFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), "--key=logging.level", "--value=log_err") suite.assert.NoError(err) - _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), "--passphrase=12312312312312312312312312312312", "--key=logging.level") + _, err = executeCommandSecure(rootCmd, "secure", "get", fmt.Sprintf("--config-file=%s", outFile.Name()), fmt.Sprintf("--passphrase=%s", passphrase), "--key=logging.level") suite.assert.NoError(err) } diff --git a/common/config/config_parser.go b/common/config/config_parser.go index 46ec712b3..326d587ce 100644 --- a/common/config/config_parser.go +++ b/common/config/config_parser.go @@ -34,6 +34,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/spf13/cobra" @@ -73,12 +74,12 @@ type options struct { envTree *Tree completionFuncMap map[string]func(cmd *cobra.Command, args []string, toComplete string) ([]string, cobra.ShellCompDirective) secureConfig bool - passphrase string + passphrase *memguard.Enclave } var userOptions options -func SetSecureConfigOptions(passphrase string) { +func SetSecureConfigOptions(passphrase *memguard.Enclave) { userOptions.secureConfig = true userOptions.passphrase = passphrase } @@ -123,7 +124,7 @@ func ReadFromConfigBuffer(configData []byte) error { return nil } -func DecryptConfigFile(fileName string, passphrase string) error { +func DecryptConfigFile(fileName string, passphrase *memguard.Enclave) error { cipherText, err := os.ReadFile(fileName) if err != nil { return fmt.Errorf("Failed to read encrypted config file [%s]", err.Error()) diff --git a/common/config/config_test.go b/common/config/config_test.go index 779fd1b43..5bccbf134 100644 --- a/common/config/config_test.go +++ b/common/config/config_test.go @@ -31,6 +31,7 @@ import ( "testing" "github.com/Seagate/cloudfuse/common" + "github.com/awnumar/memguard" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" @@ -464,12 +465,14 @@ func (suite *ConfigTestSuite) TestConfigFileDescryption() { assert.NoError(err) assert.NotNil(plaintext) - cipherText, err := common.EncryptData(plaintext, "12312312312312312312312312312312") + encryptedPassphrase := memguard.NewEnclave([]byte("12312312312312312312312312312312")) + + cipherText, err := common.EncryptData(plaintext, encryptedPassphrase) assert.NoError(err) err = os.WriteFile("test_enc.yaml", cipherText, 0644) assert.NoError(err) - err = DecryptConfigFile("test_enc.yaml", "12312312312312312312312312312312") + err = DecryptConfigFile("test_enc.yaml", encryptedPassphrase) assert.NoError(err) _ = os.Remove("test.yaml") diff --git a/common/util.go b/common/util.go index 4a4dfff59..af5bade42 100644 --- a/common/util.go +++ b/common/util.go @@ -30,7 +30,7 @@ import ( "crypto/aes" "crypto/cipher" "crypto/rand" - "encoding/base64" + "errors" "fmt" "io" "os" @@ -44,6 +44,7 @@ import ( "strings" "sync" + "github.com/awnumar/memguard" "gopkg.in/ini.v1" ) @@ -233,13 +234,18 @@ func NormalizeObjectName(name string) string { } // Encrypt given data using the key provided -func EncryptData(plainData []byte, key string) ([]byte, error) { - binaryKey, err := base64.StdEncoding.DecodeString(key) - if err != nil { - return nil, fmt.Errorf("failed to base64 decode passphrase [%s]", err.Error()) +func EncryptData(plainData []byte, key *memguard.Enclave) ([]byte, error) { + if key == nil { + return nil, errors.New("provided passphrase key is empty") + } + + secretKey, err := key.Open() + if err != nil || secretKey == nil { + return nil, errors.New("unable to decrypt passphrase key") } + defer secretKey.Destroy() - block, err := aes.NewCipher(binaryKey) + block, err := aes.NewCipher(secretKey.Data()) if err != nil { return nil, err } @@ -259,13 +265,18 @@ func EncryptData(plainData []byte, key string) ([]byte, error) { } // Decrypt given data using the key provided -func DecryptData(cipherData []byte, key string) ([]byte, error) { - binaryKey, err := base64.StdEncoding.DecodeString(key) - if err != nil { - return nil, fmt.Errorf("failed to base64 decode passphrase [%s]", err.Error()) +func DecryptData(cipherData []byte, key *memguard.Enclave) ([]byte, error) { + if key == nil { + return nil, errors.New("provided passphrase key is empty") + } + + secretKey, err := key.Open() + if err != nil || secretKey == nil { + return nil, errors.New("unable to decrypt passphrase key") } + defer secretKey.Destroy() - block, err := aes.NewCipher(binaryKey) + block, err := aes.NewCipher(secretKey.Data()) if err != nil { return nil, err } diff --git a/common/util_test.go b/common/util_test.go index 87e12d310..c5663332c 100644 --- a/common/util_test.go +++ b/common/util_test.go @@ -27,13 +27,13 @@ package common import ( "crypto/rand" - "encoding/base64" "fmt" "os" "path/filepath" "runtime" "testing" + "github.com/awnumar/memguard" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" ) @@ -82,10 +82,12 @@ func (suite *typesTestSuite) TestEncryptBadKey() { key := make([]byte, 20) rand.Read(key) + encryptedPassphrase := memguard.NewEnclave(key) + data := make([]byte, 1024) rand.Read(data) - _, err := EncryptData(data, string(key)) + _, err := EncryptData(data, encryptedPassphrase) suite.assert.Error(err) } @@ -94,60 +96,65 @@ func (suite *typesTestSuite) TestDecryptBadKey() { key := make([]byte, 20) rand.Read(key) + encryptedPassphrase := memguard.NewEnclave(key) + data := make([]byte, 1024) rand.Read(data) - _, err := DecryptData(data, string(key)) + _, err := DecryptData(data, encryptedPassphrase) suite.assert.Error(err) } func (suite *typesTestSuite) TestEncryptDecrypt16() { // Generate a random key - binaryKey := make([]byte, 16) - rand.Read(binaryKey) - key := base64.StdEncoding.EncodeToString(binaryKey) + key := make([]byte, 16) + rand.Read(key) + + encryptedPassphrase := memguard.NewEnclave(key) data := make([]byte, 1024) rand.Read(data) - cipher, err := EncryptData(data, key) + cipher, err := EncryptData(data, encryptedPassphrase) suite.assert.NoError(err) - d, err := DecryptData(cipher, key) + d, err := DecryptData(cipher, encryptedPassphrase) suite.assert.NoError(err) suite.assert.EqualValues(data, d) } func (suite *typesTestSuite) TestEncryptDecrypt24() { // Generate a random key - binaryKey := make([]byte, 24) - rand.Read(binaryKey) - key := base64.StdEncoding.EncodeToString(binaryKey) + key := make([]byte, 24) + rand.Read(key) + + encryptedPassphrase := memguard.NewEnclave(key) data := make([]byte, 1024) rand.Read(data) - cipher, err := EncryptData(data, key) + cipher, err := EncryptData(data, encryptedPassphrase) suite.assert.NoError(err) - d, err := DecryptData(cipher, key) + d, err := DecryptData(cipher, encryptedPassphrase) suite.assert.NoError(err) suite.assert.EqualValues(data, d) } func (suite *typesTestSuite) TestEncryptDecrypt32() { // Generate a random key - binaryKey := make([]byte, 32) - rand.Read(binaryKey) - key := base64.StdEncoding.EncodeToString(binaryKey) + key := make([]byte, 32) + rand.Read(key) + + encryptedPassphrase := memguard.NewEnclave(key) data := make([]byte, 1024) rand.Read(data) - cipher, err := EncryptData(data, key) + cipher, err := EncryptData(data, encryptedPassphrase) suite.assert.NoError(err) - d, err := DecryptData(cipher, key) + d, err := DecryptData(cipher, encryptedPassphrase) suite.assert.NoError(err) suite.assert.EqualValues(data, d) } diff --git a/component/azstorage/azauth.go b/component/azstorage/azauth.go index ae778da81..3f6429e11 100644 --- a/component/azstorage/azauth.go +++ b/component/azstorage/azauth.go @@ -29,6 +29,7 @@ import ( "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" ) // AzAuthConfig : Config to authenticate to storage @@ -40,10 +41,10 @@ type azAuthConfig struct { AuthMode AuthType // Key config - AccountKey string + AccountKey *memguard.Enclave // SAS config - SASKey string + SASKey *memguard.Enclave // MSI config ApplicationID string @@ -53,7 +54,7 @@ type azAuthConfig struct { // SPN config TenantID string ClientID string - ClientSecret string + ClientSecret *memguard.Enclave OAuthTokenFilePath string ActiveDirectoryEndpoint string diff --git a/component/azstorage/azauth_test.go b/component/azstorage/azauth_test.go index 86fcb1770..5b24b827e 100644 --- a/component/azstorage/azauth_test.go +++ b/component/azstorage/azauth_test.go @@ -37,6 +37,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/suite" @@ -114,13 +115,14 @@ func generateEndpoint(useHttp bool, accountName string, accountType AccountType) func (suite *authTestSuite) TestBlockInvalidAuth() { defer suite.cleanupTest() + encryptedKey := memguard.NewEnclave([]byte(storageTestConfigurationParameters.BlockKey)) stgConfig := AzStorageConfig{ container: storageTestConfigurationParameters.BlockContainer, authConfig: azAuthConfig{ AuthMode: EAuthType.INVALID_AUTH(), AccountType: EAccountType.BLOCK(), AccountName: storageTestConfigurationParameters.BlockAccount, - AccountKey: storageTestConfigurationParameters.BlockKey, + AccountKey: encryptedKey, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.BlockAccount, EAccountType.BLOCK()), }, } @@ -136,13 +138,14 @@ func (suite *authTestSuite) TestBlockInvalidAuth() { func (suite *authTestSuite) TestAdlsInvalidAuth() { defer suite.cleanupTest() + encryptedKey := memguard.NewEnclave([]byte(storageTestConfigurationParameters.BlockKey)) stgConfig := AzStorageConfig{ container: storageTestConfigurationParameters.AdlsContainer, authConfig: azAuthConfig{ AuthMode: EAuthType.INVALID_AUTH(), AccountType: EAccountType.ADLS(), AccountName: storageTestConfigurationParameters.AdlsAccount, - AccountKey: storageTestConfigurationParameters.AdlsKey, + AccountKey: encryptedKey, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.AdlsAccount, EAccountType.ADLS()), }, } @@ -158,13 +161,14 @@ func (suite *authTestSuite) TestAdlsInvalidAuth() { func (suite *authTestSuite) TestInvalidAccountType() { defer suite.cleanupTest() + encryptedKey := memguard.NewEnclave([]byte(storageTestConfigurationParameters.BlockKey)) stgConfig := AzStorageConfig{ - container: storageTestConfigurationParameters.BlockContainer, + container: storageTestConfigurationParameters.AdlsContainer, authConfig: azAuthConfig{ AuthMode: EAuthType.KEY(), AccountType: EAccountType.INVALID_ACC(), AccountName: storageTestConfigurationParameters.BlockAccount, - AccountKey: storageTestConfigurationParameters.BlockKey, + AccountKey: encryptedKey, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.BlockAccount, EAccountType.BLOCK()), }, } @@ -183,7 +187,7 @@ func (suite *authTestSuite) TestBlockInvalidSharedKey() { AuthMode: EAuthType.KEY(), AccountType: EAccountType.BLOCK(), AccountName: storageTestConfigurationParameters.BlockAccount, - AccountKey: "", + AccountKey: nil, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.BlockAccount, EAccountType.BLOCK()), }, } @@ -199,13 +203,14 @@ func (suite *authTestSuite) TestBlockInvalidSharedKey() { func (suite *authTestSuite) TestBlockInvalidSharedKey2() { defer suite.cleanupTest() + encryptedKey := memguard.NewEnclave([]byte("abcd>=")) stgConfig := AzStorageConfig{ container: storageTestConfigurationParameters.BlockContainer, authConfig: azAuthConfig{ AuthMode: EAuthType.KEY(), AccountType: EAccountType.BLOCK(), AccountName: storageTestConfigurationParameters.BlockAccount, - AccountKey: "abcd>=", // string that will fail to base64 decode + AccountKey: encryptedKey, // string that will fail to base64 decode Endpoint: generateEndpoint(false, storageTestConfigurationParameters.BlockAccount, EAccountType.BLOCK()), }, } @@ -221,13 +226,14 @@ func (suite *authTestSuite) TestBlockInvalidSharedKey2() { func (suite *authTestSuite) TestBlockSharedKey() { defer suite.cleanupTest() + encryptedKey := memguard.NewEnclave([]byte(storageTestConfigurationParameters.BlockKey)) stgConfig := AzStorageConfig{ container: storageTestConfigurationParameters.BlockContainer, authConfig: azAuthConfig{ AuthMode: EAuthType.KEY(), AccountType: EAccountType.BLOCK(), AccountName: storageTestConfigurationParameters.BlockAccount, - AccountKey: storageTestConfigurationParameters.BlockKey, + AccountKey: encryptedKey, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.BlockAccount, EAccountType.BLOCK()), }, } @@ -258,7 +264,7 @@ func (suite *authTestSuite) TestAdlsInvalidSharedKey() { AuthMode: EAuthType.KEY(), AccountType: EAccountType.ADLS(), AccountName: storageTestConfigurationParameters.AdlsAccount, - AccountKey: "", + AccountKey: nil, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.AdlsAccount, EAccountType.ADLS()), }, } @@ -274,13 +280,14 @@ func (suite *authTestSuite) TestAdlsInvalidSharedKey() { func (suite *authTestSuite) TestAdlsSharedKey() { defer suite.cleanupTest() + encryptedKey := memguard.NewEnclave([]byte(storageTestConfigurationParameters.AdlsKey)) stgConfig := AzStorageConfig{ container: storageTestConfigurationParameters.AdlsContainer, authConfig: azAuthConfig{ AuthMode: EAuthType.KEY(), AccountType: EAccountType.ADLS(), AccountName: storageTestConfigurationParameters.AdlsAccount, - AccountKey: storageTestConfigurationParameters.AdlsKey, + AccountKey: encryptedKey, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.AdlsAccount, EAccountType.ADLS()), }, } @@ -311,7 +318,7 @@ func (suite *authTestSuite) TestBlockInvalidSasKey() { AuthMode: EAuthType.SAS(), AccountType: EAccountType.BLOCK(), AccountName: storageTestConfigurationParameters.BlockAccount, - SASKey: "", + SASKey: nil, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.BlockAccount, EAccountType.BLOCK()), }, } @@ -440,7 +447,7 @@ func (suite *authTestSuite) TestAdlsInvalidSasKey() { AuthMode: EAuthType.SAS(), AccountType: EAccountType.ADLS(), AccountName: storageTestConfigurationParameters.AdlsAccount, - SASKey: "", + SASKey: nil, Endpoint: generateEndpoint(false, storageTestConfigurationParameters.AdlsAccount, EAccountType.ADLS()), }, } diff --git a/component/azstorage/azauthkey.go b/component/azstorage/azauthkey.go index 57f07aaab..08563aa38 100644 --- a/component/azstorage/azauthkey.go +++ b/component/azstorage/azauthkey.go @@ -50,12 +50,19 @@ type azAuthBlobKey struct { // getServiceClient : returns shared key based service client for blob func (azkey *azAuthBlobKey) getServiceClient(stConfig *AzStorageConfig) (interface{}, error) { - if azkey.config.AccountKey == "" { + if azkey.config.AccountKey == nil { log.Err("azAuthBlobKey::getServiceClient : Shared key for account is empty, cannot authenticate user") return nil, errors.New("shared key for account is empty, cannot authenticate user") } - cred, err := azblob.NewSharedKeyCredential(azkey.config.AccountName, azkey.config.AccountKey) + buff, err := azkey.config.AccountKey.Open() + if err != nil || buff == nil { + return nil, errors.New("unable to decrypt passphrase key") + } + // TODO: Deferring the destruction of the buffer causes a segfault later in the code in some cases. + // defer buff.Destroy() + + cred, err := azblob.NewSharedKeyCredential(azkey.config.AccountName, buff.String()) if err != nil { log.Err("azAuthBlobKey::getServiceClient : Failed to create shared key credential [%s]", err.Error()) return nil, err @@ -81,12 +88,19 @@ type azAuthDatalakeKey struct { // getServiceClient : returns shared key based service client for datalake func (azkey *azAuthDatalakeKey) getServiceClient(stConfig *AzStorageConfig) (interface{}, error) { - if azkey.config.AccountKey == "" { + if azkey.config.AccountKey == nil { log.Err("azAuthDatalakeKey::getServiceClient : Shared key for account is empty, cannot authenticate user") return nil, errors.New("shared key for account is empty, cannot authenticate user") } - cred, err := azdatalake.NewSharedKeyCredential(azkey.config.AccountName, azkey.config.AccountKey) + buff, err := azkey.config.AccountKey.Open() + if err != nil || buff == nil { + return nil, errors.New("unable to decrypt passphrase key") + } + // TODO: Deferring the destruction of the buffer causes a segfault later in the code in some cases. + // defer