cmd/go/internal/modfetch: Add GOINSECURE.

Enables insecure fetching of dependencies whos path matches those specified in the enironment variable GOINSECURE. Fixes golang#32966
witchard · Nov 7, 2019 · c2eb8af · c2eb8af
1 parent 210e367
commit c2eb8af
Show file tree

Hide file tree

Showing 10 changed files with 51 additions and 9 deletions.
diff --git a/src/cmd/go/alldocs.go b/src/cmd/go/alldocs.go
diff --git a/src/cmd/go/internal/cfg/cfg.go b/src/cmd/go/internal/cfg/cfg.go
@@ -245,11 +245,12 @@ var (
 	GOPPC64  = envOr("GOPPC64", fmt.Sprintf("%s%d", "power", objabi.GOPPC64))
 	GOWASM   = envOr("GOWASM", fmt.Sprint(objabi.GOWASM))
 
-	GOPROXY   = envOr("GOPROXY", "https://proxy.golang.org,direct")
-	GOSUMDB   = envOr("GOSUMDB", "sum.golang.org")
-	GOPRIVATE = Getenv("GOPRIVATE")
-	GONOPROXY = envOr("GONOPROXY", GOPRIVATE)
-	GONOSUMDB = envOr("GONOSUMDB", GOPRIVATE)
+	GOPROXY    = envOr("GOPROXY", "https://proxy.golang.org,direct")
+	GOSUMDB    = envOr("GOSUMDB", "sum.golang.org")
+	GOPRIVATE  = Getenv("GOPRIVATE")
+	GONOPROXY  = envOr("GONOPROXY", GOPRIVATE)
+	GONOSUMDB  = envOr("GONOSUMDB", GOPRIVATE)
+	GOINSECURE = Getenv("GOINSECURE")
 )
 
 // GetArchEnv returns the name and setting of the

diff --git a/src/cmd/go/internal/envcmd/env.go b/src/cmd/go/internal/envcmd/env.go
@@ -75,6 +75,7 @@ func MkEnv() []cfg.EnvVar {
 		{Name: "GOFLAGS", Value: cfg.Getenv("GOFLAGS")},
 		{Name: "GOHOSTARCH", Value: runtime.GOARCH},
 		{Name: "GOHOSTOS", Value: runtime.GOOS},
+		{Name: "GOINSECURE", Value: cfg.GOINSECURE},
 		{Name: "GONOPROXY", Value: cfg.GONOPROXY},
 		{Name: "GONOSUMDB", Value: cfg.GONOSUMDB},
 		{Name: "GOOS", Value: cfg.Goos},

diff --git a/src/cmd/go/internal/help/helpdoc.go b/src/cmd/go/internal/help/helpdoc.go
@@ -506,6 +506,10 @@ General-purpose environment variables:
 		Because the entries are space-separated, flag values must
 		not contain spaces. Flags listed on the command line
 		are applied after this list and therefore override it.
+	GOINSECURE
+		Comma-separated list of glob patterns (in the syntax of Go's path.Match)
+		of module path prefixes that should always be fetched in an insecure
+		manner. Only applies to dependencies that are being fetched directly.
 	GOOS
 		The operating system for which to compile code.
 		Examples are linux, darwin, windows, netbsd.

diff --git a/src/cmd/go/internal/modfetch/insecure.go b/src/cmd/go/internal/modfetch/insecure.go
@@ -0,0 +1,16 @@
+// Copyright 2018 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package modfetch
+
+import (
+	"cmd/go/internal/cfg"
+	"cmd/go/internal/get"
+	"cmd/go/internal/str"
+)
+
+// allowInsecure reports whether we are allowed to fetch this path in an insecure manner.
+func allowInsecure(path string) bool {
+	return get.Insecure || str.GlobsMatchPath(cfg.GOINSECURE, path)
+}
diff --git a/src/cmd/go/internal/modfetch/repo.go b/src/cmd/go/internal/modfetch/repo.go
@@ -257,7 +257,8 @@ var (
 
 func lookupDirect(path string) (Repo, error) {
 	security := web.SecureOnly
-	if get.Insecure {
+
+	if allowInsecure(path) {
 		security = web.Insecure
 	}
 	rr, err := get.RepoRootForImportPath(path, get.PreferMod, security)
@@ -302,7 +303,7 @@ func ImportRepoRev(path, rev string) (Repo, *RevInfo, error) {
 	// version control system, we ignore meta tags about modules
 	// and use only direct source control entries (get.IgnoreMod).
 	security := web.SecureOnly
-	if get.Insecure {
+	if allowInsecure(path) {
 		security = web.Insecure
 	}
 	rr, err := get.RepoRootForImportPath(path, get.IgnoreMod, security)

diff --git a/src/cmd/go/internal/modfetch/sumdb.go b/src/cmd/go/internal/modfetch/sumdb.go
@@ -22,7 +22,6 @@ import (
 
 	"cmd/go/internal/base"
 	"cmd/go/internal/cfg"
-	"cmd/go/internal/get"
 	"cmd/go/internal/lockedfile"
 	"cmd/go/internal/str"
 	"cmd/go/internal/web"
@@ -33,7 +32,7 @@ import (
 
 // useSumDB reports whether to use the Go checksum database for the given module.
 func useSumDB(mod module.Version) bool {
-	return cfg.GOSUMDB != "off" && !get.Insecure && !str.GlobsMatchPath(cfg.GONOSUMDB, mod.Path)
+	return cfg.GOSUMDB != "off" && !allowInsecure(mod.Path) && !str.GlobsMatchPath(cfg.GONOSUMDB, mod.Path)
 }
 
 // lookupSumDB returns the Go checksum database's go.sum lines for the given module,

diff --git a/src/cmd/go/testdata/script/mod_get_goinsecure_sumdb.txt b/src/cmd/go/testdata/script/mod_get_goinsecure_sumdb.txt
@@ -0,0 +1,12 @@
+env GO111MODULE=on
+env GOPROXY=$GOPROXY/sumdb-504
+env GONOPROXY GOSUMDB GONOSUMDB
+
+# secure fetch fails with bad sumdb
+! go get -d rsc.io/quote@v1.5.2
+stderr 504
+
+# but GOINSECURE bypasses the checksum lookup entirely
+env GOINSECURE=rsc.io,*lang.org
+go get -d rsc.io/quote@v1.5.2
+
diff --git a/src/cmd/go/testdata/script/mod_get_insecure_redirect.txt b/src/cmd/go/testdata/script/mod_get_insecure_redirect.txt
@@ -11,3 +11,6 @@ env GOSUMDB=off
 stderr 'redirected .* to insecure URL'
 
 go get -d -insecure vcs-test.golang.org/insecure/go/insecure
+
+env GOINSECURE=*.golang.org
+go get -d vcs-test.golang.org/insecure/go/insecure
diff --git a/src/internal/cfg/cfg.go b/src/internal/cfg/cfg.go
@@ -43,6 +43,7 @@ const KnownEnv = `
 	GOGCCFLAGS
 	GOHOSTARCH
 	GOHOSTOS
+	GOINSECURE
 	GOMIPS
 	GOMIPS64
 	GONOPROXY