From 10feb567ea4a2941f5821ae47b75330e0dcfe520 Mon Sep 17 00:00:00 2001 From: Karolis Rusenas Date: Thu, 28 Sep 2017 22:33:01 +0100 Subject: [PATCH] vendor removed --- glide.lock | 35 - glide.yaml | 2 +- .../github.com/docker/distribution/.gitignore | 37 - .../github.com/docker/distribution/.mailmap | 18 - vendor/github.com/docker/distribution/AUTHORS | 182 - .../docker/distribution/BUILDING.md | 119 - .../docker/distribution/CHANGELOG.md | 114 - .../docker/distribution/CONTRIBUTING.md | 140 - .../github.com/docker/distribution/Dockerfile | 18 - .../docker/distribution/Godeps/Godeps.json | 458 - .../docker/distribution/Godeps/Readme | 5 - vendor/github.com/docker/distribution/LICENSE | 202 - .../docker/distribution/MAINTAINERS | 58 - .../github.com/docker/distribution/Makefile | 109 - .../github.com/docker/distribution/README.md | 131 - .../docker/distribution/RELEASE-CHECKLIST.md | 36 - .../github.com/docker/distribution/ROADMAP.md | 267 - .../github.com/docker/distribution/blobs.go | 257 - .../github.com/docker/distribution/circle.yml | 93 - .../docker/distribution/cmd/digest/main.go | 97 - .../registry-api-descriptor-template/main.go | 131 - .../cmd/registry/config-cache.yml | 55 - .../distribution/cmd/registry/config-dev.yml | 66 - .../cmd/registry/config-example.yml | 18 - .../docker/distribution/cmd/registry/main.go | 25 - .../configuration/configuration.go | 643 - .../configuration/configuration_test.go | 529 - .../distribution/configuration/parser.go | 283 - .../docker/distribution/context/context.go | 85 - .../docker/distribution/context/doc.go | 89 - .../docker/distribution/context/http.go | 366 - .../docker/distribution/context/http_test.go | 285 - .../docker/distribution/context/logger.go | 116 - .../docker/distribution/context/trace.go | 104 - .../docker/distribution/context/trace_test.go | 85 - .../docker/distribution/context/util.go | 24 - .../docker/distribution/context/version.go | 16 - .../distribution/context/version_test.go | 19 - .../distribution/contrib/apache/README.MD | 36 - .../distribution/contrib/apache/apache.conf | 127 - .../distribution/contrib/compose/README.md | 147 - .../contrib/compose/docker-compose.yml | 15 - .../contrib/compose/nginx/Dockerfile | 6 - .../compose/nginx/docker-registry-v2.conf | 6 - .../compose/nginx/docker-registry.conf | 7 - .../contrib/compose/nginx/nginx.conf | 27 - .../contrib/compose/nginx/registry.conf | 41 - .../contrib/docker-integration/Dockerfile | 9 - .../contrib/docker-integration/README.md | 63 - .../docker-integration/docker-compose.yml | 91 - .../contrib/docker-integration/golem.conf | 18 - .../contrib/docker-integration/helpers.bash | 101 - .../docker-integration/install_certs.sh | 50 - .../malevolent-certs/localregistry.cert | 19 - .../malevolent-certs/localregistry.key | 27 - .../docker-integration/malevolent.bats | 192 - .../docker-integration/nginx/Dockerfile | 10 - .../nginx/docker-registry-v2.conf | 6 - .../docker-integration/nginx/nginx.conf | 61 - .../nginx/registry-basic.conf | 8 - .../nginx/registry-noauth.conf | 5 - .../docker-integration/nginx/registry.conf | 260 - .../docker-integration/nginx/test.passwd | 1 - .../docker-integration/nginx/v1/search.json | 1 - .../docker-integration/run_multiversion.sh | 64 - .../contrib/docker-integration/tls.bats | 109 - .../contrib/docker-integration/token.bats | 135 - .../tokenserver-oauth/.htpasswd | 1 - .../tokenserver-oauth/Dockerfile | 8 - .../certs/auth.localregistry.cert | 19 - .../certs/auth.localregistry.key | 27 - .../certs/localregistry.cert | 19 - .../tokenserver-oauth/certs/localregistry.key | 27 - .../tokenserver-oauth/certs/signing.cert | 18 - .../tokenserver-oauth/certs/signing.key | 27 - .../registry-config-notls.yml | 15 - .../tokenserver-oauth/registry-config.yml | 18 - .../docker-integration/tokenserver/.htpasswd | 1 - .../docker-integration/tokenserver/Dockerfile | 8 - .../tokenserver/certs/auth.localregistry.cert | 19 - .../tokenserver/certs/auth.localregistry.key | 27 - .../tokenserver/certs/localregistry.cert | 19 - .../tokenserver/certs/localregistry.key | 27 - .../tokenserver/certs/signing.cert | 18 - .../tokenserver/certs/signing.key | 27 - .../tokenserver/registry-config.yml | 18 - .../contrib/token-server/errors.go | 38 - .../distribution/contrib/token-server/main.go | 425 - .../contrib/token-server/token.go | 219 - .../docker/distribution/coverpkg.sh | 7 - .../docker/distribution/digest/digest.go | 139 - .../docker/distribution/digest/digest_test.go | 82 - .../docker/distribution/digest/digester.go | 155 - .../digest/digester_resumable_test.go | 21 - .../docker/distribution/digest/doc.go | 42 - .../docker/distribution/digest/set.go | 245 - .../docker/distribution/digest/set_test.go | 368 - .../docker/distribution/digest/verifiers.go | 44 - .../distribution/digest/verifiers_test.go | 49 - vendor/github.com/docker/distribution/doc.go | 7 - .../docker/distribution/docs/README.md | 16 - .../docker/distribution/docs/configuration.md | 1121 -- .../docker/distribution/docs/spec/api.md | 5485 ------ .../docker/distribution/docs/spec/api.md.tmpl | 1215 -- .../distribution/docs/spec/auth/index.md | 12 - .../docker/distribution/docs/spec/auth/jwt.md | 329 - .../distribution/docs/spec/auth/oauth.md | 190 - .../distribution/docs/spec/auth/scope.md | 148 - .../distribution/docs/spec/auth/token.md | 250 - .../distribution/docs/spec/implementations.md | 30 - .../docker/distribution/docs/spec/index.md | 12 - .../docker/distribution/docs/spec/json.md | 90 - .../distribution/docs/spec/manifest-v2-1.md | 163 - .../distribution/docs/spec/manifest-v2-2.md | 295 - .../docker/distribution/docs/spec/menu.md | 7 - .../github.com/docker/distribution/errors.go | 115 - .../docker/distribution/health/api/api.go | 37 - .../distribution/health/api/api_test.go | 86 - .../distribution/health/checks/checks.go | 62 - .../distribution/health/checks/checks_test.go | 25 - .../docker/distribution/health/doc.go | 130 - .../docker/distribution/health/health.go | 306 - .../docker/distribution/health/health_test.go | 107 - .../docker/distribution/manifest/doc.go | 1 - .../manifest/manifestlist/manifestlist.go | 155 - .../manifestlist/manifestlist_test.go | 111 - .../manifest/schema1/config_builder.go | 282 - .../manifest/schema1/config_builder_test.go | 272 - .../distribution/manifest/schema1/manifest.go | 184 - .../manifest/schema1/manifest_test.go | 136 - .../manifest/schema1/reference_builder.go | 98 - .../schema1/reference_builder_test.go | 108 - .../distribution/manifest/schema1/sign.go | 68 - .../distribution/manifest/schema1/verify.go | 32 - .../distribution/manifest/schema2/builder.go | 80 - .../manifest/schema2/builder_test.go | 210 - .../distribution/manifest/schema2/manifest.go | 134 - .../manifest/schema2/manifest_test.go | 111 - .../docker/distribution/manifest/versioned.go | 12 - .../docker/distribution/manifests.go | 125 - .../distribution/notifications/bridge.go | 214 - .../distribution/notifications/bridge_test.go | 222 - .../distribution/notifications/endpoint.go | 93 - .../distribution/notifications/event.go | 160 - .../distribution/notifications/event_test.go | 157 - .../docker/distribution/notifications/http.go | 150 - .../distribution/notifications/http_test.go | 185 - .../distribution/notifications/listener.go | 215 - .../notifications/listener_test.go | 205 - .../distribution/notifications/metrics.go | 152 - .../distribution/notifications/sinks.go | 375 - .../distribution/notifications/sinks_test.go | 256 - .../distribution/project/dev-image/Dockerfile | 20 - .../distribution/project/hooks/README.md | 6 - .../project/hooks/configure-hooks.sh | 18 - .../distribution/project/hooks/pre-commit | 29 - .../distribution/reference/reference.go | 370 - .../distribution/reference/reference_test.go | 661 - .../docker/distribution/reference/regexp.go | 124 - .../distribution/reference/regexp_test.go | 489 - .../docker/distribution/registry.go | 97 - .../registry/api/errcode/errors.go | 267 - .../registry/api/errcode/errors_test.go | 185 - .../registry/api/errcode/handler.go | 44 - .../registry/api/errcode/register.go | 138 - .../registry/api/v2/descriptors.go | 1596 -- .../distribution/registry/api/v2/doc.go | 9 - .../distribution/registry/api/v2/errors.go | 136 - .../registry/api/v2/headerparser.go | 161 - .../registry/api/v2/headerparser_test.go | 161 - .../distribution/registry/api/v2/routes.go | 49 - .../registry/api/v2/routes_test.go | 355 - .../distribution/registry/api/v2/urls.go | 263 - .../distribution/registry/api/v2/urls_test.go | 484 - .../docker/distribution/registry/auth/auth.go | 202 - .../registry/auth/htpasswd/access.go | 115 - .../registry/auth/htpasswd/access_test.go | 122 - .../registry/auth/htpasswd/htpasswd.go | 82 - .../registry/auth/htpasswd/htpasswd_test.go | 85 - .../registry/auth/silly/access.go | 97 - .../registry/auth/silly/access_test.go | 71 - .../registry/auth/token/accesscontroller.go | 272 - .../registry/auth/token/stringset.go | 35 - .../distribution/registry/auth/token/token.go | 378 - .../registry/auth/token/token_test.go | 510 - .../distribution/registry/auth/token/util.go | 58 - .../registry/client/auth/api_version.go | 58 - .../registry/client/auth/challenge/addr.go | 27 - .../client/auth/challenge/authchallenge.go | 237 - .../auth/challenge/authchallenge_test.go | 127 - .../registry/client/auth/session.go | 503 - .../registry/client/auth/session_test.go | 866 - .../registry/client/blob_writer.go | 162 - .../registry/client/blob_writer_test.go | 211 - .../distribution/registry/client/errors.go | 139 - .../registry/client/errors_test.go | 104 - .../registry/client/repository.go | 853 - .../registry/client/repository_test.go | 1226 -- .../registry/client/transport/http_reader.go | 251 - .../registry/client/transport/transport.go | 147 - .../docker/distribution/registry/doc.go | 2 - .../registry/handlers/api_test.go | 2513 --- .../distribution/registry/handlers/app.go | 1046 - .../registry/handlers/app_test.go | 279 - .../registry/handlers/basicauth.go | 11 - .../registry/handlers/basicauth_prego14.go | 41 - .../distribution/registry/handlers/blob.go | 99 - .../registry/handlers/blobupload.go | 368 - .../distribution/registry/handlers/catalog.go | 98 - .../distribution/registry/handlers/context.go | 152 - .../registry/handlers/health_test.go | 210 - .../distribution/registry/handlers/helpers.go | 66 - .../distribution/registry/handlers/hmac.go | 74 - .../registry/handlers/hmac_test.go | 117 - .../distribution/registry/handlers/hooks.go | 53 - .../distribution/registry/handlers/images.go | 460 - .../distribution/registry/handlers/mail.go | 45 - .../distribution/registry/handlers/tags.go | 62 - .../registry/listener/listener.go | 74 - .../middleware/registry/middleware.go | 54 - .../middleware/repository/middleware.go | 40 - .../distribution/registry/proxy/proxyauth.go | 87 - .../registry/proxy/proxyblobstore.go | 224 - .../registry/proxy/proxyblobstore_test.go | 416 - .../registry/proxy/proxymanifeststore.go | 95 - .../registry/proxy/proxymanifeststore_test.go | 275 - .../registry/proxy/proxymetrics.go | 74 - .../registry/proxy/proxyregistry.go | 249 - .../registry/proxy/proxytagservice.go | 65 - .../registry/proxy/proxytagservice_test.go | 182 - .../registry/proxy/scheduler/scheduler.go | 259 - .../proxy/scheduler/scheduler_test.go | 211 - .../docker/distribution/registry/registry.go | 356 - .../distribution/registry/registry_test.go | 30 - .../docker/distribution/registry/root.go | 84 - .../registry/storage/blob_test.go | 614 - .../registry/storage/blobcachemetrics.go | 60 - .../registry/storage/blobserver.go | 78 - .../registry/storage/blobstore.go | 223 - .../registry/storage/blobwriter.go | 399 - .../storage/blobwriter_nonresumable.go | 17 - .../registry/storage/blobwriter_resumable.go | 145 - .../registry/storage/cache/cache.go | 35 - .../storage/cache/cachecheck/suite.go | 180 - .../cache/cachedblobdescriptorstore.go | 101 - .../registry/storage/cache/memory/memory.go | 179 - .../storage/cache/memory/memory_test.go | 13 - .../registry/storage/cache/redis/redis.go | 268 - .../storage/cache/redis/redis_test.go | 53 - .../distribution/registry/storage/catalog.go | 153 - .../registry/storage/catalog_test.go | 324 - .../distribution/registry/storage/doc.go | 3 - .../registry/storage/driver/azure/azure.go | 483 - .../storage/driver/azure/azure_test.go | 63 - .../registry/storage/driver/base/base.go | 198 - .../registry/storage/driver/base/regulator.go | 145 - .../storage/driver/factory/factory.go | 64 - .../registry/storage/driver/fileinfo.go | 79 - .../storage/driver/filesystem/driver.go | 440 - .../storage/driver/filesystem/driver_test.go | 113 - .../registry/storage/driver/gcs/doc.go | 3 - .../registry/storage/driver/gcs/gcs.go | 873 - .../registry/storage/driver/gcs/gcs_test.go | 311 - .../storage/driver/inmemory/driver.go | 312 - .../storage/driver/inmemory/driver_test.go | 19 - .../registry/storage/driver/inmemory/mfs.go | 338 - .../middleware/cloudfront/middleware.go | 136 - .../driver/middleware/redirect/middleware.go | 50 - .../middleware/redirect/middleware_test.go | 58 - .../driver/middleware/storagemiddleware.go | 39 - .../registry/storage/driver/oss/doc.go | 3 - .../registry/storage/driver/oss/oss.go | 683 - .../registry/storage/driver/oss/oss_test.go | 144 - .../registry/storage/driver/s3-aws/s3.go | 1189 -- .../registry/storage/driver/s3-aws/s3_test.go | 313 - .../storage/driver/s3-aws/s3_v2_signer.go | 219 - .../registry/storage/driver/s3-goamz/s3.go | 757 - .../storage/driver/s3-goamz/s3_test.go | 201 - .../registry/storage/driver/storagedriver.go | 165 - .../registry/storage/driver/swift/swift.go | 915 - .../storage/driver/swift/swift_test.go | 245 - .../storage/driver/testdriver/testdriver.go | 71 - .../storage/driver/testsuites/testsuites.go | 1273 -- .../registry/storage/filereader.go | 177 - .../registry/storage/filereader_test.go | 198 - .../registry/storage/garbagecollect.go | 114 - .../registry/storage/garbagecollect_test.go | 377 - .../registry/storage/linkedblobstore.go | 470 - .../registry/storage/linkedblobstore_test.go | 217 - .../registry/storage/manifestlisthandler.go | 92 - .../registry/storage/manifeststore.go | 141 - .../registry/storage/manifeststore_test.go | 391 - .../distribution/registry/storage/paths.go | 490 - .../registry/storage/paths_test.go | 135 - .../registry/storage/purgeuploads.go | 139 - .../registry/storage/purgeuploads_test.go | 166 - .../distribution/registry/storage/registry.go | 306 - .../storage/schema2manifesthandler.go | 136 - .../storage/schema2manifesthandler_test.go | 136 - .../registry/storage/signedmanifesthandler.go | 141 - .../distribution/registry/storage/tagstore.go | 191 - .../registry/storage/tagstore_test.go | 209 - .../distribution/registry/storage/util.go | 21 - .../distribution/registry/storage/vacuum.go | 67 - .../distribution/registry/storage/walk.go | 59 - .../registry/storage/walk_test.go | 152 - vendor/github.com/docker/distribution/tags.go | 27 - .../docker/distribution/testutil/handler.go | 148 - .../docker/distribution/testutil/manifests.go | 87 - .../docker/distribution/testutil/tarfile.go | 115 - .../docker/distribution/uuid/uuid.go | 126 - .../docker/distribution/uuid/uuid_test.go | 48 - .../docker/distribution/version/print.go | 26 - .../docker/distribution/version/version.go | 11 - .../docker/distribution/version/version.sh | 22 - .../docker/libtrust/CONTRIBUTING.md | 13 - vendor/github.com/docker/libtrust/LICENSE | 191 - vendor/github.com/docker/libtrust/MAINTAINERS | 3 - vendor/github.com/docker/libtrust/README.md | 18 - .../docker/libtrust/certificates.go | 175 - .../docker/libtrust/certificates_test.go | 111 - vendor/github.com/docker/libtrust/doc.go | 9 - vendor/github.com/docker/libtrust/ec_key.go | 428 - .../github.com/docker/libtrust/ec_key_test.go | 157 - vendor/github.com/docker/libtrust/filter.go | 50 - .../github.com/docker/libtrust/filter_test.go | 81 - vendor/github.com/docker/libtrust/hash.go | 56 - vendor/github.com/docker/libtrust/jsonsign.go | 657 - .../docker/libtrust/jsonsign_test.go | 380 - vendor/github.com/docker/libtrust/key.go | 253 - .../github.com/docker/libtrust/key_files.go | 255 - .../docker/libtrust/key_files_test.go | 220 - .../github.com/docker/libtrust/key_manager.go | 175 - vendor/github.com/docker/libtrust/key_test.go | 80 - vendor/github.com/docker/libtrust/rsa_key.go | 427 - .../docker/libtrust/rsa_key_test.go | 157 - .../docker/libtrust/testutil/certificates.go | 94 - .../docker/libtrust/tlsdemo/README.md | 50 - .../docker/libtrust/tlsdemo/client.go | 89 - .../docker/libtrust/tlsdemo/gencert.go | 62 - .../docker/libtrust/tlsdemo/genkeys.go | 61 - .../docker/libtrust/tlsdemo/server.go | 80 - .../docker/libtrust/trustgraph/graph.go | 50 - .../libtrust/trustgraph/memory_graph.go | 133 - .../libtrust/trustgraph/memory_graph_test.go | 174 - .../docker/libtrust/trustgraph/statement.go | 227 - .../libtrust/trustgraph/statement_test.go | 417 - vendor/github.com/docker/libtrust/util.go | 361 - .../github.com/docker/libtrust/util_test.go | 23 - vendor/github.com/gorilla/context/.travis.yml | 7 - vendor/github.com/gorilla/context/LICENSE | 27 - vendor/github.com/gorilla/context/README.md | 7 - vendor/github.com/gorilla/context/context.go | 143 - .../gorilla/context/context_test.go | 161 - vendor/github.com/gorilla/context/doc.go | 82 - vendor/github.com/gorilla/mux/.travis.yml | 7 - vendor/github.com/gorilla/mux/LICENSE | 27 - vendor/github.com/gorilla/mux/README.md | 7 - vendor/github.com/gorilla/mux/bench_test.go | 21 - vendor/github.com/gorilla/mux/doc.go | 199 - vendor/github.com/gorilla/mux/mux.go | 353 - vendor/github.com/gorilla/mux/mux_test.go | 943 - vendor/github.com/gorilla/mux/old_test.go | 714 - vendor/github.com/gorilla/mux/regexp.go | 276 - vendor/github.com/gorilla/mux/route.go | 524 - .../opencontainers/go-digest/.mailmap | 1 - .../opencontainers/go-digest/.pullapprove.yml | 12 - .../opencontainers/go-digest/.travis.yml | 4 - .../opencontainers/go-digest/CONTRIBUTING.md | 72 - .../opencontainers/go-digest/LICENSE.code | 191 - .../opencontainers/go-digest/LICENSE.docs | 425 - .../opencontainers/go-digest/MAINTAINERS | 9 - .../opencontainers/go-digest/README.md | 104 - .../opencontainers/go-digest/algorithm.go | 158 - .../go-digest/algorithm_test.go | 114 - .../opencontainers/go-digest/digest.go | 154 - .../opencontainers/go-digest/digest_test.go | 106 - .../opencontainers/go-digest/digester.go | 39 - .../opencontainers/go-digest/doc.go | 56 - .../opencontainers/go-digest/verifiers.go | 45 - .../go-digest/verifiers_test.go | 80 - vendor/golang.org/x/net/.gitattributes | 10 - vendor/golang.org/x/net/.gitignore | 2 - vendor/golang.org/x/net/AUTHORS | 3 - vendor/golang.org/x/net/CONTRIBUTING.md | 31 - vendor/golang.org/x/net/CONTRIBUTORS | 3 - vendor/golang.org/x/net/LICENSE | 27 - vendor/golang.org/x/net/PATENTS | 22 - vendor/golang.org/x/net/README | 3 - vendor/golang.org/x/net/codereview.cfg | 1 - vendor/golang.org/x/net/context/context.go | 447 - .../golang.org/x/net/context/context_test.go | 575 - .../x/net/context/ctxhttp/cancelreq.go | 19 - .../x/net/context/ctxhttp/cancelreq_go14.go | 23 - .../x/net/context/ctxhttp/ctxhttp.go | 145 - .../x/net/context/ctxhttp/ctxhttp_test.go | 176 - .../x/net/context/withtimeout_test.go | 26 - vendor/golang.org/x/net/dict/dict.go | 210 - vendor/golang.org/x/net/html/atom/atom.go | 78 - .../golang.org/x/net/html/atom/atom_test.go | 109 - vendor/golang.org/x/net/html/atom/gen.go | 648 - vendor/golang.org/x/net/html/atom/table.go | 713 - .../golang.org/x/net/html/atom/table_test.go | 351 - .../golang.org/x/net/html/charset/charset.go | 257 - .../x/net/html/charset/charset_test.go | 237 - .../html/charset/testdata/HTTP-charset.html | 48 - .../charset/testdata/HTTP-vs-UTF-8-BOM.html | 48 - .../testdata/HTTP-vs-meta-charset.html | 49 - .../testdata/HTTP-vs-meta-content.html | 49 - .../testdata/No-encoding-declaration.html | 47 - .../x/net/html/charset/testdata/README | 9 - .../html/charset/testdata/UTF-16BE-BOM.html | Bin 2670 -> 0 bytes .../html/charset/testdata/UTF-16LE-BOM.html | Bin 2682 -> 0 bytes .../testdata/UTF-8-BOM-vs-meta-charset.html | 49 - .../testdata/UTF-8-BOM-vs-meta-content.html | 48 - .../testdata/meta-charset-attribute.html | 48 - .../testdata/meta-content-attribute.html | 48 - vendor/golang.org/x/net/html/const.go | 102 - vendor/golang.org/x/net/html/doc.go | 106 - vendor/golang.org/x/net/html/doctype.go | 156 - vendor/golang.org/x/net/html/entity.go | 2253 --- vendor/golang.org/x/net/html/entity_test.go | 29 - vendor/golang.org/x/net/html/escape.go | 258 - vendor/golang.org/x/net/html/escape_test.go | 97 - vendor/golang.org/x/net/html/example_test.go | 40 - vendor/golang.org/x/net/html/foreign.go | 226 - vendor/golang.org/x/net/html/node.go | 193 - vendor/golang.org/x/net/html/node_test.go | 146 - vendor/golang.org/x/net/html/parse.go | 2094 -- vendor/golang.org/x/net/html/parse_test.go | 388 - vendor/golang.org/x/net/html/render.go | 271 - vendor/golang.org/x/net/html/render_test.go | 156 - .../golang.org/x/net/html/testdata/go1.html | 2237 --- .../x/net/html/testdata/webkit/README | 28 - .../x/net/html/testdata/webkit/adoption01.dat | 194 - .../x/net/html/testdata/webkit/adoption02.dat | 31 - .../x/net/html/testdata/webkit/comments01.dat | 135 - .../x/net/html/testdata/webkit/doctype01.dat | 370 - .../x/net/html/testdata/webkit/entities01.dat | 603 - .../x/net/html/testdata/webkit/entities02.dat | 249 - .../html/testdata/webkit/html5test-com.dat | 246 - .../x/net/html/testdata/webkit/inbody01.dat | 43 - .../x/net/html/testdata/webkit/isindex.dat | 40 - ...pending-spec-changes-plain-text-unsafe.dat | Bin 115 -> 0 bytes .../testdata/webkit/pending-spec-changes.dat | 52 - .../testdata/webkit/plain-text-unsafe.dat | Bin 4166 -> 0 bytes .../net/html/testdata/webkit/scriptdata01.dat | 308 - .../testdata/webkit/scripted/adoption01.dat | 15 - .../testdata/webkit/scripted/webkit01.dat | 28 - .../x/net/html/testdata/webkit/tables01.dat | 212 - .../x/net/html/testdata/webkit/tests1.dat | 1952 -- .../x/net/html/testdata/webkit/tests10.dat | 799 - .../x/net/html/testdata/webkit/tests11.dat | 482 - .../x/net/html/testdata/webkit/tests12.dat | 62 - .../x/net/html/testdata/webkit/tests14.dat | 74 - .../x/net/html/testdata/webkit/tests15.dat | 208 - .../x/net/html/testdata/webkit/tests16.dat | 2299 --- .../x/net/html/testdata/webkit/tests17.dat | 153 - .../x/net/html/testdata/webkit/tests18.dat | 269 - .../x/net/html/testdata/webkit/tests19.dat | 1237 -- .../x/net/html/testdata/webkit/tests2.dat | 763 - .../x/net/html/testdata/webkit/tests20.dat | 455 - .../x/net/html/testdata/webkit/tests21.dat | 221 - .../x/net/html/testdata/webkit/tests22.dat | 157 - .../x/net/html/testdata/webkit/tests23.dat | 155 - .../x/net/html/testdata/webkit/tests24.dat | 79 - .../x/net/html/testdata/webkit/tests25.dat | 219 - .../x/net/html/testdata/webkit/tests26.dat | 313 - .../x/net/html/testdata/webkit/tests3.dat | 305 - .../x/net/html/testdata/webkit/tests4.dat | 59 - .../x/net/html/testdata/webkit/tests5.dat | 191 - .../x/net/html/testdata/webkit/tests6.dat | 663 - .../x/net/html/testdata/webkit/tests7.dat | 390 - .../x/net/html/testdata/webkit/tests8.dat | 148 - .../x/net/html/testdata/webkit/tests9.dat | 457 - .../testdata/webkit/tests_innerHTML_1.dat | 741 - .../x/net/html/testdata/webkit/tricky01.dat | 261 - .../x/net/html/testdata/webkit/webkit01.dat | 610 - .../x/net/html/testdata/webkit/webkit02.dat | 159 - vendor/golang.org/x/net/html/token.go | 1219 -- vendor/golang.org/x/net/html/token_test.go | 748 - vendor/golang.org/x/net/http2/.gitignore | 2 - vendor/golang.org/x/net/http2/Dockerfile | 51 - vendor/golang.org/x/net/http2/Makefile | 3 - vendor/golang.org/x/net/http2/README | 20 - .../x/net/http2/client_conn_pool.go | 225 - .../x/net/http2/configure_transport.go | 89 - vendor/golang.org/x/net/http2/errors.go | 122 - vendor/golang.org/x/net/http2/errors_test.go | 24 - vendor/golang.org/x/net/http2/fixed_buffer.go | 60 - .../x/net/http2/fixed_buffer_test.go | 128 - vendor/golang.org/x/net/http2/flow.go | 50 - vendor/golang.org/x/net/http2/flow_test.go | 53 - vendor/golang.org/x/net/http2/frame.go | 1496 -- vendor/golang.org/x/net/http2/frame_test.go | 975 - vendor/golang.org/x/net/http2/go15.go | 11 - vendor/golang.org/x/net/http2/gotrack.go | 170 - vendor/golang.org/x/net/http2/gotrack_test.go | 33 - .../golang.org/x/net/http2/h2demo/.gitignore | 5 - vendor/golang.org/x/net/http2/h2demo/Makefile | 8 - vendor/golang.org/x/net/http2/h2demo/README | 16 - .../golang.org/x/net/http2/h2demo/h2demo.go | 504 - .../golang.org/x/net/http2/h2demo/launch.go | 302 - .../golang.org/x/net/http2/h2demo/rootCA.key | 27 - .../golang.org/x/net/http2/h2demo/rootCA.pem | 26 - .../golang.org/x/net/http2/h2demo/rootCA.srl | 1 - .../golang.org/x/net/http2/h2demo/server.crt | 20 - .../golang.org/x/net/http2/h2demo/server.key | 27 - vendor/golang.org/x/net/http2/h2i/README.md | 97 - vendor/golang.org/x/net/http2/h2i/h2i.go | 501 - vendor/golang.org/x/net/http2/headermap.go | 78 - vendor/golang.org/x/net/http2/hpack/encode.go | 251 - .../x/net/http2/hpack/encode_test.go | 330 - vendor/golang.org/x/net/http2/hpack/hpack.go | 542 - .../x/net/http2/hpack/hpack_test.go | 813 - .../golang.org/x/net/http2/hpack/huffman.go | 190 - vendor/golang.org/x/net/http2/hpack/tables.go | 352 - vendor/golang.org/x/net/http2/http2.go | 463 - vendor/golang.org/x/net/http2/http2_test.go | 198 - vendor/golang.org/x/net/http2/not_go15.go | 11 - vendor/golang.org/x/net/http2/not_go16.go | 13 - vendor/golang.org/x/net/http2/pipe.go | 147 - vendor/golang.org/x/net/http2/pipe_test.go | 109 - .../golang.org/x/net/http2/priority_test.go | 118 - vendor/golang.org/x/net/http2/server.go | 2178 --- vendor/golang.org/x/net/http2/server_test.go | 3181 ---- .../testdata/draft-ietf-httpbis-http2.xml | 5021 ----- vendor/golang.org/x/net/http2/transport.go | 1666 -- .../golang.org/x/net/http2/transport_test.go | 1740 -- vendor/golang.org/x/net/http2/write.go | 262 - vendor/golang.org/x/net/http2/writesched.go | 283 - vendor/golang.org/x/net/http2/z_spec_test.go | 356 - vendor/golang.org/x/net/icmp/dstunreach.go | 41 - vendor/golang.org/x/net/icmp/echo.go | 45 - vendor/golang.org/x/net/icmp/endpoint.go | 113 - vendor/golang.org/x/net/icmp/example_test.go | 63 - vendor/golang.org/x/net/icmp/extension.go | 89 - .../golang.org/x/net/icmp/extension_test.go | 259 - vendor/golang.org/x/net/icmp/helper.go | 27 - vendor/golang.org/x/net/icmp/helper_posix.go | 75 - vendor/golang.org/x/net/icmp/interface.go | 236 - vendor/golang.org/x/net/icmp/ipv4.go | 56 - vendor/golang.org/x/net/icmp/ipv4_test.go | 71 - vendor/golang.org/x/net/icmp/ipv6.go | 23 - vendor/golang.org/x/net/icmp/listen_posix.go | 98 - vendor/golang.org/x/net/icmp/listen_stub.go | 33 - vendor/golang.org/x/net/icmp/message.go | 150 - vendor/golang.org/x/net/icmp/message_test.go | 134 - vendor/golang.org/x/net/icmp/messagebody.go | 41 - vendor/golang.org/x/net/icmp/mpls.go | 77 - vendor/golang.org/x/net/icmp/multipart.go | 109 - .../golang.org/x/net/icmp/multipart_test.go | 442 - vendor/golang.org/x/net/icmp/packettoobig.go | 43 - vendor/golang.org/x/net/icmp/paramprob.go | 63 - vendor/golang.org/x/net/icmp/ping_test.go | 166 - vendor/golang.org/x/net/icmp/sys_freebsd.go | 11 - vendor/golang.org/x/net/icmp/timeexceeded.go | 39 - vendor/golang.org/x/net/idna/idna.go | 68 - vendor/golang.org/x/net/idna/idna_test.go | 43 - vendor/golang.org/x/net/idna/punycode.go | 200 - vendor/golang.org/x/net/idna/punycode_test.go | 198 - .../golang.org/x/net/internal/iana/const.go | 180 - vendor/golang.org/x/net/internal/iana/gen.go | 293 - .../x/net/internal/nettest/error_posix.go | 31 - .../x/net/internal/nettest/error_stub.go | 11 - .../x/net/internal/nettest/interface.go | 94 - .../x/net/internal/nettest/rlimit.go | 11 - .../x/net/internal/nettest/rlimit_stub.go | 9 - .../x/net/internal/nettest/rlimit_unix.go | 17 - .../x/net/internal/nettest/rlimit_windows.go | 7 - .../x/net/internal/nettest/stack.go | 36 - .../x/net/internal/nettest/stack_stub.go | 18 - .../x/net/internal/nettest/stack_unix.go | 22 - .../x/net/internal/nettest/stack_windows.go | 32 - .../x/net/internal/timeseries/timeseries.go | 525 - .../internal/timeseries/timeseries_test.go | 170 - vendor/golang.org/x/net/ipv4/control.go | 70 - vendor/golang.org/x/net/ipv4/control_bsd.go | 40 - .../golang.org/x/net/ipv4/control_pktinfo.go | 37 - vendor/golang.org/x/net/ipv4/control_stub.go | 23 - vendor/golang.org/x/net/ipv4/control_unix.go | 164 - .../golang.org/x/net/ipv4/control_windows.go | 27 - vendor/golang.org/x/net/ipv4/defs_darwin.go | 77 - .../golang.org/x/net/ipv4/defs_dragonfly.go | 38 - vendor/golang.org/x/net/ipv4/defs_freebsd.go | 75 - vendor/golang.org/x/net/ipv4/defs_linux.go | 111 - vendor/golang.org/x/net/ipv4/defs_netbsd.go | 37 - vendor/golang.org/x/net/ipv4/defs_openbsd.go | 37 - vendor/golang.org/x/net/ipv4/defs_solaris.go | 57 - .../golang.org/x/net/ipv4/dgramopt_posix.go | 251 - vendor/golang.org/x/net/ipv4/dgramopt_stub.go | 106 - vendor/golang.org/x/net/ipv4/doc.go | 242 - vendor/golang.org/x/net/ipv4/endpoint.go | 187 - vendor/golang.org/x/net/ipv4/example_test.go | 224 - vendor/golang.org/x/net/ipv4/gen.go | 208 - .../golang.org/x/net/ipv4/genericopt_posix.go | 59 - .../golang.org/x/net/ipv4/genericopt_stub.go | 29 - vendor/golang.org/x/net/ipv4/header.go | 132 - vendor/golang.org/x/net/ipv4/header_test.go | 119 - vendor/golang.org/x/net/ipv4/helper.go | 59 - vendor/golang.org/x/net/ipv4/helper_stub.go | 23 - vendor/golang.org/x/net/ipv4/helper_unix.go | 50 - .../golang.org/x/net/ipv4/helper_windows.go | 49 - vendor/golang.org/x/net/ipv4/iana.go | 34 - vendor/golang.org/x/net/ipv4/icmp.go | 57 - vendor/golang.org/x/net/ipv4/icmp_linux.go | 25 - vendor/golang.org/x/net/ipv4/icmp_stub.go | 25 - vendor/golang.org/x/net/ipv4/icmp_test.go | 95 - .../x/net/ipv4/mocktransponder_test.go | 21 - .../golang.org/x/net/ipv4/multicast_test.go | 330 - .../x/net/ipv4/multicastlistener_test.go | 249 - .../x/net/ipv4/multicastsockopt_test.go | 195 - vendor/golang.org/x/net/ipv4/packet.go | 97 - vendor/golang.org/x/net/ipv4/payload.go | 15 - vendor/golang.org/x/net/ipv4/payload_cmsg.go | 81 - .../golang.org/x/net/ipv4/payload_nocmsg.go | 42 - .../golang.org/x/net/ipv4/readwrite_test.go | 174 - vendor/golang.org/x/net/ipv4/sockopt.go | 46 - .../golang.org/x/net/ipv4/sockopt_asmreq.go | 83 - .../x/net/ipv4/sockopt_asmreq_stub.go | 21 - .../x/net/ipv4/sockopt_asmreq_unix.go | 46 - .../x/net/ipv4/sockopt_asmreq_windows.go | 45 - .../x/net/ipv4/sockopt_asmreqn_stub.go | 17 - .../x/net/ipv4/sockopt_asmreqn_unix.go | 42 - .../x/net/ipv4/sockopt_ssmreq_stub.go | 17 - .../x/net/ipv4/sockopt_ssmreq_unix.go | 61 - vendor/golang.org/x/net/ipv4/sockopt_stub.go | 11 - vendor/golang.org/x/net/ipv4/sockopt_unix.go | 122 - .../golang.org/x/net/ipv4/sockopt_windows.go | 68 - vendor/golang.org/x/net/ipv4/sys_bsd.go | 36 - vendor/golang.org/x/net/ipv4/sys_darwin.go | 98 - vendor/golang.org/x/net/ipv4/sys_freebsd.go | 75 - vendor/golang.org/x/net/ipv4/sys_linux.go | 57 - vendor/golang.org/x/net/ipv4/sys_openbsd.go | 34 - vendor/golang.org/x/net/ipv4/sys_stub.go | 15 - vendor/golang.org/x/net/ipv4/sys_windows.go | 61 - .../x/net/ipv4/syscall_linux_386.go | 31 - vendor/golang.org/x/net/ipv4/syscall_unix.go | 26 - .../golang.org/x/net/ipv4/thunk_linux_386.s | 8 - vendor/golang.org/x/net/ipv4/unicast_test.go | 246 - .../x/net/ipv4/unicastsockopt_test.go | 139 - vendor/golang.org/x/net/ipv4/zsys_darwin.go | 99 - .../golang.org/x/net/ipv4/zsys_dragonfly.go | 33 - .../golang.org/x/net/ipv4/zsys_freebsd_386.go | 93 - .../x/net/ipv4/zsys_freebsd_amd64.go | 95 - .../golang.org/x/net/ipv4/zsys_freebsd_arm.go | 95 - .../golang.org/x/net/ipv4/zsys_linux_386.go | 130 - .../golang.org/x/net/ipv4/zsys_linux_amd64.go | 132 - .../golang.org/x/net/ipv4/zsys_linux_arm.go | 130 - .../golang.org/x/net/ipv4/zsys_linux_arm64.go | 134 - .../x/net/ipv4/zsys_linux_mips64.go | 134 - .../x/net/ipv4/zsys_linux_mips64le.go | 134 - .../golang.org/x/net/ipv4/zsys_linux_ppc64.go | 134 - .../x/net/ipv4/zsys_linux_ppc64le.go | 134 - vendor/golang.org/x/net/ipv4/zsys_netbsd.go | 30 - vendor/golang.org/x/net/ipv4/zsys_openbsd.go | 30 - vendor/golang.org/x/net/ipv4/zsys_solaris.go | 60 - vendor/golang.org/x/net/ipv6/control.go | 85 - .../x/net/ipv6/control_rfc2292_unix.go | 55 - .../x/net/ipv6/control_rfc3542_unix.go | 99 - vendor/golang.org/x/net/ipv6/control_stub.go | 23 - vendor/golang.org/x/net/ipv6/control_unix.go | 166 - .../golang.org/x/net/ipv6/control_windows.go | 27 - vendor/golang.org/x/net/ipv6/defs_darwin.go | 112 - .../golang.org/x/net/ipv6/defs_dragonfly.go | 84 - vendor/golang.org/x/net/ipv6/defs_freebsd.go | 105 - vendor/golang.org/x/net/ipv6/defs_linux.go | 136 - vendor/golang.org/x/net/ipv6/defs_netbsd.go | 80 - vendor/golang.org/x/net/ipv6/defs_openbsd.go | 89 - vendor/golang.org/x/net/ipv6/defs_solaris.go | 96 - .../golang.org/x/net/ipv6/dgramopt_posix.go | 288 - vendor/golang.org/x/net/ipv6/dgramopt_stub.go | 119 - vendor/golang.org/x/net/ipv6/doc.go | 240 - vendor/golang.org/x/net/ipv6/endpoint.go | 123 - vendor/golang.org/x/net/ipv6/example_test.go | 216 - vendor/golang.org/x/net/ipv6/gen.go | 208 - .../golang.org/x/net/ipv6/genericopt_posix.go | 60 - .../golang.org/x/net/ipv6/genericopt_stub.go | 30 - vendor/golang.org/x/net/ipv6/header.go | 55 - vendor/golang.org/x/net/ipv6/header_test.go | 55 - vendor/golang.org/x/net/ipv6/helper.go | 53 - vendor/golang.org/x/net/ipv6/helper_stub.go | 19 - vendor/golang.org/x/net/ipv6/helper_unix.go | 46 - .../golang.org/x/net/ipv6/helper_windows.go | 45 - vendor/golang.org/x/net/ipv6/iana.go | 82 - vendor/golang.org/x/net/ipv6/icmp.go | 57 - vendor/golang.org/x/net/ipv6/icmp_bsd.go | 29 - vendor/golang.org/x/net/ipv6/icmp_linux.go | 27 - vendor/golang.org/x/net/ipv6/icmp_solaris.go | 24 - vendor/golang.org/x/net/ipv6/icmp_stub.go | 23 - vendor/golang.org/x/net/ipv6/icmp_test.go | 96 - vendor/golang.org/x/net/ipv6/icmp_windows.go | 26 - .../x/net/ipv6/mocktransponder_test.go | 32 - .../golang.org/x/net/ipv6/multicast_test.go | 260 - .../x/net/ipv6/multicastlistener_test.go | 246 - .../x/net/ipv6/multicastsockopt_test.go | 157 - vendor/golang.org/x/net/ipv6/payload.go | 15 - vendor/golang.org/x/net/ipv6/payload_cmsg.go | 70 - .../golang.org/x/net/ipv6/payload_nocmsg.go | 41 - .../golang.org/x/net/ipv6/readwrite_test.go | 189 - vendor/golang.org/x/net/ipv6/sockopt.go | 46 - .../x/net/ipv6/sockopt_asmreq_unix.go | 22 - .../x/net/ipv6/sockopt_asmreq_windows.go | 21 - .../x/net/ipv6/sockopt_ssmreq_stub.go | 17 - .../x/net/ipv6/sockopt_ssmreq_unix.go | 59 - vendor/golang.org/x/net/ipv6/sockopt_stub.go | 13 - vendor/golang.org/x/net/ipv6/sockopt_test.go | 133 - vendor/golang.org/x/net/ipv6/sockopt_unix.go | 122 - .../golang.org/x/net/ipv6/sockopt_windows.go | 86 - vendor/golang.org/x/net/ipv6/sys_bsd.go | 58 - vendor/golang.org/x/net/ipv6/sys_darwin.go | 135 - vendor/golang.org/x/net/ipv6/sys_freebsd.go | 93 - vendor/golang.org/x/net/ipv6/sys_linux.go | 74 - vendor/golang.org/x/net/ipv6/sys_stub.go | 15 - vendor/golang.org/x/net/ipv6/sys_windows.go | 63 - .../x/net/ipv6/syscall_linux_386.go | 31 - vendor/golang.org/x/net/ipv6/syscall_unix.go | 26 - .../golang.org/x/net/ipv6/thunk_linux_386.s | 8 - vendor/golang.org/x/net/ipv6/unicast_test.go | 182 - .../x/net/ipv6/unicastsockopt_test.go | 111 - vendor/golang.org/x/net/ipv6/zsys_darwin.go | 131 - .../golang.org/x/net/ipv6/zsys_dragonfly.go | 90 - .../golang.org/x/net/ipv6/zsys_freebsd_386.go | 122 - .../x/net/ipv6/zsys_freebsd_amd64.go | 124 - .../golang.org/x/net/ipv6/zsys_freebsd_arm.go | 124 - .../golang.org/x/net/ipv6/zsys_linux_386.go | 152 - .../golang.org/x/net/ipv6/zsys_linux_amd64.go | 154 - .../golang.org/x/net/ipv6/zsys_linux_arm.go | 152 - .../golang.org/x/net/ipv6/zsys_linux_arm64.go | 156 - .../x/net/ipv6/zsys_linux_mips64.go | 156 - .../x/net/ipv6/zsys_linux_mips64le.go | 156 - .../golang.org/x/net/ipv6/zsys_linux_ppc64.go | 156 - .../x/net/ipv6/zsys_linux_ppc64le.go | 156 - vendor/golang.org/x/net/ipv6/zsys_netbsd.go | 84 - vendor/golang.org/x/net/ipv6/zsys_openbsd.go | 93 - vendor/golang.org/x/net/ipv6/zsys_solaris.go | 105 - vendor/golang.org/x/net/netutil/listen.go | 48 - .../golang.org/x/net/netutil/listen_test.go | 101 - vendor/golang.org/x/net/proxy/direct.go | 18 - vendor/golang.org/x/net/proxy/per_host.go | 140 - .../golang.org/x/net/proxy/per_host_test.go | 55 - vendor/golang.org/x/net/proxy/proxy.go | 94 - vendor/golang.org/x/net/proxy/proxy_test.go | 142 - vendor/golang.org/x/net/proxy/socks5.go | 210 - vendor/golang.org/x/net/publicsuffix/gen.go | 663 - vendor/golang.org/x/net/publicsuffix/list.go | 133 - .../x/net/publicsuffix/list_test.go | 416 - vendor/golang.org/x/net/publicsuffix/table.go | 8786 --------- .../x/net/publicsuffix/table_test.go | 15751 ---------------- vendor/golang.org/x/net/trace/events.go | 524 - vendor/golang.org/x/net/trace/histogram.go | 356 - .../golang.org/x/net/trace/histogram_test.go | 325 - vendor/golang.org/x/net/trace/trace.go | 1062 -- vendor/golang.org/x/net/trace/trace_test.go | 71 - vendor/golang.org/x/net/webdav/file.go | 795 - vendor/golang.org/x/net/webdav/file_test.go | 1167 -- vendor/golang.org/x/net/webdav/if.go | 173 - vendor/golang.org/x/net/webdav/if_test.go | 322 - .../x/net/webdav/internal/xml/README | 11 - .../x/net/webdav/internal/xml/atom_test.go | 56 - .../x/net/webdav/internal/xml/example_test.go | 151 - .../x/net/webdav/internal/xml/marshal.go | 1223 -- .../x/net/webdav/internal/xml/marshal_test.go | 1939 -- .../x/net/webdav/internal/xml/read.go | 692 - .../x/net/webdav/internal/xml/read_test.go | 744 - .../x/net/webdav/internal/xml/typeinfo.go | 371 - .../x/net/webdav/internal/xml/xml.go | 1998 -- .../x/net/webdav/internal/xml/xml_test.go | 752 - .../x/net/webdav/litmus_test_server.go | 94 - vendor/golang.org/x/net/webdav/lock.go | 445 - vendor/golang.org/x/net/webdav/lock_test.go | 731 - vendor/golang.org/x/net/webdav/prop.go | 389 - vendor/golang.org/x/net/webdav/prop_test.go | 607 - vendor/golang.org/x/net/webdav/webdav.go | 707 - vendor/golang.org/x/net/webdav/webdav_test.go | 242 - vendor/golang.org/x/net/webdav/xml.go | 469 - vendor/golang.org/x/net/webdav/xml_test.go | 909 - vendor/golang.org/x/net/websocket/client.go | 113 - .../x/net/websocket/exampledial_test.go | 31 - .../x/net/websocket/examplehandler_test.go | 26 - vendor/golang.org/x/net/websocket/hybi.go | 586 - .../golang.org/x/net/websocket/hybi_test.go | 608 - vendor/golang.org/x/net/websocket/server.go | 113 - .../golang.org/x/net/websocket/websocket.go | 414 - .../x/net/websocket/websocket_test.go | 587 - vendor/golang.org/x/net/xsrftoken/xsrf.go | 88 - .../golang.org/x/net/xsrftoken/xsrf_test.go | 83 - 787 files changed, 1 insertion(+), 194162 deletions(-) delete mode 100644 glide.lock delete mode 100644 vendor/github.com/docker/distribution/.gitignore delete mode 100644 vendor/github.com/docker/distribution/.mailmap delete mode 100644 vendor/github.com/docker/distribution/AUTHORS delete mode 100644 vendor/github.com/docker/distribution/BUILDING.md delete mode 100644 vendor/github.com/docker/distribution/CHANGELOG.md delete mode 100644 vendor/github.com/docker/distribution/CONTRIBUTING.md delete mode 100644 vendor/github.com/docker/distribution/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/Godeps/Godeps.json delete mode 100644 vendor/github.com/docker/distribution/Godeps/Readme delete mode 100644 vendor/github.com/docker/distribution/LICENSE delete mode 100644 vendor/github.com/docker/distribution/MAINTAINERS delete mode 100644 vendor/github.com/docker/distribution/Makefile delete mode 100644 vendor/github.com/docker/distribution/README.md delete mode 100644 vendor/github.com/docker/distribution/RELEASE-CHECKLIST.md delete mode 100644 vendor/github.com/docker/distribution/ROADMAP.md delete mode 100644 vendor/github.com/docker/distribution/blobs.go delete mode 100644 vendor/github.com/docker/distribution/circle.yml delete mode 100644 vendor/github.com/docker/distribution/cmd/digest/main.go delete mode 100644 vendor/github.com/docker/distribution/cmd/registry-api-descriptor-template/main.go delete mode 100644 vendor/github.com/docker/distribution/cmd/registry/config-cache.yml delete mode 100644 vendor/github.com/docker/distribution/cmd/registry/config-dev.yml delete mode 100644 vendor/github.com/docker/distribution/cmd/registry/config-example.yml delete mode 100644 vendor/github.com/docker/distribution/cmd/registry/main.go delete mode 100644 vendor/github.com/docker/distribution/configuration/configuration.go delete mode 100644 vendor/github.com/docker/distribution/configuration/configuration_test.go delete mode 100644 vendor/github.com/docker/distribution/configuration/parser.go delete mode 100644 vendor/github.com/docker/distribution/context/context.go delete mode 100644 vendor/github.com/docker/distribution/context/doc.go delete mode 100644 vendor/github.com/docker/distribution/context/http.go delete mode 100644 vendor/github.com/docker/distribution/context/http_test.go delete mode 100644 vendor/github.com/docker/distribution/context/logger.go delete mode 100644 vendor/github.com/docker/distribution/context/trace.go delete mode 100644 vendor/github.com/docker/distribution/context/trace_test.go delete mode 100644 vendor/github.com/docker/distribution/context/util.go delete mode 100644 vendor/github.com/docker/distribution/context/version.go delete mode 100644 vendor/github.com/docker/distribution/context/version_test.go delete mode 100644 vendor/github.com/docker/distribution/contrib/apache/README.MD delete mode 100644 vendor/github.com/docker/distribution/contrib/apache/apache.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/README.md delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/docker-compose.yml delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/nginx/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry-v2.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/nginx/nginx.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/compose/nginx/registry.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/README.md delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/docker-compose.yml delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/golem.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/helpers.bash delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/install_certs.sh delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/malevolent.bats delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/docker-registry-v2.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/nginx.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-basic.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-noauth.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry.conf delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/test.passwd delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/nginx/v1/search.json delete mode 100755 vendor/github.com/docker/distribution/contrib/docker-integration/run_multiversion.sh delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tls.bats delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/token.bats delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/.htpasswd delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config.yml delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/.htpasswd delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.cert delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.key delete mode 100644 vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/registry-config.yml delete mode 100644 vendor/github.com/docker/distribution/contrib/token-server/errors.go delete mode 100644 vendor/github.com/docker/distribution/contrib/token-server/main.go delete mode 100644 vendor/github.com/docker/distribution/contrib/token-server/token.go delete mode 100755 vendor/github.com/docker/distribution/coverpkg.sh delete mode 100644 vendor/github.com/docker/distribution/digest/digest.go delete mode 100644 vendor/github.com/docker/distribution/digest/digest_test.go delete mode 100644 vendor/github.com/docker/distribution/digest/digester.go delete mode 100644 vendor/github.com/docker/distribution/digest/digester_resumable_test.go delete mode 100644 vendor/github.com/docker/distribution/digest/doc.go delete mode 100644 vendor/github.com/docker/distribution/digest/set.go delete mode 100644 vendor/github.com/docker/distribution/digest/set_test.go delete mode 100644 vendor/github.com/docker/distribution/digest/verifiers.go delete mode 100644 vendor/github.com/docker/distribution/digest/verifiers_test.go delete mode 100644 vendor/github.com/docker/distribution/doc.go delete mode 100644 vendor/github.com/docker/distribution/docs/README.md delete mode 100644 vendor/github.com/docker/distribution/docs/configuration.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/api.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/api.md.tmpl delete mode 100644 vendor/github.com/docker/distribution/docs/spec/auth/index.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/auth/jwt.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/auth/oauth.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/auth/scope.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/auth/token.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/implementations.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/index.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/json.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/manifest-v2-1.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/manifest-v2-2.md delete mode 100644 vendor/github.com/docker/distribution/docs/spec/menu.md delete mode 100644 vendor/github.com/docker/distribution/errors.go delete mode 100644 vendor/github.com/docker/distribution/health/api/api.go delete mode 100644 vendor/github.com/docker/distribution/health/api/api_test.go delete mode 100644 vendor/github.com/docker/distribution/health/checks/checks.go delete mode 100644 vendor/github.com/docker/distribution/health/checks/checks_test.go delete mode 100644 vendor/github.com/docker/distribution/health/doc.go delete mode 100644 vendor/github.com/docker/distribution/health/health.go delete mode 100644 vendor/github.com/docker/distribution/health/health_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/doc.go delete mode 100644 vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go delete mode 100644 vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/config_builder.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/config_builder_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/manifest.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/manifest_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/reference_builder.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/reference_builder_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/sign.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema1/verify.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema2/builder.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema2/builder_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema2/manifest.go delete mode 100644 vendor/github.com/docker/distribution/manifest/schema2/manifest_test.go delete mode 100644 vendor/github.com/docker/distribution/manifest/versioned.go delete mode 100644 vendor/github.com/docker/distribution/manifests.go delete mode 100644 vendor/github.com/docker/distribution/notifications/bridge.go delete mode 100644 vendor/github.com/docker/distribution/notifications/bridge_test.go delete mode 100644 vendor/github.com/docker/distribution/notifications/endpoint.go delete mode 100644 vendor/github.com/docker/distribution/notifications/event.go delete mode 100644 vendor/github.com/docker/distribution/notifications/event_test.go delete mode 100644 vendor/github.com/docker/distribution/notifications/http.go delete mode 100644 vendor/github.com/docker/distribution/notifications/http_test.go delete mode 100644 vendor/github.com/docker/distribution/notifications/listener.go delete mode 100644 vendor/github.com/docker/distribution/notifications/listener_test.go delete mode 100644 vendor/github.com/docker/distribution/notifications/metrics.go delete mode 100644 vendor/github.com/docker/distribution/notifications/sinks.go delete mode 100644 vendor/github.com/docker/distribution/notifications/sinks_test.go delete mode 100644 vendor/github.com/docker/distribution/project/dev-image/Dockerfile delete mode 100644 vendor/github.com/docker/distribution/project/hooks/README.md delete mode 100755 vendor/github.com/docker/distribution/project/hooks/configure-hooks.sh delete mode 100755 vendor/github.com/docker/distribution/project/hooks/pre-commit delete mode 100644 vendor/github.com/docker/distribution/reference/reference.go delete mode 100644 vendor/github.com/docker/distribution/reference/reference_test.go delete mode 100644 vendor/github.com/docker/distribution/reference/regexp.go delete mode 100644 vendor/github.com/docker/distribution/reference/regexp_test.go delete mode 100644 vendor/github.com/docker/distribution/registry.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/errcode/errors.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/errcode/errors_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/errcode/handler.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/errcode/register.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/descriptors.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/doc.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/errors.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/headerparser.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/headerparser_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/routes.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/routes_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/urls.go delete mode 100644 vendor/github.com/docker/distribution/registry/api/v2/urls_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/auth.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/htpasswd/access.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/htpasswd/access_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/silly/access.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/silly/access_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/token/accesscontroller.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/token/stringset.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/token/token.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/token/token_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/auth/token/util.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/auth/api_version.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/auth/challenge/addr.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/auth/session.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/auth/session_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/blob_writer.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/blob_writer_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/errors.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/errors_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/repository.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/repository_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/transport/http_reader.go delete mode 100644 vendor/github.com/docker/distribution/registry/client/transport/transport.go delete mode 100644 vendor/github.com/docker/distribution/registry/doc.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/api_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/app.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/app_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/basicauth.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/basicauth_prego14.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/blob.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/blobupload.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/catalog.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/context.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/health_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/helpers.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/hmac.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/hmac_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/hooks.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/images.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/mail.go delete mode 100644 vendor/github.com/docker/distribution/registry/handlers/tags.go delete mode 100644 vendor/github.com/docker/distribution/registry/listener/listener.go delete mode 100644 vendor/github.com/docker/distribution/registry/middleware/registry/middleware.go delete mode 100644 vendor/github.com/docker/distribution/registry/middleware/repository/middleware.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxyauth.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxyblobstore.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxyblobstore_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxymetrics.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxyregistry.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxytagservice.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/proxytagservice_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler.go delete mode 100644 vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/registry.go delete mode 100644 vendor/github.com/docker/distribution/registry/registry_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/root.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blob_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blobcachemetrics.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blobserver.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blobstore.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blobwriter.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blobwriter_nonresumable.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/blobwriter_resumable.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/cache.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/cachecheck/suite.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/cachedblobdescriptorstore.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/memory/memory.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/memory/memory_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/redis/redis.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/cache/redis/redis_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/catalog.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/catalog_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/doc.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/azure/azure.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/azure/azure_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/base/base.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/base/regulator.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/factory/factory.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/fileinfo.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/gcs/doc.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/inmemory/mfs.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/middleware/cloudfront/middleware.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/middleware/storagemiddleware.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/oss/doc.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/oss/oss.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/oss/oss_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_v2_signer.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/storagedriver.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/swift/swift.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/swift/swift_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/testdriver/testdriver.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/driver/testsuites/testsuites.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/filereader.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/filereader_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/garbagecollect.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/garbagecollect_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/linkedblobstore.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/linkedblobstore_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/manifestlisthandler.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/manifeststore.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/manifeststore_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/paths.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/paths_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/purgeuploads.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/purgeuploads_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/registry.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/signedmanifesthandler.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/tagstore.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/tagstore_test.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/util.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/vacuum.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/walk.go delete mode 100644 vendor/github.com/docker/distribution/registry/storage/walk_test.go delete mode 100644 vendor/github.com/docker/distribution/tags.go delete mode 100644 vendor/github.com/docker/distribution/testutil/handler.go delete mode 100644 vendor/github.com/docker/distribution/testutil/manifests.go delete mode 100644 vendor/github.com/docker/distribution/testutil/tarfile.go delete mode 100644 vendor/github.com/docker/distribution/uuid/uuid.go delete mode 100644 vendor/github.com/docker/distribution/uuid/uuid_test.go delete mode 100644 vendor/github.com/docker/distribution/version/print.go delete mode 100644 vendor/github.com/docker/distribution/version/version.go delete mode 100755 vendor/github.com/docker/distribution/version/version.sh delete mode 100644 vendor/github.com/docker/libtrust/CONTRIBUTING.md delete mode 100644 vendor/github.com/docker/libtrust/LICENSE delete mode 100644 vendor/github.com/docker/libtrust/MAINTAINERS delete mode 100644 vendor/github.com/docker/libtrust/README.md delete mode 100644 vendor/github.com/docker/libtrust/certificates.go delete mode 100644 vendor/github.com/docker/libtrust/certificates_test.go delete mode 100644 vendor/github.com/docker/libtrust/doc.go delete mode 100644 vendor/github.com/docker/libtrust/ec_key.go delete mode 100644 vendor/github.com/docker/libtrust/ec_key_test.go delete mode 100644 vendor/github.com/docker/libtrust/filter.go delete mode 100644 vendor/github.com/docker/libtrust/filter_test.go delete mode 100644 vendor/github.com/docker/libtrust/hash.go delete mode 100644 vendor/github.com/docker/libtrust/jsonsign.go delete mode 100644 vendor/github.com/docker/libtrust/jsonsign_test.go delete mode 100644 vendor/github.com/docker/libtrust/key.go delete mode 100644 vendor/github.com/docker/libtrust/key_files.go delete mode 100644 vendor/github.com/docker/libtrust/key_files_test.go delete mode 100644 vendor/github.com/docker/libtrust/key_manager.go delete mode 100644 vendor/github.com/docker/libtrust/key_test.go delete mode 100644 vendor/github.com/docker/libtrust/rsa_key.go delete mode 100644 vendor/github.com/docker/libtrust/rsa_key_test.go delete mode 100644 vendor/github.com/docker/libtrust/testutil/certificates.go delete mode 100644 vendor/github.com/docker/libtrust/tlsdemo/README.md delete mode 100644 vendor/github.com/docker/libtrust/tlsdemo/client.go delete mode 100644 vendor/github.com/docker/libtrust/tlsdemo/gencert.go delete mode 100644 vendor/github.com/docker/libtrust/tlsdemo/genkeys.go delete mode 100644 vendor/github.com/docker/libtrust/tlsdemo/server.go delete mode 100644 vendor/github.com/docker/libtrust/trustgraph/graph.go delete mode 100644 vendor/github.com/docker/libtrust/trustgraph/memory_graph.go delete mode 100644 vendor/github.com/docker/libtrust/trustgraph/memory_graph_test.go delete mode 100644 vendor/github.com/docker/libtrust/trustgraph/statement.go delete mode 100644 vendor/github.com/docker/libtrust/trustgraph/statement_test.go delete mode 100644 vendor/github.com/docker/libtrust/util.go delete mode 100644 vendor/github.com/docker/libtrust/util_test.go delete mode 100644 vendor/github.com/gorilla/context/.travis.yml delete mode 100644 vendor/github.com/gorilla/context/LICENSE delete mode 100644 vendor/github.com/gorilla/context/README.md delete mode 100644 vendor/github.com/gorilla/context/context.go delete mode 100644 vendor/github.com/gorilla/context/context_test.go delete mode 100644 vendor/github.com/gorilla/context/doc.go delete mode 100644 vendor/github.com/gorilla/mux/.travis.yml delete mode 100644 vendor/github.com/gorilla/mux/LICENSE delete mode 100644 vendor/github.com/gorilla/mux/README.md delete mode 100644 vendor/github.com/gorilla/mux/bench_test.go delete mode 100644 vendor/github.com/gorilla/mux/doc.go delete mode 100644 vendor/github.com/gorilla/mux/mux.go delete mode 100644 vendor/github.com/gorilla/mux/mux_test.go delete mode 100644 vendor/github.com/gorilla/mux/old_test.go delete mode 100644 vendor/github.com/gorilla/mux/regexp.go delete mode 100644 vendor/github.com/gorilla/mux/route.go delete mode 100644 vendor/github.com/opencontainers/go-digest/.mailmap delete mode 100644 vendor/github.com/opencontainers/go-digest/.pullapprove.yml delete mode 100644 vendor/github.com/opencontainers/go-digest/.travis.yml delete mode 100644 vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md delete mode 100644 vendor/github.com/opencontainers/go-digest/LICENSE.code delete mode 100644 vendor/github.com/opencontainers/go-digest/LICENSE.docs delete mode 100644 vendor/github.com/opencontainers/go-digest/MAINTAINERS delete mode 100644 vendor/github.com/opencontainers/go-digest/README.md delete mode 100644 vendor/github.com/opencontainers/go-digest/algorithm.go delete mode 100644 vendor/github.com/opencontainers/go-digest/algorithm_test.go delete mode 100644 vendor/github.com/opencontainers/go-digest/digest.go delete mode 100644 vendor/github.com/opencontainers/go-digest/digest_test.go delete mode 100644 vendor/github.com/opencontainers/go-digest/digester.go delete mode 100644 vendor/github.com/opencontainers/go-digest/doc.go delete mode 100644 vendor/github.com/opencontainers/go-digest/verifiers.go delete mode 100644 vendor/github.com/opencontainers/go-digest/verifiers_test.go delete mode 100644 vendor/golang.org/x/net/.gitattributes delete mode 100644 vendor/golang.org/x/net/.gitignore delete mode 100644 vendor/golang.org/x/net/AUTHORS delete mode 100644 vendor/golang.org/x/net/CONTRIBUTING.md delete mode 100644 vendor/golang.org/x/net/CONTRIBUTORS delete mode 100644 vendor/golang.org/x/net/LICENSE delete mode 100644 vendor/golang.org/x/net/PATENTS delete mode 100644 vendor/golang.org/x/net/README delete mode 100644 vendor/golang.org/x/net/codereview.cfg delete mode 100644 vendor/golang.org/x/net/context/context.go delete mode 100644 vendor/golang.org/x/net/context/context_test.go delete mode 100644 vendor/golang.org/x/net/context/ctxhttp/cancelreq.go delete mode 100644 vendor/golang.org/x/net/context/ctxhttp/cancelreq_go14.go delete mode 100644 vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go delete mode 100644 vendor/golang.org/x/net/context/ctxhttp/ctxhttp_test.go delete mode 100644 vendor/golang.org/x/net/context/withtimeout_test.go delete mode 100644 vendor/golang.org/x/net/dict/dict.go delete mode 100644 vendor/golang.org/x/net/html/atom/atom.go delete mode 100644 vendor/golang.org/x/net/html/atom/atom_test.go delete mode 100644 vendor/golang.org/x/net/html/atom/gen.go delete mode 100644 vendor/golang.org/x/net/html/atom/table.go delete mode 100644 vendor/golang.org/x/net/html/atom/table_test.go delete mode 100644 vendor/golang.org/x/net/html/charset/charset.go delete mode 100644 vendor/golang.org/x/net/html/charset/charset_test.go delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/HTTP-charset.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-UTF-8-BOM.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-charset.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-content.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/No-encoding-declaration.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/README delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/UTF-16BE-BOM.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/UTF-16LE-BOM.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-charset.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-content.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/meta-charset-attribute.html delete mode 100644 vendor/golang.org/x/net/html/charset/testdata/meta-content-attribute.html delete mode 100644 vendor/golang.org/x/net/html/const.go delete mode 100644 vendor/golang.org/x/net/html/doc.go delete mode 100644 vendor/golang.org/x/net/html/doctype.go delete mode 100644 vendor/golang.org/x/net/html/entity.go delete mode 100644 vendor/golang.org/x/net/html/entity_test.go delete mode 100644 vendor/golang.org/x/net/html/escape.go delete mode 100644 vendor/golang.org/x/net/html/escape_test.go delete mode 100644 vendor/golang.org/x/net/html/example_test.go delete mode 100644 vendor/golang.org/x/net/html/foreign.go delete mode 100644 vendor/golang.org/x/net/html/node.go delete mode 100644 vendor/golang.org/x/net/html/node_test.go delete mode 100644 vendor/golang.org/x/net/html/parse.go delete mode 100644 vendor/golang.org/x/net/html/parse_test.go delete mode 100644 vendor/golang.org/x/net/html/render.go delete mode 100644 vendor/golang.org/x/net/html/render_test.go delete mode 100644 vendor/golang.org/x/net/html/testdata/go1.html delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/README delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/adoption01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/adoption02.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/comments01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/doctype01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/entities01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/entities02.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/html5test-com.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/inbody01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/isindex.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/pending-spec-changes-plain-text-unsafe.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/pending-spec-changes.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/plain-text-unsafe.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/scriptdata01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/scripted/adoption01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/scripted/webkit01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tables01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests1.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests10.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests11.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests12.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests14.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests15.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests16.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests17.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests18.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests19.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests2.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests20.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests21.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests22.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests23.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests24.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests25.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests26.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests3.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests4.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests5.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests6.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests7.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests8.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests9.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tests_innerHTML_1.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/tricky01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/webkit01.dat delete mode 100644 vendor/golang.org/x/net/html/testdata/webkit/webkit02.dat delete mode 100644 vendor/golang.org/x/net/html/token.go delete mode 100644 vendor/golang.org/x/net/html/token_test.go delete mode 100644 vendor/golang.org/x/net/http2/.gitignore delete mode 100644 vendor/golang.org/x/net/http2/Dockerfile delete mode 100644 vendor/golang.org/x/net/http2/Makefile delete mode 100644 vendor/golang.org/x/net/http2/README delete mode 100644 vendor/golang.org/x/net/http2/client_conn_pool.go delete mode 100644 vendor/golang.org/x/net/http2/configure_transport.go delete mode 100644 vendor/golang.org/x/net/http2/errors.go delete mode 100644 vendor/golang.org/x/net/http2/errors_test.go delete mode 100644 vendor/golang.org/x/net/http2/fixed_buffer.go delete mode 100644 vendor/golang.org/x/net/http2/fixed_buffer_test.go delete mode 100644 vendor/golang.org/x/net/http2/flow.go delete mode 100644 vendor/golang.org/x/net/http2/flow_test.go delete mode 100644 vendor/golang.org/x/net/http2/frame.go delete mode 100644 vendor/golang.org/x/net/http2/frame_test.go delete mode 100644 vendor/golang.org/x/net/http2/go15.go delete mode 100644 vendor/golang.org/x/net/http2/gotrack.go delete mode 100644 vendor/golang.org/x/net/http2/gotrack_test.go delete mode 100644 vendor/golang.org/x/net/http2/h2demo/.gitignore delete mode 100644 vendor/golang.org/x/net/http2/h2demo/Makefile delete mode 100644 vendor/golang.org/x/net/http2/h2demo/README delete mode 100644 vendor/golang.org/x/net/http2/h2demo/h2demo.go delete mode 100644 vendor/golang.org/x/net/http2/h2demo/launch.go delete mode 100644 vendor/golang.org/x/net/http2/h2demo/rootCA.key delete mode 100644 vendor/golang.org/x/net/http2/h2demo/rootCA.pem delete mode 100644 vendor/golang.org/x/net/http2/h2demo/rootCA.srl delete mode 100644 vendor/golang.org/x/net/http2/h2demo/server.crt delete mode 100644 vendor/golang.org/x/net/http2/h2demo/server.key delete mode 100644 vendor/golang.org/x/net/http2/h2i/README.md delete mode 100644 vendor/golang.org/x/net/http2/h2i/h2i.go delete mode 100644 vendor/golang.org/x/net/http2/headermap.go delete mode 100644 vendor/golang.org/x/net/http2/hpack/encode.go delete mode 100644 vendor/golang.org/x/net/http2/hpack/encode_test.go delete mode 100644 vendor/golang.org/x/net/http2/hpack/hpack.go delete mode 100644 vendor/golang.org/x/net/http2/hpack/hpack_test.go delete mode 100644 vendor/golang.org/x/net/http2/hpack/huffman.go delete mode 100644 vendor/golang.org/x/net/http2/hpack/tables.go delete mode 100644 vendor/golang.org/x/net/http2/http2.go delete mode 100644 vendor/golang.org/x/net/http2/http2_test.go delete mode 100644 vendor/golang.org/x/net/http2/not_go15.go delete mode 100644 vendor/golang.org/x/net/http2/not_go16.go delete mode 100644 vendor/golang.org/x/net/http2/pipe.go delete mode 100644 vendor/golang.org/x/net/http2/pipe_test.go delete mode 100644 vendor/golang.org/x/net/http2/priority_test.go delete mode 100644 vendor/golang.org/x/net/http2/server.go delete mode 100644 vendor/golang.org/x/net/http2/server_test.go delete mode 100644 vendor/golang.org/x/net/http2/testdata/draft-ietf-httpbis-http2.xml delete mode 100644 vendor/golang.org/x/net/http2/transport.go delete mode 100644 vendor/golang.org/x/net/http2/transport_test.go delete mode 100644 vendor/golang.org/x/net/http2/write.go delete mode 100644 vendor/golang.org/x/net/http2/writesched.go delete mode 100644 vendor/golang.org/x/net/http2/z_spec_test.go delete mode 100644 vendor/golang.org/x/net/icmp/dstunreach.go delete mode 100644 vendor/golang.org/x/net/icmp/echo.go delete mode 100644 vendor/golang.org/x/net/icmp/endpoint.go delete mode 100644 vendor/golang.org/x/net/icmp/example_test.go delete mode 100644 vendor/golang.org/x/net/icmp/extension.go delete mode 100644 vendor/golang.org/x/net/icmp/extension_test.go delete mode 100644 vendor/golang.org/x/net/icmp/helper.go delete mode 100644 vendor/golang.org/x/net/icmp/helper_posix.go delete mode 100644 vendor/golang.org/x/net/icmp/interface.go delete mode 100644 vendor/golang.org/x/net/icmp/ipv4.go delete mode 100644 vendor/golang.org/x/net/icmp/ipv4_test.go delete mode 100644 vendor/golang.org/x/net/icmp/ipv6.go delete mode 100644 vendor/golang.org/x/net/icmp/listen_posix.go delete mode 100644 vendor/golang.org/x/net/icmp/listen_stub.go delete mode 100644 vendor/golang.org/x/net/icmp/message.go delete mode 100644 vendor/golang.org/x/net/icmp/message_test.go delete mode 100644 vendor/golang.org/x/net/icmp/messagebody.go delete mode 100644 vendor/golang.org/x/net/icmp/mpls.go delete mode 100644 vendor/golang.org/x/net/icmp/multipart.go delete mode 100644 vendor/golang.org/x/net/icmp/multipart_test.go delete mode 100644 vendor/golang.org/x/net/icmp/packettoobig.go delete mode 100644 vendor/golang.org/x/net/icmp/paramprob.go delete mode 100644 vendor/golang.org/x/net/icmp/ping_test.go delete mode 100644 vendor/golang.org/x/net/icmp/sys_freebsd.go delete mode 100644 vendor/golang.org/x/net/icmp/timeexceeded.go delete mode 100644 vendor/golang.org/x/net/idna/idna.go delete mode 100644 vendor/golang.org/x/net/idna/idna_test.go delete mode 100644 vendor/golang.org/x/net/idna/punycode.go delete mode 100644 vendor/golang.org/x/net/idna/punycode_test.go delete mode 100644 vendor/golang.org/x/net/internal/iana/const.go delete mode 100644 vendor/golang.org/x/net/internal/iana/gen.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/error_posix.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/error_stub.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/interface.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/rlimit.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/rlimit_stub.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/rlimit_unix.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/rlimit_windows.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/stack.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/stack_stub.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/stack_unix.go delete mode 100644 vendor/golang.org/x/net/internal/nettest/stack_windows.go delete mode 100644 vendor/golang.org/x/net/internal/timeseries/timeseries.go delete mode 100644 vendor/golang.org/x/net/internal/timeseries/timeseries_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/control.go delete mode 100644 vendor/golang.org/x/net/ipv4/control_bsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/control_pktinfo.go delete mode 100644 vendor/golang.org/x/net/ipv4/control_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/control_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/control_windows.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_darwin.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_dragonfly.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_freebsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_linux.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_netbsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_openbsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/defs_solaris.go delete mode 100644 vendor/golang.org/x/net/ipv4/dgramopt_posix.go delete mode 100644 vendor/golang.org/x/net/ipv4/dgramopt_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/doc.go delete mode 100644 vendor/golang.org/x/net/ipv4/endpoint.go delete mode 100644 vendor/golang.org/x/net/ipv4/example_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/gen.go delete mode 100644 vendor/golang.org/x/net/ipv4/genericopt_posix.go delete mode 100644 vendor/golang.org/x/net/ipv4/genericopt_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/header.go delete mode 100644 vendor/golang.org/x/net/ipv4/header_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/helper.go delete mode 100644 vendor/golang.org/x/net/ipv4/helper_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/helper_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/helper_windows.go delete mode 100644 vendor/golang.org/x/net/ipv4/iana.go delete mode 100644 vendor/golang.org/x/net/ipv4/icmp.go delete mode 100644 vendor/golang.org/x/net/ipv4/icmp_linux.go delete mode 100644 vendor/golang.org/x/net/ipv4/icmp_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/icmp_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/mocktransponder_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/multicast_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/multicastlistener_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/multicastsockopt_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/packet.go delete mode 100644 vendor/golang.org/x/net/ipv4/payload.go delete mode 100644 vendor/golang.org/x/net/ipv4/payload_cmsg.go delete mode 100644 vendor/golang.org/x/net/ipv4/payload_nocmsg.go delete mode 100644 vendor/golang.org/x/net/ipv4/readwrite_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_asmreq.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_asmreq_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_asmreq_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_asmreq_windows.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_asmreqn_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_asmreqn_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_ssmreq_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_ssmreq_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/sockopt_windows.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_bsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_darwin.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_freebsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_linux.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_openbsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_stub.go delete mode 100644 vendor/golang.org/x/net/ipv4/sys_windows.go delete mode 100644 vendor/golang.org/x/net/ipv4/syscall_linux_386.go delete mode 100644 vendor/golang.org/x/net/ipv4/syscall_unix.go delete mode 100644 vendor/golang.org/x/net/ipv4/thunk_linux_386.s delete mode 100644 vendor/golang.org/x/net/ipv4/unicast_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/unicastsockopt_test.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_darwin.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_dragonfly.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_386.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_arm.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_netbsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_openbsd.go delete mode 100644 vendor/golang.org/x/net/ipv4/zsys_solaris.go delete mode 100644 vendor/golang.org/x/net/ipv6/control.go delete mode 100644 vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/control_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/control_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/control_windows.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_darwin.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_dragonfly.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_freebsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_linux.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_netbsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_openbsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/defs_solaris.go delete mode 100644 vendor/golang.org/x/net/ipv6/dgramopt_posix.go delete mode 100644 vendor/golang.org/x/net/ipv6/dgramopt_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/doc.go delete mode 100644 vendor/golang.org/x/net/ipv6/endpoint.go delete mode 100644 vendor/golang.org/x/net/ipv6/example_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/gen.go delete mode 100644 vendor/golang.org/x/net/ipv6/genericopt_posix.go delete mode 100644 vendor/golang.org/x/net/ipv6/genericopt_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/header.go delete mode 100644 vendor/golang.org/x/net/ipv6/header_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/helper.go delete mode 100644 vendor/golang.org/x/net/ipv6/helper_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/helper_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/helper_windows.go delete mode 100644 vendor/golang.org/x/net/ipv6/iana.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp_bsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp_linux.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp_solaris.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/icmp_windows.go delete mode 100644 vendor/golang.org/x/net/ipv6/mocktransponder_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/multicast_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/multicastlistener_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/multicastsockopt_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/payload.go delete mode 100644 vendor/golang.org/x/net/ipv6/payload_cmsg.go delete mode 100644 vendor/golang.org/x/net/ipv6/payload_nocmsg.go delete mode 100644 vendor/golang.org/x/net/ipv6/readwrite_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_asmreq_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_asmreq_windows.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_ssmreq_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_ssmreq_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/sockopt_windows.go delete mode 100644 vendor/golang.org/x/net/ipv6/sys_bsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/sys_darwin.go delete mode 100644 vendor/golang.org/x/net/ipv6/sys_freebsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/sys_linux.go delete mode 100644 vendor/golang.org/x/net/ipv6/sys_stub.go delete mode 100644 vendor/golang.org/x/net/ipv6/sys_windows.go delete mode 100644 vendor/golang.org/x/net/ipv6/syscall_linux_386.go delete mode 100644 vendor/golang.org/x/net/ipv6/syscall_unix.go delete mode 100644 vendor/golang.org/x/net/ipv6/thunk_linux_386.s delete mode 100644 vendor/golang.org/x/net/ipv6/unicast_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/unicastsockopt_test.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_darwin.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_dragonfly.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_386.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_arm.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_netbsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_openbsd.go delete mode 100644 vendor/golang.org/x/net/ipv6/zsys_solaris.go delete mode 100644 vendor/golang.org/x/net/netutil/listen.go delete mode 100644 vendor/golang.org/x/net/netutil/listen_test.go delete mode 100644 vendor/golang.org/x/net/proxy/direct.go delete mode 100644 vendor/golang.org/x/net/proxy/per_host.go delete mode 100644 vendor/golang.org/x/net/proxy/per_host_test.go delete mode 100644 vendor/golang.org/x/net/proxy/proxy.go delete mode 100644 vendor/golang.org/x/net/proxy/proxy_test.go delete mode 100644 vendor/golang.org/x/net/proxy/socks5.go delete mode 100644 vendor/golang.org/x/net/publicsuffix/gen.go delete mode 100644 vendor/golang.org/x/net/publicsuffix/list.go delete mode 100644 vendor/golang.org/x/net/publicsuffix/list_test.go delete mode 100644 vendor/golang.org/x/net/publicsuffix/table.go delete mode 100644 vendor/golang.org/x/net/publicsuffix/table_test.go delete mode 100644 vendor/golang.org/x/net/trace/events.go delete mode 100644 vendor/golang.org/x/net/trace/histogram.go delete mode 100644 vendor/golang.org/x/net/trace/histogram_test.go delete mode 100644 vendor/golang.org/x/net/trace/trace.go delete mode 100644 vendor/golang.org/x/net/trace/trace_test.go delete mode 100644 vendor/golang.org/x/net/webdav/file.go delete mode 100644 vendor/golang.org/x/net/webdav/file_test.go delete mode 100644 vendor/golang.org/x/net/webdav/if.go delete mode 100644 vendor/golang.org/x/net/webdav/if_test.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/README delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/atom_test.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/example_test.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/marshal.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/marshal_test.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/read.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/read_test.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/typeinfo.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/xml.go delete mode 100644 vendor/golang.org/x/net/webdav/internal/xml/xml_test.go delete mode 100644 vendor/golang.org/x/net/webdav/litmus_test_server.go delete mode 100644 vendor/golang.org/x/net/webdav/lock.go delete mode 100644 vendor/golang.org/x/net/webdav/lock_test.go delete mode 100644 vendor/golang.org/x/net/webdav/prop.go delete mode 100644 vendor/golang.org/x/net/webdav/prop_test.go delete mode 100644 vendor/golang.org/x/net/webdav/webdav.go delete mode 100644 vendor/golang.org/x/net/webdav/webdav_test.go delete mode 100644 vendor/golang.org/x/net/webdav/xml.go delete mode 100644 vendor/golang.org/x/net/webdav/xml_test.go delete mode 100644 vendor/golang.org/x/net/websocket/client.go delete mode 100644 vendor/golang.org/x/net/websocket/exampledial_test.go delete mode 100644 vendor/golang.org/x/net/websocket/examplehandler_test.go delete mode 100644 vendor/golang.org/x/net/websocket/hybi.go delete mode 100644 vendor/golang.org/x/net/websocket/hybi_test.go delete mode 100644 vendor/golang.org/x/net/websocket/server.go delete mode 100644 vendor/golang.org/x/net/websocket/websocket.go delete mode 100644 vendor/golang.org/x/net/websocket/websocket_test.go delete mode 100644 vendor/golang.org/x/net/xsrftoken/xsrf.go delete mode 100644 vendor/golang.org/x/net/xsrftoken/xsrf_test.go diff --git a/glide.lock b/glide.lock deleted file mode 100644 index 0198c665..00000000 --- a/glide.lock +++ /dev/null @@ -1,35 +0,0 @@ -hash: a7420b580463f8f3edc61b9e2f61834a6a08a6d41275dd11fb0ebab9bd3f3e1a -updated: 2017-07-01T13:12:33.026343623+01:00 -imports: -- name: github.com/docker/distribution - version: a25b9ef0c9fe242ac04bb20d3a028442b7d266b6 - subpackages: - - context - - digest - - manifest - - manifest/schema1 - - manifest/schema2 - - reference - - uuid -- name: github.com/docker/libtrust - version: fa567046d9b14f6aa788882a950d69651d230b21 -- name: github.com/gorilla/context - version: 14f550f51af52180c2eefed15e5fd18d63c0a64a -- name: github.com/gorilla/mux - version: e444e69cbd2e2e3e0749a2f3c717cec491552bbf -- name: github.com/opencontainers/go-digest - version: aa2ec055abd10d26d539eb630a92241b781ce4bc -- name: github.com/Sirupsen/logrus - version: 55eb11d21d2a31a3cc93838241d04800f52e823d - subpackages: - - formatters/logstash -- name: golang.org/x/net - version: 4876518f9e71663000c348837735820161a42df7 - subpackages: - - context - - context/ctxhttp - - http2 - - http2/hpack - - internal/timeseries - - trace -testImports: [] diff --git a/glide.yaml b/glide.yaml index 7d9b12b1..9c0dffd9 100644 --- a/glide.yaml +++ b/glide.yaml @@ -1,7 +1,7 @@ package: github.com/rusenask/docker-registry-client import: - package: github.com/docker/distribution - version: ^2.6.1 + version: 5db89f0ca68677abc5eefce8f2a0a772c98ba52d subpackages: - manifest/schema1 - manifest/schema2 diff --git a/vendor/github.com/docker/distribution/.gitignore b/vendor/github.com/docker/distribution/.gitignore deleted file mode 100644 index 1c3ae0a7..00000000 --- a/vendor/github.com/docker/distribution/.gitignore +++ /dev/null @@ -1,37 +0,0 @@ -# Compiled Object files, Static and Dynamic libs (Shared Objects) -*.o -*.a -*.so - -# Folders -_obj -_test - -# Architecture specific extensions/prefixes -*.[568vq] -[568vq].out - -*.cgo1.go -*.cgo2.c -_cgo_defun.c -_cgo_gotypes.go -_cgo_export.* - -_testmain.go - -*.exe -*.test -*.prof - -# never checkin from the bin file (for now) -bin/* - -# Test key files -*.pem - -# Cover profiles -*.out - -# Editor/IDE specific files. -*.sublime-project -*.sublime-workspace diff --git a/vendor/github.com/docker/distribution/.mailmap b/vendor/github.com/docker/distribution/.mailmap deleted file mode 100644 index d9910601..00000000 --- a/vendor/github.com/docker/distribution/.mailmap +++ /dev/null @@ -1,18 +0,0 @@ -Stephen J Day Stephen Day -Stephen J Day Stephen Day -Olivier Gambier Olivier Gambier -Brian Bland Brian Bland -Brian Bland Brian Bland -Josh Hawn Josh Hawn -Richard Scothern Richard -Richard Scothern Richard Scothern -Andrew Meredith Andrew Meredith -harche harche -Jessie Frazelle -Sharif Nassar Sharif Nassar -Sven Dowideit Sven Dowideit -Vincent Giersch Vincent Giersch -davidli davidli -Omer Cohen Omer Cohen -Eric Yang Eric Yang -Nikita Tarasov Nikita diff --git a/vendor/github.com/docker/distribution/AUTHORS b/vendor/github.com/docker/distribution/AUTHORS deleted file mode 100644 index 252ff8aa..00000000 --- a/vendor/github.com/docker/distribution/AUTHORS +++ /dev/null @@ -1,182 +0,0 @@ -a-palchikov -Aaron Lehmann -Aaron Schlesinger -Aaron Vinson -Adam Duke -Adam Enger -Adrian Mouat -Ahmet Alp Balkan -Alex Chan -Alex Elman -Alexey Gladkov -allencloud -amitshukla -Amy Lindburg -Andrew Hsu -Andrew Meredith -Andrew T Nguyen -Andrey Kostov -Andy Goldstein -Anis Elleuch -Anton Tiurin -Antonio Mercado -Antonio Murdaca -Anusha Ragunathan -Arien Holthuizen -Arnaud Porterie -Arthur Baars -Asuka Suzuki -Avi Miller -Ayose Cazorla -BadZen -Ben Bodenmiller -Ben Firshman -bin liu -Brian Bland -burnettk -Carson A -Cezar Sa Espinola -Charles Smith -Chris Dillon -cuiwei13 -cyli -Daisuke Fujita -Daniel Huhn -Darren Shepherd -Dave Trombley -Dave Tucker -David Lawrence -David Verhasselt -David Xia -davidli -Dejan Golja -Derek McGowan -Diogo Mónica -DJ Enriquez -Donald Huang -Doug Davis -Edgar Lee -Eric Yang -Fabio Berchtold -Fabio Huser -farmerworking -Felix Yan -Florentin Raud -Frank Chen -Frederick F. Kautz IV -gabriell nascimento -Gleb Schukin -harche -Henri Gomez -Hu Keping -Hua Wang -HuKeping -Ian Babrou -igayoso -Jack Griffin -James Findley -Jason Freidman -Jason Heiss -Jeff Nickoloff -Jess Frazelle -Jessie Frazelle -jhaohai -Jianqing Wang -Jihoon Chung -Joao Fernandes -John Mulhausen -John Starks -Jon Johnson -Jon Poler -Jonathan Boulle -Jordan Liggitt -Josh Chorlton -Josh Hawn -Julien Fernandez -Ke Xu -Keerthan Mala -Kelsey Hightower -Kenneth Lim -Kenny Leung -Li Yi -Liu Hua -liuchang0812 -Lloyd Ramey -Louis Kottmann -Luke Carpenter -Marcus Martins -Mary Anthony -Matt Bentley -Matt Duch -Matt Moore -Matt Robenolt -Matthew Green -Michael Prokop -Michal Minar -Michal Minář -Mike Brown -Miquel Sabaté -Misty Stanley-Jones -Misty Stanley-Jones -Morgan Bauer -moxiegirl -Nathan Sullivan -nevermosby -Nghia Tran -Nikita Tarasov -Noah Treuhaft -Nuutti Kotivuori -Oilbeater -Olivier Gambier -Olivier Jacques -Omer Cohen -Patrick Devine -Phil Estes -Philip Misiowiec -Pierre-Yves Ritschard -Qiao Anran -Randy Barlow -Richard Scothern -Rodolfo Carvalho -Rusty Conover -Sean Boran -Sebastiaan van Stijn -Sebastien Coavoux -Serge Dubrouski -Sharif Nassar -Shawn Falkner-Horine -Shreyas Karnik -Simon Thulbourn -spacexnice -Spencer Rinehart -Stan Hu -Stefan Majewsky -Stefan Weil -Stephen J Day -Sungho Moon -Sven Dowideit -Sylvain Baubeau -Ted Reed -tgic -Thomas Sjögren -Tianon Gravi -Tibor Vass -Tonis Tiigi -Tony Holdstock-Brown -Trevor Pounds -Troels Thomsen -Victor Vieux -Victoria Bialas -Vincent Batts -Vincent Demeester -Vincent Giersch -W. Trevor King -weiyuan.yl -xg.song -xiekeyang -Yann ROBERT -yaoyao.xyy -yuexiao-wang -yuzou -zhouhaibing089 -姜继忠 diff --git a/vendor/github.com/docker/distribution/BUILDING.md b/vendor/github.com/docker/distribution/BUILDING.md deleted file mode 100644 index 2d5a1011..00000000 --- a/vendor/github.com/docker/distribution/BUILDING.md +++ /dev/null @@ -1,119 +0,0 @@ - -# Building the registry source - -## Use-case - -This is useful if you intend to actively work on the registry. - -### Alternatives - -Most people should use the [official Registry docker image](https://hub.docker.com/r/library/registry/). - -People looking for advanced operational use cases might consider rolling their own image with a custom Dockerfile inheriting `FROM registry:2`. - -OS X users who want to run natively can do so following [the instructions here](https://github.com/docker/docker.github.io/blob/master/registry/recipes/osx-setup-guide.md). - -### Gotchas - -You are expected to know your way around with go & git. - -If you are a casual user with no development experience, and no preliminary knowledge of go, building from source is probably not a good solution for you. - -## Build the development environment - -The first prerequisite of properly building distribution targets is to have a Go -development environment setup. Please follow [How to Write Go Code](https://golang.org/doc/code.html) -for proper setup. If done correctly, you should have a GOROOT and GOPATH set in the -environment. - -If a Go development environment is setup, one can use `go get` to install the -`registry` command from the current latest: - - go get github.com/docker/distribution/cmd/registry - -The above will install the source repository into the `GOPATH`. - -Now create the directory for the registry data (this might require you to set permissions properly) - - mkdir -p /var/lib/registry - -... or alternatively `export REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/somewhere` if you want to store data into another location. - -The `registry` -binary can then be run with the following: - - $ $GOPATH/bin/registry --version - $GOPATH/bin/registry github.com/docker/distribution v2.0.0-alpha.1+unknown - -> __NOTE:__ While you do not need to use `go get` to checkout the distribution -> project, for these build instructions to work, the project must be checked -> out in the correct location in the `GOPATH`. This should almost always be -> `$GOPATH/src/github.com/docker/distribution`. - -The registry can be run with the default config using the following -incantation: - - $ $GOPATH/bin/registry serve $GOPATH/src/github.com/docker/distribution/cmd/registry/config-example.yml - INFO[0000] endpoint local-5003 disabled, skipping app.id=34bbec38-a91a-494a-9a3f-b72f9010081f version=v2.0.0-alpha.1+unknown - INFO[0000] endpoint local-8083 disabled, skipping app.id=34bbec38-a91a-494a-9a3f-b72f9010081f version=v2.0.0-alpha.1+unknown - INFO[0000] listening on :5000 app.id=34bbec38-a91a-494a-9a3f-b72f9010081f version=v2.0.0-alpha.1+unknown - INFO[0000] debug server listening localhost:5001 - -If it is working, one should see the above log messages. - -### Repeatable Builds - -For the full development experience, one should `cd` into -`$GOPATH/src/github.com/docker/distribution`. From there, the regular `go` -commands, such as `go test`, should work per package (please see -[Developing](#developing) if they don't work). - -A `Makefile` has been provided as a convenience to support repeatable builds. -Please install the following into `GOPATH` for it to work: - - go get github.com/tools/godep github.com/golang/lint/golint - -**TODO(stevvooe):** Add a `make setup` command to Makefile to run this. Have to think about how to interact with Godeps properly. - -Once these commands are available in the `GOPATH`, run `make` to get a full -build: - - $ make - + clean - + fmt - + vet - + lint - + build - github.com/docker/docker/vendor/src/code.google.com/p/go/src/pkg/archive/tar - github.com/Sirupsen/logrus - github.com/docker/libtrust - ... - github.com/yvasiyarov/gorelic - github.com/docker/distribution/registry/handlers - github.com/docker/distribution/cmd/registry - + test - ... - ok github.com/docker/distribution/digest 7.875s - ok github.com/docker/distribution/manifest 0.028s - ok github.com/docker/distribution/notifications 17.322s - ? github.com/docker/distribution/registry [no test files] - ok github.com/docker/distribution/registry/api/v2 0.101s - ? github.com/docker/distribution/registry/auth [no test files] - ok github.com/docker/distribution/registry/auth/silly 0.011s - ... - + /Users/sday/go/src/github.com/docker/distribution/bin/registry - + /Users/sday/go/src/github.com/docker/distribution/bin/registry-api-descriptor-template - + binaries - -The above provides a repeatable build using the contents of the vendored -Godeps directory. This includes formatting, vetting, linting, building, -testing and generating tagged binaries. We can verify this worked by running -the registry binary generated in the "./bin" directory: - - $ ./bin/registry -version - ./bin/registry github.com/docker/distribution v2.0.0-alpha.2-80-g16d8b2c.m - -### Optional build tags - -Optional [build tags](http://golang.org/pkg/go/build/) can be provided using -the environment variable `DOCKER_BUILDTAGS`. diff --git a/vendor/github.com/docker/distribution/CHANGELOG.md b/vendor/github.com/docker/distribution/CHANGELOG.md deleted file mode 100644 index b1a5c682..00000000 --- a/vendor/github.com/docker/distribution/CHANGELOG.md +++ /dev/null @@ -1,114 +0,0 @@ -# Changelog - -## 2.6.1 (2017-04-05) - -#### Registry -- Fix `Forwarded` header handling, revert use of `X-Forwarded-Port` -- Use driver `Stat` for registry health check - -## 2.6.0 (2017-01-18) - -#### Storage -- S3: fixed bug in delete due to read-after-write inconsistency -- S3: allow EC2 IAM roles to be used when authorizing region endpoints -- S3: add Object ACL Support -- S3: fix delete method's notion of subpaths -- S3: use multipart upload API in `Move` method for performance -- S3: add v2 signature signing for legacy S3 clones -- Swift: add simple heuristic to detect incomplete DLOs during read ops -- Swift: support different user and tenant domains -- Swift: bulk deletes in chunks -- Aliyun OSS: fix delete method's notion of subpaths -- Aliyun OSS: optimize data copy after upload finishes -- Azure: close leaking response body -- Fix storage drivers dropping non-EOF errors when listing repositories -- Compare path properly when listing repositories in catalog -- Add a foreign layer URL host whitelist -- Improve catalog enumerate runtime - -#### Registry -- Export `storage.CreateOptions` in top-level package -- Enable notifications to endpoints that use self-signed certificates -- Properly validate multi-URL foreign layers -- Add control over validation of URLs in pushed manifests -- Proxy mode: fix socket leak when pull is cancelled -- Tag service: properly handle error responses on HEAD request -- Support for custom authentication URL in proxying registry -- Add configuration option to disable access logging -- Add notification filtering by target media type -- Manifest: `References()` returns all children -- Honor `X-Forwarded-Port` and Forwarded headers -- Reference: Preserve tag and digest in With* functions -- Add policy configuration for enforcing repository classes - -#### Client -- Changes the client Tags `All()` method to follow links -- Allow registry clients to connect via HTTP2 -- Better handling of OAuth errors in client - -#### Spec -- Manifest: clarify relationship between urls and foreign layers -- Authorization: add support for repository classes - -#### Manifest -- Override media type returned from `Stat()` for existing manifests -- Add plugin mediatype to distribution manifest - -#### Docs -- Document `TOOMANYREQUESTS` error code -- Document required Let's Encrypt port -- Improve documentation around implementation of OAuth2 -- Improve documentation for configuration - -#### Auth -- Add support for registry type in scope -- Add support for using v2 ping challenges for v1 -- Add leeway to JWT `nbf` and `exp` checking -- htpasswd: dynamically parse htpasswd file -- Fix missing auth headers with PATCH HTTP request when pushing to default port - -#### Dockerfile -- Update to go1.7 -- Reorder Dockerfile steps for better layer caching - -#### Notes - -Documentation has moved to the documentation repository at -`github.com/docker/docker.github.io/tree/master/registry` - -The registry is go 1.7 compliant, and passes newer, more restrictive `lint` and `vet` ing. - - -## 2.5.0 (2016-06-14) - -#### Storage -- Ensure uploads directory is cleaned after upload is committed -- Add ability to cap concurrent operations in filesystem driver -- S3: Add 'us-gov-west-1' to the valid region list -- Swift: Handle ceph not returning Last-Modified header for HEAD requests -- Add redirect middleware - -#### Registry -- Add support for blobAccessController middleware -- Add support for layers from foreign sources -- Remove signature store -- Add support for Let's Encrypt -- Correct yaml key names in configuration - -#### Client -- Add option to get content digest from manifest get - -#### Spec -- Update the auth spec scope grammar to reflect the fact that hostnames are optionally supported -- Clarify API documentation around catalog fetch behavior - -#### API -- Support returning HTTP 429 (Too Many Requests) - -#### Documentation -- Update auth documentation examples to show "expires in" as int - -#### Docker Image -- Use Alpine Linux as base image - - diff --git a/vendor/github.com/docker/distribution/CONTRIBUTING.md b/vendor/github.com/docker/distribution/CONTRIBUTING.md deleted file mode 100644 index 7cc7aedf..00000000 --- a/vendor/github.com/docker/distribution/CONTRIBUTING.md +++ /dev/null @@ -1,140 +0,0 @@ -# Contributing to the registry - -## Before reporting an issue... - -### If your problem is with... - - - automated builds - - your account on the [Docker Hub](https://hub.docker.com/) - - any other [Docker Hub](https://hub.docker.com/) issue - -Then please do not report your issue here - you should instead report it to [https://support.docker.com](https://support.docker.com) - -### If you... - - - need help setting up your registry - - can't figure out something - - are not sure what's going on or what your problem is - -Then please do not open an issue here yet - you should first try one of the following support forums: - - - irc: #docker-distribution on freenode - - mailing-list: or https://groups.google.com/a/dockerproject.org/forum/#!forum/distribution - -## Reporting an issue properly - -By following these simple rules you will get better and faster feedback on your issue. - - - search the bugtracker for an already reported issue - -### If you found an issue that describes your problem: - - - please read other user comments first, and confirm this is the same issue: a given error condition might be indicative of different problems - you may also find a workaround in the comments - - please refrain from adding "same thing here" or "+1" comments - - you don't need to comment on an issue to get notified of updates: just hit the "subscribe" button - - comment if you have some new, technical and relevant information to add to the case - - __DO NOT__ comment on closed issues or merged PRs. If you think you have a related problem, open up a new issue and reference the PR or issue. - -### If you have not found an existing issue that describes your problem: - - 1. create a new issue, with a succinct title that describes your issue: - - bad title: "It doesn't work with my docker" - - good title: "Private registry push fail: 400 error with E_INVALID_DIGEST" - 2. copy the output of: - - `docker version` - - `docker info` - - `docker exec registry -version` - 3. copy the command line you used to launch your Registry - 4. restart your docker daemon in debug mode (add `-D` to the daemon launch arguments) - 5. reproduce your problem and get your docker daemon logs showing the error - 6. if relevant, copy your registry logs that show the error - 7. provide any relevant detail about your specific Registry configuration (e.g., storage backend used) - 8. indicate if you are using an enterprise proxy, Nginx, or anything else between you and your Registry - -## Contributing a patch for a known bug, or a small correction - -You should follow the basic GitHub workflow: - - 1. fork - 2. commit a change - 3. make sure the tests pass - 4. PR - -Additionally, you must [sign your commits](https://github.com/docker/docker/blob/master/CONTRIBUTING.md#sign-your-work). It's very simple: - - - configure your name with git: `git config user.name "Real Name" && git config user.email mail@example.com` - - sign your commits using `-s`: `git commit -s -m "My commit"` - -Some simple rules to ensure quick merge: - - - clearly point to the issue(s) you want to fix in your PR comment (e.g., `closes #12345`) - - prefer multiple (smaller) PRs addressing individual issues over a big one trying to address multiple issues at once - - if you need to amend your PR following comments, please squash instead of adding more commits - -## Contributing new features - -You are heavily encouraged to first discuss what you want to do. You can do so on the irc channel, or by opening an issue that clearly describes the use case you want to fulfill, or the problem you are trying to solve. - -If this is a major new feature, you should then submit a proposal that describes your technical solution and reasoning. -If you did discuss it first, this will likely be greenlighted very fast. It's advisable to address all feedback on this proposal before starting actual work. - -Then you should submit your implementation, clearly linking to the issue (and possible proposal). - -Your PR will be reviewed by the community, then ultimately by the project maintainers, before being merged. - -It's mandatory to: - - - interact respectfully with other community members and maintainers - more generally, you are expected to abide by the [Docker community rules](https://github.com/docker/docker/blob/master/CONTRIBUTING.md#docker-community-guidelines) - - address maintainers' comments and modify your submission accordingly - - write tests for any new code - -Complying to these simple rules will greatly accelerate the review process, and will ensure you have a pleasant experience in contributing code to the Registry. - -Have a look at a great, successful contribution: the [Swift driver PR](https://github.com/docker/distribution/pull/493) - -## Coding Style - -Unless explicitly stated, we follow all coding guidelines from the Go -community. While some of these standards may seem arbitrary, they somehow seem -to result in a solid, consistent codebase. - -It is possible that the code base does not currently comply with these -guidelines. We are not looking for a massive PR that fixes this, since that -goes against the spirit of the guidelines. All new contributions should make a -best effort to clean up and make the code base better than they left it. -Obviously, apply your best judgement. Remember, the goal here is to make the -code base easier for humans to navigate and understand. Always keep that in -mind when nudging others to comply. - -The rules: - -1. All code should be formatted with `gofmt -s`. -2. All code should pass the default levels of - [`golint`](https://github.com/golang/lint). -3. All code should follow the guidelines covered in [Effective - Go](http://golang.org/doc/effective_go.html) and [Go Code Review - Comments](https://github.com/golang/go/wiki/CodeReviewComments). -4. Comment the code. Tell us the why, the history and the context. -5. Document _all_ declarations and methods, even private ones. Declare - expectations, caveats and anything else that may be important. If a type - gets exported, having the comments already there will ensure it's ready. -6. Variable name length should be proportional to its context and no longer. - `noCommaALongVariableNameLikeThisIsNotMoreClearWhenASimpleCommentWouldDo`. - In practice, short methods will have short variable names and globals will - have longer names. -7. No underscores in package names. If you need a compound name, step back, - and re-examine why you need a compound name. If you still think you need a - compound name, lose the underscore. -8. No utils or helpers packages. If a function is not general enough to - warrant its own package, it has not been written generally enough to be a - part of a util package. Just leave it unexported and well-documented. -9. All tests should run with `go test` and outside tooling should not be - required. No, we don't need another unit testing framework. Assertion - packages are acceptable if they provide _real_ incremental value. -10. Even though we call these "rules" above, they are actually just - guidelines. Since you've read all the rules, you now know that. - -If you are having trouble getting into the mood of idiomatic Go, we recommend -reading through [Effective Go](http://golang.org/doc/effective_go.html). The -[Go Blog](http://blog.golang.org/) is also a great resource. Drinking the -kool-aid is a lot easier than going thirsty. diff --git a/vendor/github.com/docker/distribution/Dockerfile b/vendor/github.com/docker/distribution/Dockerfile deleted file mode 100644 index 426954a1..00000000 --- a/vendor/github.com/docker/distribution/Dockerfile +++ /dev/null @@ -1,18 +0,0 @@ -FROM golang:1.7-alpine - -ENV DISTRIBUTION_DIR /go/src/github.com/docker/distribution -ENV DOCKER_BUILDTAGS include_oss include_gcs - -RUN set -ex \ - && apk add --no-cache make git - -WORKDIR $DISTRIBUTION_DIR -COPY . $DISTRIBUTION_DIR -COPY cmd/registry/config-dev.yml /etc/docker/registry/config.yml - -RUN make PREFIX=/go clean binaries - -VOLUME ["/var/lib/registry"] -EXPOSE 5000 -ENTRYPOINT ["registry"] -CMD ["serve", "/etc/docker/registry/config.yml"] diff --git a/vendor/github.com/docker/distribution/Godeps/Godeps.json b/vendor/github.com/docker/distribution/Godeps/Godeps.json deleted file mode 100644 index dbdd8914..00000000 --- a/vendor/github.com/docker/distribution/Godeps/Godeps.json +++ /dev/null @@ -1,458 +0,0 @@ -{ - "ImportPath": "github.com/docker/distribution", - "GoVersion": "go1.6", - "GodepVersion": "v74", - "Packages": [ - "./..." - ], - "Deps": [ - { - "ImportPath": "github.com/Azure/azure-sdk-for-go/storage", - "Comment": "v5.0.0-beta-6-g0b5fe2a", - "Rev": "0b5fe2abe0271ba07049eacaa65922d67c319543" - }, - { - "ImportPath": "github.com/Sirupsen/logrus", - "Comment": "v0.7.3", - "Rev": "55eb11d21d2a31a3cc93838241d04800f52e823d" - }, - { - "ImportPath": "github.com/Sirupsen/logrus/formatters/logstash", - "Comment": "v0.7.3", - "Rev": "55eb11d21d2a31a3cc93838241d04800f52e823d" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/awserr", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/awsutil", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/client", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/client/metadata", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/corehandlers", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/credentials", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/defaults", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/ec2metadata", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/request", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/session", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/aws/signer/v4", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/endpoints", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/protocol", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/protocol/query", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/protocol/query/queryutil", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/protocol/rest", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/protocol/restxml", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/private/waiter", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/service/cloudfront/sign", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/service/s3", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/vendor/github.com/go-ini/ini", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/aws/aws-sdk-go/vendor/github.com/jmespath/go-jmespath", - "Comment": "v1.2.4", - "Rev": "90dec2183a5f5458ee79cbaf4b8e9ab910bc81a6" - }, - { - "ImportPath": "github.com/bugsnag/bugsnag-go", - "Comment": "v1.0.2-5-gb1d1530", - "Rev": "b1d153021fcd90ca3f080db36bec96dc690fb274" - }, - { - "ImportPath": "github.com/bugsnag/bugsnag-go/errors", - "Comment": "v1.0.2-5-gb1d1530", - "Rev": "b1d153021fcd90ca3f080db36bec96dc690fb274" - }, - { - "ImportPath": "github.com/bugsnag/osext", - "Rev": "0dd3f918b21bec95ace9dc86c7e70266cfc5c702" - }, - { - "ImportPath": "github.com/bugsnag/panicwrap", - "Comment": "1.0.0-2-ge2c2850", - "Rev": "e2c28503fcd0675329da73bf48b33404db873782" - }, - { - "ImportPath": "github.com/denverdino/aliyungo/common", - "Rev": "afedced274aa9a7fcdd47ac97018f0f8db4e5de2" - }, - { - "ImportPath": "github.com/denverdino/aliyungo/oss", - "Rev": "afedced274aa9a7fcdd47ac97018f0f8db4e5de2" - }, - { - "ImportPath": "github.com/denverdino/aliyungo/util", - "Rev": "afedced274aa9a7fcdd47ac97018f0f8db4e5de2" - }, - { - "ImportPath": "github.com/docker/goamz/aws", - "Rev": "f0a21f5b2e12f83a505ecf79b633bb2035cf6f85" - }, - { - "ImportPath": "github.com/docker/goamz/s3", - "Rev": "f0a21f5b2e12f83a505ecf79b633bb2035cf6f85" - }, - { - "ImportPath": "github.com/docker/libtrust", - "Rev": "fa567046d9b14f6aa788882a950d69651d230b21" - }, - { - "ImportPath": "github.com/garyburd/redigo/internal", - "Rev": "535138d7bcd717d6531c701ef5933d98b1866257" - }, - { - "ImportPath": "github.com/garyburd/redigo/redis", - "Rev": "535138d7bcd717d6531c701ef5933d98b1866257" - }, - { - "ImportPath": "github.com/golang/protobuf/proto", - "Rev": "8d92cf5fc15a4382f8964b08e1f42a75c0591aa3" - }, - { - "ImportPath": "github.com/gorilla/context", - "Rev": "14f550f51af52180c2eefed15e5fd18d63c0a64a" - }, - { - "ImportPath": "github.com/gorilla/handlers", - "Rev": "60c7bfde3e33c201519a200a4507a158cc03a17b" - }, - { - "ImportPath": "github.com/gorilla/mux", - "Rev": "e444e69cbd2e2e3e0749a2f3c717cec491552bbf" - }, - { - "ImportPath": "github.com/inconshreveable/mousetrap", - "Rev": "76626ae9c91c4f2a10f34cad8ce83ea42c93bb75" - }, - { - "ImportPath": "github.com/mitchellh/mapstructure", - "Rev": "482a9fd5fa83e8c4e7817413b80f3eb8feec03ef" - }, - { - "ImportPath": "github.com/ncw/swift", - "Rev": "ce444d6d47c51d4dda9202cd38f5094dd8e27e86" - }, - { - "ImportPath": "github.com/ncw/swift/swifttest", - "Rev": "ce444d6d47c51d4dda9202cd38f5094dd8e27e86" - }, - { - "ImportPath": "github.com/spf13/cobra", - "Rev": "312092086bed4968099259622145a0c9ae280064" - }, - { - "ImportPath": "github.com/spf13/pflag", - "Rev": "5644820622454e71517561946e3d94b9f9db6842" - }, - { - "ImportPath": "github.com/stevvooe/resumable", - "Rev": "51ad44105773cafcbe91927f70ac68e1bf78f8b4" - }, - { - "ImportPath": "github.com/stevvooe/resumable/sha256", - "Rev": "51ad44105773cafcbe91927f70ac68e1bf78f8b4" - }, - { - "ImportPath": "github.com/stevvooe/resumable/sha512", - "Rev": "51ad44105773cafcbe91927f70ac68e1bf78f8b4" - }, - { - "ImportPath": "github.com/yvasiyarov/go-metrics", - "Rev": "57bccd1ccd43f94bb17fdd8bf3007059b802f85e" - }, - { - "ImportPath": "github.com/yvasiyarov/gorelic", - "Comment": "v0.0.6-8-ga9bba5b", - "Rev": "a9bba5b9ab508a086f9a12b8c51fab68478e2128" - }, - { - "ImportPath": "github.com/yvasiyarov/newrelic_platform_go", - "Rev": "b21fdbd4370f3717f3bbd2bf41c223bc273068e6" - }, - { - "ImportPath": "golang.org/x/crypto/bcrypt", - "Rev": "c10c31b5e94b6f7a0283272dc2bb27163dcea24b" - }, - { - "ImportPath": "golang.org/x/crypto/blowfish", - "Rev": "c10c31b5e94b6f7a0283272dc2bb27163dcea24b" - }, - { - "ImportPath": "golang.org/x/crypto/ocsp", - "Rev": "c10c31b5e94b6f7a0283272dc2bb27163dcea24b" - }, - { - "ImportPath": "golang.org/x/net/context", - "Rev": "4876518f9e71663000c348837735820161a42df7" - }, - { - "ImportPath": "golang.org/x/net/context/ctxhttp", - "Rev": "4876518f9e71663000c348837735820161a42df7" - }, - { - "ImportPath": "golang.org/x/net/http2", - "Rev": "4876518f9e71663000c348837735820161a42df7" - }, - { - "ImportPath": "golang.org/x/net/http2/hpack", - "Rev": "4876518f9e71663000c348837735820161a42df7" - }, - { - "ImportPath": "golang.org/x/net/internal/timeseries", - "Rev": "4876518f9e71663000c348837735820161a42df7" - }, - { - "ImportPath": "golang.org/x/net/trace", - "Rev": "4876518f9e71663000c348837735820161a42df7" - }, - { - "ImportPath": "golang.org/x/oauth2", - "Rev": "045497edb6234273d67dbc25da3f2ddbc4c4cacf" - }, - { - "ImportPath": "golang.org/x/oauth2/google", - "Rev": "045497edb6234273d67dbc25da3f2ddbc4c4cacf" - }, - { - "ImportPath": "golang.org/x/oauth2/internal", - "Rev": "045497edb6234273d67dbc25da3f2ddbc4c4cacf" - }, - { - "ImportPath": "golang.org/x/oauth2/jws", - "Rev": "045497edb6234273d67dbc25da3f2ddbc4c4cacf" - }, - { - "ImportPath": "golang.org/x/oauth2/jwt", - "Rev": "045497edb6234273d67dbc25da3f2ddbc4c4cacf" - }, - { - "ImportPath": "golang.org/x/time/rate", - "Rev": "a4bde12657593d5e90d0533a3e4fd95e635124cb" - }, - { - "ImportPath": "google.golang.org/api/gensupport", - "Rev": "9bf6e6e569ff057f75d9604a46c52928f17d2b54" - }, - { - "ImportPath": "google.golang.org/api/googleapi", - "Rev": "9bf6e6e569ff057f75d9604a46c52928f17d2b54" - }, - { - "ImportPath": "google.golang.org/api/googleapi/internal/uritemplates", - "Rev": "9bf6e6e569ff057f75d9604a46c52928f17d2b54" - }, - { - "ImportPath": "google.golang.org/api/storage/v1", - "Rev": "9bf6e6e569ff057f75d9604a46c52928f17d2b54" - }, - { - "ImportPath": "google.golang.org/appengine", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal/app_identity", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal/base", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal/datastore", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal/log", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal/modules", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/appengine/internal/remote_api", - "Rev": "12d5545dc1cfa6047a286d5e853841b6471f4c19" - }, - { - "ImportPath": "google.golang.org/cloud", - "Rev": "975617b05ea8a58727e6c1a06b6161ff4185a9f2" - }, - { - "ImportPath": "google.golang.org/cloud/compute/metadata", - "Rev": "975617b05ea8a58727e6c1a06b6161ff4185a9f2" - }, - { - "ImportPath": "google.golang.org/cloud/internal", - "Rev": "975617b05ea8a58727e6c1a06b6161ff4185a9f2" - }, - { - "ImportPath": "google.golang.org/cloud/internal/opts", - "Rev": "975617b05ea8a58727e6c1a06b6161ff4185a9f2" - }, - { - "ImportPath": "google.golang.org/cloud/storage", - "Rev": "975617b05ea8a58727e6c1a06b6161ff4185a9f2" - }, - { - "ImportPath": "google.golang.org/grpc", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/codes", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/credentials", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/grpclog", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/internal", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/metadata", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/naming", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/peer", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "google.golang.org/grpc/transport", - "Rev": "d3ddb4469d5a1b949fc7a7da7c1d6a0d1b6de994" - }, - { - "ImportPath": "gopkg.in/check.v1", - "Rev": "64131543e7896d5bcc6bd5a76287eb75ea96c673" - }, - { - "ImportPath": "gopkg.in/yaml.v2", - "Rev": "bef53efd0c76e49e6de55ead051f886bea7e9420" - }, - { - "ImportPath": "rsc.io/letsencrypt", - "Rev": "a019c9e6fce0c7132679dea13bd8df7c86ffe26c" - }, - { - "ImportPath": "rsc.io/letsencrypt/vendor/github.com/xenolf/lego/acme", - "Rev": "a019c9e6fce0c7132679dea13bd8df7c86ffe26c" - }, - { - "ImportPath": "rsc.io/letsencrypt/vendor/gopkg.in/square/go-jose.v1", - "Rev": "a019c9e6fce0c7132679dea13bd8df7c86ffe26c" - }, - { - "ImportPath": "rsc.io/letsencrypt/vendor/gopkg.in/square/go-jose.v1/cipher", - "Rev": "a019c9e6fce0c7132679dea13bd8df7c86ffe26c" - }, - { - "ImportPath": "rsc.io/letsencrypt/vendor/gopkg.in/square/go-jose.v1/json", - "Rev": "a019c9e6fce0c7132679dea13bd8df7c86ffe26c" - } - ] -} diff --git a/vendor/github.com/docker/distribution/Godeps/Readme b/vendor/github.com/docker/distribution/Godeps/Readme deleted file mode 100644 index 4cdaa53d..00000000 --- a/vendor/github.com/docker/distribution/Godeps/Readme +++ /dev/null @@ -1,5 +0,0 @@ -This directory tree is generated automatically by godep. - -Please do not edit. - -See https://github.com/tools/godep for more information. diff --git a/vendor/github.com/docker/distribution/LICENSE b/vendor/github.com/docker/distribution/LICENSE deleted file mode 100644 index e06d2081..00000000 --- a/vendor/github.com/docker/distribution/LICENSE +++ /dev/null @@ -1,202 +0,0 @@ -Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "{}" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright {yyyy} {name of copyright owner} - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. - diff --git a/vendor/github.com/docker/distribution/MAINTAINERS b/vendor/github.com/docker/distribution/MAINTAINERS deleted file mode 100644 index bda40015..00000000 --- a/vendor/github.com/docker/distribution/MAINTAINERS +++ /dev/null @@ -1,58 +0,0 @@ -# Distribution maintainers file -# -# This file describes who runs the docker/distribution project and how. -# This is a living document - if you see something out of date or missing, speak up! -# -# It is structured to be consumable by both humans and programs. -# To extract its contents programmatically, use any TOML-compliant parser. -# -# This file is compiled into the MAINTAINERS file in docker/opensource. -# -[Org] - [Org."Core maintainers"] - people = [ - "aaronlehmann", - "dmcgowan", - "dmp42", - "richardscothern", - "shykes", - "stevvooe", - ] - -[people] - -# A reference list of all people associated with the project. -# All other sections should refer to people by their canonical key -# in the people section. - - # ADD YOURSELF HERE IN ALPHABETICAL ORDER - - [people.aaronlehmann] - Name = "Aaron Lehmann" - Email = "aaron.lehmann@docker.com" - GitHub = "aaronlehmann" - - [people.dmcgowan] - Name = "Derek McGowan" - Email = "derek@mcgstyle.net" - GitHub = "dmcgowan" - - [people.dmp42] - Name = "Olivier Gambier" - Email = "olivier@docker.com" - GitHub = "dmp42" - - [people.richardscothern] - Name = "Richard Scothern" - Email = "richard.scothern@gmail.com" - GitHub = "richardscothern" - - [people.shykes] - Name = "Solomon Hykes" - Email = "solomon@docker.com" - GitHub = "shykes" - - [people.stevvooe] - Name = "Stephen Day" - Email = "stephen.day@docker.com" - GitHub = "stevvooe" diff --git a/vendor/github.com/docker/distribution/Makefile b/vendor/github.com/docker/distribution/Makefile deleted file mode 100644 index 47b8f1d0..00000000 --- a/vendor/github.com/docker/distribution/Makefile +++ /dev/null @@ -1,109 +0,0 @@ -# Set an output prefix, which is the local directory if not specified -PREFIX?=$(shell pwd) - - -# Used to populate version variable in main package. -VERSION=$(shell git describe --match 'v[0-9]*' --dirty='.m' --always) - -# Allow turning off function inlining and variable registerization -ifeq (${DISABLE_OPTIMIZATION},true) - GO_GCFLAGS=-gcflags "-N -l" - VERSION:="$(VERSION)-noopt" -endif - -GO_LDFLAGS=-ldflags "-X `go list ./version`.Version=$(VERSION)" - -.PHONY: all build binaries clean dep-restore dep-save dep-validate fmt lint test test-full vet -.DEFAULT: all -all: fmt vet lint build test binaries - -AUTHORS: .mailmap .git/HEAD - git log --format='%aN <%aE>' | sort -fu > $@ - -# This only needs to be generated by hand when cutting full releases. -version/version.go: - ./version/version.sh > $@ - -# Required for go 1.5 to build -GO15VENDOREXPERIMENT := 1 - -# Go files -GOFILES=$(shell find . -type f -name '*.go') - -# Package list -PKGS=$(shell go list -tags "${DOCKER_BUILDTAGS}" ./... | grep -v ^github.com/docker/distribution/vendor/) - -# Resolving binary dependencies for specific targets -GOLINT=$(shell which golint || echo '') -GODEP=$(shell which godep || echo '') - -${PREFIX}/bin/registry: $(GOFILES) - @echo "+ $@" - @go build -tags "${DOCKER_BUILDTAGS}" -o $@ ${GO_LDFLAGS} ${GO_GCFLAGS} ./cmd/registry - -${PREFIX}/bin/digest: $(GOFILES) - @echo "+ $@" - @go build -tags "${DOCKER_BUILDTAGS}" -o $@ ${GO_LDFLAGS} ${GO_GCFLAGS} ./cmd/digest - -${PREFIX}/bin/registry-api-descriptor-template: $(GOFILES) - @echo "+ $@" - @go build -o $@ ${GO_LDFLAGS} ${GO_GCFLAGS} ./cmd/registry-api-descriptor-template - -docs/spec/api.md: docs/spec/api.md.tmpl ${PREFIX}/bin/registry-api-descriptor-template - ./bin/registry-api-descriptor-template $< > $@ - -vet: - @echo "+ $@" - @go vet -tags "${DOCKER_BUILDTAGS}" $(PKGS) - -fmt: - @echo "+ $@" - @test -z "$$(gofmt -s -l . 2>&1 | grep -v ^vendor/ | tee /dev/stderr)" || \ - (echo >&2 "+ please format Go code with 'gofmt -s'" && false) - -lint: - @echo "+ $@" - $(if $(GOLINT), , \ - $(error Please install golint: `go get -u github.com/golang/lint/golint`)) - @test -z "$$($(GOLINT) ./... 2>&1 | grep -v ^vendor/ | tee /dev/stderr)" - -build: - @echo "+ $@" - @go build -tags "${DOCKER_BUILDTAGS}" -v ${GO_LDFLAGS} $(PKGS) - -test: - @echo "+ $@" - @go test -test.short -tags "${DOCKER_BUILDTAGS}" $(PKGS) - -test-full: - @echo "+ $@" - @go test -tags "${DOCKER_BUILDTAGS}" $(PKGS) - -binaries: ${PREFIX}/bin/registry ${PREFIX}/bin/digest ${PREFIX}/bin/registry-api-descriptor-template - @echo "+ $@" - -clean: - @echo "+ $@" - @rm -rf "${PREFIX}/bin/registry" "${PREFIX}/bin/digest" "${PREFIX}/bin/registry-api-descriptor-template" - -dep-save: - @echo "+ $@" - $(if $(GODEP), , \ - $(error Please install godep: go get github.com/tools/godep)) - @$(GODEP) save $(PKGS) - -dep-restore: - @echo "+ $@" - $(if $(GODEP), , \ - $(error Please install godep: go get github.com/tools/godep)) - @$(GODEP) restore -v - -dep-validate: dep-restore - @echo "+ $@" - @rm -Rf .vendor.bak - @mv vendor .vendor.bak - @rm -Rf Godeps - @$(GODEP) save ./... - @test -z "$$(diff -r vendor .vendor.bak 2>&1 | tee /dev/stderr)" || \ - (echo >&2 "+ borked dependencies! what you have in Godeps/Godeps.json does not match with what you have in vendor" && false) - @rm -Rf .vendor.bak diff --git a/vendor/github.com/docker/distribution/README.md b/vendor/github.com/docker/distribution/README.md deleted file mode 100644 index a6e8db0f..00000000 --- a/vendor/github.com/docker/distribution/README.md +++ /dev/null @@ -1,131 +0,0 @@ -# Distribution - -The Docker toolset to pack, ship, store, and deliver content. - -This repository's main product is the Docker Registry 2.0 implementation -for storing and distributing Docker images. It supersedes the -[docker/docker-registry](https://github.com/docker/docker-registry) -project with a new API design, focused around security and performance. - - - -[![Circle CI](https://circleci.com/gh/docker/distribution/tree/master.svg?style=svg)](https://circleci.com/gh/docker/distribution/tree/master) -[![GoDoc](https://godoc.org/github.com/docker/distribution?status.svg)](https://godoc.org/github.com/docker/distribution) - -This repository contains the following components: - -|**Component** |Description | -|--------------------|----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| **registry** | An implementation of the [Docker Registry HTTP API V2](docs/spec/api.md) for use with docker 1.6+. | -| **libraries** | A rich set of libraries for interacting with distribution components. Please see [godoc](https://godoc.org/github.com/docker/distribution) for details. **Note**: These libraries are **unstable**. | -| **specifications** | _Distribution_ related specifications are available in [docs/spec](docs/spec) | -| **documentation** | Docker's full documentation set is available at [docs.docker.com](https://docs.docker.com). This repository [contains the subset](docs/) related just to the registry. | - -### How does this integrate with Docker engine? - -This project should provide an implementation to a V2 API for use in the [Docker -core project](https://github.com/docker/docker). The API should be embeddable -and simplify the process of securely pulling and pushing content from `docker` -daemons. - -### What are the long term goals of the Distribution project? - -The _Distribution_ project has the further long term goal of providing a -secure tool chain for distributing content. The specifications, APIs and tools -should be as useful with Docker as they are without. - -Our goal is to design a professional grade and extensible content distribution -system that allow users to: - -* Enjoy an efficient, secured and reliable way to store, manage, package and - exchange content -* Hack/roll their own on top of healthy open-source components -* Implement their own home made solution through good specs, and solid - extensions mechanism. - -## More about Registry 2.0 - -The new registry implementation provides the following benefits: - -- faster push and pull -- new, more efficient implementation -- simplified deployment -- pluggable storage backend -- webhook notifications - -For information on upcoming functionality, please see [ROADMAP.md](ROADMAP.md). - -### Who needs to deploy a registry? - -By default, Docker users pull images from Docker's public registry instance. -[Installing Docker](https://docs.docker.com/engine/installation/) gives users this -ability. Users can also push images to a repository on Docker's public registry, -if they have a [Docker Hub](https://hub.docker.com/) account. - -For some users and even companies, this default behavior is sufficient. For -others, it is not. - -For example, users with their own software products may want to maintain a -registry for private, company images. Also, you may wish to deploy your own -image repository for images used to test or in continuous integration. For these -use cases and others, [deploying your own registry instance](https://github.com/docker/docker.github.io/blob/master/registry/deploying.md) -may be the better choice. - -### Migration to Registry 2.0 - -For those who have previously deployed their own registry based on the Registry -1.0 implementation and wish to deploy a Registry 2.0 while retaining images, -data migration is required. A tool to assist with migration efforts has been -created. For more information see [docker/migrator] -(https://github.com/docker/migrator). - -## Contribute - -Please see [CONTRIBUTING.md](CONTRIBUTING.md) for details on how to contribute -issues, fixes, and patches to this project. If you are contributing code, see -the instructions for [building a development environment](BUILDING.md). - -## Support - -If any issues are encountered while using the _Distribution_ project, several -avenues are available for support: - - - - - - - - - - - - - - - - - - -
- IRC - - #docker-distribution on FreeNode -
- Issue Tracker - - github.com/docker/distribution/issues -
- Google Groups - - https://groups.google.com/a/dockerproject.org/forum/#!forum/distribution -
- Mailing List - - docker@dockerproject.org -
- - -## License - -This project is distributed under [Apache License, Version 2.0](LICENSE). diff --git a/vendor/github.com/docker/distribution/RELEASE-CHECKLIST.md b/vendor/github.com/docker/distribution/RELEASE-CHECKLIST.md deleted file mode 100644 index 49235cec..00000000 --- a/vendor/github.com/docker/distribution/RELEASE-CHECKLIST.md +++ /dev/null @@ -1,36 +0,0 @@ -## Registry Release Checklist - -10. Compile release notes detailing features and since the last release. Update the `CHANGELOG.md` file. - -20. Update the version file: `https://github.com/docker/distribution/blob/master/version/version.go` - -30. Update the `MAINTAINERS` (if necessary), `AUTHORS` and `.mailmap` files. - - ``` -make AUTHORS -``` - -40. Create a signed tag. - - Distribution uses semantic versioning. Tags are of the format `vx.y.z[-rcn]` -You will need PGP installed and a PGP key which has been added to your Github account. The comment for the tag should include the release notes. - -50. Push the signed tag - -60. Create a new [release](https://github.com/docker/distribution/releases). In the case of a release candidate, tick the `pre-release` checkbox. - -70. Update the registry binary in [distribution library image repo](https://github.com/docker/distribution-library-image) by running the update script and opening a pull request. - -80. Update the official image. Add the new version in the [official images repo](https://github.com/docker-library/official-images) by appending a new version to the `registry/registry` file with the git hash pointed to by the signed tag. Update the major version to point to the latest version and the minor version to point to new patch release if necessary. -e.g. to release `2.3.1` - - `2.3.1 (new)` - - `2.3.0 -> 2.3.0` can be removed - - `2 -> 2.3.1` - - `2.3 -> 2.3.1` - -90. Build a new distribution/registry image on [Docker hub](https://hub.docker.com/u/distribution/dashboard) by adding a new automated build with the new tag and re-building the images. - diff --git a/vendor/github.com/docker/distribution/ROADMAP.md b/vendor/github.com/docker/distribution/ROADMAP.md deleted file mode 100644 index 701127af..00000000 --- a/vendor/github.com/docker/distribution/ROADMAP.md +++ /dev/null @@ -1,267 +0,0 @@ -# Roadmap - -The Distribution Project consists of several components, some of which are -still being defined. This document defines the high-level goals of the -project, identifies the current components, and defines the release- -relationship to the Docker Platform. - -* [Distribution Goals](#distribution-goals) -* [Distribution Components](#distribution-components) -* [Project Planning](#project-planning): release-relationship to the Docker Platform. - -This road map is a living document, providing an overview of the goals and -considerations made in respect of the future of the project. - -## Distribution Goals - -- Replace the existing [docker registry](github.com/docker/docker-registry) - implementation as the primary implementation. -- Replace the existing push and pull code in the docker engine with the - distribution package. -- Define a strong data model for distributing docker images -- Provide a flexible distribution tool kit for use in the docker platform -- Unlock new distribution models - -## Distribution Components - -Components of the Distribution Project are managed via github [milestones](https://github.com/docker/distribution/milestones). Upcoming -features and bugfixes for a component will be added to the relevant milestone. If a feature or -bugfix is not part of a milestone, it is currently unscheduled for -implementation. - -* [Registry](#registry) -* [Distribution Package](#distribution-package) - -*** - -### Registry - -The new Docker registry is the main portion of the distribution repository. -Registry 2.0 is the first release of the next-generation registry. This was -primarily focused on implementing the [new registry -API](https://github.com/docker/distribution/blob/master/docs/spec/api.md), -with a focus on security and performance. - -Following from the Distribution project goals above, we have a set of goals -for registry v2 that we would like to follow in the design. New features -should be compared against these goals. - -#### Data Storage and Distribution First - -The registry's first goal is to provide a reliable, consistent storage -location for Docker images. The registry should only provide the minimal -amount of indexing required to fetch image data and no more. - -This means we should be selective in new features and API additions, including -those that may require expensive, ever growing indexes. Requests should be -servable in "constant time". - -#### Content Addressability - -All data objects used in the registry API should be content addressable. -Content identifiers should be secure and verifiable. This provides a secure, -reliable base from which to build more advanced content distribution systems. - -#### Content Agnostic - -In the past, changes to the image format would require large changes in Docker -and the Registry. By decoupling the distribution and image format, we can -allow the formats to progress without having to coordinate between the two. -This means that we should be focused on decoupling Docker from the registry -just as much as decoupling the registry from Docker. Such an approach will -allow us to unlock new distribution models that haven't been possible before. - -We can take this further by saying that the new registry should be content -agnostic. The registry provides a model of names, tags, manifests and content -addresses and that model can be used to work with content. - -#### Simplicity - -The new registry should be closer to a microservice component than its -predecessor. This means it should have a narrower API and a low number of -service dependencies. It should be easy to deploy. - -This means that other solutions should be explored before changing the API or -adding extra dependencies. If functionality is required, can it be added as an -extension or companion service. - -#### Extensibility - -The registry should provide extension points to add functionality. By keeping -the scope narrow, but providing the ability to add functionality. - -Features like search, indexing, synchronization and registry explorers fall -into this category. No such feature should be added unless we've found it -impossible to do through an extension. - -#### Active Feature Discussions - -The following are feature discussions that are currently active. - -If you don't see your favorite, unimplemented feature, feel free to contact us -via IRC or the mailing list and we can talk about adding it. The goal here is -to make sure that new features go through a rigid design process before -landing in the registry. - -##### Proxying to other Registries - -A _pull-through caching_ mode exists for the registry, but is restricted from -within the docker client to only mirror the official Docker Hub. This functionality -can be expanded when image provenance has been specified and implemented in the -distribution project. - -##### Metadata storage - -Metadata for the registry is currently stored with the manifest and layer data on -the storage backend. While this is a big win for simplicity and reliably maintaining -state, it comes with the cost of consistency and high latency. The mutable registry -metadata operations should be abstracted behind an API which will allow ACID compliant -storage systems to handle metadata. - -##### Peer to Peer transfer - -Discussion has started here: https://docs.google.com/document/d/1rYDpSpJiQWmCQy8Cuiaa3NH-Co33oK_SC9HeXYo87QA/edit - -##### Indexing, Search and Discovery - -The original registry provided some implementation of search for use with -private registries. Support has been elided from V2 since we'd like to both -decouple search functionality from the registry. The makes the registry -simpler to deploy, especially in use cases where search is not needed, and -let's us decouple the image format from the registry. - -There are explorations into using the catalog API and notification system to -build external indexes. The current line of thought is that we will define a -common search API to index and query docker images. Such a system could be run -as a companion to a registry or set of registries to power discovery. - -The main issue with search and discovery is that there are so many ways to -accomplish it. There are two aspects to this project. The first is deciding on -how it will be done, including an API definition that can work with changing -data formats. The second is the process of integrating with `docker search`. -We expect that someone attempts to address the problem with the existing tools -and propose it as a standard search API or uses it to inform a standardization -process. Once this has been explored, we integrate with the docker client. - -Please see the following for more detail: - -- https://github.com/docker/distribution/issues/206 - -##### Deletes - -> __NOTE:__ Deletes are a much asked for feature. Before requesting this -feature or participating in discussion, we ask that you read this section in -full and understand the problems behind deletes. - -While, at first glance, implementing deleting seems simple, there are a number -mitigating factors that make many solutions not ideal or even pathological in -the context of a registry. The following paragraph discuss the background and -approaches that could be applied to arrive at a solution. - -The goal of deletes in any system is to remove unused or unneeded data. Only -data requested for deletion should be removed and no other data. Removing -unintended data is worse than _not_ removing data that was requested for -removal but ideally, both are supported. Generally, according to this rule, we -err on holding data longer than needed, ensuring that it is only removed when -we can be certain that it can be removed. With the current behavior, we opt to -hold onto the data forever, ensuring that data cannot be incorrectly removed. - -To understand the problems with implementing deletes, one must understand the -data model. All registry data is stored in a filesystem layout, implemented on -a "storage driver", effectively a _virtual file system_ (VFS). The storage -system must assume that this VFS layer will be eventually consistent and has -poor read- after-write consistency, since this is the lower common denominator -among the storage drivers. This is mitigated by writing values in reverse- -dependent order, but makes wider transactional operations unsafe. - -Layered on the VFS model is a content-addressable _directed, acyclic graph_ -(DAG) made up of blobs. Manifests reference layers. Tags reference manifests. -Since the same data can be referenced by multiple manifests, we only store -data once, even if it is in different repositories. Thus, we have a set of -blobs, referenced by tags and manifests. If we want to delete a blob we need -to be certain that it is no longer referenced by another manifest or tag. When -we delete a manifest, we also can try to delete the referenced blobs. Deciding -whether or not a blob has an active reference is the crux of the problem. - -Conceptually, deleting a manifest and its resources is quite simple. Just find -all the manifests, enumerate the referenced blobs and delete the blobs not in -that set. An astute observer will recognize this as a garbage collection -problem. As with garbage collection in programming languages, this is very -simple when one always has a consistent view. When one adds parallelism and an -inconsistent view of data, it becomes very challenging. - -A simple example can demonstrate this. Let's say we are deleting a manifest -_A_ in one process. We scan the manifest and decide that all the blobs are -ready for deletion. Concurrently, we have another process accepting a new -manifest _B_ referencing one or more blobs from the manifest _A_. Manifest _B_ -is accepted and all the blobs are considered present, so the operation -proceeds. The original process then deletes the referenced blobs, assuming -they were unreferenced. The manifest _B_, which we thought had all of its data -present, can no longer be served by the registry, since the dependent data has -been deleted. - -Deleting data from the registry safely requires some way to coordinate this -operation. The following approaches are being considered: - -- _Reference Counting_ - Maintain a count of references to each blob. This is - challenging for a number of reasons: 1. maintaining a consistent consensus - of reference counts across a set of Registries and 2. Building the initial - list of reference counts for an existing registry. These challenges can be - met with a consensus protocol like Paxos or Raft in the first case and a - necessary but simple scan in the second.. -- _Lock the World GC_ - Halt all writes to the data store. Walk the data store - and find all blob references. Delete all unreferenced blobs. This approach - is very simple but requires disabling writes for a period of time while the - service reads all data. This is slow and expensive but very accurate and - effective. -- _Generational GC_ - Do something similar to above but instead of blocking - writes, writes are sent to another storage backend while reads are broadcast - to the new and old backends. GC is then performed on the read-only portion. - Because writes land in the new backend, the data in the read-only section - can be safely deleted. The main drawbacks of this approach are complexity - and coordination. -- _Centralized Oracle_ - Using a centralized, transactional database, we can - know exactly which data is referenced at any given time. This avoids - coordination problem by managing this data in a single location. We trade - off metadata scalability for simplicity and performance. This is a very good - option for most registry deployments. This would create a bottleneck for - registry metadata. However, metadata is generally not the main bottleneck - when serving images. - -Please let us know if other solutions exist that we have yet to enumerate. -Note that for any approach, implementation is a massive consideration. For -example, a mark-sweep based solution may seem simple but the amount of work in -coordination offset the extra work it might take to build a _Centralized -Oracle_. We'll accept proposals for any solution but please coordinate with us -before dropping code. - -At this time, we have traded off simplicity and ease of deployment for disk -space. Simplicity and ease of deployment tend to reduce developer involvement, -which is currently the most expensive resource in software engineering. Taking -on any solution for deletes will greatly effect these factors, trading off -very cheap disk space for a complex deployment and operational story. - -Please see the following issues for more detail: - -- https://github.com/docker/distribution/issues/422 -- https://github.com/docker/distribution/issues/461 -- https://github.com/docker/distribution/issues/462 - -### Distribution Package - -At its core, the Distribution Project is a set of Go packages that make up -Distribution Components. At this time, most of these packages make up the -Registry implementation. - -The package itself is considered unstable. If you're using it, please take care to vendor the dependent version. - -For feature additions, please see the Registry section. In the future, we may break out a -separate Roadmap for distribution-specific features that apply to more than -just the registry. - -*** - -### Project Planning - -An [Open-Source Planning Process](https://github.com/docker/distribution/wiki/Open-Source-Planning-Process) is used to define the Roadmap. [Project Pages](https://github.com/docker/distribution/wiki) define the goals for each Milestone and identify current progress. - diff --git a/vendor/github.com/docker/distribution/blobs.go b/vendor/github.com/docker/distribution/blobs.go deleted file mode 100644 index 1f91ae21..00000000 --- a/vendor/github.com/docker/distribution/blobs.go +++ /dev/null @@ -1,257 +0,0 @@ -package distribution - -import ( - "errors" - "fmt" - "io" - "net/http" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" -) - -var ( - // ErrBlobExists returned when blob already exists - ErrBlobExists = errors.New("blob exists") - - // ErrBlobDigestUnsupported when blob digest is an unsupported version. - ErrBlobDigestUnsupported = errors.New("unsupported blob digest") - - // ErrBlobUnknown when blob is not found. - ErrBlobUnknown = errors.New("unknown blob") - - // ErrBlobUploadUnknown returned when upload is not found. - ErrBlobUploadUnknown = errors.New("blob upload unknown") - - // ErrBlobInvalidLength returned when the blob has an expected length on - // commit, meaning mismatched with the descriptor or an invalid value. - ErrBlobInvalidLength = errors.New("blob invalid length") -) - -// ErrBlobInvalidDigest returned when digest check fails. -type ErrBlobInvalidDigest struct { - Digest digest.Digest - Reason error -} - -func (err ErrBlobInvalidDigest) Error() string { - return fmt.Sprintf("invalid digest for referenced layer: %v, %v", - err.Digest, err.Reason) -} - -// ErrBlobMounted returned when a blob is mounted from another repository -// instead of initiating an upload session. -type ErrBlobMounted struct { - From reference.Canonical - Descriptor Descriptor -} - -func (err ErrBlobMounted) Error() string { - return fmt.Sprintf("blob mounted from: %v to: %v", - err.From, err.Descriptor) -} - -// Descriptor describes targeted content. Used in conjunction with a blob -// store, a descriptor can be used to fetch, store and target any kind of -// blob. The struct also describes the wire protocol format. Fields should -// only be added but never changed. -type Descriptor struct { - // MediaType describe the type of the content. All text based formats are - // encoded as utf-8. - MediaType string `json:"mediaType,omitempty"` - - // Size in bytes of content. - Size int64 `json:"size,omitempty"` - - // Digest uniquely identifies the content. A byte stream can be verified - // against against this digest. - Digest digest.Digest `json:"digest,omitempty"` - - // URLs contains the source URLs of this content. - URLs []string `json:"urls,omitempty"` - - // NOTE: Before adding a field here, please ensure that all - // other options have been exhausted. Much of the type relationships - // depend on the simplicity of this type. -} - -// Descriptor returns the descriptor, to make it satisfy the Describable -// interface. Note that implementations of Describable are generally objects -// which can be described, not simply descriptors; this exception is in place -// to make it more convenient to pass actual descriptors to functions that -// expect Describable objects. -func (d Descriptor) Descriptor() Descriptor { - return d -} - -// BlobStatter makes blob descriptors available by digest. The service may -// provide a descriptor of a different digest if the provided digest is not -// canonical. -type BlobStatter interface { - // Stat provides metadata about a blob identified by the digest. If the - // blob is unknown to the describer, ErrBlobUnknown will be returned. - Stat(ctx context.Context, dgst digest.Digest) (Descriptor, error) -} - -// BlobDeleter enables deleting blobs from storage. -type BlobDeleter interface { - Delete(ctx context.Context, dgst digest.Digest) error -} - -// BlobEnumerator enables iterating over blobs from storage -type BlobEnumerator interface { - Enumerate(ctx context.Context, ingester func(dgst digest.Digest) error) error -} - -// BlobDescriptorService manages metadata about a blob by digest. Most -// implementations will not expose such an interface explicitly. Such mappings -// should be maintained by interacting with the BlobIngester. Hence, this is -// left off of BlobService and BlobStore. -type BlobDescriptorService interface { - BlobStatter - - // SetDescriptor assigns the descriptor to the digest. The provided digest and - // the digest in the descriptor must map to identical content but they may - // differ on their algorithm. The descriptor must have the canonical - // digest of the content and the digest algorithm must match the - // annotators canonical algorithm. - // - // Such a facility can be used to map blobs between digest domains, with - // the restriction that the algorithm of the descriptor must match the - // canonical algorithm (ie sha256) of the annotator. - SetDescriptor(ctx context.Context, dgst digest.Digest, desc Descriptor) error - - // Clear enables descriptors to be unlinked - Clear(ctx context.Context, dgst digest.Digest) error -} - -// BlobDescriptorServiceFactory creates middleware for BlobDescriptorService. -type BlobDescriptorServiceFactory interface { - BlobAccessController(svc BlobDescriptorService) BlobDescriptorService -} - -// ReadSeekCloser is the primary reader type for blob data, combining -// io.ReadSeeker with io.Closer. -type ReadSeekCloser interface { - io.ReadSeeker - io.Closer -} - -// BlobProvider describes operations for getting blob data. -type BlobProvider interface { - // Get returns the entire blob identified by digest along with the descriptor. - Get(ctx context.Context, dgst digest.Digest) ([]byte, error) - - // Open provides a ReadSeekCloser to the blob identified by the provided - // descriptor. If the blob is not known to the service, an error will be - // returned. - Open(ctx context.Context, dgst digest.Digest) (ReadSeekCloser, error) -} - -// BlobServer can serve blobs via http. -type BlobServer interface { - // ServeBlob attempts to serve the blob, identifed by dgst, via http. The - // service may decide to redirect the client elsewhere or serve the data - // directly. - // - // This handler only issues successful responses, such as 2xx or 3xx, - // meaning it serves data or issues a redirect. If the blob is not - // available, an error will be returned and the caller may still issue a - // response. - // - // The implementation may serve the same blob from a different digest - // domain. The appropriate headers will be set for the blob, unless they - // have already been set by the caller. - ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error -} - -// BlobIngester ingests blob data. -type BlobIngester interface { - // Put inserts the content p into the blob service, returning a descriptor - // or an error. - Put(ctx context.Context, mediaType string, p []byte) (Descriptor, error) - - // Create allocates a new blob writer to add a blob to this service. The - // returned handle can be written to and later resumed using an opaque - // identifier. With this approach, one can Close and Resume a BlobWriter - // multiple times until the BlobWriter is committed or cancelled. - Create(ctx context.Context, options ...BlobCreateOption) (BlobWriter, error) - - // Resume attempts to resume a write to a blob, identified by an id. - Resume(ctx context.Context, id string) (BlobWriter, error) -} - -// BlobCreateOption is a general extensible function argument for blob creation -// methods. A BlobIngester may choose to honor any or none of the given -// BlobCreateOptions, which can be specific to the implementation of the -// BlobIngester receiving them. -// TODO (brianbland): unify this with ManifestServiceOption in the future -type BlobCreateOption interface { - Apply(interface{}) error -} - -// CreateOptions is a collection of blob creation modifiers relevant to general -// blob storage intended to be configured by the BlobCreateOption.Apply method. -type CreateOptions struct { - Mount struct { - ShouldMount bool - From reference.Canonical - // Stat allows to pass precalculated descriptor to link and return. - // Blob access check will be skipped if set. - Stat *Descriptor - } -} - -// BlobWriter provides a handle for inserting data into a blob store. -// Instances should be obtained from BlobWriteService.Writer and -// BlobWriteService.Resume. If supported by the store, a writer can be -// recovered with the id. -type BlobWriter interface { - io.WriteCloser - io.ReaderFrom - - // Size returns the number of bytes written to this blob. - Size() int64 - - // ID returns the identifier for this writer. The ID can be used with the - // Blob service to later resume the write. - ID() string - - // StartedAt returns the time this blob write was started. - StartedAt() time.Time - - // Commit completes the blob writer process. The content is verified - // against the provided provisional descriptor, which may result in an - // error. Depending on the implementation, written data may be validated - // against the provisional descriptor fields. If MediaType is not present, - // the implementation may reject the commit or assign "application/octet- - // stream" to the blob. The returned descriptor may have a different - // digest depending on the blob store, referred to as the canonical - // descriptor. - Commit(ctx context.Context, provisional Descriptor) (canonical Descriptor, err error) - - // Cancel ends the blob write without storing any data and frees any - // associated resources. Any data written thus far will be lost. Cancel - // implementations should allow multiple calls even after a commit that - // result in a no-op. This allows use of Cancel in a defer statement, - // increasing the assurance that it is correctly called. - Cancel(ctx context.Context) error -} - -// BlobService combines the operations to access, read and write blobs. This -// can be used to describe remote blob services. -type BlobService interface { - BlobStatter - BlobProvider - BlobIngester -} - -// BlobStore represent the entire suite of blob related operations. Such an -// implementation can access, read, write, delete and serve blobs. -type BlobStore interface { - BlobService - BlobServer - BlobDeleter -} diff --git a/vendor/github.com/docker/distribution/circle.yml b/vendor/github.com/docker/distribution/circle.yml deleted file mode 100644 index 61f8be0c..00000000 --- a/vendor/github.com/docker/distribution/circle.yml +++ /dev/null @@ -1,93 +0,0 @@ -# Pony-up! -machine: - pre: - # Install gvm - - bash < <(curl -s -S -L https://raw.githubusercontent.com/moovweb/gvm/1.0.22/binscripts/gvm-installer) - # Install codecov for coverage - - pip install --user codecov - - post: - # go - - gvm install go1.7 --prefer-binary --name=stable - - environment: - # Convenient shortcuts to "common" locations - CHECKOUT: /home/ubuntu/$CIRCLE_PROJECT_REPONAME - BASE_DIR: src/github.com/$CIRCLE_PROJECT_USERNAME/$CIRCLE_PROJECT_REPONAME - # Trick circle brainflat "no absolute path" behavior - BASE_STABLE: ../../../$HOME/.gvm/pkgsets/stable/global/$BASE_DIR - DOCKER_BUILDTAGS: "include_oss include_gcs" - # Workaround Circle parsing dumb bugs and/or YAML wonkyness - CIRCLE_PAIN: "mode: set" - - hosts: - # Not used yet - fancy: 127.0.0.1 - -dependencies: - pre: - # Copy the code to the gopath of all go versions - - > - gvm use stable && - mkdir -p "$(dirname $BASE_STABLE)" && - cp -R "$CHECKOUT" "$BASE_STABLE" - - override: - # Install dependencies for every copied clone/go version - - gvm use stable && go get github.com/tools/godep: - pwd: $BASE_STABLE - - post: - # For the stable go version, additionally install linting tools - - > - gvm use stable && - go get github.com/axw/gocov/gocov github.com/golang/lint/golint - -test: - pre: - # Output the go versions we are going to test - # - gvm use old && go version - - gvm use stable && go version - - # todo(richard): replace with a more robust vendoring solution. Removed due to a fundamental disagreement in godep philosophies. - # Ensure validation of dependencies - # - gvm use stable && if test -n "`git diff --stat=1000 master | grep -Ei \"vendor|godeps\"`"; then make dep-validate; fi: - # pwd: $BASE_STABLE - - # First thing: build everything. This will catch compile errors, and it's - # also necessary for go vet to work properly (see #807). - - gvm use stable && godep go install $(go list ./... | grep -v "/vendor/"): - pwd: $BASE_STABLE - - # FMT - - gvm use stable && make fmt: - pwd: $BASE_STABLE - - # VET - - gvm use stable && make vet: - pwd: $BASE_STABLE - - # LINT - - gvm use stable && make lint: - pwd: $BASE_STABLE - - override: - # Test stable, and report - - gvm use stable; export ROOT_PACKAGE=$(go list .); go list -tags "$DOCKER_BUILDTAGS" ./... | grep -v "/vendor/" | xargs -L 1 -I{} bash -c 'export PACKAGE={}; godep go test -tags "$DOCKER_BUILDTAGS" -test.short -coverprofile=$GOPATH/src/$PACKAGE/coverage.out -coverpkg=$(./coverpkg.sh $PACKAGE $ROOT_PACKAGE) $PACKAGE': - timeout: 1000 - pwd: $BASE_STABLE - - # Test stable with race - - gvm use stable; export ROOT_PACKAGE=$(go list .); go list -tags "$DOCKER_BUILDTAGS" ./... | grep -v "/vendor/" | grep -v "registry/handlers" | grep -v "registry/storage/driver" | xargs -L 1 -I{} bash -c 'export PACKAGE={}; godep go test -race -tags "$DOCKER_BUILDTAGS" -test.short $PACKAGE': - timeout: 1000 - pwd: $BASE_STABLE - post: - # Report to codecov - - bash <(curl -s https://codecov.io/bash): - pwd: $BASE_STABLE - - ## Notes - # Do we want these as well? - # - go get code.google.com/p/go.tools/cmd/goimports - # - test -z "$(goimports -l -w ./... | tee /dev/stderr)" - # http://labix.org/gocheck diff --git a/vendor/github.com/docker/distribution/cmd/digest/main.go b/vendor/github.com/docker/distribution/cmd/digest/main.go deleted file mode 100644 index 49426a88..00000000 --- a/vendor/github.com/docker/distribution/cmd/digest/main.go +++ /dev/null @@ -1,97 +0,0 @@ -package main - -import ( - "flag" - "fmt" - "io" - "log" - "os" - - "github.com/docker/distribution/digest" - "github.com/docker/distribution/version" -) - -var ( - algorithm = digest.Canonical - showVersion bool -) - -type job struct { - name string - reader io.Reader -} - -func init() { - flag.Var(&algorithm, "a", "select the digest algorithm (shorthand)") - flag.Var(&algorithm, "algorithm", "select the digest algorithm") - flag.BoolVar(&showVersion, "version", false, "show the version and exit") - - log.SetFlags(0) - log.SetPrefix(os.Args[0] + ": ") -} - -func usage() { - fmt.Fprintf(os.Stderr, "usage: %s [files...]\n", os.Args[0]) - fmt.Fprintf(os.Stderr, ` -Calculate the digest of one or more input files, emitting the result -to standard out. If no files are provided, the digest of stdin will -be calculated. - -`) - flag.PrintDefaults() -} - -func unsupported() { - log.Fatalf("unsupported digest algorithm: %v", algorithm) -} - -func main() { - var jobs []job - - flag.Usage = usage - flag.Parse() - if showVersion { - version.PrintVersion() - return - } - - var fail bool // if we fail on one item, foul the exit code - if flag.NArg() > 0 { - for _, path := range flag.Args() { - fp, err := os.Open(path) - - if err != nil { - log.Printf("%s: %v", path, err) - fail = true - continue - } - defer fp.Close() - - jobs = append(jobs, job{name: path, reader: fp}) - } - } else { - // just read stdin - jobs = append(jobs, job{name: "-", reader: os.Stdin}) - } - - digestFn := algorithm.FromReader - - if !algorithm.Available() { - unsupported() - } - - for _, job := range jobs { - dgst, err := digestFn(job.reader) - if err != nil { - log.Printf("%s: %v", job.name, err) - fail = true - continue - } - - fmt.Printf("%v\t%s\n", dgst, job.name) - } - - if fail { - os.Exit(1) - } -} diff --git a/vendor/github.com/docker/distribution/cmd/registry-api-descriptor-template/main.go b/vendor/github.com/docker/distribution/cmd/registry-api-descriptor-template/main.go deleted file mode 100644 index e9cbc42a..00000000 --- a/vendor/github.com/docker/distribution/cmd/registry-api-descriptor-template/main.go +++ /dev/null @@ -1,131 +0,0 @@ -// registry-api-descriptor-template uses the APIDescriptor defined in the -// api/v2 package to execute templates passed to the command line. -// -// For example, to generate a new API specification, one would execute the -// following command from the repo root: -// -// $ registry-api-descriptor-template docs/spec/api.md.tmpl > docs/spec/api.md -// -// The templates are passed in the api/v2.APIDescriptor object. Please see the -// package documentation for fields available on that object. The template -// syntax is from Go's standard library text/template package. For information -// on Go's template syntax, please see golang.org/pkg/text/template. -package main - -import ( - "log" - "net/http" - "os" - "path/filepath" - "regexp" - "text/template" - - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" -) - -var spaceRegex = regexp.MustCompile(`\n\s*`) - -func main() { - - if len(os.Args) != 2 { - log.Fatalln("please specify a template to execute.") - } - - path := os.Args[1] - filename := filepath.Base(path) - - funcMap := template.FuncMap{ - "removenewlines": func(s string) string { - return spaceRegex.ReplaceAllString(s, " ") - }, - "statustext": http.StatusText, - "prettygorilla": prettyGorillaMuxPath, - } - - tmpl := template.Must(template.New(filename).Funcs(funcMap).ParseFiles(path)) - - data := struct { - RouteDescriptors []v2.RouteDescriptor - ErrorDescriptors []errcode.ErrorDescriptor - }{ - RouteDescriptors: v2.APIDescriptor.RouteDescriptors, - ErrorDescriptors: append(errcode.GetErrorCodeGroup("registry.api.v2"), - // The following are part of the specification but provided by errcode default. - errcode.ErrorCodeUnauthorized.Descriptor(), - errcode.ErrorCodeDenied.Descriptor(), - errcode.ErrorCodeUnsupported.Descriptor()), - } - - if err := tmpl.Execute(os.Stdout, data); err != nil { - log.Fatalln(err) - } -} - -// prettyGorillaMuxPath removes the regular expressions from a gorilla/mux -// route string, making it suitable for documentation. -func prettyGorillaMuxPath(s string) string { - // Stateful parser that removes regular expressions from gorilla - // routes. It correctly handles balanced bracket pairs. - - var output string - var label string - var level int - -start: - if s[0] == '{' { - s = s[1:] - level++ - goto capture - } - - output += string(s[0]) - s = s[1:] - - goto end -capture: - switch s[0] { - case '{': - level++ - case '}': - level-- - - if level == 0 { - s = s[1:] - goto label - } - case ':': - s = s[1:] - goto skip - default: - label += string(s[0]) - } - s = s[1:] - goto capture -skip: - switch s[0] { - case '{': - level++ - case '}': - level-- - } - s = s[1:] - - if level == 0 { - goto label - } - - goto skip -label: - if label != "" { - output += "<" + label + ">" - label = "" - } -end: - if s != "" { - goto start - } - - return output - -} diff --git a/vendor/github.com/docker/distribution/cmd/registry/config-cache.yml b/vendor/github.com/docker/distribution/cmd/registry/config-cache.yml deleted file mode 100644 index 7a274ea5..00000000 --- a/vendor/github.com/docker/distribution/cmd/registry/config-cache.yml +++ /dev/null @@ -1,55 +0,0 @@ -version: 0.1 -log: - level: debug - fields: - service: registry - environment: development -storage: - cache: - blobdescriptor: redis - filesystem: - rootdirectory: /var/lib/registry-cache - maintenance: - uploadpurging: - enabled: false -http: - addr: :5000 - secret: asecretforlocaldevelopment - debug: - addr: localhost:5001 - headers: - X-Content-Type-Options: [nosniff] -redis: - addr: localhost:6379 - pool: - maxidle: 16 - maxactive: 64 - idletimeout: 300s - dialtimeout: 10ms - readtimeout: 10ms - writetimeout: 10ms -notifications: - endpoints: - - name: local-8082 - url: http://localhost:5003/callback - headers: - Authorization: [Bearer ] - timeout: 1s - threshold: 10 - backoff: 1s - disabled: true - - name: local-8083 - url: http://localhost:8083/callback - timeout: 1s - threshold: 10 - backoff: 1s - disabled: true -proxy: - remoteurl: https://registry-1.docker.io - username: username - password: password -health: - storagedriver: - enabled: true - interval: 10s - threshold: 3 diff --git a/vendor/github.com/docker/distribution/cmd/registry/config-dev.yml b/vendor/github.com/docker/distribution/cmd/registry/config-dev.yml deleted file mode 100644 index b6438be5..00000000 --- a/vendor/github.com/docker/distribution/cmd/registry/config-dev.yml +++ /dev/null @@ -1,66 +0,0 @@ -version: 0.1 -log: - level: debug - fields: - service: registry - environment: development - hooks: - - type: mail - disabled: true - levels: - - panic - options: - smtp: - addr: mail.example.com:25 - username: mailuser - password: password - insecure: true - from: sender@example.com - to: - - errors@example.com -storage: - delete: - enabled: true - cache: - blobdescriptor: redis - filesystem: - rootdirectory: /var/lib/registry - maintenance: - uploadpurging: - enabled: false -http: - addr: :5000 - debug: - addr: localhost:5001 - headers: - X-Content-Type-Options: [nosniff] -redis: - addr: localhost:6379 - pool: - maxidle: 16 - maxactive: 64 - idletimeout: 300s - dialtimeout: 10ms - readtimeout: 10ms - writetimeout: 10ms -notifications: - endpoints: - - name: local-5003 - url: http://localhost:5003/callback - headers: - Authorization: [Bearer ] - timeout: 1s - threshold: 10 - backoff: 1s - disabled: true - - name: local-8083 - url: http://localhost:8083/callback - timeout: 1s - threshold: 10 - backoff: 1s - disabled: true -health: - storagedriver: - enabled: true - interval: 10s - threshold: 3 diff --git a/vendor/github.com/docker/distribution/cmd/registry/config-example.yml b/vendor/github.com/docker/distribution/cmd/registry/config-example.yml deleted file mode 100644 index 3277f9a2..00000000 --- a/vendor/github.com/docker/distribution/cmd/registry/config-example.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: 0.1 -log: - fields: - service: registry -storage: - cache: - blobdescriptor: inmemory - filesystem: - rootdirectory: /var/lib/registry -http: - addr: :5000 - headers: - X-Content-Type-Options: [nosniff] -health: - storagedriver: - enabled: true - interval: 10s - threshold: 3 diff --git a/vendor/github.com/docker/distribution/cmd/registry/main.go b/vendor/github.com/docker/distribution/cmd/registry/main.go deleted file mode 100644 index c077a0c1..00000000 --- a/vendor/github.com/docker/distribution/cmd/registry/main.go +++ /dev/null @@ -1,25 +0,0 @@ -package main - -import ( - _ "net/http/pprof" - - "github.com/docker/distribution/registry" - _ "github.com/docker/distribution/registry/auth/htpasswd" - _ "github.com/docker/distribution/registry/auth/silly" - _ "github.com/docker/distribution/registry/auth/token" - _ "github.com/docker/distribution/registry/proxy" - _ "github.com/docker/distribution/registry/storage/driver/azure" - _ "github.com/docker/distribution/registry/storage/driver/filesystem" - _ "github.com/docker/distribution/registry/storage/driver/gcs" - _ "github.com/docker/distribution/registry/storage/driver/inmemory" - _ "github.com/docker/distribution/registry/storage/driver/middleware/cloudfront" - _ "github.com/docker/distribution/registry/storage/driver/middleware/redirect" - _ "github.com/docker/distribution/registry/storage/driver/oss" - _ "github.com/docker/distribution/registry/storage/driver/s3-aws" - _ "github.com/docker/distribution/registry/storage/driver/s3-goamz" - _ "github.com/docker/distribution/registry/storage/driver/swift" -) - -func main() { - registry.RootCmd.Execute() -} diff --git a/vendor/github.com/docker/distribution/configuration/configuration.go b/vendor/github.com/docker/distribution/configuration/configuration.go deleted file mode 100644 index ec50a6b1..00000000 --- a/vendor/github.com/docker/distribution/configuration/configuration.go +++ /dev/null @@ -1,643 +0,0 @@ -package configuration - -import ( - "fmt" - "io" - "io/ioutil" - "net/http" - "reflect" - "strings" - "time" -) - -// Configuration is a versioned registry configuration, intended to be provided by a yaml file, and -// optionally modified by environment variables. -// -// Note that yaml field names should never include _ characters, since this is the separator used -// in environment variable names. -type Configuration struct { - // Version is the version which defines the format of the rest of the configuration - Version Version `yaml:"version"` - - // Log supports setting various parameters related to the logging - // subsystem. - Log struct { - // AccessLog configures access logging. - AccessLog struct { - // Disabled disables access logging. - Disabled bool `yaml:"disabled,omitempty"` - } `yaml:"accesslog,omitempty"` - - // Level is the granularity at which registry operations are logged. - Level Loglevel `yaml:"level"` - - // Formatter overrides the default formatter with another. Options - // include "text", "json" and "logstash". - Formatter string `yaml:"formatter,omitempty"` - - // Fields allows users to specify static string fields to include in - // the logger context. - Fields map[string]interface{} `yaml:"fields,omitempty"` - - // Hooks allows users to configure the log hooks, to enabling the - // sequent handling behavior, when defined levels of log message emit. - Hooks []LogHook `yaml:"hooks,omitempty"` - } - - // Loglevel is the level at which registry operations are logged. This is - // deprecated. Please use Log.Level in the future. - Loglevel Loglevel `yaml:"loglevel,omitempty"` - - // Storage is the configuration for the registry's storage driver - Storage Storage `yaml:"storage"` - - // Auth allows configuration of various authorization methods that may be - // used to gate requests. - Auth Auth `yaml:"auth,omitempty"` - - // Middleware lists all middlewares to be used by the registry. - Middleware map[string][]Middleware `yaml:"middleware,omitempty"` - - // Reporting is the configuration for error reporting - Reporting Reporting `yaml:"reporting,omitempty"` - - // HTTP contains configuration parameters for the registry's http - // interface. - HTTP struct { - // Addr specifies the bind address for the registry instance. - Addr string `yaml:"addr,omitempty"` - - // Net specifies the net portion of the bind address. A default empty value means tcp. - Net string `yaml:"net,omitempty"` - - // Host specifies an externally-reachable address for the registry, as a fully - // qualified URL. - Host string `yaml:"host,omitempty"` - - Prefix string `yaml:"prefix,omitempty"` - - // Secret specifies the secret key which HMAC tokens are created with. - Secret string `yaml:"secret,omitempty"` - - // RelativeURLs specifies that relative URLs should be returned in - // Location headers - RelativeURLs bool `yaml:"relativeurls,omitempty"` - - // TLS instructs the http server to listen with a TLS configuration. - // This only support simple tls configuration with a cert and key. - // Mostly, this is useful for testing situations or simple deployments - // that require tls. If more complex configurations are required, use - // a proxy or make a proposal to add support here. - TLS struct { - // Certificate specifies the path to an x509 certificate file to - // be used for TLS. - Certificate string `yaml:"certificate,omitempty"` - - // Key specifies the path to the x509 key file, which should - // contain the private portion for the file specified in - // Certificate. - Key string `yaml:"key,omitempty"` - - // Specifies the CA certs for client authentication - // A file may contain multiple CA certificates encoded as PEM - ClientCAs []string `yaml:"clientcas,omitempty"` - - // LetsEncrypt is used to configuration setting up TLS through - // Let's Encrypt instead of manually specifying certificate and - // key. If a TLS certificate is specified, the Let's Encrypt - // section will not be used. - LetsEncrypt struct { - // CacheFile specifies cache file to use for lets encrypt - // certificates and keys. - CacheFile string `yaml:"cachefile,omitempty"` - - // Email is the email to use during Let's Encrypt registration - Email string `yaml:"email,omitempty"` - } `yaml:"letsencrypt,omitempty"` - } `yaml:"tls,omitempty"` - - // Headers is a set of headers to include in HTTP responses. A common - // use case for this would be security headers such as - // Strict-Transport-Security. The map keys are the header names, and - // the values are the associated header payloads. - Headers http.Header `yaml:"headers,omitempty"` - - // Debug configures the http debug interface, if specified. This can - // include services such as pprof, expvar and other data that should - // not be exposed externally. Left disabled by default. - Debug struct { - // Addr specifies the bind address for the debug server. - Addr string `yaml:"addr,omitempty"` - } `yaml:"debug,omitempty"` - - // HTTP2 configuration options - HTTP2 struct { - // Specifies wether the registry should disallow clients attempting - // to connect via http2. If set to true, only http/1.1 is supported. - Disabled bool `yaml:"disabled,omitempty"` - } `yaml:"http2,omitempty"` - } `yaml:"http,omitempty"` - - // Notifications specifies configuration about various endpoint to which - // registry events are dispatched. - Notifications Notifications `yaml:"notifications,omitempty"` - - // Redis configures the redis pool available to the registry webapp. - Redis struct { - // Addr specifies the the redis instance available to the application. - Addr string `yaml:"addr,omitempty"` - - // Password string to use when making a connection. - Password string `yaml:"password,omitempty"` - - // DB specifies the database to connect to on the redis instance. - DB int `yaml:"db,omitempty"` - - DialTimeout time.Duration `yaml:"dialtimeout,omitempty"` // timeout for connect - ReadTimeout time.Duration `yaml:"readtimeout,omitempty"` // timeout for reads of data - WriteTimeout time.Duration `yaml:"writetimeout,omitempty"` // timeout for writes of data - - // Pool configures the behavior of the redis connection pool. - Pool struct { - // MaxIdle sets the maximum number of idle connections. - MaxIdle int `yaml:"maxidle,omitempty"` - - // MaxActive sets the maximum number of connections that should be - // opened before blocking a connection request. - MaxActive int `yaml:"maxactive,omitempty"` - - // IdleTimeout sets the amount time to wait before closing - // inactive connections. - IdleTimeout time.Duration `yaml:"idletimeout,omitempty"` - } `yaml:"pool,omitempty"` - } `yaml:"redis,omitempty"` - - Health Health `yaml:"health,omitempty"` - - Proxy Proxy `yaml:"proxy,omitempty"` - - // Compatibility is used for configurations of working with older or deprecated features. - Compatibility struct { - // Schema1 configures how schema1 manifests will be handled - Schema1 struct { - // TrustKey is the signing key to use for adding the signature to - // schema1 manifests. - TrustKey string `yaml:"signingkeyfile,omitempty"` - } `yaml:"schema1,omitempty"` - } `yaml:"compatibility,omitempty"` - - // Validation configures validation options for the registry. - Validation struct { - // Enabled enables the other options in this section. - Enabled bool `yaml:"enabled,omitempty"` - // Manifests configures manifest validation. - Manifests struct { - // URLs configures validation for URLs in pushed manifests. - URLs struct { - // Allow specifies regular expressions (https://godoc.org/regexp/syntax) - // that URLs in pushed manifests must match. - Allow []string `yaml:"allow,omitempty"` - // Deny specifies regular expressions (https://godoc.org/regexp/syntax) - // that URLs in pushed manifests must not match. - Deny []string `yaml:"deny,omitempty"` - } `yaml:"urls,omitempty"` - } `yaml:"manifests,omitempty"` - } `yaml:"validation,omitempty"` - - // Policy configures registry policy options. - Policy struct { - // Repository configures policies for repositories - Repository struct { - // Classes is a list of repository classes which the - // registry allows content for. This class is matched - // against the configuration media type inside uploaded - // manifests. When non-empty, the registry will enforce - // the class in authorized resources. - Classes []string `yaml:"classes"` - } `yaml:"repository,omitempty"` - } `yaml:"policy,omitempty"` -} - -// LogHook is composed of hook Level and Type. -// After hooks configuration, it can execute the next handling automatically, -// when defined levels of log message emitted. -// Example: hook can sending an email notification when error log happens in app. -type LogHook struct { - // Disable lets user select to enable hook or not. - Disabled bool `yaml:"disabled,omitempty"` - - // Type allows user to select which type of hook handler they want. - Type string `yaml:"type,omitempty"` - - // Levels set which levels of log message will let hook executed. - Levels []string `yaml:"levels,omitempty"` - - // MailOptions allows user to configurate email parameters. - MailOptions MailOptions `yaml:"options,omitempty"` -} - -// MailOptions provides the configuration sections to user, for specific handler. -type MailOptions struct { - SMTP struct { - // Addr defines smtp host address - Addr string `yaml:"addr,omitempty"` - - // Username defines user name to smtp host - Username string `yaml:"username,omitempty"` - - // Password defines password of login user - Password string `yaml:"password,omitempty"` - - // Insecure defines if smtp login skips the secure certification. - Insecure bool `yaml:"insecure,omitempty"` - } `yaml:"smtp,omitempty"` - - // From defines mail sending address - From string `yaml:"from,omitempty"` - - // To defines mail receiving address - To []string `yaml:"to,omitempty"` -} - -// FileChecker is a type of entry in the health section for checking files. -type FileChecker struct { - // Interval is the duration in between checks - Interval time.Duration `yaml:"interval,omitempty"` - // File is the path to check - File string `yaml:"file,omitempty"` - // Threshold is the number of times a check must fail to trigger an - // unhealthy state - Threshold int `yaml:"threshold,omitempty"` -} - -// HTTPChecker is a type of entry in the health section for checking HTTP URIs. -type HTTPChecker struct { - // Timeout is the duration to wait before timing out the HTTP request - Timeout time.Duration `yaml:"timeout,omitempty"` - // StatusCode is the expected status code - StatusCode int - // Interval is the duration in between checks - Interval time.Duration `yaml:"interval,omitempty"` - // URI is the HTTP URI to check - URI string `yaml:"uri,omitempty"` - // Headers lists static headers that should be added to all requests - Headers http.Header `yaml:"headers"` - // Threshold is the number of times a check must fail to trigger an - // unhealthy state - Threshold int `yaml:"threshold,omitempty"` -} - -// TCPChecker is a type of entry in the health section for checking TCP servers. -type TCPChecker struct { - // Timeout is the duration to wait before timing out the TCP connection - Timeout time.Duration `yaml:"timeout,omitempty"` - // Interval is the duration in between checks - Interval time.Duration `yaml:"interval,omitempty"` - // Addr is the TCP address to check - Addr string `yaml:"addr,omitempty"` - // Threshold is the number of times a check must fail to trigger an - // unhealthy state - Threshold int `yaml:"threshold,omitempty"` -} - -// Health provides the configuration section for health checks. -type Health struct { - // FileCheckers is a list of paths to check - FileCheckers []FileChecker `yaml:"file,omitempty"` - // HTTPCheckers is a list of URIs to check - HTTPCheckers []HTTPChecker `yaml:"http,omitempty"` - // TCPCheckers is a list of URIs to check - TCPCheckers []TCPChecker `yaml:"tcp,omitempty"` - // StorageDriver configures a health check on the configured storage - // driver - StorageDriver struct { - // Enabled turns on the health check for the storage driver - Enabled bool `yaml:"enabled,omitempty"` - // Interval is the duration in between checks - Interval time.Duration `yaml:"interval,omitempty"` - // Threshold is the number of times a check must fail to trigger an - // unhealthy state - Threshold int `yaml:"threshold,omitempty"` - } `yaml:"storagedriver,omitempty"` -} - -// v0_1Configuration is a Version 0.1 Configuration struct -// This is currently aliased to Configuration, as it is the current version -type v0_1Configuration Configuration - -// UnmarshalYAML implements the yaml.Unmarshaler interface -// Unmarshals a string of the form X.Y into a Version, validating that X and Y can represent uints -func (version *Version) UnmarshalYAML(unmarshal func(interface{}) error) error { - var versionString string - err := unmarshal(&versionString) - if err != nil { - return err - } - - newVersion := Version(versionString) - if _, err := newVersion.major(); err != nil { - return err - } - - if _, err := newVersion.minor(); err != nil { - return err - } - - *version = newVersion - return nil -} - -// CurrentVersion is the most recent Version that can be parsed -var CurrentVersion = MajorMinorVersion(0, 1) - -// Loglevel is the level at which operations are logged -// This can be error, warn, info, or debug -type Loglevel string - -// UnmarshalYAML implements the yaml.Umarshaler interface -// Unmarshals a string into a Loglevel, lowercasing the string and validating that it represents a -// valid loglevel -func (loglevel *Loglevel) UnmarshalYAML(unmarshal func(interface{}) error) error { - var loglevelString string - err := unmarshal(&loglevelString) - if err != nil { - return err - } - - loglevelString = strings.ToLower(loglevelString) - switch loglevelString { - case "error", "warn", "info", "debug": - default: - return fmt.Errorf("Invalid loglevel %s Must be one of [error, warn, info, debug]", loglevelString) - } - - *loglevel = Loglevel(loglevelString) - return nil -} - -// Parameters defines a key-value parameters mapping -type Parameters map[string]interface{} - -// Storage defines the configuration for registry object storage -type Storage map[string]Parameters - -// Type returns the storage driver type, such as filesystem or s3 -func (storage Storage) Type() string { - var storageType []string - - // Return only key in this map - for k := range storage { - switch k { - case "maintenance": - // allow configuration of maintenance - case "cache": - // allow configuration of caching - case "delete": - // allow configuration of delete - case "redirect": - // allow configuration of redirect - default: - storageType = append(storageType, k) - } - } - if len(storageType) > 1 { - panic("multiple storage drivers specified in configuration or environment: " + strings.Join(storageType, ", ")) - } - if len(storageType) == 1 { - return storageType[0] - } - return "" -} - -// Parameters returns the Parameters map for a Storage configuration -func (storage Storage) Parameters() Parameters { - return storage[storage.Type()] -} - -// setParameter changes the parameter at the provided key to the new value -func (storage Storage) setParameter(key string, value interface{}) { - storage[storage.Type()][key] = value -} - -// UnmarshalYAML implements the yaml.Unmarshaler interface -// Unmarshals a single item map into a Storage or a string into a Storage type with no parameters -func (storage *Storage) UnmarshalYAML(unmarshal func(interface{}) error) error { - var storageMap map[string]Parameters - err := unmarshal(&storageMap) - if err == nil { - if len(storageMap) > 1 { - types := make([]string, 0, len(storageMap)) - for k := range storageMap { - switch k { - case "maintenance": - // allow for configuration of maintenance - case "cache": - // allow configuration of caching - case "delete": - // allow configuration of delete - case "redirect": - // allow configuration of redirect - default: - types = append(types, k) - } - } - - if len(types) > 1 { - return fmt.Errorf("Must provide exactly one storage type. Provided: %v", types) - } - } - *storage = storageMap - return nil - } - - var storageType string - err = unmarshal(&storageType) - if err == nil { - *storage = Storage{storageType: Parameters{}} - return nil - } - - return err -} - -// MarshalYAML implements the yaml.Marshaler interface -func (storage Storage) MarshalYAML() (interface{}, error) { - if storage.Parameters() == nil { - return storage.Type(), nil - } - return map[string]Parameters(storage), nil -} - -// Auth defines the configuration for registry authorization. -type Auth map[string]Parameters - -// Type returns the auth type, such as htpasswd or token -func (auth Auth) Type() string { - // Return only key in this map - for k := range auth { - return k - } - return "" -} - -// Parameters returns the Parameters map for an Auth configuration -func (auth Auth) Parameters() Parameters { - return auth[auth.Type()] -} - -// setParameter changes the parameter at the provided key to the new value -func (auth Auth) setParameter(key string, value interface{}) { - auth[auth.Type()][key] = value -} - -// UnmarshalYAML implements the yaml.Unmarshaler interface -// Unmarshals a single item map into a Storage or a string into a Storage type with no parameters -func (auth *Auth) UnmarshalYAML(unmarshal func(interface{}) error) error { - var m map[string]Parameters - err := unmarshal(&m) - if err == nil { - if len(m) > 1 { - types := make([]string, 0, len(m)) - for k := range m { - types = append(types, k) - } - - // TODO(stevvooe): May want to change this slightly for - // authorization to allow multiple challenges. - return fmt.Errorf("must provide exactly one type. Provided: %v", types) - - } - *auth = m - return nil - } - - var authType string - err = unmarshal(&authType) - if err == nil { - *auth = Auth{authType: Parameters{}} - return nil - } - - return err -} - -// MarshalYAML implements the yaml.Marshaler interface -func (auth Auth) MarshalYAML() (interface{}, error) { - if auth.Parameters() == nil { - return auth.Type(), nil - } - return map[string]Parameters(auth), nil -} - -// Notifications configures multiple http endpoints. -type Notifications struct { - // Endpoints is a list of http configurations for endpoints that - // respond to webhook notifications. In the future, we may allow other - // kinds of endpoints, such as external queues. - Endpoints []Endpoint `yaml:"endpoints,omitempty"` -} - -// Endpoint describes the configuration of an http webhook notification -// endpoint. -type Endpoint struct { - Name string `yaml:"name"` // identifies the endpoint in the registry instance. - Disabled bool `yaml:"disabled"` // disables the endpoint - URL string `yaml:"url"` // post url for the endpoint. - Headers http.Header `yaml:"headers"` // static headers that should be added to all requests - Timeout time.Duration `yaml:"timeout"` // HTTP timeout - Threshold int `yaml:"threshold"` // circuit breaker threshold before backing off on failure - Backoff time.Duration `yaml:"backoff"` // backoff duration - IgnoredMediaTypes []string `yaml:"ignoredmediatypes"` // target media types to ignore -} - -// Reporting defines error reporting methods. -type Reporting struct { - // Bugsnag configures error reporting for Bugsnag (bugsnag.com). - Bugsnag BugsnagReporting `yaml:"bugsnag,omitempty"` - // NewRelic configures error reporting for NewRelic (newrelic.com) - NewRelic NewRelicReporting `yaml:"newrelic,omitempty"` -} - -// BugsnagReporting configures error reporting for Bugsnag (bugsnag.com). -type BugsnagReporting struct { - // APIKey is the Bugsnag api key. - APIKey string `yaml:"apikey,omitempty"` - // ReleaseStage tracks where the registry is deployed. - // Examples: production, staging, development - ReleaseStage string `yaml:"releasestage,omitempty"` - // Endpoint is used for specifying an enterprise Bugsnag endpoint. - Endpoint string `yaml:"endpoint,omitempty"` -} - -// NewRelicReporting configures error reporting for NewRelic (newrelic.com) -type NewRelicReporting struct { - // LicenseKey is the NewRelic user license key - LicenseKey string `yaml:"licensekey,omitempty"` - // Name is the component name of the registry in NewRelic - Name string `yaml:"name,omitempty"` - // Verbose configures debug output to STDOUT - Verbose bool `yaml:"verbose,omitempty"` -} - -// Middleware configures named middlewares to be applied at injection points. -type Middleware struct { - // Name the middleware registers itself as - Name string `yaml:"name"` - // Flag to disable middleware easily - Disabled bool `yaml:"disabled,omitempty"` - // Map of parameters that will be passed to the middleware's initialization function - Options Parameters `yaml:"options"` -} - -// Proxy configures the registry as a pull through cache -type Proxy struct { - // RemoteURL is the URL of the remote registry - RemoteURL string `yaml:"remoteurl"` - - // Username of the hub user - Username string `yaml:"username"` - - // Password of the hub user - Password string `yaml:"password"` -} - -// Parse parses an input configuration yaml document into a Configuration struct -// This should generally be capable of handling old configuration format versions -// -// Environment variables may be used to override configuration parameters other than version, -// following the scheme below: -// Configuration.Abc may be replaced by the value of REGISTRY_ABC, -// Configuration.Abc.Xyz may be replaced by the value of REGISTRY_ABC_XYZ, and so forth -func Parse(rd io.Reader) (*Configuration, error) { - in, err := ioutil.ReadAll(rd) - if err != nil { - return nil, err - } - - p := NewParser("registry", []VersionedParseInfo{ - { - Version: MajorMinorVersion(0, 1), - ParseAs: reflect.TypeOf(v0_1Configuration{}), - ConversionFunc: func(c interface{}) (interface{}, error) { - if v0_1, ok := c.(*v0_1Configuration); ok { - if v0_1.Loglevel == Loglevel("") { - v0_1.Loglevel = Loglevel("info") - } - if v0_1.Storage.Type() == "" { - return nil, fmt.Errorf("No storage configuration provided") - } - return (*Configuration)(v0_1), nil - } - return nil, fmt.Errorf("Expected *v0_1Configuration, received %#v", c) - }, - }, - }) - - config := new(Configuration) - err = p.Parse(in, config) - if err != nil { - return nil, err - } - - return config, nil -} diff --git a/vendor/github.com/docker/distribution/configuration/configuration_test.go b/vendor/github.com/docker/distribution/configuration/configuration_test.go deleted file mode 100644 index 3e1583dd..00000000 --- a/vendor/github.com/docker/distribution/configuration/configuration_test.go +++ /dev/null @@ -1,529 +0,0 @@ -package configuration - -import ( - "bytes" - "net/http" - "os" - "reflect" - "strings" - "testing" - - . "gopkg.in/check.v1" - "gopkg.in/yaml.v2" -) - -// Hook up gocheck into the "go test" runner -func Test(t *testing.T) { TestingT(t) } - -// configStruct is a canonical example configuration, which should map to configYamlV0_1 -var configStruct = Configuration{ - Version: "0.1", - Log: struct { - AccessLog struct { - Disabled bool `yaml:"disabled,omitempty"` - } `yaml:"accesslog,omitempty"` - Level Loglevel `yaml:"level"` - Formatter string `yaml:"formatter,omitempty"` - Fields map[string]interface{} `yaml:"fields,omitempty"` - Hooks []LogHook `yaml:"hooks,omitempty"` - }{ - Fields: map[string]interface{}{"environment": "test"}, - }, - Loglevel: "info", - Storage: Storage{ - "s3": Parameters{ - "region": "us-east-1", - "bucket": "my-bucket", - "rootdirectory": "/registry", - "encrypt": true, - "secure": false, - "accesskey": "SAMPLEACCESSKEY", - "secretkey": "SUPERSECRET", - "host": nil, - "port": 42, - }, - }, - Auth: Auth{ - "silly": Parameters{ - "realm": "silly", - "service": "silly", - }, - }, - Reporting: Reporting{ - Bugsnag: BugsnagReporting{ - APIKey: "BugsnagApiKey", - }, - }, - Notifications: Notifications{ - Endpoints: []Endpoint{ - { - Name: "endpoint-1", - URL: "http://example.com", - Headers: http.Header{ - "Authorization": []string{"Bearer "}, - }, - IgnoredMediaTypes: []string{"application/octet-stream"}, - }, - }, - }, - HTTP: struct { - Addr string `yaml:"addr,omitempty"` - Net string `yaml:"net,omitempty"` - Host string `yaml:"host,omitempty"` - Prefix string `yaml:"prefix,omitempty"` - Secret string `yaml:"secret,omitempty"` - RelativeURLs bool `yaml:"relativeurls,omitempty"` - TLS struct { - Certificate string `yaml:"certificate,omitempty"` - Key string `yaml:"key,omitempty"` - ClientCAs []string `yaml:"clientcas,omitempty"` - LetsEncrypt struct { - CacheFile string `yaml:"cachefile,omitempty"` - Email string `yaml:"email,omitempty"` - } `yaml:"letsencrypt,omitempty"` - } `yaml:"tls,omitempty"` - Headers http.Header `yaml:"headers,omitempty"` - Debug struct { - Addr string `yaml:"addr,omitempty"` - } `yaml:"debug,omitempty"` - HTTP2 struct { - Disabled bool `yaml:"disabled,omitempty"` - } `yaml:"http2,omitempty"` - }{ - TLS: struct { - Certificate string `yaml:"certificate,omitempty"` - Key string `yaml:"key,omitempty"` - ClientCAs []string `yaml:"clientcas,omitempty"` - LetsEncrypt struct { - CacheFile string `yaml:"cachefile,omitempty"` - Email string `yaml:"email,omitempty"` - } `yaml:"letsencrypt,omitempty"` - }{ - ClientCAs: []string{"/path/to/ca.pem"}, - }, - Headers: http.Header{ - "X-Content-Type-Options": []string{"nosniff"}, - }, - HTTP2: struct { - Disabled bool `yaml:"disabled,omitempty"` - }{ - Disabled: false, - }, - }, -} - -// configYamlV0_1 is a Version 0.1 yaml document representing configStruct -var configYamlV0_1 = ` -version: 0.1 -log: - fields: - environment: test -loglevel: info -storage: - s3: - region: us-east-1 - bucket: my-bucket - rootdirectory: /registry - encrypt: true - secure: false - accesskey: SAMPLEACCESSKEY - secretkey: SUPERSECRET - host: ~ - port: 42 -auth: - silly: - realm: silly - service: silly -notifications: - endpoints: - - name: endpoint-1 - url: http://example.com - headers: - Authorization: [Bearer ] - ignoredmediatypes: - - application/octet-stream -reporting: - bugsnag: - apikey: BugsnagApiKey -http: - clientcas: - - /path/to/ca.pem - headers: - X-Content-Type-Options: [nosniff] -` - -// inmemoryConfigYamlV0_1 is a Version 0.1 yaml document specifying an inmemory -// storage driver with no parameters -var inmemoryConfigYamlV0_1 = ` -version: 0.1 -loglevel: info -storage: inmemory -auth: - silly: - realm: silly - service: silly -notifications: - endpoints: - - name: endpoint-1 - url: http://example.com - headers: - Authorization: [Bearer ] - ignoredmediatypes: - - application/octet-stream -http: - headers: - X-Content-Type-Options: [nosniff] -` - -type ConfigSuite struct { - expectedConfig *Configuration -} - -var _ = Suite(new(ConfigSuite)) - -func (suite *ConfigSuite) SetUpTest(c *C) { - os.Clearenv() - suite.expectedConfig = copyConfig(configStruct) -} - -// TestMarshalRoundtrip validates that configStruct can be marshaled and -// unmarshaled without changing any parameters -func (suite *ConfigSuite) TestMarshalRoundtrip(c *C) { - configBytes, err := yaml.Marshal(suite.expectedConfig) - c.Assert(err, IsNil) - config, err := Parse(bytes.NewReader(configBytes)) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseSimple validates that configYamlV0_1 can be parsed into a struct -// matching configStruct -func (suite *ConfigSuite) TestParseSimple(c *C) { - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseInmemory validates that configuration yaml with storage provided as -// a string can be parsed into a Configuration struct with no storage parameters -func (suite *ConfigSuite) TestParseInmemory(c *C) { - suite.expectedConfig.Storage = Storage{"inmemory": Parameters{}} - suite.expectedConfig.Reporting = Reporting{} - suite.expectedConfig.Log.Fields = nil - - config, err := Parse(bytes.NewReader([]byte(inmemoryConfigYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseIncomplete validates that an incomplete yaml configuration cannot -// be parsed without providing environment variables to fill in the missing -// components. -func (suite *ConfigSuite) TestParseIncomplete(c *C) { - incompleteConfigYaml := "version: 0.1" - _, err := Parse(bytes.NewReader([]byte(incompleteConfigYaml))) - c.Assert(err, NotNil) - - suite.expectedConfig.Log.Fields = nil - suite.expectedConfig.Storage = Storage{"filesystem": Parameters{"rootdirectory": "/tmp/testroot"}} - suite.expectedConfig.Auth = Auth{"silly": Parameters{"realm": "silly"}} - suite.expectedConfig.Reporting = Reporting{} - suite.expectedConfig.Notifications = Notifications{} - suite.expectedConfig.HTTP.Headers = nil - - // Note: this also tests that REGISTRY_STORAGE and - // REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY can be used together - os.Setenv("REGISTRY_STORAGE", "filesystem") - os.Setenv("REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY", "/tmp/testroot") - os.Setenv("REGISTRY_AUTH", "silly") - os.Setenv("REGISTRY_AUTH_SILLY_REALM", "silly") - - config, err := Parse(bytes.NewReader([]byte(incompleteConfigYaml))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseWithSameEnvStorage validates that providing environment variables -// that match the given storage type will only include environment-defined -// parameters and remove yaml-defined parameters -func (suite *ConfigSuite) TestParseWithSameEnvStorage(c *C) { - suite.expectedConfig.Storage = Storage{"s3": Parameters{"region": "us-east-1"}} - - os.Setenv("REGISTRY_STORAGE", "s3") - os.Setenv("REGISTRY_STORAGE_S3_REGION", "us-east-1") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseWithDifferentEnvStorageParams validates that providing environment variables that change -// and add to the given storage parameters will change and add parameters to the parsed -// Configuration struct -func (suite *ConfigSuite) TestParseWithDifferentEnvStorageParams(c *C) { - suite.expectedConfig.Storage.setParameter("region", "us-west-1") - suite.expectedConfig.Storage.setParameter("secure", true) - suite.expectedConfig.Storage.setParameter("newparam", "some Value") - - os.Setenv("REGISTRY_STORAGE_S3_REGION", "us-west-1") - os.Setenv("REGISTRY_STORAGE_S3_SECURE", "true") - os.Setenv("REGISTRY_STORAGE_S3_NEWPARAM", "some Value") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseWithDifferentEnvStorageType validates that providing an environment variable that -// changes the storage type will be reflected in the parsed Configuration struct -func (suite *ConfigSuite) TestParseWithDifferentEnvStorageType(c *C) { - suite.expectedConfig.Storage = Storage{"inmemory": Parameters{}} - - os.Setenv("REGISTRY_STORAGE", "inmemory") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseWithDifferentEnvStorageTypeAndParams validates that providing an environment variable -// that changes the storage type will be reflected in the parsed Configuration struct and that -// environment storage parameters will also be included -func (suite *ConfigSuite) TestParseWithDifferentEnvStorageTypeAndParams(c *C) { - suite.expectedConfig.Storage = Storage{"filesystem": Parameters{}} - suite.expectedConfig.Storage.setParameter("rootdirectory", "/tmp/testroot") - - os.Setenv("REGISTRY_STORAGE", "filesystem") - os.Setenv("REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY", "/tmp/testroot") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseWithSameEnvLoglevel validates that providing an environment variable defining the log -// level to the same as the one provided in the yaml will not change the parsed Configuration struct -func (suite *ConfigSuite) TestParseWithSameEnvLoglevel(c *C) { - os.Setenv("REGISTRY_LOGLEVEL", "info") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseWithDifferentEnvLoglevel validates that providing an environment variable defining the -// log level will override the value provided in the yaml document -func (suite *ConfigSuite) TestParseWithDifferentEnvLoglevel(c *C) { - suite.expectedConfig.Loglevel = "error" - - os.Setenv("REGISTRY_LOGLEVEL", "error") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseInvalidLoglevel validates that the parser will fail to parse a -// configuration if the loglevel is malformed -func (suite *ConfigSuite) TestParseInvalidLoglevel(c *C) { - invalidConfigYaml := "version: 0.1\nloglevel: derp\nstorage: inmemory" - _, err := Parse(bytes.NewReader([]byte(invalidConfigYaml))) - c.Assert(err, NotNil) - - os.Setenv("REGISTRY_LOGLEVEL", "derp") - - _, err = Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, NotNil) - -} - -// TestParseWithDifferentEnvReporting validates that environment variables -// properly override reporting parameters -func (suite *ConfigSuite) TestParseWithDifferentEnvReporting(c *C) { - suite.expectedConfig.Reporting.Bugsnag.APIKey = "anotherBugsnagApiKey" - suite.expectedConfig.Reporting.Bugsnag.Endpoint = "localhost:8080" - suite.expectedConfig.Reporting.NewRelic.LicenseKey = "NewRelicLicenseKey" - suite.expectedConfig.Reporting.NewRelic.Name = "some NewRelic NAME" - - os.Setenv("REGISTRY_REPORTING_BUGSNAG_APIKEY", "anotherBugsnagApiKey") - os.Setenv("REGISTRY_REPORTING_BUGSNAG_ENDPOINT", "localhost:8080") - os.Setenv("REGISTRY_REPORTING_NEWRELIC_LICENSEKEY", "NewRelicLicenseKey") - os.Setenv("REGISTRY_REPORTING_NEWRELIC_NAME", "some NewRelic NAME") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseInvalidVersion validates that the parser will fail to parse a newer configuration -// version than the CurrentVersion -func (suite *ConfigSuite) TestParseInvalidVersion(c *C) { - suite.expectedConfig.Version = MajorMinorVersion(CurrentVersion.Major(), CurrentVersion.Minor()+1) - configBytes, err := yaml.Marshal(suite.expectedConfig) - c.Assert(err, IsNil) - _, err = Parse(bytes.NewReader(configBytes)) - c.Assert(err, NotNil) -} - -// TestParseExtraneousVars validates that environment variables referring to -// nonexistent variables don't cause side effects. -func (suite *ConfigSuite) TestParseExtraneousVars(c *C) { - suite.expectedConfig.Reporting.Bugsnag.Endpoint = "localhost:8080" - - // A valid environment variable - os.Setenv("REGISTRY_REPORTING_BUGSNAG_ENDPOINT", "localhost:8080") - - // Environment variables which shouldn't set config items - os.Setenv("registry_REPORTING_NEWRELIC_LICENSEKEY", "NewRelicLicenseKey") - os.Setenv("REPORTING_NEWRELIC_NAME", "some NewRelic NAME") - os.Setenv("REGISTRY_DUCKS", "quack") - os.Setenv("REGISTRY_REPORTING_ASDF", "ghjk") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseEnvVarImplicitMaps validates that environment variables can set -// values in maps that don't already exist. -func (suite *ConfigSuite) TestParseEnvVarImplicitMaps(c *C) { - readonly := make(map[string]interface{}) - readonly["enabled"] = true - - maintenance := make(map[string]interface{}) - maintenance["readonly"] = readonly - - suite.expectedConfig.Storage["maintenance"] = maintenance - - os.Setenv("REGISTRY_STORAGE_MAINTENANCE_READONLY_ENABLED", "true") - - config, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) - c.Assert(config, DeepEquals, suite.expectedConfig) -} - -// TestParseEnvWrongTypeMap validates that incorrectly attempting to unmarshal a -// string over existing map fails. -func (suite *ConfigSuite) TestParseEnvWrongTypeMap(c *C) { - os.Setenv("REGISTRY_STORAGE_S3", "somestring") - - _, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, NotNil) -} - -// TestParseEnvWrongTypeStruct validates that incorrectly attempting to -// unmarshal a string into a struct fails. -func (suite *ConfigSuite) TestParseEnvWrongTypeStruct(c *C) { - os.Setenv("REGISTRY_STORAGE_LOG", "somestring") - - _, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, NotNil) -} - -// TestParseEnvWrongTypeSlice validates that incorrectly attempting to -// unmarshal a string into a slice fails. -func (suite *ConfigSuite) TestParseEnvWrongTypeSlice(c *C) { - os.Setenv("REGISTRY_LOG_HOOKS", "somestring") - - _, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, NotNil) -} - -// TestParseEnvMany tests several environment variable overrides. -// The result is not checked - the goal of this test is to detect panics -// from misuse of reflection. -func (suite *ConfigSuite) TestParseEnvMany(c *C) { - os.Setenv("REGISTRY_VERSION", "0.1") - os.Setenv("REGISTRY_LOG_LEVEL", "debug") - os.Setenv("REGISTRY_LOG_FORMATTER", "json") - os.Setenv("REGISTRY_LOG_HOOKS", "json") - os.Setenv("REGISTRY_LOG_FIELDS", "abc: xyz") - os.Setenv("REGISTRY_LOG_HOOKS", "- type: asdf") - os.Setenv("REGISTRY_LOGLEVEL", "debug") - os.Setenv("REGISTRY_STORAGE", "s3") - os.Setenv("REGISTRY_AUTH_PARAMS", "param1: value1") - os.Setenv("REGISTRY_AUTH_PARAMS_VALUE2", "value2") - os.Setenv("REGISTRY_AUTH_PARAMS_VALUE2", "value2") - - _, err := Parse(bytes.NewReader([]byte(configYamlV0_1))) - c.Assert(err, IsNil) -} - -func checkStructs(c *C, t reflect.Type, structsChecked map[string]struct{}) { - for t.Kind() == reflect.Ptr || t.Kind() == reflect.Map || t.Kind() == reflect.Slice { - t = t.Elem() - } - - if t.Kind() != reflect.Struct { - return - } - if _, present := structsChecked[t.String()]; present { - // Already checked this type - return - } - - structsChecked[t.String()] = struct{}{} - - byUpperCase := make(map[string]int) - for i := 0; i < t.NumField(); i++ { - sf := t.Field(i) - - // Check that the yaml tag does not contain an _. - yamlTag := sf.Tag.Get("yaml") - if strings.Contains(yamlTag, "_") { - c.Fatalf("yaml field name includes _ character: %s", yamlTag) - } - upper := strings.ToUpper(sf.Name) - if _, present := byUpperCase[upper]; present { - c.Fatalf("field name collision in configuration object: %s", sf.Name) - } - byUpperCase[upper] = i - - checkStructs(c, sf.Type, structsChecked) - } -} - -// TestValidateConfigStruct makes sure that the config struct has no members -// with yaml tags that would be ambiguous to the environment variable parser. -func (suite *ConfigSuite) TestValidateConfigStruct(c *C) { - structsChecked := make(map[string]struct{}) - checkStructs(c, reflect.TypeOf(Configuration{}), structsChecked) -} - -func copyConfig(config Configuration) *Configuration { - configCopy := new(Configuration) - - configCopy.Version = MajorMinorVersion(config.Version.Major(), config.Version.Minor()) - configCopy.Loglevel = config.Loglevel - configCopy.Log = config.Log - configCopy.Log.Fields = make(map[string]interface{}, len(config.Log.Fields)) - for k, v := range config.Log.Fields { - configCopy.Log.Fields[k] = v - } - - configCopy.Storage = Storage{config.Storage.Type(): Parameters{}} - for k, v := range config.Storage.Parameters() { - configCopy.Storage.setParameter(k, v) - } - configCopy.Reporting = Reporting{ - Bugsnag: BugsnagReporting{config.Reporting.Bugsnag.APIKey, config.Reporting.Bugsnag.ReleaseStage, config.Reporting.Bugsnag.Endpoint}, - NewRelic: NewRelicReporting{config.Reporting.NewRelic.LicenseKey, config.Reporting.NewRelic.Name, config.Reporting.NewRelic.Verbose}, - } - - configCopy.Auth = Auth{config.Auth.Type(): Parameters{}} - for k, v := range config.Auth.Parameters() { - configCopy.Auth.setParameter(k, v) - } - - configCopy.Notifications = Notifications{Endpoints: []Endpoint{}} - for _, v := range config.Notifications.Endpoints { - configCopy.Notifications.Endpoints = append(configCopy.Notifications.Endpoints, v) - } - - configCopy.HTTP.Headers = make(http.Header) - for k, v := range config.HTTP.Headers { - configCopy.HTTP.Headers[k] = v - } - - return configCopy -} diff --git a/vendor/github.com/docker/distribution/configuration/parser.go b/vendor/github.com/docker/distribution/configuration/parser.go deleted file mode 100644 index 8b81dd5d..00000000 --- a/vendor/github.com/docker/distribution/configuration/parser.go +++ /dev/null @@ -1,283 +0,0 @@ -package configuration - -import ( - "fmt" - "os" - "reflect" - "sort" - "strconv" - "strings" - - "github.com/Sirupsen/logrus" - "gopkg.in/yaml.v2" -) - -// Version is a major/minor version pair of the form Major.Minor -// Major version upgrades indicate structure or type changes -// Minor version upgrades should be strictly additive -type Version string - -// MajorMinorVersion constructs a Version from its Major and Minor components -func MajorMinorVersion(major, minor uint) Version { - return Version(fmt.Sprintf("%d.%d", major, minor)) -} - -func (version Version) major() (uint, error) { - majorPart := strings.Split(string(version), ".")[0] - major, err := strconv.ParseUint(majorPart, 10, 0) - return uint(major), err -} - -// Major returns the major version portion of a Version -func (version Version) Major() uint { - major, _ := version.major() - return major -} - -func (version Version) minor() (uint, error) { - minorPart := strings.Split(string(version), ".")[1] - minor, err := strconv.ParseUint(minorPart, 10, 0) - return uint(minor), err -} - -// Minor returns the minor version portion of a Version -func (version Version) Minor() uint { - minor, _ := version.minor() - return minor -} - -// VersionedParseInfo defines how a specific version of a configuration should -// be parsed into the current version -type VersionedParseInfo struct { - // Version is the version which this parsing information relates to - Version Version - // ParseAs defines the type which a configuration file of this version - // should be parsed into - ParseAs reflect.Type - // ConversionFunc defines a method for converting the parsed configuration - // (of type ParseAs) into the current configuration version - // Note: this method signature is very unclear with the absence of generics - ConversionFunc func(interface{}) (interface{}, error) -} - -type envVar struct { - name string - value string -} - -type envVars []envVar - -func (a envVars) Len() int { return len(a) } -func (a envVars) Swap(i, j int) { a[i], a[j] = a[j], a[i] } -func (a envVars) Less(i, j int) bool { return a[i].name < a[j].name } - -// Parser can be used to parse a configuration file and environment of a defined -// version into a unified output structure -type Parser struct { - prefix string - mapping map[Version]VersionedParseInfo - env envVars -} - -// NewParser returns a *Parser with the given environment prefix which handles -// versioned configurations which match the given parseInfos -func NewParser(prefix string, parseInfos []VersionedParseInfo) *Parser { - p := Parser{prefix: prefix, mapping: make(map[Version]VersionedParseInfo)} - - for _, parseInfo := range parseInfos { - p.mapping[parseInfo.Version] = parseInfo - } - - for _, env := range os.Environ() { - envParts := strings.SplitN(env, "=", 2) - p.env = append(p.env, envVar{envParts[0], envParts[1]}) - } - - // We must sort the environment variables lexically by name so that - // more specific variables are applied before less specific ones - // (i.e. REGISTRY_STORAGE before - // REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY). This sucks, but it's a - // lot simpler and easier to get right than unmarshalling map entries - // into temporaries and merging with the existing entry. - sort.Sort(p.env) - - return &p -} - -// Parse reads in the given []byte and environment and writes the resulting -// configuration into the input v -// -// Environment variables may be used to override configuration parameters other -// than version, following the scheme below: -// v.Abc may be replaced by the value of PREFIX_ABC, -// v.Abc.Xyz may be replaced by the value of PREFIX_ABC_XYZ, and so forth -func (p *Parser) Parse(in []byte, v interface{}) error { - var versionedStruct struct { - Version Version - } - - if err := yaml.Unmarshal(in, &versionedStruct); err != nil { - return err - } - - parseInfo, ok := p.mapping[versionedStruct.Version] - if !ok { - return fmt.Errorf("Unsupported version: %q", versionedStruct.Version) - } - - parseAs := reflect.New(parseInfo.ParseAs) - err := yaml.Unmarshal(in, parseAs.Interface()) - if err != nil { - return err - } - - for _, envVar := range p.env { - pathStr := envVar.name - if strings.HasPrefix(pathStr, strings.ToUpper(p.prefix)+"_") { - path := strings.Split(pathStr, "_") - - err = p.overwriteFields(parseAs, pathStr, path[1:], envVar.value) - if err != nil { - return err - } - } - } - - c, err := parseInfo.ConversionFunc(parseAs.Interface()) - if err != nil { - return err - } - reflect.ValueOf(v).Elem().Set(reflect.Indirect(reflect.ValueOf(c))) - return nil -} - -// overwriteFields replaces configuration values with alternate values specified -// through the environment. Precondition: an empty path slice must never be -// passed in. -func (p *Parser) overwriteFields(v reflect.Value, fullpath string, path []string, payload string) error { - for v.Kind() == reflect.Ptr { - if v.IsNil() { - panic("encountered nil pointer while handling environment variable " + fullpath) - } - v = reflect.Indirect(v) - } - switch v.Kind() { - case reflect.Struct: - return p.overwriteStruct(v, fullpath, path, payload) - case reflect.Map: - return p.overwriteMap(v, fullpath, path, payload) - case reflect.Interface: - if v.NumMethod() == 0 { - if !v.IsNil() { - return p.overwriteFields(v.Elem(), fullpath, path, payload) - } - // Interface was empty; create an implicit map - var template map[string]interface{} - wrappedV := reflect.MakeMap(reflect.TypeOf(template)) - v.Set(wrappedV) - return p.overwriteMap(wrappedV, fullpath, path, payload) - } - } - return nil -} - -func (p *Parser) overwriteStruct(v reflect.Value, fullpath string, path []string, payload string) error { - // Generate case-insensitive map of struct fields - byUpperCase := make(map[string]int) - for i := 0; i < v.NumField(); i++ { - sf := v.Type().Field(i) - upper := strings.ToUpper(sf.Name) - if _, present := byUpperCase[upper]; present { - panic(fmt.Sprintf("field name collision in configuration object: %s", sf.Name)) - } - byUpperCase[upper] = i - } - - fieldIndex, present := byUpperCase[path[0]] - if !present { - logrus.Warnf("Ignoring unrecognized environment variable %s", fullpath) - return nil - } - field := v.Field(fieldIndex) - sf := v.Type().Field(fieldIndex) - - if len(path) == 1 { - // Env var specifies this field directly - fieldVal := reflect.New(sf.Type) - err := yaml.Unmarshal([]byte(payload), fieldVal.Interface()) - if err != nil { - return err - } - field.Set(reflect.Indirect(fieldVal)) - return nil - } - - // If the field is nil, must create an object - switch sf.Type.Kind() { - case reflect.Map: - if field.IsNil() { - field.Set(reflect.MakeMap(sf.Type)) - } - case reflect.Ptr: - if field.IsNil() { - field.Set(reflect.New(sf.Type)) - } - } - - err := p.overwriteFields(field, fullpath, path[1:], payload) - if err != nil { - return err - } - - return nil -} - -func (p *Parser) overwriteMap(m reflect.Value, fullpath string, path []string, payload string) error { - if m.Type().Key().Kind() != reflect.String { - // non-string keys unsupported - logrus.Warnf("Ignoring environment variable %s involving map with non-string keys", fullpath) - return nil - } - - if len(path) > 1 { - // If a matching key exists, get its value and continue the - // overwriting process. - for _, k := range m.MapKeys() { - if strings.ToUpper(k.String()) == path[0] { - mapValue := m.MapIndex(k) - // If the existing value is nil, we want to - // recreate it instead of using this value. - if (mapValue.Kind() == reflect.Ptr || - mapValue.Kind() == reflect.Interface || - mapValue.Kind() == reflect.Map) && - mapValue.IsNil() { - break - } - return p.overwriteFields(mapValue, fullpath, path[1:], payload) - } - } - } - - // (Re)create this key - var mapValue reflect.Value - if m.Type().Elem().Kind() == reflect.Map { - mapValue = reflect.MakeMap(m.Type().Elem()) - } else { - mapValue = reflect.New(m.Type().Elem()) - } - if len(path) > 1 { - err := p.overwriteFields(mapValue, fullpath, path[1:], payload) - if err != nil { - return err - } - } else { - err := yaml.Unmarshal([]byte(payload), mapValue.Interface()) - if err != nil { - return err - } - } - - m.SetMapIndex(reflect.ValueOf(strings.ToLower(path[0])), reflect.Indirect(mapValue)) - - return nil -} diff --git a/vendor/github.com/docker/distribution/context/context.go b/vendor/github.com/docker/distribution/context/context.go deleted file mode 100644 index 23cbf5b5..00000000 --- a/vendor/github.com/docker/distribution/context/context.go +++ /dev/null @@ -1,85 +0,0 @@ -package context - -import ( - "sync" - - "github.com/docker/distribution/uuid" - "golang.org/x/net/context" -) - -// Context is a copy of Context from the golang.org/x/net/context package. -type Context interface { - context.Context -} - -// instanceContext is a context that provides only an instance id. It is -// provided as the main background context. -type instanceContext struct { - Context - id string // id of context, logged as "instance.id" - once sync.Once // once protect generation of the id -} - -func (ic *instanceContext) Value(key interface{}) interface{} { - if key == "instance.id" { - ic.once.Do(func() { - // We want to lazy initialize the UUID such that we don't - // call a random generator from the package initialization - // code. For various reasons random could not be available - // https://github.com/docker/distribution/issues/782 - ic.id = uuid.Generate().String() - }) - return ic.id - } - - return ic.Context.Value(key) -} - -var background = &instanceContext{ - Context: context.Background(), -} - -// Background returns a non-nil, empty Context. The background context -// provides a single key, "instance.id" that is globally unique to the -// process. -func Background() Context { - return background -} - -// WithValue returns a copy of parent in which the value associated with key is -// val. Use context Values only for request-scoped data that transits processes -// and APIs, not for passing optional parameters to functions. -func WithValue(parent Context, key, val interface{}) Context { - return context.WithValue(parent, key, val) -} - -// stringMapContext is a simple context implementation that checks a map for a -// key, falling back to a parent if not present. -type stringMapContext struct { - context.Context - m map[string]interface{} -} - -// WithValues returns a context that proxies lookups through a map. Only -// supports string keys. -func WithValues(ctx context.Context, m map[string]interface{}) context.Context { - mo := make(map[string]interface{}, len(m)) // make our own copy. - for k, v := range m { - mo[k] = v - } - - return stringMapContext{ - Context: ctx, - m: mo, - } -} - -func (smc stringMapContext) Value(key interface{}) interface{} { - if ks, ok := key.(string); ok { - if v, ok := smc.m[ks]; ok { - return v - } - } - - return smc.Context.Value(key) -} diff --git a/vendor/github.com/docker/distribution/context/doc.go b/vendor/github.com/docker/distribution/context/doc.go deleted file mode 100644 index 3b4ab888..00000000 --- a/vendor/github.com/docker/distribution/context/doc.go +++ /dev/null @@ -1,89 +0,0 @@ -// Package context provides several utilities for working with -// golang.org/x/net/context in http requests. Primarily, the focus is on -// logging relevant request information but this package is not limited to -// that purpose. -// -// The easiest way to get started is to get the background context: -// -// ctx := context.Background() -// -// The returned context should be passed around your application and be the -// root of all other context instances. If the application has a version, this -// line should be called before anything else: -// -// ctx := context.WithVersion(context.Background(), version) -// -// The above will store the version in the context and will be available to -// the logger. -// -// Logging -// -// The most useful aspect of this package is GetLogger. This function takes -// any context.Context interface and returns the current logger from the -// context. Canonical usage looks like this: -// -// GetLogger(ctx).Infof("something interesting happened") -// -// GetLogger also takes optional key arguments. The keys will be looked up in -// the context and reported with the logger. The following example would -// return a logger that prints the version with each log message: -// -// ctx := context.Context(context.Background(), "version", version) -// GetLogger(ctx, "version").Infof("this log message has a version field") -// -// The above would print out a log message like this: -// -// INFO[0000] this log message has a version field version=v2.0.0-alpha.2.m -// -// When used with WithLogger, we gain the ability to decorate the context with -// loggers that have information from disparate parts of the call stack. -// Following from the version example, we can build a new context with the -// configured logger such that we always print the version field: -// -// ctx = WithLogger(ctx, GetLogger(ctx, "version")) -// -// Since the logger has been pushed to the context, we can now get the version -// field for free with our log messages. Future calls to GetLogger on the new -// context will have the version field: -// -// GetLogger(ctx).Infof("this log message has a version field") -// -// This becomes more powerful when we start stacking loggers. Let's say we -// have the version logger from above but also want a request id. Using the -// context above, in our request scoped function, we place another logger in -// the context: -// -// ctx = context.WithValue(ctx, "http.request.id", "unique id") // called when building request context -// ctx = WithLogger(ctx, GetLogger(ctx, "http.request.id")) -// -// When GetLogger is called on the new context, "http.request.id" will be -// included as a logger field, along with the original "version" field: -// -// INFO[0000] this log message has a version field http.request.id=unique id version=v2.0.0-alpha.2.m -// -// Note that this only affects the new context, the previous context, with the -// version field, can be used independently. Put another way, the new logger, -// added to the request context, is unique to that context and can have -// request scoped varaibles. -// -// HTTP Requests -// -// This package also contains several methods for working with http requests. -// The concepts are very similar to those described above. We simply place the -// request in the context using WithRequest. This makes the request variables -// available. GetRequestLogger can then be called to get request specific -// variables in a log line: -// -// ctx = WithRequest(ctx, req) -// GetRequestLogger(ctx).Infof("request variables") -// -// Like above, if we want to include the request data in all log messages in -// the context, we push the logger to a new context and use that one: -// -// ctx = WithLogger(ctx, GetRequestLogger(ctx)) -// -// The concept is fairly powerful and ensures that calls throughout the stack -// can be traced in log messages. Using the fields like "http.request.id", one -// can analyze call flow for a particular request with a simple grep of the -// logs. -package context diff --git a/vendor/github.com/docker/distribution/context/http.go b/vendor/github.com/docker/distribution/context/http.go deleted file mode 100644 index 7fe9b8ab..00000000 --- a/vendor/github.com/docker/distribution/context/http.go +++ /dev/null @@ -1,366 +0,0 @@ -package context - -import ( - "errors" - "net" - "net/http" - "strings" - "sync" - "time" - - log "github.com/Sirupsen/logrus" - "github.com/docker/distribution/uuid" - "github.com/gorilla/mux" -) - -// Common errors used with this package. -var ( - ErrNoRequestContext = errors.New("no http request in context") - ErrNoResponseWriterContext = errors.New("no http response in context") -) - -func parseIP(ipStr string) net.IP { - ip := net.ParseIP(ipStr) - if ip == nil { - log.Warnf("invalid remote IP address: %q", ipStr) - } - return ip -} - -// RemoteAddr extracts the remote address of the request, taking into -// account proxy headers. -func RemoteAddr(r *http.Request) string { - if prior := r.Header.Get("X-Forwarded-For"); prior != "" { - proxies := strings.Split(prior, ",") - if len(proxies) > 0 { - remoteAddr := strings.Trim(proxies[0], " ") - if parseIP(remoteAddr) != nil { - return remoteAddr - } - } - } - // X-Real-Ip is less supported, but worth checking in the - // absence of X-Forwarded-For - if realIP := r.Header.Get("X-Real-Ip"); realIP != "" { - if parseIP(realIP) != nil { - return realIP - } - } - - return r.RemoteAddr -} - -// RemoteIP extracts the remote IP of the request, taking into -// account proxy headers. -func RemoteIP(r *http.Request) string { - addr := RemoteAddr(r) - - // Try parsing it as "IP:port" - if ip, _, err := net.SplitHostPort(addr); err == nil { - return ip - } - - return addr -} - -// WithRequest places the request on the context. The context of the request -// is assigned a unique id, available at "http.request.id". The request itself -// is available at "http.request". Other common attributes are available under -// the prefix "http.request.". If a request is already present on the context, -// this method will panic. -func WithRequest(ctx Context, r *http.Request) Context { - if ctx.Value("http.request") != nil { - // NOTE(stevvooe): This needs to be considered a programming error. It - // is unlikely that we'd want to have more than one request in - // context. - panic("only one request per context") - } - - return &httpRequestContext{ - Context: ctx, - startedAt: time.Now(), - id: uuid.Generate().String(), - r: r, - } -} - -// GetRequest returns the http request in the given context. Returns -// ErrNoRequestContext if the context does not have an http request associated -// with it. -func GetRequest(ctx Context) (*http.Request, error) { - if r, ok := ctx.Value("http.request").(*http.Request); r != nil && ok { - return r, nil - } - return nil, ErrNoRequestContext -} - -// GetRequestID attempts to resolve the current request id, if possible. An -// error is return if it is not available on the context. -func GetRequestID(ctx Context) string { - return GetStringValue(ctx, "http.request.id") -} - -// WithResponseWriter returns a new context and response writer that makes -// interesting response statistics available within the context. -func WithResponseWriter(ctx Context, w http.ResponseWriter) (Context, http.ResponseWriter) { - if closeNotifier, ok := w.(http.CloseNotifier); ok { - irwCN := &instrumentedResponseWriterCN{ - instrumentedResponseWriter: instrumentedResponseWriter{ - ResponseWriter: w, - Context: ctx, - }, - CloseNotifier: closeNotifier, - } - - return irwCN, irwCN - } - - irw := instrumentedResponseWriter{ - ResponseWriter: w, - Context: ctx, - } - return &irw, &irw -} - -// GetResponseWriter returns the http.ResponseWriter from the provided -// context. If not present, ErrNoResponseWriterContext is returned. The -// returned instance provides instrumentation in the context. -func GetResponseWriter(ctx Context) (http.ResponseWriter, error) { - v := ctx.Value("http.response") - - rw, ok := v.(http.ResponseWriter) - if !ok || rw == nil { - return nil, ErrNoResponseWriterContext - } - - return rw, nil -} - -// getVarsFromRequest let's us change request vars implementation for testing -// and maybe future changes. -var getVarsFromRequest = mux.Vars - -// WithVars extracts gorilla/mux vars and makes them available on the returned -// context. Variables are available at keys with the prefix "vars.". For -// example, if looking for the variable "name", it can be accessed as -// "vars.name". Implementations that are accessing values need not know that -// the underlying context is implemented with gorilla/mux vars. -func WithVars(ctx Context, r *http.Request) Context { - return &muxVarsContext{ - Context: ctx, - vars: getVarsFromRequest(r), - } -} - -// GetRequestLogger returns a logger that contains fields from the request in -// the current context. If the request is not available in the context, no -// fields will display. Request loggers can safely be pushed onto the context. -func GetRequestLogger(ctx Context) Logger { - return GetLogger(ctx, - "http.request.id", - "http.request.method", - "http.request.host", - "http.request.uri", - "http.request.referer", - "http.request.useragent", - "http.request.remoteaddr", - "http.request.contenttype") -} - -// GetResponseLogger reads the current response stats and builds a logger. -// Because the values are read at call time, pushing a logger returned from -// this function on the context will lead to missing or invalid data. Only -// call this at the end of a request, after the response has been written. -func GetResponseLogger(ctx Context) Logger { - l := getLogrusLogger(ctx, - "http.response.written", - "http.response.status", - "http.response.contenttype") - - duration := Since(ctx, "http.request.startedat") - - if duration > 0 { - l = l.WithField("http.response.duration", duration.String()) - } - - return l -} - -// httpRequestContext makes information about a request available to context. -type httpRequestContext struct { - Context - - startedAt time.Time - id string - r *http.Request -} - -// Value returns a keyed element of the request for use in the context. To get -// the request itself, query "request". For other components, access them as -// "request.". For example, r.RequestURI -func (ctx *httpRequestContext) Value(key interface{}) interface{} { - if keyStr, ok := key.(string); ok { - if keyStr == "http.request" { - return ctx.r - } - - if !strings.HasPrefix(keyStr, "http.request.") { - goto fallback - } - - parts := strings.Split(keyStr, ".") - - if len(parts) != 3 { - goto fallback - } - - switch parts[2] { - case "uri": - return ctx.r.RequestURI - case "remoteaddr": - return RemoteAddr(ctx.r) - case "method": - return ctx.r.Method - case "host": - return ctx.r.Host - case "referer": - referer := ctx.r.Referer() - if referer != "" { - return referer - } - case "useragent": - return ctx.r.UserAgent() - case "id": - return ctx.id - case "startedat": - return ctx.startedAt - case "contenttype": - ct := ctx.r.Header.Get("Content-Type") - if ct != "" { - return ct - } - } - } - -fallback: - return ctx.Context.Value(key) -} - -type muxVarsContext struct { - Context - vars map[string]string -} - -func (ctx *muxVarsContext) Value(key interface{}) interface{} { - if keyStr, ok := key.(string); ok { - if keyStr == "vars" { - return ctx.vars - } - - if strings.HasPrefix(keyStr, "vars.") { - keyStr = strings.TrimPrefix(keyStr, "vars.") - } - - if v, ok := ctx.vars[keyStr]; ok { - return v - } - } - - return ctx.Context.Value(key) -} - -// instrumentedResponseWriterCN provides response writer information in a -// context. It implements http.CloseNotifier so that users can detect -// early disconnects. -type instrumentedResponseWriterCN struct { - instrumentedResponseWriter - http.CloseNotifier -} - -// instrumentedResponseWriter provides response writer information in a -// context. This variant is only used in the case where CloseNotifier is not -// implemented by the parent ResponseWriter. -type instrumentedResponseWriter struct { - http.ResponseWriter - Context - - mu sync.Mutex - status int - written int64 -} - -func (irw *instrumentedResponseWriter) Write(p []byte) (n int, err error) { - n, err = irw.ResponseWriter.Write(p) - - irw.mu.Lock() - irw.written += int64(n) - - // Guess the likely status if not set. - if irw.status == 0 { - irw.status = http.StatusOK - } - - irw.mu.Unlock() - - return -} - -func (irw *instrumentedResponseWriter) WriteHeader(status int) { - irw.ResponseWriter.WriteHeader(status) - - irw.mu.Lock() - irw.status = status - irw.mu.Unlock() -} - -func (irw *instrumentedResponseWriter) Flush() { - if flusher, ok := irw.ResponseWriter.(http.Flusher); ok { - flusher.Flush() - } -} - -func (irw *instrumentedResponseWriter) Value(key interface{}) interface{} { - if keyStr, ok := key.(string); ok { - if keyStr == "http.response" { - return irw - } - - if !strings.HasPrefix(keyStr, "http.response.") { - goto fallback - } - - parts := strings.Split(keyStr, ".") - - if len(parts) != 3 { - goto fallback - } - - irw.mu.Lock() - defer irw.mu.Unlock() - - switch parts[2] { - case "written": - return irw.written - case "status": - return irw.status - case "contenttype": - contentType := irw.Header().Get("Content-Type") - if contentType != "" { - return contentType - } - } - } - -fallback: - return irw.Context.Value(key) -} - -func (irw *instrumentedResponseWriterCN) Value(key interface{}) interface{} { - if keyStr, ok := key.(string); ok { - if keyStr == "http.response" { - return irw - } - } - - return irw.instrumentedResponseWriter.Value(key) -} diff --git a/vendor/github.com/docker/distribution/context/http_test.go b/vendor/github.com/docker/distribution/context/http_test.go deleted file mode 100644 index 3d4b3c8e..00000000 --- a/vendor/github.com/docker/distribution/context/http_test.go +++ /dev/null @@ -1,285 +0,0 @@ -package context - -import ( - "net/http" - "net/http/httptest" - "net/http/httputil" - "net/url" - "reflect" - "testing" - "time" -) - -func TestWithRequest(t *testing.T) { - var req http.Request - - start := time.Now() - req.Method = "GET" - req.Host = "example.com" - req.RequestURI = "/test-test" - req.Header = make(http.Header) - req.Header.Set("Referer", "foo.com/referer") - req.Header.Set("User-Agent", "test/0.1") - - ctx := WithRequest(Background(), &req) - for _, testcase := range []struct { - key string - expected interface{} - }{ - { - key: "http.request", - expected: &req, - }, - { - key: "http.request.id", - }, - { - key: "http.request.method", - expected: req.Method, - }, - { - key: "http.request.host", - expected: req.Host, - }, - { - key: "http.request.uri", - expected: req.RequestURI, - }, - { - key: "http.request.referer", - expected: req.Referer(), - }, - { - key: "http.request.useragent", - expected: req.UserAgent(), - }, - { - key: "http.request.remoteaddr", - expected: req.RemoteAddr, - }, - { - key: "http.request.startedat", - }, - } { - v := ctx.Value(testcase.key) - - if v == nil { - t.Fatalf("value not found for %q", testcase.key) - } - - if testcase.expected != nil && v != testcase.expected { - t.Fatalf("%s: %v != %v", testcase.key, v, testcase.expected) - } - - // Key specific checks! - switch testcase.key { - case "http.request.id": - if _, ok := v.(string); !ok { - t.Fatalf("request id not a string: %v", v) - } - case "http.request.startedat": - vt, ok := v.(time.Time) - if !ok { - t.Fatalf("value not a time: %v", v) - } - - now := time.Now() - if vt.After(now) { - t.Fatalf("time generated too late: %v > %v", vt, now) - } - - if vt.Before(start) { - t.Fatalf("time generated too early: %v < %v", vt, start) - } - } - } -} - -type testResponseWriter struct { - flushed bool - status int - written int64 - header http.Header -} - -func (trw *testResponseWriter) Header() http.Header { - if trw.header == nil { - trw.header = make(http.Header) - } - - return trw.header -} - -func (trw *testResponseWriter) Write(p []byte) (n int, err error) { - if trw.status == 0 { - trw.status = http.StatusOK - } - - n = len(p) - trw.written += int64(n) - return -} - -func (trw *testResponseWriter) WriteHeader(status int) { - trw.status = status -} - -func (trw *testResponseWriter) Flush() { - trw.flushed = true -} - -func TestWithResponseWriter(t *testing.T) { - trw := testResponseWriter{} - ctx, rw := WithResponseWriter(Background(), &trw) - - if ctx.Value("http.response") != rw { - t.Fatalf("response not available in context: %v != %v", ctx.Value("http.response"), rw) - } - - grw, err := GetResponseWriter(ctx) - if err != nil { - t.Fatalf("error getting response writer: %v", err) - } - - if grw != rw { - t.Fatalf("unexpected response writer returned: %#v != %#v", grw, rw) - } - - if ctx.Value("http.response.status") != 0 { - t.Fatalf("response status should always be a number and should be zero here: %v != 0", ctx.Value("http.response.status")) - } - - if n, err := rw.Write(make([]byte, 1024)); err != nil { - t.Fatalf("unexpected error writing: %v", err) - } else if n != 1024 { - t.Fatalf("unexpected number of bytes written: %v != %v", n, 1024) - } - - if ctx.Value("http.response.status") != http.StatusOK { - t.Fatalf("unexpected response status in context: %v != %v", ctx.Value("http.response.status"), http.StatusOK) - } - - if ctx.Value("http.response.written") != int64(1024) { - t.Fatalf("unexpected number reported bytes written: %v != %v", ctx.Value("http.response.written"), 1024) - } - - // Make sure flush propagates - rw.(http.Flusher).Flush() - - if !trw.flushed { - t.Fatalf("response writer not flushed") - } - - // Write another status and make sure context is correct. This normally - // wouldn't work except for in this contrived testcase. - rw.WriteHeader(http.StatusBadRequest) - - if ctx.Value("http.response.status") != http.StatusBadRequest { - t.Fatalf("unexpected response status in context: %v != %v", ctx.Value("http.response.status"), http.StatusBadRequest) - } -} - -func TestWithVars(t *testing.T) { - var req http.Request - vars := map[string]string{ - "foo": "asdf", - "bar": "qwer", - } - - getVarsFromRequest = func(r *http.Request) map[string]string { - if r != &req { - t.Fatalf("unexpected request: %v != %v", r, req) - } - - return vars - } - - ctx := WithVars(Background(), &req) - for _, testcase := range []struct { - key string - expected interface{} - }{ - { - key: "vars", - expected: vars, - }, - { - key: "vars.foo", - expected: "asdf", - }, - { - key: "vars.bar", - expected: "qwer", - }, - } { - v := ctx.Value(testcase.key) - - if !reflect.DeepEqual(v, testcase.expected) { - t.Fatalf("%q: %v != %v", testcase.key, v, testcase.expected) - } - } -} - -// SingleHostReverseProxy will insert an X-Forwarded-For header, and can be used to test -// RemoteAddr(). A fake RemoteAddr cannot be set on the HTTP request - it is overwritten -// at the transport layer to 127.0.0.1: . However, as the X-Forwarded-For header -// just contains the IP address, it is different enough for testing. -func TestRemoteAddr(t *testing.T) { - var expectedRemote string - backend := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - defer r.Body.Close() - - if r.RemoteAddr == expectedRemote { - t.Errorf("Unexpected matching remote addresses") - } - - actualRemote := RemoteAddr(r) - if expectedRemote != actualRemote { - t.Errorf("Mismatching remote hosts: %v != %v", expectedRemote, actualRemote) - } - - w.WriteHeader(200) - })) - - defer backend.Close() - backendURL, err := url.Parse(backend.URL) - if err != nil { - t.Fatal(err) - } - - proxy := httputil.NewSingleHostReverseProxy(backendURL) - frontend := httptest.NewServer(proxy) - defer frontend.Close() - - // X-Forwarded-For set by proxy - expectedRemote = "127.0.0.1" - proxyReq, err := http.NewRequest("GET", frontend.URL, nil) - if err != nil { - t.Fatal(err) - } - - _, err = http.DefaultClient.Do(proxyReq) - if err != nil { - t.Fatal(err) - } - - // RemoteAddr in X-Real-Ip - getReq, err := http.NewRequest("GET", backend.URL, nil) - if err != nil { - t.Fatal(err) - } - - expectedRemote = "1.2.3.4" - getReq.Header["X-Real-ip"] = []string{expectedRemote} - _, err = http.DefaultClient.Do(getReq) - if err != nil { - t.Fatal(err) - } - - // Valid X-Real-Ip and invalid X-Forwarded-For - getReq.Header["X-forwarded-for"] = []string{"1.2.3"} - _, err = http.DefaultClient.Do(getReq) - if err != nil { - t.Fatal(err) - } -} diff --git a/vendor/github.com/docker/distribution/context/logger.go b/vendor/github.com/docker/distribution/context/logger.go deleted file mode 100644 index fbb6a051..00000000 --- a/vendor/github.com/docker/distribution/context/logger.go +++ /dev/null @@ -1,116 +0,0 @@ -package context - -import ( - "fmt" - - "github.com/Sirupsen/logrus" - "runtime" -) - -// Logger provides a leveled-logging interface. -type Logger interface { - // standard logger methods - Print(args ...interface{}) - Printf(format string, args ...interface{}) - Println(args ...interface{}) - - Fatal(args ...interface{}) - Fatalf(format string, args ...interface{}) - Fatalln(args ...interface{}) - - Panic(args ...interface{}) - Panicf(format string, args ...interface{}) - Panicln(args ...interface{}) - - // Leveled methods, from logrus - Debug(args ...interface{}) - Debugf(format string, args ...interface{}) - Debugln(args ...interface{}) - - Error(args ...interface{}) - Errorf(format string, args ...interface{}) - Errorln(args ...interface{}) - - Info(args ...interface{}) - Infof(format string, args ...interface{}) - Infoln(args ...interface{}) - - Warn(args ...interface{}) - Warnf(format string, args ...interface{}) - Warnln(args ...interface{}) -} - -// WithLogger creates a new context with provided logger. -func WithLogger(ctx Context, logger Logger) Context { - return WithValue(ctx, "logger", logger) -} - -// GetLoggerWithField returns a logger instance with the specified field key -// and value without affecting the context. Extra specified keys will be -// resolved from the context. -func GetLoggerWithField(ctx Context, key, value interface{}, keys ...interface{}) Logger { - return getLogrusLogger(ctx, keys...).WithField(fmt.Sprint(key), value) -} - -// GetLoggerWithFields returns a logger instance with the specified fields -// without affecting the context. Extra specified keys will be resolved from -// the context. -func GetLoggerWithFields(ctx Context, fields map[interface{}]interface{}, keys ...interface{}) Logger { - // must convert from interface{} -> interface{} to string -> interface{} for logrus. - lfields := make(logrus.Fields, len(fields)) - for key, value := range fields { - lfields[fmt.Sprint(key)] = value - } - - return getLogrusLogger(ctx, keys...).WithFields(lfields) -} - -// GetLogger returns the logger from the current context, if present. If one -// or more keys are provided, they will be resolved on the context and -// included in the logger. While context.Value takes an interface, any key -// argument passed to GetLogger will be passed to fmt.Sprint when expanded as -// a logging key field. If context keys are integer constants, for example, -// its recommended that a String method is implemented. -func GetLogger(ctx Context, keys ...interface{}) Logger { - return getLogrusLogger(ctx, keys...) -} - -// GetLogrusLogger returns the logrus logger for the context. If one more keys -// are provided, they will be resolved on the context and included in the -// logger. Only use this function if specific logrus functionality is -// required. -func getLogrusLogger(ctx Context, keys ...interface{}) *logrus.Entry { - var logger *logrus.Entry - - // Get a logger, if it is present. - loggerInterface := ctx.Value("logger") - if loggerInterface != nil { - if lgr, ok := loggerInterface.(*logrus.Entry); ok { - logger = lgr - } - } - - if logger == nil { - fields := logrus.Fields{} - - // Fill in the instance id, if we have it. - instanceID := ctx.Value("instance.id") - if instanceID != nil { - fields["instance.id"] = instanceID - } - - fields["go.version"] = runtime.Version() - // If no logger is found, just return the standard logger. - logger = logrus.StandardLogger().WithFields(fields) - } - - fields := logrus.Fields{} - for _, key := range keys { - v := ctx.Value(key) - if v != nil { - fields[fmt.Sprint(key)] = v - } - } - - return logger.WithFields(fields) -} diff --git a/vendor/github.com/docker/distribution/context/trace.go b/vendor/github.com/docker/distribution/context/trace.go deleted file mode 100644 index 721964a8..00000000 --- a/vendor/github.com/docker/distribution/context/trace.go +++ /dev/null @@ -1,104 +0,0 @@ -package context - -import ( - "runtime" - "time" - - "github.com/docker/distribution/uuid" -) - -// WithTrace allocates a traced timing span in a new context. This allows a -// caller to track the time between calling WithTrace and the returned done -// function. When the done function is called, a log message is emitted with a -// "trace.duration" field, corresponding to the elapsed time and a -// "trace.func" field, corresponding to the function that called WithTrace. -// -// The logging keys "trace.id" and "trace.parent.id" are provided to implement -// dapper-like tracing. This function should be complemented with a WithSpan -// method that could be used for tracing distributed RPC calls. -// -// The main benefit of this function is to post-process log messages or -// intercept them in a hook to provide timing data. Trace ids and parent ids -// can also be linked to provide call tracing, if so required. -// -// Here is an example of the usage: -// -// func timedOperation(ctx Context) { -// ctx, done := WithTrace(ctx) -// defer done("this will be the log message") -// // ... function body ... -// } -// -// If the function ran for roughly 1s, such a usage would emit a log message -// as follows: -// -// INFO[0001] this will be the log message trace.duration=1.004575763s trace.func=github.com/docker/distribution/context.traceOperation trace.id= ... -// -// Notice that the function name is automatically resolved, along with the -// package and a trace id is emitted that can be linked with parent ids. -func WithTrace(ctx Context) (Context, func(format string, a ...interface{})) { - if ctx == nil { - ctx = Background() - } - - pc, file, line, _ := runtime.Caller(1) - f := runtime.FuncForPC(pc) - ctx = &traced{ - Context: ctx, - id: uuid.Generate().String(), - start: time.Now(), - parent: GetStringValue(ctx, "trace.id"), - fnname: f.Name(), - file: file, - line: line, - } - - return ctx, func(format string, a ...interface{}) { - GetLogger(ctx, - "trace.duration", - "trace.id", - "trace.parent.id", - "trace.func", - "trace.file", - "trace.line"). - Debugf(format, a...) - } -} - -// traced represents a context that is traced for function call timing. It -// also provides fast lookup for the various attributes that are available on -// the trace. -type traced struct { - Context - id string - parent string - start time.Time - fnname string - file string - line int -} - -func (ts *traced) Value(key interface{}) interface{} { - switch key { - case "trace.start": - return ts.start - case "trace.duration": - return time.Since(ts.start) - case "trace.id": - return ts.id - case "trace.parent.id": - if ts.parent == "" { - return nil // must return nil to signal no parent. - } - - return ts.parent - case "trace.func": - return ts.fnname - case "trace.file": - return ts.file - case "trace.line": - return ts.line - } - - return ts.Context.Value(key) -} diff --git a/vendor/github.com/docker/distribution/context/trace_test.go b/vendor/github.com/docker/distribution/context/trace_test.go deleted file mode 100644 index 4b969fbb..00000000 --- a/vendor/github.com/docker/distribution/context/trace_test.go +++ /dev/null @@ -1,85 +0,0 @@ -package context - -import ( - "runtime" - "testing" - "time" -) - -// TestWithTrace ensures that tracing has the expected values in the context. -func TestWithTrace(t *testing.T) { - pc, file, _, _ := runtime.Caller(0) // get current caller. - f := runtime.FuncForPC(pc) - - base := []valueTestCase{ - { - key: "trace.id", - notnilorempty: true, - }, - - { - key: "trace.file", - expected: file, - notnilorempty: true, - }, - { - key: "trace.line", - notnilorempty: true, - }, - { - key: "trace.start", - notnilorempty: true, - }, - } - - ctx, done := WithTrace(Background()) - defer done("this will be emitted at end of test") - - checkContextForValues(t, ctx, append(base, valueTestCase{ - key: "trace.func", - expected: f.Name(), - })) - - traced := func() { - parentID := ctx.Value("trace.id") // ensure the parent trace id is correct. - - pc, _, _, _ := runtime.Caller(0) // get current caller. - f := runtime.FuncForPC(pc) - ctx, done := WithTrace(ctx) - defer done("this should be subordinate to the other trace") - time.Sleep(time.Second) - checkContextForValues(t, ctx, append(base, valueTestCase{ - key: "trace.func", - expected: f.Name(), - }, valueTestCase{ - key: "trace.parent.id", - expected: parentID, - })) - } - traced() - - time.Sleep(time.Second) -} - -type valueTestCase struct { - key string - expected interface{} - notnilorempty bool // just check not empty/not nil -} - -func checkContextForValues(t *testing.T, ctx Context, values []valueTestCase) { - - for _, testcase := range values { - v := ctx.Value(testcase.key) - if testcase.notnilorempty { - if v == nil || v == "" { - t.Fatalf("value was nil or empty for %q: %#v", testcase.key, v) - } - continue - } - - if v != testcase.expected { - t.Fatalf("unexpected value for key %q: %v != %v", testcase.key, v, testcase.expected) - } - } -} diff --git a/vendor/github.com/docker/distribution/context/util.go b/vendor/github.com/docker/distribution/context/util.go deleted file mode 100644 index cb9ef52e..00000000 --- a/vendor/github.com/docker/distribution/context/util.go +++ /dev/null @@ -1,24 +0,0 @@ -package context - -import ( - "time" -) - -// Since looks up key, which should be a time.Time, and returns the duration -// since that time. If the key is not found, the value returned will be zero. -// This is helpful when inferring metrics related to context execution times. -func Since(ctx Context, key interface{}) time.Duration { - if startedAt, ok := ctx.Value(key).(time.Time); ok { - return time.Since(startedAt) - } - return 0 -} - -// GetStringValue returns a string value from the context. The empty string -// will be returned if not found. -func GetStringValue(ctx Context, key interface{}) (value string) { - if valuev, ok := ctx.Value(key).(string); ok { - value = valuev - } - return value -} diff --git a/vendor/github.com/docker/distribution/context/version.go b/vendor/github.com/docker/distribution/context/version.go deleted file mode 100644 index 746cda02..00000000 --- a/vendor/github.com/docker/distribution/context/version.go +++ /dev/null @@ -1,16 +0,0 @@ -package context - -// WithVersion stores the application version in the context. The new context -// gets a logger to ensure log messages are marked with the application -// version. -func WithVersion(ctx Context, version string) Context { - ctx = WithValue(ctx, "version", version) - // push a new logger onto the stack - return WithLogger(ctx, GetLogger(ctx, "version")) -} - -// GetVersion returns the application version from the context. An empty -// string may returned if the version was not set on the context. -func GetVersion(ctx Context) string { - return GetStringValue(ctx, "version") -} diff --git a/vendor/github.com/docker/distribution/context/version_test.go b/vendor/github.com/docker/distribution/context/version_test.go deleted file mode 100644 index b8165269..00000000 --- a/vendor/github.com/docker/distribution/context/version_test.go +++ /dev/null @@ -1,19 +0,0 @@ -package context - -import "testing" - -func TestVersionContext(t *testing.T) { - ctx := Background() - - if GetVersion(ctx) != "" { - t.Fatalf("context should not yet have a version") - } - - expected := "2.1-whatever" - ctx = WithVersion(ctx, expected) - version := GetVersion(ctx) - - if version != expected { - t.Fatalf("version was not set: %q != %q", version, expected) - } -} diff --git a/vendor/github.com/docker/distribution/contrib/apache/README.MD b/vendor/github.com/docker/distribution/contrib/apache/README.MD deleted file mode 100644 index 29f6bae1..00000000 --- a/vendor/github.com/docker/distribution/contrib/apache/README.MD +++ /dev/null @@ -1,36 +0,0 @@ -# Apache HTTPd sample for Registry v1, v2 and mirror - -3 containers involved - -* Docker Registry v1 (registry 0.9.1) -* Docker Registry v2 (registry 2.0.0) -* Docker Registry v1 in mirror mode - -HTTP for mirror and HTTPS for v1 & v2 - -* http://registry.example.com proxify Docker Registry 1.0 in Mirror mode -* https://registry.example.com proxify Docker Registry 1.0 or 2.0 in Hosting mode - -## 3 Docker containers should be started - -* Docker Registry 1.0 in Mirror mode : port 5001 -* Docker Registry 1.0 in Hosting mode : port 5000 -* Docker Registry 2.0 in Hosting mode : port 5002 - -### Registry v1 - - docker run -d -e SETTINGS_FLAVOR=dev -v /var/lib/docker-registry/storage/hosting-v1:/tmp -p 5000:5000 registry:0.9.1" - -### Mirror - - docker run -d -e SETTINGS_FLAVOR=dev -e STANDALONE=false -e MIRROR_SOURCE=https://registry-1.docker.io -e MIRROR_SOURCE_INDEX=https://index.docker.io \ - -e MIRROR_TAGS_CACHE_TTL=172800 -v /var/lib/docker-registry/storage/mirror:/tmp -p 5001:5000 registry:0.9.1" - -### Registry v2 - - docker run -d -e SETTINGS_FLAVOR=dev -v /var/lib/axway/docker-registry/storage/hosting2-v2:/tmp -p 5002:5000 registry:2" - -# For Hosting mode access - -* users should have account (valid-user) to be able to fetch images -* only users using account docker-deployer will be allowed to push images diff --git a/vendor/github.com/docker/distribution/contrib/apache/apache.conf b/vendor/github.com/docker/distribution/contrib/apache/apache.conf deleted file mode 100644 index 3300a7c0..00000000 --- a/vendor/github.com/docker/distribution/contrib/apache/apache.conf +++ /dev/null @@ -1,127 +0,0 @@ -# -# Sample Apache 2.x configuration where : -# - - - - ServerName registry.example.com - ServerAlias www.registry.example.com - - ProxyRequests off - ProxyPreserveHost on - - # no proxy for /error/ (Apache HTTPd errors messages) - ProxyPass /error/ ! - - ProxyPass /_ping http://localhost:5001/_ping - ProxyPassReverse /_ping http://localhost:5001/_ping - - ProxyPass /v1 http://localhost:5001/v1 - ProxyPassReverse /v1 http://localhost:5001/v1 - - # Logs - ErrorLog ${APACHE_LOG_DIR}/mirror_error_log - CustomLog ${APACHE_LOG_DIR}/mirror_access_log combined env=!dontlog - - - - - - - ServerName registry.example.com - ServerAlias www.registry.example.com - - SSLEngine on - SSLCertificateFile /etc/apache2/ssl/registry.example.com.crt - SSLCertificateKeyFile /etc/apache2/ssl/registry.example.com.key - - # Higher Strength SSL Ciphers - SSLProtocol all -SSLv2 -SSLv3 -TLSv1 - SSLCipherSuite RC4-SHA:HIGH - SSLHonorCipherOrder on - - # Logs - ErrorLog ${APACHE_LOG_DIR}/registry_error_ssl_log - CustomLog ${APACHE_LOG_DIR}/registry_access_ssl_log combined env=!dontlog - - Header always set "Docker-Distribution-Api-Version" "registry/2.0" - Header onsuccess set "Docker-Distribution-Api-Version" "registry/2.0" - RequestHeader set X-Forwarded-Proto "https" - - ProxyRequests off - ProxyPreserveHost on - - # no proxy for /error/ (Apache HTTPd errors messages) - ProxyPass /error/ ! - - # - # Registry v1 - # - - ProxyPass /v1 http://localhost:5000/v1 - ProxyPassReverse /v1 http://localhost:5000/v1 - - ProxyPass /_ping http://localhost:5000/_ping - ProxyPassReverse /_ping http://localhost:5000/_ping - - # Authentication require for push - - Order deny,allow - Allow from all - AuthName "Registry Authentication" - AuthType basic - AuthUserFile "/etc/apache2/htpasswd/registry-htpasswd" - - # Read access to authentified users - - Require valid-user - - - # Write access to docker-deployer account only - - Require user docker-deployer - - - - - # Allow ping to run unauthenticated. - - Satisfy any - Allow from all - - - # Allow ping to run unauthenticated. - - Satisfy any - Allow from all - - - # - # Registry v2 - # - - ProxyPass /v2 http://localhost:5002/v2 - ProxyPassReverse /v2 http://localhost:5002/v2 - - - Order deny,allow - Allow from all - AuthName "Registry Authentication" - AuthType basic - AuthUserFile "/etc/apache2/htpasswd/registry-htpasswd" - - # Read access to authentified users - - Require valid-user - - - # Write access to docker-deployer only - - Require user docker-deployer - - - - - - - diff --git a/vendor/github.com/docker/distribution/contrib/compose/README.md b/vendor/github.com/docker/distribution/contrib/compose/README.md deleted file mode 100644 index a9522fd2..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/README.md +++ /dev/null @@ -1,147 +0,0 @@ -# Docker Compose V1 + V2 registry - -This compose configuration configures a `v1` and `v2` registry behind an `nginx` -proxy. By default, you can access the combined registry at `localhost:5000`. - -The configuration does not support pushing images to `v2` and pulling from `v1`. -If a `docker` client has a version less than 1.6, Nginx will route its requests -to the 1.0 registry. Requests from newer clients will route to the 2.0 registry. - -### Install Docker Compose - -1. Open a new terminal on the host with your `distribution` source. - -2. Get the `docker-compose` binary. - - $ sudo wget https://github.com/docker/compose/releases/download/1.1.0/docker-compose-`uname -s`-`uname -m` -O /usr/local/bin/docker-compose - - This command installs the binary in the `/usr/local/bin` directory. - -3. Add executable permissions to the binary. - - $ sudo chmod +x /usr/local/bin/docker-compose - -## Build and run with Compose - -1. In your terminal, navigate to the `distribution/contrib/compose` directory - - This directory includes a single `docker-compose.yml` configuration. - - nginx: - build: "nginx" - ports: - - "5000:5000" - links: - - registryv1:registryv1 - - registryv2:registryv2 - registryv1: - image: registry - ports: - - "5000" - registryv2: - build: "../../" - ports: - - "5000" - - This configuration builds a new `nginx` image as specified by the - `nginx/Dockerfile` file. The 1.0 registry comes from Docker's official - public image. Finally, the registry 2.0 image is built from the - `distribution/Dockerfile` you've used previously. - -2. Get a registry 1.0 image. - - $ docker pull registry:0.9.1 - - The Compose configuration looks for this image locally. If you don't do this - step, later steps can fail. - -3. Build `nginx`, the registry 2.0 image, and - - $ docker-compose build - registryv1 uses an image, skipping - Building registryv2... - Step 0 : FROM golang:1.4 - - ... - - Removing intermediate container 9f5f5068c3f3 - Step 4 : COPY docker-registry-v2.conf /etc/nginx/docker-registry-v2.conf - ---> 74acc70fa106 - Removing intermediate container edb84c2b40cb - Successfully built 74acc70fa106 - - The commmand outputs its progress until it completes. - -4. Start your configuration with compose. - - $ docker-compose up - Recreating compose_registryv1_1... - Recreating compose_registryv2_1... - Recreating compose_nginx_1... - Attaching to compose_registryv1_1, compose_registryv2_1, compose_nginx_1 - ... - - -5. In another terminal, display the running configuration. - - $ docker ps - CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES - a81ad2557702 compose_nginx:latest "nginx -g 'daemon of 8 minutes ago Up 8 minutes 80/tcp, 443/tcp, 0.0.0.0:5000->5000/tcp compose_nginx_1 - 0618437450dd compose_registryv2:latest "registry cmd/regist 8 minutes ago Up 8 minutes 0.0.0.0:32777->5000/tcp compose_registryv2_1 - aa82b1ed8e61 registry:latest "docker-registry" 8 minutes ago Up 8 minutes 0.0.0.0:32776->5000/tcp compose_registryv1_1 - -### Explore a bit - -1. Check for TLS on your `nginx` server. - - $ curl -v https://localhost:5000 - * Rebuilt URL to: https://localhost:5000/ - * Hostname was NOT found in DNS cache - * Trying 127.0.0.1... - * Connected to localhost (127.0.0.1) port 5000 (#0) - * successfully set certificate verify locations: - * CAfile: none - CApath: /etc/ssl/certs - * SSLv3, TLS handshake, Client hello (1): - * SSLv3, TLS handshake, Server hello (2): - * SSLv3, TLS handshake, CERT (11): - * SSLv3, TLS alert, Server hello (2): - * SSL certificate problem: self signed certificate - * Closing connection 0 - curl: (60) SSL certificate problem: self signed certificate - More details here: http://curl.haxx.se/docs/sslcerts.html - -2. Tag the `v1` registry image. - - $ docker tag registry:latest localhost:5000/registry_one:latest - -2. Push it to the localhost. - - $ docker push localhost:5000/registry_one:latest - - If you are using the 1.6 Docker client, this pushes the image the `v2 `registry. - -4. Use `curl` to list the image in the registry. - - $ curl -v -X GET http://localhost:32777/v2/registry1/tags/list - * Hostname was NOT found in DNS cache - * Trying 127.0.0.1... - * Connected to localhost (127.0.0.1) port 32777 (#0) - > GET /v2/registry1/tags/list HTTP/1.1 - > User-Agent: curl/7.36.0 - > Host: localhost:32777 - > Accept: */* - > - < HTTP/1.1 200 OK - < Content-Type: application/json; charset=utf-8 - < Docker-Distribution-Api-Version: registry/2.0 - < Date: Tue, 14 Apr 2015 22:34:13 GMT - < Content-Length: 39 - < - {"name":"registry1","tags":["latest"]} - * Connection #0 to host localhost left intact - - This example refers to the specific port assigned to the 2.0 registry. You saw - this port earlier, when you used `docker ps` to show your running containers. - - diff --git a/vendor/github.com/docker/distribution/contrib/compose/docker-compose.yml b/vendor/github.com/docker/distribution/contrib/compose/docker-compose.yml deleted file mode 100644 index 5cd04858..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/docker-compose.yml +++ /dev/null @@ -1,15 +0,0 @@ -nginx: - build: "nginx" - ports: - - "5000:5000" - links: - - registryv1:registryv1 - - registryv2:registryv2 -registryv1: - image: registry - ports: - - "5000" -registryv2: - build: "../../" - ports: - - "5000" diff --git a/vendor/github.com/docker/distribution/contrib/compose/nginx/Dockerfile b/vendor/github.com/docker/distribution/contrib/compose/nginx/Dockerfile deleted file mode 100644 index 2b252ec7..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/nginx/Dockerfile +++ /dev/null @@ -1,6 +0,0 @@ -FROM nginx:1.7 - -COPY nginx.conf /etc/nginx/nginx.conf -COPY registry.conf /etc/nginx/conf.d/registry.conf -COPY docker-registry.conf /etc/nginx/docker-registry.conf -COPY docker-registry-v2.conf /etc/nginx/docker-registry-v2.conf diff --git a/vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry-v2.conf b/vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry-v2.conf deleted file mode 100644 index 65c4d776..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry-v2.conf +++ /dev/null @@ -1,6 +0,0 @@ -proxy_pass http://docker-registry-v2; -proxy_set_header Host $http_host; # required for docker client's sake -proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_read_timeout 900; diff --git a/vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry.conf b/vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry.conf deleted file mode 100644 index 7b039a54..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/nginx/docker-registry.conf +++ /dev/null @@ -1,7 +0,0 @@ -proxy_pass http://docker-registry; -proxy_set_header Host $http_host; # required for docker client's sake -proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_set_header Authorization ""; # For basic auth through nginx in v1 to work, please comment this line -proxy_read_timeout 900; diff --git a/vendor/github.com/docker/distribution/contrib/compose/nginx/nginx.conf b/vendor/github.com/docker/distribution/contrib/compose/nginx/nginx.conf deleted file mode 100644 index 63cd180d..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/nginx/nginx.conf +++ /dev/null @@ -1,27 +0,0 @@ -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - - keepalive_timeout 65; - - include /etc/nginx/conf.d/*.conf; -} - diff --git a/vendor/github.com/docker/distribution/contrib/compose/nginx/registry.conf b/vendor/github.com/docker/distribution/contrib/compose/nginx/registry.conf deleted file mode 100644 index 47ffd237..00000000 --- a/vendor/github.com/docker/distribution/contrib/compose/nginx/registry.conf +++ /dev/null @@ -1,41 +0,0 @@ -# Docker registry proxy for api versions 1 and 2 - -upstream docker-registry { - server registryv1:5000; -} - -upstream docker-registry-v2 { - server registryv2:5000; -} - -# No client auth or TLS -server { - listen 5000; - server_name localhost; - - # disable any limits to avoid HTTP 413 for large image uploads - client_max_body_size 0; - - # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486) - chunked_transfer_encoding on; - - location /v2/ { - # Do not allow connections from docker 1.5 and earlier - # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents - if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) { - return 404; - } - - # To add basic authentication to v2 use auth_basic setting plus add_header - # auth_basic "registry.localhost"; - # auth_basic_user_file test.password; - # add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always; - - include docker-registry-v2.conf; - } - - location / { - include docker-registry.conf; - } -} - diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/Dockerfile b/vendor/github.com/docker/distribution/contrib/docker-integration/Dockerfile deleted file mode 100644 index 7a047a68..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/Dockerfile +++ /dev/null @@ -1,9 +0,0 @@ -FROM distribution/golem:0.1 - -MAINTAINER Docker Distribution Team - -RUN apk add --no-cache git - -ENV TMPDIR /var/lib/docker/tmp - -WORKDIR /go/src/github.com/docker/distribution/contrib/docker-integration diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/README.md b/vendor/github.com/docker/distribution/contrib/docker-integration/README.md deleted file mode 100644 index bc5be9d9..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/README.md +++ /dev/null @@ -1,63 +0,0 @@ -# Docker Registry Integration Testing - -These integration tests cover interactions between registry clients such as -the docker daemon and the registry server. All tests can be run using the -[golem integration test runner](https://github.com/docker/golem) - -The integration tests configure components using docker compose -(see docker-compose.yaml) and the runner can be using the golem -configuration file (see golem.conf). - -## Running integration tests - -### Run using multiversion script - -The integration tests in the `contrib/docker-integration` directory can be simply -run by executing the run script `./run_multiversion.sh`. If there is no running -daemon to connect to, run as `./run_multiversion.sh -d`. - -This command will build the distribution image from the locally checked out -version and run against multiple versions of docker defined in the script. To -run a specific version of the registry or docker, Golem will need to be -executed manually. - -### Run manually using Golem - -Using the golem tool directly allows running against multiple versions of -the registry and docker. Running against multiple versions of the registry -can be useful for testing changes in the docker daemon which are not -covered by the default run script. - -#### Installing Golem - -Golem is distributed as an executable binary which can be installed from -the [release page](https://github.com/docker/golem/releases/tag/v0.1). - -#### Running golem with docker - -Additionally golem can be run as a docker image requiring no additonal -installation. - -`docker run --privileged -v "$GOPATH/src/github.com/docker/distribution/contrib/docker-integration:/test" -w /test distribution/golem golem -rundaemon .` - -#### Golem custom images - -Golem tests version of software by defining the docker image to test. - -Run with registry 2.2.1 and docker 1.10.3 - -`golem -i golem-dind:latest,docker:1.10.3-dind,1.10.3 -i golem-distribution:latest,registry:2.2.1 .` - - -#### Use golem caching for developing tests - -Golem allows caching image configuration to reduce test start up time. -Using this cache will allow tests with the same set of images to start -up quickly. This can be useful when developing tests and needing the -test to run quickly. If there are changes which effect the image (such as -building a new registry image), then startup time will be slower. - -Run this command multiple times and after the first time test runs -should start much quicker. -`golem -cache ~/.cache/docker/golem -i golem-dind:latest,docker:1.10.3-dind,1.10.3 -i golem-distribution:latest,registry:2.2.1 .` - diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/docker-compose.yml b/vendor/github.com/docker/distribution/contrib/docker-integration/docker-compose.yml deleted file mode 100644 index 4d4f3856..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/docker-compose.yml +++ /dev/null @@ -1,91 +0,0 @@ -nginx: - build: "nginx" - ports: - - "5000:5000" - - "5002:5002" - - "5440:5440" - - "5441:5441" - - "5442:5442" - - "5443:5443" - - "5444:5444" - - "5445:5445" - - "5446:5446" - - "5447:5447" - - "5448:5448" - - "5554:5554" - - "5555:5555" - - "5556:5556" - - "5557:5557" - - "5558:5558" - - "5559:5559" - - "5600:5600" - - "6666:6666" - links: - - registryv2:registryv2 - - malevolent:malevolent - - registryv2token:registryv2token - - tokenserver:tokenserver - - registryv2tokenoauth:registryv2tokenoauth - - registryv2tokenoauthnotls:registryv2tokenoauthnotls - - tokenserveroauth:tokenserveroauth -registryv2: - image: golem-distribution:latest - ports: - - "5000" -registryv2token: - image: golem-distribution:latest - ports: - - "5000" - volumes: - - ./tokenserver/registry-config.yml:/etc/docker/registry/config.yml - - ./tokenserver/certs/localregistry.cert:/etc/docker/registry/localregistry.cert - - ./tokenserver/certs/localregistry.key:/etc/docker/registry/localregistry.key - - ./tokenserver/certs/signing.cert:/etc/docker/registry/tokenbundle.pem -tokenserver: - build: "tokenserver" - command: "--debug -addr 0.0.0.0:5556 -issuer registry-test -passwd .htpasswd -tlscert tls.cert -tlskey tls.key -key sign.key -realm http://auth.localregistry:5556" - ports: - - "5556" -registryv2tokenoauth: - image: golem-distribution:latest - ports: - - "5000" - volumes: - - ./tokenserver-oauth/registry-config.yml:/etc/docker/registry/config.yml - - ./tokenserver-oauth/certs/localregistry.cert:/etc/docker/registry/localregistry.cert - - ./tokenserver-oauth/certs/localregistry.key:/etc/docker/registry/localregistry.key - - ./tokenserver-oauth/certs/signing.cert:/etc/docker/registry/tokenbundle.pem -registryv2tokenoauthnotls: - image: golem-distribution:latest - ports: - - "5000" - volumes: - - ./tokenserver-oauth/registry-config-notls.yml:/etc/docker/registry/config.yml - - ./tokenserver-oauth/certs/signing.cert:/etc/docker/registry/tokenbundle.pem -tokenserveroauth: - build: "tokenserver-oauth" - command: "--debug -addr 0.0.0.0:5559 -issuer registry-test -passwd .htpasswd -tlscert tls.cert -tlskey tls.key -key sign.key -realm http://auth.localregistry:5559" - ports: - - "5559" -malevolent: - image: "dmcgowan/malevolent:0.1.0" - command: "-l 0.0.0.0:6666 -r http://registryv2:5000 -c /certs/localregistry.cert -k /certs/localregistry.key" - links: - - registryv2:registryv2 - volumes: - - ./malevolent-certs:/certs:ro - ports: - - "6666" -docker: - image: golem-dind:latest - container_name: dockerdaemon - command: "docker daemon --debug -s $DOCKER_GRAPHDRIVER" - privileged: true - environment: - DOCKER_GRAPHDRIVER: - volumes: - - /etc/generated_certs.d:/etc/docker/certs.d - - /var/lib/docker - links: - - nginx:localregistry - - nginx:auth.localregistry diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/golem.conf b/vendor/github.com/docker/distribution/contrib/docker-integration/golem.conf deleted file mode 100644 index 99c8d600..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/golem.conf +++ /dev/null @@ -1,18 +0,0 @@ -[[suite]] - dind=true - images=[ "nginx:1.9", "dmcgowan/token-server:simple", "dmcgowan/token-server:oauth", "dmcgowan/malevolent:0.1.0" ] - - [[suite.pretest]] - command="sh ./install_certs.sh /etc/generated_certs.d" - [[suite.testrunner]] - command="bats -t ." - format="tap" - env=["TEST_REPO=hello-world", "TEST_TAG=latest", "TEST_USER=testuser", "TEST_PASSWORD=passpassword", "TEST_REGISTRY=localregistry", "TEST_SKIP_PULL=true"] - [[suite.customimage]] - tag="golem-distribution:latest" - default="registry:2.2.1" - [[suite.customimage]] - tag="golem-dind:latest" - default="docker:1.10.1-dind" - version="1.10.1" - diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/helpers.bash b/vendor/github.com/docker/distribution/contrib/docker-integration/helpers.bash deleted file mode 100644 index e1813d3e..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/helpers.bash +++ /dev/null @@ -1,101 +0,0 @@ -# has_digest enforces the last output line is "Digest: sha256:..." -# the input is the output from a docker push cli command -function has_digest() { - filtered=$(echo "$1" |sed -rn '/[dD]igest\: sha(256|384|512)/ p') - [ "$filtered" != "" ] - # See http://wiki.alpinelinux.org/wiki/Regex#BREs before making changes to regex - digest=$(expr "$filtered" : ".*\(sha[0-9]\{3,3\}:[a-z0-9]*\)") -} - -# tempImage creates a new image using the provided name -# requires bats -function tempImage() { - dir=$(mktemp -d) - run dd if=/dev/urandom of="$dir/f" bs=1024 count=512 - cat < "$dir/Dockerfile" -FROM scratch -COPY f /f - -CMD [] -DockerFileContent - - cp_t $dir "/tmpbuild/" - exec_t "cd /tmpbuild/; docker build --no-cache -t $1 .; rm -rf /tmpbuild/" -} - -# skip basic auth tests with Docker 1.6, where they don't pass due to -# certificate issues, requires bats -function basic_auth_version_check() { - run sh -c 'docker version | fgrep -q "Client version: 1.6."' - if [ "$status" -eq 0 ]; then - skip "Basic auth tests don't support 1.6.x" - fi -} - -# login issues a login to docker to the provided server -# uses user, password, and email variables set outside of function -# requies bats -function login() { - rm -f /root/.docker/config.json - run docker_t login -u $user -p $password -e $email $1 - if [ "$status" -ne 0 ]; then - echo $output - fi - [ "$status" -eq 0 ] - # First line is WARNING about credential save or email deprecation (maybe both) - [ "${lines[2]}" = "Login Succeeded" -o "${lines[1]}" = "Login Succeeded" ] -} - -function login_oauth() { - login $@ - - tmpFile=$(mktemp) - get_file_t /root/.docker/config.json $tmpFile - run awk -v RS="" "/\"$1\": \\{[[:space:]]+\"auth\": \"[[:alnum:]]+\",[[:space:]]+\"identitytoken\"/ {exit 3}" $tmpFile - [ "$status" -eq 3 ] -} - -function parse_version() { - version=$(echo "$1" | cut -d '-' -f1) # Strip anything after '-' - major=$(echo "$version" | cut -d . -f1) - minor=$(echo "$version" | cut -d . -f2) - rev=$(echo "$version" | cut -d . -f3) - - version=$((major * 1000 * 1000 + minor * 1000 + rev)) -} - -function version_check() { - name=$1 - checkv=$2 - minv=$3 - parse_version "$checkv" - v=$version - parse_version "$minv" - if [ "$v" -lt "$version" ]; then - skip "$name version \"$checkv\" does not meet required version \"$minv\"" - fi -} - -function get_file_t() { - docker cp dockerdaemon:$1 $2 -} - -function cp_t() { - docker cp $1 dockerdaemon:$2 -} - -function exec_t() { - docker exec dockerdaemon sh -c "$@" -} - -function docker_t() { - docker exec dockerdaemon docker $@ -} - -# build reates a new docker image id from another image -function build() { - docker exec -i dockerdaemon docker build --no-cache -t $1 - <> $2/ca.crt -} - -install_test_certs $installdir - -# Malevolent server -install_ca_file ./malevolent-certs/ca.pem $installdir/$hostname:6666 - -# Token server -install_ca_file ./tokenserver/certs/ca.pem $installdir/$hostname:5554 -install_ca_file ./tokenserver/certs/ca.pem $installdir/$hostname:5555 -install_ca_file ./tokenserver/certs/ca.pem $installdir/$hostname:5557 -install_ca_file ./tokenserver/certs/ca.pem $installdir/$hostname:5558 -append_ca_file ./tokenserver/certs/ca.pem $installdir/$hostname:5600 - diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.cert deleted file mode 100644 index 071e7a2b..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDETCCAfugAwIBAgIQZRKt7OeG+TlC2riszYwQQTALBgkqhkiG9w0BAQswJjER -MA8GA1UEChMIUXVpY2tUTFMxETAPBgNVBAMTCFF1aWNrVExTMB4XDTE1MDgyMDIz -MjE0OVoXDTE4MDgwNDIzMjE0OVowKzERMA8GA1UEChMIUXVpY2tUTFMxFjAUBgNV -BAMTDWxvY2FscmVnaXN0cnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDPdsUBStNMz4coXfQVIJIafG85VkngM4fV7hrg7AbiGLCWvq8cWOrYM50G9Wmo -twK1WeQ6bigYOjINgSfTxcy3adciVZIIJyXqboz6n2V0yRPWpakof939bvuAurAP -tSqQ2V5fGN0ZZn4J4IbXMSovKwo7sG3X6i4q/8DYHZ/mKjvCRMPC3MGWqunknpkm -dzyKbIFHaDKlAqIOwTsDhHvGzm/9n3D+h4sl5ZPBobuBEV2u5GR0H5ujak4+Kczt -thCWtRkzCfnjW0TEanheSYJGu8OgCGoFjQnHotgqvOO6iHZCsrB3gf8WQeou+y9e -+OyLZv3FmqdC9SXr3b0LGQTFAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIAoDAMBgNV -HRMBAf8EAjAAMBgGA1UdEQQRMA+CDWxvY2FscmVnaXN0cnkwCwYJKoZIhvcNAQEL -A4IBAQC/PP2Y9QVhO8t4BXML1QpNRWqXG8Gg0P1XIh6M6FoxcGIodLdbzui828YB -wm9ZlyKars+nDdgLdQWawdV7hSd6s2NeQlHYQSGLsdTAVkgIxiD7D2Tw3kAZ6Zrj -dPikoVAc+rBMm/BXQLzy95IAbBVOHOpBkOOgF+TYxeLnOc3GzbUqBi1Pq97DMaxr -DaDuywH55P/6v7qt610UIsZ6+RZ78iiRx4Q+oRxEqGT0rXI76gVxOFabbJuFr1n1 -kEWa3u/BssJzX3KVAm7oUtaBnj2SH5fokFmvZ5lBXA4QO/5doOa8yZiFFvvQs7EY -SWDxLrvS33UCtsCcpPggjehnxKaC ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.key b/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.key deleted file mode 100644 index c5bf7ac1..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent-certs/localregistry.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpQIBAAKCAQEAz3bFAUrTTM+HKF30FSCSGnxvOVZJ4DOH1e4a4OwG4hiwlr6v -HFjq2DOdBvVpqLcCtVnkOm4oGDoyDYEn08XMt2nXIlWSCCcl6m6M+p9ldMkT1qWp -KH/d/W77gLqwD7UqkNleXxjdGWZ+CeCG1zEqLysKO7Bt1+ouKv/A2B2f5io7wkTD -wtzBlqrp5J6ZJnc8imyBR2gypQKiDsE7A4R7xs5v/Z9w/oeLJeWTwaG7gRFdruRk -dB+bo2pOPinM7bYQlrUZMwn541tExGp4XkmCRrvDoAhqBY0Jx6LYKrzjuoh2QrKw -d4H/FkHqLvsvXvjsi2b9xZqnQvUl6929CxkExQIDAQABAoIBAQCZjCUI7NFwwxQc -m1UAogeglMJZJHUu+9SoUD8Sg34grvdbyqueBm1iMOkiclaOKU1W3b4eRNNmAwRy -nEnW4km+4hX48m5PnHHijYnIIFsd0YjeT+Pf9qtdXFvGjeWq6oIjjM3dAnD50LKu -KsCB2oCHQoqjXNQfftJGvt2C1oI2/WvdOR4prnGXElVfASswX4PkP5LCfLhIx+Fr -7ErfaRIKigLSaAWLKaw3IlL12Q/KkuGcnzYIzIRwY4VJ64ENN6M3+KknfGovQItL -sCxceSe61THDP9AAI3Mequm8z3H0CImOWhJCge5l7ttLLMXZXqGxDCVx+3zvqlCa -X0cgGSVBAoGBAOvTN3oJJx1vnh1mRj8+hqzFq1bjm4T/Wp314QWLeo++43II4uMM -5hxUlO5ViY1sKxQrGwK+9c9ddxAvm5OAFFkzgW9EhDCu0tXUb2/vAJQ93SgqbcRu -coXWJpk0eNW/ouk2s1X8dzs+sCs3a4H64fEEj8yhwoyovjfucspsn7t1AoGBAOE2 -ayLKx7CcWCiD/VGNvP7714MDst2isyq8reg8LEMmAaXR2IWWj5eGwKrImTQCsrjW -P37aBp1lcWuuYRKl/WEGBy6JLNdATyUoYc1Yo+8YdenekkOtOHHJerlK3OKi3ZVp -q4HJY9wzKg/wYLcbTmjjzKj+OBIZWwig73XUHwoRAoGBAJnuIrYbp1aFdvXFvnCl -xY6c8DwlEWx8qY+V4S2XX4bYmOnkdwSxdLplU1lGqCSRyIS/pj/imdyjK4Z7LNfY -sG+RORmB5a9JTgGZSqwLm5snzmXbXA7t8P7/S+6Q25baIeKMe/7SbplTT/bFk/0h -371MtvhhVfYuZwtnL7KFuLXJAoGBAMQ3UHKYsBC8tsZd8Pf8AL07mFHKiC04Etfa -Wb5rpri+RVM+mGITgnmnavehHHHHJAWMjPetZ3P8rSv/Ww4PVsoQoXM3Cr1jh1E9 -dLCfWPz4l8syIscaBYKF4wnLItXGxj3mOgoy93EjlrMaYHlILjGOv4JBM4L5WmoT -JW7IaF6xAoGAZ4K8MwU/cAah8VinMmLGxvWWuBSgTTebuY5zN603MvFLKv5necuc -BZfTTxD+gOnxRT6QAh++tOsbBmsgR9HmTSlQSSgw1L7cwGyXzLCDYw+5K/03KXSU -DaFdgtfcDDJO8WtjOgjyTRzEAOsqFta1ige4pIu5fTilNVMQlhts5Iw= ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent.bats b/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent.bats deleted file mode 100644 index 0112ff6f..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/malevolent.bats +++ /dev/null @@ -1,192 +0,0 @@ -#!/usr/bin/env bats - -# This tests various expected error scenarios when pulling bad content - -load helpers - -host="localregistry:6666" -base="malevolent-test" - -function setup() { - tempImage $base:latest -} - -@test "Test malevolent proxy pass through" { - docker_t tag -f $base:latest $host/$base/nochange:latest - run docker_t push $host/$base/nochange:latest - echo $output - [ "$status" -eq 0 ] - has_digest "$output" - - run docker_t pull $host/$base/nochange:latest - echo "$output" - [ "$status" -eq 0 ] -} - -@test "Test malevolent image name change" { - imagename="$host/$base/rename" - image="$imagename:lastest" - docker_t tag -f $base:latest $image - run docker_t push $image - [ "$status" -eq 0 ] - has_digest "$output" - - # Pull attempt should fail to verify manifest digest - run docker_t pull "$imagename@$digest" - echo "$output" - [ "$status" -ne 0 ] -} - -@test "Test malevolent altered layer" { - image="$host/$base/addfile:latest" - tempImage $image - run docker_t push $image - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - # Remove image to ensure layer is pulled and digest verified - docker_t rmi -f $image - - run docker_t pull $image - echo "$output" - [ "$status" -ne 0 ] -} - -@test "Test malevolent altered layer (by digest)" { - imagename="$host/$base/addfile" - image="$imagename:latest" - tempImage $image - run docker_t push $image - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - # Remove image to ensure layer is pulled and digest verified - docker_t rmi -f $image - - run docker_t pull "$imagename@$digest" - echo "$output" - [ "$status" -ne 0 ] -} - -@test "Test malevolent poisoned images" { - truncid="777cf9284131" - poison="${truncid}d77ca0863fb7f054c0a276d7e227b5e9a5d62b497979a481fa32" - image1="$host/$base/image1/poison:$poison" - tempImage $image1 - run docker_t push $image1 - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - image2="$host/$base/image2/poison:$poison" - tempImage $image2 - run docker_t push $image2 - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - - # Remove image to ensure layer is pulled and digest verified - docker_t rmi -f $image1 - docker_t rmi -f $image2 - - run docker_t pull $image1 - echo "$output" - [ "$status" -eq 0 ] - run docker_t pull $image2 - echo "$output" - [ "$status" -eq 0 ] - - # Test if there are multiple images - run docker_t images - echo "$output" - [ "$status" -eq 0 ] - - # Test images have same ID and not the poison - id1=$(docker_t inspect --format="{{.Id}}" $image1) - id2=$(docker_t inspect --format="{{.Id}}" $image2) - - # Remove old images - docker_t rmi -f $image1 - docker_t rmi -f $image2 - - [ "$id1" != "$id2" ] - - [ "$id1" != "$truncid" ] - - [ "$id2" != "$truncid" ] -} - -@test "Test malevolent altered identical images" { - truncid1="777cf9284131" - poison1="${truncid1}d77ca0863fb7f054c0a276d7e227b5e9a5d62b497979a481fa32" - truncid2="888cf9284131" - poison2="${truncid2}d77ca0863fb7f054c0a276d7e227b5e9a5d62b497979a481fa64" - - image1="$host/$base/image1/alteredid:$poison1" - tempImage $image1 - run docker_t push $image1 - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - image2="$host/$base/image2/alteredid:$poison2" - docker_t tag -f $image1 $image2 - run docker_t push $image2 - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - - # Remove image to ensure layer is pulled and digest verified - docker_t rmi -f $image1 - docker_t rmi -f $image2 - - run docker_t pull $image1 - echo "$output" - [ "$status" -eq 0 ] - run docker_t pull $image2 - echo "$output" - [ "$status" -eq 0 ] - - # Test if there are multiple images - run docker_t images - echo "$output" - [ "$status" -eq 0 ] - - # Test images have same ID and not the poison - id1=$(docker_t inspect --format="{{.Id}}" $image1) - id2=$(docker_t inspect --format="{{.Id}}" $image2) - - # Remove old images - docker_t rmi -f $image1 - docker_t rmi -f $image2 - - [ "$id1" == "$id2" ] - - [ "$id1" != "$truncid1" ] - - [ "$id2" != "$truncid2" ] -} - -@test "Test malevolent resumeable pull" { - version_check docker "$GOLEM_DIND_VERSION" "1.11.0" - version_check registry "$GOLEM_DISTRIBUTION_VERSION" "2.3.0" - - imagename="$host/$base/resumeable" - image="$imagename:latest" - tempImage $image - run docker_t push $image - echo "$output" - [ "$status" -eq 0 ] - has_digest "$output" - - # Remove image to ensure layer is pulled and digest verified - docker_t rmi -f $image - - run docker_t pull "$imagename@$digest" - echo "$output" - [ "$status" -eq 0 ] -} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/Dockerfile b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/Dockerfile deleted file mode 100644 index 17f999d2..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/Dockerfile +++ /dev/null @@ -1,10 +0,0 @@ -FROM nginx:1.9 - -COPY nginx.conf /etc/nginx/nginx.conf -COPY registry.conf /etc/nginx/conf.d/registry.conf -COPY docker-registry-v2.conf /etc/nginx/docker-registry-v2.conf -COPY registry-noauth.conf /etc/nginx/registry-noauth.conf -COPY registry-basic.conf /etc/nginx/registry-basic.conf -COPY test.passwd /etc/nginx/test.passwd -COPY ssl /etc/nginx/ssl -COPY v1 /var/www/html/v1 diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/docker-registry-v2.conf b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/docker-registry-v2.conf deleted file mode 100644 index 65c4d776..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/docker-registry-v2.conf +++ /dev/null @@ -1,6 +0,0 @@ -proxy_pass http://docker-registry-v2; -proxy_set_header Host $http_host; # required for docker client's sake -proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP -proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; -proxy_set_header X-Forwarded-Proto $scheme; -proxy_read_timeout 900; diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/nginx.conf b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/nginx.conf deleted file mode 100644 index 543eab69..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/nginx.conf +++ /dev/null @@ -1,61 +0,0 @@ -user nginx; -worker_processes 1; - -error_log /var/log/nginx/error.log warn; -pid /var/run/nginx.pid; - -events { - worker_connections 1024; -} - -http { - include /etc/nginx/mime.types; - default_type application/octet-stream; - - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - - keepalive_timeout 65; - - include /etc/nginx/conf.d/*.conf; -} - -# Setup TCP proxies -stream { - # Malevolent proxy - server { - listen 6666; - proxy_pass malevolent:6666; - } - - # Registry configured for token server - server { - listen 5554; - listen 5555; - proxy_pass registryv2token:5000; - } - - # Token server - server { - listen 5556; - proxy_pass tokenserver:5556; - } - - # Registry configured for token server with oauth - server { - listen 5557; - listen 5558; - proxy_pass registryv2tokenoauth:5000; - } - - # Token server with oauth - server { - listen 5559; - proxy_pass tokenserveroauth:5559; - } -} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-basic.conf b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-basic.conf deleted file mode 100644 index 117ea584..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-basic.conf +++ /dev/null @@ -1,8 +0,0 @@ -client_max_body_size 0; -chunked_transfer_encoding on; -location /v2/ { - auth_basic "registry.localhost"; - auth_basic_user_file test.passwd; - add_header 'Docker-Distribution-Api-Version' 'registry/2.0' always; - include docker-registry-v2.conf; -} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-noauth.conf b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-noauth.conf deleted file mode 100644 index 6e182d44..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry-noauth.conf +++ /dev/null @@ -1,5 +0,0 @@ -client_max_body_size 0; -chunked_transfer_encoding on; -location /v2/ { - include docker-registry-v2.conf; -} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry.conf b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry.conf deleted file mode 100644 index e693d569..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/registry.conf +++ /dev/null @@ -1,260 +0,0 @@ -# Docker registry proxy for api version 2 - -upstream docker-registry-v2 { - server registryv2:5000; -} - -# No client auth or TLS -server { - listen 5000; - server_name localhost; - - # disable any limits to avoid HTTP 413 for large image uploads - client_max_body_size 0; - - # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486) - chunked_transfer_encoding on; - - location /v2/ { - # Do not allow connections from docker 1.5 and earlier - # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents - if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) { - return 404; - } - - include docker-registry-v2.conf; - } -} - -# No client auth or TLS (V2 Only) -server { - listen 5002; - server_name localhost; - - # disable any limits to avoid HTTP 413 for large image uploads - client_max_body_size 0; - - # required to avoid HTTP 411: see Issue #1486 (https://github.com/docker/docker/issues/1486) - chunked_transfer_encoding on; - - location / { - include docker-registry-v2.conf; - } -} - -# TLS Configuration chart -# Username/Password: testuser/passpassword -# | ca | client | basic | notes -# 5440 | yes | no | no | Tests CA certificate -# 5441 | yes | no | yes | Tests basic auth over TLS -# 5442 | yes | yes | no | Tests client auth with client CA -# 5443 | yes | yes | no | Tests client auth without client CA -# 5444 | yes | yes | yes | Tests using basic auth + tls auth -# 5445 | no | no | no | Tests insecure using TLS -# 5446 | no | no | yes | Tests sending credentials to server with insecure TLS -# 5447 | no | yes | no | Tests client auth to insecure -# 5448 | yes | no | no | Bad SSL version - -server { - listen 5440; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localhost-key.pem; - include registry-noauth.conf; -} - -server { - listen 5441; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localhost-key.pem; - include registry-basic.conf; -} - -server { - listen 5442; - listen 5443; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localhost-key.pem; - ssl_client_certificate /etc/nginx/ssl/registry-ca+ca.pem; - ssl_verify_client on; - include registry-noauth.conf; -} - -server { - listen 5444; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localhost-key.pem; - ssl_client_certificate /etc/nginx/ssl/registry-ca+ca.pem; - ssl_verify_client on; - include registry-basic.conf; -} - -server { - listen 5445; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-noca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-noca+localhost-key.pem; - include registry-noauth.conf; -} - -server { - listen 5446; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-noca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-noca+localhost-key.pem; - include registry-basic.conf; -} - -server { - listen 5447; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-noca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-noca+localhost-key.pem; - ssl_client_certificate /etc/nginx/ssl/registry-ca+ca.pem; - ssl_verify_client on; - include registry-noauth.conf; -} - -server { - listen 5448; - server_name localhost; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localhost-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localhost-key.pem; - ssl_protocols SSLv3; - include registry-noauth.conf; -} - -# Add configuration for localregistry server_name -# Requires configuring /etc/hosts to use -# Set /etc/hosts entry to external IP, not 127.0.0.1 for testing -# Docker secure/insecure registry features -server { - listen 5440; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localregistry-key.pem; - include registry-noauth.conf; -} - -server { - listen 5441; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localregistry-key.pem; - include registry-basic.conf; -} - -server { - listen 5442; - listen 5443; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localregistry-key.pem; - ssl_client_certificate /etc/nginx/ssl/registry-ca+ca.pem; - ssl_verify_client on; - include registry-noauth.conf; -} - -server { - listen 5444; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localregistry-key.pem; - ssl_client_certificate /etc/nginx/ssl/registry-ca+ca.pem; - ssl_verify_client on; - include registry-basic.conf; -} - -server { - listen 5445; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-noca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-noca+localregistry-key.pem; - include registry-noauth.conf; -} - -server { - listen 5446; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-noca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-noca+localregistry-key.pem; - include registry-basic.conf; -} - -server { - listen 5447; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-noca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-noca+localregistry-key.pem; - ssl_client_certificate /etc/nginx/ssl/registry-ca+ca.pem; - ssl_verify_client on; - include registry-noauth.conf; -} - -server { - listen 5448; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localregistry-key.pem; - ssl_protocols SSLv3; - include registry-noauth.conf; -} - - -# V1 search test -# Registry configured with token auth and no tls -# TLS termination done by nginx, search results -# served by nginx - -upstream docker-registry-v2-oauth { - server registryv2tokenoauthnotls:5000; -} - -server { - listen 5600; - server_name localregistry; - ssl on; - ssl_certificate /etc/nginx/ssl/registry-ca+localregistry-cert.pem; - ssl_certificate_key /etc/nginx/ssl/registry-ca+localregistry-key.pem; - - root /var/www/html; - - client_max_body_size 0; - chunked_transfer_encoding on; - location /v2/ { - proxy_buffering off; - proxy_pass http://docker-registry-v2-oauth; - proxy_set_header Host $http_host; # required for docker client's sake - proxy_set_header X-Real-IP $remote_addr; # pass on real client's IP - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_read_timeout 900; - } - - location /v1/search { - if ($http_authorization !~ "Bearer [a-zA-Z0-9\._-]+") { - return 401; - } - try_files /v1/search.json =404; - add_header Content-Type application/json; - } -} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/test.passwd b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/test.passwd deleted file mode 100644 index 4e55de81..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/test.passwd +++ /dev/null @@ -1 +0,0 @@ -testuser:$apr1$YmLhHjm6$AjP4z8J1WgcUNxU8J4ue5. diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/v1/search.json b/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/v1/search.json deleted file mode 100644 index 3da8f1ad..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/nginx/v1/search.json +++ /dev/null @@ -1 +0,0 @@ -{"num_pages":1,"num_results":2,"page":1,"page_size": 25,"query":"testsearch","results":[{"description":"","is_automated":false,"is_official":false,"is_trusted":false, "name":"dmcgowan/testsearch-1","star_count":1000},{"description":"Some automated build","is_automated":true,"is_official":false,"is_trusted":false,"name":"dmcgowan/testsearch-2","star_count":10}]} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/run_multiversion.sh b/vendor/github.com/docker/distribution/contrib/docker-integration/run_multiversion.sh deleted file mode 100755 index b673d311..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/run_multiversion.sh +++ /dev/null @@ -1,64 +0,0 @@ -#!/usr/bin/env bash - -# Run the integration tests with multiple versions of the Docker engine - -set -e -set -x - -DIR=$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd) - - -if [ "$TMPDIR" != "" ] && [ ! -d "$TMPDIR" ]; then - mkdir -p $TMPDIR -fi - -cachedir=`mktemp -t -d golem-cache.XXXXXX` -trap "rm -rf $cachedir" EXIT - -if [ "$1" == "-d" ]; then - # Drivers to use for Docker engines the tests are going to create. - STORAGE_DRIVER=${STORAGE_DRIVER:-overlay} - - docker daemon --log-level=panic --storage-driver="$STORAGE_DRIVER" & - DOCKER_PID=$! - - # Wait for it to become reachable. - tries=10 - until docker version &> /dev/null; do - (( tries-- )) - if [ $tries -le 0 ]; then - echo >&2 "error: daemon failed to start" - exit 1 - fi - sleep 1 - done - - trap "kill $DOCKER_PID" EXIT -fi - -distimage=$(docker build -q $DIR/../..) -fullversion=$(git describe --match 'v[0-9]*' --dirty='.m' --always) -distversion=${fullversion:1} - -echo "Testing image $distimage with distribution version $distversion" - -# Pull needed images before invoking golem to get pull time -# These images are defined in golem.conf -time docker pull nginx:1.9 -time docker pull golang:1.6 -time docker pull registry:0.9.1 -time docker pull dmcgowan/token-server:simple -time docker pull dmcgowan/token-server:oauth -time docker pull distribution/golem-runner:0.1-bats - -time docker pull docker:1.9.1-dind -time docker pull docker:1.10.3-dind -time docker pull docker:1.11.1-dind - -golem -cache $cachedir \ - -i "golem-distribution:latest,$distimage,$distversion" \ - -i "golem-dind:latest,docker:1.9.1-dind,1.9.1" \ - -i "golem-dind:latest,docker:1.10.3-dind,1.10.3" \ - -i "golem-dind:latest,docker:1.11.1-dind,1.11.1" \ - $DIR - diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tls.bats b/vendor/github.com/docker/distribution/contrib/docker-integration/tls.bats deleted file mode 100644 index 46f85e39..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tls.bats +++ /dev/null @@ -1,109 +0,0 @@ -#!/usr/bin/env bats - -# Registry host name, should be set to non-localhost address and match -# DNS name in nginx/ssl certificates and what is installed in /etc/docker/cert.d - -load helpers - -hostname="localregistry" -base="hello-world" -image="${base}:latest" - -# Login information, should match values in nginx/test.passwd -user=${TEST_USER:-"testuser"} -password=${TEST_PASSWORD:-"passpassword"} -email="distribution@docker.com" - -function setup() { - tempImage $image -} - -@test "Test valid certificates" { - docker_t tag -f $image $hostname:5440/$image - run docker_t push $hostname:5440/$image - [ "$status" -eq 0 ] - has_digest "$output" -} - -@test "Test basic auth" { - basic_auth_version_check - login $hostname:5441 - docker_t tag -f $image $hostname:5441/$image - run docker_t push $hostname:5441/$image - [ "$status" -eq 0 ] - has_digest "$output" -} - -@test "Test basic auth with build" { - basic_auth_version_check - login $hostname:5441 - - image1=$hostname:5441/$image-build - image2=$hostname:5441/$image-build-2 - - tempImage $image1 - - run docker_t push $image1 - [ "$status" -eq 0 ] - has_digest "$output" - - docker_t rmi $image1 - - run build $image2 $image1 - echo $output - [ "$status" -eq 0 ] - - run docker_t push $image2 - echo $output - [ "$status" -eq 0 ] - has_digest "$output" -} - -@test "Test TLS client auth" { - docker_t tag -f $image $hostname:5442/$image - run docker_t push $hostname:5442/$image - [ "$status" -eq 0 ] - has_digest "$output" -} - -@test "Test TLS client with invalid certificate authority fails" { - docker_t tag -f $image $hostname:5443/$image - run docker_t push $hostname:5443/$image - [ "$status" -ne 0 ] -} - -@test "Test basic auth with TLS client auth" { - basic_auth_version_check - login $hostname:5444 - docker_t tag -f $image $hostname:5444/$image - run docker_t push $hostname:5444/$image - [ "$status" -eq 0 ] - has_digest "$output" -} - -@test "Test unknown certificate authority fails" { - docker_t tag -f $image $hostname:5445/$image - run docker_t push $hostname:5445/$image - [ "$status" -ne 0 ] -} - -@test "Test basic auth with unknown certificate authority fails" { - run login $hostname:5446 - [ "$status" -ne 0 ] - docker_t tag -f $image $hostname:5446/$image - run docker_t push $hostname:5446/$image - [ "$status" -ne 0 ] -} - -@test "Test TLS client auth to server with unknown certificate authority fails" { - docker_t tag -f $image $hostname:5447/$image - run docker_t push $hostname:5447/$image - [ "$status" -ne 0 ] -} - -@test "Test failure to connect to server fails to fallback to SSLv3" { - docker_t tag -f $image $hostname:5448/$image - run docker_t push $hostname:5448/$image - [ "$status" -ne 0 ] -} - diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/token.bats b/vendor/github.com/docker/distribution/contrib/docker-integration/token.bats deleted file mode 100644 index 256885a2..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/token.bats +++ /dev/null @@ -1,135 +0,0 @@ -#!/usr/bin/env bats - -# This tests contacting a registry using a token server - -load helpers - -user="testuser" -password="testpassword" -email="a@nowhere.com" -base="hello-world" - -@test "Test token server login" { - run docker_t login -u $user -p $password -e $email localregistry:5554 - echo $output - [ "$status" -eq 0 ] - - # First line is WARNING about credential save or email deprecation - [ "${lines[2]}" = "Login Succeeded" -o "${lines[1]}" = "Login Succeeded" ] -} - -@test "Test token server bad login" { - run docker_t login -u "testuser" -p "badpassword" -e $email localregistry:5554 - [ "$status" -ne 0 ] - - run docker_t login -u "baduser" -p "testpassword" -e $email localregistry:5554 - [ "$status" -ne 0 ] -} - -@test "Test push and pull with token auth" { - login localregistry:5555 - image="localregistry:5555/testuser/token" - build $image "$base:latest" - - run docker_t push $image - echo $output - [ "$status" -eq 0 ] - - docker_t rmi $image - - docker_t pull $image -} - -@test "Test push and pull with token auth wrong namespace" { - login localregistry:5555 - image="localregistry:5555/notuser/token" - build $image "$base:latest" - - run docker_t push $image - [ "$status" -ne 0 ] -} - -@test "Test oauth token server login" { - version_check docker "$GOLEM_DIND_VERSION" "1.11.0" - - login_oauth localregistry:5557 -} - -@test "Test oauth token server bad login" { - version_check docker "$GOLEM_DIND_VERSION" "1.11.0" - - run docker_t login -u "testuser" -p "badpassword" -e $email localregistry:5557 - [ "$status" -ne 0 ] - - run docker_t login -u "baduser" -p "testpassword" -e $email localregistry:5557 - [ "$status" -ne 0 ] -} - -@test "Test oauth push and pull with token auth" { - version_check docker "$GOLEM_DIND_VERSION" "1.11.0" - - login_oauth localregistry:5558 - image="localregistry:5558/testuser/token" - build $image "$base:latest" - - run docker_t push $image - echo $output - [ "$status" -eq 0 ] - - docker_t rmi $image - - docker_t pull $image -} - -@test "Test oauth push and build with token auth" { - version_check docker "$GOLEM_DIND_VERSION" "1.11.0" - - login_oauth localregistry:5558 - image="localregistry:5558/testuser/token-build" - tempImage $image - - run docker_t push $image - echo $output - [ "$status" -eq 0 ] - has_digest "$output" - - docker_t rmi $image - - image2="localregistry:5558/testuser/token-build-2" - run build $image2 $image - echo $output - [ "$status" -eq 0 ] - - run docker_t push $image2 - echo $output - [ "$status" -eq 0 ] - has_digest "$output" - -} - -@test "Test oauth push and pull with token auth wrong namespace" { - version_check docker "$GOLEM_DIND_VERSION" "1.11.0" - - login_oauth localregistry:5558 - image="localregistry:5558/notuser/token" - build $image "$base:latest" - - run docker_t push $image - [ "$status" -ne 0 ] -} - -@test "Test oauth with v1 search" { - version_check docker "$GOLEM_DIND_VERSION" "1.12.0" - - run docker_t search localregistry:5600/testsearch - [ "$status" -ne 0 ] - - login_oauth localregistry:5600 - - run docker_t search localregistry:5600/testsearch - echo $output - [ "$status" -eq 0 ] - - echo $output | grep "testsearch-1" - echo $output | grep "testsearch-2" -} diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/.htpasswd b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/.htpasswd deleted file mode 100644 index 0bbf5740..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/.htpasswd +++ /dev/null @@ -1 +0,0 @@ -testuser:$2y$05$T2MlBvkN1R/yICNnLuf1leOlOfAY0DvybctbbWUFKlojfkShVgn4m diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/Dockerfile b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/Dockerfile deleted file mode 100644 index d8c7b5cc..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM dmcgowan/token-server:oauth - -WORKDIR / - -COPY ./.htpasswd /.htpasswd -COPY ./certs/auth.localregistry.cert /tls.cert -COPY ./certs/auth.localregistry.key /tls.key -COPY ./certs/signing.key /sign.key diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.cert deleted file mode 100644 index 4144ca16..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDHDCCAgagAwIBAgIRAKhhQMnqZx+hkOmoUYgPb+kwCwYJKoZIhvcNAQELMCYx -ETAPBgNVBAoTCFF1aWNrVExTMREwDwYDVQQDEwhRdWlja1RMUzAeFw0xNjAxMjgw -MDQyMzFaFw0xOTAxMTIwMDQyMzFaMDAxETAPBgNVBAoTCFF1aWNrVExTMRswGQYD -VQQDExJhdXRoLmxvY2FscmVnaXN0cnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQD1tUf1EghBlIRrE83yF4zDgRu7vH2Jo0kygKJUWtQQe+DfXyjjE/fg -FdKnnoEjsIeF9hxNbTt0ldDz7/n97pbMhoiXULi9iq4jlgSzVL2XEAgrON0YSY/c -Lmmd1KSa/pOUZr2WMAYPZ+FdQfE1W7SMNbErPefBqYdFzpZ+esAtvbajYwIjl8Vy -9c4bidx4vgnNrR9GcFYibjC5sj8syh/OtbzzqiVGT8YcPpmMG6KNRkausa4gqpon -NKYG8C3WDaiPCLYKcvFrFfdEWF/m2oj14eXACXT9iwp8r4bsLgXrZwqcpKOWfVRu -qHC8aV476EYgxWCAOANExUdUaRt5wL/jAgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIA -oDAMBgNVHRMBAf8EAjAAMB0GA1UdEQQWMBSCEmF1dGgubG9jYWxyZWdpc3RyeTAL -BgkqhkiG9w0BAQsDggEBABxPGK9FdGDxcLowNsExKnnZvmQT3H0u+Dux1gkp0AhH -KOrmx3LUENUKLSgotzx133tgOgR5lzAWVFy7bhLwlPhOslxf2oEfztsAMd/tY8rW -PrG2ZqYqlzEQQ9INbAc3woo5A3slN07uhP3F16jNqoMM4zRmw6Ba70CluGKT7x5+ -xVjKoWITLjWDXT5m35PnsN8CpBaFzXYcod/5p9XwCFp0s+aNxfpZECCV/3yqIr+J -ALzroPh43FAlG96o4NyYZ2Msp63newN19R2+TgpV4nXuw2mLVDpvetP7RRqnpvj/ -qwRgt5j4hFjJWb61M0ELL7A9fA71h1ImdGCvnArdBQs= ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.key b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.key deleted file mode 100644 index 4c499bb2..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/auth.localregistry.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA9bVH9RIIQZSEaxPN8heMw4Ebu7x9iaNJMoCiVFrUEHvg318o -4xP34BXSp56BI7CHhfYcTW07dJXQ8+/5/e6WzIaIl1C4vYquI5YEs1S9lxAIKzjd -GEmP3C5pndSkmv6TlGa9ljAGD2fhXUHxNVu0jDWxKz3nwamHRc6WfnrALb22o2MC -I5fFcvXOG4nceL4Jza0fRnBWIm4wubI/LMofzrW886olRk/GHD6ZjBuijUZGrrGu -IKqaJzSmBvAt1g2ojwi2CnLxaxX3RFhf5tqI9eHlwAl0/YsKfK+G7C4F62cKnKSj -ln1UbqhwvGleO+hGIMVggDgDRMVHVGkbecC/4wIDAQABAoIBAQCrsjXKRwOF8CZo -PLqZBWPT6hBbK+f9miC4LbNBhwbRTf9hl7mWlImOCTHe95/+NIk/Ty+P21jEqzwM -ehETJPoziX9BXaL6sEHnlBlMx1aEjStoKKA3LJBeqAAdzk4IEQVHmlO4824IreqJ -pF7Njnunzo0zTlr4tWJVoXsAfv5z9tNtdkxYBbIa0fjfGtlqXU3gLq58FCON3mB/ -NGc0AyA1UFGp0FzpdEcwTGD4InsXbcmsl2l/VPBJuZbryITRqWs6BbK++80DRhNt -afMhP+IzKrWSCp0rBYrqqz6AevtlKdEfQK1yXPEjN/63QLMevt8mF/1JCp//TQnf -Z6bIQbAhAoGBAP7vFA0PcvoXt9MXvvAwrKY1s6pNw4nWPG27qY1/m+DkBwP8IQms -4AWGv1wscZzXJYTvaLO5/qjmGUj50ohcVEvyZJioh1pKXA8Chxvd6rBA/O/Lj5E0 -3MOSA5Q0gxJ0Mhv0zGbbyN5fY8D8zhxoqQP4LoW+UdZG2Oi6JxsQ9c9dAoGBAPa8 -U3bGuM5OGA9EWP7mkB/VnjDTL1aEIN3cOHbHIKwH/loxdYcNMBE7vwxV1CzgIzXT -wsL0iE15fQdK938u0+um8aH5QtbWNI8tdk1XVjEC/i3C7N6WVUutneCKUDb4QxiB -9OvWCbNNiN+xTKBBM93YlwO3GYfrW9Pmm9q1+hg/AoGBALJlUS22gun50PxaIJZq -KVcCO2DQnCYHki/j48mN4+HjD/m85M2lePrFCYIR48syTyIQer9SR5+frVAA6k/b -9G1VCQo+3MDVSkiCp1Nb3tBKGfYgB65ARMBinDiI6rPuNeaUTrkn0g+yxtaU0hLV -Nnj9omia/x+oYj+xjI4HN0xNAoGARy92dSJIV104m88ATip/EnAzP6ruUWu1f8z1 -jW9OAdQckjEK03f+kjpGmGx61qekAPejjVO3r4KJi/0ZAtyjz61OsYiUvB748wYO -x6mW+HUAmHtQk7eTzE2+6vV8xx9BXGTCIPiTu+N2xfMFRIcLS8odZ7j/6LMCv1Qd -SzCNg0kCgYBaNlEs4pK1VxZZpEWwVmFpgIxfEfxLIaGrek6wBTcCn/VA2M0oHuez -mlMio8VY0yWPBJz30JflDiTmYIvteLPMHT0N0J6isiXLhzJSFI4+cAMLE2Q5v8rz -W+W5/L8YZeierW0qJat1BrgStaf5ZLpiOc9pKBSwycydPH5BfVdK/A== ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.cert deleted file mode 100644 index 105acc4f..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDETCCAfugAwIBAgIQN7rT95eAy75c4n6/AsDJODALBgkqhkiG9w0BAQswJjER -MA8GA1UEChMIUXVpY2tUTFMxETAPBgNVBAMTCFF1aWNrVExTMB4XDTE2MDEyODAw -NDIzMloXDTE5MDExMjAwNDIzMlowKzERMA8GA1UEChMIUXVpY2tUTFMxFjAUBgNV -BAMTDWxvY2FscmVnaXN0cnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDLi75QEkl/qekcoOJlNv9y1IXvrbU2ssl4ViJiZRjWx+/CkyCCOyf9YUpAgRLr -Pskqde2mwhuNP8yBlOBb17Sapz7N3+hJi5j9vLBAFcamPeF3PqxjFv7j5TKkRmSI -dFYQclREwMUd3qEH322KkqOnsEEfdmCgFqWORe+QR5AxzxQP3Pnd4OYH1yZCh0MQ -P2pJgrxxf2I5I/m1AUgoHV1cdBbCv9LGohJPpMtwPC0dJpgMFcnf6hT37At236AY -V437HiRruY7iPWkYFrSPWpwdslJ32MZvRN5RS163jZXjiZ7qWnQOiiDJfXe4evB/ -yQLN4m0qVQxsMz7rkY7OsqaXAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIAoDAMBgNV -HRMBAf8EAjAAMBgGA1UdEQQRMA+CDWxvY2FscmVnaXN0cnkwCwYJKoZIhvcNAQEL -A4IBAQAyUb3EuMaOylBeV8+4KeBiE4lxykDOwLLSk3jXRsVVtfJpX3v8l5vwo/Jf -iG8tzzz+7uiskI96u3TsekUtVkUxujfKevMP+369K/59s7NRmwwlFMyB2fvL14B2 -oweVjWvM/8fZl6irtFdbJFXXRm7paKso5cmfImxhojAwohgcd4XTVLE/7juYa582 -AaBdRuIiyL71MU9qa1mC5+57AaSLPYaPKpahemgYYkV1Z403Kd6rXchxdQ8JIAL8 -+0oYTSC+svnz1tUU/V5E5id9LQaTmDN5iIVFhNpqAaZmR45UI86woWvnkMb8Ants -4aknwTwY3300PuTqBdQufvOFDRN5 ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.key b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.key deleted file mode 100644 index cb69a0f3..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/localregistry.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAy4u+UBJJf6npHKDiZTb/ctSF7621NrLJeFYiYmUY1sfvwpMg -gjsn/WFKQIES6z7JKnXtpsIbjT/MgZTgW9e0mqc+zd/oSYuY/bywQBXGpj3hdz6s -Yxb+4+UypEZkiHRWEHJURMDFHd6hB99tipKjp7BBH3ZgoBaljkXvkEeQMc8UD9z5 -3eDmB9cmQodDED9qSYK8cX9iOSP5tQFIKB1dXHQWwr/SxqIST6TLcDwtHSaYDBXJ -3+oU9+wLdt+gGFeN+x4ka7mO4j1pGBa0j1qcHbJSd9jGb0TeUUtet42V44me6lp0 -DoogyX13uHrwf8kCzeJtKlUMbDM+65GOzrKmlwIDAQABAoIBAF6vFMp+lz4RteSh -Wm8m1FGAVwWVUpStOlcGClynFpTi0L88XYT3K7UMStQSttBDlqRv0ysdZF+ia+lj -bbKLdvHyFp8CJzX/AB4YZgyJlKzEYFtuBhbaHZu5hIMyU5W+OELSTCznV0p7w4C8 -CGLLr+FTdhfCo1QU9NJn6fa9s2/XRdSClBBalAHYs0ZS7ZckaF/sPiC/VapfBMet -qjJXNYiO6pXYriGWKF9zdAMfk2CM0BVWbnwQZkMSEQirrTcJwm3ezyloXCv2nywK -/VzbUT1HJVyzo5oAwTd0MwDc2oEMiFzlfO028zY4LDltpia+SyWvFi5NaIqzFESc -yLgJacECgYEA3jvH+ZQHQf42Md8TCciokaYvwWIKJdk4WRjbvE5cBZekyXAm7/3b -/1VFDKsy2RPlfmfHP3wy9rlnjzsRveB5qaclgS8aI67AYsWd/yRgfRatl7Ve9bHl -LY6VM5L/DZTxykcqivwjc77XoDuBfUKs6tyuSLQku+FOTbLtNYlUCHECgYEA6nkR -lkXufyLmDhNb3093RsYvPcs1kGaIIGTnz3cxWNh485DgsyLBuYQ5ugupQkzM8YSt -ohDTmVpggqjlXQxCg0Zw8gkEV0v8KsLGjn1CuTJg/mBArXlelq1FEeRAYC9/YfOz -ocXegHV7wDKKtcraNZFsEc7Z0LwbC9wtzSFG44cCgYASkMX1CLPOhJE8e1lY0OWc -PVjx++HDJbF6aAQ7aARyBygiF/d4xylw3EvHcinuTqY2eC8CE7siN3z6T0H9Ldqc -HLWaZDf30SqLVd0MKprQ+GsKKIHFXtY5hxbZ1ybtmIrWjjl0oPnJOqFC5pW7xC0z -9bmtozcKZxkmjpMYjN9zUQKBgQCqV6KLRerqunPgLfhE1/qTlE+l2QflDFhBEI3I -j5NuNHZKnSphehK7sHAv1WD2Jc2OeRGb+BWCB8Ktqf5YBxwbOwW7EQnyUeW1OyP9 -SMs8uHj21P6oCNDLLr5LLUQHnPoyM1aBZLstICzziMR1JhY5bJjSpzBfEQmlKCSu -LkrN6QKBgQCRXrBJRUxeJj7wCnCSq0Clf9NhCpQnwo4bEx8sKlj8K8ku8MvwQwoM -3KfWc7bOl6A2/mM/k4yoHtBMM9X9xqYtsgeFhxuiWBcfTmTxWh73LQ48Kgbrgodt -6yTccnjr7OtBidD85c6lgjAUgcL43QY8mlw0OhzXAZ2R5HWFp4ht+w== ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.cert deleted file mode 100644 index 45166f2d..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.cert +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC9TCCAd+gAwIBAgIRAJ6IIisIZxL86oe3oeoAgWUwCwYJKoZIhvcNAQELMCYx -ETAPBgNVBAoTCFF1aWNrVExTMREwDwYDVQQDEwhRdWlja1RMUzAeFw0xNjAxMjgw -MDQyMzNaFw0xOTAxMTIwMDQyMzNaMBMxETAPBgNVBAoTCFF1aWNrVExTMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IXUwqSdO2QTj2ET6fJPGe+KWVnt -QCQQWjkWVpOz8L2A29BRvv9z6lYNf9sOM0Xb5IUAgoZ/s3U6LNYT/RWYFBfeo40r -Xd/MNKAn0kFsSb6BIKmUwPqFeqc8wiPX6yY4SbF1sUTkCTkw3yFHg/AIlwmhpFH3 -9mAmV+x0kTzFR/78ZDD5CUNS59bbu+7UqB06YrJuVEwPY98YixSPXTcaKimsUe+K -IY8FQ6yN6l27MK56wlj4hw2gYz+cyBUBCExCgYMQlOSg2ilH4qYyFvccSDUH7jTA -NwpsIBfdoUVbI+j2ivn+ZGD614LtIStGgUu0mDDVxVOWnRvq/z7LMaa2jwIDAQAB -ozUwMzAOBgNVHQ8BAf8EBAMCAKAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0T -AQH/BAIwADALBgkqhkiG9w0BAQsDggEBAJq3JzTLrIWCF8rHLTTm1icE9PjOO0sV -a1wrmdJ6NwRbJ66dLZ/4G/NZjVOnce9WFHYLFSEG+wx5YVUPuJXpJaSdy0h8F0Uw -hiJwgeVsGg7vcf4G6mWHrsauDOhylnD31UtYPX1Ao/jcntyyf+gCQpY1J/B8l1yU -LNOwvWLVLpZwZ4ehbKA/UnDXgA+3uHvpzl//cPe0cnt+Mhrgzk5mIMwVR6zCZw1G -oVutAHpv2PXxRwTMu51J+QtSL2b2w3mGHxDLpmz8UdXOtkxdpmDT8kIOtX0T5yGL -29F3fa81iZPs02GWjSGOfOzmCCvaA4C5KJvY/WulF7OOgwvrBpQwqTI= ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.key b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.key deleted file mode 100644 index 47562540..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/certs/signing.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA3IXUwqSdO2QTj2ET6fJPGe+KWVntQCQQWjkWVpOz8L2A29BR -vv9z6lYNf9sOM0Xb5IUAgoZ/s3U6LNYT/RWYFBfeo40rXd/MNKAn0kFsSb6BIKmU -wPqFeqc8wiPX6yY4SbF1sUTkCTkw3yFHg/AIlwmhpFH39mAmV+x0kTzFR/78ZDD5 -CUNS59bbu+7UqB06YrJuVEwPY98YixSPXTcaKimsUe+KIY8FQ6yN6l27MK56wlj4 -hw2gYz+cyBUBCExCgYMQlOSg2ilH4qYyFvccSDUH7jTANwpsIBfdoUVbI+j2ivn+ -ZGD614LtIStGgUu0mDDVxVOWnRvq/z7LMaa2jwIDAQABAoIBAD2tiNZv6DImSXo+ -sq0qQomEf/OBvWPFMnWppd/NK/TXa+UPHO4I0MjoDJqIEC6zCU+fC4d2St1MmlrT -/X85vPFRw8mGwGxfHeRSLxEVj04I5GDYTWy0JQUrJUk/cTKp2/Bwm/RaylTyFAM0 -caYrSpvD69vjuTDFr7PDxM6iaqM53zK/vD8kCe81z+wN0UbAKsLlUOKztjH6SzL9 -uVOkekIT/j3L2xxyQhjmhfA3TuCP4uNK/+6/4ovl9Nj4pQsFomsCk4phgqy9SOm1 -4yufmVd8k7J3cppMlMPNc+7tqe2Xn593Y8QT95y3yhtkFECF70yBw64HMDDpA22p -5b/JV9ECgYEA9H4RBXOwbdjcpCa9H3mFjHqUQCqNme1vOSGiflZh9KBCDKgdqugm -KHpvAECADie0p6XRHpxRvufKnGFkJwedfeiKz51T+0dqgPxWncYT1TC+cAjOSzfM -wBpUOcAyvTTviwGbg4bLanHo4remzCbcnRvHQX4YfPFCjT9GhsU+XEUCgYEA5ubz -IlSu1wwFJpoO24ZykGUyqGUQXzR0NrXiLrpF0764qjmHyF8SPJPv1XegSxP/nUTz -SjVfJ7wye/X9qlOpBY8mzy9qQMMKc1cQBV1yVW8IRZ7pMYQZO7qmrZD/DWTa5qWt -pqSbIH2FKedELsKJA/SBtczKjspOdDKyh0UelsMCgYA7DyTfc0XAEy2hPXZb3wgC -mi2rnlvcPf2rCFPvPsCkzf2GfynDehaVmpWrsuj8Al1iTezI/yvD+Mv5oJEH2JAT -tROq+S8rOOIiTFJEBHAQBJlMCOSESPNdyD5mQOZAzEO9CWNejzYd/WwrL//Luut5 -zBcC3AngTIsuAYXw0j6xHQKBgQDamkAJep7k3W5q82OplgoUhpqFLtlnKSP1QBFZ -J+U/6Mqv7jONEeUUEQL42H6bVd2kqUikMw9ZcSVikquLfBUDPFoDwOIZWg4k0IJM -cgHyvGHad+5SgLva/oUawbGWnqtXvfc/U4vCINPXrimxE1/grLW4xp/mu8W24OCA -jIG/PQKBgD/Apl+sfqiB/6ONBjjIswA4yFkEXHSZNpAgcPwhA+cO5D0afEWz2HIx -VeOh5NjN1EL0hX8clFW4bfkK1Vr0kjvbMUXnBWaibUgpiVQl9O9WjaKQLZrp4sRu -x2kJ07Qn6ri7f/lsqOELZwBy95iHWRdePptaAKkRGxJstHI7dgUt ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml deleted file mode 100644 index ed6b3ea5..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config-notls.yml +++ /dev/null @@ -1,15 +0,0 @@ -version: 0.1 -loglevel: debug -storage: - cache: - blobdescriptor: inmemory - filesystem: - rootdirectory: /tmp/registry-dev -http: - addr: 0.0.0.0:5000 -auth: - token: - realm: "https://auth.localregistry:5559/token/" - issuer: "registry-test" - service: "registry-test" - rootcertbundle: "/etc/docker/registry/tokenbundle.pem" diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config.yml b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config.yml deleted file mode 100644 index 630ef057..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver-oauth/registry-config.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: 0.1 -loglevel: debug -storage: - cache: - blobdescriptor: inmemory - filesystem: - rootdirectory: /tmp/registry-dev -http: - addr: 0.0.0.0:5000 - tls: - certificate: "/etc/docker/registry/localregistry.cert" - key: "/etc/docker/registry/localregistry.key" -auth: - token: - realm: "https://auth.localregistry:5559/token/" - issuer: "registry-test" - service: "registry-test" - rootcertbundle: "/etc/docker/registry/tokenbundle.pem" diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/.htpasswd b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/.htpasswd deleted file mode 100644 index 0bbf5740..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/.htpasswd +++ /dev/null @@ -1 +0,0 @@ -testuser:$2y$05$T2MlBvkN1R/yICNnLuf1leOlOfAY0DvybctbbWUFKlojfkShVgn4m diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/Dockerfile b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/Dockerfile deleted file mode 100644 index 34524687..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/Dockerfile +++ /dev/null @@ -1,8 +0,0 @@ -FROM dmcgowan/token-server:simple - -WORKDIR / - -COPY ./.htpasswd /.htpasswd -COPY ./certs/auth.localregistry.cert /tls.cert -COPY ./certs/auth.localregistry.key /tls.key -COPY ./certs/signing.key /sign.key diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.cert deleted file mode 100644 index 4144ca16..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDHDCCAgagAwIBAgIRAKhhQMnqZx+hkOmoUYgPb+kwCwYJKoZIhvcNAQELMCYx -ETAPBgNVBAoTCFF1aWNrVExTMREwDwYDVQQDEwhRdWlja1RMUzAeFw0xNjAxMjgw -MDQyMzFaFw0xOTAxMTIwMDQyMzFaMDAxETAPBgNVBAoTCFF1aWNrVExTMRswGQYD -VQQDExJhdXRoLmxvY2FscmVnaXN0cnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAw -ggEKAoIBAQD1tUf1EghBlIRrE83yF4zDgRu7vH2Jo0kygKJUWtQQe+DfXyjjE/fg -FdKnnoEjsIeF9hxNbTt0ldDz7/n97pbMhoiXULi9iq4jlgSzVL2XEAgrON0YSY/c -Lmmd1KSa/pOUZr2WMAYPZ+FdQfE1W7SMNbErPefBqYdFzpZ+esAtvbajYwIjl8Vy -9c4bidx4vgnNrR9GcFYibjC5sj8syh/OtbzzqiVGT8YcPpmMG6KNRkausa4gqpon -NKYG8C3WDaiPCLYKcvFrFfdEWF/m2oj14eXACXT9iwp8r4bsLgXrZwqcpKOWfVRu -qHC8aV476EYgxWCAOANExUdUaRt5wL/jAgMBAAGjPzA9MA4GA1UdDwEB/wQEAwIA -oDAMBgNVHRMBAf8EAjAAMB0GA1UdEQQWMBSCEmF1dGgubG9jYWxyZWdpc3RyeTAL -BgkqhkiG9w0BAQsDggEBABxPGK9FdGDxcLowNsExKnnZvmQT3H0u+Dux1gkp0AhH -KOrmx3LUENUKLSgotzx133tgOgR5lzAWVFy7bhLwlPhOslxf2oEfztsAMd/tY8rW -PrG2ZqYqlzEQQ9INbAc3woo5A3slN07uhP3F16jNqoMM4zRmw6Ba70CluGKT7x5+ -xVjKoWITLjWDXT5m35PnsN8CpBaFzXYcod/5p9XwCFp0s+aNxfpZECCV/3yqIr+J -ALzroPh43FAlG96o4NyYZ2Msp63newN19R2+TgpV4nXuw2mLVDpvetP7RRqnpvj/ -qwRgt5j4hFjJWb61M0ELL7A9fA71h1ImdGCvnArdBQs= ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.key b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.key deleted file mode 100644 index 4c499bb2..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/auth.localregistry.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEA9bVH9RIIQZSEaxPN8heMw4Ebu7x9iaNJMoCiVFrUEHvg318o -4xP34BXSp56BI7CHhfYcTW07dJXQ8+/5/e6WzIaIl1C4vYquI5YEs1S9lxAIKzjd -GEmP3C5pndSkmv6TlGa9ljAGD2fhXUHxNVu0jDWxKz3nwamHRc6WfnrALb22o2MC -I5fFcvXOG4nceL4Jza0fRnBWIm4wubI/LMofzrW886olRk/GHD6ZjBuijUZGrrGu -IKqaJzSmBvAt1g2ojwi2CnLxaxX3RFhf5tqI9eHlwAl0/YsKfK+G7C4F62cKnKSj -ln1UbqhwvGleO+hGIMVggDgDRMVHVGkbecC/4wIDAQABAoIBAQCrsjXKRwOF8CZo -PLqZBWPT6hBbK+f9miC4LbNBhwbRTf9hl7mWlImOCTHe95/+NIk/Ty+P21jEqzwM -ehETJPoziX9BXaL6sEHnlBlMx1aEjStoKKA3LJBeqAAdzk4IEQVHmlO4824IreqJ -pF7Njnunzo0zTlr4tWJVoXsAfv5z9tNtdkxYBbIa0fjfGtlqXU3gLq58FCON3mB/ -NGc0AyA1UFGp0FzpdEcwTGD4InsXbcmsl2l/VPBJuZbryITRqWs6BbK++80DRhNt -afMhP+IzKrWSCp0rBYrqqz6AevtlKdEfQK1yXPEjN/63QLMevt8mF/1JCp//TQnf -Z6bIQbAhAoGBAP7vFA0PcvoXt9MXvvAwrKY1s6pNw4nWPG27qY1/m+DkBwP8IQms -4AWGv1wscZzXJYTvaLO5/qjmGUj50ohcVEvyZJioh1pKXA8Chxvd6rBA/O/Lj5E0 -3MOSA5Q0gxJ0Mhv0zGbbyN5fY8D8zhxoqQP4LoW+UdZG2Oi6JxsQ9c9dAoGBAPa8 -U3bGuM5OGA9EWP7mkB/VnjDTL1aEIN3cOHbHIKwH/loxdYcNMBE7vwxV1CzgIzXT -wsL0iE15fQdK938u0+um8aH5QtbWNI8tdk1XVjEC/i3C7N6WVUutneCKUDb4QxiB -9OvWCbNNiN+xTKBBM93YlwO3GYfrW9Pmm9q1+hg/AoGBALJlUS22gun50PxaIJZq -KVcCO2DQnCYHki/j48mN4+HjD/m85M2lePrFCYIR48syTyIQer9SR5+frVAA6k/b -9G1VCQo+3MDVSkiCp1Nb3tBKGfYgB65ARMBinDiI6rPuNeaUTrkn0g+yxtaU0hLV -Nnj9omia/x+oYj+xjI4HN0xNAoGARy92dSJIV104m88ATip/EnAzP6ruUWu1f8z1 -jW9OAdQckjEK03f+kjpGmGx61qekAPejjVO3r4KJi/0ZAtyjz61OsYiUvB748wYO -x6mW+HUAmHtQk7eTzE2+6vV8xx9BXGTCIPiTu+N2xfMFRIcLS8odZ7j/6LMCv1Qd -SzCNg0kCgYBaNlEs4pK1VxZZpEWwVmFpgIxfEfxLIaGrek6wBTcCn/VA2M0oHuez -mlMio8VY0yWPBJz30JflDiTmYIvteLPMHT0N0J6isiXLhzJSFI4+cAMLE2Q5v8rz -W+W5/L8YZeierW0qJat1BrgStaf5ZLpiOc9pKBSwycydPH5BfVdK/A== ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.cert deleted file mode 100644 index 105acc4f..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.cert +++ /dev/null @@ -1,19 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIDETCCAfugAwIBAgIQN7rT95eAy75c4n6/AsDJODALBgkqhkiG9w0BAQswJjER -MA8GA1UEChMIUXVpY2tUTFMxETAPBgNVBAMTCFF1aWNrVExTMB4XDTE2MDEyODAw -NDIzMloXDTE5MDExMjAwNDIzMlowKzERMA8GA1UEChMIUXVpY2tUTFMxFjAUBgNV -BAMTDWxvY2FscmVnaXN0cnkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB -AQDLi75QEkl/qekcoOJlNv9y1IXvrbU2ssl4ViJiZRjWx+/CkyCCOyf9YUpAgRLr -Pskqde2mwhuNP8yBlOBb17Sapz7N3+hJi5j9vLBAFcamPeF3PqxjFv7j5TKkRmSI -dFYQclREwMUd3qEH322KkqOnsEEfdmCgFqWORe+QR5AxzxQP3Pnd4OYH1yZCh0MQ -P2pJgrxxf2I5I/m1AUgoHV1cdBbCv9LGohJPpMtwPC0dJpgMFcnf6hT37At236AY -V437HiRruY7iPWkYFrSPWpwdslJ32MZvRN5RS163jZXjiZ7qWnQOiiDJfXe4evB/ -yQLN4m0qVQxsMz7rkY7OsqaXAgMBAAGjOjA4MA4GA1UdDwEB/wQEAwIAoDAMBgNV -HRMBAf8EAjAAMBgGA1UdEQQRMA+CDWxvY2FscmVnaXN0cnkwCwYJKoZIhvcNAQEL -A4IBAQAyUb3EuMaOylBeV8+4KeBiE4lxykDOwLLSk3jXRsVVtfJpX3v8l5vwo/Jf -iG8tzzz+7uiskI96u3TsekUtVkUxujfKevMP+369K/59s7NRmwwlFMyB2fvL14B2 -oweVjWvM/8fZl6irtFdbJFXXRm7paKso5cmfImxhojAwohgcd4XTVLE/7juYa582 -AaBdRuIiyL71MU9qa1mC5+57AaSLPYaPKpahemgYYkV1Z403Kd6rXchxdQ8JIAL8 -+0oYTSC+svnz1tUU/V5E5id9LQaTmDN5iIVFhNpqAaZmR45UI86woWvnkMb8Ants -4aknwTwY3300PuTqBdQufvOFDRN5 ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.key b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.key deleted file mode 100644 index cb69a0f3..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/localregistry.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEpAIBAAKCAQEAy4u+UBJJf6npHKDiZTb/ctSF7621NrLJeFYiYmUY1sfvwpMg -gjsn/WFKQIES6z7JKnXtpsIbjT/MgZTgW9e0mqc+zd/oSYuY/bywQBXGpj3hdz6s -Yxb+4+UypEZkiHRWEHJURMDFHd6hB99tipKjp7BBH3ZgoBaljkXvkEeQMc8UD9z5 -3eDmB9cmQodDED9qSYK8cX9iOSP5tQFIKB1dXHQWwr/SxqIST6TLcDwtHSaYDBXJ -3+oU9+wLdt+gGFeN+x4ka7mO4j1pGBa0j1qcHbJSd9jGb0TeUUtet42V44me6lp0 -DoogyX13uHrwf8kCzeJtKlUMbDM+65GOzrKmlwIDAQABAoIBAF6vFMp+lz4RteSh -Wm8m1FGAVwWVUpStOlcGClynFpTi0L88XYT3K7UMStQSttBDlqRv0ysdZF+ia+lj -bbKLdvHyFp8CJzX/AB4YZgyJlKzEYFtuBhbaHZu5hIMyU5W+OELSTCznV0p7w4C8 -CGLLr+FTdhfCo1QU9NJn6fa9s2/XRdSClBBalAHYs0ZS7ZckaF/sPiC/VapfBMet -qjJXNYiO6pXYriGWKF9zdAMfk2CM0BVWbnwQZkMSEQirrTcJwm3ezyloXCv2nywK -/VzbUT1HJVyzo5oAwTd0MwDc2oEMiFzlfO028zY4LDltpia+SyWvFi5NaIqzFESc -yLgJacECgYEA3jvH+ZQHQf42Md8TCciokaYvwWIKJdk4WRjbvE5cBZekyXAm7/3b -/1VFDKsy2RPlfmfHP3wy9rlnjzsRveB5qaclgS8aI67AYsWd/yRgfRatl7Ve9bHl -LY6VM5L/DZTxykcqivwjc77XoDuBfUKs6tyuSLQku+FOTbLtNYlUCHECgYEA6nkR -lkXufyLmDhNb3093RsYvPcs1kGaIIGTnz3cxWNh485DgsyLBuYQ5ugupQkzM8YSt -ohDTmVpggqjlXQxCg0Zw8gkEV0v8KsLGjn1CuTJg/mBArXlelq1FEeRAYC9/YfOz -ocXegHV7wDKKtcraNZFsEc7Z0LwbC9wtzSFG44cCgYASkMX1CLPOhJE8e1lY0OWc -PVjx++HDJbF6aAQ7aARyBygiF/d4xylw3EvHcinuTqY2eC8CE7siN3z6T0H9Ldqc -HLWaZDf30SqLVd0MKprQ+GsKKIHFXtY5hxbZ1ybtmIrWjjl0oPnJOqFC5pW7xC0z -9bmtozcKZxkmjpMYjN9zUQKBgQCqV6KLRerqunPgLfhE1/qTlE+l2QflDFhBEI3I -j5NuNHZKnSphehK7sHAv1WD2Jc2OeRGb+BWCB8Ktqf5YBxwbOwW7EQnyUeW1OyP9 -SMs8uHj21P6oCNDLLr5LLUQHnPoyM1aBZLstICzziMR1JhY5bJjSpzBfEQmlKCSu -LkrN6QKBgQCRXrBJRUxeJj7wCnCSq0Clf9NhCpQnwo4bEx8sKlj8K8ku8MvwQwoM -3KfWc7bOl6A2/mM/k4yoHtBMM9X9xqYtsgeFhxuiWBcfTmTxWh73LQ48Kgbrgodt -6yTccnjr7OtBidD85c6lgjAUgcL43QY8mlw0OhzXAZ2R5HWFp4ht+w== ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.cert b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.cert deleted file mode 100644 index 45166f2d..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.cert +++ /dev/null @@ -1,18 +0,0 @@ ------BEGIN CERTIFICATE----- -MIIC9TCCAd+gAwIBAgIRAJ6IIisIZxL86oe3oeoAgWUwCwYJKoZIhvcNAQELMCYx -ETAPBgNVBAoTCFF1aWNrVExTMREwDwYDVQQDEwhRdWlja1RMUzAeFw0xNjAxMjgw -MDQyMzNaFw0xOTAxMTIwMDQyMzNaMBMxETAPBgNVBAoTCFF1aWNrVExTMIIBIjAN -BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3IXUwqSdO2QTj2ET6fJPGe+KWVnt -QCQQWjkWVpOz8L2A29BRvv9z6lYNf9sOM0Xb5IUAgoZ/s3U6LNYT/RWYFBfeo40r -Xd/MNKAn0kFsSb6BIKmUwPqFeqc8wiPX6yY4SbF1sUTkCTkw3yFHg/AIlwmhpFH3 -9mAmV+x0kTzFR/78ZDD5CUNS59bbu+7UqB06YrJuVEwPY98YixSPXTcaKimsUe+K -IY8FQ6yN6l27MK56wlj4hw2gYz+cyBUBCExCgYMQlOSg2ilH4qYyFvccSDUH7jTA -NwpsIBfdoUVbI+j2ivn+ZGD614LtIStGgUu0mDDVxVOWnRvq/z7LMaa2jwIDAQAB -ozUwMzAOBgNVHQ8BAf8EBAMCAKAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwDAYDVR0T -AQH/BAIwADALBgkqhkiG9w0BAQsDggEBAJq3JzTLrIWCF8rHLTTm1icE9PjOO0sV -a1wrmdJ6NwRbJ66dLZ/4G/NZjVOnce9WFHYLFSEG+wx5YVUPuJXpJaSdy0h8F0Uw -hiJwgeVsGg7vcf4G6mWHrsauDOhylnD31UtYPX1Ao/jcntyyf+gCQpY1J/B8l1yU -LNOwvWLVLpZwZ4ehbKA/UnDXgA+3uHvpzl//cPe0cnt+Mhrgzk5mIMwVR6zCZw1G -oVutAHpv2PXxRwTMu51J+QtSL2b2w3mGHxDLpmz8UdXOtkxdpmDT8kIOtX0T5yGL -29F3fa81iZPs02GWjSGOfOzmCCvaA4C5KJvY/WulF7OOgwvrBpQwqTI= ------END CERTIFICATE----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.key b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.key deleted file mode 100644 index 47562540..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/certs/signing.key +++ /dev/null @@ -1,27 +0,0 @@ ------BEGIN RSA PRIVATE KEY----- -MIIEowIBAAKCAQEA3IXUwqSdO2QTj2ET6fJPGe+KWVntQCQQWjkWVpOz8L2A29BR -vv9z6lYNf9sOM0Xb5IUAgoZ/s3U6LNYT/RWYFBfeo40rXd/MNKAn0kFsSb6BIKmU -wPqFeqc8wiPX6yY4SbF1sUTkCTkw3yFHg/AIlwmhpFH39mAmV+x0kTzFR/78ZDD5 -CUNS59bbu+7UqB06YrJuVEwPY98YixSPXTcaKimsUe+KIY8FQ6yN6l27MK56wlj4 -hw2gYz+cyBUBCExCgYMQlOSg2ilH4qYyFvccSDUH7jTANwpsIBfdoUVbI+j2ivn+ -ZGD614LtIStGgUu0mDDVxVOWnRvq/z7LMaa2jwIDAQABAoIBAD2tiNZv6DImSXo+ -sq0qQomEf/OBvWPFMnWppd/NK/TXa+UPHO4I0MjoDJqIEC6zCU+fC4d2St1MmlrT -/X85vPFRw8mGwGxfHeRSLxEVj04I5GDYTWy0JQUrJUk/cTKp2/Bwm/RaylTyFAM0 -caYrSpvD69vjuTDFr7PDxM6iaqM53zK/vD8kCe81z+wN0UbAKsLlUOKztjH6SzL9 -uVOkekIT/j3L2xxyQhjmhfA3TuCP4uNK/+6/4ovl9Nj4pQsFomsCk4phgqy9SOm1 -4yufmVd8k7J3cppMlMPNc+7tqe2Xn593Y8QT95y3yhtkFECF70yBw64HMDDpA22p -5b/JV9ECgYEA9H4RBXOwbdjcpCa9H3mFjHqUQCqNme1vOSGiflZh9KBCDKgdqugm -KHpvAECADie0p6XRHpxRvufKnGFkJwedfeiKz51T+0dqgPxWncYT1TC+cAjOSzfM -wBpUOcAyvTTviwGbg4bLanHo4remzCbcnRvHQX4YfPFCjT9GhsU+XEUCgYEA5ubz -IlSu1wwFJpoO24ZykGUyqGUQXzR0NrXiLrpF0764qjmHyF8SPJPv1XegSxP/nUTz -SjVfJ7wye/X9qlOpBY8mzy9qQMMKc1cQBV1yVW8IRZ7pMYQZO7qmrZD/DWTa5qWt -pqSbIH2FKedELsKJA/SBtczKjspOdDKyh0UelsMCgYA7DyTfc0XAEy2hPXZb3wgC -mi2rnlvcPf2rCFPvPsCkzf2GfynDehaVmpWrsuj8Al1iTezI/yvD+Mv5oJEH2JAT -tROq+S8rOOIiTFJEBHAQBJlMCOSESPNdyD5mQOZAzEO9CWNejzYd/WwrL//Luut5 -zBcC3AngTIsuAYXw0j6xHQKBgQDamkAJep7k3W5q82OplgoUhpqFLtlnKSP1QBFZ -J+U/6Mqv7jONEeUUEQL42H6bVd2kqUikMw9ZcSVikquLfBUDPFoDwOIZWg4k0IJM -cgHyvGHad+5SgLva/oUawbGWnqtXvfc/U4vCINPXrimxE1/grLW4xp/mu8W24OCA -jIG/PQKBgD/Apl+sfqiB/6ONBjjIswA4yFkEXHSZNpAgcPwhA+cO5D0afEWz2HIx -VeOh5NjN1EL0hX8clFW4bfkK1Vr0kjvbMUXnBWaibUgpiVQl9O9WjaKQLZrp4sRu -x2kJ07Qn6ri7f/lsqOELZwBy95iHWRdePptaAKkRGxJstHI7dgUt ------END RSA PRIVATE KEY----- diff --git a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/registry-config.yml b/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/registry-config.yml deleted file mode 100644 index bc269056..00000000 --- a/vendor/github.com/docker/distribution/contrib/docker-integration/tokenserver/registry-config.yml +++ /dev/null @@ -1,18 +0,0 @@ -version: 0.1 -loglevel: debug -storage: - cache: - blobdescriptor: inmemory - filesystem: - rootdirectory: /tmp/registry-dev -http: - addr: 0.0.0.0:5000 - tls: - certificate: "/etc/docker/registry/localregistry.cert" - key: "/etc/docker/registry/localregistry.key" -auth: - token: - realm: "https://auth.localregistry:5556/token/" - issuer: "registry-test" - service: "registry-test" - rootcertbundle: "/etc/docker/registry/tokenbundle.pem" diff --git a/vendor/github.com/docker/distribution/contrib/token-server/errors.go b/vendor/github.com/docker/distribution/contrib/token-server/errors.go deleted file mode 100644 index bcac8ee3..00000000 --- a/vendor/github.com/docker/distribution/contrib/token-server/errors.go +++ /dev/null @@ -1,38 +0,0 @@ -package main - -import ( - "net/http" - - "github.com/docker/distribution/registry/api/errcode" -) - -var ( - errGroup = "tokenserver" - - // ErrorBadTokenOption is returned when a token parameter is invalid - ErrorBadTokenOption = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "BAD_TOKEN_OPTION", - Message: "bad token option", - Description: `This error may be returned when a request for a - token contains an option which is not valid`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorMissingRequiredField is returned when a required form field is missing - ErrorMissingRequiredField = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "MISSING_REQUIRED_FIELD", - Message: "missing required field", - Description: `This error may be returned when a request for a - token does not contain a required form field`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorUnsupportedValue is returned when a form field has an unsupported value - ErrorUnsupportedValue = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "UNSUPPORTED_VALUE", - Message: "unsupported value", - Description: `This error may be returned when a request for a - token contains a form field with an unsupported value`, - HTTPStatusCode: http.StatusBadRequest, - }) -) diff --git a/vendor/github.com/docker/distribution/contrib/token-server/main.go b/vendor/github.com/docker/distribution/contrib/token-server/main.go deleted file mode 100644 index e9d6d64f..00000000 --- a/vendor/github.com/docker/distribution/contrib/token-server/main.go +++ /dev/null @@ -1,425 +0,0 @@ -package main - -import ( - "encoding/json" - "flag" - "math/rand" - "net/http" - "strconv" - "strings" - "time" - - "github.com/Sirupsen/logrus" - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/auth" - _ "github.com/docker/distribution/registry/auth/htpasswd" - "github.com/docker/libtrust" - "github.com/gorilla/mux" -) - -var ( - enforceRepoClass bool -) - -func main() { - var ( - issuer = &TokenIssuer{} - pkFile string - addr string - debug bool - err error - - passwdFile string - realm string - - cert string - certKey string - ) - - flag.StringVar(&issuer.Issuer, "issuer", "distribution-token-server", "Issuer string for token") - flag.StringVar(&pkFile, "key", "", "Private key file") - flag.StringVar(&addr, "addr", "localhost:8080", "Address to listen on") - flag.BoolVar(&debug, "debug", false, "Debug mode") - - flag.StringVar(&passwdFile, "passwd", ".htpasswd", "Passwd file") - flag.StringVar(&realm, "realm", "", "Authentication realm") - - flag.StringVar(&cert, "tlscert", "", "Certificate file for TLS") - flag.StringVar(&certKey, "tlskey", "", "Certificate key for TLS") - - flag.BoolVar(&enforceRepoClass, "enforce-class", false, "Enforce policy for single repository class") - - flag.Parse() - - if debug { - logrus.SetLevel(logrus.DebugLevel) - } - - if pkFile == "" { - issuer.SigningKey, err = libtrust.GenerateECP256PrivateKey() - if err != nil { - logrus.Fatalf("Error generating private key: %v", err) - } - logrus.Debugf("Using newly generated key with id %s", issuer.SigningKey.KeyID()) - } else { - issuer.SigningKey, err = libtrust.LoadKeyFile(pkFile) - if err != nil { - logrus.Fatalf("Error loading key file %s: %v", pkFile, err) - } - logrus.Debugf("Loaded private key with id %s", issuer.SigningKey.KeyID()) - } - - if realm == "" { - logrus.Fatalf("Must provide realm") - } - - ac, err := auth.GetAccessController("htpasswd", map[string]interface{}{ - "realm": realm, - "path": passwdFile, - }) - if err != nil { - logrus.Fatalf("Error initializing access controller: %v", err) - } - - // TODO: Make configurable - issuer.Expiration = 15 * time.Minute - - ctx := context.Background() - - ts := &tokenServer{ - issuer: issuer, - accessController: ac, - refreshCache: map[string]refreshToken{}, - } - - router := mux.NewRouter() - router.Path("/token/").Methods("GET").Handler(handlerWithContext(ctx, ts.getToken)) - router.Path("/token/").Methods("POST").Handler(handlerWithContext(ctx, ts.postToken)) - - if cert == "" { - err = http.ListenAndServe(addr, router) - } else if certKey == "" { - logrus.Fatalf("Must provide certficate (-tlscert) and key (-tlskey)") - } else { - err = http.ListenAndServeTLS(addr, cert, certKey, router) - } - - if err != nil { - logrus.Infof("Error serving: %v", err) - } - -} - -// handlerWithContext wraps the given context-aware handler by setting up the -// request context from a base context. -func handlerWithContext(ctx context.Context, handler func(context.Context, http.ResponseWriter, *http.Request)) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctx := context.WithRequest(ctx, r) - logger := context.GetRequestLogger(ctx) - ctx = context.WithLogger(ctx, logger) - - handler(ctx, w, r) - }) -} - -func handleError(ctx context.Context, err error, w http.ResponseWriter) { - ctx, w = context.WithResponseWriter(ctx, w) - - if serveErr := errcode.ServeJSON(w, err); serveErr != nil { - context.GetResponseLogger(ctx).Errorf("error sending error response: %v", serveErr) - return - } - - context.GetResponseLogger(ctx).Info("application error") -} - -var refreshCharacters = []rune("0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") - -const refreshTokenLength = 15 - -func newRefreshToken() string { - s := make([]rune, refreshTokenLength) - for i := range s { - s[i] = refreshCharacters[rand.Intn(len(refreshCharacters))] - } - return string(s) -} - -type refreshToken struct { - subject string - service string -} - -type tokenServer struct { - issuer *TokenIssuer - accessController auth.AccessController - refreshCache map[string]refreshToken -} - -type tokenResponse struct { - Token string `json:"access_token"` - RefreshToken string `json:"refresh_token,omitempty"` - ExpiresIn int `json:"expires_in,omitempty"` -} - -var repositoryClassCache = map[string]string{} - -func filterAccessList(ctx context.Context, scope string, requestedAccessList []auth.Access) []auth.Access { - if !strings.HasSuffix(scope, "/") { - scope = scope + "/" - } - grantedAccessList := make([]auth.Access, 0, len(requestedAccessList)) - for _, access := range requestedAccessList { - if access.Type == "repository" { - if !strings.HasPrefix(access.Name, scope) { - context.GetLogger(ctx).Debugf("Resource scope not allowed: %s", access.Name) - continue - } - if enforceRepoClass { - if class, ok := repositoryClassCache[access.Name]; ok { - if class != access.Class { - context.GetLogger(ctx).Debugf("Different repository class: %q, previously %q", access.Class, class) - continue - } - } else if strings.EqualFold(access.Action, "push") { - repositoryClassCache[access.Name] = access.Class - } - } - } else if access.Type == "registry" { - if access.Name != "catalog" { - context.GetLogger(ctx).Debugf("Unknown registry resource: %s", access.Name) - continue - } - // TODO: Limit some actions to "admin" users - } else { - context.GetLogger(ctx).Debugf("Skipping unsupported resource type: %s", access.Type) - continue - } - grantedAccessList = append(grantedAccessList, access) - } - return grantedAccessList -} - -type acctSubject struct{} - -func (acctSubject) String() string { return "acctSubject" } - -type requestedAccess struct{} - -func (requestedAccess) String() string { return "requestedAccess" } - -type grantedAccess struct{} - -func (grantedAccess) String() string { return "grantedAccess" } - -// getToken handles authenticating the request and authorizing access to the -// requested scopes. -func (ts *tokenServer) getToken(ctx context.Context, w http.ResponseWriter, r *http.Request) { - context.GetLogger(ctx).Info("getToken") - - params := r.URL.Query() - service := params.Get("service") - scopeSpecifiers := params["scope"] - var offline bool - if offlineStr := params.Get("offline_token"); offlineStr != "" { - var err error - offline, err = strconv.ParseBool(offlineStr) - if err != nil { - handleError(ctx, ErrorBadTokenOption.WithDetail(err), w) - return - } - } - - requestedAccessList := ResolveScopeSpecifiers(ctx, scopeSpecifiers) - - authorizedCtx, err := ts.accessController.Authorized(ctx, requestedAccessList...) - if err != nil { - challenge, ok := err.(auth.Challenge) - if !ok { - handleError(ctx, err, w) - return - } - - // Get response context. - ctx, w = context.WithResponseWriter(ctx, w) - - challenge.SetHeaders(w) - handleError(ctx, errcode.ErrorCodeUnauthorized.WithDetail(challenge.Error()), w) - - context.GetResponseLogger(ctx).Info("get token authentication challenge") - - return - } - ctx = authorizedCtx - - username := context.GetStringValue(ctx, "auth.user.name") - - ctx = context.WithValue(ctx, acctSubject{}, username) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, acctSubject{})) - - context.GetLogger(ctx).Info("authenticated client") - - ctx = context.WithValue(ctx, requestedAccess{}, requestedAccessList) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, requestedAccess{})) - - grantedAccessList := filterAccessList(ctx, username, requestedAccessList) - ctx = context.WithValue(ctx, grantedAccess{}, grantedAccessList) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, grantedAccess{})) - - token, err := ts.issuer.CreateJWT(username, service, grantedAccessList) - if err != nil { - handleError(ctx, err, w) - return - } - - context.GetLogger(ctx).Info("authorized client") - - response := tokenResponse{ - Token: token, - ExpiresIn: int(ts.issuer.Expiration.Seconds()), - } - - if offline { - response.RefreshToken = newRefreshToken() - ts.refreshCache[response.RefreshToken] = refreshToken{ - subject: username, - service: service, - } - } - - ctx, w = context.WithResponseWriter(ctx, w) - - w.Header().Set("Content-Type", "application/json") - json.NewEncoder(w).Encode(response) - - context.GetResponseLogger(ctx).Info("get token complete") -} - -type postTokenResponse struct { - Token string `json:"access_token"` - Scope string `json:"scope,omitempty"` - ExpiresIn int `json:"expires_in,omitempty"` - IssuedAt string `json:"issued_at,omitempty"` - RefreshToken string `json:"refresh_token,omitempty"` -} - -// postToken handles authenticating the request and authorizing access to the -// requested scopes. -func (ts *tokenServer) postToken(ctx context.Context, w http.ResponseWriter, r *http.Request) { - grantType := r.PostFormValue("grant_type") - if grantType == "" { - handleError(ctx, ErrorMissingRequiredField.WithDetail("missing grant_type value"), w) - return - } - - service := r.PostFormValue("service") - if service == "" { - handleError(ctx, ErrorMissingRequiredField.WithDetail("missing service value"), w) - return - } - - clientID := r.PostFormValue("client_id") - if clientID == "" { - handleError(ctx, ErrorMissingRequiredField.WithDetail("missing client_id value"), w) - return - } - - var offline bool - switch r.PostFormValue("access_type") { - case "", "online": - case "offline": - offline = true - default: - handleError(ctx, ErrorUnsupportedValue.WithDetail("unknown access_type value"), w) - return - } - - requestedAccessList := ResolveScopeList(ctx, r.PostFormValue("scope")) - - var subject string - var rToken string - switch grantType { - case "refresh_token": - rToken = r.PostFormValue("refresh_token") - if rToken == "" { - handleError(ctx, ErrorUnsupportedValue.WithDetail("missing refresh_token value"), w) - return - } - rt, ok := ts.refreshCache[rToken] - if !ok || rt.service != service { - handleError(ctx, errcode.ErrorCodeUnauthorized.WithDetail("invalid refresh token"), w) - return - } - subject = rt.subject - case "password": - ca, ok := ts.accessController.(auth.CredentialAuthenticator) - if !ok { - handleError(ctx, ErrorUnsupportedValue.WithDetail("password grant type not supported"), w) - return - } - subject = r.PostFormValue("username") - if subject == "" { - handleError(ctx, ErrorUnsupportedValue.WithDetail("missing username value"), w) - return - } - password := r.PostFormValue("password") - if password == "" { - handleError(ctx, ErrorUnsupportedValue.WithDetail("missing password value"), w) - return - } - if err := ca.AuthenticateUser(subject, password); err != nil { - handleError(ctx, errcode.ErrorCodeUnauthorized.WithDetail("invalid credentials"), w) - return - } - default: - handleError(ctx, ErrorUnsupportedValue.WithDetail("unknown grant_type value"), w) - return - } - - ctx = context.WithValue(ctx, acctSubject{}, subject) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, acctSubject{})) - - context.GetLogger(ctx).Info("authenticated client") - - ctx = context.WithValue(ctx, requestedAccess{}, requestedAccessList) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, requestedAccess{})) - - grantedAccessList := filterAccessList(ctx, subject, requestedAccessList) - ctx = context.WithValue(ctx, grantedAccess{}, grantedAccessList) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, grantedAccess{})) - - token, err := ts.issuer.CreateJWT(subject, service, grantedAccessList) - if err != nil { - handleError(ctx, err, w) - return - } - - context.GetLogger(ctx).Info("authorized client") - - response := postTokenResponse{ - Token: token, - ExpiresIn: int(ts.issuer.Expiration.Seconds()), - IssuedAt: time.Now().UTC().Format(time.RFC3339), - Scope: ToScopeList(grantedAccessList), - } - - if offline { - rToken = newRefreshToken() - ts.refreshCache[rToken] = refreshToken{ - subject: subject, - service: service, - } - } - - if rToken != "" { - response.RefreshToken = rToken - } - - ctx, w = context.WithResponseWriter(ctx, w) - - w.Header().Set("Content-Type", "application/json") - json.NewEncoder(w).Encode(response) - - context.GetResponseLogger(ctx).Info("post token complete") -} diff --git a/vendor/github.com/docker/distribution/contrib/token-server/token.go b/vendor/github.com/docker/distribution/contrib/token-server/token.go deleted file mode 100644 index b0c2abff..00000000 --- a/vendor/github.com/docker/distribution/contrib/token-server/token.go +++ /dev/null @@ -1,219 +0,0 @@ -package main - -import ( - "crypto" - "crypto/rand" - "encoding/base64" - "encoding/json" - "fmt" - "io" - "regexp" - "strings" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" - "github.com/docker/distribution/registry/auth/token" - "github.com/docker/libtrust" -) - -// ResolveScopeSpecifiers converts a list of scope specifiers from a token -// request's `scope` query parameters into a list of standard access objects. -func ResolveScopeSpecifiers(ctx context.Context, scopeSpecs []string) []auth.Access { - requestedAccessSet := make(map[auth.Access]struct{}, 2*len(scopeSpecs)) - - for _, scopeSpecifier := range scopeSpecs { - // There should be 3 parts, separated by a `:` character. - parts := strings.SplitN(scopeSpecifier, ":", 3) - - if len(parts) != 3 { - context.GetLogger(ctx).Infof("ignoring unsupported scope format %s", scopeSpecifier) - continue - } - - resourceType, resourceName, actions := parts[0], parts[1], parts[2] - - resourceType, resourceClass := splitResourceClass(resourceType) - if resourceType == "" { - continue - } - - // Actions should be a comma-separated list of actions. - for _, action := range strings.Split(actions, ",") { - requestedAccess := auth.Access{ - Resource: auth.Resource{ - Type: resourceType, - Class: resourceClass, - Name: resourceName, - }, - Action: action, - } - - // Add this access to the requested access set. - requestedAccessSet[requestedAccess] = struct{}{} - } - } - - requestedAccessList := make([]auth.Access, 0, len(requestedAccessSet)) - for requestedAccess := range requestedAccessSet { - requestedAccessList = append(requestedAccessList, requestedAccess) - } - - return requestedAccessList -} - -var typeRegexp = regexp.MustCompile(`^([a-z0-9]+)(\([a-z0-9]+\))?$`) - -func splitResourceClass(t string) (string, string) { - matches := typeRegexp.FindStringSubmatch(t) - if len(matches) < 2 { - return "", "" - } - if len(matches) == 2 || len(matches[2]) < 2 { - return matches[1], "" - } - return matches[1], matches[2][1 : len(matches[2])-1] -} - -// ResolveScopeList converts a scope list from a token request's -// `scope` parameter into a list of standard access objects. -func ResolveScopeList(ctx context.Context, scopeList string) []auth.Access { - scopes := strings.Split(scopeList, " ") - return ResolveScopeSpecifiers(ctx, scopes) -} - -func scopeString(a auth.Access) string { - if a.Class != "" { - return fmt.Sprintf("%s(%s):%s:%s", a.Type, a.Class, a.Name, a.Action) - } - return fmt.Sprintf("%s:%s:%s", a.Type, a.Name, a.Action) -} - -// ToScopeList converts a list of access to a -// scope list string -func ToScopeList(access []auth.Access) string { - var s []string - for _, a := range access { - s = append(s, scopeString(a)) - } - return strings.Join(s, ",") -} - -// TokenIssuer represents an issuer capable of generating JWT tokens -type TokenIssuer struct { - Issuer string - SigningKey libtrust.PrivateKey - Expiration time.Duration -} - -// CreateJWT creates and signs a JSON Web Token for the given subject and -// audience with the granted access. -func (issuer *TokenIssuer) CreateJWT(subject string, audience string, grantedAccessList []auth.Access) (string, error) { - // Make a set of access entries to put in the token's claimset. - resourceActionSets := make(map[auth.Resource]map[string]struct{}, len(grantedAccessList)) - for _, access := range grantedAccessList { - actionSet, exists := resourceActionSets[access.Resource] - if !exists { - actionSet = map[string]struct{}{} - resourceActionSets[access.Resource] = actionSet - } - actionSet[access.Action] = struct{}{} - } - - accessEntries := make([]*token.ResourceActions, 0, len(resourceActionSets)) - for resource, actionSet := range resourceActionSets { - actions := make([]string, 0, len(actionSet)) - for action := range actionSet { - actions = append(actions, action) - } - - accessEntries = append(accessEntries, &token.ResourceActions{ - Type: resource.Type, - Class: resource.Class, - Name: resource.Name, - Actions: actions, - }) - } - - randomBytes := make([]byte, 15) - _, err := io.ReadFull(rand.Reader, randomBytes) - if err != nil { - return "", err - } - randomID := base64.URLEncoding.EncodeToString(randomBytes) - - now := time.Now() - - signingHash := crypto.SHA256 - var alg string - switch issuer.SigningKey.KeyType() { - case "RSA": - alg = "RS256" - case "EC": - alg = "ES256" - default: - panic(fmt.Errorf("unsupported signing key type %q", issuer.SigningKey.KeyType())) - } - - joseHeader := token.Header{ - Type: "JWT", - SigningAlg: alg, - } - - if x5c := issuer.SigningKey.GetExtendedField("x5c"); x5c != nil { - joseHeader.X5c = x5c.([]string) - } else { - var jwkMessage json.RawMessage - jwkMessage, err = issuer.SigningKey.PublicKey().MarshalJSON() - if err != nil { - return "", err - } - joseHeader.RawJWK = &jwkMessage - } - - exp := issuer.Expiration - if exp == 0 { - exp = 5 * time.Minute - } - - claimSet := token.ClaimSet{ - Issuer: issuer.Issuer, - Subject: subject, - Audience: audience, - Expiration: now.Add(exp).Unix(), - NotBefore: now.Unix(), - IssuedAt: now.Unix(), - JWTID: randomID, - - Access: accessEntries, - } - - var ( - joseHeaderBytes []byte - claimSetBytes []byte - ) - - if joseHeaderBytes, err = json.Marshal(joseHeader); err != nil { - return "", fmt.Errorf("unable to encode jose header: %s", err) - } - if claimSetBytes, err = json.Marshal(claimSet); err != nil { - return "", fmt.Errorf("unable to encode claim set: %s", err) - } - - encodedJoseHeader := joseBase64Encode(joseHeaderBytes) - encodedClaimSet := joseBase64Encode(claimSetBytes) - encodingToSign := fmt.Sprintf("%s.%s", encodedJoseHeader, encodedClaimSet) - - var signatureBytes []byte - if signatureBytes, _, err = issuer.SigningKey.Sign(strings.NewReader(encodingToSign), signingHash); err != nil { - return "", fmt.Errorf("unable to sign jwt payload: %s", err) - } - - signature := joseBase64Encode(signatureBytes) - - return fmt.Sprintf("%s.%s", encodingToSign, signature), nil -} - -func joseBase64Encode(data []byte) string { - return strings.TrimRight(base64.URLEncoding.EncodeToString(data), "=") -} diff --git a/vendor/github.com/docker/distribution/coverpkg.sh b/vendor/github.com/docker/distribution/coverpkg.sh deleted file mode 100755 index 25d419ae..00000000 --- a/vendor/github.com/docker/distribution/coverpkg.sh +++ /dev/null @@ -1,7 +0,0 @@ -#!/usr/bin/env bash -# Given a subpackage and the containing package, figures out which packages -# need to be passed to `go test -coverpkg`: this includes all of the -# subpackage's dependencies within the containing package, as well as the -# subpackage itself. -DEPENDENCIES="$(go list -f $'{{range $f := .Deps}}{{$f}}\n{{end}}' ${1} | grep ${2} | grep -v github.com/docker/distribution/vendor)" -echo "${1} ${DEPENDENCIES}" | xargs echo -n | tr ' ' ',' diff --git a/vendor/github.com/docker/distribution/digest/digest.go b/vendor/github.com/docker/distribution/digest/digest.go deleted file mode 100644 index 31d821bb..00000000 --- a/vendor/github.com/docker/distribution/digest/digest.go +++ /dev/null @@ -1,139 +0,0 @@ -package digest - -import ( - "fmt" - "hash" - "io" - "regexp" - "strings" -) - -const ( - // DigestSha256EmptyTar is the canonical sha256 digest of empty data - DigestSha256EmptyTar = "sha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855" -) - -// Digest allows simple protection of hex formatted digest strings, prefixed -// by their algorithm. Strings of type Digest have some guarantee of being in -// the correct format and it provides quick access to the components of a -// digest string. -// -// The following is an example of the contents of Digest types: -// -// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc -// -// This allows to abstract the digest behind this type and work only in those -// terms. -type Digest string - -// NewDigest returns a Digest from alg and a hash.Hash object. -func NewDigest(alg Algorithm, h hash.Hash) Digest { - return NewDigestFromBytes(alg, h.Sum(nil)) -} - -// NewDigestFromBytes returns a new digest from the byte contents of p. -// Typically, this can come from hash.Hash.Sum(...) or xxx.SumXXX(...) -// functions. This is also useful for rebuilding digests from binary -// serializations. -func NewDigestFromBytes(alg Algorithm, p []byte) Digest { - return Digest(fmt.Sprintf("%s:%x", alg, p)) -} - -// NewDigestFromHex returns a Digest from alg and a the hex encoded digest. -func NewDigestFromHex(alg, hex string) Digest { - return Digest(fmt.Sprintf("%s:%s", alg, hex)) -} - -// DigestRegexp matches valid digest types. -var DigestRegexp = regexp.MustCompile(`[a-zA-Z0-9-_+.]+:[a-fA-F0-9]+`) - -// DigestRegexpAnchored matches valid digest types, anchored to the start and end of the match. -var DigestRegexpAnchored = regexp.MustCompile(`^` + DigestRegexp.String() + `$`) - -var ( - // ErrDigestInvalidFormat returned when digest format invalid. - ErrDigestInvalidFormat = fmt.Errorf("invalid checksum digest format") - - // ErrDigestInvalidLength returned when digest has invalid length. - ErrDigestInvalidLength = fmt.Errorf("invalid checksum digest length") - - // ErrDigestUnsupported returned when the digest algorithm is unsupported. - ErrDigestUnsupported = fmt.Errorf("unsupported digest algorithm") -) - -// ParseDigest parses s and returns the validated digest object. An error will -// be returned if the format is invalid. -func ParseDigest(s string) (Digest, error) { - d := Digest(s) - - return d, d.Validate() -} - -// FromReader returns the most valid digest for the underlying content using -// the canonical digest algorithm. -func FromReader(rd io.Reader) (Digest, error) { - return Canonical.FromReader(rd) -} - -// FromBytes digests the input and returns a Digest. -func FromBytes(p []byte) Digest { - return Canonical.FromBytes(p) -} - -// Validate checks that the contents of d is a valid digest, returning an -// error if not. -func (d Digest) Validate() error { - s := string(d) - - if !DigestRegexpAnchored.MatchString(s) { - return ErrDigestInvalidFormat - } - - i := strings.Index(s, ":") - if i < 0 { - return ErrDigestInvalidFormat - } - - // case: "sha256:" with no hex. - if i+1 == len(s) { - return ErrDigestInvalidFormat - } - - switch algorithm := Algorithm(s[:i]); algorithm { - case SHA256, SHA384, SHA512: - if algorithm.Size()*2 != len(s[i+1:]) { - return ErrDigestInvalidLength - } - break - default: - return ErrDigestUnsupported - } - - return nil -} - -// Algorithm returns the algorithm portion of the digest. This will panic if -// the underlying digest is not in a valid format. -func (d Digest) Algorithm() Algorithm { - return Algorithm(d[:d.sepIndex()]) -} - -// Hex returns the hex digest portion of the digest. This will panic if the -// underlying digest is not in a valid format. -func (d Digest) Hex() string { - return string(d[d.sepIndex()+1:]) -} - -func (d Digest) String() string { - return string(d) -} - -func (d Digest) sepIndex() int { - i := strings.Index(string(d), ":") - - if i < 0 { - panic("could not find ':' in digest: " + d) - } - - return i -} diff --git a/vendor/github.com/docker/distribution/digest/digest_test.go b/vendor/github.com/docker/distribution/digest/digest_test.go deleted file mode 100644 index afb4ebf6..00000000 --- a/vendor/github.com/docker/distribution/digest/digest_test.go +++ /dev/null @@ -1,82 +0,0 @@ -package digest - -import ( - "testing" -) - -func TestParseDigest(t *testing.T) { - for _, testcase := range []struct { - input string - err error - algorithm Algorithm - hex string - }{ - { - input: "sha256:e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b", - algorithm: "sha256", - hex: "e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b", - }, - { - input: "sha384:d3fc7881460b7e22e3d172954463dddd7866d17597e7248453c48b3e9d26d9596bf9c4a9cf8072c9d5bad76e19af801d", - algorithm: "sha384", - hex: "d3fc7881460b7e22e3d172954463dddd7866d17597e7248453c48b3e9d26d9596bf9c4a9cf8072c9d5bad76e19af801d", - }, - { - // empty hex - input: "sha256:", - err: ErrDigestInvalidFormat, - }, - { - // just hex - input: "d41d8cd98f00b204e9800998ecf8427e", - err: ErrDigestInvalidFormat, - }, - { - // not hex - input: "sha256:d41d8cd98f00b204e9800m98ecf8427e", - err: ErrDigestInvalidFormat, - }, - { - // too short - input: "sha256:abcdef0123456789", - err: ErrDigestInvalidLength, - }, - { - // too short (from different algorithm) - input: "sha512:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - err: ErrDigestInvalidLength, - }, - { - input: "foo:d41d8cd98f00b204e9800998ecf8427e", - err: ErrDigestUnsupported, - }, - } { - digest, err := ParseDigest(testcase.input) - if err != testcase.err { - t.Fatalf("error differed from expected while parsing %q: %v != %v", testcase.input, err, testcase.err) - } - - if testcase.err != nil { - continue - } - - if digest.Algorithm() != testcase.algorithm { - t.Fatalf("incorrect algorithm for parsed digest: %q != %q", digest.Algorithm(), testcase.algorithm) - } - - if digest.Hex() != testcase.hex { - t.Fatalf("incorrect hex for parsed digest: %q != %q", digest.Hex(), testcase.hex) - } - - // Parse string return value and check equality - newParsed, err := ParseDigest(digest.String()) - - if err != nil { - t.Fatalf("unexpected error parsing input %q: %v", testcase.input, err) - } - - if newParsed != digest { - t.Fatalf("expected equal: %q != %q", newParsed, digest) - } - } -} diff --git a/vendor/github.com/docker/distribution/digest/digester.go b/vendor/github.com/docker/distribution/digest/digester.go deleted file mode 100644 index f3105a45..00000000 --- a/vendor/github.com/docker/distribution/digest/digester.go +++ /dev/null @@ -1,155 +0,0 @@ -package digest - -import ( - "crypto" - "fmt" - "hash" - "io" -) - -// Algorithm identifies and implementation of a digester by an identifier. -// Note the that this defines both the hash algorithm used and the string -// encoding. -type Algorithm string - -// supported digest types -const ( - SHA256 Algorithm = "sha256" // sha256 with hex encoding - SHA384 Algorithm = "sha384" // sha384 with hex encoding - SHA512 Algorithm = "sha512" // sha512 with hex encoding - - // Canonical is the primary digest algorithm used with the distribution - // project. Other digests may be used but this one is the primary storage - // digest. - Canonical = SHA256 -) - -var ( - // TODO(stevvooe): Follow the pattern of the standard crypto package for - // registration of digests. Effectively, we are a registerable set and - // common symbol access. - - // algorithms maps values to hash.Hash implementations. Other algorithms - // may be available but they cannot be calculated by the digest package. - algorithms = map[Algorithm]crypto.Hash{ - SHA256: crypto.SHA256, - SHA384: crypto.SHA384, - SHA512: crypto.SHA512, - } -) - -// Available returns true if the digest type is available for use. If this -// returns false, New and Hash will return nil. -func (a Algorithm) Available() bool { - h, ok := algorithms[a] - if !ok { - return false - } - - // check availability of the hash, as well - return h.Available() -} - -func (a Algorithm) String() string { - return string(a) -} - -// Size returns number of bytes returned by the hash. -func (a Algorithm) Size() int { - h, ok := algorithms[a] - if !ok { - return 0 - } - return h.Size() -} - -// Set implemented to allow use of Algorithm as a command line flag. -func (a *Algorithm) Set(value string) error { - if value == "" { - *a = Canonical - } else { - // just do a type conversion, support is queried with Available. - *a = Algorithm(value) - } - - return nil -} - -// New returns a new digester for the specified algorithm. If the algorithm -// does not have a digester implementation, nil will be returned. This can be -// checked by calling Available before calling New. -func (a Algorithm) New() Digester { - return &digester{ - alg: a, - hash: a.Hash(), - } -} - -// Hash returns a new hash as used by the algorithm. If not available, the -// method will panic. Check Algorithm.Available() before calling. -func (a Algorithm) Hash() hash.Hash { - if !a.Available() { - // NOTE(stevvooe): A missing hash is usually a programming error that - // must be resolved at compile time. We don't import in the digest - // package to allow users to choose their hash implementation (such as - // when using stevvooe/resumable or a hardware accelerated package). - // - // Applications that may want to resolve the hash at runtime should - // call Algorithm.Available before call Algorithm.Hash(). - panic(fmt.Sprintf("%v not available (make sure it is imported)", a)) - } - - return algorithms[a].New() -} - -// FromReader returns the digest of the reader using the algorithm. -func (a Algorithm) FromReader(rd io.Reader) (Digest, error) { - digester := a.New() - - if _, err := io.Copy(digester.Hash(), rd); err != nil { - return "", err - } - - return digester.Digest(), nil -} - -// FromBytes digests the input and returns a Digest. -func (a Algorithm) FromBytes(p []byte) Digest { - digester := a.New() - - if _, err := digester.Hash().Write(p); err != nil { - // Writes to a Hash should never fail. None of the existing - // hash implementations in the stdlib or hashes vendored - // here can return errors from Write. Having a panic in this - // condition instead of having FromBytes return an error value - // avoids unnecessary error handling paths in all callers. - panic("write to hash function returned error: " + err.Error()) - } - - return digester.Digest() -} - -// TODO(stevvooe): Allow resolution of verifiers using the digest type and -// this registration system. - -// Digester calculates the digest of written data. Writes should go directly -// to the return value of Hash, while calling Digest will return the current -// value of the digest. -type Digester interface { - Hash() hash.Hash // provides direct access to underlying hash instance. - Digest() Digest -} - -// digester provides a simple digester definition that embeds a hasher. -type digester struct { - alg Algorithm - hash hash.Hash -} - -func (d *digester) Hash() hash.Hash { - return d.hash -} - -func (d *digester) Digest() Digest { - return NewDigest(d.alg, d.hash) -} diff --git a/vendor/github.com/docker/distribution/digest/digester_resumable_test.go b/vendor/github.com/docker/distribution/digest/digester_resumable_test.go deleted file mode 100644 index 6ba21c80..00000000 --- a/vendor/github.com/docker/distribution/digest/digester_resumable_test.go +++ /dev/null @@ -1,21 +0,0 @@ -// +build !noresumabledigest - -package digest - -import ( - "testing" - - "github.com/stevvooe/resumable" - _ "github.com/stevvooe/resumable/sha256" -) - -// TestResumableDetection just ensures that the resumable capability of a hash -// is exposed through the digester type, which is just a hash plus a Digest -// method. -func TestResumableDetection(t *testing.T) { - d := Canonical.New() - - if _, ok := d.Hash().(resumable.Hash); !ok { - t.Fatalf("expected digester to implement resumable.Hash: %#v, %v", d, d.Hash()) - } -} diff --git a/vendor/github.com/docker/distribution/digest/doc.go b/vendor/github.com/docker/distribution/digest/doc.go deleted file mode 100644 index f64b0db3..00000000 --- a/vendor/github.com/docker/distribution/digest/doc.go +++ /dev/null @@ -1,42 +0,0 @@ -// Package digest provides a generalized type to opaquely represent message -// digests and their operations within the registry. The Digest type is -// designed to serve as a flexible identifier in a content-addressable system. -// More importantly, it provides tools and wrappers to work with -// hash.Hash-based digests with little effort. -// -// Basics -// -// The format of a digest is simply a string with two parts, dubbed the -// "algorithm" and the "digest", separated by a colon: -// -// : -// -// An example of a sha256 digest representation follows: -// -// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc -// -// In this case, the string "sha256" is the algorithm and the hex bytes are -// the "digest". -// -// Because the Digest type is simply a string, once a valid Digest is -// obtained, comparisons are cheap, quick and simple to express with the -// standard equality operator. -// -// Verification -// -// The main benefit of using the Digest type is simple verification against a -// given digest. The Verifier interface, modeled after the stdlib hash.Hash -// interface, provides a common write sink for digest verification. After -// writing is complete, calling the Verifier.Verified method will indicate -// whether or not the stream of bytes matches the target digest. -// -// Missing Features -// -// In addition to the above, we intend to add the following features to this -// package: -// -// 1. A Digester type that supports write sink digest calculation. -// -// 2. Suspend and resume of ongoing digest calculations to support efficient digest verification in the registry. -// -package digest diff --git a/vendor/github.com/docker/distribution/digest/set.go b/vendor/github.com/docker/distribution/digest/set.go deleted file mode 100644 index 4b9313c1..00000000 --- a/vendor/github.com/docker/distribution/digest/set.go +++ /dev/null @@ -1,245 +0,0 @@ -package digest - -import ( - "errors" - "sort" - "strings" - "sync" -) - -var ( - // ErrDigestNotFound is used when a matching digest - // could not be found in a set. - ErrDigestNotFound = errors.New("digest not found") - - // ErrDigestAmbiguous is used when multiple digests - // are found in a set. None of the matching digests - // should be considered valid matches. - ErrDigestAmbiguous = errors.New("ambiguous digest string") -) - -// Set is used to hold a unique set of digests which -// may be easily referenced by easily referenced by a string -// representation of the digest as well as short representation. -// The uniqueness of the short representation is based on other -// digests in the set. If digests are omitted from this set, -// collisions in a larger set may not be detected, therefore it -// is important to always do short representation lookups on -// the complete set of digests. To mitigate collisions, an -// appropriately long short code should be used. -type Set struct { - mutex sync.RWMutex - entries digestEntries -} - -// NewSet creates an empty set of digests -// which may have digests added. -func NewSet() *Set { - return &Set{ - entries: digestEntries{}, - } -} - -// checkShortMatch checks whether two digests match as either whole -// values or short values. This function does not test equality, -// rather whether the second value could match against the first -// value. -func checkShortMatch(alg Algorithm, hex, shortAlg, shortHex string) bool { - if len(hex) == len(shortHex) { - if hex != shortHex { - return false - } - if len(shortAlg) > 0 && string(alg) != shortAlg { - return false - } - } else if !strings.HasPrefix(hex, shortHex) { - return false - } else if len(shortAlg) > 0 && string(alg) != shortAlg { - return false - } - return true -} - -// Lookup looks for a digest matching the given string representation. -// If no digests could be found ErrDigestNotFound will be returned -// with an empty digest value. If multiple matches are found -// ErrDigestAmbiguous will be returned with an empty digest value. -func (dst *Set) Lookup(d string) (Digest, error) { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - if len(dst.entries) == 0 { - return "", ErrDigestNotFound - } - var ( - searchFunc func(int) bool - alg Algorithm - hex string - ) - dgst, err := ParseDigest(d) - if err == ErrDigestInvalidFormat { - hex = d - searchFunc = func(i int) bool { - return dst.entries[i].val >= d - } - } else { - hex = dgst.Hex() - alg = dgst.Algorithm() - searchFunc = func(i int) bool { - if dst.entries[i].val == hex { - return dst.entries[i].alg >= alg - } - return dst.entries[i].val >= hex - } - } - idx := sort.Search(len(dst.entries), searchFunc) - if idx == len(dst.entries) || !checkShortMatch(dst.entries[idx].alg, dst.entries[idx].val, string(alg), hex) { - return "", ErrDigestNotFound - } - if dst.entries[idx].alg == alg && dst.entries[idx].val == hex { - return dst.entries[idx].digest, nil - } - if idx+1 < len(dst.entries) && checkShortMatch(dst.entries[idx+1].alg, dst.entries[idx+1].val, string(alg), hex) { - return "", ErrDigestAmbiguous - } - - return dst.entries[idx].digest, nil -} - -// Add adds the given digest to the set. An error will be returned -// if the given digest is invalid. If the digest already exists in the -// set, this operation will be a no-op. -func (dst *Set) Add(d Digest) error { - if err := d.Validate(); err != nil { - return err - } - dst.mutex.Lock() - defer dst.mutex.Unlock() - entry := &digestEntry{alg: d.Algorithm(), val: d.Hex(), digest: d} - searchFunc := func(i int) bool { - if dst.entries[i].val == entry.val { - return dst.entries[i].alg >= entry.alg - } - return dst.entries[i].val >= entry.val - } - idx := sort.Search(len(dst.entries), searchFunc) - if idx == len(dst.entries) { - dst.entries = append(dst.entries, entry) - return nil - } else if dst.entries[idx].digest == d { - return nil - } - - entries := append(dst.entries, nil) - copy(entries[idx+1:], entries[idx:len(entries)-1]) - entries[idx] = entry - dst.entries = entries - return nil -} - -// Remove removes the given digest from the set. An err will be -// returned if the given digest is invalid. If the digest does -// not exist in the set, this operation will be a no-op. -func (dst *Set) Remove(d Digest) error { - if err := d.Validate(); err != nil { - return err - } - dst.mutex.Lock() - defer dst.mutex.Unlock() - entry := &digestEntry{alg: d.Algorithm(), val: d.Hex(), digest: d} - searchFunc := func(i int) bool { - if dst.entries[i].val == entry.val { - return dst.entries[i].alg >= entry.alg - } - return dst.entries[i].val >= entry.val - } - idx := sort.Search(len(dst.entries), searchFunc) - // Not found if idx is after or value at idx is not digest - if idx == len(dst.entries) || dst.entries[idx].digest != d { - return nil - } - - entries := dst.entries - copy(entries[idx:], entries[idx+1:]) - entries = entries[:len(entries)-1] - dst.entries = entries - - return nil -} - -// All returns all the digests in the set -func (dst *Set) All() []Digest { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - retValues := make([]Digest, len(dst.entries)) - for i := range dst.entries { - retValues[i] = dst.entries[i].digest - } - - return retValues -} - -// ShortCodeTable returns a map of Digest to unique short codes. The -// length represents the minimum value, the maximum length may be the -// entire value of digest if uniqueness cannot be achieved without the -// full value. This function will attempt to make short codes as short -// as possible to be unique. -func ShortCodeTable(dst *Set, length int) map[Digest]string { - dst.mutex.RLock() - defer dst.mutex.RUnlock() - m := make(map[Digest]string, len(dst.entries)) - l := length - resetIdx := 0 - for i := 0; i < len(dst.entries); i++ { - var short string - extended := true - for extended { - extended = false - if len(dst.entries[i].val) <= l { - short = dst.entries[i].digest.String() - } else { - short = dst.entries[i].val[:l] - for j := i + 1; j < len(dst.entries); j++ { - if checkShortMatch(dst.entries[j].alg, dst.entries[j].val, "", short) { - if j > resetIdx { - resetIdx = j - } - extended = true - } else { - break - } - } - if extended { - l++ - } - } - } - m[dst.entries[i].digest] = short - if i >= resetIdx { - l = length - } - } - return m -} - -type digestEntry struct { - alg Algorithm - val string - digest Digest -} - -type digestEntries []*digestEntry - -func (d digestEntries) Len() int { - return len(d) -} - -func (d digestEntries) Less(i, j int) bool { - if d[i].val != d[j].val { - return d[i].val < d[j].val - } - return d[i].alg < d[j].alg -} - -func (d digestEntries) Swap(i, j int) { - d[i], d[j] = d[j], d[i] -} diff --git a/vendor/github.com/docker/distribution/digest/set_test.go b/vendor/github.com/docker/distribution/digest/set_test.go deleted file mode 100644 index e9dab879..00000000 --- a/vendor/github.com/docker/distribution/digest/set_test.go +++ /dev/null @@ -1,368 +0,0 @@ -package digest - -import ( - "crypto/sha256" - "encoding/binary" - "math/rand" - "testing" -) - -func assertEqualDigests(t *testing.T, d1, d2 Digest) { - if d1 != d2 { - t.Fatalf("Digests do not match:\n\tActual: %s\n\tExpected: %s", d1, d2) - } -} - -func TestLookup(t *testing.T) { - digests := []Digest{ - "sha256:1234511111111111111111111111111111111111111111111111111111111111", - "sha256:1234111111111111111111111111111111111111111111111111111111111111", - "sha256:1234611111111111111111111111111111111111111111111111111111111111", - "sha256:5432111111111111111111111111111111111111111111111111111111111111", - "sha256:6543111111111111111111111111111111111111111111111111111111111111", - "sha256:6432111111111111111111111111111111111111111111111111111111111111", - "sha256:6542111111111111111111111111111111111111111111111111111111111111", - "sha256:6532111111111111111111111111111111111111111111111111111111111111", - } - - dset := NewSet() - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - t.Fatal(err) - } - } - - dgst, err := dset.Lookup("54") - if err != nil { - t.Fatal(err) - } - assertEqualDigests(t, dgst, digests[3]) - - dgst, err = dset.Lookup("1234") - if err == nil { - t.Fatal("Expected ambiguous error looking up: 1234") - } - if err != ErrDigestAmbiguous { - t.Fatal(err) - } - - dgst, err = dset.Lookup("9876") - if err == nil { - t.Fatal("Expected ambiguous error looking up: 9876") - } - if err != ErrDigestNotFound { - t.Fatal(err) - } - - dgst, err = dset.Lookup("sha256:1234") - if err == nil { - t.Fatal("Expected ambiguous error looking up: sha256:1234") - } - if err != ErrDigestAmbiguous { - t.Fatal(err) - } - - dgst, err = dset.Lookup("sha256:12345") - if err != nil { - t.Fatal(err) - } - assertEqualDigests(t, dgst, digests[0]) - - dgst, err = dset.Lookup("sha256:12346") - if err != nil { - t.Fatal(err) - } - assertEqualDigests(t, dgst, digests[2]) - - dgst, err = dset.Lookup("12346") - if err != nil { - t.Fatal(err) - } - assertEqualDigests(t, dgst, digests[2]) - - dgst, err = dset.Lookup("12345") - if err != nil { - t.Fatal(err) - } - assertEqualDigests(t, dgst, digests[0]) -} - -func TestAddDuplication(t *testing.T) { - digests := []Digest{ - "sha256:1234111111111111111111111111111111111111111111111111111111111111", - "sha256:1234511111111111111111111111111111111111111111111111111111111111", - "sha256:1234611111111111111111111111111111111111111111111111111111111111", - "sha256:5432111111111111111111111111111111111111111111111111111111111111", - "sha256:6543111111111111111111111111111111111111111111111111111111111111", - "sha512:65431111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", - "sha512:65421111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", - "sha512:65321111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", - } - - dset := NewSet() - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - t.Fatal(err) - } - } - - if len(dset.entries) != 8 { - t.Fatal("Invalid dset size") - } - - if err := dset.Add(Digest("sha256:1234511111111111111111111111111111111111111111111111111111111111")); err != nil { - t.Fatal(err) - } - - if len(dset.entries) != 8 { - t.Fatal("Duplicate digest insert allowed") - } - - if err := dset.Add(Digest("sha384:123451111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111")); err != nil { - t.Fatal(err) - } - - if len(dset.entries) != 9 { - t.Fatal("Insert with different algorithm not allowed") - } -} - -func TestRemove(t *testing.T) { - digests, err := createDigests(10) - if err != nil { - t.Fatal(err) - } - - dset := NewSet() - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - t.Fatal(err) - } - } - - dgst, err := dset.Lookup(digests[0].String()) - if err != nil { - t.Fatal(err) - } - if dgst != digests[0] { - t.Fatalf("Unexpected digest value:\n\tExpected: %s\n\tActual: %s", digests[0], dgst) - } - - if err := dset.Remove(digests[0]); err != nil { - t.Fatal(err) - } - - if _, err := dset.Lookup(digests[0].String()); err != ErrDigestNotFound { - t.Fatalf("Expected error %v when looking up removed digest, got %v", ErrDigestNotFound, err) - } -} - -func TestAll(t *testing.T) { - digests, err := createDigests(100) - if err != nil { - t.Fatal(err) - } - - dset := NewSet() - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - t.Fatal(err) - } - } - - all := map[Digest]struct{}{} - for _, dgst := range dset.All() { - all[dgst] = struct{}{} - } - - if len(all) != len(digests) { - t.Fatalf("Unexpected number of unique digests found:\n\tExpected: %d\n\tActual: %d", len(digests), len(all)) - } - - for i, dgst := range digests { - if _, ok := all[dgst]; !ok { - t.Fatalf("Missing element at position %d: %s", i, dgst) - } - } - -} - -func assertEqualShort(t *testing.T, actual, expected string) { - if actual != expected { - t.Fatalf("Unexpected short value:\n\tExpected: %s\n\tActual: %s", expected, actual) - } -} - -func TestShortCodeTable(t *testing.T) { - digests := []Digest{ - "sha256:1234111111111111111111111111111111111111111111111111111111111111", - "sha256:1234511111111111111111111111111111111111111111111111111111111111", - "sha256:1234611111111111111111111111111111111111111111111111111111111111", - "sha256:5432111111111111111111111111111111111111111111111111111111111111", - "sha256:6543111111111111111111111111111111111111111111111111111111111111", - "sha256:6432111111111111111111111111111111111111111111111111111111111111", - "sha256:6542111111111111111111111111111111111111111111111111111111111111", - "sha256:6532111111111111111111111111111111111111111111111111111111111111", - } - - dset := NewSet() - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - t.Fatal(err) - } - } - - dump := ShortCodeTable(dset, 2) - - if len(dump) < len(digests) { - t.Fatalf("Error unexpected size: %d, expecting %d", len(dump), len(digests)) - } - assertEqualShort(t, dump[digests[0]], "12341") - assertEqualShort(t, dump[digests[1]], "12345") - assertEqualShort(t, dump[digests[2]], "12346") - assertEqualShort(t, dump[digests[3]], "54") - assertEqualShort(t, dump[digests[4]], "6543") - assertEqualShort(t, dump[digests[5]], "64") - assertEqualShort(t, dump[digests[6]], "6542") - assertEqualShort(t, dump[digests[7]], "653") -} - -func createDigests(count int) ([]Digest, error) { - r := rand.New(rand.NewSource(25823)) - digests := make([]Digest, count) - for i := range digests { - h := sha256.New() - if err := binary.Write(h, binary.BigEndian, r.Int63()); err != nil { - return nil, err - } - digests[i] = NewDigest("sha256", h) - } - return digests, nil -} - -func benchAddNTable(b *testing.B, n int) { - digests, err := createDigests(n) - if err != nil { - b.Fatal(err) - } - b.ResetTimer() - for i := 0; i < b.N; i++ { - dset := &Set{entries: digestEntries(make([]*digestEntry, 0, n))} - for j := range digests { - if err = dset.Add(digests[j]); err != nil { - b.Fatal(err) - } - } - } -} - -func benchLookupNTable(b *testing.B, n int, shortLen int) { - digests, err := createDigests(n) - if err != nil { - b.Fatal(err) - } - dset := &Set{entries: digestEntries(make([]*digestEntry, 0, n))} - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - b.Fatal(err) - } - } - shorts := make([]string, 0, n) - for _, short := range ShortCodeTable(dset, shortLen) { - shorts = append(shorts, short) - } - - b.ResetTimer() - for i := 0; i < b.N; i++ { - if _, err = dset.Lookup(shorts[i%n]); err != nil { - b.Fatal(err) - } - } -} - -func benchRemoveNTable(b *testing.B, n int) { - digests, err := createDigests(n) - if err != nil { - b.Fatal(err) - } - b.ResetTimer() - for i := 0; i < b.N; i++ { - dset := &Set{entries: digestEntries(make([]*digestEntry, 0, n))} - b.StopTimer() - for j := range digests { - if err = dset.Add(digests[j]); err != nil { - b.Fatal(err) - } - } - b.StartTimer() - for j := range digests { - if err = dset.Remove(digests[j]); err != nil { - b.Fatal(err) - } - } - } -} - -func benchShortCodeNTable(b *testing.B, n int, shortLen int) { - digests, err := createDigests(n) - if err != nil { - b.Fatal(err) - } - dset := &Set{entries: digestEntries(make([]*digestEntry, 0, n))} - for i := range digests { - if err := dset.Add(digests[i]); err != nil { - b.Fatal(err) - } - } - - b.ResetTimer() - for i := 0; i < b.N; i++ { - ShortCodeTable(dset, shortLen) - } -} - -func BenchmarkAdd10(b *testing.B) { - benchAddNTable(b, 10) -} - -func BenchmarkAdd100(b *testing.B) { - benchAddNTable(b, 100) -} - -func BenchmarkAdd1000(b *testing.B) { - benchAddNTable(b, 1000) -} - -func BenchmarkRemove10(b *testing.B) { - benchRemoveNTable(b, 10) -} - -func BenchmarkRemove100(b *testing.B) { - benchRemoveNTable(b, 100) -} - -func BenchmarkRemove1000(b *testing.B) { - benchRemoveNTable(b, 1000) -} - -func BenchmarkLookup10(b *testing.B) { - benchLookupNTable(b, 10, 12) -} - -func BenchmarkLookup100(b *testing.B) { - benchLookupNTable(b, 100, 12) -} - -func BenchmarkLookup1000(b *testing.B) { - benchLookupNTable(b, 1000, 12) -} - -func BenchmarkShortCode10(b *testing.B) { - benchShortCodeNTable(b, 10, 12) -} -func BenchmarkShortCode100(b *testing.B) { - benchShortCodeNTable(b, 100, 12) -} -func BenchmarkShortCode1000(b *testing.B) { - benchShortCodeNTable(b, 1000, 12) -} diff --git a/vendor/github.com/docker/distribution/digest/verifiers.go b/vendor/github.com/docker/distribution/digest/verifiers.go deleted file mode 100644 index 9af3be13..00000000 --- a/vendor/github.com/docker/distribution/digest/verifiers.go +++ /dev/null @@ -1,44 +0,0 @@ -package digest - -import ( - "hash" - "io" -) - -// Verifier presents a general verification interface to be used with message -// digests and other byte stream verifications. Users instantiate a Verifier -// from one of the various methods, write the data under test to it then check -// the result with the Verified method. -type Verifier interface { - io.Writer - - // Verified will return true if the content written to Verifier matches - // the digest. - Verified() bool -} - -// NewDigestVerifier returns a verifier that compares the written bytes -// against a passed in digest. -func NewDigestVerifier(d Digest) (Verifier, error) { - if err := d.Validate(); err != nil { - return nil, err - } - - return hashVerifier{ - hash: d.Algorithm().Hash(), - digest: d, - }, nil -} - -type hashVerifier struct { - digest Digest - hash hash.Hash -} - -func (hv hashVerifier) Write(p []byte) (n int, err error) { - return hv.hash.Write(p) -} - -func (hv hashVerifier) Verified() bool { - return hv.digest == NewDigest(hv.digest.Algorithm(), hv.hash) -} diff --git a/vendor/github.com/docker/distribution/digest/verifiers_test.go b/vendor/github.com/docker/distribution/digest/verifiers_test.go deleted file mode 100644 index c342d6e7..00000000 --- a/vendor/github.com/docker/distribution/digest/verifiers_test.go +++ /dev/null @@ -1,49 +0,0 @@ -package digest - -import ( - "bytes" - "crypto/rand" - "io" - "testing" -) - -func TestDigestVerifier(t *testing.T) { - p := make([]byte, 1<<20) - rand.Read(p) - digest := FromBytes(p) - - verifier, err := NewDigestVerifier(digest) - if err != nil { - t.Fatalf("unexpected error getting digest verifier: %s", err) - } - - io.Copy(verifier, bytes.NewReader(p)) - - if !verifier.Verified() { - t.Fatalf("bytes not verified") - } -} - -// TestVerifierUnsupportedDigest ensures that unsupported digest validation is -// flowing through verifier creation. -func TestVerifierUnsupportedDigest(t *testing.T) { - unsupported := Digest("bean:0123456789abcdef") - - _, err := NewDigestVerifier(unsupported) - if err == nil { - t.Fatalf("expected error when creating verifier") - } - - if err != ErrDigestUnsupported { - t.Fatalf("incorrect error for unsupported digest: %v", err) - } -} - -// TODO(stevvooe): Add benchmarks to measure bytes/second throughput for -// DigestVerifier. -// -// The relevant benchmark for comparison can be run with the following -// commands: -// -// go test -bench . crypto/sha1 -// diff --git a/vendor/github.com/docker/distribution/doc.go b/vendor/github.com/docker/distribution/doc.go deleted file mode 100644 index bdd8cb70..00000000 --- a/vendor/github.com/docker/distribution/doc.go +++ /dev/null @@ -1,7 +0,0 @@ -// Package distribution will define the interfaces for the components of -// docker distribution. The goal is to allow users to reliably package, ship -// and store content related to docker images. -// -// This is currently a work in progress. More details are available in the -// README.md. -package distribution diff --git a/vendor/github.com/docker/distribution/docs/README.md b/vendor/github.com/docker/distribution/docs/README.md deleted file mode 100644 index b26dc375..00000000 --- a/vendor/github.com/docker/distribution/docs/README.md +++ /dev/null @@ -1,16 +0,0 @@ -# The docs have been moved! - -The documentation for Registry has been merged into -[the general documentation repo](https://github.com/docker/docker.github.io). -Commit history has been preserved. - -The docs for Registry are now here: -https://github.com/docker/docker.github.io/tree/master/registry - -> Note: The definitive [./spec directory](spec/) directory and -[configuration.md](configuration.md) file will be maintained in this repository -and be refreshed periodically in -[the general documentation repo](https://github.com/docker/docker.github.io). - -As always, the docs in the general repo remain open-source and we appreciate -your feedback and pull requests! diff --git a/vendor/github.com/docker/distribution/docs/configuration.md b/vendor/github.com/docker/distribution/docs/configuration.md deleted file mode 100644 index a1c66b21..00000000 --- a/vendor/github.com/docker/distribution/docs/configuration.md +++ /dev/null @@ -1,1121 +0,0 @@ ---- -title: "Configuring a registry" -description: "Explains how to configure a registry" -keywords: registry, on-prem, images, tags, repository, distribution, configuration ---- - -The Registry configuration is based on a YAML file, detailed below. While it -comes with sane default values out of the box, you should review it exhaustively -before moving your systems to production. - -## Override specific configuration options - -In a typical setup where you run your Registry from the official image, you can -specify a configuration variable from the environment by passing `-e` arguments -to your `docker run` stanza or from within a Dockerfile using the `ENV` -instruction. - -To override a configuration option, create an environment variable named -`REGISTRY_variable` where `variable` is the name of the configuration option -and the `_` (underscore) represents indention levels. For example, you can -configure the `rootdirectory` of the `filesystem` storage backend: - -```none -storage: - filesystem: - rootdirectory: /var/lib/registry -``` - -To override this value, set an environment variable like this: - -```none -REGISTRY_STORAGE_FILESYSTEM_ROOTDIRECTORY=/somewhere -``` - -This variable overrides the `/var/lib/registry` value to the `/somewhere` -directory. - -> **Note**: Create a base configuration file with environment variables that can -> be configured to tweak individual values. Overriding configuration sections -> with environment variables is not recommended. - -## Overriding the entire configuration file - -If the default configuration is not a sound basis for your usage, or if you are -having issues overriding keys from the environment, you can specify an alternate -YAML configuration file by mounting it as a volume in the container. - -Typically, create a new configuration file from scratch,named `config.yml`, then -specify it in the `docker run` command: - -```bash -$ docker run -d -p 5000:5000 --restart=always --name registry \ - -v `pwd`/config.yml:/etc/docker/registry/config.yml \ - registry:2 -``` - -Use this -[example YAML file](https://github.com/docker/distribution/blob/master/cmd/registry/config-example.yml) -as a starting point. - -## List of configuration options - -These are all configuration options for the registry. Some options in the list -are mutually exclusive. Read the detailed reference information about each -option before finalizing your configuration. - -```none -version: 0.1 -log: - accesslog: - disabled: true - level: debug - formatter: text - fields: - service: registry - environment: staging - hooks: - - type: mail - disabled: true - levels: - - panic - options: - smtp: - addr: mail.example.com:25 - username: mailuser - password: password - insecure: true - from: sender@example.com - to: - - errors@example.com -loglevel: debug # deprecated: use "log" -storage: - filesystem: - rootdirectory: /var/lib/registry - maxthreads: 100 - azure: - accountname: accountname - accountkey: base64encodedaccountkey - container: containername - gcs: - bucket: bucketname - keyfile: /path/to/keyfile - rootdirectory: /gcs/object/name/prefix - chunksize: 5242880 - s3: - accesskey: awsaccesskey - secretkey: awssecretkey - region: us-west-1 - regionendpoint: http://myobjects.local - bucket: bucketname - encrypt: true - keyid: mykeyid - secure: true - v4auth: true - chunksize: 5242880 - multipartcopychunksize: 33554432 - multipartcopymaxconcurrency: 100 - multipartcopythresholdsize: 33554432 - rootdirectory: /s3/object/name/prefix - swift: - username: username - password: password - authurl: https://storage.myprovider.com/auth/v1.0 or https://storage.myprovider.com/v2.0 or https://storage.myprovider.com/v3/auth - tenant: tenantname - tenantid: tenantid - domain: domain name for Openstack Identity v3 API - domainid: domain id for Openstack Identity v3 API - insecureskipverify: true - region: fr - container: containername - rootdirectory: /swift/object/name/prefix - oss: - accesskeyid: accesskeyid - accesskeysecret: accesskeysecret - region: OSS region name - endpoint: optional endpoints - internal: optional internal endpoint - bucket: OSS bucket - encrypt: optional data encryption setting - secure: optional ssl setting - chunksize: optional size valye - rootdirectory: optional root directory - inmemory: # This driver takes no parameters - delete: - enabled: false - redirect: - disable: false - cache: - blobdescriptor: redis - maintenance: - uploadpurging: - enabled: true - age: 168h - interval: 24h - dryrun: false - readonly: - enabled: false -auth: - silly: - realm: silly-realm - service: silly-service - token: - realm: token-realm - service: token-service - issuer: registry-token-issuer - rootcertbundle: /root/certs/bundle - htpasswd: - realm: basic-realm - path: /path/to/htpasswd -middleware: - registry: - - name: ARegistryMiddleware - options: - foo: bar - repository: - - name: ARepositoryMiddleware - options: - foo: bar - storage: - - name: cloudfront - options: - baseurl: https://my.cloudfronted.domain.com/ - privatekey: /path/to/pem - keypairid: cloudfrontkeypairid - duration: 3000s - storage: - - name: redirect - options: - baseurl: https://example.com/ -reporting: - bugsnag: - apikey: bugsnagapikey - releasestage: bugsnagreleasestage - endpoint: bugsnagendpoint - newrelic: - licensekey: newreliclicensekey - name: newrelicname - verbose: true -http: - addr: localhost:5000 - prefix: /my/nested/registry/ - host: https://myregistryaddress.org:5000 - secret: asecretforlocaldevelopment - relativeurls: false - tls: - certificate: /path/to/x509/public - key: /path/to/x509/private - clientcas: - - /path/to/ca.pem - - /path/to/another/ca.pem - letsencrypt: - cachefile: /path/to/cache-file - email: emailused@letsencrypt.com - debug: - addr: localhost:5001 - headers: - X-Content-Type-Options: [nosniff] - http2: - disabled: false -notifications: - endpoints: - - name: alistener - disabled: false - url: https://my.listener.com/event - headers: - timeout: 500 - threshold: 5 - backoff: 1000 - ignoredmediatypes: - - application/octet-stream -redis: - addr: localhost:6379 - password: asecret - db: 0 - dialtimeout: 10ms - readtimeout: 10ms - writetimeout: 10ms - pool: - maxidle: 16 - maxactive: 64 - idletimeout: 300s -health: - storagedriver: - enabled: true - interval: 10s - threshold: 3 - file: - - file: /path/to/checked/file - interval: 10s - http: - - uri: http://server.to.check/must/return/200 - headers: - Authorization: [Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==] - statuscode: 200 - timeout: 3s - interval: 10s - threshold: 3 - tcp: - - addr: redis-server.domain.com:6379 - timeout: 3s - interval: 10s - threshold: 3 -proxy: - remoteurl: https://registry-1.docker.io - username: [username] - password: [password] -compatibility: - schema1: - signingkeyfile: /etc/registry/key.json -validation: - enabled: true - manifests: - urls: - allow: - - ^https?://([^/]+\.)*example\.com/ - deny: - - ^https?://www\.example\.com/ -``` - -In some instances a configuration option is **optional** but it contains child -options marked as **required**. In these cases, you can omit the parent with -all its children. However, if the parent is included, you must also include all -the children marked **required**. - -## `version` - -```none -version: 0.1 -``` - -The `version` option is **required**. It specifies the configuration's version. -It is expected to remain a top-level field, to allow for a consistent version -check before parsing the remainder of the configuration file. - -## `log` - -The `log` subsection configures the behavior of the logging system. The logging -system outputs everything to stdout. You can adjust the granularity and format -with this configuration section. - -```none -log: - accesslog: - disabled: true - level: debug - formatter: text - fields: - service: registry - environment: staging -``` - -| Parameter | Required | Description | -|-------------|----------|-------------| -| `level` | no | Sets the sensitivity of logging output. Permitted values are `error`, `warn`, `info`, and `debug`. The default is `info`. | -| `formatter` | no | This selects the format of logging output. The format primarily affects how keyed attributes for a log line are encoded. Options are `text`, `json`, and `logstash`. The default is `text`. | -| `fields` | no | A map of field names to values. These are added to every log line for the context. This is useful for identifying log messages source after being mixed in other systems. | - -### `accesslog` - -```none -accesslog: - disabled: true -``` - -Within `log`, `accesslog` configures the behavior of the access logging -system. By default, the access logging system outputs to stdout in -[Combined Log Format](https://httpd.apache.org/docs/2.4/logs.html#combined). -Access logging can be disabled by setting the boolean flag `disabled` to `true`. - -## `hooks` - -```none -hooks: - - type: mail - levels: - - panic - options: - smtp: - addr: smtp.sendhost.com:25 - username: sendername - password: password - insecure: true - from: name@sendhost.com - to: - - name@receivehost.com -``` - -The `hooks` subsection configures the logging hooks' behavior. This subsection -includes a sequence handler which you can use for sending mail, for example. -Refer to `loglevel` to configure the level of messages printed. - -## `loglevel` - -> **DEPRECATED:** Please use [log](#log) instead. - -```none -loglevel: debug -``` - -Permitted values are `error`, `warn`, `info` and `debug`. The default is -`info`. - -## `storage` - -```none -storage: - filesystem: - rootdirectory: /var/lib/registry - azure: - accountname: accountname - accountkey: base64encodedaccountkey - container: containername - gcs: - bucket: bucketname - keyfile: /path/to/keyfile - rootdirectory: /gcs/object/name/prefix - s3: - accesskey: awsaccesskey - secretkey: awssecretkey - region: us-west-1 - regionendpoint: http://myobjects.local - bucket: bucketname - encrypt: true - keyid: mykeyid - secure: true - v4auth: true - chunksize: 5242880 - multipartcopychunksize: 33554432 - multipartcopymaxconcurrency: 100 - multipartcopythresholdsize: 33554432 - rootdirectory: /s3/object/name/prefix - swift: - username: username - password: password - authurl: https://storage.myprovider.com/auth/v1.0 or https://storage.myprovider.com/v2.0 or https://storage.myprovider.com/v3/auth - tenant: tenantname - tenantid: tenantid - domain: domain name for Openstack Identity v3 API - domainid: domain id for Openstack Identity v3 API - insecureskipverify: true - region: fr - container: containername - rootdirectory: /swift/object/name/prefix - oss: - accesskeyid: accesskeyid - accesskeysecret: accesskeysecret - region: OSS region name - endpoint: optional endpoints - internal: optional internal endpoint - bucket: OSS bucket - encrypt: optional data encryption setting - secure: optional ssl setting - chunksize: optional size valye - rootdirectory: optional root directory - inmemory: - delete: - enabled: false - cache: - blobdescriptor: inmemory - maintenance: - uploadpurging: - enabled: true - age: 168h - interval: 24h - dryrun: false - readonly: - enabled: false - redirect: - disable: false -``` - -The `storage` option is **required** and defines which storage backend is in -use. You must configure exactly one backend. If you configure more, the registry -returns an error. You can choose any of these backend storage drivers: - -| Storage driver | Description | -|---------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| -| `filesystem` | Uses the local disk to store registry files. It is ideal for development and may be appropriate for some small-scale production applications. See the [driver's reference documentation](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/filesystem.md). | -| `azure` | Uses Microsoft Azure Blob Storage. See the [driver's reference documentation](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/azure.md). | -| `gcs` | Uses Google Cloud Storage. See the [driver's reference documentation](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/gcs.md). | -| `s3` | Uses Amazon Simple Storage Service (S3) and compatible Storage Services. See the [driver's reference documentation](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/s3.md). | -| `swift` | Uses Openstack Swift object storage. See the [driver's reference documentation](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/swift.md). | -| `oss` | Uses Aliyun OSS for object storage. See the [driver's reference documentation](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/oss.md). | - -For testing only, you can use the [`inmemory` storage -driver](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/inmemory.md). -If you would like to run a registry from volatile memory, use the -[`filesystem` driver](https://github.com/docker/docker.github.io/tree/master/registry/storage-drivers/filesystem.md) -on a ramdisk. - -If you are deploying a registry on Windows, a Windows volume mounted from the -host is not recommended. Instead, you can use a S3 or Azure backing -data-store. If you do use a Windows volume, the length of the `PATH` to -the mount point must be within the `MAX_PATH` limits (typically 255 characters), -or this error will occur: - -```none -mkdir /XXX protocol error and your registry will not function properly. -``` - -### `maintenance` - -Currently, upload purging and read-only mode are the only `maintenance` -functions available. - -### `uploadpurging` - -Upload purging is a background process that periodically removes orphaned files -from the upload directories of the registry. Upload purging is enabled by -default. To configure upload directory purging, the following parameters must -be set. - - -| Parameter | Required | Description | -|------------|----------|----------------------------------------------------------------------------------------------------| -| `enabled` | yes | Set to `true` to enable upload purging. Defaults to `true`. | -| `age` | yes | Upload directories which are older than this age will be deleted.Defaults to `168h` (1 week). | -| `interval` | yes | The interval between upload directory purging. Defaults to `24h`. | -| `dryrun` | yes | Set `dryrun` to `true` to obtain a summary of what directories will be deleted. Defaults to `false`.| - -> **Note**: `age` and `interval` are strings containing a number with optional -fraction and a unit suffix. Some examples: `45m`, `2h10m`, `168h`. - -### `readonly` - -If the `readonly` section under `maintenance` has `enabled` set to `true`, -clients will not be allowed to write to the registry. This mode is useful to -temporarily prevent writes to the backend storage so a garbage collection pass -can be run. Before running garbage collection, the registry should be -restarted with readonly's `enabled` set to true. After the garbage collection -pass finishes, the registry may be restarted again, this time with `readonly` -removed from the configuration (or set to false). - -### `delete` - -Use the `delete` structure to enable the deletion of image blobs and manifests -by digest. It defaults to false, but it can be enabled by writing the following -on the configuration file: - -```none -delete: - enabled: true -``` - -### `cache` - -Use the `cache` structure to enable caching of data accessed in the storage -backend. Currently, the only available cache provides fast access to layer -metadata, which uses the `blobdescriptor` field if configured. - -You can set `blobdescriptor` field to `redis` or `inmemory`. If set to `redis`,a -Redis pool caches layer metadata. If set to `inmemory`, an in-memory map caches -layer metadata. - -> **NOTE**: Formerly, `blobdescriptor` was known as `layerinfo`. While these -> are equivalent, `layerinfo` has been deprecated. - -### `redirect` - -The `redirect` subsection provides configuration for managing redirects from -content backends. For backends that support it, redirecting is enabled by -default. In certain deployment scenarios, you may decide to route all data -through the Registry, rather than redirecting to the backend. This may be more -efficient when using a backend that is not co-located or when a registry -instance is aggressively caching. - -To disable redirects, add a single flag `disable`, set to `true` -under the `redirect` section: - -```none -redirect: - disable: true -``` - -## `auth` - -```none -auth: - silly: - realm: silly-realm - service: silly-service - token: - realm: token-realm - service: token-service - issuer: registry-token-issuer - rootcertbundle: /root/certs/bundle - htpasswd: - realm: basic-realm - path: /path/to/htpasswd -``` - -The `auth` option is **optional**. Possible auth providers include: - -- [`silly`](#silly) -- [`token`](#token) -- [`htpasswd`](#token) - -You can configure only one authentication provider. - -### `silly` - -The `silly` authentication provider is only appropriate for development. It simply checks -for the existence of the `Authorization` header in the HTTP request. It does not -check the header's value. If the header does not exist, the `silly` auth -responds with a challenge response, echoing back the realm, service, and scope -for which access was denied. - -The following values are used to configure the response: - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `realm` | yes | The realm in which the registry server authenticates. | -| `service` | yes | The service being authenticated. | - -### `token` - -Token-based authentication allows you to decouple the authentication system from -the registry. It is an established authentication paradigm with a high degree of -security. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `realm` | yes | The realm in which the registry server authenticates. | -| `service` | yes | The service being authenticated. | -| `issuer` | yes | The name of the token issuer. The issuer inserts this into the token so it must match the value configured for the issuer. | -| `rootcertbundle` | yes | The absolute path to the root certificate bundle. This bundle contains the public part of the certificates used to sign authentication tokens. | - - -For more information about Token based authentication configuration, see the -[specification](spec/auth/token.md). - -### `htpasswd` - -The _htpasswd_ authentication backed allows you to configure basic -authentication using an -[Apache htpasswd file](https://httpd.apache.org/docs/2.4/programs/htpasswd.html). -The only supported password format is -[`bcrypt`](http://en.wikipedia.org/wiki/Bcrypt). Entries with other hash types -are ignored. The `htpasswd` file is loaded once, at startup. If the file is -invalid, the registry will display an error and will not start. - -> **Warning**: Only use the `htpasswd` authentication scheme with TLS -> configured, since basic authentication sends passwords as part of the HTTP -> header. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `realm` | yes | The realm in which the registry server authenticates. | -| `path` | yes | The path to the `htpasswd` file to load at startup. | - -## `middleware` - -The `middleware` structure is **optional**. Use this option to inject middleware at -named hook points. Each middleware must implement the same interface as the -object it is wrapping. For instance, a registry middleware must implement the -`distribution.Namespace` interface, while a repository middleware must implement -`distribution.Repository`, and a storage middleware must implement -`driver.StorageDriver`. - -This is an example configuration of the `cloudfront` middleware, a storage -middleware: - -```none -middleware: - registry: - - name: ARegistryMiddleware - options: - foo: bar - repository: - - name: ARepositoryMiddleware - options: - foo: bar - storage: - - name: cloudfront - options: - baseurl: https://my.cloudfronted.domain.com/ - privatekey: /path/to/pem - keypairid: cloudfrontkeypairid - duration: 3000s -``` - -Each middleware entry has `name` and `options` entries. The `name` must -correspond to the name under which the middleware registers itself. The -`options` field is a map that details custom configuration required to -initialize the middleware. It is treated as a `map[string]interface{}`. As such, -it supports any interesting structures desired, leaving it up to the middleware -initialization function to best determine how to handle the specific -interpretation of the options. - -### `cloudfront` - - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `baseurl` | yes | The `SCHEME://HOST[/PATH]` at which Cloudfront is served. | -| `privatekey` | yes | The private key for Cloudfront, provided by AWS. | -| `keypairid` | yes | The key pair ID provided by AWS. | -| `duration` | no | An integer and unit for the duration of the Cloudfront session. Valid time units are `ns`, `us` (or `µs`), `ms`, `s`, `m`, or `h`. For example, `3000s` is valid, but `3000 s` is not. If you do not specify a `duration` or you specify an integer without a time unit, the duration defaults to `20m` (20 minutes).| - -### `redirect` - -You can use the `redirect` storage middleware to specify a custom URL to a -location of a proxy for the layer stored by the S3 storage driver. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------------------------------------------------------------| -| `baseurl` | yes | `SCHEME://HOST` at which layers are served. Can also contain port. For example, `https://example.com:5443`. | - -## `reporting` - -``` -reporting: - bugsnag: - apikey: bugsnagapikey - releasestage: bugsnagreleasestage - endpoint: bugsnagendpoint - newrelic: - licensekey: newreliclicensekey - name: newrelicname - verbose: true -``` - -The `reporting` option is **optional** and configures error and metrics -reporting tools. At the moment only two services are supported: - -- [Bugsnag](#bugsnag) -- [New Relic](#new-relic) - -A valid configuration may contain both. - -### `bugsnag` - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `apikey` | yes | The API Key provided by Bugsnag. | -| `releasestage` | no | Tracks where the registry is deployed, using a string like `production`, `staging`, or `development`.| -| `endpoint`| no | The enterprise Bugsnag endpoint. | - -### `newrelic` - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `licensekey` | yes | License key provided by New Relic. | -| `name` | no | New Relic application name. | -| `verbose`| no | Set to `true` to enable New Relic debugging output on `stdout`. | - -## `http` - -```none -http: - addr: localhost:5000 - net: tcp - prefix: /my/nested/registry/ - host: https://myregistryaddress.org:5000 - secret: asecretforlocaldevelopment - relativeurls: false - tls: - certificate: /path/to/x509/public - key: /path/to/x509/private - clientcas: - - /path/to/ca.pem - - /path/to/another/ca.pem - letsencrypt: - cachefile: /path/to/cache-file - email: emailused@letsencrypt.com - debug: - addr: localhost:5001 - headers: - X-Content-Type-Options: [nosniff] - http2: - disabled: false -``` - -The `http` option details the configuration for the HTTP server that hosts the -registry. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `addr` | yes | The address for which the server should accept connections. The form depends on a network type (see the `net` option). Use `HOST:PORT` for TCP and `FILE` for a UNIX socket. | -| `net` | no | The network used to create a listening socket. Known networks are `unix` and `tcp`. | -| `prefix` | no | If the server does not run at the root path, set this to the value of the prefix. The root path is the section before `v2`. It requires both preceding and trailing slashes, such as in the example `/path/`. | -| `host` | no | A fully-qualified URL for an externally-reachable address for the registry. If present, it is used when creating generated URLs. Otherwise, these URLs are derived from client requests. | -| `secret` | no | A random piece of data used to sign state that may be stored with the client to protect against tampering. For production environments you should generate a random piece of data using a cryptographically secure random generator. If you omit the secret, the registry will automatically generate a secret when it starts. **If you are building a cluster of registries behind a load balancer, you MUST ensure the secret is the same for all registries.**| -| `relativeurls`| no | If `true`, the registry returns relative URLs in Location headers. The client is responsible for resolving the correct URL. **This option is not compatible with Docker 1.7 and earlier.**| - - -### `tls` - -The `tls` structure within `http` is **optional**. Use this to configure TLS -for the server. If you already have a web server running on -the same host as the registry, you may prefer to configure TLS on that web server -and proxy connections to the registry server. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `certificate` | yes | Absolute path to the x509 certificate file. | -| `key` | yes | Absolute path to the x509 private key file. | -| `clientcas` | no | An array of absolute paths to x509 CA files. | - -### `letsencrypt` - -The `letsencrypt` structure within `tls` is **optional**. Use this to configure -TLS certificates provided by -[Let's Encrypt](https://letsencrypt.org/how-it-works/). - ->**NOTE**: When using Let's Encrypt, ensure that the outward-facing address is -> accessible on port `443`. The registry defaults to listening on port `5000`. -> If you run the registry as a container, consider adding the flag `-p 443:5000` -> to the `docker run` command or using a similar setting in a cloud -> configuration. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `cachefile` | yes | Absolute path to a file where the Let's Encrypt agent can cache data. | -| `email` | yes | The email address used to register with Let's Encrypt. | - -### `debug` - -The `debug` option is **optional** . Use it to configure a debug server that -can be helpful in diagnosing problems. The debug endpoint can be used for -monitoring registry metrics and health, as well as profiling. Sensitive -information may be available via the debug endpoint. Please be certain that -access to the debug endpoint is locked down in a production environment. - -The `debug` section takes a single required `addr` parameter, which specifies -the `HOST:PORT` on which the debug server should accept connections. - -### `headers` - -The `headers` option is **optional** . Use it to specify headers that the HTTP -server should include in responses. This can be used for security headers such -as `Strict-Transport-Security`. - -The `headers` option should contain an option for each header to include, where -the parameter name is the header's name, and the parameter value a list of the -header's payload values. - -Including `X-Content-Type-Options: [nosniff]` is recommended, so that browsers -will not interpret content as HTML if they are directed to load a page from the -registry. This header is included in the example configuration file. - -### `http2` - -The `http2` structure within `http` is **optional**. Use this to control http2 -settings for the registry. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `disabled` | no | If `true`, then `http2` support is disabled. | - -## `notifications` - -```none -notifications: - endpoints: - - name: alistener - disabled: false - url: https://my.listener.com/event - headers: - timeout: 500 - threshold: 5 - backoff: 1000 - ignoredmediatypes: - - application/octet-stream -``` - -The notifications option is **optional** and currently may contain a single -option, `endpoints`. - -### `endpoints` - -The `endpoints` structure contains a list of named services (URLs) that can -accept event notifications. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `name` | yes | A human-readable name for the service. | -| `disabled` | no | If `true`, notifications are disabled for the service.| -| `url` | yes | The URL to which events should be published. | -| `headers` | yes | A list of static headers to add to each request. Each header's name is a key beneath `headers`, and each value is a list of payloads for that header name. Values must always be lists. | -| `timeout` | yes | A value for the HTTP timeout. A positive integer and an optional suffix indicating the unit of time, which may be `ns`, `us`, `ms`, `s`, `m`, or `h`. If you omit the unit of time, `ns` is used. | -| `threshold` | yes | An integer specifying how long to wait before backing off a failure. | -| `backoff` | yes | How long the system backs off before retrying after a failure. A positive integer and an optional suffix indicating the unit of time, which may be `ns`, `us`, `ms`, `s`, `m`, or `h`. If you omit the unit of time, `ns` is used. | -| `ignoredmediatypes`|no| A list of target media types to ignore. Events with these target media types are not published to the endpoint. | - -## `redis` - -```none -redis: - addr: localhost:6379 - password: asecret - db: 0 - dialtimeout: 10ms - readtimeout: 10ms - writetimeout: 10ms - pool: - maxidle: 16 - maxactive: 64 - idletimeout: 300s -``` - -Declare parameters for constructing the `redis` connections. Registry instances -may use the Redis instance for several applications. Currently, it caches -information about immutable blobs. Most of the `redis` options control -how the registry connects to the `redis` instance. You can control the pool's -behavior with the [pool](#pool) subsection. - -You should configure Redis with the **allkeys-lru** eviction policy, because the -registry does not set an expiration value on keys. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `addr` | yes | The address (host and port) of the Redis instance. | -| `password`| no | A password used to authenticate to the Redis instance.| -| `db` | no | The name of the database to use for each connection. | -| `dialtimeout` | no | The timeout for connecting to the Redis instance. | -| `readtimeout` | no | The timeout for reading from the Redis instance. | -| `writetimeout` | no | The timeout for writing to the Redis instance. | - -### `pool` - -```none -pool: - maxidle: 16 - maxactive: 64 - idletimeout: 300s -``` - -Use these settings to configure the behavior of the Redis connection pool. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `maxidle` | no | The maximum number of idle connections in the pool. | -| `maxactive`| no | The maximum number of connections which can be open before blocking a connection request. | -| `idletimeout`| no | How long to wait before closing inactive connections. | - -## `health` - -```none -health: - storagedriver: - enabled: true - interval: 10s - threshold: 3 - file: - - file: /path/to/checked/file - interval: 10s - http: - - uri: http://server.to.check/must/return/200 - headers: - Authorization: [Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==] - statuscode: 200 - timeout: 3s - interval: 10s - threshold: 3 - tcp: - - addr: redis-server.domain.com:6379 - timeout: 3s - interval: 10s - threshold: 3 -``` - -The health option is **optional**, and contains preferences for a periodic -health check on the storage driver's backend storage, as well as optional -periodic checks on local files, HTTP URIs, and/or TCP servers. The results of -the health checks are available at the `/debug/health` endpoint on the debug -HTTP server if the debug HTTP server is enabled (see http section). - -### `storagedriver` - -The `storagedriver` structure contains options for a health check on the -configured storage driver's backend storage. The health check is only active -when `enabled` is set to `true`. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `enabled` | yes | Set to `true` to enable storage driver health checks or `false` to disable them. | -| `interval`| no | How long to wait between repetitions of the storage driver health check. A positive integer and an optional suffix indicating the unit of time. The suffix is one of `ns`, `us`, `ms`, `s`, `m`, or `h`. Defaults to `10s` if the value is omitted. If you specify a value but omit the suffix, the value is interpreted as a number of nanoseconds. | -| `threshold`| no | A positive integer which represents the number of times the check must fail before the state is marked as unhealthy. If not specified, a single failure marks the state as unhealthy. | - -### `file` - -The `file` structure includes a list of paths to be periodically checked for the\ -existence of a file. If a file exists at the given path, the health check will -fail. You can use this mechanism to bring a registry out of rotation by creating -a file. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `file` | yes | The path to check for existence of a file. | -| `interval`| no | How long to wait before repeating the check. A positive integer and an optional suffix indicating the unit of time. The suffix is one of `ns`, `us`, `ms`, `s`, `m`, or `h`. Defaults to `10s` if the value is omitted. | - -### `http` - -The `http` structure includes a list of HTTP URIs to periodically check with -`HEAD` requests. If a `HEAD` request does not complete or returns an unexpected -status code, the health check will fail. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `uri` | yes | The URI to check. | -| `headers` | no | Static headers to add to each request. Each header's name is a key beneath `headers`, and each value is a list of payloads for that header name. Values must always be lists. | -| `statuscode` | no | The expected status code from the HTTP URI. Defaults to `200`. | -| `timeout` | no | How long to wait before timing out the HTTP request. A positive integer and an optional suffix indicating the unit of time. The suffix is one of `ns`, `us`, `ms`, `s`, `m`, or `h`. If you specify a value but omit the suffix, the value is interpreted as a number of nanoseconds. | -| `interval`| no | How long to wait before repeating the check. A positive integer and an optional suffix indicating the unit of time. The suffix is one of `ns`, `us`, `ms`, `s`, `m`, or `h`. Defaults to `10s` if the value is omitted. If you specify a value but omit the suffix, the value is interpreted as a number of nanoseconds. | -| `threshold`| no | The number of times the check must fail before the state is marked as unhealthy. If this field is not specified, a single failure marks the state as unhealthy. | - -### `tcp` - -The `tcp` structure includes a list of TCP addresses to periodically check using -TCP connection attempts. Addresses must include port numbers. If a connection -attempt fails, the health check will fail. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `addr` | yes | The TCP address and port to connect to. | -| `timeout` | no | How long to wait before timing out the TCP connection. A positive integer and an optional suffix indicating the unit of time. The suffix is one of `ns`, `us`, `ms`, `s`, `m`, or `h`. If you specify a value but omit the suffix, the value is interpreted as a number of nanoseconds. | -| `interval`| no | How long to wait between repetitions of the check. A positive integer and an optional suffix indicating the unit of time. The suffix is one of `ns`, `us`, `ms`, `s`, `m`, or `h`. Defaults to `10s` if the value is omitted. If you specify a value but omit the suffix, the value is interpreted as a number of nanoseconds. | -| `threshold`| no | The number of times the check must fail before the state is marked as unhealthy. If this field is not specified, a single failure marks the state as unhealthy. | - - -## `proxy` - -``` -proxy: - remoteurl: https://registry-1.docker.io - username: [username] - password: [password] -``` - -The `proxy` structure allows a registry to be configured as a pull-through cache -to Docker Hub. See -[mirror](https://github.com/docker/docker.github.io/tree/master/registry/recipes/mirror.md) -for more information. Pushing to a registry configured as a pull-through cache -is unsupported. - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `remoteurl`| yes | The URL for the repository on Docker Hub. | -| `username` | no | The username registered with Docker Hub which has access to the repository. | -| `password` | no | The password used to authenticate to Docker Hub using the username specified in `username`. | - - -To enable pulling private repositories (e.g. `batman/robin`) specify the -username (such as `batman`) and the password for that username. - -> **Note**: These private repositories are stored in the proxy cache's storage. -> Take appropriate measures to protect access to the proxy cache. - -## `compatibility` - -```none -compatibility: - schema1: - signingkeyfile: /etc/registry/key.json -``` - -Use the `compatibility` structure to configure handling of older and deprecated -features. Each subsection defines such a feature with configurable behavior. - -### `schema1` - -| Parameter | Required | Description | -|-----------|----------|-------------------------------------------------------| -| `signingkeyfile` | no | The signing private key used to add signatures to `schema1` manifests. If no signing key is provided, a new ECDSA key is generated when the registry starts. | - -## `validation` - -```none -validation: - enabled: true - manifests: - urls: - allow: - - ^https?://([^/]+\.)*example\.com/ - deny: - - ^https?://www\.example\.com/ -``` - -### `enabled` - -Use the `enabled` flag to enable the other options in the `validation` -section. They are disabled by default. - -### `manifests` - -Use the `manifest` subsection to configure manifest validation. - -#### `urls` - -The `allow` and `deny` options are each a list of -[regular expressions](https://godoc.org/regexp/syntax) that restrict the URLs in -pushed manifests. - -If `allow` is unset, pushing a manifest containing URLs fails. - -If `allow` is set, pushing a manifest succeeds only if all URLs match -one of the `allow` regular expressions **and** one of the following holds: - -1. `deny` is unset. -2. `deny` is set but no URLs within the manifest match any of the `deny` regular - expressions. - -## Example: Development configuration - -You can use this simple example for local development: - -```none -version: 0.1 -log: - level: debug -storage: - filesystem: - rootdirectory: /var/lib/registry -http: - addr: localhost:5000 - secret: asecretforlocaldevelopment - debug: - addr: localhost:5001 -``` - -This example configures the registry instance to run on port `5000`, binding to -`localhost`, with the `debug` server enabled. Registry data is stored in the -`/var/lib/registry` directory. Logging is set to `debug` mode, which is the most -verbose. - -See -[config-example.yml](https://github.com/docker/distribution/blob/master/cmd/registry/config-example.yml) -for another simple configuration. Both examples are generally useful for local -development. - - -## Example: Middleware configuration - -This example configures [Amazon Cloudfront](http://aws.amazon.com/cloudfront/) -as the storage middleware in a registry. Middleware allows the registry to serve -layers via a content delivery network (CDN). This reduces requests to the -storage layer. - -Cloudfront requires the S3 storage driver. - -This is the configuration expressed in YAML: - -```none -middleware: - storage: - - name: cloudfront - disabled: false - options: - baseurl: http://d111111abcdef8.cloudfront.net - privatekey: /path/to/asecret.pem - keypairid: asecret - duration: 60 -``` - -See the configuration reference for [Cloudfront](#cloudfront) for more -information about configuration options. - -> **Note**: Cloudfront keys exist separately from other AWS keys. See -> [the documentation on AWS credentials](http://docs.aws.amazon.com/general/latest/gr/aws-security-credentials.html) -> for more information. diff --git a/vendor/github.com/docker/distribution/docs/spec/api.md b/vendor/github.com/docker/distribution/docs/spec/api.md deleted file mode 100644 index 74ac8e24..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/api.md +++ /dev/null @@ -1,5485 +0,0 @@ ---- -title: "HTTP API V2" -description: "Specification for the Registry API." -keywords: ["registry, on-prem, images, tags, repository, distribution, api, advanced"] ---- - -# Docker Registry HTTP API V2 - -## Introduction - -The _Docker Registry HTTP API_ is the protocol to facilitate distribution of -images to the docker engine. It interacts with instances of the docker -registry, which is a service to manage information about docker images and -enable their distribution. The specification covers the operation of version 2 -of this API, known as _Docker Registry HTTP API V2_. - -While the V1 registry protocol is usable, there are several problems with the -architecture that have led to this new version. The main driver of this -specification is a set of changes to the docker the image format, covered in -[docker/docker#8093](https://github.com/docker/docker/issues/8093). -The new, self-contained image manifest simplifies image definition and improves -security. This specification will build on that work, leveraging new properties -of the manifest format to improve performance, reduce bandwidth usage and -decrease the likelihood of backend corruption. - -For relevant details and history leading up to this specification, please see -the following issues: - -- [docker/docker#8093](https://github.com/docker/docker/issues/8093) -- [docker/docker#9015](https://github.com/docker/docker/issues/9015) -- [docker/docker-registry#612](https://github.com/docker/docker-registry/issues/612) - -### Scope - -This specification covers the URL layout and protocols of the interaction -between docker registry and docker core. This will affect the docker core -registry API and the rewrite of docker-registry. Docker registry -implementations may implement other API endpoints, but they are not covered by -this specification. - -This includes the following features: - -- Namespace-oriented URI Layout -- PUSH/PULL registry server for V2 image manifest format -- Resumable layer PUSH support -- V2 Client library implementation - -While authentication and authorization support will influence this -specification, details of the protocol will be left to a future specification. -Relevant header definitions and error codes are present to provide an -indication of what a client may encounter. - -#### Future - -There are features that have been discussed during the process of cutting this -specification. The following is an incomplete list: - -- Immutable image references -- Multiple architecture support -- Migration from v2compatibility representation - -These may represent features that are either out of the scope of this -specification, the purview of another specification or have been deferred to a -future version. - -### Use Cases - -For the most part, the use cases of the former registry API apply to the new -version. Differentiating use cases are covered below. - -#### Image Verification - -A docker engine instance would like to run verified image named -"library/ubuntu", with the tag "latest". The engine contacts the registry, -requesting the manifest for "library/ubuntu:latest". An untrusted registry -returns a manifest. Before proceeding to download the individual layers, the -engine verifies the manifest's signature, ensuring that the content was -produced from a trusted source and no tampering has occurred. After each layer -is downloaded, the engine verifies the digest of the layer, ensuring that the -content matches that specified by the manifest. - -#### Resumable Push - -Company X's build servers lose connectivity to docker registry before -completing an image layer transfer. After connectivity returns, the build -server attempts to re-upload the image. The registry notifies the build server -that the upload has already been partially attempted. The build server -responds by only sending the remaining data to complete the image file. - -#### Resumable Pull - -Company X is having more connectivity problems but this time in their -deployment datacenter. When downloading an image, the connection is -interrupted before completion. The client keeps the partial data and uses http -`Range` requests to avoid downloading repeated data. - -#### Layer Upload De-duplication - -Company Y's build system creates two identical docker layers from build -processes A and B. Build process A completes uploading the layer before B. -When process B attempts to upload the layer, the registry indicates that its -not necessary because the layer is already known. - -If process A and B upload the same layer at the same time, both operations -will proceed and the first to complete will be stored in the registry (Note: -we may modify this to prevent dogpile with some locking mechanism). - -### Changes - -The V2 specification has been written to work as a living document, specifying -only what is certain and leaving what is not specified open or to future -changes. Only non-conflicting additions should be made to the API and accepted -changes should avoid preventing future changes from happening. - -This section should be updated when changes are made to the specification, -indicating what is different. Optionally, we may start marking parts of the -specification to correspond with the versions enumerated here. - -Each set of changes is given a letter corresponding to a set of modifications -that were applied to the baseline specification. These are merely for -reference and shouldn't be used outside the specification other than to -identify a set of modifications. - -
-
l
-
-
    -
  • Document TOOMANYREQUESTS error code.
    • -
-
- -
k
-
-
    -
  • Document use of Accept and Content-Type headers in manifests endpoint.
    • -
-
- -
j
-
-
    -
  • Add ability to mount blobs across repositories.
    • -
-
- -
i
-
-
    -
  • Clarified expected behavior response to manifest HEAD request.
    • -
-
- -
h
-
-
    -
  • All mention of tarsum removed.
    • -
-
- -
g
-
-
    -
  • Clarify behavior of pagination behavior with unspecified parameters.
    • -
-
- -
f
-
-
    -
  • Specify the delete API for layers and manifests.
    • -
-
- -
e
-
-
    -
  • Added support for listing registry contents.
    • -
  • Added pagination to tags API.
    • -
  • Added common approach to support pagination.
    • -
-
- -
d
-
-
    -
  • Allow repository name components to be one character.
    • -
  • Clarified that single component names are allowed.
    • -
-
- -
c
-
-
    -
  • Added section covering digest format.
    • -
  • Added more clarification that manifest cannot be deleted by tag.
    • -
-
- -
b
-
-
    -
  • Added capability of doing streaming upload to PATCH blob upload.
    • -
  • Updated PUT blob upload to no longer take final chunk, now requires entire data or no data.
    • -
  • Removed `416 Requested Range Not Satisfiable` response status from PUT blob upload.
    • -
-
- -
a
-
-
    -
  • Added support for immutable manifest references in manifest endpoints.
    • -
  • Deleting a manifest by tag has been deprecated.
    • -
  • Specified `Docker-Content-Digest` header for appropriate entities.
    • -
  • Added error code for unsupported operations.
    • -
-
-