buff.Destroy() + + cred, err := azdatalake.NewSharedKeyCredential(azkey.config.AccountName, buff.String()) if err != nil { log.Err("azAuthDatalakeKey::getServiceClient : Failed to create shared key credential [%s]", err.Error()) return nil, err diff --git a/component/azstorage/azauthsas.go b/component/azstorage/azauthsas.go index 6608855e9..0187783f0 100644 --- a/component/azstorage/azauthsas.go +++ b/component/azstorage/azauthsas.go @@ -30,6 +30,7 @@ import ( "strings" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/service" serviceBfs "github.com/Azure/azure-sdk-for-go/sdk/storage/azdatalake/service" @@ -46,13 +47,23 @@ type azAuthSAS struct { // SetOption : Sets the sas key information for the SAS auth. func (azsas *azAuthSAS) setOption(key, value string) { if key == "saskey" { - azsas.config.SASKey = value + azsas.config.SASKey = memguard.NewEnclave([]byte(value)) } } // GetEndpoint : Gets the SAS endpoint func (azsas *azAuthSAS) getEndpoint() string { - return azsas.config.Endpoint + "?" + strings.TrimLeft(azsas.config.SASKey, "?") + if azsas.config.SASKey != nil { + buff, err := azsas.config.SASKey.Open() + if err != nil || buff == nil { + return "" + } + defer buff.Destroy() + endpoint := azsas.config.Endpoint + "?" + strings.TrimLeft(buff.String(), "?") + return endpoint + } + + return "" } type azAuthBlobSAS struct { @@ -61,7 +72,7 @@ type azAuthBlobSAS struct { // getServiceClient : returns SAS based service client for blob func (azsas *azAuthBlobSAS) getServiceClient(stConfig *AzStorageConfig) (interface{}, error) { - if azsas.config.SASKey == "" { + if azsas.config.SASKey == nil { log.Err("azAuthBlobSAS::getServiceClient : SAS key for account is empty, cannot authenticate user") return nil, errors.New("sas key for account is empty, cannot authenticate user") } @@ -86,7 +97,7 @@ type azAuthDatalakeSAS struct { // getServiceClient : returns SAS based service client for datalake func (azsas *azAuthDatalakeSAS) getServiceClient(stConfig *AzStorageConfig) (interface{}, error) { - if azsas.config.SASKey == "" { + if azsas.config.SASKey == nil { log.Err("azAuthDatalakeSAS::getServiceClient : SAS key for account is empty, cannot authenticate user") return nil, errors.New("sas key for account is empty, cannot authenticate user") } diff --git a/component/azstorage/azauthspn.go b/component/azstorage/azauthspn.go index b77bdc722..7fb25515f 100644 --- a/component/azstorage/azauthspn.go +++ b/component/azstorage/azauthspn.go @@ -26,7 +26,10 @@ package azstorage import ( + "errors" + "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azidentity" @@ -65,7 +68,20 @@ func (azspn *azAuthSPN) getTokenCredential() (azcore.TokenCredential, error) { } else { log.Trace("AzAuthSPN::getTokenCredential : Using client secret for fetching token") - cred, err = azidentity.NewClientSecretCredential(azspn.config.TenantID, azspn.config.ClientID, azspn.config.ClientSecret, &azidentity.ClientSecretCredentialOptions{ + var buff *memguard.LockedBuffer + if azspn.config.ClientSecret != nil { + buff, err = azspn.config.ClientSecret.Open() + if err != nil || buff == nil { + return nil, errors.New("unable to decrypt passphrase key") + } + defer buff.Destroy() + } else { + err := errors.New("AzAuthSPN::getTokenCredential : Client secret not provided for SPN") + log.Err(err.Error()) + return nil, err + } + + cred, err = azidentity.NewClientSecretCredential(azspn.config.TenantID, azspn.config.ClientID, buff.String(), &azidentity.ClientSecretCredentialOptions{ ClientOptions: clOpts, }) if err != nil { diff --git a/component/azstorage/block_blob_test.go b/component/azstorage/block_blob_test.go index 78df7e4d6..d1962cc0b 100644 --- a/component/azstorage/block_blob_test.go +++ b/component/azstorage/block_blob_test.go @@ -285,7 +285,8 @@ func (s *blockBlobTestSuite) TestDefault() { s.assert.Equal(storageTestConfigurationParameters.BlockAccount, s.az.stConfig.authConfig.AccountName) s.assert.Equal(EAccountType.BLOCK(), s.az.stConfig.authConfig.AccountType) s.assert.False(s.az.stConfig.authConfig.UseHTTP) - s.assert.Equal(storageTestConfigurationParameters.BlockKey, s.az.stConfig.authConfig.AccountKey) + accountKey, _ := s.az.stConfig.authConfig.AccountKey.Open() + s.assert.Equal(storageTestConfigurationParameters.BlockKey, accountKey.String()) s.assert.Empty(s.az.stConfig.authConfig.SASKey) s.assert.Empty(s.az.stConfig.authConfig.ApplicationID) s.assert.Empty(s.az.stConfig.authConfig.ResourceID) diff --git a/component/azstorage/config.go b/component/azstorage/config.go index 61bd8e0a1..422ea759f 100644 --- a/component/azstorage/config.go +++ b/component/azstorage/config.go @@ -33,6 +33,7 @@ import ( "github.com/Seagate/cloudfuse/common/config" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/Azure/azure-sdk-for-go/sdk/storage/azblob/blockblob" @@ -429,7 +430,7 @@ func ParseAndValidateConfig(az *AzStorage, opt AzStorageOptions) error { if opt.AccountKey == "" { return errors.New("storage key not provided") } - az.stConfig.authConfig.AccountKey = opt.AccountKey + az.stConfig.authConfig.AccountKey = memguard.NewEnclave([]byte(opt.AccountKey)) case EAuthType.SAS(): az.stConfig.authConfig.AuthMode = EAuthType.SAS() if opt.SaSKey == "" { @@ -451,7 +452,7 @@ func ParseAndValidateConfig(az *AzStorage, opt AzStorageOptions) error { return errors.New("Client ID, Tenant ID or Client Secret not provided") } az.stConfig.authConfig.ClientID = opt.ClientID - az.stConfig.authConfig.ClientSecret = opt.ClientSecret + az.stConfig.authConfig.ClientSecret = memguard.NewEnclave([]byte(opt.ClientSecret)) az.stConfig.authConfig.TenantID = opt.TenantID az.stConfig.authConfig.OAuthTokenFilePath = opt.OAuthTokenFilePath case EAuthType.AZCLI(): @@ -590,9 +591,21 @@ func ParseAndReadDynamicConfig(az *AzStorage, opt AzStorageOptions, reload bool) if reload { log.Info("ParseAndReadDynamicConfig : SAS Key updated") - if err := az.storage.UpdateServiceClient("saskey", az.stConfig.authConfig.SASKey); err != nil { + var sasKey *memguard.LockedBuffer + var err error + if az.stConfig.authConfig.SASKey != nil { + sasKey, err = az.stConfig.authConfig.SASKey.Open() + if err != nil || sasKey == nil { + return err + } + defer sasKey.Destroy() + } else { + return errors.New("SAS key update failure") + } + + if err := az.storage.UpdateServiceClient("saskey", sasKey.String()); err != nil { az.stConfig.authConfig.SASKey = oldSas - _ = az.storage.UpdateServiceClient("saskey", az.stConfig.authConfig.SASKey) + _ = az.storage.UpdateServiceClient("saskey", sasKey.String()) return errors.New("SAS key update failure") } } diff --git a/component/azstorage/config_test.go b/component/azstorage/config_test.go index 2d1d0bd3a..051cd9f10 100644 --- a/component/azstorage/config_test.go +++ b/component/azstorage/config_test.go @@ -262,7 +262,8 @@ func (s *configTestSuite) TestAuthModeKey() { opt.AccountKey = "abc" err = ParseAndValidateConfig(az, opt) assert.NoError(err) - assert.Equal(az.stConfig.authConfig.AccountKey, opt.AccountKey) + accountKey, _ := az.stConfig.authConfig.AccountKey.Open() + assert.Equal(opt.AccountKey, accountKey.String()) } func (s *configTestSuite) TestAuthModeSAS() { @@ -346,9 +347,10 @@ func (s *configTestSuite) TestAuthModeSPN() { opt.TenantID = "xyz" err = ParseAndValidateConfig(az, opt) assert.NoError(err) - assert.Equal(az.stConfig.authConfig.ClientID, opt.ClientID) - assert.Equal(az.stConfig.authConfig.ClientSecret, opt.ClientSecret) - assert.Equal(az.stConfig.authConfig.TenantID, opt.TenantID) + clientSecret, _ := az.stConfig.authConfig.ClientSecret.Open() + assert.Equal(opt.ClientID, az.stConfig.authConfig.ClientID) + assert.Equal(opt.ClientSecret, clientSecret.String()) + assert.Equal(opt.TenantID, az.stConfig.authConfig.TenantID) } func (s *configTestSuite) TestOtherFlags() { diff --git a/component/azstorage/datalake_test.go b/component/azstorage/datalake_test.go index 0a48633fc..4e6653797 100644 --- a/component/azstorage/datalake_test.go +++ b/component/azstorage/datalake_test.go @@ -144,7 +144,8 @@ func (s *datalakeTestSuite) TestDefault() { s.assert.Equal(storageTestConfigurationParameters.AdlsAccount, s.az.stConfig.authConfig.AccountName) s.assert.Equal(EAccountType.ADLS(), s.az.stConfig.authConfig.AccountType) s.assert.False(s.az.stConfig.authConfig.UseHTTP) - s.assert.Equal(storageTestConfigurationParameters.AdlsKey, s.az.stConfig.authConfig.AccountKey) + accountKey, _ := s.az.stConfig.authConfig.AccountKey.Open() + s.assert.Equal(accountKey.String(), storageTestConfigurationParameters.AdlsKey) s.assert.Empty(s.az.stConfig.authConfig.SASKey) s.assert.Empty(s.az.stConfig.authConfig.ApplicationID) s.assert.Empty(s.az.stConfig.authConfig.ResourceID) diff --git a/component/azstorage/utils.go b/component/azstorage/utils.go index 36c4731cc..42ebdfbb3 100644 --- a/component/azstorage/utils.go +++ b/component/azstorage/utils.go @@ -42,6 +42,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/log" "github.com/Seagate/cloudfuse/internal" + "github.com/awnumar/memguard" "github.com/Azure/azure-sdk-for-go/sdk/azcore" "github.com/Azure/azure-sdk-for-go/sdk/azcore/cloud" @@ -546,16 +547,17 @@ func split(prefixPath string, path string) string { return common.JoinUnixFilepath(paths...) } -func sanitizeSASKey(key string) string { +func sanitizeSASKey(key string) *memguard.Enclave { + encryptedKey := memguard.NewEnclave([]byte(key)) if key == "" { - return key + return encryptedKey } if key[0] != '?' { - return ("?" + key) + return memguard.NewEnclave([]byte("?" + key)) } - return key + return memguard.NewEnclave([]byte(key)) } func getMD5(fi *os.File) ([]byte, error) { diff --git a/component/azstorage/utils_test.go b/component/azstorage/utils_test.go index 1109ce77f..7d650fdb2 100644 --- a/component/azstorage/utils_test.go +++ b/component/azstorage/utils_test.go @@ -305,14 +305,16 @@ func (s *utilsTestSuite) TestGetMD5() { func (s *utilsTestSuite) TestSanitizeSASKey() { assert := assert.New(s.T()) - key := sanitizeSASKey("") - assert.EqualValues("", key) + sanitizedKey := sanitizeSASKey("") + assert.Nil(sanitizedKey) - key = sanitizeSASKey("?abcd") - assert.EqualValues("?abcd", key) + sanitizedKey = sanitizeSASKey("?abcd") + key, _ := sanitizedKey.Open() + assert.EqualValues("?abcd", key.String()) - key = sanitizeSASKey("abcd") - assert.EqualValues("?abcd", key) + sanitizedKey = sanitizeSASKey("abcd") + key, _ = sanitizedKey.Open() + assert.EqualValues("?abcd", key.String()) } func (s *utilsTestSuite) TestBlockNonProxyOptions() { diff --git a/component/s3storage/client.go b/component/s3storage/client.go index e28bca13f..dd2c5fbef 100644 --- a/component/s3storage/client.go +++ b/component/s3storage/client.go @@ -98,13 +98,25 @@ func (cl *Client) Configure(cfg Config) error { cl.Config = cfg var credentialsProvider aws.CredentialsProvider - credentialsInConfig := cl.Config.authConfig.KeyID != "" && cl.Config.authConfig.SecretKey != "" - if credentialsInConfig { - credentialsProvider = credentials.NewStaticCredentialsProvider( - cl.Config.authConfig.KeyID, - cl.Config.authConfig.SecretKey, - "", - ) + if cl.Config.authConfig.KeyID != nil && cl.Config.authConfig.SecretKey != nil { + keyID, err := cl.Config.authConfig.KeyID.Open() + if err != nil || keyID == nil { + return errors.New("unable to decrypt key id") + } + defer keyID.Destroy() + secretKey, err := cl.Config.authConfig.SecretKey.Open() + if err != nil || secretKey == nil { + return errors.New("unable to decrypt secret key") + } + defer secretKey.Destroy() + credentialsInConfig := keyID.String() != "" && secretKey.String() != "" + if credentialsInConfig { + credentialsProvider = credentials.NewStaticCredentialsProvider( + strings.Clone(keyID.String()), + strings.Clone(secretKey.String()), + "", + ) + } } var err error diff --git a/component/s3storage/client_test.go b/component/s3storage/client_test.go index 93348edc1..00992b91b 100644 --- a/component/s3storage/client_test.go +++ b/component/s3storage/client_test.go @@ -47,6 +47,8 @@ import ( "github.com/Seagate/cloudfuse/common/log" "github.com/Seagate/cloudfuse/internal" "github.com/Seagate/cloudfuse/internal/handlemap" + "github.com/awnumar/memguard" + "github.com/spf13/viper" "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/service/s3" @@ -73,12 +75,31 @@ func newTestClient(configuration string) (*Client, error) { log.Err("ClientTest::newTestClient : config error [invalid config attributes]") return nil, fmt.Errorf("config error in %s. Here's why: %s", compName, err.Error()) } + + // Secure keyID in enclave + var encryptedKeyID *memguard.Enclave + if viper.GetString("s3storage.key-id") != "" { + encryptedKeyID = memguard.NewEnclave([]byte(viper.GetString("s3storage.key-id"))) + if encryptedKeyID == nil { + return nil, fmt.Errorf("config error in %s. Here's why: %s", compName, "Error storing key ID securely") + } + } + + // Secure secretKey in enclave + var encryptedSecretKey *memguard.Enclave + if viper.GetString("s3storage.secret-key") != "" { + encryptedSecretKey = memguard.NewEnclave([]byte(viper.GetString("s3storage.secret-key"))) + if encryptedSecretKey == nil { + return nil, fmt.Errorf("config error in %s. Here's why: %s", compName, "Error storing secret key securely") + } + } + // now push Options data into an Config configForS3Client := Config{ authConfig: s3AuthConfig{ BucketName: conf.BucketName, - KeyID: conf.KeyID, - SecretKey: conf.SecretKey, + KeyID: encryptedKeyID, + SecretKey: encryptedSecretKey, Region: conf.Region, Profile: conf.Profile, Endpoint: conf.Endpoint, diff --git a/component/s3storage/config.go b/component/s3storage/config.go index df11c7e6a..5d55de4f7 100644 --- a/component/s3storage/config.go +++ b/component/s3storage/config.go @@ -32,6 +32,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/config" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/aws/aws-sdk-go-v2/service/s3/types" ) @@ -40,8 +41,6 @@ var errInvalidConfigField = errors.New("config field is invalid") type Options struct { BucketName string `config:"bucket-name" yaml:"bucket-name,omitempty"` - KeyID string `config:"key-id" yaml:"key-id,omitempty"` - SecretKey string `config:"secret-key" yaml:"secret-key,omitempty"` Region string `config:"region" yaml:"region,omitempty"` Profile string `config:"profile" yaml:"region,omitempty"` Endpoint string `config:"endpoint" yaml:"endpoint,omitempty"` @@ -57,8 +56,13 @@ type Options struct { DisableUsage bool `config:"disable-usage" yaml:"disable-usage,omitempty"` } +type ConfigSecrets struct { + KeyID *memguard.Enclave + SecretKey *memguard.Enclave +} + // ParseAndValidateConfig : Parse and validate config -func ParseAndValidateConfig(s3 *S3Storage, opt Options) error { +func ParseAndValidateConfig(s3 *S3Storage, opt Options, secrets ConfigSecrets) error { log.Trace("ParseAndValidateConfig : Parsing config") // Validate bucket name @@ -68,8 +72,8 @@ func ParseAndValidateConfig(s3 *S3Storage, opt Options) error { // Set authentication config s3.stConfig.authConfig.BucketName = opt.BucketName - s3.stConfig.authConfig.KeyID = opt.KeyID - s3.stConfig.authConfig.SecretKey = opt.SecretKey + s3.stConfig.authConfig.KeyID = secrets.KeyID + s3.stConfig.authConfig.SecretKey = secrets.SecretKey s3.stConfig.authConfig.Region = opt.Region s3.stConfig.authConfig.Profile = opt.Profile s3.stConfig.authConfig.Endpoint = opt.Endpoint diff --git a/component/s3storage/config_test.go b/component/s3storage/config_test.go index 713f5b8d8..f3baba2f4 100644 --- a/component/s3storage/config_test.go +++ b/component/s3storage/config_test.go @@ -31,6 +31,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "github.com/aws/aws-sdk-go-v2/service/s3/types" "github.com/stretchr/testify/assert" @@ -39,9 +40,10 @@ import ( type configTestSuite struct { suite.Suite - assert *assert.Assertions - s3 *S3Storage - opt Options + assert *assert.Assertions + s3 *S3Storage + opt Options + secrets ConfigSecrets } func (s *configTestSuite) SetupTest() { @@ -57,8 +59,6 @@ func (s *configTestSuite) SetupTest() { // Set Options s.opt = Options{ BucketName: "testBucketName", - KeyID: "testKeyId", - SecretKey: "testSecretKey", Region: "testRegion", Profile: "testProfile", Endpoint: "testEndpoint", @@ -66,6 +66,14 @@ func (s *configTestSuite) SetupTest() { PrefixPath: "testPrefixPath", } + encryptedKeyID := memguard.NewEnclave([]byte("testKeyId")) + encryptedSecretKey := memguard.NewEnclave([]byte("testKeyId")) + + s.secrets = ConfigSecrets{ + KeyID: encryptedKeyID, + SecretKey: encryptedSecretKey, + } + // Create assertions s.assert = assert.New(s.T()) } @@ -75,7 +83,7 @@ func (s *configTestSuite) TestEmptyBucketName() { s.opt.BucketName = "" // Then - err := ParseAndValidateConfig(s.s3, s.opt) + err := ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) } @@ -83,13 +91,11 @@ func (s *configTestSuite) TestEmptyBucketName() { func (s *configTestSuite) TestConfigParse() { // When - err := ParseAndValidateConfig(s.s3, s.opt) + err := ParseAndValidateConfig(s.s3, s.opt, s.secrets) // Then s.assert.NoError(err) s.assert.Equal(s.opt.BucketName, s.s3.stConfig.authConfig.BucketName) - s.assert.Equal(s.opt.KeyID, s.s3.stConfig.authConfig.KeyID) - s.assert.Equal(s.opt.SecretKey, s.s3.stConfig.authConfig.SecretKey) s.assert.Equal(s.opt.Region, s.s3.stConfig.authConfig.Region) s.assert.Equal(s.opt.Profile, s.s3.stConfig.authConfig.Profile) s.assert.Equal(s.opt.Endpoint, s.s3.stConfig.authConfig.Endpoint) @@ -102,7 +108,7 @@ func (s *configTestSuite) TestPrefixPath() { s.opt.PrefixPath = "/testPrefixPath" // Then - err := ParseAndValidateConfig(s.s3, s.opt) + err := ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) s.assert.Equal("testPrefixPath", s.s3.stConfig.prefixPath) } @@ -113,7 +119,7 @@ func (s *configTestSuite) TestValidChecksum() { // Then // Default should be SHA1 if user does not provide checksum algorithm - err := ParseAndValidateConfig(s.s3, s.opt) + err := ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) s.assert.True(s.s3.stConfig.enableChecksum) s.assert.Equal(types.ChecksumAlgorithm("SHA1"), s.s3.stConfig.checksumAlgorithm) @@ -123,7 +129,7 @@ func (s *configTestSuite) TestValidChecksum() { s.opt.ChecksumAlgorithm = "SHA1" // Then - err = ParseAndValidateConfig(s.s3, s.opt) + err = ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) s.assert.True(s.s3.stConfig.enableChecksum) s.assert.Equal(types.ChecksumAlgorithm("SHA1"), s.s3.stConfig.checksumAlgorithm) @@ -132,7 +138,7 @@ func (s *configTestSuite) TestValidChecksum() { s.opt.ChecksumAlgorithm = "SHA256" // Then - err = ParseAndValidateConfig(s.s3, s.opt) + err = ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) s.assert.Equal(types.ChecksumAlgorithm("SHA256"), s.s3.stConfig.checksumAlgorithm) @@ -140,7 +146,7 @@ func (s *configTestSuite) TestValidChecksum() { s.opt.ChecksumAlgorithm = "CRC32" // Then - err = ParseAndValidateConfig(s.s3, s.opt) + err = ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) s.assert.Equal(types.ChecksumAlgorithm("CRC32"), s.s3.stConfig.checksumAlgorithm) @@ -148,7 +154,7 @@ func (s *configTestSuite) TestValidChecksum() { s.opt.ChecksumAlgorithm = "CRC32C" // Then - err = ParseAndValidateConfig(s.s3, s.opt) + err = ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.NoError(err) s.assert.Equal(types.ChecksumAlgorithm("CRC32C"), s.s3.stConfig.checksumAlgorithm) } @@ -159,7 +165,7 @@ func (s *configTestSuite) TestInvalidChecksum() { s.opt.ChecksumAlgorithm = "invalid" // Then - err := ParseAndValidateConfig(s.s3, s.opt) + err := ParseAndValidateConfig(s.s3, s.opt, s.secrets) s.assert.Error(err) s.assert.ErrorIs(err, errInvalidConfigField) } diff --git a/component/s3storage/connection.go b/component/s3storage/connection.go index 5413c5e20..bb9e2a8eb 100644 --- a/component/s3storage/connection.go +++ b/component/s3storage/connection.go @@ -32,6 +32,7 @@ import ( "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/internal" + "github.com/awnumar/memguard" "github.com/aws/aws-sdk-go-v2/service/s3/types" ) @@ -62,8 +63,8 @@ type Config struct { // s3AuthConfig : Config to authenticate to storage type s3AuthConfig struct { BucketName string - KeyID string - SecretKey string + KeyID *memguard.Enclave + SecretKey *memguard.Enclave Region string Profile string Endpoint string diff --git a/component/s3storage/s3storage.go b/component/s3storage/s3storage.go index 6eb3d26a3..65589be4c 100644 --- a/component/s3storage/s3storage.go +++ b/component/s3storage/s3storage.go @@ -27,6 +27,7 @@ package s3storage import ( "context" + "errors" "fmt" "sync/atomic" "syscall" @@ -38,6 +39,8 @@ import ( "github.com/Seagate/cloudfuse/internal" "github.com/Seagate/cloudfuse/internal/handlemap" "github.com/Seagate/cloudfuse/internal/stats_manager" + "github.com/awnumar/memguard" + "github.com/spf13/viper" ) // S3Storage Wrapper type around aws-sdk-go-v2/service/s3 @@ -79,11 +82,35 @@ func (s3 *S3Storage) Configure(isParent bool) error { err = config.UnmarshalKey("restricted-characters-windows", &conf.RestrictedCharsWin) if err != nil { - log.Err("AzStorage::Configure : config error [unable to obtain restricted-characters-windows]") + log.Err("S3Storage::Configure : config error [unable to obtain restricted-characters-windows]") return