- -## Overview - -This section covers client flows and details of the API endpoints. The URI -layout of the new API is structured to support a rich authentication and -authorization model by leveraging namespaces. All endpoints will be prefixed -by the API version and the repository name: - - /v2// - -For example, an API endpoint that will work with the `library/ubuntu` -repository, the URI prefix will be: - - /v2/library/ubuntu/ - -This scheme provides rich access control over various operations and methods -using the URI prefix and http methods that can be controlled in variety of -ways. - -Classically, repository names have always been two path components where each -path component is less than 30 characters. The V2 registry API does not -enforce this. The rules for a repository name are as follows: - -1. A repository name is broken up into _path components_. A component of a - repository name must be at least one lowercase, alpha-numeric characters, - optionally separated by periods, dashes or underscores. More strictly, it - must match the regular expression `[a-z0-9]+(?:[._-][a-z0-9]+)*`. -2. If a repository name has two or more path components, they must be - separated by a forward slash ("/"). -3. The total length of a repository name, including slashes, must be less than - 256 characters. - -These name requirements _only_ apply to the registry API and should accept a -superset of what is supported by other docker ecosystem components. - -All endpoints should support aggressive http caching, compression and range -headers, where appropriate. The new API attempts to leverage HTTP semantics -where possible but may break from standards to implement targeted features. - -For detail on individual endpoints, please see the [_Detail_](#detail) -section. - -### Errors - -Actionable failure conditions, covered in detail in their relevant sections, -are reported as part of 4xx responses, in a json response body. One or more -errors will be returned in the following format: - - { - "errors:" [{ - "code": , - "message": , - "detail": - }, - ... - ] - } - -The `code` field will be a unique identifier, all caps with underscores by -convention. The `message` field will be a human readable string. The optional -`detail` field may contain arbitrary json data providing information the -client can use to resolve the issue. - -While the client can take action on certain error codes, the registry may add -new error codes over time. All client implementations should treat unknown -error codes as `UNKNOWN`, allowing future error codes to be added without -breaking API compatibility. For the purposes of the specification error codes -will only be added and never removed. - -For a complete account of all error codes, please see the [_Errors_](#errors-2) -section. - -### API Version Check - -A minimal endpoint, mounted at `/v2/` will provide version support information -based on its response statuses. The request format is as follows: - - GET /v2/ - -If a `200 OK` response is returned, the registry implements the V2(.1) -registry API and the client may proceed safely with other V2 operations. -Optionally, the response may contain information about the supported paths in -the response body. The client should be prepared to ignore this data. - -If a `401 Unauthorized` response is returned, the client should take action -based on the contents of the "WWW-Authenticate" header and try the endpoint -again. Depending on access control setup, the client may still have to -authenticate against different resources, even if this check succeeds. - -If `404 Not Found` response status, or other unexpected status, is returned, -the client should proceed with the assumption that the registry does not -implement V2 of the API. - -When a `200 OK` or `401 Unauthorized` response is returned, the -"Docker-Distribution-API-Version" header should be set to "registry/2.0". -Clients may require this header value to determine if the endpoint serves this -API. When this header is omitted, clients may fallback to an older API version. - -### Content Digests - -This API design is driven heavily by [content addressability](http://en.wikipedia.org/wiki/Content-addressable_storage). -The core of this design is the concept of a content addressable identifier. It -uniquely identifies content by taking a collision-resistant hash of the bytes. -Such an identifier can be independently calculated and verified by selection -of a common _algorithm_. If such an identifier can be communicated in a secure -manner, one can retrieve the content from an insecure source, calculate it -independently and be certain that the correct content was obtained. Put simply, -the identifier is a property of the content. - -To disambiguate from other concepts, we call this identifier a _digest_. A -_digest_ is a serialized hash result, consisting of a _algorithm_ and _hex_ -portion. The _algorithm_ identifies the methodology used to calculate the -digest. The _hex_ portion is the hex-encoded result of the hash. - -We define a _digest_ string to match the following grammar: -``` -digest := algorithm ":" hex -algorithm := /[A-Fa-f0-9_+.-]+/ -hex := /[A-Fa-f0-9]+/ -``` - -Some examples of _digests_ include the following: - -digest | description | -----------------------------------------------------------------------------------|------------------------------------------------ -sha256:6c3c624b58dbbcd3c0dd82b4c53f04194d1247c6eebdaab7c610cf7d66709b3b | Common sha256 based digest | - -While the _algorithm_ does allow one to implement a wide variety of -algorithms, compliant implementations should use sha256. Heavy processing of -input before calculating a hash is discouraged to avoid degrading the -uniqueness of the _digest_ but some canonicalization may be performed to -ensure consistent identifiers. - -Let's use a simple example in pseudo-code to demonstrate a digest calculation: -``` -let C = 'a small string' -let B = sha256(C) -let D = 'sha256:' + EncodeHex(B) -let ID(C) = D -``` - -Above, we have bytestring `C` passed into a function, `SHA256`, that returns a -bytestring `B`, which is the hash of `C`. `D` gets the algorithm concatenated -with the hex encoding of `B`. We then define the identifier of `C` to `ID(C)` -as equal to `D`. A digest can be verified by independently calculating `D` and -comparing it with identifier `ID(C)`. - -#### Digest Header - -To provide verification of http content, any response may include a -`Docker-Content-Digest` header. This will include the digest of the target -entity returned in the response. For blobs, this is the entire blob content. For -manifests, this is the manifest body without the signature content, also known -as the JWS payload. Note that the commonly used canonicalization for digest -calculation may be dependent on the mediatype of the content, such as with -manifests. - -The client may choose to ignore the header or may verify it to ensure content -integrity and transport security. This is most important when fetching by a -digest. To ensure security, the content should be verified against the digest -used to fetch the content. At times, the returned digest may differ from that -used to initiate a request. Such digests are considered to be from different -_domains_, meaning they have different values for _algorithm_. In such a case, -the client may choose to verify the digests in both domains or ignore the -server's digest. To maintain security, the client _must_ always verify the -content against the _digest_ used to fetch the content. - -> __IMPORTANT:__ If a _digest_ is used to fetch content, the client should use -> the same digest used to fetch the content to verify it. The header -> `Docker-Content-Digest` should not be trusted over the "local" digest. - -### Pulling An Image - -An "image" is a combination of a JSON manifest and individual layer files. The -process of pulling an image centers around retrieving these two components. - -The first step in pulling an image is to retrieve the manifest. For reference, -the relevant manifest fields for the registry are the following: - - field | description | -----------|------------------------------------------------| -name | The name of the image. | -tag | The tag for this version of the image. | -fsLayers | A list of layer descriptors (including digest) | -signature | A JWS used to verify the manifest content | - -For more information about the manifest format, please see -[docker/docker#8093](https://github.com/docker/docker/issues/8093). - -When the manifest is in hand, the client must verify the signature to ensure -the names and layers are valid. Once confirmed, the client will then use the -digests to download the individual layers. Layers are stored in as blobs in -the V2 registry API, keyed by their digest. - -#### Pulling an Image Manifest - -The image manifest can be fetched with the following url: - -``` -GET /v2//manifests/ -``` - -The `name` and `reference` parameter identify the image and are required. The -reference may include a tag or digest. - -The client should include an Accept header indicating which manifest content -types it supports. For more details on the manifest formats and their content -types, see [manifest-v2-1.md](manifest-v2-1.md) and -[manifest-v2-2.md](manifest-v2-2.md). In a successful response, the Content-Type -header will indicate which manifest type is being returned. - -A `404 Not Found` response will be returned if the image is unknown to the -registry. If the image exists and the response is successful, the image -manifest will be returned, with the following format (see -[docker/docker#8093](https://github.com/docker/docker/issues/8093) for details): - - { - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": - }, - ... - ] - ], - "history": , - "signature": - } - -The client should verify the returned manifest signature for authenticity -before fetching layers. - -##### Existing Manifests - -The image manifest can be checked for existence with the following url: - -``` -HEAD /v2//manifests/ -``` - -The `name` and `reference` parameter identify the image and are required. The -reference may include a tag or digest. - -A `404 Not Found` response will be returned if the image is unknown to the -registry. If the image exists and the response is successful the response will -be as follows: - -``` -200 OK -Content-Length: -Docker-Content-Digest: -``` - - -#### Pulling a Layer - -Layers are stored in the blob portion of the registry, keyed by digest. -Pulling a layer is carried out by a standard http request. The URL is as -follows: - - GET /v2//blobs/ - -Access to a layer will be gated by the `name` of the repository but is -identified uniquely in the registry by `digest`. - -This endpoint may issue a 307 (302 for /blobs/uploads/ -``` - -The parameters of this request are the image namespace under which the layer -will be linked. Responses to this request are covered below. - -##### Existing Layers - -The existence of a layer can be checked via a `HEAD` request to the blob store -API. The request should be formatted as follows: - -``` -HEAD /v2//blobs/ -``` - -If the layer with the digest specified in `digest` is available, a 200 OK -response will be received, with no actual body content (this is according to -http specification). The response will look as follows: - -``` -200 OK -Content-Length: -Docker-Content-Digest: -``` - -When this response is received, the client can assume that the layer is -already available in the registry under the given name and should take no -further action to upload the layer. Note that the binary digests may differ -for the existing registry layer, but the digests will be guaranteed to match. - -##### Uploading the Layer - -If the POST request is successful, a `202 Accepted` response will be returned -with the upload URL in the `Location` header: - -``` -202 Accepted -Location: /v2//blobs/uploads/ -Range: bytes=0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -The rest of the upload process can be carried out with the returned url, -called the "Upload URL" from the `Location` header. All responses to the -upload url, whether sending data or getting status, will be in this format. -Though the URI format (`/v2//blobs/uploads/`) for the `Location` -header is specified, clients should treat it as an opaque url and should never -try to assemble it. While the `uuid` parameter may be an actual UUID, this -proposal imposes no constraints on the format and clients should never impose -any. - -If clients need to correlate local upload state with remote upload state, the -contents of the `Docker-Upload-UUID` header should be used. Such an id can be -used to key the last used location header when implementing resumable uploads. - -##### Upload Progress - -The progress and chunk coordination of the upload process will be coordinated -through the `Range` header. While this is a non-standard use of the `Range` -header, there are examples of [similar approaches](https://developers.google.com/youtube/v3/guides/using_resumable_upload_protocol) in APIs with heavy use. -For an upload that just started, for an example with a 1000 byte layer file, -the `Range` header would be as follows: - -``` -Range: bytes=0-0 -``` - -To get the status of an upload, issue a GET request to the upload URL: - -``` -GET /v2//blobs/uploads/ -Host: -``` - -The response will be similar to the above, except will return 204 status: - -``` -204 No Content -Location: /v2//blobs/uploads/ -Range: bytes=0- -Docker-Upload-UUID: -``` - -Note that the HTTP `Range` header byte ranges are inclusive and that will be -honored, even in non-standard use cases. - -##### Monolithic Upload - -A monolithic upload is simply a chunked upload with a single chunk and may be -favored by clients that would like to avoided the complexity of chunking. To -carry out a "monolithic" upload, one can simply put the entire content blob to -the provided URL: - -``` -PUT /v2//blobs/uploads/?digest= -Content-Length: -Content-Type: application/octet-stream - - -``` - -The "digest" parameter must be included with the PUT request. Please see the -[_Completed Upload_](#completed-upload) section for details on the parameters -and expected responses. - -##### Chunked Upload - -To carry out an upload of a chunk, the client can specify a range header and -only include that part of the layer file: - -``` -PATCH /v2//blobs/uploads/ -Content-Length: -Content-Range: - -Content-Type: application/octet-stream - - -``` - -There is no enforcement on layer chunk splits other than that the server must -receive them in order. The server may enforce a minimum chunk size. If the -server cannot accept the chunk, a `416 Requested Range Not Satisfiable` -response will be returned and will include a `Range` header indicating the -current status: - -``` -416 Requested Range Not Satisfiable -Location: /v2//blobs/uploads/ -Range: 0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -If this response is received, the client should resume from the "last valid -range" and upload the subsequent chunk. A 416 will be returned under the -following conditions: - -- Invalid Content-Range header format -- Out of order chunk: the range of the next chunk must start immediately after - the "last valid range" from the previous response. - -When a chunk is accepted as part of the upload, a `202 Accepted` response will -be returned, including a `Range` header with the current upload status: - -``` -202 Accepted -Location: /v2//blobs/uploads/ -Range: bytes=0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -##### Completed Upload - -For an upload to be considered complete, the client must submit a `PUT` -request on the upload endpoint with a digest parameter. If it is not provided, -the upload will not be considered complete. The format for the final chunk -will be as follows: - -``` -PUT /v2//blob/uploads/?digest= -Content-Length: -Content-Range: - -Content-Type: application/octet-stream - - -``` - -Optionally, if all chunks have already been uploaded, a `PUT` request with a -`digest` parameter and zero-length body may be sent to complete and validated -the upload. Multiple "digest" parameters may be provided with different -digests. The server may verify none or all of them but _must_ notify the -client if the content is rejected. - -When the last chunk is received and the layer has been validated, the client -will receive a `201 Created` response: - -``` -201 Created -Location: /v2//blobs/ -Content-Length: 0 -Docker-Content-Digest: -``` - -The `Location` header will contain the registry URL to access the accepted -layer file. The `Docker-Content-Digest` header returns the canonical digest of -the uploaded blob which may differ from the provided digest. Most clients may -ignore the value but if it is used, the client should verify the value against -the uploaded blob data. - -###### Digest Parameter - -The "digest" parameter is designed as an opaque parameter to support -verification of a successful transfer. For example, an HTTP URI parameter -might be as follows: - -``` -sha256:6c3c624b58dbbcd3c0dd82b4c53f04194d1247c6eebdaab7c610cf7d66709b3b -``` - -Given this parameter, the registry will verify that the provided content does -match this digest. - -##### Canceling an Upload - -An upload can be cancelled by issuing a DELETE request to the upload endpoint. -The format will be as follows: - -``` -DELETE /v2//blobs/uploads/ -``` - -After this request is issued, the upload uuid will no longer be valid and the -registry server will dump all intermediate data. While uploads will time out -if not completed, clients should issue this request if they encounter a fatal -error but still have the ability to issue an http request. - -##### Cross Repository Blob Mount - -A blob may be mounted from another repository that the client has read access -to, removing the need to upload a blob already known to the registry. To issue -a blob mount instead of an upload, a POST request should be issued in the -following format: - -``` -POST /v2//blobs/uploads/?mount=&from= -Content-Length: 0 -``` - -If the blob is successfully mounted, the client will receive a `201 Created` -response: - -``` -201 Created -Location: /v2//blobs/ -Content-Length: 0 -Docker-Content-Digest: -``` - -The `Location` header will contain the registry URL to access the accepted -layer file. The `Docker-Content-Digest` header returns the canonical digest of -the uploaded blob which may differ from the provided digest. Most clients may -ignore the value but if it is used, the client should verify the value against -the uploaded blob data. - -If a mount fails due to invalid repository or digest arguments, the registry -will fall back to the standard upload behavior and return a `202 Accepted` with -the upload URL in the `Location` header: - -``` -202 Accepted -Location: /v2//blobs/uploads/ -Range: bytes=0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -This behavior is consistent with older versions of the registry, which do not -recognize the repository mount query parameters. - -Note: a client may issue a HEAD request to check existence of a blob in a source -repository to distinguish between the registry not supporting blob mounts and -the blob not existing in the expected repository. - -##### Errors - -If an 502, 503 or 504 error is received, the client should assume that the -download can proceed due to a temporary condition, honoring the appropriate -retry mechanism. Other 5xx errors should be treated as terminal. - -If there is a problem with the upload, a 4xx error will be returned indicating -the problem. After receiving a 4xx response (except 416, as called out above), -the upload will be considered failed and the client should take appropriate -action. - -Note that the upload url will not be available forever. If the upload uuid is -unknown to the registry, a `404 Not Found` response will be returned and the -client must restart the upload process. - -### Deleting a Layer - -A layer may be deleted from the registry via its `name` and `digest`. A -delete may be issued with the following request format: - - DELETE /v2//blobs/ - -If the blob exists and has been successfully deleted, the following response -will be issued: - - 202 Accepted - Content-Length: None - -If the blob had already been deleted or did not exist, a `404 Not Found` -response will be issued instead. - -If a layer is deleted which is referenced by a manifest in the registry, -then the complete images will not be resolvable. - -#### Pushing an Image Manifest - -Once all of the layers for an image are uploaded, the client can upload the -image manifest. An image can be pushed using the following request format: - - PUT /v2//manifests/ - Content-Type: - - { - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": - }, - ... - ] - ], - "history": , - "signature": , - ... - } - -The `name` and `reference` fields of the response body must match those -specified in the URL. The `reference` field may be a "tag" or a "digest". The -content type should match the type of the manifest being uploaded, as specified -in [manifest-v2-1.md](manifest-v2-1.md) and [manifest-v2-2.md](manifest-v2-2.md). - -If there is a problem with pushing the manifest, a relevant 4xx response will -be returned with a JSON error message. Please see the -[_PUT Manifest_](#put-manifest) section for details on possible error codes that -may be returned. - -If one or more layers are unknown to the registry, `BLOB_UNKNOWN` errors are -returned. The `detail` field of the error response will have a `digest` field -identifying the missing blob. An error is returned for each unknown blob. The -response format is as follows: - - { - "errors:" [{ - "code": "BLOB_UNKNOWN", - "message": "blob unknown to registry", - "detail": { - "digest": - } - }, - ... - ] - } - -### Listing Repositories - -Images are stored in collections, known as a _repository_, which is keyed by a -`name`, as seen throughout the API specification. A registry instance may -contain several repositories. The list of available repositories is made -available through the _catalog_. - -The catalog for a given registry can be retrieved with the following request: - -``` -GET /v2/_catalog -``` - -The response will be in the following format: - -``` -200 OK -Content-Type: application/json - -{ - "repositories": [ - , - ... - ] -} -``` - -Note that the contents of the response are specific to the registry -implementation. Some registries may opt to provide a full catalog output, -limit it based on the user's access level or omit upstream results, if -providing mirroring functionality. Subsequently, the presence of a repository -in the catalog listing only means that the registry *may* provide access to -the repository at the time of the request. Conversely, a missing entry does -*not* mean that the registry does not have the repository. More succinctly, -the presence of a repository only guarantees that it is there but not that it -is _not_ there. - -For registries with a large number of repositories, this response may be quite -large. If such a response is expected, one should use pagination. A registry -may also limit the amount of responses returned even if pagination was not -explicitly requested. In this case the `Link` header will be returned along -with the results, and subsequent results can be obtained by following the link -as if pagination had been initially requested. - -For details of the `Link` header, please see the [_Pagination_](#pagination) -section. - -#### Pagination - -Paginated catalog results can be retrieved by adding an `n` parameter to the -request URL, declaring that the response should be limited to `n` results. -Starting a paginated flow begins as follows: - -``` -GET /v2/_catalog?n= -``` - -The above specifies that a catalog response should be returned, from the start of -the result set, ordered lexically, limiting the number of results to `n`. The -response to such a request would look as follows: - -``` -200 OK -Content-Type: application/json -Link: <?n=&last=>; rel="next" - -{ - "repositories": [ - , - ... - ] -} -``` - -The above includes the _first_ `n` entries from the result set. To get the -_next_ `n` entries, one can create a URL where the argument `last` has the -value from `repositories[len(repositories)-1]`. If there are indeed more -results, the URL for the next block is encoded in an -[RFC5988](https://tools.ietf.org/html/rfc5988) `Link` header, as a "next" -relation. The presence of the `Link` header communicates to the client that -the entire result set has not been returned and another request must be -issued. If the header is not present, the client can assume that all results -have been received. - -> __NOTE:__ In the request template above, note that the brackets -> are required. For example, if the url is -> `http://example.com/v2/_catalog?n=20&last=b`, the value of the header would -> be `; rel="next"`. Please see -> [RFC5988](https://tools.ietf.org/html/rfc5988) for details. - -Compliant client implementations should always use the `Link` header -value when proceeding through results linearly. The client may construct URLs -to skip forward in the catalog. - -To get the next result set, a client would issue the request as follows, using -the URL encoded in the described `Link` header: - -``` -GET /v2/_catalog?n=&last= -``` - -The above process should then be repeated until the `Link` header is no longer -set. - -The catalog result set is represented abstractly as a lexically sorted list, -where the position in that list can be specified by the query term `last`. The -entries in the response start _after_ the term specified by `last`, up to `n` -entries. - -The behavior of `last` is quite simple when demonstrated with an example. Let -us say the registry has the following repositories: - -``` -a -b -c -d -``` - -If the value of `n` is 2, _a_ and _b_ will be returned on the first response. -The `Link` header returned on the response will have `n` set to 2 and last set -to _b_: - -``` -Link: <?n=2&last=b>; rel="next" -``` - -The client can then issue the request with the above value from the `Link` -header, receiving the values _c_ and _d_. Note that `n` may change on the second -to last response or be fully omitted, depending on the server implementation. - -### Listing Image Tags - -It may be necessary to list all of the tags under a given repository. The tags -for an image repository can be retrieved with the following request: - - GET /v2//tags/list - -The response will be in the following format: - - 200 OK - Content-Type: application/json - - { - "name": , - "tags": [ - , - ... - ] - } - -For repositories with a large number of tags, this response may be quite -large. If such a response is expected, one should use the pagination. - -#### Pagination - -Paginated tag results can be retrieved by adding the appropriate parameters to -the request URL described above. The behavior of tag pagination is identical -to that specified for catalog pagination. We cover a simple flow to highlight -any differences. - -Starting a paginated flow may begin as follows: - -``` -GET /v2//tags/list?n= -``` - -The above specifies that a tags response should be returned, from the start of -the result set, ordered lexically, limiting the number of results to `n`. The -response to such a request would look as follows: - -``` -200 OK -Content-Type: application/json -Link: <?n=&last=>; rel="next" - -{ - "name": , - "tags": [ - , - ... - ] -} -``` - -To get the next result set, a client would issue the request as follows, using -the value encoded in the [RFC5988](https://tools.ietf.org/html/rfc5988) `Link` -header: - -``` -GET /v2//tags/list?n=&last= -``` - -The above process should then be repeated until the `Link` header is no longer -set in the response. The behavior of the `last` parameter, the provided -response result, lexical ordering and encoding of the `Link` header are -identical to that of catalog pagination. - -### Deleting an Image - -An image may be deleted from the registry via its `name` and `reference`. A -delete may be issued with the following request format: - - DELETE /v2//manifests/ - -For deletes, `reference` *must* be a digest or the delete will fail. If the -image exists and has been successfully deleted, the following response will be -issued: - - 202 Accepted - Content-Length: None - -If the image had already been deleted or did not exist, a `404 Not Found` -response will be issued instead. - -> **Note** When deleting a manifest from a registry version 2.3 or later, the -> following header must be used when `HEAD` or `GET`-ing the manifest to obtain -> the correct digest to delete: - - Accept: application/vnd.docker.distribution.manifest.v2+json - -> for more details, see: [compatibility.md](../compatibility.md#content-addressable-storage-cas) - -## Detail - -> **Note**: This section is still under construction. For the purposes of -> implementation, if any details below differ from the described request flows -> above, the section below should be corrected. When they match, this note -> should be removed. - -The behavior of the endpoints are covered in detail in this section, organized -by route and entity. All aspects of the request and responses are covered, -including headers, parameters and body formats. Examples of requests and their -corresponding responses, with success and failure, are enumerated. - -> **Note**: The sections on endpoint detail are arranged with an example -> request, a description of the request, followed by information about that -> request. - -A list of methods and URIs are covered in the table below: - -|Method|Path|Entity|Description| -|------|----|------|-----------| -| GET | `/v2/` | Base | Check that the endpoint implements Docker Registry API V2. | -| GET | `/v2//tags/list` | Tags | Fetch the tags under the repository identified by `name`. | -| GET | `/v2//manifests/` | Manifest | Fetch the manifest identified by `name` and `reference` where `reference` can be a tag or digest. A `HEAD` request can also be issued to this endpoint to obtain resource information without receiving all data. | -| PUT | `/v2//manifests/` | Manifest | Put the manifest identified by `name` and `reference` where `reference` can be a tag or digest. | -| DELETE | `/v2//manifests/` | Manifest | Delete the manifest identified by `name` and `reference`. Note that a manifest can _only_ be deleted by `digest`. | -| GET | `/v2//blobs/` | Blob | Retrieve the blob from the registry identified by `digest`. A `HEAD` request can also be issued to this endpoint to obtain resource information without receiving all data. | -| DELETE | `/v2//blobs/` | Blob | Delete the blob identified by `name` and `digest` | -| POST | `/v2//blobs/uploads/` | Initiate Blob Upload | Initiate a resumable blob upload. If successful, an upload location will be provided to complete the upload. Optionally, if the `digest` parameter is present, the request body will be used to complete the upload in a single request. | -| GET | `/v2//blobs/uploads/` | Blob Upload | Retrieve status of upload identified by `uuid`. The primary purpose of this endpoint is to resolve the current status of a resumable upload. | -| PATCH | `/v2//blobs/uploads/` | Blob Upload | Upload a chunk of data for the specified upload. | -| PUT | `/v2//blobs/uploads/` | Blob Upload | Complete the upload specified by `uuid`, optionally appending the body as the final chunk. | -| DELETE | `/v2//blobs/uploads/` | Blob Upload | Cancel outstanding upload processes, releasing associated resources. If this is not called, the unfinished uploads will eventually timeout. | -| GET | `/v2/_catalog` | Catalog | Retrieve a sorted, json list of repositories available in the registry. | - - -The detail for each endpoint is covered in the following sections. - -### Errors - -The error codes encountered via the API are enumerated in the following table: - -|Code|Message|Description| -|----|-------|-----------| - `BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a blob is unknown to the registry in a specified repository. This can be returned with a standard get or if a manifest references an unknown layer during upload. - `BLOB_UPLOAD_INVALID` | blob upload invalid | The blob upload encountered an error and can no longer proceed. - `BLOB_UPLOAD_UNKNOWN` | blob upload unknown to registry | If a blob upload has been cancelled or was never started, this error code may be returned. - `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. - `MANIFEST_BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a manifest blob is unknown to the registry. - `MANIFEST_INVALID` | manifest invalid | During upload, manifests undergo several checks ensuring validity. If those checks fail, this error may be returned, unless a more specific error is included. The detail will contain information the failed validation. - `MANIFEST_UNKNOWN` | manifest unknown | This error is returned when the manifest, identified by name and tag is unknown to the repository. - `MANIFEST_UNVERIFIED` | manifest failed signature verification | During manifest upload, if the manifest fails signature verification, this error will be returned. - `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. - `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. - `SIZE_INVALID` | provided length did not match content length | When a layer is uploaded, the provided size will be checked against the uploaded content. If they do not match, this error will be returned. - `TAG_INVALID` | manifest tag did not match URI | During a manifest upload, if the tag in the manifest does not match the uri tag, this error will be returned. - `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. - `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. - `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. - - - -### Base - -Base V2 API route. Typically, this can be used for lightweight version checks and to validate registry authentication. - - - -#### GET Base - -Check that the endpoint implements Docker Registry API V2. - - - -``` -GET /v2/ -Host: -Authorization: -``` - - - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| - - - - -###### On Success: OK - -``` -200 OK -``` - -The API implements V2 protocol and is accessible. - - - - -###### On Failure: Not Found - -``` -404 Not Found -``` - -The registry does not implement the V2 API. - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - - -### Tags - -Retrieve information about tags. - - - -#### GET Tags - -Fetch the tags under the repository identified by `name`. - - -##### Tags - -``` -GET /v2//tags/list -Host: -Authorization: -``` - -Return all tags for the repository - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| - - - - -###### On Success: OK - -``` -200 OK -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "name": , - "tags": [ - , - ... - ] -} -``` - -A list of tags for the named repository. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -##### Tags Paginated - -``` -GET /v2//tags/list?n=&last= -``` - -Return a portion of the tags for the specified repository. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`name`|path|Name of the target repository.| -|`n`|query|Limit the number of entries in each response. It not present, all entries will be returned.| -|`last`|query|Result set will include values lexically after last.| - - - - -###### On Success: OK - -``` -200 OK -Content-Length: -Link: <?n=&last=>; rel="next" -Content-Type: application/json; charset=utf-8 - -{ - "name": , - "tags": [ - , - ... - ], -} -``` - -A list of tags for the named repository. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| -|`Link`|RFC5988 compliant rel='next' with URL to next result set, if available| - - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - - -### Manifest - -Create, update, delete and retrieve manifests. - - - -#### GET Manifest - -Fetch the manifest identified by `name` and `reference` where `reference` can be a tag or digest. A `HEAD` request can also be issued to this endpoint to obtain resource information without receiving all data. - - - -``` -GET /v2//manifests/ -Host: -Authorization: -``` - - - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`reference`|path|Tag or digest of the target manifest.| - - - - -###### On Success: OK - -``` -200 OK -Docker-Content-Digest: -Content-Type: - -{ - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": "" - }, - ... - ] - ], - "history": , - "signature": -} -``` - -The manifest identified by `name` and `reference`. The contents can be used to identify and resolve resources required to run the specified image. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Docker-Content-Digest`|Digest of the targeted content for the request.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The name or reference was invalid. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `TAG_INVALID` | manifest tag did not match URI | During a manifest upload, if the tag in the manifest does not match the uri tag, this error will be returned. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - -#### PUT Manifest - -Put the manifest identified by `name` and `reference` where `reference` can be a tag or digest. - - - -``` -PUT /v2//manifests/ -Host: -Authorization: -Content-Type: - -{ - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": "" - }, - ... - ] - ], - "history": , - "signature": -} -``` - - - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`reference`|path|Tag or digest of the target manifest.| - - - - -###### On Success: Created - -``` -201 Created -Location: -Content-Length: 0 -Docker-Content-Digest: -``` - -The manifest has been accepted by the registry and is stored under the specified `name` and `tag`. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|The canonical location url of the uploaded manifest.| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Content-Digest`|Digest of the targeted content for the request.| - - - - -###### On Failure: Invalid Manifest - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The received manifest was invalid in some way, as described by the error codes. The client should resolve the issue and retry the request. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `TAG_INVALID` | manifest tag did not match URI | During a manifest upload, if the tag in the manifest does not match the uri tag, this error will be returned. | -| `MANIFEST_INVALID` | manifest invalid | During upload, manifests undergo several checks ensuring validity. If those checks fail, this error may be returned, unless a more specific error is included. The detail will contain information the failed validation. | -| `MANIFEST_UNVERIFIED` | manifest failed signature verification | During manifest upload, if the manifest fails signature verification, this error will be returned. | -| `BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a blob is unknown to the registry in a specified repository. This can be returned with a standard get or if a manifest references an unknown layer during upload. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -###### On Failure: Missing Layer(s) - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [{ - "code": "BLOB_UNKNOWN", - "message": "blob unknown to registry", - "detail": { - "digest": "" - } - }, - ... - ] -} -``` - -One or more layers may be missing during a manifest upload. If so, the missing layers will be enumerated in the error response. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a blob is unknown to the registry in a specified repository. This can be returned with a standard get or if a manifest references an unknown layer during upload. | - - - -###### On Failure: Not allowed - -``` -405 Method Not Allowed -``` - -Manifest put is not allowed because the registry is configured as a pull-through cache or for some other reason - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. | - - - - -#### DELETE Manifest - -Delete the manifest identified by `name` and `reference`. Note that a manifest can _only_ be deleted by `digest`. - - - -``` -DELETE /v2//manifests/ -Host: -Authorization: -``` - - - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`reference`|path|Tag or digest of the target manifest.| - - - - -###### On Success: Accepted - -``` -202 Accepted -``` - - - - - - -###### On Failure: Invalid Name or Reference - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The specified `name` or `reference` were invalid and the delete was unable to proceed. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `TAG_INVALID` | manifest tag did not match URI | During a manifest upload, if the tag in the manifest does not match the uri tag, this error will be returned. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -###### On Failure: Unknown Manifest - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The specified `name` or `reference` are unknown to the registry and the delete was unable to proceed. Clients can assume the manifest was already deleted if this response is returned. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | -| `MANIFEST_UNKNOWN` | manifest unknown | This error is returned when the manifest, identified by name and tag is unknown to the repository. | - - - -###### On Failure: Not allowed - -``` -405 Method Not Allowed -``` - -Manifest delete is not allowed because the registry is configured as a pull-through cache or `delete` has been disabled. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. | - - - - - -### Blob - -Operations on blobs identified by `name` and `digest`. Used to fetch or delete layers by digest. - - - -#### GET Blob - -Retrieve the blob from the registry identified by `digest`. A `HEAD` request can also be issued to this endpoint to obtain resource information without receiving all data. - - -##### Fetch Blob - -``` -GET /v2//blobs/ -Host: -Authorization: -``` - - - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`digest`|path|Digest of desired blob.| - - - - -###### On Success: OK - -``` -200 OK -Content-Length: -Docker-Content-Digest: -Content-Type: application/octet-stream - - -``` - -The blob identified by `digest` is available. The blob content will be present in the body of the request. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|The length of the requested blob content.| -|`Docker-Content-Digest`|Digest of the targeted content for the request.| - -###### On Success: Temporary Redirect - -``` -307 Temporary Redirect -Location: -Docker-Content-Digest: -``` - -The blob identified by `digest` is available at the provided location. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|The location where the layer should be accessible.| -|`Docker-Content-Digest`|Digest of the targeted content for the request.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -There was a problem with the request that needs to be addressed by the client, such as an invalid `name` or `tag`. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The blob, identified by `name` and `digest`, is unknown to the registry. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | -| `BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a blob is unknown to the registry in a specified repository. This can be returned with a standard get or if a manifest references an unknown layer during upload. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -##### Fetch Blob Part - -``` -GET /v2//blobs/ -Host: -Authorization: -Range: bytes=- -``` - -This endpoint may also support RFC7233 compliant range requests. Support can be detected by issuing a HEAD request. If the header `Accept-Range: bytes` is returned, range requests can be used to fetch partial content. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Range`|header|HTTP Range header specifying blob chunk.| -|`name`|path|Name of the target repository.| -|`digest`|path|Digest of desired blob.| - - - - -###### On Success: Partial Content - -``` -206 Partial Content -Content-Length: -Content-Range: bytes -/ -Content-Type: application/octet-stream - - -``` - -The blob identified by `digest` is available. The specified chunk of blob content will be present in the body of the request. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|The length of the requested blob chunk.| -|`Content-Range`|Content range of blob chunk.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -There was a problem with the request that needs to be addressed by the client, such as an invalid `name` or `tag`. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - - - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | -| `BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a blob is unknown to the registry in a specified repository. This can be returned with a standard get or if a manifest references an unknown layer during upload. | - - - -###### On Failure: Requested Range Not Satisfiable - -``` -416 Requested Range Not Satisfiable -``` - -The range specification cannot be satisfied for the requested content. This can happen when the range is not formatted correctly or if the range is outside of the valid size of the content. - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - -#### DELETE Blob - -Delete the blob identified by `name` and `digest` - - - -``` -DELETE /v2//blobs/ -Host: -Authorization: -``` - - - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`digest`|path|Digest of desired blob.| - - - - -###### On Success: Accepted - -``` -202 Accepted -Content-Length: 0 -Docker-Content-Digest: -``` - - - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|0| -|`Docker-Content-Digest`|Digest of the targeted content for the request.| - - - - -###### On Failure: Invalid Name or Digest - -``` -400 Bad Request -``` - - - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The blob, identified by `name` and `digest`, is unknown to the registry. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | -| `BLOB_UNKNOWN` | blob unknown to registry | This error may be returned when a blob is unknown to the registry in a specified repository. This can be returned with a standard get or if a manifest references an unknown layer during upload. | - - - -###### On Failure: Method Not Allowed - -``` -405 Method Not Allowed -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -Blob delete is not allowed because the registry is configured as a pull-through cache or `delete` has been disabled - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - - -### Initiate Blob Upload - -Initiate a blob upload. This endpoint can be used to create resumable uploads or monolithic uploads. - - - -#### POST Initiate Blob Upload - -Initiate a resumable blob upload. If successful, an upload location will be provided to complete the upload. Optionally, if the `digest` parameter is present, the request body will be used to complete the upload in a single request. - - -##### Initiate Monolithic Blob Upload - -``` -POST /v2//blobs/uploads/?digest= -Host: -Authorization: -Content-Length: -Content-Type: application/octect-stream - - -``` - -Upload a blob identified by the `digest` parameter in single request. This upload will not be resumable unless a recoverable error is returned. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Content-Length`|header|| -|`name`|path|Name of the target repository.| -|`digest`|query|Digest of uploaded blob. If present, the upload will be completed, in a single request, with contents of the request body as the resulting blob.| - - - - -###### On Success: Created - -``` -201 Created -Location: -Content-Length: 0 -Docker-Upload-UUID: -``` - -The blob has been created in the registry and is available at the provided location. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Upload-UUID`|Identifies the docker upload uuid for the current request.| - - - - -###### On Failure: Invalid Name or Digest - -``` -400 Bad Request -``` - - - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | - - - -###### On Failure: Not allowed - -``` -405 Method Not Allowed -``` - -Blob upload is not allowed because the registry is configured as a pull-through cache or for some other reason - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -##### Initiate Resumable Blob Upload - -``` -POST /v2//blobs/uploads/ -Host: -Authorization: -Content-Length: 0 -``` - -Initiate a resumable blob upload with an empty request body. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Content-Length`|header|The `Content-Length` header must be zero and the body must be empty.| -|`name`|path|Name of the target repository.| - - - - -###### On Success: Accepted - -``` -202 Accepted -Content-Length: 0 -Location: /v2//blobs/uploads/ -Range: 0-0 -Docker-Upload-UUID: -``` - -The upload has been created. The `Location` header must be used to complete the upload. The response should be identical to a `GET` request on the contents of the returned `Location` header. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Location`|The location of the created upload. Clients should use the contents verbatim to complete the upload, adding parameters where required.| -|`Range`|Range header indicating the progress of the upload. When starting an upload, it will return an empty range, since no content has been received.| -|`Docker-Upload-UUID`|Identifies the docker upload uuid for the current request.| - - - - -###### On Failure: Invalid Name or Digest - -``` -400 Bad Request -``` - - - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -##### Mount Blob - -``` -POST /v2//blobs/uploads/?mount=&from= -Host: -Authorization: -Content-Length: 0 -``` - -Mount a blob identified by the `mount` parameter from another repository. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Content-Length`|header|The `Content-Length` header must be zero and the body must be empty.| -|`name`|path|Name of the target repository.| -|`mount`|query|Digest of blob to mount from the source repository.| -|`from`|query|Name of the source repository.| - - - - -###### On Success: Created - -``` -201 Created -Location: -Content-Length: 0 -Docker-Upload-UUID: -``` - -The blob has been mounted in the repository and is available at the provided location. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Upload-UUID`|Identifies the docker upload uuid for the current request.| - - - - -###### On Failure: Invalid Name or Digest - -``` -400 Bad Request -``` - - - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | - - - -###### On Failure: Not allowed - -``` -405 Method Not Allowed -``` - -Blob mount is not allowed because the registry is configured as a pull-through cache or for some other reason - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - - -### Blob Upload - -Interact with blob uploads. Clients should never assemble URLs for this endpoint and should only take it through the `Location` header on related API requests. The `Location` header and its parameters should be preserved by clients, using the latest value returned via upload related API calls. - - - -#### GET Blob Upload - -Retrieve status of upload identified by `uuid`. The primary purpose of this endpoint is to resolve the current status of a resumable upload. - - - -``` -GET /v2//blobs/uploads/ -Host: -Authorization: -``` - -Retrieve the progress of the current upload, as reported by the `Range` header. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`uuid`|path|A uuid identifying the upload. This field can accept characters that match `[a-zA-Z0-9-_.=]+`.| - - - - -###### On Success: Upload Progress - -``` -204 No Content -Range: 0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -The upload is known and in progress. The last received offset is available in the `Range` header. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Range`|Range indicating the current progress of the upload.| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Upload-UUID`|Identifies the docker upload uuid for the current request.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -There was an error processing the upload and it must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `BLOB_UPLOAD_INVALID` | blob upload invalid | The blob upload encountered an error and can no longer proceed. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The upload is unknown to the registry. The upload must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `BLOB_UPLOAD_UNKNOWN` | blob upload unknown to registry | If a blob upload has been cancelled or was never started, this error code may be returned. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - -#### PATCH Blob Upload - -Upload a chunk of data for the specified upload. - - -##### Stream upload - -``` -PATCH /v2//blobs/uploads/ -Host: -Authorization: -Content-Type: application/octet-stream - - -``` - -Upload a stream of data to upload without completing the upload. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`name`|path|Name of the target repository.| -|`uuid`|path|A uuid identifying the upload. This field can accept characters that match `[a-zA-Z0-9-_.=]+`.| - - - - -###### On Success: Data Accepted - -``` -204 No Content -Location: /v2//blobs/uploads/ -Range: 0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -The stream of data has been accepted and the current progress is available in the range header. The updated upload location is available in the `Location` header. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|The location of the upload. Clients should assume this changes after each request. Clients should use the contents verbatim to complete the upload, adding parameters where required.| -|`Range`|Range indicating the current progress of the upload.| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Upload-UUID`|Identifies the docker upload uuid for the current request.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -There was an error processing the upload and it must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `BLOB_UPLOAD_INVALID` | blob upload invalid | The blob upload encountered an error and can no longer proceed. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The upload is unknown to the registry. The upload must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `BLOB_UPLOAD_UNKNOWN` | blob upload unknown to registry | If a blob upload has been cancelled or was never started, this error code may be returned. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - -##### Chunked upload - -``` -PATCH /v2//blobs/uploads/ -Host: -Authorization: -Content-Range: - -Content-Length: -Content-Type: application/octet-stream - - -``` - -Upload a chunk of data to specified upload without completing the upload. The data will be uploaded to the specified Content Range. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Content-Range`|header|Range of bytes identifying the desired block of content represented by the body. Start must the end offset retrieved via status check plus one. Note that this is a non-standard use of the `Content-Range` header.| -|`Content-Length`|header|Length of the chunk being uploaded, corresponding the length of the request body.| -|`name`|path|Name of the target repository.| -|`uuid`|path|A uuid identifying the upload. This field can accept characters that match `[a-zA-Z0-9-_.=]+`.| - - - - -###### On Success: Chunk Accepted - -``` -204 No Content -Location: /v2//blobs/uploads/ -Range: 0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -The chunk of data has been accepted and the current progress is available in the range header. The updated upload location is available in the `Location` header. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|The location of the upload. Clients should assume this changes after each request. Clients should use the contents verbatim to complete the upload, adding parameters where required.| -|`Range`|Range indicating the current progress of the upload.| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Upload-UUID`|Identifies the docker upload uuid for the current request.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -There was an error processing the upload and it must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `BLOB_UPLOAD_INVALID` | blob upload invalid | The blob upload encountered an error and can no longer proceed. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The upload is unknown to the registry. The upload must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `BLOB_UPLOAD_UNKNOWN` | blob upload unknown to registry | If a blob upload has been cancelled or was never started, this error code may be returned. | - - - -###### On Failure: Requested Range Not Satisfiable - -``` -416 Requested Range Not Satisfiable -``` - -The `Content-Range` specification cannot be accepted, either because it does not overlap with the current progress or it is invalid. - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - -#### PUT Blob Upload - -Complete the upload specified by `uuid`, optionally appending the body as the final chunk. - - - -``` -PUT /v2//blobs/uploads/?digest= -Host: -Authorization: -Content-Length: -Content-Type: application/octet-stream - - -``` - -Complete the upload, providing all the data in the body, if necessary. A request without a body will just complete the upload with previously uploaded content. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Content-Length`|header|Length of the data being uploaded, corresponding to the length of the request body. May be zero if no data is provided.| -|`name`|path|Name of the target repository.| -|`uuid`|path|A uuid identifying the upload. This field can accept characters that match `[a-zA-Z0-9-_.=]+`.| -|`digest`|query|Digest of uploaded blob.| - - - - -###### On Success: Upload Complete - -``` -204 No Content -Location: -Content-Range: - -Content-Length: 0 -Docker-Content-Digest: -``` - -The upload has been completed and accepted by the registry. The canonical location will be available in the `Location` header. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Location`|The canonical location of the blob for retrieval| -|`Content-Range`|Range of bytes identifying the desired block of content represented by the body. Start must match the end of offset retrieved via status check. Note that this is a non-standard use of the `Content-Range` header.| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| -|`Docker-Content-Digest`|Digest of the targeted content for the request.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -There was an error processing the upload and it must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DIGEST_INVALID` | provided digest did not match uploaded content | When a blob is uploaded, the registry will check that the content matches the digest provided by the client. The error may include a detail structure with the key "digest", including the invalid digest string. This error may also be returned when a manifest includes an invalid layer digest. | -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `BLOB_UPLOAD_INVALID` | blob upload invalid | The blob upload encountered an error and can no longer proceed. | -| `UNSUPPORTED` | The operation is unsupported. | The operation was unsupported due to a missing implementation or invalid set of parameters. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The upload is unknown to the registry. The upload must be restarted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `BLOB_UPLOAD_UNKNOWN` | blob upload unknown to registry | If a blob upload has been cancelled or was never started, this error code may be returned. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - -#### DELETE Blob Upload - -Cancel outstanding upload processes, releasing associated resources. If this is not called, the unfinished uploads will eventually timeout. - - - -``` -DELETE /v2//blobs/uploads/ -Host: -Authorization: -Content-Length: 0 -``` - -Cancel the upload specified by `uuid`. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`Host`|header|Standard HTTP Host Header. Should be set to the registry host.| -|`Authorization`|header|An RFC7235 compliant authorization header.| -|`Content-Length`|header|The `Content-Length` header must be zero and the body must be empty.| -|`name`|path|Name of the target repository.| -|`uuid`|path|A uuid identifying the upload. This field can accept characters that match `[a-zA-Z0-9-_.=]+`.| - - - - -###### On Success: Upload Deleted - -``` -204 No Content -Content-Length: 0 -``` - -The upload has been successfully deleted. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|The `Content-Length` header must be zero and the body must be empty.| - - - - -###### On Failure: Bad Request - -``` -400 Bad Request -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -An error was encountered processing the delete. The client may ignore this error. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_INVALID` | invalid repository name | Invalid repository name encountered either during manifest validation or any API operation. | -| `BLOB_UPLOAD_INVALID` | blob upload invalid | The blob upload encountered an error and can no longer proceed. | - - - -###### On Failure: Not Found - -``` -404 Not Found -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The upload is unknown to the registry. The client may ignore this error and assume the upload has been deleted. - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `BLOB_UPLOAD_UNKNOWN` | blob upload unknown to registry | If a blob upload has been cancelled or was never started, this error code may be returned. | - - - -###### On Failure: Authentication Required - -``` -401 Unauthorized -WWW-Authenticate: realm="", ..." -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client is not authenticated. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`WWW-Authenticate`|An RFC7235 compliant authentication challenge header.| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `UNAUTHORIZED` | authentication required | The access controller was unable to authenticate the client. Often this will be accompanied by a Www-Authenticate HTTP response header indicating how to authenticate. | - - - -###### On Failure: No Such Repository Error - -``` -404 Not Found -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The repository is not known to the registry. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `NAME_UNKNOWN` | repository name not known to registry | This is returned if the name used during an operation is unknown to the registry. | - - - -###### On Failure: Access Denied - -``` -403 Forbidden -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client does not have required access to the repository. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `DENIED` | requested access to the resource is denied | The access controller denied access for the operation on a resource. | - - - -###### On Failure: Too Many Requests - -``` -429 Too Many Requests -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -} -``` - -The client made too many requests within a time interval. - -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -| `TOOMANYREQUESTS` | too many requests | Returned when a client attempts to contact a service too many times | - - - - - -### Catalog - -List a set of available repositories in the local registry cluster. Does not provide any indication of what may be available upstream. Applications can only determine if a repository is available but not if it is not available. - - - -#### GET Catalog - -Retrieve a sorted, json list of repositories available in the registry. - - -##### Catalog Fetch - -``` -GET /v2/_catalog -``` - -Request an unabridged list of repositories available. The implementation may impose a maximum limit and return a partial set with pagination links. - - - - - -###### On Success: OK - -``` -200 OK -Content-Length: -Content-Type: application/json; charset=utf-8 - -{ - "repositories": [ - , - ... - ] -} -``` - -Returns the unabridged list of repositories as a json response. - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| - - - -##### Catalog Fetch Paginated - -``` -GET /v2/_catalog?n=&last= -``` - -Return the specified portion of repositories. - - -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -|`n`|query|Limit the number of entries in each response. It not present, all entries will be returned.| -|`last`|query|Result set will include values lexically after last.| - - - - -###### On Success: OK - -``` -200 OK -Content-Length: -Link: <?n=&last=>; rel="next" -Content-Type: application/json; charset=utf-8 - -{ - "repositories": [ - , - ... - ] - "next": "?last=&n=" -} -``` - - - -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -|`Content-Length`|Length of the JSON response body.| -|`Link`|RFC5988 compliant rel='next' with URL to next result set, if available| - - - - - diff --git a/vendor/github.com/docker/distribution/docs/spec/api.md.tmpl b/vendor/github.com/docker/distribution/docs/spec/api.md.tmpl deleted file mode 100644 index 406eda5b..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/api.md.tmpl +++ /dev/null @@ -1,1215 +0,0 @@ ---- -title: "HTTP API V2" -description: "Specification for the Registry API." -keywords: ["registry, on-prem, images, tags, repository, distribution, api, advanced"] ---- - -# Docker Registry HTTP API V2 - -## Introduction - -The _Docker Registry HTTP API_ is the protocol to facilitate distribution of -images to the docker engine. It interacts with instances of the docker -registry, which is a service to manage information about docker images and -enable their distribution. The specification covers the operation of version 2 -of this API, known as _Docker Registry HTTP API V2_. - -While the V1 registry protocol is usable, there are several problems with the -architecture that have led to this new version. The main driver of this -specification is a set of changes to the docker the image format, covered in -[docker/docker#8093](https://github.com/docker/docker/issues/8093). -The new, self-contained image manifest simplifies image definition and improves -security. This specification will build on that work, leveraging new properties -of the manifest format to improve performance, reduce bandwidth usage and -decrease the likelihood of backend corruption. - -For relevant details and history leading up to this specification, please see -the following issues: - -- [docker/docker#8093](https://github.com/docker/docker/issues/8093) -- [docker/docker#9015](https://github.com/docker/docker/issues/9015) -- [docker/docker-registry#612](https://github.com/docker/docker-registry/issues/612) - -### Scope - -This specification covers the URL layout and protocols of the interaction -between docker registry and docker core. This will affect the docker core -registry API and the rewrite of docker-registry. Docker registry -implementations may implement other API endpoints, but they are not covered by -this specification. - -This includes the following features: - -- Namespace-oriented URI Layout -- PUSH/PULL registry server for V2 image manifest format -- Resumable layer PUSH support -- V2 Client library implementation - -While authentication and authorization support will influence this -specification, details of the protocol will be left to a future specification. -Relevant header definitions and error codes are present to provide an -indication of what a client may encounter. - -#### Future - -There are features that have been discussed during the process of cutting this -specification. The following is an incomplete list: - -- Immutable image references -- Multiple architecture support -- Migration from v2compatibility representation - -These may represent features that are either out of the scope of this -specification, the purview of another specification or have been deferred to a -future version. - -### Use Cases - -For the most part, the use cases of the former registry API apply to the new -version. Differentiating use cases are covered below. - -#### Image Verification - -A docker engine instance would like to run verified image named -"library/ubuntu", with the tag "latest". The engine contacts the registry, -requesting the manifest for "library/ubuntu:latest". An untrusted registry -returns a manifest. Before proceeding to download the individual layers, the -engine verifies the manifest's signature, ensuring that the content was -produced from a trusted source and no tampering has occurred. After each layer -is downloaded, the engine verifies the digest of the layer, ensuring that the -content matches that specified by the manifest. - -#### Resumable Push - -Company X's build servers lose connectivity to docker registry before -completing an image layer transfer. After connectivity returns, the build -server attempts to re-upload the image. The registry notifies the build server -that the upload has already been partially attempted. The build server -responds by only sending the remaining data to complete the image file. - -#### Resumable Pull - -Company X is having more connectivity problems but this time in their -deployment datacenter. When downloading an image, the connection is -interrupted before completion. The client keeps the partial data and uses http -`Range` requests to avoid downloading repeated data. - -#### Layer Upload De-duplication - -Company Y's build system creates two identical docker layers from build -processes A and B. Build process A completes uploading the layer before B. -When process B attempts to upload the layer, the registry indicates that its -not necessary because the layer is already known. - -If process A and B upload the same layer at the same time, both operations -will proceed and the first to complete will be stored in the registry (Note: -we may modify this to prevent dogpile with some locking mechanism). - -### Changes - -The V2 specification has been written to work as a living document, specifying -only what is certain and leaving what is not specified open or to future -changes. Only non-conflicting additions should be made to the API and accepted -changes should avoid preventing future changes from happening. - -This section should be updated when changes are made to the specification, -indicating what is different. Optionally, we may start marking parts of the -specification to correspond with the versions enumerated here. - -Each set of changes is given a letter corresponding to a set of modifications -that were applied to the baseline specification. These are merely for -reference and shouldn't be used outside the specification other than to -identify a set of modifications. - -
-
l
-
-
    -
  • Document TOOMANYREQUESTS error code.
    • -
-
- -
k
-
-
    -
  • Document use of Accept and Content-Type headers in manifests endpoint.
    • -
-
- -
j
-
-
    -
  • Add ability to mount blobs across repositories.
    • -
-
- -
i
-
-
    -
  • Clarified expected behavior response to manifest HEAD request.
    • -
-
- -
h
-
-
    -
  • All mention of tarsum removed.
    • -
-
- -
g
-
-
    -
  • Clarify behavior of pagination behavior with unspecified parameters.
    • -
-
- -
f
-
-
    -
  • Specify the delete API for layers and manifests.
    • -
-
- -
e
-
-
    -
  • Added support for listing registry contents.
    • -
  • Added pagination to tags API.
    • -
  • Added common approach to support pagination.
    • -
-
- -
d
-
-
    -
  • Allow repository name components to be one character.
    • -
  • Clarified that single component names are allowed.
    • -
-
- -
c
-
-
    -
  • Added section covering digest format.
    • -
  • Added more clarification that manifest cannot be deleted by tag.
    • -
-
- -
b
-
-
    -
  • Added capability of doing streaming upload to PATCH blob upload.
    • -
  • Updated PUT blob upload to no longer take final chunk, now requires entire data or no data.
    • -
  • Removed `416 Requested Range Not Satisfiable` response status from PUT blob upload.
    • -
-
- -
a
-
-
    -
  • Added support for immutable manifest references in manifest endpoints.
    • -
  • Deleting a manifest by tag has been deprecated.
    • -
  • Specified `Docker-Content-Digest` header for appropriate entities.
    • -
  • Added error code for unsupported operations.
    • -
-
-
- -## Overview - -This section covers client flows and details of the API endpoints. The URI -layout of the new API is structured to support a rich authentication and -authorization model by leveraging namespaces. All endpoints will be prefixed -by the API version and the repository name: - - /v2// - -For example, an API endpoint that will work with the `library/ubuntu` -repository, the URI prefix will be: - - /v2/library/ubuntu/ - -This scheme provides rich access control over various operations and methods -using the URI prefix and http methods that can be controlled in variety of -ways. - -Classically, repository names have always been two path components where each -path component is less than 30 characters. The V2 registry API does not -enforce this. The rules for a repository name are as follows: - -1. A repository name is broken up into _path components_. A component of a - repository name must be at least one lowercase, alpha-numeric characters, - optionally separated by periods, dashes or underscores. More strictly, it - must match the regular expression `[a-z0-9]+(?:[._-][a-z0-9]+)*`. -2. If a repository name has two or more path components, they must be - separated by a forward slash ("/"). -3. The total length of a repository name, including slashes, must be less than - 256 characters. - -These name requirements _only_ apply to the registry API and should accept a -superset of what is supported by other docker ecosystem components. - -All endpoints should support aggressive http caching, compression and range -headers, where appropriate. The new API attempts to leverage HTTP semantics -where possible but may break from standards to implement targeted features. - -For detail on individual endpoints, please see the [_Detail_](#detail) -section. - -### Errors - -Actionable failure conditions, covered in detail in their relevant sections, -are reported as part of 4xx responses, in a json response body. One or more -errors will be returned in the following format: - - { - "errors:" [{ - "code": , - "message": , - "detail": - }, - ... - ] - } - -The `code` field will be a unique identifier, all caps with underscores by -convention. The `message` field will be a human readable string. The optional -`detail` field may contain arbitrary json data providing information the -client can use to resolve the issue. - -While the client can take action on certain error codes, the registry may add -new error codes over time. All client implementations should treat unknown -error codes as `UNKNOWN`, allowing future error codes to be added without -breaking API compatibility. For the purposes of the specification error codes -will only be added and never removed. - -For a complete account of all error codes, please see the [_Errors_](#errors-2) -section. - -### API Version Check - -A minimal endpoint, mounted at `/v2/` will provide version support information -based on its response statuses. The request format is as follows: - - GET /v2/ - -If a `200 OK` response is returned, the registry implements the V2(.1) -registry API and the client may proceed safely with other V2 operations. -Optionally, the response may contain information about the supported paths in -the response body. The client should be prepared to ignore this data. - -If a `401 Unauthorized` response is returned, the client should take action -based on the contents of the "WWW-Authenticate" header and try the endpoint -again. Depending on access control setup, the client may still have to -authenticate against different resources, even if this check succeeds. - -If `404 Not Found` response status, or other unexpected status, is returned, -the client should proceed with the assumption that the registry does not -implement V2 of the API. - -When a `200 OK` or `401 Unauthorized` response is returned, the -"Docker-Distribution-API-Version" header should be set to "registry/2.0". -Clients may require this header value to determine if the endpoint serves this -API. When this header is omitted, clients may fallback to an older API version. - -### Content Digests - -This API design is driven heavily by [content addressability](http://en.wikipedia.org/wiki/Content-addressable_storage). -The core of this design is the concept of a content addressable identifier. It -uniquely identifies content by taking a collision-resistant hash of the bytes. -Such an identifier can be independently calculated and verified by selection -of a common _algorithm_. If such an identifier can be communicated in a secure -manner, one can retrieve the content from an insecure source, calculate it -independently and be certain that the correct content was obtained. Put simply, -the identifier is a property of the content. - -To disambiguate from other concepts, we call this identifier a _digest_. A -_digest_ is a serialized hash result, consisting of a _algorithm_ and _hex_ -portion. The _algorithm_ identifies the methodology used to calculate the -digest. The _hex_ portion is the hex-encoded result of the hash. - -We define a _digest_ string to match the following grammar: -``` -digest := algorithm ":" hex -algorithm := /[A-Fa-f0-9_+.-]+/ -hex := /[A-Fa-f0-9]+/ -``` - -Some examples of _digests_ include the following: - -digest | description | -----------------------------------------------------------------------------------|------------------------------------------------ -sha256:6c3c624b58dbbcd3c0dd82b4c53f04194d1247c6eebdaab7c610cf7d66709b3b | Common sha256 based digest | - -While the _algorithm_ does allow one to implement a wide variety of -algorithms, compliant implementations should use sha256. Heavy processing of -input before calculating a hash is discouraged to avoid degrading the -uniqueness of the _digest_ but some canonicalization may be performed to -ensure consistent identifiers. - -Let's use a simple example in pseudo-code to demonstrate a digest calculation: -``` -let C = 'a small string' -let B = sha256(C) -let D = 'sha256:' + EncodeHex(B) -let ID(C) = D -``` - -Above, we have bytestring `C` passed into a function, `SHA256`, that returns a -bytestring `B`, which is the hash of `C`. `D` gets the algorithm concatenated -with the hex encoding of `B`. We then define the identifier of `C` to `ID(C)` -as equal to `D`. A digest can be verified by independently calculating `D` and -comparing it with identifier `ID(C)`. - -#### Digest Header - -To provide verification of http content, any response may include a -`Docker-Content-Digest` header. This will include the digest of the target -entity returned in the response. For blobs, this is the entire blob content. For -manifests, this is the manifest body without the signature content, also known -as the JWS payload. Note that the commonly used canonicalization for digest -calculation may be dependent on the mediatype of the content, such as with -manifests. - -The client may choose to ignore the header or may verify it to ensure content -integrity and transport security. This is most important when fetching by a -digest. To ensure security, the content should be verified against the digest -used to fetch the content. At times, the returned digest may differ from that -used to initiate a request. Such digests are considered to be from different -_domains_, meaning they have different values for _algorithm_. In such a case, -the client may choose to verify the digests in both domains or ignore the -server's digest. To maintain security, the client _must_ always verify the -content against the _digest_ used to fetch the content. - -> __IMPORTANT:__ If a _digest_ is used to fetch content, the client should use -> the same digest used to fetch the content to verify it. The header -> `Docker-Content-Digest` should not be trusted over the "local" digest. - -### Pulling An Image - -An "image" is a combination of a JSON manifest and individual layer files. The -process of pulling an image centers around retrieving these two components. - -The first step in pulling an image is to retrieve the manifest. For reference, -the relevant manifest fields for the registry are the following: - - field | description | -----------|------------------------------------------------| -name | The name of the image. | -tag | The tag for this version of the image. | -fsLayers | A list of layer descriptors (including digest) | -signature | A JWS used to verify the manifest content | - -For more information about the manifest format, please see -[docker/docker#8093](https://github.com/docker/docker/issues/8093). - -When the manifest is in hand, the client must verify the signature to ensure -the names and layers are valid. Once confirmed, the client will then use the -digests to download the individual layers. Layers are stored in as blobs in -the V2 registry API, keyed by their digest. - -#### Pulling an Image Manifest - -The image manifest can be fetched with the following url: - -``` -GET /v2//manifests/ -``` - -The `name` and `reference` parameter identify the image and are required. The -reference may include a tag or digest. - -The client should include an Accept header indicating which manifest content -types it supports. For more details on the manifest formats and their content -types, see [manifest-v2-1.md](manifest-v2-1.md) and -[manifest-v2-2.md](manifest-v2-2.md). In a successful response, the Content-Type -header will indicate which manifest type is being returned. - -A `404 Not Found` response will be returned if the image is unknown to the -registry. If the image exists and the response is successful, the image -manifest will be returned, with the following format (see -[docker/docker#8093](https://github.com/docker/docker/issues/8093) for details): - - { - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": - }, - ... - ] - ], - "history": , - "signature": - } - -The client should verify the returned manifest signature for authenticity -before fetching layers. - -##### Existing Manifests - -The image manifest can be checked for existence with the following url: - -``` -HEAD /v2//manifests/ -``` - -The `name` and `reference` parameter identify the image and are required. The -reference may include a tag or digest. - -A `404 Not Found` response will be returned if the image is unknown to the -registry. If the image exists and the response is successful the response will -be as follows: - -``` -200 OK -Content-Length: -Docker-Content-Digest: -``` - - -#### Pulling a Layer - -Layers are stored in the blob portion of the registry, keyed by digest. -Pulling a layer is carried out by a standard http request. The URL is as -follows: - - GET /v2//blobs/ - -Access to a layer will be gated by the `name` of the repository but is -identified uniquely in the registry by `digest`. - -This endpoint may issue a 307 (302 for /blobs/uploads/ -``` - -The parameters of this request are the image namespace under which the layer -will be linked. Responses to this request are covered below. - -##### Existing Layers - -The existence of a layer can be checked via a `HEAD` request to the blob store -API. The request should be formatted as follows: - -``` -HEAD /v2//blobs/ -``` - -If the layer with the digest specified in `digest` is available, a 200 OK -response will be received, with no actual body content (this is according to -http specification). The response will look as follows: - -``` -200 OK -Content-Length: -Docker-Content-Digest: -``` - -When this response is received, the client can assume that the layer is -already available in the registry under the given name and should take no -further action to upload the layer. Note that the binary digests may differ -for the existing registry layer, but the digests will be guaranteed to match. - -##### Uploading the Layer - -If the POST request is successful, a `202 Accepted` response will be returned -with the upload URL in the `Location` header: - -``` -202 Accepted -Location: /v2//blobs/uploads/ -Range: bytes=0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -The rest of the upload process can be carried out with the returned url, -called the "Upload URL" from the `Location` header. All responses to the -upload url, whether sending data or getting status, will be in this format. -Though the URI format (`/v2//blobs/uploads/`) for the `Location` -header is specified, clients should treat it as an opaque url and should never -try to assemble it. While the `uuid` parameter may be an actual UUID, this -proposal imposes no constraints on the format and clients should never impose -any. - -If clients need to correlate local upload state with remote upload state, the -contents of the `Docker-Upload-UUID` header should be used. Such an id can be -used to key the last used location header when implementing resumable uploads. - -##### Upload Progress - -The progress and chunk coordination of the upload process will be coordinated -through the `Range` header. While this is a non-standard use of the `Range` -header, there are examples of [similar approaches](https://developers.google.com/youtube/v3/guides/using_resumable_upload_protocol) in APIs with heavy use. -For an upload that just started, for an example with a 1000 byte layer file, -the `Range` header would be as follows: - -``` -Range: bytes=0-0 -``` - -To get the status of an upload, issue a GET request to the upload URL: - -``` -GET /v2//blobs/uploads/ -Host: -``` - -The response will be similar to the above, except will return 204 status: - -``` -204 No Content -Location: /v2//blobs/uploads/ -Range: bytes=0- -Docker-Upload-UUID: -``` - -Note that the HTTP `Range` header byte ranges are inclusive and that will be -honored, even in non-standard use cases. - -##### Monolithic Upload - -A monolithic upload is simply a chunked upload with a single chunk and may be -favored by clients that would like to avoided the complexity of chunking. To -carry out a "monolithic" upload, one can simply put the entire content blob to -the provided URL: - -``` -PUT /v2//blobs/uploads/?digest= -Content-Length: -Content-Type: application/octet-stream - - -``` - -The "digest" parameter must be included with the PUT request. Please see the -[_Completed Upload_](#completed-upload) section for details on the parameters -and expected responses. - -##### Chunked Upload - -To carry out an upload of a chunk, the client can specify a range header and -only include that part of the layer file: - -``` -PATCH /v2//blobs/uploads/ -Content-Length: -Content-Range: - -Content-Type: application/octet-stream - - -``` - -There is no enforcement on layer chunk splits other than that the server must -receive them in order. The server may enforce a minimum chunk size. If the -server cannot accept the chunk, a `416 Requested Range Not Satisfiable` -response will be returned and will include a `Range` header indicating the -current status: - -``` -416 Requested Range Not Satisfiable -Location: /v2//blobs/uploads/ -Range: 0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -If this response is received, the client should resume from the "last valid -range" and upload the subsequent chunk. A 416 will be returned under the -following conditions: - -- Invalid Content-Range header format -- Out of order chunk: the range of the next chunk must start immediately after - the "last valid range" from the previous response. - -When a chunk is accepted as part of the upload, a `202 Accepted` response will -be returned, including a `Range` header with the current upload status: - -``` -202 Accepted -Location: /v2//blobs/uploads/ -Range: bytes=0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -##### Completed Upload - -For an upload to be considered complete, the client must submit a `PUT` -request on the upload endpoint with a digest parameter. If it is not provided, -the upload will not be considered complete. The format for the final chunk -will be as follows: - -``` -PUT /v2//blob/uploads/?digest= -Content-Length: -Content-Range: - -Content-Type: application/octet-stream - - -``` - -Optionally, if all chunks have already been uploaded, a `PUT` request with a -`digest` parameter and zero-length body may be sent to complete and validated -the upload. Multiple "digest" parameters may be provided with different -digests. The server may verify none or all of them but _must_ notify the -client if the content is rejected. - -When the last chunk is received and the layer has been validated, the client -will receive a `201 Created` response: - -``` -201 Created -Location: /v2//blobs/ -Content-Length: 0 -Docker-Content-Digest: -``` - -The `Location` header will contain the registry URL to access the accepted -layer file. The `Docker-Content-Digest` header returns the canonical digest of -the uploaded blob which may differ from the provided digest. Most clients may -ignore the value but if it is used, the client should verify the value against -the uploaded blob data. - -###### Digest Parameter - -The "digest" parameter is designed as an opaque parameter to support -verification of a successful transfer. For example, an HTTP URI parameter -might be as follows: - -``` -sha256:6c3c624b58dbbcd3c0dd82b4c53f04194d1247c6eebdaab7c610cf7d66709b3b -``` - -Given this parameter, the registry will verify that the provided content does -match this digest. - -##### Canceling an Upload - -An upload can be cancelled by issuing a DELETE request to the upload endpoint. -The format will be as follows: - -``` -DELETE /v2//blobs/uploads/ -``` - -After this request is issued, the upload uuid will no longer be valid and the -registry server will dump all intermediate data. While uploads will time out -if not completed, clients should issue this request if they encounter a fatal -error but still have the ability to issue an http request. - -##### Cross Repository Blob Mount - -A blob may be mounted from another repository that the client has read access -to, removing the need to upload a blob already known to the registry. To issue -a blob mount instead of an upload, a POST request should be issued in the -following format: - -``` -POST /v2//blobs/uploads/?mount=&from= -Content-Length: 0 -``` - -If the blob is successfully mounted, the client will receive a `201 Created` -response: - -``` -201 Created -Location: /v2//blobs/ -Content-Length: 0 -Docker-Content-Digest: -``` - -The `Location` header will contain the registry URL to access the accepted -layer file. The `Docker-Content-Digest` header returns the canonical digest of -the uploaded blob which may differ from the provided digest. Most clients may -ignore the value but if it is used, the client should verify the value against -the uploaded blob data. - -If a mount fails due to invalid repository or digest arguments, the registry -will fall back to the standard upload behavior and return a `202 Accepted` with -the upload URL in the `Location` header: - -``` -202 Accepted -Location: /v2//blobs/uploads/ -Range: bytes=0- -Content-Length: 0 -Docker-Upload-UUID: -``` - -This behavior is consistent with older versions of the registry, which do not -recognize the repository mount query parameters. - -Note: a client may issue a HEAD request to check existence of a blob in a source -repository to distinguish between the registry not supporting blob mounts and -the blob not existing in the expected repository. - -##### Errors - -If an 502, 503 or 504 error is received, the client should assume that the -download can proceed due to a temporary condition, honoring the appropriate -retry mechanism. Other 5xx errors should be treated as terminal. - -If there is a problem with the upload, a 4xx error will be returned indicating -the problem. After receiving a 4xx response (except 416, as called out above), -the upload will be considered failed and the client should take appropriate -action. - -Note that the upload url will not be available forever. If the upload uuid is -unknown to the registry, a `404 Not Found` response will be returned and the -client must restart the upload process. - -### Deleting a Layer - -A layer may be deleted from the registry via its `name` and `digest`. A -delete may be issued with the following request format: - - DELETE /v2//blobs/ - -If the blob exists and has been successfully deleted, the following response -will be issued: - - 202 Accepted - Content-Length: None - -If the blob had already been deleted or did not exist, a `404 Not Found` -response will be issued instead. - -If a layer is deleted which is referenced by a manifest in the registry, -then the complete images will not be resolvable. - -#### Pushing an Image Manifest - -Once all of the layers for an image are uploaded, the client can upload the -image manifest. An image can be pushed using the following request format: - - PUT /v2//manifests/ - Content-Type: - - { - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": - }, - ... - ] - ], - "history": , - "signature": , - ... - } - -The `name` and `reference` fields of the response body must match those -specified in the URL. The `reference` field may be a "tag" or a "digest". The -content type should match the type of the manifest being uploaded, as specified -in [manifest-v2-1.md](manifest-v2-1.md) and [manifest-v2-2.md](manifest-v2-2.md). - -If there is a problem with pushing the manifest, a relevant 4xx response will -be returned with a JSON error message. Please see the -[_PUT Manifest_](#put-manifest) section for details on possible error codes that -may be returned. - -If one or more layers are unknown to the registry, `BLOB_UNKNOWN` errors are -returned. The `detail` field of the error response will have a `digest` field -identifying the missing blob. An error is returned for each unknown blob. The -response format is as follows: - - { - "errors:" [{ - "code": "BLOB_UNKNOWN", - "message": "blob unknown to registry", - "detail": { - "digest": - } - }, - ... - ] - } - -### Listing Repositories - -Images are stored in collections, known as a _repository_, which is keyed by a -`name`, as seen throughout the API specification. A registry instance may -contain several repositories. The list of available repositories is made -available through the _catalog_. - -The catalog for a given registry can be retrieved with the following request: - -``` -GET /v2/_catalog -``` - -The response will be in the following format: - -``` -200 OK -Content-Type: application/json - -{ - "repositories": [ - , - ... - ] -} -``` - -Note that the contents of the response are specific to the registry -implementation. Some registries may opt to provide a full catalog output, -limit it based on the user's access level or omit upstream results, if -providing mirroring functionality. Subsequently, the presence of a repository -in the catalog listing only means that the registry *may* provide access to -the repository at the time of the request. Conversely, a missing entry does -*not* mean that the registry does not have the repository. More succinctly, -the presence of a repository only guarantees that it is there but not that it -is _not_ there. - -For registries with a large number of repositories, this response may be quite -large. If such a response is expected, one should use pagination. A registry -may also limit the amount of responses returned even if pagination was not -explicitly requested. In this case the `Link` header will be returned along -with the results, and subsequent results can be obtained by following the link -as if pagination had been initially requested. - -For details of the `Link` header, please see the [_Pagination_](#pagination) -section. - -#### Pagination - -Paginated catalog results can be retrieved by adding an `n` parameter to the -request URL, declaring that the response should be limited to `n` results. -Starting a paginated flow begins as follows: - -``` -GET /v2/_catalog?n= -``` - -The above specifies that a catalog response should be returned, from the start of -the result set, ordered lexically, limiting the number of results to `n`. The -response to such a request would look as follows: - -``` -200 OK -Content-Type: application/json -Link: <?n=&last=>; rel="next" - -{ - "repositories": [ - , - ... - ] -} -``` - -The above includes the _first_ `n` entries from the result set. To get the -_next_ `n` entries, one can create a URL where the argument `last` has the -value from `repositories[len(repositories)-1]`. If there are indeed more -results, the URL for the next block is encoded in an -[RFC5988](https://tools.ietf.org/html/rfc5988) `Link` header, as a "next" -relation. The presence of the `Link` header communicates to the client that -the entire result set has not been returned and another request must be -issued. If the header is not present, the client can assume that all results -have been received. - -> __NOTE:__ In the request template above, note that the brackets -> are required. For example, if the url is -> `http://example.com/v2/_catalog?n=20&last=b`, the value of the header would -> be `; rel="next"`. Please see -> [RFC5988](https://tools.ietf.org/html/rfc5988) for details. - -Compliant client implementations should always use the `Link` header -value when proceeding through results linearly. The client may construct URLs -to skip forward in the catalog. - -To get the next result set, a client would issue the request as follows, using -the URL encoded in the described `Link` header: - -``` -GET /v2/_catalog?n=&last= -``` - -The above process should then be repeated until the `Link` header is no longer -set. - -The catalog result set is represented abstractly as a lexically sorted list, -where the position in that list can be specified by the query term `last`. The -entries in the response start _after_ the term specified by `last`, up to `n` -entries. - -The behavior of `last` is quite simple when demonstrated with an example. Let -us say the registry has the following repositories: - -``` -a -b -c -d -``` - -If the value of `n` is 2, _a_ and _b_ will be returned on the first response. -The `Link` header returned on the response will have `n` set to 2 and last set -to _b_: - -``` -Link: <?n=2&last=b>; rel="next" -``` - -The client can then issue the request with the above value from the `Link` -header, receiving the values _c_ and _d_. Note that `n` may change on the second -to last response or be fully omitted, depending on the server implementation. - -### Listing Image Tags - -It may be necessary to list all of the tags under a given repository. The tags -for an image repository can be retrieved with the following request: - - GET /v2//tags/list - -The response will be in the following format: - - 200 OK - Content-Type: application/json - - { - "name": , - "tags": [ - , - ... - ] - } - -For repositories with a large number of tags, this response may be quite -large. If such a response is expected, one should use the pagination. - -#### Pagination - -Paginated tag results can be retrieved by adding the appropriate parameters to -the request URL described above. The behavior of tag pagination is identical -to that specified for catalog pagination. We cover a simple flow to highlight -any differences. - -Starting a paginated flow may begin as follows: - -``` -GET /v2//tags/list?n= -``` - -The above specifies that a tags response should be returned, from the start of -the result set, ordered lexically, limiting the number of results to `n`. The -response to such a request would look as follows: - -``` -200 OK -Content-Type: application/json -Link: <?n=&last=>; rel="next" - -{ - "name": , - "tags": [ - , - ... - ] -} -``` - -To get the next result set, a client would issue the request as follows, using -the value encoded in the [RFC5988](https://tools.ietf.org/html/rfc5988) `Link` -header: - -``` -GET /v2//tags/list?n=&last= -``` - -The above process should then be repeated until the `Link` header is no longer -set in the response. The behavior of the `last` parameter, the provided -response result, lexical ordering and encoding of the `Link` header are -identical to that of catalog pagination. - -### Deleting an Image - -An image may be deleted from the registry via its `name` and `reference`. A -delete may be issued with the following request format: - - DELETE /v2//manifests/ - -For deletes, `reference` *must* be a digest or the delete will fail. If the -image exists and has been successfully deleted, the following response will be -issued: - - 202 Accepted - Content-Length: None - -If the image had already been deleted or did not exist, a `404 Not Found` -response will be issued instead. - -> **Note** When deleting a manifest from a registry version 2.3 or later, the -> following header must be used when `HEAD` or `GET`-ing the manifest to obtain -> the correct digest to delete: - - Accept: application/vnd.docker.distribution.manifest.v2+json - -> for more details, see: [compatibility.md](../compatibility.md#content-addressable-storage-cas) - -## Detail - -> **Note**: This section is still under construction. For the purposes of -> implementation, if any details below differ from the described request flows -> above, the section below should be corrected. When they match, this note -> should be removed. - -The behavior of the endpoints are covered in detail in this section, organized -by route and entity. All aspects of the request and responses are covered, -including headers, parameters and body formats. Examples of requests and their -corresponding responses, with success and failure, are enumerated. - -> **Note**: The sections on endpoint detail are arranged with an example -> request, a description of the request, followed by information about that -> request. - -A list of methods and URIs are covered in the table below: - -|Method|Path|Entity|Description| -|------|----|------|-----------| -{{range $route := .RouteDescriptors}}{{range $method := .Methods}}| {{$method.Method}} | `{{$route.Path|prettygorilla}}` | {{$route.Entity}} | {{$method.Description}} | -{{end}}{{end}} - -The detail for each endpoint is covered in the following sections. - -### Errors - -The error codes encountered via the API are enumerated in the following table: - -|Code|Message|Description| -|----|-------|-----------| -{{range $err := .ErrorDescriptors}} `{{$err.Value}}` | {{$err.Message}} | {{$err.Description|removenewlines}} -{{end}} - -{{range $route := .RouteDescriptors}} -### {{.Entity}} - -{{.Description}} - -{{range $method := $route.Methods}} - -#### {{.Method}} {{$route.Entity}} - -{{.Description}} - -{{if .Requests}}{{range .Requests}}{{if .Name}} -##### {{.Name}}{{end}} - -``` -{{$method.Method}} {{$route.Path|prettygorilla}}{{range $i, $param := .QueryParameters}}{{if eq $i 0}}?{{else}}&{{end}}{{$param.Name}}={{$param.Format}}{{end}}{{range .Headers}} -{{.Name}}: {{.Format}}{{end}}{{if .Body.ContentType}} -Content-Type: {{.Body.ContentType}}{{end}}{{if .Body.Format}} - -{{.Body.Format}}{{end}} -``` - -{{.Description}} - -{{if or .Headers .PathParameters .QueryParameters}} -The following parameters should be specified on the request: - -|Name|Kind|Description| -|----|----|-----------| -{{range .Headers}}|`{{.Name}}`|header|{{.Description}}| -{{end}}{{range .PathParameters}}|`{{.Name}}`|path|{{.Description}}| -{{end}}{{range .QueryParameters}}|`{{.Name}}`|query|{{.Description}}| -{{end}}{{end}} - -{{if .Successes}} -{{range .Successes}} -###### On Success: {{if .Name}}{{.Name}}{{else}}{{.StatusCode | statustext}}{{end}} - -``` -{{.StatusCode}} {{.StatusCode | statustext}}{{range .Headers}} -{{.Name}}: {{.Format}}{{end}}{{if .Body.ContentType}} -Content-Type: {{.Body.ContentType}}{{end}}{{if .Body.Format}} - -{{.Body.Format}}{{end}} -``` - -{{.Description}} -{{if .Fields}}The following fields may be returned in the response body: - -|Name|Description| -|----|-----------| -{{range .Fields}}|`{{.Name}}`|{{.Description}}| -{{end}}{{end}}{{if .Headers}} -The following headers will be returned with the response: - -|Name|Description| -|----|-----------| -{{range .Headers}}|`{{.Name}}`|{{.Description}}| -{{end}}{{end}}{{end}}{{end}} - -{{if .Failures}} -{{range .Failures}} -###### On Failure: {{if .Name}}{{.Name}}{{else}}{{.StatusCode | statustext}}{{end}} - -``` -{{.StatusCode}} {{.StatusCode | statustext}}{{range .Headers}} -{{.Name}}: {{.Format}}{{end}}{{if .Body.ContentType}} -Content-Type: {{.Body.ContentType}}{{end}}{{if .Body.Format}} - -{{.Body.Format}}{{end}} -``` - -{{.Description}} -{{if .Headers}} -The following headers will be returned on the response: - -|Name|Description| -|----|-----------| -{{range .Headers}}|`{{.Name}}`|{{.Description}}| -{{end}}{{end}} - -{{if .ErrorCodes}} -The error codes that may be included in the response body are enumerated below: - -|Code|Message|Description| -|----|-------|-----------| -{{range $err := .ErrorCodes}}| `{{$err.Descriptor.Value}}` | {{$err.Descriptor.Message}} | {{$err.Descriptor.Description|removenewlines}} | -{{end}} - -{{end}}{{end}}{{end}}{{end}}{{end}}{{end}} - -{{end}} diff --git a/vendor/github.com/docker/distribution/docs/spec/auth/index.md b/vendor/github.com/docker/distribution/docs/spec/auth/index.md deleted file mode 100644 index d1aa9422..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/auth/index.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -title: "Docker Registry Token Authentication" -description: "Docker Registry v2 authentication schema" -keywords: ["registry, on-prem, images, tags, repository, distribution, authentication, advanced"] ---- - -# Docker Registry v2 authentication - -See the [Token Authentication Specification](token.md), -[Token Authentication Implementation](jwt.md), -[Token Scope Documentation](scope.md), -[OAuth2 Token Authentication](oauth.md) for more information. diff --git a/vendor/github.com/docker/distribution/docs/spec/auth/jwt.md b/vendor/github.com/docker/distribution/docs/spec/auth/jwt.md deleted file mode 100644 index aa9941b0..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/auth/jwt.md +++ /dev/null @@ -1,329 +0,0 @@ ---- -title: "Token Authentication Implementation" -description: "Describe the reference implementation of the Docker Registry v2 authentication schema" -keywords: ["registry, on-prem, images, tags, repository, distribution, JWT authentication, advanced"] ---- - -# Docker Registry v2 Bearer token specification - -This specification covers the `docker/distribution` implementation of the -v2 Registry's authentication schema. Specifically, it describes the JSON -Web Token schema that `docker/distribution` has adopted to implement the -client-opaque Bearer token issued by an authentication service and -understood by the registry. - -This document borrows heavily from the [JSON Web Token Draft Spec](https://tools.ietf.org/html/draft-ietf-oauth-json-web-token-32) - -## Getting a Bearer Token - -For this example, the client makes an HTTP GET request to the following URL: - -``` -https://auth.docker.io/token?service=registry.docker.io&scope=repository:samalba/my-app:pull,push -``` - -The token server should first attempt to authenticate the client using any -authentication credentials provided with the request. As of Docker 1.8, the -registry client in the Docker Engine only supports Basic Authentication to -these token servers. If an attempt to authenticate to the token server fails, -the token server should return a `401 Unauthorized` response indicating that -the provided credentials are invalid. - -Whether the token server requires authentication is up to the policy of that -access control provider. Some requests may require authentication to determine -access (such as pushing or pulling a private repository) while others may not -(such as pulling from a public repository). - -After authenticating the client (which may simply be an anonymous client if -no attempt was made to authenticate), the token server must next query its -access control list to determine whether the client has the requested scope. In -this example request, if I have authenticated as user `jlhawn`, the token -server will determine what access I have to the repository `samalba/my-app` -hosted by the entity `registry.docker.io`. - -Once the token server has determined what access the client has to the -resources requested in the `scope` parameter, it will take the intersection of -the set of requested actions on each resource and the set of actions that the -client has in fact been granted. If the client only has a subset of the -requested access **it must not be considered an error** as it is not the -responsibility of the token server to indicate authorization errors as part of -this workflow. - -Continuing with the example request, the token server will find that the -client's set of granted access to the repository is `[pull, push]` which when -intersected with the requested access `[pull, push]` yields an equal set. If -the granted access set was found only to be `[pull]` then the intersected set -would only be `[pull]`. If the client has no access to the repository then the -intersected set would be empty, `[]`. - -It is this intersected set of access which is placed in the returned token. - -The server will now construct a JSON Web Token to sign and return. A JSON Web -Token has 3 main parts: - -1. Headers - - The header of a JSON Web Token is a standard JOSE header. The "typ" field - will be "JWT" and it will also contain the "alg" which identifies the - signing algorithm used to produce the signature. It also must have a "kid" - field, representing the ID of the key which was used to sign the token. - - The "kid" field has to be in a libtrust fingerprint compatible format. - Such a format can be generated by following steps: - - 1. Take the DER encoded public key which the JWT token was signed against. - - 2. Create a SHA256 hash out of it and truncate to 240bits. - - 3. Split the result into 12 base32 encoded groups with `:` as delimiter. - - Here is an example JOSE Header for a JSON Web Token (formatted with - whitespace for readability): - - ``` - { - "typ": "JWT", - "alg": "ES256", - "kid": "PYYO:TEWU:V7JH:26JV:AQTZ:LJC3:SXVJ:XGHA:34F2:2LAQ:ZRMK:Z7Q6" - } - ``` - - It specifies that this object is going to be a JSON Web token signed using - the key with the given ID using the Elliptic Curve signature algorithm - using a SHA256 hash. - -2. Claim Set - - The Claim Set is a JSON struct containing these standard registered claim - name fields: - -
-
- iss (Issuer) -
-
- The issuer of the token, typically the fqdn of the authorization - server. -
-
- sub (Subject) -
-
- The subject of the token; the name or id of the client which - requested it. This should be empty (`""`) if the client did not - authenticate. -
-
- aud (Audience) -
-
- The intended audience of the token; the name or id of the service - which will verify the token to authorize the client/subject. -
-
- exp (Expiration) -
-
- The token should only be considered valid up to this specified date - and time. -
-
- nbf (Not Before) -
-
- The token should not be considered valid before this specified date - and time. -
-
- iat (Issued At) -
-
- Specifies the date and time which the Authorization server - generated this token. -
-
- jti (JWT ID) -
-
- A unique identifier for this token. Can be used by the intended - audience to prevent replays of the token. -
-
- - The Claim Set will also contain a private claim name unique to this - authorization server specification: - -
-
- access -
-
- An array of access entry objects with the following fields: - -
-
- type -
-
- The type of resource hosted by the service. -
-
- name -
-
- The name of the resource of the given type hosted by the - service. -
-
- actions -
-
- An array of strings which give the actions authorized on - this resource. -
-
-
-
- - Here is an example of such a JWT Claim Set (formatted with whitespace for - readability): - - ``` - { - "iss": "auth.docker.com", - "sub": "jlhawn", - "aud": "registry.docker.com", - "exp": 1415387315, - "nbf": 1415387015, - "iat": 1415387015, - "jti": "tYJCO1c6cnyy7kAn0c7rKPgbV1H1bFws", - "access": [ - { - "type": "repository", - "name": "samalba/my-app", - "actions": [ - "pull", - "push" - ] - } - ] - } - ``` - -3. Signature - - The authorization server will produce a JOSE header and Claim Set with no - extraneous whitespace, i.e., the JOSE Header from above would be - - ``` - {"typ":"JWT","alg":"ES256","kid":"PYYO:TEWU:V7JH:26JV:AQTZ:LJC3:SXVJ:XGHA:34F2:2LAQ:ZRMK:Z7Q6"} - ``` - - and the Claim Set from above would be - - ``` - {"iss":"auth.docker.com","sub":"jlhawn","aud":"registry.docker.com","exp":1415387315,"nbf":1415387015,"iat":1415387015,"jti":"tYJCO1c6cnyy7kAn0c7rKPgbV1H1bFws","access":[{"type":"repository","name":"samalba/my-app","actions":["push","pull"]}]} - ``` - - The utf-8 representation of this JOSE header and Claim Set are then - url-safe base64 encoded (sans trailing '=' buffer), producing: - - ``` - eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0 - ``` - - for the JOSE Header and - - ``` - eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0 - ``` - - for the Claim Set. These two are concatenated using a '.' character, - yielding the string: - - ``` - eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0 - ``` - - This is then used as the payload to a the `ES256` signature algorithm - specified in the JOSE header and specified fully in [Section 3.4 of the JSON Web Algorithms (JWA) - draft specification](https://tools.ietf.org/html/draft-ietf-jose-json-web-algorithms-38#section-3.4) - - This example signature will use the following ECDSA key for the server: - - ``` - { - "kty": "EC", - "crv": "P-256", - "kid": "PYYO:TEWU:V7JH:26JV:AQTZ:LJC3:SXVJ:XGHA:34F2:2LAQ:ZRMK:Z7Q6", - "d": "R7OnbfMaD5J2jl7GeE8ESo7CnHSBm_1N2k9IXYFrKJA", - "x": "m7zUpx3b-zmVE5cymSs64POG9QcyEpJaYCD82-549_Q", - "y": "dU3biz8sZ_8GPB-odm8Wxz3lNDr1xcAQQPQaOcr1fmc" - } - ``` - - A resulting signature of the above payload using this key is: - - ``` - QhflHPfbd6eVF4lM9bwYpFZIV0PfikbyXuLx959ykRTBpe3CYnzs6YBK8FToVb5R47920PVLrh8zuLzdCr9t3w - ``` - - Concatenating all of these together with a `.` character gives the - resulting JWT: - - ``` - eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0.QhflHPfbd6eVF4lM9bwYpFZIV0PfikbyXuLx959ykRTBpe3CYnzs6YBK8FToVb5R47920PVLrh8zuLzdCr9t3w - ``` - -This can now be placed in an HTTP response and returned to the client to use to -authenticate to the audience service: - - -``` -HTTP/1.1 200 OK -Content-Type: application/json - -{"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0.QhflHPfbd6eVF4lM9bwYpFZIV0PfikbyXuLx959ykRTBpe3CYnzs6YBK8FToVb5R47920PVLrh8zuLzdCr9t3w"} -``` - -## Using the signed token - -Once the client has a token, it will try the registry request again with the -token placed in the HTTP `Authorization` header like so: - -``` -Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkJWM0Q6MkFWWjpVQjVaOktJQVA6SU5QTDo1RU42Ok40SjQ6Nk1XTzpEUktFOkJWUUs6M0ZKTDpQT1RMIn0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJCQ0NZOk9VNlo6UUVKNTpXTjJDOjJBVkM6WTdZRDpBM0xZOjQ1VVc6NE9HRDpLQUxMOkNOSjU6NUlVTCIsImF1ZCI6InJlZ2lzdHJ5LmRvY2tlci5jb20iLCJleHAiOjE0MTUzODczMTUsIm5iZiI6MTQxNTM4NzAxNSwiaWF0IjoxNDE1Mzg3MDE1LCJqdGkiOiJ0WUpDTzFjNmNueXk3a0FuMGM3cktQZ2JWMUgxYkZ3cyIsInNjb3BlIjoiamxoYXduOnJlcG9zaXRvcnk6c2FtYWxiYS9teS1hcHA6cHVzaCxwdWxsIGpsaGF3bjpuYW1lc3BhY2U6c2FtYWxiYTpwdWxsIn0.Y3zZSwaZPqy4y9oRBVRImZyv3m_S9XDHF1tWwN7mL52C_IiA73SJkWVNsvNqpJIn5h7A2F8biv_S2ppQ1lgkbw -``` - -This is also described in [Section 2.1 of RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://tools.ietf.org/html/rfc6750#section-2.1) - -## Verifying the token - -The registry must now verify the token presented by the user by inspecting the -claim set within. The registry will: - -- Ensure that the issuer (`iss` claim) is an authority it trusts. -- Ensure that the registry identifies as the audience (`aud` claim). -- Check that the current time is between the `nbf` and `exp` claim times. -- If enforcing single-use tokens, check that the JWT ID (`jti` claim) value has - not been seen before. - - To enforce this, the registry may keep a record of `jti`s it has seen for - up to the `exp` time of the token to prevent token replays. -- Check the `access` claim value and use the identified resources and the list - of actions authorized to determine whether the token grants the required - level of access for the operation the client is attempting to perform. -- Verify that the signature of the token is valid. - -If any of these requirements are not met, the registry will return a -`403 Forbidden` response to indicate that the token is invalid. - -**Note**: it is only at this point in the workflow that an authorization error -may occur. The token server should *not* return errors when the user does not -have the requested authorization. Instead, the returned token should indicate -whatever of the requested scope the client does have (the intersection of -requested and granted access). If the token does not supply proper -authorization then the registry will return the appropriate error. - -At no point in this process should the registry need to call back to the -authorization server. The registry only needs to be supplied with the trusted -public keys to verify the token signatures. diff --git a/vendor/github.com/docker/distribution/docs/spec/auth/oauth.md b/vendor/github.com/docker/distribution/docs/spec/auth/oauth.md deleted file mode 100644 index d946da8a..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/auth/oauth.md +++ /dev/null @@ -1,190 +0,0 @@ ---- -title: "Oauth2 Token Authentication" -description: "Specifies the Docker Registry v2 authentication" -keywords: ["registry, on-prem, images, tags, repository, distribution, oauth2, advanced"] ---- - -# Docker Registry v2 authentication using OAuth2 - -This document describes support for the OAuth2 protocol within the authorization -server. [RFC6749](https://tools.ietf.org/html/rfc6749) should be used as a -reference for the protocol and HTTP endpoints described here. - -**Note**: Not all token servers implement oauth2. If the request to the endpoint -returns `404` using the HTTP `POST` method, refer to -[Token Documentation](token.md) for using the HTTP `GET` method supported by all -token servers. - -## Refresh token format - -The format of the refresh token is completely opaque to the client and should be -determined by the authorization server. The authorization should ensure the -token is sufficiently long and is responsible for storing any information about -long-lived tokens which may be needed for revoking. Any information stored -inside the token will not be extracted and presented by clients. - -## Getting a token - -POST /token - -#### Headers -Content-Type: application/x-www-form-urlencoded - -#### Post parameters - -
-
- grant_type -
-
- (REQUIRED) Type of grant used to get token. When getting a refresh token - using credentials this type should be set to "password" and have the - accompanying username and password paramters. Type "authorization_code" - is reserved for future use for authenticating to an authorization server - without having to send credentials directly from the client. When - requesting an access token with a refresh token this should be set to - "refresh_token". -
-
- service -
-
- (REQUIRED) The name of the service which hosts the resource to get - access for. Refresh tokens will only be good for getting tokens for - this service. -
-
- client_id -
-
- (REQUIRED) String identifying the client. This client_id does not need - to be registered with the authorization server but should be set to a - meaningful value in order to allow auditing keys created by unregistered - clients. Accepted syntax is defined in - [RFC6749 Appendix A.1](https://tools.ietf.org/html/rfc6749#appendix-A.1) -
-
- access_type -
-
- (OPTIONAL) Access which is being requested. If "offline" is provided - then a refresh token will be returned. The default is "online" only - returning short lived access token. If the grant type is "refresh_token" - this will only return the same refresh token and not a new one. -
-
- scope -
-
- (OPTIONAL) The resource in question, formatted as one of the space-delimited - entries from the scope parameters from the WWW-Authenticate header - shown above. This query parameter should only be specified once but may - contain multiple scopes using the scope list format defined in the scope - grammar. If multiple scope is provided from - WWW-Authenticate header the scopes should first be - converted to a scope list before requesting the token. The above example - would be specified as: scope=repository:samalba/my-app:push. - When requesting a refresh token the scopes may be empty since the - refresh token will not be limited by this scope, only the provided short - lived access token will have the scope limitation. -
-
- refresh_token -
-
- (OPTIONAL) The refresh token to use for authentication when grant type "refresh_token" is used. -
-
- username -
-
- (OPTIONAL) The username to use for authentication when grant type "password" is used. -
-
- password -
-
- (OPTIONAL) The password to use for authentication when grant type "password" is used. -
-
- -#### Response fields - -
-
- access_token -
-
- (REQUIRED) An opaque Bearer token that clients should - supply to subsequent requests in the Authorization header. - This token should not be attempted to be parsed or understood by the - client but treated as opaque string. -
-
- scope -
-
- (REQUIRED) The scope granted inside the access token. This may be the - same scope as requested or a subset. This requirement is stronger than - specified in [RFC6749 Section 4.2.2](https://tools.ietf.org/html/rfc6749#section-4.2.2) - by strictly requiring the scope in the return value. -
-
- expires_in -
-
- (REQUIRED) The duration in seconds since the token was issued that it - will remain valid. When omitted, this defaults to 60 seconds. For - compatibility with older clients, a token should never be returned with - less than 60 seconds to live. -
-
- issued_at -
-
- (Optional) The RFC3339-serialized UTC - standard time at which a given token was issued. If issued_at is omitted, the - expiration is from when the token exchange completed. -
-
- refresh_token -
-
- (Optional) Token which can be used to get additional access tokens for - the same subject with different scopes. This token should be kept secure - by the client and only sent to the authorization server which issues - bearer tokens. This field will only be set when `access_type=offline` is - provided in the request. -
-
- - -#### Example getting refresh token - -``` -POST /token HTTP/1.1 -Host: auth.docker.io -Content-Type: application/x-www-form-urlencoded - -grant_type=password&username=johndoe&password=A3ddj3w&service=hub.docker.io&client_id=dockerengine&access_type=offline - -HTTP/1.1 200 OK -Content-Type: application/json - -{"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5","expires_in":900,"scope":""} -``` - -#### Example refreshing an Access Token - -``` -POST /token HTTP/1.1 -Host: auth.docker.io -Content-Type: application/x-www-form-urlencoded - -grant_type=refresh_token&refresh_token=kas9Da81Dfa8&service=registry-1.docker.io&client_id=dockerengine&scope=repository:samalba/my-app:pull,push - -HTTP/1.1 200 OK -Content-Type: application/json - -{"refresh_token":"kas9Da81Dfa8","access_token":"eyJhbGciOiJFUzI1NiIsInR5":"expires_in":900,"scope":"repository:samalba/my-app:pull,repository:samalba/my-app:push"} -``` diff --git a/vendor/github.com/docker/distribution/docs/spec/auth/scope.md b/vendor/github.com/docker/distribution/docs/spec/auth/scope.md deleted file mode 100644 index 6ef61edf..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/auth/scope.md +++ /dev/null @@ -1,148 +0,0 @@ ---- -title: "Token Scope Documentation" -description: "Describes the scope and access fields used for registry authorization tokens" -keywords: ["registry, on-prem, images, tags, repository, distribution, advanced, access, scope"] ---- - -# Docker Registry Token Scope and Access - -Tokens used by the registry are always restricted what resources they may -be used to access, where those resources may be accessed, and what actions -may be done on those resources. Tokens always have the context of a user which -the token was originally created for. This document describes how these -restrictions are represented and enforced by the authorization server and -resource providers. - -## Scope Components - -### Subject (Authenticated User) - -The subject represents the user for which a token is valid. Any actions -performed using an access token should be considered on behalf of the subject. -This is included in the `sub` field of access token JWT. A refresh token should -be limited to a single subject and only be able to give out access tokens for -that subject. - -### Audience (Resource Provider) - -The audience represents a resource provider which is intended to be able to -perform the actions specified in the access token. Any resource provider which -does not match the audience should not use that access token. The audience is -included in the `aud` field of the access token JWT. A refresh token should be -limited to a single audience and only be able to give out access tokens for that -audience. - -### Resource Type - -The resource type represents the type of resource which the resource name is -intended to represent. This type may be specific to a resource provider but must -be understood by the authorization server in order to validate the subject -is authorized for a specific resource. - -#### Resource Class - -The resource type might have a resource class which further classifies the -the resource name within the resource type. A class is not required and -is specific to the resource type. - -#### Example Resource Types - - - `repository` - represents a single repository within a registry. A -repository may represent many manifest or content blobs, but the resource type -is considered the collections of those items. Actions which may be performed on -a `repository` are `pull` for accessing the collection and `push` for adding to -it. By default the `repository` type has the class of `image`. - - `repository(plugin)` - represents a single repository of plugins within a -registry. A plugin repository has the same content and actions as a repository. - - `registry` - represents the entire registry. Used for administrative actions -or lookup operations that span an entire registry. - -### Resource Name - -The resource name represent the name which identifies a resource for a resource -provider. A resource is identified by this name and the provided resource type. -An example of a resource name would be the name component of an image tag, such -as "samalba/myapp" or "hostname/samalba/myapp". - -### Resource Actions - -The resource actions define the actions which the access token allows to be -performed on the identified resource. These actions are type specific but will -normally have actions identifying read and write access on the resource. Example -for the `repository` type are `pull` for read access and `push` for write -access. - -## Authorization Server Use - -Each access token request may include a scope and an audience. The subject is -always derived from the passed in credentials or refresh token. When using -a refresh token the passed in audience must match the audience defined for -the refresh token. The audience (resource provider) is provided using the -`service` field. Multiple resource scopes may be provided using multiple `scope` -fields on the `GET` request. The `POST` request only takes in a single -`scope` field but may use a space to separate a list of multiple resource -scopes. - -### Resource Scope Grammar - -``` -scope := resourcescope [ ' ' resourcescope ]* -resourcescope := resourcetype ":" resourcename ":" action [ ',' action ]* -resourcetype := resourcetypevalue [ '(' resourcetypevalue ')' ] -resourcetypevalue := /[a-z0-9]+/ -resourcename := [ hostname '/' ] component [ '/' component ]* -hostname := hostcomponent ['.' hostcomponent]* [':' port-number] -hostcomponent := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/ -port-number := /[0-9]+/ -action := /[a-z]*/ -component := alpha-numeric [ separator alpha-numeric ]* -alpha-numeric := /[a-z0-9]+/ -separator := /[_.]|__|[-]*/ -``` -Full reference grammar is defined -[here](https://godoc.org/github.com/docker/distribution/reference). Currently -the scope name grammar is a subset of the reference grammar. - -> **NOTE:** that the `resourcename` may contain one `:` due to a possible port -> number in the hostname component of the `resourcename`, so a naive -> implementation that interprets the first three `:`-delimited tokens of a -> `scope` to be the `resourcetype`, `resourcename`, and a list of `action` -> would be insufficient. - -## Resource Provider Use - -Once a resource provider has verified the authenticity of the scope through -JWT access token verification, the resource provider must ensure that scope -satisfies the request. The resource provider should match the given audience -according to name or URI the resource provider uses to identify itself. Any -denial based on subject is not defined here and is up to resource provider, the -subject is mainly provided for audit logs and any other user-specific rules -which may need to be provided but are not defined by the authorization server. - -The resource provider must ensure that ANY resource being accessed as the -result of a request has the appropriate access scope. Both the resource type -and resource name must match the accessed resource and an appropriate action -scope must be included. - -When appropriate authorization is not provided either due to lack of scope -or missing token, the resource provider to return a `WWW-AUTHENTICATE` HTTP -header with the `realm` as the authorization server, the `service` as the -expected audience identifying string, and a `scope` field for each required -resource scope to complete the request. - -## JWT Access Tokens - -Each JWT access token may only have a single subject and audience but multiple -resource scopes. The subject and audience are put into standard JWT fields -`sub` and `aud`. The resource scope is put into the `access` field. The -structure of the access field can be seen in the -[jwt documentation](jwt.md). - -## Refresh Tokens - -A refresh token must be defined for a single subject and audience. Further -restricting scope to specific type, name, and actions combinations should be -done by fetching an access token using the refresh token. Since the refresh -token is not scoped to specific resources for an audience, extra care should -be taken to only use the refresh token to negotiate new access tokens directly -with the authorization server, and never with a resource provider. diff --git a/vendor/github.com/docker/distribution/docs/spec/auth/token.md b/vendor/github.com/docker/distribution/docs/spec/auth/token.md deleted file mode 100644 index f8391bd5..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/auth/token.md +++ /dev/null @@ -1,250 +0,0 @@ ---- -title: "Token Authentication Specification" -description: "Specifies the Docker Registry v2 authentication" -keywords: ["registry, on-prem, images, tags, repository, distribution, Bearer authentication, advanced"] ---- - -# Docker Registry v2 authentication via central service - -This document outlines the v2 Docker registry authentication scheme: - -![v2 registry auth](../../images/v2-registry-auth.png) - -1. Attempt to begin a push/pull operation with the registry. -2. If the registry requires authorization it will return a `401 Unauthorized` - HTTP response with information on how to authenticate. -3. The registry client makes a request to the authorization service for a - Bearer token. -4. The authorization service returns an opaque Bearer token representing the - client's authorized access. -5. The client retries the original request with the Bearer token embedded in - the request's Authorization header. -6. The Registry authorizes the client by validating the Bearer token and the - claim set embedded within it and begins the push/pull session as usual. - -## Requirements - -- Registry clients which can understand and respond to token auth challenges - returned by the resource server. -- An authorization server capable of managing access controls to their - resources hosted by any given service (such as repositories in a Docker - Registry). -- A Docker Registry capable of trusting the authorization server to sign tokens - which clients can use for authorization and the ability to verify these - tokens for single use or for use during a sufficiently short period of time. - -## Authorization Server Endpoint Descriptions - -The described server is meant to serve as a standalone access control manager -for resources hosted by other services which wish to authenticate and manage -authorizations using a separate access control manager. - -A service like this is used by the official Docker Registry to authenticate -clients and verify their authorization to Docker image repositories. - -As of Docker 1.6, the registry client within the Docker Engine has been updated -to handle such an authorization workflow. - -## How to authenticate - -Registry V1 clients first contact the index to initiate a push or pull. Under -the Registry V2 workflow, clients should contact the registry first. If the -registry server requires authentication it will return a `401 Unauthorized` -response with a `WWW-Authenticate` header detailing how to authenticate to this -registry. - -For example, say I (username `jlhawn`) am attempting to push an image to the -repository `samalba/my-app`. For the registry to authorize this, I will need -`push` access to the `samalba/my-app` repository. The registry will first -return this response: - -``` -HTTP/1.1 401 Unauthorized -Content-Type: application/json; charset=utf-8 -Docker-Distribution-Api-Version: registry/2.0 -Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:samalba/my-app:pull,push" -Date: Thu, 10 Sep 2015 19:32:31 GMT -Content-Length: 235 -Strict-Transport-Security: max-age=31536000 - -{"errors":[{"code":"UNAUTHORIZED","message":"access to the requested resource is not authorized","detail":[{"Type":"repository","Name":"samalba/my-app","Action":"pull"},{"Type":"repository","Name":"samalba/my-app","Action":"push"}]}]} -``` - -Note the HTTP Response Header indicating the auth challenge: - -``` -Www-Authenticate: Bearer realm="https://auth.docker.io/token",service="registry.docker.io",scope="repository:samalba/my-app:pull,push" -``` - -This format is documented in [Section 3 of RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://tools.ietf.org/html/rfc6750#section-3) - -This challenge indicates that the registry requires a token issued by the -specified token server and that the request the client is attempting will -need to include sufficient access entries in its claim set. To respond to this -challenge, the client will need to make a `GET` request to the URL -`https://auth.docker.io/token` using the `service` and `scope` values from the -`WWW-Authenticate` header. - -## Requesting a Token - -Defines getting a bearer and refresh token using the token endpoint. - -#### Query Parameters - -
-
- service -
-
- The name of the service which hosts the resource. -
-
- offline_token -
-
- Whether to return a refresh token along with the bearer token. A refresh - token is capable of getting additional bearer tokens for the same - subject with different scopes. The refresh token does not have an - expiration and should be considered completely opaque to the client. -
-
- client_id -
-
- String identifying the client. This client_id does not need - to be registered with the authorization server but should be set to a - meaningful value in order to allow auditing keys created by unregistered - clients. Accepted syntax is defined in - [RFC6749 Appendix A.1](https://tools.ietf.org/html/rfc6749#appendix-A.1). -
-
- scope -
-
- The resource in question, formatted as one of the space-delimited - entries from the scope parameters from the WWW-Authenticate header - shown above. This query parameter should be specified multiple times if - there is more than one scope entry from the WWW-Authenticate - header. The above example would be specified as: - scope=repository:samalba/my-app:push. The scope field may - be empty to request a refresh token without providing any resource - permissions to the returned bearer token. -
-
- - -#### Token Response Fields - -
-
- token -
-
- An opaque Bearer token that clients should supply to subsequent - requests in the Authorization header. -
-
- access_token -
-
- For compatibility with OAuth 2.0, we will also accept token under the name - access_token. At least one of these fields must be specified, but - both may also appear (for compatibility with older clients). When both are specified, - they should be equivalent; if they differ the client's choice is undefined. -
-
- expires_in -
-
- (Optional) The duration in seconds since the token was issued that it - will remain valid. When omitted, this defaults to 60 seconds. For - compatibility with older clients, a token should never be returned with - less than 60 seconds to live. -
-
- issued_at -
-
- (Optional) The RFC3339-serialized UTC - standard time at which a given token was issued. If issued_at is omitted, the - expiration is from when the token exchange completed. -
-
- refresh_token -
-
- (Optional) Token which can be used to get additional access tokens for - the same subject with different scopes. This token should be kept secure - by the client and only sent to the authorization server which issues - bearer tokens. This field will only be set when `offline_token=true` is - provided in the request. -
-
- -#### Example - -For this example, the client makes an HTTP GET request to the following URL: - -``` -https://auth.docker.io/token?service=registry.docker.io&scope=repository:samalba/my-app:pull,push -``` - -The token server should first attempt to authenticate the client using any -authentication credentials provided with the request. From Docker 1.11 the -Docker engine supports both Basic Authentication and [OAuth2](oauth.md) for -getting tokens. Docker 1.10 and before, the registry client in the Docker Engine -only supports Basic Authentication. If an attempt to authenticate to the token -server fails, the token server should return a `401 Unauthorized` response -indicating that the provided credentials are invalid. - -Whether the token server requires authentication is up to the policy of that -access control provider. Some requests may require authentication to determine -access (such as pushing or pulling a private repository) while others may not -(such as pulling from a public repository). - -After authenticating the client (which may simply be an anonymous client if -no attempt was made to authenticate), the token server must next query its -access control list to determine whether the client has the requested scope. In -this example request, if I have authenticated as user `jlhawn`, the token -server will determine what access I have to the repository `samalba/my-app` -hosted by the entity `registry.docker.io`. - -Once the token server has determined what access the client has to the -resources requested in the `scope` parameter, it will take the intersection of -the set of requested actions on each resource and the set of actions that the -client has in fact been granted. If the client only has a subset of the -requested access **it must not be considered an error** as it is not the -responsibility of the token server to indicate authorization errors as part of -this workflow. - -Continuing with the example request, the token server will find that the -client's set of granted access to the repository is `[pull, push]` which when -intersected with the requested access `[pull, push]` yields an equal set. If -the granted access set was found only to be `[pull]` then the intersected set -would only be `[pull]`. If the client has no access to the repository then the -intersected set would be empty, `[]`. - -It is this intersected set of access which is placed in the returned token. - -The server then constructs an implementation-specific token with this -intersected set of access, and returns it to the Docker client to use to -authenticate to the audience service (within the indicated window of time): - -``` -HTTP/1.1 200 OK -Content-Type: application/json - -{"token": "eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IlBZWU86VEVXVTpWN0pIOjI2SlY6QVFUWjpMSkMzOlNYVko6WEdIQTozNEYyOjJMQVE6WlJNSzpaN1E2In0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJqbGhhd24iLCJhdWQiOiJyZWdpc3RyeS5kb2NrZXIuY29tIiwiZXhwIjoxNDE1Mzg3MzE1LCJuYmYiOjE0MTUzODcwMTUsImlhdCI6MTQxNTM4NzAxNSwianRpIjoidFlKQ08xYzZjbnl5N2tBbjBjN3JLUGdiVjFIMWJGd3MiLCJhY2Nlc3MiOlt7InR5cGUiOiJyZXBvc2l0b3J5IiwibmFtZSI6InNhbWFsYmEvbXktYXBwIiwiYWN0aW9ucyI6WyJwdXNoIl19XX0.QhflHPfbd6eVF4lM9bwYpFZIV0PfikbyXuLx959ykRTBpe3CYnzs6YBK8FToVb5R47920PVLrh8zuLzdCr9t3w", "expires_in": 3600,"issued_at": "2009-11-10T23:00:00Z"} -``` - - -## Using the Bearer token - -Once the client has a token, it will try the registry request again with the -token placed in the HTTP `Authorization` header like so: - -``` -Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IkJWM0Q6MkFWWjpVQjVaOktJQVA6SU5QTDo1RU42Ok40SjQ6Nk1XTzpEUktFOkJWUUs6M0ZKTDpQT1RMIn0.eyJpc3MiOiJhdXRoLmRvY2tlci5jb20iLCJzdWIiOiJCQ0NZOk9VNlo6UUVKNTpXTjJDOjJBVkM6WTdZRDpBM0xZOjQ1VVc6NE9HRDpLQUxMOkNOSjU6NUlVTCIsImF1ZCI6InJlZ2lzdHJ5LmRvY2tlci5jb20iLCJleHAiOjE0MTUzODczMTUsIm5iZiI6MTQxNTM4NzAxNSwiaWF0IjoxNDE1Mzg3MDE1LCJqdGkiOiJ0WUpDTzFjNmNueXk3a0FuMGM3cktQZ2JWMUgxYkZ3cyIsInNjb3BlIjoiamxoYXduOnJlcG9zaXRvcnk6c2FtYWxiYS9teS1hcHA6cHVzaCxwdWxsIGpsaGF3bjpuYW1lc3BhY2U6c2FtYWxiYTpwdWxsIn0.Y3zZSwaZPqy4y9oRBVRImZyv3m_S9XDHF1tWwN7mL52C_IiA73SJkWVNsvNqpJIn5h7A2F8biv_S2ppQ1lgkbw -``` - -This is also described in [Section 2.1 of RFC 6750: The OAuth 2.0 Authorization Framework: Bearer Token Usage](https://tools.ietf.org/html/rfc6750#section-2.1) diff --git a/vendor/github.com/docker/distribution/docs/spec/implementations.md b/vendor/github.com/docker/distribution/docs/spec/implementations.md deleted file mode 100644 index 34746535..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/implementations.md +++ /dev/null @@ -1,30 +0,0 @@ ---- -published: false ---- - -# Distribution API Implementations - -This is a list of known implementations of the Distribution API spec. - -## [Docker Distribution Registry](https://github.com/docker/distribution) - -Docker distribution is the reference implementation of the distribution API -specification. It aims to fully implement the entire specification. - -### Releases -#### 2.0.1 (_in development_) -Implements API 2.0.1 - -_Known Issues_ - - No resumable push support - - Content ranges ignored - - Blob upload status will always return a starting range of 0 - -#### 2.0.0 -Implements API 2.0.0 - -_Known Issues_ - - No resumable push support - - No PATCH implementation for blob upload - - Content ranges ignored - diff --git a/vendor/github.com/docker/distribution/docs/spec/index.md b/vendor/github.com/docker/distribution/docs/spec/index.md deleted file mode 100644 index 952ebabd..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/index.md +++ /dev/null @@ -1,12 +0,0 @@ ---- -title: "Reference Overview" -description: "Explains registry JSON objects" -keywords: ["registry, service, images, repository, json"] ---- - -# Docker Registry Reference - -* [HTTP API V2](api.md) -* [Storage Driver](../storage-drivers/index.md) -* [Token Authentication Specification](auth/token.md) -* [Token Authentication Implementation](auth/jwt.md) diff --git a/vendor/github.com/docker/distribution/docs/spec/json.md b/vendor/github.com/docker/distribution/docs/spec/json.md deleted file mode 100644 index 825b17ac..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/json.md +++ /dev/null @@ -1,90 +0,0 @@ ---- -published: false -title: "Docker Distribution JSON Canonicalization" -description: "Explains registry JSON objects" -keywords: ["registry, service, images, repository, json"] ---- - - - -# Docker Distribution JSON Canonicalization - -To provide consistent content hashing of JSON objects throughout Docker -Distribution APIs, the specification defines a canonical JSON format. Adopting -such a canonicalization also aids in caching JSON responses. - -Note that protocols should not be designed to depend on identical JSON being -generated across different versions or clients. The canonicalization rules are -merely useful for caching and consistency. - -## Rules - -Compliant JSON should conform to the following rules: - -1. All generated JSON should comply with [RFC - 7159](http://www.ietf.org/rfc/rfc7159.txt). -2. Resulting "JSON text" shall always be encoded in UTF-8. -3. Unless a canonical key order is defined for a particular schema, object - keys shall always appear in lexically sorted order. -4. All whitespace between tokens should be removed. -5. No "trailing commas" are allowed in object or array definitions. -6. The angle brackets "<" and ">" are escaped to "\u003c" and "\u003e". - Ampersand "&" is escaped to "\u0026". - -## Examples - -The following is a simple example of a canonicalized JSON string: - -```json -{"asdf":1,"qwer":[],"zxcv":[{},true,1000000000,"tyui"]} -``` - -## Reference - -### Other Canonicalizations - -The OLPC project specifies [Canonical -JSON](http://wiki.laptop.org/go/Canonical_JSON). While this is used in -[TUF](http://theupdateframework.com/), which may be used with other -distribution-related protocols, this alternative format has been proposed in -case the original source changes. Specifications complying with either this -specification or an alternative should explicitly call out the -canonicalization format. Except for key ordering, this specification is mostly -compatible. - -### Go - -In Go, the [`encoding/json`](http://golang.org/pkg/encoding/json/) library -will emit canonical JSON by default. Simply using `json.Marshal` will suffice -in most cases: - -```go -incoming := map[string]interface{}{ - "asdf": 1, - "qwer": []interface{}{}, - "zxcv": []interface{}{ - map[string]interface{}{}, - true, - int(1e9), - "tyui", - }, -} - -canonical, err := json.Marshal(incoming) -if err != nil { - // ... handle error -} -``` - -To apply canonical JSON format spacing to an existing serialized JSON buffer, one -can use -[`json.Indent`](http://golang.org/src/encoding/json/indent.go?s=1918:1989#L65) -with the following arguments: - -```go -incoming := getBytes() -var canonical bytes.Buffer -if err := json.Indent(&canonical, incoming, "", ""); err != nil { - // ... handle error -} -``` diff --git a/vendor/github.com/docker/distribution/docs/spec/manifest-v2-1.md b/vendor/github.com/docker/distribution/docs/spec/manifest-v2-1.md deleted file mode 100644 index b06c2f2a..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/manifest-v2-1.md +++ /dev/null @@ -1,163 +0,0 @@ ---- -title: "Image Manifest V 2, Schema 1 " -description: "image manifest for the Registry." -keywords: ["registry, on-prem, images, tags, repository, distribution, api, advanced, manifest"] ---- - -# Image Manifest Version 2, Schema 1 - -This document outlines the format of of the V2 image manifest. The image -manifest described herein was introduced in the Docker daemon in the [v1.3.0 -release](https://github.com/docker/docker/commit/9f482a66ab37ec396ac61ed0c00d59122ac07453). -It is a provisional manifest to provide a compatibility with the [V1 Image -format](https://github.com/docker/docker/blob/master/image/spec/v1.md), as the -requirements are defined for the [V2 Schema 2 -image](https://github.com/docker/distribution/pull/62). - - -Image manifests describe the various constituents of a docker image. Image -manifests can be serialized to JSON format with the following media types: - -Manifest Type | Media Type -------------- | ------------- -manifest | "application/vnd.docker.distribution.manifest.v1+json" -signed manifest | "application/vnd.docker.distribution.manifest.v1+prettyjws" - -*Note that "application/json" will also be accepted for schema 1.* - -References: - - - [Proposal: JSON Registry API V2.1](https://github.com/docker/docker/issues/9015) - - [Proposal: Provenance step 1 - Transform images for validation and verification](https://github.com/docker/docker/issues/8093) - -## *Manifest* Field Descriptions - -Manifest provides the base accessible fields for working with V2 image format - in the registry. - -- **`name`** *string* - - name is the name of the image's repository - -- **`tag`** *string* - - tag is the tag of the image - -- **`architecture`** *string* - - architecture is the host architecture on which this image is intended to - run. This is for information purposes and not currently used by the engine - -- **`fsLayers`** *array* - - fsLayers is a list of filesystem layer blob sums contained in this image. - - An fsLayer is a struct consisting of the following fields - - **`blobSum`** *digest.Digest* - - blobSum is the digest of the referenced filesystem image layer. A - digest must be a sha256 hash. - - -- **`history`** *array* - - history is a list of unstructured historical data for v1 compatibility. It - contains ID of the image layer and ID of the layer's parent layers. - - history is a struct consisting of the following fields - - **`v1Compatibility`** string - - V1Compatibility is the raw V1 compatibility information. This will - contain the JSON object describing the V1 of this image. - -- **`schemaVersion`** *int* - - SchemaVersion is the image manifest schema that this image follows. - ->**Note**:the length of `history` must be equal to the length of `fsLayers` and ->entries in each are correlated by index. - -## Signed Manifests - -Signed manifests provides an envelope for a signed image manifest. A signed -manifest consists of an image manifest along with an additional field -containing the signature of the manifest. - -The docker client can verify signed manifests and displays a message to the user. - -### Signing Manifests - -Image manifests can be signed in two different ways: with a *libtrust* private - key or an x509 certificate chain. When signing with an x509 certificate chain, - the public key of the first element in the chain must be the public key - corresponding with the sign key. - -### Signed Manifest Field Description - -Signed manifests include an image manifest and a list of signatures generated -by *libtrust*. A signature consists of the following fields: - - -- **`header`** *[JOSE](http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2)* - - A [JSON Web Signature](http://self-issued.info/docs/draft-ietf-jose-json-web-signature.html) - -- **`signature`** *string* - - A signature for the image manifest, signed by a *libtrust* private key - -- **`protected`** *string* - - The signed protected header - -## Example Manifest - -*Example showing the official 'hello-world' image manifest.* - -``` -{ - "name": "hello-world", - "tag": "latest", - "architecture": "amd64", - "fsLayers": [ - { - "blobSum": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" - }, - { - "blobSum": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" - }, - { - "blobSum": "sha256:cc8567d70002e957612902a8e985ea129d831ebe04057d88fb644857caa45d11" - }, - { - "blobSum": "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" - } - ], - "history": [ - { - "v1Compatibility": "{\"id\":\"e45a5af57b00862e5ef5782a9925979a02ba2b12dff832fd0991335f4a11e5c5\",\"parent\":\"31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d\",\"created\":\"2014-12-31T22:57:59.178729048Z\",\"container\":\"27b45f8fb11795b52e9605b686159729b0d9ca92f76d40fb4f05a62e19c46b4f\",\"container_config\":{\"Hostname\":\"8ce6509d66e2\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) CMD [/hello]\"],\"Image\":\"31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"SecurityOpt\":null,\"Labels\":null},\"docker_version\":\"1.4.1\",\"config\":{\"Hostname\":\"8ce6509d66e2\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/hello\"],\"Image\":\"31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"SecurityOpt\":null,\"Labels\":null},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n" - }, - { - "v1Compatibility": "{\"id\":\"e45a5af57b00862e5ef5782a9925979a02ba2b12dff832fd0991335f4a11e5c5\",\"parent\":\"31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d\",\"created\":\"2014-12-31T22:57:59.178729048Z\",\"container\":\"27b45f8fb11795b52e9605b686159729b0d9ca92f76d40fb4f05a62e19c46b4f\",\"container_config\":{\"Hostname\":\"8ce6509d66e2\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/bin/sh\",\"-c\",\"#(nop) CMD [/hello]\"],\"Image\":\"31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"SecurityOpt\":null,\"Labels\":null},\"docker_version\":\"1.4.1\",\"config\":{\"Hostname\":\"8ce6509d66e2\",\"Domainname\":\"\",\"User\":\"\",\"Memory\":0,\"MemorySwap\":0,\"CpuShares\":0,\"Cpuset\":\"\",\"AttachStdin\":false,\"AttachStdout\":false,\"AttachStderr\":false,\"PortSpecs\":null,\"ExposedPorts\":null,\"Tty\":false,\"OpenStdin\":false,\"StdinOnce\":false,\"Env\":[\"PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin\"],\"Cmd\":[\"/hello\"],\"Image\":\"31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d\",\"Volumes\":null,\"WorkingDir\":\"\",\"Entrypoint\":null,\"NetworkDisabled\":false,\"MacAddress\":\"\",\"OnBuild\":[],\"SecurityOpt\":null,\"Labels\":null},\"architecture\":\"amd64\",\"os\":\"linux\",\"Size\":0}\n" - }, - ], - "schemaVersion": 1, - "signatures": [ - { - "header": { - "jwk": { - "crv": "P-256", - "kid": "OD6I:6DRK:JXEJ:KBM4:255X:NSAA:MUSF:E4VM:ZI6W:CUN2:L4Z6:LSF4", - "kty": "EC", - "x": "3gAwX48IQ5oaYQAYSxor6rYYc_6yjuLCjtQ9LUakg4A", - "y": "t72ge6kIA1XOjqjVoEOiPPAURltJFBMGDSQvEGVB010" - }, - "alg": "ES256" - }, - "signature": "XREm0L8WNn27Ga_iE_vRnTxVMhhYY0Zst_FfkKopg6gWSoTOZTuW4rK0fg_IqnKkEKlbD83tD46LKEGi5aIVFg", - "protected": "eyJmb3JtYXRMZW5ndGgiOjY2MjgsImZvcm1hdFRhaWwiOiJDbjAiLCJ0aW1lIjoiMjAxNS0wNC0wOFQxODo1Mjo1OVoifQ" - } - ] -} - -``` diff --git a/vendor/github.com/docker/distribution/docs/spec/manifest-v2-2.md b/vendor/github.com/docker/distribution/docs/spec/manifest-v2-2.md deleted file mode 100644 index 4b41bb28..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/manifest-v2-2.md +++ /dev/null @@ -1,295 +0,0 @@ ---- -title: "Image Manifest V 2, Schema 2 " -description: "image manifest for the Registry." -keywords: ["registry, on-prem, images, tags, repository, distribution, api, advanced, manifest"] ---- - -# Image Manifest Version 2, Schema 2 - -This document outlines the format of of the V2 image manifest, schema version 2. -The original (and provisional) image manifest for V2 (schema 1), was introduced -in the Docker daemon in the [v1.3.0 -release](https://github.com/docker/docker/commit/9f482a66ab37ec396ac61ed0c00d59122ac07453) -and is specified in the [schema 1 manifest definition](manifest-v2-1.md) - -This second schema version has two primary goals. The first is to allow -multi-architecture images, through a "fat manifest" which references image -manifests for platform-specific versions of an image. The second is to -move the Docker engine towards content-addressable images, by supporting -an image model where the image's configuration can be hashed to generate -an ID for the image. - -# Media Types - -The following media types are used by the manifest formats described here, and -the resources they reference: - -- `application/vnd.docker.distribution.manifest.v1+json`: schema1 (existing manifest format) -- `application/vnd.docker.distribution.manifest.v2+json`: New image manifest format (schemaVersion = 2) -- `application/vnd.docker.distribution.manifest.list.v2+json`: Manifest list, aka "fat manifest" -- `application/vnd.docker.container.image.v1+json`: Container config JSON -- `application/vnd.docker.image.rootfs.diff.tar.gzip`: "Layer", as a gzipped tar -- `application/vnd.docker.image.rootfs.foreign.diff.tar.gzip`: "Layer", as a gzipped tar that should never be pushed -- `application/vnd.docker.plugin.v1+json`: Plugin config JSON - -## Manifest List - -The manifest list is the "fat manifest" which points to specific image manifests -for one or more platforms. Its use is optional, and relatively few images will -use one of these manifests. A client will distinguish a manifest list from an -image manifest based on the Content-Type returned in the HTTP response. - -## *Manifest List* Field Descriptions - -- **`schemaVersion`** *int* - - This field specifies the image manifest schema version as an integer. This - schema uses the version `2`. - -- **`mediaType`** *string* - - The MIME type of the manifest list. This should be set to - `application/vnd.docker.distribution.manifest.list.v2+json`. - -- **`manifests`** *array* - - The manifests field contains a list of manifests for specific platforms. - - Fields of an object in the manifests list are: - - - **`mediaType`** *string* - - The MIME type of the referenced object. This will generally be - `application/vnd.docker.image.manifest.v2+json`, but it could also - be `application/vnd.docker.image.manifest.v1+json` if the manifest - list references a legacy schema-1 manifest. - - - **`size`** *int* - - The size in bytes of the object. This field exists so that a client - will have an expected size for the content before validating. If the - length of the retrieved content does not match the specified length, - the content should not be trusted. - - - **`digest`** *string* - - The digest of the content, as defined by the - [Registry V2 HTTP API Specificiation](api.md#digest-parameter). - - - **`platform`** *object* - - The platform object describes the platform which the image in the - manifest runs on. A full list of valid operating system and architecture - values are listed in the [Go language documentation for `$GOOS` and - `$GOARCH`](https://golang.org/doc/install/source#environment) - - - **`architecture`** *string* - - The architecture field specifies the CPU architecture, for example - `amd64` or `ppc64le`. - - - **`os`** *string* - - The os field specifies the operating system, for example - `linux` or `windows`. - - - **`os.version`** *string* - - The optional os.version field specifies the operating system version, - for example `10.0.10586`. - - - **`os.features`** *array* - - The optional os.features field specifies an array of strings, - each listing a required OS feature (for example on Windows - `win32k`). - - - **`variant`** *string* - - The optional variant field specifies a variant of the CPU, for - example `armv6l` to specify a particular CPU variant of the ARM CPU. - - - **`features`** *array* - - The optional features field specifies an array of strings, each - listing a required CPU feature (for example `sse4` or `aes`). - -## Example Manifest List - -*Example showing a simple manifest list pointing to image manifests for two platforms:* -```json -{ - "schemaVersion": 2, - "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", - "manifests": [ - { - "mediaType": "application/vnd.docker.image.manifest.v2+json", - "size": 7143, - "digest": "sha256:e692418e4cbaf90ca69d05a66403747baa33ee08806650b51fab815ad7fc331f", - "platform": { - "architecture": "ppc64le", - "os": "linux", - } - }, - { - "mediaType": "application/vnd.docker.image.manifest.v2+json", - "size": 7682, - "digest": "sha256:5b0bcabd1ed22e9fb1310cf6c2dec7cdef19f0ad69efa1f392e94a4333501270", - "platform": { - "architecture": "amd64", - "os": "linux", - "features": [ - "sse4" - ] - } - } - ] -} -``` - -# Image Manifest - -The image manifest provides a configuration and a set of layers for a container -image. It's the direct replacement for the schema-1 manifest. - -## *Image Manifest* Field Descriptions - -- **`schemaVersion`** *int* - - This field specifies the image manifest schema version as an integer. This - schema uses version `2`. - -- **`mediaType`** *string* - - The MIME type of the manifest. This should be set to - `application/vnd.docker.distribution.manifest.v2+json`. - -- **`config`** *object* - - The config field references a configuration object for a container, by - digest. This configuration item is a JSON blob that the runtime uses - to set up the container. This new schema uses a tweaked version - of this configuration to allow image content-addressability on the - daemon side. - - Fields of a config object are: - - - **`mediaType`** *string* - - The MIME type of the referenced object. This should generally be - `application/vnd.docker.container.image.v1+json`. - - - **`size`** *int* - - The size in bytes of the object. This field exists so that a client - will have an expected size for the content before validating. If the - length of the retrieved content does not match the specified length, - the content should not be trusted. - - - **`digest`** *string* - - The digest of the content, as defined by the - [Registry V2 HTTP API Specificiation](api.md#digest-parameter). - -- **`layers`** *array* - - The layer list is ordered starting from the base image (opposite order of schema1). - - Fields of an item in the layers list are: - - - **`mediaType`** *string* - - The MIME type of the referenced object. This should - generally be `application/vnd.docker.image.rootfs.diff.tar.gzip`. - Layers of type - `application/vnd.docker.image.rootfs.foreign.diff.tar.gzip` may be - pulled from a remote location but they should never be pushed. - - - **`size`** *int* - - The size in bytes of the object. This field exists so that a client - will have an expected size for the content before validating. If the - length of the retrieved content does not match the specified length, - the content should not be trusted. - - - **`digest`** *string* - - The digest of the content, as defined by the - [Registry V2 HTTP API Specificiation](api.md#digest-parameter). - - - **`urls`** *array* - - Provides a list of URLs from which the content may be fetched. Content - should be verified against the `digest` and `size`. This field is - optional and uncommon. - -## Example Image Manifest - -*Example showing an image manifest:* -```json -{ - "schemaVersion": 2, - "mediaType": "application/vnd.docker.distribution.manifest.v2+json", - "config": { - "mediaType": "application/vnd.docker.container.image.v1+json", - "size": 7023, - "digest": "sha256:b5b2b2c507a0944348e0303114d8d93aaaa081732b86451d9bce1f432a537bc7" - }, - "layers": [ - { - "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", - "size": 32654, - "digest": "sha256:e692418e4cbaf90ca69d05a66403747baa33ee08806650b51fab815ad7fc331f" - }, - { - "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", - "size": 16724, - "digest": "sha256:3c3a4604a545cdc127456d94e421cd355bca5b528f4a9c1905b15da2eb4a4c6b" - }, - { - "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", - "size": 73109, - "digest": "sha256:ec4b8955958665577945c89419d1af06b5f7636b4ac3da7f12184802ad867736" - } - ] -} -``` - -# Backward compatibility - -The registry will continue to accept uploads of manifests in both the old and -new formats. - -When pushing images, clients which support the new manifest format should first -construct a manifest in the new format. If uploading this manifest fails, -presumably because the registry only supports the old format, the client may -fall back to uploading a manifest in the old format. - -When pulling images, clients indicate support for this new version of the -manifest format by sending the -`application/vnd.docker.distribution.manifest.v2+json` and -`application/vnd.docker.distribution.manifest.list.v2+json` media types in an -`Accept` header when making a request to the `manifests` endpoint. Updated -clients should check the `Content-Type` header to see whether the manifest -returned from the endpoint is in the old format, or is an image manifest or -manifest list in the new format. - -If the manifest being requested uses the new format, and the appropriate media -type is not present in an `Accept` header, the registry will assume that the -client cannot handle the manifest as-is, and rewrite it on the fly into the old -format. If the object that would otherwise be returned is a manifest list, the -registry will look up the appropriate manifest for the amd64 platform and -linux OS, rewrite that manifest into the old format if necessary, and return -the result to the client. If no suitable manifest is found in the manifest -list, the registry will return a 404 error. - -One of the challenges in rewriting manifests to the old format is that the old -format involves an image configuration for each layer in the manifest, but the -new format only provides one image configuration. To work around this, the -registry will create synthetic image configurations for all layers except the -top layer. These image configurations will not result in runnable images on -their own, but only serve to fill in the parent chain in a compatible way. -The IDs in these synthetic configurations will be derived from hashes of their -respective blobs. The registry will create these configurations and their IDs -using the same scheme as Docker 1.10 when it creates a legacy manifest to push -to a registry which doesn't support the new format. diff --git a/vendor/github.com/docker/distribution/docs/spec/menu.md b/vendor/github.com/docker/distribution/docs/spec/menu.md deleted file mode 100644 index 9237e3ce..00000000 --- a/vendor/github.com/docker/distribution/docs/spec/menu.md +++ /dev/null @@ -1,7 +0,0 @@ ---- -title: "Reference" -description: "Explains registry JSON objects" -keywords: ["registry, service, images, repository, json"] -type: "menu" -identifier: "smn_registry_ref" ---- diff --git a/vendor/github.com/docker/distribution/errors.go b/vendor/github.com/docker/distribution/errors.go deleted file mode 100644 index c20f2811..00000000 --- a/vendor/github.com/docker/distribution/errors.go +++ /dev/null @@ -1,115 +0,0 @@ -package distribution - -import ( - "errors" - "fmt" - "strings" - - "github.com/docker/distribution/digest" -) - -// ErrAccessDenied is returned when an access to a requested resource is -// denied. -var ErrAccessDenied = errors.New("access denied") - -// ErrManifestNotModified is returned when a conditional manifest GetByTag -// returns nil due to the client indicating it has the latest version -var ErrManifestNotModified = errors.New("manifest not modified") - -// ErrUnsupported is returned when an unimplemented or unsupported action is -// performed -var ErrUnsupported = errors.New("operation unsupported") - -// ErrTagUnknown is returned if the given tag is not known by the tag service -type ErrTagUnknown struct { - Tag string -} - -func (err ErrTagUnknown) Error() string { - return fmt.Sprintf("unknown tag=%s", err.Tag) -} - -// ErrRepositoryUnknown is returned if the named repository is not known by -// the registry. -type ErrRepositoryUnknown struct { - Name string -} - -func (err ErrRepositoryUnknown) Error() string { - return fmt.Sprintf("unknown repository name=%s", err.Name) -} - -// ErrRepositoryNameInvalid should be used to denote an invalid repository -// name. Reason may set, indicating the cause of invalidity. -type ErrRepositoryNameInvalid struct { - Name string - Reason error -} - -func (err ErrRepositoryNameInvalid) Error() string { - return fmt.Sprintf("repository name %q invalid: %v", err.Name, err.Reason) -} - -// ErrManifestUnknown is returned if the manifest is not known by the -// registry. -type ErrManifestUnknown struct { - Name string - Tag string -} - -func (err ErrManifestUnknown) Error() string { - return fmt.Sprintf("unknown manifest name=%s tag=%s", err.Name, err.Tag) -} - -// ErrManifestUnknownRevision is returned when a manifest cannot be found by -// revision within a repository. -type ErrManifestUnknownRevision struct { - Name string - Revision digest.Digest -} - -func (err ErrManifestUnknownRevision) Error() string { - return fmt.Sprintf("unknown manifest name=%s revision=%s", err.Name, err.Revision) -} - -// ErrManifestUnverified is returned when the registry is unable to verify -// the manifest. -type ErrManifestUnverified struct{} - -func (ErrManifestUnverified) Error() string { - return fmt.Sprintf("unverified manifest") -} - -// ErrManifestVerification provides a type to collect errors encountered -// during manifest verification. Currently, it accepts errors of all types, -// but it may be narrowed to those involving manifest verification. -type ErrManifestVerification []error - -func (errs ErrManifestVerification) Error() string { - var parts []string - for _, err := range errs { - parts = append(parts, err.Error()) - } - - return fmt.Sprintf("errors verifying manifest: %v", strings.Join(parts, ",")) -} - -// ErrManifestBlobUnknown returned when a referenced blob cannot be found. -type ErrManifestBlobUnknown struct { - Digest digest.Digest -} - -func (err ErrManifestBlobUnknown) Error() string { - return fmt.Sprintf("unknown blob %v on manifest", err.Digest) -} - -// ErrManifestNameInvalid should be used to denote an invalid manifest -// name. Reason may set, indicating the cause of invalidity. -type ErrManifestNameInvalid struct { - Name string - Reason error -} - -func (err ErrManifestNameInvalid) Error() string { - return fmt.Sprintf("manifest name %q invalid: %v", err.Name, err.Reason) -} diff --git a/vendor/github.com/docker/distribution/health/api/api.go b/vendor/github.com/docker/distribution/health/api/api.go deleted file mode 100644 index 73fcc453..00000000 --- a/vendor/github.com/docker/distribution/health/api/api.go +++ /dev/null @@ -1,37 +0,0 @@ -package api - -import ( - "errors" - "net/http" - - "github.com/docker/distribution/health" -) - -var ( - updater = health.NewStatusUpdater() -) - -// DownHandler registers a manual_http_status that always returns an Error -func DownHandler(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { - updater.Update(errors.New("Manual Check")) - } else { - w.WriteHeader(http.StatusNotFound) - } -} - -// UpHandler registers a manual_http_status that always returns nil -func UpHandler(w http.ResponseWriter, r *http.Request) { - if r.Method == "POST" { - updater.Update(nil) - } else { - w.WriteHeader(http.StatusNotFound) - } -} - -// init sets up the two endpoints to bring the service up and down -func init() { - health.Register("manual_http_status", updater) - http.HandleFunc("/debug/health/down", DownHandler) - http.HandleFunc("/debug/health/up", UpHandler) -} diff --git a/vendor/github.com/docker/distribution/health/api/api_test.go b/vendor/github.com/docker/distribution/health/api/api_test.go deleted file mode 100644 index ec82154f..00000000 --- a/vendor/github.com/docker/distribution/health/api/api_test.go +++ /dev/null @@ -1,86 +0,0 @@ -package api - -import ( - "net/http" - "net/http/httptest" - "testing" - - "github.com/docker/distribution/health" -) - -// TestGETDownHandlerDoesNotChangeStatus ensures that calling the endpoint -// /debug/health/down with METHOD GET returns a 404 -func TestGETDownHandlerDoesNotChangeStatus(t *testing.T) { - recorder := httptest.NewRecorder() - - req, err := http.NewRequest("GET", "https://fakeurl.com/debug/health/down", nil) - if err != nil { - t.Errorf("Failed to create request.") - } - - DownHandler(recorder, req) - - if recorder.Code != 404 { - t.Errorf("Did not get a 404.") - } -} - -// TestGETUpHandlerDoesNotChangeStatus ensures that calling the endpoint -// /debug/health/down with METHOD GET returns a 404 -func TestGETUpHandlerDoesNotChangeStatus(t *testing.T) { - recorder := httptest.NewRecorder() - - req, err := http.NewRequest("GET", "https://fakeurl.com/debug/health/up", nil) - if err != nil { - t.Errorf("Failed to create request.") - } - - DownHandler(recorder, req) - - if recorder.Code != 404 { - t.Errorf("Did not get a 404.") - } -} - -// TestPOSTDownHandlerChangeStatus ensures the endpoint /debug/health/down changes -// the status code of the response to 503 -// This test is order dependent, and should come before TestPOSTUpHandlerChangeStatus -func TestPOSTDownHandlerChangeStatus(t *testing.T) { - recorder := httptest.NewRecorder() - - req, err := http.NewRequest("POST", "https://fakeurl.com/debug/health/down", nil) - if err != nil { - t.Errorf("Failed to create request.") - } - - DownHandler(recorder, req) - - if recorder.Code != 200 { - t.Errorf("Did not get a 200.") - } - - if len(health.CheckStatus()) != 1 { - t.Errorf("DownHandler didn't add an error check.") - } -} - -// TestPOSTUpHandlerChangeStatus ensures the endpoint /debug/health/up changes -// the status code of the response to 200 -func TestPOSTUpHandlerChangeStatus(t *testing.T) { - recorder := httptest.NewRecorder() - - req, err := http.NewRequest("POST", "https://fakeurl.com/debug/health/up", nil) - if err != nil { - t.Errorf("Failed to create request.") - } - - UpHandler(recorder, req) - - if recorder.Code != 200 { - t.Errorf("Did not get a 200.") - } - - if len(health.CheckStatus()) != 0 { - t.Errorf("UpHandler didn't remove the error check.") - } -} diff --git a/vendor/github.com/docker/distribution/health/checks/checks.go b/vendor/github.com/docker/distribution/health/checks/checks.go deleted file mode 100644 index e3c3b08d..00000000 --- a/vendor/github.com/docker/distribution/health/checks/checks.go +++ /dev/null @@ -1,62 +0,0 @@ -package checks - -import ( - "errors" - "net" - "net/http" - "os" - "strconv" - "time" - - "github.com/docker/distribution/health" -) - -// FileChecker checks the existence of a file and returns an error -// if the file exists. -func FileChecker(f string) health.Checker { - return health.CheckFunc(func() error { - if _, err := os.Stat(f); err == nil { - return errors.New("file exists") - } - return nil - }) -} - -// HTTPChecker does a HEAD request and verifies that the HTTP status code -// returned matches statusCode. -func HTTPChecker(r string, statusCode int, timeout time.Duration, headers http.Header) health.Checker { - return health.CheckFunc(func() error { - client := http.Client{ - Timeout: timeout, - } - req, err := http.NewRequest("HEAD", r, nil) - if err != nil { - return errors.New("error creating request: " + r) - } - for headerName, headerValues := range headers { - for _, headerValue := range headerValues { - req.Header.Add(headerName, headerValue) - } - } - response, err := client.Do(req) - if err != nil { - return errors.New("error while checking: " + r) - } - if response.StatusCode != statusCode { - return errors.New("downstream service returned unexpected status: " + strconv.Itoa(response.StatusCode)) - } - return nil - }) -} - -// TCPChecker attempts to open a TCP connection. -func TCPChecker(addr string, timeout time.Duration) health.Checker { - return health.CheckFunc(func() error { - conn, err := net.DialTimeout("tcp", addr, timeout) - if err != nil { - return errors.New("connection to " + addr + " failed") - } - conn.Close() - return nil - }) -} diff --git a/vendor/github.com/docker/distribution/health/checks/checks_test.go b/vendor/github.com/docker/distribution/health/checks/checks_test.go deleted file mode 100644 index 6b6dd14f..00000000 --- a/vendor/github.com/docker/distribution/health/checks/checks_test.go +++ /dev/null @@ -1,25 +0,0 @@ -package checks - -import ( - "testing" -) - -func TestFileChecker(t *testing.T) { - if err := FileChecker("/tmp").Check(); err == nil { - t.Errorf("/tmp was expected as exists") - } - - if err := FileChecker("NoSuchFileFromMoon").Check(); err != nil { - t.Errorf("NoSuchFileFromMoon was expected as not exists, error:%v", err) - } -} - -func TestHTTPChecker(t *testing.T) { - if err := HTTPChecker("https://www.google.cybertron", 200, 0, nil).Check(); err == nil { - t.Errorf("Google on Cybertron was expected as not exists") - } - - if err := HTTPChecker("https://www.google.pt", 200, 0, nil).Check(); err != nil { - t.Errorf("Google at Portugal was expected as exists, error:%v", err) - } -} diff --git a/vendor/github.com/docker/distribution/health/doc.go b/vendor/github.com/docker/distribution/health/doc.go deleted file mode 100644 index 8c106b42..00000000 --- a/vendor/github.com/docker/distribution/health/doc.go +++ /dev/null @@ -1,130 +0,0 @@ -// Package health provides a generic health checking framework. -// The health package works expvar style. By importing the package the debug -// server is getting a "/debug/health" endpoint that returns the current -// status of the application. -// If there are no errors, "/debug/health" will return an HTTP 200 status, -// together with an empty JSON reply "{}". If there are any checks -// with errors, the JSON reply will include all the failed checks, and the -// response will be have an HTTP 503 status. -// -// A Check can either be run synchronously, or asynchronously. We recommend -// that most checks are registered as an asynchronous check, so a call to the -// "/debug/health" endpoint always returns immediately. This pattern is -// particularly useful for checks that verify upstream connectivity or -// database status, since they might take a long time to return/timeout. -// -// Installing -// -// To install health, just import it in your application: -// -// import "github.com/docker/distribution/health" -// -// You can also (optionally) import "health/api" that will add two convenience -// endpoints: "/debug/health/down" and "/debug/health/up". These endpoints add -// "manual" checks that allow the service to quickly be brought in/out of -// rotation. -// -// import _ "github.com/docker/distribution/registry/health/api" -// -// # curl localhost:5001/debug/health -// {} -// # curl -X POST localhost:5001/debug/health/down -// # curl localhost:5001/debug/health -// {"manual_http_status":"Manual Check"} -// -// After importing these packages to your main application, you can start -// registering checks. -// -// Registering Checks -// -// The recommended way of registering checks is using a periodic Check. -// PeriodicChecks run on a certain schedule and asynchronously update the -// status of the check. This allows CheckStatus to return without blocking -// on an expensive check. -// -// A trivial example of a check that runs every 5 seconds and shuts down our -// server if the current minute is even, could be added as follows: -// -// func currentMinuteEvenCheck() error { -// m := time.Now().Minute() -// if m%2 == 0 { -// return errors.New("Current minute is even!") -// } -// return nil -// } -// -// health.RegisterPeriodicFunc("minute_even", currentMinuteEvenCheck, time.Second*5) -// -// Alternatively, you can also make use of "RegisterPeriodicThresholdFunc" to -// implement the exact same check, but add a threshold of failures after which -// the check will be unhealthy. This is particularly useful for flaky Checks, -// ensuring some stability of the service when handling them. -// -// health.RegisterPeriodicThresholdFunc("minute_even", currentMinuteEvenCheck, time.Second*5, 4) -// -// The lowest-level way to interact with the health package is calling -// "Register" directly. Register allows you to pass in an arbitrary string and -// something that implements "Checker" and runs your check. If your method -// returns an error with nil, it is considered a healthy check, otherwise it -// will make the health check endpoint "/debug/health" start returning a 503 -// and list the specific check that failed. -// -// Assuming you wish to register a method called "currentMinuteEvenCheck() -// error" you could do that by doing: -// -// health.Register("even_minute", health.CheckFunc(currentMinuteEvenCheck)) -// -// CheckFunc is a convenience type that implements Checker. -// -// Another way of registering a check could be by using an anonymous function -// and the convenience method RegisterFunc. An example that makes the status -// endpoint always return an error: -// -// health.RegisterFunc("my_check", func() error { -// return Errors.new("This is an error!") -// })) -// -// Examples -// -// You could also use the health checker mechanism to ensure your application -// only comes up if certain conditions are met, or to allow the developer to -// take the service out of rotation immediately. An example that checks -// database connectivity and immediately takes the server out of rotation on -// err: -// -// updater = health.NewStatusUpdater() -// health.RegisterFunc("database_check", func() error { -// return updater.Check() -// })) -// -// conn, err := Connect(...) // database call here -// if err != nil { -// updater.Update(errors.New("Error connecting to the database: " + err.Error())) -// } -// -// You can also use the predefined Checkers that come included with the health -// package. First, import the checks: -// -// import "github.com/docker/distribution/health/checks -// -// After that you can make use of any of the provided checks. An example of -// using a `FileChecker` to take the application out of rotation if a certain -// file exists can be done as follows: -// -// health.Register("fileChecker", health.PeriodicChecker(checks.FileChecker("/tmp/disable"), time.Second*5)) -// -// After registering the check, it is trivial to take an application out of -// rotation from the console: -// -// # curl localhost:5001/debug/health -// {} -// # touch /tmp/disable -// # curl localhost:5001/debug/health -// {"fileChecker":"file exists"} -// -// You could also test the connectivity to a downstream service by using a -// "HTTPChecker", but ensure that you only mark the test unhealthy if there -// are a minimum of two failures in a row: -// -// health.Register("httpChecker", health.PeriodicThresholdChecker(checks.HTTPChecker("https://www.google.pt"), time.Second*5, 2)) -package health diff --git a/vendor/github.com/docker/distribution/health/health.go b/vendor/github.com/docker/distribution/health/health.go deleted file mode 100644 index 220282dc..00000000 --- a/vendor/github.com/docker/distribution/health/health.go +++ /dev/null @@ -1,306 +0,0 @@ -package health - -import ( - "encoding/json" - "fmt" - "net/http" - "sync" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/api/errcode" -) - -// A Registry is a collection of checks. Most applications will use the global -// registry defined in DefaultRegistry. However, unit tests may need to create -// separate registries to isolate themselves from other tests. -type Registry struct { - mu sync.RWMutex - registeredChecks map[string]Checker -} - -// NewRegistry creates a new registry. This isn't necessary for normal use of -// the package, but may be useful for unit tests so individual tests have their -// own set of checks. -func NewRegistry() *Registry { - return &Registry{ - registeredChecks: make(map[string]Checker), - } -} - -// DefaultRegistry is the default registry where checks are registered. It is -// the registry used by the HTTP handler. -var DefaultRegistry *Registry - -// Checker is the interface for a Health Checker -type Checker interface { - // Check returns nil if the service is okay. - Check() error -} - -// CheckFunc is a convenience type to create functions that implement -// the Checker interface -type CheckFunc func() error - -// Check Implements the Checker interface to allow for any func() error method -// to be passed as a Checker -func (cf CheckFunc) Check() error { - return cf() -} - -// Updater implements a health check that is explicitly set. -type Updater interface { - Checker - - // Update updates the current status of the health check. - Update(status error) -} - -// updater implements Checker and Updater, providing an asynchronous Update -// method. -// This allows us to have a Checker that returns the Check() call immediately -// not blocking on a potentially expensive check. -type updater struct { - mu sync.Mutex - status error -} - -// Check implements the Checker interface -func (u *updater) Check() error { - u.mu.Lock() - defer u.mu.Unlock() - - return u.status -} - -// Update implements the Updater interface, allowing asynchronous access to -// the status of a Checker. -func (u *updater) Update(status error) { - u.mu.Lock() - defer u.mu.Unlock() - - u.status = status -} - -// NewStatusUpdater returns a new updater -func NewStatusUpdater() Updater { - return &updater{} -} - -// thresholdUpdater implements Checker and Updater, providing an asynchronous Update -// method. -// This allows us to have a Checker that returns the Check() call immediately -// not blocking on a potentially expensive check. -type thresholdUpdater struct { - mu sync.Mutex - status error - threshold int - count int -} - -// Check implements the Checker interface -func (tu *thresholdUpdater) Check() error { - tu.mu.Lock() - defer tu.mu.Unlock() - - if tu.count >= tu.threshold { - return tu.status - } - - return nil -} - -// thresholdUpdater implements the Updater interface, allowing asynchronous -// access to the status of a Checker. -func (tu *thresholdUpdater) Update(status error) { - tu.mu.Lock() - defer tu.mu.Unlock() - - if status == nil { - tu.count = 0 - } else if tu.count < tu.threshold { - tu.count++ - } - - tu.status = status -} - -// NewThresholdStatusUpdater returns a new thresholdUpdater -func NewThresholdStatusUpdater(t int) Updater { - return &thresholdUpdater{threshold: t} -} - -// PeriodicChecker wraps an updater to provide a periodic checker -func PeriodicChecker(check Checker, period time.Duration) Checker { - u := NewStatusUpdater() - go func() { - t := time.NewTicker(period) - for { - <-t.C - u.Update(check.Check()) - } - }() - - return u -} - -// PeriodicThresholdChecker wraps an updater to provide a periodic checker that -// uses a threshold before it changes status -func PeriodicThresholdChecker(check Checker, period time.Duration, threshold int) Checker { - tu := NewThresholdStatusUpdater(threshold) - go func() { - t := time.NewTicker(period) - for { - <-t.C - tu.Update(check.Check()) - } - }() - - return tu -} - -// CheckStatus returns a map with all the current health check errors -func (registry *Registry) CheckStatus() map[string]string { // TODO(stevvooe) this needs a proper type - registry.mu.RLock() - defer registry.mu.RUnlock() - statusKeys := make(map[string]string) - for k, v := range registry.registeredChecks { - err := v.Check() - if err != nil { - statusKeys[k] = err.Error() - } - } - - return statusKeys -} - -// CheckStatus returns a map with all the current health check errors from the -// default registry. -func CheckStatus() map[string]string { - return DefaultRegistry.CheckStatus() -} - -// Register associates the checker with the provided name. -func (registry *Registry) Register(name string, check Checker) { - if registry == nil { - registry = DefaultRegistry - } - registry.mu.Lock() - defer registry.mu.Unlock() - _, ok := registry.registeredChecks[name] - if ok { - panic("Check already exists: " + name) - } - registry.registeredChecks[name] = check -} - -// Register associates the checker with the provided name in the default -// registry. -func Register(name string, check Checker) { - DefaultRegistry.Register(name, check) -} - -// RegisterFunc allows the convenience of registering a checker directly from -// an arbitrary func() error. -func (registry *Registry) RegisterFunc(name string, check func() error) { - registry.Register(name, CheckFunc(check)) -} - -// RegisterFunc allows the convenience of registering a checker in the default -// registry directly from an arbitrary func() error. -func RegisterFunc(name string, check func() error) { - DefaultRegistry.RegisterFunc(name, check) -} - -// RegisterPeriodicFunc allows the convenience of registering a PeriodicChecker -// from an arbitrary func() error. -func (registry *Registry) RegisterPeriodicFunc(name string, period time.Duration, check CheckFunc) { - registry.Register(name, PeriodicChecker(CheckFunc(check), period)) -} - -// RegisterPeriodicFunc allows the convenience of registering a PeriodicChecker -// in the default registry from an arbitrary func() error. -func RegisterPeriodicFunc(name string, period time.Duration, check CheckFunc) { - DefaultRegistry.RegisterPeriodicFunc(name, period, check) -} - -// RegisterPeriodicThresholdFunc allows the convenience of registering a -// PeriodicChecker from an arbitrary func() error. -func (registry *Registry) RegisterPeriodicThresholdFunc(name string, period time.Duration, threshold int, check CheckFunc) { - registry.Register(name, PeriodicThresholdChecker(CheckFunc(check), period, threshold)) -} - -// RegisterPeriodicThresholdFunc allows the convenience of registering a -// PeriodicChecker in the default registry from an arbitrary func() error. -func RegisterPeriodicThresholdFunc(name string, period time.Duration, threshold int, check CheckFunc) { - DefaultRegistry.RegisterPeriodicThresholdFunc(name, period, threshold, check) -} - -// StatusHandler returns a JSON blob with all the currently registered Health Checks -// and their corresponding status. -// Returns 503 if any Error status exists, 200 otherwise -func StatusHandler(w http.ResponseWriter, r *http.Request) { - if r.Method == "GET" { - checks := CheckStatus() - status := http.StatusOK - - // If there is an error, return 503 - if len(checks) != 0 { - status = http.StatusServiceUnavailable - } - - statusResponse(w, r, status, checks) - } else { - http.NotFound(w, r) - } -} - -// Handler returns a handler that will return 503 response code if the health -// checks have failed. If everything is okay with the health checks, the -// handler will pass through to the provided handler. Use this handler to -// disable a web application when the health checks fail. -func Handler(handler http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - checks := CheckStatus() - if len(checks) != 0 { - errcode.ServeJSON(w, errcode.ErrorCodeUnavailable. - WithDetail("health check failed: please see /debug/health")) - return - } - - handler.ServeHTTP(w, r) // pass through - }) -} - -// statusResponse completes the request with a response describing the health -// of the service. -func statusResponse(w http.ResponseWriter, r *http.Request, status int, checks map[string]string) { - p, err := json.Marshal(checks) - if err != nil { - context.GetLogger(context.Background()).Errorf("error serializing health status: %v", err) - p, err = json.Marshal(struct { - ServerError string `json:"server_error"` - }{ - ServerError: "Could not parse error message", - }) - status = http.StatusInternalServerError - - if err != nil { - context.GetLogger(context.Background()).Errorf("error serializing health status failure message: %v", err) - return - } - } - - w.Header().Set("Content-Type", "application/json; charset=utf-8") - w.Header().Set("Content-Length", fmt.Sprint(len(p))) - w.WriteHeader(status) - if _, err := w.Write(p); err != nil { - context.GetLogger(context.Background()).Errorf("error writing health status response body: %v", err) - } -} - -// Registers global /debug/health api endpoint, creates default registry -func init() { - DefaultRegistry = NewRegistry() - http.HandleFunc("/debug/health", StatusHandler) -} diff --git a/vendor/github.com/docker/distribution/health/health_test.go b/vendor/github.com/docker/distribution/health/health_test.go deleted file mode 100644 index 766fe159..00000000 --- a/vendor/github.com/docker/distribution/health/health_test.go +++ /dev/null @@ -1,107 +0,0 @@ -package health - -import ( - "errors" - "fmt" - "net/http" - "net/http/httptest" - "testing" -) - -// TestReturns200IfThereAreNoChecks ensures that the result code of the health -// endpoint is 200 if there are not currently registered checks. -func TestReturns200IfThereAreNoChecks(t *testing.T) { - recorder := httptest.NewRecorder() - - req, err := http.NewRequest("GET", "https://fakeurl.com/debug/health", nil) - if err != nil { - t.Errorf("Failed to create request.") - } - - StatusHandler(recorder, req) - - if recorder.Code != 200 { - t.Errorf("Did not get a 200.") - } -} - -// TestReturns500IfThereAreErrorChecks ensures that the result code of the -// health endpoint is 500 if there are health checks with errors -func TestReturns503IfThereAreErrorChecks(t *testing.T) { - recorder := httptest.NewRecorder() - - req, err := http.NewRequest("GET", "https://fakeurl.com/debug/health", nil) - if err != nil { - t.Errorf("Failed to create request.") - } - - // Create a manual error - Register("some_check", CheckFunc(func() error { - return errors.New("This Check did not succeed") - })) - - StatusHandler(recorder, req) - - if recorder.Code != 503 { - t.Errorf("Did not get a 503.") - } -} - -// TestHealthHandler ensures that our handler implementation correct protects -// the web application when things aren't so healthy. -func TestHealthHandler(t *testing.T) { - // clear out existing checks. - DefaultRegistry = NewRegistry() - - // protect an http server - handler := http.Handler(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusNoContent) - })) - - // wrap it in our health handler - handler = Handler(handler) - - // use this swap check status - updater := NewStatusUpdater() - Register("test_check", updater) - - // now, create a test server - server := httptest.NewServer(handler) - - checkUp := func(t *testing.T, message string) { - resp, err := http.Get(server.URL) - if err != nil { - t.Fatalf("error getting success status: %v", err) - } - defer resp.Body.Close() - - if resp.StatusCode != http.StatusNoContent { - t.Fatalf("unexpected response code from server when %s: %d != %d", message, resp.StatusCode, http.StatusNoContent) - } - // NOTE(stevvooe): we really don't care about the body -- the format is - // not standardized or supported, yet. - } - - checkDown := func(t *testing.T, message string) { - resp, err := http.Get(server.URL) - if err != nil { - t.Fatalf("error getting down status: %v", err) - } - defer resp.Body.Close() - - if resp.StatusCode != http.StatusServiceUnavailable { - t.Fatalf("unexpected response code from server when %s: %d != %d", message, resp.StatusCode, http.StatusServiceUnavailable) - } - } - - // server should be up - checkUp(t, "initial health check") - - // now, we fail the health check - updater.Update(fmt.Errorf("the server is now out of commission")) - checkDown(t, "server should be down") // should be down - - // bring server back up - updater.Update(nil) - checkUp(t, "when server is back up") // now we should be back up. -} diff --git a/vendor/github.com/docker/distribution/manifest/doc.go b/vendor/github.com/docker/distribution/manifest/doc.go deleted file mode 100644 index 88367b0a..00000000 --- a/vendor/github.com/docker/distribution/manifest/doc.go +++ /dev/null @@ -1 +0,0 @@ -package manifest diff --git a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go b/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go deleted file mode 100644 index a2082ec0..00000000 --- a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist.go +++ /dev/null @@ -1,155 +0,0 @@ -package manifestlist - -import ( - "encoding/json" - "errors" - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" -) - -// MediaTypeManifestList specifies the mediaType for manifest lists. -const MediaTypeManifestList = "application/vnd.docker.distribution.manifest.list.v2+json" - -// SchemaVersion provides a pre-initialized version structure for this -// packages version of the manifest. -var SchemaVersion = manifest.Versioned{ - SchemaVersion: 2, - MediaType: MediaTypeManifestList, -} - -func init() { - manifestListFunc := func(b []byte) (distribution.Manifest, distribution.Descriptor, error) { - m := new(DeserializedManifestList) - err := m.UnmarshalJSON(b) - if err != nil { - return nil, distribution.Descriptor{}, err - } - - dgst := digest.FromBytes(b) - return m, distribution.Descriptor{Digest: dgst, Size: int64(len(b)), MediaType: MediaTypeManifestList}, err - } - err := distribution.RegisterManifestSchema(MediaTypeManifestList, manifestListFunc) - if err != nil { - panic(fmt.Sprintf("Unable to register manifest: %s", err)) - } -} - -// PlatformSpec specifies a platform where a particular image manifest is -// applicable. -type PlatformSpec struct { - // Architecture field specifies the CPU architecture, for example - // `amd64` or `ppc64`. - Architecture string `json:"architecture"` - - // OS specifies the operating system, for example `linux` or `windows`. - OS string `json:"os"` - - // OSVersion is an optional field specifying the operating system - // version, for example `10.0.10586`. - OSVersion string `json:"os.version,omitempty"` - - // OSFeatures is an optional field specifying an array of strings, - // each listing a required OS feature (for example on Windows `win32k`). - OSFeatures []string `json:"os.features,omitempty"` - - // Variant is an optional field specifying a variant of the CPU, for - // example `ppc64le` to specify a little-endian version of a PowerPC CPU. - Variant string `json:"variant,omitempty"` - - // Features is an optional field specifying an array of strings, each - // listing a required CPU feature (for example `sse4` or `aes`). - Features []string `json:"features,omitempty"` -} - -// A ManifestDescriptor references a platform-specific manifest. -type ManifestDescriptor struct { - distribution.Descriptor - - // Platform specifies which platform the manifest pointed to by the - // descriptor runs on. - Platform PlatformSpec `json:"platform"` -} - -// ManifestList references manifests for various platforms. -type ManifestList struct { - manifest.Versioned - - // Config references the image configuration as a blob. - Manifests []ManifestDescriptor `json:"manifests"` -} - -// References returnes the distribution descriptors for the referenced image -// manifests. -func (m ManifestList) References() []distribution.Descriptor { - dependencies := make([]distribution.Descriptor, len(m.Manifests)) - for i := range m.Manifests { - dependencies[i] = m.Manifests[i].Descriptor - } - - return dependencies -} - -// DeserializedManifestList wraps ManifestList with a copy of the original -// JSON. -type DeserializedManifestList struct { - ManifestList - - // canonical is the canonical byte representation of the Manifest. - canonical []byte -} - -// FromDescriptors takes a slice of descriptors, and returns a -// DeserializedManifestList which contains the resulting manifest list -// and its JSON representation. -func FromDescriptors(descriptors []ManifestDescriptor) (*DeserializedManifestList, error) { - m := ManifestList{ - Versioned: SchemaVersion, - } - - m.Manifests = make([]ManifestDescriptor, len(descriptors), len(descriptors)) - copy(m.Manifests, descriptors) - - deserialized := DeserializedManifestList{ - ManifestList: m, - } - - var err error - deserialized.canonical, err = json.MarshalIndent(&m, "", " ") - return &deserialized, err -} - -// UnmarshalJSON populates a new ManifestList struct from JSON data. -func (m *DeserializedManifestList) UnmarshalJSON(b []byte) error { - m.canonical = make([]byte, len(b), len(b)) - // store manifest list in canonical - copy(m.canonical, b) - - // Unmarshal canonical JSON into ManifestList object - var manifestList ManifestList - if err := json.Unmarshal(m.canonical, &manifestList); err != nil { - return err - } - - m.ManifestList = manifestList - - return nil -} - -// MarshalJSON returns the contents of canonical. If canonical is empty, -// marshals the inner contents. -func (m *DeserializedManifestList) MarshalJSON() ([]byte, error) { - if len(m.canonical) > 0 { - return m.canonical, nil - } - - return nil, errors.New("JSON representation not initialized in DeserializedManifestList") -} - -// Payload returns the raw content of the manifest list. The contents can be -// used to calculate the content identifier. -func (m DeserializedManifestList) Payload() (string, []byte, error) { - return m.MediaType, m.canonical, nil -} diff --git a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist_test.go b/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist_test.go deleted file mode 100644 index 09e6ed1f..00000000 --- a/vendor/github.com/docker/distribution/manifest/manifestlist/manifestlist_test.go +++ /dev/null @@ -1,111 +0,0 @@ -package manifestlist - -import ( - "bytes" - "encoding/json" - "reflect" - "testing" - - "github.com/docker/distribution" -) - -var expectedManifestListSerialization = []byte(`{ - "schemaVersion": 2, - "mediaType": "application/vnd.docker.distribution.manifest.list.v2+json", - "manifests": [ - { - "mediaType": "application/vnd.docker.distribution.manifest.v2+json", - "size": 985, - "digest": "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b", - "platform": { - "architecture": "amd64", - "os": "linux", - "features": [ - "sse4" - ] - } - }, - { - "mediaType": "application/vnd.docker.distribution.manifest.v2+json", - "size": 2392, - "digest": "sha256:6346340964309634683409684360934680934608934608934608934068934608", - "platform": { - "architecture": "sun4m", - "os": "sunos" - } - } - ] -}`) - -func TestManifestList(t *testing.T) { - manifestDescriptors := []ManifestDescriptor{ - { - Descriptor: distribution.Descriptor{ - Digest: "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b", - Size: 985, - MediaType: "application/vnd.docker.distribution.manifest.v2+json", - }, - Platform: PlatformSpec{ - Architecture: "amd64", - OS: "linux", - Features: []string{"sse4"}, - }, - }, - { - Descriptor: distribution.Descriptor{ - Digest: "sha256:6346340964309634683409684360934680934608934608934608934068934608", - Size: 2392, - MediaType: "application/vnd.docker.distribution.manifest.v2+json", - }, - Platform: PlatformSpec{ - Architecture: "sun4m", - OS: "sunos", - }, - }, - } - - deserialized, err := FromDescriptors(manifestDescriptors) - if err != nil { - t.Fatalf("error creating DeserializedManifestList: %v", err) - } - - mediaType, canonical, err := deserialized.Payload() - - if mediaType != MediaTypeManifestList { - t.Fatalf("unexpected media type: %s", mediaType) - } - - // Check that the canonical field is the same as json.MarshalIndent - // with these parameters. - p, err := json.MarshalIndent(&deserialized.ManifestList, "", " ") - if err != nil { - t.Fatalf("error marshaling manifest list: %v", err) - } - if !bytes.Equal(p, canonical) { - t.Fatalf("manifest bytes not equal: %q != %q", string(canonical), string(p)) - } - - // Check that the canonical field has the expected value. - if !bytes.Equal(expectedManifestListSerialization, canonical) { - t.Fatalf("manifest bytes not equal: %q != %q", string(canonical), string(expectedManifestListSerialization)) - } - - var unmarshalled DeserializedManifestList - if err := json.Unmarshal(deserialized.canonical, &unmarshalled); err != nil { - t.Fatalf("error unmarshaling manifest: %v", err) - } - - if !reflect.DeepEqual(&unmarshalled, deserialized) { - t.Fatalf("manifests are different after unmarshaling: %v != %v", unmarshalled, *deserialized) - } - - references := deserialized.References() - if len(references) != 2 { - t.Fatalf("unexpected number of references: %d", len(references)) - } - for i := range references { - if !reflect.DeepEqual(references[i], manifestDescriptors[i].Descriptor) { - t.Fatalf("unexpected value %d returned by References: %v", i, references[i]) - } - } -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/config_builder.go b/vendor/github.com/docker/distribution/manifest/schema1/config_builder.go deleted file mode 100644 index be012373..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/config_builder.go +++ /dev/null @@ -1,282 +0,0 @@ -package schema1 - -import ( - "crypto/sha512" - "encoding/json" - "errors" - "fmt" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/reference" - "github.com/docker/libtrust" -) - -type diffID digest.Digest - -// gzippedEmptyTar is a gzip-compressed version of an empty tar file -// (1024 NULL bytes) -var gzippedEmptyTar = []byte{ - 31, 139, 8, 0, 0, 9, 110, 136, 0, 255, 98, 24, 5, 163, 96, 20, 140, 88, - 0, 8, 0, 0, 255, 255, 46, 175, 181, 239, 0, 4, 0, 0, -} - -// digestSHA256GzippedEmptyTar is the canonical sha256 digest of -// gzippedEmptyTar -const digestSHA256GzippedEmptyTar = digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4") - -// configManifestBuilder is a type for constructing manifests from an image -// configuration and generic descriptors. -type configManifestBuilder struct { - // bs is a BlobService used to create empty layer tars in the - // blob store if necessary. - bs distribution.BlobService - // pk is the libtrust private key used to sign the final manifest. - pk libtrust.PrivateKey - // configJSON is configuration supplied when the ManifestBuilder was - // created. - configJSON []byte - // ref contains the name and optional tag provided to NewConfigManifestBuilder. - ref reference.Named - // descriptors is the set of descriptors referencing the layers. - descriptors []distribution.Descriptor - // emptyTarDigest is set to a valid digest if an empty tar has been - // put in the blob store; otherwise it is empty. - emptyTarDigest digest.Digest -} - -// NewConfigManifestBuilder is used to build new manifests for the current -// schema version from an image configuration and a set of descriptors. -// It takes a BlobService so that it can add an empty tar to the blob store -// if the resulting manifest needs empty layers. -func NewConfigManifestBuilder(bs distribution.BlobService, pk libtrust.PrivateKey, ref reference.Named, configJSON []byte) distribution.ManifestBuilder { - return &configManifestBuilder{ - bs: bs, - pk: pk, - configJSON: configJSON, - ref: ref, - } -} - -// Build produces a final manifest from the given references -func (mb *configManifestBuilder) Build(ctx context.Context) (m distribution.Manifest, err error) { - type imageRootFS struct { - Type string `json:"type"` - DiffIDs []diffID `json:"diff_ids,omitempty"` - BaseLayer string `json:"base_layer,omitempty"` - } - - type imageHistory struct { - Created time.Time `json:"created"` - Author string `json:"author,omitempty"` - CreatedBy string `json:"created_by,omitempty"` - Comment string `json:"comment,omitempty"` - EmptyLayer bool `json:"empty_layer,omitempty"` - } - - type imageConfig struct { - RootFS *imageRootFS `json:"rootfs,omitempty"` - History []imageHistory `json:"history,omitempty"` - Architecture string `json:"architecture,omitempty"` - } - - var img imageConfig - - if err := json.Unmarshal(mb.configJSON, &img); err != nil { - return nil, err - } - - if len(img.History) == 0 { - return nil, errors.New("empty history when trying to create schema1 manifest") - } - - if len(img.RootFS.DiffIDs) != len(mb.descriptors) { - return nil, fmt.Errorf("number of descriptors and number of layers in rootfs must match: len(%v) != len(%v)", img.RootFS.DiffIDs, mb.descriptors) - } - - // Generate IDs for each layer - // For non-top-level layers, create fake V1Compatibility strings that - // fit the format and don't collide with anything else, but don't - // result in runnable images on their own. - type v1Compatibility struct { - ID string `json:"id"` - Parent string `json:"parent,omitempty"` - Comment string `json:"comment,omitempty"` - Created time.Time `json:"created"` - ContainerConfig struct { - Cmd []string - } `json:"container_config,omitempty"` - Author string `json:"author,omitempty"` - ThrowAway bool `json:"throwaway,omitempty"` - } - - fsLayerList := make([]FSLayer, len(img.History)) - history := make([]History, len(img.History)) - - parent := "" - layerCounter := 0 - for i, h := range img.History[:len(img.History)-1] { - var blobsum digest.Digest - if h.EmptyLayer { - if blobsum, err = mb.emptyTar(ctx); err != nil { - return nil, err - } - } else { - if len(img.RootFS.DiffIDs) <= layerCounter { - return nil, errors.New("too many non-empty layers in History section") - } - blobsum = mb.descriptors[layerCounter].Digest - layerCounter++ - } - - v1ID := digest.FromBytes([]byte(blobsum.Hex() + " " + parent)).Hex() - - if i == 0 && img.RootFS.BaseLayer != "" { - // windows-only baselayer setup - baseID := sha512.Sum384([]byte(img.RootFS.BaseLayer)) - parent = fmt.Sprintf("%x", baseID[:32]) - } - - v1Compatibility := v1Compatibility{ - ID: v1ID, - Parent: parent, - Comment: h.Comment, - Created: h.Created, - Author: h.Author, - } - v1Compatibility.ContainerConfig.Cmd = []string{img.History[i].CreatedBy} - if h.EmptyLayer { - v1Compatibility.ThrowAway = true - } - jsonBytes, err := json.Marshal(&v1Compatibility) - if err != nil { - return nil, err - } - - reversedIndex := len(img.History) - i - 1 - history[reversedIndex].V1Compatibility = string(jsonBytes) - fsLayerList[reversedIndex] = FSLayer{BlobSum: blobsum} - - parent = v1ID - } - - latestHistory := img.History[len(img.History)-1] - - var blobsum digest.Digest - if latestHistory.EmptyLayer { - if blobsum, err = mb.emptyTar(ctx); err != nil { - return nil, err - } - } else { - if len(img.RootFS.DiffIDs) <= layerCounter { - return nil, errors.New("too many non-empty layers in History section") - } - blobsum = mb.descriptors[layerCounter].Digest - } - - fsLayerList[0] = FSLayer{BlobSum: blobsum} - dgst := digest.FromBytes([]byte(blobsum.Hex() + " " + parent + " " + string(mb.configJSON))) - - // Top-level v1compatibility string should be a modified version of the - // image config. - transformedConfig, err := MakeV1ConfigFromConfig(mb.configJSON, dgst.Hex(), parent, latestHistory.EmptyLayer) - if err != nil { - return nil, err - } - - history[0].V1Compatibility = string(transformedConfig) - - tag := "" - if tagged, isTagged := mb.ref.(reference.Tagged); isTagged { - tag = tagged.Tag() - } - - mfst := Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: mb.ref.Name(), - Tag: tag, - Architecture: img.Architecture, - FSLayers: fsLayerList, - History: history, - } - - return Sign(&mfst, mb.pk) -} - -// emptyTar pushes a compressed empty tar to the blob store if one doesn't -// already exist, and returns its blobsum. -func (mb *configManifestBuilder) emptyTar(ctx context.Context) (digest.Digest, error) { - if mb.emptyTarDigest != "" { - // Already put an empty tar - return mb.emptyTarDigest, nil - } - - descriptor, err := mb.bs.Stat(ctx, digestSHA256GzippedEmptyTar) - switch err { - case nil: - mb.emptyTarDigest = descriptor.Digest - return descriptor.Digest, nil - case distribution.ErrBlobUnknown: - // nop - default: - return "", err - } - - // Add gzipped empty tar to the blob store - descriptor, err = mb.bs.Put(ctx, "", gzippedEmptyTar) - if err != nil { - return "", err - } - - mb.emptyTarDigest = descriptor.Digest - - return descriptor.Digest, nil -} - -// AppendReference adds a reference to the current ManifestBuilder -func (mb *configManifestBuilder) AppendReference(d distribution.Describable) error { - // todo: verification here? - mb.descriptors = append(mb.descriptors, d.Descriptor()) - return nil -} - -// References returns the current references added to this builder -func (mb *configManifestBuilder) References() []distribution.Descriptor { - return mb.descriptors -} - -// MakeV1ConfigFromConfig creates an legacy V1 image config from image config JSON -func MakeV1ConfigFromConfig(configJSON []byte, v1ID, parentV1ID string, throwaway bool) ([]byte, error) { - // Top-level v1compatibility string should be a modified version of the - // image config. - var configAsMap map[string]*json.RawMessage - if err := json.Unmarshal(configJSON, &configAsMap); err != nil { - return nil, err - } - - // Delete fields that didn't exist in old manifest - delete(configAsMap, "rootfs") - delete(configAsMap, "history") - configAsMap["id"] = rawJSON(v1ID) - if parentV1ID != "" { - configAsMap["parent"] = rawJSON(parentV1ID) - } - if throwaway { - configAsMap["throwaway"] = rawJSON(true) - } - - return json.Marshal(configAsMap) -} - -func rawJSON(value interface{}) *json.RawMessage { - jsonval, err := json.Marshal(value) - if err != nil { - return nil - } - return (*json.RawMessage)(&jsonval) -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/config_builder_test.go b/vendor/github.com/docker/distribution/manifest/schema1/config_builder_test.go deleted file mode 100644 index 5f9abaa9..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/config_builder_test.go +++ /dev/null @@ -1,272 +0,0 @@ -package schema1 - -import ( - "bytes" - "compress/gzip" - "io" - "reflect" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/libtrust" -) - -type mockBlobService struct { - descriptors map[digest.Digest]distribution.Descriptor -} - -func (bs *mockBlobService) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - if descriptor, ok := bs.descriptors[dgst]; ok { - return descriptor, nil - } - return distribution.Descriptor{}, distribution.ErrBlobUnknown -} - -func (bs *mockBlobService) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - panic("not implemented") -} - -func (bs *mockBlobService) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - panic("not implemented") -} - -func (bs *mockBlobService) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - d := distribution.Descriptor{ - Digest: digest.FromBytes(p), - Size: int64(len(p)), - MediaType: mediaType, - } - bs.descriptors[d.Digest] = d - return d, nil -} - -func (bs *mockBlobService) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - panic("not implemented") -} - -func (bs *mockBlobService) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - panic("not implemented") -} - -func TestEmptyTar(t *testing.T) { - // Confirm that gzippedEmptyTar expands to 1024 NULL bytes. - var decompressed [2048]byte - gzipReader, err := gzip.NewReader(bytes.NewReader(gzippedEmptyTar)) - if err != nil { - t.Fatalf("NewReader returned error: %v", err) - } - n, err := gzipReader.Read(decompressed[:]) - if n != 1024 { - t.Fatalf("read returned %d bytes; expected 1024", n) - } - n, err = gzipReader.Read(decompressed[1024:]) - if n != 0 { - t.Fatalf("read returned %d bytes; expected 0", n) - } - if err != io.EOF { - t.Fatal("read did not return io.EOF") - } - gzipReader.Close() - for _, b := range decompressed[:1024] { - if b != 0 { - t.Fatal("nonzero byte in decompressed tar") - } - } - - // Confirm that digestSHA256EmptyTar is the digest of gzippedEmptyTar. - dgst := digest.FromBytes(gzippedEmptyTar) - if dgst != digestSHA256GzippedEmptyTar { - t.Fatalf("digest mismatch for empty tar: expected %s got %s", digestSHA256GzippedEmptyTar, dgst) - } -} - -func TestConfigBuilder(t *testing.T) { - imgJSON := `{ - "architecture": "amd64", - "config": { - "AttachStderr": false, - "AttachStdin": false, - "AttachStdout": false, - "Cmd": [ - "/bin/sh", - "-c", - "echo hi" - ], - "Domainname": "", - "Entrypoint": null, - "Env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "derived=true", - "asdf=true" - ], - "Hostname": "23304fc829f9", - "Image": "sha256:4ab15c48b859c2920dd5224f92aabcd39a52794c5b3cf088fb3bbb438756c246", - "Labels": {}, - "OnBuild": [], - "OpenStdin": false, - "StdinOnce": false, - "Tty": false, - "User": "", - "Volumes": null, - "WorkingDir": "" - }, - "container": "e91032eb0403a61bfe085ff5a5a48e3659e5a6deae9f4d678daa2ae399d5a001", - "container_config": { - "AttachStderr": false, - "AttachStdin": false, - "AttachStdout": false, - "Cmd": [ - "/bin/sh", - "-c", - "#(nop) CMD [\"/bin/sh\" \"-c\" \"echo hi\"]" - ], - "Domainname": "", - "Entrypoint": null, - "Env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "derived=true", - "asdf=true" - ], - "Hostname": "23304fc829f9", - "Image": "sha256:4ab15c48b859c2920dd5224f92aabcd39a52794c5b3cf088fb3bbb438756c246", - "Labels": {}, - "OnBuild": [], - "OpenStdin": false, - "StdinOnce": false, - "Tty": false, - "User": "", - "Volumes": null, - "WorkingDir": "" - }, - "created": "2015-11-04T23:06:32.365666163Z", - "docker_version": "1.9.0-dev", - "history": [ - { - "created": "2015-10-31T22:22:54.690851953Z", - "created_by": "/bin/sh -c #(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /" - }, - { - "created": "2015-10-31T22:22:55.613815829Z", - "created_by": "/bin/sh -c #(nop) CMD [\"sh\"]" - }, - { - "created": "2015-11-04T23:06:30.934316144Z", - "created_by": "/bin/sh -c #(nop) ENV derived=true", - "empty_layer": true - }, - { - "created": "2015-11-04T23:06:31.192097572Z", - "created_by": "/bin/sh -c #(nop) ENV asdf=true", - "empty_layer": true - }, - { - "author": "Alyssa P. Hacker \u003calyspdev@example.com\u003e", - "created": "2015-11-04T23:06:32.083868454Z", - "created_by": "/bin/sh -c dd if=/dev/zero of=/file bs=1024 count=1024" - }, - { - "created": "2015-11-04T23:06:32.365666163Z", - "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\" \"-c\" \"echo hi\"]", - "empty_layer": true - } - ], - "os": "linux", - "rootfs": { - "diff_ids": [ - "sha256:c6f988f4874bb0add23a778f753c65efe992244e148a1d2ec2a8b664fb66bbd1", - "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", - "sha256:13f53e08df5a220ab6d13c58b2bf83a59cbdc2e04d0a3f041ddf4b0ba4112d49" - ], - "type": "layers" - } -}` - - descriptors := []distribution.Descriptor{ - {Digest: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - {Digest: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")}, - {Digest: digest.Digest("sha256:b4ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("could not generate key for testing: %v", err) - } - - bs := &mockBlobService{descriptors: make(map[digest.Digest]distribution.Descriptor)} - - ref, err := reference.ParseNamed("testrepo:testtag") - if err != nil { - t.Fatalf("could not parse reference: %v", err) - } - - builder := NewConfigManifestBuilder(bs, pk, ref, []byte(imgJSON)) - - for _, d := range descriptors { - if err := builder.AppendReference(d); err != nil { - t.Fatalf("AppendReference returned error: %v", err) - } - } - - signed, err := builder.Build(context.Background()) - if err != nil { - t.Fatalf("Build returned error: %v", err) - } - - // Check that the gzipped empty layer tar was put in the blob store - _, err = bs.Stat(context.Background(), digestSHA256GzippedEmptyTar) - if err != nil { - t.Fatal("gzipped empty tar was not put in the blob store") - } - - manifest := signed.(*SignedManifest).Manifest - - if manifest.Versioned.SchemaVersion != 1 { - t.Fatal("SchemaVersion != 1") - } - if manifest.Name != "testrepo" { - t.Fatal("incorrect name in manifest") - } - if manifest.Tag != "testtag" { - t.Fatal("incorrect tag in manifest") - } - if manifest.Architecture != "amd64" { - t.Fatal("incorrect arch in manifest") - } - - expectedFSLayers := []FSLayer{ - {BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - {BlobSum: digest.Digest("sha256:b4ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - {BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - {BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - {BlobSum: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa")}, - {BlobSum: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4")}, - } - - if len(manifest.FSLayers) != len(expectedFSLayers) { - t.Fatalf("wrong number of FSLayers: %d", len(manifest.FSLayers)) - } - if !reflect.DeepEqual(manifest.FSLayers, expectedFSLayers) { - t.Fatal("wrong FSLayers list") - } - - expectedV1Compatibility := []string{ - `{"architecture":"amd64","config":{"AttachStderr":false,"AttachStdin":false,"AttachStdout":false,"Cmd":["/bin/sh","-c","echo hi"],"Domainname":"","Entrypoint":null,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin","derived=true","asdf=true"],"Hostname":"23304fc829f9","Image":"sha256:4ab15c48b859c2920dd5224f92aabcd39a52794c5b3cf088fb3bbb438756c246","Labels":{},"OnBuild":[],"OpenStdin":false,"StdinOnce":false,"Tty":false,"User":"","Volumes":null,"WorkingDir":""},"container":"e91032eb0403a61bfe085ff5a5a48e3659e5a6deae9f4d678daa2ae399d5a001","container_config":{"AttachStderr":false,"AttachStdin":false,"AttachStdout":false,"Cmd":["/bin/sh","-c","#(nop) CMD [\"/bin/sh\" \"-c\" \"echo hi\"]"],"Domainname":"","Entrypoint":null,"Env":["PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin","derived=true","asdf=true"],"Hostname":"23304fc829f9","Image":"sha256:4ab15c48b859c2920dd5224f92aabcd39a52794c5b3cf088fb3bbb438756c246","Labels":{},"OnBuild":[],"OpenStdin":false,"StdinOnce":false,"Tty":false,"User":"","Volumes":null,"WorkingDir":""},"created":"2015-11-04T23:06:32.365666163Z","docker_version":"1.9.0-dev","id":"69e5c1bfadad697fdb6db59f6326648fa119e0c031a0eda33b8cfadcab54ba7f","os":"linux","parent":"74cf9c92699240efdba1903c2748ef57105d5bedc588084c4e88f3bb1c3ef0b0","throwaway":true}`, - `{"id":"74cf9c92699240efdba1903c2748ef57105d5bedc588084c4e88f3bb1c3ef0b0","parent":"178be37afc7c49e951abd75525dbe0871b62ad49402f037164ee6314f754599d","created":"2015-11-04T23:06:32.083868454Z","container_config":{"Cmd":["/bin/sh -c dd if=/dev/zero of=/file bs=1024 count=1024"]},"author":"Alyssa P. Hacker \u003calyspdev@example.com\u003e"}`, - `{"id":"178be37afc7c49e951abd75525dbe0871b62ad49402f037164ee6314f754599d","parent":"b449305a55a283538c4574856a8b701f2a3d5ec08ef8aec47f385f20339a4866","created":"2015-11-04T23:06:31.192097572Z","container_config":{"Cmd":["/bin/sh -c #(nop) ENV asdf=true"]},"throwaway":true}`, - `{"id":"b449305a55a283538c4574856a8b701f2a3d5ec08ef8aec47f385f20339a4866","parent":"9e3447ca24cb96d86ebd5960cb34d1299b07e0a0e03801d90b9969a2c187dd6e","created":"2015-11-04T23:06:30.934316144Z","container_config":{"Cmd":["/bin/sh -c #(nop) ENV derived=true"]},"throwaway":true}`, - `{"id":"9e3447ca24cb96d86ebd5960cb34d1299b07e0a0e03801d90b9969a2c187dd6e","parent":"3690474eb5b4b26fdfbd89c6e159e8cc376ca76ef48032a30fa6aafd56337880","created":"2015-10-31T22:22:55.613815829Z","container_config":{"Cmd":["/bin/sh -c #(nop) CMD [\"sh\"]"]}}`, - `{"id":"3690474eb5b4b26fdfbd89c6e159e8cc376ca76ef48032a30fa6aafd56337880","created":"2015-10-31T22:22:54.690851953Z","container_config":{"Cmd":["/bin/sh -c #(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /"]}}`, - } - - if len(manifest.History) != len(expectedV1Compatibility) { - t.Fatalf("wrong number of history entries: %d", len(manifest.History)) - } - for i := range expectedV1Compatibility { - if manifest.History[i].V1Compatibility != expectedV1Compatibility[i] { - t.Errorf("wrong V1Compatibility %d. expected:\n%s\ngot:\n%s", i, expectedV1Compatibility[i], manifest.History[i].V1Compatibility) - } - } -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/manifest.go b/vendor/github.com/docker/distribution/manifest/schema1/manifest.go deleted file mode 100644 index bff47bde..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/manifest.go +++ /dev/null @@ -1,184 +0,0 @@ -package schema1 - -import ( - "encoding/json" - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/libtrust" -) - -const ( - // MediaTypeManifest specifies the mediaType for the current version. Note - // that for schema version 1, the the media is optionally "application/json". - MediaTypeManifest = "application/vnd.docker.distribution.manifest.v1+json" - // MediaTypeSignedManifest specifies the mediatype for current SignedManifest version - MediaTypeSignedManifest = "application/vnd.docker.distribution.manifest.v1+prettyjws" - // MediaTypeManifestLayer specifies the media type for manifest layers - MediaTypeManifestLayer = "application/vnd.docker.container.image.rootfs.diff+x-gtar" -) - -var ( - // SchemaVersion provides a pre-initialized version structure for this - // packages version of the manifest. - SchemaVersion = manifest.Versioned{ - SchemaVersion: 1, - } -) - -func init() { - schema1Func := func(b []byte) (distribution.Manifest, distribution.Descriptor, error) { - sm := new(SignedManifest) - err := sm.UnmarshalJSON(b) - if err != nil { - return nil, distribution.Descriptor{}, err - } - - desc := distribution.Descriptor{ - Digest: digest.FromBytes(sm.Canonical), - Size: int64(len(sm.Canonical)), - MediaType: MediaTypeSignedManifest, - } - return sm, desc, err - } - err := distribution.RegisterManifestSchema(MediaTypeSignedManifest, schema1Func) - if err != nil { - panic(fmt.Sprintf("Unable to register manifest: %s", err)) - } - err = distribution.RegisterManifestSchema("", schema1Func) - if err != nil { - panic(fmt.Sprintf("Unable to register manifest: %s", err)) - } - err = distribution.RegisterManifestSchema("application/json", schema1Func) - if err != nil { - panic(fmt.Sprintf("Unable to register manifest: %s", err)) - } -} - -// FSLayer is a container struct for BlobSums defined in an image manifest -type FSLayer struct { - // BlobSum is the tarsum of the referenced filesystem image layer - BlobSum digest.Digest `json:"blobSum"` -} - -// History stores unstructured v1 compatibility information -type History struct { - // V1Compatibility is the raw v1 compatibility information - V1Compatibility string `json:"v1Compatibility"` -} - -// Manifest provides the base accessible fields for working with V2 image -// format in the registry. -type Manifest struct { - manifest.Versioned - - // Name is the name of the image's repository - Name string `json:"name"` - - // Tag is the tag of the image specified by this manifest - Tag string `json:"tag"` - - // Architecture is the host architecture on which this image is intended to - // run - Architecture string `json:"architecture"` - - // FSLayers is a list of filesystem layer blobSums contained in this image - FSLayers []FSLayer `json:"fsLayers"` - - // History is a list of unstructured historical data for v1 compatibility - History []History `json:"history"` -} - -// SignedManifest provides an envelope for a signed image manifest, including -// the format sensitive raw bytes. -type SignedManifest struct { - Manifest - - // Canonical is the canonical byte representation of the ImageManifest, - // without any attached signatures. The manifest byte - // representation cannot change or it will have to be re-signed. - Canonical []byte `json:"-"` - - // all contains the byte representation of the Manifest including signatures - // and is returned by Payload() - all []byte -} - -// UnmarshalJSON populates a new SignedManifest struct from JSON data. -func (sm *SignedManifest) UnmarshalJSON(b []byte) error { - sm.all = make([]byte, len(b), len(b)) - // store manifest and signatures in all - copy(sm.all, b) - - jsig, err := libtrust.ParsePrettySignature(b, "signatures") - if err != nil { - return err - } - - // Resolve the payload in the manifest. - bytes, err := jsig.Payload() - if err != nil { - return err - } - - // sm.Canonical stores the canonical manifest JSON - sm.Canonical = make([]byte, len(bytes), len(bytes)) - copy(sm.Canonical, bytes) - - // Unmarshal canonical JSON into Manifest object - var manifest Manifest - if err := json.Unmarshal(sm.Canonical, &manifest); err != nil { - return err - } - - sm.Manifest = manifest - - return nil -} - -// References returnes the descriptors of this manifests references -func (sm SignedManifest) References() []distribution.Descriptor { - dependencies := make([]distribution.Descriptor, len(sm.FSLayers)) - for i, fsLayer := range sm.FSLayers { - dependencies[i] = distribution.Descriptor{ - MediaType: "application/vnd.docker.container.image.rootfs.diff+x-gtar", - Digest: fsLayer.BlobSum, - } - } - - return dependencies - -} - -// MarshalJSON returns the contents of raw. If Raw is nil, marshals the inner -// contents. Applications requiring a marshaled signed manifest should simply -// use Raw directly, since the the content produced by json.Marshal will be -// compacted and will fail signature checks. -func (sm *SignedManifest) MarshalJSON() ([]byte, error) { - if len(sm.all) > 0 { - return sm.all, nil - } - - // If the raw data is not available, just dump the inner content. - return json.Marshal(&sm.Manifest) -} - -// Payload returns the signed content of the signed manifest. -func (sm SignedManifest) Payload() (string, []byte, error) { - return MediaTypeSignedManifest, sm.all, nil -} - -// Signatures returns the signatures as provided by -// (*libtrust.JSONSignature).Signatures. The byte slices are opaque jws -// signatures. -func (sm *SignedManifest) Signatures() ([][]byte, error) { - jsig, err := libtrust.ParsePrettySignature(sm.all, "signatures") - if err != nil { - return nil, err - } - - // Resolve the payload in the manifest. - return jsig.Signatures() -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/manifest_test.go b/vendor/github.com/docker/distribution/manifest/schema1/manifest_test.go deleted file mode 100644 index 05bb8ec5..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/manifest_test.go +++ /dev/null @@ -1,136 +0,0 @@ -package schema1 - -import ( - "bytes" - "encoding/json" - "reflect" - "testing" - - "github.com/docker/libtrust" -) - -type testEnv struct { - name, tag string - invalidSigned *SignedManifest - signed *SignedManifest - pk libtrust.PrivateKey -} - -func TestManifestMarshaling(t *testing.T) { - env := genEnv(t) - - // Check that the all field is the same as json.MarshalIndent with these - // parameters. - p, err := json.MarshalIndent(env.signed, "", " ") - if err != nil { - t.Fatalf("error marshaling manifest: %v", err) - } - - if !bytes.Equal(p, env.signed.all) { - t.Fatalf("manifest bytes not equal: %q != %q", string(env.signed.all), string(p)) - } -} - -func TestManifestUnmarshaling(t *testing.T) { - env := genEnv(t) - - var signed SignedManifest - if err := json.Unmarshal(env.signed.all, &signed); err != nil { - t.Fatalf("error unmarshaling signed manifest: %v", err) - } - - if !reflect.DeepEqual(&signed, env.signed) { - t.Fatalf("manifests are different after unmarshaling: %v != %v", signed, env.signed) - } - -} - -func TestManifestVerification(t *testing.T) { - env := genEnv(t) - - publicKeys, err := Verify(env.signed) - if err != nil { - t.Fatalf("error verifying manifest: %v", err) - } - - if len(publicKeys) == 0 { - t.Fatalf("no public keys found in signature") - } - - var found bool - publicKey := env.pk.PublicKey() - // ensure that one of the extracted public keys matches the private key. - for _, candidate := range publicKeys { - if candidate.KeyID() == publicKey.KeyID() { - found = true - break - } - } - - if !found { - t.Fatalf("expected public key, %v, not found in verified keys: %v", publicKey, publicKeys) - } - - // Check that an invalid manifest fails verification - _, err = Verify(env.invalidSigned) - if err != nil { - t.Fatalf("Invalid manifest should not pass Verify()") - } -} - -func genEnv(t *testing.T) *testEnv { - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("error generating test key: %v", err) - } - - name, tag := "foo/bar", "test" - - invalid := Manifest{ - Versioned: SchemaVersion, - Name: name, - Tag: tag, - FSLayers: []FSLayer{ - { - BlobSum: "asdf", - }, - { - BlobSum: "qwer", - }, - }, - } - - valid := Manifest{ - Versioned: SchemaVersion, - Name: name, - Tag: tag, - FSLayers: []FSLayer{ - { - BlobSum: "asdf", - }, - }, - History: []History{ - { - V1Compatibility: "", - }, - }, - } - - sm, err := Sign(&valid, pk) - if err != nil { - t.Fatalf("error signing manifest: %v", err) - } - - invalidSigned, err := Sign(&invalid, pk) - if err != nil { - t.Fatalf("error signing manifest: %v", err) - } - - return &testEnv{ - name: name, - tag: tag, - invalidSigned: invalidSigned, - signed: sm, - pk: pk, - } -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/reference_builder.go b/vendor/github.com/docker/distribution/manifest/schema1/reference_builder.go deleted file mode 100644 index fc1045f9..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/reference_builder.go +++ /dev/null @@ -1,98 +0,0 @@ -package schema1 - -import ( - "fmt" - - "errors" - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/reference" - "github.com/docker/libtrust" -) - -// referenceManifestBuilder is a type for constructing manifests from schema1 -// dependencies. -type referenceManifestBuilder struct { - Manifest - pk libtrust.PrivateKey -} - -// NewReferenceManifestBuilder is used to build new manifests for the current -// schema version using schema1 dependencies. -func NewReferenceManifestBuilder(pk libtrust.PrivateKey, ref reference.Named, architecture string) distribution.ManifestBuilder { - tag := "" - if tagged, isTagged := ref.(reference.Tagged); isTagged { - tag = tagged.Tag() - } - - return &referenceManifestBuilder{ - Manifest: Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: ref.Name(), - Tag: tag, - Architecture: architecture, - }, - pk: pk, - } -} - -func (mb *referenceManifestBuilder) Build(ctx context.Context) (distribution.Manifest, error) { - m := mb.Manifest - if len(m.FSLayers) == 0 { - return nil, errors.New("cannot build manifest with zero layers or history") - } - - m.FSLayers = make([]FSLayer, len(mb.Manifest.FSLayers)) - m.History = make([]History, len(mb.Manifest.History)) - copy(m.FSLayers, mb.Manifest.FSLayers) - copy(m.History, mb.Manifest.History) - - return Sign(&m, mb.pk) -} - -// AppendReference adds a reference to the current ManifestBuilder -func (mb *referenceManifestBuilder) AppendReference(d distribution.Describable) error { - r, ok := d.(Reference) - if !ok { - return fmt.Errorf("Unable to add non-reference type to v1 builder") - } - - // Entries need to be prepended - mb.Manifest.FSLayers = append([]FSLayer{{BlobSum: r.Digest}}, mb.Manifest.FSLayers...) - mb.Manifest.History = append([]History{r.History}, mb.Manifest.History...) - return nil - -} - -// References returns the current references added to this builder -func (mb *referenceManifestBuilder) References() []distribution.Descriptor { - refs := make([]distribution.Descriptor, len(mb.Manifest.FSLayers)) - for i := range mb.Manifest.FSLayers { - layerDigest := mb.Manifest.FSLayers[i].BlobSum - history := mb.Manifest.History[i] - ref := Reference{layerDigest, 0, history} - refs[i] = ref.Descriptor() - } - return refs -} - -// Reference describes a manifest v2, schema version 1 dependency. -// An FSLayer associated with a history entry. -type Reference struct { - Digest digest.Digest - Size int64 // if we know it, set it for the descriptor. - History History -} - -// Descriptor describes a reference -func (r Reference) Descriptor() distribution.Descriptor { - return distribution.Descriptor{ - MediaType: MediaTypeManifestLayer, - Digest: r.Digest, - Size: r.Size, - } -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/reference_builder_test.go b/vendor/github.com/docker/distribution/manifest/schema1/reference_builder_test.go deleted file mode 100644 index 35db28e4..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/reference_builder_test.go +++ /dev/null @@ -1,108 +0,0 @@ -package schema1 - -import ( - "testing" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/reference" - "github.com/docker/libtrust" -) - -func makeSignedManifest(t *testing.T, pk libtrust.PrivateKey, refs []Reference) *SignedManifest { - u := &Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: "foo/bar", - Tag: "latest", - Architecture: "amd64", - } - - for i := len(refs) - 1; i >= 0; i-- { - u.FSLayers = append(u.FSLayers, FSLayer{ - BlobSum: refs[i].Digest, - }) - u.History = append(u.History, History{ - V1Compatibility: refs[i].History.V1Compatibility, - }) - } - - signedManifest, err := Sign(u, pk) - if err != nil { - t.Fatalf("unexpected error signing manifest: %v", err) - } - return signedManifest -} - -func TestReferenceBuilder(t *testing.T) { - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key: %v", err) - } - - r1 := Reference{ - Digest: "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", - Size: 1, - History: History{V1Compatibility: "{\"a\" : 1 }"}, - } - r2 := Reference{ - Digest: "sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb", - Size: 2, - History: History{V1Compatibility: "{\"\a\" : 2 }"}, - } - - handCrafted := makeSignedManifest(t, pk, []Reference{r1, r2}) - - ref, err := reference.ParseNamed(handCrafted.Manifest.Name) - if err != nil { - t.Fatalf("could not parse reference: %v", err) - } - ref, err = reference.WithTag(ref, handCrafted.Manifest.Tag) - if err != nil { - t.Fatalf("could not add tag: %v", err) - } - - b := NewReferenceManifestBuilder(pk, ref, handCrafted.Manifest.Architecture) - _, err = b.Build(context.Background()) - if err == nil { - t.Fatal("Expected error building zero length manifest") - } - - err = b.AppendReference(r1) - if err != nil { - t.Fatal(err) - } - - err = b.AppendReference(r2) - if err != nil { - t.Fatal(err) - } - - refs := b.References() - if len(refs) != 2 { - t.Fatalf("Unexpected reference count : %d != %d", 2, len(refs)) - } - - // Ensure ordering - if refs[0].Digest != r2.Digest { - t.Fatalf("Unexpected reference : %v", refs[0]) - } - - m, err := b.Build(context.Background()) - if err != nil { - t.Fatal(err) - } - - built, ok := m.(*SignedManifest) - if !ok { - t.Fatalf("unexpected type from Build() : %T", built) - } - - d1 := digest.FromBytes(built.Canonical) - d2 := digest.FromBytes(handCrafted.Canonical) - if d1 != d2 { - t.Errorf("mismatching canonical JSON") - } -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/sign.go b/vendor/github.com/docker/distribution/manifest/schema1/sign.go deleted file mode 100644 index c862dd81..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/sign.go +++ /dev/null @@ -1,68 +0,0 @@ -package schema1 - -import ( - "crypto/x509" - "encoding/json" - - "github.com/docker/libtrust" -) - -// Sign signs the manifest with the provided private key, returning a -// SignedManifest. This typically won't be used within the registry, except -// for testing. -func Sign(m *Manifest, pk libtrust.PrivateKey) (*SignedManifest, error) { - p, err := json.MarshalIndent(m, "", " ") - if err != nil { - return nil, err - } - - js, err := libtrust.NewJSONSignature(p) - if err != nil { - return nil, err - } - - if err := js.Sign(pk); err != nil { - return nil, err - } - - pretty, err := js.PrettySignature("signatures") - if err != nil { - return nil, err - } - - return &SignedManifest{ - Manifest: *m, - all: pretty, - Canonical: p, - }, nil -} - -// SignWithChain signs the manifest with the given private key and x509 chain. -// The public key of the first element in the chain must be the public key -// corresponding with the sign key. -func SignWithChain(m *Manifest, key libtrust.PrivateKey, chain []*x509.Certificate) (*SignedManifest, error) { - p, err := json.MarshalIndent(m, "", " ") - if err != nil { - return nil, err - } - - js, err := libtrust.NewJSONSignature(p) - if err != nil { - return nil, err - } - - if err := js.SignWithChain(key, chain); err != nil { - return nil, err - } - - pretty, err := js.PrettySignature("signatures") - if err != nil { - return nil, err - } - - return &SignedManifest{ - Manifest: *m, - all: pretty, - Canonical: p, - }, nil -} diff --git a/vendor/github.com/docker/distribution/manifest/schema1/verify.go b/vendor/github.com/docker/distribution/manifest/schema1/verify.go deleted file mode 100644 index fa8daa56..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema1/verify.go +++ /dev/null @@ -1,32 +0,0 @@ -package schema1 - -import ( - "crypto/x509" - - "github.com/Sirupsen/logrus" - "github.com/docker/libtrust" -) - -// Verify verifies the signature of the signed manifest returning the public -// keys used during signing. -func Verify(sm *SignedManifest) ([]libtrust.PublicKey, error) { - js, err := libtrust.ParsePrettySignature(sm.all, "signatures") - if err != nil { - logrus.WithField("err", err).Debugf("(*SignedManifest).Verify") - return nil, err - } - - return js.Verify() -} - -// VerifyChains verifies the signature of the signed manifest against the -// certificate pool returning the list of verified chains. Signatures without -// an x509 chain are not checked. -func VerifyChains(sm *SignedManifest, ca *x509.CertPool) ([][]*x509.Certificate, error) { - js, err := libtrust.ParsePrettySignature(sm.all, "signatures") - if err != nil { - return nil, err - } - - return js.VerifyChains(ca) -} diff --git a/vendor/github.com/docker/distribution/manifest/schema2/builder.go b/vendor/github.com/docker/distribution/manifest/schema2/builder.go deleted file mode 100644 index ec0bf858..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema2/builder.go +++ /dev/null @@ -1,80 +0,0 @@ -package schema2 - -import ( - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" -) - -// builder is a type for constructing manifests. -type builder struct { - // bs is a BlobService used to publish the configuration blob. - bs distribution.BlobService - - // configJSON references - configJSON []byte - - // layers is a list of layer descriptors that gets built by successive - // calls to AppendReference. - layers []distribution.Descriptor -} - -// NewManifestBuilder is used to build new manifests for the current schema -// version. It takes a BlobService so it can publish the configuration blob -// as part of the Build process. -func NewManifestBuilder(bs distribution.BlobService, configJSON []byte) distribution.ManifestBuilder { - mb := &builder{ - bs: bs, - configJSON: make([]byte, len(configJSON)), - } - copy(mb.configJSON, configJSON) - - return mb -} - -// Build produces a final manifest from the given references. -func (mb *builder) Build(ctx context.Context) (distribution.Manifest, error) { - m := Manifest{ - Versioned: SchemaVersion, - Layers: make([]distribution.Descriptor, len(mb.layers)), - } - copy(m.Layers, mb.layers) - - configDigest := digest.FromBytes(mb.configJSON) - - var err error - m.Config, err = mb.bs.Stat(ctx, configDigest) - switch err { - case nil: - // Override MediaType, since Put always replaces the specified media - // type with application/octet-stream in the descriptor it returns. - m.Config.MediaType = MediaTypeConfig - return FromStruct(m) - case distribution.ErrBlobUnknown: - // nop - default: - return nil, err - } - - // Add config to the blob store - m.Config, err = mb.bs.Put(ctx, MediaTypeConfig, mb.configJSON) - // Override MediaType, since Put always replaces the specified media - // type with application/octet-stream in the descriptor it returns. - m.Config.MediaType = MediaTypeConfig - if err != nil { - return nil, err - } - - return FromStruct(m) -} - -// AppendReference adds a reference to the current ManifestBuilder. -func (mb *builder) AppendReference(d distribution.Describable) error { - mb.layers = append(mb.layers, d.Descriptor()) - return nil -} - -// References returns the current references added to this builder. -func (mb *builder) References() []distribution.Descriptor { - return mb.layers -} diff --git a/vendor/github.com/docker/distribution/manifest/schema2/builder_test.go b/vendor/github.com/docker/distribution/manifest/schema2/builder_test.go deleted file mode 100644 index 851f917c..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema2/builder_test.go +++ /dev/null @@ -1,210 +0,0 @@ -package schema2 - -import ( - "reflect" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" -) - -type mockBlobService struct { - descriptors map[digest.Digest]distribution.Descriptor -} - -func (bs *mockBlobService) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - if descriptor, ok := bs.descriptors[dgst]; ok { - return descriptor, nil - } - return distribution.Descriptor{}, distribution.ErrBlobUnknown -} - -func (bs *mockBlobService) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - panic("not implemented") -} - -func (bs *mockBlobService) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - panic("not implemented") -} - -func (bs *mockBlobService) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - d := distribution.Descriptor{ - Digest: digest.FromBytes(p), - Size: int64(len(p)), - MediaType: "application/octet-stream", - } - bs.descriptors[d.Digest] = d - return d, nil -} - -func (bs *mockBlobService) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - panic("not implemented") -} - -func (bs *mockBlobService) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - panic("not implemented") -} - -func TestBuilder(t *testing.T) { - imgJSON := []byte(`{ - "architecture": "amd64", - "config": { - "AttachStderr": false, - "AttachStdin": false, - "AttachStdout": false, - "Cmd": [ - "/bin/sh", - "-c", - "echo hi" - ], - "Domainname": "", - "Entrypoint": null, - "Env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "derived=true", - "asdf=true" - ], - "Hostname": "23304fc829f9", - "Image": "sha256:4ab15c48b859c2920dd5224f92aabcd39a52794c5b3cf088fb3bbb438756c246", - "Labels": {}, - "OnBuild": [], - "OpenStdin": false, - "StdinOnce": false, - "Tty": false, - "User": "", - "Volumes": null, - "WorkingDir": "" - }, - "container": "e91032eb0403a61bfe085ff5a5a48e3659e5a6deae9f4d678daa2ae399d5a001", - "container_config": { - "AttachStderr": false, - "AttachStdin": false, - "AttachStdout": false, - "Cmd": [ - "/bin/sh", - "-c", - "#(nop) CMD [\"/bin/sh\" \"-c\" \"echo hi\"]" - ], - "Domainname": "", - "Entrypoint": null, - "Env": [ - "PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin", - "derived=true", - "asdf=true" - ], - "Hostname": "23304fc829f9", - "Image": "sha256:4ab15c48b859c2920dd5224f92aabcd39a52794c5b3cf088fb3bbb438756c246", - "Labels": {}, - "OnBuild": [], - "OpenStdin": false, - "StdinOnce": false, - "Tty": false, - "User": "", - "Volumes": null, - "WorkingDir": "" - }, - "created": "2015-11-04T23:06:32.365666163Z", - "docker_version": "1.9.0-dev", - "history": [ - { - "created": "2015-10-31T22:22:54.690851953Z", - "created_by": "/bin/sh -c #(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /" - }, - { - "created": "2015-10-31T22:22:55.613815829Z", - "created_by": "/bin/sh -c #(nop) CMD [\"sh\"]" - }, - { - "created": "2015-11-04T23:06:30.934316144Z", - "created_by": "/bin/sh -c #(nop) ENV derived=true", - "empty_layer": true - }, - { - "created": "2015-11-04T23:06:31.192097572Z", - "created_by": "/bin/sh -c #(nop) ENV asdf=true", - "empty_layer": true - }, - { - "created": "2015-11-04T23:06:32.083868454Z", - "created_by": "/bin/sh -c dd if=/dev/zero of=/file bs=1024 count=1024" - }, - { - "created": "2015-11-04T23:06:32.365666163Z", - "created_by": "/bin/sh -c #(nop) CMD [\"/bin/sh\" \"-c\" \"echo hi\"]", - "empty_layer": true - } - ], - "os": "linux", - "rootfs": { - "diff_ids": [ - "sha256:c6f988f4874bb0add23a778f753c65efe992244e148a1d2ec2a8b664fb66bbd1", - "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef", - "sha256:13f53e08df5a220ab6d13c58b2bf83a59cbdc2e04d0a3f041ddf4b0ba4112d49" - ], - "type": "layers" - } -}`) - configDigest := digest.FromBytes(imgJSON) - - descriptors := []distribution.Descriptor{ - { - Digest: digest.Digest("sha256:a3ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"), - Size: 5312, - MediaType: MediaTypeLayer, - }, - { - Digest: digest.Digest("sha256:86e0e091d0da6bde2456dbb48306f3956bbeb2eae1b5b9a43045843f69fe4aaa"), - Size: 235231, - MediaType: MediaTypeLayer, - }, - { - Digest: digest.Digest("sha256:b4ed95caeb02ffe68cdd9fd84406680ae93d633cb16422d00e8a7c22955b46d4"), - Size: 639152, - MediaType: MediaTypeLayer, - }, - } - - bs := &mockBlobService{descriptors: make(map[digest.Digest]distribution.Descriptor)} - builder := NewManifestBuilder(bs, imgJSON) - - for _, d := range descriptors { - if err := builder.AppendReference(d); err != nil { - t.Fatalf("AppendReference returned error: %v", err) - } - } - - built, err := builder.Build(context.Background()) - if err != nil { - t.Fatalf("Build returned error: %v", err) - } - - // Check that the config was put in the blob store - _, err = bs.Stat(context.Background(), configDigest) - if err != nil { - t.Fatal("config was not put in the blob store") - } - - manifest := built.(*DeserializedManifest).Manifest - - if manifest.Versioned.SchemaVersion != 2 { - t.Fatal("SchemaVersion != 2") - } - - target := manifest.Target() - if target.Digest != configDigest { - t.Fatalf("unexpected digest in target: %s", target.Digest.String()) - } - if target.MediaType != MediaTypeConfig { - t.Fatalf("unexpected media type in target: %s", target.MediaType) - } - if target.Size != 3153 { - t.Fatalf("unexpected size in target: %d", target.Size) - } - - references := manifest.References() - expected := append([]distribution.Descriptor{manifest.Target()}, descriptors...) - if !reflect.DeepEqual(references, expected) { - t.Fatal("References() does not match the descriptors added") - } -} diff --git a/vendor/github.com/docker/distribution/manifest/schema2/manifest.go b/vendor/github.com/docker/distribution/manifest/schema2/manifest.go deleted file mode 100644 index 741998d0..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema2/manifest.go +++ /dev/null @@ -1,134 +0,0 @@ -package schema2 - -import ( - "encoding/json" - "errors" - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" -) - -const ( - // MediaTypeManifest specifies the mediaType for the current version. - MediaTypeManifest = "application/vnd.docker.distribution.manifest.v2+json" - - // MediaTypeConfig specifies the mediaType for the image configuration. - MediaTypeConfig = "application/vnd.docker.container.image.v1+json" - - // MediaTypePluginConfig specifies the mediaType for plugin configuration. - MediaTypePluginConfig = "application/vnd.docker.plugin.v1+json" - - // MediaTypeLayer is the mediaType used for layers referenced by the - // manifest. - MediaTypeLayer = "application/vnd.docker.image.rootfs.diff.tar.gzip" - - // MediaTypeForeignLayer is the mediaType used for layers that must be - // downloaded from foreign URLs. - MediaTypeForeignLayer = "application/vnd.docker.image.rootfs.foreign.diff.tar.gzip" -) - -var ( - // SchemaVersion provides a pre-initialized version structure for this - // packages version of the manifest. - SchemaVersion = manifest.Versioned{ - SchemaVersion: 2, - MediaType: MediaTypeManifest, - } -) - -func init() { - schema2Func := func(b []byte) (distribution.Manifest, distribution.Descriptor, error) { - m := new(DeserializedManifest) - err := m.UnmarshalJSON(b) - if err != nil { - return nil, distribution.Descriptor{}, err - } - - dgst := digest.FromBytes(b) - return m, distribution.Descriptor{Digest: dgst, Size: int64(len(b)), MediaType: MediaTypeManifest}, err - } - err := distribution.RegisterManifestSchema(MediaTypeManifest, schema2Func) - if err != nil { - panic(fmt.Sprintf("Unable to register manifest: %s", err)) - } -} - -// Manifest defines a schema2 manifest. -type Manifest struct { - manifest.Versioned - - // Config references the image configuration as a blob. - Config distribution.Descriptor `json:"config"` - - // Layers lists descriptors for the layers referenced by the - // configuration. - Layers []distribution.Descriptor `json:"layers"` -} - -// References returnes the descriptors of this manifests references. -func (m Manifest) References() []distribution.Descriptor { - references := make([]distribution.Descriptor, 0, 1+len(m.Layers)) - references = append(references, m.Config) - references = append(references, m.Layers...) - return references -} - -// Target returns the target of this signed manifest. -func (m Manifest) Target() distribution.Descriptor { - return m.Config -} - -// DeserializedManifest wraps Manifest with a copy of the original JSON. -// It satisfies the distribution.Manifest interface. -type DeserializedManifest struct { - Manifest - - // canonical is the canonical byte representation of the Manifest. - canonical []byte -} - -// FromStruct takes a Manifest structure, marshals it to JSON, and returns a -// DeserializedManifest which contains the manifest and its JSON representation. -func FromStruct(m Manifest) (*DeserializedManifest, error) { - var deserialized DeserializedManifest - deserialized.Manifest = m - - var err error - deserialized.canonical, err = json.MarshalIndent(&m, "", " ") - return &deserialized, err -} - -// UnmarshalJSON populates a new Manifest struct from JSON data. -func (m *DeserializedManifest) UnmarshalJSON(b []byte) error { - m.canonical = make([]byte, len(b), len(b)) - // store manifest in canonical - copy(m.canonical, b) - - // Unmarshal canonical JSON into Manifest object - var manifest Manifest - if err := json.Unmarshal(m.canonical, &manifest); err != nil { - return err - } - - m.Manifest = manifest - - return nil -} - -// MarshalJSON returns the contents of canonical. If canonical is empty, -// marshals the inner contents. -func (m *DeserializedManifest) MarshalJSON() ([]byte, error) { - if len(m.canonical) > 0 { - return m.canonical, nil - } - - return nil, errors.New("JSON representation not initialized in DeserializedManifest") -} - -// Payload returns the raw content of the manifest. The contents can be used to -// calculate the content identifier. -func (m DeserializedManifest) Payload() (string, []byte, error) { - return m.MediaType, m.canonical, nil -} diff --git a/vendor/github.com/docker/distribution/manifest/schema2/manifest_test.go b/vendor/github.com/docker/distribution/manifest/schema2/manifest_test.go deleted file mode 100644 index f0003d18..00000000 --- a/vendor/github.com/docker/distribution/manifest/schema2/manifest_test.go +++ /dev/null @@ -1,111 +0,0 @@ -package schema2 - -import ( - "bytes" - "encoding/json" - "reflect" - "testing" - - "github.com/docker/distribution" -) - -var expectedManifestSerialization = []byte(`{ - "schemaVersion": 2, - "mediaType": "application/vnd.docker.distribution.manifest.v2+json", - "config": { - "mediaType": "application/vnd.docker.container.image.v1+json", - "size": 985, - "digest": "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b" - }, - "layers": [ - { - "mediaType": "application/vnd.docker.image.rootfs.diff.tar.gzip", - "size": 153263, - "digest": "sha256:62d8908bee94c202b2d35224a221aaa2058318bfa9879fa541efaecba272331b" - } - ] -}`) - -func TestManifest(t *testing.T) { - manifest := Manifest{ - Versioned: SchemaVersion, - Config: distribution.Descriptor{ - Digest: "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b", - Size: 985, - MediaType: MediaTypeConfig, - }, - Layers: []distribution.Descriptor{ - { - Digest: "sha256:62d8908bee94c202b2d35224a221aaa2058318bfa9879fa541efaecba272331b", - Size: 153263, - MediaType: MediaTypeLayer, - }, - }, - } - - deserialized, err := FromStruct(manifest) - if err != nil { - t.Fatalf("error creating DeserializedManifest: %v", err) - } - - mediaType, canonical, err := deserialized.Payload() - - if mediaType != MediaTypeManifest { - t.Fatalf("unexpected media type: %s", mediaType) - } - - // Check that the canonical field is the same as json.MarshalIndent - // with these parameters. - p, err := json.MarshalIndent(&manifest, "", " ") - if err != nil { - t.Fatalf("error marshaling manifest: %v", err) - } - if !bytes.Equal(p, canonical) { - t.Fatalf("manifest bytes not equal: %q != %q", string(canonical), string(p)) - } - - // Check that canonical field matches expected value. - if !bytes.Equal(expectedManifestSerialization, canonical) { - t.Fatalf("manifest bytes not equal: %q != %q", string(canonical), string(expectedManifestSerialization)) - } - - var unmarshalled DeserializedManifest - if err := json.Unmarshal(deserialized.canonical, &unmarshalled); err != nil { - t.Fatalf("error unmarshaling manifest: %v", err) - } - - if !reflect.DeepEqual(&unmarshalled, deserialized) { - t.Fatalf("manifests are different after unmarshaling: %v != %v", unmarshalled, *deserialized) - } - - target := deserialized.Target() - if target.Digest != "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b" { - t.Fatalf("unexpected digest in target: %s", target.Digest.String()) - } - if target.MediaType != MediaTypeConfig { - t.Fatalf("unexpected media type in target: %s", target.MediaType) - } - if target.Size != 985 { - t.Fatalf("unexpected size in target: %d", target.Size) - } - - references := deserialized.References() - if len(references) != 2 { - t.Fatalf("unexpected number of references: %d", len(references)) - } - - if !reflect.DeepEqual(references[0], target) { - t.Fatalf("first reference should be target: %v != %v", references[0], target) - } - - // Test the second reference - if references[1].Digest != "sha256:62d8908bee94c202b2d35224a221aaa2058318bfa9879fa541efaecba272331b" { - t.Fatalf("unexpected digest in reference: %s", references[0].Digest.String()) - } - if references[1].MediaType != MediaTypeLayer { - t.Fatalf("unexpected media type in reference: %s", references[0].MediaType) - } - if references[1].Size != 153263 { - t.Fatalf("unexpected size in reference: %d", references[0].Size) - } -} diff --git a/vendor/github.com/docker/distribution/manifest/versioned.go b/vendor/github.com/docker/distribution/manifest/versioned.go deleted file mode 100644 index caa6b14e..00000000 --- a/vendor/github.com/docker/distribution/manifest/versioned.go +++ /dev/null @@ -1,12 +0,0 @@ -package manifest - -// Versioned provides a struct with the manifest schemaVersion and mediaType. -// Incoming content with unknown schema version can be decoded against this -// struct to check the version. -type Versioned struct { - // SchemaVersion is the image manifest schema that this image follows - SchemaVersion int `json:"schemaVersion"` - - // MediaType is the media type of this schema. - MediaType string `json:"mediaType,omitempty"` -} diff --git a/vendor/github.com/docker/distribution/manifests.go b/vendor/github.com/docker/distribution/manifests.go deleted file mode 100644 index c4fb6345..00000000 --- a/vendor/github.com/docker/distribution/manifests.go +++ /dev/null @@ -1,125 +0,0 @@ -package distribution - -import ( - "fmt" - "mime" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" -) - -// Manifest represents a registry object specifying a set of -// references and an optional target -type Manifest interface { - // References returns a list of objects which make up this manifest. - // A reference is anything which can be represented by a - // distribution.Descriptor. These can consist of layers, resources or other - // manifests. - // - // While no particular order is required, implementations should return - // them from highest to lowest priority. For example, one might want to - // return the base layer before the top layer. - References() []Descriptor - - // Payload provides the serialized format of the manifest, in addition to - // the mediatype. - Payload() (mediatype string, payload []byte, err error) -} - -// ManifestBuilder creates a manifest allowing one to include dependencies. -// Instances can be obtained from a version-specific manifest package. Manifest -// specific data is passed into the function which creates the builder. -type ManifestBuilder interface { - // Build creates the manifest from his builder. - Build(ctx context.Context) (Manifest, error) - - // References returns a list of objects which have been added to this - // builder. The dependencies are returned in the order they were added, - // which should be from base to head. - References() []Descriptor - - // AppendReference includes the given object in the manifest after any - // existing dependencies. If the add fails, such as when adding an - // unsupported dependency, an error may be returned. - // - // The destination of the reference is dependent on the manifest type and - // the dependency type. - AppendReference(dependency Describable) error -} - -// ManifestService describes operations on image manifests. -type ManifestService interface { - // Exists returns true if the manifest exists. - Exists(ctx context.Context, dgst digest.Digest) (bool, error) - - // Get retrieves the manifest specified by the given digest - Get(ctx context.Context, dgst digest.Digest, options ...ManifestServiceOption) (Manifest, error) - - // Put creates or updates the given manifest returning the manifest digest - Put(ctx context.Context, manifest Manifest, options ...ManifestServiceOption) (digest.Digest, error) - - // Delete removes the manifest specified by the given digest. Deleting - // a manifest that doesn't exist will return ErrManifestNotFound - Delete(ctx context.Context, dgst digest.Digest) error -} - -// ManifestEnumerator enables iterating over manifests -type ManifestEnumerator interface { - // Enumerate calls ingester for each manifest. - Enumerate(ctx context.Context, ingester func(digest.Digest) error) error -} - -// Describable is an interface for descriptors -type Describable interface { - Descriptor() Descriptor -} - -// ManifestMediaTypes returns the supported media types for manifests. -func ManifestMediaTypes() (mediaTypes []string) { - for t := range mappings { - if t != "" { - mediaTypes = append(mediaTypes, t) - } - } - return -} - -// UnmarshalFunc implements manifest unmarshalling a given MediaType -type UnmarshalFunc func([]byte) (Manifest, Descriptor, error) - -var mappings = make(map[string]UnmarshalFunc, 0) - -// UnmarshalManifest looks up manifest unmarshal functions based on -// MediaType -func UnmarshalManifest(ctHeader string, p []byte) (Manifest, Descriptor, error) { - // Need to look up by the actual media type, not the raw contents of - // the header. Strip semicolons and anything following them. - var mediatype string - if ctHeader != "" { - var err error - mediatype, _, err = mime.ParseMediaType(ctHeader) - if err != nil { - return nil, Descriptor{}, err - } - } - - unmarshalFunc, ok := mappings[mediatype] - if !ok { - unmarshalFunc, ok = mappings[""] - if !ok { - return nil, Descriptor{}, fmt.Errorf("unsupported manifest mediatype and no default available: %s", mediatype) - } - } - - return unmarshalFunc(p) -} - -// RegisterManifestSchema registers an UnmarshalFunc for a given schema type. This -// should be called from specific -func RegisterManifestSchema(mediatype string, u UnmarshalFunc) error { - if _, ok := mappings[mediatype]; ok { - return fmt.Errorf("manifest mediatype registration would overwrite existing: %s", mediatype) - } - mappings[mediatype] = u - return nil -} diff --git a/vendor/github.com/docker/distribution/notifications/bridge.go b/vendor/github.com/docker/distribution/notifications/bridge.go deleted file mode 100644 index 502288a4..00000000 --- a/vendor/github.com/docker/distribution/notifications/bridge.go +++ /dev/null @@ -1,214 +0,0 @@ -package notifications - -import ( - "net/http" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/uuid" -) - -type bridge struct { - ub URLBuilder - actor ActorRecord - source SourceRecord - request RequestRecord - sink Sink -} - -var _ Listener = &bridge{} - -// URLBuilder defines a subset of url builder to be used by the event listener. -type URLBuilder interface { - BuildManifestURL(name reference.Named) (string, error) - BuildBlobURL(ref reference.Canonical) (string, error) -} - -// NewBridge returns a notification listener that writes records to sink, -// using the actor and source. Any urls populated in the events created by -// this bridge will be created using the URLBuilder. -// TODO(stevvooe): Update this to simply take a context.Context object. -func NewBridge(ub URLBuilder, source SourceRecord, actor ActorRecord, request RequestRecord, sink Sink) Listener { - return &bridge{ - ub: ub, - actor: actor, - source: source, - request: request, - sink: sink, - } -} - -// NewRequestRecord builds a RequestRecord for use in NewBridge from an -// http.Request, associating it with a request id. -func NewRequestRecord(id string, r *http.Request) RequestRecord { - return RequestRecord{ - ID: id, - Addr: context.RemoteAddr(r), - Host: r.Host, - Method: r.Method, - UserAgent: r.UserAgent(), - } -} - -func (b *bridge) ManifestPushed(repo reference.Named, sm distribution.Manifest, options ...distribution.ManifestServiceOption) error { - manifestEvent, err := b.createManifestEvent(EventActionPush, repo, sm) - if err != nil { - return err - } - - for _, option := range options { - if opt, ok := option.(distribution.WithTagOption); ok { - manifestEvent.Target.Tag = opt.Tag - break - } - } - return b.sink.Write(*manifestEvent) -} - -func (b *bridge) ManifestPulled(repo reference.Named, sm distribution.Manifest, options ...distribution.ManifestServiceOption) error { - manifestEvent, err := b.createManifestEvent(EventActionPull, repo, sm) - if err != nil { - return err - } - - for _, option := range options { - if opt, ok := option.(distribution.WithTagOption); ok { - manifestEvent.Target.Tag = opt.Tag - break - } - } - return b.sink.Write(*manifestEvent) -} - -func (b *bridge) ManifestDeleted(repo reference.Named, dgst digest.Digest) error { - return b.createManifestDeleteEventAndWrite(EventActionDelete, repo, dgst) -} - -func (b *bridge) BlobPushed(repo reference.Named, desc distribution.Descriptor) error { - return b.createBlobEventAndWrite(EventActionPush, repo, desc) -} - -func (b *bridge) BlobPulled(repo reference.Named, desc distribution.Descriptor) error { - return b.createBlobEventAndWrite(EventActionPull, repo, desc) -} - -func (b *bridge) BlobMounted(repo reference.Named, desc distribution.Descriptor, fromRepo reference.Named) error { - event, err := b.createBlobEvent(EventActionMount, repo, desc) - if err != nil { - return err - } - event.Target.FromRepository = fromRepo.Name() - return b.sink.Write(*event) -} - -func (b *bridge) BlobDeleted(repo reference.Named, dgst digest.Digest) error { - return b.createBlobDeleteEventAndWrite(EventActionDelete, repo, dgst) -} - -func (b *bridge) createManifestEventAndWrite(action string, repo reference.Named, sm distribution.Manifest) error { - manifestEvent, err := b.createManifestEvent(action, repo, sm) - if err != nil { - return err - } - - return b.sink.Write(*manifestEvent) -} - -func (b *bridge) createManifestDeleteEventAndWrite(action string, repo reference.Named, dgst digest.Digest) error { - event := b.createEvent(action) - event.Target.Repository = repo.Name() - event.Target.Digest = dgst - - return b.sink.Write(*event) -} - -func (b *bridge) createManifestEvent(action string, repo reference.Named, sm distribution.Manifest) (*Event, error) { - event := b.createEvent(action) - event.Target.Repository = repo.Name() - - mt, p, err := sm.Payload() - if err != nil { - return nil, err - } - - // Ensure we have the canonical manifest descriptor here - _, desc, err := distribution.UnmarshalManifest(mt, p) - if err != nil { - return nil, err - } - - event.Target.MediaType = mt - event.Target.Length = desc.Size - event.Target.Size = desc.Size - event.Target.Digest = desc.Digest - - ref, err := reference.WithDigest(repo, event.Target.Digest) - if err != nil { - return nil, err - } - - event.Target.URL, err = b.ub.BuildManifestURL(ref) - if err != nil { - return nil, err - } - - return event, nil -} - -func (b *bridge) createBlobDeleteEventAndWrite(action string, repo reference.Named, dgst digest.Digest) error { - event := b.createEvent(action) - event.Target.Digest = dgst - event.Target.Repository = repo.Name() - - return b.sink.Write(*event) -} - -func (b *bridge) createBlobEventAndWrite(action string, repo reference.Named, desc distribution.Descriptor) error { - event, err := b.createBlobEvent(action, repo, desc) - if err != nil { - return err - } - - return b.sink.Write(*event) -} - -func (b *bridge) createBlobEvent(action string, repo reference.Named, desc distribution.Descriptor) (*Event, error) { - event := b.createEvent(action) - event.Target.Descriptor = desc - event.Target.Length = desc.Size - event.Target.Repository = repo.Name() - - ref, err := reference.WithDigest(repo, desc.Digest) - if err != nil { - return nil, err - } - - event.Target.URL, err = b.ub.BuildBlobURL(ref) - if err != nil { - return nil, err - } - - return event, nil -} - -// createEvent creates an event with actor and source populated. -func (b *bridge) createEvent(action string) *Event { - event := createEvent(action) - event.Source = b.source - event.Actor = b.actor - event.Request = b.request - - return event -} - -// createEvent returns a new event, timestamped, with the specified action. -func createEvent(action string) *Event { - return &Event{ - ID: uuid.Generate().String(), - Timestamp: time.Now(), - Action: action, - } -} diff --git a/vendor/github.com/docker/distribution/notifications/bridge_test.go b/vendor/github.com/docker/distribution/notifications/bridge_test.go deleted file mode 100644 index 0f85791c..00000000 --- a/vendor/github.com/docker/distribution/notifications/bridge_test.go +++ /dev/null @@ -1,222 +0,0 @@ -package notifications - -import ( - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/uuid" - "github.com/docker/libtrust" -) - -var ( - // common environment for expected manifest events. - - repo = "test/repo" - source = SourceRecord{ - Addr: "remote.test", - InstanceID: uuid.Generate().String(), - } - ub = mustUB(v2.NewURLBuilderFromString("http://test.example.com/", false)) - - actor = ActorRecord{ - Name: "test", - } - request = RequestRecord{} - m = schema1.Manifest{ - Name: repo, - Tag: "latest", - } - - sm *schema1.SignedManifest - payload []byte - dgst digest.Digest -) - -func TestEventBridgeManifestPulled(t *testing.T) { - l := createTestEnv(t, testSinkFn(func(events ...Event) error { - checkCommonManifest(t, EventActionPull, events...) - - return nil - })) - - repoRef, _ := reference.ParseNamed(repo) - if err := l.ManifestPulled(repoRef, sm); err != nil { - t.Fatalf("unexpected error notifying manifest pull: %v", err) - } -} - -func TestEventBridgeManifestPushed(t *testing.T) { - l := createTestEnv(t, testSinkFn(func(events ...Event) error { - checkCommonManifest(t, EventActionPush, events...) - - return nil - })) - - repoRef, _ := reference.ParseNamed(repo) - if err := l.ManifestPushed(repoRef, sm); err != nil { - t.Fatalf("unexpected error notifying manifest pull: %v", err) - } -} - -func TestEventBridgeManifestPushedWithTag(t *testing.T) { - l := createTestEnv(t, testSinkFn(func(events ...Event) error { - checkCommonManifest(t, EventActionPush, events...) - if events[0].Target.Tag != "latest" { - t.Fatalf("missing or unexpected tag: %#v", events[0].Target) - } - - return nil - })) - - repoRef, _ := reference.ParseNamed(repo) - if err := l.ManifestPushed(repoRef, sm, distribution.WithTag(m.Tag)); err != nil { - t.Fatalf("unexpected error notifying manifest pull: %v", err) - } -} - -func TestEventBridgeManifestPulledWithTag(t *testing.T) { - l := createTestEnv(t, testSinkFn(func(events ...Event) error { - checkCommonManifest(t, EventActionPull, events...) - if events[0].Target.Tag != "latest" { - t.Fatalf("missing or unexpected tag: %#v", events[0].Target) - } - - return nil - })) - - repoRef, _ := reference.ParseNamed(repo) - if err := l.ManifestPulled(repoRef, sm, distribution.WithTag(m.Tag)); err != nil { - t.Fatalf("unexpected error notifying manifest pull: %v", err) - } -} - -func TestEventBridgeManifestDeleted(t *testing.T) { - l := createTestEnv(t, testSinkFn(func(events ...Event) error { - checkDeleted(t, EventActionDelete, events...) - return nil - })) - - repoRef, _ := reference.ParseNamed(repo) - if err := l.ManifestDeleted(repoRef, dgst); err != nil { - t.Fatalf("unexpected error notifying manifest pull: %v", err) - } -} - -func createTestEnv(t *testing.T, fn testSinkFn) Listener { - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("error generating private key: %v", err) - } - - sm, err = schema1.Sign(&m, pk) - if err != nil { - t.Fatalf("error signing manifest: %v", err) - } - - payload = sm.Canonical - dgst = digest.FromBytes(payload) - - return NewBridge(ub, source, actor, request, fn) -} - -func checkDeleted(t *testing.T, action string, events ...Event) { - if len(events) != 1 { - t.Fatalf("unexpected number of events: %v != 1", len(events)) - } - - event := events[0] - - if event.Source != source { - t.Fatalf("source not equal: %#v != %#v", event.Source, source) - } - - if event.Request != request { - t.Fatalf("request not equal: %#v != %#v", event.Request, request) - } - - if event.Actor != actor { - t.Fatalf("request not equal: %#v != %#v", event.Actor, actor) - } - - if event.Target.Digest != dgst { - t.Fatalf("unexpected digest on event target: %q != %q", event.Target.Digest, dgst) - } - - if event.Target.Repository != repo { - t.Fatalf("unexpected repository: %q != %q", event.Target.Repository, repo) - } - -} - -func checkCommonManifest(t *testing.T, action string, events ...Event) { - checkCommon(t, events...) - - event := events[0] - if event.Action != action { - t.Fatalf("unexpected event action: %q != %q", event.Action, action) - } - - repoRef, _ := reference.ParseNamed(repo) - ref, _ := reference.WithDigest(repoRef, dgst) - u, err := ub.BuildManifestURL(ref) - if err != nil { - t.Fatalf("error building expected url: %v", err) - } - - if event.Target.URL != u { - t.Fatalf("incorrect url passed: \n%q != \n%q", event.Target.URL, u) - } -} - -func checkCommon(t *testing.T, events ...Event) { - if len(events) != 1 { - t.Fatalf("unexpected number of events: %v != 1", len(events)) - } - - event := events[0] - - if event.Source != source { - t.Fatalf("source not equal: %#v != %#v", event.Source, source) - } - - if event.Request != request { - t.Fatalf("request not equal: %#v != %#v", event.Request, request) - } - - if event.Actor != actor { - t.Fatalf("request not equal: %#v != %#v", event.Actor, actor) - } - - if event.Target.Digest != dgst { - t.Fatalf("unexpected digest on event target: %q != %q", event.Target.Digest, dgst) - } - - if event.Target.Length != int64(len(payload)) { - t.Fatalf("unexpected target length: %v != %v", event.Target.Length, len(payload)) - } - - if event.Target.Repository != repo { - t.Fatalf("unexpected repository: %q != %q", event.Target.Repository, repo) - } - -} - -type testSinkFn func(events ...Event) error - -func (tsf testSinkFn) Write(events ...Event) error { - return tsf(events...) -} - -func (tsf testSinkFn) Close() error { return nil } - -func mustUB(ub *v2.URLBuilder, err error) *v2.URLBuilder { - if err != nil { - panic(err) - } - - return ub -} diff --git a/vendor/github.com/docker/distribution/notifications/endpoint.go b/vendor/github.com/docker/distribution/notifications/endpoint.go deleted file mode 100644 index 29a9e27b..00000000 --- a/vendor/github.com/docker/distribution/notifications/endpoint.go +++ /dev/null @@ -1,93 +0,0 @@ -package notifications - -import ( - "net/http" - "time" -) - -// EndpointConfig covers the optional configuration parameters for an active -// endpoint. -type EndpointConfig struct { - Headers http.Header - Timeout time.Duration - Threshold int - Backoff time.Duration - IgnoredMediaTypes []string - Transport *http.Transport -} - -// defaults set any zero-valued fields to a reasonable default. -func (ec *EndpointConfig) defaults() { - if ec.Timeout <= 0 { - ec.Timeout = time.Second - } - - if ec.Threshold <= 0 { - ec.Threshold = 10 - } - - if ec.Backoff <= 0 { - ec.Backoff = time.Second - } - - if ec.Transport == nil { - ec.Transport = http.DefaultTransport.(*http.Transport) - } -} - -// Endpoint is a reliable, queued, thread-safe sink that notify external http -// services when events are written. Writes are non-blocking and always -// succeed for callers but events may be queued internally. -type Endpoint struct { - Sink - url string - name string - - EndpointConfig - - metrics *safeMetrics -} - -// NewEndpoint returns a running endpoint, ready to receive events. -func NewEndpoint(name, url string, config EndpointConfig) *Endpoint { - var endpoint Endpoint - endpoint.name = name - endpoint.url = url - endpoint.EndpointConfig = config - endpoint.defaults() - endpoint.metrics = newSafeMetrics() - - // Configures the inmemory queue, retry, http pipeline. - endpoint.Sink = newHTTPSink( - endpoint.url, endpoint.Timeout, endpoint.Headers, - endpoint.Transport, endpoint.metrics.httpStatusListener()) - endpoint.Sink = newRetryingSink(endpoint.Sink, endpoint.Threshold, endpoint.Backoff) - endpoint.Sink = newEventQueue(endpoint.Sink, endpoint.metrics.eventQueueListener()) - endpoint.Sink = newIgnoredMediaTypesSink(endpoint.Sink, config.IgnoredMediaTypes) - - register(&endpoint) - return &endpoint -} - -// Name returns the name of the endpoint, generally used for debugging. -func (e *Endpoint) Name() string { - return e.name -} - -// URL returns the url of the endpoint. -func (e *Endpoint) URL() string { - return e.url -} - -// ReadMetrics populates em with metrics from the endpoint. -func (e *Endpoint) ReadMetrics(em *EndpointMetrics) { - e.metrics.Lock() - defer e.metrics.Unlock() - - *em = e.metrics.EndpointMetrics - // Map still need to copied in a threadsafe manner. - em.Statuses = make(map[string]int) - for k, v := range e.metrics.Statuses { - em.Statuses[k] = v - } -} diff --git a/vendor/github.com/docker/distribution/notifications/event.go b/vendor/github.com/docker/distribution/notifications/event.go deleted file mode 100644 index b59a72be..00000000 --- a/vendor/github.com/docker/distribution/notifications/event.go +++ /dev/null @@ -1,160 +0,0 @@ -package notifications - -import ( - "fmt" - "time" - - "github.com/docker/distribution" -) - -// EventAction constants used in action field of Event. -const ( - EventActionPull = "pull" - EventActionPush = "push" - EventActionMount = "mount" - EventActionDelete = "delete" -) - -const ( - // EventsMediaType is the mediatype for the json event envelope. If the - // Event, ActorRecord, SourceRecord or Envelope structs change, the version - // number should be incremented. - EventsMediaType = "application/vnd.docker.distribution.events.v1+json" - // LayerMediaType is the media type for image rootfs diffs (aka "layers") - // used by Docker. We don't expect this to change for quite a while. - layerMediaType = "application/vnd.docker.container.image.rootfs.diff+x-gtar" -) - -// Envelope defines the fields of a json event envelope message that can hold -// one or more events. -type Envelope struct { - // Events make up the contents of the envelope. Events present in a single - // envelope are not necessarily related. - Events []Event `json:"events,omitempty"` -} - -// TODO(stevvooe): The event type should be separate from the json format. It -// should be defined as an interface. Leaving as is for now since we don't -// need that at this time. If we make this change, the struct below would be -// called "EventRecord". - -// Event provides the fields required to describe a registry event. -type Event struct { - // ID provides a unique identifier for the event. - ID string `json:"id,omitempty"` - - // Timestamp is the time at which the event occurred. - Timestamp time.Time `json:"timestamp,omitempty"` - - // Action indicates what action encompasses the provided event. - Action string `json:"action,omitempty"` - - // Target uniquely describes the target of the event. - Target struct { - // TODO(stevvooe): Use http.DetectContentType for layers, maybe. - - distribution.Descriptor - - // Length in bytes of content. Same as Size field in Descriptor. - // Provided for backwards compatibility. - Length int64 `json:"length,omitempty"` - - // Repository identifies the named repository. - Repository string `json:"repository,omitempty"` - - // FromRepository identifies the named repository which a blob was mounted - // from if appropriate. - FromRepository string `json:"fromRepository,omitempty"` - - // URL provides a direct link to the content. - URL string `json:"url,omitempty"` - - // Tag provides the tag - Tag string `json:"tag,omitempty"` - } `json:"target,omitempty"` - - // Request covers the request that generated the event. - Request RequestRecord `json:"request,omitempty"` - - // Actor specifies the agent that initiated the event. For most - // situations, this could be from the authorizaton context of the request. - Actor ActorRecord `json:"actor,omitempty"` - - // Source identifies the registry node that generated the event. Put - // differently, while the actor "initiates" the event, the source - // "generates" it. - Source SourceRecord `json:"source,omitempty"` -} - -// ActorRecord specifies the agent that initiated the event. For most -// situations, this could be from the authorizaton context of the request. -// Data in this record can refer to both the initiating client and the -// generating request. -type ActorRecord struct { - // Name corresponds to the subject or username associated with the - // request context that generated the event. - Name string `json:"name,omitempty"` - - // TODO(stevvooe): Look into setting a session cookie to get this - // without docker daemon. - // SessionID - - // TODO(stevvooe): Push the "Docker-Command" header to replace cookie and - // get the actual command. - // Command -} - -// RequestRecord covers the request that generated the event. -type RequestRecord struct { - // ID uniquely identifies the request that initiated the event. - ID string `json:"id"` - - // Addr contains the ip or hostname and possibly port of the client - // connection that initiated the event. This is the RemoteAddr from - // the standard http request. - Addr string `json:"addr,omitempty"` - - // Host is the externally accessible host name of the registry instance, - // as specified by the http host header on incoming requests. - Host string `json:"host,omitempty"` - - // Method has the request method that generated the event. - Method string `json:"method"` - - // UserAgent contains the user agent header of the request. - UserAgent string `json:"useragent"` -} - -// SourceRecord identifies the registry node that generated the event. Put -// differently, while the actor "initiates" the event, the source "generates" -// it. -type SourceRecord struct { - // Addr contains the ip or hostname and the port of the registry node - // that generated the event. Generally, this will be resolved by - // os.Hostname() along with the running port. - Addr string `json:"addr,omitempty"` - - // InstanceID identifies a running instance of an application. Changes - // after each restart. - InstanceID string `json:"instanceID,omitempty"` -} - -var ( - // ErrSinkClosed is returned if a write is issued to a sink that has been - // closed. If encountered, the error should be considered terminal and - // retries will not be successful. - ErrSinkClosed = fmt.Errorf("sink: closed") -) - -// Sink accepts and sends events. -type Sink interface { - // Write writes one or more events to the sink. If no error is returned, - // the caller will assume that all events have been committed and will not - // try to send them again. If an error is received, the caller may retry - // sending the event. The caller should cede the slice of memory to the - // sink and not modify it after calling this method. - Write(events ...Event) error - - // Close the sink, possibly waiting for pending events to flush. - Close() error -} diff --git a/vendor/github.com/docker/distribution/notifications/event_test.go b/vendor/github.com/docker/distribution/notifications/event_test.go deleted file mode 100644 index 0981a7ad..00000000 --- a/vendor/github.com/docker/distribution/notifications/event_test.go +++ /dev/null @@ -1,157 +0,0 @@ -package notifications - -import ( - "encoding/json" - "strings" - "testing" - "time" - - "github.com/docker/distribution/manifest/schema1" -) - -// TestEventJSONFormat provides silly test to detect if the event format or -// envelope has changed. If this code fails, the revision of the protocol may -// need to be incremented. -func TestEventEnvelopeJSONFormat(t *testing.T) { - var expected = strings.TrimSpace(` -{ - "events": [ - { - "id": "asdf-asdf-asdf-asdf-0", - "timestamp": "2006-01-02T15:04:05Z", - "action": "push", - "target": { - "mediaType": "application/vnd.docker.distribution.manifest.v1+prettyjws", - "size": 1, - "digest": "sha256:0123456789abcdef0", - "length": 1, - "repository": "library/test", - "url": "http://example.com/v2/library/test/manifests/latest" - }, - "request": { - "id": "asdfasdf", - "addr": "client.local", - "host": "registrycluster.local", - "method": "PUT", - "useragent": "test/0.1" - }, - "actor": { - "name": "test-actor" - }, - "source": { - "addr": "hostname.local:port" - } - }, - { - "id": "asdf-asdf-asdf-asdf-1", - "timestamp": "2006-01-02T15:04:05Z", - "action": "push", - "target": { - "mediaType": "application/vnd.docker.container.image.rootfs.diff+x-gtar", - "size": 2, - "digest": "sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5", - "length": 2, - "repository": "library/test", - "url": "http://example.com/v2/library/test/manifests/latest" - }, - "request": { - "id": "asdfasdf", - "addr": "client.local", - "host": "registrycluster.local", - "method": "PUT", - "useragent": "test/0.1" - }, - "actor": { - "name": "test-actor" - }, - "source": { - "addr": "hostname.local:port" - } - }, - { - "id": "asdf-asdf-asdf-asdf-2", - "timestamp": "2006-01-02T15:04:05Z", - "action": "push", - "target": { - "mediaType": "application/vnd.docker.container.image.rootfs.diff+x-gtar", - "size": 3, - "digest": "sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d6", - "length": 3, - "repository": "library/test", - "url": "http://example.com/v2/library/test/manifests/latest" - }, - "request": { - "id": "asdfasdf", - "addr": "client.local", - "host": "registrycluster.local", - "method": "PUT", - "useragent": "test/0.1" - }, - "actor": { - "name": "test-actor" - }, - "source": { - "addr": "hostname.local:port" - } - } - ] -} - `) - - tm, err := time.Parse(time.RFC3339, time.RFC3339[:len(time.RFC3339)-5]) - if err != nil { - t.Fatalf("error creating time: %v", err) - } - - var prototype Event - prototype.Action = EventActionPush - prototype.Timestamp = tm - prototype.Actor.Name = "test-actor" - prototype.Request.ID = "asdfasdf" - prototype.Request.Addr = "client.local" - prototype.Request.Host = "registrycluster.local" - prototype.Request.Method = "PUT" - prototype.Request.UserAgent = "test/0.1" - prototype.Source.Addr = "hostname.local:port" - - var manifestPush Event - manifestPush = prototype - manifestPush.ID = "asdf-asdf-asdf-asdf-0" - manifestPush.Target.Digest = "sha256:0123456789abcdef0" - manifestPush.Target.Length = 1 - manifestPush.Target.Size = 1 - manifestPush.Target.MediaType = schema1.MediaTypeSignedManifest - manifestPush.Target.Repository = "library/test" - manifestPush.Target.URL = "http://example.com/v2/library/test/manifests/latest" - - var layerPush0 Event - layerPush0 = prototype - layerPush0.ID = "asdf-asdf-asdf-asdf-1" - layerPush0.Target.Digest = "sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5" - layerPush0.Target.Length = 2 - layerPush0.Target.Size = 2 - layerPush0.Target.MediaType = layerMediaType - layerPush0.Target.Repository = "library/test" - layerPush0.Target.URL = "http://example.com/v2/library/test/manifests/latest" - - var layerPush1 Event - layerPush1 = prototype - layerPush1.ID = "asdf-asdf-asdf-asdf-2" - layerPush1.Target.Digest = "sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d6" - layerPush1.Target.Length = 3 - layerPush1.Target.Size = 3 - layerPush1.Target.MediaType = layerMediaType - layerPush1.Target.Repository = "library/test" - layerPush1.Target.URL = "http://example.com/v2/library/test/manifests/latest" - - var envelope Envelope - envelope.Events = append(envelope.Events, manifestPush, layerPush0, layerPush1) - - p, err := json.MarshalIndent(envelope, "", " ") - if err != nil { - t.Fatalf("unexpected error marshaling envelope: %v", err) - } - if string(p) != expected { - t.Fatalf("format has changed\n%s\n != \n%s", string(p), expected) - } -} diff --git a/vendor/github.com/docker/distribution/notifications/http.go b/vendor/github.com/docker/distribution/notifications/http.go deleted file mode 100644 index 15751619..00000000 --- a/vendor/github.com/docker/distribution/notifications/http.go +++ /dev/null @@ -1,150 +0,0 @@ -package notifications - -import ( - "bytes" - "encoding/json" - "fmt" - "net/http" - "sync" - "time" -) - -// httpSink implements a single-flight, http notification endpoint. This is -// very lightweight in that it only makes an attempt at an http request. -// Reliability should be provided by the caller. -type httpSink struct { - url string - - mu sync.Mutex - closed bool - client *http.Client - listeners []httpStatusListener - - // TODO(stevvooe): Allow one to configure the media type accepted by this - // sink and choose the serialization based on that. -} - -// newHTTPSink returns an unreliable, single-flight http sink. Wrap in other -// sinks for increased reliability. -func newHTTPSink(u string, timeout time.Duration, headers http.Header, transport *http.Transport, listeners ...httpStatusListener) *httpSink { - if transport == nil { - transport = http.DefaultTransport.(*http.Transport) - } - return &httpSink{ - url: u, - listeners: listeners, - client: &http.Client{ - Transport: &headerRoundTripper{ - Transport: transport, - headers: headers, - }, - Timeout: timeout, - }, - } -} - -// httpStatusListener is called on various outcomes of sending notifications. -type httpStatusListener interface { - success(status int, events ...Event) - failure(status int, events ...Event) - err(err error, events ...Event) -} - -// Accept makes an attempt to notify the endpoint, returning an error if it -// fails. It is the caller's responsibility to retry on error. The events are -// accepted or rejected as a group. -func (hs *httpSink) Write(events ...Event) error { - hs.mu.Lock() - defer hs.mu.Unlock() - defer hs.client.Transport.(*headerRoundTripper).CloseIdleConnections() - - if hs.closed { - return ErrSinkClosed - } - - envelope := Envelope{ - Events: events, - } - - // TODO(stevvooe): It is not ideal to keep re-encoding the request body on - // retry but we are going to do it to keep the code simple. It is likely - // we could change the event struct to manage its own buffer. - - p, err := json.MarshalIndent(envelope, "", " ") - if err != nil { - for _, listener := range hs.listeners { - listener.err(err, events...) - } - return fmt.Errorf("%v: error marshaling event envelope: %v", hs, err) - } - - body := bytes.NewReader(p) - resp, err := hs.client.Post(hs.url, EventsMediaType, body) - if err != nil { - for _, listener := range hs.listeners { - listener.err(err, events...) - } - - return fmt.Errorf("%v: error posting: %v", hs, err) - } - defer resp.Body.Close() - - // The notifier will treat any 2xx or 3xx response as accepted by the - // endpoint. - switch { - case resp.StatusCode >= 200 && resp.StatusCode < 400: - for _, listener := range hs.listeners { - listener.success(resp.StatusCode, events...) - } - - // TODO(stevvooe): This is a little accepting: we may want to support - // unsupported media type responses with retries using the correct - // media type. There may also be cases that will never work. - - return nil - default: - for _, listener := range hs.listeners { - listener.failure(resp.StatusCode, events...) - } - return fmt.Errorf("%v: response status %v unaccepted", hs, resp.Status) - } -} - -// Close the endpoint -func (hs *httpSink) Close() error { - hs.mu.Lock() - defer hs.mu.Unlock() - - if hs.closed { - return fmt.Errorf("httpsink: already closed") - } - - hs.closed = true - return nil -} - -func (hs *httpSink) String() string { - return fmt.Sprintf("httpSink{%s}", hs.url) -} - -type headerRoundTripper struct { - *http.Transport // must be transport to support CancelRequest - headers http.Header -} - -func (hrt *headerRoundTripper) RoundTrip(req *http.Request) (*http.Response, error) { - var nreq http.Request - nreq = *req - nreq.Header = make(http.Header) - - merge := func(headers http.Header) { - for k, v := range headers { - nreq.Header[k] = append(nreq.Header[k], v...) - } - } - - merge(req.Header) - merge(hrt.headers) - - return hrt.Transport.RoundTrip(&nreq) -} diff --git a/vendor/github.com/docker/distribution/notifications/http_test.go b/vendor/github.com/docker/distribution/notifications/http_test.go deleted file mode 100644 index e0469362..00000000 --- a/vendor/github.com/docker/distribution/notifications/http_test.go +++ /dev/null @@ -1,185 +0,0 @@ -package notifications - -import ( - "crypto/tls" - "encoding/json" - "fmt" - "mime" - "net/http" - "net/http/httptest" - "reflect" - "strconv" - "strings" - "testing" - - "github.com/docker/distribution/manifest/schema1" -) - -// TestHTTPSink mocks out an http endpoint and notifies it under a couple of -// conditions, ensuring correct behavior. -func TestHTTPSink(t *testing.T) { - serverHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - defer r.Body.Close() - if r.Method != "POST" { - w.WriteHeader(http.StatusMethodNotAllowed) - t.Fatalf("unexpected request method: %v", r.Method) - return - } - - // Extract the content type and make sure it matches - contentType := r.Header.Get("Content-Type") - mediaType, _, err := mime.ParseMediaType(contentType) - if err != nil { - w.WriteHeader(http.StatusBadRequest) - t.Fatalf("error parsing media type: %v, contenttype=%q", err, contentType) - return - } - - if mediaType != EventsMediaType { - w.WriteHeader(http.StatusUnsupportedMediaType) - t.Fatalf("incorrect media type: %q != %q", mediaType, EventsMediaType) - return - } - - var envelope Envelope - dec := json.NewDecoder(r.Body) - if err := dec.Decode(&envelope); err != nil { - w.WriteHeader(http.StatusBadRequest) - t.Fatalf("error decoding request body: %v", err) - return - } - - // Let caller choose the status - status, err := strconv.Atoi(r.FormValue("status")) - if err != nil { - t.Logf("error parsing status: %v", err) - - // May just be empty, set status to 200 - status = http.StatusOK - } - - w.WriteHeader(status) - }) - server := httptest.NewTLSServer(serverHandler) - - metrics := newSafeMetrics() - sink := newHTTPSink(server.URL, 0, nil, nil, - &endpointMetricsHTTPStatusListener{safeMetrics: metrics}) - - // first make sure that the default transport gives x509 untrusted cert error - events := []Event{} - err := sink.Write(events...) - if !strings.Contains(err.Error(), "x509") { - t.Fatal("TLS server with default transport should give unknown CA error") - } - if err := sink.Close(); err != nil { - t.Fatalf("unexpected error closing http sink: %v", err) - } - - // make sure that passing in the transport no longer gives this error - tr := &http.Transport{ - TLSClientConfig: &tls.Config{InsecureSkipVerify: true}, - } - sink = newHTTPSink(server.URL, 0, nil, tr, - &endpointMetricsHTTPStatusListener{safeMetrics: metrics}) - err = sink.Write(events...) - if err != nil { - t.Fatalf("unexpected error writing events: %v", err) - } - - // reset server to standard http server and sink to a basic sink - server = httptest.NewServer(serverHandler) - sink = newHTTPSink(server.URL, 0, nil, nil, - &endpointMetricsHTTPStatusListener{safeMetrics: metrics}) - var expectedMetrics EndpointMetrics - expectedMetrics.Statuses = make(map[string]int) - - for _, tc := range []struct { - events []Event // events to send - url string - failure bool // true if there should be a failure. - statusCode int // if not set, no status code should be incremented. - }{ - { - statusCode: http.StatusOK, - events: []Event{ - createTestEvent("push", "library/test", schema1.MediaTypeSignedManifest)}, - }, - { - statusCode: http.StatusOK, - events: []Event{ - createTestEvent("push", "library/test", schema1.MediaTypeSignedManifest), - createTestEvent("push", "library/test", layerMediaType), - createTestEvent("push", "library/test", layerMediaType), - }, - }, - { - statusCode: http.StatusTemporaryRedirect, - }, - { - statusCode: http.StatusBadRequest, - failure: true, - }, - { - // Case where connection never goes through. - url: "http://shoudlntresolve/", - failure: true, - }, - } { - - if tc.failure { - expectedMetrics.Failures += len(tc.events) - } else { - expectedMetrics.Successes += len(tc.events) - } - - if tc.statusCode > 0 { - expectedMetrics.Statuses[fmt.Sprintf("%d %s", tc.statusCode, http.StatusText(tc.statusCode))] += len(tc.events) - } - - url := tc.url - if url == "" { - url = server.URL + "/" - } - // setup endpoint to respond with expected status code. - url += fmt.Sprintf("?status=%v", tc.statusCode) - sink.url = url - - t.Logf("testcase: %v, fail=%v", url, tc.failure) - // Try a simple event emission. - err := sink.Write(tc.events...) - - if !tc.failure { - if err != nil { - t.Fatalf("unexpected error send event: %v", err) - } - } else { - if err == nil { - t.Fatalf("the endpoint should have rejected the request") - } - } - - if !reflect.DeepEqual(metrics.EndpointMetrics, expectedMetrics) { - t.Fatalf("metrics not as expected: %#v != %#v", metrics.EndpointMetrics, expectedMetrics) - } - } - - if err := sink.Close(); err != nil { - t.Fatalf("unexpected error closing http sink: %v", err) - } - - // double close returns error - if err := sink.Close(); err == nil { - t.Fatalf("second close should have returned error: %v", err) - } - -} - -func createTestEvent(action, repo, typ string) Event { - event := createEvent(action) - - event.Target.MediaType = typ - event.Target.Repository = repo - - return *event -} diff --git a/vendor/github.com/docker/distribution/notifications/listener.go b/vendor/github.com/docker/distribution/notifications/listener.go deleted file mode 100644 index c968b98a..00000000 --- a/vendor/github.com/docker/distribution/notifications/listener.go +++ /dev/null @@ -1,215 +0,0 @@ -package notifications - -import ( - "net/http" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" -) - -// ManifestListener describes a set of methods for listening to events related to manifests. -type ManifestListener interface { - ManifestPushed(repo reference.Named, sm distribution.Manifest, options ...distribution.ManifestServiceOption) error - ManifestPulled(repo reference.Named, sm distribution.Manifest, options ...distribution.ManifestServiceOption) error - ManifestDeleted(repo reference.Named, dgst digest.Digest) error -} - -// BlobListener describes a listener that can respond to layer related events. -type BlobListener interface { - BlobPushed(repo reference.Named, desc distribution.Descriptor) error - BlobPulled(repo reference.Named, desc distribution.Descriptor) error - BlobMounted(repo reference.Named, desc distribution.Descriptor, fromRepo reference.Named) error - BlobDeleted(repo reference.Named, desc digest.Digest) error -} - -// Listener combines all repository events into a single interface. -type Listener interface { - ManifestListener - BlobListener -} - -type repositoryListener struct { - distribution.Repository - listener Listener -} - -// Listen dispatches events on the repository to the listener. -func Listen(repo distribution.Repository, listener Listener) distribution.Repository { - return &repositoryListener{ - Repository: repo, - listener: listener, - } -} - -func (rl *repositoryListener) Manifests(ctx context.Context, options ...distribution.ManifestServiceOption) (distribution.ManifestService, error) { - manifests, err := rl.Repository.Manifests(ctx, options...) - if err != nil { - return nil, err - } - return &manifestServiceListener{ - ManifestService: manifests, - parent: rl, - }, nil -} - -func (rl *repositoryListener) Blobs(ctx context.Context) distribution.BlobStore { - return &blobServiceListener{ - BlobStore: rl.Repository.Blobs(ctx), - parent: rl, - } -} - -type manifestServiceListener struct { - distribution.ManifestService - parent *repositoryListener -} - -func (msl *manifestServiceListener) Delete(ctx context.Context, dgst digest.Digest) error { - err := msl.ManifestService.Delete(ctx, dgst) - if err == nil { - if err := msl.parent.listener.ManifestDeleted(msl.parent.Repository.Named(), dgst); err != nil { - context.GetLogger(ctx).Errorf("error dispatching manifest delete to listener: %v", err) - } - } - - return err -} - -func (msl *manifestServiceListener) Get(ctx context.Context, dgst digest.Digest, options ...distribution.ManifestServiceOption) (distribution.Manifest, error) { - sm, err := msl.ManifestService.Get(ctx, dgst, options...) - if err == nil { - if err := msl.parent.listener.ManifestPulled(msl.parent.Repository.Named(), sm, options...); err != nil { - context.GetLogger(ctx).Errorf("error dispatching manifest pull to listener: %v", err) - } - } - - return sm, err -} - -func (msl *manifestServiceListener) Put(ctx context.Context, sm distribution.Manifest, options ...distribution.ManifestServiceOption) (digest.Digest, error) { - dgst, err := msl.ManifestService.Put(ctx, sm, options...) - - if err == nil { - if err := msl.parent.listener.ManifestPushed(msl.parent.Repository.Named(), sm, options...); err != nil { - context.GetLogger(ctx).Errorf("error dispatching manifest push to listener: %v", err) - } - } - - return dgst, err -} - -type blobServiceListener struct { - distribution.BlobStore - parent *repositoryListener -} - -var _ distribution.BlobStore = &blobServiceListener{} - -func (bsl *blobServiceListener) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - p, err := bsl.BlobStore.Get(ctx, dgst) - if err == nil { - if desc, err := bsl.Stat(ctx, dgst); err != nil { - context.GetLogger(ctx).Errorf("error resolving descriptor in ServeBlob listener: %v", err) - } else { - if err := bsl.parent.listener.BlobPulled(bsl.parent.Repository.Named(), desc); err != nil { - context.GetLogger(ctx).Errorf("error dispatching layer pull to listener: %v", err) - } - } - } - - return p, err -} - -func (bsl *blobServiceListener) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - rc, err := bsl.BlobStore.Open(ctx, dgst) - if err == nil { - if desc, err := bsl.Stat(ctx, dgst); err != nil { - context.GetLogger(ctx).Errorf("error resolving descriptor in ServeBlob listener: %v", err) - } else { - if err := bsl.parent.listener.BlobPulled(bsl.parent.Repository.Named(), desc); err != nil { - context.GetLogger(ctx).Errorf("error dispatching layer pull to listener: %v", err) - } - } - } - - return rc, err -} - -func (bsl *blobServiceListener) ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error { - err := bsl.BlobStore.ServeBlob(ctx, w, r, dgst) - if err == nil { - if desc, err := bsl.Stat(ctx, dgst); err != nil { - context.GetLogger(ctx).Errorf("error resolving descriptor in ServeBlob listener: %v", err) - } else { - if err := bsl.parent.listener.BlobPulled(bsl.parent.Repository.Named(), desc); err != nil { - context.GetLogger(ctx).Errorf("error dispatching layer pull to listener: %v", err) - } - } - } - - return err -} - -func (bsl *blobServiceListener) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - desc, err := bsl.BlobStore.Put(ctx, mediaType, p) - if err == nil { - if err := bsl.parent.listener.BlobPushed(bsl.parent.Repository.Named(), desc); err != nil { - context.GetLogger(ctx).Errorf("error dispatching layer push to listener: %v", err) - } - } - - return desc, err -} - -func (bsl *blobServiceListener) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - wr, err := bsl.BlobStore.Create(ctx, options...) - switch err := err.(type) { - case distribution.ErrBlobMounted: - if err := bsl.parent.listener.BlobMounted(bsl.parent.Repository.Named(), err.Descriptor, err.From); err != nil { - context.GetLogger(ctx).Errorf("error dispatching blob mount to listener: %v", err) - } - return nil, err - } - return bsl.decorateWriter(wr), err -} - -func (bsl *blobServiceListener) Delete(ctx context.Context, dgst digest.Digest) error { - err := bsl.BlobStore.Delete(ctx, dgst) - if err == nil { - if err := bsl.parent.listener.BlobDeleted(bsl.parent.Repository.Named(), dgst); err != nil { - context.GetLogger(ctx).Errorf("error dispatching layer delete to listener: %v", err) - } - } - - return err -} - -func (bsl *blobServiceListener) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - wr, err := bsl.BlobStore.Resume(ctx, id) - return bsl.decorateWriter(wr), err -} - -func (bsl *blobServiceListener) decorateWriter(wr distribution.BlobWriter) distribution.BlobWriter { - return &blobWriterListener{ - BlobWriter: wr, - parent: bsl, - } -} - -type blobWriterListener struct { - distribution.BlobWriter - parent *blobServiceListener -} - -func (bwl *blobWriterListener) Commit(ctx context.Context, desc distribution.Descriptor) (distribution.Descriptor, error) { - committed, err := bwl.BlobWriter.Commit(ctx, desc) - if err == nil { - if err := bwl.parent.parent.listener.BlobPushed(bwl.parent.parent.Repository.Named(), committed); err != nil { - context.GetLogger(ctx).Errorf("error dispatching blob push to listener: %v", err) - } - } - - return committed, err -} diff --git a/vendor/github.com/docker/distribution/notifications/listener_test.go b/vendor/github.com/docker/distribution/notifications/listener_test.go deleted file mode 100644 index c7db5944..00000000 --- a/vendor/github.com/docker/distribution/notifications/listener_test.go +++ /dev/null @@ -1,205 +0,0 @@ -package notifications - -import ( - "io" - "reflect" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage" - "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver/inmemory" - "github.com/docker/distribution/testutil" - "github.com/docker/libtrust" -) - -func TestListener(t *testing.T) { - ctx := context.Background() - k, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - registry, err := storage.NewRegistry(ctx, inmemory.New(), storage.BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), storage.EnableDelete, storage.EnableRedirect, storage.Schema1SigningKey(k)) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - tl := &testListener{ - ops: make(map[string]int), - } - - repoRef, _ := reference.ParseNamed("foo/bar") - repository, err := registry.Repository(ctx, repoRef) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - repository = Listen(repository, tl) - - // Now take the registry through a number of operations - checkExerciseRepository(t, repository) - - expectedOps := map[string]int{ - "manifest:push": 1, - "manifest:pull": 1, - "manifest:delete": 1, - "layer:push": 2, - "layer:pull": 2, - "layer:delete": 2, - } - - if !reflect.DeepEqual(tl.ops, expectedOps) { - t.Fatalf("counts do not match:\n%v\n !=\n%v", tl.ops, expectedOps) - } - -} - -type testListener struct { - ops map[string]int -} - -func (tl *testListener) ManifestPushed(repo reference.Named, m distribution.Manifest, options ...distribution.ManifestServiceOption) error { - tl.ops["manifest:push"]++ - - return nil -} - -func (tl *testListener) ManifestPulled(repo reference.Named, m distribution.Manifest, options ...distribution.ManifestServiceOption) error { - tl.ops["manifest:pull"]++ - return nil -} - -func (tl *testListener) ManifestDeleted(repo reference.Named, d digest.Digest) error { - tl.ops["manifest:delete"]++ - return nil -} - -func (tl *testListener) BlobPushed(repo reference.Named, desc distribution.Descriptor) error { - tl.ops["layer:push"]++ - return nil -} - -func (tl *testListener) BlobPulled(repo reference.Named, desc distribution.Descriptor) error { - tl.ops["layer:pull"]++ - return nil -} - -func (tl *testListener) BlobMounted(repo reference.Named, desc distribution.Descriptor, fromRepo reference.Named) error { - tl.ops["layer:mount"]++ - return nil -} - -func (tl *testListener) BlobDeleted(repo reference.Named, d digest.Digest) error { - tl.ops["layer:delete"]++ - return nil -} - -// checkExerciseRegistry takes the registry through all of its operations, -// carrying out generic checks. -func checkExerciseRepository(t *testing.T, repository distribution.Repository) { - // TODO(stevvooe): This would be a nice testutil function. Basically, it - // takes the registry through a common set of operations. This could be - // used to make cross-cutting updates by changing internals that affect - // update counts. Basically, it would make writing tests a lot easier. - - ctx := context.Background() - tag := "thetag" - // todo: change this to use Builder - - m := schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: repository.Named().Name(), - Tag: tag, - } - - var blobDigests []digest.Digest - blobs := repository.Blobs(ctx) - for i := 0; i < 2; i++ { - rs, ds, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating test layer: %v", err) - } - dgst := digest.Digest(ds) - blobDigests = append(blobDigests, dgst) - - wr, err := blobs.Create(ctx) - if err != nil { - t.Fatalf("error creating layer upload: %v", err) - } - - // Use the resumes, as well! - wr, err = blobs.Resume(ctx, wr.ID()) - if err != nil { - t.Fatalf("error resuming layer upload: %v", err) - } - - io.Copy(wr, rs) - - if _, err := wr.Commit(ctx, distribution.Descriptor{Digest: dgst}); err != nil { - t.Fatalf("unexpected error finishing upload: %v", err) - } - - m.FSLayers = append(m.FSLayers, schema1.FSLayer{ - BlobSum: dgst, - }) - m.History = append(m.History, schema1.History{ - V1Compatibility: "", - }) - - // Then fetch the blobs - if rc, err := blobs.Open(ctx, dgst); err != nil { - t.Fatalf("error fetching layer: %v", err) - } else { - defer rc.Close() - } - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating key: %v", err) - } - - sm, err := schema1.Sign(&m, pk) - if err != nil { - t.Fatalf("unexpected error signing manifest: %v", err) - } - - manifests, err := repository.Manifests(ctx) - if err != nil { - t.Fatal(err.Error()) - } - - var digestPut digest.Digest - if digestPut, err = manifests.Put(ctx, sm); err != nil { - t.Fatalf("unexpected error putting the manifest: %v", err) - } - - dgst := digest.FromBytes(sm.Canonical) - if dgst != digestPut { - t.Fatalf("mismatching digest from payload and put") - } - - _, err = manifests.Get(ctx, dgst) - if err != nil { - t.Fatalf("unexpected error fetching manifest: %v", err) - } - - err = manifests.Delete(ctx, dgst) - if err != nil { - t.Fatalf("unexpected error deleting blob: %v", err) - } - - for _, d := range blobDigests { - err = blobs.Delete(ctx, d) - if err != nil { - t.Fatalf("unexpected error deleting blob: %v", err) - } - - } -} diff --git a/vendor/github.com/docker/distribution/notifications/metrics.go b/vendor/github.com/docker/distribution/notifications/metrics.go deleted file mode 100644 index a20af168..00000000 --- a/vendor/github.com/docker/distribution/notifications/metrics.go +++ /dev/null @@ -1,152 +0,0 @@ -package notifications - -import ( - "expvar" - "fmt" - "net/http" - "sync" -) - -// EndpointMetrics track various actions taken by the endpoint, typically by -// number of events. The goal of this to export it via expvar but we may find -// some other future solution to be better. -type EndpointMetrics struct { - Pending int // events pending in queue - Events int // total events incoming - Successes int // total events written successfully - Failures int // total events failed - Errors int // total events errored - Statuses map[string]int // status code histogram, per call event -} - -// safeMetrics guards the metrics implementation with a lock and provides a -// safe update function. -type safeMetrics struct { - EndpointMetrics - sync.Mutex // protects statuses map -} - -// newSafeMetrics returns safeMetrics with map allocated. -func newSafeMetrics() *safeMetrics { - var sm safeMetrics - sm.Statuses = make(map[string]int) - return &sm -} - -// httpStatusListener returns the listener for the http sink that updates the -// relevant counters. -func (sm *safeMetrics) httpStatusListener() httpStatusListener { - return &endpointMetricsHTTPStatusListener{ - safeMetrics: sm, - } -} - -// eventQueueListener returns a listener that maintains queue related counters. -func (sm *safeMetrics) eventQueueListener() eventQueueListener { - return &endpointMetricsEventQueueListener{ - safeMetrics: sm, - } -} - -// endpointMetricsHTTPStatusListener increments counters related to http sinks -// for the relevant events. -type endpointMetricsHTTPStatusListener struct { - *safeMetrics -} - -var _ httpStatusListener = &endpointMetricsHTTPStatusListener{} - -func (emsl *endpointMetricsHTTPStatusListener) success(status int, events ...Event) { - emsl.safeMetrics.Lock() - defer emsl.safeMetrics.Unlock() - emsl.Statuses[fmt.Sprintf("%d %s", status, http.StatusText(status))] += len(events) - emsl.Successes += len(events) -} - -func (emsl *endpointMetricsHTTPStatusListener) failure(status int, events ...Event) { - emsl.safeMetrics.Lock() - defer emsl.safeMetrics.Unlock() - emsl.Statuses[fmt.Sprintf("%d %s", status, http.StatusText(status))] += len(events) - emsl.Failures += len(events) -} - -func (emsl *endpointMetricsHTTPStatusListener) err(err error, events ...Event) { - emsl.safeMetrics.Lock() - defer emsl.safeMetrics.Unlock() - emsl.Errors += len(events) -} - -// endpointMetricsEventQueueListener maintains the incoming events counter and -// the queues pending count. -type endpointMetricsEventQueueListener struct { - *safeMetrics -} - -func (eqc *endpointMetricsEventQueueListener) ingress(events ...Event) { - eqc.Lock() - defer eqc.Unlock() - eqc.Events += len(events) - eqc.Pending += len(events) -} - -func (eqc *endpointMetricsEventQueueListener) egress(events ...Event) { - eqc.Lock() - defer eqc.Unlock() - eqc.Pending -= len(events) -} - -// endpoints is global registry of endpoints used to report metrics to expvar -var endpoints struct { - registered []*Endpoint - mu sync.Mutex -} - -// register places the endpoint into expvar so that stats are tracked. -func register(e *Endpoint) { - endpoints.mu.Lock() - defer endpoints.mu.Unlock() - - endpoints.registered = append(endpoints.registered, e) -} - -func init() { - // NOTE(stevvooe): Setup registry metrics structure to report to expvar. - // Ideally, we do more metrics through logging but we need some nice - // realtime metrics for queue state for now. - - registry := expvar.Get("registry") - - if registry == nil { - registry = expvar.NewMap("registry") - } - - var notifications expvar.Map - notifications.Init() - notifications.Set("endpoints", expvar.Func(func() interface{} { - endpoints.mu.Lock() - defer endpoints.mu.Unlock() - - var names []interface{} - for _, v := range endpoints.registered { - var epjson struct { - Name string `json:"name"` - URL string `json:"url"` - EndpointConfig - - Metrics EndpointMetrics - } - - epjson.Name = v.Name() - epjson.URL = v.URL() - epjson.EndpointConfig = v.EndpointConfig - - v.ReadMetrics(&epjson.Metrics) - - names = append(names, epjson) - } - - return names - })) - - registry.(*expvar.Map).Set("notifications", ¬ifications) -} diff --git a/vendor/github.com/docker/distribution/notifications/sinks.go b/vendor/github.com/docker/distribution/notifications/sinks.go deleted file mode 100644 index 549ba97e..00000000 --- a/vendor/github.com/docker/distribution/notifications/sinks.go +++ /dev/null @@ -1,375 +0,0 @@ -package notifications - -import ( - "container/list" - "fmt" - "sync" - "time" - - "github.com/Sirupsen/logrus" -) - -// NOTE(stevvooe): This file contains definitions for several utility sinks. -// Typically, the broadcaster is the only sink that should be required -// externally, but others are suitable for export if the need arises. Albeit, -// the tight integration with endpoint metrics should be removed. - -// Broadcaster sends events to multiple, reliable Sinks. The goal of this -// component is to dispatch events to configured endpoints. Reliability can be -// provided by wrapping incoming sinks. -type Broadcaster struct { - sinks []Sink - events chan []Event - closed chan chan struct{} -} - -// NewBroadcaster ... -// Add appends one or more sinks to the list of sinks. The broadcaster -// behavior will be affected by the properties of the sink. Generally, the -// sink should accept all messages and deal with reliability on its own. Use -// of EventQueue and RetryingSink should be used here. -func NewBroadcaster(sinks ...Sink) *Broadcaster { - b := Broadcaster{ - sinks: sinks, - events: make(chan []Event), - closed: make(chan chan struct{}), - } - - // Start the broadcaster - go b.run() - - return &b -} - -// Write accepts a block of events to be dispatched to all sinks. This method -// will never fail and should never block (hopefully!). The caller cedes the -// slice memory to the broadcaster and should not modify it after calling -// write. -func (b *Broadcaster) Write(events ...Event) error { - select { - case b.events <- events: - case <-b.closed: - return ErrSinkClosed - } - return nil -} - -// Close the broadcaster, ensuring that all messages are flushed to the -// underlying sink before returning. -func (b *Broadcaster) Close() error { - logrus.Infof("broadcaster: closing") - select { - case <-b.closed: - // already closed - return fmt.Errorf("broadcaster: already closed") - default: - // do a little chan handoff dance to synchronize closing - closed := make(chan struct{}) - b.closed <- closed - close(b.closed) - <-closed - return nil - } -} - -// run is the main broadcast loop, started when the broadcaster is created. -// Under normal conditions, it waits for events on the event channel. After -// Close is called, this goroutine will exit. -func (b *Broadcaster) run() { - for { - select { - case block := <-b.events: - for _, sink := range b.sinks { - if err := sink.Write(block...); err != nil { - logrus.Errorf("broadcaster: error writing events to %v, these events will be lost: %v", sink, err) - } - } - case closing := <-b.closed: - - // close all the underlying sinks - for _, sink := range b.sinks { - if err := sink.Close(); err != nil { - logrus.Errorf("broadcaster: error closing sink %v: %v", sink, err) - } - } - closing <- struct{}{} - - logrus.Debugf("broadcaster: closed") - return - } - } -} - -// eventQueue accepts all messages into a queue for asynchronous consumption -// by a sink. It is unbounded and thread safe but the sink must be reliable or -// events will be dropped. -type eventQueue struct { - sink Sink - events *list.List - listeners []eventQueueListener - cond *sync.Cond - mu sync.Mutex - closed bool -} - -// eventQueueListener is called when various events happen on the queue. -type eventQueueListener interface { - ingress(events ...Event) - egress(events ...Event) -} - -// newEventQueue returns a queue to the provided sink. If the updater is non- -// nil, it will be called to update pending metrics on ingress and egress. -func newEventQueue(sink Sink, listeners ...eventQueueListener) *eventQueue { - eq := eventQueue{ - sink: sink, - events: list.New(), - listeners: listeners, - } - - eq.cond = sync.NewCond(&eq.mu) - go eq.run() - return &eq -} - -// Write accepts the events into the queue, only failing if the queue has -// beend closed. -func (eq *eventQueue) Write(events ...Event) error { - eq.mu.Lock() - defer eq.mu.Unlock() - - if eq.closed { - return ErrSinkClosed - } - - for _, listener := range eq.listeners { - listener.ingress(events...) - } - eq.events.PushBack(events) - eq.cond.Signal() // signal waiters - - return nil -} - -// Close shutsdown the event queue, flushing -func (eq *eventQueue) Close() error { - eq.mu.Lock() - defer eq.mu.Unlock() - - if eq.closed { - return fmt.Errorf("eventqueue: already closed") - } - - // set closed flag - eq.closed = true - eq.cond.Signal() // signal flushes queue - eq.cond.Wait() // wait for signal from last flush - - return eq.sink.Close() -} - -// run is the main goroutine to flush events to the target sink. -func (eq *eventQueue) run() { - for { - block := eq.next() - - if block == nil { - return // nil block means event queue is closed. - } - - if err := eq.sink.Write(block...); err != nil { - logrus.Warnf("eventqueue: error writing events to %v, these events will be lost: %v", eq.sink, err) - } - - for _, listener := range eq.listeners { - listener.egress(block...) - } - } -} - -// next encompasses the critical section of the run loop. When the queue is -// empty, it will block on the condition. If new data arrives, it will wake -// and return a block. When closed, a nil slice will be returned. -func (eq *eventQueue) next() []Event { - eq.mu.Lock() - defer eq.mu.Unlock() - - for eq.events.Len() < 1 { - if eq.closed { - eq.cond.Broadcast() - return nil - } - - eq.cond.Wait() - } - - front := eq.events.Front() - block := front.Value.([]Event) - eq.events.Remove(front) - - return block -} - -// ignoredMediaTypesSink discards events with ignored target media types and -// passes the rest along. -type ignoredMediaTypesSink struct { - Sink - ignored map[string]bool -} - -func newIgnoredMediaTypesSink(sink Sink, ignored []string) Sink { - if len(ignored) == 0 { - return sink - } - - ignoredMap := make(map[string]bool) - for _, mediaType := range ignored { - ignoredMap[mediaType] = true - } - - return &ignoredMediaTypesSink{ - Sink: sink, - ignored: ignoredMap, - } -} - -// Write discards events with ignored target media types and passes the rest -// along. -func (imts *ignoredMediaTypesSink) Write(events ...Event) error { - var kept []Event - for _, e := range events { - if !imts.ignored[e.Target.MediaType] { - kept = append(kept, e) - } - } - if len(kept) == 0 { - return nil - } - return imts.Sink.Write(kept...) -} - -// retryingSink retries the write until success or an ErrSinkClosed is -// returned. Underlying sink must have p > 0 of succeeding or the sink will -// block. Internally, it is a circuit breaker retries to manage reset. -// Concurrent calls to a retrying sink are serialized through the sink, -// meaning that if one is in-flight, another will not proceed. -type retryingSink struct { - mu sync.Mutex - sink Sink - closed bool - - // circuit breaker heuristics - failures struct { - threshold int - recent int - last time.Time - backoff time.Duration // time after which we retry after failure. - } -} - -type retryingSinkListener interface { - active(events ...Event) - retry(events ...Event) -} - -// TODO(stevvooe): We are using circuit break here, which actually doesn't -// make a whole lot of sense for this use case, since we always retry. Move -// this to use bounded exponential backoff. - -// newRetryingSink returns a sink that will retry writes to a sink, backing -// off on failure. Parameters threshold and backoff adjust the behavior of the -// circuit breaker. -func newRetryingSink(sink Sink, threshold int, backoff time.Duration) *retryingSink { - rs := &retryingSink{ - sink: sink, - } - rs.failures.threshold = threshold - rs.failures.backoff = backoff - - return rs -} - -// Write attempts to flush the events to the downstream sink until it succeeds -// or the sink is closed. -func (rs *retryingSink) Write(events ...Event) error { - rs.mu.Lock() - defer rs.mu.Unlock() - -retry: - - if rs.closed { - return ErrSinkClosed - } - - if !rs.proceed() { - logrus.Warnf("%v encountered too many errors, backing off", rs.sink) - rs.wait(rs.failures.backoff) - goto retry - } - - if err := rs.write(events...); err != nil { - if err == ErrSinkClosed { - // terminal! - return err - } - - logrus.Errorf("retryingsink: error writing events: %v, retrying", err) - goto retry - } - - return nil -} - -// Close closes the sink and the underlying sink. -func (rs *retryingSink) Close() error { - rs.mu.Lock() - defer rs.mu.Unlock() - - if rs.closed { - return fmt.Errorf("retryingsink: already closed") - } - - rs.closed = true - return rs.sink.Close() -} - -// write provides a helper that dispatches failure and success properly. Used -// by write as the single-flight write call. -func (rs *retryingSink) write(events ...Event) error { - if err := rs.sink.Write(events...); err != nil { - rs.failure() - return err - } - - rs.reset() - return nil -} - -// wait backoff time against the sink, unlocking so others can proceed. Should -// only be called by methods that currently have the mutex. -func (rs *retryingSink) wait(backoff time.Duration) { - rs.mu.Unlock() - defer rs.mu.Lock() - - // backoff here - time.Sleep(backoff) -} - -// reset marks a successful call. -func (rs *retryingSink) reset() { - rs.failures.recent = 0 - rs.failures.last = time.Time{} -} - -// failure records a failure. -func (rs *retryingSink) failure() { - rs.failures.recent++ - rs.failures.last = time.Now().UTC() -} - -// proceed returns true if the call should proceed based on circuit breaker -// heuristics. -func (rs *retryingSink) proceed() bool { - return rs.failures.recent < rs.failures.threshold || - time.Now().UTC().After(rs.failures.last.Add(rs.failures.backoff)) -} diff --git a/vendor/github.com/docker/distribution/notifications/sinks_test.go b/vendor/github.com/docker/distribution/notifications/sinks_test.go deleted file mode 100644 index 1bfa12c6..00000000 --- a/vendor/github.com/docker/distribution/notifications/sinks_test.go +++ /dev/null @@ -1,256 +0,0 @@ -package notifications - -import ( - "fmt" - "math/rand" - "reflect" - "sync" - "time" - - "github.com/Sirupsen/logrus" - - "testing" -) - -func TestBroadcaster(t *testing.T) { - const nEvents = 1000 - var sinks []Sink - - for i := 0; i < 10; i++ { - sinks = append(sinks, &testSink{}) - } - - b := NewBroadcaster(sinks...) - - var block []Event - var wg sync.WaitGroup - for i := 1; i <= nEvents; i++ { - block = append(block, createTestEvent("push", "library/test", "blob")) - - if i%10 == 0 && i > 0 { - wg.Add(1) - go func(block ...Event) { - if err := b.Write(block...); err != nil { - t.Fatalf("error writing block of length %d: %v", len(block), err) - } - wg.Done() - }(block...) - - block = nil - } - } - - wg.Wait() // Wait until writes complete - checkClose(t, b) - - // Iterate through the sinks and check that they all have the expected length. - for _, sink := range sinks { - ts := sink.(*testSink) - ts.mu.Lock() - defer ts.mu.Unlock() - - if len(ts.events) != nEvents { - t.Fatalf("not all events ended up in testsink: len(testSink) == %d, not %d", len(ts.events), nEvents) - } - - if !ts.closed { - t.Fatalf("sink should have been closed") - } - } - -} - -func TestEventQueue(t *testing.T) { - const nevents = 1000 - var ts testSink - metrics := newSafeMetrics() - eq := newEventQueue( - // delayed sync simulates destination slower than channel comms - &delayedSink{ - Sink: &ts, - delay: time.Millisecond * 1, - }, metrics.eventQueueListener()) - - var wg sync.WaitGroup - var block []Event - for i := 1; i <= nevents; i++ { - block = append(block, createTestEvent("push", "library/test", "blob")) - if i%10 == 0 && i > 0 { - wg.Add(1) - go func(block ...Event) { - if err := eq.Write(block...); err != nil { - t.Fatalf("error writing event block: %v", err) - } - wg.Done() - }(block...) - - block = nil - } - } - - wg.Wait() - checkClose(t, eq) - - ts.mu.Lock() - defer ts.mu.Unlock() - metrics.Lock() - defer metrics.Unlock() - - if len(ts.events) != nevents { - t.Fatalf("events did not make it to the sink: %d != %d", len(ts.events), 1000) - } - - if !ts.closed { - t.Fatalf("sink should have been closed") - } - - if metrics.Events != nevents { - t.Fatalf("unexpected ingress count: %d != %d", metrics.Events, nevents) - } - - if metrics.Pending != 0 { - t.Fatalf("unexpected egress count: %d != %d", metrics.Pending, 0) - } -} - -func TestIgnoredMediaTypesSink(t *testing.T) { - blob := createTestEvent("push", "library/test", "blob") - manifest := createTestEvent("push", "library/test", "manifest") - - type testcase struct { - ignored []string - expected []Event - } - - cases := []testcase{ - {nil, []Event{blob, manifest}}, - {[]string{"other"}, []Event{blob, manifest}}, - {[]string{"blob"}, []Event{manifest}}, - {[]string{"blob", "manifest"}, nil}, - } - - for _, c := range cases { - ts := &testSink{} - s := newIgnoredMediaTypesSink(ts, c.ignored) - - if err := s.Write(blob, manifest); err != nil { - t.Fatalf("error writing event: %v", err) - } - - ts.mu.Lock() - if !reflect.DeepEqual(ts.events, c.expected) { - t.Fatalf("unexpected events: %#v != %#v", ts.events, c.expected) - } - ts.mu.Unlock() - } -} - -func TestRetryingSink(t *testing.T) { - - // Make a sync that fails most of the time, ensuring that all the events - // make it through. - var ts testSink - flaky := &flakySink{ - rate: 1.0, // start out always failing. - Sink: &ts, - } - s := newRetryingSink(flaky, 3, 10*time.Millisecond) - - var wg sync.WaitGroup - var block []Event - for i := 1; i <= 100; i++ { - block = append(block, createTestEvent("push", "library/test", "blob")) - - // Above 50, set the failure rate lower - if i > 50 { - s.mu.Lock() - flaky.rate = 0.90 - s.mu.Unlock() - } - - if i%10 == 0 && i > 0 { - wg.Add(1) - go func(block ...Event) { - defer wg.Done() - if err := s.Write(block...); err != nil { - t.Fatalf("error writing event block: %v", err) - } - }(block...) - - block = nil - } - } - - wg.Wait() - checkClose(t, s) - - ts.mu.Lock() - defer ts.mu.Unlock() - - if len(ts.events) != 100 { - t.Fatalf("events not propagated: %d != %d", len(ts.events), 100) - } -} - -type testSink struct { - events []Event - mu sync.Mutex - closed bool -} - -func (ts *testSink) Write(events ...Event) error { - ts.mu.Lock() - defer ts.mu.Unlock() - ts.events = append(ts.events, events...) - return nil -} - -func (ts *testSink) Close() error { - ts.mu.Lock() - defer ts.mu.Unlock() - ts.closed = true - - logrus.Infof("closing testSink") - return nil -} - -type delayedSink struct { - Sink - delay time.Duration -} - -func (ds *delayedSink) Write(events ...Event) error { - time.Sleep(ds.delay) - return ds.Sink.Write(events...) -} - -type flakySink struct { - Sink - rate float64 -} - -func (fs *flakySink) Write(events ...Event) error { - if rand.Float64() < fs.rate { - return fmt.Errorf("error writing %d events", len(events)) - } - - return fs.Sink.Write(events...) -} - -func checkClose(t *testing.T, sink Sink) { - if err := sink.Close(); err != nil { - t.Fatalf("unexpected error closing: %v", err) - } - - // second close should not crash but should return an error. - if err := sink.Close(); err == nil { - t.Fatalf("no error on double close") - } - - // Write after closed should be an error - if err := sink.Write([]Event{}...); err == nil { - t.Fatalf("write after closed did not have an error") - } else if err != ErrSinkClosed { - t.Fatalf("error should be ErrSinkClosed") - } -} diff --git a/vendor/github.com/docker/distribution/project/dev-image/Dockerfile b/vendor/github.com/docker/distribution/project/dev-image/Dockerfile deleted file mode 100644 index 1e2a8471..00000000 --- a/vendor/github.com/docker/distribution/project/dev-image/Dockerfile +++ /dev/null @@ -1,20 +0,0 @@ -FROM ubuntu:14.04 - -ENV GOLANG_VERSION 1.4rc1 -ENV GOPATH /var/cache/drone -ENV GOROOT /usr/local/go -ENV PATH $PATH:$GOROOT/bin:$GOPATH/bin - -ENV LANG C -ENV LC_ALL C - -RUN apt-get update && apt-get install -y \ - wget ca-certificates git mercurial bzr \ - --no-install-recommends \ - && rm -rf /var/lib/apt/lists/* - -RUN wget https://golang.org/dl/go$GOLANG_VERSION.linux-amd64.tar.gz --quiet && \ - tar -C /usr/local -xzf go$GOLANG_VERSION.linux-amd64.tar.gz && \ - rm go${GOLANG_VERSION}.linux-amd64.tar.gz - -RUN go get github.com/axw/gocov/gocov github.com/mattn/goveralls github.com/golang/lint/golint diff --git a/vendor/github.com/docker/distribution/project/hooks/README.md b/vendor/github.com/docker/distribution/project/hooks/README.md deleted file mode 100644 index eda88696..00000000 --- a/vendor/github.com/docker/distribution/project/hooks/README.md +++ /dev/null @@ -1,6 +0,0 @@ -Git Hooks -========= - -To enforce valid and properly-formatted code, there is CI in place which runs `gofmt`, `golint`, and `go vet` against code in the repository. - -As an aid to prevent committing invalid code in the first place, a git pre-commit hook has been added to the repository, found in [pre-commit](./pre-commit). As it is impossible to automatically add linked hooks to a git repository, this hook should be linked into your `.git/hooks/pre-commit`, which can be done by running the `configure-hooks.sh` script in this directory. This script is the preferred method of configuring hooks, as it will be updated as more are added. \ No newline at end of file diff --git a/vendor/github.com/docker/distribution/project/hooks/configure-hooks.sh b/vendor/github.com/docker/distribution/project/hooks/configure-hooks.sh deleted file mode 100755 index 6afea8a1..00000000 --- a/vendor/github.com/docker/distribution/project/hooks/configure-hooks.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh - -cd $(dirname $0) - -REPO_ROOT=$(git rev-parse --show-toplevel) -RESOLVE_REPO_ROOT_STATUS=$? -if [ "$RESOLVE_REPO_ROOT_STATUS" -ne "0" ]; then - echo -e "Unable to resolve repository root. Error:\n$REPO_ROOT" > /dev/stderr - exit $RESOLVE_REPO_ROOT_STATUS -fi - -set -e -set -x - -# Just in case the directory doesn't exist -mkdir -p $REPO_ROOT/.git/hooks - -ln -f -s $(pwd)/pre-commit $REPO_ROOT/.git/hooks/pre-commit \ No newline at end of file diff --git a/vendor/github.com/docker/distribution/project/hooks/pre-commit b/vendor/github.com/docker/distribution/project/hooks/pre-commit deleted file mode 100755 index 3ee2e913..00000000 --- a/vendor/github.com/docker/distribution/project/hooks/pre-commit +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh - -REPO_ROOT=$(git rev-parse --show-toplevel) -RESOLVE_REPO_ROOT_STATUS=$? -if [ "$RESOLVE_REPO_ROOT_STATUS" -ne "0" ]; then - printf "Unable to resolve repository root. Error:\n%s\n" "$RESOLVE_REPO_ROOT_STATUS" > /dev/stderr - exit $RESOLVE_REPO_ROOT_STATUS -fi - -cd $REPO_ROOT - -GOFMT_ERRORS=$(gofmt -s -l . 2>&1) -if [ -n "$GOFMT_ERRORS" ]; then - printf 'gofmt failed for the following files:\n%s\n\nPlease run "gofmt -s -l ." in the root of your repository before committing\n' "$GOFMT_ERRORS" > /dev/stderr - exit 1 -fi - -GOLINT_ERRORS=$(golint ./... 2>&1) -if [ -n "$GOLINT_ERRORS" ]; then - printf "golint failed with the following errors:\n%s\n" "$GOLINT_ERRORS" > /dev/stderr - exit 1 -fi - -GOVET_ERRORS=$(go vet ./... 2>&1) -GOVET_STATUS=$? -if [ "$GOVET_STATUS" -ne "0" ]; then - printf "govet failed with the following errors:\n%s\n" "$GOVET_ERRORS" > /dev/stderr - exit $GOVET_STATUS -fi diff --git a/vendor/github.com/docker/distribution/reference/reference.go b/vendor/github.com/docker/distribution/reference/reference.go deleted file mode 100644 index 02786628..00000000 --- a/vendor/github.com/docker/distribution/reference/reference.go +++ /dev/null @@ -1,370 +0,0 @@ -// Package reference provides a general type to represent any way of referencing images within the registry. -// Its main purpose is to abstract tags and digests (content-addressable hash). -// -// Grammar -// -// reference := name [ ":" tag ] [ "@" digest ] -// name := [hostname '/'] component ['/' component]* -// hostname := hostcomponent ['.' hostcomponent]* [':' port-number] -// hostcomponent := /([a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])/ -// port-number := /[0-9]+/ -// component := alpha-numeric [separator alpha-numeric]* -// alpha-numeric := /[a-z0-9]+/ -// separator := /[_.]|__|[-]*/ -// -// tag := /[\w][\w.-]{0,127}/ -// -// digest := digest-algorithm ":" digest-hex -// digest-algorithm := digest-algorithm-component [ digest-algorithm-separator digest-algorithm-component ] -// digest-algorithm-separator := /[+.-_]/ -// digest-algorithm-component := /[A-Za-z][A-Za-z0-9]*/ -// digest-hex := /[0-9a-fA-F]{32,}/ ; At least 128 bit digest value -package reference - -import ( - "errors" - "fmt" - "path" - "strings" - - "github.com/docker/distribution/digest" -) - -const ( - // NameTotalLengthMax is the maximum total number of characters in a repository name. - NameTotalLengthMax = 255 -) - -var ( - // ErrReferenceInvalidFormat represents an error while trying to parse a string as a reference. - ErrReferenceInvalidFormat = errors.New("invalid reference format") - - // ErrTagInvalidFormat represents an error while trying to parse a string as a tag. - ErrTagInvalidFormat = errors.New("invalid tag format") - - // ErrDigestInvalidFormat represents an error while trying to parse a string as a tag. - ErrDigestInvalidFormat = errors.New("invalid digest format") - - // ErrNameContainsUppercase is returned for invalid repository names that contain uppercase characters. - ErrNameContainsUppercase = errors.New("repository name must be lowercase") - - // ErrNameEmpty is returned for empty, invalid repository names. - ErrNameEmpty = errors.New("repository name must have at least one component") - - // ErrNameTooLong is returned when a repository name is longer than NameTotalLengthMax. - ErrNameTooLong = fmt.Errorf("repository name must not be more than %v characters", NameTotalLengthMax) -) - -// Reference is an opaque object reference identifier that may include -// modifiers such as a hostname, name, tag, and digest. -type Reference interface { - // String returns the full reference - String() string -} - -// Field provides a wrapper type for resolving correct reference types when -// working with encoding. -type Field struct { - reference Reference -} - -// AsField wraps a reference in a Field for encoding. -func AsField(reference Reference) Field { - return Field{reference} -} - -// Reference unwraps the reference type from the field to -// return the Reference object. This object should be -// of the appropriate type to further check for different -// reference types. -func (f Field) Reference() Reference { - return f.reference -} - -// MarshalText serializes the field to byte text which -// is the string of the reference. -func (f Field) MarshalText() (p []byte, err error) { - return []byte(f.reference.String()), nil -} - -// UnmarshalText parses text bytes by invoking the -// reference parser to ensure the appropriately -// typed reference object is wrapped by field. -func (f *Field) UnmarshalText(p []byte) error { - r, err := Parse(string(p)) - if err != nil { - return err - } - - f.reference = r - return nil -} - -// Named is an object with a full name -type Named interface { - Reference - Name() string -} - -// Tagged is an object which has a tag -type Tagged interface { - Reference - Tag() string -} - -// NamedTagged is an object including a name and tag. -type NamedTagged interface { - Named - Tag() string -} - -// Digested is an object which has a digest -// in which it can be referenced by -type Digested interface { - Reference - Digest() digest.Digest -} - -// Canonical reference is an object with a fully unique -// name including a name with hostname and digest -type Canonical interface { - Named - Digest() digest.Digest -} - -// SplitHostname splits a named reference into a -// hostname and name string. If no valid hostname is -// found, the hostname is empty and the full value -// is returned as name -func SplitHostname(named Named) (string, string) { - name := named.Name() - match := anchoredNameRegexp.FindStringSubmatch(name) - if len(match) != 3 { - return "", name - } - return match[1], match[2] -} - -// Parse parses s and returns a syntactically valid Reference. -// If an error was encountered it is returned, along with a nil Reference. -// NOTE: Parse will not handle short digests. -func Parse(s string) (Reference, error) { - matches := ReferenceRegexp.FindStringSubmatch(s) - if matches == nil { - if s == "" { - return nil, ErrNameEmpty - } - if ReferenceRegexp.FindStringSubmatch(strings.ToLower(s)) != nil { - return nil, ErrNameContainsUppercase - } - return nil, ErrReferenceInvalidFormat - } - - if len(matches[1]) > NameTotalLengthMax { - return nil, ErrNameTooLong - } - - ref := reference{ - name: matches[1], - tag: matches[2], - } - if matches[3] != "" { - var err error - ref.digest, err = digest.ParseDigest(matches[3]) - if err != nil { - return nil, err - } - } - - r := getBestReferenceType(ref) - if r == nil { - return nil, ErrNameEmpty - } - - return r, nil -} - -// ParseNamed parses s and returns a syntactically valid reference implementing -// the Named interface. The reference must have a name, otherwise an error is -// returned. -// If an error was encountered it is returned, along with a nil Reference. -// NOTE: ParseNamed will not handle short digests. -func ParseNamed(s string) (Named, error) { - ref, err := Parse(s) - if err != nil { - return nil, err - } - named, isNamed := ref.(Named) - if !isNamed { - return nil, fmt.Errorf("reference %s has no name", ref.String()) - } - return named, nil -} - -// WithName returns a named object representing the given string. If the input -// is invalid ErrReferenceInvalidFormat will be returned. -func WithName(name string) (Named, error) { - if len(name) > NameTotalLengthMax { - return nil, ErrNameTooLong - } - if !anchoredNameRegexp.MatchString(name) { - return nil, ErrReferenceInvalidFormat - } - return repository(name), nil -} - -// WithTag combines the name from "name" and the tag from "tag" to form a -// reference incorporating both the name and the tag. -func WithTag(name Named, tag string) (NamedTagged, error) { - if !anchoredTagRegexp.MatchString(tag) { - return nil, ErrTagInvalidFormat - } - if canonical, ok := name.(Canonical); ok { - return reference{ - name: name.Name(), - tag: tag, - digest: canonical.Digest(), - }, nil - } - return taggedReference{ - name: name.Name(), - tag: tag, - }, nil -} - -// WithDigest combines the name from "name" and the digest from "digest" to form -// a reference incorporating both the name and the digest. -func WithDigest(name Named, digest digest.Digest) (Canonical, error) { - if !anchoredDigestRegexp.MatchString(digest.String()) { - return nil, ErrDigestInvalidFormat - } - if tagged, ok := name.(Tagged); ok { - return reference{ - name: name.Name(), - tag: tagged.Tag(), - digest: digest, - }, nil - } - return canonicalReference{ - name: name.Name(), - digest: digest, - }, nil -} - -// Match reports whether ref matches the specified pattern. -// See https://godoc.org/path#Match for supported patterns. -func Match(pattern string, ref Reference) (bool, error) { - matched, err := path.Match(pattern, ref.String()) - if namedRef, isNamed := ref.(Named); isNamed && !matched { - matched, _ = path.Match(pattern, namedRef.Name()) - } - return matched, err -} - -// TrimNamed removes any tag or digest from the named reference. -func TrimNamed(ref Named) Named { - return repository(ref.Name()) -} - -func getBestReferenceType(ref reference) Reference { - if ref.name == "" { - // Allow digest only references - if ref.digest != "" { - return digestReference(ref.digest) - } - return nil - } - if ref.tag == "" { - if ref.digest != "" { - return canonicalReference{ - name: ref.name, - digest: ref.digest, - } - } - return repository(ref.name) - } - if ref.digest == "" { - return taggedReference{ - name: ref.name, - tag: ref.tag, - } - } - - return ref -} - -type reference struct { - name string - tag string - digest digest.Digest -} - -func (r reference) String() string { - return r.name + ":" + r.tag + "@" + r.digest.String() -} - -func (r reference) Name() string { - return r.name -} - -func (r reference) Tag() string { - return r.tag -} - -func (r reference) Digest() digest.Digest { - return r.digest -} - -type repository string - -func (r repository) String() string { - return string(r) -} - -func (r repository) Name() string { - return string(r) -} - -type digestReference digest.Digest - -func (d digestReference) String() string { - return d.String() -} - -func (d digestReference) Digest() digest.Digest { - return digest.Digest(d) -} - -type taggedReference struct { - name string - tag string -} - -func (t taggedReference) String() string { - return t.name + ":" + t.tag -} - -func (t taggedReference) Name() string { - return t.name -} - -func (t taggedReference) Tag() string { - return t.tag -} - -type canonicalReference struct { - name string - digest digest.Digest -} - -func (c canonicalReference) String() string { - return c.name + "@" + c.digest.String() -} - -func (c canonicalReference) Name() string { - return c.name -} - -func (c canonicalReference) Digest() digest.Digest { - return c.digest -} diff --git a/vendor/github.com/docker/distribution/reference/reference_test.go b/vendor/github.com/docker/distribution/reference/reference_test.go deleted file mode 100644 index 405c47c0..00000000 --- a/vendor/github.com/docker/distribution/reference/reference_test.go +++ /dev/null @@ -1,661 +0,0 @@ -package reference - -import ( - "encoding/json" - "strconv" - "strings" - "testing" - - "github.com/docker/distribution/digest" -) - -func TestReferenceParse(t *testing.T) { - // referenceTestcases is a unified set of testcases for - // testing the parsing of references - referenceTestcases := []struct { - // input is the repository name or name component testcase - input string - // err is the error expected from Parse, or nil - err error - // repository is the string representation for the reference - repository string - // hostname is the hostname expected in the reference - hostname string - // tag is the tag for the reference - tag string - // digest is the digest for the reference (enforces digest reference) - digest string - }{ - { - input: "test_com", - repository: "test_com", - }, - { - input: "test.com:tag", - repository: "test.com", - tag: "tag", - }, - { - input: "test.com:5000", - repository: "test.com", - tag: "5000", - }, - { - input: "test.com/repo:tag", - hostname: "test.com", - repository: "test.com/repo", - tag: "tag", - }, - { - input: "test:5000/repo", - hostname: "test:5000", - repository: "test:5000/repo", - }, - { - input: "test:5000/repo:tag", - hostname: "test:5000", - repository: "test:5000/repo", - tag: "tag", - }, - { - input: "test:5000/repo@sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - hostname: "test:5000", - repository: "test:5000/repo", - digest: "sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - }, - { - input: "test:5000/repo:tag@sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - hostname: "test:5000", - repository: "test:5000/repo", - tag: "tag", - digest: "sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - }, - { - input: "test:5000/repo", - hostname: "test:5000", - repository: "test:5000/repo", - }, - { - input: "", - err: ErrNameEmpty, - }, - { - input: ":justtag", - err: ErrReferenceInvalidFormat, - }, - { - input: "@sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - err: ErrReferenceInvalidFormat, - }, - { - input: "repo@sha256:ffffffffffffffffffffffffffffffffff", - err: digest.ErrDigestInvalidLength, - }, - { - input: "validname@invaliddigest:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - err: digest.ErrDigestUnsupported, - }, - { - input: "Uppercase:tag", - err: ErrNameContainsUppercase, - }, - // FIXME "Uppercase" is incorrectly handled as a domain-name here, therefore passes. - // See https://github.com/docker/distribution/pull/1778, and https://github.com/docker/docker/pull/20175 - //{ - // input: "Uppercase/lowercase:tag", - // err: ErrNameContainsUppercase, - //}, - { - input: "test:5000/Uppercase/lowercase:tag", - err: ErrNameContainsUppercase, - }, - { - input: "lowercase:Uppercase", - repository: "lowercase", - tag: "Uppercase", - }, - { - input: strings.Repeat("a/", 128) + "a:tag", - err: ErrNameTooLong, - }, - { - input: strings.Repeat("a/", 127) + "a:tag-puts-this-over-max", - hostname: "a", - repository: strings.Repeat("a/", 127) + "a", - tag: "tag-puts-this-over-max", - }, - { - input: "aa/asdf$$^/aa", - err: ErrReferenceInvalidFormat, - }, - { - input: "sub-dom1.foo.com/bar/baz/quux", - hostname: "sub-dom1.foo.com", - repository: "sub-dom1.foo.com/bar/baz/quux", - }, - { - input: "sub-dom1.foo.com/bar/baz/quux:some-long-tag", - hostname: "sub-dom1.foo.com", - repository: "sub-dom1.foo.com/bar/baz/quux", - tag: "some-long-tag", - }, - { - input: "b.gcr.io/test.example.com/my-app:test.example.com", - hostname: "b.gcr.io", - repository: "b.gcr.io/test.example.com/my-app", - tag: "test.example.com", - }, - { - input: "xn--n3h.com/myimage:xn--n3h.com", // ☃.com in punycode - hostname: "xn--n3h.com", - repository: "xn--n3h.com/myimage", - tag: "xn--n3h.com", - }, - { - input: "xn--7o8h.com/myimage:xn--7o8h.com@sha512:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", // 🐳.com in punycode - hostname: "xn--7o8h.com", - repository: "xn--7o8h.com/myimage", - tag: "xn--7o8h.com", - digest: "sha512:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - }, - { - input: "foo_bar.com:8080", - repository: "foo_bar.com", - tag: "8080", - }, - { - input: "foo/foo_bar.com:8080", - hostname: "foo", - repository: "foo/foo_bar.com", - tag: "8080", - }, - } - for _, testcase := range referenceTestcases { - failf := func(format string, v ...interface{}) { - t.Logf(strconv.Quote(testcase.input)+": "+format, v...) - t.Fail() - } - - repo, err := Parse(testcase.input) - if testcase.err != nil { - if err == nil { - failf("missing expected error: %v", testcase.err) - } else if testcase.err != err { - failf("mismatched error: got %v, expected %v", err, testcase.err) - } - continue - } else if err != nil { - failf("unexpected parse error: %v", err) - continue - } - if repo.String() != testcase.input { - failf("mismatched repo: got %q, expected %q", repo.String(), testcase.input) - } - - if named, ok := repo.(Named); ok { - if named.Name() != testcase.repository { - failf("unexpected repository: got %q, expected %q", named.Name(), testcase.repository) - } - hostname, _ := SplitHostname(named) - if hostname != testcase.hostname { - failf("unexpected hostname: got %q, expected %q", hostname, testcase.hostname) - } - } else if testcase.repository != "" || testcase.hostname != "" { - failf("expected named type, got %T", repo) - } - - tagged, ok := repo.(Tagged) - if testcase.tag != "" { - if ok { - if tagged.Tag() != testcase.tag { - failf("unexpected tag: got %q, expected %q", tagged.Tag(), testcase.tag) - } - } else { - failf("expected tagged type, got %T", repo) - } - } else if ok { - failf("unexpected tagged type") - } - - digested, ok := repo.(Digested) - if testcase.digest != "" { - if ok { - if digested.Digest().String() != testcase.digest { - failf("unexpected digest: got %q, expected %q", digested.Digest().String(), testcase.digest) - } - } else { - failf("expected digested type, got %T", repo) - } - } else if ok { - failf("unexpected digested type") - } - - } -} - -// TestWithNameFailure tests cases where WithName should fail. Cases where it -// should succeed are covered by TestSplitHostname, below. -func TestWithNameFailure(t *testing.T) { - testcases := []struct { - input string - err error - }{ - { - input: "", - err: ErrNameEmpty, - }, - { - input: ":justtag", - err: ErrReferenceInvalidFormat, - }, - { - input: "@sha256:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - err: ErrReferenceInvalidFormat, - }, - { - input: "validname@invaliddigest:ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff", - err: ErrReferenceInvalidFormat, - }, - { - input: strings.Repeat("a/", 128) + "a:tag", - err: ErrNameTooLong, - }, - { - input: "aa/asdf$$^/aa", - err: ErrReferenceInvalidFormat, - }, - } - for _, testcase := range testcases { - failf := func(format string, v ...interface{}) { - t.Logf(strconv.Quote(testcase.input)+": "+format, v...) - t.Fail() - } - - _, err := WithName(testcase.input) - if err == nil { - failf("no error parsing name. expected: %s", testcase.err) - } - } -} - -func TestSplitHostname(t *testing.T) { - testcases := []struct { - input string - hostname string - name string - }{ - { - input: "test.com/foo", - hostname: "test.com", - name: "foo", - }, - { - input: "test_com/foo", - hostname: "", - name: "test_com/foo", - }, - { - input: "test:8080/foo", - hostname: "test:8080", - name: "foo", - }, - { - input: "test.com:8080/foo", - hostname: "test.com:8080", - name: "foo", - }, - { - input: "test-com:8080/foo", - hostname: "test-com:8080", - name: "foo", - }, - { - input: "xn--n3h.com:18080/foo", - hostname: "xn--n3h.com:18080", - name: "foo", - }, - } - for _, testcase := range testcases { - failf := func(format string, v ...interface{}) { - t.Logf(strconv.Quote(testcase.input)+": "+format, v...) - t.Fail() - } - - named, err := WithName(testcase.input) - if err != nil { - failf("error parsing name: %s", err) - } - hostname, name := SplitHostname(named) - if hostname != testcase.hostname { - failf("unexpected hostname: got %q, expected %q", hostname, testcase.hostname) - } - if name != testcase.name { - failf("unexpected name: got %q, expected %q", name, testcase.name) - } - } -} - -type serializationType struct { - Description string - Field Field -} - -func TestSerialization(t *testing.T) { - testcases := []struct { - description string - input string - name string - tag string - digest string - err error - }{ - { - description: "empty value", - err: ErrNameEmpty, - }, - { - description: "just a name", - input: "example.com:8000/named", - name: "example.com:8000/named", - }, - { - description: "name with a tag", - input: "example.com:8000/named:tagged", - name: "example.com:8000/named", - tag: "tagged", - }, - { - description: "name with digest", - input: "other.com/named@sha256:1234567890098765432112345667890098765432112345667890098765432112", - name: "other.com/named", - digest: "sha256:1234567890098765432112345667890098765432112345667890098765432112", - }, - } - for _, testcase := range testcases { - failf := func(format string, v ...interface{}) { - t.Logf(strconv.Quote(testcase.input)+": "+format, v...) - t.Fail() - } - - m := map[string]string{ - "Description": testcase.description, - "Field": testcase.input, - } - b, err := json.Marshal(m) - if err != nil { - failf("error marshalling: %v", err) - } - t := serializationType{} - - if err := json.Unmarshal(b, &t); err != nil { - if testcase.err == nil { - failf("error unmarshalling: %v", err) - } - if err != testcase.err { - failf("wrong error, expected %v, got %v", testcase.err, err) - } - - continue - } else if testcase.err != nil { - failf("expected error unmarshalling: %v", testcase.err) - } - - if t.Description != testcase.description { - failf("wrong description, expected %q, got %q", testcase.description, t.Description) - } - - ref := t.Field.Reference() - - if named, ok := ref.(Named); ok { - if named.Name() != testcase.name { - failf("unexpected repository: got %q, expected %q", named.Name(), testcase.name) - } - } else if testcase.name != "" { - failf("expected named type, got %T", ref) - } - - tagged, ok := ref.(Tagged) - if testcase.tag != "" { - if ok { - if tagged.Tag() != testcase.tag { - failf("unexpected tag: got %q, expected %q", tagged.Tag(), testcase.tag) - } - } else { - failf("expected tagged type, got %T", ref) - } - } else if ok { - failf("unexpected tagged type") - } - - digested, ok := ref.(Digested) - if testcase.digest != "" { - if ok { - if digested.Digest().String() != testcase.digest { - failf("unexpected digest: got %q, expected %q", digested.Digest().String(), testcase.digest) - } - } else { - failf("expected digested type, got %T", ref) - } - } else if ok { - failf("unexpected digested type") - } - - t = serializationType{ - Description: testcase.description, - Field: AsField(ref), - } - - b2, err := json.Marshal(t) - if err != nil { - failf("error marshing serialization type: %v", err) - } - - if string(b) != string(b2) { - failf("unexpected serialized value: expected %q, got %q", string(b), string(b2)) - } - - // Ensure t.Field is not implementing "Reference" directly, getting - // around the Reference type system - var fieldInterface interface{} = t.Field - if _, ok := fieldInterface.(Reference); ok { - failf("field should not implement Reference interface") - } - - } -} - -func TestWithTag(t *testing.T) { - testcases := []struct { - name string - digest digest.Digest - tag string - combined string - }{ - { - name: "test.com/foo", - tag: "tag", - combined: "test.com/foo:tag", - }, - { - name: "foo", - tag: "tag2", - combined: "foo:tag2", - }, - { - name: "test.com:8000/foo", - tag: "tag4", - combined: "test.com:8000/foo:tag4", - }, - { - name: "test.com:8000/foo", - tag: "TAG5", - combined: "test.com:8000/foo:TAG5", - }, - { - name: "test.com:8000/foo", - digest: "sha256:1234567890098765432112345667890098765", - tag: "TAG5", - combined: "test.com:8000/foo:TAG5@sha256:1234567890098765432112345667890098765", - }, - } - for _, testcase := range testcases { - failf := func(format string, v ...interface{}) { - t.Logf(strconv.Quote(testcase.name)+": "+format, v...) - t.Fail() - } - - named, err := WithName(testcase.name) - if err != nil { - failf("error parsing name: %s", err) - } - if testcase.digest != "" { - canonical, err := WithDigest(named, testcase.digest) - if err != nil { - failf("error adding digest") - } - named = canonical - } - - tagged, err := WithTag(named, testcase.tag) - if err != nil { - failf("WithTag failed: %s", err) - } - if tagged.String() != testcase.combined { - failf("unexpected: got %q, expected %q", tagged.String(), testcase.combined) - } - } -} - -func TestWithDigest(t *testing.T) { - testcases := []struct { - name string - digest digest.Digest - tag string - combined string - }{ - { - name: "test.com/foo", - digest: "sha256:1234567890098765432112345667890098765", - combined: "test.com/foo@sha256:1234567890098765432112345667890098765", - }, - { - name: "foo", - digest: "sha256:1234567890098765432112345667890098765", - combined: "foo@sha256:1234567890098765432112345667890098765", - }, - { - name: "test.com:8000/foo", - digest: "sha256:1234567890098765432112345667890098765", - combined: "test.com:8000/foo@sha256:1234567890098765432112345667890098765", - }, - { - name: "test.com:8000/foo", - digest: "sha256:1234567890098765432112345667890098765", - tag: "latest", - combined: "test.com:8000/foo:latest@sha256:1234567890098765432112345667890098765", - }, - } - for _, testcase := range testcases { - failf := func(format string, v ...interface{}) { - t.Logf(strconv.Quote(testcase.name)+": "+format, v...) - t.Fail() - } - - named, err := WithName(testcase.name) - if err != nil { - failf("error parsing name: %s", err) - } - if testcase.tag != "" { - tagged, err := WithTag(named, testcase.tag) - if err != nil { - failf("error adding tag") - } - named = tagged - } - digested, err := WithDigest(named, testcase.digest) - if err != nil { - failf("WithDigest failed: %s", err) - } - if digested.String() != testcase.combined { - failf("unexpected: got %q, expected %q", digested.String(), testcase.combined) - } - } -} - -func TestMatchError(t *testing.T) { - named, err := Parse("foo") - if err != nil { - t.Fatal(err) - } - _, err = Match("[-x]", named) - if err == nil { - t.Fatalf("expected an error, got nothing") - } -} - -func TestMatch(t *testing.T) { - matchCases := []struct { - reference string - pattern string - expected bool - }{ - { - reference: "foo", - pattern: "foo/**/ba[rz]", - expected: false, - }, - { - reference: "foo/any/bat", - pattern: "foo/**/ba[rz]", - expected: false, - }, - { - reference: "foo/a/bar", - pattern: "foo/**/ba[rz]", - expected: true, - }, - { - reference: "foo/b/baz", - pattern: "foo/**/ba[rz]", - expected: true, - }, - { - reference: "foo/c/baz:tag", - pattern: "foo/**/ba[rz]", - expected: true, - }, - { - reference: "foo/c/baz:tag", - pattern: "foo/*/baz:tag", - expected: true, - }, - { - reference: "foo/c/baz:tag", - pattern: "foo/c/baz:tag", - expected: true, - }, - { - reference: "example.com/foo/c/baz:tag", - pattern: "*/foo/c/baz", - expected: true, - }, - { - reference: "example.com/foo/c/baz:tag", - pattern: "example.com/foo/c/baz", - expected: true, - }, - } - for _, c := range matchCases { - named, err := Parse(c.reference) - if err != nil { - t.Fatal(err) - } - actual, err := Match(c.pattern, named) - if err != nil { - t.Fatal(err) - } - if actual != c.expected { - t.Fatalf("expected %s match %s to be %v, was %v", c.reference, c.pattern, c.expected, actual) - } - } -} diff --git a/vendor/github.com/docker/distribution/reference/regexp.go b/vendor/github.com/docker/distribution/reference/regexp.go deleted file mode 100644 index 9a7d366b..00000000 --- a/vendor/github.com/docker/distribution/reference/regexp.go +++ /dev/null @@ -1,124 +0,0 @@ -package reference - -import "regexp" - -var ( - // alphaNumericRegexp defines the alpha numeric atom, typically a - // component of names. This only allows lower case characters and digits. - alphaNumericRegexp = match(`[a-z0-9]+`) - - // separatorRegexp defines the separators allowed to be embedded in name - // components. This allow one period, one or two underscore and multiple - // dashes. - separatorRegexp = match(`(?:[._]|__|[-]*)`) - - // nameComponentRegexp restricts registry path component names to start - // with at least one letter or number, with following parts able to be - // separated by one period, one or two underscore and multiple dashes. - nameComponentRegexp = expression( - alphaNumericRegexp, - optional(repeated(separatorRegexp, alphaNumericRegexp))) - - // hostnameComponentRegexp restricts the registry hostname component of a - // repository name to start with a component as defined by hostnameRegexp - // and followed by an optional port. - hostnameComponentRegexp = match(`(?:[a-zA-Z0-9]|[a-zA-Z0-9][a-zA-Z0-9-]*[a-zA-Z0-9])`) - - // hostnameRegexp defines the structure of potential hostname components - // that may be part of image names. This is purposely a subset of what is - // allowed by DNS to ensure backwards compatibility with Docker image - // names. - hostnameRegexp = expression( - hostnameComponentRegexp, - optional(repeated(literal(`.`), hostnameComponentRegexp)), - optional(literal(`:`), match(`[0-9]+`))) - - // TagRegexp matches valid tag names. From docker/docker:graph/tags.go. - TagRegexp = match(`[\w][\w.-]{0,127}`) - - // anchoredTagRegexp matches valid tag names, anchored at the start and - // end of the matched string. - anchoredTagRegexp = anchored(TagRegexp) - - // DigestRegexp matches valid digests. - DigestRegexp = match(`[A-Za-z][A-Za-z0-9]*(?:[-_+.][A-Za-z][A-Za-z0-9]*)*[:][[:xdigit:]]{32,}`) - - // anchoredDigestRegexp matches valid digests, anchored at the start and - // end of the matched string. - anchoredDigestRegexp = anchored(DigestRegexp) - - // NameRegexp is the format for the name component of references. The - // regexp has capturing groups for the hostname and name part omitting - // the separating forward slash from either. - NameRegexp = expression( - optional(hostnameRegexp, literal(`/`)), - nameComponentRegexp, - optional(repeated(literal(`/`), nameComponentRegexp))) - - // anchoredNameRegexp is used to parse a name value, capturing the - // hostname and trailing components. - anchoredNameRegexp = anchored( - optional(capture(hostnameRegexp), literal(`/`)), - capture(nameComponentRegexp, - optional(repeated(literal(`/`), nameComponentRegexp)))) - - // ReferenceRegexp is the full supported format of a reference. The regexp - // is anchored and has capturing groups for name, tag, and digest - // components. - ReferenceRegexp = anchored(capture(NameRegexp), - optional(literal(":"), capture(TagRegexp)), - optional(literal("@"), capture(DigestRegexp))) -) - -// match compiles the string to a regular expression. -var match = regexp.MustCompile - -// literal compiles s into a literal regular expression, escaping any regexp -// reserved characters. -func literal(s string) *regexp.Regexp { - re := match(regexp.QuoteMeta(s)) - - if _, complete := re.LiteralPrefix(); !complete { - panic("must be a literal") - } - - return re -} - -// expression defines a full expression, where each regular expression must -// follow the previous. -func expression(res ...*regexp.Regexp) *regexp.Regexp { - var s string - for _, re := range res { - s += re.String() - } - - return match(s) -} - -// optional wraps the expression in a non-capturing group and makes the -// production optional. -func optional(res ...*regexp.Regexp) *regexp.Regexp { - return match(group(expression(res...)).String() + `?`) -} - -// repeated wraps the regexp in a non-capturing group to get one or more -// matches. -func repeated(res ...*regexp.Regexp) *regexp.Regexp { - return match(group(expression(res...)).String() + `+`) -} - -// group wraps the regexp in a non-capturing group. -func group(res ...*regexp.Regexp) *regexp.Regexp { - return match(`(?:` + expression(res...).String() + `)`) -} - -// capture wraps the expression in a capturing group. -func capture(res ...*regexp.Regexp) *regexp.Regexp { - return match(`(` + expression(res...).String() + `)`) -} - -// anchored anchors the regular expression by adding start and end delimiters. -func anchored(res ...*regexp.Regexp) *regexp.Regexp { - return match(`^` + expression(res...).String() + `$`) -} diff --git a/vendor/github.com/docker/distribution/reference/regexp_test.go b/vendor/github.com/docker/distribution/reference/regexp_test.go deleted file mode 100644 index 2ec39377..00000000 --- a/vendor/github.com/docker/distribution/reference/regexp_test.go +++ /dev/null @@ -1,489 +0,0 @@ -package reference - -import ( - "regexp" - "strings" - "testing" -) - -type regexpMatch struct { - input string - match bool - subs []string -} - -func checkRegexp(t *testing.T, r *regexp.Regexp, m regexpMatch) { - matches := r.FindStringSubmatch(m.input) - if m.match && matches != nil { - if len(matches) != (r.NumSubexp()+1) || matches[0] != m.input { - t.Fatalf("Bad match result %#v for %q", matches, m.input) - } - if len(matches) < (len(m.subs) + 1) { - t.Errorf("Expected %d sub matches, only have %d for %q", len(m.subs), len(matches)-1, m.input) - } - for i := range m.subs { - if m.subs[i] != matches[i+1] { - t.Errorf("Unexpected submatch %d: %q, expected %q for %q", i+1, matches[i+1], m.subs[i], m.input) - } - } - } else if m.match { - t.Errorf("Expected match for %q", m.input) - } else if matches != nil { - t.Errorf("Unexpected match for %q", m.input) - } -} - -func TestHostRegexp(t *testing.T) { - hostcases := []regexpMatch{ - { - input: "test.com", - match: true, - }, - { - input: "test.com:10304", - match: true, - }, - { - input: "test.com:http", - match: false, - }, - { - input: "localhost", - match: true, - }, - { - input: "localhost:8080", - match: true, - }, - { - input: "a", - match: true, - }, - { - input: "a.b", - match: true, - }, - { - input: "ab.cd.com", - match: true, - }, - { - input: "a-b.com", - match: true, - }, - { - input: "-ab.com", - match: false, - }, - { - input: "ab-.com", - match: false, - }, - { - input: "ab.c-om", - match: true, - }, - { - input: "ab.-com", - match: false, - }, - { - input: "ab.com-", - match: false, - }, - { - input: "0101.com", - match: true, // TODO(dmcgowan): valid if this should be allowed - }, - { - input: "001a.com", - match: true, - }, - { - input: "b.gbc.io:443", - match: true, - }, - { - input: "b.gbc.io", - match: true, - }, - { - input: "xn--n3h.com", // ☃.com in punycode - match: true, - }, - { - input: "Asdf.com", // uppercase character - match: true, - }, - } - r := regexp.MustCompile(`^` + hostnameRegexp.String() + `$`) - for i := range hostcases { - checkRegexp(t, r, hostcases[i]) - } -} - -func TestFullNameRegexp(t *testing.T) { - if anchoredNameRegexp.NumSubexp() != 2 { - t.Fatalf("anchored name regexp should have two submatches: %v, %v != 2", - anchoredNameRegexp, anchoredNameRegexp.NumSubexp()) - } - - testcases := []regexpMatch{ - { - input: "", - match: false, - }, - { - input: "short", - match: true, - subs: []string{"", "short"}, - }, - { - input: "simple/name", - match: true, - subs: []string{"simple", "name"}, - }, - { - input: "library/ubuntu", - match: true, - subs: []string{"library", "ubuntu"}, - }, - { - input: "docker/stevvooe/app", - match: true, - subs: []string{"docker", "stevvooe/app"}, - }, - { - input: "aa/aa/aa/aa/aa/aa/aa/aa/aa/bb/bb/bb/bb/bb/bb", - match: true, - subs: []string{"aa", "aa/aa/aa/aa/aa/aa/aa/aa/bb/bb/bb/bb/bb/bb"}, - }, - { - input: "aa/aa/bb/bb/bb", - match: true, - subs: []string{"aa", "aa/bb/bb/bb"}, - }, - { - input: "a/a/a/a", - match: true, - subs: []string{"a", "a/a/a"}, - }, - { - input: "a/a/a/a/", - match: false, - }, - { - input: "a//a/a", - match: false, - }, - { - input: "a", - match: true, - subs: []string{"", "a"}, - }, - { - input: "a/aa", - match: true, - subs: []string{"a", "aa"}, - }, - { - input: "a/aa/a", - match: true, - subs: []string{"a", "aa/a"}, - }, - { - input: "foo.com", - match: true, - subs: []string{"", "foo.com"}, - }, - { - input: "foo.com/", - match: false, - }, - { - input: "foo.com:8080/bar", - match: true, - subs: []string{"foo.com:8080", "bar"}, - }, - { - input: "foo.com:http/bar", - match: false, - }, - { - input: "foo.com/bar", - match: true, - subs: []string{"foo.com", "bar"}, - }, - { - input: "foo.com/bar/baz", - match: true, - subs: []string{"foo.com", "bar/baz"}, - }, - { - input: "localhost:8080/bar", - match: true, - subs: []string{"localhost:8080", "bar"}, - }, - { - input: "sub-dom1.foo.com/bar/baz/quux", - match: true, - subs: []string{"sub-dom1.foo.com", "bar/baz/quux"}, - }, - { - input: "blog.foo.com/bar/baz", - match: true, - subs: []string{"blog.foo.com", "bar/baz"}, - }, - { - input: "a^a", - match: false, - }, - { - input: "aa/asdf$$^/aa", - match: false, - }, - { - input: "asdf$$^/aa", - match: false, - }, - { - input: "aa-a/a", - match: true, - subs: []string{"aa-a", "a"}, - }, - { - input: strings.Repeat("a/", 128) + "a", - match: true, - subs: []string{"a", strings.Repeat("a/", 127) + "a"}, - }, - { - input: "a-/a/a/a", - match: false, - }, - { - input: "foo.com/a-/a/a", - match: false, - }, - { - input: "-foo/bar", - match: false, - }, - { - input: "foo/bar-", - match: false, - }, - { - input: "foo-/bar", - match: false, - }, - { - input: "foo/-bar", - match: false, - }, - { - input: "_foo/bar", - match: false, - }, - { - input: "foo_bar", - match: true, - subs: []string{"", "foo_bar"}, - }, - { - input: "foo_bar.com", - match: true, - subs: []string{"", "foo_bar.com"}, - }, - { - input: "foo_bar.com:8080", - match: false, - }, - { - input: "foo_bar.com:8080/app", - match: false, - }, - { - input: "foo.com/foo_bar", - match: true, - subs: []string{"foo.com", "foo_bar"}, - }, - { - input: "____/____", - match: false, - }, - { - input: "_docker/_docker", - match: false, - }, - { - input: "docker_/docker_", - match: false, - }, - { - input: "b.gcr.io/test.example.com/my-app", - match: true, - subs: []string{"b.gcr.io", "test.example.com/my-app"}, - }, - { - input: "xn--n3h.com/myimage", // ☃.com in punycode - match: true, - subs: []string{"xn--n3h.com", "myimage"}, - }, - { - input: "xn--7o8h.com/myimage", // 🐳.com in punycode - match: true, - subs: []string{"xn--7o8h.com", "myimage"}, - }, - { - input: "example.com/xn--7o8h.com/myimage", // 🐳.com in punycode - match: true, - subs: []string{"example.com", "xn--7o8h.com/myimage"}, - }, - { - input: "example.com/some_separator__underscore/myimage", - match: true, - subs: []string{"example.com", "some_separator__underscore/myimage"}, - }, - { - input: "example.com/__underscore/myimage", - match: false, - }, - { - input: "example.com/..dots/myimage", - match: false, - }, - { - input: "example.com/.dots/myimage", - match: false, - }, - { - input: "example.com/nodouble..dots/myimage", - match: false, - }, - { - input: "example.com/nodouble..dots/myimage", - match: false, - }, - { - input: "docker./docker", - match: false, - }, - { - input: ".docker/docker", - match: false, - }, - { - input: "docker-/docker", - match: false, - }, - { - input: "-docker/docker", - match: false, - }, - { - input: "do..cker/docker", - match: false, - }, - { - input: "do__cker:8080/docker", - match: false, - }, - { - input: "do__cker/docker", - match: true, - subs: []string{"", "do__cker/docker"}, - }, - { - input: "b.gcr.io/test.example.com/my-app", - match: true, - subs: []string{"b.gcr.io", "test.example.com/my-app"}, - }, - { - input: "registry.io/foo/project--id.module--name.ver---sion--name", - match: true, - subs: []string{"registry.io", "foo/project--id.module--name.ver---sion--name"}, - }, - { - input: "Asdf.com/foo/bar", // uppercase character in hostname - match: true, - }, - { - input: "Foo/FarB", // uppercase characters in remote name - match: false, - }, - } - for i := range testcases { - checkRegexp(t, anchoredNameRegexp, testcases[i]) - } -} - -func TestReferenceRegexp(t *testing.T) { - if ReferenceRegexp.NumSubexp() != 3 { - t.Fatalf("anchored name regexp should have three submatches: %v, %v != 3", - ReferenceRegexp, ReferenceRegexp.NumSubexp()) - } - - testcases := []regexpMatch{ - { - input: "registry.com:8080/myapp:tag", - match: true, - subs: []string{"registry.com:8080/myapp", "tag", ""}, - }, - { - input: "registry.com:8080/myapp@sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912", - match: true, - subs: []string{"registry.com:8080/myapp", "", "sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912"}, - }, - { - input: "registry.com:8080/myapp:tag2@sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912", - match: true, - subs: []string{"registry.com:8080/myapp", "tag2", "sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912"}, - }, - { - input: "registry.com:8080/myapp@sha256:badbadbadbad", - match: false, - }, - { - input: "registry.com:8080/myapp:invalid~tag", - match: false, - }, - { - input: "bad_hostname.com:8080/myapp:tag", - match: false, - }, - { - input:// localhost treated as name, missing tag with 8080 as tag - "localhost:8080@sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912", - match: true, - subs: []string{"localhost", "8080", "sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912"}, - }, - { - input: "localhost:8080/name@sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912", - match: true, - subs: []string{"localhost:8080/name", "", "sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912"}, - }, - { - input: "localhost:http/name@sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912", - match: false, - }, - { - // localhost will be treated as an image name without a host - input: "localhost@sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912", - match: true, - subs: []string{"localhost", "", "sha256:be178c0543eb17f5f3043021c9e5fcf30285e557a4fc309cce97ff9ca6182912"}, - }, - { - input: "registry.com:8080/myapp@bad", - match: false, - }, - { - input: "registry.com:8080/myapp@2bad", - match: false, // TODO(dmcgowan): Support this as valid - }, - } - - for i := range testcases { - checkRegexp(t, ReferenceRegexp, testcases[i]) - } - -} diff --git a/vendor/github.com/docker/distribution/registry.go b/vendor/github.com/docker/distribution/registry.go deleted file mode 100644 index 1ede31eb..00000000 --- a/vendor/github.com/docker/distribution/registry.go +++ /dev/null @@ -1,97 +0,0 @@ -package distribution - -import ( - "github.com/docker/distribution/context" - "github.com/docker/distribution/reference" -) - -// Scope defines the set of items that match a namespace. -type Scope interface { - // Contains returns true if the name belongs to the namespace. - Contains(name string) bool -} - -type fullScope struct{} - -func (f fullScope) Contains(string) bool { - return true -} - -// GlobalScope represents the full namespace scope which contains -// all other scopes. -var GlobalScope = Scope(fullScope{}) - -// Namespace represents a collection of repositories, addressable by name. -// Generally, a namespace is backed by a set of one or more services, -// providing facilities such as registry access, trust, and indexing. -type Namespace interface { - // Scope describes the names that can be used with this Namespace. The - // global namespace will have a scope that matches all names. The scope - // effectively provides an identity for the namespace. - Scope() Scope - - // Repository should return a reference to the named repository. The - // registry may or may not have the repository but should always return a - // reference. - Repository(ctx context.Context, name reference.Named) (Repository, error) - - // Repositories fills 'repos' with a lexigraphically sorted catalog of repositories - // up to the size of 'repos' and returns the value 'n' for the number of entries - // which were filled. 'last' contains an offset in the catalog, and 'err' will be - // set to io.EOF if there are no more entries to obtain. - Repositories(ctx context.Context, repos []string, last string) (n int, err error) - - // Blobs returns a blob enumerator to access all blobs - Blobs() BlobEnumerator - - // BlobStatter returns a BlobStatter to control - BlobStatter() BlobStatter -} - -// RepositoryEnumerator describes an operation to enumerate repositories -type RepositoryEnumerator interface { - Enumerate(ctx context.Context, ingester func(string) error) error -} - -// ManifestServiceOption is a function argument for Manifest Service methods -type ManifestServiceOption interface { - Apply(ManifestService) error -} - -// WithTag allows a tag to be passed into Put -func WithTag(tag string) ManifestServiceOption { - return WithTagOption{tag} -} - -// WithTagOption holds a tag -type WithTagOption struct{ Tag string } - -// Apply conforms to the ManifestServiceOption interface -func (o WithTagOption) Apply(m ManifestService) error { - // no implementation - return nil -} - -// Repository is a named collection of manifests and layers. -type Repository interface { - // Named returns the name of the repository. - Named() reference.Named - - // Manifests returns a reference to this repository's manifest service. - // with the supplied options applied. - Manifests(ctx context.Context, options ...ManifestServiceOption) (ManifestService, error) - - // Blobs returns a reference to this repository's blob service. - Blobs(ctx context.Context) BlobStore - - // TODO(stevvooe): The above BlobStore return can probably be relaxed to - // be a BlobService for use with clients. This will allow such - // implementations to avoid implementing ServeBlob. - - // Tags returns a reference to this repositories tag service - Tags(ctx context.Context) TagService -} - -// TODO(stevvooe): Must add close methods to all these. May want to change the -// way instances are created to better reflect internal dependency -// relationships. diff --git a/vendor/github.com/docker/distribution/registry/api/errcode/errors.go b/vendor/github.com/docker/distribution/registry/api/errcode/errors.go deleted file mode 100644 index 6d9bb4b6..00000000 --- a/vendor/github.com/docker/distribution/registry/api/errcode/errors.go +++ /dev/null @@ -1,267 +0,0 @@ -package errcode - -import ( - "encoding/json" - "fmt" - "strings" -) - -// ErrorCoder is the base interface for ErrorCode and Error allowing -// users of each to just call ErrorCode to get the real ID of each -type ErrorCoder interface { - ErrorCode() ErrorCode -} - -// ErrorCode represents the error type. The errors are serialized via strings -// and the integer format may change and should *never* be exported. -type ErrorCode int - -var _ error = ErrorCode(0) - -// ErrorCode just returns itself -func (ec ErrorCode) ErrorCode() ErrorCode { - return ec -} - -// Error returns the ID/Value -func (ec ErrorCode) Error() string { - // NOTE(stevvooe): Cannot use message here since it may have unpopulated args. - return strings.ToLower(strings.Replace(ec.String(), "_", " ", -1)) -} - -// Descriptor returns the descriptor for the error code. -func (ec ErrorCode) Descriptor() ErrorDescriptor { - d, ok := errorCodeToDescriptors[ec] - - if !ok { - return ErrorCodeUnknown.Descriptor() - } - - return d -} - -// String returns the canonical identifier for this error code. -func (ec ErrorCode) String() string { - return ec.Descriptor().Value -} - -// Message returned the human-readable error message for this error code. -func (ec ErrorCode) Message() string { - return ec.Descriptor().Message -} - -// MarshalText encodes the receiver into UTF-8-encoded text and returns the -// result. -func (ec ErrorCode) MarshalText() (text []byte, err error) { - return []byte(ec.String()), nil -} - -// UnmarshalText decodes the form generated by MarshalText. -func (ec *ErrorCode) UnmarshalText(text []byte) error { - desc, ok := idToDescriptors[string(text)] - - if !ok { - desc = ErrorCodeUnknown.Descriptor() - } - - *ec = desc.Code - - return nil -} - -// WithMessage creates a new Error struct based on the passed-in info and -// overrides the Message property. -func (ec ErrorCode) WithMessage(message string) Error { - return Error{ - Code: ec, - Message: message, - } -} - -// WithDetail creates a new Error struct based on the passed-in info and -// set the Detail property appropriately -func (ec ErrorCode) WithDetail(detail interface{}) Error { - return Error{ - Code: ec, - Message: ec.Message(), - }.WithDetail(detail) -} - -// WithArgs creates a new Error struct and sets the Args slice -func (ec ErrorCode) WithArgs(args ...interface{}) Error { - return Error{ - Code: ec, - Message: ec.Message(), - }.WithArgs(args...) -} - -// Error provides a wrapper around ErrorCode with extra Details provided. -type Error struct { - Code ErrorCode `json:"code"` - Message string `json:"message"` - Detail interface{} `json:"detail,omitempty"` - - // TODO(duglin): See if we need an "args" property so we can do the - // variable substitution right before showing the message to the user -} - -var _ error = Error{} - -// ErrorCode returns the ID/Value of this Error -func (e Error) ErrorCode() ErrorCode { - return e.Code -} - -// Error returns a human readable representation of the error. -func (e Error) Error() string { - return fmt.Sprintf("%s: %s", e.Code.Error(), e.Message) -} - -// WithDetail will return a new Error, based on the current one, but with -// some Detail info added -func (e Error) WithDetail(detail interface{}) Error { - return Error{ - Code: e.Code, - Message: e.Message, - Detail: detail, - } -} - -// WithArgs uses the passed-in list of interface{} as the substitution -// variables in the Error's Message string, but returns a new Error -func (e Error) WithArgs(args ...interface{}) Error { - return Error{ - Code: e.Code, - Message: fmt.Sprintf(e.Code.Message(), args...), - Detail: e.Detail, - } -} - -// ErrorDescriptor provides relevant information about a given error code. -type ErrorDescriptor struct { - // Code is the error code that this descriptor describes. - Code ErrorCode - - // Value provides a unique, string key, often captilized with - // underscores, to identify the error code. This value is used as the - // keyed value when serializing api errors. - Value string - - // Message is a short, human readable decription of the error condition - // included in API responses. - Message string - - // Description provides a complete account of the errors purpose, suitable - // for use in documentation. - Description string - - // HTTPStatusCode provides the http status code that is associated with - // this error condition. - HTTPStatusCode int -} - -// ParseErrorCode returns the value by the string error code. -// `ErrorCodeUnknown` will be returned if the error is not known. -func ParseErrorCode(value string) ErrorCode { - ed, ok := idToDescriptors[value] - if ok { - return ed.Code - } - - return ErrorCodeUnknown -} - -// Errors provides the envelope for multiple errors and a few sugar methods -// for use within the application. -type Errors []error - -var _ error = Errors{} - -func (errs Errors) Error() string { - switch len(errs) { - case 0: - return "" - case 1: - return errs[0].Error() - default: - msg := "errors:\n" - for _, err := range errs { - msg += err.Error() + "\n" - } - return msg - } -} - -// Len returns the current number of errors. -func (errs Errors) Len() int { - return len(errs) -} - -// MarshalJSON converts slice of error, ErrorCode or Error into a -// slice of Error - then serializes -func (errs Errors) MarshalJSON() ([]byte, error) { - var tmpErrs struct { - Errors []Error `json:"errors,omitempty"` - } - - for _, daErr := range errs { - var err Error - - switch daErr.(type) { - case ErrorCode: - err = daErr.(ErrorCode).WithDetail(nil) - case Error: - err = daErr.(Error) - default: - err = ErrorCodeUnknown.WithDetail(daErr) - - } - - // If the Error struct was setup and they forgot to set the - // Message field (meaning its "") then grab it from the ErrCode - msg := err.Message - if msg == "" { - msg = err.Code.Message() - } - - tmpErrs.Errors = append(tmpErrs.Errors, Error{ - Code: err.Code, - Message: msg, - Detail: err.Detail, - }) - } - - return json.Marshal(tmpErrs) -} - -// UnmarshalJSON deserializes []Error and then converts it into slice of -// Error or ErrorCode -func (errs *Errors) UnmarshalJSON(data []byte) error { - var tmpErrs struct { - Errors []Error - } - - if err := json.Unmarshal(data, &tmpErrs); err != nil { - return err - } - - var newErrs Errors - for _, daErr := range tmpErrs.Errors { - // If Message is empty or exactly matches the Code's message string - // then just use the Code, no need for a full Error struct - if daErr.Detail == nil && (daErr.Message == "" || daErr.Message == daErr.Code.Message()) { - // Error's w/o details get converted to ErrorCode - newErrs = append(newErrs, daErr.Code) - } else { - // Error's w/ details are untouched - newErrs = append(newErrs, Error{ - Code: daErr.Code, - Message: daErr.Message, - Detail: daErr.Detail, - }) - } - } - - *errs = newErrs - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/api/errcode/errors_test.go b/vendor/github.com/docker/distribution/registry/api/errcode/errors_test.go deleted file mode 100644 index 54e7a736..00000000 --- a/vendor/github.com/docker/distribution/registry/api/errcode/errors_test.go +++ /dev/null @@ -1,185 +0,0 @@ -package errcode - -import ( - "encoding/json" - "net/http" - "reflect" - "strings" - "testing" -) - -// TestErrorsManagement does a quick check of the Errors type to ensure that -// members are properly pushed and marshaled. -var ErrorCodeTest1 = Register("test.errors", ErrorDescriptor{ - Value: "TEST1", - Message: "test error 1", - Description: `Just a test message #1.`, - HTTPStatusCode: http.StatusInternalServerError, -}) - -var ErrorCodeTest2 = Register("test.errors", ErrorDescriptor{ - Value: "TEST2", - Message: "test error 2", - Description: `Just a test message #2.`, - HTTPStatusCode: http.StatusNotFound, -}) - -var ErrorCodeTest3 = Register("test.errors", ErrorDescriptor{ - Value: "TEST3", - Message: "Sorry %q isn't valid", - Description: `Just a test message #3.`, - HTTPStatusCode: http.StatusNotFound, -}) - -// TestErrorCodes ensures that error code format, mappings and -// marshaling/unmarshaling. round trips are stable. -func TestErrorCodes(t *testing.T) { - if len(errorCodeToDescriptors) == 0 { - t.Fatal("errors aren't loaded!") - } - - for ec, desc := range errorCodeToDescriptors { - if ec != desc.Code { - t.Fatalf("error code in descriptor isn't correct, %q != %q", ec, desc.Code) - } - - if idToDescriptors[desc.Value].Code != ec { - t.Fatalf("error code in idToDesc isn't correct, %q != %q", idToDescriptors[desc.Value].Code, ec) - } - - if ec.Message() != desc.Message { - t.Fatalf("ec.Message doesn't mtach desc.Message: %q != %q", ec.Message(), desc.Message) - } - - // Test (de)serializing the ErrorCode - p, err := json.Marshal(ec) - if err != nil { - t.Fatalf("couldn't marshal ec %v: %v", ec, err) - } - - if len(p) <= 0 { - t.Fatalf("expected content in marshaled before for error code %v", ec) - } - - // First, unmarshal to interface and ensure we have a string. - var ecUnspecified interface{} - if err := json.Unmarshal(p, &ecUnspecified); err != nil { - t.Fatalf("error unmarshaling error code %v: %v", ec, err) - } - - if _, ok := ecUnspecified.(string); !ok { - t.Fatalf("expected a string for error code %v on unmarshal got a %T", ec, ecUnspecified) - } - - // Now, unmarshal with the error code type and ensure they are equal - var ecUnmarshaled ErrorCode - if err := json.Unmarshal(p, &ecUnmarshaled); err != nil { - t.Fatalf("error unmarshaling error code %v: %v", ec, err) - } - - if ecUnmarshaled != ec { - t.Fatalf("unexpected error code during error code marshal/unmarshal: %v != %v", ecUnmarshaled, ec) - } - - expectedErrorString := strings.ToLower(strings.Replace(ec.Descriptor().Value, "_", " ", -1)) - if ec.Error() != expectedErrorString { - t.Fatalf("unexpected return from %v.Error(): %q != %q", ec, ec.Error(), expectedErrorString) - } - } - -} - -func TestErrorsManagement(t *testing.T) { - var errs Errors - - errs = append(errs, ErrorCodeTest1) - errs = append(errs, ErrorCodeTest2.WithDetail( - map[string]interface{}{"digest": "sometestblobsumdoesntmatter"})) - errs = append(errs, ErrorCodeTest3.WithArgs("BOOGIE")) - errs = append(errs, ErrorCodeTest3.WithArgs("BOOGIE").WithDetail("data")) - - p, err := json.Marshal(errs) - - if err != nil { - t.Fatalf("error marashaling errors: %v", err) - } - - expectedJSON := `{"errors":[` + - `{"code":"TEST1","message":"test error 1"},` + - `{"code":"TEST2","message":"test error 2","detail":{"digest":"sometestblobsumdoesntmatter"}},` + - `{"code":"TEST3","message":"Sorry \"BOOGIE\" isn't valid"},` + - `{"code":"TEST3","message":"Sorry \"BOOGIE\" isn't valid","detail":"data"}` + - `]}` - - if string(p) != expectedJSON { - t.Fatalf("unexpected json:\ngot:\n%q\n\nexpected:\n%q", string(p), expectedJSON) - } - - // Now test the reverse - var unmarshaled Errors - if err := json.Unmarshal(p, &unmarshaled); err != nil { - t.Fatalf("unexpected error unmarshaling error envelope: %v", err) - } - - if !reflect.DeepEqual(unmarshaled, errs) { - t.Fatalf("errors not equal after round trip:\nunmarshaled:\n%#v\n\nerrs:\n%#v", unmarshaled, errs) - } - - // Test the arg substitution stuff - e1 := unmarshaled[3].(Error) - exp1 := `Sorry "BOOGIE" isn't valid` - if e1.Message != exp1 { - t.Fatalf("Wrong msg, got:\n%q\n\nexpected:\n%q", e1.Message, exp1) - } - - exp1 = "test3: " + exp1 - if e1.Error() != exp1 { - t.Fatalf("Error() didn't return the right string, got:%s\nexpected:%s", e1.Error(), exp1) - } - - // Test again with a single value this time - errs = Errors{ErrorCodeUnknown} - expectedJSON = "{\"errors\":[{\"code\":\"UNKNOWN\",\"message\":\"unknown error\"}]}" - p, err = json.Marshal(errs) - - if err != nil { - t.Fatalf("error marashaling errors: %v", err) - } - - if string(p) != expectedJSON { - t.Fatalf("unexpected json: %q != %q", string(p), expectedJSON) - } - - // Now test the reverse - unmarshaled = nil - if err := json.Unmarshal(p, &unmarshaled); err != nil { - t.Fatalf("unexpected error unmarshaling error envelope: %v", err) - } - - if !reflect.DeepEqual(unmarshaled, errs) { - t.Fatalf("errors not equal after round trip:\nunmarshaled:\n%#v\n\nerrs:\n%#v", unmarshaled, errs) - } - - // Verify that calling WithArgs() more than once does the right thing. - // Meaning creates a new Error and uses the ErrorCode Message - e1 = ErrorCodeTest3.WithArgs("test1") - e2 := e1.WithArgs("test2") - if &e1 == &e2 { - t.Fatalf("args: e2 and e1 should not be the same, but they are") - } - if e2.Message != `Sorry "test2" isn't valid` { - t.Fatalf("e2 had wrong message: %q", e2.Message) - } - - // Verify that calling WithDetail() more than once does the right thing. - // Meaning creates a new Error and overwrites the old detail field - e1 = ErrorCodeTest3.WithDetail("stuff1") - e2 = e1.WithDetail("stuff2") - if &e1 == &e2 { - t.Fatalf("detail: e2 and e1 should not be the same, but they are") - } - if e2.Detail != `stuff2` { - t.Fatalf("e2 had wrong detail: %q", e2.Detail) - } - -} diff --git a/vendor/github.com/docker/distribution/registry/api/errcode/handler.go b/vendor/github.com/docker/distribution/registry/api/errcode/handler.go deleted file mode 100644 index 49a64a86..00000000 --- a/vendor/github.com/docker/distribution/registry/api/errcode/handler.go +++ /dev/null @@ -1,44 +0,0 @@ -package errcode - -import ( - "encoding/json" - "net/http" -) - -// ServeJSON attempts to serve the errcode in a JSON envelope. It marshals err -// and sets the content-type header to 'application/json'. It will handle -// ErrorCoder and Errors, and if necessary will create an envelope. -func ServeJSON(w http.ResponseWriter, err error) error { - w.Header().Set("Content-Type", "application/json; charset=utf-8") - var sc int - - switch errs := err.(type) { - case Errors: - if len(errs) < 1 { - break - } - - if err, ok := errs[0].(ErrorCoder); ok { - sc = err.ErrorCode().Descriptor().HTTPStatusCode - } - case ErrorCoder: - sc = errs.ErrorCode().Descriptor().HTTPStatusCode - err = Errors{err} // create an envelope. - default: - // We just have an unhandled error type, so just place in an envelope - // and move along. - err = Errors{err} - } - - if sc == 0 { - sc = http.StatusInternalServerError - } - - w.WriteHeader(sc) - - if err := json.NewEncoder(w).Encode(err); err != nil { - return err - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/api/errcode/register.go b/vendor/github.com/docker/distribution/registry/api/errcode/register.go deleted file mode 100644 index d1e8826c..00000000 --- a/vendor/github.com/docker/distribution/registry/api/errcode/register.go +++ /dev/null @@ -1,138 +0,0 @@ -package errcode - -import ( - "fmt" - "net/http" - "sort" - "sync" -) - -var ( - errorCodeToDescriptors = map[ErrorCode]ErrorDescriptor{} - idToDescriptors = map[string]ErrorDescriptor{} - groupToDescriptors = map[string][]ErrorDescriptor{} -) - -var ( - // ErrorCodeUnknown is a generic error that can be used as a last - // resort if there is no situation-specific error message that can be used - ErrorCodeUnknown = Register("errcode", ErrorDescriptor{ - Value: "UNKNOWN", - Message: "unknown error", - Description: `Generic error returned when the error does not have an - API classification.`, - HTTPStatusCode: http.StatusInternalServerError, - }) - - // ErrorCodeUnsupported is returned when an operation is not supported. - ErrorCodeUnsupported = Register("errcode", ErrorDescriptor{ - Value: "UNSUPPORTED", - Message: "The operation is unsupported.", - Description: `The operation was unsupported due to a missing - implementation or invalid set of parameters.`, - HTTPStatusCode: http.StatusMethodNotAllowed, - }) - - // ErrorCodeUnauthorized is returned if a request requires - // authentication. - ErrorCodeUnauthorized = Register("errcode", ErrorDescriptor{ - Value: "UNAUTHORIZED", - Message: "authentication required", - Description: `The access controller was unable to authenticate - the client. Often this will be accompanied by a - Www-Authenticate HTTP response header indicating how to - authenticate.`, - HTTPStatusCode: http.StatusUnauthorized, - }) - - // ErrorCodeDenied is returned if a client does not have sufficient - // permission to perform an action. - ErrorCodeDenied = Register("errcode", ErrorDescriptor{ - Value: "DENIED", - Message: "requested access to the resource is denied", - Description: `The access controller denied access for the - operation on a resource.`, - HTTPStatusCode: http.StatusForbidden, - }) - - // ErrorCodeUnavailable provides a common error to report unavailability - // of a service or endpoint. - ErrorCodeUnavailable = Register("errcode", ErrorDescriptor{ - Value: "UNAVAILABLE", - Message: "service unavailable", - Description: "Returned when a service is not available", - HTTPStatusCode: http.StatusServiceUnavailable, - }) - - // ErrorCodeTooManyRequests is returned if a client attempts too many - // times to contact a service endpoint. - ErrorCodeTooManyRequests = Register("errcode", ErrorDescriptor{ - Value: "TOOMANYREQUESTS", - Message: "too many requests", - Description: `Returned when a client attempts to contact a - service too many times`, - HTTPStatusCode: http.StatusTooManyRequests, - }) -) - -var nextCode = 1000 -var registerLock sync.Mutex - -// Register will make the passed-in error known to the environment and -// return a new ErrorCode -func Register(group string, descriptor ErrorDescriptor) ErrorCode { - registerLock.Lock() - defer registerLock.Unlock() - - descriptor.Code = ErrorCode(nextCode) - - if _, ok := idToDescriptors[descriptor.Value]; ok { - panic(fmt.Sprintf("ErrorValue %q is already registered", descriptor.Value)) - } - if _, ok := errorCodeToDescriptors[descriptor.Code]; ok { - panic(fmt.Sprintf("ErrorCode %v is already registered", descriptor.Code)) - } - - groupToDescriptors[group] = append(groupToDescriptors[group], descriptor) - errorCodeToDescriptors[descriptor.Code] = descriptor - idToDescriptors[descriptor.Value] = descriptor - - nextCode++ - return descriptor.Code -} - -type byValue []ErrorDescriptor - -func (a byValue) Len() int { return len(a) } -func (a byValue) Swap(i, j int) { a[i], a[j] = a[j], a[i] } -func (a byValue) Less(i, j int) bool { return a[i].Value < a[j].Value } - -// GetGroupNames returns the list of Error group names that are registered -func GetGroupNames() []string { - keys := []string{} - - for k := range groupToDescriptors { - keys = append(keys, k) - } - sort.Strings(keys) - return keys -} - -// GetErrorCodeGroup returns the named group of error descriptors -func GetErrorCodeGroup(name string) []ErrorDescriptor { - desc := groupToDescriptors[name] - sort.Sort(byValue(desc)) - return desc -} - -// GetErrorAllDescriptors returns a slice of all ErrorDescriptors that are -// registered, irrespective of what group they're in -func GetErrorAllDescriptors() []ErrorDescriptor { - result := []ErrorDescriptor{} - - for _, group := range GetGroupNames() { - result = append(result, GetErrorCodeGroup(group)...) - } - sort.Sort(byValue(result)) - return result -} diff --git a/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go b/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go deleted file mode 100644 index 9979abae..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/descriptors.go +++ /dev/null @@ -1,1596 +0,0 @@ -package v2 - -import ( - "net/http" - "regexp" - - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/errcode" -) - -var ( - nameParameterDescriptor = ParameterDescriptor{ - Name: "name", - Type: "string", - Format: reference.NameRegexp.String(), - Required: true, - Description: `Name of the target repository.`, - } - - referenceParameterDescriptor = ParameterDescriptor{ - Name: "reference", - Type: "string", - Format: reference.TagRegexp.String(), - Required: true, - Description: `Tag or digest of the target manifest.`, - } - - uuidParameterDescriptor = ParameterDescriptor{ - Name: "uuid", - Type: "opaque", - Required: true, - Description: "A uuid identifying the upload. This field can accept characters that match `[a-zA-Z0-9-_.=]+`.", - } - - digestPathParameter = ParameterDescriptor{ - Name: "digest", - Type: "path", - Required: true, - Format: digest.DigestRegexp.String(), - Description: `Digest of desired blob.`, - } - - hostHeader = ParameterDescriptor{ - Name: "Host", - Type: "string", - Description: "Standard HTTP Host Header. Should be set to the registry host.", - Format: "", - Examples: []string{"registry-1.docker.io"}, - } - - authHeader = ParameterDescriptor{ - Name: "Authorization", - Type: "string", - Description: "An RFC7235 compliant authorization header.", - Format: " ", - Examples: []string{"Bearer dGhpcyBpcyBhIGZha2UgYmVhcmVyIHRva2VuIQ=="}, - } - - authChallengeHeader = ParameterDescriptor{ - Name: "WWW-Authenticate", - Type: "string", - Description: "An RFC7235 compliant authentication challenge header.", - Format: ` realm="", ..."`, - Examples: []string{ - `Bearer realm="https://auth.docker.com/", service="registry.docker.com", scopes="repository:library/ubuntu:pull"`, - }, - } - - contentLengthZeroHeader = ParameterDescriptor{ - Name: "Content-Length", - Description: "The `Content-Length` header must be zero and the body must be empty.", - Type: "integer", - Format: "0", - } - - dockerUploadUUIDHeader = ParameterDescriptor{ - Name: "Docker-Upload-UUID", - Description: "Identifies the docker upload uuid for the current request.", - Type: "uuid", - Format: "", - } - - digestHeader = ParameterDescriptor{ - Name: "Docker-Content-Digest", - Description: "Digest of the targeted content for the request.", - Type: "digest", - Format: "", - } - - linkHeader = ParameterDescriptor{ - Name: "Link", - Type: "link", - Description: "RFC5988 compliant rel='next' with URL to next result set, if available", - Format: `<?n=&last=>; rel="next"`, - } - - paginationParameters = []ParameterDescriptor{ - { - Name: "n", - Type: "integer", - Description: "Limit the number of entries in each response. It not present, all entries will be returned.", - Format: "", - Required: false, - }, - { - Name: "last", - Type: "string", - Description: "Result set will include values lexically after last.", - Format: "", - Required: false, - }, - } - - unauthorizedResponseDescriptor = ResponseDescriptor{ - Name: "Authentication Required", - StatusCode: http.StatusUnauthorized, - Description: "The client is not authenticated.", - Headers: []ParameterDescriptor{ - authChallengeHeader, - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeUnauthorized, - }, - } - - repositoryNotFoundResponseDescriptor = ResponseDescriptor{ - Name: "No Such Repository Error", - StatusCode: http.StatusNotFound, - Description: "The repository is not known to the registry.", - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameUnknown, - }, - } - - deniedResponseDescriptor = ResponseDescriptor{ - Name: "Access Denied", - StatusCode: http.StatusForbidden, - Description: "The client does not have required access to the repository.", - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeDenied, - }, - } - - tooManyRequestsDescriptor = ResponseDescriptor{ - Name: "Too Many Requests", - StatusCode: http.StatusTooManyRequests, - Description: "The client made too many requests within a time interval.", - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeTooManyRequests, - }, - } -) - -const ( - manifestBody = `{ - "name": , - "tag": , - "fsLayers": [ - { - "blobSum": "" - }, - ... - ] - ], - "history": , - "signature": -}` - - errorsBody = `{ - "errors:" [ - { - "code": , - "message": "", - "detail": ... - }, - ... - ] -}` -) - -// APIDescriptor exports descriptions of the layout of the v2 registry API. -var APIDescriptor = struct { - // RouteDescriptors provides a list of the routes available in the API. - RouteDescriptors []RouteDescriptor -}{ - RouteDescriptors: routeDescriptors, -} - -// RouteDescriptor describes a route specified by name. -type RouteDescriptor struct { - // Name is the name of the route, as specified in RouteNameXXX exports. - // These names a should be considered a unique reference for a route. If - // the route is registered with gorilla, this is the name that will be - // used. - Name string - - // Path is a gorilla/mux-compatible regexp that can be used to match the - // route. For any incoming method and path, only one route descriptor - // should match. - Path string - - // Entity should be a short, human-readalbe description of the object - // targeted by the endpoint. - Entity string - - // Description should provide an accurate overview of the functionality - // provided by the route. - Description string - - // Methods should describe the various HTTP methods that may be used on - // this route, including request and response formats. - Methods []MethodDescriptor -} - -// MethodDescriptor provides a description of the requests that may be -// conducted with the target method. -type MethodDescriptor struct { - - // Method is an HTTP method, such as GET, PUT or POST. - Method string - - // Description should provide an overview of the functionality provided by - // the covered method, suitable for use in documentation. Use of markdown - // here is encouraged. - Description string - - // Requests is a slice of request descriptors enumerating how this - // endpoint may be used. - Requests []RequestDescriptor -} - -// RequestDescriptor covers a particular set of headers and parameters that -// can be carried out with the parent method. Its most helpful to have one -// RequestDescriptor per API use case. -type RequestDescriptor struct { - // Name provides a short identifier for the request, usable as a title or - // to provide quick context for the particular request. - Name string - - // Description should cover the requests purpose, covering any details for - // this particular use case. - Description string - - // Headers describes headers that must be used with the HTTP request. - Headers []ParameterDescriptor - - // PathParameters enumerate the parameterized path components for the - // given request, as defined in the route's regular expression. - PathParameters []ParameterDescriptor - - // QueryParameters provides a list of query parameters for the given - // request. - QueryParameters []ParameterDescriptor - - // Body describes the format of the request body. - Body BodyDescriptor - - // Successes enumerates the possible responses that are considered to be - // the result of a successful request. - Successes []ResponseDescriptor - - // Failures covers the possible failures from this particular request. - Failures []ResponseDescriptor -} - -// ResponseDescriptor describes the components of an API response. -type ResponseDescriptor struct { - // Name provides a short identifier for the response, usable as a title or - // to provide quick context for the particular response. - Name string - - // Description should provide a brief overview of the role of the - // response. - Description string - - // StatusCode specifies the status received by this particular response. - StatusCode int - - // Headers covers any headers that may be returned from the response. - Headers []ParameterDescriptor - - // Fields describes any fields that may be present in the response. - Fields []ParameterDescriptor - - // ErrorCodes enumerates the error codes that may be returned along with - // the response. - ErrorCodes []errcode.ErrorCode - - // Body describes the body of the response, if any. - Body BodyDescriptor -} - -// BodyDescriptor describes a request body and its expected content type. For -// the most part, it should be example json or some placeholder for body -// data in documentation. -type BodyDescriptor struct { - ContentType string - Format string -} - -// ParameterDescriptor describes the format of a request parameter, which may -// be a header, path parameter or query parameter. -type ParameterDescriptor struct { - // Name is the name of the parameter, either of the path component or - // query parameter. - Name string - - // Type specifies the type of the parameter, such as string, integer, etc. - Type string - - // Description provides a human-readable description of the parameter. - Description string - - // Required means the field is required when set. - Required bool - - // Format is a specifying the string format accepted by this parameter. - Format string - - // Regexp is a compiled regular expression that can be used to validate - // the contents of the parameter. - Regexp *regexp.Regexp - - // Examples provides multiple examples for the values that might be valid - // for this parameter. - Examples []string -} - -var routeDescriptors = []RouteDescriptor{ - { - Name: RouteNameBase, - Path: "/v2/", - Entity: "Base", - Description: `Base V2 API route. Typically, this can be used for lightweight version checks and to validate registry authentication.`, - Methods: []MethodDescriptor{ - { - Method: "GET", - Description: "Check that the endpoint implements Docker Registry API V2.", - Requests: []RequestDescriptor{ - { - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - Successes: []ResponseDescriptor{ - { - Description: "The API implements V2 protocol and is accessible.", - StatusCode: http.StatusOK, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "The registry does not implement the V2 API.", - StatusCode: http.StatusNotFound, - }, - unauthorizedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - }, - }, - { - Name: RouteNameTags, - Path: "/v2/{name:" + reference.NameRegexp.String() + "}/tags/list", - Entity: "Tags", - Description: "Retrieve information about tags.", - Methods: []MethodDescriptor{ - { - Method: "GET", - Description: "Fetch the tags under the repository identified by `name`.", - Requests: []RequestDescriptor{ - { - Name: "Tags", - Description: "Return all tags for the repository", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - }, - Successes: []ResponseDescriptor{ - { - StatusCode: http.StatusOK, - Description: "A list of tags for the named repository.", - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: `{ - "name": , - "tags": [ - , - ... - ] -}`, - }, - }, - }, - Failures: []ResponseDescriptor{ - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - { - Name: "Tags Paginated", - Description: "Return a portion of the tags for the specified repository.", - PathParameters: []ParameterDescriptor{nameParameterDescriptor}, - QueryParameters: paginationParameters, - Successes: []ResponseDescriptor{ - { - StatusCode: http.StatusOK, - Description: "A list of tags for the named repository.", - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - linkHeader, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: `{ - "name": , - "tags": [ - , - ... - ], -}`, - }, - }, - }, - Failures: []ResponseDescriptor{ - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - }, - }, - { - Name: RouteNameManifest, - Path: "/v2/{name:" + reference.NameRegexp.String() + "}/manifests/{reference:" + reference.TagRegexp.String() + "|" + digest.DigestRegexp.String() + "}", - Entity: "Manifest", - Description: "Create, update, delete and retrieve manifests.", - Methods: []MethodDescriptor{ - { - Method: "GET", - Description: "Fetch the manifest identified by `name` and `reference` where `reference` can be a tag or digest. A `HEAD` request can also be issued to this endpoint to obtain resource information without receiving all data.", - Requests: []RequestDescriptor{ - { - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - referenceParameterDescriptor, - }, - Successes: []ResponseDescriptor{ - { - Description: "The manifest identified by `name` and `reference`. The contents can be used to identify and resolve resources required to run the specified image.", - StatusCode: http.StatusOK, - Headers: []ParameterDescriptor{ - digestHeader, - }, - Body: BodyDescriptor{ - ContentType: "", - Format: manifestBody, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "The name or reference was invalid.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameInvalid, - ErrorCodeTagInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - { - Method: "PUT", - Description: "Put the manifest identified by `name` and `reference` where `reference` can be a tag or digest.", - Requests: []RequestDescriptor{ - { - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - referenceParameterDescriptor, - }, - Body: BodyDescriptor{ - ContentType: "", - Format: manifestBody, - }, - Successes: []ResponseDescriptor{ - { - Description: "The manifest has been accepted by the registry and is stored under the specified `name` and `tag`.", - StatusCode: http.StatusCreated, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Description: "The canonical location url of the uploaded manifest.", - Format: "", - }, - contentLengthZeroHeader, - digestHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Name: "Invalid Manifest", - Description: "The received manifest was invalid in some way, as described by the error codes. The client should resolve the issue and retry the request.", - StatusCode: http.StatusBadRequest, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameInvalid, - ErrorCodeTagInvalid, - ErrorCodeManifestInvalid, - ErrorCodeManifestUnverified, - ErrorCodeBlobUnknown, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - { - Name: "Missing Layer(s)", - Description: "One or more layers may be missing during a manifest upload. If so, the missing layers will be enumerated in the error response.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeBlobUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: `{ - "errors:" [{ - "code": "BLOB_UNKNOWN", - "message": "blob unknown to registry", - "detail": { - "digest": "" - } - }, - ... - ] -}`, - }, - }, - { - Name: "Not allowed", - Description: "Manifest put is not allowed because the registry is configured as a pull-through cache or for some other reason", - StatusCode: http.StatusMethodNotAllowed, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeUnsupported, - }, - }, - }, - }, - }, - }, - { - Method: "DELETE", - Description: "Delete the manifest identified by `name` and `reference`. Note that a manifest can _only_ be deleted by `digest`.", - Requests: []RequestDescriptor{ - { - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - referenceParameterDescriptor, - }, - Successes: []ResponseDescriptor{ - { - StatusCode: http.StatusAccepted, - }, - }, - Failures: []ResponseDescriptor{ - { - Name: "Invalid Name or Reference", - Description: "The specified `name` or `reference` were invalid and the delete was unable to proceed.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameInvalid, - ErrorCodeTagInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - { - Name: "Unknown Manifest", - Description: "The specified `name` or `reference` are unknown to the registry and the delete was unable to proceed. Clients can assume the manifest was already deleted if this response is returned.", - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameUnknown, - ErrorCodeManifestUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Name: "Not allowed", - Description: "Manifest delete is not allowed because the registry is configured as a pull-through cache or `delete` has been disabled.", - StatusCode: http.StatusMethodNotAllowed, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeUnsupported, - }, - }, - }, - }, - }, - }, - }, - }, - - { - Name: RouteNameBlob, - Path: "/v2/{name:" + reference.NameRegexp.String() + "}/blobs/{digest:" + digest.DigestRegexp.String() + "}", - Entity: "Blob", - Description: "Operations on blobs identified by `name` and `digest`. Used to fetch or delete layers by digest.", - Methods: []MethodDescriptor{ - { - Method: "GET", - Description: "Retrieve the blob from the registry identified by `digest`. A `HEAD` request can also be issued to this endpoint to obtain resource information without receiving all data.", - Requests: []RequestDescriptor{ - { - Name: "Fetch Blob", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - digestPathParameter, - }, - Successes: []ResponseDescriptor{ - { - Description: "The blob identified by `digest` is available. The blob content will be present in the body of the request.", - StatusCode: http.StatusOK, - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "The length of the requested blob content.", - Format: "", - }, - digestHeader, - }, - Body: BodyDescriptor{ - ContentType: "application/octet-stream", - Format: "", - }, - }, - { - Description: "The blob identified by `digest` is available at the provided location.", - StatusCode: http.StatusTemporaryRedirect, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Description: "The location where the layer should be accessible.", - Format: "", - }, - digestHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "There was a problem with the request that needs to be addressed by the client, such as an invalid `name` or `tag`.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameInvalid, - ErrorCodeDigestInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The blob, identified by `name` and `digest`, is unknown to the registry.", - StatusCode: http.StatusNotFound, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameUnknown, - ErrorCodeBlobUnknown, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - { - Name: "Fetch Blob Part", - Description: "This endpoint may also support RFC7233 compliant range requests. Support can be detected by issuing a HEAD request. If the header `Accept-Range: bytes` is returned, range requests can be used to fetch partial content.", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - { - Name: "Range", - Type: "string", - Description: "HTTP Range header specifying blob chunk.", - Format: "bytes=-", - }, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - digestPathParameter, - }, - Successes: []ResponseDescriptor{ - { - Description: "The blob identified by `digest` is available. The specified chunk of blob content will be present in the body of the request.", - StatusCode: http.StatusPartialContent, - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "The length of the requested blob chunk.", - Format: "", - }, - { - Name: "Content-Range", - Type: "byte range", - Description: "Content range of blob chunk.", - Format: "bytes -/", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/octet-stream", - Format: "", - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "There was a problem with the request that needs to be addressed by the client, such as an invalid `name` or `tag`.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameInvalid, - ErrorCodeDigestInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameUnknown, - ErrorCodeBlobUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The range specification cannot be satisfied for the requested content. This can happen when the range is not formatted correctly or if the range is outside of the valid size of the content.", - StatusCode: http.StatusRequestedRangeNotSatisfiable, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - { - Method: "DELETE", - Description: "Delete the blob identified by `name` and `digest`", - Requests: []RequestDescriptor{ - { - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - digestPathParameter, - }, - Successes: []ResponseDescriptor{ - { - StatusCode: http.StatusAccepted, - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "0", - Format: "0", - }, - digestHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Name: "Invalid Name or Digest", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - }, - }, - { - Description: "The blob, identified by `name` and `digest`, is unknown to the registry.", - StatusCode: http.StatusNotFound, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameUnknown, - ErrorCodeBlobUnknown, - }, - }, - { - Description: "Blob delete is not allowed because the registry is configured as a pull-through cache or `delete` has been disabled", - StatusCode: http.StatusMethodNotAllowed, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeUnsupported, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - - // TODO(stevvooe): We may want to add a PUT request here to - // kickoff an upload of a blob, integrated with the blob upload - // API. - }, - }, - - { - Name: RouteNameBlobUpload, - Path: "/v2/{name:" + reference.NameRegexp.String() + "}/blobs/uploads/", - Entity: "Initiate Blob Upload", - Description: "Initiate a blob upload. This endpoint can be used to create resumable uploads or monolithic uploads.", - Methods: []MethodDescriptor{ - { - Method: "POST", - Description: "Initiate a resumable blob upload. If successful, an upload location will be provided to complete the upload. Optionally, if the `digest` parameter is present, the request body will be used to complete the upload in a single request.", - Requests: []RequestDescriptor{ - { - Name: "Initiate Monolithic Blob Upload", - Description: "Upload a blob identified by the `digest` parameter in single request. This upload will not be resumable unless a recoverable error is returned.", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - { - Name: "Content-Length", - Type: "integer", - Format: "", - }, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - }, - QueryParameters: []ParameterDescriptor{ - { - Name: "digest", - Type: "query", - Format: "", - Regexp: digest.DigestRegexp, - Description: `Digest of uploaded blob. If present, the upload will be completed, in a single request, with contents of the request body as the resulting blob.`, - }, - }, - Body: BodyDescriptor{ - ContentType: "application/octect-stream", - Format: "", - }, - Successes: []ResponseDescriptor{ - { - Description: "The blob has been created in the registry and is available at the provided location.", - StatusCode: http.StatusCreated, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Format: "", - }, - contentLengthZeroHeader, - dockerUploadUUIDHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Name: "Invalid Name or Digest", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - }, - }, - { - Name: "Not allowed", - Description: "Blob upload is not allowed because the registry is configured as a pull-through cache or for some other reason", - StatusCode: http.StatusMethodNotAllowed, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeUnsupported, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - { - Name: "Initiate Resumable Blob Upload", - Description: "Initiate a resumable blob upload with an empty request body.", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - contentLengthZeroHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - }, - Successes: []ResponseDescriptor{ - { - Description: "The upload has been created. The `Location` header must be used to complete the upload. The response should be identical to a `GET` request on the contents of the returned `Location` header.", - StatusCode: http.StatusAccepted, - Headers: []ParameterDescriptor{ - contentLengthZeroHeader, - { - Name: "Location", - Type: "url", - Format: "/v2//blobs/uploads/", - Description: "The location of the created upload. Clients should use the contents verbatim to complete the upload, adding parameters where required.", - }, - { - Name: "Range", - Format: "0-0", - Description: "Range header indicating the progress of the upload. When starting an upload, it will return an empty range, since no content has been received.", - }, - dockerUploadUUIDHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Name: "Invalid Name or Digest", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - { - Name: "Mount Blob", - Description: "Mount a blob identified by the `mount` parameter from another repository.", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - contentLengthZeroHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - }, - QueryParameters: []ParameterDescriptor{ - { - Name: "mount", - Type: "query", - Format: "", - Regexp: digest.DigestRegexp, - Description: `Digest of blob to mount from the source repository.`, - }, - { - Name: "from", - Type: "query", - Format: "", - Regexp: reference.NameRegexp, - Description: `Name of the source repository.`, - }, - }, - Successes: []ResponseDescriptor{ - { - Description: "The blob has been mounted in the repository and is available at the provided location.", - StatusCode: http.StatusCreated, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Format: "", - }, - contentLengthZeroHeader, - dockerUploadUUIDHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Name: "Invalid Name or Digest", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - }, - }, - { - Name: "Not allowed", - Description: "Blob mount is not allowed because the registry is configured as a pull-through cache or for some other reason", - StatusCode: http.StatusMethodNotAllowed, - ErrorCodes: []errcode.ErrorCode{ - errcode.ErrorCodeUnsupported, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - }, - }, - - { - Name: RouteNameBlobUploadChunk, - Path: "/v2/{name:" + reference.NameRegexp.String() + "}/blobs/uploads/{uuid:[a-zA-Z0-9-_.=]+}", - Entity: "Blob Upload", - Description: "Interact with blob uploads. Clients should never assemble URLs for this endpoint and should only take it through the `Location` header on related API requests. The `Location` header and its parameters should be preserved by clients, using the latest value returned via upload related API calls.", - Methods: []MethodDescriptor{ - { - Method: "GET", - Description: "Retrieve status of upload identified by `uuid`. The primary purpose of this endpoint is to resolve the current status of a resumable upload.", - Requests: []RequestDescriptor{ - { - Description: "Retrieve the progress of the current upload, as reported by the `Range` header.", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - uuidParameterDescriptor, - }, - Successes: []ResponseDescriptor{ - { - Name: "Upload Progress", - Description: "The upload is known and in progress. The last received offset is available in the `Range` header.", - StatusCode: http.StatusNoContent, - Headers: []ParameterDescriptor{ - { - Name: "Range", - Type: "header", - Format: "0-", - Description: "Range indicating the current progress of the upload.", - }, - contentLengthZeroHeader, - dockerUploadUUIDHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "There was an error processing the upload and it must be restarted.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - ErrorCodeBlobUploadInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The upload is unknown to the registry. The upload must be restarted.", - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeBlobUploadUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - { - Method: "PATCH", - Description: "Upload a chunk of data for the specified upload.", - Requests: []RequestDescriptor{ - { - Name: "Stream upload", - Description: "Upload a stream of data to upload without completing the upload.", - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - uuidParameterDescriptor, - }, - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - }, - Body: BodyDescriptor{ - ContentType: "application/octet-stream", - Format: "", - }, - Successes: []ResponseDescriptor{ - { - Name: "Data Accepted", - Description: "The stream of data has been accepted and the current progress is available in the range header. The updated upload location is available in the `Location` header.", - StatusCode: http.StatusNoContent, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Format: "/v2//blobs/uploads/", - Description: "The location of the upload. Clients should assume this changes after each request. Clients should use the contents verbatim to complete the upload, adding parameters where required.", - }, - { - Name: "Range", - Type: "header", - Format: "0-", - Description: "Range indicating the current progress of the upload.", - }, - contentLengthZeroHeader, - dockerUploadUUIDHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "There was an error processing the upload and it must be restarted.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - ErrorCodeBlobUploadInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The upload is unknown to the registry. The upload must be restarted.", - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeBlobUploadUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - { - Name: "Chunked upload", - Description: "Upload a chunk of data to specified upload without completing the upload. The data will be uploaded to the specified Content Range.", - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - uuidParameterDescriptor, - }, - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - { - Name: "Content-Range", - Type: "header", - Format: "-", - Required: true, - Description: "Range of bytes identifying the desired block of content represented by the body. Start must the end offset retrieved via status check plus one. Note that this is a non-standard use of the `Content-Range` header.", - }, - { - Name: "Content-Length", - Type: "integer", - Format: "", - Description: "Length of the chunk being uploaded, corresponding the length of the request body.", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/octet-stream", - Format: "", - }, - Successes: []ResponseDescriptor{ - { - Name: "Chunk Accepted", - Description: "The chunk of data has been accepted and the current progress is available in the range header. The updated upload location is available in the `Location` header.", - StatusCode: http.StatusNoContent, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Format: "/v2//blobs/uploads/", - Description: "The location of the upload. Clients should assume this changes after each request. Clients should use the contents verbatim to complete the upload, adding parameters where required.", - }, - { - Name: "Range", - Type: "header", - Format: "0-", - Description: "Range indicating the current progress of the upload.", - }, - contentLengthZeroHeader, - dockerUploadUUIDHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "There was an error processing the upload and it must be restarted.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - ErrorCodeBlobUploadInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The upload is unknown to the registry. The upload must be restarted.", - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeBlobUploadUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The `Content-Range` specification cannot be accepted, either because it does not overlap with the current progress or it is invalid.", - StatusCode: http.StatusRequestedRangeNotSatisfiable, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - { - Method: "PUT", - Description: "Complete the upload specified by `uuid`, optionally appending the body as the final chunk.", - Requests: []RequestDescriptor{ - { - Description: "Complete the upload, providing all the data in the body, if necessary. A request without a body will just complete the upload with previously uploaded content.", - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - { - Name: "Content-Length", - Type: "integer", - Format: "", - Description: "Length of the data being uploaded, corresponding to the length of the request body. May be zero if no data is provided.", - }, - }, - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - uuidParameterDescriptor, - }, - QueryParameters: []ParameterDescriptor{ - { - Name: "digest", - Type: "string", - Format: "", - Regexp: digest.DigestRegexp, - Required: true, - Description: `Digest of uploaded blob.`, - }, - }, - Body: BodyDescriptor{ - ContentType: "application/octet-stream", - Format: "", - }, - Successes: []ResponseDescriptor{ - { - Name: "Upload Complete", - Description: "The upload has been completed and accepted by the registry. The canonical location will be available in the `Location` header.", - StatusCode: http.StatusNoContent, - Headers: []ParameterDescriptor{ - { - Name: "Location", - Type: "url", - Format: "", - Description: "The canonical location of the blob for retrieval", - }, - { - Name: "Content-Range", - Type: "header", - Format: "-", - Description: "Range of bytes identifying the desired block of content represented by the body. Start must match the end of offset retrieved via status check. Note that this is a non-standard use of the `Content-Range` header.", - }, - contentLengthZeroHeader, - digestHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "There was an error processing the upload and it must be restarted.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeDigestInvalid, - ErrorCodeNameInvalid, - ErrorCodeBlobUploadInvalid, - errcode.ErrorCodeUnsupported, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The upload is unknown to the registry. The upload must be restarted.", - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeBlobUploadUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - { - Method: "DELETE", - Description: "Cancel outstanding upload processes, releasing associated resources. If this is not called, the unfinished uploads will eventually timeout.", - Requests: []RequestDescriptor{ - { - Description: "Cancel the upload specified by `uuid`.", - PathParameters: []ParameterDescriptor{ - nameParameterDescriptor, - uuidParameterDescriptor, - }, - Headers: []ParameterDescriptor{ - hostHeader, - authHeader, - contentLengthZeroHeader, - }, - Successes: []ResponseDescriptor{ - { - Name: "Upload Deleted", - Description: "The upload has been successfully deleted.", - StatusCode: http.StatusNoContent, - Headers: []ParameterDescriptor{ - contentLengthZeroHeader, - }, - }, - }, - Failures: []ResponseDescriptor{ - { - Description: "An error was encountered processing the delete. The client may ignore this error.", - StatusCode: http.StatusBadRequest, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeNameInvalid, - ErrorCodeBlobUploadInvalid, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - { - Description: "The upload is unknown to the registry. The client may ignore this error and assume the upload has been deleted.", - StatusCode: http.StatusNotFound, - ErrorCodes: []errcode.ErrorCode{ - ErrorCodeBlobUploadUnknown, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: errorsBody, - }, - }, - unauthorizedResponseDescriptor, - repositoryNotFoundResponseDescriptor, - deniedResponseDescriptor, - tooManyRequestsDescriptor, - }, - }, - }, - }, - }, - }, - { - Name: RouteNameCatalog, - Path: "/v2/_catalog", - Entity: "Catalog", - Description: "List a set of available repositories in the local registry cluster. Does not provide any indication of what may be available upstream. Applications can only determine if a repository is available but not if it is not available.", - Methods: []MethodDescriptor{ - { - Method: "GET", - Description: "Retrieve a sorted, json list of repositories available in the registry.", - Requests: []RequestDescriptor{ - { - Name: "Catalog Fetch", - Description: "Request an unabridged list of repositories available. The implementation may impose a maximum limit and return a partial set with pagination links.", - Successes: []ResponseDescriptor{ - { - Description: "Returns the unabridged list of repositories as a json response.", - StatusCode: http.StatusOK, - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - }, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: `{ - "repositories": [ - , - ... - ] -}`, - }, - }, - }, - }, - { - Name: "Catalog Fetch Paginated", - Description: "Return the specified portion of repositories.", - QueryParameters: paginationParameters, - Successes: []ResponseDescriptor{ - { - StatusCode: http.StatusOK, - Body: BodyDescriptor{ - ContentType: "application/json; charset=utf-8", - Format: `{ - "repositories": [ - , - ... - ] - "next": "?last=&n=" -}`, - }, - Headers: []ParameterDescriptor{ - { - Name: "Content-Length", - Type: "integer", - Description: "Length of the JSON response body.", - Format: "", - }, - linkHeader, - }, - }, - }, - }, - }, - }, - }, - }, -} - -var routeDescriptorsMap map[string]RouteDescriptor - -func init() { - routeDescriptorsMap = make(map[string]RouteDescriptor, len(routeDescriptors)) - - for _, descriptor := range routeDescriptors { - routeDescriptorsMap[descriptor.Name] = descriptor - } -} diff --git a/vendor/github.com/docker/distribution/registry/api/v2/doc.go b/vendor/github.com/docker/distribution/registry/api/v2/doc.go deleted file mode 100644 index cde01195..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/doc.go +++ /dev/null @@ -1,9 +0,0 @@ -// Package v2 describes routes, urls and the error codes used in the Docker -// Registry JSON HTTP API V2. In addition to declarations, descriptors are -// provided for routes and error codes that can be used for implementation and -// automatically generating documentation. -// -// Definitions here are considered to be locked down for the V2 registry api. -// Any changes must be considered carefully and should not proceed without a -// change proposal in docker core. -package v2 diff --git a/vendor/github.com/docker/distribution/registry/api/v2/errors.go b/vendor/github.com/docker/distribution/registry/api/v2/errors.go deleted file mode 100644 index 97d6923a..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/errors.go +++ /dev/null @@ -1,136 +0,0 @@ -package v2 - -import ( - "net/http" - - "github.com/docker/distribution/registry/api/errcode" -) - -const errGroup = "registry.api.v2" - -var ( - // ErrorCodeDigestInvalid is returned when uploading a blob if the - // provided digest does not match the blob contents. - ErrorCodeDigestInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "DIGEST_INVALID", - Message: "provided digest did not match uploaded content", - Description: `When a blob is uploaded, the registry will check that - the content matches the digest provided by the client. The error may - include a detail structure with the key "digest", including the - invalid digest string. This error may also be returned when a manifest - includes an invalid layer digest.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeSizeInvalid is returned when uploading a blob if the provided - ErrorCodeSizeInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "SIZE_INVALID", - Message: "provided length did not match content length", - Description: `When a layer is uploaded, the provided size will be - checked against the uploaded content. If they do not match, this error - will be returned.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeNameInvalid is returned when the name in the manifest does not - // match the provided name. - ErrorCodeNameInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "NAME_INVALID", - Message: "invalid repository name", - Description: `Invalid repository name encountered either during - manifest validation or any API operation.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeTagInvalid is returned when the tag in the manifest does not - // match the provided tag. - ErrorCodeTagInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "TAG_INVALID", - Message: "manifest tag did not match URI", - Description: `During a manifest upload, if the tag in the manifest - does not match the uri tag, this error will be returned.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeNameUnknown when the repository name is not known. - ErrorCodeNameUnknown = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "NAME_UNKNOWN", - Message: "repository name not known to registry", - Description: `This is returned if the name used during an operation is - unknown to the registry.`, - HTTPStatusCode: http.StatusNotFound, - }) - - // ErrorCodeManifestUnknown returned when image manifest is unknown. - ErrorCodeManifestUnknown = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "MANIFEST_UNKNOWN", - Message: "manifest unknown", - Description: `This error is returned when the manifest, identified by - name and tag is unknown to the repository.`, - HTTPStatusCode: http.StatusNotFound, - }) - - // ErrorCodeManifestInvalid returned when an image manifest is invalid, - // typically during a PUT operation. This error encompasses all errors - // encountered during manifest validation that aren't signature errors. - ErrorCodeManifestInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "MANIFEST_INVALID", - Message: "manifest invalid", - Description: `During upload, manifests undergo several checks ensuring - validity. If those checks fail, this error may be returned, unless a - more specific error is included. The detail will contain information - the failed validation.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeManifestUnverified is returned when the manifest fails - // signature verification. - ErrorCodeManifestUnverified = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "MANIFEST_UNVERIFIED", - Message: "manifest failed signature verification", - Description: `During manifest upload, if the manifest fails signature - verification, this error will be returned.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeManifestBlobUnknown is returned when a manifest blob is - // unknown to the registry. - ErrorCodeManifestBlobUnknown = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "MANIFEST_BLOB_UNKNOWN", - Message: "blob unknown to registry", - Description: `This error may be returned when a manifest blob is - unknown to the registry.`, - HTTPStatusCode: http.StatusBadRequest, - }) - - // ErrorCodeBlobUnknown is returned when a blob is unknown to the - // registry. This can happen when the manifest references a nonexistent - // layer or the result is not found by a blob fetch. - ErrorCodeBlobUnknown = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "BLOB_UNKNOWN", - Message: "blob unknown to registry", - Description: `This error may be returned when a blob is unknown to the - registry in a specified repository. This can be returned with a - standard get or if a manifest references an unknown layer during - upload.`, - HTTPStatusCode: http.StatusNotFound, - }) - - // ErrorCodeBlobUploadUnknown is returned when an upload is unknown. - ErrorCodeBlobUploadUnknown = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "BLOB_UPLOAD_UNKNOWN", - Message: "blob upload unknown to registry", - Description: `If a blob upload has been cancelled or was never - started, this error code may be returned.`, - HTTPStatusCode: http.StatusNotFound, - }) - - // ErrorCodeBlobUploadInvalid is returned when an upload is invalid. - ErrorCodeBlobUploadInvalid = errcode.Register(errGroup, errcode.ErrorDescriptor{ - Value: "BLOB_UPLOAD_INVALID", - Message: "blob upload invalid", - Description: `The blob upload encountered an error and can no - longer proceed.`, - HTTPStatusCode: http.StatusNotFound, - }) -) diff --git a/vendor/github.com/docker/distribution/registry/api/v2/headerparser.go b/vendor/github.com/docker/distribution/registry/api/v2/headerparser.go deleted file mode 100644 index 9bc41a3a..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/headerparser.go +++ /dev/null @@ -1,161 +0,0 @@ -package v2 - -import ( - "fmt" - "regexp" - "strings" - "unicode" -) - -var ( - // according to rfc7230 - reToken = regexp.MustCompile(`^[^"(),/:;<=>?@[\]{}[:space:][:cntrl:]]+`) - reQuotedValue = regexp.MustCompile(`^[^\\"]+`) - reEscapedCharacter = regexp.MustCompile(`^[[:blank:][:graph:]]`) -) - -// parseForwardedHeader is a benevolent parser of Forwarded header defined in rfc7239. The header contains -// a comma-separated list of forwarding key-value pairs. Each list element is set by single proxy. The -// function parses only the first element of the list, which is set by the very first proxy. It returns a map -// of corresponding key-value pairs and an unparsed slice of the input string. -// -// Examples of Forwarded header values: -// -// 1. Forwarded: For=192.0.2.43; Proto=https,For="[2001:db8:cafe::17]",For=unknown -// 2. Forwarded: for="192.0.2.43:443"; host="registry.example.org", for="10.10.05.40:80" -// -// The first will be parsed into {"for": "192.0.2.43", "proto": "https"} while the second into -// {"for": "192.0.2.43:443", "host": "registry.example.org"}. -func parseForwardedHeader(forwarded string) (map[string]string, string, error) { - // Following are states of forwarded header parser. Any state could transition to a failure. - const ( - // terminating state; can transition to Parameter - stateElement = iota - // terminating state; can transition to KeyValueDelimiter - stateParameter - // can transition to Value - stateKeyValueDelimiter - // can transition to one of { QuotedValue, PairEnd } - stateValue - // can transition to one of { EscapedCharacter, PairEnd } - stateQuotedValue - // can transition to one of { QuotedValue } - stateEscapedCharacter - // terminating state; can transition to one of { Parameter, Element } - statePairEnd - ) - - var ( - parameter string - value string - parse = forwarded[:] - res = map[string]string{} - state = stateElement - ) - -Loop: - for { - // skip spaces unless in quoted value - if state != stateQuotedValue && state != stateEscapedCharacter { - parse = strings.TrimLeftFunc(parse, unicode.IsSpace) - } - - if len(parse) == 0 { - if state != stateElement && state != statePairEnd && state != stateParameter { - return nil, parse, fmt.Errorf("unexpected end of input") - } - // terminating - break - } - - switch state { - // terminate at list element delimiter - case stateElement: - if parse[0] == ',' { - parse = parse[1:] - break Loop - } - state = stateParameter - - // parse parameter (the key of key-value pair) - case stateParameter: - match := reToken.FindString(parse) - if len(match) == 0 { - return nil, parse, fmt.Errorf("failed to parse token at position %d", len(forwarded)-len(parse)) - } - parameter = strings.ToLower(match) - parse = parse[len(match):] - state = stateKeyValueDelimiter - - // parse '=' - case stateKeyValueDelimiter: - if parse[0] != '=' { - return nil, parse, fmt.Errorf("expected '=', not '%c' at position %d", parse[0], len(forwarded)-len(parse)) - } - parse = parse[1:] - state = stateValue - - // parse value or quoted value - case stateValue: - if parse[0] == '"' { - parse = parse[1:] - state = stateQuotedValue - } else { - value = reToken.FindString(parse) - if len(value) == 0 { - return nil, parse, fmt.Errorf("failed to parse value at position %d", len(forwarded)-len(parse)) - } - if _, exists := res[parameter]; exists { - return nil, parse, fmt.Errorf("duplicate parameter %q at position %d", parameter, len(forwarded)-len(parse)) - } - res[parameter] = value - parse = parse[len(value):] - value = "" - state = statePairEnd - } - - // parse a part of quoted value until the first backslash - case stateQuotedValue: - match := reQuotedValue.FindString(parse) - value += match - parse = parse[len(match):] - switch { - case len(parse) == 0: - return nil, parse, fmt.Errorf("unterminated quoted string") - case parse[0] == '"': - res[parameter] = value - value = "" - parse = parse[1:] - state = statePairEnd - case parse[0] == '\\': - parse = parse[1:] - state = stateEscapedCharacter - } - - // parse escaped character in a quoted string, ignore the backslash - // transition back to QuotedValue state - case stateEscapedCharacter: - c := reEscapedCharacter.FindString(parse) - if len(c) == 0 { - return nil, parse, fmt.Errorf("invalid escape sequence at position %d", len(forwarded)-len(parse)-1) - } - value += c - parse = parse[1:] - state = stateQuotedValue - - // expect either a new key-value pair, new list or end of input - case statePairEnd: - switch parse[0] { - case ';': - parse = parse[1:] - state = stateParameter - case ',': - state = stateElement - default: - return nil, parse, fmt.Errorf("expected ',' or ';', not %c at position %d", parse[0], len(forwarded)-len(parse)) - } - } - } - - return res, parse, nil -} diff --git a/vendor/github.com/docker/distribution/registry/api/v2/headerparser_test.go b/vendor/github.com/docker/distribution/registry/api/v2/headerparser_test.go deleted file mode 100644 index b8c37490..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/headerparser_test.go +++ /dev/null @@ -1,161 +0,0 @@ -package v2 - -import ( - "testing" -) - -func TestParseForwardedHeader(t *testing.T) { - for _, tc := range []struct { - name string - raw string - expected map[string]string - expectedRest string - expectedError bool - }{ - { - name: "empty", - raw: "", - }, - { - name: "one pair", - raw: " key = value ", - expected: map[string]string{"key": "value"}, - }, - { - name: "two pairs", - raw: " key1 = value1; key2=value2", - expected: map[string]string{"key1": "value1", "key2": "value2"}, - }, - { - name: "uppercase parameter", - raw: "KeY=VaL", - expected: map[string]string{"key": "VaL"}, - }, - { - name: "missing key=value pair - be tolerant", - raw: "key=val;", - expected: map[string]string{"key": "val"}, - }, - { - name: "quoted values", - raw: `key="val";param = "[[ $((1 + 1)) == 3 ]] && echo panic!;" ; p=" abcd "`, - expected: map[string]string{"key": "val", "param": "[[ $((1 + 1)) == 3 ]] && echo panic!;", "p": " abcd "}, - }, - { - name: "empty quoted value", - raw: `key=""`, - expected: map[string]string{"key": ""}, - }, - { - name: "quoted double quotes", - raw: `key="\"value\""`, - expected: map[string]string{"key": `"value"`}, - }, - { - name: "quoted backslash", - raw: `key="\"\\\""`, - expected: map[string]string{"key": `"\"`}, - }, - { - name: "ignore subsequent elements", - raw: "key=a, param= b", - expected: map[string]string{"key": "a"}, - expectedRest: " param= b", - }, - { - name: "empty element - be tolerant", - raw: " , key=val", - expectedRest: " key=val", - }, - { - name: "obscure key", - raw: `ob₷C&r€ = value`, - expected: map[string]string{`ob₷c&r€`: "value"}, - }, - { - name: "duplicate parameter", - raw: "key=a; p=b; key=c", - expectedError: true, - }, - { - name: "empty parameter", - raw: "=value", - expectedError: true, - }, - { - name: "empty value", - raw: "key= ", - expectedError: true, - }, - { - name: "empty value before a new element ", - raw: "key=,", - expectedError: true, - }, - { - name: "empty value before a new pair", - raw: "key=;", - expectedError: true, - }, - { - name: "just parameter", - raw: "key", - expectedError: true, - }, - { - name: "missing key-value", - raw: "a=b;;", - expectedError: true, - }, - { - name: "unclosed quoted value", - raw: `key="value`, - expectedError: true, - }, - { - name: "escaped terminating dquote", - raw: `key="value\"`, - expectedError: true, - }, - { - name: "just a quoted value", - raw: `"key=val"`, - expectedError: true, - }, - { - name: "quoted key", - raw: `"key"=val`, - expectedError: true, - }, - } { - parsed, rest, err := parseForwardedHeader(tc.raw) - if err != nil && !tc.expectedError { - t.Errorf("[%s] got unexpected error: %v", tc.name, err) - } - if err == nil && tc.expectedError { - t.Errorf("[%s] got unexpected non-error", tc.name) - } - if err != nil || tc.expectedError { - continue - } - for key, value := range tc.expected { - v, exists := parsed[key] - if !exists { - t.Errorf("[%s] missing expected parameter %q", tc.name, key) - continue - } - if v != value { - t.Errorf("[%s] got unexpected value for parameter %q: %q != %q", tc.name, key, v, value) - } - } - for key, value := range parsed { - if _, exists := tc.expected[key]; !exists { - t.Errorf("[%s] got unexpected key/value pair: %q=%q", tc.name, key, value) - } - } - - if rest != tc.expectedRest { - t.Errorf("[%s] got unexpected unparsed string: %q != %q", tc.name, rest, tc.expectedRest) - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/api/v2/routes.go b/vendor/github.com/docker/distribution/registry/api/v2/routes.go deleted file mode 100644 index 5b80d5be..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/routes.go +++ /dev/null @@ -1,49 +0,0 @@ -package v2 - -import "github.com/gorilla/mux" - -// The following are definitions of the name under which all V2 routes are -// registered. These symbols can be used to look up a route based on the name. -const ( - RouteNameBase = "base" - RouteNameManifest = "manifest" - RouteNameTags = "tags" - RouteNameBlob = "blob" - RouteNameBlobUpload = "blob-upload" - RouteNameBlobUploadChunk = "blob-upload-chunk" - RouteNameCatalog = "catalog" -) - -var allEndpoints = []string{ - RouteNameManifest, - RouteNameCatalog, - RouteNameTags, - RouteNameBlob, - RouteNameBlobUpload, - RouteNameBlobUploadChunk, -} - -// Router builds a gorilla router with named routes for the various API -// methods. This can be used directly by both server implementations and -// clients. -func Router() *mux.Router { - return RouterWithPrefix("") -} - -// RouterWithPrefix builds a gorilla router with a configured prefix -// on all routes. -func RouterWithPrefix(prefix string) *mux.Router { - rootRouter := mux.NewRouter() - router := rootRouter - if prefix != "" { - router = router.PathPrefix(prefix).Subrouter() - } - - router.StrictSlash(true) - - for _, descriptor := range routeDescriptors { - router.Path(descriptor.Path).Name(descriptor.Name) - } - - return rootRouter -} diff --git a/vendor/github.com/docker/distribution/registry/api/v2/routes_test.go b/vendor/github.com/docker/distribution/registry/api/v2/routes_test.go deleted file mode 100644 index f632d981..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/routes_test.go +++ /dev/null @@ -1,355 +0,0 @@ -package v2 - -import ( - "encoding/json" - "fmt" - "math/rand" - "net/http" - "net/http/httptest" - "reflect" - "strings" - "testing" - "time" - - "github.com/gorilla/mux" -) - -type routeTestCase struct { - RequestURI string - ExpectedURI string - Vars map[string]string - RouteName string - StatusCode int -} - -// TestRouter registers a test handler with all the routes and ensures that -// each route returns the expected path variables. Not method verification is -// present. This not meant to be exhaustive but as check to ensure that the -// expected variables are extracted. -// -// This may go away as the application structure comes together. -func TestRouter(t *testing.T) { - testCases := []routeTestCase{ - { - RouteName: RouteNameBase, - RequestURI: "/v2/", - Vars: map[string]string{}, - }, - { - RouteName: RouteNameManifest, - RequestURI: "/v2/foo/manifests/bar", - Vars: map[string]string{ - "name": "foo", - "reference": "bar", - }, - }, - { - RouteName: RouteNameManifest, - RequestURI: "/v2/foo/bar/manifests/tag", - Vars: map[string]string{ - "name": "foo/bar", - "reference": "tag", - }, - }, - { - RouteName: RouteNameManifest, - RequestURI: "/v2/foo/bar/manifests/sha256:abcdef01234567890", - Vars: map[string]string{ - "name": "foo/bar", - "reference": "sha256:abcdef01234567890", - }, - }, - { - RouteName: RouteNameTags, - RequestURI: "/v2/foo/bar/tags/list", - Vars: map[string]string{ - "name": "foo/bar", - }, - }, - { - RouteName: RouteNameTags, - RequestURI: "/v2/docker.com/foo/tags/list", - Vars: map[string]string{ - "name": "docker.com/foo", - }, - }, - { - RouteName: RouteNameTags, - RequestURI: "/v2/docker.com/foo/bar/tags/list", - Vars: map[string]string{ - "name": "docker.com/foo/bar", - }, - }, - { - RouteName: RouteNameTags, - RequestURI: "/v2/docker.com/foo/bar/baz/tags/list", - Vars: map[string]string{ - "name": "docker.com/foo/bar/baz", - }, - }, - { - RouteName: RouteNameBlob, - RequestURI: "/v2/foo/bar/blobs/sha256:abcdef0919234", - Vars: map[string]string{ - "name": "foo/bar", - "digest": "sha256:abcdef0919234", - }, - }, - { - RouteName: RouteNameBlobUpload, - RequestURI: "/v2/foo/bar/blobs/uploads/", - Vars: map[string]string{ - "name": "foo/bar", - }, - }, - { - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/bar/blobs/uploads/uuid", - Vars: map[string]string{ - "name": "foo/bar", - "uuid": "uuid", - }, - }, - { - // support uuid proper - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/bar/blobs/uploads/D95306FA-FAD3-4E36-8D41-CF1C93EF8286", - Vars: map[string]string{ - "name": "foo/bar", - "uuid": "D95306FA-FAD3-4E36-8D41-CF1C93EF8286", - }, - }, - { - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/bar/blobs/uploads/RDk1MzA2RkEtRkFEMy00RTM2LThENDEtQ0YxQzkzRUY4Mjg2IA==", - Vars: map[string]string{ - "name": "foo/bar", - "uuid": "RDk1MzA2RkEtRkFEMy00RTM2LThENDEtQ0YxQzkzRUY4Mjg2IA==", - }, - }, - { - // supports urlsafe base64 - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/bar/blobs/uploads/RDk1MzA2RkEtRkFEMy00RTM2LThENDEtQ0YxQzkzRUY4Mjg2IA_-==", - Vars: map[string]string{ - "name": "foo/bar", - "uuid": "RDk1MzA2RkEtRkFEMy00RTM2LThENDEtQ0YxQzkzRUY4Mjg2IA_-==", - }, - }, - { - // does not match - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/bar/blobs/uploads/totalandcompletejunk++$$-==", - StatusCode: http.StatusNotFound, - }, - { - // Check ambiguity: ensure we can distinguish between tags for - // "foo/bar/image/image" and image for "foo/bar/image" with tag - // "tags" - RouteName: RouteNameManifest, - RequestURI: "/v2/foo/bar/manifests/manifests/tags", - Vars: map[string]string{ - "name": "foo/bar/manifests", - "reference": "tags", - }, - }, - { - // This case presents an ambiguity between foo/bar with tag="tags" - // and list tags for "foo/bar/manifest" - RouteName: RouteNameTags, - RequestURI: "/v2/foo/bar/manifests/tags/list", - Vars: map[string]string{ - "name": "foo/bar/manifests", - }, - }, - { - RouteName: RouteNameManifest, - RequestURI: "/v2/locahost:8080/foo/bar/baz/manifests/tag", - Vars: map[string]string{ - "name": "locahost:8080/foo/bar/baz", - "reference": "tag", - }, - }, - } - - checkTestRouter(t, testCases, "", true) - checkTestRouter(t, testCases, "/prefix/", true) -} - -func TestRouterWithPathTraversals(t *testing.T) { - testCases := []routeTestCase{ - { - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/../../blob/uploads/D95306FA-FAD3-4E36-8D41-CF1C93EF8286", - ExpectedURI: "/blob/uploads/D95306FA-FAD3-4E36-8D41-CF1C93EF8286", - StatusCode: http.StatusNotFound, - }, - { - // Testing for path traversal attack handling - RouteName: RouteNameTags, - RequestURI: "/v2/foo/../bar/baz/tags/list", - ExpectedURI: "/v2/bar/baz/tags/list", - Vars: map[string]string{ - "name": "bar/baz", - }, - }, - } - checkTestRouter(t, testCases, "", false) -} - -func TestRouterWithBadCharacters(t *testing.T) { - if testing.Short() { - testCases := []routeTestCase{ - { - RouteName: RouteNameBlobUploadChunk, - RequestURI: "/v2/foo/blob/uploads/不95306FA-FAD3-4E36-8D41-CF1C93EF8286", - StatusCode: http.StatusNotFound, - }, - { - // Testing for path traversal attack handling - RouteName: RouteNameTags, - RequestURI: "/v2/foo/不bar/tags/list", - StatusCode: http.StatusNotFound, - }, - } - checkTestRouter(t, testCases, "", true) - } else { - // in the long version we're going to fuzz the router - // with random UTF8 characters not in the 128 bit ASCII range. - // These are not valid characters for the router and we expect - // 404s on every test. - rand.Seed(time.Now().UTC().UnixNano()) - testCases := make([]routeTestCase, 1000) - for idx := range testCases { - testCases[idx] = routeTestCase{ - RouteName: RouteNameTags, - RequestURI: fmt.Sprintf("/v2/%v/%v/tags/list", randomString(10), randomString(10)), - StatusCode: http.StatusNotFound, - } - } - checkTestRouter(t, testCases, "", true) - } -} - -func checkTestRouter(t *testing.T, testCases []routeTestCase, prefix string, deeplyEqual bool) { - router := RouterWithPrefix(prefix) - - testHandler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - testCase := routeTestCase{ - RequestURI: r.RequestURI, - Vars: mux.Vars(r), - RouteName: mux.CurrentRoute(r).GetName(), - } - - enc := json.NewEncoder(w) - - if err := enc.Encode(testCase); err != nil { - http.Error(w, err.Error(), http.StatusInternalServerError) - return - } - }) - - // Startup test server - server := httptest.NewServer(router) - - for _, testcase := range testCases { - testcase.RequestURI = strings.TrimSuffix(prefix, "/") + testcase.RequestURI - // Register the endpoint - route := router.GetRoute(testcase.RouteName) - if route == nil { - t.Fatalf("route for name %q not found", testcase.RouteName) - } - - route.Handler(testHandler) - - u := server.URL + testcase.RequestURI - - resp, err := http.Get(u) - - if err != nil { - t.Fatalf("error issuing get request: %v", err) - } - - if testcase.StatusCode == 0 { - // Override default, zero-value - testcase.StatusCode = http.StatusOK - } - if testcase.ExpectedURI == "" { - // Override default, zero-value - testcase.ExpectedURI = testcase.RequestURI - } - - if resp.StatusCode != testcase.StatusCode { - t.Fatalf("unexpected status for %s: %v %v", u, resp.Status, resp.StatusCode) - } - - if testcase.StatusCode != http.StatusOK { - resp.Body.Close() - // We don't care about json response. - continue - } - - dec := json.NewDecoder(resp.Body) - - var actualRouteInfo routeTestCase - if err := dec.Decode(&actualRouteInfo); err != nil { - t.Fatalf("error reading json response: %v", err) - } - // Needs to be set out of band - actualRouteInfo.StatusCode = resp.StatusCode - - if actualRouteInfo.RequestURI != testcase.ExpectedURI { - t.Fatalf("URI %v incorrectly parsed, expected %v", actualRouteInfo.RequestURI, testcase.ExpectedURI) - } - - if actualRouteInfo.RouteName != testcase.RouteName { - t.Fatalf("incorrect route %q matched, expected %q", actualRouteInfo.RouteName, testcase.RouteName) - } - - // when testing deep equality, the actualRouteInfo has an empty ExpectedURI, we don't want - // that to make the comparison fail. We're otherwise done with the testcase so empty the - // testcase.ExpectedURI - testcase.ExpectedURI = "" - if deeplyEqual && !reflect.DeepEqual(actualRouteInfo, testcase) { - t.Fatalf("actual does not equal expected: %#v != %#v", actualRouteInfo, testcase) - } - - resp.Body.Close() - } - -} - -// -------------- START LICENSED CODE -------------- -// The following code is derivative of https://github.com/google/gofuzz -// gofuzz is licensed under the Apache License, Version 2.0, January 2004, -// a copy of which can be found in the LICENSE file at the root of this -// repository. - -// These functions allow us to generate strings containing only multibyte -// characters that are invalid in our URLs. They are used above for fuzzing -// to ensure we always get 404s on these invalid strings -type charRange struct { - first, last rune -} - -// choose returns a random unicode character from the given range, using the -// given randomness source. -func (r *charRange) choose() rune { - count := int64(r.last - r.first) - return r.first + rune(rand.Int63n(count)) -} - -var unicodeRanges = []charRange{ - {'\u00a0', '\u02af'}, // Multi-byte encoded characters - {'\u4e00', '\u9fff'}, // Common CJK (even longer encodings) -} - -func randomString(length int) string { - runes := make([]rune, length) - for i := range runes { - runes[i] = unicodeRanges[rand.Intn(len(unicodeRanges))].choose() - } - return string(runes) -} - -// -------------- END LICENSED CODE -------------- diff --git a/vendor/github.com/docker/distribution/registry/api/v2/urls.go b/vendor/github.com/docker/distribution/registry/api/v2/urls.go deleted file mode 100644 index 5e24ca9b..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/urls.go +++ /dev/null @@ -1,263 +0,0 @@ -package v2 - -import ( - "net/http" - "net/url" - "strings" - - "github.com/docker/distribution/reference" - "github.com/gorilla/mux" -) - -// URLBuilder creates registry API urls from a single base endpoint. It can be -// used to create urls for use in a registry client or server. -// -// All urls will be created from the given base, including the api version. -// For example, if a root of "/foo/" is provided, urls generated will be fall -// under "/foo/v2/...". Most application will only provide a schema, host and -// port, such as "https://localhost:5000/". -type URLBuilder struct { - root *url.URL // url root (ie http://localhost/) - router *mux.Router - relative bool -} - -// NewURLBuilder creates a URLBuilder with provided root url object. -func NewURLBuilder(root *url.URL, relative bool) *URLBuilder { - return &URLBuilder{ - root: root, - router: Router(), - relative: relative, - } -} - -// NewURLBuilderFromString workes identically to NewURLBuilder except it takes -// a string argument for the root, returning an error if it is not a valid -// url. -func NewURLBuilderFromString(root string, relative bool) (*URLBuilder, error) { - u, err := url.Parse(root) - if err != nil { - return nil, err - } - - return NewURLBuilder(u, relative), nil -} - -// NewURLBuilderFromRequest uses information from an *http.Request to -// construct the root url. -func NewURLBuilderFromRequest(r *http.Request, relative bool) *URLBuilder { - var ( - scheme = "http" - host = r.Host - ) - - if r.TLS != nil { - scheme = "https" - } else if len(r.URL.Scheme) > 0 { - scheme = r.URL.Scheme - } - - // Handle fowarded headers - // Prefer "Forwarded" header as defined by rfc7239 if given - // see https://tools.ietf.org/html/rfc7239 - if forwarded := r.Header.Get("Forwarded"); len(forwarded) > 0 { - forwardedHeader, _, err := parseForwardedHeader(forwarded) - if err == nil { - if fproto := forwardedHeader["proto"]; len(fproto) > 0 { - scheme = fproto - } - if fhost := forwardedHeader["host"]; len(fhost) > 0 { - host = fhost - } - } - } else { - if forwardedProto := r.Header.Get("X-Forwarded-Proto"); len(forwardedProto) > 0 { - scheme = forwardedProto - } - if forwardedHost := r.Header.Get("X-Forwarded-Host"); len(forwardedHost) > 0 { - // According to the Apache mod_proxy docs, X-Forwarded-Host can be a - // comma-separated list of hosts, to which each proxy appends the - // requested host. We want to grab the first from this comma-separated - // list. - hosts := strings.SplitN(forwardedHost, ",", 2) - host = strings.TrimSpace(hosts[0]) - } - } - - basePath := routeDescriptorsMap[RouteNameBase].Path - - requestPath := r.URL.Path - index := strings.Index(requestPath, basePath) - - u := &url.URL{ - Scheme: scheme, - Host: host, - } - - if index > 0 { - // N.B. index+1 is important because we want to include the trailing / - u.Path = requestPath[0 : index+1] - } - - return NewURLBuilder(u, relative) -} - -// BuildBaseURL constructs a base url for the API, typically just "/v2/". -func (ub *URLBuilder) BuildBaseURL() (string, error) { - route := ub.cloneRoute(RouteNameBase) - - baseURL, err := route.URL() - if err != nil { - return "", err - } - - return baseURL.String(), nil -} - -// BuildCatalogURL constructs a url get a catalog of repositories -func (ub *URLBuilder) BuildCatalogURL(values ...url.Values) (string, error) { - route := ub.cloneRoute(RouteNameCatalog) - - catalogURL, err := route.URL() - if err != nil { - return "", err - } - - return appendValuesURL(catalogURL, values...).String(), nil -} - -// BuildTagsURL constructs a url to list the tags in the named repository. -func (ub *URLBuilder) BuildTagsURL(name reference.Named) (string, error) { - route := ub.cloneRoute(RouteNameTags) - - tagsURL, err := route.URL("name", name.Name()) - if err != nil { - return "", err - } - - return tagsURL.String(), nil -} - -// BuildManifestURL constructs a url for the manifest identified by name and -// reference. The argument reference may be either a tag or digest. -func (ub *URLBuilder) BuildManifestURL(ref reference.Named) (string, error) { - route := ub.cloneRoute(RouteNameManifest) - - tagOrDigest := "" - switch v := ref.(type) { - case reference.Tagged: - tagOrDigest = v.Tag() - case reference.Digested: - tagOrDigest = v.Digest().String() - } - - manifestURL, err := route.URL("name", ref.Name(), "reference", tagOrDigest) - if err != nil { - return "", err - } - - return manifestURL.String(), nil -} - -// BuildBlobURL constructs the url for the blob identified by name and dgst. -func (ub *URLBuilder) BuildBlobURL(ref reference.Canonical) (string, error) { - route := ub.cloneRoute(RouteNameBlob) - - layerURL, err := route.URL("name", ref.Name(), "digest", ref.Digest().String()) - if err != nil { - return "", err - } - - return layerURL.String(), nil -} - -// BuildBlobUploadURL constructs a url to begin a blob upload in the -// repository identified by name. -func (ub *URLBuilder) BuildBlobUploadURL(name reference.Named, values ...url.Values) (string, error) { - route := ub.cloneRoute(RouteNameBlobUpload) - - uploadURL, err := route.URL("name", name.Name()) - if err != nil { - return "", err - } - - return appendValuesURL(uploadURL, values...).String(), nil -} - -// BuildBlobUploadChunkURL constructs a url for the upload identified by uuid, -// including any url values. This should generally not be used by clients, as -// this url is provided by server implementations during the blob upload -// process. -func (ub *URLBuilder) BuildBlobUploadChunkURL(name reference.Named, uuid string, values ...url.Values) (string, error) { - route := ub.cloneRoute(RouteNameBlobUploadChunk) - - uploadURL, err := route.URL("name", name.Name(), "uuid", uuid) - if err != nil { - return "", err - } - - return appendValuesURL(uploadURL, values...).String(), nil -} - -// clondedRoute returns a clone of the named route from the router. Routes -// must be cloned to avoid modifying them during url generation. -func (ub *URLBuilder) cloneRoute(name string) clonedRoute { - route := new(mux.Route) - root := new(url.URL) - - *route = *ub.router.GetRoute(name) // clone the route - *root = *ub.root - - return clonedRoute{Route: route, root: root, relative: ub.relative} -} - -type clonedRoute struct { - *mux.Route - root *url.URL - relative bool -} - -func (cr clonedRoute) URL(pairs ...string) (*url.URL, error) { - routeURL, err := cr.Route.URL(pairs...) - if err != nil { - return nil, err - } - - if cr.relative { - return routeURL, nil - } - - if routeURL.Scheme == "" && routeURL.User == nil && routeURL.Host == "" { - routeURL.Path = routeURL.Path[1:] - } - - url := cr.root.ResolveReference(routeURL) - url.Scheme = cr.root.Scheme - return url, nil -} - -// appendValuesURL appends the parameters to the url. -func appendValuesURL(u *url.URL, values ...url.Values) *url.URL { - merged := u.Query() - - for _, v := range values { - for k, vv := range v { - merged[k] = append(merged[k], vv...) - } - } - - u.RawQuery = merged.Encode() - return u -} - -// appendValues appends the parameters to the url. Panics if the string is not -// a url. -func appendValues(u string, values ...url.Values) string { - up, err := url.Parse(u) - - if err != nil { - panic(err) // should never happen - } - - return appendValuesURL(up, values...).String() -} diff --git a/vendor/github.com/docker/distribution/registry/api/v2/urls_test.go b/vendor/github.com/docker/distribution/registry/api/v2/urls_test.go deleted file mode 100644 index 6d8973fa..00000000 --- a/vendor/github.com/docker/distribution/registry/api/v2/urls_test.go +++ /dev/null @@ -1,484 +0,0 @@ -package v2 - -import ( - "net/http" - "net/url" - "testing" - - "github.com/docker/distribution/reference" -) - -type urlBuilderTestCase struct { - description string - expectedPath string - build func() (string, error) -} - -func makeURLBuilderTestCases(urlBuilder *URLBuilder) []urlBuilderTestCase { - fooBarRef, _ := reference.ParseNamed("foo/bar") - return []urlBuilderTestCase{ - { - description: "test base url", - expectedPath: "/v2/", - build: urlBuilder.BuildBaseURL, - }, - { - description: "test tags url", - expectedPath: "/v2/foo/bar/tags/list", - build: func() (string, error) { - return urlBuilder.BuildTagsURL(fooBarRef) - }, - }, - { - description: "test manifest url", - expectedPath: "/v2/foo/bar/manifests/tag", - build: func() (string, error) { - ref, _ := reference.WithTag(fooBarRef, "tag") - return urlBuilder.BuildManifestURL(ref) - }, - }, - { - description: "build blob url", - expectedPath: "/v2/foo/bar/blobs/sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5", - build: func() (string, error) { - ref, _ := reference.WithDigest(fooBarRef, "sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5") - return urlBuilder.BuildBlobURL(ref) - }, - }, - { - description: "build blob upload url", - expectedPath: "/v2/foo/bar/blobs/uploads/", - build: func() (string, error) { - return urlBuilder.BuildBlobUploadURL(fooBarRef) - }, - }, - { - description: "build blob upload url with digest and size", - expectedPath: "/v2/foo/bar/blobs/uploads/?digest=sha256%3A3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5&size=10000", - build: func() (string, error) { - return urlBuilder.BuildBlobUploadURL(fooBarRef, url.Values{ - "size": []string{"10000"}, - "digest": []string{"sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5"}, - }) - }, - }, - { - description: "build blob upload chunk url", - expectedPath: "/v2/foo/bar/blobs/uploads/uuid-part", - build: func() (string, error) { - return urlBuilder.BuildBlobUploadChunkURL(fooBarRef, "uuid-part") - }, - }, - { - description: "build blob upload chunk url with digest and size", - expectedPath: "/v2/foo/bar/blobs/uploads/uuid-part?digest=sha256%3A3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5&size=10000", - build: func() (string, error) { - return urlBuilder.BuildBlobUploadChunkURL(fooBarRef, "uuid-part", url.Values{ - "size": []string{"10000"}, - "digest": []string{"sha256:3b3692957d439ac1928219a83fac91e7bf96c153725526874673ae1f2023f8d5"}, - }) - }, - }, - } -} - -// TestURLBuilder tests the various url building functions, ensuring they are -// returning the expected values. -func TestURLBuilder(t *testing.T) { - roots := []string{ - "http://example.com", - "https://example.com", - "http://localhost:5000", - "https://localhost:5443", - } - - doTest := func(relative bool) { - for _, root := range roots { - urlBuilder, err := NewURLBuilderFromString(root, relative) - if err != nil { - t.Fatalf("unexpected error creating urlbuilder: %v", err) - } - - for _, testCase := range makeURLBuilderTestCases(urlBuilder) { - url, err := testCase.build() - if err != nil { - t.Fatalf("%s: error building url: %v", testCase.description, err) - } - expectedURL := testCase.expectedPath - if !relative { - expectedURL = root + expectedURL - } - - if url != expectedURL { - t.Fatalf("%s: %q != %q", testCase.description, url, expectedURL) - } - } - } - } - doTest(true) - doTest(false) -} - -func TestURLBuilderWithPrefix(t *testing.T) { - roots := []string{ - "http://example.com/prefix/", - "https://example.com/prefix/", - "http://localhost:5000/prefix/", - "https://localhost:5443/prefix/", - } - - doTest := func(relative bool) { - for _, root := range roots { - urlBuilder, err := NewURLBuilderFromString(root, relative) - if err != nil { - t.Fatalf("unexpected error creating urlbuilder: %v", err) - } - - for _, testCase := range makeURLBuilderTestCases(urlBuilder) { - url, err := testCase.build() - if err != nil { - t.Fatalf("%s: error building url: %v", testCase.description, err) - } - - expectedURL := testCase.expectedPath - if !relative { - expectedURL = root[0:len(root)-1] + expectedURL - } - if url != expectedURL { - t.Fatalf("%s: %q != %q", testCase.description, url, expectedURL) - } - } - } - } - doTest(true) - doTest(false) -} - -type builderFromRequestTestCase struct { - request *http.Request - base string -} - -func TestBuilderFromRequest(t *testing.T) { - u, err := url.Parse("http://example.com") - if err != nil { - t.Fatal(err) - } - - testRequests := []struct { - name string - request *http.Request - base string - configHost url.URL - }{ - { - name: "no forwarded header", - request: &http.Request{URL: u, Host: u.Host}, - base: "http://example.com", - }, - { - name: "https protocol forwarded with a non-standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Custom-Forwarded-Proto": []string{"https"}, - }}, - base: "http://example.com", - }, - { - name: "forwarded protocol is the same", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{"https"}, - }}, - base: "https://example.com", - }, - { - name: "forwarded host with a non-standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"first.example.com"}, - }}, - base: "http://first.example.com", - }, - { - name: "forwarded multiple hosts a with non-standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"first.example.com, proxy1.example.com"}, - }}, - base: "http://first.example.com", - }, - { - name: "host configured in config file takes priority", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"first.example.com, proxy1.example.com"}, - }}, - base: "https://third.example.com:5000", - configHost: url.URL{ - Scheme: "https", - Host: "third.example.com:5000", - }, - }, - { - name: "forwarded host and port with just one non-standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"first.example.com:443"}, - }}, - base: "http://first.example.com:443", - }, - { - name: "forwarded port with a non-standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"example.com:5000"}, - "X-Forwarded-Port": []string{"5000"}, - }}, - base: "http://example.com:5000", - }, - { - name: "forwarded multiple ports with a non-standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Port": []string{"443 , 5001"}, - }}, - base: "http://example.com", - }, - { - name: "forwarded standard port with non-standard headers", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{"https"}, - "X-Forwarded-Host": []string{"example.com"}, - "X-Forwarded-Port": []string{"443"}, - }}, - base: "https://example.com", - }, - { - name: "forwarded standard port with non-standard headers and explicit port", - request: &http.Request{URL: u, Host: u.Host + ":443", Header: http.Header{ - "X-Forwarded-Proto": []string{"https"}, - "X-Forwarded-Host": []string{u.Host + ":443"}, - "X-Forwarded-Port": []string{"443"}, - }}, - base: "https://example.com:443", - }, - { - name: "several non-standard headers", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{"https"}, - "X-Forwarded-Host": []string{" first.example.com:12345 "}, - }}, - base: "https://first.example.com:12345", - }, - { - name: "forwarded host with port supplied takes priority", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"first.example.com:5000"}, - "X-Forwarded-Port": []string{"80"}, - }}, - base: "http://first.example.com:5000", - }, - { - name: "malformed forwarded port", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Host": []string{"first.example.com"}, - "X-Forwarded-Port": []string{"abcd"}, - }}, - base: "http://first.example.com", - }, - { - name: "forwarded protocol and addr using standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`proto=https;host="192.168.22.30:80"`}, - }}, - base: "https://192.168.22.30:80", - }, - { - name: "forwarded host takes priority over for", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`host="reg.example.com:5000";for="192.168.22.30"`}, - }}, - base: "http://reg.example.com:5000", - }, - { - name: "forwarded host and protocol using standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`host=reg.example.com;proto=https`}, - }}, - base: "https://reg.example.com", - }, - { - name: "process just the first standard forwarded header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`host="reg.example.com:88";proto=http`, `host=reg.example.com;proto=https`}, - }}, - base: "http://reg.example.com:88", - }, - { - name: "process just the first list element of standard header", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`host="reg.example.com:443";proto=https, host="reg.example.com:80";proto=http`}, - }}, - base: "https://reg.example.com:443", - }, - { - name: "IPv6 address use host", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`for="2607:f0d0:1002:51::4";host="[2607:f0d0:1002:51::4]:5001"`}, - "X-Forwarded-Port": []string{"5002"}, - }}, - base: "http://[2607:f0d0:1002:51::4]:5001", - }, - { - name: "IPv6 address with port", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "Forwarded": []string{`host="[2607:f0d0:1002:51::4]:4000"`}, - "X-Forwarded-Port": []string{"5001"}, - }}, - base: "http://[2607:f0d0:1002:51::4]:4000", - }, - { - name: "non-standard and standard forward headers", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{`https`}, - "X-Forwarded-Host": []string{`first.example.com`}, - "X-Forwarded-Port": []string{``}, - "Forwarded": []string{`host=first.example.com; proto=https`}, - }}, - base: "https://first.example.com", - }, - { - name: "standard header takes precedence over non-standard headers", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{`http`}, - "Forwarded": []string{`host=second.example.com; proto=https`}, - "X-Forwarded-Host": []string{`first.example.com`}, - "X-Forwarded-Port": []string{`4000`}, - }}, - base: "https://second.example.com", - }, - { - name: "incomplete standard header uses default", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{`https`}, - "Forwarded": []string{`for=127.0.0.1`}, - "X-Forwarded-Host": []string{`first.example.com`}, - "X-Forwarded-Port": []string{`4000`}, - }}, - base: "http://" + u.Host, - }, - { - name: "standard with just proto", - request: &http.Request{URL: u, Host: u.Host, Header: http.Header{ - "X-Forwarded-Proto": []string{`https`}, - "Forwarded": []string{`proto=https`}, - "X-Forwarded-Host": []string{`first.example.com`}, - "X-Forwarded-Port": []string{`4000`}, - }}, - base: "https://" + u.Host, - }, - } - - doTest := func(relative bool) { - for _, tr := range testRequests { - var builder *URLBuilder - if tr.configHost.Scheme != "" && tr.configHost.Host != "" { - builder = NewURLBuilder(&tr.configHost, relative) - } else { - builder = NewURLBuilderFromRequest(tr.request, relative) - } - - for _, testCase := range makeURLBuilderTestCases(builder) { - buildURL, err := testCase.build() - if err != nil { - t.Fatalf("[relative=%t, request=%q, case=%q]: error building url: %v", relative, tr.name, testCase.description, err) - } - - expectedURL := testCase.expectedPath - if !relative { - expectedURL = tr.base + expectedURL - } - - if buildURL != expectedURL { - t.Errorf("[relative=%t, request=%q, case=%q]: %q != %q", relative, tr.name, testCase.description, buildURL, expectedURL) - } - } - } - } - - doTest(true) - doTest(false) -} - -func TestBuilderFromRequestWithPrefix(t *testing.T) { - u, err := url.Parse("http://example.com/prefix/v2/") - if err != nil { - t.Fatal(err) - } - - forwardedProtoHeader := make(http.Header, 1) - forwardedProtoHeader.Set("X-Forwarded-Proto", "https") - - testRequests := []struct { - request *http.Request - base string - configHost url.URL - }{ - { - request: &http.Request{URL: u, Host: u.Host}, - base: "http://example.com/prefix/", - }, - - { - request: &http.Request{URL: u, Host: u.Host, Header: forwardedProtoHeader}, - base: "http://example.com/prefix/", - }, - { - request: &http.Request{URL: u, Host: u.Host, Header: forwardedProtoHeader}, - base: "https://example.com/prefix/", - }, - { - request: &http.Request{URL: u, Host: u.Host, Header: forwardedProtoHeader}, - base: "https://subdomain.example.com/prefix/", - configHost: url.URL{ - Scheme: "https", - Host: "subdomain.example.com", - Path: "/prefix/", - }, - }, - } - - var relative bool - for _, tr := range testRequests { - var builder *URLBuilder - if tr.configHost.Scheme != "" && tr.configHost.Host != "" { - builder = NewURLBuilder(&tr.configHost, false) - } else { - builder = NewURLBuilderFromRequest(tr.request, false) - } - - for _, testCase := range makeURLBuilderTestCases(builder) { - buildURL, err := testCase.build() - if err != nil { - t.Fatalf("%s: error building url: %v", testCase.description, err) - } - - var expectedURL string - proto, ok := tr.request.Header["X-Forwarded-Proto"] - if !ok { - expectedURL = testCase.expectedPath - if !relative { - expectedURL = tr.base[0:len(tr.base)-1] + expectedURL - } - } else { - urlBase, err := url.Parse(tr.base) - if err != nil { - t.Fatal(err) - } - urlBase.Scheme = proto[0] - expectedURL = testCase.expectedPath - if !relative { - expectedURL = urlBase.String()[0:len(urlBase.String())-1] + expectedURL - } - - } - - if buildURL != expectedURL { - t.Fatalf("%s: %q != %q", testCase.description, buildURL, expectedURL) - } - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/auth/auth.go b/vendor/github.com/docker/distribution/registry/auth/auth.go deleted file mode 100644 index 1c9af882..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/auth.go +++ /dev/null @@ -1,202 +0,0 @@ -// Package auth defines a standard interface for request access controllers. -// -// An access controller has a simple interface with a single `Authorized` -// method which checks that a given request is authorized to perform one or -// more actions on one or more resources. This method should return a non-nil -// error if the request is not authorized. -// -// An implementation registers its access controller by name with a constructor -// which accepts an options map for configuring the access controller. -// -// options := map[string]interface{}{"sillySecret": "whysosilly?"} -// accessController, _ := auth.GetAccessController("silly", options) -// -// This `accessController` can then be used in a request handler like so: -// -// func updateOrder(w http.ResponseWriter, r *http.Request) { -// orderNumber := r.FormValue("orderNumber") -// resource := auth.Resource{Type: "customerOrder", Name: orderNumber} -// access := auth.Access{Resource: resource, Action: "update"} -// -// if ctx, err := accessController.Authorized(ctx, access); err != nil { -// if challenge, ok := err.(auth.Challenge) { -// // Let the challenge write the response. -// challenge.SetHeaders(w) -// w.WriteHeader(http.StatusUnauthorized) -// return -// } else { -// // Some other error. -// } -// } -// } -// -package auth - -import ( - "errors" - "fmt" - "net/http" - - "github.com/docker/distribution/context" -) - -const ( - // UserKey is used to get the user object from - // a user context - UserKey = "auth.user" - - // UserNameKey is used to get the user name from - // a user context - UserNameKey = "auth.user.name" -) - -var ( - // ErrInvalidCredential is returned when the auth token does not authenticate correctly. - ErrInvalidCredential = errors.New("invalid authorization credential") - - // ErrAuthenticationFailure returned when authentication fails. - ErrAuthenticationFailure = errors.New("authentication failure") -) - -// UserInfo carries information about -// an autenticated/authorized client. -type UserInfo struct { - Name string -} - -// Resource describes a resource by type and name. -type Resource struct { - Type string - Class string - Name string -} - -// Access describes a specific action that is -// requested or allowed for a given resource. -type Access struct { - Resource - Action string -} - -// Challenge is a special error type which is used for HTTP 401 Unauthorized -// responses and is able to write the response with WWW-Authenticate challenge -// header values based on the error. -type Challenge interface { - error - - // SetHeaders prepares the request to conduct a challenge response by - // adding the an HTTP challenge header on the response message. Callers - // are expected to set the appropriate HTTP status code (e.g. 401) - // themselves. - SetHeaders(w http.ResponseWriter) -} - -// AccessController controls access to registry resources based on a request -// and required access levels for a request. Implementations can support both -// complete denial and http authorization challenges. -type AccessController interface { - // Authorized returns a non-nil error if the context is granted access and - // returns a new authorized context. If one or more Access structs are - // provided, the requested access will be compared with what is available - // to the context. The given context will contain a "http.request" key with - // a `*http.Request` value. If the error is non-nil, access should always - // be denied. The error may be of type Challenge, in which case the caller - // may have the Challenge handle the request or choose what action to take - // based on the Challenge header or response status. The returned context - // object should have a "auth.user" value set to a UserInfo struct. - Authorized(ctx context.Context, access ...Access) (context.Context, error) -} - -// CredentialAuthenticator is an object which is able to authenticate credentials -type CredentialAuthenticator interface { - AuthenticateUser(username, password string) error -} - -// WithUser returns a context with the authorized user info. -func WithUser(ctx context.Context, user UserInfo) context.Context { - return userInfoContext{ - Context: ctx, - user: user, - } -} - -type userInfoContext struct { - context.Context - user UserInfo -} - -func (uic userInfoContext) Value(key interface{}) interface{} { - switch key { - case UserKey: - return uic.user - case UserNameKey: - return uic.user.Name - } - - return uic.Context.Value(key) -} - -// WithResources returns a context with the authorized resources. -func WithResources(ctx context.Context, resources []Resource) context.Context { - return resourceContext{ - Context: ctx, - resources: resources, - } -} - -type resourceContext struct { - context.Context - resources []Resource -} - -type resourceKey struct{} - -func (rc resourceContext) Value(key interface{}) interface{} { - if key == (resourceKey{}) { - return rc.resources - } - - return rc.Context.Value(key) -} - -// AuthorizedResources returns the list of resources which have -// been authorized for this request. -func AuthorizedResources(ctx context.Context) []Resource { - if resources, ok := ctx.Value(resourceKey{}).([]Resource); ok { - return resources - } - - return nil -} - -// InitFunc is the type of an AccessController factory function and is used -// to register the constructor for different AccesController backends. -type InitFunc func(options map[string]interface{}) (AccessController, error) - -var accessControllers map[string]InitFunc - -func init() { - accessControllers = make(map[string]InitFunc) -} - -// Register is used to register an InitFunc for -// an AccessController backend with the given name. -func Register(name string, initFunc InitFunc) error { - if _, exists := accessControllers[name]; exists { - return fmt.Errorf("name already registered: %s", name) - } - - accessControllers[name] = initFunc - - return nil -} - -// GetAccessController constructs an AccessController -// with the given options using the named backend. -func GetAccessController(name string, options map[string]interface{}) (AccessController, error) { - if initFunc, exists := accessControllers[name]; exists { - return initFunc(options) - } - - return nil, fmt.Errorf("no access controller registered with name: %s", name) -} diff --git a/vendor/github.com/docker/distribution/registry/auth/htpasswd/access.go b/vendor/github.com/docker/distribution/registry/auth/htpasswd/access.go deleted file mode 100644 index 819b09ca..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/htpasswd/access.go +++ /dev/null @@ -1,115 +0,0 @@ -// Package htpasswd provides a simple authentication scheme that checks for the -// user credential hash in an htpasswd formatted file in a configuration-determined -// location. -// -// This authentication method MUST be used under TLS, as simple token-replay attack is possible. -package htpasswd - -import ( - "fmt" - "net/http" - "os" - "sync" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" -) - -type accessController struct { - realm string - path string - modtime time.Time - mu sync.Mutex - htpasswd *htpasswd -} - -var _ auth.AccessController = &accessController{} - -func newAccessController(options map[string]interface{}) (auth.AccessController, error) { - realm, present := options["realm"] - if _, ok := realm.(string); !present || !ok { - return nil, fmt.Errorf(`"realm" must be set for htpasswd access controller`) - } - - path, present := options["path"] - if _, ok := path.(string); !present || !ok { - return nil, fmt.Errorf(`"path" must be set for htpasswd access controller`) - } - - return &accessController{realm: realm.(string), path: path.(string)}, nil -} - -func (ac *accessController) Authorized(ctx context.Context, accessRecords ...auth.Access) (context.Context, error) { - req, err := context.GetRequest(ctx) - if err != nil { - return nil, err - } - - username, password, ok := req.BasicAuth() - if !ok { - return nil, &challenge{ - realm: ac.realm, - err: auth.ErrInvalidCredential, - } - } - - // Dynamically parsing the latest account list - fstat, err := os.Stat(ac.path) - if err != nil { - return nil, err - } - - lastModified := fstat.ModTime() - ac.mu.Lock() - if ac.htpasswd == nil || !ac.modtime.Equal(lastModified) { - ac.modtime = lastModified - - f, err := os.Open(ac.path) - if err != nil { - ac.mu.Unlock() - return nil, err - } - defer f.Close() - - h, err := newHTPasswd(f) - if err != nil { - ac.mu.Unlock() - return nil, err - } - ac.htpasswd = h - } - localHTPasswd := ac.htpasswd - ac.mu.Unlock() - - if err := localHTPasswd.authenticateUser(username, password); err != nil { - context.GetLogger(ctx).Errorf("error authenticating user %q: %v", username, err) - return nil, &challenge{ - realm: ac.realm, - err: auth.ErrAuthenticationFailure, - } - } - - return auth.WithUser(ctx, auth.UserInfo{Name: username}), nil -} - -// challenge implements the auth.Challenge interface. -type challenge struct { - realm string - err error -} - -var _ auth.Challenge = challenge{} - -// SetHeaders sets the basic challenge header on the response. -func (ch challenge) SetHeaders(w http.ResponseWriter) { - w.Header().Set("WWW-Authenticate", fmt.Sprintf("Basic realm=%q", ch.realm)) -} - -func (ch challenge) Error() string { - return fmt.Sprintf("basic authentication challenge for realm %q: %s", ch.realm, ch.err) -} - -func init() { - auth.Register("htpasswd", auth.InitFunc(newAccessController)) -} diff --git a/vendor/github.com/docker/distribution/registry/auth/htpasswd/access_test.go b/vendor/github.com/docker/distribution/registry/auth/htpasswd/access_test.go deleted file mode 100644 index 553f05cf..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/htpasswd/access_test.go +++ /dev/null @@ -1,122 +0,0 @@ -package htpasswd - -import ( - "io/ioutil" - "net/http" - "net/http/httptest" - "testing" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" -) - -func TestBasicAccessController(t *testing.T) { - testRealm := "The-Shire" - testUsers := []string{"bilbo", "frodo", "MiShil", "DeokMan"} - testPasswords := []string{"baggins", "baggins", "새주", "공주님"} - testHtpasswdContent := `bilbo:{SHA}5siv5c0SHx681xU6GiSx9ZQryqs= - frodo:$2y$05$926C3y10Quzn/LnqQH86VOEVh/18T6RnLaS.khre96jLNL/7e.K5W - MiShil:$2y$05$0oHgwMehvoe8iAWS8I.7l.KoECXrwVaC16RPfaSCU5eVTFrATuMI2 - DeokMan:공주님` - - tempFile, err := ioutil.TempFile("", "htpasswd-test") - if err != nil { - t.Fatal("could not create temporary htpasswd file") - } - if _, err = tempFile.WriteString(testHtpasswdContent); err != nil { - t.Fatal("could not write temporary htpasswd file") - } - - options := map[string]interface{}{ - "realm": testRealm, - "path": tempFile.Name(), - } - ctx := context.Background() - - accessController, err := newAccessController(options) - if err != nil { - t.Fatal("error creating access controller") - } - - tempFile.Close() - - var userNumber = 0 - - server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctx := context.WithRequest(ctx, r) - authCtx, err := accessController.Authorized(ctx) - if err != nil { - switch err := err.(type) { - case auth.Challenge: - err.SetHeaders(w) - w.WriteHeader(http.StatusUnauthorized) - return - default: - t.Fatalf("unexpected error authorizing request: %v", err) - } - } - - userInfo, ok := authCtx.Value(auth.UserKey).(auth.UserInfo) - if !ok { - t.Fatal("basic accessController did not set auth.user context") - } - - if userInfo.Name != testUsers[userNumber] { - t.Fatalf("expected user name %q, got %q", testUsers[userNumber], userInfo.Name) - } - - w.WriteHeader(http.StatusNoContent) - })) - - client := &http.Client{ - CheckRedirect: nil, - } - - req, _ := http.NewRequest("GET", server.URL, nil) - resp, err := client.Do(req) - - if err != nil { - t.Fatalf("unexpected error during GET: %v", err) - } - defer resp.Body.Close() - - // Request should not be authorized - if resp.StatusCode != http.StatusUnauthorized { - t.Fatalf("unexpected non-fail response status: %v != %v", resp.StatusCode, http.StatusUnauthorized) - } - - nonbcrypt := map[string]struct{}{ - "bilbo": {}, - "DeokMan": {}, - } - - for i := 0; i < len(testUsers); i++ { - userNumber = i - req, err := http.NewRequest("GET", server.URL, nil) - if err != nil { - t.Fatalf("error allocating new request: %v", err) - } - - req.SetBasicAuth(testUsers[i], testPasswords[i]) - - resp, err = client.Do(req) - if err != nil { - t.Fatalf("unexpected error during GET: %v", err) - } - defer resp.Body.Close() - - if _, ok := nonbcrypt[testUsers[i]]; ok { - // these are not allowed. - // Request should be authorized - if resp.StatusCode != http.StatusUnauthorized { - t.Fatalf("unexpected non-success response status: %v != %v for %s %s", resp.StatusCode, http.StatusUnauthorized, testUsers[i], testPasswords[i]) - } - } else { - // Request should be authorized - if resp.StatusCode != http.StatusNoContent { - t.Fatalf("unexpected non-success response status: %v != %v for %s %s", resp.StatusCode, http.StatusNoContent, testUsers[i], testPasswords[i]) - } - } - } - -} diff --git a/vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd.go b/vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd.go deleted file mode 100644 index b10b256c..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd.go +++ /dev/null @@ -1,82 +0,0 @@ -package htpasswd - -import ( - "bufio" - "fmt" - "io" - "strings" - - "github.com/docker/distribution/registry/auth" - - "golang.org/x/crypto/bcrypt" -) - -// htpasswd holds a path to a system .htpasswd file and the machinery to parse -// it. Only bcrypt hash entries are supported. -type htpasswd struct { - entries map[string][]byte // maps username to password byte slice. -} - -// newHTPasswd parses the reader and returns an htpasswd or an error. -func newHTPasswd(rd io.Reader) (*htpasswd, error) { - entries, err := parseHTPasswd(rd) - if err != nil { - return nil, err - } - - return &htpasswd{entries: entries}, nil -} - -// AuthenticateUser checks a given user:password credential against the -// receiving HTPasswd's file. If the check passes, nil is returned. -func (htpasswd *htpasswd) authenticateUser(username string, password string) error { - credentials, ok := htpasswd.entries[username] - if !ok { - // timing attack paranoia - bcrypt.CompareHashAndPassword([]byte{}, []byte(password)) - - return auth.ErrAuthenticationFailure - } - - err := bcrypt.CompareHashAndPassword([]byte(credentials), []byte(password)) - if err != nil { - return auth.ErrAuthenticationFailure - } - - return nil -} - -// parseHTPasswd parses the contents of htpasswd. This will read all the -// entries in the file, whether or not they are needed. An error is returned -// if a syntax errors are encountered or if the reader fails. -func parseHTPasswd(rd io.Reader) (map[string][]byte, error) { - entries := map[string][]byte{} - scanner := bufio.NewScanner(rd) - var line int - for scanner.Scan() { - line++ // 1-based line numbering - t := strings.TrimSpace(scanner.Text()) - - if len(t) < 1 { - continue - } - - // lines that *begin* with a '#' are considered comments - if t[0] == '#' { - continue - } - - i := strings.Index(t, ":") - if i < 0 || i >= len(t) { - return nil, fmt.Errorf("htpasswd: invalid entry at line %d: %q", line, scanner.Text()) - } - - entries[t[:i]] = []byte(t[i+1:]) - } - - if err := scanner.Err(); err != nil { - return nil, err - } - - return entries, nil -} diff --git a/vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd_test.go b/vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd_test.go deleted file mode 100644 index 309c359a..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/htpasswd/htpasswd_test.go +++ /dev/null @@ -1,85 +0,0 @@ -package htpasswd - -import ( - "fmt" - "reflect" - "strings" - "testing" -) - -func TestParseHTPasswd(t *testing.T) { - - for _, tc := range []struct { - desc string - input string - err error - entries map[string][]byte - }{ - { - desc: "basic example", - input: ` -# This is a comment in a basic example. -bilbo:{SHA}5siv5c0SHx681xU6GiSx9ZQryqs= -frodo:$2y$05$926C3y10Quzn/LnqQH86VOEVh/18T6RnLaS.khre96jLNL/7e.K5W -MiShil:$2y$05$0oHgwMehvoe8iAWS8I.7l.KoECXrwVaC16RPfaSCU5eVTFrATuMI2 -DeokMan:공주님 -`, - entries: map[string][]byte{ - "bilbo": []byte("{SHA}5siv5c0SHx681xU6GiSx9ZQryqs="), - "frodo": []byte("$2y$05$926C3y10Quzn/LnqQH86VOEVh/18T6RnLaS.khre96jLNL/7e.K5W"), - "MiShil": []byte("$2y$05$0oHgwMehvoe8iAWS8I.7l.KoECXrwVaC16RPfaSCU5eVTFrATuMI2"), - "DeokMan": []byte("공주님"), - }, - }, - { - desc: "ensures comments are filtered", - input: ` -# asdf:asdf -`, - }, - { - desc: "ensure midline hash is not comment", - input: ` -asdf:as#df -`, - entries: map[string][]byte{ - "asdf": []byte("as#df"), - }, - }, - { - desc: "ensure midline hash is not comment", - input: ` -# A valid comment -valid:entry -asdf -`, - err: fmt.Errorf(`htpasswd: invalid entry at line 4: "asdf"`), - }, - } { - - entries, err := parseHTPasswd(strings.NewReader(tc.input)) - if err != tc.err { - if tc.err == nil { - t.Fatalf("%s: unexpected error: %v", tc.desc, err) - } else { - if err.Error() != tc.err.Error() { // use string equality here. - t.Fatalf("%s: expected error not returned: %v != %v", tc.desc, err, tc.err) - } - } - } - - if tc.err != nil { - continue // don't test output - } - - // allow empty and nil to be equal - if tc.entries == nil { - tc.entries = map[string][]byte{} - } - - if !reflect.DeepEqual(entries, tc.entries) { - t.Fatalf("%s: entries not parsed correctly: %v != %v", tc.desc, entries, tc.entries) - } - } - -} diff --git a/vendor/github.com/docker/distribution/registry/auth/silly/access.go b/vendor/github.com/docker/distribution/registry/auth/silly/access.go deleted file mode 100644 index 2b801d94..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/silly/access.go +++ /dev/null @@ -1,97 +0,0 @@ -// Package silly provides a simple authentication scheme that checks for the -// existence of an Authorization header and issues access if is present and -// non-empty. -// -// This package is present as an example implementation of a minimal -// auth.AccessController and for testing. This is not suitable for any kind of -// production security. -package silly - -import ( - "fmt" - "net/http" - "strings" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" -) - -// accessController provides a simple implementation of auth.AccessController -// that simply checks for a non-empty Authorization header. It is useful for -// demonstration and testing. -type accessController struct { - realm string - service string -} - -var _ auth.AccessController = &accessController{} - -func newAccessController(options map[string]interface{}) (auth.AccessController, error) { - realm, present := options["realm"] - if _, ok := realm.(string); !present || !ok { - return nil, fmt.Errorf(`"realm" must be set for silly access controller`) - } - - service, present := options["service"] - if _, ok := service.(string); !present || !ok { - return nil, fmt.Errorf(`"service" must be set for silly access controller`) - } - - return &accessController{realm: realm.(string), service: service.(string)}, nil -} - -// Authorized simply checks for the existence of the authorization header, -// responding with a bearer challenge if it doesn't exist. -func (ac *accessController) Authorized(ctx context.Context, accessRecords ...auth.Access) (context.Context, error) { - req, err := context.GetRequest(ctx) - if err != nil { - return nil, err - } - - if req.Header.Get("Authorization") == "" { - challenge := challenge{ - realm: ac.realm, - service: ac.service, - } - - if len(accessRecords) > 0 { - var scopes []string - for _, access := range accessRecords { - scopes = append(scopes, fmt.Sprintf("%s:%s:%s", access.Type, access.Resource.Name, access.Action)) - } - challenge.scope = strings.Join(scopes, " ") - } - - return nil, &challenge - } - - return auth.WithUser(ctx, auth.UserInfo{Name: "silly"}), nil -} - -type challenge struct { - realm string - service string - scope string -} - -var _ auth.Challenge = challenge{} - -// SetHeaders sets a simple bearer challenge on the response. -func (ch challenge) SetHeaders(w http.ResponseWriter) { - header := fmt.Sprintf("Bearer realm=%q,service=%q", ch.realm, ch.service) - - if ch.scope != "" { - header = fmt.Sprintf("%s,scope=%q", header, ch.scope) - } - - w.Header().Set("WWW-Authenticate", header) -} - -func (ch challenge) Error() string { - return fmt.Sprintf("silly authentication challenge: %#v", ch) -} - -// init registers the silly auth backend. -func init() { - auth.Register("silly", auth.InitFunc(newAccessController)) -} diff --git a/vendor/github.com/docker/distribution/registry/auth/silly/access_test.go b/vendor/github.com/docker/distribution/registry/auth/silly/access_test.go deleted file mode 100644 index 0a5103e6..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/silly/access_test.go +++ /dev/null @@ -1,71 +0,0 @@ -package silly - -import ( - "net/http" - "net/http/httptest" - "testing" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" -) - -func TestSillyAccessController(t *testing.T) { - ac := &accessController{ - realm: "test-realm", - service: "test-service", - } - - server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctx := context.WithRequest(context.Background(), r) - authCtx, err := ac.Authorized(ctx) - if err != nil { - switch err := err.(type) { - case auth.Challenge: - err.SetHeaders(w) - w.WriteHeader(http.StatusUnauthorized) - return - default: - t.Fatalf("unexpected error authorizing request: %v", err) - } - } - - userInfo, ok := authCtx.Value(auth.UserKey).(auth.UserInfo) - if !ok { - t.Fatal("silly accessController did not set auth.user context") - } - - if userInfo.Name != "silly" { - t.Fatalf("expected user name %q, got %q", "silly", userInfo.Name) - } - - w.WriteHeader(http.StatusNoContent) - })) - - resp, err := http.Get(server.URL) - if err != nil { - t.Fatalf("unexpected error during GET: %v", err) - } - defer resp.Body.Close() - - // Request should not be authorized - if resp.StatusCode != http.StatusUnauthorized { - t.Fatalf("unexpected response status: %v != %v", resp.StatusCode, http.StatusUnauthorized) - } - - req, err := http.NewRequest("GET", server.URL, nil) - if err != nil { - t.Fatalf("unexpected error creating new request: %v", err) - } - req.Header.Set("Authorization", "seriously, anything") - - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("unexpected error during GET: %v", err) - } - defer resp.Body.Close() - - // Request should not be authorized - if resp.StatusCode != http.StatusNoContent { - t.Fatalf("unexpected response status: %v != %v", resp.StatusCode, http.StatusNoContent) - } -} diff --git a/vendor/github.com/docker/distribution/registry/auth/token/accesscontroller.go b/vendor/github.com/docker/distribution/registry/auth/token/accesscontroller.go deleted file mode 100644 index 4e8b7f1c..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/token/accesscontroller.go +++ /dev/null @@ -1,272 +0,0 @@ -package token - -import ( - "crypto" - "crypto/x509" - "encoding/pem" - "errors" - "fmt" - "io/ioutil" - "net/http" - "os" - "strings" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" - "github.com/docker/libtrust" -) - -// accessSet maps a typed, named resource to -// a set of actions requested or authorized. -type accessSet map[auth.Resource]actionSet - -// newAccessSet constructs an accessSet from -// a variable number of auth.Access items. -func newAccessSet(accessItems ...auth.Access) accessSet { - accessSet := make(accessSet, len(accessItems)) - - for _, access := range accessItems { - resource := auth.Resource{ - Type: access.Type, - Name: access.Name, - } - - set, exists := accessSet[resource] - if !exists { - set = newActionSet() - accessSet[resource] = set - } - - set.add(access.Action) - } - - return accessSet -} - -// contains returns whether or not the given access is in this accessSet. -func (s accessSet) contains(access auth.Access) bool { - actionSet, ok := s[access.Resource] - if ok { - return actionSet.contains(access.Action) - } - - return false -} - -// scopeParam returns a collection of scopes which can -// be used for a WWW-Authenticate challenge parameter. -// See https://tools.ietf.org/html/rfc6750#section-3 -func (s accessSet) scopeParam() string { - scopes := make([]string, 0, len(s)) - - for resource, actionSet := range s { - actions := strings.Join(actionSet.keys(), ",") - scopes = append(scopes, fmt.Sprintf("%s:%s:%s", resource.Type, resource.Name, actions)) - } - - return strings.Join(scopes, " ") -} - -// Errors used and exported by this package. -var ( - ErrInsufficientScope = errors.New("insufficient scope") - ErrTokenRequired = errors.New("authorization token required") -) - -// authChallenge implements the auth.Challenge interface. -type authChallenge struct { - err error - realm string - service string - accessSet accessSet -} - -var _ auth.Challenge = authChallenge{} - -// Error returns the internal error string for this authChallenge. -func (ac authChallenge) Error() string { - return ac.err.Error() -} - -// Status returns the HTTP Response Status Code for this authChallenge. -func (ac authChallenge) Status() int { - return http.StatusUnauthorized -} - -// challengeParams constructs the value to be used in -// the WWW-Authenticate response challenge header. -// See https://tools.ietf.org/html/rfc6750#section-3 -func (ac authChallenge) challengeParams() string { - str := fmt.Sprintf("Bearer realm=%q,service=%q", ac.realm, ac.service) - - if scope := ac.accessSet.scopeParam(); scope != "" { - str = fmt.Sprintf("%s,scope=%q", str, scope) - } - - if ac.err == ErrInvalidToken || ac.err == ErrMalformedToken { - str = fmt.Sprintf("%s,error=%q", str, "invalid_token") - } else if ac.err == ErrInsufficientScope { - str = fmt.Sprintf("%s,error=%q", str, "insufficient_scope") - } - - return str -} - -// SetChallenge sets the WWW-Authenticate value for the response. -func (ac authChallenge) SetHeaders(w http.ResponseWriter) { - w.Header().Add("WWW-Authenticate", ac.challengeParams()) -} - -// accessController implements the auth.AccessController interface. -type accessController struct { - realm string - issuer string - service string - rootCerts *x509.CertPool - trustedKeys map[string]libtrust.PublicKey -} - -// tokenAccessOptions is a convenience type for handling -// options to the contstructor of an accessController. -type tokenAccessOptions struct { - realm string - issuer string - service string - rootCertBundle string -} - -// checkOptions gathers the necessary options -// for an accessController from the given map. -func checkOptions(options map[string]interface{}) (tokenAccessOptions, error) { - var opts tokenAccessOptions - - keys := []string{"realm", "issuer", "service", "rootcertbundle"} - vals := make([]string, 0, len(keys)) - for _, key := range keys { - val, ok := options[key].(string) - if !ok { - return opts, fmt.Errorf("token auth requires a valid option string: %q", key) - } - vals = append(vals, val) - } - - opts.realm, opts.issuer, opts.service, opts.rootCertBundle = vals[0], vals[1], vals[2], vals[3] - - return opts, nil -} - -// newAccessController creates an accessController using the given options. -func newAccessController(options map[string]interface{}) (auth.AccessController, error) { - config, err := checkOptions(options) - if err != nil { - return nil, err - } - - fp, err := os.Open(config.rootCertBundle) - if err != nil { - return nil, fmt.Errorf("unable to open token auth root certificate bundle file %q: %s", config.rootCertBundle, err) - } - defer fp.Close() - - rawCertBundle, err := ioutil.ReadAll(fp) - if err != nil { - return nil, fmt.Errorf("unable to read token auth root certificate bundle file %q: %s", config.rootCertBundle, err) - } - - var rootCerts []*x509.Certificate - pemBlock, rawCertBundle := pem.Decode(rawCertBundle) - for pemBlock != nil { - if pemBlock.Type == "CERTIFICATE" { - cert, err := x509.ParseCertificate(pemBlock.Bytes) - if err != nil { - return nil, fmt.Errorf("unable to parse token auth root certificate: %s", err) - } - - rootCerts = append(rootCerts, cert) - } - - pemBlock, rawCertBundle = pem.Decode(rawCertBundle) - } - - if len(rootCerts) == 0 { - return nil, errors.New("token auth requires at least one token signing root certificate") - } - - rootPool := x509.NewCertPool() - trustedKeys := make(map[string]libtrust.PublicKey, len(rootCerts)) - for _, rootCert := range rootCerts { - rootPool.AddCert(rootCert) - pubKey, err := libtrust.FromCryptoPublicKey(crypto.PublicKey(rootCert.PublicKey)) - if err != nil { - return nil, fmt.Errorf("unable to get public key from token auth root certificate: %s", err) - } - trustedKeys[pubKey.KeyID()] = pubKey - } - - return &accessController{ - realm: config.realm, - issuer: config.issuer, - service: config.service, - rootCerts: rootPool, - trustedKeys: trustedKeys, - }, nil -} - -// Authorized handles checking whether the given request is authorized -// for actions on resources described by the given access items. -func (ac *accessController) Authorized(ctx context.Context, accessItems ...auth.Access) (context.Context, error) { - challenge := &authChallenge{ - realm: ac.realm, - service: ac.service, - accessSet: newAccessSet(accessItems...), - } - - req, err := context.GetRequest(ctx) - if err != nil { - return nil, err - } - - parts := strings.Split(req.Header.Get("Authorization"), " ") - - if len(parts) != 2 || strings.ToLower(parts[0]) != "bearer" { - challenge.err = ErrTokenRequired - return nil, challenge - } - - rawToken := parts[1] - - token, err := NewToken(rawToken) - if err != nil { - challenge.err = err - return nil, challenge - } - - verifyOpts := VerifyOptions{ - TrustedIssuers: []string{ac.issuer}, - AcceptedAudiences: []string{ac.service}, - Roots: ac.rootCerts, - TrustedKeys: ac.trustedKeys, - } - - if err = token.Verify(verifyOpts); err != nil { - challenge.err = err - return nil, challenge - } - - accessSet := token.accessSet() - for _, access := range accessItems { - if !accessSet.contains(access) { - challenge.err = ErrInsufficientScope - return nil, challenge - } - } - - ctx = auth.WithResources(ctx, token.resources()) - - return auth.WithUser(ctx, auth.UserInfo{Name: token.Claims.Subject}), nil -} - -// init handles registering the token auth backend. -func init() { - auth.Register("token", auth.InitFunc(newAccessController)) -} diff --git a/vendor/github.com/docker/distribution/registry/auth/token/stringset.go b/vendor/github.com/docker/distribution/registry/auth/token/stringset.go deleted file mode 100644 index 1d04f104..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/token/stringset.go +++ /dev/null @@ -1,35 +0,0 @@ -package token - -// StringSet is a useful type for looking up strings. -type stringSet map[string]struct{} - -// NewStringSet creates a new StringSet with the given strings. -func newStringSet(keys ...string) stringSet { - ss := make(stringSet, len(keys)) - ss.add(keys...) - return ss -} - -// Add inserts the given keys into this StringSet. -func (ss stringSet) add(keys ...string) { - for _, key := range keys { - ss[key] = struct{}{} - } -} - -// Contains returns whether the given key is in this StringSet. -func (ss stringSet) contains(key string) bool { - _, ok := ss[key] - return ok -} - -// Keys returns a slice of all keys in this StringSet. -func (ss stringSet) keys() []string { - keys := make([]string, 0, len(ss)) - - for key := range ss { - keys = append(keys, key) - } - - return keys -} diff --git a/vendor/github.com/docker/distribution/registry/auth/token/token.go b/vendor/github.com/docker/distribution/registry/auth/token/token.go deleted file mode 100644 index 850f5813..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/token/token.go +++ /dev/null @@ -1,378 +0,0 @@ -package token - -import ( - "crypto" - "crypto/x509" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "strings" - "time" - - log "github.com/Sirupsen/logrus" - "github.com/docker/libtrust" - - "github.com/docker/distribution/registry/auth" -) - -const ( - // TokenSeparator is the value which separates the header, claims, and - // signature in the compact serialization of a JSON Web Token. - TokenSeparator = "." - // Leeway is the Duration that will be added to NBF and EXP claim - // checks to account for clock skew as per https://tools.ietf.org/html/rfc7519#section-4.1.5 - Leeway = 60 * time.Second -) - -// Errors used by token parsing and verification. -var ( - ErrMalformedToken = errors.New("malformed token") - ErrInvalidToken = errors.New("invalid token") -) - -// ResourceActions stores allowed actions on a named and typed resource. -type ResourceActions struct { - Type string `json:"type"` - Class string `json:"class,omitempty"` - Name string `json:"name"` - Actions []string `json:"actions"` -} - -// ClaimSet describes the main section of a JSON Web Token. -type ClaimSet struct { - // Public claims - Issuer string `json:"iss"` - Subject string `json:"sub"` - Audience string `json:"aud"` - Expiration int64 `json:"exp"` - NotBefore int64 `json:"nbf"` - IssuedAt int64 `json:"iat"` - JWTID string `json:"jti"` - - // Private claims - Access []*ResourceActions `json:"access"` -} - -// Header describes the header section of a JSON Web Token. -type Header struct { - Type string `json:"typ"` - SigningAlg string `json:"alg"` - KeyID string `json:"kid,omitempty"` - X5c []string `json:"x5c,omitempty"` - RawJWK *json.RawMessage `json:"jwk,omitempty"` -} - -// Token describes a JSON Web Token. -type Token struct { - Raw string - Header *Header - Claims *ClaimSet - Signature []byte -} - -// VerifyOptions is used to specify -// options when verifying a JSON Web Token. -type VerifyOptions struct { - TrustedIssuers []string - AcceptedAudiences []string - Roots *x509.CertPool - TrustedKeys map[string]libtrust.PublicKey -} - -// NewToken parses the given raw token string -// and constructs an unverified JSON Web Token. -func NewToken(rawToken string) (*Token, error) { - parts := strings.Split(rawToken, TokenSeparator) - if len(parts) != 3 { - return nil, ErrMalformedToken - } - - var ( - rawHeader, rawClaims = parts[0], parts[1] - headerJSON, claimsJSON []byte - err error - ) - - defer func() { - if err != nil { - log.Infof("error while unmarshalling raw token: %s", err) - } - }() - - if headerJSON, err = joseBase64UrlDecode(rawHeader); err != nil { - err = fmt.Errorf("unable to decode header: %s", err) - return nil, ErrMalformedToken - } - - if claimsJSON, err = joseBase64UrlDecode(rawClaims); err != nil { - err = fmt.Errorf("unable to decode claims: %s", err) - return nil, ErrMalformedToken - } - - token := new(Token) - token.Header = new(Header) - token.Claims = new(ClaimSet) - - token.Raw = strings.Join(parts[:2], TokenSeparator) - if token.Signature, err = joseBase64UrlDecode(parts[2]); err != nil { - err = fmt.Errorf("unable to decode signature: %s", err) - return nil, ErrMalformedToken - } - - if err = json.Unmarshal(headerJSON, token.Header); err != nil { - return nil, ErrMalformedToken - } - - if err = json.Unmarshal(claimsJSON, token.Claims); err != nil { - return nil, ErrMalformedToken - } - - return token, nil -} - -// Verify attempts to verify this token using the given options. -// Returns a nil error if the token is valid. -func (t *Token) Verify(verifyOpts VerifyOptions) error { - // Verify that the Issuer claim is a trusted authority. - if !contains(verifyOpts.TrustedIssuers, t.Claims.Issuer) { - log.Infof("token from untrusted issuer: %q", t.Claims.Issuer) - return ErrInvalidToken - } - - // Verify that the Audience claim is allowed. - if !contains(verifyOpts.AcceptedAudiences, t.Claims.Audience) { - log.Infof("token intended for another audience: %q", t.Claims.Audience) - return ErrInvalidToken - } - - // Verify that the token is currently usable and not expired. - currentTime := time.Now() - - ExpWithLeeway := time.Unix(t.Claims.Expiration, 0).Add(Leeway) - if currentTime.After(ExpWithLeeway) { - log.Infof("token not to be used after %s - currently %s", ExpWithLeeway, currentTime) - return ErrInvalidToken - } - - NotBeforeWithLeeway := time.Unix(t.Claims.NotBefore, 0).Add(-Leeway) - if currentTime.Before(NotBeforeWithLeeway) { - log.Infof("token not to be used before %s - currently %s", NotBeforeWithLeeway, currentTime) - return ErrInvalidToken - } - - // Verify the token signature. - if len(t.Signature) == 0 { - log.Info("token has no signature") - return ErrInvalidToken - } - - // Verify that the signing key is trusted. - signingKey, err := t.VerifySigningKey(verifyOpts) - if err != nil { - log.Info(err) - return ErrInvalidToken - } - - // Finally, verify the signature of the token using the key which signed it. - if err := signingKey.Verify(strings.NewReader(t.Raw), t.Header.SigningAlg, t.Signature); err != nil { - log.Infof("unable to verify token signature: %s", err) - return ErrInvalidToken - } - - return nil -} - -// VerifySigningKey attempts to get the key which was used to sign this token. -// The token header should contain either of these 3 fields: -// `x5c` - The x509 certificate chain for the signing key. Needs to be -// verified. -// `jwk` - The JSON Web Key representation of the signing key. -// May contain its own `x5c` field which needs to be verified. -// `kid` - The unique identifier for the key. This library interprets it -// as a libtrust fingerprint. The key itself can be looked up in -// the trustedKeys field of the given verify options. -// Each of these methods are tried in that order of preference until the -// signing key is found or an error is returned. -func (t *Token) VerifySigningKey(verifyOpts VerifyOptions) (signingKey libtrust.PublicKey, err error) { - // First attempt to get an x509 certificate chain from the header. - var ( - x5c = t.Header.X5c - rawJWK = t.Header.RawJWK - keyID = t.Header.KeyID - ) - - switch { - case len(x5c) > 0: - signingKey, err = parseAndVerifyCertChain(x5c, verifyOpts.Roots) - case rawJWK != nil: - signingKey, err = parseAndVerifyRawJWK(rawJWK, verifyOpts) - case len(keyID) > 0: - signingKey = verifyOpts.TrustedKeys[keyID] - if signingKey == nil { - err = fmt.Errorf("token signed by untrusted key with ID: %q", keyID) - } - default: - err = errors.New("unable to get token signing key") - } - - return -} - -func parseAndVerifyCertChain(x5c []string, roots *x509.CertPool) (leafKey libtrust.PublicKey, err error) { - if len(x5c) == 0 { - return nil, errors.New("empty x509 certificate chain") - } - - // Ensure the first element is encoded correctly. - leafCertDer, err := base64.StdEncoding.DecodeString(x5c[0]) - if err != nil { - return nil, fmt.Errorf("unable to decode leaf certificate: %s", err) - } - - // And that it is a valid x509 certificate. - leafCert, err := x509.ParseCertificate(leafCertDer) - if err != nil { - return nil, fmt.Errorf("unable to parse leaf certificate: %s", err) - } - - // The rest of the certificate chain are intermediate certificates. - intermediates := x509.NewCertPool() - for i := 1; i < len(x5c); i++ { - intermediateCertDer, err := base64.StdEncoding.DecodeString(x5c[i]) - if err != nil { - return nil, fmt.Errorf("unable to decode intermediate certificate: %s", err) - } - - intermediateCert, err := x509.ParseCertificate(intermediateCertDer) - if err != nil { - return nil, fmt.Errorf("unable to parse intermediate certificate: %s", err) - } - - intermediates.AddCert(intermediateCert) - } - - verifyOpts := x509.VerifyOptions{ - Intermediates: intermediates, - Roots: roots, - KeyUsages: []x509.ExtKeyUsage{x509.ExtKeyUsageAny}, - } - - // TODO: this call returns certificate chains which we ignore for now, but - // we should check them for revocations if we have the ability later. - if _, err = leafCert.Verify(verifyOpts); err != nil { - return nil, fmt.Errorf("unable to verify certificate chain: %s", err) - } - - // Get the public key from the leaf certificate. - leafCryptoKey, ok := leafCert.PublicKey.(crypto.PublicKey) - if !ok { - return nil, errors.New("unable to get leaf cert public key value") - } - - leafKey, err = libtrust.FromCryptoPublicKey(leafCryptoKey) - if err != nil { - return nil, fmt.Errorf("unable to make libtrust public key from leaf certificate: %s", err) - } - - return -} - -func parseAndVerifyRawJWK(rawJWK *json.RawMessage, verifyOpts VerifyOptions) (pubKey libtrust.PublicKey, err error) { - pubKey, err = libtrust.UnmarshalPublicKeyJWK([]byte(*rawJWK)) - if err != nil { - return nil, fmt.Errorf("unable to decode raw JWK value: %s", err) - } - - // Check to see if the key includes a certificate chain. - x5cVal, ok := pubKey.GetExtendedField("x5c").([]interface{}) - if !ok { - // The JWK should be one of the trusted root keys. - if _, trusted := verifyOpts.TrustedKeys[pubKey.KeyID()]; !trusted { - return nil, errors.New("untrusted JWK with no certificate chain") - } - - // The JWK is one of the trusted keys. - return - } - - // Ensure each item in the chain is of the correct type. - x5c := make([]string, len(x5cVal)) - for i, val := range x5cVal { - certString, ok := val.(string) - if !ok || len(certString) == 0 { - return nil, errors.New("malformed certificate chain") - } - x5c[i] = certString - } - - // Ensure that the x509 certificate chain can - // be verified up to one of our trusted roots. - leafKey, err := parseAndVerifyCertChain(x5c, verifyOpts.Roots) - if err != nil { - return nil, fmt.Errorf("could not verify JWK certificate chain: %s", err) - } - - // Verify that the public key in the leaf cert *is* the signing key. - if pubKey.KeyID() != leafKey.KeyID() { - return nil, errors.New("leaf certificate public key ID does not match JWK key ID") - } - - return -} - -// accessSet returns a set of actions available for the resource -// actions listed in the `access` section of this token. -func (t *Token) accessSet() accessSet { - if t.Claims == nil { - return nil - } - - accessSet := make(accessSet, len(t.Claims.Access)) - - for _, resourceActions := range t.Claims.Access { - resource := auth.Resource{ - Type: resourceActions.Type, - Name: resourceActions.Name, - } - - set, exists := accessSet[resource] - if !exists { - set = newActionSet() - accessSet[resource] = set - } - - for _, action := range resourceActions.Actions { - set.add(action) - } - } - - return accessSet -} - -func (t *Token) resources() []auth.Resource { - if t.Claims == nil { - return nil - } - - resourceSet := map[auth.Resource]struct{}{} - for _, resourceActions := range t.Claims.Access { - resource := auth.Resource{ - Type: resourceActions.Type, - Class: resourceActions.Class, - Name: resourceActions.Name, - } - resourceSet[resource] = struct{}{} - } - - resources := make([]auth.Resource, 0, len(resourceSet)) - for resource := range resourceSet { - resources = append(resources, resource) - } - - return resources -} - -func (t *Token) compactRaw() string { - return fmt.Sprintf("%s.%s", t.Raw, joseBase64UrlEncode(t.Signature)) -} diff --git a/vendor/github.com/docker/distribution/registry/auth/token/token_test.go b/vendor/github.com/docker/distribution/registry/auth/token/token_test.go deleted file mode 100644 index cbfe2a6b..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/token/token_test.go +++ /dev/null @@ -1,510 +0,0 @@ -package token - -import ( - "crypto" - "crypto/rand" - "crypto/x509" - "encoding/base64" - "encoding/json" - "encoding/pem" - "fmt" - "io/ioutil" - "net/http" - "os" - "strings" - "testing" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/auth" - "github.com/docker/libtrust" -) - -func makeRootKeys(numKeys int) ([]libtrust.PrivateKey, error) { - keys := make([]libtrust.PrivateKey, 0, numKeys) - - for i := 0; i < numKeys; i++ { - key, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - return nil, err - } - keys = append(keys, key) - } - - return keys, nil -} - -func makeSigningKeyWithChain(rootKey libtrust.PrivateKey, depth int) (libtrust.PrivateKey, error) { - if depth == 0 { - // Don't need to build a chain. - return rootKey, nil - } - - var ( - x5c = make([]string, depth) - parentKey = rootKey - key libtrust.PrivateKey - cert *x509.Certificate - err error - ) - - for depth > 0 { - if key, err = libtrust.GenerateECP256PrivateKey(); err != nil { - return nil, err - } - - if cert, err = libtrust.GenerateCACert(parentKey, key); err != nil { - return nil, err - } - - depth-- - x5c[depth] = base64.StdEncoding.EncodeToString(cert.Raw) - parentKey = key - } - - key.AddExtendedField("x5c", x5c) - - return key, nil -} - -func makeRootCerts(rootKeys []libtrust.PrivateKey) ([]*x509.Certificate, error) { - certs := make([]*x509.Certificate, 0, len(rootKeys)) - - for _, key := range rootKeys { - cert, err := libtrust.GenerateCACert(key, key) - if err != nil { - return nil, err - } - certs = append(certs, cert) - } - - return certs, nil -} - -func makeTrustedKeyMap(rootKeys []libtrust.PrivateKey) map[string]libtrust.PublicKey { - trustedKeys := make(map[string]libtrust.PublicKey, len(rootKeys)) - - for _, key := range rootKeys { - trustedKeys[key.KeyID()] = key.PublicKey() - } - - return trustedKeys -} - -func makeTestToken(issuer, audience string, access []*ResourceActions, rootKey libtrust.PrivateKey, depth int, now time.Time, exp time.Time) (*Token, error) { - signingKey, err := makeSigningKeyWithChain(rootKey, depth) - if err != nil { - return nil, fmt.Errorf("unable to make signing key with chain: %s", err) - } - - var rawJWK json.RawMessage - rawJWK, err = signingKey.PublicKey().MarshalJSON() - if err != nil { - return nil, fmt.Errorf("unable to marshal signing key to JSON: %s", err) - } - - joseHeader := &Header{ - Type: "JWT", - SigningAlg: "ES256", - RawJWK: &rawJWK, - } - - randomBytes := make([]byte, 15) - if _, err = rand.Read(randomBytes); err != nil { - return nil, fmt.Errorf("unable to read random bytes for jwt id: %s", err) - } - - claimSet := &ClaimSet{ - Issuer: issuer, - Subject: "foo", - Audience: audience, - Expiration: exp.Unix(), - NotBefore: now.Unix(), - IssuedAt: now.Unix(), - JWTID: base64.URLEncoding.EncodeToString(randomBytes), - Access: access, - } - - var joseHeaderBytes, claimSetBytes []byte - - if joseHeaderBytes, err = json.Marshal(joseHeader); err != nil { - return nil, fmt.Errorf("unable to marshal jose header: %s", err) - } - if claimSetBytes, err = json.Marshal(claimSet); err != nil { - return nil, fmt.Errorf("unable to marshal claim set: %s", err) - } - - encodedJoseHeader := joseBase64UrlEncode(joseHeaderBytes) - encodedClaimSet := joseBase64UrlEncode(claimSetBytes) - encodingToSign := fmt.Sprintf("%s.%s", encodedJoseHeader, encodedClaimSet) - - var signatureBytes []byte - if signatureBytes, _, err = signingKey.Sign(strings.NewReader(encodingToSign), crypto.SHA256); err != nil { - return nil, fmt.Errorf("unable to sign jwt payload: %s", err) - } - - signature := joseBase64UrlEncode(signatureBytes) - tokenString := fmt.Sprintf("%s.%s", encodingToSign, signature) - - return NewToken(tokenString) -} - -// This test makes 4 tokens with a varying number of intermediate -// certificates ranging from no intermediate chain to a length of 3 -// intermediates. -func TestTokenVerify(t *testing.T) { - var ( - numTokens = 4 - issuer = "test-issuer" - audience = "test-audience" - access = []*ResourceActions{ - { - Type: "repository", - Name: "foo/bar", - Actions: []string{"pull", "push"}, - }, - } - ) - - rootKeys, err := makeRootKeys(numTokens) - if err != nil { - t.Fatal(err) - } - - rootCerts, err := makeRootCerts(rootKeys) - if err != nil { - t.Fatal(err) - } - - rootPool := x509.NewCertPool() - for _, rootCert := range rootCerts { - rootPool.AddCert(rootCert) - } - - trustedKeys := makeTrustedKeyMap(rootKeys) - - tokens := make([]*Token, 0, numTokens) - - for i := 0; i < numTokens; i++ { - token, err := makeTestToken(issuer, audience, access, rootKeys[i], i, time.Now(), time.Now().Add(5*time.Minute)) - if err != nil { - t.Fatal(err) - } - tokens = append(tokens, token) - } - - verifyOps := VerifyOptions{ - TrustedIssuers: []string{issuer}, - AcceptedAudiences: []string{audience}, - Roots: rootPool, - TrustedKeys: trustedKeys, - } - - for _, token := range tokens { - if err := token.Verify(verifyOps); err != nil { - t.Fatal(err) - } - } -} - -// This tests that we don't fail tokens with nbf within -// the defined leeway in seconds -func TestLeeway(t *testing.T) { - var ( - issuer = "test-issuer" - audience = "test-audience" - access = []*ResourceActions{ - { - Type: "repository", - Name: "foo/bar", - Actions: []string{"pull", "push"}, - }, - } - ) - - rootKeys, err := makeRootKeys(1) - if err != nil { - t.Fatal(err) - } - - trustedKeys := makeTrustedKeyMap(rootKeys) - - verifyOps := VerifyOptions{ - TrustedIssuers: []string{issuer}, - AcceptedAudiences: []string{audience}, - Roots: nil, - TrustedKeys: trustedKeys, - } - - // nbf verification should pass within leeway - futureNow := time.Now().Add(time.Duration(5) * time.Second) - token, err := makeTestToken(issuer, audience, access, rootKeys[0], 0, futureNow, futureNow.Add(5*time.Minute)) - if err != nil { - t.Fatal(err) - } - - if err := token.Verify(verifyOps); err != nil { - t.Fatal(err) - } - - // nbf verification should fail with a skew larger than leeway - futureNow = time.Now().Add(time.Duration(61) * time.Second) - token, err = makeTestToken(issuer, audience, access, rootKeys[0], 0, futureNow, futureNow.Add(5*time.Minute)) - if err != nil { - t.Fatal(err) - } - - if err = token.Verify(verifyOps); err == nil { - t.Fatal("Verification should fail for token with nbf in the future outside leeway") - } - - // exp verification should pass within leeway - token, err = makeTestToken(issuer, audience, access, rootKeys[0], 0, time.Now(), time.Now().Add(-59*time.Second)) - if err != nil { - t.Fatal(err) - } - - if err = token.Verify(verifyOps); err != nil { - t.Fatal(err) - } - - // exp verification should fail with a skew larger than leeway - token, err = makeTestToken(issuer, audience, access, rootKeys[0], 0, time.Now(), time.Now().Add(-60*time.Second)) - if err != nil { - t.Fatal(err) - } - - if err = token.Verify(verifyOps); err == nil { - t.Fatal("Verification should fail for token with exp in the future outside leeway") - } -} - -func writeTempRootCerts(rootKeys []libtrust.PrivateKey) (filename string, err error) { - rootCerts, err := makeRootCerts(rootKeys) - if err != nil { - return "", err - } - - tempFile, err := ioutil.TempFile("", "rootCertBundle") - if err != nil { - return "", err - } - defer tempFile.Close() - - for _, cert := range rootCerts { - if err = pem.Encode(tempFile, &pem.Block{ - Type: "CERTIFICATE", - Bytes: cert.Raw, - }); err != nil { - os.Remove(tempFile.Name()) - return "", err - } - } - - return tempFile.Name(), nil -} - -// TestAccessController tests complete integration of the token auth package. -// It starts by mocking the options for a token auth accessController which -// it creates. It then tries a few mock requests: -// - don't supply a token; should error with challenge -// - supply an invalid token; should error with challenge -// - supply a token with insufficient access; should error with challenge -// - supply a valid token; should not error -func TestAccessController(t *testing.T) { - // Make 2 keys; only the first is to be a trusted root key. - rootKeys, err := makeRootKeys(2) - if err != nil { - t.Fatal(err) - } - - rootCertBundleFilename, err := writeTempRootCerts(rootKeys[:1]) - if err != nil { - t.Fatal(err) - } - defer os.Remove(rootCertBundleFilename) - - realm := "https://auth.example.com/token/" - issuer := "test-issuer.example.com" - service := "test-service.example.com" - - options := map[string]interface{}{ - "realm": realm, - "issuer": issuer, - "service": service, - "rootcertbundle": rootCertBundleFilename, - } - - accessController, err := newAccessController(options) - if err != nil { - t.Fatal(err) - } - - // 1. Make a mock http.Request with no token. - req, err := http.NewRequest("GET", "http://example.com/foo", nil) - if err != nil { - t.Fatal(err) - } - - testAccess := auth.Access{ - Resource: auth.Resource{ - Type: "foo", - Name: "bar", - }, - Action: "baz", - } - - ctx := context.WithRequest(context.Background(), req) - authCtx, err := accessController.Authorized(ctx, testAccess) - challenge, ok := err.(auth.Challenge) - if !ok { - t.Fatal("accessController did not return a challenge") - } - - if challenge.Error() != ErrTokenRequired.Error() { - t.Fatalf("accessControler did not get expected error - got %s - expected %s", challenge, ErrTokenRequired) - } - - if authCtx != nil { - t.Fatalf("expected nil auth context but got %s", authCtx) - } - - // 2. Supply an invalid token. - token, err := makeTestToken( - issuer, service, - []*ResourceActions{{ - Type: testAccess.Type, - Name: testAccess.Name, - Actions: []string{testAccess.Action}, - }}, - rootKeys[1], 1, time.Now(), time.Now().Add(5*time.Minute), // Everything is valid except the key which signed it. - ) - if err != nil { - t.Fatal(err) - } - - req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token.compactRaw())) - - authCtx, err = accessController.Authorized(ctx, testAccess) - challenge, ok = err.(auth.Challenge) - if !ok { - t.Fatal("accessController did not return a challenge") - } - - if challenge.Error() != ErrInvalidToken.Error() { - t.Fatalf("accessControler did not get expected error - got %s - expected %s", challenge, ErrTokenRequired) - } - - if authCtx != nil { - t.Fatalf("expected nil auth context but got %s", authCtx) - } - - // 3. Supply a token with insufficient access. - token, err = makeTestToken( - issuer, service, - []*ResourceActions{}, // No access specified. - rootKeys[0], 1, time.Now(), time.Now().Add(5*time.Minute), - ) - if err != nil { - t.Fatal(err) - } - - req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token.compactRaw())) - - authCtx, err = accessController.Authorized(ctx, testAccess) - challenge, ok = err.(auth.Challenge) - if !ok { - t.Fatal("accessController did not return a challenge") - } - - if challenge.Error() != ErrInsufficientScope.Error() { - t.Fatalf("accessControler did not get expected error - got %s - expected %s", challenge, ErrInsufficientScope) - } - - if authCtx != nil { - t.Fatalf("expected nil auth context but got %s", authCtx) - } - - // 4. Supply the token we need, or deserve, or whatever. - token, err = makeTestToken( - issuer, service, - []*ResourceActions{{ - Type: testAccess.Type, - Name: testAccess.Name, - Actions: []string{testAccess.Action}, - }}, - rootKeys[0], 1, time.Now(), time.Now().Add(5*time.Minute), - ) - if err != nil { - t.Fatal(err) - } - - req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token.compactRaw())) - - authCtx, err = accessController.Authorized(ctx, testAccess) - if err != nil { - t.Fatalf("accessController returned unexpected error: %s", err) - } - - userInfo, ok := authCtx.Value(auth.UserKey).(auth.UserInfo) - if !ok { - t.Fatal("token accessController did not set auth.user context") - } - - if userInfo.Name != "foo" { - t.Fatalf("expected user name %q, got %q", "foo", userInfo.Name) - } -} - -// This tests that newAccessController can handle PEM blocks in the certificate -// file other than certificates, for example a private key. -func TestNewAccessControllerPemBlock(t *testing.T) { - rootKeys, err := makeRootKeys(2) - if err != nil { - t.Fatal(err) - } - - rootCertBundleFilename, err := writeTempRootCerts(rootKeys) - if err != nil { - t.Fatal(err) - } - defer os.Remove(rootCertBundleFilename) - - // Add something other than a certificate to the rootcertbundle - file, err := os.OpenFile(rootCertBundleFilename, os.O_WRONLY|os.O_APPEND, 0666) - if err != nil { - t.Fatal(err) - } - keyBlock, err := rootKeys[0].PEMBlock() - if err != nil { - t.Fatal(err) - } - err = pem.Encode(file, keyBlock) - if err != nil { - t.Fatal(err) - } - err = file.Close() - if err != nil { - t.Fatal(err) - } - - realm := "https://auth.example.com/token/" - issuer := "test-issuer.example.com" - service := "test-service.example.com" - - options := map[string]interface{}{ - "realm": realm, - "issuer": issuer, - "service": service, - "rootcertbundle": rootCertBundleFilename, - } - - ac, err := newAccessController(options) - if err != nil { - t.Fatal(err) - } - - if len(ac.(*accessController).rootCerts.Subjects()) != 2 { - t.Fatal("accessController has the wrong number of certificates") - } -} diff --git a/vendor/github.com/docker/distribution/registry/auth/token/util.go b/vendor/github.com/docker/distribution/registry/auth/token/util.go deleted file mode 100644 index d7f95be4..00000000 --- a/vendor/github.com/docker/distribution/registry/auth/token/util.go +++ /dev/null @@ -1,58 +0,0 @@ -package token - -import ( - "encoding/base64" - "errors" - "strings" -) - -// joseBase64UrlEncode encodes the given data using the standard base64 url -// encoding format but with all trailing '=' characters omitted in accordance -// with the jose specification. -// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2 -func joseBase64UrlEncode(b []byte) string { - return strings.TrimRight(base64.URLEncoding.EncodeToString(b), "=") -} - -// joseBase64UrlDecode decodes the given string using the standard base64 url -// decoder but first adds the appropriate number of trailing '=' characters in -// accordance with the jose specification. -// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2 -func joseBase64UrlDecode(s string) ([]byte, error) { - switch len(s) % 4 { - case 0: - case 2: - s += "==" - case 3: - s += "=" - default: - return nil, errors.New("illegal base64url string") - } - return base64.URLEncoding.DecodeString(s) -} - -// actionSet is a special type of stringSet. -type actionSet struct { - stringSet -} - -func newActionSet(actions ...string) actionSet { - return actionSet{newStringSet(actions...)} -} - -// Contains calls StringSet.Contains() for -// either "*" or the given action string. -func (s actionSet) contains(action string) bool { - return s.stringSet.contains("*") || s.stringSet.contains(action) -} - -// contains returns true if q is found in ss. -func contains(ss []string, q string) bool { - for _, s := range ss { - if s == q { - return true - } - } - - return false -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/api_version.go b/vendor/github.com/docker/distribution/registry/client/auth/api_version.go deleted file mode 100644 index 7d8f1d95..00000000 --- a/vendor/github.com/docker/distribution/registry/client/auth/api_version.go +++ /dev/null @@ -1,58 +0,0 @@ -package auth - -import ( - "net/http" - "strings" -) - -// APIVersion represents a version of an API including its -// type and version number. -type APIVersion struct { - // Type refers to the name of a specific API specification - // such as "registry" - Type string - - // Version is the version of the API specification implemented, - // This may omit the revision number and only include - // the major and minor version, such as "2.0" - Version string -} - -// String returns the string formatted API Version -func (v APIVersion) String() string { - return v.Type + "/" + v.Version -} - -// APIVersions gets the API versions out of an HTTP response using the provided -// version header as the key for the HTTP header. -func APIVersions(resp *http.Response, versionHeader string) []APIVersion { - versions := []APIVersion{} - if versionHeader != "" { - for _, supportedVersions := range resp.Header[http.CanonicalHeaderKey(versionHeader)] { - for _, version := range strings.Fields(supportedVersions) { - versions = append(versions, ParseAPIVersion(version)) - } - } - } - return versions -} - -// ParseAPIVersion parses an API version string into an APIVersion -// Format (Expected, not enforced): -// API version string = '/' -// API type = [a-z][a-z0-9]* -// API version = [0-9]+(\.[0-9]+)? -// TODO(dmcgowan): Enforce format, add error condition, remove unknown type -func ParseAPIVersion(versionStr string) APIVersion { - idx := strings.IndexRune(versionStr, '/') - if idx == -1 { - return APIVersion{ - Type: "unknown", - Version: versionStr, - } - } - return APIVersion{ - Type: strings.ToLower(versionStr[:idx]), - Version: versionStr[idx+1:], - } -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/challenge/addr.go b/vendor/github.com/docker/distribution/registry/client/auth/challenge/addr.go deleted file mode 100644 index 2c3ebe16..00000000 --- a/vendor/github.com/docker/distribution/registry/client/auth/challenge/addr.go +++ /dev/null @@ -1,27 +0,0 @@ -package challenge - -import ( - "net/url" - "strings" -) - -// FROM: https://golang.org/src/net/http/http.go -// Given a string of the form "host", "host:port", or "[ipv6::address]:port", -// return true if the string includes a port. -func hasPort(s string) bool { return strings.LastIndex(s, ":") > strings.LastIndex(s, "]") } - -// FROM: http://golang.org/src/net/http/transport.go -var portMap = map[string]string{ - "http": "80", - "https": "443", -} - -// canonicalAddr returns url.Host but always with a ":port" suffix -// FROM: http://golang.org/src/net/http/transport.go -func canonicalAddr(url *url.URL) string { - addr := url.Host - if !hasPort(addr) { - return addr + ":" + portMap[url.Scheme] - } - return addr -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go b/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go deleted file mode 100644 index c9bdfc35..00000000 --- a/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge.go +++ /dev/null @@ -1,237 +0,0 @@ -package challenge - -import ( - "fmt" - "net/http" - "net/url" - "strings" - "sync" -) - -// Challenge carries information from a WWW-Authenticate response header. -// See RFC 2617. -type Challenge struct { - // Scheme is the auth-scheme according to RFC 2617 - Scheme string - - // Parameters are the auth-params according to RFC 2617 - Parameters map[string]string -} - -// Manager manages the challenges for endpoints. -// The challenges are pulled out of HTTP responses. Only -// responses which expect challenges should be added to -// the manager, since a non-unauthorized request will be -// viewed as not requiring challenges. -type Manager interface { - // GetChallenges returns the challenges for the given - // endpoint URL. - GetChallenges(endpoint url.URL) ([]Challenge, error) - - // AddResponse adds the response to the challenge - // manager. The challenges will be parsed out of - // the WWW-Authenicate headers and added to the - // URL which was produced the response. If the - // response was authorized, any challenges for the - // endpoint will be cleared. - AddResponse(resp *http.Response) error -} - -// NewSimpleManager returns an instance of -// Manger which only maps endpoints to challenges -// based on the responses which have been added the -// manager. The simple manager will make no attempt to -// perform requests on the endpoints or cache the responses -// to a backend. -func NewSimpleManager() Manager { - return &simpleManager{ - Challanges: make(map[string][]Challenge), - } -} - -type simpleManager struct { - sync.RWMutex - Challanges map[string][]Challenge -} - -func normalizeURL(endpoint *url.URL) { - endpoint.Host = strings.ToLower(endpoint.Host) - endpoint.Host = canonicalAddr(endpoint) -} - -func (m *simpleManager) GetChallenges(endpoint url.URL) ([]Challenge, error) { - normalizeURL(&endpoint) - - m.RLock() - defer m.RUnlock() - challenges := m.Challanges[endpoint.String()] - return challenges, nil -} - -func (m *simpleManager) AddResponse(resp *http.Response) error { - challenges := ResponseChallenges(resp) - if resp.Request == nil { - return fmt.Errorf("missing request reference") - } - urlCopy := url.URL{ - Path: resp.Request.URL.Path, - Host: resp.Request.URL.Host, - Scheme: resp.Request.URL.Scheme, - } - normalizeURL(&urlCopy) - - m.Lock() - defer m.Unlock() - m.Challanges[urlCopy.String()] = challenges - return nil -} - -// Octet types from RFC 2616. -type octetType byte - -var octetTypes [256]octetType - -const ( - isToken octetType = 1 << iota - isSpace -) - -func init() { - // OCTET = - // CHAR = - // CTL = - // CR = - // LF = - // SP = - // HT = - // <"> = - // CRLF = CR LF - // LWS = [CRLF] 1*( SP | HT ) - // TEXT = - // separators = "(" | ")" | "<" | ">" | "@" | "," | ";" | ":" | "\" | <"> - // | "/" | "[" | "]" | "?" | "=" | "{" | "}" | SP | HT - // token = 1* - // qdtext = > - - for c := 0; c < 256; c++ { - var t octetType - isCtl := c <= 31 || c == 127 - isChar := 0 <= c && c <= 127 - isSeparator := strings.IndexRune(" \t\"(),/:;<=>?@[]\\{}", rune(c)) >= 0 - if strings.IndexRune(" \t\r\n", rune(c)) >= 0 { - t |= isSpace - } - if isChar && !isCtl && !isSeparator { - t |= isToken - } - octetTypes[c] = t - } -} - -// ResponseChallenges returns a list of authorization challenges -// for the given http Response. Challenges are only checked if -// the response status code was a 401. -func ResponseChallenges(resp *http.Response) []Challenge { - if resp.StatusCode == http.StatusUnauthorized { - // Parse the WWW-Authenticate Header and store the challenges - // on this endpoint object. - return parseAuthHeader(resp.Header) - } - - return nil -} - -func parseAuthHeader(header http.Header) []Challenge { - challenges := []Challenge{} - for _, h := range header[http.CanonicalHeaderKey("WWW-Authenticate")] { - v, p := parseValueAndParams(h) - if v != "" { - challenges = append(challenges, Challenge{Scheme: v, Parameters: p}) - } - } - return challenges -} - -func parseValueAndParams(header string) (value string, params map[string]string) { - params = make(map[string]string) - value, s := expectToken(header) - if value == "" { - return - } - value = strings.ToLower(value) - s = "," + skipSpace(s) - for strings.HasPrefix(s, ",") { - var pkey string - pkey, s = expectToken(skipSpace(s[1:])) - if pkey == "" { - return - } - if !strings.HasPrefix(s, "=") { - return - } - var pvalue string - pvalue, s = expectTokenOrQuoted(s[1:]) - if pvalue == "" { - return - } - pkey = strings.ToLower(pkey) - params[pkey] = pvalue - s = skipSpace(s) - } - return -} - -func skipSpace(s string) (rest string) { - i := 0 - for ; i < len(s); i++ { - if octetTypes[s[i]]&isSpace == 0 { - break - } - } - return s[i:] -} - -func expectToken(s string) (token, rest string) { - i := 0 - for ; i < len(s); i++ { - if octetTypes[s[i]]&isToken == 0 { - break - } - } - return s[:i], s[i:] -} - -func expectTokenOrQuoted(s string) (value string, rest string) { - if !strings.HasPrefix(s, "\"") { - return expectToken(s) - } - s = s[1:] - for i := 0; i < len(s); i++ { - switch s[i] { - case '"': - return s[:i], s[i+1:] - case '\\': - p := make([]byte, len(s)-1) - j := copy(p, s[:i]) - escape := true - for i = i + 1; i < len(s); i++ { - b := s[i] - switch { - case escape: - escape = false - p[j] = b - j++ - case b == '\\': - escape = true - case b == '"': - return string(p[:j]), s[i+1:] - default: - p[j] = b - j++ - } - } - return "", "" - } - } - return "", "" -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge_test.go b/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge_test.go deleted file mode 100644 index d4986b39..00000000 --- a/vendor/github.com/docker/distribution/registry/client/auth/challenge/authchallenge_test.go +++ /dev/null @@ -1,127 +0,0 @@ -package challenge - -import ( - "fmt" - "net/http" - "net/url" - "strings" - "sync" - "testing" -) - -func TestAuthChallengeParse(t *testing.T) { - header := http.Header{} - header.Add("WWW-Authenticate", `Bearer realm="https://auth.example.com/token",service="registry.example.com",other=fun,slashed="he\"\l\lo"`) - - challenges := parseAuthHeader(header) - if len(challenges) != 1 { - t.Fatalf("Unexpected number of auth challenges: %d, expected 1", len(challenges)) - } - challenge := challenges[0] - - if expected := "bearer"; challenge.Scheme != expected { - t.Fatalf("Unexpected scheme: %s, expected: %s", challenge.Scheme, expected) - } - - if expected := "https://auth.example.com/token"; challenge.Parameters["realm"] != expected { - t.Fatalf("Unexpected param: %s, expected: %s", challenge.Parameters["realm"], expected) - } - - if expected := "registry.example.com"; challenge.Parameters["service"] != expected { - t.Fatalf("Unexpected param: %s, expected: %s", challenge.Parameters["service"], expected) - } - - if expected := "fun"; challenge.Parameters["other"] != expected { - t.Fatalf("Unexpected param: %s, expected: %s", challenge.Parameters["other"], expected) - } - - if expected := "he\"llo"; challenge.Parameters["slashed"] != expected { - t.Fatalf("Unexpected param: %s, expected: %s", challenge.Parameters["slashed"], expected) - } - -} - -func TestAuthChallengeNormalization(t *testing.T) { - testAuthChallengeNormalization(t, "reg.EXAMPLE.com") - testAuthChallengeNormalization(t, "bɿɒʜɔiɿ-ɿɘƚƨim-ƚol-ɒ-ƨʞnɒʜƚ.com") - testAuthChallengeNormalization(t, "reg.example.com:80") - testAuthChallengeConcurrent(t, "reg.EXAMPLE.com") -} - -func testAuthChallengeNormalization(t *testing.T, host string) { - - scm := NewSimpleManager() - - url, err := url.Parse(fmt.Sprintf("http://%s/v2/", host)) - if err != nil { - t.Fatal(err) - } - - resp := &http.Response{ - Request: &http.Request{ - URL: url, - }, - Header: make(http.Header), - StatusCode: http.StatusUnauthorized, - } - resp.Header.Add("WWW-Authenticate", fmt.Sprintf("Bearer realm=\"https://%s/token\",service=\"registry.example.com\"", host)) - - err = scm.AddResponse(resp) - if err != nil { - t.Fatal(err) - } - - lowered := *url - lowered.Host = strings.ToLower(lowered.Host) - lowered.Host = canonicalAddr(&lowered) - c, err := scm.GetChallenges(lowered) - if err != nil { - t.Fatal(err) - } - - if len(c) == 0 { - t.Fatal("Expected challenge for lower-cased-host URL") - } -} - -func testAuthChallengeConcurrent(t *testing.T, host string) { - - scm := NewSimpleManager() - - url, err := url.Parse(fmt.Sprintf("http://%s/v2/", host)) - if err != nil { - t.Fatal(err) - } - - resp := &http.Response{ - Request: &http.Request{ - URL: url, - }, - Header: make(http.Header), - StatusCode: http.StatusUnauthorized, - } - resp.Header.Add("WWW-Authenticate", fmt.Sprintf("Bearer realm=\"https://%s/token\",service=\"registry.example.com\"", host)) - var s sync.WaitGroup - s.Add(2) - go func() { - defer s.Done() - for i := 0; i < 200; i++ { - err = scm.AddResponse(resp) - if err != nil { - t.Error(err) - } - } - }() - go func() { - defer s.Done() - lowered := *url - lowered.Host = strings.ToLower(lowered.Host) - for k := 0; k < 200; k++ { - _, err := scm.GetChallenges(lowered) - if err != nil { - t.Error(err) - } - } - }() - s.Wait() -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/session.go b/vendor/github.com/docker/distribution/registry/client/auth/session.go deleted file mode 100644 index d6d884ff..00000000 --- a/vendor/github.com/docker/distribution/registry/client/auth/session.go +++ /dev/null @@ -1,503 +0,0 @@ -package auth - -import ( - "encoding/json" - "errors" - "fmt" - "net/http" - "net/url" - "strings" - "sync" - "time" - - "github.com/Sirupsen/logrus" - "github.com/docker/distribution/registry/client" - "github.com/docker/distribution/registry/client/auth/challenge" - "github.com/docker/distribution/registry/client/transport" -) - -var ( - // ErrNoBasicAuthCredentials is returned if a request can't be authorized with - // basic auth due to lack of credentials. - ErrNoBasicAuthCredentials = errors.New("no basic auth credentials") - - // ErrNoToken is returned if a request is successful but the body does not - // contain an authorization token. - ErrNoToken = errors.New("authorization server did not include a token in the response") -) - -const defaultClientID = "registry-client" - -// AuthenticationHandler is an interface for authorizing a request from -// params from a "WWW-Authenicate" header for a single scheme. -type AuthenticationHandler interface { - // Scheme returns the scheme as expected from the "WWW-Authenicate" header. - Scheme() string - - // AuthorizeRequest adds the authorization header to a request (if needed) - // using the parameters from "WWW-Authenticate" method. The parameters - // values depend on the scheme. - AuthorizeRequest(req *http.Request, params map[string]string) error -} - -// CredentialStore is an interface for getting credentials for -// a given URL -type CredentialStore interface { - // Basic returns basic auth for the given URL - Basic(*url.URL) (string, string) - - // RefreshToken returns a refresh token for the - // given URL and service - RefreshToken(*url.URL, string) string - - // SetRefreshToken sets the refresh token if none - // is provided for the given url and service - SetRefreshToken(realm *url.URL, service, token string) -} - -// NewAuthorizer creates an authorizer which can handle multiple authentication -// schemes. The handlers are tried in order, the higher priority authentication -// methods should be first. The challengeMap holds a list of challenges for -// a given root API endpoint (for example "https://registry-1.docker.io/v2/"). -func NewAuthorizer(manager challenge.Manager, handlers ...AuthenticationHandler) transport.RequestModifier { - return &endpointAuthorizer{ - challenges: manager, - handlers: handlers, - } -} - -type endpointAuthorizer struct { - challenges challenge.Manager - handlers []AuthenticationHandler - transport http.RoundTripper -} - -func (ea *endpointAuthorizer) ModifyRequest(req *http.Request) error { - pingPath := req.URL.Path - if v2Root := strings.Index(req.URL.Path, "/v2/"); v2Root != -1 { - pingPath = pingPath[:v2Root+4] - } else if v1Root := strings.Index(req.URL.Path, "/v1/"); v1Root != -1 { - pingPath = pingPath[:v1Root] + "/v2/" - } else { - return nil - } - - ping := url.URL{ - Host: req.URL.Host, - Scheme: req.URL.Scheme, - Path: pingPath, - } - - challenges, err := ea.challenges.GetChallenges(ping) - if err != nil { - return err - } - - if len(challenges) > 0 { - for _, handler := range ea.handlers { - for _, c := range challenges { - if c.Scheme != handler.Scheme() { - continue - } - if err := handler.AuthorizeRequest(req, c.Parameters); err != nil { - return err - } - } - } - } - - return nil -} - -// This is the minimum duration a token can last (in seconds). -// A token must not live less than 60 seconds because older versions -// of the Docker client didn't read their expiration from the token -// response and assumed 60 seconds. So to remain compatible with -// those implementations, a token must live at least this long. -const minimumTokenLifetimeSeconds = 60 - -// Private interface for time used by this package to enable tests to provide their own implementation. -type clock interface { - Now() time.Time -} - -type tokenHandler struct { - header http.Header - creds CredentialStore - transport http.RoundTripper - clock clock - - offlineAccess bool - forceOAuth bool - clientID string - scopes []Scope - - tokenLock sync.Mutex - tokenCache string - tokenExpiration time.Time -} - -// Scope is a type which is serializable to a string -// using the allow scope grammar. -type Scope interface { - String() string -} - -// RepositoryScope represents a token scope for access -// to a repository. -type RepositoryScope struct { - Repository string - Class string - Actions []string -} - -// String returns the string representation of the repository -// using the scope grammar -func (rs RepositoryScope) String() string { - repoType := "repository" - if rs.Class != "" { - repoType = fmt.Sprintf("%s(%s)", repoType, rs.Class) - } - return fmt.Sprintf("%s:%s:%s", repoType, rs.Repository, strings.Join(rs.Actions, ",")) -} - -// RegistryScope represents a token scope for access -// to resources in the registry. -type RegistryScope struct { - Name string - Actions []string -} - -// String returns the string representation of the user -// using the scope grammar -func (rs RegistryScope) String() string { - return fmt.Sprintf("registry:%s:%s", rs.Name, strings.Join(rs.Actions, ",")) -} - -// TokenHandlerOptions is used to configure a new token handler -type TokenHandlerOptions struct { - Transport http.RoundTripper - Credentials CredentialStore - - OfflineAccess bool - ForceOAuth bool - ClientID string - Scopes []Scope -} - -// An implementation of clock for providing real time data. -type realClock struct{} - -// Now implements clock -func (realClock) Now() time.Time { return time.Now() } - -// NewTokenHandler creates a new AuthenicationHandler which supports -// fetching tokens from a remote token server. -func NewTokenHandler(transport http.RoundTripper, creds CredentialStore, scope string, actions ...string) AuthenticationHandler { - // Create options... - return NewTokenHandlerWithOptions(TokenHandlerOptions{ - Transport: transport, - Credentials: creds, - Scopes: []Scope{ - RepositoryScope{ - Repository: scope, - Actions: actions, - }, - }, - }) -} - -// NewTokenHandlerWithOptions creates a new token handler using the provided -// options structure. -func NewTokenHandlerWithOptions(options TokenHandlerOptions) AuthenticationHandler { - handler := &tokenHandler{ - transport: options.Transport, - creds: options.Credentials, - offlineAccess: options.OfflineAccess, - forceOAuth: options.ForceOAuth, - clientID: options.ClientID, - scopes: options.Scopes, - clock: realClock{}, - } - - return handler -} - -func (th *tokenHandler) client() *http.Client { - return &http.Client{ - Transport: th.transport, - Timeout: 15 * time.Second, - } -} - -func (th *tokenHandler) Scheme() string { - return "bearer" -} - -func (th *tokenHandler) AuthorizeRequest(req *http.Request, params map[string]string) error { - var additionalScopes []string - if fromParam := req.URL.Query().Get("from"); fromParam != "" { - additionalScopes = append(additionalScopes, RepositoryScope{ - Repository: fromParam, - Actions: []string{"pull"}, - }.String()) - } - - token, err := th.getToken(params, additionalScopes...) - if err != nil { - return err - } - - req.Header.Set("Authorization", fmt.Sprintf("Bearer %s", token)) - - return nil -} - -func (th *tokenHandler) getToken(params map[string]string, additionalScopes ...string) (string, error) { - th.tokenLock.Lock() - defer th.tokenLock.Unlock() - scopes := make([]string, 0, len(th.scopes)+len(additionalScopes)) - for _, scope := range th.scopes { - scopes = append(scopes, scope.String()) - } - var addedScopes bool - for _, scope := range additionalScopes { - scopes = append(scopes, scope) - addedScopes = true - } - - now := th.clock.Now() - if now.After(th.tokenExpiration) || addedScopes { - token, expiration, err := th.fetchToken(params, scopes) - if err != nil { - return "", err - } - - // do not update cache for added scope tokens - if !addedScopes { - th.tokenCache = token - th.tokenExpiration = expiration - } - - return token, nil - } - - return th.tokenCache, nil -} - -type postTokenResponse struct { - AccessToken string `json:"access_token"` - RefreshToken string `json:"refresh_token"` - ExpiresIn int `json:"expires_in"` - IssuedAt time.Time `json:"issued_at"` - Scope string `json:"scope"` -} - -func (th *tokenHandler) fetchTokenWithOAuth(realm *url.URL, refreshToken, service string, scopes []string) (token string, expiration time.Time, err error) { - form := url.Values{} - form.Set("scope", strings.Join(scopes, " ")) - form.Set("service", service) - - clientID := th.clientID - if clientID == "" { - // Use default client, this is a required field - clientID = defaultClientID - } - form.Set("client_id", clientID) - - if refreshToken != "" { - form.Set("grant_type", "refresh_token") - form.Set("refresh_token", refreshToken) - } else if th.creds != nil { - form.Set("grant_type", "password") - username, password := th.creds.Basic(realm) - form.Set("username", username) - form.Set("password", password) - - // attempt to get a refresh token - form.Set("access_type", "offline") - } else { - // refuse to do oauth without a grant type - return "", time.Time{}, fmt.Errorf("no supported grant type") - } - - resp, err := th.client().PostForm(realm.String(), form) - if err != nil { - return "", time.Time{}, err - } - defer resp.Body.Close() - - if !client.SuccessStatus(resp.StatusCode) { - err := client.HandleErrorResponse(resp) - return "", time.Time{}, err - } - - decoder := json.NewDecoder(resp.Body) - - var tr postTokenResponse - if err = decoder.Decode(&tr); err != nil { - return "", time.Time{}, fmt.Errorf("unable to decode token response: %s", err) - } - - if tr.RefreshToken != "" && tr.RefreshToken != refreshToken { - th.creds.SetRefreshToken(realm, service, tr.RefreshToken) - } - - if tr.ExpiresIn < minimumTokenLifetimeSeconds { - // The default/minimum lifetime. - tr.ExpiresIn = minimumTokenLifetimeSeconds - logrus.Debugf("Increasing token expiration to: %d seconds", tr.ExpiresIn) - } - - if tr.IssuedAt.IsZero() { - // issued_at is optional in the token response. - tr.IssuedAt = th.clock.Now().UTC() - } - - return tr.AccessToken, tr.IssuedAt.Add(time.Duration(tr.ExpiresIn) * time.Second), nil -} - -type getTokenResponse struct { - Token string `json:"token"` - AccessToken string `json:"access_token"` - ExpiresIn int `json:"expires_in"` - IssuedAt time.Time `json:"issued_at"` - RefreshToken string `json:"refresh_token"` -} - -func (th *tokenHandler) fetchTokenWithBasicAuth(realm *url.URL, service string, scopes []string) (token string, expiration time.Time, err error) { - - req, err := http.NewRequest("GET", realm.String(), nil) - if err != nil { - return "", time.Time{}, err - } - - reqParams := req.URL.Query() - - if service != "" { - reqParams.Add("service", service) - } - - for _, scope := range scopes { - reqParams.Add("scope", scope) - } - - if th.offlineAccess { - reqParams.Add("offline_token", "true") - clientID := th.clientID - if clientID == "" { - clientID = defaultClientID - } - reqParams.Add("client_id", clientID) - } - - if th.creds != nil { - username, password := th.creds.Basic(realm) - if username != "" && password != "" { - reqParams.Add("account", username) - req.SetBasicAuth(username, password) - } - } - - req.URL.RawQuery = reqParams.Encode() - - resp, err := th.client().Do(req) - if err != nil { - return "", time.Time{}, err - } - defer resp.Body.Close() - - if !client.SuccessStatus(resp.StatusCode) { - err := client.HandleErrorResponse(resp) - return "", time.Time{}, err - } - - decoder := json.NewDecoder(resp.Body) - - var tr getTokenResponse - if err = decoder.Decode(&tr); err != nil { - return "", time.Time{}, fmt.Errorf("unable to decode token response: %s", err) - } - - if tr.RefreshToken != "" && th.creds != nil { - th.creds.SetRefreshToken(realm, service, tr.RefreshToken) - } - - // `access_token` is equivalent to `token` and if both are specified - // the choice is undefined. Canonicalize `access_token` by sticking - // things in `token`. - if tr.AccessToken != "" { - tr.Token = tr.AccessToken - } - - if tr.Token == "" { - return "", time.Time{}, ErrNoToken - } - - if tr.ExpiresIn < minimumTokenLifetimeSeconds { - // The default/minimum lifetime. - tr.ExpiresIn = minimumTokenLifetimeSeconds - logrus.Debugf("Increasing token expiration to: %d seconds", tr.ExpiresIn) - } - - if tr.IssuedAt.IsZero() { - // issued_at is optional in the token response. - tr.IssuedAt = th.clock.Now().UTC() - } - - return tr.Token, tr.IssuedAt.Add(time.Duration(tr.ExpiresIn) * time.Second), nil -} - -func (th *tokenHandler) fetchToken(params map[string]string, scopes []string) (token string, expiration time.Time, err error) { - realm, ok := params["realm"] - if !ok { - return "", time.Time{}, errors.New("no realm specified for token auth challenge") - } - - // TODO(dmcgowan): Handle empty scheme and relative realm - realmURL, err := url.Parse(realm) - if err != nil { - return "", time.Time{}, fmt.Errorf("invalid token auth challenge realm: %s", err) - } - - service := params["service"] - - var refreshToken string - - if th.creds != nil { - refreshToken = th.creds.RefreshToken(realmURL, service) - } - - if refreshToken != "" || th.forceOAuth { - return th.fetchTokenWithOAuth(realmURL, refreshToken, service, scopes) - } - - return th.fetchTokenWithBasicAuth(realmURL, service, scopes) -} - -type basicHandler struct { - creds CredentialStore -} - -// NewBasicHandler creaters a new authentiation handler which adds -// basic authentication credentials to a request. -func NewBasicHandler(creds CredentialStore) AuthenticationHandler { - return &basicHandler{ - creds: creds, - } -} - -func (*basicHandler) Scheme() string { - return "basic" -} - -func (bh *basicHandler) AuthorizeRequest(req *http.Request, params map[string]string) error { - if bh.creds != nil { - username, password := bh.creds.Basic(req.URL) - if username != "" && password != "" { - req.SetBasicAuth(username, password) - return nil - } - } - return ErrNoBasicAuthCredentials -} diff --git a/vendor/github.com/docker/distribution/registry/client/auth/session_test.go b/vendor/github.com/docker/distribution/registry/client/auth/session_test.go deleted file mode 100644 index 4f54c75c..00000000 --- a/vendor/github.com/docker/distribution/registry/client/auth/session_test.go +++ /dev/null @@ -1,866 +0,0 @@ -package auth - -import ( - "encoding/base64" - "fmt" - "net/http" - "net/http/httptest" - "net/url" - "testing" - "time" - - "github.com/docker/distribution/registry/client/auth/challenge" - "github.com/docker/distribution/registry/client/transport" - "github.com/docker/distribution/testutil" -) - -// An implementation of clock for providing fake time data. -type fakeClock struct { - current time.Time -} - -// Now implements clock -func (fc *fakeClock) Now() time.Time { return fc.current } - -func testServer(rrm testutil.RequestResponseMap) (string, func()) { - h := testutil.NewHandler(rrm) - s := httptest.NewServer(h) - return s.URL, s.Close -} - -type testAuthenticationWrapper struct { - headers http.Header - authCheck func(string) bool - next http.Handler -} - -func (w *testAuthenticationWrapper) ServeHTTP(rw http.ResponseWriter, r *http.Request) { - auth := r.Header.Get("Authorization") - if auth == "" || !w.authCheck(auth) { - h := rw.Header() - for k, values := range w.headers { - h[k] = values - } - rw.WriteHeader(http.StatusUnauthorized) - return - } - w.next.ServeHTTP(rw, r) -} - -func testServerWithAuth(rrm testutil.RequestResponseMap, authenticate string, authCheck func(string) bool) (string, func()) { - h := testutil.NewHandler(rrm) - wrapper := &testAuthenticationWrapper{ - - headers: http.Header(map[string][]string{ - "X-API-Version": {"registry/2.0"}, - "X-Multi-API-Version": {"registry/2.0", "registry/2.1", "trust/1.0"}, - "WWW-Authenticate": {authenticate}, - }), - authCheck: authCheck, - next: h, - } - - s := httptest.NewServer(wrapper) - return s.URL, s.Close -} - -// ping pings the provided endpoint to determine its required authorization challenges. -// If a version header is provided, the versions will be returned. -func ping(manager challenge.Manager, endpoint, versionHeader string) ([]APIVersion, error) { - resp, err := http.Get(endpoint) - if err != nil { - return nil, err - } - defer resp.Body.Close() - - if err := manager.AddResponse(resp); err != nil { - return nil, err - } - - return APIVersions(resp, versionHeader), err -} - -type testCredentialStore struct { - username string - password string - refreshTokens map[string]string -} - -func (tcs *testCredentialStore) Basic(*url.URL) (string, string) { - return tcs.username, tcs.password -} - -func (tcs *testCredentialStore) RefreshToken(u *url.URL, service string) string { - return tcs.refreshTokens[service] -} - -func (tcs *testCredentialStore) SetRefreshToken(u *url.URL, service string, token string) { - if tcs.refreshTokens != nil { - tcs.refreshTokens[service] = token - } -} - -func TestEndpointAuthorizeToken(t *testing.T) { - service := "localhost.localdomain" - repo1 := "some/registry" - repo2 := "other/registry" - scope1 := fmt.Sprintf("repository:%s:pull,push", repo1) - scope2 := fmt.Sprintf("repository:%s:pull,push", repo2) - tokenMap := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?scope=%s&service=%s", url.QueryEscape(scope1), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"token":"statictoken"}`), - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?scope=%s&service=%s", url.QueryEscape(scope2), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"token":"badtoken"}`), - }, - }, - }) - te, tc := testServer(tokenMap) - defer tc() - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - authenicate := fmt.Sprintf("Bearer realm=%q,service=%q", te+"/token", service) - validCheck := func(a string) bool { - return a == "Bearer statictoken" - } - e, c := testServerWithAuth(m, authenicate, validCheck) - defer c() - - challengeManager1 := challenge.NewSimpleManager() - versions, err := ping(challengeManager1, e+"/v2/", "x-api-version") - if err != nil { - t.Fatal(err) - } - if len(versions) != 1 { - t.Fatalf("Unexpected version count: %d, expected 1", len(versions)) - } - if check := (APIVersion{Type: "registry", Version: "2.0"}); versions[0] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[0], check) - } - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager1, NewTokenHandler(nil, nil, repo1, "pull", "push"))) - client := &http.Client{Transport: transport1} - - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } - - e2, c2 := testServerWithAuth(m, authenicate, validCheck) - defer c2() - - challengeManager2 := challenge.NewSimpleManager() - versions, err = ping(challengeManager2, e2+"/v2/", "x-multi-api-version") - if err != nil { - t.Fatal(err) - } - if len(versions) != 3 { - t.Fatalf("Unexpected version count: %d, expected 3", len(versions)) - } - if check := (APIVersion{Type: "registry", Version: "2.0"}); versions[0] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[0], check) - } - if check := (APIVersion{Type: "registry", Version: "2.1"}); versions[1] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[1], check) - } - if check := (APIVersion{Type: "trust", Version: "1.0"}); versions[2] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[2], check) - } - transport2 := transport.NewTransport(nil, NewAuthorizer(challengeManager2, NewTokenHandler(nil, nil, repo2, "pull", "push"))) - client2 := &http.Client{Transport: transport2} - - req, _ = http.NewRequest("GET", e2+"/v2/hello", nil) - resp, err = client2.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusUnauthorized { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusUnauthorized) - } -} - -func TestEndpointAuthorizeRefreshToken(t *testing.T) { - service := "localhost.localdomain" - repo1 := "some/registry" - repo2 := "other/registry" - scope1 := fmt.Sprintf("repository:%s:pull,push", repo1) - scope2 := fmt.Sprintf("repository:%s:pull,push", repo2) - refreshToken1 := "0123456790abcdef" - refreshToken2 := "0123456790fedcba" - tokenMap := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "POST", - Route: "/token", - Body: []byte(fmt.Sprintf("client_id=registry-client&grant_type=refresh_token&refresh_token=%s&scope=%s&service=%s", refreshToken1, url.QueryEscape(scope1), service)), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(fmt.Sprintf(`{"access_token":"statictoken","refresh_token":"%s"}`, refreshToken1)), - }, - }, - { - // In the future this test may fail and require using basic auth to get a different refresh token - Request: testutil.Request{ - Method: "POST", - Route: "/token", - Body: []byte(fmt.Sprintf("client_id=registry-client&grant_type=refresh_token&refresh_token=%s&scope=%s&service=%s", refreshToken1, url.QueryEscape(scope2), service)), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(fmt.Sprintf(`{"access_token":"statictoken","refresh_token":"%s"}`, refreshToken2)), - }, - }, - { - Request: testutil.Request{ - Method: "POST", - Route: "/token", - Body: []byte(fmt.Sprintf("client_id=registry-client&grant_type=refresh_token&refresh_token=%s&scope=%s&service=%s", refreshToken2, url.QueryEscape(scope2), service)), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"access_token":"badtoken","refresh_token":"%s"}`), - }, - }, - }) - te, tc := testServer(tokenMap) - defer tc() - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - authenicate := fmt.Sprintf("Bearer realm=%q,service=%q", te+"/token", service) - validCheck := func(a string) bool { - return a == "Bearer statictoken" - } - e, c := testServerWithAuth(m, authenicate, validCheck) - defer c() - - challengeManager1 := challenge.NewSimpleManager() - versions, err := ping(challengeManager1, e+"/v2/", "x-api-version") - if err != nil { - t.Fatal(err) - } - if len(versions) != 1 { - t.Fatalf("Unexpected version count: %d, expected 1", len(versions)) - } - if check := (APIVersion{Type: "registry", Version: "2.0"}); versions[0] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[0], check) - } - creds := &testCredentialStore{ - refreshTokens: map[string]string{ - service: refreshToken1, - }, - } - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager1, NewTokenHandler(nil, creds, repo1, "pull", "push"))) - client := &http.Client{Transport: transport1} - - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } - - // Try with refresh token setting - e2, c2 := testServerWithAuth(m, authenicate, validCheck) - defer c2() - - challengeManager2 := challenge.NewSimpleManager() - versions, err = ping(challengeManager2, e2+"/v2/", "x-api-version") - if err != nil { - t.Fatal(err) - } - if len(versions) != 1 { - t.Fatalf("Unexpected version count: %d, expected 1", len(versions)) - } - if check := (APIVersion{Type: "registry", Version: "2.0"}); versions[0] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[0], check) - } - - transport2 := transport.NewTransport(nil, NewAuthorizer(challengeManager2, NewTokenHandler(nil, creds, repo2, "pull", "push"))) - client2 := &http.Client{Transport: transport2} - - req, _ = http.NewRequest("GET", e2+"/v2/hello", nil) - resp, err = client2.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusUnauthorized) - } - - if creds.refreshTokens[service] != refreshToken2 { - t.Fatalf("Refresh token not set after change") - } - - // Try with bad token - e3, c3 := testServerWithAuth(m, authenicate, validCheck) - defer c3() - - challengeManager3 := challenge.NewSimpleManager() - versions, err = ping(challengeManager3, e3+"/v2/", "x-api-version") - if err != nil { - t.Fatal(err) - } - if check := (APIVersion{Type: "registry", Version: "2.0"}); versions[0] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[0], check) - } - - transport3 := transport.NewTransport(nil, NewAuthorizer(challengeManager3, NewTokenHandler(nil, creds, repo2, "pull", "push"))) - client3 := &http.Client{Transport: transport3} - - req, _ = http.NewRequest("GET", e3+"/v2/hello", nil) - resp, err = client3.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusUnauthorized { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusUnauthorized) - } -} - -func TestEndpointAuthorizeV2RefreshToken(t *testing.T) { - service := "localhost.localdomain" - scope1 := "registry:catalog:search" - refreshToken1 := "0123456790abcdef" - tokenMap := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "POST", - Route: "/token", - Body: []byte(fmt.Sprintf("client_id=registry-client&grant_type=refresh_token&refresh_token=%s&scope=%s&service=%s", refreshToken1, url.QueryEscape(scope1), service)), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(fmt.Sprintf(`{"access_token":"statictoken","refresh_token":"%s"}`, refreshToken1)), - }, - }, - }) - te, tc := testServer(tokenMap) - defer tc() - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v1/search", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - authenicate := fmt.Sprintf("Bearer realm=%q,service=%q", te+"/token", service) - validCheck := func(a string) bool { - return a == "Bearer statictoken" - } - e, c := testServerWithAuth(m, authenicate, validCheck) - defer c() - - challengeManager1 := challenge.NewSimpleManager() - versions, err := ping(challengeManager1, e+"/v2/", "x-api-version") - if err != nil { - t.Fatal(err) - } - if len(versions) != 1 { - t.Fatalf("Unexpected version count: %d, expected 1", len(versions)) - } - if check := (APIVersion{Type: "registry", Version: "2.0"}); versions[0] != check { - t.Fatalf("Unexpected api version: %#v, expected %#v", versions[0], check) - } - tho := TokenHandlerOptions{ - Credentials: &testCredentialStore{ - refreshTokens: map[string]string{ - service: refreshToken1, - }, - }, - Scopes: []Scope{ - RegistryScope{ - Name: "catalog", - Actions: []string{"search"}, - }, - }, - } - - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager1, NewTokenHandlerWithOptions(tho))) - client := &http.Client{Transport: transport1} - - req, _ := http.NewRequest("GET", e+"/v1/search", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } -} - -func basicAuth(username, password string) string { - auth := username + ":" + password - return base64.StdEncoding.EncodeToString([]byte(auth)) -} - -func TestEndpointAuthorizeTokenBasic(t *testing.T) { - service := "localhost.localdomain" - repo := "some/fun/registry" - scope := fmt.Sprintf("repository:%s:pull,push", repo) - username := "tokenuser" - password := "superSecretPa$$word" - - tokenMap := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?account=%s&scope=%s&service=%s", username, url.QueryEscape(scope), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"access_token":"statictoken"}`), - }, - }, - }) - - authenicate1 := fmt.Sprintf("Basic realm=localhost") - basicCheck := func(a string) bool { - return a == fmt.Sprintf("Basic %s", basicAuth(username, password)) - } - te, tc := testServerWithAuth(tokenMap, authenicate1, basicCheck) - defer tc() - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - authenicate2 := fmt.Sprintf("Bearer realm=%q,service=%q", te+"/token", service) - bearerCheck := func(a string) bool { - return a == "Bearer statictoken" - } - e, c := testServerWithAuth(m, authenicate2, bearerCheck) - defer c() - - creds := &testCredentialStore{ - username: username, - password: password, - } - - challengeManager := challenge.NewSimpleManager() - _, err := ping(challengeManager, e+"/v2/", "") - if err != nil { - t.Fatal(err) - } - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager, NewTokenHandler(nil, creds, repo, "pull", "push"), NewBasicHandler(creds))) - client := &http.Client{Transport: transport1} - - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } -} - -func TestEndpointAuthorizeTokenBasicWithExpiresIn(t *testing.T) { - service := "localhost.localdomain" - repo := "some/fun/registry" - scope := fmt.Sprintf("repository:%s:pull,push", repo) - username := "tokenuser" - password := "superSecretPa$$word" - - tokenMap := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?account=%s&scope=%s&service=%s", username, url.QueryEscape(scope), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"token":"statictoken", "expires_in": 3001}`), - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?account=%s&scope=%s&service=%s", username, url.QueryEscape(scope), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"access_token":"statictoken", "expires_in": 3001}`), - }, - }, - }) - - authenicate1 := fmt.Sprintf("Basic realm=localhost") - tokenExchanges := 0 - basicCheck := func(a string) bool { - tokenExchanges = tokenExchanges + 1 - return a == fmt.Sprintf("Basic %s", basicAuth(username, password)) - } - te, tc := testServerWithAuth(tokenMap, authenicate1, basicCheck) - defer tc() - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - authenicate2 := fmt.Sprintf("Bearer realm=%q,service=%q", te+"/token", service) - bearerCheck := func(a string) bool { - return a == "Bearer statictoken" - } - e, c := testServerWithAuth(m, authenicate2, bearerCheck) - defer c() - - creds := &testCredentialStore{ - username: username, - password: password, - } - - challengeManager := challenge.NewSimpleManager() - _, err := ping(challengeManager, e+"/v2/", "") - if err != nil { - t.Fatal(err) - } - clock := &fakeClock{current: time.Now()} - options := TokenHandlerOptions{ - Transport: nil, - Credentials: creds, - Scopes: []Scope{ - RepositoryScope{ - Repository: repo, - Actions: []string{"pull", "push"}, - }, - }, - } - tHandler := NewTokenHandlerWithOptions(options) - tHandler.(*tokenHandler).clock = clock - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager, tHandler, NewBasicHandler(creds))) - client := &http.Client{Transport: transport1} - - // First call should result in a token exchange - // Subsequent calls should recycle the token from the first request, until the expiration has lapsed. - timeIncrement := 1000 * time.Second - for i := 0; i < 4; i++ { - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } - if tokenExchanges != 1 { - t.Fatalf("Unexpected number of token exchanges, want: 1, got %d (iteration: %d)", tokenExchanges, i) - } - clock.current = clock.current.Add(timeIncrement) - } - - // After we've exceeded the expiration, we should see a second token exchange. - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } - if tokenExchanges != 2 { - t.Fatalf("Unexpected number of token exchanges, want: 2, got %d", tokenExchanges) - } -} - -func TestEndpointAuthorizeTokenBasicWithExpiresInAndIssuedAt(t *testing.T) { - service := "localhost.localdomain" - repo := "some/fun/registry" - scope := fmt.Sprintf("repository:%s:pull,push", repo) - username := "tokenuser" - password := "superSecretPa$$word" - - // This test sets things up such that the token was issued one increment - // earlier than its sibling in TestEndpointAuthorizeTokenBasicWithExpiresIn. - // This will mean that the token expires after 3 increments instead of 4. - clock := &fakeClock{current: time.Now()} - timeIncrement := 1000 * time.Second - firstIssuedAt := clock.Now() - clock.current = clock.current.Add(timeIncrement) - secondIssuedAt := clock.current.Add(2 * timeIncrement) - tokenMap := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?account=%s&scope=%s&service=%s", username, url.QueryEscape(scope), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"token":"statictoken", "issued_at": "` + firstIssuedAt.Format(time.RFC3339Nano) + `", "expires_in": 3001}`), - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: fmt.Sprintf("/token?account=%s&scope=%s&service=%s", username, url.QueryEscape(scope), service), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: []byte(`{"access_token":"statictoken", "issued_at": "` + secondIssuedAt.Format(time.RFC3339Nano) + `", "expires_in": 3001}`), - }, - }, - }) - - authenicate1 := fmt.Sprintf("Basic realm=localhost") - tokenExchanges := 0 - basicCheck := func(a string) bool { - tokenExchanges = tokenExchanges + 1 - return a == fmt.Sprintf("Basic %s", basicAuth(username, password)) - } - te, tc := testServerWithAuth(tokenMap, authenicate1, basicCheck) - defer tc() - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - authenicate2 := fmt.Sprintf("Bearer realm=%q,service=%q", te+"/token", service) - bearerCheck := func(a string) bool { - return a == "Bearer statictoken" - } - e, c := testServerWithAuth(m, authenicate2, bearerCheck) - defer c() - - creds := &testCredentialStore{ - username: username, - password: password, - } - - challengeManager := challenge.NewSimpleManager() - _, err := ping(challengeManager, e+"/v2/", "") - if err != nil { - t.Fatal(err) - } - - options := TokenHandlerOptions{ - Transport: nil, - Credentials: creds, - Scopes: []Scope{ - RepositoryScope{ - Repository: repo, - Actions: []string{"pull", "push"}, - }, - }, - } - tHandler := NewTokenHandlerWithOptions(options) - tHandler.(*tokenHandler).clock = clock - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager, tHandler, NewBasicHandler(creds))) - client := &http.Client{Transport: transport1} - - // First call should result in a token exchange - // Subsequent calls should recycle the token from the first request, until the expiration has lapsed. - // We shaved one increment off of the equivalent logic in TestEndpointAuthorizeTokenBasicWithExpiresIn - // so this loop should have one fewer iteration. - for i := 0; i < 3; i++ { - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } - if tokenExchanges != 1 { - t.Fatalf("Unexpected number of token exchanges, want: 1, got %d (iteration: %d)", tokenExchanges, i) - } - clock.current = clock.current.Add(timeIncrement) - } - - // After we've exceeded the expiration, we should see a second token exchange. - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } - if tokenExchanges != 2 { - t.Fatalf("Unexpected number of token exchanges, want: 2, got %d", tokenExchanges) - } -} - -func TestEndpointAuthorizeBasic(t *testing.T) { - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/hello", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - }, - }, - }) - - username := "user1" - password := "funSecretPa$$word" - authenicate := fmt.Sprintf("Basic realm=localhost") - validCheck := func(a string) bool { - return a == fmt.Sprintf("Basic %s", basicAuth(username, password)) - } - e, c := testServerWithAuth(m, authenicate, validCheck) - defer c() - creds := &testCredentialStore{ - username: username, - password: password, - } - - challengeManager := challenge.NewSimpleManager() - _, err := ping(challengeManager, e+"/v2/", "") - if err != nil { - t.Fatal(err) - } - transport1 := transport.NewTransport(nil, NewAuthorizer(challengeManager, NewBasicHandler(creds))) - client := &http.Client{Transport: transport1} - - req, _ := http.NewRequest("GET", e+"/v2/hello", nil) - resp, err := client.Do(req) - if err != nil { - t.Fatalf("Error sending get request: %s", err) - } - - if resp.StatusCode != http.StatusAccepted { - t.Fatalf("Unexpected status code: %d, expected %d", resp.StatusCode, http.StatusAccepted) - } -} diff --git a/vendor/github.com/docker/distribution/registry/client/blob_writer.go b/vendor/github.com/docker/distribution/registry/client/blob_writer.go deleted file mode 100644 index e3ffcb00..00000000 --- a/vendor/github.com/docker/distribution/registry/client/blob_writer.go +++ /dev/null @@ -1,162 +0,0 @@ -package client - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" -) - -type httpBlobUpload struct { - statter distribution.BlobStatter - client *http.Client - - uuid string - startedAt time.Time - - location string // always the last value of the location header. - offset int64 - closed bool -} - -func (hbu *httpBlobUpload) Reader() (io.ReadCloser, error) { - panic("Not implemented") -} - -func (hbu *httpBlobUpload) handleErrorResponse(resp *http.Response) error { - if resp.StatusCode == http.StatusNotFound { - return distribution.ErrBlobUploadUnknown - } - return HandleErrorResponse(resp) -} - -func (hbu *httpBlobUpload) ReadFrom(r io.Reader) (n int64, err error) { - req, err := http.NewRequest("PATCH", hbu.location, ioutil.NopCloser(r)) - if err != nil { - return 0, err - } - defer req.Body.Close() - - resp, err := hbu.client.Do(req) - if err != nil { - return 0, err - } - - if !SuccessStatus(resp.StatusCode) { - return 0, hbu.handleErrorResponse(resp) - } - - hbu.uuid = resp.Header.Get("Docker-Upload-UUID") - hbu.location, err = sanitizeLocation(resp.Header.Get("Location"), hbu.location) - if err != nil { - return 0, err - } - rng := resp.Header.Get("Range") - var start, end int64 - if n, err := fmt.Sscanf(rng, "%d-%d", &start, &end); err != nil { - return 0, err - } else if n != 2 || end < start { - return 0, fmt.Errorf("bad range format: %s", rng) - } - - return (end - start + 1), nil - -} - -func (hbu *httpBlobUpload) Write(p []byte) (n int, err error) { - req, err := http.NewRequest("PATCH", hbu.location, bytes.NewReader(p)) - if err != nil { - return 0, err - } - req.Header.Set("Content-Range", fmt.Sprintf("%d-%d", hbu.offset, hbu.offset+int64(len(p)-1))) - req.Header.Set("Content-Length", fmt.Sprintf("%d", len(p))) - req.Header.Set("Content-Type", "application/octet-stream") - - resp, err := hbu.client.Do(req) - if err != nil { - return 0, err - } - - if !SuccessStatus(resp.StatusCode) { - return 0, hbu.handleErrorResponse(resp) - } - - hbu.uuid = resp.Header.Get("Docker-Upload-UUID") - hbu.location, err = sanitizeLocation(resp.Header.Get("Location"), hbu.location) - if err != nil { - return 0, err - } - rng := resp.Header.Get("Range") - var start, end int - if n, err := fmt.Sscanf(rng, "%d-%d", &start, &end); err != nil { - return 0, err - } else if n != 2 || end < start { - return 0, fmt.Errorf("bad range format: %s", rng) - } - - return (end - start + 1), nil - -} - -func (hbu *httpBlobUpload) Size() int64 { - return hbu.offset -} - -func (hbu *httpBlobUpload) ID() string { - return hbu.uuid -} - -func (hbu *httpBlobUpload) StartedAt() time.Time { - return hbu.startedAt -} - -func (hbu *httpBlobUpload) Commit(ctx context.Context, desc distribution.Descriptor) (distribution.Descriptor, error) { - // TODO(dmcgowan): Check if already finished, if so just fetch - req, err := http.NewRequest("PUT", hbu.location, nil) - if err != nil { - return distribution.Descriptor{}, err - } - - values := req.URL.Query() - values.Set("digest", desc.Digest.String()) - req.URL.RawQuery = values.Encode() - - resp, err := hbu.client.Do(req) - if err != nil { - return distribution.Descriptor{}, err - } - defer resp.Body.Close() - - if !SuccessStatus(resp.StatusCode) { - return distribution.Descriptor{}, hbu.handleErrorResponse(resp) - } - - return hbu.statter.Stat(ctx, desc.Digest) -} - -func (hbu *httpBlobUpload) Cancel(ctx context.Context) error { - req, err := http.NewRequest("DELETE", hbu.location, nil) - if err != nil { - return err - } - resp, err := hbu.client.Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - - if resp.StatusCode == http.StatusNotFound || SuccessStatus(resp.StatusCode) { - return nil - } - return hbu.handleErrorResponse(resp) -} - -func (hbu *httpBlobUpload) Close() error { - hbu.closed = true - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/client/blob_writer_test.go b/vendor/github.com/docker/distribution/registry/client/blob_writer_test.go deleted file mode 100644 index 099dca4f..00000000 --- a/vendor/github.com/docker/distribution/registry/client/blob_writer_test.go +++ /dev/null @@ -1,211 +0,0 @@ -package client - -import ( - "bytes" - "fmt" - "net/http" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/testutil" -) - -// Test implements distribution.BlobWriter -var _ distribution.BlobWriter = &httpBlobUpload{} - -func TestUploadReadFrom(t *testing.T) { - _, b := newRandomBlob(64) - repo := "test/upload/readfrom" - locationPath := fmt.Sprintf("/v2/%s/uploads/testid", repo) - - m := testutil.RequestResponseMap([]testutil.RequestResponseMapping{ - { - Request: testutil.Request{ - Method: "GET", - Route: "/v2/", - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - "Docker-Distribution-API-Version": {"registry/2.0"}, - }), - }, - }, - // Test Valid case - { - Request: testutil.Request{ - Method: "PATCH", - Route: locationPath, - Body: b, - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Docker-Upload-UUID": {"46603072-7a1b-4b41-98f9-fd8a7da89f9b"}, - "Location": {locationPath}, - "Range": {"0-63"}, - }), - }, - }, - // Test invalid range - { - Request: testutil.Request{ - Method: "PATCH", - Route: locationPath, - Body: b, - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Docker-Upload-UUID": {"46603072-7a1b-4b41-98f9-fd8a7da89f9b"}, - "Location": {locationPath}, - "Range": {""}, - }), - }, - }, - // Test 404 - { - Request: testutil.Request{ - Method: "PATCH", - Route: locationPath, - Body: b, - }, - Response: testutil.Response{ - StatusCode: http.StatusNotFound, - }, - }, - // Test 400 valid json - { - Request: testutil.Request{ - Method: "PATCH", - Route: locationPath, - Body: b, - }, - Response: testutil.Response{ - StatusCode: http.StatusBadRequest, - Body: []byte(` - { "errors": - [ - { - "code": "BLOB_UPLOAD_INVALID", - "message": "blob upload invalid", - "detail": "more detail" - } - ] - } `), - }, - }, - // Test 400 invalid json - { - Request: testutil.Request{ - Method: "PATCH", - Route: locationPath, - Body: b, - }, - Response: testutil.Response{ - StatusCode: http.StatusBadRequest, - Body: []byte("something bad happened"), - }, - }, - // Test 500 - { - Request: testutil.Request{ - Method: "PATCH", - Route: locationPath, - Body: b, - }, - Response: testutil.Response{ - StatusCode: http.StatusInternalServerError, - }, - }, - }) - - e, c := testServer(m) - defer c() - - blobUpload := &httpBlobUpload{ - client: &http.Client{}, - } - - // Valid case - blobUpload.location = e + locationPath - n, err := blobUpload.ReadFrom(bytes.NewReader(b)) - if err != nil { - t.Fatalf("Error calling ReadFrom: %s", err) - } - if n != 64 { - t.Fatalf("Wrong length returned from ReadFrom: %d, expected 64", n) - } - - // Bad range - blobUpload.location = e + locationPath - _, err = blobUpload.ReadFrom(bytes.NewReader(b)) - if err == nil { - t.Fatalf("Expected error when bad range received") - } - - // 404 - blobUpload.location = e + locationPath - _, err = blobUpload.ReadFrom(bytes.NewReader(b)) - if err == nil { - t.Fatalf("Expected error when not found") - } - if err != distribution.ErrBlobUploadUnknown { - t.Fatalf("Wrong error thrown: %s, expected %s", err, distribution.ErrBlobUploadUnknown) - } - - // 400 valid json - blobUpload.location = e + locationPath - _, err = blobUpload.ReadFrom(bytes.NewReader(b)) - if err == nil { - t.Fatalf("Expected error when not found") - } - if uploadErr, ok := err.(errcode.Errors); !ok { - t.Fatalf("Wrong error type %T: %s", err, err) - } else if len(uploadErr) != 1 { - t.Fatalf("Unexpected number of errors: %d, expected 1", len(uploadErr)) - } else { - v2Err, ok := uploadErr[0].(errcode.Error) - if !ok { - t.Fatalf("Not an 'Error' type: %#v", uploadErr[0]) - } - if v2Err.Code != v2.ErrorCodeBlobUploadInvalid { - t.Fatalf("Unexpected error code: %s, expected %d", v2Err.Code.String(), v2.ErrorCodeBlobUploadInvalid) - } - if expected := "blob upload invalid"; v2Err.Message != expected { - t.Fatalf("Unexpected error message: %q, expected %q", v2Err.Message, expected) - } - if expected := "more detail"; v2Err.Detail.(string) != expected { - t.Fatalf("Unexpected error message: %q, expected %q", v2Err.Detail.(string), expected) - } - } - - // 400 invalid json - blobUpload.location = e + locationPath - _, err = blobUpload.ReadFrom(bytes.NewReader(b)) - if err == nil { - t.Fatalf("Expected error when not found") - } - if uploadErr, ok := err.(*UnexpectedHTTPResponseError); !ok { - t.Fatalf("Wrong error type %T: %s", err, err) - } else { - respStr := string(uploadErr.Response) - if expected := "something bad happened"; respStr != expected { - t.Fatalf("Unexpected response string: %s, expected: %s", respStr, expected) - } - } - - // 500 - blobUpload.location = e + locationPath - _, err = blobUpload.ReadFrom(bytes.NewReader(b)) - if err == nil { - t.Fatalf("Expected error when not found") - } - if uploadErr, ok := err.(*UnexpectedHTTPStatusError); !ok { - t.Fatalf("Wrong error type %T: %s", err, err) - } else if expected := "500 " + http.StatusText(http.StatusInternalServerError); uploadErr.Status != expected { - t.Fatalf("Unexpected response status: %s, expected %s", uploadErr.Status, expected) - } -} diff --git a/vendor/github.com/docker/distribution/registry/client/errors.go b/vendor/github.com/docker/distribution/registry/client/errors.go deleted file mode 100644 index 52d49d5d..00000000 --- a/vendor/github.com/docker/distribution/registry/client/errors.go +++ /dev/null @@ -1,139 +0,0 @@ -package client - -import ( - "encoding/json" - "errors" - "fmt" - "io" - "io/ioutil" - "net/http" - - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/client/auth/challenge" -) - -// ErrNoErrorsInBody is returned when an HTTP response body parses to an empty -// errcode.Errors slice. -var ErrNoErrorsInBody = errors.New("no error details found in HTTP response body") - -// UnexpectedHTTPStatusError is returned when an unexpected HTTP status is -// returned when making a registry api call. -type UnexpectedHTTPStatusError struct { - Status string -} - -func (e *UnexpectedHTTPStatusError) Error() string { - return fmt.Sprintf("received unexpected HTTP status: %s", e.Status) -} - -// UnexpectedHTTPResponseError is returned when an expected HTTP status code -// is returned, but the content was unexpected and failed to be parsed. -type UnexpectedHTTPResponseError struct { - ParseErr error - StatusCode int - Response []byte -} - -func (e *UnexpectedHTTPResponseError) Error() string { - return fmt.Sprintf("error parsing HTTP %d response body: %s: %q", e.StatusCode, e.ParseErr.Error(), string(e.Response)) -} - -func parseHTTPErrorResponse(statusCode int, r io.Reader) error { - var errors errcode.Errors - body, err := ioutil.ReadAll(r) - if err != nil { - return err - } - - // For backward compatibility, handle irregularly formatted - // messages that contain a "details" field. - var detailsErr struct { - Details string `json:"details"` - } - err = json.Unmarshal(body, &detailsErr) - if err == nil && detailsErr.Details != "" { - switch statusCode { - case http.StatusUnauthorized: - return errcode.ErrorCodeUnauthorized.WithMessage(detailsErr.Details) - case http.StatusTooManyRequests: - return errcode.ErrorCodeTooManyRequests.WithMessage(detailsErr.Details) - default: - return errcode.ErrorCodeUnknown.WithMessage(detailsErr.Details) - } - } - - if err := json.Unmarshal(body, &errors); err != nil { - return &UnexpectedHTTPResponseError{ - ParseErr: err, - StatusCode: statusCode, - Response: body, - } - } - - if len(errors) == 0 { - // If there was no error specified in the body, return - // UnexpectedHTTPResponseError. - return &UnexpectedHTTPResponseError{ - ParseErr: ErrNoErrorsInBody, - StatusCode: statusCode, - Response: body, - } - } - - return errors -} - -func makeErrorList(err error) []error { - if errL, ok := err.(errcode.Errors); ok { - return []error(errL) - } - return []error{err} -} - -func mergeErrors(err1, err2 error) error { - return errcode.Errors(append(makeErrorList(err1), makeErrorList(err2)...)) -} - -// HandleErrorResponse returns error parsed from HTTP response for an -// unsuccessful HTTP response code (in the range 400 - 499 inclusive). An -// UnexpectedHTTPStatusError returned for response code outside of expected -// range. -func HandleErrorResponse(resp *http.Response) error { - if resp.StatusCode >= 400 && resp.StatusCode < 500 { - // Check for OAuth errors within the `WWW-Authenticate` header first - // See https://tools.ietf.org/html/rfc6750#section-3 - for _, c := range challenge.ResponseChallenges(resp) { - if c.Scheme == "bearer" { - var err errcode.Error - // codes defined at https://tools.ietf.org/html/rfc6750#section-3.1 - switch c.Parameters["error"] { - case "invalid_token": - err.Code = errcode.ErrorCodeUnauthorized - case "insufficient_scope": - err.Code = errcode.ErrorCodeDenied - default: - continue - } - if description := c.Parameters["error_description"]; description != "" { - err.Message = description - } else { - err.Message = err.Code.Message() - } - - return mergeErrors(err, parseHTTPErrorResponse(resp.StatusCode, resp.Body)) - } - } - err := parseHTTPErrorResponse(resp.StatusCode, resp.Body) - if uErr, ok := err.(*UnexpectedHTTPResponseError); ok && resp.StatusCode == 401 { - return errcode.ErrorCodeUnauthorized.WithDetail(uErr.Response) - } - return err - } - return &UnexpectedHTTPStatusError{Status: resp.Status} -} - -// SuccessStatus returns true if the argument is a successful HTTP response -// code (in the range 200 - 399 inclusive). -func SuccessStatus(status int) bool { - return status >= 200 && status <= 399 -} diff --git a/vendor/github.com/docker/distribution/registry/client/errors_test.go b/vendor/github.com/docker/distribution/registry/client/errors_test.go deleted file mode 100644 index ca9dddd1..00000000 --- a/vendor/github.com/docker/distribution/registry/client/errors_test.go +++ /dev/null @@ -1,104 +0,0 @@ -package client - -import ( - "bytes" - "io" - "net/http" - "strings" - "testing" -) - -type nopCloser struct { - io.Reader -} - -func (nopCloser) Close() error { return nil } - -func TestHandleErrorResponse401ValidBody(t *testing.T) { - json := "{\"errors\":[{\"code\":\"UNAUTHORIZED\",\"message\":\"action requires authentication\"}]}" - response := &http.Response{ - Status: "401 Unauthorized", - StatusCode: 401, - Body: nopCloser{bytes.NewBufferString(json)}, - } - err := HandleErrorResponse(response) - - expectedMsg := "unauthorized: action requires authentication" - if !strings.Contains(err.Error(), expectedMsg) { - t.Errorf("Expected \"%s\", got: \"%s\"", expectedMsg, err.Error()) - } -} - -func TestHandleErrorResponse401WithInvalidBody(t *testing.T) { - json := "{invalid json}" - response := &http.Response{ - Status: "401 Unauthorized", - StatusCode: 401, - Body: nopCloser{bytes.NewBufferString(json)}, - } - err := HandleErrorResponse(response) - - expectedMsg := "unauthorized: authentication required" - if !strings.Contains(err.Error(), expectedMsg) { - t.Errorf("Expected \"%s\", got: \"%s\"", expectedMsg, err.Error()) - } -} - -func TestHandleErrorResponseExpectedStatusCode400ValidBody(t *testing.T) { - json := "{\"errors\":[{\"code\":\"DIGEST_INVALID\",\"message\":\"provided digest does not match\"}]}" - response := &http.Response{ - Status: "400 Bad Request", - StatusCode: 400, - Body: nopCloser{bytes.NewBufferString(json)}, - } - err := HandleErrorResponse(response) - - expectedMsg := "digest invalid: provided digest does not match" - if !strings.Contains(err.Error(), expectedMsg) { - t.Errorf("Expected \"%s\", got: \"%s\"", expectedMsg, err.Error()) - } -} - -func TestHandleErrorResponseExpectedStatusCode404EmptyErrorSlice(t *testing.T) { - json := `{"randomkey": "randomvalue"}` - response := &http.Response{ - Status: "404 Not Found", - StatusCode: 404, - Body: nopCloser{bytes.NewBufferString(json)}, - } - err := HandleErrorResponse(response) - - expectedMsg := `error parsing HTTP 404 response body: no error details found in HTTP response body: "{\"randomkey\": \"randomvalue\"}"` - if !strings.Contains(err.Error(), expectedMsg) { - t.Errorf("Expected \"%s\", got: \"%s\"", expectedMsg, err.Error()) - } -} - -func TestHandleErrorResponseExpectedStatusCode404InvalidBody(t *testing.T) { - json := "{invalid json}" - response := &http.Response{ - Status: "404 Not Found", - StatusCode: 404, - Body: nopCloser{bytes.NewBufferString(json)}, - } - err := HandleErrorResponse(response) - - expectedMsg := "error parsing HTTP 404 response body: invalid character 'i' looking for beginning of object key string: \"{invalid json}\"" - if !strings.Contains(err.Error(), expectedMsg) { - t.Errorf("Expected \"%s\", got: \"%s\"", expectedMsg, err.Error()) - } -} - -func TestHandleErrorResponseUnexpectedStatusCode501(t *testing.T) { - response := &http.Response{ - Status: "501 Not Implemented", - StatusCode: 501, - Body: nopCloser{bytes.NewBufferString("{\"Error Encountered\" : \"Function not implemented.\"}")}, - } - err := HandleErrorResponse(response) - - expectedMsg := "received unexpected HTTP status: 501 Not Implemented" - if !strings.Contains(err.Error(), expectedMsg) { - t.Errorf("Expected \"%s\", got: \"%s\"", expectedMsg, err.Error()) - } -} diff --git a/vendor/github.com/docker/distribution/registry/client/repository.go b/vendor/github.com/docker/distribution/registry/client/repository.go deleted file mode 100644 index 1ebd0b18..00000000 --- a/vendor/github.com/docker/distribution/registry/client/repository.go +++ /dev/null @@ -1,853 +0,0 @@ -package client - -import ( - "bytes" - "encoding/json" - "errors" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/url" - "strconv" - "strings" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/registry/client/transport" - "github.com/docker/distribution/registry/storage/cache" - "github.com/docker/distribution/registry/storage/cache/memory" -) - -// Registry provides an interface for calling Repositories, which returns a catalog of repositories. -type Registry interface { - Repositories(ctx context.Context, repos []string, last string) (n int, err error) -} - -// checkHTTPRedirect is a callback that can manipulate redirected HTTP -// requests. It is used to preserve Accept and Range headers. -func checkHTTPRedirect(req *http.Request, via []*http.Request) error { - if len(via) >= 10 { - return errors.New("stopped after 10 redirects") - } - - if len(via) > 0 { - for headerName, headerVals := range via[0].Header { - if headerName != "Accept" && headerName != "Range" { - continue - } - for _, val := range headerVals { - // Don't add to redirected request if redirected - // request already has a header with the same - // name and value. - hasValue := false - for _, existingVal := range req.Header[headerName] { - if existingVal == val { - hasValue = true - break - } - } - if !hasValue { - req.Header.Add(headerName, val) - } - } - } - } - - return nil -} - -// NewRegistry creates a registry namespace which can be used to get a listing of repositories -func NewRegistry(ctx context.Context, baseURL string, transport http.RoundTripper) (Registry, error) { - ub, err := v2.NewURLBuilderFromString(baseURL, false) - if err != nil { - return nil, err - } - - client := &http.Client{ - Transport: transport, - Timeout: 1 * time.Minute, - CheckRedirect: checkHTTPRedirect, - } - - return ®istry{ - client: client, - ub: ub, - context: ctx, - }, nil -} - -type registry struct { - client *http.Client - ub *v2.URLBuilder - context context.Context -} - -// Repositories returns a lexigraphically sorted catalog given a base URL. The 'entries' slice will be filled up to the size -// of the slice, starting at the value provided in 'last'. The number of entries will be returned along with io.EOF if there -// are no more entries -func (r *registry) Repositories(ctx context.Context, entries []string, last string) (int, error) { - var numFilled int - var returnErr error - - values := buildCatalogValues(len(entries), last) - u, err := r.ub.BuildCatalogURL(values) - if err != nil { - return 0, err - } - - resp, err := r.client.Get(u) - if err != nil { - return 0, err - } - defer resp.Body.Close() - - if SuccessStatus(resp.StatusCode) { - var ctlg struct { - Repositories []string `json:"repositories"` - } - decoder := json.NewDecoder(resp.Body) - - if err := decoder.Decode(&ctlg); err != nil { - return 0, err - } - - for cnt := range ctlg.Repositories { - entries[cnt] = ctlg.Repositories[cnt] - } - numFilled = len(ctlg.Repositories) - - link := resp.Header.Get("Link") - if link == "" { - returnErr = io.EOF - } - } else { - return 0, HandleErrorResponse(resp) - } - - return numFilled, returnErr -} - -// NewRepository creates a new Repository for the given repository name and base URL. -func NewRepository(ctx context.Context, name reference.Named, baseURL string, transport http.RoundTripper) (distribution.Repository, error) { - ub, err := v2.NewURLBuilderFromString(baseURL, false) - if err != nil { - return nil, err - } - - client := &http.Client{ - Transport: transport, - CheckRedirect: checkHTTPRedirect, - // TODO(dmcgowan): create cookie jar - } - - return &repository{ - client: client, - ub: ub, - name: name, - context: ctx, - }, nil -} - -type repository struct { - client *http.Client - ub *v2.URLBuilder - context context.Context - name reference.Named -} - -func (r *repository) Named() reference.Named { - return r.name -} - -func (r *repository) Blobs(ctx context.Context) distribution.BlobStore { - statter := &blobStatter{ - name: r.name, - ub: r.ub, - client: r.client, - } - return &blobs{ - name: r.name, - ub: r.ub, - client: r.client, - statter: cache.NewCachedBlobStatter(memory.NewInMemoryBlobDescriptorCacheProvider(), statter), - } -} - -func (r *repository) Manifests(ctx context.Context, options ...distribution.ManifestServiceOption) (distribution.ManifestService, error) { - // todo(richardscothern): options should be sent over the wire - return &manifests{ - name: r.name, - ub: r.ub, - client: r.client, - etags: make(map[string]string), - }, nil -} - -func (r *repository) Tags(ctx context.Context) distribution.TagService { - return &tags{ - client: r.client, - ub: r.ub, - context: r.context, - name: r.Named(), - } -} - -// tags implements remote tagging operations. -type tags struct { - client *http.Client - ub *v2.URLBuilder - context context.Context - name reference.Named -} - -// All returns all tags -func (t *tags) All(ctx context.Context) ([]string, error) { - var tags []string - - u, err := t.ub.BuildTagsURL(t.name) - if err != nil { - return tags, err - } - - for { - resp, err := t.client.Get(u) - if err != nil { - return tags, err - } - defer resp.Body.Close() - - if SuccessStatus(resp.StatusCode) { - b, err := ioutil.ReadAll(resp.Body) - if err != nil { - return tags, err - } - - tagsResponse := struct { - Tags []string `json:"tags"` - }{} - if err := json.Unmarshal(b, &tagsResponse); err != nil { - return tags, err - } - tags = append(tags, tagsResponse.Tags...) - if link := resp.Header.Get("Link"); link != "" { - u = strings.Trim(strings.Split(link, ";")[0], "<>") - } else { - return tags, nil - } - } else { - return tags, HandleErrorResponse(resp) - } - } -} - -func descriptorFromResponse(response *http.Response) (distribution.Descriptor, error) { - desc := distribution.Descriptor{} - headers := response.Header - - ctHeader := headers.Get("Content-Type") - if ctHeader == "" { - return distribution.Descriptor{}, errors.New("missing or empty Content-Type header") - } - desc.MediaType = ctHeader - - digestHeader := headers.Get("Docker-Content-Digest") - if digestHeader == "" { - bytes, err := ioutil.ReadAll(response.Body) - if err != nil { - return distribution.Descriptor{}, err - } - _, desc, err := distribution.UnmarshalManifest(ctHeader, bytes) - if err != nil { - return distribution.Descriptor{}, err - } - return desc, nil - } - - dgst, err := digest.ParseDigest(digestHeader) - if err != nil { - return distribution.Descriptor{}, err - } - desc.Digest = dgst - - lengthHeader := headers.Get("Content-Length") - if lengthHeader == "" { - return distribution.Descriptor{}, errors.New("missing or empty Content-Length header") - } - length, err := strconv.ParseInt(lengthHeader, 10, 64) - if err != nil { - return distribution.Descriptor{}, err - } - desc.Size = length - - return desc, nil - -} - -// Get issues a HEAD request for a Manifest against its named endpoint in order -// to construct a descriptor for the tag. If the registry doesn't support HEADing -// a manifest, fallback to GET. -func (t *tags) Get(ctx context.Context, tag string) (distribution.Descriptor, error) { - ref, err := reference.WithTag(t.name, tag) - if err != nil { - return distribution.Descriptor{}, err - } - u, err := t.ub.BuildManifestURL(ref) - if err != nil { - return distribution.Descriptor{}, err - } - - newRequest := func(method string) (*http.Response, error) { - req, err := http.NewRequest(method, u, nil) - if err != nil { - return nil, err - } - - for _, t := range distribution.ManifestMediaTypes() { - req.Header.Add("Accept", t) - } - resp, err := t.client.Do(req) - return resp, err - } - - resp, err := newRequest("HEAD") - if err != nil { - return distribution.Descriptor{}, err - } - defer resp.Body.Close() - - switch { - case resp.StatusCode >= 200 && resp.StatusCode < 400: - return descriptorFromResponse(resp) - default: - // if the response is an error - there will be no body to decode. - // Issue a GET request: - // - for data from a server that does not handle HEAD - // - to get error details in case of a failure - resp, err = newRequest("GET") - if err != nil { - return distribution.Descriptor{}, err - } - defer resp.Body.Close() - - if resp.StatusCode >= 200 && resp.StatusCode < 400 { - return descriptorFromResponse(resp) - } - return distribution.Descriptor{}, HandleErrorResponse(resp) - } -} - -func (t *tags) Lookup(ctx context.Context, digest distribution.Descriptor) ([]string, error) { - panic("not implemented") -} - -func (t *tags) Tag(ctx context.Context, tag string, desc distribution.Descriptor) error { - panic("not implemented") -} - -func (t *tags) Untag(ctx context.Context, tag string) error { - panic("not implemented") -} - -type manifests struct { - name reference.Named - ub *v2.URLBuilder - client *http.Client - etags map[string]string -} - -func (ms *manifests) Exists(ctx context.Context, dgst digest.Digest) (bool, error) { - ref, err := reference.WithDigest(ms.name, dgst) - if err != nil { - return false, err - } - u, err := ms.ub.BuildManifestURL(ref) - if err != nil { - return false, err - } - - resp, err := ms.client.Head(u) - if err != nil { - return false, err - } - - if SuccessStatus(resp.StatusCode) { - return true, nil - } else if resp.StatusCode == http.StatusNotFound { - return false, nil - } - return false, HandleErrorResponse(resp) -} - -// AddEtagToTag allows a client to supply an eTag to Get which will be -// used for a conditional HTTP request. If the eTag matches, a nil manifest -// and ErrManifestNotModified error will be returned. etag is automatically -// quoted when added to this map. -func AddEtagToTag(tag, etag string) distribution.ManifestServiceOption { - return etagOption{tag, etag} -} - -type etagOption struct{ tag, etag string } - -func (o etagOption) Apply(ms distribution.ManifestService) error { - if ms, ok := ms.(*manifests); ok { - ms.etags[o.tag] = fmt.Sprintf(`"%s"`, o.etag) - return nil - } - return fmt.Errorf("etag options is a client-only option") -} - -// ReturnContentDigest allows a client to set a the content digest on -// a successful request from the 'Docker-Content-Digest' header. This -// returned digest is represents the digest which the registry uses -// to refer to the content and can be used to delete the content. -func ReturnContentDigest(dgst *digest.Digest) distribution.ManifestServiceOption { - return contentDigestOption{dgst} -} - -type contentDigestOption struct{ digest *digest.Digest } - -func (o contentDigestOption) Apply(ms distribution.ManifestService) error { - return nil -} - -func (ms *manifests) Get(ctx context.Context, dgst digest.Digest, options ...distribution.ManifestServiceOption) (distribution.Manifest, error) { - var ( - digestOrTag string - ref reference.Named - err error - contentDgst *digest.Digest - ) - - for _, option := range options { - if opt, ok := option.(distribution.WithTagOption); ok { - digestOrTag = opt.Tag - ref, err = reference.WithTag(ms.name, opt.Tag) - if err != nil { - return nil, err - } - } else if opt, ok := option.(contentDigestOption); ok { - contentDgst = opt.digest - } else { - err := option.Apply(ms) - if err != nil { - return nil, err - } - } - } - - if digestOrTag == "" { - digestOrTag = dgst.String() - ref, err = reference.WithDigest(ms.name, dgst) - if err != nil { - return nil, err - } - } - - u, err := ms.ub.BuildManifestURL(ref) - if err != nil { - return nil, err - } - - req, err := http.NewRequest("GET", u, nil) - if err != nil { - return nil, err - } - - for _, t := range distribution.ManifestMediaTypes() { - req.Header.Add("Accept", t) - } - - if _, ok := ms.etags[digestOrTag]; ok { - req.Header.Set("If-None-Match", ms.etags[digestOrTag]) - } - - resp, err := ms.client.Do(req) - if err != nil { - return nil, err - } - defer resp.Body.Close() - if resp.StatusCode == http.StatusNotModified { - return nil, distribution.ErrManifestNotModified - } else if SuccessStatus(resp.StatusCode) { - if contentDgst != nil { - dgst, err := digest.ParseDigest(resp.Header.Get("Docker-Content-Digest")) - if err == nil { - *contentDgst = dgst - } - } - mt := resp.Header.Get("Content-Type") - body, err := ioutil.ReadAll(resp.Body) - - if err != nil { - return nil, err - } - m, _, err := distribution.UnmarshalManifest(mt, body) - if err != nil { - return nil, err - } - return m, nil - } - return nil, HandleErrorResponse(resp) -} - -// Put puts a manifest. A tag can be specified using an options parameter which uses some shared state to hold the -// tag name in order to build the correct upload URL. -func (ms *manifests) Put(ctx context.Context, m distribution.Manifest, options ...distribution.ManifestServiceOption) (digest.Digest, error) { - ref := ms.name - var tagged bool - - for _, option := range options { - if opt, ok := option.(distribution.WithTagOption); ok { - var err error - ref, err = reference.WithTag(ref, opt.Tag) - if err != nil { - return "", err - } - tagged = true - } else { - err := option.Apply(ms) - if err != nil { - return "", err - } - } - } - mediaType, p, err := m.Payload() - if err != nil { - return "", err - } - - if !tagged { - // generate a canonical digest and Put by digest - _, d, err := distribution.UnmarshalManifest(mediaType, p) - if err != nil { - return "", err - } - ref, err = reference.WithDigest(ref, d.Digest) - if err != nil { - return "", err - } - } - - manifestURL, err := ms.ub.BuildManifestURL(ref) - if err != nil { - return "", err - } - - putRequest, err := http.NewRequest("PUT", manifestURL, bytes.NewReader(p)) - if err != nil { - return "", err - } - - putRequest.Header.Set("Content-Type", mediaType) - - resp, err := ms.client.Do(putRequest) - if err != nil { - return "", err - } - defer resp.Body.Close() - - if SuccessStatus(resp.StatusCode) { - dgstHeader := resp.Header.Get("Docker-Content-Digest") - dgst, err := digest.ParseDigest(dgstHeader) - if err != nil { - return "", err - } - - return dgst, nil - } - - return "", HandleErrorResponse(resp) -} - -func (ms *manifests) Delete(ctx context.Context, dgst digest.Digest) error { - ref, err := reference.WithDigest(ms.name, dgst) - if err != nil { - return err - } - u, err := ms.ub.BuildManifestURL(ref) - if err != nil { - return err - } - req, err := http.NewRequest("DELETE", u, nil) - if err != nil { - return err - } - - resp, err := ms.client.Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - - if SuccessStatus(resp.StatusCode) { - return nil - } - return HandleErrorResponse(resp) -} - -// todo(richardscothern): Restore interface and implementation with merge of #1050 -/*func (ms *manifests) Enumerate(ctx context.Context, manifests []distribution.Manifest, last distribution.Manifest) (n int, err error) { - panic("not supported") -}*/ - -type blobs struct { - name reference.Named - ub *v2.URLBuilder - client *http.Client - - statter distribution.BlobDescriptorService - distribution.BlobDeleter -} - -func sanitizeLocation(location, base string) (string, error) { - baseURL, err := url.Parse(base) - if err != nil { - return "", err - } - - locationURL, err := url.Parse(location) - if err != nil { - return "", err - } - - return baseURL.ResolveReference(locationURL).String(), nil -} - -func (bs *blobs) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - return bs.statter.Stat(ctx, dgst) - -} - -func (bs *blobs) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - reader, err := bs.Open(ctx, dgst) - if err != nil { - return nil, err - } - defer reader.Close() - - return ioutil.ReadAll(reader) -} - -func (bs *blobs) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - ref, err := reference.WithDigest(bs.name, dgst) - if err != nil { - return nil, err - } - blobURL, err := bs.ub.BuildBlobURL(ref) - if err != nil { - return nil, err - } - - return transport.NewHTTPReadSeeker(bs.client, blobURL, - func(resp *http.Response) error { - if resp.StatusCode == http.StatusNotFound { - return distribution.ErrBlobUnknown - } - return HandleErrorResponse(resp) - }), nil -} - -func (bs *blobs) ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error { - panic("not implemented") -} - -func (bs *blobs) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - writer, err := bs.Create(ctx) - if err != nil { - return distribution.Descriptor{}, err - } - dgstr := digest.Canonical.New() - n, err := io.Copy(writer, io.TeeReader(bytes.NewReader(p), dgstr.Hash())) - if err != nil { - return distribution.Descriptor{}, err - } - if n < int64(len(p)) { - return distribution.Descriptor{}, fmt.Errorf("short copy: wrote %d of %d", n, len(p)) - } - - desc := distribution.Descriptor{ - MediaType: mediaType, - Size: int64(len(p)), - Digest: dgstr.Digest(), - } - - return writer.Commit(ctx, desc) -} - -type optionFunc func(interface{}) error - -func (f optionFunc) Apply(v interface{}) error { - return f(v) -} - -// WithMountFrom returns a BlobCreateOption which designates that the blob should be -// mounted from the given canonical reference. -func WithMountFrom(ref reference.Canonical) distribution.BlobCreateOption { - return optionFunc(func(v interface{}) error { - opts, ok := v.(*distribution.CreateOptions) - if !ok { - return fmt.Errorf("unexpected options type: %T", v) - } - - opts.Mount.ShouldMount = true - opts.Mount.From = ref - - return nil - }) -} - -func (bs *blobs) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - var opts distribution.CreateOptions - - for _, option := range options { - err := option.Apply(&opts) - if err != nil { - return nil, err - } - } - - var values []url.Values - - if opts.Mount.ShouldMount { - values = append(values, url.Values{"from": {opts.Mount.From.Name()}, "mount": {opts.Mount.From.Digest().String()}}) - } - - u, err := bs.ub.BuildBlobUploadURL(bs.name, values...) - if err != nil { - return nil, err - } - - resp, err := bs.client.Post(u, "", nil) - if err != nil { - return nil, err - } - defer resp.Body.Close() - - switch resp.StatusCode { - case http.StatusCreated: - desc, err := bs.statter.Stat(ctx, opts.Mount.From.Digest()) - if err != nil { - return nil, err - } - return nil, distribution.ErrBlobMounted{From: opts.Mount.From, Descriptor: desc} - case http.StatusAccepted: - // TODO(dmcgowan): Check for invalid UUID - uuid := resp.Header.Get("Docker-Upload-UUID") - location, err := sanitizeLocation(resp.Header.Get("Location"), u) - if err != nil { - return nil, err - } - - return &httpBlobUpload{ - statter: bs.statter, - client: bs.client, - uuid: uuid, - startedAt: time.Now(), - location: location, - }, nil - default: - return nil, HandleErrorResponse(resp) - } -} - -func (bs *blobs) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - panic("not implemented") -} - -func (bs *blobs) Delete(ctx context.Context, dgst digest.Digest) error { - return bs.statter.Clear(ctx, dgst) -} - -type blobStatter struct { - name reference.Named - ub *v2.URLBuilder - client *http.Client -} - -func (bs *blobStatter) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - ref, err := reference.WithDigest(bs.name, dgst) - if err != nil { - return distribution.Descriptor{}, err - } - u, err := bs.ub.BuildBlobURL(ref) - if err != nil { - return distribution.Descriptor{}, err - } - - resp, err := bs.client.Head(u) - if err != nil { - return distribution.Descriptor{}, err - } - defer resp.Body.Close() - - if SuccessStatus(resp.StatusCode) { - lengthHeader := resp.Header.Get("Content-Length") - if lengthHeader == "" { - return distribution.Descriptor{}, fmt.Errorf("missing content-length header for request: %s", u) - } - - length, err := strconv.ParseInt(lengthHeader, 10, 64) - if err != nil { - return distribution.Descriptor{}, fmt.Errorf("error parsing content-length: %v", err) - } - - return distribution.Descriptor{ - MediaType: resp.Header.Get("Content-Type"), - Size: length, - Digest: dgst, - }, nil - } else if resp.StatusCode == http.StatusNotFound { - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - return distribution.Descriptor{}, HandleErrorResponse(resp) -} - -func buildCatalogValues(maxEntries int, last string) url.Values { - values := url.Values{} - - if maxEntries > 0 { - values.Add("n", strconv.Itoa(maxEntries)) - } - - if last != "" { - values.Add("last", last) - } - - return values -} - -func (bs *blobStatter) Clear(ctx context.Context, dgst digest.Digest) error { - ref, err := reference.WithDigest(bs.name, dgst) - if err != nil { - return err - } - blobURL, err := bs.ub.BuildBlobURL(ref) - if err != nil { - return err - } - - req, err := http.NewRequest("DELETE", blobURL, nil) - if err != nil { - return err - } - - resp, err := bs.client.Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - - if SuccessStatus(resp.StatusCode) { - return nil - } - return HandleErrorResponse(resp) -} - -func (bs *blobStatter) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/client/repository_test.go b/vendor/github.com/docker/distribution/registry/client/repository_test.go deleted file mode 100644 index a232e03e..00000000 --- a/vendor/github.com/docker/distribution/registry/client/repository_test.go +++ /dev/null @@ -1,1226 +0,0 @@ -package client - -import ( - "bytes" - "crypto/rand" - "encoding/json" - "fmt" - "io" - "log" - "net/http" - "net/http/httptest" - "strconv" - "strings" - "testing" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/testutil" - "github.com/docker/distribution/uuid" - "github.com/docker/libtrust" -) - -func testServer(rrm testutil.RequestResponseMap) (string, func()) { - h := testutil.NewHandler(rrm) - s := httptest.NewServer(h) - return s.URL, s.Close -} - -func newRandomBlob(size int) (digest.Digest, []byte) { - b := make([]byte, size) - if n, err := rand.Read(b); err != nil { - panic(err) - } else if n != size { - panic("unable to read enough bytes") - } - - return digest.FromBytes(b), b -} - -func addTestFetch(repo string, dgst digest.Digest, content []byte, m *testutil.RequestResponseMap) { - *m = append(*m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: content, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - - *m = append(*m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "HEAD", - Route: "/v2/" + repo + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) -} - -func addTestCatalog(route string, content []byte, link string, m *testutil.RequestResponseMap) { - headers := map[string][]string{ - "Content-Length": {strconv.Itoa(len(content))}, - "Content-Type": {"application/json; charset=utf-8"}, - } - if link != "" { - headers["Link"] = append(headers["Link"], link) - } - - *m = append(*m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: route, - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: content, - Headers: http.Header(headers), - }, - }) -} - -func TestBlobDelete(t *testing.T) { - dgst, _ := newRandomBlob(1024) - var m testutil.RequestResponseMap - repo, _ := reference.ParseNamed("test.example.com/repo1") - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "DELETE", - Route: "/v2/" + repo.Name() + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - }), - }, - }) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - l := r.Blobs(ctx) - err = l.Delete(ctx, dgst) - if err != nil { - t.Errorf("Error deleting blob: %s", err.Error()) - } - -} - -func TestBlobFetch(t *testing.T) { - d1, b1 := newRandomBlob(1024) - var m testutil.RequestResponseMap - addTestFetch("test.example.com/repo1", d1, b1, &m) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - repo, _ := reference.ParseNamed("test.example.com/repo1") - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - l := r.Blobs(ctx) - - b, err := l.Get(ctx, d1) - if err != nil { - t.Fatal(err) - } - if bytes.Compare(b, b1) != 0 { - t.Fatalf("Wrong bytes values fetched: [%d]byte != [%d]byte", len(b), len(b1)) - } - - // TODO(dmcgowan): Test for unknown blob case -} - -func TestBlobExistsNoContentLength(t *testing.T) { - var m testutil.RequestResponseMap - - repo, _ := reference.ParseNamed("biff") - dgst, content := newRandomBlob(1024) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: content, - Headers: http.Header(map[string][]string{ - // "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "HEAD", - Route: "/v2/" + repo.Name() + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - // "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - l := r.Blobs(ctx) - - _, err = l.Stat(ctx, dgst) - if err == nil { - t.Fatal(err) - } - if !strings.Contains(err.Error(), "missing content-length heade") { - t.Fatalf("Expected missing content-length error message") - } - -} - -func TestBlobExists(t *testing.T) { - d1, b1 := newRandomBlob(1024) - var m testutil.RequestResponseMap - addTestFetch("test.example.com/repo1", d1, b1, &m) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - repo, _ := reference.ParseNamed("test.example.com/repo1") - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - l := r.Blobs(ctx) - - stat, err := l.Stat(ctx, d1) - if err != nil { - t.Fatal(err) - } - - if stat.Digest != d1 { - t.Fatalf("Unexpected digest: %s, expected %s", stat.Digest, d1) - } - - if stat.Size != int64(len(b1)) { - t.Fatalf("Unexpected length: %d, expected %d", stat.Size, len(b1)) - } - - // TODO(dmcgowan): Test error cases and ErrBlobUnknown case -} - -func TestBlobUploadChunked(t *testing.T) { - dgst, b1 := newRandomBlob(1024) - var m testutil.RequestResponseMap - chunks := [][]byte{ - b1[0:256], - b1[256:512], - b1[512:513], - b1[513:1024], - } - repo, _ := reference.ParseNamed("test.example.com/uploadrepo") - uuids := []string{uuid.Generate().String()} - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "POST", - Route: "/v2/" + repo.Name() + "/blobs/uploads/", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Location": {"/v2/" + repo.Name() + "/blobs/uploads/" + uuids[0]}, - "Docker-Upload-UUID": {uuids[0]}, - "Range": {"0-0"}, - }), - }, - }) - offset := 0 - for i, chunk := range chunks { - uuids = append(uuids, uuid.Generate().String()) - newOffset := offset + len(chunk) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "PATCH", - Route: "/v2/" + repo.Name() + "/blobs/uploads/" + uuids[i], - Body: chunk, - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Location": {"/v2/" + repo.Name() + "/blobs/uploads/" + uuids[i+1]}, - "Docker-Upload-UUID": {uuids[i+1]}, - "Range": {fmt.Sprintf("%d-%d", offset, newOffset-1)}, - }), - }, - }) - offset = newOffset - } - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "PUT", - Route: "/v2/" + repo.Name() + "/blobs/uploads/" + uuids[len(uuids)-1], - QueryParams: map[string][]string{ - "digest": {dgst.String()}, - }, - }, - Response: testutil.Response{ - StatusCode: http.StatusCreated, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Docker-Content-Digest": {dgst.String()}, - "Content-Range": {fmt.Sprintf("0-%d", offset-1)}, - }), - }, - }) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "HEAD", - Route: "/v2/" + repo.Name() + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(offset)}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - l := r.Blobs(ctx) - - upload, err := l.Create(ctx) - if err != nil { - t.Fatal(err) - } - - if upload.ID() != uuids[0] { - log.Fatalf("Unexpected UUID %s; expected %s", upload.ID(), uuids[0]) - } - - for _, chunk := range chunks { - n, err := upload.Write(chunk) - if err != nil { - t.Fatal(err) - } - if n != len(chunk) { - t.Fatalf("Unexpected length returned from write: %d; expected: %d", n, len(chunk)) - } - } - - blob, err := upload.Commit(ctx, distribution.Descriptor{ - Digest: dgst, - Size: int64(len(b1)), - }) - if err != nil { - t.Fatal(err) - } - - if blob.Size != int64(len(b1)) { - t.Fatalf("Unexpected blob size: %d; expected: %d", blob.Size, len(b1)) - } -} - -func TestBlobUploadMonolithic(t *testing.T) { - dgst, b1 := newRandomBlob(1024) - var m testutil.RequestResponseMap - repo, _ := reference.ParseNamed("test.example.com/uploadrepo") - uploadID := uuid.Generate().String() - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "POST", - Route: "/v2/" + repo.Name() + "/blobs/uploads/", - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Location": {"/v2/" + repo.Name() + "/blobs/uploads/" + uploadID}, - "Docker-Upload-UUID": {uploadID}, - "Range": {"0-0"}, - }), - }, - }) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "PATCH", - Route: "/v2/" + repo.Name() + "/blobs/uploads/" + uploadID, - Body: b1, - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Location": {"/v2/" + repo.Name() + "/blobs/uploads/" + uploadID}, - "Docker-Upload-UUID": {uploadID}, - "Content-Length": {"0"}, - "Docker-Content-Digest": {dgst.String()}, - "Range": {fmt.Sprintf("0-%d", len(b1)-1)}, - }), - }, - }) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "PUT", - Route: "/v2/" + repo.Name() + "/blobs/uploads/" + uploadID, - QueryParams: map[string][]string{ - "digest": {dgst.String()}, - }, - }, - Response: testutil.Response{ - StatusCode: http.StatusCreated, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Docker-Content-Digest": {dgst.String()}, - "Content-Range": {fmt.Sprintf("0-%d", len(b1)-1)}, - }), - }, - }) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "HEAD", - Route: "/v2/" + repo.Name() + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(b1))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - l := r.Blobs(ctx) - - upload, err := l.Create(ctx) - if err != nil { - t.Fatal(err) - } - - if upload.ID() != uploadID { - log.Fatalf("Unexpected UUID %s; expected %s", upload.ID(), uploadID) - } - - n, err := upload.ReadFrom(bytes.NewReader(b1)) - if err != nil { - t.Fatal(err) - } - if n != int64(len(b1)) { - t.Fatalf("Unexpected ReadFrom length: %d; expected: %d", n, len(b1)) - } - - blob, err := upload.Commit(ctx, distribution.Descriptor{ - Digest: dgst, - Size: int64(len(b1)), - }) - if err != nil { - t.Fatal(err) - } - - if blob.Size != int64(len(b1)) { - t.Fatalf("Unexpected blob size: %d; expected: %d", blob.Size, len(b1)) - } -} - -func TestBlobMount(t *testing.T) { - dgst, content := newRandomBlob(1024) - var m testutil.RequestResponseMap - repo, _ := reference.ParseNamed("test.example.com/uploadrepo") - - sourceRepo, _ := reference.ParseNamed("test.example.com/sourcerepo") - canonicalRef, _ := reference.WithDigest(sourceRepo, dgst) - - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "POST", - Route: "/v2/" + repo.Name() + "/blobs/uploads/", - QueryParams: map[string][]string{"from": {sourceRepo.Name()}, "mount": {dgst.String()}}, - }, - Response: testutil.Response{ - StatusCode: http.StatusCreated, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Location": {"/v2/" + repo.Name() + "/blobs/" + dgst.String()}, - "Docker-Content-Digest": {dgst.String()}, - }), - }, - }) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "HEAD", - Route: "/v2/" + repo.Name() + "/blobs/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - - l := r.Blobs(ctx) - - bw, err := l.Create(ctx, WithMountFrom(canonicalRef)) - if bw != nil { - t.Fatalf("Expected blob writer to be nil, was %v", bw) - } - - if ebm, ok := err.(distribution.ErrBlobMounted); ok { - if ebm.From.Digest() != dgst { - t.Fatalf("Unexpected digest: %s, expected %s", ebm.From.Digest(), dgst) - } - if ebm.From.Name() != sourceRepo.Name() { - t.Fatalf("Unexpected from: %s, expected %s", ebm.From.Name(), sourceRepo) - } - } else { - t.Fatalf("Unexpected error: %v, expected an ErrBlobMounted", err) - } -} - -func newRandomSchemaV1Manifest(name reference.Named, tag string, blobCount int) (*schema1.SignedManifest, digest.Digest, []byte) { - blobs := make([]schema1.FSLayer, blobCount) - history := make([]schema1.History, blobCount) - - for i := 0; i < blobCount; i++ { - dgst, blob := newRandomBlob((i % 5) * 16) - - blobs[i] = schema1.FSLayer{BlobSum: dgst} - history[i] = schema1.History{V1Compatibility: fmt.Sprintf("{\"Hex\": \"%x\"}", blob)} - } - - m := schema1.Manifest{ - Name: name.String(), - Tag: tag, - Architecture: "x86", - FSLayers: blobs, - History: history, - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - panic(err) - } - - sm, err := schema1.Sign(&m, pk) - if err != nil { - panic(err) - } - - return sm, digest.FromBytes(sm.Canonical), sm.Canonical -} - -func addTestManifestWithEtag(repo reference.Named, reference string, content []byte, m *testutil.RequestResponseMap, dgst string) { - actualDigest := digest.FromBytes(content) - getReqWithEtag := testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/manifests/" + reference, - Headers: http.Header(map[string][]string{ - "If-None-Match": {fmt.Sprintf(`"%s"`, dgst)}, - }), - } - - var getRespWithEtag testutil.Response - if actualDigest.String() == dgst { - getRespWithEtag = testutil.Response{ - StatusCode: http.StatusNotModified, - Body: []byte{}, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - "Content-Type": {schema1.MediaTypeSignedManifest}, - }), - } - } else { - getRespWithEtag = testutil.Response{ - StatusCode: http.StatusOK, - Body: content, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - "Content-Type": {schema1.MediaTypeSignedManifest}, - }), - } - - } - *m = append(*m, testutil.RequestResponseMapping{Request: getReqWithEtag, Response: getRespWithEtag}) -} - -func contentDigestString(mediatype string, content []byte) string { - if mediatype == schema1.MediaTypeSignedManifest { - m, _, _ := distribution.UnmarshalManifest(mediatype, content) - content = m.(*schema1.SignedManifest).Canonical - } - return digest.Canonical.FromBytes(content).String() -} - -func addTestManifest(repo reference.Named, reference string, mediatype string, content []byte, m *testutil.RequestResponseMap) { - *m = append(*m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/manifests/" + reference, - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: content, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - "Content-Type": {mediatype}, - "Docker-Content-Digest": {contentDigestString(mediatype, content)}, - }), - }, - }) - *m = append(*m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "HEAD", - Route: "/v2/" + repo.Name() + "/manifests/" + reference, - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(content))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - "Content-Type": {mediatype}, - "Docker-Content-Digest": {digest.Canonical.FromBytes(content).String()}, - }), - }, - }) - -} - -func checkEqualManifest(m1, m2 *schema1.SignedManifest) error { - if m1.Name != m2.Name { - return fmt.Errorf("name does not match %q != %q", m1.Name, m2.Name) - } - if m1.Tag != m2.Tag { - return fmt.Errorf("tag does not match %q != %q", m1.Tag, m2.Tag) - } - if len(m1.FSLayers) != len(m2.FSLayers) { - return fmt.Errorf("fs blob length does not match %d != %d", len(m1.FSLayers), len(m2.FSLayers)) - } - for i := range m1.FSLayers { - if m1.FSLayers[i].BlobSum != m2.FSLayers[i].BlobSum { - return fmt.Errorf("blobsum does not match %q != %q", m1.FSLayers[i].BlobSum, m2.FSLayers[i].BlobSum) - } - } - if len(m1.History) != len(m2.History) { - return fmt.Errorf("history length does not match %d != %d", len(m1.History), len(m2.History)) - } - for i := range m1.History { - if m1.History[i].V1Compatibility != m2.History[i].V1Compatibility { - return fmt.Errorf("blobsum does not match %q != %q", m1.History[i].V1Compatibility, m2.History[i].V1Compatibility) - } - } - return nil -} - -func TestV1ManifestFetch(t *testing.T) { - ctx := context.Background() - repo, _ := reference.ParseNamed("test.example.com/repo") - m1, dgst, _ := newRandomSchemaV1Manifest(repo, "latest", 6) - var m testutil.RequestResponseMap - _, pl, err := m1.Payload() - if err != nil { - t.Fatal(err) - } - addTestManifest(repo, dgst.String(), schema1.MediaTypeSignedManifest, pl, &m) - addTestManifest(repo, "latest", schema1.MediaTypeSignedManifest, pl, &m) - addTestManifest(repo, "badcontenttype", "text/html", pl, &m) - - e, c := testServer(m) - defer c() - - r, err := NewRepository(context.Background(), repo, e, nil) - if err != nil { - t.Fatal(err) - } - ms, err := r.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - - ok, err := ms.Exists(ctx, dgst) - if err != nil { - t.Fatal(err) - } - if !ok { - t.Fatal("Manifest does not exist") - } - - manifest, err := ms.Get(ctx, dgst) - if err != nil { - t.Fatal(err) - } - v1manifest, ok := manifest.(*schema1.SignedManifest) - if !ok { - t.Fatalf("Unexpected manifest type from Get: %T", manifest) - } - - if err := checkEqualManifest(v1manifest, m1); err != nil { - t.Fatal(err) - } - - var contentDigest digest.Digest - manifest, err = ms.Get(ctx, dgst, distribution.WithTag("latest"), ReturnContentDigest(&contentDigest)) - if err != nil { - t.Fatal(err) - } - v1manifest, ok = manifest.(*schema1.SignedManifest) - if !ok { - t.Fatalf("Unexpected manifest type from Get: %T", manifest) - } - - if err = checkEqualManifest(v1manifest, m1); err != nil { - t.Fatal(err) - } - - if contentDigest != dgst { - t.Fatalf("Unexpected returned content digest %v, expected %v", contentDigest, dgst) - } - - manifest, err = ms.Get(ctx, dgst, distribution.WithTag("badcontenttype")) - if err != nil { - t.Fatal(err) - } - v1manifest, ok = manifest.(*schema1.SignedManifest) - if !ok { - t.Fatalf("Unexpected manifest type from Get: %T", manifest) - } - - if err = checkEqualManifest(v1manifest, m1); err != nil { - t.Fatal(err) - } -} - -func TestManifestFetchWithEtag(t *testing.T) { - repo, _ := reference.ParseNamed("test.example.com/repo/by/tag") - _, d1, p1 := newRandomSchemaV1Manifest(repo, "latest", 6) - var m testutil.RequestResponseMap - addTestManifestWithEtag(repo, "latest", p1, &m, d1.String()) - - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - - ms, err := r.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - - clientManifestService, ok := ms.(*manifests) - if !ok { - panic("wrong type for client manifest service") - } - _, err = clientManifestService.Get(ctx, d1, distribution.WithTag("latest"), AddEtagToTag("latest", d1.String())) - if err != distribution.ErrManifestNotModified { - t.Fatal(err) - } -} - -func TestManifestDelete(t *testing.T) { - repo, _ := reference.ParseNamed("test.example.com/repo/delete") - _, dgst1, _ := newRandomSchemaV1Manifest(repo, "latest", 6) - _, dgst2, _ := newRandomSchemaV1Manifest(repo, "latest", 6) - var m testutil.RequestResponseMap - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "DELETE", - Route: "/v2/" + repo.Name() + "/manifests/" + dgst1.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - }), - }, - }) - - e, c := testServer(m) - defer c() - - r, err := NewRepository(context.Background(), repo, e, nil) - if err != nil { - t.Fatal(err) - } - ctx := context.Background() - ms, err := r.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - - if err := ms.Delete(ctx, dgst1); err != nil { - t.Fatal(err) - } - if err := ms.Delete(ctx, dgst2); err == nil { - t.Fatal("Expected error deleting unknown manifest") - } - // TODO(dmcgowan): Check for specific unknown error -} - -func TestManifestPut(t *testing.T) { - repo, _ := reference.ParseNamed("test.example.com/repo/delete") - m1, dgst, _ := newRandomSchemaV1Manifest(repo, "other", 6) - - _, payload, err := m1.Payload() - if err != nil { - t.Fatal(err) - } - - var m testutil.RequestResponseMap - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "PUT", - Route: "/v2/" + repo.Name() + "/manifests/other", - Body: payload, - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Docker-Content-Digest": {dgst.String()}, - }), - }, - }) - - putDgst := digest.FromBytes(m1.Canonical) - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "PUT", - Route: "/v2/" + repo.Name() + "/manifests/" + putDgst.String(), - Body: payload, - }, - Response: testutil.Response{ - StatusCode: http.StatusAccepted, - Headers: http.Header(map[string][]string{ - "Content-Length": {"0"}, - "Docker-Content-Digest": {putDgst.String()}, - }), - }, - }) - - e, c := testServer(m) - defer c() - - r, err := NewRepository(context.Background(), repo, e, nil) - if err != nil { - t.Fatal(err) - } - ctx := context.Background() - ms, err := r.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - - if _, err := ms.Put(ctx, m1, distribution.WithTag(m1.Tag)); err != nil { - t.Fatal(err) - } - - if _, err := ms.Put(ctx, m1); err != nil { - t.Fatal(err) - } - - // TODO(dmcgowan): Check for invalid input error -} - -func TestManifestTags(t *testing.T) { - repo, _ := reference.ParseNamed("test.example.com/repo/tags/list") - tagsList := []byte(strings.TrimSpace(` -{ - "name": "test.example.com/repo/tags/list", - "tags": [ - "tag1", - "tag2", - "funtag" - ] -} - `)) - var m testutil.RequestResponseMap - for i := 0; i < 3; i++ { - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/tags/list", - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: tagsList, - Headers: http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(tagsList))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }), - }, - }) - } - e, c := testServer(m) - defer c() - - r, err := NewRepository(context.Background(), repo, e, nil) - if err != nil { - t.Fatal(err) - } - - ctx := context.Background() - tagService := r.Tags(ctx) - - tags, err := tagService.All(ctx) - if err != nil { - t.Fatal(err) - } - if len(tags) != 3 { - t.Fatalf("Wrong number of tags returned: %d, expected 3", len(tags)) - } - - expected := map[string]struct{}{ - "tag1": {}, - "tag2": {}, - "funtag": {}, - } - for _, t := range tags { - delete(expected, t) - } - if len(expected) != 0 { - t.Fatalf("unexpected tags returned: %v", expected) - } - // TODO(dmcgowan): Check for error cases -} - -func TestObtainsErrorForMissingTag(t *testing.T) { - repo, _ := reference.ParseNamed("test.example.com/repo") - - var m testutil.RequestResponseMap - var errors errcode.Errors - errors = append(errors, v2.ErrorCodeManifestUnknown.WithDetail("unknown manifest")) - errBytes, err := json.Marshal(errors) - if err != nil { - t.Fatal(err) - } - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/manifests/1.0.0", - }, - Response: testutil.Response{ - StatusCode: http.StatusNotFound, - Body: errBytes, - Headers: http.Header(map[string][]string{ - "Content-Type": {"application/json; charset=utf-8"}, - }), - }, - }) - e, c := testServer(m) - defer c() - - ctx := context.Background() - r, err := NewRepository(ctx, repo, e, nil) - if err != nil { - t.Fatal(err) - } - - tagService := r.Tags(ctx) - - _, err = tagService.Get(ctx, "1.0.0") - if err == nil { - t.Fatalf("Expected an error") - } - if !strings.Contains(err.Error(), "manifest unknown") { - t.Fatalf("Expected unknown manifest error message") - } -} - -func TestManifestTagsPaginated(t *testing.T) { - s := httptest.NewServer(http.NotFoundHandler()) - defer s.Close() - - repo, _ := reference.ParseNamed("test.example.com/repo/tags/list") - tagsList := []string{"tag1", "tag2", "funtag"} - var m testutil.RequestResponseMap - for i := 0; i < 3; i++ { - body, err := json.Marshal(map[string]interface{}{ - "name": "test.example.com/repo/tags/list", - "tags": []string{tagsList[i]}, - }) - if err != nil { - t.Fatal(err) - } - queryParams := make(map[string][]string) - if i > 0 { - queryParams["n"] = []string{"1"} - queryParams["last"] = []string{tagsList[i-1]} - } - headers := http.Header(map[string][]string{ - "Content-Length": {fmt.Sprint(len(body))}, - "Last-Modified": {time.Now().Add(-1 * time.Second).Format(time.ANSIC)}, - }) - if i < 2 { - headers.Set("Link", "<"+s.URL+"/v2/"+repo.Name()+"/tags/list?n=1&last="+tagsList[i]+`>; rel="next"`) - } - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/tags/list", - QueryParams: queryParams, - }, - Response: testutil.Response{ - StatusCode: http.StatusOK, - Body: body, - Headers: headers, - }, - }) - } - - s.Config.Handler = testutil.NewHandler(m) - - r, err := NewRepository(context.Background(), repo, s.URL, nil) - if err != nil { - t.Fatal(err) - } - - ctx := context.Background() - tagService := r.Tags(ctx) - - tags, err := tagService.All(ctx) - if err != nil { - t.Fatal(tags, err) - } - if len(tags) != 3 { - t.Fatalf("Wrong number of tags returned: %d, expected 3", len(tags)) - } - - expected := map[string]struct{}{ - "tag1": {}, - "tag2": {}, - "funtag": {}, - } - for _, t := range tags { - delete(expected, t) - } - if len(expected) != 0 { - t.Fatalf("unexpected tags returned: %v", expected) - } -} - -func TestManifestUnauthorized(t *testing.T) { - repo, _ := reference.ParseNamed("test.example.com/repo") - _, dgst, _ := newRandomSchemaV1Manifest(repo, "latest", 6) - var m testutil.RequestResponseMap - - m = append(m, testutil.RequestResponseMapping{ - Request: testutil.Request{ - Method: "GET", - Route: "/v2/" + repo.Name() + "/manifests/" + dgst.String(), - }, - Response: testutil.Response{ - StatusCode: http.StatusUnauthorized, - Body: []byte("garbage"), - }, - }) - - e, c := testServer(m) - defer c() - - r, err := NewRepository(context.Background(), repo, e, nil) - if err != nil { - t.Fatal(err) - } - ctx := context.Background() - ms, err := r.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - - _, err = ms.Get(ctx, dgst) - if err == nil { - t.Fatal("Expected error fetching manifest") - } - v2Err, ok := err.(errcode.Error) - if !ok { - t.Fatalf("Unexpected error type: %#v", err) - } - if v2Err.Code != errcode.ErrorCodeUnauthorized { - t.Fatalf("Unexpected error code: %s", v2Err.Code.String()) - } - if expected := errcode.ErrorCodeUnauthorized.Message(); v2Err.Message != expected { - t.Fatalf("Unexpected message value: %q, expected %q", v2Err.Message, expected) - } -} - -func TestCatalog(t *testing.T) { - var m testutil.RequestResponseMap - addTestCatalog( - "/v2/_catalog?n=5", - []byte("{\"repositories\":[\"foo\", \"bar\", \"baz\"]}"), "", &m) - - e, c := testServer(m) - defer c() - - entries := make([]string, 5) - - r, err := NewRegistry(context.Background(), e, nil) - if err != nil { - t.Fatal(err) - } - - ctx := context.Background() - numFilled, err := r.Repositories(ctx, entries, "") - if err != io.EOF { - t.Fatal(err) - } - - if numFilled != 3 { - t.Fatalf("Got wrong number of repos") - } -} - -func TestCatalogInParts(t *testing.T) { - var m testutil.RequestResponseMap - addTestCatalog( - "/v2/_catalog?n=2", - []byte("{\"repositories\":[\"bar\", \"baz\"]}"), - "", &m) - addTestCatalog( - "/v2/_catalog?last=baz&n=2", - []byte("{\"repositories\":[\"foo\"]}"), - "", &m) - - e, c := testServer(m) - defer c() - - entries := make([]string, 2) - - r, err := NewRegistry(context.Background(), e, nil) - if err != nil { - t.Fatal(err) - } - - ctx := context.Background() - numFilled, err := r.Repositories(ctx, entries, "") - if err != nil { - t.Fatal(err) - } - - if numFilled != 2 { - t.Fatalf("Got wrong number of repos") - } - - numFilled, err = r.Repositories(ctx, entries, "baz") - if err != io.EOF { - t.Fatal(err) - } - - if numFilled != 1 { - t.Fatalf("Got wrong number of repos") - } -} - -func TestSanitizeLocation(t *testing.T) { - for _, testcase := range []struct { - description string - location string - source string - expected string - err error - }{ - { - description: "ensure relative location correctly resolved", - location: "/v2/foo/baasdf", - source: "http://blahalaja.com/v1", - expected: "http://blahalaja.com/v2/foo/baasdf", - }, - { - description: "ensure parameters are preserved", - location: "/v2/foo/baasdf?_state=asdfasfdasdfasdf&digest=foo", - source: "http://blahalaja.com/v1", - expected: "http://blahalaja.com/v2/foo/baasdf?_state=asdfasfdasdfasdf&digest=foo", - }, - { - description: "ensure new hostname overidden", - location: "https://mwhahaha.com/v2/foo/baasdf?_state=asdfasfdasdfasdf", - source: "http://blahalaja.com/v1", - expected: "https://mwhahaha.com/v2/foo/baasdf?_state=asdfasfdasdfasdf", - }, - } { - fatalf := func(format string, args ...interface{}) { - t.Fatalf(testcase.description+": "+format, args...) - } - - s, err := sanitizeLocation(testcase.location, testcase.source) - if err != testcase.err { - if testcase.err != nil { - fatalf("expected error: %v != %v", err, testcase) - } else { - fatalf("unexpected error sanitizing: %v", err) - } - } - - if s != testcase.expected { - fatalf("bad sanitize: %q != %q", s, testcase.expected) - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go b/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go deleted file mode 100644 index e5ff09d7..00000000 --- a/vendor/github.com/docker/distribution/registry/client/transport/http_reader.go +++ /dev/null @@ -1,251 +0,0 @@ -package transport - -import ( - "errors" - "fmt" - "io" - "net/http" - "os" - "regexp" - "strconv" -) - -var ( - contentRangeRegexp = regexp.MustCompile(`bytes ([0-9]+)-([0-9]+)/([0-9]+|\\*)`) - - // ErrWrongCodeForByteRange is returned if the client sends a request - // with a Range header but the server returns a 2xx or 3xx code other - // than 206 Partial Content. - ErrWrongCodeForByteRange = errors.New("expected HTTP 206 from byte range request") -) - -// ReadSeekCloser combines io.ReadSeeker with io.Closer. -type ReadSeekCloser interface { - io.ReadSeeker - io.Closer -} - -// NewHTTPReadSeeker handles reading from an HTTP endpoint using a GET -// request. When seeking and starting a read from a non-zero offset -// the a "Range" header will be added which sets the offset. -// TODO(dmcgowan): Move this into a separate utility package -func NewHTTPReadSeeker(client *http.Client, url string, errorHandler func(*http.Response) error) ReadSeekCloser { - return &httpReadSeeker{ - client: client, - url: url, - errorHandler: errorHandler, - } -} - -type httpReadSeeker struct { - client *http.Client - url string - - // errorHandler creates an error from an unsuccessful HTTP response. - // This allows the error to be created with the HTTP response body - // without leaking the body through a returned error. - errorHandler func(*http.Response) error - - size int64 - - // rc is the remote read closer. - rc io.ReadCloser - // readerOffset tracks the offset as of the last read. - readerOffset int64 - // seekOffset allows Seek to override the offset. Seek changes - // seekOffset instead of changing readOffset directly so that - // connection resets can be delayed and possibly avoided if the - // seek is undone (i.e. seeking to the end and then back to the - // beginning). - seekOffset int64 - err error -} - -func (hrs *httpReadSeeker) Read(p []byte) (n int, err error) { - if hrs.err != nil { - return 0, hrs.err - } - - // If we sought to a different position, we need to reset the - // connection. This logic is here instead of Seek so that if - // a seek is undone before the next read, the connection doesn't - // need to be closed and reopened. A common example of this is - // seeking to the end to determine the length, and then seeking - // back to the original position. - if hrs.readerOffset != hrs.seekOffset { - hrs.reset() - } - - hrs.readerOffset = hrs.seekOffset - - rd, err := hrs.reader() - if err != nil { - return 0, err - } - - n, err = rd.Read(p) - hrs.seekOffset += int64(n) - hrs.readerOffset += int64(n) - - return n, err -} - -func (hrs *httpReadSeeker) Seek(offset int64, whence int) (int64, error) { - if hrs.err != nil { - return 0, hrs.err - } - - lastReaderOffset := hrs.readerOffset - - if whence == os.SEEK_SET && hrs.rc == nil { - // If no request has been made yet, and we are seeking to an - // absolute position, set the read offset as well to avoid an - // unnecessary request. - hrs.readerOffset = offset - } - - _, err := hrs.reader() - if err != nil { - hrs.readerOffset = lastReaderOffset - return 0, err - } - - newOffset := hrs.seekOffset - - switch whence { - case os.SEEK_CUR: - newOffset += offset - case os.SEEK_END: - if hrs.size < 0 { - return 0, errors.New("content length not known") - } - newOffset = hrs.size + offset - case os.SEEK_SET: - newOffset = offset - } - - if newOffset < 0 { - err = errors.New("cannot seek to negative position") - } else { - hrs.seekOffset = newOffset - } - - return hrs.seekOffset, err -} - -func (hrs *httpReadSeeker) Close() error { - if hrs.err != nil { - return hrs.err - } - - // close and release reader chain - if hrs.rc != nil { - hrs.rc.Close() - } - - hrs.rc = nil - - hrs.err = errors.New("httpLayer: closed") - - return nil -} - -func (hrs *httpReadSeeker) reset() { - if hrs.err != nil { - return - } - if hrs.rc != nil { - hrs.rc.Close() - hrs.rc = nil - } -} - -func (hrs *httpReadSeeker) reader() (io.Reader, error) { - if hrs.err != nil { - return nil, hrs.err - } - - if hrs.rc != nil { - return hrs.rc, nil - } - - req, err := http.NewRequest("GET", hrs.url, nil) - if err != nil { - return nil, err - } - - if hrs.readerOffset > 0 { - // If we are at different offset, issue a range request from there. - req.Header.Add("Range", fmt.Sprintf("bytes=%d-", hrs.readerOffset)) - // TODO: get context in here - // context.GetLogger(hrs.context).Infof("Range: %s", req.Header.Get("Range")) - } - - req.Header.Add("Accept-Encoding", "identity") - resp, err := hrs.client.Do(req) - if err != nil { - return nil, err - } - - // Normally would use client.SuccessStatus, but that would be a cyclic - // import - if resp.StatusCode >= 200 && resp.StatusCode <= 399 { - if hrs.readerOffset > 0 { - if resp.StatusCode != http.StatusPartialContent { - return nil, ErrWrongCodeForByteRange - } - - contentRange := resp.Header.Get("Content-Range") - if contentRange == "" { - return nil, errors.New("no Content-Range header found in HTTP 206 response") - } - - submatches := contentRangeRegexp.FindStringSubmatch(contentRange) - if len(submatches) < 4 { - return nil, fmt.Errorf("could not parse Content-Range header: %s", contentRange) - } - - startByte, err := strconv.ParseUint(submatches[1], 10, 64) - if err != nil { - return nil, fmt.Errorf("could not parse start of range in Content-Range header: %s", contentRange) - } - - if startByte != uint64(hrs.readerOffset) { - return nil, fmt.Errorf("received Content-Range starting at offset %d instead of requested %d", startByte, hrs.readerOffset) - } - - endByte, err := strconv.ParseUint(submatches[2], 10, 64) - if err != nil { - return nil, fmt.Errorf("could not parse end of range in Content-Range header: %s", contentRange) - } - - if submatches[3] == "*" { - hrs.size = -1 - } else { - size, err := strconv.ParseUint(submatches[3], 10, 64) - if err != nil { - return nil, fmt.Errorf("could not parse total size in Content-Range header: %s", contentRange) - } - - if endByte+1 != size { - return nil, fmt.Errorf("range in Content-Range stops before the end of the content: %s", contentRange) - } - - hrs.size = int64(size) - } - } else if resp.StatusCode == http.StatusOK { - hrs.size = resp.ContentLength - } else { - hrs.size = -1 - } - hrs.rc = resp.Body - } else { - defer resp.Body.Close() - if hrs.errorHandler != nil { - return nil, hrs.errorHandler(resp) - } - return nil, fmt.Errorf("unexpected status resolving reader: %v", resp.Status) - } - - return hrs.rc, nil -} diff --git a/vendor/github.com/docker/distribution/registry/client/transport/transport.go b/vendor/github.com/docker/distribution/registry/client/transport/transport.go deleted file mode 100644 index 30e45fab..00000000 --- a/vendor/github.com/docker/distribution/registry/client/transport/transport.go +++ /dev/null @@ -1,147 +0,0 @@ -package transport - -import ( - "io" - "net/http" - "sync" -) - -// RequestModifier represents an object which will do an inplace -// modification of an HTTP request. -type RequestModifier interface { - ModifyRequest(*http.Request) error -} - -type headerModifier http.Header - -// NewHeaderRequestModifier returns a new RequestModifier which will -// add the given headers to a request. -func NewHeaderRequestModifier(header http.Header) RequestModifier { - return headerModifier(header) -} - -func (h headerModifier) ModifyRequest(req *http.Request) error { - for k, s := range http.Header(h) { - req.Header[k] = append(req.Header[k], s...) - } - - return nil -} - -// NewTransport creates a new transport which will apply modifiers to -// the request on a RoundTrip call. -func NewTransport(base http.RoundTripper, modifiers ...RequestModifier) http.RoundTripper { - return &transport{ - Modifiers: modifiers, - Base: base, - } -} - -// transport is an http.RoundTripper that makes HTTP requests after -// copying and modifying the request -type transport struct { - Modifiers []RequestModifier - Base http.RoundTripper - - mu sync.Mutex // guards modReq - modReq map[*http.Request]*http.Request // original -> modified -} - -// RoundTrip authorizes and authenticates the request with an -// access token. If no token exists or token is expired, -// tries to refresh/fetch a new token. -func (t *transport) RoundTrip(req *http.Request) (*http.Response, error) { - req2 := cloneRequest(req) - for _, modifier := range t.Modifiers { - if err := modifier.ModifyRequest(req2); err != nil { - return nil, err - } - } - - t.setModReq(req, req2) - res, err := t.base().RoundTrip(req2) - if err != nil { - t.setModReq(req, nil) - return nil, err - } - res.Body = &onEOFReader{ - rc: res.Body, - fn: func() { t.setModReq(req, nil) }, - } - return res, nil -} - -// CancelRequest cancels an in-flight request by closing its connection. -func (t *transport) CancelRequest(req *http.Request) { - type canceler interface { - CancelRequest(*http.Request) - } - if cr, ok := t.base().(canceler); ok { - t.mu.Lock() - modReq := t.modReq[req] - delete(t.modReq, req) - t.mu.Unlock() - cr.CancelRequest(modReq) - } -} - -func (t *transport) base() http.RoundTripper { - if t.Base != nil { - return t.Base - } - return http.DefaultTransport -} - -func (t *transport) setModReq(orig, mod *http.Request) { - t.mu.Lock() - defer t.mu.Unlock() - if t.modReq == nil { - t.modReq = make(map[*http.Request]*http.Request) - } - if mod == nil { - delete(t.modReq, orig) - } else { - t.modReq[orig] = mod - } -} - -// cloneRequest returns a clone of the provided *http.Request. -// The clone is a shallow copy of the struct and its Header map. -func cloneRequest(r *http.Request) *http.Request { - // shallow copy of the struct - r2 := new(http.Request) - *r2 = *r - // deep copy of the Header - r2.Header = make(http.Header, len(r.Header)) - for k, s := range r.Header { - r2.Header[k] = append([]string(nil), s...) - } - - return r2 -} - -type onEOFReader struct { - rc io.ReadCloser - fn func() -} - -func (r *onEOFReader) Read(p []byte) (n int, err error) { - n, err = r.rc.Read(p) - if err == io.EOF { - r.runFunc() - } - return -} - -func (r *onEOFReader) Close() error { - err := r.rc.Close() - r.runFunc() - return err -} - -func (r *onEOFReader) runFunc() { - if fn := r.fn; fn != nil { - fn() - r.fn = nil - } -} diff --git a/vendor/github.com/docker/distribution/registry/doc.go b/vendor/github.com/docker/distribution/registry/doc.go deleted file mode 100644 index a1ba7f3a..00000000 --- a/vendor/github.com/docker/distribution/registry/doc.go +++ /dev/null @@ -1,2 +0,0 @@ -// Package registry provides the main entrypoints for running a registry. -package registry diff --git a/vendor/github.com/docker/distribution/registry/handlers/api_test.go b/vendor/github.com/docker/distribution/registry/handlers/api_test.go deleted file mode 100644 index 9d64fbbf..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/api_test.go +++ /dev/null @@ -1,2513 +0,0 @@ -package handlers - -import ( - "bytes" - "encoding/json" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/http/httptest" - "net/http/httputil" - "net/url" - "os" - "path" - "reflect" - "regexp" - "strconv" - "strings" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/configuration" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/manifestlist" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/manifest/schema2" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - _ "github.com/docker/distribution/registry/storage/driver/testdriver" - "github.com/docker/distribution/testutil" - "github.com/docker/libtrust" - "github.com/gorilla/handlers" -) - -var headerConfig = http.Header{ - "X-Content-Type-Options": []string{"nosniff"}, -} - -// TestCheckAPI hits the base endpoint (/v2/) ensures we return the specified -// 200 OK response. -func TestCheckAPI(t *testing.T) { - env := newTestEnv(t, false) - defer env.Shutdown() - baseURL, err := env.builder.BuildBaseURL() - if err != nil { - t.Fatalf("unexpected error building base url: %v", err) - } - - resp, err := http.Get(baseURL) - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "issuing api base check", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Content-Type": []string{"application/json; charset=utf-8"}, - "Content-Length": []string{"2"}, - }) - - p, err := ioutil.ReadAll(resp.Body) - if err != nil { - t.Fatalf("unexpected error reading response body: %v", err) - } - - if string(p) != "{}" { - t.Fatalf("unexpected response body: %v", string(p)) - } -} - -// TestCatalogAPI tests the /v2/_catalog endpoint -func TestCatalogAPI(t *testing.T) { - chunkLen := 2 - env := newTestEnv(t, false) - defer env.Shutdown() - - values := url.Values{ - "last": []string{""}, - "n": []string{strconv.Itoa(chunkLen)}} - - catalogURL, err := env.builder.BuildCatalogURL(values) - if err != nil { - t.Fatalf("unexpected error building catalog url: %v", err) - } - - // ----------------------------------- - // try to get an empty catalog - resp, err := http.Get(catalogURL) - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "issuing catalog api check", resp, http.StatusOK) - - var ctlg struct { - Repositories []string `json:"repositories"` - } - - dec := json.NewDecoder(resp.Body) - if err := dec.Decode(&ctlg); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - // we haven't pushed anything to the registry yet - if len(ctlg.Repositories) != 0 { - t.Fatalf("repositories has unexpected values") - } - - if resp.Header.Get("Link") != "" { - t.Fatalf("repositories has more data when none expected") - } - - // ----------------------------------- - // push something to the registry and try again - images := []string{"foo/aaaa", "foo/bbbb", "foo/cccc"} - - for _, image := range images { - createRepository(env, t, image, "sometag") - } - - resp, err = http.Get(catalogURL) - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "issuing catalog api check", resp, http.StatusOK) - - dec = json.NewDecoder(resp.Body) - if err = dec.Decode(&ctlg); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - if len(ctlg.Repositories) != chunkLen { - t.Fatalf("repositories has unexpected values") - } - - for _, image := range images[:chunkLen] { - if !contains(ctlg.Repositories, image) { - t.Fatalf("didn't find our repository '%s' in the catalog", image) - } - } - - link := resp.Header.Get("Link") - if link == "" { - t.Fatalf("repositories has less data than expected") - } - - newValues := checkLink(t, link, chunkLen, ctlg.Repositories[len(ctlg.Repositories)-1]) - - // ----------------------------------- - // get the last chunk of data - - catalogURL, err = env.builder.BuildCatalogURL(newValues) - if err != nil { - t.Fatalf("unexpected error building catalog url: %v", err) - } - - resp, err = http.Get(catalogURL) - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "issuing catalog api check", resp, http.StatusOK) - - dec = json.NewDecoder(resp.Body) - if err = dec.Decode(&ctlg); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - if len(ctlg.Repositories) != 1 { - t.Fatalf("repositories has unexpected values") - } - - lastImage := images[len(images)-1] - if !contains(ctlg.Repositories, lastImage) { - t.Fatalf("didn't find our repository '%s' in the catalog", lastImage) - } - - link = resp.Header.Get("Link") - if link != "" { - t.Fatalf("catalog has unexpected data") - } -} - -func checkLink(t *testing.T, urlStr string, numEntries int, last string) url.Values { - re := regexp.MustCompile("<(/v2/_catalog.*)>; rel=\"next\"") - matches := re.FindStringSubmatch(urlStr) - - if len(matches) != 2 { - t.Fatalf("Catalog link address response was incorrect") - } - linkURL, _ := url.Parse(matches[1]) - urlValues := linkURL.Query() - - if urlValues.Get("n") != strconv.Itoa(numEntries) { - t.Fatalf("Catalog link entry size is incorrect") - } - - if urlValues.Get("last") != last { - t.Fatal("Catalog link last entry is incorrect") - } - - return urlValues -} - -func contains(elems []string, e string) bool { - for _, elem := range elems { - if elem == e { - return true - } - } - return false -} - -func TestURLPrefix(t *testing.T) { - config := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": configuration.Parameters{}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - } - config.HTTP.Prefix = "/test/" - config.HTTP.Headers = headerConfig - - env := newTestEnvWithConfig(t, &config) - defer env.Shutdown() - - baseURL, err := env.builder.BuildBaseURL() - if err != nil { - t.Fatalf("unexpected error building base url: %v", err) - } - - parsed, _ := url.Parse(baseURL) - if !strings.HasPrefix(parsed.Path, config.HTTP.Prefix) { - t.Fatalf("Prefix %v not included in test url %v", config.HTTP.Prefix, baseURL) - } - - resp, err := http.Get(baseURL) - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "issuing api base check", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Content-Type": []string{"application/json; charset=utf-8"}, - "Content-Length": []string{"2"}, - }) -} - -type blobArgs struct { - imageName reference.Named - layerFile io.ReadSeeker - layerDigest digest.Digest -} - -func makeBlobArgs(t *testing.T) blobArgs { - layerFile, layerDigest, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating random layer file: %v", err) - } - - args := blobArgs{ - layerFile: layerFile, - layerDigest: layerDigest, - } - args.imageName, _ = reference.ParseNamed("foo/bar") - return args -} - -// TestBlobAPI conducts a full test of the of the blob api. -func TestBlobAPI(t *testing.T) { - deleteEnabled := false - env1 := newTestEnv(t, deleteEnabled) - defer env1.Shutdown() - args := makeBlobArgs(t) - testBlobAPI(t, env1, args) - - deleteEnabled = true - env2 := newTestEnv(t, deleteEnabled) - defer env2.Shutdown() - args = makeBlobArgs(t) - testBlobAPI(t, env2, args) - -} - -func TestBlobDelete(t *testing.T) { - deleteEnabled := true - env := newTestEnv(t, deleteEnabled) - defer env.Shutdown() - - args := makeBlobArgs(t) - env = testBlobAPI(t, env, args) - testBlobDelete(t, env, args) -} - -func TestRelativeURL(t *testing.T) { - config := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": configuration.Parameters{}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - } - config.HTTP.Headers = headerConfig - config.HTTP.RelativeURLs = false - env := newTestEnvWithConfig(t, &config) - defer env.Shutdown() - ref, _ := reference.WithName("foo/bar") - uploadURLBaseAbs, _ := startPushLayer(t, env, ref) - - u, err := url.Parse(uploadURLBaseAbs) - if err != nil { - t.Fatal(err) - } - if !u.IsAbs() { - t.Fatal("Relative URL returned from blob upload chunk with non-relative configuration") - } - - args := makeBlobArgs(t) - resp, err := doPushLayer(t, env.builder, ref, args.layerDigest, uploadURLBaseAbs, args.layerFile) - if err != nil { - t.Fatalf("unexpected error doing layer push relative url: %v", err) - } - checkResponse(t, "relativeurl blob upload", resp, http.StatusCreated) - u, err = url.Parse(resp.Header.Get("Location")) - if err != nil { - t.Fatal(err) - } - if !u.IsAbs() { - t.Fatal("Relative URL returned from blob upload with non-relative configuration") - } - - config.HTTP.RelativeURLs = true - args = makeBlobArgs(t) - uploadURLBaseRelative, _ := startPushLayer(t, env, ref) - u, err = url.Parse(uploadURLBaseRelative) - if err != nil { - t.Fatal(err) - } - if u.IsAbs() { - t.Fatal("Absolute URL returned from blob upload chunk with relative configuration") - } - - // Start a new upload in absolute mode to get a valid base URL - config.HTTP.RelativeURLs = false - uploadURLBaseAbs, _ = startPushLayer(t, env, ref) - u, err = url.Parse(uploadURLBaseAbs) - if err != nil { - t.Fatal(err) - } - if !u.IsAbs() { - t.Fatal("Relative URL returned from blob upload chunk with non-relative configuration") - } - - // Complete upload with relative URLs enabled to ensure the final location is relative - config.HTTP.RelativeURLs = true - resp, err = doPushLayer(t, env.builder, ref, args.layerDigest, uploadURLBaseAbs, args.layerFile) - if err != nil { - t.Fatalf("unexpected error doing layer push relative url: %v", err) - } - - checkResponse(t, "relativeurl blob upload", resp, http.StatusCreated) - u, err = url.Parse(resp.Header.Get("Location")) - if err != nil { - t.Fatal(err) - } - if u.IsAbs() { - t.Fatal("Relative URL returned from blob upload with non-relative configuration") - } -} - -func TestBlobDeleteDisabled(t *testing.T) { - deleteEnabled := false - env := newTestEnv(t, deleteEnabled) - defer env.Shutdown() - args := makeBlobArgs(t) - - imageName := args.imageName - layerDigest := args.layerDigest - ref, _ := reference.WithDigest(imageName, layerDigest) - layerURL, err := env.builder.BuildBlobURL(ref) - if err != nil { - t.Fatalf("error building url: %v", err) - } - - resp, err := httpDelete(layerURL) - if err != nil { - t.Fatalf("unexpected error deleting when disabled: %v", err) - } - - checkResponse(t, "status of disabled delete", resp, http.StatusMethodNotAllowed) -} - -func testBlobAPI(t *testing.T, env *testEnv, args blobArgs) *testEnv { - // TODO(stevvooe): This test code is complete junk but it should cover the - // complete flow. This must be broken down and checked against the - // specification *before* we submit the final to docker core. - imageName := args.imageName - layerFile := args.layerFile - layerDigest := args.layerDigest - - // ----------------------------------- - // Test fetch for non-existent content - ref, _ := reference.WithDigest(imageName, layerDigest) - layerURL, err := env.builder.BuildBlobURL(ref) - if err != nil { - t.Fatalf("error building url: %v", err) - } - - resp, err := http.Get(layerURL) - if err != nil { - t.Fatalf("unexpected error fetching non-existent layer: %v", err) - } - - checkResponse(t, "fetching non-existent content", resp, http.StatusNotFound) - - // ------------------------------------------ - // Test head request for non-existent content - resp, err = http.Head(layerURL) - if err != nil { - t.Fatalf("unexpected error checking head on non-existent layer: %v", err) - } - - checkResponse(t, "checking head on non-existent layer", resp, http.StatusNotFound) - - // ------------------------------------------ - // Start an upload, check the status then cancel - uploadURLBase, uploadUUID := startPushLayer(t, env, imageName) - - // A status check should work - resp, err = http.Get(uploadURLBase) - if err != nil { - t.Fatalf("unexpected error getting upload status: %v", err) - } - checkResponse(t, "status of deleted upload", resp, http.StatusNoContent) - checkHeaders(t, resp, http.Header{ - "Location": []string{"*"}, - "Range": []string{"0-0"}, - "Docker-Upload-UUID": []string{uploadUUID}, - }) - - req, err := http.NewRequest("DELETE", uploadURLBase, nil) - if err != nil { - t.Fatalf("unexpected error creating delete request: %v", err) - } - - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("unexpected error sending delete request: %v", err) - } - - checkResponse(t, "deleting upload", resp, http.StatusNoContent) - - // A status check should result in 404 - resp, err = http.Get(uploadURLBase) - if err != nil { - t.Fatalf("unexpected error getting upload status: %v", err) - } - checkResponse(t, "status of deleted upload", resp, http.StatusNotFound) - - // ----------------------------------------- - // Do layer push with an empty body and different digest - uploadURLBase, uploadUUID = startPushLayer(t, env, imageName) - resp, err = doPushLayer(t, env.builder, imageName, layerDigest, uploadURLBase, bytes.NewReader([]byte{})) - if err != nil { - t.Fatalf("unexpected error doing bad layer push: %v", err) - } - - checkResponse(t, "bad layer push", resp, http.StatusBadRequest) - checkBodyHasErrorCodes(t, "bad layer push", resp, v2.ErrorCodeDigestInvalid) - - // ----------------------------------------- - // Do layer push with an empty body and correct digest - zeroDigest, err := digest.FromReader(bytes.NewReader([]byte{})) - if err != nil { - t.Fatalf("unexpected error digesting empty buffer: %v", err) - } - - uploadURLBase, uploadUUID = startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, zeroDigest, uploadURLBase, bytes.NewReader([]byte{})) - - // ----------------------------------------- - // Do layer push with an empty body and correct digest - - // This is a valid but empty tarfile! - emptyTar := bytes.Repeat([]byte("\x00"), 1024) - emptyDigest, err := digest.FromReader(bytes.NewReader(emptyTar)) - if err != nil { - t.Fatalf("unexpected error digesting empty tar: %v", err) - } - - uploadURLBase, uploadUUID = startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, emptyDigest, uploadURLBase, bytes.NewReader(emptyTar)) - - // ------------------------------------------ - // Now, actually do successful upload. - layerLength, _ := layerFile.Seek(0, os.SEEK_END) - layerFile.Seek(0, os.SEEK_SET) - - uploadURLBase, uploadUUID = startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, layerDigest, uploadURLBase, layerFile) - - // ------------------------------------------ - // Now, push just a chunk - layerFile.Seek(0, 0) - - canonicalDigester := digest.Canonical.New() - if _, err := io.Copy(canonicalDigester.Hash(), layerFile); err != nil { - t.Fatalf("error copying to digest: %v", err) - } - canonicalDigest := canonicalDigester.Digest() - - layerFile.Seek(0, 0) - uploadURLBase, uploadUUID = startPushLayer(t, env, imageName) - uploadURLBase, dgst := pushChunk(t, env.builder, imageName, uploadURLBase, layerFile, layerLength) - finishUpload(t, env.builder, imageName, uploadURLBase, dgst) - - // ------------------------ - // Use a head request to see if the layer exists. - resp, err = http.Head(layerURL) - if err != nil { - t.Fatalf("unexpected error checking head on existing layer: %v", err) - } - - checkResponse(t, "checking head on existing layer", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{fmt.Sprint(layerLength)}, - "Docker-Content-Digest": []string{canonicalDigest.String()}, - }) - - // ---------------- - // Fetch the layer! - resp, err = http.Get(layerURL) - if err != nil { - t.Fatalf("unexpected error fetching layer: %v", err) - } - - checkResponse(t, "fetching layer", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{fmt.Sprint(layerLength)}, - "Docker-Content-Digest": []string{canonicalDigest.String()}, - }) - - // Verify the body - verifier, err := digest.NewDigestVerifier(layerDigest) - if err != nil { - t.Fatalf("unexpected error getting digest verifier: %s", err) - } - io.Copy(verifier, resp.Body) - - if !verifier.Verified() { - t.Fatalf("response body did not pass verification") - } - - // ---------------- - // Fetch the layer with an invalid digest - badURL := strings.Replace(layerURL, "sha256", "sha257", 1) - resp, err = http.Get(badURL) - if err != nil { - t.Fatalf("unexpected error fetching layer: %v", err) - } - - checkResponse(t, "fetching layer bad digest", resp, http.StatusBadRequest) - - // Cache headers - resp, err = http.Get(layerURL) - if err != nil { - t.Fatalf("unexpected error fetching layer: %v", err) - } - - checkResponse(t, "fetching layer", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{fmt.Sprint(layerLength)}, - "Docker-Content-Digest": []string{canonicalDigest.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, canonicalDigest)}, - "Cache-Control": []string{"max-age=31536000"}, - }) - - // Matching etag, gives 304 - etag := resp.Header.Get("Etag") - req, err = http.NewRequest("GET", layerURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching layer with etag", resp, http.StatusNotModified) - - // Non-matching etag, gives 200 - req, err = http.NewRequest("GET", layerURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", "") - resp, err = http.DefaultClient.Do(req) - checkResponse(t, "fetching layer with invalid etag", resp, http.StatusOK) - - // Missing tests: - // - Upload the same tar file under and different repository and - // ensure the content remains uncorrupted. - return env -} - -func testBlobDelete(t *testing.T, env *testEnv, args blobArgs) { - // Upload a layer - imageName := args.imageName - layerFile := args.layerFile - layerDigest := args.layerDigest - - ref, _ := reference.WithDigest(imageName, layerDigest) - layerURL, err := env.builder.BuildBlobURL(ref) - if err != nil { - t.Fatalf(err.Error()) - } - // --------------- - // Delete a layer - resp, err := httpDelete(layerURL) - if err != nil { - t.Fatalf("unexpected error deleting layer: %v", err) - } - - checkResponse(t, "deleting layer", resp, http.StatusAccepted) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{"0"}, - }) - - // --------------- - // Try and get it back - // Use a head request to see if the layer exists. - resp, err = http.Head(layerURL) - if err != nil { - t.Fatalf("unexpected error checking head on existing layer: %v", err) - } - - checkResponse(t, "checking existence of deleted layer", resp, http.StatusNotFound) - - // Delete already deleted layer - resp, err = httpDelete(layerURL) - if err != nil { - t.Fatalf("unexpected error deleting layer: %v", err) - } - - checkResponse(t, "deleting layer", resp, http.StatusNotFound) - - // ---------------- - // Attempt to delete a layer with an invalid digest - badURL := strings.Replace(layerURL, "sha256", "sha257", 1) - resp, err = httpDelete(badURL) - if err != nil { - t.Fatalf("unexpected error fetching layer: %v", err) - } - - checkResponse(t, "deleting layer bad digest", resp, http.StatusBadRequest) - - // ---------------- - // Reupload previously deleted blob - layerFile.Seek(0, os.SEEK_SET) - - uploadURLBase, _ := startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, layerDigest, uploadURLBase, layerFile) - - layerFile.Seek(0, os.SEEK_SET) - canonicalDigester := digest.Canonical.New() - if _, err := io.Copy(canonicalDigester.Hash(), layerFile); err != nil { - t.Fatalf("error copying to digest: %v", err) - } - canonicalDigest := canonicalDigester.Digest() - - // ------------------------ - // Use a head request to see if it exists - resp, err = http.Head(layerURL) - if err != nil { - t.Fatalf("unexpected error checking head on existing layer: %v", err) - } - - layerLength, _ := layerFile.Seek(0, os.SEEK_END) - checkResponse(t, "checking head on reuploaded layer", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{fmt.Sprint(layerLength)}, - "Docker-Content-Digest": []string{canonicalDigest.String()}, - }) -} - -func TestDeleteDisabled(t *testing.T) { - env := newTestEnv(t, false) - defer env.Shutdown() - - imageName, _ := reference.ParseNamed("foo/bar") - // "build" our layer file - layerFile, layerDigest, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating random layer file: %v", err) - } - - ref, _ := reference.WithDigest(imageName, layerDigest) - layerURL, err := env.builder.BuildBlobURL(ref) - if err != nil { - t.Fatalf("Error building blob URL") - } - uploadURLBase, _ := startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, layerDigest, uploadURLBase, layerFile) - - resp, err := httpDelete(layerURL) - if err != nil { - t.Fatalf("unexpected error deleting layer: %v", err) - } - - checkResponse(t, "deleting layer with delete disabled", resp, http.StatusMethodNotAllowed) -} - -func TestDeleteReadOnly(t *testing.T) { - env := newTestEnv(t, true) - defer env.Shutdown() - - imageName, _ := reference.ParseNamed("foo/bar") - // "build" our layer file - layerFile, layerDigest, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating random layer file: %v", err) - } - - ref, _ := reference.WithDigest(imageName, layerDigest) - layerURL, err := env.builder.BuildBlobURL(ref) - if err != nil { - t.Fatalf("Error building blob URL") - } - uploadURLBase, _ := startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, layerDigest, uploadURLBase, layerFile) - - env.app.readOnly = true - - resp, err := httpDelete(layerURL) - if err != nil { - t.Fatalf("unexpected error deleting layer: %v", err) - } - - checkResponse(t, "deleting layer in read-only mode", resp, http.StatusMethodNotAllowed) -} - -func TestStartPushReadOnly(t *testing.T) { - env := newTestEnv(t, true) - defer env.Shutdown() - env.app.readOnly = true - - imageName, _ := reference.ParseNamed("foo/bar") - - layerUploadURL, err := env.builder.BuildBlobUploadURL(imageName) - if err != nil { - t.Fatalf("unexpected error building layer upload url: %v", err) - } - - resp, err := http.Post(layerUploadURL, "", nil) - if err != nil { - t.Fatalf("unexpected error starting layer push: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "starting push in read-only mode", resp, http.StatusMethodNotAllowed) -} - -func httpDelete(url string) (*http.Response, error) { - req, err := http.NewRequest("DELETE", url, nil) - if err != nil { - return nil, err - } - - resp, err := http.DefaultClient.Do(req) - if err != nil { - return nil, err - } - // defer resp.Body.Close() - return resp, err -} - -type manifestArgs struct { - imageName reference.Named - mediaType string - manifest distribution.Manifest - dgst digest.Digest -} - -func TestManifestAPI(t *testing.T) { - schema1Repo, _ := reference.ParseNamed("foo/schema1") - schema2Repo, _ := reference.ParseNamed("foo/schema2") - - deleteEnabled := false - env1 := newTestEnv(t, deleteEnabled) - defer env1.Shutdown() - testManifestAPISchema1(t, env1, schema1Repo) - schema2Args := testManifestAPISchema2(t, env1, schema2Repo) - testManifestAPIManifestList(t, env1, schema2Args) - - deleteEnabled = true - env2 := newTestEnv(t, deleteEnabled) - defer env2.Shutdown() - testManifestAPISchema1(t, env2, schema1Repo) - schema2Args = testManifestAPISchema2(t, env2, schema2Repo) - testManifestAPIManifestList(t, env2, schema2Args) -} - -func TestManifestDelete(t *testing.T) { - schema1Repo, _ := reference.ParseNamed("foo/schema1") - schema2Repo, _ := reference.ParseNamed("foo/schema2") - - deleteEnabled := true - env := newTestEnv(t, deleteEnabled) - defer env.Shutdown() - schema1Args := testManifestAPISchema1(t, env, schema1Repo) - testManifestDelete(t, env, schema1Args) - schema2Args := testManifestAPISchema2(t, env, schema2Repo) - testManifestDelete(t, env, schema2Args) -} - -func TestManifestDeleteDisabled(t *testing.T) { - schema1Repo, _ := reference.ParseNamed("foo/schema1") - deleteEnabled := false - env := newTestEnv(t, deleteEnabled) - defer env.Shutdown() - testManifestDeleteDisabled(t, env, schema1Repo) -} - -func testManifestDeleteDisabled(t *testing.T, env *testEnv, imageName reference.Named) { - ref, _ := reference.WithDigest(imageName, digest.DigestSha256EmptyTar) - manifestURL, err := env.builder.BuildManifestURL(ref) - if err != nil { - t.Fatalf("unexpected error getting manifest url: %v", err) - } - - resp, err := httpDelete(manifestURL) - if err != nil { - t.Fatalf("unexpected error deleting manifest %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "status of disabled delete of manifest", resp, http.StatusMethodNotAllowed) -} - -func testManifestAPISchema1(t *testing.T, env *testEnv, imageName reference.Named) manifestArgs { - tag := "thetag" - args := manifestArgs{imageName: imageName} - - tagRef, _ := reference.WithTag(imageName, tag) - manifestURL, err := env.builder.BuildManifestURL(tagRef) - if err != nil { - t.Fatalf("unexpected error getting manifest url: %v", err) - } - - // ----------------------------- - // Attempt to fetch the manifest - resp, err := http.Get(manifestURL) - if err != nil { - t.Fatalf("unexpected error getting manifest: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "getting non-existent manifest", resp, http.StatusNotFound) - checkBodyHasErrorCodes(t, "getting non-existent manifest", resp, v2.ErrorCodeManifestUnknown) - - tagsURL, err := env.builder.BuildTagsURL(imageName) - if err != nil { - t.Fatalf("unexpected error building tags url: %v", err) - } - - resp, err = http.Get(tagsURL) - if err != nil { - t.Fatalf("unexpected error getting unknown tags: %v", err) - } - defer resp.Body.Close() - - // Check that we get an unknown repository error when asking for tags - checkResponse(t, "getting unknown manifest tags", resp, http.StatusNotFound) - checkBodyHasErrorCodes(t, "getting unknown manifest tags", resp, v2.ErrorCodeNameUnknown) - - // -------------------------------- - // Attempt to push unsigned manifest with missing layers - unsignedManifest := &schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: imageName.Name(), - Tag: tag, - FSLayers: []schema1.FSLayer{ - { - BlobSum: "asdf", - }, - { - BlobSum: "qwer", - }, - }, - History: []schema1.History{ - { - V1Compatibility: "", - }, - { - V1Compatibility: "", - }, - }, - } - - resp = putManifest(t, "putting unsigned manifest", manifestURL, "", unsignedManifest) - defer resp.Body.Close() - checkResponse(t, "putting unsigned manifest", resp, http.StatusBadRequest) - _, p, counts := checkBodyHasErrorCodes(t, "putting unsigned manifest", resp, v2.ErrorCodeManifestInvalid) - - expectedCounts := map[errcode.ErrorCode]int{ - v2.ErrorCodeManifestInvalid: 1, - } - - if !reflect.DeepEqual(counts, expectedCounts) { - t.Fatalf("unexpected number of error codes encountered: %v\n!=\n%v\n---\n%s", counts, expectedCounts, string(p)) - } - - // sign the manifest and still get some interesting errors. - sm, err := schema1.Sign(unsignedManifest, env.pk) - if err != nil { - t.Fatalf("error signing manifest: %v", err) - } - - resp = putManifest(t, "putting signed manifest with errors", manifestURL, "", sm) - defer resp.Body.Close() - checkResponse(t, "putting signed manifest with errors", resp, http.StatusBadRequest) - _, p, counts = checkBodyHasErrorCodes(t, "putting signed manifest with errors", resp, - v2.ErrorCodeManifestBlobUnknown, v2.ErrorCodeDigestInvalid) - - expectedCounts = map[errcode.ErrorCode]int{ - v2.ErrorCodeManifestBlobUnknown: 2, - v2.ErrorCodeDigestInvalid: 2, - } - - if !reflect.DeepEqual(counts, expectedCounts) { - t.Fatalf("unexpected number of error codes encountered: %v\n!=\n%v\n---\n%s", counts, expectedCounts, string(p)) - } - - // TODO(stevvooe): Add a test case where we take a mostly valid registry, - // tamper with the content and ensure that we get an unverified manifest - // error. - - // Push 2 random layers - expectedLayers := make(map[digest.Digest]io.ReadSeeker) - - for i := range unsignedManifest.FSLayers { - rs, dgstStr, err := testutil.CreateRandomTarFile() - - if err != nil { - t.Fatalf("error creating random layer %d: %v", i, err) - } - dgst := digest.Digest(dgstStr) - - expectedLayers[dgst] = rs - unsignedManifest.FSLayers[i].BlobSum = dgst - - uploadURLBase, _ := startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, dgst, uploadURLBase, rs) - } - - // ------------------- - // Push the signed manifest with all layers pushed. - signedManifest, err := schema1.Sign(unsignedManifest, env.pk) - if err != nil { - t.Fatalf("unexpected error signing manifest: %v", err) - } - - dgst := digest.FromBytes(signedManifest.Canonical) - args.manifest = signedManifest - args.dgst = dgst - - digestRef, _ := reference.WithDigest(imageName, dgst) - manifestDigestURL, err := env.builder.BuildManifestURL(digestRef) - checkErr(t, err, "building manifest url") - - resp = putManifest(t, "putting signed manifest no error", manifestURL, "", signedManifest) - checkResponse(t, "putting signed manifest no error", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // -------------------- - // Push by digest -- should get same result - resp = putManifest(t, "putting signed manifest", manifestDigestURL, "", signedManifest) - checkResponse(t, "putting signed manifest", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // ------------------ - // Fetch by tag name - resp, err = http.Get(manifestURL) - if err != nil { - t.Fatalf("unexpected error fetching manifest: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "fetching uploaded manifest", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - var fetchedManifest schema1.SignedManifest - dec := json.NewDecoder(resp.Body) - - if err := dec.Decode(&fetchedManifest); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - if !bytes.Equal(fetchedManifest.Canonical, signedManifest.Canonical) { - t.Fatalf("manifests do not match") - } - - // --------------- - // Fetch by digest - resp, err = http.Get(manifestDigestURL) - checkErr(t, err, "fetching manifest by digest") - defer resp.Body.Close() - - checkResponse(t, "fetching uploaded manifest", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - var fetchedManifestByDigest schema1.SignedManifest - dec = json.NewDecoder(resp.Body) - if err := dec.Decode(&fetchedManifestByDigest); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - if !bytes.Equal(fetchedManifestByDigest.Canonical, signedManifest.Canonical) { - t.Fatalf("manifests do not match") - } - - // check signature was roundtripped - signatures, err := fetchedManifestByDigest.Signatures() - if err != nil { - t.Fatal(err) - } - - if len(signatures) != 1 { - t.Fatalf("expected 1 signature from manifest, got: %d", len(signatures)) - } - - // Re-sign, push and pull the same digest - sm2, err := schema1.Sign(&fetchedManifestByDigest.Manifest, env.pk) - if err != nil { - t.Fatal(err) - - } - - // Re-push with a few different Content-Types. The official schema1 - // content type should work, as should application/json with/without a - // charset. - resp = putManifest(t, "re-putting signed manifest", manifestDigestURL, schema1.MediaTypeSignedManifest, sm2) - checkResponse(t, "re-putting signed manifest", resp, http.StatusCreated) - resp = putManifest(t, "re-putting signed manifest", manifestDigestURL, "application/json; charset=utf-8", sm2) - checkResponse(t, "re-putting signed manifest", resp, http.StatusCreated) - resp = putManifest(t, "re-putting signed manifest", manifestDigestURL, "application/json", sm2) - checkResponse(t, "re-putting signed manifest", resp, http.StatusCreated) - - resp, err = http.Get(manifestDigestURL) - checkErr(t, err, "re-fetching manifest by digest") - defer resp.Body.Close() - - checkResponse(t, "re-fetching uploaded manifest", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - dec = json.NewDecoder(resp.Body) - if err := dec.Decode(&fetchedManifestByDigest); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - // check only 1 signature is returned - signatures, err = fetchedManifestByDigest.Signatures() - if err != nil { - t.Fatal(err) - } - - if len(signatures) != 1 { - t.Fatalf("expected 2 signature from manifest, got: %d", len(signatures)) - } - - // Get by name with etag, gives 304 - etag := resp.Header.Get("Etag") - req, err := http.NewRequest("GET", manifestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching manifest by name with etag", resp, http.StatusNotModified) - - // Get by digest with etag, gives 304 - req, err = http.NewRequest("GET", manifestDigestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching manifest by dgst with etag", resp, http.StatusNotModified) - - // Ensure that the tag is listed. - resp, err = http.Get(tagsURL) - if err != nil { - t.Fatalf("unexpected error getting unknown tags: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "getting tags", resp, http.StatusOK) - dec = json.NewDecoder(resp.Body) - - var tagsResponse tagsAPIResponse - - if err := dec.Decode(&tagsResponse); err != nil { - t.Fatalf("unexpected error decoding error response: %v", err) - } - - if tagsResponse.Name != imageName.Name() { - t.Fatalf("tags name should match image name: %v != %v", tagsResponse.Name, imageName.Name()) - } - - if len(tagsResponse.Tags) != 1 { - t.Fatalf("expected some tags in response: %v", tagsResponse.Tags) - } - - if tagsResponse.Tags[0] != tag { - t.Fatalf("tag not as expected: %q != %q", tagsResponse.Tags[0], tag) - } - - // Attempt to put a manifest with mismatching FSLayer and History array cardinalities - - unsignedManifest.History = append(unsignedManifest.History, schema1.History{ - V1Compatibility: "", - }) - invalidSigned, err := schema1.Sign(unsignedManifest, env.pk) - if err != nil { - t.Fatalf("error signing manifest") - } - - resp = putManifest(t, "putting invalid signed manifest", manifestDigestURL, "", invalidSigned) - checkResponse(t, "putting invalid signed manifest", resp, http.StatusBadRequest) - - return args -} - -func testManifestAPISchema2(t *testing.T, env *testEnv, imageName reference.Named) manifestArgs { - tag := "schema2tag" - args := manifestArgs{ - imageName: imageName, - mediaType: schema2.MediaTypeManifest, - } - - tagRef, _ := reference.WithTag(imageName, tag) - manifestURL, err := env.builder.BuildManifestURL(tagRef) - if err != nil { - t.Fatalf("unexpected error getting manifest url: %v", err) - } - - // ----------------------------- - // Attempt to fetch the manifest - resp, err := http.Get(manifestURL) - if err != nil { - t.Fatalf("unexpected error getting manifest: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "getting non-existent manifest", resp, http.StatusNotFound) - checkBodyHasErrorCodes(t, "getting non-existent manifest", resp, v2.ErrorCodeManifestUnknown) - - tagsURL, err := env.builder.BuildTagsURL(imageName) - if err != nil { - t.Fatalf("unexpected error building tags url: %v", err) - } - - resp, err = http.Get(tagsURL) - if err != nil { - t.Fatalf("unexpected error getting unknown tags: %v", err) - } - defer resp.Body.Close() - - // Check that we get an unknown repository error when asking for tags - checkResponse(t, "getting unknown manifest tags", resp, http.StatusNotFound) - checkBodyHasErrorCodes(t, "getting unknown manifest tags", resp, v2.ErrorCodeNameUnknown) - - // -------------------------------- - // Attempt to push manifest with missing config and missing layers - manifest := &schema2.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 2, - MediaType: schema2.MediaTypeManifest, - }, - Config: distribution.Descriptor{ - Digest: "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b", - Size: 3253, - MediaType: schema2.MediaTypeConfig, - }, - Layers: []distribution.Descriptor{ - { - Digest: "sha256:463434349086340864309863409683460843608348608934092322395278926a", - Size: 6323, - MediaType: schema2.MediaTypeLayer, - }, - { - Digest: "sha256:630923423623623423352523525237238023652897356239852383652aaaaaaa", - Size: 6863, - MediaType: schema2.MediaTypeLayer, - }, - }, - } - - resp = putManifest(t, "putting missing config manifest", manifestURL, schema2.MediaTypeManifest, manifest) - defer resp.Body.Close() - checkResponse(t, "putting missing config manifest", resp, http.StatusBadRequest) - _, p, counts := checkBodyHasErrorCodes(t, "putting missing config manifest", resp, v2.ErrorCodeManifestBlobUnknown) - - expectedCounts := map[errcode.ErrorCode]int{ - v2.ErrorCodeManifestBlobUnknown: 3, - } - - if !reflect.DeepEqual(counts, expectedCounts) { - t.Fatalf("unexpected number of error codes encountered: %v\n!=\n%v\n---\n%s", counts, expectedCounts, string(p)) - } - - // Push a config, and reference it in the manifest - sampleConfig := []byte(`{ - "architecture": "amd64", - "history": [ - { - "created": "2015-10-31T22:22:54.690851953Z", - "created_by": "/bin/sh -c #(nop) ADD file:a3bc1e842b69636f9df5256c49c5374fb4eef1e281fe3f282c65fb853ee171c5 in /" - }, - { - "created": "2015-10-31T22:22:55.613815829Z", - "created_by": "/bin/sh -c #(nop) CMD [\"sh\"]" - } - ], - "rootfs": { - "diff_ids": [ - "sha256:c6f988f4874bb0add23a778f753c65efe992244e148a1d2ec2a8b664fb66bbd1", - "sha256:5f70bf18a086007016e948b04aed3b82103a36bea41755b6cddfaf10ace3c6ef" - ], - "type": "layers" - } - }`) - sampleConfigDigest := digest.FromBytes(sampleConfig) - - uploadURLBase, _ := startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, sampleConfigDigest, uploadURLBase, bytes.NewReader(sampleConfig)) - manifest.Config.Digest = sampleConfigDigest - manifest.Config.Size = int64(len(sampleConfig)) - - // The manifest should still be invalid, because its layer doesn't exist - resp = putManifest(t, "putting missing layer manifest", manifestURL, schema2.MediaTypeManifest, manifest) - defer resp.Body.Close() - checkResponse(t, "putting missing layer manifest", resp, http.StatusBadRequest) - _, p, counts = checkBodyHasErrorCodes(t, "getting unknown manifest tags", resp, v2.ErrorCodeManifestBlobUnknown) - - expectedCounts = map[errcode.ErrorCode]int{ - v2.ErrorCodeManifestBlobUnknown: 2, - } - - if !reflect.DeepEqual(counts, expectedCounts) { - t.Fatalf("unexpected number of error codes encountered: %v\n!=\n%v\n---\n%s", counts, expectedCounts, string(p)) - } - - // Push 2 random layers - expectedLayers := make(map[digest.Digest]io.ReadSeeker) - - for i := range manifest.Layers { - rs, dgstStr, err := testutil.CreateRandomTarFile() - - if err != nil { - t.Fatalf("error creating random layer %d: %v", i, err) - } - dgst := digest.Digest(dgstStr) - - expectedLayers[dgst] = rs - manifest.Layers[i].Digest = dgst - - uploadURLBase, _ := startPushLayer(t, env, imageName) - pushLayer(t, env.builder, imageName, dgst, uploadURLBase, rs) - } - - // ------------------- - // Push the manifest with all layers pushed. - deserializedManifest, err := schema2.FromStruct(*manifest) - if err != nil { - t.Fatalf("could not create DeserializedManifest: %v", err) - } - _, canonical, err := deserializedManifest.Payload() - if err != nil { - t.Fatalf("could not get manifest payload: %v", err) - } - dgst := digest.FromBytes(canonical) - args.dgst = dgst - args.manifest = deserializedManifest - - digestRef, _ := reference.WithDigest(imageName, dgst) - manifestDigestURL, err := env.builder.BuildManifestURL(digestRef) - checkErr(t, err, "building manifest url") - - resp = putManifest(t, "putting manifest no error", manifestURL, schema2.MediaTypeManifest, manifest) - checkResponse(t, "putting manifest no error", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // -------------------- - // Push by digest -- should get same result - resp = putManifest(t, "putting manifest by digest", manifestDigestURL, schema2.MediaTypeManifest, manifest) - checkResponse(t, "putting manifest by digest", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // ------------------ - // Fetch by tag name - req, err := http.NewRequest("GET", manifestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("Accept", schema2.MediaTypeManifest) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("unexpected error fetching manifest: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "fetching uploaded manifest", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - var fetchedManifest schema2.DeserializedManifest - dec := json.NewDecoder(resp.Body) - - if err := dec.Decode(&fetchedManifest); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - _, fetchedCanonical, err := fetchedManifest.Payload() - if err != nil { - t.Fatalf("error getting manifest payload: %v", err) - } - - if !bytes.Equal(fetchedCanonical, canonical) { - t.Fatalf("manifests do not match") - } - - // --------------- - // Fetch by digest - req, err = http.NewRequest("GET", manifestDigestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("Accept", schema2.MediaTypeManifest) - resp, err = http.DefaultClient.Do(req) - checkErr(t, err, "fetching manifest by digest") - defer resp.Body.Close() - - checkResponse(t, "fetching uploaded manifest", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - var fetchedManifestByDigest schema2.DeserializedManifest - dec = json.NewDecoder(resp.Body) - if err := dec.Decode(&fetchedManifestByDigest); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - _, fetchedCanonical, err = fetchedManifest.Payload() - if err != nil { - t.Fatalf("error getting manifest payload: %v", err) - } - - if !bytes.Equal(fetchedCanonical, canonical) { - t.Fatalf("manifests do not match") - } - - // Get by name with etag, gives 304 - etag := resp.Header.Get("Etag") - req, err = http.NewRequest("GET", manifestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching manifest by name with etag", resp, http.StatusNotModified) - - // Get by digest with etag, gives 304 - req, err = http.NewRequest("GET", manifestDigestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching manifest by dgst with etag", resp, http.StatusNotModified) - - // Ensure that the tag is listed. - resp, err = http.Get(tagsURL) - if err != nil { - t.Fatalf("unexpected error getting unknown tags: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "getting unknown manifest tags", resp, http.StatusOK) - dec = json.NewDecoder(resp.Body) - - var tagsResponse tagsAPIResponse - - if err := dec.Decode(&tagsResponse); err != nil { - t.Fatalf("unexpected error decoding error response: %v", err) - } - - if tagsResponse.Name != imageName.Name() { - t.Fatalf("tags name should match image name: %v != %v", tagsResponse.Name, imageName) - } - - if len(tagsResponse.Tags) != 1 { - t.Fatalf("expected some tags in response: %v", tagsResponse.Tags) - } - - if tagsResponse.Tags[0] != tag { - t.Fatalf("tag not as expected: %q != %q", tagsResponse.Tags[0], tag) - } - - // ------------------ - // Fetch as a schema1 manifest - resp, err = http.Get(manifestURL) - if err != nil { - t.Fatalf("unexpected error fetching manifest as schema1: %v", err) - } - defer resp.Body.Close() - - manifestBytes, err := ioutil.ReadAll(resp.Body) - if err != nil { - t.Fatalf("error reading response body: %v", err) - } - - checkResponse(t, "fetching uploaded manifest as schema1", resp, http.StatusOK) - - m, desc, err := distribution.UnmarshalManifest(schema1.MediaTypeManifest, manifestBytes) - if err != nil { - t.Fatalf("unexpected error unmarshalling manifest: %v", err) - } - - fetchedSchema1Manifest, ok := m.(*schema1.SignedManifest) - if !ok { - t.Fatalf("expecting schema1 manifest") - } - - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{desc.Digest.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, desc.Digest)}, - }) - - if fetchedSchema1Manifest.Manifest.SchemaVersion != 1 { - t.Fatal("wrong schema version") - } - if fetchedSchema1Manifest.Architecture != "amd64" { - t.Fatal("wrong architecture") - } - if fetchedSchema1Manifest.Name != imageName.Name() { - t.Fatal("wrong image name") - } - if fetchedSchema1Manifest.Tag != tag { - t.Fatal("wrong tag") - } - if len(fetchedSchema1Manifest.FSLayers) != 2 { - t.Fatal("wrong number of FSLayers") - } - for i := range manifest.Layers { - if fetchedSchema1Manifest.FSLayers[i].BlobSum != manifest.Layers[len(manifest.Layers)-i-1].Digest { - t.Fatalf("blob digest mismatch in schema1 manifest for layer %d", i) - } - } - if len(fetchedSchema1Manifest.History) != 2 { - t.Fatal("wrong number of History entries") - } - - // Don't check V1Compatibility fields because we're using randomly-generated - // layers. - - return args -} - -func testManifestAPIManifestList(t *testing.T, env *testEnv, args manifestArgs) { - imageName := args.imageName - tag := "manifestlisttag" - - tagRef, _ := reference.WithTag(imageName, tag) - manifestURL, err := env.builder.BuildManifestURL(tagRef) - if err != nil { - t.Fatalf("unexpected error getting manifest url: %v", err) - } - - // -------------------------------- - // Attempt to push manifest list that refers to an unknown manifest - manifestList := &manifestlist.ManifestList{ - Versioned: manifest.Versioned{ - SchemaVersion: 2, - MediaType: manifestlist.MediaTypeManifestList, - }, - Manifests: []manifestlist.ManifestDescriptor{ - { - Descriptor: distribution.Descriptor{ - Digest: "sha256:1a9ec845ee94c202b2d5da74a24f0ed2058318bfa9879fa541efaecba272e86b", - Size: 3253, - MediaType: schema2.MediaTypeManifest, - }, - Platform: manifestlist.PlatformSpec{ - Architecture: "amd64", - OS: "linux", - }, - }, - }, - } - - resp := putManifest(t, "putting missing manifest manifestlist", manifestURL, manifestlist.MediaTypeManifestList, manifestList) - defer resp.Body.Close() - checkResponse(t, "putting missing manifest manifestlist", resp, http.StatusBadRequest) - _, p, counts := checkBodyHasErrorCodes(t, "putting missing manifest manifestlist", resp, v2.ErrorCodeManifestBlobUnknown) - - expectedCounts := map[errcode.ErrorCode]int{ - v2.ErrorCodeManifestBlobUnknown: 1, - } - - if !reflect.DeepEqual(counts, expectedCounts) { - t.Fatalf("unexpected number of error codes encountered: %v\n!=\n%v\n---\n%s", counts, expectedCounts, string(p)) - } - - // ------------------- - // Push a manifest list that references an actual manifest - manifestList.Manifests[0].Digest = args.dgst - deserializedManifestList, err := manifestlist.FromDescriptors(manifestList.Manifests) - if err != nil { - t.Fatalf("could not create DeserializedManifestList: %v", err) - } - _, canonical, err := deserializedManifestList.Payload() - if err != nil { - t.Fatalf("could not get manifest list payload: %v", err) - } - dgst := digest.FromBytes(canonical) - - digestRef, _ := reference.WithDigest(imageName, dgst) - manifestDigestURL, err := env.builder.BuildManifestURL(digestRef) - checkErr(t, err, "building manifest url") - - resp = putManifest(t, "putting manifest list no error", manifestURL, manifestlist.MediaTypeManifestList, deserializedManifestList) - checkResponse(t, "putting manifest list no error", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // -------------------- - // Push by digest -- should get same result - resp = putManifest(t, "putting manifest list by digest", manifestDigestURL, manifestlist.MediaTypeManifestList, deserializedManifestList) - checkResponse(t, "putting manifest list by digest", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // ------------------ - // Fetch by tag name - req, err := http.NewRequest("GET", manifestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - // multiple headers in mixed list format to ensure we parse correctly server-side - req.Header.Set("Accept", fmt.Sprintf(` %s ; q=0.8 , %s ; q=0.5 `, manifestlist.MediaTypeManifestList, schema1.MediaTypeSignedManifest)) - req.Header.Add("Accept", schema2.MediaTypeManifest) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("unexpected error fetching manifest list: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "fetching uploaded manifest list", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - var fetchedManifestList manifestlist.DeserializedManifestList - dec := json.NewDecoder(resp.Body) - - if err := dec.Decode(&fetchedManifestList); err != nil { - t.Fatalf("error decoding fetched manifest list: %v", err) - } - - _, fetchedCanonical, err := fetchedManifestList.Payload() - if err != nil { - t.Fatalf("error getting manifest list payload: %v", err) - } - - if !bytes.Equal(fetchedCanonical, canonical) { - t.Fatalf("manifest lists do not match") - } - - // --------------- - // Fetch by digest - req, err = http.NewRequest("GET", manifestDigestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("Accept", manifestlist.MediaTypeManifestList) - resp, err = http.DefaultClient.Do(req) - checkErr(t, err, "fetching manifest list by digest") - defer resp.Body.Close() - - checkResponse(t, "fetching uploaded manifest list", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, dgst)}, - }) - - var fetchedManifestListByDigest manifestlist.DeserializedManifestList - dec = json.NewDecoder(resp.Body) - if err := dec.Decode(&fetchedManifestListByDigest); err != nil { - t.Fatalf("error decoding fetched manifest: %v", err) - } - - _, fetchedCanonical, err = fetchedManifestListByDigest.Payload() - if err != nil { - t.Fatalf("error getting manifest list payload: %v", err) - } - - if !bytes.Equal(fetchedCanonical, canonical) { - t.Fatalf("manifests do not match") - } - - // Get by name with etag, gives 304 - etag := resp.Header.Get("Etag") - req, err = http.NewRequest("GET", manifestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching manifest by name with etag", resp, http.StatusNotModified) - - // Get by digest with etag, gives 304 - req, err = http.NewRequest("GET", manifestDigestURL, nil) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - req.Header.Set("If-None-Match", etag) - resp, err = http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("Error constructing request: %s", err) - } - - checkResponse(t, "fetching manifest by dgst with etag", resp, http.StatusNotModified) - - // ------------------ - // Fetch as a schema1 manifest - resp, err = http.Get(manifestURL) - if err != nil { - t.Fatalf("unexpected error fetching manifest list as schema1: %v", err) - } - defer resp.Body.Close() - - manifestBytes, err := ioutil.ReadAll(resp.Body) - if err != nil { - t.Fatalf("error reading response body: %v", err) - } - - checkResponse(t, "fetching uploaded manifest list as schema1", resp, http.StatusOK) - - m, desc, err := distribution.UnmarshalManifest(schema1.MediaTypeManifest, manifestBytes) - if err != nil { - t.Fatalf("unexpected error unmarshalling manifest: %v", err) - } - - fetchedSchema1Manifest, ok := m.(*schema1.SignedManifest) - if !ok { - t.Fatalf("expecting schema1 manifest") - } - - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{desc.Digest.String()}, - "ETag": []string{fmt.Sprintf(`"%s"`, desc.Digest)}, - }) - - if fetchedSchema1Manifest.Manifest.SchemaVersion != 1 { - t.Fatal("wrong schema version") - } - if fetchedSchema1Manifest.Architecture != "amd64" { - t.Fatal("wrong architecture") - } - if fetchedSchema1Manifest.Name != imageName.Name() { - t.Fatal("wrong image name") - } - if fetchedSchema1Manifest.Tag != tag { - t.Fatal("wrong tag") - } - if len(fetchedSchema1Manifest.FSLayers) != 2 { - t.Fatal("wrong number of FSLayers") - } - layers := args.manifest.(*schema2.DeserializedManifest).Layers - for i := range layers { - if fetchedSchema1Manifest.FSLayers[i].BlobSum != layers[len(layers)-i-1].Digest { - t.Fatalf("blob digest mismatch in schema1 manifest for layer %d", i) - } - } - if len(fetchedSchema1Manifest.History) != 2 { - t.Fatal("wrong number of History entries") - } - - // Don't check V1Compatibility fields because we're using randomly-generated - // layers. -} - -func testManifestDelete(t *testing.T, env *testEnv, args manifestArgs) { - imageName := args.imageName - dgst := args.dgst - manifest := args.manifest - - ref, _ := reference.WithDigest(imageName, dgst) - manifestDigestURL, err := env.builder.BuildManifestURL(ref) - // --------------- - // Delete by digest - resp, err := httpDelete(manifestDigestURL) - checkErr(t, err, "deleting manifest by digest") - - checkResponse(t, "deleting manifest", resp, http.StatusAccepted) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{"0"}, - }) - - // --------------- - // Attempt to fetch deleted manifest - resp, err = http.Get(manifestDigestURL) - checkErr(t, err, "fetching deleted manifest by digest") - defer resp.Body.Close() - - checkResponse(t, "fetching deleted manifest", resp, http.StatusNotFound) - - // --------------- - // Delete already deleted manifest by digest - resp, err = httpDelete(manifestDigestURL) - checkErr(t, err, "re-deleting manifest by digest") - - checkResponse(t, "re-deleting manifest", resp, http.StatusNotFound) - - // -------------------- - // Re-upload manifest by digest - resp = putManifest(t, "putting manifest", manifestDigestURL, args.mediaType, manifest) - checkResponse(t, "putting manifest", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // --------------- - // Attempt to fetch re-uploaded deleted digest - resp, err = http.Get(manifestDigestURL) - checkErr(t, err, "fetching re-uploaded manifest by digest") - defer resp.Body.Close() - - checkResponse(t, "fetching re-uploaded manifest", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // --------------- - // Attempt to delete an unknown manifest - unknownDigest := digest.Digest("sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") - unknownRef, _ := reference.WithDigest(imageName, unknownDigest) - unknownManifestDigestURL, err := env.builder.BuildManifestURL(unknownRef) - checkErr(t, err, "building unknown manifest url") - - resp, err = httpDelete(unknownManifestDigestURL) - checkErr(t, err, "delting unknown manifest by digest") - checkResponse(t, "fetching deleted manifest", resp, http.StatusNotFound) - - // -------------------- - // Upload manifest by tag - tag := "atag" - tagRef, _ := reference.WithTag(imageName, tag) - manifestTagURL, err := env.builder.BuildManifestURL(tagRef) - resp = putManifest(t, "putting manifest by tag", manifestTagURL, args.mediaType, manifest) - checkResponse(t, "putting manifest by tag", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{manifestDigestURL}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - tagsURL, err := env.builder.BuildTagsURL(imageName) - if err != nil { - t.Fatalf("unexpected error building tags url: %v", err) - } - - // Ensure that the tag is listed. - resp, err = http.Get(tagsURL) - if err != nil { - t.Fatalf("unexpected error getting unknown tags: %v", err) - } - defer resp.Body.Close() - - dec := json.NewDecoder(resp.Body) - var tagsResponse tagsAPIResponse - if err := dec.Decode(&tagsResponse); err != nil { - t.Fatalf("unexpected error decoding error response: %v", err) - } - - if tagsResponse.Name != imageName.Name() { - t.Fatalf("tags name should match image name: %v != %v", tagsResponse.Name, imageName) - } - - if len(tagsResponse.Tags) != 1 { - t.Fatalf("expected some tags in response: %v", tagsResponse.Tags) - } - - if tagsResponse.Tags[0] != tag { - t.Fatalf("tag not as expected: %q != %q", tagsResponse.Tags[0], tag) - } - - // --------------- - // Delete by digest - resp, err = httpDelete(manifestDigestURL) - checkErr(t, err, "deleting manifest by digest") - - checkResponse(t, "deleting manifest with tag", resp, http.StatusAccepted) - checkHeaders(t, resp, http.Header{ - "Content-Length": []string{"0"}, - }) - - // Ensure that the tag is not listed. - resp, err = http.Get(tagsURL) - if err != nil { - t.Fatalf("unexpected error getting unknown tags: %v", err) - } - defer resp.Body.Close() - - dec = json.NewDecoder(resp.Body) - if err := dec.Decode(&tagsResponse); err != nil { - t.Fatalf("unexpected error decoding error response: %v", err) - } - - if tagsResponse.Name != imageName.Name() { - t.Fatalf("tags name should match image name: %v != %v", tagsResponse.Name, imageName) - } - - if len(tagsResponse.Tags) != 0 { - t.Fatalf("expected 0 tags in response: %v", tagsResponse.Tags) - } - -} - -type testEnv struct { - pk libtrust.PrivateKey - ctx context.Context - config configuration.Configuration - app *App - server *httptest.Server - builder *v2.URLBuilder -} - -func newTestEnvMirror(t *testing.T, deleteEnabled bool) *testEnv { - config := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": configuration.Parameters{}, - "delete": configuration.Parameters{"enabled": deleteEnabled}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - Proxy: configuration.Proxy{ - RemoteURL: "http://example.com", - }, - } - - return newTestEnvWithConfig(t, &config) - -} - -func newTestEnv(t *testing.T, deleteEnabled bool) *testEnv { - config := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": configuration.Parameters{}, - "delete": configuration.Parameters{"enabled": deleteEnabled}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - } - - config.HTTP.Headers = headerConfig - - return newTestEnvWithConfig(t, &config) -} - -func newTestEnvWithConfig(t *testing.T, config *configuration.Configuration) *testEnv { - ctx := context.Background() - - app := NewApp(ctx, config) - server := httptest.NewServer(handlers.CombinedLoggingHandler(os.Stderr, app)) - builder, err := v2.NewURLBuilderFromString(server.URL+config.HTTP.Prefix, false) - - if err != nil { - t.Fatalf("error creating url builder: %v", err) - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key: %v", err) - } - - return &testEnv{ - pk: pk, - ctx: ctx, - config: *config, - app: app, - server: server, - builder: builder, - } -} - -func (t *testEnv) Shutdown() { - t.server.CloseClientConnections() - t.server.Close() -} - -func putManifest(t *testing.T, msg, url, contentType string, v interface{}) *http.Response { - var body []byte - - switch m := v.(type) { - case *schema1.SignedManifest: - _, pl, err := m.Payload() - if err != nil { - t.Fatalf("error getting payload: %v", err) - } - body = pl - case *manifestlist.DeserializedManifestList: - _, pl, err := m.Payload() - if err != nil { - t.Fatalf("error getting payload: %v", err) - } - body = pl - default: - var err error - body, err = json.MarshalIndent(v, "", " ") - if err != nil { - t.Fatalf("unexpected error marshaling %v: %v", v, err) - } - } - - req, err := http.NewRequest("PUT", url, bytes.NewReader(body)) - if err != nil { - t.Fatalf("error creating request for %s: %v", msg, err) - } - - if contentType != "" { - req.Header.Set("Content-Type", contentType) - } - - resp, err := http.DefaultClient.Do(req) - if err != nil { - t.Fatalf("error doing put request while %s: %v", msg, err) - } - - return resp -} - -func startPushLayer(t *testing.T, env *testEnv, name reference.Named) (location string, uuid string) { - layerUploadURL, err := env.builder.BuildBlobUploadURL(name) - if err != nil { - t.Fatalf("unexpected error building layer upload url: %v", err) - } - - u, err := url.Parse(layerUploadURL) - if err != nil { - t.Fatalf("error parsing layer upload URL: %v", err) - } - - base, err := url.Parse(env.server.URL) - if err != nil { - t.Fatalf("error parsing server URL: %v", err) - } - - layerUploadURL = base.ResolveReference(u).String() - resp, err := http.Post(layerUploadURL, "", nil) - if err != nil { - t.Fatalf("unexpected error starting layer push: %v", err) - } - - defer resp.Body.Close() - - checkResponse(t, fmt.Sprintf("pushing starting layer push %v", name.String()), resp, http.StatusAccepted) - - u, err = url.Parse(resp.Header.Get("Location")) - if err != nil { - t.Fatalf("error parsing location header: %v", err) - } - - uuid = path.Base(u.Path) - checkHeaders(t, resp, http.Header{ - "Location": []string{"*"}, - "Content-Length": []string{"0"}, - "Docker-Upload-UUID": []string{uuid}, - }) - - return resp.Header.Get("Location"), uuid -} - -// doPushLayer pushes the layer content returning the url on success returning -// the response. If you're only expecting a successful response, use pushLayer. -func doPushLayer(t *testing.T, ub *v2.URLBuilder, name reference.Named, dgst digest.Digest, uploadURLBase string, body io.Reader) (*http.Response, error) { - u, err := url.Parse(uploadURLBase) - if err != nil { - t.Fatalf("unexpected error parsing pushLayer url: %v", err) - } - - u.RawQuery = url.Values{ - "_state": u.Query()["_state"], - "digest": []string{dgst.String()}, - }.Encode() - - uploadURL := u.String() - - // Just do a monolithic upload - req, err := http.NewRequest("PUT", uploadURL, body) - if err != nil { - t.Fatalf("unexpected error creating new request: %v", err) - } - - return http.DefaultClient.Do(req) -} - -// pushLayer pushes the layer content returning the url on success. -func pushLayer(t *testing.T, ub *v2.URLBuilder, name reference.Named, dgst digest.Digest, uploadURLBase string, body io.Reader) string { - digester := digest.Canonical.New() - - resp, err := doPushLayer(t, ub, name, dgst, uploadURLBase, io.TeeReader(body, digester.Hash())) - if err != nil { - t.Fatalf("unexpected error doing push layer request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "putting monolithic chunk", resp, http.StatusCreated) - - if err != nil { - t.Fatalf("error generating sha256 digest of body") - } - - sha256Dgst := digester.Digest() - - ref, _ := reference.WithDigest(name, sha256Dgst) - expectedLayerURL, err := ub.BuildBlobURL(ref) - if err != nil { - t.Fatalf("error building expected layer url: %v", err) - } - - checkHeaders(t, resp, http.Header{ - "Location": []string{expectedLayerURL}, - "Content-Length": []string{"0"}, - "Docker-Content-Digest": []string{sha256Dgst.String()}, - }) - - return resp.Header.Get("Location") -} - -func finishUpload(t *testing.T, ub *v2.URLBuilder, name reference.Named, uploadURLBase string, dgst digest.Digest) string { - resp, err := doPushLayer(t, ub, name, dgst, uploadURLBase, nil) - if err != nil { - t.Fatalf("unexpected error doing push layer request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "putting monolithic chunk", resp, http.StatusCreated) - - ref, _ := reference.WithDigest(name, dgst) - expectedLayerURL, err := ub.BuildBlobURL(ref) - if err != nil { - t.Fatalf("error building expected layer url: %v", err) - } - - checkHeaders(t, resp, http.Header{ - "Location": []string{expectedLayerURL}, - "Content-Length": []string{"0"}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - - return resp.Header.Get("Location") -} - -func doPushChunk(t *testing.T, uploadURLBase string, body io.Reader) (*http.Response, digest.Digest, error) { - u, err := url.Parse(uploadURLBase) - if err != nil { - t.Fatalf("unexpected error parsing pushLayer url: %v", err) - } - - u.RawQuery = url.Values{ - "_state": u.Query()["_state"], - }.Encode() - - uploadURL := u.String() - - digester := digest.Canonical.New() - - req, err := http.NewRequest("PATCH", uploadURL, io.TeeReader(body, digester.Hash())) - if err != nil { - t.Fatalf("unexpected error creating new request: %v", err) - } - req.Header.Set("Content-Type", "application/octet-stream") - - resp, err := http.DefaultClient.Do(req) - - return resp, digester.Digest(), err -} - -func pushChunk(t *testing.T, ub *v2.URLBuilder, name reference.Named, uploadURLBase string, body io.Reader, length int64) (string, digest.Digest) { - resp, dgst, err := doPushChunk(t, uploadURLBase, body) - if err != nil { - t.Fatalf("unexpected error doing push layer request: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, "putting chunk", resp, http.StatusAccepted) - - if err != nil { - t.Fatalf("error generating sha256 digest of body") - } - - checkHeaders(t, resp, http.Header{ - "Range": []string{fmt.Sprintf("0-%d", length-1)}, - "Content-Length": []string{"0"}, - }) - - return resp.Header.Get("Location"), dgst -} - -func checkResponse(t *testing.T, msg string, resp *http.Response, expectedStatus int) { - if resp.StatusCode != expectedStatus { - t.Logf("unexpected status %s: %v != %v", msg, resp.StatusCode, expectedStatus) - maybeDumpResponse(t, resp) - - t.FailNow() - } - - // We expect the headers included in the configuration, unless the - // status code is 405 (Method Not Allowed), which means the handler - // doesn't even get called. - if resp.StatusCode != 405 && !reflect.DeepEqual(resp.Header["X-Content-Type-Options"], []string{"nosniff"}) { - t.Logf("missing or incorrect header X-Content-Type-Options %s", msg) - maybeDumpResponse(t, resp) - - t.FailNow() - } -} - -// checkBodyHasErrorCodes ensures the body is an error body and has the -// expected error codes, returning the error structure, the json slice and a -// count of the errors by code. -func checkBodyHasErrorCodes(t *testing.T, msg string, resp *http.Response, errorCodes ...errcode.ErrorCode) (errcode.Errors, []byte, map[errcode.ErrorCode]int) { - p, err := ioutil.ReadAll(resp.Body) - if err != nil { - t.Fatalf("unexpected error reading body %s: %v", msg, err) - } - - var errs errcode.Errors - if err := json.Unmarshal(p, &errs); err != nil { - t.Fatalf("unexpected error decoding error response: %v", err) - } - - if len(errs) == 0 { - t.Fatalf("expected errors in response") - } - - // TODO(stevvooe): Shoot. The error setup is not working out. The content- - // type headers are being set after writing the status code. - // if resp.Header.Get("Content-Type") != "application/json; charset=utf-8" { - // t.Fatalf("unexpected content type: %v != 'application/json'", - // resp.Header.Get("Content-Type")) - // } - - expected := map[errcode.ErrorCode]struct{}{} - counts := map[errcode.ErrorCode]int{} - - // Initialize map with zeros for expected - for _, code := range errorCodes { - expected[code] = struct{}{} - counts[code] = 0 - } - - for _, e := range errs { - err, ok := e.(errcode.ErrorCoder) - if !ok { - t.Fatalf("not an ErrorCoder: %#v", e) - } - if _, ok := expected[err.ErrorCode()]; !ok { - t.Fatalf("unexpected error code %v encountered during %s: %s ", err.ErrorCode(), msg, string(p)) - } - counts[err.ErrorCode()]++ - } - - // Ensure that counts of expected errors were all non-zero - for code := range expected { - if counts[code] == 0 { - t.Fatalf("expected error code %v not encounterd during %s: %s", code, msg, string(p)) - } - } - - return errs, p, counts -} - -func maybeDumpResponse(t *testing.T, resp *http.Response) { - if d, err := httputil.DumpResponse(resp, true); err != nil { - t.Logf("error dumping response: %v", err) - } else { - t.Logf("response:\n%s", string(d)) - } -} - -// matchHeaders checks that the response has at least the headers. If not, the -// test will fail. If a passed in header value is "*", any non-zero value will -// suffice as a match. -func checkHeaders(t *testing.T, resp *http.Response, headers http.Header) { - for k, vs := range headers { - if resp.Header.Get(k) == "" { - t.Fatalf("response missing header %q", k) - } - - for _, v := range vs { - if v == "*" { - // Just ensure there is some value. - if len(resp.Header[http.CanonicalHeaderKey(k)]) > 0 { - continue - } - } - - for _, hv := range resp.Header[http.CanonicalHeaderKey(k)] { - if hv != v { - t.Fatalf("%+v %v header value not matched in response: %q != %q", resp.Header, k, hv, v) - } - } - } - } -} - -func checkErr(t *testing.T, err error, msg string) { - if err != nil { - t.Fatalf("unexpected error %s: %v", msg, err) - } -} - -func createRepository(env *testEnv, t *testing.T, imageName string, tag string) digest.Digest { - imageNameRef, err := reference.ParseNamed(imageName) - if err != nil { - t.Fatalf("unable to parse reference: %v", err) - } - - unsignedManifest := &schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: imageName, - Tag: tag, - FSLayers: []schema1.FSLayer{ - { - BlobSum: "asdf", - }, - }, - History: []schema1.History{ - { - V1Compatibility: "", - }, - }, - } - - // Push 2 random layers - expectedLayers := make(map[digest.Digest]io.ReadSeeker) - - for i := range unsignedManifest.FSLayers { - rs, dgstStr, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating random layer %d: %v", i, err) - } - dgst := digest.Digest(dgstStr) - - expectedLayers[dgst] = rs - unsignedManifest.FSLayers[i].BlobSum = dgst - uploadURLBase, _ := startPushLayer(t, env, imageNameRef) - pushLayer(t, env.builder, imageNameRef, dgst, uploadURLBase, rs) - } - - signedManifest, err := schema1.Sign(unsignedManifest, env.pk) - if err != nil { - t.Fatalf("unexpected error signing manifest: %v", err) - } - - dgst := digest.FromBytes(signedManifest.Canonical) - - // Create this repository by tag to ensure the tag mapping is made in the registry - tagRef, _ := reference.WithTag(imageNameRef, tag) - manifestDigestURL, err := env.builder.BuildManifestURL(tagRef) - checkErr(t, err, "building manifest url") - - digestRef, _ := reference.WithDigest(imageNameRef, dgst) - location, err := env.builder.BuildManifestURL(digestRef) - checkErr(t, err, "building location URL") - - resp := putManifest(t, "putting signed manifest", manifestDigestURL, "", signedManifest) - checkResponse(t, "putting signed manifest", resp, http.StatusCreated) - checkHeaders(t, resp, http.Header{ - "Location": []string{location}, - "Docker-Content-Digest": []string{dgst.String()}, - }) - return dgst -} - -// Test mutation operations on a registry configured as a cache. Ensure that they return -// appropriate errors. -func TestRegistryAsCacheMutationAPIs(t *testing.T) { - deleteEnabled := true - env := newTestEnvMirror(t, deleteEnabled) - defer env.Shutdown() - - imageName, _ := reference.ParseNamed("foo/bar") - tag := "latest" - tagRef, _ := reference.WithTag(imageName, tag) - manifestURL, err := env.builder.BuildManifestURL(tagRef) - if err != nil { - t.Fatalf("unexpected error building base url: %v", err) - } - - // Manifest upload - m := &schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: imageName.Name(), - Tag: tag, - FSLayers: []schema1.FSLayer{}, - History: []schema1.History{}, - } - - sm, err := schema1.Sign(m, env.pk) - if err != nil { - t.Fatalf("error signing manifest: %v", err) - } - - resp := putManifest(t, "putting unsigned manifest", manifestURL, "", sm) - checkResponse(t, "putting signed manifest to cache", resp, errcode.ErrorCodeUnsupported.Descriptor().HTTPStatusCode) - - // Manifest Delete - resp, err = httpDelete(manifestURL) - checkResponse(t, "deleting signed manifest from cache", resp, errcode.ErrorCodeUnsupported.Descriptor().HTTPStatusCode) - - // Blob upload initialization - layerUploadURL, err := env.builder.BuildBlobUploadURL(imageName) - if err != nil { - t.Fatalf("unexpected error building layer upload url: %v", err) - } - - resp, err = http.Post(layerUploadURL, "", nil) - if err != nil { - t.Fatalf("unexpected error starting layer push: %v", err) - } - defer resp.Body.Close() - - checkResponse(t, fmt.Sprintf("starting layer push to cache %v", imageName), resp, errcode.ErrorCodeUnsupported.Descriptor().HTTPStatusCode) - - // Blob Delete - ref, _ := reference.WithDigest(imageName, digest.DigestSha256EmptyTar) - blobURL, err := env.builder.BuildBlobURL(ref) - resp, err = httpDelete(blobURL) - checkResponse(t, "deleting blob from cache", resp, errcode.ErrorCodeUnsupported.Descriptor().HTTPStatusCode) - -} - -// TestCheckContextNotifier makes sure the API endpoints get a ResponseWriter -// that implements http.ContextNotifier. -func TestCheckContextNotifier(t *testing.T) { - env := newTestEnv(t, false) - defer env.Shutdown() - - // Register a new endpoint for testing - env.app.router.Handle("/unittest/{name}/", env.app.dispatcher(func(ctx *Context, r *http.Request) http.Handler { - return handlers.MethodHandler{ - "GET": http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if _, ok := w.(http.CloseNotifier); !ok { - t.Fatal("could not cast ResponseWriter to CloseNotifier") - } - w.WriteHeader(200) - }), - } - })) - - resp, err := http.Get(env.server.URL + "/unittest/reponame/") - if err != nil { - t.Fatalf("unexpected error issuing request: %v", err) - } - defer resp.Body.Close() - - if resp.StatusCode != 200 { - t.Fatalf("wrong status code - expected 200, got %d", resp.StatusCode) - } -} - -func TestProxyManifestGetByTag(t *testing.T) { - truthConfig := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": configuration.Parameters{}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - } - truthConfig.HTTP.Headers = headerConfig - - imageName, _ := reference.ParseNamed("foo/bar") - tag := "latest" - - truthEnv := newTestEnvWithConfig(t, &truthConfig) - defer truthEnv.Shutdown() - // create a repository in the truth registry - dgst := createRepository(truthEnv, t, imageName.Name(), tag) - - proxyConfig := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": configuration.Parameters{}, - }, - Proxy: configuration.Proxy{ - RemoteURL: truthEnv.server.URL, - }, - } - proxyConfig.HTTP.Headers = headerConfig - - proxyEnv := newTestEnvWithConfig(t, &proxyConfig) - defer proxyEnv.Shutdown() - - digestRef, _ := reference.WithDigest(imageName, dgst) - manifestDigestURL, err := proxyEnv.builder.BuildManifestURL(digestRef) - checkErr(t, err, "building manifest url") - - resp, err := http.Get(manifestDigestURL) - checkErr(t, err, "fetching manifest from proxy by digest") - defer resp.Body.Close() - - tagRef, _ := reference.WithTag(imageName, tag) - manifestTagURL, err := proxyEnv.builder.BuildManifestURL(tagRef) - checkErr(t, err, "building manifest url") - - resp, err = http.Get(manifestTagURL) - checkErr(t, err, "fetching manifest from proxy by tag") - defer resp.Body.Close() - checkResponse(t, "fetching manifest from proxy by tag", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{dgst.String()}, - }) - - // Create another manifest in the remote with the same image/tag pair - newDigest := createRepository(truthEnv, t, imageName.Name(), tag) - if dgst == newDigest { - t.Fatalf("non-random test data") - } - - // fetch it with the same proxy URL as before. Ensure the updated content is at the same tag - resp, err = http.Get(manifestTagURL) - checkErr(t, err, "fetching manifest from proxy by tag") - defer resp.Body.Close() - checkResponse(t, "fetching manifest from proxy by tag", resp, http.StatusOK) - checkHeaders(t, resp, http.Header{ - "Docker-Content-Digest": []string{newDigest.String()}, - }) -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/app.go b/vendor/github.com/docker/distribution/registry/handlers/app.go deleted file mode 100644 index 0f30603f..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/app.go +++ /dev/null @@ -1,1046 +0,0 @@ -package handlers - -import ( - cryptorand "crypto/rand" - "expvar" - "fmt" - "math/rand" - "net" - "net/http" - "net/url" - "os" - "regexp" - "runtime" - "strings" - "time" - - log "github.com/Sirupsen/logrus" - "github.com/docker/distribution" - "github.com/docker/distribution/configuration" - ctxu "github.com/docker/distribution/context" - "github.com/docker/distribution/health" - "github.com/docker/distribution/health/checks" - "github.com/docker/distribution/notifications" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/registry/auth" - registrymiddleware "github.com/docker/distribution/registry/middleware/registry" - repositorymiddleware "github.com/docker/distribution/registry/middleware/repository" - "github.com/docker/distribution/registry/proxy" - "github.com/docker/distribution/registry/storage" - memorycache "github.com/docker/distribution/registry/storage/cache/memory" - rediscache "github.com/docker/distribution/registry/storage/cache/redis" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/factory" - storagemiddleware "github.com/docker/distribution/registry/storage/driver/middleware" - "github.com/docker/distribution/version" - "github.com/docker/libtrust" - "github.com/garyburd/redigo/redis" - "github.com/gorilla/mux" - "golang.org/x/net/context" -) - -// randomSecretSize is the number of random bytes to generate if no secret -// was specified. -const randomSecretSize = 32 - -// defaultCheckInterval is the default time in between health checks -const defaultCheckInterval = 10 * time.Second - -// App is a global registry application object. Shared resources can be placed -// on this object that will be accessible from all requests. Any writable -// fields should be protected. -type App struct { - context.Context - - Config *configuration.Configuration - - router *mux.Router // main application router, configured with dispatchers - driver storagedriver.StorageDriver // driver maintains the app global storage driver instance. - registry distribution.Namespace // registry is the primary registry backend for the app instance. - accessController auth.AccessController // main access controller for application - - // httpHost is a parsed representation of the http.host parameter from - // the configuration. Only the Scheme and Host fields are used. - httpHost url.URL - - // events contains notification related configuration. - events struct { - sink notifications.Sink - source notifications.SourceRecord - } - - redis *redis.Pool - - // trustKey is a deprecated key used to sign manifests converted to - // schema1 for backward compatibility. It should not be used for any - // other purposes. - trustKey libtrust.PrivateKey - - // isCache is true if this registry is configured as a pull through cache - isCache bool - - // readOnly is true if the registry is in a read-only maintenance mode - readOnly bool -} - -// NewApp takes a configuration and returns a configured app, ready to serve -// requests. The app only implements ServeHTTP and can be wrapped in other -// handlers accordingly. -func NewApp(ctx context.Context, config *configuration.Configuration) *App { - app := &App{ - Config: config, - Context: ctx, - router: v2.RouterWithPrefix(config.HTTP.Prefix), - isCache: config.Proxy.RemoteURL != "", - } - - // Register the handler dispatchers. - app.register(v2.RouteNameBase, func(ctx *Context, r *http.Request) http.Handler { - return http.HandlerFunc(apiBase) - }) - app.register(v2.RouteNameManifest, imageManifestDispatcher) - app.register(v2.RouteNameCatalog, catalogDispatcher) - app.register(v2.RouteNameTags, tagsDispatcher) - app.register(v2.RouteNameBlob, blobDispatcher) - app.register(v2.RouteNameBlobUpload, blobUploadDispatcher) - app.register(v2.RouteNameBlobUploadChunk, blobUploadDispatcher) - - // override the storage driver's UA string for registry outbound HTTP requests - storageParams := config.Storage.Parameters() - if storageParams == nil { - storageParams = make(configuration.Parameters) - } - storageParams["useragent"] = fmt.Sprintf("docker-distribution/%s %s", version.Version, runtime.Version()) - - var err error - app.driver, err = factory.Create(config.Storage.Type(), storageParams) - if err != nil { - // TODO(stevvooe): Move the creation of a service into a protected - // method, where this is created lazily. Its status can be queried via - // a health check. - panic(err) - } - - purgeConfig := uploadPurgeDefaultConfig() - if mc, ok := config.Storage["maintenance"]; ok { - if v, ok := mc["uploadpurging"]; ok { - purgeConfig, ok = v.(map[interface{}]interface{}) - if !ok { - panic("uploadpurging config key must contain additional keys") - } - } - if v, ok := mc["readonly"]; ok { - readOnly, ok := v.(map[interface{}]interface{}) - if !ok { - panic("readonly config key must contain additional keys") - } - if readOnlyEnabled, ok := readOnly["enabled"]; ok { - app.readOnly, ok = readOnlyEnabled.(bool) - if !ok { - panic("readonly's enabled config key must have a boolean value") - } - } - } - } - - startUploadPurger(app, app.driver, ctxu.GetLogger(app), purgeConfig) - - app.driver, err = applyStorageMiddleware(app.driver, config.Middleware["storage"]) - if err != nil { - panic(err) - } - - app.configureSecret(config) - app.configureEvents(config) - app.configureRedis(config) - app.configureLogHook(config) - - options := registrymiddleware.GetRegistryOptions() - if config.Compatibility.Schema1.TrustKey != "" { - app.trustKey, err = libtrust.LoadKeyFile(config.Compatibility.Schema1.TrustKey) - if err != nil { - panic(fmt.Sprintf(`could not load schema1 "signingkey" parameter: %v`, err)) - } - } else { - // Generate an ephemeral key to be used for signing converted manifests - // for clients that don't support schema2. - app.trustKey, err = libtrust.GenerateECP256PrivateKey() - if err != nil { - panic(err) - } - } - - options = append(options, storage.Schema1SigningKey(app.trustKey)) - - if config.HTTP.Host != "" { - u, err := url.Parse(config.HTTP.Host) - if err != nil { - panic(fmt.Sprintf(`could not parse http "host" parameter: %v`, err)) - } - app.httpHost = *u - } - - if app.isCache { - options = append(options, storage.DisableDigestResumption) - } - - // configure deletion - if d, ok := config.Storage["delete"]; ok { - e, ok := d["enabled"] - if ok { - if deleteEnabled, ok := e.(bool); ok && deleteEnabled { - options = append(options, storage.EnableDelete) - } - } - } - - // configure redirects - var redirectDisabled bool - if redirectConfig, ok := config.Storage["redirect"]; ok { - v := redirectConfig["disable"] - switch v := v.(type) { - case bool: - redirectDisabled = v - default: - panic(fmt.Sprintf("invalid type for redirect config: %#v", redirectConfig)) - } - } - if redirectDisabled { - ctxu.GetLogger(app).Infof("backend redirection disabled") - } else { - options = append(options, storage.EnableRedirect) - } - - // configure validation - if config.Validation.Enabled { - if len(config.Validation.Manifests.URLs.Allow) == 0 && len(config.Validation.Manifests.URLs.Deny) == 0 { - // If Allow and Deny are empty, allow nothing. - options = append(options, storage.ManifestURLsAllowRegexp(regexp.MustCompile("^$"))) - } else { - if len(config.Validation.Manifests.URLs.Allow) > 0 { - for i, s := range config.Validation.Manifests.URLs.Allow { - // Validate via compilation. - if _, err := regexp.Compile(s); err != nil { - panic(fmt.Sprintf("validation.manifests.urls.allow: %s", err)) - } - // Wrap with non-capturing group. - config.Validation.Manifests.URLs.Allow[i] = fmt.Sprintf("(?:%s)", s) - } - re := regexp.MustCompile(strings.Join(config.Validation.Manifests.URLs.Allow, "|")) - options = append(options, storage.ManifestURLsAllowRegexp(re)) - } - if len(config.Validation.Manifests.URLs.Deny) > 0 { - for i, s := range config.Validation.Manifests.URLs.Deny { - // Validate via compilation. - if _, err := regexp.Compile(s); err != nil { - panic(fmt.Sprintf("validation.manifests.urls.deny: %s", err)) - } - // Wrap with non-capturing group. - config.Validation.Manifests.URLs.Deny[i] = fmt.Sprintf("(?:%s)", s) - } - re := regexp.MustCompile(strings.Join(config.Validation.Manifests.URLs.Deny, "|")) - options = append(options, storage.ManifestURLsDenyRegexp(re)) - } - } - } - - // configure storage caches - if cc, ok := config.Storage["cache"]; ok { - v, ok := cc["blobdescriptor"] - if !ok { - // Backwards compatible: "layerinfo" == "blobdescriptor" - v = cc["layerinfo"] - } - - switch v { - case "redis": - if app.redis == nil { - panic("redis configuration required to use for layerinfo cache") - } - cacheProvider := rediscache.NewRedisBlobDescriptorCacheProvider(app.redis) - localOptions := append(options, storage.BlobDescriptorCacheProvider(cacheProvider)) - app.registry, err = storage.NewRegistry(app, app.driver, localOptions...) - if err != nil { - panic("could not create registry: " + err.Error()) - } - ctxu.GetLogger(app).Infof("using redis blob descriptor cache") - case "inmemory": - cacheProvider := memorycache.NewInMemoryBlobDescriptorCacheProvider() - localOptions := append(options, storage.BlobDescriptorCacheProvider(cacheProvider)) - app.registry, err = storage.NewRegistry(app, app.driver, localOptions...) - if err != nil { - panic("could not create registry: " + err.Error()) - } - ctxu.GetLogger(app).Infof("using inmemory blob descriptor cache") - default: - if v != "" { - ctxu.GetLogger(app).Warnf("unknown cache type %q, caching disabled", config.Storage["cache"]) - } - } - } - - if app.registry == nil { - // configure the registry if no cache section is available. - app.registry, err = storage.NewRegistry(app.Context, app.driver, options...) - if err != nil { - panic("could not create registry: " + err.Error()) - } - } - - app.registry, err = applyRegistryMiddleware(app, app.registry, config.Middleware["registry"]) - if err != nil { - panic(err) - } - - authType := config.Auth.Type() - - if authType != "" { - accessController, err := auth.GetAccessController(config.Auth.Type(), config.Auth.Parameters()) - if err != nil { - panic(fmt.Sprintf("unable to configure authorization (%s): %v", authType, err)) - } - app.accessController = accessController - ctxu.GetLogger(app).Debugf("configured %q access controller", authType) - } - - // configure as a pull through cache - if config.Proxy.RemoteURL != "" { - app.registry, err = proxy.NewRegistryPullThroughCache(ctx, app.registry, app.driver, config.Proxy) - if err != nil { - panic(err.Error()) - } - app.isCache = true - ctxu.GetLogger(app).Info("Registry configured as a proxy cache to ", config.Proxy.RemoteURL) - } - - return app -} - -// RegisterHealthChecks is an awful hack to defer health check registration -// control to callers. This should only ever be called once per registry -// process, typically in a main function. The correct way would be register -// health checks outside of app, since multiple apps may exist in the same -// process. Because the configuration and app are tightly coupled, -// implementing this properly will require a refactor. This method may panic -// if called twice in the same process. -func (app *App) RegisterHealthChecks(healthRegistries ...*health.Registry) { - if len(healthRegistries) > 1 { - panic("RegisterHealthChecks called with more than one registry") - } - healthRegistry := health.DefaultRegistry - if len(healthRegistries) == 1 { - healthRegistry = healthRegistries[0] - } - - if app.Config.Health.StorageDriver.Enabled { - interval := app.Config.Health.StorageDriver.Interval - if interval == 0 { - interval = defaultCheckInterval - } - - storageDriverCheck := func() error { - _, err := app.driver.Stat(app, "/") // "/" should always exist - return err // any error will be treated as failure - } - - if app.Config.Health.StorageDriver.Threshold != 0 { - healthRegistry.RegisterPeriodicThresholdFunc("storagedriver_"+app.Config.Storage.Type(), interval, app.Config.Health.StorageDriver.Threshold, storageDriverCheck) - } else { - healthRegistry.RegisterPeriodicFunc("storagedriver_"+app.Config.Storage.Type(), interval, storageDriverCheck) - } - } - - for _, fileChecker := range app.Config.Health.FileCheckers { - interval := fileChecker.Interval - if interval == 0 { - interval = defaultCheckInterval - } - ctxu.GetLogger(app).Infof("configuring file health check path=%s, interval=%d", fileChecker.File, interval/time.Second) - healthRegistry.Register(fileChecker.File, health.PeriodicChecker(checks.FileChecker(fileChecker.File), interval)) - } - - for _, httpChecker := range app.Config.Health.HTTPCheckers { - interval := httpChecker.Interval - if interval == 0 { - interval = defaultCheckInterval - } - - statusCode := httpChecker.StatusCode - if statusCode == 0 { - statusCode = 200 - } - - checker := checks.HTTPChecker(httpChecker.URI, statusCode, httpChecker.Timeout, httpChecker.Headers) - - if httpChecker.Threshold != 0 { - ctxu.GetLogger(app).Infof("configuring HTTP health check uri=%s, interval=%d, threshold=%d", httpChecker.URI, interval/time.Second, httpChecker.Threshold) - healthRegistry.Register(httpChecker.URI, health.PeriodicThresholdChecker(checker, interval, httpChecker.Threshold)) - } else { - ctxu.GetLogger(app).Infof("configuring HTTP health check uri=%s, interval=%d", httpChecker.URI, interval/time.Second) - healthRegistry.Register(httpChecker.URI, health.PeriodicChecker(checker, interval)) - } - } - - for _, tcpChecker := range app.Config.Health.TCPCheckers { - interval := tcpChecker.Interval - if interval == 0 { - interval = defaultCheckInterval - } - - checker := checks.TCPChecker(tcpChecker.Addr, tcpChecker.Timeout) - - if tcpChecker.Threshold != 0 { - ctxu.GetLogger(app).Infof("configuring TCP health check addr=%s, interval=%d, threshold=%d", tcpChecker.Addr, interval/time.Second, tcpChecker.Threshold) - healthRegistry.Register(tcpChecker.Addr, health.PeriodicThresholdChecker(checker, interval, tcpChecker.Threshold)) - } else { - ctxu.GetLogger(app).Infof("configuring TCP health check addr=%s, interval=%d", tcpChecker.Addr, interval/time.Second) - healthRegistry.Register(tcpChecker.Addr, health.PeriodicChecker(checker, interval)) - } - } -} - -// register a handler with the application, by route name. The handler will be -// passed through the application filters and context will be constructed at -// request time. -func (app *App) register(routeName string, dispatch dispatchFunc) { - - // TODO(stevvooe): This odd dispatcher/route registration is by-product of - // some limitations in the gorilla/mux router. We are using it to keep - // routing consistent between the client and server, but we may want to - // replace it with manual routing and structure-based dispatch for better - // control over the request execution. - - app.router.GetRoute(routeName).Handler(app.dispatcher(dispatch)) -} - -// configureEvents prepares the event sink for action. -func (app *App) configureEvents(configuration *configuration.Configuration) { - // Configure all of the endpoint sinks. - var sinks []notifications.Sink - for _, endpoint := range configuration.Notifications.Endpoints { - if endpoint.Disabled { - ctxu.GetLogger(app).Infof("endpoint %s disabled, skipping", endpoint.Name) - continue - } - - ctxu.GetLogger(app).Infof("configuring endpoint %v (%v), timeout=%s, headers=%v", endpoint.Name, endpoint.URL, endpoint.Timeout, endpoint.Headers) - endpoint := notifications.NewEndpoint(endpoint.Name, endpoint.URL, notifications.EndpointConfig{ - Timeout: endpoint.Timeout, - Threshold: endpoint.Threshold, - Backoff: endpoint.Backoff, - Headers: endpoint.Headers, - IgnoredMediaTypes: endpoint.IgnoredMediaTypes, - }) - - sinks = append(sinks, endpoint) - } - - // NOTE(stevvooe): Moving to a new queuing implementation is as easy as - // replacing broadcaster with a rabbitmq implementation. It's recommended - // that the registry instances also act as the workers to keep deployment - // simple. - app.events.sink = notifications.NewBroadcaster(sinks...) - - // Populate registry event source - hostname, err := os.Hostname() - if err != nil { - hostname = configuration.HTTP.Addr - } else { - // try to pick the port off the config - _, port, err := net.SplitHostPort(configuration.HTTP.Addr) - if err == nil { - hostname = net.JoinHostPort(hostname, port) - } - } - - app.events.source = notifications.SourceRecord{ - Addr: hostname, - InstanceID: ctxu.GetStringValue(app, "instance.id"), - } -} - -type redisStartAtKey struct{} - -func (app *App) configureRedis(configuration *configuration.Configuration) { - if configuration.Redis.Addr == "" { - ctxu.GetLogger(app).Infof("redis not configured") - return - } - - pool := &redis.Pool{ - Dial: func() (redis.Conn, error) { - // TODO(stevvooe): Yet another use case for contextual timing. - ctx := context.WithValue(app, redisStartAtKey{}, time.Now()) - - done := func(err error) { - logger := ctxu.GetLoggerWithField(ctx, "redis.connect.duration", - ctxu.Since(ctx, redisStartAtKey{})) - if err != nil { - logger.Errorf("redis: error connecting: %v", err) - } else { - logger.Infof("redis: connect %v", configuration.Redis.Addr) - } - } - - conn, err := redis.DialTimeout("tcp", - configuration.Redis.Addr, - configuration.Redis.DialTimeout, - configuration.Redis.ReadTimeout, - configuration.Redis.WriteTimeout) - if err != nil { - ctxu.GetLogger(app).Errorf("error connecting to redis instance %s: %v", - configuration.Redis.Addr, err) - done(err) - return nil, err - } - - // authorize the connection - if configuration.Redis.Password != "" { - if _, err = conn.Do("AUTH", configuration.Redis.Password); err != nil { - defer conn.Close() - done(err) - return nil, err - } - } - - // select the database to use - if configuration.Redis.DB != 0 { - if _, err = conn.Do("SELECT", configuration.Redis.DB); err != nil { - defer conn.Close() - done(err) - return nil, err - } - } - - done(nil) - return conn, nil - }, - MaxIdle: configuration.Redis.Pool.MaxIdle, - MaxActive: configuration.Redis.Pool.MaxActive, - IdleTimeout: configuration.Redis.Pool.IdleTimeout, - TestOnBorrow: func(c redis.Conn, t time.Time) error { - // TODO(stevvooe): We can probably do something more interesting - // here with the health package. - _, err := c.Do("PING") - return err - }, - Wait: false, // if a connection is not avialable, proceed without cache. - } - - app.redis = pool - - // setup expvar - registry := expvar.Get("registry") - if registry == nil { - registry = expvar.NewMap("registry") - } - - registry.(*expvar.Map).Set("redis", expvar.Func(func() interface{} { - return map[string]interface{}{ - "Config": configuration.Redis, - "Active": app.redis.ActiveCount(), - } - })) -} - -// configureLogHook prepares logging hook parameters. -func (app *App) configureLogHook(configuration *configuration.Configuration) { - entry, ok := ctxu.GetLogger(app).(*log.Entry) - if !ok { - // somehow, we are not using logrus - return - } - - logger := entry.Logger - - for _, configHook := range configuration.Log.Hooks { - if !configHook.Disabled { - switch configHook.Type { - case "mail": - hook := &logHook{} - hook.LevelsParam = configHook.Levels - hook.Mail = &mailer{ - Addr: configHook.MailOptions.SMTP.Addr, - Username: configHook.MailOptions.SMTP.Username, - Password: configHook.MailOptions.SMTP.Password, - Insecure: configHook.MailOptions.SMTP.Insecure, - From: configHook.MailOptions.From, - To: configHook.MailOptions.To, - } - logger.Hooks.Add(hook) - default: - } - } - } -} - -// configureSecret creates a random secret if a secret wasn't included in the -// configuration. -func (app *App) configureSecret(configuration *configuration.Configuration) { - if configuration.HTTP.Secret == "" { - var secretBytes [randomSecretSize]byte - if _, err := cryptorand.Read(secretBytes[:]); err != nil { - panic(fmt.Sprintf("could not generate random bytes for HTTP secret: %v", err)) - } - configuration.HTTP.Secret = string(secretBytes[:]) - ctxu.GetLogger(app).Warn("No HTTP secret provided - generated random secret. This may cause problems with uploads if multiple registries are behind a load-balancer. To provide a shared secret, fill in http.secret in the configuration file or set the REGISTRY_HTTP_SECRET environment variable.") - } -} - -func (app *App) ServeHTTP(w http.ResponseWriter, r *http.Request) { - defer r.Body.Close() // ensure that request body is always closed. - - // Instantiate an http context here so we can track the error codes - // returned by the request router. - ctx := defaultContextManager.context(app, w, r) - - defer func() { - status, ok := ctx.Value("http.response.status").(int) - if ok && status >= 200 && status <= 399 { - ctxu.GetResponseLogger(ctx).Infof("response completed") - } - }() - defer defaultContextManager.release(ctx) - - // NOTE(stevvooe): Total hack to get instrumented responsewriter from context. - var err error - w, err = ctxu.GetResponseWriter(ctx) - if err != nil { - ctxu.GetLogger(ctx).Warnf("response writer not found in context") - } - - // Set a header with the Docker Distribution API Version for all responses. - w.Header().Add("Docker-Distribution-API-Version", "registry/2.0") - app.router.ServeHTTP(w, r) -} - -// dispatchFunc takes a context and request and returns a constructed handler -// for the route. The dispatcher will use this to dynamically create request -// specific handlers for each endpoint without creating a new router for each -// request. -type dispatchFunc func(ctx *Context, r *http.Request) http.Handler - -// TODO(stevvooe): dispatchers should probably have some validation error -// chain with proper error reporting. - -// dispatcher returns a handler that constructs a request specific context and -// handler, using the dispatch factory function. -func (app *App) dispatcher(dispatch dispatchFunc) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - for headerName, headerValues := range app.Config.HTTP.Headers { - for _, value := range headerValues { - w.Header().Add(headerName, value) - } - } - - context := app.context(w, r) - - if err := app.authorized(w, r, context); err != nil { - ctxu.GetLogger(context).Warnf("error authorizing context: %v", err) - return - } - - // Add username to request logging - context.Context = ctxu.WithLogger(context.Context, ctxu.GetLogger(context.Context, auth.UserNameKey)) - - if app.nameRequired(r) { - nameRef, err := reference.ParseNamed(getName(context)) - if err != nil { - ctxu.GetLogger(context).Errorf("error parsing reference from context: %v", err) - context.Errors = append(context.Errors, distribution.ErrRepositoryNameInvalid{ - Name: getName(context), - Reason: err, - }) - if err := errcode.ServeJSON(w, context.Errors); err != nil { - ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors) - } - return - } - repository, err := app.registry.Repository(context, nameRef) - - if err != nil { - ctxu.GetLogger(context).Errorf("error resolving repository: %v", err) - - switch err := err.(type) { - case distribution.ErrRepositoryUnknown: - context.Errors = append(context.Errors, v2.ErrorCodeNameUnknown.WithDetail(err)) - case distribution.ErrRepositoryNameInvalid: - context.Errors = append(context.Errors, v2.ErrorCodeNameInvalid.WithDetail(err)) - case errcode.Error: - context.Errors = append(context.Errors, err) - } - - if err := errcode.ServeJSON(w, context.Errors); err != nil { - ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors) - } - return - } - - // assign and decorate the authorized repository with an event bridge. - context.Repository = notifications.Listen( - repository, - app.eventBridge(context, r)) - - context.Repository, err = applyRepoMiddleware(app, context.Repository, app.Config.Middleware["repository"]) - if err != nil { - ctxu.GetLogger(context).Errorf("error initializing repository middleware: %v", err) - context.Errors = append(context.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - - if err := errcode.ServeJSON(w, context.Errors); err != nil { - ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors) - } - return - } - } - - dispatch(context, r).ServeHTTP(w, r) - // Automated error response handling here. Handlers may return their - // own errors if they need different behavior (such as range errors - // for layer upload). - if context.Errors.Len() > 0 { - if err := errcode.ServeJSON(w, context.Errors); err != nil { - ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors) - } - - app.logError(context, context.Errors) - } - }) -} - -type errCodeKey struct{} - -func (errCodeKey) String() string { return "err.code" } - -type errMessageKey struct{} - -func (errMessageKey) String() string { return "err.message" } - -type errDetailKey struct{} - -func (errDetailKey) String() string { return "err.detail" } - -func (app *App) logError(context context.Context, errors errcode.Errors) { - for _, e1 := range errors { - var c ctxu.Context - - switch e1.(type) { - case errcode.Error: - e, _ := e1.(errcode.Error) - c = ctxu.WithValue(context, errCodeKey{}, e.Code) - c = ctxu.WithValue(c, errMessageKey{}, e.Code.Message()) - c = ctxu.WithValue(c, errDetailKey{}, e.Detail) - case errcode.ErrorCode: - e, _ := e1.(errcode.ErrorCode) - c = ctxu.WithValue(context, errCodeKey{}, e) - c = ctxu.WithValue(c, errMessageKey{}, e.Message()) - default: - // just normal go 'error' - c = ctxu.WithValue(context, errCodeKey{}, errcode.ErrorCodeUnknown) - c = ctxu.WithValue(c, errMessageKey{}, e1.Error()) - } - - c = ctxu.WithLogger(c, ctxu.GetLogger(c, - errCodeKey{}, - errMessageKey{}, - errDetailKey{})) - ctxu.GetResponseLogger(c).Errorf("response completed with error") - } -} - -// context constructs the context object for the application. This only be -// called once per request. -func (app *App) context(w http.ResponseWriter, r *http.Request) *Context { - ctx := defaultContextManager.context(app, w, r) - ctx = ctxu.WithVars(ctx, r) - ctx = ctxu.WithLogger(ctx, ctxu.GetLogger(ctx, - "vars.name", - "vars.reference", - "vars.digest", - "vars.uuid")) - - context := &Context{ - App: app, - Context: ctx, - } - - if app.httpHost.Scheme != "" && app.httpHost.Host != "" { - // A "host" item in the configuration takes precedence over - // X-Forwarded-Proto and X-Forwarded-Host headers, and the - // hostname in the request. - context.urlBuilder = v2.NewURLBuilder(&app.httpHost, false) - } else { - context.urlBuilder = v2.NewURLBuilderFromRequest(r, app.Config.HTTP.RelativeURLs) - } - - return context -} - -// authorized checks if the request can proceed with access to the requested -// repository. If it succeeds, the context may access the requested -// repository. An error will be returned if access is not available. -func (app *App) authorized(w http.ResponseWriter, r *http.Request, context *Context) error { - ctxu.GetLogger(context).Debug("authorizing request") - repo := getName(context) - - if app.accessController == nil { - return nil // access controller is not enabled. - } - - var accessRecords []auth.Access - - if repo != "" { - accessRecords = appendAccessRecords(accessRecords, r.Method, repo) - if fromRepo := r.FormValue("from"); fromRepo != "" { - // mounting a blob from one repository to another requires pull (GET) - // access to the source repository. - accessRecords = appendAccessRecords(accessRecords, "GET", fromRepo) - } - } else { - // Only allow the name not to be set on the base route. - if app.nameRequired(r) { - // For this to be properly secured, repo must always be set for a - // resource that may make a modification. The only condition under - // which name is not set and we still allow access is when the - // base route is accessed. This section prevents us from making - // that mistake elsewhere in the code, allowing any operation to - // proceed. - if err := errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized); err != nil { - ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors) - } - return fmt.Errorf("forbidden: no repository name") - } - accessRecords = appendCatalogAccessRecord(accessRecords, r) - } - - ctx, err := app.accessController.Authorized(context.Context, accessRecords...) - if err != nil { - switch err := err.(type) { - case auth.Challenge: - // Add the appropriate WWW-Auth header - err.SetHeaders(w) - - if err := errcode.ServeJSON(w, errcode.ErrorCodeUnauthorized.WithDetail(accessRecords)); err != nil { - ctxu.GetLogger(context).Errorf("error serving error json: %v (from %v)", err, context.Errors) - } - default: - // This condition is a potential security problem either in - // the configuration or whatever is backing the access - // controller. Just return a bad request with no information - // to avoid exposure. The request should not proceed. - ctxu.GetLogger(context).Errorf("error checking authorization: %v", err) - w.WriteHeader(http.StatusBadRequest) - } - - return err - } - - // TODO(stevvooe): This pattern needs to be cleaned up a bit. One context - // should be replaced by another, rather than replacing the context on a - // mutable object. - context.Context = ctx - return nil -} - -// eventBridge returns a bridge for the current request, configured with the -// correct actor and source. -func (app *App) eventBridge(ctx *Context, r *http.Request) notifications.Listener { - actor := notifications.ActorRecord{ - Name: getUserName(ctx, r), - } - request := notifications.NewRequestRecord(ctxu.GetRequestID(ctx), r) - - return notifications.NewBridge(ctx.urlBuilder, app.events.source, actor, request, app.events.sink) -} - -// nameRequired returns true if the route requires a name. -func (app *App) nameRequired(r *http.Request) bool { - route := mux.CurrentRoute(r) - routeName := route.GetName() - return route == nil || (routeName != v2.RouteNameBase && routeName != v2.RouteNameCatalog) -} - -// apiBase implements a simple yes-man for doing overall checks against the -// api. This can support auth roundtrips to support docker login. -func apiBase(w http.ResponseWriter, r *http.Request) { - const emptyJSON = "{}" - // Provide a simple /v2/ 200 OK response with empty json response. - w.Header().Set("Content-Type", "application/json; charset=utf-8") - w.Header().Set("Content-Length", fmt.Sprint(len(emptyJSON))) - - fmt.Fprint(w, emptyJSON) -} - -// appendAccessRecords checks the method and adds the appropriate Access records to the records list. -func appendAccessRecords(records []auth.Access, method string, repo string) []auth.Access { - resource := auth.Resource{ - Type: "repository", - Name: repo, - } - - switch method { - case "GET", "HEAD": - records = append(records, - auth.Access{ - Resource: resource, - Action: "pull", - }) - case "POST", "PUT", "PATCH": - records = append(records, - auth.Access{ - Resource: resource, - Action: "pull", - }, - auth.Access{ - Resource: resource, - Action: "push", - }) - case "DELETE": - // DELETE access requires full admin rights, which is represented - // as "*". This may not be ideal. - records = append(records, - auth.Access{ - Resource: resource, - Action: "*", - }) - } - return records -} - -// Add the access record for the catalog if it's our current route -func appendCatalogAccessRecord(accessRecords []auth.Access, r *http.Request) []auth.Access { - route := mux.CurrentRoute(r) - routeName := route.GetName() - - if routeName == v2.RouteNameCatalog { - resource := auth.Resource{ - Type: "registry", - Name: "catalog", - } - - accessRecords = append(accessRecords, - auth.Access{ - Resource: resource, - Action: "*", - }) - } - return accessRecords -} - -// applyRegistryMiddleware wraps a registry instance with the configured middlewares -func applyRegistryMiddleware(ctx context.Context, registry distribution.Namespace, middlewares []configuration.Middleware) (distribution.Namespace, error) { - for _, mw := range middlewares { - rmw, err := registrymiddleware.Get(ctx, mw.Name, mw.Options, registry) - if err != nil { - return nil, fmt.Errorf("unable to configure registry middleware (%s): %s", mw.Name, err) - } - registry = rmw - } - return registry, nil - -} - -// applyRepoMiddleware wraps a repository with the configured middlewares -func applyRepoMiddleware(ctx context.Context, repository distribution.Repository, middlewares []configuration.Middleware) (distribution.Repository, error) { - for _, mw := range middlewares { - rmw, err := repositorymiddleware.Get(ctx, mw.Name, mw.Options, repository) - if err != nil { - return nil, err - } - repository = rmw - } - return repository, nil -} - -// applyStorageMiddleware wraps a storage driver with the configured middlewares -func applyStorageMiddleware(driver storagedriver.StorageDriver, middlewares []configuration.Middleware) (storagedriver.StorageDriver, error) { - for _, mw := range middlewares { - smw, err := storagemiddleware.Get(mw.Name, mw.Options, driver) - if err != nil { - return nil, fmt.Errorf("unable to configure storage middleware (%s): %v", mw.Name, err) - } - driver = smw - } - return driver, nil -} - -// uploadPurgeDefaultConfig provides a default configuration for upload -// purging to be used in the absence of configuration in the -// confifuration file -func uploadPurgeDefaultConfig() map[interface{}]interface{} { - config := map[interface{}]interface{}{} - config["enabled"] = true - config["age"] = "168h" - config["interval"] = "24h" - config["dryrun"] = false - return config -} - -func badPurgeUploadConfig(reason string) { - panic(fmt.Sprintf("Unable to parse upload purge configuration: %s", reason)) -} - -// startUploadPurger schedules a goroutine which will periodically -// check upload directories for old files and delete them -func startUploadPurger(ctx context.Context, storageDriver storagedriver.StorageDriver, log ctxu.Logger, config map[interface{}]interface{}) { - if config["enabled"] == false { - return - } - - var purgeAgeDuration time.Duration - var err error - purgeAge, ok := config["age"] - if ok { - ageStr, ok := purgeAge.(string) - if !ok { - badPurgeUploadConfig("age is not a string") - } - purgeAgeDuration, err = time.ParseDuration(ageStr) - if err != nil { - badPurgeUploadConfig(fmt.Sprintf("Cannot parse duration: %s", err.Error())) - } - } else { - badPurgeUploadConfig("age missing") - } - - var intervalDuration time.Duration - interval, ok := config["interval"] - if ok { - intervalStr, ok := interval.(string) - if !ok { - badPurgeUploadConfig("interval is not a string") - } - - intervalDuration, err = time.ParseDuration(intervalStr) - if err != nil { - badPurgeUploadConfig(fmt.Sprintf("Cannot parse interval: %s", err.Error())) - } - } else { - badPurgeUploadConfig("interval missing") - } - - var dryRunBool bool - dryRun, ok := config["dryrun"] - if ok { - dryRunBool, ok = dryRun.(bool) - if !ok { - badPurgeUploadConfig("cannot parse dryrun") - } - } else { - badPurgeUploadConfig("dryrun missing") - } - - go func() { - rand.Seed(time.Now().Unix()) - jitter := time.Duration(rand.Int()%60) * time.Minute - log.Infof("Starting upload purge in %s", jitter) - time.Sleep(jitter) - - for { - storage.PurgeUploads(ctx, storageDriver, time.Now().Add(-purgeAgeDuration), !dryRunBool) - log.Infof("Starting upload purge in %s", intervalDuration) - time.Sleep(intervalDuration) - } - }() -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/app_test.go b/vendor/github.com/docker/distribution/registry/handlers/app_test.go deleted file mode 100644 index 385fa4c6..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/app_test.go +++ /dev/null @@ -1,279 +0,0 @@ -package handlers - -import ( - "encoding/json" - "net/http" - "net/http/httptest" - "net/url" - "reflect" - "testing" - - "github.com/docker/distribution/configuration" - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/registry/auth" - _ "github.com/docker/distribution/registry/auth/silly" - "github.com/docker/distribution/registry/storage" - memorycache "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver/testdriver" -) - -// TestAppDispatcher builds an application with a test dispatcher and ensures -// that requests are properly dispatched and the handlers are constructed. -// This only tests the dispatch mechanism. The underlying dispatchers must be -// tested individually. -func TestAppDispatcher(t *testing.T) { - driver := testdriver.New() - ctx := context.Background() - registry, err := storage.NewRegistry(ctx, driver, storage.BlobDescriptorCacheProvider(memorycache.NewInMemoryBlobDescriptorCacheProvider()), storage.EnableDelete, storage.EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - app := &App{ - Config: &configuration.Configuration{}, - Context: ctx, - router: v2.Router(), - driver: driver, - registry: registry, - } - server := httptest.NewServer(app) - defer server.Close() - router := v2.Router() - - serverURL, err := url.Parse(server.URL) - if err != nil { - t.Fatalf("error parsing server url: %v", err) - } - - varCheckingDispatcher := func(expectedVars map[string]string) dispatchFunc { - return func(ctx *Context, r *http.Request) http.Handler { - // Always checks the same name context - if ctx.Repository.Named().Name() != getName(ctx) { - t.Fatalf("unexpected name: %q != %q", ctx.Repository.Named().Name(), "foo/bar") - } - - // Check that we have all that is expected - for expectedK, expectedV := range expectedVars { - if ctx.Value(expectedK) != expectedV { - t.Fatalf("unexpected %s in context vars: %q != %q", expectedK, ctx.Value(expectedK), expectedV) - } - } - - // Check that we only have variables that are expected - for k, v := range ctx.Value("vars").(map[string]string) { - _, ok := expectedVars[k] - - if !ok { // name is checked on context - // We have an unexpected key, fail - t.Fatalf("unexpected key %q in vars with value %q", k, v) - } - } - - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - }) - } - } - - // unflatten a list of variables, suitable for gorilla/mux, to a map[string]string - unflatten := func(vars []string) map[string]string { - m := make(map[string]string) - for i := 0; i < len(vars)-1; i = i + 2 { - m[vars[i]] = vars[i+1] - } - - return m - } - - for _, testcase := range []struct { - endpoint string - vars []string - }{ - { - endpoint: v2.RouteNameManifest, - vars: []string{ - "name", "foo/bar", - "reference", "sometag", - }, - }, - { - endpoint: v2.RouteNameTags, - vars: []string{ - "name", "foo/bar", - }, - }, - { - endpoint: v2.RouteNameBlobUpload, - vars: []string{ - "name", "foo/bar", - }, - }, - { - endpoint: v2.RouteNameBlobUploadChunk, - vars: []string{ - "name", "foo/bar", - "uuid", "theuuid", - }, - }, - } { - app.register(testcase.endpoint, varCheckingDispatcher(unflatten(testcase.vars))) - route := router.GetRoute(testcase.endpoint).Host(serverURL.Host) - u, err := route.URL(testcase.vars...) - - if err != nil { - t.Fatal(err) - } - - resp, err := http.Get(u.String()) - - if err != nil { - t.Fatal(err) - } - - if resp.StatusCode != http.StatusOK { - t.Fatalf("unexpected status code: %v != %v", resp.StatusCode, http.StatusOK) - } - } -} - -// TestNewApp covers the creation of an application via NewApp with a -// configuration. -func TestNewApp(t *testing.T) { - ctx := context.Background() - config := configuration.Configuration{ - Storage: configuration.Storage{ - "testdriver": nil, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - Auth: configuration.Auth{ - // For now, we simply test that new auth results in a viable - // application. - "silly": { - "realm": "realm-test", - "service": "service-test", - }, - }, - } - - // Mostly, with this test, given a sane configuration, we are simply - // ensuring that NewApp doesn't panic. We might want to tweak this - // behavior. - app := NewApp(ctx, &config) - - server := httptest.NewServer(app) - defer server.Close() - builder, err := v2.NewURLBuilderFromString(server.URL, false) - if err != nil { - t.Fatalf("error creating urlbuilder: %v", err) - } - - baseURL, err := builder.BuildBaseURL() - if err != nil { - t.Fatalf("error creating baseURL: %v", err) - } - - // TODO(stevvooe): The rest of this test might belong in the API tests. - - // Just hit the app and make sure we get a 401 Unauthorized error. - req, err := http.Get(baseURL) - if err != nil { - t.Fatalf("unexpected error during GET: %v", err) - } - defer req.Body.Close() - - if req.StatusCode != http.StatusUnauthorized { - t.Fatalf("unexpected status code during request: %v", err) - } - - if req.Header.Get("Content-Type") != "application/json; charset=utf-8" { - t.Fatalf("unexpected content-type: %v != %v", req.Header.Get("Content-Type"), "application/json; charset=utf-8") - } - - expectedAuthHeader := "Bearer realm=\"realm-test\",service=\"service-test\"" - if e, a := expectedAuthHeader, req.Header.Get("WWW-Authenticate"); e != a { - t.Fatalf("unexpected WWW-Authenticate header: %q != %q", e, a) - } - - var errs errcode.Errors - dec := json.NewDecoder(req.Body) - if err := dec.Decode(&errs); err != nil { - t.Fatalf("error decoding error response: %v", err) - } - - err2, ok := errs[0].(errcode.ErrorCoder) - if !ok { - t.Fatalf("not an ErrorCoder: %#v", errs[0]) - } - if err2.ErrorCode() != errcode.ErrorCodeUnauthorized { - t.Fatalf("unexpected error code: %v != %v", err2.ErrorCode(), errcode.ErrorCodeUnauthorized) - } -} - -// Test the access record accumulator -func TestAppendAccessRecords(t *testing.T) { - repo := "testRepo" - - expectedResource := auth.Resource{ - Type: "repository", - Name: repo, - } - - expectedPullRecord := auth.Access{ - Resource: expectedResource, - Action: "pull", - } - expectedPushRecord := auth.Access{ - Resource: expectedResource, - Action: "push", - } - expectedAllRecord := auth.Access{ - Resource: expectedResource, - Action: "*", - } - - records := []auth.Access{} - result := appendAccessRecords(records, "GET", repo) - expectedResult := []auth.Access{expectedPullRecord} - if ok := reflect.DeepEqual(result, expectedResult); !ok { - t.Fatalf("Actual access record differs from expected") - } - - records = []auth.Access{} - result = appendAccessRecords(records, "HEAD", repo) - expectedResult = []auth.Access{expectedPullRecord} - if ok := reflect.DeepEqual(result, expectedResult); !ok { - t.Fatalf("Actual access record differs from expected") - } - - records = []auth.Access{} - result = appendAccessRecords(records, "POST", repo) - expectedResult = []auth.Access{expectedPullRecord, expectedPushRecord} - if ok := reflect.DeepEqual(result, expectedResult); !ok { - t.Fatalf("Actual access record differs from expected") - } - - records = []auth.Access{} - result = appendAccessRecords(records, "PUT", repo) - expectedResult = []auth.Access{expectedPullRecord, expectedPushRecord} - if ok := reflect.DeepEqual(result, expectedResult); !ok { - t.Fatalf("Actual access record differs from expected") - } - - records = []auth.Access{} - result = appendAccessRecords(records, "PATCH", repo) - expectedResult = []auth.Access{expectedPullRecord, expectedPushRecord} - if ok := reflect.DeepEqual(result, expectedResult); !ok { - t.Fatalf("Actual access record differs from expected") - } - - records = []auth.Access{} - result = appendAccessRecords(records, "DELETE", repo) - expectedResult = []auth.Access{expectedAllRecord} - if ok := reflect.DeepEqual(result, expectedResult); !ok { - t.Fatalf("Actual access record differs from expected") - } - -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/basicauth.go b/vendor/github.com/docker/distribution/registry/handlers/basicauth.go deleted file mode 100644 index 8727a3cd..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/basicauth.go +++ /dev/null @@ -1,11 +0,0 @@ -// +build go1.4 - -package handlers - -import ( - "net/http" -) - -func basicAuth(r *http.Request) (username, password string, ok bool) { - return r.BasicAuth() -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/basicauth_prego14.go b/vendor/github.com/docker/distribution/registry/handlers/basicauth_prego14.go deleted file mode 100644 index 6cf10a25..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/basicauth_prego14.go +++ /dev/null @@ -1,41 +0,0 @@ -// +build !go1.4 - -package handlers - -import ( - "encoding/base64" - "net/http" - "strings" -) - -// NOTE(stevvooe): This is basic auth support from go1.4 present to ensure we -// can compile on go1.3 and earlier. - -// BasicAuth returns the username and password provided in the request's -// Authorization header, if the request uses HTTP Basic Authentication. -// See RFC 2617, Section 2. -func basicAuth(r *http.Request) (username, password string, ok bool) { - auth := r.Header.Get("Authorization") - if auth == "" { - return - } - return parseBasicAuth(auth) -} - -// parseBasicAuth parses an HTTP Basic Authentication string. -// "Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==" returns ("Aladdin", "open sesame", true). -func parseBasicAuth(auth string) (username, password string, ok bool) { - if !strings.HasPrefix(auth, "Basic ") { - return - } - c, err := base64.StdEncoding.DecodeString(strings.TrimPrefix(auth, "Basic ")) - if err != nil { - return - } - cs := string(c) - s := strings.IndexByte(cs, ':') - if s < 0 { - return - } - return cs[:s], cs[s+1:], true -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/blob.go b/vendor/github.com/docker/distribution/registry/handlers/blob.go deleted file mode 100644 index fb250acd..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/blob.go +++ /dev/null @@ -1,99 +0,0 @@ -package handlers - -import ( - "net/http" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/gorilla/handlers" -) - -// blobDispatcher uses the request context to build a blobHandler. -func blobDispatcher(ctx *Context, r *http.Request) http.Handler { - dgst, err := getDigest(ctx) - if err != nil { - - if err == errDigestNotAvailable { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctx.Errors = append(ctx.Errors, v2.ErrorCodeDigestInvalid.WithDetail(err)) - }) - } - - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctx.Errors = append(ctx.Errors, v2.ErrorCodeDigestInvalid.WithDetail(err)) - }) - } - - blobHandler := &blobHandler{ - Context: ctx, - Digest: dgst, - } - - mhandler := handlers.MethodHandler{ - "GET": http.HandlerFunc(blobHandler.GetBlob), - "HEAD": http.HandlerFunc(blobHandler.GetBlob), - } - - if !ctx.readOnly { - mhandler["DELETE"] = http.HandlerFunc(blobHandler.DeleteBlob) - } - - return mhandler -} - -// blobHandler serves http blob requests. -type blobHandler struct { - *Context - - Digest digest.Digest -} - -// GetBlob fetches the binary data from backend storage returns it in the -// response. -func (bh *blobHandler) GetBlob(w http.ResponseWriter, r *http.Request) { - context.GetLogger(bh).Debug("GetBlob") - blobs := bh.Repository.Blobs(bh) - desc, err := blobs.Stat(bh, bh.Digest) - if err != nil { - if err == distribution.ErrBlobUnknown { - bh.Errors = append(bh.Errors, v2.ErrorCodeBlobUnknown.WithDetail(bh.Digest)) - } else { - bh.Errors = append(bh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - return - } - - if err := blobs.ServeBlob(bh, w, r, desc.Digest); err != nil { - context.GetLogger(bh).Debugf("unexpected error getting blob HTTP handler: %v", err) - bh.Errors = append(bh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } -} - -// DeleteBlob deletes a layer blob -func (bh *blobHandler) DeleteBlob(w http.ResponseWriter, r *http.Request) { - context.GetLogger(bh).Debug("DeleteBlob") - - blobs := bh.Repository.Blobs(bh) - err := blobs.Delete(bh, bh.Digest) - if err != nil { - switch err { - case distribution.ErrUnsupported: - bh.Errors = append(bh.Errors, errcode.ErrorCodeUnsupported) - return - case distribution.ErrBlobUnknown: - bh.Errors = append(bh.Errors, v2.ErrorCodeBlobUnknown) - return - default: - bh.Errors = append(bh.Errors, err) - context.GetLogger(bh).Errorf("Unknown error deleting blob: %s", err.Error()) - return - } - } - - w.Header().Set("Content-Length", "0") - w.WriteHeader(http.StatusAccepted) -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/blobupload.go b/vendor/github.com/docker/distribution/registry/handlers/blobupload.go deleted file mode 100644 index 3afb4739..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/blobupload.go +++ /dev/null @@ -1,368 +0,0 @@ -package handlers - -import ( - "fmt" - "net/http" - "net/url" - - "github.com/docker/distribution" - ctxu "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/registry/storage" - "github.com/gorilla/handlers" -) - -// blobUploadDispatcher constructs and returns the blob upload handler for the -// given request context. -func blobUploadDispatcher(ctx *Context, r *http.Request) http.Handler { - buh := &blobUploadHandler{ - Context: ctx, - UUID: getUploadUUID(ctx), - } - - handler := handlers.MethodHandler{ - "GET": http.HandlerFunc(buh.GetUploadStatus), - "HEAD": http.HandlerFunc(buh.GetUploadStatus), - } - - if !ctx.readOnly { - handler["POST"] = http.HandlerFunc(buh.StartBlobUpload) - handler["PATCH"] = http.HandlerFunc(buh.PatchBlobData) - handler["PUT"] = http.HandlerFunc(buh.PutBlobUploadComplete) - handler["DELETE"] = http.HandlerFunc(buh.CancelBlobUpload) - } - - if buh.UUID != "" { - state, err := hmacKey(ctx.Config.HTTP.Secret).unpackUploadState(r.FormValue("_state")) - if err != nil { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctxu.GetLogger(ctx).Infof("error resolving upload: %v", err) - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadInvalid.WithDetail(err)) - }) - } - buh.State = state - - if state.Name != ctx.Repository.Named().Name() { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctxu.GetLogger(ctx).Infof("mismatched repository name in upload state: %q != %q", state.Name, buh.Repository.Named().Name()) - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadInvalid.WithDetail(err)) - }) - } - - if state.UUID != buh.UUID { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - ctxu.GetLogger(ctx).Infof("mismatched uuid in upload state: %q != %q", state.UUID, buh.UUID) - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadInvalid.WithDetail(err)) - }) - } - - blobs := ctx.Repository.Blobs(buh) - upload, err := blobs.Resume(buh, buh.UUID) - if err != nil { - ctxu.GetLogger(ctx).Errorf("error resolving upload: %v", err) - if err == distribution.ErrBlobUploadUnknown { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadUnknown.WithDetail(err)) - }) - } - - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - }) - } - buh.Upload = upload - - if size := upload.Size(); size != buh.State.Offset { - defer upload.Close() - ctxu.GetLogger(ctx).Errorf("upload resumed at wrong offest: %d != %d", size, buh.State.Offset) - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadInvalid.WithDetail(err)) - upload.Cancel(buh) - }) - } - return closeResources(handler, buh.Upload) - } - - return handler -} - -// blobUploadHandler handles the http blob upload process. -type blobUploadHandler struct { - *Context - - // UUID identifies the upload instance for the current request. Using UUID - // to key blob writers since this implementation uses UUIDs. - UUID string - - Upload distribution.BlobWriter - - State blobUploadState -} - -// StartBlobUpload begins the blob upload process and allocates a server-side -// blob writer session, optionally mounting the blob from a separate repository. -func (buh *blobUploadHandler) StartBlobUpload(w http.ResponseWriter, r *http.Request) { - var options []distribution.BlobCreateOption - - fromRepo := r.FormValue("from") - mountDigest := r.FormValue("mount") - - if mountDigest != "" && fromRepo != "" { - opt, err := buh.createBlobMountOption(fromRepo, mountDigest) - if opt != nil && err == nil { - options = append(options, opt) - } - } - - blobs := buh.Repository.Blobs(buh) - upload, err := blobs.Create(buh, options...) - - if err != nil { - if ebm, ok := err.(distribution.ErrBlobMounted); ok { - if err := buh.writeBlobCreatedHeaders(w, ebm.Descriptor); err != nil { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - } else if err == distribution.ErrUnsupported { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnsupported) - } else { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - return - } - - buh.Upload = upload - - if err := buh.blobUploadResponse(w, r, true); err != nil { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - - w.Header().Set("Docker-Upload-UUID", buh.Upload.ID()) - w.WriteHeader(http.StatusAccepted) -} - -// GetUploadStatus returns the status of a given upload, identified by id. -func (buh *blobUploadHandler) GetUploadStatus(w http.ResponseWriter, r *http.Request) { - if buh.Upload == nil { - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadUnknown) - return - } - - // TODO(dmcgowan): Set last argument to false in blobUploadResponse when - // resumable upload is supported. This will enable returning a non-zero - // range for clients to begin uploading at an offset. - if err := buh.blobUploadResponse(w, r, true); err != nil { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - - w.Header().Set("Docker-Upload-UUID", buh.UUID) - w.WriteHeader(http.StatusNoContent) -} - -// PatchBlobData writes data to an upload. -func (buh *blobUploadHandler) PatchBlobData(w http.ResponseWriter, r *http.Request) { - if buh.Upload == nil { - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadUnknown) - return - } - - ct := r.Header.Get("Content-Type") - if ct != "" && ct != "application/octet-stream" { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(fmt.Errorf("Bad Content-Type"))) - // TODO(dmcgowan): encode error - return - } - - // TODO(dmcgowan): support Content-Range header to seek and write range - - if err := copyFullPayload(w, r, buh.Upload, buh, "blob PATCH", &buh.Errors); err != nil { - // copyFullPayload reports the error if necessary - return - } - - if err := buh.blobUploadResponse(w, r, false); err != nil { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - - w.WriteHeader(http.StatusAccepted) -} - -// PutBlobUploadComplete takes the final request of a blob upload. The -// request may include all the blob data or no blob data. Any data -// provided is received and verified. If successful, the blob is linked -// into the blob store and 201 Created is returned with the canonical -// url of the blob. -func (buh *blobUploadHandler) PutBlobUploadComplete(w http.ResponseWriter, r *http.Request) { - if buh.Upload == nil { - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadUnknown) - return - } - - dgstStr := r.FormValue("digest") // TODO(stevvooe): Support multiple digest parameters! - - if dgstStr == "" { - // no digest? return error, but allow retry. - buh.Errors = append(buh.Errors, v2.ErrorCodeDigestInvalid.WithDetail("digest missing")) - return - } - - dgst, err := digest.ParseDigest(dgstStr) - if err != nil { - // no digest? return error, but allow retry. - buh.Errors = append(buh.Errors, v2.ErrorCodeDigestInvalid.WithDetail("digest parsing failed")) - return - } - - if err := copyFullPayload(w, r, buh.Upload, buh, "blob PUT", &buh.Errors); err != nil { - // copyFullPayload reports the error if necessary - return - } - - desc, err := buh.Upload.Commit(buh, distribution.Descriptor{ - Digest: dgst, - - // TODO(stevvooe): This isn't wildly important yet, but we should - // really set the mediatype. For now, we can let the backend take care - // of this. - }) - - if err != nil { - switch err := err.(type) { - case distribution.ErrBlobInvalidDigest: - buh.Errors = append(buh.Errors, v2.ErrorCodeDigestInvalid.WithDetail(err)) - case errcode.Error: - buh.Errors = append(buh.Errors, err) - default: - switch err { - case distribution.ErrAccessDenied: - buh.Errors = append(buh.Errors, errcode.ErrorCodeDenied) - case distribution.ErrUnsupported: - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnsupported) - case distribution.ErrBlobInvalidLength, distribution.ErrBlobDigestUnsupported: - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadInvalid.WithDetail(err)) - default: - ctxu.GetLogger(buh).Errorf("unknown error completing upload: %v", err) - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - - } - - // Clean up the backend blob data if there was an error. - if err := buh.Upload.Cancel(buh); err != nil { - // If the cleanup fails, all we can do is observe and report. - ctxu.GetLogger(buh).Errorf("error canceling upload after error: %v", err) - } - - return - } - if err := buh.writeBlobCreatedHeaders(w, desc); err != nil { - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } -} - -// CancelBlobUpload cancels an in-progress upload of a blob. -func (buh *blobUploadHandler) CancelBlobUpload(w http.ResponseWriter, r *http.Request) { - if buh.Upload == nil { - buh.Errors = append(buh.Errors, v2.ErrorCodeBlobUploadUnknown) - return - } - - w.Header().Set("Docker-Upload-UUID", buh.UUID) - if err := buh.Upload.Cancel(buh); err != nil { - ctxu.GetLogger(buh).Errorf("error encountered canceling upload: %v", err) - buh.Errors = append(buh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - - w.WriteHeader(http.StatusNoContent) -} - -// blobUploadResponse provides a standard request for uploading blobs and -// chunk responses. This sets the correct headers but the response status is -// left to the caller. The fresh argument is used to ensure that new blob -// uploads always start at a 0 offset. This allows disabling resumable push by -// always returning a 0 offset on check status. -func (buh *blobUploadHandler) blobUploadResponse(w http.ResponseWriter, r *http.Request, fresh bool) error { - // TODO(stevvooe): Need a better way to manage the upload state automatically. - buh.State.Name = buh.Repository.Named().Name() - buh.State.UUID = buh.Upload.ID() - buh.Upload.Close() - buh.State.Offset = buh.Upload.Size() - buh.State.StartedAt = buh.Upload.StartedAt() - - token, err := hmacKey(buh.Config.HTTP.Secret).packUploadState(buh.State) - if err != nil { - ctxu.GetLogger(buh).Infof("error building upload state token: %s", err) - return err - } - - uploadURL, err := buh.urlBuilder.BuildBlobUploadChunkURL( - buh.Repository.Named(), buh.Upload.ID(), - url.Values{ - "_state": []string{token}, - }) - if err != nil { - ctxu.GetLogger(buh).Infof("error building upload url: %s", err) - return err - } - - endRange := buh.Upload.Size() - if endRange > 0 { - endRange = endRange - 1 - } - - w.Header().Set("Docker-Upload-UUID", buh.UUID) - w.Header().Set("Location", uploadURL) - - w.Header().Set("Content-Length", "0") - w.Header().Set("Range", fmt.Sprintf("0-%d", endRange)) - - return nil -} - -// mountBlob attempts to mount a blob from another repository by its digest. If -// successful, the blob is linked into the blob store and 201 Created is -// returned with the canonical url of the blob. -func (buh *blobUploadHandler) createBlobMountOption(fromRepo, mountDigest string) (distribution.BlobCreateOption, error) { - dgst, err := digest.ParseDigest(mountDigest) - if err != nil { - return nil, err - } - - ref, err := reference.ParseNamed(fromRepo) - if err != nil { - return nil, err - } - - canonical, err := reference.WithDigest(ref, dgst) - if err != nil { - return nil, err - } - - return storage.WithMountFrom(canonical), nil -} - -// writeBlobCreatedHeaders writes the standard headers describing a newly -// created blob. A 201 Created is written as well as the canonical URL and -// blob digest. -func (buh *blobUploadHandler) writeBlobCreatedHeaders(w http.ResponseWriter, desc distribution.Descriptor) error { - ref, err := reference.WithDigest(buh.Repository.Named(), desc.Digest) - if err != nil { - return err - } - blobURL, err := buh.urlBuilder.BuildBlobURL(ref) - if err != nil { - return err - } - - w.Header().Set("Location", blobURL) - w.Header().Set("Content-Length", "0") - w.Header().Set("Docker-Content-Digest", desc.Digest.String()) - w.WriteHeader(http.StatusCreated) - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/catalog.go b/vendor/github.com/docker/distribution/registry/handlers/catalog.go deleted file mode 100644 index eca98468..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/catalog.go +++ /dev/null @@ -1,98 +0,0 @@ -package handlers - -import ( - "encoding/json" - "fmt" - "io" - "net/http" - "net/url" - "strconv" - - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/storage/driver" - "github.com/gorilla/handlers" -) - -const maximumReturnedEntries = 100 - -func catalogDispatcher(ctx *Context, r *http.Request) http.Handler { - catalogHandler := &catalogHandler{ - Context: ctx, - } - - return handlers.MethodHandler{ - "GET": http.HandlerFunc(catalogHandler.GetCatalog), - } -} - -type catalogHandler struct { - *Context -} - -type catalogAPIResponse struct { - Repositories []string `json:"repositories"` -} - -func (ch *catalogHandler) GetCatalog(w http.ResponseWriter, r *http.Request) { - var moreEntries = true - - q := r.URL.Query() - lastEntry := q.Get("last") - maxEntries, err := strconv.Atoi(q.Get("n")) - if err != nil || maxEntries < 0 { - maxEntries = maximumReturnedEntries - } - - repos := make([]string, maxEntries) - - filled, err := ch.App.registry.Repositories(ch.Context, repos, lastEntry) - _, pathNotFound := err.(driver.PathNotFoundError) - - if err == io.EOF || pathNotFound { - moreEntries = false - } else if err != nil { - ch.Errors = append(ch.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - - w.Header().Set("Content-Type", "application/json; charset=utf-8") - - // Add a link header if there are more entries to retrieve - if moreEntries { - lastEntry = repos[len(repos)-1] - urlStr, err := createLinkEntry(r.URL.String(), maxEntries, lastEntry) - if err != nil { - ch.Errors = append(ch.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - w.Header().Set("Link", urlStr) - } - - enc := json.NewEncoder(w) - if err := enc.Encode(catalogAPIResponse{ - Repositories: repos[0:filled], - }); err != nil { - ch.Errors = append(ch.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } -} - -// Use the original URL from the request to create a new URL for -// the link header -func createLinkEntry(origURL string, maxEntries int, lastEntry string) (string, error) { - calledURL, err := url.Parse(origURL) - if err != nil { - return "", err - } - - v := url.Values{} - v.Add("n", strconv.Itoa(maxEntries)) - v.Add("last", lastEntry) - - calledURL.RawQuery = v.Encode() - - calledURL.Fragment = "" - urlStr := fmt.Sprintf("<%s>; rel=\"next\"", calledURL.String()) - - return urlStr, nil -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/context.go b/vendor/github.com/docker/distribution/registry/handlers/context.go deleted file mode 100644 index 552db2df..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/context.go +++ /dev/null @@ -1,152 +0,0 @@ -package handlers - -import ( - "fmt" - "net/http" - "sync" - - "github.com/docker/distribution" - ctxu "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/registry/auth" - "golang.org/x/net/context" -) - -// Context should contain the request specific context for use in across -// handlers. Resources that don't need to be shared across handlers should not -// be on this object. -type Context struct { - // App points to the application structure that created this context. - *App - context.Context - - // Repository is the repository for the current request. All requests - // should be scoped to a single repository. This field may be nil. - Repository distribution.Repository - - // Errors is a collection of errors encountered during the request to be - // returned to the client API. If errors are added to the collection, the - // handler *must not* start the response via http.ResponseWriter. - Errors errcode.Errors - - urlBuilder *v2.URLBuilder - - // TODO(stevvooe): The goal is too completely factor this context and - // dispatching out of the web application. Ideally, we should lean on - // context.Context for injection of these resources. -} - -// Value overrides context.Context.Value to ensure that calls are routed to -// correct context. -func (ctx *Context) Value(key interface{}) interface{} { - return ctx.Context.Value(key) -} - -func getName(ctx context.Context) (name string) { - return ctxu.GetStringValue(ctx, "vars.name") -} - -func getReference(ctx context.Context) (reference string) { - return ctxu.GetStringValue(ctx, "vars.reference") -} - -var errDigestNotAvailable = fmt.Errorf("digest not available in context") - -func getDigest(ctx context.Context) (dgst digest.Digest, err error) { - dgstStr := ctxu.GetStringValue(ctx, "vars.digest") - - if dgstStr == "" { - ctxu.GetLogger(ctx).Errorf("digest not available") - return "", errDigestNotAvailable - } - - d, err := digest.ParseDigest(dgstStr) - if err != nil { - ctxu.GetLogger(ctx).Errorf("error parsing digest=%q: %v", dgstStr, err) - return "", err - } - - return d, nil -} - -func getUploadUUID(ctx context.Context) (uuid string) { - return ctxu.GetStringValue(ctx, "vars.uuid") -} - -// getUserName attempts to resolve a username from the context and request. If -// a username cannot be resolved, the empty string is returned. -func getUserName(ctx context.Context, r *http.Request) string { - username := ctxu.GetStringValue(ctx, auth.UserNameKey) - - // Fallback to request user with basic auth - if username == "" { - var ok bool - uname, _, ok := basicAuth(r) - if ok { - username = uname - } - } - - return username -} - -// contextManager allows us to associate net/context.Context instances with a -// request, based on the memory identity of http.Request. This prepares http- -// level context, which is not application specific. If this is called, -// (*contextManager).release must be called on the context when the request is -// completed. -// -// Providing this circumvents a lot of necessity for dispatchers with the -// benefit of instantiating the request context much earlier. -// -// TODO(stevvooe): Consider making this facility a part of the context package. -type contextManager struct { - contexts map[*http.Request]context.Context - mu sync.Mutex -} - -// defaultContextManager is just a global instance to register request contexts. -var defaultContextManager = newContextManager() - -func newContextManager() *contextManager { - return &contextManager{ - contexts: make(map[*http.Request]context.Context), - } -} - -// context either returns a new context or looks it up in the manager. -func (cm *contextManager) context(parent context.Context, w http.ResponseWriter, r *http.Request) context.Context { - cm.mu.Lock() - defer cm.mu.Unlock() - - ctx, ok := cm.contexts[r] - if ok { - return ctx - } - - if parent == nil { - parent = ctxu.Background() - } - - ctx = ctxu.WithRequest(parent, r) - ctx, w = ctxu.WithResponseWriter(ctx, w) - ctx = ctxu.WithLogger(ctx, ctxu.GetRequestLogger(ctx)) - cm.contexts[r] = ctx - - return ctx -} - -// releases frees any associated with resources from request. -func (cm *contextManager) release(ctx context.Context) { - cm.mu.Lock() - defer cm.mu.Unlock() - - r, err := ctxu.GetRequest(ctx) - if err != nil { - ctxu.GetLogger(ctx).Errorf("no request found in context during release") - return - } - delete(cm.contexts, r) -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/health_test.go b/vendor/github.com/docker/distribution/registry/handlers/health_test.go deleted file mode 100644 index 0f38bd1c..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/health_test.go +++ /dev/null @@ -1,210 +0,0 @@ -package handlers - -import ( - "io/ioutil" - "net" - "net/http" - "net/http/httptest" - "os" - "testing" - "time" - - "github.com/docker/distribution/configuration" - "github.com/docker/distribution/context" - "github.com/docker/distribution/health" -) - -func TestFileHealthCheck(t *testing.T) { - interval := time.Second - - tmpfile, err := ioutil.TempFile(os.TempDir(), "healthcheck") - if err != nil { - t.Fatalf("could not create temporary file: %v", err) - } - defer tmpfile.Close() - - config := &configuration.Configuration{ - Storage: configuration.Storage{ - "inmemory": configuration.Parameters{}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - Health: configuration.Health{ - FileCheckers: []configuration.FileChecker{ - { - Interval: interval, - File: tmpfile.Name(), - }, - }, - }, - } - - ctx := context.Background() - - app := NewApp(ctx, config) - healthRegistry := health.NewRegistry() - app.RegisterHealthChecks(healthRegistry) - - // Wait for health check to happen - <-time.After(2 * interval) - - status := healthRegistry.CheckStatus() - if len(status) != 1 { - t.Fatal("expected 1 item in health check results") - } - if status[tmpfile.Name()] != "file exists" { - t.Fatal(`did not get "file exists" result for health check`) - } - - os.Remove(tmpfile.Name()) - - <-time.After(2 * interval) - if len(healthRegistry.CheckStatus()) != 0 { - t.Fatal("expected 0 items in health check results") - } -} - -func TestTCPHealthCheck(t *testing.T) { - interval := time.Second - - ln, err := net.Listen("tcp", "127.0.0.1:0") - if err != nil { - t.Fatalf("could not create listener: %v", err) - } - addrStr := ln.Addr().String() - - // Start accepting - go func() { - for { - conn, err := ln.Accept() - if err != nil { - // listener was closed - return - } - defer conn.Close() - } - }() - - config := &configuration.Configuration{ - Storage: configuration.Storage{ - "inmemory": configuration.Parameters{}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - Health: configuration.Health{ - TCPCheckers: []configuration.TCPChecker{ - { - Interval: interval, - Addr: addrStr, - Timeout: 500 * time.Millisecond, - }, - }, - }, - } - - ctx := context.Background() - - app := NewApp(ctx, config) - healthRegistry := health.NewRegistry() - app.RegisterHealthChecks(healthRegistry) - - // Wait for health check to happen - <-time.After(2 * interval) - - if len(healthRegistry.CheckStatus()) != 0 { - t.Fatal("expected 0 items in health check results") - } - - ln.Close() - <-time.After(2 * interval) - - // Health check should now fail - status := healthRegistry.CheckStatus() - if len(status) != 1 { - t.Fatal("expected 1 item in health check results") - } - if status[addrStr] != "connection to "+addrStr+" failed" { - t.Fatal(`did not get "connection failed" result for health check`) - } -} - -func TestHTTPHealthCheck(t *testing.T) { - interval := time.Second - threshold := 3 - - stopFailing := make(chan struct{}) - - checkedServer := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.Method != "HEAD" { - t.Fatalf("expected HEAD request, got %s", r.Method) - } - select { - case <-stopFailing: - w.WriteHeader(http.StatusOK) - default: - w.WriteHeader(http.StatusInternalServerError) - } - })) - - config := &configuration.Configuration{ - Storage: configuration.Storage{ - "inmemory": configuration.Parameters{}, - "maintenance": configuration.Parameters{"uploadpurging": map[interface{}]interface{}{ - "enabled": false, - }}, - }, - Health: configuration.Health{ - HTTPCheckers: []configuration.HTTPChecker{ - { - Interval: interval, - URI: checkedServer.URL, - Threshold: threshold, - }, - }, - }, - } - - ctx := context.Background() - - app := NewApp(ctx, config) - healthRegistry := health.NewRegistry() - app.RegisterHealthChecks(healthRegistry) - - for i := 0; ; i++ { - <-time.After(interval) - - status := healthRegistry.CheckStatus() - - if i < threshold-1 { - // definitely shouldn't have hit the threshold yet - if len(status) != 0 { - t.Fatal("expected 1 item in health check results") - } - continue - } - if i < threshold+1 { - // right on the threshold - don't expect a failure yet - continue - } - - if len(status) != 1 { - t.Fatal("expected 1 item in health check results") - } - if status[checkedServer.URL] != "downstream service returned unexpected status: 500" { - t.Fatal("did not get expected result for health check") - } - - break - } - - // Signal HTTP handler to start returning 200 - close(stopFailing) - - <-time.After(2 * interval) - - if len(healthRegistry.CheckStatus()) != 0 { - t.Fatal("expected 0 items in health check results") - } -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/helpers.go b/vendor/github.com/docker/distribution/registry/handlers/helpers.go deleted file mode 100644 index dac4f7a8..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/helpers.go +++ /dev/null @@ -1,66 +0,0 @@ -package handlers - -import ( - "errors" - "io" - "net/http" - - ctxu "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/api/errcode" -) - -// closeResources closes all the provided resources after running the target -// handler. -func closeResources(handler http.Handler, closers ...io.Closer) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - for _, closer := range closers { - defer closer.Close() - } - handler.ServeHTTP(w, r) - }) -} - -// copyFullPayload copies the payload of an HTTP request to destWriter. If it -// receives less content than expected, and the client disconnected during the -// upload, it avoids sending a 400 error to keep the logs cleaner. -func copyFullPayload(responseWriter http.ResponseWriter, r *http.Request, destWriter io.Writer, context ctxu.Context, action string, errSlice *errcode.Errors) error { - // Get a channel that tells us if the client disconnects - var clientClosed <-chan bool - if notifier, ok := responseWriter.(http.CloseNotifier); ok { - clientClosed = notifier.CloseNotify() - } else { - ctxu.GetLogger(context).Warnf("the ResponseWriter does not implement CloseNotifier (type: %T)", responseWriter) - } - - // Read in the data, if any. - copied, err := io.Copy(destWriter, r.Body) - if clientClosed != nil && (err != nil || (r.ContentLength > 0 && copied < r.ContentLength)) { - // Didn't receive as much content as expected. Did the client - // disconnect during the request? If so, avoid returning a 400 - // error to keep the logs cleaner. - select { - case <-clientClosed: - // Set the response code to "499 Client Closed Request" - // Even though the connection has already been closed, - // this causes the logger to pick up a 499 error - // instead of showing 0 for the HTTP status. - responseWriter.WriteHeader(499) - - ctxu.GetLoggerWithFields(context, map[interface{}]interface{}{ - "error": err, - "copied": copied, - "contentLength": r.ContentLength, - }, "error", "copied", "contentLength").Error("client disconnected during " + action) - return errors.New("client disconnected") - default: - } - } - - if err != nil { - ctxu.GetLogger(context).Errorf("unknown error reading request payload: %v", err) - *errSlice = append(*errSlice, errcode.ErrorCodeUnknown.WithDetail(err)) - return err - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/hmac.go b/vendor/github.com/docker/distribution/registry/handlers/hmac.go deleted file mode 100644 index 94ed9fda..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/hmac.go +++ /dev/null @@ -1,74 +0,0 @@ -package handlers - -import ( - "crypto/hmac" - "crypto/sha256" - "encoding/base64" - "encoding/json" - "fmt" - "time" -) - -// blobUploadState captures the state serializable state of the blob upload. -type blobUploadState struct { - // name is the primary repository under which the blob will be linked. - Name string - - // UUID identifies the upload. - UUID string - - // offset contains the current progress of the upload. - Offset int64 - - // StartedAt is the original start time of the upload. - StartedAt time.Time -} - -type hmacKey string - -var errInvalidSecret = fmt.Errorf("invalid secret") - -// unpackUploadState unpacks and validates the blob upload state from the -// token, using the hmacKey secret. -func (secret hmacKey) unpackUploadState(token string) (blobUploadState, error) { - var state blobUploadState - - tokenBytes, err := base64.URLEncoding.DecodeString(token) - if err != nil { - return state, err - } - mac := hmac.New(sha256.New, []byte(secret)) - - if len(tokenBytes) < mac.Size() { - return state, errInvalidSecret - } - - macBytes := tokenBytes[:mac.Size()] - messageBytes := tokenBytes[mac.Size():] - - mac.Write(messageBytes) - if !hmac.Equal(mac.Sum(nil), macBytes) { - return state, errInvalidSecret - } - - if err := json.Unmarshal(messageBytes, &state); err != nil { - return state, err - } - - return state, nil -} - -// packUploadState packs the upload state signed with and hmac digest using -// the hmacKey secret, encoding to url safe base64. The resulting token can be -// used to share data with minimized risk of external tampering. -func (secret hmacKey) packUploadState(lus blobUploadState) (string, error) { - mac := hmac.New(sha256.New, []byte(secret)) - p, err := json.Marshal(lus) - if err != nil { - return "", err - } - - mac.Write(p) - - return base64.URLEncoding.EncodeToString(append(mac.Sum(nil), p...)), nil -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/hmac_test.go b/vendor/github.com/docker/distribution/registry/handlers/hmac_test.go deleted file mode 100644 index 366c7279..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/hmac_test.go +++ /dev/null @@ -1,117 +0,0 @@ -package handlers - -import "testing" - -var blobUploadStates = []blobUploadState{ - { - Name: "hello", - UUID: "abcd-1234-qwer-0987", - Offset: 0, - }, - { - Name: "hello-world", - UUID: "abcd-1234-qwer-0987", - Offset: 0, - }, - { - Name: "h3ll0_w0rld", - UUID: "abcd-1234-qwer-0987", - Offset: 1337, - }, - { - Name: "ABCDEFG", - UUID: "ABCD-1234-QWER-0987", - Offset: 1234567890, - }, - { - Name: "this-is-A-sort-of-Long-name-for-Testing", - UUID: "dead-1234-beef-0987", - Offset: 8675309, - }, -} - -var secrets = []string{ - "supersecret", - "12345", - "a", - "SuperSecret", - "Sup3r... S3cr3t!", - "This is a reasonably long secret key that is used for the purpose of testing.", - "\u2603+\u2744", // snowman+snowflake -} - -// TestLayerUploadTokens constructs stateTokens from LayerUploadStates and -// validates that the tokens can be used to reconstruct the proper upload state. -func TestLayerUploadTokens(t *testing.T) { - secret := hmacKey("supersecret") - - for _, testcase := range blobUploadStates { - token, err := secret.packUploadState(testcase) - if err != nil { - t.Fatal(err) - } - - lus, err := secret.unpackUploadState(token) - if err != nil { - t.Fatal(err) - } - - assertBlobUploadStateEquals(t, testcase, lus) - } -} - -// TestHMACValidate ensures that any HMAC token providers are compatible if and -// only if they share the same secret. -func TestHMACValidation(t *testing.T) { - for _, secret := range secrets { - secret1 := hmacKey(secret) - secret2 := hmacKey(secret) - badSecret := hmacKey("DifferentSecret") - - for _, testcase := range blobUploadStates { - token, err := secret1.packUploadState(testcase) - if err != nil { - t.Fatal(err) - } - - lus, err := secret2.unpackUploadState(token) - if err != nil { - t.Fatal(err) - } - - assertBlobUploadStateEquals(t, testcase, lus) - - _, err = badSecret.unpackUploadState(token) - if err == nil { - t.Fatalf("Expected token provider to fail at retrieving state from token: %s", token) - } - - badToken, err := badSecret.packUploadState(lus) - if err != nil { - t.Fatal(err) - } - - _, err = secret1.unpackUploadState(badToken) - if err == nil { - t.Fatalf("Expected token provider to fail at retrieving state from token: %s", badToken) - } - - _, err = secret2.unpackUploadState(badToken) - if err == nil { - t.Fatalf("Expected token provider to fail at retrieving state from token: %s", badToken) - } - } - } -} - -func assertBlobUploadStateEquals(t *testing.T, expected blobUploadState, received blobUploadState) { - if expected.Name != received.Name { - t.Fatalf("Expected Name=%q, Received Name=%q", expected.Name, received.Name) - } - if expected.UUID != received.UUID { - t.Fatalf("Expected UUID=%q, Received UUID=%q", expected.UUID, received.UUID) - } - if expected.Offset != received.Offset { - t.Fatalf("Expected Offset=%d, Received Offset=%d", expected.Offset, received.Offset) - } -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/hooks.go b/vendor/github.com/docker/distribution/registry/handlers/hooks.go deleted file mode 100644 index 7bbab4f8..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/hooks.go +++ /dev/null @@ -1,53 +0,0 @@ -package handlers - -import ( - "bytes" - "errors" - "fmt" - "strings" - "text/template" - - "github.com/Sirupsen/logrus" -) - -// logHook is for hooking Panic in web application -type logHook struct { - LevelsParam []string - Mail *mailer -} - -// Fire forwards an error to LogHook -func (hook *logHook) Fire(entry *logrus.Entry) error { - addr := strings.Split(hook.Mail.Addr, ":") - if len(addr) != 2 { - return errors.New("Invalid Mail Address") - } - host := addr[0] - subject := fmt.Sprintf("[%s] %s: %s", entry.Level, host, entry.Message) - - html := ` - {{.Message}} - - {{range $key, $value := .Data}} - {{$key}}: {{$value}} - {{end}} - ` - b := bytes.NewBuffer(make([]byte, 0)) - t := template.Must(template.New("mail body").Parse(html)) - if err := t.Execute(b, entry); err != nil { - return err - } - body := fmt.Sprintf("%s", b) - - return hook.Mail.sendMail(subject, body) -} - -// Levels contains hook levels to be catched -func (hook *logHook) Levels() []logrus.Level { - levels := []logrus.Level{} - for _, v := range hook.LevelsParam { - lv, _ := logrus.ParseLevel(v) - levels = append(levels, lv) - } - return levels -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/images.go b/vendor/github.com/docker/distribution/registry/handlers/images.go deleted file mode 100644 index 9518f685..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/images.go +++ /dev/null @@ -1,460 +0,0 @@ -package handlers - -import ( - "bytes" - "fmt" - "net/http" - "strings" - - "github.com/docker/distribution" - ctxu "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest/manifestlist" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/manifest/schema2" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/docker/distribution/registry/auth" - "github.com/gorilla/handlers" -) - -// These constants determine which architecture and OS to choose from a -// manifest list when downconverting it to a schema1 manifest. -const ( - defaultArch = "amd64" - defaultOS = "linux" -) - -// imageManifestDispatcher takes the request context and builds the -// appropriate handler for handling image manifest requests. -func imageManifestDispatcher(ctx *Context, r *http.Request) http.Handler { - imageManifestHandler := &imageManifestHandler{ - Context: ctx, - } - reference := getReference(ctx) - dgst, err := digest.ParseDigest(reference) - if err != nil { - // We just have a tag - imageManifestHandler.Tag = reference - } else { - imageManifestHandler.Digest = dgst - } - - mhandler := handlers.MethodHandler{ - "GET": http.HandlerFunc(imageManifestHandler.GetImageManifest), - "HEAD": http.HandlerFunc(imageManifestHandler.GetImageManifest), - } - - if !ctx.readOnly { - mhandler["PUT"] = http.HandlerFunc(imageManifestHandler.PutImageManifest) - mhandler["DELETE"] = http.HandlerFunc(imageManifestHandler.DeleteImageManifest) - } - - return mhandler -} - -// imageManifestHandler handles http operations on image manifests. -type imageManifestHandler struct { - *Context - - // One of tag or digest gets set, depending on what is present in context. - Tag string - Digest digest.Digest -} - -// GetImageManifest fetches the image manifest from the storage backend, if it exists. -func (imh *imageManifestHandler) GetImageManifest(w http.ResponseWriter, r *http.Request) { - ctxu.GetLogger(imh).Debug("GetImageManifest") - manifests, err := imh.Repository.Manifests(imh) - if err != nil { - imh.Errors = append(imh.Errors, err) - return - } - - var manifest distribution.Manifest - if imh.Tag != "" { - tags := imh.Repository.Tags(imh) - desc, err := tags.Get(imh, imh.Tag) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown.WithDetail(err)) - return - } - imh.Digest = desc.Digest - } - - if etagMatch(r, imh.Digest.String()) { - w.WriteHeader(http.StatusNotModified) - return - } - - var options []distribution.ManifestServiceOption - if imh.Tag != "" { - options = append(options, distribution.WithTag(imh.Tag)) - } - manifest, err = manifests.Get(imh, imh.Digest, options...) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown.WithDetail(err)) - return - } - - supportsSchema2 := false - supportsManifestList := false - // this parsing of Accept headers is not quite as full-featured as godoc.org's parser, but we don't care about "q=" values - // https://github.com/golang/gddo/blob/e91d4165076d7474d20abda83f92d15c7ebc3e81/httputil/header/header.go#L165-L202 - for _, acceptHeader := range r.Header["Accept"] { - // r.Header[...] is a slice in case the request contains the same header more than once - // if the header isn't set, we'll get the zero value, which "range" will handle gracefully - - // we need to split each header value on "," to get the full list of "Accept" values (per RFC 2616) - // https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.1 - for _, mediaType := range strings.Split(acceptHeader, ",") { - // remove "; q=..." if present - if i := strings.Index(mediaType, ";"); i >= 0 { - mediaType = mediaType[:i] - } - - // it's common (but not required) for Accept values to be space separated ("a/b, c/d, e/f") - mediaType = strings.TrimSpace(mediaType) - - if mediaType == schema2.MediaTypeManifest { - supportsSchema2 = true - } - if mediaType == manifestlist.MediaTypeManifestList { - supportsManifestList = true - } - } - } - - schema2Manifest, isSchema2 := manifest.(*schema2.DeserializedManifest) - manifestList, isManifestList := manifest.(*manifestlist.DeserializedManifestList) - - // Only rewrite schema2 manifests when they are being fetched by tag. - // If they are being fetched by digest, we can't return something not - // matching the digest. - if imh.Tag != "" && isSchema2 && !supportsSchema2 { - // Rewrite manifest in schema1 format - ctxu.GetLogger(imh).Infof("rewriting manifest %s in schema1 format to support old client", imh.Digest.String()) - - manifest, err = imh.convertSchema2Manifest(schema2Manifest) - if err != nil { - return - } - } else if imh.Tag != "" && isManifestList && !supportsManifestList { - // Rewrite manifest in schema1 format - ctxu.GetLogger(imh).Infof("rewriting manifest list %s in schema1 format to support old client", imh.Digest.String()) - - // Find the image manifest corresponding to the default - // platform - var manifestDigest digest.Digest - for _, manifestDescriptor := range manifestList.Manifests { - if manifestDescriptor.Platform.Architecture == defaultArch && manifestDescriptor.Platform.OS == defaultOS { - manifestDigest = manifestDescriptor.Digest - break - } - } - - if manifestDigest == "" { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown) - return - } - - manifest, err = manifests.Get(imh, manifestDigest) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown.WithDetail(err)) - return - } - - // If necessary, convert the image manifest - if schema2Manifest, isSchema2 := manifest.(*schema2.DeserializedManifest); isSchema2 && !supportsSchema2 { - manifest, err = imh.convertSchema2Manifest(schema2Manifest) - if err != nil { - return - } - } - } - - ct, p, err := manifest.Payload() - if err != nil { - return - } - - w.Header().Set("Content-Type", ct) - w.Header().Set("Content-Length", fmt.Sprint(len(p))) - w.Header().Set("Docker-Content-Digest", imh.Digest.String()) - w.Header().Set("Etag", fmt.Sprintf(`"%s"`, imh.Digest)) - w.Write(p) -} - -func (imh *imageManifestHandler) convertSchema2Manifest(schema2Manifest *schema2.DeserializedManifest) (distribution.Manifest, error) { - targetDescriptor := schema2Manifest.Target() - blobs := imh.Repository.Blobs(imh) - configJSON, err := blobs.Get(imh, targetDescriptor.Digest) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestInvalid.WithDetail(err)) - return nil, err - } - - ref := imh.Repository.Named() - - if imh.Tag != "" { - ref, err = reference.WithTag(ref, imh.Tag) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeTagInvalid.WithDetail(err)) - return nil, err - } - } - - builder := schema1.NewConfigManifestBuilder(imh.Repository.Blobs(imh), imh.Context.App.trustKey, ref, configJSON) - for _, d := range schema2Manifest.Layers { - if err := builder.AppendReference(d); err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestInvalid.WithDetail(err)) - return nil, err - } - } - manifest, err := builder.Build(imh) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestInvalid.WithDetail(err)) - return nil, err - } - imh.Digest = digest.FromBytes(manifest.(*schema1.SignedManifest).Canonical) - - return manifest, nil -} - -func etagMatch(r *http.Request, etag string) bool { - for _, headerVal := range r.Header["If-None-Match"] { - if headerVal == etag || headerVal == fmt.Sprintf(`"%s"`, etag) { // allow quoted or unquoted - return true - } - } - return false -} - -// PutImageManifest validates and stores an image in the registry. -func (imh *imageManifestHandler) PutImageManifest(w http.ResponseWriter, r *http.Request) { - ctxu.GetLogger(imh).Debug("PutImageManifest") - manifests, err := imh.Repository.Manifests(imh) - if err != nil { - imh.Errors = append(imh.Errors, err) - return - } - - var jsonBuf bytes.Buffer - if err := copyFullPayload(w, r, &jsonBuf, imh, "image manifest PUT", &imh.Errors); err != nil { - // copyFullPayload reports the error if necessary - return - } - - mediaType := r.Header.Get("Content-Type") - manifest, desc, err := distribution.UnmarshalManifest(mediaType, jsonBuf.Bytes()) - if err != nil { - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestInvalid.WithDetail(err)) - return - } - - if imh.Digest != "" { - if desc.Digest != imh.Digest { - ctxu.GetLogger(imh).Errorf("payload digest does match: %q != %q", desc.Digest, imh.Digest) - imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid) - return - } - } else if imh.Tag != "" { - imh.Digest = desc.Digest - } else { - imh.Errors = append(imh.Errors, v2.ErrorCodeTagInvalid.WithDetail("no tag or digest specified")) - return - } - - var options []distribution.ManifestServiceOption - if imh.Tag != "" { - options = append(options, distribution.WithTag(imh.Tag)) - } - - if err := imh.applyResourcePolicy(manifest); err != nil { - imh.Errors = append(imh.Errors, err) - return - } - - _, err = manifests.Put(imh, manifest, options...) - if err != nil { - // TODO(stevvooe): These error handling switches really need to be - // handled by an app global mapper. - if err == distribution.ErrUnsupported { - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnsupported) - return - } - if err == distribution.ErrAccessDenied { - imh.Errors = append(imh.Errors, errcode.ErrorCodeDenied) - return - } - switch err := err.(type) { - case distribution.ErrManifestVerification: - for _, verificationError := range err { - switch verificationError := verificationError.(type) { - case distribution.ErrManifestBlobUnknown: - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestBlobUnknown.WithDetail(verificationError.Digest)) - case distribution.ErrManifestNameInvalid: - imh.Errors = append(imh.Errors, v2.ErrorCodeNameInvalid.WithDetail(err)) - case distribution.ErrManifestUnverified: - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnverified) - default: - if verificationError == digest.ErrDigestInvalidFormat { - imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid) - } else { - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown, verificationError) - } - } - } - case errcode.Error: - imh.Errors = append(imh.Errors, err) - default: - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - - return - } - - // Tag this manifest - if imh.Tag != "" { - tags := imh.Repository.Tags(imh) - err = tags.Tag(imh, imh.Tag, desc) - if err != nil { - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - - } - - // Construct a canonical url for the uploaded manifest. - ref, err := reference.WithDigest(imh.Repository.Named(), imh.Digest) - if err != nil { - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } - - location, err := imh.urlBuilder.BuildManifestURL(ref) - if err != nil { - // NOTE(stevvooe): Given the behavior above, this absurdly unlikely to - // happen. We'll log the error here but proceed as if it worked. Worst - // case, we set an empty location header. - ctxu.GetLogger(imh).Errorf("error building manifest url from digest: %v", err) - } - - w.Header().Set("Location", location) - w.Header().Set("Docker-Content-Digest", imh.Digest.String()) - w.WriteHeader(http.StatusCreated) -} - -// applyResourcePolicy checks whether the resource class matches what has -// been authorized and allowed by the policy configuration. -func (imh *imageManifestHandler) applyResourcePolicy(manifest distribution.Manifest) error { - allowedClasses := imh.App.Config.Policy.Repository.Classes - if len(allowedClasses) == 0 { - return nil - } - - var class string - switch m := manifest.(type) { - case *schema1.SignedManifest: - class = "image" - case *schema2.DeserializedManifest: - switch m.Config.MediaType { - case schema2.MediaTypeConfig: - class = "image" - case schema2.MediaTypePluginConfig: - class = "plugin" - default: - message := fmt.Sprintf("unknown manifest class for %s", m.Config.MediaType) - return errcode.ErrorCodeDenied.WithMessage(message) - } - } - - if class == "" { - return nil - } - - // Check to see if class is allowed in registry - var allowedClass bool - for _, c := range allowedClasses { - if class == c { - allowedClass = true - break - } - } - if !allowedClass { - message := fmt.Sprintf("registry does not allow %s manifest", class) - return errcode.ErrorCodeDenied.WithMessage(message) - } - - resources := auth.AuthorizedResources(imh) - n := imh.Repository.Named().Name() - - var foundResource bool - for _, r := range resources { - if r.Name == n { - if r.Class == "" { - r.Class = "image" - } - if r.Class == class { - return nil - } - foundResource = true - } - } - - // resource was found but no matching class was found - if foundResource { - message := fmt.Sprintf("repository not authorized for %s manifest", class) - return errcode.ErrorCodeDenied.WithMessage(message) - } - - return nil - -} - -// DeleteImageManifest removes the manifest with the given digest from the registry. -func (imh *imageManifestHandler) DeleteImageManifest(w http.ResponseWriter, r *http.Request) { - ctxu.GetLogger(imh).Debug("DeleteImageManifest") - - manifests, err := imh.Repository.Manifests(imh) - if err != nil { - imh.Errors = append(imh.Errors, err) - return - } - - err = manifests.Delete(imh, imh.Digest) - if err != nil { - switch err { - case digest.ErrDigestUnsupported: - case digest.ErrDigestInvalidFormat: - imh.Errors = append(imh.Errors, v2.ErrorCodeDigestInvalid) - return - case distribution.ErrBlobUnknown: - imh.Errors = append(imh.Errors, v2.ErrorCodeManifestUnknown) - return - case distribution.ErrUnsupported: - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnsupported) - return - default: - imh.Errors = append(imh.Errors, errcode.ErrorCodeUnknown) - return - } - } - - tagService := imh.Repository.Tags(imh) - referencedTags, err := tagService.Lookup(imh, distribution.Descriptor{Digest: imh.Digest}) - if err != nil { - imh.Errors = append(imh.Errors, err) - return - } - - for _, tag := range referencedTags { - if err := tagService.Untag(imh, tag); err != nil { - imh.Errors = append(imh.Errors, err) - return - } - } - - w.WriteHeader(http.StatusAccepted) -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/mail.go b/vendor/github.com/docker/distribution/registry/handlers/mail.go deleted file mode 100644 index 39244909..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/mail.go +++ /dev/null @@ -1,45 +0,0 @@ -package handlers - -import ( - "errors" - "net/smtp" - "strings" -) - -// mailer provides fields of email configuration for sending. -type mailer struct { - Addr, Username, Password, From string - Insecure bool - To []string -} - -// sendMail allows users to send email, only if mail parameters is configured correctly. -func (mail *mailer) sendMail(subject, message string) error { - addr := strings.Split(mail.Addr, ":") - if len(addr) != 2 { - return errors.New("Invalid Mail Address") - } - host := addr[0] - msg := []byte("To:" + strings.Join(mail.To, ";") + - "\r\nFrom: " + mail.From + - "\r\nSubject: " + subject + - "\r\nContent-Type: text/plain\r\n\r\n" + - message) - auth := smtp.PlainAuth( - "", - mail.Username, - mail.Password, - host, - ) - err := smtp.SendMail( - mail.Addr, - auth, - mail.From, - mail.To, - []byte(msg), - ) - if err != nil { - return err - } - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/handlers/tags.go b/vendor/github.com/docker/distribution/registry/handlers/tags.go deleted file mode 100644 index 91f1031e..00000000 --- a/vendor/github.com/docker/distribution/registry/handlers/tags.go +++ /dev/null @@ -1,62 +0,0 @@ -package handlers - -import ( - "encoding/json" - "net/http" - - "github.com/docker/distribution" - "github.com/docker/distribution/registry/api/errcode" - "github.com/docker/distribution/registry/api/v2" - "github.com/gorilla/handlers" -) - -// tagsDispatcher constructs the tags handler api endpoint. -func tagsDispatcher(ctx *Context, r *http.Request) http.Handler { - tagsHandler := &tagsHandler{ - Context: ctx, - } - - return handlers.MethodHandler{ - "GET": http.HandlerFunc(tagsHandler.GetTags), - } -} - -// tagsHandler handles requests for lists of tags under a repository name. -type tagsHandler struct { - *Context -} - -type tagsAPIResponse struct { - Name string `json:"name"` - Tags []string `json:"tags"` -} - -// GetTags returns a json list of tags for a specific image name. -func (th *tagsHandler) GetTags(w http.ResponseWriter, r *http.Request) { - defer r.Body.Close() - - tagService := th.Repository.Tags(th) - tags, err := tagService.All(th) - if err != nil { - switch err := err.(type) { - case distribution.ErrRepositoryUnknown: - th.Errors = append(th.Errors, v2.ErrorCodeNameUnknown.WithDetail(map[string]string{"name": th.Repository.Named().Name()})) - case errcode.Error: - th.Errors = append(th.Errors, err) - default: - th.Errors = append(th.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - } - return - } - - w.Header().Set("Content-Type", "application/json; charset=utf-8") - - enc := json.NewEncoder(w) - if err := enc.Encode(tagsAPIResponse{ - Name: th.Repository.Named().Name(), - Tags: tags, - }); err != nil { - th.Errors = append(th.Errors, errcode.ErrorCodeUnknown.WithDetail(err)) - return - } -} diff --git a/vendor/github.com/docker/distribution/registry/listener/listener.go b/vendor/github.com/docker/distribution/registry/listener/listener.go deleted file mode 100644 index b93a7a63..00000000 --- a/vendor/github.com/docker/distribution/registry/listener/listener.go +++ /dev/null @@ -1,74 +0,0 @@ -package listener - -import ( - "fmt" - "net" - "os" - "time" -) - -// tcpKeepAliveListener sets TCP keep-alive timeouts on accepted -// connections. It's used by ListenAndServe and ListenAndServeTLS so -// dead TCP connections (e.g. closing laptop mid-download) eventually -// go away. -// it is a plain copy-paste from net/http/server.go -type tcpKeepAliveListener struct { - *net.TCPListener -} - -func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) { - tc, err := ln.AcceptTCP() - if err != nil { - return - } - tc.SetKeepAlive(true) - tc.SetKeepAlivePeriod(3 * time.Minute) - return tc, nil -} - -// NewListener announces on laddr and net. Accepted values of the net are -// 'unix' and 'tcp' -func NewListener(net, laddr string) (net.Listener, error) { - switch net { - case "unix": - return newUnixListener(laddr) - case "tcp", "": // an empty net means tcp - return newTCPListener(laddr) - default: - return nil, fmt.Errorf("unknown address type %s", net) - } -} - -func newUnixListener(laddr string) (net.Listener, error) { - fi, err := os.Stat(laddr) - if err == nil { - // the file exists. - // try to remove it if it's a socket - if !isSocket(fi.Mode()) { - return nil, fmt.Errorf("file %s exists and is not a socket", laddr) - } - - if err := os.Remove(laddr); err != nil { - return nil, err - } - } else if !os.IsNotExist(err) { - // we can't do stat on the file. - // it means we can not remove it - return nil, err - } - - return net.Listen("unix", laddr) -} - -func isSocket(m os.FileMode) bool { - return m&os.ModeSocket != 0 -} - -func newTCPListener(laddr string) (net.Listener, error) { - ln, err := net.Listen("tcp", laddr) - if err != nil { - return nil, err - } - - return tcpKeepAliveListener{ln.(*net.TCPListener)}, nil -} diff --git a/vendor/github.com/docker/distribution/registry/middleware/registry/middleware.go b/vendor/github.com/docker/distribution/registry/middleware/registry/middleware.go deleted file mode 100644 index 3e6e5cc7..00000000 --- a/vendor/github.com/docker/distribution/registry/middleware/registry/middleware.go +++ /dev/null @@ -1,54 +0,0 @@ -package middleware - -import ( - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/storage" -) - -// InitFunc is the type of a RegistryMiddleware factory function and is -// used to register the constructor for different RegistryMiddleware backends. -type InitFunc func(ctx context.Context, registry distribution.Namespace, options map[string]interface{}) (distribution.Namespace, error) - -var middlewares map[string]InitFunc -var registryoptions []storage.RegistryOption - -// Register is used to register an InitFunc for -// a RegistryMiddleware backend with the given name. -func Register(name string, initFunc InitFunc) error { - if middlewares == nil { - middlewares = make(map[string]InitFunc) - } - if _, exists := middlewares[name]; exists { - return fmt.Errorf("name already registered: %s", name) - } - - middlewares[name] = initFunc - - return nil -} - -// Get constructs a RegistryMiddleware with the given options using the named backend. -func Get(ctx context.Context, name string, options map[string]interface{}, registry distribution.Namespace) (distribution.Namespace, error) { - if middlewares != nil { - if initFunc, exists := middlewares[name]; exists { - return initFunc(ctx, registry, options) - } - } - - return nil, fmt.Errorf("no registry middleware registered with name: %s", name) -} - -// RegisterOptions adds more options to RegistryOption list. Options get applied before -// any other configuration-based options. -func RegisterOptions(options ...storage.RegistryOption) error { - registryoptions = append(registryoptions, options...) - return nil -} - -// GetRegistryOptions returns list of RegistryOption. -func GetRegistryOptions() []storage.RegistryOption { - return registryoptions -} diff --git a/vendor/github.com/docker/distribution/registry/middleware/repository/middleware.go b/vendor/github.com/docker/distribution/registry/middleware/repository/middleware.go deleted file mode 100644 index 27b42aec..00000000 --- a/vendor/github.com/docker/distribution/registry/middleware/repository/middleware.go +++ /dev/null @@ -1,40 +0,0 @@ -package middleware - -import ( - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" -) - -// InitFunc is the type of a RepositoryMiddleware factory function and is -// used to register the constructor for different RepositoryMiddleware backends. -type InitFunc func(ctx context.Context, repository distribution.Repository, options map[string]interface{}) (distribution.Repository, error) - -var middlewares map[string]InitFunc - -// Register is used to register an InitFunc for -// a RepositoryMiddleware backend with the given name. -func Register(name string, initFunc InitFunc) error { - if middlewares == nil { - middlewares = make(map[string]InitFunc) - } - if _, exists := middlewares[name]; exists { - return fmt.Errorf("name already registered: %s", name) - } - - middlewares[name] = initFunc - - return nil -} - -// Get constructs a RepositoryMiddleware with the given options using the named backend. -func Get(ctx context.Context, name string, options map[string]interface{}, repository distribution.Repository) (distribution.Repository, error) { - if middlewares != nil { - if initFunc, exists := middlewares[name]; exists { - return initFunc(ctx, repository, options) - } - } - - return nil, fmt.Errorf("no repository middleware registered with name: %s", name) -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxyauth.go b/vendor/github.com/docker/distribution/registry/proxy/proxyauth.go deleted file mode 100644 index 7b405afc..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxyauth.go +++ /dev/null @@ -1,87 +0,0 @@ -package proxy - -import ( - "net/http" - "net/url" - "strings" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/client/auth" - "github.com/docker/distribution/registry/client/auth/challenge" -) - -const challengeHeader = "Docker-Distribution-Api-Version" - -type userpass struct { - username string - password string -} - -type credentials struct { - creds map[string]userpass -} - -func (c credentials) Basic(u *url.URL) (string, string) { - up := c.creds[u.String()] - - return up.username, up.password -} - -func (c credentials) RefreshToken(u *url.URL, service string) string { - return "" -} - -func (c credentials) SetRefreshToken(u *url.URL, service, token string) { -} - -// configureAuth stores credentials for challenge responses -func configureAuth(username, password, remoteURL string) (auth.CredentialStore, error) { - creds := map[string]userpass{} - - authURLs, err := getAuthURLs(remoteURL) - if err != nil { - return nil, err - } - - for _, url := range authURLs { - context.GetLogger(context.Background()).Infof("Discovered token authentication URL: %s", url) - creds[url] = userpass{ - username: username, - password: password, - } - } - - return credentials{creds: creds}, nil -} - -func getAuthURLs(remoteURL string) ([]string, error) { - authURLs := []string{} - - resp, err := http.Get(remoteURL + "/v2/") - if err != nil { - return nil, err - } - defer resp.Body.Close() - - for _, c := range challenge.ResponseChallenges(resp) { - if strings.EqualFold(c.Scheme, "bearer") { - authURLs = append(authURLs, c.Parameters["realm"]) - } - } - - return authURLs, nil -} - -func ping(manager challenge.Manager, endpoint, versionHeader string) error { - resp, err := http.Get(endpoint) - if err != nil { - return err - } - defer resp.Body.Close() - - if err := manager.AddResponse(resp); err != nil { - return err - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxyblobstore.go b/vendor/github.com/docker/distribution/registry/proxy/proxyblobstore.go deleted file mode 100644 index 6cd57213..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxyblobstore.go +++ /dev/null @@ -1,224 +0,0 @@ -package proxy - -import ( - "io" - "net/http" - "strconv" - "sync" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/proxy/scheduler" -) - -// todo(richardscothern): from cache control header or config file -const blobTTL = time.Duration(24 * 7 * time.Hour) - -type proxyBlobStore struct { - localStore distribution.BlobStore - remoteStore distribution.BlobService - scheduler *scheduler.TTLExpirationScheduler - repositoryName reference.Named - authChallenger authChallenger -} - -var _ distribution.BlobStore = &proxyBlobStore{} - -// inflight tracks currently downloading blobs -var inflight = make(map[digest.Digest]struct{}) - -// mu protects inflight -var mu sync.Mutex - -func setResponseHeaders(w http.ResponseWriter, length int64, mediaType string, digest digest.Digest) { - w.Header().Set("Content-Length", strconv.FormatInt(length, 10)) - w.Header().Set("Content-Type", mediaType) - w.Header().Set("Docker-Content-Digest", digest.String()) - w.Header().Set("Etag", digest.String()) -} - -func (pbs *proxyBlobStore) copyContent(ctx context.Context, dgst digest.Digest, writer io.Writer) (distribution.Descriptor, error) { - desc, err := pbs.remoteStore.Stat(ctx, dgst) - if err != nil { - return distribution.Descriptor{}, err - } - - if w, ok := writer.(http.ResponseWriter); ok { - setResponseHeaders(w, desc.Size, desc.MediaType, dgst) - } - - remoteReader, err := pbs.remoteStore.Open(ctx, dgst) - if err != nil { - return distribution.Descriptor{}, err - } - - defer remoteReader.Close() - - _, err = io.CopyN(writer, remoteReader, desc.Size) - if err != nil { - return distribution.Descriptor{}, err - } - - proxyMetrics.BlobPush(uint64(desc.Size)) - - return desc, nil -} - -func (pbs *proxyBlobStore) serveLocal(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) (bool, error) { - localDesc, err := pbs.localStore.Stat(ctx, dgst) - if err != nil { - // Stat can report a zero sized file here if it's checked between creation - // and population. Return nil error, and continue - return false, nil - } - - if err == nil { - proxyMetrics.BlobPush(uint64(localDesc.Size)) - return true, pbs.localStore.ServeBlob(ctx, w, r, dgst) - } - - return false, nil - -} - -func (pbs *proxyBlobStore) storeLocal(ctx context.Context, dgst digest.Digest) error { - defer func() { - mu.Lock() - delete(inflight, dgst) - mu.Unlock() - }() - - var desc distribution.Descriptor - var err error - var bw distribution.BlobWriter - - bw, err = pbs.localStore.Create(ctx) - if err != nil { - return err - } - - desc, err = pbs.copyContent(ctx, dgst, bw) - if err != nil { - return err - } - - _, err = bw.Commit(ctx, desc) - if err != nil { - return err - } - - return nil -} - -func (pbs *proxyBlobStore) ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error { - served, err := pbs.serveLocal(ctx, w, r, dgst) - if err != nil { - context.GetLogger(ctx).Errorf("Error serving blob from local storage: %s", err.Error()) - return err - } - - if served { - return nil - } - - if err := pbs.authChallenger.tryEstablishChallenges(ctx); err != nil { - return err - } - - mu.Lock() - _, ok := inflight[dgst] - if ok { - mu.Unlock() - _, err := pbs.copyContent(ctx, dgst, w) - return err - } - inflight[dgst] = struct{}{} - mu.Unlock() - - go func(dgst digest.Digest) { - if err := pbs.storeLocal(ctx, dgst); err != nil { - context.GetLogger(ctx).Errorf("Error committing to storage: %s", err.Error()) - } - - blobRef, err := reference.WithDigest(pbs.repositoryName, dgst) - if err != nil { - context.GetLogger(ctx).Errorf("Error creating reference: %s", err) - return - } - - pbs.scheduler.AddBlob(blobRef, repositoryTTL) - }(dgst) - - _, err = pbs.copyContent(ctx, dgst, w) - if err != nil { - return err - } - return nil -} - -func (pbs *proxyBlobStore) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - desc, err := pbs.localStore.Stat(ctx, dgst) - if err == nil { - return desc, err - } - - if err != distribution.ErrBlobUnknown { - return distribution.Descriptor{}, err - } - - if err := pbs.authChallenger.tryEstablishChallenges(ctx); err != nil { - return distribution.Descriptor{}, err - } - - return pbs.remoteStore.Stat(ctx, dgst) -} - -func (pbs *proxyBlobStore) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - blob, err := pbs.localStore.Get(ctx, dgst) - if err == nil { - return blob, nil - } - - if err := pbs.authChallenger.tryEstablishChallenges(ctx); err != nil { - return []byte{}, err - } - - blob, err = pbs.remoteStore.Get(ctx, dgst) - if err != nil { - return []byte{}, err - } - - _, err = pbs.localStore.Put(ctx, "", blob) - if err != nil { - return []byte{}, err - } - return blob, nil -} - -// Unsupported functions -func (pbs *proxyBlobStore) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - return distribution.Descriptor{}, distribution.ErrUnsupported -} - -func (pbs *proxyBlobStore) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - return nil, distribution.ErrUnsupported -} - -func (pbs *proxyBlobStore) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - return nil, distribution.ErrUnsupported -} - -func (pbs *proxyBlobStore) Mount(ctx context.Context, sourceRepo reference.Named, dgst digest.Digest) (distribution.Descriptor, error) { - return distribution.Descriptor{}, distribution.ErrUnsupported -} - -func (pbs *proxyBlobStore) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - return nil, distribution.ErrUnsupported -} - -func (pbs *proxyBlobStore) Delete(ctx context.Context, dgst digest.Digest) error { - return distribution.ErrUnsupported -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxyblobstore_test.go b/vendor/github.com/docker/distribution/registry/proxy/proxyblobstore_test.go deleted file mode 100644 index 8e3a0692..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxyblobstore_test.go +++ /dev/null @@ -1,416 +0,0 @@ -package proxy - -import ( - "io/ioutil" - "math/rand" - "net/http" - "net/http/httptest" - "sync" - "testing" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/proxy/scheduler" - "github.com/docker/distribution/registry/storage" - "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver/filesystem" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -var sbsMu sync.Mutex - -type statsBlobStore struct { - stats map[string]int - blobs distribution.BlobStore -} - -func (sbs statsBlobStore) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - sbsMu.Lock() - sbs.stats["put"]++ - sbsMu.Unlock() - - return sbs.blobs.Put(ctx, mediaType, p) -} - -func (sbs statsBlobStore) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - sbsMu.Lock() - sbs.stats["get"]++ - sbsMu.Unlock() - - return sbs.blobs.Get(ctx, dgst) -} - -func (sbs statsBlobStore) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - sbsMu.Lock() - sbs.stats["create"]++ - sbsMu.Unlock() - - return sbs.blobs.Create(ctx, options...) -} - -func (sbs statsBlobStore) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - sbsMu.Lock() - sbs.stats["resume"]++ - sbsMu.Unlock() - - return sbs.blobs.Resume(ctx, id) -} - -func (sbs statsBlobStore) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - sbsMu.Lock() - sbs.stats["open"]++ - sbsMu.Unlock() - - return sbs.blobs.Open(ctx, dgst) -} - -func (sbs statsBlobStore) ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error { - sbsMu.Lock() - sbs.stats["serveblob"]++ - sbsMu.Unlock() - - return sbs.blobs.ServeBlob(ctx, w, r, dgst) -} - -func (sbs statsBlobStore) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - - sbsMu.Lock() - sbs.stats["stat"]++ - sbsMu.Unlock() - - return sbs.blobs.Stat(ctx, dgst) -} - -func (sbs statsBlobStore) Delete(ctx context.Context, dgst digest.Digest) error { - sbsMu.Lock() - sbs.stats["delete"]++ - sbsMu.Unlock() - - return sbs.blobs.Delete(ctx, dgst) -} - -type testEnv struct { - numUnique int - inRemote []distribution.Descriptor - store proxyBlobStore - ctx context.Context -} - -func (te *testEnv) LocalStats() *map[string]int { - sbsMu.Lock() - ls := te.store.localStore.(statsBlobStore).stats - sbsMu.Unlock() - return &ls -} - -func (te *testEnv) RemoteStats() *map[string]int { - sbsMu.Lock() - rs := te.store.remoteStore.(statsBlobStore).stats - sbsMu.Unlock() - return &rs -} - -// Populate remote store and record the digests -func makeTestEnv(t *testing.T, name string) *testEnv { - nameRef, err := reference.ParseNamed(name) - if err != nil { - t.Fatalf("unable to parse reference: %s", err) - } - - ctx := context.Background() - - truthDir, err := ioutil.TempDir("", "truth") - if err != nil { - t.Fatalf("unable to create tempdir: %s", err) - } - - cacheDir, err := ioutil.TempDir("", "cache") - if err != nil { - t.Fatalf("unable to create tempdir: %s", err) - } - - localDriver, err := filesystem.FromParameters(map[string]interface{}{ - "rootdirectory": truthDir, - }) - if err != nil { - t.Fatalf("unable to create filesystem driver: %s", err) - } - - // todo: create a tempfile area here - localRegistry, err := storage.NewRegistry(ctx, localDriver, storage.BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), storage.EnableRedirect, storage.DisableDigestResumption) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - localRepo, err := localRegistry.Repository(ctx, nameRef) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - - cacheDriver, err := filesystem.FromParameters(map[string]interface{}{ - "rootdirectory": cacheDir, - }) - if err != nil { - t.Fatalf("unable to create filesystem driver: %s", err) - } - - truthRegistry, err := storage.NewRegistry(ctx, cacheDriver, storage.BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider())) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - truthRepo, err := truthRegistry.Repository(ctx, nameRef) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - - truthBlobs := statsBlobStore{ - stats: make(map[string]int), - blobs: truthRepo.Blobs(ctx), - } - - localBlobs := statsBlobStore{ - stats: make(map[string]int), - blobs: localRepo.Blobs(ctx), - } - - s := scheduler.New(ctx, inmemory.New(), "/scheduler-state.json") - - proxyBlobStore := proxyBlobStore{ - repositoryName: nameRef, - remoteStore: truthBlobs, - localStore: localBlobs, - scheduler: s, - authChallenger: &mockChallenger{}, - } - - te := &testEnv{ - store: proxyBlobStore, - ctx: ctx, - } - return te -} - -func makeBlob(size int) []byte { - blob := make([]byte, size, size) - for i := 0; i < size; i++ { - blob[i] = byte('A' + rand.Int()%48) - } - return blob -} - -func init() { - rand.Seed(42) -} - -func perm(m []distribution.Descriptor) []distribution.Descriptor { - for i := 0; i < len(m); i++ { - j := rand.Intn(i + 1) - tmp := m[i] - m[i] = m[j] - m[j] = tmp - } - return m -} - -func populate(t *testing.T, te *testEnv, blobCount, size, numUnique int) { - var inRemote []distribution.Descriptor - - for i := 0; i < numUnique; i++ { - bytes := makeBlob(size) - for j := 0; j < blobCount/numUnique; j++ { - desc, err := te.store.remoteStore.Put(te.ctx, "", bytes) - if err != nil { - t.Fatalf("Put in store") - } - - inRemote = append(inRemote, desc) - } - } - - te.inRemote = inRemote - te.numUnique = numUnique -} -func TestProxyStoreGet(t *testing.T) { - te := makeTestEnv(t, "foo/bar") - - localStats := te.LocalStats() - remoteStats := te.RemoteStats() - - populate(t, te, 1, 10, 1) - _, err := te.store.Get(te.ctx, te.inRemote[0].Digest) - if err != nil { - t.Fatal(err) - } - - if (*localStats)["get"] != 1 && (*localStats)["put"] != 1 { - t.Errorf("Unexpected local counts") - } - - if (*remoteStats)["get"] != 1 { - t.Errorf("Unexpected remote get count") - } - - _, err = te.store.Get(te.ctx, te.inRemote[0].Digest) - if err != nil { - t.Fatal(err) - } - - if (*localStats)["get"] != 2 && (*localStats)["put"] != 1 { - t.Errorf("Unexpected local counts") - } - - if (*remoteStats)["get"] != 1 { - t.Errorf("Unexpected remote get count") - } - -} - -func TestProxyStoreStat(t *testing.T) { - te := makeTestEnv(t, "foo/bar") - - remoteBlobCount := 1 - populate(t, te, remoteBlobCount, 10, 1) - - localStats := te.LocalStats() - remoteStats := te.RemoteStats() - - // Stat - touches both stores - for _, d := range te.inRemote { - _, err := te.store.Stat(te.ctx, d.Digest) - if err != nil { - t.Fatalf("Error stating proxy store") - } - } - - if (*localStats)["stat"] != remoteBlobCount { - t.Errorf("Unexpected local stat count") - } - - if (*remoteStats)["stat"] != remoteBlobCount { - t.Errorf("Unexpected remote stat count") - } - - if te.store.authChallenger.(*mockChallenger).count != len(te.inRemote) { - t.Fatalf("Unexpected auth challenge count, got %#v", te.store.authChallenger) - } - -} - -func TestProxyStoreServeHighConcurrency(t *testing.T) { - te := makeTestEnv(t, "foo/bar") - blobSize := 200 - blobCount := 10 - numUnique := 1 - populate(t, te, blobCount, blobSize, numUnique) - - numClients := 16 - testProxyStoreServe(t, te, numClients) -} - -func TestProxyStoreServeMany(t *testing.T) { - te := makeTestEnv(t, "foo/bar") - blobSize := 200 - blobCount := 10 - numUnique := 4 - populate(t, te, blobCount, blobSize, numUnique) - - numClients := 4 - testProxyStoreServe(t, te, numClients) -} - -// todo(richardscothern): blobCount must be smaller than num clients -func TestProxyStoreServeBig(t *testing.T) { - te := makeTestEnv(t, "foo/bar") - - blobSize := 2 << 20 - blobCount := 4 - numUnique := 2 - populate(t, te, blobCount, blobSize, numUnique) - - numClients := 4 - testProxyStoreServe(t, te, numClients) -} - -// testProxyStoreServe will create clients to consume all blobs -// populated in the truth store -func testProxyStoreServe(t *testing.T, te *testEnv, numClients int) { - localStats := te.LocalStats() - remoteStats := te.RemoteStats() - - var wg sync.WaitGroup - - for i := 0; i < numClients; i++ { - // Serveblob - pulls through blobs - wg.Add(1) - go func() { - defer wg.Done() - for _, remoteBlob := range te.inRemote { - w := httptest.NewRecorder() - r, err := http.NewRequest("GET", "", nil) - if err != nil { - t.Fatal(err) - } - - err = te.store.ServeBlob(te.ctx, w, r, remoteBlob.Digest) - if err != nil { - t.Fatalf(err.Error()) - } - - bodyBytes := w.Body.Bytes() - localDigest := digest.FromBytes(bodyBytes) - if localDigest != remoteBlob.Digest { - t.Fatalf("Mismatching blob fetch from proxy") - } - } - }() - } - - wg.Wait() - - remoteBlobCount := len(te.inRemote) - sbsMu.Lock() - if (*localStats)["stat"] != remoteBlobCount*numClients && (*localStats)["create"] != te.numUnique { - sbsMu.Unlock() - t.Fatal("Expected: stat:", remoteBlobCount*numClients, "create:", remoteBlobCount) - } - sbsMu.Unlock() - - // Wait for any async storage goroutines to finish - time.Sleep(3 * time.Second) - - sbsMu.Lock() - remoteStatCount := (*remoteStats)["stat"] - remoteOpenCount := (*remoteStats)["open"] - sbsMu.Unlock() - - // Serveblob - blobs come from local - for _, dr := range te.inRemote { - w := httptest.NewRecorder() - r, err := http.NewRequest("GET", "", nil) - if err != nil { - t.Fatal(err) - } - - err = te.store.ServeBlob(te.ctx, w, r, dr.Digest) - if err != nil { - t.Fatalf(err.Error()) - } - - dl := digest.FromBytes(w.Body.Bytes()) - if dl != dr.Digest { - t.Errorf("Mismatching blob fetch from proxy") - } - } - - localStats = te.LocalStats() - remoteStats = te.RemoteStats() - - // Ensure remote unchanged - sbsMu.Lock() - defer sbsMu.Unlock() - if (*remoteStats)["stat"] != remoteStatCount && (*remoteStats)["open"] != remoteOpenCount { - t.Fatalf("unexpected remote stats: %#v", remoteStats) - } -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore.go b/vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore.go deleted file mode 100644 index f08e285d..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore.go +++ /dev/null @@ -1,95 +0,0 @@ -package proxy - -import ( - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/proxy/scheduler" -) - -// todo(richardscothern): from cache control header or config -const repositoryTTL = time.Duration(24 * 7 * time.Hour) - -type proxyManifestStore struct { - ctx context.Context - localManifests distribution.ManifestService - remoteManifests distribution.ManifestService - repositoryName reference.Named - scheduler *scheduler.TTLExpirationScheduler - authChallenger authChallenger -} - -var _ distribution.ManifestService = &proxyManifestStore{} - -func (pms proxyManifestStore) Exists(ctx context.Context, dgst digest.Digest) (bool, error) { - exists, err := pms.localManifests.Exists(ctx, dgst) - if err != nil { - return false, err - } - if exists { - return true, nil - } - if err := pms.authChallenger.tryEstablishChallenges(ctx); err != nil { - return false, err - } - return pms.remoteManifests.Exists(ctx, dgst) -} - -func (pms proxyManifestStore) Get(ctx context.Context, dgst digest.Digest, options ...distribution.ManifestServiceOption) (distribution.Manifest, error) { - // At this point `dgst` was either specified explicitly, or returned by the - // tagstore with the most recent association. - var fromRemote bool - manifest, err := pms.localManifests.Get(ctx, dgst, options...) - if err != nil { - if err := pms.authChallenger.tryEstablishChallenges(ctx); err != nil { - return nil, err - } - - manifest, err = pms.remoteManifests.Get(ctx, dgst, options...) - if err != nil { - return nil, err - } - fromRemote = true - } - - _, payload, err := manifest.Payload() - if err != nil { - return nil, err - } - - proxyMetrics.ManifestPush(uint64(len(payload))) - if fromRemote { - proxyMetrics.ManifestPull(uint64(len(payload))) - - _, err = pms.localManifests.Put(ctx, manifest) - if err != nil { - return nil, err - } - - // Schedule the manifest blob for removal - repoBlob, err := reference.WithDigest(pms.repositoryName, dgst) - if err != nil { - context.GetLogger(ctx).Errorf("Error creating reference: %s", err) - return nil, err - } - - pms.scheduler.AddManifest(repoBlob, repositoryTTL) - // Ensure the manifest blob is cleaned up - //pms.scheduler.AddBlob(blobRef, repositoryTTL) - - } - - return manifest, err -} - -func (pms proxyManifestStore) Put(ctx context.Context, manifest distribution.Manifest, options ...distribution.ManifestServiceOption) (digest.Digest, error) { - var d digest.Digest - return d, distribution.ErrUnsupported -} - -func (pms proxyManifestStore) Delete(ctx context.Context, dgst digest.Digest) error { - return distribution.ErrUnsupported -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore_test.go b/vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore_test.go deleted file mode 100644 index 067e845a..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxymanifeststore_test.go +++ /dev/null @@ -1,275 +0,0 @@ -package proxy - -import ( - "io" - "sync" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/client/auth" - "github.com/docker/distribution/registry/client/auth/challenge" - "github.com/docker/distribution/registry/proxy/scheduler" - "github.com/docker/distribution/registry/storage" - "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver/inmemory" - "github.com/docker/distribution/testutil" - "github.com/docker/libtrust" -) - -type statsManifest struct { - manifests distribution.ManifestService - stats map[string]int -} - -type manifestStoreTestEnv struct { - manifestDigest digest.Digest // digest of the signed manifest in the local storage - manifests proxyManifestStore -} - -func (te manifestStoreTestEnv) LocalStats() *map[string]int { - ls := te.manifests.localManifests.(statsManifest).stats - return &ls -} - -func (te manifestStoreTestEnv) RemoteStats() *map[string]int { - rs := te.manifests.remoteManifests.(statsManifest).stats - return &rs -} - -func (sm statsManifest) Delete(ctx context.Context, dgst digest.Digest) error { - sm.stats["delete"]++ - return sm.manifests.Delete(ctx, dgst) -} - -func (sm statsManifest) Exists(ctx context.Context, dgst digest.Digest) (bool, error) { - sm.stats["exists"]++ - return sm.manifests.Exists(ctx, dgst) -} - -func (sm statsManifest) Get(ctx context.Context, dgst digest.Digest, options ...distribution.ManifestServiceOption) (distribution.Manifest, error) { - sm.stats["get"]++ - return sm.manifests.Get(ctx, dgst) -} - -func (sm statsManifest) Put(ctx context.Context, manifest distribution.Manifest, options ...distribution.ManifestServiceOption) (digest.Digest, error) { - sm.stats["put"]++ - return sm.manifests.Put(ctx, manifest) -} - -type mockChallenger struct { - sync.Mutex - count int -} - -// Called for remote operations only -func (m *mockChallenger) tryEstablishChallenges(context.Context) error { - m.Lock() - defer m.Unlock() - m.count++ - return nil -} - -func (m *mockChallenger) credentialStore() auth.CredentialStore { - return nil -} - -func (m *mockChallenger) challengeManager() challenge.Manager { - return nil -} - -func newManifestStoreTestEnv(t *testing.T, name, tag string) *manifestStoreTestEnv { - nameRef, err := reference.ParseNamed(name) - if err != nil { - t.Fatalf("unable to parse reference: %s", err) - } - k, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - ctx := context.Background() - truthRegistry, err := storage.NewRegistry(ctx, inmemory.New(), - storage.BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), - storage.Schema1SigningKey(k)) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - truthRepo, err := truthRegistry.Repository(ctx, nameRef) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - tr, err := truthRepo.Manifests(ctx) - if err != nil { - t.Fatal(err.Error()) - } - truthManifests := statsManifest{ - manifests: tr, - stats: make(map[string]int), - } - - manifestDigest, err := populateRepo(ctx, t, truthRepo, name, tag) - if err != nil { - t.Fatalf(err.Error()) - } - - localRegistry, err := storage.NewRegistry(ctx, inmemory.New(), storage.BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), storage.EnableRedirect, storage.DisableDigestResumption, storage.Schema1SigningKey(k)) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - localRepo, err := localRegistry.Repository(ctx, nameRef) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - lr, err := localRepo.Manifests(ctx) - if err != nil { - t.Fatal(err.Error()) - } - - localManifests := statsManifest{ - manifests: lr, - stats: make(map[string]int), - } - - s := scheduler.New(ctx, inmemory.New(), "/scheduler-state.json") - return &manifestStoreTestEnv{ - manifestDigest: manifestDigest, - manifests: proxyManifestStore{ - ctx: ctx, - localManifests: localManifests, - remoteManifests: truthManifests, - scheduler: s, - repositoryName: nameRef, - authChallenger: &mockChallenger{}, - }, - } -} - -func populateRepo(ctx context.Context, t *testing.T, repository distribution.Repository, name, tag string) (digest.Digest, error) { - m := schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: name, - Tag: tag, - } - - for i := 0; i < 2; i++ { - wr, err := repository.Blobs(ctx).Create(ctx) - if err != nil { - t.Fatalf("unexpected error creating test upload: %v", err) - } - - rs, ts, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("unexpected error generating test layer file") - } - dgst := digest.Digest(ts) - if _, err := io.Copy(wr, rs); err != nil { - t.Fatalf("unexpected error copying to upload: %v", err) - } - - if _, err := wr.Commit(ctx, distribution.Descriptor{Digest: dgst}); err != nil { - t.Fatalf("unexpected error finishing upload: %v", err) - } - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key: %v", err) - } - - sm, err := schema1.Sign(&m, pk) - if err != nil { - t.Fatalf("error signing manifest: %v", err) - } - - ms, err := repository.Manifests(ctx) - if err != nil { - t.Fatalf(err.Error()) - } - dgst, err := ms.Put(ctx, sm) - if err != nil { - t.Fatalf("unexpected errors putting manifest: %v", err) - } - - return dgst, nil -} - -// TestProxyManifests contains basic acceptance tests -// for the pull-through behavior -func TestProxyManifests(t *testing.T) { - name := "foo/bar" - env := newManifestStoreTestEnv(t, name, "latest") - - localStats := env.LocalStats() - remoteStats := env.RemoteStats() - - ctx := context.Background() - // Stat - must check local and remote - exists, err := env.manifests.Exists(ctx, env.manifestDigest) - if err != nil { - t.Fatalf("Error checking existence") - } - if !exists { - t.Errorf("Unexpected non-existant manifest") - } - - if (*localStats)["exists"] != 1 && (*remoteStats)["exists"] != 1 { - t.Errorf("Unexpected exists count : \n%v \n%v", localStats, remoteStats) - } - - if env.manifests.authChallenger.(*mockChallenger).count != 1 { - t.Fatalf("Expected 1 auth challenge, got %#v", env.manifests.authChallenger) - } - - // Get - should succeed and pull manifest into local - _, err = env.manifests.Get(ctx, env.manifestDigest) - if err != nil { - t.Fatal(err) - } - - if (*localStats)["get"] != 1 && (*remoteStats)["get"] != 1 { - t.Errorf("Unexpected get count") - } - - if (*localStats)["put"] != 1 { - t.Errorf("Expected local put") - } - - if env.manifests.authChallenger.(*mockChallenger).count != 2 { - t.Fatalf("Expected 2 auth challenges, got %#v", env.manifests.authChallenger) - } - - // Stat - should only go to local - exists, err = env.manifests.Exists(ctx, env.manifestDigest) - if err != nil { - t.Fatal(err) - } - if !exists { - t.Errorf("Unexpected non-existant manifest") - } - - if (*localStats)["exists"] != 2 && (*remoteStats)["exists"] != 1 { - t.Errorf("Unexpected exists count") - } - - if env.manifests.authChallenger.(*mockChallenger).count != 2 { - t.Fatalf("Expected 2 auth challenges, got %#v", env.manifests.authChallenger) - } - - // Get proxied - won't require another authchallenge - _, err = env.manifests.Get(ctx, env.manifestDigest) - if err != nil { - t.Fatal(err) - } - - if env.manifests.authChallenger.(*mockChallenger).count != 2 { - t.Fatalf("Expected 2 auth challenges, got %#v", env.manifests.authChallenger) - } - -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxymetrics.go b/vendor/github.com/docker/distribution/registry/proxy/proxymetrics.go deleted file mode 100644 index d3d84d78..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxymetrics.go +++ /dev/null @@ -1,74 +0,0 @@ -package proxy - -import ( - "expvar" - "sync/atomic" -) - -// Metrics is used to hold metric counters -// related to the proxy -type Metrics struct { - Requests uint64 - Hits uint64 - Misses uint64 - BytesPulled uint64 - BytesPushed uint64 -} - -type proxyMetricsCollector struct { - blobMetrics Metrics - manifestMetrics Metrics -} - -// BlobPull tracks metrics about blobs pulled into the cache -func (pmc *proxyMetricsCollector) BlobPull(bytesPulled uint64) { - atomic.AddUint64(&pmc.blobMetrics.Misses, 1) - atomic.AddUint64(&pmc.blobMetrics.BytesPulled, bytesPulled) -} - -// BlobPush tracks metrics about blobs pushed to clients -func (pmc *proxyMetricsCollector) BlobPush(bytesPushed uint64) { - atomic.AddUint64(&pmc.blobMetrics.Requests, 1) - atomic.AddUint64(&pmc.blobMetrics.Hits, 1) - atomic.AddUint64(&pmc.blobMetrics.BytesPushed, bytesPushed) -} - -// ManifestPull tracks metrics related to Manifests pulled into the cache -func (pmc *proxyMetricsCollector) ManifestPull(bytesPulled uint64) { - atomic.AddUint64(&pmc.manifestMetrics.Misses, 1) - atomic.AddUint64(&pmc.manifestMetrics.BytesPulled, bytesPulled) -} - -// ManifestPush tracks metrics about manifests pushed to clients -func (pmc *proxyMetricsCollector) ManifestPush(bytesPushed uint64) { - atomic.AddUint64(&pmc.manifestMetrics.Requests, 1) - atomic.AddUint64(&pmc.manifestMetrics.Hits, 1) - atomic.AddUint64(&pmc.manifestMetrics.BytesPushed, bytesPushed) -} - -// proxyMetrics tracks metrics about the proxy cache. This is -// kept globally and made available via expvar. -var proxyMetrics = &proxyMetricsCollector{} - -func init() { - registry := expvar.Get("registry") - if registry == nil { - registry = expvar.NewMap("registry") - } - - pm := registry.(*expvar.Map).Get("proxy") - if pm == nil { - pm = &expvar.Map{} - pm.(*expvar.Map).Init() - registry.(*expvar.Map).Set("proxy", pm) - } - - pm.(*expvar.Map).Set("blobs", expvar.Func(func() interface{} { - return proxyMetrics.blobMetrics - })) - - pm.(*expvar.Map).Set("manifests", expvar.Func(func() interface{} { - return proxyMetrics.manifestMetrics - })) - -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxyregistry.go b/vendor/github.com/docker/distribution/registry/proxy/proxyregistry.go deleted file mode 100644 index d64dcbb9..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxyregistry.go +++ /dev/null @@ -1,249 +0,0 @@ -package proxy - -import ( - "fmt" - "net/http" - "net/url" - "sync" - - "github.com/docker/distribution" - "github.com/docker/distribution/configuration" - "github.com/docker/distribution/context" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/client" - "github.com/docker/distribution/registry/client/auth" - "github.com/docker/distribution/registry/client/auth/challenge" - "github.com/docker/distribution/registry/client/transport" - "github.com/docker/distribution/registry/proxy/scheduler" - "github.com/docker/distribution/registry/storage" - "github.com/docker/distribution/registry/storage/driver" -) - -// proxyingRegistry fetches content from a remote registry and caches it locally -type proxyingRegistry struct { - embedded distribution.Namespace // provides local registry functionality - scheduler *scheduler.TTLExpirationScheduler - remoteURL url.URL - authChallenger authChallenger -} - -// NewRegistryPullThroughCache creates a registry acting as a pull through cache -func NewRegistryPullThroughCache(ctx context.Context, registry distribution.Namespace, driver driver.StorageDriver, config configuration.Proxy) (distribution.Namespace, error) { - remoteURL, err := url.Parse(config.RemoteURL) - if err != nil { - return nil, err - } - - v := storage.NewVacuum(ctx, driver) - s := scheduler.New(ctx, driver, "/scheduler-state.json") - s.OnBlobExpire(func(ref reference.Reference) error { - var r reference.Canonical - var ok bool - if r, ok = ref.(reference.Canonical); !ok { - return fmt.Errorf("unexpected reference type : %T", ref) - } - - repo, err := registry.Repository(ctx, r) - if err != nil { - return err - } - - blobs := repo.Blobs(ctx) - - // Clear the repository reference and descriptor caches - err = blobs.Delete(ctx, r.Digest()) - if err != nil { - return err - } - - err = v.RemoveBlob(r.Digest().String()) - if err != nil { - return err - } - - return nil - }) - - s.OnManifestExpire(func(ref reference.Reference) error { - var r reference.Canonical - var ok bool - if r, ok = ref.(reference.Canonical); !ok { - return fmt.Errorf("unexpected reference type : %T", ref) - } - - repo, err := registry.Repository(ctx, r) - if err != nil { - return err - } - - manifests, err := repo.Manifests(ctx) - if err != nil { - return err - } - err = manifests.Delete(ctx, r.Digest()) - if err != nil { - return err - } - return nil - }) - - err = s.Start() - if err != nil { - return nil, err - } - - cs, err := configureAuth(config.Username, config.Password, config.RemoteURL) - if err != nil { - return nil, err - } - - return &proxyingRegistry{ - embedded: registry, - scheduler: s, - remoteURL: *remoteURL, - authChallenger: &remoteAuthChallenger{ - remoteURL: *remoteURL, - cm: challenge.NewSimpleManager(), - cs: cs, - }, - }, nil -} - -func (pr *proxyingRegistry) Scope() distribution.Scope { - return distribution.GlobalScope -} - -func (pr *proxyingRegistry) Repositories(ctx context.Context, repos []string, last string) (n int, err error) { - return pr.embedded.Repositories(ctx, repos, last) -} - -func (pr *proxyingRegistry) Repository(ctx context.Context, name reference.Named) (distribution.Repository, error) { - c := pr.authChallenger - - tr := transport.NewTransport(http.DefaultTransport, - auth.NewAuthorizer(c.challengeManager(), auth.NewTokenHandler(http.DefaultTransport, c.credentialStore(), name.Name(), "pull"))) - - localRepo, err := pr.embedded.Repository(ctx, name) - if err != nil { - return nil, err - } - localManifests, err := localRepo.Manifests(ctx, storage.SkipLayerVerification()) - if err != nil { - return nil, err - } - - remoteRepo, err := client.NewRepository(ctx, name, pr.remoteURL.String(), tr) - if err != nil { - return nil, err - } - - remoteManifests, err := remoteRepo.Manifests(ctx) - if err != nil { - return nil, err - } - - return &proxiedRepository{ - blobStore: &proxyBlobStore{ - localStore: localRepo.Blobs(ctx), - remoteStore: remoteRepo.Blobs(ctx), - scheduler: pr.scheduler, - repositoryName: name, - authChallenger: pr.authChallenger, - }, - manifests: &proxyManifestStore{ - repositoryName: name, - localManifests: localManifests, // Options? - remoteManifests: remoteManifests, - ctx: ctx, - scheduler: pr.scheduler, - authChallenger: pr.authChallenger, - }, - name: name, - tags: &proxyTagService{ - localTags: localRepo.Tags(ctx), - remoteTags: remoteRepo.Tags(ctx), - authChallenger: pr.authChallenger, - }, - }, nil -} - -func (pr *proxyingRegistry) Blobs() distribution.BlobEnumerator { - return pr.embedded.Blobs() -} - -func (pr *proxyingRegistry) BlobStatter() distribution.BlobStatter { - return pr.embedded.BlobStatter() -} - -// authChallenger encapsulates a request to the upstream to establish credential challenges -type authChallenger interface { - tryEstablishChallenges(context.Context) error - challengeManager() challenge.Manager - credentialStore() auth.CredentialStore -} - -type remoteAuthChallenger struct { - remoteURL url.URL - sync.Mutex - cm challenge.Manager - cs auth.CredentialStore -} - -func (r *remoteAuthChallenger) credentialStore() auth.CredentialStore { - return r.cs -} - -func (r *remoteAuthChallenger) challengeManager() challenge.Manager { - return r.cm -} - -// tryEstablishChallenges will attempt to get a challenge type for the upstream if none currently exist -func (r *remoteAuthChallenger) tryEstablishChallenges(ctx context.Context) error { - r.Lock() - defer r.Unlock() - - remoteURL := r.remoteURL - remoteURL.Path = "/v2/" - challenges, err := r.cm.GetChallenges(remoteURL) - if err != nil { - return err - } - - if len(challenges) > 0 { - return nil - } - - // establish challenge type with upstream - if err := ping(r.cm, remoteURL.String(), challengeHeader); err != nil { - return err - } - - context.GetLogger(ctx).Infof("Challenge established with upstream : %s %s", remoteURL, r.cm) - return nil -} - -// proxiedRepository uses proxying blob and manifest services to serve content -// locally, or pulling it through from a remote and caching it locally if it doesn't -// already exist -type proxiedRepository struct { - blobStore distribution.BlobStore - manifests distribution.ManifestService - name reference.Named - tags distribution.TagService -} - -func (pr *proxiedRepository) Manifests(ctx context.Context, options ...distribution.ManifestServiceOption) (distribution.ManifestService, error) { - return pr.manifests, nil -} - -func (pr *proxiedRepository) Blobs(ctx context.Context) distribution.BlobStore { - return pr.blobStore -} - -func (pr *proxiedRepository) Named() reference.Named { - return pr.name -} - -func (pr *proxiedRepository) Tags(ctx context.Context) distribution.TagService { - return pr.tags -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxytagservice.go b/vendor/github.com/docker/distribution/registry/proxy/proxytagservice.go deleted file mode 100644 index a8273030..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxytagservice.go +++ /dev/null @@ -1,65 +0,0 @@ -package proxy - -import ( - "github.com/docker/distribution" - "github.com/docker/distribution/context" -) - -// proxyTagService supports local and remote lookup of tags. -type proxyTagService struct { - localTags distribution.TagService - remoteTags distribution.TagService - authChallenger authChallenger -} - -var _ distribution.TagService = proxyTagService{} - -// Get attempts to get the most recent digest for the tag by checking the remote -// tag service first and then caching it locally. If the remote is unavailable -// the local association is returned -func (pt proxyTagService) Get(ctx context.Context, tag string) (distribution.Descriptor, error) { - err := pt.authChallenger.tryEstablishChallenges(ctx) - if err == nil { - desc, err := pt.remoteTags.Get(ctx, tag) - if err == nil { - err := pt.localTags.Tag(ctx, tag, desc) - if err != nil { - return distribution.Descriptor{}, err - } - return desc, nil - } - } - - desc, err := pt.localTags.Get(ctx, tag) - if err != nil { - return distribution.Descriptor{}, err - } - return desc, nil -} - -func (pt proxyTagService) Tag(ctx context.Context, tag string, desc distribution.Descriptor) error { - return distribution.ErrUnsupported -} - -func (pt proxyTagService) Untag(ctx context.Context, tag string) error { - err := pt.localTags.Untag(ctx, tag) - if err != nil { - return err - } - return nil -} - -func (pt proxyTagService) All(ctx context.Context) ([]string, error) { - err := pt.authChallenger.tryEstablishChallenges(ctx) - if err == nil { - tags, err := pt.remoteTags.All(ctx) - if err == nil { - return tags, err - } - } - return pt.localTags.All(ctx) -} - -func (pt proxyTagService) Lookup(ctx context.Context, digest distribution.Descriptor) ([]string, error) { - return []string{}, distribution.ErrUnsupported -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/proxytagservice_test.go b/vendor/github.com/docker/distribution/registry/proxy/proxytagservice_test.go deleted file mode 100644 index ce0fe78b..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/proxytagservice_test.go +++ /dev/null @@ -1,182 +0,0 @@ -package proxy - -import ( - "reflect" - "sort" - "sync" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" -) - -type mockTagStore struct { - mapping map[string]distribution.Descriptor - sync.Mutex -} - -var _ distribution.TagService = &mockTagStore{} - -func (m *mockTagStore) Get(ctx context.Context, tag string) (distribution.Descriptor, error) { - m.Lock() - defer m.Unlock() - - if d, ok := m.mapping[tag]; ok { - return d, nil - } - return distribution.Descriptor{}, distribution.ErrTagUnknown{} -} - -func (m *mockTagStore) Tag(ctx context.Context, tag string, desc distribution.Descriptor) error { - m.Lock() - defer m.Unlock() - - m.mapping[tag] = desc - return nil -} - -func (m *mockTagStore) Untag(ctx context.Context, tag string) error { - m.Lock() - defer m.Unlock() - - if _, ok := m.mapping[tag]; ok { - delete(m.mapping, tag) - return nil - } - return distribution.ErrTagUnknown{} -} - -func (m *mockTagStore) All(ctx context.Context) ([]string, error) { - m.Lock() - defer m.Unlock() - - var tags []string - for tag := range m.mapping { - tags = append(tags, tag) - } - - return tags, nil -} - -func (m *mockTagStore) Lookup(ctx context.Context, digest distribution.Descriptor) ([]string, error) { - panic("not implemented") -} - -func testProxyTagService(local, remote map[string]distribution.Descriptor) *proxyTagService { - if local == nil { - local = make(map[string]distribution.Descriptor) - } - if remote == nil { - remote = make(map[string]distribution.Descriptor) - } - return &proxyTagService{ - localTags: &mockTagStore{mapping: local}, - remoteTags: &mockTagStore{mapping: remote}, - authChallenger: &mockChallenger{}, - } -} - -func TestGet(t *testing.T) { - remoteDesc := distribution.Descriptor{Size: 42} - remoteTag := "remote" - proxyTags := testProxyTagService(map[string]distribution.Descriptor{remoteTag: remoteDesc}, nil) - - ctx := context.Background() - - // Get pre-loaded tag - d, err := proxyTags.Get(ctx, remoteTag) - if err != nil { - t.Fatal(err) - } - - if proxyTags.authChallenger.(*mockChallenger).count != 1 { - t.Fatalf("Expected 1 auth challenge call, got %#v", proxyTags.authChallenger) - } - - if !reflect.DeepEqual(d, remoteDesc) { - t.Fatal("unable to get put tag") - } - - local, err := proxyTags.localTags.Get(ctx, remoteTag) - if err != nil { - t.Fatal("remote tag not pulled into store") - } - - if !reflect.DeepEqual(local, remoteDesc) { - t.Fatalf("unexpected descriptor pulled through") - } - - // Manually overwrite remote tag - newRemoteDesc := distribution.Descriptor{Size: 43} - err = proxyTags.remoteTags.Tag(ctx, remoteTag, newRemoteDesc) - if err != nil { - t.Fatal(err) - } - - d, err = proxyTags.Get(ctx, remoteTag) - if err != nil { - t.Fatal(err) - } - - if proxyTags.authChallenger.(*mockChallenger).count != 2 { - t.Fatalf("Expected 2 auth challenge calls, got %#v", proxyTags.authChallenger) - } - - if !reflect.DeepEqual(d, newRemoteDesc) { - t.Fatal("unable to get put tag") - } - - _, err = proxyTags.localTags.Get(ctx, remoteTag) - if err != nil { - t.Fatal("remote tag not pulled into store") - } - - // untag, ensure it's removed locally, but present in remote - err = proxyTags.Untag(ctx, remoteTag) - if err != nil { - t.Fatal(err) - } - - _, err = proxyTags.localTags.Get(ctx, remoteTag) - if err == nil { - t.Fatalf("Expected error getting Untag'd tag") - } - - _, err = proxyTags.remoteTags.Get(ctx, remoteTag) - if err != nil { - t.Fatalf("remote tag should not be untagged with proxyTag.Untag") - } - - _, err = proxyTags.Get(ctx, remoteTag) - if err != nil { - t.Fatal("untagged tag should be pulled through") - } - - if proxyTags.authChallenger.(*mockChallenger).count != 3 { - t.Fatalf("Expected 3 auth challenge calls, got %#v", proxyTags.authChallenger) - } - - // Add another tag. Ensure both tags appear in 'All' - err = proxyTags.remoteTags.Tag(ctx, "funtag", distribution.Descriptor{Size: 42}) - if err != nil { - t.Fatal(err) - } - - all, err := proxyTags.All(ctx) - if err != nil { - t.Fatal(err) - } - - if len(all) != 2 { - t.Fatalf("Unexpected tag length returned from All() : %d ", len(all)) - } - - sort.Strings(all) - if all[0] != "funtag" && all[1] != "remote" { - t.Fatalf("Unexpected tags returned from All() : %v ", all) - } - - if proxyTags.authChallenger.(*mockChallenger).count != 4 { - t.Fatalf("Expected 4 auth challenge calls, got %#v", proxyTags.authChallenger) - } -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler.go b/vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler.go deleted file mode 100644 index bde94657..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler.go +++ /dev/null @@ -1,259 +0,0 @@ -package scheduler - -import ( - "encoding/json" - "fmt" - "sync" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/driver" -) - -// onTTLExpiryFunc is called when a repository's TTL expires -type expiryFunc func(reference.Reference) error - -const ( - entryTypeBlob = iota - entryTypeManifest - indexSaveFrequency = 5 * time.Second -) - -// schedulerEntry represents an entry in the scheduler -// fields are exported for serialization -type schedulerEntry struct { - Key string `json:"Key"` - Expiry time.Time `json:"ExpiryData"` - EntryType int `json:"EntryType"` - - timer *time.Timer -} - -// New returns a new instance of the scheduler -func New(ctx context.Context, driver driver.StorageDriver, path string) *TTLExpirationScheduler { - return &TTLExpirationScheduler{ - entries: make(map[string]*schedulerEntry), - driver: driver, - pathToStateFile: path, - ctx: ctx, - stopped: true, - doneChan: make(chan struct{}), - saveTimer: time.NewTicker(indexSaveFrequency), - } -} - -// TTLExpirationScheduler is a scheduler used to perform actions -// when TTLs expire -type TTLExpirationScheduler struct { - sync.Mutex - - entries map[string]*schedulerEntry - - driver driver.StorageDriver - ctx context.Context - pathToStateFile string - - stopped bool - - onBlobExpire expiryFunc - onManifestExpire expiryFunc - - indexDirty bool - saveTimer *time.Ticker - doneChan chan struct{} -} - -// OnBlobExpire is called when a scheduled blob's TTL expires -func (ttles *TTLExpirationScheduler) OnBlobExpire(f expiryFunc) { - ttles.Lock() - defer ttles.Unlock() - - ttles.onBlobExpire = f -} - -// OnManifestExpire is called when a scheduled manifest's TTL expires -func (ttles *TTLExpirationScheduler) OnManifestExpire(f expiryFunc) { - ttles.Lock() - defer ttles.Unlock() - - ttles.onManifestExpire = f -} - -// AddBlob schedules a blob cleanup after ttl expires -func (ttles *TTLExpirationScheduler) AddBlob(blobRef reference.Canonical, ttl time.Duration) error { - ttles.Lock() - defer ttles.Unlock() - - if ttles.stopped { - return fmt.Errorf("scheduler not started") - } - - ttles.add(blobRef, ttl, entryTypeBlob) - return nil -} - -// AddManifest schedules a manifest cleanup after ttl expires -func (ttles *TTLExpirationScheduler) AddManifest(manifestRef reference.Canonical, ttl time.Duration) error { - ttles.Lock() - defer ttles.Unlock() - - if ttles.stopped { - return fmt.Errorf("scheduler not started") - } - - ttles.add(manifestRef, ttl, entryTypeManifest) - return nil -} - -// Start starts the scheduler -func (ttles *TTLExpirationScheduler) Start() error { - ttles.Lock() - defer ttles.Unlock() - - err := ttles.readState() - if err != nil { - return err - } - - if !ttles.stopped { - return fmt.Errorf("Scheduler already started") - } - - context.GetLogger(ttles.ctx).Infof("Starting cached object TTL expiration scheduler...") - ttles.stopped = false - - // Start timer for each deserialized entry - for _, entry := range ttles.entries { - entry.timer = ttles.startTimer(entry, entry.Expiry.Sub(time.Now())) - } - - // Start a ticker to periodically save the entries index - - go func() { - for { - select { - case <-ttles.saveTimer.C: - ttles.Lock() - if !ttles.indexDirty { - ttles.Unlock() - continue - } - - err := ttles.writeState() - if err != nil { - context.GetLogger(ttles.ctx).Errorf("Error writing scheduler state: %s", err) - } else { - ttles.indexDirty = false - } - ttles.Unlock() - - case <-ttles.doneChan: - return - } - } - }() - - return nil -} - -func (ttles *TTLExpirationScheduler) add(r reference.Reference, ttl time.Duration, eType int) { - entry := &schedulerEntry{ - Key: r.String(), - Expiry: time.Now().Add(ttl), - EntryType: eType, - } - context.GetLogger(ttles.ctx).Infof("Adding new scheduler entry for %s with ttl=%s", entry.Key, entry.Expiry.Sub(time.Now())) - if oldEntry, present := ttles.entries[entry.Key]; present && oldEntry.timer != nil { - oldEntry.timer.Stop() - } - ttles.entries[entry.Key] = entry - entry.timer = ttles.startTimer(entry, ttl) - ttles.indexDirty = true -} - -func (ttles *TTLExpirationScheduler) startTimer(entry *schedulerEntry, ttl time.Duration) *time.Timer { - return time.AfterFunc(ttl, func() { - ttles.Lock() - defer ttles.Unlock() - - var f expiryFunc - - switch entry.EntryType { - case entryTypeBlob: - f = ttles.onBlobExpire - case entryTypeManifest: - f = ttles.onManifestExpire - default: - f = func(reference.Reference) error { - return fmt.Errorf("scheduler entry type") - } - } - - ref, err := reference.Parse(entry.Key) - if err == nil { - if err := f(ref); err != nil { - context.GetLogger(ttles.ctx).Errorf("Scheduler error returned from OnExpire(%s): %s", entry.Key, err) - } - } else { - context.GetLogger(ttles.ctx).Errorf("Error unpacking reference: %s", err) - } - - delete(ttles.entries, entry.Key) - ttles.indexDirty = true - }) -} - -// Stop stops the scheduler. -func (ttles *TTLExpirationScheduler) Stop() { - ttles.Lock() - defer ttles.Unlock() - - if err := ttles.writeState(); err != nil { - context.GetLogger(ttles.ctx).Errorf("Error writing scheduler state: %s", err) - } - - for _, entry := range ttles.entries { - entry.timer.Stop() - } - - close(ttles.doneChan) - ttles.saveTimer.Stop() - ttles.stopped = true -} - -func (ttles *TTLExpirationScheduler) writeState() error { - jsonBytes, err := json.Marshal(ttles.entries) - if err != nil { - return err - } - - err = ttles.driver.PutContent(ttles.ctx, ttles.pathToStateFile, jsonBytes) - if err != nil { - return err - } - - return nil -} - -func (ttles *TTLExpirationScheduler) readState() error { - if _, err := ttles.driver.Stat(ttles.ctx, ttles.pathToStateFile); err != nil { - switch err := err.(type) { - case driver.PathNotFoundError: - return nil - default: - return err - } - } - - bytes, err := ttles.driver.GetContent(ttles.ctx, ttles.pathToStateFile) - if err != nil { - return err - } - - err = json.Unmarshal(bytes, &ttles.entries) - if err != nil { - return err - } - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler_test.go b/vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler_test.go deleted file mode 100644 index 4d69d5b5..00000000 --- a/vendor/github.com/docker/distribution/registry/proxy/scheduler/scheduler_test.go +++ /dev/null @@ -1,211 +0,0 @@ -package scheduler - -import ( - "encoding/json" - "sync" - "testing" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -func testRefs(t *testing.T) (reference.Reference, reference.Reference, reference.Reference) { - ref1, err := reference.Parse("testrepo@sha256:aaaaeaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa") - if err != nil { - t.Fatalf("could not parse reference: %v", err) - } - - ref2, err := reference.Parse("testrepo@sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb") - if err != nil { - t.Fatalf("could not parse reference: %v", err) - } - - ref3, err := reference.Parse("testrepo@sha256:cccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccc") - if err != nil { - t.Fatalf("could not parse reference: %v", err) - } - - return ref1, ref2, ref3 -} - -func TestSchedule(t *testing.T) { - ref1, ref2, ref3 := testRefs(t) - timeUnit := time.Millisecond - remainingRepos := map[string]bool{ - ref1.String(): true, - ref2.String(): true, - ref3.String(): true, - } - - var mu sync.Mutex - s := New(context.Background(), inmemory.New(), "/ttl") - deleteFunc := func(repoName reference.Reference) error { - if len(remainingRepos) == 0 { - t.Fatalf("Incorrect expiry count") - } - _, ok := remainingRepos[repoName.String()] - if !ok { - t.Fatalf("Trying to remove nonexistent repo: %s", repoName) - } - t.Log("removing", repoName) - mu.Lock() - delete(remainingRepos, repoName.String()) - mu.Unlock() - - return nil - } - s.onBlobExpire = deleteFunc - err := s.Start() - if err != nil { - t.Fatalf("Error starting ttlExpirationScheduler: %s", err) - } - - s.add(ref1, 3*timeUnit, entryTypeBlob) - s.add(ref2, 1*timeUnit, entryTypeBlob) - - func() { - s.Lock() - s.add(ref3, 1*timeUnit, entryTypeBlob) - s.Unlock() - - }() - - // Ensure all repos are deleted - <-time.After(50 * timeUnit) - - mu.Lock() - defer mu.Unlock() - if len(remainingRepos) != 0 { - t.Fatalf("Repositories remaining: %#v", remainingRepos) - } -} - -func TestRestoreOld(t *testing.T) { - ref1, ref2, _ := testRefs(t) - remainingRepos := map[string]bool{ - ref1.String(): true, - ref2.String(): true, - } - - var wg sync.WaitGroup - wg.Add(len(remainingRepos)) - var mu sync.Mutex - deleteFunc := func(r reference.Reference) error { - mu.Lock() - defer mu.Unlock() - if r.String() == ref1.String() && len(remainingRepos) == 2 { - t.Errorf("ref1 should not be removed first") - } - _, ok := remainingRepos[r.String()] - if !ok { - t.Fatalf("Trying to remove nonexistent repo: %s", r) - } - delete(remainingRepos, r.String()) - wg.Done() - return nil - } - - timeUnit := time.Millisecond - serialized, err := json.Marshal(&map[string]schedulerEntry{ - ref1.String(): { - Expiry: time.Now().Add(10 * timeUnit), - Key: ref1.String(), - EntryType: 0, - }, - ref2.String(): { - Expiry: time.Now().Add(-3 * timeUnit), // TTL passed, should be removed first - Key: ref2.String(), - EntryType: 0, - }, - }) - if err != nil { - t.Fatalf("Error serializing test data: %s", err.Error()) - } - - ctx := context.Background() - pathToStatFile := "/ttl" - fs := inmemory.New() - err = fs.PutContent(ctx, pathToStatFile, serialized) - if err != nil { - t.Fatal("Unable to write serialized data to fs") - } - s := New(context.Background(), fs, "/ttl") - s.OnBlobExpire(deleteFunc) - err = s.Start() - if err != nil { - t.Fatalf("Error starting ttlExpirationScheduler: %s", err) - } - defer s.Stop() - - wg.Wait() - mu.Lock() - defer mu.Unlock() - if len(remainingRepos) != 0 { - t.Fatalf("Repositories remaining: %#v", remainingRepos) - } -} - -func TestStopRestore(t *testing.T) { - ref1, ref2, _ := testRefs(t) - - timeUnit := time.Millisecond - remainingRepos := map[string]bool{ - ref1.String(): true, - ref2.String(): true, - } - - var mu sync.Mutex - deleteFunc := func(r reference.Reference) error { - mu.Lock() - delete(remainingRepos, r.String()) - mu.Unlock() - return nil - } - - fs := inmemory.New() - pathToStateFile := "/ttl" - s := New(context.Background(), fs, pathToStateFile) - s.onBlobExpire = deleteFunc - - err := s.Start() - if err != nil { - t.Fatalf(err.Error()) - } - s.add(ref1, 300*timeUnit, entryTypeBlob) - s.add(ref2, 100*timeUnit, entryTypeBlob) - - // Start and stop before all operations complete - // state will be written to fs - s.Stop() - time.Sleep(10 * time.Millisecond) - - // v2 will restore state from fs - s2 := New(context.Background(), fs, pathToStateFile) - s2.onBlobExpire = deleteFunc - err = s2.Start() - if err != nil { - t.Fatalf("Error starting v2: %s", err.Error()) - } - - <-time.After(500 * timeUnit) - mu.Lock() - defer mu.Unlock() - if len(remainingRepos) != 0 { - t.Fatalf("Repositories remaining: %#v", remainingRepos) - } - -} - -func TestDoubleStart(t *testing.T) { - s := New(context.Background(), inmemory.New(), "/ttl") - err := s.Start() - if err != nil { - t.Fatalf("Unable to start scheduler") - } - err = s.Start() - if err == nil { - t.Fatalf("Scheduler started twice without error") - } -} diff --git a/vendor/github.com/docker/distribution/registry/registry.go b/vendor/github.com/docker/distribution/registry/registry.go deleted file mode 100644 index 2adcb1e3..00000000 --- a/vendor/github.com/docker/distribution/registry/registry.go +++ /dev/null @@ -1,356 +0,0 @@ -package registry - -import ( - "crypto/tls" - "crypto/x509" - "fmt" - "io/ioutil" - "net/http" - "os" - "time" - - "rsc.io/letsencrypt" - - log "github.com/Sirupsen/logrus" - "github.com/Sirupsen/logrus/formatters/logstash" - "github.com/bugsnag/bugsnag-go" - "github.com/docker/distribution/configuration" - "github.com/docker/distribution/context" - "github.com/docker/distribution/health" - "github.com/docker/distribution/registry/handlers" - "github.com/docker/distribution/registry/listener" - "github.com/docker/distribution/uuid" - "github.com/docker/distribution/version" - gorhandlers "github.com/gorilla/handlers" - "github.com/spf13/cobra" - "github.com/yvasiyarov/gorelic" -) - -// ServeCmd is a cobra command for running the registry. -var ServeCmd = &cobra.Command{ - Use: "serve ", - Short: "`serve` stores and distributes Docker images", - Long: "`serve` stores and distributes Docker images.", - Run: func(cmd *cobra.Command, args []string) { - - // setup context - ctx := context.WithVersion(context.Background(), version.Version) - - config, err := resolveConfiguration(args) - if err != nil { - fmt.Fprintf(os.Stderr, "configuration error: %v\n", err) - cmd.Usage() - os.Exit(1) - } - - if config.HTTP.Debug.Addr != "" { - go func(addr string) { - log.Infof("debug server listening %v", addr) - if err := http.ListenAndServe(addr, nil); err != nil { - log.Fatalf("error listening on debug interface: %v", err) - } - }(config.HTTP.Debug.Addr) - } - - registry, err := NewRegistry(ctx, config) - if err != nil { - log.Fatalln(err) - } - - if err = registry.ListenAndServe(); err != nil { - log.Fatalln(err) - } - }, -} - -// A Registry represents a complete instance of the registry. -// TODO(aaronl): It might make sense for Registry to become an interface. -type Registry struct { - config *configuration.Configuration - app *handlers.App - server *http.Server -} - -// NewRegistry creates a new registry from a context and configuration struct. -func NewRegistry(ctx context.Context, config *configuration.Configuration) (*Registry, error) { - var err error - ctx, err = configureLogging(ctx, config) - if err != nil { - return nil, fmt.Errorf("error configuring logger: %v", err) - } - - // inject a logger into the uuid library. warns us if there is a problem - // with uuid generation under low entropy. - uuid.Loggerf = context.GetLogger(ctx).Warnf - - app := handlers.NewApp(ctx, config) - // TODO(aaronl): The global scope of the health checks means NewRegistry - // can only be called once per process. - app.RegisterHealthChecks() - handler := configureReporting(app) - handler = alive("/", handler) - handler = health.Handler(handler) - handler = panicHandler(handler) - if !config.Log.AccessLog.Disabled { - handler = gorhandlers.CombinedLoggingHandler(os.Stdout, handler) - } - - server := &http.Server{ - Handler: handler, - } - - return &Registry{ - app: app, - config: config, - server: server, - }, nil -} - -// ListenAndServe runs the registry's HTTP server. -func (registry *Registry) ListenAndServe() error { - config := registry.config - - ln, err := listener.NewListener(config.HTTP.Net, config.HTTP.Addr) - if err != nil { - return err - } - - if config.HTTP.TLS.Certificate != "" || config.HTTP.TLS.LetsEncrypt.CacheFile != "" { - tlsConf := &tls.Config{ - ClientAuth: tls.NoClientCert, - NextProtos: nextProtos(config), - MinVersion: tls.VersionTLS10, - PreferServerCipherSuites: true, - CipherSuites: []uint16{ - tls.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, - tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, - tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, - tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, - tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, - tls.TLS_RSA_WITH_AES_128_CBC_SHA, - tls.TLS_RSA_WITH_AES_256_CBC_SHA, - }, - } - - if config.HTTP.TLS.LetsEncrypt.CacheFile != "" { - if config.HTTP.TLS.Certificate != "" { - return fmt.Errorf("cannot specify both certificate and Let's Encrypt") - } - var m letsencrypt.Manager - if err := m.CacheFile(config.HTTP.TLS.LetsEncrypt.CacheFile); err != nil { - return err - } - if !m.Registered() { - if err := m.Register(config.HTTP.TLS.LetsEncrypt.Email, nil); err != nil { - return err - } - } - tlsConf.GetCertificate = m.GetCertificate - } else { - tlsConf.Certificates = make([]tls.Certificate, 1) - tlsConf.Certificates[0], err = tls.LoadX509KeyPair(config.HTTP.TLS.Certificate, config.HTTP.TLS.Key) - if err != nil { - return err - } - } - - if len(config.HTTP.TLS.ClientCAs) != 0 { - pool := x509.NewCertPool() - - for _, ca := range config.HTTP.TLS.ClientCAs { - caPem, err := ioutil.ReadFile(ca) - if err != nil { - return err - } - - if ok := pool.AppendCertsFromPEM(caPem); !ok { - return fmt.Errorf("Could not add CA to pool") - } - } - - for _, subj := range pool.Subjects() { - context.GetLogger(registry.app).Debugf("CA Subject: %s", string(subj)) - } - - tlsConf.ClientAuth = tls.RequireAndVerifyClientCert - tlsConf.ClientCAs = pool - } - - ln = tls.NewListener(ln, tlsConf) - context.GetLogger(registry.app).Infof("listening on %v, tls", ln.Addr()) - } else { - context.GetLogger(registry.app).Infof("listening on %v", ln.Addr()) - } - - return registry.server.Serve(ln) -} - -func configureReporting(app *handlers.App) http.Handler { - var handler http.Handler = app - - if app.Config.Reporting.Bugsnag.APIKey != "" { - bugsnagConfig := bugsnag.Configuration{ - APIKey: app.Config.Reporting.Bugsnag.APIKey, - // TODO(brianbland): provide the registry version here - // AppVersion: "2.0", - } - if app.Config.Reporting.Bugsnag.ReleaseStage != "" { - bugsnagConfig.ReleaseStage = app.Config.Reporting.Bugsnag.ReleaseStage - } - if app.Config.Reporting.Bugsnag.Endpoint != "" { - bugsnagConfig.Endpoint = app.Config.Reporting.Bugsnag.Endpoint - } - bugsnag.Configure(bugsnagConfig) - - handler = bugsnag.Handler(handler) - } - - if app.Config.Reporting.NewRelic.LicenseKey != "" { - agent := gorelic.NewAgent() - agent.NewrelicLicense = app.Config.Reporting.NewRelic.LicenseKey - if app.Config.Reporting.NewRelic.Name != "" { - agent.NewrelicName = app.Config.Reporting.NewRelic.Name - } - agent.CollectHTTPStat = true - agent.Verbose = app.Config.Reporting.NewRelic.Verbose - agent.Run() - - handler = agent.WrapHTTPHandler(handler) - } - - return handler -} - -// configureLogging prepares the context with a logger using the -// configuration. -func configureLogging(ctx context.Context, config *configuration.Configuration) (context.Context, error) { - if config.Log.Level == "" && config.Log.Formatter == "" { - // If no config for logging is set, fallback to deprecated "Loglevel". - log.SetLevel(logLevel(config.Loglevel)) - ctx = context.WithLogger(ctx, context.GetLogger(ctx)) - return ctx, nil - } - - log.SetLevel(logLevel(config.Log.Level)) - - formatter := config.Log.Formatter - if formatter == "" { - formatter = "text" // default formatter - } - - switch formatter { - case "json": - log.SetFormatter(&log.JSONFormatter{ - TimestampFormat: time.RFC3339Nano, - }) - case "text": - log.SetFormatter(&log.TextFormatter{ - TimestampFormat: time.RFC3339Nano, - }) - case "logstash": - log.SetFormatter(&logstash.LogstashFormatter{ - TimestampFormat: time.RFC3339Nano, - }) - default: - // just let the library use default on empty string. - if config.Log.Formatter != "" { - return ctx, fmt.Errorf("unsupported logging formatter: %q", config.Log.Formatter) - } - } - - if config.Log.Formatter != "" { - log.Debugf("using %q logging formatter", config.Log.Formatter) - } - - if len(config.Log.Fields) > 0 { - // build up the static fields, if present. - var fields []interface{} - for k := range config.Log.Fields { - fields = append(fields, k) - } - - ctx = context.WithValues(ctx, config.Log.Fields) - ctx = context.WithLogger(ctx, context.GetLogger(ctx, fields...)) - } - - return ctx, nil -} - -func logLevel(level configuration.Loglevel) log.Level { - l, err := log.ParseLevel(string(level)) - if err != nil { - l = log.InfoLevel - log.Warnf("error parsing level %q: %v, using %q ", level, err, l) - } - - return l -} - -// panicHandler add an HTTP handler to web app. The handler recover the happening -// panic. logrus.Panic transmits panic message to pre-config log hooks, which is -// defined in config.yml. -func panicHandler(handler http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - defer func() { - if err := recover(); err != nil { - log.Panic(fmt.Sprintf("%v", err)) - } - }() - handler.ServeHTTP(w, r) - }) -} - -// alive simply wraps the handler with a route that always returns an http 200 -// response when the path is matched. If the path is not matched, the request -// is passed to the provided handler. There is no guarantee of anything but -// that the server is up. Wrap with other handlers (such as health.Handler) -// for greater affect. -func alive(path string, handler http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - if r.URL.Path == path { - w.Header().Set("Cache-Control", "no-cache") - w.WriteHeader(http.StatusOK) - return - } - - handler.ServeHTTP(w, r) - }) -} - -func resolveConfiguration(args []string) (*configuration.Configuration, error) { - var configurationPath string - - if len(args) > 0 { - configurationPath = args[0] - } else if os.Getenv("REGISTRY_CONFIGURATION_PATH") != "" { - configurationPath = os.Getenv("REGISTRY_CONFIGURATION_PATH") - } - - if configurationPath == "" { - return nil, fmt.Errorf("configuration path unspecified") - } - - fp, err := os.Open(configurationPath) - if err != nil { - return nil, err - } - - defer fp.Close() - - config, err := configuration.Parse(fp) - if err != nil { - return nil, fmt.Errorf("error parsing %s: %v", configurationPath, err) - } - - return config, nil -} - -func nextProtos(config *configuration.Configuration) []string { - switch config.HTTP.HTTP2.Disabled { - case true: - return []string{"http/1.1"} - default: - return []string{"h2", "http/1.1"} - } -} diff --git a/vendor/github.com/docker/distribution/registry/registry_test.go b/vendor/github.com/docker/distribution/registry/registry_test.go deleted file mode 100644 index 34673117..00000000 --- a/vendor/github.com/docker/distribution/registry/registry_test.go +++ /dev/null @@ -1,30 +0,0 @@ -package registry - -import ( - "reflect" - "testing" - - "github.com/docker/distribution/configuration" -) - -// Tests to ensure nextProtos returns the correct protocols when: -// * config.HTTP.HTTP2.Disabled is not explicitly set => [h2 http/1.1] -// * config.HTTP.HTTP2.Disabled is explicitly set to false [h2 http/1.1] -// * config.HTTP.HTTP2.Disabled is explicitly set to true [http/1.1] -func TestNextProtos(t *testing.T) { - config := &configuration.Configuration{} - protos := nextProtos(config) - if !reflect.DeepEqual(protos, []string{"h2", "http/1.1"}) { - t.Fatalf("expected protos to equal [h2 http/1.1], got %s", protos) - } - config.HTTP.HTTP2.Disabled = false - protos = nextProtos(config) - if !reflect.DeepEqual(protos, []string{"h2", "http/1.1"}) { - t.Fatalf("expected protos to equal [h2 http/1.1], got %s", protos) - } - config.HTTP.HTTP2.Disabled = true - protos = nextProtos(config) - if !reflect.DeepEqual(protos, []string{"http/1.1"}) { - t.Fatalf("expected protos to equal [http/1.1], got %s", protos) - } -} diff --git a/vendor/github.com/docker/distribution/registry/root.go b/vendor/github.com/docker/distribution/registry/root.go deleted file mode 100644 index 5d3005c2..00000000 --- a/vendor/github.com/docker/distribution/registry/root.go +++ /dev/null @@ -1,84 +0,0 @@ -package registry - -import ( - "fmt" - "os" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/storage" - "github.com/docker/distribution/registry/storage/driver/factory" - "github.com/docker/distribution/version" - "github.com/docker/libtrust" - "github.com/spf13/cobra" -) - -var showVersion bool - -func init() { - RootCmd.AddCommand(ServeCmd) - RootCmd.AddCommand(GCCmd) - GCCmd.Flags().BoolVarP(&dryRun, "dry-run", "d", false, "do everything except remove the blobs") - RootCmd.Flags().BoolVarP(&showVersion, "version", "v", false, "show the version and exit") -} - -// RootCmd is the main command for the 'registry' binary. -var RootCmd = &cobra.Command{ - Use: "registry", - Short: "`registry`", - Long: "`registry`", - Run: func(cmd *cobra.Command, args []string) { - if showVersion { - version.PrintVersion() - return - } - cmd.Usage() - }, -} - -var dryRun bool - -// GCCmd is the cobra command that corresponds to the garbage-collect subcommand -var GCCmd = &cobra.Command{ - Use: "garbage-collect ", - Short: "`garbage-collect` deletes layers not referenced by any manifests", - Long: "`garbage-collect` deletes layers not referenced by any manifests", - Run: func(cmd *cobra.Command, args []string) { - config, err := resolveConfiguration(args) - if err != nil { - fmt.Fprintf(os.Stderr, "configuration error: %v\n", err) - cmd.Usage() - os.Exit(1) - } - - driver, err := factory.Create(config.Storage.Type(), config.Storage.Parameters()) - if err != nil { - fmt.Fprintf(os.Stderr, "failed to construct %s driver: %v", config.Storage.Type(), err) - os.Exit(1) - } - - ctx := context.Background() - ctx, err = configureLogging(ctx, config) - if err != nil { - fmt.Fprintf(os.Stderr, "unable to configure logging with config: %s", err) - os.Exit(1) - } - - k, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - fmt.Fprint(os.Stderr, err) - os.Exit(1) - } - - registry, err := storage.NewRegistry(ctx, driver, storage.Schema1SigningKey(k)) - if err != nil { - fmt.Fprintf(os.Stderr, "failed to construct registry: %v", err) - os.Exit(1) - } - - err = storage.MarkAndSweep(ctx, driver, registry, dryRun) - if err != nil { - fmt.Fprintf(os.Stderr, "failed to garbage collect: %v", err) - os.Exit(1) - } - }, -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blob_test.go b/vendor/github.com/docker/distribution/registry/storage/blob_test.go deleted file mode 100644 index 767526bb..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blob_test.go +++ /dev/null @@ -1,614 +0,0 @@ -package storage - -import ( - "bytes" - "crypto/sha256" - "fmt" - "io" - "io/ioutil" - "os" - "path" - "reflect" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver/testdriver" - "github.com/docker/distribution/testutil" -) - -// TestWriteSeek tests that the current file size can be -// obtained using Seek -func TestWriteSeek(t *testing.T) { - ctx := context.Background() - imageName, _ := reference.ParseNamed("foo/bar") - driver := testdriver.New() - registry, err := NewRegistry(ctx, driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableDelete, EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - repository, err := registry.Repository(ctx, imageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - bs := repository.Blobs(ctx) - - blobUpload, err := bs.Create(ctx) - - if err != nil { - t.Fatalf("unexpected error starting layer upload: %s", err) - } - contents := []byte{1, 2, 3} - blobUpload.Write(contents) - blobUpload.Close() - offset := blobUpload.Size() - if offset != int64(len(contents)) { - t.Fatalf("unexpected value for blobUpload offset: %v != %v", offset, len(contents)) - } - -} - -// TestSimpleBlobUpload covers the blob upload process, exercising common -// error paths that might be seen during an upload. -func TestSimpleBlobUpload(t *testing.T) { - randomDataReader, dgst, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating random reader: %v", err) - } - - ctx := context.Background() - imageName, _ := reference.ParseNamed("foo/bar") - driver := testdriver.New() - registry, err := NewRegistry(ctx, driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableDelete, EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - repository, err := registry.Repository(ctx, imageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - bs := repository.Blobs(ctx) - - h := sha256.New() - rd := io.TeeReader(randomDataReader, h) - - blobUpload, err := bs.Create(ctx) - - if err != nil { - t.Fatalf("unexpected error starting layer upload: %s", err) - } - - // Cancel the upload then restart it - if err := blobUpload.Cancel(ctx); err != nil { - t.Fatalf("unexpected error during upload cancellation: %v", err) - } - - // get the enclosing directory - uploadPath := path.Dir(blobUpload.(*blobWriter).path) - - // ensure state was cleaned up - _, err = driver.List(ctx, uploadPath) - if err == nil { - t.Fatal("files in upload path after cleanup") - } - - // Do a resume, get unknown upload - blobUpload, err = bs.Resume(ctx, blobUpload.ID()) - if err != distribution.ErrBlobUploadUnknown { - t.Fatalf("unexpected error resuming upload, should be unknown: %v", err) - } - - // Restart! - blobUpload, err = bs.Create(ctx) - if err != nil { - t.Fatalf("unexpected error starting layer upload: %s", err) - } - - // Get the size of our random tarfile - randomDataSize, err := seekerSize(randomDataReader) - if err != nil { - t.Fatalf("error getting seeker size of random data: %v", err) - } - - nn, err := io.Copy(blobUpload, rd) - if err != nil { - t.Fatalf("unexpected error uploading layer data: %v", err) - } - - if nn != randomDataSize { - t.Fatalf("layer data write incomplete") - } - - blobUpload.Close() - - offset := blobUpload.Size() - if offset != nn { - t.Fatalf("blobUpload not updated with correct offset: %v != %v", offset, nn) - } - - // Do a resume, for good fun - blobUpload, err = bs.Resume(ctx, blobUpload.ID()) - if err != nil { - t.Fatalf("unexpected error resuming upload: %v", err) - } - - sha256Digest := digest.NewDigest("sha256", h) - desc, err := blobUpload.Commit(ctx, distribution.Descriptor{Digest: dgst}) - if err != nil { - t.Fatalf("unexpected error finishing layer upload: %v", err) - } - - // ensure state was cleaned up - uploadPath = path.Dir(blobUpload.(*blobWriter).path) - _, err = driver.List(ctx, uploadPath) - if err == nil { - t.Fatal("files in upload path after commit") - } - - // After finishing an upload, it should no longer exist. - if _, err := bs.Resume(ctx, blobUpload.ID()); err != distribution.ErrBlobUploadUnknown { - t.Fatalf("expected layer upload to be unknown, got %v", err) - } - - // Test for existence. - statDesc, err := bs.Stat(ctx, desc.Digest) - if err != nil { - t.Fatalf("unexpected error checking for existence: %v, %#v", err, bs) - } - - if !reflect.DeepEqual(statDesc, desc) { - t.Fatalf("descriptors not equal: %v != %v", statDesc, desc) - } - - rc, err := bs.Open(ctx, desc.Digest) - if err != nil { - t.Fatalf("unexpected error opening blob for read: %v", err) - } - defer rc.Close() - - h.Reset() - nn, err = io.Copy(h, rc) - if err != nil { - t.Fatalf("error reading layer: %v", err) - } - - if nn != randomDataSize { - t.Fatalf("incorrect read length") - } - - if digest.NewDigest("sha256", h) != sha256Digest { - t.Fatalf("unexpected digest from uploaded layer: %q != %q", digest.NewDigest("sha256", h), sha256Digest) - } - - // Delete a blob - err = bs.Delete(ctx, desc.Digest) - if err != nil { - t.Fatalf("Unexpected error deleting blob") - } - - d, err := bs.Stat(ctx, desc.Digest) - if err == nil { - t.Fatalf("unexpected non-error stating deleted blob: %v", d) - } - - switch err { - case distribution.ErrBlobUnknown: - break - default: - t.Errorf("Unexpected error type stat-ing deleted manifest: %#v", err) - } - - _, err = bs.Open(ctx, desc.Digest) - if err == nil { - t.Fatalf("unexpected success opening deleted blob for read") - } - - switch err { - case distribution.ErrBlobUnknown: - break - default: - t.Errorf("Unexpected error type getting deleted manifest: %#v", err) - } - - // Re-upload the blob - randomBlob, err := ioutil.ReadAll(randomDataReader) - if err != nil { - t.Fatalf("Error reading all of blob %s", err.Error()) - } - expectedDigest := digest.FromBytes(randomBlob) - simpleUpload(t, bs, randomBlob, expectedDigest) - - d, err = bs.Stat(ctx, expectedDigest) - if err != nil { - t.Errorf("unexpected error stat-ing blob") - } - if d.Digest != expectedDigest { - t.Errorf("Mismatching digest with restored blob") - } - - _, err = bs.Open(ctx, expectedDigest) - if err != nil { - t.Errorf("Unexpected error opening blob") - } - - // Reuse state to test delete with a delete-disabled registry - registry, err = NewRegistry(ctx, driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - repository, err = registry.Repository(ctx, imageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - bs = repository.Blobs(ctx) - err = bs.Delete(ctx, desc.Digest) - if err == nil { - t.Errorf("Unexpected success deleting while disabled") - } -} - -// TestSimpleBlobRead just creates a simple blob file and ensures that basic -// open, read, seek, read works. More specific edge cases should be covered in -// other tests. -func TestSimpleBlobRead(t *testing.T) { - ctx := context.Background() - imageName, _ := reference.ParseNamed("foo/bar") - driver := testdriver.New() - registry, err := NewRegistry(ctx, driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableDelete, EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - repository, err := registry.Repository(ctx, imageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - bs := repository.Blobs(ctx) - - randomLayerReader, dgst, err := testutil.CreateRandomTarFile() // TODO(stevvooe): Consider using just a random string. - if err != nil { - t.Fatalf("error creating random data: %v", err) - } - - // Test for existence. - desc, err := bs.Stat(ctx, dgst) - if err != distribution.ErrBlobUnknown { - t.Fatalf("expected not found error when testing for existence: %v", err) - } - - rc, err := bs.Open(ctx, dgst) - if err != distribution.ErrBlobUnknown { - t.Fatalf("expected not found error when opening non-existent blob: %v", err) - } - - randomLayerSize, err := seekerSize(randomLayerReader) - if err != nil { - t.Fatalf("error getting seeker size for random layer: %v", err) - } - - descBefore := distribution.Descriptor{Digest: dgst, MediaType: "application/octet-stream", Size: randomLayerSize} - t.Logf("desc: %v", descBefore) - - desc, err = addBlob(ctx, bs, descBefore, randomLayerReader) - if err != nil { - t.Fatalf("error adding blob to blobservice: %v", err) - } - - if desc.Size != randomLayerSize { - t.Fatalf("committed blob has incorrect length: %v != %v", desc.Size, randomLayerSize) - } - - rc, err = bs.Open(ctx, desc.Digest) // note that we are opening with original digest. - if err != nil { - t.Fatalf("error opening blob with %v: %v", dgst, err) - } - defer rc.Close() - - // Now check the sha digest and ensure its the same - h := sha256.New() - nn, err := io.Copy(h, rc) - if err != nil { - t.Fatalf("unexpected error copying to hash: %v", err) - } - - if nn != randomLayerSize { - t.Fatalf("stored incorrect number of bytes in blob: %d != %d", nn, randomLayerSize) - } - - sha256Digest := digest.NewDigest("sha256", h) - if sha256Digest != desc.Digest { - t.Fatalf("fetched digest does not match: %q != %q", sha256Digest, desc.Digest) - } - - // Now seek back the blob, read the whole thing and check against randomLayerData - offset, err := rc.Seek(0, os.SEEK_SET) - if err != nil { - t.Fatalf("error seeking blob: %v", err) - } - - if offset != 0 { - t.Fatalf("seek failed: expected 0 offset, got %d", offset) - } - - p, err := ioutil.ReadAll(rc) - if err != nil { - t.Fatalf("error reading all of blob: %v", err) - } - - if len(p) != int(randomLayerSize) { - t.Fatalf("blob data read has different length: %v != %v", len(p), randomLayerSize) - } - - // Reset the randomLayerReader and read back the buffer - _, err = randomLayerReader.Seek(0, os.SEEK_SET) - if err != nil { - t.Fatalf("error resetting layer reader: %v", err) - } - - randomLayerData, err := ioutil.ReadAll(randomLayerReader) - if err != nil { - t.Fatalf("random layer read failed: %v", err) - } - - if !bytes.Equal(p, randomLayerData) { - t.Fatalf("layer data not equal") - } -} - -// TestBlobMount covers the blob mount process, exercising common -// error paths that might be seen during a mount. -func TestBlobMount(t *testing.T) { - randomDataReader, dgst, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("error creating random reader: %v", err) - } - - ctx := context.Background() - imageName, _ := reference.ParseNamed("foo/bar") - sourceImageName, _ := reference.ParseNamed("foo/source") - driver := testdriver.New() - registry, err := NewRegistry(ctx, driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableDelete, EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - - repository, err := registry.Repository(ctx, imageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - sourceRepository, err := registry.Repository(ctx, sourceImageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - - sbs := sourceRepository.Blobs(ctx) - - blobUpload, err := sbs.Create(ctx) - - if err != nil { - t.Fatalf("unexpected error starting layer upload: %s", err) - } - - // Get the size of our random tarfile - randomDataSize, err := seekerSize(randomDataReader) - if err != nil { - t.Fatalf("error getting seeker size of random data: %v", err) - } - - nn, err := io.Copy(blobUpload, randomDataReader) - if err != nil { - t.Fatalf("unexpected error uploading layer data: %v", err) - } - - desc, err := blobUpload.Commit(ctx, distribution.Descriptor{Digest: dgst}) - if err != nil { - t.Fatalf("unexpected error finishing layer upload: %v", err) - } - - // Test for existence. - statDesc, err := sbs.Stat(ctx, desc.Digest) - if err != nil { - t.Fatalf("unexpected error checking for existence: %v, %#v", err, sbs) - } - - if !reflect.DeepEqual(statDesc, desc) { - t.Fatalf("descriptors not equal: %v != %v", statDesc, desc) - } - - bs := repository.Blobs(ctx) - // Test destination for existence. - statDesc, err = bs.Stat(ctx, desc.Digest) - if err == nil { - t.Fatalf("unexpected non-error stating unmounted blob: %v", desc) - } - - canonicalRef, err := reference.WithDigest(sourceRepository.Named(), desc.Digest) - if err != nil { - t.Fatal(err) - } - - bw, err := bs.Create(ctx, WithMountFrom(canonicalRef)) - if bw != nil { - t.Fatal("unexpected blobwriter returned from Create call, should mount instead") - } - - ebm, ok := err.