err } - err = ParseAndValidateConfig(s3, conf) + secrets := ConfigSecrets{} + // Securely store key-id and secret-key in enclave + if viper.GetString("s3storage.key-id") != "" { + encryptedKeyID := memguard.NewEnclave([]byte(viper.GetString("s3storage.key-id"))) + + if encryptedKeyID == nil { + err := errors.New("unable to store key-id securely") + log.Err("S3Storage::Configure : ", err.Error()) + return err + } + secrets.KeyID = encryptedKeyID + } + + if viper.GetString("s3storage.secret-key") != "" { + encryptedSecretKey := memguard.NewEnclave([]byte(viper.GetString("s3storage.secret-key"))) + + if encryptedSecretKey == nil { + err := errors.New("unable to store secret-key securely") + log.Err("S3Storage::Configure : ", err.Error()) + return err + } + secrets.SecretKey = encryptedSecretKey + } + + err = ParseAndValidateConfig(s3, conf, secrets) if err != nil { log.Err("S3Storage::Configure : Config validation failed [%s]", err.Error()) return fmt.Errorf("config error in %s [%s]", s3.Name(), err.Error()) diff --git a/go.mod b/go.mod index 62572e795..980852913 100644 --- a/go.mod +++ b/go.mod @@ -8,6 +8,7 @@ require ( github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.4.0 github.com/Azure/azure-sdk-for-go/sdk/storage/azdatalake v1.2.0 github.com/JeffreyRichter/enum v0.0.0-20180725232043-2567042f9cda + github.com/awnumar/memguard v0.22.5 github.com/aws/aws-sdk-go-v2 v1.32.4 github.com/aws/aws-sdk-go-v2/config v1.28.3 github.com/aws/aws-sdk-go-v2/credentials v1.17.44 @@ -38,6 +39,7 @@ require ( require ( github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 // indirect + github.com/awnumar/memcall v0.2.0 // indirect github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 // indirect github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.19 // indirect github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.23 // indirect diff --git a/go.sum b/go.sum index 4e1843f38..d2120a106 100644 --- a/go.sum +++ b/go.sum @@ -18,6 +18,10 @@ github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2 h1:XHOnouVk1mx github.com/AzureAD/microsoft-authentication-library-for-go v1.2.2/go.mod h1:wP83P5OoQ5p6ip3ScPr0BAq0BvuPAvacpEuSzyouqAI= github.com/JeffreyRichter/enum v0.0.0-20180725232043-2567042f9cda h1:NOo6+gM9NNPJ3W56nxOKb4164LEw094U0C8zYQM8mQU= github.com/JeffreyRichter/enum v0.0.0-20180725232043-2567042f9cda/go.mod h1:2CaSFTh2ph9ymS6goiOKIBdfhwWUVsX4nQ5QjIYFHHs= +github.com/awnumar/memcall v0.2.0 h1:sRaogqExTOOkkNwO9pzJsL8jrOV29UuUW7teRMfbqtI= +github.com/awnumar/memcall v0.2.0/go.mod h1:S911igBPR9CThzd/hYQQmTc9SWNu3ZHIlCGaWsWsoJo= +github.com/awnumar/memguard v0.22.5 h1:PH7sbUVERS5DdXh3+mLo8FDcl1eIeVjJVYMnyuYpvuI= +github.com/awnumar/memguard v0.22.5/go.mod h1:+APmZGThMBWjnMlKiSM1X7MVpbIVewen2MTkqWkA/zE= github.com/aws/aws-sdk-go-v2 v1.32.4 h1:S13INUiTxgrPueTmrm5DZ+MiAo99zYzHEFh1UNkOxNE= github.com/aws/aws-sdk-go-v2 v1.32.4/go.mod h1:2SK5n0a2karNTv5tbP1SjsX0uhttou00v/HpXKM1ZUo= github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.6 h1:pT3hpW0cOHRJx8Y0DfJUEQuqPild8jRGmSFmBgvydr0= @@ -183,6 +187,7 @@ golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= +golang.org/x/sys v0.0.0-20191001151750-bb3f8db39f24/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20201204225414-ed752295db88/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= diff --git a/internal/winservice/service_windows.go b/internal/winservice/service_windows.go index 7e0532709..1c97c0a42 100644 --- a/internal/winservice/service_windows.go +++ b/internal/winservice/service_windows.go @@ -28,12 +28,14 @@ package winservice import ( "bytes" + "encoding/base64" "encoding/binary" "errors" "fmt" "github.com/Seagate/cloudfuse/common" "github.com/Seagate/cloudfuse/common/log" + "github.com/awnumar/memguard" "golang.org/x/sys/windows" ) @@ -51,7 +53,7 @@ const ( type Cloudfuse struct{} // StartMount starts the mount if the name exists in our Windows registry. -func StartMount(mountPath string, configFile string, passphrase string) error { +func StartMount(mountPath string, configFile string, passphrase *memguard.Enclave) error { // get the current user uid and gid to set file permissions userId, groupId, err := common.GetCurrentUser() if err != nil { @@ -61,7 +63,19 @@ func StartMount(mountPath string, configFile string, passphrase string) error { instanceName := mountPath - buf := writeCommandToUtf16(startCmd, SvcName, instanceName, mountPath, configFile, fmt.Sprint(userId), fmt.Sprint(groupId), passphrase) + var passphraseStr string + if passphrase != nil { + buff, err := passphrase.Open() + if err != nil || buff == nil { + return errors.New("unable to decrypt passphrase key") + } + + // Encode back to base64 when sending passphrase to cloudfuse + passphraseStr = base64.StdEncoding.EncodeToString(buff.Data()) + defer buff.Destroy() + } + + buf := writeCommandToUtf16(startCmd, SvcName, instanceName, mountPath, configFile, fmt.Sprint(userId), fmt.Sprint(groupId), passphraseStr) _, err = winFspCommand(buf) if err != nil { return err @@ -114,7 +128,7 @@ func StartMounts() error { } for _, inst := range mounts.Mounts { - err := StartMount(inst.MountPath, inst.ConfigFile, "") + err := StartMount(inst.MountPath, inst.ConfigFile, nil) if err != nil { log.Err("Unable to start mount with mountpath: ", inst.MountPath) }