(distribution.ErrBlobMounted) - if !ok { - t.Fatalf("unexpected error mounting layer: %v", err) - } - - if !reflect.DeepEqual(ebm.Descriptor, desc) { - t.Fatalf("descriptors not equal: %v != %v", ebm.Descriptor, desc) - } - - // Test for existence. - statDesc, err = bs.Stat(ctx, desc.Digest) - if err != nil { - t.Fatalf("unexpected error checking for existence: %v, %#v", err, bs) - } - - if !reflect.DeepEqual(statDesc, desc) { - t.Fatalf("descriptors not equal: %v != %v", statDesc, desc) - } - - rc, err := bs.Open(ctx, desc.Digest) - if err != nil { - t.Fatalf("unexpected error opening blob for read: %v", err) - } - defer rc.Close() - - h := sha256.New() - nn, err = io.Copy(h, rc) - if err != nil { - t.Fatalf("error reading layer: %v", err) - } - - if nn != randomDataSize { - t.Fatalf("incorrect read length") - } - - if digest.NewDigest("sha256", h) != dgst { - t.Fatalf("unexpected digest from uploaded layer: %q != %q", digest.NewDigest("sha256", h), dgst) - } - - // Delete the blob from the source repo - err = sbs.Delete(ctx, desc.Digest) - if err != nil { - t.Fatalf("Unexpected error deleting blob") - } - - d, err := bs.Stat(ctx, desc.Digest) - if err != nil { - t.Fatalf("unexpected error stating blob deleted from source repository: %v", err) - } - - d, err = sbs.Stat(ctx, desc.Digest) - if err == nil { - t.Fatalf("unexpected non-error stating deleted blob: %v", d) - } - - switch err { - case distribution.ErrBlobUnknown: - break - default: - t.Errorf("Unexpected error type stat-ing deleted manifest: %#v", err) - } - - // Delete the blob from the dest repo - err = bs.Delete(ctx, desc.Digest) - if err != nil { - t.Fatalf("Unexpected error deleting blob") - } - - d, err = bs.Stat(ctx, desc.Digest) - if err == nil { - t.Fatalf("unexpected non-error stating deleted blob: %v", d) - } - - switch err { - case distribution.ErrBlobUnknown: - break - default: - t.Errorf("Unexpected error type stat-ing deleted manifest: %#v", err) - } -} - -// TestLayerUploadZeroLength uploads zero-length -func TestLayerUploadZeroLength(t *testing.T) { - ctx := context.Background() - imageName, _ := reference.ParseNamed("foo/bar") - driver := testdriver.New() - registry, err := NewRegistry(ctx, driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableDelete, EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - repository, err := registry.Repository(ctx, imageName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - bs := repository.Blobs(ctx) - - simpleUpload(t, bs, []byte{}, digest.DigestSha256EmptyTar) -} - -func simpleUpload(t *testing.T, bs distribution.BlobIngester, blob []byte, expectedDigest digest.Digest) { - ctx := context.Background() - wr, err := bs.Create(ctx) - if err != nil { - t.Fatalf("unexpected error starting upload: %v", err) - } - - nn, err := io.Copy(wr, bytes.NewReader(blob)) - if err != nil { - t.Fatalf("error copying into blob writer: %v", err) - } - - if nn != 0 { - t.Fatalf("unexpected number of bytes copied: %v > 0", nn) - } - - dgst, err := digest.FromReader(bytes.NewReader(blob)) - if err != nil { - t.Fatalf("error getting digest: %v", err) - } - - if dgst != expectedDigest { - // sanity check on zero digest - t.Fatalf("digest not as expected: %v != %v", dgst, expectedDigest) - } - - desc, err := wr.Commit(ctx, distribution.Descriptor{Digest: dgst}) - if err != nil { - t.Fatalf("unexpected error committing write: %v", err) - } - - if desc.Digest != dgst { - t.Fatalf("unexpected digest: %v != %v", desc.Digest, dgst) - } -} - -// seekerSize seeks to the end of seeker, checks the size and returns it to -// the original state, returning the size. The state of the seeker should be -// treated as unknown if an error is returned. -func seekerSize(seeker io.ReadSeeker) (int64, error) { - current, err := seeker.Seek(0, os.SEEK_CUR) - if err != nil { - return 0, err - } - - end, err := seeker.Seek(0, os.SEEK_END) - if err != nil { - return 0, err - } - - resumed, err := seeker.Seek(current, os.SEEK_SET) - if err != nil { - return 0, err - } - - if resumed != current { - return 0, fmt.Errorf("error returning seeker to original state, could not seek back to original location") - } - - return end, nil -} - -// addBlob simply consumes the reader and inserts into the blob service, -// returning a descriptor on success. -func addBlob(ctx context.Context, bs distribution.BlobIngester, desc distribution.Descriptor, rd io.Reader) (distribution.Descriptor, error) { - wr, err := bs.Create(ctx) - if err != nil { - return distribution.Descriptor{}, err - } - defer wr.Cancel(ctx) - - if nn, err := io.Copy(wr, rd); err != nil { - return distribution.Descriptor{}, err - } else if nn != desc.Size { - return distribution.Descriptor{}, fmt.Errorf("incorrect number of bytes copied: %v != %v", nn, desc.Size) - } - - return wr.Commit(ctx, desc) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blobcachemetrics.go b/vendor/github.com/docker/distribution/registry/storage/blobcachemetrics.go deleted file mode 100644 index fad0a77a..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blobcachemetrics.go +++ /dev/null @@ -1,60 +0,0 @@ -package storage - -import ( - "expvar" - "sync/atomic" - - "github.com/docker/distribution/registry/storage/cache" -) - -type blobStatCollector struct { - metrics cache.Metrics -} - -func (bsc *blobStatCollector) Hit() { - atomic.AddUint64(&bsc.metrics.Requests, 1) - atomic.AddUint64(&bsc.metrics.Hits, 1) -} - -func (bsc *blobStatCollector) Miss() { - atomic.AddUint64(&bsc.metrics.Requests, 1) - atomic.AddUint64(&bsc.metrics.Misses, 1) -} - -func (bsc *blobStatCollector) Metrics() cache.Metrics { - return bsc.metrics -} - -// blobStatterCacheMetrics keeps track of cache metrics for blob descriptor -// cache requests. Note this is kept globally and made available via expvar. -// For more detailed metrics, its recommend to instrument a particular cache -// implementation. -var blobStatterCacheMetrics cache.MetricsTracker = &blobStatCollector{} - -func init() { - registry := expvar.Get("registry") - if registry == nil { - registry = expvar.NewMap("registry") - } - - cache := registry.(*expvar.Map).Get("cache") - if cache == nil { - cache = &expvar.Map{} - cache.(*expvar.Map).Init() - registry.(*expvar.Map).Set("cache", cache) - } - - storage := cache.(*expvar.Map).Get("storage") - if storage == nil { - storage = &expvar.Map{} - storage.(*expvar.Map).Init() - cache.(*expvar.Map).Set("storage", storage) - } - - storage.(*expvar.Map).Set("blobdescriptor", expvar.Func(func() interface{} { - // no need for synchronous access: the increments are atomic and - // during reading, we don't care if the data is up to date. The - // numbers will always *eventually* be reported correctly. - return blobStatterCacheMetrics - })) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blobserver.go b/vendor/github.com/docker/distribution/registry/storage/blobserver.go deleted file mode 100644 index 2655e011..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blobserver.go +++ /dev/null @@ -1,78 +0,0 @@ -package storage - -import ( - "fmt" - "net/http" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/storage/driver" -) - -// TODO(stevvooe): This should configurable in the future. -const blobCacheControlMaxAge = 365 * 24 * time.Hour - -// blobServer simply serves blobs from a driver instance using a path function -// to identify paths and a descriptor service to fill in metadata. -type blobServer struct { - driver driver.StorageDriver - statter distribution.BlobStatter - pathFn func(dgst digest.Digest) (string, error) - redirect bool // allows disabling URLFor redirects -} - -func (bs *blobServer) ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error { - desc, err := bs.statter.Stat(ctx, dgst) - if err != nil { - return err - } - - path, err := bs.pathFn(desc.Digest) - if err != nil { - return err - } - - if bs.redirect { - redirectURL, err := bs.driver.URLFor(ctx, path, map[string]interface{}{"method": r.Method}) - switch err.(type) { - case nil: - // Redirect to storage URL. - http.Redirect(w, r, redirectURL, http.StatusTemporaryRedirect) - return err - - case driver.ErrUnsupportedMethod: - // Fallback to serving the content directly. - default: - // Some unexpected error. - return err - } - } - - br, err := newFileReader(ctx, bs.driver, path, desc.Size) - if err != nil { - return err - } - defer br.Close() - - w.Header().Set("ETag", fmt.Sprintf(`"%s"`, desc.Digest)) // If-None-Match handled by ServeContent - w.Header().Set("Cache-Control", fmt.Sprintf("max-age=%.f", blobCacheControlMaxAge.Seconds())) - - if w.Header().Get("Docker-Content-Digest") == "" { - w.Header().Set("Docker-Content-Digest", desc.Digest.String()) - } - - if w.Header().Get("Content-Type") == "" { - // Set the content type if not already set. - w.Header().Set("Content-Type", desc.MediaType) - } - - if w.Header().Get("Content-Length") == "" { - // Set the content length if not already set. - w.Header().Set("Content-Length", fmt.Sprint(desc.Size)) - } - - http.ServeContent(w, r, desc.Digest.String(), time.Time{}, br) - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blobstore.go b/vendor/github.com/docker/distribution/registry/storage/blobstore.go deleted file mode 100644 index 4274cc9e..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blobstore.go +++ /dev/null @@ -1,223 +0,0 @@ -package storage - -import ( - "path" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/storage/driver" -) - -// blobStore implements the read side of the blob store interface over a -// driver without enforcing per-repository membership. This object is -// intentionally a leaky abstraction, providing utility methods that support -// creating and traversing backend links. -type blobStore struct { - driver driver.StorageDriver - statter distribution.BlobStatter -} - -var _ distribution.BlobProvider = &blobStore{} - -// Get implements the BlobReadService.Get call. -func (bs *blobStore) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - bp, err := bs.path(dgst) - if err != nil { - return nil, err - } - - p, err := bs.driver.GetContent(ctx, bp) - if err != nil { - switch err.(type) { - case driver.PathNotFoundError: - return nil, distribution.ErrBlobUnknown - } - - return nil, err - } - - return p, err -} - -func (bs *blobStore) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - desc, err := bs.statter.Stat(ctx, dgst) - if err != nil { - return nil, err - } - - path, err := bs.path(desc.Digest) - if err != nil { - return nil, err - } - - return newFileReader(ctx, bs.driver, path, desc.Size) -} - -// Put stores the content p in the blob store, calculating the digest. If the -// content is already present, only the digest will be returned. This should -// only be used for small objects, such as manifests. This implemented as a convenience for other Put implementations -func (bs *blobStore) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - dgst := digest.FromBytes(p) - desc, err := bs.statter.Stat(ctx, dgst) - if err == nil { - // content already present - return desc, nil - } else if err != distribution.ErrBlobUnknown { - context.GetLogger(ctx).Errorf("blobStore: error stating content (%v): %v", dgst, err) - // real error, return it - return distribution.Descriptor{}, err - } - - bp, err := bs.path(dgst) - if err != nil { - return distribution.Descriptor{}, err - } - - // TODO(stevvooe): Write out mediatype here, as well. - return distribution.Descriptor{ - Size: int64(len(p)), - - // NOTE(stevvooe): The central blob store firewalls media types from - // other users. The caller should look this up and override the value - // for the specific repository. - MediaType: "application/octet-stream", - Digest: dgst, - }, bs.driver.PutContent(ctx, bp, p) -} - -func (bs *blobStore) Enumerate(ctx context.Context, ingester func(dgst digest.Digest) error) error { - - specPath, err := pathFor(blobsPathSpec{}) - if err != nil { - return err - } - - err = Walk(ctx, bs.driver, specPath, func(fileInfo driver.FileInfo) error { - // skip directories - if fileInfo.IsDir() { - return nil - } - - currentPath := fileInfo.Path() - // we only want to parse paths that end with /data - _, fileName := path.Split(currentPath) - if fileName != "data" { - return nil - } - - digest, err := digestFromPath(currentPath) - if err != nil { - return err - } - - return ingester(digest) - }) - return err -} - -// path returns the canonical path for the blob identified by digest. The blob -// may or may not exist. -func (bs *blobStore) path(dgst digest.Digest) (string, error) { - bp, err := pathFor(blobDataPathSpec{ - digest: dgst, - }) - - if err != nil { - return "", err - } - - return bp, nil -} - -// link links the path to the provided digest by writing the digest into the -// target file. Caller must ensure that the blob actually exists. -func (bs *blobStore) link(ctx context.Context, path string, dgst digest.Digest) error { - // The contents of the "link" file are the exact string contents of the - // digest, which is specified in that package. - return bs.driver.PutContent(ctx, path, []byte(dgst)) -} - -// readlink returns the linked digest at path. -func (bs *blobStore) readlink(ctx context.Context, path string) (digest.Digest, error) { - content, err := bs.driver.GetContent(ctx, path) - if err != nil { - return "", err - } - - linked, err := digest.ParseDigest(string(content)) - if err != nil { - return "", err - } - - return linked, nil -} - -// resolve reads the digest link at path and returns the blob store path. -func (bs *blobStore) resolve(ctx context.Context, path string) (string, error) { - dgst, err := bs.readlink(ctx, path) - if err != nil { - return "", err - } - - return bs.path(dgst) -} - -type blobStatter struct { - driver driver.StorageDriver -} - -var _ distribution.BlobDescriptorService = &blobStatter{} - -// Stat implements BlobStatter.Stat by returning the descriptor for the blob -// in the main blob store. If this method returns successfully, there is -// strong guarantee that the blob exists and is available. -func (bs *blobStatter) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - path, err := pathFor(blobDataPathSpec{ - digest: dgst, - }) - - if err != nil { - return distribution.Descriptor{}, err - } - - fi, err := bs.driver.Stat(ctx, path) - if err != nil { - switch err := err.(type) { - case driver.PathNotFoundError: - return distribution.Descriptor{}, distribution.ErrBlobUnknown - default: - return distribution.Descriptor{}, err - } - } - - if fi.IsDir() { - // NOTE(stevvooe): This represents a corruption situation. Somehow, we - // calculated a blob path and then detected a directory. We log the - // error and then error on the side of not knowing about the blob. - context.GetLogger(ctx).Warnf("blob path should not be a directory: %q", path) - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - - // TODO(stevvooe): Add method to resolve the mediatype. We can store and - // cache a "global" media type for the blob, even if a specific repo has a - // mediatype that overrides the main one. - - return distribution.Descriptor{ - Size: fi.Size(), - - // NOTE(stevvooe): The central blob store firewalls media types from - // other users. The caller should look this up and override the value - // for the specific repository. - MediaType: "application/octet-stream", - Digest: dgst, - }, nil -} - -func (bs *blobStatter) Clear(ctx context.Context, dgst digest.Digest) error { - return distribution.ErrUnsupported -} - -func (bs *blobStatter) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - return distribution.ErrUnsupported -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blobwriter.go b/vendor/github.com/docker/distribution/registry/storage/blobwriter.go deleted file mode 100644 index 668a6fc9..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blobwriter.go +++ /dev/null @@ -1,399 +0,0 @@ -package storage - -import ( - "errors" - "fmt" - "io" - "path" - "time" - - "github.com/Sirupsen/logrus" - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -var ( - errResumableDigestNotAvailable = errors.New("resumable digest not available") -) - -// blobWriter is used to control the various aspects of resumable -// blob upload. -type blobWriter struct { - ctx context.Context - blobStore *linkedBlobStore - - id string - startedAt time.Time - digester digest.Digester - written int64 // track the contiguous write - - fileWriter storagedriver.FileWriter - driver storagedriver.StorageDriver - path string - - resumableDigestEnabled bool - committed bool -} - -var _ distribution.BlobWriter = &blobWriter{} - -// ID returns the identifier for this upload. -func (bw *blobWriter) ID() string { - return bw.id -} - -func (bw *blobWriter) StartedAt() time.Time { - return bw.startedAt -} - -// Commit marks the upload as completed, returning a valid descriptor. The -// final size and digest are checked against the first descriptor provided. -func (bw *blobWriter) Commit(ctx context.Context, desc distribution.Descriptor) (distribution.Descriptor, error) { - context.GetLogger(ctx).Debug("(*blobWriter).Commit") - - if err := bw.fileWriter.Commit(); err != nil { - return distribution.Descriptor{}, err - } - - bw.Close() - desc.Size = bw.Size() - - canonical, err := bw.validateBlob(ctx, desc) - if err != nil { - return distribution.Descriptor{}, err - } - - if err := bw.moveBlob(ctx, canonical); err != nil { - return distribution.Descriptor{}, err - } - - if err := bw.blobStore.linkBlob(ctx, canonical, desc.Digest); err != nil { - return distribution.Descriptor{}, err - } - - if err := bw.removeResources(ctx); err != nil { - return distribution.Descriptor{}, err - } - - err = bw.blobStore.blobAccessController.SetDescriptor(ctx, canonical.Digest, canonical) - if err != nil { - return distribution.Descriptor{}, err - } - - bw.committed = true - return canonical, nil -} - -// Cancel the blob upload process, releasing any resources associated with -// the writer and canceling the operation. -func (bw *blobWriter) Cancel(ctx context.Context) error { - context.GetLogger(ctx).Debug("(*blobWriter).Cancel") - if err := bw.fileWriter.Cancel(); err != nil { - return err - } - - if err := bw.Close(); err != nil { - context.GetLogger(ctx).Errorf("error closing blobwriter: %s", err) - } - - if err := bw.removeResources(ctx); err != nil { - return err - } - - return nil -} - -func (bw *blobWriter) Size() int64 { - return bw.fileWriter.Size() -} - -func (bw *blobWriter) Write(p []byte) (int, error) { - // Ensure that the current write offset matches how many bytes have been - // written to the digester. If not, we need to update the digest state to - // match the current write position. - if err := bw.resumeDigest(bw.blobStore.ctx); err != nil && err != errResumableDigestNotAvailable { - return 0, err - } - - n, err := io.MultiWriter(bw.fileWriter, bw.digester.Hash()).Write(p) - bw.written += int64(n) - - return n, err -} - -func (bw *blobWriter) ReadFrom(r io.Reader) (n int64, err error) { - // Ensure that the current write offset matches how many bytes have been - // written to the digester. If not, we need to update the digest state to - // match the current write position. - if err := bw.resumeDigest(bw.blobStore.ctx); err != nil && err != errResumableDigestNotAvailable { - return 0, err - } - - nn, err := io.Copy(io.MultiWriter(bw.fileWriter, bw.digester.Hash()), r) - bw.written += nn - - return nn, err -} - -func (bw *blobWriter) Close() error { - if bw.committed { - return errors.New("blobwriter close after commit") - } - - if err := bw.storeHashState(bw.blobStore.ctx); err != nil && err != errResumableDigestNotAvailable { - return err - } - - return bw.fileWriter.Close() -} - -// validateBlob checks the data against the digest, returning an error if it -// does not match. The canonical descriptor is returned. -func (bw *blobWriter) validateBlob(ctx context.Context, desc distribution.Descriptor) (distribution.Descriptor, error) { - var ( - verified, fullHash bool - canonical digest.Digest - ) - - if desc.Digest == "" { - // if no descriptors are provided, we have nothing to validate - // against. We don't really want to support this for the registry. - return distribution.Descriptor{}, distribution.ErrBlobInvalidDigest{ - Reason: fmt.Errorf("cannot validate against empty digest"), - } - } - - var size int64 - - // Stat the on disk file - if fi, err := bw.driver.Stat(ctx, bw.path); err != nil { - switch err := err.(type) { - case storagedriver.PathNotFoundError: - // NOTE(stevvooe): We really don't care if the file is - // not actually present for the reader. We now assume - // that the desc length is zero. - desc.Size = 0 - default: - // Any other error we want propagated up the stack. - return distribution.Descriptor{}, err - } - } else { - if fi.IsDir() { - return distribution.Descriptor{}, fmt.Errorf("unexpected directory at upload location %q", bw.path) - } - - size = fi.Size() - } - - if desc.Size > 0 { - if desc.Size != size { - return distribution.Descriptor{}, distribution.ErrBlobInvalidLength - } - } else { - // if provided 0 or negative length, we can assume caller doesn't know or - // care about length. - desc.Size = size - } - - // TODO(stevvooe): This section is very meandering. Need to be broken down - // to be a lot more clear. - - if err := bw.resumeDigest(ctx); err == nil { - canonical = bw.digester.Digest() - - if canonical.Algorithm() == desc.Digest.Algorithm() { - // Common case: client and server prefer the same canonical digest - // algorithm - currently SHA256. - verified = desc.Digest == canonical - } else { - // The client wants to use a different digest algorithm. They'll just - // have to be patient and wait for us to download and re-hash the - // uploaded content using that digest algorithm. - fullHash = true - } - } else if err == errResumableDigestNotAvailable { - // Not using resumable digests, so we need to hash the entire layer. - fullHash = true - } else { - return distribution.Descriptor{}, err - } - - if fullHash { - // a fantastic optimization: if the the written data and the size are - // the same, we don't need to read the data from the backend. This is - // because we've written the entire file in the lifecycle of the - // current instance. - if bw.written == size && digest.Canonical == desc.Digest.Algorithm() { - canonical = bw.digester.Digest() - verified = desc.Digest == canonical - } - - // If the check based on size fails, we fall back to the slowest of - // paths. We may be able to make the size-based check a stronger - // guarantee, so this may be defensive. - if !verified { - digester := digest.Canonical.New() - - digestVerifier, err := digest.NewDigestVerifier(desc.Digest) - if err != nil { - return distribution.Descriptor{}, err - } - - // Read the file from the backend driver and validate it. - fr, err := newFileReader(ctx, bw.driver, bw.path, desc.Size) - if err != nil { - return distribution.Descriptor{}, err - } - defer fr.Close() - - tr := io.TeeReader(fr, digester.Hash()) - - if _, err := io.Copy(digestVerifier, tr); err != nil { - return distribution.Descriptor{}, err - } - - canonical = digester.Digest() - verified = digestVerifier.Verified() - } - } - - if !verified { - context.GetLoggerWithFields(ctx, - map[interface{}]interface{}{ - "canonical": canonical, - "provided": desc.Digest, - }, "canonical", "provided"). - Errorf("canonical digest does match provided digest") - return distribution.Descriptor{}, distribution.ErrBlobInvalidDigest{ - Digest: desc.Digest, - Reason: fmt.Errorf("content does not match digest"), - } - } - - // update desc with canonical hash - desc.Digest = canonical - - if desc.MediaType == "" { - desc.MediaType = "application/octet-stream" - } - - return desc, nil -} - -// moveBlob moves the data into its final, hash-qualified destination, -// identified by dgst. The layer should be validated before commencing the -// move. -func (bw *blobWriter) moveBlob(ctx context.Context, desc distribution.Descriptor) error { - blobPath, err := pathFor(blobDataPathSpec{ - digest: desc.Digest, - }) - - if err != nil { - return err - } - - // Check for existence - if _, err := bw.blobStore.driver.Stat(ctx, blobPath); err != nil { - switch err := err.(type) { - case storagedriver.PathNotFoundError: - break // ensure that it doesn't exist. - default: - return err - } - } else { - // If the path exists, we can assume that the content has already - // been uploaded, since the blob storage is content-addressable. - // While it may be corrupted, detection of such corruption belongs - // elsewhere. - return nil - } - - // If no data was received, we may not actually have a file on disk. Check - // the size here and write a zero-length file to blobPath if this is the - // case. For the most part, this should only ever happen with zero-length - // tars. - if _, err := bw.blobStore.driver.Stat(ctx, bw.path); err != nil { - switch err := err.(type) { - case storagedriver.PathNotFoundError: - // HACK(stevvooe): This is slightly dangerous: if we verify above, - // get a hash, then the underlying file is deleted, we risk moving - // a zero-length blob into a nonzero-length blob location. To - // prevent this horrid thing, we employ the hack of only allowing - // to this happen for the digest of an empty tar. - if desc.Digest == digest.DigestSha256EmptyTar { - return bw.blobStore.driver.PutContent(ctx, blobPath, []byte{}) - } - - // We let this fail during the move below. - logrus. - WithField("upload.id", bw.ID()). - WithField("digest", desc.Digest).Warnf("attempted to move zero-length content with non-zero digest") - default: - return err // unrelated error - } - } - - // TODO(stevvooe): We should also write the mediatype when executing this move. - - return bw.blobStore.driver.Move(ctx, bw.path, blobPath) -} - -// removeResources should clean up all resources associated with the upload -// instance. An error will be returned if the clean up cannot proceed. If the -// resources are already not present, no error will be returned. -func (bw *blobWriter) removeResources(ctx context.Context) error { - dataPath, err := pathFor(uploadDataPathSpec{ - name: bw.blobStore.repository.Named().Name(), - id: bw.id, - }) - - if err != nil { - return err - } - - // Resolve and delete the containing directory, which should include any - // upload related files. - dirPath := path.Dir(dataPath) - if err := bw.blobStore.driver.Delete(ctx, dirPath); err != nil { - switch err := err.(type) { - case storagedriver.PathNotFoundError: - break // already gone! - default: - // This should be uncommon enough such that returning an error - // should be okay. At this point, the upload should be mostly - // complete, but perhaps the backend became unaccessible. - context.GetLogger(ctx).Errorf("unable to delete layer upload resources %q: %v", dirPath, err) - return err - } - } - - return nil -} - -func (bw *blobWriter) Reader() (io.ReadCloser, error) { - // todo(richardscothern): Change to exponential backoff, i=0.5, e=2, n=4 - try := 1 - for try <= 5 { - _, err := bw.driver.Stat(bw.ctx, bw.path) - if err == nil { - break - } - switch err.(type) { - case storagedriver.PathNotFoundError: - context.GetLogger(bw.ctx).Debugf("Nothing found on try %d, sleeping...", try) - time.Sleep(1 * time.Second) - try++ - default: - return nil, err - } - } - - readCloser, err := bw.driver.Reader(bw.ctx, bw.path, 0) - if err != nil { - return nil, err - } - - return readCloser, nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blobwriter_nonresumable.go b/vendor/github.com/docker/distribution/registry/storage/blobwriter_nonresumable.go deleted file mode 100644 index 32f13097..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blobwriter_nonresumable.go +++ /dev/null @@ -1,17 +0,0 @@ -// +build noresumabledigest - -package storage - -import ( - "github.com/docker/distribution/context" -) - -// resumeHashAt is a noop when resumable digest support is disabled. -func (bw *blobWriter) resumeDigest(ctx context.Context) error { - return errResumableDigestNotAvailable -} - -// storeHashState is a noop when resumable digest support is disabled. -func (bw *blobWriter) storeHashState(ctx context.Context) error { - return errResumableDigestNotAvailable -} diff --git a/vendor/github.com/docker/distribution/registry/storage/blobwriter_resumable.go b/vendor/github.com/docker/distribution/registry/storage/blobwriter_resumable.go deleted file mode 100644 index ff5482c3..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/blobwriter_resumable.go +++ /dev/null @@ -1,145 +0,0 @@ -// +build !noresumabledigest - -package storage - -import ( - "fmt" - "path" - "strconv" - - "github.com/Sirupsen/logrus" - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/stevvooe/resumable" - - // register resumable hashes with import - _ "github.com/stevvooe/resumable/sha256" - _ "github.com/stevvooe/resumable/sha512" -) - -// resumeDigest attempts to restore the state of the internal hash function -// by loading the most recent saved hash state equal to the current size of the blob. -func (bw *blobWriter) resumeDigest(ctx context.Context) error { - if !bw.resumableDigestEnabled { - return errResumableDigestNotAvailable - } - - h, ok := bw.digester.Hash().(resumable.Hash) - if !ok { - return errResumableDigestNotAvailable - } - offset := bw.fileWriter.Size() - if offset == int64(h.Len()) { - // State of digester is already at the requested offset. - return nil - } - - // List hash states from storage backend. - var hashStateMatch hashStateEntry - hashStates, err := bw.getStoredHashStates(ctx) - if err != nil { - return fmt.Errorf("unable to get stored hash states with offset %d: %s", offset, err) - } - - // Find the highest stored hashState with offset equal to - // the requested offset. - for _, hashState := range hashStates { - if hashState.offset == offset { - hashStateMatch = hashState - break // Found an exact offset match. - } - } - - if hashStateMatch.offset == 0 { - // No need to load any state, just reset the hasher. - h.Reset() - } else { - storedState, err := bw.driver.GetContent(ctx, hashStateMatch.path) - if err != nil { - return err - } - - if err = h.Restore(storedState); err != nil { - return err - } - } - - // Mind the gap. - if gapLen := offset - int64(h.Len()); gapLen > 0 { - return errResumableDigestNotAvailable - } - - return nil -} - -type hashStateEntry struct { - offset int64 - path string -} - -// getStoredHashStates returns a slice of hashStateEntries for this upload. -func (bw *blobWriter) getStoredHashStates(ctx context.Context) ([]hashStateEntry, error) { - uploadHashStatePathPrefix, err := pathFor(uploadHashStatePathSpec{ - name: bw.blobStore.repository.Named().String(), - id: bw.id, - alg: bw.digester.Digest().Algorithm(), - list: true, - }) - - if err != nil { - return nil, err - } - - paths, err := bw.blobStore.driver.List(ctx, uploadHashStatePathPrefix) - if err != nil { - if _, ok := err.(storagedriver.PathNotFoundError); !ok { - return nil, err - } - // Treat PathNotFoundError as no entries. - paths = nil - } - - hashStateEntries := make([]hashStateEntry, 0, len(paths)) - - for _, p := range paths { - pathSuffix := path.Base(p) - // The suffix should be the offset. - offset, err := strconv.ParseInt(pathSuffix, 0, 64) - if err != nil { - logrus.Errorf("unable to parse offset from upload state path %q: %s", p, err) - } - - hashStateEntries = append(hashStateEntries, hashStateEntry{offset: offset, path: p}) - } - - return hashStateEntries, nil -} - -func (bw *blobWriter) storeHashState(ctx context.Context) error { - if !bw.resumableDigestEnabled { - return errResumableDigestNotAvailable - } - - h, ok := bw.digester.Hash().(resumable.Hash) - if !ok { - return errResumableDigestNotAvailable - } - - uploadHashStatePath, err := pathFor(uploadHashStatePathSpec{ - name: bw.blobStore.repository.Named().String(), - id: bw.id, - alg: bw.digester.Digest().Algorithm(), - offset: int64(h.Len()), - }) - - if err != nil { - return err - } - - hashState, err := h.State() - if err != nil { - return err - } - - return bw.driver.PutContent(ctx, uploadHashStatePath, hashState) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/cache.go b/vendor/github.com/docker/distribution/registry/storage/cache/cache.go deleted file mode 100644 index 10a39091..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/cache.go +++ /dev/null @@ -1,35 +0,0 @@ -// Package cache provides facilities to speed up access to the storage -// backend. -package cache - -import ( - "fmt" - - "github.com/docker/distribution" -) - -// BlobDescriptorCacheProvider provides repository scoped -// BlobDescriptorService cache instances and a global descriptor cache. -type BlobDescriptorCacheProvider interface { - distribution.BlobDescriptorService - - RepositoryScoped(repo string) (distribution.BlobDescriptorService, error) -} - -// ValidateDescriptor provides a helper function to ensure that caches have -// common criteria for admitting descriptors. -func ValidateDescriptor(desc distribution.Descriptor) error { - if err := desc.Digest.Validate(); err != nil { - return err - } - - if desc.Size < 0 { - return fmt.Errorf("cache: invalid length in descriptor: %v < 0", desc.Size) - } - - if desc.MediaType == "" { - return fmt.Errorf("cache: empty mediatype on descriptor: %v", desc) - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/cachecheck/suite.go b/vendor/github.com/docker/distribution/registry/storage/cache/cachecheck/suite.go deleted file mode 100644 index a563c02a..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/cachecheck/suite.go +++ /dev/null @@ -1,180 +0,0 @@ -package cachecheck - -import ( - "reflect" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/storage/cache" -) - -// CheckBlobDescriptorCache takes a cache implementation through a common set -// of operations. If adding new tests, please add them here so new -// implementations get the benefit. This should be used for unit tests. -func CheckBlobDescriptorCache(t *testing.T, provider cache.BlobDescriptorCacheProvider) { - ctx := context.Background() - - checkBlobDescriptorCacheEmptyRepository(ctx, t, provider) - checkBlobDescriptorCacheSetAndRead(ctx, t, provider) - checkBlobDescriptorCacheClear(ctx, t, provider) -} - -func checkBlobDescriptorCacheEmptyRepository(ctx context.Context, t *testing.T, provider cache.BlobDescriptorCacheProvider) { - if _, err := provider.Stat(ctx, "sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"); err != distribution.ErrBlobUnknown { - t.Fatalf("expected unknown blob error with empty store: %v", err) - } - - cache, err := provider.RepositoryScoped("") - if err == nil { - t.Fatalf("expected an error when asking for invalid repo") - } - - cache, err = provider.RepositoryScoped("foo/bar") - if err != nil { - t.Fatalf("unexpected error getting repository: %v", err) - } - - if err := cache.SetDescriptor(ctx, "", distribution.Descriptor{ - Digest: "sha384:abc", - Size: 10, - MediaType: "application/octet-stream"}); err != digest.ErrDigestInvalidFormat { - t.Fatalf("expected error with invalid digest: %v", err) - } - - if err := cache.SetDescriptor(ctx, "sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111", distribution.Descriptor{ - Digest: "", - Size: 10, - MediaType: "application/octet-stream"}); err == nil { - t.Fatalf("expected error setting value on invalid descriptor") - } - - if _, err := cache.Stat(ctx, ""); err != digest.ErrDigestInvalidFormat { - t.Fatalf("expected error checking for cache item with empty digest: %v", err) - } - - if _, err := cache.Stat(ctx, "sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111"); err != distribution.ErrBlobUnknown { - t.Fatalf("expected unknown blob error with empty repo: %v", err) - } -} - -func checkBlobDescriptorCacheSetAndRead(ctx context.Context, t *testing.T, provider cache.BlobDescriptorCacheProvider) { - localDigest := digest.Digest("sha384:abc111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111") - expected := distribution.Descriptor{ - Digest: "sha256:abc1111111111111111111111111111111111111111111111111111111111111", - Size: 10, - MediaType: "application/octet-stream"} - - cache, err := provider.RepositoryScoped("foo/bar") - if err != nil { - t.Fatalf("unexpected error getting scoped cache: %v", err) - } - - if err := cache.SetDescriptor(ctx, localDigest, expected); err != nil { - t.Fatalf("error setting descriptor: %v", err) - } - - desc, err := cache.Stat(ctx, localDigest) - if err != nil { - t.Fatalf("unexpected error statting fake2:abc: %v", err) - } - - if !reflect.DeepEqual(expected, desc) { - t.Fatalf("unexpected descriptor: %#v != %#v", expected, desc) - } - - // also check that we set the canonical key ("fake:abc") - desc, err = cache.Stat(ctx, localDigest) - if err != nil { - t.Fatalf("descriptor not returned for canonical key: %v", err) - } - - if !reflect.DeepEqual(expected, desc) { - t.Fatalf("unexpected descriptor: %#v != %#v", expected, desc) - } - - // ensure that global gets extra descriptor mapping - desc, err = provider.Stat(ctx, localDigest) - if err != nil { - t.Fatalf("expected blob unknown in global cache: %v, %v", err, desc) - } - - if !reflect.DeepEqual(desc, expected) { - t.Fatalf("unexpected descriptor: %#v != %#v", expected, desc) - } - - // get at it through canonical descriptor - desc, err = provider.Stat(ctx, expected.Digest) - if err != nil { - t.Fatalf("unexpected error checking glboal descriptor: %v", err) - } - - if !reflect.DeepEqual(desc, expected) { - t.Fatalf("unexpected descriptor: %#v != %#v", expected, desc) - } - - // now, we set the repo local mediatype to something else and ensure it - // doesn't get changed in the provider cache. - expected.MediaType = "application/json" - - if err := cache.SetDescriptor(ctx, localDigest, expected); err != nil { - t.Fatalf("unexpected error setting descriptor: %v", err) - } - - desc, err = cache.Stat(ctx, localDigest) - if err != nil { - t.Fatalf("unexpected error getting descriptor: %v", err) - } - - if !reflect.DeepEqual(desc, expected) { - t.Fatalf("unexpected descriptor: %#v != %#v", desc, expected) - } - - desc, err = provider.Stat(ctx, localDigest) - if err != nil { - t.Fatalf("unexpected error getting global descriptor: %v", err) - } - - expected.MediaType = "application/octet-stream" // expect original mediatype in global - - if !reflect.DeepEqual(desc, expected) { - t.Fatalf("unexpected descriptor: %#v != %#v", desc, expected) - } -} - -func checkBlobDescriptorCacheClear(ctx context.Context, t *testing.T, provider cache.BlobDescriptorCacheProvider) { - localDigest := digest.Digest("sha384:def111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111") - expected := distribution.Descriptor{ - Digest: "sha256:def1111111111111111111111111111111111111111111111111111111111111", - Size: 10, - MediaType: "application/octet-stream"} - - cache, err := provider.RepositoryScoped("foo/bar") - if err != nil { - t.Fatalf("unexpected error getting scoped cache: %v", err) - } - - if err := cache.SetDescriptor(ctx, localDigest, expected); err != nil { - t.Fatalf("error setting descriptor: %v", err) - } - - desc, err := cache.Stat(ctx, localDigest) - if err != nil { - t.Fatalf("unexpected error statting fake2:abc: %v", err) - } - - if !reflect.DeepEqual(expected, desc) { - t.Fatalf("unexpected descriptor: %#v != %#v", expected, desc) - } - - err = cache.Clear(ctx, localDigest) - if err != nil { - t.Error(err) - } - - desc, err = cache.Stat(ctx, localDigest) - if err == nil { - t.Fatalf("expected error statting deleted blob: %v", err) - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/cachedblobdescriptorstore.go b/vendor/github.com/docker/distribution/registry/storage/cache/cachedblobdescriptorstore.go deleted file mode 100644 index 94ca8a90..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/cachedblobdescriptorstore.go +++ /dev/null @@ -1,101 +0,0 @@ -package cache - -import ( - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - - "github.com/docker/distribution" -) - -// Metrics is used to hold metric counters -// related to the number of times a cache was -// hit or missed. -type Metrics struct { - Requests uint64 - Hits uint64 - Misses uint64 -} - -// MetricsTracker represents a metric tracker -// which simply counts the number of hits and misses. -type MetricsTracker interface { - Hit() - Miss() - Metrics() Metrics -} - -type cachedBlobStatter struct { - cache distribution.BlobDescriptorService - backend distribution.BlobDescriptorService - tracker MetricsTracker -} - -// NewCachedBlobStatter creates a new statter which prefers a cache and -// falls back to a backend. -func NewCachedBlobStatter(cache distribution.BlobDescriptorService, backend distribution.BlobDescriptorService) distribution.BlobDescriptorService { - return &cachedBlobStatter{ - cache: cache, - backend: backend, - } -} - -// NewCachedBlobStatterWithMetrics creates a new statter which prefers a cache and -// falls back to a backend. Hits and misses will send to the tracker. -func NewCachedBlobStatterWithMetrics(cache distribution.BlobDescriptorService, backend distribution.BlobDescriptorService, tracker MetricsTracker) distribution.BlobStatter { - return &cachedBlobStatter{ - cache: cache, - backend: backend, - tracker: tracker, - } -} - -func (cbds *cachedBlobStatter) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - desc, err := cbds.cache.Stat(ctx, dgst) - if err != nil { - if err != distribution.ErrBlobUnknown { - context.GetLogger(ctx).Errorf("error retrieving descriptor from cache: %v", err) - } - - goto fallback - } - - if cbds.tracker != nil { - cbds.tracker.Hit() - } - return desc, nil -fallback: - if cbds.tracker != nil { - cbds.tracker.Miss() - } - desc, err = cbds.backend.Stat(ctx, dgst) - if err != nil { - return desc, err - } - - if err := cbds.cache.SetDescriptor(ctx, dgst, desc); err != nil { - context.GetLogger(ctx).Errorf("error adding descriptor %v to cache: %v", desc.Digest, err) - } - - return desc, err - -} - -func (cbds *cachedBlobStatter) Clear(ctx context.Context, dgst digest.Digest) error { - err := cbds.cache.Clear(ctx, dgst) - if err != nil { - return err - } - - err = cbds.backend.Clear(ctx, dgst) - if err != nil { - return err - } - return nil -} - -func (cbds *cachedBlobStatter) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - if err := cbds.cache.SetDescriptor(ctx, dgst, desc); err != nil { - context.GetLogger(ctx).Errorf("error adding descriptor %v to cache: %v", desc.Digest, err) - } - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/memory/memory.go b/vendor/github.com/docker/distribution/registry/storage/cache/memory/memory.go deleted file mode 100644 index cf125e18..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/memory/memory.go +++ /dev/null @@ -1,179 +0,0 @@ -package memory - -import ( - "sync" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/cache" -) - -type inMemoryBlobDescriptorCacheProvider struct { - global *mapBlobDescriptorCache - repositories map[string]*mapBlobDescriptorCache - mu sync.RWMutex -} - -// NewInMemoryBlobDescriptorCacheProvider returns a new mapped-based cache for -// storing blob descriptor data. -func NewInMemoryBlobDescriptorCacheProvider() cache.BlobDescriptorCacheProvider { - return &inMemoryBlobDescriptorCacheProvider{ - global: newMapBlobDescriptorCache(), - repositories: make(map[string]*mapBlobDescriptorCache), - } -} - -func (imbdcp *inMemoryBlobDescriptorCacheProvider) RepositoryScoped(repo string) (distribution.BlobDescriptorService, error) { - if _, err := reference.ParseNamed(repo); err != nil { - return nil, err - } - - imbdcp.mu.RLock() - defer imbdcp.mu.RUnlock() - - return &repositoryScopedInMemoryBlobDescriptorCache{ - repo: repo, - parent: imbdcp, - repository: imbdcp.repositories[repo], - }, nil -} - -func (imbdcp *inMemoryBlobDescriptorCacheProvider) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - return imbdcp.global.Stat(ctx, dgst) -} - -func (imbdcp *inMemoryBlobDescriptorCacheProvider) Clear(ctx context.Context, dgst digest.Digest) error { - return imbdcp.global.Clear(ctx, dgst) -} - -func (imbdcp *inMemoryBlobDescriptorCacheProvider) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - _, err := imbdcp.Stat(ctx, dgst) - if err == distribution.ErrBlobUnknown { - - if dgst.Algorithm() != desc.Digest.Algorithm() && dgst != desc.Digest { - // if the digests differ, set the other canonical mapping - if err := imbdcp.global.SetDescriptor(ctx, desc.Digest, desc); err != nil { - return err - } - } - - // unknown, just set it - return imbdcp.global.SetDescriptor(ctx, dgst, desc) - } - - // we already know it, do nothing - return err -} - -// repositoryScopedInMemoryBlobDescriptorCache provides the request scoped -// repository cache. Instances are not thread-safe but the delegated -// operations are. -type repositoryScopedInMemoryBlobDescriptorCache struct { - repo string - parent *inMemoryBlobDescriptorCacheProvider // allows lazy allocation of repo's map - repository *mapBlobDescriptorCache -} - -func (rsimbdcp *repositoryScopedInMemoryBlobDescriptorCache) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - rsimbdcp.parent.mu.Lock() - repo := rsimbdcp.repository - rsimbdcp.parent.mu.Unlock() - - if repo == nil { - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - - return repo.Stat(ctx, dgst) -} - -func (rsimbdcp *repositoryScopedInMemoryBlobDescriptorCache) Clear(ctx context.Context, dgst digest.Digest) error { - rsimbdcp.parent.mu.Lock() - repo := rsimbdcp.repository - rsimbdcp.parent.mu.Unlock() - - if repo == nil { - return distribution.ErrBlobUnknown - } - - return repo.Clear(ctx, dgst) -} - -func (rsimbdcp *repositoryScopedInMemoryBlobDescriptorCache) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - rsimbdcp.parent.mu.Lock() - repo := rsimbdcp.repository - if repo == nil { - // allocate map since we are setting it now. - var ok bool - // have to read back value since we may have allocated elsewhere. - repo, ok = rsimbdcp.parent.repositories[rsimbdcp.repo] - if !ok { - repo = newMapBlobDescriptorCache() - rsimbdcp.parent.repositories[rsimbdcp.repo] = repo - } - rsimbdcp.repository = repo - } - rsimbdcp.parent.mu.Unlock() - - if err := repo.SetDescriptor(ctx, dgst, desc); err != nil { - return err - } - - return rsimbdcp.parent.SetDescriptor(ctx, dgst, desc) -} - -// mapBlobDescriptorCache provides a simple map-based implementation of the -// descriptor cache. -type mapBlobDescriptorCache struct { - descriptors map[digest.Digest]distribution.Descriptor - mu sync.RWMutex -} - -var _ distribution.BlobDescriptorService = &mapBlobDescriptorCache{} - -func newMapBlobDescriptorCache() *mapBlobDescriptorCache { - return &mapBlobDescriptorCache{ - descriptors: make(map[digest.Digest]distribution.Descriptor), - } -} - -func (mbdc *mapBlobDescriptorCache) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - if err := dgst.Validate(); err != nil { - return distribution.Descriptor{}, err - } - - mbdc.mu.RLock() - defer mbdc.mu.RUnlock() - - desc, ok := mbdc.descriptors[dgst] - if !ok { - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - - return desc, nil -} - -func (mbdc *mapBlobDescriptorCache) Clear(ctx context.Context, dgst digest.Digest) error { - mbdc.mu.Lock() - defer mbdc.mu.Unlock() - - delete(mbdc.descriptors, dgst) - return nil -} - -func (mbdc *mapBlobDescriptorCache) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - if err := dgst.Validate(); err != nil { - return err - } - - if err := cache.ValidateDescriptor(desc); err != nil { - return err - } - - mbdc.mu.Lock() - defer mbdc.mu.Unlock() - - mbdc.descriptors[dgst] = desc - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/memory/memory_test.go b/vendor/github.com/docker/distribution/registry/storage/cache/memory/memory_test.go deleted file mode 100644 index 49c2b5c3..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/memory/memory_test.go +++ /dev/null @@ -1,13 +0,0 @@ -package memory - -import ( - "testing" - - "github.com/docker/distribution/registry/storage/cache/cachecheck" -) - -// TestInMemoryBlobInfoCache checks the in memory implementation is working -// correctly. -func TestInMemoryBlobInfoCache(t *testing.T) { - cachecheck.CheckBlobDescriptorCache(t, NewInMemoryBlobDescriptorCacheProvider()) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/redis/redis.go b/vendor/github.com/docker/distribution/registry/storage/cache/redis/redis.go deleted file mode 100644 index cb264b09..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/redis/redis.go +++ /dev/null @@ -1,268 +0,0 @@ -package redis - -import ( - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/cache" - "github.com/garyburd/redigo/redis" -) - -// redisBlobStatService provides an implementation of -// BlobDescriptorCacheProvider based on redis. Blob descriptors are stored in -// two parts. The first provide fast access to repository membership through a -// redis set for each repo. The second is a redis hash keyed by the digest of -// the layer, providing path, length and mediatype information. There is also -// a per-repository redis hash of the blob descriptor, allowing override of -// data. This is currently used to override the mediatype on a per-repository -// basis. -// -// Note that there is no implied relationship between these two caches. The -// layer may exist in one, both or none and the code must be written this way. -type redisBlobDescriptorService struct { - pool *redis.Pool - - // TODO(stevvooe): We use a pool because we don't have great control over - // the cache lifecycle to manage connections. A new connection if fetched - // for each operation. Once we have better lifecycle management of the - // request objects, we can change this to a connection. -} - -// NewRedisBlobDescriptorCacheProvider returns a new redis-based -// BlobDescriptorCacheProvider using the provided redis connection pool. -func NewRedisBlobDescriptorCacheProvider(pool *redis.Pool) cache.BlobDescriptorCacheProvider { - return &redisBlobDescriptorService{ - pool: pool, - } -} - -// RepositoryScoped returns the scoped cache. -func (rbds *redisBlobDescriptorService) RepositoryScoped(repo string) (distribution.BlobDescriptorService, error) { - if _, err := reference.ParseNamed(repo); err != nil { - return nil, err - } - - return &repositoryScopedRedisBlobDescriptorService{ - repo: repo, - upstream: rbds, - }, nil -} - -// Stat retrieves the descriptor data from the redis hash entry. -func (rbds *redisBlobDescriptorService) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - if err := dgst.Validate(); err != nil { - return distribution.Descriptor{}, err - } - - conn := rbds.pool.Get() - defer conn.Close() - - return rbds.stat(ctx, conn, dgst) -} - -func (rbds *redisBlobDescriptorService) Clear(ctx context.Context, dgst digest.Digest) error { - if err := dgst.Validate(); err != nil { - return err - } - - conn := rbds.pool.Get() - defer conn.Close() - - // Not atomic in redis <= 2.3 - reply, err := conn.Do("HDEL", rbds.blobDescriptorHashKey(dgst), "digest", "length", "mediatype") - if err != nil { - return err - } - - if reply == 0 { - return distribution.ErrBlobUnknown - } - - return nil -} - -// stat provides an internal stat call that takes a connection parameter. This -// allows some internal management of the connection scope. -func (rbds *redisBlobDescriptorService) stat(ctx context.Context, conn redis.Conn, dgst digest.Digest) (distribution.Descriptor, error) { - reply, err := redis.Values(conn.Do("HMGET", rbds.blobDescriptorHashKey(dgst), "digest", "size", "mediatype")) - if err != nil { - return distribution.Descriptor{}, err - } - - // NOTE(stevvooe): The "size" field used to be "length". We treat a - // missing "size" field here as an unknown blob, which causes a cache - // miss, effectively migrating the field. - if len(reply) < 3 || reply[0] == nil || reply[1] == nil { // don't care if mediatype is nil - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - - var desc distribution.Descriptor - if _, err := redis.Scan(reply, &desc.Digest, &desc.Size, &desc.MediaType); err != nil { - return distribution.Descriptor{}, err - } - - return desc, nil -} - -// SetDescriptor sets the descriptor data for the given digest using a redis -// hash. A hash is used here since we may store unrelated fields about a layer -// in the future. -func (rbds *redisBlobDescriptorService) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - if err := dgst.Validate(); err != nil { - return err - } - - if err := cache.ValidateDescriptor(desc); err != nil { - return err - } - - conn := rbds.pool.Get() - defer conn.Close() - - return rbds.setDescriptor(ctx, conn, dgst, desc) -} - -func (rbds *redisBlobDescriptorService) setDescriptor(ctx context.Context, conn redis.Conn, dgst digest.Digest, desc distribution.Descriptor) error { - if _, err := conn.Do("HMSET", rbds.blobDescriptorHashKey(dgst), - "digest", desc.Digest, - "size", desc.Size); err != nil { - return err - } - - // Only set mediatype if not already set. - if _, err := conn.Do("HSETNX", rbds.blobDescriptorHashKey(dgst), - "mediatype", desc.MediaType); err != nil { - return err - } - - return nil -} - -func (rbds *redisBlobDescriptorService) blobDescriptorHashKey(dgst digest.Digest) string { - return "blobs::" + dgst.String() -} - -type repositoryScopedRedisBlobDescriptorService struct { - repo string - upstream *redisBlobDescriptorService -} - -var _ distribution.BlobDescriptorService = &repositoryScopedRedisBlobDescriptorService{} - -// Stat ensures that the digest is a member of the specified repository and -// forwards the descriptor request to the global blob store. If the media type -// differs for the repository, we override it. -func (rsrbds *repositoryScopedRedisBlobDescriptorService) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - if err := dgst.Validate(); err != nil { - return distribution.Descriptor{}, err - } - - conn := rsrbds.upstream.pool.Get() - defer conn.Close() - - // Check membership to repository first - member, err := redis.Bool(conn.Do("SISMEMBER", rsrbds.repositoryBlobSetKey(rsrbds.repo), dgst)) - if err != nil { - return distribution.Descriptor{}, err - } - - if !member { - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - - upstream, err := rsrbds.upstream.stat(ctx, conn, dgst) - if err != nil { - return distribution.Descriptor{}, err - } - - // We allow a per repository mediatype, let's look it up here. - mediatype, err := redis.String(conn.Do("HGET", rsrbds.blobDescriptorHashKey(dgst), "mediatype")) - if err != nil { - return distribution.Descriptor{}, err - } - - if mediatype != "" { - upstream.MediaType = mediatype - } - - return upstream, nil -} - -// Clear removes the descriptor from the cache and forwards to the upstream descriptor store -func (rsrbds *repositoryScopedRedisBlobDescriptorService) Clear(ctx context.Context, dgst digest.Digest) error { - if err := dgst.Validate(); err != nil { - return err - } - - conn := rsrbds.upstream.pool.Get() - defer conn.Close() - - // Check membership to repository first - member, err := redis.Bool(conn.Do("SISMEMBER", rsrbds.repositoryBlobSetKey(rsrbds.repo), dgst)) - if err != nil { - return err - } - - if !member { - return distribution.ErrBlobUnknown - } - - return rsrbds.upstream.Clear(ctx, dgst) -} - -func (rsrbds *repositoryScopedRedisBlobDescriptorService) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - if err := dgst.Validate(); err != nil { - return err - } - - if err := cache.ValidateDescriptor(desc); err != nil { - return err - } - - if dgst != desc.Digest { - if dgst.Algorithm() == desc.Digest.Algorithm() { - return fmt.Errorf("redis cache: digest for descriptors differ but algorthim does not: %q != %q", dgst, desc.Digest) - } - } - - conn := rsrbds.upstream.pool.Get() - defer conn.Close() - - return rsrbds.setDescriptor(ctx, conn, dgst, desc) -} - -func (rsrbds *repositoryScopedRedisBlobDescriptorService) setDescriptor(ctx context.Context, conn redis.Conn, dgst digest.Digest, desc distribution.Descriptor) error { - if _, err := conn.Do("SADD", rsrbds.repositoryBlobSetKey(rsrbds.repo), dgst); err != nil { - return err - } - - if err := rsrbds.upstream.setDescriptor(ctx, conn, dgst, desc); err != nil { - return err - } - - // Override repository mediatype. - if _, err := conn.Do("HSET", rsrbds.blobDescriptorHashKey(dgst), "mediatype", desc.MediaType); err != nil { - return err - } - - // Also set the values for the primary descriptor, if they differ by - // algorithm (ie sha256 vs sha512). - if desc.Digest != "" && dgst != desc.Digest && dgst.Algorithm() != desc.Digest.Algorithm() { - if err := rsrbds.setDescriptor(ctx, conn, desc.Digest, desc); err != nil { - return err - } - } - - return nil -} - -func (rsrbds *repositoryScopedRedisBlobDescriptorService) blobDescriptorHashKey(dgst digest.Digest) string { - return "repository::" + rsrbds.repo + "::blobs::" + dgst.String() -} - -func (rsrbds *repositoryScopedRedisBlobDescriptorService) repositoryBlobSetKey(repo string) string { - return "repository::" + rsrbds.repo + "::blobs" -} diff --git a/vendor/github.com/docker/distribution/registry/storage/cache/redis/redis_test.go b/vendor/github.com/docker/distribution/registry/storage/cache/redis/redis_test.go deleted file mode 100644 index d324842d..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/cache/redis/redis_test.go +++ /dev/null @@ -1,53 +0,0 @@ -package redis - -import ( - "flag" - "os" - "testing" - "time" - - "github.com/docker/distribution/registry/storage/cache/cachecheck" - "github.com/garyburd/redigo/redis" -) - -var redisAddr string - -func init() { - flag.StringVar(&redisAddr, "test.registry.storage.cache.redis.addr", "", "configure the address of a test instance of redis") -} - -// TestRedisLayerInfoCache exercises a live redis instance using the cache -// implementation. -func TestRedisBlobDescriptorCacheProvider(t *testing.T) { - if redisAddr == "" { - // fallback to an environement variable - redisAddr = os.Getenv("TEST_REGISTRY_STORAGE_CACHE_REDIS_ADDR") - } - - if redisAddr == "" { - // skip if still not set - t.Skip("please set -test.registry.storage.cache.redis.addr to test layer info cache against redis") - } - - pool := &redis.Pool{ - Dial: func() (redis.Conn, error) { - return redis.Dial("tcp", redisAddr) - }, - MaxIdle: 1, - MaxActive: 2, - TestOnBorrow: func(c redis.Conn, t time.Time) error { - _, err := c.Do("PING") - return err - }, - Wait: false, // if a connection is not avialable, proceed without cache. - } - - // Clear the database - conn := pool.Get() - if _, err := conn.Do("FLUSHDB"); err != nil { - t.Fatalf("unexpected error flushing redis db: %v", err) - } - conn.Close() - - cachecheck.CheckBlobDescriptorCache(t, NewRedisBlobDescriptorCacheProvider(pool)) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/catalog.go b/vendor/github.com/docker/distribution/registry/storage/catalog.go deleted file mode 100644 index 0b59a39a..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/catalog.go +++ /dev/null @@ -1,153 +0,0 @@ -package storage - -import ( - "errors" - "io" - "path" - "strings" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/storage/driver" -) - -// errFinishedWalk signals an early exit to the walk when the current query -// is satisfied. -var errFinishedWalk = errors.New("finished walk") - -// Returns a list, or partial list, of repositories in the registry. -// Because it's a quite expensive operation, it should only be used when building up -// an initial set of repositories. -func (reg *registry) Repositories(ctx context.Context, repos []string, last string) (n int, err error) { - var foundRepos []string - - if len(repos) == 0 { - return 0, errors.New("no space in slice") - } - - root, err := pathFor(repositoriesRootPathSpec{}) - if err != nil { - return 0, err - } - - err = Walk(ctx, reg.blobStore.driver, root, func(fileInfo driver.FileInfo) error { - err := handleRepository(fileInfo, root, last, func(repoPath string) error { - foundRepos = append(foundRepos, repoPath) - return nil - }) - if err != nil { - return err - } - - // if we've filled our array, no need to walk any further - if len(foundRepos) == len(repos) { - return errFinishedWalk - } - - return nil - }) - - n = copy(repos, foundRepos) - - switch err { - case nil: - // nil means that we completed walk and didn't fill buffer. No more - // records are available. - err = io.EOF - case errFinishedWalk: - // more records are available. - err = nil - } - - return n, err -} - -// Enumerate applies ingester to each repository -func (reg *registry) Enumerate(ctx context.Context, ingester func(string) error) error { - root, err := pathFor(repositoriesRootPathSpec{}) - if err != nil { - return err - } - - err = Walk(ctx, reg.blobStore.driver, root, func(fileInfo driver.FileInfo) error { - return handleRepository(fileInfo, root, "", ingester) - }) - - return err -} - -// lessPath returns true if one path a is less than path b. -// -// A component-wise comparison is done, rather than the lexical comparison of -// strings. -func lessPath(a, b string) bool { - // we provide this behavior by making separator always sort first. - return compareReplaceInline(a, b, '/', '\x00') < 0 -} - -// compareReplaceInline modifies runtime.cmpstring to replace old with new -// during a byte-wise comparison. -func compareReplaceInline(s1, s2 string, old, new byte) int { - // TODO(stevvooe): We are missing an optimization when the s1 and s2 have - // the exact same slice header. It will make the code unsafe but can - // provide some extra performance. - - l := len(s1) - if len(s2) < l { - l = len(s2) - } - - for i := 0; i < l; i++ { - c1, c2 := s1[i], s2[i] - if c1 == old { - c1 = new - } - - if c2 == old { - c2 = new - } - - if c1 < c2 { - return -1 - } - - if c1 > c2 { - return +1 - } - } - - if len(s1) < len(s2) { - return -1 - } - - if len(s1) > len(s2) { - return +1 - } - - return 0 -} - -// handleRepository calls function fn with a repository path if fileInfo -// has a path of a repository under root and that it is lexographically -// after last. Otherwise, it will return ErrSkipDir. This should be used -// with Walk to do handling with repositories in a storage. -func handleRepository(fileInfo driver.FileInfo, root, last string, fn func(repoPath string) error) error { - filePath := fileInfo.Path() - - // lop the base path off - repo := filePath[len(root)+1:] - - _, file := path.Split(repo) - if file == "_layers" { - repo = strings.TrimSuffix(repo, "/_layers") - if lessPath(last, repo) { - if err := fn(repo); err != nil { - return err - } - } - return ErrSkipDir - } else if strings.HasPrefix(file, "_") { - return ErrSkipDir - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/catalog_test.go b/vendor/github.com/docker/distribution/registry/storage/catalog_test.go deleted file mode 100644 index c69c0cdc..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/catalog_test.go +++ /dev/null @@ -1,324 +0,0 @@ -package storage - -import ( - "fmt" - "io" - "math/rand" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/inmemory" - "github.com/docker/distribution/testutil" -) - -type setupEnv struct { - ctx context.Context - driver driver.StorageDriver - expected []string - registry distribution.Namespace -} - -func setupFS(t *testing.T) *setupEnv { - d := inmemory.New() - ctx := context.Background() - registry, err := NewRegistry(ctx, d, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - - repos := []string{ - "foo/a", - "foo/b", - "foo-bar/a", - "bar/c", - "bar/d", - "bar/e", - "foo/d/in", - "foo-bar/b", - "test", - } - - for _, repo := range repos { - makeRepo(ctx, t, repo, registry) - } - - expected := []string{ - "bar/c", - "bar/d", - "bar/e", - "foo/a", - "foo/b", - "foo/d/in", - "foo-bar/a", - "foo-bar/b", - "test", - } - - return &setupEnv{ - ctx: ctx, - driver: d, - expected: expected, - registry: registry, - } -} - -func makeRepo(ctx context.Context, t *testing.T, name string, reg distribution.Namespace) { - named, err := reference.ParseNamed(name) - if err != nil { - t.Fatal(err) - } - - repo, _ := reg.Repository(ctx, named) - manifests, _ := repo.Manifests(ctx) - - layers, err := testutil.CreateRandomLayers(1) - if err != nil { - t.Fatal(err) - } - - err = testutil.UploadBlobs(repo, layers) - if err != nil { - t.Fatalf("failed to upload layers: %v", err) - } - - getKeys := func(digests map[digest.Digest]io.ReadSeeker) (ds []digest.Digest) { - for d := range digests { - ds = append(ds, d) - } - return - } - - manifest, err := testutil.MakeSchema1Manifest(getKeys(layers)) - if err != nil { - t.Fatal(err) - } - - _, err = manifests.Put(ctx, manifest) - if err != nil { - t.Fatalf("manifest upload failed: %v", err) - } - -} - -func TestCatalog(t *testing.T) { - env := setupFS(t) - - p := make([]string, 50) - - numFilled, err := env.registry.Repositories(env.ctx, p, "") - if numFilled != len(env.expected) { - t.Errorf("missing items in catalog") - } - - if !testEq(p, env.expected, len(env.expected)) { - t.Errorf("Expected catalog repos err") - } - - if err != io.EOF { - t.Errorf("Catalog has more values which we aren't expecting") - } -} - -func TestCatalogInParts(t *testing.T) { - env := setupFS(t) - - chunkLen := 3 - p := make([]string, chunkLen) - - numFilled, err := env.registry.Repositories(env.ctx, p, "") - if err == io.EOF || numFilled != len(p) { - t.Errorf("Expected more values in catalog") - } - - if !testEq(p, env.expected[0:chunkLen], numFilled) { - t.Errorf("Expected catalog first chunk err") - } - - lastRepo := p[len(p)-1] - numFilled, err = env.registry.Repositories(env.ctx, p, lastRepo) - - if err == io.EOF || numFilled != len(p) { - t.Errorf("Expected more values in catalog") - } - - if !testEq(p, env.expected[chunkLen:chunkLen*2], numFilled) { - t.Errorf("Expected catalog second chunk err") - } - - lastRepo = p[len(p)-1] - numFilled, err = env.registry.Repositories(env.ctx, p, lastRepo) - - if err != io.EOF || numFilled != len(p) { - t.Errorf("Expected end of catalog") - } - - if !testEq(p, env.expected[chunkLen*2:chunkLen*3], numFilled) { - t.Errorf("Expected catalog third chunk err") - } - - lastRepo = p[len(p)-1] - numFilled, err = env.registry.Repositories(env.ctx, p, lastRepo) - - if err != io.EOF { - t.Errorf("Catalog has more values which we aren't expecting") - } - - if numFilled != 0 { - t.Errorf("Expected catalog fourth chunk err") - } -} - -func TestCatalogEnumerate(t *testing.T) { - env := setupFS(t) - - var repos []string - repositoryEnumerator := env.registry.(distribution.RepositoryEnumerator) - err := repositoryEnumerator.Enumerate(env.ctx, func(repoName string) error { - repos = append(repos, repoName) - return nil - }) - if err != nil { - t.Errorf("Expected catalog enumerate err") - } - - if len(repos) != len(env.expected) { - t.Errorf("Expected catalog enumerate doesn't have correct number of values") - } - - if !testEq(repos, env.expected, len(env.expected)) { - t.Errorf("Expected catalog enumerate not over all values") - } -} - -func testEq(a, b []string, size int) bool { - for cnt := 0; cnt < size-1; cnt++ { - if a[cnt] != b[cnt] { - return false - } - } - return true -} - -func setupBadWalkEnv(t *testing.T) *setupEnv { - d := newBadListDriver() - ctx := context.Background() - registry, err := NewRegistry(ctx, d, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - - return &setupEnv{ - ctx: ctx, - driver: d, - registry: registry, - } -} - -type badListDriver struct { - driver.StorageDriver -} - -var _ driver.StorageDriver = &badListDriver{} - -func newBadListDriver() *badListDriver { - return &badListDriver{StorageDriver: inmemory.New()} -} - -func (d *badListDriver) List(ctx context.Context, path string) ([]string, error) { - return nil, fmt.Errorf("List error") -} - -func TestCatalogWalkError(t *testing.T) { - env := setupBadWalkEnv(t) - p := make([]string, 1) - - _, err := env.registry.Repositories(env.ctx, p, "") - if err == io.EOF { - t.Errorf("Expected catalog driver list error") - } -} - -func BenchmarkPathCompareEqual(B *testing.B) { - B.StopTimer() - pp := randomPath(100) - // make a real copy - ppb := append([]byte{}, []byte(pp)...) - a, b := pp, string(ppb) - - B.StartTimer() - for i := 0; i < B.N; i++ { - lessPath(a, b) - } -} - -func BenchmarkPathCompareNotEqual(B *testing.B) { - B.StopTimer() - a, b := randomPath(100), randomPath(100) - B.StartTimer() - - for i := 0; i < B.N; i++ { - lessPath(a, b) - } -} - -func BenchmarkPathCompareNative(B *testing.B) { - B.StopTimer() - a, b := randomPath(100), randomPath(100) - B.StartTimer() - - for i := 0; i < B.N; i++ { - c := a < b - c = c && false - } -} - -func BenchmarkPathCompareNativeEqual(B *testing.B) { - B.StopTimer() - pp := randomPath(100) - a, b := pp, pp - B.StartTimer() - - for i := 0; i < B.N; i++ { - c := a < b - c = c && false - } -} - -var filenameChars = []byte("abcdefghijklmnopqrstuvwxyz0123456789") -var separatorChars = []byte("._-") - -func randomPath(length int64) string { - path := "/" - for int64(len(path)) < length { - chunkLength := rand.Int63n(length-int64(len(path))) + 1 - chunk := randomFilename(chunkLength) - path += chunk - remaining := length - int64(len(path)) - if remaining == 1 { - path += randomFilename(1) - } else if remaining > 1 { - path += "/" - } - } - return path -} - -func randomFilename(length int64) string { - b := make([]byte, length) - wasSeparator := true - for i := range b { - if !wasSeparator && i < len(b)-1 && rand.Intn(4) == 0 { - b[i] = separatorChars[rand.Intn(len(separatorChars))] - wasSeparator = true - } else { - b[i] = filenameChars[rand.Intn(len(filenameChars))] - wasSeparator = false - } - } - return string(b) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/doc.go b/vendor/github.com/docker/distribution/registry/storage/doc.go deleted file mode 100644 index 387d9234..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/doc.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package storage contains storage services for use in the registry -// application. It should be considered an internal package, as of Go 1.4. -package storage diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/azure/azure.go b/vendor/github.com/docker/distribution/registry/storage/driver/azure/azure.go deleted file mode 100644 index 930b76a1..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/azure/azure.go +++ /dev/null @@ -1,483 +0,0 @@ -// Package azure provides a storagedriver.StorageDriver implementation to -// store blobs in Microsoft Azure Blob Storage Service. -package azure - -import ( - "bufio" - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "strings" - "time" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" - - azure "github.com/Azure/azure-sdk-for-go/storage" -) - -const driverName = "azure" - -const ( - paramAccountName = "accountname" - paramAccountKey = "accountkey" - paramContainer = "container" - paramRealm = "realm" - maxChunkSize = 4 * 1024 * 1024 -) - -type driver struct { - client azure.BlobStorageClient - container string -} - -type baseEmbed struct{ base.Base } - -// Driver is a storagedriver.StorageDriver implementation backed by -// Microsoft Azure Blob Storage Service. -type Driver struct{ baseEmbed } - -func init() { - factory.Register(driverName, &azureDriverFactory{}) -} - -type azureDriverFactory struct{} - -func (factory *azureDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -// FromParameters constructs a new Driver with a given parameters map. -func FromParameters(parameters map[string]interface{}) (*Driver, error) { - accountName, ok := parameters[paramAccountName] - if !ok || fmt.Sprint(accountName) == "" { - return nil, fmt.Errorf("No %s parameter provided", paramAccountName) - } - - accountKey, ok := parameters[paramAccountKey] - if !ok || fmt.Sprint(accountKey) == "" { - return nil, fmt.Errorf("No %s parameter provided", paramAccountKey) - } - - container, ok := parameters[paramContainer] - if !ok || fmt.Sprint(container) == "" { - return nil, fmt.Errorf("No %s parameter provided", paramContainer) - } - - realm, ok := parameters[paramRealm] - if !ok || fmt.Sprint(realm) == "" { - realm = azure.DefaultBaseURL - } - - return New(fmt.Sprint(accountName), fmt.Sprint(accountKey), fmt.Sprint(container), fmt.Sprint(realm)) -} - -// New constructs a new Driver with the given Azure Storage Account credentials -func New(accountName, accountKey, container, realm string) (*Driver, error) { - api, err := azure.NewClient(accountName, accountKey, realm, azure.DefaultAPIVersion, true) - if err != nil { - return nil, err - } - - blobClient := api.GetBlobService() - - // Create registry container - if _, err = blobClient.CreateContainerIfNotExists(container, azure.ContainerAccessTypePrivate); err != nil { - return nil, err - } - - d := &driver{ - client: blobClient, - container: container} - return &Driver{baseEmbed: baseEmbed{Base: base.Base{StorageDriver: d}}}, nil -} - -// Implement the storagedriver.StorageDriver interface. -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - blob, err := d.client.GetBlob(d.container, path) - if err != nil { - if is404(err) { - return nil, storagedriver.PathNotFoundError{Path: path} - } - return nil, err - } - - defer blob.Close() - return ioutil.ReadAll(blob) -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, path string, contents []byte) error { - if _, err := d.client.DeleteBlobIfExists(d.container, path, nil); err != nil { - return err - } - writer, err := d.Writer(ctx, path, false) - if err != nil { - return err - } - defer writer.Close() - _, err = writer.Write(contents) - if err != nil { - return err - } - return writer.Commit() -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - if ok, err := d.client.BlobExists(d.container, path); err != nil { - return nil, err - } else if !ok { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - info, err := d.client.GetBlobProperties(d.container, path) - if err != nil { - return nil, err - } - - size := int64(info.ContentLength) - if offset >= size { - return ioutil.NopCloser(bytes.NewReader(nil)), nil - } - - bytesRange := fmt.Sprintf("%v-", offset) - resp, err := d.client.GetBlobRange(d.container, path, bytesRange, nil) - if err != nil { - return nil, err - } - return resp, nil -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - blobExists, err := d.client.BlobExists(d.container, path) - if err != nil { - return nil, err - } - var size int64 - if blobExists { - if append { - blobProperties, err := d.client.GetBlobProperties(d.container, path) - if err != nil { - return nil, err - } - size = blobProperties.ContentLength - } else { - err := d.client.DeleteBlob(d.container, path, nil) - if err != nil { - return nil, err - } - } - } else { - if append { - return nil, storagedriver.PathNotFoundError{Path: path} - } - err := d.client.PutAppendBlob(d.container, path, nil) - if err != nil { - return nil, err - } - } - - return d.newWriter(path, size), nil -} - -// Stat retrieves the FileInfo for the given path, including the current size -// in bytes and the creation time. -func (d *driver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - // Check if the path is a blob - if ok, err := d.client.BlobExists(d.container, path); err != nil { - return nil, err - } else if ok { - blob, err := d.client.GetBlobProperties(d.container, path) - if err != nil { - return nil, err - } - - mtim, err := time.Parse(http.TimeFormat, blob.LastModified) - if err != nil { - return nil, err - } - - return storagedriver.FileInfoInternal{FileInfoFields: storagedriver.FileInfoFields{ - Path: path, - Size: int64(blob.ContentLength), - ModTime: mtim, - IsDir: false, - }}, nil - } - - // Check if path is a virtual container - virtContainerPath := path - if !strings.HasSuffix(virtContainerPath, "/") { - virtContainerPath += "/" - } - blobs, err := d.client.ListBlobs(d.container, azure.ListBlobsParameters{ - Prefix: virtContainerPath, - MaxResults: 1, - }) - if err != nil { - return nil, err - } - if len(blobs.Blobs) > 0 { - // path is a virtual container - return storagedriver.FileInfoInternal{FileInfoFields: storagedriver.FileInfoFields{ - Path: path, - IsDir: true, - }}, nil - } - - // path is not a blob or virtual container - return nil, storagedriver.PathNotFoundError{Path: path} -} - -// List returns a list of the objects that are direct descendants of the given -// path. -func (d *driver) List(ctx context.Context, path string) ([]string, error) { - if path == "/" { - path = "" - } - - blobs, err := d.listBlobs(d.container, path) - if err != nil { - return blobs, err - } - - list := directDescendants(blobs, path) - if path != "" && len(list) == 0 { - return nil, storagedriver.PathNotFoundError{Path: path} - } - return list, nil -} - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - sourceBlobURL := d.client.GetBlobURL(d.container, sourcePath) - err := d.client.CopyBlob(d.container, destPath, sourceBlobURL) - if err != nil { - if is404(err) { - return storagedriver.PathNotFoundError{Path: sourcePath} - } - return err - } - - return d.client.DeleteBlob(d.container, sourcePath, nil) -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(ctx context.Context, path string) error { - ok, err := d.client.DeleteBlobIfExists(d.container, path, nil) - if err != nil { - return err - } - if ok { - return nil // was a blob and deleted, return - } - - // Not a blob, see if path is a virtual container with blobs - blobs, err := d.listBlobs(d.container, path) - if err != nil { - return err - } - - for _, b := range blobs { - if err = d.client.DeleteBlob(d.container, b, nil); err != nil { - return err - } - } - - if len(blobs) == 0 { - return storagedriver.PathNotFoundError{Path: path} - } - return nil -} - -// URLFor returns a publicly accessible URL for the blob stored at given path -// for specified duration by making use of Azure Storage Shared Access Signatures (SAS). -// See https://msdn.microsoft.com/en-us/library/azure/ee395415.aspx for more info. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - expiresTime := time.Now().UTC().Add(20 * time.Minute) // default expiration - expires, ok := options["expiry"] - if ok { - t, ok := expires.(time.Time) - if ok { - expiresTime = t - } - } - return d.client.GetBlobSASURI(d.container, path, expiresTime, "r") -} - -// directDescendants will find direct descendants (blobs or virtual containers) -// of from list of blob paths and will return their full paths. Elements in blobs -// list must be prefixed with a "/" and -// -// Example: direct descendants of "/" in {"/foo", "/bar/1", "/bar/2"} is -// {"/foo", "/bar"} and direct descendants of "bar" is {"/bar/1", "/bar/2"} -func directDescendants(blobs []string, prefix string) []string { - if !strings.HasPrefix(prefix, "/") { // add trailing '/' - prefix = "/" + prefix - } - if !strings.HasSuffix(prefix, "/") { // containerify the path - prefix += "/" - } - - out := make(map[string]bool) - for _, b := range blobs { - if strings.HasPrefix(b, prefix) { - rel := b[len(prefix):] - c := strings.Count(rel, "/") - if c == 0 { - out[b] = true - } else { - out[prefix+rel[:strings.Index(rel, "/")]] = true - } - } - } - - var keys []string - for k := range out { - keys = append(keys, k) - } - return keys -} - -func (d *driver) listBlobs(container, virtPath string) ([]string, error) { - if virtPath != "" && !strings.HasSuffix(virtPath, "/") { // containerify the path - virtPath += "/" - } - - out := []string{} - marker := "" - for { - resp, err := d.client.ListBlobs(d.container, azure.ListBlobsParameters{ - Marker: marker, - Prefix: virtPath, - }) - - if err != nil { - return out, err - } - - for _, b := range resp.Blobs { - out = append(out, b.Name) - } - - if len(resp.Blobs) == 0 || resp.NextMarker == "" { - break - } - marker = resp.NextMarker - } - return out, nil -} - -func is404(err error) bool { - statusCodeErr, ok := err.(azure.AzureStorageServiceError) - return ok && statusCodeErr.StatusCode == http.StatusNotFound -} - -type writer struct { - driver *driver - path string - size int64 - bw *bufio.Writer - closed bool - committed bool - cancelled bool -} - -func (d *driver) newWriter(path string, size int64) storagedriver.FileWriter { - return &writer{ - driver: d, - path: path, - size: size, - bw: bufio.NewWriterSize(&blockWriter{ - client: d.client, - container: d.container, - path: path, - }, maxChunkSize), - } -} - -func (w *writer) Write(p []byte) (int, error) { - if w.closed { - return 0, fmt.Errorf("already closed") - } else if w.committed { - return 0, fmt.Errorf("already committed") - } else if w.cancelled { - return 0, fmt.Errorf("already cancelled") - } - - n, err := w.bw.Write(p) - w.size += int64(n) - return n, err -} - -func (w *writer) Size() int64 { - return w.size -} - -func (w *writer) Close() error { - if w.closed { - return fmt.Errorf("already closed") - } - w.closed = true - return w.bw.Flush() -} - -func (w *writer) Cancel() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } - w.cancelled = true - return w.driver.client.DeleteBlob(w.driver.container, w.path, nil) -} - -func (w *writer) Commit() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } else if w.cancelled { - return fmt.Errorf("already cancelled") - } - w.committed = true - return w.bw.Flush() -} - -type blockWriter struct { - client azure.BlobStorageClient - container string - path string -} - -func (bw *blockWriter) Write(p []byte) (int, error) { - n := 0 - for offset := 0; offset < len(p); offset += maxChunkSize { - chunkSize := maxChunkSize - if offset+chunkSize > len(p) { - chunkSize = len(p) - offset - } - err := bw.client.AppendBlock(bw.container, bw.path, p[offset:offset+chunkSize], nil) - if err != nil { - return n, err - } - - n += chunkSize - } - - return n, nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/azure/azure_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/azure/azure_test.go deleted file mode 100644 index 4a0661b3..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/azure/azure_test.go +++ /dev/null @@ -1,63 +0,0 @@ -package azure - -import ( - "fmt" - "os" - "strings" - "testing" - - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - . "gopkg.in/check.v1" -) - -const ( - envAccountName = "AZURE_STORAGE_ACCOUNT_NAME" - envAccountKey = "AZURE_STORAGE_ACCOUNT_KEY" - envContainer = "AZURE_STORAGE_CONTAINER" - envRealm = "AZURE_STORAGE_REALM" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { TestingT(t) } - -func init() { - var ( - accountName string - accountKey string - container string - realm string - ) - - config := []struct { - env string - value *string - }{ - {envAccountName, &accountName}, - {envAccountKey, &accountKey}, - {envContainer, &container}, - {envRealm, &realm}, - } - - missing := []string{} - for _, v := range config { - *v.value = os.Getenv(v.env) - if *v.value == "" { - missing = append(missing, v.env) - } - } - - azureDriverConstructor := func() (storagedriver.StorageDriver, error) { - return New(accountName, accountKey, container, realm) - } - - // Skip Azure storage driver tests if environment variable parameters are not provided - skipCheck := func() string { - if len(missing) > 0 { - return fmt.Sprintf("Must set %s environment variables to run Azure tests", strings.Join(missing, ", ")) - } - return "" - } - - testsuites.RegisterSuite(azureDriverConstructor, skipCheck) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/base/base.go b/vendor/github.com/docker/distribution/registry/storage/driver/base/base.go deleted file mode 100644 index e14f7edb..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/base/base.go +++ /dev/null @@ -1,198 +0,0 @@ -// Package base provides a base implementation of the storage driver that can -// be used to implement common checks. The goal is to increase the amount of -// code sharing. -// -// The canonical approach to use this class is to embed in the exported driver -// struct such that calls are proxied through this implementation. First, -// declare the internal driver, as follows: -// -// type driver struct { ... internal ...} -// -// The resulting type should implement StorageDriver such that it can be the -// target of a Base struct. The exported type can then be declared as follows: -// -// type Driver struct { -// Base -// } -// -// Because Driver embeds Base, it effectively implements Base. If the driver -// needs to intercept a call, before going to base, Driver should implement -// that method. Effectively, Driver can intercept calls before coming in and -// driver implements the actual logic. -// -// To further shield the embed from other packages, it is recommended to -// employ a private embed struct: -// -// type baseEmbed struct { -// base.Base -// } -// -// Then, declare driver to embed baseEmbed, rather than Base directly: -// -// type Driver struct { -// baseEmbed -// } -// -// The type now implements StorageDriver, proxying through Base, without -// exporting an unnecessary field. -package base - -import ( - "io" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -// Base provides a wrapper around a storagedriver implementation that provides -// common path and bounds checking. -type Base struct { - storagedriver.StorageDriver -} - -// Format errors received from the storage driver -func (base *Base) setDriverName(e error) error { - switch actual := e.(type) { - case nil: - return nil - case storagedriver.ErrUnsupportedMethod: - actual.DriverName = base.StorageDriver.Name() - return actual - case storagedriver.PathNotFoundError: - actual.DriverName = base.StorageDriver.Name() - return actual - case storagedriver.InvalidPathError: - actual.DriverName = base.StorageDriver.Name() - return actual - case storagedriver.InvalidOffsetError: - actual.DriverName = base.StorageDriver.Name() - return actual - default: - storageError := storagedriver.Error{ - DriverName: base.StorageDriver.Name(), - Enclosed: e, - } - - return storageError - } -} - -// GetContent wraps GetContent of underlying storage driver. -func (base *Base) GetContent(ctx context.Context, path string) ([]byte, error) { - ctx, done := context.WithTrace(ctx) - defer done("%s.GetContent(%q)", base.Name(), path) - - if !storagedriver.PathRegexp.MatchString(path) { - return nil, storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - b, e := base.StorageDriver.GetContent(ctx, path) - return b, base.setDriverName(e) -} - -// PutContent wraps PutContent of underlying storage driver. -func (base *Base) PutContent(ctx context.Context, path string, content []byte) error { - ctx, done := context.WithTrace(ctx) - defer done("%s.PutContent(%q)", base.Name(), path) - - if !storagedriver.PathRegexp.MatchString(path) { - return storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - return base.setDriverName(base.StorageDriver.PutContent(ctx, path, content)) -} - -// Reader wraps Reader of underlying storage driver. -func (base *Base) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - ctx, done := context.WithTrace(ctx) - defer done("%s.Reader(%q, %d)", base.Name(), path, offset) - - if offset < 0 { - return nil, storagedriver.InvalidOffsetError{Path: path, Offset: offset, DriverName: base.StorageDriver.Name()} - } - - if !storagedriver.PathRegexp.MatchString(path) { - return nil, storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - rc, e := base.StorageDriver.Reader(ctx, path, offset) - return rc, base.setDriverName(e) -} - -// Writer wraps Writer of underlying storage driver. -func (base *Base) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - ctx, done := context.WithTrace(ctx) - defer done("%s.Writer(%q, %v)", base.Name(), path, append) - - if !storagedriver.PathRegexp.MatchString(path) { - return nil, storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - writer, e := base.StorageDriver.Writer(ctx, path, append) - return writer, base.setDriverName(e) -} - -// Stat wraps Stat of underlying storage driver. -func (base *Base) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - ctx, done := context.WithTrace(ctx) - defer done("%s.Stat(%q)", base.Name(), path) - - if !storagedriver.PathRegexp.MatchString(path) && path != "/" { - return nil, storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - fi, e := base.StorageDriver.Stat(ctx, path) - return fi, base.setDriverName(e) -} - -// List wraps List of underlying storage driver. -func (base *Base) List(ctx context.Context, path string) ([]string, error) { - ctx, done := context.WithTrace(ctx) - defer done("%s.List(%q)", base.Name(), path) - - if !storagedriver.PathRegexp.MatchString(path) && path != "/" { - return nil, storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - str, e := base.StorageDriver.List(ctx, path) - return str, base.setDriverName(e) -} - -// Move wraps Move of underlying storage driver. -func (base *Base) Move(ctx context.Context, sourcePath string, destPath string) error { - ctx, done := context.WithTrace(ctx) - defer done("%s.Move(%q, %q", base.Name(), sourcePath, destPath) - - if !storagedriver.PathRegexp.MatchString(sourcePath) { - return storagedriver.InvalidPathError{Path: sourcePath, DriverName: base.StorageDriver.Name()} - } else if !storagedriver.PathRegexp.MatchString(destPath) { - return storagedriver.InvalidPathError{Path: destPath, DriverName: base.StorageDriver.Name()} - } - - return base.setDriverName(base.StorageDriver.Move(ctx, sourcePath, destPath)) -} - -// Delete wraps Delete of underlying storage driver. -func (base *Base) Delete(ctx context.Context, path string) error { - ctx, done := context.WithTrace(ctx) - defer done("%s.Delete(%q)", base.Name(), path) - - if !storagedriver.PathRegexp.MatchString(path) { - return storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - return base.setDriverName(base.StorageDriver.Delete(ctx, path)) -} - -// URLFor wraps URLFor of underlying storage driver. -func (base *Base) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - ctx, done := context.WithTrace(ctx) - defer done("%s.URLFor(%q)", base.Name(), path) - - if !storagedriver.PathRegexp.MatchString(path) { - return "", storagedriver.InvalidPathError{Path: path, DriverName: base.StorageDriver.Name()} - } - - str, e := base.StorageDriver.URLFor(ctx, path, options) - return str, base.setDriverName(e) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/base/regulator.go b/vendor/github.com/docker/distribution/registry/storage/driver/base/regulator.go deleted file mode 100644 index 185160a4..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/base/regulator.go +++ /dev/null @@ -1,145 +0,0 @@ -package base - -import ( - "io" - "sync" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -type regulator struct { - storagedriver.StorageDriver - *sync.Cond - - available uint64 -} - -// NewRegulator wraps the given driver and is used to regulate concurrent calls -// to the given storage driver to a maximum of the given limit. This is useful -// for storage drivers that would otherwise create an unbounded number of OS -// threads if allowed to be called unregulated. -func NewRegulator(driver storagedriver.StorageDriver, limit uint64) storagedriver.StorageDriver { - return ®ulator{ - StorageDriver: driver, - Cond: sync.NewCond(&sync.Mutex{}), - available: limit, - } -} - -func (r *regulator) enter() { - r.L.Lock() - for r.available == 0 { - r.Wait() - } - r.available-- - r.L.Unlock() -} - -func (r *regulator) exit() { - r.L.Lock() - // We only need to signal to a waiting FS operation if we're already at the - // limit of threads used - if r.available == 0 { - r.Signal() - } - r.available++ - r.L.Unlock() -} - -// Name returns the human-readable "name" of the driver, useful in error -// messages and logging. By convention, this will just be the registration -// name, but drivers may provide other information here. -func (r *regulator) Name() string { - r.enter() - defer r.exit() - - return r.StorageDriver.Name() -} - -// GetContent retrieves the content stored at "path" as a []byte. -// This should primarily be used for small objects. -func (r *regulator) GetContent(ctx context.Context, path string) ([]byte, error) { - r.enter() - defer r.exit() - - return r.StorageDriver.GetContent(ctx, path) -} - -// PutContent stores the []byte content at a location designated by "path". -// This should primarily be used for small objects. -func (r *regulator) PutContent(ctx context.Context, path string, content []byte) error { - r.enter() - defer r.exit() - - return r.StorageDriver.PutContent(ctx, path, content) -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" -// with a given byte offset. -// May be used to resume reading a stream by providing a nonzero offset. -func (r *regulator) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - r.enter() - defer r.exit() - - return r.StorageDriver.Reader(ctx, path, offset) -} - -// Writer stores the contents of the provided io.ReadCloser at a -// location designated by the given path. -// May be used to resume writing a stream by providing a nonzero offset. -// The offset must be no larger than the CurrentSize for this path. -func (r *regulator) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - r.enter() - defer r.exit() - - return r.StorageDriver.Writer(ctx, path, append) -} - -// Stat retrieves the FileInfo for the given path, including the current -// size in bytes and the creation time. -func (r *regulator) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - r.enter() - defer r.exit() - - return r.StorageDriver.Stat(ctx, path) -} - -// List returns a list of the objects that are direct descendants of the -//given path. -func (r *regulator) List(ctx context.Context, path string) ([]string, error) { - r.enter() - defer r.exit() - - return r.StorageDriver.List(ctx, path) -} - -// Move moves an object stored at sourcePath to destPath, removing the -// original object. -// Note: This may be no more efficient than a copy followed by a delete for -// many implementations. -func (r *regulator) Move(ctx context.Context, sourcePath string, destPath string) error { - r.enter() - defer r.exit() - - return r.StorageDriver.Move(ctx, sourcePath, destPath) -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (r *regulator) Delete(ctx context.Context, path string) error { - r.enter() - defer r.exit() - - return r.StorageDriver.Delete(ctx, path) -} - -// URLFor returns a URL which may be used to retrieve the content stored at -// the given path, possibly using the given options. -// May return an ErrUnsupportedMethod in certain StorageDriver -// implementations. -func (r *regulator) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - r.enter() - defer r.exit() - - return r.StorageDriver.URLFor(ctx, path, options) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/factory/factory.go b/vendor/github.com/docker/distribution/registry/storage/driver/factory/factory.go deleted file mode 100644 index a9c04ec5..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/factory/factory.go +++ /dev/null @@ -1,64 +0,0 @@ -package factory - -import ( - "fmt" - - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -// driverFactories stores an internal mapping between storage driver names and their respective -// factories -var driverFactories = make(map[string]StorageDriverFactory) - -// StorageDriverFactory is a factory interface for creating storagedriver.StorageDriver interfaces -// Storage drivers should call Register() with a factory to make the driver available by name. -// Individual StorageDriver implementations generally register with the factory via the Register -// func (below) in their init() funcs, and as such they should be imported anonymously before use. -// See below for an example of how to register and get a StorageDriver for S3 -// -// import _ "github.com/docker/distribution/registry/storage/driver/s3-aws" -// s3Driver, err = factory.Create("s3", storageParams) -// // assuming no error, s3Driver is the StorageDriver that communicates with S3 according to storageParams -type StorageDriverFactory interface { - // Create returns a new storagedriver.StorageDriver with the given parameters - // Parameters will vary by driver and may be ignored - // Each parameter key must only consist of lowercase letters and numbers - Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) -} - -// Register makes a storage driver available by the provided name. -// If Register is called twice with the same name or if driver factory is nil, it panics. -// Additionally, it is not concurrency safe. Most Storage Drivers call this function -// in their init() functions. See the documentation for StorageDriverFactory for more. -func Register(name string, factory StorageDriverFactory) { - if factory == nil { - panic("Must not provide nil StorageDriverFactory") - } - _, registered := driverFactories[name] - if registered { - panic(fmt.Sprintf("StorageDriverFactory named %s already registered", name)) - } - - driverFactories[name] = factory -} - -// Create a new storagedriver.StorageDriver with the given name and -// parameters. To use a driver, the StorageDriverFactory must first be -// registered with the given name. If no drivers are found, an -// InvalidStorageDriverError is returned -func Create(name string, parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - driverFactory, ok := driverFactories[name] - if !ok { - return nil, InvalidStorageDriverError{name} - } - return driverFactory.Create(parameters) -} - -// InvalidStorageDriverError records an attempt to construct an unregistered storage driver -type InvalidStorageDriverError struct { - Name string -} - -func (err InvalidStorageDriverError) Error() string { - return fmt.Sprintf("StorageDriver not registered: %s", err.Name) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/fileinfo.go b/vendor/github.com/docker/distribution/registry/storage/driver/fileinfo.go deleted file mode 100644 index e5064029..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/fileinfo.go +++ /dev/null @@ -1,79 +0,0 @@ -package driver - -import "time" - -// FileInfo returns information about a given path. Inspired by os.FileInfo, -// it elides the base name method for a full path instead. -type FileInfo interface { - // Path provides the full path of the target of this file info. - Path() string - - // Size returns current length in bytes of the file. The return value can - // be used to write to the end of the file at path. The value is - // meaningless if IsDir returns true. - Size() int64 - - // ModTime returns the modification time for the file. For backends that - // don't have a modification time, the creation time should be returned. - ModTime() time.Time - - // IsDir returns true if the path is a directory. - IsDir() bool -} - -// NOTE(stevvooe): The next two types, FileInfoFields and FileInfoInternal -// should only be used by storagedriver implementations. They should moved to -// a "driver" package, similar to database/sql. - -// FileInfoFields provides the exported fields for implementing FileInfo -// interface in storagedriver implementations. It should be used with -// InternalFileInfo. -type FileInfoFields struct { - // Path provides the full path of the target of this file info. - Path string - - // Size is current length in bytes of the file. The value of this field - // can be used to write to the end of the file at path. The value is - // meaningless if IsDir is set to true. - Size int64 - - // ModTime returns the modification time for the file. For backends that - // don't have a modification time, the creation time should be returned. - ModTime time.Time - - // IsDir returns true if the path is a directory. - IsDir bool -} - -// FileInfoInternal implements the FileInfo interface. This should only be -// used by storagedriver implementations that don't have a specialized -// FileInfo type. -type FileInfoInternal struct { - FileInfoFields -} - -var _ FileInfo = FileInfoInternal{} -var _ FileInfo = &FileInfoInternal{} - -// Path provides the full path of the target of this file info. -func (fi FileInfoInternal) Path() string { - return fi.FileInfoFields.Path -} - -// Size returns current length in bytes of the file. The return value can -// be used to write to the end of the file at path. The value is -// meaningless if IsDir returns true. -func (fi FileInfoInternal) Size() int64 { - return fi.FileInfoFields.Size -} - -// ModTime returns the modification time for the file. For backends that -// don't have a modification time, the creation time should be returned. -func (fi FileInfoInternal) ModTime() time.Time { - return fi.FileInfoFields.ModTime -} - -// IsDir returns true if the path is a directory. -func (fi FileInfoInternal) IsDir() bool { - return fi.FileInfoFields.IsDir -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver.go b/vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver.go deleted file mode 100644 index 649e2bc2..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver.go +++ /dev/null @@ -1,440 +0,0 @@ -package filesystem - -import ( - "bufio" - "bytes" - "fmt" - "io" - "io/ioutil" - "os" - "path" - "reflect" - "strconv" - "time" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" -) - -const ( - driverName = "filesystem" - defaultRootDirectory = "/var/lib/registry" - defaultMaxThreads = uint64(100) - - // minThreads is the minimum value for the maxthreads configuration - // parameter. If the driver's parameters are less than this we set - // the parameters to minThreads - minThreads = uint64(25) -) - -// DriverParameters represents all configuration options available for the -// filesystem driver -type DriverParameters struct { - RootDirectory string - MaxThreads uint64 -} - -func init() { - factory.Register(driverName, &filesystemDriverFactory{}) -} - -// filesystemDriverFactory implements the factory.StorageDriverFactory interface -type filesystemDriverFactory struct{} - -func (factory *filesystemDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -type driver struct { - rootDirectory string -} - -type baseEmbed struct { - base.Base -} - -// Driver is a storagedriver.StorageDriver implementation backed by a local -// filesystem. All provided paths will be subpaths of the RootDirectory. -type Driver struct { - baseEmbed -} - -// FromParameters constructs a new Driver with a given parameters map -// Optional Parameters: -// - rootdirectory -// - maxthreads -func FromParameters(parameters map[string]interface{}) (*Driver, error) { - params, err := fromParametersImpl(parameters) - if err != nil || params == nil { - return nil, err - } - return New(*params), nil -} - -func fromParametersImpl(parameters map[string]interface{}) (*DriverParameters, error) { - var ( - err error - maxThreads = defaultMaxThreads - rootDirectory = defaultRootDirectory - ) - - if parameters != nil { - if rootDir, ok := parameters["rootdirectory"]; ok { - rootDirectory = fmt.Sprint(rootDir) - } - - // Get maximum number of threads for blocking filesystem operations, - // if specified - threads := parameters["maxthreads"] - switch v := threads.(type) { - case string: - if maxThreads, err = strconv.ParseUint(v, 0, 64); err != nil { - return nil, fmt.Errorf("maxthreads parameter must be an integer, %v invalid", threads) - } - case uint64: - maxThreads = v - case int, int32, int64: - val := reflect.ValueOf(v).Convert(reflect.TypeOf(threads)).Int() - // If threads is negative casting to uint64 will wrap around and - // give you the hugest thread limit ever. Let's be sensible, here - if val > 0 { - maxThreads = uint64(val) - } - case uint, uint32: - maxThreads = reflect.ValueOf(v).Convert(reflect.TypeOf(threads)).Uint() - case nil: - // do nothing - default: - return nil, fmt.Errorf("invalid value for maxthreads: %#v", threads) - } - - if maxThreads < minThreads { - maxThreads = minThreads - } - } - - params := &DriverParameters{ - RootDirectory: rootDirectory, - MaxThreads: maxThreads, - } - return params, nil -} - -// New constructs a new Driver with a given rootDirectory -func New(params DriverParameters) *Driver { - fsDriver := &driver{rootDirectory: params.RootDirectory} - - return &Driver{ - baseEmbed: baseEmbed{ - Base: base.Base{ - StorageDriver: base.NewRegulator(fsDriver, params.MaxThreads), - }, - }, - } -} - -// Implement the storagedriver.StorageDriver interface - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - rc, err := d.Reader(ctx, path, 0) - if err != nil { - return nil, err - } - defer rc.Close() - - p, err := ioutil.ReadAll(rc) - if err != nil { - return nil, err - } - - return p, nil -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, subPath string, contents []byte) error { - writer, err := d.Writer(ctx, subPath, false) - if err != nil { - return err - } - defer writer.Close() - _, err = io.Copy(writer, bytes.NewReader(contents)) - if err != nil { - writer.Cancel() - return err - } - return writer.Commit() -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - file, err := os.OpenFile(d.fullPath(path), os.O_RDONLY, 0644) - if err != nil { - if os.IsNotExist(err) { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - return nil, err - } - - seekPos, err := file.Seek(int64(offset), os.SEEK_SET) - if err != nil { - file.Close() - return nil, err - } else if seekPos < int64(offset) { - file.Close() - return nil, storagedriver.InvalidOffsetError{Path: path, Offset: offset} - } - - return file, nil -} - -func (d *driver) Writer(ctx context.Context, subPath string, append bool) (storagedriver.FileWriter, error) { - fullPath := d.fullPath(subPath) - parentDir := path.Dir(fullPath) - if err := os.MkdirAll(parentDir, 0777); err != nil { - return nil, err - } - - fp, err := os.OpenFile(fullPath, os.O_WRONLY|os.O_CREATE, 0666) - if err != nil { - return nil, err - } - - var offset int64 - - if !append { - err := fp.Truncate(0) - if err != nil { - fp.Close() - return nil, err - } - } else { - n, err := fp.Seek(0, os.SEEK_END) - if err != nil { - fp.Close() - return nil, err - } - offset = int64(n) - } - - return newFileWriter(fp, offset), nil -} - -// Stat retrieves the FileInfo for the given path, including the current size -// in bytes and the creation time. -func (d *driver) Stat(ctx context.Context, subPath string) (storagedriver.FileInfo, error) { - fullPath := d.fullPath(subPath) - - fi, err := os.Stat(fullPath) - if err != nil { - if os.IsNotExist(err) { - return nil, storagedriver.PathNotFoundError{Path: subPath} - } - - return nil, err - } - - return fileInfo{ - path: subPath, - FileInfo: fi, - }, nil -} - -// List returns a list of the objects that are direct descendants of the given -// path. -func (d *driver) List(ctx context.Context, subPath string) ([]string, error) { - fullPath := d.fullPath(subPath) - - dir, err := os.Open(fullPath) - if err != nil { - if os.IsNotExist(err) { - return nil, storagedriver.PathNotFoundError{Path: subPath} - } - return nil, err - } - - defer dir.Close() - - fileNames, err := dir.Readdirnames(0) - if err != nil { - return nil, err - } - - keys := make([]string, 0, len(fileNames)) - for _, fileName := range fileNames { - keys = append(keys, path.Join(subPath, fileName)) - } - - return keys, nil -} - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - source := d.fullPath(sourcePath) - dest := d.fullPath(destPath) - - if _, err := os.Stat(source); os.IsNotExist(err) { - return storagedriver.PathNotFoundError{Path: sourcePath} - } - - if err := os.MkdirAll(path.Dir(dest), 0755); err != nil { - return err - } - - err := os.Rename(source, dest) - return err -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(ctx context.Context, subPath string) error { - fullPath := d.fullPath(subPath) - - _, err := os.Stat(fullPath) - if err != nil && !os.IsNotExist(err) { - return err - } else if err != nil { - return storagedriver.PathNotFoundError{Path: subPath} - } - - err = os.RemoveAll(fullPath) - return err -} - -// URLFor returns a URL which may be used to retrieve the content stored at the given path. -// May return an UnsupportedMethodErr in certain StorageDriver implementations. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - return "", storagedriver.ErrUnsupportedMethod{} -} - -// fullPath returns the absolute path of a key within the Driver's storage. -func (d *driver) fullPath(subPath string) string { - return path.Join(d.rootDirectory, subPath) -} - -type fileInfo struct { - os.FileInfo - path string -} - -var _ storagedriver.FileInfo = fileInfo{} - -// Path provides the full path of the target of this file info. -func (fi fileInfo) Path() string { - return fi.path -} - -// Size returns current length in bytes of the file. The return value can -// be used to write to the end of the file at path. The value is -// meaningless if IsDir returns true. -func (fi fileInfo) Size() int64 { - if fi.IsDir() { - return 0 - } - - return fi.FileInfo.Size() -} - -// ModTime returns the modification time for the file. For backends that -// don't have a modification time, the creation time should be returned. -func (fi fileInfo) ModTime() time.Time { - return fi.FileInfo.ModTime() -} - -// IsDir returns true if the path is a directory. -func (fi fileInfo) IsDir() bool { - return fi.FileInfo.IsDir() -} - -type fileWriter struct { - file *os.File - size int64 - bw *bufio.Writer - closed bool - committed bool - cancelled bool -} - -func newFileWriter(file *os.File, size int64) *fileWriter { - return &fileWriter{ - file: file, - size: size, - bw: bufio.NewWriter(file), - } -} - -func (fw *fileWriter) Write(p []byte) (int, error) { - if fw.closed { - return 0, fmt.Errorf("already closed") - } else if fw.committed { - return 0, fmt.Errorf("already committed") - } else if fw.cancelled { - return 0, fmt.Errorf("already cancelled") - } - n, err := fw.bw.Write(p) - fw.size += int64(n) - return n, err -} - -func (fw *fileWriter) Size() int64 { - return fw.size -} - -func (fw *fileWriter) Close() error { - if fw.closed { - return fmt.Errorf("already closed") - } - - if err := fw.bw.Flush(); err != nil { - return err - } - - if err := fw.file.Sync(); err != nil { - return err - } - - if err := fw.file.Close(); err != nil { - return err - } - fw.closed = true - return nil -} - -func (fw *fileWriter) Cancel() error { - if fw.closed { - return fmt.Errorf("already closed") - } - - fw.cancelled = true - fw.file.Close() - return os.Remove(fw.file.Name()) -} - -func (fw *fileWriter) Commit() error { - if fw.closed { - return fmt.Errorf("already closed") - } else if fw.committed { - return fmt.Errorf("already committed") - } else if fw.cancelled { - return fmt.Errorf("already cancelled") - } - - if err := fw.bw.Flush(); err != nil { - return err - } - - if err := fw.file.Sync(); err != nil { - return err - } - - fw.committed = true - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver_test.go deleted file mode 100644 index 3be85923..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/filesystem/driver_test.go +++ /dev/null @@ -1,113 +0,0 @@ -package filesystem - -import ( - "io/ioutil" - "os" - "reflect" - "testing" - - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - . "gopkg.in/check.v1" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { TestingT(t) } - -func init() { - root, err := ioutil.TempDir("", "driver-") - if err != nil { - panic(err) - } - defer os.Remove(root) - - driver, err := FromParameters(map[string]interface{}{ - "rootdirectory": root, - }) - if err != nil { - panic(err) - } - - testsuites.RegisterSuite(func() (storagedriver.StorageDriver, error) { - return driver, nil - }, testsuites.NeverSkip) -} - -func TestFromParametersImpl(t *testing.T) { - - tests := []struct { - params map[string]interface{} // techincally the yaml can contain anything - expected DriverParameters - pass bool - }{ - // check we use default threads and root dirs - { - params: map[string]interface{}{}, - expected: DriverParameters{ - RootDirectory: defaultRootDirectory, - MaxThreads: defaultMaxThreads, - }, - pass: true, - }, - // Testing initiation with a string maxThreads which can't be parsed - { - params: map[string]interface{}{ - "maxthreads": "fail", - }, - expected: DriverParameters{}, - pass: false, - }, - { - params: map[string]interface{}{ - "maxthreads": "100", - }, - expected: DriverParameters{ - RootDirectory: defaultRootDirectory, - MaxThreads: uint64(100), - }, - pass: true, - }, - { - params: map[string]interface{}{ - "maxthreads": 100, - }, - expected: DriverParameters{ - RootDirectory: defaultRootDirectory, - MaxThreads: uint64(100), - }, - pass: true, - }, - // check that we use minimum thread counts - { - params: map[string]interface{}{ - "maxthreads": 1, - }, - expected: DriverParameters{ - RootDirectory: defaultRootDirectory, - MaxThreads: minThreads, - }, - pass: true, - }, - } - - for _, item := range tests { - params, err := fromParametersImpl(item.params) - - if !item.pass { - // We only need to assert that expected failures have an error - if err == nil { - t.Fatalf("expected error configuring filesystem driver with invalid param: %+v", item.params) - } - continue - } - - if err != nil { - t.Fatalf("unexpected error creating filesystem driver: %s", err) - } - // Note that we get a pointer to params back - if !reflect.DeepEqual(*params, item.expected) { - t.Fatalf("unexpected params from filesystem driver. expected %+v, got %+v", item.expected, params) - } - } - -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/gcs/doc.go b/vendor/github.com/docker/distribution/registry/storage/driver/gcs/doc.go deleted file mode 100644 index 0f23ea78..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/gcs/doc.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package gcs implements the Google Cloud Storage driver backend. Support can be -// enabled by including the "include_gcs" build tag. -package gcs diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs.go b/vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs.go deleted file mode 100644 index 1369c280..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs.go +++ /dev/null @@ -1,873 +0,0 @@ -// Package gcs provides a storagedriver.StorageDriver implementation to -// store blobs in Google cloud storage. -// -// This package leverages the google.golang.org/cloud/storage client library -//for interfacing with gcs. -// -// Because gcs is a key, value store the Stat call does not support last modification -// time for directories (directories are an abstraction for key, value stores) -// -// Note that the contents of incomplete uploads are not accessible even though -// Stat returns their length -// -// +build include_gcs - -package gcs - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "math/rand" - "net/http" - "net/url" - "reflect" - "regexp" - "sort" - "strconv" - "strings" - "time" - - "golang.org/x/net/context" - "golang.org/x/oauth2" - "golang.org/x/oauth2/google" - "golang.org/x/oauth2/jwt" - "google.golang.org/api/googleapi" - "google.golang.org/cloud" - "google.golang.org/cloud/storage" - - "github.com/Sirupsen/logrus" - - ctx "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" -) - -const ( - driverName = "gcs" - dummyProjectID = "" - - uploadSessionContentType = "application/x-docker-upload-session" - minChunkSize = 256 * 1024 - defaultChunkSize = 20 * minChunkSize - - maxTries = 5 -) - -var rangeHeader = regexp.MustCompile(`^bytes=([0-9])+-([0-9]+)$`) - -// driverParameters is a struct that encapsulates all of the driver parameters after all values have been set -type driverParameters struct { - bucket string - config *jwt.Config - email string - privateKey []byte - client *http.Client - rootDirectory string - chunkSize int -} - -func init() { - factory.Register(driverName, &gcsDriverFactory{}) -} - -// gcsDriverFactory implements the factory.StorageDriverFactory interface -type gcsDriverFactory struct{} - -// Create StorageDriver from parameters -func (factory *gcsDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -// driver is a storagedriver.StorageDriver implementation backed by GCS -// Objects are stored at absolute keys in the provided bucket. -type driver struct { - client *http.Client - bucket string - email string - privateKey []byte - rootDirectory string - chunkSize int -} - -// FromParameters constructs a new Driver with a given parameters map -// Required parameters: -// - bucket -func FromParameters(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - bucket, ok := parameters["bucket"] - if !ok || fmt.Sprint(bucket) == "" { - return nil, fmt.Errorf("No bucket parameter provided") - } - - rootDirectory, ok := parameters["rootdirectory"] - if !ok { - rootDirectory = "" - } - - chunkSize := defaultChunkSize - chunkSizeParam, ok := parameters["chunksize"] - if ok { - switch v := chunkSizeParam.(type) { - case string: - vv, err := strconv.Atoi(v) - if err != nil { - return nil, fmt.Errorf("chunksize parameter must be an integer, %v invalid", chunkSizeParam) - } - chunkSize = vv - case int, uint, int32, uint32, uint64, int64: - chunkSize = int(reflect.ValueOf(v).Convert(reflect.TypeOf(chunkSize)).Int()) - default: - return nil, fmt.Errorf("invalid valud for chunksize: %#v", chunkSizeParam) - } - - if chunkSize < minChunkSize { - return nil, fmt.Errorf("The chunksize %#v parameter should be a number that is larger than or equal to %d", chunkSize, minChunkSize) - } - - if chunkSize%minChunkSize != 0 { - return nil, fmt.Errorf("chunksize should be a multiple of %d", minChunkSize) - } - } - - var ts oauth2.TokenSource - jwtConf := new(jwt.Config) - if keyfile, ok := parameters["keyfile"]; ok { - jsonKey, err := ioutil.ReadFile(fmt.Sprint(keyfile)) - if err != nil { - return nil, err - } - jwtConf, err = google.JWTConfigFromJSON(jsonKey, storage.ScopeFullControl) - if err != nil { - return nil, err - } - ts = jwtConf.TokenSource(context.Background()) - } else { - var err error - ts, err = google.DefaultTokenSource(context.Background(), storage.ScopeFullControl) - if err != nil { - return nil, err - } - } - - params := driverParameters{ - bucket: fmt.Sprint(bucket), - rootDirectory: fmt.Sprint(rootDirectory), - email: jwtConf.Email, - privateKey: jwtConf.PrivateKey, - client: oauth2.NewClient(context.Background(), ts), - chunkSize: chunkSize, - } - - return New(params) -} - -// New constructs a new driver -func New(params driverParameters) (storagedriver.StorageDriver, error) { - rootDirectory := strings.Trim(params.rootDirectory, "/") - if rootDirectory != "" { - rootDirectory += "/" - } - if params.chunkSize <= 0 || params.chunkSize%minChunkSize != 0 { - return nil, fmt.Errorf("Invalid chunksize: %d is not a positive multiple of %d", params.chunkSize, minChunkSize) - } - d := &driver{ - bucket: params.bucket, - rootDirectory: rootDirectory, - email: params.email, - privateKey: params.privateKey, - client: params.client, - chunkSize: params.chunkSize, - } - - return &base.Base{ - StorageDriver: d, - }, nil -} - -// Implement the storagedriver.StorageDriver interface - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -// This should primarily be used for small objects. -func (d *driver) GetContent(context ctx.Context, path string) ([]byte, error) { - gcsContext := d.context(context) - name := d.pathToKey(path) - var rc io.ReadCloser - err := retry(func() error { - var err error - rc, err = storage.NewReader(gcsContext, d.bucket, name) - return err - }) - if err == storage.ErrObjectNotExist { - return nil, storagedriver.PathNotFoundError{Path: path} - } - if err != nil { - return nil, err - } - defer rc.Close() - - p, err := ioutil.ReadAll(rc) - if err != nil { - return nil, err - } - return p, nil -} - -// PutContent stores the []byte content at a location designated by "path". -// This should primarily be used for small objects. -func (d *driver) PutContent(context ctx.Context, path string, contents []byte) error { - return retry(func() error { - wc := storage.NewWriter(d.context(context), d.bucket, d.pathToKey(path)) - wc.ContentType = "application/octet-stream" - return putContentsClose(wc, contents) - }) -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" -// with a given byte offset. -// May be used to resume reading a stream by providing a nonzero offset. -func (d *driver) Reader(context ctx.Context, path string, offset int64) (io.ReadCloser, error) { - res, err := getObject(d.client, d.bucket, d.pathToKey(path), offset) - if err != nil { - if res != nil { - if res.StatusCode == http.StatusNotFound { - res.Body.Close() - return nil, storagedriver.PathNotFoundError{Path: path} - } - - if res.StatusCode == http.StatusRequestedRangeNotSatisfiable { - res.Body.Close() - obj, err := storageStatObject(d.context(context), d.bucket, d.pathToKey(path)) - if err != nil { - return nil, err - } - if offset == int64(obj.Size) { - return ioutil.NopCloser(bytes.NewReader([]byte{})), nil - } - return nil, storagedriver.InvalidOffsetError{Path: path, Offset: offset} - } - } - return nil, err - } - if res.Header.Get("Content-Type") == uploadSessionContentType { - defer res.Body.Close() - return nil, storagedriver.PathNotFoundError{Path: path} - } - return res.Body, nil -} - -func getObject(client *http.Client, bucket string, name string, offset int64) (*http.Response, error) { - // copied from google.golang.org/cloud/storage#NewReader : - // to set the additional "Range" header - u := &url.URL{ - Scheme: "https", - Host: "storage.googleapis.com", - Path: fmt.Sprintf("/%s/%s", bucket, name), - } - req, err := http.NewRequest("GET", u.String(), nil) - if err != nil { - return nil, err - } - if offset > 0 { - req.Header.Set("Range", fmt.Sprintf("bytes=%v-", offset)) - } - var res *http.Response - err = retry(func() error { - var err error - res, err = client.Do(req) - return err - }) - if err != nil { - return nil, err - } - return res, googleapi.CheckMediaResponse(res) -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(context ctx.Context, path string, append bool) (storagedriver.FileWriter, error) { - writer := &writer{ - client: d.client, - bucket: d.bucket, - name: d.pathToKey(path), - buffer: make([]byte, d.chunkSize), - } - - if append { - err := writer.init(path) - if err != nil { - return nil, err - } - } - return writer, nil -} - -type writer struct { - client *http.Client - bucket string - name string - size int64 - offset int64 - closed bool - sessionURI string - buffer []byte - buffSize int -} - -// Cancel removes any written content from this FileWriter. -func (w *writer) Cancel() error { - w.closed = true - err := storageDeleteObject(cloud.NewContext(dummyProjectID, w.client), w.bucket, w.name) - if err != nil { - if status, ok := err.(*googleapi.Error); ok { - if status.Code == http.StatusNotFound { - err = nil - } - } - } - return err -} - -func (w *writer) Close() error { - if w.closed { - return nil - } - w.closed = true - - err := w.writeChunk() - if err != nil { - return err - } - - // Copy the remaining bytes from the buffer to the upload session - // Normally buffSize will be smaller than minChunkSize. However, in the - // unlikely event that the upload session failed to start, this number could be higher. - // In this case we can safely clip the remaining bytes to the minChunkSize - if w.buffSize > minChunkSize { - w.buffSize = minChunkSize - } - - // commit the writes by updating the upload session - err = retry(func() error { - wc := storage.NewWriter(cloud.NewContext(dummyProjectID, w.client), w.bucket, w.name) - wc.ContentType = uploadSessionContentType - wc.Metadata = map[string]string{ - "Session-URI": w.sessionURI, - "Offset": strconv.FormatInt(w.offset, 10), - } - return putContentsClose(wc, w.buffer[0:w.buffSize]) - }) - if err != nil { - return err - } - w.size = w.offset + int64(w.buffSize) - w.buffSize = 0 - return nil -} - -func putContentsClose(wc *storage.Writer, contents []byte) error { - size := len(contents) - var nn int - var err error - for nn < size { - n, err := wc.Write(contents[nn:size]) - nn += n - if err != nil { - break - } - } - if err != nil { - wc.CloseWithError(err) - return err - } - return wc.Close() -} - -// Commit flushes all content written to this FileWriter and makes it -// available for future calls to StorageDriver.GetContent and -// StorageDriver.Reader. -func (w *writer) Commit() error { - - if err := w.checkClosed(); err != nil { - return err - } - w.closed = true - - // no session started yet just perform a simple upload - if w.sessionURI == "" { - err := retry(func() error { - wc := storage.NewWriter(cloud.NewContext(dummyProjectID, w.client), w.bucket, w.name) - wc.ContentType = "application/octet-stream" - return putContentsClose(wc, w.buffer[0:w.buffSize]) - }) - if err != nil { - return err - } - w.size = w.offset + int64(w.buffSize) - w.buffSize = 0 - return nil - } - size := w.offset + int64(w.buffSize) - var nn int - // loop must be performed at least once to ensure the file is committed even when - // the buffer is empty - for { - n, err := putChunk(w.client, w.sessionURI, w.buffer[nn:w.buffSize], w.offset, size) - nn += int(n) - w.offset += n - w.size = w.offset - if err != nil { - w.buffSize = copy(w.buffer, w.buffer[nn:w.buffSize]) - return err - } - if nn == w.buffSize { - break - } - } - w.buffSize = 0 - return nil -} - -func (w *writer) checkClosed() error { - if w.closed { - return fmt.Errorf("Writer already closed") - } - return nil -} - -func (w *writer) writeChunk() error { - var err error - // chunks can be uploaded only in multiples of minChunkSize - // chunkSize is a multiple of minChunkSize less than or equal to buffSize - chunkSize := w.buffSize - (w.buffSize % minChunkSize) - if chunkSize == 0 { - return nil - } - // if their is no sessionURI yet, obtain one by starting the session - if w.sessionURI == "" { - w.sessionURI, err = startSession(w.client, w.bucket, w.name) - } - if err != nil { - return err - } - nn, err := putChunk(w.client, w.sessionURI, w.buffer[0:chunkSize], w.offset, -1) - w.offset += nn - if w.offset > w.size { - w.size = w.offset - } - // shift the remaining bytes to the start of the buffer - w.buffSize = copy(w.buffer, w.buffer[int(nn):w.buffSize]) - - return err -} - -func (w *writer) Write(p []byte) (int, error) { - err := w.checkClosed() - if err != nil { - return 0, err - } - - var nn int - for nn < len(p) { - n := copy(w.buffer[w.buffSize:], p[nn:]) - w.buffSize += n - if w.buffSize == cap(w.buffer) { - err = w.writeChunk() - if err != nil { - break - } - } - nn += n - } - return nn, err -} - -// Size returns the number of bytes written to this FileWriter. -func (w *writer) Size() int64 { - return w.size -} - -func (w *writer) init(path string) error { - res, err := getObject(w.client, w.bucket, w.name, 0) - if err != nil { - return err - } - defer res.Body.Close() - if res.Header.Get("Content-Type") != uploadSessionContentType { - return storagedriver.PathNotFoundError{Path: path} - } - offset, err := strconv.ParseInt(res.Header.Get("X-Goog-Meta-Offset"), 10, 64) - if err != nil { - return err - } - buffer, err := ioutil.ReadAll(res.Body) - if err != nil { - return err - } - w.sessionURI = res.Header.Get("X-Goog-Meta-Session-URI") - w.buffSize = copy(w.buffer, buffer) - w.offset = offset - w.size = offset + int64(w.buffSize) - return nil -} - -type request func() error - -func retry(req request) error { - backoff := time.Second - var err error - for i := 0; i < maxTries; i++ { - err = req() - if err == nil { - return nil - } - - status, ok := err.(*googleapi.Error) - if !ok || (status.Code != 429 && status.Code < http.StatusInternalServerError) { - return err - } - - time.Sleep(backoff - time.Second + (time.Duration(rand.Int31n(1000)) * time.Millisecond)) - if i <= 4 { - backoff = backoff * 2 - } - } - return err -} - -// Stat retrieves the FileInfo for the given path, including the current -// size in bytes and the creation time. -func (d *driver) Stat(context ctx.Context, path string) (storagedriver.FileInfo, error) { - var fi storagedriver.FileInfoFields - //try to get as file - gcsContext := d.context(context) - obj, err := storageStatObject(gcsContext, d.bucket, d.pathToKey(path)) - if err == nil { - if obj.ContentType == uploadSessionContentType { - return nil, storagedriver.PathNotFoundError{Path: path} - } - fi = storagedriver.FileInfoFields{ - Path: path, - Size: obj.Size, - ModTime: obj.Updated, - IsDir: false, - } - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil - } - //try to get as folder - dirpath := d.pathToDirKey(path) - - var query *storage.Query - query = &storage.Query{} - query.Prefix = dirpath - query.MaxResults = 1 - - objects, err := storageListObjects(gcsContext, d.bucket, query) - if err != nil { - return nil, err - } - if len(objects.Results) < 1 { - return nil, storagedriver.PathNotFoundError{Path: path} - } - fi = storagedriver.FileInfoFields{ - Path: path, - IsDir: true, - } - obj = objects.Results[0] - if obj.Name == dirpath { - fi.Size = obj.Size - fi.ModTime = obj.Updated - } - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil -} - -// List returns a list of the objects that are direct descendants of the -//given path. -func (d *driver) List(context ctx.Context, path string) ([]string, error) { - var query *storage.Query - query = &storage.Query{} - query.Delimiter = "/" - query.Prefix = d.pathToDirKey(path) - list := make([]string, 0, 64) - for { - objects, err := storageListObjects(d.context(context), d.bucket, query) - if err != nil { - return nil, err - } - for _, object := range objects.Results { - // GCS does not guarantee strong consistency between - // DELETE and LIST operations. Check that the object is not deleted, - // and filter out any objects with a non-zero time-deleted - if object.Deleted.IsZero() && object.ContentType != uploadSessionContentType { - list = append(list, d.keyToPath(object.Name)) - } - } - for _, subpath := range objects.Prefixes { - subpath = d.keyToPath(subpath) - list = append(list, subpath) - } - query = objects.Next - if query == nil { - break - } - } - if path != "/" && len(list) == 0 { - // Treat empty response as missing directory, since we don't actually - // have directories in Google Cloud Storage. - return nil, storagedriver.PathNotFoundError{Path: path} - } - return list, nil -} - -// Move moves an object stored at sourcePath to destPath, removing the -// original object. -func (d *driver) Move(context ctx.Context, sourcePath string, destPath string) error { - gcsContext := d.context(context) - _, err := storageCopyObject(gcsContext, d.bucket, d.pathToKey(sourcePath), d.bucket, d.pathToKey(destPath), nil) - if err != nil { - if status, ok := err.(*googleapi.Error); ok { - if status.Code == http.StatusNotFound { - return storagedriver.PathNotFoundError{Path: sourcePath} - } - } - return err - } - err = storageDeleteObject(gcsContext, d.bucket, d.pathToKey(sourcePath)) - // if deleting the file fails, log the error, but do not fail; the file was successfully copied, - // and the original should eventually be cleaned when purging the uploads folder. - if err != nil { - logrus.Infof("error deleting file: %v due to %v", sourcePath, err) - } - return nil -} - -// listAll recursively lists all names of objects stored at "prefix" and its subpaths. -func (d *driver) listAll(context context.Context, prefix string) ([]string, error) { - list := make([]string, 0, 64) - query := &storage.Query{} - query.Prefix = prefix - query.Versions = false - for { - objects, err := storageListObjects(d.context(context), d.bucket, query) - if err != nil { - return nil, err - } - for _, obj := range objects.Results { - // GCS does not guarantee strong consistency between - // DELETE and LIST operations. Check that the object is not deleted, - // and filter out any objects with a non-zero time-deleted - if obj.Deleted.IsZero() { - list = append(list, obj.Name) - } - } - query = objects.Next - if query == nil { - break - } - } - return list, nil -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(context ctx.Context, path string) error { - prefix := d.pathToDirKey(path) - gcsContext := d.context(context) - keys, err := d.listAll(gcsContext, prefix) - if err != nil { - return err - } - if len(keys) > 0 { - sort.Sort(sort.Reverse(sort.StringSlice(keys))) - for _, key := range keys { - err := storageDeleteObject(gcsContext, d.bucket, key) - // GCS only guarantees eventual consistency, so listAll might return - // paths that no longer exist. If this happens, just ignore any not - // found error - if status, ok := err.(*googleapi.Error); ok { - if status.Code == http.StatusNotFound { - err = nil - } - } - if err != nil { - return err - } - } - return nil - } - err = storageDeleteObject(gcsContext, d.bucket, d.pathToKey(path)) - if err != nil { - if status, ok := err.(*googleapi.Error); ok { - if status.Code == http.StatusNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - } - } - return err -} - -func storageDeleteObject(context context.Context, bucket string, name string) error { - return retry(func() error { - return storage.DeleteObject(context, bucket, name) - }) -} - -func storageStatObject(context context.Context, bucket string, name string) (*storage.Object, error) { - var obj *storage.Object - err := retry(func() error { - var err error - obj, err = storage.StatObject(context, bucket, name) - return err - }) - return obj, err -} - -func storageListObjects(context context.Context, bucket string, q *storage.Query) (*storage.Objects, error) { - var objs *storage.Objects - err := retry(func() error { - var err error - objs, err = storage.ListObjects(context, bucket, q) - return err - }) - return objs, err -} - -func storageCopyObject(context context.Context, srcBucket, srcName string, destBucket, destName string, attrs *storage.ObjectAttrs) (*storage.Object, error) { - var obj *storage.Object - err := retry(func() error { - var err error - obj, err = storage.CopyObject(context, srcBucket, srcName, destBucket, destName, attrs) - return err - }) - return obj, err -} - -// URLFor returns a URL which may be used to retrieve the content stored at -// the given path, possibly using the given options. -// Returns ErrUnsupportedMethod if this driver has no privateKey -func (d *driver) URLFor(context ctx.Context, path string, options map[string]interface{}) (string, error) { - if d.privateKey == nil { - return "", storagedriver.ErrUnsupportedMethod{} - } - - name := d.pathToKey(path) - methodString := "GET" - method, ok := options["method"] - if ok { - methodString, ok = method.(string) - if !ok || (methodString != "GET" && methodString != "HEAD") { - return "", storagedriver.ErrUnsupportedMethod{} - } - } - - expiresTime := time.Now().Add(20 * time.Minute) - expires, ok := options["expiry"] - if ok { - et, ok := expires.(time.Time) - if ok { - expiresTime = et - } - } - - opts := &storage.SignedURLOptions{ - GoogleAccessID: d.email, - PrivateKey: d.privateKey, - Method: methodString, - Expires: expiresTime, - } - return storage.SignedURL(d.bucket, name, opts) -} - -func startSession(client *http.Client, bucket string, name string) (uri string, err error) { - u := &url.URL{ - Scheme: "https", - Host: "www.googleapis.com", - Path: fmt.Sprintf("/upload/storage/v1/b/%v/o", bucket), - RawQuery: fmt.Sprintf("uploadType=resumable&name=%v", name), - } - err = retry(func() error { - req, err := http.NewRequest("POST", u.String(), nil) - if err != nil { - return err - } - req.Header.Set("X-Upload-Content-Type", "application/octet-stream") - req.Header.Set("Content-Length", "0") - resp, err := client.Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - err = googleapi.CheckMediaResponse(resp) - if err != nil { - return err - } - uri = resp.Header.Get("Location") - return nil - }) - return uri, err -} - -func putChunk(client *http.Client, sessionURI string, chunk []byte, from int64, totalSize int64) (int64, error) { - bytesPut := int64(0) - err := retry(func() error { - req, err := http.NewRequest("PUT", sessionURI, bytes.NewReader(chunk)) - if err != nil { - return err - } - length := int64(len(chunk)) - to := from + length - 1 - size := "*" - if totalSize >= 0 { - size = strconv.FormatInt(totalSize, 10) - } - req.Header.Set("Content-Type", "application/octet-stream") - if from == to+1 { - req.Header.Set("Content-Range", fmt.Sprintf("bytes */%v", size)) - } else { - req.Header.Set("Content-Range", fmt.Sprintf("bytes %v-%v/%v", from, to, size)) - } - req.Header.Set("Content-Length", strconv.FormatInt(length, 10)) - - resp, err := client.Do(req) - if err != nil { - return err - } - defer resp.Body.Close() - if totalSize < 0 && resp.StatusCode == 308 { - groups := rangeHeader.FindStringSubmatch(resp.Header.Get("Range")) - end, err := strconv.ParseInt(groups[2], 10, 64) - if err != nil { - return err - } - bytesPut = end - from + 1 - return nil - } - err = googleapi.CheckMediaResponse(resp) - if err != nil { - return err - } - bytesPut = to - from + 1 - return nil - }) - return bytesPut, err -} - -func (d *driver) context(context ctx.Context) context.Context { - return cloud.WithContext(context, dummyProjectID, d.client) -} - -func (d *driver) pathToKey(path string) string { - return strings.TrimRight(d.rootDirectory+strings.TrimLeft(path, "/"), "/") -} - -func (d *driver) pathToDirKey(path string) string { - return d.pathToKey(path) + "/" -} - -func (d *driver) keyToPath(key string) string { - return "/" + strings.Trim(strings.TrimPrefix(key, d.rootDirectory), "/") -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs_test.go deleted file mode 100644 index f2808d5f..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/gcs/gcs_test.go +++ /dev/null @@ -1,311 +0,0 @@ -// +build include_gcs - -package gcs - -import ( - "io/ioutil" - "os" - "testing" - - "fmt" - ctx "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - "golang.org/x/oauth2" - "golang.org/x/oauth2/google" - "google.golang.org/api/googleapi" - "google.golang.org/cloud/storage" - "gopkg.in/check.v1" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -var gcsDriverConstructor func(rootDirectory string) (storagedriver.StorageDriver, error) -var skipGCS func() string - -func init() { - bucket := os.Getenv("REGISTRY_STORAGE_GCS_BUCKET") - credentials := os.Getenv("GOOGLE_APPLICATION_CREDENTIALS") - - // Skip GCS storage driver tests if environment variable parameters are not provided - skipGCS = func() string { - if bucket == "" || credentials == "" { - return "The following environment variables must be set to enable these tests: REGISTRY_STORAGE_GCS_BUCKET, GOOGLE_APPLICATION_CREDENTIALS" - } - return "" - } - - if skipGCS() != "" { - return - } - - root, err := ioutil.TempDir("", "driver-") - if err != nil { - panic(err) - } - defer os.Remove(root) - var ts oauth2.TokenSource - var email string - var privateKey []byte - - ts, err = google.DefaultTokenSource(ctx.Background(), storage.ScopeFullControl) - if err != nil { - // Assume that the file contents are within the environment variable since it exists - // but does not contain a valid file path - jwtConfig, err := google.JWTConfigFromJSON([]byte(credentials), storage.ScopeFullControl) - if err != nil { - panic(fmt.Sprintf("Error reading JWT config : %s", err)) - } - email = jwtConfig.Email - privateKey = []byte(jwtConfig.PrivateKey) - if len(privateKey) == 0 { - panic("Error reading JWT config : missing private_key property") - } - if email == "" { - panic("Error reading JWT config : missing client_email property") - } - ts = jwtConfig.TokenSource(ctx.Background()) - } - - gcsDriverConstructor = func(rootDirectory string) (storagedriver.StorageDriver, error) { - parameters := driverParameters{ - bucket: bucket, - rootDirectory: root, - email: email, - privateKey: privateKey, - client: oauth2.NewClient(ctx.Background(), ts), - chunkSize: defaultChunkSize, - } - - return New(parameters) - } - - testsuites.RegisterSuite(func() (storagedriver.StorageDriver, error) { - return gcsDriverConstructor(root) - }, skipGCS) -} - -// Test Committing a FileWriter without having called Write -func TestCommitEmpty(t *testing.T) { - if skipGCS() != "" { - t.Skip(skipGCS()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - driver, err := gcsDriverConstructor(validRoot) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - filename := "/test" - ctx := ctx.Background() - - writer, err := driver.Writer(ctx, filename, false) - defer driver.Delete(ctx, filename) - if err != nil { - t.Fatalf("driver.Writer: unexpected error: %v", err) - } - err = writer.Commit() - if err != nil { - t.Fatalf("writer.Commit: unexpected error: %v", err) - } - err = writer.Close() - if err != nil { - t.Fatalf("writer.Close: unexpected error: %v", err) - } - if writer.Size() != 0 { - t.Fatalf("writer.Size: %d != 0", writer.Size()) - } - readContents, err := driver.GetContent(ctx, filename) - if err != nil { - t.Fatalf("driver.GetContent: unexpected error: %v", err) - } - if len(readContents) != 0 { - t.Fatalf("len(driver.GetContent(..)): %d != 0", len(readContents)) - } -} - -// Test Committing a FileWriter after having written exactly -// defaultChunksize bytes. -func TestCommit(t *testing.T) { - if skipGCS() != "" { - t.Skip(skipGCS()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - driver, err := gcsDriverConstructor(validRoot) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - filename := "/test" - ctx := ctx.Background() - - contents := make([]byte, defaultChunkSize) - writer, err := driver.Writer(ctx, filename, false) - defer driver.Delete(ctx, filename) - if err != nil { - t.Fatalf("driver.Writer: unexpected error: %v", err) - } - _, err = writer.Write(contents) - if err != nil { - t.Fatalf("writer.Write: unexpected error: %v", err) - } - err = writer.Commit() - if err != nil { - t.Fatalf("writer.Commit: unexpected error: %v", err) - } - err = writer.Close() - if err != nil { - t.Fatalf("writer.Close: unexpected error: %v", err) - } - if writer.Size() != int64(len(contents)) { - t.Fatalf("writer.Size: %d != %d", writer.Size(), len(contents)) - } - readContents, err := driver.GetContent(ctx, filename) - if err != nil { - t.Fatalf("driver.GetContent: unexpected error: %v", err) - } - if len(readContents) != len(contents) { - t.Fatalf("len(driver.GetContent(..)): %d != %d", len(readContents), len(contents)) - } -} - -func TestRetry(t *testing.T) { - if skipGCS() != "" { - t.Skip(skipGCS()) - } - - assertError := func(expected string, observed error) { - observedMsg := "" - if observed != nil { - observedMsg = observed.Error() - } - if observedMsg != expected { - t.Fatalf("expected %v, observed %v\n", expected, observedMsg) - } - } - - err := retry(func() error { - return &googleapi.Error{ - Code: 503, - Message: "google api error", - } - }) - assertError("googleapi: Error 503: google api error", err) - - err = retry(func() error { - return &googleapi.Error{ - Code: 404, - Message: "google api error", - } - }) - assertError("googleapi: Error 404: google api error", err) - - err = retry(func() error { - return fmt.Errorf("error") - }) - assertError("error", err) -} - -func TestEmptyRootList(t *testing.T) { - if skipGCS() != "" { - t.Skip(skipGCS()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - rootedDriver, err := gcsDriverConstructor(validRoot) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - emptyRootDriver, err := gcsDriverConstructor("") - if err != nil { - t.Fatalf("unexpected error creating empty root driver: %v", err) - } - - slashRootDriver, err := gcsDriverConstructor("/") - if err != nil { - t.Fatalf("unexpected error creating slash root driver: %v", err) - } - - filename := "/test" - contents := []byte("contents") - ctx := ctx.Background() - err = rootedDriver.PutContent(ctx, filename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer func() { - err := rootedDriver.Delete(ctx, filename) - if err != nil { - t.Fatalf("failed to remove %v due to %v\n", filename, err) - } - }() - keys, err := emptyRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } - - keys, err = slashRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } -} - -// TestMoveDirectory checks that moving a directory returns an error. -func TestMoveDirectory(t *testing.T) { - if skipGCS() != "" { - t.Skip(skipGCS()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - driver, err := gcsDriverConstructor(validRoot) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - ctx := ctx.Background() - contents := []byte("contents") - // Create a regular file. - err = driver.PutContent(ctx, "/parent/dir/foo", contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer func() { - err := driver.Delete(ctx, "/parent") - if err != nil { - t.Fatalf("failed to remove /parent due to %v\n", err) - } - }() - - err = driver.Move(ctx, "/parent/dir", "/parent/other") - if err == nil { - t.Fatalf("Moving directory /parent/dir /parent/other should have return a non-nil error\n") - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver.go b/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver.go deleted file mode 100644 index eb2fd1cf..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver.go +++ /dev/null @@ -1,312 +0,0 @@ -package inmemory - -import ( - "fmt" - "io" - "io/ioutil" - "sync" - "time" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" -) - -const driverName = "inmemory" - -func init() { - factory.Register(driverName, &inMemoryDriverFactory{}) -} - -// inMemoryDriverFacotry implements the factory.StorageDriverFactory interface. -type inMemoryDriverFactory struct{} - -func (factory *inMemoryDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return New(), nil -} - -type driver struct { - root *dir - mutex sync.RWMutex -} - -// baseEmbed allows us to hide the Base embed. -type baseEmbed struct { - base.Base -} - -// Driver is a storagedriver.StorageDriver implementation backed by a local map. -// Intended solely for example and testing purposes. -type Driver struct { - baseEmbed // embedded, hidden base driver. -} - -var _ storagedriver.StorageDriver = &Driver{} - -// New constructs a new Driver. -func New() *Driver { - return &Driver{ - baseEmbed: baseEmbed{ - Base: base.Base{ - StorageDriver: &driver{ - root: &dir{ - common: common{ - p: "/", - mod: time.Now(), - }, - }, - }, - }, - }, - } -} - -// Implement the storagedriver.StorageDriver interface. - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - d.mutex.RLock() - defer d.mutex.RUnlock() - - rc, err := d.Reader(ctx, path, 0) - if err != nil { - return nil, err - } - defer rc.Close() - - return ioutil.ReadAll(rc) -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, p string, contents []byte) error { - d.mutex.Lock() - defer d.mutex.Unlock() - - normalized := normalize(p) - - f, err := d.root.mkfile(normalized) - if err != nil { - // TODO(stevvooe): Again, we need to clarify when this is not a - // directory in StorageDriver API. - return fmt.Errorf("not a file") - } - - f.truncate() - f.WriteAt(contents, 0) - - return nil -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - d.mutex.RLock() - defer d.mutex.RUnlock() - - if offset < 0 { - return nil, storagedriver.InvalidOffsetError{Path: path, Offset: offset} - } - - normalized := normalize(path) - found := d.root.find(normalized) - - if found.path() != normalized { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - if found.isdir() { - return nil, fmt.Errorf("%q is a directory", path) - } - - return ioutil.NopCloser(found.(*file).sectionReader(offset)), nil -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - d.mutex.Lock() - defer d.mutex.Unlock() - - normalized := normalize(path) - - f, err := d.root.mkfile(normalized) - if err != nil { - return nil, fmt.Errorf("not a file") - } - - if !append { - f.truncate() - } - - return d.newWriter(f), nil -} - -// Stat returns info about the provided path. -func (d *driver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - d.mutex.RLock() - defer d.mutex.RUnlock() - - normalized := normalize(path) - found := d.root.find(normalized) - - if found.path() != normalized { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - fi := storagedriver.FileInfoFields{ - Path: path, - IsDir: found.isdir(), - ModTime: found.modtime(), - } - - if !fi.IsDir { - fi.Size = int64(len(found.(*file).data)) - } - - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil -} - -// List returns a list of the objects that are direct descendants of the given -// path. -func (d *driver) List(ctx context.Context, path string) ([]string, error) { - d.mutex.RLock() - defer d.mutex.RUnlock() - - normalized := normalize(path) - - found := d.root.find(normalized) - - if !found.isdir() { - return nil, fmt.Errorf("not a directory") // TODO(stevvooe): Need error type for this... - } - - entries, err := found.(*dir).list(normalized) - - if err != nil { - switch err { - case errNotExists: - return nil, storagedriver.PathNotFoundError{Path: path} - case errIsNotDir: - return nil, fmt.Errorf("not a directory") - default: - return nil, err - } - } - - return entries, nil -} - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - d.mutex.Lock() - defer d.mutex.Unlock() - - normalizedSrc, normalizedDst := normalize(sourcePath), normalize(destPath) - - err := d.root.move(normalizedSrc, normalizedDst) - switch err { - case errNotExists: - return storagedriver.PathNotFoundError{Path: destPath} - default: - return err - } -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(ctx context.Context, path string) error { - d.mutex.Lock() - defer d.mutex.Unlock() - - normalized := normalize(path) - - err := d.root.delete(normalized) - switch err { - case errNotExists: - return storagedriver.PathNotFoundError{Path: path} - default: - return err - } -} - -// URLFor returns a URL which may be used to retrieve the content stored at the given path. -// May return an UnsupportedMethodErr in certain StorageDriver implementations. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - return "", storagedriver.ErrUnsupportedMethod{} -} - -type writer struct { - d *driver - f *file - closed bool - committed bool - cancelled bool -} - -func (d *driver) newWriter(f *file) storagedriver.FileWriter { - return &writer{ - d: d, - f: f, - } -} - -func (w *writer) Write(p []byte) (int, error) { - if w.closed { - return 0, fmt.Errorf("already closed") - } else if w.committed { - return 0, fmt.Errorf("already committed") - } else if w.cancelled { - return 0, fmt.Errorf("already cancelled") - } - - w.d.mutex.Lock() - defer w.d.mutex.Unlock() - - return w.f.WriteAt(p, int64(len(w.f.data))) -} - -func (w *writer) Size() int64 { - w.d.mutex.RLock() - defer w.d.mutex.RUnlock() - - return int64(len(w.f.data)) -} - -func (w *writer) Close() error { - if w.closed { - return fmt.Errorf("already closed") - } - w.closed = true - return nil -} - -func (w *writer) Cancel() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } - w.cancelled = true - - w.d.mutex.Lock() - defer w.d.mutex.Unlock() - - return w.d.root.delete(w.f.path()) -} - -func (w *writer) Commit() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } else if w.cancelled { - return fmt.Errorf("already cancelled") - } - w.committed = true - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver_test.go deleted file mode 100644 index dbc1916f..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/driver_test.go +++ /dev/null @@ -1,19 +0,0 @@ -package inmemory - -import ( - "testing" - - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - "gopkg.in/check.v1" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -func init() { - inmemoryDriverConstructor := func() (storagedriver.StorageDriver, error) { - return New(), nil - } - testsuites.RegisterSuite(inmemoryDriverConstructor, testsuites.NeverSkip) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/mfs.go b/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/mfs.go deleted file mode 100644 index cdefacfd..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/inmemory/mfs.go +++ /dev/null @@ -1,338 +0,0 @@ -package inmemory - -import ( - "fmt" - "io" - "path" - "sort" - "strings" - "time" -) - -var ( - errExists = fmt.Errorf("exists") - errNotExists = fmt.Errorf("notexists") - errIsNotDir = fmt.Errorf("notdir") - errIsDir = fmt.Errorf("isdir") -) - -type node interface { - name() string - path() string - isdir() bool - modtime() time.Time -} - -// dir is the central type for the memory-based storagedriver. All operations -// are dispatched from a root dir. -type dir struct { - common - - // TODO(stevvooe): Use sorted slice + search. - children map[string]node -} - -var _ node = &dir{} - -func (d *dir) isdir() bool { - return true -} - -// add places the node n into dir d. -func (d *dir) add(n node) { - if d.children == nil { - d.children = make(map[string]node) - } - - d.children[n.name()] = n - d.mod = time.Now() -} - -// find searches for the node, given path q in dir. If the node is found, it -// will be returned. If the node is not found, the closet existing parent. If -// the node is found, the returned (node).path() will match q. -func (d *dir) find(q string) node { - q = strings.Trim(q, "/") - i := strings.Index(q, "/") - - if q == "" { - return d - } - - if i == 0 { - panic("shouldn't happen, no root paths") - } - - var component string - if i < 0 { - // No more path components - component = q - } else { - component = q[:i] - } - - child, ok := d.children[component] - if !ok { - // Node was not found. Return p and the current node. - return d - } - - if child.isdir() { - // traverse down! - q = q[i+1:] - return child.(*dir).find(q) - } - - return child -} - -func (d *dir) list(p string) ([]string, error) { - n := d.find(p) - - if n.path() != p { - return nil, errNotExists - } - - if !n.isdir() { - return nil, errIsNotDir - } - - var children []string - for _, child := range n.(*dir).children { - children = append(children, child.path()) - } - - sort.Strings(children) - return children, nil -} - -// mkfile or return the existing one. returns an error if it exists and is a -// directory. Essentially, this is open or create. -func (d *dir) mkfile(p string) (*file, error) { - n := d.find(p) - if n.path() == p { - if n.isdir() { - return nil, errIsDir - } - - return n.(*file), nil - } - - dirpath, filename := path.Split(p) - // Make any non-existent directories - n, err := d.mkdirs(dirpath) - if err != nil { - return nil, err - } - - dd := n.(*dir) - n = &file{ - common: common{ - p: path.Join(dd.path(), filename), - mod: time.Now(), - }, - } - - dd.add(n) - return n.(*file), nil -} - -// mkdirs creates any missing directory entries in p and returns the result. -func (d *dir) mkdirs(p string) (*dir, error) { - p = normalize(p) - - n := d.find(p) - - if !n.isdir() { - // Found something there - return nil, errIsNotDir - } - - if n.path() == p { - return n.(*dir), nil - } - - dd := n.(*dir) - - relative := strings.Trim(strings.TrimPrefix(p, n.path()), "/") - - if relative == "" { - return dd, nil - } - - components := strings.Split(relative, "/") - for _, component := range components { - d, err := dd.mkdir(component) - - if err != nil { - // This should actually never happen, since there are no children. - return nil, err - } - dd = d - } - - return dd, nil -} - -// mkdir creates a child directory under d with the given name. -func (d *dir) mkdir(name string) (*dir, error) { - if name == "" { - return nil, fmt.Errorf("invalid dirname") - } - - _, ok := d.children[name] - if ok { - return nil, errExists - } - - child := &dir{ - common: common{ - p: path.Join(d.path(), name), - mod: time.Now(), - }, - } - d.add(child) - d.mod = time.Now() - - return child, nil -} - -func (d *dir) move(src, dst string) error { - dstDirname, _ := path.Split(dst) - - dp, err := d.mkdirs(dstDirname) - if err != nil { - return err - } - - srcDirname, srcFilename := path.Split(src) - sp := d.find(srcDirname) - - if normalize(srcDirname) != normalize(sp.path()) { - return errNotExists - } - - spd, ok := sp.(*dir) - if !ok { - return errIsNotDir // paranoid. - } - - s, ok := spd.children[srcFilename] - if !ok { - return errNotExists - } - - delete(spd.children, srcFilename) - - switch n := s.(type) { - case *dir: - n.p = dst - case *file: - n.p = dst - } - - dp.add(s) - - return nil -} - -func (d *dir) delete(p string) error { - dirname, filename := path.Split(p) - parent := d.find(dirname) - - if normalize(dirname) != normalize(parent.path()) { - return errNotExists - } - - if _, ok := parent.(*dir).children[filename]; !ok { - return errNotExists - } - - delete(parent.(*dir).children, filename) - return nil -} - -// dump outputs a primitive directory structure to stdout. -func (d *dir) dump(indent string) { - fmt.Println(indent, d.name()+"/") - - for _, child := range d.children { - if child.isdir() { - child.(*dir).dump(indent + "\t") - } else { - fmt.Println(indent, child.name()) - } - - } -} - -func (d *dir) String() string { - return fmt.Sprintf("&dir{path: %v, children: %v}", d.p, d.children) -} - -// file stores actual data in the fs tree. It acts like an open, seekable file -// where operations are conducted through ReadAt and WriteAt. Use it with -// SectionReader for the best effect. -type file struct { - common - data []byte -} - -var _ node = &file{} - -func (f *file) isdir() bool { - return false -} - -func (f *file) truncate() { - f.data = f.data[:0] -} - -func (f *file) sectionReader(offset int64) io.Reader { - return io.NewSectionReader(f, offset, int64(len(f.data))-offset) -} - -func (f *file) ReadAt(p []byte, offset int64) (n int, err error) { - return copy(p, f.data[offset:]), nil -} - -func (f *file) WriteAt(p []byte, offset int64) (n int, err error) { - off := int(offset) - if cap(f.data) < off+len(p) { - data := make([]byte, len(f.data), off+len(p)) - copy(data, f.data) - f.data = data - } - - f.mod = time.Now() - f.data = f.data[:off+len(p)] - - return copy(f.data[off:off+len(p)], p), nil -} - -func (f *file) String() string { - return fmt.Sprintf("&file{path: %q}", f.p) -} - -// common provides shared fields and methods for node implementations. -type common struct { - p string - mod time.Time -} - -func (c *common) name() string { - _, name := path.Split(c.p) - return name -} - -func (c *common) path() string { - return c.p -} - -func (c *common) modtime() time.Time { - return c.mod -} - -func normalize(p string) string { - return "/" + strings.Trim(p, "/") -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/cloudfront/middleware.go b/vendor/github.com/docker/distribution/registry/storage/driver/middleware/cloudfront/middleware.go deleted file mode 100644 index b0618d1a..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/cloudfront/middleware.go +++ /dev/null @@ -1,136 +0,0 @@ -// Package middleware - cloudfront wrapper for storage libs -// N.B. currently only works with S3, not arbitrary sites -// -package middleware - -import ( - "crypto/x509" - "encoding/pem" - "fmt" - "io/ioutil" - "net/url" - "strings" - "time" - - "github.com/aws/aws-sdk-go/service/cloudfront/sign" - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - storagemiddleware "github.com/docker/distribution/registry/storage/driver/middleware" -) - -// cloudFrontStorageMiddleware provides a simple implementation of layerHandler that -// constructs temporary signed CloudFront URLs from the storagedriver layer URL, -// then issues HTTP Temporary Redirects to this CloudFront content URL. -type cloudFrontStorageMiddleware struct { - storagedriver.StorageDriver - urlSigner *sign.URLSigner - baseURL string - duration time.Duration -} - -var _ storagedriver.StorageDriver = &cloudFrontStorageMiddleware{} - -// newCloudFrontLayerHandler constructs and returns a new CloudFront -// LayerHandler implementation. -// Required options: baseurl, privatekey, keypairid -func newCloudFrontStorageMiddleware(storageDriver storagedriver.StorageDriver, options map[string]interface{}) (storagedriver.StorageDriver, error) { - base, ok := options["baseurl"] - if !ok { - return nil, fmt.Errorf("no baseurl provided") - } - baseURL, ok := base.(string) - if !ok { - return nil, fmt.Errorf("baseurl must be a string") - } - if !strings.Contains(baseURL, "://") { - baseURL = "https://" + baseURL - } - if !strings.HasSuffix(baseURL, "/") { - baseURL += "/" - } - if _, err := url.Parse(baseURL); err != nil { - return nil, fmt.Errorf("invalid baseurl: %v", err) - } - pk, ok := options["privatekey"] - if !ok { - return nil, fmt.Errorf("no privatekey provided") - } - pkPath, ok := pk.(string) - if !ok { - return nil, fmt.Errorf("privatekey must be a string") - } - kpid, ok := options["keypairid"] - if !ok { - return nil, fmt.Errorf("no keypairid provided") - } - keypairID, ok := kpid.(string) - if !ok { - return nil, fmt.Errorf("keypairid must be a string") - } - - pkBytes, err := ioutil.ReadFile(pkPath) - if err != nil { - return nil, fmt.Errorf("failed to read privatekey file: %s", err) - } - - block, _ := pem.Decode([]byte(pkBytes)) - if block == nil { - return nil, fmt.Errorf("failed to decode private key as an rsa private key") - } - privateKey, err := x509.ParsePKCS1PrivateKey(block.Bytes) - if err != nil { - return nil, err - } - - urlSigner := sign.NewURLSigner(keypairID, privateKey) - - duration := 20 * time.Minute - d, ok := options["duration"] - if ok { - switch d := d.(type) { - case time.Duration: - duration = d - case string: - dur, err := time.ParseDuration(d) - if err != nil { - return nil, fmt.Errorf("invalid duration: %s", err) - } - duration = dur - } - } - - return &cloudFrontStorageMiddleware{ - StorageDriver: storageDriver, - urlSigner: urlSigner, - baseURL: baseURL, - duration: duration, - }, nil -} - -// S3BucketKeyer is any type that is capable of returning the S3 bucket key -// which should be cached by AWS CloudFront. -type S3BucketKeyer interface { - S3BucketKey(path string) string -} - -// Resolve returns an http.Handler which can serve the contents of the given -// Layer, or an error if not supported by the storagedriver. -func (lh *cloudFrontStorageMiddleware) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - // TODO(endophage): currently only supports S3 - keyer, ok := lh.StorageDriver.(S3BucketKeyer) - if !ok { - context.GetLogger(ctx).Warn("the CloudFront middleware does not support this backend storage driver") - return lh.StorageDriver.URLFor(ctx, path, options) - } - - cfURL, err := lh.urlSigner.Sign(lh.baseURL+keyer.S3BucketKey(path), time.Now().Add(lh.duration)) - if err != nil { - return "", err - } - return cfURL, nil -} - -// init registers the cloudfront layerHandler backend. -func init() { - storagemiddleware.Register("cloudfront", storagemiddleware.InitFunc(newCloudFrontStorageMiddleware)) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware.go b/vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware.go deleted file mode 100644 index 20cd7daa..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware.go +++ /dev/null @@ -1,50 +0,0 @@ -package middleware - -import ( - "fmt" - "net/url" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - storagemiddleware "github.com/docker/distribution/registry/storage/driver/middleware" -) - -type redirectStorageMiddleware struct { - storagedriver.StorageDriver - scheme string - host string -} - -var _ storagedriver.StorageDriver = &redirectStorageMiddleware{} - -func newRedirectStorageMiddleware(sd storagedriver.StorageDriver, options map[string]interface{}) (storagedriver.StorageDriver, error) { - o, ok := options["baseurl"] - if !ok { - return nil, fmt.Errorf("no baseurl provided") - } - b, ok := o.(string) - if !ok { - return nil, fmt.Errorf("baseurl must be a string") - } - u, err := url.Parse(b) - if err != nil { - return nil, fmt.Errorf("unable to parse redirect baseurl: %s", b) - } - if u.Scheme == "" { - return nil, fmt.Errorf("no scheme specified for redirect baseurl") - } - if u.Host == "" { - return nil, fmt.Errorf("no host specified for redirect baseurl") - } - - return &redirectStorageMiddleware{StorageDriver: sd, scheme: u.Scheme, host: u.Host}, nil -} - -func (r *redirectStorageMiddleware) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - u := &url.URL{Scheme: r.scheme, Host: r.host, Path: path} - return u.String(), nil -} - -func init() { - storagemiddleware.Register("redirect", storagemiddleware.InitFunc(newRedirectStorageMiddleware)) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware_test.go deleted file mode 100644 index 1eb6309f..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/redirect/middleware_test.go +++ /dev/null @@ -1,58 +0,0 @@ -package middleware - -import ( - "testing" - - check "gopkg.in/check.v1" -) - -func Test(t *testing.T) { check.TestingT(t) } - -type MiddlewareSuite struct{} - -var _ = check.Suite(&MiddlewareSuite{}) - -func (s *MiddlewareSuite) TestNoConfig(c *check.C) { - options := make(map[string]interface{}) - _, err := newRedirectStorageMiddleware(nil, options) - c.Assert(err, check.ErrorMatches, "no baseurl provided") -} - -func (s *MiddlewareSuite) TestMissingScheme(c *check.C) { - options := make(map[string]interface{}) - options["baseurl"] = "example.com" - _, err := newRedirectStorageMiddleware(nil, options) - c.Assert(err, check.ErrorMatches, "no scheme specified for redirect baseurl") -} - -func (s *MiddlewareSuite) TestHttpsPort(c *check.C) { - options := make(map[string]interface{}) - options["baseurl"] = "https://example.com:5443" - middleware, err := newRedirectStorageMiddleware(nil, options) - c.Assert(err, check.Equals, nil) - - m, ok := middleware.(*redirectStorageMiddleware) - c.Assert(ok, check.Equals, true) - c.Assert(m.scheme, check.Equals, "https") - c.Assert(m.host, check.Equals, "example.com:5443") - - url, err := middleware.URLFor(nil, "/rick/data", nil) - c.Assert(err, check.Equals, nil) - c.Assert(url, check.Equals, "https://example.com:5443/rick/data") -} - -func (s *MiddlewareSuite) TestHTTP(c *check.C) { - options := make(map[string]interface{}) - options["baseurl"] = "http://example.com" - middleware, err := newRedirectStorageMiddleware(nil, options) - c.Assert(err, check.Equals, nil) - - m, ok := middleware.(*redirectStorageMiddleware) - c.Assert(ok, check.Equals, true) - c.Assert(m.scheme, check.Equals, "http") - c.Assert(m.host, check.Equals, "example.com") - - url, err := middleware.URLFor(nil, "morty/data", nil) - c.Assert(err, check.Equals, nil) - c.Assert(url, check.Equals, "http://example.com/morty/data") -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/storagemiddleware.go b/vendor/github.com/docker/distribution/registry/storage/driver/middleware/storagemiddleware.go deleted file mode 100644 index 7e40a8dd..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/middleware/storagemiddleware.go +++ /dev/null @@ -1,39 +0,0 @@ -package storagemiddleware - -import ( - "fmt" - - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -// InitFunc is the type of a StorageMiddleware factory function and is -// used to register the constructor for different StorageMiddleware backends. -type InitFunc func(storageDriver storagedriver.StorageDriver, options map[string]interface{}) (storagedriver.StorageDriver, error) - -var storageMiddlewares map[string]InitFunc - -// Register is used to register an InitFunc for -// a StorageMiddleware backend with the given name. -func Register(name string, initFunc InitFunc) error { - if storageMiddlewares == nil { - storageMiddlewares = make(map[string]InitFunc) - } - if _, exists := storageMiddlewares[name]; exists { - return fmt.Errorf("name already registered: %s", name) - } - - storageMiddlewares[name] = initFunc - - return nil -} - -// Get constructs a StorageMiddleware with the given options using the named backend. -func Get(name string, options map[string]interface{}, storageDriver storagedriver.StorageDriver) (storagedriver.StorageDriver, error) { - if storageMiddlewares != nil { - if initFunc, exists := storageMiddlewares[name]; exists { - return initFunc(storageDriver, options) - } - } - - return nil, fmt.Errorf("no storage middleware registered with name: %s", name) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/oss/doc.go b/vendor/github.com/docker/distribution/registry/storage/driver/oss/doc.go deleted file mode 100644 index d1bc932f..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/oss/doc.go +++ /dev/null @@ -1,3 +0,0 @@ -// Package oss implements the Aliyun OSS Storage driver backend. Support can be -// enabled by including the "include_oss" build tag. -package oss diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/oss/oss.go b/vendor/github.com/docker/distribution/registry/storage/driver/oss/oss.go deleted file mode 100644 index 4d215928..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/oss/oss.go +++ /dev/null @@ -1,683 +0,0 @@ -// Package oss provides a storagedriver.StorageDriver implementation to -// store blobs in Aliyun OSS cloud storage. -// -// This package leverages the denverdino/aliyungo client library for interfacing with -// oss. -// -// Because OSS is a key, value store the Stat call does not support last modification -// time for directories (directories are an abstraction for key, value stores) -// -// +build include_oss - -package oss - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "reflect" - "strconv" - "strings" - "time" - - "github.com/docker/distribution/context" - - "github.com/Sirupsen/logrus" - "github.com/denverdino/aliyungo/oss" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" -) - -const driverName = "oss" - -// minChunkSize defines the minimum multipart upload chunk size -// OSS API requires multipart upload chunks to be at least 5MB -const minChunkSize = 5 << 20 - -const defaultChunkSize = 2 * minChunkSize -const defaultTimeout = 2 * time.Minute // 2 minute timeout per chunk - -// listMax is the largest amount of objects you can request from OSS in a list call -const listMax = 1000 - -//DriverParameters A struct that encapsulates all of the driver parameters after all values have been set -type DriverParameters struct { - AccessKeyID string - AccessKeySecret string - Bucket string - Region oss.Region - Internal bool - Encrypt bool - Secure bool - ChunkSize int64 - RootDirectory string - Endpoint string -} - -func init() { - factory.Register(driverName, &ossDriverFactory{}) -} - -// ossDriverFactory implements the factory.StorageDriverFactory interface -type ossDriverFactory struct{} - -func (factory *ossDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -type driver struct { - Client *oss.Client - Bucket *oss.Bucket - ChunkSize int64 - Encrypt bool - RootDirectory string -} - -type baseEmbed struct { - base.Base -} - -// Driver is a storagedriver.StorageDriver implementation backed by Aliyun OSS -// Objects are stored at absolute keys in the provided bucket. -type Driver struct { - baseEmbed -} - -// FromParameters constructs a new Driver with a given parameters map -// Required parameters: -// - accesskey -// - secretkey -// - region -// - bucket -// - encrypt -func FromParameters(parameters map[string]interface{}) (*Driver, error) { - // Providing no values for these is valid in case the user is authenticating - - accessKey, ok := parameters["accesskeyid"] - if !ok { - return nil, fmt.Errorf("No accesskeyid parameter provided") - } - secretKey, ok := parameters["accesskeysecret"] - if !ok { - return nil, fmt.Errorf("No accesskeysecret parameter provided") - } - - regionName, ok := parameters["region"] - if !ok || fmt.Sprint(regionName) == "" { - return nil, fmt.Errorf("No region parameter provided") - } - - bucket, ok := parameters["bucket"] - if !ok || fmt.Sprint(bucket) == "" { - return nil, fmt.Errorf("No bucket parameter provided") - } - - internalBool := false - internal, ok := parameters["internal"] - if ok { - internalBool, ok = internal.(bool) - if !ok { - return nil, fmt.Errorf("The internal parameter should be a boolean") - } - } - - encryptBool := false - encrypt, ok := parameters["encrypt"] - if ok { - encryptBool, ok = encrypt.(bool) - if !ok { - return nil, fmt.Errorf("The encrypt parameter should be a boolean") - } - } - - secureBool := true - secure, ok := parameters["secure"] - if ok { - secureBool, ok = secure.(bool) - if !ok { - return nil, fmt.Errorf("The secure parameter should be a boolean") - } - } - - chunkSize := int64(defaultChunkSize) - chunkSizeParam, ok := parameters["chunksize"] - if ok { - switch v := chunkSizeParam.(type) { - case string: - vv, err := strconv.ParseInt(v, 0, 64) - if err != nil { - return nil, fmt.Errorf("chunksize parameter must be an integer, %v invalid", chunkSizeParam) - } - chunkSize = vv - case int64: - chunkSize = v - case int, uint, int32, uint32, uint64: - chunkSize = reflect.ValueOf(v).Convert(reflect.TypeOf(chunkSize)).Int() - default: - return nil, fmt.Errorf("invalid valud for chunksize: %#v", chunkSizeParam) - } - - if chunkSize < minChunkSize { - return nil, fmt.Errorf("The chunksize %#v parameter should be a number that is larger than or equal to %d", chunkSize, minChunkSize) - } - } - - rootDirectory, ok := parameters["rootdirectory"] - if !ok { - rootDirectory = "" - } - - endpoint, ok := parameters["endpoint"] - if !ok { - endpoint = "" - } - - params := DriverParameters{ - AccessKeyID: fmt.Sprint(accessKey), - AccessKeySecret: fmt.Sprint(secretKey), - Bucket: fmt.Sprint(bucket), - Region: oss.Region(fmt.Sprint(regionName)), - ChunkSize: chunkSize, - RootDirectory: fmt.Sprint(rootDirectory), - Encrypt: encryptBool, - Secure: secureBool, - Internal: internalBool, - Endpoint: fmt.Sprint(endpoint), - } - - return New(params) -} - -// New constructs a new Driver with the given Aliyun credentials, region, encryption flag, and -// bucketName -func New(params DriverParameters) (*Driver, error) { - - client := oss.NewOSSClient(params.Region, params.Internal, params.AccessKeyID, params.AccessKeySecret, params.Secure) - client.SetEndpoint(params.Endpoint) - bucket := client.Bucket(params.Bucket) - client.SetDebug(false) - - // Validate that the given credentials have at least read permissions in the - // given bucket scope. - if _, err := bucket.List(strings.TrimRight(params.RootDirectory, "/"), "", "", 1); err != nil { - return nil, err - } - - // TODO(tg123): Currently multipart uploads have no timestamps, so this would be unwise - // if you initiated a new OSS client while another one is running on the same bucket. - - d := &driver{ - Client: client, - Bucket: bucket, - ChunkSize: params.ChunkSize, - Encrypt: params.Encrypt, - RootDirectory: params.RootDirectory, - } - - return &Driver{ - baseEmbed: baseEmbed{ - Base: base.Base{ - StorageDriver: d, - }, - }, - }, nil -} - -// Implement the storagedriver.StorageDriver interface - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - content, err := d.Bucket.Get(d.ossPath(path)) - if err != nil { - return nil, parseError(path, err) - } - return content, nil -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, path string, contents []byte) error { - return parseError(path, d.Bucket.Put(d.ossPath(path), contents, d.getContentType(), getPermissions(), d.getOptions())) -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - headers := make(http.Header) - headers.Add("Range", "bytes="+strconv.FormatInt(offset, 10)+"-") - - resp, err := d.Bucket.GetResponseWithHeaders(d.ossPath(path), headers) - if err != nil { - return nil, parseError(path, err) - } - - // Due to Aliyun OSS API, status 200 and whole object will be return instead of an - // InvalidRange error when range is invalid. - // - // OSS sever will always return http.StatusPartialContent if range is acceptable. - if resp.StatusCode != http.StatusPartialContent { - resp.Body.Close() - return ioutil.NopCloser(bytes.NewReader(nil)), nil - } - - return resp.Body, nil -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - key := d.ossPath(path) - if !append { - // TODO (brianbland): cancel other uploads at this path - multi, err := d.Bucket.InitMulti(key, d.getContentType(), getPermissions(), d.getOptions()) - if err != nil { - return nil, err - } - return d.newWriter(key, multi, nil), nil - } - multis, _, err := d.Bucket.ListMulti(key, "") - if err != nil { - return nil, parseError(path, err) - } - for _, multi := range multis { - if key != multi.Key { - continue - } - parts, err := multi.ListParts() - if err != nil { - return nil, parseError(path, err) - } - var multiSize int64 - for _, part := range parts { - multiSize += part.Size - } - return d.newWriter(key, multi, parts), nil - } - return nil, storagedriver.PathNotFoundError{Path: path} -} - -// Stat retrieves the FileInfo for the given path, including the current size -// in bytes and the creation time. -func (d *driver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - listResponse, err := d.Bucket.List(d.ossPath(path), "", "", 1) - if err != nil { - return nil, err - } - - fi := storagedriver.FileInfoFields{ - Path: path, - } - - if len(listResponse.Contents) == 1 { - if listResponse.Contents[0].Key != d.ossPath(path) { - fi.IsDir = true - } else { - fi.IsDir = false - fi.Size = listResponse.Contents[0].Size - - timestamp, err := time.Parse(time.RFC3339Nano, listResponse.Contents[0].LastModified) - if err != nil { - return nil, err - } - fi.ModTime = timestamp - } - } else if len(listResponse.CommonPrefixes) == 1 { - fi.IsDir = true - } else { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil -} - -// List returns a list of the objects that are direct descendants of the given path. -func (d *driver) List(ctx context.Context, opath string) ([]string, error) { - path := opath - if path != "/" && opath[len(path)-1] != '/' { - path = path + "/" - } - - // This is to cover for the cases when the rootDirectory of the driver is either "" or "/". - // In those cases, there is no root prefix to replace and we must actually add a "/" to all - // results in order to keep them as valid paths as recognized by storagedriver.PathRegexp - prefix := "" - if d.ossPath("") == "" { - prefix = "/" - } - - listResponse, err := d.Bucket.List(d.ossPath(path), "/", "", listMax) - if err != nil { - return nil, parseError(opath, err) - } - - files := []string{} - directories := []string{} - - for { - for _, key := range listResponse.Contents { - files = append(files, strings.Replace(key.Key, d.ossPath(""), prefix, 1)) - } - - for _, commonPrefix := range listResponse.CommonPrefixes { - directories = append(directories, strings.Replace(commonPrefix[0:len(commonPrefix)-1], d.ossPath(""), prefix, 1)) - } - - if listResponse.IsTruncated { - listResponse, err = d.Bucket.List(d.ossPath(path), "/", listResponse.NextMarker, listMax) - if err != nil { - return nil, err - } - } else { - break - } - } - - if opath != "/" { - if len(files) == 0 && len(directories) == 0 { - // Treat empty response as missing directory, since we don't actually - // have directories in s3. - return nil, storagedriver.PathNotFoundError{Path: opath} - } - } - - return append(files, directories...), nil -} - -const maxConcurrency = 10 - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - logrus.Infof("Move from %s to %s", d.ossPath(sourcePath), d.ossPath(destPath)) - err := d.Bucket.CopyLargeFileInParallel(d.ossPath(sourcePath), d.ossPath(destPath), - d.getContentType(), - getPermissions(), - oss.Options{}, - maxConcurrency) - if err != nil { - logrus.Errorf("Failed for move from %s to %s: %v", d.ossPath(sourcePath), d.ossPath(destPath), err) - return parseError(sourcePath, err) - } - - return d.Delete(ctx, sourcePath) -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(ctx context.Context, path string) error { - ossPath := d.ossPath(path) - listResponse, err := d.Bucket.List(ossPath, "", "", listMax) - if err != nil || len(listResponse.Contents) == 0 { - return storagedriver.PathNotFoundError{Path: path} - } - - ossObjects := make([]oss.Object, listMax) - - for len(listResponse.Contents) > 0 { - numOssObjects := len(listResponse.Contents) - for index, key := range listResponse.Contents { - // Stop if we encounter a key that is not a subpath (so that deleting "/a" does not delete "/ab"). - if len(key.Key) > len(ossPath) && (key.Key)[len(ossPath)] != '/' { - numOssObjects = index - break - } - ossObjects[index].Key = key.Key - } - - err := d.Bucket.DelMulti(oss.Delete{Quiet: false, Objects: ossObjects[0:numOssObjects]}) - if err != nil { - return nil - } - - if numOssObjects < len(listResponse.Contents) { - return nil - } - - listResponse, err = d.Bucket.List(d.ossPath(path), "", "", listMax) - if err != nil { - return err - } - } - - return nil -} - -// URLFor returns a URL which may be used to retrieve the content stored at the given path. -// May return an UnsupportedMethodErr in certain StorageDriver implementations. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - methodString := "GET" - method, ok := options["method"] - if ok { - methodString, ok = method.(string) - if !ok || (methodString != "GET") { - return "", storagedriver.ErrUnsupportedMethod{} - } - } - - expiresTime := time.Now().Add(20 * time.Minute) - - expires, ok := options["expiry"] - if ok { - et, ok := expires.(time.Time) - if ok { - expiresTime = et - } - } - logrus.Infof("methodString: %s, expiresTime: %v", methodString, expiresTime) - signedURL := d.Bucket.SignedURLWithMethod(methodString, d.ossPath(path), expiresTime, nil, nil) - logrus.Infof("signed URL: %s", signedURL) - return signedURL, nil -} - -func (d *driver) ossPath(path string) string { - return strings.TrimLeft(strings.TrimRight(d.RootDirectory, "/")+path, "/") -} - -func parseError(path string, err error) error { - if ossErr, ok := err.(*oss.Error); ok && ossErr.StatusCode == http.StatusNotFound && (ossErr.Code == "NoSuchKey" || ossErr.Code == "") { - return storagedriver.PathNotFoundError{Path: path} - } - - return err -} - -func hasCode(err error, code string) bool { - ossErr, ok := err.(*oss.Error) - return ok && ossErr.Code == code -} - -func (d *driver) getOptions() oss.Options { - return oss.Options{ServerSideEncryption: d.Encrypt} -} - -func getPermissions() oss.ACL { - return oss.Private -} - -func (d *driver) getContentType() string { - return "application/octet-stream" -} - -// writer attempts to upload parts to S3 in a buffered fashion where the last -// part is at least as large as the chunksize, so the multipart upload could be -// cleanly resumed in the future. This is violated if Close is called after less -// than a full chunk is written. -type writer struct { - driver *driver - key string - multi *oss.Multi - parts []oss.Part - size int64 - readyPart []byte - pendingPart []byte - closed bool - committed bool - cancelled bool -} - -func (d *driver) newWriter(key string, multi *oss.Multi, parts []oss.Part) storagedriver.FileWriter { - var size int64 - for _, part := range parts { - size += part.Size - } - return &writer{ - driver: d, - key: key, - multi: multi, - parts: parts, - size: size, - } -} - -func (w *writer) Write(p []byte) (int, error) { - if w.closed { - return 0, fmt.Errorf("already closed") - } else if w.committed { - return 0, fmt.Errorf("already committed") - } else if w.cancelled { - return 0, fmt.Errorf("already cancelled") - } - - // If the last written part is smaller than minChunkSize, we need to make a - // new multipart upload :sadface: - if len(w.parts) > 0 && int(w.parts[len(w.parts)-1].Size) < minChunkSize { - err := w.multi.Complete(w.parts) - if err != nil { - w.multi.Abort() - return 0, err - } - - multi, err := w.driver.Bucket.InitMulti(w.key, w.driver.getContentType(), getPermissions(), w.driver.getOptions()) - if err != nil { - return 0, err - } - w.multi = multi - - // If the entire written file is smaller than minChunkSize, we need to make - // a new part from scratch :double sad face: - if w.size < minChunkSize { - contents, err := w.driver.Bucket.Get(w.key) - if err != nil { - return 0, err - } - w.parts = nil - w.readyPart = contents - } else { - // Otherwise we can use the old file as the new first part - _, part, err := multi.PutPartCopy(1, oss.CopyOptions{}, w.driver.Bucket.Name+"/"+w.key) - if err != nil { - return 0, err - } - w.parts = []oss.Part{part} - } - } - - var n int - - for len(p) > 0 { - // If no parts are ready to write, fill up the first part - if neededBytes := int(w.driver.ChunkSize) - len(w.readyPart); neededBytes > 0 { - if len(p) >= neededBytes { - w.readyPart = append(w.readyPart, p[:neededBytes]...) - n += neededBytes - p = p[neededBytes:] - } else { - w.readyPart = append(w.readyPart, p...) - n += len(p) - p = nil - } - } - - if neededBytes := int(w.driver.ChunkSize) - len(w.pendingPart); neededBytes > 0 { - if len(p) >= neededBytes { - w.pendingPart = append(w.pendingPart, p[:neededBytes]...) - n += neededBytes - p = p[neededBytes:] - err := w.flushPart() - if err != nil { - w.size += int64(n) - return n, err - } - } else { - w.pendingPart = append(w.pendingPart, p...) - n += len(p) - p = nil - } - } - } - w.size += int64(n) - return n, nil -} - -func (w *writer) Size() int64 { - return w.size -} - -func (w *writer) Close() error { - if w.closed { - return fmt.Errorf("already closed") - } - w.closed = true - return w.flushPart() -} - -func (w *writer) Cancel() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } - w.cancelled = true - err := w.multi.Abort() - return err -} - -func (w *writer) Commit() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } else if w.cancelled { - return fmt.Errorf("already cancelled") - } - err := w.flushPart() - if err != nil { - return err - } - w.committed = true - err = w.multi.Complete(w.parts) - if err != nil { - w.multi.Abort() - return err - } - return nil -} - -// flushPart flushes buffers to write a part to S3. -// Only called by Write (with both buffers full) and Close/Commit (always) -func (w *writer) flushPart() error { - if len(w.readyPart) == 0 && len(w.pendingPart) == 0 { - // nothing to write - return nil - } - if len(w.pendingPart) < int(w.driver.ChunkSize) { - // closing with a small pending part - // combine ready and pending to avoid writing a small part - w.readyPart = append(w.readyPart, w.pendingPart...) - w.pendingPart = nil - } - - part, err := w.multi.PutPart(len(w.parts)+1, bytes.NewReader(w.readyPart)) - if err != nil { - return err - } - w.parts = append(w.parts, part) - w.readyPart = w.pendingPart - w.pendingPart = nil - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/oss/oss_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/oss/oss_test.go deleted file mode 100644 index fbae5d9c..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/oss/oss_test.go +++ /dev/null @@ -1,144 +0,0 @@ -// +build include_oss - -package oss - -import ( - "io/ioutil" - - alioss "github.com/denverdino/aliyungo/oss" - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - //"log" - "os" - "strconv" - "testing" - - "gopkg.in/check.v1" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -var ossDriverConstructor func(rootDirectory string) (*Driver, error) - -var skipCheck func() string - -func init() { - accessKey := os.Getenv("ALIYUN_ACCESS_KEY_ID") - secretKey := os.Getenv("ALIYUN_ACCESS_KEY_SECRET") - bucket := os.Getenv("OSS_BUCKET") - region := os.Getenv("OSS_REGION") - internal := os.Getenv("OSS_INTERNAL") - encrypt := os.Getenv("OSS_ENCRYPT") - secure := os.Getenv("OSS_SECURE") - endpoint := os.Getenv("OSS_ENDPOINT") - root, err := ioutil.TempDir("", "driver-") - if err != nil { - panic(err) - } - defer os.Remove(root) - - ossDriverConstructor = func(rootDirectory string) (*Driver, error) { - encryptBool := false - if encrypt != "" { - encryptBool, err = strconv.ParseBool(encrypt) - if err != nil { - return nil, err - } - } - - secureBool := false - if secure != "" { - secureBool, err = strconv.ParseBool(secure) - if err != nil { - return nil, err - } - } - - internalBool := false - if internal != "" { - internalBool, err = strconv.ParseBool(internal) - if err != nil { - return nil, err - } - } - - parameters := DriverParameters{ - AccessKeyID: accessKey, - AccessKeySecret: secretKey, - Bucket: bucket, - Region: alioss.Region(region), - Internal: internalBool, - ChunkSize: minChunkSize, - RootDirectory: rootDirectory, - Encrypt: encryptBool, - Secure: secureBool, - Endpoint: endpoint, - } - - return New(parameters) - } - - // Skip OSS storage driver tests if environment variable parameters are not provided - skipCheck = func() string { - if accessKey == "" || secretKey == "" || region == "" || bucket == "" || encrypt == "" { - return "Must set ALIYUN_ACCESS_KEY_ID, ALIYUN_ACCESS_KEY_SECRET, OSS_REGION, OSS_BUCKET, and OSS_ENCRYPT to run OSS tests" - } - return "" - } - - testsuites.RegisterSuite(func() (storagedriver.StorageDriver, error) { - return ossDriverConstructor(root) - }, skipCheck) -} - -func TestEmptyRootList(t *testing.T) { - if skipCheck() != "" { - t.Skip(skipCheck()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - rootedDriver, err := ossDriverConstructor(validRoot) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - emptyRootDriver, err := ossDriverConstructor("") - if err != nil { - t.Fatalf("unexpected error creating empty root driver: %v", err) - } - - slashRootDriver, err := ossDriverConstructor("/") - if err != nil { - t.Fatalf("unexpected error creating slash root driver: %v", err) - } - - filename := "/test" - contents := []byte("contents") - ctx := context.Background() - err = rootedDriver.PutContent(ctx, filename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer rootedDriver.Delete(ctx, filename) - - keys, err := emptyRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } - - keys, err = slashRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3.go b/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3.go deleted file mode 100644 index c9d19c46..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3.go +++ /dev/null @@ -1,1189 +0,0 @@ -// Package s3 provides a storagedriver.StorageDriver implementation to -// store blobs in Amazon S3 cloud storage. -// -// This package leverages the official aws client library for interfacing with -// S3. -// -// Because S3 is a key, value store the Stat call does not support last modification -// time for directories (directories are an abstraction for key, value stores) -// -// Keep in mind that S3 guarantees only read-after-write consistency for new -// objects, but no read-after-update or list-after-write consistency. -package s3 - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "math" - "net/http" - "reflect" - "sort" - "strconv" - "strings" - "time" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds" - "github.com/aws/aws-sdk-go/aws/ec2metadata" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/aws/session" - "github.com/aws/aws-sdk-go/service/s3" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/client/transport" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" -) - -const driverName = "s3aws" - -// minChunkSize defines the minimum multipart upload chunk size -// S3 API requires multipart upload chunks to be at least 5MB -const minChunkSize = 5 << 20 - -// maxChunkSize defines the maximum multipart upload chunk size allowed by S3. -const maxChunkSize = 5 << 30 - -const defaultChunkSize = 2 * minChunkSize - -const ( - // defaultMultipartCopyChunkSize defines the default chunk size for all - // but the last Upload Part - Copy operation of a multipart copy. - // Empirically, 32 MB is optimal. - defaultMultipartCopyChunkSize = 32 << 20 - - // defaultMultipartCopyMaxConcurrency defines the default maximum number - // of concurrent Upload Part - Copy operations for a multipart copy. - defaultMultipartCopyMaxConcurrency = 100 - - // defaultMultipartCopyThresholdSize defines the default object size - // above which multipart copy will be used. (PUT Object - Copy is used - // for objects at or below this size.) Empirically, 32 MB is optimal. - defaultMultipartCopyThresholdSize = 32 << 20 -) - -// listMax is the largest amount of objects you can request from S3 in a list call -const listMax = 1000 - -// noStorageClass defines the value to be used if storage class is not supported by the S3 endpoint -const noStorageClass = "NONE" - -// validRegions maps known s3 region identifiers to region descriptors -var validRegions = map[string]struct{}{} - -// validObjectACLs contains known s3 object Acls -var validObjectACLs = map[string]struct{}{} - -//DriverParameters A struct that encapsulates all of the driver parameters after all values have been set -type DriverParameters struct { - AccessKey string - SecretKey string - Bucket string - Region string - RegionEndpoint string - Encrypt bool - KeyID string - Secure bool - V4Auth bool - ChunkSize int64 - MultipartCopyChunkSize int64 - MultipartCopyMaxConcurrency int64 - MultipartCopyThresholdSize int64 - RootDirectory string - StorageClass string - UserAgent string - ObjectACL string -} - -func init() { - for _, region := range []string{ - "us-east-1", - "us-east-2", - "us-west-1", - "us-west-2", - "eu-west-1", - "eu-central-1", - "ap-southeast-1", - "ap-southeast-2", - "ap-northeast-1", - "ap-northeast-2", - "sa-east-1", - "cn-north-1", - "us-gov-west-1", - } { - validRegions[region] = struct{}{} - } - - for _, objectACL := range []string{ - s3.ObjectCannedACLPrivate, - s3.ObjectCannedACLPublicRead, - s3.ObjectCannedACLPublicReadWrite, - s3.ObjectCannedACLAuthenticatedRead, - s3.ObjectCannedACLAwsExecRead, - s3.ObjectCannedACLBucketOwnerRead, - s3.ObjectCannedACLBucketOwnerFullControl, - } { - validObjectACLs[objectACL] = struct{}{} - } - - // Register this as the default s3 driver in addition to s3aws - factory.Register("s3", &s3DriverFactory{}) - factory.Register(driverName, &s3DriverFactory{}) -} - -// s3DriverFactory implements the factory.StorageDriverFactory interface -type s3DriverFactory struct{} - -func (factory *s3DriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -type driver struct { - S3 *s3.S3 - Bucket string - ChunkSize int64 - Encrypt bool - KeyID string - MultipartCopyChunkSize int64 - MultipartCopyMaxConcurrency int64 - MultipartCopyThresholdSize int64 - RootDirectory string - StorageClass string - ObjectACL string -} - -type baseEmbed struct { - base.Base -} - -// Driver is a storagedriver.StorageDriver implementation backed by Amazon S3 -// Objects are stored at absolute keys in the provided bucket. -type Driver struct { - baseEmbed -} - -// FromParameters constructs a new Driver with a given parameters map -// Required parameters: -// - accesskey -// - secretkey -// - region -// - bucket -// - encrypt -func FromParameters(parameters map[string]interface{}) (*Driver, error) { - // Providing no values for these is valid in case the user is authenticating - // with an IAM on an ec2 instance (in which case the instance credentials will - // be summoned when GetAuth is called) - accessKey := parameters["accesskey"] - if accessKey == nil { - accessKey = "" - } - secretKey := parameters["secretkey"] - if secretKey == nil { - secretKey = "" - } - - regionEndpoint := parameters["regionendpoint"] - if regionEndpoint == nil { - regionEndpoint = "" - } - - regionName, ok := parameters["region"] - if regionName == nil || fmt.Sprint(regionName) == "" { - return nil, fmt.Errorf("No region parameter provided") - } - region := fmt.Sprint(regionName) - // Don't check the region value if a custom endpoint is provided. - if regionEndpoint == "" { - if _, ok = validRegions[region]; !ok { - return nil, fmt.Errorf("Invalid region provided: %v", region) - } - } - - bucket := parameters["bucket"] - if bucket == nil || fmt.Sprint(bucket) == "" { - return nil, fmt.Errorf("No bucket parameter provided") - } - - encryptBool := false - encrypt := parameters["encrypt"] - switch encrypt := encrypt.(type) { - case string: - b, err := strconv.ParseBool(encrypt) - if err != nil { - return nil, fmt.Errorf("The encrypt parameter should be a boolean") - } - encryptBool = b - case bool: - encryptBool = encrypt - case nil: - // do nothing - default: - return nil, fmt.Errorf("The encrypt parameter should be a boolean") - } - - secureBool := true - secure := parameters["secure"] - switch secure := secure.(type) { - case string: - b, err := strconv.ParseBool(secure) - if err != nil { - return nil, fmt.Errorf("The secure parameter should be a boolean") - } - secureBool = b - case bool: - secureBool = secure - case nil: - // do nothing - default: - return nil, fmt.Errorf("The secure parameter should be a boolean") - } - - v4Bool := true - v4auth := parameters["v4auth"] - switch v4auth := v4auth.(type) { - case string: - b, err := strconv.ParseBool(v4auth) - if err != nil { - return nil, fmt.Errorf("The v4auth parameter should be a boolean") - } - v4Bool = b - case bool: - v4Bool = v4auth - case nil: - // do nothing - default: - return nil, fmt.Errorf("The v4auth parameter should be a boolean") - } - - keyID := parameters["keyid"] - if keyID == nil { - keyID = "" - } - - chunkSize, err := getParameterAsInt64(parameters, "chunksize", defaultChunkSize, minChunkSize, maxChunkSize) - if err != nil { - return nil, err - } - - multipartCopyChunkSize, err := getParameterAsInt64(parameters, "multipartcopychunksize", defaultMultipartCopyChunkSize, minChunkSize, maxChunkSize) - if err != nil { - return nil, err - } - - multipartCopyMaxConcurrency, err := getParameterAsInt64(parameters, "multipartcopymaxconcurrency", defaultMultipartCopyMaxConcurrency, 1, math.MaxInt64) - if err != nil { - return nil, err - } - - multipartCopyThresholdSize, err := getParameterAsInt64(parameters, "multipartcopythresholdsize", defaultMultipartCopyThresholdSize, 0, maxChunkSize) - if err != nil { - return nil, err - } - - rootDirectory := parameters["rootdirectory"] - if rootDirectory == nil { - rootDirectory = "" - } - - storageClass := s3.StorageClassStandard - storageClassParam := parameters["storageclass"] - if storageClassParam != nil { - storageClassString, ok := storageClassParam.(string) - if !ok { - return nil, fmt.Errorf("The storageclass parameter must be one of %v, %v invalid", - []string{s3.StorageClassStandard, s3.StorageClassReducedRedundancy}, storageClassParam) - } - // All valid storage class parameters are UPPERCASE, so be a bit more flexible here - storageClassString = strings.ToUpper(storageClassString) - if storageClassString != noStorageClass && - storageClassString != s3.StorageClassStandard && - storageClassString != s3.StorageClassReducedRedundancy { - return nil, fmt.Errorf("The storageclass parameter must be one of %v, %v invalid", - []string{noStorageClass, s3.StorageClassStandard, s3.StorageClassReducedRedundancy}, storageClassParam) - } - storageClass = storageClassString - } - - userAgent := parameters["useragent"] - if userAgent == nil { - userAgent = "" - } - - objectACL := s3.ObjectCannedACLPrivate - objectACLParam := parameters["objectacl"] - if objectACLParam != nil { - objectACLString, ok := objectACLParam.(string) - if !ok { - return nil, fmt.Errorf("Invalid value for objectacl parameter: %v", objectACLParam) - } - - if _, ok = validObjectACLs[objectACLString]; !ok { - return nil, fmt.Errorf("Invalid value for objectacl parameter: %v", objectACLParam) - } - objectACL = objectACLString - } - - params := DriverParameters{ - fmt.Sprint(accessKey), - fmt.Sprint(secretKey), - fmt.Sprint(bucket), - region, - fmt.Sprint(regionEndpoint), - encryptBool, - fmt.Sprint(keyID), - secureBool, - v4Bool, - chunkSize, - multipartCopyChunkSize, - multipartCopyMaxConcurrency, - multipartCopyThresholdSize, - fmt.Sprint(rootDirectory), - storageClass, - fmt.Sprint(userAgent), - objectACL, - } - - return New(params) -} - -// getParameterAsInt64 converts paramaters[name] to an int64 value (using -// defaultt if nil), verifies it is no smaller than min, and returns it. -func getParameterAsInt64(parameters map[string]interface{}, name string, defaultt int64, min int64, max int64) (int64, error) { - rv := defaultt - param := parameters[name] - switch v := param.(type) { - case string: - vv, err := strconv.ParseInt(v, 0, 64) - if err != nil { - return 0, fmt.Errorf("%s parameter must be an integer, %v invalid", name, param) - } - rv = vv - case int64: - rv = v - case int, uint, int32, uint32, uint64: - rv = reflect.ValueOf(v).Convert(reflect.TypeOf(rv)).Int() - case nil: - // do nothing - default: - return 0, fmt.Errorf("invalid value for %s: %#v", name, param) - } - - if rv < min || rv > max { - return 0, fmt.Errorf("The %s %#v parameter should be a number between %d and %d (inclusive)", name, rv, min, max) - } - - return rv, nil -} - -// New constructs a new Driver with the given AWS credentials, region, encryption flag, and -// bucketName -func New(params DriverParameters) (*Driver, error) { - if !params.V4Auth && - (params.RegionEndpoint == "" || - strings.Contains(params.RegionEndpoint, "s3.amazonaws.com")) { - return nil, fmt.Errorf("On Amazon S3 this storage driver can only be used with v4 authentication") - } - - awsConfig := aws.NewConfig() - creds := credentials.NewChainCredentials([]credentials.Provider{ - &credentials.StaticProvider{ - Value: credentials.Value{ - AccessKeyID: params.AccessKey, - SecretAccessKey: params.SecretKey, - }, - }, - &credentials.EnvProvider{}, - &credentials.SharedCredentialsProvider{}, - &ec2rolecreds.EC2RoleProvider{Client: ec2metadata.New(session.New())}, - }) - - if params.RegionEndpoint != "" { - awsConfig.WithS3ForcePathStyle(true) - awsConfig.WithEndpoint(params.RegionEndpoint) - } - - awsConfig.WithCredentials(creds) - awsConfig.WithRegion(params.Region) - awsConfig.WithDisableSSL(!params.Secure) - - if params.UserAgent != "" { - awsConfig.WithHTTPClient(&http.Client{ - Transport: transport.NewTransport(http.DefaultTransport, transport.NewHeaderRequestModifier(http.Header{http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}})), - }) - } - - s3obj := s3.New(session.New(awsConfig)) - - // enable S3 compatible signature v2 signing instead - if !params.V4Auth { - setv2Handlers(s3obj) - } - - // TODO Currently multipart uploads have no timestamps, so this would be unwise - // if you initiated a new s3driver while another one is running on the same bucket. - // multis, _, err := bucket.ListMulti("", "") - // if err != nil { - // return nil, err - // } - - // for _, multi := range multis { - // err := multi.Abort() - // //TODO appropriate to do this error checking? - // if err != nil { - // return nil, err - // } - // } - - d := &driver{ - S3: s3obj, - Bucket: params.Bucket, - ChunkSize: params.ChunkSize, - Encrypt: params.Encrypt, - KeyID: params.KeyID, - MultipartCopyChunkSize: params.MultipartCopyChunkSize, - MultipartCopyMaxConcurrency: params.MultipartCopyMaxConcurrency, - MultipartCopyThresholdSize: params.MultipartCopyThresholdSize, - RootDirectory: params.RootDirectory, - StorageClass: params.StorageClass, - ObjectACL: params.ObjectACL, - } - - return &Driver{ - baseEmbed: baseEmbed{ - Base: base.Base{ - StorageDriver: d, - }, - }, - }, nil -} - -// Implement the storagedriver.StorageDriver interface - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - reader, err := d.Reader(ctx, path, 0) - if err != nil { - return nil, err - } - return ioutil.ReadAll(reader) -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, path string, contents []byte) error { - _, err := d.S3.PutObject(&s3.PutObjectInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(path)), - ContentType: d.getContentType(), - ACL: d.getACL(), - ServerSideEncryption: d.getEncryptionMode(), - SSEKMSKeyId: d.getSSEKMSKeyID(), - StorageClass: d.getStorageClass(), - Body: bytes.NewReader(contents), - }) - return parseError(path, err) -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - resp, err := d.S3.GetObject(&s3.GetObjectInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(path)), - Range: aws.String("bytes=" + strconv.FormatInt(offset, 10) + "-"), - }) - - if err != nil { - if s3Err, ok := err.(awserr.Error); ok && s3Err.Code() == "InvalidRange" { - return ioutil.NopCloser(bytes.NewReader(nil)), nil - } - - return nil, parseError(path, err) - } - return resp.Body, nil -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - key := d.s3Path(path) - if !append { - // TODO (brianbland): cancel other uploads at this path - resp, err := d.S3.CreateMultipartUpload(&s3.CreateMultipartUploadInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(key), - ContentType: d.getContentType(), - ACL: d.getACL(), - ServerSideEncryption: d.getEncryptionMode(), - SSEKMSKeyId: d.getSSEKMSKeyID(), - StorageClass: d.getStorageClass(), - }) - if err != nil { - return nil, err - } - return d.newWriter(key, *resp.UploadId, nil), nil - } - resp, err := d.S3.ListMultipartUploads(&s3.ListMultipartUploadsInput{ - Bucket: aws.String(d.Bucket), - Prefix: aws.String(key), - }) - if err != nil { - return nil, parseError(path, err) - } - - for _, multi := range resp.Uploads { - if key != *multi.Key { - continue - } - resp, err := d.S3.ListParts(&s3.ListPartsInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(key), - UploadId: multi.UploadId, - }) - if err != nil { - return nil, parseError(path, err) - } - var multiSize int64 - for _, part := range resp.Parts { - multiSize += *part.Size - } - return d.newWriter(key, *multi.UploadId, resp.Parts), nil - } - return nil, storagedriver.PathNotFoundError{Path: path} -} - -// Stat retrieves the FileInfo for the given path, including the current size -// in bytes and the creation time. -func (d *driver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - resp, err := d.S3.ListObjects(&s3.ListObjectsInput{ - Bucket: aws.String(d.Bucket), - Prefix: aws.String(d.s3Path(path)), - MaxKeys: aws.Int64(1), - }) - if err != nil { - return nil, err - } - - fi := storagedriver.FileInfoFields{ - Path: path, - } - - if len(resp.Contents) == 1 { - if *resp.Contents[0].Key != d.s3Path(path) { - fi.IsDir = true - } else { - fi.IsDir = false - fi.Size = *resp.Contents[0].Size - fi.ModTime = *resp.Contents[0].LastModified - } - } else if len(resp.CommonPrefixes) == 1 { - fi.IsDir = true - } else { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil -} - -// List returns a list of the objects that are direct descendants of the given path. -func (d *driver) List(ctx context.Context, opath string) ([]string, error) { - path := opath - if path != "/" && path[len(path)-1] != '/' { - path = path + "/" - } - - // This is to cover for the cases when the rootDirectory of the driver is either "" or "/". - // In those cases, there is no root prefix to replace and we must actually add a "/" to all - // results in order to keep them as valid paths as recognized by storagedriver.PathRegexp - prefix := "" - if d.s3Path("") == "" { - prefix = "/" - } - - resp, err := d.S3.ListObjects(&s3.ListObjectsInput{ - Bucket: aws.String(d.Bucket), - Prefix: aws.String(d.s3Path(path)), - Delimiter: aws.String("/"), - MaxKeys: aws.Int64(listMax), - }) - if err != nil { - return nil, parseError(opath, err) - } - - files := []string{} - directories := []string{} - - for { - for _, key := range resp.Contents { - files = append(files, strings.Replace(*key.Key, d.s3Path(""), prefix, 1)) - } - - for _, commonPrefix := range resp.CommonPrefixes { - commonPrefix := *commonPrefix.Prefix - directories = append(directories, strings.Replace(commonPrefix[0:len(commonPrefix)-1], d.s3Path(""), prefix, 1)) - } - - if *resp.IsTruncated { - resp, err = d.S3.ListObjects(&s3.ListObjectsInput{ - Bucket: aws.String(d.Bucket), - Prefix: aws.String(d.s3Path(path)), - Delimiter: aws.String("/"), - MaxKeys: aws.Int64(listMax), - Marker: resp.NextMarker, - }) - if err != nil { - return nil, err - } - } else { - break - } - } - - if opath != "/" { - if len(files) == 0 && len(directories) == 0 { - // Treat empty response as missing directory, since we don't actually - // have directories in s3. - return nil, storagedriver.PathNotFoundError{Path: opath} - } - } - - return append(files, directories...), nil -} - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - /* This is terrible, but aws doesn't have an actual move. */ - if err := d.copy(ctx, sourcePath, destPath); err != nil { - return err - } - return d.Delete(ctx, sourcePath) -} - -// copy copies an object stored at sourcePath to destPath. -func (d *driver) copy(ctx context.Context, sourcePath string, destPath string) error { - // S3 can copy objects up to 5 GB in size with a single PUT Object - Copy - // operation. For larger objects, the multipart upload API must be used. - // - // Empirically, multipart copy is fastest with 32 MB parts and is faster - // than PUT Object - Copy for objects larger than 32 MB. - - fileInfo, err := d.Stat(ctx, sourcePath) - if err != nil { - return parseError(sourcePath, err) - } - - if fileInfo.Size() <= d.MultipartCopyThresholdSize { - _, err := d.S3.CopyObject(&s3.CopyObjectInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(destPath)), - ContentType: d.getContentType(), - ACL: d.getACL(), - ServerSideEncryption: d.getEncryptionMode(), - SSEKMSKeyId: d.getSSEKMSKeyID(), - StorageClass: d.getStorageClass(), - CopySource: aws.String(d.Bucket + "/" + d.s3Path(sourcePath)), - }) - if err != nil { - return parseError(sourcePath, err) - } - return nil - } - - // Even in the worst case, a multipart copy should take no more - // than a few minutes, so 30 minutes is very conservative. - expires := time.Now().Add(time.Duration(30) * time.Minute) - createResp, err := d.S3.CreateMultipartUpload(&s3.CreateMultipartUploadInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(destPath)), - ContentType: d.getContentType(), - ACL: d.getACL(), - Expires: aws.Time(expires), - SSEKMSKeyId: d.getSSEKMSKeyID(), - ServerSideEncryption: d.getEncryptionMode(), - StorageClass: d.getStorageClass(), - }) - if err != nil { - return err - } - - numParts := (fileInfo.Size() + d.MultipartCopyChunkSize - 1) / d.MultipartCopyChunkSize - completedParts := make([]*s3.CompletedPart, numParts) - errChan := make(chan error, numParts) - limiter := make(chan struct{}, d.MultipartCopyMaxConcurrency) - - for i := range completedParts { - i := int64(i) - go func() { - limiter <- struct{}{} - firstByte := i * d.MultipartCopyChunkSize - lastByte := firstByte + d.MultipartCopyChunkSize - 1 - if lastByte >= fileInfo.Size() { - lastByte = fileInfo.Size() - 1 - } - uploadResp, err := d.S3.UploadPartCopy(&s3.UploadPartCopyInput{ - Bucket: aws.String(d.Bucket), - CopySource: aws.String(d.Bucket + "/" + d.s3Path(sourcePath)), - Key: aws.String(d.s3Path(destPath)), - PartNumber: aws.Int64(i + 1), - UploadId: createResp.UploadId, - CopySourceRange: aws.String(fmt.Sprintf("bytes=%d-%d", firstByte, lastByte)), - }) - if err == nil { - completedParts[i] = &s3.CompletedPart{ - ETag: uploadResp.CopyPartResult.ETag, - PartNumber: aws.Int64(i + 1), - } - } - errChan <- err - <-limiter - }() - } - - for range completedParts { - err := <-errChan - if err != nil { - return err - } - } - - _, err = d.S3.CompleteMultipartUpload(&s3.CompleteMultipartUploadInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(destPath)), - UploadId: createResp.UploadId, - MultipartUpload: &s3.CompletedMultipartUpload{Parts: completedParts}, - }) - return err -} - -func min(a, b int) int { - if a < b { - return a - } - return b -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -// We must be careful since S3 does not guarantee read after delete consistency -func (d *driver) Delete(ctx context.Context, path string) error { - s3Objects := make([]*s3.ObjectIdentifier, 0, listMax) - s3Path := d.s3Path(path) - listObjectsInput := &s3.ListObjectsInput{ - Bucket: aws.String(d.Bucket), - Prefix: aws.String(s3Path), - } -ListLoop: - for { - // list all the objects - resp, err := d.S3.ListObjects(listObjectsInput) - - // resp.Contents can only be empty on the first call - // if there were no more results to return after the first call, resp.IsTruncated would have been false - // and the loop would be exited without recalling ListObjects - if err != nil || len(resp.Contents) == 0 { - return storagedriver.PathNotFoundError{Path: path} - } - - for _, key := range resp.Contents { - // Stop if we encounter a key that is not a subpath (so that deleting "/a" does not delete "/ab"). - if len(*key.Key) > len(s3Path) && (*key.Key)[len(s3Path)] != '/' { - break ListLoop - } - s3Objects = append(s3Objects, &s3.ObjectIdentifier{ - Key: key.Key, - }) - } - - // resp.Contents must have at least one element or we would have returned not found - listObjectsInput.Marker = resp.Contents[len(resp.Contents)-1].Key - - // from the s3 api docs, IsTruncated "specifies whether (true) or not (false) all of the results were returned" - // if everything has been returned, break - if resp.IsTruncated == nil || !*resp.IsTruncated { - break - } - } - - // need to chunk objects into groups of 1000 per s3 restrictions - total := len(s3Objects) - for i := 0; i < total; i += 1000 { - _, err := d.S3.DeleteObjects(&s3.DeleteObjectsInput{ - Bucket: aws.String(d.Bucket), - Delete: &s3.Delete{ - Objects: s3Objects[i:min(i+1000, total)], - Quiet: aws.Bool(false), - }, - }) - if err != nil { - return err - } - } - return nil -} - -// URLFor returns a URL which may be used to retrieve the content stored at the given path. -// May return an UnsupportedMethodErr in certain StorageDriver implementations. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - methodString := "GET" - method, ok := options["method"] - if ok { - methodString, ok = method.(string) - if !ok || (methodString != "GET" && methodString != "HEAD") { - return "", storagedriver.ErrUnsupportedMethod{} - } - } - - expiresIn := 20 * time.Minute - expires, ok := options["expiry"] - if ok { - et, ok := expires.(time.Time) - if ok { - expiresIn = et.Sub(time.Now()) - } - } - - var req *request.Request - - switch methodString { - case "GET": - req, _ = d.S3.GetObjectRequest(&s3.GetObjectInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(path)), - }) - case "HEAD": - req, _ = d.S3.HeadObjectRequest(&s3.HeadObjectInput{ - Bucket: aws.String(d.Bucket), - Key: aws.String(d.s3Path(path)), - }) - default: - panic("unreachable") - } - - return req.Presign(expiresIn) -} - -func (d *driver) s3Path(path string) string { - return strings.TrimLeft(strings.TrimRight(d.RootDirectory, "/")+path, "/") -} - -// S3BucketKey returns the s3 bucket key for the given storage driver path. -func (d *Driver) S3BucketKey(path string) string { - return d.StorageDriver.(*driver).s3Path(path) -} - -func parseError(path string, err error) error { - if s3Err, ok := err.(awserr.Error); ok && s3Err.Code() == "NoSuchKey" { - return storagedriver.PathNotFoundError{Path: path} - } - - return err -} - -func (d *driver) getEncryptionMode() *string { - if !d.Encrypt { - return nil - } - if d.KeyID == "" { - return aws.String("AES256") - } - return aws.String("aws:kms") -} - -func (d *driver) getSSEKMSKeyID() *string { - if d.KeyID != "" { - return aws.String(d.KeyID) - } - return nil -} - -func (d *driver) getContentType() *string { - return aws.String("application/octet-stream") -} - -func (d *driver) getACL() *string { - return aws.String(d.ObjectACL) -} - -func (d *driver) getStorageClass() *string { - if d.StorageClass == noStorageClass { - return nil - } - return aws.String(d.StorageClass) -} - -// writer attempts to upload parts to S3 in a buffered fashion where the last -// part is at least as large as the chunksize, so the multipart upload could be -// cleanly resumed in the future. This is violated if Close is called after less -// than a full chunk is written. -type writer struct { - driver *driver - key string - uploadID string - parts []*s3.Part - size int64 - readyPart []byte - pendingPart []byte - closed bool - committed bool - cancelled bool -} - -func (d *driver) newWriter(key, uploadID string, parts []*s3.Part) storagedriver.FileWriter { - var size int64 - for _, part := range parts { - size += *part.Size - } - return &writer{ - driver: d, - key: key, - uploadID: uploadID, - parts: parts, - size: size, - } -} - -type completedParts []*s3.CompletedPart - -func (a completedParts) Len() int { return len(a) } -func (a completedParts) Swap(i, j int) { a[i], a[j] = a[j], a[i] } -func (a completedParts) Less(i, j int) bool { return *a[i].PartNumber < *a[j].PartNumber } - -func (w *writer) Write(p []byte) (int, error) { - if w.closed { - return 0, fmt.Errorf("already closed") - } else if w.committed { - return 0, fmt.Errorf("already committed") - } else if w.cancelled { - return 0, fmt.Errorf("already cancelled") - } - - // If the last written part is smaller than minChunkSize, we need to make a - // new multipart upload :sadface: - if len(w.parts) > 0 && int(*w.parts[len(w.parts)-1].Size) < minChunkSize { - var completedUploadedParts completedParts - for _, part := range w.parts { - completedUploadedParts = append(completedUploadedParts, &s3.CompletedPart{ - ETag: part.ETag, - PartNumber: part.PartNumber, - }) - } - - sort.Sort(completedUploadedParts) - - _, err := w.driver.S3.CompleteMultipartUpload(&s3.CompleteMultipartUploadInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - UploadId: aws.String(w.uploadID), - MultipartUpload: &s3.CompletedMultipartUpload{ - Parts: completedUploadedParts, - }, - }) - if err != nil { - w.driver.S3.AbortMultipartUpload(&s3.AbortMultipartUploadInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - UploadId: aws.String(w.uploadID), - }) - return 0, err - } - - resp, err := w.driver.S3.CreateMultipartUpload(&s3.CreateMultipartUploadInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - ContentType: w.driver.getContentType(), - ACL: w.driver.getACL(), - ServerSideEncryption: w.driver.getEncryptionMode(), - StorageClass: w.driver.getStorageClass(), - }) - if err != nil { - return 0, err - } - w.uploadID = *resp.UploadId - - // If the entire written file is smaller than minChunkSize, we need to make - // a new part from scratch :double sad face: - if w.size < minChunkSize { - resp, err := w.driver.S3.GetObject(&s3.GetObjectInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - }) - defer resp.Body.Close() - if err != nil { - return 0, err - } - w.parts = nil - w.readyPart, err = ioutil.ReadAll(resp.Body) - if err != nil { - return 0, err - } - } else { - // Otherwise we can use the old file as the new first part - copyPartResp, err := w.driver.S3.UploadPartCopy(&s3.UploadPartCopyInput{ - Bucket: aws.String(w.driver.Bucket), - CopySource: aws.String(w.driver.Bucket + "/" + w.key), - Key: aws.String(w.key), - PartNumber: aws.Int64(1), - UploadId: resp.UploadId, - }) - if err != nil { - return 0, err - } - w.parts = []*s3.Part{ - { - ETag: copyPartResp.CopyPartResult.ETag, - PartNumber: aws.Int64(1), - Size: aws.Int64(w.size), - }, - } - } - } - - var n int - - for len(p) > 0 { - // If no parts are ready to write, fill up the first part - if neededBytes := int(w.driver.ChunkSize) - len(w.readyPart); neededBytes > 0 { - if len(p) >= neededBytes { - w.readyPart = append(w.readyPart, p[:neededBytes]...) - n += neededBytes - p = p[neededBytes:] - } else { - w.readyPart = append(w.readyPart, p...) - n += len(p) - p = nil - } - } - - if neededBytes := int(w.driver.ChunkSize) - len(w.pendingPart); neededBytes > 0 { - if len(p) >= neededBytes { - w.pendingPart = append(w.pendingPart, p[:neededBytes]...) - n += neededBytes - p = p[neededBytes:] - err := w.flushPart() - if err != nil { - w.size += int64(n) - return n, err - } - } else { - w.pendingPart = append(w.pendingPart, p...) - n += len(p) - p = nil - } - } - } - w.size += int64(n) - return n, nil -} - -func (w *writer) Size() int64 { - return w.size -} - -func (w *writer) Close() error { - if w.closed { - return fmt.Errorf("already closed") - } - w.closed = true - return w.flushPart() -} - -func (w *writer) Cancel() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } - w.cancelled = true - _, err := w.driver.S3.AbortMultipartUpload(&s3.AbortMultipartUploadInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - UploadId: aws.String(w.uploadID), - }) - return err -} - -func (w *writer) Commit() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } else if w.cancelled { - return fmt.Errorf("already cancelled") - } - err := w.flushPart() - if err != nil { - return err - } - w.committed = true - - var completedUploadedParts completedParts - for _, part := range w.parts { - completedUploadedParts = append(completedUploadedParts, &s3.CompletedPart{ - ETag: part.ETag, - PartNumber: part.PartNumber, - }) - } - - sort.Sort(completedUploadedParts) - - _, err = w.driver.S3.CompleteMultipartUpload(&s3.CompleteMultipartUploadInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - UploadId: aws.String(w.uploadID), - MultipartUpload: &s3.CompletedMultipartUpload{ - Parts: completedUploadedParts, - }, - }) - if err != nil { - w.driver.S3.AbortMultipartUpload(&s3.AbortMultipartUploadInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - UploadId: aws.String(w.uploadID), - }) - return err - } - return nil -} - -// flushPart flushes buffers to write a part to S3. -// Only called by Write (with both buffers full) and Close/Commit (always) -func (w *writer) flushPart() error { - if len(w.readyPart) == 0 && len(w.pendingPart) == 0 { - // nothing to write - return nil - } - if len(w.pendingPart) < int(w.driver.ChunkSize) { - // closing with a small pending part - // combine ready and pending to avoid writing a small part - w.readyPart = append(w.readyPart, w.pendingPart...) - w.pendingPart = nil - } - - partNumber := aws.Int64(int64(len(w.parts) + 1)) - resp, err := w.driver.S3.UploadPart(&s3.UploadPartInput{ - Bucket: aws.String(w.driver.Bucket), - Key: aws.String(w.key), - PartNumber: partNumber, - UploadId: aws.String(w.uploadID), - Body: bytes.NewReader(w.readyPart), - }) - if err != nil { - return err - } - w.parts = append(w.parts, &s3.Part{ - ETag: resp.ETag, - PartNumber: partNumber, - Size: aws.Int64(int64(len(w.readyPart))), - }) - w.readyPart = w.pendingPart - w.pendingPart = nil - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_test.go deleted file mode 100644 index eb7ee519..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_test.go +++ /dev/null @@ -1,313 +0,0 @@ -package s3 - -import ( - "bytes" - "io/ioutil" - "math/rand" - "os" - "strconv" - "testing" - - "gopkg.in/check.v1" - - "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/service/s3" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -var s3DriverConstructor func(rootDirectory, storageClass string) (*Driver, error) -var skipS3 func() string - -func init() { - accessKey := os.Getenv("AWS_ACCESS_KEY") - secretKey := os.Getenv("AWS_SECRET_KEY") - bucket := os.Getenv("S3_BUCKET") - encrypt := os.Getenv("S3_ENCRYPT") - keyID := os.Getenv("S3_KEY_ID") - secure := os.Getenv("S3_SECURE") - v4Auth := os.Getenv("S3_V4_AUTH") - region := os.Getenv("AWS_REGION") - objectACL := os.Getenv("S3_OBJECT_ACL") - root, err := ioutil.TempDir("", "driver-") - regionEndpoint := os.Getenv("REGION_ENDPOINT") - if err != nil { - panic(err) - } - defer os.Remove(root) - - s3DriverConstructor = func(rootDirectory, storageClass string) (*Driver, error) { - encryptBool := false - if encrypt != "" { - encryptBool, err = strconv.ParseBool(encrypt) - if err != nil { - return nil, err - } - } - - secureBool := true - if secure != "" { - secureBool, err = strconv.ParseBool(secure) - if err != nil { - return nil, err - } - } - - v4Bool := true - if v4Auth != "" { - v4Bool, err = strconv.ParseBool(v4Auth) - if err != nil { - return nil, err - } - } - - parameters := DriverParameters{ - accessKey, - secretKey, - bucket, - region, - regionEndpoint, - encryptBool, - keyID, - secureBool, - v4Bool, - minChunkSize, - defaultMultipartCopyChunkSize, - defaultMultipartCopyMaxConcurrency, - defaultMultipartCopyThresholdSize, - rootDirectory, - storageClass, - driverName + "-test", - objectACL, - } - - return New(parameters) - } - - // Skip S3 storage driver tests if environment variable parameters are not provided - skipS3 = func() string { - if accessKey == "" || secretKey == "" || region == "" || bucket == "" || encrypt == "" { - return "Must set AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION, S3_BUCKET, and S3_ENCRYPT to run S3 tests" - } - return "" - } - - testsuites.RegisterSuite(func() (storagedriver.StorageDriver, error) { - return s3DriverConstructor(root, s3.StorageClassStandard) - }, skipS3) -} - -func TestEmptyRootList(t *testing.T) { - if skipS3() != "" { - t.Skip(skipS3()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - rootedDriver, err := s3DriverConstructor(validRoot, s3.StorageClassStandard) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - emptyRootDriver, err := s3DriverConstructor("", s3.StorageClassStandard) - if err != nil { - t.Fatalf("unexpected error creating empty root driver: %v", err) - } - - slashRootDriver, err := s3DriverConstructor("/", s3.StorageClassStandard) - if err != nil { - t.Fatalf("unexpected error creating slash root driver: %v", err) - } - - filename := "/test" - contents := []byte("contents") - ctx := context.Background() - err = rootedDriver.PutContent(ctx, filename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer rootedDriver.Delete(ctx, filename) - - keys, err := emptyRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } - - keys, err = slashRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } -} - -func TestStorageClass(t *testing.T) { - if skipS3() != "" { - t.Skip(skipS3()) - } - - rootDir, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(rootDir) - - standardDriver, err := s3DriverConstructor(rootDir, s3.StorageClassStandard) - if err != nil { - t.Fatalf("unexpected error creating driver with standard storage: %v", err) - } - - rrDriver, err := s3DriverConstructor(rootDir, s3.StorageClassReducedRedundancy) - if err != nil { - t.Fatalf("unexpected error creating driver with reduced redundancy storage: %v", err) - } - - if _, err = s3DriverConstructor(rootDir, noStorageClass); err != nil { - t.Fatalf("unexpected error creating driver without storage class: %v", err) - } - - standardFilename := "/test-standard" - rrFilename := "/test-rr" - contents := []byte("contents") - ctx := context.Background() - - err = standardDriver.PutContent(ctx, standardFilename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer standardDriver.Delete(ctx, standardFilename) - - err = rrDriver.PutContent(ctx, rrFilename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer rrDriver.Delete(ctx, rrFilename) - - standardDriverUnwrapped := standardDriver.Base.StorageDriver.(*driver) - resp, err := standardDriverUnwrapped.S3.GetObject(&s3.GetObjectInput{ - Bucket: aws.String(standardDriverUnwrapped.Bucket), - Key: aws.String(standardDriverUnwrapped.s3Path(standardFilename)), - }) - if err != nil { - t.Fatalf("unexpected error retrieving standard storage file: %v", err) - } - defer resp.Body.Close() - // Amazon only populates this header value for non-standard storage classes - if resp.StorageClass != nil { - t.Fatalf("unexpected storage class for standard file: %v", resp.StorageClass) - } - - rrDriverUnwrapped := rrDriver.Base.StorageDriver.(*driver) - resp, err = rrDriverUnwrapped.S3.GetObject(&s3.GetObjectInput{ - Bucket: aws.String(rrDriverUnwrapped.Bucket), - Key: aws.String(rrDriverUnwrapped.s3Path(rrFilename)), - }) - if err != nil { - t.Fatalf("unexpected error retrieving reduced-redundancy storage file: %v", err) - } - defer resp.Body.Close() - if resp.StorageClass == nil { - t.Fatalf("unexpected storage class for reduced-redundancy file: %v", s3.StorageClassStandard) - } else if *resp.StorageClass != s3.StorageClassReducedRedundancy { - t.Fatalf("unexpected storage class for reduced-redundancy file: %v", *resp.StorageClass) - } - -} - -func TestOverThousandBlobs(t *testing.T) { - if skipS3() != "" { - t.Skip(skipS3()) - } - - rootDir, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(rootDir) - - standardDriver, err := s3DriverConstructor(rootDir, s3.StorageClassStandard) - if err != nil { - t.Fatalf("unexpected error creating driver with standard storage: %v", err) - } - - ctx := context.Background() - for i := 0; i < 1005; i++ { - filename := "/thousandfiletest/file" + strconv.Itoa(i) - contents := []byte("contents") - err = standardDriver.PutContent(ctx, filename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - } - - // cant actually verify deletion because read-after-delete is inconsistent, but can ensure no errors - err = standardDriver.Delete(ctx, "/thousandfiletest") - if err != nil { - t.Fatalf("unexpected error deleting thousand files: %v", err) - } -} - -func TestMoveWithMultipartCopy(t *testing.T) { - if skipS3() != "" { - t.Skip(skipS3()) - } - - rootDir, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(rootDir) - - d, err := s3DriverConstructor(rootDir, s3.StorageClassStandard) - if err != nil { - t.Fatalf("unexpected error creating driver: %v", err) - } - - ctx := context.Background() - sourcePath := "/source" - destPath := "/dest" - - defer d.Delete(ctx, sourcePath) - defer d.Delete(ctx, destPath) - - // An object larger than d's MultipartCopyThresholdSize will cause d.Move() to perform a multipart copy. - multipartCopyThresholdSize := d.baseEmbed.Base.StorageDriver.(*driver).MultipartCopyThresholdSize - contents := make([]byte, 2*multipartCopyThresholdSize) - rand.Read(contents) - - err = d.PutContent(ctx, sourcePath, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - - err = d.Move(ctx, sourcePath, destPath) - if err != nil { - t.Fatalf("unexpected error moving file: %v", err) - } - - received, err := d.GetContent(ctx, destPath) - if err != nil { - t.Fatalf("unexpected error getting content: %v", err) - } - if !bytes.Equal(contents, received) { - t.Fatal("content differs") - } - - _, err = d.GetContent(ctx, sourcePath) - switch err.(type) { - case storagedriver.PathNotFoundError: - default: - t.Fatalf("unexpected error getting content: %v", err) - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_v2_signer.go b/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_v2_signer.go deleted file mode 100644 index 7cabe07e..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/s3-aws/s3_v2_signer.go +++ /dev/null @@ -1,219 +0,0 @@ -package s3 - -// Source: https://github.com/pivotal-golang/s3cli - -// Copyright (c) 2013 Damien Le Berrigaud and Nick Wade - -// Permission is hereby granted, free of charge, to any person obtaining a copy -// of this software and associated documentation files (the "Software"), to deal -// in the Software without restriction, including without limitation the rights -// to use, copy, modify, merge, publish, distribute, sublicense, and/or sell -// copies of the Software, and to permit persons to whom the Software is -// furnished to do so, subject to the following conditions: - -// The above copyright notice and this permission notice shall be included in -// all copies or substantial portions of the Software. - -// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -// IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -// FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -// AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -// LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -// OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN -// THE SOFTWARE. - -import ( - "crypto/hmac" - "crypto/sha1" - "encoding/base64" - "net/http" - "net/url" - "sort" - "strings" - "time" - - log "github.com/Sirupsen/logrus" - "github.com/aws/aws-sdk-go/aws/corehandlers" - "github.com/aws/aws-sdk-go/aws/credentials" - "github.com/aws/aws-sdk-go/aws/request" - "github.com/aws/aws-sdk-go/service/s3" -) - -const ( - signatureVersion = "2" - signatureMethod = "HmacSHA1" - timeFormat = "2006-01-02T15:04:05Z" -) - -type signer struct { - // Values that must be populated from the request - Request *http.Request - Time time.Time - Credentials *credentials.Credentials - Query url.Values - stringToSign string - signature string -} - -var s3ParamsToSign = map[string]bool{ - "acl": true, - "location": true, - "logging": true, - "notification": true, - "partNumber": true, - "policy": true, - "requestPayment": true, - "torrent": true, - "uploadId": true, - "uploads": true, - "versionId": true, - "versioning": true, - "versions": true, - "response-content-type": true, - "response-content-language": true, - "response-expires": true, - "response-cache-control": true, - "response-content-disposition": true, - "response-content-encoding": true, - "website": true, - "delete": true, -} - -// setv2Handlers will setup v2 signature signing on the S3 driver -func setv2Handlers(svc *s3.S3) { - svc.Handlers.Build.PushBack(func(r *request.Request) { - parsedURL, err := url.Parse(r.HTTPRequest.URL.String()) - if err != nil { - log.Fatalf("Failed to parse URL: %v", err) - } - r.HTTPRequest.URL.Opaque = parsedURL.Path - }) - - svc.Handlers.Sign.Clear() - svc.Handlers.Sign.PushBack(Sign) - svc.Handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler) -} - -// Sign requests with signature version 2. -// -// Will sign the requests with the service config's Credentials object -// Signing is skipped if the credentials is the credentials.AnonymousCredentials -// object. -func Sign(req *request.Request) { - // If the request does not need to be signed ignore the signing of the - // request if the AnonymousCredentials object is used. - if req.Config.Credentials == credentials.AnonymousCredentials { - return - } - - v2 := signer{ - Request: req.HTTPRequest, - Time: req.Time, - Credentials: req.Config.Credentials, - } - v2.Sign() -} - -func (v2 *signer) Sign() error { - credValue, err := v2.Credentials.Get() - if err != nil { - return err - } - accessKey := credValue.AccessKeyID - var ( - md5, ctype, date, xamz string - xamzDate bool - sarray []string - smap map[string]string - sharray []string - ) - - headers := v2.Request.Header - params := v2.Request.URL.Query() - parsedURL, err := url.Parse(v2.Request.URL.String()) - if err != nil { - return err - } - host, canonicalPath := parsedURL.Host, parsedURL.Path - v2.Request.Header["Host"] = []string{host} - v2.Request.Header["date"] = []string{v2.Time.In(time.UTC).Format(time.RFC1123)} - - smap = make(map[string]string) - for k, v := range headers { - k = strings.ToLower(k) - switch k { - case "content-md5": - md5 = v[0] - case "content-type": - ctype = v[0] - case "date": - if !xamzDate { - date = v[0] - } - default: - if strings.HasPrefix(k, "x-amz-") { - vall := strings.Join(v, ",") - smap[k] = k + ":" + vall - if k == "x-amz-date" { - xamzDate = true - date = "" - } - sharray = append(sharray, k) - } - } - } - if len(sharray) > 0 { - sort.StringSlice(sharray).Sort() - for _, h := range sharray { - sarray = append(sarray, smap[h]) - } - xamz = strings.Join(sarray, "\n") + "\n" - } - - expires := false - if v, ok := params["Expires"]; ok { - expires = true - date = v[0] - params["AWSAccessKeyId"] = []string{accessKey} - } - - sarray = sarray[0:0] - for k, v := range params { - if s3ParamsToSign[k] { - for _, vi := range v { - if vi == "" { - sarray = append(sarray, k) - } else { - sarray = append(sarray, k+"="+vi) - } - } - } - } - if len(sarray) > 0 { - sort.StringSlice(sarray).Sort() - canonicalPath = canonicalPath + "?" + strings.Join(sarray, "&") - } - - v2.stringToSign = strings.Join([]string{ - v2.Request.Method, - md5, - ctype, - date, - xamz + canonicalPath, - }, "\n") - hash := hmac.New(sha1.New, []byte(credValue.SecretAccessKey)) - hash.Write([]byte(v2.stringToSign)) - v2.signature = base64.StdEncoding.EncodeToString(hash.Sum(nil)) - - if expires { - params["Signature"] = []string{string(v2.signature)} - } else { - headers["Authorization"] = []string{"AWS " + accessKey + ":" + string(v2.signature)} - } - - log.WithFields(log.Fields{ - "string-to-sign": v2.stringToSign, - "signature": v2.signature, - }).Debugln("request signature") - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3.go b/vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3.go deleted file mode 100644 index 33751c16..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3.go +++ /dev/null @@ -1,757 +0,0 @@ -// Package s3 provides a storagedriver.StorageDriver implementation to -// store blobs in Amazon S3 cloud storage. -// -// This package leverages the docker/goamz client library for interfacing with -// S3. It is intended to be deprecated in favor of the s3-aws driver -// implementation. -// -// Because S3 is a key, value store the Stat call does not support last modification -// time for directories (directories are an abstraction for key, value stores) -// -// Keep in mind that S3 guarantees only read-after-write consistency for new -// objects, but no read-after-update or list-after-write consistency. -package s3 - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "reflect" - "strconv" - "strings" - "time" - - "github.com/docker/goamz/aws" - "github.com/docker/goamz/s3" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/client/transport" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" -) - -const driverName = "s3goamz" - -// minChunkSize defines the minimum multipart upload chunk size -// S3 API requires multipart upload chunks to be at least 5MB -const minChunkSize = 5 << 20 - -const defaultChunkSize = 2 * minChunkSize - -// listMax is the largest amount of objects you can request from S3 in a list call -const listMax = 1000 - -//DriverParameters A struct that encapsulates all of the driver parameters after all values have been set -type DriverParameters struct { - AccessKey string - SecretKey string - Bucket string - Region aws.Region - Encrypt bool - Secure bool - V4Auth bool - ChunkSize int64 - RootDirectory string - StorageClass s3.StorageClass - UserAgent string -} - -func init() { - factory.Register(driverName, &s3DriverFactory{}) -} - -// s3DriverFactory implements the factory.StorageDriverFactory interface -type s3DriverFactory struct{} - -func (factory *s3DriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -type driver struct { - S3 *s3.S3 - Bucket *s3.Bucket - ChunkSize int64 - Encrypt bool - RootDirectory string - StorageClass s3.StorageClass -} - -type baseEmbed struct { - base.Base -} - -// Driver is a storagedriver.StorageDriver implementation backed by Amazon S3 -// Objects are stored at absolute keys in the provided bucket. -type Driver struct { - baseEmbed -} - -// FromParameters constructs a new Driver with a given parameters map -// Required parameters: -// - accesskey -// - secretkey -// - region -// - bucket -// - encrypt -func FromParameters(parameters map[string]interface{}) (*Driver, error) { - // Providing no values for these is valid in case the user is authenticating - // with an IAM on an ec2 instance (in which case the instance credentials will - // be summoned when GetAuth is called) - accessKey := parameters["accesskey"] - if accessKey == nil { - accessKey = "" - } - - secretKey := parameters["secretkey"] - if secretKey == nil { - secretKey = "" - } - - regionName := parameters["region"] - if regionName == nil || fmt.Sprint(regionName) == "" { - return nil, fmt.Errorf("No region parameter provided") - } - region := aws.GetRegion(fmt.Sprint(regionName)) - if region.Name == "" { - return nil, fmt.Errorf("Invalid region provided: %v", region) - } - - bucket := parameters["bucket"] - if bucket == nil || fmt.Sprint(bucket) == "" { - return nil, fmt.Errorf("No bucket parameter provided") - } - - encryptBool := false - encrypt := parameters["encrypt"] - switch encrypt := encrypt.(type) { - case string: - b, err := strconv.ParseBool(encrypt) - if err != nil { - return nil, fmt.Errorf("The encrypt parameter should be a boolean") - } - encryptBool = b - case bool: - encryptBool = encrypt - case nil: - // do nothing - default: - return nil, fmt.Errorf("The encrypt parameter should be a boolean") - } - - secureBool := true - secure := parameters["secure"] - switch secure := secure.(type) { - case string: - b, err := strconv.ParseBool(secure) - if err != nil { - return nil, fmt.Errorf("The secure parameter should be a boolean") - } - secureBool = b - case bool: - secureBool = secure - case nil: - // do nothing - default: - return nil, fmt.Errorf("The secure parameter should be a boolean") - } - - v4AuthBool := false - v4Auth := parameters["v4auth"] - switch v4Auth := v4Auth.(type) { - case string: - b, err := strconv.ParseBool(v4Auth) - if err != nil { - return nil, fmt.Errorf("The v4auth parameter should be a boolean") - } - v4AuthBool = b - case bool: - v4AuthBool = v4Auth - case nil: - // do nothing - default: - return nil, fmt.Errorf("The v4auth parameter should be a boolean") - } - - chunkSize := int64(defaultChunkSize) - chunkSizeParam := parameters["chunksize"] - switch v := chunkSizeParam.(type) { - case string: - vv, err := strconv.ParseInt(v, 0, 64) - if err != nil { - return nil, fmt.Errorf("chunksize parameter must be an integer, %v invalid", chunkSizeParam) - } - chunkSize = vv - case int64: - chunkSize = v - case int, uint, int32, uint32, uint64: - chunkSize = reflect.ValueOf(v).Convert(reflect.TypeOf(chunkSize)).Int() - case nil: - // do nothing - default: - return nil, fmt.Errorf("invalid value for chunksize: %#v", chunkSizeParam) - } - - if chunkSize < minChunkSize { - return nil, fmt.Errorf("The chunksize %#v parameter should be a number that is larger than or equal to %d", chunkSize, minChunkSize) - } - - rootDirectory := parameters["rootdirectory"] - if rootDirectory == nil { - rootDirectory = "" - } - - storageClass := s3.StandardStorage - storageClassParam := parameters["storageclass"] - if storageClassParam != nil { - storageClassString, ok := storageClassParam.(string) - if !ok { - return nil, fmt.Errorf("The storageclass parameter must be one of %v, %v invalid", []s3.StorageClass{s3.StandardStorage, s3.ReducedRedundancy}, storageClassParam) - } - // All valid storage class parameters are UPPERCASE, so be a bit more flexible here - storageClassCasted := s3.StorageClass(strings.ToUpper(storageClassString)) - if storageClassCasted != s3.StandardStorage && storageClassCasted != s3.ReducedRedundancy { - return nil, fmt.Errorf("The storageclass parameter must be one of %v, %v invalid", []s3.StorageClass{s3.StandardStorage, s3.ReducedRedundancy}, storageClassParam) - } - storageClass = storageClassCasted - } - - userAgent := parameters["useragent"] - if userAgent == nil { - userAgent = "" - } - - params := DriverParameters{ - fmt.Sprint(accessKey), - fmt.Sprint(secretKey), - fmt.Sprint(bucket), - region, - encryptBool, - secureBool, - v4AuthBool, - chunkSize, - fmt.Sprint(rootDirectory), - storageClass, - fmt.Sprint(userAgent), - } - - return New(params) -} - -// New constructs a new Driver with the given AWS credentials, region, encryption flag, and -// bucketName -func New(params DriverParameters) (*Driver, error) { - auth, err := aws.GetAuth(params.AccessKey, params.SecretKey, "", time.Time{}) - if err != nil { - return nil, fmt.Errorf("unable to resolve aws credentials, please ensure that 'accesskey' and 'secretkey' are properly set or the credentials are available in $HOME/.aws/credentials: %v", err) - } - - if !params.Secure { - params.Region.S3Endpoint = strings.Replace(params.Region.S3Endpoint, "https", "http", 1) - } - - s3obj := s3.New(auth, params.Region) - - if params.UserAgent != "" { - s3obj.Client = &http.Client{ - Transport: transport.NewTransport(http.DefaultTransport, - transport.NewHeaderRequestModifier(http.Header{ - http.CanonicalHeaderKey("User-Agent"): []string{params.UserAgent}, - }), - ), - } - } - - if params.V4Auth { - s3obj.Signature = aws.V4Signature - } else { - if params.Region.Name == "eu-central-1" { - return nil, fmt.Errorf("The eu-central-1 region only works with v4 authentication") - } - } - - bucket := s3obj.Bucket(params.Bucket) - - // TODO Currently multipart uploads have no timestamps, so this would be unwise - // if you initiated a new s3driver while another one is running on the same bucket. - // multis, _, err := bucket.ListMulti("", "") - // if err != nil { - // return nil, err - // } - - // for _, multi := range multis { - // err := multi.Abort() - // //TODO appropriate to do this error checking? - // if err != nil { - // return nil, err - // } - // } - - d := &driver{ - S3: s3obj, - Bucket: bucket, - ChunkSize: params.ChunkSize, - Encrypt: params.Encrypt, - RootDirectory: params.RootDirectory, - StorageClass: params.StorageClass, - } - - return &Driver{ - baseEmbed: baseEmbed{ - Base: base.Base{ - StorageDriver: d, - }, - }, - }, nil -} - -// Implement the storagedriver.StorageDriver interface - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - content, err := d.Bucket.Get(d.s3Path(path)) - if err != nil { - return nil, parseError(path, err) - } - return content, nil -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, path string, contents []byte) error { - return parseError(path, d.Bucket.Put(d.s3Path(path), contents, d.getContentType(), getPermissions(), d.getOptions())) -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - headers := make(http.Header) - headers.Add("Range", "bytes="+strconv.FormatInt(offset, 10)+"-") - - resp, err := d.Bucket.GetResponseWithHeaders(d.s3Path(path), headers) - if err != nil { - if s3Err, ok := err.(*s3.Error); ok && s3Err.Code == "InvalidRange" { - return ioutil.NopCloser(bytes.NewReader(nil)), nil - } - - return nil, parseError(path, err) - } - return resp.Body, nil -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - key := d.s3Path(path) - if !append { - // TODO (brianbland): cancel other uploads at this path - multi, err := d.Bucket.InitMulti(key, d.getContentType(), getPermissions(), d.getOptions()) - if err != nil { - return nil, err - } - return d.newWriter(key, multi, nil), nil - } - multis, _, err := d.Bucket.ListMulti(key, "") - if err != nil { - return nil, parseError(path, err) - } - for _, multi := range multis { - if key != multi.Key { - continue - } - parts, err := multi.ListParts() - if err != nil { - return nil, parseError(path, err) - } - var multiSize int64 - for _, part := range parts { - multiSize += part.Size - } - return d.newWriter(key, multi, parts), nil - } - return nil, storagedriver.PathNotFoundError{Path: path} -} - -// Stat retrieves the FileInfo for the given path, including the current size -// in bytes and the creation time. -func (d *driver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - listResponse, err := d.Bucket.List(d.s3Path(path), "", "", 1) - if err != nil { - return nil, err - } - - fi := storagedriver.FileInfoFields{ - Path: path, - } - - if len(listResponse.Contents) == 1 { - if listResponse.Contents[0].Key != d.s3Path(path) { - fi.IsDir = true - } else { - fi.IsDir = false - fi.Size = listResponse.Contents[0].Size - - timestamp, err := time.Parse(time.RFC3339Nano, listResponse.Contents[0].LastModified) - if err != nil { - return nil, err - } - fi.ModTime = timestamp - } - } else if len(listResponse.CommonPrefixes) == 1 { - fi.IsDir = true - } else { - return nil, storagedriver.PathNotFoundError{Path: path} - } - - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil -} - -// List returns a list of the objects that are direct descendants of the given path. -func (d *driver) List(ctx context.Context, opath string) ([]string, error) { - path := opath - if path != "/" && path[len(path)-1] != '/' { - path = path + "/" - } - - // This is to cover for the cases when the rootDirectory of the driver is either "" or "/". - // In those cases, there is no root prefix to replace and we must actually add a "/" to all - // results in order to keep them as valid paths as recognized by storagedriver.PathRegexp - prefix := "" - if d.s3Path("") == "" { - prefix = "/" - } - - listResponse, err := d.Bucket.List(d.s3Path(path), "/", "", listMax) - if err != nil { - return nil, parseError(opath, err) - } - - files := []string{} - directories := []string{} - - for { - for _, key := range listResponse.Contents { - files = append(files, strings.Replace(key.Key, d.s3Path(""), prefix, 1)) - } - - for _, commonPrefix := range listResponse.CommonPrefixes { - directories = append(directories, strings.Replace(commonPrefix[0:len(commonPrefix)-1], d.s3Path(""), prefix, 1)) - } - - if listResponse.IsTruncated { - listResponse, err = d.Bucket.List(d.s3Path(path), "/", listResponse.NextMarker, listMax) - if err != nil { - return nil, err - } - } else { - break - } - } - - if opath != "/" { - if len(files) == 0 && len(directories) == 0 { - // Treat empty response as missing directory, since we don't actually - // have directories in s3. - return nil, storagedriver.PathNotFoundError{Path: opath} - } - } - - return append(files, directories...), nil -} - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - /* This is terrible, but aws doesn't have an actual move. */ - _, err := d.Bucket.PutCopy(d.s3Path(destPath), getPermissions(), - s3.CopyOptions{Options: d.getOptions(), ContentType: d.getContentType()}, d.Bucket.Name+"/"+d.s3Path(sourcePath)) - if err != nil { - return parseError(sourcePath, err) - } - - return d.Delete(ctx, sourcePath) -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(ctx context.Context, path string) error { - s3Path := d.s3Path(path) - listResponse, err := d.Bucket.List(s3Path, "", "", listMax) - if err != nil || len(listResponse.Contents) == 0 { - return storagedriver.PathNotFoundError{Path: path} - } - - s3Objects := make([]s3.Object, listMax) - - for len(listResponse.Contents) > 0 { - numS3Objects := len(listResponse.Contents) - for index, key := range listResponse.Contents { - // Stop if we encounter a key that is not a subpath (so that deleting "/a" does not delete "/ab"). - if len(key.Key) > len(s3Path) && (key.Key)[len(s3Path)] != '/' { - numS3Objects = index - break - } - s3Objects[index].Key = key.Key - } - - err := d.Bucket.DelMulti(s3.Delete{Quiet: false, Objects: s3Objects[0:numS3Objects]}) - if err != nil { - return nil - } - - if numS3Objects < len(listResponse.Contents) { - return nil - } - - listResponse, err = d.Bucket.List(d.s3Path(path), "", "", listMax) - if err != nil { - return err - } - } - - return nil -} - -// URLFor returns a URL which may be used to retrieve the content stored at the given path. -// May return an UnsupportedMethodErr in certain StorageDriver implementations. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - methodString := "GET" - method, ok := options["method"] - if ok { - methodString, ok = method.(string) - if !ok || (methodString != "GET" && methodString != "HEAD") { - return "", storagedriver.ErrUnsupportedMethod{} - } - } - - expiresTime := time.Now().Add(20 * time.Minute) - expires, ok := options["expiry"] - if ok { - et, ok := expires.(time.Time) - if ok { - expiresTime = et - } - } - - return d.Bucket.SignedURLWithMethod(methodString, d.s3Path(path), expiresTime, nil, nil), nil -} - -func (d *driver) s3Path(path string) string { - return strings.TrimLeft(strings.TrimRight(d.RootDirectory, "/")+path, "/") -} - -// S3BucketKey returns the s3 bucket key for the given storage driver path. -func (d *Driver) S3BucketKey(path string) string { - return d.StorageDriver.(*driver).s3Path(path) -} - -func parseError(path string, err error) error { - if s3Err, ok := err.(*s3.Error); ok && s3Err.Code == "NoSuchKey" { - return storagedriver.PathNotFoundError{Path: path} - } - - return err -} - -func hasCode(err error, code string) bool { - s3err, ok := err.(*aws.Error) - return ok && s3err.Code == code -} - -func (d *driver) getOptions() s3.Options { - return s3.Options{ - SSE: d.Encrypt, - StorageClass: d.StorageClass, - } -} - -func getPermissions() s3.ACL { - return s3.Private -} - -func (d *driver) getContentType() string { - return "application/octet-stream" -} - -// writer attempts to upload parts to S3 in a buffered fashion where the last -// part is at least as large as the chunksize, so the multipart upload could be -// cleanly resumed in the future. This is violated if Close is called after less -// than a full chunk is written. -type writer struct { - driver *driver - key string - multi *s3.Multi - parts []s3.Part - size int64 - readyPart []byte - pendingPart []byte - closed bool - committed bool - cancelled bool -} - -func (d *driver) newWriter(key string, multi *s3.Multi, parts []s3.Part) storagedriver.FileWriter { - var size int64 - for _, part := range parts { - size += part.Size - } - return &writer{ - driver: d, - key: key, - multi: multi, - parts: parts, - size: size, - } -} - -func (w *writer) Write(p []byte) (int, error) { - if w.closed { - return 0, fmt.Errorf("already closed") - } else if w.committed { - return 0, fmt.Errorf("already committed") - } else if w.cancelled { - return 0, fmt.Errorf("already cancelled") - } - - // If the last written part is smaller than minChunkSize, we need to make a - // new multipart upload :sadface: - if len(w.parts) > 0 && int(w.parts[len(w.parts)-1].Size) < minChunkSize { - err := w.multi.Complete(w.parts) - if err != nil { - w.multi.Abort() - return 0, err - } - - multi, err := w.driver.Bucket.InitMulti(w.key, w.driver.getContentType(), getPermissions(), w.driver.getOptions()) - if err != nil { - return 0, err - } - w.multi = multi - - // If the entire written file is smaller than minChunkSize, we need to make - // a new part from scratch :double sad face: - if w.size < minChunkSize { - contents, err := w.driver.Bucket.Get(w.key) - if err != nil { - return 0, err - } - w.parts = nil - w.readyPart = contents - } else { - // Otherwise we can use the old file as the new first part - _, part, err := multi.PutPartCopy(1, s3.CopyOptions{}, w.driver.Bucket.Name+"/"+w.key) - if err != nil { - return 0, err - } - w.parts = []s3.Part{part} - } - } - - var n int - - for len(p) > 0 { - // If no parts are ready to write, fill up the first part - if neededBytes := int(w.driver.ChunkSize) - len(w.readyPart); neededBytes > 0 { - if len(p) >= neededBytes { - w.readyPart = append(w.readyPart, p[:neededBytes]...) - n += neededBytes - p = p[neededBytes:] - } else { - w.readyPart = append(w.readyPart, p...) - n += len(p) - p = nil - } - } - - if neededBytes := int(w.driver.ChunkSize) - len(w.pendingPart); neededBytes > 0 { - if len(p) >= neededBytes { - w.pendingPart = append(w.pendingPart, p[:neededBytes]...) - n += neededBytes - p = p[neededBytes:] - err := w.flushPart() - if err != nil { - w.size += int64(n) - return n, err - } - } else { - w.pendingPart = append(w.pendingPart, p...) - n += len(p) - p = nil - } - } - } - w.size += int64(n) - return n, nil -} - -func (w *writer) Size() int64 { - return w.size -} - -func (w *writer) Close() error { - if w.closed { - return fmt.Errorf("already closed") - } - w.closed = true - return w.flushPart() -} - -func (w *writer) Cancel() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } - w.cancelled = true - err := w.multi.Abort() - return err -} - -func (w *writer) Commit() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } else if w.cancelled { - return fmt.Errorf("already cancelled") - } - err := w.flushPart() - if err != nil { - return err - } - w.committed = true - err = w.multi.Complete(w.parts) - if err != nil { - w.multi.Abort() - return err - } - return nil -} - -// flushPart flushes buffers to write a part to S3. -// Only called by Write (with both buffers full) and Close/Commit (always) -func (w *writer) flushPart() error { - if len(w.readyPart) == 0 && len(w.pendingPart) == 0 { - // nothing to write - return nil - } - if len(w.pendingPart) < int(w.driver.ChunkSize) { - // closing with a small pending part - // combine ready and pending to avoid writing a small part - w.readyPart = append(w.readyPart, w.pendingPart...) - w.pendingPart = nil - } - - part, err := w.multi.PutPart(len(w.parts)+1, bytes.NewReader(w.readyPart)) - if err != nil { - return err - } - w.parts = append(w.parts, part) - w.readyPart = w.pendingPart - w.pendingPart = nil - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3_test.go deleted file mode 100644 index 352ec3f5..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/s3-goamz/s3_test.go +++ /dev/null @@ -1,201 +0,0 @@ -package s3 - -import ( - "io/ioutil" - "os" - "strconv" - "testing" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - "github.com/docker/goamz/aws" - "github.com/docker/goamz/s3" - - "gopkg.in/check.v1" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -var s3DriverConstructor func(rootDirectory string, storageClass s3.StorageClass) (*Driver, error) -var skipS3 func() string - -func init() { - accessKey := os.Getenv("AWS_ACCESS_KEY") - secretKey := os.Getenv("AWS_SECRET_KEY") - bucket := os.Getenv("S3_BUCKET") - encrypt := os.Getenv("S3_ENCRYPT") - secure := os.Getenv("S3_SECURE") - v4auth := os.Getenv("S3_USE_V4_AUTH") - region := os.Getenv("AWS_REGION") - root, err := ioutil.TempDir("", "driver-") - if err != nil { - panic(err) - } - defer os.Remove(root) - - s3DriverConstructor = func(rootDirectory string, storageClass s3.StorageClass) (*Driver, error) { - encryptBool := false - if encrypt != "" { - encryptBool, err = strconv.ParseBool(encrypt) - if err != nil { - return nil, err - } - } - - secureBool := true - if secure != "" { - secureBool, err = strconv.ParseBool(secure) - if err != nil { - return nil, err - } - } - - v4AuthBool := false - if v4auth != "" { - v4AuthBool, err = strconv.ParseBool(v4auth) - if err != nil { - return nil, err - } - } - - parameters := DriverParameters{ - accessKey, - secretKey, - bucket, - aws.GetRegion(region), - encryptBool, - secureBool, - v4AuthBool, - minChunkSize, - rootDirectory, - storageClass, - driverName + "-test", - } - - return New(parameters) - } - - // Skip S3 storage driver tests if environment variable parameters are not provided - skipS3 = func() string { - if accessKey == "" || secretKey == "" || region == "" || bucket == "" || encrypt == "" { - return "Must set AWS_ACCESS_KEY, AWS_SECRET_KEY, AWS_REGION, S3_BUCKET, and S3_ENCRYPT to run S3 tests" - } - return "" - } - - testsuites.RegisterSuite(func() (storagedriver.StorageDriver, error) { - return s3DriverConstructor(root, s3.StandardStorage) - }, skipS3) -} - -func TestEmptyRootList(t *testing.T) { - if skipS3() != "" { - t.Skip(skipS3()) - } - - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - rootedDriver, err := s3DriverConstructor(validRoot, s3.StandardStorage) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - emptyRootDriver, err := s3DriverConstructor("", s3.StandardStorage) - if err != nil { - t.Fatalf("unexpected error creating empty root driver: %v", err) - } - - slashRootDriver, err := s3DriverConstructor("/", s3.StandardStorage) - if err != nil { - t.Fatalf("unexpected error creating slash root driver: %v", err) - } - - filename := "/test" - contents := []byte("contents") - ctx := context.Background() - err = rootedDriver.PutContent(ctx, filename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer rootedDriver.Delete(ctx, filename) - - keys, err := emptyRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } - - keys, err = slashRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } -} - -func TestStorageClass(t *testing.T) { - if skipS3() != "" { - t.Skip(skipS3()) - } - - rootDir, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(rootDir) - - standardDriver, err := s3DriverConstructor(rootDir, s3.StandardStorage) - if err != nil { - t.Fatalf("unexpected error creating driver with standard storage: %v", err) - } - - rrDriver, err := s3DriverConstructor(rootDir, s3.ReducedRedundancy) - if err != nil { - t.Fatalf("unexpected error creating driver with reduced redundancy storage: %v", err) - } - - standardFilename := "/test-standard" - rrFilename := "/test-rr" - contents := []byte("contents") - ctx := context.Background() - - err = standardDriver.PutContent(ctx, standardFilename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer standardDriver.Delete(ctx, standardFilename) - - err = rrDriver.PutContent(ctx, rrFilename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - defer rrDriver.Delete(ctx, rrFilename) - - standardDriverUnwrapped := standardDriver.Base.StorageDriver.(*driver) - resp, err := standardDriverUnwrapped.Bucket.GetResponse(standardDriverUnwrapped.s3Path(standardFilename)) - if err != nil { - t.Fatalf("unexpected error retrieving standard storage file: %v", err) - } - defer resp.Body.Close() - // Amazon only populates this header value for non-standard storage classes - if storageClass := resp.Header.Get("x-amz-storage-class"); storageClass != "" { - t.Fatalf("unexpected storage class for standard file: %v", storageClass) - } - - rrDriverUnwrapped := rrDriver.Base.StorageDriver.(*driver) - resp, err = rrDriverUnwrapped.Bucket.GetResponse(rrDriverUnwrapped.s3Path(rrFilename)) - if err != nil { - t.Fatalf("unexpected error retrieving reduced-redundancy storage file: %v", err) - } - defer resp.Body.Close() - if storageClass := resp.Header.Get("x-amz-storage-class"); storageClass != string(s3.ReducedRedundancy) { - t.Fatalf("unexpected storage class for reduced-redundancy file: %v", storageClass) - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/storagedriver.go b/vendor/github.com/docker/distribution/registry/storage/driver/storagedriver.go deleted file mode 100644 index 548a17d8..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/storagedriver.go +++ /dev/null @@ -1,165 +0,0 @@ -package driver - -import ( - "fmt" - "io" - "regexp" - "strconv" - "strings" - - "github.com/docker/distribution/context" -) - -// Version is a string representing the storage driver version, of the form -// Major.Minor. -// The registry must accept storage drivers with equal major version and greater -// minor version, but may not be compatible with older storage driver versions. -type Version string - -// Major returns the major (primary) component of a version. -func (version Version) Major() uint { - majorPart := strings.Split(string(version), ".")[0] - major, _ := strconv.ParseUint(majorPart, 10, 0) - return uint(major) -} - -// Minor returns the minor (secondary) component of a version. -func (version Version) Minor() uint { - minorPart := strings.Split(string(version), ".")[1] - minor, _ := strconv.ParseUint(minorPart, 10, 0) - return uint(minor) -} - -// CurrentVersion is the current storage driver Version. -const CurrentVersion Version = "0.1" - -// StorageDriver defines methods that a Storage Driver must implement for a -// filesystem-like key/value object storage. Storage Drivers are automatically -// registered via an internal registration mechanism, and generally created -// via the StorageDriverFactory interface (https://godoc.org/github.com/docker/distribution/registry/storage/driver/factory). -// Please see the aforementioned factory package for example code showing how to get an instance -// of a StorageDriver -type StorageDriver interface { - // Name returns the human-readable "name" of the driver, useful in error - // messages and logging. By convention, this will just be the registration - // name, but drivers may provide other information here. - Name() string - - // GetContent retrieves the content stored at "path" as a []byte. - // This should primarily be used for small objects. - GetContent(ctx context.Context, path string) ([]byte, error) - - // PutContent stores the []byte content at a location designated by "path". - // This should primarily be used for small objects. - PutContent(ctx context.Context, path string, content []byte) error - - // Reader retrieves an io.ReadCloser for the content stored at "path" - // with a given byte offset. - // May be used to resume reading a stream by providing a nonzero offset. - Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) - - // Writer returns a FileWriter which will store the content written to it - // at the location designated by "path" after the call to Commit. - Writer(ctx context.Context, path string, append bool) (FileWriter, error) - - // Stat retrieves the FileInfo for the given path, including the current - // size in bytes and the creation time. - Stat(ctx context.Context, path string) (FileInfo, error) - - // List returns a list of the objects that are direct descendants of the - //given path. - List(ctx context.Context, path string) ([]string, error) - - // Move moves an object stored at sourcePath to destPath, removing the - // original object. - // Note: This may be no more efficient than a copy followed by a delete for - // many implementations. - Move(ctx context.Context, sourcePath string, destPath string) error - - // Delete recursively deletes all objects stored at "path" and its subpaths. - Delete(ctx context.Context, path string) error - - // URLFor returns a URL which may be used to retrieve the content stored at - // the given path, possibly using the given options. - // May return an ErrUnsupportedMethod in certain StorageDriver - // implementations. - URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) -} - -// FileWriter provides an abstraction for an opened writable file-like object in -// the storage backend. The FileWriter must flush all content written to it on -// the call to Close, but is only required to make its content readable on a -// call to Commit. -type FileWriter interface { - io.WriteCloser - - // Size returns the number of bytes written to this FileWriter. - Size() int64 - - // Cancel removes any written content from this FileWriter. - Cancel() error - - // Commit flushes all content written to this FileWriter and makes it - // available for future calls to StorageDriver.GetContent and - // StorageDriver.Reader. - Commit() error -} - -// PathRegexp is the regular expression which each file path must match. A -// file path is absolute, beginning with a slash and containing a positive -// number of path components separated by slashes, where each component is -// restricted to alphanumeric characters or a period, underscore, or -// hyphen. -var PathRegexp = regexp.MustCompile(`^(/[A-Za-z0-9._-]+)+$`) - -// ErrUnsupportedMethod may be returned in the case where a StorageDriver implementation does not support an optional method. -type ErrUnsupportedMethod struct { - DriverName string -} - -func (err ErrUnsupportedMethod) Error() string { - return fmt.Sprintf("%s: unsupported method", err.DriverName) -} - -// PathNotFoundError is returned when operating on a nonexistent path. -type PathNotFoundError struct { - Path string - DriverName string -} - -func (err PathNotFoundError) Error() string { - return fmt.Sprintf("%s: Path not found: %s", err.DriverName, err.Path) -} - -// InvalidPathError is returned when the provided path is malformed. -type InvalidPathError struct { - Path string - DriverName string -} - -func (err InvalidPathError) Error() string { - return fmt.Sprintf("%s: invalid path: %s", err.DriverName, err.Path) -} - -// InvalidOffsetError is returned when attempting to read or write from an -// invalid offset. -type InvalidOffsetError struct { - Path string - Offset int64 - DriverName string -} - -func (err InvalidOffsetError) Error() string { - return fmt.Sprintf("%s: invalid offset: %d for path: %s", err.DriverName, err.Offset, err.Path) -} - -// Error is a catch-all error type which captures an error string and -// the driver type on which it occurred. -type Error struct { - DriverName string - Enclosed error -} - -func (err Error) Error() string { - return fmt.Sprintf("%s: %s", err.DriverName, err.Enclosed) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/swift/swift.go b/vendor/github.com/docker/distribution/registry/storage/driver/swift/swift.go deleted file mode 100644 index 4b7aa4e9..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/swift/swift.go +++ /dev/null @@ -1,915 +0,0 @@ -// Package swift provides a storagedriver.StorageDriver implementation to -// store blobs in Openstack Swift object storage. -// -// This package leverages the ncw/swift client library for interfacing with -// Swift. -// -// It supports both TempAuth authentication and Keystone authentication -// (up to version 3). -// -// As Swift has a limit on the size of a single uploaded object (by default -// this is 5GB), the driver makes use of the Swift Large Object Support -// (http://docs.openstack.org/developer/swift/overview_large_objects.html). -// Only one container is used for both manifests and data objects. Manifests -// are stored in the 'files' pseudo directory, data objects are stored under -// 'segments'. -package swift - -import ( - "bufio" - "bytes" - "crypto/rand" - "crypto/sha1" - "crypto/tls" - "encoding/hex" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/url" - "strconv" - "strings" - "time" - - "github.com/mitchellh/mapstructure" - "github.com/ncw/swift" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/base" - "github.com/docker/distribution/registry/storage/driver/factory" - "github.com/docker/distribution/version" -) - -const driverName = "swift" - -// defaultChunkSize defines the default size of a segment -const defaultChunkSize = 20 * 1024 * 1024 - -// minChunkSize defines the minimum size of a segment -const minChunkSize = 1 << 20 - -// contentType defines the Content-Type header associated with stored segments -const contentType = "application/octet-stream" - -// readAfterWriteTimeout defines the time we wait before an object appears after having been uploaded -var readAfterWriteTimeout = 15 * time.Second - -// readAfterWriteWait defines the time to sleep between two retries -var readAfterWriteWait = 200 * time.Millisecond - -// Parameters A struct that encapsulates all of the driver parameters after all values have been set -type Parameters struct { - Username string - Password string - AuthURL string - Tenant string - TenantID string - Domain string - DomainID string - TenantDomain string - TenantDomainID string - TrustID string - Region string - AuthVersion int - Container string - Prefix string - EndpointType string - InsecureSkipVerify bool - ChunkSize int - SecretKey string - AccessKey string - TempURLContainerKey bool - TempURLMethods []string -} - -// swiftInfo maps the JSON structure returned by Swift /info endpoint -type swiftInfo struct { - Swift struct { - Version string `mapstructure:"version"` - } - Tempurl struct { - Methods []string `mapstructure:"methods"` - } - BulkDelete struct { - MaxDeletesPerRequest int `mapstructure:"max_deletes_per_request"` - } `mapstructure:"bulk_delete"` -} - -func init() { - factory.Register(driverName, &swiftDriverFactory{}) -} - -// swiftDriverFactory implements the factory.StorageDriverFactory interface -type swiftDriverFactory struct{} - -func (factory *swiftDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return FromParameters(parameters) -} - -type driver struct { - Conn *swift.Connection - Container string - Prefix string - BulkDeleteSupport bool - BulkDeleteMaxDeletes int - ChunkSize int - SecretKey string - AccessKey string - TempURLContainerKey bool - TempURLMethods []string -} - -type baseEmbed struct { - base.Base -} - -// Driver is a storagedriver.StorageDriver implementation backed by Openstack Swift -// Objects are stored at absolute keys in the provided container. -type Driver struct { - baseEmbed -} - -// FromParameters constructs a new Driver with a given parameters map -// Required parameters: -// - username -// - password -// - authurl -// - container -func FromParameters(parameters map[string]interface{}) (*Driver, error) { - params := Parameters{ - ChunkSize: defaultChunkSize, - InsecureSkipVerify: false, - } - - if err := mapstructure.Decode(parameters, ¶ms); err != nil { - return nil, err - } - - if params.Username == "" { - return nil, fmt.Errorf("No username parameter provided") - } - - if params.Password == "" { - return nil, fmt.Errorf("No password parameter provided") - } - - if params.AuthURL == "" { - return nil, fmt.Errorf("No authurl parameter provided") - } - - if params.Container == "" { - return nil, fmt.Errorf("No container parameter provided") - } - - if params.ChunkSize < minChunkSize { - return nil, fmt.Errorf("The chunksize %#v parameter should be a number that is larger than or equal to %d", params.ChunkSize, minChunkSize) - } - - return New(params) -} - -// New constructs a new Driver with the given Openstack Swift credentials and container name -func New(params Parameters) (*Driver, error) { - transport := &http.Transport{ - Proxy: http.ProxyFromEnvironment, - MaxIdleConnsPerHost: 2048, - TLSClientConfig: &tls.Config{InsecureSkipVerify: params.InsecureSkipVerify}, - } - - ct := &swift.Connection{ - UserName: params.Username, - ApiKey: params.Password, - AuthUrl: params.AuthURL, - Region: params.Region, - AuthVersion: params.AuthVersion, - UserAgent: "distribution/" + version.Version, - Tenant: params.Tenant, - TenantId: params.TenantID, - Domain: params.Domain, - DomainId: params.DomainID, - TenantDomain: params.TenantDomain, - TenantDomainId: params.TenantDomainID, - TrustId: params.TrustID, - EndpointType: swift.EndpointType(params.EndpointType), - Transport: transport, - ConnectTimeout: 60 * time.Second, - Timeout: 15 * 60 * time.Second, - } - err := ct.Authenticate() - if err != nil { - return nil, fmt.Errorf("Swift authentication failed: %s", err) - } - - if _, _, err := ct.Container(params.Container); err == swift.ContainerNotFound { - if err := ct.ContainerCreate(params.Container, nil); err != nil { - return nil, fmt.Errorf("Failed to create container %s (%s)", params.Container, err) - } - } else if err != nil { - return nil, fmt.Errorf("Failed to retrieve info about container %s (%s)", params.Container, err) - } - - d := &driver{ - Conn: ct, - Container: params.Container, - Prefix: params.Prefix, - ChunkSize: params.ChunkSize, - TempURLMethods: make([]string, 0), - AccessKey: params.AccessKey, - } - - info := swiftInfo{} - if config, err := d.Conn.QueryInfo(); err == nil { - _, d.BulkDeleteSupport = config["bulk_delete"] - - if err := mapstructure.Decode(config, &info); err == nil { - d.TempURLContainerKey = info.Swift.Version >= "2.3.0" - d.TempURLMethods = info.Tempurl.Methods - if d.BulkDeleteSupport { - d.BulkDeleteMaxDeletes = info.BulkDelete.MaxDeletesPerRequest - } - } - } else { - d.TempURLContainerKey = params.TempURLContainerKey - d.TempURLMethods = params.TempURLMethods - } - - if len(d.TempURLMethods) > 0 { - secretKey := params.SecretKey - if secretKey == "" { - secretKey, _ = generateSecret() - } - - // Since Swift 2.2.2, we can now set secret keys on containers - // in addition to the account secret keys. Use them in preference. - if d.TempURLContainerKey { - _, containerHeaders, err := d.Conn.Container(d.Container) - if err != nil { - return nil, fmt.Errorf("Failed to fetch container info %s (%s)", d.Container, err) - } - - d.SecretKey = containerHeaders["X-Container-Meta-Temp-Url-Key"] - if d.SecretKey == "" || (params.SecretKey != "" && d.SecretKey != params.SecretKey) { - m := swift.Metadata{} - m["temp-url-key"] = secretKey - if d.Conn.ContainerUpdate(d.Container, m.ContainerHeaders()); err == nil { - d.SecretKey = secretKey - } - } - } else { - // Use the account secret key - _, accountHeaders, err := d.Conn.Account() - if err != nil { - return nil, fmt.Errorf("Failed to fetch account info (%s)", err) - } - - d.SecretKey = accountHeaders["X-Account-Meta-Temp-Url-Key"] - if d.SecretKey == "" || (params.SecretKey != "" && d.SecretKey != params.SecretKey) { - m := swift.Metadata{} - m["temp-url-key"] = secretKey - if err := d.Conn.AccountUpdate(m.AccountHeaders()); err == nil { - d.SecretKey = secretKey - } - } - } - } - - return &Driver{ - baseEmbed: baseEmbed{ - Base: base.Base{ - StorageDriver: d, - }, - }, - }, nil -} - -// Implement the storagedriver.StorageDriver interface - -func (d *driver) Name() string { - return driverName -} - -// GetContent retrieves the content stored at "path" as a []byte. -func (d *driver) GetContent(ctx context.Context, path string) ([]byte, error) { - content, err := d.Conn.ObjectGetBytes(d.Container, d.swiftPath(path)) - if err == swift.ObjectNotFound { - return nil, storagedriver.PathNotFoundError{Path: path} - } - return content, err -} - -// PutContent stores the []byte content at a location designated by "path". -func (d *driver) PutContent(ctx context.Context, path string, contents []byte) error { - err := d.Conn.ObjectPutBytes(d.Container, d.swiftPath(path), contents, contentType) - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - return err -} - -// Reader retrieves an io.ReadCloser for the content stored at "path" with a -// given byte offset. -func (d *driver) Reader(ctx context.Context, path string, offset int64) (io.ReadCloser, error) { - headers := make(swift.Headers) - headers["Range"] = "bytes=" + strconv.FormatInt(offset, 10) + "-" - - waitingTime := readAfterWriteWait - endTime := time.Now().Add(readAfterWriteTimeout) - - for { - file, headers, err := d.Conn.ObjectOpen(d.Container, d.swiftPath(path), false, headers) - if err != nil { - if err == swift.ObjectNotFound { - return nil, storagedriver.PathNotFoundError{Path: path} - } - if swiftErr, ok := err.(*swift.Error); ok && swiftErr.StatusCode == http.StatusRequestedRangeNotSatisfiable { - return ioutil.NopCloser(bytes.NewReader(nil)), nil - } - return file, err - } - - //if this is a DLO and it is clear that segments are still missing, - //wait until they show up - _, isDLO := headers["X-Object-Manifest"] - size, err := file.Length() - if err != nil { - return file, err - } - if isDLO && size == 0 { - if time.Now().Add(waitingTime).After(endTime) { - return nil, fmt.Errorf("Timeout expired while waiting for segments of %s to show up", path) - } - time.Sleep(waitingTime) - waitingTime *= 2 - continue - } - - //if not, then this reader will be fine - return file, nil - } -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (d *driver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - var ( - segments []swift.Object - segmentsPath string - err error - ) - - if !append { - segmentsPath, err = d.swiftSegmentPath(path) - if err != nil { - return nil, err - } - } else { - info, headers, err := d.Conn.Object(d.Container, d.swiftPath(path)) - if err == swift.ObjectNotFound { - return nil, storagedriver.PathNotFoundError{Path: path} - } else if err != nil { - return nil, err - } - manifest, ok := headers["X-Object-Manifest"] - if !ok { - segmentsPath, err = d.swiftSegmentPath(path) - if err != nil { - return nil, err - } - if err := d.Conn.ObjectMove(d.Container, d.swiftPath(path), d.Container, getSegmentPath(segmentsPath, len(segments))); err != nil { - return nil, err - } - segments = []swift.Object{info} - } else { - _, segmentsPath = parseManifest(manifest) - if segments, err = d.getAllSegments(segmentsPath); err != nil { - return nil, err - } - } - } - - return d.newWriter(path, segmentsPath, segments), nil -} - -// Stat retrieves the FileInfo for the given path, including the current size -// in bytes and the creation time. -func (d *driver) Stat(ctx context.Context, path string) (storagedriver.FileInfo, error) { - swiftPath := d.swiftPath(path) - opts := &swift.ObjectsOpts{ - Prefix: swiftPath, - Delimiter: '/', - } - - objects, err := d.Conn.ObjectsAll(d.Container, opts) - if err != nil { - if err == swift.ContainerNotFound { - return nil, storagedriver.PathNotFoundError{Path: path} - } - return nil, err - } - - fi := storagedriver.FileInfoFields{ - Path: strings.TrimPrefix(strings.TrimSuffix(swiftPath, "/"), d.swiftPath("/")), - } - - for _, obj := range objects { - if obj.PseudoDirectory && obj.Name == swiftPath+"/" { - fi.IsDir = true - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil - } else if obj.Name == swiftPath { - // The file exists. But on Swift 1.12, the 'bytes' field is always 0 so - // we need to do a separate HEAD request. - break - } - } - - //Don't trust an empty `objects` slice. A container listing can be - //outdated. For files, we can make a HEAD request on the object which - //reports existence (at least) much more reliably. - waitingTime := readAfterWriteWait - endTime := time.Now().Add(readAfterWriteTimeout) - - for { - info, headers, err := d.Conn.Object(d.Container, swiftPath) - if err != nil { - if err == swift.ObjectNotFound { - return nil, storagedriver.PathNotFoundError{Path: path} - } - return nil, err - } - - //if this is a DLO and it is clear that segments are still missing, - //wait until they show up - _, isDLO := headers["X-Object-Manifest"] - if isDLO && info.Bytes == 0 { - if time.Now().Add(waitingTime).After(endTime) { - return nil, fmt.Errorf("Timeout expired while waiting for segments of %s to show up", path) - } - time.Sleep(waitingTime) - waitingTime *= 2 - continue - } - - //otherwise, accept the result - fi.IsDir = false - fi.Size = info.Bytes - fi.ModTime = info.LastModified - return storagedriver.FileInfoInternal{FileInfoFields: fi}, nil - } -} - -// List returns a list of the objects that are direct descendants of the given path. -func (d *driver) List(ctx context.Context, path string) ([]string, error) { - var files []string - - prefix := d.swiftPath(path) - if prefix != "" { - prefix += "/" - } - - opts := &swift.ObjectsOpts{ - Prefix: prefix, - Delimiter: '/', - } - - objects, err := d.Conn.ObjectsAll(d.Container, opts) - for _, obj := range objects { - files = append(files, strings.TrimPrefix(strings.TrimSuffix(obj.Name, "/"), d.swiftPath("/"))) - } - - if err == swift.ContainerNotFound || (len(objects) == 0 && path != "/") { - return files, storagedriver.PathNotFoundError{Path: path} - } - return files, err -} - -// Move moves an object stored at sourcePath to destPath, removing the original -// object. -func (d *driver) Move(ctx context.Context, sourcePath string, destPath string) error { - _, headers, err := d.Conn.Object(d.Container, d.swiftPath(sourcePath)) - if err == nil { - if manifest, ok := headers["X-Object-Manifest"]; ok { - if err = d.createManifest(destPath, manifest); err != nil { - return err - } - err = d.Conn.ObjectDelete(d.Container, d.swiftPath(sourcePath)) - } else { - err = d.Conn.ObjectMove(d.Container, d.swiftPath(sourcePath), d.Container, d.swiftPath(destPath)) - } - } - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: sourcePath} - } - return err -} - -// Delete recursively deletes all objects stored at "path" and its subpaths. -func (d *driver) Delete(ctx context.Context, path string) error { - opts := swift.ObjectsOpts{ - Prefix: d.swiftPath(path) + "/", - } - - objects, err := d.Conn.ObjectsAll(d.Container, &opts) - if err != nil { - if err == swift.ContainerNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - return err - } - - for _, obj := range objects { - if obj.PseudoDirectory { - continue - } - if _, headers, err := d.Conn.Object(d.Container, obj.Name); err == nil { - manifest, ok := headers["X-Object-Manifest"] - if ok { - _, prefix := parseManifest(manifest) - segments, err := d.getAllSegments(prefix) - if err != nil { - return err - } - objects = append(objects, segments...) - } - } else { - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: obj.Name} - } - return err - } - } - - if d.BulkDeleteSupport && len(objects) > 0 && d.BulkDeleteMaxDeletes > 0 { - filenames := make([]string, len(objects)) - for i, obj := range objects { - filenames[i] = obj.Name - } - - chunks, err := chunkFilenames(filenames, d.BulkDeleteMaxDeletes) - if err != nil { - return err - } - for _, chunk := range chunks { - _, err := d.Conn.BulkDelete(d.Container, chunk) - // Don't fail on ObjectNotFound because eventual consistency - // makes this situation normal. - if err != nil && err != swift.Forbidden && err != swift.ObjectNotFound { - if err == swift.ContainerNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - return err - } - } - } else { - for _, obj := range objects { - if err := d.Conn.ObjectDelete(d.Container, obj.Name); err != nil { - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: obj.Name} - } - return err - } - } - } - - _, _, err = d.Conn.Object(d.Container, d.swiftPath(path)) - if err == nil { - if err := d.Conn.ObjectDelete(d.Container, d.swiftPath(path)); err != nil { - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - return err - } - } else if err == swift.ObjectNotFound { - if len(objects) == 0 { - return storagedriver.PathNotFoundError{Path: path} - } - } else { - return err - } - return nil -} - -// URLFor returns a URL which may be used to retrieve the content stored at the given path. -func (d *driver) URLFor(ctx context.Context, path string, options map[string]interface{}) (string, error) { - if d.SecretKey == "" { - return "", storagedriver.ErrUnsupportedMethod{} - } - - methodString := "GET" - method, ok := options["method"] - if ok { - if methodString, ok = method.(string); !ok { - return "", storagedriver.ErrUnsupportedMethod{} - } - } - - if methodString == "HEAD" { - // A "HEAD" request on a temporary URL is allowed if the - // signature was generated with "GET", "POST" or "PUT" - methodString = "GET" - } - - supported := false - for _, method := range d.TempURLMethods { - if method == methodString { - supported = true - break - } - } - - if !supported { - return "", storagedriver.ErrUnsupportedMethod{} - } - - expiresTime := time.Now().Add(20 * time.Minute) - expires, ok := options["expiry"] - if ok { - et, ok := expires.(time.Time) - if ok { - expiresTime = et - } - } - - tempURL := d.Conn.ObjectTempUrl(d.Container, d.swiftPath(path), d.SecretKey, methodString, expiresTime) - - if d.AccessKey != "" { - // On HP Cloud, the signature must be in the form of tenant_id:access_key:signature - url, _ := url.Parse(tempURL) - query := url.Query() - query.Set("temp_url_sig", fmt.Sprintf("%s:%s:%s", d.Conn.TenantId, d.AccessKey, query.Get("temp_url_sig"))) - url.RawQuery = query.Encode() - tempURL = url.String() - } - - return tempURL, nil -} - -func (d *driver) swiftPath(path string) string { - return strings.TrimLeft(strings.TrimRight(d.Prefix+"/files"+path, "/"), "/") -} - -func (d *driver) swiftSegmentPath(path string) (string, error) { - checksum := sha1.New() - random := make([]byte, 32) - if _, err := rand.Read(random); err != nil { - return "", err - } - path = hex.EncodeToString(checksum.Sum(append([]byte(path), random...))) - return strings.TrimLeft(strings.TrimRight(d.Prefix+"/segments/"+path[0:3]+"/"+path[3:], "/"), "/"), nil -} - -func (d *driver) getAllSegments(path string) ([]swift.Object, error) { - //a simple container listing works 99.9% of the time - segments, err := d.Conn.ObjectsAll(d.Container, &swift.ObjectsOpts{Prefix: path}) - if err != nil { - if err == swift.ContainerNotFound { - return nil, storagedriver.PathNotFoundError{Path: path} - } - return nil, err - } - - //build a lookup table by object name - hasObjectName := make(map[string]struct{}) - for _, segment := range segments { - hasObjectName[segment.Name] = struct{}{} - } - - //The container listing might be outdated (i.e. not contain all existing - //segment objects yet) because of temporary inconsistency (Swift is only - //eventually consistent!). Check its completeness. - segmentNumber := 0 - for { - segmentNumber++ - segmentPath := getSegmentPath(path, segmentNumber) - - if _, seen := hasObjectName[segmentPath]; seen { - continue - } - - //This segment is missing in the container listing. Use a more reliable - //request to check its existence. (HEAD requests on segments are - //guaranteed to return the correct metadata, except for the pathological - //case of an outage of large parts of the Swift cluster or its network, - //since every segment is only written once.) - segment, _, err := d.Conn.Object(d.Container, segmentPath) - switch err { - case nil: - //found new segment -> keep going, more might be missing - segments = append(segments, segment) - continue - case swift.ObjectNotFound: - //This segment is missing. Since we upload segments sequentially, - //there won't be any more segments after it. - return segments, nil - default: - return nil, err //unexpected error - } - } -} - -func (d *driver) createManifest(path string, segments string) error { - headers := make(swift.Headers) - headers["X-Object-Manifest"] = segments - manifest, err := d.Conn.ObjectCreate(d.Container, d.swiftPath(path), false, "", contentType, headers) - if err != nil { - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - return err - } - if err := manifest.Close(); err != nil { - if err == swift.ObjectNotFound { - return storagedriver.PathNotFoundError{Path: path} - } - return err - } - return nil -} - -func chunkFilenames(slice []string, maxSize int) (chunks [][]string, err error) { - if maxSize > 0 { - for offset := 0; offset < len(slice); offset += maxSize { - chunkSize := maxSize - if offset+chunkSize > len(slice) { - chunkSize = len(slice) - offset - } - chunks = append(chunks, slice[offset:offset+chunkSize]) - } - } else { - return nil, fmt.Errorf("Max chunk size must be > 0") - } - return -} - -func parseManifest(manifest string) (container string, prefix string) { - components := strings.SplitN(manifest, "/", 2) - container = components[0] - if len(components) > 1 { - prefix = components[1] - } - return container, prefix -} - -func generateSecret() (string, error) { - var secretBytes [32]byte - if _, err := rand.Read(secretBytes[:]); err != nil { - return "", fmt.Errorf("could not generate random bytes for Swift secret key: %v", err) - } - return hex.EncodeToString(secretBytes[:]), nil -} - -func getSegmentPath(segmentsPath string, partNumber int) string { - return fmt.Sprintf("%s/%016d", segmentsPath, partNumber) -} - -type writer struct { - driver *driver - path string - segmentsPath string - size int64 - bw *bufio.Writer - closed bool - committed bool - cancelled bool -} - -func (d *driver) newWriter(path, segmentsPath string, segments []swift.Object) storagedriver.FileWriter { - var size int64 - for _, segment := range segments { - size += segment.Bytes - } - return &writer{ - driver: d, - path: path, - segmentsPath: segmentsPath, - size: size, - bw: bufio.NewWriterSize(&segmentWriter{ - conn: d.Conn, - container: d.Container, - segmentsPath: segmentsPath, - segmentNumber: len(segments) + 1, - maxChunkSize: d.ChunkSize, - }, d.ChunkSize), - } -} - -func (w *writer) Write(p []byte) (int, error) { - if w.closed { - return 0, fmt.Errorf("already closed") - } else if w.committed { - return 0, fmt.Errorf("already committed") - } else if w.cancelled { - return 0, fmt.Errorf("already cancelled") - } - - n, err := w.bw.Write(p) - w.size += int64(n) - return n, err -} - -func (w *writer) Size() int64 { - return w.size -} - -func (w *writer) Close() error { - if w.closed { - return fmt.Errorf("already closed") - } - - if err := w.bw.Flush(); err != nil { - return err - } - - if !w.committed && !w.cancelled { - if err := w.driver.createManifest(w.path, w.driver.Container+"/"+w.segmentsPath); err != nil { - return err - } - if err := w.waitForSegmentsToShowUp(); err != nil { - return err - } - } - w.closed = true - - return nil -} - -func (w *writer) Cancel() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } - w.cancelled = true - return w.driver.Delete(context.Background(), w.path) -} - -func (w *writer) Commit() error { - if w.closed { - return fmt.Errorf("already closed") - } else if w.committed { - return fmt.Errorf("already committed") - } else if w.cancelled { - return fmt.Errorf("already cancelled") - } - - if err := w.bw.Flush(); err != nil { - return err - } - - if err := w.driver.createManifest(w.path, w.driver.Container+"/"+w.segmentsPath); err != nil { - return err - } - - w.committed = true - return w.waitForSegmentsToShowUp() -} - -func (w *writer) waitForSegmentsToShowUp() error { - var err error - waitingTime := readAfterWriteWait - endTime := time.Now().Add(readAfterWriteTimeout) - - for { - var info swift.Object - if info, _, err = w.driver.Conn.Object(w.driver.Container, w.driver.swiftPath(w.path)); err == nil { - if info.Bytes == w.size { - break - } - err = fmt.Errorf("Timeout expired while waiting for segments of %s to show up", w.path) - } - if time.Now().Add(waitingTime).After(endTime) { - break - } - time.Sleep(waitingTime) - waitingTime *= 2 - } - - return err -} - -type segmentWriter struct { - conn *swift.Connection - container string - segmentsPath string - segmentNumber int - maxChunkSize int -} - -func (sw *segmentWriter) Write(p []byte) (int, error) { - n := 0 - for offset := 0; offset < len(p); offset += sw.maxChunkSize { - chunkSize := sw.maxChunkSize - if offset+chunkSize > len(p) { - chunkSize = len(p) - offset - } - _, err := sw.conn.ObjectPut(sw.container, getSegmentPath(sw.segmentsPath, sw.segmentNumber), bytes.NewReader(p[offset:offset+chunkSize]), false, "", contentType, nil) - if err != nil { - return n, err - } - - sw.segmentNumber++ - n += chunkSize - } - - return n, nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/swift/swift_test.go b/vendor/github.com/docker/distribution/registry/storage/driver/swift/swift_test.go deleted file mode 100644 index dcd5e4ff..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/swift/swift_test.go +++ /dev/null @@ -1,245 +0,0 @@ -package swift - -import ( - "io/ioutil" - "os" - "reflect" - "strconv" - "strings" - "testing" - - "github.com/ncw/swift/swifttest" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/testsuites" - - "gopkg.in/check.v1" -) - -// Hook up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -var swiftDriverConstructor func(prefix string) (*Driver, error) - -func init() { - var ( - username string - password string - authURL string - tenant string - tenantID string - domain string - domainID string - tenantDomain string - tenantDomainID string - trustID string - container string - region string - AuthVersion int - endpointType string - insecureSkipVerify bool - secretKey string - accessKey string - containerKey bool - tempURLMethods []string - - swiftServer *swifttest.SwiftServer - err error - ) - username = os.Getenv("SWIFT_USERNAME") - password = os.Getenv("SWIFT_PASSWORD") - authURL = os.Getenv("SWIFT_AUTH_URL") - tenant = os.Getenv("SWIFT_TENANT_NAME") - tenantID = os.Getenv("SWIFT_TENANT_ID") - domain = os.Getenv("SWIFT_DOMAIN_NAME") - domainID = os.Getenv("SWIFT_DOMAIN_ID") - tenantDomain = os.Getenv("SWIFT_DOMAIN_NAME") - tenantDomainID = os.Getenv("SWIFT_DOMAIN_ID") - trustID = os.Getenv("SWIFT_TRUST_ID") - container = os.Getenv("SWIFT_CONTAINER_NAME") - region = os.Getenv("SWIFT_REGION_NAME") - AuthVersion, _ = strconv.Atoi(os.Getenv("SWIFT_AUTH_VERSION")) - endpointType = os.Getenv("SWIFT_ENDPOINT_TYPE") - insecureSkipVerify, _ = strconv.ParseBool(os.Getenv("SWIFT_INSECURESKIPVERIFY")) - secretKey = os.Getenv("SWIFT_SECRET_KEY") - accessKey = os.Getenv("SWIFT_ACCESS_KEY") - containerKey, _ = strconv.ParseBool(os.Getenv("SWIFT_TEMPURL_CONTAINERKEY")) - tempURLMethods = strings.Split(os.Getenv("SWIFT_TEMPURL_METHODS"), ",") - - if username == "" || password == "" || authURL == "" || container == "" { - if swiftServer, err = swifttest.NewSwiftServer("localhost"); err != nil { - panic(err) - } - username = "swifttest" - password = "swifttest" - authURL = swiftServer.AuthURL - container = "test" - } - - prefix, err := ioutil.TempDir("", "driver-") - if err != nil { - panic(err) - } - defer os.Remove(prefix) - - swiftDriverConstructor = func(root string) (*Driver, error) { - parameters := Parameters{ - username, - password, - authURL, - tenant, - tenantID, - domain, - domainID, - tenantDomain, - tenantDomainID, - trustID, - region, - AuthVersion, - container, - root, - endpointType, - insecureSkipVerify, - defaultChunkSize, - secretKey, - accessKey, - containerKey, - tempURLMethods, - } - - return New(parameters) - } - - driverConstructor := func() (storagedriver.StorageDriver, error) { - return swiftDriverConstructor(prefix) - } - - testsuites.RegisterSuite(driverConstructor, testsuites.NeverSkip) -} - -func TestEmptyRootList(t *testing.T) { - validRoot, err := ioutil.TempDir("", "driver-") - if err != nil { - t.Fatalf("unexpected error creating temporary directory: %v", err) - } - defer os.Remove(validRoot) - - rootedDriver, err := swiftDriverConstructor(validRoot) - if err != nil { - t.Fatalf("unexpected error creating rooted driver: %v", err) - } - - emptyRootDriver, err := swiftDriverConstructor("") - if err != nil { - t.Fatalf("unexpected error creating empty root driver: %v", err) - } - - slashRootDriver, err := swiftDriverConstructor("/") - if err != nil { - t.Fatalf("unexpected error creating slash root driver: %v", err) - } - - filename := "/test" - contents := []byte("contents") - ctx := context.Background() - err = rootedDriver.PutContent(ctx, filename, contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - - keys, err := emptyRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } - - keys, err = slashRootDriver.List(ctx, "/") - for _, path := range keys { - if !storagedriver.PathRegexp.MatchString(path) { - t.Fatalf("unexpected string in path: %q != %q", path, storagedriver.PathRegexp) - } - } - - // Create an object with a path nested under the existing object - err = rootedDriver.PutContent(ctx, filename+"/file1", contents) - if err != nil { - t.Fatalf("unexpected error creating content: %v", err) - } - - err = rootedDriver.Delete(ctx, filename) - if err != nil { - t.Fatalf("failed to delete: %v", err) - } - - keys, err = rootedDriver.List(ctx, "/") - if err != nil { - t.Fatalf("failed to list objects after deletion: %v", err) - } - - if len(keys) != 0 { - t.Fatal("delete did not remove nested objects") - } -} - -func TestFilenameChunking(t *testing.T) { - // Test valid input and sizes - input := []string{"a", "b", "c", "d", "e"} - expecteds := [][][]string{ - { - {"a"}, - {"b"}, - {"c"}, - {"d"}, - {"e"}, - }, - { - {"a", "b"}, - {"c", "d"}, - {"e"}, - }, - { - {"a", "b", "c"}, - {"d", "e"}, - }, - { - {"a", "b", "c", "d"}, - {"e"}, - }, - { - {"a", "b", "c", "d", "e"}, - }, - { - {"a", "b", "c", "d", "e"}, - }, - } - for i, expected := range expecteds { - actual, err := chunkFilenames(input, i+1) - if !reflect.DeepEqual(actual, expected) { - t.Fatalf("chunk %v didn't match expected value %v", actual, expected) - } - if err != nil { - t.Fatalf("unexpected error chunking filenames: %v", err) - } - } - - // Test nil input - actual, err := chunkFilenames(nil, 5) - if len(actual) != 0 { - t.Fatal("chunks were returned when passed nil") - } - if err != nil { - t.Fatalf("unexpected error chunking filenames: %v", err) - } - - // Test 0 and < 0 sizes - actual, err = chunkFilenames(nil, 0) - if err == nil { - t.Fatal("expected error for size = 0") - } - actual, err = chunkFilenames(nil, -1) - if err == nil { - t.Fatal("expected error for size = -1") - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/testdriver/testdriver.go b/vendor/github.com/docker/distribution/registry/storage/driver/testdriver/testdriver.go deleted file mode 100644 index 988e5d33..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/testdriver/testdriver.go +++ /dev/null @@ -1,71 +0,0 @@ -package testdriver - -import ( - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/factory" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -const driverName = "testdriver" - -func init() { - factory.Register(driverName, &testDriverFactory{}) -} - -// testDriverFactory implements the factory.StorageDriverFactory interface. -type testDriverFactory struct{} - -func (factory *testDriverFactory) Create(parameters map[string]interface{}) (storagedriver.StorageDriver, error) { - return New(), nil -} - -// TestDriver is a StorageDriver for testing purposes. The Writer returned by this driver -// simulates the case where Write operations are buffered. This causes the value returned by Size to lag -// behind until Close (or Commit, or Cancel) is called. -type TestDriver struct { - storagedriver.StorageDriver -} - -type testFileWriter struct { - storagedriver.FileWriter - prevchunk []byte -} - -var _ storagedriver.StorageDriver = &TestDriver{} - -// New constructs a new StorageDriver for testing purposes. The Writer returned by this driver -// simulates the case where Write operations are buffered. This causes the value returned by Size to lag -// behind until Close (or Commit, or Cancel) is called. -func New() *TestDriver { - return &TestDriver{StorageDriver: inmemory.New()} -} - -// Writer returns a FileWriter which will store the content written to it -// at the location designated by "path" after the call to Commit. -func (td *TestDriver) Writer(ctx context.Context, path string, append bool) (storagedriver.FileWriter, error) { - fw, err := td.StorageDriver.Writer(ctx, path, append) - return &testFileWriter{FileWriter: fw}, err -} - -func (tfw *testFileWriter) Write(p []byte) (int, error) { - _, err := tfw.FileWriter.Write(tfw.prevchunk) - tfw.prevchunk = make([]byte, len(p)) - copy(tfw.prevchunk, p) - return len(p), err -} - -func (tfw *testFileWriter) Close() error { - tfw.Write(nil) - return tfw.FileWriter.Close() -} - -func (tfw *testFileWriter) Cancel() error { - tfw.Write(nil) - return tfw.FileWriter.Cancel() -} - -func (tfw *testFileWriter) Commit() error { - tfw.Write(nil) - return tfw.FileWriter.Commit() -} diff --git a/vendor/github.com/docker/distribution/registry/storage/driver/testsuites/testsuites.go b/vendor/github.com/docker/distribution/registry/storage/driver/testsuites/testsuites.go deleted file mode 100644 index d8afe0c8..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/driver/testsuites/testsuites.go +++ /dev/null @@ -1,1273 +0,0 @@ -package testsuites - -import ( - "bytes" - "crypto/sha1" - "io" - "io/ioutil" - "math/rand" - "net/http" - "os" - "path" - "sort" - "strings" - "sync" - "testing" - "time" - - "gopkg.in/check.v1" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -// Test hooks up gocheck into the "go test" runner. -func Test(t *testing.T) { check.TestingT(t) } - -// RegisterSuite registers an in-process storage driver test suite with -// the go test runner. -func RegisterSuite(driverConstructor DriverConstructor, skipCheck SkipCheck) { - check.Suite(&DriverSuite{ - Constructor: driverConstructor, - SkipCheck: skipCheck, - ctx: context.Background(), - }) -} - -// SkipCheck is a function used to determine if a test suite should be skipped. -// If a SkipCheck returns a non-empty skip reason, the suite is skipped with -// the given reason. -type SkipCheck func() (reason string) - -// NeverSkip is a default SkipCheck which never skips the suite. -var NeverSkip SkipCheck = func() string { return "" } - -// DriverConstructor is a function which returns a new -// storagedriver.StorageDriver. -type DriverConstructor func() (storagedriver.StorageDriver, error) - -// DriverTeardown is a function which cleans up a suite's -// storagedriver.StorageDriver. -type DriverTeardown func() error - -// DriverSuite is a gocheck test suite designed to test a -// storagedriver.StorageDriver. The intended way to create a DriverSuite is -// with RegisterSuite. -type DriverSuite struct { - Constructor DriverConstructor - Teardown DriverTeardown - SkipCheck - storagedriver.StorageDriver - ctx context.Context -} - -// SetUpSuite sets up the gocheck test suite. -func (suite *DriverSuite) SetUpSuite(c *check.C) { - if reason := suite.SkipCheck(); reason != "" { - c.Skip(reason) - } - d, err := suite.Constructor() - c.Assert(err, check.IsNil) - suite.StorageDriver = d -} - -// TearDownSuite tears down the gocheck test suite. -func (suite *DriverSuite) TearDownSuite(c *check.C) { - if suite.Teardown != nil { - err := suite.Teardown() - c.Assert(err, check.IsNil) - } -} - -// TearDownTest tears down the gocheck test. -// This causes the suite to abort if any files are left around in the storage -// driver. -func (suite *DriverSuite) TearDownTest(c *check.C) { - files, _ := suite.StorageDriver.List(suite.ctx, "/") - if len(files) > 0 { - c.Fatalf("Storage driver did not clean up properly. Offending files: %#v", files) - } -} - -// TestRootExists ensures that all storage drivers have a root path by default. -func (suite *DriverSuite) TestRootExists(c *check.C) { - _, err := suite.StorageDriver.List(suite.ctx, "/") - if err != nil { - c.Fatalf(`the root path "/" should always exist: %v`, err) - } -} - -// TestValidPaths checks that various valid file paths are accepted by the -// storage driver. -func (suite *DriverSuite) TestValidPaths(c *check.C) { - contents := randomContents(64) - validFiles := []string{ - "/a", - "/2", - "/aa", - "/a.a", - "/0-9/abcdefg", - "/abcdefg/z.75", - "/abc/1.2.3.4.5-6_zyx/123.z/4", - "/docker/docker-registry", - "/123.abc", - "/abc./abc", - "/.abc", - "/a--b", - "/a-.b", - "/_.abc", - "/Docker/docker-registry", - "/Abc/Cba"} - - for _, filename := range validFiles { - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - defer suite.deletePath(c, firstPart(filename)) - c.Assert(err, check.IsNil) - - received, err := suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.IsNil) - c.Assert(received, check.DeepEquals, contents) - } -} - -func (suite *DriverSuite) deletePath(c *check.C, path string) { - for tries := 2; tries > 0; tries-- { - err := suite.StorageDriver.Delete(suite.ctx, path) - if _, ok := err.(storagedriver.PathNotFoundError); ok { - err = nil - } - c.Assert(err, check.IsNil) - paths, err := suite.StorageDriver.List(suite.ctx, path) - if len(paths) == 0 { - break - } - time.Sleep(time.Second * 2) - } -} - -// TestInvalidPaths checks that various invalid file paths are rejected by the -// storage driver. -func (suite *DriverSuite) TestInvalidPaths(c *check.C) { - contents := randomContents(64) - invalidFiles := []string{ - "", - "/", - "abc", - "123.abc", - "//bcd", - "/abc_123/"} - - for _, filename := range invalidFiles { - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - // only delete if file was successfully written - if err == nil { - defer suite.deletePath(c, firstPart(filename)) - } - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.InvalidPathError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.InvalidPathError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - } -} - -// TestWriteRead1 tests a simple write-read workflow. -func (suite *DriverSuite) TestWriteRead1(c *check.C) { - filename := randomPath(32) - contents := []byte("a") - suite.writeReadCompare(c, filename, contents) -} - -// TestWriteRead2 tests a simple write-read workflow with unicode data. -func (suite *DriverSuite) TestWriteRead2(c *check.C) { - filename := randomPath(32) - contents := []byte("\xc3\x9f") - suite.writeReadCompare(c, filename, contents) -} - -// TestWriteRead3 tests a simple write-read workflow with a small string. -func (suite *DriverSuite) TestWriteRead3(c *check.C) { - filename := randomPath(32) - contents := randomContents(32) - suite.writeReadCompare(c, filename, contents) -} - -// TestWriteRead4 tests a simple write-read workflow with 1MB of data. -func (suite *DriverSuite) TestWriteRead4(c *check.C) { - filename := randomPath(32) - contents := randomContents(1024 * 1024) - suite.writeReadCompare(c, filename, contents) -} - -// TestWriteReadNonUTF8 tests that non-utf8 data may be written to the storage -// driver safely. -func (suite *DriverSuite) TestWriteReadNonUTF8(c *check.C) { - filename := randomPath(32) - contents := []byte{0x80, 0x80, 0x80, 0x80} - suite.writeReadCompare(c, filename, contents) -} - -// TestTruncate tests that putting smaller contents than an original file does -// remove the excess contents. -func (suite *DriverSuite) TestTruncate(c *check.C) { - filename := randomPath(32) - contents := randomContents(1024 * 1024) - suite.writeReadCompare(c, filename, contents) - - contents = randomContents(1024) - suite.writeReadCompare(c, filename, contents) -} - -// TestReadNonexistent tests reading content from an empty path. -func (suite *DriverSuite) TestReadNonexistent(c *check.C) { - filename := randomPath(32) - _, err := suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestWriteReadStreams1 tests a simple write-read streaming workflow. -func (suite *DriverSuite) TestWriteReadStreams1(c *check.C) { - filename := randomPath(32) - contents := []byte("a") - suite.writeReadCompareStreams(c, filename, contents) -} - -// TestWriteReadStreams2 tests a simple write-read streaming workflow with -// unicode data. -func (suite *DriverSuite) TestWriteReadStreams2(c *check.C) { - filename := randomPath(32) - contents := []byte("\xc3\x9f") - suite.writeReadCompareStreams(c, filename, contents) -} - -// TestWriteReadStreams3 tests a simple write-read streaming workflow with a -// small amount of data. -func (suite *DriverSuite) TestWriteReadStreams3(c *check.C) { - filename := randomPath(32) - contents := randomContents(32) - suite.writeReadCompareStreams(c, filename, contents) -} - -// TestWriteReadStreams4 tests a simple write-read streaming workflow with 1MB -// of data. -func (suite *DriverSuite) TestWriteReadStreams4(c *check.C) { - filename := randomPath(32) - contents := randomContents(1024 * 1024) - suite.writeReadCompareStreams(c, filename, contents) -} - -// TestWriteReadStreamsNonUTF8 tests that non-utf8 data may be written to the -// storage driver safely. -func (suite *DriverSuite) TestWriteReadStreamsNonUTF8(c *check.C) { - filename := randomPath(32) - contents := []byte{0x80, 0x80, 0x80, 0x80} - suite.writeReadCompareStreams(c, filename, contents) -} - -// TestWriteReadLargeStreams tests that a 5GB file may be written to the storage -// driver safely. -func (suite *DriverSuite) TestWriteReadLargeStreams(c *check.C) { - if testing.Short() { - c.Skip("Skipping test in short mode") - } - - filename := randomPath(32) - defer suite.deletePath(c, firstPart(filename)) - - checksum := sha1.New() - var fileSize int64 = 5 * 1024 * 1024 * 1024 - - contents := newRandReader(fileSize) - - writer, err := suite.StorageDriver.Writer(suite.ctx, filename, false) - c.Assert(err, check.IsNil) - written, err := io.Copy(writer, io.TeeReader(contents, checksum)) - c.Assert(err, check.IsNil) - c.Assert(written, check.Equals, fileSize) - - err = writer.Commit() - c.Assert(err, check.IsNil) - err = writer.Close() - c.Assert(err, check.IsNil) - - reader, err := suite.StorageDriver.Reader(suite.ctx, filename, 0) - c.Assert(err, check.IsNil) - defer reader.Close() - - writtenChecksum := sha1.New() - io.Copy(writtenChecksum, reader) - - c.Assert(writtenChecksum.Sum(nil), check.DeepEquals, checksum.Sum(nil)) -} - -// TestReaderWithOffset tests that the appropriate data is streamed when -// reading with a given offset. -func (suite *DriverSuite) TestReaderWithOffset(c *check.C) { - filename := randomPath(32) - defer suite.deletePath(c, firstPart(filename)) - - chunkSize := int64(32) - - contentsChunk1 := randomContents(chunkSize) - contentsChunk2 := randomContents(chunkSize) - contentsChunk3 := randomContents(chunkSize) - - err := suite.StorageDriver.PutContent(suite.ctx, filename, append(append(contentsChunk1, contentsChunk2...), contentsChunk3...)) - c.Assert(err, check.IsNil) - - reader, err := suite.StorageDriver.Reader(suite.ctx, filename, 0) - c.Assert(err, check.IsNil) - defer reader.Close() - - readContents, err := ioutil.ReadAll(reader) - c.Assert(err, check.IsNil) - - c.Assert(readContents, check.DeepEquals, append(append(contentsChunk1, contentsChunk2...), contentsChunk3...)) - - reader, err = suite.StorageDriver.Reader(suite.ctx, filename, chunkSize) - c.Assert(err, check.IsNil) - defer reader.Close() - - readContents, err = ioutil.ReadAll(reader) - c.Assert(err, check.IsNil) - - c.Assert(readContents, check.DeepEquals, append(contentsChunk2, contentsChunk3...)) - - reader, err = suite.StorageDriver.Reader(suite.ctx, filename, chunkSize*2) - c.Assert(err, check.IsNil) - defer reader.Close() - - readContents, err = ioutil.ReadAll(reader) - c.Assert(err, check.IsNil) - c.Assert(readContents, check.DeepEquals, contentsChunk3) - - // Ensure we get invalid offest for negative offsets. - reader, err = suite.StorageDriver.Reader(suite.ctx, filename, -1) - c.Assert(err, check.FitsTypeOf, storagedriver.InvalidOffsetError{}) - c.Assert(err.(storagedriver.InvalidOffsetError).Offset, check.Equals, int64(-1)) - c.Assert(err.(storagedriver.InvalidOffsetError).Path, check.Equals, filename) - c.Assert(reader, check.IsNil) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - // Read past the end of the content and make sure we get a reader that - // returns 0 bytes and io.EOF - reader, err = suite.StorageDriver.Reader(suite.ctx, filename, chunkSize*3) - c.Assert(err, check.IsNil) - defer reader.Close() - - buf := make([]byte, chunkSize) - n, err := reader.Read(buf) - c.Assert(err, check.Equals, io.EOF) - c.Assert(n, check.Equals, 0) - - // Check the N-1 boundary condition, ensuring we get 1 byte then io.EOF. - reader, err = suite.StorageDriver.Reader(suite.ctx, filename, chunkSize*3-1) - c.Assert(err, check.IsNil) - defer reader.Close() - - n, err = reader.Read(buf) - c.Assert(n, check.Equals, 1) - - // We don't care whether the io.EOF comes on the this read or the first - // zero read, but the only error acceptable here is io.EOF. - if err != nil { - c.Assert(err, check.Equals, io.EOF) - } - - // Any more reads should result in zero bytes and io.EOF - n, err = reader.Read(buf) - c.Assert(n, check.Equals, 0) - c.Assert(err, check.Equals, io.EOF) -} - -// TestContinueStreamAppendLarge tests that a stream write can be appended to without -// corrupting the data with a large chunk size. -func (suite *DriverSuite) TestContinueStreamAppendLarge(c *check.C) { - suite.testContinueStreamAppend(c, int64(10*1024*1024)) -} - -// TestContinueStreamAppendSmall is the same as TestContinueStreamAppendLarge, but only -// with a tiny chunk size in order to test corner cases for some cloud storage drivers. -func (suite *DriverSuite) TestContinueStreamAppendSmall(c *check.C) { - suite.testContinueStreamAppend(c, int64(32)) -} - -func (suite *DriverSuite) testContinueStreamAppend(c *check.C, chunkSize int64) { - filename := randomPath(32) - defer suite.deletePath(c, firstPart(filename)) - - contentsChunk1 := randomContents(chunkSize) - contentsChunk2 := randomContents(chunkSize) - contentsChunk3 := randomContents(chunkSize) - - fullContents := append(append(contentsChunk1, contentsChunk2...), contentsChunk3...) - - writer, err := suite.StorageDriver.Writer(suite.ctx, filename, false) - c.Assert(err, check.IsNil) - nn, err := io.Copy(writer, bytes.NewReader(contentsChunk1)) - c.Assert(err, check.IsNil) - c.Assert(nn, check.Equals, int64(len(contentsChunk1))) - - err = writer.Close() - c.Assert(err, check.IsNil) - - curSize := writer.Size() - c.Assert(curSize, check.Equals, int64(len(contentsChunk1))) - - writer, err = suite.StorageDriver.Writer(suite.ctx, filename, true) - c.Assert(err, check.IsNil) - c.Assert(writer.Size(), check.Equals, curSize) - - nn, err = io.Copy(writer, bytes.NewReader(contentsChunk2)) - c.Assert(err, check.IsNil) - c.Assert(nn, check.Equals, int64(len(contentsChunk2))) - - err = writer.Close() - c.Assert(err, check.IsNil) - - curSize = writer.Size() - c.Assert(curSize, check.Equals, 2*chunkSize) - - writer, err = suite.StorageDriver.Writer(suite.ctx, filename, true) - c.Assert(err, check.IsNil) - c.Assert(writer.Size(), check.Equals, curSize) - - nn, err = io.Copy(writer, bytes.NewReader(fullContents[curSize:])) - c.Assert(err, check.IsNil) - c.Assert(nn, check.Equals, int64(len(fullContents[curSize:]))) - - err = writer.Commit() - c.Assert(err, check.IsNil) - err = writer.Close() - c.Assert(err, check.IsNil) - - received, err := suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.IsNil) - c.Assert(received, check.DeepEquals, fullContents) -} - -// TestReadNonexistentStream tests that reading a stream for a nonexistent path -// fails. -func (suite *DriverSuite) TestReadNonexistentStream(c *check.C) { - filename := randomPath(32) - - _, err := suite.StorageDriver.Reader(suite.ctx, filename, 0) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.Reader(suite.ctx, filename, 64) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestList checks the returned list of keys after populating a directory tree. -func (suite *DriverSuite) TestList(c *check.C) { - rootDirectory := "/" + randomFilename(int64(8+rand.Intn(8))) - defer suite.deletePath(c, rootDirectory) - - doesnotexist := path.Join(rootDirectory, "nonexistent") - _, err := suite.StorageDriver.List(suite.ctx, doesnotexist) - c.Assert(err, check.Equals, storagedriver.PathNotFoundError{ - Path: doesnotexist, - DriverName: suite.StorageDriver.Name(), - }) - - parentDirectory := rootDirectory + "/" + randomFilename(int64(8+rand.Intn(8))) - childFiles := make([]string, 50) - for i := 0; i < len(childFiles); i++ { - childFile := parentDirectory + "/" + randomFilename(int64(8+rand.Intn(8))) - childFiles[i] = childFile - err := suite.StorageDriver.PutContent(suite.ctx, childFile, randomContents(32)) - c.Assert(err, check.IsNil) - } - sort.Strings(childFiles) - - keys, err := suite.StorageDriver.List(suite.ctx, "/") - c.Assert(err, check.IsNil) - c.Assert(keys, check.DeepEquals, []string{rootDirectory}) - - keys, err = suite.StorageDriver.List(suite.ctx, rootDirectory) - c.Assert(err, check.IsNil) - c.Assert(keys, check.DeepEquals, []string{parentDirectory}) - - keys, err = suite.StorageDriver.List(suite.ctx, parentDirectory) - c.Assert(err, check.IsNil) - - sort.Strings(keys) - c.Assert(keys, check.DeepEquals, childFiles) - - // A few checks to add here (check out #819 for more discussion on this): - // 1. Ensure that all paths are absolute. - // 2. Ensure that listings only include direct children. - // 3. Ensure that we only respond to directory listings that end with a slash (maybe?). -} - -// TestMove checks that a moved object no longer exists at the source path and -// does exist at the destination. -func (suite *DriverSuite) TestMove(c *check.C) { - contents := randomContents(32) - sourcePath := randomPath(32) - destPath := randomPath(32) - - defer suite.deletePath(c, firstPart(sourcePath)) - defer suite.deletePath(c, firstPart(destPath)) - - err := suite.StorageDriver.PutContent(suite.ctx, sourcePath, contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Move(suite.ctx, sourcePath, destPath) - c.Assert(err, check.IsNil) - - received, err := suite.StorageDriver.GetContent(suite.ctx, destPath) - c.Assert(err, check.IsNil) - c.Assert(received, check.DeepEquals, contents) - - _, err = suite.StorageDriver.GetContent(suite.ctx, sourcePath) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestMoveOverwrite checks that a moved object no longer exists at the source -// path and overwrites the contents at the destination. -func (suite *DriverSuite) TestMoveOverwrite(c *check.C) { - sourcePath := randomPath(32) - destPath := randomPath(32) - sourceContents := randomContents(32) - destContents := randomContents(64) - - defer suite.deletePath(c, firstPart(sourcePath)) - defer suite.deletePath(c, firstPart(destPath)) - - err := suite.StorageDriver.PutContent(suite.ctx, sourcePath, sourceContents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, destPath, destContents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Move(suite.ctx, sourcePath, destPath) - c.Assert(err, check.IsNil) - - received, err := suite.StorageDriver.GetContent(suite.ctx, destPath) - c.Assert(err, check.IsNil) - c.Assert(received, check.DeepEquals, sourceContents) - - _, err = suite.StorageDriver.GetContent(suite.ctx, sourcePath) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestMoveNonexistent checks that moving a nonexistent key fails and does not -// delete the data at the destination path. -func (suite *DriverSuite) TestMoveNonexistent(c *check.C) { - contents := randomContents(32) - sourcePath := randomPath(32) - destPath := randomPath(32) - - defer suite.deletePath(c, firstPart(destPath)) - - err := suite.StorageDriver.PutContent(suite.ctx, destPath, contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Move(suite.ctx, sourcePath, destPath) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - received, err := suite.StorageDriver.GetContent(suite.ctx, destPath) - c.Assert(err, check.IsNil) - c.Assert(received, check.DeepEquals, contents) -} - -// TestMoveInvalid provides various checks for invalid moves. -func (suite *DriverSuite) TestMoveInvalid(c *check.C) { - contents := randomContents(32) - - // Create a regular file. - err := suite.StorageDriver.PutContent(suite.ctx, "/notadir", contents) - c.Assert(err, check.IsNil) - defer suite.deletePath(c, "/notadir") - - // Now try to move a non-existent file under it. - err = suite.StorageDriver.Move(suite.ctx, "/notadir/foo", "/notadir/bar") - c.Assert(err, check.NotNil) // non-nil error -} - -// TestDelete checks that the delete operation removes data from the storage -// driver -func (suite *DriverSuite) TestDelete(c *check.C) { - filename := randomPath(32) - contents := randomContents(32) - - defer suite.deletePath(c, firstPart(filename)) - - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Delete(suite.ctx, filename) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestURLFor checks that the URLFor method functions properly, but only if it -// is implemented -func (suite *DriverSuite) TestURLFor(c *check.C) { - filename := randomPath(32) - contents := randomContents(32) - - defer suite.deletePath(c, firstPart(filename)) - - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - c.Assert(err, check.IsNil) - - url, err := suite.StorageDriver.URLFor(suite.ctx, filename, nil) - if _, ok := err.(storagedriver.ErrUnsupportedMethod); ok { - return - } - c.Assert(err, check.IsNil) - - response, err := http.Get(url) - c.Assert(err, check.IsNil) - defer response.Body.Close() - - read, err := ioutil.ReadAll(response.Body) - c.Assert(err, check.IsNil) - c.Assert(read, check.DeepEquals, contents) - - url, err = suite.StorageDriver.URLFor(suite.ctx, filename, map[string]interface{}{"method": "HEAD"}) - if _, ok := err.(storagedriver.ErrUnsupportedMethod); ok { - return - } - c.Assert(err, check.IsNil) - - response, err = http.Head(url) - c.Assert(response.StatusCode, check.Equals, 200) - c.Assert(response.ContentLength, check.Equals, int64(32)) -} - -// TestDeleteNonexistent checks that removing a nonexistent key fails. -func (suite *DriverSuite) TestDeleteNonexistent(c *check.C) { - filename := randomPath(32) - err := suite.StorageDriver.Delete(suite.ctx, filename) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestDeleteFolder checks that deleting a folder removes all child elements. -func (suite *DriverSuite) TestDeleteFolder(c *check.C) { - dirname := randomPath(32) - filename1 := randomPath(32) - filename2 := randomPath(32) - filename3 := randomPath(32) - contents := randomContents(32) - - defer suite.deletePath(c, firstPart(dirname)) - - err := suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, filename1), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, filename2), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, filename3), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Delete(suite.ctx, path.Join(dirname, filename1)) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename1)) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename2)) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename3)) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Delete(suite.ctx, dirname) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename1)) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename2)) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename3)) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) -} - -// TestDeleteOnlyDeletesSubpaths checks that deleting path A does not -// delete path B when A is a prefix of B but B is not a subpath of A (so that -// deleting "/a" does not delete "/ab"). This matters for services like S3 that -// do not implement directories. -func (suite *DriverSuite) TestDeleteOnlyDeletesSubpaths(c *check.C) { - dirname := randomPath(32) - filename := randomPath(32) - contents := randomContents(32) - - defer suite.deletePath(c, firstPart(dirname)) - - err := suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, filename), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, filename+"suffix"), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, dirname, filename), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, path.Join(dirname, dirname+"suffix", filename), contents) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Delete(suite.ctx, path.Join(dirname, filename)) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename)) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, filename+"suffix")) - c.Assert(err, check.IsNil) - - err = suite.StorageDriver.Delete(suite.ctx, path.Join(dirname, dirname)) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, dirname, filename)) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - - _, err = suite.StorageDriver.GetContent(suite.ctx, path.Join(dirname, dirname+"suffix", filename)) - c.Assert(err, check.IsNil) -} - -// TestStatCall runs verifies the implementation of the storagedriver's Stat call. -func (suite *DriverSuite) TestStatCall(c *check.C) { - content := randomContents(4096) - dirPath := randomPath(32) - fileName := randomFilename(32) - filePath := path.Join(dirPath, fileName) - - defer suite.deletePath(c, firstPart(dirPath)) - - // Call on non-existent file/dir, check error. - fi, err := suite.StorageDriver.Stat(suite.ctx, dirPath) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - c.Assert(fi, check.IsNil) - - fi, err = suite.StorageDriver.Stat(suite.ctx, filePath) - c.Assert(err, check.NotNil) - c.Assert(err, check.FitsTypeOf, storagedriver.PathNotFoundError{}) - c.Assert(strings.Contains(err.Error(), suite.Name()), check.Equals, true) - c.Assert(fi, check.IsNil) - - err = suite.StorageDriver.PutContent(suite.ctx, filePath, content) - c.Assert(err, check.IsNil) - - // Call on regular file, check results - fi, err = suite.StorageDriver.Stat(suite.ctx, filePath) - c.Assert(err, check.IsNil) - c.Assert(fi, check.NotNil) - c.Assert(fi.Path(), check.Equals, filePath) - c.Assert(fi.Size(), check.Equals, int64(len(content))) - c.Assert(fi.IsDir(), check.Equals, false) - createdTime := fi.ModTime() - - // Sleep and modify the file - time.Sleep(time.Second * 10) - content = randomContents(4096) - err = suite.StorageDriver.PutContent(suite.ctx, filePath, content) - c.Assert(err, check.IsNil) - fi, err = suite.StorageDriver.Stat(suite.ctx, filePath) - c.Assert(err, check.IsNil) - c.Assert(fi, check.NotNil) - time.Sleep(time.Second * 5) // allow changes to propagate (eventual consistency) - - // Check if the modification time is after the creation time. - // In case of cloud storage services, storage frontend nodes might have - // time drift between them, however that should be solved with sleeping - // before update. - modTime := fi.ModTime() - if !modTime.After(createdTime) { - c.Errorf("modtime (%s) is before the creation time (%s)", modTime, createdTime) - } - - // Call on directory (do not check ModTime as dirs don't need to support it) - fi, err = suite.StorageDriver.Stat(suite.ctx, dirPath) - c.Assert(err, check.IsNil) - c.Assert(fi, check.NotNil) - c.Assert(fi.Path(), check.Equals, dirPath) - c.Assert(fi.Size(), check.Equals, int64(0)) - c.Assert(fi.IsDir(), check.Equals, true) -} - -// TestPutContentMultipleTimes checks that if storage driver can overwrite the content -// in the subsequent puts. Validates that PutContent does not have to work -// with an offset like Writer does and overwrites the file entirely -// rather than writing the data to the [0,len(data)) of the file. -func (suite *DriverSuite) TestPutContentMultipleTimes(c *check.C) { - filename := randomPath(32) - contents := randomContents(4096) - - defer suite.deletePath(c, firstPart(filename)) - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - c.Assert(err, check.IsNil) - - contents = randomContents(2048) // upload a different, smaller file - err = suite.StorageDriver.PutContent(suite.ctx, filename, contents) - c.Assert(err, check.IsNil) - - readContents, err := suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.IsNil) - c.Assert(readContents, check.DeepEquals, contents) -} - -// TestConcurrentStreamReads checks that multiple clients can safely read from -// the same file simultaneously with various offsets. -func (suite *DriverSuite) TestConcurrentStreamReads(c *check.C) { - var filesize int64 = 128 * 1024 * 1024 - - if testing.Short() { - filesize = 10 * 1024 * 1024 - c.Log("Reducing file size to 10MB for short mode") - } - - filename := randomPath(32) - contents := randomContents(filesize) - - defer suite.deletePath(c, firstPart(filename)) - - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - c.Assert(err, check.IsNil) - - var wg sync.WaitGroup - - readContents := func() { - defer wg.Done() - offset := rand.Int63n(int64(len(contents))) - reader, err := suite.StorageDriver.Reader(suite.ctx, filename, offset) - c.Assert(err, check.IsNil) - - readContents, err := ioutil.ReadAll(reader) - c.Assert(err, check.IsNil) - c.Assert(readContents, check.DeepEquals, contents[offset:]) - } - - wg.Add(10) - for i := 0; i < 10; i++ { - go readContents() - } - wg.Wait() -} - -// TestConcurrentFileStreams checks that multiple *os.File objects can be passed -// in to Writer concurrently without hanging. -func (suite *DriverSuite) TestConcurrentFileStreams(c *check.C) { - numStreams := 32 - - if testing.Short() { - numStreams = 8 - c.Log("Reducing number of streams to 8 for short mode") - } - - var wg sync.WaitGroup - - testStream := func(size int64) { - defer wg.Done() - suite.testFileStreams(c, size) - } - - wg.Add(numStreams) - for i := numStreams; i > 0; i-- { - go testStream(int64(numStreams) * 1024 * 1024) - } - - wg.Wait() -} - -// TODO (brianbland): evaluate the relevancy of this test -// TestEventualConsistency checks that if stat says that a file is a certain size, then -// you can freely read from the file (this is the only guarantee that the driver needs to provide) -// func (suite *DriverSuite) TestEventualConsistency(c *check.C) { -// if testing.Short() { -// c.Skip("Skipping test in short mode") -// } -// -// filename := randomPath(32) -// defer suite.deletePath(c, firstPart(filename)) -// -// var offset int64 -// var misswrites int -// var chunkSize int64 = 32 -// -// for i := 0; i < 1024; i++ { -// contents := randomContents(chunkSize) -// read, err := suite.StorageDriver.Writer(suite.ctx, filename, offset, bytes.NewReader(contents)) -// c.Assert(err, check.IsNil) -// -// fi, err := suite.StorageDriver.Stat(suite.ctx, filename) -// c.Assert(err, check.IsNil) -// -// // We are most concerned with being able to read data as soon as Stat declares -// // it is uploaded. This is the strongest guarantee that some drivers (that guarantee -// // at best eventual consistency) absolutely need to provide. -// if fi.Size() == offset+chunkSize { -// reader, err := suite.StorageDriver.Reader(suite.ctx, filename, offset) -// c.Assert(err, check.IsNil) -// -// readContents, err := ioutil.ReadAll(reader) -// c.Assert(err, check.IsNil) -// -// c.Assert(readContents, check.DeepEquals, contents) -// -// reader.Close() -// offset += read -// } else { -// misswrites++ -// } -// } -// -// if misswrites > 0 { -// c.Log("There were " + string(misswrites) + " occurrences of a write not being instantly available.") -// } -// -// c.Assert(misswrites, check.Not(check.Equals), 1024) -// } - -// BenchmarkPutGetEmptyFiles benchmarks PutContent/GetContent for 0B files -func (suite *DriverSuite) BenchmarkPutGetEmptyFiles(c *check.C) { - suite.benchmarkPutGetFiles(c, 0) -} - -// BenchmarkPutGet1KBFiles benchmarks PutContent/GetContent for 1KB files -func (suite *DriverSuite) BenchmarkPutGet1KBFiles(c *check.C) { - suite.benchmarkPutGetFiles(c, 1024) -} - -// BenchmarkPutGet1MBFiles benchmarks PutContent/GetContent for 1MB files -func (suite *DriverSuite) BenchmarkPutGet1MBFiles(c *check.C) { - suite.benchmarkPutGetFiles(c, 1024*1024) -} - -// BenchmarkPutGet1GBFiles benchmarks PutContent/GetContent for 1GB files -func (suite *DriverSuite) BenchmarkPutGet1GBFiles(c *check.C) { - suite.benchmarkPutGetFiles(c, 1024*1024*1024) -} - -func (suite *DriverSuite) benchmarkPutGetFiles(c *check.C, size int64) { - c.SetBytes(size) - parentDir := randomPath(8) - defer func() { - c.StopTimer() - suite.StorageDriver.Delete(suite.ctx, firstPart(parentDir)) - }() - - for i := 0; i < c.N; i++ { - filename := path.Join(parentDir, randomPath(32)) - err := suite.StorageDriver.PutContent(suite.ctx, filename, randomContents(size)) - c.Assert(err, check.IsNil) - - _, err = suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.IsNil) - } -} - -// BenchmarkStreamEmptyFiles benchmarks Writer/Reader for 0B files -func (suite *DriverSuite) BenchmarkStreamEmptyFiles(c *check.C) { - suite.benchmarkStreamFiles(c, 0) -} - -// BenchmarkStream1KBFiles benchmarks Writer/Reader for 1KB files -func (suite *DriverSuite) BenchmarkStream1KBFiles(c *check.C) { - suite.benchmarkStreamFiles(c, 1024) -} - -// BenchmarkStream1MBFiles benchmarks Writer/Reader for 1MB files -func (suite *DriverSuite) BenchmarkStream1MBFiles(c *check.C) { - suite.benchmarkStreamFiles(c, 1024*1024) -} - -// BenchmarkStream1GBFiles benchmarks Writer/Reader for 1GB files -func (suite *DriverSuite) BenchmarkStream1GBFiles(c *check.C) { - suite.benchmarkStreamFiles(c, 1024*1024*1024) -} - -func (suite *DriverSuite) benchmarkStreamFiles(c *check.C, size int64) { - c.SetBytes(size) - parentDir := randomPath(8) - defer func() { - c.StopTimer() - suite.StorageDriver.Delete(suite.ctx, firstPart(parentDir)) - }() - - for i := 0; i < c.N; i++ { - filename := path.Join(parentDir, randomPath(32)) - writer, err := suite.StorageDriver.Writer(suite.ctx, filename, false) - c.Assert(err, check.IsNil) - written, err := io.Copy(writer, bytes.NewReader(randomContents(size))) - c.Assert(err, check.IsNil) - c.Assert(written, check.Equals, size) - - err = writer.Commit() - c.Assert(err, check.IsNil) - err = writer.Close() - c.Assert(err, check.IsNil) - - rc, err := suite.StorageDriver.Reader(suite.ctx, filename, 0) - c.Assert(err, check.IsNil) - rc.Close() - } -} - -// BenchmarkList5Files benchmarks List for 5 small files -func (suite *DriverSuite) BenchmarkList5Files(c *check.C) { - suite.benchmarkListFiles(c, 5) -} - -// BenchmarkList50Files benchmarks List for 50 small files -func (suite *DriverSuite) BenchmarkList50Files(c *check.C) { - suite.benchmarkListFiles(c, 50) -} - -func (suite *DriverSuite) benchmarkListFiles(c *check.C, numFiles int64) { - parentDir := randomPath(8) - defer func() { - c.StopTimer() - suite.StorageDriver.Delete(suite.ctx, firstPart(parentDir)) - }() - - for i := int64(0); i < numFiles; i++ { - err := suite.StorageDriver.PutContent(suite.ctx, path.Join(parentDir, randomPath(32)), nil) - c.Assert(err, check.IsNil) - } - - c.ResetTimer() - for i := 0; i < c.N; i++ { - files, err := suite.StorageDriver.List(suite.ctx, parentDir) - c.Assert(err, check.IsNil) - c.Assert(int64(len(files)), check.Equals, numFiles) - } -} - -// BenchmarkDelete5Files benchmarks Delete for 5 small files -func (suite *DriverSuite) BenchmarkDelete5Files(c *check.C) { - suite.benchmarkDeleteFiles(c, 5) -} - -// BenchmarkDelete50Files benchmarks Delete for 50 small files -func (suite *DriverSuite) BenchmarkDelete50Files(c *check.C) { - suite.benchmarkDeleteFiles(c, 50) -} - -func (suite *DriverSuite) benchmarkDeleteFiles(c *check.C, numFiles int64) { - for i := 0; i < c.N; i++ { - parentDir := randomPath(8) - defer suite.deletePath(c, firstPart(parentDir)) - - c.StopTimer() - for j := int64(0); j < numFiles; j++ { - err := suite.StorageDriver.PutContent(suite.ctx, path.Join(parentDir, randomPath(32)), nil) - c.Assert(err, check.IsNil) - } - c.StartTimer() - - // This is the operation we're benchmarking - err := suite.StorageDriver.Delete(suite.ctx, firstPart(parentDir)) - c.Assert(err, check.IsNil) - } -} - -func (suite *DriverSuite) testFileStreams(c *check.C, size int64) { - tf, err := ioutil.TempFile("", "tf") - c.Assert(err, check.IsNil) - defer os.Remove(tf.Name()) - defer tf.Close() - - filename := randomPath(32) - defer suite.deletePath(c, firstPart(filename)) - - contents := randomContents(size) - - _, err = tf.Write(contents) - c.Assert(err, check.IsNil) - - tf.Sync() - tf.Seek(0, os.SEEK_SET) - - writer, err := suite.StorageDriver.Writer(suite.ctx, filename, false) - c.Assert(err, check.IsNil) - nn, err := io.Copy(writer, tf) - c.Assert(err, check.IsNil) - c.Assert(nn, check.Equals, size) - - err = writer.Commit() - c.Assert(err, check.IsNil) - err = writer.Close() - c.Assert(err, check.IsNil) - - reader, err := suite.StorageDriver.Reader(suite.ctx, filename, 0) - c.Assert(err, check.IsNil) - defer reader.Close() - - readContents, err := ioutil.ReadAll(reader) - c.Assert(err, check.IsNil) - - c.Assert(readContents, check.DeepEquals, contents) -} - -func (suite *DriverSuite) writeReadCompare(c *check.C, filename string, contents []byte) { - defer suite.deletePath(c, firstPart(filename)) - - err := suite.StorageDriver.PutContent(suite.ctx, filename, contents) - c.Assert(err, check.IsNil) - - readContents, err := suite.StorageDriver.GetContent(suite.ctx, filename) - c.Assert(err, check.IsNil) - - c.Assert(readContents, check.DeepEquals, contents) -} - -func (suite *DriverSuite) writeReadCompareStreams(c *check.C, filename string, contents []byte) { - defer suite.deletePath(c, firstPart(filename)) - - writer, err := suite.StorageDriver.Writer(suite.ctx, filename, false) - c.Assert(err, check.IsNil) - nn, err := io.Copy(writer, bytes.NewReader(contents)) - c.Assert(err, check.IsNil) - c.Assert(nn, check.Equals, int64(len(contents))) - - err = writer.Commit() - c.Assert(err, check.IsNil) - err = writer.Close() - c.Assert(err, check.IsNil) - - reader, err := suite.StorageDriver.Reader(suite.ctx, filename, 0) - c.Assert(err, check.IsNil) - defer reader.Close() - - readContents, err := ioutil.ReadAll(reader) - c.Assert(err, check.IsNil) - - c.Assert(readContents, check.DeepEquals, contents) -} - -var filenameChars = []byte("abcdefghijklmnopqrstuvwxyz0123456789") -var separatorChars = []byte("._-") - -func randomPath(length int64) string { - path := "/" - for int64(len(path)) < length { - chunkLength := rand.Int63n(length-int64(len(path))) + 1 - chunk := randomFilename(chunkLength) - path += chunk - remaining := length - int64(len(path)) - if remaining == 1 { - path += randomFilename(1) - } else if remaining > 1 { - path += "/" - } - } - return path -} - -func randomFilename(length int64) string { - b := make([]byte, length) - wasSeparator := true - for i := range b { - if !wasSeparator && i < len(b)-1 && rand.Intn(4) == 0 { - b[i] = separatorChars[rand.Intn(len(separatorChars))] - wasSeparator = true - } else { - b[i] = filenameChars[rand.Intn(len(filenameChars))] - wasSeparator = false - } - } - return string(b) -} - -// randomBytes pre-allocates all of the memory sizes needed for the test. If -// anything panics while accessing randomBytes, just make this number bigger. -var randomBytes = make([]byte, 128<<20) - -func init() { - _, _ = rand.Read(randomBytes) // always returns len(randomBytes) and nil error -} - -func randomContents(length int64) []byte { - return randomBytes[:length] -} - -type randReader struct { - r int64 - m sync.Mutex -} - -func (rr *randReader) Read(p []byte) (n int, err error) { - rr.m.Lock() - defer rr.m.Unlock() - - toread := int64(len(p)) - if toread > rr.r { - toread = rr.r - } - n = copy(p, randomContents(toread)) - rr.r -= int64(n) - - if rr.r <= 0 { - err = io.EOF - } - - return -} - -func newRandReader(n int64) *randReader { - return &randReader{r: n} -} - -func firstPart(filePath string) string { - if filePath == "" { - return "/" - } - for { - if filePath[len(filePath)-1] == '/' { - filePath = filePath[:len(filePath)-1] - } - - dir, file := path.Split(filePath) - if dir == "" && file == "" { - return "/" - } - if dir == "/" || dir == "" { - return "/" + file - } - if file == "" { - return dir - } - filePath = dir - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/filereader.go b/vendor/github.com/docker/distribution/registry/storage/filereader.go deleted file mode 100644 index 3b06c817..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/filereader.go +++ /dev/null @@ -1,177 +0,0 @@ -package storage - -import ( - "bufio" - "bytes" - "fmt" - "io" - "io/ioutil" - "os" - - "github.com/docker/distribution/context" - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -// TODO(stevvooe): Set an optimal buffer size here. We'll have to -// understand the latency characteristics of the underlying network to -// set this correctly, so we may want to leave it to the driver. For -// out of process drivers, we'll have to optimize this buffer size for -// local communication. -const fileReaderBufferSize = 4 << 20 - -// remoteFileReader provides a read seeker interface to files stored in -// storagedriver. Used to implement part of layer interface and will be used -// to implement read side of LayerUpload. -type fileReader struct { - driver storagedriver.StorageDriver - - ctx context.Context - - // identifying fields - path string - size int64 // size is the total size, must be set. - - // mutable fields - rc io.ReadCloser // remote read closer - brd *bufio.Reader // internal buffered io - offset int64 // offset is the current read offset - err error // terminal error, if set, reader is closed -} - -// newFileReader initializes a file reader for the remote file. The reader -// takes on the size and path that must be determined externally with a stat -// call. The reader operates optimistically, assuming that the file is already -// there. -func newFileReader(ctx context.Context, driver storagedriver.StorageDriver, path string, size int64) (*fileReader, error) { - return &fileReader{ - ctx: ctx, - driver: driver, - path: path, - size: size, - }, nil -} - -func (fr *fileReader) Read(p []byte) (n int, err error) { - if fr.err != nil { - return 0, fr.err - } - - rd, err := fr.reader() - if err != nil { - return 0, err - } - - n, err = rd.Read(p) - fr.offset += int64(n) - - // Simulate io.EOR error if we reach filesize. - if err == nil && fr.offset >= fr.size { - err = io.EOF - } - - return n, err -} - -func (fr *fileReader) Seek(offset int64, whence int) (int64, error) { - if fr.err != nil { - return 0, fr.err - } - - var err error - newOffset := fr.offset - - switch whence { - case os.SEEK_CUR: - newOffset += int64(offset) - case os.SEEK_END: - newOffset = fr.size + int64(offset) - case os.SEEK_SET: - newOffset = int64(offset) - } - - if newOffset < 0 { - err = fmt.Errorf("cannot seek to negative position") - } else { - if fr.offset != newOffset { - fr.reset() - } - - // No problems, set the offset. - fr.offset = newOffset - } - - return fr.offset, err -} - -func (fr *fileReader) Close() error { - return fr.closeWithErr(fmt.Errorf("fileReader: closed")) -} - -// reader prepares the current reader at the lrs offset, ensuring its buffered -// and ready to go. -func (fr *fileReader) reader() (io.Reader, error) { - if fr.err != nil { - return nil, fr.err - } - - if fr.rc != nil { - return fr.brd, nil - } - - // If we don't have a reader, open one up. - rc, err := fr.driver.Reader(fr.ctx, fr.path, fr.offset) - if err != nil { - switch err := err.(type) { - case storagedriver.PathNotFoundError: - // NOTE(stevvooe): If the path is not found, we simply return a - // reader that returns io.EOF. However, we do not set fr.rc, - // allowing future attempts at getting a reader to possibly - // succeed if the file turns up later. - return ioutil.NopCloser(bytes.NewReader([]byte{})), nil - default: - return nil, err - } - } - - fr.rc = rc - - if fr.brd == nil { - fr.brd = bufio.NewReaderSize(fr.rc, fileReaderBufferSize) - } else { - fr.brd.Reset(fr.rc) - } - - return fr.brd, nil -} - -// resetReader resets the reader, forcing the read method to open up a new -// connection and rebuild the buffered reader. This should be called when the -// offset and the reader will become out of sync, such as during a seek -// operation. -func (fr *fileReader) reset() { - if fr.err != nil { - return - } - if fr.rc != nil { - fr.rc.Close() - fr.rc = nil - } -} - -func (fr *fileReader) closeWithErr(err error) error { - if fr.err != nil { - return fr.err - } - - fr.err = err - - // close and release reader chain - if fr.rc != nil { - fr.rc.Close() - } - - fr.rc = nil - fr.brd = nil - - return fr.err -} diff --git a/vendor/github.com/docker/distribution/registry/storage/filereader_test.go b/vendor/github.com/docker/distribution/registry/storage/filereader_test.go deleted file mode 100644 index 5926020c..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/filereader_test.go +++ /dev/null @@ -1,198 +0,0 @@ -package storage - -import ( - "bytes" - "io" - mrand "math/rand" - "os" - "testing" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -func TestSimpleRead(t *testing.T) { - ctx := context.Background() - content := make([]byte, 1<<20) - n, err := mrand.Read(content) - if err != nil { - t.Fatalf("unexpected error building random data: %v", err) - } - - if n != len(content) { - t.Fatalf("random read didn't fill buffer") - } - - dgst, err := digest.FromReader(bytes.NewReader(content)) - if err != nil { - t.Fatalf("unexpected error digesting random content: %v", err) - } - - driver := inmemory.New() - path := "/random" - - if err := driver.PutContent(ctx, path, content); err != nil { - t.Fatalf("error putting patterned content: %v", err) - } - - fr, err := newFileReader(ctx, driver, path, int64(len(content))) - if err != nil { - t.Fatalf("error allocating file reader: %v", err) - } - - verifier, err := digest.NewDigestVerifier(dgst) - if err != nil { - t.Fatalf("error getting digest verifier: %s", err) - } - - io.Copy(verifier, fr) - - if !verifier.Verified() { - t.Fatalf("unable to verify read data") - } -} - -func TestFileReaderSeek(t *testing.T) { - driver := inmemory.New() - pattern := "01234567890ab" // prime length block - repititions := 1024 - path := "/patterned" - content := bytes.Repeat([]byte(pattern), repititions) - ctx := context.Background() - - if err := driver.PutContent(ctx, path, content); err != nil { - t.Fatalf("error putting patterned content: %v", err) - } - - fr, err := newFileReader(ctx, driver, path, int64(len(content))) - - if err != nil { - t.Fatalf("unexpected error creating file reader: %v", err) - } - - // Seek all over the place, in blocks of pattern size and make sure we get - // the right data. - for _, repitition := range mrand.Perm(repititions - 1) { - targetOffset := int64(len(pattern) * repitition) - // Seek to a multiple of pattern size and read pattern size bytes - offset, err := fr.Seek(targetOffset, os.SEEK_SET) - if err != nil { - t.Fatalf("unexpected error seeking: %v", err) - } - - if offset != targetOffset { - t.Fatalf("did not seek to correct offset: %d != %d", offset, targetOffset) - } - - p := make([]byte, len(pattern)) - - n, err := fr.Read(p) - if err != nil { - t.Fatalf("error reading pattern: %v", err) - } - - if n != len(pattern) { - t.Fatalf("incorrect read length: %d != %d", n, len(pattern)) - } - - if string(p) != pattern { - t.Fatalf("incorrect read content: %q != %q", p, pattern) - } - - // Check offset - current, err := fr.Seek(0, os.SEEK_CUR) - if err != nil { - t.Fatalf("error checking current offset: %v", err) - } - - if current != targetOffset+int64(len(pattern)) { - t.Fatalf("unexpected offset after read: %v", err) - } - } - - start, err := fr.Seek(0, os.SEEK_SET) - if err != nil { - t.Fatalf("error seeking to start: %v", err) - } - - if start != 0 { - t.Fatalf("expected to seek to start: %v != 0", start) - } - - end, err := fr.Seek(0, os.SEEK_END) - if err != nil { - t.Fatalf("error checking current offset: %v", err) - } - - if end != int64(len(content)) { - t.Fatalf("expected to seek to end: %v != %v", end, len(content)) - } - - // 4. Seek before start, ensure error. - - // seek before start - before, err := fr.Seek(-1, os.SEEK_SET) - if err == nil { - t.Fatalf("error expected, returned offset=%v", before) - } - - // 5. Seek after end, - after, err := fr.Seek(1, os.SEEK_END) - if err != nil { - t.Fatalf("unexpected error expected, returned offset=%v", after) - } - - p := make([]byte, 16) - n, err := fr.Read(p) - - if n != 0 { - t.Fatalf("bytes reads %d != %d", n, 0) - } - - if err != io.EOF { - t.Fatalf("expected io.EOF, got %v", err) - } -} - -// TestFileReaderNonExistentFile ensures the reader behaves as expected with a -// missing or zero-length remote file. While the file may not exist, the -// reader should not error out on creation and should return 0-bytes from the -// read method, with an io.EOF error. -func TestFileReaderNonExistentFile(t *testing.T) { - driver := inmemory.New() - fr, err := newFileReader(context.Background(), driver, "/doesnotexist", 10) - if err != nil { - t.Fatalf("unexpected error initializing reader: %v", err) - } - - var buf [1024]byte - - n, err := fr.Read(buf[:]) - if n != 0 { - t.Fatalf("non-zero byte read reported: %d != 0", n) - } - - if err != io.EOF { - t.Fatalf("read on missing file should return io.EOF, got %v", err) - } -} - -// TestLayerReadErrors covers the various error return type for different -// conditions that can arise when reading a layer. -func TestFileReaderErrors(t *testing.T) { - // TODO(stevvooe): We need to cover error return types, driven by the - // errors returned via the HTTP API. For now, here is an incomplete list: - // - // 1. Layer Not Found: returned when layer is not found or access is - // denied. - // 2. Layer Unavailable: returned when link references are unresolved, - // but layer is known to the registry. - // 3. Layer Invalid: This may more split into more errors, but should be - // returned when name or tarsum does not reference a valid error. We - // may also need something to communication layer verification errors - // for the inline tarsum check. - // 4. Timeout: timeouts to backend. Need to better understand these - // failure cases and how the storage driver propagates these errors - // up the stack. -} diff --git a/vendor/github.com/docker/distribution/registry/storage/garbagecollect.go b/vendor/github.com/docker/distribution/registry/storage/garbagecollect.go deleted file mode 100644 index 7cf0298e..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/garbagecollect.go +++ /dev/null @@ -1,114 +0,0 @@ -package storage - -import ( - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/driver" -) - -func emit(format string, a ...interface{}) { - fmt.Printf(format+"\n", a...) -} - -// MarkAndSweep performs a mark and sweep of registry data -func MarkAndSweep(ctx context.Context, storageDriver driver.StorageDriver, registry distribution.Namespace, dryRun bool) error { - repositoryEnumerator, ok := registry.(distribution.RepositoryEnumerator) - if !ok { - return fmt.Errorf("unable to convert Namespace to RepositoryEnumerator") - } - - // mark - markSet := make(map[digest.Digest]struct{}) - err := repositoryEnumerator.Enumerate(ctx, func(repoName string) error { - emit(repoName) - - var err error - named, err := reference.ParseNamed(repoName) - if err != nil { - return fmt.Errorf("failed to parse repo name %s: %v", repoName, err) - } - repository, err := registry.Repository(ctx, named) - if err != nil { - return fmt.Errorf("failed to construct repository: %v", err) - } - - manifestService, err := repository.Manifests(ctx) - if err != nil { - return fmt.Errorf("failed to construct manifest service: %v", err) - } - - manifestEnumerator, ok := manifestService.(distribution.ManifestEnumerator) - if !ok { - return fmt.Errorf("unable to convert ManifestService into ManifestEnumerator") - } - - err = manifestEnumerator.Enumerate(ctx, func(dgst digest.Digest) error { - // Mark the manifest's blob - emit("%s: marking manifest %s ", repoName, dgst) - markSet[dgst] = struct{}{} - - manifest, err := manifestService.Get(ctx, dgst) - if err != nil { - return fmt.Errorf("failed to retrieve manifest for digest %v: %v", dgst, err) - } - - descriptors := manifest.References() - for _, descriptor := range descriptors { - markSet[descriptor.Digest] = struct{}{} - emit("%s: marking blob %s", repoName, descriptor.Digest) - } - - return nil - }) - - if err != nil { - // In certain situations such as unfinished uploads, deleting all - // tags in S3 or removing the _manifests folder manually, this - // error may be of type PathNotFound. - // - // In these cases we can continue marking other manifests safely. - if _, ok := err.(driver.PathNotFoundError); ok { - return nil - } - } - - return err - }) - - if err != nil { - return fmt.Errorf("failed to mark: %v", err) - } - - // sweep - blobService := registry.Blobs() - deleteSet := make(map[digest.Digest]struct{}) - err = blobService.Enumerate(ctx, func(dgst digest.Digest) error { - // check if digest is in markSet. If not, delete it! - if _, ok := markSet[dgst]; !ok { - deleteSet[dgst] = struct{}{} - } - return nil - }) - if err != nil { - return fmt.Errorf("error enumerating blobs: %v", err) - } - emit("\n%d blobs marked, %d blobs eligible for deletion", len(markSet), len(deleteSet)) - // Construct vacuum - vacuum := NewVacuum(ctx, storageDriver) - for dgst := range deleteSet { - emit("blob eligible for deletion: %s", dgst) - if dryRun { - continue - } - err = vacuum.RemoveBlob(string(dgst)) - if err != nil { - return fmt.Errorf("failed to delete blob %s: %v", dgst, err) - } - } - - return err -} diff --git a/vendor/github.com/docker/distribution/registry/storage/garbagecollect_test.go b/vendor/github.com/docker/distribution/registry/storage/garbagecollect_test.go deleted file mode 100644 index 925f1a10..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/garbagecollect_test.go +++ /dev/null @@ -1,377 +0,0 @@ -package storage - -import ( - "io" - "path" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/inmemory" - "github.com/docker/distribution/testutil" - "github.com/docker/libtrust" -) - -type image struct { - manifest distribution.Manifest - manifestDigest digest.Digest - layers map[digest.Digest]io.ReadSeeker -} - -func createRegistry(t *testing.T, driver driver.StorageDriver, options ...RegistryOption) distribution.Namespace { - ctx := context.Background() - k, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - options = append([]RegistryOption{EnableDelete, Schema1SigningKey(k)}, options...) - registry, err := NewRegistry(ctx, driver, options...) - if err != nil { - t.Fatalf("Failed to construct namespace") - } - return registry -} - -func makeRepository(t *testing.T, registry distribution.Namespace, name string) distribution.Repository { - ctx := context.Background() - - // Initialize a dummy repository - named, err := reference.ParseNamed(name) - if err != nil { - t.Fatalf("Failed to parse name %s: %v", name, err) - } - - repo, err := registry.Repository(ctx, named) - if err != nil { - t.Fatalf("Failed to construct repository: %v", err) - } - return repo -} - -func makeManifestService(t *testing.T, repository distribution.Repository) distribution.ManifestService { - ctx := context.Background() - - manifestService, err := repository.Manifests(ctx) - if err != nil { - t.Fatalf("Failed to construct manifest store: %v", err) - } - return manifestService -} - -func allBlobs(t *testing.T, registry distribution.Namespace) map[digest.Digest]struct{} { - ctx := context.Background() - blobService := registry.Blobs() - allBlobsMap := make(map[digest.Digest]struct{}) - err := blobService.Enumerate(ctx, func(dgst digest.Digest) error { - allBlobsMap[dgst] = struct{}{} - return nil - }) - if err != nil { - t.Fatalf("Error getting all blobs: %v", err) - } - return allBlobsMap -} - -func uploadImage(t *testing.T, repository distribution.Repository, im image) digest.Digest { - // upload layers - err := testutil.UploadBlobs(repository, im.layers) - if err != nil { - t.Fatalf("layer upload failed: %v", err) - } - - // upload manifest - ctx := context.Background() - manifestService := makeManifestService(t, repository) - manifestDigest, err := manifestService.Put(ctx, im.manifest) - if err != nil { - t.Fatalf("manifest upload failed: %v", err) - } - - return manifestDigest -} - -func uploadRandomSchema1Image(t *testing.T, repository distribution.Repository) image { - randomLayers, err := testutil.CreateRandomLayers(2) - if err != nil { - t.Fatalf("%v", err) - } - - digests := []digest.Digest{} - for digest := range randomLayers { - digests = append(digests, digest) - } - - manifest, err := testutil.MakeSchema1Manifest(digests) - if err != nil { - t.Fatalf("%v", err) - } - - manifestDigest := uploadImage(t, repository, image{manifest: manifest, layers: randomLayers}) - return image{ - manifest: manifest, - manifestDigest: manifestDigest, - layers: randomLayers, - } -} - -func uploadRandomSchema2Image(t *testing.T, repository distribution.Repository) image { - randomLayers, err := testutil.CreateRandomLayers(2) - if err != nil { - t.Fatalf("%v", err) - } - - digests := []digest.Digest{} - for digest := range randomLayers { - digests = append(digests, digest) - } - - manifest, err := testutil.MakeSchema2Manifest(repository, digests) - if err != nil { - t.Fatalf("%v", err) - } - - manifestDigest := uploadImage(t, repository, image{manifest: manifest, layers: randomLayers}) - return image{ - manifest: manifest, - manifestDigest: manifestDigest, - layers: randomLayers, - } -} - -func TestNoDeletionNoEffect(t *testing.T) { - ctx := context.Background() - inmemoryDriver := inmemory.New() - - registry := createRegistry(t, inmemoryDriver) - repo := makeRepository(t, registry, "palailogos") - manifestService, err := repo.Manifests(ctx) - - image1 := uploadRandomSchema1Image(t, repo) - image2 := uploadRandomSchema1Image(t, repo) - uploadRandomSchema2Image(t, repo) - - // construct manifestlist for fun. - blobstatter := registry.BlobStatter() - manifestList, err := testutil.MakeManifestList(blobstatter, []digest.Digest{ - image1.manifestDigest, image2.manifestDigest}) - if err != nil { - t.Fatalf("Failed to make manifest list: %v", err) - } - - _, err = manifestService.Put(ctx, manifestList) - if err != nil { - t.Fatalf("Failed to add manifest list: %v", err) - } - - before := allBlobs(t, registry) - - // Run GC - err = MarkAndSweep(context.Background(), inmemoryDriver, registry, false) - if err != nil { - t.Fatalf("Failed mark and sweep: %v", err) - } - - after := allBlobs(t, registry) - if len(before) != len(after) { - t.Fatalf("Garbage collection affected storage: %d != %d", len(before), len(after)) - } -} - -func TestGCWithMissingManifests(t *testing.T) { - ctx := context.Background() - d := inmemory.New() - - registry := createRegistry(t, d) - repo := makeRepository(t, registry, "testrepo") - uploadRandomSchema1Image(t, repo) - - // Simulate a missing _manifests directory - revPath, err := pathFor(manifestRevisionsPathSpec{"testrepo"}) - if err != nil { - t.Fatal(err) - } - - _manifestsPath := path.Dir(revPath) - err = d.Delete(ctx, _manifestsPath) - if err != nil { - t.Fatal(err) - } - - err = MarkAndSweep(context.Background(), d, registry, false) - if err != nil { - t.Fatalf("Failed mark and sweep: %v", err) - } - - blobs := allBlobs(t, registry) - if len(blobs) > 0 { - t.Errorf("unexpected blobs after gc") - } -} - -func TestDeletionHasEffect(t *testing.T) { - ctx := context.Background() - inmemoryDriver := inmemory.New() - - registry := createRegistry(t, inmemoryDriver) - repo := makeRepository(t, registry, "komnenos") - manifests, err := repo.Manifests(ctx) - - image1 := uploadRandomSchema1Image(t, repo) - image2 := uploadRandomSchema1Image(t, repo) - image3 := uploadRandomSchema2Image(t, repo) - - manifests.Delete(ctx, image2.manifestDigest) - manifests.Delete(ctx, image3.manifestDigest) - - // Run GC - err = MarkAndSweep(context.Background(), inmemoryDriver, registry, false) - if err != nil { - t.Fatalf("Failed mark and sweep: %v", err) - } - - blobs := allBlobs(t, registry) - - // check that the image1 manifest and all the layers are still in blobs - if _, ok := blobs[image1.manifestDigest]; !ok { - t.Fatalf("First manifest is missing") - } - - for layer := range image1.layers { - if _, ok := blobs[layer]; !ok { - t.Fatalf("manifest 1 layer is missing: %v", layer) - } - } - - // check that image2 and image3 layers are not still around - for layer := range image2.layers { - if _, ok := blobs[layer]; ok { - t.Fatalf("manifest 2 layer is present: %v", layer) - } - } - - for layer := range image3.layers { - if _, ok := blobs[layer]; ok { - t.Fatalf("manifest 3 layer is present: %v", layer) - } - } -} - -func getAnyKey(digests map[digest.Digest]io.ReadSeeker) (d digest.Digest) { - for d = range digests { - break - } - return -} - -func getKeys(digests map[digest.Digest]io.ReadSeeker) (ds []digest.Digest) { - for d := range digests { - ds = append(ds, d) - } - return -} - -func TestDeletionWithSharedLayer(t *testing.T) { - ctx := context.Background() - inmemoryDriver := inmemory.New() - - registry := createRegistry(t, inmemoryDriver) - repo := makeRepository(t, registry, "tzimiskes") - - // Create random layers - randomLayers1, err := testutil.CreateRandomLayers(3) - if err != nil { - t.Fatalf("failed to make layers: %v", err) - } - - randomLayers2, err := testutil.CreateRandomLayers(3) - if err != nil { - t.Fatalf("failed to make layers: %v", err) - } - - // Upload all layers - err = testutil.UploadBlobs(repo, randomLayers1) - if err != nil { - t.Fatalf("failed to upload layers: %v", err) - } - - err = testutil.UploadBlobs(repo, randomLayers2) - if err != nil { - t.Fatalf("failed to upload layers: %v", err) - } - - // Construct manifests - manifest1, err := testutil.MakeSchema1Manifest(getKeys(randomLayers1)) - if err != nil { - t.Fatalf("failed to make manifest: %v", err) - } - - sharedKey := getAnyKey(randomLayers1) - manifest2, err := testutil.MakeSchema2Manifest(repo, append(getKeys(randomLayers2), sharedKey)) - if err != nil { - t.Fatalf("failed to make manifest: %v", err) - } - - manifestService := makeManifestService(t, repo) - - // Upload manifests - _, err = manifestService.Put(ctx, manifest1) - if err != nil { - t.Fatalf("manifest upload failed: %v", err) - } - - manifestDigest2, err := manifestService.Put(ctx, manifest2) - if err != nil { - t.Fatalf("manifest upload failed: %v", err) - } - - // delete - err = manifestService.Delete(ctx, manifestDigest2) - if err != nil { - t.Fatalf("manifest deletion failed: %v", err) - } - - // check that all of the layers in layer 1 are still there - blobs := allBlobs(t, registry) - for dgst := range randomLayers1 { - if _, ok := blobs[dgst]; !ok { - t.Fatalf("random layer 1 blob missing: %v", dgst) - } - } -} - -func TestOrphanBlobDeleted(t *testing.T) { - inmemoryDriver := inmemory.New() - - registry := createRegistry(t, inmemoryDriver) - repo := makeRepository(t, registry, "michael_z_doukas") - - digests, err := testutil.CreateRandomLayers(1) - if err != nil { - t.Fatalf("Failed to create random digest: %v", err) - } - - if err = testutil.UploadBlobs(repo, digests); err != nil { - t.Fatalf("Failed to upload blob: %v", err) - } - - // formality to create the necessary directories - uploadRandomSchema2Image(t, repo) - - // Run GC - err = MarkAndSweep(context.Background(), inmemoryDriver, registry, false) - if err != nil { - t.Fatalf("Failed mark and sweep: %v", err) - } - - blobs := allBlobs(t, registry) - - // check that orphan blob layers are not still around - for dgst := range digests { - if _, ok := blobs[dgst]; ok { - t.Fatalf("Orphan layer is present: %v", dgst) - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/linkedblobstore.go b/vendor/github.com/docker/distribution/registry/storage/linkedblobstore.go deleted file mode 100644 index 6a5e8d03..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/linkedblobstore.go +++ /dev/null @@ -1,470 +0,0 @@ -package storage - -import ( - "fmt" - "net/http" - "path" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/uuid" -) - -// linkPathFunc describes a function that can resolve a link based on the -// repository name and digest. -type linkPathFunc func(name string, dgst digest.Digest) (string, error) - -// linkedBlobStore provides a full BlobService that namespaces the blobs to a -// given repository. Effectively, it manages the links in a given repository -// that grant access to the global blob store. -type linkedBlobStore struct { - *blobStore - registry *registry - blobServer distribution.BlobServer - blobAccessController distribution.BlobDescriptorService - repository distribution.Repository - ctx context.Context // only to be used where context can't come through method args - deleteEnabled bool - resumableDigestEnabled bool - - // linkPathFns specifies one or more path functions allowing one to - // control the repository blob link set to which the blob store - // dispatches. This is required because manifest and layer blobs have not - // yet been fully merged. At some point, this functionality should be - // removed the blob links folder should be merged. The first entry is - // treated as the "canonical" link location and will be used for writes. - linkPathFns []linkPathFunc - - // linkDirectoryPathSpec locates the root directories in which one might find links - linkDirectoryPathSpec pathSpec -} - -var _ distribution.BlobStore = &linkedBlobStore{} - -func (lbs *linkedBlobStore) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - return lbs.blobAccessController.Stat(ctx, dgst) -} - -func (lbs *linkedBlobStore) Get(ctx context.Context, dgst digest.Digest) ([]byte, error) { - canonical, err := lbs.Stat(ctx, dgst) // access check - if err != nil { - return nil, err - } - - return lbs.blobStore.Get(ctx, canonical.Digest) -} - -func (lbs *linkedBlobStore) Open(ctx context.Context, dgst digest.Digest) (distribution.ReadSeekCloser, error) { - canonical, err := lbs.Stat(ctx, dgst) // access check - if err != nil { - return nil, err - } - - return lbs.blobStore.Open(ctx, canonical.Digest) -} - -func (lbs *linkedBlobStore) ServeBlob(ctx context.Context, w http.ResponseWriter, r *http.Request, dgst digest.Digest) error { - canonical, err := lbs.Stat(ctx, dgst) // access check - if err != nil { - return err - } - - if canonical.MediaType != "" { - // Set the repository local content type. - w.Header().Set("Content-Type", canonical.MediaType) - } - - return lbs.blobServer.ServeBlob(ctx, w, r, canonical.Digest) -} - -func (lbs *linkedBlobStore) Put(ctx context.Context, mediaType string, p []byte) (distribution.Descriptor, error) { - dgst := digest.FromBytes(p) - // Place the data in the blob store first. - desc, err := lbs.blobStore.Put(ctx, mediaType, p) - if err != nil { - context.GetLogger(ctx).Errorf("error putting into main store: %v", err) - return distribution.Descriptor{}, err - } - - if err := lbs.blobAccessController.SetDescriptor(ctx, dgst, desc); err != nil { - return distribution.Descriptor{}, err - } - - // TODO(stevvooe): Write out mediatype if incoming differs from what is - // returned by Put above. Note that we should allow updates for a given - // repository. - - return desc, lbs.linkBlob(ctx, desc) -} - -type optionFunc func(interface{}) error - -func (f optionFunc) Apply(v interface{}) error { - return f(v) -} - -// WithMountFrom returns a BlobCreateOption which designates that the blob should be -// mounted from the given canonical reference. -func WithMountFrom(ref reference.Canonical) distribution.BlobCreateOption { - return optionFunc(func(v interface{}) error { - opts, ok := v.(*distribution.CreateOptions) - if !ok { - return fmt.Errorf("unexpected options type: %T", v) - } - - opts.Mount.ShouldMount = true - opts.Mount.From = ref - - return nil - }) -} - -// Writer begins a blob write session, returning a handle. -func (lbs *linkedBlobStore) Create(ctx context.Context, options ...distribution.BlobCreateOption) (distribution.BlobWriter, error) { - context.GetLogger(ctx).Debug("(*linkedBlobStore).Writer") - - var opts distribution.CreateOptions - - for _, option := range options { - err := option.Apply(&opts) - if err != nil { - return nil, err - } - } - - if opts.Mount.ShouldMount { - desc, err := lbs.mount(ctx, opts.Mount.From, opts.Mount.From.Digest(), opts.Mount.Stat) - if err == nil { - // Mount successful, no need to initiate an upload session - return nil, distribution.ErrBlobMounted{From: opts.Mount.From, Descriptor: desc} - } - } - - uuid := uuid.Generate().String() - startedAt := time.Now().UTC() - - path, err := pathFor(uploadDataPathSpec{ - name: lbs.repository.Named().Name(), - id: uuid, - }) - - if err != nil { - return nil, err - } - - startedAtPath, err := pathFor(uploadStartedAtPathSpec{ - name: lbs.repository.Named().Name(), - id: uuid, - }) - - if err != nil { - return nil, err - } - - // Write a startedat file for this upload - if err := lbs.blobStore.driver.PutContent(ctx, startedAtPath, []byte(startedAt.Format(time.RFC3339))); err != nil { - return nil, err - } - - return lbs.newBlobUpload(ctx, uuid, path, startedAt, false) -} - -func (lbs *linkedBlobStore) Resume(ctx context.Context, id string) (distribution.BlobWriter, error) { - context.GetLogger(ctx).Debug("(*linkedBlobStore).Resume") - - startedAtPath, err := pathFor(uploadStartedAtPathSpec{ - name: lbs.repository.Named().Name(), - id: id, - }) - - if err != nil { - return nil, err - } - - startedAtBytes, err := lbs.blobStore.driver.GetContent(ctx, startedAtPath) - if err != nil { - switch err := err.(type) { - case driver.PathNotFoundError: - return nil, distribution.ErrBlobUploadUnknown - default: - return nil, err - } - } - - startedAt, err := time.Parse(time.RFC3339, string(startedAtBytes)) - if err != nil { - return nil, err - } - - path, err := pathFor(uploadDataPathSpec{ - name: lbs.repository.Named().Name(), - id: id, - }) - - if err != nil { - return nil, err - } - - return lbs.newBlobUpload(ctx, id, path, startedAt, true) -} - -func (lbs *linkedBlobStore) Delete(ctx context.Context, dgst digest.Digest) error { - if !lbs.deleteEnabled { - return distribution.ErrUnsupported - } - - // Ensure the blob is available for deletion - _, err := lbs.blobAccessController.Stat(ctx, dgst) - if err != nil { - return err - } - - err = lbs.blobAccessController.Clear(ctx, dgst) - if err != nil { - return err - } - - return nil -} - -func (lbs *linkedBlobStore) Enumerate(ctx context.Context, ingestor func(digest.Digest) error) error { - rootPath, err := pathFor(lbs.linkDirectoryPathSpec) - if err != nil { - return err - } - err = Walk(ctx, lbs.blobStore.driver, rootPath, func(fileInfo driver.FileInfo) error { - // exit early if directory... - if fileInfo.IsDir() { - return nil - } - filePath := fileInfo.Path() - - // check if it's a link - _, fileName := path.Split(filePath) - if fileName != "link" { - return nil - } - - // read the digest found in link - digest, err := lbs.blobStore.readlink(ctx, filePath) - if err != nil { - return err - } - - // ensure this conforms to the linkPathFns - _, err = lbs.Stat(ctx, digest) - if err != nil { - // we expect this error to occur so we move on - if err == distribution.ErrBlobUnknown { - return nil - } - return err - } - - err = ingestor(digest) - if err != nil { - return err - } - - return nil - }) - - if err != nil { - return err - } - - return nil -} - -func (lbs *linkedBlobStore) mount(ctx context.Context, sourceRepo reference.Named, dgst digest.Digest, sourceStat *distribution.Descriptor) (distribution.Descriptor, error) { - var stat distribution.Descriptor - if sourceStat == nil { - // look up the blob info from the sourceRepo if not already provided - repo, err := lbs.registry.Repository(ctx, sourceRepo) - if err != nil { - return distribution.Descriptor{}, err - } - stat, err = repo.Blobs(ctx).Stat(ctx, dgst) - if err != nil { - return distribution.Descriptor{}, err - } - } else { - // use the provided blob info - stat = *sourceStat - } - - desc := distribution.Descriptor{ - Size: stat.Size, - - // NOTE(stevvooe): The central blob store firewalls media types from - // other users. The caller should look this up and override the value - // for the specific repository. - MediaType: "application/octet-stream", - Digest: dgst, - } - return desc, lbs.linkBlob(ctx, desc) -} - -// newBlobUpload allocates a new upload controller with the given state. -func (lbs *linkedBlobStore) newBlobUpload(ctx context.Context, uuid, path string, startedAt time.Time, append bool) (distribution.BlobWriter, error) { - fw, err := lbs.driver.Writer(ctx, path, append) - if err != nil { - return nil, err - } - - bw := &blobWriter{ - ctx: ctx, - blobStore: lbs, - id: uuid, - startedAt: startedAt, - digester: digest.Canonical.New(), - fileWriter: fw, - driver: lbs.driver, - path: path, - resumableDigestEnabled: lbs.resumableDigestEnabled, - } - - return bw, nil -} - -// linkBlob links a valid, written blob into the registry under the named -// repository for the upload controller. -func (lbs *linkedBlobStore) linkBlob(ctx context.Context, canonical distribution.Descriptor, aliases ...digest.Digest) error { - dgsts := append([]digest.Digest{canonical.Digest}, aliases...) - - // TODO(stevvooe): Need to write out mediatype for only canonical hash - // since we don't care about the aliases. They are generally unused except - // for tarsum but those versions don't care about mediatype. - - // Don't make duplicate links. - seenDigests := make(map[digest.Digest]struct{}, len(dgsts)) - - // only use the first link - linkPathFn := lbs.linkPathFns[0] - - for _, dgst := range dgsts { - if _, seen := seenDigests[dgst]; seen { - continue - } - seenDigests[dgst] = struct{}{} - - blobLinkPath, err := linkPathFn(lbs.repository.Named().Name(), dgst) - if err != nil { - return err - } - - if err := lbs.blobStore.link(ctx, blobLinkPath, canonical.Digest); err != nil { - return err - } - } - - return nil -} - -type linkedBlobStatter struct { - *blobStore - repository distribution.Repository - - // linkPathFns specifies one or more path functions allowing one to - // control the repository blob link set to which the blob store - // dispatches. This is required because manifest and layer blobs have not - // yet been fully merged. At some point, this functionality should be - // removed an the blob links folder should be merged. The first entry is - // treated as the "canonical" link location and will be used for writes. - linkPathFns []linkPathFunc -} - -var _ distribution.BlobDescriptorService = &linkedBlobStatter{} - -func (lbs *linkedBlobStatter) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - var ( - found bool - target digest.Digest - ) - - // try the many link path functions until we get success or an error that - // is not PathNotFoundError. - for _, linkPathFn := range lbs.linkPathFns { - var err error - target, err = lbs.resolveWithLinkFunc(ctx, dgst, linkPathFn) - - if err == nil { - found = true - break // success! - } - - switch err := err.(type) { - case driver.PathNotFoundError: - // do nothing, just move to the next linkPathFn - default: - return distribution.Descriptor{}, err - } - } - - if !found { - return distribution.Descriptor{}, distribution.ErrBlobUnknown - } - - if target != dgst { - // Track when we are doing cross-digest domain lookups. ie, sha512 to sha256. - context.GetLogger(ctx).Warnf("looking up blob with canonical target: %v -> %v", dgst, target) - } - - // TODO(stevvooe): Look up repository local mediatype and replace that on - // the returned descriptor. - - return lbs.blobStore.statter.Stat(ctx, target) -} - -func (lbs *linkedBlobStatter) Clear(ctx context.Context, dgst digest.Digest) (err error) { - // clear any possible existence of a link described in linkPathFns - for _, linkPathFn := range lbs.linkPathFns { - blobLinkPath, err := linkPathFn(lbs.repository.Named().Name(), dgst) - if err != nil { - return err - } - - err = lbs.blobStore.driver.Delete(ctx, blobLinkPath) - if err != nil { - switch err := err.(type) { - case driver.PathNotFoundError: - continue // just ignore this error and continue - default: - return err - } - } - } - - return nil -} - -// resolveTargetWithFunc allows us to read a link to a resource with different -// linkPathFuncs to let us try a few different paths before returning not -// found. -func (lbs *linkedBlobStatter) resolveWithLinkFunc(ctx context.Context, dgst digest.Digest, linkPathFn linkPathFunc) (digest.Digest, error) { - blobLinkPath, err := linkPathFn(lbs.repository.Named().Name(), dgst) - if err != nil { - return "", err - } - - return lbs.blobStore.readlink(ctx, blobLinkPath) -} - -func (lbs *linkedBlobStatter) SetDescriptor(ctx context.Context, dgst digest.Digest, desc distribution.Descriptor) error { - // The canonical descriptor for a blob is set at the commit phase of upload - return nil -} - -// blobLinkPath provides the path to the blob link, also known as layers. -func blobLinkPath(name string, dgst digest.Digest) (string, error) { - return pathFor(layerLinkPathSpec{name: name, digest: dgst}) -} - -// manifestRevisionLinkPath provides the path to the manifest revision link. -func manifestRevisionLinkPath(name string, dgst digest.Digest) (string, error) { - return pathFor(manifestRevisionLinkPathSpec{name: name, revision: dgst}) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/linkedblobstore_test.go b/vendor/github.com/docker/distribution/registry/storage/linkedblobstore_test.go deleted file mode 100644 index f0f63d87..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/linkedblobstore_test.go +++ /dev/null @@ -1,217 +0,0 @@ -package storage - -import ( - "fmt" - "io" - "reflect" - "strconv" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - - "github.com/docker/distribution/reference" - "github.com/docker/distribution/testutil" -) - -func TestLinkedBlobStoreCreateWithMountFrom(t *testing.T) { - fooRepoName, _ := reference.ParseNamed("nm/foo") - fooEnv := newManifestStoreTestEnv(t, fooRepoName, "thetag") - ctx := context.Background() - stats, err := mockRegistry(t, fooEnv.registry) - if err != nil { - t.Fatal(err) - } - - // Build up some test layers and add them to the manifest, saving the - // readseekers for upload later. - testLayers := map[digest.Digest]io.ReadSeeker{} - for i := 0; i < 2; i++ { - rs, ds, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("unexpected error generating test layer file") - } - dgst := digest.Digest(ds) - - testLayers[digest.Digest(dgst)] = rs - } - - // upload the layers to foo/bar - for dgst, rs := range testLayers { - wr, err := fooEnv.repository.Blobs(fooEnv.ctx).Create(fooEnv.ctx) - if err != nil { - t.Fatalf("unexpected error creating test upload: %v", err) - } - - if _, err := io.Copy(wr, rs); err != nil { - t.Fatalf("unexpected error copying to upload: %v", err) - } - - if _, err := wr.Commit(fooEnv.ctx, distribution.Descriptor{Digest: dgst}); err != nil { - t.Fatalf("unexpected error finishing upload: %v", err) - } - } - - // create another repository nm/bar - barRepoName, _ := reference.ParseNamed("nm/bar") - barRepo, err := fooEnv.registry.Repository(ctx, barRepoName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - - // cross-repo mount the test layers into a nm/bar - for dgst := range testLayers { - fooCanonical, _ := reference.WithDigest(fooRepoName, dgst) - option := WithMountFrom(fooCanonical) - // ensure we can instrospect it - createOpts := distribution.CreateOptions{} - if err := option.Apply(&createOpts); err != nil { - t.Fatalf("failed to apply MountFrom option: %v", err) - } - if !createOpts.Mount.ShouldMount || createOpts.Mount.From.String() != fooCanonical.String() { - t.Fatalf("unexpected create options: %#+v", createOpts.Mount) - } - - _, err := barRepo.Blobs(ctx).Create(ctx, WithMountFrom(fooCanonical)) - if err == nil { - t.Fatalf("unexpected non-error while mounting from %q: %v", fooRepoName.String(), err) - } - if _, ok := err.(distribution.ErrBlobMounted); !ok { - t.Fatalf("expected ErrMountFrom error, not %T: %v", err, err) - } - } - for dgst := range testLayers { - fooCanonical, _ := reference.WithDigest(fooRepoName, dgst) - count, exists := stats[fooCanonical.String()] - if !exists { - t.Errorf("expected entry %q not found among handled stat calls", fooCanonical.String()) - } else if count != 1 { - t.Errorf("expected exactly one stat call for entry %q, not %d", fooCanonical.String(), count) - } - } - - clearStats(stats) - - // create yet another repository nm/baz - bazRepoName, _ := reference.ParseNamed("nm/baz") - bazRepo, err := fooEnv.registry.Repository(ctx, bazRepoName) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - - // cross-repo mount them into a nm/baz and provide a prepopulated blob descriptor - for dgst := range testLayers { - fooCanonical, _ := reference.WithDigest(fooRepoName, dgst) - size, err := strconv.ParseInt("0x"+dgst.Hex()[:8], 0, 64) - if err != nil { - t.Fatal(err) - } - prepolutatedDescriptor := distribution.Descriptor{ - Digest: dgst, - Size: size, - MediaType: "application/octet-stream", - } - _, err = bazRepo.Blobs(ctx).Create(ctx, WithMountFrom(fooCanonical), &statCrossMountCreateOption{ - desc: prepolutatedDescriptor, - }) - blobMounted, ok := err.(distribution.ErrBlobMounted) - if !ok { - t.Errorf("expected ErrMountFrom error, not %T: %v", err, err) - continue - } - if !reflect.DeepEqual(blobMounted.Descriptor, prepolutatedDescriptor) { - t.Errorf("unexpected descriptor: %#+v != %#+v", blobMounted.Descriptor, prepolutatedDescriptor) - } - } - // this time no stat calls will be made - if len(stats) != 0 { - t.Errorf("unexpected number of stats made: %d != %d", len(stats), len(testLayers)) - } -} - -func clearStats(stats map[string]int) { - for k := range stats { - delete(stats, k) - } -} - -// mockRegistry sets a mock blob descriptor service factory that overrides -// statter's Stat method to note each attempt to stat a blob in any repository. -// Returned stats map contains canonical references to blobs with a number of -// attempts. -func mockRegistry(t *testing.T, nm distribution.Namespace) (map[string]int, error) { - registry, ok := nm.(*registry) - if !ok { - return nil, fmt.Errorf("not an expected type of registry: %T", nm) - } - stats := make(map[string]int) - - registry.blobDescriptorServiceFactory = &mockBlobDescriptorServiceFactory{ - t: t, - stats: stats, - } - - return stats, nil -} - -type mockBlobDescriptorServiceFactory struct { - t *testing.T - stats map[string]int -} - -func (f *mockBlobDescriptorServiceFactory) BlobAccessController(svc distribution.BlobDescriptorService) distribution.BlobDescriptorService { - return &mockBlobDescriptorService{ - BlobDescriptorService: svc, - t: f.t, - stats: f.stats, - } -} - -type mockBlobDescriptorService struct { - distribution.BlobDescriptorService - t *testing.T - stats map[string]int -} - -var _ distribution.BlobDescriptorService = &mockBlobDescriptorService{} - -func (bs *mockBlobDescriptorService) Stat(ctx context.Context, dgst digest.Digest) (distribution.Descriptor, error) { - statter, ok := bs.BlobDescriptorService.(*linkedBlobStatter) - if !ok { - return distribution.Descriptor{}, fmt.Errorf("unexpected blob descriptor service: %T", bs.BlobDescriptorService) - } - - name := statter.repository.Named() - canonical, err := reference.WithDigest(name, dgst) - if err != nil { - return distribution.Descriptor{}, fmt.Errorf("failed to make canonical reference: %v", err) - } - - bs.stats[canonical.String()]++ - bs.t.Logf("calling Stat on %s", canonical.String()) - - return bs.BlobDescriptorService.Stat(ctx, dgst) -} - -// statCrossMountCreateOptions ensures the expected options type is passed, and optionally pre-fills the cross-mount stat info -type statCrossMountCreateOption struct { - desc distribution.Descriptor -} - -var _ distribution.BlobCreateOption = statCrossMountCreateOption{} - -func (f statCrossMountCreateOption) Apply(v interface{}) error { - opts, ok := v.(*distribution.CreateOptions) - if !ok { - return fmt.Errorf("Unexpected create options: %#v", v) - } - - if !opts.Mount.ShouldMount { - return nil - } - - opts.Mount.Stat = &f.desc - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/manifestlisthandler.go b/vendor/github.com/docker/distribution/registry/storage/manifestlisthandler.go deleted file mode 100644 index e24062cd..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/manifestlisthandler.go +++ /dev/null @@ -1,92 +0,0 @@ -package storage - -import ( - "fmt" - - "encoding/json" - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest/manifestlist" -) - -// manifestListHandler is a ManifestHandler that covers schema2 manifest lists. -type manifestListHandler struct { - repository distribution.Repository - blobStore distribution.BlobStore - ctx context.Context -} - -var _ ManifestHandler = &manifestListHandler{} - -func (ms *manifestListHandler) Unmarshal(ctx context.Context, dgst digest.Digest, content []byte) (distribution.Manifest, error) { - context.GetLogger(ms.ctx).Debug("(*manifestListHandler).Unmarshal") - - var m manifestlist.DeserializedManifestList - if err := json.Unmarshal(content, &m); err != nil { - return nil, err - } - - return &m, nil -} - -func (ms *manifestListHandler) Put(ctx context.Context, manifestList distribution.Manifest, skipDependencyVerification bool) (digest.Digest, error) { - context.GetLogger(ms.ctx).Debug("(*manifestListHandler).Put") - - m, ok := manifestList.(*manifestlist.DeserializedManifestList) - if !ok { - return "", fmt.Errorf("wrong type put to manifestListHandler: %T", manifestList) - } - - if err := ms.verifyManifest(ms.ctx, *m, skipDependencyVerification); err != nil { - return "", err - } - - mt, payload, err := m.Payload() - if err != nil { - return "", err - } - - revision, err := ms.blobStore.Put(ctx, mt, payload) - if err != nil { - context.GetLogger(ctx).Errorf("error putting payload into blobstore: %v", err) - return "", err - } - - return revision.Digest, nil -} - -// verifyManifest ensures that the manifest content is valid from the -// perspective of the registry. As a policy, the registry only tries to -// store valid content, leaving trust policies of that content up to -// consumers. -func (ms *manifestListHandler) verifyManifest(ctx context.Context, mnfst manifestlist.DeserializedManifestList, skipDependencyVerification bool) error { - var errs distribution.ErrManifestVerification - - if !skipDependencyVerification { - // This manifest service is different from the blob service - // returned by Blob. It uses a linked blob store to ensure that - // only manifests are accessible. - - manifestService, err := ms.repository.Manifests(ctx) - if err != nil { - return err - } - - for _, manifestDescriptor := range mnfst.References() { - exists, err := manifestService.Exists(ctx, manifestDescriptor.Digest) - if err != nil && err != distribution.ErrBlobUnknown { - errs = append(errs, err) - } - if err != nil || !exists { - // On error here, we always append unknown blob errors. - errs = append(errs, distribution.ErrManifestBlobUnknown{Digest: manifestDescriptor.Digest}) - } - } - } - if len(errs) != 0 { - return errs - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/manifeststore.go b/vendor/github.com/docker/distribution/registry/storage/manifeststore.go deleted file mode 100644 index 9e8065bb..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/manifeststore.go +++ /dev/null @@ -1,141 +0,0 @@ -package storage - -import ( - "fmt" - - "encoding/json" - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/manifestlist" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/manifest/schema2" -) - -// A ManifestHandler gets and puts manifests of a particular type. -type ManifestHandler interface { - // Unmarshal unmarshals the manifest from a byte slice. - Unmarshal(ctx context.Context, dgst digest.Digest, content []byte) (distribution.Manifest, error) - - // Put creates or updates the given manifest returning the manifest digest. - Put(ctx context.Context, manifest distribution.Manifest, skipDependencyVerification bool) (digest.Digest, error) -} - -// SkipLayerVerification allows a manifest to be Put before its -// layers are on the filesystem -func SkipLayerVerification() distribution.ManifestServiceOption { - return skipLayerOption{} -} - -type skipLayerOption struct{} - -func (o skipLayerOption) Apply(m distribution.ManifestService) error { - if ms, ok := m.(*manifestStore); ok { - ms.skipDependencyVerification = true - return nil - } - return fmt.Errorf("skip layer verification only valid for manifestStore") -} - -type manifestStore struct { - repository *repository - blobStore *linkedBlobStore - ctx context.Context - - skipDependencyVerification bool - - schema1Handler ManifestHandler - schema2Handler ManifestHandler - manifestListHandler ManifestHandler -} - -var _ distribution.ManifestService = &manifestStore{} - -func (ms *manifestStore) Exists(ctx context.Context, dgst digest.Digest) (bool, error) { - context.GetLogger(ms.ctx).Debug("(*manifestStore).Exists") - - _, err := ms.blobStore.Stat(ms.ctx, dgst) - if err != nil { - if err == distribution.ErrBlobUnknown { - return false, nil - } - - return false, err - } - - return true, nil -} - -func (ms *manifestStore) Get(ctx context.Context, dgst digest.Digest, options ...distribution.ManifestServiceOption) (distribution.Manifest, error) { - context.GetLogger(ms.ctx).Debug("(*manifestStore).Get") - - // TODO(stevvooe): Need to check descriptor from above to ensure that the - // mediatype is as we expect for the manifest store. - - content, err := ms.blobStore.Get(ctx, dgst) - if err != nil { - if err == distribution.ErrBlobUnknown { - return nil, distribution.ErrManifestUnknownRevision{ - Name: ms.repository.Named().Name(), - Revision: dgst, - } - } - - return nil, err - } - - var versioned manifest.Versioned - if err = json.Unmarshal(content, &versioned); err != nil { - return nil, err - } - - switch versioned.SchemaVersion { - case 1: - return ms.schema1Handler.Unmarshal(ctx, dgst, content) - case 2: - // This can be an image manifest or a manifest list - switch versioned.MediaType { - case schema2.MediaTypeManifest: - return ms.schema2Handler.Unmarshal(ctx, dgst, content) - case manifestlist.MediaTypeManifestList: - return ms.manifestListHandler.Unmarshal(ctx, dgst, content) - default: - return nil, distribution.ErrManifestVerification{fmt.Errorf("unrecognized manifest content type %s", versioned.MediaType)} - } - } - - return nil, fmt.Errorf("unrecognized manifest schema version %d", versioned.SchemaVersion) -} - -func (ms *manifestStore) Put(ctx context.Context, manifest distribution.Manifest, options ...distribution.ManifestServiceOption) (digest.Digest, error) { - context.GetLogger(ms.ctx).Debug("(*manifestStore).Put") - - switch manifest.(type) { - case *schema1.SignedManifest: - return ms.schema1Handler.Put(ctx, manifest, ms.skipDependencyVerification) - case *schema2.DeserializedManifest: - return ms.schema2Handler.Put(ctx, manifest, ms.skipDependencyVerification) - case *manifestlist.DeserializedManifestList: - return ms.manifestListHandler.Put(ctx, manifest, ms.skipDependencyVerification) - } - - return "", fmt.Errorf("unrecognized manifest type %T", manifest) -} - -// Delete removes the revision of the specified manifest. -func (ms *manifestStore) Delete(ctx context.Context, dgst digest.Digest) error { - context.GetLogger(ms.ctx).Debug("(*manifestStore).Delete") - return ms.blobStore.Delete(ctx, dgst) -} - -func (ms *manifestStore) Enumerate(ctx context.Context, ingester func(digest.Digest) error) error { - err := ms.blobStore.Enumerate(ctx, func(dgst digest.Digest) error { - err := ingester(dgst) - if err != nil { - return err - } - return nil - }) - return err -} diff --git a/vendor/github.com/docker/distribution/registry/storage/manifeststore_test.go b/vendor/github.com/docker/distribution/registry/storage/manifeststore_test.go deleted file mode 100644 index cbd30c04..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/manifeststore_test.go +++ /dev/null @@ -1,391 +0,0 @@ -package storage - -import ( - "bytes" - "io" - "reflect" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/cache/memory" - "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/inmemory" - "github.com/docker/distribution/testutil" - "github.com/docker/libtrust" -) - -type manifestStoreTestEnv struct { - ctx context.Context - driver driver.StorageDriver - registry distribution.Namespace - repository distribution.Repository - name reference.Named - tag string -} - -func newManifestStoreTestEnv(t *testing.T, name reference.Named, tag string, options ...RegistryOption) *manifestStoreTestEnv { - ctx := context.Background() - driver := inmemory.New() - registry, err := NewRegistry(ctx, driver, options...) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - - repo, err := registry.Repository(ctx, name) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - - return &manifestStoreTestEnv{ - ctx: ctx, - driver: driver, - registry: registry, - repository: repo, - name: name, - tag: tag, - } -} - -func TestManifestStorage(t *testing.T) { - k, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - testManifestStorage(t, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableDelete, EnableRedirect, Schema1SigningKey(k)) -} - -func testManifestStorage(t *testing.T, options ...RegistryOption) { - repoName, _ := reference.ParseNamed("foo/bar") - env := newManifestStoreTestEnv(t, repoName, "thetag", options...) - ctx := context.Background() - ms, err := env.repository.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - - m := schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: env.name.Name(), - Tag: env.tag, - } - - // Build up some test layers and add them to the manifest, saving the - // readseekers for upload later. - testLayers := map[digest.Digest]io.ReadSeeker{} - for i := 0; i < 2; i++ { - rs, ds, err := testutil.CreateRandomTarFile() - if err != nil { - t.Fatalf("unexpected error generating test layer file") - } - dgst := digest.Digest(ds) - - testLayers[digest.Digest(dgst)] = rs - m.FSLayers = append(m.FSLayers, schema1.FSLayer{ - BlobSum: dgst, - }) - m.History = append(m.History, schema1.History{ - V1Compatibility: "", - }) - - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key: %v", err) - } - - sm, merr := schema1.Sign(&m, pk) - if merr != nil { - t.Fatalf("error signing manifest: %v", err) - } - - _, err = ms.Put(ctx, sm) - if err == nil { - t.Fatalf("expected errors putting manifest with full verification") - } - - switch err := err.(type) { - case distribution.ErrManifestVerification: - if len(err) != 2 { - t.Fatalf("expected 2 verification errors: %#v", err) - } - - for _, err := range err { - if _, ok := err.(distribution.ErrManifestBlobUnknown); !ok { - t.Fatalf("unexpected error type: %v", err) - } - } - default: - t.Fatalf("unexpected error verifying manifest: %v", err) - } - - // Now, upload the layers that were missing! - for dgst, rs := range testLayers { - wr, err := env.repository.Blobs(env.ctx).Create(env.ctx) - if err != nil { - t.Fatalf("unexpected error creating test upload: %v", err) - } - - if _, err := io.Copy(wr, rs); err != nil { - t.Fatalf("unexpected error copying to upload: %v", err) - } - - if _, err := wr.Commit(env.ctx, distribution.Descriptor{Digest: dgst}); err != nil { - t.Fatalf("unexpected error finishing upload: %v", err) - } - } - - var manifestDigest digest.Digest - if manifestDigest, err = ms.Put(ctx, sm); err != nil { - t.Fatalf("unexpected error putting manifest: %v", err) - } - - exists, err := ms.Exists(ctx, manifestDigest) - if err != nil { - t.Fatalf("unexpected error checking manifest existence: %#v", err) - } - - if !exists { - t.Fatalf("manifest should exist") - } - - fromStore, err := ms.Get(ctx, manifestDigest) - if err != nil { - t.Fatalf("unexpected error fetching manifest: %v", err) - } - - fetchedManifest, ok := fromStore.(*schema1.SignedManifest) - if !ok { - t.Fatalf("unexpected manifest type from signedstore") - } - - if !bytes.Equal(fetchedManifest.Canonical, sm.Canonical) { - t.Fatalf("fetched payload does not match original payload: %q != %q", fetchedManifest.Canonical, sm.Canonical) - } - - _, pl, err := fetchedManifest.Payload() - if err != nil { - t.Fatalf("error getting payload %#v", err) - } - - fetchedJWS, err := libtrust.ParsePrettySignature(pl, "signatures") - if err != nil { - t.Fatalf("unexpected error parsing jws: %v", err) - } - - payload, err := fetchedJWS.Payload() - if err != nil { - t.Fatalf("unexpected error extracting payload: %v", err) - } - - // Now that we have a payload, take a moment to check that the manifest is - // return by the payload digest. - - dgst := digest.FromBytes(payload) - exists, err = ms.Exists(ctx, dgst) - if err != nil { - t.Fatalf("error checking manifest existence by digest: %v", err) - } - - if !exists { - t.Fatalf("manifest %s should exist", dgst) - } - - fetchedByDigest, err := ms.Get(ctx, dgst) - if err != nil { - t.Fatalf("unexpected error fetching manifest by digest: %v", err) - } - - byDigestManifest, ok := fetchedByDigest.(*schema1.SignedManifest) - if !ok { - t.Fatalf("unexpected manifest type from signedstore") - } - - if !bytes.Equal(byDigestManifest.Canonical, fetchedManifest.Canonical) { - t.Fatalf("fetched manifest not equal: %q != %q", byDigestManifest.Canonical, fetchedManifest.Canonical) - } - - sigs, err := fetchedJWS.Signatures() - if err != nil { - t.Fatalf("unable to extract signatures: %v", err) - } - - if len(sigs) != 1 { - t.Fatalf("unexpected number of signatures: %d != %d", len(sigs), 1) - } - - // Now, push the same manifest with a different key - pk2, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key: %v", err) - } - - sm2, err := schema1.Sign(&m, pk2) - if err != nil { - t.Fatalf("unexpected error signing manifest: %v", err) - } - _, pl, err = sm2.Payload() - if err != nil { - t.Fatalf("error getting payload %#v", err) - } - - jws2, err := libtrust.ParsePrettySignature(pl, "signatures") - if err != nil { - t.Fatalf("error parsing signature: %v", err) - } - - sigs2, err := jws2.Signatures() - if err != nil { - t.Fatalf("unable to extract signatures: %v", err) - } - - if len(sigs2) != 1 { - t.Fatalf("unexpected number of signatures: %d != %d", len(sigs2), 1) - } - - if manifestDigest, err = ms.Put(ctx, sm2); err != nil { - t.Fatalf("unexpected error putting manifest: %v", err) - } - - fromStore, err = ms.Get(ctx, manifestDigest) - if err != nil { - t.Fatalf("unexpected error fetching manifest: %v", err) - } - - fetched, ok := fromStore.(*schema1.SignedManifest) - if !ok { - t.Fatalf("unexpected type from signed manifeststore : %T", fetched) - } - - if _, err := schema1.Verify(fetched); err != nil { - t.Fatalf("unexpected error verifying manifest: %v", err) - } - - _, pl, err = fetched.Payload() - if err != nil { - t.Fatalf("error getting payload %#v", err) - } - - receivedJWS, err := libtrust.ParsePrettySignature(pl, "signatures") - if err != nil { - t.Fatalf("unexpected error parsing jws: %v", err) - } - - receivedPayload, err := receivedJWS.Payload() - if err != nil { - t.Fatalf("unexpected error extracting received payload: %v", err) - } - - if !bytes.Equal(receivedPayload, payload) { - t.Fatalf("payloads are not equal") - } - - // Test deleting manifests - err = ms.Delete(ctx, dgst) - if err != nil { - t.Fatalf("unexpected an error deleting manifest by digest: %v", err) - } - - exists, err = ms.Exists(ctx, dgst) - if err != nil { - t.Fatalf("Error querying manifest existence") - } - if exists { - t.Errorf("Deleted manifest should not exist") - } - - deletedManifest, err := ms.Get(ctx, dgst) - if err == nil { - t.Errorf("Unexpected success getting deleted manifest") - } - switch err.(type) { - case distribution.ErrManifestUnknownRevision: - break - default: - t.Errorf("Unexpected error getting deleted manifest: %s", reflect.ValueOf(err).Type()) - } - - if deletedManifest != nil { - t.Errorf("Deleted manifest get returned non-nil") - } - - // Re-upload should restore manifest to a good state - _, err = ms.Put(ctx, sm) - if err != nil { - t.Errorf("Error re-uploading deleted manifest") - } - - exists, err = ms.Exists(ctx, dgst) - if err != nil { - t.Fatalf("Error querying manifest existence") - } - if !exists { - t.Errorf("Restored manifest should exist") - } - - deletedManifest, err = ms.Get(ctx, dgst) - if err != nil { - t.Errorf("Unexpected error getting manifest") - } - if deletedManifest == nil { - t.Errorf("Deleted manifest get returned non-nil") - } - - r, err := NewRegistry(ctx, env.driver, BlobDescriptorCacheProvider(memory.NewInMemoryBlobDescriptorCacheProvider()), EnableRedirect) - if err != nil { - t.Fatalf("error creating registry: %v", err) - } - repo, err := r.Repository(ctx, env.name) - if err != nil { - t.Fatalf("unexpected error getting repo: %v", err) - } - ms, err = repo.Manifests(ctx) - if err != nil { - t.Fatal(err) - } - err = ms.Delete(ctx, dgst) - if err == nil { - t.Errorf("Unexpected success deleting while disabled") - } -} - -// TestLinkPathFuncs ensures that the link path functions behavior are locked -// down and implemented as expected. -func TestLinkPathFuncs(t *testing.T) { - for _, testcase := range []struct { - repo string - digest digest.Digest - linkPathFn linkPathFunc - expected string - }{ - { - repo: "foo/bar", - digest: "sha256:deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", - linkPathFn: blobLinkPath, - expected: "/docker/registry/v2/repositories/foo/bar/_layers/sha256/deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/link", - }, - { - repo: "foo/bar", - digest: "sha256:deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855", - linkPathFn: manifestRevisionLinkPath, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/deadbeaf98fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855/link", - }, - } { - p, err := testcase.linkPathFn(testcase.repo, testcase.digest) - if err != nil { - t.Fatalf("unexpected error calling linkPathFn(pm, %q, %q): %v", testcase.repo, testcase.digest, err) - } - - if p != testcase.expected { - t.Fatalf("incorrect path returned: %q != %q", p, testcase.expected) - } - } - -} diff --git a/vendor/github.com/docker/distribution/registry/storage/paths.go b/vendor/github.com/docker/distribution/registry/storage/paths.go deleted file mode 100644 index 1b142b88..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/paths.go +++ /dev/null @@ -1,490 +0,0 @@ -package storage - -import ( - "fmt" - "path" - "strings" - - "github.com/docker/distribution/digest" -) - -const ( - storagePathVersion = "v2" // fixed storage layout version - storagePathRoot = "/docker/registry/" // all driver paths have a prefix - - // TODO(stevvooe): Get rid of the "storagePathRoot". Initially, we though - // storage path root would configurable for all drivers through this - // package. In reality, we've found it simpler to do this on a per driver - // basis. -) - -// pathFor maps paths based on "object names" and their ids. The "object -// names" mapped by are internal to the storage system. -// -// The path layout in the storage backend is roughly as follows: -// -// /v2 -// -> repositories/ -// ->/ -// -> _manifests/ -// revisions -// -> -// -> link -// tags/ -// -> current/link -// -> index -// -> //link -// -> _layers/ -// -// -> _uploads/ -// data -// startedat -// hashstates// -// -> blob/ -// -// -// The storage backend layout is broken up into a content-addressable blob -// store and repositories. The content-addressable blob store holds most data -// throughout the backend, keyed by algorithm and digests of the underlying -// content. Access to the blob store is controlled through links from the -// repository to blobstore. -// -// A repository is made up of layers, manifests and tags. The layers component -// is just a directory of layers which are "linked" into a repository. A layer -// can only be accessed through a qualified repository name if it is linked in -// the repository. Uploads of layers are managed in the uploads directory, -// which is key by upload id. When all data for an upload is received, the -// data is moved into the blob store and the upload directory is deleted. -// Abandoned uploads can be garbage collected by reading the startedat file -// and removing uploads that have been active for longer than a certain time. -// -// The third component of the repository directory is the manifests store, -// which is made up of a revision store and tag store. Manifests are stored in -// the blob store and linked into the revision store. -// While the registry can save all revisions of a manifest, no relationship is -// implied as to the ordering of changes to a manifest. The tag store provides -// support for name, tag lookups of manifests, using "current/link" under a -// named tag directory. An index is maintained to support deletions of all -// revisions of a given manifest tag. -// -// We cover the path formats implemented by this path mapper below. -// -// Manifests: -// -// manifestRevisionsPathSpec: /v2/repositories//_manifests/revisions/ -// manifestRevisionPathSpec: /v2/repositories//_manifests/revisions/// -// manifestRevisionLinkPathSpec: /v2/repositories//_manifests/revisions///link -// -// Tags: -// -// manifestTagsPathSpec: /v2/repositories//_manifests/tags/ -// manifestTagPathSpec: /v2/repositories//_manifests/tags// -// manifestTagCurrentPathSpec: /v2/repositories//_manifests/tags//current/link -// manifestTagIndexPathSpec: /v2/repositories//_manifests/tags//index/ -// manifestTagIndexEntryPathSpec: /v2/repositories//_manifests/tags//index/// -// manifestTagIndexEntryLinkPathSpec: /v2/repositories//_manifests/tags//index///link -// -// Blobs: -// -// layerLinkPathSpec: /v2/repositories//_layers///link -// -// Uploads: -// -// uploadDataPathSpec: /v2/repositories//_uploads//data -// uploadStartedAtPathSpec: /v2/repositories//_uploads//startedat -// uploadHashStatePathSpec: /v2/repositories//_uploads//hashstates// -// -// Blob Store: -// -// blobsPathSpec: /v2/blobs/ -// blobPathSpec: /v2/blobs/// -// blobDataPathSpec: /v2/blobs////data -// blobMediaTypePathSpec: /v2/blobs////data -// -// For more information on the semantic meaning of each path and their -// contents, please see the path spec documentation. -func pathFor(spec pathSpec) (string, error) { - - // Switch on the path object type and return the appropriate path. At - // first glance, one may wonder why we don't use an interface to - // accomplish this. By keep the formatting separate from the pathSpec, we - // keep separate the path generation componentized. These specs could be - // passed to a completely different mapper implementation and generate a - // different set of paths. - // - // For example, imagine migrating from one backend to the other: one could - // build a filesystem walker that converts a string path in one version, - // to an intermediate path object, than can be consumed and mapped by the - // other version. - - rootPrefix := []string{storagePathRoot, storagePathVersion} - repoPrefix := append(rootPrefix, "repositories") - - switch v := spec.(type) { - - case manifestRevisionsPathSpec: - return path.Join(append(repoPrefix, v.name, "_manifests", "revisions")...), nil - - case manifestRevisionPathSpec: - components, err := digestPathComponents(v.revision, false) - if err != nil { - return "", err - } - - return path.Join(append(append(repoPrefix, v.name, "_manifests", "revisions"), components...)...), nil - case manifestRevisionLinkPathSpec: - root, err := pathFor(manifestRevisionPathSpec{ - name: v.name, - revision: v.revision, - }) - - if err != nil { - return "", err - } - - return path.Join(root, "link"), nil - case manifestTagsPathSpec: - return path.Join(append(repoPrefix, v.name, "_manifests", "tags")...), nil - case manifestTagPathSpec: - root, err := pathFor(manifestTagsPathSpec{ - name: v.name, - }) - - if err != nil { - return "", err - } - - return path.Join(root, v.tag), nil - case manifestTagCurrentPathSpec: - root, err := pathFor(manifestTagPathSpec{ - name: v.name, - tag: v.tag, - }) - - if err != nil { - return "", err - } - - return path.Join(root, "current", "link"), nil - case manifestTagIndexPathSpec: - root, err := pathFor(manifestTagPathSpec{ - name: v.name, - tag: v.tag, - }) - - if err != nil { - return "", err - } - - return path.Join(root, "index"), nil - case manifestTagIndexEntryLinkPathSpec: - root, err := pathFor(manifestTagIndexEntryPathSpec{ - name: v.name, - tag: v.tag, - revision: v.revision, - }) - - if err != nil { - return "", err - } - - return path.Join(root, "link"), nil - case manifestTagIndexEntryPathSpec: - root, err := pathFor(manifestTagIndexPathSpec{ - name: v.name, - tag: v.tag, - }) - - if err != nil { - return "", err - } - - components, err := digestPathComponents(v.revision, false) - if err != nil { - return "", err - } - - return path.Join(root, path.Join(components...)), nil - case layerLinkPathSpec: - components, err := digestPathComponents(v.digest, false) - if err != nil { - return "", err - } - - // TODO(stevvooe): Right now, all blobs are linked under "_layers". If - // we have future migrations, we may want to rename this to "_blobs". - // A migration strategy would simply leave existing items in place and - // write the new paths, commit a file then delete the old files. - - blobLinkPathComponents := append(repoPrefix, v.name, "_layers") - - return path.Join(path.Join(append(blobLinkPathComponents, components...)...), "link"), nil - case blobsPathSpec: - blobsPathPrefix := append(rootPrefix, "blobs") - return path.Join(blobsPathPrefix...), nil - case blobPathSpec: - components, err := digestPathComponents(v.digest, true) - if err != nil { - return "", err - } - - blobPathPrefix := append(rootPrefix, "blobs") - return path.Join(append(blobPathPrefix, components...)...), nil - case blobDataPathSpec: - components, err := digestPathComponents(v.digest, true) - if err != nil { - return "", err - } - - components = append(components, "data") - blobPathPrefix := append(rootPrefix, "blobs") - return path.Join(append(blobPathPrefix, components...)...), nil - - case uploadDataPathSpec: - return path.Join(append(repoPrefix, v.name, "_uploads", v.id, "data")...), nil - case uploadStartedAtPathSpec: - return path.Join(append(repoPrefix, v.name, "_uploads", v.id, "startedat")...), nil - case uploadHashStatePathSpec: - offset := fmt.Sprintf("%d", v.offset) - if v.list { - offset = "" // Limit to the prefix for listing offsets. - } - return path.Join(append(repoPrefix, v.name, "_uploads", v.id, "hashstates", string(v.alg), offset)...), nil - case repositoriesRootPathSpec: - return path.Join(repoPrefix...), nil - default: - // TODO(sday): This is an internal error. Ensure it doesn't escape (panic?). - return "", fmt.Errorf("unknown path spec: %#v", v) - } -} - -// pathSpec is a type to mark structs as path specs. There is no -// implementation because we'd like to keep the specs and the mappers -// decoupled. -type pathSpec interface { - pathSpec() -} - -// manifestRevisionsPathSpec describes the directory path for -// a manifest revision. -type manifestRevisionsPathSpec struct { - name string -} - -func (manifestRevisionsPathSpec) pathSpec() {} - -// manifestRevisionPathSpec describes the components of the directory path for -// a manifest revision. -type manifestRevisionPathSpec struct { - name string - revision digest.Digest -} - -func (manifestRevisionPathSpec) pathSpec() {} - -// manifestRevisionLinkPathSpec describes the path components required to look -// up the data link for a revision of a manifest. If this file is not present, -// the manifest blob is not available in the given repo. The contents of this -// file should just be the digest. -type manifestRevisionLinkPathSpec struct { - name string - revision digest.Digest -} - -func (manifestRevisionLinkPathSpec) pathSpec() {} - -// manifestTagsPathSpec describes the path elements required to point to the -// manifest tags directory. -type manifestTagsPathSpec struct { - name string -} - -func (manifestTagsPathSpec) pathSpec() {} - -// manifestTagPathSpec describes the path elements required to point to the -// manifest tag links files under a repository. These contain a blob id that -// can be used to look up the data and signatures. -type manifestTagPathSpec struct { - name string - tag string -} - -func (manifestTagPathSpec) pathSpec() {} - -// manifestTagCurrentPathSpec describes the link to the current revision for a -// given tag. -type manifestTagCurrentPathSpec struct { - name string - tag string -} - -func (manifestTagCurrentPathSpec) pathSpec() {} - -// manifestTagCurrentPathSpec describes the link to the index of revisions -// with the given tag. -type manifestTagIndexPathSpec struct { - name string - tag string -} - -func (manifestTagIndexPathSpec) pathSpec() {} - -// manifestTagIndexEntryPathSpec contains the entries of the index by revision. -type manifestTagIndexEntryPathSpec struct { - name string - tag string - revision digest.Digest -} - -func (manifestTagIndexEntryPathSpec) pathSpec() {} - -// manifestTagIndexEntryLinkPathSpec describes the link to a revisions of a -// manifest with given tag within the index. -type manifestTagIndexEntryLinkPathSpec struct { - name string - tag string - revision digest.Digest -} - -func (manifestTagIndexEntryLinkPathSpec) pathSpec() {} - -// blobLinkPathSpec specifies a path for a blob link, which is a file with a -// blob id. The blob link will contain a content addressable blob id reference -// into the blob store. The format of the contents is as follows: -// -// : -// -// The following example of the file contents is more illustrative: -// -// sha256:96443a84ce518ac22acb2e985eda402b58ac19ce6f91980bde63726a79d80b36 -// -// This indicates that there is a blob with the id/digest, calculated via -// sha256 that can be fetched from the blob store. -type layerLinkPathSpec struct { - name string - digest digest.Digest -} - -func (layerLinkPathSpec) pathSpec() {} - -// blobAlgorithmReplacer does some very simple path sanitization for user -// input. Paths should be "safe" before getting this far due to strict digest -// requirements but we can add further path conversion here, if needed. -var blobAlgorithmReplacer = strings.NewReplacer( - "+", "/", - ".", "/", - ";", "/", -) - -// blobsPathSpec contains the path for the blobs directory -type blobsPathSpec struct{} - -func (blobsPathSpec) pathSpec() {} - -// blobPathSpec contains the path for the registry global blob store. -type blobPathSpec struct { - digest digest.Digest -} - -func (blobPathSpec) pathSpec() {} - -// blobDataPathSpec contains the path for the registry global blob store. For -// now, this contains layer data, exclusively. -type blobDataPathSpec struct { - digest digest.Digest -} - -func (blobDataPathSpec) pathSpec() {} - -// uploadDataPathSpec defines the path parameters of the data file for -// uploads. -type uploadDataPathSpec struct { - name string - id string -} - -func (uploadDataPathSpec) pathSpec() {} - -// uploadDataPathSpec defines the path parameters for the file that stores the -// start time of an uploads. If it is missing, the upload is considered -// unknown. Admittedly, the presence of this file is an ugly hack to make sure -// we have a way to cleanup old or stalled uploads that doesn't rely on driver -// FileInfo behavior. If we come up with a more clever way to do this, we -// should remove this file immediately and rely on the startetAt field from -// the client to enforce time out policies. -type uploadStartedAtPathSpec struct { - name string - id string -} - -func (uploadStartedAtPathSpec) pathSpec() {} - -// uploadHashStatePathSpec defines the path parameters for the file that stores -// the hash function state of an upload at a specific byte offset. If `list` is -// set, then the path mapper will generate a list prefix for all hash state -// offsets for the upload identified by the name, id, and alg. -type uploadHashStatePathSpec struct { - name string - id string - alg digest.Algorithm - offset int64 - list bool -} - -func (uploadHashStatePathSpec) pathSpec() {} - -// repositoriesRootPathSpec returns the root of repositories -type repositoriesRootPathSpec struct { -} - -func (repositoriesRootPathSpec) pathSpec() {} - -// digestPathComponents provides a consistent path breakdown for a given -// digest. For a generic digest, it will be as follows: -// -// / -// -// If multilevel is true, the first two bytes of the digest will separate -// groups of digest folder. It will be as follows: -// -// // -// -func digestPathComponents(dgst digest.Digest, multilevel bool) ([]string, error) { - if err := dgst.Validate(); err != nil { - return nil, err - } - - algorithm := blobAlgorithmReplacer.Replace(string(dgst.Algorithm())) - hex := dgst.Hex() - prefix := []string{algorithm} - - var suffix []string - - if multilevel { - suffix = append(suffix, hex[:2]) - } - - suffix = append(suffix, hex) - - return append(prefix, suffix...), nil -} - -// Reconstructs a digest from a path -func digestFromPath(digestPath string) (digest.Digest, error) { - - digestPath = strings.TrimSuffix(digestPath, "/data") - dir, hex := path.Split(digestPath) - dir = path.Dir(dir) - dir, next := path.Split(dir) - - // next is either the algorithm OR the first two characters in the hex string - var algo string - if next == hex[:2] { - algo = path.Base(dir) - } else { - algo = next - } - - dgst := digest.NewDigestFromHex(algo, hex) - return dgst, dgst.Validate() -} diff --git a/vendor/github.com/docker/distribution/registry/storage/paths_test.go b/vendor/github.com/docker/distribution/registry/storage/paths_test.go deleted file mode 100644 index f739552a..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/paths_test.go +++ /dev/null @@ -1,135 +0,0 @@ -package storage - -import ( - "testing" - - "github.com/docker/distribution/digest" -) - -func TestPathMapper(t *testing.T) { - for _, testcase := range []struct { - spec pathSpec - expected string - err error - }{ - { - spec: manifestRevisionPathSpec{ - name: "foo/bar", - revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - }, - { - spec: manifestRevisionLinkPathSpec{ - name: "foo/bar", - revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/revisions/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/link", - }, - { - spec: manifestTagsPathSpec{ - name: "foo/bar", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags", - }, - { - spec: manifestTagPathSpec{ - name: "foo/bar", - tag: "thetag", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag", - }, - { - spec: manifestTagCurrentPathSpec{ - name: "foo/bar", - tag: "thetag", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/current/link", - }, - { - spec: manifestTagIndexPathSpec{ - name: "foo/bar", - tag: "thetag", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index", - }, - { - spec: manifestTagIndexEntryPathSpec{ - name: "foo/bar", - tag: "thetag", - revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - }, - { - spec: manifestTagIndexEntryLinkPathSpec{ - name: "foo/bar", - tag: "thetag", - revision: "sha256:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_manifests/tags/thetag/index/sha256/abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789/link", - }, - - { - spec: uploadDataPathSpec{ - name: "foo/bar", - id: "asdf-asdf-asdf-adsf", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_uploads/asdf-asdf-asdf-adsf/data", - }, - { - spec: uploadStartedAtPathSpec{ - name: "foo/bar", - id: "asdf-asdf-asdf-adsf", - }, - expected: "/docker/registry/v2/repositories/foo/bar/_uploads/asdf-asdf-asdf-adsf/startedat", - }, - } { - p, err := pathFor(testcase.spec) - if err != nil { - t.Fatalf("unexpected generating path (%T): %v", testcase.spec, err) - } - - if p != testcase.expected { - t.Fatalf("unexpected path generated (%T): %q != %q", testcase.spec, p, testcase.expected) - } - } - - // Add a few test cases to ensure we cover some errors - - // Specify a path that requires a revision and get a digest validation error. - badpath, err := pathFor(manifestRevisionPathSpec{ - name: "foo/bar", - }) - - if err == nil { - t.Fatalf("expected an error when mapping an invalid revision: %s", badpath) - } - -} - -func TestDigestFromPath(t *testing.T) { - for _, testcase := range []struct { - path string - expected digest.Digest - multilevel bool - err error - }{ - { - path: "/docker/registry/v2/blobs/sha256/99/9943fffae777400c0344c58869c4c2619c329ca3ad4df540feda74d291dd7c86/data", - multilevel: true, - expected: "sha256:9943fffae777400c0344c58869c4c2619c329ca3ad4df540feda74d291dd7c86", - err: nil, - }, - } { - result, err := digestFromPath(testcase.path) - if err != testcase.err { - t.Fatalf("Unexpected error value %v when we wanted %v", err, testcase.err) - } - - if result != testcase.expected { - t.Fatalf("Unexpected result value %v when we wanted %v", result, testcase.expected) - - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/purgeuploads.go b/vendor/github.com/docker/distribution/registry/storage/purgeuploads.go deleted file mode 100644 index 7576b189..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/purgeuploads.go +++ /dev/null @@ -1,139 +0,0 @@ -package storage - -import ( - "path" - "strings" - "time" - - log "github.com/Sirupsen/logrus" - "github.com/docker/distribution/context" - storageDriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/uuid" -) - -// uploadData stored the location of temporary files created during a layer upload -// along with the date the upload was started -type uploadData struct { - containingDir string - startedAt time.Time -} - -func newUploadData() uploadData { - return uploadData{ - containingDir: "", - // default to far in future to protect against missing startedat - startedAt: time.Now().Add(time.Duration(10000 * time.Hour)), - } -} - -// PurgeUploads deletes files from the upload directory -// created before olderThan. The list of files deleted and errors -// encountered are returned -func PurgeUploads(ctx context.Context, driver storageDriver.StorageDriver, olderThan time.Time, actuallyDelete bool) ([]string, []error) { - log.Infof("PurgeUploads starting: olderThan=%s, actuallyDelete=%t", olderThan, actuallyDelete) - uploadData, errors := getOutstandingUploads(ctx, driver) - var deleted []string - for _, uploadData := range uploadData { - if uploadData.startedAt.Before(olderThan) { - var err error - log.Infof("Upload files in %s have older date (%s) than purge date (%s). Removing upload directory.", - uploadData.containingDir, uploadData.startedAt, olderThan) - if actuallyDelete { - err = driver.Delete(ctx, uploadData.containingDir) - } - if err == nil { - deleted = append(deleted, uploadData.containingDir) - } else { - errors = append(errors, err) - } - } - } - - log.Infof("Purge uploads finished. Num deleted=%d, num errors=%d", len(deleted), len(errors)) - return deleted, errors -} - -// getOutstandingUploads walks the upload directory, collecting files -// which could be eligible for deletion. The only reliable way to -// classify the age of a file is with the date stored in the startedAt -// file, so gather files by UUID with a date from startedAt. -func getOutstandingUploads(ctx context.Context, driver storageDriver.StorageDriver) (map[string]uploadData, []error) { - var errors []error - uploads := make(map[string]uploadData, 0) - - inUploadDir := false - root, err := pathFor(repositoriesRootPathSpec{}) - if err != nil { - return uploads, append(errors, err) - } - - err = Walk(ctx, driver, root, func(fileInfo storageDriver.FileInfo) error { - filePath := fileInfo.Path() - _, file := path.Split(filePath) - if file[0] == '_' { - // Reserved directory - inUploadDir = (file == "_uploads") - - if fileInfo.IsDir() && !inUploadDir { - return ErrSkipDir - } - - } - - uuid, isContainingDir := uUIDFromPath(filePath) - if uuid == "" { - // Cannot reliably delete - return nil - } - ud, ok := uploads[uuid] - if !ok { - ud = newUploadData() - } - if isContainingDir { - ud.containingDir = filePath - } - if file == "startedat" { - if t, err := readStartedAtFile(driver, filePath); err == nil { - ud.startedAt = t - } else { - errors = pushError(errors, filePath, err) - } - - } - - uploads[uuid] = ud - return nil - }) - - if err != nil { - errors = pushError(errors, root, err) - } - return uploads, errors -} - -// uUIDFromPath extracts the upload UUID from a given path -// If the UUID is the last path component, this is the containing -// directory for all upload files -func uUIDFromPath(path string) (string, bool) { - components := strings.Split(path, "/") - for i := len(components) - 1; i >= 0; i-- { - if u, err := uuid.Parse(components[i]); err == nil { - return u.String(), i == len(components)-1 - } - } - return "", false -} - -// readStartedAtFile reads the date from an upload's startedAtFile -func readStartedAtFile(driver storageDriver.StorageDriver, path string) (time.Time, error) { - // todo:(richardscothern) - pass in a context - startedAtBytes, err := driver.GetContent(context.Background(), path) - if err != nil { - return time.Now(), err - } - startedAt, err := time.Parse(time.RFC3339, string(startedAtBytes)) - if err != nil { - return time.Now(), err - } - return startedAt, nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/purgeuploads_test.go b/vendor/github.com/docker/distribution/registry/storage/purgeuploads_test.go deleted file mode 100644 index 3b70f723..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/purgeuploads_test.go +++ /dev/null @@ -1,166 +0,0 @@ -package storage - -import ( - "path" - "strings" - "testing" - "time" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/inmemory" - "github.com/docker/distribution/uuid" -) - -func testUploadFS(t *testing.T, numUploads int, repoName string, startedAt time.Time) (driver.StorageDriver, context.Context) { - d := inmemory.New() - ctx := context.Background() - for i := 0; i < numUploads; i++ { - addUploads(ctx, t, d, uuid.Generate().String(), repoName, startedAt) - } - return d, ctx -} - -func addUploads(ctx context.Context, t *testing.T, d driver.StorageDriver, uploadID, repo string, startedAt time.Time) { - dataPath, err := pathFor(uploadDataPathSpec{name: repo, id: uploadID}) - if err != nil { - t.Fatalf("Unable to resolve path") - } - if err := d.PutContent(ctx, dataPath, []byte("")); err != nil { - t.Fatalf("Unable to write data file") - } - - startedAtPath, err := pathFor(uploadStartedAtPathSpec{name: repo, id: uploadID}) - if err != nil { - t.Fatalf("Unable to resolve path") - } - - if d.PutContent(ctx, startedAtPath, []byte(startedAt.Format(time.RFC3339))); err != nil { - t.Fatalf("Unable to write startedAt file") - } - -} - -func TestPurgeGather(t *testing.T) { - uploadCount := 5 - fs, ctx := testUploadFS(t, uploadCount, "test-repo", time.Now()) - uploadData, errs := getOutstandingUploads(ctx, fs) - if len(errs) != 0 { - t.Errorf("Unexepected errors: %q", errs) - } - if len(uploadData) != uploadCount { - t.Errorf("Unexpected upload file count: %d != %d", uploadCount, len(uploadData)) - } -} - -func TestPurgeNone(t *testing.T) { - fs, ctx := testUploadFS(t, 10, "test-repo", time.Now()) - oneHourAgo := time.Now().Add(-1 * time.Hour) - deleted, errs := PurgeUploads(ctx, fs, oneHourAgo, true) - if len(errs) != 0 { - t.Error("Unexpected errors", errs) - } - if len(deleted) != 0 { - t.Errorf("Unexpectedly deleted files for time: %s", oneHourAgo) - } -} - -func TestPurgeAll(t *testing.T) { - uploadCount := 10 - oneHourAgo := time.Now().Add(-1 * time.Hour) - fs, ctx := testUploadFS(t, uploadCount, "test-repo", oneHourAgo) - - // Ensure > 1 repos are purged - addUploads(ctx, t, fs, uuid.Generate().String(), "test-repo2", oneHourAgo) - uploadCount++ - - deleted, errs := PurgeUploads(ctx, fs, time.Now(), true) - if len(errs) != 0 { - t.Error("Unexpected errors:", errs) - } - fileCount := uploadCount - if len(deleted) != fileCount { - t.Errorf("Unexpectedly deleted file count %d != %d", - len(deleted), fileCount) - } -} - -func TestPurgeSome(t *testing.T) { - oldUploadCount := 5 - oneHourAgo := time.Now().Add(-1 * time.Hour) - fs, ctx := testUploadFS(t, oldUploadCount, "library/test-repo", oneHourAgo) - - newUploadCount := 4 - - for i := 0; i < newUploadCount; i++ { - addUploads(ctx, t, fs, uuid.Generate().String(), "test-repo", time.Now().Add(1*time.Hour)) - } - - deleted, errs := PurgeUploads(ctx, fs, time.Now(), true) - if len(errs) != 0 { - t.Error("Unexpected errors:", errs) - } - if len(deleted) != oldUploadCount { - t.Errorf("Unexpectedly deleted file count %d != %d", - len(deleted), oldUploadCount) - } -} - -func TestPurgeOnlyUploads(t *testing.T) { - oldUploadCount := 5 - oneHourAgo := time.Now().Add(-1 * time.Hour) - fs, ctx := testUploadFS(t, oldUploadCount, "test-repo", oneHourAgo) - - // Create a directory tree outside _uploads and ensure - // these files aren't deleted. - dataPath, err := pathFor(uploadDataPathSpec{name: "test-repo", id: uuid.Generate().String()}) - if err != nil { - t.Fatalf(err.Error()) - } - nonUploadPath := strings.Replace(dataPath, "_upload", "_important", -1) - if strings.Index(nonUploadPath, "_upload") != -1 { - t.Fatalf("Non-upload path not created correctly") - } - - nonUploadFile := path.Join(nonUploadPath, "file") - if err = fs.PutContent(ctx, nonUploadFile, []byte("")); err != nil { - t.Fatalf("Unable to write data file") - } - - deleted, errs := PurgeUploads(ctx, fs, time.Now(), true) - if len(errs) != 0 { - t.Error("Unexpected errors", errs) - } - for _, file := range deleted { - if strings.Index(file, "_upload") == -1 { - t.Errorf("Non-upload file deleted") - } - } -} - -func TestPurgeMissingStartedAt(t *testing.T) { - oneHourAgo := time.Now().Add(-1 * time.Hour) - fs, ctx := testUploadFS(t, 1, "test-repo", oneHourAgo) - - err := Walk(ctx, fs, "/", func(fileInfo driver.FileInfo) error { - filePath := fileInfo.Path() - _, file := path.Split(filePath) - - if file == "startedat" { - if err := fs.Delete(ctx, filePath); err != nil { - t.Fatalf("Unable to delete startedat file: %s", filePath) - } - } - return nil - }) - if err != nil { - t.Fatalf("Unexpected error during Walk: %s ", err.Error()) - } - deleted, errs := PurgeUploads(ctx, fs, time.Now(), true) - if len(errs) > 0 { - t.Errorf("Unexpected errors") - } - if len(deleted) > 0 { - t.Errorf("Files unexpectedly deleted: %s", deleted) - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/registry.go b/vendor/github.com/docker/distribution/registry/storage/registry.go deleted file mode 100644 index 20525ffb..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/registry.go +++ /dev/null @@ -1,306 +0,0 @@ -package storage - -import ( - "regexp" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/cache" - storagedriver "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/libtrust" -) - -// registry is the top-level implementation of Registry for use in the storage -// package. All instances should descend from this object. -type registry struct { - blobStore *blobStore - blobServer *blobServer - statter *blobStatter // global statter service. - blobDescriptorCacheProvider cache.BlobDescriptorCacheProvider - deleteEnabled bool - resumableDigestEnabled bool - schema1SigningKey libtrust.PrivateKey - blobDescriptorServiceFactory distribution.BlobDescriptorServiceFactory - manifestURLs manifestURLs -} - -// manifestURLs holds regular expressions for controlling manifest URL whitelisting -type manifestURLs struct { - allow *regexp.Regexp - deny *regexp.Regexp -} - -// RegistryOption is the type used for functional options for NewRegistry. -type RegistryOption func(*registry) error - -// EnableRedirect is a functional option for NewRegistry. It causes the backend -// blob server to attempt using (StorageDriver).URLFor to serve all blobs. -func EnableRedirect(registry *registry) error { - registry.blobServer.redirect = true - return nil -} - -// EnableDelete is a functional option for NewRegistry. It enables deletion on -// the registry. -func EnableDelete(registry *registry) error { - registry.deleteEnabled = true - return nil -} - -// DisableDigestResumption is a functional option for NewRegistry. It should be -// used if the registry is acting as a caching proxy. -func DisableDigestResumption(registry *registry) error { - registry.resumableDigestEnabled = false - return nil -} - -// ManifestURLsAllowRegexp is a functional option for NewRegistry. -func ManifestURLsAllowRegexp(r *regexp.Regexp) RegistryOption { - return func(registry *registry) error { - registry.manifestURLs.allow = r - return nil - } -} - -// ManifestURLsDenyRegexp is a functional option for NewRegistry. -func ManifestURLsDenyRegexp(r *regexp.Regexp) RegistryOption { - return func(registry *registry) error { - registry.manifestURLs.deny = r - return nil - } -} - -// Schema1SigningKey returns a functional option for NewRegistry. It sets the -// key for signing all schema1 manifests. -func Schema1SigningKey(key libtrust.PrivateKey) RegistryOption { - return func(registry *registry) error { - registry.schema1SigningKey = key - return nil - } -} - -// BlobDescriptorServiceFactory returns a functional option for NewRegistry. It sets the -// factory to create BlobDescriptorServiceFactory middleware. -func BlobDescriptorServiceFactory(factory distribution.BlobDescriptorServiceFactory) RegistryOption { - return func(registry *registry) error { - registry.blobDescriptorServiceFactory = factory - return nil - } -} - -// BlobDescriptorCacheProvider returns a functional option for -// NewRegistry. It creates a cached blob statter for use by the -// registry. -func BlobDescriptorCacheProvider(blobDescriptorCacheProvider cache.BlobDescriptorCacheProvider) RegistryOption { - // TODO(aaronl): The duplication of statter across several objects is - // ugly, and prevents us from using interface types in the registry - // struct. Ideally, blobStore and blobServer should be lazily - // initialized, and use the current value of - // blobDescriptorCacheProvider. - return func(registry *registry) error { - if blobDescriptorCacheProvider != nil { - statter := cache.NewCachedBlobStatter(blobDescriptorCacheProvider, registry.statter) - registry.blobStore.statter = statter - registry.blobServer.statter = statter - registry.blobDescriptorCacheProvider = blobDescriptorCacheProvider - } - return nil - } -} - -// NewRegistry creates a new registry instance from the provided driver. The -// resulting registry may be shared by multiple goroutines but is cheap to -// allocate. If the Redirect option is specified, the backend blob server will -// attempt to use (StorageDriver).URLFor to serve all blobs. -func NewRegistry(ctx context.Context, driver storagedriver.StorageDriver, options ...RegistryOption) (distribution.Namespace, error) { - // create global statter - statter := &blobStatter{ - driver: driver, - } - - bs := &blobStore{ - driver: driver, - statter: statter, - } - - registry := ®istry{ - blobStore: bs, - blobServer: &blobServer{ - driver: driver, - statter: statter, - pathFn: bs.path, - }, - statter: statter, - resumableDigestEnabled: true, - } - - for _, option := range options { - if err := option(registry); err != nil { - return nil, err - } - } - - return registry, nil -} - -// Scope returns the namespace scope for a registry. The registry -// will only serve repositories contained within this scope. -func (reg *registry) Scope() distribution.Scope { - return distribution.GlobalScope -} - -// Repository returns an instance of the repository tied to the registry. -// Instances should not be shared between goroutines but are cheap to -// allocate. In general, they should be request scoped. -func (reg *registry) Repository(ctx context.Context, canonicalName reference.Named) (distribution.Repository, error) { - var descriptorCache distribution.BlobDescriptorService - if reg.blobDescriptorCacheProvider != nil { - var err error - descriptorCache, err = reg.blobDescriptorCacheProvider.RepositoryScoped(canonicalName.Name()) - if err != nil { - return nil, err - } - } - - return &repository{ - ctx: ctx, - registry: reg, - name: canonicalName, - descriptorCache: descriptorCache, - }, nil -} - -func (reg *registry) Blobs() distribution.BlobEnumerator { - return reg.blobStore -} - -func (reg *registry) BlobStatter() distribution.BlobStatter { - return reg.statter -} - -// repository provides name-scoped access to various services. -type repository struct { - *registry - ctx context.Context - name reference.Named - descriptorCache distribution.BlobDescriptorService -} - -// Name returns the name of the repository. -func (repo *repository) Named() reference.Named { - return repo.name -} - -func (repo *repository) Tags(ctx context.Context) distribution.TagService { - tags := &tagStore{ - repository: repo, - blobStore: repo.registry.blobStore, - } - - return tags -} - -// Manifests returns an instance of ManifestService. Instantiation is cheap and -// may be context sensitive in the future. The instance should be used similar -// to a request local. -func (repo *repository) Manifests(ctx context.Context, options ...distribution.ManifestServiceOption) (distribution.ManifestService, error) { - manifestLinkPathFns := []linkPathFunc{ - // NOTE(stevvooe): Need to search through multiple locations since - // 2.1.0 unintentionally linked into _layers. - manifestRevisionLinkPath, - blobLinkPath, - } - - manifestDirectoryPathSpec := manifestRevisionsPathSpec{name: repo.name.Name()} - - var statter distribution.BlobDescriptorService = &linkedBlobStatter{ - blobStore: repo.blobStore, - repository: repo, - linkPathFns: manifestLinkPathFns, - } - - if repo.registry.blobDescriptorServiceFactory != nil { - statter = repo.registry.blobDescriptorServiceFactory.BlobAccessController(statter) - } - - blobStore := &linkedBlobStore{ - ctx: ctx, - blobStore: repo.blobStore, - repository: repo, - deleteEnabled: repo.registry.deleteEnabled, - blobAccessController: statter, - - // TODO(stevvooe): linkPath limits this blob store to only - // manifests. This instance cannot be used for blob checks. - linkPathFns: manifestLinkPathFns, - linkDirectoryPathSpec: manifestDirectoryPathSpec, - } - - ms := &manifestStore{ - ctx: ctx, - repository: repo, - blobStore: blobStore, - schema1Handler: &signedManifestHandler{ - ctx: ctx, - schema1SigningKey: repo.schema1SigningKey, - repository: repo, - blobStore: blobStore, - }, - schema2Handler: &schema2ManifestHandler{ - ctx: ctx, - repository: repo, - blobStore: blobStore, - manifestURLs: repo.registry.manifestURLs, - }, - manifestListHandler: &manifestListHandler{ - ctx: ctx, - repository: repo, - blobStore: blobStore, - }, - } - - // Apply options - for _, option := range options { - err := option.Apply(ms) - if err != nil { - return nil, err - } - } - - return ms, nil -} - -// Blobs returns an instance of the BlobStore. Instantiation is cheap and -// may be context sensitive in the future. The instance should be used similar -// to a request local. -func (repo *repository) Blobs(ctx context.Context) distribution.BlobStore { - var statter distribution.BlobDescriptorService = &linkedBlobStatter{ - blobStore: repo.blobStore, - repository: repo, - linkPathFns: []linkPathFunc{blobLinkPath}, - } - - if repo.descriptorCache != nil { - statter = cache.NewCachedBlobStatter(repo.descriptorCache, statter) - } - - if repo.registry.blobDescriptorServiceFactory != nil { - statter = repo.registry.blobDescriptorServiceFactory.BlobAccessController(statter) - } - - return &linkedBlobStore{ - registry: repo.registry, - blobStore: repo.blobStore, - blobServer: repo.blobServer, - blobAccessController: statter, - repository: repo, - ctx: ctx, - - // TODO(stevvooe): linkPath limits this blob store to only layers. - // This instance cannot be used for manifest checks. - linkPathFns: []linkPathFunc{blobLinkPath}, - deleteEnabled: repo.registry.deleteEnabled, - resumableDigestEnabled: repo.resumableDigestEnabled, - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler.go b/vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler.go deleted file mode 100644 index 9fe71bb4..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler.go +++ /dev/null @@ -1,136 +0,0 @@ -package storage - -import ( - "encoding/json" - "errors" - "fmt" - "net/url" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/manifest/schema2" -) - -var ( - errUnexpectedURL = errors.New("unexpected URL on layer") - errMissingURL = errors.New("missing URL on layer") - errInvalidURL = errors.New("invalid URL on layer") -) - -//schema2ManifestHandler is a ManifestHandler that covers schema2 manifests. -type schema2ManifestHandler struct { - repository distribution.Repository - blobStore distribution.BlobStore - ctx context.Context - manifestURLs manifestURLs -} - -var _ ManifestHandler = &schema2ManifestHandler{} - -func (ms *schema2ManifestHandler) Unmarshal(ctx context.Context, dgst digest.Digest, content []byte) (distribution.Manifest, error) { - context.GetLogger(ms.ctx).Debug("(*schema2ManifestHandler).Unmarshal") - - var m schema2.DeserializedManifest - if err := json.Unmarshal(content, &m); err != nil { - return nil, err - } - - return &m, nil -} - -func (ms *schema2ManifestHandler) Put(ctx context.Context, manifest distribution.Manifest, skipDependencyVerification bool) (digest.Digest, error) { - context.GetLogger(ms.ctx).Debug("(*schema2ManifestHandler).Put") - - m, ok := manifest.(*schema2.DeserializedManifest) - if !ok { - return "", fmt.Errorf("non-schema2 manifest put to schema2ManifestHandler: %T", manifest) - } - - if err := ms.verifyManifest(ms.ctx, *m, skipDependencyVerification); err != nil { - return "", err - } - - mt, payload, err := m.Payload() - if err != nil { - return "", err - } - - revision, err := ms.blobStore.Put(ctx, mt, payload) - if err != nil { - context.GetLogger(ctx).Errorf("error putting payload into blobstore: %v", err) - return "", err - } - - return revision.Digest, nil -} - -// verifyManifest ensures that the manifest content is valid from the -// perspective of the registry. As a policy, the registry only tries to store -// valid content, leaving trust policies of that content up to consumers. -func (ms *schema2ManifestHandler) verifyManifest(ctx context.Context, mnfst schema2.DeserializedManifest, skipDependencyVerification bool) error { - var errs distribution.ErrManifestVerification - - if skipDependencyVerification { - return nil - } - - manifestService, err := ms.repository.Manifests(ctx) - if err != nil { - return err - } - - blobsService := ms.repository.Blobs(ctx) - - for _, descriptor := range mnfst.References() { - var err error - - switch descriptor.MediaType { - case schema2.MediaTypeForeignLayer: - // Clients download this layer from an external URL, so do not check for - // its presense. - if len(descriptor.URLs) == 0 { - err = errMissingURL - } - allow := ms.manifestURLs.allow - deny := ms.manifestURLs.deny - for _, u := range descriptor.URLs { - var pu *url.URL - pu, err = url.Parse(u) - if err != nil || (pu.Scheme != "http" && pu.Scheme != "https") || pu.Fragment != "" || (allow != nil && !allow.MatchString(u)) || (deny != nil && deny.MatchString(u)) { - err = errInvalidURL - break - } - } - case schema2.MediaTypeManifest, schema1.MediaTypeManifest: - var exists bool - exists, err = manifestService.Exists(ctx, descriptor.Digest) - if err != nil || !exists { - err = distribution.ErrBlobUnknown // just coerce to unknown. - } - - fallthrough // double check the blob store. - default: - // forward all else to blob storage - if len(descriptor.URLs) == 0 { - _, err = blobsService.Stat(ctx, descriptor.Digest) - } - } - - if err != nil { - if err != distribution.ErrBlobUnknown { - errs = append(errs, err) - } - - // On error here, we always append unknown blob errors. - errs = append(errs, distribution.ErrManifestBlobUnknown{Digest: descriptor.Digest}) - } - } - - if len(errs) != 0 { - return errs - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler_test.go b/vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler_test.go deleted file mode 100644 index 5051fa3d..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/schema2manifesthandler_test.go +++ /dev/null @@ -1,136 +0,0 @@ -package storage - -import ( - "regexp" - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/schema2" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -func TestVerifyManifestForeignLayer(t *testing.T) { - ctx := context.Background() - inmemoryDriver := inmemory.New() - registry := createRegistry(t, inmemoryDriver, - ManifestURLsAllowRegexp(regexp.MustCompile("^https?://foo")), - ManifestURLsDenyRegexp(regexp.MustCompile("^https?://foo/nope"))) - repo := makeRepository(t, registry, "test") - manifestService := makeManifestService(t, repo) - - config, err := repo.Blobs(ctx).Put(ctx, schema2.MediaTypeConfig, nil) - if err != nil { - t.Fatal(err) - } - - layer, err := repo.Blobs(ctx).Put(ctx, schema2.MediaTypeLayer, nil) - if err != nil { - t.Fatal(err) - } - - foreignLayer := distribution.Descriptor{ - Digest: "sha256:463435349086340864309863409683460843608348608934092322395278926a", - Size: 6323, - MediaType: schema2.MediaTypeForeignLayer, - } - - template := schema2.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 2, - MediaType: schema2.MediaTypeManifest, - }, - Config: config, - } - - type testcase struct { - BaseLayer distribution.Descriptor - URLs []string - Err error - } - - cases := []testcase{ - { - foreignLayer, - nil, - errMissingURL, - }, - { - // regular layers may have foreign urls - layer, - []string{"http://foo/bar"}, - nil, - }, - { - foreignLayer, - []string{"file:///local/file"}, - errInvalidURL, - }, - { - foreignLayer, - []string{"http://foo/bar#baz"}, - errInvalidURL, - }, - { - foreignLayer, - []string{""}, - errInvalidURL, - }, - { - foreignLayer, - []string{"https://foo/bar", ""}, - errInvalidURL, - }, - { - foreignLayer, - []string{"", "https://foo/bar"}, - errInvalidURL, - }, - { - foreignLayer, - []string{"http://nope/bar"}, - errInvalidURL, - }, - { - foreignLayer, - []string{"http://foo/nope"}, - errInvalidURL, - }, - { - foreignLayer, - []string{"http://foo/bar"}, - nil, - }, - { - foreignLayer, - []string{"https://foo/bar"}, - nil, - }, - } - - for _, c := range cases { - m := template - l := c.BaseLayer - l.URLs = c.URLs - m.Layers = []distribution.Descriptor{l} - dm, err := schema2.FromStruct(m) - if err != nil { - t.Error(err) - continue - } - - _, err = manifestService.Put(ctx, dm) - if verr, ok := err.(distribution.ErrManifestVerification); ok { - // Extract the first error - if len(verr) == 2 { - if _, ok = verr[1].(distribution.ErrManifestBlobUnknown); ok { - err = verr[0] - } - } - } - if err != c.Err { - t.Errorf("%#v: expected %v, got %v", l, c.Err, err) - } - } -} diff --git a/vendor/github.com/docker/distribution/registry/storage/signedmanifesthandler.go b/vendor/github.com/docker/distribution/registry/storage/signedmanifesthandler.go deleted file mode 100644 index 30d33082..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/signedmanifesthandler.go +++ /dev/null @@ -1,141 +0,0 @@ -package storage - -import ( - "encoding/json" - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/reference" - "github.com/docker/libtrust" -) - -// signedManifestHandler is a ManifestHandler that covers schema1 manifests. It -// can unmarshal and put schema1 manifests that have been signed by libtrust. -type signedManifestHandler struct { - repository distribution.Repository - schema1SigningKey libtrust.PrivateKey - blobStore distribution.BlobStore - ctx context.Context -} - -var _ ManifestHandler = &signedManifestHandler{} - -func (ms *signedManifestHandler) Unmarshal(ctx context.Context, dgst digest.Digest, content []byte) (distribution.Manifest, error) { - context.GetLogger(ms.ctx).Debug("(*signedManifestHandler).Unmarshal") - - var ( - signatures [][]byte - err error - ) - - jsig, err := libtrust.NewJSONSignature(content, signatures...) - if err != nil { - return nil, err - } - - if ms.schema1SigningKey != nil { - if err := jsig.Sign(ms.schema1SigningKey); err != nil { - return nil, err - } - } - - // Extract the pretty JWS - raw, err := jsig.PrettySignature("signatures") - if err != nil { - return nil, err - } - - var sm schema1.SignedManifest - if err := json.Unmarshal(raw, &sm); err != nil { - return nil, err - } - return &sm, nil -} - -func (ms *signedManifestHandler) Put(ctx context.Context, manifest distribution.Manifest, skipDependencyVerification bool) (digest.Digest, error) { - context.GetLogger(ms.ctx).Debug("(*signedManifestHandler).Put") - - sm, ok := manifest.(*schema1.SignedManifest) - if !ok { - return "", fmt.Errorf("non-schema1 manifest put to signedManifestHandler: %T", manifest) - } - - if err := ms.verifyManifest(ms.ctx, *sm, skipDependencyVerification); err != nil { - return "", err - } - - mt := schema1.MediaTypeManifest - payload := sm.Canonical - - revision, err := ms.blobStore.Put(ctx, mt, payload) - if err != nil { - context.GetLogger(ctx).Errorf("error putting payload into blobstore: %v", err) - return "", err - } - - return revision.Digest, nil -} - -// verifyManifest ensures that the manifest content is valid from the -// perspective of the registry. It ensures that the signature is valid for the -// enclosed payload. As a policy, the registry only tries to store valid -// content, leaving trust policies of that content up to consumers. -func (ms *signedManifestHandler) verifyManifest(ctx context.Context, mnfst schema1.SignedManifest, skipDependencyVerification bool) error { - var errs distribution.ErrManifestVerification - - if len(mnfst.Name) > reference.NameTotalLengthMax { - errs = append(errs, - distribution.ErrManifestNameInvalid{ - Name: mnfst.Name, - Reason: fmt.Errorf("manifest name must not be more than %v characters", reference.NameTotalLengthMax), - }) - } - - if !reference.NameRegexp.MatchString(mnfst.Name) { - errs = append(errs, - distribution.ErrManifestNameInvalid{ - Name: mnfst.Name, - Reason: fmt.Errorf("invalid manifest name format"), - }) - } - - if len(mnfst.History) != len(mnfst.FSLayers) { - errs = append(errs, fmt.Errorf("mismatched history and fslayer cardinality %d != %d", - len(mnfst.History), len(mnfst.FSLayers))) - } - - if _, err := schema1.Verify(&mnfst); err != nil { - switch err { - case libtrust.ErrMissingSignatureKey, libtrust.ErrInvalidJSONContent, libtrust.ErrMissingSignatureKey: - errs = append(errs, distribution.ErrManifestUnverified{}) - default: - if err.Error() == "invalid signature" { // TODO(stevvooe): This should be exported by libtrust - errs = append(errs, distribution.ErrManifestUnverified{}) - } else { - errs = append(errs, err) - } - } - } - - if !skipDependencyVerification { - for _, fsLayer := range mnfst.References() { - _, err := ms.repository.Blobs(ctx).Stat(ctx, fsLayer.Digest) - if err != nil { - if err != distribution.ErrBlobUnknown { - errs = append(errs, err) - } - - // On error here, we always append unknown blob errors. - errs = append(errs, distribution.ErrManifestBlobUnknown{Digest: fsLayer.Digest}) - } - } - } - if len(errs) != 0 { - return errs - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/tagstore.go b/vendor/github.com/docker/distribution/registry/storage/tagstore.go deleted file mode 100644 index 4386ffca..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/tagstore.go +++ /dev/null @@ -1,191 +0,0 @@ -package storage - -import ( - "path" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - storagedriver "github.com/docker/distribution/registry/storage/driver" -) - -var _ distribution.TagService = &tagStore{} - -// tagStore provides methods to manage manifest tags in a backend storage driver. -// This implementation uses the same on-disk layout as the (now deleted) tag -// store. This provides backward compatibility with current registry deployments -// which only makes use of the Digest field of the returned distribution.Descriptor -// but does not enable full roundtripping of Descriptor objects -type tagStore struct { - repository *repository - blobStore *blobStore -} - -// All returns all tags -func (ts *tagStore) All(ctx context.Context) ([]string, error) { - var tags []string - - pathSpec, err := pathFor(manifestTagPathSpec{ - name: ts.repository.Named().Name(), - }) - if err != nil { - return tags, err - } - - entries, err := ts.blobStore.driver.List(ctx, pathSpec) - if err != nil { - switch err := err.(type) { - case storagedriver.PathNotFoundError: - return tags, distribution.ErrRepositoryUnknown{Name: ts.repository.Named().Name()} - default: - return tags, err - } - } - - for _, entry := range entries { - _, filename := path.Split(entry) - tags = append(tags, filename) - } - - return tags, nil -} - -// exists returns true if the specified manifest tag exists in the repository. -func (ts *tagStore) exists(ctx context.Context, tag string) (bool, error) { - tagPath, err := pathFor(manifestTagCurrentPathSpec{ - name: ts.repository.Named().Name(), - tag: tag, - }) - - if err != nil { - return false, err - } - - exists, err := exists(ctx, ts.blobStore.driver, tagPath) - if err != nil { - return false, err - } - - return exists, nil -} - -// Tag tags the digest with the given tag, updating the the store to point at -// the current tag. The digest must point to a manifest. -func (ts *tagStore) Tag(ctx context.Context, tag string, desc distribution.Descriptor) error { - currentPath, err := pathFor(manifestTagCurrentPathSpec{ - name: ts.repository.Named().Name(), - tag: tag, - }) - - if err != nil { - return err - } - - lbs := ts.linkedBlobStore(ctx, tag) - - // Link into the index - if err := lbs.linkBlob(ctx, desc); err != nil { - return err - } - - // Overwrite the current link - return ts.blobStore.link(ctx, currentPath, desc.Digest) -} - -// resolve the current revision for name and tag. -func (ts *tagStore) Get(ctx context.Context, tag string) (distribution.Descriptor, error) { - currentPath, err := pathFor(manifestTagCurrentPathSpec{ - name: ts.repository.Named().Name(), - tag: tag, - }) - - if err != nil { - return distribution.Descriptor{}, err - } - - revision, err := ts.blobStore.readlink(ctx, currentPath) - if err != nil { - switch err.(type) { - case storagedriver.PathNotFoundError: - return distribution.Descriptor{}, distribution.ErrTagUnknown{Tag: tag} - } - - return distribution.Descriptor{}, err - } - - return distribution.Descriptor{Digest: revision}, nil -} - -// Untag removes the tag association -func (ts *tagStore) Untag(ctx context.Context, tag string) error { - tagPath, err := pathFor(manifestTagPathSpec{ - name: ts.repository.Named().Name(), - tag: tag, - }) - - switch err.(type) { - case storagedriver.PathNotFoundError: - return distribution.ErrTagUnknown{Tag: tag} - case nil: - break - default: - return err - } - - return ts.blobStore.driver.Delete(ctx, tagPath) -} - -// linkedBlobStore returns the linkedBlobStore for the named tag, allowing one -// to index manifest blobs by tag name. While the tag store doesn't map -// precisely to the linked blob store, using this ensures the links are -// managed via the same code path. -func (ts *tagStore) linkedBlobStore(ctx context.Context, tag string) *linkedBlobStore { - return &linkedBlobStore{ - blobStore: ts.blobStore, - repository: ts.repository, - ctx: ctx, - linkPathFns: []linkPathFunc{func(name string, dgst digest.Digest) (string, error) { - return pathFor(manifestTagIndexEntryLinkPathSpec{ - name: name, - tag: tag, - revision: dgst, - }) - - }}, - } -} - -// Lookup recovers a list of tags which refer to this digest. When a manifest is deleted by -// digest, tag entries which point to it need to be recovered to avoid dangling tags. -func (ts *tagStore) Lookup(ctx context.Context, desc distribution.Descriptor) ([]string, error) { - allTags, err := ts.All(ctx) - switch err.(type) { - case distribution.ErrRepositoryUnknown: - // This tag store has been initialized but not yet populated - break - case nil: - break - default: - return nil, err - } - - var tags []string - for _, tag := range allTags { - tagLinkPathSpec := manifestTagCurrentPathSpec{ - name: ts.repository.Named().Name(), - tag: tag, - } - - tagLinkPath, err := pathFor(tagLinkPathSpec) - tagDigest, err := ts.blobStore.readlink(ctx, tagLinkPath) - if err != nil { - return nil, err - } - - if tagDigest == desc.Digest { - tags = append(tags, tag) - } - } - - return tags, nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/tagstore_test.go b/vendor/github.com/docker/distribution/registry/storage/tagstore_test.go deleted file mode 100644 index 554a46bf..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/tagstore_test.go +++ /dev/null @@ -1,209 +0,0 @@ -package storage - -import ( - "testing" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/reference" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -type tagsTestEnv struct { - ts distribution.TagService - ctx context.Context -} - -func testTagStore(t *testing.T) *tagsTestEnv { - ctx := context.Background() - d := inmemory.New() - reg, err := NewRegistry(ctx, d) - if err != nil { - t.Fatal(err) - } - - repoRef, _ := reference.ParseNamed("a/b") - repo, err := reg.Repository(ctx, repoRef) - if err != nil { - t.Fatal(err) - } - - return &tagsTestEnv{ - ctx: ctx, - ts: repo.Tags(ctx), - } -} - -func TestTagStoreTag(t *testing.T) { - env := testTagStore(t) - tags := env.ts - ctx := env.ctx - - d := distribution.Descriptor{} - err := tags.Tag(ctx, "latest", d) - if err == nil { - t.Errorf("unexpected error putting malformed descriptor : %s", err) - } - - d.Digest = "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" - err = tags.Tag(ctx, "latest", d) - if err != nil { - t.Error(err) - } - - d1, err := tags.Get(ctx, "latest") - if err != nil { - t.Error(err) - } - - if d1.Digest != d.Digest { - t.Error("put and get digest differ") - } - - // Overwrite existing - d.Digest = "sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb" - err = tags.Tag(ctx, "latest", d) - if err != nil { - t.Error(err) - } - - d1, err = tags.Get(ctx, "latest") - if err != nil { - t.Error(err) - } - - if d1.Digest != d.Digest { - t.Error("put and get digest differ") - } -} - -func TestTagStoreUnTag(t *testing.T) { - env := testTagStore(t) - tags := env.ts - ctx := env.ctx - desc := distribution.Descriptor{Digest: "sha256:bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb"} - - err := tags.Untag(ctx, "latest") - if err == nil { - t.Errorf("Expected error untagging non-existant tag") - } - - err = tags.Tag(ctx, "latest", desc) - if err != nil { - t.Error(err) - } - - err = tags.Untag(ctx, "latest") - if err != nil { - t.Error(err) - } - - errExpect := distribution.ErrTagUnknown{Tag: "latest"}.Error() - _, err = tags.Get(ctx, "latest") - if err == nil || err.Error() != errExpect { - t.Error("Expected error getting untagged tag") - } -} - -func TestTagStoreAll(t *testing.T) { - env := testTagStore(t) - tagStore := env.ts - ctx := env.ctx - - alpha := "abcdefghijklmnopqrstuvwxyz" - for i := 0; i < len(alpha); i++ { - tag := alpha[i] - desc := distribution.Descriptor{Digest: "sha256:eeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeeee"} - err := tagStore.Tag(ctx, string(tag), desc) - if err != nil { - t.Error(err) - } - } - - all, err := tagStore.All(ctx) - if err != nil { - t.Error(err) - } - if len(all) != len(alpha) { - t.Errorf("Unexpected count returned from enumerate") - } - - for i, c := range all { - if c != string(alpha[i]) { - t.Errorf("unexpected tag in enumerate %s", c) - } - } - - removed := "a" - err = tagStore.Untag(ctx, removed) - if err != nil { - t.Error(err) - } - - all, err = tagStore.All(ctx) - if err != nil { - t.Error(err) - } - for _, tag := range all { - if tag == removed { - t.Errorf("unexpected tag in enumerate %s", removed) - } - } - -} - -func TestTagLookup(t *testing.T) { - env := testTagStore(t) - tagStore := env.ts - ctx := env.ctx - - descA := distribution.Descriptor{Digest: "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"} - desc0 := distribution.Descriptor{Digest: "sha256:0000000000000000000000000000000000000000000000000000000000000000"} - - tags, err := tagStore.Lookup(ctx, descA) - if err != nil { - t.Fatal(err) - } - if len(tags) != 0 { - t.Fatalf("Lookup returned > 0 tags from empty store") - } - - err = tagStore.Tag(ctx, "a", descA) - if err != nil { - t.Fatal(err) - } - - err = tagStore.Tag(ctx, "b", descA) - if err != nil { - t.Fatal(err) - } - - err = tagStore.Tag(ctx, "0", desc0) - if err != nil { - t.Fatal(err) - } - - err = tagStore.Tag(ctx, "1", desc0) - if err != nil { - t.Fatal(err) - } - - tags, err = tagStore.Lookup(ctx, descA) - if err != nil { - t.Fatal(err) - } - - if len(tags) != 2 { - t.Errorf("Lookup of descA returned %d tags, expected 2", len(tags)) - } - - tags, err = tagStore.Lookup(ctx, desc0) - if err != nil { - t.Fatal(err) - } - - if len(tags) != 2 { - t.Errorf("Lookup of descB returned %d tags, expected 2", len(tags)) - } - -} diff --git a/vendor/github.com/docker/distribution/registry/storage/util.go b/vendor/github.com/docker/distribution/registry/storage/util.go deleted file mode 100644 index 773d7ba0..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/util.go +++ /dev/null @@ -1,21 +0,0 @@ -package storage - -import ( - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/storage/driver" -) - -// Exists provides a utility method to test whether or not a path exists in -// the given driver. -func exists(ctx context.Context, drv driver.StorageDriver, path string) (bool, error) { - if _, err := drv.Stat(ctx, path); err != nil { - switch err := err.(type) { - case driver.PathNotFoundError: - return false, nil - default: - return false, err - } - } - - return true, nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/vacuum.go b/vendor/github.com/docker/distribution/registry/storage/vacuum.go deleted file mode 100644 index 3bdfebf2..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/vacuum.go +++ /dev/null @@ -1,67 +0,0 @@ -package storage - -import ( - "path" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/registry/storage/driver" -) - -// vacuum contains functions for cleaning up repositories and blobs -// These functions will only reliably work on strongly consistent -// storage systems. -// https://en.wikipedia.org/wiki/Consistency_model - -// NewVacuum creates a new Vacuum -func NewVacuum(ctx context.Context, driver driver.StorageDriver) Vacuum { - return Vacuum{ - ctx: ctx, - driver: driver, - } -} - -// Vacuum removes content from the filesystem -type Vacuum struct { - driver driver.StorageDriver - ctx context.Context -} - -// RemoveBlob removes a blob from the filesystem -func (v Vacuum) RemoveBlob(dgst string) error { - d, err := digest.ParseDigest(dgst) - if err != nil { - return err - } - - blobPath, err := pathFor(blobPathSpec{digest: d}) - if err != nil { - return err - } - - context.GetLogger(v.ctx).Infof("Deleting blob: %s", blobPath) - - err = v.driver.Delete(v.ctx, blobPath) - if err != nil { - return err - } - - return nil -} - -// RemoveRepository removes a repository directory from the -// filesystem -func (v Vacuum) RemoveRepository(repoName string) error { - rootForRepository, err := pathFor(repositoriesRootPathSpec{}) - if err != nil { - return err - } - repoDir := path.Join(rootForRepository, repoName) - context.GetLogger(v.ctx).Infof("Deleting repo: %s", repoDir) - err = v.driver.Delete(v.ctx, repoDir) - if err != nil { - return err - } - - return nil -} diff --git a/vendor/github.com/docker/distribution/registry/storage/walk.go b/vendor/github.com/docker/distribution/registry/storage/walk.go deleted file mode 100644 index d979796e..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/walk.go +++ /dev/null @@ -1,59 +0,0 @@ -package storage - -import ( - "errors" - "fmt" - "sort" - - "github.com/docker/distribution/context" - storageDriver "github.com/docker/distribution/registry/storage/driver" -) - -// ErrSkipDir is used as a return value from onFileFunc to indicate that -// the directory named in the call is to be skipped. It is not returned -// as an error by any function. -var ErrSkipDir = errors.New("skip this directory") - -// WalkFn is called once per file by Walk -// If the returned error is ErrSkipDir and fileInfo refers -// to a directory, the directory will not be entered and Walk -// will continue the traversal. Otherwise Walk will return -type WalkFn func(fileInfo storageDriver.FileInfo) error - -// Walk traverses a filesystem defined within driver, starting -// from the given path, calling f on each file -func Walk(ctx context.Context, driver storageDriver.StorageDriver, from string, f WalkFn) error { - children, err := driver.List(ctx, from) - if err != nil { - return err - } - sort.Stable(sort.StringSlice(children)) - for _, child := range children { - // TODO(stevvooe): Calling driver.Stat for every entry is quite - // expensive when running against backends with a slow Stat - // implementation, such as s3. This is very likely a serious - // performance bottleneck. - fileInfo, err := driver.Stat(ctx, child) - if err != nil { - return err - } - err = f(fileInfo) - skipDir := (err == ErrSkipDir) - if err != nil && !skipDir { - return err - } - - if fileInfo.IsDir() && !skipDir { - if err := Walk(ctx, driver, child, f); err != nil { - return err - } - } - } - return nil -} - -// pushError formats an error type given a path and an error -// and pushes it to a slice of errors -func pushError(errors []error, path string, err error) []error { - return append(errors, fmt.Errorf("%s: %s", path, err)) -} diff --git a/vendor/github.com/docker/distribution/registry/storage/walk_test.go b/vendor/github.com/docker/distribution/registry/storage/walk_test.go deleted file mode 100644 index 3d7a4b1b..00000000 --- a/vendor/github.com/docker/distribution/registry/storage/walk_test.go +++ /dev/null @@ -1,152 +0,0 @@ -package storage - -import ( - "fmt" - "sort" - "testing" - - "github.com/docker/distribution/context" - "github.com/docker/distribution/registry/storage/driver" - "github.com/docker/distribution/registry/storage/driver/inmemory" -) - -func testFS(t *testing.T) (driver.StorageDriver, map[string]string, context.Context) { - d := inmemory.New() - ctx := context.Background() - - expected := map[string]string{ - "/a": "dir", - "/a/b": "dir", - "/a/b/c": "dir", - "/a/b/c/d": "file", - "/a/b/c/e": "file", - "/a/b/f": "dir", - "/a/b/f/g": "file", - "/a/b/f/h": "file", - "/a/b/f/i": "file", - "/z": "dir", - "/z/y": "file", - } - - for p, typ := range expected { - if typ != "file" { - continue - } - - if err := d.PutContent(ctx, p, []byte(p)); err != nil { - t.Fatalf("unable to put content into fixture: %v", err) - } - } - - return d, expected, ctx -} - -func TestWalkErrors(t *testing.T) { - d, expected, ctx := testFS(t) - fileCount := len(expected) - err := Walk(ctx, d, "", func(fileInfo driver.FileInfo) error { - return nil - }) - if err == nil { - t.Error("Expected invalid root err") - } - - errEarlyExpected := fmt.Errorf("Early termination") - - err = Walk(ctx, d, "/", func(fileInfo driver.FileInfo) error { - // error on the 2nd file - if fileInfo.Path() == "/a/b" { - return errEarlyExpected - } - - delete(expected, fileInfo.Path()) - return nil - }) - if len(expected) != fileCount-1 { - t.Error("Walk failed to terminate with error") - } - if err != errEarlyExpected { - if err == nil { - t.Fatalf("expected an error due to early termination") - } else { - t.Error(err.Error()) - } - } - - err = Walk(ctx, d, "/nonexistent", func(fileInfo driver.FileInfo) error { - return nil - }) - if err == nil { - t.Errorf("Expected missing file err") - } - -} - -func TestWalk(t *testing.T) { - d, expected, ctx := testFS(t) - var traversed []string - err := Walk(ctx, d, "/", func(fileInfo driver.FileInfo) error { - filePath := fileInfo.Path() - filetype, ok := expected[filePath] - if !ok { - t.Fatalf("Unexpected file in walk: %q", filePath) - } - - if fileInfo.IsDir() { - if filetype != "dir" { - t.Errorf("Unexpected file type: %q", filePath) - } - } else { - if filetype != "file" { - t.Errorf("Unexpected file type: %q", filePath) - } - - // each file has its own path as the contents. If the length - // doesn't match the path length, fail. - if fileInfo.Size() != int64(len(fileInfo.Path())) { - t.Fatalf("unexpected size for %q: %v != %v", - fileInfo.Path(), fileInfo.Size(), len(fileInfo.Path())) - } - } - delete(expected, filePath) - traversed = append(traversed, filePath) - return nil - }) - if len(expected) > 0 { - t.Errorf("Missed files in walk: %q", expected) - } - - if !sort.StringsAreSorted(traversed) { - t.Errorf("result should be sorted: %v", traversed) - } - - if err != nil { - t.Fatalf(err.Error()) - } -} - -func TestWalkSkipDir(t *testing.T) { - d, expected, ctx := testFS(t) - err := Walk(ctx, d, "/", func(fileInfo driver.FileInfo) error { - filePath := fileInfo.Path() - if filePath == "/a/b" { - // skip processing /a/b/c and /a/b/c/d - return ErrSkipDir - } - delete(expected, filePath) - return nil - }) - if err != nil { - t.Fatalf(err.Error()) - } - if _, ok := expected["/a/b/c"]; !ok { - t.Errorf("/a/b/c not skipped") - } - if _, ok := expected["/a/b/c/d"]; !ok { - t.Errorf("/a/b/c/d not skipped") - } - if _, ok := expected["/a/b/c/e"]; !ok { - t.Errorf("/a/b/c/e not skipped") - } - -} diff --git a/vendor/github.com/docker/distribution/tags.go b/vendor/github.com/docker/distribution/tags.go deleted file mode 100644 index 50305659..00000000 --- a/vendor/github.com/docker/distribution/tags.go +++ /dev/null @@ -1,27 +0,0 @@ -package distribution - -import ( - "github.com/docker/distribution/context" -) - -// TagService provides access to information about tagged objects. -type TagService interface { - // Get retrieves the descriptor identified by the tag. Some - // implementations may differentiate between "trusted" tags and - // "untrusted" tags. If a tag is "untrusted", the mapping will be returned - // as an ErrTagUntrusted error, with the target descriptor. - Get(ctx context.Context, tag string) (Descriptor, error) - - // Tag associates the tag with the provided descriptor, updating the - // current association, if needed. - Tag(ctx context.Context, tag string, desc Descriptor) error - - // Untag removes the given tag association - Untag(ctx context.Context, tag string) error - - // All returns the set of tags managed by this tag service - All(ctx context.Context) ([]string, error) - - // Lookup returns the set of tags referencing the given digest. - Lookup(ctx context.Context, digest Descriptor) ([]string, error) -} diff --git a/vendor/github.com/docker/distribution/testutil/handler.go b/vendor/github.com/docker/distribution/testutil/handler.go deleted file mode 100644 index 00cd8a6a..00000000 --- a/vendor/github.com/docker/distribution/testutil/handler.go +++ /dev/null @@ -1,148 +0,0 @@ -package testutil - -import ( - "bytes" - "fmt" - "io" - "io/ioutil" - "net/http" - "net/url" - "sort" - "strings" -) - -// RequestResponseMap is an ordered mapping from Requests to Responses -type RequestResponseMap []RequestResponseMapping - -// RequestResponseMapping defines a Response to be sent in response to a given -// Request -type RequestResponseMapping struct { - Request Request - Response Response -} - -// Request is a simplified http.Request object -type Request struct { - // Method is the http method of the request, for example GET - Method string - - // Route is the http route of this request - Route string - - // QueryParams are the query parameters of this request - QueryParams map[string][]string - - // Body is the byte contents of the http request - Body []byte - - // Headers are the header for this request - Headers http.Header -} - -func (r Request) String() string { - queryString := "" - if len(r.QueryParams) > 0 { - keys := make([]string, 0, len(r.QueryParams)) - queryParts := make([]string, 0, len(r.QueryParams)) - for k := range r.QueryParams { - keys = append(keys, k) - } - sort.Strings(keys) - for _, k := range keys { - for _, val := range r.QueryParams[k] { - queryParts = append(queryParts, fmt.Sprintf("%s=%s", k, url.QueryEscape(val))) - } - } - queryString = "?" + strings.Join(queryParts, "&") - } - var headers []string - if len(r.Headers) > 0 { - var headerKeys []string - for k := range r.Headers { - headerKeys = append(headerKeys, k) - } - sort.Strings(headerKeys) - - for _, k := range headerKeys { - for _, val := range r.Headers[k] { - headers = append(headers, fmt.Sprintf("%s:%s", k, val)) - } - } - - } - return fmt.Sprintf("%s %s%s\n%s\n%s", r.Method, r.Route, queryString, headers, r.Body) -} - -// Response is a simplified http.Response object -type Response struct { - // Statuscode is the http status code of the Response - StatusCode int - - // Headers are the http headers of this Response - Headers http.Header - - // Body is the response body - Body []byte -} - -// testHandler is an http.Handler with a defined mapping from Request to an -// ordered list of Response objects -type testHandler struct { - responseMap map[string][]Response -} - -// NewHandler returns a new test handler that responds to defined requests -// with specified responses -// Each time a Request is received, the next Response is returned in the -// mapping, until no Responses are defined, at which point a 404 is sent back -func NewHandler(requestResponseMap RequestResponseMap) http.Handler { - responseMap := make(map[string][]Response) - for _, mapping := range requestResponseMap { - responses, ok := responseMap[mapping.Request.String()] - if ok { - responseMap[mapping.Request.String()] = append(responses, mapping.Response) - } else { - responseMap[mapping.Request.String()] = []Response{mapping.Response} - } - } - return &testHandler{responseMap: responseMap} -} - -func (app *testHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { - defer r.Body.Close() - - requestBody, _ := ioutil.ReadAll(r.Body) - request := Request{ - Method: r.Method, - Route: r.URL.Path, - QueryParams: r.URL.Query(), - Body: requestBody, - Headers: make(map[string][]string), - } - - // Add headers of interest here - for k, v := range r.Header { - if k == "If-None-Match" { - request.Headers[k] = v - } - } - - responses, ok := app.responseMap[request.String()] - - if !ok || len(responses) == 0 { - http.NotFound(w, r) - return - } - - response := responses[0] - app.responseMap[request.String()] = responses[1:] - - responseHeader := w.Header() - for k, v := range response.Headers { - responseHeader[k] = v - } - - w.WriteHeader(response.StatusCode) - - io.Copy(w, bytes.NewReader(response.Body)) -} diff --git a/vendor/github.com/docker/distribution/testutil/manifests.go b/vendor/github.com/docker/distribution/testutil/manifests.go deleted file mode 100644 index c4f9fef5..00000000 --- a/vendor/github.com/docker/distribution/testutil/manifests.go +++ /dev/null @@ -1,87 +0,0 @@ -package testutil - -import ( - "fmt" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" - "github.com/docker/distribution/manifest" - "github.com/docker/distribution/manifest/manifestlist" - "github.com/docker/distribution/manifest/schema1" - "github.com/docker/distribution/manifest/schema2" - "github.com/docker/libtrust" -) - -// MakeManifestList constructs a manifest list out of a list of manifest digests -func MakeManifestList(blobstatter distribution.BlobStatter, manifestDigests []digest.Digest) (*manifestlist.DeserializedManifestList, error) { - ctx := context.Background() - - var manifestDescriptors []manifestlist.ManifestDescriptor - for _, manifestDigest := range manifestDigests { - descriptor, err := blobstatter.Stat(ctx, manifestDigest) - if err != nil { - return nil, err - } - platformSpec := manifestlist.PlatformSpec{ - Architecture: "atari2600", - OS: "CP/M", - Variant: "ternary", - Features: []string{"VLIW", "superscalaroutoforderdevnull"}, - } - manifestDescriptor := manifestlist.ManifestDescriptor{ - Descriptor: descriptor, - Platform: platformSpec, - } - manifestDescriptors = append(manifestDescriptors, manifestDescriptor) - } - - return manifestlist.FromDescriptors(manifestDescriptors) -} - -// MakeSchema1Manifest constructs a schema 1 manifest from a given list of digests and returns -// the digest of the manifest -func MakeSchema1Manifest(digests []digest.Digest) (distribution.Manifest, error) { - manifest := schema1.Manifest{ - Versioned: manifest.Versioned{ - SchemaVersion: 1, - }, - Name: "who", - Tag: "cares", - } - - for _, digest := range digests { - manifest.FSLayers = append(manifest.FSLayers, schema1.FSLayer{BlobSum: digest}) - manifest.History = append(manifest.History, schema1.History{V1Compatibility: ""}) - } - - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - return nil, fmt.Errorf("unexpected error generating private key: %v", err) - } - - signedManifest, err := schema1.Sign(&manifest, pk) - if err != nil { - return nil, fmt.Errorf("error signing manifest: %v", err) - } - - return signedManifest, nil -} - -// MakeSchema2Manifest constructs a schema 2 manifest from a given list of digests and returns -// the digest of the manifest -func MakeSchema2Manifest(repository distribution.Repository, digests []digest.Digest) (distribution.Manifest, error) { - ctx := context.Background() - blobStore := repository.Blobs(ctx) - builder := schema2.NewManifestBuilder(blobStore, []byte{}) - for _, digest := range digests { - builder.AppendReference(distribution.Descriptor{Digest: digest}) - } - - manifest, err := builder.Build(ctx) - if err != nil { - return nil, fmt.Errorf("unexpected error generating manifest: %v", err) - } - - return manifest, nil -} diff --git a/vendor/github.com/docker/distribution/testutil/tarfile.go b/vendor/github.com/docker/distribution/testutil/tarfile.go deleted file mode 100644 index a8ba0155..00000000 --- a/vendor/github.com/docker/distribution/testutil/tarfile.go +++ /dev/null @@ -1,115 +0,0 @@ -package testutil - -import ( - "archive/tar" - "bytes" - "fmt" - "io" - mrand "math/rand" - "time" - - "github.com/docker/distribution" - "github.com/docker/distribution/context" - "github.com/docker/distribution/digest" -) - -// CreateRandomTarFile creates a random tarfile, returning it as an -// io.ReadSeeker along with its digest. An error is returned if there is a -// problem generating valid content. -func CreateRandomTarFile() (rs io.ReadSeeker, dgst digest.Digest, err error) { - nFiles := mrand.Intn(10) + 10 - target := &bytes.Buffer{} - wr := tar.NewWriter(target) - - // Perturb this on each iteration of the loop below. - header := &tar.Header{ - Mode: 0644, - ModTime: time.Now(), - Typeflag: tar.TypeReg, - Uname: "randocalrissian", - Gname: "cloudcity", - AccessTime: time.Now(), - ChangeTime: time.Now(), - } - - for fileNumber := 0; fileNumber < nFiles; fileNumber++ { - fileSize := mrand.Int63n(1<<20) + 1<<20 - - header.Name = fmt.Sprint(fileNumber) - header.Size = fileSize - - if err := wr.WriteHeader(header); err != nil { - return nil, "", err - } - - randomData := make([]byte, fileSize) - - // Fill up the buffer with some random data. - n, err := mrand.Read(randomData) - - if n != len(randomData) { - return nil, "", fmt.Errorf("short read creating random reader: %v bytes != %v bytes", n, len(randomData)) - } - - if err != nil { - return nil, "", err - } - - nn, err := io.Copy(wr, bytes.NewReader(randomData)) - if nn != fileSize { - return nil, "", fmt.Errorf("short copy writing random file to tar") - } - - if err != nil { - return nil, "", err - } - - if err := wr.Flush(); err != nil { - return nil, "", err - } - } - - if err := wr.Close(); err != nil { - return nil, "", err - } - - dgst = digest.FromBytes(target.Bytes()) - - return bytes.NewReader(target.Bytes()), dgst, nil -} - -// CreateRandomLayers returns a map of n digests. We don't particularly care -// about the order of said digests (since they're all random anyway). -func CreateRandomLayers(n int) (map[digest.Digest]io.ReadSeeker, error) { - digestMap := map[digest.Digest]io.ReadSeeker{} - for i := 0; i < n; i++ { - rs, ds, err := CreateRandomTarFile() - if err != nil { - return nil, fmt.Errorf("unexpected error generating test layer file: %v", err) - } - - dgst := digest.Digest(ds) - digestMap[dgst] = rs - } - return digestMap, nil -} - -// UploadBlobs lets you upload blobs to a repository -func UploadBlobs(repository distribution.Repository, layers map[digest.Digest]io.ReadSeeker) error { - ctx := context.Background() - for digest, rs := range layers { - wr, err := repository.Blobs(ctx).Create(ctx) - if err != nil { - return fmt.Errorf("unexpected error creating upload: %v", err) - } - - if _, err := io.Copy(wr, rs); err != nil { - return fmt.Errorf("unexpected error copying to upload: %v", err) - } - - if _, err := wr.Commit(ctx, distribution.Descriptor{Digest: digest}); err != nil { - return fmt.Errorf("unexpected error committinng upload: %v", err) - } - } - return nil -} diff --git a/vendor/github.com/docker/distribution/uuid/uuid.go b/vendor/github.com/docker/distribution/uuid/uuid.go deleted file mode 100644 index d433ccaf..00000000 --- a/vendor/github.com/docker/distribution/uuid/uuid.go +++ /dev/null @@ -1,126 +0,0 @@ -// Package uuid provides simple UUID generation. Only version 4 style UUIDs -// can be generated. -// -// Please see http://tools.ietf.org/html/rfc4122 for details on UUIDs. -package uuid - -import ( - "crypto/rand" - "fmt" - "io" - "os" - "syscall" - "time" -) - -const ( - // Bits is the number of bits in a UUID - Bits = 128 - - // Size is the number of bytes in a UUID - Size = Bits / 8 - - format = "%08x-%04x-%04x-%04x-%012x" -) - -var ( - // ErrUUIDInvalid indicates a parsed string is not a valid uuid. - ErrUUIDInvalid = fmt.Errorf("invalid uuid") - - // Loggerf can be used to override the default logging destination. Such - // log messages in this library should be logged at warning or higher. - Loggerf = func(format string, args ...interface{}) {} -) - -// UUID represents a UUID value. UUIDs can be compared and set to other values -// and accessed by byte. -type UUID [Size]byte - -// Generate creates a new, version 4 uuid. -func Generate() (u UUID) { - const ( - // ensures we backoff for less than 450ms total. Use the following to - // select new value, in units of 10ms: - // n*(n+1)/2 = d -> n^2 + n - 2d -> n = (sqrt(8d + 1) - 1)/2 - maxretries = 9 - backoff = time.Millisecond * 10 - ) - - var ( - totalBackoff time.Duration - count int - retries int - ) - - for { - // This should never block but the read may fail. Because of this, - // we just try to read the random number generator until we get - // something. This is a very rare condition but may happen. - b := time.Duration(retries) * backoff - time.Sleep(b) - totalBackoff += b - - n, err := io.ReadFull(rand.Reader, u[count:]) - if err != nil { - if retryOnError(err) && retries < maxretries { - count += n - retries++ - Loggerf("error generating version 4 uuid, retrying: %v", err) - continue - } - - // Any other errors represent a system problem. What did someone - // do to /dev/urandom? - panic(fmt.Errorf("error reading random number generator, retried for %v: %v", totalBackoff.String(), err)) - } - - break - } - - u[6] = (u[6] & 0x0f) | 0x40 // set version byte - u[8] = (u[8] & 0x3f) | 0x80 // set high order byte 0b10{8,9,a,b} - - return u -} - -// Parse attempts to extract a uuid from the string or returns an error. -func Parse(s string) (u UUID, err error) { - if len(s) != 36 { - return UUID{}, ErrUUIDInvalid - } - - // create stack addresses for each section of the uuid. - p := make([][]byte, 5) - - if _, err := fmt.Sscanf(s, format, &p[0], &p[1], &p[2], &p[3], &p[4]); err != nil { - return u, err - } - - copy(u[0:4], p[0]) - copy(u[4:6], p[1]) - copy(u[6:8], p[2]) - copy(u[8:10], p[3]) - copy(u[10:16], p[4]) - - return -} - -func (u UUID) String() string { - return fmt.Sprintf(format, u[:4], u[4:6], u[6:8], u[8:10], u[10:]) -} - -// retryOnError tries to detect whether or not retrying would be fruitful. -func retryOnError(err error) bool { - switch err := err.(type) { - case *os.PathError: - return retryOnError(err.Err) // unpack the target error - case syscall.Errno: - if err == syscall.EPERM { - // EPERM represents an entropy pool exhaustion, a condition under - // which we backoff and retry. - return true - } - } - - return false -} diff --git a/vendor/github.com/docker/distribution/uuid/uuid_test.go b/vendor/github.com/docker/distribution/uuid/uuid_test.go deleted file mode 100644 index 09c3a7bb..00000000 --- a/vendor/github.com/docker/distribution/uuid/uuid_test.go +++ /dev/null @@ -1,48 +0,0 @@ -package uuid - -import ( - "testing" -) - -const iterations = 1000 - -func TestUUID4Generation(t *testing.T) { - for i := 0; i < iterations; i++ { - u := Generate() - - if u[6]&0xf0 != 0x40 { - t.Fatalf("version byte not correctly set: %v, %08b %08b", u, u[6], u[6]&0xf0) - } - - if u[8]&0xc0 != 0x80 { - t.Fatalf("top order 8th byte not correctly set: %v, %b", u, u[8]) - } - } -} - -func TestParseAndEquality(t *testing.T) { - for i := 0; i < iterations; i++ { - u := Generate() - - parsed, err := Parse(u.String()) - if err != nil { - t.Fatalf("error parsing uuid %v: %v", u, err) - } - - if parsed != u { - t.Fatalf("parsing round trip failed: %v != %v", parsed, u) - } - } - - for _, c := range []string{ - "bad", - "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", // correct length, incorrect format - " 20cc7775-2671-43c7-8742-51d1cfa23258", // leading space - "20cc7775-2671-43c7-8742-51d1cfa23258 ", // trailing space - "00000000-0000-0000-0000-x00000000000", // out of range character - } { - if _, err := Parse(c); err == nil { - t.Fatalf("parsing %q should have failed", c) - } - } -} diff --git a/vendor/github.com/docker/distribution/version/print.go b/vendor/github.com/docker/distribution/version/print.go deleted file mode 100644 index a82bce39..00000000 --- a/vendor/github.com/docker/distribution/version/print.go +++ /dev/null @@ -1,26 +0,0 @@ -package version - -import ( - "fmt" - "io" - "os" -) - -// FprintVersion outputs the version string to the writer, in the following -// format, followed by a newline: -// -// -// -// For example, a binary "registry" built from github.com/docker/distribution -// with version "v2.0" would print the following: -// -// registry github.com/docker/distribution v2.0 -// -func FprintVersion(w io.Writer) { - fmt.Fprintln(w, os.Args[0], Package, Version) -} - -// PrintVersion outputs the version information, from Fprint, to stdout. -func PrintVersion() { - FprintVersion(os.Stdout) -} diff --git a/vendor/github.com/docker/distribution/version/version.go b/vendor/github.com/docker/distribution/version/version.go deleted file mode 100644 index 807bb4a2..00000000 --- a/vendor/github.com/docker/distribution/version/version.go +++ /dev/null @@ -1,11 +0,0 @@ -package version - -// Package is the overall, canonical project import path under which the -// package was built. -var Package = "github.com/docker/distribution" - -// Version indicates which version of the binary is running. This is set to -// the latest release tag by hand, always suffixed by "+unknown". During -// build, it will be replaced by the actual version. The value here will be -// used if the registry is run after a go get based install. -var Version = "v2.6.0+unknown" diff --git a/vendor/github.com/docker/distribution/version/version.sh b/vendor/github.com/docker/distribution/version/version.sh deleted file mode 100755 index 53e29ce9..00000000 --- a/vendor/github.com/docker/distribution/version/version.sh +++ /dev/null @@ -1,22 +0,0 @@ -#!/bin/sh - -# This bash script outputs the current, desired content of version.go, using -# git describe. For best effect, pipe this to the target file. Generally, this -# only needs to updated for releases. The actual value of will be replaced -# during build time if the makefile is used. - -set -e - -cat < -Josh Hawn (github: jlhawn) -Derek McGowan (github: dmcgowan) diff --git a/vendor/github.com/docker/libtrust/README.md b/vendor/github.com/docker/libtrust/README.md deleted file mode 100644 index 8e7db381..00000000 --- a/vendor/github.com/docker/libtrust/README.md +++ /dev/null @@ -1,18 +0,0 @@ -# libtrust - -Libtrust is library for managing authentication and authorization using public key cryptography. - -Authentication is handled using the identity attached to the public key. -Libtrust provides multiple methods to prove possession of the private key associated with an identity. - - TLS x509 certificates - - Signature verification - - Key Challenge - -Authorization and access control is managed through a distributed trust graph. -Trust servers are used as the authorities of the trust graph and allow caching portions of the graph for faster access. - -## Copyright and license - -Code and documentation copyright 2014 Docker, inc. Code released under the Apache 2.0 license. -Docs released under Creative commons. - diff --git a/vendor/github.com/docker/libtrust/certificates.go b/vendor/github.com/docker/libtrust/certificates.go deleted file mode 100644 index 3dcca33c..00000000 --- a/vendor/github.com/docker/libtrust/certificates.go +++ /dev/null @@ -1,175 +0,0 @@ -package libtrust - -import ( - "crypto/rand" - "crypto/x509" - "crypto/x509/pkix" - "encoding/pem" - "fmt" - "io/ioutil" - "math/big" - "net" - "time" -) - -type certTemplateInfo struct { - commonName string - domains []string - ipAddresses []net.IP - isCA bool - clientAuth bool - serverAuth bool -} - -func generateCertTemplate(info *certTemplateInfo) *x509.Certificate { - // Generate a certificate template which is valid from the past week to - // 10 years from now. The usage of the certificate depends on the - // specified fields in the given certTempInfo object. - var ( - keyUsage x509.KeyUsage - extKeyUsage []x509.ExtKeyUsage - ) - - if info.isCA { - keyUsage = x509.KeyUsageCertSign - } - - if info.clientAuth { - extKeyUsage = append(extKeyUsage, x509.ExtKeyUsageClientAuth) - } - - if info.serverAuth { - extKeyUsage = append(extKeyUsage, x509.ExtKeyUsageServerAuth) - } - - return &x509.Certificate{ - SerialNumber: big.NewInt(0), - Subject: pkix.Name{ - CommonName: info.commonName, - }, - NotBefore: time.Now().Add(-time.Hour * 24 * 7), - NotAfter: time.Now().Add(time.Hour * 24 * 365 * 10), - DNSNames: info.domains, - IPAddresses: info.ipAddresses, - IsCA: info.isCA, - KeyUsage: keyUsage, - ExtKeyUsage: extKeyUsage, - BasicConstraintsValid: info.isCA, - } -} - -func generateCert(pub PublicKey, priv PrivateKey, subInfo, issInfo *certTemplateInfo) (cert *x509.Certificate, err error) { - pubCertTemplate := generateCertTemplate(subInfo) - privCertTemplate := generateCertTemplate(issInfo) - - certDER, err := x509.CreateCertificate( - rand.Reader, pubCertTemplate, privCertTemplate, - pub.CryptoPublicKey(), priv.CryptoPrivateKey(), - ) - if err != nil { - return nil, fmt.Errorf("failed to create certificate: %s", err) - } - - cert, err = x509.ParseCertificate(certDER) - if err != nil { - return nil, fmt.Errorf("failed to parse certificate: %s", err) - } - - return -} - -// GenerateSelfSignedServerCert creates a self-signed certificate for the -// given key which is to be used for TLS servers with the given domains and -// IP addresses. -func GenerateSelfSignedServerCert(key PrivateKey, domains []string, ipAddresses []net.IP) (*x509.Certificate, error) { - info := &certTemplateInfo{ - commonName: key.KeyID(), - domains: domains, - ipAddresses: ipAddresses, - serverAuth: true, - } - - return generateCert(key.PublicKey(), key, info, info) -} - -// GenerateSelfSignedClientCert creates a self-signed certificate for the -// given key which is to be used for TLS clients. -func GenerateSelfSignedClientCert(key PrivateKey) (*x509.Certificate, error) { - info := &certTemplateInfo{ - commonName: key.KeyID(), - clientAuth: true, - } - - return generateCert(key.PublicKey(), key, info, info) -} - -// GenerateCACert creates a certificate which can be used as a trusted -// certificate authority. -func GenerateCACert(signer PrivateKey, trustedKey PublicKey) (*x509.Certificate, error) { - subjectInfo := &certTemplateInfo{ - commonName: trustedKey.KeyID(), - isCA: true, - } - issuerInfo := &certTemplateInfo{ - commonName: signer.KeyID(), - } - - return generateCert(trustedKey, signer, subjectInfo, issuerInfo) -} - -// GenerateCACertPool creates a certificate authority pool to be used for a -// TLS configuration. Any self-signed certificates issued by the specified -// trusted keys will be verified during a TLS handshake -func GenerateCACertPool(signer PrivateKey, trustedKeys []PublicKey) (*x509.CertPool, error) { - certPool := x509.NewCertPool() - - for _, trustedKey := range trustedKeys { - cert, err := GenerateCACert(signer, trustedKey) - if err != nil { - return nil, fmt.Errorf("failed to generate CA certificate: %s", err) - } - - certPool.AddCert(cert) - } - - return certPool, nil -} - -// LoadCertificateBundle loads certificates from the given file. The file should be pem encoded -// containing one or more certificates. The expected pem type is "CERTIFICATE". -func LoadCertificateBundle(filename string) ([]*x509.Certificate, error) { - b, err := ioutil.ReadFile(filename) - if err != nil { - return nil, err - } - certificates := []*x509.Certificate{} - var block *pem.Block - block, b = pem.Decode(b) - for ; block != nil; block, b = pem.Decode(b) { - if block.Type == "CERTIFICATE" { - cert, err := x509.ParseCertificate(block.Bytes) - if err != nil { - return nil, err - } - certificates = append(certificates, cert) - } else { - return nil, fmt.Errorf("invalid pem block type: %s", block.Type) - } - } - - return certificates, nil -} - -// LoadCertificatePool loads a CA pool from the given file. The file should be pem encoded -// containing one or more certificates. The expected pem type is "CERTIFICATE". -func LoadCertificatePool(filename string) (*x509.CertPool, error) { - certs, err := LoadCertificateBundle(filename) - if err != nil { - return nil, err - } - pool := x509.NewCertPool() - for _, cert := range certs { - pool.AddCert(cert) - } - return pool, nil -} diff --git a/vendor/github.com/docker/libtrust/certificates_test.go b/vendor/github.com/docker/libtrust/certificates_test.go deleted file mode 100644 index c111f353..00000000 --- a/vendor/github.com/docker/libtrust/certificates_test.go +++ /dev/null @@ -1,111 +0,0 @@ -package libtrust - -import ( - "encoding/pem" - "io/ioutil" - "net" - "os" - "path" - "testing" -) - -func TestGenerateCertificates(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - _, err = GenerateSelfSignedServerCert(key, []string{"localhost"}, []net.IP{net.ParseIP("127.0.0.1")}) - if err != nil { - t.Fatal(err) - } - - _, err = GenerateSelfSignedClientCert(key) - if err != nil { - t.Fatal(err) - } -} - -func TestGenerateCACertPool(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - caKey1, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - caKey2, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - _, err = GenerateCACertPool(key, []PublicKey{caKey1.PublicKey(), caKey2.PublicKey()}) - if err != nil { - t.Fatal(err) - } -} - -func TestLoadCertificates(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - caKey1, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - caKey2, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - cert1, err := GenerateCACert(caKey1, key) - if err != nil { - t.Fatal(err) - } - cert2, err := GenerateCACert(caKey2, key) - if err != nil { - t.Fatal(err) - } - - d, err := ioutil.TempDir("/tmp", "cert-test") - if err != nil { - t.Fatal(err) - } - caFile := path.Join(d, "ca.pem") - f, err := os.OpenFile(caFile, os.O_CREATE|os.O_WRONLY, 0644) - if err != nil { - t.Fatal(err) - } - - err = pem.Encode(f, &pem.Block{Type: "CERTIFICATE", Bytes: cert1.Raw}) - if err != nil { - t.Fatal(err) - } - err = pem.Encode(f, &pem.Block{Type: "CERTIFICATE", Bytes: cert2.Raw}) - if err != nil { - t.Fatal(err) - } - f.Close() - - certs, err := LoadCertificateBundle(caFile) - if err != nil { - t.Fatal(err) - } - if len(certs) != 2 { - t.Fatalf("Wrong number of certs received, expected: %d, received %d", 2, len(certs)) - } - - pool, err := LoadCertificatePool(caFile) - if err != nil { - t.Fatal(err) - } - - if len(pool.Subjects()) != 2 { - t.Fatalf("Invalid certificate pool") - } -} diff --git a/vendor/github.com/docker/libtrust/doc.go b/vendor/github.com/docker/libtrust/doc.go deleted file mode 100644 index ec5d2159..00000000 --- a/vendor/github.com/docker/libtrust/doc.go +++ /dev/null @@ -1,9 +0,0 @@ -/* -Package libtrust provides an interface for managing authentication and -authorization using public key cryptography. Authentication is handled -using the identity attached to the public key and verified through TLS -x509 certificates, a key challenge, or signature. Authorization and -access control is managed through a trust graph distributed between -both remote trust servers and locally cached and managed data. -*/ -package libtrust diff --git a/vendor/github.com/docker/libtrust/ec_key.go b/vendor/github.com/docker/libtrust/ec_key.go deleted file mode 100644 index 00bbe4b3..00000000 --- a/vendor/github.com/docker/libtrust/ec_key.go +++ /dev/null @@ -1,428 +0,0 @@ -package libtrust - -import ( - "crypto" - "crypto/ecdsa" - "crypto/elliptic" - "crypto/rand" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" - "math/big" -) - -/* - * EC DSA PUBLIC KEY - */ - -// ecPublicKey implements a libtrust.PublicKey using elliptic curve digital -// signature algorithms. -type ecPublicKey struct { - *ecdsa.PublicKey - curveName string - signatureAlgorithm *signatureAlgorithm - extended map[string]interface{} -} - -func fromECPublicKey(cryptoPublicKey *ecdsa.PublicKey) (*ecPublicKey, error) { - curve := cryptoPublicKey.Curve - - switch { - case curve == elliptic.P256(): - return &ecPublicKey{cryptoPublicKey, "P-256", es256, map[string]interface{}{}}, nil - case curve == elliptic.P384(): - return &ecPublicKey{cryptoPublicKey, "P-384", es384, map[string]interface{}{}}, nil - case curve == elliptic.P521(): - return &ecPublicKey{cryptoPublicKey, "P-521", es512, map[string]interface{}{}}, nil - default: - return nil, errors.New("unsupported elliptic curve") - } -} - -// KeyType returns the key type for elliptic curve keys, i.e., "EC". -func (k *ecPublicKey) KeyType() string { - return "EC" -} - -// CurveName returns the elliptic curve identifier. -// Possible values are "P-256", "P-384", and "P-521". -func (k *ecPublicKey) CurveName() string { - return k.curveName -} - -// KeyID returns a distinct identifier which is unique to this Public Key. -func (k *ecPublicKey) KeyID() string { - return keyIDFromCryptoKey(k) -} - -func (k *ecPublicKey) String() string { - return fmt.Sprintf("EC Public Key <%s>", k.KeyID()) -} - -// Verify verifyies the signature of the data in the io.Reader using this -// PublicKey. The alg parameter should identify the digital signature -// algorithm which was used to produce the signature and should be supported -// by this public key. Returns a nil error if the signature is valid. -func (k *ecPublicKey) Verify(data io.Reader, alg string, signature []byte) error { - // For EC keys there is only one supported signature algorithm depending - // on the curve parameters. - if k.signatureAlgorithm.HeaderParam() != alg { - return fmt.Errorf("unable to verify signature: EC Public Key with curve %q does not support signature algorithm %q", k.curveName, alg) - } - - // signature is the concatenation of (r, s), base64Url encoded. - sigLength := len(signature) - expectedOctetLength := 2 * ((k.Params().BitSize + 7) >> 3) - if sigLength != expectedOctetLength { - return fmt.Errorf("signature length is %d octets long, should be %d", sigLength, expectedOctetLength) - } - - rBytes, sBytes := signature[:sigLength/2], signature[sigLength/2:] - r := new(big.Int).SetBytes(rBytes) - s := new(big.Int).SetBytes(sBytes) - - hasher := k.signatureAlgorithm.HashID().New() - _, err := io.Copy(hasher, data) - if err != nil { - return fmt.Errorf("error reading data to sign: %s", err) - } - hash := hasher.Sum(nil) - - if !ecdsa.Verify(k.PublicKey, hash, r, s) { - return errors.New("invalid signature") - } - - return nil -} - -// CryptoPublicKey returns the internal object which can be used as a -// crypto.PublicKey for use with other standard library operations. The type -// is either *rsa.PublicKey or *ecdsa.PublicKey -func (k *ecPublicKey) CryptoPublicKey() crypto.PublicKey { - return k.PublicKey -} - -func (k *ecPublicKey) toMap() map[string]interface{} { - jwk := make(map[string]interface{}) - for k, v := range k.extended { - jwk[k] = v - } - jwk["kty"] = k.KeyType() - jwk["kid"] = k.KeyID() - jwk["crv"] = k.CurveName() - - xBytes := k.X.Bytes() - yBytes := k.Y.Bytes() - octetLength := (k.Params().BitSize + 7) >> 3 - // MUST include leading zeros in the output so that x, y are each - // *octetLength* bytes long. - xBuf := make([]byte, octetLength-len(xBytes), octetLength) - yBuf := make([]byte, octetLength-len(yBytes), octetLength) - xBuf = append(xBuf, xBytes...) - yBuf = append(yBuf, yBytes...) - - jwk["x"] = joseBase64UrlEncode(xBuf) - jwk["y"] = joseBase64UrlEncode(yBuf) - - return jwk -} - -// MarshalJSON serializes this Public Key using the JWK JSON serialization format for -// elliptic curve keys. -func (k *ecPublicKey) MarshalJSON() (data []byte, err error) { - return json.Marshal(k.toMap()) -} - -// PEMBlock serializes this Public Key to DER-encoded PKIX format. -func (k *ecPublicKey) PEMBlock() (*pem.Block, error) { - derBytes, err := x509.MarshalPKIXPublicKey(k.PublicKey) - if err != nil { - return nil, fmt.Errorf("unable to serialize EC PublicKey to DER-encoded PKIX format: %s", err) - } - k.extended["kid"] = k.KeyID() // For display purposes. - return createPemBlock("PUBLIC KEY", derBytes, k.extended) -} - -func (k *ecPublicKey) AddExtendedField(field string, value interface{}) { - k.extended[field] = value -} - -func (k *ecPublicKey) GetExtendedField(field string) interface{} { - v, ok := k.extended[field] - if !ok { - return nil - } - return v -} - -func ecPublicKeyFromMap(jwk map[string]interface{}) (*ecPublicKey, error) { - // JWK key type (kty) has already been determined to be "EC". - // Need to extract 'crv', 'x', 'y', and 'kid' and check for - // consistency. - - // Get the curve identifier value. - crv, err := stringFromMap(jwk, "crv") - if err != nil { - return nil, fmt.Errorf("JWK EC Public Key curve identifier: %s", err) - } - - var ( - curve elliptic.Curve - sigAlg *signatureAlgorithm - ) - - switch { - case crv == "P-256": - curve = elliptic.P256() - sigAlg = es256 - case crv == "P-384": - curve = elliptic.P384() - sigAlg = es384 - case crv == "P-521": - curve = elliptic.P521() - sigAlg = es512 - default: - return nil, fmt.Errorf("JWK EC Public Key curve identifier not supported: %q\n", crv) - } - - // Get the X and Y coordinates for the public key point. - xB64Url, err := stringFromMap(jwk, "x") - if err != nil { - return nil, fmt.Errorf("JWK EC Public Key x-coordinate: %s", err) - } - x, err := parseECCoordinate(xB64Url, curve) - if err != nil { - return nil, fmt.Errorf("JWK EC Public Key x-coordinate: %s", err) - } - - yB64Url, err := stringFromMap(jwk, "y") - if err != nil { - return nil, fmt.Errorf("JWK EC Public Key y-coordinate: %s", err) - } - y, err := parseECCoordinate(yB64Url, curve) - if err != nil { - return nil, fmt.Errorf("JWK EC Public Key y-coordinate: %s", err) - } - - key := &ecPublicKey{ - PublicKey: &ecdsa.PublicKey{Curve: curve, X: x, Y: y}, - curveName: crv, signatureAlgorithm: sigAlg, - } - - // Key ID is optional too, but if it exists, it should match the key. - _, ok := jwk["kid"] - if ok { - kid, err := stringFromMap(jwk, "kid") - if err != nil { - return nil, fmt.Errorf("JWK EC Public Key ID: %s", err) - } - if kid != key.KeyID() { - return nil, fmt.Errorf("JWK EC Public Key ID does not match: %s", kid) - } - } - - key.extended = jwk - - return key, nil -} - -/* - * EC DSA PRIVATE KEY - */ - -// ecPrivateKey implements a JWK Private Key using elliptic curve digital signature -// algorithms. -type ecPrivateKey struct { - ecPublicKey - *ecdsa.PrivateKey -} - -func fromECPrivateKey(cryptoPrivateKey *ecdsa.PrivateKey) (*ecPrivateKey, error) { - publicKey, err := fromECPublicKey(&cryptoPrivateKey.PublicKey) - if err != nil { - return nil, err - } - - return &ecPrivateKey{*publicKey, cryptoPrivateKey}, nil -} - -// PublicKey returns the Public Key data associated with this Private Key. -func (k *ecPrivateKey) PublicKey() PublicKey { - return &k.ecPublicKey -} - -func (k *ecPrivateKey) String() string { - return fmt.Sprintf("EC Private Key <%s>", k.KeyID()) -} - -// Sign signs the data read from the io.Reader using a signature algorithm supported -// by the elliptic curve private key. If the specified hashing algorithm is -// supported by this key, that hash function is used to generate the signature -// otherwise the the default hashing algorithm for this key is used. Returns -// the signature and the name of the JWK signature algorithm used, e.g., -// "ES256", "ES384", "ES512". -func (k *ecPrivateKey) Sign(data io.Reader, hashID crypto.Hash) (signature []byte, alg string, err error) { - // Generate a signature of the data using the internal alg. - // The given hashId is only a suggestion, and since EC keys only support - // on signature/hash algorithm given the curve name, we disregard it for - // the elliptic curve JWK signature implementation. - hasher := k.signatureAlgorithm.HashID().New() - _, err = io.Copy(hasher, data) - if err != nil { - return nil, "", fmt.Errorf("error reading data to sign: %s", err) - } - hash := hasher.Sum(nil) - - r, s, err := ecdsa.Sign(rand.Reader, k.PrivateKey, hash) - if err != nil { - return nil, "", fmt.Errorf("error producing signature: %s", err) - } - rBytes, sBytes := r.Bytes(), s.Bytes() - octetLength := (k.ecPublicKey.Params().BitSize + 7) >> 3 - // MUST include leading zeros in the output - rBuf := make([]byte, octetLength-len(rBytes), octetLength) - sBuf := make([]byte, octetLength-len(sBytes), octetLength) - - rBuf = append(rBuf, rBytes...) - sBuf = append(sBuf, sBytes...) - - signature = append(rBuf, sBuf...) - alg = k.signatureAlgorithm.HeaderParam() - - return -} - -// CryptoPrivateKey returns the internal object which can be used as a -// crypto.PublicKey for use with other standard library operations. The type -// is either *rsa.PublicKey or *ecdsa.PublicKey -func (k *ecPrivateKey) CryptoPrivateKey() crypto.PrivateKey { - return k.PrivateKey -} - -func (k *ecPrivateKey) toMap() map[string]interface{} { - jwk := k.ecPublicKey.toMap() - - dBytes := k.D.Bytes() - // The length of this octet string MUST be ceiling(log-base-2(n)/8) - // octets (where n is the order of the curve). This is because the private - // key d must be in the interval [1, n-1] so the bitlength of d should be - // no larger than the bitlength of n-1. The easiest way to find the octet - // length is to take bitlength(n-1), add 7 to force a carry, and shift this - // bit sequence right by 3, which is essentially dividing by 8 and adding - // 1 if there is any remainder. Thus, the private key value d should be - // output to (bitlength(n-1)+7)>>3 octets. - n := k.ecPublicKey.Params().N - octetLength := (new(big.Int).Sub(n, big.NewInt(1)).BitLen() + 7) >> 3 - // Create a buffer with the necessary zero-padding. - dBuf := make([]byte, octetLength-len(dBytes), octetLength) - dBuf = append(dBuf, dBytes...) - - jwk["d"] = joseBase64UrlEncode(dBuf) - - return jwk -} - -// MarshalJSON serializes this Private Key using the JWK JSON serialization format for -// elliptic curve keys. -func (k *ecPrivateKey) MarshalJSON() (data []byte, err error) { - return json.Marshal(k.toMap()) -} - -// PEMBlock serializes this Private Key to DER-encoded PKIX format. -func (k *ecPrivateKey) PEMBlock() (*pem.Block, error) { - derBytes, err := x509.MarshalECPrivateKey(k.PrivateKey) - if err != nil { - return nil, fmt.Errorf("unable to serialize EC PrivateKey to DER-encoded PKIX format: %s", err) - } - k.extended["keyID"] = k.KeyID() // For display purposes. - return createPemBlock("EC PRIVATE KEY", derBytes, k.extended) -} - -func ecPrivateKeyFromMap(jwk map[string]interface{}) (*ecPrivateKey, error) { - dB64Url, err := stringFromMap(jwk, "d") - if err != nil { - return nil, fmt.Errorf("JWK EC Private Key: %s", err) - } - - // JWK key type (kty) has already been determined to be "EC". - // Need to extract the public key information, then extract the private - // key value 'd'. - publicKey, err := ecPublicKeyFromMap(jwk) - if err != nil { - return nil, err - } - - d, err := parseECPrivateParam(dB64Url, publicKey.Curve) - if err != nil { - return nil, fmt.Errorf("JWK EC Private Key d-param: %s", err) - } - - key := &ecPrivateKey{ - ecPublicKey: *publicKey, - PrivateKey: &ecdsa.PrivateKey{ - PublicKey: *publicKey.PublicKey, - D: d, - }, - } - - return key, nil -} - -/* - * Key Generation Functions. - */ - -func generateECPrivateKey(curve elliptic.Curve) (k *ecPrivateKey, err error) { - k = new(ecPrivateKey) - k.PrivateKey, err = ecdsa.GenerateKey(curve, rand.Reader) - if err != nil { - return nil, err - } - - k.ecPublicKey.PublicKey = &k.PrivateKey.PublicKey - k.extended = make(map[string]interface{}) - - return -} - -// GenerateECP256PrivateKey generates a key pair using elliptic curve P-256. -func GenerateECP256PrivateKey() (PrivateKey, error) { - k, err := generateECPrivateKey(elliptic.P256()) - if err != nil { - return nil, fmt.Errorf("error generating EC P-256 key: %s", err) - } - - k.curveName = "P-256" - k.signatureAlgorithm = es256 - - return k, nil -} - -// GenerateECP384PrivateKey generates a key pair using elliptic curve P-384. -func GenerateECP384PrivateKey() (PrivateKey, error) { - k, err := generateECPrivateKey(elliptic.P384()) - if err != nil { - return nil, fmt.Errorf("error generating EC P-384 key: %s", err) - } - - k.curveName = "P-384" - k.signatureAlgorithm = es384 - - return k, nil -} - -// GenerateECP521PrivateKey generates aß key pair using elliptic curve P-521. -func GenerateECP521PrivateKey() (PrivateKey, error) { - k, err := generateECPrivateKey(elliptic.P521()) - if err != nil { - return nil, fmt.Errorf("error generating EC P-521 key: %s", err) - } - - k.curveName = "P-521" - k.signatureAlgorithm = es512 - - return k, nil -} diff --git a/vendor/github.com/docker/libtrust/ec_key_test.go b/vendor/github.com/docker/libtrust/ec_key_test.go deleted file mode 100644 index 26ac3814..00000000 --- a/vendor/github.com/docker/libtrust/ec_key_test.go +++ /dev/null @@ -1,157 +0,0 @@ -package libtrust - -import ( - "bytes" - "encoding/json" - "testing" -) - -func generateECTestKeys(t *testing.T) []PrivateKey { - p256Key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - p384Key, err := GenerateECP384PrivateKey() - if err != nil { - t.Fatal(err) - } - - p521Key, err := GenerateECP521PrivateKey() - if err != nil { - t.Fatal(err) - } - - return []PrivateKey{p256Key, p384Key, p521Key} -} - -func TestECKeys(t *testing.T) { - ecKeys := generateECTestKeys(t) - - for _, ecKey := range ecKeys { - if ecKey.KeyType() != "EC" { - t.Fatalf("key type must be %q, instead got %q", "EC", ecKey.KeyType()) - } - } -} - -func TestECSignVerify(t *testing.T) { - ecKeys := generateECTestKeys(t) - - message := "Hello, World!" - data := bytes.NewReader([]byte(message)) - - sigAlgs := []*signatureAlgorithm{es256, es384, es512} - - for i, ecKey := range ecKeys { - sigAlg := sigAlgs[i] - - t.Logf("%s signature of %q with kid: %s\n", sigAlg.HeaderParam(), message, ecKey.KeyID()) - - data.Seek(0, 0) // Reset the byte reader - - // Sign - sig, alg, err := ecKey.Sign(data, sigAlg.HashID()) - if err != nil { - t.Fatal(err) - } - - data.Seek(0, 0) // Reset the byte reader - - // Verify - err = ecKey.Verify(data, alg, sig) - if err != nil { - t.Fatal(err) - } - } -} - -func TestMarshalUnmarshalECKeys(t *testing.T) { - ecKeys := generateECTestKeys(t) - data := bytes.NewReader([]byte("This is a test. I repeat: this is only a test.")) - sigAlgs := []*signatureAlgorithm{es256, es384, es512} - - for i, ecKey := range ecKeys { - sigAlg := sigAlgs[i] - privateJWKJSON, err := json.MarshalIndent(ecKey, "", " ") - if err != nil { - t.Fatal(err) - } - - publicJWKJSON, err := json.MarshalIndent(ecKey.PublicKey(), "", " ") - if err != nil { - t.Fatal(err) - } - - t.Logf("JWK Private Key: %s", string(privateJWKJSON)) - t.Logf("JWK Public Key: %s", string(publicJWKJSON)) - - privKey2, err := UnmarshalPrivateKeyJWK(privateJWKJSON) - if err != nil { - t.Fatal(err) - } - - pubKey2, err := UnmarshalPublicKeyJWK(publicJWKJSON) - if err != nil { - t.Fatal(err) - } - - // Ensure we can sign/verify a message with the unmarshalled keys. - data.Seek(0, 0) // Reset the byte reader - signature, alg, err := privKey2.Sign(data, sigAlg.HashID()) - if err != nil { - t.Fatal(err) - } - - data.Seek(0, 0) // Reset the byte reader - err = pubKey2.Verify(data, alg, signature) - if err != nil { - t.Fatal(err) - } - } -} - -func TestFromCryptoECKeys(t *testing.T) { - ecKeys := generateECTestKeys(t) - - for _, ecKey := range ecKeys { - cryptoPrivateKey := ecKey.CryptoPrivateKey() - cryptoPublicKey := ecKey.CryptoPublicKey() - - pubKey, err := FromCryptoPublicKey(cryptoPublicKey) - if err != nil { - t.Fatal(err) - } - - if pubKey.KeyID() != ecKey.KeyID() { - t.Fatal("public key key ID mismatch") - } - - privKey, err := FromCryptoPrivateKey(cryptoPrivateKey) - if err != nil { - t.Fatal(err) - } - - if privKey.KeyID() != ecKey.KeyID() { - t.Fatal("public key key ID mismatch") - } - } -} - -func TestExtendedFields(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - key.AddExtendedField("test", "foobar") - val := key.GetExtendedField("test") - - gotVal, ok := val.(string) - if !ok { - t.Fatalf("value is not a string") - } else if gotVal != val { - t.Fatalf("value %q is not equal to %q", gotVal, val) - } - -} diff --git a/vendor/github.com/docker/libtrust/filter.go b/vendor/github.com/docker/libtrust/filter.go deleted file mode 100644 index 5b2b4fca..00000000 --- a/vendor/github.com/docker/libtrust/filter.go +++ /dev/null @@ -1,50 +0,0 @@ -package libtrust - -import ( - "path/filepath" -) - -// FilterByHosts filters the list of PublicKeys to only those which contain a -// 'hosts' pattern which matches the given host. If *includeEmpty* is true, -// then keys which do not specify any hosts are also returned. -func FilterByHosts(keys []PublicKey, host string, includeEmpty bool) ([]PublicKey, error) { - filtered := make([]PublicKey, 0, len(keys)) - - for _, pubKey := range keys { - var hosts []string - switch v := pubKey.GetExtendedField("hosts").(type) { - case []string: - hosts = v - case []interface{}: - for _, value := range v { - h, ok := value.(string) - if !ok { - continue - } - hosts = append(hosts, h) - } - } - - if len(hosts) == 0 { - if includeEmpty { - filtered = append(filtered, pubKey) - } - continue - } - - // Check if any hosts match pattern - for _, hostPattern := range hosts { - match, err := filepath.Match(hostPattern, host) - if err != nil { - return nil, err - } - - if match { - filtered = append(filtered, pubKey) - continue - } - } - } - - return filtered, nil -} diff --git a/vendor/github.com/docker/libtrust/filter_test.go b/vendor/github.com/docker/libtrust/filter_test.go deleted file mode 100644 index 997e554c..00000000 --- a/vendor/github.com/docker/libtrust/filter_test.go +++ /dev/null @@ -1,81 +0,0 @@ -package libtrust - -import ( - "testing" -) - -func compareKeySlices(t *testing.T, sliceA, sliceB []PublicKey) { - if len(sliceA) != len(sliceB) { - t.Fatalf("slice size %d, expected %d", len(sliceA), len(sliceB)) - } - - for i, itemA := range sliceA { - itemB := sliceB[i] - if itemA != itemB { - t.Fatalf("slice index %d not equal: %#v != %#v", i, itemA, itemB) - } - } -} - -func TestFilter(t *testing.T) { - keys := make([]PublicKey, 0, 8) - - // Create 8 keys and add host entries. - for i := 0; i < cap(keys); i++ { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - // we use both []interface{} and []string here because jwt uses - // []interface{} format, while PEM uses []string - switch { - case i == 0: - // Don't add entries for this key, key 0. - break - case i%2 == 0: - // Should catch keys 2, 4, and 6. - key.AddExtendedField("hosts", []interface{}{"*.even.example.com"}) - case i == 7: - // Should catch only the last key, and make it match any hostname. - key.AddExtendedField("hosts", []string{"*"}) - default: - // should catch keys 1, 3, 5. - key.AddExtendedField("hosts", []string{"*.example.com"}) - } - - keys = append(keys, key) - } - - // Should match 2 keys, the empty one, and the one that matches all hosts. - matchedKeys, err := FilterByHosts(keys, "foo.bar.com", true) - if err != nil { - t.Fatal(err) - } - expectedMatch := []PublicKey{keys[0], keys[7]} - compareKeySlices(t, expectedMatch, matchedKeys) - - // Should match 1 key, the one that matches any host. - matchedKeys, err = FilterByHosts(keys, "foo.bar.com", false) - if err != nil { - t.Fatal(err) - } - expectedMatch = []PublicKey{keys[7]} - compareKeySlices(t, expectedMatch, matchedKeys) - - // Should match keys that end in "example.com", and the key that matches anything. - matchedKeys, err = FilterByHosts(keys, "foo.example.com", false) - if err != nil { - t.Fatal(err) - } - expectedMatch = []PublicKey{keys[1], keys[3], keys[5], keys[7]} - compareKeySlices(t, expectedMatch, matchedKeys) - - // Should match all of the keys except the empty key. - matchedKeys, err = FilterByHosts(keys, "foo.even.example.com", false) - if err != nil { - t.Fatal(err) - } - expectedMatch = keys[1:] - compareKeySlices(t, expectedMatch, matchedKeys) -} diff --git a/vendor/github.com/docker/libtrust/hash.go b/vendor/github.com/docker/libtrust/hash.go deleted file mode 100644 index a2df787d..00000000 --- a/vendor/github.com/docker/libtrust/hash.go +++ /dev/null @@ -1,56 +0,0 @@ -package libtrust - -import ( - "crypto" - _ "crypto/sha256" // Registrer SHA224 and SHA256 - _ "crypto/sha512" // Registrer SHA384 and SHA512 - "fmt" -) - -type signatureAlgorithm struct { - algHeaderParam string - hashID crypto.Hash -} - -func (h *signatureAlgorithm) HeaderParam() string { - return h.algHeaderParam -} - -func (h *signatureAlgorithm) HashID() crypto.Hash { - return h.hashID -} - -var ( - rs256 = &signatureAlgorithm{"RS256", crypto.SHA256} - rs384 = &signatureAlgorithm{"RS384", crypto.SHA384} - rs512 = &signatureAlgorithm{"RS512", crypto.SHA512} - es256 = &signatureAlgorithm{"ES256", crypto.SHA256} - es384 = &signatureAlgorithm{"ES384", crypto.SHA384} - es512 = &signatureAlgorithm{"ES512", crypto.SHA512} -) - -func rsaSignatureAlgorithmByName(alg string) (*signatureAlgorithm, error) { - switch { - case alg == "RS256": - return rs256, nil - case alg == "RS384": - return rs384, nil - case alg == "RS512": - return rs512, nil - default: - return nil, fmt.Errorf("RSA Digital Signature Algorithm %q not supported", alg) - } -} - -func rsaPKCS1v15SignatureAlgorithmForHashID(hashID crypto.Hash) *signatureAlgorithm { - switch { - case hashID == crypto.SHA512: - return rs512 - case hashID == crypto.SHA384: - return rs384 - case hashID == crypto.SHA256: - fallthrough - default: - return rs256 - } -} diff --git a/vendor/github.com/docker/libtrust/jsonsign.go b/vendor/github.com/docker/libtrust/jsonsign.go deleted file mode 100644 index cb2ca9a7..00000000 --- a/vendor/github.com/docker/libtrust/jsonsign.go +++ /dev/null @@ -1,657 +0,0 @@ -package libtrust - -import ( - "bytes" - "crypto" - "crypto/x509" - "encoding/base64" - "encoding/json" - "errors" - "fmt" - "sort" - "time" - "unicode" -) - -var ( - // ErrInvalidSignContent is used when the content to be signed is invalid. - ErrInvalidSignContent = errors.New("invalid sign content") - - // ErrInvalidJSONContent is used when invalid json is encountered. - ErrInvalidJSONContent = errors.New("invalid json content") - - // ErrMissingSignatureKey is used when the specified signature key - // does not exist in the JSON content. - ErrMissingSignatureKey = errors.New("missing signature key") -) - -type jsHeader struct { - JWK PublicKey `json:"jwk,omitempty"` - Algorithm string `json:"alg"` - Chain []string `json:"x5c,omitempty"` -} - -type jsSignature struct { - Header jsHeader `json:"header"` - Signature string `json:"signature"` - Protected string `json:"protected,omitempty"` -} - -type jsSignaturesSorted []jsSignature - -func (jsbkid jsSignaturesSorted) Swap(i, j int) { jsbkid[i], jsbkid[j] = jsbkid[j], jsbkid[i] } -func (jsbkid jsSignaturesSorted) Len() int { return len(jsbkid) } - -func (jsbkid jsSignaturesSorted) Less(i, j int) bool { - ki, kj := jsbkid[i].Header.JWK.KeyID(), jsbkid[j].Header.JWK.KeyID() - si, sj := jsbkid[i].Signature, jsbkid[j].Signature - - if ki == kj { - return si < sj - } - - return ki < kj -} - -type signKey struct { - PrivateKey - Chain []*x509.Certificate -} - -// JSONSignature represents a signature of a json object. -type JSONSignature struct { - payload string - signatures []jsSignature - indent string - formatLength int - formatTail []byte -} - -func newJSONSignature() *JSONSignature { - return &JSONSignature{ - signatures: make([]jsSignature, 0, 1), - } -} - -// Payload returns the encoded payload of the signature. This -// payload should not be signed directly -func (js *JSONSignature) Payload() ([]byte, error) { - return joseBase64UrlDecode(js.payload) -} - -func (js *JSONSignature) protectedHeader() (string, error) { - protected := map[string]interface{}{ - "formatLength": js.formatLength, - "formatTail": joseBase64UrlEncode(js.formatTail), - "time": time.Now().UTC().Format(time.RFC3339), - } - protectedBytes, err := json.Marshal(protected) - if err != nil { - return "", err - } - - return joseBase64UrlEncode(protectedBytes), nil -} - -func (js *JSONSignature) signBytes(protectedHeader string) ([]byte, error) { - buf := make([]byte, len(js.payload)+len(protectedHeader)+1) - copy(buf, protectedHeader) - buf[len(protectedHeader)] = '.' - copy(buf[len(protectedHeader)+1:], js.payload) - return buf, nil -} - -// Sign adds a signature using the given private key. -func (js *JSONSignature) Sign(key PrivateKey) error { - protected, err := js.protectedHeader() - if err != nil { - return err - } - signBytes, err := js.signBytes(protected) - if err != nil { - return err - } - sigBytes, algorithm, err := key.Sign(bytes.NewReader(signBytes), crypto.SHA256) - if err != nil { - return err - } - - js.signatures = append(js.signatures, jsSignature{ - Header: jsHeader{ - JWK: key.PublicKey(), - Algorithm: algorithm, - }, - Signature: joseBase64UrlEncode(sigBytes), - Protected: protected, - }) - - return nil -} - -// SignWithChain adds a signature using the given private key -// and setting the x509 chain. The public key of the first element -// in the chain must be the public key corresponding with the sign key. -func (js *JSONSignature) SignWithChain(key PrivateKey, chain []*x509.Certificate) error { - // Ensure key.Chain[0] is public key for key - //key.Chain.PublicKey - //key.PublicKey().CryptoPublicKey() - - // Verify chain - protected, err := js.protectedHeader() - if err != nil { - return err - } - signBytes, err := js.signBytes(protected) - if err != nil { - return err - } - sigBytes, algorithm, err := key.Sign(bytes.NewReader(signBytes), crypto.SHA256) - if err != nil { - return err - } - - header := jsHeader{ - Chain: make([]string, len(chain)), - Algorithm: algorithm, - } - - for i, cert := range chain { - header.Chain[i] = base64.StdEncoding.EncodeToString(cert.Raw) - } - - js.signatures = append(js.signatures, jsSignature{ - Header: header, - Signature: joseBase64UrlEncode(sigBytes), - Protected: protected, - }) - - return nil -} - -// Verify verifies all the signatures and returns the list of -// public keys used to sign. Any x509 chains are not checked. -func (js *JSONSignature) Verify() ([]PublicKey, error) { - keys := make([]PublicKey, len(js.signatures)) - for i, signature := range js.signatures { - signBytes, err := js.signBytes(signature.Protected) - if err != nil { - return nil, err - } - var publicKey PublicKey - if len(signature.Header.Chain) > 0 { - certBytes, err := base64.StdEncoding.DecodeString(signature.Header.Chain[0]) - if err != nil { - return nil, err - } - cert, err := x509.ParseCertificate(certBytes) - if err != nil { - return nil, err - } - publicKey, err = FromCryptoPublicKey(cert.PublicKey) - if err != nil { - return nil, err - } - } else if signature.Header.JWK != nil { - publicKey = signature.Header.JWK - } else { - return nil, errors.New("missing public key") - } - - sigBytes, err := joseBase64UrlDecode(signature.Signature) - if err != nil { - return nil, err - } - - err = publicKey.Verify(bytes.NewReader(signBytes), signature.Header.Algorithm, sigBytes) - if err != nil { - return nil, err - } - - keys[i] = publicKey - } - return keys, nil -} - -// VerifyChains verifies all the signatures and the chains associated -// with each signature and returns the list of verified chains. -// Signatures without an x509 chain are not checked. -func (js *JSONSignature) VerifyChains(ca *x509.CertPool) ([][]*x509.Certificate, error) { - chains := make([][]*x509.Certificate, 0, len(js.signatures)) - for _, signature := range js.signatures { - signBytes, err := js.signBytes(signature.Protected) - if err != nil { - return nil, err - } - var publicKey PublicKey - if len(signature.Header.Chain) > 0 { - certBytes, err := base64.StdEncoding.DecodeString(signature.Header.Chain[0]) - if err != nil { - return nil, err - } - cert, err := x509.ParseCertificate(certBytes) - if err != nil { - return nil, err - } - publicKey, err = FromCryptoPublicKey(cert.PublicKey) - if err != nil { - return nil, err - } - intermediates := x509.NewCertPool() - if len(signature.Header.Chain) > 1 { - intermediateChain := signature.Header.Chain[1:] - for i := range intermediateChain { - certBytes, err := base64.StdEncoding.DecodeString(intermediateChain[i]) - if err != nil { - return nil, err - } - intermediate, err := x509.ParseCertificate(certBytes) - if err != nil { - return nil, err - } - intermediates.AddCert(intermediate) - } - } - - verifyOptions := x509.VerifyOptions{ - Intermediates: intermediates, - Roots: ca, - } - - verifiedChains, err := cert.Verify(verifyOptions) - if err != nil { - return nil, err - } - chains = append(chains, verifiedChains...) - - sigBytes, err := joseBase64UrlDecode(signature.Signature) - if err != nil { - return nil, err - } - - err = publicKey.Verify(bytes.NewReader(signBytes), signature.Header.Algorithm, sigBytes) - if err != nil { - return nil, err - } - } - - } - return chains, nil -} - -// JWS returns JSON serialized JWS according to -// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-7.2 -func (js *JSONSignature) JWS() ([]byte, error) { - if len(js.signatures) == 0 { - return nil, errors.New("missing signature") - } - - sort.Sort(jsSignaturesSorted(js.signatures)) - - jsonMap := map[string]interface{}{ - "payload": js.payload, - "signatures": js.signatures, - } - - return json.MarshalIndent(jsonMap, "", " ") -} - -func notSpace(r rune) bool { - return !unicode.IsSpace(r) -} - -func detectJSONIndent(jsonContent []byte) (indent string) { - if len(jsonContent) > 2 && jsonContent[0] == '{' && jsonContent[1] == '\n' { - quoteIndex := bytes.IndexRune(jsonContent[1:], '"') - if quoteIndex > 0 { - indent = string(jsonContent[2 : quoteIndex+1]) - } - } - return -} - -type jsParsedHeader struct { - JWK json.RawMessage `json:"jwk"` - Algorithm string `json:"alg"` - Chain []string `json:"x5c"` -} - -type jsParsedSignature struct { - Header jsParsedHeader `json:"header"` - Signature string `json:"signature"` - Protected string `json:"protected"` -} - -// ParseJWS parses a JWS serialized JSON object into a Json Signature. -func ParseJWS(content []byte) (*JSONSignature, error) { - type jsParsed struct { - Payload string `json:"payload"` - Signatures []jsParsedSignature `json:"signatures"` - } - parsed := &jsParsed{} - err := json.Unmarshal(content, parsed) - if err != nil { - return nil, err - } - if len(parsed.Signatures) == 0 { - return nil, errors.New("missing signatures") - } - payload, err := joseBase64UrlDecode(parsed.Payload) - if err != nil { - return nil, err - } - - js, err := NewJSONSignature(payload) - if err != nil { - return nil, err - } - js.signatures = make([]jsSignature, len(parsed.Signatures)) - for i, signature := range parsed.Signatures { - header := jsHeader{ - Algorithm: signature.Header.Algorithm, - } - if signature.Header.Chain != nil { - header.Chain = signature.Header.Chain - } - if signature.Header.JWK != nil { - publicKey, err := UnmarshalPublicKeyJWK([]byte(signature.Header.JWK)) - if err != nil { - return nil, err - } - header.JWK = publicKey - } - js.signatures[i] = jsSignature{ - Header: header, - Signature: signature.Signature, - Protected: signature.Protected, - } - } - - return js, nil -} - -// NewJSONSignature returns a new unsigned JWS from a json byte array. -// JSONSignature will need to be signed before serializing or storing. -// Optionally, one or more signatures can be provided as byte buffers, -// containing serialized JWS signatures, to assemble a fully signed JWS -// package. It is the callers responsibility to ensure uniqueness of the -// provided signatures. -func NewJSONSignature(content []byte, signatures ...[]byte) (*JSONSignature, error) { - var dataMap map[string]interface{} - err := json.Unmarshal(content, &dataMap) - if err != nil { - return nil, err - } - - js := newJSONSignature() - js.indent = detectJSONIndent(content) - - js.payload = joseBase64UrlEncode(content) - - // Find trailing } and whitespace, put in protected header - closeIndex := bytes.LastIndexFunc(content, notSpace) - if content[closeIndex] != '}' { - return nil, ErrInvalidJSONContent - } - lastRuneIndex := bytes.LastIndexFunc(content[:closeIndex], notSpace) - if content[lastRuneIndex] == ',' { - return nil, ErrInvalidJSONContent - } - js.formatLength = lastRuneIndex + 1 - js.formatTail = content[js.formatLength:] - - if len(signatures) > 0 { - for _, signature := range signatures { - var parsedJSig jsParsedSignature - - if err := json.Unmarshal(signature, &parsedJSig); err != nil { - return nil, err - } - - // TODO(stevvooe): A lot of the code below is repeated in - // ParseJWS. It will require more refactoring to fix that. - jsig := jsSignature{ - Header: jsHeader{ - Algorithm: parsedJSig.Header.Algorithm, - }, - Signature: parsedJSig.Signature, - Protected: parsedJSig.Protected, - } - - if parsedJSig.Header.Chain != nil { - jsig.Header.Chain = parsedJSig.Header.Chain - } - - if parsedJSig.Header.JWK != nil { - publicKey, err := UnmarshalPublicKeyJWK([]byte(parsedJSig.Header.JWK)) - if err != nil { - return nil, err - } - jsig.Header.JWK = publicKey - } - - js.signatures = append(js.signatures, jsig) - } - } - - return js, nil -} - -// NewJSONSignatureFromMap returns a new unsigned JSONSignature from a map or -// struct. JWS will need to be signed before serializing or storing. -func NewJSONSignatureFromMap(content interface{}) (*JSONSignature, error) { - switch content.(type) { - case map[string]interface{}: - case struct{}: - default: - return nil, errors.New("invalid data type") - } - - js := newJSONSignature() - js.indent = " " - - payload, err := json.MarshalIndent(content, "", js.indent) - if err != nil { - return nil, err - } - js.payload = joseBase64UrlEncode(payload) - - // Remove '\n}' from formatted section, put in protected header - js.formatLength = len(payload) - 2 - js.formatTail = payload[js.formatLength:] - - return js, nil -} - -func readIntFromMap(key string, m map[string]interface{}) (int, bool) { - value, ok := m[key] - if !ok { - return 0, false - } - switch v := value.(type) { - case int: - return v, true - case float64: - return int(v), true - default: - return 0, false - } -} - -func readStringFromMap(key string, m map[string]interface{}) (v string, ok bool) { - value, ok := m[key] - if !ok { - return "", false - } - v, ok = value.(string) - return -} - -// ParsePrettySignature parses a formatted signature into a -// JSON signature. If the signatures are missing the format information -// an error is thrown. The formatted signature must be created by -// the same method as format signature. -func ParsePrettySignature(content []byte, signatureKey string) (*JSONSignature, error) { - var contentMap map[string]json.RawMessage - err := json.Unmarshal(content, &contentMap) - if err != nil { - return nil, fmt.Errorf("error unmarshalling content: %s", err) - } - sigMessage, ok := contentMap[signatureKey] - if !ok { - return nil, ErrMissingSignatureKey - } - - var signatureBlocks []jsParsedSignature - err = json.Unmarshal([]byte(sigMessage), &signatureBlocks) - if err != nil { - return nil, fmt.Errorf("error unmarshalling signatures: %s", err) - } - - js := newJSONSignature() - js.signatures = make([]jsSignature, len(signatureBlocks)) - - for i, signatureBlock := range signatureBlocks { - protectedBytes, err := joseBase64UrlDecode(signatureBlock.Protected) - if err != nil { - return nil, fmt.Errorf("base64 decode error: %s", err) - } - var protectedHeader map[string]interface{} - err = json.Unmarshal(protectedBytes, &protectedHeader) - if err != nil { - return nil, fmt.Errorf("error unmarshalling protected header: %s", err) - } - - formatLength, ok := readIntFromMap("formatLength", protectedHeader) - if !ok { - return nil, errors.New("missing formatted length") - } - encodedTail, ok := readStringFromMap("formatTail", protectedHeader) - if !ok { - return nil, errors.New("missing formatted tail") - } - formatTail, err := joseBase64UrlDecode(encodedTail) - if err != nil { - return nil, fmt.Errorf("base64 decode error on tail: %s", err) - } - if js.formatLength == 0 { - js.formatLength = formatLength - } else if js.formatLength != formatLength { - return nil, errors.New("conflicting format length") - } - if len(js.formatTail) == 0 { - js.formatTail = formatTail - } else if bytes.Compare(js.formatTail, formatTail) != 0 { - return nil, errors.New("conflicting format tail") - } - - header := jsHeader{ - Algorithm: signatureBlock.Header.Algorithm, - Chain: signatureBlock.Header.Chain, - } - if signatureBlock.Header.JWK != nil { - publicKey, err := UnmarshalPublicKeyJWK([]byte(signatureBlock.Header.JWK)) - if err != nil { - return nil, fmt.Errorf("error unmarshalling public key: %s", err) - } - header.JWK = publicKey - } - js.signatures[i] = jsSignature{ - Header: header, - Signature: signatureBlock.Signature, - Protected: signatureBlock.Protected, - } - } - if js.formatLength > len(content) { - return nil, errors.New("invalid format length") - } - formatted := make([]byte, js.formatLength+len(js.formatTail)) - copy(formatted, content[:js.formatLength]) - copy(formatted[js.formatLength:], js.formatTail) - js.indent = detectJSONIndent(formatted) - js.payload = joseBase64UrlEncode(formatted) - - return js, nil -} - -// PrettySignature formats a json signature into an easy to read -// single json serialized object. -func (js *JSONSignature) PrettySignature(signatureKey string) ([]byte, error) { - if len(js.signatures) == 0 { - return nil, errors.New("no signatures") - } - payload, err := joseBase64UrlDecode(js.payload) - if err != nil { - return nil, err - } - payload = payload[:js.formatLength] - - sort.Sort(jsSignaturesSorted(js.signatures)) - - var marshalled []byte - var marshallErr error - if js.indent != "" { - marshalled, marshallErr = json.MarshalIndent(js.signatures, js.indent, js.indent) - } else { - marshalled, marshallErr = json.Marshal(js.signatures) - } - if marshallErr != nil { - return nil, marshallErr - } - - buf := bytes.NewBuffer(make([]byte, 0, len(payload)+len(marshalled)+34)) - buf.Write(payload) - buf.WriteByte(',') - if js.indent != "" { - buf.WriteByte('\n') - buf.WriteString(js.indent) - buf.WriteByte('"') - buf.WriteString(signatureKey) - buf.WriteString("\": ") - buf.Write(marshalled) - buf.WriteByte('\n') - } else { - buf.WriteByte('"') - buf.WriteString(signatureKey) - buf.WriteString("\":") - buf.Write(marshalled) - } - buf.WriteByte('}') - - return buf.Bytes(), nil -} - -// Signatures provides the signatures on this JWS as opaque blobs, sorted by -// keyID. These blobs can be stored and reassembled with payloads. Internally, -// they are simply marshaled json web signatures but implementations should -// not rely on this. -func (js *JSONSignature) Signatures() ([][]byte, error) { - sort.Sort(jsSignaturesSorted(js.signatures)) - - var sb [][]byte - for _, jsig := range js.signatures { - p, err := json.Marshal(jsig) - if err != nil { - return nil, err - } - - sb = append(sb, p) - } - - return sb, nil -} - -// Merge combines the signatures from one or more other signatures into the -// method receiver. If the payloads differ for any argument, an error will be -// returned and the receiver will not be modified. -func (js *JSONSignature) Merge(others ...*JSONSignature) error { - merged := js.signatures - for _, other := range others { - if js.payload != other.payload { - return fmt.Errorf("payloads differ from merge target") - } - merged = append(merged, other.signatures...) - } - - js.signatures = merged - return nil -} diff --git a/vendor/github.com/docker/libtrust/jsonsign_test.go b/vendor/github.com/docker/libtrust/jsonsign_test.go deleted file mode 100644 index b4f26979..00000000 --- a/vendor/github.com/docker/libtrust/jsonsign_test.go +++ /dev/null @@ -1,380 +0,0 @@ -package libtrust - -import ( - "bytes" - "crypto/rand" - "crypto/x509" - "encoding/json" - "fmt" - "io" - "testing" - - "github.com/docker/libtrust/testutil" -) - -func createTestJSON(sigKey string, indent string) (map[string]interface{}, []byte) { - testMap := map[string]interface{}{ - "name": "dmcgowan/mycontainer", - "config": map[string]interface{}{ - "ports": []int{9101, 9102}, - "run": "/bin/echo \"Hello\"", - }, - "layers": []string{ - "2893c080-27f5-11e4-8c21-0800200c9a66", - "c54bc25b-fbb2-497b-a899-a8bc1b5b9d55", - "4d5d7e03-f908-49f3-a7f6-9ba28dfe0fb4", - "0b6da891-7f7f-4abf-9c97-7887549e696c", - "1d960389-ae4f-4011-85fd-18d0f96a67ad", - }, - } - formattedSection := `{"config":{"ports":[9101,9102],"run":"/bin/echo \"Hello\""},"layers":["2893c080-27f5-11e4-8c21-0800200c9a66","c54bc25b-fbb2-497b-a899-a8bc1b5b9d55","4d5d7e03-f908-49f3-a7f6-9ba28dfe0fb4","0b6da891-7f7f-4abf-9c97-7887549e696c","1d960389-ae4f-4011-85fd-18d0f96a67ad"],"name":"dmcgowan/mycontainer","%s":[{"header":{` - formattedSection = fmt.Sprintf(formattedSection, sigKey) - if indent != "" { - buf := bytes.NewBuffer(nil) - json.Indent(buf, []byte(formattedSection), "", indent) - return testMap, buf.Bytes() - } - return testMap, []byte(formattedSection) - -} - -func TestSignJSON(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating EC key: %s", err) - } - - testMap, _ := createTestJSON("buildSignatures", " ") - indented, err := json.MarshalIndent(testMap, "", " ") - if err != nil { - t.Fatalf("Marshall error: %s", err) - } - - js, err := NewJSONSignature(indented) - if err != nil { - t.Fatalf("Error creating JSON signature: %s", err) - } - err = js.Sign(key) - if err != nil { - t.Fatalf("Error signing content: %s", err) - } - - keys, err := js.Verify() - if err != nil { - t.Fatalf("Error verifying signature: %s", err) - } - if len(keys) != 1 { - t.Fatalf("Error wrong number of keys returned") - } - if keys[0].KeyID() != key.KeyID() { - t.Fatalf("Unexpected public key returned") - } - -} - -func TestSignMap(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating EC key: %s", err) - } - - testMap, _ := createTestJSON("buildSignatures", " ") - js, err := NewJSONSignatureFromMap(testMap) - if err != nil { - t.Fatalf("Error creating JSON signature: %s", err) - } - err = js.Sign(key) - if err != nil { - t.Fatalf("Error signing JSON signature: %s", err) - } - - keys, err := js.Verify() - if err != nil { - t.Fatalf("Error verifying signature: %s", err) - } - if len(keys) != 1 { - t.Fatalf("Error wrong number of keys returned") - } - if keys[0].KeyID() != key.KeyID() { - t.Fatalf("Unexpected public key returned") - } -} - -func TestFormattedJson(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating EC key: %s", err) - } - - testMap, firstSection := createTestJSON("buildSignatures", " ") - indented, err := json.MarshalIndent(testMap, "", " ") - if err != nil { - t.Fatalf("Marshall error: %s", err) - } - - js, err := NewJSONSignature(indented) - if err != nil { - t.Fatalf("Error creating JSON signature: %s", err) - } - err = js.Sign(key) - if err != nil { - t.Fatalf("Error signing content: %s", err) - } - - b, err := js.PrettySignature("buildSignatures") - if err != nil { - t.Fatalf("Error signing map: %s", err) - } - - if bytes.Compare(b[:len(firstSection)], firstSection) != 0 { - t.Fatalf("Wrong signed value\nExpected:\n%s\nActual:\n%s", firstSection, b[:len(firstSection)]) - } - - parsed, err := ParsePrettySignature(b, "buildSignatures") - if err != nil { - t.Fatalf("Error parsing formatted signature: %s", err) - } - - keys, err := parsed.Verify() - if err != nil { - t.Fatalf("Error verifying signature: %s", err) - } - if len(keys) != 1 { - t.Fatalf("Error wrong number of keys returned") - } - if keys[0].KeyID() != key.KeyID() { - t.Fatalf("Unexpected public key returned") - } - - var unmarshalled map[string]interface{} - err = json.Unmarshal(b, &unmarshalled) - if err != nil { - t.Fatalf("Could not unmarshall after parse: %s", err) - } - -} - -func TestFormattedFlatJson(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating EC key: %s", err) - } - - testMap, firstSection := createTestJSON("buildSignatures", "") - unindented, err := json.Marshal(testMap) - if err != nil { - t.Fatalf("Marshall error: %s", err) - } - - js, err := NewJSONSignature(unindented) - if err != nil { - t.Fatalf("Error creating JSON signature: %s", err) - } - err = js.Sign(key) - if err != nil { - t.Fatalf("Error signing JSON signature: %s", err) - } - - b, err := js.PrettySignature("buildSignatures") - if err != nil { - t.Fatalf("Error signing map: %s", err) - } - - if bytes.Compare(b[:len(firstSection)], firstSection) != 0 { - t.Fatalf("Wrong signed value\nExpected:\n%s\nActual:\n%s", firstSection, b[:len(firstSection)]) - } - - parsed, err := ParsePrettySignature(b, "buildSignatures") - if err != nil { - t.Fatalf("Error parsing formatted signature: %s", err) - } - - keys, err := parsed.Verify() - if err != nil { - t.Fatalf("Error verifying signature: %s", err) - } - if len(keys) != 1 { - t.Fatalf("Error wrong number of keys returned") - } - if keys[0].KeyID() != key.KeyID() { - t.Fatalf("Unexpected public key returned") - } -} - -func generateTrustChain(t *testing.T, key PrivateKey, ca *x509.Certificate) (PrivateKey, []*x509.Certificate) { - parent := ca - parentKey := key - chain := make([]*x509.Certificate, 6) - for i := 5; i > 0; i-- { - intermediatekey, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generate key: %s", err) - } - chain[i], err = testutil.GenerateIntermediate(intermediatekey.CryptoPublicKey(), parentKey.CryptoPrivateKey(), parent) - if err != nil { - t.Fatalf("Error generating intermdiate certificate: %s", err) - } - parent = chain[i] - parentKey = intermediatekey - } - trustKey, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generate key: %s", err) - } - chain[0], err = testutil.GenerateTrustCert(trustKey.CryptoPublicKey(), parentKey.CryptoPrivateKey(), parent) - if err != nil { - t.Fatalf("Error generate trust cert: %s", err) - } - - return trustKey, chain -} - -func TestChainVerify(t *testing.T) { - caKey, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating key: %s", err) - } - ca, err := testutil.GenerateTrustCA(caKey.CryptoPublicKey(), caKey.CryptoPrivateKey()) - if err != nil { - t.Fatalf("Error generating ca: %s", err) - } - trustKey, chain := generateTrustChain(t, caKey, ca) - - testMap, _ := createTestJSON("verifySignatures", " ") - js, err := NewJSONSignatureFromMap(testMap) - if err != nil { - t.Fatalf("Error creating JSONSignature from map: %s", err) - } - - err = js.SignWithChain(trustKey, chain) - if err != nil { - t.Fatalf("Error signing with chain: %s", err) - } - - pool := x509.NewCertPool() - pool.AddCert(ca) - chains, err := js.VerifyChains(pool) - if err != nil { - t.Fatalf("Error verifying content: %s", err) - } - if len(chains) != 1 { - t.Fatalf("Unexpected chains length: %d", len(chains)) - } - if len(chains[0]) != 7 { - t.Fatalf("Unexpected chain length: %d", len(chains[0])) - } -} - -func TestInvalidChain(t *testing.T) { - caKey, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating key: %s", err) - } - ca, err := testutil.GenerateTrustCA(caKey.CryptoPublicKey(), caKey.CryptoPrivateKey()) - if err != nil { - t.Fatalf("Error generating ca: %s", err) - } - trustKey, chain := generateTrustChain(t, caKey, ca) - - testMap, _ := createTestJSON("verifySignatures", " ") - js, err := NewJSONSignatureFromMap(testMap) - if err != nil { - t.Fatalf("Error creating JSONSignature from map: %s", err) - } - - err = js.SignWithChain(trustKey, chain[:5]) - if err != nil { - t.Fatalf("Error signing with chain: %s", err) - } - - pool := x509.NewCertPool() - pool.AddCert(ca) - chains, err := js.VerifyChains(pool) - if err == nil { - t.Fatalf("Expected error verifying with bad chain") - } - if len(chains) != 0 { - t.Fatalf("Unexpected chains returned from invalid verify") - } -} - -func TestMergeSignatures(t *testing.T) { - pk1, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key 1: %v", err) - } - - pk2, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("unexpected error generating private key 2: %v", err) - } - - payload := make([]byte, 1<<10) - if _, err = io.ReadFull(rand.Reader, payload); err != nil { - t.Fatalf("error generating payload: %v", err) - } - - payload, _ = json.Marshal(map[string]interface{}{"data": payload}) - - sig1, err := NewJSONSignature(payload) - if err != nil { - t.Fatalf("unexpected error creating signature 1: %v", err) - } - - if err := sig1.Sign(pk1); err != nil { - t.Fatalf("unexpected error signing with pk1: %v", err) - } - - sig2, err := NewJSONSignature(payload) - if err != nil { - t.Fatalf("unexpected error creating signature 2: %v", err) - } - - if err := sig2.Sign(pk2); err != nil { - t.Fatalf("unexpected error signing with pk2: %v", err) - } - - // Now, we actually merge into sig1 - if err := sig1.Merge(sig2); err != nil { - t.Fatalf("unexpected error merging: %v", err) - } - - // Verify the new signature package - pubkeys, err := sig1.Verify() - if err != nil { - t.Fatalf("unexpected error during verify: %v", err) - } - - // Make sure the pubkeys match the two private keys from before - privkeys := map[string]PrivateKey{ - pk1.KeyID(): pk1, - pk2.KeyID(): pk2, - } - - found := map[string]struct{}{} - - for _, pubkey := range pubkeys { - if _, ok := privkeys[pubkey.KeyID()]; !ok { - t.Fatalf("unexpected public key found during verification: %v", pubkey) - } - - found[pubkey.KeyID()] = struct{}{} - } - - // Make sure we've found all the private keys from verification - for keyid, _ := range privkeys { - if _, ok := found[keyid]; !ok { - t.Fatalf("public key %v not found during verification", keyid) - } - } - - // Create another signature, with a different payload, and ensure we get an error. - sig3, err := NewJSONSignature([]byte("{}")) - if err != nil { - t.Fatalf("unexpected error making signature for sig3: %v", err) - } - - if err := sig1.Merge(sig3); err == nil { - t.Fatalf("error expected during invalid merge with different payload") - } -} diff --git a/vendor/github.com/docker/libtrust/key.go b/vendor/github.com/docker/libtrust/key.go deleted file mode 100644 index 73642db2..00000000 --- a/vendor/github.com/docker/libtrust/key.go +++ /dev/null @@ -1,253 +0,0 @@ -package libtrust - -import ( - "crypto" - "crypto/ecdsa" - "crypto/rsa" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" -) - -// PublicKey is a generic interface for a Public Key. -type PublicKey interface { - // KeyType returns the key type for this key. For elliptic curve keys, - // this value should be "EC". For RSA keys, this value should be "RSA". - KeyType() string - // KeyID returns a distinct identifier which is unique to this Public Key. - // The format generated by this library is a base32 encoding of a 240 bit - // hash of the public key data divided into 12 groups like so: - // ABCD:EFGH:IJKL:MNOP:QRST:UVWX:YZ23:4567:ABCD:EFGH:IJKL:MNOP - KeyID() string - // Verify verifyies the signature of the data in the io.Reader using this - // Public Key. The alg parameter should identify the digital signature - // algorithm which was used to produce the signature and should be - // supported by this public key. Returns a nil error if the signature - // is valid. - Verify(data io.Reader, alg string, signature []byte) error - // CryptoPublicKey returns the internal object which can be used as a - // crypto.PublicKey for use with other standard library operations. The type - // is either *rsa.PublicKey or *ecdsa.PublicKey - CryptoPublicKey() crypto.PublicKey - // These public keys can be serialized to the standard JSON encoding for - // JSON Web Keys. See section 6 of the IETF draft RFC for JOSE JSON Web - // Algorithms. - MarshalJSON() ([]byte, error) - // These keys can also be serialized to the standard PEM encoding. - PEMBlock() (*pem.Block, error) - // The string representation of a key is its key type and ID. - String() string - AddExtendedField(string, interface{}) - GetExtendedField(string) interface{} -} - -// PrivateKey is a generic interface for a Private Key. -type PrivateKey interface { - // A PrivateKey contains all fields and methods of a PublicKey of the - // same type. The MarshalJSON method also outputs the private key as a - // JSON Web Key, and the PEMBlock method outputs the private key as a - // PEM block. - PublicKey - // PublicKey returns the PublicKey associated with this PrivateKey. - PublicKey() PublicKey - // Sign signs the data read from the io.Reader using a signature algorithm - // supported by the private key. If the specified hashing algorithm is - // supported by this key, that hash function is used to generate the - // signature otherwise the the default hashing algorithm for this key is - // used. Returns the signature and identifier of the algorithm used. - Sign(data io.Reader, hashID crypto.Hash) (signature []byte, alg string, err error) - // CryptoPrivateKey returns the internal object which can be used as a - // crypto.PublicKey for use with other standard library operations. The - // type is either *rsa.PublicKey or *ecdsa.PublicKey - CryptoPrivateKey() crypto.PrivateKey -} - -// FromCryptoPublicKey returns a libtrust PublicKey representation of the given -// *ecdsa.PublicKey or *rsa.PublicKey. Returns a non-nil error when the given -// key is of an unsupported type. -func FromCryptoPublicKey(cryptoPublicKey crypto.PublicKey) (PublicKey, error) { - switch cryptoPublicKey := cryptoPublicKey.(type) { - case *ecdsa.PublicKey: - return fromECPublicKey(cryptoPublicKey) - case *rsa.PublicKey: - return fromRSAPublicKey(cryptoPublicKey), nil - default: - return nil, fmt.Errorf("public key type %T is not supported", cryptoPublicKey) - } -} - -// FromCryptoPrivateKey returns a libtrust PrivateKey representation of the given -// *ecdsa.PrivateKey or *rsa.PrivateKey. Returns a non-nil error when the given -// key is of an unsupported type. -func FromCryptoPrivateKey(cryptoPrivateKey crypto.PrivateKey) (PrivateKey, error) { - switch cryptoPrivateKey := cryptoPrivateKey.(type) { - case *ecdsa.PrivateKey: - return fromECPrivateKey(cryptoPrivateKey) - case *rsa.PrivateKey: - return fromRSAPrivateKey(cryptoPrivateKey), nil - default: - return nil, fmt.Errorf("private key type %T is not supported", cryptoPrivateKey) - } -} - -// UnmarshalPublicKeyPEM parses the PEM encoded data and returns a libtrust -// PublicKey or an error if there is a problem with the encoding. -func UnmarshalPublicKeyPEM(data []byte) (PublicKey, error) { - pemBlock, _ := pem.Decode(data) - if pemBlock == nil { - return nil, errors.New("unable to find PEM encoded data") - } else if pemBlock.Type != "PUBLIC KEY" { - return nil, fmt.Errorf("unable to get PublicKey from PEM type: %s", pemBlock.Type) - } - - return pubKeyFromPEMBlock(pemBlock) -} - -// UnmarshalPublicKeyPEMBundle parses the PEM encoded data as a bundle of -// PEM blocks appended one after the other and returns a slice of PublicKey -// objects that it finds. -func UnmarshalPublicKeyPEMBundle(data []byte) ([]PublicKey, error) { - pubKeys := []PublicKey{} - - for { - var pemBlock *pem.Block - pemBlock, data = pem.Decode(data) - if pemBlock == nil { - break - } else if pemBlock.Type != "PUBLIC KEY" { - return nil, fmt.Errorf("unable to get PublicKey from PEM type: %s", pemBlock.Type) - } - - pubKey, err := pubKeyFromPEMBlock(pemBlock) - if err != nil { - return nil, err - } - - pubKeys = append(pubKeys, pubKey) - } - - return pubKeys, nil -} - -// UnmarshalPrivateKeyPEM parses the PEM encoded data and returns a libtrust -// PrivateKey or an error if there is a problem with the encoding. -func UnmarshalPrivateKeyPEM(data []byte) (PrivateKey, error) { - pemBlock, _ := pem.Decode(data) - if pemBlock == nil { - return nil, errors.New("unable to find PEM encoded data") - } - - var key PrivateKey - - switch { - case pemBlock.Type == "RSA PRIVATE KEY": - rsaPrivateKey, err := x509.ParsePKCS1PrivateKey(pemBlock.Bytes) - if err != nil { - return nil, fmt.Errorf("unable to decode RSA Private Key PEM data: %s", err) - } - key = fromRSAPrivateKey(rsaPrivateKey) - case pemBlock.Type == "EC PRIVATE KEY": - ecPrivateKey, err := x509.ParseECPrivateKey(pemBlock.Bytes) - if err != nil { - return nil, fmt.Errorf("unable to decode EC Private Key PEM data: %s", err) - } - key, err = fromECPrivateKey(ecPrivateKey) - if err != nil { - return nil, err - } - default: - return nil, fmt.Errorf("unable to get PrivateKey from PEM type: %s", pemBlock.Type) - } - - addPEMHeadersToKey(pemBlock, key.PublicKey()) - - return key, nil -} - -// UnmarshalPublicKeyJWK unmarshals the given JSON Web Key into a generic -// Public Key to be used with libtrust. -func UnmarshalPublicKeyJWK(data []byte) (PublicKey, error) { - jwk := make(map[string]interface{}) - - err := json.Unmarshal(data, &jwk) - if err != nil { - return nil, fmt.Errorf( - "decoding JWK Public Key JSON data: %s\n", err, - ) - } - - // Get the Key Type value. - kty, err := stringFromMap(jwk, "kty") - if err != nil { - return nil, fmt.Errorf("JWK Public Key type: %s", err) - } - - switch { - case kty == "EC": - // Call out to unmarshal EC public key. - return ecPublicKeyFromMap(jwk) - case kty == "RSA": - // Call out to unmarshal RSA public key. - return rsaPublicKeyFromMap(jwk) - default: - return nil, fmt.Errorf( - "JWK Public Key type not supported: %q\n", kty, - ) - } -} - -// UnmarshalPublicKeyJWKSet parses the JSON encoded data as a JSON Web Key Set -// and returns a slice of Public Key objects. -func UnmarshalPublicKeyJWKSet(data []byte) ([]PublicKey, error) { - rawKeys, err := loadJSONKeySetRaw(data) - if err != nil { - return nil, err - } - - pubKeys := make([]PublicKey, 0, len(rawKeys)) - - for _, rawKey := range rawKeys { - pubKey, err := UnmarshalPublicKeyJWK(rawKey) - if err != nil { - return nil, err - } - pubKeys = append(pubKeys, pubKey) - } - - return pubKeys, nil -} - -// UnmarshalPrivateKeyJWK unmarshals the given JSON Web Key into a generic -// Private Key to be used with libtrust. -func UnmarshalPrivateKeyJWK(data []byte) (PrivateKey, error) { - jwk := make(map[string]interface{}) - - err := json.Unmarshal(data, &jwk) - if err != nil { - return nil, fmt.Errorf( - "decoding JWK Private Key JSON data: %s\n", err, - ) - } - - // Get the Key Type value. - kty, err := stringFromMap(jwk, "kty") - if err != nil { - return nil, fmt.Errorf("JWK Private Key type: %s", err) - } - - switch { - case kty == "EC": - // Call out to unmarshal EC private key. - return ecPrivateKeyFromMap(jwk) - case kty == "RSA": - // Call out to unmarshal RSA private key. - return rsaPrivateKeyFromMap(jwk) - default: - return nil, fmt.Errorf( - "JWK Private Key type not supported: %q\n", kty, - ) - } -} diff --git a/vendor/github.com/docker/libtrust/key_files.go b/vendor/github.com/docker/libtrust/key_files.go deleted file mode 100644 index c526de54..00000000 --- a/vendor/github.com/docker/libtrust/key_files.go +++ /dev/null @@ -1,255 +0,0 @@ -package libtrust - -import ( - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io/ioutil" - "os" - "strings" -) - -var ( - // ErrKeyFileDoesNotExist indicates that the private key file does not exist. - ErrKeyFileDoesNotExist = errors.New("key file does not exist") -) - -func readKeyFileBytes(filename string) ([]byte, error) { - data, err := ioutil.ReadFile(filename) - if err != nil { - if os.IsNotExist(err) { - err = ErrKeyFileDoesNotExist - } else { - err = fmt.Errorf("unable to read key file %s: %s", filename, err) - } - - return nil, err - } - - return data, nil -} - -/* - Loading and Saving of Public and Private Keys in either PEM or JWK format. -*/ - -// LoadKeyFile opens the given filename and attempts to read a Private Key -// encoded in either PEM or JWK format (if .json or .jwk file extension). -func LoadKeyFile(filename string) (PrivateKey, error) { - contents, err := readKeyFileBytes(filename) - if err != nil { - return nil, err - } - - var key PrivateKey - - if strings.HasSuffix(filename, ".json") || strings.HasSuffix(filename, ".jwk") { - key, err = UnmarshalPrivateKeyJWK(contents) - if err != nil { - return nil, fmt.Errorf("unable to decode private key JWK: %s", err) - } - } else { - key, err = UnmarshalPrivateKeyPEM(contents) - if err != nil { - return nil, fmt.Errorf("unable to decode private key PEM: %s", err) - } - } - - return key, nil -} - -// LoadPublicKeyFile opens the given filename and attempts to read a Public Key -// encoded in either PEM or JWK format (if .json or .jwk file extension). -func LoadPublicKeyFile(filename string) (PublicKey, error) { - contents, err := readKeyFileBytes(filename) - if err != nil { - return nil, err - } - - var key PublicKey - - if strings.HasSuffix(filename, ".json") || strings.HasSuffix(filename, ".jwk") { - key, err = UnmarshalPublicKeyJWK(contents) - if err != nil { - return nil, fmt.Errorf("unable to decode public key JWK: %s", err) - } - } else { - key, err = UnmarshalPublicKeyPEM(contents) - if err != nil { - return nil, fmt.Errorf("unable to decode public key PEM: %s", err) - } - } - - return key, nil -} - -// SaveKey saves the given key to a file using the provided filename. -// This process will overwrite any existing file at the provided location. -func SaveKey(filename string, key PrivateKey) error { - var encodedKey []byte - var err error - - if strings.HasSuffix(filename, ".json") || strings.HasSuffix(filename, ".jwk") { - // Encode in JSON Web Key format. - encodedKey, err = json.MarshalIndent(key, "", " ") - if err != nil { - return fmt.Errorf("unable to encode private key JWK: %s", err) - } - } else { - // Encode in PEM format. - pemBlock, err := key.PEMBlock() - if err != nil { - return fmt.Errorf("unable to encode private key PEM: %s", err) - } - encodedKey = pem.EncodeToMemory(pemBlock) - } - - err = ioutil.WriteFile(filename, encodedKey, os.FileMode(0600)) - if err != nil { - return fmt.Errorf("unable to write private key file %s: %s", filename, err) - } - - return nil -} - -// SavePublicKey saves the given public key to the file. -func SavePublicKey(filename string, key PublicKey) error { - var encodedKey []byte - var err error - - if strings.HasSuffix(filename, ".json") || strings.HasSuffix(filename, ".jwk") { - // Encode in JSON Web Key format. - encodedKey, err = json.MarshalIndent(key, "", " ") - if err != nil { - return fmt.Errorf("unable to encode public key JWK: %s", err) - } - } else { - // Encode in PEM format. - pemBlock, err := key.PEMBlock() - if err != nil { - return fmt.Errorf("unable to encode public key PEM: %s", err) - } - encodedKey = pem.EncodeToMemory(pemBlock) - } - - err = ioutil.WriteFile(filename, encodedKey, os.FileMode(0644)) - if err != nil { - return fmt.Errorf("unable to write public key file %s: %s", filename, err) - } - - return nil -} - -// Public Key Set files - -type jwkSet struct { - Keys []json.RawMessage `json:"keys"` -} - -// LoadKeySetFile loads a key set -func LoadKeySetFile(filename string) ([]PublicKey, error) { - if strings.HasSuffix(filename, ".json") || strings.HasSuffix(filename, ".jwk") { - return loadJSONKeySetFile(filename) - } - - // Must be a PEM format file - return loadPEMKeySetFile(filename) -} - -func loadJSONKeySetRaw(data []byte) ([]json.RawMessage, error) { - if len(data) == 0 { - // This is okay, just return an empty slice. - return []json.RawMessage{}, nil - } - - keySet := jwkSet{} - - err := json.Unmarshal(data, &keySet) - if err != nil { - return nil, fmt.Errorf("unable to decode JSON Web Key Set: %s", err) - } - - return keySet.Keys, nil -} - -func loadJSONKeySetFile(filename string) ([]PublicKey, error) { - contents, err := readKeyFileBytes(filename) - if err != nil && err != ErrKeyFileDoesNotExist { - return nil, err - } - - return UnmarshalPublicKeyJWKSet(contents) -} - -func loadPEMKeySetFile(filename string) ([]PublicKey, error) { - data, err := readKeyFileBytes(filename) - if err != nil && err != ErrKeyFileDoesNotExist { - return nil, err - } - - return UnmarshalPublicKeyPEMBundle(data) -} - -// AddKeySetFile adds a key to a key set -func AddKeySetFile(filename string, key PublicKey) error { - if strings.HasSuffix(filename, ".json") || strings.HasSuffix(filename, ".jwk") { - return addKeySetJSONFile(filename, key) - } - - // Must be a PEM format file - return addKeySetPEMFile(filename, key) -} - -func addKeySetJSONFile(filename string, key PublicKey) error { - encodedKey, err := json.Marshal(key) - if err != nil { - return fmt.Errorf("unable to encode trusted client key: %s", err) - } - - contents, err := readKeyFileBytes(filename) - if err != nil && err != ErrKeyFileDoesNotExist { - return err - } - - rawEntries, err := loadJSONKeySetRaw(contents) - if err != nil { - return err - } - - rawEntries = append(rawEntries, json.RawMessage(encodedKey)) - entriesWrapper := jwkSet{Keys: rawEntries} - - encodedEntries, err := json.MarshalIndent(entriesWrapper, "", " ") - if err != nil { - return fmt.Errorf("unable to encode trusted client keys: %s", err) - } - - err = ioutil.WriteFile(filename, encodedEntries, os.FileMode(0644)) - if err != nil { - return fmt.Errorf("unable to write trusted client keys file %s: %s", filename, err) - } - - return nil -} - -func addKeySetPEMFile(filename string, key PublicKey) error { - // Encode to PEM, open file for appending, write PEM. - file, err := os.OpenFile(filename, os.O_CREATE|os.O_APPEND|os.O_RDWR, os.FileMode(0644)) - if err != nil { - return fmt.Errorf("unable to open trusted client keys file %s: %s", filename, err) - } - defer file.Close() - - pemBlock, err := key.PEMBlock() - if err != nil { - return fmt.Errorf("unable to encoded trusted key: %s", err) - } - - _, err = file.Write(pem.EncodeToMemory(pemBlock)) - if err != nil { - return fmt.Errorf("unable to write trusted keys file: %s", err) - } - - return nil -} diff --git a/vendor/github.com/docker/libtrust/key_files_test.go b/vendor/github.com/docker/libtrust/key_files_test.go deleted file mode 100644 index 57e691f2..00000000 --- a/vendor/github.com/docker/libtrust/key_files_test.go +++ /dev/null @@ -1,220 +0,0 @@ -package libtrust - -import ( - "errors" - "io/ioutil" - "os" - "testing" -) - -func makeTempFile(t *testing.T, prefix string) (filename string) { - file, err := ioutil.TempFile("", prefix) - if err != nil { - t.Fatal(err) - } - - filename = file.Name() - file.Close() - - return -} - -func TestKeyFiles(t *testing.T) { - key, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - testKeyFiles(t, key) - - key, err = GenerateRSA2048PrivateKey() - if err != nil { - t.Fatal(err) - } - - testKeyFiles(t, key) -} - -func testKeyFiles(t *testing.T, key PrivateKey) { - var err error - - privateKeyFilename := makeTempFile(t, "private_key") - privateKeyFilenamePEM := privateKeyFilename + ".pem" - privateKeyFilenameJWK := privateKeyFilename + ".jwk" - - publicKeyFilename := makeTempFile(t, "public_key") - publicKeyFilenamePEM := publicKeyFilename + ".pem" - publicKeyFilenameJWK := publicKeyFilename + ".jwk" - - if err = SaveKey(privateKeyFilenamePEM, key); err != nil { - t.Fatal(err) - } - - if err = SaveKey(privateKeyFilenameJWK, key); err != nil { - t.Fatal(err) - } - - if err = SavePublicKey(publicKeyFilenamePEM, key.PublicKey()); err != nil { - t.Fatal(err) - } - - if err = SavePublicKey(publicKeyFilenameJWK, key.PublicKey()); err != nil { - t.Fatal(err) - } - - loadedPEMKey, err := LoadKeyFile(privateKeyFilenamePEM) - if err != nil { - t.Fatal(err) - } - - loadedJWKKey, err := LoadKeyFile(privateKeyFilenameJWK) - if err != nil { - t.Fatal(err) - } - - loadedPEMPublicKey, err := LoadPublicKeyFile(publicKeyFilenamePEM) - if err != nil { - t.Fatal(err) - } - - loadedJWKPublicKey, err := LoadPublicKeyFile(publicKeyFilenameJWK) - if err != nil { - t.Fatal(err) - } - - if key.KeyID() != loadedPEMKey.KeyID() { - t.Fatal(errors.New("key IDs do not match")) - } - - if key.KeyID() != loadedJWKKey.KeyID() { - t.Fatal(errors.New("key IDs do not match")) - } - - if key.KeyID() != loadedPEMPublicKey.KeyID() { - t.Fatal(errors.New("key IDs do not match")) - } - - if key.KeyID() != loadedJWKPublicKey.KeyID() { - t.Fatal(errors.New("key IDs do not match")) - } - - os.Remove(privateKeyFilename) - os.Remove(privateKeyFilenamePEM) - os.Remove(privateKeyFilenameJWK) - os.Remove(publicKeyFilename) - os.Remove(publicKeyFilenamePEM) - os.Remove(publicKeyFilenameJWK) -} - -func TestTrustedHostKeysFile(t *testing.T) { - trustedHostKeysFilename := makeTempFile(t, "trusted_host_keys") - trustedHostKeysFilenamePEM := trustedHostKeysFilename + ".pem" - trustedHostKeysFilenameJWK := trustedHostKeysFilename + ".json" - - testTrustedHostKeysFile(t, trustedHostKeysFilenamePEM) - testTrustedHostKeysFile(t, trustedHostKeysFilenameJWK) - - os.Remove(trustedHostKeysFilename) - os.Remove(trustedHostKeysFilenamePEM) - os.Remove(trustedHostKeysFilenameJWK) -} - -func testTrustedHostKeysFile(t *testing.T, trustedHostKeysFilename string) { - hostAddress1 := "docker.example.com:2376" - hostKey1, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - hostKey1.AddExtendedField("hosts", []string{hostAddress1}) - err = AddKeySetFile(trustedHostKeysFilename, hostKey1.PublicKey()) - if err != nil { - t.Fatal(err) - } - - trustedHostKeysMapping, err := LoadKeySetFile(trustedHostKeysFilename) - if err != nil { - t.Fatal(err) - } - - for addr, hostKey := range trustedHostKeysMapping { - t.Logf("Host Address: %d\n", addr) - t.Logf("Host Key: %s\n\n", hostKey) - } - - hostAddress2 := "192.168.59.103:2376" - hostKey2, err := GenerateRSA2048PrivateKey() - if err != nil { - t.Fatal(err) - } - - hostKey2.AddExtendedField("hosts", hostAddress2) - err = AddKeySetFile(trustedHostKeysFilename, hostKey2.PublicKey()) - if err != nil { - t.Fatal(err) - } - - trustedHostKeysMapping, err = LoadKeySetFile(trustedHostKeysFilename) - if err != nil { - t.Fatal(err) - } - - for addr, hostKey := range trustedHostKeysMapping { - t.Logf("Host Address: %d\n", addr) - t.Logf("Host Key: %s\n\n", hostKey) - } - -} - -func TestTrustedClientKeysFile(t *testing.T) { - trustedClientKeysFilename := makeTempFile(t, "trusted_client_keys") - trustedClientKeysFilenamePEM := trustedClientKeysFilename + ".pem" - trustedClientKeysFilenameJWK := trustedClientKeysFilename + ".json" - - testTrustedClientKeysFile(t, trustedClientKeysFilenamePEM) - testTrustedClientKeysFile(t, trustedClientKeysFilenameJWK) - - os.Remove(trustedClientKeysFilename) - os.Remove(trustedClientKeysFilenamePEM) - os.Remove(trustedClientKeysFilenameJWK) -} - -func testTrustedClientKeysFile(t *testing.T, trustedClientKeysFilename string) { - clientKey1, err := GenerateECP256PrivateKey() - if err != nil { - t.Fatal(err) - } - - err = AddKeySetFile(trustedClientKeysFilename, clientKey1.PublicKey()) - if err != nil { - t.Fatal(err) - } - - trustedClientKeys, err := LoadKeySetFile(trustedClientKeysFilename) - if err != nil { - t.Fatal(err) - } - - for _, clientKey := range trustedClientKeys { - t.Logf("Client Key: %s\n", clientKey) - } - - clientKey2, err := GenerateRSA2048PrivateKey() - if err != nil { - t.Fatal(err) - } - - err = AddKeySetFile(trustedClientKeysFilename, clientKey2.PublicKey()) - if err != nil { - t.Fatal(err) - } - - trustedClientKeys, err = LoadKeySetFile(trustedClientKeysFilename) - if err != nil { - t.Fatal(err) - } - - for _, clientKey := range trustedClientKeys { - t.Logf("Client Key: %s\n", clientKey) - } -} diff --git a/vendor/github.com/docker/libtrust/key_manager.go b/vendor/github.com/docker/libtrust/key_manager.go deleted file mode 100644 index 9a98ae35..00000000 --- a/vendor/github.com/docker/libtrust/key_manager.go +++ /dev/null @@ -1,175 +0,0 @@ -package libtrust - -import ( - "crypto/tls" - "crypto/x509" - "fmt" - "io/ioutil" - "net" - "os" - "path" - "sync" -) - -// ClientKeyManager manages client keys on the filesystem -type ClientKeyManager struct { - key PrivateKey - clientFile string - clientDir string - - clientLock sync.RWMutex - clients []PublicKey - - configLock sync.Mutex - configs []*tls.Config -} - -// NewClientKeyManager loads a new manager from a set of key files -// and managed by the given private key. -func NewClientKeyManager(trustKey PrivateKey, clientFile, clientDir string) (*ClientKeyManager, error) { - m := &ClientKeyManager{ - key: trustKey, - clientFile: clientFile, - clientDir: clientDir, - } - if err := m.loadKeys(); err != nil { - return nil, err - } - // TODO Start watching file and directory - - return m, nil -} - -func (c *ClientKeyManager) loadKeys() (err error) { - // Load authorized keys file - var clients []PublicKey - if c.clientFile != "" { - clients, err = LoadKeySetFile(c.clientFile) - if err != nil { - return fmt.Errorf("unable to load authorized keys: %s", err) - } - } - - // Add clients from authorized keys directory - files, err := ioutil.ReadDir(c.clientDir) - if err != nil && !os.IsNotExist(err) { - return fmt.Errorf("unable to open authorized keys directory: %s", err) - } - for _, f := range files { - if !f.IsDir() { - publicKey, err := LoadPublicKeyFile(path.Join(c.clientDir, f.Name())) - if err != nil { - return fmt.Errorf("unable to load authorized key file: %s", err) - } - clients = append(clients, publicKey) - } - } - - c.clientLock.Lock() - c.clients = clients - c.clientLock.Unlock() - - return nil -} - -// RegisterTLSConfig registers a tls configuration to manager -// such that any changes to the keys may be reflected in -// the tls client CA pool -func (c *ClientKeyManager) RegisterTLSConfig(tlsConfig *tls.Config) error { - c.clientLock.RLock() - certPool, err := GenerateCACertPool(c.key, c.clients) - if err != nil { - return fmt.Errorf("CA pool generation error: %s", err) - } - c.clientLock.RUnlock() - - tlsConfig.ClientCAs = certPool - - c.configLock.Lock() - c.configs = append(c.configs, tlsConfig) - c.configLock.Unlock() - - return nil -} - -// NewIdentityAuthTLSConfig creates a tls.Config for the server to use for -// libtrust identity authentication for the domain specified -func NewIdentityAuthTLSConfig(trustKey PrivateKey, clients *ClientKeyManager, addr string, domain string) (*tls.Config, error) { - tlsConfig := newTLSConfig() - - tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert - if err := clients.RegisterTLSConfig(tlsConfig); err != nil { - return nil, err - } - - // Generate cert - ips, domains, err := parseAddr(addr) - if err != nil { - return nil, err - } - // add domain that it expects clients to use - domains = append(domains, domain) - x509Cert, err := GenerateSelfSignedServerCert(trustKey, domains, ips) - if err != nil { - return nil, fmt.Errorf("certificate generation error: %s", err) - } - tlsConfig.Certificates = []tls.Certificate{{ - Certificate: [][]byte{x509Cert.Raw}, - PrivateKey: trustKey.CryptoPrivateKey(), - Leaf: x509Cert, - }} - - return tlsConfig, nil -} - -// NewCertAuthTLSConfig creates a tls.Config for the server to use for -// certificate authentication -func NewCertAuthTLSConfig(caPath, certPath, keyPath string) (*tls.Config, error) { - tlsConfig := newTLSConfig() - - cert, err := tls.LoadX509KeyPair(certPath, keyPath) - if err != nil { - return nil, fmt.Errorf("Couldn't load X509 key pair (%s, %s): %s. Key encrypted?", certPath, keyPath, err) - } - tlsConfig.Certificates = []tls.Certificate{cert} - - // Verify client certificates against a CA? - if caPath != "" { - certPool := x509.NewCertPool() - file, err := ioutil.ReadFile(caPath) - if err != nil { - return nil, fmt.Errorf("Couldn't read CA certificate: %s", err) - } - certPool.AppendCertsFromPEM(file) - - tlsConfig.ClientAuth = tls.RequireAndVerifyClientCert - tlsConfig.ClientCAs = certPool - } - - return tlsConfig, nil -} - -func newTLSConfig() *tls.Config { - return &tls.Config{ - NextProtos: []string{"http/1.1"}, - // Avoid fallback on insecure SSL protocols - MinVersion: tls.VersionTLS10, - } -} - -// parseAddr parses an address into an array of IPs and domains -func parseAddr(addr string) ([]net.IP, []string, error) { - host, _, err := net.SplitHostPort(addr) - if err != nil { - return nil, nil, err - } - var domains []string - var ips []net.IP - ip := net.ParseIP(host) - if ip != nil { - ips = []net.IP{ip} - } else { - domains = []string{host} - } - return ips, domains, nil -} diff --git a/vendor/github.com/docker/libtrust/key_test.go b/vendor/github.com/docker/libtrust/key_test.go deleted file mode 100644 index f6c59cc4..00000000 --- a/vendor/github.com/docker/libtrust/key_test.go +++ /dev/null @@ -1,80 +0,0 @@ -package libtrust - -import ( - "testing" -) - -type generateFunc func() (PrivateKey, error) - -func runGenerateBench(b *testing.B, f generateFunc, name string) { - for i := 0; i < b.N; i++ { - _, err := f() - if err != nil { - b.Fatalf("Error generating %s: %s", name, err) - } - } -} - -func runFingerprintBench(b *testing.B, f generateFunc, name string) { - b.StopTimer() - // Don't count this relatively slow generation call. - key, err := f() - if err != nil { - b.Fatalf("Error generating %s: %s", name, err) - } - b.StartTimer() - - for i := 0; i < b.N; i++ { - if key.KeyID() == "" { - b.Fatalf("Error generating key ID for %s", name) - } - } -} - -func BenchmarkECP256Generate(b *testing.B) { - runGenerateBench(b, GenerateECP256PrivateKey, "P256") -} - -func BenchmarkECP384Generate(b *testing.B) { - runGenerateBench(b, GenerateECP384PrivateKey, "P384") -} - -func BenchmarkECP521Generate(b *testing.B) { - runGenerateBench(b, GenerateECP521PrivateKey, "P521") -} - -func BenchmarkRSA2048Generate(b *testing.B) { - runGenerateBench(b, GenerateRSA2048PrivateKey, "RSA2048") -} - -func BenchmarkRSA3072Generate(b *testing.B) { - runGenerateBench(b, GenerateRSA3072PrivateKey, "RSA3072") -} - -func BenchmarkRSA4096Generate(b *testing.B) { - runGenerateBench(b, GenerateRSA4096PrivateKey, "RSA4096") -} - -func BenchmarkECP256Fingerprint(b *testing.B) { - runFingerprintBench(b, GenerateECP256PrivateKey, "P256") -} - -func BenchmarkECP384Fingerprint(b *testing.B) { - runFingerprintBench(b, GenerateECP384PrivateKey, "P384") -} - -func BenchmarkECP521Fingerprint(b *testing.B) { - runFingerprintBench(b, GenerateECP521PrivateKey, "P521") -} - -func BenchmarkRSA2048Fingerprint(b *testing.B) { - runFingerprintBench(b, GenerateRSA2048PrivateKey, "RSA2048") -} - -func BenchmarkRSA3072Fingerprint(b *testing.B) { - runFingerprintBench(b, GenerateRSA3072PrivateKey, "RSA3072") -} - -func BenchmarkRSA4096Fingerprint(b *testing.B) { - runFingerprintBench(b, GenerateRSA4096PrivateKey, "RSA4096") -} diff --git a/vendor/github.com/docker/libtrust/rsa_key.go b/vendor/github.com/docker/libtrust/rsa_key.go deleted file mode 100644 index dac4cacf..00000000 --- a/vendor/github.com/docker/libtrust/rsa_key.go +++ /dev/null @@ -1,427 +0,0 @@ -package libtrust - -import ( - "crypto" - "crypto/rand" - "crypto/rsa" - "crypto/x509" - "encoding/json" - "encoding/pem" - "errors" - "fmt" - "io" - "math/big" -) - -/* - * RSA DSA PUBLIC KEY - */ - -// rsaPublicKey implements a JWK Public Key using RSA digital signature algorithms. -type rsaPublicKey struct { - *rsa.PublicKey - extended map[string]interface{} -} - -func fromRSAPublicKey(cryptoPublicKey *rsa.PublicKey) *rsaPublicKey { - return &rsaPublicKey{cryptoPublicKey, map[string]interface{}{}} -} - -// KeyType returns the JWK key type for RSA keys, i.e., "RSA". -func (k *rsaPublicKey) KeyType() string { - return "RSA" -} - -// KeyID returns a distinct identifier which is unique to this Public Key. -func (k *rsaPublicKey) KeyID() string { - return keyIDFromCryptoKey(k) -} - -func (k *rsaPublicKey) String() string { - return fmt.Sprintf("RSA Public Key <%s>", k.KeyID()) -} - -// Verify verifyies the signature of the data in the io.Reader using this Public Key. -// The alg parameter should be the name of the JWA digital signature algorithm -// which was used to produce the signature and should be supported by this -// public key. Returns a nil error if the signature is valid. -func (k *rsaPublicKey) Verify(data io.Reader, alg string, signature []byte) error { - // Verify the signature of the given date, return non-nil error if valid. - sigAlg, err := rsaSignatureAlgorithmByName(alg) - if err != nil { - return fmt.Errorf("unable to verify Signature: %s", err) - } - - hasher := sigAlg.HashID().New() - _, err = io.Copy(hasher, data) - if err != nil { - return fmt.Errorf("error reading data to sign: %s", err) - } - hash := hasher.Sum(nil) - - err = rsa.VerifyPKCS1v15(k.PublicKey, sigAlg.HashID(), hash, signature) - if err != nil { - return fmt.Errorf("invalid %s signature: %s", sigAlg.HeaderParam(), err) - } - - return nil -} - -// CryptoPublicKey returns the internal object which can be used as a -// crypto.PublicKey for use with other standard library operations. The type -// is either *rsa.PublicKey or *ecdsa.PublicKey -func (k *rsaPublicKey) CryptoPublicKey() crypto.PublicKey { - return k.PublicKey -} - -func (k *rsaPublicKey) toMap() map[string]interface{} { - jwk := make(map[string]interface{}) - for k, v := range k.extended { - jwk[k] = v - } - jwk["kty"] = k.KeyType() - jwk["kid"] = k.KeyID() - jwk["n"] = joseBase64UrlEncode(k.N.Bytes()) - jwk["e"] = joseBase64UrlEncode(serializeRSAPublicExponentParam(k.E)) - - return jwk -} - -// MarshalJSON serializes this Public Key using the JWK JSON serialization format for -// RSA keys. -func (k *rsaPublicKey) MarshalJSON() (data []byte, err error) { - return json.Marshal(k.toMap()) -} - -// PEMBlock serializes this Public Key to DER-encoded PKIX format. -func (k *rsaPublicKey) PEMBlock() (*pem.Block, error) { - derBytes, err := x509.MarshalPKIXPublicKey(k.PublicKey) - if err != nil { - return nil, fmt.Errorf("unable to serialize RSA PublicKey to DER-encoded PKIX format: %s", err) - } - k.extended["kid"] = k.KeyID() // For display purposes. - return createPemBlock("PUBLIC KEY", derBytes, k.extended) -} - -func (k *rsaPublicKey) AddExtendedField(field string, value interface{}) { - k.extended[field] = value -} - -func (k *rsaPublicKey) GetExtendedField(field string) interface{} { - v, ok := k.extended[field] - if !ok { - return nil - } - return v -} - -func rsaPublicKeyFromMap(jwk map[string]interface{}) (*rsaPublicKey, error) { - // JWK key type (kty) has already been determined to be "RSA". - // Need to extract 'n', 'e', and 'kid' and check for - // consistency. - - // Get the modulus parameter N. - nB64Url, err := stringFromMap(jwk, "n") - if err != nil { - return nil, fmt.Errorf("JWK RSA Public Key modulus: %s", err) - } - - n, err := parseRSAModulusParam(nB64Url) - if err != nil { - return nil, fmt.Errorf("JWK RSA Public Key modulus: %s", err) - } - - // Get the public exponent E. - eB64Url, err := stringFromMap(jwk, "e") - if err != nil { - return nil, fmt.Errorf("JWK RSA Public Key exponent: %s", err) - } - - e, err := parseRSAPublicExponentParam(eB64Url) - if err != nil { - return nil, fmt.Errorf("JWK RSA Public Key exponent: %s", err) - } - - key := &rsaPublicKey{ - PublicKey: &rsa.PublicKey{N: n, E: e}, - } - - // Key ID is optional, but if it exists, it should match the key. - _, ok := jwk["kid"] - if ok { - kid, err := stringFromMap(jwk, "kid") - if err != nil { - return nil, fmt.Errorf("JWK RSA Public Key ID: %s", err) - } - if kid != key.KeyID() { - return nil, fmt.Errorf("JWK RSA Public Key ID does not match: %s", kid) - } - } - - if _, ok := jwk["d"]; ok { - return nil, fmt.Errorf("JWK RSA Public Key cannot contain private exponent") - } - - key.extended = jwk - - return key, nil -} - -/* - * RSA DSA PRIVATE KEY - */ - -// rsaPrivateKey implements a JWK Private Key using RSA digital signature algorithms. -type rsaPrivateKey struct { - rsaPublicKey - *rsa.PrivateKey -} - -func fromRSAPrivateKey(cryptoPrivateKey *rsa.PrivateKey) *rsaPrivateKey { - return &rsaPrivateKey{ - *fromRSAPublicKey(&cryptoPrivateKey.PublicKey), - cryptoPrivateKey, - } -} - -// PublicKey returns the Public Key data associated with this Private Key. -func (k *rsaPrivateKey) PublicKey() PublicKey { - return &k.rsaPublicKey -} - -func (k *rsaPrivateKey) String() string { - return fmt.Sprintf("RSA Private Key <%s>", k.KeyID()) -} - -// Sign signs the data read from the io.Reader using a signature algorithm supported -// by the RSA private key. If the specified hashing algorithm is supported by -// this key, that hash function is used to generate the signature otherwise the -// the default hashing algorithm for this key is used. Returns the signature -// and the name of the JWK signature algorithm used, e.g., "RS256", "RS384", -// "RS512". -func (k *rsaPrivateKey) Sign(data io.Reader, hashID crypto.Hash) (signature []byte, alg string, err error) { - // Generate a signature of the data using the internal alg. - sigAlg := rsaPKCS1v15SignatureAlgorithmForHashID(hashID) - hasher := sigAlg.HashID().New() - - _, err = io.Copy(hasher, data) - if err != nil { - return nil, "", fmt.Errorf("error reading data to sign: %s", err) - } - hash := hasher.Sum(nil) - - signature, err = rsa.SignPKCS1v15(rand.Reader, k.PrivateKey, sigAlg.HashID(), hash) - if err != nil { - return nil, "", fmt.Errorf("error producing signature: %s", err) - } - - alg = sigAlg.HeaderParam() - - return -} - -// CryptoPrivateKey returns the internal object which can be used as a -// crypto.PublicKey for use with other standard library operations. The type -// is either *rsa.PublicKey or *ecdsa.PublicKey -func (k *rsaPrivateKey) CryptoPrivateKey() crypto.PrivateKey { - return k.PrivateKey -} - -func (k *rsaPrivateKey) toMap() map[string]interface{} { - k.Precompute() // Make sure the precomputed values are stored. - jwk := k.rsaPublicKey.toMap() - - jwk["d"] = joseBase64UrlEncode(k.D.Bytes()) - jwk["p"] = joseBase64UrlEncode(k.Primes[0].Bytes()) - jwk["q"] = joseBase64UrlEncode(k.Primes[1].Bytes()) - jwk["dp"] = joseBase64UrlEncode(k.Precomputed.Dp.Bytes()) - jwk["dq"] = joseBase64UrlEncode(k.Precomputed.Dq.Bytes()) - jwk["qi"] = joseBase64UrlEncode(k.Precomputed.Qinv.Bytes()) - - otherPrimes := k.Primes[2:] - - if len(otherPrimes) > 0 { - otherPrimesInfo := make([]interface{}, len(otherPrimes)) - for i, r := range otherPrimes { - otherPrimeInfo := make(map[string]string, 3) - otherPrimeInfo["r"] = joseBase64UrlEncode(r.Bytes()) - crtVal := k.Precomputed.CRTValues[i] - otherPrimeInfo["d"] = joseBase64UrlEncode(crtVal.Exp.Bytes()) - otherPrimeInfo["t"] = joseBase64UrlEncode(crtVal.Coeff.Bytes()) - otherPrimesInfo[i] = otherPrimeInfo - } - jwk["oth"] = otherPrimesInfo - } - - return jwk -} - -// MarshalJSON serializes this Private Key using the JWK JSON serialization format for -// RSA keys. -func (k *rsaPrivateKey) MarshalJSON() (data []byte, err error) { - return json.Marshal(k.toMap()) -} - -// PEMBlock serializes this Private Key to DER-encoded PKIX format. -func (k *rsaPrivateKey) PEMBlock() (*pem.Block, error) { - derBytes := x509.MarshalPKCS1PrivateKey(k.PrivateKey) - k.extended["keyID"] = k.KeyID() // For display purposes. - return createPemBlock("RSA PRIVATE KEY", derBytes, k.extended) -} - -func rsaPrivateKeyFromMap(jwk map[string]interface{}) (*rsaPrivateKey, error) { - // The JWA spec for RSA Private Keys (draft rfc section 5.3.2) states that - // only the private key exponent 'd' is REQUIRED, the others are just for - // signature/decryption optimizations and SHOULD be included when the JWK - // is produced. We MAY choose to accept a JWK which only includes 'd', but - // we're going to go ahead and not choose to accept it without the extra - // fields. Only the 'oth' field will be optional (for multi-prime keys). - privateExponent, err := parseRSAPrivateKeyParamFromMap(jwk, "d") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key exponent: %s", err) - } - firstPrimeFactor, err := parseRSAPrivateKeyParamFromMap(jwk, "p") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key prime factor: %s", err) - } - secondPrimeFactor, err := parseRSAPrivateKeyParamFromMap(jwk, "q") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key prime factor: %s", err) - } - firstFactorCRT, err := parseRSAPrivateKeyParamFromMap(jwk, "dp") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key CRT exponent: %s", err) - } - secondFactorCRT, err := parseRSAPrivateKeyParamFromMap(jwk, "dq") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key CRT exponent: %s", err) - } - crtCoeff, err := parseRSAPrivateKeyParamFromMap(jwk, "qi") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key CRT coefficient: %s", err) - } - - var oth interface{} - if _, ok := jwk["oth"]; ok { - oth = jwk["oth"] - delete(jwk, "oth") - } - - // JWK key type (kty) has already been determined to be "RSA". - // Need to extract the public key information, then extract the private - // key values. - publicKey, err := rsaPublicKeyFromMap(jwk) - if err != nil { - return nil, err - } - - privateKey := &rsa.PrivateKey{ - PublicKey: *publicKey.PublicKey, - D: privateExponent, - Primes: []*big.Int{firstPrimeFactor, secondPrimeFactor}, - Precomputed: rsa.PrecomputedValues{ - Dp: firstFactorCRT, - Dq: secondFactorCRT, - Qinv: crtCoeff, - }, - } - - if oth != nil { - // Should be an array of more JSON objects. - otherPrimesInfo, ok := oth.([]interface{}) - if !ok { - return nil, errors.New("JWK RSA Private Key: Invalid other primes info: must be an array") - } - numOtherPrimeFactors := len(otherPrimesInfo) - if numOtherPrimeFactors == 0 { - return nil, errors.New("JWK RSA Privake Key: Invalid other primes info: must be absent or non-empty") - } - otherPrimeFactors := make([]*big.Int, numOtherPrimeFactors) - productOfPrimes := new(big.Int).Mul(firstPrimeFactor, secondPrimeFactor) - crtValues := make([]rsa.CRTValue, numOtherPrimeFactors) - - for i, val := range otherPrimesInfo { - otherPrimeinfo, ok := val.(map[string]interface{}) - if !ok { - return nil, errors.New("JWK RSA Private Key: Invalid other prime info: must be a JSON object") - } - - otherPrimeFactor, err := parseRSAPrivateKeyParamFromMap(otherPrimeinfo, "r") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key prime factor: %s", err) - } - otherFactorCRT, err := parseRSAPrivateKeyParamFromMap(otherPrimeinfo, "d") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key CRT exponent: %s", err) - } - otherCrtCoeff, err := parseRSAPrivateKeyParamFromMap(otherPrimeinfo, "t") - if err != nil { - return nil, fmt.Errorf("JWK RSA Private Key CRT coefficient: %s", err) - } - - crtValue := crtValues[i] - crtValue.Exp = otherFactorCRT - crtValue.Coeff = otherCrtCoeff - crtValue.R = productOfPrimes - otherPrimeFactors[i] = otherPrimeFactor - productOfPrimes = new(big.Int).Mul(productOfPrimes, otherPrimeFactor) - } - - privateKey.Primes = append(privateKey.Primes, otherPrimeFactors...) - privateKey.Precomputed.CRTValues = crtValues - } - - key := &rsaPrivateKey{ - rsaPublicKey: *publicKey, - PrivateKey: privateKey, - } - - return key, nil -} - -/* - * Key Generation Functions. - */ - -func generateRSAPrivateKey(bits int) (k *rsaPrivateKey, err error) { - k = new(rsaPrivateKey) - k.PrivateKey, err = rsa.GenerateKey(rand.Reader, bits) - if err != nil { - return nil, err - } - - k.rsaPublicKey.PublicKey = &k.PrivateKey.PublicKey - k.extended = make(map[string]interface{}) - - return -} - -// GenerateRSA2048PrivateKey generates a key pair using 2048-bit RSA. -func GenerateRSA2048PrivateKey() (PrivateKey, error) { - k, err := generateRSAPrivateKey(2048) - if err != nil { - return nil, fmt.Errorf("error generating RSA 2048-bit key: %s", err) - } - - return k, nil -} - -// GenerateRSA3072PrivateKey generates a key pair using 3072-bit RSA. -func GenerateRSA3072PrivateKey() (PrivateKey, error) { - k, err := generateRSAPrivateKey(3072) - if err != nil { - return nil, fmt.Errorf("error generating RSA 3072-bit key: %s", err) - } - - return k, nil -} - -// GenerateRSA4096PrivateKey generates a key pair using 4096-bit RSA. -func GenerateRSA4096PrivateKey() (PrivateKey, error) { - k, err := generateRSAPrivateKey(4096) - if err != nil { - return nil, fmt.Errorf("error generating RSA 4096-bit key: %s", err) - } - - return k, nil -} diff --git a/vendor/github.com/docker/libtrust/rsa_key_test.go b/vendor/github.com/docker/libtrust/rsa_key_test.go deleted file mode 100644 index 5ec7707a..00000000 --- a/vendor/github.com/docker/libtrust/rsa_key_test.go +++ /dev/null @@ -1,157 +0,0 @@ -package libtrust - -import ( - "bytes" - "encoding/json" - "log" - "testing" -) - -var rsaKeys []PrivateKey - -func init() { - var err error - rsaKeys, err = generateRSATestKeys() - if err != nil { - log.Fatal(err) - } -} - -func generateRSATestKeys() (keys []PrivateKey, err error) { - log.Println("Generating RSA 2048-bit Test Key") - rsa2048Key, err := GenerateRSA2048PrivateKey() - if err != nil { - return - } - - log.Println("Generating RSA 3072-bit Test Key") - rsa3072Key, err := GenerateRSA3072PrivateKey() - if err != nil { - return - } - - log.Println("Generating RSA 4096-bit Test Key") - rsa4096Key, err := GenerateRSA4096PrivateKey() - if err != nil { - return - } - - log.Println("Done generating RSA Test Keys!") - keys = []PrivateKey{rsa2048Key, rsa3072Key, rsa4096Key} - - return -} - -func TestRSAKeys(t *testing.T) { - for _, rsaKey := range rsaKeys { - if rsaKey.KeyType() != "RSA" { - t.Fatalf("key type must be %q, instead got %q", "RSA", rsaKey.KeyType()) - } - } -} - -func TestRSASignVerify(t *testing.T) { - message := "Hello, World!" - data := bytes.NewReader([]byte(message)) - - sigAlgs := []*signatureAlgorithm{rs256, rs384, rs512} - - for i, rsaKey := range rsaKeys { - sigAlg := sigAlgs[i] - - t.Logf("%s signature of %q with kid: %s\n", sigAlg.HeaderParam(), message, rsaKey.KeyID()) - - data.Seek(0, 0) // Reset the byte reader - - // Sign - sig, alg, err := rsaKey.Sign(data, sigAlg.HashID()) - if err != nil { - t.Fatal(err) - } - - data.Seek(0, 0) // Reset the byte reader - - // Verify - err = rsaKey.Verify(data, alg, sig) - if err != nil { - t.Fatal(err) - } - } -} - -func TestMarshalUnmarshalRSAKeys(t *testing.T) { - data := bytes.NewReader([]byte("This is a test. I repeat: this is only a test.")) - sigAlgs := []*signatureAlgorithm{rs256, rs384, rs512} - - for i, rsaKey := range rsaKeys { - sigAlg := sigAlgs[i] - privateJWKJSON, err := json.MarshalIndent(rsaKey, "", " ") - if err != nil { - t.Fatal(err) - } - - publicJWKJSON, err := json.MarshalIndent(rsaKey.PublicKey(), "", " ") - if err != nil { - t.Fatal(err) - } - - t.Logf("JWK Private Key: %s", string(privateJWKJSON)) - t.Logf("JWK Public Key: %s", string(publicJWKJSON)) - - privKey2, err := UnmarshalPrivateKeyJWK(privateJWKJSON) - if err != nil { - t.Fatal(err) - } - - pubKey2, err := UnmarshalPublicKeyJWK(publicJWKJSON) - if err != nil { - t.Fatal(err) - } - - // Ensure we can sign/verify a message with the unmarshalled keys. - data.Seek(0, 0) // Reset the byte reader - signature, alg, err := privKey2.Sign(data, sigAlg.HashID()) - if err != nil { - t.Fatal(err) - } - - data.Seek(0, 0) // Reset the byte reader - err = pubKey2.Verify(data, alg, signature) - if err != nil { - t.Fatal(err) - } - - // It's a good idea to validate the Private Key to make sure our - // (un)marshal process didn't corrupt the extra parameters. - k := privKey2.(*rsaPrivateKey) - err = k.PrivateKey.Validate() - if err != nil { - t.Fatal(err) - } - } -} - -func TestFromCryptoRSAKeys(t *testing.T) { - for _, rsaKey := range rsaKeys { - cryptoPrivateKey := rsaKey.CryptoPrivateKey() - cryptoPublicKey := rsaKey.CryptoPublicKey() - - pubKey, err := FromCryptoPublicKey(cryptoPublicKey) - if err != nil { - t.Fatal(err) - } - - if pubKey.KeyID() != rsaKey.KeyID() { - t.Fatal("public key key ID mismatch") - } - - privKey, err := FromCryptoPrivateKey(cryptoPrivateKey) - if err != nil { - t.Fatal(err) - } - - if privKey.KeyID() != rsaKey.KeyID() { - t.Fatal("public key key ID mismatch") - } - } -} diff --git a/vendor/github.com/docker/libtrust/testutil/certificates.go b/vendor/github.com/docker/libtrust/testutil/certificates.go deleted file mode 100644 index 89debf6b..00000000 --- a/vendor/github.com/docker/libtrust/testutil/certificates.go +++ /dev/null @@ -1,94 +0,0 @@ -package testutil - -import ( - "crypto" - "crypto/rand" - "crypto/x509" - "crypto/x509/pkix" - "math/big" - "time" -) - -// GenerateTrustCA generates a new certificate authority for testing. -func GenerateTrustCA(pub crypto.PublicKey, priv crypto.PrivateKey) (*x509.Certificate, error) { - cert := &x509.Certificate{ - SerialNumber: big.NewInt(0), - Subject: pkix.Name{ - CommonName: "CA Root", - }, - NotBefore: time.Now().Add(-time.Second), - NotAfter: time.Now().Add(time.Hour), - IsCA: true, - KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageCRLSign, - BasicConstraintsValid: true, - } - - certDER, err := x509.CreateCertificate(rand.Reader, cert, cert, pub, priv) - if err != nil { - return nil, err - } - - cert, err = x509.ParseCertificate(certDER) - if err != nil { - return nil, err - } - - return cert, nil -} - -// GenerateIntermediate generates an intermediate certificate for testing using -// the parent certificate (likely a CA) and the provided keys. -func GenerateIntermediate(key crypto.PublicKey, parentKey crypto.PrivateKey, parent *x509.Certificate) (*x509.Certificate, error) { - cert := &x509.Certificate{ - SerialNumber: big.NewInt(0), - Subject: pkix.Name{ - CommonName: "Intermediate", - }, - NotBefore: time.Now().Add(-time.Second), - NotAfter: time.Now().Add(time.Hour), - IsCA: true, - KeyUsage: x509.KeyUsageCertSign | x509.KeyUsageCRLSign, - BasicConstraintsValid: true, - } - - certDER, err := x509.CreateCertificate(rand.Reader, cert, parent, key, parentKey) - if err != nil { - return nil, err - } - - cert, err = x509.ParseCertificate(certDER) - if err != nil { - return nil, err - } - - return cert, nil -} - -// GenerateTrustCert generates a new trust certificate for testing. Unlike the -// intermediate certificates, this certificate should be used for signature -// only, not creating certificates. -func GenerateTrustCert(key crypto.PublicKey, parentKey crypto.PrivateKey, parent *x509.Certificate) (*x509.Certificate, error) { - cert := &x509.Certificate{ - SerialNumber: big.NewInt(0), - Subject: pkix.Name{ - CommonName: "Trust Cert", - }, - NotBefore: time.Now().Add(-time.Second), - NotAfter: time.Now().Add(time.Hour), - IsCA: true, - KeyUsage: x509.KeyUsageDigitalSignature, - BasicConstraintsValid: true, - } - - certDER, err := x509.CreateCertificate(rand.Reader, cert, parent, key, parentKey) - if err != nil { - return nil, err - } - - cert, err = x509.ParseCertificate(certDER) - if err != nil { - return nil, err - } - - return cert, nil -} diff --git a/vendor/github.com/docker/libtrust/tlsdemo/README.md b/vendor/github.com/docker/libtrust/tlsdemo/README.md deleted file mode 100644 index 24124db2..00000000 --- a/vendor/github.com/docker/libtrust/tlsdemo/README.md +++ /dev/null @@ -1,50 +0,0 @@ -## Libtrust TLS Config Demo - -This program generates key pairs and trust files for a TLS client and server. - -To generate the keys, run: - -``` -$ go run genkeys.go -``` - -The generated files are: - -``` -$ ls -l client_data/ server_data/ -client_data/: -total 24 --rw------- 1 jlhawn staff 281 Aug 8 16:21 private_key.json --rw-r--r-- 1 jlhawn staff 225 Aug 8 16:21 public_key.json --rw-r--r-- 1 jlhawn staff 275 Aug 8 16:21 trusted_hosts.json - -server_data/: -total 24 --rw-r--r-- 1 jlhawn staff 348 Aug 8 16:21 trusted_clients.json --rw------- 1 jlhawn staff 281 Aug 8 16:21 private_key.json --rw-r--r-- 1 jlhawn staff 225 Aug 8 16:21 public_key.json -``` - -The private key and public key for the client and server are stored in `private_key.json` and `public_key.json`, respectively, and in their respective directories. They are represented as JSON Web Keys: JSON objects which represent either an ECDSA or RSA private key. The host keys trusted by the client are stored in `trusted_hosts.json` and contain a mapping of an internet address, `:`, to a JSON Web Key which is a JSON object representing either an ECDSA or RSA public key of the trusted server. The client keys trusted by the server are stored in `trusted_clients.json` and contain an array of JSON objects which contain a comment field which can be used describe the key and a JSON Web Key which is a JSON object representing either an ECDSA or RSA public key of the trusted client. - -To start the server, run: - -``` -$ go run server.go -``` - -This starts an HTTPS server which listens on `localhost:8888`. The server configures itself with a certificate which is valid for both `localhost` and `127.0.0.1` and uses the key from `server_data/private_key.json`. It accepts connections from clients which present a certificate for a key that it is configured to trust from the `trusted_clients.json` file and returns a simple 'hello' message. - -To make a request using the client, run: - -``` -$ go run client.go -``` - -This command creates an HTTPS client which makes a GET request to `https://localhost:8888`. The client configures itself with a certificate using the key from `client_data/private_key.json`. It only connects to a server which presents a certificate signed by the key specified for the `localhost:8888` address from `client_data/trusted_hosts.json` and made to be used for the `localhost` hostname. If the connection succeeds, it prints the response from the server. - -The file `gencert.go` can be used to generate PEM encoded version of the client key and certificate. If you save them to `key.pem` and `cert.pem` respectively, you can use them with `curl` to test out the server (if it is still running). - -``` -curl --cert cert.pem --key key.pem -k https://localhost:8888 -``` diff --git a/vendor/github.com/docker/libtrust/tlsdemo/client.go b/vendor/github.com/docker/libtrust/tlsdemo/client.go deleted file mode 100644 index 0a699a0e..00000000 --- a/vendor/github.com/docker/libtrust/tlsdemo/client.go +++ /dev/null @@ -1,89 +0,0 @@ -package main - -import ( - "crypto/tls" - "fmt" - "io/ioutil" - "log" - "net" - "net/http" - - "github.com/docker/libtrust" -) - -var ( - serverAddress = "localhost:8888" - privateKeyFilename = "client_data/private_key.pem" - trustedHostsFilename = "client_data/trusted_hosts.pem" -) - -func main() { - // Load Client Key. - clientKey, err := libtrust.LoadKeyFile(privateKeyFilename) - if err != nil { - log.Fatal(err) - } - - // Generate Client Certificate. - selfSignedClientCert, err := libtrust.GenerateSelfSignedClientCert(clientKey) - if err != nil { - log.Fatal(err) - } - - // Load trusted host keys. - hostKeys, err := libtrust.LoadKeySetFile(trustedHostsFilename) - if err != nil { - log.Fatal(err) - } - - // Ensure the host we want to connect to is trusted! - host, _, err := net.SplitHostPort(serverAddress) - if err != nil { - log.Fatal(err) - } - serverKeys, err := libtrust.FilterByHosts(hostKeys, host, false) - if err != nil { - log.Fatalf("%q is not a known and trusted host", host) - } - - // Generate a CA pool with the trusted host's key. - caPool, err := libtrust.GenerateCACertPool(clientKey, serverKeys) - if err != nil { - log.Fatal(err) - } - - // Create HTTP Client. - client := &http.Client{ - Transport: &http.Transport{ - TLSClientConfig: &tls.Config{ - Certificates: []tls.Certificate{ - tls.Certificate{ - Certificate: [][]byte{selfSignedClientCert.Raw}, - PrivateKey: clientKey.CryptoPrivateKey(), - Leaf: selfSignedClientCert, - }, - }, - RootCAs: caPool, - }, - }, - } - - var makeRequest = func(url string) { - resp, err := client.Get(url) - if err != nil { - log.Fatal(err) - } - defer resp.Body.Close() - - body, err := ioutil.ReadAll(resp.Body) - if err != nil { - log.Fatal(err) - } - - log.Println(resp.Status) - log.Println(string(body)) - } - - // Make the request to the trusted server! - makeRequest(fmt.Sprintf("https://%s", serverAddress)) -} diff --git a/vendor/github.com/docker/libtrust/tlsdemo/gencert.go b/vendor/github.com/docker/libtrust/tlsdemo/gencert.go deleted file mode 100644 index c65f3b6b..00000000 --- a/vendor/github.com/docker/libtrust/tlsdemo/gencert.go +++ /dev/null @@ -1,62 +0,0 @@ -package main - -import ( - "encoding/pem" - "fmt" - "log" - "net" - - "github.com/docker/libtrust" -) - -var ( - serverAddress = "localhost:8888" - clientPrivateKeyFilename = "client_data/private_key.pem" - trustedHostsFilename = "client_data/trusted_hosts.pem" -) - -func main() { - key, err := libtrust.LoadKeyFile(clientPrivateKeyFilename) - if err != nil { - log.Fatal(err) - } - - keyPEMBlock, err := key.PEMBlock() - if err != nil { - log.Fatal(err) - } - - encodedPrivKey := pem.EncodeToMemory(keyPEMBlock) - fmt.Printf("Client Key:\n\n%s\n", string(encodedPrivKey)) - - cert, err := libtrust.GenerateSelfSignedClientCert(key) - if err != nil { - log.Fatal(err) - } - - encodedCert := pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: cert.Raw}) - fmt.Printf("Client Cert:\n\n%s\n", string(encodedCert)) - - trustedServerKeys, err := libtrust.LoadKeySetFile(trustedHostsFilename) - if err != nil { - log.Fatal(err) - } - - hostname, _, err := net.SplitHostPort(serverAddress) - if err != nil { - log.Fatal(err) - } - - trustedServerKeys, err = libtrust.FilterByHosts(trustedServerKeys, hostname, false) - if err != nil { - log.Fatal(err) - } - - caCert, err := libtrust.GenerateCACert(key, trustedServerKeys[0]) - if err != nil { - log.Fatal(err) - } - - encodedCert = pem.EncodeToMemory(&pem.Block{Type: "CERTIFICATE", Bytes: caCert.Raw}) - fmt.Printf("CA Cert:\n\n%s\n", string(encodedCert)) -} diff --git a/vendor/github.com/docker/libtrust/tlsdemo/genkeys.go b/vendor/github.com/docker/libtrust/tlsdemo/genkeys.go deleted file mode 100644 index 9dc8842a..00000000 --- a/vendor/github.com/docker/libtrust/tlsdemo/genkeys.go +++ /dev/null @@ -1,61 +0,0 @@ -package main - -import ( - "log" - - "github.com/docker/libtrust" -) - -func main() { - // Generate client key. - clientKey, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - log.Fatal(err) - } - - // Add a comment for the client key. - clientKey.AddExtendedField("comment", "TLS Demo Client") - - // Save the client key, public and private versions. - err = libtrust.SaveKey("client_data/private_key.pem", clientKey) - if err != nil { - log.Fatal(err) - } - - err = libtrust.SavePublicKey("client_data/public_key.pem", clientKey.PublicKey()) - if err != nil { - log.Fatal(err) - } - - // Generate server key. - serverKey, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - log.Fatal(err) - } - - // Set the list of addresses to use for the server. - serverKey.AddExtendedField("hosts", []string{"localhost", "docker.example.com"}) - - // Save the server key, public and private versions. - err = libtrust.SaveKey("server_data/private_key.pem", serverKey) - if err != nil { - log.Fatal(err) - } - - err = libtrust.SavePublicKey("server_data/public_key.pem", serverKey.PublicKey()) - if err != nil { - log.Fatal(err) - } - - // Generate Authorized Keys file for server. - err = libtrust.AddKeySetFile("server_data/trusted_clients.pem", clientKey.PublicKey()) - if err != nil { - log.Fatal(err) - } - - // Generate Known Host Keys file for client. - err = libtrust.AddKeySetFile("client_data/trusted_hosts.pem", serverKey.PublicKey()) - if err != nil { - log.Fatal(err) - } -} diff --git a/vendor/github.com/docker/libtrust/tlsdemo/server.go b/vendor/github.com/docker/libtrust/tlsdemo/server.go deleted file mode 100644 index d3cb2ea9..00000000 --- a/vendor/github.com/docker/libtrust/tlsdemo/server.go +++ /dev/null @@ -1,80 +0,0 @@ -package main - -import ( - "crypto/tls" - "fmt" - "html" - "log" - "net" - "net/http" - - "github.com/docker/libtrust" -) - -var ( - serverAddress = "localhost:8888" - privateKeyFilename = "server_data/private_key.pem" - authorizedClientsFilename = "server_data/trusted_clients.pem" -) - -func requestHandler(w http.ResponseWriter, r *http.Request) { - clientCert := r.TLS.PeerCertificates[0] - keyID := clientCert.Subject.CommonName - log.Printf("Request from keyID: %s\n", keyID) - fmt.Fprintf(w, "Hello, client! I'm a server! And you are %T: %s.\n", clientCert.PublicKey, html.EscapeString(keyID)) -} - -func main() { - // Load server key. - serverKey, err := libtrust.LoadKeyFile(privateKeyFilename) - if err != nil { - log.Fatal(err) - } - - // Generate server certificate. - selfSignedServerCert, err := libtrust.GenerateSelfSignedServerCert( - serverKey, []string{"localhost"}, []net.IP{net.ParseIP("127.0.0.1")}, - ) - if err != nil { - log.Fatal(err) - } - - // Load authorized client keys. - authorizedClients, err := libtrust.LoadKeySetFile(authorizedClientsFilename) - if err != nil { - log.Fatal(err) - } - - // Create CA pool using trusted client keys. - caPool, err := libtrust.GenerateCACertPool(serverKey, authorizedClients) - if err != nil { - log.Fatal(err) - } - - // Create TLS config, requiring client certificates. - tlsConfig := &tls.Config{ - Certificates: []tls.Certificate{ - tls.Certificate{ - Certificate: [][]byte{selfSignedServerCert.Raw}, - PrivateKey: serverKey.CryptoPrivateKey(), - Leaf: selfSignedServerCert, - }, - }, - ClientAuth: tls.RequireAndVerifyClientCert, - ClientCAs: caPool, - } - - // Create HTTP server with simple request handler. - server := &http.Server{ - Addr: serverAddress, - Handler: http.HandlerFunc(requestHandler), - } - - // Listen and server HTTPS using the libtrust TLS config. - listener, err := net.Listen("tcp", server.Addr) - if err != nil { - log.Fatal(err) - } - tlsListener := tls.NewListener(listener, tlsConfig) - server.Serve(tlsListener) -} diff --git a/vendor/github.com/docker/libtrust/trustgraph/graph.go b/vendor/github.com/docker/libtrust/trustgraph/graph.go deleted file mode 100644 index 72b0fc36..00000000 --- a/vendor/github.com/docker/libtrust/trustgraph/graph.go +++ /dev/null @@ -1,50 +0,0 @@ -package trustgraph - -import "github.com/docker/libtrust" - -// TrustGraph represents a graph of authorization mapping -// public keys to nodes and grants between nodes. -type TrustGraph interface { - // Verifies that the given public key is allowed to perform - // the given action on the given node according to the trust - // graph. - Verify(libtrust.PublicKey, string, uint16) (bool, error) - - // GetGrants returns an array of all grant chains which are used to - // allow the requested permission. - GetGrants(libtrust.PublicKey, string, uint16) ([][]*Grant, error) -} - -// Grant represents a transfer of permission from one part of the -// trust graph to another. This is the only way to delegate -// permission between two different sub trees in the graph. -type Grant struct { - // Subject is the namespace being granted - Subject string - - // Permissions is a bit map of permissions - Permission uint16 - - // Grantee represents the node being granted - // a permission scope. The grantee can be - // either a namespace item or a key id where namespace - // items will always start with a '/'. - Grantee string - - // statement represents the statement used to create - // this object. - statement *Statement -} - -// Permissions -// Read node 0x01 (can read node, no sub nodes) -// Write node 0x02 (can write to node object, cannot create subnodes) -// Read subtree 0x04 (delegates read to each sub node) -// Write subtree 0x08 (delegates write to each sub node, included create on the subject) -// -// Permission shortcuts -// ReadItem = 0x01 -// WriteItem = 0x03 -// ReadAccess = 0x07 -// WriteAccess = 0x0F -// Delegate = 0x0F diff --git a/vendor/github.com/docker/libtrust/trustgraph/memory_graph.go b/vendor/github.com/docker/libtrust/trustgraph/memory_graph.go deleted file mode 100644 index 247bfa7a..00000000 --- a/vendor/github.com/docker/libtrust/trustgraph/memory_graph.go +++ /dev/null @@ -1,133 +0,0 @@ -package trustgraph - -import ( - "strings" - - "github.com/docker/libtrust" -) - -type grantNode struct { - grants []*Grant - children map[string]*grantNode -} - -type memoryGraph struct { - roots map[string]*grantNode -} - -func newGrantNode() *grantNode { - return &grantNode{ - grants: []*Grant{}, - children: map[string]*grantNode{}, - } -} - -// NewMemoryGraph returns a new in memory trust graph created from -// a static list of grants. This graph is immutable after creation -// and any alterations should create a new instance. -func NewMemoryGraph(grants []*Grant) TrustGraph { - roots := map[string]*grantNode{} - for _, grant := range grants { - parts := strings.Split(grant.Grantee, "/") - nodes := roots - var node *grantNode - var nodeOk bool - for _, part := range parts { - node, nodeOk = nodes[part] - if !nodeOk { - node = newGrantNode() - nodes[part] = node - } - if part != "" { - node.grants = append(node.grants, grant) - } - nodes = node.children - } - } - return &memoryGraph{roots} -} - -func (g *memoryGraph) getGrants(name string) []*Grant { - nameParts := strings.Split(name, "/") - nodes := g.roots - var node *grantNode - var nodeOk bool - for _, part := range nameParts { - node, nodeOk = nodes[part] - if !nodeOk { - return nil - } - nodes = node.children - } - return node.grants -} - -func isSubName(name, sub string) bool { - if strings.HasPrefix(name, sub) { - if len(name) == len(sub) || name[len(sub)] == '/' { - return true - } - } - return false -} - -type walkFunc func(*Grant, []*Grant) bool - -func foundWalkFunc(*Grant, []*Grant) bool { - return true -} - -func (g *memoryGraph) walkGrants(start, target string, permission uint16, f walkFunc, chain []*Grant, visited map[*Grant]bool, collect bool) bool { - if visited == nil { - visited = map[*Grant]bool{} - } - grants := g.getGrants(start) - subGrants := make([]*Grant, 0, len(grants)) - for _, grant := range grants { - if visited[grant] { - continue - } - visited[grant] = true - if grant.Permission&permission == permission { - if isSubName(target, grant.Subject) { - if f(grant, chain) { - return true - } - } else { - subGrants = append(subGrants, grant) - } - } - } - for _, grant := range subGrants { - var chainCopy []*Grant - if collect { - chainCopy = make([]*Grant, len(chain)+1) - copy(chainCopy, chain) - chainCopy[len(chainCopy)-1] = grant - } else { - chainCopy = nil - } - - if g.walkGrants(grant.Subject, target, permission, f, chainCopy, visited, collect) { - return true - } - } - return false -} - -func (g *memoryGraph) Verify(key libtrust.PublicKey, node string, permission uint16) (bool, error) { - return g.walkGrants(key.KeyID(), node, permission, foundWalkFunc, nil, nil, false), nil -} - -func (g *memoryGraph) GetGrants(key libtrust.PublicKey, node string, permission uint16) ([][]*Grant, error) { - grants := [][]*Grant{} - collect := func(grant *Grant, chain []*Grant) bool { - grantChain := make([]*Grant, len(chain)+1) - copy(grantChain, chain) - grantChain[len(grantChain)-1] = grant - grants = append(grants, grantChain) - return false - } - g.walkGrants(key.KeyID(), node, permission, collect, nil, nil, true) - return grants, nil -} diff --git a/vendor/github.com/docker/libtrust/trustgraph/memory_graph_test.go b/vendor/github.com/docker/libtrust/trustgraph/memory_graph_test.go deleted file mode 100644 index 49fd0f3b..00000000 --- a/vendor/github.com/docker/libtrust/trustgraph/memory_graph_test.go +++ /dev/null @@ -1,174 +0,0 @@ -package trustgraph - -import ( - "fmt" - "testing" - - "github.com/docker/libtrust" -) - -func createTestKeysAndGrants(count int) ([]*Grant, []libtrust.PrivateKey) { - grants := make([]*Grant, count) - keys := make([]libtrust.PrivateKey, count) - for i := 0; i < count; i++ { - pk, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - panic(err) - } - grant := &Grant{ - Subject: fmt.Sprintf("/user-%d", i+1), - Permission: 0x0f, - Grantee: pk.KeyID(), - } - keys[i] = pk - grants[i] = grant - } - return grants, keys -} - -func testVerified(t *testing.T, g TrustGraph, k libtrust.PublicKey, keyName, target string, permission uint16) { - if ok, err := g.Verify(k, target, permission); err != nil { - t.Fatalf("Unexpected error during verification: %s", err) - } else if !ok { - t.Errorf("key failed verification\n\tKey: %s(%s)\n\tNamespace: %s", keyName, k.KeyID(), target) - } -} - -func testNotVerified(t *testing.T, g TrustGraph, k libtrust.PublicKey, keyName, target string, permission uint16) { - if ok, err := g.Verify(k, target, permission); err != nil { - t.Fatalf("Unexpected error during verification: %s", err) - } else if ok { - t.Errorf("key should have failed verification\n\tKey: %s(%s)\n\tNamespace: %s", keyName, k.KeyID(), target) - } -} - -func TestVerify(t *testing.T) { - grants, keys := createTestKeysAndGrants(4) - extraGrants := make([]*Grant, 3) - extraGrants[0] = &Grant{ - Subject: "/user-3", - Permission: 0x0f, - Grantee: "/user-2", - } - extraGrants[1] = &Grant{ - Subject: "/user-3/sub-project", - Permission: 0x0f, - Grantee: "/user-4", - } - extraGrants[2] = &Grant{ - Subject: "/user-4", - Permission: 0x07, - Grantee: "/user-1", - } - grants = append(grants, extraGrants...) - - g := NewMemoryGraph(grants) - - testVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-1", 0x0f) - testVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-1/some-project/sub-value", 0x0f) - testVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-4", 0x07) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-2/", 0x0f) - testVerified(t, g, keys[2].PublicKey(), "user-key-3", "/user-3/sub-value", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-3/sub-value", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-3", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-3/", 0x0f) - testVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-3/sub-project", 0x0f) - testVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-3/sub-project/app", 0x0f) - testVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-4", 0x0f) - - testNotVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-2", 0x0f) - testNotVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-3/sub-value", 0x0f) - testNotVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-4", 0x0f) - testNotVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-1/", 0x0f) - testNotVerified(t, g, keys[2].PublicKey(), "user-key-3", "/user-2", 0x0f) - testNotVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-4", 0x0f) - testNotVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-3", 0x0f) -} - -func TestCircularWalk(t *testing.T) { - grants, keys := createTestKeysAndGrants(3) - user1Grant := &Grant{ - Subject: "/user-2", - Permission: 0x0f, - Grantee: "/user-1", - } - user2Grant := &Grant{ - Subject: "/user-1", - Permission: 0x0f, - Grantee: "/user-2", - } - grants = append(grants, user1Grant, user2Grant) - - g := NewMemoryGraph(grants) - - testVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-1", 0x0f) - testVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-2", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-2", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-1", 0x0f) - testVerified(t, g, keys[2].PublicKey(), "user-key-3", "/user-3", 0x0f) - - testNotVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-3", 0x0f) - testNotVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-3", 0x0f) -} - -func assertGrantSame(t *testing.T, actual, expected *Grant) { - if actual != expected { - t.Fatalf("Unexpected grant retrieved\n\tExpected: %v\n\tActual: %v", expected, actual) - } -} - -func TestGetGrants(t *testing.T) { - grants, keys := createTestKeysAndGrants(5) - extraGrants := make([]*Grant, 4) - extraGrants[0] = &Grant{ - Subject: "/user-3/friend-project", - Permission: 0x0f, - Grantee: "/user-2/friends", - } - extraGrants[1] = &Grant{ - Subject: "/user-3/sub-project", - Permission: 0x0f, - Grantee: "/user-4", - } - extraGrants[2] = &Grant{ - Subject: "/user-2/friends", - Permission: 0x0f, - Grantee: "/user-5/fun-project", - } - extraGrants[3] = &Grant{ - Subject: "/user-5/fun-project", - Permission: 0x0f, - Grantee: "/user-1", - } - grants = append(grants, extraGrants...) - - g := NewMemoryGraph(grants) - - grantChains, err := g.GetGrants(keys[3], "/user-3/sub-project/specific-app", 0x0f) - if err != nil { - t.Fatalf("Error getting grants: %s", err) - } - if len(grantChains) != 1 { - t.Fatalf("Expected number of grant chains returned, expected %d, received %d", 1, len(grantChains)) - } - if len(grantChains[0]) != 2 { - t.Fatalf("Unexpected number of grants retrieved\n\tExpected: %d\n\tActual: %d", 2, len(grantChains[0])) - } - assertGrantSame(t, grantChains[0][0], grants[3]) - assertGrantSame(t, grantChains[0][1], extraGrants[1]) - - grantChains, err = g.GetGrants(keys[0], "/user-3/friend-project/fun-app", 0x0f) - if err != nil { - t.Fatalf("Error getting grants: %s", err) - } - if len(grantChains) != 1 { - t.Fatalf("Expected number of grant chains returned, expected %d, received %d", 1, len(grantChains)) - } - if len(grantChains[0]) != 4 { - t.Fatalf("Unexpected number of grants retrieved\n\tExpected: %d\n\tActual: %d", 2, len(grantChains[0])) - } - assertGrantSame(t, grantChains[0][0], grants[0]) - assertGrantSame(t, grantChains[0][1], extraGrants[3]) - assertGrantSame(t, grantChains[0][2], extraGrants[2]) - assertGrantSame(t, grantChains[0][3], extraGrants[0]) -} diff --git a/vendor/github.com/docker/libtrust/trustgraph/statement.go b/vendor/github.com/docker/libtrust/trustgraph/statement.go deleted file mode 100644 index 7a74b553..00000000 --- a/vendor/github.com/docker/libtrust/trustgraph/statement.go +++ /dev/null @@ -1,227 +0,0 @@ -package trustgraph - -import ( - "crypto/x509" - "encoding/json" - "io" - "io/ioutil" - "sort" - "strings" - "time" - - "github.com/docker/libtrust" -) - -type jsonGrant struct { - Subject string `json:"subject"` - Permission uint16 `json:"permission"` - Grantee string `json:"grantee"` -} - -type jsonRevocation struct { - Subject string `json:"subject"` - Revocation uint16 `json:"revocation"` - Grantee string `json:"grantee"` -} - -type jsonStatement struct { - Revocations []*jsonRevocation `json:"revocations"` - Grants []*jsonGrant `json:"grants"` - Expiration time.Time `json:"expiration"` - IssuedAt time.Time `json:"issuedAt"` -} - -func (g *jsonGrant) Grant(statement *Statement) *Grant { - return &Grant{ - Subject: g.Subject, - Permission: g.Permission, - Grantee: g.Grantee, - statement: statement, - } -} - -// Statement represents a set of grants made from a verifiable -// authority. A statement has an expiration associated with it -// set by the authority. -type Statement struct { - jsonStatement - - signature *libtrust.JSONSignature -} - -// IsExpired returns whether the statement has expired -func (s *Statement) IsExpired() bool { - return s.Expiration.Before(time.Now().Add(-10 * time.Second)) -} - -// Bytes returns an indented json representation of the statement -// in a byte array. This value can be written to a file or stream -// without alteration. -func (s *Statement) Bytes() ([]byte, error) { - return s.signature.PrettySignature("signatures") -} - -// LoadStatement loads and verifies a statement from an input stream. -func LoadStatement(r io.Reader, authority *x509.CertPool) (*Statement, error) { - b, err := ioutil.ReadAll(r) - if err != nil { - return nil, err - } - js, err := libtrust.ParsePrettySignature(b, "signatures") - if err != nil { - return nil, err - } - payload, err := js.Payload() - if err != nil { - return nil, err - } - var statement Statement - err = json.Unmarshal(payload, &statement.jsonStatement) - if err != nil { - return nil, err - } - - if authority == nil { - _, err = js.Verify() - if err != nil { - return nil, err - } - } else { - _, err = js.VerifyChains(authority) - if err != nil { - return nil, err - } - } - statement.signature = js - - return &statement, nil -} - -// CreateStatements creates and signs a statement from a stream of grants -// and revocations in a JSON array. -func CreateStatement(grants, revocations io.Reader, expiration time.Duration, key libtrust.PrivateKey, chain []*x509.Certificate) (*Statement, error) { - var statement Statement - err := json.NewDecoder(grants).Decode(&statement.jsonStatement.Grants) - if err != nil { - return nil, err - } - err = json.NewDecoder(revocations).Decode(&statement.jsonStatement.Revocations) - if err != nil { - return nil, err - } - statement.jsonStatement.Expiration = time.Now().UTC().Add(expiration) - statement.jsonStatement.IssuedAt = time.Now().UTC() - - b, err := json.MarshalIndent(&statement.jsonStatement, "", " ") - if err != nil { - return nil, err - } - - statement.signature, err = libtrust.NewJSONSignature(b) - if err != nil { - return nil, err - } - err = statement.signature.SignWithChain(key, chain) - if err != nil { - return nil, err - } - - return &statement, nil -} - -type statementList []*Statement - -func (s statementList) Len() int { - return len(s) -} - -func (s statementList) Less(i, j int) bool { - return s[i].IssuedAt.Before(s[j].IssuedAt) -} - -func (s statementList) Swap(i, j int) { - s[i], s[j] = s[j], s[i] -} - -// CollapseStatements returns a single list of the valid statements as well as the -// time when the next grant will expire. -func CollapseStatements(statements []*Statement, useExpired bool) ([]*Grant, time.Time, error) { - sorted := make(statementList, 0, len(statements)) - for _, statement := range statements { - if useExpired || !statement.IsExpired() { - sorted = append(sorted, statement) - } - } - sort.Sort(sorted) - - var minExpired time.Time - var grantCount int - roots := map[string]*grantNode{} - for i, statement := range sorted { - if statement.Expiration.Before(minExpired) || i == 0 { - minExpired = statement.Expiration - } - for _, grant := range statement.Grants { - parts := strings.Split(grant.Grantee, "/") - nodes := roots - g := grant.Grant(statement) - grantCount = grantCount + 1 - - for _, part := range parts { - node, nodeOk := nodes[part] - if !nodeOk { - node = newGrantNode() - nodes[part] = node - } - node.grants = append(node.grants, g) - nodes = node.children - } - } - - for _, revocation := range statement.Revocations { - parts := strings.Split(revocation.Grantee, "/") - nodes := roots - - var node *grantNode - var nodeOk bool - for _, part := range parts { - node, nodeOk = nodes[part] - if !nodeOk { - break - } - nodes = node.children - } - if node != nil { - for _, grant := range node.grants { - if isSubName(grant.Subject, revocation.Subject) { - grant.Permission = grant.Permission &^ revocation.Revocation - } - } - } - } - } - - retGrants := make([]*Grant, 0, grantCount) - for _, rootNodes := range roots { - retGrants = append(retGrants, rootNodes.grants...) - } - - return retGrants, minExpired, nil -} - -// FilterStatements filters the statements to statements including the given grants. -func FilterStatements(grants []*Grant) ([]*Statement, error) { - statements := map[*Statement]bool{} - for _, grant := range grants { - if grant.statement != nil { - statements[grant.statement] = true - } - } - retStatements := make([]*Statement, len(statements)) - var i int - for statement := range statements { - retStatements[i] = statement - i++ - } - return retStatements, nil -} diff --git a/vendor/github.com/docker/libtrust/trustgraph/statement_test.go b/vendor/github.com/docker/libtrust/trustgraph/statement_test.go deleted file mode 100644 index e5094686..00000000 --- a/vendor/github.com/docker/libtrust/trustgraph/statement_test.go +++ /dev/null @@ -1,417 +0,0 @@ -package trustgraph - -import ( - "bytes" - "crypto/x509" - "encoding/json" - "testing" - "time" - - "github.com/docker/libtrust" - "github.com/docker/libtrust/testutil" -) - -const testStatementExpiration = time.Hour * 5 - -func generateStatement(grants []*Grant, key libtrust.PrivateKey, chain []*x509.Certificate) (*Statement, error) { - var statement Statement - - statement.Grants = make([]*jsonGrant, len(grants)) - for i, grant := range grants { - statement.Grants[i] = &jsonGrant{ - Subject: grant.Subject, - Permission: grant.Permission, - Grantee: grant.Grantee, - } - } - statement.IssuedAt = time.Now() - statement.Expiration = time.Now().Add(testStatementExpiration) - statement.Revocations = make([]*jsonRevocation, 0) - - marshalled, err := json.MarshalIndent(statement.jsonStatement, "", " ") - if err != nil { - return nil, err - } - - sig, err := libtrust.NewJSONSignature(marshalled) - if err != nil { - return nil, err - } - err = sig.SignWithChain(key, chain) - if err != nil { - return nil, err - } - statement.signature = sig - - return &statement, nil -} - -func generateTrustChain(t *testing.T, chainLen int) (libtrust.PrivateKey, *x509.CertPool, []*x509.Certificate) { - caKey, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generating key: %s", err) - } - ca, err := testutil.GenerateTrustCA(caKey.CryptoPublicKey(), caKey.CryptoPrivateKey()) - if err != nil { - t.Fatalf("Error generating ca: %s", err) - } - - parent := ca - parentKey := caKey - chain := make([]*x509.Certificate, chainLen) - for i := chainLen - 1; i > 0; i-- { - intermediatekey, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generate key: %s", err) - } - chain[i], err = testutil.GenerateIntermediate(intermediatekey.CryptoPublicKey(), parentKey.CryptoPrivateKey(), parent) - if err != nil { - t.Fatalf("Error generating intermdiate certificate: %s", err) - } - parent = chain[i] - parentKey = intermediatekey - } - trustKey, err := libtrust.GenerateECP256PrivateKey() - if err != nil { - t.Fatalf("Error generate key: %s", err) - } - chain[0], err = testutil.GenerateTrustCert(trustKey.CryptoPublicKey(), parentKey.CryptoPrivateKey(), parent) - if err != nil { - t.Fatalf("Error generate trust cert: %s", err) - } - - caPool := x509.NewCertPool() - caPool.AddCert(ca) - - return trustKey, caPool, chain -} - -func TestLoadStatement(t *testing.T) { - grantCount := 4 - grants, _ := createTestKeysAndGrants(grantCount) - - trustKey, caPool, chain := generateTrustChain(t, 6) - - statement, err := generateStatement(grants, trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - - statementBytes, err := statement.Bytes() - if err != nil { - t.Fatalf("Error getting statement bytes: %s", err) - } - - s2, err := LoadStatement(bytes.NewReader(statementBytes), caPool) - if err != nil { - t.Fatalf("Error loading statement: %s", err) - } - if len(s2.Grants) != grantCount { - t.Fatalf("Unexpected grant length\n\tExpected: %d\n\tActual: %d", grantCount, len(s2.Grants)) - } - - pool := x509.NewCertPool() - _, err = LoadStatement(bytes.NewReader(statementBytes), pool) - if err == nil { - t.Fatalf("No error thrown verifying without an authority") - } else if _, ok := err.(x509.UnknownAuthorityError); !ok { - t.Fatalf("Unexpected error verifying without authority: %s", err) - } - - s2, err = LoadStatement(bytes.NewReader(statementBytes), nil) - if err != nil { - t.Fatalf("Error loading statement: %s", err) - } - if len(s2.Grants) != grantCount { - t.Fatalf("Unexpected grant length\n\tExpected: %d\n\tActual: %d", grantCount, len(s2.Grants)) - } - - badData := make([]byte, len(statementBytes)) - copy(badData, statementBytes) - badData[0] = '[' - _, err = LoadStatement(bytes.NewReader(badData), nil) - if err == nil { - t.Fatalf("No error thrown parsing bad json") - } - - alteredData := make([]byte, len(statementBytes)) - copy(alteredData, statementBytes) - alteredData[30] = '0' - _, err = LoadStatement(bytes.NewReader(alteredData), nil) - if err == nil { - t.Fatalf("No error thrown from bad data") - } -} - -func TestCollapseGrants(t *testing.T) { - grantCount := 8 - grants, keys := createTestKeysAndGrants(grantCount) - linkGrants := make([]*Grant, 4) - linkGrants[0] = &Grant{ - Subject: "/user-3", - Permission: 0x0f, - Grantee: "/user-2", - } - linkGrants[1] = &Grant{ - Subject: "/user-3/sub-project", - Permission: 0x0f, - Grantee: "/user-4", - } - linkGrants[2] = &Grant{ - Subject: "/user-6", - Permission: 0x0f, - Grantee: "/user-7", - } - linkGrants[3] = &Grant{ - Subject: "/user-6/sub-project/specific-app", - Permission: 0x0f, - Grantee: "/user-5", - } - trustKey, pool, chain := generateTrustChain(t, 3) - - statements := make([]*Statement, 3) - var err error - statements[0], err = generateStatement(grants[0:4], trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - statements[1], err = generateStatement(grants[4:], trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - statements[2], err = generateStatement(linkGrants, trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - - statementsCopy := make([]*Statement, len(statements)) - for i, statement := range statements { - b, err := statement.Bytes() - if err != nil { - t.Fatalf("Error getting statement bytes: %s", err) - } - verifiedStatement, err := LoadStatement(bytes.NewReader(b), pool) - if err != nil { - t.Fatalf("Error loading statement: %s", err) - } - // Force sort by reversing order - statementsCopy[len(statementsCopy)-i-1] = verifiedStatement - } - statements = statementsCopy - - collapsedGrants, expiration, err := CollapseStatements(statements, false) - if len(collapsedGrants) != 12 { - t.Fatalf("Unexpected number of grants\n\tExpected: %d\n\tActual: %d", 12, len(collapsedGrants)) - } - if expiration.After(time.Now().Add(time.Hour*5)) || expiration.Before(time.Now()) { - t.Fatalf("Unexpected expiration time: %s", expiration.String()) - } - g := NewMemoryGraph(collapsedGrants) - - testVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-1", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-2", 0x0f) - testVerified(t, g, keys[2].PublicKey(), "user-key-3", "/user-3", 0x0f) - testVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-4", 0x0f) - testVerified(t, g, keys[4].PublicKey(), "user-key-5", "/user-5", 0x0f) - testVerified(t, g, keys[5].PublicKey(), "user-key-6", "/user-6", 0x0f) - testVerified(t, g, keys[6].PublicKey(), "user-key-7", "/user-7", 0x0f) - testVerified(t, g, keys[7].PublicKey(), "user-key-8", "/user-8", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-3", 0x0f) - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-3/sub-project/specific-app", 0x0f) - testVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-3/sub-project", 0x0f) - testVerified(t, g, keys[6].PublicKey(), "user-key-7", "/user-6", 0x0f) - testVerified(t, g, keys[6].PublicKey(), "user-key-7", "/user-6/sub-project/specific-app", 0x0f) - testVerified(t, g, keys[4].PublicKey(), "user-key-5", "/user-6/sub-project/specific-app", 0x0f) - - testNotVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-3", 0x0f) - testNotVerified(t, g, keys[3].PublicKey(), "user-key-4", "/user-6/sub-project", 0x0f) - testNotVerified(t, g, keys[4].PublicKey(), "user-key-5", "/user-6/sub-project", 0x0f) - - // Add revocation grant - statements = append(statements, &Statement{ - jsonStatement{ - IssuedAt: time.Now(), - Expiration: time.Now().Add(testStatementExpiration), - Grants: []*jsonGrant{}, - Revocations: []*jsonRevocation{ - &jsonRevocation{ - Subject: "/user-1", - Revocation: 0x0f, - Grantee: keys[0].KeyID(), - }, - &jsonRevocation{ - Subject: "/user-2", - Revocation: 0x08, - Grantee: keys[1].KeyID(), - }, - &jsonRevocation{ - Subject: "/user-6", - Revocation: 0x0f, - Grantee: "/user-7", - }, - &jsonRevocation{ - Subject: "/user-9", - Revocation: 0x0f, - Grantee: "/user-10", - }, - }, - }, - nil, - }) - - collapsedGrants, expiration, err = CollapseStatements(statements, false) - if len(collapsedGrants) != 12 { - t.Fatalf("Unexpected number of grants\n\tExpected: %d\n\tActual: %d", 12, len(collapsedGrants)) - } - if expiration.After(time.Now().Add(time.Hour*5)) || expiration.Before(time.Now()) { - t.Fatalf("Unexpected expiration time: %s", expiration.String()) - } - g = NewMemoryGraph(collapsedGrants) - - testNotVerified(t, g, keys[0].PublicKey(), "user-key-1", "/user-1", 0x0f) - testNotVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-2", 0x0f) - testNotVerified(t, g, keys[6].PublicKey(), "user-key-7", "/user-6/sub-project/specific-app", 0x0f) - - testVerified(t, g, keys[1].PublicKey(), "user-key-2", "/user-2", 0x07) -} - -func TestFilterStatements(t *testing.T) { - grantCount := 8 - grants, keys := createTestKeysAndGrants(grantCount) - linkGrants := make([]*Grant, 3) - linkGrants[0] = &Grant{ - Subject: "/user-3", - Permission: 0x0f, - Grantee: "/user-2", - } - linkGrants[1] = &Grant{ - Subject: "/user-5", - Permission: 0x0f, - Grantee: "/user-4", - } - linkGrants[2] = &Grant{ - Subject: "/user-7", - Permission: 0x0f, - Grantee: "/user-6", - } - - trustKey, _, chain := generateTrustChain(t, 3) - - statements := make([]*Statement, 5) - var err error - statements[0], err = generateStatement(grants[0:2], trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - statements[1], err = generateStatement(grants[2:4], trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - statements[2], err = generateStatement(grants[4:6], trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - statements[3], err = generateStatement(grants[6:], trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - statements[4], err = generateStatement(linkGrants, trustKey, chain) - if err != nil { - t.Fatalf("Error generating statement: %s", err) - } - collapsed, _, err := CollapseStatements(statements, false) - if err != nil { - t.Fatalf("Error collapsing grants: %s", err) - } - - // Filter 1, all 5 statements - filter1, err := FilterStatements(collapsed) - if err != nil { - t.Fatalf("Error filtering statements: %s", err) - } - if len(filter1) != 5 { - t.Fatalf("Wrong number of statements, expected %d, received %d", 5, len(filter1)) - } - - // Filter 2, one statement - filter2, err := FilterStatements([]*Grant{collapsed[0]}) - if err != nil { - t.Fatalf("Error filtering statements: %s", err) - } - if len(filter2) != 1 { - t.Fatalf("Wrong number of statements, expected %d, received %d", 1, len(filter2)) - } - - // Filter 3, 2 statements, from graph lookup - g := NewMemoryGraph(collapsed) - lookupGrants, err := g.GetGrants(keys[1], "/user-3", 0x0f) - if err != nil { - t.Fatalf("Error looking up grants: %s", err) - } - if len(lookupGrants) != 1 { - t.Fatalf("Wrong numberof grant chains returned from lookup, expected %d, received %d", 1, len(lookupGrants)) - } - if len(lookupGrants[0]) != 2 { - t.Fatalf("Wrong number of grants looked up, expected %d, received %d", 2, len(lookupGrants)) - } - filter3, err := FilterStatements(lookupGrants[0]) - if err != nil { - t.Fatalf("Error filtering statements: %s", err) - } - if len(filter3) != 2 { - t.Fatalf("Wrong number of statements, expected %d, received %d", 2, len(filter3)) - } - -} - -func TestCreateStatement(t *testing.T) { - grantJSON := bytes.NewReader([]byte(`[ - { - "subject": "/user-2", - "permission": 15, - "grantee": "/user-1" - }, - { - "subject": "/user-7", - "permission": 1, - "grantee": "/user-9" - }, - { - "subject": "/user-3", - "permission": 15, - "grantee": "/user-2" - } -]`)) - revocationJSON := bytes.NewReader([]byte(`[ - { - "subject": "user-8", - "revocation": 12, - "grantee": "user-9" - } -]`)) - - trustKey, pool, chain := generateTrustChain(t, 3) - - statement, err := CreateStatement(grantJSON, revocationJSON, testStatementExpiration, trustKey, chain) - if err != nil { - t.Fatalf("Error creating statement: %s", err) - } - - b, err := statement.Bytes() - if err != nil { - t.Fatalf("Error retrieving bytes: %s", err) - } - - verified, err := LoadStatement(bytes.NewReader(b), pool) - if err != nil { - t.Fatalf("Error loading statement: %s", err) - } - - if len(verified.Grants) != 3 { - t.Errorf("Unexpected number of grants, expected %d, received %d", 3, len(verified.Grants)) - } - - if len(verified.Revocations) != 1 { - t.Errorf("Unexpected number of revocations, expected %d, received %d", 1, len(verified.Revocations)) - } -} diff --git a/vendor/github.com/docker/libtrust/util.go b/vendor/github.com/docker/libtrust/util.go deleted file mode 100644 index 45dc3e18..00000000 --- a/vendor/github.com/docker/libtrust/util.go +++ /dev/null @@ -1,361 +0,0 @@ -package libtrust - -import ( - "bytes" - "crypto" - "crypto/elliptic" - "crypto/tls" - "crypto/x509" - "encoding/base32" - "encoding/base64" - "encoding/binary" - "encoding/pem" - "errors" - "fmt" - "math/big" - "net/url" - "os" - "path/filepath" - "strings" - "time" -) - -// LoadOrCreateTrustKey will load a PrivateKey from the specified path -func LoadOrCreateTrustKey(trustKeyPath string) (PrivateKey, error) { - if err := os.MkdirAll(filepath.Dir(trustKeyPath), 0700); err != nil { - return nil, err - } - - trustKey, err := LoadKeyFile(trustKeyPath) - if err == ErrKeyFileDoesNotExist { - trustKey, err = GenerateECP256PrivateKey() - if err != nil { - return nil, fmt.Errorf("error generating key: %s", err) - } - - if err := SaveKey(trustKeyPath, trustKey); err != nil { - return nil, fmt.Errorf("error saving key file: %s", err) - } - - dir, file := filepath.Split(trustKeyPath) - if err := SavePublicKey(filepath.Join(dir, "public-"+file), trustKey.PublicKey()); err != nil { - return nil, fmt.Errorf("error saving public key file: %s", err) - } - } else if err != nil { - return nil, fmt.Errorf("error loading key file: %s", err) - } - return trustKey, nil -} - -// NewIdentityAuthTLSClientConfig returns a tls.Config configured to use identity -// based authentication from the specified dockerUrl, the rootConfigPath and -// the server name to which it is connecting. -// If trustUnknownHosts is true it will automatically add the host to the -// known-hosts.json in rootConfigPath. -func NewIdentityAuthTLSClientConfig(dockerUrl string, trustUnknownHosts bool, rootConfigPath string, serverName string) (*tls.Config, error) { - tlsConfig := newTLSConfig() - - trustKeyPath := filepath.Join(rootConfigPath, "key.json") - knownHostsPath := filepath.Join(rootConfigPath, "known-hosts.json") - - u, err := url.Parse(dockerUrl) - if err != nil { - return nil, fmt.Errorf("unable to parse machine url") - } - - if u.Scheme == "unix" { - return nil, nil - } - - addr := u.Host - proto := "tcp" - - trustKey, err := LoadOrCreateTrustKey(trustKeyPath) - if err != nil { - return nil, fmt.Errorf("unable to load trust key: %s", err) - } - - knownHosts, err := LoadKeySetFile(knownHostsPath) - if err != nil { - return nil, fmt.Errorf("could not load trusted hosts file: %s", err) - } - - allowedHosts, err := FilterByHosts(knownHosts, addr, false) - if err != nil { - return nil, fmt.Errorf("error filtering hosts: %s", err) - } - - certPool, err := GenerateCACertPool(trustKey, allowedHosts) - if err != nil { - return nil, fmt.Errorf("Could not create CA pool: %s", err) - } - - tlsConfig.ServerName = serverName - tlsConfig.RootCAs = certPool - - x509Cert, err := GenerateSelfSignedClientCert(trustKey) - if err != nil { - return nil, fmt.Errorf("certificate generation error: %s", err) - } - - tlsConfig.Certificates = []tls.Certificate{{ - Certificate: [][]byte{x509Cert.Raw}, - PrivateKey: trustKey.CryptoPrivateKey(), - Leaf: x509Cert, - }} - - tlsConfig.InsecureSkipVerify = true - - testConn, err := tls.Dial(proto, addr, tlsConfig) - if err != nil { - return nil, fmt.Errorf("tls Handshake error: %s", err) - } - - opts := x509.VerifyOptions{ - Roots: tlsConfig.RootCAs, - CurrentTime: time.Now(), - DNSName: tlsConfig.ServerName, - Intermediates: x509.NewCertPool(), - } - - certs := testConn.ConnectionState().PeerCertificates - for i, cert := range certs { - if i == 0 { - continue - } - opts.Intermediates.AddCert(cert) - } - - if _, err := certs[0].Verify(opts); err != nil { - if _, ok := err.(x509.UnknownAuthorityError); ok { - if trustUnknownHosts { - pubKey, err := FromCryptoPublicKey(certs[0].PublicKey) - if err != nil { - return nil, fmt.Errorf("error extracting public key from cert: %s", err) - } - - pubKey.AddExtendedField("hosts", []string{addr}) - - if err := AddKeySetFile(knownHostsPath, pubKey); err != nil { - return nil, fmt.Errorf("error adding machine to known hosts: %s", err) - } - } else { - return nil, fmt.Errorf("unable to connect. unknown host: %s", addr) - } - } - } - - testConn.Close() - tlsConfig.InsecureSkipVerify = false - - return tlsConfig, nil -} - -// joseBase64UrlEncode encodes the given data using the standard base64 url -// encoding format but with all trailing '=' characters ommitted in accordance -// with the jose specification. -// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2 -func joseBase64UrlEncode(b []byte) string { - return strings.TrimRight(base64.URLEncoding.EncodeToString(b), "=") -} - -// joseBase64UrlDecode decodes the given string using the standard base64 url -// decoder but first adds the appropriate number of trailing '=' characters in -// accordance with the jose specification. -// http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-31#section-2 -func joseBase64UrlDecode(s string) ([]byte, error) { - switch len(s) % 4 { - case 0: - case 2: - s += "==" - case 3: - s += "=" - default: - return nil, errors.New("illegal base64url string") - } - return base64.URLEncoding.DecodeString(s) -} - -func keyIDEncode(b []byte) string { - s := strings.TrimRight(base32.StdEncoding.EncodeToString(b), "=") - var buf bytes.Buffer - var i int - for i = 0; i < len(s)/4-1; i++ { - start := i * 4 - end := start + 4 - buf.WriteString(s[start:end] + ":") - } - buf.WriteString(s[i*4:]) - return buf.String() -} - -func keyIDFromCryptoKey(pubKey PublicKey) string { - // Generate and return a 'libtrust' fingerprint of the public key. - // For an RSA key this should be: - // SHA256(DER encoded ASN1) - // Then truncated to 240 bits and encoded into 12 base32 groups like so: - // ABCD:EFGH:IJKL:MNOP:QRST:UVWX:YZ23:4567:ABCD:EFGH:IJKL:MNOP - derBytes, err := x509.MarshalPKIXPublicKey(pubKey.CryptoPublicKey()) - if err != nil { - return "" - } - hasher := crypto.SHA256.New() - hasher.Write(derBytes) - return keyIDEncode(hasher.Sum(nil)[:30]) -} - -func stringFromMap(m map[string]interface{}, key string) (string, error) { - val, ok := m[key] - if !ok { - return "", fmt.Errorf("%q value not specified", key) - } - - str, ok := val.(string) - if !ok { - return "", fmt.Errorf("%q value must be a string", key) - } - delete(m, key) - - return str, nil -} - -func parseECCoordinate(cB64Url string, curve elliptic.Curve) (*big.Int, error) { - curveByteLen := (curve.Params().BitSize + 7) >> 3 - - cBytes, err := joseBase64UrlDecode(cB64Url) - if err != nil { - return nil, fmt.Errorf("invalid base64 URL encoding: %s", err) - } - cByteLength := len(cBytes) - if cByteLength != curveByteLen { - return nil, fmt.Errorf("invalid number of octets: got %d, should be %d", cByteLength, curveByteLen) - } - return new(big.Int).SetBytes(cBytes), nil -} - -func parseECPrivateParam(dB64Url string, curve elliptic.Curve) (*big.Int, error) { - dBytes, err := joseBase64UrlDecode(dB64Url) - if err != nil { - return nil, fmt.Errorf("invalid base64 URL encoding: %s", err) - } - - // The length of this octet string MUST be ceiling(log-base-2(n)/8) - // octets (where n is the order of the curve). This is because the private - // key d must be in the interval [1, n-1] so the bitlength of d should be - // no larger than the bitlength of n-1. The easiest way to find the octet - // length is to take bitlength(n-1), add 7 to force a carry, and shift this - // bit sequence right by 3, which is essentially dividing by 8 and adding - // 1 if there is any remainder. Thus, the private key value d should be - // output to (bitlength(n-1)+7)>>3 octets. - n := curve.Params().N - octetLength := (new(big.Int).Sub(n, big.NewInt(1)).BitLen() + 7) >> 3 - dByteLength := len(dBytes) - - if dByteLength != octetLength { - return nil, fmt.Errorf("invalid number of octets: got %d, should be %d", dByteLength, octetLength) - } - - return new(big.Int).SetBytes(dBytes), nil -} - -func parseRSAModulusParam(nB64Url string) (*big.Int, error) { - nBytes, err := joseBase64UrlDecode(nB64Url) - if err != nil { - return nil, fmt.Errorf("invalid base64 URL encoding: %s", err) - } - - return new(big.Int).SetBytes(nBytes), nil -} - -func serializeRSAPublicExponentParam(e int) []byte { - // We MUST use the minimum number of octets to represent E. - // E is supposed to be 65537 for performance and security reasons - // and is what golang's rsa package generates, but it might be - // different if imported from some other generator. - buf := make([]byte, 4) - binary.BigEndian.PutUint32(buf, uint32(e)) - var i int - for i = 0; i < 8; i++ { - if buf[i] != 0 { - break - } - } - return buf[i:] -} - -func parseRSAPublicExponentParam(eB64Url string) (int, error) { - eBytes, err := joseBase64UrlDecode(eB64Url) - if err != nil { - return 0, fmt.Errorf("invalid base64 URL encoding: %s", err) - } - // Only the minimum number of bytes were used to represent E, but - // binary.BigEndian.Uint32 expects at least 4 bytes, so we need - // to add zero padding if necassary. - byteLen := len(eBytes) - buf := make([]byte, 4-byteLen, 4) - eBytes = append(buf, eBytes...) - - return int(binary.BigEndian.Uint32(eBytes)), nil -} - -func parseRSAPrivateKeyParamFromMap(m map[string]interface{}, key string) (*big.Int, error) { - b64Url, err := stringFromMap(m, key) - if err != nil { - return nil, err - } - - paramBytes, err := joseBase64UrlDecode(b64Url) - if err != nil { - return nil, fmt.Errorf("invaled base64 URL encoding: %s", err) - } - - return new(big.Int).SetBytes(paramBytes), nil -} - -func createPemBlock(name string, derBytes []byte, headers map[string]interface{}) (*pem.Block, error) { - pemBlock := &pem.Block{Type: name, Bytes: derBytes, Headers: map[string]string{}} - for k, v := range headers { - switch val := v.(type) { - case string: - pemBlock.Headers[k] = val - case []string: - if k == "hosts" { - pemBlock.Headers[k] = strings.Join(val, ",") - } else { - // Return error, non-encodable type - } - default: - // Return error, non-encodable type - } - } - - return pemBlock, nil -} - -func pubKeyFromPEMBlock(pemBlock *pem.Block) (PublicKey, error) { - cryptoPublicKey, err := x509.ParsePKIXPublicKey(pemBlock.Bytes) - if err != nil { - return nil, fmt.Errorf("unable to decode Public Key PEM data: %s", err) - } - - pubKey, err := FromCryptoPublicKey(cryptoPublicKey) - if err != nil { - return nil, err - } - - addPEMHeadersToKey(pemBlock, pubKey) - - return pubKey, nil -} - -func addPEMHeadersToKey(pemBlock *pem.Block, pubKey PublicKey) { - for key, value := range pemBlock.Headers { - var safeVal interface{} - if key == "hosts" { - safeVal = strings.Split(value, ",") - } else { - safeVal = value - } - pubKey.AddExtendedField(key, safeVal) - } -} diff --git a/vendor/github.com/docker/libtrust/util_test.go b/vendor/github.com/docker/libtrust/util_test.go deleted file mode 100644 index ee54f5b8..00000000 --- a/vendor/github.com/docker/libtrust/util_test.go +++ /dev/null @@ -1,23 +0,0 @@ -package libtrust - -import ( - "encoding/pem" - "reflect" - "testing" -) - -func TestAddPEMHeadersToKey(t *testing.T) { - pk := &rsaPublicKey{nil, map[string]interface{}{}} - blk := &pem.Block{Headers: map[string]string{"hosts": "localhost,127.0.0.1"}} - addPEMHeadersToKey(blk, pk) - - val := pk.GetExtendedField("hosts") - hosts, ok := val.([]string) - if !ok { - t.Fatalf("hosts type(%v), expected []string", reflect.TypeOf(val)) - } - expected := []string{"localhost", "127.0.0.1"} - if !reflect.DeepEqual(hosts, expected) { - t.Errorf("hosts(%v), expected %v", hosts, expected) - } -} diff --git a/vendor/github.com/gorilla/context/.travis.yml b/vendor/github.com/gorilla/context/.travis.yml deleted file mode 100644 index d87d4657..00000000 --- a/vendor/github.com/gorilla/context/.travis.yml +++ /dev/null @@ -1,7 +0,0 @@ -language: go - -go: - - 1.0 - - 1.1 - - 1.2 - - tip diff --git a/vendor/github.com/gorilla/context/LICENSE b/vendor/github.com/gorilla/context/LICENSE deleted file mode 100644 index 0e5fb872..00000000 --- a/vendor/github.com/gorilla/context/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 Rodrigo Moraes. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/gorilla/context/README.md b/vendor/github.com/gorilla/context/README.md deleted file mode 100644 index c60a31b0..00000000 --- a/vendor/github.com/gorilla/context/README.md +++ /dev/null @@ -1,7 +0,0 @@ -context -======= -[![Build Status](https://travis-ci.org/gorilla/context.png?branch=master)](https://travis-ci.org/gorilla/context) - -gorilla/context is a general purpose registry for global request variables. - -Read the full documentation here: http://www.gorillatoolkit.org/pkg/context diff --git a/vendor/github.com/gorilla/context/context.go b/vendor/github.com/gorilla/context/context.go deleted file mode 100644 index 81cb128b..00000000 --- a/vendor/github.com/gorilla/context/context.go +++ /dev/null @@ -1,143 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package context - -import ( - "net/http" - "sync" - "time" -) - -var ( - mutex sync.RWMutex - data = make(map[*http.Request]map[interface{}]interface{}) - datat = make(map[*http.Request]int64) -) - -// Set stores a value for a given key in a given request. -func Set(r *http.Request, key, val interface{}) { - mutex.Lock() - if data[r] == nil { - data[r] = make(map[interface{}]interface{}) - datat[r] = time.Now().Unix() - } - data[r][key] = val - mutex.Unlock() -} - -// Get returns a value stored for a given key in a given request. -func Get(r *http.Request, key interface{}) interface{} { - mutex.RLock() - if ctx := data[r]; ctx != nil { - value := ctx[key] - mutex.RUnlock() - return value - } - mutex.RUnlock() - return nil -} - -// GetOk returns stored value and presence state like multi-value return of map access. -func GetOk(r *http.Request, key interface{}) (interface{}, bool) { - mutex.RLock() - if _, ok := data[r]; ok { - value, ok := data[r][key] - mutex.RUnlock() - return value, ok - } - mutex.RUnlock() - return nil, false -} - -// GetAll returns all stored values for the request as a map. Nil is returned for invalid requests. -func GetAll(r *http.Request) map[interface{}]interface{} { - mutex.RLock() - if context, ok := data[r]; ok { - result := make(map[interface{}]interface{}, len(context)) - for k, v := range context { - result[k] = v - } - mutex.RUnlock() - return result - } - mutex.RUnlock() - return nil -} - -// GetAllOk returns all stored values for the request as a map and a boolean value that indicates if -// the request was registered. -func GetAllOk(r *http.Request) (map[interface{}]interface{}, bool) { - mutex.RLock() - context, ok := data[r] - result := make(map[interface{}]interface{}, len(context)) - for k, v := range context { - result[k] = v - } - mutex.RUnlock() - return result, ok -} - -// Delete removes a value stored for a given key in a given request. -func Delete(r *http.Request, key interface{}) { - mutex.Lock() - if data[r] != nil { - delete(data[r], key) - } - mutex.Unlock() -} - -// Clear removes all values stored for a given request. -// -// This is usually called by a handler wrapper to clean up request -// variables at the end of a request lifetime. See ClearHandler(). -func Clear(r *http.Request) { - mutex.Lock() - clear(r) - mutex.Unlock() -} - -// clear is Clear without the lock. -func clear(r *http.Request) { - delete(data, r) - delete(datat, r) -} - -// Purge removes request data stored for longer than maxAge, in seconds. -// It returns the amount of requests removed. -// -// If maxAge <= 0, all request data is removed. -// -// This is only used for sanity check: in case context cleaning was not -// properly set some request data can be kept forever, consuming an increasing -// amount of memory. In case this is detected, Purge() must be called -// periodically until the problem is fixed. -func Purge(maxAge int) int { - mutex.Lock() - count := 0 - if maxAge <= 0 { - count = len(data) - data = make(map[*http.Request]map[interface{}]interface{}) - datat = make(map[*http.Request]int64) - } else { - min := time.Now().Unix() - int64(maxAge) - for r := range data { - if datat[r] < min { - clear(r) - count++ - } - } - } - mutex.Unlock() - return count -} - -// ClearHandler wraps an http.Handler and clears request values at the end -// of a request lifetime. -func ClearHandler(h http.Handler) http.Handler { - return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - defer Clear(r) - h.ServeHTTP(w, r) - }) -} diff --git a/vendor/github.com/gorilla/context/context_test.go b/vendor/github.com/gorilla/context/context_test.go deleted file mode 100644 index 6ada8ec3..00000000 --- a/vendor/github.com/gorilla/context/context_test.go +++ /dev/null @@ -1,161 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package context - -import ( - "net/http" - "testing" -) - -type keyType int - -const ( - key1 keyType = iota - key2 -) - -func TestContext(t *testing.T) { - assertEqual := func(val interface{}, exp interface{}) { - if val != exp { - t.Errorf("Expected %v, got %v.", exp, val) - } - } - - r, _ := http.NewRequest("GET", "http://localhost:8080/", nil) - emptyR, _ := http.NewRequest("GET", "http://localhost:8080/", nil) - - // Get() - assertEqual(Get(r, key1), nil) - - // Set() - Set(r, key1, "1") - assertEqual(Get(r, key1), "1") - assertEqual(len(data[r]), 1) - - Set(r, key2, "2") - assertEqual(Get(r, key2), "2") - assertEqual(len(data[r]), 2) - - //GetOk - value, ok := GetOk(r, key1) - assertEqual(value, "1") - assertEqual(ok, true) - - value, ok = GetOk(r, "not exists") - assertEqual(value, nil) - assertEqual(ok, false) - - Set(r, "nil value", nil) - value, ok = GetOk(r, "nil value") - assertEqual(value, nil) - assertEqual(ok, true) - - // GetAll() - values := GetAll(r) - assertEqual(len(values), 3) - - // GetAll() for empty request - values = GetAll(emptyR) - if values != nil { - t.Error("GetAll didn't return nil value for invalid request") - } - - // GetAllOk() - values, ok = GetAllOk(r) - assertEqual(len(values), 3) - assertEqual(ok, true) - - // GetAllOk() for empty request - values, ok = GetAllOk(emptyR) - assertEqual(value, nil) - assertEqual(ok, false) - - // Delete() - Delete(r, key1) - assertEqual(Get(r, key1), nil) - assertEqual(len(data[r]), 2) - - Delete(r, key2) - assertEqual(Get(r, key2), nil) - assertEqual(len(data[r]), 1) - - // Clear() - Clear(r) - assertEqual(len(data), 0) -} - -func parallelReader(r *http.Request, key string, iterations int, wait, done chan struct{}) { - <-wait - for i := 0; i < iterations; i++ { - Get(r, key) - } - done <- struct{}{} - -} - -func parallelWriter(r *http.Request, key, value string, iterations int, wait, done chan struct{}) { - <-wait - for i := 0; i < iterations; i++ { - Get(r, key) - } - done <- struct{}{} - -} - -func benchmarkMutex(b *testing.B, numReaders, numWriters, iterations int) { - - b.StopTimer() - r, _ := http.NewRequest("GET", "http://localhost:8080/", nil) - done := make(chan struct{}) - b.StartTimer() - - for i := 0; i < b.N; i++ { - wait := make(chan struct{}) - - for i := 0; i < numReaders; i++ { - go parallelReader(r, "test", iterations, wait, done) - } - - for i := 0; i < numWriters; i++ { - go parallelWriter(r, "test", "123", iterations, wait, done) - } - - close(wait) - - for i := 0; i < numReaders+numWriters; i++ { - <-done - } - - } - -} - -func BenchmarkMutexSameReadWrite1(b *testing.B) { - benchmarkMutex(b, 1, 1, 32) -} -func BenchmarkMutexSameReadWrite2(b *testing.B) { - benchmarkMutex(b, 2, 2, 32) -} -func BenchmarkMutexSameReadWrite4(b *testing.B) { - benchmarkMutex(b, 4, 4, 32) -} -func BenchmarkMutex1(b *testing.B) { - benchmarkMutex(b, 2, 8, 32) -} -func BenchmarkMutex2(b *testing.B) { - benchmarkMutex(b, 16, 4, 64) -} -func BenchmarkMutex3(b *testing.B) { - benchmarkMutex(b, 1, 2, 128) -} -func BenchmarkMutex4(b *testing.B) { - benchmarkMutex(b, 128, 32, 256) -} -func BenchmarkMutex5(b *testing.B) { - benchmarkMutex(b, 1024, 2048, 64) -} -func BenchmarkMutex6(b *testing.B) { - benchmarkMutex(b, 2048, 1024, 512) -} diff --git a/vendor/github.com/gorilla/context/doc.go b/vendor/github.com/gorilla/context/doc.go deleted file mode 100644 index 73c74003..00000000 --- a/vendor/github.com/gorilla/context/doc.go +++ /dev/null @@ -1,82 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -/* -Package context stores values shared during a request lifetime. - -For example, a router can set variables extracted from the URL and later -application handlers can access those values, or it can be used to store -sessions values to be saved at the end of a request. There are several -others common uses. - -The idea was posted by Brad Fitzpatrick to the go-nuts mailing list: - - http://groups.google.com/group/golang-nuts/msg/e2d679d303aa5d53 - -Here's the basic usage: first define the keys that you will need. The key -type is interface{} so a key can be of any type that supports equality. -Here we define a key using a custom int type to avoid name collisions: - - package foo - - import ( - "github.com/gorilla/context" - ) - - type key int - - const MyKey key = 0 - -Then set a variable. Variables are bound to an http.Request object, so you -need a request instance to set a value: - - context.Set(r, MyKey, "bar") - -The application can later access the variable using the same key you provided: - - func MyHandler(w http.ResponseWriter, r *http.Request) { - // val is "bar". - val := context.Get(r, foo.MyKey) - - // returns ("bar", true) - val, ok := context.GetOk(r, foo.MyKey) - // ... - } - -And that's all about the basic usage. We discuss some other ideas below. - -Any type can be stored in the context. To enforce a given type, make the key -private and wrap Get() and Set() to accept and return values of a specific -type: - - type key int - - const mykey key = 0 - - // GetMyKey returns a value for this package from the request values. - func GetMyKey(r *http.Request) SomeType { - if rv := context.Get(r, mykey); rv != nil { - return rv.(SomeType) - } - return nil - } - - // SetMyKey sets a value for this package in the request values. - func SetMyKey(r *http.Request, val SomeType) { - context.Set(r, mykey, val) - } - -Variables must be cleared at the end of a request, to remove all values -that were stored. This can be done in an http.Handler, after a request was -served. Just call Clear() passing the request: - - context.Clear(r) - -...or use ClearHandler(), which conveniently wraps an http.Handler to clear -variables at the end of a request lifetime. - -The Routers from the packages gorilla/mux and gorilla/pat call Clear() -so if you are using either of them you don't need to clear the context manually. -*/ -package context diff --git a/vendor/github.com/gorilla/mux/.travis.yml b/vendor/github.com/gorilla/mux/.travis.yml deleted file mode 100644 index d87d4657..00000000 --- a/vendor/github.com/gorilla/mux/.travis.yml +++ /dev/null @@ -1,7 +0,0 @@ -language: go - -go: - - 1.0 - - 1.1 - - 1.2 - - tip diff --git a/vendor/github.com/gorilla/mux/LICENSE b/vendor/github.com/gorilla/mux/LICENSE deleted file mode 100644 index 0e5fb872..00000000 --- a/vendor/github.com/gorilla/mux/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2012 Rodrigo Moraes. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/github.com/gorilla/mux/README.md b/vendor/github.com/gorilla/mux/README.md deleted file mode 100644 index e60301b0..00000000 --- a/vendor/github.com/gorilla/mux/README.md +++ /dev/null @@ -1,7 +0,0 @@ -mux -=== -[![Build Status](https://travis-ci.org/gorilla/mux.png?branch=master)](https://travis-ci.org/gorilla/mux) - -gorilla/mux is a powerful URL router and dispatcher. - -Read the full documentation here: http://www.gorillatoolkit.org/pkg/mux diff --git a/vendor/github.com/gorilla/mux/bench_test.go b/vendor/github.com/gorilla/mux/bench_test.go deleted file mode 100644 index c5f97b2b..00000000 --- a/vendor/github.com/gorilla/mux/bench_test.go +++ /dev/null @@ -1,21 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package mux - -import ( - "net/http" - "testing" -) - -func BenchmarkMux(b *testing.B) { - router := new(Router) - handler := func(w http.ResponseWriter, r *http.Request) {} - router.HandleFunc("/v1/{v1}", handler) - - request, _ := http.NewRequest("GET", "/v1/anything", nil) - for i := 0; i < b.N; i++ { - router.ServeHTTP(nil, request) - } -} diff --git a/vendor/github.com/gorilla/mux/doc.go b/vendor/github.com/gorilla/mux/doc.go deleted file mode 100644 index b2deed34..00000000 --- a/vendor/github.com/gorilla/mux/doc.go +++ /dev/null @@ -1,199 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -/* -Package gorilla/mux implements a request router and dispatcher. - -The name mux stands for "HTTP request multiplexer". Like the standard -http.ServeMux, mux.Router matches incoming requests against a list of -registered routes and calls a handler for the route that matches the URL -or other conditions. The main features are: - - * Requests can be matched based on URL host, path, path prefix, schemes, - header and query values, HTTP methods or using custom matchers. - * URL hosts and paths can have variables with an optional regular - expression. - * Registered URLs can be built, or "reversed", which helps maintaining - references to resources. - * Routes can be used as subrouters: nested routes are only tested if the - parent route matches. This is useful to define groups of routes that - share common conditions like a host, a path prefix or other repeated - attributes. As a bonus, this optimizes request matching. - * It implements the http.Handler interface so it is compatible with the - standard http.ServeMux. - -Let's start registering a couple of URL paths and handlers: - - func main() { - r := mux.NewRouter() - r.HandleFunc("/", HomeHandler) - r.HandleFunc("/products", ProductsHandler) - r.HandleFunc("/articles", ArticlesHandler) - http.Handle("/", r) - } - -Here we register three routes mapping URL paths to handlers. This is -equivalent to how http.HandleFunc() works: if an incoming request URL matches -one of the paths, the corresponding handler is called passing -(http.ResponseWriter, *http.Request) as parameters. - -Paths can have variables. They are defined using the format {name} or -{name:pattern}. If a regular expression pattern is not defined, the matched -variable will be anything until the next slash. For example: - - r := mux.NewRouter() - r.HandleFunc("/products/{key}", ProductHandler) - r.HandleFunc("/articles/{category}/", ArticlesCategoryHandler) - r.HandleFunc("/articles/{category}/{id:[0-9]+}", ArticleHandler) - -The names are used to create a map of route variables which can be retrieved -calling mux.Vars(): - - vars := mux.Vars(request) - category := vars["category"] - -And this is all you need to know about the basic usage. More advanced options -are explained below. - -Routes can also be restricted to a domain or subdomain. Just define a host -pattern to be matched. They can also have variables: - - r := mux.NewRouter() - // Only matches if domain is "www.domain.com". - r.Host("www.domain.com") - // Matches a dynamic subdomain. - r.Host("{subdomain:[a-z]+}.domain.com") - -There are several other matchers that can be added. To match path prefixes: - - r.PathPrefix("/products/") - -...or HTTP methods: - - r.Methods("GET", "POST") - -...or URL schemes: - - r.Schemes("https") - -...or header values: - - r.Headers("X-Requested-With", "XMLHttpRequest") - -...or query values: - - r.Queries("key", "value") - -...or to use a custom matcher function: - - r.MatcherFunc(func(r *http.Request, rm *RouteMatch) bool { - return r.ProtoMajor == 0 - }) - -...and finally, it is possible to combine several matchers in a single route: - - r.HandleFunc("/products", ProductsHandler). - Host("www.domain.com"). - Methods("GET"). - Schemes("http") - -Setting the same matching conditions again and again can be boring, so we have -a way to group several routes that share the same requirements. -We call it "subrouting". - -For example, let's say we have several URLs that should only match when the -host is "www.domain.com". Create a route for that host and get a "subrouter" -from it: - - r := mux.NewRouter() - s := r.Host("www.domain.com").Subrouter() - -Then register routes in the subrouter: - - s.HandleFunc("/products/", ProductsHandler) - s.HandleFunc("/products/{key}", ProductHandler) - s.HandleFunc("/articles/{category}/{id:[0-9]+}"), ArticleHandler) - -The three URL paths we registered above will only be tested if the domain is -"www.domain.com", because the subrouter is tested first. This is not -only convenient, but also optimizes request matching. You can create -subrouters combining any attribute matchers accepted by a route. - -Subrouters can be used to create domain or path "namespaces": you define -subrouters in a central place and then parts of the app can register its -paths relatively to a given subrouter. - -There's one more thing about subroutes. When a subrouter has a path prefix, -the inner routes use it as base for their paths: - - r := mux.NewRouter() - s := r.PathPrefix("/products").Subrouter() - // "/products/" - s.HandleFunc("/", ProductsHandler) - // "/products/{key}/" - s.HandleFunc("/{key}/", ProductHandler) - // "/products/{key}/details" - s.HandleFunc("/{key}/details", ProductDetailsHandler) - -Now let's see how to build registered URLs. - -Routes can be named. All routes that define a name can have their URLs built, -or "reversed". We define a name calling Name() on a route. For example: - - r := mux.NewRouter() - r.HandleFunc("/articles/{category}/{id:[0-9]+}", ArticleHandler). - Name("article") - -To build a URL, get the route and call the URL() method, passing a sequence of -key/value pairs for the route variables. For the previous route, we would do: - - url, err := r.Get("article").URL("category", "technology", "id", "42") - -...and the result will be a url.URL with the following path: - - "/articles/technology/42" - -This also works for host variables: - - r := mux.NewRouter() - r.Host("{subdomain}.domain.com"). - Path("/articles/{category}/{id:[0-9]+}"). - HandlerFunc(ArticleHandler). - Name("article") - - // url.String() will be "http://news.domain.com/articles/technology/42" - url, err := r.Get("article").URL("subdomain", "news", - "category", "technology", - "id", "42") - -All variables defined in the route are required, and their values must -conform to the corresponding patterns. These requirements guarantee that a -generated URL will always match a registered route -- the only exception is -for explicitly defined "build-only" routes which never match. - -There's also a way to build only the URL host or path for a route: -use the methods URLHost() or URLPath() instead. For the previous route, -we would do: - - // "http://news.domain.com/" - host, err := r.Get("article").URLHost("subdomain", "news") - - // "/articles/technology/42" - path, err := r.Get("article").URLPath("category", "technology", "id", "42") - -And if you use subrouters, host and path defined separately can be built -as well: - - r := mux.NewRouter() - s := r.Host("{subdomain}.domain.com").Subrouter() - s.Path("/articles/{category}/{id:[0-9]+}"). - HandlerFunc(ArticleHandler). - Name("article") - - // "http://news.domain.com/articles/technology/42" - url, err := r.Get("article").URL("subdomain", "news", - "category", "technology", - "id", "42") -*/ -package mux diff --git a/vendor/github.com/gorilla/mux/mux.go b/vendor/github.com/gorilla/mux/mux.go deleted file mode 100644 index 5b5f8e7d..00000000 --- a/vendor/github.com/gorilla/mux/mux.go +++ /dev/null @@ -1,353 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package mux - -import ( - "fmt" - "net/http" - "path" - - "github.com/gorilla/context" -) - -// NewRouter returns a new router instance. -func NewRouter() *Router { - return &Router{namedRoutes: make(map[string]*Route), KeepContext: false} -} - -// Router registers routes to be matched and dispatches a handler. -// -// It implements the http.Handler interface, so it can be registered to serve -// requests: -// -// var router = mux.NewRouter() -// -// func main() { -// http.Handle("/", router) -// } -// -// Or, for Google App Engine, register it in a init() function: -// -// func init() { -// http.Handle("/", router) -// } -// -// This will send all incoming requests to the router. -type Router struct { - // Configurable Handler to be used when no route matches. - NotFoundHandler http.Handler - // Parent route, if this is a subrouter. - parent parentRoute - // Routes to be matched, in order. - routes []*Route - // Routes by name for URL building. - namedRoutes map[string]*Route - // See Router.StrictSlash(). This defines the flag for new routes. - strictSlash bool - // If true, do not clear the request context after handling the request - KeepContext bool -} - -// Match matches registered routes against the request. -func (r *Router) Match(req *http.Request, match *RouteMatch) bool { - for _, route := range r.routes { - if route.Match(req, match) { - return true - } - } - return false -} - -// ServeHTTP dispatches the handler registered in the matched route. -// -// When there is a match, the route variables can be retrieved calling -// mux.Vars(request). -func (r *Router) ServeHTTP(w http.ResponseWriter, req *http.Request) { - // Clean path to canonical form and redirect. - if p := cleanPath(req.URL.Path); p != req.URL.Path { - - // Added 3 lines (Philip Schlump) - It was droping the query string and #whatever from query. - // This matches with fix in go 1.2 r.c. 4 for same problem. Go Issue: - // http://code.google.com/p/go/issues/detail?id=5252 - url := *req.URL - url.Path = p - p = url.String() - - w.Header().Set("Location", p) - w.WriteHeader(http.StatusMovedPermanently) - return - } - var match RouteMatch - var handler http.Handler - if r.Match(req, &match) { - handler = match.Handler - setVars(req, match.Vars) - setCurrentRoute(req, match.Route) - } - if handler == nil { - handler = r.NotFoundHandler - if handler == nil { - handler = http.NotFoundHandler() - } - } - if !r.KeepContext { - defer context.Clear(req) - } - handler.ServeHTTP(w, req) -} - -// Get returns a route registered with the given name. -func (r *Router) Get(name string) *Route { - return r.getNamedRoutes()[name] -} - -// GetRoute returns a route registered with the given name. This method -// was renamed to Get() and remains here for backwards compatibility. -func (r *Router) GetRoute(name string) *Route { - return r.getNamedRoutes()[name] -} - -// StrictSlash defines the trailing slash behavior for new routes. The initial -// value is false. -// -// When true, if the route path is "/path/", accessing "/path" will redirect -// to the former and vice versa. In other words, your application will always -// see the path as specified in the route. -// -// When false, if the route path is "/path", accessing "/path/" will not match -// this route and vice versa. -// -// Special case: when a route sets a path prefix using the PathPrefix() method, -// strict slash is ignored for that route because the redirect behavior can't -// be determined from a prefix alone. However, any subrouters created from that -// route inherit the original StrictSlash setting. -func (r *Router) StrictSlash(value bool) *Router { - r.strictSlash = value - return r -} - -// ---------------------------------------------------------------------------- -// parentRoute -// ---------------------------------------------------------------------------- - -// getNamedRoutes returns the map where named routes are registered. -func (r *Router) getNamedRoutes() map[string]*Route { - if r.namedRoutes == nil { - if r.parent != nil { - r.namedRoutes = r.parent.getNamedRoutes() - } else { - r.namedRoutes = make(map[string]*Route) - } - } - return r.namedRoutes -} - -// getRegexpGroup returns regexp definitions from the parent route, if any. -func (r *Router) getRegexpGroup() *routeRegexpGroup { - if r.parent != nil { - return r.parent.getRegexpGroup() - } - return nil -} - -// ---------------------------------------------------------------------------- -// Route factories -// ---------------------------------------------------------------------------- - -// NewRoute registers an empty route. -func (r *Router) NewRoute() *Route { - route := &Route{parent: r, strictSlash: r.strictSlash} - r.routes = append(r.routes, route) - return route -} - -// Handle registers a new route with a matcher for the URL path. -// See Route.Path() and Route.Handler(). -func (r *Router) Handle(path string, handler http.Handler) *Route { - return r.NewRoute().Path(path).Handler(handler) -} - -// HandleFunc registers a new route with a matcher for the URL path. -// See Route.Path() and Route.HandlerFunc(). -func (r *Router) HandleFunc(path string, f func(http.ResponseWriter, - *http.Request)) *Route { - return r.NewRoute().Path(path).HandlerFunc(f) -} - -// Headers registers a new route with a matcher for request header values. -// See Route.Headers(). -func (r *Router) Headers(pairs ...string) *Route { - return r.NewRoute().Headers(pairs...) -} - -// Host registers a new route with a matcher for the URL host. -// See Route.Host(). -func (r *Router) Host(tpl string) *Route { - return r.NewRoute().Host(tpl) -} - -// MatcherFunc registers a new route with a custom matcher function. -// See Route.MatcherFunc(). -func (r *Router) MatcherFunc(f MatcherFunc) *Route { - return r.NewRoute().MatcherFunc(f) -} - -// Methods registers a new route with a matcher for HTTP methods. -// See Route.Methods(). -func (r *Router) Methods(methods ...string) *Route { - return r.NewRoute().Methods(methods...) -} - -// Path registers a new route with a matcher for the URL path. -// See Route.Path(). -func (r *Router) Path(tpl string) *Route { - return r.NewRoute().Path(tpl) -} - -// PathPrefix registers a new route with a matcher for the URL path prefix. -// See Route.PathPrefix(). -func (r *Router) PathPrefix(tpl string) *Route { - return r.NewRoute().PathPrefix(tpl) -} - -// Queries registers a new route with a matcher for URL query values. -// See Route.Queries(). -func (r *Router) Queries(pairs ...string) *Route { - return r.NewRoute().Queries(pairs...) -} - -// Schemes registers a new route with a matcher for URL schemes. -// See Route.Schemes(). -func (r *Router) Schemes(schemes ...string) *Route { - return r.NewRoute().Schemes(schemes...) -} - -// ---------------------------------------------------------------------------- -// Context -// ---------------------------------------------------------------------------- - -// RouteMatch stores information about a matched route. -type RouteMatch struct { - Route *Route - Handler http.Handler - Vars map[string]string -} - -type contextKey int - -const ( - varsKey contextKey = iota - routeKey -) - -// Vars returns the route variables for the current request, if any. -func Vars(r *http.Request) map[string]string { - if rv := context.Get(r, varsKey); rv != nil { - return rv.(map[string]string) - } - return nil -} - -// CurrentRoute returns the matched route for the current request, if any. -func CurrentRoute(r *http.Request) *Route { - if rv := context.Get(r, routeKey); rv != nil { - return rv.(*Route) - } - return nil -} - -func setVars(r *http.Request, val interface{}) { - context.Set(r, varsKey, val) -} - -func setCurrentRoute(r *http.Request, val interface{}) { - context.Set(r, routeKey, val) -} - -// ---------------------------------------------------------------------------- -// Helpers -// ---------------------------------------------------------------------------- - -// cleanPath returns the canonical path for p, eliminating . and .. elements. -// Borrowed from the net/http package. -func cleanPath(p string) string { - if p == "" { - return "/" - } - if p[0] != '/' { - p = "/" + p - } - np := path.Clean(p) - // path.Clean removes trailing slash except for root; - // put the trailing slash back if necessary. - if p[len(p)-1] == '/' && np != "/" { - np += "/" - } - return np -} - -// uniqueVars returns an error if two slices contain duplicated strings. -func uniqueVars(s1, s2 []string) error { - for _, v1 := range s1 { - for _, v2 := range s2 { - if v1 == v2 { - return fmt.Errorf("mux: duplicated route variable %q", v2) - } - } - } - return nil -} - -// mapFromPairs converts variadic string parameters to a string map. -func mapFromPairs(pairs ...string) (map[string]string, error) { - length := len(pairs) - if length%2 != 0 { - return nil, fmt.Errorf( - "mux: number of parameters must be multiple of 2, got %v", pairs) - } - m := make(map[string]string, length/2) - for i := 0; i < length; i += 2 { - m[pairs[i]] = pairs[i+1] - } - return m, nil -} - -// matchInArray returns true if the given string value is in the array. -func matchInArray(arr []string, value string) bool { - for _, v := range arr { - if v == value { - return true - } - } - return false -} - -// matchMap returns true if the given key/value pairs exist in a given map. -func matchMap(toCheck map[string]string, toMatch map[string][]string, - canonicalKey bool) bool { - for k, v := range toCheck { - // Check if key exists. - if canonicalKey { - k = http.CanonicalHeaderKey(k) - } - if values := toMatch[k]; values == nil { - return false - } else if v != "" { - // If value was defined as an empty string we only check that the - // key exists. Otherwise we also check for equality. - valueExists := false - for _, value := range values { - if v == value { - valueExists = true - break - } - } - if !valueExists { - return false - } - } - } - return true -} diff --git a/vendor/github.com/gorilla/mux/mux_test.go b/vendor/github.com/gorilla/mux/mux_test.go deleted file mode 100644 index e455bce8..00000000 --- a/vendor/github.com/gorilla/mux/mux_test.go +++ /dev/null @@ -1,943 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package mux - -import ( - "fmt" - "net/http" - "testing" - - "github.com/gorilla/context" -) - -type routeTest struct { - title string // title of the test - route *Route // the route being tested - request *http.Request // a request to test the route - vars map[string]string // the expected vars of the match - host string // the expected host of the match - path string // the expected path of the match - shouldMatch bool // whether the request is expected to match the route at all - shouldRedirect bool // whether the request should result in a redirect -} - -func TestHost(t *testing.T) { - // newRequestHost a new request with a method, url, and host header - newRequestHost := func(method, url, host string) *http.Request { - req, err := http.NewRequest(method, url, nil) - if err != nil { - panic(err) - } - req.Host = host - return req - } - - tests := []routeTest{ - { - title: "Host route match", - route: new(Route).Host("aaa.bbb.ccc"), - request: newRequest("GET", "http://aaa.bbb.ccc/111/222/333"), - vars: map[string]string{}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: true, - }, - { - title: "Host route, wrong host in request URL", - route: new(Route).Host("aaa.bbb.ccc"), - request: newRequest("GET", "http://aaa.222.ccc/111/222/333"), - vars: map[string]string{}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: false, - }, - { - title: "Host route with port, match", - route: new(Route).Host("aaa.bbb.ccc:1234"), - request: newRequest("GET", "http://aaa.bbb.ccc:1234/111/222/333"), - vars: map[string]string{}, - host: "aaa.bbb.ccc:1234", - path: "", - shouldMatch: true, - }, - { - title: "Host route with port, wrong port in request URL", - route: new(Route).Host("aaa.bbb.ccc:1234"), - request: newRequest("GET", "http://aaa.bbb.ccc:9999/111/222/333"), - vars: map[string]string{}, - host: "aaa.bbb.ccc:1234", - path: "", - shouldMatch: false, - }, - { - title: "Host route, match with host in request header", - route: new(Route).Host("aaa.bbb.ccc"), - request: newRequestHost("GET", "/111/222/333", "aaa.bbb.ccc"), - vars: map[string]string{}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: true, - }, - { - title: "Host route, wrong host in request header", - route: new(Route).Host("aaa.bbb.ccc"), - request: newRequestHost("GET", "/111/222/333", "aaa.222.ccc"), - vars: map[string]string{}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: false, - }, - // BUG {new(Route).Host("aaa.bbb.ccc:1234"), newRequestHost("GET", "/111/222/333", "aaa.bbb.ccc:1234"), map[string]string{}, "aaa.bbb.ccc:1234", "", true}, - { - title: "Host route with port, wrong host in request header", - route: new(Route).Host("aaa.bbb.ccc:1234"), - request: newRequestHost("GET", "/111/222/333", "aaa.bbb.ccc:9999"), - vars: map[string]string{}, - host: "aaa.bbb.ccc:1234", - path: "", - shouldMatch: false, - }, - { - title: "Host route with pattern, match", - route: new(Route).Host("aaa.{v1:[a-z]{3}}.ccc"), - request: newRequest("GET", "http://aaa.bbb.ccc/111/222/333"), - vars: map[string]string{"v1": "bbb"}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: true, - }, - { - title: "Host route with pattern, wrong host in request URL", - route: new(Route).Host("aaa.{v1:[a-z]{3}}.ccc"), - request: newRequest("GET", "http://aaa.222.ccc/111/222/333"), - vars: map[string]string{"v1": "bbb"}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: false, - }, - { - title: "Host route with multiple patterns, match", - route: new(Route).Host("{v1:[a-z]{3}}.{v2:[a-z]{3}}.{v3:[a-z]{3}}"), - request: newRequest("GET", "http://aaa.bbb.ccc/111/222/333"), - vars: map[string]string{"v1": "aaa", "v2": "bbb", "v3": "ccc"}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: true, - }, - { - title: "Host route with multiple patterns, wrong host in request URL", - route: new(Route).Host("{v1:[a-z]{3}}.{v2:[a-z]{3}}.{v3:[a-z]{3}}"), - request: newRequest("GET", "http://aaa.222.ccc/111/222/333"), - vars: map[string]string{"v1": "aaa", "v2": "bbb", "v3": "ccc"}, - host: "aaa.bbb.ccc", - path: "", - shouldMatch: false, - }, - } - for _, test := range tests { - testRoute(t, test) - } -} - -func TestPath(t *testing.T) { - tests := []routeTest{ - { - title: "Path route, match", - route: new(Route).Path("/111/222/333"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{}, - host: "", - path: "/111/222/333", - shouldMatch: true, - }, - { - title: "Path route, match with trailing slash in request and path", - route: new(Route).Path("/111/"), - request: newRequest("GET", "http://localhost/111/"), - vars: map[string]string{}, - host: "", - path: "/111/", - shouldMatch: true, - }, - { - title: "Path route, do not match with trailing slash in path", - route: new(Route).Path("/111/"), - request: newRequest("GET", "http://localhost/111"), - vars: map[string]string{}, - host: "", - path: "/111", - shouldMatch: false, - }, - { - title: "Path route, do not match with trailing slash in request", - route: new(Route).Path("/111"), - request: newRequest("GET", "http://localhost/111/"), - vars: map[string]string{}, - host: "", - path: "/111/", - shouldMatch: false, - }, - { - title: "Path route, wrong path in request in request URL", - route: new(Route).Path("/111/222/333"), - request: newRequest("GET", "http://localhost/1/2/3"), - vars: map[string]string{}, - host: "", - path: "/111/222/333", - shouldMatch: false, - }, - { - title: "Path route with pattern, match", - route: new(Route).Path("/111/{v1:[0-9]{3}}/333"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{"v1": "222"}, - host: "", - path: "/111/222/333", - shouldMatch: true, - }, - { - title: "Path route with pattern, URL in request does not match", - route: new(Route).Path("/111/{v1:[0-9]{3}}/333"), - request: newRequest("GET", "http://localhost/111/aaa/333"), - vars: map[string]string{"v1": "222"}, - host: "", - path: "/111/222/333", - shouldMatch: false, - }, - { - title: "Path route with multiple patterns, match", - route: new(Route).Path("/{v1:[0-9]{3}}/{v2:[0-9]{3}}/{v3:[0-9]{3}}"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{"v1": "111", "v2": "222", "v3": "333"}, - host: "", - path: "/111/222/333", - shouldMatch: true, - }, - { - title: "Path route with multiple patterns, URL in request does not match", - route: new(Route).Path("/{v1:[0-9]{3}}/{v2:[0-9]{3}}/{v3:[0-9]{3}}"), - request: newRequest("GET", "http://localhost/111/aaa/333"), - vars: map[string]string{"v1": "111", "v2": "222", "v3": "333"}, - host: "", - path: "/111/222/333", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestPathPrefix(t *testing.T) { - tests := []routeTest{ - { - title: "PathPrefix route, match", - route: new(Route).PathPrefix("/111"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{}, - host: "", - path: "/111", - shouldMatch: true, - }, - { - title: "PathPrefix route, match substring", - route: new(Route).PathPrefix("/1"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{}, - host: "", - path: "/1", - shouldMatch: true, - }, - { - title: "PathPrefix route, URL prefix in request does not match", - route: new(Route).PathPrefix("/111"), - request: newRequest("GET", "http://localhost/1/2/3"), - vars: map[string]string{}, - host: "", - path: "/111", - shouldMatch: false, - }, - { - title: "PathPrefix route with pattern, match", - route: new(Route).PathPrefix("/111/{v1:[0-9]{3}}"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{"v1": "222"}, - host: "", - path: "/111/222", - shouldMatch: true, - }, - { - title: "PathPrefix route with pattern, URL prefix in request does not match", - route: new(Route).PathPrefix("/111/{v1:[0-9]{3}}"), - request: newRequest("GET", "http://localhost/111/aaa/333"), - vars: map[string]string{"v1": "222"}, - host: "", - path: "/111/222", - shouldMatch: false, - }, - { - title: "PathPrefix route with multiple patterns, match", - route: new(Route).PathPrefix("/{v1:[0-9]{3}}/{v2:[0-9]{3}}"), - request: newRequest("GET", "http://localhost/111/222/333"), - vars: map[string]string{"v1": "111", "v2": "222"}, - host: "", - path: "/111/222", - shouldMatch: true, - }, - { - title: "PathPrefix route with multiple patterns, URL prefix in request does not match", - route: new(Route).PathPrefix("/{v1:[0-9]{3}}/{v2:[0-9]{3}}"), - request: newRequest("GET", "http://localhost/111/aaa/333"), - vars: map[string]string{"v1": "111", "v2": "222"}, - host: "", - path: "/111/222", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestHostPath(t *testing.T) { - tests := []routeTest{ - { - title: "Host and Path route, match", - route: new(Route).Host("aaa.bbb.ccc").Path("/111/222/333"), - request: newRequest("GET", "http://aaa.bbb.ccc/111/222/333"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Host and Path route, wrong host in request URL", - route: new(Route).Host("aaa.bbb.ccc").Path("/111/222/333"), - request: newRequest("GET", "http://aaa.222.ccc/111/222/333"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - { - title: "Host and Path route with pattern, match", - route: new(Route).Host("aaa.{v1:[a-z]{3}}.ccc").Path("/111/{v2:[0-9]{3}}/333"), - request: newRequest("GET", "http://aaa.bbb.ccc/111/222/333"), - vars: map[string]string{"v1": "bbb", "v2": "222"}, - host: "aaa.bbb.ccc", - path: "/111/222/333", - shouldMatch: true, - }, - { - title: "Host and Path route with pattern, URL in request does not match", - route: new(Route).Host("aaa.{v1:[a-z]{3}}.ccc").Path("/111/{v2:[0-9]{3}}/333"), - request: newRequest("GET", "http://aaa.222.ccc/111/222/333"), - vars: map[string]string{"v1": "bbb", "v2": "222"}, - host: "aaa.bbb.ccc", - path: "/111/222/333", - shouldMatch: false, - }, - { - title: "Host and Path route with multiple patterns, match", - route: new(Route).Host("{v1:[a-z]{3}}.{v2:[a-z]{3}}.{v3:[a-z]{3}}").Path("/{v4:[0-9]{3}}/{v5:[0-9]{3}}/{v6:[0-9]{3}}"), - request: newRequest("GET", "http://aaa.bbb.ccc/111/222/333"), - vars: map[string]string{"v1": "aaa", "v2": "bbb", "v3": "ccc", "v4": "111", "v5": "222", "v6": "333"}, - host: "aaa.bbb.ccc", - path: "/111/222/333", - shouldMatch: true, - }, - { - title: "Host and Path route with multiple patterns, URL in request does not match", - route: new(Route).Host("{v1:[a-z]{3}}.{v2:[a-z]{3}}.{v3:[a-z]{3}}").Path("/{v4:[0-9]{3}}/{v5:[0-9]{3}}/{v6:[0-9]{3}}"), - request: newRequest("GET", "http://aaa.222.ccc/111/222/333"), - vars: map[string]string{"v1": "aaa", "v2": "bbb", "v3": "ccc", "v4": "111", "v5": "222", "v6": "333"}, - host: "aaa.bbb.ccc", - path: "/111/222/333", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestHeaders(t *testing.T) { - // newRequestHeaders creates a new request with a method, url, and headers - newRequestHeaders := func(method, url string, headers map[string]string) *http.Request { - req, err := http.NewRequest(method, url, nil) - if err != nil { - panic(err) - } - for k, v := range headers { - req.Header.Add(k, v) - } - return req - } - - tests := []routeTest{ - { - title: "Headers route, match", - route: new(Route).Headers("foo", "bar", "baz", "ding"), - request: newRequestHeaders("GET", "http://localhost", map[string]string{"foo": "bar", "baz": "ding"}), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Headers route, bad header values", - route: new(Route).Headers("foo", "bar", "baz", "ding"), - request: newRequestHeaders("GET", "http://localhost", map[string]string{"foo": "bar", "baz": "dong"}), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } - -} - -func TestMethods(t *testing.T) { - tests := []routeTest{ - { - title: "Methods route, match GET", - route: new(Route).Methods("GET", "POST"), - request: newRequest("GET", "http://localhost"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Methods route, match POST", - route: new(Route).Methods("GET", "POST"), - request: newRequest("POST", "http://localhost"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Methods route, bad method", - route: new(Route).Methods("GET", "POST"), - request: newRequest("PUT", "http://localhost"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestQueries(t *testing.T) { - tests := []routeTest{ - { - title: "Queries route, match", - route: new(Route).Queries("foo", "bar", "baz", "ding"), - request: newRequest("GET", "http://localhost?foo=bar&baz=ding"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Queries route, match with a query string", - route: new(Route).Host("www.example.com").Path("/api").Queries("foo", "bar", "baz", "ding"), - request: newRequest("GET", "http://www.example.com/api?foo=bar&baz=ding"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Queries route, match with a query string out of order", - route: new(Route).Host("www.example.com").Path("/api").Queries("foo", "bar", "baz", "ding"), - request: newRequest("GET", "http://www.example.com/api?baz=ding&foo=bar"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Queries route, bad query", - route: new(Route).Queries("foo", "bar", "baz", "ding"), - request: newRequest("GET", "http://localhost?foo=bar&baz=dong"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - { - title: "Queries route with pattern, match", - route: new(Route).Queries("foo", "{v1}"), - request: newRequest("GET", "http://localhost?foo=bar"), - vars: map[string]string{"v1": "bar"}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Queries route with multiple patterns, match", - route: new(Route).Queries("foo", "{v1}", "baz", "{v2}"), - request: newRequest("GET", "http://localhost?foo=bar&baz=ding"), - vars: map[string]string{"v1": "bar", "v2": "ding"}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Queries route with regexp pattern, match", - route: new(Route).Queries("foo", "{v1:[0-9]+}"), - request: newRequest("GET", "http://localhost?foo=10"), - vars: map[string]string{"v1": "10"}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Queries route with regexp pattern, regexp does not match", - route: new(Route).Queries("foo", "{v1:[0-9]+}"), - request: newRequest("GET", "http://localhost?foo=a"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestSchemes(t *testing.T) { - tests := []routeTest{ - // Schemes - { - title: "Schemes route, match https", - route: new(Route).Schemes("https", "ftp"), - request: newRequest("GET", "https://localhost"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Schemes route, match ftp", - route: new(Route).Schemes("https", "ftp"), - request: newRequest("GET", "ftp://localhost"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "Schemes route, bad scheme", - route: new(Route).Schemes("https", "ftp"), - request: newRequest("GET", "http://localhost"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - } - for _, test := range tests { - testRoute(t, test) - } -} - -func TestMatcherFunc(t *testing.T) { - m := func(r *http.Request, m *RouteMatch) bool { - if r.URL.Host == "aaa.bbb.ccc" { - return true - } - return false - } - - tests := []routeTest{ - { - title: "MatchFunc route, match", - route: new(Route).MatcherFunc(m), - request: newRequest("GET", "http://aaa.bbb.ccc"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: true, - }, - { - title: "MatchFunc route, non-match", - route: new(Route).MatcherFunc(m), - request: newRequest("GET", "http://aaa.222.ccc"), - vars: map[string]string{}, - host: "", - path: "", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestSubRouter(t *testing.T) { - subrouter1 := new(Route).Host("{v1:[a-z]+}.google.com").Subrouter() - subrouter2 := new(Route).PathPrefix("/foo/{v1}").Subrouter() - - tests := []routeTest{ - { - route: subrouter1.Path("/{v2:[a-z]+}"), - request: newRequest("GET", "http://aaa.google.com/bbb"), - vars: map[string]string{"v1": "aaa", "v2": "bbb"}, - host: "aaa.google.com", - path: "/bbb", - shouldMatch: true, - }, - { - route: subrouter1.Path("/{v2:[a-z]+}"), - request: newRequest("GET", "http://111.google.com/111"), - vars: map[string]string{"v1": "aaa", "v2": "bbb"}, - host: "aaa.google.com", - path: "/bbb", - shouldMatch: false, - }, - { - route: subrouter2.Path("/baz/{v2}"), - request: newRequest("GET", "http://localhost/foo/bar/baz/ding"), - vars: map[string]string{"v1": "bar", "v2": "ding"}, - host: "", - path: "/foo/bar/baz/ding", - shouldMatch: true, - }, - { - route: subrouter2.Path("/baz/{v2}"), - request: newRequest("GET", "http://localhost/foo/bar"), - vars: map[string]string{"v1": "bar", "v2": "ding"}, - host: "", - path: "/foo/bar/baz/ding", - shouldMatch: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -func TestNamedRoutes(t *testing.T) { - r1 := NewRouter() - r1.NewRoute().Name("a") - r1.NewRoute().Name("b") - r1.NewRoute().Name("c") - - r2 := r1.NewRoute().Subrouter() - r2.NewRoute().Name("d") - r2.NewRoute().Name("e") - r2.NewRoute().Name("f") - - r3 := r2.NewRoute().Subrouter() - r3.NewRoute().Name("g") - r3.NewRoute().Name("h") - r3.NewRoute().Name("i") - - if r1.namedRoutes == nil || len(r1.namedRoutes) != 9 { - t.Errorf("Expected 9 named routes, got %v", r1.namedRoutes) - } else if r1.Get("i") == nil { - t.Errorf("Subroute name not registered") - } -} - -func TestStrictSlash(t *testing.T) { - r := NewRouter() - r.StrictSlash(true) - - tests := []routeTest{ - { - title: "Redirect path without slash", - route: r.NewRoute().Path("/111/"), - request: newRequest("GET", "http://localhost/111"), - vars: map[string]string{}, - host: "", - path: "/111/", - shouldMatch: true, - shouldRedirect: true, - }, - { - title: "Do not redirect path with slash", - route: r.NewRoute().Path("/111/"), - request: newRequest("GET", "http://localhost/111/"), - vars: map[string]string{}, - host: "", - path: "/111/", - shouldMatch: true, - shouldRedirect: false, - }, - { - title: "Redirect path with slash", - route: r.NewRoute().Path("/111"), - request: newRequest("GET", "http://localhost/111/"), - vars: map[string]string{}, - host: "", - path: "/111", - shouldMatch: true, - shouldRedirect: true, - }, - { - title: "Do not redirect path without slash", - route: r.NewRoute().Path("/111"), - request: newRequest("GET", "http://localhost/111"), - vars: map[string]string{}, - host: "", - path: "/111", - shouldMatch: true, - shouldRedirect: false, - }, - { - title: "Propagate StrictSlash to subrouters", - route: r.NewRoute().PathPrefix("/static/").Subrouter().Path("/images/"), - request: newRequest("GET", "http://localhost/static/images"), - vars: map[string]string{}, - host: "", - path: "/static/images/", - shouldMatch: true, - shouldRedirect: true, - }, - { - title: "Ignore StrictSlash for path prefix", - route: r.NewRoute().PathPrefix("/static/"), - request: newRequest("GET", "http://localhost/static/logo.png"), - vars: map[string]string{}, - host: "", - path: "/static/", - shouldMatch: true, - shouldRedirect: false, - }, - } - - for _, test := range tests { - testRoute(t, test) - } -} - -// ---------------------------------------------------------------------------- -// Helpers -// ---------------------------------------------------------------------------- - -func getRouteTemplate(route *Route) string { - host, path := "none", "none" - if route.regexp != nil { - if route.regexp.host != nil { - host = route.regexp.host.template - } - if route.regexp.path != nil { - path = route.regexp.path.template - } - } - return fmt.Sprintf("Host: %v, Path: %v", host, path) -} - -func testRoute(t *testing.T, test routeTest) { - request := test.request - route := test.route - vars := test.vars - shouldMatch := test.shouldMatch - host := test.host - path := test.path - url := test.host + test.path - shouldRedirect := test.shouldRedirect - - var match RouteMatch - ok := route.Match(request, &match) - if ok != shouldMatch { - msg := "Should match" - if !shouldMatch { - msg = "Should not match" - } - t.Errorf("(%v) %v:\nRoute: %#v\nRequest: %#v\nVars: %v\n", test.title, msg, route, request, vars) - return - } - if shouldMatch { - if test.vars != nil && !stringMapEqual(test.vars, match.Vars) { - t.Errorf("(%v) Vars not equal: expected %v, got %v", test.title, vars, match.Vars) - return - } - if host != "" { - u, _ := test.route.URLHost(mapToPairs(match.Vars)...) - if host != u.Host { - t.Errorf("(%v) URLHost not equal: expected %v, got %v -- %v", test.title, host, u.Host, getRouteTemplate(route)) - return - } - } - if path != "" { - u, _ := route.URLPath(mapToPairs(match.Vars)...) - if path != u.Path { - t.Errorf("(%v) URLPath not equal: expected %v, got %v -- %v", test.title, path, u.Path, getRouteTemplate(route)) - return - } - } - if url != "" { - u, _ := route.URL(mapToPairs(match.Vars)...) - if url != u.Host+u.Path { - t.Errorf("(%v) URL not equal: expected %v, got %v -- %v", test.title, url, u.Host+u.Path, getRouteTemplate(route)) - return - } - } - if shouldRedirect && match.Handler == nil { - t.Errorf("(%v) Did not redirect", test.title) - return - } - if !shouldRedirect && match.Handler != nil { - t.Errorf("(%v) Unexpected redirect", test.title) - return - } - } -} - -// Tests that the context is cleared or not cleared properly depending on -// the configuration of the router -func TestKeepContext(t *testing.T) { - func1 := func(w http.ResponseWriter, r *http.Request) {} - - r := NewRouter() - r.HandleFunc("/", func1).Name("func1") - - req, _ := http.NewRequest("GET", "http://localhost/", nil) - context.Set(req, "t", 1) - - res := new(http.ResponseWriter) - r.ServeHTTP(*res, req) - - if _, ok := context.GetOk(req, "t"); ok { - t.Error("Context should have been cleared at end of request") - } - - r.KeepContext = true - - req, _ = http.NewRequest("GET", "http://localhost/", nil) - context.Set(req, "t", 1) - - r.ServeHTTP(*res, req) - if _, ok := context.GetOk(req, "t"); !ok { - t.Error("Context should NOT have been cleared at end of request") - } - -} - -type TestA301ResponseWriter struct { - hh http.Header - status int -} - -func (ho TestA301ResponseWriter) Header() http.Header { - return http.Header(ho.hh) -} - -func (ho TestA301ResponseWriter) Write(b []byte) (int, error) { - return 0, nil -} - -func (ho TestA301ResponseWriter) WriteHeader(code int) { - ho.status = code -} - -func Test301Redirect(t *testing.T) { - m := make(http.Header) - - func1 := func(w http.ResponseWriter, r *http.Request) {} - func2 := func(w http.ResponseWriter, r *http.Request) {} - - r := NewRouter() - r.HandleFunc("/api/", func2).Name("func2") - r.HandleFunc("/", func1).Name("func1") - - req, _ := http.NewRequest("GET", "http://localhost//api/?abc=def", nil) - - res := TestA301ResponseWriter{ - hh: m, - status: 0, - } - r.ServeHTTP(&res, req) - - if "http://localhost/api/?abc=def" != res.hh["Location"][0] { - t.Errorf("Should have complete URL with query string") - } -} - -// https://plus.google.com/101022900381697718949/posts/eWy6DjFJ6uW -func TestSubrouterHeader(t *testing.T) { - expected := "func1 response" - func1 := func(w http.ResponseWriter, r *http.Request) { - fmt.Fprint(w, expected) - } - func2 := func(http.ResponseWriter, *http.Request) {} - - r := NewRouter() - s := r.Headers("SomeSpecialHeader", "").Subrouter() - s.HandleFunc("/", func1).Name("func1") - r.HandleFunc("/", func2).Name("func2") - - req, _ := http.NewRequest("GET", "http://localhost/", nil) - req.Header.Add("SomeSpecialHeader", "foo") - match := new(RouteMatch) - matched := r.Match(req, match) - if !matched { - t.Errorf("Should match request") - } - if match.Route.GetName() != "func1" { - t.Errorf("Expecting func1 handler, got %s", match.Route.GetName()) - } - resp := NewRecorder() - match.Handler.ServeHTTP(resp, req) - if resp.Body.String() != expected { - t.Errorf("Expecting %q", expected) - } -} - -// mapToPairs converts a string map to a slice of string pairs -func mapToPairs(m map[string]string) []string { - var i int - p := make([]string, len(m)*2) - for k, v := range m { - p[i] = k - p[i+1] = v - i += 2 - } - return p -} - -// stringMapEqual checks the equality of two string maps -func stringMapEqual(m1, m2 map[string]string) bool { - nil1 := m1 == nil - nil2 := m2 == nil - if nil1 != nil2 || len(m1) != len(m2) { - return false - } - for k, v := range m1 { - if v != m2[k] { - return false - } - } - return true -} - -// newRequest is a helper function to create a new request with a method and url -func newRequest(method, url string) *http.Request { - req, err := http.NewRequest(method, url, nil) - if err != nil { - panic(err) - } - return req -} diff --git a/vendor/github.com/gorilla/mux/old_test.go b/vendor/github.com/gorilla/mux/old_test.go deleted file mode 100644 index 1f7c190c..00000000 --- a/vendor/github.com/gorilla/mux/old_test.go +++ /dev/null @@ -1,714 +0,0 @@ -// Old tests ported to Go1. This is a mess. Want to drop it one day. - -// Copyright 2011 Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package mux - -import ( - "bytes" - "net/http" - "testing" -) - -// ---------------------------------------------------------------------------- -// ResponseRecorder -// ---------------------------------------------------------------------------- -// Copyright 2009 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// ResponseRecorder is an implementation of http.ResponseWriter that -// records its mutations for later inspection in tests. -type ResponseRecorder struct { - Code int // the HTTP response code from WriteHeader - HeaderMap http.Header // the HTTP response headers - Body *bytes.Buffer // if non-nil, the bytes.Buffer to append written data to - Flushed bool -} - -// NewRecorder returns an initialized ResponseRecorder. -func NewRecorder() *ResponseRecorder { - return &ResponseRecorder{ - HeaderMap: make(http.Header), - Body: new(bytes.Buffer), - } -} - -// DefaultRemoteAddr is the default remote address to return in RemoteAddr if -// an explicit DefaultRemoteAddr isn't set on ResponseRecorder. -const DefaultRemoteAddr = "1.2.3.4" - -// Header returns the response headers. -func (rw *ResponseRecorder) Header() http.Header { - return rw.HeaderMap -} - -// Write always succeeds and writes to rw.Body, if not nil. -func (rw *ResponseRecorder) Write(buf []byte) (int, error) { - if rw.Body != nil { - rw.Body.Write(buf) - } - if rw.Code == 0 { - rw.Code = http.StatusOK - } - return len(buf), nil -} - -// WriteHeader sets rw.Code. -func (rw *ResponseRecorder) WriteHeader(code int) { - rw.Code = code -} - -// Flush sets rw.Flushed to true. -func (rw *ResponseRecorder) Flush() { - rw.Flushed = true -} - -// ---------------------------------------------------------------------------- - -func TestRouteMatchers(t *testing.T) { - var scheme, host, path, query, method string - var headers map[string]string - var resultVars map[bool]map[string]string - - router := NewRouter() - router.NewRoute().Host("{var1}.google.com"). - Path("/{var2:[a-z]+}/{var3:[0-9]+}"). - Queries("foo", "bar"). - Methods("GET"). - Schemes("https"). - Headers("x-requested-with", "XMLHttpRequest") - router.NewRoute().Host("www.{var4}.com"). - PathPrefix("/foo/{var5:[a-z]+}/{var6:[0-9]+}"). - Queries("baz", "ding"). - Methods("POST"). - Schemes("http"). - Headers("Content-Type", "application/json") - - reset := func() { - // Everything match. - scheme = "https" - host = "www.google.com" - path = "/product/42" - query = "?foo=bar" - method = "GET" - headers = map[string]string{"X-Requested-With": "XMLHttpRequest"} - resultVars = map[bool]map[string]string{ - true: {"var1": "www", "var2": "product", "var3": "42"}, - false: {}, - } - } - - reset2 := func() { - // Everything match. - scheme = "http" - host = "www.google.com" - path = "/foo/product/42/path/that/is/ignored" - query = "?baz=ding" - method = "POST" - headers = map[string]string{"Content-Type": "application/json"} - resultVars = map[bool]map[string]string{ - true: {"var4": "google", "var5": "product", "var6": "42"}, - false: {}, - } - } - - match := func(shouldMatch bool) { - url := scheme + "://" + host + path + query - request, _ := http.NewRequest(method, url, nil) - for key, value := range headers { - request.Header.Add(key, value) - } - - var routeMatch RouteMatch - matched := router.Match(request, &routeMatch) - if matched != shouldMatch { - // Need better messages. :) - if matched { - t.Errorf("Should match.") - } else { - t.Errorf("Should not match.") - } - } - - if matched { - currentRoute := routeMatch.Route - if currentRoute == nil { - t.Errorf("Expected a current route.") - } - vars := routeMatch.Vars - expectedVars := resultVars[shouldMatch] - if len(vars) != len(expectedVars) { - t.Errorf("Expected vars: %v Got: %v.", expectedVars, vars) - } - for name, value := range vars { - if expectedVars[name] != value { - t.Errorf("Expected vars: %v Got: %v.", expectedVars, vars) - } - } - } - } - - // 1st route -------------------------------------------------------------- - - // Everything match. - reset() - match(true) - - // Scheme doesn't match. - reset() - scheme = "http" - match(false) - - // Host doesn't match. - reset() - host = "www.mygoogle.com" - match(false) - - // Path doesn't match. - reset() - path = "/product/notdigits" - match(false) - - // Query doesn't match. - reset() - query = "?foo=baz" - match(false) - - // Method doesn't match. - reset() - method = "POST" - match(false) - - // Header doesn't match. - reset() - headers = map[string]string{} - match(false) - - // Everything match, again. - reset() - match(true) - - // 2nd route -------------------------------------------------------------- - - // Everything match. - reset2() - match(true) - - // Scheme doesn't match. - reset2() - scheme = "https" - match(false) - - // Host doesn't match. - reset2() - host = "sub.google.com" - match(false) - - // Path doesn't match. - reset2() - path = "/bar/product/42" - match(false) - - // Query doesn't match. - reset2() - query = "?foo=baz" - match(false) - - // Method doesn't match. - reset2() - method = "GET" - match(false) - - // Header doesn't match. - reset2() - headers = map[string]string{} - match(false) - - // Everything match, again. - reset2() - match(true) -} - -type headerMatcherTest struct { - matcher headerMatcher - headers map[string]string - result bool -} - -var headerMatcherTests = []headerMatcherTest{ - { - matcher: headerMatcher(map[string]string{"x-requested-with": "XMLHttpRequest"}), - headers: map[string]string{"X-Requested-With": "XMLHttpRequest"}, - result: true, - }, - { - matcher: headerMatcher(map[string]string{"x-requested-with": ""}), - headers: map[string]string{"X-Requested-With": "anything"}, - result: true, - }, - { - matcher: headerMatcher(map[string]string{"x-requested-with": "XMLHttpRequest"}), - headers: map[string]string{}, - result: false, - }, -} - -type hostMatcherTest struct { - matcher *Route - url string - vars map[string]string - result bool -} - -var hostMatcherTests = []hostMatcherTest{ - { - matcher: NewRouter().NewRoute().Host("{foo:[a-z][a-z][a-z]}.{bar:[a-z][a-z][a-z]}.{baz:[a-z][a-z][a-z]}"), - url: "http://abc.def.ghi/", - vars: map[string]string{"foo": "abc", "bar": "def", "baz": "ghi"}, - result: true, - }, - { - matcher: NewRouter().NewRoute().Host("{foo:[a-z][a-z][a-z]}.{bar:[a-z][a-z][a-z]}.{baz:[a-z][a-z][a-z]}"), - url: "http://a.b.c/", - vars: map[string]string{"foo": "abc", "bar": "def", "baz": "ghi"}, - result: false, - }, -} - -type methodMatcherTest struct { - matcher methodMatcher - method string - result bool -} - -var methodMatcherTests = []methodMatcherTest{ - { - matcher: methodMatcher([]string{"GET", "POST", "PUT"}), - method: "GET", - result: true, - }, - { - matcher: methodMatcher([]string{"GET", "POST", "PUT"}), - method: "POST", - result: true, - }, - { - matcher: methodMatcher([]string{"GET", "POST", "PUT"}), - method: "PUT", - result: true, - }, - { - matcher: methodMatcher([]string{"GET", "POST", "PUT"}), - method: "DELETE", - result: false, - }, -} - -type pathMatcherTest struct { - matcher *Route - url string - vars map[string]string - result bool -} - -var pathMatcherTests = []pathMatcherTest{ - { - matcher: NewRouter().NewRoute().Path("/{foo:[0-9][0-9][0-9]}/{bar:[0-9][0-9][0-9]}/{baz:[0-9][0-9][0-9]}"), - url: "http://localhost:8080/123/456/789", - vars: map[string]string{"foo": "123", "bar": "456", "baz": "789"}, - result: true, - }, - { - matcher: NewRouter().NewRoute().Path("/{foo:[0-9][0-9][0-9]}/{bar:[0-9][0-9][0-9]}/{baz:[0-9][0-9][0-9]}"), - url: "http://localhost:8080/1/2/3", - vars: map[string]string{"foo": "123", "bar": "456", "baz": "789"}, - result: false, - }, -} - -type schemeMatcherTest struct { - matcher schemeMatcher - url string - result bool -} - -var schemeMatcherTests = []schemeMatcherTest{ - { - matcher: schemeMatcher([]string{"http", "https"}), - url: "http://localhost:8080/", - result: true, - }, - { - matcher: schemeMatcher([]string{"http", "https"}), - url: "https://localhost:8080/", - result: true, - }, - { - matcher: schemeMatcher([]string{"https"}), - url: "http://localhost:8080/", - result: false, - }, - { - matcher: schemeMatcher([]string{"http"}), - url: "https://localhost:8080/", - result: false, - }, -} - -type urlBuildingTest struct { - route *Route - vars []string - url string -} - -var urlBuildingTests = []urlBuildingTest{ - { - route: new(Route).Host("foo.domain.com"), - vars: []string{}, - url: "http://foo.domain.com", - }, - { - route: new(Route).Host("{subdomain}.domain.com"), - vars: []string{"subdomain", "bar"}, - url: "http://bar.domain.com", - }, - { - route: new(Route).Host("foo.domain.com").Path("/articles"), - vars: []string{}, - url: "http://foo.domain.com/articles", - }, - { - route: new(Route).Path("/articles"), - vars: []string{}, - url: "/articles", - }, - { - route: new(Route).Path("/articles/{category}/{id:[0-9]+}"), - vars: []string{"category", "technology", "id", "42"}, - url: "/articles/technology/42", - }, - { - route: new(Route).Host("{subdomain}.domain.com").Path("/articles/{category}/{id:[0-9]+}"), - vars: []string{"subdomain", "foo", "category", "technology", "id", "42"}, - url: "http://foo.domain.com/articles/technology/42", - }, -} - -func TestHeaderMatcher(t *testing.T) { - for _, v := range headerMatcherTests { - request, _ := http.NewRequest("GET", "http://localhost:8080/", nil) - for key, value := range v.headers { - request.Header.Add(key, value) - } - var routeMatch RouteMatch - result := v.matcher.Match(request, &routeMatch) - if result != v.result { - if v.result { - t.Errorf("%#v: should match %v.", v.matcher, request.Header) - } else { - t.Errorf("%#v: should not match %v.", v.matcher, request.Header) - } - } - } -} - -func TestHostMatcher(t *testing.T) { - for _, v := range hostMatcherTests { - request, _ := http.NewRequest("GET", v.url, nil) - var routeMatch RouteMatch - result := v.matcher.Match(request, &routeMatch) - vars := routeMatch.Vars - if result != v.result { - if v.result { - t.Errorf("%#v: should match %v.", v.matcher, v.url) - } else { - t.Errorf("%#v: should not match %v.", v.matcher, v.url) - } - } - if result { - if len(vars) != len(v.vars) { - t.Errorf("%#v: vars length should be %v, got %v.", v.matcher, len(v.vars), len(vars)) - } - for name, value := range vars { - if v.vars[name] != value { - t.Errorf("%#v: expected value %v for key %v, got %v.", v.matcher, v.vars[name], name, value) - } - } - } else { - if len(vars) != 0 { - t.Errorf("%#v: vars length should be 0, got %v.", v.matcher, len(vars)) - } - } - } -} - -func TestMethodMatcher(t *testing.T) { - for _, v := range methodMatcherTests { - request, _ := http.NewRequest(v.method, "http://localhost:8080/", nil) - var routeMatch RouteMatch - result := v.matcher.Match(request, &routeMatch) - if result != v.result { - if v.result { - t.Errorf("%#v: should match %v.", v.matcher, v.method) - } else { - t.Errorf("%#v: should not match %v.", v.matcher, v.method) - } - } - } -} - -func TestPathMatcher(t *testing.T) { - for _, v := range pathMatcherTests { - request, _ := http.NewRequest("GET", v.url, nil) - var routeMatch RouteMatch - result := v.matcher.Match(request, &routeMatch) - vars := routeMatch.Vars - if result != v.result { - if v.result { - t.Errorf("%#v: should match %v.", v.matcher, v.url) - } else { - t.Errorf("%#v: should not match %v.", v.matcher, v.url) - } - } - if result { - if len(vars) != len(v.vars) { - t.Errorf("%#v: vars length should be %v, got %v.", v.matcher, len(v.vars), len(vars)) - } - for name, value := range vars { - if v.vars[name] != value { - t.Errorf("%#v: expected value %v for key %v, got %v.", v.matcher, v.vars[name], name, value) - } - } - } else { - if len(vars) != 0 { - t.Errorf("%#v: vars length should be 0, got %v.", v.matcher, len(vars)) - } - } - } -} - -func TestSchemeMatcher(t *testing.T) { - for _, v := range schemeMatcherTests { - request, _ := http.NewRequest("GET", v.url, nil) - var routeMatch RouteMatch - result := v.matcher.Match(request, &routeMatch) - if result != v.result { - if v.result { - t.Errorf("%#v: should match %v.", v.matcher, v.url) - } else { - t.Errorf("%#v: should not match %v.", v.matcher, v.url) - } - } - } -} - -func TestUrlBuilding(t *testing.T) { - - for _, v := range urlBuildingTests { - u, _ := v.route.URL(v.vars...) - url := u.String() - if url != v.url { - t.Errorf("expected %v, got %v", v.url, url) - /* - reversePath := "" - reverseHost := "" - if v.route.pathTemplate != nil { - reversePath = v.route.pathTemplate.Reverse - } - if v.route.hostTemplate != nil { - reverseHost = v.route.hostTemplate.Reverse - } - - t.Errorf("%#v:\nexpected: %q\ngot: %q\nreverse path: %q\nreverse host: %q", v.route, v.url, url, reversePath, reverseHost) - */ - } - } - - ArticleHandler := func(w http.ResponseWriter, r *http.Request) { - } - - router := NewRouter() - router.HandleFunc("/articles/{category}/{id:[0-9]+}", ArticleHandler).Name("article") - - url, _ := router.Get("article").URL("category", "technology", "id", "42") - expected := "/articles/technology/42" - if url.String() != expected { - t.Errorf("Expected %v, got %v", expected, url.String()) - } -} - -func TestMatchedRouteName(t *testing.T) { - routeName := "stock" - router := NewRouter() - route := router.NewRoute().Path("/products/").Name(routeName) - - url := "http://www.domain.com/products/" - request, _ := http.NewRequest("GET", url, nil) - var rv RouteMatch - ok := router.Match(request, &rv) - - if !ok || rv.Route != route { - t.Errorf("Expected same route, got %+v.", rv.Route) - } - - retName := rv.Route.GetName() - if retName != routeName { - t.Errorf("Expected %q, got %q.", routeName, retName) - } -} - -func TestSubRouting(t *testing.T) { - // Example from docs. - router := NewRouter() - subrouter := router.NewRoute().Host("www.domain.com").Subrouter() - route := subrouter.NewRoute().Path("/products/").Name("products") - - url := "http://www.domain.com/products/" - request, _ := http.NewRequest("GET", url, nil) - var rv RouteMatch - ok := router.Match(request, &rv) - - if !ok || rv.Route != route { - t.Errorf("Expected same route, got %+v.", rv.Route) - } - - u, _ := router.Get("products").URL() - builtUrl := u.String() - // Yay, subroute aware of the domain when building! - if builtUrl != url { - t.Errorf("Expected %q, got %q.", url, builtUrl) - } -} - -func TestVariableNames(t *testing.T) { - route := new(Route).Host("{arg1}.domain.com").Path("/{arg1}/{arg2:[0-9]+}") - if route.err == nil { - t.Errorf("Expected error for duplicated variable names") - } -} - -func TestRedirectSlash(t *testing.T) { - var route *Route - var routeMatch RouteMatch - r := NewRouter() - - r.StrictSlash(false) - route = r.NewRoute() - if route.strictSlash != false { - t.Errorf("Expected false redirectSlash.") - } - - r.StrictSlash(true) - route = r.NewRoute() - if route.strictSlash != true { - t.Errorf("Expected true redirectSlash.") - } - - route = new(Route) - route.strictSlash = true - route.Path("/{arg1}/{arg2:[0-9]+}/") - request, _ := http.NewRequest("GET", "http://localhost/foo/123", nil) - routeMatch = RouteMatch{} - _ = route.Match(request, &routeMatch) - vars := routeMatch.Vars - if vars["arg1"] != "foo" { - t.Errorf("Expected foo.") - } - if vars["arg2"] != "123" { - t.Errorf("Expected 123.") - } - rsp := NewRecorder() - routeMatch.Handler.ServeHTTP(rsp, request) - if rsp.HeaderMap.Get("Location") != "http://localhost/foo/123/" { - t.Errorf("Expected redirect header.") - } - - route = new(Route) - route.strictSlash = true - route.Path("/{arg1}/{arg2:[0-9]+}") - request, _ = http.NewRequest("GET", "http://localhost/foo/123/", nil) - routeMatch = RouteMatch{} - _ = route.Match(request, &routeMatch) - vars = routeMatch.Vars - if vars["arg1"] != "foo" { - t.Errorf("Expected foo.") - } - if vars["arg2"] != "123" { - t.Errorf("Expected 123.") - } - rsp = NewRecorder() - routeMatch.Handler.ServeHTTP(rsp, request) - if rsp.HeaderMap.Get("Location") != "http://localhost/foo/123" { - t.Errorf("Expected redirect header.") - } -} - -// Test for the new regexp library, still not available in stable Go. -func TestNewRegexp(t *testing.T) { - var p *routeRegexp - var matches []string - - tests := map[string]map[string][]string{ - "/{foo:a{2}}": { - "/a": nil, - "/aa": {"aa"}, - "/aaa": nil, - "/aaaa": nil, - }, - "/{foo:a{2,}}": { - "/a": nil, - "/aa": {"aa"}, - "/aaa": {"aaa"}, - "/aaaa": {"aaaa"}, - }, - "/{foo:a{2,3}}": { - "/a": nil, - "/aa": {"aa"}, - "/aaa": {"aaa"}, - "/aaaa": nil, - }, - "/{foo:[a-z]{3}}/{bar:[a-z]{2}}": { - "/a": nil, - "/ab": nil, - "/abc": nil, - "/abcd": nil, - "/abc/ab": {"abc", "ab"}, - "/abc/abc": nil, - "/abcd/ab": nil, - }, - `/{foo:\w{3,}}/{bar:\d{2,}}`: { - "/a": nil, - "/ab": nil, - "/abc": nil, - "/abc/1": nil, - "/abc/12": {"abc", "12"}, - "/abcd/12": {"abcd", "12"}, - "/abcd/123": {"abcd", "123"}, - }, - } - - for pattern, paths := range tests { - p, _ = newRouteRegexp(pattern, false, false, false, false) - for path, result := range paths { - matches = p.regexp.FindStringSubmatch(path) - if result == nil { - if matches != nil { - t.Errorf("%v should not match %v.", pattern, path) - } - } else { - if len(matches) != len(result)+1 { - t.Errorf("Expected %v matches, got %v.", len(result)+1, len(matches)) - } else { - for k, v := range result { - if matches[k+1] != v { - t.Errorf("Expected %v, got %v.", v, matches[k+1]) - } - } - } - } - } - } -} diff --git a/vendor/github.com/gorilla/mux/regexp.go b/vendor/github.com/gorilla/mux/regexp.go deleted file mode 100644 index a6305483..00000000 --- a/vendor/github.com/gorilla/mux/regexp.go +++ /dev/null @@ -1,276 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package mux - -import ( - "bytes" - "fmt" - "net/http" - "net/url" - "regexp" - "strings" -) - -// newRouteRegexp parses a route template and returns a routeRegexp, -// used to match a host, a path or a query string. -// -// It will extract named variables, assemble a regexp to be matched, create -// a "reverse" template to build URLs and compile regexps to validate variable -// values used in URL building. -// -// Previously we accepted only Python-like identifiers for variable -// names ([a-zA-Z_][a-zA-Z0-9_]*), but currently the only restriction is that -// name and pattern can't be empty, and names can't contain a colon. -func newRouteRegexp(tpl string, matchHost, matchPrefix, matchQuery, strictSlash bool) (*routeRegexp, error) { - // Check if it is well-formed. - idxs, errBraces := braceIndices(tpl) - if errBraces != nil { - return nil, errBraces - } - // Backup the original. - template := tpl - // Now let's parse it. - defaultPattern := "[^/]+" - if matchQuery { - defaultPattern = "[^?&]+" - matchPrefix = true - } else if matchHost { - defaultPattern = "[^.]+" - matchPrefix = false - } - // Only match strict slash if not matching - if matchPrefix || matchHost || matchQuery { - strictSlash = false - } - // Set a flag for strictSlash. - endSlash := false - if strictSlash && strings.HasSuffix(tpl, "/") { - tpl = tpl[:len(tpl)-1] - endSlash = true - } - varsN := make([]string, len(idxs)/2) - varsR := make([]*regexp.Regexp, len(idxs)/2) - pattern := bytes.NewBufferString("") - if !matchQuery { - pattern.WriteByte('^') - } - reverse := bytes.NewBufferString("") - var end int - var err error - for i := 0; i < len(idxs); i += 2 { - // Set all values we are interested in. - raw := tpl[end:idxs[i]] - end = idxs[i+1] - parts := strings.SplitN(tpl[idxs[i]+1:end-1], ":", 2) - name := parts[0] - patt := defaultPattern - if len(parts) == 2 { - patt = parts[1] - } - // Name or pattern can't be empty. - if name == "" || patt == "" { - return nil, fmt.Errorf("mux: missing name or pattern in %q", - tpl[idxs[i]:end]) - } - // Build the regexp pattern. - fmt.Fprintf(pattern, "%s(%s)", regexp.QuoteMeta(raw), patt) - // Build the reverse template. - fmt.Fprintf(reverse, "%s%%s", raw) - // Append variable name and compiled pattern. - varsN[i/2] = name - varsR[i/2], err = regexp.Compile(fmt.Sprintf("^%s$", patt)) - if err != nil { - return nil, err - } - } - // Add the remaining. - raw := tpl[end:] - pattern.WriteString(regexp.QuoteMeta(raw)) - if strictSlash { - pattern.WriteString("[/]?") - } - if !matchPrefix { - pattern.WriteByte('$') - } - reverse.WriteString(raw) - if endSlash { - reverse.WriteByte('/') - } - // Compile full regexp. - reg, errCompile := regexp.Compile(pattern.String()) - if errCompile != nil { - return nil, errCompile - } - // Done! - return &routeRegexp{ - template: template, - matchHost: matchHost, - matchQuery: matchQuery, - strictSlash: strictSlash, - regexp: reg, - reverse: reverse.String(), - varsN: varsN, - varsR: varsR, - }, nil -} - -// routeRegexp stores a regexp to match a host or path and information to -// collect and validate route variables. -type routeRegexp struct { - // The unmodified template. - template string - // True for host match, false for path or query string match. - matchHost bool - // True for query string match, false for path and host match. - matchQuery bool - // The strictSlash value defined on the route, but disabled if PathPrefix was used. - strictSlash bool - // Expanded regexp. - regexp *regexp.Regexp - // Reverse template. - reverse string - // Variable names. - varsN []string - // Variable regexps (validators). - varsR []*regexp.Regexp -} - -// Match matches the regexp against the URL host or path. -func (r *routeRegexp) Match(req *http.Request, match *RouteMatch) bool { - if !r.matchHost { - if r.matchQuery { - return r.regexp.MatchString(req.URL.RawQuery) - } else { - return r.regexp.MatchString(req.URL.Path) - } - } - return r.regexp.MatchString(getHost(req)) -} - -// url builds a URL part using the given values. -func (r *routeRegexp) url(pairs ...string) (string, error) { - values, err := mapFromPairs(pairs...) - if err != nil { - return "", err - } - urlValues := make([]interface{}, len(r.varsN)) - for k, v := range r.varsN { - value, ok := values[v] - if !ok { - return "", fmt.Errorf("mux: missing route variable %q", v) - } - urlValues[k] = value - } - rv := fmt.Sprintf(r.reverse, urlValues...) - if !r.regexp.MatchString(rv) { - // The URL is checked against the full regexp, instead of checking - // individual variables. This is faster but to provide a good error - // message, we check individual regexps if the URL doesn't match. - for k, v := range r.varsN { - if !r.varsR[k].MatchString(values[v]) { - return "", fmt.Errorf( - "mux: variable %q doesn't match, expected %q", values[v], - r.varsR[k].String()) - } - } - } - return rv, nil -} - -// braceIndices returns the first level curly brace indices from a string. -// It returns an error in case of unbalanced braces. -func braceIndices(s string) ([]int, error) { - var level, idx int - idxs := make([]int, 0) - for i := 0; i < len(s); i++ { - switch s[i] { - case '{': - if level++; level == 1 { - idx = i - } - case '}': - if level--; level == 0 { - idxs = append(idxs, idx, i+1) - } else if level < 0 { - return nil, fmt.Errorf("mux: unbalanced braces in %q", s) - } - } - } - if level != 0 { - return nil, fmt.Errorf("mux: unbalanced braces in %q", s) - } - return idxs, nil -} - -// ---------------------------------------------------------------------------- -// routeRegexpGroup -// ---------------------------------------------------------------------------- - -// routeRegexpGroup groups the route matchers that carry variables. -type routeRegexpGroup struct { - host *routeRegexp - path *routeRegexp - queries []*routeRegexp -} - -// setMatch extracts the variables from the URL once a route matches. -func (v *routeRegexpGroup) setMatch(req *http.Request, m *RouteMatch, r *Route) { - // Store host variables. - if v.host != nil { - hostVars := v.host.regexp.FindStringSubmatch(getHost(req)) - if hostVars != nil { - for k, v := range v.host.varsN { - m.Vars[v] = hostVars[k+1] - } - } - } - // Store path variables. - if v.path != nil { - pathVars := v.path.regexp.FindStringSubmatch(req.URL.Path) - if pathVars != nil { - for k, v := range v.path.varsN { - m.Vars[v] = pathVars[k+1] - } - // Check if we should redirect. - if v.path.strictSlash { - p1 := strings.HasSuffix(req.URL.Path, "/") - p2 := strings.HasSuffix(v.path.template, "/") - if p1 != p2 { - u, _ := url.Parse(req.URL.String()) - if p1 { - u.Path = u.Path[:len(u.Path)-1] - } else { - u.Path += "/" - } - m.Handler = http.RedirectHandler(u.String(), 301) - } - } - } - } - // Store query string variables. - rawQuery := req.URL.RawQuery - for _, q := range v.queries { - queryVars := q.regexp.FindStringSubmatch(rawQuery) - if queryVars != nil { - for k, v := range q.varsN { - m.Vars[v] = queryVars[k+1] - } - } - } -} - -// getHost tries its best to return the request host. -func getHost(r *http.Request) string { - if r.URL.IsAbs() { - return r.URL.Host - } - host := r.Host - // Slice off any port information. - if i := strings.Index(host, ":"); i != -1 { - host = host[:i] - } - return host - -} diff --git a/vendor/github.com/gorilla/mux/route.go b/vendor/github.com/gorilla/mux/route.go deleted file mode 100644 index c310e66b..00000000 --- a/vendor/github.com/gorilla/mux/route.go +++ /dev/null @@ -1,524 +0,0 @@ -// Copyright 2012 The Gorilla Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package mux - -import ( - "errors" - "fmt" - "net/http" - "net/url" - "strings" -) - -// Route stores information to match a request and build URLs. -type Route struct { - // Parent where the route was registered (a Router). - parent parentRoute - // Request handler for the route. - handler http.Handler - // List of matchers. - matchers []matcher - // Manager for the variables from host and path. - regexp *routeRegexpGroup - // If true, when the path pattern is "/path/", accessing "/path" will - // redirect to the former and vice versa. - strictSlash bool - // If true, this route never matches: it is only used to build URLs. - buildOnly bool - // The name used to build URLs. - name string - // Error resulted from building a route. - err error -} - -// Match matches the route against the request. -func (r *Route) Match(req *http.Request, match *RouteMatch) bool { - if r.buildOnly || r.err != nil { - return false - } - // Match everything. - for _, m := range r.matchers { - if matched := m.Match(req, match); !matched { - return false - } - } - // Yay, we have a match. Let's collect some info about it. - if match.Route == nil { - match.Route = r - } - if match.Handler == nil { - match.Handler = r.handler - } - if match.Vars == nil { - match.Vars = make(map[string]string) - } - // Set variables. - if r.regexp != nil { - r.regexp.setMatch(req, match, r) - } - return true -} - -// ---------------------------------------------------------------------------- -// Route attributes -// ---------------------------------------------------------------------------- - -// GetError returns an error resulted from building the route, if any. -func (r *Route) GetError() error { - return r.err -} - -// BuildOnly sets the route to never match: it is only used to build URLs. -func (r *Route) BuildOnly() *Route { - r.buildOnly = true - return r -} - -// Handler -------------------------------------------------------------------- - -// Handler sets a handler for the route. -func (r *Route) Handler(handler http.Handler) *Route { - if r.err == nil { - r.handler = handler - } - return r -} - -// HandlerFunc sets a handler function for the route. -func (r *Route) HandlerFunc(f func(http.ResponseWriter, *http.Request)) *Route { - return r.Handler(http.HandlerFunc(f)) -} - -// GetHandler returns the handler for the route, if any. -func (r *Route) GetHandler() http.Handler { - return r.handler -} - -// Name ----------------------------------------------------------------------- - -// Name sets the name for the route, used to build URLs. -// If the name was registered already it will be overwritten. -func (r *Route) Name(name string) *Route { - if r.name != "" { - r.err = fmt.Errorf("mux: route already has name %q, can't set %q", - r.name, name) - } - if r.err == nil { - r.name = name - r.getNamedRoutes()[name] = r - } - return r -} - -// GetName returns the name for the route, if any. -func (r *Route) GetName() string { - return r.name -} - -// ---------------------------------------------------------------------------- -// Matchers -// ---------------------------------------------------------------------------- - -// matcher types try to match a request. -type matcher interface { - Match(*http.Request, *RouteMatch) bool -} - -// addMatcher adds a matcher to the route. -func (r *Route) addMatcher(m matcher) *Route { - if r.err == nil { - r.matchers = append(r.matchers, m) - } - return r -} - -// addRegexpMatcher adds a host or path matcher and builder to a route. -func (r *Route) addRegexpMatcher(tpl string, matchHost, matchPrefix, matchQuery bool) error { - if r.err != nil { - return r.err - } - r.regexp = r.getRegexpGroup() - if !matchHost && !matchQuery { - if len(tpl) == 0 || tpl[0] != '/' { - return fmt.Errorf("mux: path must start with a slash, got %q", tpl) - } - if r.regexp.path != nil { - tpl = strings.TrimRight(r.regexp.path.template, "/") + tpl - } - } - rr, err := newRouteRegexp(tpl, matchHost, matchPrefix, matchQuery, r.strictSlash) - if err != nil { - return err - } - for _, q := range r.regexp.queries { - if err = uniqueVars(rr.varsN, q.varsN); err != nil { - return err - } - } - if matchHost { - if r.regexp.path != nil { - if err = uniqueVars(rr.varsN, r.regexp.path.varsN); err != nil { - return err - } - } - r.regexp.host = rr - } else { - if r.regexp.host != nil { - if err = uniqueVars(rr.varsN, r.regexp.host.varsN); err != nil { - return err - } - } - if matchQuery { - r.regexp.queries = append(r.regexp.queries, rr) - } else { - r.regexp.path = rr - } - } - r.addMatcher(rr) - return nil -} - -// Headers -------------------------------------------------------------------- - -// headerMatcher matches the request against header values. -type headerMatcher map[string]string - -func (m headerMatcher) Match(r *http.Request, match *RouteMatch) bool { - return matchMap(m, r.Header, true) -} - -// Headers adds a matcher for request header values. -// It accepts a sequence of key/value pairs to be matched. For example: -// -// r := mux.NewRouter() -// r.Headers("Content-Type", "application/json", -// "X-Requested-With", "XMLHttpRequest") -// -// The above route will only match if both request header values match. -// -// It the value is an empty string, it will match any value if the key is set. -func (r *Route) Headers(pairs ...string) *Route { - if r.err == nil { - var headers map[string]string - headers, r.err = mapFromPairs(pairs...) - return r.addMatcher(headerMatcher(headers)) - } - return r -} - -// Host ----------------------------------------------------------------------- - -// Host adds a matcher for the URL host. -// It accepts a template with zero or more URL variables enclosed by {}. -// Variables can define an optional regexp pattern to me matched: -// -// - {name} matches anything until the next dot. -// -// - {name:pattern} matches the given regexp pattern. -// -// For example: -// -// r := mux.NewRouter() -// r.Host("www.domain.com") -// r.Host("{subdomain}.domain.com") -// r.Host("{subdomain:[a-z]+}.domain.com") -// -// Variable names must be unique in a given route. They can be retrieved -// calling mux.Vars(request). -func (r *Route) Host(tpl string) *Route { - r.err = r.addRegexpMatcher(tpl, true, false, false) - return r -} - -// MatcherFunc ---------------------------------------------------------------- - -// MatcherFunc is the function signature used by custom matchers. -type MatcherFunc func(*http.Request, *RouteMatch) bool - -func (m MatcherFunc) Match(r *http.Request, match *RouteMatch) bool { - return m(r, match) -} - -// MatcherFunc adds a custom function to be used as request matcher. -func (r *Route) MatcherFunc(f MatcherFunc) *Route { - return r.addMatcher(f) -} - -// Methods -------------------------------------------------------------------- - -// methodMatcher matches the request against HTTP methods. -type methodMatcher []string - -func (m methodMatcher) Match(r *http.Request, match *RouteMatch) bool { - return matchInArray(m, r.Method) -} - -// Methods adds a matcher for HTTP methods. -// It accepts a sequence of one or more methods to be matched, e.g.: -// "GET", "POST", "PUT". -func (r *Route) Methods(methods ...string) *Route { - for k, v := range methods { - methods[k] = strings.ToUpper(v) - } - return r.addMatcher(methodMatcher(methods)) -} - -// Path ----------------------------------------------------------------------- - -// Path adds a matcher for the URL path. -// It accepts a template with zero or more URL variables enclosed by {}. The -// template must start with a "/". -// Variables can define an optional regexp pattern to me matched: -// -// - {name} matches anything until the next slash. -// -// - {name:pattern} matches the given regexp pattern. -// -// For example: -// -// r := mux.NewRouter() -// r.Path("/products/").Handler(ProductsHandler) -// r.Path("/products/{key}").Handler(ProductsHandler) -// r.Path("/articles/{category}/{id:[0-9]+}"). -// Handler(ArticleHandler) -// -// Variable names must be unique in a given route. They can be retrieved -// calling mux.Vars(request). -func (r *Route) Path(tpl string) *Route { - r.err = r.addRegexpMatcher(tpl, false, false, false) - return r -} - -// PathPrefix ----------------------------------------------------------------- - -// PathPrefix adds a matcher for the URL path prefix. This matches if the given -// template is a prefix of the full URL path. See Route.Path() for details on -// the tpl argument. -// -// Note that it does not treat slashes specially ("/foobar/" will be matched by -// the prefix "/foo") so you may want to use a trailing slash here. -// -// Also note that the setting of Router.StrictSlash() has no effect on routes -// with a PathPrefix matcher. -func (r *Route) PathPrefix(tpl string) *Route { - r.err = r.addRegexpMatcher(tpl, false, true, false) - return r -} - -// Query ---------------------------------------------------------------------- - -// Queries adds a matcher for URL query values. -// It accepts a sequence of key/value pairs. Values may define variables. -// For example: -// -// r := mux.NewRouter() -// r.Queries("foo", "bar", "id", "{id:[0-9]+}") -// -// The above route will only match if the URL contains the defined queries -// values, e.g.: ?foo=bar&id=42. -// -// It the value is an empty string, it will match any value if the key is set. -// -// Variables can define an optional regexp pattern to me matched: -// -// - {name} matches anything until the next slash. -// -// - {name:pattern} matches the given regexp pattern. -func (r *Route) Queries(pairs ...string) *Route { - length := len(pairs) - if length%2 != 0 { - r.err = fmt.Errorf( - "mux: number of parameters must be multiple of 2, got %v", pairs) - return nil - } - for i := 0; i < length; i += 2 { - if r.err = r.addRegexpMatcher(pairs[i]+"="+pairs[i+1], false, true, true); r.err != nil { - return r - } - } - - return r -} - -// Schemes -------------------------------------------------------------------- - -// schemeMatcher matches the request against URL schemes. -type schemeMatcher []string - -func (m schemeMatcher) Match(r *http.Request, match *RouteMatch) bool { - return matchInArray(m, r.URL.Scheme) -} - -// Schemes adds a matcher for URL schemes. -// It accepts a sequence of schemes to be matched, e.g.: "http", "https". -func (r *Route) Schemes(schemes ...string) *Route { - for k, v := range schemes { - schemes[k] = strings.ToLower(v) - } - return r.addMatcher(schemeMatcher(schemes)) -} - -// Subrouter ------------------------------------------------------------------ - -// Subrouter creates a subrouter for the route. -// -// It will test the inner routes only if the parent route matched. For example: -// -// r := mux.NewRouter() -// s := r.Host("www.domain.com").Subrouter() -// s.HandleFunc("/products/", ProductsHandler) -// s.HandleFunc("/products/{key}", ProductHandler) -// s.HandleFunc("/articles/{category}/{id:[0-9]+}"), ArticleHandler) -// -// Here, the routes registered in the subrouter won't be tested if the host -// doesn't match. -func (r *Route) Subrouter() *Router { - router := &Router{parent: r, strictSlash: r.strictSlash} - r.addMatcher(router) - return router -} - -// ---------------------------------------------------------------------------- -// URL building -// ---------------------------------------------------------------------------- - -// URL builds a URL for the route. -// -// It accepts a sequence of key/value pairs for the route variables. For -// example, given this route: -// -// r := mux.NewRouter() -// r.HandleFunc("/articles/{category}/{id:[0-9]+}", ArticleHandler). -// Name("article") -// -// ...a URL for it can be built using: -// -// url, err := r.Get("article").URL("category", "technology", "id", "42") -// -// ...which will return an url.URL with the following path: -// -// "/articles/technology/42" -// -// This also works for host variables: -// -// r := mux.NewRouter() -// r.Host("{subdomain}.domain.com"). -// HandleFunc("/articles/{category}/{id:[0-9]+}", ArticleHandler). -// Name("article") -// -// // url.String() will be "http://news.domain.com/articles/technology/42" -// url, err := r.Get("article").URL("subdomain", "news", -// "category", "technology", -// "id", "42") -// -// All variables defined in the route are required, and their values must -// conform to the corresponding patterns. -func (r *Route) URL(pairs ...string) (*url.URL, error) { - if r.err != nil { - return nil, r.err - } - if r.regexp == nil { - return nil, errors.New("mux: route doesn't have a host or path") - } - var scheme, host, path string - var err error - if r.regexp.host != nil { - // Set a default scheme. - scheme = "http" - if host, err = r.regexp.host.url(pairs...); err != nil { - return nil, err - } - } - if r.regexp.path != nil { - if path, err = r.regexp.path.url(pairs...); err != nil { - return nil, err - } - } - return &url.URL{ - Scheme: scheme, - Host: host, - Path: path, - }, nil -} - -// URLHost builds the host part of the URL for a route. See Route.URL(). -// -// The route must have a host defined. -func (r *Route) URLHost(pairs ...string) (*url.URL, error) { - if r.err != nil { - return nil, r.err - } - if r.regexp == nil || r.regexp.host == nil { - return nil, errors.New("mux: route doesn't have a host") - } - host, err := r.regexp.host.url(pairs...) - if err != nil { - return nil, err - } - return &url.URL{ - Scheme: "http", - Host: host, - }, nil -} - -// URLPath builds the path part of the URL for a route. See Route.URL(). -// -// The route must have a path defined. -func (r *Route) URLPath(pairs ...string) (*url.URL, error) { - if r.err != nil { - return nil, r.err - } - if r.regexp == nil || r.regexp.path == nil { - return nil, errors.New("mux: route doesn't have a path") - } - path, err := r.regexp.path.url(pairs...) - if err != nil { - return nil, err - } - return &url.URL{ - Path: path, - }, nil -} - -// ---------------------------------------------------------------------------- -// parentRoute -// ---------------------------------------------------------------------------- - -// parentRoute allows routes to know about parent host and path definitions. -type parentRoute interface { - getNamedRoutes() map[string]*Route - getRegexpGroup() *routeRegexpGroup -} - -// getNamedRoutes returns the map where named routes are registered. -func (r *Route) getNamedRoutes() map[string]*Route { - if r.parent == nil { - // During tests router is not always set. - r.parent = NewRouter() - } - return r.parent.getNamedRoutes() -} - -// getRegexpGroup returns regexp definitions from this route. -func (r *Route) getRegexpGroup() *routeRegexpGroup { - if r.regexp == nil { - if r.parent == nil { - // During tests router is not always set. - r.parent = NewRouter() - } - regexp := r.parent.getRegexpGroup() - if regexp == nil { - r.regexp = new(routeRegexpGroup) - } else { - // Copy. - r.regexp = &routeRegexpGroup{ - host: regexp.host, - path: regexp.path, - queries: regexp.queries, - } - } - } - return r.regexp -} diff --git a/vendor/github.com/opencontainers/go-digest/.mailmap b/vendor/github.com/opencontainers/go-digest/.mailmap deleted file mode 100644 index ba611cb2..00000000 --- a/vendor/github.com/opencontainers/go-digest/.mailmap +++ /dev/null @@ -1 +0,0 @@ -Stephen J Day diff --git a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml b/vendor/github.com/opencontainers/go-digest/.pullapprove.yml deleted file mode 100644 index 45fa4b9e..00000000 --- a/vendor/github.com/opencontainers/go-digest/.pullapprove.yml +++ /dev/null @@ -1,12 +0,0 @@ -approve_by_comment: true -approve_regex: '^(Approved|lgtm|LGTM|:shipit:|:star:|:\+1:|:ship:)' -reject_regex: ^Rejected -reset_on_push: true -author_approval: ignored -signed_off_by: - required: true -reviewers: - teams: - - go-digest-maintainers - name: default - required: 2 diff --git a/vendor/github.com/opencontainers/go-digest/.travis.yml b/vendor/github.com/opencontainers/go-digest/.travis.yml deleted file mode 100644 index 7ea4ed1d..00000000 --- a/vendor/github.com/opencontainers/go-digest/.travis.yml +++ /dev/null @@ -1,4 +0,0 @@ -language: go -go: - - 1.7 - - master diff --git a/vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md b/vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md deleted file mode 100644 index e4d962ac..00000000 --- a/vendor/github.com/opencontainers/go-digest/CONTRIBUTING.md +++ /dev/null @@ -1,72 +0,0 @@ -# Contributing to Docker open source projects - -Want to hack on this project? Awesome! Here are instructions to get you started. - -This project is a part of the [Docker](https://www.docker.com) project, and follows -the same rules and principles. If you're already familiar with the way -Docker does things, you'll feel right at home. - -Otherwise, go read Docker's -[contributions guidelines](https://github.com/docker/docker/blob/master/CONTRIBUTING.md), -[issue triaging](https://github.com/docker/docker/blob/master/project/ISSUE-TRIAGE.md), -[review process](https://github.com/docker/docker/blob/master/project/REVIEWING.md) and -[branches and tags](https://github.com/docker/docker/blob/master/project/BRANCHES-AND-TAGS.md). - -For an in-depth description of our contribution process, visit the -contributors guide: [Understand how to contribute](https://docs.docker.com/opensource/workflow/make-a-contribution/) - -### Sign your work - -The sign-off is a simple line at the end of the explanation for the patch. Your -signature certifies that you wrote the patch or otherwise have the right to pass -it on as an open-source patch. The rules are pretty simple: if you can certify -the below (from [developercertificate.org](http://developercertificate.org/)): - -``` -Developer Certificate of Origin -Version 1.1 - -Copyright (C) 2004, 2006 The Linux Foundation and its contributors. -1 Letterman Drive -Suite D4700 -San Francisco, CA, 94129 - -Everyone is permitted to copy and distribute verbatim copies of this -license document, but changing it is not allowed. - - -Developer's Certificate of Origin 1.1 - -By making a contribution to this project, I certify that: - -(a) The contribution was created in whole or in part by me and I - have the right to submit it under the open source license - indicated in the file; or - -(b) The contribution is based upon previous work that, to the best - of my knowledge, is covered under an appropriate open source - license and I have the right under that license to submit that - work with modifications, whether created in whole or in part - by me, under the same open source license (unless I am - permitted to submit under a different license), as indicated - in the file; or - -(c) The contribution was provided directly to me by some other - person who certified (a), (b) or (c) and I have not modified - it. - -(d) I understand and agree that this project and the contribution - are public and that a record of the contribution (including all - personal information I submit with it, including my sign-off) is - maintained indefinitely and may be redistributed consistent with - this project or the open source license(s) involved. -``` - -Then you just add a line to every git commit message: - - Signed-off-by: Joe Smith - -Use your real name (sorry, no pseudonyms or anonymous contributions.) - -If you set your `user.name` and `user.email` git configs, you can sign your -commit automatically with `git commit -s`. diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE.code b/vendor/github.com/opencontainers/go-digest/LICENSE.code deleted file mode 100644 index 0ea3ff81..00000000 --- a/vendor/github.com/opencontainers/go-digest/LICENSE.code +++ /dev/null @@ -1,191 +0,0 @@ - - Apache License - Version 2.0, January 2004 - https://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - Copyright 2016 Docker, Inc. - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - https://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/vendor/github.com/opencontainers/go-digest/LICENSE.docs b/vendor/github.com/opencontainers/go-digest/LICENSE.docs deleted file mode 100644 index e26cd4fc..00000000 --- a/vendor/github.com/opencontainers/go-digest/LICENSE.docs +++ /dev/null @@ -1,425 +0,0 @@ -Attribution-ShareAlike 4.0 International - -======================================================================= - -Creative Commons Corporation ("Creative Commons") is not a law firm and -does not provide legal services or legal advice. Distribution of -Creative Commons public licenses does not create a lawyer-client or -other relationship. Creative Commons makes its licenses and related -information available on an "as-is" basis. Creative Commons gives no -warranties regarding its licenses, any material licensed under their -terms and conditions, or any related information. Creative Commons -disclaims all liability for damages resulting from their use to the -fullest extent possible. - -Using Creative Commons Public Licenses - -Creative Commons public licenses provide a standard set of terms and -conditions that creators and other rights holders may use to share -original works of authorship and other material subject to copyright -and certain other rights specified in the public license below. The -following considerations are for informational purposes only, are not -exhaustive, and do not form part of our licenses. - - Considerations for licensors: Our public licenses are - intended for use by those authorized to give the public - permission to use material in ways otherwise restricted by - copyright and certain other rights. Our licenses are - irrevocable. Licensors should read and understand the terms - and conditions of the license they choose before applying it. - Licensors should also secure all rights necessary before - applying our licenses so that the public can reuse the - material as expected. Licensors should clearly mark any - material not subject to the license. This includes other CC- - licensed material, or material used under an exception or - limitation to copyright. More considerations for licensors: - wiki.creativecommons.org/Considerations_for_licensors - - Considerations for the public: By using one of our public - licenses, a licensor grants the public permission to use the - licensed material under specified terms and conditions. If - the licensor's permission is not necessary for any reason--for - example, because of any applicable exception or limitation to - copyright--then that use is not regulated by the license. Our - licenses grant only permissions under copyright and certain - other rights that a licensor has authority to grant. Use of - the licensed material may still be restricted for other - reasons, including because others have copyright or other - rights in the material. A licensor may make special requests, - such as asking that all changes be marked or described. - Although not required by our licenses, you are encouraged to - respect those requests where reasonable. More_considerations - for the public: - wiki.creativecommons.org/Considerations_for_licensees - -======================================================================= - -Creative Commons Attribution-ShareAlike 4.0 International Public -License - -By exercising the Licensed Rights (defined below), You accept and agree -to be bound by the terms and conditions of this Creative Commons -Attribution-ShareAlike 4.0 International Public License ("Public -License"). To the extent this Public License may be interpreted as a -contract, You are granted the Licensed Rights in consideration of Your -acceptance of these terms and conditions, and the Licensor grants You -such rights in consideration of benefits the Licensor receives from -making the Licensed Material available under these terms and -conditions. - - -Section 1 -- Definitions. - - a. Adapted Material means material subject to Copyright and Similar - Rights that is derived from or based upon the Licensed Material - and in which the Licensed Material is translated, altered, - arranged, transformed, or otherwise modified in a manner requiring - permission under the Copyright and Similar Rights held by the - Licensor. For purposes of this Public License, where the Licensed - Material is a musical work, performance, or sound recording, - Adapted Material is always produced where the Licensed Material is - synched in timed relation with a moving image. - - b. Adapter's License means the license You apply to Your Copyright - and Similar Rights in Your contributions to Adapted Material in - accordance with the terms and conditions of this Public License. - - c. BY-SA Compatible License means a license listed at - creativecommons.org/compatiblelicenses, approved by Creative - Commons as essentially the equivalent of this Public License. - - d. Copyright and Similar Rights means copyright and/or similar rights - closely related to copyright including, without limitation, - performance, broadcast, sound recording, and Sui Generis Database - Rights, without regard to how the rights are labeled or - categorized. For purposes of this Public License, the rights - specified in Section 2(b)(1)-(2) are not Copyright and Similar - Rights. - - e. Effective Technological Measures means those measures that, in the - absence of proper authority, may not be circumvented under laws - fulfilling obligations under Article 11 of the WIPO Copyright - Treaty adopted on December 20, 1996, and/or similar international - agreements. - - f. Exceptions and Limitations means fair use, fair dealing, and/or - any other exception or limitation to Copyright and Similar Rights - that applies to Your use of the Licensed Material. - - g. License Elements means the license attributes listed in the name - of a Creative Commons Public License. The License Elements of this - Public License are Attribution and ShareAlike. - - h. Licensed Material means the artistic or literary work, database, - or other material to which the Licensor applied this Public - License. - - i. Licensed Rights means the rights granted to You subject to the - terms and conditions of this Public License, which are limited to - all Copyright and Similar Rights that apply to Your use of the - Licensed Material and that the Licensor has authority to license. - - j. Licensor means the individual(s) or entity(ies) granting rights - under this Public License. - - k. Share means to provide material to the public by any means or - process that requires permission under the Licensed Rights, such - as reproduction, public display, public performance, distribution, - dissemination, communication, or importation, and to make material - available to the public including in ways that members of the - public may access the material from a place and at a time - individually chosen by them. - - l. Sui Generis Database Rights means rights other than copyright - resulting from Directive 96/9/EC of the European Parliament and of - the Council of 11 March 1996 on the legal protection of databases, - as amended and/or succeeded, as well as other essentially - equivalent rights anywhere in the world. - - m. You means the individual or entity exercising the Licensed Rights - under this Public License. Your has a corresponding meaning. - - -Section 2 -- Scope. - - a. License grant. - - 1. Subject to the terms and conditions of this Public License, - the Licensor hereby grants You a worldwide, royalty-free, - non-sublicensable, non-exclusive, irrevocable license to - exercise the Licensed Rights in the Licensed Material to: - - a. reproduce and Share the Licensed Material, in whole or - in part; and - - b. produce, reproduce, and Share Adapted Material. - - 2. Exceptions and Limitations. For the avoidance of doubt, where - Exceptions and Limitations apply to Your use, this Public - License does not apply, and You do not need to comply with - its terms and conditions. - - 3. Term. The term of this Public License is specified in Section - 6(a). - - 4. Media and formats; technical modifications allowed. The - Licensor authorizes You to exercise the Licensed Rights in - all media and formats whether now known or hereafter created, - and to make technical modifications necessary to do so. The - Licensor waives and/or agrees not to assert any right or - authority to forbid You from making technical modifications - necessary to exercise the Licensed Rights, including - technical modifications necessary to circumvent Effective - Technological Measures. For purposes of this Public License, - simply making modifications authorized by this Section 2(a) - (4) never produces Adapted Material. - - 5. Downstream recipients. - - a. Offer from the Licensor -- Licensed Material. Every - recipient of the Licensed Material automatically - receives an offer from the Licensor to exercise the - Licensed Rights under the terms and conditions of this - Public License. - - b. Additional offer from the Licensor -- Adapted Material. - Every recipient of Adapted Material from You - automatically receives an offer from the Licensor to - exercise the Licensed Rights in the Adapted Material - under the conditions of the Adapter's License You apply. - - c. No downstream restrictions. You may not offer or impose - any additional or different terms or conditions on, or - apply any Effective Technological Measures to, the - Licensed Material if doing so restricts exercise of the - Licensed Rights by any recipient of the Licensed - Material. - - 6. No endorsement. Nothing in this Public License constitutes or - may be construed as permission to assert or imply that You - are, or that Your use of the Licensed Material is, connected - with, or sponsored, endorsed, or granted official status by, - the Licensor or others designated to receive attribution as - provided in Section 3(a)(1)(A)(i). - - b. Other rights. - - 1. Moral rights, such as the right of integrity, are not - licensed under this Public License, nor are publicity, - privacy, and/or other similar personality rights; however, to - the extent possible, the Licensor waives and/or agrees not to - assert any such rights held by the Licensor to the limited - extent necessary to allow You to exercise the Licensed - Rights, but not otherwise. - - 2. Patent and trademark rights are not licensed under this - Public License. - - 3. To the extent possible, the Licensor waives any right to - collect royalties from You for the exercise of the Licensed - Rights, whether directly or through a collecting society - under any voluntary or waivable statutory or compulsory - licensing scheme. In all other cases the Licensor expressly - reserves any right to collect such royalties. - - -Section 3 -- License Conditions. - -Your exercise of the Licensed Rights is expressly made subject to the -following conditions. - - a. Attribution. - - 1. If You Share the Licensed Material (including in modified - form), You must: - - a. retain the following if it is supplied by the Licensor - with the Licensed Material: - - i. identification of the creator(s) of the Licensed - Material and any others designated to receive - attribution, in any reasonable manner requested by - the Licensor (including by pseudonym if - designated); - - ii. a copyright notice; - - iii. a notice that refers to this Public License; - - iv. a notice that refers to the disclaimer of - warranties; - - v. a URI or hyperlink to the Licensed Material to the - extent reasonably practicable; - - b. indicate if You modified the Licensed Material and - retain an indication of any previous modifications; and - - c. indicate the Licensed Material is licensed under this - Public License, and include the text of, or the URI or - hyperlink to, this Public License. - - 2. You may satisfy the conditions in Section 3(a)(1) in any - reasonable manner based on the medium, means, and context in - which You Share the Licensed Material. For example, it may be - reasonable to satisfy the conditions by providing a URI or - hyperlink to a resource that includes the required - information. - - 3. If requested by the Licensor, You must remove any of the - information required by Section 3(a)(1)(A) to the extent - reasonably practicable. - - b. ShareAlike. - - In addition to the conditions in Section 3(a), if You Share - Adapted Material You produce, the following conditions also apply. - - 1. The Adapter's License You apply must be a Creative Commons - license with the same License Elements, this version or - later, or a BY-SA Compatible License. - - 2. You must include the text of, or the URI or hyperlink to, the - Adapter's License You apply. You may satisfy this condition - in any reasonable manner based on the medium, means, and - context in which You Share Adapted Material. - - 3. You may not offer or impose any additional or different terms - or conditions on, or apply any Effective Technological - Measures to, Adapted Material that restrict exercise of the - rights granted under the Adapter's License You apply. - - -Section 4 -- Sui Generis Database Rights. - -Where the Licensed Rights include Sui Generis Database Rights that -apply to Your use of the Licensed Material: - - a. for the avoidance of doubt, Section 2(a)(1) grants You the right - to extract, reuse, reproduce, and Share all or a substantial - portion of the contents of the database; - - b. if You include all or a substantial portion of the database - contents in a database in which You have Sui Generis Database - Rights, then the database in which You have Sui Generis Database - Rights (but not its individual contents) is Adapted Material, - - including for purposes of Section 3(b); and - c. You must comply with the conditions in Section 3(a) if You Share - all or a substantial portion of the contents of the database. - -For the avoidance of doubt, this Section 4 supplements and does not -replace Your obligations under this Public License where the Licensed -Rights include other Copyright and Similar Rights. - - -Section 5 -- Disclaimer of Warranties and Limitation of Liability. - - a. UNLESS OTHERWISE SEPARATELY UNDERTAKEN BY THE LICENSOR, TO THE - EXTENT POSSIBLE, THE LICENSOR OFFERS THE LICENSED MATERIAL AS-IS - AND AS-AVAILABLE, AND MAKES NO REPRESENTATIONS OR WARRANTIES OF - ANY KIND CONCERNING THE LICENSED MATERIAL, WHETHER EXPRESS, - IMPLIED, STATUTORY, OR OTHER. THIS INCLUDES, WITHOUT LIMITATION, - WARRANTIES OF TITLE, MERCHANTABILITY, FITNESS FOR A PARTICULAR - PURPOSE, NON-INFRINGEMENT, ABSENCE OF LATENT OR OTHER DEFECTS, - ACCURACY, OR THE PRESENCE OR ABSENCE OF ERRORS, WHETHER OR NOT - KNOWN OR DISCOVERABLE. WHERE DISCLAIMERS OF WARRANTIES ARE NOT - ALLOWED IN FULL OR IN PART, THIS DISCLAIMER MAY NOT APPLY TO YOU. - - b. TO THE EXTENT POSSIBLE, IN NO EVENT WILL THE LICENSOR BE LIABLE - TO YOU ON ANY LEGAL THEORY (INCLUDING, WITHOUT LIMITATION, - NEGLIGENCE) OR OTHERWISE FOR ANY DIRECT, SPECIAL, INDIRECT, - INCIDENTAL, CONSEQUENTIAL, PUNITIVE, EXEMPLARY, OR OTHER LOSSES, - COSTS, EXPENSES, OR DAMAGES ARISING OUT OF THIS PUBLIC LICENSE OR - USE OF THE LICENSED MATERIAL, EVEN IF THE LICENSOR HAS BEEN - ADVISED OF THE POSSIBILITY OF SUCH LOSSES, COSTS, EXPENSES, OR - DAMAGES. WHERE A LIMITATION OF LIABILITY IS NOT ALLOWED IN FULL OR - IN PART, THIS LIMITATION MAY NOT APPLY TO YOU. - - c. The disclaimer of warranties and limitation of liability provided - above shall be interpreted in a manner that, to the extent - possible, most closely approximates an absolute disclaimer and - waiver of all liability. - - -Section 6 -- Term and Termination. - - a. This Public License applies for the term of the Copyright and - Similar Rights licensed here. However, if You fail to comply with - this Public License, then Your rights under this Public License - terminate automatically. - - b. Where Your right to use the Licensed Material has terminated under - Section 6(a), it reinstates: - - 1. automatically as of the date the violation is cured, provided - it is cured within 30 days of Your discovery of the - violation; or - - 2. upon express reinstatement by the Licensor. - - For the avoidance of doubt, this Section 6(b) does not affect any - right the Licensor may have to seek remedies for Your violations - of this Public License. - - c. For the avoidance of doubt, the Licensor may also offer the - Licensed Material under separate terms or conditions or stop - distributing the Licensed Material at any time; however, doing so - will not terminate this Public License. - - d. Sections 1, 5, 6, 7, and 8 survive termination of this Public - License. - - -Section 7 -- Other Terms and Conditions. - - a. The Licensor shall not be bound by any additional or different - terms or conditions communicated by You unless expressly agreed. - - b. Any arrangements, understandings, or agreements regarding the - Licensed Material not stated herein are separate from and - independent of the terms and conditions of this Public License. - - -Section 8 -- Interpretation. - - a. For the avoidance of doubt, this Public License does not, and - shall not be interpreted to, reduce, limit, restrict, or impose - conditions on any use of the Licensed Material that could lawfully - be made without permission under this Public License. - - b. To the extent possible, if any provision of this Public License is - deemed unenforceable, it shall be automatically reformed to the - minimum extent necessary to make it enforceable. If the provision - cannot be reformed, it shall be severed from this Public License - without affecting the enforceability of the remaining terms and - conditions. - - c. No term or condition of this Public License will be waived and no - failure to comply consented to unless expressly agreed to by the - Licensor. - - d. Nothing in this Public License constitutes or may be interpreted - as a limitation upon, or waiver of, any privileges and immunities - that apply to the Licensor or You, including from the legal - processes of any jurisdiction or authority. - - -======================================================================= - -Creative Commons is not a party to its public licenses. -Notwithstanding, Creative Commons may elect to apply one of its public -licenses to material it publishes and in those instances will be -considered the "Licensor." Except for the limited purpose of indicating -that material is shared under a Creative Commons public license or as -otherwise permitted by the Creative Commons policies published at -creativecommons.org/policies, Creative Commons does not authorize the -use of the trademark "Creative Commons" or any other trademark or logo -of Creative Commons without its prior written consent including, -without limitation, in connection with any unauthorized modifications -to any of its public licenses or any other arrangements, -understandings, or agreements concerning use of licensed material. For -the avoidance of doubt, this paragraph does not form part of the public -licenses. - -Creative Commons may be contacted at creativecommons.org. diff --git a/vendor/github.com/opencontainers/go-digest/MAINTAINERS b/vendor/github.com/opencontainers/go-digest/MAINTAINERS deleted file mode 100644 index 42a29795..00000000 --- a/vendor/github.com/opencontainers/go-digest/MAINTAINERS +++ /dev/null @@ -1,9 +0,0 @@ -Aaron Lehmann (@aaronlehmann) -Brandon Philips (@philips) -Brendan Burns (@brendandburns) -Derek McGowan (@dmcgowan) -Jason Bouzane (@jbouzane) -John Starks (@jstarks) -Jonathan Boulle (@jonboulle) -Stephen Day (@stevvooe) -Vincent Batts (@vbatts) diff --git a/vendor/github.com/opencontainers/go-digest/README.md b/vendor/github.com/opencontainers/go-digest/README.md deleted file mode 100644 index 0f5a0409..00000000 --- a/vendor/github.com/opencontainers/go-digest/README.md +++ /dev/null @@ -1,104 +0,0 @@ -# go-digest - -[![GoDoc](https://godoc.org/github.com/opencontainers/go-digest?status.svg)](https://godoc.org/github.com/opencontainers/go-digest) [![Go Report Card](https://goreportcard.com/badge/github.com/opencontainers/go-digest)](https://goreportcard.com/report/github.com/opencontainers/go-digest) [![Build Status](https://travis-ci.org/opencontainers/go-digest.svg?branch=master)](https://travis-ci.org/opencontainers/go-digest) - -Common digest package used across the container ecosystem. - -Please see the [godoc](https://godoc.org/github.com/opencontainers/go-digest) for more information. - -# What is a digest? - -A digest is just a hash. - -The most common use case for a digest is to create a content -identifier for use in [Content Addressable Storage](https://en.wikipedia.org/wiki/Content-addressable_storage) -systems: - -```go -id := digest.FromBytes([]byte("my content")) -``` - -In the example above, the id can be used to uniquely identify -the byte slice "my content". This allows two disparate applications -to agree on a verifiable identifier without having to trust one -another. - -An identifying digest can be verified, as follows: - -```go -if id != digest.FromBytes([]byte("my content")) { - return errors.New("the content has changed!") -} -``` - -A `Verifier` type can be used to handle cases where an `io.Reader` -makes more sense: - -```go -rd := getContent() -verifier := id.Verifier() -io.Copy(verifier, rd) - -if !verifier.Verified() { - return errors.New("the content has changed!") -} -``` - -Using [Merkle DAGs](https://en.wikipedia.org/wiki/Merkle_tree), this -can power a rich, safe, content distribution system. - -# Usage - -While the [godoc](https://godoc.org/github.com/opencontainers/go-digest) is -considered the best resource, a few important items need to be called -out when using this package. - -1. Make sure to import the hash implementations into your application - or the package will panic. You should have something like the - following in the main (or other entrypoint) of your application: - - ```go - import ( - _ "crypto/sha256" - _ "crypto/sha512" - ) - ``` - This may seem inconvenient but it allows you replace the hash - implementations with others, such as https://github.com/stevvooe/resumable. - -2. Even though `digest.Digest` may be assemable as a string, _always_ - verify your input with `digest.Parse` or use `Digest.Validate` - when accepting untrusted input. While there are measures to - avoid common problems, this will ensure you have valid digests - in the rest of your application. - -# Stability - -The Go API, at this stage, is considered stable, unless otherwise noted. - -As always, before using a package export, read the [godoc](https://godoc.org/github.com/opencontainers/go-digest). - -# Contributing - -This package is considered fairly complete. It has been in production -in thousands (millions?) of deployments and is fairly battle-hardened. -New additions will be met with skepticism. If you think there is a -missing feature, please file a bug clearly describing the problem and -the alternatives you tried before submitting a PR. - -# Reporting security issues - -Please DO NOT file a public issue, instead send your report privately to -security@opencontainers.org. - -The maintainers take security seriously. If you discover a security issue, -please bring it to their attention right away! - -If you are reporting a security issue, do not create an issue or file a pull -request on GitHub. Instead, disclose the issue responsibly by sending an email -to security@opencontainers.org (which is inhabited only by the maintainers of -the various OCI projects). - -# Copyright and license - -Copyright © 2016 Docker, Inc. All rights reserved, except as follows. Code is released under the [Apache 2.0 license](LICENSE.code). This `README.md` file and the [`CONTRIBUTING.md`](CONTRIBUTING.md) file are licensed under the Creative Commons Attribution 4.0 International License under the terms and conditions set forth in the file [`LICENSE.docs`](LICENSE.docs). You may obtain a duplicate copy of the same license, titled CC BY-SA 4.0, at http://creativecommons.org/licenses/by-sa/4.0/. diff --git a/vendor/github.com/opencontainers/go-digest/algorithm.go b/vendor/github.com/opencontainers/go-digest/algorithm.go deleted file mode 100644 index bdff42d9..00000000 --- a/vendor/github.com/opencontainers/go-digest/algorithm.go +++ /dev/null @@ -1,158 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "crypto" - "fmt" - "hash" - "io" -) - -// Algorithm identifies and implementation of a digester by an identifier. -// Note the that this defines both the hash algorithm used and the string -// encoding. -type Algorithm string - -// supported digest types -const ( - SHA256 Algorithm = "sha256" // sha256 with hex encoding - SHA384 Algorithm = "sha384" // sha384 with hex encoding - SHA512 Algorithm = "sha512" // sha512 with hex encoding - - // Canonical is the primary digest algorithm used with the distribution - // project. Other digests may be used but this one is the primary storage - // digest. - Canonical = SHA256 -) - -var ( - // TODO(stevvooe): Follow the pattern of the standard crypto package for - // registration of digests. Effectively, we are a registerable set and - // common symbol access. - - // algorithms maps values to hash.Hash implementations. Other algorithms - // may be available but they cannot be calculated by the digest package. - algorithms = map[Algorithm]crypto.Hash{ - SHA256: crypto.SHA256, - SHA384: crypto.SHA384, - SHA512: crypto.SHA512, - } -) - -// Available returns true if the digest type is available for use. If this -// returns false, Digester and Hash will return nil. -func (a Algorithm) Available() bool { - h, ok := algorithms[a] - if !ok { - return false - } - - // check availability of the hash, as well - return h.Available() -} - -func (a Algorithm) String() string { - return string(a) -} - -// Size returns number of bytes returned by the hash. -func (a Algorithm) Size() int { - h, ok := algorithms[a] - if !ok { - return 0 - } - return h.Size() -} - -// Set implemented to allow use of Algorithm as a command line flag. -func (a *Algorithm) Set(value string) error { - if value == "" { - *a = Canonical - } else { - // just do a type conversion, support is queried with Available. - *a = Algorithm(value) - } - - if !a.Available() { - return ErrDigestUnsupported - } - - return nil -} - -// Digester returns a new digester for the specified algorithm. If the algorithm -// does not have a digester implementation, nil will be returned. This can be -// checked by calling Available before calling Digester. -func (a Algorithm) Digester() Digester { - return &digester{ - alg: a, - hash: a.Hash(), - } -} - -// Hash returns a new hash as used by the algorithm. If not available, the -// method will panic. Check Algorithm.Available() before calling. -func (a Algorithm) Hash() hash.Hash { - if !a.Available() { - // Empty algorithm string is invalid - if a == "" { - panic(fmt.Sprintf("empty digest algorithm, validate before calling Algorithm.Hash()")) - } - - // NOTE(stevvooe): A missing hash is usually a programming error that - // must be resolved at compile time. We don't import in the digest - // package to allow users to choose their hash implementation (such as - // when using stevvooe/resumable or a hardware accelerated package). - // - // Applications that may want to resolve the hash at runtime should - // call Algorithm.Available before call Algorithm.Hash(). - panic(fmt.Sprintf("%v not available (make sure it is imported)", a)) - } - - return algorithms[a].New() -} - -// FromReader returns the digest of the reader using the algorithm. -func (a Algorithm) FromReader(rd io.Reader) (Digest, error) { - digester := a.Digester() - - if _, err := io.Copy(digester.Hash(), rd); err != nil { - return "", err - } - - return digester.Digest(), nil -} - -// FromBytes digests the input and returns a Digest. -func (a Algorithm) FromBytes(p []byte) Digest { - digester := a.Digester() - - if _, err := digester.Hash().Write(p); err != nil { - // Writes to a Hash should never fail. None of the existing - // hash implementations in the stdlib or hashes vendored - // here can return errors from Write. Having a panic in this - // condition instead of having FromBytes return an error value - // avoids unnecessary error handling paths in all callers. - panic("write to hash function returned error: " + err.Error()) - } - - return digester.Digest() -} - -// FromString digests the string input and returns a Digest. -func (a Algorithm) FromString(s string) Digest { - return a.FromBytes([]byte(s)) -} diff --git a/vendor/github.com/opencontainers/go-digest/algorithm_test.go b/vendor/github.com/opencontainers/go-digest/algorithm_test.go deleted file mode 100644 index d50e8494..00000000 --- a/vendor/github.com/opencontainers/go-digest/algorithm_test.go +++ /dev/null @@ -1,114 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "bytes" - "crypto/rand" - _ "crypto/sha256" - _ "crypto/sha512" - "flag" - "fmt" - "strings" - "testing" -) - -func TestFlagInterface(t *testing.T) { - var ( - alg Algorithm - flagSet flag.FlagSet - ) - - flagSet.Var(&alg, "algorithm", "set the digest algorithm") - for _, testcase := range []struct { - Name string - Args []string - Err error - Expected Algorithm - }{ - { - Name: "Invalid", - Args: []string{"-algorithm", "bean"}, - Err: ErrDigestUnsupported, - }, - { - Name: "Default", - Args: []string{"unrelated"}, - Expected: "sha256", - }, - { - Name: "Other", - Args: []string{"-algorithm", "sha512"}, - Expected: "sha512", - }, - } { - t.Run(testcase.Name, func(t *testing.T) { - alg = Canonical - if err := flagSet.Parse(testcase.Args); err != testcase.Err { - if testcase.Err == nil { - t.Fatal("unexpected error", err) - } - - // check that flag package returns correct error - if !strings.Contains(err.Error(), testcase.Err.Error()) { - t.Fatalf("unexpected error: %v != %v", err, testcase.Err) - } - return - } - - if alg != testcase.Expected { - t.Fatalf("unexpected algorithm: %v != %v", alg, testcase.Expected) - } - }) - } -} - -func TestFroms(t *testing.T) { - p := make([]byte, 1<<20) - rand.Read(p) - - for alg := range algorithms { - h := alg.Hash() - h.Write(p) - expected := Digest(fmt.Sprintf("%s:%x", alg, h.Sum(nil))) - readerDgst, err := alg.FromReader(bytes.NewReader(p)) - if err != nil { - t.Fatalf("error calculating hash from reader: %v", err) - } - - dgsts := []Digest{ - alg.FromBytes(p), - alg.FromString(string(p)), - readerDgst, - } - - if alg == Canonical { - readerDgst, err := FromReader(bytes.NewReader(p)) - if err != nil { - t.Fatalf("error calculating hash from reader: %v", err) - } - - dgsts = append(dgsts, - FromBytes(p), - FromString(string(p)), - readerDgst) - } - for _, dgst := range dgsts { - if dgst != expected { - t.Fatalf("unexpected digest %v != %v", dgst, expected) - } - } - } -} diff --git a/vendor/github.com/opencontainers/go-digest/digest.go b/vendor/github.com/opencontainers/go-digest/digest.go deleted file mode 100644 index 69e1d2b5..00000000 --- a/vendor/github.com/opencontainers/go-digest/digest.go +++ /dev/null @@ -1,154 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "fmt" - "hash" - "io" - "regexp" - "strings" -) - -// Digest allows simple protection of hex formatted digest strings, prefixed -// by their algorithm. Strings of type Digest have some guarantee of being in -// the correct format and it provides quick access to the components of a -// digest string. -// -// The following is an example of the contents of Digest types: -// -// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc -// -// This allows to abstract the digest behind this type and work only in those -// terms. -type Digest string - -// NewDigest returns a Digest from alg and a hash.Hash object. -func NewDigest(alg Algorithm, h hash.Hash) Digest { - return NewDigestFromBytes(alg, h.Sum(nil)) -} - -// NewDigestFromBytes returns a new digest from the byte contents of p. -// Typically, this can come from hash.Hash.Sum(...) or xxx.SumXXX(...) -// functions. This is also useful for rebuilding digests from binary -// serializations. -func NewDigestFromBytes(alg Algorithm, p []byte) Digest { - return Digest(fmt.Sprintf("%s:%x", alg, p)) -} - -// NewDigestFromHex returns a Digest from alg and a the hex encoded digest. -func NewDigestFromHex(alg, hex string) Digest { - return Digest(fmt.Sprintf("%s:%s", alg, hex)) -} - -// DigestRegexp matches valid digest types. -var DigestRegexp = regexp.MustCompile(`[a-zA-Z0-9-_+.]+:[a-fA-F0-9]+`) - -// DigestRegexpAnchored matches valid digest types, anchored to the start and end of the match. -var DigestRegexpAnchored = regexp.MustCompile(`^` + DigestRegexp.String() + `$`) - -var ( - // ErrDigestInvalidFormat returned when digest format invalid. - ErrDigestInvalidFormat = fmt.Errorf("invalid checksum digest format") - - // ErrDigestInvalidLength returned when digest has invalid length. - ErrDigestInvalidLength = fmt.Errorf("invalid checksum digest length") - - // ErrDigestUnsupported returned when the digest algorithm is unsupported. - ErrDigestUnsupported = fmt.Errorf("unsupported digest algorithm") -) - -// Parse parses s and returns the validated digest object. An error will -// be returned if the format is invalid. -func Parse(s string) (Digest, error) { - d := Digest(s) - return d, d.Validate() -} - -// FromReader consumes the content of rd until io.EOF, returning canonical digest. -func FromReader(rd io.Reader) (Digest, error) { - return Canonical.FromReader(rd) -} - -// FromBytes digests the input and returns a Digest. -func FromBytes(p []byte) Digest { - return Canonical.FromBytes(p) -} - -// FromString digests the input and returns a Digest. -func FromString(s string) Digest { - return Canonical.FromString(s) -} - -// Validate checks that the contents of d is a valid digest, returning an -// error if not. -func (d Digest) Validate() error { - s := string(d) - - i := strings.Index(s, ":") - - // validate i then run through regexp - if i < 0 || i+1 == len(s) || !DigestRegexpAnchored.MatchString(s) { - return ErrDigestInvalidFormat - } - - algorithm := Algorithm(s[:i]) - if !algorithm.Available() { - return ErrDigestUnsupported - } - - // Digests much always be hex-encoded, ensuring that their hex portion will - // always be size*2 - if algorithm.Size()*2 != len(s[i+1:]) { - return ErrDigestInvalidLength - } - - return nil -} - -// Algorithm returns the algorithm portion of the digest. This will panic if -// the underlying digest is not in a valid format. -func (d Digest) Algorithm() Algorithm { - return Algorithm(d[:d.sepIndex()]) -} - -// Verifier returns a writer object that can be used to verify a stream of -// content against the digest. If the digest is invalid, the method will panic. -func (d Digest) Verifier() Verifier { - return hashVerifier{ - hash: d.Algorithm().Hash(), - digest: d, - } -} - -// Hex returns the hex digest portion of the digest. This will panic if the -// underlying digest is not in a valid format. -func (d Digest) Hex() string { - return string(d[d.sepIndex()+1:]) -} - -func (d Digest) String() string { - return string(d) -} - -func (d Digest) sepIndex() int { - i := strings.Index(string(d), ":") - - if i < 0 { - panic(fmt.Sprintf("no ':' separator in digest %q", d)) - } - - return i -} diff --git a/vendor/github.com/opencontainers/go-digest/digest_test.go b/vendor/github.com/opencontainers/go-digest/digest_test.go deleted file mode 100644 index 182f2dd0..00000000 --- a/vendor/github.com/opencontainers/go-digest/digest_test.go +++ /dev/null @@ -1,106 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "testing" -) - -func TestParseDigest(t *testing.T) { - for _, testcase := range []struct { - input string - err error - algorithm Algorithm - hex string - }{ - { - input: "sha256:e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b", - algorithm: "sha256", - hex: "e58fcf7418d4390dec8e8fb69d88c06ec07039d651fedd3aa72af9972e7d046b", - }, - { - input: "sha384:d3fc7881460b7e22e3d172954463dddd7866d17597e7248453c48b3e9d26d9596bf9c4a9cf8072c9d5bad76e19af801d", - algorithm: "sha384", - hex: "d3fc7881460b7e22e3d172954463dddd7866d17597e7248453c48b3e9d26d9596bf9c4a9cf8072c9d5bad76e19af801d", - }, - { - // empty hex - input: "sha256:", - err: ErrDigestInvalidFormat, - }, - { - // empty hex - input: ":", - err: ErrDigestInvalidFormat, - }, - { - // just hex - input: "d41d8cd98f00b204e9800998ecf8427e", - err: ErrDigestInvalidFormat, - }, - { - // not hex - input: "sha256:d41d8cd98f00b204e9800m98ecf8427e", - err: ErrDigestInvalidFormat, - }, - { - // too short - input: "sha256:abcdef0123456789", - err: ErrDigestInvalidLength, - }, - { - // too short (from different algorithm) - input: "sha512:abcdef0123456789abcdef0123456789abcdef0123456789abcdef0123456789", - err: ErrDigestInvalidLength, - }, - { - input: "foo:d41d8cd98f00b204e9800998ecf8427e", - err: ErrDigestUnsupported, - }, - } { - digest, err := Parse(testcase.input) - if err != testcase.err { - t.Fatalf("error differed from expected while parsing %q: %v != %v", testcase.input, err, testcase.err) - } - - if testcase.err != nil { - continue - } - - if digest.Algorithm() != testcase.algorithm { - t.Fatalf("incorrect algorithm for parsed digest: %q != %q", digest.Algorithm(), testcase.algorithm) - } - - if digest.Hex() != testcase.hex { - t.Fatalf("incorrect hex for parsed digest: %q != %q", digest.Hex(), testcase.hex) - } - - // Parse string return value and check equality - newParsed, err := Parse(digest.String()) - - if err != nil { - t.Fatalf("unexpected error parsing input %q: %v", testcase.input, err) - } - - if newParsed != digest { - t.Fatalf("expected equal: %q != %q", newParsed, digest) - } - - newFromHex := NewDigestFromHex(newParsed.Algorithm().String(), newParsed.Hex()) - if newFromHex != digest { - t.Fatalf("%v != %v", newFromHex, digest) - } - } -} diff --git a/vendor/github.com/opencontainers/go-digest/digester.go b/vendor/github.com/opencontainers/go-digest/digester.go deleted file mode 100644 index 36fa2728..00000000 --- a/vendor/github.com/opencontainers/go-digest/digester.go +++ /dev/null @@ -1,39 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import "hash" - -// Digester calculates the digest of written data. Writes should go directly -// to the return value of Hash, while calling Digest will return the current -// value of the digest. -type Digester interface { - Hash() hash.Hash // provides direct access to underlying hash instance. - Digest() Digest -} - -// digester provides a simple digester definition that embeds a hasher. -type digester struct { - alg Algorithm - hash hash.Hash -} - -func (d *digester) Hash() hash.Hash { - return d.hash -} - -func (d *digester) Digest() Digest { - return NewDigest(d.alg, d.hash) -} diff --git a/vendor/github.com/opencontainers/go-digest/doc.go b/vendor/github.com/opencontainers/go-digest/doc.go deleted file mode 100644 index 491ea1ef..00000000 --- a/vendor/github.com/opencontainers/go-digest/doc.go +++ /dev/null @@ -1,56 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -// Package digest provides a generalized type to opaquely represent message -// digests and their operations within the registry. The Digest type is -// designed to serve as a flexible identifier in a content-addressable system. -// More importantly, it provides tools and wrappers to work with -// hash.Hash-based digests with little effort. -// -// Basics -// -// The format of a digest is simply a string with two parts, dubbed the -// "algorithm" and the "digest", separated by a colon: -// -// : -// -// An example of a sha256 digest representation follows: -// -// sha256:7173b809ca12ec5dee4506cd86be934c4596dd234ee82c0662eac04a8c2c71dc -// -// In this case, the string "sha256" is the algorithm and the hex bytes are -// the "digest". -// -// Because the Digest type is simply a string, once a valid Digest is -// obtained, comparisons are cheap, quick and simple to express with the -// standard equality operator. -// -// Verification -// -// The main benefit of using the Digest type is simple verification against a -// given digest. The Verifier interface, modeled after the stdlib hash.Hash -// interface, provides a common write sink for digest verification. After -// writing is complete, calling the Verifier.Verified method will indicate -// whether or not the stream of bytes matches the target digest. -// -// Missing Features -// -// In addition to the above, we intend to add the following features to this -// package: -// -// 1. A Digester type that supports write sink digest calculation. -// -// 2. Suspend and resume of ongoing digest calculations to support efficient digest verification in the registry. -// -package digest diff --git a/vendor/github.com/opencontainers/go-digest/verifiers.go b/vendor/github.com/opencontainers/go-digest/verifiers.go deleted file mode 100644 index 32125e91..00000000 --- a/vendor/github.com/opencontainers/go-digest/verifiers.go +++ /dev/null @@ -1,45 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "hash" - "io" -) - -// Verifier presents a general verification interface to be used with message -// digests and other byte stream verifications. Users instantiate a Verifier -// from one of the various methods, write the data under test to it then check -// the result with the Verified method. -type Verifier interface { - io.Writer - - // Verified will return true if the content written to Verifier matches - // the digest. - Verified() bool -} - -type hashVerifier struct { - digest Digest - hash hash.Hash -} - -func (hv hashVerifier) Write(p []byte) (n int, err error) { - return hv.hash.Write(p) -} - -func (hv hashVerifier) Verified() bool { - return hv.digest == NewDigest(hv.digest.Algorithm(), hv.hash) -} diff --git a/vendor/github.com/opencontainers/go-digest/verifiers_test.go b/vendor/github.com/opencontainers/go-digest/verifiers_test.go deleted file mode 100644 index d67bb1bc..00000000 --- a/vendor/github.com/opencontainers/go-digest/verifiers_test.go +++ /dev/null @@ -1,80 +0,0 @@ -// Copyright 2017 Docker, Inc. -// -// Licensed under the Apache License, Version 2.0 (the "License"); -// you may not use this file except in compliance with the License. -// You may obtain a copy of the License at -// -// https://www.apache.org/licenses/LICENSE-2.0 -// -// Unless required by applicable law or agreed to in writing, software -// distributed under the License is distributed on an "AS IS" BASIS, -// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -// See the License for the specific language governing permissions and -// limitations under the License. - -package digest - -import ( - "bytes" - "crypto/rand" - "io" - "reflect" - "testing" -) - -func TestDigestVerifier(t *testing.T) { - p := make([]byte, 1<<20) - rand.Read(p) - digest := FromBytes(p) - - verifier := digest.Verifier() - - io.Copy(verifier, bytes.NewReader(p)) - - if !verifier.Verified() { - t.Fatalf("bytes not verified") - } -} - -// TestVerifierUnsupportedDigest ensures that unsupported digest validation is -// flowing through verifier creation. -func TestVerifierUnsupportedDigest(t *testing.T) { - for _, testcase := range []struct { - Name string - Digest Digest - Expected interface{} // expected panic target - }{ - { - Name: "Empty", - Digest: "", - Expected: "no ':' separator in digest \"\"", - }, - { - Name: "EmptyAlg", - Digest: ":", - Expected: "empty digest algorithm, validate before calling Algorithm.Hash()", - }, - { - Name: "Unsupported", - Digest: Digest("bean:0123456789abcdef"), - Expected: "bean not available (make sure it is imported)", - }, - { - Name: "Garbage", - Digest: Digest("sha256-garbage:pure"), - Expected: "sha256-garbage not available (make sure it is imported)", - }, - } { - t.Run(testcase.Name, func(t *testing.T) { - expected := testcase.Expected - defer func() { - recovered := recover() - if !reflect.DeepEqual(recovered, expected) { - t.Fatalf("unexpected recover: %v != %v", recovered, expected) - } - }() - - _ = testcase.Digest.Verifier() - }) - } -} diff --git a/vendor/golang.org/x/net/.gitattributes b/vendor/golang.org/x/net/.gitattributes deleted file mode 100644 index d2f212e5..00000000 --- a/vendor/golang.org/x/net/.gitattributes +++ /dev/null @@ -1,10 +0,0 @@ -# Treat all files in this repo as binary, with no git magic updating -# line endings. Windows users contributing to Go will need to use a -# modern version of git and editors capable of LF line endings. -# -# We'll prevent accidental CRLF line endings from entering the repo -# via the git-review gofmt checks. -# -# See golang.org/issue/9281 - -* -text diff --git a/vendor/golang.org/x/net/.gitignore b/vendor/golang.org/x/net/.gitignore deleted file mode 100644 index 8339fd61..00000000 --- a/vendor/golang.org/x/net/.gitignore +++ /dev/null @@ -1,2 +0,0 @@ -# Add no patterns to .hgignore except for files generated by the build. -last-change diff --git a/vendor/golang.org/x/net/AUTHORS b/vendor/golang.org/x/net/AUTHORS deleted file mode 100644 index 15167cd7..00000000 --- a/vendor/golang.org/x/net/AUTHORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code refers to The Go Authors for copyright purposes. -# The master list of authors is in the main Go distribution, -# visible at http://tip.golang.org/AUTHORS. diff --git a/vendor/golang.org/x/net/CONTRIBUTING.md b/vendor/golang.org/x/net/CONTRIBUTING.md deleted file mode 100644 index 88dff59b..00000000 --- a/vendor/golang.org/x/net/CONTRIBUTING.md +++ /dev/null @@ -1,31 +0,0 @@ -# Contributing to Go - -Go is an open source project. - -It is the work of hundreds of contributors. We appreciate your help! - - -## Filing issues - -When [filing an issue](https://golang.org/issue/new), make sure to answer these five questions: - -1. What version of Go are you using (`go version`)? -2. What operating system and processor architecture are you using? -3. What did you do? -4. What did you expect to see? -5. What did you see instead? - -General questions should go to the [golang-nuts mailing list](https://groups.google.com/group/golang-nuts) instead of the issue tracker. -The gophers there will answer or ask you to file an issue if you've tripped over a bug. - -## Contributing code - -Please read the [Contribution Guidelines](https://golang.org/doc/contribute.html) -before sending patches. - -**We do not accept GitHub pull requests** -(we use [Gerrit](https://code.google.com/p/gerrit/) instead for code review). - -Unless otherwise noted, the Go source files are distributed under -the BSD-style license found in the LICENSE file. - diff --git a/vendor/golang.org/x/net/CONTRIBUTORS b/vendor/golang.org/x/net/CONTRIBUTORS deleted file mode 100644 index 1c4577e9..00000000 --- a/vendor/golang.org/x/net/CONTRIBUTORS +++ /dev/null @@ -1,3 +0,0 @@ -# This source code was written by the Go contributors. -# The master list of contributors is in the main Go distribution, -# visible at http://tip.golang.org/CONTRIBUTORS. diff --git a/vendor/golang.org/x/net/LICENSE b/vendor/golang.org/x/net/LICENSE deleted file mode 100644 index 6a66aea5..00000000 --- a/vendor/golang.org/x/net/LICENSE +++ /dev/null @@ -1,27 +0,0 @@ -Copyright (c) 2009 The Go Authors. All rights reserved. - -Redistribution and use in source and binary forms, with or without -modification, are permitted provided that the following conditions are -met: - - * Redistributions of source code must retain the above copyright -notice, this list of conditions and the following disclaimer. - * Redistributions in binary form must reproduce the above -copyright notice, this list of conditions and the following disclaimer -in the documentation and/or other materials provided with the -distribution. - * Neither the name of Google Inc. nor the names of its -contributors may be used to endorse or promote products derived from -this software without specific prior written permission. - -THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS -"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT -LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR -A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT -OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, -SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, -DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY -THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT -(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE -OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. diff --git a/vendor/golang.org/x/net/PATENTS b/vendor/golang.org/x/net/PATENTS deleted file mode 100644 index 73309904..00000000 --- a/vendor/golang.org/x/net/PATENTS +++ /dev/null @@ -1,22 +0,0 @@ -Additional IP Rights Grant (Patents) - -"This implementation" means the copyrightable works distributed by -Google as part of the Go project. - -Google hereby grants to You a perpetual, worldwide, non-exclusive, -no-charge, royalty-free, irrevocable (except as stated in this section) -patent license to make, have made, use, offer to sell, sell, import, -transfer and otherwise run, modify and propagate the contents of this -implementation of Go, where such license applies only to those patent -claims, both currently owned or controlled by Google and acquired in -the future, licensable by Google that are necessarily infringed by this -implementation of Go. This grant does not include claims that would be -infringed only as a consequence of further modification of this -implementation. If you or your agent or exclusive licensee institute or -order or agree to the institution of patent litigation against any -entity (including a cross-claim or counterclaim in a lawsuit) alleging -that this implementation of Go or any code incorporated within this -implementation of Go constitutes direct or contributory patent -infringement, or inducement of patent infringement, then any patent -rights granted to you under this License for this implementation of Go -shall terminate as of the date such litigation is filed. diff --git a/vendor/golang.org/x/net/README b/vendor/golang.org/x/net/README deleted file mode 100644 index 6b13d8e5..00000000 --- a/vendor/golang.org/x/net/README +++ /dev/null @@ -1,3 +0,0 @@ -This repository holds supplementary Go networking libraries. - -To submit changes to this repository, see http://golang.org/doc/contribute.html. diff --git a/vendor/golang.org/x/net/codereview.cfg b/vendor/golang.org/x/net/codereview.cfg deleted file mode 100644 index 3f8b14b6..00000000 --- a/vendor/golang.org/x/net/codereview.cfg +++ /dev/null @@ -1 +0,0 @@ -issuerepo: golang/go diff --git a/vendor/golang.org/x/net/context/context.go b/vendor/golang.org/x/net/context/context.go deleted file mode 100644 index 19235cf2..00000000 --- a/vendor/golang.org/x/net/context/context.go +++ /dev/null @@ -1,447 +0,0 @@ -// Copyright 2014 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package context defines the Context type, which carries deadlines, -// cancelation signals, and other request-scoped values across API boundaries -// and between processes. -// -// Incoming requests to a server should create a Context, and outgoing calls to -// servers should accept a Context. The chain of function calls between must -// propagate the Context, optionally replacing it with a modified copy created -// using WithDeadline, WithTimeout, WithCancel, or WithValue. -// -// Programs that use Contexts should follow these rules to keep interfaces -// consistent across packages and enable static analysis tools to check context -// propagation: -// -// Do not store Contexts inside a struct type; instead, pass a Context -// explicitly to each function that needs it. The Context should be the first -// parameter, typically named ctx: -// -// func DoSomething(ctx context.Context, arg Arg) error { -// // ... use ctx ... -// } -// -// Do not pass a nil Context, even if a function permits it. Pass context.TODO -// if you are unsure about which Context to use. -// -// Use context Values only for request-scoped data that transits processes and -// APIs, not for passing optional parameters to functions. -// -// The same Context may be passed to functions running in different goroutines; -// Contexts are safe for simultaneous use by multiple goroutines. -// -// See http://blog.golang.org/context for example code for a server that uses -// Contexts. -package context // import "golang.org/x/net/context" - -import ( - "errors" - "fmt" - "sync" - "time" -) - -// A Context carries a deadline, a cancelation signal, and other values across -// API boundaries. -// -// Context's methods may be called by multiple goroutines simultaneously. -type Context interface { - // Deadline returns the time when work done on behalf of this context - // should be canceled. Deadline returns ok==false when no deadline is - // set. Successive calls to Deadline return the same results. - Deadline() (deadline time.Time, ok bool) - - // Done returns a channel that's closed when work done on behalf of this - // context should be canceled. Done may return nil if this context can - // never be canceled. Successive calls to Done return the same value. - // - // WithCancel arranges for Done to be closed when cancel is called; - // WithDeadline arranges for Done to be closed when the deadline - // expires; WithTimeout arranges for Done to be closed when the timeout - // elapses. - // - // Done is provided for use in select statements: - // - // // Stream generates values with DoSomething and sends them to out - // // until DoSomething returns an error or ctx.Done is closed. - // func Stream(ctx context.Context, out <-chan Value) error { - // for { - // v, err := DoSomething(ctx) - // if err != nil { - // return err - // } - // select { - // case <-ctx.Done(): - // return ctx.Err() - // case out <- v: - // } - // } - // } - // - // See http://blog.golang.org/pipelines for more examples of how to use - // a Done channel for cancelation. - Done() <-chan struct{} - - // Err returns a non-nil error value after Done is closed. Err returns - // Canceled if the context was canceled or DeadlineExceeded if the - // context's deadline passed. No other values for Err are defined. - // After Done is closed, successive calls to Err return the same value. - Err() error - - // Value returns the value associated with this context for key, or nil - // if no value is associated with key. Successive calls to Value with - // the same key returns the same result. - // - // Use context values only for request-scoped data that transits - // processes and API boundaries, not for passing optional parameters to - // functions. - // - // A key identifies a specific value in a Context. Functions that wish - // to store values in Context typically allocate a key in a global - // variable then use that key as the argument to context.WithValue and - // Context.Value. A key can be any type that supports equality; - // packages should define keys as an unexported type to avoid - // collisions. - // - // Packages that define a Context key should provide type-safe accessors - // for the values stores using that key: - // - // // Package user defines a User type that's stored in Contexts. - // package user - // - // import "golang.org/x/net/context" - // - // // User is the type of value stored in the Contexts. - // type User struct {...} - // - // // key is an unexported type for keys defined in this package. - // // This prevents collisions with keys defined in other packages. - // type key int - // - // // userKey is the key for user.User values in Contexts. It is - // // unexported; clients use user.NewContext and user.FromContext - // // instead of using this key directly. - // var userKey key = 0 - // - // // NewContext returns a new Context that carries value u. - // func NewContext(ctx context.Context, u *User) context.Context { - // return context.WithValue(ctx, userKey, u) - // } - // - // // FromContext returns the User value stored in ctx, if any. - // func FromContext(ctx context.Context) (*User, bool) { - // u, ok := ctx.Value(userKey).(*User) - // return u, ok - // } - Value(key interface{}) interface{} -} - -// Canceled is the error returned by Context.Err when the context is canceled. -var Canceled = errors.New("context canceled") - -// DeadlineExceeded is the error returned by Context.Err when the context's -// deadline passes. -var DeadlineExceeded = errors.New("context deadline exceeded") - -// An emptyCtx is never canceled, has no values, and has no deadline. It is not -// struct{}, since vars of this type must have distinct addresses. -type emptyCtx int - -func (*emptyCtx) Deadline() (deadline time.Time, ok bool) { - return -} - -func (*emptyCtx) Done() <-chan struct{} { - return nil -} - -func (*emptyCtx) Err() error { - return nil -} - -func (*emptyCtx) Value(key interface{}) interface{} { - return nil -} - -func (e *emptyCtx) String() string { - switch e { - case background: - return "context.Background" - case todo: - return "context.TODO" - } - return "unknown empty Context" -} - -var ( - background = new(emptyCtx) - todo = new(emptyCtx) -) - -// Background returns a non-nil, empty Context. It is never canceled, has no -// values, and has no deadline. It is typically used by the main function, -// initialization, and tests, and as the top-level Context for incoming -// requests. -func Background() Context { - return background -} - -// TODO returns a non-nil, empty Context. Code should use context.TODO when -// it's unclear which Context to use or it is not yet available (because the -// surrounding function has not yet been extended to accept a Context -// parameter). TODO is recognized by static analysis tools that determine -// whether Contexts are propagated correctly in a program. -func TODO() Context { - return todo -} - -// A CancelFunc tells an operation to abandon its work. -// A CancelFunc does not wait for the work to stop. -// After the first call, subsequent calls to a CancelFunc do nothing. -type CancelFunc func() - -// WithCancel returns a copy of parent with a new Done channel. The returned -// context's Done channel is closed when the returned cancel function is called -// or when the parent context's Done channel is closed, whichever happens first. -// -// Canceling this context releases resources associated with it, so code should -// call cancel as soon as the operations running in this Context complete. -func WithCancel(parent Context) (ctx Context, cancel CancelFunc) { - c := newCancelCtx(parent) - propagateCancel(parent, c) - return c, func() { c.cancel(true, Canceled) } -} - -// newCancelCtx returns an initialized cancelCtx. -func newCancelCtx(parent Context) *cancelCtx { - return &cancelCtx{ - Context: parent, - done: make(chan struct{}), - } -} - -// propagateCancel arranges for child to be canceled when parent is. -func propagateCancel(parent Context, child canceler) { - if parent.Done() == nil { - return // parent is never canceled - } - if p, ok := parentCancelCtx(parent); ok { - p.mu.Lock() - if p.err != nil { - // parent has already been canceled - child.cancel(false, p.err) - } else { - if p.children == nil { - p.children = make(map[canceler]bool) - } - p.children[child] = true - } - p.mu.Unlock() - } else { - go func() { - select { - case <-parent.Done(): - child.cancel(false, parent.Err()) - case <-child.Done(): - } - }() - } -} - -// parentCancelCtx follows a chain of parent references until it finds a -// *cancelCtx. This function understands how each of the concrete types in this -// package represents its parent. -func parentCancelCtx(parent Context) (*cancelCtx, bool) { - for { - switch c := parent.(type) { - case *cancelCtx: - return c, true - case *timerCtx: - return c.cancelCtx, true - case *valueCtx: - parent = c.Context - default: - return nil, false - } - } -} - -// removeChild removes a context from its parent. -func removeChild(parent Context, child canceler) { - p, ok := parentCancelCtx(parent) - if !ok { - return - } - p.mu.Lock() - if p.children != nil { - delete(p.children, child) - } - p.mu.Unlock() -} - -// A canceler is a context type that can be canceled directly. The -// implementations are *cancelCtx and *timerCtx. -type canceler interface { - cancel(removeFromParent bool, err error) - Done() <-chan struct{} -} - -// A cancelCtx can be canceled. When canceled, it also cancels any children -// that implement canceler. -type cancelCtx struct { - Context - - done chan struct{} // closed by the first cancel call. - - mu sync.Mutex - children map[canceler]bool // set to nil by the first cancel call - err error // set to non-nil by the first cancel call -} - -func (c *cancelCtx) Done() <-chan struct{} { - return c.done -} - -func (c *cancelCtx) Err() error { - c.mu.Lock() - defer c.mu.Unlock() - return c.err -} - -func (c *cancelCtx) String() string { - return fmt.Sprintf("%v.WithCancel", c.Context) -} - -// cancel closes c.done, cancels each of c's children, and, if -// removeFromParent is true, removes c from its parent's children. -func (c *cancelCtx) cancel(removeFromParent bool, err error) { - if err == nil { - panic("context: internal error: missing cancel error") - } - c.mu.Lock() - if c.err != nil { - c.mu.Unlock() - return // already canceled - } - c.err = err - close(c.done) - for child := range c.children { - // NOTE: acquiring the child's lock while holding parent's lock. - child.cancel(false, err) - } - c.children = nil - c.mu.Unlock() - - if removeFromParent { - removeChild(c.Context, c) - } -} - -// WithDeadline returns a copy of the parent context with the deadline adjusted -// to be no later than d. If the parent's deadline is already earlier than d, -// WithDeadline(parent, d) is semantically equivalent to parent. The returned -// context's Done channel is closed when the deadline expires, when the returned -// cancel function is called, or when the parent context's Done channel is -// closed, whichever happens first. -// -// Canceling this context releases resources associated with it, so code should -// call cancel as soon as the operations running in this Context complete. -func WithDeadline(parent Context, deadline time.Time) (Context, CancelFunc) { - if cur, ok := parent.Deadline(); ok && cur.Before(deadline) { - // The current deadline is already sooner than the new one. - return WithCancel(parent) - } - c := &timerCtx{ - cancelCtx: newCancelCtx(parent), - deadline: deadline, - } - propagateCancel(parent, c) - d := deadline.Sub(time.Now()) - if d <= 0 { - c.cancel(true, DeadlineExceeded) // deadline has already passed - return c, func() { c.cancel(true, Canceled) } - } - c.mu.Lock() - defer c.mu.Unlock() - if c.err == nil { - c.timer = time.AfterFunc(d, func() { - c.cancel(true, DeadlineExceeded) - }) - } - return c, func() { c.cancel(true, Canceled) } -} - -// A timerCtx carries a timer and a deadline. It embeds a cancelCtx to -// implement Done and Err. It implements cancel by stopping its timer then -// delegating to cancelCtx.cancel. -type timerCtx struct { - *cancelCtx - timer *time.Timer // Under cancelCtx.mu. - - deadline time.Time -} - -func (c *timerCtx) Deadline() (deadline time.Time, ok bool) { - return c.deadline, true -} - -func (c *timerCtx) String() string { - return fmt.Sprintf("%v.WithDeadline(%s [%s])", c.cancelCtx.Context, c.deadline, c.deadline.Sub(time.Now())) -} - -func (c *timerCtx) cancel(removeFromParent bool, err error) { - c.cancelCtx.cancel(false, err) - if removeFromParent { - // Remove this timerCtx from its parent cancelCtx's children. - removeChild(c.cancelCtx.Context, c) - } - c.mu.Lock() - if c.timer != nil { - c.timer.Stop() - c.timer = nil - } - c.mu.Unlock() -} - -// WithTimeout returns WithDeadline(parent, time.Now().Add(timeout)). -// -// Canceling this context releases resources associated with it, so code should -// call cancel as soon as the operations running in this Context complete: -// -// func slowOperationWithTimeout(ctx context.Context) (Result, error) { -// ctx, cancel := context.WithTimeout(ctx, 100*time.Millisecond) -// defer cancel() // releases resources if slowOperation completes before timeout elapses -// return slowOperation(ctx) -// } -func WithTimeout(parent Context, timeout time.Duration) (Context, CancelFunc) { - return WithDeadline(parent, time.Now().Add(timeout)) -} - -// WithValue returns a copy of parent in which the value associated with key is -// val. -// -// Use context Values only for request-scoped data that transits processes and -// APIs, not for passing optional parameters to functions. -func WithValue(parent Context, key interface{}, val interface{}) Context { - return &valueCtx{parent, key, val} -} - -// A valueCtx carries a key-value pair. It implements Value for that key and -// delegates all other calls to the embedded Context. -type valueCtx struct { - Context - key, val interface{} -} - -func (c *valueCtx) String() string { - return fmt.Sprintf("%v.WithValue(%#v, %#v)", c.Context, c.key, c.val) -} - -func (c *valueCtx) Value(key interface{}) interface{} { - if c.key == key { - return c.val - } - return c.Context.Value(key) -} diff --git a/vendor/golang.org/x/net/context/context_test.go b/vendor/golang.org/x/net/context/context_test.go deleted file mode 100644 index 05345fc5..00000000 --- a/vendor/golang.org/x/net/context/context_test.go +++ /dev/null @@ -1,575 +0,0 @@ -// Copyright 2014 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package context - -import ( - "fmt" - "math/rand" - "runtime" - "strings" - "sync" - "testing" - "time" -) - -// otherContext is a Context that's not one of the types defined in context.go. -// This lets us test code paths that differ based on the underlying type of the -// Context. -type otherContext struct { - Context -} - -func TestBackground(t *testing.T) { - c := Background() - if c == nil { - t.Fatalf("Background returned nil") - } - select { - case x := <-c.Done(): - t.Errorf("<-c.Done() == %v want nothing (it should block)", x) - default: - } - if got, want := fmt.Sprint(c), "context.Background"; got != want { - t.Errorf("Background().String() = %q want %q", got, want) - } -} - -func TestTODO(t *testing.T) { - c := TODO() - if c == nil { - t.Fatalf("TODO returned nil") - } - select { - case x := <-c.Done(): - t.Errorf("<-c.Done() == %v want nothing (it should block)", x) - default: - } - if got, want := fmt.Sprint(c), "context.TODO"; got != want { - t.Errorf("TODO().String() = %q want %q", got, want) - } -} - -func TestWithCancel(t *testing.T) { - c1, cancel := WithCancel(Background()) - - if got, want := fmt.Sprint(c1), "context.Background.WithCancel"; got != want { - t.Errorf("c1.String() = %q want %q", got, want) - } - - o := otherContext{c1} - c2, _ := WithCancel(o) - contexts := []Context{c1, o, c2} - - for i, c := range contexts { - if d := c.Done(); d == nil { - t.Errorf("c[%d].Done() == %v want non-nil", i, d) - } - if e := c.Err(); e != nil { - t.Errorf("c[%d].Err() == %v want nil", i, e) - } - - select { - case x := <-c.Done(): - t.Errorf("<-c.Done() == %v want nothing (it should block)", x) - default: - } - } - - cancel() - time.Sleep(100 * time.Millisecond) // let cancelation propagate - - for i, c := range contexts { - select { - case <-c.Done(): - default: - t.Errorf("<-c[%d].Done() blocked, but shouldn't have", i) - } - if e := c.Err(); e != Canceled { - t.Errorf("c[%d].Err() == %v want %v", i, e, Canceled) - } - } -} - -func TestParentFinishesChild(t *testing.T) { - // Context tree: - // parent -> cancelChild - // parent -> valueChild -> timerChild - parent, cancel := WithCancel(Background()) - cancelChild, stop := WithCancel(parent) - defer stop() - valueChild := WithValue(parent, "key", "value") - timerChild, stop := WithTimeout(valueChild, 10000*time.Hour) - defer stop() - - select { - case x := <-parent.Done(): - t.Errorf("<-parent.Done() == %v want nothing (it should block)", x) - case x := <-cancelChild.Done(): - t.Errorf("<-cancelChild.Done() == %v want nothing (it should block)", x) - case x := <-timerChild.Done(): - t.Errorf("<-timerChild.Done() == %v want nothing (it should block)", x) - case x := <-valueChild.Done(): - t.Errorf("<-valueChild.Done() == %v want nothing (it should block)", x) - default: - } - - // The parent's children should contain the two cancelable children. - pc := parent.(*cancelCtx) - cc := cancelChild.(*cancelCtx) - tc := timerChild.(*timerCtx) - pc.mu.Lock() - if len(pc.children) != 2 || !pc.children[cc] || !pc.children[tc] { - t.Errorf("bad linkage: pc.children = %v, want %v and %v", - pc.children, cc, tc) - } - pc.mu.Unlock() - - if p, ok := parentCancelCtx(cc.Context); !ok || p != pc { - t.Errorf("bad linkage: parentCancelCtx(cancelChild.Context) = %v, %v want %v, true", p, ok, pc) - } - if p, ok := parentCancelCtx(tc.Context); !ok || p != pc { - t.Errorf("bad linkage: parentCancelCtx(timerChild.Context) = %v, %v want %v, true", p, ok, pc) - } - - cancel() - - pc.mu.Lock() - if len(pc.children) != 0 { - t.Errorf("pc.cancel didn't clear pc.children = %v", pc.children) - } - pc.mu.Unlock() - - // parent and children should all be finished. - check := func(ctx Context, name string) { - select { - case <-ctx.Done(): - default: - t.Errorf("<-%s.Done() blocked, but shouldn't have", name) - } - if e := ctx.Err(); e != Canceled { - t.Errorf("%s.Err() == %v want %v", name, e, Canceled) - } - } - check(parent, "parent") - check(cancelChild, "cancelChild") - check(valueChild, "valueChild") - check(timerChild, "timerChild") - - // WithCancel should return a canceled context on a canceled parent. - precanceledChild := WithValue(parent, "key", "value") - select { - case <-precanceledChild.Done(): - default: - t.Errorf("<-precanceledChild.Done() blocked, but shouldn't have") - } - if e := precanceledChild.Err(); e != Canceled { - t.Errorf("precanceledChild.Err() == %v want %v", e, Canceled) - } -} - -func TestChildFinishesFirst(t *testing.T) { - cancelable, stop := WithCancel(Background()) - defer stop() - for _, parent := range []Context{Background(), cancelable} { - child, cancel := WithCancel(parent) - - select { - case x := <-parent.Done(): - t.Errorf("<-parent.Done() == %v want nothing (it should block)", x) - case x := <-child.Done(): - t.Errorf("<-child.Done() == %v want nothing (it should block)", x) - default: - } - - cc := child.(*cancelCtx) - pc, pcok := parent.(*cancelCtx) // pcok == false when parent == Background() - if p, ok := parentCancelCtx(cc.Context); ok != pcok || (ok && pc != p) { - t.Errorf("bad linkage: parentCancelCtx(cc.Context) = %v, %v want %v, %v", p, ok, pc, pcok) - } - - if pcok { - pc.mu.Lock() - if len(pc.children) != 1 || !pc.children[cc] { - t.Errorf("bad linkage: pc.children = %v, cc = %v", pc.children, cc) - } - pc.mu.Unlock() - } - - cancel() - - if pcok { - pc.mu.Lock() - if len(pc.children) != 0 { - t.Errorf("child's cancel didn't remove self from pc.children = %v", pc.children) - } - pc.mu.Unlock() - } - - // child should be finished. - select { - case <-child.Done(): - default: - t.Errorf("<-child.Done() blocked, but shouldn't have") - } - if e := child.Err(); e != Canceled { - t.Errorf("child.Err() == %v want %v", e, Canceled) - } - - // parent should not be finished. - select { - case x := <-parent.Done(): - t.Errorf("<-parent.Done() == %v want nothing (it should block)", x) - default: - } - if e := parent.Err(); e != nil { - t.Errorf("parent.Err() == %v want nil", e) - } - } -} - -func testDeadline(c Context, wait time.Duration, t *testing.T) { - select { - case <-time.After(wait): - t.Fatalf("context should have timed out") - case <-c.Done(): - } - if e := c.Err(); e != DeadlineExceeded { - t.Errorf("c.Err() == %v want %v", e, DeadlineExceeded) - } -} - -func TestDeadline(t *testing.T) { - c, _ := WithDeadline(Background(), time.Now().Add(100*time.Millisecond)) - if got, prefix := fmt.Sprint(c), "context.Background.WithDeadline("; !strings.HasPrefix(got, prefix) { - t.Errorf("c.String() = %q want prefix %q", got, prefix) - } - testDeadline(c, 200*time.Millisecond, t) - - c, _ = WithDeadline(Background(), time.Now().Add(100*time.Millisecond)) - o := otherContext{c} - testDeadline(o, 200*time.Millisecond, t) - - c, _ = WithDeadline(Background(), time.Now().Add(100*time.Millisecond)) - o = otherContext{c} - c, _ = WithDeadline(o, time.Now().Add(300*time.Millisecond)) - testDeadline(c, 200*time.Millisecond, t) -} - -func TestTimeout(t *testing.T) { - c, _ := WithTimeout(Background(), 100*time.Millisecond) - if got, prefix := fmt.Sprint(c), "context.Background.WithDeadline("; !strings.HasPrefix(got, prefix) { - t.Errorf("c.String() = %q want prefix %q", got, prefix) - } - testDeadline(c, 200*time.Millisecond, t) - - c, _ = WithTimeout(Background(), 100*time.Millisecond) - o := otherContext{c} - testDeadline(o, 200*time.Millisecond, t) - - c, _ = WithTimeout(Background(), 100*time.Millisecond) - o = otherContext{c} - c, _ = WithTimeout(o, 300*time.Millisecond) - testDeadline(c, 200*time.Millisecond, t) -} - -func TestCanceledTimeout(t *testing.T) { - c, _ := WithTimeout(Background(), 200*time.Millisecond) - o := otherContext{c} - c, cancel := WithTimeout(o, 400*time.Millisecond) - cancel() - time.Sleep(100 * time.Millisecond) // let cancelation propagate - select { - case <-c.Done(): - default: - t.Errorf("<-c.Done() blocked, but shouldn't have") - } - if e := c.Err(); e != Canceled { - t.Errorf("c.Err() == %v want %v", e, Canceled) - } -} - -type key1 int -type key2 int - -var k1 = key1(1) -var k2 = key2(1) // same int as k1, different type -var k3 = key2(3) // same type as k2, different int - -func TestValues(t *testing.T) { - check := func(c Context, nm, v1, v2, v3 string) { - if v, ok := c.Value(k1).(string); ok == (len(v1) == 0) || v != v1 { - t.Errorf(`%s.Value(k1).(string) = %q, %t want %q, %t`, nm, v, ok, v1, len(v1) != 0) - } - if v, ok := c.Value(k2).(string); ok == (len(v2) == 0) || v != v2 { - t.Errorf(`%s.Value(k2).(string) = %q, %t want %q, %t`, nm, v, ok, v2, len(v2) != 0) - } - if v, ok := c.Value(k3).(string); ok == (len(v3) == 0) || v != v3 { - t.Errorf(`%s.Value(k3).(string) = %q, %t want %q, %t`, nm, v, ok, v3, len(v3) != 0) - } - } - - c0 := Background() - check(c0, "c0", "", "", "") - - c1 := WithValue(Background(), k1, "c1k1") - check(c1, "c1", "c1k1", "", "") - - if got, want := fmt.Sprint(c1), `context.Background.WithValue(1, "c1k1")`; got != want { - t.Errorf("c.String() = %q want %q", got, want) - } - - c2 := WithValue(c1, k2, "c2k2") - check(c2, "c2", "c1k1", "c2k2", "") - - c3 := WithValue(c2, k3, "c3k3") - check(c3, "c2", "c1k1", "c2k2", "c3k3") - - c4 := WithValue(c3, k1, nil) - check(c4, "c4", "", "c2k2", "c3k3") - - o0 := otherContext{Background()} - check(o0, "o0", "", "", "") - - o1 := otherContext{WithValue(Background(), k1, "c1k1")} - check(o1, "o1", "c1k1", "", "") - - o2 := WithValue(o1, k2, "o2k2") - check(o2, "o2", "c1k1", "o2k2", "") - - o3 := otherContext{c4} - check(o3, "o3", "", "c2k2", "c3k3") - - o4 := WithValue(o3, k3, nil) - check(o4, "o4", "", "c2k2", "") -} - -func TestAllocs(t *testing.T) { - bg := Background() - for _, test := range []struct { - desc string - f func() - limit float64 - gccgoLimit float64 - }{ - { - desc: "Background()", - f: func() { Background() }, - limit: 0, - gccgoLimit: 0, - }, - { - desc: fmt.Sprintf("WithValue(bg, %v, nil)", k1), - f: func() { - c := WithValue(bg, k1, nil) - c.Value(k1) - }, - limit: 3, - gccgoLimit: 3, - }, - { - desc: "WithTimeout(bg, 15*time.Millisecond)", - f: func() { - c, _ := WithTimeout(bg, 15*time.Millisecond) - <-c.Done() - }, - limit: 8, - gccgoLimit: 15, - }, - { - desc: "WithCancel(bg)", - f: func() { - c, cancel := WithCancel(bg) - cancel() - <-c.Done() - }, - limit: 5, - gccgoLimit: 8, - }, - { - desc: "WithTimeout(bg, 100*time.Millisecond)", - f: func() { - c, cancel := WithTimeout(bg, 100*time.Millisecond) - cancel() - <-c.Done() - }, - limit: 8, - gccgoLimit: 25, - }, - } { - limit := test.limit - if runtime.Compiler == "gccgo" { - // gccgo does not yet do escape analysis. - // TOOD(iant): Remove this when gccgo does do escape analysis. - limit = test.gccgoLimit - } - if n := testing.AllocsPerRun(100, test.f); n > limit { - t.Errorf("%s allocs = %f want %d", test.desc, n, int(limit)) - } - } -} - -func TestSimultaneousCancels(t *testing.T) { - root, cancel := WithCancel(Background()) - m := map[Context]CancelFunc{root: cancel} - q := []Context{root} - // Create a tree of contexts. - for len(q) != 0 && len(m) < 100 { - parent := q[0] - q = q[1:] - for i := 0; i < 4; i++ { - ctx, cancel := WithCancel(parent) - m[ctx] = cancel - q = append(q, ctx) - } - } - // Start all the cancels in a random order. - var wg sync.WaitGroup - wg.Add(len(m)) - for _, cancel := range m { - go func(cancel CancelFunc) { - cancel() - wg.Done() - }(cancel) - } - // Wait on all the contexts in a random order. - for ctx := range m { - select { - case <-ctx.Done(): - case <-time.After(1 * time.Second): - buf := make([]byte, 10<<10) - n := runtime.Stack(buf, true) - t.Fatalf("timed out waiting for <-ctx.Done(); stacks:\n%s", buf[:n]) - } - } - // Wait for all the cancel functions to return. - done := make(chan struct{}) - go func() { - wg.Wait() - close(done) - }() - select { - case <-done: - case <-time.After(1 * time.Second): - buf := make([]byte, 10<<10) - n := runtime.Stack(buf, true) - t.Fatalf("timed out waiting for cancel functions; stacks:\n%s", buf[:n]) - } -} - -func TestInterlockedCancels(t *testing.T) { - parent, cancelParent := WithCancel(Background()) - child, cancelChild := WithCancel(parent) - go func() { - parent.Done() - cancelChild() - }() - cancelParent() - select { - case <-child.Done(): - case <-time.After(1 * time.Second): - buf := make([]byte, 10<<10) - n := runtime.Stack(buf, true) - t.Fatalf("timed out waiting for child.Done(); stacks:\n%s", buf[:n]) - } -} - -func TestLayersCancel(t *testing.T) { - testLayers(t, time.Now().UnixNano(), false) -} - -func TestLayersTimeout(t *testing.T) { - testLayers(t, time.Now().UnixNano(), true) -} - -func testLayers(t *testing.T, seed int64, testTimeout bool) { - rand.Seed(seed) - errorf := func(format string, a ...interface{}) { - t.Errorf(fmt.Sprintf("seed=%d: %s", seed, format), a...) - } - const ( - timeout = 200 * time.Millisecond - minLayers = 30 - ) - type value int - var ( - vals []*value - cancels []CancelFunc - numTimers int - ctx = Background() - ) - for i := 0; i < minLayers || numTimers == 0 || len(cancels) == 0 || len(vals) == 0; i++ { - switch rand.Intn(3) { - case 0: - v := new(value) - ctx = WithValue(ctx, v, v) - vals = append(vals, v) - case 1: - var cancel CancelFunc - ctx, cancel = WithCancel(ctx) - cancels = append(cancels, cancel) - case 2: - var cancel CancelFunc - ctx, cancel = WithTimeout(ctx, timeout) - cancels = append(cancels, cancel) - numTimers++ - } - } - checkValues := func(when string) { - for _, key := range vals { - if val := ctx.Value(key).(*value); key != val { - errorf("%s: ctx.Value(%p) = %p want %p", when, key, val, key) - } - } - } - select { - case <-ctx.Done(): - errorf("ctx should not be canceled yet") - default: - } - if s, prefix := fmt.Sprint(ctx), "context.Background."; !strings.HasPrefix(s, prefix) { - t.Errorf("ctx.String() = %q want prefix %q", s, prefix) - } - t.Log(ctx) - checkValues("before cancel") - if testTimeout { - select { - case <-ctx.Done(): - case <-time.After(timeout + 100*time.Millisecond): - errorf("ctx should have timed out") - } - checkValues("after timeout") - } else { - cancel := cancels[rand.Intn(len(cancels))] - cancel() - select { - case <-ctx.Done(): - default: - errorf("ctx should be canceled") - } - checkValues("after cancel") - } -} - -func TestCancelRemoves(t *testing.T) { - checkChildren := func(when string, ctx Context, want int) { - if got := len(ctx.(*cancelCtx).children); got != want { - t.Errorf("%s: context has %d children, want %d", when, got, want) - } - } - - ctx, _ := WithCancel(Background()) - checkChildren("after creation", ctx, 0) - _, cancel := WithCancel(ctx) - checkChildren("with WithCancel child ", ctx, 1) - cancel() - checkChildren("after cancelling WithCancel child", ctx, 0) - - ctx, _ = WithCancel(Background()) - checkChildren("after creation", ctx, 0) - _, cancel = WithTimeout(ctx, 60*time.Minute) - checkChildren("with WithTimeout child ", ctx, 1) - cancel() - checkChildren("after cancelling WithTimeout child", ctx, 0) -} diff --git a/vendor/golang.org/x/net/context/ctxhttp/cancelreq.go b/vendor/golang.org/x/net/context/ctxhttp/cancelreq.go deleted file mode 100644 index e3170e33..00000000 --- a/vendor/golang.org/x/net/context/ctxhttp/cancelreq.go +++ /dev/null @@ -1,19 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build go1.5 - -package ctxhttp - -import "net/http" - -func canceler(client *http.Client, req *http.Request) func() { - // TODO(djd): Respect any existing value of req.Cancel. - ch := make(chan struct{}) - req.Cancel = ch - - return func() { - close(ch) - } -} diff --git a/vendor/golang.org/x/net/context/ctxhttp/cancelreq_go14.go b/vendor/golang.org/x/net/context/ctxhttp/cancelreq_go14.go deleted file mode 100644 index 56bcbadb..00000000 --- a/vendor/golang.org/x/net/context/ctxhttp/cancelreq_go14.go +++ /dev/null @@ -1,23 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !go1.5 - -package ctxhttp - -import "net/http" - -type requestCanceler interface { - CancelRequest(*http.Request) -} - -func canceler(client *http.Client, req *http.Request) func() { - rc, ok := client.Transport.(requestCanceler) - if !ok { - return func() {} - } - return func() { - rc.CancelRequest(req) - } -} diff --git a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go b/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go deleted file mode 100644 index a7ed8d81..00000000 --- a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go +++ /dev/null @@ -1,145 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package ctxhttp provides helper functions for performing context-aware HTTP requests. -package ctxhttp // import "golang.org/x/net/context/ctxhttp" - -import ( - "io" - "net/http" - "net/url" - "strings" - - "golang.org/x/net/context" -) - -func nop() {} - -var ( - testHookContextDoneBeforeHeaders = nop - testHookDoReturned = nop - testHookDidBodyClose = nop -) - -// Do sends an HTTP request with the provided http.Client and returns an HTTP response. -// If the client is nil, http.DefaultClient is used. -// If the context is canceled or times out, ctx.Err() will be returned. -func Do(ctx context.Context, client *http.Client, req *http.Request) (*http.Response, error) { - if client == nil { - client = http.DefaultClient - } - - // Request cancelation changed in Go 1.5, see cancelreq.go and cancelreq_go14.go. - cancel := canceler(client, req) - - type responseAndError struct { - resp *http.Response - err error - } - result := make(chan responseAndError, 1) - - // Make local copies of test hooks closed over by goroutines below. - // Prevents data races in tests. - testHookDoReturned := testHookDoReturned - testHookDidBodyClose := testHookDidBodyClose - - go func() { - resp, err := client.Do(req) - testHookDoReturned() - result <- responseAndError{resp, err} - }() - - var resp *http.Response - - select { - case <-ctx.Done(): - testHookContextDoneBeforeHeaders() - cancel() - // Clean up after the goroutine calling client.Do: - go func() { - if r := <-result; r.resp != nil { - testHookDidBodyClose() - r.resp.Body.Close() - } - }() - return nil, ctx.Err() - case r := <-result: - var err error - resp, err = r.resp, r.err - if err != nil { - return resp, err - } - } - - c := make(chan struct{}) - go func() { - select { - case <-ctx.Done(): - cancel() - case <-c: - // The response's Body is closed. - } - }() - resp.Body = ¬ifyingReader{resp.Body, c} - - return resp, nil -} - -// Get issues a GET request via the Do function. -func Get(ctx context.Context, client *http.Client, url string) (*http.Response, error) { - req, err := http.NewRequest("GET", url, nil) - if err != nil { - return nil, err - } - return Do(ctx, client, req) -} - -// Head issues a HEAD request via the Do function. -func Head(ctx context.Context, client *http.Client, url string) (*http.Response, error) { - req, err := http.NewRequest("HEAD", url, nil) - if err != nil { - return nil, err - } - return Do(ctx, client, req) -} - -// Post issues a POST request via the Do function. -func Post(ctx context.Context, client *http.Client, url string, bodyType string, body io.Reader) (*http.Response, error) { - req, err := http.NewRequest("POST", url, body) - if err != nil { - return nil, err - } - req.Header.Set("Content-Type", bodyType) - return Do(ctx, client, req) -} - -// PostForm issues a POST request via the Do function. -func PostForm(ctx context.Context, client *http.Client, url string, data url.Values) (*http.Response, error) { - return Post(ctx, client, url, "application/x-www-form-urlencoded", strings.NewReader(data.Encode())) -} - -// notifyingReader is an io.ReadCloser that closes the notify channel after -// Close is called or a Read fails on the underlying ReadCloser. -type notifyingReader struct { - io.ReadCloser - notify chan<- struct{} -} - -func (r *notifyingReader) Read(p []byte) (int, error) { - n, err := r.ReadCloser.Read(p) - if err != nil && r.notify != nil { - close(r.notify) - r.notify = nil - } - return n, err -} - -func (r *notifyingReader) Close() error { - err := r.ReadCloser.Close() - if r.notify != nil { - close(r.notify) - r.notify = nil - } - return err -} diff --git a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp_test.go b/vendor/golang.org/x/net/context/ctxhttp/ctxhttp_test.go deleted file mode 100644 index 77c25ba7..00000000 --- a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp_test.go +++ /dev/null @@ -1,176 +0,0 @@ -// Copyright 2015 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build !plan9 - -package ctxhttp - -import ( - "io/ioutil" - "net" - "net/http" - "net/http/httptest" - "sync" - "testing" - "time" - - "golang.org/x/net/context" -) - -const ( - requestDuration = 100 * time.Millisecond - requestBody = "ok" -) - -func TestNoTimeout(t *testing.T) { - ctx := context.Background() - resp, err := doRequest(ctx) - - if resp == nil || err != nil { - t.Fatalf("error received from client: %v %v", err, resp) - } -} - -func TestCancel(t *testing.T) { - ctx, cancel := context.WithCancel(context.Background()) - go func() { - time.Sleep(requestDuration / 2) - cancel() - }() - - resp, err := doRequest(ctx) - - if resp != nil || err == nil { - t.Fatalf("expected error, didn't get one. resp: %v", resp) - } - if err != ctx.Err() { - t.Fatalf("expected error from context but got: %v", err) - } -} - -func TestCancelAfterRequest(t *testing.T) { - ctx, cancel := context.WithCancel(context.Background()) - - resp, err := doRequest(ctx) - - // Cancel before reading the body. - // Request.Body should still be readable after the context is canceled. - cancel() - - b, err := ioutil.ReadAll(resp.Body) - if err != nil || string(b) != requestBody { - t.Fatalf("could not read body: %q %v", b, err) - } -} - -func TestCancelAfterHangingRequest(t *testing.T) { - handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - w.WriteHeader(http.StatusOK) - w.(http.Flusher).Flush() - <-w.(http.CloseNotifier).CloseNotify() - }) - - serv := httptest.NewServer(handler) - defer serv.Close() - - ctx, cancel := context.WithCancel(context.Background()) - resp, err := Get(ctx, nil, serv.URL) - if err != nil { - t.Fatalf("unexpected error in Get: %v", err) - } - - // Cancel befer reading the body. - // Reading Request.Body should fail, since the request was - // canceled before anything was written. - cancel() - - done := make(chan struct{}) - - go func() { - b, err := ioutil.ReadAll(resp.Body) - if len(b) != 0 || err == nil { - t.Errorf(`Read got (%q, %v); want ("", error)`, b, err) - } - close(done) - }() - - select { - case <-time.After(1 * time.Second): - t.Errorf("Test timed out") - case <-done: - } -} - -func doRequest(ctx context.Context) (*http.Response, error) { - var okHandler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - time.Sleep(requestDuration) - w.Write([]byte(requestBody)) - }) - - serv := httptest.NewServer(okHandler) - defer serv.Close() - - return Get(ctx, nil, serv.URL) -} - -// golang.org/issue/14065 -func TestClosesResponseBodyOnCancel(t *testing.T) { - defer func() { testHookContextDoneBeforeHeaders = nop }() - defer func() { testHookDoReturned = nop }() - defer func() { testHookDidBodyClose = nop }() - - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {})) - defer ts.Close() - - ctx, cancel := context.WithCancel(context.Background()) - - // closed when Do enters select case <-ctx.Done() - enteredDonePath := make(chan struct{}) - - testHookContextDoneBeforeHeaders = func() { - close(enteredDonePath) - } - - testHookDoReturned = func() { - // We now have the result (the Flush'd headers) at least, - // so we can cancel the request. - cancel() - - // But block the client.Do goroutine from sending - // until Do enters into the <-ctx.Done() path, since - // otherwise if both channels are readable, select - // picks a random one. - <-enteredDonePath - } - - sawBodyClose := make(chan struct{}) - testHookDidBodyClose = func() { close(sawBodyClose) } - - tr := &http.Transport{} - defer tr.CloseIdleConnections() - c := &http.Client{Transport: tr} - req, _ := http.NewRequest("GET", ts.URL, nil) - _, doErr := Do(ctx, c, req) - - select { - case <-sawBodyClose: - case <-time.After(5 * time.Second): - t.Fatal("timeout waiting for body to close") - } - - if doErr != ctx.Err() { - t.Errorf("Do error = %v; want %v", doErr, ctx.Err()) - } -} - -type noteCloseConn struct { - net.Conn - onceClose sync.Once - closefn func() -} - -func (c *noteCloseConn) Close() error { - c.onceClose.Do(c.closefn) - return c.Conn.Close() -} diff --git a/vendor/golang.org/x/net/context/withtimeout_test.go b/vendor/golang.org/x/net/context/withtimeout_test.go deleted file mode 100644 index a6754dc3..00000000 --- a/vendor/golang.org/x/net/context/withtimeout_test.go +++ /dev/null @@ -1,26 +0,0 @@ -// Copyright 2014 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package context_test - -import ( - "fmt" - "time" - - "golang.org/x/net/context" -) - -func ExampleWithTimeout() { - // Pass a context with a timeout to tell a blocking function that it - // should abandon its work after the timeout elapses. - ctx, _ := context.WithTimeout(context.Background(), 100*time.Millisecond) - select { - case <-time.After(200 * time.Millisecond): - fmt.Println("overslept") - case <-ctx.Done(): - fmt.Println(ctx.Err()) // prints "context deadline exceeded" - } - // Output: - // context deadline exceeded -} diff --git a/vendor/golang.org/x/net/dict/dict.go b/vendor/golang.org/x/net/dict/dict.go deleted file mode 100644 index 58fef89e..00000000 --- a/vendor/golang.org/x/net/dict/dict.go +++ /dev/null @@ -1,210 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package dict implements the Dictionary Server Protocol -// as defined in RFC 2229. -package dict // import "golang.org/x/net/dict" - -import ( - "net/textproto" - "strconv" - "strings" -) - -// A Client represents a client connection to a dictionary server. -type Client struct { - text *textproto.Conn -} - -// Dial returns a new client connected to a dictionary server at -// addr on the given network. -func Dial(network, addr string) (*Client, error) { - text, err := textproto.Dial(network, addr) - if err != nil { - return nil, err - } - _, _, err = text.ReadCodeLine(220) - if err != nil { - text.Close() - return nil, err - } - return &Client{text: text}, nil -} - -// Close closes the connection to the dictionary server. -func (c *Client) Close() error { - return c.text.Close() -} - -// A Dict represents a dictionary available on the server. -type Dict struct { - Name string // short name of dictionary - Desc string // long description -} - -// Dicts returns a list of the dictionaries available on the server. -func (c *Client) Dicts() ([]Dict, error) { - id, err := c.text.Cmd("SHOW DB") - if err != nil { - return nil, err - } - - c.text.StartResponse(id) - defer c.text.EndResponse(id) - - _, _, err = c.text.ReadCodeLine(110) - if err != nil { - return nil, err - } - lines, err := c.text.ReadDotLines() - if err != nil { - return nil, err - } - _, _, err = c.text.ReadCodeLine(250) - - dicts := make([]Dict, len(lines)) - for i := range dicts { - d := &dicts[i] - a, _ := fields(lines[i]) - if len(a) < 2 { - return nil, textproto.ProtocolError("invalid dictionary: " + lines[i]) - } - d.Name = a[0] - d.Desc = a[1] - } - return dicts, err -} - -// A Defn represents a definition. -type Defn struct { - Dict Dict // Dict where definition was found - Word string // Word being defined - Text []byte // Definition text, typically multiple lines -} - -// Define requests the definition of the given word. -// The argument dict names the dictionary to use, -// the Name field of a Dict returned by Dicts. -// -// The special dictionary name "*" means to look in all the -// server's dictionaries. -// The special dictionary name "!" means to look in all the -// server's dictionaries in turn, stopping after finding the word -// in one of them. -func (c *Client) Define(dict, word string) ([]*Defn, error) { - id, err := c.text.Cmd("DEFINE %s %q", dict, word) - if err != nil { - return nil, err - } - - c.text.StartResponse(id) - defer c.text.EndResponse(id) - - _, line, err := c.text.ReadCodeLine(150) - if err != nil { - return nil, err - } - a, _ := fields(line) - if len(a) < 1 { - return nil, textproto.ProtocolError("malformed response: " + line) - } - n, err := strconv.Atoi(a[0]) - if err != nil { - return nil, textproto.ProtocolError("invalid definition count: " + a[0]) - } - def := make([]*Defn, n) - for i := 0; i < n; i++ { - _, line, err = c.text.ReadCodeLine(151) - if err != nil { - return nil, err - } - a, _ := fields(line) - if len(a) < 3 { - // skip it, to keep protocol in sync - i-- - n-- - def = def[0:n] - continue - } - d := &Defn{Word: a[0], Dict: Dict{a[1], a[2]}} - d.Text, err = c.text.ReadDotBytes() - if err != nil { - return nil, err - } - def[i] = d - } - _, _, err = c.text.ReadCodeLine(250) - return def, err -} - -// Fields returns the fields in s. -// Fields are space separated unquoted words -// or quoted with single or double quote. -func fields(s string) ([]string, error) { - var v []string - i := 0 - for { - for i < len(s) && (s[i] == ' ' || s[i] == '\t') { - i++ - } - if i >= len(s) { - break - } - if s[i] == '"' || s[i] == '\'' { - q := s[i] - // quoted string - var j int - for j = i + 1; ; j++ { - if j >= len(s) { - return nil, textproto.ProtocolError("malformed quoted string") - } - if s[j] == '\\' { - j++ - continue - } - if s[j] == q { - j++ - break - } - } - v = append(v, unquote(s[i+1:j-1])) - i = j - } else { - // atom - var j int - for j = i; j < len(s); j++ { - if s[j] == ' ' || s[j] == '\t' || s[j] == '\\' || s[j] == '"' || s[j] == '\'' { - break - } - } - v = append(v, s[i:j]) - i = j - } - if i < len(s) { - c := s[i] - if c != ' ' && c != '\t' { - return nil, textproto.ProtocolError("quotes not on word boundaries") - } - } - } - return v, nil -} - -func unquote(s string) string { - if strings.Index(s, "\\") < 0 { - return s - } - b := []byte(s) - w := 0 - for r := 0; r < len(b); r++ { - c := b[r] - if c == '\\' { - r++ - c = b[r] - } - b[w] = c - w++ - } - return string(b[0:w]) -} diff --git a/vendor/golang.org/x/net/html/atom/atom.go b/vendor/golang.org/x/net/html/atom/atom.go deleted file mode 100644 index cd0a8ac1..00000000 --- a/vendor/golang.org/x/net/html/atom/atom.go +++ /dev/null @@ -1,78 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package atom provides integer codes (also known as atoms) for a fixed set of -// frequently occurring HTML strings: tag names and attribute keys such as "p" -// and "id". -// -// Sharing an atom's name between all elements with the same tag can result in -// fewer string allocations when tokenizing and parsing HTML. Integer -// comparisons are also generally faster than string comparisons. -// -// The value of an atom's particular code is not guaranteed to stay the same -// between versions of this package. Neither is any ordering guaranteed: -// whether atom.H1 < atom.H2 may also change. The codes are not guaranteed to -// be dense. The only guarantees are that e.g. looking up "div" will yield -// atom.Div, calling atom.Div.String will return "div", and atom.Div != 0. -package atom // import "golang.org/x/net/html/atom" - -// Atom is an integer code for a string. The zero value maps to "". -type Atom uint32 - -// String returns the atom's name. -func (a Atom) String() string { - start := uint32(a >> 8) - n := uint32(a & 0xff) - if start+n > uint32(len(atomText)) { - return "" - } - return atomText[start : start+n] -} - -func (a Atom) string() string { - return atomText[a>>8 : a>>8+a&0xff] -} - -// fnv computes the FNV hash with an arbitrary starting value h. -func fnv(h uint32, s []byte) uint32 { - for i := range s { - h ^= uint32(s[i]) - h *= 16777619 - } - return h -} - -func match(s string, t []byte) bool { - for i, c := range t { - if s[i] != c { - return false - } - } - return true -} - -// Lookup returns the atom whose name is s. It returns zero if there is no -// such atom. The lookup is case sensitive. -func Lookup(s []byte) Atom { - if len(s) == 0 || len(s) > maxAtomLen { - return 0 - } - h := fnv(hash0, s) - if a := table[h&uint32(len(table)-1)]; int(a&0xff) == len(s) && match(a.string(), s) { - return a - } - if a := table[(h>>16)&uint32(len(table)-1)]; int(a&0xff) == len(s) && match(a.string(), s) { - return a - } - return 0 -} - -// String returns a string whose contents are equal to s. In that sense, it is -// equivalent to string(s) but may be more efficient. -func String(s []byte) string { - if a := Lookup(s); a != 0 { - return a.String() - } - return string(s) -} diff --git a/vendor/golang.org/x/net/html/atom/atom_test.go b/vendor/golang.org/x/net/html/atom/atom_test.go deleted file mode 100644 index 6e33704d..00000000 --- a/vendor/golang.org/x/net/html/atom/atom_test.go +++ /dev/null @@ -1,109 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package atom - -import ( - "sort" - "testing" -) - -func TestKnown(t *testing.T) { - for _, s := range testAtomList { - if atom := Lookup([]byte(s)); atom.String() != s { - t.Errorf("Lookup(%q) = %#x (%q)", s, uint32(atom), atom.String()) - } - } -} - -func TestHits(t *testing.T) { - for _, a := range table { - if a == 0 { - continue - } - got := Lookup([]byte(a.String())) - if got != a { - t.Errorf("Lookup(%q) = %#x, want %#x", a.String(), uint32(got), uint32(a)) - } - } -} - -func TestMisses(t *testing.T) { - testCases := []string{ - "", - "\x00", - "\xff", - "A", - "DIV", - "Div", - "dIV", - "aa", - "a\x00", - "ab", - "abb", - "abbr0", - "abbr ", - " abbr", - " a", - "acceptcharset", - "acceptCharset", - "accept_charset", - "h0", - "h1h2", - "h7", - "onClick", - "λ", - // The following string has the same hash (0xa1d7fab7) as "onmouseover". - "\x00\x00\x00\x00\x00\x50\x18\xae\x38\xd0\xb7", - } - for _, tc := range testCases { - got := Lookup([]byte(tc)) - if got != 0 { - t.Errorf("Lookup(%q): got %d, want 0", tc, got) - } - } -} - -func TestForeignObject(t *testing.T) { - const ( - afo = Foreignobject - afO = ForeignObject - sfo = "foreignobject" - sfO = "foreignObject" - ) - if got := Lookup([]byte(sfo)); got != afo { - t.Errorf("Lookup(%q): got %#v, want %#v", sfo, got, afo) - } - if got := Lookup([]byte(sfO)); got != afO { - t.Errorf("Lookup(%q): got %#v, want %#v", sfO, got, afO) - } - if got := afo.String(); got != sfo { - t.Errorf("Atom(%#v).String(): got %q, want %q", afo, got, sfo) - } - if got := afO.String(); got != sfO { - t.Errorf("Atom(%#v).String(): got %q, want %q", afO, got, sfO) - } -} - -func BenchmarkLookup(b *testing.B) { - sortedTable := make([]string, 0, len(table)) - for _, a := range table { - if a != 0 { - sortedTable = append(sortedTable, a.String()) - } - } - sort.Strings(sortedTable) - - x := make([][]byte, 1000) - for i := range x { - x[i] = []byte(sortedTable[i%len(sortedTable)]) - } - - b.ResetTimer() - for i := 0; i < b.N; i++ { - for _, s := range x { - Lookup(s) - } - } -} diff --git a/vendor/golang.org/x/net/html/atom/gen.go b/vendor/golang.org/x/net/html/atom/gen.go deleted file mode 100644 index 6bfa8660..00000000 --- a/vendor/golang.org/x/net/html/atom/gen.go +++ /dev/null @@ -1,648 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// +build ignore - -package main - -// This program generates table.go and table_test.go. -// Invoke as -// -// go run gen.go |gofmt >table.go -// go run gen.go -test |gofmt >table_test.go - -import ( - "flag" - "fmt" - "math/rand" - "os" - "sort" - "strings" -) - -// identifier converts s to a Go exported identifier. -// It converts "div" to "Div" and "accept-charset" to "AcceptCharset". -func identifier(s string) string { - b := make([]byte, 0, len(s)) - cap := true - for _, c := range s { - if c == '-' { - cap = true - continue - } - if cap && 'a' <= c && c <= 'z' { - c -= 'a' - 'A' - } - cap = false - b = append(b, byte(c)) - } - return string(b) -} - -var test = flag.Bool("test", false, "generate table_test.go") - -func main() { - flag.Parse() - - var all []string - all = append(all, elements...) - all = append(all, attributes...) - all = append(all, eventHandlers...) - all = append(all, extra...) - sort.Strings(all) - - if *test { - fmt.Printf("// generated by go run gen.go -test; DO NOT EDIT\n\n") - fmt.Printf("package atom\n\n") - fmt.Printf("var testAtomList = []string{\n") - for _, s := range all { - fmt.Printf("\t%q,\n", s) - } - fmt.Printf("}\n") - return - } - - // uniq - lists have dups - // compute max len too - maxLen := 0 - w := 0 - for _, s := range all { - if w == 0 || all[w-1] != s { - if maxLen < len(s) { - maxLen = len(s) - } - all[w] = s - w++ - } - } - all = all[:w] - - // Find hash that minimizes table size. - var best *table - for i := 0; i < 1000000; i++ { - if best != nil && 1<<(best.k-1) < len(all) { - break - } - h := rand.Uint32() - for k := uint(0); k <= 16; k++ { - if best != nil && k >= best.k { - break - } - var t table - if t.init(h, k, all) { - best = &t - break - } - } - } - if best == nil { - fmt.Fprintf(os.Stderr, "failed to construct string table\n") - os.Exit(1) - } - - // Lay out strings, using overlaps when possible. - layout := append([]string{}, all...) - - // Remove strings that are substrings of other strings - for changed := true; changed; { - changed = false - for i, s := range layout { - if s == "" { - continue - } - for j, t := range layout { - if i != j && t != "" && strings.Contains(s, t) { - changed = true - layout[j] = "" - } - } - } - } - - // Join strings where one suffix matches another prefix. - for { - // Find best i, j, k such that layout[i][len-k:] == layout[j][:k], - // maximizing overlap length k. - besti := -1 - bestj := -1 - bestk := 0 - for i, s := range layout { - if s == "" { - continue - } - for j, t := range layout { - if i == j { - continue - } - for k := bestk + 1; k <= len(s) && k <= len(t); k++ { - if s[len(s)-k:] == t[:k] { - besti = i - bestj = j - bestk = k - } - } - } - } - if bestk > 0 { - layout[besti] += layout[bestj][bestk:] - layout[bestj] = "" - continue - } - break - } - - text := strings.Join(layout, "") - - atom := map[string]uint32{} - for _, s := range all { - off := strings.Index(text, s) - if off < 0 { - panic("lost string " + s) - } - atom[s] = uint32(off<<8 | len(s)) - } - - // Generate the Go code. - fmt.Printf("// generated by go run gen.go; DO NOT EDIT\n\n") - fmt.Printf("package atom\n\nconst (\n") - for _, s := range all { - fmt.Printf("\t%s Atom = %#x\n", identifier(s), atom[s]) - } - fmt.Printf(")\n\n") - - fmt.Printf("const hash0 = %#x\n\n", best.h0) - fmt.Printf("const maxAtomLen = %d\n\n", maxLen) - - fmt.Printf("var table = [1<<%d]Atom{\n", best.k) - for i, s := range best.tab { - if s == "" { - continue - } - fmt.Printf("\t%#x: %#x, // %s\n", i, atom[s], s) - } - fmt.Printf("}\n") - datasize := (1 << best.k) * 4 - - fmt.Printf("const atomText =\n") - textsize := len(text) - for len(text) > 60 { - fmt.Printf("\t%q +\n", text[:60]) - text = text[60:] - } - fmt.Printf("\t%q\n\n", text) - - fmt.Fprintf(os.Stderr, "%d atoms; %d string bytes + %d tables = %d total data\n", len(all), textsize, datasize, textsize+datasize) -} - -type byLen []string - -func (x byLen) Less(i, j int) bool { return len(x[i]) > len(x[j]) } -func (x byLen) Swap(i, j int) { x[i], x[j] = x[j], x[i] } -func (x byLen) Len() int { return len(x) } - -// fnv computes the FNV hash with an arbitrary starting value h. -func fnv(h uint32, s string) uint32 { - for i := 0; i < len(s); i++ { - h ^= uint32(s[i]) - h *= 16777619 - } - return h -} - -// A table represents an attempt at constructing the lookup table. -// The lookup table uses cuckoo hashing, meaning that each string -// can be found in one of two positions. -type table struct { - h0 uint32 - k uint - mask uint32 - tab []string -} - -// hash returns the two hashes for s. -func (t *table) hash(s string) (h1, h2 uint32) { - h := fnv(t.h0, s) - h1 = h & t.mask - h2 = (h >> 16) & t.mask - return -} - -// init initializes the table with the given parameters. -// h0 is the initial hash value, -// k is the number of bits of hash value to use, and -// x is the list of strings to store in the table. -// init returns false if the table cannot be constructed. -func (t *table) init(h0 uint32, k uint, x []string) bool { - t.h0 = h0 - t.k = k - t.tab = make([]string, 1< len(t.tab) { - return false - } - s := t.tab[i] - h1, h2 := t.hash(s) - j := h1 + h2 - i - if t.tab[j] != "" && !t.push(j, depth+1) { - return false - } - t.tab[j] = s - return true -} - -// The lists of element names and attribute keys were taken from -// https://html.spec.whatwg.org/multipage/indices.html#index -// as of the "HTML Living Standard - Last Updated 21 February 2015" version. - -var elements = []string{ - "a", - "abbr", - "address", - "area", - "article", - "aside", - "audio", - "b", - "base", - "bdi", - "bdo", - "blockquote", - "body", - "br", - "button", - "canvas", - "caption", - "cite", - "code", - "col", - "colgroup", - "command", - "data", - "datalist", - "dd", - "del", - "details", - "dfn", - "dialog", - "div", - "dl", - "dt", - "em", - "embed", - "fieldset", - "figcaption", - "figure", - "footer", - "form", - "h1", - "h2", - "h3", - "h4", - "h5", - "h6", - "head", - "header", - "hgroup", - "hr", - "html", - "i", - "iframe", - "img", - "input", - "ins", - "kbd", - "keygen", - "label", - "legend", - "li", - "link", - "map", - "mark", - "menu", - "menuitem", - "meta", - "meter", - "nav", - "noscript", - "object", - "ol", - "optgroup", - "option", - "output", - "p", - "param", - "pre", - "progress", - "q", - "rp", - "rt", - "ruby", - "s", - "samp", - "script", - "section", - "select", - "small", - "source", - "span", - "strong", - "style", - "sub", - "summary", - "sup", - "table", - "tbody", - "td", - "template", - "textarea", - "tfoot", - "th", - "thead", - "time", - "title", - "tr", - "track", - "u", - "ul", - "var", - "video", - "wbr", -} - -// https://html.spec.whatwg.org/multipage/indices.html#attributes-3 - -var attributes = []string{ - "abbr", - "accept", - "accept-charset", - "accesskey", - "action", - "alt", - "async", - "autocomplete", - "autofocus", - "autoplay", - "challenge", - "charset", - "checked", - "cite", - "class", - "cols", - "colspan", - "command", - "content", - "contenteditable", - "contextmenu", - "controls", - "coords", - "crossorigin", - "data", - "datetime", - "default", - "defer", - "dir", - "dirname", - "disabled", - "download", - "draggable", - "dropzone", - "enctype", - "for", - "form", - "formaction", - "formenctype", - "formmethod", - "formnovalidate", - "formtarget", - "headers", - "height", - "hidden", - "high", - "href", - "hreflang", - "http-equiv", - "icon", - "id", - "inputmode", - "ismap", - "itemid", - "itemprop", - "itemref", - "itemscope", - "itemtype", - "keytype", - "kind", - "label", - "lang", - "list", - "loop", - "low", - "manifest", - "max", - "maxlength", - "media", - "mediagroup", - "method", - "min", - "minlength", - "multiple", - "muted", - "name", - "novalidate", - "open", - "optimum", - "pattern", - "ping", - "placeholder", - "poster", - "preload", - "radiogroup", - "readonly", - "rel", - "required", - "reversed", - "rows", - "rowspan", - "sandbox", - "spellcheck", - "scope", - "scoped", - "seamless", - "selected", - "shape", - "size", - "sizes", - "sortable", - "sorted", - "span", - "src", - "srcdoc", - "srclang", - "start", - "step", - "style", - "tabindex", - "target", - "title", - "translate", - "type", - "typemustmatch", - "usemap", - "value", - "width", - "wrap", -} - -var eventHandlers = []string{ - "onabort", - "onautocomplete", - "onautocompleteerror", - "onafterprint", - "onbeforeprint", - "onbeforeunload", - "onblur", - "oncancel", - "oncanplay", - "oncanplaythrough", - "onchange", - "onclick", - "onclose", - "oncontextmenu", - "oncuechange", - "ondblclick", - "ondrag", - "ondragend", - "ondragenter", - "ondragleave", - "ondragover", - "ondragstart", - "ondrop", - "ondurationchange", - "onemptied", - "onended", - "onerror", - "onfocus", - "onhashchange", - "oninput", - "oninvalid", - "onkeydown", - "onkeypress", - "onkeyup", - "onlanguagechange", - "onload", - "onloadeddata", - "onloadedmetadata", - "onloadstart", - "onmessage", - "onmousedown", - "onmousemove", - "onmouseout", - "onmouseover", - "onmouseup", - "onmousewheel", - "onoffline", - "ononline", - "onpagehide", - "onpageshow", - "onpause", - "onplay", - "onplaying", - "onpopstate", - "onprogress", - "onratechange", - "onreset", - "onresize", - "onscroll", - "onseeked", - "onseeking", - "onselect", - "onshow", - "onsort", - "onstalled", - "onstorage", - "onsubmit", - "onsuspend", - "ontimeupdate", - "ontoggle", - "onunload", - "onvolumechange", - "onwaiting", -} - -// extra are ad-hoc values not covered by any of the lists above. -var extra = []string{ - "align", - "annotation", - "annotation-xml", - "applet", - "basefont", - "bgsound", - "big", - "blink", - "center", - "color", - "desc", - "face", - "font", - "foreignObject", // HTML is case-insensitive, but SVG-embedded-in-HTML is case-sensitive. - "foreignobject", - "frame", - "frameset", - "image", - "isindex", - "listing", - "malignmark", - "marquee", - "math", - "mglyph", - "mi", - "mn", - "mo", - "ms", - "mtext", - "nobr", - "noembed", - "noframes", - "plaintext", - "prompt", - "public", - "spacer", - "strike", - "svg", - "system", - "tt", - "xmp", -} diff --git a/vendor/golang.org/x/net/html/atom/table.go b/vendor/golang.org/x/net/html/atom/table.go deleted file mode 100644 index 2605ba31..00000000 --- a/vendor/golang.org/x/net/html/atom/table.go +++ /dev/null @@ -1,713 +0,0 @@ -// generated by go run gen.go; DO NOT EDIT - -package atom - -const ( - A Atom = 0x1 - Abbr Atom = 0x4 - Accept Atom = 0x2106 - AcceptCharset Atom = 0x210e - Accesskey Atom = 0x3309 - Action Atom = 0x1f606 - Address Atom = 0x4f307 - Align Atom = 0x1105 - Alt Atom = 0x4503 - Annotation Atom = 0x1670a - AnnotationXml Atom = 0x1670e - Applet Atom = 0x2b306 - Area Atom = 0x2fa04 - Article Atom = 0x38807 - Aside Atom = 0x8305 - Async Atom = 0x7b05 - Audio Atom = 0xa605 - Autocomplete Atom = 0x1fc0c - Autofocus Atom = 0xb309 - Autoplay Atom = 0xce08 - B Atom = 0x101 - Base Atom = 0xd604 - Basefont Atom = 0xd608 - Bdi Atom = 0x1a03 - Bdo Atom = 0xe703 - Bgsound Atom = 0x11807 - Big Atom = 0x12403 - Blink Atom = 0x12705 - Blockquote Atom = 0x12c0a - Body Atom = 0x2f04 - Br Atom = 0x202 - Button Atom = 0x13606 - Canvas Atom = 0x7f06 - Caption Atom = 0x1bb07 - Center Atom = 0x5b506 - Challenge Atom = 0x21f09 - Charset Atom = 0x2807 - Checked Atom = 0x32807 - Cite Atom = 0x3c804 - Class Atom = 0x4de05 - Code Atom = 0x14904 - Col Atom = 0x15003 - Colgroup Atom = 0x15008 - Color Atom = 0x15d05 - Cols Atom = 0x16204 - Colspan Atom = 0x16207 - Command Atom = 0x17507 - Content Atom = 0x42307 - Contenteditable Atom = 0x4230f - Contextmenu Atom = 0x3310b - Controls Atom = 0x18808 - Coords Atom = 0x19406 - Crossorigin Atom = 0x19f0b - Data Atom = 0x44a04 - Datalist Atom = 0x44a08 - Datetime Atom = 0x23c08 - Dd Atom = 0x26702 - Default Atom = 0x8607 - Defer Atom = 0x14b05 - Del Atom = 0x3ef03 - Desc Atom = 0x4db04 - Details Atom = 0x4807 - Dfn Atom = 0x6103 - Dialog Atom = 0x1b06 - Dir Atom = 0x6903 - Dirname Atom = 0x6907 - Disabled Atom = 0x10c08 - Div Atom = 0x11303 - Dl Atom = 0x11e02 - Download Atom = 0x40008 - Draggable Atom = 0x17b09 - Dropzone Atom = 0x39108 - Dt Atom = 0x50902 - Em Atom = 0x6502 - Embed Atom = 0x6505 - Enctype Atom = 0x21107 - Face Atom = 0x5b304 - Fieldset Atom = 0x1b008 - Figcaption Atom = 0x1b80a - Figure Atom = 0x1cc06 - Font Atom = 0xda04 - Footer Atom = 0x8d06 - For Atom = 0x1d803 - ForeignObject Atom = 0x1d80d - Foreignobject Atom = 0x1e50d - Form Atom = 0x1f204 - Formaction Atom = 0x1f20a - Formenctype Atom = 0x20d0b - Formmethod Atom = 0x2280a - Formnovalidate Atom = 0x2320e - Formtarget Atom = 0x2470a - Frame Atom = 0x9a05 - Frameset Atom = 0x9a08 - H1 Atom = 0x26e02 - H2 Atom = 0x29402 - H3 Atom = 0x2a702 - H4 Atom = 0x2e902 - H5 Atom = 0x2f302 - H6 Atom = 0x50b02 - Head Atom = 0x2d504 - Header Atom = 0x2d506 - Headers Atom = 0x2d507 - Height Atom = 0x25106 - Hgroup Atom = 0x25906 - Hidden Atom = 0x26506 - High Atom = 0x26b04 - Hr Atom = 0x27002 - Href Atom = 0x27004 - Hreflang Atom = 0x27008 - Html Atom = 0x25504 - HttpEquiv Atom = 0x2780a - I Atom = 0x601 - Icon Atom = 0x42204 - Id Atom = 0x8502 - Iframe Atom = 0x29606 - Image Atom = 0x29c05 - Img Atom = 0x2a103 - Input Atom = 0x3e805 - Inputmode Atom = 0x3e809 - Ins Atom = 0x1a803 - Isindex Atom = 0x2a907 - Ismap Atom = 0x2b005 - Itemid Atom = 0x33c06 - Itemprop Atom = 0x3c908 - Itemref Atom = 0x5ad07 - Itemscope Atom = 0x2b909 - Itemtype Atom = 0x2c308 - Kbd Atom = 0x1903 - Keygen Atom = 0x3906 - Keytype Atom = 0x53707 - Kind Atom = 0x10904 - Label Atom = 0xf005 - Lang Atom = 0x27404 - Legend Atom = 0x18206 - Li Atom = 0x1202 - Link Atom = 0x12804 - List Atom = 0x44e04 - Listing Atom = 0x44e07 - Loop Atom = 0xf404 - Low Atom = 0x11f03 - Malignmark Atom = 0x100a - Manifest Atom = 0x5f108 - Map Atom = 0x2b203 - Mark Atom = 0x1604 - Marquee Atom = 0x2cb07 - Math Atom = 0x2d204 - Max Atom = 0x2e103 - Maxlength Atom = 0x2e109 - Media Atom = 0x6e05 - Mediagroup Atom = 0x6e0a - Menu Atom = 0x33804 - Menuitem Atom = 0x33808 - Meta Atom = 0x45d04 - Meter Atom = 0x24205 - Method Atom = 0x22c06 - Mglyph Atom = 0x2a206 - Mi Atom = 0x2eb02 - Min Atom = 0x2eb03 - Minlength Atom = 0x2eb09 - Mn Atom = 0x23502 - Mo Atom = 0x3ed02 - Ms Atom = 0x2bc02 - Mtext Atom = 0x2f505 - Multiple Atom = 0x30308 - Muted Atom = 0x30b05 - Name Atom = 0x6c04 - Nav Atom = 0x3e03 - Nobr Atom = 0x5704 - Noembed Atom = 0x6307 - Noframes Atom = 0x9808 - Noscript Atom = 0x3d208 - Novalidate Atom = 0x2360a - Object Atom = 0x1ec06 - Ol Atom = 0xc902 - Onabort Atom = 0x13a07 - Onafterprint Atom = 0x1c00c - Onautocomplete Atom = 0x1fa0e - Onautocompleteerror Atom = 0x1fa13 - Onbeforeprint Atom = 0x6040d - Onbeforeunload Atom = 0x4e70e - Onblur Atom = 0xaa06 - Oncancel Atom = 0xe908 - Oncanplay Atom = 0x28509 - Oncanplaythrough Atom = 0x28510 - Onchange Atom = 0x3a708 - Onclick Atom = 0x31007 - Onclose Atom = 0x31707 - Oncontextmenu Atom = 0x32f0d - Oncuechange Atom = 0x3420b - Ondblclick Atom = 0x34d0a - Ondrag Atom = 0x35706 - Ondragend Atom = 0x35709 - Ondragenter Atom = 0x3600b - Ondragleave Atom = 0x36b0b - Ondragover Atom = 0x3760a - Ondragstart Atom = 0x3800b - Ondrop Atom = 0x38f06 - Ondurationchange Atom = 0x39f10 - Onemptied Atom = 0x39609 - Onended Atom = 0x3af07 - Onerror Atom = 0x3b607 - Onfocus Atom = 0x3bd07 - Onhashchange Atom = 0x3da0c - Oninput Atom = 0x3e607 - Oninvalid Atom = 0x3f209 - Onkeydown Atom = 0x3fb09 - Onkeypress Atom = 0x4080a - Onkeyup Atom = 0x41807 - Onlanguagechange Atom = 0x43210 - Onload Atom = 0x44206 - Onloadeddata Atom = 0x4420c - Onloadedmetadata Atom = 0x45510 - Onloadstart Atom = 0x46b0b - Onmessage Atom = 0x47609 - Onmousedown Atom = 0x47f0b - Onmousemove Atom = 0x48a0b - Onmouseout Atom = 0x4950a - Onmouseover Atom = 0x4a20b - Onmouseup Atom = 0x4ad09 - Onmousewheel Atom = 0x4b60c - Onoffline Atom = 0x4c209 - Ononline Atom = 0x4cb08 - Onpagehide Atom = 0x4d30a - Onpageshow Atom = 0x4fe0a - Onpause Atom = 0x50d07 - Onplay Atom = 0x51706 - Onplaying Atom = 0x51709 - Onpopstate Atom = 0x5200a - Onprogress Atom = 0x52a0a - Onratechange Atom = 0x53e0c - Onreset Atom = 0x54a07 - Onresize Atom = 0x55108 - Onscroll Atom = 0x55f08 - Onseeked Atom = 0x56708 - Onseeking Atom = 0x56f09 - Onselect Atom = 0x57808 - Onshow Atom = 0x58206 - Onsort Atom = 0x58b06 - Onstalled Atom = 0x59509 - Onstorage Atom = 0x59e09 - Onsubmit Atom = 0x5a708 - Onsuspend Atom = 0x5bb09 - Ontimeupdate Atom = 0xdb0c - Ontoggle Atom = 0x5c408 - Onunload Atom = 0x5cc08 - Onvolumechange Atom = 0x5d40e - Onwaiting Atom = 0x5e209 - Open Atom = 0x3cf04 - Optgroup Atom = 0xf608 - Optimum Atom = 0x5eb07 - Option Atom = 0x60006 - Output Atom = 0x49c06 - P Atom = 0xc01 - Param Atom = 0xc05 - Pattern Atom = 0x5107 - Ping Atom = 0x7704 - Placeholder Atom = 0xc30b - Plaintext Atom = 0xfd09 - Poster Atom = 0x15706 - Pre Atom = 0x25e03 - Preload Atom = 0x25e07 - Progress Atom = 0x52c08 - Prompt Atom = 0x5fa06 - Public Atom = 0x41e06 - Q Atom = 0x13101 - Radiogroup Atom = 0x30a - Readonly Atom = 0x2fb08 - Rel Atom = 0x25f03 - Required Atom = 0x1d008 - Reversed Atom = 0x5a08 - Rows Atom = 0x9204 - Rowspan Atom = 0x9207 - Rp Atom = 0x1c602 - Rt Atom = 0x13f02 - Ruby Atom = 0xaf04 - S Atom = 0x2c01 - Samp Atom = 0x4e04 - Sandbox Atom = 0xbb07 - Scope Atom = 0x2bd05 - Scoped Atom = 0x2bd06 - Script Atom = 0x3d406 - Seamless Atom = 0x31c08 - Section Atom = 0x4e207 - Select Atom = 0x57a06 - Selected Atom = 0x57a08 - Shape Atom = 0x4f905 - Size Atom = 0x55504 - Sizes Atom = 0x55505 - Small Atom = 0x18f05 - Sortable Atom = 0x58d08 - Sorted Atom = 0x19906 - Source Atom = 0x1aa06 - Spacer Atom = 0x2db06 - Span Atom = 0x9504 - Spellcheck Atom = 0x3230a - Src Atom = 0x3c303 - Srcdoc Atom = 0x3c306 - Srclang Atom = 0x41107 - Start Atom = 0x38605 - Step Atom = 0x5f704 - Strike Atom = 0x53306 - Strong Atom = 0x55906 - Style Atom = 0x61105 - Sub Atom = 0x5a903 - Summary Atom = 0x61607 - Sup Atom = 0x61d03 - Svg Atom = 0x62003 - System Atom = 0x62306 - Tabindex Atom = 0x46308 - Table Atom = 0x42d05 - Target Atom = 0x24b06 - Tbody Atom = 0x2e05 - Td Atom = 0x4702 - Template Atom = 0x62608 - Textarea Atom = 0x2f608 - Tfoot Atom = 0x8c05 - Th Atom = 0x22e02 - Thead Atom = 0x2d405 - Time Atom = 0xdd04 - Title Atom = 0xa105 - Tr Atom = 0x10502 - Track Atom = 0x10505 - Translate Atom = 0x14009 - Tt Atom = 0x5302 - Type Atom = 0x21404 - Typemustmatch Atom = 0x2140d - U Atom = 0xb01 - Ul Atom = 0x8a02 - Usemap Atom = 0x51106 - Value Atom = 0x4005 - Var Atom = 0x11503 - Video Atom = 0x28105 - Wbr Atom = 0x12103 - Width Atom = 0x50705 - Wrap Atom = 0x58704 - Xmp Atom = 0xc103 -) - -const hash0 = 0xc17da63e - -const maxAtomLen = 19 - -var table = [1 << 9]Atom{ - 0x1: 0x48a0b, // onmousemove - 0x2: 0x5e209, // onwaiting - 0x3: 0x1fa13, // onautocompleteerror - 0x4: 0x5fa06, // prompt - 0x7: 0x5eb07, // optimum - 0x8: 0x1604, // mark - 0xa: 0x5ad07, // itemref - 0xb: 0x4fe0a, // onpageshow - 0xc: 0x57a06, // select - 0xd: 0x17b09, // draggable - 0xe: 0x3e03, // nav - 0xf: 0x17507, // command - 0x11: 0xb01, // u - 0x14: 0x2d507, // headers - 0x15: 0x44a08, // datalist - 0x17: 0x4e04, // samp - 0x1a: 0x3fb09, // onkeydown - 0x1b: 0x55f08, // onscroll - 0x1c: 0x15003, // col - 0x20: 0x3c908, // itemprop - 0x21: 0x2780a, // http-equiv - 0x22: 0x61d03, // sup - 0x24: 0x1d008, // required - 0x2b: 0x25e07, // preload - 0x2c: 0x6040d, // onbeforeprint - 0x2d: 0x3600b, // ondragenter - 0x2e: 0x50902, // dt - 0x2f: 0x5a708, // onsubmit - 0x30: 0x27002, // hr - 0x31: 0x32f0d, // oncontextmenu - 0x33: 0x29c05, // image - 0x34: 0x50d07, // onpause - 0x35: 0x25906, // hgroup - 0x36: 0x7704, // ping - 0x37: 0x57808, // onselect - 0x3a: 0x11303, // div - 0x3b: 0x1fa0e, // onautocomplete - 0x40: 0x2eb02, // mi - 0x41: 0x31c08, // seamless - 0x42: 0x2807, // charset - 0x43: 0x8502, // id - 0x44: 0x5200a, // onpopstate - 0x45: 0x3ef03, // del - 0x46: 0x2cb07, // marquee - 0x47: 0x3309, // accesskey - 0x49: 0x8d06, // footer - 0x4a: 0x44e04, // list - 0x4b: 0x2b005, // ismap - 0x51: 0x33804, // menu - 0x52: 0x2f04, // body - 0x55: 0x9a08, // frameset - 0x56: 0x54a07, // onreset - 0x57: 0x12705, // blink - 0x58: 0xa105, // title - 0x59: 0x38807, // article - 0x5b: 0x22e02, // th - 0x5d: 0x13101, // q - 0x5e: 0x3cf04, // open - 0x5f: 0x2fa04, // area - 0x61: 0x44206, // onload - 0x62: 0xda04, // font - 0x63: 0xd604, // base - 0x64: 0x16207, // colspan - 0x65: 0x53707, // keytype - 0x66: 0x11e02, // dl - 0x68: 0x1b008, // fieldset - 0x6a: 0x2eb03, // min - 0x6b: 0x11503, // var - 0x6f: 0x2d506, // header - 0x70: 0x13f02, // rt - 0x71: 0x15008, // colgroup - 0x72: 0x23502, // mn - 0x74: 0x13a07, // onabort - 0x75: 0x3906, // keygen - 0x76: 0x4c209, // onoffline - 0x77: 0x21f09, // challenge - 0x78: 0x2b203, // map - 0x7a: 0x2e902, // h4 - 0x7b: 0x3b607, // onerror - 0x7c: 0x2e109, // maxlength - 0x7d: 0x2f505, // mtext - 0x7e: 0xbb07, // sandbox - 0x7f: 0x58b06, // onsort - 0x80: 0x100a, // malignmark - 0x81: 0x45d04, // meta - 0x82: 0x7b05, // async - 0x83: 0x2a702, // h3 - 0x84: 0x26702, // dd - 0x85: 0x27004, // href - 0x86: 0x6e0a, // mediagroup - 0x87: 0x19406, // coords - 0x88: 0x41107, // srclang - 0x89: 0x34d0a, // ondblclick - 0x8a: 0x4005, // value - 0x8c: 0xe908, // oncancel - 0x8e: 0x3230a, // spellcheck - 0x8f: 0x9a05, // frame - 0x91: 0x12403, // big - 0x94: 0x1f606, // action - 0x95: 0x6903, // dir - 0x97: 0x2fb08, // readonly - 0x99: 0x42d05, // table - 0x9a: 0x61607, // summary - 0x9b: 0x12103, // wbr - 0x9c: 0x30a, // radiogroup - 0x9d: 0x6c04, // name - 0x9f: 0x62306, // system - 0xa1: 0x15d05, // color - 0xa2: 0x7f06, // canvas - 0xa3: 0x25504, // html - 0xa5: 0x56f09, // onseeking - 0xac: 0x4f905, // shape - 0xad: 0x25f03, // rel - 0xae: 0x28510, // oncanplaythrough - 0xaf: 0x3760a, // ondragover - 0xb0: 0x62608, // template - 0xb1: 0x1d80d, // foreignObject - 0xb3: 0x9204, // rows - 0xb6: 0x44e07, // listing - 0xb7: 0x49c06, // output - 0xb9: 0x3310b, // contextmenu - 0xbb: 0x11f03, // low - 0xbc: 0x1c602, // rp - 0xbd: 0x5bb09, // onsuspend - 0xbe: 0x13606, // button - 0xbf: 0x4db04, // desc - 0xc1: 0x4e207, // section - 0xc2: 0x52a0a, // onprogress - 0xc3: 0x59e09, // onstorage - 0xc4: 0x2d204, // math - 0xc5: 0x4503, // alt - 0xc7: 0x8a02, // ul - 0xc8: 0x5107, // pattern - 0xc9: 0x4b60c, // onmousewheel - 0xca: 0x35709, // ondragend - 0xcb: 0xaf04, // ruby - 0xcc: 0xc01, // p - 0xcd: 0x31707, // onclose - 0xce: 0x24205, // meter - 0xcf: 0x11807, // bgsound - 0xd2: 0x25106, // height - 0xd4: 0x101, // b - 0xd5: 0x2c308, // itemtype - 0xd8: 0x1bb07, // caption - 0xd9: 0x10c08, // disabled - 0xdb: 0x33808, // menuitem - 0xdc: 0x62003, // svg - 0xdd: 0x18f05, // small - 0xde: 0x44a04, // data - 0xe0: 0x4cb08, // ononline - 0xe1: 0x2a206, // mglyph - 0xe3: 0x6505, // embed - 0xe4: 0x10502, // tr - 0xe5: 0x46b0b, // onloadstart - 0xe7: 0x3c306, // srcdoc - 0xeb: 0x5c408, // ontoggle - 0xed: 0xe703, // bdo - 0xee: 0x4702, // td - 0xef: 0x8305, // aside - 0xf0: 0x29402, // h2 - 0xf1: 0x52c08, // progress - 0xf2: 0x12c0a, // blockquote - 0xf4: 0xf005, // label - 0xf5: 0x601, // i - 0xf7: 0x9207, // rowspan - 0xfb: 0x51709, // onplaying - 0xfd: 0x2a103, // img - 0xfe: 0xf608, // optgroup - 0xff: 0x42307, // content - 0x101: 0x53e0c, // onratechange - 0x103: 0x3da0c, // onhashchange - 0x104: 0x4807, // details - 0x106: 0x40008, // download - 0x109: 0x14009, // translate - 0x10b: 0x4230f, // contenteditable - 0x10d: 0x36b0b, // ondragleave - 0x10e: 0x2106, // accept - 0x10f: 0x57a08, // selected - 0x112: 0x1f20a, // formaction - 0x113: 0x5b506, // center - 0x115: 0x45510, // onloadedmetadata - 0x116: 0x12804, // link - 0x117: 0xdd04, // time - 0x118: 0x19f0b, // crossorigin - 0x119: 0x3bd07, // onfocus - 0x11a: 0x58704, // wrap - 0x11b: 0x42204, // icon - 0x11d: 0x28105, // video - 0x11e: 0x4de05, // class - 0x121: 0x5d40e, // onvolumechange - 0x122: 0xaa06, // onblur - 0x123: 0x2b909, // itemscope - 0x124: 0x61105, // style - 0x127: 0x41e06, // public - 0x129: 0x2320e, // formnovalidate - 0x12a: 0x58206, // onshow - 0x12c: 0x51706, // onplay - 0x12d: 0x3c804, // cite - 0x12e: 0x2bc02, // ms - 0x12f: 0xdb0c, // ontimeupdate - 0x130: 0x10904, // kind - 0x131: 0x2470a, // formtarget - 0x135: 0x3af07, // onended - 0x136: 0x26506, // hidden - 0x137: 0x2c01, // s - 0x139: 0x2280a, // formmethod - 0x13a: 0x3e805, // input - 0x13c: 0x50b02, // h6 - 0x13d: 0xc902, // ol - 0x13e: 0x3420b, // oncuechange - 0x13f: 0x1e50d, // foreignobject - 0x143: 0x4e70e, // onbeforeunload - 0x144: 0x2bd05, // scope - 0x145: 0x39609, // onemptied - 0x146: 0x14b05, // defer - 0x147: 0xc103, // xmp - 0x148: 0x39f10, // ondurationchange - 0x149: 0x1903, // kbd - 0x14c: 0x47609, // onmessage - 0x14d: 0x60006, // option - 0x14e: 0x2eb09, // minlength - 0x14f: 0x32807, // checked - 0x150: 0xce08, // autoplay - 0x152: 0x202, // br - 0x153: 0x2360a, // novalidate - 0x156: 0x6307, // noembed - 0x159: 0x31007, // onclick - 0x15a: 0x47f0b, // onmousedown - 0x15b: 0x3a708, // onchange - 0x15e: 0x3f209, // oninvalid - 0x15f: 0x2bd06, // scoped - 0x160: 0x18808, // controls - 0x161: 0x30b05, // muted - 0x162: 0x58d08, // sortable - 0x163: 0x51106, // usemap - 0x164: 0x1b80a, // figcaption - 0x165: 0x35706, // ondrag - 0x166: 0x26b04, // high - 0x168: 0x3c303, // src - 0x169: 0x15706, // poster - 0x16b: 0x1670e, // annotation-xml - 0x16c: 0x5f704, // step - 0x16d: 0x4, // abbr - 0x16e: 0x1b06, // dialog - 0x170: 0x1202, // li - 0x172: 0x3ed02, // mo - 0x175: 0x1d803, // for - 0x176: 0x1a803, // ins - 0x178: 0x55504, // size - 0x179: 0x43210, // onlanguagechange - 0x17a: 0x8607, // default - 0x17b: 0x1a03, // bdi - 0x17c: 0x4d30a, // onpagehide - 0x17d: 0x6907, // dirname - 0x17e: 0x21404, // type - 0x17f: 0x1f204, // form - 0x181: 0x28509, // oncanplay - 0x182: 0x6103, // dfn - 0x183: 0x46308, // tabindex - 0x186: 0x6502, // em - 0x187: 0x27404, // lang - 0x189: 0x39108, // dropzone - 0x18a: 0x4080a, // onkeypress - 0x18b: 0x23c08, // datetime - 0x18c: 0x16204, // cols - 0x18d: 0x1, // a - 0x18e: 0x4420c, // onloadeddata - 0x190: 0xa605, // audio - 0x192: 0x2e05, // tbody - 0x193: 0x22c06, // method - 0x195: 0xf404, // loop - 0x196: 0x29606, // iframe - 0x198: 0x2d504, // head - 0x19e: 0x5f108, // manifest - 0x19f: 0xb309, // autofocus - 0x1a0: 0x14904, // code - 0x1a1: 0x55906, // strong - 0x1a2: 0x30308, // multiple - 0x1a3: 0xc05, // param - 0x1a6: 0x21107, // enctype - 0x1a7: 0x5b304, // face - 0x1a8: 0xfd09, // plaintext - 0x1a9: 0x26e02, // h1 - 0x1aa: 0x59509, // onstalled - 0x1ad: 0x3d406, // script - 0x1ae: 0x2db06, // spacer - 0x1af: 0x55108, // onresize - 0x1b0: 0x4a20b, // onmouseover - 0x1b1: 0x5cc08, // onunload - 0x1b2: 0x56708, // onseeked - 0x1b4: 0x2140d, // typemustmatch - 0x1b5: 0x1cc06, // figure - 0x1b6: 0x4950a, // onmouseout - 0x1b7: 0x25e03, // pre - 0x1b8: 0x50705, // width - 0x1b9: 0x19906, // sorted - 0x1bb: 0x5704, // nobr - 0x1be: 0x5302, // tt - 0x1bf: 0x1105, // align - 0x1c0: 0x3e607, // oninput - 0x1c3: 0x41807, // onkeyup - 0x1c6: 0x1c00c, // onafterprint - 0x1c7: 0x210e, // accept-charset - 0x1c8: 0x33c06, // itemid - 0x1c9: 0x3e809, // inputmode - 0x1cb: 0x53306, // strike - 0x1cc: 0x5a903, // sub - 0x1cd: 0x10505, // track - 0x1ce: 0x38605, // start - 0x1d0: 0xd608, // basefont - 0x1d6: 0x1aa06, // source - 0x1d7: 0x18206, // legend - 0x1d8: 0x2d405, // thead - 0x1da: 0x8c05, // tfoot - 0x1dd: 0x1ec06, // object - 0x1de: 0x6e05, // media - 0x1df: 0x1670a, // annotation - 0x1e0: 0x20d0b, // formenctype - 0x1e2: 0x3d208, // noscript - 0x1e4: 0x55505, // sizes - 0x1e5: 0x1fc0c, // autocomplete - 0x1e6: 0x9504, // span - 0x1e7: 0x9808, // noframes - 0x1e8: 0x24b06, // target - 0x1e9: 0x38f06, // ondrop - 0x1ea: 0x2b306, // applet - 0x1ec: 0x5a08, // reversed - 0x1f0: 0x2a907, // isindex - 0x1f3: 0x27008, // hreflang - 0x1f5: 0x2f302, // h5 - 0x1f6: 0x4f307, // address - 0x1fa: 0x2e103, // max - 0x1fb: 0xc30b, // placeholder - 0x1fc: 0x2f608, // textarea - 0x1fe: 0x4ad09, // onmouseup - 0x1ff: 0x3800b, // ondragstart -} - -const atomText = "abbradiogrouparamalignmarkbdialogaccept-charsetbodyaccesskey" + - "genavaluealtdetailsampatternobreversedfnoembedirnamediagroup" + - "ingasyncanvasidefaultfooterowspanoframesetitleaudionblurubya" + - "utofocusandboxmplaceholderautoplaybasefontimeupdatebdoncance" + - "labelooptgrouplaintextrackindisabledivarbgsoundlowbrbigblink" + - "blockquotebuttonabortranslatecodefercolgroupostercolorcolspa" + - "nnotation-xmlcommandraggablegendcontrolsmallcoordsortedcross" + - "originsourcefieldsetfigcaptionafterprintfigurequiredforeignO" + - "bjectforeignobjectformactionautocompleteerrorformenctypemust" + - "matchallengeformmethodformnovalidatetimeterformtargetheightm" + - "lhgroupreloadhiddenhigh1hreflanghttp-equivideoncanplaythroug" + - "h2iframeimageimglyph3isindexismappletitemscopeditemtypemarqu" + - "eematheaderspacermaxlength4minlength5mtextareadonlymultiplem" + - "utedonclickoncloseamlesspellcheckedoncontextmenuitemidoncuec" + - "hangeondblclickondragendondragenterondragleaveondragoverondr" + - "agstarticleondropzonemptiedondurationchangeonendedonerroronf" + - "ocusrcdocitempropenoscriptonhashchangeoninputmodeloninvalido" + - "nkeydownloadonkeypressrclangonkeyupublicontenteditableonlang" + - "uagechangeonloadeddatalistingonloadedmetadatabindexonloadsta" + - "rtonmessageonmousedownonmousemoveonmouseoutputonmouseoveronm" + - "ouseuponmousewheelonofflineononlineonpagehidesclassectionbef" + - "oreunloaddresshapeonpageshowidth6onpausemaponplayingonpopsta" + - "teonprogresstrikeytypeonratechangeonresetonresizestrongonscr" + - "ollonseekedonseekingonselectedonshowraponsortableonstalledon" + - "storageonsubmitemrefacenteronsuspendontoggleonunloadonvolume" + - "changeonwaitingoptimumanifestepromptoptionbeforeprintstylesu" + - "mmarysupsvgsystemplate" diff --git a/vendor/golang.org/x/net/html/atom/table_test.go b/vendor/golang.org/x/net/html/atom/table_test.go deleted file mode 100644 index 0f2ecce4..00000000 --- a/vendor/golang.org/x/net/html/atom/table_test.go +++ /dev/null @@ -1,351 +0,0 @@ -// generated by go run gen.go -test; DO NOT EDIT - -package atom - -var testAtomList = []string{ - "a", - "abbr", - "abbr", - "accept", - "accept-charset", - "accesskey", - "action", - "address", - "align", - "alt", - "annotation", - "annotation-xml", - "applet", - "area", - "article", - "aside", - "async", - "audio", - "autocomplete", - "autofocus", - "autoplay", - "b", - "base", - "basefont", - "bdi", - "bdo", - "bgsound", - "big", - "blink", - "blockquote", - "body", - "br", - "button", - "canvas", - "caption", - "center", - "challenge", - "charset", - "checked", - "cite", - "cite", - "class", - "code", - "col", - "colgroup", - "color", - "cols", - "colspan", - "command", - "command", - "content", - "contenteditable", - "contextmenu", - "controls", - "coords", - "crossorigin", - "data", - "data", - "datalist", - "datetime", - "dd", - "default", - "defer", - "del", - "desc", - "details", - "dfn", - "dialog", - "dir", - "dirname", - "disabled", - "div", - "dl", - "download", - "draggable", - "dropzone", - "dt", - "em", - "embed", - "enctype", - "face", - "fieldset", - "figcaption", - "figure", - "font", - "footer", - "for", - "foreignObject", - "foreignobject", - "form", - "form", - "formaction", - "formenctype", - "formmethod", - "formnovalidate", - "formtarget", - "frame", - "frameset", - "h1", - "h2", - "h3", - "h4", - "h5", - "h6", - "head", - "header", - "headers", - "height", - "hgroup", - "hidden", - "high", - "hr", - "href", - "hreflang", - "html", - "http-equiv", - "i", - "icon", - "id", - "iframe", - "image", - "img", - "input", - "inputmode", - "ins", - "isindex", - "ismap", - "itemid", - "itemprop", - "itemref", - "itemscope", - "itemtype", - "kbd", - "keygen", - "keytype", - "kind", - "label", - "label", - "lang", - "legend", - "li", - "link", - "list", - "listing", - "loop", - "low", - "malignmark", - "manifest", - "map", - "mark", - "marquee", - "math", - "max", - "maxlength", - "media", - "mediagroup", - "menu", - "menuitem", - "meta", - "meter", - "method", - "mglyph", - "mi", - "min", - "minlength", - "mn", - "mo", - "ms", - "mtext", - "multiple", - "muted", - "name", - "nav", - "nobr", - "noembed", - "noframes", - "noscript", - "novalidate", - "object", - "ol", - "onabort", - "onafterprint", - "onautocomplete", - "onautocompleteerror", - "onbeforeprint", - "onbeforeunload", - "onblur", - "oncancel", - "oncanplay", - "oncanplaythrough", - "onchange", - "onclick", - "onclose", - "oncontextmenu", - "oncuechange", - "ondblclick", - "ondrag", - "ondragend", - "ondragenter", - "ondragleave", - "ondragover", - "ondragstart", - "ondrop", - "ondurationchange", - "onemptied", - "onended", - "onerror", - "onfocus", - "onhashchange", - "oninput", - "oninvalid", - "onkeydown", - "onkeypress", - "onkeyup", - "onlanguagechange", - "onload", - "onloadeddata", - "onloadedmetadata", - "onloadstart", - "onmessage", - "onmousedown", - "onmousemove", - "onmouseout", - "onmouseover", - "onmouseup", - "onmousewheel", - "onoffline", - "ononline", - "onpagehide", - "onpageshow", - "onpause", - "onplay", - "onplaying", - "onpopstate", - "onprogress", - "onratechange", - "onreset", - "onresize", - "onscroll", - "onseeked", - "onseeking", - "onselect", - "onshow", - "onsort", - "onstalled", - "onstorage", - "onsubmit", - "onsuspend", - "ontimeupdate", - "ontoggle", - "onunload", - "onvolumechange", - "onwaiting", - "open", - "optgroup", - "optimum", - "option", - "output", - "p", - "param", - "pattern", - "ping", - "placeholder", - "plaintext", - "poster", - "pre", - "preload", - "progress", - "prompt", - "public", - "q", - "radiogroup", - "readonly", - "rel", - "required", - "reversed", - "rows", - "rowspan", - "rp", - "rt", - "ruby", - "s", - "samp", - "sandbox", - "scope", - "scoped", - "script", - "seamless", - "section", - "select", - "selected", - "shape", - "size", - "sizes", - "small", - "sortable", - "sorted", - "source", - "spacer", - "span", - "span", - "spellcheck", - "src", - "srcdoc", - "srclang", - "start", - "step", - "strike", - "strong", - "style", - "style", - "sub", - "summary", - "sup", - "svg", - "system", - "tabindex", - "table", - "target", - "tbody", - "td", - "template", - "textarea", - "tfoot", - "th", - "thead", - "time", - "title", - "title", - "tr", - "track", - "translate", - "tt", - "type", - "typemustmatch", - "u", - "ul", - "usemap", - "value", - "var", - "video", - "wbr", - "width", - "wrap", - "xmp", -} diff --git a/vendor/golang.org/x/net/html/charset/charset.go b/vendor/golang.org/x/net/html/charset/charset.go deleted file mode 100644 index 13bed159..00000000 --- a/vendor/golang.org/x/net/html/charset/charset.go +++ /dev/null @@ -1,257 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// Package charset provides common text encodings for HTML documents. -// -// The mapping from encoding labels to encodings is defined at -// https://encoding.spec.whatwg.org/. -package charset // import "golang.org/x/net/html/charset" - -import ( - "bytes" - "fmt" - "io" - "mime" - "strings" - "unicode/utf8" - - "golang.org/x/net/html" - "golang.org/x/text/encoding" - "golang.org/x/text/encoding/charmap" - "golang.org/x/text/encoding/htmlindex" - "golang.org/x/text/transform" -) - -// Lookup returns the encoding with the specified label, and its canonical -// name. It returns nil and the empty string if label is not one of the -// standard encodings for HTML. Matching is case-insensitive and ignores -// leading and trailing whitespace. Encoders will use HTML escape sequences for -// runes that are not supported by the character set. -func Lookup(label string) (e encoding.Encoding, name string) { - e, err := htmlindex.Get(label) - if err != nil { - return nil, "" - } - name, _ = htmlindex.Name(e) - return &htmlEncoding{e}, name -} - -type htmlEncoding struct{ encoding.Encoding } - -func (h *htmlEncoding) NewEncoder() *encoding.Encoder { - // HTML requires a non-terminating legacy encoder. We use HTML escapes to - // substitute unsupported code points. - return encoding.HTMLEscapeUnsupported(h.Encoding.NewEncoder()) -} - -// DetermineEncoding determines the encoding of an HTML document by examining -// up to the first 1024 bytes of content and the declared Content-Type. -// -// See http://www.whatwg.org/specs/web-apps/current-work/multipage/parsing.html#determining-the-character-encoding -func DetermineEncoding(content []byte, contentType string) (e encoding.Encoding, name string, certain bool) { - if len(content) > 1024 { - content = content[:1024] - } - - for _, b := range boms { - if bytes.HasPrefix(content, b.bom) { - e, name = Lookup(b.enc) - return e, name, true - } - } - - if _, params, err := mime.ParseMediaType(contentType); err == nil { - if cs, ok := params["charset"]; ok { - if e, name = Lookup(cs); e != nil { - return e, name, true - } - } - } - - if len(content) > 0 { - e, name = prescan(content) - if e != nil { - return e, name, false - } - } - - // Try to detect UTF-8. - // First eliminate any partial rune at the end. - for i := len(content) - 1; i >= 0 && i > len(content)-4; i-- { - b := content[i] - if b < 0x80 { - break - } - if utf8.RuneStart(b) { - content = content[:i] - break - } - } - hasHighBit := false - for _, c := range content { - if c >= 0x80 { - hasHighBit = true - break - } - } - if hasHighBit && utf8.Valid(content) { - return encoding.Nop, "utf-8", false - } - - // TODO: change default depending on user's locale? - return charmap.Windows1252, "windows-1252", false -} - -// NewReader returns an io.Reader that converts the content of r to UTF-8. -// It calls DetermineEncoding to find out what r's encoding is. -func NewReader(r io.Reader, contentType string) (io.Reader, error) { - preview := make([]byte, 1024) - n, err := io.ReadFull(r, preview) - switch { - case err == io.ErrUnexpectedEOF: - preview = preview[:n] - r = bytes.NewReader(preview) - case err != nil: - return nil, err - default: - r = io.MultiReader(bytes.NewReader(preview), r) - } - - if e, _, _ := DetermineEncoding(preview, contentType); e != encoding.Nop { - r = transform.NewReader(r, e.NewDecoder()) - } - return r, nil -} - -// NewReaderLabel returns a reader that converts from the specified charset to -// UTF-8. It uses Lookup to find the encoding that corresponds to label, and -// returns an error if Lookup returns nil. It is suitable for use as -// encoding/xml.Decoder's CharsetReader function. -func NewReaderLabel(label string, input io.Reader) (io.Reader, error) { - e, _ := Lookup(label) - if e == nil { - return nil, fmt.Errorf("unsupported charset: %q", label) - } - return transform.NewReader(input, e.NewDecoder()), nil -} - -func prescan(content []byte) (e encoding.Encoding, name string) { - z := html.NewTokenizer(bytes.NewReader(content)) - for { - switch z.Next() { - case html.ErrorToken: - return nil, "" - - case html.StartTagToken, html.SelfClosingTagToken: - tagName, hasAttr := z.TagName() - if !bytes.Equal(tagName, []byte("meta")) { - continue - } - attrList := make(map[string]bool) - gotPragma := false - - const ( - dontKnow = iota - doNeedPragma - doNotNeedPragma - ) - needPragma := dontKnow - - name = "" - e = nil - for hasAttr { - var key, val []byte - key, val, hasAttr = z.TagAttr() - ks := string(key) - if attrList[ks] { - continue - } - attrList[ks] = true - for i, c := range val { - if 'A' <= c && c <= 'Z' { - val[i] = c + 0x20 - } - } - - switch ks { - case "http-equiv": - if bytes.Equal(val, []byte("content-type")) { - gotPragma = true - } - - case "content": - if e == nil { - name = fromMetaElement(string(val)) - if name != "" { - e, name = Lookup(name) - if e != nil { - needPragma = doNeedPragma - } - } - } - - case "charset": - e, name = Lookup(string(val)) - needPragma = doNotNeedPragma - } - } - - if needPragma == dontKnow || needPragma == doNeedPragma && !gotPragma { - continue - } - - if strings.HasPrefix(name, "utf-16") { - name = "utf-8" - e = encoding.Nop - } - - if e != nil { - return e, name - } - } - } -} - -func fromMetaElement(s string) string { - for s != "" { - csLoc := strings.Index(s, "charset") - if csLoc == -1 { - return "" - } - s = s[csLoc+len("charset"):] - s = strings.TrimLeft(s, " \t\n\f\r") - if !strings.HasPrefix(s, "=") { - continue - } - s = s[1:] - s = strings.TrimLeft(s, " \t\n\f\r") - if s == "" { - return "" - } - if q := s[0]; q == '"' || q == '\'' { - s = s[1:] - closeQuote := strings.IndexRune(s, rune(q)) - if closeQuote == -1 { - return "" - } - return s[:closeQuote] - } - - end := strings.IndexAny(s, "; \t\n\f\r") - if end == -1 { - end = len(s) - } - return s[:end] - } - return "" -} - -var boms = []struct { - bom []byte - enc string -}{ - {[]byte{0xfe, 0xff}, "utf-16be"}, - {[]byte{0xff, 0xfe}, "utf-16le"}, - {[]byte{0xef, 0xbb, 0xbf}, "utf-8"}, -} diff --git a/vendor/golang.org/x/net/html/charset/charset_test.go b/vendor/golang.org/x/net/html/charset/charset_test.go deleted file mode 100644 index e4e7d86b..00000000 --- a/vendor/golang.org/x/net/html/charset/charset_test.go +++ /dev/null @@ -1,237 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package charset - -import ( - "bytes" - "encoding/xml" - "io/ioutil" - "runtime" - "strings" - "testing" - - "golang.org/x/text/transform" -) - -func transformString(t transform.Transformer, s string) (string, error) { - r := transform.NewReader(strings.NewReader(s), t) - b, err := ioutil.ReadAll(r) - return string(b), err -} - -type testCase struct { - utf8, other, otherEncoding string -} - -// testCases for encoding and decoding. -var testCases = []testCase{ - {"Résumé", "Résumé", "utf8"}, - {"Résumé", "R\xe9sum\xe9", "latin1"}, - {"これは漢字です。", "S0\x8c0o0\"oW[g0Y0\x020", "UTF-16LE"}, - {"これは漢字です。", "0S0\x8c0oo\"[W0g0Y0\x02", "UTF-16BE"}, - {"Hello, world", "Hello, world", "ASCII"}, - {"Gdańsk", "Gda\xf1sk", "ISO-8859-2"}, - {"Ââ Čč Đđ Ŋŋ Õõ Šš Žž Åå Ää", "\xc2\xe2 \xc8\xe8 \xa9\xb9 \xaf\xbf \xd5\xf5 \xaa\xba \xac\xbc \xc5\xe5 \xc4\xe4", "ISO-8859-10"}, - {"สำหรับ", "\xca\xd3\xcb\xc3\u047a", "ISO-8859-11"}, - {"latviešu", "latvie\xf0u", "ISO-8859-13"}, - {"Seònaid", "Se\xf2naid", "ISO-8859-14"}, - {"€1 is cheap", "\xa41 is cheap", "ISO-8859-15"}, - {"românește", "rom\xe2ne\xbate", "ISO-8859-16"}, - {"nutraĵo", "nutra\xbco", "ISO-8859-3"}, - {"Kalâdlit", "Kal\xe2dlit", "ISO-8859-4"}, - {"русский", "\xe0\xe3\xe1\xe1\xda\xd8\xd9", "ISO-8859-5"}, - {"ελληνικά", "\xe5\xeb\xeb\xe7\xed\xe9\xea\xdc", "ISO-8859-7"}, - {"Kağan", "Ka\xf0an", "ISO-8859-9"}, - {"Résumé", "R\x8esum\x8e", "macintosh"}, - {"Gdańsk", "Gda\xf1sk", "windows-1250"}, - {"русский", "\xf0\xf3\xf1\xf1\xea\xe8\xe9", "windows-1251"}, - {"Résumé", "R\xe9sum\xe9", "windows-1252"}, - {"ελληνικά", "\xe5\xeb\xeb\xe7\xed\xe9\xea\xdc", "windows-1253"}, - {"Kağan", "Ka\xf0an", "windows-1254"}, - {"עִבְרִית", "\xf2\xc4\xe1\xc0\xf8\xc4\xe9\xfa", "windows-1255"}, - {"العربية", "\xc7\xe1\xda\xd1\xc8\xed\xc9", "windows-1256"}, - {"latviešu", "latvie\xf0u", "windows-1257"}, - {"Việt", "Vi\xea\xf2t", "windows-1258"}, - {"สำหรับ", "\xca\xd3\xcb\xc3\u047a", "windows-874"}, - {"русский", "\xd2\xd5\xd3\xd3\xcb\xc9\xca", "KOI8-R"}, - {"українська", "\xd5\xcb\xd2\xc1\xa7\xce\xd3\xd8\xcb\xc1", "KOI8-U"}, - {"Hello 常用國字標準字體表", "Hello \xb1`\xa5\u03b0\xea\xa6r\xbc\u0437\u01e6r\xc5\xe9\xaa\xed", "big5"}, - {"Hello 常用國字標準字體表", "Hello \xb3\xa3\xd3\xc3\x87\xf8\xd7\xd6\x98\xcb\x9c\xca\xd7\xd6\xf3\x77\xb1\xed", "gbk"}, - {"Hello 常用國字標準字體表", "Hello \xb3\xa3\xd3\xc3\x87\xf8\xd7\xd6\x98\xcb\x9c\xca\xd7\xd6\xf3\x77\xb1\xed", "gb18030"}, - {"עִבְרִית", "\x81\x30\xfb\x30\x81\x30\xf6\x34\x81\x30\xf9\x33\x81\x30\xf6\x30\x81\x30\xfb\x36\x81\x30\xf6\x34\x81\x30\xfa\x31\x81\x30\xfb\x38", "gb18030"}, - {"㧯", "\x82\x31\x89\x38", "gb18030"}, - {"これは漢字です。", "\x82\xb1\x82\xea\x82\xcd\x8a\xbf\x8e\x9a\x82\xc5\x82\xb7\x81B", "SJIS"}, - {"Hello, 世界!", "Hello, \x90\xa2\x8aE!", "SJIS"}, - {"イウエオカ", "\xb2\xb3\xb4\xb5\xb6", "SJIS"}, - {"これは漢字です。", "\xa4\xb3\xa4\xec\xa4\u03f4\xc1\xbb\xfa\xa4\u01e4\xb9\xa1\xa3", "EUC-JP"}, - {"Hello, 世界!", "Hello, \x1b$B@$3&\x1b(B!", "ISO-2022-JP"}, - {"다음과 같은 조건을 따라야 합니다: 저작자표시", "\xb4\xd9\xc0\xbd\xb0\xfa \xb0\xb0\xc0\xba \xc1\xb6\xb0\xc7\xc0\xbb \xb5\xfb\xb6\xf3\xbe\xdf \xc7մϴ\xd9: \xc0\xfa\xc0\xdb\xc0\xdaǥ\xbd\xc3", "EUC-KR"}, -} - -func TestDecode(t *testing.T) { - testCases := append(testCases, []testCase{ - // Replace multi-byte maximum subpart of ill-formed subsequence with - // single replacement character (WhatWG requirement). - {"Rés\ufffdumé", "Rés\xe1\x80umé", "utf8"}, - }...) - for _, tc := range testCases { - e, _ := Lookup(tc.otherEncoding) - if e == nil { - t.Errorf("%s: not found", tc.otherEncoding) - continue - } - s, err := transformString(e.NewDecoder(), tc.other) - if err != nil { - t.Errorf("%s: decode %q: %v", tc.otherEncoding, tc.other, err) - continue - } - if s != tc.utf8 { - t.Errorf("%s: got %q, want %q", tc.otherEncoding, s, tc.utf8) - } - } -} - -func TestEncode(t *testing.T) { - testCases := append(testCases, []testCase{ - // Use Go-style replacement. - {"Rés\xe1\x80umé", "Rés\ufffd\ufffdumé", "utf8"}, - // U+0144 LATIN SMALL LETTER N WITH ACUTE not supported by encoding. - {"Gdańsk", "Gdańsk", "ISO-8859-11"}, - {"\ufffd", "�", "ISO-8859-11"}, - {"a\xe1\x80b", "a��b", "ISO-8859-11"}, - }...) - for _, tc := range testCases { - e, _ := Lookup(tc.otherEncoding) - if e == nil { - t.Errorf("%s: not found", tc.otherEncoding) - continue - } - s, err := transformString(e.NewEncoder(), tc.utf8) - if err != nil { - t.Errorf("%s: encode %q: %s", tc.otherEncoding, tc.utf8, err) - continue - } - if s != tc.other { - t.Errorf("%s: got %q, want %q", tc.otherEncoding, s, tc.other) - } - } -} - -var sniffTestCases = []struct { - filename, declared, want string -}{ - {"HTTP-charset.html", "text/html; charset=iso-8859-15", "iso-8859-15"}, - {"UTF-16LE-BOM.html", "", "utf-16le"}, - {"UTF-16BE-BOM.html", "", "utf-16be"}, - {"meta-content-attribute.html", "text/html", "iso-8859-15"}, - {"meta-charset-attribute.html", "text/html", "iso-8859-15"}, - {"No-encoding-declaration.html", "text/html", "utf-8"}, - {"HTTP-vs-UTF-8-BOM.html", "text/html; charset=iso-8859-15", "utf-8"}, - {"HTTP-vs-meta-content.html", "text/html; charset=iso-8859-15", "iso-8859-15"}, - {"HTTP-vs-meta-charset.html", "text/html; charset=iso-8859-15", "iso-8859-15"}, - {"UTF-8-BOM-vs-meta-content.html", "text/html", "utf-8"}, - {"UTF-8-BOM-vs-meta-charset.html", "text/html", "utf-8"}, -} - -func TestSniff(t *testing.T) { - switch runtime.GOOS { - case "nacl": // platforms that don't permit direct file system access - t.Skipf("not supported on %q", runtime.GOOS) - } - - for _, tc := range sniffTestCases { - content, err := ioutil.ReadFile("testdata/" + tc.filename) - if err != nil { - t.Errorf("%s: error reading file: %v", tc.filename, err) - continue - } - - _, name, _ := DetermineEncoding(content, tc.declared) - if name != tc.want { - t.Errorf("%s: got %q, want %q", tc.filename, name, tc.want) - continue - } - } -} - -func TestReader(t *testing.T) { - switch runtime.GOOS { - case "nacl": // platforms that don't permit direct file system access - t.Skipf("not supported on %q", runtime.GOOS) - } - - for _, tc := range sniffTestCases { - content, err := ioutil.ReadFile("testdata/" + tc.filename) - if err != nil { - t.Errorf("%s: error reading file: %v", tc.filename, err) - continue - } - - r, err := NewReader(bytes.NewReader(content), tc.declared) - if err != nil { - t.Errorf("%s: error creating reader: %v", tc.filename, err) - continue - } - - got, err := ioutil.ReadAll(r) - if err != nil { - t.Errorf("%s: error reading from charset.NewReader: %v", tc.filename, err) - continue - } - - e, _ := Lookup(tc.want) - want, err := ioutil.ReadAll(transform.NewReader(bytes.NewReader(content), e.NewDecoder())) - if err != nil { - t.Errorf("%s: error decoding with hard-coded charset name: %v", tc.filename, err) - continue - } - - if !bytes.Equal(got, want) { - t.Errorf("%s: got %q, want %q", tc.filename, got, want) - continue - } - } -} - -var metaTestCases = []struct { - meta, want string -}{ - {"", ""}, - {"text/html", ""}, - {"text/html; charset utf-8", ""}, - {"text/html; charset=latin-2", "latin-2"}, - {"text/html; charset; charset = utf-8", "utf-8"}, - {`charset="big5"`, "big5"}, - {"charset='shift_jis'", "shift_jis"}, -} - -func TestFromMeta(t *testing.T) { - for _, tc := range metaTestCases { - got := fromMetaElement(tc.meta) - if got != tc.want { - t.Errorf("%q: got %q, want %q", tc.meta, got, tc.want) - } - } -} - -func TestXML(t *testing.T) { - const s = "r\xe9sum\xe9" - - d := xml.NewDecoder(strings.NewReader(s)) - d.CharsetReader = NewReaderLabel - - var a struct { - Word string - } - err := d.Decode(&a) - if err != nil { - t.Fatalf("Decode: %v", err) - } - - want := "résumé" - if a.Word != want { - t.Errorf("got %q, want %q", a.Word, want) - } -} diff --git a/vendor/golang.org/x/net/html/charset/testdata/HTTP-charset.html b/vendor/golang.org/x/net/html/charset/testdata/HTTP-charset.html deleted file mode 100644 index 9915fa0e..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/HTTP-charset.html +++ /dev/null @@ -1,48 +0,0 @@ - - - - HTTP charset - - - - - - - - - - - -

HTTP charset

- - -
- - -
 
- - - - - -
-

The character encoding of a page can be set using the HTTP header charset declaration.

-

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ÜÀÚ. This matches the sequence of bytes above when they are interpreted as ISO 8859-15. If the class name matches the selector then the test will pass.

The only character encoding declaration for this HTML file is in the HTTP header, which sets the encoding to ISO 8859-15.

-
-
-
HTML5
-

the-input-byte-stream-001
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-UTF-8-BOM.html b/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-UTF-8-BOM.html deleted file mode 100644 index 26e5d8b4..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-UTF-8-BOM.html +++ /dev/null @@ -1,48 +0,0 @@ - - - - HTTP vs UTF-8 BOM - - - - - - - - - - - -

HTTP vs UTF-8 BOM

- - -
- - -
 
- - - - - -
-

A character encoding set in the HTTP header has lower precedence than the UTF-8 signature.

-

The HTTP header attempts to set the character encoding to ISO 8859-15. The page starts with a UTF-8 signature.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ýäè. This matches the sequence of bytes above when they are interpreted as UTF-8. If the class name matches the selector then the test will pass.

If the test is unsuccessful, the characters  should appear at the top of the page. These represent the bytes that make up the UTF-8 signature when encountered in the ISO 8859-15 encoding.

-
-
-
HTML5
-

the-input-byte-stream-034
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-charset.html b/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-charset.html deleted file mode 100644 index 2f07e951..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-charset.html +++ /dev/null @@ -1,49 +0,0 @@ - - - - HTTP vs meta charset - - - - - - - - - - - -

HTTP vs meta charset

- - -
- - -
 
- - - - - -
-

The HTTP header has a higher precedence than an encoding declaration in a meta charset attribute.

-

The HTTP header attempts to set the character encoding to ISO 8859-15. The page contains an encoding declaration in a meta charset attribute that attempts to set the character encoding to ISO 8859-1.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ÜÀÚ. This matches the sequence of bytes above when they are interpreted as ISO 8859-15. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-018
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-content.html b/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-content.html deleted file mode 100644 index 6853cdde..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/HTTP-vs-meta-content.html +++ /dev/null @@ -1,49 +0,0 @@ - - - - HTTP vs meta content - - - - - - - - - - - -

HTTP vs meta content

- - -
- - -
 
- - - - - -
-

The HTTP header has a higher precedence than an encoding declaration in a meta content attribute.

-

The HTTP header attempts to set the character encoding to ISO 8859-15. The page contains an encoding declaration in a meta content attribute that attempts to set the character encoding to ISO 8859-1.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ÜÀÚ. This matches the sequence of bytes above when they are interpreted as ISO 8859-15. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-016
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/No-encoding-declaration.html b/vendor/golang.org/x/net/html/charset/testdata/No-encoding-declaration.html deleted file mode 100644 index 612e26c6..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/No-encoding-declaration.html +++ /dev/null @@ -1,47 +0,0 @@ - - - - No encoding declaration - - - - - - - - - - - -

No encoding declaration

- - -
- - -
 
- - - - - -
-

A page with no encoding information in HTTP, BOM, XML declaration or meta element will be treated as UTF-8.

-

The test on this page contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ýäè. This matches the sequence of bytes above when they are interpreted as UTF-8. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-015
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/README b/vendor/golang.org/x/net/html/charset/testdata/README deleted file mode 100644 index 38ef0f9f..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/README +++ /dev/null @@ -1,9 +0,0 @@ -These test cases come from -http://www.w3.org/International/tests/repository/html5/the-input-byte-stream/results-basics - -Distributed under both the W3C Test Suite License -(http://www.w3.org/Consortium/Legal/2008/04-testsuite-license) -and the W3C 3-clause BSD License -(http://www.w3.org/Consortium/Legal/2008/03-bsd-license). -To contribute to a W3C Test Suite, see the policies and contribution -forms (http://www.w3.org/2004/10/27-testcases). diff --git a/vendor/golang.org/x/net/html/charset/testdata/UTF-16BE-BOM.html b/vendor/golang.org/x/net/html/charset/testdata/UTF-16BE-BOM.html deleted file mode 100644 index 3abf7a9343c20518e57dfea58b374fb0f4fb58a1..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2670 zcmcJR?QRoS5Qc}JAoU&=BQ-(7b^;2j8i*i3RV1JlO@;VXIsPurV!WHiDdLW}i`*CO z^UnC>tih=KsVr;H&Y7?C&O3AV(?534uG?e##U9y_y|!QNi4``n+D>d{2lky^LnFNx z?9HrarH$>rwQR_$g)Hk0*&STI*EYq|47~&U9sfUB+ji})9eR{QqCUra7oDsZ5obtB zdxP%<)-$4Q;rSHJiM>U(#ZI=;?n^BC?Dp6lu=~_1-lnX3u03&2BlmQIY>L+!Uq7XoytKw^Q#oZSM?3*J?)&ojG&yzQRkC!Ml5JE?ax;lp_NYEcdUht`ZswOviB~L5hmJ|pXI71nn20w;>vG! zQGB$EE9&wC``&J#_Ym~PgRu-Bd>1!pOp0||k`kr=VJ zfH6I6rmRaeHA7U-A^OTsT+|d2a^i(>DePzZ{)ibXoCBvJnuYrd-3kkN$uy{qQK;=*Y;S87ro12aTgu^i*%f8zC3>a}9DIe4cfxOzsCw&(cqvP9{ud{N6f` z#TNDY(B6@Gpr|uN+%&x^XZjBHdc@2vsM(Tyc2=vshHQ5w+obmp>tuWT(t4BTUGAQw zxeI$UGSLUBg=WFbF;4f@4=^P2AgY@CFn8A`bcC=_&~)fiDe)#cUARRBzJ^k|%X)69 z+{Cb`wq}Rsg%B62CC_tK!AV(W{(MV?#mndR46CU#BUN<{8e?*oT+!pE5wF#O#TR#a z$9qRT)tpbw8zAI~QQJg2C3|6$I%(T(;`zOMy6SO+&;pG=c#2P|P-WZn$$DpWJlC3U z3*nvmz zwP{u~r$L?-m3uqp9I1+#3yE|3M$(s-BEtih=LQ>`qYoiktOop(wi%!;yh%+Rm z{e|xntY<{q!1F1Z6MKtngPm-p-4|H&+3m4AVE3_AyiHm6Tzlf4M(*ht*%YrezJ6kr zHGj45pc?64*$Cm%-zseWMA`x;)v*~jA=i}szqts9xmQkS`M11|(H7bTXAycsXU53+ zJ?120SRZeyiFjW7enPN`bxk$IaWV3o48oJF7D&2ysoY;6(s6%6vVfaYd&mC=erK!) zNGI^7upQgN)53OHe_VE<@J+G8*Y|p*)zB2Thdi}+YR<5QWHm!|a_*AoZXuv7)$xe| zm3Q$D7{|#}{m4X&UY!6(ZhyYi2(5JLzGE$H)W6BQklnjPMwn<Yvv7Z*TVWwD*=E3QpH37* z#lqXJA0A~J9T_<^W5smspmDg2p6ac5Bjn+~LAoow%1TCdZ*$K8`O zw_$HaCi+0N&@7la#_7KL5r$+QL{)Pi=I&aDjt~|Knht#`CEi4*3%97i_fSfASlwUz0=3V0GCxY}z81UC-nP=CGt2OqYV$ zoRCo+qM9YX*3FFORLC=E3B~S@+KROyk4r5 yX7?DaslDfIebqXgC!KKp4IYy+W~X?ddE6o=`A+x#x0AK&6MF#W&AXxbRrv+SX}PNa diff --git a/vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-charset.html b/vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-charset.html deleted file mode 100644 index 83de4333..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-charset.html +++ /dev/null @@ -1,49 +0,0 @@ - - - - UTF-8 BOM vs meta charset - - - - - - - - - - - -

UTF-8 BOM vs meta charset

- - -
- - -
 
- - - - - -
-

A page with a UTF-8 BOM will be recognized as UTF-8 even if the meta charset attribute declares a different encoding.

-

The page contains an encoding declaration in a meta charset attribute that attempts to set the character encoding to ISO 8859-15, but the file starts with a UTF-8 signature.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ýäè. This matches the sequence of bytes above when they are interpreted as UTF-8. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-038
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-content.html b/vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-content.html deleted file mode 100644 index 501aac2d..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/UTF-8-BOM-vs-meta-content.html +++ /dev/null @@ -1,48 +0,0 @@ - - - - UTF-8 BOM vs meta content - - - - - - - - - - - -

UTF-8 BOM vs meta content

- - -
- - -
 
- - - - - -
-

A page with a UTF-8 BOM will be recognized as UTF-8 even if the meta content attribute declares a different encoding.

-

The page contains an encoding declaration in a meta content attribute that attempts to set the character encoding to ISO 8859-15, but the file starts with a UTF-8 signature.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ýäè. This matches the sequence of bytes above when they are interpreted as UTF-8. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-037
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/meta-charset-attribute.html b/vendor/golang.org/x/net/html/charset/testdata/meta-charset-attribute.html deleted file mode 100644 index 2d7d25ab..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/meta-charset-attribute.html +++ /dev/null @@ -1,48 +0,0 @@ - - - - meta charset attribute - - - - - - - - - - - -

meta charset attribute

- - -
- - -
 
- - - - - -
-

The character encoding of the page can be set by a meta element with charset attribute.

-

The only character encoding declaration for this HTML file is in the charset attribute of the meta element, which declares the encoding to be ISO 8859-15.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ÜÀÚ. This matches the sequence of bytes above when they are interpreted as ISO 8859-15. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-009
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/charset/testdata/meta-content-attribute.html b/vendor/golang.org/x/net/html/charset/testdata/meta-content-attribute.html deleted file mode 100644 index 1c3f228e..00000000 --- a/vendor/golang.org/x/net/html/charset/testdata/meta-content-attribute.html +++ /dev/null @@ -1,48 +0,0 @@ - - - - meta content attribute - - - - - - - - - - - -

meta content attribute

- - -
- - -
 
- - - - - -
-

The character encoding of the page can be set by a meta element with http-equiv and content attributes.

-

The only character encoding declaration for this HTML file is in the content attribute of the meta element, which declares the encoding to be ISO 8859-15.

The test contains a div with a class name that contains the following sequence of bytes: 0xC3 0xBD 0xC3 0xA4 0xC3 0xA8. These represent different sequences of characters in ISO 8859-15, ISO 8859-1 and UTF-8. The external, UTF-8-encoded stylesheet contains a selector .test div.ÜÀÚ. This matches the sequence of bytes above when they are interpreted as ISO 8859-15. If the class name matches the selector then the test will pass.

-
-
-
HTML5
-

the-input-byte-stream-007
Result summary & related tests
Detailed results for this test
Link to spec

-
Assumptions:
  • The default encoding for the browser you are testing is not set to ISO 8859-15.
    • -
  • The test is read from a server that supports HTTP.
-
- - - - - - diff --git a/vendor/golang.org/x/net/html/const.go b/vendor/golang.org/x/net/html/const.go deleted file mode 100644 index 52f651ff..00000000 --- a/vendor/golang.org/x/net/html/const.go +++ /dev/null @@ -1,102 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -// Section 12.2.3.2 of the HTML5 specification says "The following elements -// have varying levels of special parsing rules". -// https://html.spec.whatwg.org/multipage/syntax.html#the-stack-of-open-elements -var isSpecialElementMap = map[string]bool{ - "address": true, - "applet": true, - "area": true, - "article": true, - "aside": true, - "base": true, - "basefont": true, - "bgsound": true, - "blockquote": true, - "body": true, - "br": true, - "button": true, - "caption": true, - "center": true, - "col": true, - "colgroup": true, - "dd": true, - "details": true, - "dir": true, - "div": true, - "dl": true, - "dt": true, - "embed": true, - "fieldset": true, - "figcaption": true, - "figure": true, - "footer": true, - "form": true, - "frame": true, - "frameset": true, - "h1": true, - "h2": true, - "h3": true, - "h4": true, - "h5": true, - "h6": true, - "head": true, - "header": true, - "hgroup": true, - "hr": true, - "html": true, - "iframe": true, - "img": true, - "input": true, - "isindex": true, - "li": true, - "link": true, - "listing": true, - "marquee": true, - "menu": true, - "meta": true, - "nav": true, - "noembed": true, - "noframes": true, - "noscript": true, - "object": true, - "ol": true, - "p": true, - "param": true, - "plaintext": true, - "pre": true, - "script": true, - "section": true, - "select": true, - "source": true, - "style": true, - "summary": true, - "table": true, - "tbody": true, - "td": true, - "template": true, - "textarea": true, - "tfoot": true, - "th": true, - "thead": true, - "title": true, - "tr": true, - "track": true, - "ul": true, - "wbr": true, - "xmp": true, -} - -func isSpecialElement(element *Node) bool { - switch element.Namespace { - case "", "html": - return isSpecialElementMap[element.Data] - case "svg": - return element.Data == "foreignObject" - } - return false -} diff --git a/vendor/golang.org/x/net/html/doc.go b/vendor/golang.org/x/net/html/doc.go deleted file mode 100644 index 94f49687..00000000 --- a/vendor/golang.org/x/net/html/doc.go +++ /dev/null @@ -1,106 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -/* -Package html implements an HTML5-compliant tokenizer and parser. - -Tokenization is done by creating a Tokenizer for an io.Reader r. It is the -caller's responsibility to ensure that r provides UTF-8 encoded HTML. - - z := html.NewTokenizer(r) - -Given a Tokenizer z, the HTML is tokenized by repeatedly calling z.Next(), -which parses the next token and returns its type, or an error: - - for { - tt := z.Next() - if tt == html.ErrorToken { - // ... - return ... - } - // Process the current token. - } - -There are two APIs for retrieving the current token. The high-level API is to -call Token; the low-level API is to call Text or TagName / TagAttr. Both APIs -allow optionally calling Raw after Next but before Token, Text, TagName, or -TagAttr. In EBNF notation, the valid call sequence per token is: - - Next {Raw} [ Token | Text | TagName {TagAttr} ] - -Token returns an independent data structure that completely describes a token. -Entities (such as "<") are unescaped, tag names and attribute keys are -lower-cased, and attributes are collected into a []Attribute. For example: - - for { - if z.Next() == html.ErrorToken { - // Returning io.EOF indicates success. - return z.Err() - } - emitToken(z.Token()) - } - -The low-level API performs fewer allocations and copies, but the contents of -the []byte values returned by Text, TagName and TagAttr may change on the next -call to Next. For example, to extract an HTML page's anchor text: - - depth := 0 - for { - tt := z.Next() - switch tt { - case ErrorToken: - return z.Err() - case TextToken: - if depth > 0 { - // emitBytes should copy the []byte it receives, - // if it doesn't process it immediately. - emitBytes(z.Text()) - } - case StartTagToken, EndTagToken: - tn, _ := z.TagName() - if len(tn) == 1 && tn[0] == 'a' { - if tt == StartTagToken { - depth++ - } else { - depth-- - } - } - } - } - -Parsing is done by calling Parse with an io.Reader, which returns the root of -the parse tree (the document element) as a *Node. It is the caller's -responsibility to ensure that the Reader provides UTF-8 encoded HTML. For -example, to process each anchor node in depth-first order: - - doc, err := html.Parse(r) - if err != nil { - // ... - } - var f func(*html.Node) - f = func(n *html.Node) { - if n.Type == html.ElementNode && n.Data == "a" { - // Do something with n... - } - for c := n.FirstChild; c != nil; c = c.NextSibling { - f(c) - } - } - f(doc) - -The relevant specifications include: -https://html.spec.whatwg.org/multipage/syntax.html and -https://html.spec.whatwg.org/multipage/syntax.html#tokenization -*/ -package html // import "golang.org/x/net/html" - -// The tokenization algorithm implemented by this package is not a line-by-line -// transliteration of the relatively verbose state-machine in the WHATWG -// specification. A more direct approach is used instead, where the program -// counter implies the state, such as whether it is tokenizing a tag or a text -// node. Specification compliance is verified by checking expected and actual -// outputs over a test suite rather than aiming for algorithmic fidelity. - -// TODO(nigeltao): Does a DOM API belong in this package or a separate one? -// TODO(nigeltao): How does parsing interact with a JavaScript engine? diff --git a/vendor/golang.org/x/net/html/doctype.go b/vendor/golang.org/x/net/html/doctype.go deleted file mode 100644 index c484e5a9..00000000 --- a/vendor/golang.org/x/net/html/doctype.go +++ /dev/null @@ -1,156 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "strings" -) - -// parseDoctype parses the data from a DoctypeToken into a name, -// public identifier, and system identifier. It returns a Node whose Type -// is DoctypeNode, whose Data is the name, and which has attributes -// named "system" and "public" for the two identifiers if they were present. -// quirks is whether the document should be parsed in "quirks mode". -func parseDoctype(s string) (n *Node, quirks bool) { - n = &Node{Type: DoctypeNode} - - // Find the name. - space := strings.IndexAny(s, whitespace) - if space == -1 { - space = len(s) - } - n.Data = s[:space] - // The comparison to "html" is case-sensitive. - if n.Data != "html" { - quirks = true - } - n.Data = strings.ToLower(n.Data) - s = strings.TrimLeft(s[space:], whitespace) - - if len(s) < 6 { - // It can't start with "PUBLIC" or "SYSTEM". - // Ignore the rest of the string. - return n, quirks || s != "" - } - - key := strings.ToLower(s[:6]) - s = s[6:] - for key == "public" || key == "system" { - s = strings.TrimLeft(s, whitespace) - if s == "" { - break - } - quote := s[0] - if quote != '"' && quote != '\'' { - break - } - s = s[1:] - q := strings.IndexRune(s, rune(quote)) - var id string - if q == -1 { - id = s - s = "" - } else { - id = s[:q] - s = s[q+1:] - } - n.Attr = append(n.Attr, Attribute{Key: key, Val: id}) - if key == "public" { - key = "system" - } else { - key = "" - } - } - - if key != "" || s != "" { - quirks = true - } else if len(n.Attr) > 0 { - if n.Attr[0].Key == "public" { - public := strings.ToLower(n.Attr[0].Val) - switch public { - case "-//w3o//dtd w3 html strict 3.0//en//", "-/w3d/dtd html 4.0 transitional/en", "html": - quirks = true - default: - for _, q := range quirkyIDs { - if strings.HasPrefix(public, q) { - quirks = true - break - } - } - } - // The following two public IDs only cause quirks mode if there is no system ID. - if len(n.Attr) == 1 && (strings.HasPrefix(public, "-//w3c//dtd html 4.01 frameset//") || - strings.HasPrefix(public, "-//w3c//dtd html 4.01 transitional//")) { - quirks = true - } - } - if lastAttr := n.Attr[len(n.Attr)-1]; lastAttr.Key == "system" && - strings.ToLower(lastAttr.Val) == "http://www.ibm.com/data/dtd/v11/ibmxhtml1-transitional.dtd" { - quirks = true - } - } - - return n, quirks -} - -// quirkyIDs is a list of public doctype identifiers that cause a document -// to be interpreted in quirks mode. The identifiers should be in lower case. -var quirkyIDs = []string{ - "+//silmaril//dtd html pro v0r11 19970101//", - "-//advasoft ltd//dtd html 3.0 aswedit + extensions//", - "-//as//dtd html 3.0 aswedit + extensions//", - "-//ietf//dtd html 2.0 level 1//", - "-//ietf//dtd html 2.0 level 2//", - "-//ietf//dtd html 2.0 strict level 1//", - "-//ietf//dtd html 2.0 strict level 2//", - "-//ietf//dtd html 2.0 strict//", - "-//ietf//dtd html 2.0//", - "-//ietf//dtd html 2.1e//", - "-//ietf//dtd html 3.0//", - "-//ietf//dtd html 3.2 final//", - "-//ietf//dtd html 3.2//", - "-//ietf//dtd html 3//", - "-//ietf//dtd html level 0//", - "-//ietf//dtd html level 1//", - "-//ietf//dtd html level 2//", - "-//ietf//dtd html level 3//", - "-//ietf//dtd html strict level 0//", - "-//ietf//dtd html strict level 1//", - "-//ietf//dtd html strict level 2//", - "-//ietf//dtd html strict level 3//", - "-//ietf//dtd html strict//", - "-//ietf//dtd html//", - "-//metrius//dtd metrius presentational//", - "-//microsoft//dtd internet explorer 2.0 html strict//", - "-//microsoft//dtd internet explorer 2.0 html//", - "-//microsoft//dtd internet explorer 2.0 tables//", - "-//microsoft//dtd internet explorer 3.0 html strict//", - "-//microsoft//dtd internet explorer 3.0 html//", - "-//microsoft//dtd internet explorer 3.0 tables//", - "-//netscape comm. corp.//dtd html//", - "-//netscape comm. corp.//dtd strict html//", - "-//o'reilly and associates//dtd html 2.0//", - "-//o'reilly and associates//dtd html extended 1.0//", - "-//o'reilly and associates//dtd html extended relaxed 1.0//", - "-//softquad software//dtd hotmetal pro 6.0::19990601::extensions to html 4.0//", - "-//softquad//dtd hotmetal pro 4.0::19971010::extensions to html 4.0//", - "-//spyglass//dtd html 2.0 extended//", - "-//sq//dtd html 2.0 hotmetal + extensions//", - "-//sun microsystems corp.//dtd hotjava html//", - "-//sun microsystems corp.//dtd hotjava strict html//", - "-//w3c//dtd html 3 1995-03-24//", - "-//w3c//dtd html 3.2 draft//", - "-//w3c//dtd html 3.2 final//", - "-//w3c//dtd html 3.2//", - "-//w3c//dtd html 3.2s draft//", - "-//w3c//dtd html 4.0 frameset//", - "-//w3c//dtd html 4.0 transitional//", - "-//w3c//dtd html experimental 19960712//", - "-//w3c//dtd html experimental 970421//", - "-//w3c//dtd w3 html//", - "-//w3o//dtd w3 html 3.0//", - "-//webtechs//dtd mozilla html 2.0//", - "-//webtechs//dtd mozilla html//", -} diff --git a/vendor/golang.org/x/net/html/entity.go b/vendor/golang.org/x/net/html/entity.go deleted file mode 100644 index a50c04c6..00000000 --- a/vendor/golang.org/x/net/html/entity.go +++ /dev/null @@ -1,2253 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -// All entities that do not end with ';' are 6 or fewer bytes long. -const longestEntityWithoutSemicolon = 6 - -// entity is a map from HTML entity names to their values. The semicolon matters: -// https://html.spec.whatwg.org/multipage/syntax.html#named-character-references -// lists both "amp" and "amp;" as two separate entries. -// -// Note that the HTML5 list is larger than the HTML4 list at -// http://www.w3.org/TR/html4/sgml/entities.html -var entity = map[string]rune{ - "AElig;": '\U000000C6', - "AMP;": '\U00000026', - "Aacute;": '\U000000C1', - "Abreve;": '\U00000102', - "Acirc;": '\U000000C2', - "Acy;": '\U00000410', - "Afr;": '\U0001D504', - "Agrave;": '\U000000C0', - "Alpha;": '\U00000391', - "Amacr;": '\U00000100', - "And;": '\U00002A53', - "Aogon;": '\U00000104', - "Aopf;": '\U0001D538', - "ApplyFunction;": '\U00002061', - "Aring;": '\U000000C5', - "Ascr;": '\U0001D49C', - "Assign;": '\U00002254', - "Atilde;": '\U000000C3', - "Auml;": '\U000000C4', - "Backslash;": '\U00002216', - "Barv;": '\U00002AE7', - "Barwed;": '\U00002306', - "Bcy;": '\U00000411', - "Because;": '\U00002235', - "Bernoullis;": '\U0000212C', - "Beta;": '\U00000392', - "Bfr;": '\U0001D505', - "Bopf;": '\U0001D539', - "Breve;": '\U000002D8', - "Bscr;": '\U0000212C', - "Bumpeq;": '\U0000224E', - "CHcy;": '\U00000427', - "COPY;": '\U000000A9', - "Cacute;": '\U00000106', - "Cap;": '\U000022D2', - "CapitalDifferentialD;": '\U00002145', - "Cayleys;": '\U0000212D', - "Ccaron;": '\U0000010C', - "Ccedil;": '\U000000C7', - "Ccirc;": '\U00000108', - "Cconint;": '\U00002230', - "Cdot;": '\U0000010A', - "Cedilla;": '\U000000B8', - "CenterDot;": '\U000000B7', - "Cfr;": '\U0000212D', - "Chi;": '\U000003A7', - "CircleDot;": '\U00002299', - "CircleMinus;": '\U00002296', - "CirclePlus;": '\U00002295', - "CircleTimes;": '\U00002297', - "ClockwiseContourIntegral;": '\U00002232', - "CloseCurlyDoubleQuote;": '\U0000201D', - "CloseCurlyQuote;": '\U00002019', - "Colon;": '\U00002237', - "Colone;": '\U00002A74', - "Congruent;": '\U00002261', - "Conint;": '\U0000222F', - "ContourIntegral;": '\U0000222E', - "Copf;": '\U00002102', - "Coproduct;": '\U00002210', - "CounterClockwiseContourIntegral;": '\U00002233', - "Cross;": '\U00002A2F', - "Cscr;": '\U0001D49E', - "Cup;": '\U000022D3', - "CupCap;": '\U0000224D', - "DD;": '\U00002145', - "DDotrahd;": '\U00002911', - "DJcy;": '\U00000402', - "DScy;": '\U00000405', - "DZcy;": '\U0000040F', - "Dagger;": '\U00002021', - "Darr;": '\U000021A1', - "Dashv;": '\U00002AE4', - "Dcaron;": '\U0000010E', - "Dcy;": '\U00000414', - "Del;": '\U00002207', - "Delta;": '\U00000394', - "Dfr;": '\U0001D507', - "DiacriticalAcute;": '\U000000B4', - "DiacriticalDot;": '\U000002D9', - "DiacriticalDoubleAcute;": '\U000002DD', - "DiacriticalGrave;": '\U00000060', - "DiacriticalTilde;": '\U000002DC', - "Diamond;": '\U000022C4', - "DifferentialD;": '\U00002146', - "Dopf;": '\U0001D53B', - "Dot;": '\U000000A8', - "DotDot;": '\U000020DC', - "DotEqual;": '\U00002250', - "DoubleContourIntegral;": '\U0000222F', - "DoubleDot;": '\U000000A8', - "DoubleDownArrow;": '\U000021D3', - "DoubleLeftArrow;": '\U000021D0', - "DoubleLeftRightArrow;": '\U000021D4', - "DoubleLeftTee;": '\U00002AE4', - "DoubleLongLeftArrow;": '\U000027F8', - "DoubleLongLeftRightArrow;": '\U000027FA', - "DoubleLongRightArrow;": '\U000027F9', - "DoubleRightArrow;": '\U000021D2', - "DoubleRightTee;": '\U000022A8', - "DoubleUpArrow;": '\U000021D1', - "DoubleUpDownArrow;": '\U000021D5', - "DoubleVerticalBar;": '\U00002225', - "DownArrow;": '\U00002193', - "DownArrowBar;": '\U00002913', - "DownArrowUpArrow;": '\U000021F5', - "DownBreve;": '\U00000311', - "DownLeftRightVector;": '\U00002950', - "DownLeftTeeVector;": '\U0000295E', - "DownLeftVector;": '\U000021BD', - "DownLeftVectorBar;": '\U00002956', - "DownRightTeeVector;": '\U0000295F', - "DownRightVector;": '\U000021C1', - "DownRightVectorBar;": '\U00002957', - "DownTee;": '\U000022A4', - "DownTeeArrow;": '\U000021A7', - "Downarrow;": '\U000021D3', - "Dscr;": '\U0001D49F', - "Dstrok;": '\U00000110', - "ENG;": '\U0000014A', - "ETH;": '\U000000D0', - "Eacute;": '\U000000C9', - "Ecaron;": '\U0000011A', - "Ecirc;": '\U000000CA', - "Ecy;": '\U0000042D', - "Edot;": '\U00000116', - "Efr;": '\U0001D508', - "Egrave;": '\U000000C8', - "Element;": '\U00002208', - "Emacr;": '\U00000112', - "EmptySmallSquare;": '\U000025FB', - "EmptyVerySmallSquare;": '\U000025AB', - "Eogon;": '\U00000118', - "Eopf;": '\U0001D53C', - "Epsilon;": '\U00000395', - "Equal;": '\U00002A75', - "EqualTilde;": '\U00002242', - "Equilibrium;": '\U000021CC', - "Escr;": '\U00002130', - "Esim;": '\U00002A73', - "Eta;": '\U00000397', - "Euml;": '\U000000CB', - "Exists;": '\U00002203', - "ExponentialE;": '\U00002147', - "Fcy;": '\U00000424', - "Ffr;": '\U0001D509', - "FilledSmallSquare;": '\U000025FC', - "FilledVerySmallSquare;": '\U000025AA', - "Fopf;": '\U0001D53D', - "ForAll;": '\U00002200', - "Fouriertrf;": '\U00002131', - "Fscr;": '\U00002131', - "GJcy;": '\U00000403', - "GT;": '\U0000003E', - "Gamma;": '\U00000393', - "Gammad;": '\U000003DC', - "Gbreve;": '\U0000011E', - "Gcedil;": '\U00000122', - "Gcirc;": '\U0000011C', - "Gcy;": '\U00000413', - "Gdot;": '\U00000120', - "Gfr;": '\U0001D50A', - "Gg;": '\U000022D9', - "Gopf;": '\U0001D53E', - "GreaterEqual;": '\U00002265', - "GreaterEqualLess;": '\U000022DB', - "GreaterFullEqual;": '\U00002267', - "GreaterGreater;": '\U00002AA2', - "GreaterLess;": '\U00002277', - "GreaterSlantEqual;": '\U00002A7E', - "GreaterTilde;": '\U00002273', - "Gscr;": '\U0001D4A2', - "Gt;": '\U0000226B', - "HARDcy;": '\U0000042A', - "Hacek;": '\U000002C7', - "Hat;": '\U0000005E', - "Hcirc;": '\U00000124', - "Hfr;": '\U0000210C', - "HilbertSpace;": '\U0000210B', - "Hopf;": '\U0000210D', - "HorizontalLine;": '\U00002500', - "Hscr;": '\U0000210B', - "Hstrok;": '\U00000126', - "HumpDownHump;": '\U0000224E', - "HumpEqual;": '\U0000224F', - "IEcy;": '\U00000415', - "IJlig;": '\U00000132', - "IOcy;": '\U00000401', - "Iacute;": '\U000000CD', - "Icirc;": '\U000000CE', - "Icy;": '\U00000418', - "Idot;": '\U00000130', - "Ifr;": '\U00002111', - "Igrave;": '\U000000CC', - "Im;": '\U00002111', - "Imacr;": '\U0000012A', - "ImaginaryI;": '\U00002148', - "Implies;": '\U000021D2', - "Int;": '\U0000222C', - "Integral;": '\U0000222B', - "Intersection;": '\U000022C2', - "InvisibleComma;": '\U00002063', - "InvisibleTimes;": '\U00002062', - "Iogon;": '\U0000012E', - "Iopf;": '\U0001D540', - "Iota;": '\U00000399', - "Iscr;": '\U00002110', - "Itilde;": '\U00000128', - "Iukcy;": '\U00000406', - "Iuml;": '\U000000CF', - "Jcirc;": '\U00000134', - "Jcy;": '\U00000419', - "Jfr;": '\U0001D50D', - "Jopf;": '\U0001D541', - "Jscr;": '\U0001D4A5', - "Jsercy;": '\U00000408', - "Jukcy;": '\U00000404', - "KHcy;": '\U00000425', - "KJcy;": '\U0000040C', - "Kappa;": '\U0000039A', - "Kcedil;": '\U00000136', - "Kcy;": '\U0000041A', - "Kfr;": '\U0001D50E', - "Kopf;": '\U0001D542', - "Kscr;": '\U0001D4A6', - "LJcy;": '\U00000409', - "LT;": '\U0000003C', - "Lacute;": '\U00000139', - "Lambda;": '\U0000039B', - "Lang;": '\U000027EA', - "Laplacetrf;": '\U00002112', - "Larr;": '\U0000219E', - "Lcaron;": '\U0000013D', - "Lcedil;": '\U0000013B', - "Lcy;": '\U0000041B', - "LeftAngleBracket;": '\U000027E8', - "LeftArrow;": '\U00002190', - "LeftArrowBar;": '\U000021E4', - "LeftArrowRightArrow;": '\U000021C6', - "LeftCeiling;": '\U00002308', - "LeftDoubleBracket;": '\U000027E6', - "LeftDownTeeVector;": '\U00002961', - "LeftDownVector;": '\U000021C3', - "LeftDownVectorBar;": '\U00002959', - "LeftFloor;": '\U0000230A', - "LeftRightArrow;": '\U00002194', - "LeftRightVector;": '\U0000294E', - "LeftTee;": '\U000022A3', - "LeftTeeArrow;": '\U000021A4', - "LeftTeeVector;": '\U0000295A', - "LeftTriangle;": '\U000022B2', - "LeftTriangleBar;": '\U000029CF', - "LeftTriangleEqual;": '\U000022B4', - "LeftUpDownVector;": '\U00002951', - "LeftUpTeeVector;": '\U00002960', - "LeftUpVector;": '\U000021BF', - "LeftUpVectorBar;": '\U00002958', - "LeftVector;": '\U000021BC', - "LeftVectorBar;": '\U00002952', - "Leftarrow;": '\U000021D0', - "Leftrightarrow;": '\U000021D4', - "LessEqualGreater;": '\U000022DA', - "LessFullEqual;": '\U00002266', - "LessGreater;": '\U00002276', - "LessLess;": '\U00002AA1', - "LessSlantEqual;": '\U00002A7D', - "LessTilde;": '\U00002272', - "Lfr;": '\U0001D50F', - "Ll;": '\U000022D8', - "Lleftarrow;": '\U000021DA', - "Lmidot;": '\U0000013F', - "LongLeftArrow;": '\U000027F5', - "LongLeftRightArrow;": '\U000027F7', - "LongRightArrow;": '\U000027F6', - "Longleftarrow;": '\U000027F8', - "Longleftrightarrow;": '\U000027FA', - "Longrightarrow;": '\U000027F9', - "Lopf;": '\U0001D543', - "LowerLeftArrow;": '\U00002199', - "LowerRightArrow;": '\U00002198', - "Lscr;": '\U00002112', - "Lsh;": '\U000021B0', - "Lstrok;": '\U00000141', - "Lt;": '\U0000226A', - "Map;": '\U00002905', - "Mcy;": '\U0000041C', - "MediumSpace;": '\U0000205F', - "Mellintrf;": '\U00002133', - "Mfr;": '\U0001D510', - "MinusPlus;": '\U00002213', - "Mopf;": '\U0001D544', - "Mscr;": '\U00002133', - "Mu;": '\U0000039C', - "NJcy;": '\U0000040A', - "Nacute;": '\U00000143', - "Ncaron;": '\U00000147', - "Ncedil;": '\U00000145', - "Ncy;": '\U0000041D', - "NegativeMediumSpace;": '\U0000200B', - "NegativeThickSpace;": '\U0000200B', - "NegativeThinSpace;": '\U0000200B', - "NegativeVeryThinSpace;": '\U0000200B', - "NestedGreaterGreater;": '\U0000226B', - "NestedLessLess;": '\U0000226A', - "NewLine;": '\U0000000A', - "Nfr;": '\U0001D511', - "NoBreak;": '\U00002060', - "NonBreakingSpace;": '\U000000A0', - "Nopf;": '\U00002115', - "Not;": '\U00002AEC', - "NotCongruent;": '\U00002262', - "NotCupCap;": '\U0000226D', - "NotDoubleVerticalBar;": '\U00002226', - "NotElement;": '\U00002209', - "NotEqual;": '\U00002260', - "NotExists;": '\U00002204', - "NotGreater;": '\U0000226F', - "NotGreaterEqual;": '\U00002271', - "NotGreaterLess;": '\U00002279', - "NotGreaterTilde;": '\U00002275', - "NotLeftTriangle;": '\U000022EA', - "NotLeftTriangleEqual;": '\U000022EC', - "NotLess;": '\U0000226E', - "NotLessEqual;": '\U00002270', - "NotLessGreater;": '\U00002278', - "NotLessTilde;": '\U00002274', - "NotPrecedes;": '\U00002280', - "NotPrecedesSlantEqual;": '\U000022E0', - "NotReverseElement;": '\U0000220C', - "NotRightTriangle;": '\U000022EB', - "NotRightTriangleEqual;": '\U000022ED', - "NotSquareSubsetEqual;": '\U000022E2', - "NotSquareSupersetEqual;": '\U000022E3', - "NotSubsetEqual;": '\U00002288', - "NotSucceeds;": '\U00002281', - "NotSucceedsSlantEqual;": '\U000022E1', - "NotSupersetEqual;": '\U00002289', - "NotTilde;": '\U00002241', - "NotTildeEqual;": '\U00002244', - "NotTildeFullEqual;": '\U00002247', - "NotTildeTilde;": '\U00002249', - "NotVerticalBar;": '\U00002224', - "Nscr;": '\U0001D4A9', - "Ntilde;": '\U000000D1', - "Nu;": '\U0000039D', - "OElig;": '\U00000152', - "Oacute;": '\U000000D3', - "Ocirc;": '\U000000D4', - "Ocy;": '\U0000041E', - "Odblac;": '\U00000150', - "Ofr;": '\U0001D512', - "Ograve;": '\U000000D2', - "Omacr;": '\U0000014C', - "Omega;": '\U000003A9', - "Omicron;": '\U0000039F', - "Oopf;": '\U0001D546', - "OpenCurlyDoubleQuote;": '\U0000201C', - "OpenCurlyQuote;": '\U00002018', - "Or;": '\U00002A54', - "Oscr;": '\U0001D4AA', - "Oslash;": '\U000000D8', - "Otilde;": '\U000000D5', - "Otimes;": '\U00002A37', - "Ouml;": '\U000000D6', - "OverBar;": '\U0000203E', - "OverBrace;": '\U000023DE', - "OverBracket;": '\U000023B4', - "OverParenthesis;": '\U000023DC', - "PartialD;": '\U00002202', - "Pcy;": '\U0000041F', - "Pfr;": '\U0001D513', - "Phi;": '\U000003A6', - "Pi;": '\U000003A0', - "PlusMinus;": '\U000000B1', - "Poincareplane;": '\U0000210C', - "Popf;": '\U00002119', - "Pr;": '\U00002ABB', - "Precedes;": '\U0000227A', - "PrecedesEqual;": '\U00002AAF', - "PrecedesSlantEqual;": '\U0000227C', - "PrecedesTilde;": '\U0000227E', - "Prime;": '\U00002033', - "Product;": '\U0000220F', - "Proportion;": '\U00002237', - "Proportional;": '\U0000221D', - "Pscr;": '\U0001D4AB', - "Psi;": '\U000003A8', - "QUOT;": '\U00000022', - "Qfr;": '\U0001D514', - "Qopf;": '\U0000211A', - "Qscr;": '\U0001D4AC', - "RBarr;": '\U00002910', - "REG;": '\U000000AE', - "Racute;": '\U00000154', - "Rang;": '\U000027EB', - "Rarr;": '\U000021A0', - "Rarrtl;": '\U00002916', - "Rcaron;": '\U00000158', - "Rcedil;": '\U00000156', - "Rcy;": '\U00000420', - "Re;": '\U0000211C', - "ReverseElement;": '\U0000220B', - "ReverseEquilibrium;": '\U000021CB', - "ReverseUpEquilibrium;": '\U0000296F', - "Rfr;": '\U0000211C', - "Rho;": '\U000003A1', - "RightAngleBracket;": '\U000027E9', - "RightArrow;": '\U00002192', - "RightArrowBar;": '\U000021E5', - "RightArrowLeftArrow;": '\U000021C4', - "RightCeiling;": '\U00002309', - "RightDoubleBracket;": '\U000027E7', - "RightDownTeeVector;": '\U0000295D', - "RightDownVector;": '\U000021C2', - "RightDownVectorBar;": '\U00002955', - "RightFloor;": '\U0000230B', - "RightTee;": '\U000022A2', - "RightTeeArrow;": '\U000021A6', - "RightTeeVector;": '\U0000295B', - "RightTriangle;": '\U000022B3', - "RightTriangleBar;": '\U000029D0', - "RightTriangleEqual;": '\U000022B5', - "RightUpDownVector;": '\U0000294F', - "RightUpTeeVector;": '\U0000295C', - "RightUpVector;": '\U000021BE', - "RightUpVectorBar;": '\U00002954', - "RightVector;": '\U000021C0', - "RightVectorBar;": '\U00002953', - "Rightarrow;": '\U000021D2', - "Ropf;": '\U0000211D', - "RoundImplies;": '\U00002970', - "Rrightarrow;": '\U000021DB', - "Rscr;": '\U0000211B', - "Rsh;": '\U000021B1', - "RuleDelayed;": '\U000029F4', - "SHCHcy;": '\U00000429', - "SHcy;": '\U00000428', - "SOFTcy;": '\U0000042C', - "Sacute;": '\U0000015A', - "Sc;": '\U00002ABC', - "Scaron;": '\U00000160', - "Scedil;": '\U0000015E', - "Scirc;": '\U0000015C', - "Scy;": '\U00000421', - "Sfr;": '\U0001D516', - "ShortDownArrow;": '\U00002193', - "ShortLeftArrow;": '\U00002190', - "ShortRightArrow;": '\U00002192', - "ShortUpArrow;": '\U00002191', - "Sigma;": '\U000003A3', - "SmallCircle;": '\U00002218', - "Sopf;": '\U0001D54A', - "Sqrt;": '\U0000221A', - "Square;": '\U000025A1', - "SquareIntersection;": '\U00002293', - "SquareSubset;": '\U0000228F', - "SquareSubsetEqual;": '\U00002291', - "SquareSuperset;": '\U00002290', - "SquareSupersetEqual;": '\U00002292', - "SquareUnion;": '\U00002294', - "Sscr;": '\U0001D4AE', - "Star;": '\U000022C6', - "Sub;": '\U000022D0', - "Subset;": '\U000022D0', - "SubsetEqual;": '\U00002286', - "Succeeds;": '\U0000227B', - "SucceedsEqual;": '\U00002AB0', - "SucceedsSlantEqual;": '\U0000227D', - "SucceedsTilde;": '\U0000227F', - "SuchThat;": '\U0000220B', - "Sum;": '\U00002211', - "Sup;": '\U000022D1', - "Superset;": '\U00002283', - "SupersetEqual;": '\U00002287', - "Supset;": '\U000022D1', - "THORN;": '\U000000DE', - "TRADE;": '\U00002122', - "TSHcy;": '\U0000040B', - "TScy;": '\U00000426', - "Tab;": '\U00000009', - "Tau;": '\U000003A4', - "Tcaron;": '\U00000164', - "Tcedil;": '\U00000162', - "Tcy;": '\U00000422', - "Tfr;": '\U0001D517', - "Therefore;": '\U00002234', - "Theta;": '\U00000398', - "ThinSpace;": '\U00002009', - "Tilde;": '\U0000223C', - "TildeEqual;": '\U00002243', - "TildeFullEqual;": '\U00002245', - "TildeTilde;": '\U00002248', - "Topf;": '\U0001D54B', - "TripleDot;": '\U000020DB', - "Tscr;": '\U0001D4AF', - "Tstrok;": '\U00000166', - "Uacute;": '\U000000DA', - "Uarr;": '\U0000219F', - "Uarrocir;": '\U00002949', - "Ubrcy;": '\U0000040E', - "Ubreve;": '\U0000016C', - "Ucirc;": '\U000000DB', - "Ucy;": '\U00000423', - "Udblac;": '\U00000170', - "Ufr;": '\U0001D518', - "Ugrave;": '\U000000D9', - "Umacr;": '\U0000016A', - "UnderBar;": '\U0000005F', - "UnderBrace;": '\U000023DF', - "UnderBracket;": '\U000023B5', - "UnderParenthesis;": '\U000023DD', - "Union;": '\U000022C3', - "UnionPlus;": '\U0000228E', - "Uogon;": '\U00000172', - "Uopf;": '\U0001D54C', - "UpArrow;": '\U00002191', - "UpArrowBar;": '\U00002912', - "UpArrowDownArrow;": '\U000021C5', - "UpDownArrow;": '\U00002195', - "UpEquilibrium;": '\U0000296E', - "UpTee;": '\U000022A5', - "UpTeeArrow;": '\U000021A5', - "Uparrow;": '\U000021D1', - "Updownarrow;": '\U000021D5', - "UpperLeftArrow;": '\U00002196', - "UpperRightArrow;": '\U00002197', - "Upsi;": '\U000003D2', - "Upsilon;": '\U000003A5', - "Uring;": '\U0000016E', - "Uscr;": '\U0001D4B0', - "Utilde;": '\U00000168', - "Uuml;": '\U000000DC', - "VDash;": '\U000022AB', - "Vbar;": '\U00002AEB', - "Vcy;": '\U00000412', - "Vdash;": '\U000022A9', - "Vdashl;": '\U00002AE6', - "Vee;": '\U000022C1', - "Verbar;": '\U00002016', - "Vert;": '\U00002016', - "VerticalBar;": '\U00002223', - "VerticalLine;": '\U0000007C', - "VerticalSeparator;": '\U00002758', - "VerticalTilde;": '\U00002240', - "VeryThinSpace;": '\U0000200A', - "Vfr;": '\U0001D519', - "Vopf;": '\U0001D54D', - "Vscr;": '\U0001D4B1', - "Vvdash;": '\U000022AA', - "Wcirc;": '\U00000174', - "Wedge;": '\U000022C0', - "Wfr;": '\U0001D51A', - "Wopf;": '\U0001D54E', - "Wscr;": '\U0001D4B2', - "Xfr;": '\U0001D51B', - "Xi;": '\U0000039E', - "Xopf;": '\U0001D54F', - "Xscr;": '\U0001D4B3', - "YAcy;": '\U0000042F', - "YIcy;": '\U00000407', - "YUcy;": '\U0000042E', - "Yacute;": '\U000000DD', - "Ycirc;": '\U00000176', - "Ycy;": '\U0000042B', - "Yfr;": '\U0001D51C', - "Yopf;": '\U0001D550', - "Yscr;": '\U0001D4B4', - "Yuml;": '\U00000178', - "ZHcy;": '\U00000416', - "Zacute;": '\U00000179', - "Zcaron;": '\U0000017D', - "Zcy;": '\U00000417', - "Zdot;": '\U0000017B', - "ZeroWidthSpace;": '\U0000200B', - "Zeta;": '\U00000396', - "Zfr;": '\U00002128', - "Zopf;": '\U00002124', - "Zscr;": '\U0001D4B5', - "aacute;": '\U000000E1', - "abreve;": '\U00000103', - "ac;": '\U0000223E', - "acd;": '\U0000223F', - "acirc;": '\U000000E2', - "acute;": '\U000000B4', - "acy;": '\U00000430', - "aelig;": '\U000000E6', - "af;": '\U00002061', - "afr;": '\U0001D51E', - "agrave;": '\U000000E0', - "alefsym;": '\U00002135', - "aleph;": '\U00002135', - "alpha;": '\U000003B1', - "amacr;": '\U00000101', - "amalg;": '\U00002A3F', - "amp;": '\U00000026', - "and;": '\U00002227', - "andand;": '\U00002A55', - "andd;": '\U00002A5C', - "andslope;": '\U00002A58', - "andv;": '\U00002A5A', - "ang;": '\U00002220', - "ange;": '\U000029A4', - "angle;": '\U00002220', - "angmsd;": '\U00002221', - "angmsdaa;": '\U000029A8', - "angmsdab;": '\U000029A9', - "angmsdac;": '\U000029AA', - "angmsdad;": '\U000029AB', - "angmsdae;": '\U000029AC', - "angmsdaf;": '\U000029AD', - "angmsdag;": '\U000029AE', - "angmsdah;": '\U000029AF', - "angrt;": '\U0000221F', - "angrtvb;": '\U000022BE', - "angrtvbd;": '\U0000299D', - "angsph;": '\U00002222', - "angst;": '\U000000C5', - "angzarr;": '\U0000237C', - "aogon;": '\U00000105', - "aopf;": '\U0001D552', - "ap;": '\U00002248', - "apE;": '\U00002A70', - "apacir;": '\U00002A6F', - "ape;": '\U0000224A', - "apid;": '\U0000224B', - "apos;": '\U00000027', - "approx;": '\U00002248', - "approxeq;": '\U0000224A', - "aring;": '\U000000E5', - "ascr;": '\U0001D4B6', - "ast;": '\U0000002A', - "asymp;": '\U00002248', - "asympeq;": '\U0000224D', - "atilde;": '\U000000E3', - "auml;": '\U000000E4', - "awconint;": '\U00002233', - "awint;": '\U00002A11', - "bNot;": '\U00002AED', - "backcong;": '\U0000224C', - "backepsilon;": '\U000003F6', - "backprime;": '\U00002035', - "backsim;": '\U0000223D', - "backsimeq;": '\U000022CD', - "barvee;": '\U000022BD', - "barwed;": '\U00002305', - "barwedge;": '\U00002305', - "bbrk;": '\U000023B5', - "bbrktbrk;": '\U000023B6', - "bcong;": '\U0000224C', - "bcy;": '\U00000431', - "bdquo;": '\U0000201E', - "becaus;": '\U00002235', - "because;": '\U00002235', - "bemptyv;": '\U000029B0', - "bepsi;": '\U000003F6', - "bernou;": '\U0000212C', - "beta;": '\U000003B2', - "beth;": '\U00002136', - "between;": '\U0000226C', - "bfr;": '\U0001D51F', - "bigcap;": '\U000022C2', - "bigcirc;": '\U000025EF', - "bigcup;": '\U000022C3', - "bigodot;": '\U00002A00', - "bigoplus;": '\U00002A01', - "bigotimes;": '\U00002A02', - "bigsqcup;": '\U00002A06', - "bigstar;": '\U00002605', - "bigtriangledown;": '\U000025BD', - "bigtriangleup;": '\U000025B3', - "biguplus;": '\U00002A04', - "bigvee;": '\U000022C1', - "bigwedge;": '\U000022C0', - "bkarow;": '\U0000290D', - "blacklozenge;": '\U000029EB', - "blacksquare;": '\U000025AA', - "blacktriangle;": '\U000025B4', - "blacktriangledown;": '\U000025BE', - "blacktriangleleft;": '\U000025C2', - "blacktriangleright;": '\U000025B8', - "blank;": '\U00002423', - "blk12;": '\U00002592', - "blk14;": '\U00002591', - "blk34;": '\U00002593', - "block;": '\U00002588', - "bnot;": '\U00002310', - "bopf;": '\U0001D553', - "bot;": '\U000022A5', - "bottom;": '\U000022A5', - "bowtie;": '\U000022C8', - "boxDL;": '\U00002557', - "boxDR;": '\U00002554', - "boxDl;": '\U00002556', - "boxDr;": '\U00002553', - "boxH;": '\U00002550', - "boxHD;": '\U00002566', - "boxHU;": '\U00002569', - "boxHd;": '\U00002564', - "boxHu;": '\U00002567', - "boxUL;": '\U0000255D', - "boxUR;": '\U0000255A', - "boxUl;": '\U0000255C', - "boxUr;": '\U00002559', - "boxV;": '\U00002551', - "boxVH;": '\U0000256C', - "boxVL;": '\U00002563', - "boxVR;": '\U00002560', - "boxVh;": '\U0000256B', - "boxVl;": '\U00002562', - "boxVr;": '\U0000255F', - "boxbox;": '\U000029C9', - "boxdL;": '\U00002555', - "boxdR;": '\U00002552', - "boxdl;": '\U00002510', - "boxdr;": '\U0000250C', - "boxh;": '\U00002500', - "boxhD;": '\U00002565', - "boxhU;": '\U00002568', - "boxhd;": '\U0000252C', - "boxhu;": '\U00002534', - "boxminus;": '\U0000229F', - "boxplus;": '\U0000229E', - "boxtimes;": '\U000022A0', - "boxuL;": '\U0000255B', - "boxuR;": '\U00002558', - "boxul;": '\U00002518', - "boxur;": '\U00002514', - "boxv;": '\U00002502', - "boxvH;": '\U0000256A', - "boxvL;": '\U00002561', - "boxvR;": '\U0000255E', - "boxvh;": '\U0000253C', - "boxvl;": '\U00002524', - "boxvr;": '\U0000251C', - "bprime;": '\U00002035', - "breve;": '\U000002D8', - "brvbar;": '\U000000A6', - "bscr;": '\U0001D4B7', - "bsemi;": '\U0000204F', - "bsim;": '\U0000223D', - "bsime;": '\U000022CD', - "bsol;": '\U0000005C', - "bsolb;": '\U000029C5', - "bsolhsub;": '\U000027C8', - "bull;": '\U00002022', - "bullet;": '\U00002022', - "bump;": '\U0000224E', - "bumpE;": '\U00002AAE', - "bumpe;": '\U0000224F', - "bumpeq;": '\U0000224F', - "cacute;": '\U00000107', - "cap;": '\U00002229', - "capand;": '\U00002A44', - "capbrcup;": '\U00002A49', - "capcap;": '\U00002A4B', - "capcup;": '\U00002A47', - "capdot;": '\U00002A40', - "caret;": '\U00002041', - "caron;": '\U000002C7', - "ccaps;": '\U00002A4D', - "ccaron;": '\U0000010D', - "ccedil;": '\U000000E7', - "ccirc;": '\U00000109', - "ccups;": '\U00002A4C', - "ccupssm;": '\U00002A50', - "cdot;": '\U0000010B', - "cedil;": '\U000000B8', - "cemptyv;": '\U000029B2', - "cent;": '\U000000A2', - "centerdot;": '\U000000B7', - "cfr;": '\U0001D520', - "chcy;": '\U00000447', - "check;": '\U00002713', - "checkmark;": '\U00002713', - "chi;": '\U000003C7', - "cir;": '\U000025CB', - "cirE;": '\U000029C3', - "circ;": '\U000002C6', - "circeq;": '\U00002257', - "circlearrowleft;": '\U000021BA', - "circlearrowright;": '\U000021BB', - "circledR;": '\U000000AE', - "circledS;": '\U000024C8', - "circledast;": '\U0000229B', - "circledcirc;": '\U0000229A', - "circleddash;": '\U0000229D', - "cire;": '\U00002257', - "cirfnint;": '\U00002A10', - "cirmid;": '\U00002AEF', - "cirscir;": '\U000029C2', - "clubs;": '\U00002663', - "clubsuit;": '\U00002663', - "colon;": '\U0000003A', - "colone;": '\U00002254', - "coloneq;": '\U00002254', - "comma;": '\U0000002C', - "commat;": '\U00000040', - "comp;": '\U00002201', - "compfn;": '\U00002218', - "complement;": '\U00002201', - "complexes;": '\U00002102', - "cong;": '\U00002245', - "congdot;": '\U00002A6D', - "conint;": '\U0000222E', - "copf;": '\U0001D554', - "coprod;": '\U00002210', - "copy;": '\U000000A9', - "copysr;": '\U00002117', - "crarr;": '\U000021B5', - "cross;": '\U00002717', - "cscr;": '\U0001D4B8', - "csub;": '\U00002ACF', - "csube;": '\U00002AD1', - "csup;": '\U00002AD0', - "csupe;": '\U00002AD2', - "ctdot;": '\U000022EF', - "cudarrl;": '\U00002938', - "cudarrr;": '\U00002935', - "cuepr;": '\U000022DE', - "cuesc;": '\U000022DF', - "cularr;": '\U000021B6', - "cularrp;": '\U0000293D', - "cup;": '\U0000222A', - "cupbrcap;": '\U00002A48', - "cupcap;": '\U00002A46', - "cupcup;": '\U00002A4A', - "cupdot;": '\U0000228D', - "cupor;": '\U00002A45', - "curarr;": '\U000021B7', - "curarrm;": '\U0000293C', - "curlyeqprec;": '\U000022DE', - "curlyeqsucc;": '\U000022DF', - "curlyvee;": '\U000022CE', - "curlywedge;": '\U000022CF', - "curren;": '\U000000A4', - "curvearrowleft;": '\U000021B6', - "curvearrowright;": '\U000021B7', - "cuvee;": '\U000022CE', - "cuwed;": '\U000022CF', - "cwconint;": '\U00002232', - "cwint;": '\U00002231', - "cylcty;": '\U0000232D', - "dArr;": '\U000021D3', - "dHar;": '\U00002965', - "dagger;": '\U00002020', - "daleth;": '\U00002138', - "darr;": '\U00002193', - "dash;": '\U00002010', - "dashv;": '\U000022A3', - "dbkarow;": '\U0000290F', - "dblac;": '\U000002DD', - "dcaron;": '\U0000010F', - "dcy;": '\U00000434', - "dd;": '\U00002146', - "ddagger;": '\U00002021', - "ddarr;": '\U000021CA', - "ddotseq;": '\U00002A77', - "deg;": '\U000000B0', - "delta;": '\U000003B4', - "demptyv;": '\U000029B1', - "dfisht;": '\U0000297F', - "dfr;": '\U0001D521', - "dharl;": '\U000021C3', - "dharr;": '\U000021C2', - "diam;": '\U000022C4', - "diamond;": '\U000022C4', - "diamondsuit;": '\U00002666', - "diams;": '\U00002666', - "die;": '\U000000A8', - "digamma;": '\U000003DD', - "disin;": '\U000022F2', - "div;": '\U000000F7', - "divide;": '\U000000F7', - "divideontimes;": '\U000022C7', - "divonx;": '\U000022C7', - "djcy;": '\U00000452', - "dlcorn;": '\U0000231E', - "dlcrop;": '\U0000230D', - "dollar;": '\U00000024', - "dopf;": '\U0001D555', - "dot;": '\U000002D9', - "doteq;": '\U00002250', - "doteqdot;": '\U00002251', - "dotminus;": '\U00002238', - "dotplus;": '\U00002214', - "dotsquare;": '\U000022A1', - "doublebarwedge;": '\U00002306', - "downarrow;": '\U00002193', - "downdownarrows;": '\U000021CA', - "downharpoonleft;": '\U000021C3', - "downharpoonright;": '\U000021C2', - "drbkarow;": '\U00002910', - "drcorn;": '\U0000231F', - "drcrop;": '\U0000230C', - "dscr;": '\U0001D4B9', - "dscy;": '\U00000455', - "dsol;": '\U000029F6', - "dstrok;": '\U00000111', - "dtdot;": '\U000022F1', - "dtri;": '\U000025BF', - "dtrif;": '\U000025BE', - "duarr;": '\U000021F5', - "duhar;": '\U0000296F', - "dwangle;": '\U000029A6', - "dzcy;": '\U0000045F', - "dzigrarr;": '\U000027FF', - "eDDot;": '\U00002A77', - "eDot;": '\U00002251', - "eacute;": '\U000000E9', - "easter;": '\U00002A6E', - "ecaron;": '\U0000011B', - "ecir;": '\U00002256', - "ecirc;": '\U000000EA', - "ecolon;": '\U00002255', - "ecy;": '\U0000044D', - "edot;": '\U00000117', - "ee;": '\U00002147', - "efDot;": '\U00002252', - "efr;": '\U0001D522', - "eg;": '\U00002A9A', - "egrave;": '\U000000E8', - "egs;": '\U00002A96', - "egsdot;": '\U00002A98', - "el;": '\U00002A99', - "elinters;": '\U000023E7', - "ell;": '\U00002113', - "els;": '\U00002A95', - "elsdot;": '\U00002A97', - "emacr;": '\U00000113', - "empty;": '\U00002205', - "emptyset;": '\U00002205', - "emptyv;": '\U00002205', - "emsp;": '\U00002003', - "emsp13;": '\U00002004', - "emsp14;": '\U00002005', - "eng;": '\U0000014B', - "ensp;": '\U00002002', - "eogon;": '\U00000119', - "eopf;": '\U0001D556', - "epar;": '\U000022D5', - "eparsl;": '\U000029E3', - "eplus;": '\U00002A71', - "epsi;": '\U000003B5', - "epsilon;": '\U000003B5', - "epsiv;": '\U000003F5', - "eqcirc;": '\U00002256', - "eqcolon;": '\U00002255', - "eqsim;": '\U00002242', - "eqslantgtr;": '\U00002A96', - "eqslantless;": '\U00002A95', - "equals;": '\U0000003D', - "equest;": '\U0000225F', - "equiv;": '\U00002261', - "equivDD;": '\U00002A78', - "eqvparsl;": '\U000029E5', - "erDot;": '\U00002253', - "erarr;": '\U00002971', - "escr;": '\U0000212F', - "esdot;": '\U00002250', - "esim;": '\U00002242', - "eta;": '\U000003B7', - "eth;": '\U000000F0', - "euml;": '\U000000EB', - "euro;": '\U000020AC', - "excl;": '\U00000021', - "exist;": '\U00002203', - "expectation;": '\U00002130', - "exponentiale;": '\U00002147', - "fallingdotseq;": '\U00002252', - "fcy;": '\U00000444', - "female;": '\U00002640', - "ffilig;": '\U0000FB03', - "fflig;": '\U0000FB00', - "ffllig;": '\U0000FB04', - "ffr;": '\U0001D523', - "filig;": '\U0000FB01', - "flat;": '\U0000266D', - "fllig;": '\U0000FB02', - "fltns;": '\U000025B1', - "fnof;": '\U00000192', - "fopf;": '\U0001D557', - "forall;": '\U00002200', - "fork;": '\U000022D4', - "forkv;": '\U00002AD9', - "fpartint;": '\U00002A0D', - "frac12;": '\U000000BD', - "frac13;": '\U00002153', - "frac14;": '\U000000BC', - "frac15;": '\U00002155', - "frac16;": '\U00002159', - "frac18;": '\U0000215B', - "frac23;": '\U00002154', - "frac25;": '\U00002156', - "frac34;": '\U000000BE', - "frac35;": '\U00002157', - "frac38;": '\U0000215C', - "frac45;": '\U00002158', - "frac56;": '\U0000215A', - "frac58;": '\U0000215D', - "frac78;": '\U0000215E', - "frasl;": '\U00002044', - "frown;": '\U00002322', - "fscr;": '\U0001D4BB', - "gE;": '\U00002267', - "gEl;": '\U00002A8C', - "gacute;": '\U000001F5', - "gamma;": '\U000003B3', - "gammad;": '\U000003DD', - "gap;": '\U00002A86', - "gbreve;": '\U0000011F', - "gcirc;": '\U0000011D', - "gcy;": '\U00000433', - "gdot;": '\U00000121', - "ge;": '\U00002265', - "gel;": '\U000022DB', - "geq;": '\U00002265', - "geqq;": '\U00002267', - "geqslant;": '\U00002A7E', - "ges;": '\U00002A7E', - "gescc;": '\U00002AA9', - "gesdot;": '\U00002A80', - "gesdoto;": '\U00002A82', - "gesdotol;": '\U00002A84', - "gesles;": '\U00002A94', - "gfr;": '\U0001D524', - "gg;": '\U0000226B', - "ggg;": '\U000022D9', - "gimel;": '\U00002137', - "gjcy;": '\U00000453', - "gl;": '\U00002277', - "glE;": '\U00002A92', - "gla;": '\U00002AA5', - "glj;": '\U00002AA4', - "gnE;": '\U00002269', - "gnap;": '\U00002A8A', - "gnapprox;": '\U00002A8A', - "gne;": '\U00002A88', - "gneq;": '\U00002A88', - "gneqq;": '\U00002269', - "gnsim;": '\U000022E7', - "gopf;": '\U0001D558', - "grave;": '\U00000060', - "gscr;": '\U0000210A', - "gsim;": '\U00002273', - "gsime;": '\U00002A8E', - "gsiml;": '\U00002A90', - "gt;": '\U0000003E', - "gtcc;": '\U00002AA7', - "gtcir;": '\U00002A7A', - "gtdot;": '\U000022D7', - "gtlPar;": '\U00002995', - "gtquest;": '\U00002A7C', - "gtrapprox;": '\U00002A86', - "gtrarr;": '\U00002978', - "gtrdot;": '\U000022D7', - "gtreqless;": '\U000022DB', - "gtreqqless;": '\U00002A8C', - "gtrless;": '\U00002277', - "gtrsim;": '\U00002273', - "hArr;": '\U000021D4', - "hairsp;": '\U0000200A', - "half;": '\U000000BD', - "hamilt;": '\U0000210B', - "hardcy;": '\U0000044A', - "harr;": '\U00002194', - "harrcir;": '\U00002948', - "harrw;": '\U000021AD', - "hbar;": '\U0000210F', - "hcirc;": '\U00000125', - "hearts;": '\U00002665', - "heartsuit;": '\U00002665', - "hellip;": '\U00002026', - "hercon;": '\U000022B9', - "hfr;": '\U0001D525', - "hksearow;": '\U00002925', - "hkswarow;": '\U00002926', - "hoarr;": '\U000021FF', - "homtht;": '\U0000223B', - "hookleftarrow;": '\U000021A9', - "hookrightarrow;": '\U000021AA', - "hopf;": '\U0001D559', - "horbar;": '\U00002015', - "hscr;": '\U0001D4BD', - "hslash;": '\U0000210F', - "hstrok;": '\U00000127', - "hybull;": '\U00002043', - "hyphen;": '\U00002010', - "iacute;": '\U000000ED', - "ic;": '\U00002063', - "icirc;": '\U000000EE', - "icy;": '\U00000438', - "iecy;": '\U00000435', - "iexcl;": '\U000000A1', - "iff;": '\U000021D4', - "ifr;": '\U0001D526', - "igrave;": '\U000000EC', - "ii;": '\U00002148', - "iiiint;": '\U00002A0C', - "iiint;": '\U0000222D', - "iinfin;": '\U000029DC', - "iiota;": '\U00002129', - "ijlig;": '\U00000133', - "imacr;": '\U0000012B', - "image;": '\U00002111', - "imagline;": '\U00002110', - "imagpart;": '\U00002111', - "imath;": '\U00000131', - "imof;": '\U000022B7', - "imped;": '\U000001B5', - "in;": '\U00002208', - "incare;": '\U00002105', - "infin;": '\U0000221E', - "infintie;": '\U000029DD', - "inodot;": '\U00000131', - "int;": '\U0000222B', - "intcal;": '\U000022BA', - "integers;": '\U00002124', - "intercal;": '\U000022BA', - "intlarhk;": '\U00002A17', - "intprod;": '\U00002A3C', - "iocy;": '\U00000451', - "iogon;": '\U0000012F', - "iopf;": '\U0001D55A', - "iota;": '\U000003B9', - "iprod;": '\U00002A3C', - "iquest;": '\U000000BF', - "iscr;": '\U0001D4BE', - "isin;": '\U00002208', - "isinE;": '\U000022F9', - "isindot;": '\U000022F5', - "isins;": '\U000022F4', - "isinsv;": '\U000022F3', - "isinv;": '\U00002208', - "it;": '\U00002062', - "itilde;": '\U00000129', - "iukcy;": '\U00000456', - "iuml;": '\U000000EF', - "jcirc;": '\U00000135', - "jcy;": '\U00000439', - "jfr;": '\U0001D527', - "jmath;": '\U00000237', - "jopf;": '\U0001D55B', - "jscr;": '\U0001D4BF', - "jsercy;": '\U00000458', - "jukcy;": '\U00000454', - "kappa;": '\U000003BA', - "kappav;": '\U000003F0', - "kcedil;": '\U00000137', - "kcy;": '\U0000043A', - "kfr;": '\U0001D528', - "kgreen;": '\U00000138', - "khcy;": '\U00000445', - "kjcy;": '\U0000045C', - "kopf;": '\U0001D55C', - "kscr;": '\U0001D4C0', - "lAarr;": '\U000021DA', - "lArr;": '\U000021D0', - "lAtail;": '\U0000291B', - "lBarr;": '\U0000290E', - "lE;": '\U00002266', - "lEg;": '\U00002A8B', - "lHar;": '\U00002962', - "lacute;": '\U0000013A', - "laemptyv;": '\U000029B4', - "lagran;": '\U00002112', - "lambda;": '\U000003BB', - "lang;": '\U000027E8', - "langd;": '\U00002991', - "langle;": '\U000027E8', - "lap;": '\U00002A85', - "laquo;": '\U000000AB', - "larr;": '\U00002190', - "larrb;": '\U000021E4', - "larrbfs;": '\U0000291F', - "larrfs;": '\U0000291D', - "larrhk;": '\U000021A9', - "larrlp;": '\U000021AB', - "larrpl;": '\U00002939', - "larrsim;": '\U00002973', - "larrtl;": '\U000021A2', - "lat;": '\U00002AAB', - "latail;": '\U00002919', - "late;": '\U00002AAD', - "lbarr;": '\U0000290C', - "lbbrk;": '\U00002772', - "lbrace;": '\U0000007B', - "lbrack;": '\U0000005B', - "lbrke;": '\U0000298B', - "lbrksld;": '\U0000298F', - "lbrkslu;": '\U0000298D', - "lcaron;": '\U0000013E', - "lcedil;": '\U0000013C', - "lceil;": '\U00002308', - "lcub;": '\U0000007B', - "lcy;": '\U0000043B', - "ldca;": '\U00002936', - "ldquo;": '\U0000201C', - "ldquor;": '\U0000201E', - "ldrdhar;": '\U00002967', - "ldrushar;": '\U0000294B', - "ldsh;": '\U000021B2', - "le;": '\U00002264', - "leftarrow;": '\U00002190', - "leftarrowtail;": '\U000021A2', - "leftharpoondown;": '\U000021BD', - "leftharpoonup;": '\U000021BC', - "leftleftarrows;": '\U000021C7', - "leftrightarrow;": '\U00002194', - "leftrightarrows;": '\U000021C6', - "leftrightharpoons;": '\U000021CB', - "leftrightsquigarrow;": '\U000021AD', - "leftthreetimes;": '\U000022CB', - "leg;": '\U000022DA', - "leq;": '\U00002264', - "leqq;": '\U00002266', - "leqslant;": '\U00002A7D', - "les;": '\U00002A7D', - "lescc;": '\U00002AA8', - "lesdot;": '\U00002A7F', - "lesdoto;": '\U00002A81', - "lesdotor;": '\U00002A83', - "lesges;": '\U00002A93', - "lessapprox;": '\U00002A85', - "lessdot;": '\U000022D6', - "lesseqgtr;": '\U000022DA', - "lesseqqgtr;": '\U00002A8B', - "lessgtr;": '\U00002276', - "lesssim;": '\U00002272', - "lfisht;": '\U0000297C', - "lfloor;": '\U0000230A', - "lfr;": '\U0001D529', - "lg;": '\U00002276', - "lgE;": '\U00002A91', - "lhard;": '\U000021BD', - "lharu;": '\U000021BC', - "lharul;": '\U0000296A', - "lhblk;": '\U00002584', - "ljcy;": '\U00000459', - "ll;": '\U0000226A', - "llarr;": '\U000021C7', - "llcorner;": '\U0000231E', - "llhard;": '\U0000296B', - "lltri;": '\U000025FA', - "lmidot;": '\U00000140', - "lmoust;": '\U000023B0', - "lmoustache;": '\U000023B0', - "lnE;": '\U00002268', - "lnap;": '\U00002A89', - "lnapprox;": '\U00002A89', - "lne;": '\U00002A87', - "lneq;": '\U00002A87', - "lneqq;": '\U00002268', - "lnsim;": '\U000022E6', - "loang;": '\U000027EC', - "loarr;": '\U000021FD', - "lobrk;": '\U000027E6', - "longleftarrow;": '\U000027F5', - "longleftrightarrow;": '\U000027F7', - "longmapsto;": '\U000027FC', - "longrightarrow;": '\U000027F6', - "looparrowleft;": '\U000021AB', - "looparrowright;": '\U000021AC', - "lopar;": '\U00002985', - "lopf;": '\U0001D55D', - "loplus;": '\U00002A2D', - "lotimes;": '\U00002A34', - "lowast;": '\U00002217', - "lowbar;": '\U0000005F', - "loz;": '\U000025CA', - "lozenge;": '\U000025CA', - "lozf;": '\U000029EB', - "lpar;": '\U00000028', - "lparlt;": '\U00002993', - "lrarr;": '\U000021C6', - "lrcorner;": '\U0000231F', - "lrhar;": '\U000021CB', - "lrhard;": '\U0000296D', - "lrm;": '\U0000200E', - "lrtri;": '\U000022BF', - "lsaquo;": '\U00002039', - "lscr;": '\U0001D4C1', - "lsh;": '\U000021B0', - "lsim;": '\U00002272', - "lsime;": '\U00002A8D', - "lsimg;": '\U00002A8F', - "lsqb;": '\U0000005B', - "lsquo;": '\U00002018', - "lsquor;": '\U0000201A', - "lstrok;": '\U00000142', - "lt;": '\U0000003C', - "ltcc;": '\U00002AA6', - "ltcir;": '\U00002A79', - "ltdot;": '\U000022D6', - "lthree;": '\U000022CB', - "ltimes;": '\U000022C9', - "ltlarr;": '\U00002976', - "ltquest;": '\U00002A7B', - "ltrPar;": '\U00002996', - "ltri;": '\U000025C3', - "ltrie;": '\U000022B4', - "ltrif;": '\U000025C2', - "lurdshar;": '\U0000294A', - "luruhar;": '\U00002966', - "mDDot;": '\U0000223A', - "macr;": '\U000000AF', - "male;": '\U00002642', - "malt;": '\U00002720', - "maltese;": '\U00002720', - "map;": '\U000021A6', - "mapsto;": '\U000021A6', - "mapstodown;": '\U000021A7', - "mapstoleft;": '\U000021A4', - "mapstoup;": '\U000021A5', - "marker;": '\U000025AE', - "mcomma;": '\U00002A29', - "mcy;": '\U0000043C', - "mdash;": '\U00002014', - "measuredangle;": '\U00002221', - "mfr;": '\U0001D52A', - "mho;": '\U00002127', - "micro;": '\U000000B5', - "mid;": '\U00002223', - "midast;": '\U0000002A', - "midcir;": '\U00002AF0', - "middot;": '\U000000B7', - "minus;": '\U00002212', - "minusb;": '\U0000229F', - "minusd;": '\U00002238', - "minusdu;": '\U00002A2A', - "mlcp;": '\U00002ADB', - "mldr;": '\U00002026', - "mnplus;": '\U00002213', - "models;": '\U000022A7', - "mopf;": '\U0001D55E', - "mp;": '\U00002213', - "mscr;": '\U0001D4C2', - "mstpos;": '\U0000223E', - "mu;": '\U000003BC', - "multimap;": '\U000022B8', - "mumap;": '\U000022B8', - "nLeftarrow;": '\U000021CD', - "nLeftrightarrow;": '\U000021CE', - "nRightarrow;": '\U000021CF', - "nVDash;": '\U000022AF', - "nVdash;": '\U000022AE', - "nabla;": '\U00002207', - "nacute;": '\U00000144', - "nap;": '\U00002249', - "napos;": '\U00000149', - "napprox;": '\U00002249', - "natur;": '\U0000266E', - "natural;": '\U0000266E', - "naturals;": '\U00002115', - "nbsp;": '\U000000A0', - "ncap;": '\U00002A43', - "ncaron;": '\U00000148', - "ncedil;": '\U00000146', - "ncong;": '\U00002247', - "ncup;": '\U00002A42', - "ncy;": '\U0000043D', - "ndash;": '\U00002013', - "ne;": '\U00002260', - "neArr;": '\U000021D7', - "nearhk;": '\U00002924', - "nearr;": '\U00002197', - "nearrow;": '\U00002197', - "nequiv;": '\U00002262', - "nesear;": '\U00002928', - "nexist;": '\U00002204', - "nexists;": '\U00002204', - "nfr;": '\U0001D52B', - "nge;": '\U00002271', - "ngeq;": '\U00002271', - "ngsim;": '\U00002275', - "ngt;": '\U0000226F', - "ngtr;": '\U0000226F', - "nhArr;": '\U000021CE', - "nharr;": '\U000021AE', - "nhpar;": '\U00002AF2', - "ni;": '\U0000220B', - "nis;": '\U000022FC', - "nisd;": '\U000022FA', - "niv;": '\U0000220B', - "njcy;": '\U0000045A', - "nlArr;": '\U000021CD', - "nlarr;": '\U0000219A', - "nldr;": '\U00002025', - "nle;": '\U00002270', - "nleftarrow;": '\U0000219A', - "nleftrightarrow;": '\U000021AE', - "nleq;": '\U00002270', - "nless;": '\U0000226E', - "nlsim;": '\U00002274', - "nlt;": '\U0000226E', - "nltri;": '\U000022EA', - "nltrie;": '\U000022EC', - "nmid;": '\U00002224', - "nopf;": '\U0001D55F', - "not;": '\U000000AC', - "notin;": '\U00002209', - "notinva;": '\U00002209', - "notinvb;": '\U000022F7', - "notinvc;": '\U000022F6', - "notni;": '\U0000220C', - "notniva;": '\U0000220C', - "notnivb;": '\U000022FE', - "notnivc;": '\U000022FD', - "npar;": '\U00002226', - "nparallel;": '\U00002226', - "npolint;": '\U00002A14', - "npr;": '\U00002280', - "nprcue;": '\U000022E0', - "nprec;": '\U00002280', - "nrArr;": '\U000021CF', - "nrarr;": '\U0000219B', - "nrightarrow;": '\U0000219B', - "nrtri;": '\U000022EB', - "nrtrie;": '\U000022ED', - "nsc;": '\U00002281', - "nsccue;": '\U000022E1', - "nscr;": '\U0001D4C3', - "nshortmid;": '\U00002224', - "nshortparallel;": '\U00002226', - "nsim;": '\U00002241', - "nsime;": '\U00002244', - "nsimeq;": '\U00002244', - "nsmid;": '\U00002224', - "nspar;": '\U00002226', - "nsqsube;": '\U000022E2', - "nsqsupe;": '\U000022E3', - "nsub;": '\U00002284', - "nsube;": '\U00002288', - "nsubseteq;": '\U00002288', - "nsucc;": '\U00002281', - "nsup;": '\U00002285', - "nsupe;": '\U00002289', - "nsupseteq;": '\U00002289', - "ntgl;": '\U00002279', - "ntilde;": '\U000000F1', - "ntlg;": '\U00002278', - "ntriangleleft;": '\U000022EA', - "ntrianglelefteq;": '\U000022EC', - "ntriangleright;": '\U000022EB', - "ntrianglerighteq;": '\U000022ED', - "nu;": '\U000003BD', - "num;": '\U00000023', - "numero;": '\U00002116', - "numsp;": '\U00002007', - "nvDash;": '\U000022AD', - "nvHarr;": '\U00002904', - "nvdash;": '\U000022AC', - "nvinfin;": '\U000029DE', - "nvlArr;": '\U00002902', - "nvrArr;": '\U00002903', - "nwArr;": '\U000021D6', - "nwarhk;": '\U00002923', - "nwarr;": '\U00002196', - "nwarrow;": '\U00002196', - "nwnear;": '\U00002927', - "oS;": '\U000024C8', - "oacute;": '\U000000F3', - "oast;": '\U0000229B', - "ocir;": '\U0000229A', - "ocirc;": '\U000000F4', - "ocy;": '\U0000043E', - "odash;": '\U0000229D', - "odblac;": '\U00000151', - "odiv;": '\U00002A38', - "odot;": '\U00002299', - "odsold;": '\U000029BC', - "oelig;": '\U00000153', - "ofcir;": '\U000029BF', - "ofr;": '\U0001D52C', - "ogon;": '\U000002DB', - "ograve;": '\U000000F2', - "ogt;": '\U000029C1', - "ohbar;": '\U000029B5', - "ohm;": '\U000003A9', - "oint;": '\U0000222E', - "olarr;": '\U000021BA', - "olcir;": '\U000029BE', - "olcross;": '\U000029BB', - "oline;": '\U0000203E', - "olt;": '\U000029C0', - "omacr;": '\U0000014D', - "omega;": '\U000003C9', - "omicron;": '\U000003BF', - "omid;": '\U000029B6', - "ominus;": '\U00002296', - "oopf;": '\U0001D560', - "opar;": '\U000029B7', - "operp;": '\U000029B9', - "oplus;": '\U00002295', - "or;": '\U00002228', - "orarr;": '\U000021BB', - "ord;": '\U00002A5D', - "order;": '\U00002134', - "orderof;": '\U00002134', - "ordf;": '\U000000AA', - "ordm;": '\U000000BA', - "origof;": '\U000022B6', - "oror;": '\U00002A56', - "orslope;": '\U00002A57', - "orv;": '\U00002A5B', - "oscr;": '\U00002134', - "oslash;": '\U000000F8', - "osol;": '\U00002298', - "otilde;": '\U000000F5', - "otimes;": '\U00002297', - "otimesas;": '\U00002A36', - "ouml;": '\U000000F6', - "ovbar;": '\U0000233D', - "par;": '\U00002225', - "para;": '\U000000B6', - "parallel;": '\U00002225', - "parsim;": '\U00002AF3', - "parsl;": '\U00002AFD', - "part;": '\U00002202', - "pcy;": '\U0000043F', - "percnt;": '\U00000025', - "period;": '\U0000002E', - "permil;": '\U00002030', - "perp;": '\U000022A5', - "pertenk;": '\U00002031', - "pfr;": '\U0001D52D', - "phi;": '\U000003C6', - "phiv;": '\U000003D5', - "phmmat;": '\U00002133', - "phone;": '\U0000260E', - "pi;": '\U000003C0', - "pitchfork;": '\U000022D4', - "piv;": '\U000003D6', - "planck;": '\U0000210F', - "planckh;": '\U0000210E', - "plankv;": '\U0000210F', - "plus;": '\U0000002B', - "plusacir;": '\U00002A23', - "plusb;": '\U0000229E', - "pluscir;": '\U00002A22', - "plusdo;": '\U00002214', - "plusdu;": '\U00002A25', - "pluse;": '\U00002A72', - "plusmn;": '\U000000B1', - "plussim;": '\U00002A26', - "plustwo;": '\U00002A27', - "pm;": '\U000000B1', - "pointint;": '\U00002A15', - "popf;": '\U0001D561', - "pound;": '\U000000A3', - "pr;": '\U0000227A', - "prE;": '\U00002AB3', - "prap;": '\U00002AB7', - "prcue;": '\U0000227C', - "pre;": '\U00002AAF', - "prec;": '\U0000227A', - "precapprox;": '\U00002AB7', - "preccurlyeq;": '\U0000227C', - "preceq;": '\U00002AAF', - "precnapprox;": '\U00002AB9', - "precneqq;": '\U00002AB5', - "precnsim;": '\U000022E8', - "precsim;": '\U0000227E', - "prime;": '\U00002032', - "primes;": '\U00002119', - "prnE;": '\U00002AB5', - "prnap;": '\U00002AB9', - "prnsim;": '\U000022E8', - "prod;": '\U0000220F', - "profalar;": '\U0000232E', - "profline;": '\U00002312', - "profsurf;": '\U00002313', - "prop;": '\U0000221D', - "propto;": '\U0000221D', - "prsim;": '\U0000227E', - "prurel;": '\U000022B0', - "pscr;": '\U0001D4C5', - "psi;": '\U000003C8', - "puncsp;": '\U00002008', - "qfr;": '\U0001D52E', - "qint;": '\U00002A0C', - "qopf;": '\U0001D562', - "qprime;": '\U00002057', - "qscr;": '\U0001D4C6', - "quaternions;": '\U0000210D', - "quatint;": '\U00002A16', - "quest;": '\U0000003F', - "questeq;": '\U0000225F', - "quot;": '\U00000022', - "rAarr;": '\U000021DB', - "rArr;": '\U000021D2', - "rAtail;": '\U0000291C', - "rBarr;": '\U0000290F', - "rHar;": '\U00002964', - "racute;": '\U00000155', - "radic;": '\U0000221A', - "raemptyv;": '\U000029B3', - "rang;": '\U000027E9', - "rangd;": '\U00002992', - "range;": '\U000029A5', - "rangle;": '\U000027E9', - "raquo;": '\U000000BB', - "rarr;": '\U00002192', - "rarrap;": '\U00002975', - "rarrb;": '\U000021E5', - "rarrbfs;": '\U00002920', - "rarrc;": '\U00002933', - "rarrfs;": '\U0000291E', - "rarrhk;": '\U000021AA', - "rarrlp;": '\U000021AC', - "rarrpl;": '\U00002945', - "rarrsim;": '\U00002974', - "rarrtl;": '\U000021A3', - "rarrw;": '\U0000219D', - "ratail;": '\U0000291A', - "ratio;": '\U00002236', - "rationals;": '\U0000211A', - "rbarr;": '\U0000290D', - "rbbrk;": '\U00002773', - "rbrace;": '\U0000007D', - "rbrack;": '\U0000005D', - "rbrke;": '\U0000298C', - "rbrksld;": '\U0000298E', - "rbrkslu;": '\U00002990', - "rcaron;": '\U00000159', - "rcedil;": '\U00000157', - "rceil;": '\U00002309', - "rcub;": '\U0000007D', - "rcy;": '\U00000440', - "rdca;": '\U00002937', - "rdldhar;": '\U00002969', - "rdquo;": '\U0000201D', - "rdquor;": '\U0000201D', - "rdsh;": '\U000021B3', - "real;": '\U0000211C', - "realine;": '\U0000211B', - "realpart;": '\U0000211C', - "reals;": '\U0000211D', - "rect;": '\U000025AD', - "reg;": '\U000000AE', - "rfisht;": '\U0000297D', - "rfloor;": '\U0000230B', - "rfr;": '\U0001D52F', - "rhard;": '\U000021C1', - "rharu;": '\U000021C0', - "rharul;": '\U0000296C', - "rho;": '\U000003C1', - "rhov;": '\U000003F1', - "rightarrow;": '\U00002192', - "rightarrowtail;": '\U000021A3', - "rightharpoondown;": '\U000021C1', - "rightharpoonup;": '\U000021C0', - "rightleftarrows;": '\U000021C4', - "rightleftharpoons;": '\U000021CC', - "rightrightarrows;": '\U000021C9', - "rightsquigarrow;": '\U0000219D', - "rightthreetimes;": '\U000022CC', - "ring;": '\U000002DA', - "risingdotseq;": '\U00002253', - "rlarr;": '\U000021C4', - "rlhar;": '\U000021CC', - "rlm;": '\U0000200F', - "rmoust;": '\U000023B1', - "rmoustache;": '\U000023B1', - "rnmid;": '\U00002AEE', - "roang;": '\U000027ED', - "roarr;": '\U000021FE', - "robrk;": '\U000027E7', - "ropar;": '\U00002986', - "ropf;": '\U0001D563', - "roplus;": '\U00002A2E', - "rotimes;": '\U00002A35', - "rpar;": '\U00000029', - "rpargt;": '\U00002994', - "rppolint;": '\U00002A12', - "rrarr;": '\U000021C9', - "rsaquo;": '\U0000203A', - "rscr;": '\U0001D4C7', - "rsh;": '\U000021B1', - "rsqb;": '\U0000005D', - "rsquo;": '\U00002019', - "rsquor;": '\U00002019', - "rthree;": '\U000022CC', - "rtimes;": '\U000022CA', - "rtri;": '\U000025B9', - "rtrie;": '\U000022B5', - "rtrif;": '\U000025B8', - "rtriltri;": '\U000029CE', - "ruluhar;": '\U00002968', - "rx;": '\U0000211E', - "sacute;": '\U0000015B', - "sbquo;": '\U0000201A', - "sc;": '\U0000227B', - "scE;": '\U00002AB4', - "scap;": '\U00002AB8', - "scaron;": '\U00000161', - "sccue;": '\U0000227D', - "sce;": '\U00002AB0', - "scedil;": '\U0000015F', - "scirc;": '\U0000015D', - "scnE;": '\U00002AB6', - "scnap;": '\U00002ABA', - "scnsim;": '\U000022E9', - "scpolint;": '\U00002A13', - "scsim;": '\U0000227F', - "scy;": '\U00000441', - "sdot;": '\U000022C5', - "sdotb;": '\U000022A1', - "sdote;": '\U00002A66', - "seArr;": '\U000021D8', - "searhk;": '\U00002925', - "searr;": '\U00002198', - "searrow;": '\U00002198', - "sect;": '\U000000A7', - "semi;": '\U0000003B', - "seswar;": '\U00002929', - "setminus;": '\U00002216', - "setmn;": '\U00002216', - "sext;": '\U00002736', - "sfr;": '\U0001D530', - "sfrown;": '\U00002322', - "sharp;": '\U0000266F', - "shchcy;": '\U00000449', - "shcy;": '\U00000448', - "shortmid;": '\U00002223', - "shortparallel;": '\U00002225', - "shy;": '\U000000AD', - "sigma;": '\U000003C3', - "sigmaf;": '\U000003C2', - "sigmav;": '\U000003C2', - "sim;": '\U0000223C', - "simdot;": '\U00002A6A', - "sime;": '\U00002243', - "simeq;": '\U00002243', - "simg;": '\U00002A9E', - "simgE;": '\U00002AA0', - "siml;": '\U00002A9D', - "simlE;": '\U00002A9F', - "simne;": '\U00002246', - "simplus;": '\U00002A24', - "simrarr;": '\U00002972', - "slarr;": '\U00002190', - "smallsetminus;": '\U00002216', - "smashp;": '\U00002A33', - "smeparsl;": '\U000029E4', - "smid;": '\U00002223', - "smile;": '\U00002323', - "smt;": '\U00002AAA', - "smte;": '\U00002AAC', - "softcy;": '\U0000044C', - "sol;": '\U0000002F', - "solb;": '\U000029C4', - "solbar;": '\U0000233F', - "sopf;": '\U0001D564', - "spades;": '\U00002660', - "spadesuit;": '\U00002660', - "spar;": '\U00002225', - "sqcap;": '\U00002293', - "sqcup;": '\U00002294', - "sqsub;": '\U0000228F', - "sqsube;": '\U00002291', - "sqsubset;": '\U0000228F', - "sqsubseteq;": '\U00002291', - "sqsup;": '\U00002290', - "sqsupe;": '\U00002292', - "sqsupset;": '\U00002290', - "sqsupseteq;": '\U00002292', - "squ;": '\U000025A1', - "square;": '\U000025A1', - "squarf;": '\U000025AA', - "squf;": '\U000025AA', - "srarr;": '\U00002192', - "sscr;": '\U0001D4C8', - "ssetmn;": '\U00002216', - "ssmile;": '\U00002323', - "sstarf;": '\U000022C6', - "star;": '\U00002606', - "starf;": '\U00002605', - "straightepsilon;": '\U000003F5', - "straightphi;": '\U000003D5', - "strns;": '\U000000AF', - "sub;": '\U00002282', - "subE;": '\U00002AC5', - "subdot;": '\U00002ABD', - "sube;": '\U00002286', - "subedot;": '\U00002AC3', - "submult;": '\U00002AC1', - "subnE;": '\U00002ACB', - "subne;": '\U0000228A', - "subplus;": '\U00002ABF', - "subrarr;": '\U00002979', - "subset;": '\U00002282', - "subseteq;": '\U00002286', - "subseteqq;": '\U00002AC5', - "subsetneq;": '\U0000228A', - "subsetneqq;": '\U00002ACB', - "subsim;": '\U00002AC7', - "subsub;": '\U00002AD5', - "subsup;": '\U00002AD3', - "succ;": '\U0000227B', - "succapprox;": '\U00002AB8', - "succcurlyeq;": '\U0000227D', - "succeq;": '\U00002AB0', - "succnapprox;": '\U00002ABA', - "succneqq;": '\U00002AB6', - "succnsim;": '\U000022E9', - "succsim;": '\U0000227F', - "sum;": '\U00002211', - "sung;": '\U0000266A', - "sup;": '\U00002283', - "sup1;": '\U000000B9', - "sup2;": '\U000000B2', - "sup3;": '\U000000B3', - "supE;": '\U00002AC6', - "supdot;": '\U00002ABE', - "supdsub;": '\U00002AD8', - "supe;": '\U00002287', - "supedot;": '\U00002AC4', - "suphsol;": '\U000027C9', - "suphsub;": '\U00002AD7', - "suplarr;": '\U0000297B', - "supmult;": '\U00002AC2', - "supnE;": '\U00002ACC', - "supne;": '\U0000228B', - "supplus;": '\U00002AC0', - "supset;": '\U00002283', - "supseteq;": '\U00002287', - "supseteqq;": '\U00002AC6', - "supsetneq;": '\U0000228B', - "supsetneqq;": '\U00002ACC', - "supsim;": '\U00002AC8', - "supsub;": '\U00002AD4', - "supsup;": '\U00002AD6', - "swArr;": '\U000021D9', - "swarhk;": '\U00002926', - "swarr;": '\U00002199', - "swarrow;": '\U00002199', - "swnwar;": '\U0000292A', - "szlig;": '\U000000DF', - "target;": '\U00002316', - "tau;": '\U000003C4', - "tbrk;": '\U000023B4', - "tcaron;": '\U00000165', - "tcedil;": '\U00000163', - "tcy;": '\U00000442', - "tdot;": '\U000020DB', - "telrec;": '\U00002315', - "tfr;": '\U0001D531', - "there4;": '\U00002234', - "therefore;": '\U00002234', - "theta;": '\U000003B8', - "thetasym;": '\U000003D1', - "thetav;": '\U000003D1', - "thickapprox;": '\U00002248', - "thicksim;": '\U0000223C', - "thinsp;": '\U00002009', - "thkap;": '\U00002248', - "thksim;": '\U0000223C', - "thorn;": '\U000000FE', - "tilde;": '\U000002DC', - "times;": '\U000000D7', - "timesb;": '\U000022A0', - "timesbar;": '\U00002A31', - "timesd;": '\U00002A30', - "tint;": '\U0000222D', - "toea;": '\U00002928', - "top;": '\U000022A4', - "topbot;": '\U00002336', - "topcir;": '\U00002AF1', - "topf;": '\U0001D565', - "topfork;": '\U00002ADA', - "tosa;": '\U00002929', - "tprime;": '\U00002034', - "trade;": '\U00002122', - "triangle;": '\U000025B5', - "triangledown;": '\U000025BF', - "triangleleft;": '\U000025C3', - "trianglelefteq;": '\U000022B4', - "triangleq;": '\U0000225C', - "triangleright;": '\U000025B9', - "trianglerighteq;": '\U000022B5', - "tridot;": '\U000025EC', - "trie;": '\U0000225C', - "triminus;": '\U00002A3A', - "triplus;": '\U00002A39', - "trisb;": '\U000029CD', - "tritime;": '\U00002A3B', - "trpezium;": '\U000023E2', - "tscr;": '\U0001D4C9', - "tscy;": '\U00000446', - "tshcy;": '\U0000045B', - "tstrok;": '\U00000167', - "twixt;": '\U0000226C', - "twoheadleftarrow;": '\U0000219E', - "twoheadrightarrow;": '\U000021A0', - "uArr;": '\U000021D1', - "uHar;": '\U00002963', - "uacute;": '\U000000FA', - "uarr;": '\U00002191', - "ubrcy;": '\U0000045E', - "ubreve;": '\U0000016D', - "ucirc;": '\U000000FB', - "ucy;": '\U00000443', - "udarr;": '\U000021C5', - "udblac;": '\U00000171', - "udhar;": '\U0000296E', - "ufisht;": '\U0000297E', - "ufr;": '\U0001D532', - "ugrave;": '\U000000F9', - "uharl;": '\U000021BF', - "uharr;": '\U000021BE', - "uhblk;": '\U00002580', - "ulcorn;": '\U0000231C', - "ulcorner;": '\U0000231C', - "ulcrop;": '\U0000230F', - "ultri;": '\U000025F8', - "umacr;": '\U0000016B', - "uml;": '\U000000A8', - "uogon;": '\U00000173', - "uopf;": '\U0001D566', - "uparrow;": '\U00002191', - "updownarrow;": '\U00002195', - "upharpoonleft;": '\U000021BF', - "upharpoonright;": '\U000021BE', - "uplus;": '\U0000228E', - "upsi;": '\U000003C5', - "upsih;": '\U000003D2', - "upsilon;": '\U000003C5', - "upuparrows;": '\U000021C8', - "urcorn;": '\U0000231D', - "urcorner;": '\U0000231D', - "urcrop;": '\U0000230E', - "uring;": '\U0000016F', - "urtri;": '\U000025F9', - "uscr;": '\U0001D4CA', - "utdot;": '\U000022F0', - "utilde;": '\U00000169', - "utri;": '\U000025B5', - "utrif;": '\U000025B4', - "uuarr;": '\U000021C8', - "uuml;": '\U000000FC', - "uwangle;": '\U000029A7', - "vArr;": '\U000021D5', - "vBar;": '\U00002AE8', - "vBarv;": '\U00002AE9', - "vDash;": '\U000022A8', - "vangrt;": '\U0000299C', - "varepsilon;": '\U000003F5', - "varkappa;": '\U000003F0', - "varnothing;": '\U00002205', - "varphi;": '\U000003D5', - "varpi;": '\U000003D6', - "varpropto;": '\U0000221D', - "varr;": '\U00002195', - "varrho;": '\U000003F1', - "varsigma;": '\U000003C2', - "vartheta;": '\U000003D1', - "vartriangleleft;": '\U000022B2', - "vartriangleright;": '\U000022B3', - "vcy;": '\U00000432', - "vdash;": '\U000022A2', - "vee;": '\U00002228', - "veebar;": '\U000022BB', - "veeeq;": '\U0000225A', - "vellip;": '\U000022EE', - "verbar;": '\U0000007C', - "vert;": '\U0000007C', - "vfr;": '\U0001D533', - "vltri;": '\U000022B2', - "vopf;": '\U0001D567', - "vprop;": '\U0000221D', - "vrtri;": '\U000022B3', - "vscr;": '\U0001D4CB', - "vzigzag;": '\U0000299A', - "wcirc;": '\U00000175', - "wedbar;": '\U00002A5F', - "wedge;": '\U00002227', - "wedgeq;": '\U00002259', - "weierp;": '\U00002118', - "wfr;": '\U0001D534', - "wopf;": '\U0001D568', - "wp;": '\U00002118', - "wr;": '\U00002240', - "wreath;": '\U00002240', - "wscr;": '\U0001D4CC', - "xcap;": '\U000022C2', - "xcirc;": '\U000025EF', - "xcup;": '\U000022C3', - "xdtri;": '\U000025BD', - "xfr;": '\U0001D535', - "xhArr;": '\U000027FA', - "xharr;": '\U000027F7', - "xi;": '\U000003BE', - "xlArr;": '\U000027F8', - "xlarr;": '\U000027F5', - "xmap;": '\U000027FC', - "xnis;": '\U000022FB', - "xodot;": '\U00002A00', - "xopf;": '\U0001D569', - "xoplus;": '\U00002A01', - "xotime;": '\U00002A02', - "xrArr;": '\U000027F9', - "xrarr;": '\U000027F6', - "xscr;": '\U0001D4CD', - "xsqcup;": '\U00002A06', - "xuplus;": '\U00002A04', - "xutri;": '\U000025B3', - "xvee;": '\U000022C1', - "xwedge;": '\U000022C0', - "yacute;": '\U000000FD', - "yacy;": '\U0000044F', - "ycirc;": '\U00000177', - "ycy;": '\U0000044B', - "yen;": '\U000000A5', - "yfr;": '\U0001D536', - "yicy;": '\U00000457', - "yopf;": '\U0001D56A', - "yscr;": '\U0001D4CE', - "yucy;": '\U0000044E', - "yuml;": '\U000000FF', - "zacute;": '\U0000017A', - "zcaron;": '\U0000017E', - "zcy;": '\U00000437', - "zdot;": '\U0000017C', - "zeetrf;": '\U00002128', - "zeta;": '\U000003B6', - "zfr;": '\U0001D537', - "zhcy;": '\U00000436', - "zigrarr;": '\U000021DD', - "zopf;": '\U0001D56B', - "zscr;": '\U0001D4CF', - "zwj;": '\U0000200D', - "zwnj;": '\U0000200C', - "AElig": '\U000000C6', - "AMP": '\U00000026', - "Aacute": '\U000000C1', - "Acirc": '\U000000C2', - "Agrave": '\U000000C0', - "Aring": '\U000000C5', - "Atilde": '\U000000C3', - "Auml": '\U000000C4', - "COPY": '\U000000A9', - "Ccedil": '\U000000C7', - "ETH": '\U000000D0', - "Eacute": '\U000000C9', - "Ecirc": '\U000000CA', - "Egrave": '\U000000C8', - "Euml": '\U000000CB', - "GT": '\U0000003E', - "Iacute": '\U000000CD', - "Icirc": '\U000000CE', - "Igrave": '\U000000CC', - "Iuml": '\U000000CF', - "LT": '\U0000003C', - "Ntilde": '\U000000D1', - "Oacute": '\U000000D3', - "Ocirc": '\U000000D4', - "Ograve": '\U000000D2', - "Oslash": '\U000000D8', - "Otilde": '\U000000D5', - "Ouml": '\U000000D6', - "QUOT": '\U00000022', - "REG": '\U000000AE', - "THORN": '\U000000DE', - "Uacute": '\U000000DA', - "Ucirc": '\U000000DB', - "Ugrave": '\U000000D9', - "Uuml": '\U000000DC', - "Yacute": '\U000000DD', - "aacute": '\U000000E1', - "acirc": '\U000000E2', - "acute": '\U000000B4', - "aelig": '\U000000E6', - "agrave": '\U000000E0', - "amp": '\U00000026', - "aring": '\U000000E5', - "atilde": '\U000000E3', - "auml": '\U000000E4', - "brvbar": '\U000000A6', - "ccedil": '\U000000E7', - "cedil": '\U000000B8', - "cent": '\U000000A2', - "copy": '\U000000A9', - "curren": '\U000000A4', - "deg": '\U000000B0', - "divide": '\U000000F7', - "eacute": '\U000000E9', - "ecirc": '\U000000EA', - "egrave": '\U000000E8', - "eth": '\U000000F0', - "euml": '\U000000EB', - "frac12": '\U000000BD', - "frac14": '\U000000BC', - "frac34": '\U000000BE', - "gt": '\U0000003E', - "iacute": '\U000000ED', - "icirc": '\U000000EE', - "iexcl": '\U000000A1', - "igrave": '\U000000EC', - "iquest": '\U000000BF', - "iuml": '\U000000EF', - "laquo": '\U000000AB', - "lt": '\U0000003C', - "macr": '\U000000AF', - "micro": '\U000000B5', - "middot": '\U000000B7', - "nbsp": '\U000000A0', - "not": '\U000000AC', - "ntilde": '\U000000F1', - "oacute": '\U000000F3', - "ocirc": '\U000000F4', - "ograve": '\U000000F2', - "ordf": '\U000000AA', - "ordm": '\U000000BA', - "oslash": '\U000000F8', - "otilde": '\U000000F5', - "ouml": '\U000000F6', - "para": '\U000000B6', - "plusmn": '\U000000B1', - "pound": '\U000000A3', - "quot": '\U00000022', - "raquo": '\U000000BB', - "reg": '\U000000AE', - "sect": '\U000000A7', - "shy": '\U000000AD', - "sup1": '\U000000B9', - "sup2": '\U000000B2', - "sup3": '\U000000B3', - "szlig": '\U000000DF', - "thorn": '\U000000FE', - "times": '\U000000D7', - "uacute": '\U000000FA', - "ucirc": '\U000000FB', - "ugrave": '\U000000F9', - "uml": '\U000000A8', - "uuml": '\U000000FC', - "yacute": '\U000000FD', - "yen": '\U000000A5', - "yuml": '\U000000FF', -} - -// HTML entities that are two unicode codepoints. -var entity2 = map[string][2]rune{ - // TODO(nigeltao): Handle replacements that are wider than their names. - // "nLt;": {'\u226A', '\u20D2'}, - // "nGt;": {'\u226B', '\u20D2'}, - "NotEqualTilde;": {'\u2242', '\u0338'}, - "NotGreaterFullEqual;": {'\u2267', '\u0338'}, - "NotGreaterGreater;": {'\u226B', '\u0338'}, - "NotGreaterSlantEqual;": {'\u2A7E', '\u0338'}, - "NotHumpDownHump;": {'\u224E', '\u0338'}, - "NotHumpEqual;": {'\u224F', '\u0338'}, - "NotLeftTriangleBar;": {'\u29CF', '\u0338'}, - "NotLessLess;": {'\u226A', '\u0338'}, - "NotLessSlantEqual;": {'\u2A7D', '\u0338'}, - "NotNestedGreaterGreater;": {'\u2AA2', '\u0338'}, - "NotNestedLessLess;": {'\u2AA1', '\u0338'}, - "NotPrecedesEqual;": {'\u2AAF', '\u0338'}, - "NotRightTriangleBar;": {'\u29D0', '\u0338'}, - "NotSquareSubset;": {'\u228F', '\u0338'}, - "NotSquareSuperset;": {'\u2290', '\u0338'}, - "NotSubset;": {'\u2282', '\u20D2'}, - "NotSucceedsEqual;": {'\u2AB0', '\u0338'}, - "NotSucceedsTilde;": {'\u227F', '\u0338'}, - "NotSuperset;": {'\u2283', '\u20D2'}, - "ThickSpace;": {'\u205F', '\u200A'}, - "acE;": {'\u223E', '\u0333'}, - "bne;": {'\u003D', '\u20E5'}, - "bnequiv;": {'\u2261', '\u20E5'}, - "caps;": {'\u2229', '\uFE00'}, - "cups;": {'\u222A', '\uFE00'}, - "fjlig;": {'\u0066', '\u006A'}, - "gesl;": {'\u22DB', '\uFE00'}, - "gvertneqq;": {'\u2269', '\uFE00'}, - "gvnE;": {'\u2269', '\uFE00'}, - "lates;": {'\u2AAD', '\uFE00'}, - "lesg;": {'\u22DA', '\uFE00'}, - "lvertneqq;": {'\u2268', '\uFE00'}, - "lvnE;": {'\u2268', '\uFE00'}, - "nGg;": {'\u22D9', '\u0338'}, - "nGtv;": {'\u226B', '\u0338'}, - "nLl;": {'\u22D8', '\u0338'}, - "nLtv;": {'\u226A', '\u0338'}, - "nang;": {'\u2220', '\u20D2'}, - "napE;": {'\u2A70', '\u0338'}, - "napid;": {'\u224B', '\u0338'}, - "nbump;": {'\u224E', '\u0338'}, - "nbumpe;": {'\u224F', '\u0338'}, - "ncongdot;": {'\u2A6D', '\u0338'}, - "nedot;": {'\u2250', '\u0338'}, - "nesim;": {'\u2242', '\u0338'}, - "ngE;": {'\u2267', '\u0338'}, - "ngeqq;": {'\u2267', '\u0338'}, - "ngeqslant;": {'\u2A7E', '\u0338'}, - "nges;": {'\u2A7E', '\u0338'}, - "nlE;": {'\u2266', '\u0338'}, - "nleqq;": {'\u2266', '\u0338'}, - "nleqslant;": {'\u2A7D', '\u0338'}, - "nles;": {'\u2A7D', '\u0338'}, - "notinE;": {'\u22F9', '\u0338'}, - "notindot;": {'\u22F5', '\u0338'}, - "nparsl;": {'\u2AFD', '\u20E5'}, - "npart;": {'\u2202', '\u0338'}, - "npre;": {'\u2AAF', '\u0338'}, - "npreceq;": {'\u2AAF', '\u0338'}, - "nrarrc;": {'\u2933', '\u0338'}, - "nrarrw;": {'\u219D', '\u0338'}, - "nsce;": {'\u2AB0', '\u0338'}, - "nsubE;": {'\u2AC5', '\u0338'}, - "nsubset;": {'\u2282', '\u20D2'}, - "nsubseteqq;": {'\u2AC5', '\u0338'}, - "nsucceq;": {'\u2AB0', '\u0338'}, - "nsupE;": {'\u2AC6', '\u0338'}, - "nsupset;": {'\u2283', '\u20D2'}, - "nsupseteqq;": {'\u2AC6', '\u0338'}, - "nvap;": {'\u224D', '\u20D2'}, - "nvge;": {'\u2265', '\u20D2'}, - "nvgt;": {'\u003E', '\u20D2'}, - "nvle;": {'\u2264', '\u20D2'}, - "nvlt;": {'\u003C', '\u20D2'}, - "nvltrie;": {'\u22B4', '\u20D2'}, - "nvrtrie;": {'\u22B5', '\u20D2'}, - "nvsim;": {'\u223C', '\u20D2'}, - "race;": {'\u223D', '\u0331'}, - "smtes;": {'\u2AAC', '\uFE00'}, - "sqcaps;": {'\u2293', '\uFE00'}, - "sqcups;": {'\u2294', '\uFE00'}, - "varsubsetneq;": {'\u228A', '\uFE00'}, - "varsubsetneqq;": {'\u2ACB', '\uFE00'}, - "varsupsetneq;": {'\u228B', '\uFE00'}, - "varsupsetneqq;": {'\u2ACC', '\uFE00'}, - "vnsub;": {'\u2282', '\u20D2'}, - "vnsup;": {'\u2283', '\u20D2'}, - "vsubnE;": {'\u2ACB', '\uFE00'}, - "vsubne;": {'\u228A', '\uFE00'}, - "vsupnE;": {'\u2ACC', '\uFE00'}, - "vsupne;": {'\u228B', '\uFE00'}, -} diff --git a/vendor/golang.org/x/net/html/entity_test.go b/vendor/golang.org/x/net/html/entity_test.go deleted file mode 100644 index b53f866f..00000000 --- a/vendor/golang.org/x/net/html/entity_test.go +++ /dev/null @@ -1,29 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "testing" - "unicode/utf8" -) - -func TestEntityLength(t *testing.T) { - // We verify that the length of UTF-8 encoding of each value is <= 1 + len(key). - // The +1 comes from the leading "&". This property implies that the length of - // unescaped text is <= the length of escaped text. - for k, v := range entity { - if 1+len(k) < utf8.RuneLen(v) { - t.Error("escaped entity &" + k + " is shorter than its UTF-8 encoding " + string(v)) - } - if len(k) > longestEntityWithoutSemicolon && k[len(k)-1] != ';' { - t.Errorf("entity name %s is %d characters, but longestEntityWithoutSemicolon=%d", k, len(k), longestEntityWithoutSemicolon) - } - } - for k, v := range entity2 { - if 1+len(k) < utf8.RuneLen(v[0])+utf8.RuneLen(v[1]) { - t.Error("escaped entity &" + k + " is shorter than its UTF-8 encoding " + string(v[0]) + string(v[1])) - } - } -} diff --git a/vendor/golang.org/x/net/html/escape.go b/vendor/golang.org/x/net/html/escape.go deleted file mode 100644 index d8561396..00000000 --- a/vendor/golang.org/x/net/html/escape.go +++ /dev/null @@ -1,258 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "bytes" - "strings" - "unicode/utf8" -) - -// These replacements permit compatibility with old numeric entities that -// assumed Windows-1252 encoding. -// https://html.spec.whatwg.org/multipage/syntax.html#consume-a-character-reference -var replacementTable = [...]rune{ - '\u20AC', // First entry is what 0x80 should be replaced with. - '\u0081', - '\u201A', - '\u0192', - '\u201E', - '\u2026', - '\u2020', - '\u2021', - '\u02C6', - '\u2030', - '\u0160', - '\u2039', - '\u0152', - '\u008D', - '\u017D', - '\u008F', - '\u0090', - '\u2018', - '\u2019', - '\u201C', - '\u201D', - '\u2022', - '\u2013', - '\u2014', - '\u02DC', - '\u2122', - '\u0161', - '\u203A', - '\u0153', - '\u009D', - '\u017E', - '\u0178', // Last entry is 0x9F. - // 0x00->'\uFFFD' is handled programmatically. - // 0x0D->'\u000D' is a no-op. -} - -// unescapeEntity reads an entity like "<" from b[src:] and writes the -// corresponding "<" to b[dst:], returning the incremented dst and src cursors. -// Precondition: b[src] == '&' && dst <= src. -// attribute should be true if parsing an attribute value. -func unescapeEntity(b []byte, dst, src int, attribute bool) (dst1, src1 int) { - // https://html.spec.whatwg.org/multipage/syntax.html#consume-a-character-reference - - // i starts at 1 because we already know that s[0] == '&'. - i, s := 1, b[src:] - - if len(s) <= 1 { - b[dst] = b[src] - return dst + 1, src + 1 - } - - if s[i] == '#' { - if len(s) <= 3 { // We need to have at least "&#.". - b[dst] = b[src] - return dst + 1, src + 1 - } - i++ - c := s[i] - hex := false - if c == 'x' || c == 'X' { - hex = true - i++ - } - - x := '\x00' - for i < len(s) { - c = s[i] - i++ - if hex { - if '0' <= c && c <= '9' { - x = 16*x + rune(c) - '0' - continue - } else if 'a' <= c && c <= 'f' { - x = 16*x + rune(c) - 'a' + 10 - continue - } else if 'A' <= c && c <= 'F' { - x = 16*x + rune(c) - 'A' + 10 - continue - } - } else if '0' <= c && c <= '9' { - x = 10*x + rune(c) - '0' - continue - } - if c != ';' { - i-- - } - break - } - - if i <= 3 { // No characters matched. - b[dst] = b[src] - return dst + 1, src + 1 - } - - if 0x80 <= x && x <= 0x9F { - // Replace characters from Windows-1252 with UTF-8 equivalents. - x = replacementTable[x-0x80] - } else if x == 0 || (0xD800 <= x && x <= 0xDFFF) || x > 0x10FFFF { - // Replace invalid characters with the replacement character. - x = '\uFFFD' - } - - return dst + utf8.EncodeRune(b[dst:], x), src + i - } - - // Consume the maximum number of characters possible, with the - // consumed characters matching one of the named references. - - for i < len(s) { - c := s[i] - i++ - // Lower-cased characters are more common in entities, so we check for them first. - if 'a' <= c && c <= 'z' || 'A' <= c && c <= 'Z' || '0' <= c && c <= '9' { - continue - } - if c != ';' { - i-- - } - break - } - - entityName := string(s[1:i]) - if entityName == "" { - // No-op. - } else if attribute && entityName[len(entityName)-1] != ';' && len(s) > i && s[i] == '=' { - // No-op. - } else if x := entity[entityName]; x != 0 { - return dst + utf8.EncodeRune(b[dst:], x), src + i - } else if x := entity2[entityName]; x[0] != 0 { - dst1 := dst + utf8.EncodeRune(b[dst:], x[0]) - return dst1 + utf8.EncodeRune(b[dst1:], x[1]), src + i - } else if !attribute { - maxLen := len(entityName) - 1 - if maxLen > longestEntityWithoutSemicolon { - maxLen = longestEntityWithoutSemicolon - } - for j := maxLen; j > 1; j-- { - if x := entity[entityName[:j]]; x != 0 { - return dst + utf8.EncodeRune(b[dst:], x), src + j + 1 - } - } - } - - dst1, src1 = dst+i, src+i - copy(b[dst:dst1], b[src:src1]) - return dst1, src1 -} - -// unescape unescapes b's entities in-place, so that "a<b" becomes "a': - esc = ">" - case '"': - // """ is shorter than """. - esc = """ - case '\r': - esc = " " - default: - panic("unrecognized escape character") - } - s = s[i+1:] - if _, err := w.WriteString(esc); err != nil { - return err - } - i = strings.IndexAny(s, escapedChars) - } - _, err := w.WriteString(s) - return err -} - -// EscapeString escapes special characters like "<" to become "<". It -// escapes only five such characters: <, >, &, ' and ". -// UnescapeString(EscapeString(s)) == s always holds, but the converse isn't -// always true. -func EscapeString(s string) string { - if strings.IndexAny(s, escapedChars) == -1 { - return s - } - var buf bytes.Buffer - escape(&buf, s) - return buf.String() -} - -// UnescapeString unescapes entities like "<" to become "<". It unescapes a -// larger range of entities than EscapeString escapes. For example, "á" -// unescapes to "á", as does "á" and "&xE1;". -// UnescapeString(EscapeString(s)) == s always holds, but the converse isn't -// always true. -func UnescapeString(s string) string { - for _, c := range s { - if c == '&' { - return string(unescape([]byte(s), false)) - } - } - return s -} diff --git a/vendor/golang.org/x/net/html/escape_test.go b/vendor/golang.org/x/net/html/escape_test.go deleted file mode 100644 index b405d4b4..00000000 --- a/vendor/golang.org/x/net/html/escape_test.go +++ /dev/null @@ -1,97 +0,0 @@ -// Copyright 2013 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import "testing" - -type unescapeTest struct { - // A short description of the test case. - desc string - // The HTML text. - html string - // The unescaped text. - unescaped string -} - -var unescapeTests = []unescapeTest{ - // Handle no entities. - { - "copy", - "A\ttext\nstring", - "A\ttext\nstring", - }, - // Handle simple named entities. - { - "simple", - "& > <", - "& > <", - }, - // Handle hitting the end of the string. - { - "stringEnd", - "& &", - "& &", - }, - // Handle entities with two codepoints. - { - "multiCodepoint", - "text ⋛︀ blah", - "text \u22db\ufe00 blah", - }, - // Handle decimal numeric entities. - { - "decimalEntity", - "Delta = Δ ", - "Delta = Δ ", - }, - // Handle hexadecimal numeric entities. - { - "hexadecimalEntity", - "Lambda = λ = λ ", - "Lambda = λ = λ ", - }, - // Handle numeric early termination. - { - "numericEnds", - "&# &#x €43 © = ©f = ©", - "&# &#x €43 © = ©f = ©", - }, - // Handle numeric ISO-8859-1 entity replacements. - { - "numericReplacements", - "Footnote‡", - "Footnote‡", - }, -} - -func TestUnescape(t *testing.T) { - for _, tt := range unescapeTests { - unescaped := UnescapeString(tt.html) - if unescaped != tt.unescaped { - t.Errorf("TestUnescape %s: want %q, got %q", tt.desc, tt.unescaped, unescaped) - } - } -} - -func TestUnescapeEscape(t *testing.T) { - ss := []string{ - ``, - `abc def`, - `a & b`, - `a&b`, - `a & b`, - `"`, - `"`, - `"<&>"`, - `"<&>"`, - `3&5==1 && 0<1, "0<1", a+acute=á`, - `The special characters are: <, >, &, ' and "`, - } - for _, s := range ss { - if got := UnescapeString(EscapeString(s)); got != s { - t.Errorf("got %q want %q", got, s) - } - } -} diff --git a/vendor/golang.org/x/net/html/example_test.go b/vendor/golang.org/x/net/html/example_test.go deleted file mode 100644 index 0b06ed77..00000000 --- a/vendor/golang.org/x/net/html/example_test.go +++ /dev/null @@ -1,40 +0,0 @@ -// Copyright 2012 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -// This example demonstrates parsing HTML data and walking the resulting tree. -package html_test - -import ( - "fmt" - "log" - "strings" - - "golang.org/x/net/html" -) - -func ExampleParse() { - s := `

Links:

` - doc, err := html.Parse(strings.NewReader(s)) - if err != nil { - log.Fatal(err) - } - var f func(*html.Node) - f = func(n *html.Node) { - if n.Type == html.ElementNode && n.Data == "a" { - for _, a := range n.Attr { - if a.Key == "href" { - fmt.Println(a.Val) - break - } - } - } - for c := n.FirstChild; c != nil; c = c.NextSibling { - f(c) - } - } - f(doc) - // Output: - // foo - // /bar/baz -} diff --git a/vendor/golang.org/x/net/html/foreign.go b/vendor/golang.org/x/net/html/foreign.go deleted file mode 100644 index d3b38440..00000000 --- a/vendor/golang.org/x/net/html/foreign.go +++ /dev/null @@ -1,226 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "strings" -) - -func adjustAttributeNames(aa []Attribute, nameMap map[string]string) { - for i := range aa { - if newName, ok := nameMap[aa[i].Key]; ok { - aa[i].Key = newName - } - } -} - -func adjustForeignAttributes(aa []Attribute) { - for i, a := range aa { - if a.Key == "" || a.Key[0] != 'x' { - continue - } - switch a.Key { - case "xlink:actuate", "xlink:arcrole", "xlink:href", "xlink:role", "xlink:show", - "xlink:title", "xlink:type", "xml:base", "xml:lang", "xml:space", "xmlns:xlink": - j := strings.Index(a.Key, ":") - aa[i].Namespace = a.Key[:j] - aa[i].Key = a.Key[j+1:] - } - } -} - -func htmlIntegrationPoint(n *Node) bool { - if n.Type != ElementNode { - return false - } - switch n.Namespace { - case "math": - if n.Data == "annotation-xml" { - for _, a := range n.Attr { - if a.Key == "encoding" { - val := strings.ToLower(a.Val) - if val == "text/html" || val == "application/xhtml+xml" { - return true - } - } - } - } - case "svg": - switch n.Data { - case "desc", "foreignObject", "title": - return true - } - } - return false -} - -func mathMLTextIntegrationPoint(n *Node) bool { - if n.Namespace != "math" { - return false - } - switch n.Data { - case "mi", "mo", "mn", "ms", "mtext": - return true - } - return false -} - -// Section 12.2.5.5. -var breakout = map[string]bool{ - "b": true, - "big": true, - "blockquote": true, - "body": true, - "br": true, - "center": true, - "code": true, - "dd": true, - "div": true, - "dl": true, - "dt": true, - "em": true, - "embed": true, - "h1": true, - "h2": true, - "h3": true, - "h4": true, - "h5": true, - "h6": true, - "head": true, - "hr": true, - "i": true, - "img": true, - "li": true, - "listing": true, - "menu": true, - "meta": true, - "nobr": true, - "ol": true, - "p": true, - "pre": true, - "ruby": true, - "s": true, - "small": true, - "span": true, - "strong": true, - "strike": true, - "sub": true, - "sup": true, - "table": true, - "tt": true, - "u": true, - "ul": true, - "var": true, -} - -// Section 12.2.5.5. -var svgTagNameAdjustments = map[string]string{ - "altglyph": "altGlyph", - "altglyphdef": "altGlyphDef", - "altglyphitem": "altGlyphItem", - "animatecolor": "animateColor", - "animatemotion": "animateMotion", - "animatetransform": "animateTransform", - "clippath": "clipPath", - "feblend": "feBlend", - "fecolormatrix": "feColorMatrix", - "fecomponenttransfer": "feComponentTransfer", - "fecomposite": "feComposite", - "feconvolvematrix": "feConvolveMatrix", - "fediffuselighting": "feDiffuseLighting", - "fedisplacementmap": "feDisplacementMap", - "fedistantlight": "feDistantLight", - "feflood": "feFlood", - "fefunca": "feFuncA", - "fefuncb": "feFuncB", - "fefuncg": "feFuncG", - "fefuncr": "feFuncR", - "fegaussianblur": "feGaussianBlur", - "feimage": "feImage", - "femerge": "feMerge", - "femergenode": "feMergeNode", - "femorphology": "feMorphology", - "feoffset": "feOffset", - "fepointlight": "fePointLight", - "fespecularlighting": "feSpecularLighting", - "fespotlight": "feSpotLight", - "fetile": "feTile", - "feturbulence": "feTurbulence", - "foreignobject": "foreignObject", - "glyphref": "glyphRef", - "lineargradient": "linearGradient", - "radialgradient": "radialGradient", - "textpath": "textPath", -} - -// Section 12.2.5.1 -var mathMLAttributeAdjustments = map[string]string{ - "definitionurl": "definitionURL", -} - -var svgAttributeAdjustments = map[string]string{ - "attributename": "attributeName", - "attributetype": "attributeType", - "basefrequency": "baseFrequency", - "baseprofile": "baseProfile", - "calcmode": "calcMode", - "clippathunits": "clipPathUnits", - "contentscripttype": "contentScriptType", - "contentstyletype": "contentStyleType", - "diffuseconstant": "diffuseConstant", - "edgemode": "edgeMode", - "externalresourcesrequired": "externalResourcesRequired", - "filterres": "filterRes", - "filterunits": "filterUnits", - "glyphref": "glyphRef", - "gradienttransform": "gradientTransform", - "gradientunits": "gradientUnits", - "kernelmatrix": "kernelMatrix", - "kernelunitlength": "kernelUnitLength", - "keypoints": "keyPoints", - "keysplines": "keySplines", - "keytimes": "keyTimes", - "lengthadjust": "lengthAdjust", - "limitingconeangle": "limitingConeAngle", - "markerheight": "markerHeight", - "markerunits": "markerUnits", - "markerwidth": "markerWidth", - "maskcontentunits": "maskContentUnits", - "maskunits": "maskUnits", - "numoctaves": "numOctaves", - "pathlength": "pathLength", - "patterncontentunits": "patternContentUnits", - "patterntransform": "patternTransform", - "patternunits": "patternUnits", - "pointsatx": "pointsAtX", - "pointsaty": "pointsAtY", - "pointsatz": "pointsAtZ", - "preservealpha": "preserveAlpha", - "preserveaspectratio": "preserveAspectRatio", - "primitiveunits": "primitiveUnits", - "refx": "refX", - "refy": "refY", - "repeatcount": "repeatCount", - "repeatdur": "repeatDur", - "requiredextensions": "requiredExtensions", - "requiredfeatures": "requiredFeatures", - "specularconstant": "specularConstant", - "specularexponent": "specularExponent", - "spreadmethod": "spreadMethod", - "startoffset": "startOffset", - "stddeviation": "stdDeviation", - "stitchtiles": "stitchTiles", - "surfacescale": "surfaceScale", - "systemlanguage": "systemLanguage", - "tablevalues": "tableValues", - "targetx": "targetX", - "targety": "targetY", - "textlength": "textLength", - "viewbox": "viewBox", - "viewtarget": "viewTarget", - "xchannelselector": "xChannelSelector", - "ychannelselector": "yChannelSelector", - "zoomandpan": "zoomAndPan", -} diff --git a/vendor/golang.org/x/net/html/node.go b/vendor/golang.org/x/net/html/node.go deleted file mode 100644 index 26b657ae..00000000 --- a/vendor/golang.org/x/net/html/node.go +++ /dev/null @@ -1,193 +0,0 @@ -// Copyright 2011 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "golang.org/x/net/html/atom" -) - -// A NodeType is the type of a Node. -type NodeType uint32 - -const ( - ErrorNode NodeType = iota - TextNode - DocumentNode - ElementNode - CommentNode - DoctypeNode - scopeMarkerNode -) - -// Section 12.2.3.3 says "scope markers are inserted when entering applet -// elements, buttons, object elements, marquees, table cells, and table -// captions, and are used to prevent formatting from 'leaking'". -var scopeMarker = Node{Type: scopeMarkerNode} - -// A Node consists of a NodeType and some Data (tag name for element nodes, -// content for text) and are part of a tree of Nodes. Element nodes may also -// have a Namespace and contain a slice of Attributes. Data is unescaped, so -// that it looks like "a 0 { - return (*s)[i-1] - } - return nil -} - -// index returns the index of the top-most occurrence of n in the stack, or -1 -// if n is not present. -func (s *nodeStack) index(n *Node) int { - for i := len(*s) - 1; i >= 0; i-- { - if (*s)[i] == n { - return i - } - } - return -1 -} - -// insert inserts a node at the given index. -func (s *nodeStack) insert(i int, n *Node) { - (*s) = append(*s, nil) - copy((*s)[i+1:], (*s)[i:]) - (*s)[i] = n -} - -// remove removes a node from the stack. It is a no-op if n is not present. -func (s *nodeStack) remove(n *Node) { - i := s.index(n) - if i == -1 { - return - } - copy((*s)[i:], (*s)[i+1:]) - j := len(*s) - 1 - (*s)[j] = nil - *s = (*s)[:j] -} diff --git a/vendor/golang.org/x/net/html/node_test.go b/vendor/golang.org/x/net/html/node_test.go deleted file mode 100644 index 471102f3..00000000 --- a/vendor/golang.org/x/net/html/node_test.go +++ /dev/null @@ -1,146 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "fmt" -) - -// checkTreeConsistency checks that a node and its descendants are all -// consistent in their parent/child/sibling relationships. -func checkTreeConsistency(n *Node) error { - return checkTreeConsistency1(n, 0) -} - -func checkTreeConsistency1(n *Node, depth int) error { - if depth == 1e4 { - return fmt.Errorf("html: tree looks like it contains a cycle") - } - if err := checkNodeConsistency(n); err != nil { - return err - } - for c := n.FirstChild; c != nil; c = c.NextSibling { - if err := checkTreeConsistency1(c, depth+1); err != nil { - return err - } - } - return nil -} - -// checkNodeConsistency checks that a node's parent/child/sibling relationships -// are consistent. -func checkNodeConsistency(n *Node) error { - if n == nil { - return nil - } - - nParent := 0 - for p := n.Parent; p != nil; p = p.Parent { - nParent++ - if nParent == 1e4 { - return fmt.Errorf("html: parent list looks like an infinite loop") - } - } - - nForward := 0 - for c := n.FirstChild; c != nil; c = c.NextSibling { - nForward++ - if nForward == 1e6 { - return fmt.Errorf("html: forward list of children looks like an infinite loop") - } - if c.Parent != n { - return fmt.Errorf("html: inconsistent child/parent relationship") - } - } - - nBackward := 0 - for c := n.LastChild; c != nil; c = c.PrevSibling { - nBackward++ - if nBackward == 1e6 { - return fmt.Errorf("html: backward list of children looks like an infinite loop") - } - if c.Parent != n { - return fmt.Errorf("html: inconsistent child/parent relationship") - } - } - - if n.Parent != nil { - if n.Parent == n { - return fmt.Errorf("html: inconsistent parent relationship") - } - if n.Parent == n.FirstChild { - return fmt.Errorf("html: inconsistent parent/first relationship") - } - if n.Parent == n.LastChild { - return fmt.Errorf("html: inconsistent parent/last relationship") - } - if n.Parent == n.PrevSibling { - return fmt.Errorf("html: inconsistent parent/prev relationship") - } - if n.Parent == n.NextSibling { - return fmt.Errorf("html: inconsistent parent/next relationship") - } - - parentHasNAsAChild := false - for c := n.Parent.FirstChild; c != nil; c = c.NextSibling { - if c == n { - parentHasNAsAChild = true - break - } - } - if !parentHasNAsAChild { - return fmt.Errorf("html: inconsistent parent/child relationship") - } - } - - if n.PrevSibling != nil && n.PrevSibling.NextSibling != n { - return fmt.Errorf("html: inconsistent prev/next relationship") - } - if n.NextSibling != nil && n.NextSibling.PrevSibling != n { - return fmt.Errorf("html: inconsistent next/prev relationship") - } - - if (n.FirstChild == nil) != (n.LastChild == nil) { - return fmt.Errorf("html: inconsistent first/last relationship") - } - if n.FirstChild != nil && n.FirstChild == n.LastChild { - // We have a sole child. - if n.FirstChild.PrevSibling != nil || n.FirstChild.NextSibling != nil { - return fmt.Errorf("html: inconsistent sole child's sibling relationship") - } - } - - seen := map[*Node]bool{} - - var last *Node - for c := n.FirstChild; c != nil; c = c.NextSibling { - if seen[c] { - return fmt.Errorf("html: inconsistent repeated child") - } - seen[c] = true - last = c - } - if last != n.LastChild { - return fmt.Errorf("html: inconsistent last relationship") - } - - var first *Node - for c := n.LastChild; c != nil; c = c.PrevSibling { - if !seen[c] { - return fmt.Errorf("html: inconsistent missing child") - } - delete(seen, c) - first = c - } - if first != n.FirstChild { - return fmt.Errorf("html: inconsistent first relationship") - } - - if len(seen) != 0 { - return fmt.Errorf("html: inconsistent forwards/backwards child list") - } - - return nil -} diff --git a/vendor/golang.org/x/net/html/parse.go b/vendor/golang.org/x/net/html/parse.go deleted file mode 100644 index be4b2bf5..00000000 --- a/vendor/golang.org/x/net/html/parse.go +++ /dev/null @@ -1,2094 +0,0 @@ -// Copyright 2010 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -package html - -import ( - "errors" - "fmt" - "io" - "strings" - - a "golang.org/x/net/html/atom" -) - -// A parser implements the HTML5 parsing algorithm: -// https://html.spec.whatwg.org/multipage/syntax.html#tree-construction -type parser struct { - // tokenizer provides the tokens for the parser. - tokenizer *Tokenizer - // tok is the most recently read token. - tok Token - // Self-closing tags like
are treated as start tags, except that - // hasSelfClosingToken is set while they are being processed. - hasSelfClosingToken bool - // doc is the document root element. - doc *Node - // The stack of open elements (section 12.2.3.2) and active formatting - // elements (section 12.2.3.3). - oe, afe nodeStack - // Element pointers (section 12.2.3.4). - head, form *Node - // Other parsing state flags (section 12.2.3.5). - scripting, framesetOK bool - // im is the current insertion mode. - im insertionMode - // originalIM is the insertion mode to go back to after completing a text - // or inTableText insertion mode. - originalIM insertionMode - // fosterParenting is whether new elements should be inserted according to - // the foster parenting rules (section 12.2.5.3). - fosterParenting bool - // quirks is whether the parser is operating in "quirks mode." - quirks bool - // fragment is whether the parser is parsing an HTML fragment. - fragment bool - // context is the context element when parsing an HTML fragment - // (section 12.4). - context *Node -} - -func (p *parser) top() *Node { - if n := p.oe.top(); n != nil { - return n - } - return p.doc -} - -// Stop tags for use in popUntil. These come from section 12.2.3.2. -var ( - defaultScopeStopTags = map[string][]a.Atom{ - "": {a.Applet, a.Caption, a.Html, a.Table, a.Td, a.Th, a.Marquee, a.Object, a.Template}, - "math": {a.AnnotationXml, a.Mi, a.Mn, a.Mo, a.Ms, a.Mtext}, - "svg": {a.Desc, a.ForeignObject, a.Title}, - } -) - -type scope int - -const ( - defaultScope scope = iota - listItemScope - buttonScope - tableScope - tableRowScope - tableBodyScope - selectScope -) - -// popUntil pops the stack of open elements at the highest element whose tag -// is in matchTags, provided there is no higher element in the scope's stop -// tags (as defined in section 12.2.3.2). It returns whether or not there was -// such an element. If there was not, popUntil leaves the stack unchanged. -// -// For example, the set of stop tags for table scope is: "html", "table". If -// the stack was: -// ["html", "body", "font", "table", "b", "i", "u"] -// then popUntil(tableScope, "font") would return false, but -// popUntil(tableScope, "i") would return true and the stack would become: -// ["html", "body", "font", "table", "b"] -// -// If an element's tag is in both the stop tags and matchTags, then the stack -// will be popped and the function returns true (provided, of course, there was -// no higher element in the stack that was also in the stop tags). For example, -// popUntil(tableScope, "table") returns true and leaves: -// ["html", "body", "font"] -func (p *parser) popUntil(s scope, matchTags ...a.Atom) bool { - if i := p.indexOfElementInScope(s, matchTags...); i != -1 { - p.oe = p.oe[:i] - return true - } - return false -} - -// indexOfElementInScope returns the index in p.oe of the highest element whose -// tag is in matchTags that is in scope. If no matching element is in scope, it -// returns -1. -func (p *parser) indexOfElementInScope(s scope, matchTags ...a.Atom) int { - for i := len(p.oe) - 1; i >= 0; i-- { - tagAtom := p.oe[i].DataAtom - if p.oe[i].Namespace == "" { - for _, t := range matchTags { - if t == tagAtom { - return i - } - } - switch s { - case defaultScope: - // No-op. - case listItemScope: - if tagAtom == a.Ol || tagAtom == a.Ul { - return -1 - } - case buttonScope: - if tagAtom == a.Button { - return -1 - } - case tableScope: - if tagAtom == a.Html || tagAtom == a.Table { - return -1 - } - case selectScope: - if tagAtom != a.Optgroup && tagAtom != a.Option { - return -1 - } - default: - panic("unreachable") - } - } - switch s { - case defaultScope, listItemScope, buttonScope: - for _, t := range defaultScopeStopTags[p.oe[i].Namespace] { - if t == tagAtom { - return -1 - } - } - } - } - return -1 -} - -// elementInScope is like popUntil, except that it doesn't modify the stack of -// open elements. -func (p *parser) elementInScope(s scope, matchTags ...a.Atom) bool { - return p.indexOfElementInScope(s, matchTags...) != -1 -} - -// clearStackToContext pops elements off the stack of open elements until a -// scope-defined element is found. -func (p *parser) clearStackToContext(s scope) { - for i := len(p.oe) - 1; i >= 0; i-- { - tagAtom := p.oe[i].DataAtom - switch s { - case tableScope: - if tagAtom == a.Html || tagAtom == a.Table { - p.oe = p.oe[:i+1] - return - } - case tableRowScope: - if tagAtom == a.Html || tagAtom == a.Tr { - p.oe = p.oe[:i+1] - return - } - case tableBodyScope: - if tagAtom == a.Html || tagAtom == a.Tbody || tagAtom == a.Tfoot || tagAtom == a.Thead { - p.oe = p.oe[:i+1] - return - } - default: - panic("unreachable") - } - } -} - -// generateImpliedEndTags pops nodes off the stack of open elements as long as -// the top node has a tag name of dd, dt, li, option, optgroup, p, rp, or rt. -// If exceptions are specified, nodes with that name will not be popped off. -func (p *parser) generateImpliedEndTags(exceptions ...string) { - var i int -loop: - for i = len(p.oe) - 1; i >= 0; i-- { - n := p.oe[i] - if n.Type == ElementNode { - switch n.DataAtom { - case a.Dd, a.Dt, a.Li, a.Option, a.Optgroup, a.P, a.Rp, a.Rt: - for _, except := range exceptions { - if n.Data == except { - break loop - } - } - continue - } - } - break - } - - p.oe = p.oe[:i+1] -} - -// addChild adds a child node n to the top element, and pushes n onto the stack -// of open elements if it is an element node. -func (p *parser) addChild(n *Node) { - if p.shouldFosterParent() { - p.fosterParent(n) - } else { - p.top().AppendChild(n) - } - - if n.Type == ElementNode { - p.oe = append(p.oe, n) - } -} - -// shouldFosterParent returns whether the next node to be added should be -// foster parented. -func (p *parser) shouldFosterParent() bool { - if p.fosterParenting { - switch p.top().DataAtom { - case a.Table, a.Tbody, a.Tfoot, a.Thead, a.Tr: - return true - } - } - return false -} - -// fosterParent adds a child node according to the foster parenting rules. -// Section 12.2.5.3, "foster parenting". -func (p *parser) fosterParent(n *Node) { - var table, parent, prev *Node - var i int - for i = len(p.oe) - 1; i >= 0; i-- { - if p.oe[i].DataAtom == a.Table { - table = p.oe[i] - break - } - } - - if table == nil { - // The foster parent is the html element. - parent = p.oe[0] - } else { - parent = table.Parent - } - if parent == nil { - parent = p.oe[i-1] - } - - if table != nil { - prev = table.PrevSibling - } else { - prev = parent.LastChild - } - if prev != nil && prev.Type == TextNode && n.Type == TextNode { - prev.Data += n.Data - return - } - - parent.InsertBefore(n, table) -} - -// addText adds text to the preceding node if it is a text node, or else it -// calls addChild with a new text node. -func (p *parser) addText(text string) { - if text == "" { - return - } - - if p.shouldFosterParent() { - p.fosterParent(&Node{ - Type: TextNode, - Data: text, - }) - return - } - - t := p.top() - if n := t.LastChild; n != nil && n.Type == TextNode { - n.Data += text - return - } - p.addChild(&Node{ - Type: TextNode, - Data: text, - }) -} - -// addElement adds a child element based on the current token. -func (p *parser) addElement() { - p.addChild(&Node{ - Type: ElementNode, - DataAtom: p.tok.DataAtom, - Data: p.tok.Data, - Attr: p.tok.Attr, - }) -} - -// Section 12.2.3.3. -func (p *parser) addFormattingElement() { - tagAtom, attr := p.tok.DataAtom, p.tok.Attr - p.addElement() - - // Implement the Noah's Ark clause, but with three per family instead of two. - identicalElements := 0 -findIdenticalElements: - for i := len(p.afe) - 1; i >= 0; i-- { - n := p.afe[i] - if n.Type == scopeMarkerNode { - break - } - if n.Type != ElementNode { - continue - } - if n.Namespace != "" { - continue - } - if n.DataAtom != tagAtom { - continue - } - if len(n.Attr) != len(attr) { - continue - } - compareAttributes: - for _, t0 := range n.Attr { - for _, t1 := range attr { - if t0.Key == t1.Key && t0.Namespace == t1.Namespace && t0.Val == t1.Val { - // Found a match for this attribute, continue with the next attribute. - continue compareAttributes - } - } - // If we get here, there is no attribute that matches a. - // Therefore the element is not identical to the new one. - continue findIdenticalElements - } - - identicalElements++ - if identicalElements >= 3 { - p.afe.remove(n) - } - } - - p.afe = append(p.afe, p.top()) -} - -// Section 12.2.3.3. -func (p *parser) clearActiveFormattingElements() { - for { - n := p.afe.pop() - if len(p.afe) == 0 || n.Type == scopeMarkerNode { - return - } - } -} - -// Section 12.2.3.3. -func (p *parser) reconstructActiveFormattingElements() { - n := p.afe.top() - if n == nil { - return - } - if n.Type == scopeMarkerNode || p.oe.index(n) != -1 { - return - } - i := len(p.afe) - 1 - for n.Type != scopeMarkerNode && p.oe.index(n) == -1 { - if i == 0 { - i = -1 - break - } - i-- - n = p.afe[i] - } - for { - i++ - clone := p.afe[i].clone() - p.addChild(clone) - p.afe[i] = clone - if i == len(p.afe)-1 { - break - } - } -} - -// Section 12.2.4. -func (p *parser) acknowledgeSelfClosingTag() { - p.hasSelfClosingToken = false -} - -// An insertion mode (section 12.2.3.1) is the state transition function from -// a particular state in the HTML5 parser's state machine. It updates the -// parser's fields depending on parser.tok (where ErrorToken means EOF). -// It returns whether the token was consumed. -type insertionMode func(*parser) bool - -// setOriginalIM sets the insertion mode to return to after completing a text or -// inTableText insertion mode. -// Section 12.2.3.1, "using the rules for". -func (p *parser) setOriginalIM() { - if p.originalIM != nil { - panic("html: bad parser state: originalIM was set twice") - } - p.originalIM = p.im -} - -// Section 12.2.3.1, "reset the insertion mode". -func (p *parser) resetInsertionMode() { - for i := len(p.oe) - 1; i >= 0; i-- { - n := p.oe[i] - if i == 0 && p.context != nil { - n = p.context - } - - switch n.DataAtom { - case a.Select: - p.im = inSelectIM - case a.Td, a.Th: - p.im = inCellIM - case a.Tr: - p.im = inRowIM - case a.Tbody, a.Thead, a.Tfoot: - p.im = inTableBodyIM - case a.Caption: - p.im = inCaptionIM - case a.Colgroup: - p.im = inColumnGroupIM - case a.Table: - p.im = inTableIM - case a.Head: - p.im = inBodyIM - case a.Body: - p.im = inBodyIM - case a.Frameset: - p.im = inFramesetIM - case a.Html: - p.im = beforeHeadIM - default: - continue - } - return - } - p.im = inBodyIM -} - -const whitespace = " \t\r\n\f" - -// Section 12.2.5.4.1. -func initialIM(p *parser) bool { - switch p.tok.Type { - case TextToken: - p.tok.Data = strings.TrimLeft(p.tok.Data, whitespace) - if len(p.tok.Data) == 0 { - // It was all whitespace, so ignore it. - return true - } - case CommentToken: - p.doc.AppendChild(&Node{ - Type: CommentNode, - Data: p.tok.Data, - }) - return true - case DoctypeToken: - n, quirks := parseDoctype(p.tok.Data) - p.doc.AppendChild(n) - p.quirks = quirks - p.im = beforeHTMLIM - return true - } - p.quirks = true - p.im = beforeHTMLIM - return false -} - -// Section 12.2.5.4.2. -func beforeHTMLIM(p *parser) bool { - switch p.tok.Type { - case DoctypeToken: - // Ignore the token. - return true - case TextToken: - p.tok.Data = strings.TrimLeft(p.tok.Data, whitespace) - if len(p.tok.Data) == 0 { - // It was all whitespace, so ignore it. - return true - } - case StartTagToken: - if p.tok.DataAtom == a.Html { - p.addElement() - p.im = beforeHeadIM - return true - } - case EndTagToken: - switch p.tok.DataAtom { - case a.Head, a.Body, a.Html, a.Br: - p.parseImpliedToken(StartTagToken, a.Html, a.Html.String()) - return false - default: - // Ignore the token. - return true - } - case CommentToken: - p.doc.AppendChild(&Node{ - Type: CommentNode, - Data: p.tok.Data, - }) - return true - } - p.parseImpliedToken(StartTagToken, a.Html, a.Html.String()) - return false -} - -// Section 12.2.5.4.3. -func beforeHeadIM(p *parser) bool { - switch p.tok.Type { - case TextToken: - p.tok.Data = strings.TrimLeft(p.tok.Data, whitespace) - if len(p.tok.Data) == 0 { - // It was all whitespace, so ignore it. - return true - } - case StartTagToken: - switch p.tok.DataAtom { - case a.Head: - p.addElement() - p.head = p.top() - p.im = inHeadIM - return true - case a.Html: - return inBodyIM(p) - } - case EndTagToken: - switch p.tok.DataAtom { - case a.Head, a.Body, a.Html, a.Br: - p.parseImpliedToken(StartTagToken, a.Head, a.Head.String()) - return false - default: - // Ignore the token. - return true - } - case CommentToken: - p.addChild(&Node{ - Type: CommentNode, - Data: p.tok.Data, - }) - return true - case DoctypeToken: - // Ignore the token. - return true - } - - p.parseImpliedToken(StartTagToken, a.Head, a.Head.String()) - return false -} - -// Section 12.2.5.4.4. -func inHeadIM(p *parser) bool { - switch p.tok.Type { - case TextToken: - s := strings.TrimLeft(p.tok.Data, whitespace) - if len(s) < len(p.tok.Data) { - // Add the initial whitespace to the current node. - p.addText(p.tok.Data[:len(p.tok.Data)-len(s)]) - if s == "" { - return true - } - p.tok.Data = s - } - case StartTagToken: - switch p.tok.DataAtom { - case a.Html: - return inBodyIM(p) - case a.Base, a.Basefont, a.Bgsound, a.Command, a.Link, a.Meta: - p.addElement() - p.oe.pop() - p.acknowledgeSelfClosingTag() - return true - case a.Script, a.Title, a.Noscript, a.Noframes, a.Style: - p.addElement() - p.setOriginalIM() - p.im = textIM - return true - case a.Head: - // Ignore the token. - return true - } - case EndTagToken: - switch p.tok.DataAtom { - case a.Head: - n := p.oe.pop() - if n.DataAtom != a.Head { - panic("html: bad parser state: element not found, in the in-head insertion mode") - } - p.im = afterHeadIM - return true - case a.Body, a.Html, a.Br: - p.parseImpliedToken(EndTagToken, a.Head, a.Head.String()) - return false - default: - // Ignore the token. - return true - } - case CommentToken: - p.addChild(&Node{ - Type: CommentNode, - Data: p.tok.Data, - }) - return true - case DoctypeToken: - // Ignore the token. - return true - } - - p.parseImpliedToken(EndTagToken, a.Head, a.Head.String()) - return false -} - -// Section 12.2.5.4.6. -func afterHeadIM(p *parser) bool { - switch p.tok.Type { - case TextToken: - s := strings.TrimLeft(p.tok.Data, whitespace) - if len(s) < len(p.tok.Data) { - // Add the initial whitespace to the current node. - p.addText(p.tok.Data[:len(p.tok.Data)-len(s)]) - if s == "" { - return true - } - p.tok.Data = s - } - case StartTagToken: - switch p.tok.DataAtom { - case a.Html: - return inBodyIM(p) - case a.Body: - p.addElement() - p.framesetOK = false - p.im = inBodyIM - return true - case a.Frameset: - p.addElement() - p.im = inFramesetIM - return true - case a.Base, a.Basefont, a.Bgsound, a.Link, a.Meta, a.Noframes, a.Script, a.Style, a.Title: - p.oe = append(p.oe, p.head) - defer p.oe.remove(p.head) - return inHeadIM(p) - case a.Head: - // Ignore the token. - return true - } - case EndTagToken: - switch p.tok.DataAtom { - case a.Body, a.Html, a.Br: - // Drop down to creating an implied tag. - default: - // Ignore the token. - return true - } - case CommentToken: - p.addChild(&Node{ - Type: CommentNode, - Data: p.tok.Data, - }) - return true - case DoctypeToken: - // Ignore the token. - return true - } - - p.parseImpliedToken(StartTagToken, a.Body, a.Body.String()) - p.framesetOK = true - return false -} - -// copyAttributes copies attributes of src not found on dst to dst. -func copyAttributes(dst *Node, src Token) { - if len(src.Attr) == 0 { - return - } - attr := map[string]string{} - for _, t := range dst.Attr { - attr[t.Key] = t.Val - } - for _, t := range src.Attr { - if _, ok := attr[t.Key]; !ok { - dst.Attr = append(dst.Attr, t) - attr[t.Key] = t.Val - } - } -} - -// Section 12.2.5.4.7. -func inBodyIM(p *parser) bool { - switch p.tok.Type { - case TextToken: - d := p.tok.Data - switch n := p.oe.top(); n.DataAtom { - case a.Pre, a.Listing: - if n.FirstChild == nil { - // Ignore a newline at the start of a 
 block.
-				if d != "" && d[0] == '\r' {
-					d = d[1:]
-				}
-				if d != "" && d[0] == '\n' {
-					d = d[1:]
-				}
-			}
-		}
-		d = strings.Replace(d, "\x00", "", -1)
-		if d == "" {
-			return true
-		}
-		p.reconstructActiveFormattingElements()
-		p.addText(d)
-		if p.framesetOK && strings.TrimLeft(d, whitespace) != "" {
-			// There were non-whitespace characters inserted.
-			p.framesetOK = false
-		}
-	case StartTagToken:
-		switch p.tok.DataAtom {
-		case a.Html:
-			copyAttributes(p.oe[0], p.tok)
-		case a.Base, a.Basefont, a.Bgsound, a.Command, a.Link, a.Meta, a.Noframes, a.Script, a.Style, a.Title:
-			return inHeadIM(p)
-		case a.Body:
-			if len(p.oe) >= 2 {
-				body := p.oe[1]
-				if body.Type == ElementNode && body.DataAtom == a.Body {
-					p.framesetOK = false
-					copyAttributes(body, p.tok)
-				}
-			}
-		case a.Frameset:
-			if !p.framesetOK || len(p.oe) < 2 || p.oe[1].DataAtom != a.Body {
-				// Ignore the token.
-				return true
-			}
-			body := p.oe[1]
-			if body.Parent != nil {
-				body.Parent.RemoveChild(body)
-			}
-			p.oe = p.oe[:1]
-			p.addElement()
-			p.im = inFramesetIM
-			return true
-		case a.Address, a.Article, a.Aside, a.Blockquote, a.Center, a.Details, a.Dir, a.Div, a.Dl, a.Fieldset, a.Figcaption, a.Figure, a.Footer, a.Header, a.Hgroup, a.Menu, a.Nav, a.Ol, a.P, a.Section, a.Summary, a.Ul:
-			p.popUntil(buttonScope, a.P)
-			p.addElement()
-		case a.H1, a.H2, a.H3, a.H4, a.H5, a.H6:
-			p.popUntil(buttonScope, a.P)
-			switch n := p.top(); n.DataAtom {
-			case a.H1, a.H2, a.H3, a.H4, a.H5, a.H6:
-				p.oe.pop()
-			}
-			p.addElement()
-		case a.Pre, a.Listing:
-			p.popUntil(buttonScope, a.P)
-			p.addElement()
-			// The newline, if any, will be dealt with by the TextToken case.
-			p.framesetOK = false
-		case a.Form:
-			if p.form == nil {
-				p.popUntil(buttonScope, a.P)
-				p.addElement()
-				p.form = p.top()
-			}
-		case a.Li:
-			p.framesetOK = false
-			for i := len(p.oe) - 1; i >= 0; i-- {
-				node := p.oe[i]
-				switch node.DataAtom {
-				case a.Li:
-					p.oe = p.oe[:i]
-				case a.Address, a.Div, a.P:
-					continue
-				default:
-					if !isSpecialElement(node) {
-						continue
-					}
-				}
-				break
-			}
-			p.popUntil(buttonScope, a.P)
-			p.addElement()
-		case a.Dd, a.Dt:
-			p.framesetOK = false
-			for i := len(p.oe) - 1; i >= 0; i-- {
-				node := p.oe[i]
-				switch node.DataAtom {
-				case a.Dd, a.Dt:
-					p.oe = p.oe[:i]
-				case a.Address, a.Div, a.P:
-					continue
-				default:
-					if !isSpecialElement(node) {
-						continue
-					}
-				}
-				break
-			}
-			p.popUntil(buttonScope, a.P)
-			p.addElement()
-		case a.Plaintext:
-			p.popUntil(buttonScope, a.P)
-			p.addElement()
-		case a.Button:
-			p.popUntil(defaultScope, a.Button)
-			p.reconstructActiveFormattingElements()
-			p.addElement()
-			p.framesetOK = false
-		case a.A:
-			for i := len(p.afe) - 1; i >= 0 && p.afe[i].Type != scopeMarkerNode; i-- {
-				if n := p.afe[i]; n.Type == ElementNode && n.DataAtom == a.A {
-					p.inBodyEndTagFormatting(a.A)
-					p.oe.remove(n)
-					p.afe.remove(n)
-					break
-				}
-			}
-			p.reconstructActiveFormattingElements()
-			p.addFormattingElement()
-		case a.B, a.Big, a.Code, a.Em, a.Font, a.I, a.S, a.Small, a.Strike, a.Strong, a.Tt, a.U:
-			p.reconstructActiveFormattingElements()
-			p.addFormattingElement()
-		case a.Nobr:
-			p.reconstructActiveFormattingElements()
-			if p.elementInScope(defaultScope, a.Nobr) {
-				p.inBodyEndTagFormatting(a.Nobr)
-				p.reconstructActiveFormattingElements()
-			}
-			p.addFormattingElement()
-		case a.Applet, a.Marquee, a.Object:
-			p.reconstructActiveFormattingElements()
-			p.addElement()
-			p.afe = append(p.afe, &scopeMarker)
-			p.framesetOK = false
-		case a.Table:
-			if !p.quirks {
-				p.popUntil(buttonScope, a.P)
-			}
-			p.addElement()
-			p.framesetOK = false
-			p.im = inTableIM
-			return true
-		case a.Area, a.Br, a.Embed, a.Img, a.Input, a.Keygen, a.Wbr:
-			p.reconstructActiveFormattingElements()
-			p.addElement()
-			p.oe.pop()
-			p.acknowledgeSelfClosingTag()
-			if p.tok.DataAtom == a.Input {
-				for _, t := range p.tok.Attr {
-					if t.Key == "type" {
-						if strings.ToLower(t.Val) == "hidden" {
-							// Skip setting framesetOK = false
-							return true
-						}
-					}
-				}
-			}
-			p.framesetOK = false
-		case a.Param, a.Source, a.Track:
-			p.addElement()
-			p.oe.pop()
-			p.acknowledgeSelfClosingTag()
-		case a.Hr:
-			p.popUntil(buttonScope, a.P)
-			p.addElement()
-			p.oe.pop()
-			p.acknowledgeSelfClosingTag()
-			p.framesetOK = false
-		case a.Image:
-			p.tok.DataAtom = a.Img
-			p.tok.Data = a.Img.String()
-			return false
-		case a.Isindex:
-			if p.form != nil {
-				// Ignore the token.
-				return true
-			}
-			action := ""
-			prompt := "This is a searchable index. Enter search keywords: "
-			attr := []Attribute{{Key: "name", Val: "isindex"}}
-			for _, t := range p.tok.Attr {
-				switch t.Key {
-				case "action":
-					action = t.Val
-				case "name":
-					// Ignore the attribute.
-				case "prompt":
-					prompt = t.Val
-				default:
-					attr = append(attr, t)
-				}
-			}
-			p.acknowledgeSelfClosingTag()
-			p.popUntil(buttonScope, a.P)
-			p.parseImpliedToken(StartTagToken, a.Form, a.Form.String())
-			if action != "" {
-				p.form.Attr = []Attribute{{Key: "action", Val: action}}
-			}
-			p.parseImpliedToken(StartTagToken, a.Hr, a.Hr.String())
-			p.parseImpliedToken(StartTagToken, a.Label, a.Label.String())
-			p.addText(prompt)
-			p.addChild(&Node{
-				Type:     ElementNode,
-				DataAtom: a.Input,
-				Data:     a.Input.String(),
-				Attr:     attr,
-			})
-			p.oe.pop()
-			p.parseImpliedToken(EndTagToken, a.Label, a.Label.String())
-			p.parseImpliedToken(StartTagToken, a.Hr, a.Hr.String())
-			p.parseImpliedToken(EndTagToken, a.Form, a.Form.String())
-		case a.Textarea:
-			p.addElement()
-			p.setOriginalIM()
-			p.framesetOK = false
-			p.im = textIM
-		case a.Xmp:
-			p.popUntil(buttonScope, a.P)
-			p.reconstructActiveFormattingElements()
-			p.framesetOK = false
-			p.addElement()
-			p.setOriginalIM()
-			p.im = textIM
-		case a.Iframe:
-			p.framesetOK = false
-			p.addElement()
-			p.setOriginalIM()
-			p.im = textIM
-		case a.Noembed, a.Noscript:
-			p.addElement()
-			p.setOriginalIM()
-			p.im = textIM
-		case a.Select:
-			p.reconstructActiveFormattingElements()
-			p.addElement()
-			p.framesetOK = false
-			p.im = inSelectIM
-			return true
-		case a.Optgroup, a.Option:
-			if p.top().DataAtom == a.Option {
-				p.oe.pop()
-			}
-			p.reconstructActiveFormattingElements()
-			p.addElement()
-		case a.Rp, a.Rt:
-			if p.elementInScope(defaultScope, a.Ruby) {
-				p.generateImpliedEndTags()
-			}
-			p.addElement()
-		case a.Math, a.Svg:
-			p.reconstructActiveFormattingElements()
-			if p.tok.DataAtom == a.Math {
-				adjustAttributeNames(p.tok.Attr, mathMLAttributeAdjustments)
-			} else {
-				adjustAttributeNames(p.tok.Attr, svgAttributeAdjustments)
-			}
-			adjustForeignAttributes(p.tok.Attr)
-			p.addElement()
-			p.top().Namespace = p.tok.Data
-			if p.hasSelfClosingToken {
-				p.oe.pop()
-				p.acknowledgeSelfClosingTag()
-			}
-			return true
-		case a.Caption, a.Col, a.Colgroup, a.Frame, a.Head, a.Tbody, a.Td, a.Tfoot, a.Th, a.Thead, a.Tr:
-			// Ignore the token.
-		default:
-			p.reconstructActiveFormattingElements()
-			p.addElement()
-		}
-	case EndTagToken:
-		switch p.tok.DataAtom {
-		case a.Body:
-			if p.elementInScope(defaultScope, a.Body) {
-				p.im = afterBodyIM
-			}
-		case a.Html:
-			if p.elementInScope(defaultScope, a.Body) {
-				p.parseImpliedToken(EndTagToken, a.Body, a.Body.String())
-				return false
-			}
-			return true
-		case a.Address, a.Article, a.Aside, a.Blockquote, a.Button, a.Center, a.Details, a.Dir, a.Div, a.Dl, a.Fieldset, a.Figcaption, a.Figure, a.Footer, a.Header, a.Hgroup, a.Listing, a.Menu, a.Nav, a.Ol, a.Pre, a.Section, a.Summary, a.Ul:
-			p.popUntil(defaultScope, p.tok.DataAtom)
-		case a.Form:
-			node := p.form
-			p.form = nil
-			i := p.indexOfElementInScope(defaultScope, a.Form)
-			if node == nil || i == -1 || p.oe[i] != node {
-				// Ignore the token.
-				return true
-			}
-			p.generateImpliedEndTags()
-			p.oe.remove(node)
-		case a.P:
-			if !p.elementInScope(buttonScope, a.P) {
-				p.parseImpliedToken(StartTagToken, a.P, a.P.String())
-			}
-			p.popUntil(buttonScope, a.P)
-		case a.Li:
-			p.popUntil(listItemScope, a.Li)
-		case a.Dd, a.Dt:
-			p.popUntil(defaultScope, p.tok.DataAtom)
-		case a.H1, a.H2, a.H3, a.H4, a.H5, a.H6:
-			p.popUntil(defaultScope, a.H1, a.H2, a.H3, a.H4, a.H5, a.H6)
-		case a.A, a.B, a.Big, a.Code, a.Em, a.Font, a.I, a.Nobr, a.S, a.Small, a.Strike, a.Strong, a.Tt, a.U:
-			p.inBodyEndTagFormatting(p.tok.DataAtom)
-		case a.Applet, a.Marquee, a.Object:
-			if p.popUntil(defaultScope, p.tok.DataAtom) {
-				p.clearActiveFormattingElements()
-			}
-		case a.Br:
-			p.tok.Type = StartTagToken
-			return false
-		default:
-			p.inBodyEndTagOther(p.tok.DataAtom)
-		}
-	case CommentToken:
-		p.addChild(&Node{
-			Type: CommentNode,
-			Data: p.tok.Data,
-		})
-	}
-
-	return true
-}
-
-func (p *parser) inBodyEndTagFormatting(tagAtom a.Atom) {
-	// This is the "adoption agency" algorithm, described at
-	// https://html.spec.whatwg.org/multipage/syntax.html#adoptionAgency
-
-	// TODO: this is a fairly literal line-by-line translation of that algorithm.
-	// Once the code successfully parses the comprehensive test suite, we should
-	// refactor this code to be more idiomatic.
-
-	// Steps 1-4. The outer loop.
-	for i := 0; i < 8; i++ {
-		// Step 5. Find the formatting element.
-		var formattingElement *Node
-		for j := len(p.afe) - 1; j >= 0; j-- {
-			if p.afe[j].Type == scopeMarkerNode {
-				break
-			}
-			if p.afe[j].DataAtom == tagAtom {
-				formattingElement = p.afe[j]
-				break
-			}
-		}
-		if formattingElement == nil {
-			p.inBodyEndTagOther(tagAtom)
-			return
-		}
-		feIndex := p.oe.index(formattingElement)
-		if feIndex == -1 {
-			p.afe.remove(formattingElement)
-			return
-		}
-		if !p.elementInScope(defaultScope, tagAtom) {
-			// Ignore the tag.
-			return
-		}
-
-		// Steps 9-10. Find the furthest block.
-		var furthestBlock *Node
-		for _, e := range p.oe[feIndex:] {
-			if isSpecialElement(e) {
-				furthestBlock = e
-				break
-			}
-		}
-		if furthestBlock == nil {
-			e := p.oe.pop()
-			for e != formattingElement {
-				e = p.oe.pop()
-			}
-			p.afe.remove(e)
-			return
-		}
-
-		// Steps 11-12. Find the common ancestor and bookmark node.
-		commonAncestor := p.oe[feIndex-1]
-		bookmark := p.afe.index(formattingElement)
-
-		// Step 13. The inner loop. Find the lastNode to reparent.
-		lastNode := furthestBlock
-		node := furthestBlock
-		x := p.oe.index(node)
-		// Steps 13.1-13.2
-		for j := 0; j < 3; j++ {
-			// Step 13.3.
-			x--
-			node = p.oe[x]
-			// Step 13.4 - 13.5.
-			if p.afe.index(node) == -1 {
-				p.oe.remove(node)
-				continue
-			}
-			// Step 13.6.
-			if node == formattingElement {
-				break
-			}
-			// Step 13.7.
-			clone := node.clone()
-			p.afe[p.afe.index(node)] = clone
-			p.oe[p.oe.index(node)] = clone
-			node = clone
-			// Step 13.8.
-			if lastNode == furthestBlock {
-				bookmark = p.afe.index(node) + 1
-			}
-			// Step 13.9.
-			if lastNode.Parent != nil {
-				lastNode.Parent.RemoveChild(lastNode)
-			}
-			node.AppendChild(lastNode)
-			// Step 13.10.
-			lastNode = node
-		}
-
-		// Step 14. Reparent lastNode to the common ancestor,
-		// or for misnested table nodes, to the foster parent.
-		if lastNode.Parent != nil {
-			lastNode.Parent.RemoveChild(lastNode)
-		}
-		switch commonAncestor.DataAtom {
-		case a.Table, a.Tbody, a.Tfoot, a.Thead, a.Tr:
-			p.fosterParent(lastNode)
-		default:
-			commonAncestor.AppendChild(lastNode)
-		}
-
-		// Steps 15-17. Reparent nodes from the furthest block's children
-		// to a clone of the formatting element.
-		clone := formattingElement.clone()
-		reparentChildren(clone, furthestBlock)
-		furthestBlock.AppendChild(clone)
-
-		// Step 18. Fix up the list of active formatting elements.
-		if oldLoc := p.afe.index(formattingElement); oldLoc != -1 && oldLoc < bookmark {
-			// Move the bookmark with the rest of the list.
-			bookmark--
-		}
-		p.afe.remove(formattingElement)
-		p.afe.insert(bookmark, clone)
-
-		// Step 19. Fix up the stack of open elements.
-		p.oe.remove(formattingElement)
-		p.oe.insert(p.oe.index(furthestBlock)+1, clone)
-	}
-}
-
-// inBodyEndTagOther performs the "any other end tag" algorithm for inBodyIM.
-// "Any other end tag" handling from 12.2.5.5 The rules for parsing tokens in foreign content
-// https://html.spec.whatwg.org/multipage/syntax.html#parsing-main-inforeign
-func (p *parser) inBodyEndTagOther(tagAtom a.Atom) {
-	for i := len(p.oe) - 1; i >= 0; i-- {
-		if p.oe[i].DataAtom == tagAtom {
-			p.oe = p.oe[:i]
-			break
-		}
-		if isSpecialElement(p.oe[i]) {
-			break
-		}
-	}
-}
-
-// Section 12.2.5.4.8.
-func textIM(p *parser) bool {
-	switch p.tok.Type {
-	case ErrorToken:
-		p.oe.pop()
-	case TextToken:
-		d := p.tok.Data
-		if n := p.oe.top(); n.DataAtom == a.Textarea && n.FirstChild == nil {
-			// Ignore a newline at the start of a -->
-#errors
-#document
-| 
-|   
-|   
-|     -->
-#errors
-#document
-| 
-|   
-|   
-|     
-#errors
-Line: 1 Col: 10 Unexpected start tag (textarea). Expected DOCTYPE.
-#document
-| 
-|   
-|   
-|     
-#errors
-Line: 1 Col: 9 Unexpected end tag (strong). Expected DOCTYPE.
-Line: 1 Col: 9 Unexpected end tag (strong) after the (implied) root element.
-Line: 1 Col: 13 Unexpected end tag (b) after the (implied) root element.
-Line: 1 Col: 18 Unexpected end tag (em) after the (implied) root element.
-Line: 1 Col: 22 Unexpected end tag (i) after the (implied) root element.
-Line: 1 Col: 26 Unexpected end tag (u) after the (implied) root element.
-Line: 1 Col: 35 Unexpected end tag (strike) after the (implied) root element.
-Line: 1 Col: 39 Unexpected end tag (s) after the (implied) root element.
-Line: 1 Col: 47 Unexpected end tag (blink) after the (implied) root element.
-Line: 1 Col: 52 Unexpected end tag (tt) after the (implied) root element.
-Line: 1 Col: 58 Unexpected end tag (pre) after the (implied) root element.
-Line: 1 Col: 64 Unexpected end tag (big) after the (implied) root element.
-Line: 1 Col: 72 Unexpected end tag (small) after the (implied) root element.
-Line: 1 Col: 79 Unexpected end tag (font) after the (implied) root element.
-Line: 1 Col: 88 Unexpected end tag (select) after the (implied) root element.
-Line: 1 Col: 93 Unexpected end tag (h1) after the (implied) root element.
-Line: 1 Col: 98 Unexpected end tag (h2) after the (implied) root element.
-Line: 1 Col: 103 Unexpected end tag (h3) after the (implied) root element.
-Line: 1 Col: 108 Unexpected end tag (h4) after the (implied) root element.
-Line: 1 Col: 113 Unexpected end tag (h5) after the (implied) root element.
-Line: 1 Col: 118 Unexpected end tag (h6) after the (implied) root element.
-Line: 1 Col: 125 Unexpected end tag (body) after the (implied) root element.
-Line: 1 Col: 130 Unexpected end tag (br). Treated as br element.
-Line: 1 Col: 134 End tag (a) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 140 This element (img) has no end tag.
-Line: 1 Col: 148 Unexpected end tag (title). Ignored.
-Line: 1 Col: 155 Unexpected end tag (span). Ignored.
-Line: 1 Col: 163 Unexpected end tag (style). Ignored.
-Line: 1 Col: 172 Unexpected end tag (script). Ignored.
-Line: 1 Col: 180 Unexpected end tag (table). Ignored.
-Line: 1 Col: 185 Unexpected end tag (th). Ignored.
-Line: 1 Col: 190 Unexpected end tag (td). Ignored.
-Line: 1 Col: 195 Unexpected end tag (tr). Ignored.
-Line: 1 Col: 203 This element (frame) has no end tag.
-Line: 1 Col: 210 This element (area) has no end tag.
-Line: 1 Col: 217 Unexpected end tag (link). Ignored.
-Line: 1 Col: 225 This element (param) has no end tag.
-Line: 1 Col: 230 This element (hr) has no end tag.
-Line: 1 Col: 238 This element (input) has no end tag.
-Line: 1 Col: 244 Unexpected end tag (col). Ignored.
-Line: 1 Col: 251 Unexpected end tag (base). Ignored.
-Line: 1 Col: 258 Unexpected end tag (meta). Ignored.
-Line: 1 Col: 269 This element (basefont) has no end tag.
-Line: 1 Col: 279 This element (bgsound) has no end tag.
-Line: 1 Col: 287 This element (embed) has no end tag.
-Line: 1 Col: 296 This element (spacer) has no end tag.
-Line: 1 Col: 300 Unexpected end tag (p). Ignored.
-Line: 1 Col: 305 End tag (dd) seen too early. Expected other end tag.
-Line: 1 Col: 310 End tag (dt) seen too early. Expected other end tag.
-Line: 1 Col: 320 Unexpected end tag (caption). Ignored.
-Line: 1 Col: 331 Unexpected end tag (colgroup). Ignored.
-Line: 1 Col: 339 Unexpected end tag (tbody). Ignored.
-Line: 1 Col: 347 Unexpected end tag (tfoot). Ignored.
-Line: 1 Col: 355 Unexpected end tag (thead). Ignored.
-Line: 1 Col: 365 End tag (address) seen too early. Expected other end tag.
-Line: 1 Col: 378 End tag (blockquote) seen too early. Expected other end tag.
-Line: 1 Col: 387 End tag (center) seen too early. Expected other end tag.
-Line: 1 Col: 393 Unexpected end tag (dir). Ignored.
-Line: 1 Col: 399 End tag (div) seen too early. Expected other end tag.
-Line: 1 Col: 404 End tag (dl) seen too early. Expected other end tag.
-Line: 1 Col: 415 End tag (fieldset) seen too early. Expected other end tag.
-Line: 1 Col: 425 End tag (listing) seen too early. Expected other end tag.
-Line: 1 Col: 432 End tag (menu) seen too early. Expected other end tag.
-Line: 1 Col: 437 End tag (ol) seen too early. Expected other end tag.
-Line: 1 Col: 442 End tag (ul) seen too early. Expected other end tag.
-Line: 1 Col: 447 End tag (li) seen too early. Expected other end tag.
-Line: 1 Col: 454 End tag (nobr) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 460 This element (wbr) has no end tag.
-Line: 1 Col: 476 End tag (button) seen too early. Expected other end tag.
-Line: 1 Col: 486 End tag (marquee) seen too early. Expected other end tag.
-Line: 1 Col: 495 End tag (object) seen too early. Expected other end tag.
-Line: 1 Col: 513 Unexpected end tag (html). Ignored.
-Line: 1 Col: 513 Unexpected end tag (frameset). Ignored.
-Line: 1 Col: 520 Unexpected end tag (head). Ignored.
-Line: 1 Col: 529 Unexpected end tag (iframe). Ignored.
-Line: 1 Col: 537 This element (image) has no end tag.
-Line: 1 Col: 547 This element (isindex) has no end tag.
-Line: 1 Col: 557 Unexpected end tag (noembed). Ignored.
-Line: 1 Col: 568 Unexpected end tag (noframes). Ignored.
-Line: 1 Col: 579 Unexpected end tag (noscript). Ignored.
-Line: 1 Col: 590 Unexpected end tag (optgroup). Ignored.
-Line: 1 Col: 599 Unexpected end tag (option). Ignored.
-Line: 1 Col: 611 Unexpected end tag (plaintext). Ignored.
-Line: 1 Col: 622 Unexpected end tag (textarea). Ignored.
-#document
-| 
-|   
-|   
-|     

-|     

-
-#data
-

-#errors
-Line: 1 Col: 7 Unexpected start tag (table). Expected DOCTYPE.
-Line: 1 Col: 20 Unexpected end tag (strong) in table context caused voodoo mode.
-Line: 1 Col: 20 End tag (strong) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 24 Unexpected end tag (b) in table context caused voodoo mode.
-Line: 1 Col: 24 End tag (b) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 29 Unexpected end tag (em) in table context caused voodoo mode.
-Line: 1 Col: 29 End tag (em) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 33 Unexpected end tag (i) in table context caused voodoo mode.
-Line: 1 Col: 33 End tag (i) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 37 Unexpected end tag (u) in table context caused voodoo mode.
-Line: 1 Col: 37 End tag (u) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 46 Unexpected end tag (strike) in table context caused voodoo mode.
-Line: 1 Col: 46 End tag (strike) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 50 Unexpected end tag (s) in table context caused voodoo mode.
-Line: 1 Col: 50 End tag (s) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 58 Unexpected end tag (blink) in table context caused voodoo mode.
-Line: 1 Col: 58 Unexpected end tag (blink). Ignored.
-Line: 1 Col: 63 Unexpected end tag (tt) in table context caused voodoo mode.
-Line: 1 Col: 63 End tag (tt) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 69 Unexpected end tag (pre) in table context caused voodoo mode.
-Line: 1 Col: 69 End tag (pre) seen too early. Expected other end tag.
-Line: 1 Col: 75 Unexpected end tag (big) in table context caused voodoo mode.
-Line: 1 Col: 75 End tag (big) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 83 Unexpected end tag (small) in table context caused voodoo mode.
-Line: 1 Col: 83 End tag (small) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 90 Unexpected end tag (font) in table context caused voodoo mode.
-Line: 1 Col: 90 End tag (font) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 99 Unexpected end tag (select) in table context caused voodoo mode.
-Line: 1 Col: 99 Unexpected end tag (select). Ignored.
-Line: 1 Col: 104 Unexpected end tag (h1) in table context caused voodoo mode.
-Line: 1 Col: 104 End tag (h1) seen too early. Expected other end tag.
-Line: 1 Col: 109 Unexpected end tag (h2) in table context caused voodoo mode.
-Line: 1 Col: 109 End tag (h2) seen too early. Expected other end tag.
-Line: 1 Col: 114 Unexpected end tag (h3) in table context caused voodoo mode.
-Line: 1 Col: 114 End tag (h3) seen too early. Expected other end tag.
-Line: 1 Col: 119 Unexpected end tag (h4) in table context caused voodoo mode.
-Line: 1 Col: 119 End tag (h4) seen too early. Expected other end tag.
-Line: 1 Col: 124 Unexpected end tag (h5) in table context caused voodoo mode.
-Line: 1 Col: 124 End tag (h5) seen too early. Expected other end tag.
-Line: 1 Col: 129 Unexpected end tag (h6) in table context caused voodoo mode.
-Line: 1 Col: 129 End tag (h6) seen too early. Expected other end tag.
-Line: 1 Col: 136 Unexpected end tag (body) in the table row phase. Ignored.
-Line: 1 Col: 141 Unexpected end tag (br) in table context caused voodoo mode.
-Line: 1 Col: 141 Unexpected end tag (br). Treated as br element.
-Line: 1 Col: 145 Unexpected end tag (a) in table context caused voodoo mode.
-Line: 1 Col: 145 End tag (a) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 151 Unexpected end tag (img) in table context caused voodoo mode.
-Line: 1 Col: 151 This element (img) has no end tag.
-Line: 1 Col: 159 Unexpected end tag (title) in table context caused voodoo mode.
-Line: 1 Col: 159 Unexpected end tag (title). Ignored.
-Line: 1 Col: 166 Unexpected end tag (span) in table context caused voodoo mode.
-Line: 1 Col: 166 Unexpected end tag (span). Ignored.
-Line: 1 Col: 174 Unexpected end tag (style) in table context caused voodoo mode.
-Line: 1 Col: 174 Unexpected end tag (style). Ignored.
-Line: 1 Col: 183 Unexpected end tag (script) in table context caused voodoo mode.
-Line: 1 Col: 183 Unexpected end tag (script). Ignored.
-Line: 1 Col: 196 Unexpected end tag (th). Ignored.
-Line: 1 Col: 201 Unexpected end tag (td). Ignored.
-Line: 1 Col: 206 Unexpected end tag (tr). Ignored.
-Line: 1 Col: 214 This element (frame) has no end tag.
-Line: 1 Col: 221 This element (area) has no end tag.
-Line: 1 Col: 228 Unexpected end tag (link). Ignored.
-Line: 1 Col: 236 This element (param) has no end tag.
-Line: 1 Col: 241 This element (hr) has no end tag.
-Line: 1 Col: 249 This element (input) has no end tag.
-Line: 1 Col: 255 Unexpected end tag (col). Ignored.
-Line: 1 Col: 262 Unexpected end tag (base). Ignored.
-Line: 1 Col: 269 Unexpected end tag (meta). Ignored.
-Line: 1 Col: 280 This element (basefont) has no end tag.
-Line: 1 Col: 290 This element (bgsound) has no end tag.
-Line: 1 Col: 298 This element (embed) has no end tag.
-Line: 1 Col: 307 This element (spacer) has no end tag.
-Line: 1 Col: 311 Unexpected end tag (p). Ignored.
-Line: 1 Col: 316 End tag (dd) seen too early. Expected other end tag.
-Line: 1 Col: 321 End tag (dt) seen too early. Expected other end tag.
-Line: 1 Col: 331 Unexpected end tag (caption). Ignored.
-Line: 1 Col: 342 Unexpected end tag (colgroup). Ignored.
-Line: 1 Col: 350 Unexpected end tag (tbody). Ignored.
-Line: 1 Col: 358 Unexpected end tag (tfoot). Ignored.
-Line: 1 Col: 366 Unexpected end tag (thead). Ignored.
-Line: 1 Col: 376 End tag (address) seen too early. Expected other end tag.
-Line: 1 Col: 389 End tag (blockquote) seen too early. Expected other end tag.
-Line: 1 Col: 398 End tag (center) seen too early. Expected other end tag.
-Line: 1 Col: 404 Unexpected end tag (dir). Ignored.
-Line: 1 Col: 410 End tag (div) seen too early. Expected other end tag.
-Line: 1 Col: 415 End tag (dl) seen too early. Expected other end tag.
-Line: 1 Col: 426 End tag (fieldset) seen too early. Expected other end tag.
-Line: 1 Col: 436 End tag (listing) seen too early. Expected other end tag.
-Line: 1 Col: 443 End tag (menu) seen too early. Expected other end tag.
-Line: 1 Col: 448 End tag (ol) seen too early. Expected other end tag.
-Line: 1 Col: 453 End tag (ul) seen too early. Expected other end tag.
-Line: 1 Col: 458 End tag (li) seen too early. Expected other end tag.
-Line: 1 Col: 465 End tag (nobr) violates step 1, paragraph 1 of the adoption agency algorithm.
-Line: 1 Col: 471 This element (wbr) has no end tag.
-Line: 1 Col: 487 End tag (button) seen too early. Expected other end tag.
-Line: 1 Col: 497 End tag (marquee) seen too early. Expected other end tag.
-Line: 1 Col: 506 End tag (object) seen too early. Expected other end tag.
-Line: 1 Col: 524 Unexpected end tag (html). Ignored.
-Line: 1 Col: 524 Unexpected end tag (frameset). Ignored.
-Line: 1 Col: 531 Unexpected end tag (head). Ignored.
-Line: 1 Col: 540 Unexpected end tag (iframe). Ignored.
-Line: 1 Col: 548 This element (image) has no end tag.
-Line: 1 Col: 558 This element (isindex) has no end tag.
-Line: 1 Col: 568 Unexpected end tag (noembed). Ignored.
-Line: 1 Col: 579 Unexpected end tag (noframes). Ignored.
-Line: 1 Col: 590 Unexpected end tag (noscript). Ignored.
-Line: 1 Col: 601 Unexpected end tag (optgroup). Ignored.
-Line: 1 Col: 610 Unexpected end tag (option). Ignored.
-Line: 1 Col: 622 Unexpected end tag (plaintext). Ignored.
-Line: 1 Col: 633 Unexpected end tag (textarea). Ignored.
-#document
-| 
-|   
-|   
-|     

-|     
-|       
-|         
-|     

-
-#data
-
-#errors
-Line: 1 Col: 10 Unexpected start tag (frameset). Expected DOCTYPE.
-Line: 1 Col: 10 Expected closing tag. Unexpected end of file.
-#document
-| 
-|   
-|   
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests10.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests10.dat
deleted file mode 100644
index 4f8df86f..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests10.dat
+++ /dev/null
@@ -1,799 +0,0 @@
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-
-#data
-a
-#errors
-29: Bogus comment
-#document
-| 
-| 
-|   
-|   
-|     
-|     
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-
-#data
-
-#errors
-35: Stray “svg” start tag.
-42: Stray end tag “svg”
-#document
-| 
-| 
-|   
-|   
-|     
-#errors
-43: Stray “svg” start tag.
-50: Stray end tag “svg”
-#document
-| 
-| 
-|   
-|   
-|     

-#errors
-34: Start tag “svg” seen in “table”.
-41: Stray end tag “svg”.
-#document
-| 
-| 
-|   
-|   
-|     
-|     
-
-#data
-
foo

-#errors
-34: Start tag “svg” seen in “table”.
-46: Stray end tag “g”.
-53: Stray end tag “svg”.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|     
-
-#data
-
foobar

-#errors
-34: Start tag “svg” seen in “table”.
-46: Stray end tag “g”.
-58: Stray end tag “g”.
-65: Stray end tag “svg”.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|       
-|         "bar"
-|     
-
-#data
-
foobar

-#errors
-41: Start tag “svg” seen in “table”.
-53: Stray end tag “g”.
-65: Stray end tag “g”.
-72: Stray end tag “svg”.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|       
-|         "bar"
-|     
-|       
-
-#data
-
foobar

-#errors
-45: Start tag “svg” seen in “table”.
-57: Stray end tag “g”.
-69: Stray end tag “g”.
-76: Stray end tag “svg”.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|       
-|         "bar"
-|     
-|       
-|         
-
-#data
-
foobar

-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         
-|           

-|             
-|               
-|                 "foo"
-|               
-|                 "bar"
-
-#data
-
foobar
baz

-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         
-|           

-|             
-|               
-|                 "foo"
-|               
-|                 "bar"
-|             

-|               "baz"
-
-#data
-
foobar
baz

-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       

-|         
-|           
-|             "foo"
-|           
-|             "bar"
-|         

-|           "baz"
-
-#data
-
foobar
baz
quux
-#errors
-70: HTML start tag “p” in a foreign namespace context.
-81: “table” closed but “caption” was still open.
-#document
-| 
-| 
-|   
-|   
-|     
-|       

-|         
-|           
-|             "foo"
-|           
-|             "bar"
-|         

-|           "baz"
-|     

-|       "quux"
-
-#data
-
foobarbaz
quux
-#errors
-78: “table” closed but “caption” was still open.
-78: Unclosed elements on stack.
-#document
-| 
-| 
-|   
-|   
-|     
-|       

-|         
-|           
-|             "foo"
-|           
-|             "bar"
-|           "baz"
-|     

-|       "quux"
-
-#data
-foobar
baz
quux
-#errors
-44: Start tag “svg” seen in “table”.
-56: Stray end tag “g”.
-68: Stray end tag “g”.
-71: HTML start tag “p” in a foreign namespace context.
-71: Start tag “p” seen in “table”.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|       
-|         "bar"
-|     

-|       "baz"
-|     
-|       -|     

-|       "quux"
-
-#data
-


quux
-#errors
-50: Stray “svg” start tag.
-54: Stray “g” start tag.
-62: Stray end tag “g”
-66: Stray “g” start tag.
-74: Stray end tag “g”
-77: Stray “p” start tag.
-88: “table” end tag with “select” open.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         
-|           

-|             
quux
-#errors
-36: Start tag “select” seen in “table”.
-42: Stray “svg” start tag.
-46: Stray “g” start tag.
-54: Stray end tag “g”
-58: Stray “g” start tag.
-66: Stray end tag “g”
-69: Stray “p” start tag.
-80: “table” end tag with “select” open.
-#document
-| 
-| 
-|   
-|   
-|     
-|     

-|       "quux"
-
-#data
-foobar
baz
-#errors
-41: Stray “svg” start tag.
-68: HTML start tag “p” in a foreign namespace context.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|       
-|         "bar"
-|     

-|       "baz"
-
-#data
-foobar
baz
-#errors
-34: Stray “svg” start tag.
-61: HTML start tag “p” in a foreign namespace context.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         "foo"
-|       
-|         "bar"
-|     

-|       "baz"
-
-#data
-

-#errors
-31: Stray “svg” start tag.
-35: Stray “g” start tag.
-40: Stray end tag “g”
-44: Stray “g” start tag.
-49: Stray end tag “g”
-52: Stray “p” start tag.
-58: Stray “span” start tag.
-58: End of file seen and there were open elements.
-#document
-| 
-| 
-|   
-|   
-
-#data
-

-#errors
-42: Stray “svg” start tag.
-46: Stray “g” start tag.
-51: Stray end tag “g”
-55: Stray “g” start tag.
-60: Stray end tag “g”
-63: Stray “p” start tag.
-69: Stray “span” start tag.
-#document
-| 
-| 
-|   
-|   
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     xlink:href="foo"
-|     
-|       xlink href="foo"
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     xlink:href="foo"
-|     xml:lang="en"
-|     
-|       
-|         xlink href="foo"
-|         xml lang="en"
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     xlink:href="foo"
-|     xml:lang="en"
-|     
-|       
-|         xlink href="foo"
-|         xml lang="en"
-
-#data
-bar
-#errors
-#document
-| 
-| 
-|   
-|   
-|     xlink:href="foo"
-|     xml:lang="en"
-|     
-|       
-|         xlink href="foo"
-|         xml lang="en"
-|       "bar"
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-
-#data
-
a
-#errors
-#document
-| 
-|   
-|   
-|     

-|       
-|     "a"
-
-#data
-
a
-#errors
-#document
-| 
-|   
-|   
-|     

-|       
-|         
-|     "a"
-
-#data
-

-#errors
-#document
-| 
-|   
-|   
-|     

-|       
-|         
-|       
-
-#data
-
a
-#errors
-#document
-| 
-|   
-|   
-|     

-|       
-|         
-|           
-|             
-|               "a"
-
-#data
-
a
-#errors
-#document
-| 
-|   
-|   
-|     

-|       
-|         
-|           
-|             

-|               "a"
-
-#data
-
    a
-#errors
-40: HTML start tag “ul” in a foreign namespace context.
-41: End of file in a foreign namespace context.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         
    
-|           
-|           
      
-|             "a"
-
-#data
-
        a
-#errors
-35: HTML start tag “ul” in a foreign namespace context.
-36: End of file in a foreign namespace context.
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|         
-|         
          
-|           "a"
-
-#data
-
          
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
          
-|       
-|         
-|           
          
-
-#data
-
          
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
          
-|       
-|         
-|           
          
-
-#data
-
          
-#errors
-#document
-| 
-|   
-|   
-|     
          
-|       
-|         
-|           
-|             
          
-|             
          
-
-#data
-
          
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
          
-|           
-|             
          
-|               
-|       
-
-#data
-
          
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-|           
-|             
          
-|               
          
-|       
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|       
-
-#data
-

-#errors
-#document
-| 
-|   
-|   
-|     
-|     

-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-|       
-
-#data
-

-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-|           
-|             

-|               
-|                 
-|               
-|           
-|       
-
-#data
-
-#errors
-#document
-| 
-|   
-|   
-|     
-|       
-|         
-|           
-|             
-|               
-|                 
-|               
-|             
-|           
-|       
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests11.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests11.dat
deleted file mode 100644
index 638cde47..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests11.dat
+++ /dev/null
@@ -1,482 +0,0 @@
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       attributeName=""
-|       attributeType=""
-|       baseFrequency=""
-|       baseProfile=""
-|       calcMode=""
-|       clipPathUnits=""
-|       contentScriptType=""
-|       contentStyleType=""
-|       diffuseConstant=""
-|       edgeMode=""
-|       externalResourcesRequired=""
-|       filterRes=""
-|       filterUnits=""
-|       glyphRef=""
-|       gradientTransform=""
-|       gradientUnits=""
-|       kernelMatrix=""
-|       kernelUnitLength=""
-|       keyPoints=""
-|       keySplines=""
-|       keyTimes=""
-|       lengthAdjust=""
-|       limitingConeAngle=""
-|       markerHeight=""
-|       markerUnits=""
-|       markerWidth=""
-|       maskContentUnits=""
-|       maskUnits=""
-|       numOctaves=""
-|       pathLength=""
-|       patternContentUnits=""
-|       patternTransform=""
-|       patternUnits=""
-|       pointsAtX=""
-|       pointsAtY=""
-|       pointsAtZ=""
-|       preserveAlpha=""
-|       preserveAspectRatio=""
-|       primitiveUnits=""
-|       refX=""
-|       refY=""
-|       repeatCount=""
-|       repeatDur=""
-|       requiredExtensions=""
-|       requiredFeatures=""
-|       specularConstant=""
-|       specularExponent=""
-|       spreadMethod=""
-|       startOffset=""
-|       stdDeviation=""
-|       stitchTiles=""
-|       surfaceScale=""
-|       systemLanguage=""
-|       tableValues=""
-|       targetX=""
-|       targetY=""
-|       textLength=""
-|       viewBox=""
-|       viewTarget=""
-|       xChannelSelector=""
-|       yChannelSelector=""
-|       zoomAndPan=""
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       attributeName=""
-|       attributeType=""
-|       baseFrequency=""
-|       baseProfile=""
-|       calcMode=""
-|       clipPathUnits=""
-|       contentScriptType=""
-|       contentStyleType=""
-|       diffuseConstant=""
-|       edgeMode=""
-|       externalResourcesRequired=""
-|       filterRes=""
-|       filterUnits=""
-|       glyphRef=""
-|       gradientTransform=""
-|       gradientUnits=""
-|       kernelMatrix=""
-|       kernelUnitLength=""
-|       keyPoints=""
-|       keySplines=""
-|       keyTimes=""
-|       lengthAdjust=""
-|       limitingConeAngle=""
-|       markerHeight=""
-|       markerUnits=""
-|       markerWidth=""
-|       maskContentUnits=""
-|       maskUnits=""
-|       numOctaves=""
-|       pathLength=""
-|       patternContentUnits=""
-|       patternTransform=""
-|       patternUnits=""
-|       pointsAtX=""
-|       pointsAtY=""
-|       pointsAtZ=""
-|       preserveAlpha=""
-|       preserveAspectRatio=""
-|       primitiveUnits=""
-|       refX=""
-|       refY=""
-|       repeatCount=""
-|       repeatDur=""
-|       requiredExtensions=""
-|       requiredFeatures=""
-|       specularConstant=""
-|       specularExponent=""
-|       spreadMethod=""
-|       startOffset=""
-|       stdDeviation=""
-|       stitchTiles=""
-|       surfaceScale=""
-|       systemLanguage=""
-|       tableValues=""
-|       targetX=""
-|       targetY=""
-|       textLength=""
-|       viewBox=""
-|       viewTarget=""
-|       xChannelSelector=""
-|       yChannelSelector=""
-|       zoomAndPan=""
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       attributeName=""
-|       attributeType=""
-|       baseFrequency=""
-|       baseProfile=""
-|       calcMode=""
-|       clipPathUnits=""
-|       contentScriptType=""
-|       contentStyleType=""
-|       diffuseConstant=""
-|       edgeMode=""
-|       externalResourcesRequired=""
-|       filterRes=""
-|       filterUnits=""
-|       glyphRef=""
-|       gradientTransform=""
-|       gradientUnits=""
-|       kernelMatrix=""
-|       kernelUnitLength=""
-|       keyPoints=""
-|       keySplines=""
-|       keyTimes=""
-|       lengthAdjust=""
-|       limitingConeAngle=""
-|       markerHeight=""
-|       markerUnits=""
-|       markerWidth=""
-|       maskContentUnits=""
-|       maskUnits=""
-|       numOctaves=""
-|       pathLength=""
-|       patternContentUnits=""
-|       patternTransform=""
-|       patternUnits=""
-|       pointsAtX=""
-|       pointsAtY=""
-|       pointsAtZ=""
-|       preserveAlpha=""
-|       preserveAspectRatio=""
-|       primitiveUnits=""
-|       refX=""
-|       refY=""
-|       repeatCount=""
-|       repeatDur=""
-|       requiredExtensions=""
-|       requiredFeatures=""
-|       specularConstant=""
-|       specularExponent=""
-|       spreadMethod=""
-|       startOffset=""
-|       stdDeviation=""
-|       stitchTiles=""
-|       surfaceScale=""
-|       systemLanguage=""
-|       tableValues=""
-|       targetX=""
-|       targetY=""
-|       textLength=""
-|       viewBox=""
-|       viewTarget=""
-|       xChannelSelector=""
-|       yChannelSelector=""
-|       zoomAndPan=""
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       attributename=""
-|       attributetype=""
-|       basefrequency=""
-|       baseprofile=""
-|       calcmode=""
-|       clippathunits=""
-|       contentscripttype=""
-|       contentstyletype=""
-|       diffuseconstant=""
-|       edgemode=""
-|       externalresourcesrequired=""
-|       filterres=""
-|       filterunits=""
-|       glyphref=""
-|       gradienttransform=""
-|       gradientunits=""
-|       kernelmatrix=""
-|       kernelunitlength=""
-|       keypoints=""
-|       keysplines=""
-|       keytimes=""
-|       lengthadjust=""
-|       limitingconeangle=""
-|       markerheight=""
-|       markerunits=""
-|       markerwidth=""
-|       maskcontentunits=""
-|       maskunits=""
-|       numoctaves=""
-|       pathlength=""
-|       patterncontentunits=""
-|       patterntransform=""
-|       patternunits=""
-|       pointsatx=""
-|       pointsaty=""
-|       pointsatz=""
-|       preservealpha=""
-|       preserveaspectratio=""
-|       primitiveunits=""
-|       refx=""
-|       refy=""
-|       repeatcount=""
-|       repeatdur=""
-|       requiredextensions=""
-|       requiredfeatures=""
-|       specularconstant=""
-|       specularexponent=""
-|       spreadmethod=""
-|       startoffset=""
-|       stddeviation=""
-|       stitchtiles=""
-|       surfacescale=""
-|       systemlanguage=""
-|       tablevalues=""
-|       targetx=""
-|       targety=""
-|       textlength=""
-|       viewbox=""
-|       viewtarget=""
-|       xchannelselector=""
-|       ychannelselector=""
-|       zoomandpan=""
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-|       
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests12.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests12.dat
deleted file mode 100644
index 63107d27..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests12.dat
+++ /dev/null
@@ -1,62 +0,0 @@
-#data
-
foobazeggs
spam
quuxbar
-#errors
-#document
-| 
-| 
-|   
-|   
-|     

-|       "foo"
-|       
-|         
-|           
-|             "baz"
-|         
-|           
-|             
-|               
-|                 "eggs"
-|             
-|               
-|                 

-|                   "spam"
-|                 
-|                   
-|                     
-|                       

-|                         
-|             
-|               "quux"
-|       "bar"
-
-#data
-foobazeggs
spam
quuxbar
-#errors
-#document
-| 
-| 
-|   
-|   
-|     "foo"
-|     
-|       
-|         
-|           "baz"
-|       
-|         
-|           
-|             
-|               "eggs"
-|           
-|             
-|               

-|                 "spam"
-|               
-|                 
-|                   
-|                     

-|                       
-|           
-|             "quux"
-|     "bar"
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests14.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests14.dat
deleted file mode 100644
index b8713f88..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests14.dat
+++ /dev/null
@@ -1,74 +0,0 @@
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|     
-
-#data
-
-#errors
-15: Unexpected start tag html
-#document
-| 
-| 
-|   abc:def="gh"
-|   
-|   
-|     
-
-#data
-
-#errors
-15: Unexpected start tag html
-#document
-| 
-| 
-|   xml:lang="bar"
-|   
-|   
-
-#data
-
-#errors
-#document
-| 
-| 
-|   123="456"
-|   
-|   
-
-#data
-
-#errors
-#document
-| 
-| 
-|   123="456"
-|   789="012"
-|   
-|   
-
-#data
-
-#errors
-#document
-| 
-| 
-|   
-|   
-|     789="012"
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests15.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests15.dat
deleted file mode 100644
index 6ce1c0d1..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests15.dat
+++ /dev/null
@@ -1,208 +0,0 @@
-#data
-
 
X
-#errors
-Line: 1 Col: 31 Unexpected end tag (p). Ignored.
-Line: 1 Col: 36 Expected closing tag. Unexpected end of file.
-#document
-| 
-| 
-|   
-|   
-|     

-|       
-|         
-|           
-|     
-|       
-|         
-|           " "
-|           

-|             "X"
-
-#data
-

-
X
-#errors
-Line: 1 Col: 3 Unexpected start tag (p). Expected DOCTYPE.
-Line: 1 Col: 16 Unexpected end tag (p). Ignored.
-Line: 2 Col: 4 Expected closing tag. Unexpected end of file.
-#document
-| 
-|   
-|   
-|     

-|       
-|         
-|           
-|     
-|       
-|         
-|           "
-"
-|           

-|             "X"
-
-#data
- 
-#errors
-Line: 1 Col: 22 Unexpected end tag (html) after the (implied) root element.
-#document
-| 
-| 
-|   
-|   
-|     " "
-
-#data
-
-#errors
-Line: 1 Col: 22 Unexpected end tag (body) after the (implied) root element.
-#document
-| 
-| 
-|   
-|   
-|     
-
-#data
-
-#errors
-Line: 1 Col: 6 Unexpected start tag (html). Expected DOCTYPE.
-Line: 1 Col: 13 Unexpected end tag (html) after the (implied) root element.
-#document
-| 
-|   
-|   
-| 
-
-#data
-X
-#errors
-Line: 1 Col: 22 Unexpected end tag (body) after the (implied) root element.
-#document
-| 
-| 
-|   
-|   
-|     
-|       "X"
-
-#data
-<!doctype html><table> X<meta></table>
-#errors
-Line: 1 Col: 24 Unexpected non-space characters in table context caused voodoo mode.
-Line: 1 Col: 30 Unexpected start tag (meta) in table context caused voodoo mode.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     " X"
-|     <meta>
-|     <table>
-
-#data
-<!doctype html><table> x</table>
-#errors
-Line: 1 Col: 24 Unexpected non-space characters in table context caused voodoo mode.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     " x"
-|     <table>
-
-#data
-<!doctype html><table> x </table>
-#errors
-Line: 1 Col: 25 Unexpected non-space characters in table context caused voodoo mode.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     " x "
-|     <table>
-
-#data
-<!doctype html><table><tr> x</table>
-#errors
-Line: 1 Col: 28 Unexpected non-space characters in table context caused voodoo mode.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     " x"
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><table>X<style> <tr>x </style> </table>
-#errors
-Line: 1 Col: 23 Unexpected non-space characters in table context caused voodoo mode.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "X"
-|     <table>
-|       <style>
-|         " <tr>x "
-|       " "
-
-#data
-<!doctype html><div><table><a>foo</a> <tr><td>bar</td> </tr></table></div>
-#errors
-Line: 1 Col: 30 Unexpected start tag (a) in table context caused voodoo mode.
-Line: 1 Col: 37 Unexpected end tag (a) in table context caused voodoo mode.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <div>
-|       <a>
-|         "foo"
-|       <table>
-|         " "
-|         <tbody>
-|           <tr>
-|             <td>
-|               "bar"
-|             " "
-
-#data
-<frame></frame></frame><frameset><frame><frameset><frame></frameset><noframes></frameset><noframes>
-#errors
-6: Start tag seen without seeing a doctype first. Expected “<!DOCTYPE html>”.
-13: Stray start tag “frame”.
-21: Stray end tag “frame”.
-29: Stray end tag “frame”.
-39: “frameset” start tag after “body” already open.
-105: End of file seen inside an [R]CDATA element.
-105: End of file seen and there were open elements.
-XXX: These errors are wrong, please fix me!
-#document
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-|     <frameset>
-|       <frame>
-|     <noframes>
-|       "</frameset><noframes>"
-
-#data
-<!DOCTYPE html><object></html>
-#errors
-1: Expected closing tag. Unexpected end of file
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <object>
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests16.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests16.dat
deleted file mode 100644
index c8ef66f0..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests16.dat
+++ /dev/null
@@ -1,2299 +0,0 @@
-#data
-<!doctype html><script>
-#errors
-Line: 1 Col: 23 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|   <body>
-
-#data
-<!doctype html><script>a
-#errors
-Line: 1 Col: 24 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "a"
-|   <body>
-
-#data
-<!doctype html><script><
-#errors
-Line: 1 Col: 24 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<"
-|   <body>
-
-#data
-<!doctype html><script></
-#errors
-Line: 1 Col: 25 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</"
-|   <body>
-
-#data
-<!doctype html><script></S
-#errors
-Line: 1 Col: 26 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</S"
-|   <body>
-
-#data
-<!doctype html><script></SC
-#errors
-Line: 1 Col: 27 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</SC"
-|   <body>
-
-#data
-<!doctype html><script></SCR
-#errors
-Line: 1 Col: 28 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</SCR"
-|   <body>
-
-#data
-<!doctype html><script></SCRI
-#errors
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</SCRI"
-|   <body>
-
-#data
-<!doctype html><script></SCRIP
-#errors
-Line: 1 Col: 30 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</SCRIP"
-|   <body>
-
-#data
-<!doctype html><script></SCRIPT
-#errors
-Line: 1 Col: 31 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</SCRIPT"
-|   <body>
-
-#data
-<!doctype html><script></SCRIPT 
-#errors
-Line: 1 Col: 32 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|   <body>
-
-#data
-<!doctype html><script></s
-#errors
-Line: 1 Col: 26 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</s"
-|   <body>
-
-#data
-<!doctype html><script></sc
-#errors
-Line: 1 Col: 27 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</sc"
-|   <body>
-
-#data
-<!doctype html><script></scr
-#errors
-Line: 1 Col: 28 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</scr"
-|   <body>
-
-#data
-<!doctype html><script></scri
-#errors
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</scri"
-|   <body>
-
-#data
-<!doctype html><script></scrip
-#errors
-Line: 1 Col: 30 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</scrip"
-|   <body>
-
-#data
-<!doctype html><script></script
-#errors
-Line: 1 Col: 31 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "</script"
-|   <body>
-
-#data
-<!doctype html><script></script 
-#errors
-Line: 1 Col: 32 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|   <body>
-
-#data
-<!doctype html><script><!
-#errors
-Line: 1 Col: 25 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!"
-|   <body>
-
-#data
-<!doctype html><script><!a
-#errors
-Line: 1 Col: 26 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!a"
-|   <body>
-
-#data
-<!doctype html><script><!-
-#errors
-Line: 1 Col: 26 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!-"
-|   <body>
-
-#data
-<!doctype html><script><!-a
-#errors
-Line: 1 Col: 27 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!-a"
-|   <body>
-
-#data
-<!doctype html><script><!--
-#errors
-Line: 1 Col: 27 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--"
-|   <body>
-
-#data
-<!doctype html><script><!--a
-#errors
-Line: 1 Col: 28 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--a"
-|   <body>
-
-#data
-<!doctype html><script><!--<
-#errors
-Line: 1 Col: 28 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<"
-|   <body>
-
-#data
-<!doctype html><script><!--<a
-#errors
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<a"
-|   <body>
-
-#data
-<!doctype html><script><!--</
-#errors
-Line: 1 Col: 27 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--</"
-|   <body>
-
-#data
-<!doctype html><script><!--</script
-#errors
-Line: 1 Col: 35 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--</script"
-|   <body>
-
-#data
-<!doctype html><script><!--</script 
-#errors
-Line: 1 Col: 36 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--"
-|   <body>
-
-#data
-<!doctype html><script><!--<s
-#errors
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<s"
-|   <body>
-
-#data
-<!doctype html><script><!--<script
-#errors
-Line: 1 Col: 34 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script"
-|   <body>
-
-#data
-<!doctype html><script><!--<script 
-#errors
-Line: 1 Col: 35 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script "
-|   <body>
-
-#data
-<!doctype html><script><!--<script <
-#errors
-Line: 1 Col: 36 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script <"
-|   <body>
-
-#data
-<!doctype html><script><!--<script <a
-#errors
-Line: 1 Col: 37 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script <a"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </
-#errors
-Line: 1 Col: 37 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </s
-#errors
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </s"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script
-#errors
-Line: 1 Col: 43 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </scripta
-#errors
-Line: 1 Col: 44 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </scripta"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script 
-#errors
-Line: 1 Col: 44 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script>
-#errors
-Line: 1 Col: 44 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script>"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script/
-#errors
-Line: 1 Col: 44 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script/"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script <
-#errors
-Line: 1 Col: 45 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script <"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script <a
-#errors
-Line: 1 Col: 46 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script <a"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script </
-#errors
-Line: 1 Col: 46 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script </"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script </script
-#errors
-Line: 1 Col: 52 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script </script"
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script </script 
-#errors
-Line: 1 Col: 53 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script </script/
-#errors
-Line: 1 Col: 53 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<!doctype html><script><!--<script </script </script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<!doctype html><script><!--<script -
-#errors
-Line: 1 Col: 36 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -"
-|   <body>
-
-#data
-<!doctype html><script><!--<script -a
-#errors
-Line: 1 Col: 37 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -a"
-|   <body>
-
-#data
-<!doctype html><script><!--<script -<
-#errors
-Line: 1 Col: 37 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -<"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --
-#errors
-Line: 1 Col: 37 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --a
-#errors
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --a"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --<
-#errors
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --<"
-|   <body>
-
-#data
-<!doctype html><script><!--<script -->
-#errors
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --><
-#errors
-Line: 1 Col: 39 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --><"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --></
-#errors
-Line: 1 Col: 40 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --></"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --></script
-#errors
-Line: 1 Col: 46 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --></script"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --></script 
-#errors
-Line: 1 Col: 47 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --></script/
-#errors
-Line: 1 Col: 47 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script --></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script><\/script>--></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script><\/script>-->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></scr'+'ipt>--></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></scr'+'ipt>-->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></script><script></script></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></script><script></script>--><!--</script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>--><!--"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></script><script></script>-- ></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>-- >"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></script><script></script>- -></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>- ->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></script><script></script>- - ></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>- - >"
-|   <body>
-
-#data
-<!doctype html><script><!--<script></script><script></script>-></script>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>->"
-|   <body>
-
-#data
-<!doctype html><script><!--<script>--!></script>X
-#errors
-Line: 1 Col: 49 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script>--!></script>X"
-|   <body>
-
-#data
-<!doctype html><script><!--<scr'+'ipt></script>--></script>
-#errors
-Line: 1 Col: 59 Unexpected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<scr'+'ipt>"
-|   <body>
-|     "-->"
-
-#data
-<!doctype html><script><!--<script></scr'+'ipt></script>X
-#errors
-Line: 1 Col: 57 Unexpected end of file. Expected end tag (script).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></scr'+'ipt></script>X"
-|   <body>
-
-#data
-<!doctype html><style><!--<style></style>--></style>
-#errors
-Line: 1 Col: 52 Unexpected end tag (style).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "<!--<style>"
-|   <body>
-|     "-->"
-
-#data
-<!doctype html><style><!--</style>X
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "<!--"
-|   <body>
-|     "X"
-
-#data
-<!doctype html><style><!--...</style>...--></style>
-#errors
-Line: 1 Col: 51 Unexpected end tag (style).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "<!--..."
-|   <body>
-|     "...-->"
-
-#data
-<!doctype html><style><!--<br><html xmlns:v="urn:schemas-microsoft-com:vml"><!--[if !mso]><style></style>X
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "<!--<br><html xmlns:v="urn:schemas-microsoft-com:vml"><!--[if !mso]><style>"
-|   <body>
-|     "X"
-
-#data
-<!doctype html><style><!--...<style><!--...--!></style>--></style>
-#errors
-Line: 1 Col: 66 Unexpected end tag (style).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "<!--...<style><!--...--!>"
-|   <body>
-|     "-->"
-
-#data
-<!doctype html><style><!--...</style><!-- --><style>@import ...</style>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "<!--..."
-|     <!--   -->
-|     <style>
-|       "@import ..."
-|   <body>
-
-#data
-<!doctype html><style>...<style><!--...</style><!-- --></style>
-#errors
-Line: 1 Col: 63 Unexpected end tag (style).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "...<style><!--..."
-|     <!--   -->
-|   <body>
-
-#data
-<!doctype html><style>...<!--[if IE]><style>...</style>X
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <style>
-|       "...<!--[if IE]><style>..."
-|   <body>
-|     "X"
-
-#data
-<!doctype html><title><!--<title>-->
-#errors
-Line: 1 Col: 52 Unexpected end tag (title).
-#document
-| 
-| 
-|   
-|     
-|       "<!--<title>"
-|   <body>
-|     "-->"
-
-#data
-<!doctype html><title></title>
-#errors
-#document
-| 
-| 
-|   
-|     
-|       ""
-|   
-
-#data
-foo/title><link></head><body>X
-#errors
-Line: 1 Col: 52 Unexpected end of file. Expected end tag (title).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <title>
-|       "foo/title><link></head><body>X"
-|   <body>
-
-#data
-<!doctype html><noscript><!--<noscript></noscript>--></noscript>
-#errors
-Line: 1 Col: 64 Unexpected end tag (noscript).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <noscript>
-|       "<!--<noscript>"
-|   <body>
-|     "-->"
-
-#data
-<!doctype html><noscript><!--</noscript>X<noscript>--></noscript>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <noscript>
-|       "<!--"
-|   <body>
-|     "X"
-|     <noscript>
-|       "-->"
-
-#data
-<!doctype html><noscript><iframe></noscript>X
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <noscript>
-|       "<iframe>"
-|   <body>
-|     "X"
-
-#data
-<!doctype html><noframes><!--<noframes></noframes>--></noframes>
-#errors
-Line: 1 Col: 64 Unexpected end tag (noframes).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <noframes>
-|       "<!--<noframes>"
-|   <body>
-|     "-->"
-
-#data
-<!doctype html><noframes><body><script><!--...</script></body></noframes></html>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <noframes>
-|       "<body><script><!--...</script></body>"
-|   <body>
-
-#data
-<!doctype html><textarea><!--<textarea></textarea>--></textarea>
-#errors
-Line: 1 Col: 64 Unexpected end tag (textarea).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "<!--<textarea>"
-|     "-->"
-
-#data
-<!doctype html><textarea></textarea></textarea>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "</textarea>"
-
-#data
-<!doctype html><textarea><</textarea>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "<"
-
-#data
-<!doctype html><textarea>a<b</textarea>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "a<b"
-
-#data
-<!doctype html><iframe><!--<iframe></iframe>--></iframe>
-#errors
-Line: 1 Col: 56 Unexpected end tag (iframe).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <iframe>
-|       "<!--<iframe>"
-|     "-->"
-
-#data
-<!doctype html><iframe>...<!--X->...<!--/X->...</iframe>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <iframe>
-|       "...<!--X->...<!--/X->..."
-
-#data
-<!doctype html><xmp><!--<xmp></xmp>--></xmp>
-#errors
-Line: 1 Col: 44 Unexpected end tag (xmp).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <xmp>
-|       "<!--<xmp>"
-|     "-->"
-
-#data
-<!doctype html><noembed><!--<noembed></noembed>--></noembed>
-#errors
-Line: 1 Col: 60 Unexpected end tag (noembed).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <noembed>
-|       "<!--<noembed>"
-|     "-->"
-
-#data
-<script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 8 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|   <body>
-
-#data
-<script>a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 9 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "a"
-|   <body>
-
-#data
-<script><
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 9 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<"
-|   <body>
-
-#data
-<script></
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 10 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</"
-|   <body>
-
-#data
-<script></S
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</S"
-|   <body>
-
-#data
-<script></SC
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 12 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</SC"
-|   <body>
-
-#data
-<script></SCR
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 13 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</SCR"
-|   <body>
-
-#data
-<script></SCRI
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 14 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</SCRI"
-|   <body>
-
-#data
-<script></SCRIP
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 15 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</SCRIP"
-|   <body>
-
-#data
-<script></SCRIPT
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 16 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</SCRIPT"
-|   <body>
-
-#data
-<script></SCRIPT 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 17 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|   <body>
-
-#data
-<script></s
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</s"
-|   <body>
-
-#data
-<script></sc
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 12 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</sc"
-|   <body>
-
-#data
-<script></scr
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 13 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</scr"
-|   <body>
-
-#data
-<script></scri
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 14 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</scri"
-|   <body>
-
-#data
-<script></scrip
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 15 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</scrip"
-|   <body>
-
-#data
-<script></script
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 16 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</script"
-|   <body>
-
-#data
-<script></script 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 17 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|   <body>
-
-#data
-<script><!
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 10 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!"
-|   <body>
-
-#data
-<script><!a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!a"
-|   <body>
-
-#data
-<script><!-
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!-"
-|   <body>
-
-#data
-<script><!-a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 12 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!-a"
-|   <body>
-
-#data
-<script><!--
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 12 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--"
-|   <body>
-
-#data
-<script><!--a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 13 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--a"
-|   <body>
-
-#data
-<script><!--<
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 13 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<"
-|   <body>
-
-#data
-<script><!--<a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 14 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<a"
-|   <body>
-
-#data
-<script><!--</
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 14 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--</"
-|   <body>
-
-#data
-<script><!--</script
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 20 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--</script"
-|   <body>
-
-#data
-<script><!--</script 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 21 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--"
-|   <body>
-
-#data
-<script><!--<s
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 14 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<s"
-|   <body>
-
-#data
-<script><!--<script
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 19 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script"
-|   <body>
-
-#data
-<script><!--<script 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 20 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script "
-|   <body>
-
-#data
-<script><!--<script <
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 21 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script <"
-|   <body>
-
-#data
-<script><!--<script <a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 22 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script <a"
-|   <body>
-
-#data
-<script><!--<script </
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 22 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </"
-|   <body>
-
-#data
-<script><!--<script </s
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 23 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </s"
-|   <body>
-
-#data
-<script><!--<script </script
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 28 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script"
-|   <body>
-
-#data
-<script><!--<script </scripta
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </scripta"
-|   <body>
-
-#data
-<script><!--<script </script 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<script><!--<script </script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script>"
-|   <body>
-
-#data
-<script><!--<script </script/
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 29 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script/"
-|   <body>
-
-#data
-<script><!--<script </script <
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 30 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script <"
-|   <body>
-
-#data
-<script><!--<script </script <a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 31 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script <a"
-|   <body>
-
-#data
-<script><!--<script </script </
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 31 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script </"
-|   <body>
-
-#data
-<script><!--<script </script </script
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script </script"
-|   <body>
-
-#data
-<script><!--<script </script </script 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<script><!--<script </script </script/
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 38 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<script><!--<script </script </script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script </script "
-|   <body>
-
-#data
-<script><!--<script -
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 21 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -"
-|   <body>
-
-#data
-<script><!--<script -a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 22 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -a"
-|   <body>
-
-#data
-<script><!--<script --
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 22 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --"
-|   <body>
-
-#data
-<script><!--<script --a
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 23 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --a"
-|   <body>
-
-#data
-<script><!--<script -->
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 23 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<script><!--<script --><
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 24 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --><"
-|   <body>
-
-#data
-<script><!--<script --></
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 25 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --></"
-|   <body>
-
-#data
-<script><!--<script --></script
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 31 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script --></script"
-|   <body>
-
-#data
-<script><!--<script --></script 
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 32 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<script><!--<script --></script/
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 32 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<script><!--<script --></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script -->"
-|   <body>
-
-#data
-<script><!--<script><\/script>--></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script><\/script>-->"
-|   <body>
-
-#data
-<script><!--<script></scr'+'ipt>--></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></scr'+'ipt>-->"
-|   <body>
-
-#data
-<script><!--<script></script><script></script></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>"
-|   <body>
-
-#data
-<script><!--<script></script><script></script>--><!--</script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>--><!--"
-|   <body>
-
-#data
-<script><!--<script></script><script></script>-- ></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>-- >"
-|   <body>
-
-#data
-<script><!--<script></script><script></script>- -></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>- ->"
-|   <body>
-
-#data
-<script><!--<script></script><script></script>- - ></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>- - >"
-|   <body>
-
-#data
-<script><!--<script></script><script></script>-></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></script><script></script>->"
-|   <body>
-
-#data
-<script><!--<script>--!></script>X
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 34 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script>--!></script>X"
-|   <body>
-
-#data
-<script><!--<scr'+'ipt></script>--></script>
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 44 Unexpected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<scr'+'ipt>"
-|   <body>
-|     "-->"
-
-#data
-<script><!--<script></scr'+'ipt></script>X
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 42 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "<!--<script></scr'+'ipt></script>X"
-|   <body>
-
-#data
-<style><!--<style></style>--></style>
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-Line: 1 Col: 37 Unexpected end tag (style).
-#document
-| <html>
-|   <head>
-|     <style>
-|       "<!--<style>"
-|   <body>
-|     "-->"
-
-#data
-<style><!--</style>X
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <style>
-|       "<!--"
-|   <body>
-|     "X"
-
-#data
-<style><!--...</style>...--></style>
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-Line: 1 Col: 36 Unexpected end tag (style).
-#document
-| <html>
-|   <head>
-|     <style>
-|       "<!--..."
-|   <body>
-|     "...-->"
-
-#data
-<style><!--<br><html xmlns:v="urn:schemas-microsoft-com:vml"><!--[if !mso]><style></style>X
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <style>
-|       "<!--<br><html xmlns:v="urn:schemas-microsoft-com:vml"><!--[if !mso]><style>"
-|   <body>
-|     "X"
-
-#data
-<style><!--...<style><!--...--!></style>--></style>
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-Line: 1 Col: 51 Unexpected end tag (style).
-#document
-| <html>
-|   <head>
-|     <style>
-|       "<!--...<style><!--...--!>"
-|   <body>
-|     "-->"
-
-#data
-<style><!--...</style><!-- --><style>@import ...</style>
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <style>
-|       "<!--..."
-|     <!--   -->
-|     <style>
-|       "@import ..."
-|   <body>
-
-#data
-<style>...<style><!--...</style><!-- --></style>
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-Line: 1 Col: 48 Unexpected end tag (style).
-#document
-| <html>
-|   <head>
-|     <style>
-|       "...<style><!--..."
-|     <!--   -->
-|   <body>
-
-#data
-<style>...<!--[if IE]><style>...</style>X
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <style>
-|       "...<!--[if IE]><style>..."
-|   <body>
-|     "X"
-
-#data
-<title><!--<title>-->
-#errors
-Line: 1 Col: 7 Unexpected start tag (title). Expected DOCTYPE.
-Line: 1 Col: 37 Unexpected end tag (title).
-#document
-| 
-|   
-|     
-|       "<!--<title>"
-|   <body>
-|     "-->"
-
-#data
-<title></title>
-#errors
-Line: 1 Col: 7 Unexpected start tag (title). Expected DOCTYPE.
-#document
-| 
-|   
-|     
-|       ""
-|   
-
-#data
-foo/title><link></head><body>X
-#errors
-Line: 1 Col: 7 Unexpected start tag (title). Expected DOCTYPE.
-Line: 1 Col: 37 Unexpected end of file. Expected end tag (title).
-#document
-| <html>
-|   <head>
-|     <title>
-|       "foo/title><link></head><body>X"
-|   <body>
-
-#data
-<noscript><!--<noscript></noscript>--></noscript>
-#errors
-Line: 1 Col: 10 Unexpected start tag (noscript). Expected DOCTYPE.
-Line: 1 Col: 49 Unexpected end tag (noscript).
-#document
-| <html>
-|   <head>
-|     <noscript>
-|       "<!--<noscript>"
-|   <body>
-|     "-->"
-
-#data
-<noscript><!--</noscript>X<noscript>--></noscript>
-#errors
-Line: 1 Col: 10 Unexpected start tag (noscript). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <noscript>
-|       "<!--"
-|   <body>
-|     "X"
-|     <noscript>
-|       "-->"
-
-#data
-<noscript><iframe></noscript>X
-#errors
-Line: 1 Col: 10 Unexpected start tag (noscript). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <noscript>
-|       "<iframe>"
-|   <body>
-|     "X"
-
-#data
-<noframes><!--<noframes></noframes>--></noframes>
-#errors
-Line: 1 Col: 10 Unexpected start tag (noframes). Expected DOCTYPE.
-Line: 1 Col: 49 Unexpected end tag (noframes).
-#document
-| <html>
-|   <head>
-|     <noframes>
-|       "<!--<noframes>"
-|   <body>
-|     "-->"
-
-#data
-<noframes><body><script><!--...</script></body></noframes></html>
-#errors
-Line: 1 Col: 10 Unexpected start tag (noframes). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|     <noframes>
-|       "<body><script><!--...</script></body>"
-|   <body>
-
-#data
-<textarea><!--<textarea></textarea>--></textarea>
-#errors
-Line: 1 Col: 10 Unexpected start tag (textarea). Expected DOCTYPE.
-Line: 1 Col: 49 Unexpected end tag (textarea).
-#document
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "<!--<textarea>"
-|     "-->"
-
-#data
-<textarea></textarea></textarea>
-#errors
-Line: 1 Col: 10 Unexpected start tag (textarea). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "</textarea>"
-
-#data
-<iframe><!--<iframe></iframe>--></iframe>
-#errors
-Line: 1 Col: 8 Unexpected start tag (iframe). Expected DOCTYPE.
-Line: 1 Col: 41 Unexpected end tag (iframe).
-#document
-| <html>
-|   <head>
-|   <body>
-|     <iframe>
-|       "<!--<iframe>"
-|     "-->"
-
-#data
-<iframe>...<!--X->...<!--/X->...</iframe>
-#errors
-Line: 1 Col: 8 Unexpected start tag (iframe). Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <iframe>
-|       "...<!--X->...<!--/X->..."
-
-#data
-<xmp><!--<xmp></xmp>--></xmp>
-#errors
-Line: 1 Col: 5 Unexpected start tag (xmp). Expected DOCTYPE.
-Line: 1 Col: 29 Unexpected end tag (xmp).
-#document
-| <html>
-|   <head>
-|   <body>
-|     <xmp>
-|       "<!--<xmp>"
-|     "-->"
-
-#data
-<noembed><!--<noembed></noembed>--></noembed>
-#errors
-Line: 1 Col: 9 Unexpected start tag (noembed). Expected DOCTYPE.
-Line: 1 Col: 45 Unexpected end tag (noembed).
-#document
-| <html>
-|   <head>
-|   <body>
-|     <noembed>
-|       "<!--<noembed>"
-|     "-->"
-
-#data
-<!doctype html><table>
-
-#errors
-Line 2 Col 0 Unexpected end of file. Expected table content.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       "
-"
-
-#data
-<!doctype html><table><td><span><font></span><span>
-#errors
-Line 1 Col 26 Unexpected table cell start tag (td) in the table body phase.
-Line 1 Col 45 Unexpected end tag (span).
-Line 1 Col 51 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             <span>
-|               <font>
-|             <font>
-|               <span>
-
-#data
-<!doctype html><form><table></form><form></table></form>
-#errors
-35: Stray end tag “form”.
-41: Start tag “form” seen in “table”.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <form>
-|       <table>
-|         <form>
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests17.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests17.dat
deleted file mode 100644
index 7b555f88..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests17.dat
+++ /dev/null
@@ -1,153 +0,0 @@
-#data
-<!doctype html><table><tbody><select><tr>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><table><tr><select><td>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-
-#data
-<!doctype html><table><tr><td><select><td>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             <select>
-|           <td>
-
-#data
-<!doctype html><table><tr><th><select><td>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <th>
-|             <select>
-|           <td>
-
-#data
-<!doctype html><table><caption><select><tr>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <caption>
-|         <select>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><select><tr>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><select><td>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><select><th>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><select><tbody>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><select><thead>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><select><tfoot>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><select><caption>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><table><tr></table>a
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|     "a"
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests18.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests18.dat
deleted file mode 100644
index 680e1f06..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests18.dat
+++ /dev/null
@@ -1,269 +0,0 @@
-#data
-<!doctype html><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "</plaintext>"
-
-#data
-<!doctype html><table><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "</plaintext>"
-|     <table>
-
-#data
-<!doctype html><table><tbody><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "</plaintext>"
-|     <table>
-|       <tbody>
-
-#data
-<!doctype html><table><tbody><tr><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "</plaintext>"
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><table><tbody><tr><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "</plaintext>"
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><table><td><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             <plaintext>
-|               "</plaintext>"
-
-#data
-<!doctype html><table><caption><plaintext></plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <caption>
-|         <plaintext>
-|           "</plaintext>"
-
-#data
-<!doctype html><table><tr><style></script></style>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "abc"
-|     <table>
-|       <tbody>
-|         <tr>
-|           <style>
-|             "</script>"
-
-#data
-<!doctype html><table><tr><script></style></script>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "abc"
-|     <table>
-|       <tbody>
-|         <tr>
-|           <script>
-|             "</style>"
-
-#data
-<!doctype html><table><caption><style></script></style>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <caption>
-|         <style>
-|           "</script>"
-|         "abc"
-
-#data
-<!doctype html><table><td><style></script></style>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             <style>
-|               "</script>"
-|             "abc"
-
-#data
-<!doctype html><select><script></style></script>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <script>
-|         "</style>"
-|       "abc"
-
-#data
-<!doctype html><table><select><script></style></script>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <script>
-|         "</style>"
-|       "abc"
-|     <table>
-
-#data
-<!doctype html><table><tr><select><script></style></script>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <script>
-|         "</style>"
-|       "abc"
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><frameset></frameset><noframes>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|   <noframes>
-|     "abc"
-
-#data
-<!doctype html><frameset></frameset><noframes>abc</noframes><!--abc-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|   <noframes>
-|     "abc"
-|   <!-- abc -->
-
-#data
-<!doctype html><frameset></frameset></html><noframes>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|   <noframes>
-|     "abc"
-
-#data
-<!doctype html><frameset></frameset></html><noframes>abc</noframes><!--abc-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|   <noframes>
-|     "abc"
-| <!-- abc -->
-
-#data
-<!doctype html><table><tr></tbody><tfoot>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|       <tfoot>
-
-#data
-<!doctype html><table><td><svg></svg>abc<td>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             <svg svg>
-|             "abc"
-|           <td>
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests19.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests19.dat
deleted file mode 100644
index 0d62f5a5..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests19.dat
+++ /dev/null
@@ -1,1237 +0,0 @@
-#data
-<!doctype html><math><mn DefinitionUrl="foo">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <math math>
-|       <math mn>
-|         definitionURL="foo"
-
-#data
-<!doctype html><html></p><!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <!-- foo -->
-|   <head>
-|   <body>
-
-#data
-<!doctype html><head></head></p><!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <!-- foo -->
-|   <body>
-
-#data
-<!doctype html><body><p><pre>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <pre>
-
-#data
-<!doctype html><body><p><listing>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <listing>
-
-#data
-<!doctype html><p><plaintext>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <plaintext>
-
-#data
-<!doctype html><p><h1>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <h1>
-
-#data
-<!doctype html><form><isindex>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <form>
-
-#data
-<!doctype html><isindex action="POST">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <form>
-|       action="POST"
-|       <hr>
-|       <label>
-|         "This is a searchable index. Enter search keywords: "
-|         <input>
-|           name="isindex"
-|       <hr>
-
-#data
-<!doctype html><isindex prompt="this is isindex">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <form>
-|       <hr>
-|       <label>
-|         "this is isindex"
-|         <input>
-|           name="isindex"
-|       <hr>
-
-#data
-<!doctype html><isindex type="hidden">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <form>
-|       <hr>
-|       <label>
-|         "This is a searchable index. Enter search keywords: "
-|         <input>
-|           name="isindex"
-|           type="hidden"
-|       <hr>
-
-#data
-<!doctype html><isindex name="foo">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <form>
-|       <hr>
-|       <label>
-|         "This is a searchable index. Enter search keywords: "
-|         <input>
-|           name="isindex"
-|       <hr>
-
-#data
-<!doctype html><ruby><p><rp>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <ruby>
-|       <p>
-|       <rp>
-
-#data
-<!doctype html><ruby><div><span><rp>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <ruby>
-|       <div>
-|         <span>
-|           <rp>
-
-#data
-<!doctype html><ruby><div><p><rp>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <ruby>
-|       <div>
-|         <p>
-|         <rp>
-
-#data
-<!doctype html><ruby><p><rt>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <ruby>
-|       <p>
-|       <rt>
-
-#data
-<!doctype html><ruby><div><span><rt>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <ruby>
-|       <div>
-|         <span>
-|           <rt>
-
-#data
-<!doctype html><ruby><div><p><rt>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <ruby>
-|       <div>
-|         <p>
-|         <rt>
-
-#data
-<!doctype html><math/><foo>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <math math>
-|     <foo>
-
-#data
-<!doctype html><svg/><foo>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <svg svg>
-|     <foo>
-
-#data
-<!doctype html><div></body><!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <div>
-|   <!-- foo -->
-
-#data
-<!doctype html><h1><div><h3><span></h1>foo
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <h1>
-|       <div>
-|         <h3>
-|           <span>
-|         "foo"
-
-#data
-<!doctype html><p></h3>foo
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       "foo"
-
-#data
-<!doctype html><h3><li>abc</h2>foo
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <h3>
-|       <li>
-|         "abc"
-|     "foo"
-
-#data
-<!doctype html><table>abc<!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "abc"
-|     <table>
-|       <!-- foo -->
-
-#data
-<!doctype html><table>  <!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       "  "
-|       <!-- foo -->
-
-#data
-<!doctype html><table> b <!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     " b "
-|     <table>
-|       <!-- foo -->
-
-#data
-<!doctype html><select><option><option>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <option>
-|       <option>
-
-#data
-<!doctype html><select><option></optgroup>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <option>
-
-#data
-<!doctype html><select><option></optgroup>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <option>
-
-#data
-<!doctype html><p><math><mi><p><h1>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|         <math mi>
-|           <p>
-|           <h1>
-
-#data
-<!doctype html><p><math><mo><p><h1>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|         <math mo>
-|           <p>
-|           <h1>
-
-#data
-<!doctype html><p><math><mn><p><h1>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|         <math mn>
-|           <p>
-|           <h1>
-
-#data
-<!doctype html><p><math><ms><p><h1>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|         <math ms>
-|           <p>
-|           <h1>
-
-#data
-<!doctype html><p><math><mtext><p><h1>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|         <math mtext>
-|           <p>
-|           <h1>
-
-#data
-<!doctype html><frameset></noframes>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!doctype html><html c=d><body></html><html a=b>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   a="b"
-|   c="d"
-|   <head>
-|   <body>
-
-#data
-<!doctype html><html c=d><frameset></frameset></html><html a=b>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   a="b"
-|   c="d"
-|   <head>
-|   <frameset>
-
-#data
-<!doctype html><html><frameset></frameset></html><!--foo-->
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-| <!-- foo -->
-
-#data
-<!doctype html><html><frameset></frameset></html>  
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|   "  "
-
-#data
-<!doctype html><html><frameset></frameset></html>abc
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!doctype html><html><frameset></frameset></html><p>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!doctype html><html><frameset></frameset></html></p>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<html><frameset></frameset></html><!doctype html>
-#errors
-#document
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!doctype html><body><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!doctype html><p><frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-
-#data
-<!doctype html><p>a<frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       "a"
-
-#data
-<!doctype html><p> <frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-
-#data
-<!doctype html><pre><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <pre>
-
-#data
-<!doctype html><listing><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <listing>
-
-#data
-<!doctype html><li><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <li>
-
-#data
-<!doctype html><dd><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <dd>
-
-#data
-<!doctype html><dt><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <dt>
-
-#data
-<!doctype html><button><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <button>
-
-#data
-<!doctype html><applet><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <applet>
-
-#data
-<!doctype html><marquee><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <marquee>
-
-#data
-<!doctype html><object><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <object>
-
-#data
-<!doctype html><table><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-
-#data
-<!doctype html><area><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <area>
-
-#data
-<!doctype html><basefont><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <basefont>
-|   <frameset>
-
-#data
-<!doctype html><bgsound><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <bgsound>
-|   <frameset>
-
-#data
-<!doctype html><br><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <br>
-
-#data
-<!doctype html><embed><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <embed>
-
-#data
-<!doctype html><img><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <img>
-
-#data
-<!doctype html><input><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <input>
-
-#data
-<!doctype html><keygen><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <keygen>
-
-#data
-<!doctype html><wbr><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <wbr>
-
-#data
-<!doctype html><hr><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <hr>
-
-#data
-<!doctype html><textarea></textarea><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-
-#data
-<!doctype html><xmp></xmp><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <xmp>
-
-#data
-<!doctype html><iframe></iframe><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <iframe>
-
-#data
-<!doctype html><select></select><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-
-#data
-<!doctype html><svg></svg><frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-
-#data
-<!doctype html><math></math><frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-
-#data
-<!doctype html><svg><foreignObject><div> <frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-
-#data
-<!doctype html><svg>a</svg><frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <svg svg>
-|       "a"
-
-#data
-<!doctype html><svg> </svg><frameset><frame>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-|     <frame>
-
-#data
-<html>aaa<frameset></frameset>
-#errors
-#document
-| <html>
-|   <head>
-|   <body>
-|     "aaa"
-
-#data
-<html> a <frameset></frameset>
-#errors
-#document
-| <html>
-|   <head>
-|   <body>
-|     "a "
-
-#data
-<!doctype html><div><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!doctype html><div><body><frameset>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <div>
-
-#data
-<!doctype html><p><math></p>a
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|     "a"
-
-#data
-<!doctype html><p><math><mn><span></p>a
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <math math>
-|         <math mn>
-|           <span>
-|             <p>
-|             "a"
-
-#data
-<!doctype html><math></html>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <math math>
-
-#data
-<!doctype html><meta charset="ascii">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <meta>
-|       charset="ascii"
-|   <body>
-
-#data
-<!doctype html><meta http-equiv="content-type" content="text/html;charset=ascii">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <meta>
-|       content="text/html;charset=ascii"
-|       http-equiv="content-type"
-|   <body>
-
-#data
-<!doctype html><head><!--aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa--><meta charset="utf8">
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <!-- aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa -->
-|     <meta>
-|       charset="utf8"
-|   <body>
-
-#data
-<!doctype html><html a=b><head></head><html c=d>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   a="b"
-|   c="d"
-|   <head>
-|   <body>
-
-#data
-<!doctype html><image/>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <img>
-
-#data
-<!doctype html>a<i>b<table>c<b>d</i>e</b>f
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "a"
-|     <i>
-|       "bc"
-|       <b>
-|         "de"
-|       "f"
-|       <table>
-
-#data
-<!doctype html><table><i>a<b>b<div>c<a>d</i>e</b>f
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <i>
-|       "a"
-|       <b>
-|         "b"
-|     <b>
-|     <div>
-|       <b>
-|         <i>
-|           "c"
-|           <a>
-|             "d"
-|         <a>
-|           "e"
-|       <a>
-|         "f"
-|     <table>
-
-#data
-<!doctype html><i>a<b>b<div>c<a>d</i>e</b>f
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <i>
-|       "a"
-|       <b>
-|         "b"
-|     <b>
-|     <div>
-|       <b>
-|         <i>
-|           "c"
-|           <a>
-|             "d"
-|         <a>
-|           "e"
-|       <a>
-|         "f"
-
-#data
-<!doctype html><table><i>a<b>b<div>c</i>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <i>
-|       "a"
-|       <b>
-|         "b"
-|     <b>
-|       <div>
-|         <i>
-|           "c"
-|     <table>
-
-#data
-<!doctype html><table><i>a<b>b<div>c<a>d</i>e</b>f
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <i>
-|       "a"
-|       <b>
-|         "b"
-|     <b>
-|     <div>
-|       <b>
-|         <i>
-|           "c"
-|           <a>
-|             "d"
-|         <a>
-|           "e"
-|       <a>
-|         "f"
-|     <table>
-
-#data
-<!doctype html><table><i>a<div>b<tr>c<b>d</i>e
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <i>
-|       "a"
-|       <div>
-|         "b"
-|     <i>
-|       "c"
-|       <b>
-|         "d"
-|     <b>
-|       "e"
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!doctype html><table><td><table><i>a<div>b<b>c</i>d
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             <i>
-|               "a"
-|             <div>
-|               <i>
-|                 "b"
-|                 <b>
-|                   "c"
-|               <b>
-|                 "d"
-|             <table>
-
-#data
-<!doctype html><body><bgsound>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <bgsound>
-
-#data
-<!doctype html><body><basefont>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <basefont>
-
-#data
-<!doctype html><a><b></a><basefont>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <a>
-|       <b>
-|     <basefont>
-
-#data
-<!doctype html><a><b></a><bgsound>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <a>
-|       <b>
-|     <bgsound>
-
-#data
-<!doctype html><figcaption><article></figcaption>a
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <figcaption>
-|       <article>
-|     "a"
-
-#data
-<!doctype html><summary><article></summary>a
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <summary>
-|       <article>
-|     "a"
-
-#data
-<!doctype html><p><a><plaintext>b
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|       <a>
-|     <plaintext>
-|       <a>
-|         "b"
-
-#data
-<!DOCTYPE html><div>a<a></div>b<p>c</p>d
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <div>
-|       "a"
-|       <a>
-|     <a>
-|       "b"
-|       <p>
-|         "c"
-|       "d"
diff --git a/vendor/golang.org/x/net/html/testdata/webkit/tests2.dat b/vendor/golang.org/x/net/html/testdata/webkit/tests2.dat
deleted file mode 100644
index 60d85922..00000000
--- a/vendor/golang.org/x/net/html/testdata/webkit/tests2.dat
+++ /dev/null
@@ -1,763 +0,0 @@
-#data
-<!DOCTYPE html>Test
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "Test"
-
-#data
-<textarea>test</div>test
-#errors
-Line: 1 Col: 10 Unexpected start tag (textarea). Expected DOCTYPE.
-Line: 1 Col: 24 Expected closing tag. Unexpected end of file.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <textarea>
-|       "test</div>test"
-
-#data
-<table><td>
-#errors
-Line: 1 Col: 7 Unexpected start tag (table). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected table cell start tag (td) in the table body phase.
-Line: 1 Col: 11 Expected closing tag. Unexpected end of file.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-
-#data
-<table><td>test</tbody></table>
-#errors
-Line: 1 Col: 7 Unexpected start tag (table). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected table cell start tag (td) in the table body phase.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <tbody>
-|         <tr>
-|           <td>
-|             "test"
-
-#data
-<frame>test
-#errors
-Line: 1 Col: 7 Unexpected start tag (frame). Expected DOCTYPE.
-Line: 1 Col: 7 Unexpected start tag frame. Ignored.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "test"
-
-#data
-<!DOCTYPE html><frameset>test
-#errors
-Line: 1 Col: 29 Unepxected characters in the frameset phase. Characters ignored.
-Line: 1 Col: 29 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!DOCTYPE html><frameset><!DOCTYPE html>
-#errors
-Line: 1 Col: 40 Unexpected DOCTYPE. Ignored.
-Line: 1 Col: 40 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <frameset>
-
-#data
-<!DOCTYPE html><font><p><b>test</font>
-#errors
-Line: 1 Col: 38 End tag (font) violates step 1, paragraph 3 of the adoption agency algorithm.
-Line: 1 Col: 38 End tag (font) violates step 1, paragraph 3 of the adoption agency algorithm.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <font>
-|     <p>
-|       <font>
-|         <b>
-|           "test"
-
-#data
-<!DOCTYPE html><dt><div><dd>
-#errors
-Line: 1 Col: 28 Missing end tag (div, dt).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <dt>
-|       <div>
-|     <dd>
-
-#data
-<script></x
-#errors
-Line: 1 Col: 8 Unexpected start tag (script). Expected DOCTYPE.
-Line: 1 Col: 11 Unexpected end of file. Expected end tag (script).
-#document
-| <html>
-|   <head>
-|     <script>
-|       "</x"
-|   <body>
-
-#data
-<table><plaintext><td>
-#errors
-Line: 1 Col: 7 Unexpected start tag (table). Expected DOCTYPE.
-Line: 1 Col: 18 Unexpected start tag (plaintext) in table context caused voodoo mode.
-Line: 1 Col: 22 Unexpected end of file. Expected table content.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "<td>"
-|     <table>
-
-#data
-<plaintext></plaintext>
-#errors
-Line: 1 Col: 11 Unexpected start tag (plaintext). Expected DOCTYPE.
-Line: 1 Col: 23 Expected closing tag. Unexpected end of file.
-#document
-| <html>
-|   <head>
-|   <body>
-|     <plaintext>
-|       "</plaintext>"
-
-#data
-<!DOCTYPE html><table><tr>TEST
-#errors
-Line: 1 Col: 30 Unexpected non-space characters in table context caused voodoo mode.
-Line: 1 Col: 30 Unexpected end of file. Expected table content.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "TEST"
-|     <table>
-|       <tbody>
-|         <tr>
-
-#data
-<!DOCTYPE html><body t1=1><body t2=2><body t3=3 t4=4>
-#errors
-Line: 1 Col: 37 Unexpected start tag (body).
-Line: 1 Col: 53 Unexpected start tag (body).
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     t1="1"
-|     t2="2"
-|     t3="3"
-|     t4="4"
-
-#data
-</b test
-#errors
-Line: 1 Col: 8 Unexpected end of file in attribute name.
-Line: 1 Col: 8 End tag contains unexpected attributes.
-Line: 1 Col: 8 Unexpected end tag (b). Expected DOCTYPE.
-Line: 1 Col: 8 Unexpected end tag (b) after the (implied) root element.
-#document
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!DOCTYPE html></b test<b &=&>X
-#errors
-Line: 1 Col: 32 Named entity didn't end with ';'.
-Line: 1 Col: 33 End tag contains unexpected attributes.
-Line: 1 Col: 33 Unexpected end tag (b) after the (implied) root element.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "X"
-
-#data
-<!doctypehtml><scrIPt type=text/x-foobar;baz>X</SCRipt
-#errors
-Line: 1 Col: 9 No space after literal string 'DOCTYPE'.
-Line: 1 Col: 54 Unexpected end of file in the tag name.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|     <script>
-|       type="text/x-foobar;baz"
-|       "X</SCRipt"
-|   <body>
-
-#data
-&
-#errors
-Line: 1 Col: 1 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&"
-
-#data
-&#
-#errors
-Line: 1 Col: 1 Numeric entity expected. Got end of file instead.
-Line: 1 Col: 1 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&#"
-
-#data
-&#X
-#errors
-Line: 1 Col: 3 Numeric entity expected but none found.
-Line: 1 Col: 3 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&#X"
-
-#data
-&#x
-#errors
-Line: 1 Col: 3 Numeric entity expected but none found.
-Line: 1 Col: 3 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&#x"
-
-#data
--
-#errors
-Line: 1 Col: 4 Numeric entity didn't end with ';'.
-Line: 1 Col: 4 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "-"
-
-#data
-&x-test
-#errors
-Line: 1 Col: 1 Named entity expected. Got none.
-Line: 1 Col: 1 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&x-test"
-
-#data
-<!doctypehtml><p><li>
-#errors
-Line: 1 Col: 9 No space after literal string 'DOCTYPE'.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <li>
-
-#data
-<!doctypehtml><p><dt>
-#errors
-Line: 1 Col: 9 No space after literal string 'DOCTYPE'.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <dt>
-
-#data
-<!doctypehtml><p><dd>
-#errors
-Line: 1 Col: 9 No space after literal string 'DOCTYPE'.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <dd>
-
-#data
-<!doctypehtml><p><form>
-#errors
-Line: 1 Col: 9 No space after literal string 'DOCTYPE'.
-Line: 1 Col: 23 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     <form>
-
-#data
-<!DOCTYPE html><p></P>X
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <p>
-|     "X"
-
-#data
-&
-#errors
-Line: 1 Col: 4 Named entity didn't end with ';'.
-Line: 1 Col: 4 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&"
-
-#data
-&AMp;
-#errors
-Line: 1 Col: 1 Named entity expected. Got none.
-Line: 1 Col: 1 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "&AMp;"
-
-#data
-<!DOCTYPE html><html><head></head><body><thisISasillyTESTelementNameToMakeSureCrazyTagNamesArePARSEDcorrectLY>
-#errors
-Line: 1 Col: 110 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <thisisasillytestelementnametomakesurecrazytagnamesareparsedcorrectly>
-
-#data
-<!DOCTYPE html>X</body>X
-#errors
-Line: 1 Col: 24 Unexpected non-space characters in the after body phase.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     "XX"
-
-#data
-<!DOCTYPE html><!-- X
-#errors
-Line: 1 Col: 21 Unexpected end of file in comment.
-#document
-| <!DOCTYPE html>
-| <!--  X -->
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!DOCTYPE html><table><caption>test TEST</caption><td>test
-#errors
-Line: 1 Col: 54 Unexpected table cell start tag (td) in the table body phase.
-Line: 1 Col: 58 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <table>
-|       <caption>
-|         "test TEST"
-|       <tbody>
-|         <tr>
-|           <td>
-|             "test"
-
-#data
-<!DOCTYPE html><select><option><optgroup>
-#errors
-Line: 1 Col: 41 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <option>
-|       <optgroup>
-
-#data
-<!DOCTYPE html><select><optgroup><option></optgroup><option><select><option>
-#errors
-Line: 1 Col: 68 Unexpected select start tag in the select phase treated as select end tag.
-Line: 1 Col: 76 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <optgroup>
-|         <option>
-|       <option>
-|     <option>
-
-#data
-<!DOCTYPE html><select><optgroup><option><optgroup>
-#errors
-Line: 1 Col: 51 Expected closing tag. Unexpected end of file.
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <optgroup>
-|         <option>
-|       <optgroup>
-
-#data
-<!DOCTYPE html><datalist><option>foo</datalist>bar
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <datalist>
-|       <option>
-|         "foo"
-|     "bar"
-
-#data
-<!DOCTYPE html><font><input><input></font>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <font>
-|       <input>
-|       <input>
-
-#data
-<!DOCTYPE html><!-- XXX - XXX -->
-#errors
-#document
-| <!DOCTYPE html>
-| <!--  XXX - XXX  -->
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!DOCTYPE html><!-- XXX - XXX
-#errors
-Line: 1 Col: 29 Unexpected end of file in comment (-)
-#document
-| <!DOCTYPE html>
-| <!--  XXX - XXX -->
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!DOCTYPE html><!-- XXX - XXX - XXX -->
-#errors
-#document
-| <!DOCTYPE html>
-| <!--  XXX - XXX - XXX  -->
-| <html>
-|   <head>
-|   <body>
-
-#data
-<isindex test=x name=x>
-#errors
-Line: 1 Col: 23 Unexpected start tag (isindex). Expected DOCTYPE.
-Line: 1 Col: 23 Unexpected start tag isindex. Don't use it!
-#document
-| <html>
-|   <head>
-|   <body>
-|     <form>
-|       <hr>
-|       <label>
-|         "This is a searchable index. Enter search keywords: "
-|         <input>
-|           name="isindex"
-|           test="x"
-|       <hr>
-
-#data
-test
-test
-#errors
-Line: 2 Col: 4 Unexpected non-space characters. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-|     "test
-test"
-
-#data
-<!DOCTYPE html><body><title>test</body>
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       "test</body>"
-
-#data
-<!DOCTYPE html><body><title>X
-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       "X"
-|     <meta>
-|       name="z"
-|     <link>
-|       rel="foo"
-|     <style>
-|       "
-x { content:"</style" } "
-
-#data
-<!DOCTYPE html><select><optgroup></optgroup></select>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-|     <select>
-|       <optgroup>
-
-#data
- 
- 
-#errors
-Line: 2 Col: 1 Unexpected End of file. Expected DOCTYPE.
-#document
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!DOCTYPE html>  <html>
-#errors
-#document
-| <!DOCTYPE html>
-| <html>
-|   <head>
-|   <body>
-
-#data
-<!DOCTYPE html><script>
-</script>  <title>x  
-#errors
-#document
-| 
-| 
-|   
-|     
-#errors
-Line: 1 Col: 6 Unexpected start tag (head). Expected DOCTYPE.
-Line: 1 Col: 21 Unexpected start tag (script) that can be in head. Moved.
-#document
-| 
-|   
-|     
-#errors
-Line: 1 Col: 6 Unexpected start tag (head). Expected DOCTYPE.
-Line: 1 Col: 28 Unexpected start tag (style) that can be in head. Moved.
-#document
-| 
-|   
-|     
-#errors
-Line: 1 Col: 6 Unexpected start tag (head). Expected DOCTYPE.
-#document
-| 
-|   
-|   
-|   
-|     "x"
-|     x
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-Line: 1 Col: 22 Unexpected end of file. Expected end tag (style).
-#document
-| 
-|   
-|      --> x
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| 
-|   
-|     x
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| 
-|   
-|     x
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| 
-|   
-|     x
-#errors
-Line: 1 Col: 7 Unexpected start tag (style). Expected DOCTYPE.
-#document
-| 
-|   
-|      

-#errors
-#document
-| 
-| 
-|   
-|   
-|     
-|       ddd
-#errors
-#document
-| 
-|   
-|     
-#errors
-#document
-| 
-|   
-|   
-|     
-|     
  • 
-|       
-|         ",
-		"
-
    << Back to Go HTTP/2 demo server`)
-	})
-}
-
-func httpsHost() string {
-	if *hostHTTPS != "" {
-		return *hostHTTPS
-	}
-	if v := *httpsAddr; strings.HasPrefix(v, ":") {
-		return "localhost" + v
-	} else {
-		return v
-	}
-}
-
-func httpHost() string {
-	if *hostHTTP != "" {
-		return *hostHTTP
-	}
-	if v := *httpAddr; strings.HasPrefix(v, ":") {
-		return "localhost" + v
-	} else {
-		return v
-	}
-}
-
-func serveProdTLS() error {
-	c, err := googlestorage.NewServiceClient()
-	if err != nil {
-		return err
-	}
-	slurp := func(key string) ([]byte, error) {
-		const bucket = "http2-demo-server-tls"
-		rc, _, err := c.GetObject(&googlestorage.Object{
-			Bucket: bucket,
-			Key:    key,
-		})
-		if err != nil {
-			return nil, fmt.Errorf("Error fetching GCS object %q in bucket %q: %v", key, bucket, err)
-		}
-		defer rc.Close()
-		return ioutil.ReadAll(rc)
-	}
-	certPem, err := slurp("http2.golang.org.chained.pem")
-	if err != nil {
-		return err
-	}
-	keyPem, err := slurp("http2.golang.org.key")
-	if err != nil {
-		return err
-	}
-	cert, err := tls.X509KeyPair(certPem, keyPem)
-	if err != nil {
-		return err
-	}
-	srv := &http.Server{
-		TLSConfig: &tls.Config{
-			Certificates: []tls.Certificate{cert},
-		},
-	}
-	http2.ConfigureServer(srv, &http2.Server{})
-	ln, err := net.Listen("tcp", ":443")
-	if err != nil {
-		return err
-	}
-	return srv.Serve(tls.NewListener(tcpKeepAliveListener{ln.(*net.TCPListener)}, srv.TLSConfig))
-}
-
-type tcpKeepAliveListener struct {
-	*net.TCPListener
-}
-
-func (ln tcpKeepAliveListener) Accept() (c net.Conn, err error) {
-	tc, err := ln.AcceptTCP()
-	if err != nil {
-		return
-	}
-	tc.SetKeepAlive(true)
-	tc.SetKeepAlivePeriod(3 * time.Minute)
-	return tc, nil
-}
-
-func serveProd() error {
-	errc := make(chan error, 2)
-	go func() { errc <- http.ListenAndServe(":80", nil) }()
-	go func() { errc <- serveProdTLS() }()
-	return <-errc
-}
-
-const idleTimeout = 5 * time.Minute
-const activeTimeout = 10 * time.Minute
-
-// TODO: put this into the standard library and actually send
-// PING frames and GOAWAY, etc: golang.org/issue/14204
-func idleTimeoutHook() func(net.Conn, http.ConnState) {
-	var mu sync.Mutex
-	m := map[net.Conn]*time.Timer{}
-	return func(c net.Conn, cs http.ConnState) {
-		mu.Lock()
-		defer mu.Unlock()
-		if t, ok := m[c]; ok {
-			delete(m, c)
-			t.Stop()
-		}
-		var d time.Duration
-		switch cs {
-		case http.StateNew, http.StateIdle:
-			d = idleTimeout
-		case http.StateActive:
-			d = activeTimeout
-		default:
-			return
-		}
-		m[c] = time.AfterFunc(d, func() {
-			log.Printf("closing idle conn %v after %v", c.RemoteAddr(), d)
-			go c.Close()
-		})
-	}
-}
-
-func main() {
-	var srv http.Server
-	flag.BoolVar(&http2.VerboseLogs, "verbose", false, "Verbose HTTP/2 debugging.")
-	flag.Parse()
-	srv.Addr = *httpsAddr
-	srv.ConnState = idleTimeoutHook()
-
-	registerHandlers()
-
-	if *prod {
-		*hostHTTP = "http2.golang.org"
-		*hostHTTPS = "http2.golang.org"
-		log.Fatal(serveProd())
-	}
-
-	url := "https://" + httpsHost() + "/"
-	log.Printf("Listening on " + url)
-	http2.ConfigureServer(&srv, &http2.Server{})
-
-	if *httpAddr != "" {
-		go func() {
-			log.Printf("Listening on http://" + httpHost() + "/ (for unencrypted HTTP/1)")
-			log.Fatal(http.ListenAndServe(*httpAddr, nil))
-		}()
-	}
-
-	go func() {
-		log.Fatal(srv.ListenAndServeTLS("server.crt", "server.key"))
-	}()
-	select {}
-}
diff --git a/vendor/golang.org/x/net/http2/h2demo/launch.go b/vendor/golang.org/x/net/http2/h2demo/launch.go
deleted file mode 100644
index df0866a3..00000000
--- a/vendor/golang.org/x/net/http2/h2demo/launch.go
+++ /dev/null
@@ -1,302 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-package main
-
-import (
-	"bufio"
-	"bytes"
-	"encoding/json"
-	"flag"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"log"
-	"net/http"
-	"os"
-	"strings"
-	"time"
-
-	"golang.org/x/oauth2"
-	"golang.org/x/oauth2/google"
-	compute "google.golang.org/api/compute/v1"
-)
-
-var (
-	proj     = flag.String("project", "symbolic-datum-552", "name of Project")
-	zone     = flag.String("zone", "us-central1-a", "GCE zone")
-	mach     = flag.String("machinetype", "n1-standard-1", "Machine type")
-	instName = flag.String("instance_name", "http2-demo", "Name of VM instance.")
-	sshPub   = flag.String("ssh_public_key", "", "ssh public key file to authorize. Can modify later in Google's web UI anyway.")
-	staticIP = flag.String("static_ip", "130.211.116.44", "Static IP to use. If empty, automatic.")
-
-	writeObject  = flag.String("write_object", "", "If non-empty, a VM isn't created and the flag value is Google Cloud Storage bucket/object to write. The contents from stdin.")
-	publicObject = flag.Bool("write_object_is_public", false, "Whether the object created by --write_object should be public.")
-)
-
-func readFile(v string) string {
-	slurp, err := ioutil.ReadFile(v)
-	if err != nil {
-		log.Fatalf("Error reading %s: %v", v, err)
-	}
-	return strings.TrimSpace(string(slurp))
-}
-
-var config = &oauth2.Config{
-	// The client-id and secret should be for an "Installed Application" when using
-	// the CLI. Later we'll use a web application with a callback.
-	ClientID:     readFile("client-id.dat"),
-	ClientSecret: readFile("client-secret.dat"),
-	Endpoint:     google.Endpoint,
-	Scopes: []string{
-		compute.DevstorageFullControlScope,
-		compute.ComputeScope,
-		"https://www.googleapis.com/auth/sqlservice",
-		"https://www.googleapis.com/auth/sqlservice.admin",
-	},
-	RedirectURL: "urn:ietf:wg:oauth:2.0:oob",
-}
-
-const baseConfig = `#cloud-config
-coreos:
-  units:
-    - name: h2demo.service
-      command: start
-      content: |
-        [Unit]
-        Description=HTTP2 Demo
-        
-        [Service]
-        ExecStartPre=/bin/bash -c 'mkdir -p /opt/bin && curl -s -o /opt/bin/h2demo http://storage.googleapis.com/http2-demo-server-tls/h2demo && chmod +x /opt/bin/h2demo'
-        ExecStart=/opt/bin/h2demo --prod
-        RestartSec=5s
-        Restart=always
-        Type=simple
-        
-        [Install]
-        WantedBy=multi-user.target
-`
-
-func main() {
-	flag.Parse()
-	if *proj == "" {
-		log.Fatalf("Missing --project flag")
-	}
-	prefix := "https://www.googleapis.com/compute/v1/projects/" + *proj
-	machType := prefix + "/zones/" + *zone + "/machineTypes/" + *mach
-
-	const tokenFileName = "token.dat"
-	tokenFile := tokenCacheFile(tokenFileName)
-	tokenSource := oauth2.ReuseTokenSource(nil, tokenFile)
-	token, err := tokenSource.Token()
-	if err != nil {
-		if *writeObject != "" {
-			log.Fatalf("Can't use --write_object without a valid token.dat file already cached.")
-		}
-		log.Printf("Error getting token from %s: %v", tokenFileName, err)
-		log.Printf("Get auth code from %v", config.AuthCodeURL("my-state"))
-		fmt.Print("\nEnter auth code: ")
-		sc := bufio.NewScanner(os.Stdin)
-		sc.Scan()
-		authCode := strings.TrimSpace(sc.Text())
-		token, err = config.Exchange(oauth2.NoContext, authCode)
-		if err != nil {
-			log.Fatalf("Error exchanging auth code for a token: %v", err)
-		}
-		if err := tokenFile.WriteToken(token); err != nil {
-			log.Fatalf("Error writing to %s: %v", tokenFileName, err)
-		}
-		tokenSource = oauth2.ReuseTokenSource(token, nil)
-	}
-
-	oauthClient := oauth2.NewClient(oauth2.NoContext, tokenSource)
-
-	if *writeObject != "" {
-		writeCloudStorageObject(oauthClient)
-		return
-	}
-
-	computeService, _ := compute.New(oauthClient)
-
-	natIP := *staticIP
-	if natIP == "" {
-		// Try to find it by name.
-		aggAddrList, err := computeService.Addresses.AggregatedList(*proj).Do()
-		if err != nil {
-			log.Fatal(err)
-		}
-		// http://godoc.org/code.google.com/p/google-api-go-client/compute/v1#AddressAggregatedList
-	IPLoop:
-		for _, asl := range aggAddrList.Items {
-			for _, addr := range asl.Addresses {
-				if addr.Name == *instName+"-ip" && addr.Status == "RESERVED" {
-					natIP = addr.Address
-					break IPLoop
-				}
-			}
-		}
-	}
-
-	cloudConfig := baseConfig
-	if *sshPub != "" {
-		key := strings.TrimSpace(readFile(*sshPub))
-		cloudConfig += fmt.Sprintf("\nssh_authorized_keys:\n    - %s\n", key)
-	}
-	if os.Getenv("USER") == "bradfitz" {
-		cloudConfig += fmt.Sprintf("\nssh_authorized_keys:\n    - %s\n", "ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAwks9dwWKlRC+73gRbvYtVg0vdCwDSuIlyt4z6xa/YU/jTDynM4R4W10hm2tPjy8iR1k8XhDv4/qdxe6m07NjG/By1tkmGpm1mGwho4Pr5kbAAy/Qg+NLCSdAYnnE00FQEcFOC15GFVMOW2AzDGKisReohwH9eIzHPzdYQNPRWXE= bradfitz@papag.bradfitz.com")
-	}
-	const maxCloudConfig = 32 << 10 // per compute API docs
-	if len(cloudConfig) > maxCloudConfig {
-		log.Fatalf("cloud config length of %d bytes is over %d byte limit", len(cloudConfig), maxCloudConfig)
-	}
-
-	instance := &compute.Instance{
-		Name:        *instName,
-		Description: "Go Builder",
-		MachineType: machType,
-		Disks:       []*compute.AttachedDisk{instanceDisk(computeService)},
-		Tags: &compute.Tags{
-			Items: []string{"http-server", "https-server"},
-		},
-		Metadata: &compute.Metadata{
-			Items: []*compute.MetadataItems{
-				{
-					Key:   "user-data",
-					Value: &cloudConfig,
-				},
-			},
-		},
-		NetworkInterfaces: []*compute.NetworkInterface{
-			{
-				AccessConfigs: []*compute.AccessConfig{
-					{
-						Type:  "ONE_TO_ONE_NAT",
-						Name:  "External NAT",
-						NatIP: natIP,
-					},
-				},
-				Network: prefix + "/global/networks/default",
-			},
-		},
-		ServiceAccounts: []*compute.ServiceAccount{
-			{
-				Email: "default",
-				Scopes: []string{
-					compute.DevstorageFullControlScope,
-					compute.ComputeScope,
-				},
-			},
-		},
-	}
-
-	log.Printf("Creating instance...")
-	op, err := computeService.Instances.Insert(*proj, *zone, instance).Do()
-	if err != nil {
-		log.Fatalf("Failed to create instance: %v", err)
-	}
-	opName := op.Name
-	log.Printf("Created. Waiting on operation %v", opName)
-OpLoop:
-	for {
-		time.Sleep(2 * time.Second)
-		op, err := computeService.ZoneOperations.Get(*proj, *zone, opName).Do()
-		if err != nil {
-			log.Fatalf("Failed to get op %s: %v", opName, err)
-		}
-		switch op.Status {
-		case "PENDING", "RUNNING":
-			log.Printf("Waiting on operation %v", opName)
-			continue
-		case "DONE":
-			if op.Error != nil {
-				for _, operr := range op.Error.Errors {
-					log.Printf("Error: %+v", operr)
-				}
-				log.Fatalf("Failed to start.")
-			}
-			log.Printf("Success. %+v", op)
-			break OpLoop
-		default:
-			log.Fatalf("Unknown status %q: %+v", op.Status, op)
-		}
-	}
-
-	inst, err := computeService.Instances.Get(*proj, *zone, *instName).Do()
-	if err != nil {
-		log.Fatalf("Error getting instance after creation: %v", err)
-	}
-	ij, _ := json.MarshalIndent(inst, "", "    ")
-	log.Printf("Instance: %s", ij)
-}
-
-func instanceDisk(svc *compute.Service) *compute.AttachedDisk {
-	const imageURL = "https://www.googleapis.com/compute/v1/projects/coreos-cloud/global/images/coreos-stable-444-5-0-v20141016"
-	diskName := *instName + "-disk"
-
-	return &compute.AttachedDisk{
-		AutoDelete: true,
-		Boot:       true,
-		Type:       "PERSISTENT",
-		InitializeParams: &compute.AttachedDiskInitializeParams{
-			DiskName:    diskName,
-			SourceImage: imageURL,
-			DiskSizeGb:  50,
-		},
-	}
-}
-
-func writeCloudStorageObject(httpClient *http.Client) {
-	content := os.Stdin
-	const maxSlurp = 1 << 20
-	var buf bytes.Buffer
-	n, err := io.CopyN(&buf, content, maxSlurp)
-	if err != nil && err != io.EOF {
-		log.Fatalf("Error reading from stdin: %v, %v", n, err)
-	}
-	contentType := http.DetectContentType(buf.Bytes())
-
-	req, err := http.NewRequest("PUT", "https://storage.googleapis.com/"+*writeObject, io.MultiReader(&buf, content))
-	if err != nil {
-		log.Fatal(err)
-	}
-	req.Header.Set("x-goog-api-version", "2")
-	if *publicObject {
-		req.Header.Set("x-goog-acl", "public-read")
-	}
-	req.Header.Set("Content-Type", contentType)
-	res, err := httpClient.Do(req)
-	if err != nil {
-		log.Fatal(err)
-	}
-	if res.StatusCode != 200 {
-		res.Write(os.Stderr)
-		log.Fatalf("Failed.")
-	}
-	log.Printf("Success.")
-	os.Exit(0)
-}
-
-type tokenCacheFile string
-
-func (f tokenCacheFile) Token() (*oauth2.Token, error) {
-	slurp, err := ioutil.ReadFile(string(f))
-	if err != nil {
-		return nil, err
-	}
-	t := new(oauth2.Token)
-	if err := json.Unmarshal(slurp, t); err != nil {
-		return nil, err
-	}
-	return t, nil
-}
-
-func (f tokenCacheFile) WriteToken(t *oauth2.Token) error {
-	jt, err := json.Marshal(t)
-	if err != nil {
-		return err
-	}
-	return ioutil.WriteFile(string(f), jt, 0600)
-}
diff --git a/vendor/golang.org/x/net/http2/h2demo/rootCA.key b/vendor/golang.org/x/net/http2/h2demo/rootCA.key
deleted file mode 100644
index a15a6aba..00000000
--- a/vendor/golang.org/x/net/http2/h2demo/rootCA.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAt5fAjp4fTcekWUTfzsp0kyih1OYbsGL0KX1eRbSSR8Od0+9Q
-62Hyny+GFwMTb4A/KU8mssoHvcceSAAbwfbxFK/+s51TobqUnORZrOoTZjkUygby
-XDSK99YBbcR1Pip8vwMTm4XKuLtCigeBBdjjAQdgUO28LENGlsMnmeYkJfODVGnV
-mr5Ltb9ANA8IKyTfsnHJ4iOCS/PlPbUj2q7YnoVLposUBMlgUb/CykX3mOoLb4yJ
-JQyA/iST6ZxiIEj36D4yWZ5lg7YJl+UiiBQHGCnPdGyipqV06ex0heYWcaiW8LWZ
-SUQ93jQ+WVCH8hT7DQO1dmsvUmXlq/JeAlwQ/QIDAQABAoIBAFFHV7JMAqPWnMYA
-nezY6J81v9+XN+7xABNWM2Q8uv4WdksbigGLTXR3/680Z2hXqJ7LMeC5XJACFT/e
-/Gr0vmpgOCygnCPfjGehGKpavtfksXV3edikUlnCXsOP1C//c1bFL+sMYmFCVgTx
-qYdDK8yKzXNGrKYT6q5YG7IglyRNV1rsQa8lM/5taFYiD1Ck/3tQi3YIq8Lcuser
-hrxsMABcQ6mi+EIvG6Xr4mfJug0dGJMHG4RG1UGFQn6RXrQq2+q53fC8ZbVUSi0j
-NQ918aKFzktwv+DouKU0ME4I9toks03gM860bAL7zCbKGmwR3hfgX/TqzVCWpG9E
-LDVfvekCgYEA8fk9N53jbBRmULUGEf4qWypcLGiZnNU0OeXWpbPV9aa3H0VDytA7
-8fCN2dPAVDPqlthMDdVe983NCNwp2Yo8ZimDgowyIAKhdC25s1kejuaiH9OAPj3c
-0f8KbriYX4n8zNHxFwK6Ae3pQ6EqOLJVCUsziUaZX9nyKY5aZlyX6xcCgYEAwjws
-K62PjC64U5wYddNLp+kNdJ4edx+a7qBb3mEgPvSFT2RO3/xafJyG8kQB30Mfstjd
-bRxyUV6N0vtX1zA7VQtRUAvfGCecpMo+VQZzcHXKzoRTnQ7eZg4Lmj5fQ9tOAKAo
-QCVBoSW/DI4PZL26CAMDcAba4Pa22ooLapoRIQsCgYA6pIfkkbxLNkpxpt2YwLtt
-Kr/590O7UaR9n6k8sW/aQBRDXNsILR1KDl2ifAIxpf9lnXgZJiwE7HiTfCAcW7c1
-nzwDCI0hWuHcMTS/NYsFYPnLsstyyjVZI3FY0h4DkYKV9Q9z3zJLQ2hz/nwoD3gy
-b2pHC7giFcTts1VPV4Nt8wKBgHeFn4ihHJweg76vZz3Z78w7VNRWGFklUalVdDK7
-gaQ7w2y/ROn/146mo0OhJaXFIFRlrpvdzVrU3GDf2YXJYDlM5ZRkObwbZADjksev
-WInzcgDy3KDg7WnPasRXbTfMU4t/AkW2p1QKbi3DnSVYuokDkbH2Beo45vxDxhKr
-C69RAoGBAIyo3+OJenoZmoNzNJl2WPW5MeBUzSh8T/bgyjFTdqFHF5WiYRD/lfHj
-x9Glyw2nutuT4hlOqHvKhgTYdDMsF2oQ72fe3v8Q5FU7FuKndNPEAyvKNXZaShVA
-hnlhv5DjXKb0wFWnt5PCCiQLtzG0yyHaITrrEme7FikkIcTxaX/Y
------END RSA PRIVATE KEY-----
diff --git a/vendor/golang.org/x/net/http2/h2demo/rootCA.pem b/vendor/golang.org/x/net/http2/h2demo/rootCA.pem
deleted file mode 100644
index 3a323e77..00000000
--- a/vendor/golang.org/x/net/http2/h2demo/rootCA.pem
+++ /dev/null
@@ -1,26 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIEWjCCA0KgAwIBAgIJALfRlWsI8YQHMA0GCSqGSIb3DQEBBQUAMHsxCzAJBgNV
-BAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEUMBIG
-A1UEChMLQnJhZGZpdHppbmMxEjAQBgNVBAMTCWxvY2FsaG9zdDEdMBsGCSqGSIb3
-DQEJARYOYnJhZEBkYW5nYS5jb20wHhcNMTQwNzE1MjA0NjA1WhcNMTcwNTA0MjA0
-NjA1WjB7MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBG
-cmFuY2lzY28xFDASBgNVBAoTC0JyYWRmaXR6aW5jMRIwEAYDVQQDEwlsb2NhbGhv
-c3QxHTAbBgkqhkiG9w0BCQEWDmJyYWRAZGFuZ2EuY29tMIIBIjANBgkqhkiG9w0B
-AQEFAAOCAQ8AMIIBCgKCAQEAt5fAjp4fTcekWUTfzsp0kyih1OYbsGL0KX1eRbSS
-R8Od0+9Q62Hyny+GFwMTb4A/KU8mssoHvcceSAAbwfbxFK/+s51TobqUnORZrOoT
-ZjkUygbyXDSK99YBbcR1Pip8vwMTm4XKuLtCigeBBdjjAQdgUO28LENGlsMnmeYk
-JfODVGnVmr5Ltb9ANA8IKyTfsnHJ4iOCS/PlPbUj2q7YnoVLposUBMlgUb/CykX3
-mOoLb4yJJQyA/iST6ZxiIEj36D4yWZ5lg7YJl+UiiBQHGCnPdGyipqV06ex0heYW
-caiW8LWZSUQ93jQ+WVCH8hT7DQO1dmsvUmXlq/JeAlwQ/QIDAQABo4HgMIHdMB0G
-A1UdDgQWBBRcAROthS4P4U7vTfjByC569R7E6DCBrQYDVR0jBIGlMIGigBRcAROt
-hS4P4U7vTfjByC569R7E6KF/pH0wezELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNB
-MRYwFAYDVQQHEw1TYW4gRnJhbmNpc2NvMRQwEgYDVQQKEwtCcmFkZml0emluYzES
-MBAGA1UEAxMJbG9jYWxob3N0MR0wGwYJKoZIhvcNAQkBFg5icmFkQGRhbmdhLmNv
-bYIJALfRlWsI8YQHMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAG6h
-U9f9sNH0/6oBbGGy2EVU0UgITUQIrFWo9rFkrW5k/XkDjQm+3lzjT0iGR4IxE/Ao
-eU6sQhua7wrWeFEn47GL98lnCsJdD7oZNhFmQ95Tb/LnDUjs5Yj9brP0NWzXfYU4
-UK2ZnINJRcJpB8iRCaCxE8DdcUF0XqIEq6pA272snoLmiXLMvNl3kYEdm+je6voD
-58SNVEUsztzQyXmJEhCpwVI0A6QCjzXj+qvpmw3ZZHi8JwXei8ZZBLTSFBki8Z7n
-sH9BBH38/SzUmAN4QHSPy1gjqm00OAE8NaYDkh/bzE4d7mLGGMWp/WE3KPSu82HF
-kPe6XoSbiLm/kxk32T0=
------END CERTIFICATE-----
diff --git a/vendor/golang.org/x/net/http2/h2demo/rootCA.srl b/vendor/golang.org/x/net/http2/h2demo/rootCA.srl
deleted file mode 100644
index 6db38918..00000000
--- a/vendor/golang.org/x/net/http2/h2demo/rootCA.srl
+++ /dev/null
@@ -1 +0,0 @@
-E2CE26BF3285059C
diff --git a/vendor/golang.org/x/net/http2/h2demo/server.crt b/vendor/golang.org/x/net/http2/h2demo/server.crt
deleted file mode 100644
index c59059bd..00000000
--- a/vendor/golang.org/x/net/http2/h2demo/server.crt
+++ /dev/null
@@ -1,20 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDPjCCAiYCCQDizia/MoUFnDANBgkqhkiG9w0BAQUFADB7MQswCQYDVQQGEwJV
-UzELMAkGA1UECBMCQ0ExFjAUBgNVBAcTDVNhbiBGcmFuY2lzY28xFDASBgNVBAoT
-C0JyYWRmaXR6aW5jMRIwEAYDVQQDEwlsb2NhbGhvc3QxHTAbBgkqhkiG9w0BCQEW
-DmJyYWRAZGFuZ2EuY29tMB4XDTE0MDcxNTIwNTAyN1oXDTE1MTEyNzIwNTAyN1ow
-RzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMQswCQYDVQQHEwJTRjEeMBwGA1UE
-ChMVYnJhZGZpdHogaHR0cDIgc2VydmVyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
-MIIBCgKCAQEAs1Y9CyLFrdL8VQWN1WaifDqaZFnoqjHhCMlc1TfG2zA+InDifx2l
-gZD3o8FeNnAcfM2sPlk3+ZleOYw9P/CklFVDlvqmpCv9ss/BEp/dDaWvy1LmJ4c2
-dbQJfmTxn7CV1H3TsVJvKdwFmdoABb41NoBp6+NNO7OtDyhbIMiCI0pL3Nefb3HL
-A7hIMo3DYbORTtJLTIH9W8YKrEWL0lwHLrYFx/UdutZnv+HjdmO6vCN4na55mjws
-/vjKQUmc7xeY7Xe20xDEG2oDKVkL2eD7FfyrYMS3rO1ExP2KSqlXYG/1S9I/fz88
-F0GK7HX55b5WjZCl2J3ERVdnv/0MQv+sYQIDAQABMA0GCSqGSIb3DQEBBQUAA4IB
-AQC0zL+n/YpRZOdulSu9tS8FxrstXqGWoxfe+vIUgqfMZ5+0MkjJ/vW0FqlLDl2R
-rn4XaR3e7FmWkwdDVbq/UB6lPmoAaFkCgh9/5oapMaclNVNnfF3fjCJfRr+qj/iD
-EmJStTIN0ZuUjAlpiACmfnpEU55PafT5Zx+i1yE4FGjw8bJpFoyD4Hnm54nGjX19
-KeCuvcYFUPnBm3lcL0FalF2AjqV02WTHYNQk7YF/oeO7NKBoEgvGvKG3x+xaOeBI
-dwvdq175ZsGul30h+QjrRlXhH/twcuaT3GSdoysDl9cCYE8f1Mk8PD6gan3uBCJU
-90p6/CbU71bGbfpM2PHot2fm
------END CERTIFICATE-----
diff --git a/vendor/golang.org/x/net/http2/h2demo/server.key b/vendor/golang.org/x/net/http2/h2demo/server.key
deleted file mode 100644
index f329c142..00000000
--- a/vendor/golang.org/x/net/http2/h2demo/server.key
+++ /dev/null
@@ -1,27 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIIEowIBAAKCAQEAs1Y9CyLFrdL8VQWN1WaifDqaZFnoqjHhCMlc1TfG2zA+InDi
-fx2lgZD3o8FeNnAcfM2sPlk3+ZleOYw9P/CklFVDlvqmpCv9ss/BEp/dDaWvy1Lm
-J4c2dbQJfmTxn7CV1H3TsVJvKdwFmdoABb41NoBp6+NNO7OtDyhbIMiCI0pL3Nef
-b3HLA7hIMo3DYbORTtJLTIH9W8YKrEWL0lwHLrYFx/UdutZnv+HjdmO6vCN4na55
-mjws/vjKQUmc7xeY7Xe20xDEG2oDKVkL2eD7FfyrYMS3rO1ExP2KSqlXYG/1S9I/
-fz88F0GK7HX55b5WjZCl2J3ERVdnv/0MQv+sYQIDAQABAoIBADQ2spUwbY+bcz4p
-3M66ECrNQTBggP40gYl2XyHxGGOu2xhZ94f9ELf1hjRWU2DUKWco1rJcdZClV6q3
-qwmXvcM2Q/SMS8JW0ImkNVl/0/NqPxGatEnj8zY30d/L8hGFb0orzFu/XYA5gCP4
-NbN2WrXgk3ZLeqwcNxHHtSiJWGJ/fPyeDWAu/apy75u9Xf2GlzBZmV6HYD9EfK80
-LTlI60f5FO487CrJnboL7ovPJrIHn+k05xRQqwma4orpz932rTXnTjs9Lg6KtbQN
-a7PrqfAntIISgr11a66Mng3IYH1lYqJsWJJwX/xHT4WLEy0EH4/0+PfYemJekz2+
-Co62drECgYEA6O9zVJZXrLSDsIi54cfxA7nEZWm5CAtkYWeAHa4EJ+IlZ7gIf9sL
-W8oFcEfFGpvwVqWZ+AsQ70dsjXAv3zXaG0tmg9FtqWp7pzRSMPidifZcQwWkKeTO
-gJnFmnVyed8h6GfjTEu4gxo1/S5U0V+mYSha01z5NTnN6ltKx1Or3b0CgYEAxRgm
-S30nZxnyg/V7ys61AZhst1DG2tkZXEMcA7dYhabMoXPJAP/EfhlWwpWYYUs/u0gS
-Wwmf5IivX5TlYScgmkvb/NYz0u4ZmOXkLTnLPtdKKFXhjXJcHjUP67jYmOxNlJLp
-V4vLRnFxTpffAV+OszzRxsXX6fvruwZBANYJeXUCgYBVouLFsFgfWGYp2rpr9XP4
-KK25kvrBqF6JKOIDB1zjxNJ3pUMKrl8oqccCFoCyXa4oTM2kUX0yWxHfleUjrMq4
-yimwQKiOZmV7fVLSSjSw6e/VfBd0h3gb82ygcplZkN0IclkwTY5SNKqwn/3y07V5
-drqdhkrgdJXtmQ6O5YYECQKBgATERcDToQ1USlI4sKrB/wyv1AlG8dg/IebiVJ4e
-ZAyvcQmClFzq0qS+FiQUnB/WQw9TeeYrwGs1hxBHuJh16srwhLyDrbMvQP06qh8R
-48F8UXXSRec22dV9MQphaROhu2qZdv1AC0WD3tqov6L33aqmEOi+xi8JgbT/PLk5
-c/c1AoGBAI1A/02ryksW6/wc7/6SP2M2rTy4m1sD/GnrTc67EHnRcVBdKO6qH2RY
-nqC8YcveC2ZghgPTDsA3VGuzuBXpwY6wTyV99q6jxQJ6/xcrD9/NUG6Uwv/xfCxl
-IJLeBYEqQundSSny3VtaAUK8Ul1nxpTvVRNwtcyWTo8RHAAyNPWd
------END RSA PRIVATE KEY-----
diff --git a/vendor/golang.org/x/net/http2/h2i/README.md b/vendor/golang.org/x/net/http2/h2i/README.md
deleted file mode 100644
index fb5c5efb..00000000
--- a/vendor/golang.org/x/net/http2/h2i/README.md
+++ /dev/null
@@ -1,97 +0,0 @@
-# h2i
-
-**h2i** is an interactive HTTP/2 ("h2") console debugger. Miss the good ol'
-days of telnetting to your HTTP/1.n servers? We're bringing you
-back.
-
-Features:
-- send raw HTTP/2 frames
- - PING
- - SETTINGS
- - HEADERS
- - etc
-- type in HTTP/1.n and have it auto-HPACK/frame-ify it for HTTP/2
-- pretty print all received HTTP/2 frames from the peer (including HPACK decoding)
-- tab completion of commands, options
-
-Not yet features, but soon:
-- unnecessary CONTINUATION frames on short boundaries, to test peer implementations 
-- request bodies (DATA frames)
-- send invalid frames for testing server implementations (supported by underlying Framer)
-
-Later:
-- act like a server
-
-## Installation
-
-```
-$ go get golang.org/x/net/http2/h2i
-$ h2i 
-```
-
-## Demo
-
-```
-$ h2i
-Usage: h2i 
-  
-  -insecure
-        Whether to skip TLS cert validation
-  -nextproto string
-        Comma-separated list of NPN/ALPN protocol names to negotiate. (default "h2,h2-14")
-
-$ h2i google.com
-Connecting to google.com:443 ...
-Connected to 74.125.224.41:443
-Negotiated protocol "h2-14"
-[FrameHeader SETTINGS len=18]
-  [MAX_CONCURRENT_STREAMS = 100]
-  [INITIAL_WINDOW_SIZE = 1048576]
-  [MAX_FRAME_SIZE = 16384]
-[FrameHeader WINDOW_UPDATE len=4]
-  Window-Increment = 983041
-  
-h2i> PING h2iSayHI
-[FrameHeader PING flags=ACK len=8]
-  Data = "h2iSayHI"
-h2i> headers
-(as HTTP/1.1)> GET / HTTP/1.1
-(as HTTP/1.1)> Host: ip.appspot.com
-(as HTTP/1.1)> User-Agent: h2i/brad-n-blake
-(as HTTP/1.1)>  
-Opening Stream-ID 1:
- :authority = ip.appspot.com
- :method = GET
- :path = /
- :scheme = https
- user-agent = h2i/brad-n-blake
-[FrameHeader HEADERS flags=END_HEADERS stream=1 len=77]
-  :status = "200"
-  alternate-protocol = "443:quic,p=1"
-  content-length = "15"
-  content-type = "text/html"
-  date = "Fri, 01 May 2015 23:06:56 GMT"
-  server = "Google Frontend"
-[FrameHeader DATA flags=END_STREAM stream=1 len=15]
-  "173.164.155.78\n"
-[FrameHeader PING len=8]
-  Data = "\x00\x00\x00\x00\x00\x00\x00\x00"
-h2i> ping  
-[FrameHeader PING flags=ACK len=8]  
-  Data = "h2i_ping"  
-h2i> ping  
-[FrameHeader PING flags=ACK len=8]
-  Data = "h2i_ping"
-h2i> ping
-[FrameHeader GOAWAY len=22]
-  Last-Stream-ID = 1; Error-Code = PROTOCOL_ERROR (1)
-
-ReadFrame: EOF
-```
-
-## Status
-
-Quick few hour hack. So much yet to do. Feel free to file issues for
-bugs or wishlist items, but [@bmizerany](https://github.com/bmizerany/)
-and I aren't yet accepting pull requests until things settle down.
-
diff --git a/vendor/golang.org/x/net/http2/h2i/h2i.go b/vendor/golang.org/x/net/http2/h2i/h2i.go
deleted file mode 100644
index b70976f7..00000000
--- a/vendor/golang.org/x/net/http2/h2i/h2i.go
+++ /dev/null
@@ -1,501 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !plan9,!solaris
-
-/*
-The h2i command is an interactive HTTP/2 console.
-
-Usage:
-  $ h2i [flags] 
-
-Interactive commands in the console: (all parts case-insensitive)
-
-  ping [data]
-  settings ack
-  settings FOO=n BAR=z
-  headers      (open a new stream by typing HTTP/1.1)
-*/
-package main
-
-import (
-	"bufio"
-	"bytes"
-	"crypto/tls"
-	"errors"
-	"flag"
-	"fmt"
-	"io"
-	"log"
-	"net"
-	"net/http"
-	"os"
-	"regexp"
-	"strconv"
-	"strings"
-
-	"golang.org/x/crypto/ssh/terminal"
-	"golang.org/x/net/http2"
-	"golang.org/x/net/http2/hpack"
-)
-
-// Flags
-var (
-	flagNextProto = flag.String("nextproto", "h2,h2-14", "Comma-separated list of NPN/ALPN protocol names to negotiate.")
-	flagInsecure  = flag.Bool("insecure", false, "Whether to skip TLS cert validation")
-	flagSettings  = flag.String("settings", "empty", "comma-separated list of KEY=value settings for the initial SETTINGS frame. The magic value 'empty' sends an empty initial settings frame, and the magic value 'omit' causes no initial settings frame to be sent.")
-)
-
-type command struct {
-	run func(*h2i, []string) error // required
-
-	// complete optionally specifies tokens (case-insensitive) which are
-	// valid for this subcommand.
-	complete func() []string
-}
-
-var commands = map[string]command{
-	"ping": {run: (*h2i).cmdPing},
-	"settings": {
-		run: (*h2i).cmdSettings,
-		complete: func() []string {
-			return []string{
-				"ACK",
-				http2.SettingHeaderTableSize.String(),
-				http2.SettingEnablePush.String(),
-				http2.SettingMaxConcurrentStreams.String(),
-				http2.SettingInitialWindowSize.String(),
-				http2.SettingMaxFrameSize.String(),
-				http2.SettingMaxHeaderListSize.String(),
-			}
-		},
-	},
-	"quit":    {run: (*h2i).cmdQuit},
-	"headers": {run: (*h2i).cmdHeaders},
-}
-
-func usage() {
-	fmt.Fprintf(os.Stderr, "Usage: h2i \n\n")
-	flag.PrintDefaults()
-}
-
-// withPort adds ":443" if another port isn't already present.
-func withPort(host string) string {
-	if _, _, err := net.SplitHostPort(host); err != nil {
-		return net.JoinHostPort(host, "443")
-	}
-	return host
-}
-
-// h2i is the app's state.
-type h2i struct {
-	host   string
-	tc     *tls.Conn
-	framer *http2.Framer
-	term   *terminal.Terminal
-
-	// owned by the command loop:
-	streamID uint32
-	hbuf     bytes.Buffer
-	henc     *hpack.Encoder
-
-	// owned by the readFrames loop:
-	peerSetting map[http2.SettingID]uint32
-	hdec        *hpack.Decoder
-}
-
-func main() {
-	flag.Usage = usage
-	flag.Parse()
-	if flag.NArg() != 1 {
-		usage()
-		os.Exit(2)
-	}
-	log.SetFlags(0)
-
-	host := flag.Arg(0)
-	app := &h2i{
-		host:        host,
-		peerSetting: make(map[http2.SettingID]uint32),
-	}
-	app.henc = hpack.NewEncoder(&app.hbuf)
-
-	if err := app.Main(); err != nil {
-		if app.term != nil {
-			app.logf("%v\n", err)
-		} else {
-			fmt.Fprintf(os.Stderr, "%v\n", err)
-		}
-		os.Exit(1)
-	}
-	fmt.Fprintf(os.Stdout, "\n")
-}
-
-func (app *h2i) Main() error {
-	cfg := &tls.Config{
-		ServerName:         app.host,
-		NextProtos:         strings.Split(*flagNextProto, ","),
-		InsecureSkipVerify: *flagInsecure,
-	}
-
-	hostAndPort := withPort(app.host)
-	log.Printf("Connecting to %s ...", hostAndPort)
-	tc, err := tls.Dial("tcp", hostAndPort, cfg)
-	if err != nil {
-		return fmt.Errorf("Error dialing %s: %v", withPort(app.host), err)
-	}
-	log.Printf("Connected to %v", tc.RemoteAddr())
-	defer tc.Close()
-
-	if err := tc.Handshake(); err != nil {
-		return fmt.Errorf("TLS handshake: %v", err)
-	}
-	if !*flagInsecure {
-		if err := tc.VerifyHostname(app.host); err != nil {
-			return fmt.Errorf("VerifyHostname: %v", err)
-		}
-	}
-	state := tc.ConnectionState()
-	log.Printf("Negotiated protocol %q", state.NegotiatedProtocol)
-	if !state.NegotiatedProtocolIsMutual || state.NegotiatedProtocol == "" {
-		return fmt.Errorf("Could not negotiate protocol mutually")
-	}
-
-	if _, err := io.WriteString(tc, http2.ClientPreface); err != nil {
-		return err
-	}
-
-	app.framer = http2.NewFramer(tc, tc)
-
-	oldState, err := terminal.MakeRaw(0)
-	if err != nil {
-		return err
-	}
-	defer terminal.Restore(0, oldState)
-
-	var screen = struct {
-		io.Reader
-		io.Writer
-	}{os.Stdin, os.Stdout}
-
-	app.term = terminal.NewTerminal(screen, "h2i> ")
-	lastWord := regexp.MustCompile(`.+\W(\w+)$`)
-	app.term.AutoCompleteCallback = func(line string, pos int, key rune) (newLine string, newPos int, ok bool) {
-		if key != '\t' {
-			return
-		}
-		if pos != len(line) {
-			// TODO: we're being lazy for now, only supporting tab completion at the end.
-			return
-		}
-		// Auto-complete for the command itself.
-		if !strings.Contains(line, " ") {
-			var name string
-			name, _, ok = lookupCommand(line)
-			if !ok {
-				return
-			}
-			return name, len(name), true
-		}
-		_, c, ok := lookupCommand(line[:strings.IndexByte(line, ' ')])
-		if !ok || c.complete == nil {
-			return
-		}
-		if strings.HasSuffix(line, " ") {
-			app.logf("%s", strings.Join(c.complete(), " "))
-			return line, pos, true
-		}
-		m := lastWord.FindStringSubmatch(line)
-		if m == nil {
-			return line, len(line), true
-		}
-		soFar := m[1]
-		var match []string
-		for _, cand := range c.complete() {
-			if len(soFar) > len(cand) || !strings.EqualFold(cand[:len(soFar)], soFar) {
-				continue
-			}
-			match = append(match, cand)
-		}
-		if len(match) == 0 {
-			return
-		}
-		if len(match) > 1 {
-			// TODO: auto-complete any common prefix
-			app.logf("%s", strings.Join(match, " "))
-			return line, pos, true
-		}
-		newLine = line[:len(line)-len(soFar)] + match[0]
-		return newLine, len(newLine), true
-
-	}
-
-	errc := make(chan error, 2)
-	go func() { errc <- app.readFrames() }()
-	go func() { errc <- app.readConsole() }()
-	return <-errc
-}
-
-func (app *h2i) logf(format string, args ...interface{}) {
-	fmt.Fprintf(app.term, format+"\n", args...)
-}
-
-func (app *h2i) readConsole() error {
-	if s := *flagSettings; s != "omit" {
-		var args []string
-		if s != "empty" {
-			args = strings.Split(s, ",")
-		}
-		_, c, ok := lookupCommand("settings")
-		if !ok {
-			panic("settings command not found")
-		}
-		c.run(app, args)
-	}
-
-	for {
-		line, err := app.term.ReadLine()
-		if err == io.EOF {
-			return nil
-		}
-		if err != nil {
-			return fmt.Errorf("terminal.ReadLine: %v", err)
-		}
-		f := strings.Fields(line)
-		if len(f) == 0 {
-			continue
-		}
-		cmd, args := f[0], f[1:]
-		if _, c, ok := lookupCommand(cmd); ok {
-			err = c.run(app, args)
-		} else {
-			app.logf("Unknown command %q", line)
-		}
-		if err == errExitApp {
-			return nil
-		}
-		if err != nil {
-			return err
-		}
-	}
-}
-
-func lookupCommand(prefix string) (name string, c command, ok bool) {
-	prefix = strings.ToLower(prefix)
-	if c, ok = commands[prefix]; ok {
-		return prefix, c, ok
-	}
-
-	for full, candidate := range commands {
-		if strings.HasPrefix(full, prefix) {
-			if c.run != nil {
-				return "", command{}, false // ambiguous
-			}
-			c = candidate
-			name = full
-		}
-	}
-	return name, c, c.run != nil
-}
-
-var errExitApp = errors.New("internal sentinel error value to quit the console reading loop")
-
-func (a *h2i) cmdQuit(args []string) error {
-	if len(args) > 0 {
-		a.logf("the QUIT command takes no argument")
-		return nil
-	}
-	return errExitApp
-}
-
-func (a *h2i) cmdSettings(args []string) error {
-	if len(args) == 1 && strings.EqualFold(args[0], "ACK") {
-		return a.framer.WriteSettingsAck()
-	}
-	var settings []http2.Setting
-	for _, arg := range args {
-		if strings.EqualFold(arg, "ACK") {
-			a.logf("Error: ACK must be only argument with the SETTINGS command")
-			return nil
-		}
-		eq := strings.Index(arg, "=")
-		if eq == -1 {
-			a.logf("Error: invalid argument %q (expected SETTING_NAME=nnnn)", arg)
-			return nil
-		}
-		sid, ok := settingByName(arg[:eq])
-		if !ok {
-			a.logf("Error: unknown setting name %q", arg[:eq])
-			return nil
-		}
-		val, err := strconv.ParseUint(arg[eq+1:], 10, 32)
-		if err != nil {
-			a.logf("Error: invalid argument %q (expected SETTING_NAME=nnnn)", arg)
-			return nil
-		}
-		settings = append(settings, http2.Setting{
-			ID:  sid,
-			Val: uint32(val),
-		})
-	}
-	a.logf("Sending: %v", settings)
-	return a.framer.WriteSettings(settings...)
-}
-
-func settingByName(name string) (http2.SettingID, bool) {
-	for _, sid := range [...]http2.SettingID{
-		http2.SettingHeaderTableSize,
-		http2.SettingEnablePush,
-		http2.SettingMaxConcurrentStreams,
-		http2.SettingInitialWindowSize,
-		http2.SettingMaxFrameSize,
-		http2.SettingMaxHeaderListSize,
-	} {
-		if strings.EqualFold(sid.String(), name) {
-			return sid, true
-		}
-	}
-	return 0, false
-}
-
-func (app *h2i) cmdPing(args []string) error {
-	if len(args) > 1 {
-		app.logf("invalid PING usage: only accepts 0 or 1 args")
-		return nil // nil means don't end the program
-	}
-	var data [8]byte
-	if len(args) == 1 {
-		copy(data[:], args[0])
-	} else {
-		copy(data[:], "h2i_ping")
-	}
-	return app.framer.WritePing(false, data)
-}
-
-func (app *h2i) cmdHeaders(args []string) error {
-	if len(args) > 0 {
-		app.logf("Error: HEADERS doesn't yet take arguments.")
-		// TODO: flags for restricting window size, to force CONTINUATION
-		// frames.
-		return nil
-	}
-	var h1req bytes.Buffer
-	app.term.SetPrompt("(as HTTP/1.1)> ")
-	defer app.term.SetPrompt("h2i> ")
-	for {
-		line, err := app.term.ReadLine()
-		if err != nil {
-			return err
-		}
-		h1req.WriteString(line)
-		h1req.WriteString("\r\n")
-		if line == "" {
-			break
-		}
-	}
-	req, err := http.ReadRequest(bufio.NewReader(&h1req))
-	if err != nil {
-		app.logf("Invalid HTTP/1.1 request: %v", err)
-		return nil
-	}
-	if app.streamID == 0 {
-		app.streamID = 1
-	} else {
-		app.streamID += 2
-	}
-	app.logf("Opening Stream-ID %d:", app.streamID)
-	hbf := app.encodeHeaders(req)
-	if len(hbf) > 16<<10 {
-		app.logf("TODO: h2i doesn't yet write CONTINUATION frames. Copy it from transport.go")
-		return nil
-	}
-	return app.framer.WriteHeaders(http2.HeadersFrameParam{
-		StreamID:      app.streamID,
-		BlockFragment: hbf,
-		EndStream:     req.Method == "GET" || req.Method == "HEAD", // good enough for now
-		EndHeaders:    true,                                        // for now
-	})
-}
-
-func (app *h2i) readFrames() error {
-	for {
-		f, err := app.framer.ReadFrame()
-		if err != nil {
-			return fmt.Errorf("ReadFrame: %v", err)
-		}
-		app.logf("%v", f)
-		switch f := f.(type) {
-		case *http2.PingFrame:
-			app.logf("  Data = %q", f.Data)
-		case *http2.SettingsFrame:
-			f.ForeachSetting(func(s http2.Setting) error {
-				app.logf("  %v", s)
-				app.peerSetting[s.ID] = s.Val
-				return nil
-			})
-		case *http2.WindowUpdateFrame:
-			app.logf("  Window-Increment = %v\n", f.Increment)
-		case *http2.GoAwayFrame:
-			app.logf("  Last-Stream-ID = %d; Error-Code = %v (%d)\n", f.LastStreamID, f.ErrCode, f.ErrCode)
-		case *http2.DataFrame:
-			app.logf("  %q", f.Data())
-		case *http2.HeadersFrame:
-			if f.HasPriority() {
-				app.logf("  PRIORITY = %v", f.Priority)
-			}
-			if app.hdec == nil {
-				// TODO: if the user uses h2i to send a SETTINGS frame advertising
-				// something larger, we'll need to respect SETTINGS_HEADER_TABLE_SIZE
-				// and stuff here instead of using the 4k default. But for now:
-				tableSize := uint32(4 << 10)
-				app.hdec = hpack.NewDecoder(tableSize, app.onNewHeaderField)
-			}
-			app.hdec.Write(f.HeaderBlockFragment())
-		}
-	}
-}
-
-// called from readLoop
-func (app *h2i) onNewHeaderField(f hpack.HeaderField) {
-	if f.Sensitive {
-		app.logf("  %s = %q (SENSITIVE)", f.Name, f.Value)
-	}
-	app.logf("  %s = %q", f.Name, f.Value)
-}
-
-func (app *h2i) encodeHeaders(req *http.Request) []byte {
-	app.hbuf.Reset()
-
-	// TODO(bradfitz): figure out :authority-vs-Host stuff between http2 and Go
-	host := req.Host
-	if host == "" {
-		host = req.URL.Host
-	}
-
-	path := req.URL.Path
-	if path == "" {
-		path = "/"
-	}
-
-	app.writeHeader(":authority", host) // probably not right for all sites
-	app.writeHeader(":method", req.Method)
-	app.writeHeader(":path", path)
-	app.writeHeader(":scheme", "https")
-
-	for k, vv := range req.Header {
-		lowKey := strings.ToLower(k)
-		if lowKey == "host" {
-			continue
-		}
-		for _, v := range vv {
-			app.writeHeader(lowKey, v)
-		}
-	}
-	return app.hbuf.Bytes()
-}
-
-func (app *h2i) writeHeader(name, value string) {
-	app.henc.WriteField(hpack.HeaderField{Name: name, Value: value})
-	app.logf(" %s = %s", name, value)
-}
diff --git a/vendor/golang.org/x/net/http2/headermap.go b/vendor/golang.org/x/net/http2/headermap.go
deleted file mode 100644
index c2805f6a..00000000
--- a/vendor/golang.org/x/net/http2/headermap.go
+++ /dev/null
@@ -1,78 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"net/http"
-	"strings"
-)
-
-var (
-	commonLowerHeader = map[string]string{} // Go-Canonical-Case -> lower-case
-	commonCanonHeader = map[string]string{} // lower-case -> Go-Canonical-Case
-)
-
-func init() {
-	for _, v := range []string{
-		"accept",
-		"accept-charset",
-		"accept-encoding",
-		"accept-language",
-		"accept-ranges",
-		"age",
-		"access-control-allow-origin",
-		"allow",
-		"authorization",
-		"cache-control",
-		"content-disposition",
-		"content-encoding",
-		"content-language",
-		"content-length",
-		"content-location",
-		"content-range",
-		"content-type",
-		"cookie",
-		"date",
-		"etag",
-		"expect",
-		"expires",
-		"from",
-		"host",
-		"if-match",
-		"if-modified-since",
-		"if-none-match",
-		"if-unmodified-since",
-		"last-modified",
-		"link",
-		"location",
-		"max-forwards",
-		"proxy-authenticate",
-		"proxy-authorization",
-		"range",
-		"referer",
-		"refresh",
-		"retry-after",
-		"server",
-		"set-cookie",
-		"strict-transport-security",
-		"trailer",
-		"transfer-encoding",
-		"user-agent",
-		"vary",
-		"via",
-		"www-authenticate",
-	} {
-		chk := http.CanonicalHeaderKey(v)
-		commonLowerHeader[chk] = v
-		commonCanonHeader[v] = chk
-	}
-}
-
-func lowerHeader(v string) string {
-	if s, ok := commonLowerHeader[v]; ok {
-		return s
-	}
-	return strings.ToLower(v)
-}
diff --git a/vendor/golang.org/x/net/http2/hpack/encode.go b/vendor/golang.org/x/net/http2/hpack/encode.go
deleted file mode 100644
index f9bb0339..00000000
--- a/vendor/golang.org/x/net/http2/hpack/encode.go
+++ /dev/null
@@ -1,251 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package hpack
-
-import (
-	"io"
-)
-
-const (
-	uint32Max              = ^uint32(0)
-	initialHeaderTableSize = 4096
-)
-
-type Encoder struct {
-	dynTab dynamicTable
-	// minSize is the minimum table size set by
-	// SetMaxDynamicTableSize after the previous Header Table Size
-	// Update.
-	minSize uint32
-	// maxSizeLimit is the maximum table size this encoder
-	// supports. This will protect the encoder from too large
-	// size.
-	maxSizeLimit uint32
-	// tableSizeUpdate indicates whether "Header Table Size
-	// Update" is required.
-	tableSizeUpdate bool
-	w               io.Writer
-	buf             []byte
-}
-
-// NewEncoder returns a new Encoder which performs HPACK encoding. An
-// encoded data is written to w.
-func NewEncoder(w io.Writer) *Encoder {
-	e := &Encoder{
-		minSize:         uint32Max,
-		maxSizeLimit:    initialHeaderTableSize,
-		tableSizeUpdate: false,
-		w:               w,
-	}
-	e.dynTab.setMaxSize(initialHeaderTableSize)
-	return e
-}
-
-// WriteField encodes f into a single Write to e's underlying Writer.
-// This function may also produce bytes for "Header Table Size Update"
-// if necessary.  If produced, it is done before encoding f.
-func (e *Encoder) WriteField(f HeaderField) error {
-	e.buf = e.buf[:0]
-
-	if e.tableSizeUpdate {
-		e.tableSizeUpdate = false
-		if e.minSize < e.dynTab.maxSize {
-			e.buf = appendTableSize(e.buf, e.minSize)
-		}
-		e.minSize = uint32Max
-		e.buf = appendTableSize(e.buf, e.dynTab.maxSize)
-	}
-
-	idx, nameValueMatch := e.searchTable(f)
-	if nameValueMatch {
-		e.buf = appendIndexed(e.buf, idx)
-	} else {
-		indexing := e.shouldIndex(f)
-		if indexing {
-			e.dynTab.add(f)
-		}
-
-		if idx == 0 {
-			e.buf = appendNewName(e.buf, f, indexing)
-		} else {
-			e.buf = appendIndexedName(e.buf, f, idx, indexing)
-		}
-	}
-	n, err := e.w.Write(e.buf)
-	if err == nil && n != len(e.buf) {
-		err = io.ErrShortWrite
-	}
-	return err
-}
-
-// searchTable searches f in both stable and dynamic header tables.
-// The static header table is searched first. Only when there is no
-// exact match for both name and value, the dynamic header table is
-// then searched. If there is no match, i is 0. If both name and value
-// match, i is the matched index and nameValueMatch becomes true. If
-// only name matches, i points to that index and nameValueMatch
-// becomes false.
-func (e *Encoder) searchTable(f HeaderField) (i uint64, nameValueMatch bool) {
-	for idx, hf := range staticTable {
-		if !constantTimeStringCompare(hf.Name, f.Name) {
-			continue
-		}
-		if i == 0 {
-			i = uint64(idx + 1)
-		}
-		if f.Sensitive {
-			continue
-		}
-		if !constantTimeStringCompare(hf.Value, f.Value) {
-			continue
-		}
-		i = uint64(idx + 1)
-		nameValueMatch = true
-		return
-	}
-
-	j, nameValueMatch := e.dynTab.search(f)
-	if nameValueMatch || (i == 0 && j != 0) {
-		i = j + uint64(len(staticTable))
-	}
-	return
-}
-
-// SetMaxDynamicTableSize changes the dynamic header table size to v.
-// The actual size is bounded by the value passed to
-// SetMaxDynamicTableSizeLimit.
-func (e *Encoder) SetMaxDynamicTableSize(v uint32) {
-	if v > e.maxSizeLimit {
-		v = e.maxSizeLimit
-	}
-	if v < e.minSize {
-		e.minSize = v
-	}
-	e.tableSizeUpdate = true
-	e.dynTab.setMaxSize(v)
-}
-
-// SetMaxDynamicTableSizeLimit changes the maximum value that can be
-// specified in SetMaxDynamicTableSize to v. By default, it is set to
-// 4096, which is the same size of the default dynamic header table
-// size described in HPACK specification. If the current maximum
-// dynamic header table size is strictly greater than v, "Header Table
-// Size Update" will be done in the next WriteField call and the
-// maximum dynamic header table size is truncated to v.
-func (e *Encoder) SetMaxDynamicTableSizeLimit(v uint32) {
-	e.maxSizeLimit = v
-	if e.dynTab.maxSize > v {
-		e.tableSizeUpdate = true
-		e.dynTab.setMaxSize(v)
-	}
-}
-
-// shouldIndex reports whether f should be indexed.
-func (e *Encoder) shouldIndex(f HeaderField) bool {
-	return !f.Sensitive && f.Size() <= e.dynTab.maxSize
-}
-
-// appendIndexed appends index i, as encoded in "Indexed Header Field"
-// representation, to dst and returns the extended buffer.
-func appendIndexed(dst []byte, i uint64) []byte {
-	first := len(dst)
-	dst = appendVarInt(dst, 7, i)
-	dst[first] |= 0x80
-	return dst
-}
-
-// appendNewName appends f, as encoded in one of "Literal Header field
-// - New Name" representation variants, to dst and returns the
-// extended buffer.
-//
-// If f.Sensitive is true, "Never Indexed" representation is used. If
-// f.Sensitive is false and indexing is true, "Inremental Indexing"
-// representation is used.
-func appendNewName(dst []byte, f HeaderField, indexing bool) []byte {
-	dst = append(dst, encodeTypeByte(indexing, f.Sensitive))
-	dst = appendHpackString(dst, f.Name)
-	return appendHpackString(dst, f.Value)
-}
-
-// appendIndexedName appends f and index i referring indexed name
-// entry, as encoded in one of "Literal Header field - Indexed Name"
-// representation variants, to dst and returns the extended buffer.
-//
-// If f.Sensitive is true, "Never Indexed" representation is used. If
-// f.Sensitive is false and indexing is true, "Incremental Indexing"
-// representation is used.
-func appendIndexedName(dst []byte, f HeaderField, i uint64, indexing bool) []byte {
-	first := len(dst)
-	var n byte
-	if indexing {
-		n = 6
-	} else {
-		n = 4
-	}
-	dst = appendVarInt(dst, n, i)
-	dst[first] |= encodeTypeByte(indexing, f.Sensitive)
-	return appendHpackString(dst, f.Value)
-}
-
-// appendTableSize appends v, as encoded in "Header Table Size Update"
-// representation, to dst and returns the extended buffer.
-func appendTableSize(dst []byte, v uint32) []byte {
-	first := len(dst)
-	dst = appendVarInt(dst, 5, uint64(v))
-	dst[first] |= 0x20
-	return dst
-}
-
-// appendVarInt appends i, as encoded in variable integer form using n
-// bit prefix, to dst and returns the extended buffer.
-//
-// See
-// http://http2.github.io/http2-spec/compression.html#integer.representation
-func appendVarInt(dst []byte, n byte, i uint64) []byte {
-	k := uint64((1 << n) - 1)
-	if i < k {
-		return append(dst, byte(i))
-	}
-	dst = append(dst, byte(k))
-	i -= k
-	for ; i >= 128; i >>= 7 {
-		dst = append(dst, byte(0x80|(i&0x7f)))
-	}
-	return append(dst, byte(i))
-}
-
-// appendHpackString appends s, as encoded in "String Literal"
-// representation, to dst and returns the the extended buffer.
-//
-// s will be encoded in Huffman codes only when it produces strictly
-// shorter byte string.
-func appendHpackString(dst []byte, s string) []byte {
-	huffmanLength := HuffmanEncodeLength(s)
-	if huffmanLength < uint64(len(s)) {
-		first := len(dst)
-		dst = appendVarInt(dst, 7, huffmanLength)
-		dst = AppendHuffmanString(dst, s)
-		dst[first] |= 0x80
-	} else {
-		dst = appendVarInt(dst, 7, uint64(len(s)))
-		dst = append(dst, s...)
-	}
-	return dst
-}
-
-// encodeTypeByte returns type byte. If sensitive is true, type byte
-// for "Never Indexed" representation is returned. If sensitive is
-// false and indexing is true, type byte for "Incremental Indexing"
-// representation is returned. Otherwise, type byte for "Without
-// Indexing" is returned.
-func encodeTypeByte(indexing, sensitive bool) byte {
-	if sensitive {
-		return 0x10
-	}
-	if indexing {
-		return 0x40
-	}
-	return 0
-}
diff --git a/vendor/golang.org/x/net/http2/hpack/encode_test.go b/vendor/golang.org/x/net/http2/hpack/encode_test.go
deleted file mode 100644
index 92286f3b..00000000
--- a/vendor/golang.org/x/net/http2/hpack/encode_test.go
+++ /dev/null
@@ -1,330 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package hpack
-
-import (
-	"bytes"
-	"encoding/hex"
-	"reflect"
-	"strings"
-	"testing"
-)
-
-func TestEncoderTableSizeUpdate(t *testing.T) {
-	tests := []struct {
-		size1, size2 uint32
-		wantHex      string
-	}{
-		// Should emit 2 table size updates (2048 and 4096)
-		{2048, 4096, "3fe10f 3fe11f 82"},
-
-		// Should emit 1 table size update (2048)
-		{16384, 2048, "3fe10f 82"},
-	}
-	for _, tt := range tests {
-		var buf bytes.Buffer
-		e := NewEncoder(&buf)
-		e.SetMaxDynamicTableSize(tt.size1)
-		e.SetMaxDynamicTableSize(tt.size2)
-		if err := e.WriteField(pair(":method", "GET")); err != nil {
-			t.Fatal(err)
-		}
-		want := removeSpace(tt.wantHex)
-		if got := hex.EncodeToString(buf.Bytes()); got != want {
-			t.Errorf("e.SetDynamicTableSize %v, %v = %q; want %q", tt.size1, tt.size2, got, want)
-		}
-	}
-}
-
-func TestEncoderWriteField(t *testing.T) {
-	var buf bytes.Buffer
-	e := NewEncoder(&buf)
-	var got []HeaderField
-	d := NewDecoder(4<<10, func(f HeaderField) {
-		got = append(got, f)
-	})
-
-	tests := []struct {
-		hdrs []HeaderField
-	}{
-		{[]HeaderField{
-			pair(":method", "GET"),
-			pair(":scheme", "http"),
-			pair(":path", "/"),
-			pair(":authority", "www.example.com"),
-		}},
-		{[]HeaderField{
-			pair(":method", "GET"),
-			pair(":scheme", "http"),
-			pair(":path", "/"),
-			pair(":authority", "www.example.com"),
-			pair("cache-control", "no-cache"),
-		}},
-		{[]HeaderField{
-			pair(":method", "GET"),
-			pair(":scheme", "https"),
-			pair(":path", "/index.html"),
-			pair(":authority", "www.example.com"),
-			pair("custom-key", "custom-value"),
-		}},
-	}
-	for i, tt := range tests {
-		buf.Reset()
-		got = got[:0]
-		for _, hf := range tt.hdrs {
-			if err := e.WriteField(hf); err != nil {
-				t.Fatal(err)
-			}
-		}
-		_, err := d.Write(buf.Bytes())
-		if err != nil {
-			t.Errorf("%d. Decoder Write = %v", i, err)
-		}
-		if !reflect.DeepEqual(got, tt.hdrs) {
-			t.Errorf("%d. Decoded %+v; want %+v", i, got, tt.hdrs)
-		}
-	}
-}
-
-func TestEncoderSearchTable(t *testing.T) {
-	e := NewEncoder(nil)
-
-	e.dynTab.add(pair("foo", "bar"))
-	e.dynTab.add(pair("blake", "miz"))
-	e.dynTab.add(pair(":method", "GET"))
-
-	tests := []struct {
-		hf        HeaderField
-		wantI     uint64
-		wantMatch bool
-	}{
-		// Name and Value match
-		{pair("foo", "bar"), uint64(len(staticTable) + 3), true},
-		{pair("blake", "miz"), uint64(len(staticTable) + 2), true},
-		{pair(":method", "GET"), 2, true},
-
-		// Only name match because Sensitive == true
-		{HeaderField{":method", "GET", true}, 2, false},
-
-		// Only Name matches
-		{pair("foo", "..."), uint64(len(staticTable) + 3), false},
-		{pair("blake", "..."), uint64(len(staticTable) + 2), false},
-		{pair(":method", "..."), 2, false},
-
-		// None match
-		{pair("foo-", "bar"), 0, false},
-	}
-	for _, tt := range tests {
-		if gotI, gotMatch := e.searchTable(tt.hf); gotI != tt.wantI || gotMatch != tt.wantMatch {
-			t.Errorf("d.search(%+v) = %v, %v; want %v, %v", tt.hf, gotI, gotMatch, tt.wantI, tt.wantMatch)
-		}
-	}
-}
-
-func TestAppendVarInt(t *testing.T) {
-	tests := []struct {
-		n    byte
-		i    uint64
-		want []byte
-	}{
-		// Fits in a byte:
-		{1, 0, []byte{0}},
-		{2, 2, []byte{2}},
-		{3, 6, []byte{6}},
-		{4, 14, []byte{14}},
-		{5, 30, []byte{30}},
-		{6, 62, []byte{62}},
-		{7, 126, []byte{126}},
-		{8, 254, []byte{254}},
-
-		// Multiple bytes:
-		{5, 1337, []byte{31, 154, 10}},
-	}
-	for _, tt := range tests {
-		got := appendVarInt(nil, tt.n, tt.i)
-		if !bytes.Equal(got, tt.want) {
-			t.Errorf("appendVarInt(nil, %v, %v) = %v; want %v", tt.n, tt.i, got, tt.want)
-		}
-	}
-}
-
-func TestAppendHpackString(t *testing.T) {
-	tests := []struct {
-		s, wantHex string
-	}{
-		// Huffman encoded
-		{"www.example.com", "8c f1e3 c2e5 f23a 6ba0 ab90 f4ff"},
-
-		// Not Huffman encoded
-		{"a", "01 61"},
-
-		// zero length
-		{"", "00"},
-	}
-	for _, tt := range tests {
-		want := removeSpace(tt.wantHex)
-		buf := appendHpackString(nil, tt.s)
-		if got := hex.EncodeToString(buf); want != got {
-			t.Errorf("appendHpackString(nil, %q) = %q; want %q", tt.s, got, want)
-		}
-	}
-}
-
-func TestAppendIndexed(t *testing.T) {
-	tests := []struct {
-		i       uint64
-		wantHex string
-	}{
-		// 1 byte
-		{1, "81"},
-		{126, "fe"},
-
-		// 2 bytes
-		{127, "ff00"},
-		{128, "ff01"},
-	}
-	for _, tt := range tests {
-		want := removeSpace(tt.wantHex)
-		buf := appendIndexed(nil, tt.i)
-		if got := hex.EncodeToString(buf); want != got {
-			t.Errorf("appendIndex(nil, %v) = %q; want %q", tt.i, got, want)
-		}
-	}
-}
-
-func TestAppendNewName(t *testing.T) {
-	tests := []struct {
-		f        HeaderField
-		indexing bool
-		wantHex  string
-	}{
-		// Incremental indexing
-		{HeaderField{"custom-key", "custom-value", false}, true, "40 88 25a8 49e9 5ba9 7d7f 89 25a8 49e9 5bb8 e8b4 bf"},
-
-		// Without indexing
-		{HeaderField{"custom-key", "custom-value", false}, false, "00 88 25a8 49e9 5ba9 7d7f 89 25a8 49e9 5bb8 e8b4 bf"},
-
-		// Never indexed
-		{HeaderField{"custom-key", "custom-value", true}, true, "10 88 25a8 49e9 5ba9 7d7f 89 25a8 49e9 5bb8 e8b4 bf"},
-		{HeaderField{"custom-key", "custom-value", true}, false, "10 88 25a8 49e9 5ba9 7d7f 89 25a8 49e9 5bb8 e8b4 bf"},
-	}
-	for _, tt := range tests {
-		want := removeSpace(tt.wantHex)
-		buf := appendNewName(nil, tt.f, tt.indexing)
-		if got := hex.EncodeToString(buf); want != got {
-			t.Errorf("appendNewName(nil, %+v, %v) = %q; want %q", tt.f, tt.indexing, got, want)
-		}
-	}
-}
-
-func TestAppendIndexedName(t *testing.T) {
-	tests := []struct {
-		f        HeaderField
-		i        uint64
-		indexing bool
-		wantHex  string
-	}{
-		// Incremental indexing
-		{HeaderField{":status", "302", false}, 8, true, "48 82 6402"},
-
-		// Without indexing
-		{HeaderField{":status", "302", false}, 8, false, "08 82 6402"},
-
-		// Never indexed
-		{HeaderField{":status", "302", true}, 8, true, "18 82 6402"},
-		{HeaderField{":status", "302", true}, 8, false, "18 82 6402"},
-	}
-	for _, tt := range tests {
-		want := removeSpace(tt.wantHex)
-		buf := appendIndexedName(nil, tt.f, tt.i, tt.indexing)
-		if got := hex.EncodeToString(buf); want != got {
-			t.Errorf("appendIndexedName(nil, %+v, %v) = %q; want %q", tt.f, tt.indexing, got, want)
-		}
-	}
-}
-
-func TestAppendTableSize(t *testing.T) {
-	tests := []struct {
-		i       uint32
-		wantHex string
-	}{
-		// Fits into 1 byte
-		{30, "3e"},
-
-		// Extra byte
-		{31, "3f00"},
-		{32, "3f01"},
-	}
-	for _, tt := range tests {
-		want := removeSpace(tt.wantHex)
-		buf := appendTableSize(nil, tt.i)
-		if got := hex.EncodeToString(buf); want != got {
-			t.Errorf("appendTableSize(nil, %v) = %q; want %q", tt.i, got, want)
-		}
-	}
-}
-
-func TestEncoderSetMaxDynamicTableSize(t *testing.T) {
-	var buf bytes.Buffer
-	e := NewEncoder(&buf)
-	tests := []struct {
-		v           uint32
-		wantUpdate  bool
-		wantMinSize uint32
-		wantMaxSize uint32
-	}{
-		// Set new table size to 2048
-		{2048, true, 2048, 2048},
-
-		// Set new table size to 16384, but still limited to
-		// 4096
-		{16384, true, 2048, 4096},
-	}
-	for _, tt := range tests {
-		e.SetMaxDynamicTableSize(tt.v)
-		if got := e.tableSizeUpdate; tt.wantUpdate != got {
-			t.Errorf("e.tableSizeUpdate = %v; want %v", got, tt.wantUpdate)
-		}
-		if got := e.minSize; tt.wantMinSize != got {
-			t.Errorf("e.minSize = %v; want %v", got, tt.wantMinSize)
-		}
-		if got := e.dynTab.maxSize; tt.wantMaxSize != got {
-			t.Errorf("e.maxSize = %v; want %v", got, tt.wantMaxSize)
-		}
-	}
-}
-
-func TestEncoderSetMaxDynamicTableSizeLimit(t *testing.T) {
-	e := NewEncoder(nil)
-	// 4095 < initialHeaderTableSize means maxSize is truncated to
-	// 4095.
-	e.SetMaxDynamicTableSizeLimit(4095)
-	if got, want := e.dynTab.maxSize, uint32(4095); got != want {
-		t.Errorf("e.dynTab.maxSize = %v; want %v", got, want)
-	}
-	if got, want := e.maxSizeLimit, uint32(4095); got != want {
-		t.Errorf("e.maxSizeLimit = %v; want %v", got, want)
-	}
-	if got, want := e.tableSizeUpdate, true; got != want {
-		t.Errorf("e.tableSizeUpdate = %v; want %v", got, want)
-	}
-	// maxSize will be truncated to maxSizeLimit
-	e.SetMaxDynamicTableSize(16384)
-	if got, want := e.dynTab.maxSize, uint32(4095); got != want {
-		t.Errorf("e.dynTab.maxSize = %v; want %v", got, want)
-	}
-	// 8192 > current maxSizeLimit, so maxSize does not change.
-	e.SetMaxDynamicTableSizeLimit(8192)
-	if got, want := e.dynTab.maxSize, uint32(4095); got != want {
-		t.Errorf("e.dynTab.maxSize = %v; want %v", got, want)
-	}
-	if got, want := e.maxSizeLimit, uint32(8192); got != want {
-		t.Errorf("e.maxSizeLimit = %v; want %v", got, want)
-	}
-}
-
-func removeSpace(s string) string {
-	return strings.Replace(s, " ", "", -1)
-}
diff --git a/vendor/golang.org/x/net/http2/hpack/hpack.go b/vendor/golang.org/x/net/http2/hpack/hpack.go
deleted file mode 100644
index dcf257af..00000000
--- a/vendor/golang.org/x/net/http2/hpack/hpack.go
+++ /dev/null
@@ -1,542 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package hpack implements HPACK, a compression format for
-// efficiently representing HTTP header fields in the context of HTTP/2.
-//
-// See http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-09
-package hpack
-
-import (
-	"bytes"
-	"errors"
-	"fmt"
-)
-
-// A DecodingError is something the spec defines as a decoding error.
-type DecodingError struct {
-	Err error
-}
-
-func (de DecodingError) Error() string {
-	return fmt.Sprintf("decoding error: %v", de.Err)
-}
-
-// An InvalidIndexError is returned when an encoder references a table
-// entry before the static table or after the end of the dynamic table.
-type InvalidIndexError int
-
-func (e InvalidIndexError) Error() string {
-	return fmt.Sprintf("invalid indexed representation index %d", int(e))
-}
-
-// A HeaderField is a name-value pair. Both the name and value are
-// treated as opaque sequences of octets.
-type HeaderField struct {
-	Name, Value string
-
-	// Sensitive means that this header field should never be
-	// indexed.
-	Sensitive bool
-}
-
-// IsPseudo reports whether the header field is an http2 pseudo header.
-// That is, it reports whether it starts with a colon.
-// It is not otherwise guaranteed to be a valid psuedo header field,
-// though.
-func (hf HeaderField) IsPseudo() bool {
-	return len(hf.Name) != 0 && hf.Name[0] == ':'
-}
-
-func (hf HeaderField) String() string {
-	var suffix string
-	if hf.Sensitive {
-		suffix = " (sensitive)"
-	}
-	return fmt.Sprintf("header field %q = %q%s", hf.Name, hf.Value, suffix)
-}
-
-// Size returns the size of an entry per RFC 7540 section 5.2.
-func (hf HeaderField) Size() uint32 {
-	// http://http2.github.io/http2-spec/compression.html#rfc.section.4.1
-	// "The size of the dynamic table is the sum of the size of
-	// its entries.  The size of an entry is the sum of its name's
-	// length in octets (as defined in Section 5.2), its value's
-	// length in octets (see Section 5.2), plus 32.  The size of
-	// an entry is calculated using the length of the name and
-	// value without any Huffman encoding applied."
-
-	// This can overflow if somebody makes a large HeaderField
-	// Name and/or Value by hand, but we don't care, because that
-	// won't happen on the wire because the encoding doesn't allow
-	// it.
-	return uint32(len(hf.Name) + len(hf.Value) + 32)
-}
-
-// A Decoder is the decoding context for incremental processing of
-// header blocks.
-type Decoder struct {
-	dynTab dynamicTable
-	emit   func(f HeaderField)
-
-	emitEnabled bool // whether calls to emit are enabled
-	maxStrLen   int  // 0 means unlimited
-
-	// buf is the unparsed buffer. It's only written to
-	// saveBuf if it was truncated in the middle of a header
-	// block. Because it's usually not owned, we can only
-	// process it under Write.
-	buf []byte // not owned; only valid during Write
-
-	// saveBuf is previous data passed to Write which we weren't able
-	// to fully parse before. Unlike buf, we own this data.
-	saveBuf bytes.Buffer
-}
-
-// NewDecoder returns a new decoder with the provided maximum dynamic
-// table size. The emitFunc will be called for each valid field
-// parsed, in the same goroutine as calls to Write, before Write returns.
-func NewDecoder(maxDynamicTableSize uint32, emitFunc func(f HeaderField)) *Decoder {
-	d := &Decoder{
-		emit:        emitFunc,
-		emitEnabled: true,
-	}
-	d.dynTab.allowedMaxSize = maxDynamicTableSize
-	d.dynTab.setMaxSize(maxDynamicTableSize)
-	return d
-}
-
-// ErrStringLength is returned by Decoder.Write when the max string length
-// (as configured by Decoder.SetMaxStringLength) would be violated.
-var ErrStringLength = errors.New("hpack: string too long")
-
-// SetMaxStringLength sets the maximum size of a HeaderField name or
-// value string. If a string exceeds this length (even after any
-// decompression), Write will return ErrStringLength.
-// A value of 0 means unlimited and is the default from NewDecoder.
-func (d *Decoder) SetMaxStringLength(n int) {
-	d.maxStrLen = n
-}
-
-// SetEmitFunc changes the callback used when new header fields
-// are decoded.
-// It must be non-nil. It does not affect EmitEnabled.
-func (d *Decoder) SetEmitFunc(emitFunc func(f HeaderField)) {
-	d.emit = emitFunc
-}
-
-// SetEmitEnabled controls whether the emitFunc provided to NewDecoder
-// should be called. The default is true.
-//
-// This facility exists to let servers enforce MAX_HEADER_LIST_SIZE
-// while still decoding and keeping in-sync with decoder state, but
-// without doing unnecessary decompression or generating unnecessary
-// garbage for header fields past the limit.
-func (d *Decoder) SetEmitEnabled(v bool) { d.emitEnabled = v }
-
-// EmitEnabled reports whether calls to the emitFunc provided to NewDecoder
-// are currently enabled. The default is true.
-func (d *Decoder) EmitEnabled() bool { return d.emitEnabled }
-
-// TODO: add method *Decoder.Reset(maxSize, emitFunc) to let callers re-use Decoders and their
-// underlying buffers for garbage reasons.
-
-func (d *Decoder) SetMaxDynamicTableSize(v uint32) {
-	d.dynTab.setMaxSize(v)
-}
-
-// SetAllowedMaxDynamicTableSize sets the upper bound that the encoded
-// stream (via dynamic table size updates) may set the maximum size
-// to.
-func (d *Decoder) SetAllowedMaxDynamicTableSize(v uint32) {
-	d.dynTab.allowedMaxSize = v
-}
-
-type dynamicTable struct {
-	// ents is the FIFO described at
-	// http://http2.github.io/http2-spec/compression.html#rfc.section.2.3.2
-	// The newest (low index) is append at the end, and items are
-	// evicted from the front.
-	ents           []HeaderField
-	size           uint32
-	maxSize        uint32 // current maxSize
-	allowedMaxSize uint32 // maxSize may go up to this, inclusive
-}
-
-func (dt *dynamicTable) setMaxSize(v uint32) {
-	dt.maxSize = v
-	dt.evict()
-}
-
-// TODO: change dynamicTable to be a struct with a slice and a size int field,
-// per http://http2.github.io/http2-spec/compression.html#rfc.section.4.1:
-//
-//
-// Then make add increment the size. maybe the max size should move from Decoder to
-// dynamicTable and add should return an ok bool if there was enough space.
-//
-// Later we'll need a remove operation on dynamicTable.
-
-func (dt *dynamicTable) add(f HeaderField) {
-	dt.ents = append(dt.ents, f)
-	dt.size += f.Size()
-	dt.evict()
-}
-
-// If we're too big, evict old stuff (front of the slice)
-func (dt *dynamicTable) evict() {
-	base := dt.ents // keep base pointer of slice
-	for dt.size > dt.maxSize {
-		dt.size -= dt.ents[0].Size()
-		dt.ents = dt.ents[1:]
-	}
-
-	// Shift slice contents down if we evicted things.
-	if len(dt.ents) != len(base) {
-		copy(base, dt.ents)
-		dt.ents = base[:len(dt.ents)]
-	}
-}
-
-// constantTimeStringCompare compares string a and b in a constant
-// time manner.
-func constantTimeStringCompare(a, b string) bool {
-	if len(a) != len(b) {
-		return false
-	}
-
-	c := byte(0)
-
-	for i := 0; i < len(a); i++ {
-		c |= a[i] ^ b[i]
-	}
-
-	return c == 0
-}
-
-// Search searches f in the table. The return value i is 0 if there is
-// no name match. If there is name match or name/value match, i is the
-// index of that entry (1-based). If both name and value match,
-// nameValueMatch becomes true.
-func (dt *dynamicTable) search(f HeaderField) (i uint64, nameValueMatch bool) {
-	l := len(dt.ents)
-	for j := l - 1; j >= 0; j-- {
-		ent := dt.ents[j]
-		if !constantTimeStringCompare(ent.Name, f.Name) {
-			continue
-		}
-		if i == 0 {
-			i = uint64(l - j)
-		}
-		if f.Sensitive {
-			continue
-		}
-		if !constantTimeStringCompare(ent.Value, f.Value) {
-			continue
-		}
-		i = uint64(l - j)
-		nameValueMatch = true
-		return
-	}
-	return
-}
-
-func (d *Decoder) maxTableIndex() int {
-	return len(d.dynTab.ents) + len(staticTable)
-}
-
-func (d *Decoder) at(i uint64) (hf HeaderField, ok bool) {
-	if i < 1 {
-		return
-	}
-	if i > uint64(d.maxTableIndex()) {
-		return
-	}
-	if i <= uint64(len(staticTable)) {
-		return staticTable[i-1], true
-	}
-	dents := d.dynTab.ents
-	return dents[len(dents)-(int(i)-len(staticTable))], true
-}
-
-// Decode decodes an entire block.
-//
-// TODO: remove this method and make it incremental later? This is
-// easier for debugging now.
-func (d *Decoder) DecodeFull(p []byte) ([]HeaderField, error) {
-	var hf []HeaderField
-	saveFunc := d.emit
-	defer func() { d.emit = saveFunc }()
-	d.emit = func(f HeaderField) { hf = append(hf, f) }
-	if _, err := d.Write(p); err != nil {
-		return nil, err
-	}
-	if err := d.Close(); err != nil {
-		return nil, err
-	}
-	return hf, nil
-}
-
-func (d *Decoder) Close() error {
-	if d.saveBuf.Len() > 0 {
-		d.saveBuf.Reset()
-		return DecodingError{errors.New("truncated headers")}
-	}
-	return nil
-}
-
-func (d *Decoder) Write(p []byte) (n int, err error) {
-	if len(p) == 0 {
-		// Prevent state machine CPU attacks (making us redo
-		// work up to the point of finding out we don't have
-		// enough data)
-		return
-	}
-	// Only copy the data if we have to. Optimistically assume
-	// that p will contain a complete header block.
-	if d.saveBuf.Len() == 0 {
-		d.buf = p
-	} else {
-		d.saveBuf.Write(p)
-		d.buf = d.saveBuf.Bytes()
-		d.saveBuf.Reset()
-	}
-
-	for len(d.buf) > 0 {
-		err = d.parseHeaderFieldRepr()
-		if err == errNeedMore {
-			// Extra paranoia, making sure saveBuf won't
-			// get too large.  All the varint and string
-			// reading code earlier should already catch
-			// overlong things and return ErrStringLength,
-			// but keep this as a last resort.
-			const varIntOverhead = 8 // conservative
-			if d.maxStrLen != 0 && int64(len(d.buf)) > 2*(int64(d.maxStrLen)+varIntOverhead) {
-				return 0, ErrStringLength
-			}
-			d.saveBuf.Write(d.buf)
-			return len(p), nil
-		}
-		if err != nil {
-			break
-		}
-	}
-	return len(p), err
-}
-
-// errNeedMore is an internal sentinel error value that means the
-// buffer is truncated and we need to read more data before we can
-// continue parsing.
-var errNeedMore = errors.New("need more data")
-
-type indexType int
-
-const (
-	indexedTrue indexType = iota
-	indexedFalse
-	indexedNever
-)
-
-func (v indexType) indexed() bool   { return v == indexedTrue }
-func (v indexType) sensitive() bool { return v == indexedNever }
-
-// returns errNeedMore if there isn't enough data available.
-// any other error is fatal.
-// consumes d.buf iff it returns nil.
-// precondition: must be called with len(d.buf) > 0
-func (d *Decoder) parseHeaderFieldRepr() error {
-	b := d.buf[0]
-	switch {
-	case b&128 != 0:
-		// Indexed representation.
-		// High bit set?
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.6.1
-		return d.parseFieldIndexed()
-	case b&192 == 64:
-		// 6.2.1 Literal Header Field with Incremental Indexing
-		// 0b10xxxxxx: top two bits are 10
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.6.2.1
-		return d.parseFieldLiteral(6, indexedTrue)
-	case b&240 == 0:
-		// 6.2.2 Literal Header Field without Indexing
-		// 0b0000xxxx: top four bits are 0000
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.6.2.2
-		return d.parseFieldLiteral(4, indexedFalse)
-	case b&240 == 16:
-		// 6.2.3 Literal Header Field never Indexed
-		// 0b0001xxxx: top four bits are 0001
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.6.2.3
-		return d.parseFieldLiteral(4, indexedNever)
-	case b&224 == 32:
-		// 6.3 Dynamic Table Size Update
-		// Top three bits are '001'.
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.6.3
-		return d.parseDynamicTableSizeUpdate()
-	}
-
-	return DecodingError{errors.New("invalid encoding")}
-}
-
-// (same invariants and behavior as parseHeaderFieldRepr)
-func (d *Decoder) parseFieldIndexed() error {
-	buf := d.buf
-	idx, buf, err := readVarInt(7, buf)
-	if err != nil {
-		return err
-	}
-	hf, ok := d.at(idx)
-	if !ok {
-		return DecodingError{InvalidIndexError(idx)}
-	}
-	d.buf = buf
-	return d.callEmit(HeaderField{Name: hf.Name, Value: hf.Value})
-}
-
-// (same invariants and behavior as parseHeaderFieldRepr)
-func (d *Decoder) parseFieldLiteral(n uint8, it indexType) error {
-	buf := d.buf
-	nameIdx, buf, err := readVarInt(n, buf)
-	if err != nil {
-		return err
-	}
-
-	var hf HeaderField
-	wantStr := d.emitEnabled || it.indexed()
-	if nameIdx > 0 {
-		ihf, ok := d.at(nameIdx)
-		if !ok {
-			return DecodingError{InvalidIndexError(nameIdx)}
-		}
-		hf.Name = ihf.Name
-	} else {
-		hf.Name, buf, err = d.readString(buf, wantStr)
-		if err != nil {
-			return err
-		}
-	}
-	hf.Value, buf, err = d.readString(buf, wantStr)
-	if err != nil {
-		return err
-	}
-	d.buf = buf
-	if it.indexed() {
-		d.dynTab.add(hf)
-	}
-	hf.Sensitive = it.sensitive()
-	return d.callEmit(hf)
-}
-
-func (d *Decoder) callEmit(hf HeaderField) error {
-	if d.maxStrLen != 0 {
-		if len(hf.Name) > d.maxStrLen || len(hf.Value) > d.maxStrLen {
-			return ErrStringLength
-		}
-	}
-	if d.emitEnabled {
-		d.emit(hf)
-	}
-	return nil
-}
-
-// (same invariants and behavior as parseHeaderFieldRepr)
-func (d *Decoder) parseDynamicTableSizeUpdate() error {
-	buf := d.buf
-	size, buf, err := readVarInt(5, buf)
-	if err != nil {
-		return err
-	}
-	if size > uint64(d.dynTab.allowedMaxSize) {
-		return DecodingError{errors.New("dynamic table size update too large")}
-	}
-	d.dynTab.setMaxSize(uint32(size))
-	d.buf = buf
-	return nil
-}
-
-var errVarintOverflow = DecodingError{errors.New("varint integer overflow")}
-
-// readVarInt reads an unsigned variable length integer off the
-// beginning of p. n is the parameter as described in
-// http://http2.github.io/http2-spec/compression.html#rfc.section.5.1.
-//
-// n must always be between 1 and 8.
-//
-// The returned remain buffer is either a smaller suffix of p, or err != nil.
-// The error is errNeedMore if p doesn't contain a complete integer.
-func readVarInt(n byte, p []byte) (i uint64, remain []byte, err error) {
-	if n < 1 || n > 8 {
-		panic("bad n")
-	}
-	if len(p) == 0 {
-		return 0, p, errNeedMore
-	}
-	i = uint64(p[0])
-	if n < 8 {
-		i &= (1 << uint64(n)) - 1
-	}
-	if i < (1< 0 {
-		b := p[0]
-		p = p[1:]
-		i += uint64(b&127) << m
-		if b&128 == 0 {
-			return i, p, nil
-		}
-		m += 7
-		if m >= 63 { // TODO: proper overflow check. making this up.
-			return 0, origP, errVarintOverflow
-		}
-	}
-	return 0, origP, errNeedMore
-}
-
-// readString decodes an hpack string from p.
-//
-// wantStr is whether s will be used. If false, decompression and
-// []byte->string garbage are skipped if s will be ignored
-// anyway. This does mean that huffman decoding errors for non-indexed
-// strings past the MAX_HEADER_LIST_SIZE are ignored, but the server
-// is returning an error anyway, and because they're not indexed, the error
-// won't affect the decoding state.
-func (d *Decoder) readString(p []byte, wantStr bool) (s string, remain []byte, err error) {
-	if len(p) == 0 {
-		return "", p, errNeedMore
-	}
-	isHuff := p[0]&128 != 0
-	strLen, p, err := readVarInt(7, p)
-	if err != nil {
-		return "", p, err
-	}
-	if d.maxStrLen != 0 && strLen > uint64(d.maxStrLen) {
-		return "", nil, ErrStringLength
-	}
-	if uint64(len(p)) < strLen {
-		return "", p, errNeedMore
-	}
-	if !isHuff {
-		if wantStr {
-			s = string(p[:strLen])
-		}
-		return s, p[strLen:], nil
-	}
-
-	if wantStr {
-		buf := bufPool.Get().(*bytes.Buffer)
-		buf.Reset() // don't trust others
-		defer bufPool.Put(buf)
-		if err := huffmanDecode(buf, d.maxStrLen, p[:strLen]); err != nil {
-			buf.Reset()
-			return "", nil, err
-		}
-		s = buf.String()
-		buf.Reset() // be nice to GC
-	}
-	return s, p[strLen:], nil
-}
diff --git a/vendor/golang.org/x/net/http2/hpack/hpack_test.go b/vendor/golang.org/x/net/http2/hpack/hpack_test.go
deleted file mode 100644
index 6dc69f95..00000000
--- a/vendor/golang.org/x/net/http2/hpack/hpack_test.go
+++ /dev/null
@@ -1,813 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package hpack
-
-import (
-	"bufio"
-	"bytes"
-	"encoding/hex"
-	"fmt"
-	"math/rand"
-	"reflect"
-	"regexp"
-	"strconv"
-	"strings"
-	"testing"
-	"time"
-)
-
-func TestStaticTable(t *testing.T) {
-	fromSpec := `
-          +-------+-----------------------------+---------------+
-          | 1     | :authority                  |               |
-          | 2     | :method                     | GET           |
-          | 3     | :method                     | POST          |
-          | 4     | :path                       | /             |
-          | 5     | :path                       | /index.html   |
-          | 6     | :scheme                     | http          |
-          | 7     | :scheme                     | https         |
-          | 8     | :status                     | 200           |
-          | 9     | :status                     | 204           |
-          | 10    | :status                     | 206           |
-          | 11    | :status                     | 304           |
-          | 12    | :status                     | 400           |
-          | 13    | :status                     | 404           |
-          | 14    | :status                     | 500           |
-          | 15    | accept-charset              |               |
-          | 16    | accept-encoding             | gzip, deflate |
-          | 17    | accept-language             |               |
-          | 18    | accept-ranges               |               |
-          | 19    | accept                      |               |
-          | 20    | access-control-allow-origin |               |
-          | 21    | age                         |               |
-          | 22    | allow                       |               |
-          | 23    | authorization               |               |
-          | 24    | cache-control               |               |
-          | 25    | content-disposition         |               |
-          | 26    | content-encoding            |               |
-          | 27    | content-language            |               |
-          | 28    | content-length              |               |
-          | 29    | content-location            |               |
-          | 30    | content-range               |               |
-          | 31    | content-type                |               |
-          | 32    | cookie                      |               |
-          | 33    | date                        |               |
-          | 34    | etag                        |               |
-          | 35    | expect                      |               |
-          | 36    | expires                     |               |
-          | 37    | from                        |               |
-          | 38    | host                        |               |
-          | 39    | if-match                    |               |
-          | 40    | if-modified-since           |               |
-          | 41    | if-none-match               |               |
-          | 42    | if-range                    |               |
-          | 43    | if-unmodified-since         |               |
-          | 44    | last-modified               |               |
-          | 45    | link                        |               |
-          | 46    | location                    |               |
-          | 47    | max-forwards                |               |
-          | 48    | proxy-authenticate          |               |
-          | 49    | proxy-authorization         |               |
-          | 50    | range                       |               |
-          | 51    | referer                     |               |
-          | 52    | refresh                     |               |
-          | 53    | retry-after                 |               |
-          | 54    | server                      |               |
-          | 55    | set-cookie                  |               |
-          | 56    | strict-transport-security   |               |
-          | 57    | transfer-encoding           |               |
-          | 58    | user-agent                  |               |
-          | 59    | vary                        |               |
-          | 60    | via                         |               |
-          | 61    | www-authenticate            |               |
-          +-------+-----------------------------+---------------+
-`
-	bs := bufio.NewScanner(strings.NewReader(fromSpec))
-	re := regexp.MustCompile(`\| (\d+)\s+\| (\S+)\s*\| (\S(.*\S)?)?\s+\|`)
-	for bs.Scan() {
-		l := bs.Text()
-		if !strings.Contains(l, "|") {
-			continue
-		}
-		m := re.FindStringSubmatch(l)
-		if m == nil {
-			continue
-		}
-		i, err := strconv.Atoi(m[1])
-		if err != nil {
-			t.Errorf("Bogus integer on line %q", l)
-			continue
-		}
-		if i < 1 || i > len(staticTable) {
-			t.Errorf("Bogus index %d on line %q", i, l)
-			continue
-		}
-		if got, want := staticTable[i-1].Name, m[2]; got != want {
-			t.Errorf("header index %d name = %q; want %q", i, got, want)
-		}
-		if got, want := staticTable[i-1].Value, m[3]; got != want {
-			t.Errorf("header index %d value = %q; want %q", i, got, want)
-		}
-	}
-	if err := bs.Err(); err != nil {
-		t.Error(err)
-	}
-}
-
-func (d *Decoder) mustAt(idx int) HeaderField {
-	if hf, ok := d.at(uint64(idx)); !ok {
-		panic(fmt.Sprintf("bogus index %d", idx))
-	} else {
-		return hf
-	}
-}
-
-func TestDynamicTableAt(t *testing.T) {
-	d := NewDecoder(4096, nil)
-	at := d.mustAt
-	if got, want := at(2), (pair(":method", "GET")); got != want {
-		t.Errorf("at(2) = %v; want %v", got, want)
-	}
-	d.dynTab.add(pair("foo", "bar"))
-	d.dynTab.add(pair("blake", "miz"))
-	if got, want := at(len(staticTable)+1), (pair("blake", "miz")); got != want {
-		t.Errorf("at(dyn 1) = %v; want %v", got, want)
-	}
-	if got, want := at(len(staticTable)+2), (pair("foo", "bar")); got != want {
-		t.Errorf("at(dyn 2) = %v; want %v", got, want)
-	}
-	if got, want := at(3), (pair(":method", "POST")); got != want {
-		t.Errorf("at(3) = %v; want %v", got, want)
-	}
-}
-
-func TestDynamicTableSearch(t *testing.T) {
-	dt := dynamicTable{}
-	dt.setMaxSize(4096)
-
-	dt.add(pair("foo", "bar"))
-	dt.add(pair("blake", "miz"))
-	dt.add(pair(":method", "GET"))
-
-	tests := []struct {
-		hf        HeaderField
-		wantI     uint64
-		wantMatch bool
-	}{
-		// Name and Value match
-		{pair("foo", "bar"), 3, true},
-		{pair(":method", "GET"), 1, true},
-
-		// Only name match because of Sensitive == true
-		{HeaderField{"blake", "miz", true}, 2, false},
-
-		// Only Name matches
-		{pair("foo", "..."), 3, false},
-		{pair("blake", "..."), 2, false},
-		{pair(":method", "..."), 1, false},
-
-		// None match
-		{pair("foo-", "bar"), 0, false},
-	}
-	for _, tt := range tests {
-		if gotI, gotMatch := dt.search(tt.hf); gotI != tt.wantI || gotMatch != tt.wantMatch {
-			t.Errorf("d.search(%+v) = %v, %v; want %v, %v", tt.hf, gotI, gotMatch, tt.wantI, tt.wantMatch)
-		}
-	}
-}
-
-func TestDynamicTableSizeEvict(t *testing.T) {
-	d := NewDecoder(4096, nil)
-	if want := uint32(0); d.dynTab.size != want {
-		t.Fatalf("size = %d; want %d", d.dynTab.size, want)
-	}
-	add := d.dynTab.add
-	add(pair("blake", "eats pizza"))
-	if want := uint32(15 + 32); d.dynTab.size != want {
-		t.Fatalf("after pizza, size = %d; want %d", d.dynTab.size, want)
-	}
-	add(pair("foo", "bar"))
-	if want := uint32(15 + 32 + 6 + 32); d.dynTab.size != want {
-		t.Fatalf("after foo bar, size = %d; want %d", d.dynTab.size, want)
-	}
-	d.dynTab.setMaxSize(15 + 32 + 1 /* slop */)
-	if want := uint32(6 + 32); d.dynTab.size != want {
-		t.Fatalf("after setMaxSize, size = %d; want %d", d.dynTab.size, want)
-	}
-	if got, want := d.mustAt(len(staticTable)+1), (pair("foo", "bar")); got != want {
-		t.Errorf("at(dyn 1) = %v; want %v", got, want)
-	}
-	add(pair("long", strings.Repeat("x", 500)))
-	if want := uint32(0); d.dynTab.size != want {
-		t.Fatalf("after big one, size = %d; want %d", d.dynTab.size, want)
-	}
-}
-
-func TestDecoderDecode(t *testing.T) {
-	tests := []struct {
-		name       string
-		in         []byte
-		want       []HeaderField
-		wantDynTab []HeaderField // newest entry first
-	}{
-		// C.2.1 Literal Header Field with Indexing
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.C.2.1
-		{"C.2.1", dehex("400a 6375 7374 6f6d 2d6b 6579 0d63 7573 746f 6d2d 6865 6164 6572"),
-			[]HeaderField{pair("custom-key", "custom-header")},
-			[]HeaderField{pair("custom-key", "custom-header")},
-		},
-
-		// C.2.2 Literal Header Field without Indexing
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.C.2.2
-		{"C.2.2", dehex("040c 2f73 616d 706c 652f 7061 7468"),
-			[]HeaderField{pair(":path", "/sample/path")},
-			[]HeaderField{}},
-
-		// C.2.3 Literal Header Field never Indexed
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.C.2.3
-		{"C.2.3", dehex("1008 7061 7373 776f 7264 0673 6563 7265 74"),
-			[]HeaderField{{"password", "secret", true}},
-			[]HeaderField{}},
-
-		// C.2.4 Indexed Header Field
-		// http://http2.github.io/http2-spec/compression.html#rfc.section.C.2.4
-		{"C.2.4", []byte("\x82"),
-			[]HeaderField{pair(":method", "GET")},
-			[]HeaderField{}},
-	}
-	for _, tt := range tests {
-		d := NewDecoder(4096, nil)
-		hf, err := d.DecodeFull(tt.in)
-		if err != nil {
-			t.Errorf("%s: %v", tt.name, err)
-			continue
-		}
-		if !reflect.DeepEqual(hf, tt.want) {
-			t.Errorf("%s: Got %v; want %v", tt.name, hf, tt.want)
-		}
-		gotDynTab := d.dynTab.reverseCopy()
-		if !reflect.DeepEqual(gotDynTab, tt.wantDynTab) {
-			t.Errorf("%s: dynamic table after = %v; want %v", tt.name, gotDynTab, tt.wantDynTab)
-		}
-	}
-}
-
-func (dt *dynamicTable) reverseCopy() (hf []HeaderField) {
-	hf = make([]HeaderField, len(dt.ents))
-	for i := range hf {
-		hf[i] = dt.ents[len(dt.ents)-1-i]
-	}
-	return
-}
-
-type encAndWant struct {
-	enc         []byte
-	want        []HeaderField
-	wantDynTab  []HeaderField
-	wantDynSize uint32
-}
-
-// C.3 Request Examples without Huffman Coding
-// http://http2.github.io/http2-spec/compression.html#rfc.section.C.3
-func TestDecodeC3_NoHuffman(t *testing.T) {
-	testDecodeSeries(t, 4096, []encAndWant{
-		{dehex("8286 8441 0f77 7777 2e65 7861 6d70 6c65 2e63 6f6d"),
-			[]HeaderField{
-				pair(":method", "GET"),
-				pair(":scheme", "http"),
-				pair(":path", "/"),
-				pair(":authority", "www.example.com"),
-			},
-			[]HeaderField{
-				pair(":authority", "www.example.com"),
-			},
-			57,
-		},
-		{dehex("8286 84be 5808 6e6f 2d63 6163 6865"),
-			[]HeaderField{
-				pair(":method", "GET"),
-				pair(":scheme", "http"),
-				pair(":path", "/"),
-				pair(":authority", "www.example.com"),
-				pair("cache-control", "no-cache"),
-			},
-			[]HeaderField{
-				pair("cache-control", "no-cache"),
-				pair(":authority", "www.example.com"),
-			},
-			110,
-		},
-		{dehex("8287 85bf 400a 6375 7374 6f6d 2d6b 6579 0c63 7573 746f 6d2d 7661 6c75 65"),
-			[]HeaderField{
-				pair(":method", "GET"),
-				pair(":scheme", "https"),
-				pair(":path", "/index.html"),
-				pair(":authority", "www.example.com"),
-				pair("custom-key", "custom-value"),
-			},
-			[]HeaderField{
-				pair("custom-key", "custom-value"),
-				pair("cache-control", "no-cache"),
-				pair(":authority", "www.example.com"),
-			},
-			164,
-		},
-	})
-}
-
-// C.4 Request Examples with Huffman Coding
-// http://http2.github.io/http2-spec/compression.html#rfc.section.C.4
-func TestDecodeC4_Huffman(t *testing.T) {
-	testDecodeSeries(t, 4096, []encAndWant{
-		{dehex("8286 8441 8cf1 e3c2 e5f2 3a6b a0ab 90f4 ff"),
-			[]HeaderField{
-				pair(":method", "GET"),
-				pair(":scheme", "http"),
-				pair(":path", "/"),
-				pair(":authority", "www.example.com"),
-			},
-			[]HeaderField{
-				pair(":authority", "www.example.com"),
-			},
-			57,
-		},
-		{dehex("8286 84be 5886 a8eb 1064 9cbf"),
-			[]HeaderField{
-				pair(":method", "GET"),
-				pair(":scheme", "http"),
-				pair(":path", "/"),
-				pair(":authority", "www.example.com"),
-				pair("cache-control", "no-cache"),
-			},
-			[]HeaderField{
-				pair("cache-control", "no-cache"),
-				pair(":authority", "www.example.com"),
-			},
-			110,
-		},
-		{dehex("8287 85bf 4088 25a8 49e9 5ba9 7d7f 8925 a849 e95b b8e8 b4bf"),
-			[]HeaderField{
-				pair(":method", "GET"),
-				pair(":scheme", "https"),
-				pair(":path", "/index.html"),
-				pair(":authority", "www.example.com"),
-				pair("custom-key", "custom-value"),
-			},
-			[]HeaderField{
-				pair("custom-key", "custom-value"),
-				pair("cache-control", "no-cache"),
-				pair(":authority", "www.example.com"),
-			},
-			164,
-		},
-	})
-}
-
-// http://http2.github.io/http2-spec/compression.html#rfc.section.C.5
-// "This section shows several consecutive header lists, corresponding
-// to HTTP responses, on the same connection. The HTTP/2 setting
-// parameter SETTINGS_HEADER_TABLE_SIZE is set to the value of 256
-// octets, causing some evictions to occur."
-func TestDecodeC5_ResponsesNoHuff(t *testing.T) {
-	testDecodeSeries(t, 256, []encAndWant{
-		{dehex(`
-4803 3330 3258 0770 7269 7661 7465 611d
-4d6f 6e2c 2032 3120 4f63 7420 3230 3133
-2032 303a 3133 3a32 3120 474d 546e 1768
-7474 7073 3a2f 2f77 7777 2e65 7861 6d70
-6c65 2e63 6f6d
-`),
-			[]HeaderField{
-				pair(":status", "302"),
-				pair("cache-control", "private"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("location", "https://www.example.com"),
-			},
-			[]HeaderField{
-				pair("location", "https://www.example.com"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("cache-control", "private"),
-				pair(":status", "302"),
-			},
-			222,
-		},
-		{dehex("4803 3330 37c1 c0bf"),
-			[]HeaderField{
-				pair(":status", "307"),
-				pair("cache-control", "private"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("location", "https://www.example.com"),
-			},
-			[]HeaderField{
-				pair(":status", "307"),
-				pair("location", "https://www.example.com"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("cache-control", "private"),
-			},
-			222,
-		},
-		{dehex(`
-88c1 611d 4d6f 6e2c 2032 3120 4f63 7420
-3230 3133 2032 303a 3133 3a32 3220 474d
-54c0 5a04 677a 6970 7738 666f 6f3d 4153
-444a 4b48 514b 425a 584f 5157 454f 5049
-5541 5851 5745 4f49 553b 206d 6178 2d61
-6765 3d33 3630 303b 2076 6572 7369 6f6e
-3d31
-`),
-			[]HeaderField{
-				pair(":status", "200"),
-				pair("cache-control", "private"),
-				pair("date", "Mon, 21 Oct 2013 20:13:22 GMT"),
-				pair("location", "https://www.example.com"),
-				pair("content-encoding", "gzip"),
-				pair("set-cookie", "foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"),
-			},
-			[]HeaderField{
-				pair("set-cookie", "foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"),
-				pair("content-encoding", "gzip"),
-				pair("date", "Mon, 21 Oct 2013 20:13:22 GMT"),
-			},
-			215,
-		},
-	})
-}
-
-// http://http2.github.io/http2-spec/compression.html#rfc.section.C.6
-// "This section shows the same examples as the previous section, but
-// using Huffman encoding for the literal values. The HTTP/2 setting
-// parameter SETTINGS_HEADER_TABLE_SIZE is set to the value of 256
-// octets, causing some evictions to occur. The eviction mechanism
-// uses the length of the decoded literal values, so the same
-// evictions occurs as in the previous section."
-func TestDecodeC6_ResponsesHuffman(t *testing.T) {
-	testDecodeSeries(t, 256, []encAndWant{
-		{dehex(`
-4882 6402 5885 aec3 771a 4b61 96d0 7abe
-9410 54d4 44a8 2005 9504 0b81 66e0 82a6
-2d1b ff6e 919d 29ad 1718 63c7 8f0b 97c8
-e9ae 82ae 43d3
-`),
-			[]HeaderField{
-				pair(":status", "302"),
-				pair("cache-control", "private"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("location", "https://www.example.com"),
-			},
-			[]HeaderField{
-				pair("location", "https://www.example.com"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("cache-control", "private"),
-				pair(":status", "302"),
-			},
-			222,
-		},
-		{dehex("4883 640e ffc1 c0bf"),
-			[]HeaderField{
-				pair(":status", "307"),
-				pair("cache-control", "private"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("location", "https://www.example.com"),
-			},
-			[]HeaderField{
-				pair(":status", "307"),
-				pair("location", "https://www.example.com"),
-				pair("date", "Mon, 21 Oct 2013 20:13:21 GMT"),
-				pair("cache-control", "private"),
-			},
-			222,
-		},
-		{dehex(`
-88c1 6196 d07a be94 1054 d444 a820 0595
-040b 8166 e084 a62d 1bff c05a 839b d9ab
-77ad 94e7 821d d7f2 e6c7 b335 dfdf cd5b
-3960 d5af 2708 7f36 72c1 ab27 0fb5 291f
-9587 3160 65c0 03ed 4ee5 b106 3d50 07
-`),
-			[]HeaderField{
-				pair(":status", "200"),
-				pair("cache-control", "private"),
-				pair("date", "Mon, 21 Oct 2013 20:13:22 GMT"),
-				pair("location", "https://www.example.com"),
-				pair("content-encoding", "gzip"),
-				pair("set-cookie", "foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"),
-			},
-			[]HeaderField{
-				pair("set-cookie", "foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"),
-				pair("content-encoding", "gzip"),
-				pair("date", "Mon, 21 Oct 2013 20:13:22 GMT"),
-			},
-			215,
-		},
-	})
-}
-
-func testDecodeSeries(t *testing.T, size uint32, steps []encAndWant) {
-	d := NewDecoder(size, nil)
-	for i, step := range steps {
-		hf, err := d.DecodeFull(step.enc)
-		if err != nil {
-			t.Fatalf("Error at step index %d: %v", i, err)
-		}
-		if !reflect.DeepEqual(hf, step.want) {
-			t.Fatalf("At step index %d: Got headers %v; want %v", i, hf, step.want)
-		}
-		gotDynTab := d.dynTab.reverseCopy()
-		if !reflect.DeepEqual(gotDynTab, step.wantDynTab) {
-			t.Errorf("After step index %d, dynamic table = %v; want %v", i, gotDynTab, step.wantDynTab)
-		}
-		if d.dynTab.size != step.wantDynSize {
-			t.Errorf("After step index %d, dynamic table size = %v; want %v", i, d.dynTab.size, step.wantDynSize)
-		}
-	}
-}
-
-func TestHuffmanDecode(t *testing.T) {
-	tests := []struct {
-		inHex, want string
-	}{
-		{"f1e3 c2e5 f23a 6ba0 ab90 f4ff", "www.example.com"},
-		{"a8eb 1064 9cbf", "no-cache"},
-		{"25a8 49e9 5ba9 7d7f", "custom-key"},
-		{"25a8 49e9 5bb8 e8b4 bf", "custom-value"},
-		{"6402", "302"},
-		{"aec3 771a 4b", "private"},
-		{"d07a be94 1054 d444 a820 0595 040b 8166 e082 a62d 1bff", "Mon, 21 Oct 2013 20:13:21 GMT"},
-		{"9d29 ad17 1863 c78f 0b97 c8e9 ae82 ae43 d3", "https://www.example.com"},
-		{"9bd9 ab", "gzip"},
-		{"94e7 821d d7f2 e6c7 b335 dfdf cd5b 3960 d5af 2708 7f36 72c1 ab27 0fb5 291f 9587 3160 65c0 03ed 4ee5 b106 3d50 07",
-			"foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1"},
-	}
-	for i, tt := range tests {
-		var buf bytes.Buffer
-		in, err := hex.DecodeString(strings.Replace(tt.inHex, " ", "", -1))
-		if err != nil {
-			t.Errorf("%d. hex input error: %v", i, err)
-			continue
-		}
-		if _, err := HuffmanDecode(&buf, in); err != nil {
-			t.Errorf("%d. decode error: %v", i, err)
-			continue
-		}
-		if got := buf.String(); tt.want != got {
-			t.Errorf("%d. decode = %q; want %q", i, got, tt.want)
-		}
-	}
-}
-
-func TestAppendHuffmanString(t *testing.T) {
-	tests := []struct {
-		in, want string
-	}{
-		{"www.example.com", "f1e3 c2e5 f23a 6ba0 ab90 f4ff"},
-		{"no-cache", "a8eb 1064 9cbf"},
-		{"custom-key", "25a8 49e9 5ba9 7d7f"},
-		{"custom-value", "25a8 49e9 5bb8 e8b4 bf"},
-		{"302", "6402"},
-		{"private", "aec3 771a 4b"},
-		{"Mon, 21 Oct 2013 20:13:21 GMT", "d07a be94 1054 d444 a820 0595 040b 8166 e082 a62d 1bff"},
-		{"https://www.example.com", "9d29 ad17 1863 c78f 0b97 c8e9 ae82 ae43 d3"},
-		{"gzip", "9bd9 ab"},
-		{"foo=ASDJKHQKBZXOQWEOPIUAXQWEOIU; max-age=3600; version=1",
-			"94e7 821d d7f2 e6c7 b335 dfdf cd5b 3960 d5af 2708 7f36 72c1 ab27 0fb5 291f 9587 3160 65c0 03ed 4ee5 b106 3d50 07"},
-	}
-	for i, tt := range tests {
-		buf := []byte{}
-		want := strings.Replace(tt.want, " ", "", -1)
-		buf = AppendHuffmanString(buf, tt.in)
-		if got := hex.EncodeToString(buf); want != got {
-			t.Errorf("%d. encode = %q; want %q", i, got, want)
-		}
-	}
-}
-
-func TestHuffmanMaxStrLen(t *testing.T) {
-	const msg = "Some string"
-	huff := AppendHuffmanString(nil, msg)
-
-	testGood := func(max int) {
-		var out bytes.Buffer
-		if err := huffmanDecode(&out, max, huff); err != nil {
-			t.Errorf("For maxLen=%d, unexpected error: %v", max, err)
-		}
-		if out.String() != msg {
-			t.Errorf("For maxLen=%d, out = %q; want %q", max, out.String(), msg)
-		}
-	}
-	testGood(0)
-	testGood(len(msg))
-	testGood(len(msg) + 1)
-
-	var out bytes.Buffer
-	if err := huffmanDecode(&out, len(msg)-1, huff); err != ErrStringLength {
-		t.Errorf("err = %v; want ErrStringLength", err)
-	}
-}
-
-func TestHuffmanRoundtripStress(t *testing.T) {
-	const Len = 50 // of uncompressed string
-	input := make([]byte, Len)
-	var output bytes.Buffer
-	var huff []byte
-
-	n := 5000
-	if testing.Short() {
-		n = 100
-	}
-	seed := time.Now().UnixNano()
-	t.Logf("Seed = %v", seed)
-	src := rand.New(rand.NewSource(seed))
-	var encSize int64
-	for i := 0; i < n; i++ {
-		for l := range input {
-			input[l] = byte(src.Intn(256))
-		}
-		huff = AppendHuffmanString(huff[:0], string(input))
-		encSize += int64(len(huff))
-		output.Reset()
-		if err := huffmanDecode(&output, 0, huff); err != nil {
-			t.Errorf("Failed to decode %q -> %q -> error %v", input, huff, err)
-			continue
-		}
-		if !bytes.Equal(output.Bytes(), input) {
-			t.Errorf("Roundtrip failure on %q -> %q -> %q", input, huff, output.Bytes())
-		}
-	}
-	t.Logf("Compressed size of original: %0.02f%% (%v -> %v)", 100*(float64(encSize)/(Len*float64(n))), Len*n, encSize)
-}
-
-func TestHuffmanDecodeFuzz(t *testing.T) {
-	const Len = 50 // of compressed
-	var buf, zbuf bytes.Buffer
-
-	n := 5000
-	if testing.Short() {
-		n = 100
-	}
-	seed := time.Now().UnixNano()
-	t.Logf("Seed = %v", seed)
-	src := rand.New(rand.NewSource(seed))
-	numFail := 0
-	for i := 0; i < n; i++ {
-		zbuf.Reset()
-		if i == 0 {
-			// Start with at least one invalid one.
-			zbuf.WriteString("00\x91\xff\xff\xff\xff\xc8")
-		} else {
-			for l := 0; l < Len; l++ {
-				zbuf.WriteByte(byte(src.Intn(256)))
-			}
-		}
-
-		buf.Reset()
-		if err := huffmanDecode(&buf, 0, zbuf.Bytes()); err != nil {
-			if err == ErrInvalidHuffman {
-				numFail++
-				continue
-			}
-			t.Errorf("Failed to decode %q: %v", zbuf.Bytes(), err)
-			continue
-		}
-	}
-	t.Logf("%0.02f%% are invalid (%d / %d)", 100*float64(numFail)/float64(n), numFail, n)
-	if numFail < 1 {
-		t.Error("expected at least one invalid huffman encoding (test starts with one)")
-	}
-}
-
-func TestReadVarInt(t *testing.T) {
-	type res struct {
-		i        uint64
-		consumed int
-		err      error
-	}
-	tests := []struct {
-		n    byte
-		p    []byte
-		want res
-	}{
-		// Fits in a byte:
-		{1, []byte{0}, res{0, 1, nil}},
-		{2, []byte{2}, res{2, 1, nil}},
-		{3, []byte{6}, res{6, 1, nil}},
-		{4, []byte{14}, res{14, 1, nil}},
-		{5, []byte{30}, res{30, 1, nil}},
-		{6, []byte{62}, res{62, 1, nil}},
-		{7, []byte{126}, res{126, 1, nil}},
-		{8, []byte{254}, res{254, 1, nil}},
-
-		// Doesn't fit in a byte:
-		{1, []byte{1}, res{0, 0, errNeedMore}},
-		{2, []byte{3}, res{0, 0, errNeedMore}},
-		{3, []byte{7}, res{0, 0, errNeedMore}},
-		{4, []byte{15}, res{0, 0, errNeedMore}},
-		{5, []byte{31}, res{0, 0, errNeedMore}},
-		{6, []byte{63}, res{0, 0, errNeedMore}},
-		{7, []byte{127}, res{0, 0, errNeedMore}},
-		{8, []byte{255}, res{0, 0, errNeedMore}},
-
-		// Ignoring top bits:
-		{5, []byte{255, 154, 10}, res{1337, 3, nil}}, // high dummy three bits: 111
-		{5, []byte{159, 154, 10}, res{1337, 3, nil}}, // high dummy three bits: 100
-		{5, []byte{191, 154, 10}, res{1337, 3, nil}}, // high dummy three bits: 101
-
-		// Extra byte:
-		{5, []byte{191, 154, 10, 2}, res{1337, 3, nil}}, // extra byte
-
-		// Short a byte:
-		{5, []byte{191, 154}, res{0, 0, errNeedMore}},
-
-		// integer overflow:
-		{1, []byte{255, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128, 128}, res{0, 0, errVarintOverflow}},
-	}
-	for _, tt := range tests {
-		i, remain, err := readVarInt(tt.n, tt.p)
-		consumed := len(tt.p) - len(remain)
-		got := res{i, consumed, err}
-		if got != tt.want {
-			t.Errorf("readVarInt(%d, %v ~ %x) = %+v; want %+v", tt.n, tt.p, tt.p, got, tt.want)
-		}
-	}
-}
-
-// Fuzz crash, originally reported at https://github.com/bradfitz/http2/issues/56
-func TestHuffmanFuzzCrash(t *testing.T) {
-	got, err := HuffmanDecodeToString([]byte("00\x91\xff\xff\xff\xff\xc8"))
-	if got != "" {
-		t.Errorf("Got %q; want empty string", got)
-	}
-	if err != ErrInvalidHuffman {
-		t.Errorf("Err = %v; want ErrInvalidHuffman", err)
-	}
-}
-
-func dehex(s string) []byte {
-	s = strings.Replace(s, " ", "", -1)
-	s = strings.Replace(s, "\n", "", -1)
-	b, err := hex.DecodeString(s)
-	if err != nil {
-		panic(err)
-	}
-	return b
-}
-
-func TestEmitEnabled(t *testing.T) {
-	var buf bytes.Buffer
-	enc := NewEncoder(&buf)
-	enc.WriteField(HeaderField{Name: "foo", Value: "bar"})
-	enc.WriteField(HeaderField{Name: "foo", Value: "bar"})
-
-	numCallback := 0
-	var dec *Decoder
-	dec = NewDecoder(8<<20, func(HeaderField) {
-		numCallback++
-		dec.SetEmitEnabled(false)
-	})
-	if !dec.EmitEnabled() {
-		t.Errorf("initial emit enabled = false; want true")
-	}
-	if _, err := dec.Write(buf.Bytes()); err != nil {
-		t.Error(err)
-	}
-	if numCallback != 1 {
-		t.Errorf("num callbacks = %d; want 1", numCallback)
-	}
-	if dec.EmitEnabled() {
-		t.Errorf("emit enabled = true; want false")
-	}
-}
-
-func TestSaveBufLimit(t *testing.T) {
-	const maxStr = 1 << 10
-	var got []HeaderField
-	dec := NewDecoder(initialHeaderTableSize, func(hf HeaderField) {
-		got = append(got, hf)
-	})
-	dec.SetMaxStringLength(maxStr)
-	var frag []byte
-	frag = append(frag[:0], encodeTypeByte(false, false))
-	frag = appendVarInt(frag, 7, 3)
-	frag = append(frag, "foo"...)
-	frag = appendVarInt(frag, 7, 3)
-	frag = append(frag, "bar"...)
-
-	if _, err := dec.Write(frag); err != nil {
-		t.Fatal(err)
-	}
-
-	want := []HeaderField{{Name: "foo", Value: "bar"}}
-	if !reflect.DeepEqual(got, want) {
-		t.Errorf("After small writes, got %v; want %v", got, want)
-	}
-
-	frag = append(frag[:0], encodeTypeByte(false, false))
-	frag = appendVarInt(frag, 7, maxStr*3)
-	frag = append(frag, make([]byte, maxStr*3)...)
-
-	_, err := dec.Write(frag)
-	if err != ErrStringLength {
-		t.Fatalf("Write error = %v; want ErrStringLength", err)
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/hpack/huffman.go b/vendor/golang.org/x/net/http2/hpack/huffman.go
deleted file mode 100644
index eb4b1f05..00000000
--- a/vendor/golang.org/x/net/http2/hpack/huffman.go
+++ /dev/null
@@ -1,190 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package hpack
-
-import (
-	"bytes"
-	"errors"
-	"io"
-	"sync"
-)
-
-var bufPool = sync.Pool{
-	New: func() interface{} { return new(bytes.Buffer) },
-}
-
-// HuffmanDecode decodes the string in v and writes the expanded
-// result to w, returning the number of bytes written to w and the
-// Write call's return value. At most one Write call is made.
-func HuffmanDecode(w io.Writer, v []byte) (int, error) {
-	buf := bufPool.Get().(*bytes.Buffer)
-	buf.Reset()
-	defer bufPool.Put(buf)
-	if err := huffmanDecode(buf, 0, v); err != nil {
-		return 0, err
-	}
-	return w.Write(buf.Bytes())
-}
-
-// HuffmanDecodeToString decodes the string in v.
-func HuffmanDecodeToString(v []byte) (string, error) {
-	buf := bufPool.Get().(*bytes.Buffer)
-	buf.Reset()
-	defer bufPool.Put(buf)
-	if err := huffmanDecode(buf, 0, v); err != nil {
-		return "", err
-	}
-	return buf.String(), nil
-}
-
-// ErrInvalidHuffman is returned for errors found decoding
-// Huffman-encoded strings.
-var ErrInvalidHuffman = errors.New("hpack: invalid Huffman-encoded data")
-
-// huffmanDecode decodes v to buf.
-// If maxLen is greater than 0, attempts to write more to buf than
-// maxLen bytes will return ErrStringLength.
-func huffmanDecode(buf *bytes.Buffer, maxLen int, v []byte) error {
-	n := rootHuffmanNode
-	cur, nbits := uint(0), uint8(0)
-	for _, b := range v {
-		cur = cur<<8 | uint(b)
-		nbits += 8
-		for nbits >= 8 {
-			idx := byte(cur >> (nbits - 8))
-			n = n.children[idx]
-			if n == nil {
-				return ErrInvalidHuffman
-			}
-			if n.children == nil {
-				if maxLen != 0 && buf.Len() == maxLen {
-					return ErrStringLength
-				}
-				buf.WriteByte(n.sym)
-				nbits -= n.codeLen
-				n = rootHuffmanNode
-			} else {
-				nbits -= 8
-			}
-		}
-	}
-	for nbits > 0 {
-		n = n.children[byte(cur<<(8-nbits))]
-		if n.children != nil || n.codeLen > nbits {
-			break
-		}
-		buf.WriteByte(n.sym)
-		nbits -= n.codeLen
-		n = rootHuffmanNode
-	}
-	return nil
-}
-
-type node struct {
-	// children is non-nil for internal nodes
-	children []*node
-
-	// The following are only valid if children is nil:
-	codeLen uint8 // number of bits that led to the output of sym
-	sym     byte  // output symbol
-}
-
-func newInternalNode() *node {
-	return &node{children: make([]*node, 256)}
-}
-
-var rootHuffmanNode = newInternalNode()
-
-func init() {
-	if len(huffmanCodes) != 256 {
-		panic("unexpected size")
-	}
-	for i, code := range huffmanCodes {
-		addDecoderNode(byte(i), code, huffmanCodeLen[i])
-	}
-}
-
-func addDecoderNode(sym byte, code uint32, codeLen uint8) {
-	cur := rootHuffmanNode
-	for codeLen > 8 {
-		codeLen -= 8
-		i := uint8(code >> codeLen)
-		if cur.children[i] == nil {
-			cur.children[i] = newInternalNode()
-		}
-		cur = cur.children[i]
-	}
-	shift := 8 - codeLen
-	start, end := int(uint8(code<> (nbits - rembits))
-		dst[len(dst)-1] |= t
-	}
-
-	return dst
-}
-
-// HuffmanEncodeLength returns the number of bytes required to encode
-// s in Huffman codes. The result is round up to byte boundary.
-func HuffmanEncodeLength(s string) uint64 {
-	n := uint64(0)
-	for i := 0; i < len(s); i++ {
-		n += uint64(huffmanCodeLen[s[i]])
-	}
-	return (n + 7) / 8
-}
-
-// appendByteToHuffmanCode appends Huffman code for c to dst and
-// returns the extended buffer and the remaining bits in the last
-// element. The appending is not byte aligned and the remaining bits
-// in the last element of dst is given in rembits.
-func appendByteToHuffmanCode(dst []byte, rembits uint8, c byte) ([]byte, uint8) {
-	code := huffmanCodes[c]
-	nbits := huffmanCodeLen[c]
-
-	for {
-		if rembits > nbits {
-			t := uint8(code << (rembits - nbits))
-			dst[len(dst)-1] |= t
-			rembits -= nbits
-			break
-		}
-
-		t := uint8(code >> (nbits - rembits))
-		dst[len(dst)-1] |= t
-
-		nbits -= rembits
-		rembits = 8
-
-		if nbits == 0 {
-			break
-		}
-
-		dst = append(dst, 0)
-	}
-
-	return dst, rembits
-}
diff --git a/vendor/golang.org/x/net/http2/hpack/tables.go b/vendor/golang.org/x/net/http2/hpack/tables.go
deleted file mode 100644
index b9283a02..00000000
--- a/vendor/golang.org/x/net/http2/hpack/tables.go
+++ /dev/null
@@ -1,352 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package hpack
-
-func pair(name, value string) HeaderField {
-	return HeaderField{Name: name, Value: value}
-}
-
-// http://tools.ietf.org/html/draft-ietf-httpbis-header-compression-07#appendix-B
-var staticTable = [...]HeaderField{
-	pair(":authority", ""), // index 1 (1-based)
-	pair(":method", "GET"),
-	pair(":method", "POST"),
-	pair(":path", "/"),
-	pair(":path", "/index.html"),
-	pair(":scheme", "http"),
-	pair(":scheme", "https"),
-	pair(":status", "200"),
-	pair(":status", "204"),
-	pair(":status", "206"),
-	pair(":status", "304"),
-	pair(":status", "400"),
-	pair(":status", "404"),
-	pair(":status", "500"),
-	pair("accept-charset", ""),
-	pair("accept-encoding", "gzip, deflate"),
-	pair("accept-language", ""),
-	pair("accept-ranges", ""),
-	pair("accept", ""),
-	pair("access-control-allow-origin", ""),
-	pair("age", ""),
-	pair("allow", ""),
-	pair("authorization", ""),
-	pair("cache-control", ""),
-	pair("content-disposition", ""),
-	pair("content-encoding", ""),
-	pair("content-language", ""),
-	pair("content-length", ""),
-	pair("content-location", ""),
-	pair("content-range", ""),
-	pair("content-type", ""),
-	pair("cookie", ""),
-	pair("date", ""),
-	pair("etag", ""),
-	pair("expect", ""),
-	pair("expires", ""),
-	pair("from", ""),
-	pair("host", ""),
-	pair("if-match", ""),
-	pair("if-modified-since", ""),
-	pair("if-none-match", ""),
-	pair("if-range", ""),
-	pair("if-unmodified-since", ""),
-	pair("last-modified", ""),
-	pair("link", ""),
-	pair("location", ""),
-	pair("max-forwards", ""),
-	pair("proxy-authenticate", ""),
-	pair("proxy-authorization", ""),
-	pair("range", ""),
-	pair("referer", ""),
-	pair("refresh", ""),
-	pair("retry-after", ""),
-	pair("server", ""),
-	pair("set-cookie", ""),
-	pair("strict-transport-security", ""),
-	pair("transfer-encoding", ""),
-	pair("user-agent", ""),
-	pair("vary", ""),
-	pair("via", ""),
-	pair("www-authenticate", ""),
-}
-
-var huffmanCodes = [256]uint32{
-	0x1ff8,
-	0x7fffd8,
-	0xfffffe2,
-	0xfffffe3,
-	0xfffffe4,
-	0xfffffe5,
-	0xfffffe6,
-	0xfffffe7,
-	0xfffffe8,
-	0xffffea,
-	0x3ffffffc,
-	0xfffffe9,
-	0xfffffea,
-	0x3ffffffd,
-	0xfffffeb,
-	0xfffffec,
-	0xfffffed,
-	0xfffffee,
-	0xfffffef,
-	0xffffff0,
-	0xffffff1,
-	0xffffff2,
-	0x3ffffffe,
-	0xffffff3,
-	0xffffff4,
-	0xffffff5,
-	0xffffff6,
-	0xffffff7,
-	0xffffff8,
-	0xffffff9,
-	0xffffffa,
-	0xffffffb,
-	0x14,
-	0x3f8,
-	0x3f9,
-	0xffa,
-	0x1ff9,
-	0x15,
-	0xf8,
-	0x7fa,
-	0x3fa,
-	0x3fb,
-	0xf9,
-	0x7fb,
-	0xfa,
-	0x16,
-	0x17,
-	0x18,
-	0x0,
-	0x1,
-	0x2,
-	0x19,
-	0x1a,
-	0x1b,
-	0x1c,
-	0x1d,
-	0x1e,
-	0x1f,
-	0x5c,
-	0xfb,
-	0x7ffc,
-	0x20,
-	0xffb,
-	0x3fc,
-	0x1ffa,
-	0x21,
-	0x5d,
-	0x5e,
-	0x5f,
-	0x60,
-	0x61,
-	0x62,
-	0x63,
-	0x64,
-	0x65,
-	0x66,
-	0x67,
-	0x68,
-	0x69,
-	0x6a,
-	0x6b,
-	0x6c,
-	0x6d,
-	0x6e,
-	0x6f,
-	0x70,
-	0x71,
-	0x72,
-	0xfc,
-	0x73,
-	0xfd,
-	0x1ffb,
-	0x7fff0,
-	0x1ffc,
-	0x3ffc,
-	0x22,
-	0x7ffd,
-	0x3,
-	0x23,
-	0x4,
-	0x24,
-	0x5,
-	0x25,
-	0x26,
-	0x27,
-	0x6,
-	0x74,
-	0x75,
-	0x28,
-	0x29,
-	0x2a,
-	0x7,
-	0x2b,
-	0x76,
-	0x2c,
-	0x8,
-	0x9,
-	0x2d,
-	0x77,
-	0x78,
-	0x79,
-	0x7a,
-	0x7b,
-	0x7ffe,
-	0x7fc,
-	0x3ffd,
-	0x1ffd,
-	0xffffffc,
-	0xfffe6,
-	0x3fffd2,
-	0xfffe7,
-	0xfffe8,
-	0x3fffd3,
-	0x3fffd4,
-	0x3fffd5,
-	0x7fffd9,
-	0x3fffd6,
-	0x7fffda,
-	0x7fffdb,
-	0x7fffdc,
-	0x7fffdd,
-	0x7fffde,
-	0xffffeb,
-	0x7fffdf,
-	0xffffec,
-	0xffffed,
-	0x3fffd7,
-	0x7fffe0,
-	0xffffee,
-	0x7fffe1,
-	0x7fffe2,
-	0x7fffe3,
-	0x7fffe4,
-	0x1fffdc,
-	0x3fffd8,
-	0x7fffe5,
-	0x3fffd9,
-	0x7fffe6,
-	0x7fffe7,
-	0xffffef,
-	0x3fffda,
-	0x1fffdd,
-	0xfffe9,
-	0x3fffdb,
-	0x3fffdc,
-	0x7fffe8,
-	0x7fffe9,
-	0x1fffde,
-	0x7fffea,
-	0x3fffdd,
-	0x3fffde,
-	0xfffff0,
-	0x1fffdf,
-	0x3fffdf,
-	0x7fffeb,
-	0x7fffec,
-	0x1fffe0,
-	0x1fffe1,
-	0x3fffe0,
-	0x1fffe2,
-	0x7fffed,
-	0x3fffe1,
-	0x7fffee,
-	0x7fffef,
-	0xfffea,
-	0x3fffe2,
-	0x3fffe3,
-	0x3fffe4,
-	0x7ffff0,
-	0x3fffe5,
-	0x3fffe6,
-	0x7ffff1,
-	0x3ffffe0,
-	0x3ffffe1,
-	0xfffeb,
-	0x7fff1,
-	0x3fffe7,
-	0x7ffff2,
-	0x3fffe8,
-	0x1ffffec,
-	0x3ffffe2,
-	0x3ffffe3,
-	0x3ffffe4,
-	0x7ffffde,
-	0x7ffffdf,
-	0x3ffffe5,
-	0xfffff1,
-	0x1ffffed,
-	0x7fff2,
-	0x1fffe3,
-	0x3ffffe6,
-	0x7ffffe0,
-	0x7ffffe1,
-	0x3ffffe7,
-	0x7ffffe2,
-	0xfffff2,
-	0x1fffe4,
-	0x1fffe5,
-	0x3ffffe8,
-	0x3ffffe9,
-	0xffffffd,
-	0x7ffffe3,
-	0x7ffffe4,
-	0x7ffffe5,
-	0xfffec,
-	0xfffff3,
-	0xfffed,
-	0x1fffe6,
-	0x3fffe9,
-	0x1fffe7,
-	0x1fffe8,
-	0x7ffff3,
-	0x3fffea,
-	0x3fffeb,
-	0x1ffffee,
-	0x1ffffef,
-	0xfffff4,
-	0xfffff5,
-	0x3ffffea,
-	0x7ffff4,
-	0x3ffffeb,
-	0x7ffffe6,
-	0x3ffffec,
-	0x3ffffed,
-	0x7ffffe7,
-	0x7ffffe8,
-	0x7ffffe9,
-	0x7ffffea,
-	0x7ffffeb,
-	0xffffffe,
-	0x7ffffec,
-	0x7ffffed,
-	0x7ffffee,
-	0x7ffffef,
-	0x7fffff0,
-	0x3ffffee,
-}
-
-var huffmanCodeLen = [256]uint8{
-	13, 23, 28, 28, 28, 28, 28, 28, 28, 24, 30, 28, 28, 30, 28, 28,
-	28, 28, 28, 28, 28, 28, 30, 28, 28, 28, 28, 28, 28, 28, 28, 28,
-	6, 10, 10, 12, 13, 6, 8, 11, 10, 10, 8, 11, 8, 6, 6, 6,
-	5, 5, 5, 6, 6, 6, 6, 6, 6, 6, 7, 8, 15, 6, 12, 10,
-	13, 6, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
-	7, 7, 7, 7, 7, 7, 7, 7, 8, 7, 8, 13, 19, 13, 14, 6,
-	15, 5, 6, 5, 6, 5, 6, 6, 6, 5, 7, 7, 6, 6, 6, 5,
-	6, 7, 6, 5, 5, 6, 7, 7, 7, 7, 7, 15, 11, 14, 13, 28,
-	20, 22, 20, 20, 22, 22, 22, 23, 22, 23, 23, 23, 23, 23, 24, 23,
-	24, 24, 22, 23, 24, 23, 23, 23, 23, 21, 22, 23, 22, 23, 23, 24,
-	22, 21, 20, 22, 22, 23, 23, 21, 23, 22, 22, 24, 21, 22, 23, 23,
-	21, 21, 22, 21, 23, 22, 23, 23, 20, 22, 22, 22, 23, 22, 22, 23,
-	26, 26, 20, 19, 22, 23, 22, 25, 26, 26, 26, 27, 27, 26, 24, 25,
-	19, 21, 26, 27, 27, 26, 27, 24, 21, 21, 26, 26, 28, 27, 27, 27,
-	20, 24, 20, 21, 22, 21, 21, 23, 22, 22, 25, 25, 24, 24, 26, 23,
-	26, 27, 26, 26, 27, 27, 27, 27, 27, 28, 27, 27, 27, 27, 27, 26,
-}
diff --git a/vendor/golang.org/x/net/http2/http2.go b/vendor/golang.org/x/net/http2/http2.go
deleted file mode 100644
index 0529b63e..00000000
--- a/vendor/golang.org/x/net/http2/http2.go
+++ /dev/null
@@ -1,463 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package http2 implements the HTTP/2 protocol.
-//
-// This package is low-level and intended to be used directly by very
-// few people. Most users will use it indirectly through the automatic
-// use by the net/http package (from Go 1.6 and later).
-// For use in earlier Go versions see ConfigureServer. (Transport support
-// requires Go 1.6 or later)
-//
-// See https://http2.github.io/ for more information on HTTP/2.
-//
-// See https://http2.golang.org/ for a test server running this code.
-package http2
-
-import (
-	"bufio"
-	"crypto/tls"
-	"errors"
-	"fmt"
-	"io"
-	"net/http"
-	"os"
-	"sort"
-	"strconv"
-	"strings"
-	"sync"
-)
-
-var (
-	VerboseLogs    bool
-	logFrameWrites bool
-	logFrameReads  bool
-)
-
-func init() {
-	e := os.Getenv("GODEBUG")
-	if strings.Contains(e, "http2debug=1") {
-		VerboseLogs = true
-	}
-	if strings.Contains(e, "http2debug=2") {
-		VerboseLogs = true
-		logFrameWrites = true
-		logFrameReads = true
-	}
-}
-
-const (
-	// ClientPreface is the string that must be sent by new
-	// connections from clients.
-	ClientPreface = "PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n"
-
-	// SETTINGS_MAX_FRAME_SIZE default
-	// http://http2.github.io/http2-spec/#rfc.section.6.5.2
-	initialMaxFrameSize = 16384
-
-	// NextProtoTLS is the NPN/ALPN protocol negotiated during
-	// HTTP/2's TLS setup.
-	NextProtoTLS = "h2"
-
-	// http://http2.github.io/http2-spec/#SettingValues
-	initialHeaderTableSize = 4096
-
-	initialWindowSize = 65535 // 6.9.2 Initial Flow Control Window Size
-
-	defaultMaxReadFrameSize = 1 << 20
-)
-
-var (
-	clientPreface = []byte(ClientPreface)
-)
-
-type streamState int
-
-const (
-	stateIdle streamState = iota
-	stateOpen
-	stateHalfClosedLocal
-	stateHalfClosedRemote
-	stateResvLocal
-	stateResvRemote
-	stateClosed
-)
-
-var stateName = [...]string{
-	stateIdle:             "Idle",
-	stateOpen:             "Open",
-	stateHalfClosedLocal:  "HalfClosedLocal",
-	stateHalfClosedRemote: "HalfClosedRemote",
-	stateResvLocal:        "ResvLocal",
-	stateResvRemote:       "ResvRemote",
-	stateClosed:           "Closed",
-}
-
-func (st streamState) String() string {
-	return stateName[st]
-}
-
-// Setting is a setting parameter: which setting it is, and its value.
-type Setting struct {
-	// ID is which setting is being set.
-	// See http://http2.github.io/http2-spec/#SettingValues
-	ID SettingID
-
-	// Val is the value.
-	Val uint32
-}
-
-func (s Setting) String() string {
-	return fmt.Sprintf("[%v = %d]", s.ID, s.Val)
-}
-
-// Valid reports whether the setting is valid.
-func (s Setting) Valid() error {
-	// Limits and error codes from 6.5.2 Defined SETTINGS Parameters
-	switch s.ID {
-	case SettingEnablePush:
-		if s.Val != 1 && s.Val != 0 {
-			return ConnectionError(ErrCodeProtocol)
-		}
-	case SettingInitialWindowSize:
-		if s.Val > 1<<31-1 {
-			return ConnectionError(ErrCodeFlowControl)
-		}
-	case SettingMaxFrameSize:
-		if s.Val < 16384 || s.Val > 1<<24-1 {
-			return ConnectionError(ErrCodeProtocol)
-		}
-	}
-	return nil
-}
-
-// A SettingID is an HTTP/2 setting as defined in
-// http://http2.github.io/http2-spec/#iana-settings
-type SettingID uint16
-
-const (
-	SettingHeaderTableSize      SettingID = 0x1
-	SettingEnablePush           SettingID = 0x2
-	SettingMaxConcurrentStreams SettingID = 0x3
-	SettingInitialWindowSize    SettingID = 0x4
-	SettingMaxFrameSize         SettingID = 0x5
-	SettingMaxHeaderListSize    SettingID = 0x6
-)
-
-var settingName = map[SettingID]string{
-	SettingHeaderTableSize:      "HEADER_TABLE_SIZE",
-	SettingEnablePush:           "ENABLE_PUSH",
-	SettingMaxConcurrentStreams: "MAX_CONCURRENT_STREAMS",
-	SettingInitialWindowSize:    "INITIAL_WINDOW_SIZE",
-	SettingMaxFrameSize:         "MAX_FRAME_SIZE",
-	SettingMaxHeaderListSize:    "MAX_HEADER_LIST_SIZE",
-}
-
-func (s SettingID) String() string {
-	if v, ok := settingName[s]; ok {
-		return v
-	}
-	return fmt.Sprintf("UNKNOWN_SETTING_%d", uint16(s))
-}
-
-var (
-	errInvalidHeaderFieldName  = errors.New("http2: invalid header field name")
-	errInvalidHeaderFieldValue = errors.New("http2: invalid header field value")
-)
-
-// validHeaderFieldName reports whether v is a valid header field name (key).
-//  RFC 7230 says:
-//   header-field   = field-name ":" OWS field-value OWS
-//   field-name     = token
-//   tchar = "!" / "#" / "$" / "%" / "&" / "'" / "*" / "+" / "-" / "." /
-//           "^" / "_" / "
-// Further, http2 says:
-//   "Just as in HTTP/1.x, header field names are strings of ASCII
-//   characters that are compared in a case-insensitive
-//   fashion. However, header field names MUST be converted to
-//   lowercase prior to their encoding in HTTP/2. "
-func validHeaderFieldName(v string) bool {
-	if len(v) == 0 {
-		return false
-	}
-	for _, r := range v {
-		if int(r) >= len(isTokenTable) || ('A' <= r && r <= 'Z') {
-			return false
-		}
-		if !isTokenTable[byte(r)] {
-			return false
-		}
-	}
-	return true
-}
-
-// validHeaderFieldValue reports whether v is a valid header field value.
-//
-// RFC 7230 says:
-//  field-value    = *( field-content / obs-fold )
-//  obj-fold       =  N/A to http2, and deprecated
-//  field-content  = field-vchar [ 1*( SP / HTAB ) field-vchar ]
-//  field-vchar    = VCHAR / obs-text
-//  obs-text       = %x80-FF
-//  VCHAR          = "any visible [USASCII] character"
-//
-// http2 further says: "Similarly, HTTP/2 allows header field values
-// that are not valid. While most of the values that can be encoded
-// will not alter header field parsing, carriage return (CR, ASCII
-// 0xd), line feed (LF, ASCII 0xa), and the zero character (NUL, ASCII
-// 0x0) might be exploited by an attacker if they are translated
-// verbatim. Any request or response that contains a character not
-// permitted in a header field value MUST be treated as malformed
-// (Section 8.1.2.6). Valid characters are defined by the
-// field-content ABNF rule in Section 3.2 of [RFC7230]."
-//
-// This function does not (yet?) properly handle the rejection of
-// strings that begin or end with SP or HTAB.
-func validHeaderFieldValue(v string) bool {
-	for i := 0; i < len(v); i++ {
-		if b := v[i]; b < ' ' && b != '\t' || b == 0x7f {
-			return false
-		}
-	}
-	return true
-}
-
-var httpCodeStringCommon = map[int]string{} // n -> strconv.Itoa(n)
-
-func init() {
-	for i := 100; i <= 999; i++ {
-		if v := http.StatusText(i); v != "" {
-			httpCodeStringCommon[i] = strconv.Itoa(i)
-		}
-	}
-}
-
-func httpCodeString(code int) string {
-	if s, ok := httpCodeStringCommon[code]; ok {
-		return s
-	}
-	return strconv.Itoa(code)
-}
-
-// from pkg io
-type stringWriter interface {
-	WriteString(s string) (n int, err error)
-}
-
-// A gate lets two goroutines coordinate their activities.
-type gate chan struct{}
-
-func (g gate) Done() { g <- struct{}{} }
-func (g gate) Wait() { <-g }
-
-// A closeWaiter is like a sync.WaitGroup but only goes 1 to 0 (open to closed).
-type closeWaiter chan struct{}
-
-// Init makes a closeWaiter usable.
-// It exists because so a closeWaiter value can be placed inside a
-// larger struct and have the Mutex and Cond's memory in the same
-// allocation.
-func (cw *closeWaiter) Init() {
-	*cw = make(chan struct{})
-}
-
-// Close marks the closeWaiter as closed and unblocks any waiters.
-func (cw closeWaiter) Close() {
-	close(cw)
-}
-
-// Wait waits for the closeWaiter to become closed.
-func (cw closeWaiter) Wait() {
-	<-cw
-}
-
-// bufferedWriter is a buffered writer that writes to w.
-// Its buffered writer is lazily allocated as needed, to minimize
-// idle memory usage with many connections.
-type bufferedWriter struct {
-	w  io.Writer     // immutable
-	bw *bufio.Writer // non-nil when data is buffered
-}
-
-func newBufferedWriter(w io.Writer) *bufferedWriter {
-	return &bufferedWriter{w: w}
-}
-
-var bufWriterPool = sync.Pool{
-	New: func() interface{} {
-		// TODO: pick something better? this is a bit under
-		// (3 x typical 1500 byte MTU) at least.
-		return bufio.NewWriterSize(nil, 4<<10)
-	},
-}
-
-func (w *bufferedWriter) Write(p []byte) (n int, err error) {
-	if w.bw == nil {
-		bw := bufWriterPool.Get().(*bufio.Writer)
-		bw.Reset(w.w)
-		w.bw = bw
-	}
-	return w.bw.Write(p)
-}
-
-func (w *bufferedWriter) Flush() error {
-	bw := w.bw
-	if bw == nil {
-		return nil
-	}
-	err := bw.Flush()
-	bw.Reset(nil)
-	bufWriterPool.Put(bw)
-	w.bw = nil
-	return err
-}
-
-func mustUint31(v int32) uint32 {
-	if v < 0 || v > 2147483647 {
-		panic("out of range")
-	}
-	return uint32(v)
-}
-
-// bodyAllowedForStatus reports whether a given response status code
-// permits a body. See RFC2616, section 4.4.
-func bodyAllowedForStatus(status int) bool {
-	switch {
-	case status >= 100 && status <= 199:
-		return false
-	case status == 204:
-		return false
-	case status == 304:
-		return false
-	}
-	return true
-}
-
-type httpError struct {
-	msg     string
-	timeout bool
-}
-
-func (e *httpError) Error() string   { return e.msg }
-func (e *httpError) Timeout() bool   { return e.timeout }
-func (e *httpError) Temporary() bool { return true }
-
-var errTimeout error = &httpError{msg: "http2: timeout awaiting response headers", timeout: true}
-
-var isTokenTable = [127]bool{
-	'!':  true,
-	'#':  true,
-	'$':  true,
-	'%':  true,
-	'&':  true,
-	'\'': true,
-	'*':  true,
-	'+':  true,
-	'-':  true,
-	'.':  true,
-	'0':  true,
-	'1':  true,
-	'2':  true,
-	'3':  true,
-	'4':  true,
-	'5':  true,
-	'6':  true,
-	'7':  true,
-	'8':  true,
-	'9':  true,
-	'A':  true,
-	'B':  true,
-	'C':  true,
-	'D':  true,
-	'E':  true,
-	'F':  true,
-	'G':  true,
-	'H':  true,
-	'I':  true,
-	'J':  true,
-	'K':  true,
-	'L':  true,
-	'M':  true,
-	'N':  true,
-	'O':  true,
-	'P':  true,
-	'Q':  true,
-	'R':  true,
-	'S':  true,
-	'T':  true,
-	'U':  true,
-	'W':  true,
-	'V':  true,
-	'X':  true,
-	'Y':  true,
-	'Z':  true,
-	'^':  true,
-	'_':  true,
-	'`':  true,
-	'a':  true,
-	'b':  true,
-	'c':  true,
-	'd':  true,
-	'e':  true,
-	'f':  true,
-	'g':  true,
-	'h':  true,
-	'i':  true,
-	'j':  true,
-	'k':  true,
-	'l':  true,
-	'm':  true,
-	'n':  true,
-	'o':  true,
-	'p':  true,
-	'q':  true,
-	'r':  true,
-	's':  true,
-	't':  true,
-	'u':  true,
-	'v':  true,
-	'w':  true,
-	'x':  true,
-	'y':  true,
-	'z':  true,
-	'|':  true,
-	'~':  true,
-}
-
-type connectionStater interface {
-	ConnectionState() tls.ConnectionState
-}
-
-var sorterPool = sync.Pool{New: func() interface{} { return new(sorter) }}
-
-type sorter struct {
-	v []string // owned by sorter
-}
-
-func (s *sorter) Len() int           { return len(s.v) }
-func (s *sorter) Swap(i, j int)      { s.v[i], s.v[j] = s.v[j], s.v[i] }
-func (s *sorter) Less(i, j int) bool { return s.v[i] < s.v[j] }
-
-// Keys returns the sorted keys of h.
-//
-// The returned slice is only valid until s used again or returned to
-// its pool.
-func (s *sorter) Keys(h http.Header) []string {
-	keys := s.v[:0]
-	for k := range h {
-		keys = append(keys, k)
-	}
-	s.v = keys
-	sort.Sort(s)
-	return keys
-}
-
-func (s *sorter) SortStrings(ss []string) {
-	// Our sorter works on s.v, which sorter owners, so
-	// stash it away while we sort the user's buffer.
-	save := s.v
-	s.v = ss
-	sort.Sort(s)
-	s.v = save
-}
diff --git a/vendor/golang.org/x/net/http2/http2_test.go b/vendor/golang.org/x/net/http2/http2_test.go
deleted file mode 100644
index 34dcb137..00000000
--- a/vendor/golang.org/x/net/http2/http2_test.go
+++ /dev/null
@@ -1,198 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"bytes"
-	"errors"
-	"flag"
-	"fmt"
-	"net/http"
-	"os/exec"
-	"strconv"
-	"strings"
-	"testing"
-
-	"golang.org/x/net/http2/hpack"
-)
-
-var knownFailing = flag.Bool("known_failing", false, "Run known-failing tests.")
-
-func condSkipFailingTest(t *testing.T) {
-	if !*knownFailing {
-		t.Skip("Skipping known-failing test without --known_failing")
-	}
-}
-
-func init() {
-	DebugGoroutines = true
-	flag.BoolVar(&VerboseLogs, "verboseh2", false, "Verbose HTTP/2 debug logging")
-}
-
-func TestSettingString(t *testing.T) {
-	tests := []struct {
-		s    Setting
-		want string
-	}{
-		{Setting{SettingMaxFrameSize, 123}, "[MAX_FRAME_SIZE = 123]"},
-		{Setting{1<<16 - 1, 123}, "[UNKNOWN_SETTING_65535 = 123]"},
-	}
-	for i, tt := range tests {
-		got := fmt.Sprint(tt.s)
-		if got != tt.want {
-			t.Errorf("%d. for %#v, string = %q; want %q", i, tt.s, got, tt.want)
-		}
-	}
-}
-
-type twriter struct {
-	t  testing.TB
-	st *serverTester // optional
-}
-
-func (w twriter) Write(p []byte) (n int, err error) {
-	if w.st != nil {
-		ps := string(p)
-		for _, phrase := range w.st.logFilter {
-			if strings.Contains(ps, phrase) {
-				return len(p), nil // no logging
-			}
-		}
-	}
-	w.t.Logf("%s", p)
-	return len(p), nil
-}
-
-// like encodeHeader, but don't add implicit psuedo headers.
-func encodeHeaderNoImplicit(t *testing.T, headers ...string) []byte {
-	var buf bytes.Buffer
-	enc := hpack.NewEncoder(&buf)
-	for len(headers) > 0 {
-		k, v := headers[0], headers[1]
-		headers = headers[2:]
-		if err := enc.WriteField(hpack.HeaderField{Name: k, Value: v}); err != nil {
-			t.Fatalf("HPACK encoding error for %q/%q: %v", k, v, err)
-		}
-	}
-	return buf.Bytes()
-}
-
-// Verify that curl has http2.
-func requireCurl(t *testing.T) {
-	out, err := dockerLogs(curl(t, "--version"))
-	if err != nil {
-		t.Skipf("failed to determine curl features; skipping test")
-	}
-	if !strings.Contains(string(out), "HTTP2") {
-		t.Skip("curl doesn't support HTTP2; skipping test")
-	}
-}
-
-func curl(t *testing.T, args ...string) (container string) {
-	out, err := exec.Command("docker", append([]string{"run", "-d", "--net=host", "gohttp2/curl"}, args...)...).Output()
-	if err != nil {
-		t.Skipf("Failed to run curl in docker: %v, %s", err, out)
-	}
-	return strings.TrimSpace(string(out))
-}
-
-// Verify that h2load exists.
-func requireH2load(t *testing.T) {
-	out, err := dockerLogs(h2load(t, "--version"))
-	if err != nil {
-		t.Skipf("failed to probe h2load; skipping test: %s", out)
-	}
-	if !strings.Contains(string(out), "h2load nghttp2/") {
-		t.Skipf("h2load not present; skipping test. (Output=%q)", out)
-	}
-}
-
-func h2load(t *testing.T, args ...string) (container string) {
-	out, err := exec.Command("docker", append([]string{"run", "-d", "--net=host", "--entrypoint=/usr/local/bin/h2load", "gohttp2/curl"}, args...)...).Output()
-	if err != nil {
-		t.Skipf("Failed to run h2load in docker: %v, %s", err, out)
-	}
-	return strings.TrimSpace(string(out))
-}
-
-type puppetCommand struct {
-	fn   func(w http.ResponseWriter, r *http.Request)
-	done chan<- bool
-}
-
-type handlerPuppet struct {
-	ch chan puppetCommand
-}
-
-func newHandlerPuppet() *handlerPuppet {
-	return &handlerPuppet{
-		ch: make(chan puppetCommand),
-	}
-}
-
-func (p *handlerPuppet) act(w http.ResponseWriter, r *http.Request) {
-	for cmd := range p.ch {
-		cmd.fn(w, r)
-		cmd.done <- true
-	}
-}
-
-func (p *handlerPuppet) done() { close(p.ch) }
-func (p *handlerPuppet) do(fn func(http.ResponseWriter, *http.Request)) {
-	done := make(chan bool)
-	p.ch <- puppetCommand{fn, done}
-	<-done
-}
-func dockerLogs(container string) ([]byte, error) {
-	out, err := exec.Command("docker", "wait", container).CombinedOutput()
-	if err != nil {
-		return out, err
-	}
-	exitStatus, err := strconv.Atoi(strings.TrimSpace(string(out)))
-	if err != nil {
-		return out, errors.New("unexpected exit status from docker wait")
-	}
-	out, err = exec.Command("docker", "logs", container).CombinedOutput()
-	exec.Command("docker", "rm", container).Run()
-	if err == nil && exitStatus != 0 {
-		err = fmt.Errorf("exit status %d: %s", exitStatus, out)
-	}
-	return out, err
-}
-
-func kill(container string) {
-	exec.Command("docker", "kill", container).Run()
-	exec.Command("docker", "rm", container).Run()
-}
-
-func cleanDate(res *http.Response) {
-	if d := res.Header["Date"]; len(d) == 1 {
-		d[0] = "XXX"
-	}
-}
-
-func TestSorterPoolAllocs(t *testing.T) {
-	ss := []string{"a", "b", "c"}
-	h := http.Header{
-		"a": nil,
-		"b": nil,
-		"c": nil,
-	}
-	sorter := new(sorter)
-
-	if allocs := testing.AllocsPerRun(100, func() {
-		sorter.SortStrings(ss)
-	}); allocs >= 1 {
-		t.Logf("SortStrings allocs = %v; want <1", allocs)
-	}
-
-	if allocs := testing.AllocsPerRun(5, func() {
-		if len(sorter.Keys(h)) != 3 {
-			t.Fatal("wrong result")
-		}
-	}); allocs > 0 {
-		t.Logf("Keys allocs = %v; want <1", allocs)
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/not_go15.go b/vendor/golang.org/x/net/http2/not_go15.go
deleted file mode 100644
index d0fa5c89..00000000
--- a/vendor/golang.org/x/net/http2/not_go15.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !go1.5
-
-package http2
-
-import "net/http"
-
-func requestCancel(req *http.Request) <-chan struct{} { return nil }
diff --git a/vendor/golang.org/x/net/http2/not_go16.go b/vendor/golang.org/x/net/http2/not_go16.go
deleted file mode 100644
index db53c5b8..00000000
--- a/vendor/golang.org/x/net/http2/not_go16.go
+++ /dev/null
@@ -1,13 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !go1.6
-
-package http2
-
-import "net/http"
-
-func configureTransport(t1 *http.Transport) (*Transport, error) {
-	return nil, errTransportVersion
-}
diff --git a/vendor/golang.org/x/net/http2/pipe.go b/vendor/golang.org/x/net/http2/pipe.go
deleted file mode 100644
index 69446e7a..00000000
--- a/vendor/golang.org/x/net/http2/pipe.go
+++ /dev/null
@@ -1,147 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"errors"
-	"io"
-	"sync"
-)
-
-// pipe is a goroutine-safe io.Reader/io.Writer pair.  It's like
-// io.Pipe except there are no PipeReader/PipeWriter halves, and the
-// underlying buffer is an interface. (io.Pipe is always unbuffered)
-type pipe struct {
-	mu       sync.Mutex
-	c        sync.Cond // c.L lazily initialized to &p.mu
-	b        pipeBuffer
-	err      error         // read error once empty. non-nil means closed.
-	breakErr error         // immediate read error (caller doesn't see rest of b)
-	donec    chan struct{} // closed on error
-	readFn   func()        // optional code to run in Read before error
-}
-
-type pipeBuffer interface {
-	Len() int
-	io.Writer
-	io.Reader
-}
-
-// Read waits until data is available and copies bytes
-// from the buffer into p.
-func (p *pipe) Read(d []byte) (n int, err error) {
-	p.mu.Lock()
-	defer p.mu.Unlock()
-	if p.c.L == nil {
-		p.c.L = &p.mu
-	}
-	for {
-		if p.breakErr != nil {
-			return 0, p.breakErr
-		}
-		if p.b.Len() > 0 {
-			return p.b.Read(d)
-		}
-		if p.err != nil {
-			if p.readFn != nil {
-				p.readFn()     // e.g. copy trailers
-				p.readFn = nil // not sticky like p.err
-			}
-			return 0, p.err
-		}
-		p.c.Wait()
-	}
-}
-
-var errClosedPipeWrite = errors.New("write on closed buffer")
-
-// Write copies bytes from p into the buffer and wakes a reader.
-// It is an error to write more data than the buffer can hold.
-func (p *pipe) Write(d []byte) (n int, err error) {
-	p.mu.Lock()
-	defer p.mu.Unlock()
-	if p.c.L == nil {
-		p.c.L = &p.mu
-	}
-	defer p.c.Signal()
-	if p.err != nil {
-		return 0, errClosedPipeWrite
-	}
-	return p.b.Write(d)
-}
-
-// CloseWithError causes the next Read (waking up a current blocked
-// Read if needed) to return the provided err after all data has been
-// read.
-//
-// The error must be non-nil.
-func (p *pipe) CloseWithError(err error) { p.closeWithError(&p.err, err, nil) }
-
-// BreakWithError causes the next Read (waking up a current blocked
-// Read if needed) to return the provided err immediately, without
-// waiting for unread data.
-func (p *pipe) BreakWithError(err error) { p.closeWithError(&p.breakErr, err, nil) }
-
-// closeWithErrorAndCode is like CloseWithError but also sets some code to run
-// in the caller's goroutine before returning the error.
-func (p *pipe) closeWithErrorAndCode(err error, fn func()) { p.closeWithError(&p.err, err, fn) }
-
-func (p *pipe) closeWithError(dst *error, err error, fn func()) {
-	if err == nil {
-		panic("err must be non-nil")
-	}
-	p.mu.Lock()
-	defer p.mu.Unlock()
-	if p.c.L == nil {
-		p.c.L = &p.mu
-	}
-	defer p.c.Signal()
-	if *dst != nil {
-		// Already been done.
-		return
-	}
-	p.readFn = fn
-	*dst = err
-	p.closeDoneLocked()
-}
-
-// requires p.mu be held.
-func (p *pipe) closeDoneLocked() {
-	if p.donec == nil {
-		return
-	}
-	// Close if unclosed. This isn't racy since we always
-	// hold p.mu while closing.
-	select {
-	case <-p.donec:
-	default:
-		close(p.donec)
-	}
-}
-
-// Err returns the error (if any) first set by BreakWithError or CloseWithError.
-func (p *pipe) Err() error {
-	p.mu.Lock()
-	defer p.mu.Unlock()
-	if p.breakErr != nil {
-		return p.breakErr
-	}
-	return p.err
-}
-
-// Done returns a channel which is closed if and when this pipe is closed
-// with CloseWithError.
-func (p *pipe) Done() <-chan struct{} {
-	p.mu.Lock()
-	defer p.mu.Unlock()
-	if p.donec == nil {
-		p.donec = make(chan struct{})
-		if p.err != nil || p.breakErr != nil {
-			// Already hit an error.
-			p.closeDoneLocked()
-		}
-	}
-	return p.donec
-}
diff --git a/vendor/golang.org/x/net/http2/pipe_test.go b/vendor/golang.org/x/net/http2/pipe_test.go
deleted file mode 100644
index 76322999..00000000
--- a/vendor/golang.org/x/net/http2/pipe_test.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"bytes"
-	"errors"
-	"io"
-	"io/ioutil"
-	"testing"
-)
-
-func TestPipeClose(t *testing.T) {
-	var p pipe
-	p.b = new(bytes.Buffer)
-	a := errors.New("a")
-	b := errors.New("b")
-	p.CloseWithError(a)
-	p.CloseWithError(b)
-	_, err := p.Read(make([]byte, 1))
-	if err != a {
-		t.Errorf("err = %v want %v", err, a)
-	}
-}
-
-func TestPipeDoneChan(t *testing.T) {
-	var p pipe
-	done := p.Done()
-	select {
-	case <-done:
-		t.Fatal("done too soon")
-	default:
-	}
-	p.CloseWithError(io.EOF)
-	select {
-	case <-done:
-	default:
-		t.Fatal("should be done")
-	}
-}
-
-func TestPipeDoneChan_ErrFirst(t *testing.T) {
-	var p pipe
-	p.CloseWithError(io.EOF)
-	done := p.Done()
-	select {
-	case <-done:
-	default:
-		t.Fatal("should be done")
-	}
-}
-
-func TestPipeDoneChan_Break(t *testing.T) {
-	var p pipe
-	done := p.Done()
-	select {
-	case <-done:
-		t.Fatal("done too soon")
-	default:
-	}
-	p.BreakWithError(io.EOF)
-	select {
-	case <-done:
-	default:
-		t.Fatal("should be done")
-	}
-}
-
-func TestPipeDoneChan_Break_ErrFirst(t *testing.T) {
-	var p pipe
-	p.BreakWithError(io.EOF)
-	done := p.Done()
-	select {
-	case <-done:
-	default:
-		t.Fatal("should be done")
-	}
-}
-
-func TestPipeCloseWithError(t *testing.T) {
-	p := &pipe{b: new(bytes.Buffer)}
-	const body = "foo"
-	io.WriteString(p, body)
-	a := errors.New("test error")
-	p.CloseWithError(a)
-	all, err := ioutil.ReadAll(p)
-	if string(all) != body {
-		t.Errorf("read bytes = %q; want %q", all, body)
-	}
-	if err != a {
-		t.Logf("read error = %v, %v", err, a)
-	}
-}
-
-func TestPipeBreakWithError(t *testing.T) {
-	p := &pipe{b: new(bytes.Buffer)}
-	io.WriteString(p, "foo")
-	a := errors.New("test err")
-	p.BreakWithError(a)
-	all, err := ioutil.ReadAll(p)
-	if string(all) != "" {
-		t.Errorf("read bytes = %q; want empty string", all)
-	}
-	if err != a {
-		t.Logf("read error = %v, %v", err, a)
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/priority_test.go b/vendor/golang.org/x/net/http2/priority_test.go
deleted file mode 100644
index a3fe2bb4..00000000
--- a/vendor/golang.org/x/net/http2/priority_test.go
+++ /dev/null
@@ -1,118 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"testing"
-)
-
-func TestPriority(t *testing.T) {
-	// A -> B
-	// move A's parent to B
-	streams := make(map[uint32]*stream)
-	a := &stream{
-		parent: nil,
-		weight: 16,
-	}
-	streams[1] = a
-	b := &stream{
-		parent: a,
-		weight: 16,
-	}
-	streams[2] = b
-	adjustStreamPriority(streams, 1, PriorityParam{
-		Weight:    20,
-		StreamDep: 2,
-	})
-	if a.parent != b {
-		t.Errorf("Expected A's parent to be B")
-	}
-	if a.weight != 20 {
-		t.Errorf("Expected A's weight to be 20; got %d", a.weight)
-	}
-	if b.parent != nil {
-		t.Errorf("Expected B to have no parent")
-	}
-	if b.weight != 16 {
-		t.Errorf("Expected B's weight to be 16; got %d", b.weight)
-	}
-}
-
-func TestPriorityExclusiveZero(t *testing.T) {
-	// A B and C are all children of the 0 stream.
-	// Exclusive reprioritization to any of the streams
-	// should bring the rest of the streams under the
-	// reprioritized stream
-	streams := make(map[uint32]*stream)
-	a := &stream{
-		parent: nil,
-		weight: 16,
-	}
-	streams[1] = a
-	b := &stream{
-		parent: nil,
-		weight: 16,
-	}
-	streams[2] = b
-	c := &stream{
-		parent: nil,
-		weight: 16,
-	}
-	streams[3] = c
-	adjustStreamPriority(streams, 3, PriorityParam{
-		Weight:    20,
-		StreamDep: 0,
-		Exclusive: true,
-	})
-	if a.parent != c {
-		t.Errorf("Expected A's parent to be C")
-	}
-	if a.weight != 16 {
-		t.Errorf("Expected A's weight to be 16; got %d", a.weight)
-	}
-	if b.parent != c {
-		t.Errorf("Expected B's parent to be C")
-	}
-	if b.weight != 16 {
-		t.Errorf("Expected B's weight to be 16; got %d", b.weight)
-	}
-	if c.parent != nil {
-		t.Errorf("Expected C to have no parent")
-	}
-	if c.weight != 20 {
-		t.Errorf("Expected C's weight to be 20; got %d", b.weight)
-	}
-}
-
-func TestPriorityOwnParent(t *testing.T) {
-	streams := make(map[uint32]*stream)
-	a := &stream{
-		parent: nil,
-		weight: 16,
-	}
-	streams[1] = a
-	b := &stream{
-		parent: a,
-		weight: 16,
-	}
-	streams[2] = b
-	adjustStreamPriority(streams, 1, PriorityParam{
-		Weight:    20,
-		StreamDep: 1,
-	})
-	if a.parent != nil {
-		t.Errorf("Expected A's parent to be nil")
-	}
-	if a.weight != 20 {
-		t.Errorf("Expected A's weight to be 20; got %d", a.weight)
-	}
-	if b.parent != a {
-		t.Errorf("Expected B's parent to be A")
-	}
-	if b.weight != 16 {
-		t.Errorf("Expected B's weight to be 16; got %d", b.weight)
-	}
-
-}
diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go
deleted file mode 100644
index 1e6980c3..00000000
--- a/vendor/golang.org/x/net/http2/server.go
+++ /dev/null
@@ -1,2178 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// TODO: replace all <-sc.doneServing with reads from the stream's cw
-// instead, and make sure that on close we close all open
-// streams. then remove doneServing?
-
-// TODO: re-audit GOAWAY support. Consider each incoming frame type and
-// whether it should be ignored during graceful shutdown.
-
-// TODO: disconnect idle clients. GFE seems to do 4 minutes. make
-// configurable?  or maximum number of idle clients and remove the
-// oldest?
-
-// TODO: turn off the serve goroutine when idle, so
-// an idle conn only has the readFrames goroutine active. (which could
-// also be optimized probably to pin less memory in crypto/tls). This
-// would involve tracking when the serve goroutine is active (atomic
-// int32 read/CAS probably?) and starting it up when frames arrive,
-// and shutting it down when all handlers exit. the occasional PING
-// packets could use time.AfterFunc to call sc.wakeStartServeLoop()
-// (which is a no-op if already running) and then queue the PING write
-// as normal. The serve loop would then exit in most cases (if no
-// Handlers running) and not be woken up again until the PING packet
-// returns.
-
-// TODO (maybe): add a mechanism for Handlers to going into
-// half-closed-local mode (rw.(io.Closer) test?) but not exit their
-// handler, and continue to be able to read from the
-// Request.Body. This would be a somewhat semantic change from HTTP/1
-// (or at least what we expose in net/http), so I'd probably want to
-// add it there too. For now, this package says that returning from
-// the Handler ServeHTTP function means you're both done reading and
-// done writing, without a way to stop just one or the other.
-
-package http2
-
-import (
-	"bufio"
-	"bytes"
-	"crypto/tls"
-	"errors"
-	"fmt"
-	"io"
-	"log"
-	"net"
-	"net/http"
-	"net/textproto"
-	"net/url"
-	"os"
-	"reflect"
-	"runtime"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-
-	"golang.org/x/net/http2/hpack"
-)
-
-const (
-	prefaceTimeout        = 10 * time.Second
-	firstSettingsTimeout  = 2 * time.Second // should be in-flight with preface anyway
-	handlerChunkWriteSize = 4 << 10
-	defaultMaxStreams     = 250 // TODO: make this 100 as the GFE seems to?
-)
-
-var (
-	errClientDisconnected = errors.New("client disconnected")
-	errClosedBody         = errors.New("body closed by handler")
-	errHandlerComplete    = errors.New("http2: request body closed due to handler exiting")
-	errStreamClosed       = errors.New("http2: stream closed")
-)
-
-var responseWriterStatePool = sync.Pool{
-	New: func() interface{} {
-		rws := &responseWriterState{}
-		rws.bw = bufio.NewWriterSize(chunkWriter{rws}, handlerChunkWriteSize)
-		return rws
-	},
-}
-
-// Test hooks.
-var (
-	testHookOnConn        func()
-	testHookGetServerConn func(*serverConn)
-	testHookOnPanicMu     *sync.Mutex // nil except in tests
-	testHookOnPanic       func(sc *serverConn, panicVal interface{}) (rePanic bool)
-)
-
-// Server is an HTTP/2 server.
-type Server struct {
-	// MaxHandlers limits the number of http.Handler ServeHTTP goroutines
-	// which may run at a time over all connections.
-	// Negative or zero no limit.
-	// TODO: implement
-	MaxHandlers int
-
-	// MaxConcurrentStreams optionally specifies the number of
-	// concurrent streams that each client may have open at a
-	// time. This is unrelated to the number of http.Handler goroutines
-	// which may be active globally, which is MaxHandlers.
-	// If zero, MaxConcurrentStreams defaults to at least 100, per
-	// the HTTP/2 spec's recommendations.
-	MaxConcurrentStreams uint32
-
-	// MaxReadFrameSize optionally specifies the largest frame
-	// this server is willing to read. A valid value is between
-	// 16k and 16M, inclusive. If zero or otherwise invalid, a
-	// default value is used.
-	MaxReadFrameSize uint32
-
-	// PermitProhibitedCipherSuites, if true, permits the use of
-	// cipher suites prohibited by the HTTP/2 spec.
-	PermitProhibitedCipherSuites bool
-}
-
-func (s *Server) maxReadFrameSize() uint32 {
-	if v := s.MaxReadFrameSize; v >= minMaxFrameSize && v <= maxFrameSize {
-		return v
-	}
-	return defaultMaxReadFrameSize
-}
-
-func (s *Server) maxConcurrentStreams() uint32 {
-	if v := s.MaxConcurrentStreams; v > 0 {
-		return v
-	}
-	return defaultMaxStreams
-}
-
-// ConfigureServer adds HTTP/2 support to a net/http Server.
-//
-// The configuration conf may be nil.
-//
-// ConfigureServer must be called before s begins serving.
-func ConfigureServer(s *http.Server, conf *Server) error {
-	if conf == nil {
-		conf = new(Server)
-	}
-
-	if s.TLSConfig == nil {
-		s.TLSConfig = new(tls.Config)
-	} else if s.TLSConfig.CipherSuites != nil {
-		// If they already provided a CipherSuite list, return
-		// an error if it has a bad order or is missing
-		// ECDHE_RSA_WITH_AES_128_GCM_SHA256.
-		const requiredCipher = tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-		haveRequired := false
-		sawBad := false
-		for i, cs := range s.TLSConfig.CipherSuites {
-			if cs == requiredCipher {
-				haveRequired = true
-			}
-			if isBadCipher(cs) {
-				sawBad = true
-			} else if sawBad {
-				return fmt.Errorf("http2: TLSConfig.CipherSuites index %d contains an HTTP/2-approved cipher suite (%#04x), but it comes after unapproved cipher suites. With this configuration, clients that don't support previous, approved cipher suites may be given an unapproved one and reject the connection.", i, cs)
-			}
-		}
-		if !haveRequired {
-			return fmt.Errorf("http2: TLSConfig.CipherSuites is missing HTTP/2-required TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")
-		}
-	}
-
-	// Note: not setting MinVersion to tls.VersionTLS12,
-	// as we don't want to interfere with HTTP/1.1 traffic
-	// on the user's server. We enforce TLS 1.2 later once
-	// we accept a connection. Ideally this should be done
-	// during next-proto selection, but using TLS <1.2 with
-	// HTTP/2 is still the client's bug.
-
-	s.TLSConfig.PreferServerCipherSuites = true
-
-	haveNPN := false
-	for _, p := range s.TLSConfig.NextProtos {
-		if p == NextProtoTLS {
-			haveNPN = true
-			break
-		}
-	}
-	if !haveNPN {
-		s.TLSConfig.NextProtos = append(s.TLSConfig.NextProtos, NextProtoTLS)
-	}
-	// h2-14 is temporary (as of 2015-03-05) while we wait for all browsers
-	// to switch to "h2".
-	s.TLSConfig.NextProtos = append(s.TLSConfig.NextProtos, "h2-14")
-
-	if s.TLSNextProto == nil {
-		s.TLSNextProto = map[string]func(*http.Server, *tls.Conn, http.Handler){}
-	}
-	protoHandler := func(hs *http.Server, c *tls.Conn, h http.Handler) {
-		if testHookOnConn != nil {
-			testHookOnConn()
-		}
-		conf.ServeConn(c, &ServeConnOpts{
-			Handler:    h,
-			BaseConfig: hs,
-		})
-	}
-	s.TLSNextProto[NextProtoTLS] = protoHandler
-	s.TLSNextProto["h2-14"] = protoHandler // temporary; see above.
-	return nil
-}
-
-// ServeConnOpts are options for the Server.ServeConn method.
-type ServeConnOpts struct {
-	// BaseConfig optionally sets the base configuration
-	// for values. If nil, defaults are used.
-	BaseConfig *http.Server
-
-	// Handler specifies which handler to use for processing
-	// requests. If nil, BaseConfig.Handler is used. If BaseConfig
-	// or BaseConfig.Handler is nil, http.DefaultServeMux is used.
-	Handler http.Handler
-}
-
-func (o *ServeConnOpts) baseConfig() *http.Server {
-	if o != nil && o.BaseConfig != nil {
-		return o.BaseConfig
-	}
-	return new(http.Server)
-}
-
-func (o *ServeConnOpts) handler() http.Handler {
-	if o != nil {
-		if o.Handler != nil {
-			return o.Handler
-		}
-		if o.BaseConfig != nil && o.BaseConfig.Handler != nil {
-			return o.BaseConfig.Handler
-		}
-	}
-	return http.DefaultServeMux
-}
-
-// ServeConn serves HTTP/2 requests on the provided connection and
-// blocks until the connection is no longer readable.
-//
-// ServeConn starts speaking HTTP/2 assuming that c has not had any
-// reads or writes. It writes its initial settings frame and expects
-// to be able to read the preface and settings frame from the
-// client. If c has a ConnectionState method like a *tls.Conn, the
-// ConnectionState is used to verify the TLS ciphersuite and to set
-// the Request.TLS field in Handlers.
-//
-// ServeConn does not support h2c by itself. Any h2c support must be
-// implemented in terms of providing a suitably-behaving net.Conn.
-//
-// The opts parameter is optional. If nil, default values are used.
-func (s *Server) ServeConn(c net.Conn, opts *ServeConnOpts) {
-	sc := &serverConn{
-		srv:              s,
-		hs:               opts.baseConfig(),
-		conn:             c,
-		remoteAddrStr:    c.RemoteAddr().String(),
-		bw:               newBufferedWriter(c),
-		handler:          opts.handler(),
-		streams:          make(map[uint32]*stream),
-		readFrameCh:      make(chan readFrameResult),
-		wantWriteFrameCh: make(chan frameWriteMsg, 8),
-		wroteFrameCh:     make(chan frameWriteResult, 1), // buffered; one send in writeFrameAsync
-		bodyReadCh:       make(chan bodyReadMsg),         // buffering doesn't matter either way
-		doneServing:      make(chan struct{}),
-		advMaxStreams:    s.maxConcurrentStreams(),
-		writeSched: writeScheduler{
-			maxFrameSize: initialMaxFrameSize,
-		},
-		initialWindowSize: initialWindowSize,
-		headerTableSize:   initialHeaderTableSize,
-		serveG:            newGoroutineLock(),
-		pushEnabled:       true,
-	}
-	sc.flow.add(initialWindowSize)
-	sc.inflow.add(initialWindowSize)
-	sc.hpackEncoder = hpack.NewEncoder(&sc.headerWriteBuf)
-
-	fr := NewFramer(sc.bw, c)
-	fr.ReadMetaHeaders = hpack.NewDecoder(initialHeaderTableSize, nil)
-	fr.MaxHeaderListSize = sc.maxHeaderListSize()
-	fr.SetMaxReadFrameSize(s.maxReadFrameSize())
-	sc.framer = fr
-
-	if tc, ok := c.(connectionStater); ok {
-		sc.tlsState = new(tls.ConnectionState)
-		*sc.tlsState = tc.ConnectionState()
-		// 9.2 Use of TLS Features
-		// An implementation of HTTP/2 over TLS MUST use TLS
-		// 1.2 or higher with the restrictions on feature set
-		// and cipher suite described in this section. Due to
-		// implementation limitations, it might not be
-		// possible to fail TLS negotiation. An endpoint MUST
-		// immediately terminate an HTTP/2 connection that
-		// does not meet the TLS requirements described in
-		// this section with a connection error (Section
-		// 5.4.1) of type INADEQUATE_SECURITY.
-		if sc.tlsState.Version < tls.VersionTLS12 {
-			sc.rejectConn(ErrCodeInadequateSecurity, "TLS version too low")
-			return
-		}
-
-		if sc.tlsState.ServerName == "" {
-			// Client must use SNI, but we don't enforce that anymore,
-			// since it was causing problems when connecting to bare IP
-			// addresses during development.
-			//
-			// TODO: optionally enforce? Or enforce at the time we receive
-			// a new request, and verify the the ServerName matches the :authority?
-			// But that precludes proxy situations, perhaps.
-			//
-			// So for now, do nothing here again.
-		}
-
-		if !s.PermitProhibitedCipherSuites && isBadCipher(sc.tlsState.CipherSuite) {
-			// "Endpoints MAY choose to generate a connection error
-			// (Section 5.4.1) of type INADEQUATE_SECURITY if one of
-			// the prohibited cipher suites are negotiated."
-			//
-			// We choose that. In my opinion, the spec is weak
-			// here. It also says both parties must support at least
-			// TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 so there's no
-			// excuses here. If we really must, we could allow an
-			// "AllowInsecureWeakCiphers" option on the server later.
-			// Let's see how it plays out first.
-			sc.rejectConn(ErrCodeInadequateSecurity, fmt.Sprintf("Prohibited TLS 1.2 Cipher Suite: %x", sc.tlsState.CipherSuite))
-			return
-		}
-	}
-
-	if hook := testHookGetServerConn; hook != nil {
-		hook(sc)
-	}
-	sc.serve()
-}
-
-// isBadCipher reports whether the cipher is blacklisted by the HTTP/2 spec.
-func isBadCipher(cipher uint16) bool {
-	switch cipher {
-	case tls.TLS_RSA_WITH_RC4_128_SHA,
-		tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
-		tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-		tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-		// Reject cipher suites from Appendix A.
-		// "This list includes those cipher suites that do not
-		// offer an ephemeral key exchange and those that are
-		// based on the TLS null, stream or block cipher type"
-		return true
-	default:
-		return false
-	}
-}
-
-func (sc *serverConn) rejectConn(err ErrCode, debug string) {
-	sc.vlogf("http2: server rejecting conn: %v, %s", err, debug)
-	// ignoring errors. hanging up anyway.
-	sc.framer.WriteGoAway(0, err, []byte(debug))
-	sc.bw.Flush()
-	sc.conn.Close()
-}
-
-type serverConn struct {
-	// Immutable:
-	srv              *Server
-	hs               *http.Server
-	conn             net.Conn
-	bw               *bufferedWriter // writing to conn
-	handler          http.Handler
-	framer           *Framer
-	doneServing      chan struct{}         // closed when serverConn.serve ends
-	readFrameCh      chan readFrameResult  // written by serverConn.readFrames
-	wantWriteFrameCh chan frameWriteMsg    // from handlers -> serve
-	wroteFrameCh     chan frameWriteResult // from writeFrameAsync -> serve, tickles more frame writes
-	bodyReadCh       chan bodyReadMsg      // from handlers -> serve
-	testHookCh       chan func(int)        // code to run on the serve loop
-	flow             flow                  // conn-wide (not stream-specific) outbound flow control
-	inflow           flow                  // conn-wide inbound flow control
-	tlsState         *tls.ConnectionState  // shared by all handlers, like net/http
-	remoteAddrStr    string
-
-	// Everything following is owned by the serve loop; use serveG.check():
-	serveG                goroutineLock // used to verify funcs are on serve()
-	pushEnabled           bool
-	sawFirstSettings      bool // got the initial SETTINGS frame after the preface
-	needToSendSettingsAck bool
-	unackedSettings       int    // how many SETTINGS have we sent without ACKs?
-	clientMaxStreams      uint32 // SETTINGS_MAX_CONCURRENT_STREAMS from client (our PUSH_PROMISE limit)
-	advMaxStreams         uint32 // our SETTINGS_MAX_CONCURRENT_STREAMS advertised the client
-	curOpenStreams        uint32 // client's number of open streams
-	maxStreamID           uint32 // max ever seen
-	streams               map[uint32]*stream
-	initialWindowSize     int32
-	headerTableSize       uint32
-	peerMaxHeaderListSize uint32            // zero means unknown (default)
-	canonHeader           map[string]string // http2-lower-case -> Go-Canonical-Case
-	writingFrame          bool              // started write goroutine but haven't heard back on wroteFrameCh
-	needsFrameFlush       bool              // last frame write wasn't a flush
-	writeSched            writeScheduler
-	inGoAway              bool // we've started to or sent GOAWAY
-	needToSendGoAway      bool // we need to schedule a GOAWAY frame write
-	goAwayCode            ErrCode
-	shutdownTimerCh       <-chan time.Time // nil until used
-	shutdownTimer         *time.Timer      // nil until used
-	freeRequestBodyBuf    []byte           // if non-nil, a free initialWindowSize buffer for getRequestBodyBuf
-
-	// Owned by the writeFrameAsync goroutine:
-	headerWriteBuf bytes.Buffer
-	hpackEncoder   *hpack.Encoder
-}
-
-func (sc *serverConn) maxHeaderListSize() uint32 {
-	n := sc.hs.MaxHeaderBytes
-	if n <= 0 {
-		n = http.DefaultMaxHeaderBytes
-	}
-	// http2's count is in a slightly different unit and includes 32 bytes per pair.
-	// So, take the net/http.Server value and pad it up a bit, assuming 10 headers.
-	const perFieldOverhead = 32 // per http2 spec
-	const typicalHeaders = 10   // conservative
-	return uint32(n + typicalHeaders*perFieldOverhead)
-}
-
-// stream represents a stream. This is the minimal metadata needed by
-// the serve goroutine. Most of the actual stream state is owned by
-// the http.Handler's goroutine in the responseWriter. Because the
-// responseWriter's responseWriterState is recycled at the end of a
-// handler, this struct intentionally has no pointer to the
-// *responseWriter{,State} itself, as the Handler ending nils out the
-// responseWriter's state field.
-type stream struct {
-	// immutable:
-	sc   *serverConn
-	id   uint32
-	body *pipe       // non-nil if expecting DATA frames
-	cw   closeWaiter // closed wait stream transitions to closed state
-
-	// owned by serverConn's serve loop:
-	bodyBytes        int64   // body bytes seen so far
-	declBodyBytes    int64   // or -1 if undeclared
-	flow             flow    // limits writing from Handler to client
-	inflow           flow    // what the client is allowed to POST/etc to us
-	parent           *stream // or nil
-	numTrailerValues int64
-	weight           uint8
-	state            streamState
-	sentReset        bool // only true once detached from streams map
-	gotReset         bool // only true once detacted from streams map
-	gotTrailerHeader bool // HEADER frame for trailers was seen
-	reqBuf           []byte
-
-	trailer    http.Header // accumulated trailers
-	reqTrailer http.Header // handler's Request.Trailer
-}
-
-func (sc *serverConn) Framer() *Framer  { return sc.framer }
-func (sc *serverConn) CloseConn() error { return sc.conn.Close() }
-func (sc *serverConn) Flush() error     { return sc.bw.Flush() }
-func (sc *serverConn) HeaderEncoder() (*hpack.Encoder, *bytes.Buffer) {
-	return sc.hpackEncoder, &sc.headerWriteBuf
-}
-
-func (sc *serverConn) state(streamID uint32) (streamState, *stream) {
-	sc.serveG.check()
-	// http://http2.github.io/http2-spec/#rfc.section.5.1
-	if st, ok := sc.streams[streamID]; ok {
-		return st.state, st
-	}
-	// "The first use of a new stream identifier implicitly closes all
-	// streams in the "idle" state that might have been initiated by
-	// that peer with a lower-valued stream identifier. For example, if
-	// a client sends a HEADERS frame on stream 7 without ever sending a
-	// frame on stream 5, then stream 5 transitions to the "closed"
-	// state when the first frame for stream 7 is sent or received."
-	if streamID <= sc.maxStreamID {
-		return stateClosed, nil
-	}
-	return stateIdle, nil
-}
-
-// setConnState calls the net/http ConnState hook for this connection, if configured.
-// Note that the net/http package does StateNew and StateClosed for us.
-// There is currently no plan for StateHijacked or hijacking HTTP/2 connections.
-func (sc *serverConn) setConnState(state http.ConnState) {
-	if sc.hs.ConnState != nil {
-		sc.hs.ConnState(sc.conn, state)
-	}
-}
-
-func (sc *serverConn) vlogf(format string, args ...interface{}) {
-	if VerboseLogs {
-		sc.logf(format, args...)
-	}
-}
-
-func (sc *serverConn) logf(format string, args ...interface{}) {
-	if lg := sc.hs.ErrorLog; lg != nil {
-		lg.Printf(format, args...)
-	} else {
-		log.Printf(format, args...)
-	}
-}
-
-// errno returns v's underlying uintptr, else 0.
-//
-// TODO: remove this helper function once http2 can use build
-// tags. See comment in isClosedConnError.
-func errno(v error) uintptr {
-	if rv := reflect.ValueOf(v); rv.Kind() == reflect.Uintptr {
-		return uintptr(rv.Uint())
-	}
-	return 0
-}
-
-// isClosedConnError reports whether err is an error from use of a closed
-// network connection.
-func isClosedConnError(err error) bool {
-	if err == nil {
-		return false
-	}
-
-	// TODO: remove this string search and be more like the Windows
-	// case below. That might involve modifying the standard library
-	// to return better error types.
-	str := err.Error()
-	if strings.Contains(str, "use of closed network connection") {
-		return true
-	}
-
-	// TODO(bradfitz): x/tools/cmd/bundle doesn't really support
-	// build tags, so I can't make an http2_windows.go file with
-	// Windows-specific stuff. Fix that and move this, once we
-	// have a way to bundle this into std's net/http somehow.
-	if runtime.GOOS == "windows" {
-		if oe, ok := err.(*net.OpError); ok && oe.Op == "read" {
-			if se, ok := oe.Err.(*os.SyscallError); ok && se.Syscall == "wsarecv" {
-				const WSAECONNABORTED = 10053
-				const WSAECONNRESET = 10054
-				if n := errno(se.Err); n == WSAECONNRESET || n == WSAECONNABORTED {
-					return true
-				}
-			}
-		}
-	}
-	return false
-}
-
-func (sc *serverConn) condlogf(err error, format string, args ...interface{}) {
-	if err == nil {
-		return
-	}
-	if err == io.EOF || err == io.ErrUnexpectedEOF || isClosedConnError(err) {
-		// Boring, expected errors.
-		sc.vlogf(format, args...)
-	} else {
-		sc.logf(format, args...)
-	}
-}
-
-func (sc *serverConn) canonicalHeader(v string) string {
-	sc.serveG.check()
-	cv, ok := commonCanonHeader[v]
-	if ok {
-		return cv
-	}
-	cv, ok = sc.canonHeader[v]
-	if ok {
-		return cv
-	}
-	if sc.canonHeader == nil {
-		sc.canonHeader = make(map[string]string)
-	}
-	cv = http.CanonicalHeaderKey(v)
-	sc.canonHeader[v] = cv
-	return cv
-}
-
-type readFrameResult struct {
-	f   Frame // valid until readMore is called
-	err error
-
-	// readMore should be called once the consumer no longer needs or
-	// retains f. After readMore, f is invalid and more frames can be
-	// read.
-	readMore func()
-}
-
-// readFrames is the loop that reads incoming frames.
-// It takes care to only read one frame at a time, blocking until the
-// consumer is done with the frame.
-// It's run on its own goroutine.
-func (sc *serverConn) readFrames() {
-	gate := make(gate)
-	gateDone := gate.Done
-	for {
-		f, err := sc.framer.ReadFrame()
-		select {
-		case sc.readFrameCh <- readFrameResult{f, err, gateDone}:
-		case <-sc.doneServing:
-			return
-		}
-		select {
-		case <-gate:
-		case <-sc.doneServing:
-			return
-		}
-		if terminalReadFrameError(err) {
-			return
-		}
-	}
-}
-
-// frameWriteResult is the message passed from writeFrameAsync to the serve goroutine.
-type frameWriteResult struct {
-	wm  frameWriteMsg // what was written (or attempted)
-	err error         // result of the writeFrame call
-}
-
-// writeFrameAsync runs in its own goroutine and writes a single frame
-// and then reports when it's done.
-// At most one goroutine can be running writeFrameAsync at a time per
-// serverConn.
-func (sc *serverConn) writeFrameAsync(wm frameWriteMsg) {
-	err := wm.write.writeFrame(sc)
-	sc.wroteFrameCh <- frameWriteResult{wm, err}
-}
-
-func (sc *serverConn) closeAllStreamsOnConnClose() {
-	sc.serveG.check()
-	for _, st := range sc.streams {
-		sc.closeStream(st, errClientDisconnected)
-	}
-}
-
-func (sc *serverConn) stopShutdownTimer() {
-	sc.serveG.check()
-	if t := sc.shutdownTimer; t != nil {
-		t.Stop()
-	}
-}
-
-func (sc *serverConn) notePanic() {
-	// Note: this is for serverConn.serve panicking, not http.Handler code.
-	if testHookOnPanicMu != nil {
-		testHookOnPanicMu.Lock()
-		defer testHookOnPanicMu.Unlock()
-	}
-	if testHookOnPanic != nil {
-		if e := recover(); e != nil {
-			if testHookOnPanic(sc, e) {
-				panic(e)
-			}
-		}
-	}
-}
-
-func (sc *serverConn) serve() {
-	sc.serveG.check()
-	defer sc.notePanic()
-	defer sc.conn.Close()
-	defer sc.closeAllStreamsOnConnClose()
-	defer sc.stopShutdownTimer()
-	defer close(sc.doneServing) // unblocks handlers trying to send
-
-	if VerboseLogs {
-		sc.vlogf("http2: server connection from %v on %p", sc.conn.RemoteAddr(), sc.hs)
-	}
-
-	sc.writeFrame(frameWriteMsg{
-		write: writeSettings{
-			{SettingMaxFrameSize, sc.srv.maxReadFrameSize()},
-			{SettingMaxConcurrentStreams, sc.advMaxStreams},
-			{SettingMaxHeaderListSize, sc.maxHeaderListSize()},
-
-			// TODO: more actual settings, notably
-			// SettingInitialWindowSize, but then we also
-			// want to bump up the conn window size the
-			// same amount here right after the settings
-		},
-	})
-	sc.unackedSettings++
-
-	if err := sc.readPreface(); err != nil {
-		sc.condlogf(err, "http2: server: error reading preface from client %v: %v", sc.conn.RemoteAddr(), err)
-		return
-	}
-	// Now that we've got the preface, get us out of the
-	// "StateNew" state.  We can't go directly to idle, though.
-	// Active means we read some data and anticipate a request. We'll
-	// do another Active when we get a HEADERS frame.
-	sc.setConnState(http.StateActive)
-	sc.setConnState(http.StateIdle)
-
-	go sc.readFrames() // closed by defer sc.conn.Close above
-
-	settingsTimer := time.NewTimer(firstSettingsTimeout)
-	loopNum := 0
-	for {
-		loopNum++
-		select {
-		case wm := <-sc.wantWriteFrameCh:
-			sc.writeFrame(wm)
-		case res := <-sc.wroteFrameCh:
-			sc.wroteFrame(res)
-		case res := <-sc.readFrameCh:
-			if !sc.processFrameFromReader(res) {
-				return
-			}
-			res.readMore()
-			if settingsTimer.C != nil {
-				settingsTimer.Stop()
-				settingsTimer.C = nil
-			}
-		case m := <-sc.bodyReadCh:
-			sc.noteBodyRead(m.st, m.n)
-		case <-settingsTimer.C:
-			sc.logf("timeout waiting for SETTINGS frames from %v", sc.conn.RemoteAddr())
-			return
-		case <-sc.shutdownTimerCh:
-			sc.vlogf("GOAWAY close timer fired; closing conn from %v", sc.conn.RemoteAddr())
-			return
-		case fn := <-sc.testHookCh:
-			fn(loopNum)
-		}
-	}
-}
-
-// readPreface reads the ClientPreface greeting from the peer
-// or returns an error on timeout or an invalid greeting.
-func (sc *serverConn) readPreface() error {
-	errc := make(chan error, 1)
-	go func() {
-		// Read the client preface
-		buf := make([]byte, len(ClientPreface))
-		if _, err := io.ReadFull(sc.conn, buf); err != nil {
-			errc <- err
-		} else if !bytes.Equal(buf, clientPreface) {
-			errc <- fmt.Errorf("bogus greeting %q", buf)
-		} else {
-			errc <- nil
-		}
-	}()
-	timer := time.NewTimer(prefaceTimeout) // TODO: configurable on *Server?
-	defer timer.Stop()
-	select {
-	case <-timer.C:
-		return errors.New("timeout waiting for client preface")
-	case err := <-errc:
-		if err == nil {
-			if VerboseLogs {
-				sc.vlogf("http2: server: client %v said hello", sc.conn.RemoteAddr())
-			}
-		}
-		return err
-	}
-}
-
-var errChanPool = sync.Pool{
-	New: func() interface{} { return make(chan error, 1) },
-}
-
-var writeDataPool = sync.Pool{
-	New: func() interface{} { return new(writeData) },
-}
-
-// writeDataFromHandler writes DATA response frames from a handler on
-// the given stream.
-func (sc *serverConn) writeDataFromHandler(stream *stream, data []byte, endStream bool) error {
-	ch := errChanPool.Get().(chan error)
-	writeArg := writeDataPool.Get().(*writeData)
-	*writeArg = writeData{stream.id, data, endStream}
-	err := sc.writeFrameFromHandler(frameWriteMsg{
-		write:  writeArg,
-		stream: stream,
-		done:   ch,
-	})
-	if err != nil {
-		return err
-	}
-	var frameWriteDone bool // the frame write is done (successfully or not)
-	select {
-	case err = <-ch:
-		frameWriteDone = true
-	case <-sc.doneServing:
-		return errClientDisconnected
-	case <-stream.cw:
-		// If both ch and stream.cw were ready (as might
-		// happen on the final Write after an http.Handler
-		// ends), prefer the write result. Otherwise this
-		// might just be us successfully closing the stream.
-		// The writeFrameAsync and serve goroutines guarantee
-		// that the ch send will happen before the stream.cw
-		// close.
-		select {
-		case err = <-ch:
-			frameWriteDone = true
-		default:
-			return errStreamClosed
-		}
-	}
-	errChanPool.Put(ch)
-	if frameWriteDone {
-		writeDataPool.Put(writeArg)
-	}
-	return err
-}
-
-// writeFrameFromHandler sends wm to sc.wantWriteFrameCh, but aborts
-// if the connection has gone away.
-//
-// This must not be run from the serve goroutine itself, else it might
-// deadlock writing to sc.wantWriteFrameCh (which is only mildly
-// buffered and is read by serve itself). If you're on the serve
-// goroutine, call writeFrame instead.
-func (sc *serverConn) writeFrameFromHandler(wm frameWriteMsg) error {
-	sc.serveG.checkNotOn() // NOT
-	select {
-	case sc.wantWriteFrameCh <- wm:
-		return nil
-	case <-sc.doneServing:
-		// Serve loop is gone.
-		// Client has closed their connection to the server.
-		return errClientDisconnected
-	}
-}
-
-// writeFrame schedules a frame to write and sends it if there's nothing
-// already being written.
-//
-// There is no pushback here (the serve goroutine never blocks). It's
-// the http.Handlers that block, waiting for their previous frames to
-// make it onto the wire
-//
-// If you're not on the serve goroutine, use writeFrameFromHandler instead.
-func (sc *serverConn) writeFrame(wm frameWriteMsg) {
-	sc.serveG.check()
-	sc.writeSched.add(wm)
-	sc.scheduleFrameWrite()
-}
-
-// startFrameWrite starts a goroutine to write wm (in a separate
-// goroutine since that might block on the network), and updates the
-// serve goroutine's state about the world, updated from info in wm.
-func (sc *serverConn) startFrameWrite(wm frameWriteMsg) {
-	sc.serveG.check()
-	if sc.writingFrame {
-		panic("internal error: can only be writing one frame at a time")
-	}
-
-	st := wm.stream
-	if st != nil {
-		switch st.state {
-		case stateHalfClosedLocal:
-			panic("internal error: attempt to send frame on half-closed-local stream")
-		case stateClosed:
-			if st.sentReset || st.gotReset {
-				// Skip this frame.
-				sc.scheduleFrameWrite()
-				return
-			}
-			panic(fmt.Sprintf("internal error: attempt to send a write %v on a closed stream", wm))
-		}
-	}
-
-	sc.writingFrame = true
-	sc.needsFrameFlush = true
-	go sc.writeFrameAsync(wm)
-}
-
-// errHandlerPanicked is the error given to any callers blocked in a read from
-// Request.Body when the main goroutine panics. Since most handlers read in the
-// the main ServeHTTP goroutine, this will show up rarely.
-var errHandlerPanicked = errors.New("http2: handler panicked")
-
-// wroteFrame is called on the serve goroutine with the result of
-// whatever happened on writeFrameAsync.
-func (sc *serverConn) wroteFrame(res frameWriteResult) {
-	sc.serveG.check()
-	if !sc.writingFrame {
-		panic("internal error: expected to be already writing a frame")
-	}
-	sc.writingFrame = false
-
-	wm := res.wm
-	st := wm.stream
-
-	closeStream := endsStream(wm.write)
-
-	if _, ok := wm.write.(handlerPanicRST); ok {
-		sc.closeStream(st, errHandlerPanicked)
-	}
-
-	// Reply (if requested) to the blocked ServeHTTP goroutine.
-	if ch := wm.done; ch != nil {
-		select {
-		case ch <- res.err:
-		default:
-			panic(fmt.Sprintf("unbuffered done channel passed in for type %T", wm.write))
-		}
-	}
-	wm.write = nil // prevent use (assume it's tainted after wm.done send)
-
-	if closeStream {
-		if st == nil {
-			panic("internal error: expecting non-nil stream")
-		}
-		switch st.state {
-		case stateOpen:
-			// Here we would go to stateHalfClosedLocal in
-			// theory, but since our handler is done and
-			// the net/http package provides no mechanism
-			// for finishing writing to a ResponseWriter
-			// while still reading data (see possible TODO
-			// at top of this file), we go into closed
-			// state here anyway, after telling the peer
-			// we're hanging up on them.
-			st.state = stateHalfClosedLocal // won't last long, but necessary for closeStream via resetStream
-			errCancel := StreamError{st.id, ErrCodeCancel}
-			sc.resetStream(errCancel)
-		case stateHalfClosedRemote:
-			sc.closeStream(st, errHandlerComplete)
-		}
-	}
-
-	sc.scheduleFrameWrite()
-}
-
-// scheduleFrameWrite tickles the frame writing scheduler.
-//
-// If a frame is already being written, nothing happens. This will be called again
-// when the frame is done being written.
-//
-// If a frame isn't being written we need to send one, the best frame
-// to send is selected, preferring first things that aren't
-// stream-specific (e.g. ACKing settings), and then finding the
-// highest priority stream.
-//
-// If a frame isn't being written and there's nothing else to send, we
-// flush the write buffer.
-func (sc *serverConn) scheduleFrameWrite() {
-	sc.serveG.check()
-	if sc.writingFrame {
-		return
-	}
-	if sc.needToSendGoAway {
-		sc.needToSendGoAway = false
-		sc.startFrameWrite(frameWriteMsg{
-			write: &writeGoAway{
-				maxStreamID: sc.maxStreamID,
-				code:        sc.goAwayCode,
-			},
-		})
-		return
-	}
-	if sc.needToSendSettingsAck {
-		sc.needToSendSettingsAck = false
-		sc.startFrameWrite(frameWriteMsg{write: writeSettingsAck{}})
-		return
-	}
-	if !sc.inGoAway {
-		if wm, ok := sc.writeSched.take(); ok {
-			sc.startFrameWrite(wm)
-			return
-		}
-	}
-	if sc.needsFrameFlush {
-		sc.startFrameWrite(frameWriteMsg{write: flushFrameWriter{}})
-		sc.needsFrameFlush = false // after startFrameWrite, since it sets this true
-		return
-	}
-}
-
-func (sc *serverConn) goAway(code ErrCode) {
-	sc.serveG.check()
-	if sc.inGoAway {
-		return
-	}
-	if code != ErrCodeNo {
-		sc.shutDownIn(250 * time.Millisecond)
-	} else {
-		// TODO: configurable
-		sc.shutDownIn(1 * time.Second)
-	}
-	sc.inGoAway = true
-	sc.needToSendGoAway = true
-	sc.goAwayCode = code
-	sc.scheduleFrameWrite()
-}
-
-func (sc *serverConn) shutDownIn(d time.Duration) {
-	sc.serveG.check()
-	sc.shutdownTimer = time.NewTimer(d)
-	sc.shutdownTimerCh = sc.shutdownTimer.C
-}
-
-func (sc *serverConn) resetStream(se StreamError) {
-	sc.serveG.check()
-	sc.writeFrame(frameWriteMsg{write: se})
-	if st, ok := sc.streams[se.StreamID]; ok {
-		st.sentReset = true
-		sc.closeStream(st, se)
-	}
-}
-
-// processFrameFromReader processes the serve loop's read from readFrameCh from the
-// frame-reading goroutine.
-// processFrameFromReader returns whether the connection should be kept open.
-func (sc *serverConn) processFrameFromReader(res readFrameResult) bool {
-	sc.serveG.check()
-	err := res.err
-	if err != nil {
-		if err == ErrFrameTooLarge {
-			sc.goAway(ErrCodeFrameSize)
-			return true // goAway will close the loop
-		}
-		clientGone := err == io.EOF || err == io.ErrUnexpectedEOF || isClosedConnError(err)
-		if clientGone {
-			// TODO: could we also get into this state if
-			// the peer does a half close
-			// (e.g. CloseWrite) because they're done
-			// sending frames but they're still wanting
-			// our open replies?  Investigate.
-			// TODO: add CloseWrite to crypto/tls.Conn first
-			// so we have a way to test this? I suppose
-			// just for testing we could have a non-TLS mode.
-			return false
-		}
-	} else {
-		f := res.f
-		if VerboseLogs {
-			sc.vlogf("http2: server read frame %v", summarizeFrame(f))
-		}
-		err = sc.processFrame(f)
-		if err == nil {
-			return true
-		}
-	}
-
-	switch ev := err.(type) {
-	case StreamError:
-		sc.resetStream(ev)
-		return true
-	case goAwayFlowError:
-		sc.goAway(ErrCodeFlowControl)
-		return true
-	case ConnectionError:
-		sc.logf("http2: server connection error from %v: %v", sc.conn.RemoteAddr(), ev)
-		sc.goAway(ErrCode(ev))
-		return true // goAway will handle shutdown
-	default:
-		if res.err != nil {
-			sc.vlogf("http2: server closing client connection; error reading frame from client %s: %v", sc.conn.RemoteAddr(), err)
-		} else {
-			sc.logf("http2: server closing client connection: %v", err)
-		}
-		return false
-	}
-}
-
-func (sc *serverConn) processFrame(f Frame) error {
-	sc.serveG.check()
-
-	// First frame received must be SETTINGS.
-	if !sc.sawFirstSettings {
-		if _, ok := f.(*SettingsFrame); !ok {
-			return ConnectionError(ErrCodeProtocol)
-		}
-		sc.sawFirstSettings = true
-	}
-
-	switch f := f.(type) {
-	case *SettingsFrame:
-		return sc.processSettings(f)
-	case *MetaHeadersFrame:
-		return sc.processHeaders(f)
-	case *WindowUpdateFrame:
-		return sc.processWindowUpdate(f)
-	case *PingFrame:
-		return sc.processPing(f)
-	case *DataFrame:
-		return sc.processData(f)
-	case *RSTStreamFrame:
-		return sc.processResetStream(f)
-	case *PriorityFrame:
-		return sc.processPriority(f)
-	case *PushPromiseFrame:
-		// A client cannot push. Thus, servers MUST treat the receipt of a PUSH_PROMISE
-		// frame as a connection error (Section 5.4.1) of type PROTOCOL_ERROR.
-		return ConnectionError(ErrCodeProtocol)
-	default:
-		sc.vlogf("http2: server ignoring frame: %v", f.Header())
-		return nil
-	}
-}
-
-func (sc *serverConn) processPing(f *PingFrame) error {
-	sc.serveG.check()
-	if f.IsAck() {
-		// 6.7 PING: " An endpoint MUST NOT respond to PING frames
-		// containing this flag."
-		return nil
-	}
-	if f.StreamID != 0 {
-		// "PING frames are not associated with any individual
-		// stream. If a PING frame is received with a stream
-		// identifier field value other than 0x0, the recipient MUST
-		// respond with a connection error (Section 5.4.1) of type
-		// PROTOCOL_ERROR."
-		return ConnectionError(ErrCodeProtocol)
-	}
-	sc.writeFrame(frameWriteMsg{write: writePingAck{f}})
-	return nil
-}
-
-func (sc *serverConn) processWindowUpdate(f *WindowUpdateFrame) error {
-	sc.serveG.check()
-	switch {
-	case f.StreamID != 0: // stream-level flow control
-		st := sc.streams[f.StreamID]
-		if st == nil {
-			// "WINDOW_UPDATE can be sent by a peer that has sent a
-			// frame bearing the END_STREAM flag. This means that a
-			// receiver could receive a WINDOW_UPDATE frame on a "half
-			// closed (remote)" or "closed" stream. A receiver MUST
-			// NOT treat this as an error, see Section 5.1."
-			return nil
-		}
-		if !st.flow.add(int32(f.Increment)) {
-			return StreamError{f.StreamID, ErrCodeFlowControl}
-		}
-	default: // connection-level flow control
-		if !sc.flow.add(int32(f.Increment)) {
-			return goAwayFlowError{}
-		}
-	}
-	sc.scheduleFrameWrite()
-	return nil
-}
-
-func (sc *serverConn) processResetStream(f *RSTStreamFrame) error {
-	sc.serveG.check()
-
-	state, st := sc.state(f.StreamID)
-	if state == stateIdle {
-		// 6.4 "RST_STREAM frames MUST NOT be sent for a
-		// stream in the "idle" state. If a RST_STREAM frame
-		// identifying an idle stream is received, the
-		// recipient MUST treat this as a connection error
-		// (Section 5.4.1) of type PROTOCOL_ERROR.
-		return ConnectionError(ErrCodeProtocol)
-	}
-	if st != nil {
-		st.gotReset = true
-		sc.closeStream(st, StreamError{f.StreamID, f.ErrCode})
-	}
-	return nil
-}
-
-func (sc *serverConn) closeStream(st *stream, err error) {
-	sc.serveG.check()
-	if st.state == stateIdle || st.state == stateClosed {
-		panic(fmt.Sprintf("invariant; can't close stream in state %v", st.state))
-	}
-	st.state = stateClosed
-	sc.curOpenStreams--
-	if sc.curOpenStreams == 0 {
-		sc.setConnState(http.StateIdle)
-	}
-	delete(sc.streams, st.id)
-	if p := st.body; p != nil {
-		p.CloseWithError(err)
-	}
-	st.cw.Close() // signals Handler's CloseNotifier, unblocks writes, etc
-	sc.writeSched.forgetStream(st.id)
-	if st.reqBuf != nil {
-		// Stash this request body buffer (64k) away for reuse
-		// by a future POST/PUT/etc.
-		//
-		// TODO(bradfitz): share on the server? sync.Pool?
-		// Server requires locks and might hurt contention.
-		// sync.Pool might work, or might be worse, depending
-		// on goroutine CPU migrations. (get and put on
-		// separate CPUs).  Maybe a mix of strategies. But
-		// this is an easy win for now.
-		sc.freeRequestBodyBuf = st.reqBuf
-	}
-}
-
-func (sc *serverConn) processSettings(f *SettingsFrame) error {
-	sc.serveG.check()
-	if f.IsAck() {
-		sc.unackedSettings--
-		if sc.unackedSettings < 0 {
-			// Why is the peer ACKing settings we never sent?
-			// The spec doesn't mention this case, but
-			// hang up on them anyway.
-			return ConnectionError(ErrCodeProtocol)
-		}
-		return nil
-	}
-	if err := f.ForeachSetting(sc.processSetting); err != nil {
-		return err
-	}
-	sc.needToSendSettingsAck = true
-	sc.scheduleFrameWrite()
-	return nil
-}
-
-func (sc *serverConn) processSetting(s Setting) error {
-	sc.serveG.check()
-	if err := s.Valid(); err != nil {
-		return err
-	}
-	if VerboseLogs {
-		sc.vlogf("http2: server processing setting %v", s)
-	}
-	switch s.ID {
-	case SettingHeaderTableSize:
-		sc.headerTableSize = s.Val
-		sc.hpackEncoder.SetMaxDynamicTableSize(s.Val)
-	case SettingEnablePush:
-		sc.pushEnabled = s.Val != 0
-	case SettingMaxConcurrentStreams:
-		sc.clientMaxStreams = s.Val
-	case SettingInitialWindowSize:
-		return sc.processSettingInitialWindowSize(s.Val)
-	case SettingMaxFrameSize:
-		sc.writeSched.maxFrameSize = s.Val
-	case SettingMaxHeaderListSize:
-		sc.peerMaxHeaderListSize = s.Val
-	default:
-		// Unknown setting: "An endpoint that receives a SETTINGS
-		// frame with any unknown or unsupported identifier MUST
-		// ignore that setting."
-		if VerboseLogs {
-			sc.vlogf("http2: server ignoring unknown setting %v", s)
-		}
-	}
-	return nil
-}
-
-func (sc *serverConn) processSettingInitialWindowSize(val uint32) error {
-	sc.serveG.check()
-	// Note: val already validated to be within range by
-	// processSetting's Valid call.
-
-	// "A SETTINGS frame can alter the initial flow control window
-	// size for all current streams. When the value of
-	// SETTINGS_INITIAL_WINDOW_SIZE changes, a receiver MUST
-	// adjust the size of all stream flow control windows that it
-	// maintains by the difference between the new value and the
-	// old value."
-	old := sc.initialWindowSize
-	sc.initialWindowSize = int32(val)
-	growth := sc.initialWindowSize - old // may be negative
-	for _, st := range sc.streams {
-		if !st.flow.add(growth) {
-			// 6.9.2 Initial Flow Control Window Size
-			// "An endpoint MUST treat a change to
-			// SETTINGS_INITIAL_WINDOW_SIZE that causes any flow
-			// control window to exceed the maximum size as a
-			// connection error (Section 5.4.1) of type
-			// FLOW_CONTROL_ERROR."
-			return ConnectionError(ErrCodeFlowControl)
-		}
-	}
-	return nil
-}
-
-func (sc *serverConn) processData(f *DataFrame) error {
-	sc.serveG.check()
-	// "If a DATA frame is received whose stream is not in "open"
-	// or "half closed (local)" state, the recipient MUST respond
-	// with a stream error (Section 5.4.2) of type STREAM_CLOSED."
-	id := f.Header().StreamID
-	st, ok := sc.streams[id]
-	if !ok || st.state != stateOpen || st.gotTrailerHeader {
-		// This includes sending a RST_STREAM if the stream is
-		// in stateHalfClosedLocal (which currently means that
-		// the http.Handler returned, so it's done reading &
-		// done writing). Try to stop the client from sending
-		// more DATA.
-		return StreamError{id, ErrCodeStreamClosed}
-	}
-	if st.body == nil {
-		panic("internal error: should have a body in this state")
-	}
-	data := f.Data()
-
-	// Sender sending more than they'd declared?
-	if st.declBodyBytes != -1 && st.bodyBytes+int64(len(data)) > st.declBodyBytes {
-		st.body.CloseWithError(fmt.Errorf("sender tried to send more than declared Content-Length of %d bytes", st.declBodyBytes))
-		return StreamError{id, ErrCodeStreamClosed}
-	}
-	if len(data) > 0 {
-		// Check whether the client has flow control quota.
-		if int(st.inflow.available()) < len(data) {
-			return StreamError{id, ErrCodeFlowControl}
-		}
-		st.inflow.take(int32(len(data)))
-		wrote, err := st.body.Write(data)
-		if err != nil {
-			return StreamError{id, ErrCodeStreamClosed}
-		}
-		if wrote != len(data) {
-			panic("internal error: bad Writer")
-		}
-		st.bodyBytes += int64(len(data))
-	}
-	if f.StreamEnded() {
-		st.endStream()
-	}
-	return nil
-}
-
-// endStream closes a Request.Body's pipe. It is called when a DATA
-// frame says a request body is over (or after trailers).
-func (st *stream) endStream() {
-	sc := st.sc
-	sc.serveG.check()
-
-	if st.declBodyBytes != -1 && st.declBodyBytes != st.bodyBytes {
-		st.body.CloseWithError(fmt.Errorf("request declared a Content-Length of %d but only wrote %d bytes",
-			st.declBodyBytes, st.bodyBytes))
-	} else {
-		st.body.closeWithErrorAndCode(io.EOF, st.copyTrailersToHandlerRequest)
-		st.body.CloseWithError(io.EOF)
-	}
-	st.state = stateHalfClosedRemote
-}
-
-// copyTrailersToHandlerRequest is run in the Handler's goroutine in
-// its Request.Body.Read just before it gets io.EOF.
-func (st *stream) copyTrailersToHandlerRequest() {
-	for k, vv := range st.trailer {
-		if _, ok := st.reqTrailer[k]; ok {
-			// Only copy it over it was pre-declared.
-			st.reqTrailer[k] = vv
-		}
-	}
-}
-
-func (sc *serverConn) processHeaders(f *MetaHeadersFrame) error {
-	sc.serveG.check()
-	id := f.Header().StreamID
-	if sc.inGoAway {
-		// Ignore.
-		return nil
-	}
-	// http://http2.github.io/http2-spec/#rfc.section.5.1.1
-	// Streams initiated by a client MUST use odd-numbered stream
-	// identifiers. [...] An endpoint that receives an unexpected
-	// stream identifier MUST respond with a connection error
-	// (Section 5.4.1) of type PROTOCOL_ERROR.
-	if id%2 != 1 {
-		return ConnectionError(ErrCodeProtocol)
-	}
-	// A HEADERS frame can be used to create a new stream or
-	// send a trailer for an open one. If we already have a stream
-	// open, let it process its own HEADERS frame (trailers at this
-	// point, if it's valid).
-	st := sc.streams[f.Header().StreamID]
-	if st != nil {
-		return st.processTrailerHeaders(f)
-	}
-
-	// [...] The identifier of a newly established stream MUST be
-	// numerically greater than all streams that the initiating
-	// endpoint has opened or reserved. [...]  An endpoint that
-	// receives an unexpected stream identifier MUST respond with
-	// a connection error (Section 5.4.1) of type PROTOCOL_ERROR.
-	if id <= sc.maxStreamID {
-		return ConnectionError(ErrCodeProtocol)
-	}
-	sc.maxStreamID = id
-
-	st = &stream{
-		sc:    sc,
-		id:    id,
-		state: stateOpen,
-	}
-	if f.StreamEnded() {
-		st.state = stateHalfClosedRemote
-	}
-	st.cw.Init()
-
-	st.flow.conn = &sc.flow // link to conn-level counter
-	st.flow.add(sc.initialWindowSize)
-	st.inflow.conn = &sc.inflow      // link to conn-level counter
-	st.inflow.add(initialWindowSize) // TODO: update this when we send a higher initial window size in the initial settings
-
-	sc.streams[id] = st
-	if f.HasPriority() {
-		adjustStreamPriority(sc.streams, st.id, f.Priority)
-	}
-	sc.curOpenStreams++
-	if sc.curOpenStreams == 1 {
-		sc.setConnState(http.StateActive)
-	}
-	if sc.curOpenStreams > sc.advMaxStreams {
-		// "Endpoints MUST NOT exceed the limit set by their
-		// peer. An endpoint that receives a HEADERS frame
-		// that causes their advertised concurrent stream
-		// limit to be exceeded MUST treat this as a stream
-		// error (Section 5.4.2) of type PROTOCOL_ERROR or
-		// REFUSED_STREAM."
-		if sc.unackedSettings == 0 {
-			// They should know better.
-			return StreamError{st.id, ErrCodeProtocol}
-		}
-		// Assume it's a network race, where they just haven't
-		// received our last SETTINGS update. But actually
-		// this can't happen yet, because we don't yet provide
-		// a way for users to adjust server parameters at
-		// runtime.
-		return StreamError{st.id, ErrCodeRefusedStream}
-	}
-
-	rw, req, err := sc.newWriterAndRequest(st, f)
-	if err != nil {
-		return err
-	}
-	st.reqTrailer = req.Trailer
-	if st.reqTrailer != nil {
-		st.trailer = make(http.Header)
-	}
-	st.body = req.Body.(*requestBody).pipe // may be nil
-	st.declBodyBytes = req.ContentLength
-
-	handler := sc.handler.ServeHTTP
-	if f.Truncated {
-		// Their header list was too long. Send a 431 error.
-		handler = handleHeaderListTooLong
-	}
-
-	go sc.runHandler(rw, req, handler)
-	return nil
-}
-
-func (st *stream) processTrailerHeaders(f *MetaHeadersFrame) error {
-	sc := st.sc
-	sc.serveG.check()
-	if st.gotTrailerHeader {
-		return ConnectionError(ErrCodeProtocol)
-	}
-	st.gotTrailerHeader = true
-	if !f.StreamEnded() {
-		return StreamError{st.id, ErrCodeProtocol}
-	}
-
-	if len(f.PseudoFields()) > 0 {
-		return StreamError{st.id, ErrCodeProtocol}
-	}
-	if st.trailer != nil {
-		for _, hf := range f.RegularFields() {
-			key := sc.canonicalHeader(hf.Name)
-			st.trailer[key] = append(st.trailer[key], hf.Value)
-		}
-	}
-	st.endStream()
-	return nil
-}
-
-func (sc *serverConn) processPriority(f *PriorityFrame) error {
-	adjustStreamPriority(sc.streams, f.StreamID, f.PriorityParam)
-	return nil
-}
-
-func adjustStreamPriority(streams map[uint32]*stream, streamID uint32, priority PriorityParam) {
-	st, ok := streams[streamID]
-	if !ok {
-		// TODO: not quite correct (this streamID might
-		// already exist in the dep tree, but be closed), but
-		// close enough for now.
-		return
-	}
-	st.weight = priority.Weight
-	parent := streams[priority.StreamDep] // might be nil
-	if parent == st {
-		// if client tries to set this stream to be the parent of itself
-		// ignore and keep going
-		return
-	}
-
-	// section 5.3.3: If a stream is made dependent on one of its
-	// own dependencies, the formerly dependent stream is first
-	// moved to be dependent on the reprioritized stream's previous
-	// parent. The moved dependency retains its weight.
-	for piter := parent; piter != nil; piter = piter.parent {
-		if piter == st {
-			parent.parent = st.parent
-			break
-		}
-	}
-	st.parent = parent
-	if priority.Exclusive && (st.parent != nil || priority.StreamDep == 0) {
-		for _, openStream := range streams {
-			if openStream != st && openStream.parent == st.parent {
-				openStream.parent = st
-			}
-		}
-	}
-}
-
-func (sc *serverConn) newWriterAndRequest(st *stream, f *MetaHeadersFrame) (*responseWriter, *http.Request, error) {
-	sc.serveG.check()
-
-	method := f.PseudoValue("method")
-	path := f.PseudoValue("path")
-	scheme := f.PseudoValue("scheme")
-	authority := f.PseudoValue("authority")
-
-	isConnect := method == "CONNECT"
-	if isConnect {
-		if path != "" || scheme != "" || authority == "" {
-			return nil, nil, StreamError{f.StreamID, ErrCodeProtocol}
-		}
-	} else if method == "" || path == "" ||
-		(scheme != "https" && scheme != "http") {
-		// See 8.1.2.6 Malformed Requests and Responses:
-		//
-		// Malformed requests or responses that are detected
-		// MUST be treated as a stream error (Section 5.4.2)
-		// of type PROTOCOL_ERROR."
-		//
-		// 8.1.2.3 Request Pseudo-Header Fields
-		// "All HTTP/2 requests MUST include exactly one valid
-		// value for the :method, :scheme, and :path
-		// pseudo-header fields"
-		return nil, nil, StreamError{f.StreamID, ErrCodeProtocol}
-	}
-
-	bodyOpen := !f.StreamEnded()
-	if method == "HEAD" && bodyOpen {
-		// HEAD requests can't have bodies
-		return nil, nil, StreamError{f.StreamID, ErrCodeProtocol}
-	}
-	var tlsState *tls.ConnectionState // nil if not scheme https
-
-	if scheme == "https" {
-		tlsState = sc.tlsState
-	}
-
-	header := make(http.Header)
-	for _, hf := range f.RegularFields() {
-		header.Add(sc.canonicalHeader(hf.Name), hf.Value)
-	}
-
-	if authority == "" {
-		authority = header.Get("Host")
-	}
-	needsContinue := header.Get("Expect") == "100-continue"
-	if needsContinue {
-		header.Del("Expect")
-	}
-	// Merge Cookie headers into one "; "-delimited value.
-	if cookies := header["Cookie"]; len(cookies) > 1 {
-		header.Set("Cookie", strings.Join(cookies, "; "))
-	}
-
-	// Setup Trailers
-	var trailer http.Header
-	for _, v := range header["Trailer"] {
-		for _, key := range strings.Split(v, ",") {
-			key = http.CanonicalHeaderKey(strings.TrimSpace(key))
-			switch key {
-			case "Transfer-Encoding", "Trailer", "Content-Length":
-				// Bogus. (copy of http1 rules)
-				// Ignore.
-			default:
-				if trailer == nil {
-					trailer = make(http.Header)
-				}
-				trailer[key] = nil
-			}
-		}
-	}
-	delete(header, "Trailer")
-
-	body := &requestBody{
-		conn:          sc,
-		stream:        st,
-		needsContinue: needsContinue,
-	}
-	var url_ *url.URL
-	var requestURI string
-	if isConnect {
-		url_ = &url.URL{Host: authority}
-		requestURI = authority // mimic HTTP/1 server behavior
-	} else {
-		var err error
-		url_, err = url.ParseRequestURI(path)
-		if err != nil {
-			return nil, nil, StreamError{f.StreamID, ErrCodeProtocol}
-		}
-		requestURI = path
-	}
-	req := &http.Request{
-		Method:     method,
-		URL:        url_,
-		RemoteAddr: sc.remoteAddrStr,
-		Header:     header,
-		RequestURI: requestURI,
-		Proto:      "HTTP/2.0",
-		ProtoMajor: 2,
-		ProtoMinor: 0,
-		TLS:        tlsState,
-		Host:       authority,
-		Body:       body,
-		Trailer:    trailer,
-	}
-	if bodyOpen {
-		st.reqBuf = sc.getRequestBodyBuf()
-		body.pipe = &pipe{
-			b: &fixedBuffer{buf: st.reqBuf},
-		}
-
-		if vv, ok := header["Content-Length"]; ok {
-			req.ContentLength, _ = strconv.ParseInt(vv[0], 10, 64)
-		} else {
-			req.ContentLength = -1
-		}
-	}
-
-	rws := responseWriterStatePool.Get().(*responseWriterState)
-	bwSave := rws.bw
-	*rws = responseWriterState{} // zero all the fields
-	rws.conn = sc
-	rws.bw = bwSave
-	rws.bw.Reset(chunkWriter{rws})
-	rws.stream = st
-	rws.req = req
-	rws.body = body
-
-	rw := &responseWriter{rws: rws}
-	return rw, req, nil
-}
-
-func (sc *serverConn) getRequestBodyBuf() []byte {
-	sc.serveG.check()
-	if buf := sc.freeRequestBodyBuf; buf != nil {
-		sc.freeRequestBodyBuf = nil
-		return buf
-	}
-	return make([]byte, initialWindowSize)
-}
-
-// Run on its own goroutine.
-func (sc *serverConn) runHandler(rw *responseWriter, req *http.Request, handler func(http.ResponseWriter, *http.Request)) {
-	didPanic := true
-	defer func() {
-		if didPanic {
-			e := recover()
-			// Same as net/http:
-			const size = 64 << 10
-			buf := make([]byte, size)
-			buf = buf[:runtime.Stack(buf, false)]
-			sc.writeFrameFromHandler(frameWriteMsg{
-				write:  handlerPanicRST{rw.rws.stream.id},
-				stream: rw.rws.stream,
-			})
-			sc.logf("http2: panic serving %v: %v\n%s", sc.conn.RemoteAddr(), e, buf)
-			return
-		}
-		rw.handlerDone()
-	}()
-	handler(rw, req)
-	didPanic = false
-}
-
-func handleHeaderListTooLong(w http.ResponseWriter, r *http.Request) {
-	// 10.5.1 Limits on Header Block Size:
-	// .. "A server that receives a larger header block than it is
-	// willing to handle can send an HTTP 431 (Request Header Fields Too
-	// Large) status code"
-	const statusRequestHeaderFieldsTooLarge = 431 // only in Go 1.6+
-	w.WriteHeader(statusRequestHeaderFieldsTooLarge)
-	io.WriteString(w, "
    HTTP Error 431
    Request Header Field(s) Too Large
    ")
-}
-
-// called from handler goroutines.
-// h may be nil.
-func (sc *serverConn) writeHeaders(st *stream, headerData *writeResHeaders) error {
-	sc.serveG.checkNotOn() // NOT on
-	var errc chan error
-	if headerData.h != nil {
-		// If there's a header map (which we don't own), so we have to block on
-		// waiting for this frame to be written, so an http.Flush mid-handler
-		// writes out the correct value of keys, before a handler later potentially
-		// mutates it.
-		errc = errChanPool.Get().(chan error)
-	}
-	if err := sc.writeFrameFromHandler(frameWriteMsg{
-		write:  headerData,
-		stream: st,
-		done:   errc,
-	}); err != nil {
-		return err
-	}
-	if errc != nil {
-		select {
-		case err := <-errc:
-			errChanPool.Put(errc)
-			return err
-		case <-sc.doneServing:
-			return errClientDisconnected
-		case <-st.cw:
-			return errStreamClosed
-		}
-	}
-	return nil
-}
-
-// called from handler goroutines.
-func (sc *serverConn) write100ContinueHeaders(st *stream) {
-	sc.writeFrameFromHandler(frameWriteMsg{
-		write:  write100ContinueHeadersFrame{st.id},
-		stream: st,
-	})
-}
-
-// A bodyReadMsg tells the server loop that the http.Handler read n
-// bytes of the DATA from the client on the given stream.
-type bodyReadMsg struct {
-	st *stream
-	n  int
-}
-
-// called from handler goroutines.
-// Notes that the handler for the given stream ID read n bytes of its body
-// and schedules flow control tokens to be sent.
-func (sc *serverConn) noteBodyReadFromHandler(st *stream, n int) {
-	sc.serveG.checkNotOn() // NOT on
-	select {
-	case sc.bodyReadCh <- bodyReadMsg{st, n}:
-	case <-sc.doneServing:
-	}
-}
-
-func (sc *serverConn) noteBodyRead(st *stream, n int) {
-	sc.serveG.check()
-	sc.sendWindowUpdate(nil, n) // conn-level
-	if st.state != stateHalfClosedRemote && st.state != stateClosed {
-		// Don't send this WINDOW_UPDATE if the stream is closed
-		// remotely.
-		sc.sendWindowUpdate(st, n)
-	}
-}
-
-// st may be nil for conn-level
-func (sc *serverConn) sendWindowUpdate(st *stream, n int) {
-	sc.serveG.check()
-	// "The legal range for the increment to the flow control
-	// window is 1 to 2^31-1 (2,147,483,647) octets."
-	// A Go Read call on 64-bit machines could in theory read
-	// a larger Read than this. Very unlikely, but we handle it here
-	// rather than elsewhere for now.
-	const maxUint31 = 1<<31 - 1
-	for n >= maxUint31 {
-		sc.sendWindowUpdate32(st, maxUint31)
-		n -= maxUint31
-	}
-	sc.sendWindowUpdate32(st, int32(n))
-}
-
-// st may be nil for conn-level
-func (sc *serverConn) sendWindowUpdate32(st *stream, n int32) {
-	sc.serveG.check()
-	if n == 0 {
-		return
-	}
-	if n < 0 {
-		panic("negative update")
-	}
-	var streamID uint32
-	if st != nil {
-		streamID = st.id
-	}
-	sc.writeFrame(frameWriteMsg{
-		write:  writeWindowUpdate{streamID: streamID, n: uint32(n)},
-		stream: st,
-	})
-	var ok bool
-	if st == nil {
-		ok = sc.inflow.add(n)
-	} else {
-		ok = st.inflow.add(n)
-	}
-	if !ok {
-		panic("internal error; sent too many window updates without decrements?")
-	}
-}
-
-type requestBody struct {
-	stream        *stream
-	conn          *serverConn
-	closed        bool
-	pipe          *pipe // non-nil if we have a HTTP entity message body
-	needsContinue bool  // need to send a 100-continue
-}
-
-func (b *requestBody) Close() error {
-	if b.pipe != nil {
-		b.pipe.CloseWithError(errClosedBody)
-	}
-	b.closed = true
-	return nil
-}
-
-func (b *requestBody) Read(p []byte) (n int, err error) {
-	if b.needsContinue {
-		b.needsContinue = false
-		b.conn.write100ContinueHeaders(b.stream)
-	}
-	if b.pipe == nil {
-		return 0, io.EOF
-	}
-	n, err = b.pipe.Read(p)
-	if n > 0 {
-		b.conn.noteBodyReadFromHandler(b.stream, n)
-	}
-	return
-}
-
-// responseWriter is the http.ResponseWriter implementation.  It's
-// intentionally small (1 pointer wide) to minimize garbage.  The
-// responseWriterState pointer inside is zeroed at the end of a
-// request (in handlerDone) and calls on the responseWriter thereafter
-// simply crash (caller's mistake), but the much larger responseWriterState
-// and buffers are reused between multiple requests.
-type responseWriter struct {
-	rws *responseWriterState
-}
-
-// Optional http.ResponseWriter interfaces implemented.
-var (
-	_ http.CloseNotifier = (*responseWriter)(nil)
-	_ http.Flusher       = (*responseWriter)(nil)
-	_ stringWriter       = (*responseWriter)(nil)
-)
-
-type responseWriterState struct {
-	// immutable within a request:
-	stream *stream
-	req    *http.Request
-	body   *requestBody // to close at end of request, if DATA frames didn't
-	conn   *serverConn
-
-	// TODO: adjust buffer writing sizes based on server config, frame size updates from peer, etc
-	bw *bufio.Writer // writing to a chunkWriter{this *responseWriterState}
-
-	// mutated by http.Handler goroutine:
-	handlerHeader http.Header // nil until called
-	snapHeader    http.Header // snapshot of handlerHeader at WriteHeader time
-	trailers      []string    // set in writeChunk
-	status        int         // status code passed to WriteHeader
-	wroteHeader   bool        // WriteHeader called (explicitly or implicitly). Not necessarily sent to user yet.
-	sentHeader    bool        // have we sent the header frame?
-	handlerDone   bool        // handler has finished
-
-	sentContentLen int64 // non-zero if handler set a Content-Length header
-	wroteBytes     int64
-
-	closeNotifierMu sync.Mutex // guards closeNotifierCh
-	closeNotifierCh chan bool  // nil until first used
-}
-
-type chunkWriter struct{ rws *responseWriterState }
-
-func (cw chunkWriter) Write(p []byte) (n int, err error) { return cw.rws.writeChunk(p) }
-
-func (rws *responseWriterState) hasTrailers() bool { return len(rws.trailers) != 0 }
-
-// declareTrailer is called for each Trailer header when the
-// response header is written. It notes that a header will need to be
-// written in the trailers at the end of the response.
-func (rws *responseWriterState) declareTrailer(k string) {
-	k = http.CanonicalHeaderKey(k)
-	switch k {
-	case "Transfer-Encoding", "Content-Length", "Trailer":
-		// Forbidden by RFC 2616 14.40.
-		return
-	}
-	if !strSliceContains(rws.trailers, k) {
-		rws.trailers = append(rws.trailers, k)
-	}
-}
-
-// writeChunk writes chunks from the bufio.Writer. But because
-// bufio.Writer may bypass its chunking, sometimes p may be
-// arbitrarily large.
-//
-// writeChunk is also responsible (on the first chunk) for sending the
-// HEADER response.
-func (rws *responseWriterState) writeChunk(p []byte) (n int, err error) {
-	if !rws.wroteHeader {
-		rws.writeHeader(200)
-	}
-
-	isHeadResp := rws.req.Method == "HEAD"
-	if !rws.sentHeader {
-		rws.sentHeader = true
-		var ctype, clen string
-		if clen = rws.snapHeader.Get("Content-Length"); clen != "" {
-			rws.snapHeader.Del("Content-Length")
-			clen64, err := strconv.ParseInt(clen, 10, 64)
-			if err == nil && clen64 >= 0 {
-				rws.sentContentLen = clen64
-			} else {
-				clen = ""
-			}
-		}
-		if clen == "" && rws.handlerDone && bodyAllowedForStatus(rws.status) && (len(p) > 0 || !isHeadResp) {
-			clen = strconv.Itoa(len(p))
-		}
-		_, hasContentType := rws.snapHeader["Content-Type"]
-		if !hasContentType && bodyAllowedForStatus(rws.status) {
-			ctype = http.DetectContentType(p)
-		}
-		var date string
-		if _, ok := rws.snapHeader["Date"]; !ok {
-			// TODO(bradfitz): be faster here, like net/http? measure.
-			date = time.Now().UTC().Format(http.TimeFormat)
-		}
-
-		for _, v := range rws.snapHeader["Trailer"] {
-			foreachHeaderElement(v, rws.declareTrailer)
-		}
-
-		endStream := (rws.handlerDone && !rws.hasTrailers() && len(p) == 0) || isHeadResp
-		err = rws.conn.writeHeaders(rws.stream, &writeResHeaders{
-			streamID:      rws.stream.id,
-			httpResCode:   rws.status,
-			h:             rws.snapHeader,
-			endStream:     endStream,
-			contentType:   ctype,
-			contentLength: clen,
-			date:          date,
-		})
-		if err != nil {
-			return 0, err
-		}
-		if endStream {
-			return 0, nil
-		}
-	}
-	if isHeadResp {
-		return len(p), nil
-	}
-	if len(p) == 0 && !rws.handlerDone {
-		return 0, nil
-	}
-
-	if rws.handlerDone {
-		rws.promoteUndeclaredTrailers()
-	}
-
-	endStream := rws.handlerDone && !rws.hasTrailers()
-	if len(p) > 0 || endStream {
-		// only send a 0 byte DATA frame if we're ending the stream.
-		if err := rws.conn.writeDataFromHandler(rws.stream, p, endStream); err != nil {
-			return 0, err
-		}
-	}
-
-	if rws.handlerDone && rws.hasTrailers() {
-		err = rws.conn.writeHeaders(rws.stream, &writeResHeaders{
-			streamID:  rws.stream.id,
-			h:         rws.handlerHeader,
-			trailers:  rws.trailers,
-			endStream: true,
-		})
-		return len(p), err
-	}
-	return len(p), nil
-}
-
-// TrailerPrefix is a magic prefix for ResponseWriter.Header map keys
-// that, if present, signals that the map entry is actually for
-// the response trailers, and not the response headers. The prefix
-// is stripped after the ServeHTTP call finishes and the values are
-// sent in the trailers.
-//
-// This mechanism is intended only for trailers that are not known
-// prior to the headers being written. If the set of trailers is fixed
-// or known before the header is written, the normal Go trailers mechanism
-// is preferred:
-//    https://golang.org/pkg/net/http/#ResponseWriter
-//    https://golang.org/pkg/net/http/#example_ResponseWriter_trailers
-const TrailerPrefix = "Trailer:"
-
-// promoteUndeclaredTrailers permits http.Handlers to set trailers
-// after the header has already been flushed. Because the Go
-// ResponseWriter interface has no way to set Trailers (only the
-// Header), and because we didn't want to expand the ResponseWriter
-// interface, and because nobody used trailers, and because RFC 2616
-// says you SHOULD (but not must) predeclare any trailers in the
-// header, the official ResponseWriter rules said trailers in Go must
-// be predeclared, and then we reuse the same ResponseWriter.Header()
-// map to mean both Headers and Trailers.  When it's time to write the
-// Trailers, we pick out the fields of Headers that were declared as
-// trailers. That worked for a while, until we found the first major
-// user of Trailers in the wild: gRPC (using them only over http2),
-// and gRPC libraries permit setting trailers mid-stream without
-// predeclarnig them. So: change of plans. We still permit the old
-// way, but we also permit this hack: if a Header() key begins with
-// "Trailer:", the suffix of that key is a Trailer. Because ':' is an
-// invalid token byte anyway, there is no ambiguity. (And it's already
-// filtered out) It's mildly hacky, but not terrible.
-//
-// This method runs after the Handler is done and promotes any Header
-// fields to be trailers.
-func (rws *responseWriterState) promoteUndeclaredTrailers() {
-	for k, vv := range rws.handlerHeader {
-		if !strings.HasPrefix(k, TrailerPrefix) {
-			continue
-		}
-		trailerKey := strings.TrimPrefix(k, TrailerPrefix)
-		rws.declareTrailer(trailerKey)
-		rws.handlerHeader[http.CanonicalHeaderKey(trailerKey)] = vv
-	}
-
-	if len(rws.trailers) > 1 {
-		sorter := sorterPool.Get().(*sorter)
-		sorter.SortStrings(rws.trailers)
-		sorterPool.Put(sorter)
-	}
-}
-
-func (w *responseWriter) Flush() {
-	rws := w.rws
-	if rws == nil {
-		panic("Header called after Handler finished")
-	}
-	if rws.bw.Buffered() > 0 {
-		if err := rws.bw.Flush(); err != nil {
-			// Ignore the error. The frame writer already knows.
-			return
-		}
-	} else {
-		// The bufio.Writer won't call chunkWriter.Write
-		// (writeChunk with zero bytes, so we have to do it
-		// ourselves to force the HTTP response header and/or
-		// final DATA frame (with END_STREAM) to be sent.
-		rws.writeChunk(nil)
-	}
-}
-
-func (w *responseWriter) CloseNotify() <-chan bool {
-	rws := w.rws
-	if rws == nil {
-		panic("CloseNotify called after Handler finished")
-	}
-	rws.closeNotifierMu.Lock()
-	ch := rws.closeNotifierCh
-	if ch == nil {
-		ch = make(chan bool, 1)
-		rws.closeNotifierCh = ch
-		go func() {
-			rws.stream.cw.Wait() // wait for close
-			ch <- true
-		}()
-	}
-	rws.closeNotifierMu.Unlock()
-	return ch
-}
-
-func (w *responseWriter) Header() http.Header {
-	rws := w.rws
-	if rws == nil {
-		panic("Header called after Handler finished")
-	}
-	if rws.handlerHeader == nil {
-		rws.handlerHeader = make(http.Header)
-	}
-	return rws.handlerHeader
-}
-
-func (w *responseWriter) WriteHeader(code int) {
-	rws := w.rws
-	if rws == nil {
-		panic("WriteHeader called after Handler finished")
-	}
-	rws.writeHeader(code)
-}
-
-func (rws *responseWriterState) writeHeader(code int) {
-	if !rws.wroteHeader {
-		rws.wroteHeader = true
-		rws.status = code
-		if len(rws.handlerHeader) > 0 {
-			rws.snapHeader = cloneHeader(rws.handlerHeader)
-		}
-	}
-}
-
-func cloneHeader(h http.Header) http.Header {
-	h2 := make(http.Header, len(h))
-	for k, vv := range h {
-		vv2 := make([]string, len(vv))
-		copy(vv2, vv)
-		h2[k] = vv2
-	}
-	return h2
-}
-
-// The Life Of A Write is like this:
-//
-// * Handler calls w.Write or w.WriteString ->
-// * -> rws.bw (*bufio.Writer) ->
-// * (Handler migth call Flush)
-// * -> chunkWriter{rws}
-// * -> responseWriterState.writeChunk(p []byte)
-// * -> responseWriterState.writeChunk (most of the magic; see comment there)
-func (w *responseWriter) Write(p []byte) (n int, err error) {
-	return w.write(len(p), p, "")
-}
-
-func (w *responseWriter) WriteString(s string) (n int, err error) {
-	return w.write(len(s), nil, s)
-}
-
-// either dataB or dataS is non-zero.
-func (w *responseWriter) write(lenData int, dataB []byte, dataS string) (n int, err error) {
-	rws := w.rws
-	if rws == nil {
-		panic("Write called after Handler finished")
-	}
-	if !rws.wroteHeader {
-		w.WriteHeader(200)
-	}
-	if !bodyAllowedForStatus(rws.status) {
-		return 0, http.ErrBodyNotAllowed
-	}
-	rws.wroteBytes += int64(len(dataB)) + int64(len(dataS)) // only one can be set
-	if rws.sentContentLen != 0 && rws.wroteBytes > rws.sentContentLen {
-		// TODO: send a RST_STREAM
-		return 0, errors.New("http2: handler wrote more than declared Content-Length")
-	}
-
-	if dataB != nil {
-		return rws.bw.Write(dataB)
-	} else {
-		return rws.bw.WriteString(dataS)
-	}
-}
-
-func (w *responseWriter) handlerDone() {
-	rws := w.rws
-	rws.handlerDone = true
-	w.Flush()
-	w.rws = nil
-	responseWriterStatePool.Put(rws)
-}
-
-// foreachHeaderElement splits v according to the "#rule" construction
-// in RFC 2616 section 2.1 and calls fn for each non-empty element.
-func foreachHeaderElement(v string, fn func(string)) {
-	v = textproto.TrimString(v)
-	if v == "" {
-		return
-	}
-	if !strings.Contains(v, ",") {
-		fn(v)
-		return
-	}
-	for _, f := range strings.Split(v, ",") {
-		if f = textproto.TrimString(f); f != "" {
-			fn(f)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/server_test.go b/vendor/golang.org/x/net/http2/server_test.go
deleted file mode 100644
index c2df3553..00000000
--- a/vendor/golang.org/x/net/http2/server_test.go
+++ /dev/null
@@ -1,3181 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"bytes"
-	"crypto/tls"
-	"errors"
-	"flag"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"log"
-	"net"
-	"net/http"
-	"net/http/httptest"
-	"os"
-	"os/exec"
-	"reflect"
-	"runtime"
-	"strconv"
-	"strings"
-	"sync"
-	"sync/atomic"
-	"testing"
-	"time"
-
-	"golang.org/x/net/http2/hpack"
-)
-
-var stderrVerbose = flag.Bool("stderr_verbose", false, "Mirror verbosity to stderr, unbuffered")
-
-func stderrv() io.Writer {
-	if *stderrVerbose {
-		return os.Stderr
-	}
-
-	return ioutil.Discard
-}
-
-type serverTester struct {
-	cc             net.Conn // client conn
-	t              testing.TB
-	ts             *httptest.Server
-	fr             *Framer
-	logBuf         *bytes.Buffer
-	logFilter      []string   // substrings to filter out
-	scMu           sync.Mutex // guards sc
-	sc             *serverConn
-	hpackDec       *hpack.Decoder
-	decodedHeaders [][2]string
-
-	// writing headers:
-	headerBuf bytes.Buffer
-	hpackEnc  *hpack.Encoder
-
-	// reading frames:
-	frc       chan Frame
-	frErrc    chan error
-	readTimer *time.Timer
-}
-
-func init() {
-	testHookOnPanicMu = new(sync.Mutex)
-}
-
-func resetHooks() {
-	testHookOnPanicMu.Lock()
-	testHookOnPanic = nil
-	testHookOnPanicMu.Unlock()
-}
-
-type serverTesterOpt string
-
-var optOnlyServer = serverTesterOpt("only_server")
-var optQuiet = serverTesterOpt("quiet_logging")
-
-func newServerTester(t testing.TB, handler http.HandlerFunc, opts ...interface{}) *serverTester {
-	resetHooks()
-
-	logBuf := new(bytes.Buffer)
-	ts := httptest.NewUnstartedServer(handler)
-
-	tlsConfig := &tls.Config{
-		InsecureSkipVerify: true,
-		// The h2-14 is temporary, until curl is updated. (as used by unit tests
-		// in Docker)
-		NextProtos: []string{NextProtoTLS, "h2-14"},
-	}
-
-	var onlyServer, quiet bool
-	for _, opt := range opts {
-		switch v := opt.(type) {
-		case func(*tls.Config):
-			v(tlsConfig)
-		case func(*httptest.Server):
-			v(ts)
-		case serverTesterOpt:
-			switch v {
-			case optOnlyServer:
-				onlyServer = true
-			case optQuiet:
-				quiet = true
-			}
-		default:
-			t.Fatalf("unknown newServerTester option type %T", v)
-		}
-	}
-
-	ConfigureServer(ts.Config, &Server{})
-
-	st := &serverTester{
-		t:      t,
-		ts:     ts,
-		logBuf: logBuf,
-		frc:    make(chan Frame, 1),
-		frErrc: make(chan error, 1),
-	}
-	st.hpackEnc = hpack.NewEncoder(&st.headerBuf)
-	st.hpackDec = hpack.NewDecoder(initialHeaderTableSize, st.onHeaderField)
-
-	ts.TLS = ts.Config.TLSConfig // the httptest.Server has its own copy of this TLS config
-	if quiet {
-		ts.Config.ErrorLog = log.New(ioutil.Discard, "", 0)
-	} else {
-		ts.Config.ErrorLog = log.New(io.MultiWriter(stderrv(), twriter{t: t, st: st}, logBuf), "", log.LstdFlags)
-	}
-	ts.StartTLS()
-
-	if VerboseLogs {
-		t.Logf("Running test server at: %s", ts.URL)
-	}
-	testHookGetServerConn = func(v *serverConn) {
-		st.scMu.Lock()
-		defer st.scMu.Unlock()
-		st.sc = v
-		st.sc.testHookCh = make(chan func(int))
-	}
-	log.SetOutput(io.MultiWriter(stderrv(), twriter{t: t, st: st}))
-	if !onlyServer {
-		cc, err := tls.Dial("tcp", ts.Listener.Addr().String(), tlsConfig)
-		if err != nil {
-			t.Fatal(err)
-		}
-		st.cc = cc
-		st.fr = NewFramer(cc, cc)
-	}
-	return st
-}
-
-func (st *serverTester) closeConn() {
-	st.scMu.Lock()
-	defer st.scMu.Unlock()
-	st.sc.conn.Close()
-}
-
-func (st *serverTester) addLogFilter(phrase string) {
-	st.logFilter = append(st.logFilter, phrase)
-}
-
-func (st *serverTester) stream(id uint32) *stream {
-	ch := make(chan *stream, 1)
-	st.sc.testHookCh <- func(int) {
-		ch <- st.sc.streams[id]
-	}
-	return <-ch
-}
-
-func (st *serverTester) streamState(id uint32) streamState {
-	ch := make(chan streamState, 1)
-	st.sc.testHookCh <- func(int) {
-		state, _ := st.sc.state(id)
-		ch <- state
-	}
-	return <-ch
-}
-
-// loopNum reports how many times this conn's select loop has gone around.
-func (st *serverTester) loopNum() int {
-	lastc := make(chan int, 1)
-	st.sc.testHookCh <- func(loopNum int) {
-		lastc <- loopNum
-	}
-	return <-lastc
-}
-
-// awaitIdle heuristically awaits for the server conn's select loop to be idle.
-// The heuristic is that the server connection's serve loop must schedule
-// 50 times in a row without any channel sends or receives occuring.
-func (st *serverTester) awaitIdle() {
-	remain := 50
-	last := st.loopNum()
-	for remain > 0 {
-		n := st.loopNum()
-		if n == last+1 {
-			remain--
-		} else {
-			remain = 50
-		}
-		last = n
-	}
-}
-
-func (st *serverTester) Close() {
-	if st.t.Failed() {
-		// If we failed already (and are likely in a Fatal,
-		// unwindowing), force close the connection, so the
-		// httptest.Server doesn't wait forever for the conn
-		// to close.
-		st.cc.Close()
-	}
-	st.ts.Close()
-	if st.cc != nil {
-		st.cc.Close()
-	}
-	log.SetOutput(os.Stderr)
-}
-
-// greet initiates the client's HTTP/2 connection into a state where
-// frames may be sent.
-func (st *serverTester) greet() {
-	st.writePreface()
-	st.writeInitialSettings()
-	st.wantSettings()
-	st.writeSettingsAck()
-	st.wantSettingsAck()
-}
-
-func (st *serverTester) writePreface() {
-	n, err := st.cc.Write(clientPreface)
-	if err != nil {
-		st.t.Fatalf("Error writing client preface: %v", err)
-	}
-	if n != len(clientPreface) {
-		st.t.Fatalf("Writing client preface, wrote %d bytes; want %d", n, len(clientPreface))
-	}
-}
-
-func (st *serverTester) writeInitialSettings() {
-	if err := st.fr.WriteSettings(); err != nil {
-		st.t.Fatalf("Error writing initial SETTINGS frame from client to server: %v", err)
-	}
-}
-
-func (st *serverTester) writeSettingsAck() {
-	if err := st.fr.WriteSettingsAck(); err != nil {
-		st.t.Fatalf("Error writing ACK of server's SETTINGS: %v", err)
-	}
-}
-
-func (st *serverTester) writeHeaders(p HeadersFrameParam) {
-	if err := st.fr.WriteHeaders(p); err != nil {
-		st.t.Fatalf("Error writing HEADERS: %v", err)
-	}
-}
-
-func (st *serverTester) encodeHeaderField(k, v string) {
-	err := st.hpackEnc.WriteField(hpack.HeaderField{Name: k, Value: v})
-	if err != nil {
-		st.t.Fatalf("HPACK encoding error for %q/%q: %v", k, v, err)
-	}
-}
-
-// encodeHeaderRaw is the magic-free version of encodeHeader.
-// It takes 0 or more (k, v) pairs and encodes them.
-func (st *serverTester) encodeHeaderRaw(headers ...string) []byte {
-	if len(headers)%2 == 1 {
-		panic("odd number of kv args")
-	}
-	st.headerBuf.Reset()
-	for len(headers) > 0 {
-		k, v := headers[0], headers[1]
-		st.encodeHeaderField(k, v)
-		headers = headers[2:]
-	}
-	return st.headerBuf.Bytes()
-}
-
-// encodeHeader encodes headers and returns their HPACK bytes. headers
-// must contain an even number of key/value pairs.  There may be
-// multiple pairs for keys (e.g. "cookie").  The :method, :path, and
-// :scheme headers default to GET, / and https.
-func (st *serverTester) encodeHeader(headers ...string) []byte {
-	if len(headers)%2 == 1 {
-		panic("odd number of kv args")
-	}
-
-	st.headerBuf.Reset()
-
-	if len(headers) == 0 {
-		// Fast path, mostly for benchmarks, so test code doesn't pollute
-		// profiles when we're looking to improve server allocations.
-		st.encodeHeaderField(":method", "GET")
-		st.encodeHeaderField(":path", "/")
-		st.encodeHeaderField(":scheme", "https")
-		return st.headerBuf.Bytes()
-	}
-
-	if len(headers) == 2 && headers[0] == ":method" {
-		// Another fast path for benchmarks.
-		st.encodeHeaderField(":method", headers[1])
-		st.encodeHeaderField(":path", "/")
-		st.encodeHeaderField(":scheme", "https")
-		return st.headerBuf.Bytes()
-	}
-
-	pseudoCount := map[string]int{}
-	keys := []string{":method", ":path", ":scheme"}
-	vals := map[string][]string{
-		":method": {"GET"},
-		":path":   {"/"},
-		":scheme": {"https"},
-	}
-	for len(headers) > 0 {
-		k, v := headers[0], headers[1]
-		headers = headers[2:]
-		if _, ok := vals[k]; !ok {
-			keys = append(keys, k)
-		}
-		if strings.HasPrefix(k, ":") {
-			pseudoCount[k]++
-			if pseudoCount[k] == 1 {
-				vals[k] = []string{v}
-			} else {
-				// Allows testing of invalid headers w/ dup pseudo fields.
-				vals[k] = append(vals[k], v)
-			}
-		} else {
-			vals[k] = append(vals[k], v)
-		}
-	}
-	for _, k := range keys {
-		for _, v := range vals[k] {
-			st.encodeHeaderField(k, v)
-		}
-	}
-	return st.headerBuf.Bytes()
-}
-
-// bodylessReq1 writes a HEADERS frames with StreamID 1 and EndStream and EndHeaders set.
-func (st *serverTester) bodylessReq1(headers ...string) {
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1, // clients send odd numbers
-		BlockFragment: st.encodeHeader(headers...),
-		EndStream:     true,
-		EndHeaders:    true,
-	})
-}
-
-func (st *serverTester) writeData(streamID uint32, endStream bool, data []byte) {
-	if err := st.fr.WriteData(streamID, endStream, data); err != nil {
-		st.t.Fatalf("Error writing DATA: %v", err)
-	}
-}
-
-func (st *serverTester) readFrame() (Frame, error) {
-	go func() {
-		fr, err := st.fr.ReadFrame()
-		if err != nil {
-			st.frErrc <- err
-		} else {
-			st.frc <- fr
-		}
-	}()
-	t := st.readTimer
-	if t == nil {
-		t = time.NewTimer(2 * time.Second)
-		st.readTimer = t
-	}
-	t.Reset(2 * time.Second)
-	defer t.Stop()
-	select {
-	case f := <-st.frc:
-		return f, nil
-	case err := <-st.frErrc:
-		return nil, err
-	case <-t.C:
-		return nil, errors.New("timeout waiting for frame")
-	}
-}
-
-func (st *serverTester) wantHeaders() *HeadersFrame {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a HEADERS frame: %v", err)
-	}
-	hf, ok := f.(*HeadersFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *HeadersFrame", f)
-	}
-	return hf
-}
-
-func (st *serverTester) wantContinuation() *ContinuationFrame {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a CONTINUATION frame: %v", err)
-	}
-	cf, ok := f.(*ContinuationFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *ContinuationFrame", f)
-	}
-	return cf
-}
-
-func (st *serverTester) wantData() *DataFrame {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a DATA frame: %v", err)
-	}
-	df, ok := f.(*DataFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *DataFrame", f)
-	}
-	return df
-}
-
-func (st *serverTester) wantSettings() *SettingsFrame {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a SETTINGS frame: %v", err)
-	}
-	sf, ok := f.(*SettingsFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *SettingsFrame", f)
-	}
-	return sf
-}
-
-func (st *serverTester) wantPing() *PingFrame {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a PING frame: %v", err)
-	}
-	pf, ok := f.(*PingFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *PingFrame", f)
-	}
-	return pf
-}
-
-func (st *serverTester) wantGoAway() *GoAwayFrame {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a GOAWAY frame: %v", err)
-	}
-	gf, ok := f.(*GoAwayFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *GoAwayFrame", f)
-	}
-	return gf
-}
-
-func (st *serverTester) wantRSTStream(streamID uint32, errCode ErrCode) {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting an RSTStream frame: %v", err)
-	}
-	rs, ok := f.(*RSTStreamFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *RSTStreamFrame", f)
-	}
-	if rs.FrameHeader.StreamID != streamID {
-		st.t.Fatalf("RSTStream StreamID = %d; want %d", rs.FrameHeader.StreamID, streamID)
-	}
-	if rs.ErrCode != errCode {
-		st.t.Fatalf("RSTStream ErrCode = %d (%s); want %d (%s)", rs.ErrCode, rs.ErrCode, errCode, errCode)
-	}
-}
-
-func (st *serverTester) wantWindowUpdate(streamID, incr uint32) {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatalf("Error while expecting a WINDOW_UPDATE frame: %v", err)
-	}
-	wu, ok := f.(*WindowUpdateFrame)
-	if !ok {
-		st.t.Fatalf("got a %T; want *WindowUpdateFrame", f)
-	}
-	if wu.FrameHeader.StreamID != streamID {
-		st.t.Fatalf("WindowUpdate StreamID = %d; want %d", wu.FrameHeader.StreamID, streamID)
-	}
-	if wu.Increment != incr {
-		st.t.Fatalf("WindowUpdate increment = %d; want %d", wu.Increment, incr)
-	}
-}
-
-func (st *serverTester) wantSettingsAck() {
-	f, err := st.readFrame()
-	if err != nil {
-		st.t.Fatal(err)
-	}
-	sf, ok := f.(*SettingsFrame)
-	if !ok {
-		st.t.Fatalf("Wanting a settings ACK, received a %T", f)
-	}
-	if !sf.Header().Flags.Has(FlagSettingsAck) {
-		st.t.Fatal("Settings Frame didn't have ACK set")
-	}
-
-}
-
-func TestServer(t *testing.T) {
-	gotReq := make(chan bool, 1)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Foo", "Bar")
-		gotReq <- true
-	})
-	defer st.Close()
-
-	covers("3.5", `
-		The server connection preface consists of a potentially empty
-		SETTINGS frame ([SETTINGS]) that MUST be the first frame the
-		server sends in the HTTP/2 connection.
-	`)
-
-	st.writePreface()
-	st.writeInitialSettings()
-	st.wantSettings()
-	st.writeSettingsAck()
-	st.wantSettingsAck()
-
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1, // clients send odd numbers
-		BlockFragment: st.encodeHeader(),
-		EndStream:     true, // no DATA frames
-		EndHeaders:    true,
-	})
-
-	select {
-	case <-gotReq:
-	case <-time.After(2 * time.Second):
-		t.Error("timeout waiting for request")
-	}
-}
-
-func TestServer_Request_Get(t *testing.T) {
-	testServerRequest(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader("foo-bar", "some-value"),
-			EndStream:     true, // no DATA frames
-			EndHeaders:    true,
-		})
-	}, func(r *http.Request) {
-		if r.Method != "GET" {
-			t.Errorf("Method = %q; want GET", r.Method)
-		}
-		if r.URL.Path != "/" {
-			t.Errorf("URL.Path = %q; want /", r.URL.Path)
-		}
-		if r.ContentLength != 0 {
-			t.Errorf("ContentLength = %v; want 0", r.ContentLength)
-		}
-		if r.Close {
-			t.Error("Close = true; want false")
-		}
-		if !strings.Contains(r.RemoteAddr, ":") {
-			t.Errorf("RemoteAddr = %q; want something with a colon", r.RemoteAddr)
-		}
-		if r.Proto != "HTTP/2.0" || r.ProtoMajor != 2 || r.ProtoMinor != 0 {
-			t.Errorf("Proto = %q Major=%v,Minor=%v; want HTTP/2.0", r.Proto, r.ProtoMajor, r.ProtoMinor)
-		}
-		wantHeader := http.Header{
-			"Foo-Bar": []string{"some-value"},
-		}
-		if !reflect.DeepEqual(r.Header, wantHeader) {
-			t.Errorf("Header = %#v; want %#v", r.Header, wantHeader)
-		}
-		if n, err := r.Body.Read([]byte(" ")); err != io.EOF || n != 0 {
-			t.Errorf("Read = %d, %v; want 0, EOF", n, err)
-		}
-	})
-}
-
-func TestServer_Request_Get_PathSlashes(t *testing.T) {
-	testServerRequest(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":path", "/%2f/"),
-			EndStream:     true, // no DATA frames
-			EndHeaders:    true,
-		})
-	}, func(r *http.Request) {
-		if r.RequestURI != "/%2f/" {
-			t.Errorf("RequestURI = %q; want /%%2f/", r.RequestURI)
-		}
-		if r.URL.Path != "///" {
-			t.Errorf("URL.Path = %q; want ///", r.URL.Path)
-		}
-	})
-}
-
-// TODO: add a test with EndStream=true on the HEADERS but setting a
-// Content-Length anyway.  Should we just omit it and force it to
-// zero?
-
-func TestServer_Request_Post_NoContentLength_EndStream(t *testing.T) {
-	testServerRequest(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":method", "POST"),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	}, func(r *http.Request) {
-		if r.Method != "POST" {
-			t.Errorf("Method = %q; want POST", r.Method)
-		}
-		if r.ContentLength != 0 {
-			t.Errorf("ContentLength = %v; want 0", r.ContentLength)
-		}
-		if n, err := r.Body.Read([]byte(" ")); err != io.EOF || n != 0 {
-			t.Errorf("Read = %d, %v; want 0, EOF", n, err)
-		}
-	})
-}
-
-func TestServer_Request_Post_Body_ImmediateEOF(t *testing.T) {
-	testBodyContents(t, -1, "", func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":method", "POST"),
-			EndStream:     false, // to say DATA frames are coming
-			EndHeaders:    true,
-		})
-		st.writeData(1, true, nil) // just kidding. empty body.
-	})
-}
-
-func TestServer_Request_Post_Body_OneData(t *testing.T) {
-	const content = "Some content"
-	testBodyContents(t, -1, content, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":method", "POST"),
-			EndStream:     false, // to say DATA frames are coming
-			EndHeaders:    true,
-		})
-		st.writeData(1, true, []byte(content))
-	})
-}
-
-func TestServer_Request_Post_Body_TwoData(t *testing.T) {
-	const content = "Some content"
-	testBodyContents(t, -1, content, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":method", "POST"),
-			EndStream:     false, // to say DATA frames are coming
-			EndHeaders:    true,
-		})
-		st.writeData(1, false, []byte(content[:5]))
-		st.writeData(1, true, []byte(content[5:]))
-	})
-}
-
-func TestServer_Request_Post_Body_ContentLength_Correct(t *testing.T) {
-	const content = "Some content"
-	testBodyContents(t, int64(len(content)), content, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID: 1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(
-				":method", "POST",
-				"content-length", strconv.Itoa(len(content)),
-			),
-			EndStream:  false, // to say DATA frames are coming
-			EndHeaders: true,
-		})
-		st.writeData(1, true, []byte(content))
-	})
-}
-
-func TestServer_Request_Post_Body_ContentLength_TooLarge(t *testing.T) {
-	testBodyContentsFail(t, 3, "request declared a Content-Length of 3 but only wrote 2 bytes",
-		func(st *serverTester) {
-			st.writeHeaders(HeadersFrameParam{
-				StreamID: 1, // clients send odd numbers
-				BlockFragment: st.encodeHeader(
-					":method", "POST",
-					"content-length", "3",
-				),
-				EndStream:  false, // to say DATA frames are coming
-				EndHeaders: true,
-			})
-			st.writeData(1, true, []byte("12"))
-		})
-}
-
-func TestServer_Request_Post_Body_ContentLength_TooSmall(t *testing.T) {
-	testBodyContentsFail(t, 4, "sender tried to send more than declared Content-Length of 4 bytes",
-		func(st *serverTester) {
-			st.writeHeaders(HeadersFrameParam{
-				StreamID: 1, // clients send odd numbers
-				BlockFragment: st.encodeHeader(
-					":method", "POST",
-					"content-length", "4",
-				),
-				EndStream:  false, // to say DATA frames are coming
-				EndHeaders: true,
-			})
-			st.writeData(1, true, []byte("12345"))
-		})
-}
-
-func testBodyContents(t *testing.T, wantContentLength int64, wantBody string, write func(st *serverTester)) {
-	testServerRequest(t, write, func(r *http.Request) {
-		if r.Method != "POST" {
-			t.Errorf("Method = %q; want POST", r.Method)
-		}
-		if r.ContentLength != wantContentLength {
-			t.Errorf("ContentLength = %v; want %d", r.ContentLength, wantContentLength)
-		}
-		all, err := ioutil.ReadAll(r.Body)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if string(all) != wantBody {
-			t.Errorf("Read = %q; want %q", all, wantBody)
-		}
-		if err := r.Body.Close(); err != nil {
-			t.Fatalf("Close: %v", err)
-		}
-	})
-}
-
-func testBodyContentsFail(t *testing.T, wantContentLength int64, wantReadError string, write func(st *serverTester)) {
-	testServerRequest(t, write, func(r *http.Request) {
-		if r.Method != "POST" {
-			t.Errorf("Method = %q; want POST", r.Method)
-		}
-		if r.ContentLength != wantContentLength {
-			t.Errorf("ContentLength = %v; want %d", r.ContentLength, wantContentLength)
-		}
-		all, err := ioutil.ReadAll(r.Body)
-		if err == nil {
-			t.Fatalf("expected an error (%q) reading from the body. Successfully read %q instead.",
-				wantReadError, all)
-		}
-		if !strings.Contains(err.Error(), wantReadError) {
-			t.Fatalf("Body.Read = %v; want substring %q", err, wantReadError)
-		}
-		if err := r.Body.Close(); err != nil {
-			t.Fatalf("Close: %v", err)
-		}
-	})
-}
-
-// Using a Host header, instead of :authority
-func TestServer_Request_Get_Host(t *testing.T) {
-	const host = "example.com"
-	testServerRequest(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader("host", host),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	}, func(r *http.Request) {
-		if r.Host != host {
-			t.Errorf("Host = %q; want %q", r.Host, host)
-		}
-	})
-}
-
-// Using an :authority pseudo-header, instead of Host
-func TestServer_Request_Get_Authority(t *testing.T) {
-	const host = "example.com"
-	testServerRequest(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":authority", host),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	}, func(r *http.Request) {
-		if r.Host != host {
-			t.Errorf("Host = %q; want %q", r.Host, host)
-		}
-	})
-}
-
-func TestServer_Request_WithContinuation(t *testing.T) {
-	wantHeader := http.Header{
-		"Foo-One":   []string{"value-one"},
-		"Foo-Two":   []string{"value-two"},
-		"Foo-Three": []string{"value-three"},
-	}
-	testServerRequest(t, func(st *serverTester) {
-		fullHeaders := st.encodeHeader(
-			"foo-one", "value-one",
-			"foo-two", "value-two",
-			"foo-three", "value-three",
-		)
-		remain := fullHeaders
-		chunks := 0
-		for len(remain) > 0 {
-			const maxChunkSize = 5
-			chunk := remain
-			if len(chunk) > maxChunkSize {
-				chunk = chunk[:maxChunkSize]
-			}
-			remain = remain[len(chunk):]
-
-			if chunks == 0 {
-				st.writeHeaders(HeadersFrameParam{
-					StreamID:      1, // clients send odd numbers
-					BlockFragment: chunk,
-					EndStream:     true,  // no DATA frames
-					EndHeaders:    false, // we'll have continuation frames
-				})
-			} else {
-				err := st.fr.WriteContinuation(1, len(remain) == 0, chunk)
-				if err != nil {
-					t.Fatal(err)
-				}
-			}
-			chunks++
-		}
-		if chunks < 2 {
-			t.Fatal("too few chunks")
-		}
-	}, func(r *http.Request) {
-		if !reflect.DeepEqual(r.Header, wantHeader) {
-			t.Errorf("Header = %#v; want %#v", r.Header, wantHeader)
-		}
-	})
-}
-
-// Concatenated cookie headers. ("8.1.2.5 Compressing the Cookie Header Field")
-func TestServer_Request_CookieConcat(t *testing.T) {
-	const host = "example.com"
-	testServerRequest(t, func(st *serverTester) {
-		st.bodylessReq1(
-			":authority", host,
-			"cookie", "a=b",
-			"cookie", "c=d",
-			"cookie", "e=f",
-		)
-	}, func(r *http.Request) {
-		const want = "a=b; c=d; e=f"
-		if got := r.Header.Get("Cookie"); got != want {
-			t.Errorf("Cookie = %q; want %q", got, want)
-		}
-	})
-}
-
-func TestServer_Request_Reject_CapitalHeader(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("UPPER", "v") })
-}
-
-func TestServer_Request_Reject_HeaderFieldNameColon(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("has:colon", "v") })
-}
-
-func TestServer_Request_Reject_HeaderFieldNameNULL(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("has\x00null", "v") })
-}
-
-func TestServer_Request_Reject_HeaderFieldNameEmpty(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("", "v") })
-}
-
-func TestServer_Request_Reject_HeaderFieldValueNewline(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("foo", "has\nnewline") })
-}
-
-func TestServer_Request_Reject_HeaderFieldValueCR(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("foo", "has\rcarriage") })
-}
-
-func TestServer_Request_Reject_HeaderFieldValueDEL(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1("foo", "has\x7fdel") })
-}
-
-func TestServer_Request_Reject_Pseudo_Missing_method(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1(":method", "") })
-}
-
-func TestServer_Request_Reject_Pseudo_ExactlyOne(t *testing.T) {
-	// 8.1.2.3 Request Pseudo-Header Fields
-	// "All HTTP/2 requests MUST include exactly one valid value" ...
-	testRejectRequest(t, func(st *serverTester) {
-		st.addLogFilter("duplicate pseudo-header")
-		st.bodylessReq1(":method", "GET", ":method", "POST")
-	})
-}
-
-func TestServer_Request_Reject_Pseudo_AfterRegular(t *testing.T) {
-	// 8.1.2.3 Request Pseudo-Header Fields
-	// "All pseudo-header fields MUST appear in the header block
-	// before regular header fields. Any request or response that
-	// contains a pseudo-header field that appears in a header
-	// block after a regular header field MUST be treated as
-	// malformed (Section 8.1.2.6)."
-	testRejectRequest(t, func(st *serverTester) {
-		st.addLogFilter("pseudo-header after regular header")
-		var buf bytes.Buffer
-		enc := hpack.NewEncoder(&buf)
-		enc.WriteField(hpack.HeaderField{Name: ":method", Value: "GET"})
-		enc.WriteField(hpack.HeaderField{Name: "regular", Value: "foobar"})
-		enc.WriteField(hpack.HeaderField{Name: ":path", Value: "/"})
-		enc.WriteField(hpack.HeaderField{Name: ":scheme", Value: "https"})
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: buf.Bytes(),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	})
-}
-
-func TestServer_Request_Reject_Pseudo_Missing_path(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1(":path", "") })
-}
-
-func TestServer_Request_Reject_Pseudo_Missing_scheme(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1(":scheme", "") })
-}
-
-func TestServer_Request_Reject_Pseudo_scheme_invalid(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) { st.bodylessReq1(":scheme", "bogus") })
-}
-
-func TestServer_Request_Reject_Pseudo_Unknown(t *testing.T) {
-	testRejectRequest(t, func(st *serverTester) {
-		st.addLogFilter(`invalid pseudo-header ":unknown_thing"`)
-		st.bodylessReq1(":unknown_thing", "")
-	})
-}
-
-func testRejectRequest(t *testing.T, send func(*serverTester)) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		t.Fatal("server request made it to handler; should've been rejected")
-	})
-	defer st.Close()
-
-	st.greet()
-	send(st)
-	st.wantRSTStream(1, ErrCodeProtocol)
-}
-
-func TestServer_Request_Connect(t *testing.T) {
-	testServerRequest(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID: 1,
-			BlockFragment: st.encodeHeaderRaw(
-				":method", "CONNECT",
-				":authority", "example.com:123",
-			),
-			EndStream:  true,
-			EndHeaders: true,
-		})
-	}, func(r *http.Request) {
-		if g, w := r.Method, "CONNECT"; g != w {
-			t.Errorf("Method = %q; want %q", g, w)
-		}
-		if g, w := r.RequestURI, "example.com:123"; g != w {
-			t.Errorf("RequestURI = %q; want %q", g, w)
-		}
-		if g, w := r.URL.Host, "example.com:123"; g != w {
-			t.Errorf("URL.Host = %q; want %q", g, w)
-		}
-	})
-}
-
-func TestServer_Request_Connect_InvalidPath(t *testing.T) {
-	testServerRejectsStream(t, ErrCodeProtocol, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID: 1,
-			BlockFragment: st.encodeHeaderRaw(
-				":method", "CONNECT",
-				":authority", "example.com:123",
-				":path", "/bogus",
-			),
-			EndStream:  true,
-			EndHeaders: true,
-		})
-	})
-}
-
-func TestServer_Request_Connect_InvalidScheme(t *testing.T) {
-	testServerRejectsStream(t, ErrCodeProtocol, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID: 1,
-			BlockFragment: st.encodeHeaderRaw(
-				":method", "CONNECT",
-				":authority", "example.com:123",
-				":scheme", "https",
-			),
-			EndStream:  true,
-			EndHeaders: true,
-		})
-	})
-}
-
-func TestServer_Ping(t *testing.T) {
-	st := newServerTester(t, nil)
-	defer st.Close()
-	st.greet()
-
-	// Server should ignore this one, since it has ACK set.
-	ackPingData := [8]byte{1, 2, 4, 8, 16, 32, 64, 128}
-	if err := st.fr.WritePing(true, ackPingData); err != nil {
-		t.Fatal(err)
-	}
-
-	// But the server should reply to this one, since ACK is false.
-	pingData := [8]byte{1, 2, 3, 4, 5, 6, 7, 8}
-	if err := st.fr.WritePing(false, pingData); err != nil {
-		t.Fatal(err)
-	}
-
-	pf := st.wantPing()
-	if !pf.Flags.Has(FlagPingAck) {
-		t.Error("response ping doesn't have ACK set")
-	}
-	if pf.Data != pingData {
-		t.Errorf("response ping has data %q; want %q", pf.Data, pingData)
-	}
-}
-
-func TestServer_RejectsLargeFrames(t *testing.T) {
-	if runtime.GOOS == "windows" {
-		t.Skip("see golang.org/issue/13434")
-	}
-
-	st := newServerTester(t, nil)
-	defer st.Close()
-	st.greet()
-
-	// Write too large of a frame (too large by one byte)
-	// We ignore the return value because it's expected that the server
-	// will only read the first 9 bytes (the headre) and then disconnect.
-	st.fr.WriteRawFrame(0xff, 0, 0, make([]byte, defaultMaxReadFrameSize+1))
-
-	gf := st.wantGoAway()
-	if gf.ErrCode != ErrCodeFrameSize {
-		t.Errorf("GOAWAY err = %v; want %v", gf.ErrCode, ErrCodeFrameSize)
-	}
-	if st.logBuf.Len() != 0 {
-		// Previously we spun here for a bit until the GOAWAY disconnect
-		// timer fired, logging while we fired.
-		t.Errorf("unexpected server output: %.500s\n", st.logBuf.Bytes())
-	}
-}
-
-func TestServer_Handler_Sends_WindowUpdate(t *testing.T) {
-	puppet := newHandlerPuppet()
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		puppet.act(w, r)
-	})
-	defer st.Close()
-	defer puppet.done()
-
-	st.greet()
-
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1, // clients send odd numbers
-		BlockFragment: st.encodeHeader(":method", "POST"),
-		EndStream:     false, // data coming
-		EndHeaders:    true,
-	})
-	st.writeData(1, false, []byte("abcdef"))
-	puppet.do(readBodyHandler(t, "abc"))
-	st.wantWindowUpdate(0, 3)
-	st.wantWindowUpdate(1, 3)
-
-	puppet.do(readBodyHandler(t, "def"))
-	st.wantWindowUpdate(0, 3)
-	st.wantWindowUpdate(1, 3)
-
-	st.writeData(1, true, []byte("ghijkl")) // END_STREAM here
-	puppet.do(readBodyHandler(t, "ghi"))
-	puppet.do(readBodyHandler(t, "jkl"))
-	st.wantWindowUpdate(0, 3)
-	st.wantWindowUpdate(0, 3) // no more stream-level, since END_STREAM
-}
-
-func TestServer_Send_GoAway_After_Bogus_WindowUpdate(t *testing.T) {
-	st := newServerTester(t, nil)
-	defer st.Close()
-	st.greet()
-	if err := st.fr.WriteWindowUpdate(0, 1<<31-1); err != nil {
-		t.Fatal(err)
-	}
-	gf := st.wantGoAway()
-	if gf.ErrCode != ErrCodeFlowControl {
-		t.Errorf("GOAWAY err = %v; want %v", gf.ErrCode, ErrCodeFlowControl)
-	}
-	if gf.LastStreamID != 0 {
-		t.Errorf("GOAWAY last stream ID = %v; want %v", gf.LastStreamID, 0)
-	}
-}
-
-func TestServer_Send_RstStream_After_Bogus_WindowUpdate(t *testing.T) {
-	inHandler := make(chan bool)
-	blockHandler := make(chan bool)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		inHandler <- true
-		<-blockHandler
-	})
-	defer st.Close()
-	defer close(blockHandler)
-	st.greet()
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: st.encodeHeader(":method", "POST"),
-		EndStream:     false, // keep it open
-		EndHeaders:    true,
-	})
-	<-inHandler
-	// Send a bogus window update:
-	if err := st.fr.WriteWindowUpdate(1, 1<<31-1); err != nil {
-		t.Fatal(err)
-	}
-	st.wantRSTStream(1, ErrCodeFlowControl)
-}
-
-// testServerPostUnblock sends a hanging POST with unsent data to handler,
-// then runs fn once in the handler, and verifies that the error returned from
-// handler is acceptable. It fails if takes over 5 seconds for handler to exit.
-func testServerPostUnblock(t *testing.T,
-	handler func(http.ResponseWriter, *http.Request) error,
-	fn func(*serverTester),
-	checkErr func(error),
-	otherHeaders ...string) {
-	inHandler := make(chan bool)
-	errc := make(chan error, 1)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		inHandler <- true
-		errc <- handler(w, r)
-	})
-	st.greet()
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: st.encodeHeader(append([]string{":method", "POST"}, otherHeaders...)...),
-		EndStream:     false, // keep it open
-		EndHeaders:    true,
-	})
-	<-inHandler
-	fn(st)
-	select {
-	case err := <-errc:
-		if checkErr != nil {
-			checkErr(err)
-		}
-	case <-time.After(5 * time.Second):
-		t.Fatal("timeout waiting for Handler to return")
-	}
-	st.Close()
-}
-
-func TestServer_RSTStream_Unblocks_Read(t *testing.T) {
-	testServerPostUnblock(t,
-		func(w http.ResponseWriter, r *http.Request) (err error) {
-			_, err = r.Body.Read(make([]byte, 1))
-			return
-		},
-		func(st *serverTester) {
-			if err := st.fr.WriteRSTStream(1, ErrCodeCancel); err != nil {
-				t.Fatal(err)
-			}
-		},
-		func(err error) {
-			want := StreamError{StreamID: 0x1, Code: 0x8}
-			if !reflect.DeepEqual(err, want) {
-				t.Errorf("Read error = %v; want %v", err, want)
-			}
-		},
-	)
-}
-
-func TestServer_RSTStream_Unblocks_Header_Write(t *testing.T) {
-	// Run this test a bunch, because it doesn't always
-	// deadlock. But with a bunch, it did.
-	n := 50
-	if testing.Short() {
-		n = 5
-	}
-	for i := 0; i < n; i++ {
-		testServer_RSTStream_Unblocks_Header_Write(t)
-	}
-}
-
-func testServer_RSTStream_Unblocks_Header_Write(t *testing.T) {
-	inHandler := make(chan bool, 1)
-	unblockHandler := make(chan bool, 1)
-	headerWritten := make(chan bool, 1)
-	wroteRST := make(chan bool, 1)
-
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		inHandler <- true
-		<-wroteRST
-		w.Header().Set("foo", "bar")
-		w.WriteHeader(200)
-		w.(http.Flusher).Flush()
-		headerWritten <- true
-		<-unblockHandler
-	})
-	defer st.Close()
-
-	st.greet()
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: st.encodeHeader(":method", "POST"),
-		EndStream:     false, // keep it open
-		EndHeaders:    true,
-	})
-	<-inHandler
-	if err := st.fr.WriteRSTStream(1, ErrCodeCancel); err != nil {
-		t.Fatal(err)
-	}
-	wroteRST <- true
-	st.awaitIdle()
-	select {
-	case <-headerWritten:
-	case <-time.After(2 * time.Second):
-		t.Error("timeout waiting for header write")
-	}
-	unblockHandler <- true
-}
-
-func TestServer_DeadConn_Unblocks_Read(t *testing.T) {
-	testServerPostUnblock(t,
-		func(w http.ResponseWriter, r *http.Request) (err error) {
-			_, err = r.Body.Read(make([]byte, 1))
-			return
-		},
-		func(st *serverTester) { st.cc.Close() },
-		func(err error) {
-			if err == nil {
-				t.Error("unexpected nil error from Request.Body.Read")
-			}
-		},
-	)
-}
-
-var blockUntilClosed = func(w http.ResponseWriter, r *http.Request) error {
-	<-w.(http.CloseNotifier).CloseNotify()
-	return nil
-}
-
-func TestServer_CloseNotify_After_RSTStream(t *testing.T) {
-	testServerPostUnblock(t, blockUntilClosed, func(st *serverTester) {
-		if err := st.fr.WriteRSTStream(1, ErrCodeCancel); err != nil {
-			t.Fatal(err)
-		}
-	}, nil)
-}
-
-func TestServer_CloseNotify_After_ConnClose(t *testing.T) {
-	testServerPostUnblock(t, blockUntilClosed, func(st *serverTester) { st.cc.Close() }, nil)
-}
-
-// that CloseNotify unblocks after a stream error due to the client's
-// problem that's unrelated to them explicitly canceling it (which is
-// TestServer_CloseNotify_After_RSTStream above)
-func TestServer_CloseNotify_After_StreamError(t *testing.T) {
-	testServerPostUnblock(t, blockUntilClosed, func(st *serverTester) {
-		// data longer than declared Content-Length => stream error
-		st.writeData(1, true, []byte("1234"))
-	}, nil, "content-length", "3")
-}
-
-func TestServer_StateTransitions(t *testing.T) {
-	var st *serverTester
-	inHandler := make(chan bool)
-	writeData := make(chan bool)
-	leaveHandler := make(chan bool)
-	st = newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		inHandler <- true
-		if st.stream(1) == nil {
-			t.Errorf("nil stream 1 in handler")
-		}
-		if got, want := st.streamState(1), stateOpen; got != want {
-			t.Errorf("in handler, state is %v; want %v", got, want)
-		}
-		writeData <- true
-		if n, err := r.Body.Read(make([]byte, 1)); n != 0 || err != io.EOF {
-			t.Errorf("body read = %d, %v; want 0, EOF", n, err)
-		}
-		if got, want := st.streamState(1), stateHalfClosedRemote; got != want {
-			t.Errorf("in handler, state is %v; want %v", got, want)
-		}
-
-		<-leaveHandler
-	})
-	st.greet()
-	if st.stream(1) != nil {
-		t.Fatal("stream 1 should be empty")
-	}
-	if got := st.streamState(1); got != stateIdle {
-		t.Fatalf("stream 1 should be idle; got %v", got)
-	}
-
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: st.encodeHeader(":method", "POST"),
-		EndStream:     false, // keep it open
-		EndHeaders:    true,
-	})
-	<-inHandler
-	<-writeData
-	st.writeData(1, true, nil)
-
-	leaveHandler <- true
-	hf := st.wantHeaders()
-	if !hf.StreamEnded() {
-		t.Fatal("expected END_STREAM flag")
-	}
-
-	if got, want := st.streamState(1), stateClosed; got != want {
-		t.Errorf("at end, state is %v; want %v", got, want)
-	}
-	if st.stream(1) != nil {
-		t.Fatal("at end, stream 1 should be gone")
-	}
-}
-
-// test HEADERS w/o EndHeaders + another HEADERS (should get rejected)
-func TestServer_Rejects_HeadersNoEnd_Then_Headers(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    false,
-		})
-		st.writeHeaders(HeadersFrameParam{ // Not a continuation.
-			StreamID:      3, // different stream.
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	})
-}
-
-// test HEADERS w/o EndHeaders + PING (should get rejected)
-func TestServer_Rejects_HeadersNoEnd_Then_Ping(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    false,
-		})
-		if err := st.fr.WritePing(false, [8]byte{}); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-// test HEADERS w/ EndHeaders + a continuation HEADERS (should get rejected)
-func TestServer_Rejects_HeadersEnd_Then_Continuation(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-		st.wantHeaders()
-		if err := st.fr.WriteContinuation(1, true, encodeHeaderNoImplicit(t, "foo", "bar")); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-// test HEADERS w/o EndHeaders + a continuation HEADERS on wrong stream ID
-func TestServer_Rejects_HeadersNoEnd_Then_ContinuationWrongStream(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    false,
-		})
-		if err := st.fr.WriteContinuation(3, true, encodeHeaderNoImplicit(t, "foo", "bar")); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-// No HEADERS on stream 0.
-func TestServer_Rejects_Headers0(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		st.fr.AllowIllegalWrites = true
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      0,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	})
-}
-
-// No CONTINUATION on stream 0.
-func TestServer_Rejects_Continuation0(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		st.fr.AllowIllegalWrites = true
-		if err := st.fr.WriteContinuation(0, true, st.encodeHeader()); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-func TestServer_Rejects_PushPromise(t *testing.T) {
-	testServerRejectsConn(t, func(st *serverTester) {
-		pp := PushPromiseParam{
-			StreamID:  1,
-			PromiseID: 3,
-		}
-		if err := st.fr.WritePushPromise(pp); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-// testServerRejectsConn tests that the server hangs up with a GOAWAY
-// frame and a server close after the client does something
-// deserving a CONNECTION_ERROR.
-func testServerRejectsConn(t *testing.T, writeReq func(*serverTester)) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {})
-	st.addLogFilter("connection error: PROTOCOL_ERROR")
-	defer st.Close()
-	st.greet()
-	writeReq(st)
-
-	st.wantGoAway()
-	errc := make(chan error, 1)
-	go func() {
-		fr, err := st.fr.ReadFrame()
-		if err == nil {
-			err = fmt.Errorf("got frame of type %T", fr)
-		}
-		errc <- err
-	}()
-	select {
-	case err := <-errc:
-		if err != io.EOF {
-			t.Errorf("ReadFrame = %v; want io.EOF", err)
-		}
-	case <-time.After(2 * time.Second):
-		t.Error("timeout waiting for disconnect")
-	}
-}
-
-// testServerRejectsStream tests that the server sends a RST_STREAM with the provided
-// error code after a client sends a bogus request.
-func testServerRejectsStream(t *testing.T, code ErrCode, writeReq func(*serverTester)) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {})
-	defer st.Close()
-	st.greet()
-	writeReq(st)
-	st.wantRSTStream(1, code)
-}
-
-// testServerRequest sets up an idle HTTP/2 connection and lets you
-// write a single request with writeReq, and then verify that the
-// *http.Request is built correctly in checkReq.
-func testServerRequest(t *testing.T, writeReq func(*serverTester), checkReq func(*http.Request)) {
-	gotReq := make(chan bool, 1)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		if r.Body == nil {
-			t.Fatal("nil Body")
-		}
-		checkReq(r)
-		gotReq <- true
-	})
-	defer st.Close()
-
-	st.greet()
-	writeReq(st)
-
-	select {
-	case <-gotReq:
-	case <-time.After(2 * time.Second):
-		t.Error("timeout waiting for request")
-	}
-}
-
-func getSlash(st *serverTester) { st.bodylessReq1() }
-
-func TestServer_Response_NoData(t *testing.T) {
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		// Nothing.
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if !hf.StreamEnded() {
-			t.Fatal("want END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-	})
-}
-
-func TestServer_Response_NoData_Header_FooBar(t *testing.T) {
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.Header().Set("Foo-Bar", "some-value")
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if !hf.StreamEnded() {
-			t.Fatal("want END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"foo-bar", "some-value"},
-			{"content-type", "text/plain; charset=utf-8"},
-			{"content-length", "0"},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-	})
-}
-
-func TestServer_Response_Data_Sniff_DoesntOverride(t *testing.T) {
-	const msg = "this is HTML."
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.Header().Set("Content-Type", "foo/bar")
-		io.WriteString(w, msg)
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("don't want END_STREAM, expecting data")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"content-type", "foo/bar"},
-			{"content-length", strconv.Itoa(len(msg))},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-		df := st.wantData()
-		if !df.StreamEnded() {
-			t.Error("expected DATA to have END_STREAM flag")
-		}
-		if got := string(df.Data()); got != msg {
-			t.Errorf("got DATA %q; want %q", got, msg)
-		}
-	})
-}
-
-func TestServer_Response_TransferEncoding_chunked(t *testing.T) {
-	const msg = "hi"
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.Header().Set("Transfer-Encoding", "chunked") // should be stripped
-		io.WriteString(w, msg)
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"content-type", "text/plain; charset=utf-8"},
-			{"content-length", strconv.Itoa(len(msg))},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-	})
-}
-
-// Header accessed only after the initial write.
-func TestServer_Response_Data_IgnoreHeaderAfterWrite_After(t *testing.T) {
-	const msg = "this is HTML."
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		io.WriteString(w, msg)
-		w.Header().Set("foo", "should be ignored")
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"content-type", "text/html; charset=utf-8"},
-			{"content-length", strconv.Itoa(len(msg))},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-	})
-}
-
-// Header accessed before the initial write and later mutated.
-func TestServer_Response_Data_IgnoreHeaderAfterWrite_Overwrite(t *testing.T) {
-	const msg = "this is HTML."
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.Header().Set("foo", "proper value")
-		io.WriteString(w, msg)
-		w.Header().Set("foo", "should be ignored")
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"foo", "proper value"},
-			{"content-type", "text/html; charset=utf-8"},
-			{"content-length", strconv.Itoa(len(msg))},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-	})
-}
-
-func TestServer_Response_Data_SniffLenType(t *testing.T) {
-	const msg = "this is HTML."
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		io.WriteString(w, msg)
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("don't want END_STREAM, expecting data")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"content-type", "text/html; charset=utf-8"},
-			{"content-length", strconv.Itoa(len(msg))},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-		df := st.wantData()
-		if !df.StreamEnded() {
-			t.Error("expected DATA to have END_STREAM flag")
-		}
-		if got := string(df.Data()); got != msg {
-			t.Errorf("got DATA %q; want %q", got, msg)
-		}
-	})
-}
-
-func TestServer_Response_Header_Flush_MidWrite(t *testing.T) {
-	const msg = "this is HTML"
-	const msg2 = ", and this is the next chunk"
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		io.WriteString(w, msg)
-		w.(http.Flusher).Flush()
-		io.WriteString(w, msg2)
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"content-type", "text/html; charset=utf-8"}, // sniffed
-			// and no content-length
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-		{
-			df := st.wantData()
-			if df.StreamEnded() {
-				t.Error("unexpected END_STREAM flag")
-			}
-			if got := string(df.Data()); got != msg {
-				t.Errorf("got DATA %q; want %q", got, msg)
-			}
-		}
-		{
-			df := st.wantData()
-			if !df.StreamEnded() {
-				t.Error("wanted END_STREAM flag on last data chunk")
-			}
-			if got := string(df.Data()); got != msg2 {
-				t.Errorf("got DATA %q; want %q", got, msg2)
-			}
-		}
-	})
-}
-
-func TestServer_Response_LargeWrite(t *testing.T) {
-	const size = 1 << 20
-	const maxFrameSize = 16 << 10
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		n, err := w.Write(bytes.Repeat([]byte("a"), size))
-		if err != nil {
-			return fmt.Errorf("Write error: %v", err)
-		}
-		if n != size {
-			return fmt.Errorf("wrong size %d from Write", n)
-		}
-		return nil
-	}, func(st *serverTester) {
-		if err := st.fr.WriteSettings(
-			Setting{SettingInitialWindowSize, 0},
-			Setting{SettingMaxFrameSize, maxFrameSize},
-		); err != nil {
-			t.Fatal(err)
-		}
-		st.wantSettingsAck()
-
-		getSlash(st) // make the single request
-
-		// Give the handler quota to write:
-		if err := st.fr.WriteWindowUpdate(1, size); err != nil {
-			t.Fatal(err)
-		}
-		// Give the handler quota to write to connection-level
-		// window as well
-		if err := st.fr.WriteWindowUpdate(0, size); err != nil {
-			t.Fatal(err)
-		}
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"content-type", "text/plain; charset=utf-8"}, // sniffed
-			// and no content-length
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-		var bytes, frames int
-		for {
-			df := st.wantData()
-			bytes += len(df.Data())
-			frames++
-			for _, b := range df.Data() {
-				if b != 'a' {
-					t.Fatal("non-'a' byte seen in DATA")
-				}
-			}
-			if df.StreamEnded() {
-				break
-			}
-		}
-		if bytes != size {
-			t.Errorf("Got %d bytes; want %d", bytes, size)
-		}
-		if want := int(size / maxFrameSize); frames < want || frames > want*2 {
-			t.Errorf("Got %d frames; want %d", frames, size)
-		}
-	})
-}
-
-// Test that the handler can't write more than the client allows
-func TestServer_Response_LargeWrite_FlowControlled(t *testing.T) {
-	const size = 1 << 20
-	const maxFrameSize = 16 << 10
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.(http.Flusher).Flush()
-		n, err := w.Write(bytes.Repeat([]byte("a"), size))
-		if err != nil {
-			return fmt.Errorf("Write error: %v", err)
-		}
-		if n != size {
-			return fmt.Errorf("wrong size %d from Write", n)
-		}
-		return nil
-	}, func(st *serverTester) {
-		// Set the window size to something explicit for this test.
-		// It's also how much initial data we expect.
-		const initWindowSize = 123
-		if err := st.fr.WriteSettings(
-			Setting{SettingInitialWindowSize, initWindowSize},
-			Setting{SettingMaxFrameSize, maxFrameSize},
-		); err != nil {
-			t.Fatal(err)
-		}
-		st.wantSettingsAck()
-
-		getSlash(st) // make the single request
-		defer func() { st.fr.WriteRSTStream(1, ErrCodeCancel) }()
-
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-
-		df := st.wantData()
-		if got := len(df.Data()); got != initWindowSize {
-			t.Fatalf("Initial window size = %d but got DATA with %d bytes", initWindowSize, got)
-		}
-
-		for _, quota := range []int{1, 13, 127} {
-			if err := st.fr.WriteWindowUpdate(1, uint32(quota)); err != nil {
-				t.Fatal(err)
-			}
-			df := st.wantData()
-			if int(quota) != len(df.Data()) {
-				t.Fatalf("read %d bytes after giving %d quota", len(df.Data()), quota)
-			}
-		}
-
-		if err := st.fr.WriteRSTStream(1, ErrCodeCancel); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-// Test that the handler blocked in a Write is unblocked if the server sends a RST_STREAM.
-func TestServer_Response_RST_Unblocks_LargeWrite(t *testing.T) {
-	const size = 1 << 20
-	const maxFrameSize = 16 << 10
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.(http.Flusher).Flush()
-		errc := make(chan error, 1)
-		go func() {
-			_, err := w.Write(bytes.Repeat([]byte("a"), size))
-			errc <- err
-		}()
-		select {
-		case err := <-errc:
-			if err == nil {
-				return errors.New("unexpected nil error from Write in handler")
-			}
-			return nil
-		case <-time.After(2 * time.Second):
-			return errors.New("timeout waiting for Write in handler")
-		}
-	}, func(st *serverTester) {
-		if err := st.fr.WriteSettings(
-			Setting{SettingInitialWindowSize, 0},
-			Setting{SettingMaxFrameSize, maxFrameSize},
-		); err != nil {
-			t.Fatal(err)
-		}
-		st.wantSettingsAck()
-
-		getSlash(st) // make the single request
-
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-
-		if err := st.fr.WriteRSTStream(1, ErrCodeCancel); err != nil {
-			t.Fatal(err)
-		}
-	})
-}
-
-func TestServer_Response_Empty_Data_Not_FlowControlled(t *testing.T) {
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.(http.Flusher).Flush()
-		// Nothing; send empty DATA
-		return nil
-	}, func(st *serverTester) {
-		// Handler gets no data quota:
-		if err := st.fr.WriteSettings(Setting{SettingInitialWindowSize, 0}); err != nil {
-			t.Fatal(err)
-		}
-		st.wantSettingsAck()
-
-		getSlash(st) // make the single request
-
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-
-		df := st.wantData()
-		if got := len(df.Data()); got != 0 {
-			t.Fatalf("unexpected %d DATA bytes; want 0", got)
-		}
-		if !df.StreamEnded() {
-			t.Fatal("DATA didn't have END_STREAM")
-		}
-	})
-}
-
-func TestServer_Response_Automatic100Continue(t *testing.T) {
-	const msg = "foo"
-	const reply = "bar"
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		if v := r.Header.Get("Expect"); v != "" {
-			t.Errorf("Expect header = %q; want empty", v)
-		}
-		buf := make([]byte, len(msg))
-		// This read should trigger the 100-continue being sent.
-		if n, err := io.ReadFull(r.Body, buf); err != nil || n != len(msg) || string(buf) != msg {
-			return fmt.Errorf("ReadFull = %q, %v; want %q, nil", buf[:n], err, msg)
-		}
-		_, err := io.WriteString(w, reply)
-		return err
-	}, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader(":method", "POST", "expect", "100-continue"),
-			EndStream:     false,
-			EndHeaders:    true,
-		})
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "100"},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Fatalf("Got headers %v; want %v", goth, wanth)
-		}
-
-		// Okay, they sent status 100, so we can send our
-		// gigantic and/or sensitive "foo" payload now.
-		st.writeData(1, true, []byte(msg))
-
-		st.wantWindowUpdate(0, uint32(len(msg)))
-
-		hf = st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("expected data to follow")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		goth = st.decodeHeader(hf.HeaderBlockFragment())
-		wanth = [][2]string{
-			{":status", "200"},
-			{"content-type", "text/plain; charset=utf-8"},
-			{"content-length", strconv.Itoa(len(reply))},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Got headers %v; want %v", goth, wanth)
-		}
-
-		df := st.wantData()
-		if string(df.Data()) != reply {
-			t.Errorf("Client read %q; want %q", df.Data(), reply)
-		}
-		if !df.StreamEnded() {
-			t.Errorf("expect data stream end")
-		}
-	})
-}
-
-func TestServer_HandlerWriteErrorOnDisconnect(t *testing.T) {
-	errc := make(chan error, 1)
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		p := []byte("some data.\n")
-		for {
-			_, err := w.Write(p)
-			if err != nil {
-				errc <- err
-				return nil
-			}
-		}
-	}, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     false,
-			EndHeaders:    true,
-		})
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("unexpected END_STREAM flag")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("want END_HEADERS flag")
-		}
-		// Close the connection and wait for the handler to (hopefully) notice.
-		st.cc.Close()
-		select {
-		case <-errc:
-		case <-time.After(5 * time.Second):
-			t.Error("timeout")
-		}
-	})
-}
-
-func TestServer_Rejects_Too_Many_Streams(t *testing.T) {
-	const testPath = "/some/path"
-
-	inHandler := make(chan uint32)
-	leaveHandler := make(chan bool)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		id := w.(*responseWriter).rws.stream.id
-		inHandler <- id
-		if id == 1+(defaultMaxStreams+1)*2 && r.URL.Path != testPath {
-			t.Errorf("decoded final path as %q; want %q", r.URL.Path, testPath)
-		}
-		<-leaveHandler
-	})
-	defer st.Close()
-	st.greet()
-	nextStreamID := uint32(1)
-	streamID := func() uint32 {
-		defer func() { nextStreamID += 2 }()
-		return nextStreamID
-	}
-	sendReq := func(id uint32, headers ...string) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      id,
-			BlockFragment: st.encodeHeader(headers...),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-	}
-	for i := 0; i < defaultMaxStreams; i++ {
-		sendReq(streamID())
-		<-inHandler
-	}
-	defer func() {
-		for i := 0; i < defaultMaxStreams; i++ {
-			leaveHandler <- true
-		}
-	}()
-
-	// And this one should cross the limit:
-	// (It's also sent as a CONTINUATION, to verify we still track the decoder context,
-	// even if we're rejecting it)
-	rejectID := streamID()
-	headerBlock := st.encodeHeader(":path", testPath)
-	frag1, frag2 := headerBlock[:3], headerBlock[3:]
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      rejectID,
-		BlockFragment: frag1,
-		EndStream:     true,
-		EndHeaders:    false, // CONTINUATION coming
-	})
-	if err := st.fr.WriteContinuation(rejectID, true, frag2); err != nil {
-		t.Fatal(err)
-	}
-	st.wantRSTStream(rejectID, ErrCodeProtocol)
-
-	// But let a handler finish:
-	leaveHandler <- true
-	st.wantHeaders()
-
-	// And now another stream should be able to start:
-	goodID := streamID()
-	sendReq(goodID, ":path", testPath)
-	select {
-	case got := <-inHandler:
-		if got != goodID {
-			t.Errorf("Got stream %d; want %d", got, goodID)
-		}
-	case <-time.After(3 * time.Second):
-		t.Error("timeout waiting for handler")
-	}
-}
-
-// So many response headers that the server needs to use CONTINUATION frames:
-func TestServer_Response_ManyHeaders_With_Continuation(t *testing.T) {
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		h := w.Header()
-		for i := 0; i < 5000; i++ {
-			h.Set(fmt.Sprintf("x-header-%d", i), fmt.Sprintf("x-value-%d", i))
-		}
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.HeadersEnded() {
-			t.Fatal("got unwanted END_HEADERS flag")
-		}
-		n := 0
-		for {
-			n++
-			cf := st.wantContinuation()
-			if cf.HeadersEnded() {
-				break
-			}
-		}
-		if n < 5 {
-			t.Errorf("Only got %d CONTINUATION frames; expected 5+ (currently 6)", n)
-		}
-	})
-}
-
-// This previously crashed (reported by Mathieu Lonjaret as observed
-// while using Camlistore) because we got a DATA frame from the client
-// after the handler exited and our logic at the time was wrong,
-// keeping a stream in the map in stateClosed, which tickled an
-// invariant check later when we tried to remove that stream (via
-// defer sc.closeAllStreamsOnConnClose) when the serverConn serve loop
-// ended.
-func TestServer_NoCrash_HandlerClose_Then_ClientClose(t *testing.T) {
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		// nothing
-		return nil
-	}, func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     false, // DATA is coming
-			EndHeaders:    true,
-		})
-		hf := st.wantHeaders()
-		if !hf.HeadersEnded() || !hf.StreamEnded() {
-			t.Fatalf("want END_HEADERS+END_STREAM, got %v", hf)
-		}
-
-		// Sent when the a Handler closes while a client has
-		// indicated it's still sending DATA:
-		st.wantRSTStream(1, ErrCodeCancel)
-
-		// Now the handler has ended, so it's ended its
-		// stream, but the client hasn't closed its side
-		// (stateClosedLocal).  So send more data and verify
-		// it doesn't crash with an internal invariant panic, like
-		// it did before.
-		st.writeData(1, true, []byte("foo"))
-
-		// Sent after a peer sends data anyway (admittedly the
-		// previous RST_STREAM might've still been in-flight),
-		// but they'll get the more friendly 'cancel' code
-		// first.
-		st.wantRSTStream(1, ErrCodeStreamClosed)
-
-		// Set up a bunch of machinery to record the panic we saw
-		// previously.
-		var (
-			panMu    sync.Mutex
-			panicVal interface{}
-		)
-
-		testHookOnPanicMu.Lock()
-		testHookOnPanic = func(sc *serverConn, pv interface{}) bool {
-			panMu.Lock()
-			panicVal = pv
-			panMu.Unlock()
-			return true
-		}
-		testHookOnPanicMu.Unlock()
-
-		// Now force the serve loop to end, via closing the connection.
-		st.cc.Close()
-		select {
-		case <-st.sc.doneServing:
-			// Loop has exited.
-			panMu.Lock()
-			got := panicVal
-			panMu.Unlock()
-			if got != nil {
-				t.Errorf("Got panic: %v", got)
-			}
-		case <-time.After(5 * time.Second):
-			t.Error("timeout")
-		}
-	})
-}
-
-func TestServer_Rejects_TLS10(t *testing.T) { testRejectTLS(t, tls.VersionTLS10) }
-func TestServer_Rejects_TLS11(t *testing.T) { testRejectTLS(t, tls.VersionTLS11) }
-
-func testRejectTLS(t *testing.T, max uint16) {
-	st := newServerTester(t, nil, func(c *tls.Config) {
-		c.MaxVersion = max
-	})
-	defer st.Close()
-	gf := st.wantGoAway()
-	if got, want := gf.ErrCode, ErrCodeInadequateSecurity; got != want {
-		t.Errorf("Got error code %v; want %v", got, want)
-	}
-}
-
-func TestServer_Rejects_TLSBadCipher(t *testing.T) {
-	st := newServerTester(t, nil, func(c *tls.Config) {
-		// Only list bad ones:
-		c.CipherSuites = []uint16{
-			tls.TLS_RSA_WITH_RC4_128_SHA,
-			tls.TLS_RSA_WITH_3DES_EDE_CBC_SHA,
-			tls.TLS_RSA_WITH_AES_128_CBC_SHA,
-			tls.TLS_RSA_WITH_AES_256_CBC_SHA,
-			tls.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-			tls.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA,
-			tls.TLS_ECDHE_RSA_WITH_RC4_128_SHA,
-			tls.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA,
-			tls.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-			tls.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-		}
-	})
-	defer st.Close()
-	gf := st.wantGoAway()
-	if got, want := gf.ErrCode, ErrCodeInadequateSecurity; got != want {
-		t.Errorf("Got error code %v; want %v", got, want)
-	}
-}
-
-func TestServer_Advertises_Common_Cipher(t *testing.T) {
-	const requiredSuite = tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
-	st := newServerTester(t, nil, func(c *tls.Config) {
-		// Have the client only support the one required by the spec.
-		c.CipherSuites = []uint16{requiredSuite}
-	}, func(ts *httptest.Server) {
-		var srv *http.Server = ts.Config
-		// Have the server configured with no specific cipher suites.
-		// This tests that Go's defaults include the required one.
-		srv.TLSConfig = nil
-	})
-	defer st.Close()
-	st.greet()
-}
-
-func (st *serverTester) onHeaderField(f hpack.HeaderField) {
-	if f.Name == "date" {
-		return
-	}
-	st.decodedHeaders = append(st.decodedHeaders, [2]string{f.Name, f.Value})
-}
-
-func (st *serverTester) decodeHeader(headerBlock []byte) (pairs [][2]string) {
-	st.decodedHeaders = nil
-	if _, err := st.hpackDec.Write(headerBlock); err != nil {
-		st.t.Fatalf("hpack decoding error: %v", err)
-	}
-	if err := st.hpackDec.Close(); err != nil {
-		st.t.Fatalf("hpack decoding error: %v", err)
-	}
-	return st.decodedHeaders
-}
-
-// testServerResponse sets up an idle HTTP/2 connection and lets you
-// write a single request with writeReq, and then reply to it in some way with the provided handler,
-// and then verify the output with the serverTester again (assuming the handler returns nil)
-func testServerResponse(t testing.TB,
-	handler func(http.ResponseWriter, *http.Request) error,
-	client func(*serverTester),
-) {
-	errc := make(chan error, 1)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		if r.Body == nil {
-			t.Fatal("nil Body")
-		}
-		errc <- handler(w, r)
-	})
-	defer st.Close()
-
-	donec := make(chan bool)
-	go func() {
-		defer close(donec)
-		st.greet()
-		client(st)
-	}()
-
-	select {
-	case <-donec:
-		return
-	case <-time.After(5 * time.Second):
-		t.Fatal("timeout")
-	}
-
-	select {
-	case err := <-errc:
-		if err != nil {
-			t.Fatalf("Error in handler: %v", err)
-		}
-	case <-time.After(2 * time.Second):
-		t.Error("timeout waiting for handler to finish")
-	}
-}
-
-// readBodyHandler returns an http Handler func that reads len(want)
-// bytes from r.Body and fails t if the contents read were not
-// the value of want.
-func readBodyHandler(t *testing.T, want string) func(w http.ResponseWriter, r *http.Request) {
-	return func(w http.ResponseWriter, r *http.Request) {
-		buf := make([]byte, len(want))
-		_, err := io.ReadFull(r.Body, buf)
-		if err != nil {
-			t.Error(err)
-			return
-		}
-		if string(buf) != want {
-			t.Errorf("read %q; want %q", buf, want)
-		}
-	}
-}
-
-// TestServerWithCurl currently fails, hence the LenientCipherSuites test. See:
-//   https://github.com/tatsuhiro-t/nghttp2/issues/140 &
-//   http://sourceforge.net/p/curl/bugs/1472/
-func TestServerWithCurl(t *testing.T)                     { testServerWithCurl(t, false) }
-func TestServerWithCurl_LenientCipherSuites(t *testing.T) { testServerWithCurl(t, true) }
-
-func testServerWithCurl(t *testing.T, permitProhibitedCipherSuites bool) {
-	if runtime.GOOS != "linux" {
-		t.Skip("skipping Docker test when not on Linux; requires --net which won't work with boot2docker anyway")
-	}
-	if testing.Short() {
-		t.Skip("skipping curl test in short mode")
-	}
-	requireCurl(t)
-	var gotConn int32
-	testHookOnConn = func() { atomic.StoreInt32(&gotConn, 1) }
-
-	const msg = "Hello from curl!\n"
-	ts := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		w.Header().Set("Foo", "Bar")
-		w.Header().Set("Client-Proto", r.Proto)
-		io.WriteString(w, msg)
-	}))
-	ConfigureServer(ts.Config, &Server{
-		PermitProhibitedCipherSuites: permitProhibitedCipherSuites,
-	})
-	ts.TLS = ts.Config.TLSConfig // the httptest.Server has its own copy of this TLS config
-	ts.StartTLS()
-	defer ts.Close()
-
-	t.Logf("Running test server for curl to hit at: %s", ts.URL)
-	container := curl(t, "--silent", "--http2", "--insecure", "-v", ts.URL)
-	defer kill(container)
-	resc := make(chan interface{}, 1)
-	go func() {
-		res, err := dockerLogs(container)
-		if err != nil {
-			resc <- err
-		} else {
-			resc <- res
-		}
-	}()
-	select {
-	case res := <-resc:
-		if err, ok := res.(error); ok {
-			t.Fatal(err)
-		}
-		body := string(res.([]byte))
-		// Search for both "key: value" and "key:value", since curl changed their format
-		// Our Dockerfile contains the latest version (no space), but just in case people
-		// didn't rebuild, check both.
-		if !strings.Contains(body, "foo: Bar") && !strings.Contains(body, "foo:Bar") {
-			t.Errorf("didn't see foo: Bar header")
-			t.Logf("Got: %s", body)
-		}
-		if !strings.Contains(body, "client-proto: HTTP/2") && !strings.Contains(body, "client-proto:HTTP/2") {
-			t.Errorf("didn't see client-proto: HTTP/2 header")
-			t.Logf("Got: %s", res)
-		}
-		if !strings.Contains(string(res.([]byte)), msg) {
-			t.Errorf("didn't see %q content", msg)
-			t.Logf("Got: %s", res)
-		}
-	case <-time.After(3 * time.Second):
-		t.Errorf("timeout waiting for curl")
-	}
-
-	if atomic.LoadInt32(&gotConn) == 0 {
-		t.Error("never saw an http2 connection")
-	}
-}
-
-var doh2load = flag.Bool("h2load", false, "Run h2load test")
-
-func TestServerWithH2Load(t *testing.T) {
-	if !*doh2load {
-		t.Skip("Skipping without --h2load flag.")
-	}
-	if runtime.GOOS != "linux" {
-		t.Skip("skipping Docker test when not on Linux; requires --net which won't work with boot2docker anyway")
-	}
-	requireH2load(t)
-
-	msg := strings.Repeat("Hello, h2load!\n", 5000)
-	ts := httptest.NewUnstartedServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, msg)
-		w.(http.Flusher).Flush()
-		io.WriteString(w, msg)
-	}))
-	ts.StartTLS()
-	defer ts.Close()
-
-	cmd := exec.Command("docker", "run", "--net=host", "--entrypoint=/usr/local/bin/h2load", "gohttp2/curl",
-		"-n100000", "-c100", "-m100", ts.URL)
-	cmd.Stdout = os.Stdout
-	cmd.Stderr = os.Stderr
-	if err := cmd.Run(); err != nil {
-		t.Fatal(err)
-	}
-}
-
-// Issue 12843
-func TestServerDoS_MaxHeaderListSize(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {})
-	defer st.Close()
-
-	// shake hands
-	st.writePreface()
-	st.writeInitialSettings()
-	frameSize := defaultMaxReadFrameSize
-	var advHeaderListSize *uint32
-	st.wantSettings().ForeachSetting(func(s Setting) error {
-		switch s.ID {
-		case SettingMaxFrameSize:
-			if s.Val < minMaxFrameSize {
-				frameSize = minMaxFrameSize
-			} else if s.Val > maxFrameSize {
-				frameSize = maxFrameSize
-			} else {
-				frameSize = int(s.Val)
-			}
-		case SettingMaxHeaderListSize:
-			advHeaderListSize = &s.Val
-		}
-		return nil
-	})
-	st.writeSettingsAck()
-	st.wantSettingsAck()
-
-	if advHeaderListSize == nil {
-		t.Errorf("server didn't advertise a max header list size")
-	} else if *advHeaderListSize == 0 {
-		t.Errorf("server advertised a max header list size of 0")
-	}
-
-	st.encodeHeaderField(":method", "GET")
-	st.encodeHeaderField(":path", "/")
-	st.encodeHeaderField(":scheme", "https")
-	cookie := strings.Repeat("*", 4058)
-	st.encodeHeaderField("cookie", cookie)
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: st.headerBuf.Bytes(),
-		EndStream:     true,
-		EndHeaders:    false,
-	})
-
-	// Capture the short encoding of a duplicate ~4K cookie, now
-	// that we've already sent it once.
-	st.headerBuf.Reset()
-	st.encodeHeaderField("cookie", cookie)
-
-	// Now send 1MB of it.
-	const size = 1 << 20
-	b := bytes.Repeat(st.headerBuf.Bytes(), size/st.headerBuf.Len())
-	for len(b) > 0 {
-		chunk := b
-		if len(chunk) > frameSize {
-			chunk = chunk[:frameSize]
-		}
-		b = b[len(chunk):]
-		st.fr.WriteContinuation(1, len(b) == 0, chunk)
-	}
-
-	h := st.wantHeaders()
-	if !h.HeadersEnded() {
-		t.Fatalf("Got HEADERS without END_HEADERS set: %v", h)
-	}
-	headers := st.decodeHeader(h.HeaderBlockFragment())
-	want := [][2]string{
-		{":status", "431"},
-		{"content-type", "text/html; charset=utf-8"},
-		{"content-length", "63"},
-	}
-	if !reflect.DeepEqual(headers, want) {
-		t.Errorf("Headers mismatch.\n got: %q\nwant: %q\n", headers, want)
-	}
-}
-
-func TestCompressionErrorOnWrite(t *testing.T) {
-	const maxStrLen = 8 << 10
-	var serverConfig *http.Server
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		// No response body.
-	}, func(ts *httptest.Server) {
-		serverConfig = ts.Config
-		serverConfig.MaxHeaderBytes = maxStrLen
-	})
-	st.addLogFilter("connection error: COMPRESSION_ERROR")
-	defer st.Close()
-	st.greet()
-
-	maxAllowed := st.sc.framer.maxHeaderStringLen()
-
-	// Crank this up, now that we have a conn connected with the
-	// hpack.Decoder's max string length set has been initialized
-	// from the earlier low ~8K value. We want this higher so don't
-	// hit the max header list size. We only want to test hitting
-	// the max string size.
-	serverConfig.MaxHeaderBytes = 1 << 20
-
-	// First a request with a header that's exactly the max allowed size
-	// for the hpack compression. It's still too long for the header list
-	// size, so we'll get the 431 error, but that keeps the compression
-	// context still valid.
-	hbf := st.encodeHeader("foo", strings.Repeat("a", maxAllowed))
-
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: hbf,
-		EndStream:     true,
-		EndHeaders:    true,
-	})
-	h := st.wantHeaders()
-	if !h.HeadersEnded() {
-		t.Fatalf("Got HEADERS without END_HEADERS set: %v", h)
-	}
-	headers := st.decodeHeader(h.HeaderBlockFragment())
-	want := [][2]string{
-		{":status", "431"},
-		{"content-type", "text/html; charset=utf-8"},
-		{"content-length", "63"},
-	}
-	if !reflect.DeepEqual(headers, want) {
-		t.Errorf("Headers mismatch.\n got: %q\nwant: %q\n", headers, want)
-	}
-	df := st.wantData()
-	if !strings.Contains(string(df.Data()), "HTTP Error 431") {
-		t.Errorf("Unexpected data body: %q", df.Data())
-	}
-	if !df.StreamEnded() {
-		t.Fatalf("expect data stream end")
-	}
-
-	// And now send one that's just one byte too big.
-	hbf = st.encodeHeader("bar", strings.Repeat("b", maxAllowed+1))
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      3,
-		BlockFragment: hbf,
-		EndStream:     true,
-		EndHeaders:    true,
-	})
-	ga := st.wantGoAway()
-	if ga.ErrCode != ErrCodeCompression {
-		t.Errorf("GOAWAY err = %v; want ErrCodeCompression", ga.ErrCode)
-	}
-}
-
-func TestCompressionErrorOnClose(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		// No response body.
-	})
-	st.addLogFilter("connection error: COMPRESSION_ERROR")
-	defer st.Close()
-	st.greet()
-
-	hbf := st.encodeHeader("foo", "bar")
-	hbf = hbf[:len(hbf)-1] // truncate one byte from the end, so hpack.Decoder.Close fails.
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: hbf,
-		EndStream:     true,
-		EndHeaders:    true,
-	})
-	ga := st.wantGoAway()
-	if ga.ErrCode != ErrCodeCompression {
-		t.Errorf("GOAWAY err = %v; want ErrCodeCompression", ga.ErrCode)
-	}
-}
-
-// test that a server handler can read trailers from a client
-func TestServerReadsTrailers(t *testing.T) {
-	const testBody = "some test body"
-	writeReq := func(st *serverTester) {
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      1, // clients send odd numbers
-			BlockFragment: st.encodeHeader("trailer", "Foo, Bar", "trailer", "Baz"),
-			EndStream:     false,
-			EndHeaders:    true,
-		})
-		st.writeData(1, false, []byte(testBody))
-		st.writeHeaders(HeadersFrameParam{
-			StreamID: 1, // clients send odd numbers
-			BlockFragment: st.encodeHeaderRaw(
-				"foo", "foov",
-				"bar", "barv",
-				"baz", "bazv",
-				"surprise", "wasn't declared; shouldn't show up",
-			),
-			EndStream:  true,
-			EndHeaders: true,
-		})
-	}
-	checkReq := func(r *http.Request) {
-		wantTrailer := http.Header{
-			"Foo": nil,
-			"Bar": nil,
-			"Baz": nil,
-		}
-		if !reflect.DeepEqual(r.Trailer, wantTrailer) {
-			t.Errorf("initial Trailer = %v; want %v", r.Trailer, wantTrailer)
-		}
-		slurp, err := ioutil.ReadAll(r.Body)
-		if string(slurp) != testBody {
-			t.Errorf("read body %q; want %q", slurp, testBody)
-		}
-		if err != nil {
-			t.Fatalf("Body slurp: %v", err)
-		}
-		wantTrailerAfter := http.Header{
-			"Foo": {"foov"},
-			"Bar": {"barv"},
-			"Baz": {"bazv"},
-		}
-		if !reflect.DeepEqual(r.Trailer, wantTrailerAfter) {
-			t.Errorf("final Trailer = %v; want %v", r.Trailer, wantTrailerAfter)
-		}
-	}
-	testServerRequest(t, writeReq, checkReq)
-}
-
-// test that a server handler can send trailers
-func TestServerWritesTrailers_WithFlush(t *testing.T)    { testServerWritesTrailers(t, true) }
-func TestServerWritesTrailers_WithoutFlush(t *testing.T) { testServerWritesTrailers(t, false) }
-
-func testServerWritesTrailers(t *testing.T, withFlush bool) {
-	// See https://httpwg.github.io/specs/rfc7540.html#rfc.section.8.1.3
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.Header().Set("Trailer", "Server-Trailer-A, Server-Trailer-B")
-		w.Header().Add("Trailer", "Server-Trailer-C")
-
-		// TODO: decide if the server should filter these while
-		// writing the Trailer header in the response. Currently it
-		// appears net/http doesn't do this for http/1.1
-		w.Header().Add("Trailer", "Transfer-Encoding, Content-Length, Trailer") // filtered
-		w.Header().Set("Foo", "Bar")
-		w.Header().Set("Content-Length", "5")
-
-		io.WriteString(w, "Hello")
-		if withFlush {
-			w.(http.Flusher).Flush()
-		}
-		w.Header().Set("Server-Trailer-A", "valuea")
-		w.Header().Set("Server-Trailer-C", "valuec") // skipping B
-		// After a flush, random keys like Server-Surprise shouldn't show up:
-		w.Header().Set("Server-Surpise", "surprise! this isn't predeclared!")
-		// But we do permit promoting keys to trailers after a
-		// flush if they start with the magic
-		// otherwise-invalid "Trailer:" prefix:
-		w.Header().Set("Trailer:Post-Header-Trailer", "hi1")
-		w.Header().Set("Trailer:post-header-trailer2", "hi2")
-		w.Header().Set("Transfer-Encoding", "should not be included; Forbidden by RFC 2616 14.40")
-		w.Header().Set("Content-Length", "should not be included; Forbidden by RFC 2616 14.40")
-		w.Header().Set("Trailer", "should not be included; Forbidden by RFC 2616 14.40")
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if hf.StreamEnded() {
-			t.Fatal("response HEADERS had END_STREAM")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("response HEADERS didn't have END_HEADERS")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"foo", "Bar"},
-			{"trailer", "Server-Trailer-A, Server-Trailer-B"},
-			{"trailer", "Server-Trailer-C"},
-			{"trailer", "Transfer-Encoding, Content-Length, Trailer"},
-			{"content-type", "text/plain; charset=utf-8"},
-			{"content-length", "5"},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Header mismatch.\n got: %v\nwant: %v", goth, wanth)
-		}
-		df := st.wantData()
-		if string(df.Data()) != "Hello" {
-			t.Fatalf("Client read %q; want Hello", df.Data())
-		}
-		if df.StreamEnded() {
-			t.Fatalf("data frame had STREAM_ENDED")
-		}
-		tf := st.wantHeaders() // for the trailers
-		if !tf.StreamEnded() {
-			t.Fatalf("trailers HEADERS lacked END_STREAM")
-		}
-		if !tf.HeadersEnded() {
-			t.Fatalf("trailers HEADERS lacked END_HEADERS")
-		}
-		wanth = [][2]string{
-			{"post-header-trailer", "hi1"},
-			{"post-header-trailer2", "hi2"},
-			{"server-trailer-a", "valuea"},
-			{"server-trailer-c", "valuec"},
-		}
-		goth = st.decodeHeader(tf.HeaderBlockFragment())
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Header mismatch.\n got: %v\nwant: %v", goth, wanth)
-		}
-	})
-}
-
-// validate transmitted header field names & values
-// golang.org/issue/14048
-func TestServerDoesntWriteInvalidHeaders(t *testing.T) {
-	testServerResponse(t, func(w http.ResponseWriter, r *http.Request) error {
-		w.Header().Add("OK1", "x")
-		w.Header().Add("Bad:Colon", "x") // colon (non-token byte) in key
-		w.Header().Add("Bad1\x00", "x")  // null in key
-		w.Header().Add("Bad2", "x\x00y") // null in value
-		return nil
-	}, func(st *serverTester) {
-		getSlash(st)
-		hf := st.wantHeaders()
-		if !hf.StreamEnded() {
-			t.Error("response HEADERS lacked END_STREAM")
-		}
-		if !hf.HeadersEnded() {
-			t.Fatal("response HEADERS didn't have END_HEADERS")
-		}
-		goth := st.decodeHeader(hf.HeaderBlockFragment())
-		wanth := [][2]string{
-			{":status", "200"},
-			{"ok1", "x"},
-			{"content-type", "text/plain; charset=utf-8"},
-			{"content-length", "0"},
-		}
-		if !reflect.DeepEqual(goth, wanth) {
-			t.Errorf("Header mismatch.\n got: %v\nwant: %v", goth, wanth)
-		}
-	})
-}
-
-func BenchmarkServerGets(b *testing.B) {
-	defer disableGoroutineTracking()()
-	b.ReportAllocs()
-
-	const msg = "Hello, world"
-	st := newServerTester(b, func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, msg)
-	})
-	defer st.Close()
-	st.greet()
-
-	// Give the server quota to reply. (plus it has the the 64KB)
-	if err := st.fr.WriteWindowUpdate(0, uint32(b.N*len(msg))); err != nil {
-		b.Fatal(err)
-	}
-
-	for i := 0; i < b.N; i++ {
-		id := 1 + uint32(i)*2
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      id,
-			BlockFragment: st.encodeHeader(),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-		st.wantHeaders()
-		df := st.wantData()
-		if !df.StreamEnded() {
-			b.Fatalf("DATA didn't have END_STREAM; got %v", df)
-		}
-	}
-}
-
-func BenchmarkServerPosts(b *testing.B) {
-	defer disableGoroutineTracking()()
-	b.ReportAllocs()
-
-	const msg = "Hello, world"
-	st := newServerTester(b, func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, msg)
-	})
-	defer st.Close()
-	st.greet()
-
-	// Give the server quota to reply. (plus it has the the 64KB)
-	if err := st.fr.WriteWindowUpdate(0, uint32(b.N*len(msg))); err != nil {
-		b.Fatal(err)
-	}
-
-	for i := 0; i < b.N; i++ {
-		id := 1 + uint32(i)*2
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      id,
-			BlockFragment: st.encodeHeader(":method", "POST"),
-			EndStream:     false,
-			EndHeaders:    true,
-		})
-		st.writeData(id, true, nil)
-		st.wantHeaders()
-		df := st.wantData()
-		if !df.StreamEnded() {
-			b.Fatalf("DATA didn't have END_STREAM; got %v", df)
-		}
-	}
-}
-
-// go-fuzz bug, originally reported at https://github.com/bradfitz/http2/issues/53
-// Verify we don't hang.
-func TestIssue53(t *testing.T) {
-	const data = "PRI * HTTP/2.0\r\n\r\nSM" +
-		"\r\n\r\n\x00\x00\x00\x01\ainfinfin\ad"
-	s := &http.Server{
-		ErrorLog: log.New(io.MultiWriter(stderrv(), twriter{t: t}), "", log.LstdFlags),
-		Handler: http.HandlerFunc(func(w http.ResponseWriter, req *http.Request) {
-			w.Write([]byte("hello"))
-		}),
-	}
-	s2 := &Server{
-		MaxReadFrameSize:             1 << 16,
-		PermitProhibitedCipherSuites: true,
-	}
-	c := &issue53Conn{[]byte(data), false, false}
-	s2.ServeConn(c, &ServeConnOpts{BaseConfig: s})
-	if !c.closed {
-		t.Fatal("connection is not closed")
-	}
-}
-
-type issue53Conn struct {
-	data    []byte
-	closed  bool
-	written bool
-}
-
-func (c *issue53Conn) Read(b []byte) (n int, err error) {
-	if len(c.data) == 0 {
-		return 0, io.EOF
-	}
-	n = copy(b, c.data)
-	c.data = c.data[n:]
-	return
-}
-
-func (c *issue53Conn) Write(b []byte) (n int, err error) {
-	c.written = true
-	return len(b), nil
-}
-
-func (c *issue53Conn) Close() error {
-	c.closed = true
-	return nil
-}
-
-func (c *issue53Conn) LocalAddr() net.Addr                { return &net.TCPAddr{net.IP{127, 0, 0, 1}, 49706, ""} }
-func (c *issue53Conn) RemoteAddr() net.Addr               { return &net.TCPAddr{net.IP{127, 0, 0, 1}, 49706, ""} }
-func (c *issue53Conn) SetDeadline(t time.Time) error      { return nil }
-func (c *issue53Conn) SetReadDeadline(t time.Time) error  { return nil }
-func (c *issue53Conn) SetWriteDeadline(t time.Time) error { return nil }
-
-// golang.org/issue/12895
-func TestConfigureServer(t *testing.T) {
-	tests := []struct {
-		name    string
-		in      http.Server
-		wantErr string
-	}{
-		{
-			name: "empty server",
-			in:   http.Server{},
-		},
-		{
-			name: "just the required cipher suite",
-			in: http.Server{
-				TLSConfig: &tls.Config{
-					CipherSuites: []uint16{tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
-				},
-			},
-		},
-		{
-			name: "missing required cipher suite",
-			in: http.Server{
-				TLSConfig: &tls.Config{
-					CipherSuites: []uint16{tls.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384},
-				},
-			},
-			wantErr: "is missing HTTP/2-required TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256",
-		},
-		{
-			name: "required after bad",
-			in: http.Server{
-				TLSConfig: &tls.Config{
-					CipherSuites: []uint16{tls.TLS_RSA_WITH_RC4_128_SHA, tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256},
-				},
-			},
-			wantErr: "contains an HTTP/2-approved cipher suite (0xc02f), but it comes after",
-		},
-		{
-			name: "bad after required",
-			in: http.Server{
-				TLSConfig: &tls.Config{
-					CipherSuites: []uint16{tls.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, tls.TLS_RSA_WITH_RC4_128_SHA},
-				},
-			},
-		},
-	}
-	for _, tt := range tests {
-		err := ConfigureServer(&tt.in, nil)
-		if (err != nil) != (tt.wantErr != "") {
-			if tt.wantErr != "" {
-				t.Errorf("%s: success, but want error", tt.name)
-			} else {
-				t.Errorf("%s: unexpected error: %v", tt.name, err)
-			}
-		}
-		if err != nil && tt.wantErr != "" && !strings.Contains(err.Error(), tt.wantErr) {
-			t.Errorf("%s: err = %v; want substring %q", tt.name, err, tt.wantErr)
-		}
-		if err == nil && !tt.in.TLSConfig.PreferServerCipherSuites {
-			t.Errorf("%s: PreferServerCipherSuite is false; want true", tt.name)
-		}
-	}
-}
-
-func TestServerRejectHeadWithBody(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		// No response body.
-	})
-	defer st.Close()
-	st.greet()
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1, // clients send odd numbers
-		BlockFragment: st.encodeHeader(":method", "HEAD"),
-		EndStream:     false, // what we're testing, a bogus HEAD request with body
-		EndHeaders:    true,
-	})
-	st.wantRSTStream(1, ErrCodeProtocol)
-}
-
-func TestServerNoAutoContentLengthOnHead(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		// No response body. (or smaller than one frame)
-	})
-	defer st.Close()
-	st.greet()
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1, // clients send odd numbers
-		BlockFragment: st.encodeHeader(":method", "HEAD"),
-		EndStream:     true,
-		EndHeaders:    true,
-	})
-	h := st.wantHeaders()
-	headers := st.decodeHeader(h.HeaderBlockFragment())
-	want := [][2]string{
-		{":status", "200"},
-		{"content-type", "text/plain; charset=utf-8"},
-	}
-	if !reflect.DeepEqual(headers, want) {
-		t.Errorf("Headers mismatch.\n got: %q\nwant: %q\n", headers, want)
-	}
-}
-
-// golang.org/issue/13495
-func TestServerNoDuplicateContentType(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		w.Header()["Content-Type"] = []string{""}
-		fmt.Fprintf(w, "hi")
-	})
-	defer st.Close()
-	st.greet()
-	st.writeHeaders(HeadersFrameParam{
-		StreamID:      1,
-		BlockFragment: st.encodeHeader(),
-		EndStream:     true,
-		EndHeaders:    true,
-	})
-	h := st.wantHeaders()
-	headers := st.decodeHeader(h.HeaderBlockFragment())
-	want := [][2]string{
-		{":status", "200"},
-		{"content-type", ""},
-		{"content-length", "41"},
-	}
-	if !reflect.DeepEqual(headers, want) {
-		t.Errorf("Headers mismatch.\n got: %q\nwant: %q\n", headers, want)
-	}
-}
-
-func disableGoroutineTracking() (restore func()) {
-	old := DebugGoroutines
-	DebugGoroutines = false
-	return func() { DebugGoroutines = old }
-}
-
-func BenchmarkServer_GetRequest(b *testing.B) {
-	defer disableGoroutineTracking()()
-	b.ReportAllocs()
-	const msg = "Hello, world."
-	st := newServerTester(b, func(w http.ResponseWriter, r *http.Request) {
-		n, err := io.Copy(ioutil.Discard, r.Body)
-		if err != nil || n > 0 {
-			b.Error("Read %d bytes, error %v; want 0 bytes.", n, err)
-		}
-		io.WriteString(w, msg)
-	})
-	defer st.Close()
-
-	st.greet()
-	// Give the server quota to reply. (plus it has the the 64KB)
-	if err := st.fr.WriteWindowUpdate(0, uint32(b.N*len(msg))); err != nil {
-		b.Fatal(err)
-	}
-	hbf := st.encodeHeader(":method", "GET")
-	for i := 0; i < b.N; i++ {
-		streamID := uint32(1 + 2*i)
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      streamID,
-			BlockFragment: hbf,
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-		st.wantHeaders()
-		st.wantData()
-	}
-}
-
-func BenchmarkServer_PostRequest(b *testing.B) {
-	defer disableGoroutineTracking()()
-	b.ReportAllocs()
-	const msg = "Hello, world."
-	st := newServerTester(b, func(w http.ResponseWriter, r *http.Request) {
-		n, err := io.Copy(ioutil.Discard, r.Body)
-		if err != nil || n > 0 {
-			b.Error("Read %d bytes, error %v; want 0 bytes.", n, err)
-		}
-		io.WriteString(w, msg)
-	})
-	defer st.Close()
-	st.greet()
-	// Give the server quota to reply. (plus it has the the 64KB)
-	if err := st.fr.WriteWindowUpdate(0, uint32(b.N*len(msg))); err != nil {
-		b.Fatal(err)
-	}
-	hbf := st.encodeHeader(":method", "POST")
-	for i := 0; i < b.N; i++ {
-		streamID := uint32(1 + 2*i)
-		st.writeHeaders(HeadersFrameParam{
-			StreamID:      streamID,
-			BlockFragment: hbf,
-			EndStream:     false,
-			EndHeaders:    true,
-		})
-		st.writeData(streamID, true, nil)
-		st.wantHeaders()
-		st.wantData()
-	}
-}
-
-type connStateConn struct {
-	net.Conn
-	cs tls.ConnectionState
-}
-
-func (c connStateConn) ConnectionState() tls.ConnectionState { return c.cs }
-
-// golang.org/issue/12737 -- handle any net.Conn, not just
-// *tls.Conn.
-func TestServerHandleCustomConn(t *testing.T) {
-	var s Server
-	c1, c2 := net.Pipe()
-	clientDone := make(chan struct{})
-	handlerDone := make(chan struct{})
-	var req *http.Request
-	go func() {
-		defer close(clientDone)
-		defer c2.Close()
-		fr := NewFramer(c2, c2)
-		io.WriteString(c2, ClientPreface)
-		fr.WriteSettings()
-		fr.WriteSettingsAck()
-		f, err := fr.ReadFrame()
-		if err != nil {
-			t.Error(err)
-			return
-		}
-		if sf, ok := f.(*SettingsFrame); !ok || sf.IsAck() {
-			t.Errorf("Got %v; want non-ACK SettingsFrame", summarizeFrame(f))
-			return
-		}
-		f, err = fr.ReadFrame()
-		if err != nil {
-			t.Error(err)
-			return
-		}
-		if sf, ok := f.(*SettingsFrame); !ok || !sf.IsAck() {
-			t.Errorf("Got %v; want ACK SettingsFrame", summarizeFrame(f))
-			return
-		}
-		var henc hpackEncoder
-		fr.WriteHeaders(HeadersFrameParam{
-			StreamID:      1,
-			BlockFragment: henc.encodeHeaderRaw(t, ":method", "GET", ":path", "/", ":scheme", "https", ":authority", "foo.com"),
-			EndStream:     true,
-			EndHeaders:    true,
-		})
-		go io.Copy(ioutil.Discard, c2)
-		<-handlerDone
-	}()
-	const testString = "my custom ConnectionState"
-	fakeConnState := tls.ConnectionState{
-		ServerName: testString,
-		Version:    tls.VersionTLS12,
-	}
-	go s.ServeConn(connStateConn{c1, fakeConnState}, &ServeConnOpts{
-		BaseConfig: &http.Server{
-			Handler: http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-				defer close(handlerDone)
-				req = r
-			}),
-		}})
-	select {
-	case <-clientDone:
-	case <-time.After(5 * time.Second):
-		t.Fatal("timeout waiting for handler")
-	}
-	if req.TLS == nil {
-		t.Fatalf("Request.TLS is nil. Got: %#v", req)
-	}
-	if req.TLS.ServerName != testString {
-		t.Fatalf("Request.TLS = %+v; want ServerName of %q", req.TLS, testString)
-	}
-}
-
-type hpackEncoder struct {
-	enc *hpack.Encoder
-	buf bytes.Buffer
-}
-
-func (he *hpackEncoder) encodeHeaderRaw(t *testing.T, headers ...string) []byte {
-	if len(headers)%2 == 1 {
-		panic("odd number of kv args")
-	}
-	he.buf.Reset()
-	if he.enc == nil {
-		he.enc = hpack.NewEncoder(&he.buf)
-	}
-	for len(headers) > 0 {
-		k, v := headers[0], headers[1]
-		err := he.enc.WriteField(hpack.HeaderField{Name: k, Value: v})
-		if err != nil {
-			t.Fatalf("HPACK encoding error for %q/%q: %v", k, v, err)
-		}
-		headers = headers[2:]
-	}
-	return he.buf.Bytes()
-}
diff --git a/vendor/golang.org/x/net/http2/testdata/draft-ietf-httpbis-http2.xml b/vendor/golang.org/x/net/http2/testdata/draft-ietf-httpbis-http2.xml
deleted file mode 100644
index 31a84bed..00000000
--- a/vendor/golang.org/x/net/http2/testdata/draft-ietf-httpbis-http2.xml
+++ /dev/null
@@ -1,5021 +0,0 @@
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-  
-  
-    Hypertext Transfer Protocol version 2
-
-    
-      Twist
-      
    
-        mbelshe@chromium.org
-      
    
-        
-
-    
-      Google, Inc
-      
    
-        fenix@google.com
-      
    
-        
-
-    
-      Mozilla
-      
    
-        
-          331 E Evelyn Street
-          Mountain View
-          CA
-          94041
-          US
-        
-        martin.thomson@gmail.com
-      
    
-        
-
-    
-    Applications
-    HTTPbis
-    HTTP
-    SPDY
-    Web
-
-    
-      
-        This specification describes an optimized expression of the semantics of the Hypertext
-        Transfer Protocol (HTTP). HTTP/2 enables a more efficient use of network resources and a
-        reduced perception of latency by introducing header field compression and allowing multiple
-        concurrent messages on the same connection. It also introduces unsolicited push of
-        representations from servers to clients.
-      
-      
-        This specification is an alternative to, but does not obsolete, the HTTP/1.1 message syntax.
-        HTTP's existing semantics remain unchanged.
-      
-    
-
-    
-      
-        Discussion of this draft takes place on the HTTPBIS working group mailing list
-        (ietf-http-wg@w3.org), which is archived at .
-      
-      
-        Working Group information can be found at ; that specific to HTTP/2 are at .
-      
-      
-        The changes in this draft are summarized in .
-      
-    
-
-      
-
-  
-    
    
-
-      
-        The Hypertext Transfer Protocol (HTTP) is a wildly successful protocol. However, the
-        HTTP/1.1 message format () has
-        several characteristics that have a negative overall effect on application performance
-        today.
-      
-      
-        In particular, HTTP/1.0 allowed only one request to be outstanding at a time on a given
-        TCP connection. HTTP/1.1 added request pipelining, but this only partially addressed
-        request concurrency and still suffers from head-of-line blocking. Therefore, HTTP/1.1
-        clients that need to make many requests typically use multiple connections to a server in
-        order to achieve concurrency and thereby reduce latency.
-      
-      
-        Furthermore, HTTP header fields are often repetitive and verbose, causing unnecessary
-        network traffic, as well as causing the initial TCP congestion
-        window to quickly fill. This can result in excessive latency when multiple requests are
-        made on a new TCP connection.
-      
-      
-        HTTP/2 addresses these issues by defining an optimized mapping of HTTP's semantics to an
-        underlying connection. Specifically, it allows interleaving of request and response
-        messages on the same connection and uses an efficient coding for HTTP header fields. It
-        also allows prioritization of requests, letting more important requests complete more
-        quickly, further improving performance.
-      
-      
-        The resulting protocol is more friendly to the network, because fewer TCP connections can
-        be used in comparison to HTTP/1.x. This means less competition with other flows, and
-        longer-lived connections, which in turn leads to better utilization of available network
-        capacity.
-      
-      
-        Finally, HTTP/2 also enables more efficient processing of messages through use of binary
-        message framing.
-      
-    
    
-
-    
    
-      
-        HTTP/2 provides an optimized transport for HTTP semantics.  HTTP/2 supports all of the core
-        features of HTTP/1.1, but aims to be more efficient in several ways.
-      
-      
-        The basic protocol unit in HTTP/2 is a frame.  Each frame
-        type serves a different purpose.  For example, HEADERS and
-        DATA frames form the basis of HTTP requests and
-        responses; other frame types like SETTINGS,
-        WINDOW_UPDATE, and PUSH_PROMISE are used in support of other
-        HTTP/2 features.
-      
-      
-        Multiplexing of requests is achieved by having each HTTP request-response exchange
-        associated with its own stream. Streams are largely
-        independent of each other, so a blocked or stalled request or response does not prevent
-        progress on other streams.
-      
-      
-        Flow control and prioritization ensure that it is possible to efficiently use multiplexed
-        streams.  Flow control helps to ensure that only data that
-        can be used by a receiver is transmitted.  Prioritization ensures that limited resources can be directed
-        to the most important streams first.
-      
-      
-        HTTP/2 adds a new interaction mode, whereby a server can push
-        responses to a client.  Server push allows a server to speculatively send a client
-        data that the server anticipates the client will need, trading off some network usage
-        against a potential latency gain.  The server does this by synthesizing a request, which it
-        sends as a PUSH_PROMISE frame.  The server is then able to send a response to
-        the synthetic request on a separate stream.
-      
-      
-        Frames that contain HTTP header fields are compressed.
-        HTTP requests can be highly redundant, so compression can reduce the size of requests and
-        responses significantly.
-      
-
-      
    
-        
-          The HTTP/2 specification is split into four parts:
-          
-            
-              Starting HTTP/2 covers how an HTTP/2 connection is
-              initiated.
-            
-            
-              The framing and streams layers describe the way HTTP/2 frames are
-              structured and formed into multiplexed streams.
-            
-            
-              Frame and error
-              definitions include details of the frame and error types used in HTTP/2.
-            
-            
-              HTTP mappings and additional
-              requirements describe how HTTP semantics are expressed using frames and
-              streams.
-          
-          
-        
-        
-          While some of the frame and stream layer concepts are isolated from HTTP, this
-          specification does not define a completely generic framing layer. The framing and streams
-          layers are tailored to the needs of the HTTP protocol and server push.
-        
-      
    
-
-      
    
-        
-          The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD
-          NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as
-          described in RFC 2119.
-        
-        
-          All numeric values are in network byte order.  Values are unsigned unless otherwise
-          indicated.  Literal values are provided in decimal or hexadecimal as appropriate.
-          Hexadecimal literals are prefixed with 0x to distinguish them
-          from decimal literals.
-        
-        
-          The following terms are used:
-          
-            
-              The endpoint initiating the HTTP/2 connection.
-            
-            
-              A transport-layer connection between two endpoints.
-            
-            
-              An error that affects the entire HTTP/2 connection.
-            
-            
-              Either the client or server of the connection.
-            
-            
-              The smallest unit of communication within an HTTP/2 connection, consisting of a header
-              and a variable-length sequence of octets structured according to the frame type.
-            
-            
-              An endpoint.  When discussing a particular endpoint, "peer" refers to the endpoint
-              that is remote to the primary subject of discussion.
-            
-            
-              An endpoint that is receiving frames.
-            
-            
-              An endpoint that is transmitting frames.
-            
-            
-              The endpoint which did not initiate the HTTP/2 connection.
-            
-            
-              A bi-directional flow of frames across a virtual channel within the HTTP/2 connection.
-            
-            
-              An error on the individual HTTP/2 stream.
-            
-          
-        
-        
-          Finally, the terms "gateway", "intermediary", "proxy", and "tunnel" are defined
-          in .
-        
-      
    
-    
    
-
-    
    
-      
-        An HTTP/2 connection is an application layer protocol running on top of a TCP connection
-        (). The client is the TCP connection initiator.
-      
-      
-        HTTP/2 uses the same "http" and "https" URI schemes used by HTTP/1.1. HTTP/2 shares the same
-        default port numbers: 80 for "http" URIs and 443 for "https" URIs.  As a result,
-        implementations processing requests for target resource URIs like http://example.org/foo or https://example.com/bar are required to first discover whether the
-        upstream server (the immediate peer to which the client wishes to establish a connection)
-        supports HTTP/2.
-      
-
-      
-        The means by which support for HTTP/2 is determined is different for "http" and "https"
-        URIs. Discovery for "http" URIs is described in .  Discovery
-        for "https" URIs is described in .
-      
-
-      
    
-        
-          The protocol defined in this document has two identifiers.
-          
-            
-              
-                The string "h2" identifies the protocol where HTTP/2 uses TLS.  This identifier is used in the TLS application layer protocol negotiation extension (ALPN)
-                field and any place that HTTP/2 over TLS is identified.
-              
-              
-                The "h2" string is serialized into an ALPN protocol identifier as the two octet
-                sequence: 0x68, 0x32.
-              
-            
-            
-              
-                The string "h2c" identifies the protocol where HTTP/2 is run over cleartext TCP.
-                This identifier is used in the HTTP/1.1 Upgrade header field and any place that
-                HTTP/2 over TCP is identified.
-              
-            
-          
-        
-        
-          Negotiating "h2" or "h2c" implies the use of the transport, security, framing and message
-          semantics described in this document.
-        
-        
-          RFC Editor's Note: please remove the remainder of this section prior to the
-          publication of a final version of this document.
-        
-        
-          Only implementations of the final, published RFC can identify themselves as "h2" or "h2c".
-          Until such an RFC exists, implementations MUST NOT identify themselves using these
-          strings.
-        
-        
-          Examples and text throughout the rest of this document use "h2" as a matter of
-          editorial convenience only.  Implementations of draft versions MUST NOT identify using
-          this string.
-        
-        
-          Implementations of draft versions of the protocol MUST add the string "-" and the
-          corresponding draft number to the identifier. For example, draft-ietf-httpbis-http2-11
-          over TLS is identified using the string "h2-11".
-        
-        
-          Non-compatible experiments that are based on these draft versions MUST append the string
-          "-" and an experiment name to the identifier.  For example, an experimental implementation
-          of packet mood-based encoding based on draft-ietf-httpbis-http2-09 might identify itself
-          as "h2-09-emo".  Note that any label MUST conform to the "token" syntax defined in
-          .  Experimenters are
-          encouraged to coordinate their experiments on the ietf-http-wg@w3.org mailing list.
-        
-      
    
-
-      
    
-        
-          A client that makes a request for an "http" URI without prior knowledge about support for
-          HTTP/2 uses the HTTP Upgrade mechanism ().  The client makes an HTTP/1.1 request that includes an Upgrade
-          header field identifying HTTP/2 with the "h2c" token.  The HTTP/1.1 request MUST include
-          exactly one HTTP2-Settings header field.
-        
-        
    
-          For example:
-          
-
-]]>
-        
    
-        
-          Requests that contain an entity body MUST be sent in their entirety before the client can
-          send HTTP/2 frames.  This means that a large request entity can block the use of the
-          connection until it is completely sent.
-        
-        
-          If concurrency of an initial request with subsequent requests is important, an OPTIONS
-          request can be used to perform the upgrade to HTTP/2, at the cost of an additional
-          round-trip.
-        
-        
-          A server that does not support HTTP/2 can respond to the request as though the Upgrade
-          header field were absent:
-        
-        
    
-          
-HTTP/1.1 200 OK
-Content-Length: 243
-Content-Type: text/html
-
-...
-
-        
    
-        
-          A server MUST ignore a "h2" token in an Upgrade header field.  Presence of a token with
-          "h2" implies HTTP/2 over TLS, which is instead negotiated as described in .
-        
-        
-          A server that supports HTTP/2 can accept the upgrade with a 101 (Switching Protocols)
-          response.  After the empty line that terminates the 101 response, the server can begin
-          sending HTTP/2 frames.  These frames MUST include a response to the request that initiated
-          the Upgrade.
-        
-
-        
    
-          
-            For example:
-          
-          
-HTTP/1.1 101 Switching Protocols
-Connection: Upgrade
-Upgrade: h2c
-
-[ HTTP/2 connection ...
-
-        
    
-        
-          The first HTTP/2 frame sent by the server is a SETTINGS frame () as the server connection preface (). Upon receiving the 101 response, the client sends a connection preface, which includes a
-          SETTINGS frame.
-        
-        
-          The HTTP/1.1 request that is sent prior to upgrade is assigned stream identifier 1 and is
-          assigned default priority values.  Stream 1 is
-          implicitly half closed from the client toward the server, since the request is completed
-          as an HTTP/1.1 request.  After commencing the HTTP/2 connection, stream 1 is used for the
-          response.
-        
-
-        
    
-          
-            A request that upgrades from HTTP/1.1 to HTTP/2 MUST include exactly one HTTP2-Settings header field.  The HTTP2-Settings header field is a connection-specific header field
-            that includes parameters that govern the HTTP/2 connection, provided in anticipation of
-            the server accepting the request to upgrade.
-          
-          
    
-            
-          
    
-          
-            A server MUST NOT upgrade the connection to HTTP/2 if this header field is not present,
-            or if more than one is present. A server MUST NOT send this header field.
-          
-
-          
-            The content of the HTTP2-Settings header field is the
-            payload of a SETTINGS frame (), encoded as a
-            base64url string (that is, the URL- and filename-safe Base64 encoding described in , with any trailing '=' characters omitted).  The
-            ABNF production for token68 is
-            defined in .
-          
-          
-            Since the upgrade is only intended to apply to the immediate connection, a client
-            sending HTTP2-Settings MUST also send HTTP2-Settings as a connection option in the Connection header field to prevent it from being forwarded
-            downstream.
-          
-          
-            A server decodes and interprets these values as it would any other
-            SETTINGS frame.  Acknowledgement of the
-            SETTINGS parameters is not necessary, since a 101 response serves as implicit
-            acknowledgment.  Providing these values in the Upgrade request gives a client an
-            opportunity to provide parameters prior to receiving any frames from the server.
-          
-        
    
-      
    
-
-      
    
-        
-          A client that makes a request to an "https" URI uses TLS
-          with the application layer protocol negotiation extension.
-        
-        
-          HTTP/2 over TLS uses the "h2" application token.  The "h2c" token MUST NOT be sent by a
-          client or selected by a server.
-        
-        
-          Once TLS negotiation is complete, both the client and the server send a connection preface.
-        
-      
    
-
-      
    
-        
-          A client can learn that a particular server supports HTTP/2 by other means.  For example,
-           describes a mechanism for advertising this capability.
-        
-        
-          A client MAY immediately send HTTP/2 frames to a server that is known to support HTTP/2,
-          after the connection preface; a server can
-          identify such a connection by the presence of the connection preface. This only affects
-          the establishment of HTTP/2 connections over cleartext TCP; implementations that support
-          HTTP/2 over TLS MUST use protocol negotiation in TLS.
-        
-        
-          Without additional information, prior support for HTTP/2 is not a strong signal that a
-          given server will support HTTP/2 for future connections. For example, it is possible for
-          server configurations to change, for configurations to differ between instances in
-          clustered servers, or for network conditions to change.
-        
-      
    
-
-      
    
-        
-          Upon establishment of a TCP connection and determination that HTTP/2 will be used by both
-          peers, each endpoint MUST send a connection preface as a final confirmation and to
-          establish the initial SETTINGS parameters for the HTTP/2 connection.  The client and
-          server each send a different connection preface.
-        
-        
-          The client connection preface starts with a sequence of 24 octets, which in hex notation
-          are:
-        
-        
    
-          
-        
    
-        
-          (the string PRI * HTTP/2.0\r\n\r\nSM\r\n\r\n).  This sequence
-          is followed by a SETTINGS frame ().  The
-          SETTINGS frame MAY be empty.  The client sends the client connection
-          preface immediately upon receipt of a 101 Switching Protocols response (indicating a
-          successful upgrade), or as the first application data octets of a TLS connection. If
-          starting an HTTP/2 connection with prior knowledge of server support for the protocol, the
-          client connection preface is sent upon connection establishment.
-        
-        
-          
-            
-              The client connection preface is selected so that a large proportion of HTTP/1.1 or
-              HTTP/1.0 servers and intermediaries do not attempt to process further frames.  Note
-              that this does not address the concerns raised in .
-            
-          
-        
-        
-          The server connection preface consists of a potentially empty SETTINGS
-          frame () that MUST be the first frame the server sends in the
-          HTTP/2 connection.
-        
-        
-          The SETTINGS frames received from a peer as part of the connection preface
-          MUST be acknowledged (see ) after sending the connection
-          preface.
-        
-        
-          To avoid unnecessary latency, clients are permitted to send additional frames to the
-          server immediately after sending the client connection preface, without waiting to receive
-          the server connection preface.  It is important to note, however, that the server
-          connection preface SETTINGS frame might include parameters that necessarily
-          alter how a client is expected to communicate with the server. Upon receiving the
-          SETTINGS frame, the client is expected to honor any parameters established.
-          In some configurations, it is possible for the server to transmit SETTINGS
-          before the client sends additional frames, providing an opportunity to avoid this issue.
-        
-        
-          Clients and servers MUST treat an invalid connection preface as a connection error of type
-          PROTOCOL_ERROR.  A GOAWAY frame ()
-          MAY be omitted in this case, since an invalid preface indicates that the peer is not using
-          HTTP/2.
-        
-      
    
-    
    
-
-    
    
-      
-        Once the HTTP/2 connection is established, endpoints can begin exchanging frames.
-      
-
-      
    
-        
-          All frames begin with a fixed 9-octet header followed by a variable-length payload.
-        
-        
    
-          
-        
    
-        
-          The fields of the frame header are defined as:
-          
-            
-              
-                The length of the frame payload expressed as an unsigned 24-bit integer.  Values
-                greater than 214 (16,384) MUST NOT be sent unless the receiver has
-                set a larger value for SETTINGS_MAX_FRAME_SIZE.
-              
-              
-                The 9 octets of the frame header are not included in this value.
-              
-            
-            
-              
-                The 8-bit type of the frame.  The frame type determines the format and semantics of
-                the frame.  Implementations MUST ignore and discard any frame that has a type that
-                is unknown.
-              
-            
-            
-              
-                An 8-bit field reserved for frame-type specific boolean flags.
-              
-              
-                Flags are assigned semantics specific to the indicated frame type.  Flags that have
-                no defined semantics for a particular frame type MUST be ignored, and MUST be left
-                unset (0) when sending.
-              
-            
-            
-              
-                A reserved 1-bit field.  The semantics of this bit are undefined and the bit MUST
-                remain unset (0) when sending and MUST be ignored when receiving.
-              
-            
-            
-              
-                A 31-bit stream identifier (see ).  The value 0 is
-                reserved for frames that are associated with the connection as a whole as opposed to
-                an individual stream.
-              
-            
-          
-        
-        
-          The structure and content of the frame payload is dependent entirely on the frame type.
-        
-      
    
-
-      
    
-        
-          The size of a frame payload is limited by the maximum size that a receiver advertises in
-          the SETTINGS_MAX_FRAME_SIZE setting.  This setting can have any value
-          between 214 (16,384) and 224-1 (16,777,215) octets,
-          inclusive.
-        
-        
-          All implementations MUST be capable of receiving and minimally processing frames up to
-          214 octets in length, plus the 9 octet frame
-          header.  The size of the frame header is not included when describing frame sizes.
-          
-            
-              Certain frame types, such as PING, impose additional limits
-              on the amount of payload data allowed.
-            
-          
-        
-        
-          If a frame size exceeds any defined limit, or is too small to contain mandatory frame
-          data, the endpoint MUST send a FRAME_SIZE_ERROR error. A frame size error
-          in a frame that could alter the state of the entire connection MUST be treated as a connection error; this includes any frame carrying
-          a header block (that is, HEADERS,
-          PUSH_PROMISE, and CONTINUATION), SETTINGS,
-          and any WINDOW_UPDATE frame with a stream identifier of 0.
-        
-        
-          Endpoints are not obligated to use all available space in a frame. Responsiveness can be
-          improved by using frames that are smaller than the permitted maximum size. Sending large
-          frames can result in delays in sending time-sensitive frames (such
-          RST_STREAM, WINDOW_UPDATE, or PRIORITY)
-          which if blocked by the transmission of a large frame, could affect performance.
-        
-      
    
-
-      
    
-        
-          Just as in HTTP/1, a header field in HTTP/2 is a name with one or more associated values.
-          They are used within HTTP request and response messages as well as server push operations
-          (see ).
-        
-        
-          Header lists are collections of zero or more header fields.  When transmitted over a
-          connection, a header list is serialized into a header block using HTTP Header Compression.  The serialized header block is then
-          divided into one or more octet sequences, called header block fragments, and transmitted
-          within the payload of HEADERS, PUSH_PROMISE or CONTINUATION frames.
-        
-        
-          The Cookie header field is treated specially by the HTTP
-          mapping (see ).
-        
-        
-          A receiving endpoint reassembles the header block by concatenating its fragments, then
-          decompresses the block to reconstruct the header list.
-        
-        
-          A complete header block consists of either:
-          
-            
-              a single HEADERS or PUSH_PROMISE frame,
-              with the END_HEADERS flag set, or
-            
-            
-              a HEADERS or PUSH_PROMISE frame with the END_HEADERS
-              flag cleared and one or more CONTINUATION frames,
-              where the last CONTINUATION frame has the END_HEADERS flag set.
-            
-          
-        
-        
-          Header compression is stateful.  One compression context and one decompression context is
-          used for the entire connection.  Each header block is processed as a discrete unit.
-          Header blocks MUST be transmitted as a contiguous sequence of frames, with no interleaved
-          frames of any other type or from any other stream.  The last frame in a sequence of
-          HEADERS or CONTINUATION frames MUST have the END_HEADERS
-          flag set.  The last frame in a sequence of PUSH_PROMISE or
-          CONTINUATION frames MUST have the END_HEADERS flag set.  This allows a
-          header block to be logically equivalent to a single frame.
-        
-        
-          Header block fragments can only be sent as the payload of HEADERS,
-          PUSH_PROMISE or CONTINUATION frames, because these frames
-          carry data that can modify the compression context maintained by a receiver.  An endpoint
-          receiving HEADERS, PUSH_PROMISE or
-          CONTINUATION frames MUST reassemble header blocks and perform decompression
-          even if the frames are to be discarded.  A receiver MUST terminate the connection with a
-          connection error of type
-          COMPRESSION_ERROR if it does not decompress a header block.
-        
-      
    
-    
    
-
-    
    
-      
-        A "stream" is an independent, bi-directional sequence of frames exchanged between the client
-        and server within an HTTP/2 connection.  Streams have several important characteristics:
-        
-          
-            A single HTTP/2 connection can contain multiple concurrently open streams, with either
-            endpoint interleaving frames from multiple streams.
-          
-          
-            Streams can be established and used unilaterally or shared by either the client or
-            server.
-          
-          
-            Streams can be closed by either endpoint.
-          
-          
-            The order in which frames are sent on a stream is significant. Recipients process frames
-            in the order they are received.  In particular, the order of HEADERS,
-            and DATA frames is semantically significant.
-          
-          
-            Streams are identified by an integer.  Stream identifiers are assigned to streams by the
-            endpoint initiating the stream.
-          
-        
-      
-
-      
    
-        
-          The lifecycle of a stream is shown in .
-        
-
-        
    
-          
-            |        |<-----------'        |
-     |  R                  | closed |                  R  |
-     `-------------------->|        |<--------------------'
-                           +--------+
-
-       H:  HEADERS frame (with implied CONTINUATIONs)
-       PP: PUSH_PROMISE frame (with implied CONTINUATIONs)
-       ES: END_STREAM flag
-       R:  RST_STREAM frame
-]]>
-          
-        
    
-
-        
-          Note that this diagram shows stream state transitions and the frames and flags that affect
-          those transitions only.  In this regard, CONTINUATION frames do not result
-          in state transitions; they are effectively part of the HEADERS or
-          PUSH_PROMISE that they follow.  For this purpose, the END_STREAM flag is
-          processed as a separate event to the frame that bears it; a HEADERS frame
-          with the END_STREAM flag set can cause two state transitions.
-        
-        
-          Both endpoints have a subjective view of the state of a stream that could be different
-          when frames are in transit.  Endpoints do not coordinate the creation of streams; they are
-          created unilaterally by either endpoint.  The negative consequences of a mismatch in
-          states are limited to the "closed" state after sending RST_STREAM, where
-          frames might be received for some time after closing.
-        
-        
-          Streams have the following states:
-          
-
-            
-              
-                
-                All streams start in the "idle" state.  In this state, no frames have been
-                exchanged.
-              
-              
-                The following transitions are valid from this state:
-                
-                  
-                    Sending or receiving a HEADERS frame causes the stream to become
-                    "open".  The stream identifier is selected as described in .  The same HEADERS frame can also
-                    cause a stream to immediately become "half closed".
-                  
-                  
-                    Sending a PUSH_PROMISE frame marks the associated stream for
-                    later use.  The stream state for the reserved stream transitions to "reserved
-                    (local)".
-                  
-                  
-                    Receiving a PUSH_PROMISE frame marks the associated stream as
-                    reserved by the remote peer.  The state of the stream becomes "reserved
-                    (remote)".
-                  
-                
-              
-              
-                Receiving any frames other than HEADERS or
-                PUSH_PROMISE on a stream in this state MUST be treated as a connection error of type
-                PROTOCOL_ERROR.
-              
-            
-
-            
-              
-                
-                A stream in the "reserved (local)" state is one that has been promised by sending a
-                PUSH_PROMISE frame.  A PUSH_PROMISE frame reserves an
-                idle stream by associating the stream with an open stream that was initiated by the
-                remote peer (see ).
-              
-              
-                In this state, only the following transitions are possible:
-                
-                  
-                    The endpoint can send a HEADERS frame.  This causes the stream to
-                    open in a "half closed (remote)" state.
-                  
-                  
-                    Either endpoint can send a RST_STREAM frame to cause the stream
-                    to become "closed".  This releases the stream reservation.
-                  
-                
-              
-              
-                An endpoint MUST NOT send any type of frame other than HEADERS or
-                RST_STREAM in this state.
-              
-              
-                A PRIORITY frame MAY be received in this state.  Receiving any type
-                of frame other than RST_STREAM or PRIORITY on a stream
-                in this state MUST be treated as a connection
-                error of type PROTOCOL_ERROR.
-              
-            
-
-            
-              
-                
-                A stream in the "reserved (remote)" state has been reserved by a remote peer.
-              
-              
-                In this state, only the following transitions are possible:
-                
-                  
-                    Receiving a HEADERS frame causes the stream to transition to
-                    "half closed (local)".
-                  
-                  
-                    Either endpoint can send a RST_STREAM frame to cause the stream
-                    to become "closed".  This releases the stream reservation.
-                  
-                
-              
-              
-                An endpoint MAY send a PRIORITY frame in this state to reprioritize
-                the reserved stream.  An endpoint MUST NOT send any type of frame other than
-                RST_STREAM, WINDOW_UPDATE, or PRIORITY
-                in this state.
-              
-              
-                Receiving any type of frame other than HEADERS or
-                RST_STREAM on a stream in this state MUST be treated as a connection error of type
-                PROTOCOL_ERROR.
-              
-            
-
-            
-              
-                
-                A stream in the "open" state may be used by both peers to send frames of any type.
-                In this state, sending peers observe advertised stream
-                level flow control limits.
-              
-              
-                From this state either endpoint can send a frame with an END_STREAM flag set, which
-                causes the stream to transition into one of the "half closed" states: an endpoint
-                sending an END_STREAM flag causes the stream state to become "half closed (local)";
-                an endpoint receiving an END_STREAM flag causes the stream state to become "half
-                closed (remote)".
-              
-              
-                Either endpoint can send a RST_STREAM frame from this state, causing
-                it to transition immediately to "closed".
-              
-            
-
-            
-              
-                
-                A stream that is in the "half closed (local)" state cannot be used for sending
-                frames.  Only WINDOW_UPDATE, PRIORITY and
-                RST_STREAM frames can be sent in this state.
-              
-              
-                A stream transitions from this state to "closed" when a frame that contains an
-                END_STREAM flag is received, or when either peer sends a RST_STREAM
-                frame.
-              
-              
-                A receiver can ignore WINDOW_UPDATE frames in this state, which might
-                arrive for a short period after a frame bearing the END_STREAM flag is sent.
-              
-              
-                PRIORITY frames received in this state are used to reprioritize
-                streams that depend on the current stream.
-              
-            
-
-            
-              
-                
-                A stream that is "half closed (remote)" is no longer being used by the peer to send
-                frames.  In this state, an endpoint is no longer obligated to maintain a receiver
-                flow control window if it performs flow control.
-              
-              
-                If an endpoint receives additional frames for a stream that is in this state, other
-                than WINDOW_UPDATE, PRIORITY or
-                RST_STREAM, it MUST respond with a stream error of type
-                STREAM_CLOSED.
-              
-              
-                A stream that is "half closed (remote)" can be used by the endpoint to send frames
-                of any type. In this state, the endpoint continues to observe advertised stream level flow control limits.
-              
-              
-                A stream can transition from this state to "closed" by sending a frame that contains
-                an END_STREAM flag, or when either peer sends a RST_STREAM frame.
-              
-            
-
-            
-              
-                
-                The "closed" state is the terminal state.
-              
-              
-                An endpoint MUST NOT send frames other than PRIORITY on a closed
-                stream.  An endpoint that receives any frame other than PRIORITY
-                after receiving a RST_STREAM MUST treat that as a stream error of type
-                STREAM_CLOSED.  Similarly, an endpoint that receives any frames after
-                receiving a frame with the END_STREAM flag set MUST treat that as a connection error of type
-                STREAM_CLOSED, unless the frame is permitted as described below.
-              
-              
-                WINDOW_UPDATE or RST_STREAM frames can be received in
-                this state for a short period after a DATA or HEADERS
-                frame containing an END_STREAM flag is sent.  Until the remote peer receives and
-                processes RST_STREAM or the frame bearing the END_STREAM flag, it
-                might send frames of these types.  Endpoints MUST ignore
-                WINDOW_UPDATE or RST_STREAM frames received in this
-                state, though endpoints MAY choose to treat frames that arrive a significant time
-                after sending END_STREAM as a connection
-                error of type PROTOCOL_ERROR.
-              
-              
-                PRIORITY frames can be sent on closed streams to prioritize streams
-                that are dependent on the closed stream.  Endpoints SHOULD process
-                PRIORITY frame, though they can be ignored if the stream has been
-                removed from the dependency tree (see ).
-              
-              
-                If this state is reached as a result of sending a RST_STREAM frame,
-                the peer that receives the RST_STREAM might have already sent - or
-                enqueued for sending - frames on the stream that cannot be withdrawn.  An endpoint
-                MUST ignore frames that it receives on closed streams after it has sent a
-                RST_STREAM frame.  An endpoint MAY choose to limit the period over
-                which it ignores frames and treat frames that arrive after this time as being in
-                error.
-              
-              
-                Flow controlled frames (i.e., DATA) received after sending
-                RST_STREAM are counted toward the connection flow control window.
-                Even though these frames might be ignored, because they are sent before the sender
-                receives the RST_STREAM, the sender will consider the frames to count
-                against the flow control window.
-              
-              
-                An endpoint might receive a PUSH_PROMISE frame after it sends
-                RST_STREAM.  PUSH_PROMISE causes a stream to become
-                "reserved" even if the associated stream has been reset.  Therefore, a
-                RST_STREAM is needed to close an unwanted promised stream.
-              
-            
-          
-        
-        
-          In the absence of more specific guidance elsewhere in this document, implementations
-          SHOULD treat the receipt of a frame that is not expressly permitted in the description of
-          a state as a connection error of type
-          PROTOCOL_ERROR.  Frame of unknown types are ignored.
-        
-        
-          An example of the state transitions for an HTTP request/response exchange can be found in
-          .  An example of the state transitions for server push can be
-          found in  and .
-        
-
-        
    
-          
-            Streams are identified with an unsigned 31-bit integer.  Streams initiated by a client
-            MUST use odd-numbered stream identifiers; those initiated by the server MUST use
-            even-numbered stream identifiers.  A stream identifier of zero (0x0) is used for
-            connection control messages; the stream identifier zero cannot be used to establish a
-            new stream.
-          
-          
-            HTTP/1.1 requests that are upgraded to HTTP/2 (see ) are
-            responded to with a stream identifier of one (0x1).  After the upgrade
-            completes, stream 0x1 is "half closed (local)" to the client.  Therefore, stream 0x1
-            cannot be selected as a new stream identifier by a client that upgrades from HTTP/1.1.
-          
-          
-            The identifier of a newly established stream MUST be numerically greater than all
-            streams that the initiating endpoint has opened or reserved.  This governs streams that
-            are opened using a HEADERS frame and streams that are reserved using
-            PUSH_PROMISE.  An endpoint that receives an unexpected stream identifier
-            MUST respond with a connection error of
-            type PROTOCOL_ERROR.
-          
-          
-            The first use of a new stream identifier implicitly closes all streams in the "idle"
-            state that might have been initiated by that peer with a lower-valued stream identifier.
-            For example, if a client sends a HEADERS frame on stream 7 without ever
-            sending a frame on stream 5, then stream 5 transitions to the "closed" state when the
-            first frame for stream 7 is sent or received.
-          
-          
-            Stream identifiers cannot be reused.  Long-lived connections can result in an endpoint
-            exhausting the available range of stream identifiers.  A client that is unable to
-            establish a new stream identifier can establish a new connection for new streams.  A
-            server that is unable to establish a new stream identifier can send a
-            GOAWAY frame so that the client is forced to open a new connection for
-            new streams.
-          
-        
    
-
-        
    
-          
-            A peer can limit the number of concurrently active streams using the
-            SETTINGS_MAX_CONCURRENT_STREAMS parameter (see ) within a SETTINGS frame. The maximum concurrent
-            streams setting is specific to each endpoint and applies only to the peer that receives
-            the setting. That is, clients specify the maximum number of concurrent streams the
-            server can initiate, and servers specify the maximum number of concurrent streams the
-            client can initiate.
-          
-          
-            Streams that are in the "open" state, or either of the "half closed" states count toward
-            the maximum number of streams that an endpoint is permitted to open.  Streams in any of
-            these three states count toward the limit advertised in the
-            SETTINGS_MAX_CONCURRENT_STREAMS setting.  Streams in either of the
-            "reserved" states do not count toward the stream limit.
-          
-          
-            Endpoints MUST NOT exceed the limit set by their peer.  An endpoint that receives a
-            HEADERS frame that causes their advertised concurrent stream limit to be
-            exceeded MUST treat this as a stream error.  An
-            endpoint that wishes to reduce the value of
-            SETTINGS_MAX_CONCURRENT_STREAMS to a value that is below the current
-            number of open streams can either close streams that exceed the new value or allow
-            streams to complete.
-          
-        
    
-      
    
-
-     
    
-        
-          Using streams for multiplexing introduces contention over use of the TCP connection,
-          resulting in blocked streams.  A flow control scheme ensures that streams on the same
-          connection do not destructively interfere with each other.  Flow control is used for both
-          individual streams and for the connection as a whole.
-        
-        
-          HTTP/2 provides for flow control through use of the WINDOW_UPDATE frame.
-        
-
-        
    
-          
-            HTTP/2 stream flow control aims to allow a variety of flow control algorithms to be
-            used without requiring protocol changes. Flow control in HTTP/2 has the following
-            characteristics:
-            
-              
-                Flow control is specific to a connection; i.e., it is "hop-by-hop", not
-                "end-to-end".
-              
-              
-                Flow control is based on window update frames.  Receivers advertise how many octets
-                they are prepared to receive on a stream and for the entire connection.  This is a
-                credit-based scheme.
-              
-              
-                Flow control is directional with overall control provided by the receiver.  A
-                receiver MAY choose to set any window size that it desires for each stream and for
-                the entire connection.  A sender MUST respect flow control limits imposed by a
-                receiver.  Clients, servers and intermediaries all independently advertise their
-                flow control window as a receiver and abide by the flow control limits set by
-                their peer when sending.
-              
-              
-                The initial value for the flow control window is 65,535 octets for both new streams
-                and the overall connection.
-              
-              
-                The frame type determines whether flow control applies to a frame.  Of the frames
-                specified in this document, only DATA frames are subject to flow
-                control; all other frame types do not consume space in the advertised flow control
-                window.  This ensures that important control frames are not blocked by flow control.
-              
-              
-                Flow control cannot be disabled.
-              
-              
-                HTTP/2 defines only the format and semantics of the WINDOW_UPDATE
-                frame ().  This document does not stipulate how a
-                receiver decides when to send this frame or the value that it sends, nor does it
-                specify how a sender chooses to send packets.  Implementations are able to select
-                any algorithm that suits their needs.
-              
-            
-          
-          
-            Implementations are also responsible for managing how requests and responses are sent
-            based on priority; choosing how to avoid head of line blocking for requests; and
-            managing the creation of new streams.  Algorithm choices for these could interact with
-            any flow control algorithm.
-          
-        
    
-
-        
    
-          
-            Flow control is defined to protect endpoints that are operating under resource
-            constraints.  For example, a proxy needs to share memory between many connections, and
-            also might have a slow upstream connection and a fast downstream one.  Flow control
-            addresses cases where the receiver is unable process data on one stream, yet wants to
-            continue to process other streams in the same connection.
-          
-          
-            Deployments that do not require this capability can advertise a flow control window of
-            the maximum size, incrementing the available space when new data is received.  This
-            effectively disables flow control for that receiver.  Conversely, a sender is always
-            subject to the flow control window advertised by the receiver.
-          
-          
-            Deployments with constrained resources (for example, memory) can employ flow control to
-            limit the amount of memory a peer can consume.  Note, however, that this can lead to
-            suboptimal use of available network resources if flow control is enabled without
-            knowledge of the bandwidth-delay product (see ).
-          
-          
-            Even with full awareness of the current bandwidth-delay product, implementation of flow
-            control can be difficult.  When using flow control, the receiver MUST read from the TCP
-            receive buffer in a timely fashion.  Failure to do so could lead to a deadlock when
-            critical frames, such as WINDOW_UPDATE, are not read and acted upon.
-          
-        
    
-      
    
-
-      
    
-        
-          A client can assign a priority for a new stream by including prioritization information in
-          the HEADERS frame that opens the stream.  For an existing
-          stream, the PRIORITY frame can be used to change the
-          priority.
-        
-        
-          The purpose of prioritization is to allow an endpoint to express how it would prefer its
-          peer allocate resources when managing concurrent streams.  Most importantly, priority can
-          be used to select streams for transmitting frames when there is limited capacity for
-          sending.
-        
-        
-          Streams can be prioritized by marking them as dependent on the completion of other streams
-          ().  Each dependency is assigned a relative weight, a number
-          that is used to determine the relative proportion of available resources that are assigned
-          to streams dependent on the same stream.
-        
-        
-        
-          Explicitly setting the priority for a stream is input to a prioritization process.  It
-          does not guarantee any particular processing or transmission order for the stream relative
-          to any other stream.  An endpoint cannot force a peer to process concurrent streams in a
-          particular order using priority.  Expressing priority is therefore only ever a suggestion.
-        
-        
-          Providing prioritization information is optional, so default values are used if no
-          explicit indicator is provided ().
-        
-
-        
    
-          
-            Each stream can be given an explicit dependency on another stream.  Including a
-            dependency expresses a preference to allocate resources to the identified stream rather
-            than to the dependent stream.
-          
-          
-            A stream that is not dependent on any other stream is given a stream dependency of 0x0.
-            In other words, the non-existent stream 0 forms the root of the tree.
-          
-          
-            A stream that depends on another stream is a dependent stream. The stream upon which a
-            stream is dependent is a parent stream. A dependency on a stream that is not currently
-            in the tree - such as a stream in the "idle" state - results in that stream being given
-            a default priority.
-          
-          
-            When assigning a dependency on another stream, the stream is added as a new dependency
-            of the parent stream.  Dependent streams that share the same parent are not ordered with
-            respect to each other.  For example, if streams B and C are dependent on stream A, and
-            if stream D is created with a dependency on stream A, this results in a dependency order
-            of A followed by B, C, and D in any order.
-          
-          
    
-                  /|\
-  B   C             B D C
-]]>
-          
    
-          
-            An exclusive flag allows for the insertion of a new level of dependencies.  The
-            exclusive flag causes the stream to become the sole dependency of its parent stream,
-            causing other dependencies to become dependent on the exclusive stream.  In the
-            previous example, if stream D is created with an exclusive dependency on stream A, this
-            results in D becoming the dependency parent of B and C.
-          
-          
    
-                   D
-  B   C              / \
-                    B   C
-]]>
-          
    
-          
-            Inside the dependency tree, a dependent stream SHOULD only be allocated resources if all
-            of the streams that it depends on (the chain of parent streams up to 0x0) are either
-            closed, or it is not possible to make progress on them.
-          
-          
-            A stream cannot depend on itself.  An endpoint MUST treat this as a stream error of type PROTOCOL_ERROR.
-          
-        
    
-
-        
    
-          
-            All dependent streams are allocated an integer weight between 1 and 256 (inclusive).
-          
-          
-            Streams with the same parent SHOULD be allocated resources proportionally based on their
-            weight.  Thus, if stream B depends on stream A with weight 4, and C depends on stream A
-            with weight 12, and if no progress can be made on A, stream B ideally receives one third
-            of the resources allocated to stream C.
-          
-        
    
-
-        
    
-          
-            Stream priorities are changed using the PRIORITY frame.  Setting a
-            dependency causes a stream to become dependent on the identified parent stream.
-          
-          
-            Dependent streams move with their parent stream if the parent is reprioritized.  Setting
-            a dependency with the exclusive flag for a reprioritized stream moves all the
-            dependencies of the new parent stream to become dependent on the reprioritized stream.
-          
-          
-            If a stream is made dependent on one of its own dependencies, the formerly dependent
-            stream is first moved to be dependent on the reprioritized stream's previous parent.
-            The moved dependency retains its weight.
-          
-          
    
-            
-              For example, consider an original dependency tree where B and C depend on A, D and E
-              depend on C, and F depends on D.  If A is made dependent on D, then D takes the place
-              of A.  All other dependency relationships stay the same, except for F, which becomes
-              dependent on A if the reprioritization is exclusive.
-            
-              F   B   C   ==>    F   A       OR      A
-     / \                 |             / \             /|\
-    D   E                E            B   C           B C F
-    |                                     |             |
-    F                                     E             E
-               (intermediate)   (non-exclusive)    (exclusive)
-]]>
-          
    
-        
    
-
-        
    
-          
-            When a stream is removed from the dependency tree, its dependencies can be moved to
-            become dependent on the parent of the closed stream.  The weights of new dependencies
-            are recalculated by distributing the weight of the dependency of the closed stream
-            proportionally based on the weights of its dependencies.
-          
-          
-            Streams that are removed from the dependency tree cause some prioritization information
-            to be lost.  Resources are shared between streams with the same parent stream, which
-            means that if a stream in that set closes or becomes blocked, any spare capacity
-            allocated to a stream is distributed to the immediate neighbors of the stream.  However,
-            if the common dependency is removed from the tree, those streams share resources with
-            streams at the next highest level.
-          
-          
-            For example, assume streams A and B share a parent, and streams C and D both depend on
-            stream A. Prior to the removal of stream A, if streams A and D are unable to proceed,
-            then stream C receives all the resources dedicated to stream A.  If stream A is removed
-            from the tree, the weight of stream A is divided between streams C and D.  If stream D
-            is still unable to proceed, this results in stream C receiving a reduced proportion of
-            resources.  For equal starting weights, C receives one third, rather than one half, of
-            available resources.
-          
-          
-            It is possible for a stream to become closed while prioritization information that
-            creates a dependency on that stream is in transit.  If a stream identified in a
-            dependency has no associated priority information, then the dependent stream is instead
-            assigned a default priority.  This potentially creates
-            suboptimal prioritization, since the stream could be given a priority that is different
-            to what is intended.
-          
-          
-            To avoid these problems, an endpoint SHOULD retain stream prioritization state for a
-            period after streams become closed.  The longer state is retained, the lower the chance
-            that streams are assigned incorrect or default priority values.
-          
-          
-            This could create a large state burden for an endpoint, so this state MAY be limited.
-            An endpoint MAY apply a fixed upper limit on the number of closed streams for which
-            prioritization state is tracked to limit state exposure.  The amount of additional state
-            an endpoint maintains could be dependent on load; under high load, prioritization state
-            can be discarded to limit resource commitments.  In extreme cases, an endpoint could
-            even discard prioritization state for active or reserved streams. If a fixed limit is
-            applied, endpoints SHOULD maintain state for at least as many streams as allowed by
-            their setting for SETTINGS_MAX_CONCURRENT_STREAMS.
-          
-          
-            An endpoint receiving a PRIORITY frame that changes the priority of a
-            closed stream SHOULD alter the dependencies of the streams that depend on it, if it has
-            retained enough state to do so.
-          
-        
    
-
-        
    
-          
-            Providing priority information is optional.  Streams are assigned a non-exclusive
-            dependency on stream 0x0 by default.  Pushed streams
-            initially depend on their associated stream.  In both cases, streams are assigned a
-            default weight of 16.
-          
-        
    
-      
    
-
-      
    
-        
-          HTTP/2 framing permits two classes of error:
-          
-            
-              An error condition that renders the entire connection unusable is a connection error.
-            
-            
-              An error in an individual stream is a stream error.
-            
-          
-        
-        
-          A list of error codes is included in .
-        
-
-        
    
-          
-            A connection error is any error which prevents further processing of the framing layer,
-            or which corrupts any connection state.
-          
-          
-            An endpoint that encounters a connection error SHOULD first send a GOAWAY
-            frame () with the stream identifier of the last stream that it
-            successfully received from its peer.  The GOAWAY frame includes an error
-            code that indicates why the connection is terminating.  After sending the
-            GOAWAY frame, the endpoint MUST close the TCP connection.
-          
-          
-            It is possible that the GOAWAY will not be reliably received by the
-            receiving endpoint (see ).  In the event of a connection error,
-            GOAWAY only provides a best effort attempt to communicate with the peer
-            about why the connection is being terminated.
-          
-          
-            An endpoint can end a connection at any time.  In particular, an endpoint MAY choose to
-            treat a stream error as a connection error.  Endpoints SHOULD send a
-            GOAWAY frame when ending a connection, providing that circumstances
-            permit it.
-          
-        
    
-
-        
    
-          
-            A stream error is an error related to a specific stream that does not affect processing
-            of other streams.
-          
-          
-            An endpoint that detects a stream error sends a RST_STREAM frame () that contains the stream identifier of the stream where the error
-            occurred.  The RST_STREAM frame includes an error code that indicates the
-            type of error.
-          
-          
-            A RST_STREAM is the last frame that an endpoint can send on a stream.
-            The peer that sends the RST_STREAM frame MUST be prepared to receive any
-            frames that were sent or enqueued for sending by the remote peer.  These frames can be
-            ignored, except where they modify connection state (such as the state maintained for
-            header compression, or flow control).
-          
-          
-            Normally, an endpoint SHOULD NOT send more than one RST_STREAM frame for
-            any stream. However, an endpoint MAY send additional RST_STREAM frames if
-            it receives frames on a closed stream after more than a round-trip time.  This behavior
-            is permitted to deal with misbehaving implementations.
-          
-          
-            An endpoint MUST NOT send a RST_STREAM in response to an
-            RST_STREAM frame, to avoid looping.
-          
-        
    
-
-        
    
-          
-            If the TCP connection is closed or reset while streams remain in open or half closed
-            states, then the endpoint MUST assume that those streams were abnormally interrupted and
-            could be incomplete.
-          
-        
    
-      
    
-
-      
    
-        
-          HTTP/2 permits extension of the protocol.  Protocol extensions can be used to provide
-          additional services or alter any aspect of the protocol, within the limitations described
-          in this section.  Extensions are effective only within the scope of a single HTTP/2
-          connection.
-        
-        
-          Extensions are permitted to use new frame types, new
-          settings, or new error
-          codes.  Registries are established for managing these extension points: frame types, settings and
-          error codes.
-        
-        
-          Implementations MUST ignore unknown or unsupported values in all extensible protocol
-          elements.  Implementations MUST discard frames that have unknown or unsupported types.
-          This means that any of these extension points can be safely used by extensions without
-          prior arrangement or negotiation.  However, extension frames that appear in the middle of
-          a header block are not permitted; these MUST be treated
-          as a connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          However, extensions that could change the semantics of existing protocol components MUST
-          be negotiated before being used.  For example, an extension that changes the layout of the
-          HEADERS frame cannot be used until the peer has given a positive signal
-          that this is acceptable.  In this case, it could also be necessary to coordinate when the
-          revised layout comes into effect.  Note that treating any frame other than
-          DATA frames as flow controlled is such a change in semantics, and can only
-          be done through negotiation.
-        
-        
-          This document doesn't mandate a specific method for negotiating the use of an extension,
-          but notes that a setting could be used for that
-          purpose.  If both peers set a value that indicates willingness to use the extension, then
-          the extension can be used.  If a setting is used for extension negotiation, the initial
-          value MUST be defined so that the extension is initially disabled.
-        
-      
    
-    
    
-
-    
    
-      
-        This specification defines a number of frame types, each identified by a unique 8-bit type
-        code. Each frame type serves a distinct purpose either in the establishment and management
-        of the connection as a whole, or of individual streams.
-      
-      
-        The transmission of specific frame types can alter the state of a connection. If endpoints
-        fail to maintain a synchronized view of the connection state, successful communication
-        within the connection will no longer be possible. Therefore, it is important that endpoints
-        have a shared comprehension of how the state is affected by the use any given frame.
-      
-
-      
    
-        
-          DATA frames (type=0x0) convey arbitrary, variable-length sequences of octets associated
-          with a stream. One or more DATA frames are used, for instance, to carry HTTP request or
-          response payloads.
-        
-        
-          DATA frames MAY also contain arbitrary padding.  Padding can be added to DATA frames to
-          obscure the size of messages.
-        
-        
    
-          
-        
    
-        
-          The DATA frame contains the following fields:
-          
-            
-              An 8-bit field containing the length of the frame padding in units of octets.  This
-              field is optional and is only present if the PADDED flag is set.
-            
-            
-              Application data.  The amount of data is the remainder of the frame payload after
-              subtracting the length of the other fields that are present.
-            
-            
-              Padding octets that contain no application semantic value.  Padding octets MUST be set
-              to zero when sending and ignored when receiving.
-            
-          
-        
-
-        
-          The DATA frame defines the following flags:
-          
-            
-              Bit 1 being set indicates that this frame is the last that the endpoint will send for
-              the identified stream.  Setting this flag causes the stream to enter one of the "half closed" states or the "closed" state.
-            
-            
-              Bit 4 being set indicates that the Pad Length field and any padding that it describes
-              is present.
-            
-          
-        
-        
-          DATA frames MUST be associated with a stream. If a DATA frame is received whose stream
-          identifier field is 0x0, the recipient MUST respond with a connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          DATA frames are subject to flow control and can only be sent when a stream is in the
-          "open" or "half closed (remote)" states. The entire DATA frame payload is included in flow
-          control, including Pad Length and Padding fields if present.  If a DATA frame is received
-          whose stream is not in "open" or "half closed (local)" state, the recipient MUST respond
-          with a stream error of type
-          STREAM_CLOSED.
-        
-        
-          The total number of padding octets is determined by the value of the Pad Length field. If
-          the length of the padding is greater than the length of the frame payload, the recipient
-          MUST treat this as a connection error of
-          type PROTOCOL_ERROR.
-          
-            
-              A frame can be increased in size by one octet by including a Pad Length field with a
-              value of zero.
-            
-          
-        
-        
-          Padding is a security feature; see .
-        
-      
    
-
-      
    
-        
-          The HEADERS frame (type=0x1) is used to open a stream,
-          and additionally carries a header block fragment. HEADERS frames can be sent on a stream
-          in the "open" or "half closed (remote)" states.
-        
-        
    
-          
-        
    
-        
-          The HEADERS frame payload has the following fields:
-          
-            
-              An 8-bit field containing the length of the frame padding in units of octets.  This
-              field is only present if the PADDED flag is set.
-            
-            
-              A single bit flag indicates that the stream dependency is exclusive, see .  This field is only present if the PRIORITY flag is set.
-            
-            
-              A 31-bit stream identifier for the stream that this stream depends on, see .  This field is only present if the PRIORITY flag is set.
-            
-            
-              An 8-bit weight for the stream, see .  Add one to the
-              value to obtain a weight between 1 and 256.  This field is only present if the
-              PRIORITY flag is set.
-            
-            
-              A header block fragment.
-            
-            
-              Padding octets that contain no application semantic value.  Padding octets MUST be set
-              to zero when sending and ignored when receiving.
-            
-          
-        
-
-        
-          The HEADERS frame defines the following flags:
-          
-            
-              
-                Bit 1 being set indicates that the header block is
-                the last that the endpoint will send for the identified stream.  Setting this flag
-                causes the stream to enter one of "half closed"
-                states.
-              
-              
-                A HEADERS frame carries the END_STREAM flag that signals the end of a stream.
-                However, a HEADERS frame with the END_STREAM flag set can be followed by
-                CONTINUATION frames on the same stream.  Logically, the
-                CONTINUATION frames are part of the HEADERS frame.
-              
-            
-            
-              
-                Bit 3 being set indicates that this frame contains an entire header block and is not followed by any
-                CONTINUATION frames.
-              
-              
-                A HEADERS frame without the END_HEADERS flag set MUST be followed by a
-                CONTINUATION frame for the same stream.  A receiver MUST treat the
-                receipt of any other type of frame or a frame on a different stream as a connection error of type
-                PROTOCOL_ERROR.
-              
-            
-            
-              
-                Bit 4 being set indicates that the Pad Length field and any padding that it
-                describes is present.
-              
-            
-            
-              
-                Bit 6 being set indicates that the Exclusive Flag (E), Stream Dependency, and Weight
-                fields are present; see .
-              
-            
-          
-        
-
-        
-          The payload of a HEADERS frame contains a header block
-          fragment.  A header block that does not fit within a HEADERS frame is continued in
-          a CONTINUATION frame.
-        
-
-        
-          HEADERS frames MUST be associated with a stream. If a HEADERS frame is received whose
-          stream identifier field is 0x0, the recipient MUST respond with a connection error of type
-          PROTOCOL_ERROR.
-        
-
-        
-          The HEADERS frame changes the connection state as described in .
-        
-
-        
-          The HEADERS frame includes optional padding.  Padding fields and flags are identical to
-          those defined for DATA frames.
-        
-        
-          Prioritization information in a HEADERS frame is logically equivalent to a separate
-          PRIORITY frame, but inclusion in HEADERS avoids the potential for churn in
-          stream prioritization when new streams are created.  Priorization fields in HEADERS frames
-          subsequent to the first on a stream reprioritize the
-          stream.
-        
-      
    
-
-      
    
-        
-          The PRIORITY frame (type=0x2) specifies the sender-advised
-          priority of a stream.  It can be sent at any time for an existing stream, including
-          closed streams.  This enables reprioritization of existing streams.
-        
-        
    
-          
-        
    
-        
-          The payload of a PRIORITY frame contains the following fields:
-          
-            
-              A single bit flag indicates that the stream dependency is exclusive, see .
-            
-            
-              A 31-bit stream identifier for the stream that this stream depends on, see .
-            
-            
-              An 8-bit weight for the identified stream dependency, see .  Add one to the value to obtain a weight between 1 and 256.
-            
-          
-        
-
-        
-          The PRIORITY frame does not define any flags.
-        
-
-        
-          The PRIORITY frame is associated with an existing stream. If a PRIORITY frame is received
-          with a stream identifier of 0x0, the recipient MUST respond with a connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          The PRIORITY frame can be sent on a stream in any of the "reserved (remote)", "open",
-          "half closed (local)", "half closed (remote)", or "closed" states, though it cannot be
-          sent between consecutive frames that comprise a single header
-          block.  Note that this frame could arrive after processing or frame sending has
-          completed, which would cause it to have no effect on the current stream.  For a stream
-          that is in the "half closed (remote)" or "closed" - state, this frame can only affect
-          processing of the current stream and not frame transmission.
-        
-        
-          The PRIORITY frame is the only frame that can be sent for a stream in the "closed" state.
-          This allows for the reprioritization of a group of dependent streams by altering the
-          priority of a parent stream, which might be closed.  However, a PRIORITY frame sent on a
-          closed stream risks being ignored due to the peer having discarded priority state
-          information for that stream.
-        
-      
    
-
-      
    
-        
-          The RST_STREAM frame (type=0x3) allows for abnormal termination of a stream.  When sent by
-          the initiator of a stream, it indicates that they wish to cancel the stream or that an
-          error condition has occurred.  When sent by the receiver of a stream, it indicates that
-          either the receiver is rejecting the stream, requesting that the stream be cancelled, or
-          that an error condition has occurred.
-        
-        
    
-          
-        
    
-
-        
-          The RST_STREAM frame contains a single unsigned, 32-bit integer identifying the error code.  The error code indicates why the stream is being
-          terminated.
-        
-
-        
-          The RST_STREAM frame does not define any flags.
-        
-
-        
-          The RST_STREAM frame fully terminates the referenced stream and causes it to enter the
-          closed state. After receiving a RST_STREAM on a stream, the receiver MUST NOT send
-          additional frames for that stream, with the exception of PRIORITY. However,
-          after sending the RST_STREAM, the sending endpoint MUST be prepared to receive and process
-          additional frames sent on the stream that might have been sent by the peer prior to the
-          arrival of the RST_STREAM.
-        
-
-        
-          RST_STREAM frames MUST be associated with a stream.  If a RST_STREAM frame is received
-          with a stream identifier of 0x0, the recipient MUST treat this as a connection error of type
-          PROTOCOL_ERROR.
-        
-
-        
-          RST_STREAM frames MUST NOT be sent for a stream in the "idle" state.  If a RST_STREAM
-          frame identifying an idle stream is received, the recipient MUST treat this as a connection error of type
-          PROTOCOL_ERROR.
-        
-
-      
    
-
-      
    
-        
-          The SETTINGS frame (type=0x4) conveys configuration parameters that affect how endpoints
-          communicate, such as preferences and constraints on peer behavior.  The SETTINGS frame is
-          also used to acknowledge the receipt of those parameters.  Individually, a SETTINGS
-          parameter can also be referred to as a "setting".
-        
-        
-          SETTINGS parameters are not negotiated; they describe characteristics of the sending peer,
-          which are used by the receiving peer. Different values for the same parameter can be
-          advertised by each peer. For example, a client might set a high initial flow control
-          window, whereas a server might set a lower value to conserve resources.
-        
-
-        
-          A SETTINGS frame MUST be sent by both endpoints at the start of a connection, and MAY be
-          sent at any other time by either endpoint over the lifetime of the connection.
-          Implementations MUST support all of the parameters defined by this specification.
-        
-
-        
-          Each parameter in a SETTINGS frame replaces any existing value for that parameter.
-          Parameters are processed in the order in which they appear, and a receiver of a SETTINGS
-          frame does not need to maintain any state other than the current value of its
-          parameters. Therefore, the value of a SETTINGS parameter is the last value that is seen by
-          a receiver.
-        
-        
-          SETTINGS parameters are acknowledged by the receiving peer. To enable this, the SETTINGS
-          frame defines the following flag:
-          
-            
-              Bit 1 being set indicates that this frame acknowledges receipt and application of the
-              peer's SETTINGS frame.  When this bit is set, the payload of the SETTINGS frame MUST
-              be empty.  Receipt of a SETTINGS frame with the ACK flag set and a length field value
-              other than 0 MUST be treated as a connection
-              error of type FRAME_SIZE_ERROR.  For more info, see Settings Synchronization.
-            
-          
-        
-        
-          SETTINGS frames always apply to a connection, never a single stream.  The stream
-          identifier for a SETTINGS frame MUST be zero (0x0). If an endpoint receives a SETTINGS
-          frame whose stream identifier field is anything other than 0x0, the endpoint MUST respond
-          with a connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          The SETTINGS frame affects connection state.  A badly formed or incomplete SETTINGS frame
-          MUST be treated as a connection error of type
-          PROTOCOL_ERROR.
-        
-
-        
    
-          
-            The payload of a SETTINGS frame consists of zero or more parameters, each consisting of
-            an unsigned 16-bit setting identifier and an unsigned 32-bit value.
-          
-
-          
    
-            
-          
    
-        
    
-
-        
    
-          
-            The following parameters are defined:
-            
-              
-                
-                  Allows the sender to inform the remote endpoint of the maximum size of the header
-                  compression table used to decode header blocks, in octets. The encoder can select
-                  any size equal to or less than this value by using signaling specific to the
-                  header compression format inside a header block. The initial value is 4,096
-                  octets.
-                
-              
-              
-                
-                  This setting can be use to disable server
-                  push. An endpoint MUST NOT send a PUSH_PROMISE frame if it
-                  receives this parameter set to a value of 0. An endpoint that has both set this
-                  parameter to 0 and had it acknowledged MUST treat the receipt of a
-                  PUSH_PROMISE frame as a connection error of type
-                  PROTOCOL_ERROR.
-                
-                
-                  The initial value is 1, which indicates that server push is permitted.  Any value
-                  other than 0 or 1 MUST be treated as a connection error of type
-                  PROTOCOL_ERROR.
-                
-              
-              
-                
-                  Indicates the maximum number of concurrent streams that the sender will allow.
-                  This limit is directional: it applies to the number of streams that the sender
-                  permits the receiver to create. Initially there is no limit to this value.  It is
-                  recommended that this value be no smaller than 100, so as to not unnecessarily
-                  limit parallelism.
-                
-                
-                  A value of 0 for SETTINGS_MAX_CONCURRENT_STREAMS SHOULD NOT be treated as special
-                  by endpoints.  A zero value does prevent the creation of new streams, however this
-                  can also happen for any limit that is exhausted with active streams.  Servers
-                  SHOULD only set a zero value for short durations; if a server does not wish to
-                  accept requests, closing the connection could be preferable.
-                
-              
-              
-                
-                  Indicates the sender's initial window size (in octets) for stream level flow
-                  control.  The initial value is 216-1 (65,535) octets.
-                
-                
-                  This setting affects the window size of all streams, including existing streams,
-                  see .
-                
-                
-                  Values above the maximum flow control window size of 231-1 MUST
-                  be treated as a connection error of
-                  type FLOW_CONTROL_ERROR.
-                
-              
-              
-                
-                  Indicates the size of the largest frame payload that the sender is willing to
-                  receive, in octets.
-                
-                
-                  The initial value is 214 (16,384) octets.  The value advertised by
-                  an endpoint MUST be between this initial value and the maximum allowed frame size
-                  (224-1 or 16,777,215 octets), inclusive.  Values outside this range
-                  MUST be treated as a connection error
-                  of type PROTOCOL_ERROR.
-                
-              
-              
-                
-                  This advisory setting informs a peer of the maximum size of header list that the
-                  sender is prepared to accept, in octets. The value is based on the uncompressed
-                  size of header fields, including the length of the name and value in octets plus
-                  an overhead of 32 octets for each header field.
-                
-                
-                  For any given request, a lower limit than what is advertised MAY be enforced.  The
-                  initial value of this setting is unlimited.
-                
-              
-            
-          
-          
-            An endpoint that receives a SETTINGS frame with any unknown or unsupported identifier
-            MUST ignore that setting.
-          
-        
    
-
-        
    
-          
-            Most values in SETTINGS benefit from or require an understanding of when the peer has
-            received and applied the changed parameter values. In order to provide
-            such synchronization timepoints, the recipient of a SETTINGS frame in which the ACK flag
-            is not set MUST apply the updated parameters as soon as possible upon receipt.
-          
-          
-            The values in the SETTINGS frame MUST be processed in the order they appear, with no
-            other frame processing between values.  Unsupported parameters MUST be ignored.  Once
-            all values have been processed, the recipient MUST immediately emit a SETTINGS frame
-            with the ACK flag set. Upon receiving a SETTINGS frame with the ACK flag set, the sender
-            of the altered parameters can rely on the setting having been applied.
-          
-          
-            If the sender of a SETTINGS frame does not receive an acknowledgement within a
-            reasonable amount of time, it MAY issue a connection error of type
-            SETTINGS_TIMEOUT.
-          
-        
    
-      
    
-
-      
    
-        
-          The PUSH_PROMISE frame (type=0x5) is used to notify the peer endpoint in advance of
-          streams the sender intends to initiate.  The PUSH_PROMISE frame includes the unsigned
-          31-bit identifier of the stream the endpoint plans to create along with a set of headers
-          that provide additional context for the stream.   contains a
-          thorough description of the use of PUSH_PROMISE frames.
-        
-
-        
    
-          
-        
    
-        
-          The PUSH_PROMISE frame payload has the following fields:
-          
-            
-              An 8-bit field containing the length of the frame padding in units of octets.  This
-              field is only present if the PADDED flag is set.
-            
-            
-              A single reserved bit.
-            
-            
-              An unsigned 31-bit integer that identifies the stream that is reserved by the
-              PUSH_PROMISE.  The promised stream identifier MUST be a valid choice for the next
-              stream sent by the sender (see new stream
-              identifier).
-            
-            
-              A header block fragment containing request header
-              fields.
-            
-            
-              Padding octets.
-            
-          
-        
-
-        
-          The PUSH_PROMISE frame defines the following flags:
-          
-            
-              
-                Bit 3 being set indicates that this frame contains an entire header block and is not followed by any
-                CONTINUATION frames.
-              
-              
-                A PUSH_PROMISE frame without the END_HEADERS flag set MUST be followed by a
-                CONTINUATION frame for the same stream.  A receiver MUST treat the receipt of any
-                other type of frame or a frame on a different stream as a connection error of type
-                PROTOCOL_ERROR.
-              
-            
-            
-              
-                Bit 4 being set indicates that the Pad Length field and any padding that it
-                describes is present.
-              
-            
-          
-        
-
-        
-          PUSH_PROMISE frames MUST be associated with an existing, peer-initiated stream. The stream
-          identifier of a PUSH_PROMISE frame indicates the stream it is associated with.  If the
-          stream identifier field specifies the value 0x0, a recipient MUST respond with a connection error of type
-          PROTOCOL_ERROR.
-        
-
-        
-          Promised streams are not required to be used in the order they are promised.  The
-          PUSH_PROMISE only reserves stream identifiers for later use.
-        
-
-        
-          PUSH_PROMISE MUST NOT be sent if the SETTINGS_ENABLE_PUSH setting of the
-          peer endpoint is set to 0.  An endpoint that has set this setting and has received
-          acknowledgement MUST treat the receipt of a PUSH_PROMISE frame as a connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          Recipients of PUSH_PROMISE frames can choose to reject promised streams by returning a
-          RST_STREAM referencing the promised stream identifier back to the sender of
-          the PUSH_PROMISE.
-        
-
-       
-          A PUSH_PROMISE frame modifies the connection state in two ways.  The inclusion of a header block potentially modifies the state maintained for
-          header compression.  PUSH_PROMISE also reserves a stream for later use, causing the
-          promised stream to enter the "reserved" state.  A sender MUST NOT send a PUSH_PROMISE on a
-          stream unless that stream is either "open" or "half closed (remote)"; the sender MUST
-          ensure that the promised stream is a valid choice for a new stream identifier (that is, the promised stream MUST
-          be in the "idle" state).
-        
-        
-          Since PUSH_PROMISE reserves a stream, ignoring a PUSH_PROMISE frame causes the stream
-          state to become indeterminate.  A receiver MUST treat the receipt of a PUSH_PROMISE on a
-          stream that is neither "open" nor "half closed (local)" as a connection error of type
-          PROTOCOL_ERROR.  However, an endpoint that has sent
-          RST_STREAM on the associated stream MUST handle PUSH_PROMISE frames that
-          might have been created before the RST_STREAM frame is received and
-          processed.
-        
-        
-          A receiver MUST treat the receipt of a PUSH_PROMISE that promises an illegal stream identifier (that is, an identifier for a
-          stream that is not currently in the "idle" state) as a connection error of type
-          PROTOCOL_ERROR.
-        
-
-        
-          The PUSH_PROMISE frame includes optional padding.  Padding fields and flags are identical
-          to those defined for DATA frames.
-        
-      
    
-
-      
    
-        
-          The PING frame (type=0x6) is a mechanism for measuring a minimal round trip time from the
-          sender, as well as determining whether an idle connection is still functional.  PING
-          frames can be sent from any endpoint.
-        
-        
    
-          
-        
    
-
-        
-          In addition to the frame header, PING frames MUST contain 8 octets of data in the payload.
-          A sender can include any value it chooses and use those bytes in any fashion.
-        
-        
-          Receivers of a PING frame that does not include an ACK flag MUST send a PING frame with
-          the ACK flag set in response, with an identical payload.  PING responses SHOULD be given
-          higher priority than any other frame.
-        
-
-        
-          The PING frame defines the following flags:
-          
-            
-              Bit 1 being set indicates that this PING frame is a PING response.  An endpoint MUST
-              set this flag in PING responses.  An endpoint MUST NOT respond to PING frames
-              containing this flag.
-            
-          
-        
-        
-          PING frames are not associated with any individual stream. If a PING frame is received
-          with a stream identifier field value other than 0x0, the recipient MUST respond with a
-          connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          Receipt of a PING frame with a length field value other than 8 MUST be treated as a connection error of type
-          FRAME_SIZE_ERROR.
-        
-
-      
    
-
-      
    
-        
-          The GOAWAY frame (type=0x7) informs the remote peer to stop creating streams on this
-          connection.  GOAWAY can be sent by either the client or the server.  Once sent, the sender
-          will ignore frames sent on any new streams with identifiers higher than the included last
-          stream identifier.  Receivers of a GOAWAY frame MUST NOT open additional streams on the
-          connection, although a new connection can be established for new streams.
-        
-        
-          The purpose of this frame is to allow an endpoint to gracefully stop accepting new
-          streams, while still finishing processing of previously established streams.  This enables
-          administrative actions, like server maintainance.
-        
-        
-          There is an inherent race condition between an endpoint starting new streams and the
-          remote sending a GOAWAY frame.  To deal with this case, the GOAWAY contains the stream
-          identifier of the last peer-initiated stream which was or might be processed on the
-          sending endpoint in this connection.  For instance, if the server sends a GOAWAY frame,
-          the identified stream is the highest numbered stream initiated by the client.
-        
-        
-          If the receiver of the GOAWAY has sent data on streams with a higher stream identifier
-          than what is indicated in the GOAWAY frame, those streams are not or will not be
-          processed.  The receiver of the GOAWAY frame can treat the streams as though they had
-          never been created at all, thereby allowing those streams to be retried later on a new
-          connection.
-        
-        
-          Endpoints SHOULD always send a GOAWAY frame before closing a connection so that the remote
-          can know whether a stream has been partially processed or not.  For example, if an HTTP
-          client sends a POST at the same time that a server closes a connection, the client cannot
-          know if the server started to process that POST request if the server does not send a
-          GOAWAY frame to indicate what streams it might have acted on.
-        
-        
-          An endpoint might choose to close a connection without sending GOAWAY for misbehaving
-          peers.
-        
-
-        
    
-          
-        
    
-        
-          The GOAWAY frame does not define any flags.
-        
-        
-          The GOAWAY frame applies to the connection, not a specific stream.  An endpoint MUST treat
-          a GOAWAY frame with a stream identifier other than 0x0 as a connection error of type
-          PROTOCOL_ERROR.
-        
-        
-          The last stream identifier in the GOAWAY frame contains the highest numbered stream
-          identifier for which the sender of the GOAWAY frame might have taken some action on, or
-          might yet take action on.  All streams up to and including the identified stream might
-          have been processed in some way.  The last stream identifier can be set to 0 if no streams
-          were processed.
-          
-            
-              In this context, "processed" means that some data from the stream was passed to some
-              higher layer of software that might have taken some action as a result.
-            
-          
-          If a connection terminates without a GOAWAY frame, the last stream identifier is
-          effectively the highest possible stream identifier.
-        
-        
-          On streams with lower or equal numbered identifiers that were not closed completely prior
-          to the connection being closed, re-attempting requests, transactions, or any protocol
-          activity is not possible, with the exception of idempotent actions like HTTP GET, PUT, or
-          DELETE.  Any protocol activity that uses higher numbered streams can be safely retried
-          using a new connection.
-        
-        
-          Activity on streams numbered lower or equal to the last stream identifier might still
-          complete successfully.  The sender of a GOAWAY frame might gracefully shut down a
-          connection by sending a GOAWAY frame, maintaining the connection in an open state until
-          all in-progress streams complete.
-        
-        
-          An endpoint MAY send multiple GOAWAY frames if circumstances change.  For instance, an
-          endpoint that sends GOAWAY with NO_ERROR during graceful shutdown could
-          subsequently encounter an condition that requires immediate termination of the connection.
-          The last stream identifier from the last GOAWAY frame received indicates which streams
-          could have been acted upon.  Endpoints MUST NOT increase the value they send in the last
-          stream identifier, since the peers might already have retried unprocessed requests on
-          another connection.
-        
-        
-          A client that is unable to retry requests loses all requests that are in flight when the
-          server closes the connection.  This is especially true for intermediaries that might
-          not be serving clients using HTTP/2.  A server that is attempting to gracefully shut down
-          a connection SHOULD send an initial GOAWAY frame with the last stream identifier set to
-          231-1 and a NO_ERROR code.  This signals to the client that
-          a shutdown is imminent and that no further requests can be initiated.  After waiting at
-          least one round trip time, the server can send another GOAWAY frame with an updated last
-          stream identifier.  This ensures that a connection can be cleanly shut down without losing
-          requests.
-        
-
-        
-          After sending a GOAWAY frame, the sender can discard frames for streams with identifiers
-          higher than the identified last stream.  However, any frames that alter connection state
-          cannot be completely ignored.  For instance, HEADERS,
-          PUSH_PROMISE and CONTINUATION frames MUST be minimally
-          processed to ensure the state maintained for header compression is consistent (see ); similarly DATA frames MUST be counted toward the connection flow
-          control window.  Failure to process these frames can cause flow control or header
-          compression state to become unsynchronized.
-        
-
-        
-          The GOAWAY frame also contains a 32-bit error code that
-          contains the reason for closing the connection.
-        
-        
-          Endpoints MAY append opaque data to the payload of any GOAWAY frame.  Additional debug
-          data is intended for diagnostic purposes only and carries no semantic value.  Debug
-          information could contain security- or privacy-sensitive data.  Logged or otherwise
-          persistently stored debug data MUST have adequate safeguards to prevent unauthorized
-          access.
-        
-      
    
-
-      
    
-        
-          The WINDOW_UPDATE frame (type=0x8) is used to implement flow control; see  for an overview.
-        
-        
-          Flow control operates at two levels: on each individual stream and on the entire
-          connection.
-        
-        
-          Both types of flow control are hop-by-hop; that is, only between the two endpoints.
-          Intermediaries do not forward WINDOW_UPDATE frames between dependent connections.
-          However, throttling of data transfer by any receiver can indirectly cause the propagation
-          of flow control information toward the original sender.
-        
-        
-          Flow control only applies to frames that are identified as being subject to flow control.
-          Of the frame types defined in this document, this includes only DATA frames.
-          Frames that are exempt from flow control MUST be accepted and processed, unless the
-          receiver is unable to assign resources to handling the frame.  A receiver MAY respond with
-          a stream error or connection error of type
-          FLOW_CONTROL_ERROR if it is unable to accept a frame.
-        
-        
    
-          
-        
    
-        
-          The payload of a WINDOW_UPDATE frame is one reserved bit, plus an unsigned 31-bit integer
-          indicating the number of octets that the sender can transmit in addition to the existing
-          flow control window.  The legal range for the increment to the flow control window is 1 to
-          231-1 (0x7fffffff) octets.
-        
-        
-          The WINDOW_UPDATE frame does not define any flags.
-        
-        
-          The WINDOW_UPDATE frame can be specific to a stream or to the entire connection.  In the
-          former case, the frame's stream identifier indicates the affected stream; in the latter,
-          the value "0" indicates that the entire connection is the subject of the frame.
-        
-        
-          A receiver MUST treat the receipt of a WINDOW_UPDATE frame with an flow control window
-          increment of 0 as a stream error of type
-          PROTOCOL_ERROR; errors on the connection flow control window MUST be
-          treated as a connection error.
-        
-        
-          WINDOW_UPDATE can be sent by a peer that has sent a frame bearing the END_STREAM flag.
-          This means that a receiver could receive a WINDOW_UPDATE frame on a "half closed (remote)"
-          or "closed" stream.  A receiver MUST NOT treat this as an error, see .
-        
-        
-          A receiver that receives a flow controlled frame MUST always account for its contribution
-          against the connection flow control window, unless the receiver treats this as a connection error.  This is necessary even if the
-          frame is in error.  Since the sender counts the frame toward the flow control window, if
-          the receiver does not, the flow control window at sender and receiver can become
-          different.
-        
-
-        
    
-          
-            Flow control in HTTP/2 is implemented using a window kept by each sender on every
-            stream. The flow control window is a simple integer value that indicates how many octets
-            of data the sender is permitted to transmit; as such, its size is a measure of the
-            buffering capacity of the receiver.
-          
-          
-            Two flow control windows are applicable: the stream flow control window and the
-            connection flow control window.  The sender MUST NOT send a flow controlled frame with a
-            length that exceeds the space available in either of the flow control windows advertised
-            by the receiver.  Frames with zero length with the END_STREAM flag set (that is, an
-            empty DATA frame) MAY be sent if there is no available space in either
-            flow control window.
-          
-          
-            For flow control calculations, the 9 octet frame header is not counted.
-          
-          
-            After sending a flow controlled frame, the sender reduces the space available in both
-            windows by the length of the transmitted frame.
-          
-          
-            The receiver of a frame sends a WINDOW_UPDATE frame as it consumes data and frees up
-            space in flow control windows.  Separate WINDOW_UPDATE frames are sent for the stream
-            and connection level flow control windows.
-          
-          
-            A sender that receives a WINDOW_UPDATE frame updates the corresponding window by the
-            amount specified in the frame.
-          
-          
-            A sender MUST NOT allow a flow control window to exceed 231-1 octets.
-            If a sender receives a WINDOW_UPDATE that causes a flow control window to exceed this
-            maximum it MUST terminate either the stream or the connection, as appropriate.  For
-            streams, the sender sends a RST_STREAM with the error code of
-            FLOW_CONTROL_ERROR code; for the connection, a GOAWAY
-            frame with a FLOW_CONTROL_ERROR code.
-          
-          
-            Flow controlled frames from the sender and WINDOW_UPDATE frames from the receiver are
-            completely asynchronous with respect to each other. This property allows a receiver to
-            aggressively update the window size kept by the sender to prevent streams from stalling.
-          
-        
    
-
-        
    
-          
-            When an HTTP/2 connection is first established, new streams are created with an initial
-            flow control window size of 65,535 octets. The connection flow control window is 65,535
-            octets. Both endpoints can adjust the initial window size for new streams by including
-            a value for SETTINGS_INITIAL_WINDOW_SIZE in the SETTINGS
-            frame that forms part of the connection preface. The connection flow control window can
-            only be changed using WINDOW_UPDATE frames.
-          
-          
-            Prior to receiving a SETTINGS frame that sets a value for
-            SETTINGS_INITIAL_WINDOW_SIZE, an endpoint can only use the default
-            initial window size when sending flow controlled frames.  Similarly, the connection flow
-            control window is set to the default initial window size until a WINDOW_UPDATE frame is
-            received.
-          
-          
-            A SETTINGS frame can alter the initial flow control window size for all
-            current streams. When the value of SETTINGS_INITIAL_WINDOW_SIZE changes,
-            a receiver MUST adjust the size of all stream flow control windows that it maintains by
-            the difference between the new value and the old value.
-          
-          
-            A change to SETTINGS_INITIAL_WINDOW_SIZE can cause the available space in
-            a flow control window to become negative.  A sender MUST track the negative flow control
-            window, and MUST NOT send new flow controlled frames until it receives WINDOW_UPDATE
-            frames that cause the flow control window to become positive.
-          
-          
-            For example, if the client sends 60KB immediately on connection establishment, and the
-            server sets the initial window size to be 16KB, the client will recalculate the
-            available flow control window to be -44KB on receipt of the SETTINGS
-            frame.  The client retains a negative flow control window until WINDOW_UPDATE frames
-            restore the window to being positive, after which the client can resume sending.
-          
-          
-            A SETTINGS frame cannot alter the connection flow control window.
-          
-          
-            An endpoint MUST treat a change to SETTINGS_INITIAL_WINDOW_SIZE that
-            causes any flow control window to exceed the maximum size as a connection error of type
-            FLOW_CONTROL_ERROR.
-          
-        
    
-
-        
    
-          
-            A receiver that wishes to use a smaller flow control window than the current size can
-            send a new SETTINGS frame.  However, the receiver MUST be prepared to
-            receive data that exceeds this window size, since the sender might send data that
-            exceeds the lower limit prior to processing the SETTINGS frame.
-          
-          
-            After sending a SETTINGS frame that reduces the initial flow control window size, a
-            receiver has two options for handling streams that exceed flow control limits:
-            
-              
-                The receiver can immediately send RST_STREAM with
-                FLOW_CONTROL_ERROR error code for the affected streams.
-              
-              
-                The receiver can accept the streams and tolerate the resulting head of line
-                blocking, sending WINDOW_UPDATE frames as it consumes data.
-              
-            
-          
-        
    
-      
    
-
-      
    
-        
-          The CONTINUATION frame (type=0x9) is used to continue a sequence of header block fragments.  Any number of CONTINUATION frames can
-          be sent on an existing stream, as long as the preceding frame is on the same stream and is
-          a HEADERS, PUSH_PROMISE or CONTINUATION frame without the
-          END_HEADERS flag set.
-        
-
-        
    
-          
-        
    
-        
-          The CONTINUATION frame payload contains a header block
-          fragment.
-        
-
-        
-          The CONTINUATION frame defines the following flag:
-          
-            
-              
-                Bit 3 being set indicates that this frame ends a header
-                block.
-              
-              
-                If the END_HEADERS bit is not set, this frame MUST be followed by another
-                CONTINUATION frame.  A receiver MUST treat the receipt of any other type of frame or
-                a frame on a different stream as a connection
-                error of type PROTOCOL_ERROR.
-              
-            
-          
-        
-
-        
-          The CONTINUATION frame changes the connection state as defined in .
-        
-
-        
-          CONTINUATION frames MUST be associated with a stream. If a CONTINUATION frame is received
-          whose stream identifier field is 0x0, the recipient MUST respond with a connection error of type PROTOCOL_ERROR.
-        
-
-        
-          A CONTINUATION frame MUST be preceded by a HEADERS,
-          PUSH_PROMISE or CONTINUATION frame without the END_HEADERS flag set.  A
-          recipient that observes violation of this rule MUST respond with a  connection error of type
-          PROTOCOL_ERROR.
-        
-      
    
-    
    
-
-    
    
-      
-        Error codes are 32-bit fields that are used in RST_STREAM and
-        GOAWAY frames to convey the reasons for the stream or connection error.
-      
-
-      
-        Error codes share a common code space.  Some error codes apply only to either streams or the
-        entire connection and have no defined semantics in the other context.
-      
-
-      
-        The following error codes are defined:
-        
-          
-            The associated condition is not as a result of an error.  For example, a
-            GOAWAY might include this code to indicate graceful shutdown of a
-            connection.
-          
-          
-            The endpoint detected an unspecific protocol error.  This error is for use when a more
-            specific error code is not available.
-          
-          
-            The endpoint encountered an unexpected internal error.
-          
-          
-            The endpoint detected that its peer violated the flow control protocol.
-          
-          
-            The endpoint sent a SETTINGS frame, but did not receive a response in a
-            timely manner.  See Settings Synchronization.
-          
-          
-            The endpoint received a frame after a stream was half closed.
-          
-          
-            The endpoint received a frame with an invalid size.
-          
-          
-            The endpoint refuses the stream prior to performing any application processing, see
-             for details.
-          
-          
-            Used by the endpoint to indicate that the stream is no longer needed.
-          
-          
-            The endpoint is unable to maintain the header compression context for the connection.
-          
-          
-            The connection established in response to a CONNECT
-            request was reset or abnormally closed.
-          
-          
-            The endpoint detected that its peer is exhibiting a behavior that might be generating
-            excessive load.
-          
-          
-            The underlying transport has properties that do not meet minimum security
-            requirements (see ).
-          
-        
-      
-      
-        Unknown or unsupported error codes MUST NOT trigger any special behavior.  These MAY be
-        treated by an implementation as being equivalent to INTERNAL_ERROR.
-      
-    
    
-
-    
    
-      
-        HTTP/2 is intended to be as compatible as possible with current uses of HTTP. This means
-        that, from the application perspective, the features of the protocol are largely
-        unchanged. To achieve this, all request and response semantics are preserved, although the
-        syntax of conveying those semantics has changed.
-      
-      
-        Thus, the specification and requirements of HTTP/1.1 Semantics and Content , Conditional Requests , Range Requests , Caching  and Authentication  are applicable to HTTP/2. Selected portions of HTTP/1.1 Message Syntax
-        and Routing , such as the HTTP and HTTPS URI schemes, are also
-        applicable in HTTP/2, but the expression of those semantics for this protocol are defined
-        in the sections below.
-      
-
-      
    
-        
-          A client sends an HTTP request on a new stream, using a previously unused stream identifier.  A server sends an HTTP response on
-          the same stream as the request.
-        
-        
-          An HTTP message (request or response) consists of:
-          
-            
-              for a response only, zero or more HEADERS frames (each followed by zero
-              or more CONTINUATION frames) containing the message headers of
-              informational (1xx) HTTP responses (see  and ),
-              and
-            
-            
-              one HEADERS frame (followed by zero or more CONTINUATION
-              frames) containing the message headers (see ), and
-            
-            
-              zero or more DATA frames containing the message payload (see ), and
-            
-            
-              optionally, one HEADERS frame, followed by zero or more
-              CONTINUATION frames containing the trailer-part, if present (see ).
-            
-          
-          The last frame in the sequence bears an END_STREAM flag, noting that a
-          HEADERS frame bearing the END_STREAM flag can be followed by
-          CONTINUATION frames that carry any remaining portions of the header block.
-        
-        
-          Other frames (from any stream) MUST NOT occur between either HEADERS frame
-          and any CONTINUATION frames that might follow.
-        
-
-        
-          Trailing header fields are carried in a header block that also terminates the stream.
-          That is, a sequence starting with a HEADERS frame, followed by zero or more
-          CONTINUATION frames, where the HEADERS frame bears an
-          END_STREAM flag.  Header blocks after the first that do not terminate the stream are not
-          part of an HTTP request or response.
-        
-        
-          A HEADERS frame (and associated CONTINUATION frames) can
-          only appear at the start or end of a stream.  An endpoint that receives a
-          HEADERS frame without the END_STREAM flag set after receiving a final
-          (non-informational) status code MUST treat the corresponding request or response as malformed.
-        
-
-        
-          An HTTP request/response exchange fully consumes a single stream.  A request starts with
-          the HEADERS frame that puts the stream into an "open" state. The request
-          ends with a frame bearing END_STREAM, which causes the stream to become "half closed
-          (local)" for the client and "half closed (remote)" for the server.  A response starts with
-          a HEADERS frame and ends with a frame bearing END_STREAM, which places the
-          stream in the "closed" state.
-          
-        
-
-        
    
-          
-            HTTP/2 removes support for the 101 (Switching Protocols) informational status code
-            ().
-          
-          
-            The semantics of 101 (Switching Protocols) aren't applicable to a multiplexed protocol.
-            Alternative protocols are able to use the same mechanisms that HTTP/2 uses to negotiate
-            their use (see ).
-          
-        
    
-
-        
    
-          
-            HTTP header fields carry information as a series of key-value pairs. For a listing of
-            registered HTTP headers, see the Message Header Field Registry maintained at .
-          
-
-          
    
-            
-              While HTTP/1.x used the message start-line (see ) to convey the target URI and method of the request, and the
-              status code for the response, HTTP/2 uses special pseudo-header fields beginning with
-              ':' character (ASCII 0x3a) for this purpose.
-            
-            
-              Pseudo-header fields are not HTTP header fields. Endpoints MUST NOT generate
-              pseudo-header fields other than those defined in this document.
-            
-            
-              Pseudo-header fields are only valid in the context in which they are defined.
-              Pseudo-header fields defined for requests MUST NOT appear in responses; pseudo-header
-              fields defined for responses MUST NOT appear in requests.  Pseudo-header fields MUST
-              NOT appear in trailers.  Endpoints MUST treat a request or response that contains
-              undefined or invalid pseudo-header fields as malformed.
-            
-            
-              Just as in HTTP/1.x, header field names are strings of ASCII characters that are
-              compared in a case-insensitive fashion. However, header field names MUST be converted
-              to lowercase prior to their encoding in HTTP/2. A request or response containing
-              uppercase header field names MUST be treated as malformed.
-            
-            
-              All pseudo-header fields MUST appear in the header block before regular header fields.
-              Any request or response that contains a pseudo-header field that appears in a header
-              block after a regular header field MUST be treated as malformed.
-            
-          
    
-
-          
    
-            
-              HTTP/2 does not use the Connection header field to
-              indicate connection-specific header fields; in this protocol, connection-specific
-              metadata is conveyed by other means.  An endpoint MUST NOT generate a HTTP/2 message
-              containing connection-specific header fields; any message containing
-              connection-specific header fields MUST be treated as malformed.
-            
-            
-              This means that an intermediary transforming an HTTP/1.x message to HTTP/2 will need
-              to remove any header fields nominated by the Connection header field, along with the
-              Connection header field itself. Such intermediaries SHOULD also remove other
-              connection-specific header fields, such as Keep-Alive, Proxy-Connection,
-              Transfer-Encoding and Upgrade, even if they are not nominated by Connection.
-            
-            
-              One exception to this is the TE header field, which MAY be present in an HTTP/2
-              request, but when it is MUST NOT contain any value other than "trailers".
-            
-            
-              
-                
-                  HTTP/2 purposefully does not support upgrade to another protocol.  The handshake
-                  methods described in  are believed sufficient to
-                  negotiate the use of alternative protocols.
-                
-              
-            
-          
    
-
-          
    
-            
-              The following pseudo-header fields are defined for HTTP/2 requests:
-              
-                
-                  
-                    The :method pseudo-header field includes the HTTP
-                    method ().
-                  
-                
-                
-                  
-                    The :scheme pseudo-header field includes the scheme
-                    portion of the target URI ().
-                  
-                  
-                    :scheme is not restricted to http and https schemed URIs.  A
-                    proxy or gateway can translate requests for non-HTTP schemes, enabling the use
-                    of HTTP to interact with non-HTTP services.
-                  
-                
-                
-                  
-                    The :authority pseudo-header field includes the
-                    authority portion of the target URI (). The authority MUST NOT include the deprecated userinfo subcomponent for http
-                    or https schemed URIs.
-                  
-                  
-                    To ensure that the HTTP/1.1 request line can be reproduced accurately, this
-                    pseudo-header field MUST be omitted when translating from an HTTP/1.1 request
-                    that has a request target in origin or asterisk form (see ). Clients that generate
-                    HTTP/2 requests directly SHOULD use the :authority pseudo-header
-                    field instead of the Host header field. An
-                    intermediary that converts an HTTP/2 request to HTTP/1.1 MUST create a Host header field if one is not present in a request by
-                    copying the value of the :authority pseudo-header
-                    field.
-                  
-                
-                
-                  
-                    The :path pseudo-header field includes the path and
-                    query parts of the target URI (the path-absolute
-                    production from  and optionally a '?' character
-                    followed by the query production, see  and ). A request in asterisk form includes the value '*' for the
-                    :path pseudo-header field.
-                  
-                  
-                    This pseudo-header field MUST NOT be empty for http
-                    or https URIs; http or
-                    https URIs that do not contain a path component
-                    MUST include a value of '/'. The exception to this rule is an OPTIONS request
-                    for an http or https
-                    URI that does not include a path component; these MUST include a :path pseudo-header field with a value of '*' (see ).
-                  
-                
-              
-            
-            
-              All HTTP/2 requests MUST include exactly one valid value for the :method, :scheme, and :path pseudo-header fields, unless it is a CONNECT request. An HTTP request that omits mandatory
-              pseudo-header fields is malformed.
-            
-            
-              HTTP/2 does not define a way to carry the version identifier that is included in the
-              HTTP/1.1 request line.
-            
-          
    
-
-          
    
-            
-              For HTTP/2 responses, a single :status pseudo-header
-              field is defined that carries the HTTP status code field (see ). This pseudo-header field MUST be included in all
-              responses, otherwise the response is malformed.
-            
-            
-              HTTP/2 does not define a way to carry the version or reason phrase that is included in
-              an HTTP/1.1 status line.
-            
-          
    
-
-         
    
-            
-              The Cookie header field can carry a significant amount of
-              redundant data.
-            
-            
-              The Cookie header field uses a semi-colon (";") to delimit cookie-pairs (or "crumbs").
-              This header field doesn't follow the list construction rules in HTTP (see ), which prevents cookie-pairs from
-              being separated into different name-value pairs.  This can significantly reduce
-              compression efficiency as individual cookie-pairs are updated.
-            
-            
-              To allow for better compression efficiency, the Cookie header field MAY be split into
-              separate header fields, each with one or more cookie-pairs.  If there are multiple
-              Cookie header fields after decompression, these MUST be concatenated into a single
-              octet string using the two octet delimiter of 0x3B, 0x20 (the ASCII string "; ")
-              before being passed into a non-HTTP/2 context, such as an HTTP/1.1 connection, or a
-              generic HTTP server application.
-            
-            
    
-              
-                Therefore, the following two lists of Cookie header fields are semantically
-                equivalent.
-              
-              
-            
    
-          
    
-
-          
    
-            
-              A malformed request or response is one that is an otherwise valid sequence of HTTP/2
-              frames, but is otherwise invalid due to the presence of extraneous frames, prohibited
-              header fields, the absence of mandatory header fields, or the inclusion of uppercase
-              header field names.
-            
-            
-              A request or response that includes an entity body can include a content-length header field.  A request or response is also
-              malformed if the value of a content-length header field
-              does not equal the sum of the DATA frame payload lengths that form the
-              body.  A response that is defined to have no payload, as described in , can have a non-zero
-              content-length header field, even though no content is
-              included in DATA frames.
-            
-            
-              Intermediaries that process HTTP requests or responses (i.e., any intermediary not
-              acting as a tunnel) MUST NOT forward a malformed request or response.  Malformed
-              requests or responses that are detected MUST be treated as a stream error of type PROTOCOL_ERROR.
-            
-            
-              For malformed requests, a server MAY send an HTTP response prior to closing or
-              resetting the stream.  Clients MUST NOT accept a malformed response. Note that these
-              requirements are intended to protect against several types of common attacks against
-              HTTP; they are deliberately strict, because being permissive can expose
-              implementations to these vulnerabilities.
-            
-          
    
-        
    
-
-        
    
-          
-            This section shows HTTP/1.1 requests and responses, with illustrations of equivalent
-            HTTP/2 requests and responses.
-          
-          
-            An HTTP GET request includes request header fields and no body and is therefore
-            transmitted as a single HEADERS frame, followed by zero or more
-            CONTINUATION frames containing the serialized block of request header
-            fields.  The HEADERS frame in the following has both the END_HEADERS and
-            END_STREAM flags set; no CONTINUATION frames are sent:
-          
-
-          
    
-                 + END_STREAM
-  Accept: image/jpeg                 + END_HEADERS
-                                       :method = GET
-                                       :scheme = https
-                                       :path = /resource
-                                       host = example.org
-                                       accept = image/jpeg
-]]>
-          
    
-
-          
-            Similarly, a response that includes only response header fields is transmitted as a
-            HEADERS frame (again, followed by zero or more
-            CONTINUATION frames) containing the serialized block of response header
-            fields.
-          
-
-          
    
-                 + END_STREAM
-  Expires: Thu, 23 Jan ...           + END_HEADERS
-                                       :status = 304
-                                       etag = "xyzzy"
-                                       expires = Thu, 23 Jan ...
-]]>
-          
    
-
-          
-            An HTTP POST request that includes request header fields and payload data is transmitted
-            as one HEADERS frame, followed by zero or more
-            CONTINUATION frames containing the request header fields, followed by one
-            or more DATA frames, with the last CONTINUATION (or
-            HEADERS) frame having the END_HEADERS flag set and the final
-            DATA frame having the END_STREAM flag set:
-          
-
-          
    
-                 - END_STREAM
-  Content-Type: image/jpeg           - END_HEADERS
-  Content-Length: 123                  :method = POST
-                                       :path = /resource
-  {binary data}                        :scheme = https
-
-                                   CONTINUATION
-                                     + END_HEADERS
-                                       content-type = image/jpeg
-                                       host = example.org
-                                       content-length = 123
-
-                                   DATA
-                                     + END_STREAM
-                                   {binary data}
-]]>
-            
-              Note that data contributing to any given header field could be spread between header
-              block fragments.  The allocation of header fields to frames in this example is
-              illustrative only.
-            
-          
    
-
-          
-            A response that includes header fields and payload data is transmitted as a
-            HEADERS frame, followed by zero or more CONTINUATION
-            frames, followed by one or more DATA frames, with the last
-            DATA frame in the sequence having the END_STREAM flag set:
-          
-
-          
    
-                 - END_STREAM
-  Content-Length: 123                + END_HEADERS
-                                       :status = 200
-  {binary data}                        content-type = image/jpeg
-                                       content-length = 123
-
-                                   DATA
-                                     + END_STREAM
-                                   {binary data}
-]]>
-          
    
-
-          
-            Trailing header fields are sent as a header block after both the request or response
-            header block and all the DATA frames have been sent.  The
-            HEADERS frame starting the trailers header block has the END_STREAM flag
-            set.
-          
-
-          
    
-                 - END_STREAM
-  Transfer-Encoding: chunked         + END_HEADERS
-  Trailer: Foo                         :status = 200
-                                       content-length = 123
-  123                                  content-type = image/jpeg
-  {binary data}                        trailer = Foo
-  0
-  Foo: bar                         DATA
-                                     - END_STREAM
-                                   {binary data}
-
-                                   HEADERS
-                                     + END_STREAM
-                                     + END_HEADERS
-                                       foo = bar
-]]>
-          
    
-
-
-          
    
-           
-             An informational response using a 1xx status code other than 101 is transmitted as a
-             HEADERS frame, followed by zero or more CONTINUATION
-             frames:
-           
-                - END_STREAM
-                                     + END_HEADERS
-                                       :status = 103
-                                       extension-field = bar
-]]>
- 
    
-        
    
-
-        
    
-          
-            In HTTP/1.1, an HTTP client is unable to retry a non-idempotent request when an error
-            occurs, because there is no means to determine the nature of the error.  It is possible
-            that some server processing occurred prior to the error, which could result in
-            undesirable effects if the request were reattempted.
-          
-          
-            HTTP/2 provides two mechanisms for providing a guarantee to a client that a request has
-            not been processed:
-            
-              
-                The GOAWAY frame indicates the highest stream number that might have
-                been processed.  Requests on streams with higher numbers are therefore guaranteed to
-                be safe to retry.
-              
-              
-                The REFUSED_STREAM error code can be included in a
-                RST_STREAM frame to indicate that the stream is being closed prior to
-                any processing having occurred.  Any request that was sent on the reset stream can
-                be safely retried.
-              
-            
-          
-          
-            Requests that have not been processed have not failed; clients MAY automatically retry
-            them, even those with non-idempotent methods.
-          
-          
-            A server MUST NOT indicate that a stream has not been processed unless it can guarantee
-            that fact.  If frames that are on a stream are passed to the application layer for any
-            stream, then REFUSED_STREAM MUST NOT be used for that stream, and a
-            GOAWAY frame MUST include a stream identifier that is greater than or
-            equal to the given stream identifier.
-          
-          
-            In addition to these mechanisms, the PING frame provides a way for a
-            client to easily test a connection.  Connections that remain idle can become broken as
-            some middleboxes (for instance, network address translators, or load balancers) silently
-            discard connection bindings.  The PING frame allows a client to safely
-            test whether a connection is still active without sending a request.
-          
-        
    
-      
    
-
-      
    
-        
-          HTTP/2 allows a server to pre-emptively send (or "push") responses (along with
-          corresponding "promised" requests) to a client in association with a previous
-          client-initiated request. This can be useful when the server knows the client will need
-          to have those responses available in order to fully process the response to the original
-          request.
-        
-
-        
-          Pushing additional message exchanges in this fashion is optional, and is negotiated
-          between individual endpoints. The SETTINGS_ENABLE_PUSH setting can be set
-          to 0 to indicate that server push is disabled.
-        
-        
-          Promised requests MUST be cacheable (see ), MUST be safe (see ) and MUST NOT include a request body. Clients that receive a
-          promised request that is not cacheable, unsafe or that includes a request body MUST
-          reset the stream with a stream error of type
-          PROTOCOL_ERROR.
-        
-        
-          Pushed responses that are cacheable (see ) can be stored by the client, if it implements a HTTP
-          cache.  Pushed responses are considered successfully validated on the origin server (e.g.,
-          if the "no-cache" cache response directive  is present) while the stream identified by the
-          promised stream ID is still open.
-        
-        
-          Pushed responses that are not cacheable MUST NOT be stored by any HTTP cache. They MAY
-          be made available to the application separately.
-        
-        
-          An intermediary can receive pushes from the server and choose not to forward them on to
-          the client. In other words, how to make use of the pushed information is up to that
-          intermediary. Equally, the intermediary might choose to make additional pushes to the
-          client, without any action taken by the server.
-        
-        
-          A client cannot push. Thus, servers MUST treat the receipt of a
-          PUSH_PROMISE frame as a connection
-          error of type PROTOCOL_ERROR. Clients MUST reject any attempt to
-          change the SETTINGS_ENABLE_PUSH setting to a value other than 0 by treating
-          the message as a connection error of type
-          PROTOCOL_ERROR.
-        
-
-        
    
-          
-            Server push is semantically equivalent to a server responding to a request; however, in
-            this case that request is also sent by the server, as a PUSH_PROMISE
-            frame.
-          
-          
-            The PUSH_PROMISE frame includes a header block that contains a complete
-            set of request header fields that the server attributes to the request. It is not
-            possible to push a response to a request that includes a request body.
-          
-
-          
-            Pushed responses are always associated with an explicit request from the client. The
-            PUSH_PROMISE frames sent by the server are sent on that explicit
-            request's stream. The PUSH_PROMISE frame also includes a promised stream
-            identifier, chosen from the stream identifiers available to the server (see ).
-          
-
-          
-            The header fields in PUSH_PROMISE and any subsequent
-            CONTINUATION frames MUST be a valid and complete set of request header fields.  The server MUST include a method in
-            the :method header field that is safe and cacheable.  If a
-            client receives a PUSH_PROMISE that does not include a complete and valid
-            set of header fields, or the :method header field identifies
-            a method that is not safe, it MUST respond with a stream error of type PROTOCOL_ERROR.
-          
-
-          
-            The server SHOULD send PUSH_PROMISE ()
-            frames prior to sending any frames that reference the promised responses. This avoids a
-            race where clients issue requests prior to receiving any PUSH_PROMISE
-            frames.
-          
-          
-            For example, if the server receives a request for a document containing embedded links
-            to multiple image files, and the server chooses to push those additional images to the
-            client, sending push promises before the DATA frames that contain the
-            image links ensures that the client is able to see the promises before discovering
-            embedded links. Similarly, if the server pushes responses referenced by the header block
-            (for instance, in Link header fields), sending the push promises before sending the
-            header block ensures that clients do not request them.
-          
-
-          
-            PUSH_PROMISE frames MUST NOT be sent by the client.
-          
-          
-            PUSH_PROMISE frames can be sent by the server in response to any
-            client-initiated stream, but the stream MUST be in either the "open" or "half closed
-            (remote)" state with respect to the server.  PUSH_PROMISE frames are
-            interspersed with the frames that comprise a response, though they cannot be
-            interspersed with HEADERS and CONTINUATION frames that
-            comprise a single header block.
-          
-          
-            Sending a PUSH_PROMISE frame creates a new stream and puts the stream
-            into the “reserved (local)” state for the server and the “reserved (remote)” state for
-            the client.
-          
-        
    
-
-        
    
-          
-            After sending the PUSH_PROMISE frame, the server can begin delivering the
-            pushed response as a response on a server-initiated
-            stream that uses the promised stream identifier.  The server uses this stream to
-            transmit an HTTP response, using the same sequence of frames as defined in .  This stream becomes "half closed"
-            to the client after the initial HEADERS frame is sent.
-          
-
-          
-            Once a client receives a PUSH_PROMISE frame and chooses to accept the
-            pushed response, the client SHOULD NOT issue any requests for the promised response
-            until after the promised stream has closed.
-          
-
-          
-            If the client determines, for any reason, that it does not wish to receive the pushed
-            response from the server, or if the server takes too long to begin sending the promised
-            response, the client can send an RST_STREAM frame, using either the
-            CANCEL or REFUSED_STREAM codes, and referencing the pushed
-            stream's identifier.
-          
-          
-            A client can use the SETTINGS_MAX_CONCURRENT_STREAMS setting to limit the
-            number of responses that can be concurrently pushed by a server.  Advertising a
-            SETTINGS_MAX_CONCURRENT_STREAMS value of zero disables server push by
-            preventing the server from creating the necessary streams.  This does not prohibit a
-            server from sending PUSH_PROMISE frames; clients need to reset any
-            promised streams that are not wanted.
-          
-
-          
-            Clients receiving a pushed response MUST validate that either the server is
-            authoritative (see ), or the proxy that provided the pushed
-            response is configured for the corresponding request. For example, a server that offers
-            a certificate for only the example.com DNS-ID or Common Name
-            is not permitted to push a response for https://www.example.org/doc.
-          
-          
-            The response for a PUSH_PROMISE stream begins with a
-            HEADERS frame, which immediately puts the stream into the “half closed
-            (remote)” state for the server and “half closed (local)” state for the client, and ends
-            with a frame bearing END_STREAM, which places the stream in the "closed" state.
-            
-              
-                The client never sends a frame with the END_STREAM flag for a server push.
-              
-            
-          
-        
    
-
-      
    
-
-      
    
-        
-          In HTTP/1.x, the pseudo-method CONNECT () is used to convert an HTTP connection into a tunnel to a remote host.
-          CONNECT is primarily used with HTTP proxies to establish a TLS session with an origin
-          server for the purposes of interacting with https resources.
-        
-        
-          In HTTP/2, the CONNECT method is used to establish a tunnel over a single HTTP/2 stream to
-          a remote host, for similar purposes. The HTTP header field mapping works as defined in
-          Request Header Fields, with a few
-          differences. Specifically:
-          
-            
-              The :method header field is set to CONNECT.
-            
-            
-              The :scheme and :path header
-              fields MUST be omitted.
-            
-            
-              The :authority header field contains the host and port to
-              connect to (equivalent to the authority-form of the request-target of CONNECT
-              requests, see ).
-            
-          
-        
-        
-          A proxy that supports CONNECT establishes a TCP connection to
-          the server identified in the :authority header field. Once
-          this connection is successfully established, the proxy sends a HEADERS
-          frame containing a 2xx series status code to the client, as defined in .
-        
-        
-          After the initial HEADERS frame sent by each peer, all subsequent
-          DATA frames correspond to data sent on the TCP connection.  The payload of
-          any DATA frames sent by the client is transmitted by the proxy to the TCP
-          server; data received from the TCP server is assembled into DATA frames by
-          the proxy.  Frame types other than DATA or stream management frames
-          (RST_STREAM, WINDOW_UPDATE, and PRIORITY)
-          MUST NOT be sent on a connected stream, and MUST be treated as a stream error if received.
-        
-        
-          The TCP connection can be closed by either peer.  The END_STREAM flag on a
-          DATA frame is treated as being equivalent to the TCP FIN bit.  A client is
-          expected to send a DATA frame with the END_STREAM flag set after receiving
-          a frame bearing the END_STREAM flag.  A proxy that receives a DATA frame
-          with the END_STREAM flag set sends the attached data with the FIN bit set on the last TCP
-          segment.  A proxy that receives a TCP segment with the FIN bit set sends a
-          DATA frame with the END_STREAM flag set.  Note that the final TCP segment
-          or DATA frame could be empty.
-        
-        
-          A TCP connection error is signaled with RST_STREAM.  A proxy treats any
-          error in the TCP connection, which includes receiving a TCP segment with the RST bit set,
-          as a stream error of type
-          CONNECT_ERROR.  Correspondingly, a proxy MUST send a TCP segment with the
-          RST bit set if it detects an error with the stream or the HTTP/2 connection.
-        
-      
    
-    
    
-
-    
    
-      
-        This section outlines attributes of the HTTP protocol that improve interoperability, reduce
-        exposure to known security vulnerabilities, or reduce the potential for implementation
-        variation.
-      
-
-      
    
-        
-          HTTP/2 connections are persistent.  For best performance, it is expected clients will not
-          close connections until it is determined that no further communication with a server is
-          necessary (for example, when a user navigates away from a particular web page), or until
-          the server closes the connection.
-        
-        
-          Clients SHOULD NOT open more than one HTTP/2 connection to a given host and port pair,
-          where host is derived from a URI, a selected alternative
-          service, or a configured proxy.
-        
-        
-          A client can create additional connections as replacements, either to replace connections
-          that are near to exhausting the available stream
-          identifier space, to refresh the keying material for a TLS connection, or to
-          replace connections that have encountered errors.
-        
-        
-          A client MAY open multiple connections to the same IP address and TCP port using different
-          Server Name Indication values or to provide different TLS
-          client certificates, but SHOULD avoid creating multiple connections with the same
-          configuration.
-        
-        
-          Servers are encouraged to maintain open connections for as long as possible, but are
-          permitted to terminate idle connections if necessary.  When either endpoint chooses to
-          close the transport-layer TCP connection, the terminating endpoint SHOULD first send a
-          GOAWAY () frame so that both endpoints can reliably
-          determine whether previously sent frames have been processed and gracefully complete or
-          terminate any necessary remaining tasks.
-        
-
-        
    
-          
-            Connections that are made to an origin servers, either directly or through a tunnel
-            created using the CONNECT method MAY be reused for
-            requests with multiple different URI authority components.  A connection can be reused
-            as long as the origin server is authoritative.  For
-            http resources, this depends on the host having resolved to
-            the same IP address.
-          
-          
-            For https resources, connection reuse additionally depends
-            on having a certificate that is valid for the host in the URI.  An origin server might
-            offer a certificate with multiple subjectAltName attributes,
-            or names with wildcards, one of which is valid for the authority in the URI.  For
-            example, a certificate with a subjectAltName of *.example.com might permit the use of the same connection for
-            requests to URIs starting with https://a.example.com/ and
-            https://b.example.com/.
-          
-          
-            In some deployments, reusing a connection for multiple origins can result in requests
-            being directed to the wrong origin server.  For example, TLS termination might be
-            performed by a middlebox that uses the TLS Server Name Indication
-            (SNI) extension to select an origin server.  This means that it is possible
-            for clients to send confidential information to servers that might not be the intended
-            target for the request, even though the server is otherwise authoritative.
-          
-          
-            A server that does not wish clients to reuse connections can indicate that it is not
-            authoritative for a request by sending a 421 (Misdirected Request) status code in response
-            to the request (see ).
-          
-          
-            A client that is configured to use a proxy over HTTP/2 directs requests to that proxy
-            through a single connection.  That is, all requests sent via a proxy reuse the
-            connection to the proxy.
-          
-        
    
-
-        
    
-          
-            The 421 (Misdirected Request) status code indicates that the request was directed at a
-            server that is not able to produce a response.  This can be sent by a server that is not
-            configured to produce responses for the combination of scheme and authority that are
-            included in the request URI.
-          
-          
-            Clients receiving a 421 (Misdirected Request) response from a server MAY retry the
-            request - whether the request method is idempotent or not - over a different connection.
-            This is possible if a connection is reused () or if an alternative
-            service is selected ().
-          
-          
-            This status code MUST NOT be generated by proxies.
-          
-          
-            A 421 response is cacheable by default; i.e., unless otherwise indicated by the method
-            definition or explicit cache controls (see ).
-          
-        
    
-      
    
-
-      
    
-        
-          Implementations of HTTP/2 MUST support TLS 1.2 for HTTP/2 over
-          TLS.  The general TLS usage guidance in  SHOULD be followed, with
-          some additional restrictions that are specific to HTTP/2.
-        
-
-        
-          An implementation of HTTP/2 over TLS MUST use TLS 1.2 or higher with the restrictions on
-          feature set and cipher suite described in this section.  Due to implementation
-          limitations, it might not be possible to fail TLS negotiation.  An endpoint MUST
-          immediately terminate an HTTP/2 connection that does not meet these minimum requirements
-          with a connection error of type
-          INADEQUATE_SECURITY.
-        
-
-        
    
-          
-            The TLS implementation MUST support the Server Name Indication
-            (SNI) extension to TLS. HTTP/2 clients MUST indicate the target domain name when
-            negotiating TLS.
-          
-          
-            The TLS implementation MUST disable compression.  TLS compression can lead to the
-            exposure of information that would not otherwise be revealed .
-            Generic compression is unnecessary since HTTP/2 provides compression features that are
-            more aware of context and therefore likely to be more appropriate for use for
-            performance, security or other reasons.
-          
-          
-            The TLS implementation MUST disable renegotiation.  An endpoint MUST treat a TLS
-            renegotiation as a connection error of type
-            PROTOCOL_ERROR.  Note that disabling renegotiation can result in
-            long-lived connections becoming unusable due to limits on the number of messages the
-            underlying cipher suite can encipher.
-          
-          
-            A client MAY use renegotiation to provide confidentiality protection for client
-            credentials offered in the handshake, but any renegotiation MUST occur prior to sending
-            the connection preface.  A server SHOULD request a client certificate if it sees a
-            renegotiation request immediately after establishing a connection.
-          
-          
-            This effectively prevents the use of renegotiation in response to a request for a
-            specific protected resource.  A future specification might provide a way to support this
-            use case. 
-          
-        
    
-
-        
    
-          
-            The set of TLS cipher suites that are permitted in HTTP/2 is restricted.  HTTP/2 MUST
-            only be used with cipher suites that have ephemeral key exchange, such as the ephemeral Diffie-Hellman (DHE) or the elliptic curve variant (ECDHE).  Ephemeral key exchange MUST
-            have a minimum size of 2048 bits for DHE or security level of 128 bits for ECDHE.
-            Clients MUST accept DHE sizes of up to 4096 bits.  HTTP MUST NOT be used with cipher
-            suites that use stream or block ciphers.  Authenticated Encryption with Additional Data
-            (AEAD) modes, such as the Galois Counter Model (GCM) mode for
-            AES are acceptable.
-          
-          
-            The effect of these restrictions is that TLS 1.2 implementations could have
-            non-intersecting sets of available cipher suites, since these prevent the use of the
-            cipher suite that TLS 1.2 makes mandatory.  To avoid this problem, implementations of
-            HTTP/2 that use TLS 1.2 MUST support TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256  with P256 .
-          
-          
-            Clients MAY advertise support of cipher suites that are prohibited by the above
-            restrictions in order to allow for connection to servers that do not support HTTP/2.
-            This enables a fallback to protocols without these constraints without the additional
-            latency imposed by using a separate connection for fallback.
-          
-        
    
-      
    
-    
    
-
-    
    
-      
    
-        
-          HTTP/2 relies on the HTTP/1.1 definition of authority for determining whether a server is
-          authoritative in providing a given response, see .  This relies on local name resolution for the "http"
-          URI scheme, and the authenticated server identity for the "https" scheme (see ).
-        
-      
    
-
-      
    
-        
-          In a cross-protocol attack, an attacker causes a client to initiate a transaction in one
-          protocol toward a server that understands a different protocol.  An attacker might be able
-          to cause the transaction to appear as valid transaction in the second protocol.  In
-          combination with the capabilities of the web context, this can be used to interact with
-          poorly protected servers in private networks.
-        
-        
-          Completing a TLS handshake with an ALPN identifier for HTTP/2 can be considered sufficient
-          protection against cross protocol attacks.  ALPN provides a positive indication that a
-          server is willing to proceed with HTTP/2, which prevents attacks on other TLS-based
-          protocols.
-        
-        
-          The encryption in TLS makes it difficult for attackers to control the data which could be
-          used in a cross-protocol attack on a cleartext protocol.
-        
-        
-          The cleartext version of HTTP/2 has minimal protection against cross-protocol attacks.
-          The connection preface contains a string that is
-          designed to confuse HTTP/1.1 servers, but no special protection is offered for other
-          protocols.  A server that is willing to ignore parts of an HTTP/1.1 request containing an
-          Upgrade header field in addition to the client connection preface could be exposed to a
-          cross-protocol attack.
-        
-      
    
-
-      
    
-        
-          HTTP/2 header field names and values are encoded as sequences of octets with a length
-          prefix.  This enables HTTP/2 to carry any string of octets as the name or value of a
-          header field.  An intermediary that translates HTTP/2 requests or responses into HTTP/1.1
-          directly could permit the creation of corrupted HTTP/1.1 messages.  An attacker might
-          exploit this behavior to cause the intermediary to create HTTP/1.1 messages with illegal
-          header fields, extra header fields, or even new messages that are entirely falsified.
-        
-        
-          Header field names or values that contain characters not permitted by HTTP/1.1, including
-          carriage return (ASCII 0xd) or line feed (ASCII 0xa) MUST NOT be translated verbatim by an
-          intermediary, as stipulated in .
-        
-        
-          Translation from HTTP/1.x to HTTP/2 does not produce the same opportunity to an attacker.
-          Intermediaries that perform translation to HTTP/2 MUST remove any instances of the obs-fold production from header field values.
-        
-      
    
-
-      
    
-        
-          Pushed responses do not have an explicit request from the client; the request
-          is provided by the server in the PUSH_PROMISE frame.
-        
-        
-          Caching responses that are pushed is possible based on the guidance provided by the origin
-          server in the Cache-Control header field.  However, this can cause issues if a single
-          server hosts more than one tenant.  For example, a server might offer multiple users each
-          a small portion of its URI space.
-        
-        
-          Where multiple tenants share space on the same server, that server MUST ensure that
-          tenants are not able to push representations of resources that they do not have authority
-          over.  Failure to enforce this would allow a tenant to provide a representation that would
-          be served out of cache, overriding the actual representation that the authoritative tenant
-          provides.
-        
-        
-          Pushed responses for which an origin server is not authoritative (see
-          ) are never cached or used.
-        
-      
    
-
-      
    
-        
-          An HTTP/2 connection can demand a greater commitment of resources to operate than a
-          HTTP/1.1 connection.  The use of header compression and flow control depend on a
-          commitment of resources for storing a greater amount of state.  Settings for these
-          features ensure that memory commitments for these features are strictly bounded.
-        
-        
-          The number of PUSH_PROMISE frames is not constrained in the same fashion.
-          A client that accepts server push SHOULD limit the number of streams it allows to be in
-          the "reserved (remote)" state.  Excessive number of server push streams can be treated as
-          a stream error of type
-          ENHANCE_YOUR_CALM.
-        
-        
-          Processing capacity cannot be guarded as effectively as state capacity.
-        
-        
-          The SETTINGS frame can be abused to cause a peer to expend additional
-          processing time. This might be done by pointlessly changing SETTINGS parameters, setting
-          multiple undefined parameters, or changing the same setting multiple times in the same
-          frame.  WINDOW_UPDATE or PRIORITY frames can be abused to
-          cause an unnecessary waste of resources.
-        
-        
-          Large numbers of small or empty frames can be abused to cause a peer to expend time
-          processing frame headers.  Note however that some uses are entirely legitimate, such as
-          the sending of an empty DATA frame to end a stream.
-        
-        
-          Header compression also offers some opportunities to waste processing resources; see  for more details on potential abuses.
-        
-        
-          Limits in SETTINGS parameters cannot be reduced instantaneously, which
-          leaves an endpoint exposed to behavior from a peer that could exceed the new limits. In
-          particular, immediately after establishing a connection, limits set by a server are not
-          known to clients and could be exceeded without being an obvious protocol violation.
-        
-        
-          All these features - i.e., SETTINGS changes, small frames, header
-          compression - have legitimate uses.  These features become a burden only when they are
-          used unnecessarily or to excess.
-        
-        
-          An endpoint that doesn't monitor this behavior exposes itself to a risk of denial of
-          service attack.  Implementations SHOULD track the use of these features and set limits on
-          their use.  An endpoint MAY treat activity that is suspicious as a connection error of type
-          ENHANCE_YOUR_CALM.
-        
-
-        
    
-          
-            A large header block can cause an implementation to
-            commit a large amount of state.  Header fields that are critical for routing can appear
-            toward the end of a header block, which prevents streaming of header fields to their
-            ultimate destination. For this an other reasons, such as ensuring cache correctness,
-            means that an endpoint might need to buffer the entire header block.  Since there is no
-            hard limit to the size of a header block, some endpoints could be forced commit a large
-            amount of available memory for header fields.
-          
-          
-            An endpoint can use the SETTINGS_MAX_HEADER_LIST_SIZE to advise peers of
-            limits that might apply on the size of header blocks.  This setting is only advisory, so
-            endpoints MAY choose to send header blocks that exceed this limit and risk having the
-            request or response being treated as malformed.  This setting specific to a connection,
-            so any request or response could encounter a hop with a lower, unknown limit.  An
-            intermediary can attempt to avoid this problem by passing on values presented by
-            different peers, but they are not obligated to do so.
-          
-          
-            A server that receives a larger header block than it is willing to handle can send an
-            HTTP 431 (Request Header Fields Too Large) status code .  A
-            client can discard responses that it cannot process.  The header block MUST be processed
-            to ensure a consistent connection state, unless the connection is closed.
-          
-        
    
-      
    
-
-      
    
-        
-          HTTP/2 enables greater use of compression for both header fields () and entity bodies.  Compression can allow an attacker to recover
-          secret data when it is compressed in the same context as data under attacker control.
-        
-        
-          There are demonstrable attacks on compression that exploit the characteristics of the web
-          (e.g., ).  The attacker induces multiple requests containing
-          varying plaintext, observing the length of the resulting ciphertext in each, which
-          reveals a shorter length when a guess about the secret is correct.
-        
-        
-          Implementations communicating on a secure channel MUST NOT compress content that includes
-          both confidential and attacker-controlled data unless separate compression dictionaries
-          are used for each source of data.  Compression MUST NOT be used if the source of data
-          cannot be reliably determined.  Generic stream compression, such as that provided by TLS
-          MUST NOT be used with HTTP/2 ().
-        
-        
-          Further considerations regarding the compression of header fields are described in .
-        
-      
    
-
-      
    
-        
-          Padding within HTTP/2 is not intended as a replacement for general purpose padding, such
-          as might be provided by TLS.  Redundant padding could even be
-          counterproductive.  Correct application can depend on having specific knowledge of the
-          data that is being padded.
-        
-        
-          To mitigate attacks that rely on compression, disabling or limiting compression might be
-          preferable to padding as a countermeasure.
-        
-        
-          Padding can be used to obscure the exact size of frame content, and is provided to
-          mitigate specific attacks within HTTP.  For example, attacks where compressed content
-          includes both attacker-controlled plaintext and secret data (see for example, ).
-        
-        
-          Use of padding can result in less protection than might seem immediately obvious.  At
-          best, padding only makes it more difficult for an attacker to infer length information by
-          increasing the number of frames an attacker has to observe.  Incorrectly implemented
-          padding schemes can be easily defeated.  In particular, randomized padding with a
-          predictable distribution provides very little protection; similarly, padding payloads to a
-          fixed size exposes information as payload sizes cross the fixed size boundary, which could
-          be possible if an attacker can control plaintext.
-        
-        
-          Intermediaries SHOULD retain padding for DATA frames, but MAY drop padding
-          for HEADERS and PUSH_PROMISE frames.  A valid reason for an
-          intermediary to change the amount of padding of frames is to improve the protections that
-          padding provides.
-        
-      
    
-
-      
    
-        
-          Several characteristics of HTTP/2 provide an observer an opportunity to correlate actions
-          of a single client or server over time.  This includes the value of settings, the manner
-          in which flow control windows are managed, the way priorities are allocated to streams,
-          timing of reactions to stimulus, and handling of any optional features.
-        
-        
-          As far as this creates observable differences in behavior, they could be used as a basis
-          for fingerprinting a specific client, as defined in .
-        
-      
    
-    
    
-
-    
    
-      
-        A string for identifying HTTP/2 is entered into the "Application Layer Protocol Negotiation
-        (ALPN) Protocol IDs" registry established in .
-      
-      
-        This document establishes a registry for frame types, settings, and error codes.  These new
-        registries are entered into a new "Hypertext Transfer Protocol (HTTP) 2 Parameters" section.
-      
-      
-        This document registers the HTTP2-Settings header field for
-        use in HTTP; and the 421 (Misdirected Request) status code.
-      
-      
-        This document registers the PRI method for use in HTTP, to avoid
-        collisions with the connection preface.
-      
-
-      
    
-        
-          This document creates two registrations for the identification of HTTP/2 in the
-          "Application Layer Protocol Negotiation (ALPN) Protocol IDs" registry established in .
-        
-        
-          The "h2" string identifies HTTP/2 when used over TLS:
-          
-            HTTP/2 over TLS
-            0x68 0x32 ("h2")
-            This document
-          
-        
-        
-          The "h2c" string identifies HTTP/2 when used over cleartext TCP:
-          
-            HTTP/2 over TCP
-            0x68 0x32 0x63 ("h2c")
-            This document
-          
-        
-      
    
-
-      
    
-        
-          This document establishes a registry for HTTP/2 frame type codes.  The "HTTP/2 Frame
-          Type" registry manages an 8-bit space.  The "HTTP/2 Frame Type" registry operates under
-          either of the "IETF Review" or "IESG Approval" policies for
-          values between 0x00 and 0xef, with values between 0xf0 and 0xff being reserved for
-          experimental use.
-        
-        
-          New entries in this registry require the following information:
-          
-            
-              A name or label for the frame type.
-            
-            
-              The 8-bit code assigned to the frame type.
-            
-            
-              A reference to a specification that includes a description of the frame layout,
-              it's semantics and flags that the frame type uses, including any parts of the frame
-              that are conditionally present based on the value of flags.
-            
-          
-        
-        
-          The entries in the following table are registered by this document.
-        
-        
-          Frame Type
-          Code
-          Section
-          DATA0x0
-          HEADERS0x1
-          PRIORITY0x2
-          RST_STREAM0x3
-          SETTINGS0x4
-          PUSH_PROMISE0x5
-          PING0x6
-          GOAWAY0x7
-          WINDOW_UPDATE0x8
-          CONTINUATION0x9
-        
-      
    
-
-      
    
-        
-          This document establishes a registry for HTTP/2 settings.  The "HTTP/2 Settings" registry
-          manages a 16-bit space.  The "HTTP/2 Settings" registry operates under the "Expert Review" policy for values in the range from 0x0000 to
-          0xefff, with values between and 0xf000 and 0xffff being reserved for experimental use.
-        
-        
-          New registrations are advised to provide the following information:
-          
-            
-              A symbolic name for the setting.  Specifying a setting name is optional.
-            
-            
-              The 16-bit code assigned to the setting.
-            
-            
-              An initial value for the setting.
-            
-            
-              An optional reference to a specification that describes the use of the setting.
-            
-          
-        
-        
-          An initial set of setting registrations can be found in .
-        
-        
-          Name
-          Code
-          Initial Value
-          Specification
-          HEADER_TABLE_SIZE
-          0x14096
-          ENABLE_PUSH
-          0x21
-          MAX_CONCURRENT_STREAMS
-          0x3(infinite)
-          INITIAL_WINDOW_SIZE
-          0x465535
-          MAX_FRAME_SIZE
-          0x516384
-          MAX_HEADER_LIST_SIZE
-          0x6(infinite)
-        
-
-      
    
-
-      
    
-        
-          This document establishes a registry for HTTP/2 error codes.  The "HTTP/2 Error Code"
-          registry manages a 32-bit space.  The "HTTP/2 Error Code" registry operates under the
-          "Expert Review" policy.
-        
-        
-          Registrations for error codes are required to include a description of the error code.  An
-          expert reviewer is advised to examine new registrations for possible duplication with
-          existing error codes.  Use of existing registrations is to be encouraged, but not
-          mandated.
-        
-        
-          New registrations are advised to provide the following information:
-          
-            
-              A name for the error code.  Specifying an error code name is optional.
-            
-            
-              The 32-bit error code value.
-            
-            
-              A brief description of the error code semantics, longer if no detailed specification
-              is provided.
-            
-            
-              An optional reference for a specification that defines the error code.
-            
-          
-        
-        
-          The entries in the following table are registered by this document.
-        
-        
-          Name
-          Code
-          Description
-          Specification
-          NO_ERROR0x0
-          Graceful shutdown
-          
-          PROTOCOL_ERROR0x1
-          Protocol error detected
-          
-          INTERNAL_ERROR0x2
-          Implementation fault
-          
-          FLOW_CONTROL_ERROR0x3
-          Flow control limits exceeded
-          
-          SETTINGS_TIMEOUT0x4
-          Settings not acknowledged
-          
-          STREAM_CLOSED0x5
-          Frame received for closed stream
-          
-          FRAME_SIZE_ERROR0x6
-          Frame size incorrect
-          
-          REFUSED_STREAM0x7
-          Stream not processed
-          
-          CANCEL0x8
-          Stream cancelled
-          
-          COMPRESSION_ERROR0x9
-          Compression state not updated
-          
-          CONNECT_ERROR0xa
-          TCP connection error for CONNECT method
-          
-          ENHANCE_YOUR_CALM0xb
-          Processing capacity exceeded
-          
-          INADEQUATE_SECURITY0xc
-          Negotiated TLS parameters not acceptable
-          
-        
-
-      
    
-
-      
    
-        
-          This section registers the HTTP2-Settings header field in the
-          Permanent Message Header Field Registry.
-          
-            
-              HTTP2-Settings
-            
-            
-              http
-            
-            
-              standard
-            
-            
-              IETF
-            
-            
-               of this document
-            
-            
-              This header field is only used by an HTTP/2 client for Upgrade-based negotiation.
-            
-          
-        
-      
    
-
-      
    
-        
-          This section registers the PRI method in the HTTP Method
-          Registry ().
-          
-            
-              PRI
-            
-            
-              No
-            
-            
-              No
-            
-            
-               of this document
-            
-            
-              This method is never used by an actual client. This method will appear to be used
-              when an HTTP/1.1 server or intermediary attempts to parse an HTTP/2 connection
-              preface.
-            
-          
-        
-      
    
-
-      
    
-        
-          This document registers the 421 (Misdirected Request) HTTP Status code in the Hypertext
-          Transfer Protocol (HTTP) Status Code Registry ().
-        
-        
-          
-            
-              421
-            
-            
-              Misdirected Request
-            
-            
-               of this document
-            
-          
-        
-      
    
-
-    
    
-
-    
    
-      
-        This document includes substantial input from the following individuals:
-        
-          
-            Adam Langley, Wan-Teh Chang, Jim Morrison, Mark Nottingham, Alyssa Wilk, Costin
-            Manolache, William Chan, Vitaliy Lvin, Joe Chan, Adam Barth, Ryan Hamilton, Gavin
-            Peters, Kent Alstad, Kevin Lindsay, Paul Amer, Fan Yang, Jonathan Leighton (SPDY
-            contributors).
-          
-          
-            Gabriel Montenegro and Willy Tarreau (Upgrade mechanism).
-          
-          
-            William Chan, Salvatore Loreto, Osama Mazahir, Gabriel Montenegro, Jitu Padhye, Roberto
-            Peon, Rob Trace (Flow control).
-          
-          
-            Mike Bishop (Extensibility).
-          
-          
-            Mark Nottingham, Julian Reschke, James Snell, Jeff Pinner, Mike Bishop, Herve Ruellan
-            (Substantial editorial contributions).
-          
-          
-            Kari Hurtta, Tatsuhiro Tsujikawa, Greg Wilkins, Poul-Henning Kamp.
-          
-          
-            Alexey Melnikov was an editor of this document during 2013.
-          
-          
-            A substantial proportion of Martin's contribution was supported by Microsoft during his
-            employment there.
-          
-        
-      
-    
    
-      
-
-  
-    
-      
-        
-          HPACK - Header Compression for HTTP/2
-          
-          
-          
-        
-        
-        
-      
-
-      
-        
-          
-            Transmission Control Protocol
-          
-          
-            University of Southern California (USC)/Information Sciences
-            Institute
-          
-          
-        
-        
-        
-      
-
-      
-        
-          
-            Key words for use in RFCs to Indicate Requirement Levels
-          
-          
-            Harvard University
-            
    sob@harvard.edu
    
-              
-          
-            
-        
-        
-          
-
-     
-        
-          
-            HTTP Over TLS
-          
-          
-          
-        
-        
-      
-
-      
-        
-          Uniform Resource Identifier (URI): Generic
-          Syntax
-          
-          
-          
-          
-        
-        
-        
-      
-
-      
-        
-          The Base16, Base32, and Base64 Data Encodings
-          
-          
-        
-        
-      
-
-      
-        
-          Guidelines for Writing an IANA Considerations Section in RFCs
-          
-          
-          
-        
-        
-        
-      
-
-      
-        
-          Augmented BNF for Syntax Specifications: ABNF
-          
-          
-          
-        
-        
-        
-      
-
-      
-        
-          The Transport Layer Security (TLS) Protocol Version 1.2
-          
-          
-          
-        
-        
-      
-
-      
-        
-          
-            Transport Layer Security (TLS) Extensions: Extension Definitions
-          
-          
-          
-        
-        
-      
-
-      
-        
-          Transport Layer Security (TLS) Application-Layer Protocol Negotiation Extension
-          
-          
-          
-          
-          
-        
-        
-      
-
-      
-        
-          
-            TLS Elliptic Curve Cipher Suites with SHA-256/384 and AES Galois
-            Counter Mode (GCM)
-          
-          
-          
-        
-        
-      
-
-      
-        
-          
-            Digital Signature Standard (DSS)
-          
-          NIST
-          
-        
-        
-      
-
-      
-        
-          
-          Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing
-          
-            Adobe Systems Incorporated
-            
    fielding@gbiv.com
    
-              
-          
-            greenbytes GmbH
-            
    julian.reschke@greenbytes.de
    
-              
-          
-            
-        
-        
-          
-      
-        
-          
-          Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content
-          
-            Adobe Systems Incorporated
-            
    fielding@gbiv.com
    
-              
-          
-            greenbytes GmbH
-            
    julian.reschke@greenbytes.de
    
-              
-          
-            
-        
-        
-          
-      
-        
-          Hypertext Transfer Protocol (HTTP/1.1): Conditional Requests
-          
-            Adobe Systems Incorporated
-            
    fielding@gbiv.com
    
-              
-          
-            greenbytes GmbH
-            
    julian.reschke@greenbytes.de
    
-              
-          
-            
-        
-          
-      
-        
-          Hypertext Transfer Protocol (HTTP/1.1): Range Requests
-          
-            Adobe Systems Incorporated
-            
    fielding@gbiv.com
    
-              
-          
-            World Wide Web Consortium
-            
    ylafon@w3.org
    
-              
-          
-            greenbytes GmbH
-            
    julian.reschke@greenbytes.de
    
-              
-          
-            
-        
-          
-      
-        
-          Hypertext Transfer Protocol (HTTP/1.1): Caching
-          
-            Adobe Systems Incorporated
-            
    fielding@gbiv.com
    
-              
-          
-            Akamai
-            
    mnot@mnot.net
    
-              
-          
-            greenbytes GmbH
-            
    julian.reschke@greenbytes.de
    
-              
-          
-            
-        
-        
-          
-      
-        
-          Hypertext Transfer Protocol (HTTP/1.1): Authentication
-          
-            Adobe Systems Incorporated
-            
    fielding@gbiv.com
    
-              
-          
-            greenbytes GmbH
-            
    julian.reschke@greenbytes.de
    
-              
-          
-            
-        
-        
-          
-
-      
-        
-          HTTP State Management Mechanism
-          
-          
-        
-        
-      
-        
-
-    
-      
-        
-          
-            TCP Extensions for High Performance
-          
-          
-          
-          
-          
-        
-        
-      
-
-      
-        
-          Transport Layer Security Protocol Compression Methods
-          
-          
-        
-        
-      
-
-      
-        
-          Additional HTTP Status Codes
-          
-          
-          
-        
-        
-      
-
-      
-        
-          
-            Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS)
-          
-          
-          
-          
-          
-          
-          
-        
-        
-      
-
-      
-        
-          
-            AES Galois Counter Mode (GCM) Cipher Suites for TLS
-          
-          
-          
-          
-          
-        
-        
-      
-
-      
-        
-          HTML5
-          
-          
-          
-          
-          
-          
-          
-        
-        
-        
-          Latest version available at
-          .
-        
-      
-
-      
-        
-          
-            Talking to Yourself for Fun and Profit
-          
-          
-          
-          
-          
-          
-          
-        
-      
-
-      
-        
-          
-            BREACH: Reviving the CRIME Attack
-          
-          
-          
-          
-          
-        
-      
-
-      
-        
-          Registration Procedures for Message Header Fields
-          
-            Nine by Nine
-            
    GK-IETF@ninebynine.org
    
-              
-          
-            BEA Systems
-            
    mnot@pobox.com
    
-              
-          
-            HP Labs
-            
    JeffMogul@acm.org
    
-              
-          
-            
-        
-        
-          
-
-      
-        
-          Recommendations for Secure Use of TLS and DTLS
-          
-            
-          
-          
-            
-          
-          
-            
-          
-          
-        
-        
-      
-
-      
-        
-          
-            HTTP Alternative Services
-          
-          
-            Akamai
-          
-          
-            Mozilla
-          
-          
-            greenbytes
-          
-          
-        
-        
-        
-      
-        
-
-    
    
-      
-        This section is to be removed by RFC Editor before publication.
-      
-
-      
    
-        
-          Renamed Not Authoritative status code to Misdirected Request.
-        
-      
    
-
-      
    
-        
-          Pseudo-header fields are now required to appear strictly before regular ones.
-        
-        
-          Restored 1xx series status codes, except 101.
-        
-        
-          Changed frame length field 24-bits.  Expanded frame header to 9 octets.  Added a setting
-          to limit the damage.
-        
-        
-          Added a setting to advise peers of header set size limits.
-        
-        
-          Removed segments.
-        
-        
-          Made non-semantic-bearing HEADERS frames illegal in the HTTP mapping.
-        
-      
    
-
-       
    
-         
-           Restored extensibility options.
-         
-         
-           Restricting TLS cipher suites to AEAD only.
-         
-         
-           Removing Content-Encoding requirements.
-         
-         
-           Permitting the use of PRIORITY after stream close.
-         
-         
-           Removed ALTSVC frame.
-         
-         
-           Removed BLOCKED frame.
-         
-         
-           Reducing the maximum padding size to 256 octets; removing padding from
-           CONTINUATION frames.
-         
-         
-           Removed per-frame GZIP compression.
-         
-       
    
-
-       
    
-         
-           Added BLOCKED frame (at risk).
-         
-         
-           Simplified priority scheme.
-         
-         
-           Added DATA per-frame GZIP compression.
-         
-       
    
-
-       
    
-        
-          Changed "connection header" to "connection preface" to avoid confusion.
-        
-        
-          Added dependency-based stream prioritization.
-        
-        
-          Added "h2c" identifier to distinguish between cleartext and secured HTTP/2.
-        
-        
-          Adding missing padding to PUSH_PROMISE.
-        
-        
-          Integrate ALTSVC frame and supporting text.
-        
-        
-          Dropping requirement on "deflate" Content-Encoding.
-        
-        
-          Improving security considerations around use of compression.
-        
-      
    
-
-      
    
-        
-          Adding padding for data frames.
-        
-        
-          Renumbering frame types, error codes, and settings.
-        
-        
-          Adding INADEQUATE_SECURITY error code.
-        
-        
-          Updating TLS usage requirements to 1.2; forbidding TLS compression.
-        
-        
-          Removing extensibility for frames and settings.
-        
-        
-          Changing setting identifier size.
-        
-        
-          Removing the ability to disable flow control.
-        
-        
-          Changing the protocol identification token to "h2".
-        
-        
-          Changing the use of :authority to make it optional and to allow userinfo in non-HTTP
-          cases.
-        
-        
-          Allowing split on 0x0 for Cookie.
-        
-        
-          Reserved PRI method in HTTP/1.1 to avoid possible future collisions.
-        
-      
    
-
-      
    
-        
-          Added cookie crumbling for more efficient header compression.
-        
-        
-          Added header field ordering with the value-concatenation mechanism.
-        
-      
    
-
-      
    
-        
-          Marked draft for implementation.
-        
-      
    
-
-      
    
-        
-          Adding definition for CONNECT method.
-        
-        
-          Constraining the use of push to safe, cacheable methods with no request body.
-        
-        
-          Changing from :host to :authority to remove any potential confusion.
-        
-        
-          Adding setting for header compression table size.
-        
-        
-          Adding settings acknowledgement.
-        
-        
-          Removing unnecessary and potentially problematic flags from CONTINUATION.
-        
-        
-          Added denial of service considerations.
-        
-      
    
-      
    
-        
-          Marking the draft ready for implementation.
-        
-        
-          Renumbering END_PUSH_PROMISE flag.
-        
-        
-          Editorial clarifications and changes.
-        
-      
    
-
-      
    
-        
-          Added CONTINUATION frame for HEADERS and PUSH_PROMISE.
-        
-        
-          PUSH_PROMISE is no longer implicitly prohibited if SETTINGS_MAX_CONCURRENT_STREAMS is
-          zero.
-        
-        
-          Push expanded to allow all safe methods without a request body.
-        
-        
-          Clarified the use of HTTP header fields in requests and responses.  Prohibited HTTP/1.1
-          hop-by-hop header fields.
-        
-        
-          Requiring that intermediaries not forward requests with missing or illegal routing
-          :-headers.
-        
-        
-          Clarified requirements around handling different frames after stream close, stream reset
-          and GOAWAY.
-        
-        
-          Added more specific prohibitions for sending of different frame types in various stream
-          states.
-        
-        
-          Making the last received setting value the effective value.
-        
-        
-          Clarified requirements on TLS version, extension and ciphers.
-        
-      
    
-
-      
    
-        
-          Committed major restructuring atrocities.
-        
-        
-          Added reference to first header compression draft.
-        
-        
-          Added more formal description of frame lifecycle.
-        
-        
-          Moved END_STREAM (renamed from FINAL) back to HEADERS/DATA.
-        
-        
-          Removed HEADERS+PRIORITY, added optional priority to HEADERS frame.
-        
-        
-          Added PRIORITY frame.
-        
-      
    
-
-      
    
-        
-          Added continuations to frames carrying header blocks.
-        
-        
-          Replaced use of "session" with "connection" to avoid confusion with other HTTP stateful
-          concepts, like cookies.
-        
-        
-          Removed "message".
-        
-        
-          Switched to TLS ALPN from NPN.
-        
-        
-          Editorial changes.
-        
-      
    
-
-      
    
-        
-          Added IANA considerations section for frame types, error codes and settings.
-        
-        
-          Removed data frame compression.
-        
-        
-          Added PUSH_PROMISE.
-        
-        
-          Added globally applicable flags to framing.
-        
-        
-          Removed zlib-based header compression mechanism.
-        
-        
-          Updated references.
-        
-        
-          Clarified stream identifier reuse.
-        
-        
-          Removed CREDENTIALS frame and associated mechanisms.
-        
-        
-          Added advice against naive implementation of flow control.
-        
-        
-          Added session header section.
-        
-        
-          Restructured frame header.  Removed distinction between data and control frames.
-        
-        
-          Altered flow control properties to include session-level limits.
-        
-        
-          Added note on cacheability of pushed resources and multiple tenant servers.
-        
-        
-          Changed protocol label form based on discussions.
-        
-      
    
-
-      
    
-        
-          Changed title throughout.
-        
-        
-          Removed section on Incompatibilities with SPDY draft#2.
-        
-        
-          Changed INTERNAL_ERROR on GOAWAY to have a value of 2 .
-        
-        
-          Replaced abstract and introduction.
-        
-        
-          Added section on starting HTTP/2.0, including upgrade mechanism.
-        
-        
-          Removed unused references.
-        
-        
-          Added flow control principles based on .
-        
-      
    
-
-      
    
-        
-          Adopted as base for draft-ietf-httpbis-http2.
-        
-        
-          Updated authors/editors list.
-        
-        
-          Added status note.
-        
-      
    
-    
    
-
-      
-    
-
diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go
deleted file mode 100644
index 7d558a4b..00000000
--- a/vendor/golang.org/x/net/http2/transport.go
+++ /dev/null
@@ -1,1666 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Transport code.
-
-package http2
-
-import (
-	"bufio"
-	"bytes"
-	"compress/gzip"
-	"crypto/tls"
-	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"log"
-	"net"
-	"net/http"
-	"sort"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-
-	"golang.org/x/net/http2/hpack"
-)
-
-const (
-	// transportDefaultConnFlow is how many connection-level flow control
-	// tokens we give the server at start-up, past the default 64k.
-	transportDefaultConnFlow = 1 << 30
-
-	// transportDefaultStreamFlow is how many stream-level flow
-	// control tokens we announce to the peer, and how many bytes
-	// we buffer per stream.
-	transportDefaultStreamFlow = 4 << 20
-
-	// transportDefaultStreamMinRefresh is the minimum number of bytes we'll send
-	// a stream-level WINDOW_UPDATE for at a time.
-	transportDefaultStreamMinRefresh = 4 << 10
-
-	defaultUserAgent = "Go-http-client/2.0"
-)
-
-// Transport is an HTTP/2 Transport.
-//
-// A Transport internally caches connections to servers. It is safe
-// for concurrent use by multiple goroutines.
-type Transport struct {
-	// DialTLS specifies an optional dial function for creating
-	// TLS connections for requests.
-	//
-	// If DialTLS is nil, tls.Dial is used.
-	//
-	// If the returned net.Conn has a ConnectionState method like tls.Conn,
-	// it will be used to set http.Response.TLS.
-	DialTLS func(network, addr string, cfg *tls.Config) (net.Conn, error)
-
-	// TLSClientConfig specifies the TLS configuration to use with
-	// tls.Client. If nil, the default configuration is used.
-	TLSClientConfig *tls.Config
-
-	// ConnPool optionally specifies an alternate connection pool to use.
-	// If nil, the default is used.
-	ConnPool ClientConnPool
-
-	// DisableCompression, if true, prevents the Transport from
-	// requesting compression with an "Accept-Encoding: gzip"
-	// request header when the Request contains no existing
-	// Accept-Encoding value. If the Transport requests gzip on
-	// its own and gets a gzipped response, it's transparently
-	// decoded in the Response.Body. However, if the user
-	// explicitly requested gzip it is not automatically
-	// uncompressed.
-	DisableCompression bool
-
-	// MaxHeaderListSize is the http2 SETTINGS_MAX_HEADER_LIST_SIZE to
-	// send in the initial settings frame. It is how many bytes
-	// of response headers are allow. Unlike the http2 spec, zero here
-	// means to use a default limit (currently 10MB). If you actually
-	// want to advertise an ulimited value to the peer, Transport
-	// interprets the highest possible value here (0xffffffff or 1<<32-1)
-	// to mean no limit.
-	MaxHeaderListSize uint32
-
-	// t1, if non-nil, is the standard library Transport using
-	// this transport. Its settings are used (but not its
-	// RoundTrip method, etc).
-	t1 *http.Transport
-
-	connPoolOnce  sync.Once
-	connPoolOrDef ClientConnPool // non-nil version of ConnPool
-}
-
-func (t *Transport) maxHeaderListSize() uint32 {
-	if t.MaxHeaderListSize == 0 {
-		return 10 << 20
-	}
-	if t.MaxHeaderListSize == 0xffffffff {
-		return 0
-	}
-	return t.MaxHeaderListSize
-}
-
-func (t *Transport) disableCompression() bool {
-	return t.DisableCompression || (t.t1 != nil && t.t1.DisableCompression)
-}
-
-var errTransportVersion = errors.New("http2: ConfigureTransport is only supported starting at Go 1.6")
-
-// ConfigureTransport configures a net/http HTTP/1 Transport to use HTTP/2.
-// It requires Go 1.6 or later and returns an error if the net/http package is too old
-// or if t1 has already been HTTP/2-enabled.
-func ConfigureTransport(t1 *http.Transport) error {
-	_, err := configureTransport(t1) // in configure_transport.go (go1.6) or not_go16.go
-	return err
-}
-
-func (t *Transport) connPool() ClientConnPool {
-	t.connPoolOnce.Do(t.initConnPool)
-	return t.connPoolOrDef
-}
-
-func (t *Transport) initConnPool() {
-	if t.ConnPool != nil {
-		t.connPoolOrDef = t.ConnPool
-	} else {
-		t.connPoolOrDef = &clientConnPool{t: t}
-	}
-}
-
-// ClientConn is the state of a single HTTP/2 client connection to an
-// HTTP/2 server.
-type ClientConn struct {
-	t        *Transport
-	tconn    net.Conn             // usually *tls.Conn, except specialized impls
-	tlsState *tls.ConnectionState // nil only for specialized impls
-
-	// readLoop goroutine fields:
-	readerDone chan struct{} // closed on error
-	readerErr  error         // set before readerDone is closed
-
-	mu           sync.Mutex // guards following
-	cond         *sync.Cond // hold mu; broadcast on flow/closed changes
-	flow         flow       // our conn-level flow control quota (cs.flow is per stream)
-	inflow       flow       // peer's conn-level flow control
-	closed       bool
-	goAway       *GoAwayFrame             // if non-nil, the GoAwayFrame we received
-	streams      map[uint32]*clientStream // client-initiated
-	nextStreamID uint32
-	bw           *bufio.Writer
-	br           *bufio.Reader
-	fr           *Framer
-	// Settings from peer:
-	maxFrameSize         uint32
-	maxConcurrentStreams uint32
-	initialWindowSize    uint32
-	hbuf                 bytes.Buffer // HPACK encoder writes into this
-	henc                 *hpack.Encoder
-	freeBuf              [][]byte
-
-	wmu  sync.Mutex // held while writing; acquire AFTER mu if holding both
-	werr error      // first write error that has occurred
-}
-
-// clientStream is the state for a single HTTP/2 stream. One of these
-// is created for each Transport.RoundTrip call.
-type clientStream struct {
-	cc            *ClientConn
-	req           *http.Request
-	ID            uint32
-	resc          chan resAndError
-	bufPipe       pipe // buffered pipe with the flow-controlled response payload
-	requestedGzip bool
-
-	flow        flow  // guarded by cc.mu
-	inflow      flow  // guarded by cc.mu
-	bytesRemain int64 // -1 means unknown; owned by transportResponseBody.Read
-	readErr     error // sticky read error; owned by transportResponseBody.Read
-	stopReqBody error // if non-nil, stop writing req body; guarded by cc.mu
-
-	peerReset chan struct{} // closed on peer reset
-	resetErr  error         // populated before peerReset is closed
-
-	done chan struct{} // closed when stream remove from cc.streams map; close calls guarded by cc.mu
-
-	// owned by clientConnReadLoop:
-	pastHeaders  bool // got first MetaHeadersFrame (actual headers)
-	pastTrailers bool // got optional second MetaHeadersFrame (trailers)
-
-	trailer    http.Header  // accumulated trailers
-	resTrailer *http.Header // client's Response.Trailer
-}
-
-// awaitRequestCancel runs in its own goroutine and waits for the user
-// to either cancel a RoundTrip request (using the provided
-// Request.Cancel channel), or for the request to be done (any way it
-// might be removed from the cc.streams map: peer reset, successful
-// completion, TCP connection breakage, etc)
-func (cs *clientStream) awaitRequestCancel(cancel <-chan struct{}) {
-	if cancel == nil {
-		return
-	}
-	select {
-	case <-cancel:
-		cs.bufPipe.CloseWithError(errRequestCanceled)
-		cs.cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-	case <-cs.done:
-	}
-}
-
-// checkReset reports any error sent in a RST_STREAM frame by the
-// server.
-func (cs *clientStream) checkReset() error {
-	select {
-	case <-cs.peerReset:
-		return cs.resetErr
-	default:
-		return nil
-	}
-}
-
-func (cs *clientStream) abortRequestBodyWrite(err error) {
-	if err == nil {
-		panic("nil error")
-	}
-	cc := cs.cc
-	cc.mu.Lock()
-	cs.stopReqBody = err
-	cc.cond.Broadcast()
-	cc.mu.Unlock()
-}
-
-type stickyErrWriter struct {
-	w   io.Writer
-	err *error
-}
-
-func (sew stickyErrWriter) Write(p []byte) (n int, err error) {
-	if *sew.err != nil {
-		return 0, *sew.err
-	}
-	n, err = sew.w.Write(p)
-	*sew.err = err
-	return
-}
-
-var ErrNoCachedConn = errors.New("http2: no cached connection was available")
-
-// RoundTripOpt are options for the Transport.RoundTripOpt method.
-type RoundTripOpt struct {
-	// OnlyCachedConn controls whether RoundTripOpt may
-	// create a new TCP connection. If set true and
-	// no cached connection is available, RoundTripOpt
-	// will return ErrNoCachedConn.
-	OnlyCachedConn bool
-}
-
-func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) {
-	return t.RoundTripOpt(req, RoundTripOpt{})
-}
-
-// authorityAddr returns a given authority (a host/IP, or host:port / ip:port)
-// and returns a host:port. The port 443 is added if needed.
-func authorityAddr(authority string) (addr string) {
-	if _, _, err := net.SplitHostPort(authority); err == nil {
-		return authority
-	}
-	return net.JoinHostPort(authority, "443")
-}
-
-// RoundTripOpt is like RoundTrip, but takes options.
-func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Response, error) {
-	if req.URL.Scheme != "https" {
-		return nil, errors.New("http2: unsupported scheme")
-	}
-
-	addr := authorityAddr(req.URL.Host)
-	for {
-		cc, err := t.connPool().GetClientConn(req, addr)
-		if err != nil {
-			t.vlogf("http2: Transport failed to get client conn for %s: %v", addr, err)
-			return nil, err
-		}
-		res, err := cc.RoundTrip(req)
-		if shouldRetryRequest(req, err) {
-			continue
-		}
-		if err != nil {
-			t.vlogf("RoundTrip failure: %v", err)
-			return nil, err
-		}
-		return res, nil
-	}
-}
-
-// CloseIdleConnections closes any connections which were previously
-// connected from previous requests but are now sitting idle.
-// It does not interrupt any connections currently in use.
-func (t *Transport) CloseIdleConnections() {
-	if cp, ok := t.connPool().(*clientConnPool); ok {
-		cp.closeIdleConnections()
-	}
-}
-
-var (
-	errClientConnClosed   = errors.New("http2: client conn is closed")
-	errClientConnUnusable = errors.New("http2: client conn not usable")
-)
-
-func shouldRetryRequest(req *http.Request, err error) bool {
-	// TODO: retry GET requests (no bodies) more aggressively, if shutdown
-	// before response.
-	return err == errClientConnUnusable
-}
-
-func (t *Transport) dialClientConn(addr string) (*ClientConn, error) {
-	host, _, err := net.SplitHostPort(addr)
-	if err != nil {
-		return nil, err
-	}
-	tconn, err := t.dialTLS()("tcp", addr, t.newTLSConfig(host))
-	if err != nil {
-		return nil, err
-	}
-	return t.NewClientConn(tconn)
-}
-
-func (t *Transport) newTLSConfig(host string) *tls.Config {
-	cfg := new(tls.Config)
-	if t.TLSClientConfig != nil {
-		*cfg = *t.TLSClientConfig
-	}
-	if !strSliceContains(cfg.NextProtos, NextProtoTLS) {
-		cfg.NextProtos = append([]string{NextProtoTLS}, cfg.NextProtos...)
-	}
-	if cfg.ServerName == "" {
-		cfg.ServerName = host
-	}
-	return cfg
-}
-
-func (t *Transport) dialTLS() func(string, string, *tls.Config) (net.Conn, error) {
-	if t.DialTLS != nil {
-		return t.DialTLS
-	}
-	return t.dialTLSDefault
-}
-
-func (t *Transport) dialTLSDefault(network, addr string, cfg *tls.Config) (net.Conn, error) {
-	cn, err := tls.Dial(network, addr, cfg)
-	if err != nil {
-		return nil, err
-	}
-	if err := cn.Handshake(); err != nil {
-		return nil, err
-	}
-	if !cfg.InsecureSkipVerify {
-		if err := cn.VerifyHostname(cfg.ServerName); err != nil {
-			return nil, err
-		}
-	}
-	state := cn.ConnectionState()
-	if p := state.NegotiatedProtocol; p != NextProtoTLS {
-		return nil, fmt.Errorf("http2: unexpected ALPN protocol %q; want %q", p, NextProtoTLS)
-	}
-	if !state.NegotiatedProtocolIsMutual {
-		return nil, errors.New("http2: could not negotiate protocol mutually")
-	}
-	return cn, nil
-}
-
-// disableKeepAlives reports whether connections should be closed as
-// soon as possible after handling the first request.
-func (t *Transport) disableKeepAlives() bool {
-	return t.t1 != nil && t.t1.DisableKeepAlives
-}
-
-func (t *Transport) NewClientConn(c net.Conn) (*ClientConn, error) {
-	if VerboseLogs {
-		t.vlogf("http2: Transport creating client conn to %v", c.RemoteAddr())
-	}
-	if _, err := c.Write(clientPreface); err != nil {
-		t.vlogf("client preface write error: %v", err)
-		return nil, err
-	}
-
-	cc := &ClientConn{
-		t:                    t,
-		tconn:                c,
-		readerDone:           make(chan struct{}),
-		nextStreamID:         1,
-		maxFrameSize:         16 << 10, // spec default
-		initialWindowSize:    65535,    // spec default
-		maxConcurrentStreams: 1000,     // "infinite", per spec. 1000 seems good enough.
-		streams:              make(map[uint32]*clientStream),
-	}
-	cc.cond = sync.NewCond(&cc.mu)
-	cc.flow.add(int32(initialWindowSize))
-
-	// TODO: adjust this writer size to account for frame size +
-	// MTU + crypto/tls record padding.
-	cc.bw = bufio.NewWriter(stickyErrWriter{c, &cc.werr})
-	cc.br = bufio.NewReader(c)
-	cc.fr = NewFramer(cc.bw, cc.br)
-	cc.fr.ReadMetaHeaders = hpack.NewDecoder(initialHeaderTableSize, nil)
-	cc.fr.MaxHeaderListSize = t.maxHeaderListSize()
-
-	// TODO: SetMaxDynamicTableSize, SetMaxDynamicTableSizeLimit on
-	// henc in response to SETTINGS frames?
-	cc.henc = hpack.NewEncoder(&cc.hbuf)
-
-	if cs, ok := c.(connectionStater); ok {
-		state := cs.ConnectionState()
-		cc.tlsState = &state
-	}
-
-	initialSettings := []Setting{
-		{ID: SettingEnablePush, Val: 0},
-		{ID: SettingInitialWindowSize, Val: transportDefaultStreamFlow},
-	}
-	if max := t.maxHeaderListSize(); max != 0 {
-		initialSettings = append(initialSettings, Setting{ID: SettingMaxHeaderListSize, Val: max})
-	}
-	cc.fr.WriteSettings(initialSettings...)
-	cc.fr.WriteWindowUpdate(0, transportDefaultConnFlow)
-	cc.inflow.add(transportDefaultConnFlow + initialWindowSize)
-	cc.bw.Flush()
-	if cc.werr != nil {
-		return nil, cc.werr
-	}
-
-	// Read the obligatory SETTINGS frame
-	f, err := cc.fr.ReadFrame()
-	if err != nil {
-		return nil, err
-	}
-	sf, ok := f.(*SettingsFrame)
-	if !ok {
-		return nil, fmt.Errorf("expected settings frame, got: %T", f)
-	}
-	cc.fr.WriteSettingsAck()
-	cc.bw.Flush()
-
-	sf.ForeachSetting(func(s Setting) error {
-		switch s.ID {
-		case SettingMaxFrameSize:
-			cc.maxFrameSize = s.Val
-		case SettingMaxConcurrentStreams:
-			cc.maxConcurrentStreams = s.Val
-		case SettingInitialWindowSize:
-			cc.initialWindowSize = s.Val
-		default:
-			// TODO(bradfitz): handle more; at least SETTINGS_HEADER_TABLE_SIZE?
-			t.vlogf("Unhandled Setting: %v", s)
-		}
-		return nil
-	})
-
-	go cc.readLoop()
-	return cc, nil
-}
-
-func (cc *ClientConn) setGoAway(f *GoAwayFrame) {
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	cc.goAway = f
-}
-
-func (cc *ClientConn) CanTakeNewRequest() bool {
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	return cc.canTakeNewRequestLocked()
-}
-
-func (cc *ClientConn) canTakeNewRequestLocked() bool {
-	return cc.goAway == nil && !cc.closed &&
-		int64(len(cc.streams)+1) < int64(cc.maxConcurrentStreams) &&
-		cc.nextStreamID < 2147483647
-}
-
-func (cc *ClientConn) closeIfIdle() {
-	cc.mu.Lock()
-	if len(cc.streams) > 0 {
-		cc.mu.Unlock()
-		return
-	}
-	cc.closed = true
-	// TODO: do clients send GOAWAY too? maybe? Just Close:
-	cc.mu.Unlock()
-
-	cc.tconn.Close()
-}
-
-const maxAllocFrameSize = 512 << 10
-
-// frameBuffer returns a scratch buffer suitable for writing DATA frames.
-// They're capped at the min of the peer's max frame size or 512KB
-// (kinda arbitrarily), but definitely capped so we don't allocate 4GB
-// bufers.
-func (cc *ClientConn) frameScratchBuffer() []byte {
-	cc.mu.Lock()
-	size := cc.maxFrameSize
-	if size > maxAllocFrameSize {
-		size = maxAllocFrameSize
-	}
-	for i, buf := range cc.freeBuf {
-		if len(buf) >= int(size) {
-			cc.freeBuf[i] = nil
-			cc.mu.Unlock()
-			return buf[:size]
-		}
-	}
-	cc.mu.Unlock()
-	return make([]byte, size)
-}
-
-func (cc *ClientConn) putFrameScratchBuffer(buf []byte) {
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	const maxBufs = 4 // arbitrary; 4 concurrent requests per conn? investigate.
-	if len(cc.freeBuf) < maxBufs {
-		cc.freeBuf = append(cc.freeBuf, buf)
-		return
-	}
-	for i, old := range cc.freeBuf {
-		if old == nil {
-			cc.freeBuf[i] = buf
-			return
-		}
-	}
-	// forget about it.
-}
-
-// errRequestCanceled is a copy of net/http's errRequestCanceled because it's not
-// exported. At least they'll be DeepEqual for h1-vs-h2 comparisons tests.
-var errRequestCanceled = errors.New("net/http: request canceled")
-
-func commaSeparatedTrailers(req *http.Request) (string, error) {
-	keys := make([]string, 0, len(req.Trailer))
-	for k := range req.Trailer {
-		k = http.CanonicalHeaderKey(k)
-		switch k {
-		case "Transfer-Encoding", "Trailer", "Content-Length":
-			return "", &badStringError{"invalid Trailer key", k}
-		}
-		keys = append(keys, k)
-	}
-	if len(keys) > 0 {
-		sort.Strings(keys)
-		// TODO: could do better allocation-wise here, but trailers are rare,
-		// so being lazy for now.
-		return strings.Join(keys, ","), nil
-	}
-	return "", nil
-}
-
-func (cc *ClientConn) responseHeaderTimeout() time.Duration {
-	if cc.t.t1 != nil {
-		return cc.t.t1.ResponseHeaderTimeout
-	}
-	// No way to do this (yet?) with just an http2.Transport. Probably
-	// no need. Request.Cancel this is the new way. We only need to support
-	// this for compatibility with the old http.Transport fields when
-	// we're doing transparent http2.
-	return 0
-}
-
-// checkConnHeaders checks whether req has any invalid connection-level headers.
-// per RFC 7540 section 8.1.2.2: Connection-Specific Header Fields.
-// Certain headers are special-cased as okay but not transmitted later.
-func checkConnHeaders(req *http.Request) error {
-	if v := req.Header.Get("Upgrade"); v != "" {
-		return errors.New("http2: invalid Upgrade request header")
-	}
-	if v := req.Header.Get("Transfer-Encoding"); (v != "" && v != "chunked") || len(req.Header["Transfer-Encoding"]) > 1 {
-		return errors.New("http2: invalid Transfer-Encoding request header")
-	}
-	if v := req.Header.Get("Connection"); (v != "" && v != "close" && v != "keep-alive") || len(req.Header["Connection"]) > 1 {
-		return errors.New("http2: invalid Connection request header")
-	}
-	return nil
-}
-
-func (cc *ClientConn) RoundTrip(req *http.Request) (*http.Response, error) {
-	if err := checkConnHeaders(req); err != nil {
-		return nil, err
-	}
-
-	trailers, err := commaSeparatedTrailers(req)
-	if err != nil {
-		return nil, err
-	}
-	hasTrailers := trailers != ""
-
-	var body io.Reader = req.Body
-	contentLen := req.ContentLength
-	if req.Body != nil && contentLen == 0 {
-		// Test to see if it's actually zero or just unset.
-		var buf [1]byte
-		n, rerr := io.ReadFull(body, buf[:])
-		if rerr != nil && rerr != io.EOF {
-			contentLen = -1
-			body = errorReader{rerr}
-		} else if n == 1 {
-			// Oh, guess there is data in this Body Reader after all.
-			// The ContentLength field just wasn't set.
-			// Stich the Body back together again, re-attaching our
-			// consumed byte.
-			contentLen = -1
-			body = io.MultiReader(bytes.NewReader(buf[:]), body)
-		} else {
-			// Body is actually empty.
-			body = nil
-		}
-	}
-
-	cc.mu.Lock()
-	if cc.closed || !cc.canTakeNewRequestLocked() {
-		cc.mu.Unlock()
-		return nil, errClientConnUnusable
-	}
-
-	cs := cc.newStream()
-	cs.req = req
-	hasBody := body != nil
-
-	// TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere?
-	if !cc.t.disableCompression() &&
-		req.Header.Get("Accept-Encoding") == "" &&
-		req.Header.Get("Range") == "" &&
-		req.Method != "HEAD" {
-		// Request gzip only, not deflate. Deflate is ambiguous and
-		// not as universally supported anyway.
-		// See: http://www.gzip.org/zlib/zlib_faq.html#faq38
-		//
-		// Note that we don't request this for HEAD requests,
-		// due to a bug in nginx:
-		//   http://trac.nginx.org/nginx/ticket/358
-		//   https://golang.org/issue/5522
-		//
-		// We don't request gzip if the request is for a range, since
-		// auto-decoding a portion of a gzipped document will just fail
-		// anyway. See https://golang.org/issue/8923
-		cs.requestedGzip = true
-	}
-
-	// we send: HEADERS{1}, CONTINUATION{0,} + DATA{0,} (DATA is
-	// sent by writeRequestBody below, along with any Trailers,
-	// again in form HEADERS{1}, CONTINUATION{0,})
-	hdrs := cc.encodeHeaders(req, cs.requestedGzip, trailers, contentLen)
-	cc.wmu.Lock()
-	endStream := !hasBody && !hasTrailers
-	werr := cc.writeHeaders(cs.ID, endStream, hdrs)
-	cc.wmu.Unlock()
-	cc.mu.Unlock()
-
-	if werr != nil {
-		if hasBody {
-			req.Body.Close() // per RoundTripper contract
-		}
-		cc.forgetStreamID(cs.ID)
-		// Don't bother sending a RST_STREAM (our write already failed;
-		// no need to keep writing)
-		return nil, werr
-	}
-
-	var respHeaderTimer <-chan time.Time
-	var bodyCopyErrc chan error // result of body copy
-	if hasBody {
-		bodyCopyErrc = make(chan error, 1)
-		go func() {
-			bodyCopyErrc <- cs.writeRequestBody(body, req.Body)
-		}()
-	} else {
-		if d := cc.responseHeaderTimeout(); d != 0 {
-			timer := time.NewTimer(d)
-			defer timer.Stop()
-			respHeaderTimer = timer.C
-		}
-	}
-
-	readLoopResCh := cs.resc
-	requestCanceledCh := requestCancel(req)
-	bodyWritten := false
-
-	for {
-		select {
-		case re := <-readLoopResCh:
-			res := re.res
-			if re.err != nil || res.StatusCode > 299 {
-				// On error or status code 3xx, 4xx, 5xx, etc abort any
-				// ongoing write, assuming that the server doesn't care
-				// about our request body. If the server replied with 1xx or
-				// 2xx, however, then assume the server DOES potentially
-				// want our body (e.g. full-duplex streaming:
-				// golang.org/issue/13444). If it turns out the server
-				// doesn't, they'll RST_STREAM us soon enough.  This is a
-				// heuristic to avoid adding knobs to Transport.  Hopefully
-				// we can keep it.
-				cs.abortRequestBodyWrite(errStopReqBodyWrite)
-			}
-			if re.err != nil {
-				cc.forgetStreamID(cs.ID)
-				return nil, re.err
-			}
-			res.Request = req
-			res.TLS = cc.tlsState
-			return res, nil
-		case <-respHeaderTimer:
-			cc.forgetStreamID(cs.ID)
-			if !hasBody || bodyWritten {
-				cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-			} else {
-				cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
-			}
-			return nil, errTimeout
-		case <-requestCanceledCh:
-			cc.forgetStreamID(cs.ID)
-			if !hasBody || bodyWritten {
-				cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-			} else {
-				cs.abortRequestBodyWrite(errStopReqBodyWriteAndCancel)
-			}
-			return nil, errRequestCanceled
-		case <-cs.peerReset:
-			// processResetStream already removed the
-			// stream from the streams map; no need for
-			// forgetStreamID.
-			return nil, cs.resetErr
-		case err := <-bodyCopyErrc:
-			if err != nil {
-				return nil, err
-			}
-			bodyWritten = true
-			if d := cc.responseHeaderTimeout(); d != 0 {
-				timer := time.NewTimer(d)
-				defer timer.Stop()
-				respHeaderTimer = timer.C
-			}
-		}
-	}
-}
-
-// requires cc.wmu be held
-func (cc *ClientConn) writeHeaders(streamID uint32, endStream bool, hdrs []byte) error {
-	first := true // first frame written (HEADERS is first, then CONTINUATION)
-	frameSize := int(cc.maxFrameSize)
-	for len(hdrs) > 0 && cc.werr == nil {
-		chunk := hdrs
-		if len(chunk) > frameSize {
-			chunk = chunk[:frameSize]
-		}
-		hdrs = hdrs[len(chunk):]
-		endHeaders := len(hdrs) == 0
-		if first {
-			cc.fr.WriteHeaders(HeadersFrameParam{
-				StreamID:      streamID,
-				BlockFragment: chunk,
-				EndStream:     endStream,
-				EndHeaders:    endHeaders,
-			})
-			first = false
-		} else {
-			cc.fr.WriteContinuation(streamID, endHeaders, chunk)
-		}
-	}
-	// TODO(bradfitz): this Flush could potentially block (as
-	// could the WriteHeaders call(s) above), which means they
-	// wouldn't respond to Request.Cancel being readable. That's
-	// rare, but this should probably be in a goroutine.
-	cc.bw.Flush()
-	return cc.werr
-}
-
-// internal error values; they don't escape to callers
-var (
-	// abort request body write; don't send cancel
-	errStopReqBodyWrite = errors.New("http2: aborting request body write")
-
-	// abort request body write, but send stream reset of cancel.
-	errStopReqBodyWriteAndCancel = errors.New("http2: canceling request")
-)
-
-func (cs *clientStream) writeRequestBody(body io.Reader, bodyCloser io.Closer) (err error) {
-	cc := cs.cc
-	sentEnd := false // whether we sent the final DATA frame w/ END_STREAM
-	buf := cc.frameScratchBuffer()
-	defer cc.putFrameScratchBuffer(buf)
-
-	defer func() {
-		// TODO: write h12Compare test showing whether
-		// Request.Body is closed by the Transport,
-		// and in multiple cases: server replies <=299 and >299
-		// while still writing request body
-		cerr := bodyCloser.Close()
-		if err == nil {
-			err = cerr
-		}
-	}()
-
-	req := cs.req
-	hasTrailers := req.Trailer != nil
-
-	var sawEOF bool
-	for !sawEOF {
-		n, err := body.Read(buf)
-		if err == io.EOF {
-			sawEOF = true
-			err = nil
-		} else if err != nil {
-			return err
-		}
-
-		remain := buf[:n]
-		for len(remain) > 0 && err == nil {
-			var allowed int32
-			allowed, err = cs.awaitFlowControl(len(remain))
-			switch {
-			case err == errStopReqBodyWrite:
-				return err
-			case err == errStopReqBodyWriteAndCancel:
-				cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-				return err
-			case err != nil:
-				return err
-			}
-			cc.wmu.Lock()
-			data := remain[:allowed]
-			remain = remain[allowed:]
-			sentEnd = sawEOF && len(remain) == 0 && !hasTrailers
-			err = cc.fr.WriteData(cs.ID, sentEnd, data)
-			if err == nil {
-				// TODO(bradfitz): this flush is for latency, not bandwidth.
-				// Most requests won't need this. Make this opt-in or opt-out?
-				// Use some heuristic on the body type? Nagel-like timers?
-				// Based on 'n'? Only last chunk of this for loop, unless flow control
-				// tokens are low? For now, always:
-				err = cc.bw.Flush()
-			}
-			cc.wmu.Unlock()
-		}
-		if err != nil {
-			return err
-		}
-	}
-
-	cc.wmu.Lock()
-	if !sentEnd {
-		var trls []byte
-		if hasTrailers {
-			cc.mu.Lock()
-			trls = cc.encodeTrailers(req)
-			cc.mu.Unlock()
-		}
-
-		// Avoid forgetting to send an END_STREAM if the encoded
-		// trailers are 0 bytes. Both results produce and END_STREAM.
-		if len(trls) > 0 {
-			err = cc.writeHeaders(cs.ID, true, trls)
-		} else {
-			err = cc.fr.WriteData(cs.ID, true, nil)
-		}
-	}
-	if ferr := cc.bw.Flush(); ferr != nil && err == nil {
-		err = ferr
-	}
-	cc.wmu.Unlock()
-
-	return err
-}
-
-// awaitFlowControl waits for [1, min(maxBytes, cc.cs.maxFrameSize)] flow
-// control tokens from the server.
-// It returns either the non-zero number of tokens taken or an error
-// if the stream is dead.
-func (cs *clientStream) awaitFlowControl(maxBytes int) (taken int32, err error) {
-	cc := cs.cc
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	for {
-		if cc.closed {
-			return 0, errClientConnClosed
-		}
-		if cs.stopReqBody != nil {
-			return 0, cs.stopReqBody
-		}
-		if err := cs.checkReset(); err != nil {
-			return 0, err
-		}
-		if a := cs.flow.available(); a > 0 {
-			take := a
-			if int(take) > maxBytes {
-
-				take = int32(maxBytes) // can't truncate int; take is int32
-			}
-			if take > int32(cc.maxFrameSize) {
-				take = int32(cc.maxFrameSize)
-			}
-			cs.flow.take(take)
-			return take, nil
-		}
-		cc.cond.Wait()
-	}
-}
-
-type badStringError struct {
-	what string
-	str  string
-}
-
-func (e *badStringError) Error() string { return fmt.Sprintf("%s %q", e.what, e.str) }
-
-// requires cc.mu be held.
-func (cc *ClientConn) encodeHeaders(req *http.Request, addGzipHeader bool, trailers string, contentLength int64) []byte {
-	cc.hbuf.Reset()
-
-	host := req.Host
-	if host == "" {
-		host = req.URL.Host
-	}
-
-	// 8.1.2.3 Request Pseudo-Header Fields
-	// The :path pseudo-header field includes the path and query parts of the
-	// target URI (the path-absolute production and optionally a '?' character
-	// followed by the query production (see Sections 3.3 and 3.4 of
-	// [RFC3986]).
-	cc.writeHeader(":authority", host)
-	cc.writeHeader(":method", req.Method)
-	if req.Method != "CONNECT" {
-		cc.writeHeader(":path", req.URL.RequestURI())
-		cc.writeHeader(":scheme", "https")
-	}
-	if trailers != "" {
-		cc.writeHeader("trailer", trailers)
-	}
-
-	var didUA bool
-	for k, vv := range req.Header {
-		lowKey := strings.ToLower(k)
-		switch lowKey {
-		case "host", "content-length":
-			// Host is :authority, already sent.
-			// Content-Length is automatic, set below.
-			continue
-		case "connection", "proxy-connection", "transfer-encoding", "upgrade":
-			// Per 8.1.2.2 Connection-Specific Header
-			// Fields, don't send connection-specific
-			// fields. We deal with these earlier in
-			// RoundTrip, deciding whether they're
-			// error-worthy, but we don't want to mutate
-			// the user's *Request so at this point, just
-			// skip over them at this point.
-			continue
-		case "user-agent":
-			// Match Go's http1 behavior: at most one
-			// User-Agent. If set to nil or empty string,
-			// then omit it. Otherwise if not mentioned,
-			// include the default (below).
-			didUA = true
-			if len(vv) < 1 {
-				continue
-			}
-			vv = vv[:1]
-			if vv[0] == "" {
-				continue
-			}
-		}
-		for _, v := range vv {
-			cc.writeHeader(lowKey, v)
-		}
-	}
-	if shouldSendReqContentLength(req.Method, contentLength) {
-		cc.writeHeader("content-length", strconv.FormatInt(contentLength, 10))
-	}
-	if addGzipHeader {
-		cc.writeHeader("accept-encoding", "gzip")
-	}
-	if !didUA {
-		cc.writeHeader("user-agent", defaultUserAgent)
-	}
-	return cc.hbuf.Bytes()
-}
-
-// shouldSendReqContentLength reports whether the http2.Transport should send
-// a "content-length" request header. This logic is basically a copy of the net/http
-// transferWriter.shouldSendContentLength.
-// The contentLength is the corrected contentLength (so 0 means actually 0, not unknown).
-// -1 means unknown.
-func shouldSendReqContentLength(method string, contentLength int64) bool {
-	if contentLength > 0 {
-		return true
-	}
-	if contentLength < 0 {
-		return false
-	}
-	// For zero bodies, whether we send a content-length depends on the method.
-	// It also kinda doesn't matter for http2 either way, with END_STREAM.
-	switch method {
-	case "POST", "PUT", "PATCH":
-		return true
-	default:
-		return false
-	}
-}
-
-// requires cc.mu be held.
-func (cc *ClientConn) encodeTrailers(req *http.Request) []byte {
-	cc.hbuf.Reset()
-	for k, vv := range req.Trailer {
-		// Transfer-Encoding, etc.. have already been filter at the
-		// start of RoundTrip
-		lowKey := strings.ToLower(k)
-		for _, v := range vv {
-			cc.writeHeader(lowKey, v)
-		}
-	}
-	return cc.hbuf.Bytes()
-}
-
-func (cc *ClientConn) writeHeader(name, value string) {
-	if VerboseLogs {
-		log.Printf("http2: Transport encoding header %q = %q", name, value)
-	}
-	cc.henc.WriteField(hpack.HeaderField{Name: name, Value: value})
-}
-
-type resAndError struct {
-	res *http.Response
-	err error
-}
-
-// requires cc.mu be held.
-func (cc *ClientConn) newStream() *clientStream {
-	cs := &clientStream{
-		cc:        cc,
-		ID:        cc.nextStreamID,
-		resc:      make(chan resAndError, 1),
-		peerReset: make(chan struct{}),
-		done:      make(chan struct{}),
-	}
-	cs.flow.add(int32(cc.initialWindowSize))
-	cs.flow.setConnFlow(&cc.flow)
-	cs.inflow.add(transportDefaultStreamFlow)
-	cs.inflow.setConnFlow(&cc.inflow)
-	cc.nextStreamID += 2
-	cc.streams[cs.ID] = cs
-	return cs
-}
-
-func (cc *ClientConn) forgetStreamID(id uint32) {
-	cc.streamByID(id, true)
-}
-
-func (cc *ClientConn) streamByID(id uint32, andRemove bool) *clientStream {
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	cs := cc.streams[id]
-	if andRemove && cs != nil && !cc.closed {
-		delete(cc.streams, id)
-		close(cs.done)
-	}
-	return cs
-}
-
-// clientConnReadLoop is the state owned by the clientConn's frame-reading readLoop.
-type clientConnReadLoop struct {
-	cc            *ClientConn
-	activeRes     map[uint32]*clientStream // keyed by streamID
-	closeWhenIdle bool
-}
-
-// readLoop runs in its own goroutine and reads and dispatches frames.
-func (cc *ClientConn) readLoop() {
-	rl := &clientConnReadLoop{
-		cc:        cc,
-		activeRes: make(map[uint32]*clientStream),
-	}
-
-	defer rl.cleanup()
-	cc.readerErr = rl.run()
-	if ce, ok := cc.readerErr.(ConnectionError); ok {
-		cc.wmu.Lock()
-		cc.fr.WriteGoAway(0, ErrCode(ce), nil)
-		cc.wmu.Unlock()
-	}
-}
-
-func (rl *clientConnReadLoop) cleanup() {
-	cc := rl.cc
-	defer cc.tconn.Close()
-	defer cc.t.connPool().MarkDead(cc)
-	defer close(cc.readerDone)
-
-	// Close any response bodies if the server closes prematurely.
-	// TODO: also do this if we've written the headers but not
-	// gotten a response yet.
-	err := cc.readerErr
-	if err == io.EOF {
-		err = io.ErrUnexpectedEOF
-	}
-	cc.mu.Lock()
-	for _, cs := range rl.activeRes {
-		cs.bufPipe.CloseWithError(err)
-	}
-	for _, cs := range cc.streams {
-		select {
-		case cs.resc <- resAndError{err: err}:
-		default:
-		}
-		close(cs.done)
-	}
-	cc.closed = true
-	cc.cond.Broadcast()
-	cc.mu.Unlock()
-}
-
-func (rl *clientConnReadLoop) run() error {
-	cc := rl.cc
-	rl.closeWhenIdle = cc.t.disableKeepAlives()
-	gotReply := false // ever saw a reply
-	for {
-		f, err := cc.fr.ReadFrame()
-		if err != nil {
-			cc.vlogf("Transport readFrame error: (%T) %v", err, err)
-		}
-		if se, ok := err.(StreamError); ok {
-			if cs := cc.streamByID(se.StreamID, true /*ended; remove it*/); cs != nil {
-				rl.endStreamError(cs, cc.fr.errDetail)
-			}
-			continue
-		} else if err != nil {
-			return err
-		}
-		if VerboseLogs {
-			cc.vlogf("http2: Transport received %s", summarizeFrame(f))
-		}
-		maybeIdle := false // whether frame might transition us to idle
-
-		switch f := f.(type) {
-		case *MetaHeadersFrame:
-			err = rl.processHeaders(f)
-			maybeIdle = true
-			gotReply = true
-		case *DataFrame:
-			err = rl.processData(f)
-			maybeIdle = true
-		case *GoAwayFrame:
-			err = rl.processGoAway(f)
-			maybeIdle = true
-		case *RSTStreamFrame:
-			err = rl.processResetStream(f)
-			maybeIdle = true
-		case *SettingsFrame:
-			err = rl.processSettings(f)
-		case *PushPromiseFrame:
-			err = rl.processPushPromise(f)
-		case *WindowUpdateFrame:
-			err = rl.processWindowUpdate(f)
-		case *PingFrame:
-			err = rl.processPing(f)
-		default:
-			cc.logf("Transport: unhandled response frame type %T", f)
-		}
-		if err != nil {
-			return err
-		}
-		if rl.closeWhenIdle && gotReply && maybeIdle && len(rl.activeRes) == 0 {
-			cc.closeIfIdle()
-		}
-	}
-}
-
-func (rl *clientConnReadLoop) processHeaders(f *MetaHeadersFrame) error {
-	cc := rl.cc
-	cs := cc.streamByID(f.StreamID, f.StreamEnded())
-	if cs == nil {
-		// We'd get here if we canceled a request while the
-		// server had its response still in flight. So if this
-		// was just something we canceled, ignore it.
-		return nil
-	}
-	if !cs.pastHeaders {
-		cs.pastHeaders = true
-	} else {
-		return rl.processTrailers(cs, f)
-	}
-
-	res, err := rl.handleResponse(cs, f)
-	if err != nil {
-		if _, ok := err.(ConnectionError); ok {
-			return err
-		}
-		// Any other error type is a stream error.
-		cs.cc.writeStreamReset(f.StreamID, ErrCodeProtocol, err)
-		cs.resc <- resAndError{err: err}
-		return nil // return nil from process* funcs to keep conn alive
-	}
-	if res == nil {
-		// (nil, nil) special case. See handleResponse docs.
-		return nil
-	}
-	if res.Body != noBody {
-		rl.activeRes[cs.ID] = cs
-	}
-	cs.resTrailer = &res.Trailer
-	cs.resc <- resAndError{res: res}
-	return nil
-}
-
-// may return error types nil, or ConnectionError. Any other error value
-// is a StreamError of type ErrCodeProtocol. The returned error in that case
-// is the detail.
-//
-// As a special case, handleResponse may return (nil, nil) to skip the
-// frame (currently only used for 100 expect continue). This special
-// case is going away after Issue 13851 is fixed.
-func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFrame) (*http.Response, error) {
-	if f.Truncated {
-		return nil, errResponseHeaderListSize
-	}
-
-	status := f.PseudoValue("status")
-	if status == "" {
-		return nil, errors.New("missing status pseudo header")
-	}
-	statusCode, err := strconv.Atoi(status)
-	if err != nil {
-		return nil, errors.New("malformed non-numeric status pseudo header")
-	}
-
-	if statusCode == 100 {
-		// Just skip 100-continue response headers for now.
-		// TODO: golang.org/issue/13851 for doing it properly.
-		cs.pastHeaders = false // do it all again
-		return nil, nil
-	}
-
-	header := make(http.Header)
-	res := &http.Response{
-		Proto:      "HTTP/2.0",
-		ProtoMajor: 2,
-		Header:     header,
-		StatusCode: statusCode,
-		Status:     status + " " + http.StatusText(statusCode),
-	}
-	for _, hf := range f.RegularFields() {
-		key := http.CanonicalHeaderKey(hf.Name)
-		if key == "Trailer" {
-			t := res.Trailer
-			if t == nil {
-				t = make(http.Header)
-				res.Trailer = t
-			}
-			foreachHeaderElement(hf.Value, func(v string) {
-				t[http.CanonicalHeaderKey(v)] = nil
-			})
-		} else {
-			header[key] = append(header[key], hf.Value)
-		}
-	}
-
-	streamEnded := f.StreamEnded()
-	if !streamEnded || cs.req.Method == "HEAD" {
-		res.ContentLength = -1
-		if clens := res.Header["Content-Length"]; len(clens) == 1 {
-			if clen64, err := strconv.ParseInt(clens[0], 10, 64); err == nil {
-				res.ContentLength = clen64
-			} else {
-				// TODO: care? unlike http/1, it won't mess up our framing, so it's
-				// more safe smuggling-wise to ignore.
-			}
-		} else if len(clens) > 1 {
-			// TODO: care? unlike http/1, it won't mess up our framing, so it's
-			// more safe smuggling-wise to ignore.
-		}
-	}
-
-	if streamEnded {
-		res.Body = noBody
-		return res, nil
-	}
-
-	buf := new(bytes.Buffer) // TODO(bradfitz): recycle this garbage
-	cs.bufPipe = pipe{b: buf}
-	cs.bytesRemain = res.ContentLength
-	res.Body = transportResponseBody{cs}
-	go cs.awaitRequestCancel(requestCancel(cs.req))
-
-	if cs.requestedGzip && res.Header.Get("Content-Encoding") == "gzip" {
-		res.Header.Del("Content-Encoding")
-		res.Header.Del("Content-Length")
-		res.ContentLength = -1
-		res.Body = &gzipReader{body: res.Body}
-	}
-	return res, nil
-}
-
-func (rl *clientConnReadLoop) processTrailers(cs *clientStream, f *MetaHeadersFrame) error {
-	if cs.pastTrailers {
-		// Too many HEADERS frames for this stream.
-		return ConnectionError(ErrCodeProtocol)
-	}
-	cs.pastTrailers = true
-	if !f.StreamEnded() {
-		// We expect that any headers for trailers also
-		// has END_STREAM.
-		return ConnectionError(ErrCodeProtocol)
-	}
-	if len(f.PseudoFields()) > 0 {
-		// No pseudo header fields are defined for trailers.
-		// TODO: ConnectionError might be overly harsh? Check.
-		return ConnectionError(ErrCodeProtocol)
-	}
-
-	trailer := make(http.Header)
-	for _, hf := range f.RegularFields() {
-		key := http.CanonicalHeaderKey(hf.Name)
-		trailer[key] = append(trailer[key], hf.Value)
-	}
-	cs.trailer = trailer
-
-	rl.endStream(cs)
-	return nil
-}
-
-// transportResponseBody is the concrete type of Transport.RoundTrip's
-// Response.Body. It is an io.ReadCloser. On Read, it reads from cs.body.
-// On Close it sends RST_STREAM if EOF wasn't already seen.
-type transportResponseBody struct {
-	cs *clientStream
-}
-
-func (b transportResponseBody) Read(p []byte) (n int, err error) {
-	cs := b.cs
-	cc := cs.cc
-
-	if cs.readErr != nil {
-		return 0, cs.readErr
-	}
-	n, err = b.cs.bufPipe.Read(p)
-	if cs.bytesRemain != -1 {
-		if int64(n) > cs.bytesRemain {
-			n = int(cs.bytesRemain)
-			if err == nil {
-				err = errors.New("net/http: server replied with more than declared Content-Length; truncated")
-				cc.writeStreamReset(cs.ID, ErrCodeProtocol, err)
-			}
-			cs.readErr = err
-			return int(cs.bytesRemain), err
-		}
-		cs.bytesRemain -= int64(n)
-		if err == io.EOF && cs.bytesRemain > 0 {
-			err = io.ErrUnexpectedEOF
-			cs.readErr = err
-			return n, err
-		}
-	}
-	if n == 0 {
-		// No flow control tokens to send back.
-		return
-	}
-
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-
-	var connAdd, streamAdd int32
-	// Check the conn-level first, before the stream-level.
-	if v := cc.inflow.available(); v < transportDefaultConnFlow/2 {
-		connAdd = transportDefaultConnFlow - v
-		cc.inflow.add(connAdd)
-	}
-	if err == nil { // No need to refresh if the stream is over or failed.
-		if v := cs.inflow.available(); v < transportDefaultStreamFlow-transportDefaultStreamMinRefresh {
-			streamAdd = transportDefaultStreamFlow - v
-			cs.inflow.add(streamAdd)
-		}
-	}
-	if connAdd != 0 || streamAdd != 0 {
-		cc.wmu.Lock()
-		defer cc.wmu.Unlock()
-		if connAdd != 0 {
-			cc.fr.WriteWindowUpdate(0, mustUint31(connAdd))
-		}
-		if streamAdd != 0 {
-			cc.fr.WriteWindowUpdate(cs.ID, mustUint31(streamAdd))
-		}
-		cc.bw.Flush()
-	}
-	return
-}
-
-var errClosedResponseBody = errors.New("http2: response body closed")
-
-func (b transportResponseBody) Close() error {
-	cs := b.cs
-	if cs.bufPipe.Err() != io.EOF {
-		// TODO: write test for this
-		cs.cc.writeStreamReset(cs.ID, ErrCodeCancel, nil)
-	}
-	cs.bufPipe.BreakWithError(errClosedResponseBody)
-	return nil
-}
-
-func (rl *clientConnReadLoop) processData(f *DataFrame) error {
-	cc := rl.cc
-	cs := cc.streamByID(f.StreamID, f.StreamEnded())
-	if cs == nil {
-		cc.mu.Lock()
-		neverSent := cc.nextStreamID
-		cc.mu.Unlock()
-		if f.StreamID >= neverSent {
-			// We never asked for this.
-			cc.logf("http2: Transport received unsolicited DATA frame; closing connection")
-			return ConnectionError(ErrCodeProtocol)
-		}
-		// We probably did ask for this, but canceled. Just ignore it.
-		// TODO: be stricter here? only silently ignore things which
-		// we canceled, but not things which were closed normally
-		// by the peer? Tough without accumulating too much state.
-		return nil
-	}
-	if data := f.Data(); len(data) > 0 {
-		if cs.bufPipe.b == nil {
-			// Data frame after it's already closed?
-			cc.logf("http2: Transport received DATA frame for closed stream; closing connection")
-			return ConnectionError(ErrCodeProtocol)
-		}
-
-		// Check connection-level flow control.
-		cc.mu.Lock()
-		if cs.inflow.available() >= int32(len(data)) {
-			cs.inflow.take(int32(len(data)))
-		} else {
-			cc.mu.Unlock()
-			return ConnectionError(ErrCodeFlowControl)
-		}
-		cc.mu.Unlock()
-
-		if _, err := cs.bufPipe.Write(data); err != nil {
-			rl.endStreamError(cs, err)
-			return err
-		}
-	}
-
-	if f.StreamEnded() {
-		rl.endStream(cs)
-	}
-	return nil
-}
-
-var errInvalidTrailers = errors.New("http2: invalid trailers")
-
-func (rl *clientConnReadLoop) endStream(cs *clientStream) {
-	// TODO: check that any declared content-length matches, like
-	// server.go's (*stream).endStream method.
-	rl.endStreamError(cs, nil)
-}
-
-func (rl *clientConnReadLoop) endStreamError(cs *clientStream, err error) {
-	var code func()
-	if err == nil {
-		err = io.EOF
-		code = cs.copyTrailers
-	}
-	cs.bufPipe.closeWithErrorAndCode(err, code)
-	delete(rl.activeRes, cs.ID)
-	if cs.req.Close || cs.req.Header.Get("Connection") == "close" {
-		rl.closeWhenIdle = true
-	}
-}
-
-func (cs *clientStream) copyTrailers() {
-	for k, vv := range cs.trailer {
-		t := cs.resTrailer
-		if *t == nil {
-			*t = make(http.Header)
-		}
-		(*t)[k] = vv
-	}
-}
-
-func (rl *clientConnReadLoop) processGoAway(f *GoAwayFrame) error {
-	cc := rl.cc
-	cc.t.connPool().MarkDead(cc)
-	if f.ErrCode != 0 {
-		// TODO: deal with GOAWAY more. particularly the error code
-		cc.vlogf("transport got GOAWAY with error code = %v", f.ErrCode)
-	}
-	cc.setGoAway(f)
-	return nil
-}
-
-func (rl *clientConnReadLoop) processSettings(f *SettingsFrame) error {
-	cc := rl.cc
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-	return f.ForeachSetting(func(s Setting) error {
-		switch s.ID {
-		case SettingMaxFrameSize:
-			cc.maxFrameSize = s.Val
-		case SettingMaxConcurrentStreams:
-			cc.maxConcurrentStreams = s.Val
-		case SettingInitialWindowSize:
-			// TODO: error if this is too large.
-
-			// TODO: adjust flow control of still-open
-			// frames by the difference of the old initial
-			// window size and this one.
-			cc.initialWindowSize = s.Val
-		default:
-			// TODO(bradfitz): handle more settings? SETTINGS_HEADER_TABLE_SIZE probably.
-			cc.vlogf("Unhandled Setting: %v", s)
-		}
-		return nil
-	})
-}
-
-func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error {
-	cc := rl.cc
-	cs := cc.streamByID(f.StreamID, false)
-	if f.StreamID != 0 && cs == nil {
-		return nil
-	}
-
-	cc.mu.Lock()
-	defer cc.mu.Unlock()
-
-	fl := &cc.flow
-	if cs != nil {
-		fl = &cs.flow
-	}
-	if !fl.add(int32(f.Increment)) {
-		return ConnectionError(ErrCodeFlowControl)
-	}
-	cc.cond.Broadcast()
-	return nil
-}
-
-func (rl *clientConnReadLoop) processResetStream(f *RSTStreamFrame) error {
-	cs := rl.cc.streamByID(f.StreamID, true)
-	if cs == nil {
-		// TODO: return error if server tries to RST_STEAM an idle stream
-		return nil
-	}
-	select {
-	case <-cs.peerReset:
-		// Already reset.
-		// This is the only goroutine
-		// which closes this, so there
-		// isn't a race.
-	default:
-		err := StreamError{cs.ID, f.ErrCode}
-		cs.resetErr = err
-		close(cs.peerReset)
-		cs.bufPipe.CloseWithError(err)
-		cs.cc.cond.Broadcast() // wake up checkReset via clientStream.awaitFlowControl
-	}
-	delete(rl.activeRes, cs.ID)
-	return nil
-}
-
-func (rl *clientConnReadLoop) processPing(f *PingFrame) error {
-	if f.IsAck() {
-		// 6.7 PING: " An endpoint MUST NOT respond to PING frames
-		// containing this flag."
-		return nil
-	}
-	cc := rl.cc
-	cc.wmu.Lock()
-	defer cc.wmu.Unlock()
-	if err := cc.fr.WritePing(true, f.Data); err != nil {
-		return err
-	}
-	return cc.bw.Flush()
-}
-
-func (rl *clientConnReadLoop) processPushPromise(f *PushPromiseFrame) error {
-	// We told the peer we don't want them.
-	// Spec says:
-	// "PUSH_PROMISE MUST NOT be sent if the SETTINGS_ENABLE_PUSH
-	// setting of the peer endpoint is set to 0. An endpoint that
-	// has set this setting and has received acknowledgement MUST
-	// treat the receipt of a PUSH_PROMISE frame as a connection
-	// error (Section 5.4.1) of type PROTOCOL_ERROR."
-	return ConnectionError(ErrCodeProtocol)
-}
-
-func (cc *ClientConn) writeStreamReset(streamID uint32, code ErrCode, err error) {
-	// TODO: do something with err? send it as a debug frame to the peer?
-	// But that's only in GOAWAY. Invent a new frame type? Is there one already?
-	cc.wmu.Lock()
-	cc.fr.WriteRSTStream(streamID, code)
-	cc.bw.Flush()
-	cc.wmu.Unlock()
-}
-
-var (
-	errResponseHeaderListSize = errors.New("http2: response header list larger than advertised limit")
-	errPseudoTrailers         = errors.New("http2: invalid pseudo header in trailers")
-)
-
-func (cc *ClientConn) logf(format string, args ...interface{}) {
-	cc.t.logf(format, args...)
-}
-
-func (cc *ClientConn) vlogf(format string, args ...interface{}) {
-	cc.t.vlogf(format, args...)
-}
-
-func (t *Transport) vlogf(format string, args ...interface{}) {
-	if VerboseLogs {
-		t.logf(format, args...)
-	}
-}
-
-func (t *Transport) logf(format string, args ...interface{}) {
-	log.Printf(format, args...)
-}
-
-var noBody io.ReadCloser = ioutil.NopCloser(bytes.NewReader(nil))
-
-func strSliceContains(ss []string, s string) bool {
-	for _, v := range ss {
-		if v == s {
-			return true
-		}
-	}
-	return false
-}
-
-type erringRoundTripper struct{ err error }
-
-func (rt erringRoundTripper) RoundTrip(*http.Request) (*http.Response, error) { return nil, rt.err }
-
-// gzipReader wraps a response body so it can lazily
-// call gzip.NewReader on the first call to Read
-type gzipReader struct {
-	body io.ReadCloser // underlying Response.Body
-	zr   *gzip.Reader  // lazily-initialized gzip reader
-	zerr error         // sticky error
-}
-
-func (gz *gzipReader) Read(p []byte) (n int, err error) {
-	if gz.zerr != nil {
-		return 0, gz.zerr
-	}
-	if gz.zr == nil {
-		gz.zr, err = gzip.NewReader(gz.body)
-		if err != nil {
-			gz.zerr = err
-			return 0, err
-		}
-	}
-	return gz.zr.Read(p)
-}
-
-func (gz *gzipReader) Close() error {
-	return gz.body.Close()
-}
-
-type errorReader struct{ err error }
-
-func (r errorReader) Read(p []byte) (int, error) { return 0, r.err }
diff --git a/vendor/golang.org/x/net/http2/transport_test.go b/vendor/golang.org/x/net/http2/transport_test.go
deleted file mode 100644
index 556756ab..00000000
--- a/vendor/golang.org/x/net/http2/transport_test.go
+++ /dev/null
@@ -1,1740 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"bufio"
-	"bytes"
-	"crypto/tls"
-	"errors"
-	"flag"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"log"
-	"math/rand"
-	"net"
-	"net/http"
-	"net/url"
-	"os"
-	"reflect"
-	"sort"
-	"strconv"
-	"strings"
-	"sync"
-	"sync/atomic"
-	"testing"
-	"time"
-
-	"golang.org/x/net/http2/hpack"
-)
-
-var (
-	extNet        = flag.Bool("extnet", false, "do external network tests")
-	transportHost = flag.String("transporthost", "http2.golang.org", "hostname to use for TestTransport")
-	insecure      = flag.Bool("insecure", false, "insecure TLS dials") // TODO: dead code. remove?
-)
-
-var tlsConfigInsecure = &tls.Config{InsecureSkipVerify: true}
-
-func TestTransportExternal(t *testing.T) {
-	if !*extNet {
-		t.Skip("skipping external network test")
-	}
-	req, _ := http.NewRequest("GET", "https://"+*transportHost+"/", nil)
-	rt := &Transport{TLSClientConfig: tlsConfigInsecure}
-	res, err := rt.RoundTrip(req)
-	if err != nil {
-		t.Fatalf("%v", err)
-	}
-	res.Write(os.Stdout)
-}
-
-func TestTransport(t *testing.T) {
-	const body = "sup"
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, body)
-	}, optOnlyServer)
-	defer st.Close()
-
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-
-	req, err := http.NewRequest("GET", st.ts.URL, nil)
-	if err != nil {
-		t.Fatal(err)
-	}
-	res, err := tr.RoundTrip(req)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer res.Body.Close()
-
-	t.Logf("Got res: %+v", res)
-	if g, w := res.StatusCode, 200; g != w {
-		t.Errorf("StatusCode = %v; want %v", g, w)
-	}
-	if g, w := res.Status, "200 OK"; g != w {
-		t.Errorf("Status = %q; want %q", g, w)
-	}
-	wantHeader := http.Header{
-		"Content-Length": []string{"3"},
-		"Content-Type":   []string{"text/plain; charset=utf-8"},
-		"Date":           []string{"XXX"}, // see cleanDate
-	}
-	cleanDate(res)
-	if !reflect.DeepEqual(res.Header, wantHeader) {
-		t.Errorf("res Header = %v; want %v", res.Header, wantHeader)
-	}
-	if res.Request != req {
-		t.Errorf("Response.Request = %p; want %p", res.Request, req)
-	}
-	if res.TLS == nil {
-		t.Error("Response.TLS = nil; want non-nil")
-	}
-	slurp, err := ioutil.ReadAll(res.Body)
-	if err != nil {
-		t.Errorf("Body read: %v", err)
-	} else if string(slurp) != body {
-		t.Errorf("Body = %q; want %q", slurp, body)
-	}
-}
-func onSameConn(t *testing.T, modReq func(*http.Request)) bool {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, r.RemoteAddr)
-	}, optOnlyServer)
-	defer st.Close()
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-	get := func() string {
-		req, err := http.NewRequest("GET", st.ts.URL, nil)
-		if err != nil {
-			t.Fatal(err)
-		}
-		modReq(req)
-		res, err := tr.RoundTrip(req)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer res.Body.Close()
-		slurp, err := ioutil.ReadAll(res.Body)
-		if err != nil {
-			t.Fatalf("Body read: %v", err)
-		}
-		addr := strings.TrimSpace(string(slurp))
-		if addr == "" {
-			t.Fatalf("didn't get an addr in response")
-		}
-		return addr
-	}
-	first := get()
-	second := get()
-	return first == second
-}
-
-func TestTransportReusesConns(t *testing.T) {
-	if !onSameConn(t, func(*http.Request) {}) {
-		t.Errorf("first and second responses were on different connections")
-	}
-}
-
-func TestTransportReusesConn_RequestClose(t *testing.T) {
-	if onSameConn(t, func(r *http.Request) { r.Close = true }) {
-		t.Errorf("first and second responses were not on different connections")
-	}
-}
-
-func TestTransportReusesConn_ConnClose(t *testing.T) {
-	if onSameConn(t, func(r *http.Request) { r.Header.Set("Connection", "close") }) {
-		t.Errorf("first and second responses were not on different connections")
-	}
-}
-
-// Tests that the Transport only keeps one pending dial open per destination address.
-// https://golang.org/issue/13397
-func TestTransportGroupsPendingDials(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, r.RemoteAddr)
-	}, optOnlyServer)
-	defer st.Close()
-	tr := &Transport{
-		TLSClientConfig: tlsConfigInsecure,
-	}
-	defer tr.CloseIdleConnections()
-	var (
-		mu    sync.Mutex
-		dials = map[string]int{}
-	)
-	var wg sync.WaitGroup
-	for i := 0; i < 10; i++ {
-		wg.Add(1)
-		go func() {
-			defer wg.Done()
-			req, err := http.NewRequest("GET", st.ts.URL, nil)
-			if err != nil {
-				t.Error(err)
-				return
-			}
-			res, err := tr.RoundTrip(req)
-			if err != nil {
-				t.Error(err)
-				return
-			}
-			defer res.Body.Close()
-			slurp, err := ioutil.ReadAll(res.Body)
-			if err != nil {
-				t.Errorf("Body read: %v", err)
-			}
-			addr := strings.TrimSpace(string(slurp))
-			if addr == "" {
-				t.Errorf("didn't get an addr in response")
-			}
-			mu.Lock()
-			dials[addr]++
-			mu.Unlock()
-		}()
-	}
-	wg.Wait()
-	if len(dials) != 1 {
-		t.Errorf("saw %d dials; want 1: %v", len(dials), dials)
-	}
-	tr.CloseIdleConnections()
-	if err := retry(50, 10*time.Millisecond, func() error {
-		cp, ok := tr.connPool().(*clientConnPool)
-		if !ok {
-			return fmt.Errorf("Conn pool is %T; want *clientConnPool", tr.connPool())
-		}
-		cp.mu.Lock()
-		defer cp.mu.Unlock()
-		if len(cp.dialing) != 0 {
-			return fmt.Errorf("dialing map = %v; want empty", cp.dialing)
-		}
-		if len(cp.conns) != 0 {
-			return fmt.Errorf("conns = %v; want empty", cp.conns)
-		}
-		if len(cp.keys) != 0 {
-			return fmt.Errorf("keys = %v; want empty", cp.keys)
-		}
-		return nil
-	}); err != nil {
-		t.Errorf("State of pool after CloseIdleConnections: %v", err)
-	}
-}
-
-func retry(tries int, delay time.Duration, fn func() error) error {
-	var err error
-	for i := 0; i < tries; i++ {
-		err = fn()
-		if err == nil {
-			return nil
-		}
-		time.Sleep(delay)
-	}
-	return err
-}
-
-func TestTransportAbortClosesPipes(t *testing.T) {
-	shutdown := make(chan struct{})
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			w.(http.Flusher).Flush()
-			<-shutdown
-		},
-		optOnlyServer,
-	)
-	defer st.Close()
-	defer close(shutdown) // we must shutdown before st.Close() to avoid hanging
-
-	done := make(chan struct{})
-	requestMade := make(chan struct{})
-	go func() {
-		defer close(done)
-		tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-		req, err := http.NewRequest("GET", st.ts.URL, nil)
-		if err != nil {
-			t.Fatal(err)
-		}
-		res, err := tr.RoundTrip(req)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer res.Body.Close()
-		close(requestMade)
-		_, err = ioutil.ReadAll(res.Body)
-		if err == nil {
-			t.Error("expected error from res.Body.Read")
-		}
-	}()
-
-	<-requestMade
-	// Now force the serve loop to end, via closing the connection.
-	st.closeConn()
-	// deadlock? that's a bug.
-	select {
-	case <-done:
-	case <-time.After(3 * time.Second):
-		t.Fatal("timeout")
-	}
-}
-
-// TODO: merge this with TestTransportBody to make TestTransportRequest? This
-// could be a table-driven test with extra goodies.
-func TestTransportPath(t *testing.T) {
-	gotc := make(chan *url.URL, 1)
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			gotc <- r.URL
-		},
-		optOnlyServer,
-	)
-	defer st.Close()
-
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-	const (
-		path  = "/testpath"
-		query = "q=1"
-	)
-	surl := st.ts.URL + path + "?" + query
-	req, err := http.NewRequest("POST", surl, nil)
-	if err != nil {
-		t.Fatal(err)
-	}
-	c := &http.Client{Transport: tr}
-	res, err := c.Do(req)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer res.Body.Close()
-	got := <-gotc
-	if got.Path != path {
-		t.Errorf("Read Path = %q; want %q", got.Path, path)
-	}
-	if got.RawQuery != query {
-		t.Errorf("Read RawQuery = %q; want %q", got.RawQuery, query)
-	}
-}
-
-func randString(n int) string {
-	rnd := rand.New(rand.NewSource(int64(n)))
-	b := make([]byte, n)
-	for i := range b {
-		b[i] = byte(rnd.Intn(256))
-	}
-	return string(b)
-}
-
-func TestTransportBody(t *testing.T) {
-	bodyTests := []struct {
-		body         string
-		noContentLen bool
-	}{
-		{body: "some message"},
-		{body: "some message", noContentLen: true},
-		{body: ""},
-		{body: "", noContentLen: true},
-		{body: strings.Repeat("a", 1<<20), noContentLen: true},
-		{body: strings.Repeat("a", 1<<20)},
-		{body: randString(16<<10 - 1)},
-		{body: randString(16 << 10)},
-		{body: randString(16<<10 + 1)},
-		{body: randString(512<<10 - 1)},
-		{body: randString(512 << 10)},
-		{body: randString(512<<10 + 1)},
-		{body: randString(1<<20 - 1)},
-		{body: randString(1 << 20)},
-		{body: randString(1<<20 + 2)},
-	}
-
-	type reqInfo struct {
-		req   *http.Request
-		slurp []byte
-		err   error
-	}
-	gotc := make(chan reqInfo, 1)
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			slurp, err := ioutil.ReadAll(r.Body)
-			if err != nil {
-				gotc <- reqInfo{err: err}
-			} else {
-				gotc <- reqInfo{req: r, slurp: slurp}
-			}
-		},
-		optOnlyServer,
-	)
-	defer st.Close()
-
-	for i, tt := range bodyTests {
-		tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-		defer tr.CloseIdleConnections()
-
-		var body io.Reader = strings.NewReader(tt.body)
-		if tt.noContentLen {
-			body = struct{ io.Reader }{body} // just a Reader, hiding concrete type and other methods
-		}
-		req, err := http.NewRequest("POST", st.ts.URL, body)
-		if err != nil {
-			t.Fatalf("#%d: %v", i, err)
-		}
-		c := &http.Client{Transport: tr}
-		res, err := c.Do(req)
-		if err != nil {
-			t.Fatalf("#%d: %v", i, err)
-		}
-		defer res.Body.Close()
-		ri := <-gotc
-		if ri.err != nil {
-			t.Errorf("#%d: read error: %v", i, ri.err)
-			continue
-		}
-		if got := string(ri.slurp); got != tt.body {
-			t.Errorf("#%d: Read body mismatch.\n got: %q (len %d)\nwant: %q (len %d)", i, shortString(got), len(got), shortString(tt.body), len(tt.body))
-		}
-		wantLen := int64(len(tt.body))
-		if tt.noContentLen && tt.body != "" {
-			wantLen = -1
-		}
-		if ri.req.ContentLength != wantLen {
-			t.Errorf("#%d. handler got ContentLength = %v; want %v", i, ri.req.ContentLength, wantLen)
-		}
-	}
-}
-
-func shortString(v string) string {
-	const maxLen = 100
-	if len(v) <= maxLen {
-		return v
-	}
-	return fmt.Sprintf("%v[...%d bytes omitted...]%v", v[:maxLen/2], len(v)-maxLen, v[len(v)-maxLen/2:])
-}
-
-func TestTransportDialTLS(t *testing.T) {
-	var mu sync.Mutex // guards following
-	var gotReq, didDial bool
-
-	ts := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			mu.Lock()
-			gotReq = true
-			mu.Unlock()
-		},
-		optOnlyServer,
-	)
-	defer ts.Close()
-	tr := &Transport{
-		DialTLS: func(netw, addr string, cfg *tls.Config) (net.Conn, error) {
-			mu.Lock()
-			didDial = true
-			mu.Unlock()
-			cfg.InsecureSkipVerify = true
-			c, err := tls.Dial(netw, addr, cfg)
-			if err != nil {
-				return nil, err
-			}
-			return c, c.Handshake()
-		},
-	}
-	defer tr.CloseIdleConnections()
-	client := &http.Client{Transport: tr}
-	res, err := client.Get(ts.ts.URL)
-	if err != nil {
-		t.Fatal(err)
-	}
-	res.Body.Close()
-	mu.Lock()
-	if !gotReq {
-		t.Error("didn't get request")
-	}
-	if !didDial {
-		t.Error("didn't use dial hook")
-	}
-}
-
-func TestConfigureTransport(t *testing.T) {
-	t1 := &http.Transport{}
-	err := ConfigureTransport(t1)
-	if err == errTransportVersion {
-		t.Skip(err)
-	}
-	if err != nil {
-		t.Fatal(err)
-	}
-	if got := fmt.Sprintf("%#v", *t1); !strings.Contains(got, `"h2"`) {
-		// Laziness, to avoid buildtags.
-		t.Errorf("stringification of HTTP/1 transport didn't contain \"h2\": %v", got)
-	}
-	wantNextProtos := []string{"h2", "http/1.1"}
-	if t1.TLSClientConfig == nil {
-		t.Errorf("nil t1.TLSClientConfig")
-	} else if !reflect.DeepEqual(t1.TLSClientConfig.NextProtos, wantNextProtos) {
-		t.Errorf("TLSClientConfig.NextProtos = %q; want %q", t1.TLSClientConfig.NextProtos, wantNextProtos)
-	}
-	if err := ConfigureTransport(t1); err == nil {
-		t.Error("unexpected success on second call to ConfigureTransport")
-	}
-
-	// And does it work?
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, r.Proto)
-	}, optOnlyServer)
-	defer st.Close()
-
-	t1.TLSClientConfig.InsecureSkipVerify = true
-	c := &http.Client{Transport: t1}
-	res, err := c.Get(st.ts.URL)
-	if err != nil {
-		t.Fatal(err)
-	}
-	slurp, err := ioutil.ReadAll(res.Body)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if got, want := string(slurp), "HTTP/2.0"; got != want {
-		t.Errorf("body = %q; want %q", got, want)
-	}
-}
-
-type capitalizeReader struct {
-	r io.Reader
-}
-
-func (cr capitalizeReader) Read(p []byte) (n int, err error) {
-	n, err = cr.r.Read(p)
-	for i, b := range p[:n] {
-		if b >= 'a' && b <= 'z' {
-			p[i] = b - ('a' - 'A')
-		}
-	}
-	return
-}
-
-type flushWriter struct {
-	w io.Writer
-}
-
-func (fw flushWriter) Write(p []byte) (n int, err error) {
-	n, err = fw.w.Write(p)
-	if f, ok := fw.w.(http.Flusher); ok {
-		f.Flush()
-	}
-	return
-}
-
-type clientTester struct {
-	t      *testing.T
-	tr     *Transport
-	sc, cc net.Conn // server and client conn
-	fr     *Framer  // server's framer
-	client func() error
-	server func() error
-}
-
-func newClientTester(t *testing.T) *clientTester {
-	var dialOnce struct {
-		sync.Mutex
-		dialed bool
-	}
-	ct := &clientTester{
-		t: t,
-	}
-	ct.tr = &Transport{
-		TLSClientConfig: tlsConfigInsecure,
-		DialTLS: func(network, addr string, cfg *tls.Config) (net.Conn, error) {
-			dialOnce.Lock()
-			defer dialOnce.Unlock()
-			if dialOnce.dialed {
-				return nil, errors.New("only one dial allowed in test mode")
-			}
-			dialOnce.dialed = true
-			return ct.cc, nil
-		},
-	}
-
-	ln := newLocalListener(t)
-	cc, err := net.Dial("tcp", ln.Addr().String())
-	if err != nil {
-		t.Fatal(err)
-
-	}
-	sc, err := ln.Accept()
-	if err != nil {
-		t.Fatal(err)
-	}
-	ln.Close()
-	ct.cc = cc
-	ct.sc = sc
-	ct.fr = NewFramer(sc, sc)
-	return ct
-}
-
-func newLocalListener(t *testing.T) net.Listener {
-	ln, err := net.Listen("tcp4", "127.0.0.1:0")
-	if err == nil {
-		return ln
-	}
-	ln, err = net.Listen("tcp6", "[::1]:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	return ln
-}
-
-func (ct *clientTester) greet() {
-	buf := make([]byte, len(ClientPreface))
-	_, err := io.ReadFull(ct.sc, buf)
-	if err != nil {
-		ct.t.Fatalf("reading client preface: %v", err)
-	}
-	f, err := ct.fr.ReadFrame()
-	if err != nil {
-		ct.t.Fatalf("Reading client settings frame: %v", err)
-	}
-	if sf, ok := f.(*SettingsFrame); !ok {
-		ct.t.Fatalf("Wanted client settings frame; got %v", f)
-		_ = sf // stash it away?
-	}
-	if err := ct.fr.WriteSettings(); err != nil {
-		ct.t.Fatal(err)
-	}
-	if err := ct.fr.WriteSettingsAck(); err != nil {
-		ct.t.Fatal(err)
-	}
-}
-
-func (ct *clientTester) cleanup() {
-	ct.tr.CloseIdleConnections()
-}
-
-func (ct *clientTester) run() {
-	errc := make(chan error, 2)
-	ct.start("client", errc, ct.client)
-	ct.start("server", errc, ct.server)
-	defer ct.cleanup()
-	for i := 0; i < 2; i++ {
-		if err := <-errc; err != nil {
-			ct.t.Error(err)
-			return
-		}
-	}
-}
-
-func (ct *clientTester) start(which string, errc chan<- error, fn func() error) {
-	go func() {
-		finished := false
-		var err error
-		defer func() {
-			if !finished {
-				err = fmt.Errorf("%s goroutine didn't finish.", which)
-			} else if err != nil {
-				err = fmt.Errorf("%s: %v", which, err)
-			}
-			errc <- err
-		}()
-		err = fn()
-		finished = true
-	}()
-}
-
-type countingReader struct {
-	n *int64
-}
-
-func (r countingReader) Read(p []byte) (n int, err error) {
-	for i := range p {
-		p[i] = byte(i)
-	}
-	atomic.AddInt64(r.n, int64(len(p)))
-	return len(p), err
-}
-
-func TestTransportReqBodyAfterResponse_200(t *testing.T) { testTransportReqBodyAfterResponse(t, 200) }
-func TestTransportReqBodyAfterResponse_403(t *testing.T) { testTransportReqBodyAfterResponse(t, 403) }
-
-func testTransportReqBodyAfterResponse(t *testing.T, status int) {
-	const bodySize = 10 << 20
-	ct := newClientTester(t)
-	ct.client = func() error {
-		var n int64 // atomic
-		req, err := http.NewRequest("PUT", "https://dummy.tld/", io.LimitReader(countingReader{&n}, bodySize))
-		if err != nil {
-			return err
-		}
-		res, err := ct.tr.RoundTrip(req)
-		if err != nil {
-			return fmt.Errorf("RoundTrip: %v", err)
-		}
-		defer res.Body.Close()
-		if res.StatusCode != status {
-			return fmt.Errorf("status code = %v; want %v", res.StatusCode, status)
-		}
-		slurp, err := ioutil.ReadAll(res.Body)
-		if err != nil {
-			return fmt.Errorf("Slurp: %v", err)
-		}
-		if len(slurp) > 0 {
-			return fmt.Errorf("unexpected body: %q", slurp)
-		}
-		if status == 200 {
-			if got := atomic.LoadInt64(&n); got != bodySize {
-				return fmt.Errorf("For 200 response, Transport wrote %d bytes; want %d", got, bodySize)
-			}
-		} else {
-			if got := atomic.LoadInt64(&n); got == 0 || got >= bodySize {
-				return fmt.Errorf("For %d response, Transport wrote %d bytes; want (0,%d) exclusive", status, got, bodySize)
-			}
-		}
-		return nil
-	}
-	ct.server = func() error {
-		ct.greet()
-		var buf bytes.Buffer
-		enc := hpack.NewEncoder(&buf)
-		var dataRecv int64
-		var closed bool
-		for {
-			f, err := ct.fr.ReadFrame()
-			if err != nil {
-				return err
-			}
-			//println(fmt.Sprintf("server got frame: %v", f))
-			switch f := f.(type) {
-			case *WindowUpdateFrame, *SettingsFrame:
-			case *HeadersFrame:
-				if !f.HeadersEnded() {
-					return fmt.Errorf("headers should have END_HEADERS be ended: %v", f)
-				}
-				if f.StreamEnded() {
-					return fmt.Errorf("headers contains END_STREAM unexpectedly: %v", f)
-				}
-				time.Sleep(50 * time.Millisecond) // let client send body
-				enc.WriteField(hpack.HeaderField{Name: ":status", Value: strconv.Itoa(status)})
-				ct.fr.WriteHeaders(HeadersFrameParam{
-					StreamID:      f.StreamID,
-					EndHeaders:    true,
-					EndStream:     false,
-					BlockFragment: buf.Bytes(),
-				})
-			case *DataFrame:
-				dataLen := len(f.Data())
-				dataRecv += int64(dataLen)
-				if dataLen > 0 {
-					if err := ct.fr.WriteWindowUpdate(0, uint32(dataLen)); err != nil {
-						return err
-					}
-					if err := ct.fr.WriteWindowUpdate(f.StreamID, uint32(dataLen)); err != nil {
-						return err
-					}
-				}
-				if !closed && ((status != 200 && dataRecv > 0) ||
-					(status == 200 && dataRecv == bodySize)) {
-					closed = true
-					if err := ct.fr.WriteData(f.StreamID, true, nil); err != nil {
-						return err
-					}
-					return nil
-				}
-			default:
-				return fmt.Errorf("Unexpected client frame %v", f)
-			}
-		}
-		return nil
-	}
-	ct.run()
-}
-
-// See golang.org/issue/13444
-func TestTransportFullDuplex(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		w.WriteHeader(200) // redundant but for clarity
-		w.(http.Flusher).Flush()
-		io.Copy(flushWriter{w}, capitalizeReader{r.Body})
-		fmt.Fprintf(w, "bye.\n")
-	}, optOnlyServer)
-	defer st.Close()
-
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-	c := &http.Client{Transport: tr}
-
-	pr, pw := io.Pipe()
-	req, err := http.NewRequest("PUT", st.ts.URL, ioutil.NopCloser(pr))
-	if err != nil {
-		log.Fatal(err)
-	}
-	req.ContentLength = -1
-	res, err := c.Do(req)
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer res.Body.Close()
-	if res.StatusCode != 200 {
-		t.Fatalf("StatusCode = %v; want %v", res.StatusCode, 200)
-	}
-	bs := bufio.NewScanner(res.Body)
-	want := func(v string) {
-		if !bs.Scan() {
-			t.Fatalf("wanted to read %q but Scan() = false, err = %v", v, bs.Err())
-		}
-	}
-	write := func(v string) {
-		_, err := io.WriteString(pw, v)
-		if err != nil {
-			t.Fatalf("pipe write: %v", err)
-		}
-	}
-	write("foo\n")
-	want("FOO")
-	write("bar\n")
-	want("BAR")
-	pw.Close()
-	want("bye.")
-	if err := bs.Err(); err != nil {
-		t.Fatal(err)
-	}
-}
-
-func TestTransportConnectRequest(t *testing.T) {
-	gotc := make(chan *http.Request, 1)
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		gotc <- r
-	}, optOnlyServer)
-	defer st.Close()
-
-	u, err := url.Parse(st.ts.URL)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-	c := &http.Client{Transport: tr}
-
-	tests := []struct {
-		req  *http.Request
-		want string
-	}{
-		{
-			req: &http.Request{
-				Method: "CONNECT",
-				Header: http.Header{},
-				URL:    u,
-			},
-			want: u.Host,
-		},
-		{
-			req: &http.Request{
-				Method: "CONNECT",
-				Header: http.Header{},
-				URL:    u,
-				Host:   "example.com:123",
-			},
-			want: "example.com:123",
-		},
-	}
-
-	for i, tt := range tests {
-		res, err := c.Do(tt.req)
-		if err != nil {
-			t.Errorf("%d. RoundTrip = %v", i, err)
-			continue
-		}
-		res.Body.Close()
-		req := <-gotc
-		if req.Method != "CONNECT" {
-			t.Errorf("method = %q; want CONNECT", req.Method)
-		}
-		if req.Host != tt.want {
-			t.Errorf("Host = %q; want %q", req.Host, tt.want)
-		}
-		if req.URL.Host != tt.want {
-			t.Errorf("URL.Host = %q; want %q", req.URL.Host, tt.want)
-		}
-	}
-}
-
-type headerType int
-
-const (
-	noHeader headerType = iota // omitted
-	oneHeader
-	splitHeader // broken into continuation on purpose
-)
-
-const (
-	f0 = noHeader
-	f1 = oneHeader
-	f2 = splitHeader
-	d0 = false
-	d1 = true
-)
-
-// Test all 36 combinations of response frame orders:
-//    (3 ways of 100-continue) * (2 ways of headers) * (2 ways of data) * (3 ways of trailers):func TestTransportResponsePattern_00f0(t *testing.T) { testTransportResponsePattern(h0, h1, false, h0) }
-// Generated by http://play.golang.org/p/SScqYKJYXd
-func TestTransportResPattern_c0h1d0t0(t *testing.T) { testTransportResPattern(t, f0, f1, d0, f0) }
-func TestTransportResPattern_c0h1d0t1(t *testing.T) { testTransportResPattern(t, f0, f1, d0, f1) }
-func TestTransportResPattern_c0h1d0t2(t *testing.T) { testTransportResPattern(t, f0, f1, d0, f2) }
-func TestTransportResPattern_c0h1d1t0(t *testing.T) { testTransportResPattern(t, f0, f1, d1, f0) }
-func TestTransportResPattern_c0h1d1t1(t *testing.T) { testTransportResPattern(t, f0, f1, d1, f1) }
-func TestTransportResPattern_c0h1d1t2(t *testing.T) { testTransportResPattern(t, f0, f1, d1, f2) }
-func TestTransportResPattern_c0h2d0t0(t *testing.T) { testTransportResPattern(t, f0, f2, d0, f0) }
-func TestTransportResPattern_c0h2d0t1(t *testing.T) { testTransportResPattern(t, f0, f2, d0, f1) }
-func TestTransportResPattern_c0h2d0t2(t *testing.T) { testTransportResPattern(t, f0, f2, d0, f2) }
-func TestTransportResPattern_c0h2d1t0(t *testing.T) { testTransportResPattern(t, f0, f2, d1, f0) }
-func TestTransportResPattern_c0h2d1t1(t *testing.T) { testTransportResPattern(t, f0, f2, d1, f1) }
-func TestTransportResPattern_c0h2d1t2(t *testing.T) { testTransportResPattern(t, f0, f2, d1, f2) }
-func TestTransportResPattern_c1h1d0t0(t *testing.T) { testTransportResPattern(t, f1, f1, d0, f0) }
-func TestTransportResPattern_c1h1d0t1(t *testing.T) { testTransportResPattern(t, f1, f1, d0, f1) }
-func TestTransportResPattern_c1h1d0t2(t *testing.T) { testTransportResPattern(t, f1, f1, d0, f2) }
-func TestTransportResPattern_c1h1d1t0(t *testing.T) { testTransportResPattern(t, f1, f1, d1, f0) }
-func TestTransportResPattern_c1h1d1t1(t *testing.T) { testTransportResPattern(t, f1, f1, d1, f1) }
-func TestTransportResPattern_c1h1d1t2(t *testing.T) { testTransportResPattern(t, f1, f1, d1, f2) }
-func TestTransportResPattern_c1h2d0t0(t *testing.T) { testTransportResPattern(t, f1, f2, d0, f0) }
-func TestTransportResPattern_c1h2d0t1(t *testing.T) { testTransportResPattern(t, f1, f2, d0, f1) }
-func TestTransportResPattern_c1h2d0t2(t *testing.T) { testTransportResPattern(t, f1, f2, d0, f2) }
-func TestTransportResPattern_c1h2d1t0(t *testing.T) { testTransportResPattern(t, f1, f2, d1, f0) }
-func TestTransportResPattern_c1h2d1t1(t *testing.T) { testTransportResPattern(t, f1, f2, d1, f1) }
-func TestTransportResPattern_c1h2d1t2(t *testing.T) { testTransportResPattern(t, f1, f2, d1, f2) }
-func TestTransportResPattern_c2h1d0t0(t *testing.T) { testTransportResPattern(t, f2, f1, d0, f0) }
-func TestTransportResPattern_c2h1d0t1(t *testing.T) { testTransportResPattern(t, f2, f1, d0, f1) }
-func TestTransportResPattern_c2h1d0t2(t *testing.T) { testTransportResPattern(t, f2, f1, d0, f2) }
-func TestTransportResPattern_c2h1d1t0(t *testing.T) { testTransportResPattern(t, f2, f1, d1, f0) }
-func TestTransportResPattern_c2h1d1t1(t *testing.T) { testTransportResPattern(t, f2, f1, d1, f1) }
-func TestTransportResPattern_c2h1d1t2(t *testing.T) { testTransportResPattern(t, f2, f1, d1, f2) }
-func TestTransportResPattern_c2h2d0t0(t *testing.T) { testTransportResPattern(t, f2, f2, d0, f0) }
-func TestTransportResPattern_c2h2d0t1(t *testing.T) { testTransportResPattern(t, f2, f2, d0, f1) }
-func TestTransportResPattern_c2h2d0t2(t *testing.T) { testTransportResPattern(t, f2, f2, d0, f2) }
-func TestTransportResPattern_c2h2d1t0(t *testing.T) { testTransportResPattern(t, f2, f2, d1, f0) }
-func TestTransportResPattern_c2h2d1t1(t *testing.T) { testTransportResPattern(t, f2, f2, d1, f1) }
-func TestTransportResPattern_c2h2d1t2(t *testing.T) { testTransportResPattern(t, f2, f2, d1, f2) }
-
-func testTransportResPattern(t *testing.T, expect100Continue, resHeader headerType, withData bool, trailers headerType) {
-	const reqBody = "some request body"
-	const resBody = "some response body"
-
-	if resHeader == noHeader {
-		// TODO: test 100-continue followed by immediate
-		// server stream reset, without headers in the middle?
-		panic("invalid combination")
-	}
-
-	ct := newClientTester(t)
-	ct.client = func() error {
-		req, _ := http.NewRequest("POST", "https://dummy.tld/", strings.NewReader(reqBody))
-		if expect100Continue != noHeader {
-			req.Header.Set("Expect", "100-continue")
-		}
-		res, err := ct.tr.RoundTrip(req)
-		if err != nil {
-			return fmt.Errorf("RoundTrip: %v", err)
-		}
-		defer res.Body.Close()
-		if res.StatusCode != 200 {
-			return fmt.Errorf("status code = %v; want 200", res.StatusCode)
-		}
-		slurp, err := ioutil.ReadAll(res.Body)
-		if err != nil {
-			return fmt.Errorf("Slurp: %v", err)
-		}
-		wantBody := resBody
-		if !withData {
-			wantBody = ""
-		}
-		if string(slurp) != wantBody {
-			return fmt.Errorf("body = %q; want %q", slurp, wantBody)
-		}
-		if trailers == noHeader {
-			if len(res.Trailer) > 0 {
-				t.Errorf("Trailer = %v; want none", res.Trailer)
-			}
-		} else {
-			want := http.Header{"Some-Trailer": {"some-value"}}
-			if !reflect.DeepEqual(res.Trailer, want) {
-				t.Errorf("Trailer = %v; want %v", res.Trailer, want)
-			}
-		}
-		return nil
-	}
-	ct.server = func() error {
-		ct.greet()
-		var buf bytes.Buffer
-		enc := hpack.NewEncoder(&buf)
-
-		for {
-			f, err := ct.fr.ReadFrame()
-			if err != nil {
-				return err
-			}
-			switch f := f.(type) {
-			case *WindowUpdateFrame, *SettingsFrame:
-			case *DataFrame:
-				// ignore for now.
-			case *HeadersFrame:
-				endStream := false
-				send := func(mode headerType) {
-					hbf := buf.Bytes()
-					switch mode {
-					case oneHeader:
-						ct.fr.WriteHeaders(HeadersFrameParam{
-							StreamID:      f.StreamID,
-							EndHeaders:    true,
-							EndStream:     endStream,
-							BlockFragment: hbf,
-						})
-					case splitHeader:
-						if len(hbf) < 2 {
-							panic("too small")
-						}
-						ct.fr.WriteHeaders(HeadersFrameParam{
-							StreamID:      f.StreamID,
-							EndHeaders:    false,
-							EndStream:     endStream,
-							BlockFragment: hbf[:1],
-						})
-						ct.fr.WriteContinuation(f.StreamID, true, hbf[1:])
-					default:
-						panic("bogus mode")
-					}
-				}
-				if expect100Continue != noHeader {
-					buf.Reset()
-					enc.WriteField(hpack.HeaderField{Name: ":status", Value: "100"})
-					send(expect100Continue)
-				}
-				// Response headers (1+ frames; 1 or 2 in this test, but never 0)
-				{
-					buf.Reset()
-					enc.WriteField(hpack.HeaderField{Name: ":status", Value: "200"})
-					enc.WriteField(hpack.HeaderField{Name: "x-foo", Value: "blah"})
-					enc.WriteField(hpack.HeaderField{Name: "x-bar", Value: "more"})
-					if trailers != noHeader {
-						enc.WriteField(hpack.HeaderField{Name: "trailer", Value: "some-trailer"})
-					}
-					endStream = withData == false && trailers == noHeader
-					send(resHeader)
-				}
-				if withData {
-					endStream = trailers == noHeader
-					ct.fr.WriteData(f.StreamID, endStream, []byte(resBody))
-				}
-				if trailers != noHeader {
-					endStream = true
-					buf.Reset()
-					enc.WriteField(hpack.HeaderField{Name: "some-trailer", Value: "some-value"})
-					send(trailers)
-				}
-				return nil
-			}
-		}
-	}
-	ct.run()
-}
-
-func TestTransportReceiveUndeclaredTrailer(t *testing.T) {
-	ct := newClientTester(t)
-	ct.client = func() error {
-		req, _ := http.NewRequest("GET", "https://dummy.tld/", nil)
-		res, err := ct.tr.RoundTrip(req)
-		if err != nil {
-			return fmt.Errorf("RoundTrip: %v", err)
-		}
-		defer res.Body.Close()
-		if res.StatusCode != 200 {
-			return fmt.Errorf("status code = %v; want 200", res.StatusCode)
-		}
-		slurp, err := ioutil.ReadAll(res.Body)
-		if err != nil {
-			return fmt.Errorf("res.Body ReadAll error = %q, %v; want %v", slurp, err, nil)
-		}
-		if len(slurp) > 0 {
-			return fmt.Errorf("body = %q; want nothing", slurp)
-		}
-		if _, ok := res.Trailer["Some-Trailer"]; !ok {
-			return fmt.Errorf("expected Some-Trailer")
-		}
-		return nil
-	}
-	ct.server = func() error {
-		ct.greet()
-
-		var n int
-		var hf *HeadersFrame
-		for hf == nil && n < 10 {
-			f, err := ct.fr.ReadFrame()
-			if err != nil {
-				return err
-			}
-			hf, _ = f.(*HeadersFrame)
-			n++
-		}
-
-		var buf bytes.Buffer
-		enc := hpack.NewEncoder(&buf)
-
-		// send headers without Trailer header
-		enc.WriteField(hpack.HeaderField{Name: ":status", Value: "200"})
-		ct.fr.WriteHeaders(HeadersFrameParam{
-			StreamID:      hf.StreamID,
-			EndHeaders:    true,
-			EndStream:     false,
-			BlockFragment: buf.Bytes(),
-		})
-
-		// send trailers
-		buf.Reset()
-		enc.WriteField(hpack.HeaderField{Name: "some-trailer", Value: "I'm an undeclared Trailer!"})
-		ct.fr.WriteHeaders(HeadersFrameParam{
-			StreamID:      hf.StreamID,
-			EndHeaders:    true,
-			EndStream:     true,
-			BlockFragment: buf.Bytes(),
-		})
-		return nil
-	}
-	ct.run()
-}
-
-func TestTransportInvalidTrailer_Pseudo1(t *testing.T) {
-	testTransportInvalidTrailer_Pseudo(t, oneHeader)
-}
-func TestTransportInvalidTrailer_Pseudo2(t *testing.T) {
-	testTransportInvalidTrailer_Pseudo(t, splitHeader)
-}
-func testTransportInvalidTrailer_Pseudo(t *testing.T, trailers headerType) {
-	testInvalidTrailer(t, trailers, pseudoHeaderError(":colon"), func(enc *hpack.Encoder) {
-		enc.WriteField(hpack.HeaderField{Name: ":colon", Value: "foo"})
-		enc.WriteField(hpack.HeaderField{Name: "foo", Value: "bar"})
-	})
-}
-
-func TestTransportInvalidTrailer_Capital1(t *testing.T) {
-	testTransportInvalidTrailer_Capital(t, oneHeader)
-}
-func TestTransportInvalidTrailer_Capital2(t *testing.T) {
-	testTransportInvalidTrailer_Capital(t, splitHeader)
-}
-func testTransportInvalidTrailer_Capital(t *testing.T, trailers headerType) {
-	testInvalidTrailer(t, trailers, headerFieldNameError("Capital"), func(enc *hpack.Encoder) {
-		enc.WriteField(hpack.HeaderField{Name: "foo", Value: "bar"})
-		enc.WriteField(hpack.HeaderField{Name: "Capital", Value: "bad"})
-	})
-}
-func TestTransportInvalidTrailer_EmptyFieldName(t *testing.T) {
-	testInvalidTrailer(t, oneHeader, headerFieldNameError(""), func(enc *hpack.Encoder) {
-		enc.WriteField(hpack.HeaderField{Name: "", Value: "bad"})
-	})
-}
-func TestTransportInvalidTrailer_BinaryFieldValue(t *testing.T) {
-	testInvalidTrailer(t, oneHeader, headerFieldValueError("has\nnewline"), func(enc *hpack.Encoder) {
-		enc.WriteField(hpack.HeaderField{Name: "x", Value: "has\nnewline"})
-	})
-}
-
-func testInvalidTrailer(t *testing.T, trailers headerType, wantErr error, writeTrailer func(*hpack.Encoder)) {
-	ct := newClientTester(t)
-	ct.client = func() error {
-		req, _ := http.NewRequest("GET", "https://dummy.tld/", nil)
-		res, err := ct.tr.RoundTrip(req)
-		if err != nil {
-			return fmt.Errorf("RoundTrip: %v", err)
-		}
-		defer res.Body.Close()
-		if res.StatusCode != 200 {
-			return fmt.Errorf("status code = %v; want 200", res.StatusCode)
-		}
-		slurp, err := ioutil.ReadAll(res.Body)
-		if err != wantErr {
-			return fmt.Errorf("res.Body ReadAll error = %q, %#v; want %T of %#v", slurp, err, wantErr, wantErr)
-		}
-		if len(slurp) > 0 {
-			return fmt.Errorf("body = %q; want nothing", slurp)
-		}
-		return nil
-	}
-	ct.server = func() error {
-		ct.greet()
-		var buf bytes.Buffer
-		enc := hpack.NewEncoder(&buf)
-
-		for {
-			f, err := ct.fr.ReadFrame()
-			if err != nil {
-				return err
-			}
-			switch f := f.(type) {
-			case *HeadersFrame:
-				var endStream bool
-				send := func(mode headerType) {
-					hbf := buf.Bytes()
-					switch mode {
-					case oneHeader:
-						ct.fr.WriteHeaders(HeadersFrameParam{
-							StreamID:      f.StreamID,
-							EndHeaders:    true,
-							EndStream:     endStream,
-							BlockFragment: hbf,
-						})
-					case splitHeader:
-						if len(hbf) < 2 {
-							panic("too small")
-						}
-						ct.fr.WriteHeaders(HeadersFrameParam{
-							StreamID:      f.StreamID,
-							EndHeaders:    false,
-							EndStream:     endStream,
-							BlockFragment: hbf[:1],
-						})
-						ct.fr.WriteContinuation(f.StreamID, true, hbf[1:])
-					default:
-						panic("bogus mode")
-					}
-				}
-				// Response headers (1+ frames; 1 or 2 in this test, but never 0)
-				{
-					buf.Reset()
-					enc.WriteField(hpack.HeaderField{Name: ":status", Value: "200"})
-					enc.WriteField(hpack.HeaderField{Name: "trailer", Value: "declared"})
-					endStream = false
-					send(oneHeader)
-				}
-				// Trailers:
-				{
-					endStream = true
-					buf.Reset()
-					writeTrailer(enc)
-					send(trailers)
-				}
-				return nil
-			}
-		}
-	}
-	ct.run()
-}
-
-func TestTransportChecksResponseHeaderListSize(t *testing.T) {
-	ct := newClientTester(t)
-	ct.client = func() error {
-		req, _ := http.NewRequest("GET", "https://dummy.tld/", nil)
-		res, err := ct.tr.RoundTrip(req)
-		if err != errResponseHeaderListSize {
-			if res != nil {
-				res.Body.Close()
-			}
-			size := int64(0)
-			for k, vv := range res.Header {
-				for _, v := range vv {
-					size += int64(len(k)) + int64(len(v)) + 32
-				}
-			}
-			return fmt.Errorf("RoundTrip Error = %v (and %d bytes of response headers); want errResponseHeaderListSize", err, size)
-		}
-		return nil
-	}
-	ct.server = func() error {
-		ct.greet()
-		var buf bytes.Buffer
-		enc := hpack.NewEncoder(&buf)
-
-		for {
-			f, err := ct.fr.ReadFrame()
-			if err != nil {
-				return err
-			}
-			switch f := f.(type) {
-			case *HeadersFrame:
-				enc.WriteField(hpack.HeaderField{Name: ":status", Value: "200"})
-				large := strings.Repeat("a", 1<<10)
-				for i := 0; i < 5042; i++ {
-					enc.WriteField(hpack.HeaderField{Name: large, Value: large})
-				}
-				if size, want := buf.Len(), 6329; size != want {
-					// Note: this number might change if
-					// our hpack implementation
-					// changes. That's fine. This is
-					// just a sanity check that our
-					// response can fit in a single
-					// header block fragment frame.
-					return fmt.Errorf("encoding over 10MB of duplicate keypairs took %d bytes; expected %d", size, want)
-				}
-				ct.fr.WriteHeaders(HeadersFrameParam{
-					StreamID:      f.StreamID,
-					EndHeaders:    true,
-					EndStream:     true,
-					BlockFragment: buf.Bytes(),
-				})
-				return nil
-			}
-		}
-	}
-	ct.run()
-}
-
-// Test that the the Transport returns a typed error from Response.Body.Read calls
-// when the server sends an error. (here we use a panic, since that should generate
-// a stream error, but others like cancel should be similar)
-func TestTransportBodyReadErrorType(t *testing.T) {
-	doPanic := make(chan bool, 1)
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			w.(http.Flusher).Flush() // force headers out
-			<-doPanic
-			panic("boom")
-		},
-		optOnlyServer,
-		optQuiet,
-	)
-	defer st.Close()
-
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-	c := &http.Client{Transport: tr}
-
-	res, err := c.Get(st.ts.URL)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer res.Body.Close()
-	doPanic <- true
-	buf := make([]byte, 100)
-	n, err := res.Body.Read(buf)
-	want := StreamError{StreamID: 0x1, Code: 0x2}
-	if !reflect.DeepEqual(want, err) {
-		t.Errorf("Read = %v, %#v; want error %#v", n, err, want)
-	}
-}
-
-// golang.org/issue/13924
-// This used to fail after many iterations, especially with -race:
-// go test -v -run=TestTransportDoubleCloseOnWriteError -count=500 -race
-func TestTransportDoubleCloseOnWriteError(t *testing.T) {
-	var (
-		mu   sync.Mutex
-		conn net.Conn // to close if set
-	)
-
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			mu.Lock()
-			defer mu.Unlock()
-			if conn != nil {
-				conn.Close()
-			}
-		},
-		optOnlyServer,
-	)
-	defer st.Close()
-
-	tr := &Transport{
-		TLSClientConfig: tlsConfigInsecure,
-		DialTLS: func(network, addr string, cfg *tls.Config) (net.Conn, error) {
-			tc, err := tls.Dial(network, addr, cfg)
-			if err != nil {
-				return nil, err
-			}
-			mu.Lock()
-			defer mu.Unlock()
-			conn = tc
-			return tc, nil
-		},
-	}
-	defer tr.CloseIdleConnections()
-	c := &http.Client{Transport: tr}
-	c.Get(st.ts.URL)
-}
-
-// Test that the http1 Transport.DisableKeepAlives option is respected
-// and connections are closed as soon as idle.
-// See golang.org/issue/14008
-func TestTransportDisableKeepAlives(t *testing.T) {
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			io.WriteString(w, "hi")
-		},
-		optOnlyServer,
-	)
-	defer st.Close()
-
-	connClosed := make(chan struct{}) // closed on tls.Conn.Close
-	tr := &Transport{
-		t1: &http.Transport{
-			DisableKeepAlives: true,
-		},
-		TLSClientConfig: tlsConfigInsecure,
-		DialTLS: func(network, addr string, cfg *tls.Config) (net.Conn, error) {
-			tc, err := tls.Dial(network, addr, cfg)
-			if err != nil {
-				return nil, err
-			}
-			return ¬eCloseConn{Conn: tc, closefn: func() { close(connClosed) }}, nil
-		},
-	}
-	c := &http.Client{Transport: tr}
-	res, err := c.Get(st.ts.URL)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if _, err := ioutil.ReadAll(res.Body); err != nil {
-		t.Fatal(err)
-	}
-	defer res.Body.Close()
-
-	select {
-	case <-connClosed:
-	case <-time.After(1 * time.Second):
-		t.Errorf("timeout")
-	}
-
-}
-
-// Test concurrent requests with Transport.DisableKeepAlives. We can share connections,
-// but when things are totally idle, it still needs to close.
-func TestTransportDisableKeepAlives_Concurrency(t *testing.T) {
-	const D = 25 * time.Millisecond
-	st := newServerTester(t,
-		func(w http.ResponseWriter, r *http.Request) {
-			time.Sleep(D)
-			io.WriteString(w, "hi")
-		},
-		optOnlyServer,
-	)
-	defer st.Close()
-
-	var dials int32
-	var conns sync.WaitGroup
-	tr := &Transport{
-		t1: &http.Transport{
-			DisableKeepAlives: true,
-		},
-		TLSClientConfig: tlsConfigInsecure,
-		DialTLS: func(network, addr string, cfg *tls.Config) (net.Conn, error) {
-			tc, err := tls.Dial(network, addr, cfg)
-			if err != nil {
-				return nil, err
-			}
-			atomic.AddInt32(&dials, 1)
-			conns.Add(1)
-			return ¬eCloseConn{Conn: tc, closefn: func() { conns.Done() }}, nil
-		},
-	}
-	c := &http.Client{Transport: tr}
-	var reqs sync.WaitGroup
-	const N = 20
-	for i := 0; i < N; i++ {
-		reqs.Add(1)
-		if i == N-1 {
-			// For the final request, try to make all the
-			// others close. This isn't verified in the
-			// count, other than the Log statement, since
-			// it's so timing dependent. This test is
-			// really to make sure we don't interrupt a
-			// valid request.
-			time.Sleep(D * 2)
-		}
-		go func() {
-			defer reqs.Done()
-			res, err := c.Get(st.ts.URL)
-			if err != nil {
-				t.Error(err)
-				return
-			}
-			if _, err := ioutil.ReadAll(res.Body); err != nil {
-				t.Error(err)
-				return
-			}
-			res.Body.Close()
-		}()
-	}
-	reqs.Wait()
-	conns.Wait()
-	t.Logf("did %d dials, %d requests", atomic.LoadInt32(&dials), N)
-}
-
-type noteCloseConn struct {
-	net.Conn
-	onceClose sync.Once
-	closefn   func()
-}
-
-func (c *noteCloseConn) Close() error {
-	c.onceClose.Do(c.closefn)
-	return c.Conn.Close()
-}
-
-func isTimeout(err error) bool {
-	switch err := err.(type) {
-	case nil:
-		return false
-	case *url.Error:
-		return isTimeout(err.Err)
-	case net.Error:
-		return err.Timeout()
-	}
-	return false
-}
-
-// Test that the http1 Transport.ResponseHeaderTimeout option and cancel is sent.
-func TestTransportResponseHeaderTimeout_NoBody(t *testing.T) {
-	testTransportResponseHeaderTimeout(t, false)
-}
-func TestTransportResponseHeaderTimeout_Body(t *testing.T) {
-	testTransportResponseHeaderTimeout(t, true)
-}
-
-func testTransportResponseHeaderTimeout(t *testing.T, body bool) {
-	ct := newClientTester(t)
-	ct.tr.t1 = &http.Transport{
-		ResponseHeaderTimeout: 5 * time.Millisecond,
-	}
-	ct.client = func() error {
-		c := &http.Client{Transport: ct.tr}
-		var err error
-		var n int64
-		const bodySize = 4 << 20
-		if body {
-			_, err = c.Post("https://dummy.tld/", "text/foo", io.LimitReader(countingReader{&n}, bodySize))
-		} else {
-			_, err = c.Get("https://dummy.tld/")
-		}
-		if !isTimeout(err) {
-			t.Errorf("client expected timeout error; got %#v", err)
-		}
-		if body && n != bodySize {
-			t.Errorf("only read %d bytes of body; want %d", n, bodySize)
-		}
-		return nil
-	}
-	ct.server = func() error {
-		ct.greet()
-		for {
-			f, err := ct.fr.ReadFrame()
-			if err != nil {
-				t.Logf("ReadFrame: %v", err)
-				return nil
-			}
-			switch f := f.(type) {
-			case *DataFrame:
-				dataLen := len(f.Data())
-				if dataLen > 0 {
-					if err := ct.fr.WriteWindowUpdate(0, uint32(dataLen)); err != nil {
-						return err
-					}
-					if err := ct.fr.WriteWindowUpdate(f.StreamID, uint32(dataLen)); err != nil {
-						return err
-					}
-				}
-			case *RSTStreamFrame:
-				if f.StreamID == 1 && f.ErrCode == ErrCodeCancel {
-					return nil
-				}
-			}
-		}
-		return nil
-	}
-	ct.run()
-}
-
-func TestTransportDisableCompression(t *testing.T) {
-	const body = "sup"
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		want := http.Header{
-			"User-Agent": []string{"Go-http-client/2.0"},
-		}
-		if !reflect.DeepEqual(r.Header, want) {
-			t.Errorf("request headers = %v; want %v", r.Header, want)
-		}
-	}, optOnlyServer)
-	defer st.Close()
-
-	tr := &Transport{
-		TLSClientConfig: tlsConfigInsecure,
-		t1: &http.Transport{
-			DisableCompression: true,
-		},
-	}
-	defer tr.CloseIdleConnections()
-
-	req, err := http.NewRequest("GET", st.ts.URL, nil)
-	if err != nil {
-		t.Fatal(err)
-	}
-	res, err := tr.RoundTrip(req)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer res.Body.Close()
-}
-
-// RFC 7540 section 8.1.2.2
-func TestTransportRejectsConnHeaders(t *testing.T) {
-	st := newServerTester(t, func(w http.ResponseWriter, r *http.Request) {
-		var got []string
-		for k := range r.Header {
-			got = append(got, k)
-		}
-		sort.Strings(got)
-		w.Header().Set("Got-Header", strings.Join(got, ","))
-	}, optOnlyServer)
-	defer st.Close()
-
-	tr := &Transport{TLSClientConfig: tlsConfigInsecure}
-	defer tr.CloseIdleConnections()
-
-	tests := []struct {
-		key   string
-		value []string
-		want  string
-	}{
-		{
-			key:   "Upgrade",
-			value: []string{"anything"},
-			want:  "ERROR: http2: invalid Upgrade request header",
-		},
-		{
-			key:   "Connection",
-			value: []string{"foo"},
-			want:  "ERROR: http2: invalid Connection request header",
-		},
-		{
-			key:   "Connection",
-			value: []string{"close"},
-			want:  "Accept-Encoding,User-Agent",
-		},
-		{
-			key:   "Connection",
-			value: []string{"close", "something-else"},
-			want:  "ERROR: http2: invalid Connection request header",
-		},
-		{
-			key:   "Connection",
-			value: []string{"keep-alive"},
-			want:  "Accept-Encoding,User-Agent",
-		},
-		{
-			key:   "Proxy-Connection", // just deleted and ignored
-			value: []string{"keep-alive"},
-			want:  "Accept-Encoding,User-Agent",
-		},
-		{
-			key:   "Transfer-Encoding",
-			value: []string{""},
-			want:  "Accept-Encoding,User-Agent",
-		},
-		{
-			key:   "Transfer-Encoding",
-			value: []string{"foo"},
-			want:  "ERROR: http2: invalid Transfer-Encoding request header",
-		},
-		{
-			key:   "Transfer-Encoding",
-			value: []string{"chunked"},
-			want:  "Accept-Encoding,User-Agent",
-		},
-		{
-			key:   "Transfer-Encoding",
-			value: []string{"chunked", "other"},
-			want:  "ERROR: http2: invalid Transfer-Encoding request header",
-		},
-		{
-			key:   "Content-Length",
-			value: []string{"123"},
-			want:  "Accept-Encoding,User-Agent",
-		},
-	}
-
-	for _, tt := range tests {
-		req, _ := http.NewRequest("GET", st.ts.URL, nil)
-		req.Header[tt.key] = tt.value
-		res, err := tr.RoundTrip(req)
-		var got string
-		if err != nil {
-			got = fmt.Sprintf("ERROR: %v", err)
-		} else {
-			got = res.Header.Get("Got-Header")
-			res.Body.Close()
-		}
-		if got != tt.want {
-			t.Errorf("For key %q, value %q, got = %q; want %q", tt.key, tt.value, got, tt.want)
-		}
-	}
-}
-
-// Tests that gzipReader doesn't crash on a second Read call following
-// the first Read call's gzip.NewReader returning an error.
-func TestGzipReader_DoubleReadCrash(t *testing.T) {
-	gz := &gzipReader{
-		body: ioutil.NopCloser(strings.NewReader("0123456789")),
-	}
-	var buf [1]byte
-	n, err1 := gz.Read(buf[:])
-	if n != 0 || !strings.Contains(fmt.Sprint(err1), "invalid header") {
-		t.Fatalf("Read = %v, %v; want 0, invalid header", n, err1)
-	}
-	n, err2 := gz.Read(buf[:])
-	if n != 0 || err2 != err1 {
-		t.Fatalf("second Read = %v, %v; want 0, %v", n, err2, err1)
-	}
-}
-
-func TestTransportNewTLSConfig(t *testing.T) {
-	tests := [...]struct {
-		conf *tls.Config
-		host string
-		want *tls.Config
-	}{
-		// Normal case.
-		0: {
-			conf: nil,
-			host: "foo.com",
-			want: &tls.Config{
-				ServerName: "foo.com",
-				NextProtos: []string{NextProtoTLS},
-			},
-		},
-
-		// User-provided name (bar.com) takes precedence:
-		1: {
-			conf: &tls.Config{
-				ServerName: "bar.com",
-			},
-			host: "foo.com",
-			want: &tls.Config{
-				ServerName: "bar.com",
-				NextProtos: []string{NextProtoTLS},
-			},
-		},
-
-		// NextProto is prepended:
-		2: {
-			conf: &tls.Config{
-				NextProtos: []string{"foo", "bar"},
-			},
-			host: "example.com",
-			want: &tls.Config{
-				ServerName: "example.com",
-				NextProtos: []string{NextProtoTLS, "foo", "bar"},
-			},
-		},
-
-		// NextProto is not duplicated:
-		3: {
-			conf: &tls.Config{
-				NextProtos: []string{"foo", "bar", NextProtoTLS},
-			},
-			host: "example.com",
-			want: &tls.Config{
-				ServerName: "example.com",
-				NextProtos: []string{"foo", "bar", NextProtoTLS},
-			},
-		},
-	}
-	for i, tt := range tests {
-		tr := &Transport{TLSClientConfig: tt.conf}
-		got := tr.newTLSConfig(tt.host)
-		if !reflect.DeepEqual(got, tt.want) {
-			t.Errorf("%d. got %#v; want %#v", i, got, tt.want)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/write.go b/vendor/golang.org/x/net/http2/write.go
deleted file mode 100644
index 0143b24c..00000000
--- a/vendor/golang.org/x/net/http2/write.go
+++ /dev/null
@@ -1,262 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"bytes"
-	"fmt"
-	"log"
-	"net/http"
-	"time"
-
-	"golang.org/x/net/http2/hpack"
-)
-
-// writeFramer is implemented by any type that is used to write frames.
-type writeFramer interface {
-	writeFrame(writeContext) error
-}
-
-// writeContext is the interface needed by the various frame writer
-// types below. All the writeFrame methods below are scheduled via the
-// frame writing scheduler (see writeScheduler in writesched.go).
-//
-// This interface is implemented by *serverConn.
-//
-// TODO: decide whether to a) use this in the client code (which didn't
-// end up using this yet, because it has a simpler design, not
-// currently implementing priorities), or b) delete this and
-// make the server code a bit more concrete.
-type writeContext interface {
-	Framer() *Framer
-	Flush() error
-	CloseConn() error
-	// HeaderEncoder returns an HPACK encoder that writes to the
-	// returned buffer.
-	HeaderEncoder() (*hpack.Encoder, *bytes.Buffer)
-}
-
-// endsStream reports whether the given frame writer w will locally
-// close the stream.
-func endsStream(w writeFramer) bool {
-	switch v := w.(type) {
-	case *writeData:
-		return v.endStream
-	case *writeResHeaders:
-		return v.endStream
-	case nil:
-		// This can only happen if the caller reuses w after it's
-		// been intentionally nil'ed out to prevent use. Keep this
-		// here to catch future refactoring breaking it.
-		panic("endsStream called on nil writeFramer")
-	}
-	return false
-}
-
-type flushFrameWriter struct{}
-
-func (flushFrameWriter) writeFrame(ctx writeContext) error {
-	return ctx.Flush()
-}
-
-type writeSettings []Setting
-
-func (s writeSettings) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WriteSettings([]Setting(s)...)
-}
-
-type writeGoAway struct {
-	maxStreamID uint32
-	code        ErrCode
-}
-
-func (p *writeGoAway) writeFrame(ctx writeContext) error {
-	err := ctx.Framer().WriteGoAway(p.maxStreamID, p.code, nil)
-	if p.code != 0 {
-		ctx.Flush() // ignore error: we're hanging up on them anyway
-		time.Sleep(50 * time.Millisecond)
-		ctx.CloseConn()
-	}
-	return err
-}
-
-type writeData struct {
-	streamID  uint32
-	p         []byte
-	endStream bool
-}
-
-func (w *writeData) String() string {
-	return fmt.Sprintf("writeData(stream=%d, p=%d, endStream=%v)", w.streamID, len(w.p), w.endStream)
-}
-
-func (w *writeData) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WriteData(w.streamID, w.endStream, w.p)
-}
-
-// handlerPanicRST is the message sent from handler goroutines when
-// the handler panics.
-type handlerPanicRST struct {
-	StreamID uint32
-}
-
-func (hp handlerPanicRST) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WriteRSTStream(hp.StreamID, ErrCodeInternal)
-}
-
-func (se StreamError) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WriteRSTStream(se.StreamID, se.Code)
-}
-
-type writePingAck struct{ pf *PingFrame }
-
-func (w writePingAck) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WritePing(true, w.pf.Data)
-}
-
-type writeSettingsAck struct{}
-
-func (writeSettingsAck) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WriteSettingsAck()
-}
-
-// writeResHeaders is a request to write a HEADERS and 0+ CONTINUATION frames
-// for HTTP response headers or trailers from a server handler.
-type writeResHeaders struct {
-	streamID    uint32
-	httpResCode int         // 0 means no ":status" line
-	h           http.Header // may be nil
-	trailers    []string    // if non-nil, which keys of h to write. nil means all.
-	endStream   bool
-
-	date          string
-	contentType   string
-	contentLength string
-}
-
-func encKV(enc *hpack.Encoder, k, v string) {
-	if VerboseLogs {
-		log.Printf("http2: server encoding header %q = %q", k, v)
-	}
-	enc.WriteField(hpack.HeaderField{Name: k, Value: v})
-}
-
-func (w *writeResHeaders) writeFrame(ctx writeContext) error {
-	enc, buf := ctx.HeaderEncoder()
-	buf.Reset()
-
-	if w.httpResCode != 0 {
-		encKV(enc, ":status", httpCodeString(w.httpResCode))
-	}
-
-	encodeHeaders(enc, w.h, w.trailers)
-
-	if w.contentType != "" {
-		encKV(enc, "content-type", w.contentType)
-	}
-	if w.contentLength != "" {
-		encKV(enc, "content-length", w.contentLength)
-	}
-	if w.date != "" {
-		encKV(enc, "date", w.date)
-	}
-
-	headerBlock := buf.Bytes()
-	if len(headerBlock) == 0 && w.trailers == nil {
-		panic("unexpected empty hpack")
-	}
-
-	// For now we're lazy and just pick the minimum MAX_FRAME_SIZE
-	// that all peers must support (16KB). Later we could care
-	// more and send larger frames if the peer advertised it, but
-	// there's little point. Most headers are small anyway (so we
-	// generally won't have CONTINUATION frames), and extra frames
-	// only waste 9 bytes anyway.
-	const maxFrameSize = 16384
-
-	first := true
-	for len(headerBlock) > 0 {
-		frag := headerBlock
-		if len(frag) > maxFrameSize {
-			frag = frag[:maxFrameSize]
-		}
-		headerBlock = headerBlock[len(frag):]
-		endHeaders := len(headerBlock) == 0
-		var err error
-		if first {
-			first = false
-			err = ctx.Framer().WriteHeaders(HeadersFrameParam{
-				StreamID:      w.streamID,
-				BlockFragment: frag,
-				EndStream:     w.endStream,
-				EndHeaders:    endHeaders,
-			})
-		} else {
-			err = ctx.Framer().WriteContinuation(w.streamID, endHeaders, frag)
-		}
-		if err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-type write100ContinueHeadersFrame struct {
-	streamID uint32
-}
-
-func (w write100ContinueHeadersFrame) writeFrame(ctx writeContext) error {
-	enc, buf := ctx.HeaderEncoder()
-	buf.Reset()
-	encKV(enc, ":status", "100")
-	return ctx.Framer().WriteHeaders(HeadersFrameParam{
-		StreamID:      w.streamID,
-		BlockFragment: buf.Bytes(),
-		EndStream:     false,
-		EndHeaders:    true,
-	})
-}
-
-type writeWindowUpdate struct {
-	streamID uint32 // or 0 for conn-level
-	n        uint32
-}
-
-func (wu writeWindowUpdate) writeFrame(ctx writeContext) error {
-	return ctx.Framer().WriteWindowUpdate(wu.streamID, wu.n)
-}
-
-func encodeHeaders(enc *hpack.Encoder, h http.Header, keys []string) {
-	if keys == nil {
-		sorter := sorterPool.Get().(*sorter)
-		// Using defer here, since the returned keys from the
-		// sorter.Keys method is only valid until the sorter
-		// is returned:
-		defer sorterPool.Put(sorter)
-		keys = sorter.Keys(h)
-	}
-	for _, k := range keys {
-		vv := h[k]
-		k = lowerHeader(k)
-		if !validHeaderFieldName(k) {
-			// TODO: return an error? golang.org/issue/14048
-			// For now just omit it.
-			continue
-		}
-		isTE := k == "transfer-encoding"
-		for _, v := range vv {
-			if !validHeaderFieldValue(v) {
-				// TODO: return an error? golang.org/issue/14048
-				// For now just omit it.
-				continue
-			}
-			// TODO: more of "8.1.2.2 Connection-Specific Header Fields"
-			if isTE && v != "trailers" {
-				continue
-			}
-			encKV(enc, k, v)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/http2/writesched.go b/vendor/golang.org/x/net/http2/writesched.go
deleted file mode 100644
index c24316ce..00000000
--- a/vendor/golang.org/x/net/http2/writesched.go
+++ /dev/null
@@ -1,283 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import "fmt"
-
-// frameWriteMsg is a request to write a frame.
-type frameWriteMsg struct {
-	// write is the interface value that does the writing, once the
-	// writeScheduler (below) has decided to select this frame
-	// to write. The write functions are all defined in write.go.
-	write writeFramer
-
-	stream *stream // used for prioritization. nil for non-stream frames.
-
-	// done, if non-nil, must be a buffered channel with space for
-	// 1 message and is sent the return value from write (or an
-	// earlier error) when the frame has been written.
-	done chan error
-}
-
-// for debugging only:
-func (wm frameWriteMsg) String() string {
-	var streamID uint32
-	if wm.stream != nil {
-		streamID = wm.stream.id
-	}
-	var des string
-	if s, ok := wm.write.(fmt.Stringer); ok {
-		des = s.String()
-	} else {
-		des = fmt.Sprintf("%T", wm.write)
-	}
-	return fmt.Sprintf("[frameWriteMsg stream=%d, ch=%v, type: %v]", streamID, wm.done != nil, des)
-}
-
-// writeScheduler tracks pending frames to write, priorities, and decides
-// the next one to use. It is not thread-safe.
-type writeScheduler struct {
-	// zero are frames not associated with a specific stream.
-	// They're sent before any stream-specific freams.
-	zero writeQueue
-
-	// maxFrameSize is the maximum size of a DATA frame
-	// we'll write. Must be non-zero and between 16K-16M.
-	maxFrameSize uint32
-
-	// sq contains the stream-specific queues, keyed by stream ID.
-	// when a stream is idle, it's deleted from the map.
-	sq map[uint32]*writeQueue
-
-	// canSend is a slice of memory that's reused between frame
-	// scheduling decisions to hold the list of writeQueues (from sq)
-	// which have enough flow control data to send. After canSend is
-	// built, the best is selected.
-	canSend []*writeQueue
-
-	// pool of empty queues for reuse.
-	queuePool []*writeQueue
-}
-
-func (ws *writeScheduler) putEmptyQueue(q *writeQueue) {
-	if len(q.s) != 0 {
-		panic("queue must be empty")
-	}
-	ws.queuePool = append(ws.queuePool, q)
-}
-
-func (ws *writeScheduler) getEmptyQueue() *writeQueue {
-	ln := len(ws.queuePool)
-	if ln == 0 {
-		return new(writeQueue)
-	}
-	q := ws.queuePool[ln-1]
-	ws.queuePool = ws.queuePool[:ln-1]
-	return q
-}
-
-func (ws *writeScheduler) empty() bool { return ws.zero.empty() && len(ws.sq) == 0 }
-
-func (ws *writeScheduler) add(wm frameWriteMsg) {
-	st := wm.stream
-	if st == nil {
-		ws.zero.push(wm)
-	} else {
-		ws.streamQueue(st.id).push(wm)
-	}
-}
-
-func (ws *writeScheduler) streamQueue(streamID uint32) *writeQueue {
-	if q, ok := ws.sq[streamID]; ok {
-		return q
-	}
-	if ws.sq == nil {
-		ws.sq = make(map[uint32]*writeQueue)
-	}
-	q := ws.getEmptyQueue()
-	ws.sq[streamID] = q
-	return q
-}
-
-// take returns the most important frame to write and removes it from the scheduler.
-// It is illegal to call this if the scheduler is empty or if there are no connection-level
-// flow control bytes available.
-func (ws *writeScheduler) take() (wm frameWriteMsg, ok bool) {
-	if ws.maxFrameSize == 0 {
-		panic("internal error: ws.maxFrameSize not initialized or invalid")
-	}
-
-	// If there any frames not associated with streams, prefer those first.
-	// These are usually SETTINGS, etc.
-	if !ws.zero.empty() {
-		return ws.zero.shift(), true
-	}
-	if len(ws.sq) == 0 {
-		return
-	}
-
-	// Next, prioritize frames on streams that aren't DATA frames (no cost).
-	for id, q := range ws.sq {
-		if q.firstIsNoCost() {
-			return ws.takeFrom(id, q)
-		}
-	}
-
-	// Now, all that remains are DATA frames with non-zero bytes to
-	// send. So pick the best one.
-	if len(ws.canSend) != 0 {
-		panic("should be empty")
-	}
-	for _, q := range ws.sq {
-		if n := ws.streamWritableBytes(q); n > 0 {
-			ws.canSend = append(ws.canSend, q)
-		}
-	}
-	if len(ws.canSend) == 0 {
-		return
-	}
-	defer ws.zeroCanSend()
-
-	// TODO: find the best queue
-	q := ws.canSend[0]
-
-	return ws.takeFrom(q.streamID(), q)
-}
-
-// zeroCanSend is defered from take.
-func (ws *writeScheduler) zeroCanSend() {
-	for i := range ws.canSend {
-		ws.canSend[i] = nil
-	}
-	ws.canSend = ws.canSend[:0]
-}
-
-// streamWritableBytes returns the number of DATA bytes we could write
-// from the given queue's stream, if this stream/queue were
-// selected. It is an error to call this if q's head isn't a
-// *writeData.
-func (ws *writeScheduler) streamWritableBytes(q *writeQueue) int32 {
-	wm := q.head()
-	ret := wm.stream.flow.available() // max we can write
-	if ret == 0 {
-		return 0
-	}
-	if int32(ws.maxFrameSize) < ret {
-		ret = int32(ws.maxFrameSize)
-	}
-	if ret == 0 {
-		panic("internal error: ws.maxFrameSize not initialized or invalid")
-	}
-	wd := wm.write.(*writeData)
-	if len(wd.p) < int(ret) {
-		ret = int32(len(wd.p))
-	}
-	return ret
-}
-
-func (ws *writeScheduler) takeFrom(id uint32, q *writeQueue) (wm frameWriteMsg, ok bool) {
-	wm = q.head()
-	// If the first item in this queue costs flow control tokens
-	// and we don't have enough, write as much as we can.
-	if wd, ok := wm.write.(*writeData); ok && len(wd.p) > 0 {
-		allowed := wm.stream.flow.available() // max we can write
-		if allowed == 0 {
-			// No quota available. Caller can try the next stream.
-			return frameWriteMsg{}, false
-		}
-		if int32(ws.maxFrameSize) < allowed {
-			allowed = int32(ws.maxFrameSize)
-		}
-		// TODO: further restrict the allowed size, because even if
-		// the peer says it's okay to write 16MB data frames, we might
-		// want to write smaller ones to properly weight competing
-		// streams' priorities.
-
-		if len(wd.p) > int(allowed) {
-			wm.stream.flow.take(allowed)
-			chunk := wd.p[:allowed]
-			wd.p = wd.p[allowed:]
-			// Make up a new write message of a valid size, rather
-			// than shifting one off the queue.
-			return frameWriteMsg{
-				stream: wm.stream,
-				write: &writeData{
-					streamID: wd.streamID,
-					p:        chunk,
-					// even if the original had endStream set, there
-					// arebytes remaining because len(wd.p) > allowed,
-					// so we know endStream is false:
-					endStream: false,
-				},
-				// our caller is blocking on the final DATA frame, not
-				// these intermediates, so no need to wait:
-				done: nil,
-			}, true
-		}
-		wm.stream.flow.take(int32(len(wd.p)))
-	}
-
-	q.shift()
-	if q.empty() {
-		ws.putEmptyQueue(q)
-		delete(ws.sq, id)
-	}
-	return wm, true
-}
-
-func (ws *writeScheduler) forgetStream(id uint32) {
-	q, ok := ws.sq[id]
-	if !ok {
-		return
-	}
-	delete(ws.sq, id)
-
-	// But keep it for others later.
-	for i := range q.s {
-		q.s[i] = frameWriteMsg{}
-	}
-	q.s = q.s[:0]
-	ws.putEmptyQueue(q)
-}
-
-type writeQueue struct {
-	s []frameWriteMsg
-}
-
-// streamID returns the stream ID for a non-empty stream-specific queue.
-func (q *writeQueue) streamID() uint32 { return q.s[0].stream.id }
-
-func (q *writeQueue) empty() bool { return len(q.s) == 0 }
-
-func (q *writeQueue) push(wm frameWriteMsg) {
-	q.s = append(q.s, wm)
-}
-
-// head returns the next item that would be removed by shift.
-func (q *writeQueue) head() frameWriteMsg {
-	if len(q.s) == 0 {
-		panic("invalid use of queue")
-	}
-	return q.s[0]
-}
-
-func (q *writeQueue) shift() frameWriteMsg {
-	if len(q.s) == 0 {
-		panic("invalid use of queue")
-	}
-	wm := q.s[0]
-	// TODO: less copy-happy queue.
-	copy(q.s, q.s[1:])
-	q.s[len(q.s)-1] = frameWriteMsg{}
-	q.s = q.s[:len(q.s)-1]
-	return wm
-}
-
-func (q *writeQueue) firstIsNoCost() bool {
-	if df, ok := q.s[0].write.(*writeData); ok {
-		return len(df.p) == 0
-	}
-	return true
-}
diff --git a/vendor/golang.org/x/net/http2/z_spec_test.go b/vendor/golang.org/x/net/http2/z_spec_test.go
deleted file mode 100644
index e0f420a1..00000000
--- a/vendor/golang.org/x/net/http2/z_spec_test.go
+++ /dev/null
@@ -1,356 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package http2
-
-import (
-	"bytes"
-	"encoding/xml"
-	"flag"
-	"fmt"
-	"io"
-	"os"
-	"reflect"
-	"regexp"
-	"sort"
-	"strconv"
-	"strings"
-	"sync"
-	"testing"
-)
-
-var coverSpec = flag.Bool("coverspec", false, "Run spec coverage tests")
-
-// The global map of sentence coverage for the http2 spec.
-var defaultSpecCoverage specCoverage
-
-var loadSpecOnce sync.Once
-
-func loadSpec() {
-	if f, err := os.Open("testdata/draft-ietf-httpbis-http2.xml"); err != nil {
-		panic(err)
-	} else {
-		defaultSpecCoverage = readSpecCov(f)
-		f.Close()
-	}
-}
-
-// covers marks all sentences for section sec in defaultSpecCoverage. Sentences not
-// "covered" will be included in report outputed by TestSpecCoverage.
-func covers(sec, sentences string) {
-	loadSpecOnce.Do(loadSpec)
-	defaultSpecCoverage.cover(sec, sentences)
-}
-
-type specPart struct {
-	section  string
-	sentence string
-}
-
-func (ss specPart) Less(oo specPart) bool {
-	atoi := func(s string) int {
-		n, err := strconv.Atoi(s)
-		if err != nil {
-			panic(err)
-		}
-		return n
-	}
-	a := strings.Split(ss.section, ".")
-	b := strings.Split(oo.section, ".")
-	for len(a) > 0 {
-		if len(b) == 0 {
-			return false
-		}
-		x, y := atoi(a[0]), atoi(b[0])
-		if x == y {
-			a, b = a[1:], b[1:]
-			continue
-		}
-		return x < y
-	}
-	if len(b) > 0 {
-		return true
-	}
-	return false
-}
-
-type bySpecSection []specPart
-
-func (a bySpecSection) Len() int           { return len(a) }
-func (a bySpecSection) Less(i, j int) bool { return a[i].Less(a[j]) }
-func (a bySpecSection) Swap(i, j int)      { a[i], a[j] = a[j], a[i] }
-
-type specCoverage struct {
-	coverage map[specPart]bool
-	d        *xml.Decoder
-}
-
-func joinSection(sec []int) string {
-	s := fmt.Sprintf("%d", sec[0])
-	for _, n := range sec[1:] {
-		s = fmt.Sprintf("%s.%d", s, n)
-	}
-	return s
-}
-
-func (sc specCoverage) readSection(sec []int) {
-	var (
-		buf = new(bytes.Buffer)
-		sub = 0
-	)
-	for {
-		tk, err := sc.d.Token()
-		if err != nil {
-			if err == io.EOF {
-				return
-			}
-			panic(err)
-		}
-		switch v := tk.(type) {
-		case xml.StartElement:
-			if skipElement(v) {
-				if err := sc.d.Skip(); err != nil {
-					panic(err)
-				}
-				if v.Name.Local == "section" {
-					sub++
-				}
-				break
-			}
-			switch v.Name.Local {
-			case "section":
-				sub++
-				sc.readSection(append(sec, sub))
-			case "xref":
-				buf.Write(sc.readXRef(v))
-			}
-		case xml.CharData:
-			if len(sec) == 0 {
-				break
-			}
-			buf.Write(v)
-		case xml.EndElement:
-			if v.Name.Local == "section" {
-				sc.addSentences(joinSection(sec), buf.String())
-				return
-			}
-		}
-	}
-}
-
-func (sc specCoverage) readXRef(se xml.StartElement) []byte {
-	var b []byte
-	for {
-		tk, err := sc.d.Token()
-		if err != nil {
-			panic(err)
-		}
-		switch v := tk.(type) {
-		case xml.CharData:
-			if b != nil {
-				panic("unexpected CharData")
-			}
-			b = []byte(string(v))
-		case xml.EndElement:
-			if v.Name.Local != "xref" {
-				panic("expected ")
-			}
-			if b != nil {
-				return b
-			}
-			sig := attrSig(se)
-			switch sig {
-			case "target":
-				return []byte(fmt.Sprintf("[%s]", attrValue(se, "target")))
-			case "fmt-of,rel,target", "fmt-,,rel,target":
-				return []byte(fmt.Sprintf("[%s, %s]", attrValue(se, "target"), attrValue(se, "rel")))
-			case "fmt-of,sec,target", "fmt-,,sec,target":
-				return []byte(fmt.Sprintf("[section %s of %s]", attrValue(se, "sec"), attrValue(se, "target")))
-			case "fmt-of,rel,sec,target":
-				return []byte(fmt.Sprintf("[section %s of %s, %s]", attrValue(se, "sec"), attrValue(se, "target"), attrValue(se, "rel")))
-			default:
-				panic(fmt.Sprintf("unknown attribute signature %q in %#v", sig, fmt.Sprintf("%#v", se)))
-			}
-		default:
-			panic(fmt.Sprintf("unexpected tag %q", v))
-		}
-	}
-}
-
-var skipAnchor = map[string]bool{
-	"intro":    true,
-	"Overview": true,
-}
-
-var skipTitle = map[string]bool{
-	"Acknowledgements":            true,
-	"Change Log":                  true,
-	"Document Organization":       true,
-	"Conventions and Terminology": true,
-}
-
-func skipElement(s xml.StartElement) bool {
-	switch s.Name.Local {
-	case "artwork":
-		return true
-	case "section":
-		for _, attr := range s.Attr {
-			switch attr.Name.Local {
-			case "anchor":
-				if skipAnchor[attr.Value] || strings.HasPrefix(attr.Value, "changes.since.") {
-					return true
-				}
-			case "title":
-				if skipTitle[attr.Value] {
-					return true
-				}
-			}
-		}
-	}
-	return false
-}
-
-func readSpecCov(r io.Reader) specCoverage {
-	sc := specCoverage{
-		coverage: map[specPart]bool{},
-		d:        xml.NewDecoder(r)}
-	sc.readSection(nil)
-	return sc
-}
-
-func (sc specCoverage) addSentences(sec string, sentence string) {
-	for _, s := range parseSentences(sentence) {
-		sc.coverage[specPart{sec, s}] = false
-	}
-}
-
-func (sc specCoverage) cover(sec string, sentence string) {
-	for _, s := range parseSentences(sentence) {
-		p := specPart{sec, s}
-		if _, ok := sc.coverage[p]; !ok {
-			panic(fmt.Sprintf("Not found in spec: %q, %q", sec, s))
-		}
-		sc.coverage[specPart{sec, s}] = true
-	}
-
-}
-
-var whitespaceRx = regexp.MustCompile(`\s+`)
-
-func parseSentences(sens string) []string {
-	sens = strings.TrimSpace(sens)
-	if sens == "" {
-		return nil
-	}
-	ss := strings.Split(whitespaceRx.ReplaceAllString(sens, " "), ". ")
-	for i, s := range ss {
-		s = strings.TrimSpace(s)
-		if !strings.HasSuffix(s, ".") {
-			s += "."
-		}
-		ss[i] = s
-	}
-	return ss
-}
-
-func TestSpecParseSentences(t *testing.T) {
-	tests := []struct {
-		ss   string
-		want []string
-	}{
-		{"Sentence 1. Sentence 2.",
-			[]string{
-				"Sentence 1.",
-				"Sentence 2.",
-			}},
-		{"Sentence 1.  \nSentence 2.\tSentence 3.",
-			[]string{
-				"Sentence 1.",
-				"Sentence 2.",
-				"Sentence 3.",
-			}},
-	}
-
-	for i, tt := range tests {
-		got := parseSentences(tt.ss)
-		if !reflect.DeepEqual(got, tt.want) {
-			t.Errorf("%d: got = %q, want %q", i, got, tt.want)
-		}
-	}
-}
-
-func TestSpecCoverage(t *testing.T) {
-	if !*coverSpec {
-		t.Skip()
-	}
-
-	loadSpecOnce.Do(loadSpec)
-
-	var (
-		list     []specPart
-		cv       = defaultSpecCoverage.coverage
-		total    = len(cv)
-		complete = 0
-	)
-
-	for sp, touched := range defaultSpecCoverage.coverage {
-		if touched {
-			complete++
-		} else {
-			list = append(list, sp)
-		}
-	}
-	sort.Stable(bySpecSection(list))
-
-	if testing.Short() && len(list) > 5 {
-		list = list[:5]
-	}
-
-	for _, p := range list {
-		t.Errorf("\tSECTION %s: %s", p.section, p.sentence)
-	}
-
-	t.Logf("%d/%d (%d%%) sentances covered", complete, total, (complete/total)*100)
-}
-
-func attrSig(se xml.StartElement) string {
-	var names []string
-	for _, attr := range se.Attr {
-		if attr.Name.Local == "fmt" {
-			names = append(names, "fmt-"+attr.Value)
-		} else {
-			names = append(names, attr.Name.Local)
-		}
-	}
-	sort.Strings(names)
-	return strings.Join(names, ",")
-}
-
-func attrValue(se xml.StartElement, attr string) string {
-	for _, a := range se.Attr {
-		if a.Name.Local == attr {
-			return a.Value
-		}
-	}
-	panic("unknown attribute " + attr)
-}
-
-func TestSpecPartLess(t *testing.T) {
-	tests := []struct {
-		sec1, sec2 string
-		want       bool
-	}{
-		{"6.2.1", "6.2", false},
-		{"6.2", "6.2.1", true},
-		{"6.10", "6.10.1", true},
-		{"6.10", "6.1.1", false}, // 10, not 1
-		{"6.1", "6.1", false},    // equal, so not less
-	}
-	for _, tt := range tests {
-		got := (specPart{tt.sec1, "foo"}).Less(specPart{tt.sec2, "foo"})
-		if got != tt.want {
-			t.Errorf("Less(%q, %q) = %v; want %v", tt.sec1, tt.sec2, got, tt.want)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/dstunreach.go b/vendor/golang.org/x/net/icmp/dstunreach.go
deleted file mode 100644
index 75db991d..00000000
--- a/vendor/golang.org/x/net/icmp/dstunreach.go
+++ /dev/null
@@ -1,41 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-// A DstUnreach represents an ICMP destination unreachable message
-// body.
-type DstUnreach struct {
-	Data       []byte      // data, known as original datagram field
-	Extensions []Extension // extensions
-}
-
-// Len implements the Len method of MessageBody interface.
-func (p *DstUnreach) Len(proto int) int {
-	if p == nil {
-		return 0
-	}
-	l, _ := multipartMessageBodyDataLen(proto, p.Data, p.Extensions)
-	return 4 + l
-}
-
-// Marshal implements the Marshal method of MessageBody interface.
-func (p *DstUnreach) Marshal(proto int) ([]byte, error) {
-	return marshalMultipartMessageBody(proto, p.Data, p.Extensions)
-}
-
-// parseDstUnreach parses b as an ICMP destination unreachable message
-// body.
-func parseDstUnreach(proto int, b []byte) (MessageBody, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	p := &DstUnreach{}
-	var err error
-	p.Data, p.Extensions, err = parseMultipartMessageBody(proto, b)
-	if err != nil {
-		return nil, err
-	}
-	return p, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/echo.go b/vendor/golang.org/x/net/icmp/echo.go
deleted file mode 100644
index dd551811..00000000
--- a/vendor/golang.org/x/net/icmp/echo.go
+++ /dev/null
@@ -1,45 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import "encoding/binary"
-
-// An Echo represents an ICMP echo request or reply message body.
-type Echo struct {
-	ID   int    // identifier
-	Seq  int    // sequence number
-	Data []byte // data
-}
-
-// Len implements the Len method of MessageBody interface.
-func (p *Echo) Len(proto int) int {
-	if p == nil {
-		return 0
-	}
-	return 4 + len(p.Data)
-}
-
-// Marshal implements the Marshal method of MessageBody interface.
-func (p *Echo) Marshal(proto int) ([]byte, error) {
-	b := make([]byte, 4+len(p.Data))
-	binary.BigEndian.PutUint16(b[:2], uint16(p.ID))
-	binary.BigEndian.PutUint16(b[2:4], uint16(p.Seq))
-	copy(b[4:], p.Data)
-	return b, nil
-}
-
-// parseEcho parses b as an ICMP echo request or reply message body.
-func parseEcho(proto int, b []byte) (MessageBody, error) {
-	bodyLen := len(b)
-	if bodyLen < 4 {
-		return nil, errMessageTooShort
-	}
-	p := &Echo{ID: int(binary.BigEndian.Uint16(b[:2])), Seq: int(binary.BigEndian.Uint16(b[2:4]))}
-	if bodyLen > 4 {
-		p.Data = make([]byte, bodyLen-4)
-		copy(p.Data, b[4:])
-	}
-	return p, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/endpoint.go b/vendor/golang.org/x/net/icmp/endpoint.go
deleted file mode 100644
index 0213d1a1..00000000
--- a/vendor/golang.org/x/net/icmp/endpoint.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"net"
-	"runtime"
-	"syscall"
-	"time"
-
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-var _ net.PacketConn = &PacketConn{}
-
-// A PacketConn represents a packet network endpoint that uses either
-// ICMPv4 or ICMPv6.
-type PacketConn struct {
-	c  net.PacketConn
-	p4 *ipv4.PacketConn
-	p6 *ipv6.PacketConn
-}
-
-func (c *PacketConn) ok() bool { return c != nil && c.c != nil }
-
-// IPv4PacketConn returns the ipv4.PacketConn of c.
-// It returns nil when c is not created as the endpoint for ICMPv4.
-func (c *PacketConn) IPv4PacketConn() *ipv4.PacketConn {
-	if !c.ok() {
-		return nil
-	}
-	return c.p4
-}
-
-// IPv6PacketConn returns the ipv6.PacketConn of c.
-// It returns nil when c is not created as the endpoint for ICMPv6.
-func (c *PacketConn) IPv6PacketConn() *ipv6.PacketConn {
-	if !c.ok() {
-		return nil
-	}
-	return c.p6
-}
-
-// ReadFrom reads an ICMP message from the connection.
-func (c *PacketConn) ReadFrom(b []byte) (int, net.Addr, error) {
-	if !c.ok() {
-		return 0, nil, syscall.EINVAL
-	}
-	// Please be informed that ipv4.NewPacketConn enables
-	// IP_STRIPHDR option by default on Darwin.
-	// See golang.org/issue/9395 for futher information.
-	if runtime.GOOS == "darwin" && c.p4 != nil {
-		n, _, peer, err := c.p4.ReadFrom(b)
-		return n, peer, err
-	}
-	return c.c.ReadFrom(b)
-}
-
-// WriteTo writes the ICMP message b to dst.
-// Dst must be net.UDPAddr when c is a non-privileged
-// datagram-oriented ICMP endpoint. Otherwise it must be net.IPAddr.
-func (c *PacketConn) WriteTo(b []byte, dst net.Addr) (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	return c.c.WriteTo(b, dst)
-}
-
-// Close closes the endpoint.
-func (c *PacketConn) Close() error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	return c.c.Close()
-}
-
-// LocalAddr returns the local network address.
-func (c *PacketConn) LocalAddr() net.Addr {
-	if !c.ok() {
-		return nil
-	}
-	return c.c.LocalAddr()
-}
-
-// SetDeadline sets the read and write deadlines associated with the
-// endpoint.
-func (c *PacketConn) SetDeadline(t time.Time) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	return c.c.SetDeadline(t)
-}
-
-// SetReadDeadline sets the read deadline associated with the
-// endpoint.
-func (c *PacketConn) SetReadDeadline(t time.Time) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	return c.c.SetReadDeadline(t)
-}
-
-// SetWriteDeadline sets the write deadline associated with the
-// endpoint.
-func (c *PacketConn) SetWriteDeadline(t time.Time) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	return c.c.SetWriteDeadline(t)
-}
diff --git a/vendor/golang.org/x/net/icmp/example_test.go b/vendor/golang.org/x/net/icmp/example_test.go
deleted file mode 100644
index 1df4cecc..00000000
--- a/vendor/golang.org/x/net/icmp/example_test.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp_test
-
-import (
-	"log"
-	"net"
-	"os"
-	"runtime"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/ipv6"
-)
-
-func ExamplePacketConn_nonPrivilegedPing() {
-	switch runtime.GOOS {
-	case "darwin":
-	case "linux":
-		log.Println("you may need to adjust the net.ipv4.ping_group_range kernel state")
-	default:
-		log.Println("not supported on", runtime.GOOS)
-		return
-	}
-
-	c, err := icmp.ListenPacket("udp6", "fe80::1%en0")
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-
-	wm := icmp.Message{
-		Type: ipv6.ICMPTypeEchoRequest, Code: 0,
-		Body: &icmp.Echo{
-			ID: os.Getpid() & 0xffff, Seq: 1,
-			Data: []byte("HELLO-R-U-THERE"),
-		},
-	}
-	wb, err := wm.Marshal(nil)
-	if err != nil {
-		log.Fatal(err)
-	}
-	if _, err := c.WriteTo(wb, &net.UDPAddr{IP: net.ParseIP("ff02::1"), Zone: "en0"}); err != nil {
-		log.Fatal(err)
-	}
-
-	rb := make([]byte, 1500)
-	n, peer, err := c.ReadFrom(rb)
-	if err != nil {
-		log.Fatal(err)
-	}
-	rm, err := icmp.ParseMessage(58, rb[:n])
-	if err != nil {
-		log.Fatal(err)
-	}
-	switch rm.Type {
-	case ipv6.ICMPTypeEchoReply:
-		log.Printf("got reflection from %v", peer)
-	default:
-		log.Printf("got %+v; want echo reply", rm)
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/extension.go b/vendor/golang.org/x/net/icmp/extension.go
deleted file mode 100644
index 402a7514..00000000
--- a/vendor/golang.org/x/net/icmp/extension.go
+++ /dev/null
@@ -1,89 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import "encoding/binary"
-
-// An Extension represents an ICMP extension.
-type Extension interface {
-	// Len returns the length of ICMP extension.
-	// Proto must be either the ICMPv4 or ICMPv6 protocol number.
-	Len(proto int) int
-
-	// Marshal returns the binary encoding of ICMP extension.
-	// Proto must be either the ICMPv4 or ICMPv6 protocol number.
-	Marshal(proto int) ([]byte, error)
-}
-
-const extensionVersion = 2
-
-func validExtensionHeader(b []byte) bool {
-	v := int(b[0]&0xf0) >> 4
-	s := binary.BigEndian.Uint16(b[2:4])
-	if s != 0 {
-		s = checksum(b)
-	}
-	if v != extensionVersion || s != 0 {
-		return false
-	}
-	return true
-}
-
-// parseExtensions parses b as a list of ICMP extensions.
-// The length attribute l must be the length attribute field in
-// received icmp messages.
-//
-// It will return a list of ICMP extensions and an adjusted length
-// attribute that represents the length of the padded original
-// datagram field. Otherwise, it returns an error.
-func parseExtensions(b []byte, l int) ([]Extension, int, error) {
-	// Still a lot of non-RFC 4884 compliant implementations are
-	// out there. Set the length attribute l to 128 when it looks
-	// inappropriate for backwards compatibility.
-	//
-	// A minimal extension at least requires 8 octets; 4 octets
-	// for an extension header, and 4 octets for a single object
-	// header.
-	//
-	// See RFC 4884 for further information.
-	if 128 > l || l+8 > len(b) {
-		l = 128
-	}
-	if l+8 > len(b) {
-		return nil, -1, errNoExtension
-	}
-	if !validExtensionHeader(b[l:]) {
-		if l == 128 {
-			return nil, -1, errNoExtension
-		}
-		l = 128
-		if !validExtensionHeader(b[l:]) {
-			return nil, -1, errNoExtension
-		}
-	}
-	var exts []Extension
-	for b = b[l+4:]; len(b) >= 4; {
-		ol := int(binary.BigEndian.Uint16(b[:2]))
-		if 4 > ol || ol > len(b) {
-			break
-		}
-		switch b[2] {
-		case classMPLSLabelStack:
-			ext, err := parseMPLSLabelStack(b[:ol])
-			if err != nil {
-				return nil, -1, err
-			}
-			exts = append(exts, ext)
-		case classInterfaceInfo:
-			ext, err := parseInterfaceInfo(b[:ol])
-			if err != nil {
-				return nil, -1, err
-			}
-			exts = append(exts, ext)
-		}
-		b = b[ol:]
-	}
-	return exts, l, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/extension_test.go b/vendor/golang.org/x/net/icmp/extension_test.go
deleted file mode 100644
index 0b3f7b9e..00000000
--- a/vendor/golang.org/x/net/icmp/extension_test.go
+++ /dev/null
@@ -1,259 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"net"
-	"reflect"
-	"testing"
-
-	"golang.org/x/net/internal/iana"
-)
-
-var marshalAndParseExtensionTests = []struct {
-	proto int
-	hdr   []byte
-	obj   []byte
-	exts  []Extension
-}{
-	// MPLS label stack with no label
-	{
-		proto: iana.ProtocolICMP,
-		hdr: []byte{
-			0x20, 0x00, 0x00, 0x00,
-		},
-		obj: []byte{
-			0x00, 0x04, 0x01, 0x01,
-		},
-		exts: []Extension{
-			&MPLSLabelStack{
-				Class: classMPLSLabelStack,
-				Type:  typeIncomingMPLSLabelStack,
-			},
-		},
-	},
-	// MPLS label stack with a single label
-	{
-		proto: iana.ProtocolIPv6ICMP,
-		hdr: []byte{
-			0x20, 0x00, 0x00, 0x00,
-		},
-		obj: []byte{
-			0x00, 0x08, 0x01, 0x01,
-			0x03, 0xe8, 0xe9, 0xff,
-		},
-		exts: []Extension{
-			&MPLSLabelStack{
-				Class: classMPLSLabelStack,
-				Type:  typeIncomingMPLSLabelStack,
-				Labels: []MPLSLabel{
-					{
-						Label: 16014,
-						TC:    0x4,
-						S:     true,
-						TTL:   255,
-					},
-				},
-			},
-		},
-	},
-	// MPLS label stack with multiple labels
-	{
-		proto: iana.ProtocolICMP,
-		hdr: []byte{
-			0x20, 0x00, 0x00, 0x00,
-		},
-		obj: []byte{
-			0x00, 0x0c, 0x01, 0x01,
-			0x03, 0xe8, 0xde, 0xfe,
-			0x03, 0xe8, 0xe1, 0xff,
-		},
-		exts: []Extension{
-			&MPLSLabelStack{
-				Class: classMPLSLabelStack,
-				Type:  typeIncomingMPLSLabelStack,
-				Labels: []MPLSLabel{
-					{
-						Label: 16013,
-						TC:    0x7,
-						S:     false,
-						TTL:   254,
-					},
-					{
-						Label: 16014,
-						TC:    0,
-						S:     true,
-						TTL:   255,
-					},
-				},
-			},
-		},
-	},
-	// Interface information with no attribute
-	{
-		proto: iana.ProtocolICMP,
-		hdr: []byte{
-			0x20, 0x00, 0x00, 0x00,
-		},
-		obj: []byte{
-			0x00, 0x04, 0x02, 0x00,
-		},
-		exts: []Extension{
-			&InterfaceInfo{
-				Class: classInterfaceInfo,
-			},
-		},
-	},
-	// Interface information with ifIndex and name
-	{
-		proto: iana.ProtocolICMP,
-		hdr: []byte{
-			0x20, 0x00, 0x00, 0x00,
-		},
-		obj: []byte{
-			0x00, 0x10, 0x02, 0x0a,
-			0x00, 0x00, 0x00, 0x10,
-			0x08, byte('e'), byte('n'), byte('1'),
-			byte('0'), byte('1'), 0x00, 0x00,
-		},
-		exts: []Extension{
-			&InterfaceInfo{
-				Class: classInterfaceInfo,
-				Type:  0x0a,
-				Interface: &net.Interface{
-					Index: 16,
-					Name:  "en101",
-				},
-			},
-		},
-	},
-	// Interface information with ifIndex, IPAddr, name and MTU
-	{
-		proto: iana.ProtocolIPv6ICMP,
-		hdr: []byte{
-			0x20, 0x00, 0x00, 0x00,
-		},
-		obj: []byte{
-			0x00, 0x28, 0x02, 0x0f,
-			0x00, 0x00, 0x00, 0x0f,
-			0x00, 0x02, 0x00, 0x00,
-			0xfe, 0x80, 0x00, 0x00,
-			0x00, 0x00, 0x00, 0x00,
-			0x00, 0x00, 0x00, 0x00,
-			0x00, 0x00, 0x00, 0x01,
-			0x08, byte('e'), byte('n'), byte('1'),
-			byte('0'), byte('1'), 0x00, 0x00,
-			0x00, 0x00, 0x20, 0x00,
-		},
-		exts: []Extension{
-			&InterfaceInfo{
-				Class: classInterfaceInfo,
-				Type:  0x0f,
-				Interface: &net.Interface{
-					Index: 15,
-					Name:  "en101",
-					MTU:   8192,
-				},
-				Addr: &net.IPAddr{
-					IP:   net.ParseIP("fe80::1"),
-					Zone: "en101",
-				},
-			},
-		},
-	},
-}
-
-func TestMarshalAndParseExtension(t *testing.T) {
-	for i, tt := range marshalAndParseExtensionTests {
-		for j, ext := range tt.exts {
-			var err error
-			var b []byte
-			switch ext := ext.(type) {
-			case *MPLSLabelStack:
-				b, err = ext.Marshal(tt.proto)
-				if err != nil {
-					t.Errorf("#%v/%v: %v", i, j, err)
-					continue
-				}
-			case *InterfaceInfo:
-				b, err = ext.Marshal(tt.proto)
-				if err != nil {
-					t.Errorf("#%v/%v: %v", i, j, err)
-					continue
-				}
-			}
-			if !reflect.DeepEqual(b, tt.obj) {
-				t.Errorf("#%v/%v: got %#v; want %#v", i, j, b, tt.obj)
-				continue
-			}
-		}
-
-		for j, wire := range []struct {
-			data     []byte // original datagram
-			inlattr  int    // length of padded original datagram, a hint
-			outlattr int    // length of padded original datagram, a want
-			err      error
-		}{
-			{nil, 0, -1, errNoExtension},
-			{make([]byte, 127), 128, -1, errNoExtension},
-
-			{make([]byte, 128), 127, -1, errNoExtension},
-			{make([]byte, 128), 128, -1, errNoExtension},
-			{make([]byte, 128), 129, -1, errNoExtension},
-
-			{append(make([]byte, 128), append(tt.hdr, tt.obj...)...), 127, 128, nil},
-			{append(make([]byte, 128), append(tt.hdr, tt.obj...)...), 128, 128, nil},
-			{append(make([]byte, 128), append(tt.hdr, tt.obj...)...), 129, 128, nil},
-
-			{append(make([]byte, 512), append(tt.hdr, tt.obj...)...), 511, -1, errNoExtension},
-			{append(make([]byte, 512), append(tt.hdr, tt.obj...)...), 512, 512, nil},
-			{append(make([]byte, 512), append(tt.hdr, tt.obj...)...), 513, -1, errNoExtension},
-		} {
-			exts, l, err := parseExtensions(wire.data, wire.inlattr)
-			if err != wire.err {
-				t.Errorf("#%v/%v: got %v; want %v", i, j, err, wire.err)
-				continue
-			}
-			if wire.err != nil {
-				continue
-			}
-			if l != wire.outlattr {
-				t.Errorf("#%v/%v: got %v; want %v", i, j, l, wire.outlattr)
-			}
-			if !reflect.DeepEqual(exts, tt.exts) {
-				for j, ext := range exts {
-					switch ext := ext.(type) {
-					case *MPLSLabelStack:
-						want := tt.exts[j].(*MPLSLabelStack)
-						t.Errorf("#%v/%v: got %#v; want %#v", i, j, ext, want)
-					case *InterfaceInfo:
-						want := tt.exts[j].(*InterfaceInfo)
-						t.Errorf("#%v/%v: got %#v; want %#v", i, j, ext, want)
-					}
-				}
-				continue
-			}
-		}
-	}
-}
-
-var parseInterfaceNameTests = []struct {
-	b []byte
-	error
-}{
-	{[]byte{0, 'e', 'n', '0'}, errInvalidExtension},
-	{[]byte{4, 'e', 'n', '0'}, nil},
-	{[]byte{7, 'e', 'n', '0', 0xff, 0xff, 0xff, 0xff}, errInvalidExtension},
-	{[]byte{8, 'e', 'n', '0', 0xff, 0xff, 0xff}, errMessageTooShort},
-}
-
-func TestParseInterfaceName(t *testing.T) {
-	ifi := InterfaceInfo{Interface: &net.Interface{}}
-	for i, tt := range parseInterfaceNameTests {
-		if _, err := ifi.parseName(tt.b); err != tt.error {
-			t.Errorf("#%d: got %v; want %v", i, err, tt.error)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/helper.go b/vendor/golang.org/x/net/icmp/helper.go
deleted file mode 100644
index 6c4e633b..00000000
--- a/vendor/golang.org/x/net/icmp/helper.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2016 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"encoding/binary"
-	"unsafe"
-)
-
-var (
-	// See http://www.freebsd.org/doc/en/books/porters-handbook/freebsd-versions.html.
-	freebsdVersion uint32
-
-	nativeEndian binary.ByteOrder
-)
-
-func init() {
-	i := uint32(1)
-	b := (*[4]byte)(unsafe.Pointer(&i))
-	if b[0] == 1 {
-		nativeEndian = binary.LittleEndian
-	} else {
-		nativeEndian = binary.BigEndian
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/helper_posix.go b/vendor/golang.org/x/net/icmp/helper_posix.go
deleted file mode 100644
index 398fd388..00000000
--- a/vendor/golang.org/x/net/icmp/helper_posix.go
+++ /dev/null
@@ -1,75 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd solaris windows
-
-package icmp
-
-import (
-	"net"
-	"strconv"
-	"syscall"
-)
-
-func sockaddr(family int, address string) (syscall.Sockaddr, error) {
-	switch family {
-	case syscall.AF_INET:
-		a, err := net.ResolveIPAddr("ip4", address)
-		if err != nil {
-			return nil, err
-		}
-		if len(a.IP) == 0 {
-			a.IP = net.IPv4zero
-		}
-		if a.IP = a.IP.To4(); a.IP == nil {
-			return nil, net.InvalidAddrError("non-ipv4 address")
-		}
-		sa := &syscall.SockaddrInet4{}
-		copy(sa.Addr[:], a.IP)
-		return sa, nil
-	case syscall.AF_INET6:
-		a, err := net.ResolveIPAddr("ip6", address)
-		if err != nil {
-			return nil, err
-		}
-		if len(a.IP) == 0 {
-			a.IP = net.IPv6unspecified
-		}
-		if a.IP.Equal(net.IPv4zero) {
-			a.IP = net.IPv6unspecified
-		}
-		if a.IP = a.IP.To16(); a.IP == nil || a.IP.To4() != nil {
-			return nil, net.InvalidAddrError("non-ipv6 address")
-		}
-		sa := &syscall.SockaddrInet6{ZoneId: zoneToUint32(a.Zone)}
-		copy(sa.Addr[:], a.IP)
-		return sa, nil
-	default:
-		return nil, net.InvalidAddrError("unexpected family")
-	}
-}
-
-func zoneToUint32(zone string) uint32 {
-	if zone == "" {
-		return 0
-	}
-	if ifi, err := net.InterfaceByName(zone); err == nil {
-		return uint32(ifi.Index)
-	}
-	n, err := strconv.Atoi(zone)
-	if err != nil {
-		return 0
-	}
-	return uint32(n)
-}
-
-func last(s string, b byte) int {
-	i := len(s)
-	for i--; i >= 0; i-- {
-		if s[i] == b {
-			break
-		}
-	}
-	return i
-}
diff --git a/vendor/golang.org/x/net/icmp/interface.go b/vendor/golang.org/x/net/icmp/interface.go
deleted file mode 100644
index 78b5b98b..00000000
--- a/vendor/golang.org/x/net/icmp/interface.go
+++ /dev/null
@@ -1,236 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"encoding/binary"
-	"net"
-	"strings"
-
-	"golang.org/x/net/internal/iana"
-)
-
-const (
-	classInterfaceInfo = 2
-
-	afiIPv4 = 1
-	afiIPv6 = 2
-)
-
-const (
-	attrMTU = 1 << iota
-	attrName
-	attrIPAddr
-	attrIfIndex
-)
-
-// An InterfaceInfo represents interface and next-hop identification.
-type InterfaceInfo struct {
-	Class     int // extension object class number
-	Type      int // extension object sub-type
-	Interface *net.Interface
-	Addr      *net.IPAddr
-}
-
-func (ifi *InterfaceInfo) nameLen() int {
-	if len(ifi.Interface.Name) > 63 {
-		return 64
-	}
-	l := 1 + len(ifi.Interface.Name)
-	return (l + 3) &^ 3
-}
-
-func (ifi *InterfaceInfo) attrsAndLen(proto int) (attrs, l int) {
-	l = 4
-	if ifi.Interface != nil && ifi.Interface.Index > 0 {
-		attrs |= attrIfIndex
-		l += 4
-		if len(ifi.Interface.Name) > 0 {
-			attrs |= attrName
-			l += ifi.nameLen()
-		}
-		if ifi.Interface.MTU > 0 {
-			attrs |= attrMTU
-			l += 4
-		}
-	}
-	if ifi.Addr != nil {
-		switch proto {
-		case iana.ProtocolICMP:
-			if ifi.Addr.IP.To4() != nil {
-				attrs |= attrIPAddr
-				l += 4 + net.IPv4len
-			}
-		case iana.ProtocolIPv6ICMP:
-			if ifi.Addr.IP.To16() != nil && ifi.Addr.IP.To4() == nil {
-				attrs |= attrIPAddr
-				l += 4 + net.IPv6len
-			}
-		}
-	}
-	return
-}
-
-// Len implements the Len method of Extension interface.
-func (ifi *InterfaceInfo) Len(proto int) int {
-	_, l := ifi.attrsAndLen(proto)
-	return l
-}
-
-// Marshal implements the Marshal method of Extension interface.
-func (ifi *InterfaceInfo) Marshal(proto int) ([]byte, error) {
-	attrs, l := ifi.attrsAndLen(proto)
-	b := make([]byte, l)
-	if err := ifi.marshal(proto, b, attrs, l); err != nil {
-		return nil, err
-	}
-	return b, nil
-}
-
-func (ifi *InterfaceInfo) marshal(proto int, b []byte, attrs, l int) error {
-	binary.BigEndian.PutUint16(b[:2], uint16(l))
-	b[2], b[3] = classInterfaceInfo, byte(ifi.Type)
-	for b = b[4:]; len(b) > 0 && attrs != 0; {
-		switch {
-		case attrs&attrIfIndex != 0:
-			b = ifi.marshalIfIndex(proto, b)
-			attrs &^= attrIfIndex
-		case attrs&attrIPAddr != 0:
-			b = ifi.marshalIPAddr(proto, b)
-			attrs &^= attrIPAddr
-		case attrs&attrName != 0:
-			b = ifi.marshalName(proto, b)
-			attrs &^= attrName
-		case attrs&attrMTU != 0:
-			b = ifi.marshalMTU(proto, b)
-			attrs &^= attrMTU
-		}
-	}
-	return nil
-}
-
-func (ifi *InterfaceInfo) marshalIfIndex(proto int, b []byte) []byte {
-	binary.BigEndian.PutUint32(b[:4], uint32(ifi.Interface.Index))
-	return b[4:]
-}
-
-func (ifi *InterfaceInfo) parseIfIndex(b []byte) ([]byte, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	ifi.Interface.Index = int(binary.BigEndian.Uint32(b[:4]))
-	return b[4:], nil
-}
-
-func (ifi *InterfaceInfo) marshalIPAddr(proto int, b []byte) []byte {
-	switch proto {
-	case iana.ProtocolICMP:
-		binary.BigEndian.PutUint16(b[:2], uint16(afiIPv4))
-		copy(b[4:4+net.IPv4len], ifi.Addr.IP.To4())
-		b = b[4+net.IPv4len:]
-	case iana.ProtocolIPv6ICMP:
-		binary.BigEndian.PutUint16(b[:2], uint16(afiIPv6))
-		copy(b[4:4+net.IPv6len], ifi.Addr.IP.To16())
-		b = b[4+net.IPv6len:]
-	}
-	return b
-}
-
-func (ifi *InterfaceInfo) parseIPAddr(b []byte) ([]byte, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	afi := int(binary.BigEndian.Uint16(b[:2]))
-	b = b[4:]
-	switch afi {
-	case afiIPv4:
-		if len(b) < net.IPv4len {
-			return nil, errMessageTooShort
-		}
-		ifi.Addr.IP = make(net.IP, net.IPv4len)
-		copy(ifi.Addr.IP, b[:net.IPv4len])
-		b = b[net.IPv4len:]
-	case afiIPv6:
-		if len(b) < net.IPv6len {
-			return nil, errMessageTooShort
-		}
-		ifi.Addr.IP = make(net.IP, net.IPv6len)
-		copy(ifi.Addr.IP, b[:net.IPv6len])
-		b = b[net.IPv6len:]
-	}
-	return b, nil
-}
-
-func (ifi *InterfaceInfo) marshalName(proto int, b []byte) []byte {
-	l := byte(ifi.nameLen())
-	b[0] = l
-	copy(b[1:], []byte(ifi.Interface.Name))
-	return b[l:]
-}
-
-func (ifi *InterfaceInfo) parseName(b []byte) ([]byte, error) {
-	if 4 > len(b) || len(b) < int(b[0]) {
-		return nil, errMessageTooShort
-	}
-	l := int(b[0])
-	if l%4 != 0 || 4 > l || l > 64 {
-		return nil, errInvalidExtension
-	}
-	var name [63]byte
-	copy(name[:], b[1:l])
-	ifi.Interface.Name = strings.Trim(string(name[:]), "\000")
-	return b[l:], nil
-}
-
-func (ifi *InterfaceInfo) marshalMTU(proto int, b []byte) []byte {
-	binary.BigEndian.PutUint32(b[:4], uint32(ifi.Interface.MTU))
-	return b[4:]
-}
-
-func (ifi *InterfaceInfo) parseMTU(b []byte) ([]byte, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	ifi.Interface.MTU = int(binary.BigEndian.Uint32(b[:4]))
-	return b[4:], nil
-}
-
-func parseInterfaceInfo(b []byte) (Extension, error) {
-	ifi := &InterfaceInfo{
-		Class: int(b[2]),
-		Type:  int(b[3]),
-	}
-	if ifi.Type&(attrIfIndex|attrName|attrMTU) != 0 {
-		ifi.Interface = &net.Interface{}
-	}
-	if ifi.Type&attrIPAddr != 0 {
-		ifi.Addr = &net.IPAddr{}
-	}
-	attrs := ifi.Type & (attrIfIndex | attrIPAddr | attrName | attrMTU)
-	for b = b[4:]; len(b) > 0 && attrs != 0; {
-		var err error
-		switch {
-		case attrs&attrIfIndex != 0:
-			b, err = ifi.parseIfIndex(b)
-			attrs &^= attrIfIndex
-		case attrs&attrIPAddr != 0:
-			b, err = ifi.parseIPAddr(b)
-			attrs &^= attrIPAddr
-		case attrs&attrName != 0:
-			b, err = ifi.parseName(b)
-			attrs &^= attrName
-		case attrs&attrMTU != 0:
-			b, err = ifi.parseMTU(b)
-			attrs &^= attrMTU
-		}
-		if err != nil {
-			return nil, err
-		}
-	}
-	if ifi.Interface != nil && ifi.Interface.Name != "" && ifi.Addr != nil && ifi.Addr.IP.To16() != nil && ifi.Addr.IP.To4() == nil {
-		ifi.Addr.Zone = ifi.Interface.Name
-	}
-	return ifi, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/ipv4.go b/vendor/golang.org/x/net/icmp/ipv4.go
deleted file mode 100644
index 729ddc97..00000000
--- a/vendor/golang.org/x/net/icmp/ipv4.go
+++ /dev/null
@@ -1,56 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"encoding/binary"
-	"net"
-	"runtime"
-
-	"golang.org/x/net/ipv4"
-)
-
-// ParseIPv4Header parses b as an IPv4 header of ICMP error message
-// invoking packet, which is contained in ICMP error message.
-func ParseIPv4Header(b []byte) (*ipv4.Header, error) {
-	if len(b) < ipv4.HeaderLen {
-		return nil, errHeaderTooShort
-	}
-	hdrlen := int(b[0]&0x0f) << 2
-	if hdrlen > len(b) {
-		return nil, errBufferTooShort
-	}
-	h := &ipv4.Header{
-		Version:  int(b[0] >> 4),
-		Len:      hdrlen,
-		TOS:      int(b[1]),
-		ID:       int(binary.BigEndian.Uint16(b[4:6])),
-		FragOff:  int(binary.BigEndian.Uint16(b[6:8])),
-		TTL:      int(b[8]),
-		Protocol: int(b[9]),
-		Checksum: int(binary.BigEndian.Uint16(b[10:12])),
-		Src:      net.IPv4(b[12], b[13], b[14], b[15]),
-		Dst:      net.IPv4(b[16], b[17], b[18], b[19]),
-	}
-	switch runtime.GOOS {
-	case "darwin":
-		h.TotalLen = int(nativeEndian.Uint16(b[2:4]))
-	case "freebsd":
-		if freebsdVersion >= 1000000 {
-			h.TotalLen = int(binary.BigEndian.Uint16(b[2:4]))
-		} else {
-			h.TotalLen = int(nativeEndian.Uint16(b[2:4]))
-		}
-	default:
-		h.TotalLen = int(binary.BigEndian.Uint16(b[2:4]))
-	}
-	h.Flags = ipv4.HeaderFlags(h.FragOff&0xe000) >> 13
-	h.FragOff = h.FragOff & 0x1fff
-	if hdrlen-ipv4.HeaderLen > 0 {
-		h.Options = make([]byte, hdrlen-ipv4.HeaderLen)
-		copy(h.Options, b[ipv4.HeaderLen:])
-	}
-	return h, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/ipv4_test.go b/vendor/golang.org/x/net/icmp/ipv4_test.go
deleted file mode 100644
index b05c6973..00000000
--- a/vendor/golang.org/x/net/icmp/ipv4_test.go
+++ /dev/null
@@ -1,71 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"net"
-	"reflect"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/ipv4"
-)
-
-var (
-	wireHeaderFromKernel = [ipv4.HeaderLen]byte{
-		0x45, 0x01, 0xbe, 0xef,
-		0xca, 0xfe, 0x45, 0xdc,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	wireHeaderFromTradBSDKernel = [ipv4.HeaderLen]byte{
-		0x45, 0x01, 0xef, 0xbe,
-		0xca, 0xfe, 0x45, 0xdc,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	// TODO(mikio): Add platform dependent wire header formats when
-	// we support new platforms.
-
-	testHeader = &ipv4.Header{
-		Version:  ipv4.Version,
-		Len:      ipv4.HeaderLen,
-		TOS:      1,
-		TotalLen: 0xbeef,
-		ID:       0xcafe,
-		Flags:    ipv4.DontFragment,
-		FragOff:  1500,
-		TTL:      255,
-		Protocol: 1,
-		Checksum: 0xdead,
-		Src:      net.IPv4(172, 16, 254, 254),
-		Dst:      net.IPv4(192, 168, 0, 1),
-	}
-)
-
-func TestParseIPv4Header(t *testing.T) {
-	var wh []byte
-	switch runtime.GOOS {
-	case "darwin":
-		wh = wireHeaderFromTradBSDKernel[:]
-	case "freebsd":
-		if freebsdVersion >= 1000000 {
-			wh = wireHeaderFromKernel[:]
-		} else {
-			wh = wireHeaderFromTradBSDKernel[:]
-		}
-	default:
-		wh = wireHeaderFromKernel[:]
-	}
-	h, err := ParseIPv4Header(wh)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if !reflect.DeepEqual(h, testHeader) {
-		t.Fatalf("got %#v; want %#v", h, testHeader)
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/ipv6.go b/vendor/golang.org/x/net/icmp/ipv6.go
deleted file mode 100644
index 58eaa77d..00000000
--- a/vendor/golang.org/x/net/icmp/ipv6.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"net"
-
-	"golang.org/x/net/internal/iana"
-)
-
-const ipv6PseudoHeaderLen = 2*net.IPv6len + 8
-
-// IPv6PseudoHeader returns an IPv6 pseudo header for checksum
-// calculation.
-func IPv6PseudoHeader(src, dst net.IP) []byte {
-	b := make([]byte, ipv6PseudoHeaderLen)
-	copy(b, src.To16())
-	copy(b[net.IPv6len:], dst.To16())
-	b[len(b)-1] = byte(iana.ProtocolIPv6ICMP)
-	return b
-}
diff --git a/vendor/golang.org/x/net/icmp/listen_posix.go b/vendor/golang.org/x/net/icmp/listen_posix.go
deleted file mode 100644
index b9f26079..00000000
--- a/vendor/golang.org/x/net/icmp/listen_posix.go
+++ /dev/null
@@ -1,98 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd solaris windows
-
-package icmp
-
-import (
-	"net"
-	"os"
-	"runtime"
-	"syscall"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-const sysIP_STRIPHDR = 0x17 // for now only darwin supports this option
-
-// ListenPacket listens for incoming ICMP packets addressed to
-// address. See net.Dial for the syntax of address.
-//
-// For non-privileged datagram-oriented ICMP endpoints, network must
-// be "udp4" or "udp6". The endpoint allows to read, write a few
-// limited ICMP messages such as echo request and echo reply.
-// Currently only Darwin and Linux support this.
-//
-// Examples:
-//	ListenPacket("udp4", "192.168.0.1")
-//	ListenPacket("udp4", "0.0.0.0")
-//	ListenPacket("udp6", "fe80::1%en0")
-//	ListenPacket("udp6", "::")
-//
-// For privileged raw ICMP endpoints, network must be "ip4" or "ip6"
-// followed by a colon and an ICMP protocol number or name.
-//
-// Examples:
-//	ListenPacket("ip4:icmp", "192.168.0.1")
-//	ListenPacket("ip4:1", "0.0.0.0")
-//	ListenPacket("ip6:ipv6-icmp", "fe80::1%en0")
-//	ListenPacket("ip6:58", "::")
-func ListenPacket(network, address string) (*PacketConn, error) {
-	var family, proto int
-	switch network {
-	case "udp4":
-		family, proto = syscall.AF_INET, iana.ProtocolICMP
-	case "udp6":
-		family, proto = syscall.AF_INET6, iana.ProtocolIPv6ICMP
-	default:
-		i := last(network, ':')
-		switch network[:i] {
-		case "ip4":
-			proto = iana.ProtocolICMP
-		case "ip6":
-			proto = iana.ProtocolIPv6ICMP
-		}
-	}
-	var cerr error
-	var c net.PacketConn
-	switch family {
-	case syscall.AF_INET, syscall.AF_INET6:
-		s, err := syscall.Socket(family, syscall.SOCK_DGRAM, proto)
-		if err != nil {
-			return nil, os.NewSyscallError("socket", err)
-		}
-		defer syscall.Close(s)
-		if runtime.GOOS == "darwin" && family == syscall.AF_INET {
-			if err := syscall.SetsockoptInt(s, iana.ProtocolIP, sysIP_STRIPHDR, 1); err != nil {
-				return nil, os.NewSyscallError("setsockopt", err)
-			}
-		}
-		sa, err := sockaddr(family, address)
-		if err != nil {
-			return nil, err
-		}
-		if err := syscall.Bind(s, sa); err != nil {
-			return nil, os.NewSyscallError("bind", err)
-		}
-		f := os.NewFile(uintptr(s), "datagram-oriented icmp")
-		defer f.Close()
-		c, cerr = net.FilePacketConn(f)
-	default:
-		c, cerr = net.ListenPacket(network, address)
-	}
-	if cerr != nil {
-		return nil, cerr
-	}
-	switch proto {
-	case iana.ProtocolICMP:
-		return &PacketConn{c: c, p4: ipv4.NewPacketConn(c)}, nil
-	case iana.ProtocolIPv6ICMP:
-		return &PacketConn{c: c, p6: ipv6.NewPacketConn(c)}, nil
-	default:
-		return &PacketConn{c: c}, nil
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/listen_stub.go b/vendor/golang.org/x/net/icmp/listen_stub.go
deleted file mode 100644
index 668728d1..00000000
--- a/vendor/golang.org/x/net/icmp/listen_stub.go
+++ /dev/null
@@ -1,33 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9
-
-package icmp
-
-// ListenPacket listens for incoming ICMP packets addressed to
-// address. See net.Dial for the syntax of address.
-//
-// For non-privileged datagram-oriented ICMP endpoints, network must
-// be "udp4" or "udp6". The endpoint allows to read, write a few
-// limited ICMP messages such as echo request and echo reply.
-// Currently only Darwin and Linux support this.
-//
-// Examples:
-//	ListenPacket("udp4", "192.168.0.1")
-//	ListenPacket("udp4", "0.0.0.0")
-//	ListenPacket("udp6", "fe80::1%en0")
-//	ListenPacket("udp6", "::")
-//
-// For privileged raw ICMP endpoints, network must be "ip4" or "ip6"
-// followed by a colon and an ICMP protocol number or name.
-//
-// Examples:
-//	ListenPacket("ip4:icmp", "192.168.0.1")
-//	ListenPacket("ip4:1", "0.0.0.0")
-//	ListenPacket("ip6:ipv6-icmp", "fe80::1%en0")
-//	ListenPacket("ip6:58", "::")
-func ListenPacket(network, address string) (*PacketConn, error) {
-	return nil, errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/icmp/message.go b/vendor/golang.org/x/net/icmp/message.go
deleted file mode 100644
index 42d6df2c..00000000
--- a/vendor/golang.org/x/net/icmp/message.go
+++ /dev/null
@@ -1,150 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package icmp provides basic functions for the manipulation of
-// messages used in the Internet Control Message Protocols,
-// ICMPv4 and ICMPv6.
-//
-// ICMPv4 and ICMPv6 are defined in RFC 792 and RFC 4443.
-// Multi-part message support for ICMP is defined in RFC 4884.
-// ICMP extensions for MPLS are defined in RFC 4950.
-// ICMP extensions for interface and next-hop identification are
-// defined in RFC 5837.
-package icmp // import "golang.org/x/net/icmp"
-
-import (
-	"encoding/binary"
-	"errors"
-	"net"
-	"syscall"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-var (
-	errMessageTooShort  = errors.New("message too short")
-	errHeaderTooShort   = errors.New("header too short")
-	errBufferTooShort   = errors.New("buffer too short")
-	errOpNoSupport      = errors.New("operation not supported")
-	errNoExtension      = errors.New("no extension")
-	errInvalidExtension = errors.New("invalid extension")
-)
-
-func checksum(b []byte) uint16 {
-	csumcv := len(b) - 1 // checksum coverage
-	s := uint32(0)
-	for i := 0; i < csumcv; i += 2 {
-		s += uint32(b[i+1])<<8 | uint32(b[i])
-	}
-	if csumcv&1 == 0 {
-		s += uint32(b[csumcv])
-	}
-	s = s>>16 + s&0xffff
-	s = s + s>>16
-	return ^uint16(s)
-}
-
-// A Type represents an ICMP message type.
-type Type interface {
-	Protocol() int
-}
-
-// A Message represents an ICMP message.
-type Message struct {
-	Type     Type        // type, either ipv4.ICMPType or ipv6.ICMPType
-	Code     int         // code
-	Checksum int         // checksum
-	Body     MessageBody // body
-}
-
-// Marshal returns the binary encoding of the ICMP message m.
-//
-// For an ICMPv4 message, the returned message always contains the
-// calculated checksum field.
-//
-// For an ICMPv6 message, the returned message contains the calculated
-// checksum field when psh is not nil, otherwise the kernel will
-// compute the checksum field during the message transmission.
-// When psh is not nil, it must be the pseudo header for IPv6.
-func (m *Message) Marshal(psh []byte) ([]byte, error) {
-	var mtype int
-	switch typ := m.Type.(type) {
-	case ipv4.ICMPType:
-		mtype = int(typ)
-	case ipv6.ICMPType:
-		mtype = int(typ)
-	default:
-		return nil, syscall.EINVAL
-	}
-	b := []byte{byte(mtype), byte(m.Code), 0, 0}
-	if m.Type.Protocol() == iana.ProtocolIPv6ICMP && psh != nil {
-		b = append(psh, b...)
-	}
-	if m.Body != nil && m.Body.Len(m.Type.Protocol()) != 0 {
-		mb, err := m.Body.Marshal(m.Type.Protocol())
-		if err != nil {
-			return nil, err
-		}
-		b = append(b, mb...)
-	}
-	if m.Type.Protocol() == iana.ProtocolIPv6ICMP {
-		if psh == nil { // cannot calculate checksum here
-			return b, nil
-		}
-		off, l := 2*net.IPv6len, len(b)-len(psh)
-		binary.BigEndian.PutUint32(b[off:off+4], uint32(l))
-	}
-	s := checksum(b)
-	// Place checksum back in header; using ^= avoids the
-	// assumption the checksum bytes are zero.
-	b[len(psh)+2] ^= byte(s)
-	b[len(psh)+3] ^= byte(s >> 8)
-	return b[len(psh):], nil
-}
-
-var parseFns = map[Type]func(int, []byte) (MessageBody, error){
-	ipv4.ICMPTypeDestinationUnreachable: parseDstUnreach,
-	ipv4.ICMPTypeTimeExceeded:           parseTimeExceeded,
-	ipv4.ICMPTypeParameterProblem:       parseParamProb,
-
-	ipv4.ICMPTypeEcho:      parseEcho,
-	ipv4.ICMPTypeEchoReply: parseEcho,
-
-	ipv6.ICMPTypeDestinationUnreachable: parseDstUnreach,
-	ipv6.ICMPTypePacketTooBig:           parsePacketTooBig,
-	ipv6.ICMPTypeTimeExceeded:           parseTimeExceeded,
-	ipv6.ICMPTypeParameterProblem:       parseParamProb,
-
-	ipv6.ICMPTypeEchoRequest: parseEcho,
-	ipv6.ICMPTypeEchoReply:   parseEcho,
-}
-
-// ParseMessage parses b as an ICMP message.
-// Proto must be either the ICMPv4 or ICMPv6 protocol number.
-func ParseMessage(proto int, b []byte) (*Message, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	var err error
-	m := &Message{Code: int(b[1]), Checksum: int(binary.BigEndian.Uint16(b[2:4]))}
-	switch proto {
-	case iana.ProtocolICMP:
-		m.Type = ipv4.ICMPType(b[0])
-	case iana.ProtocolIPv6ICMP:
-		m.Type = ipv6.ICMPType(b[0])
-	default:
-		return nil, syscall.EINVAL
-	}
-	if fn, ok := parseFns[m.Type]; !ok {
-		m.Body, err = parseDefaultMessageBody(proto, b[4:])
-	} else {
-		m.Body, err = fn(proto, b[4:])
-	}
-	if err != nil {
-		return nil, err
-	}
-	return m, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/message_test.go b/vendor/golang.org/x/net/icmp/message_test.go
deleted file mode 100644
index 5d2605f8..00000000
--- a/vendor/golang.org/x/net/icmp/message_test.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp_test
-
-import (
-	"net"
-	"reflect"
-	"testing"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-var marshalAndParseMessageForIPv4Tests = []icmp.Message{
-	{
-		Type: ipv4.ICMPTypeDestinationUnreachable, Code: 15,
-		Body: &icmp.DstUnreach{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv4.ICMPTypeTimeExceeded, Code: 1,
-		Body: &icmp.TimeExceeded{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv4.ICMPTypeParameterProblem, Code: 2,
-		Body: &icmp.ParamProb{
-			Pointer: 8,
-			Data:    []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv4.ICMPTypeEcho, Code: 0,
-		Body: &icmp.Echo{
-			ID: 1, Seq: 2,
-			Data: []byte("HELLO-R-U-THERE"),
-		},
-	},
-	{
-		Type: ipv4.ICMPTypePhoturis,
-		Body: &icmp.DefaultMessageBody{
-			Data: []byte{0x80, 0x40, 0x20, 0x10},
-		},
-	},
-}
-
-func TestMarshalAndParseMessageForIPv4(t *testing.T) {
-	for i, tt := range marshalAndParseMessageForIPv4Tests {
-		b, err := tt.Marshal(nil)
-		if err != nil {
-			t.Fatal(err)
-		}
-		m, err := icmp.ParseMessage(iana.ProtocolICMP, b)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if m.Type != tt.Type || m.Code != tt.Code {
-			t.Errorf("#%v: got %v; want %v", i, m, &tt)
-		}
-		if !reflect.DeepEqual(m.Body, tt.Body) {
-			t.Errorf("#%v: got %v; want %v", i, m.Body, tt.Body)
-		}
-	}
-}
-
-var marshalAndParseMessageForIPv6Tests = []icmp.Message{
-	{
-		Type: ipv6.ICMPTypeDestinationUnreachable, Code: 6,
-		Body: &icmp.DstUnreach{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv6.ICMPTypePacketTooBig, Code: 0,
-		Body: &icmp.PacketTooBig{
-			MTU:  1<<16 - 1,
-			Data: []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv6.ICMPTypeTimeExceeded, Code: 1,
-		Body: &icmp.TimeExceeded{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv6.ICMPTypeParameterProblem, Code: 2,
-		Body: &icmp.ParamProb{
-			Pointer: 8,
-			Data:    []byte("ERROR-INVOKING-PACKET"),
-		},
-	},
-	{
-		Type: ipv6.ICMPTypeEchoRequest, Code: 0,
-		Body: &icmp.Echo{
-			ID: 1, Seq: 2,
-			Data: []byte("HELLO-R-U-THERE"),
-		},
-	},
-	{
-		Type: ipv6.ICMPTypeDuplicateAddressConfirmation,
-		Body: &icmp.DefaultMessageBody{
-			Data: []byte{0x80, 0x40, 0x20, 0x10},
-		},
-	},
-}
-
-func TestMarshalAndParseMessageForIPv6(t *testing.T) {
-	pshicmp := icmp.IPv6PseudoHeader(net.ParseIP("fe80::1"), net.ParseIP("ff02::1"))
-	for i, tt := range marshalAndParseMessageForIPv6Tests {
-		for _, psh := range [][]byte{pshicmp, nil} {
-			b, err := tt.Marshal(psh)
-			if err != nil {
-				t.Fatal(err)
-			}
-			m, err := icmp.ParseMessage(iana.ProtocolIPv6ICMP, b)
-			if err != nil {
-				t.Fatal(err)
-			}
-			if m.Type != tt.Type || m.Code != tt.Code {
-				t.Errorf("#%v: got %v; want %v", i, m, &tt)
-			}
-			if !reflect.DeepEqual(m.Body, tt.Body) {
-				t.Errorf("#%v: got %v; want %v", i, m.Body, tt.Body)
-			}
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/messagebody.go b/vendor/golang.org/x/net/icmp/messagebody.go
deleted file mode 100644
index 2121a17b..00000000
--- a/vendor/golang.org/x/net/icmp/messagebody.go
+++ /dev/null
@@ -1,41 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-// A MessageBody represents an ICMP message body.
-type MessageBody interface {
-	// Len returns the length of ICMP message body.
-	// Proto must be either the ICMPv4 or ICMPv6 protocol number.
-	Len(proto int) int
-
-	// Marshal returns the binary encoding of ICMP message body.
-	// Proto must be either the ICMPv4 or ICMPv6 protocol number.
-	Marshal(proto int) ([]byte, error)
-}
-
-// A DefaultMessageBody represents the default message body.
-type DefaultMessageBody struct {
-	Data []byte // data
-}
-
-// Len implements the Len method of MessageBody interface.
-func (p *DefaultMessageBody) Len(proto int) int {
-	if p == nil {
-		return 0
-	}
-	return len(p.Data)
-}
-
-// Marshal implements the Marshal method of MessageBody interface.
-func (p *DefaultMessageBody) Marshal(proto int) ([]byte, error) {
-	return p.Data, nil
-}
-
-// parseDefaultMessageBody parses b as an ICMP message body.
-func parseDefaultMessageBody(proto int, b []byte) (MessageBody, error) {
-	p := &DefaultMessageBody{Data: make([]byte, len(b))}
-	copy(p.Data, b)
-	return p, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/mpls.go b/vendor/golang.org/x/net/icmp/mpls.go
deleted file mode 100644
index c3149174..00000000
--- a/vendor/golang.org/x/net/icmp/mpls.go
+++ /dev/null
@@ -1,77 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import "encoding/binary"
-
-// A MPLSLabel represents a MPLS label stack entry.
-type MPLSLabel struct {
-	Label int  // label value
-	TC    int  // traffic class; formerly experimental use
-	S     bool // bottom of stack
-	TTL   int  // time to live
-}
-
-const (
-	classMPLSLabelStack        = 1
-	typeIncomingMPLSLabelStack = 1
-)
-
-// A MPLSLabelStack represents a MPLS label stack.
-type MPLSLabelStack struct {
-	Class  int // extension object class number
-	Type   int // extension object sub-type
-	Labels []MPLSLabel
-}
-
-// Len implements the Len method of Extension interface.
-func (ls *MPLSLabelStack) Len(proto int) int {
-	return 4 + (4 * len(ls.Labels))
-}
-
-// Marshal implements the Marshal method of Extension interface.
-func (ls *MPLSLabelStack) Marshal(proto int) ([]byte, error) {
-	b := make([]byte, ls.Len(proto))
-	if err := ls.marshal(proto, b); err != nil {
-		return nil, err
-	}
-	return b, nil
-}
-
-func (ls *MPLSLabelStack) marshal(proto int, b []byte) error {
-	l := ls.Len(proto)
-	binary.BigEndian.PutUint16(b[:2], uint16(l))
-	b[2], b[3] = classMPLSLabelStack, typeIncomingMPLSLabelStack
-	off := 4
-	for _, ll := range ls.Labels {
-		b[off], b[off+1], b[off+2] = byte(ll.Label>>12), byte(ll.Label>>4&0xff), byte(ll.Label<<4&0xf0)
-		b[off+2] |= byte(ll.TC << 1 & 0x0e)
-		if ll.S {
-			b[off+2] |= 0x1
-		}
-		b[off+3] = byte(ll.TTL)
-		off += 4
-	}
-	return nil
-}
-
-func parseMPLSLabelStack(b []byte) (Extension, error) {
-	ls := &MPLSLabelStack{
-		Class: int(b[2]),
-		Type:  int(b[3]),
-	}
-	for b = b[4:]; len(b) >= 4; b = b[4:] {
-		ll := MPLSLabel{
-			Label: int(b[0])<<12 | int(b[1])<<4 | int(b[2])>>4,
-			TC:    int(b[2]&0x0e) >> 1,
-			TTL:   int(b[3]),
-		}
-		if b[2]&0x1 != 0 {
-			ll.S = true
-		}
-		ls.Labels = append(ls.Labels, ll)
-	}
-	return ls, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/multipart.go b/vendor/golang.org/x/net/icmp/multipart.go
deleted file mode 100644
index f2713566..00000000
--- a/vendor/golang.org/x/net/icmp/multipart.go
+++ /dev/null
@@ -1,109 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import "golang.org/x/net/internal/iana"
-
-// multipartMessageBodyDataLen takes b as an original datagram and
-// exts as extensions, and returns a required length for message body
-// and a required length for a padded original datagram in wire
-// format.
-func multipartMessageBodyDataLen(proto int, b []byte, exts []Extension) (bodyLen, dataLen int) {
-	for _, ext := range exts {
-		bodyLen += ext.Len(proto)
-	}
-	if bodyLen > 0 {
-		dataLen = multipartMessageOrigDatagramLen(proto, b)
-		bodyLen += 4 // length of extension header
-	} else {
-		dataLen = len(b)
-	}
-	bodyLen += dataLen
-	return bodyLen, dataLen
-}
-
-// multipartMessageOrigDatagramLen takes b as an original datagram,
-// and returns a required length for a padded orignal datagram in wire
-// format.
-func multipartMessageOrigDatagramLen(proto int, b []byte) int {
-	roundup := func(b []byte, align int) int {
-		// According to RFC 4884, the padded original datagram
-		// field must contain at least 128 octets.
-		if len(b) < 128 {
-			return 128
-		}
-		r := len(b)
-		return (r + align - 1) & ^(align - 1)
-	}
-	switch proto {
-	case iana.ProtocolICMP:
-		return roundup(b, 4)
-	case iana.ProtocolIPv6ICMP:
-		return roundup(b, 8)
-	default:
-		return len(b)
-	}
-}
-
-// marshalMultipartMessageBody takes data as an original datagram and
-// exts as extesnsions, and returns a binary encoding of message body.
-// It can be used for non-multipart message bodies when exts is nil.
-func marshalMultipartMessageBody(proto int, data []byte, exts []Extension) ([]byte, error) {
-	bodyLen, dataLen := multipartMessageBodyDataLen(proto, data, exts)
-	b := make([]byte, 4+bodyLen)
-	copy(b[4:], data)
-	off := dataLen + 4
-	if len(exts) > 0 {
-		b[dataLen+4] = byte(extensionVersion << 4)
-		off += 4 // length of object header
-		for _, ext := range exts {
-			switch ext := ext.(type) {
-			case *MPLSLabelStack:
-				if err := ext.marshal(proto, b[off:]); err != nil {
-					return nil, err
-				}
-				off += ext.Len(proto)
-			case *InterfaceInfo:
-				attrs, l := ext.attrsAndLen(proto)
-				if err := ext.marshal(proto, b[off:], attrs, l); err != nil {
-					return nil, err
-				}
-				off += ext.Len(proto)
-			}
-		}
-		s := checksum(b[dataLen+4:])
-		b[dataLen+4+2] ^= byte(s)
-		b[dataLen+4+3] ^= byte(s >> 8)
-		switch proto {
-		case iana.ProtocolICMP:
-			b[1] = byte(dataLen / 4)
-		case iana.ProtocolIPv6ICMP:
-			b[0] = byte(dataLen / 8)
-		}
-	}
-	return b, nil
-}
-
-// parseMultipartMessageBody parses b as either a non-multipart
-// message body or a multipart message body.
-func parseMultipartMessageBody(proto int, b []byte) ([]byte, []Extension, error) {
-	var l int
-	switch proto {
-	case iana.ProtocolICMP:
-		l = 4 * int(b[1])
-	case iana.ProtocolIPv6ICMP:
-		l = 8 * int(b[0])
-	}
-	if len(b) == 4 {
-		return nil, nil, nil
-	}
-	exts, l, err := parseExtensions(b[4:], l)
-	if err != nil {
-		l = len(b) - 4
-	}
-	data := make([]byte, l)
-	copy(data, b[4:])
-	return data, exts, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/multipart_test.go b/vendor/golang.org/x/net/icmp/multipart_test.go
deleted file mode 100644
index 966ccb8d..00000000
--- a/vendor/golang.org/x/net/icmp/multipart_test.go
+++ /dev/null
@@ -1,442 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp_test
-
-import (
-	"fmt"
-	"net"
-	"reflect"
-	"testing"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-var marshalAndParseMultipartMessageForIPv4Tests = []icmp.Message{
-	{
-		Type: ipv4.ICMPTypeDestinationUnreachable, Code: 15,
-		Body: &icmp.DstUnreach{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{
-					Class: 1,
-					Type:  1,
-					Labels: []icmp.MPLSLabel{
-						{
-							Label: 16014,
-							TC:    0x4,
-							S:     true,
-							TTL:   255,
-						},
-					},
-				},
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x0f,
-					Interface: &net.Interface{
-						Index: 15,
-						Name:  "en101",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP: net.IPv4(192, 168, 0, 1).To4(),
-					},
-				},
-			},
-		},
-	},
-	{
-		Type: ipv4.ICMPTypeTimeExceeded, Code: 1,
-		Body: &icmp.TimeExceeded{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-			Extensions: []icmp.Extension{
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x0f,
-					Interface: &net.Interface{
-						Index: 15,
-						Name:  "en101",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP: net.IPv4(192, 168, 0, 1).To4(),
-					},
-				},
-				&icmp.MPLSLabelStack{
-					Class: 1,
-					Type:  1,
-					Labels: []icmp.MPLSLabel{
-						{
-							Label: 16014,
-							TC:    0x4,
-							S:     true,
-							TTL:   255,
-						},
-					},
-				},
-			},
-		},
-	},
-	{
-		Type: ipv4.ICMPTypeParameterProblem, Code: 2,
-		Body: &icmp.ParamProb{
-			Pointer: 8,
-			Data:    []byte("ERROR-INVOKING-PACKET"),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{
-					Class: 1,
-					Type:  1,
-					Labels: []icmp.MPLSLabel{
-						{
-							Label: 16014,
-							TC:    0x4,
-							S:     true,
-							TTL:   255,
-						},
-					},
-				},
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x0f,
-					Interface: &net.Interface{
-						Index: 15,
-						Name:  "en101",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP: net.IPv4(192, 168, 0, 1).To4(),
-					},
-				},
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x2f,
-					Interface: &net.Interface{
-						Index: 16,
-						Name:  "en102",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP: net.IPv4(192, 168, 0, 2).To4(),
-					},
-				},
-			},
-		},
-	},
-}
-
-func TestMarshalAndParseMultipartMessageForIPv4(t *testing.T) {
-	for i, tt := range marshalAndParseMultipartMessageForIPv4Tests {
-		b, err := tt.Marshal(nil)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if b[5] != 32 {
-			t.Errorf("#%v: got %v; want 32", i, b[5])
-		}
-		m, err := icmp.ParseMessage(iana.ProtocolICMP, b)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if m.Type != tt.Type || m.Code != tt.Code {
-			t.Errorf("#%v: got %v; want %v", i, m, &tt)
-		}
-		switch m.Type {
-		case ipv4.ICMPTypeDestinationUnreachable:
-			got, want := m.Body.(*icmp.DstUnreach), tt.Body.(*icmp.DstUnreach)
-			if !reflect.DeepEqual(got.Extensions, want.Extensions) {
-				t.Error(dumpExtensions(i, got.Extensions, want.Extensions))
-			}
-			if len(got.Data) != 128 {
-				t.Errorf("#%v: got %v; want 128", i, len(got.Data))
-			}
-		case ipv4.ICMPTypeTimeExceeded:
-			got, want := m.Body.(*icmp.TimeExceeded), tt.Body.(*icmp.TimeExceeded)
-			if !reflect.DeepEqual(got.Extensions, want.Extensions) {
-				t.Error(dumpExtensions(i, got.Extensions, want.Extensions))
-			}
-			if len(got.Data) != 128 {
-				t.Errorf("#%v: got %v; want 128", i, len(got.Data))
-			}
-		case ipv4.ICMPTypeParameterProblem:
-			got, want := m.Body.(*icmp.ParamProb), tt.Body.(*icmp.ParamProb)
-			if !reflect.DeepEqual(got.Extensions, want.Extensions) {
-				t.Error(dumpExtensions(i, got.Extensions, want.Extensions))
-			}
-			if len(got.Data) != 128 {
-				t.Errorf("#%v: got %v; want 128", i, len(got.Data))
-			}
-		}
-	}
-}
-
-var marshalAndParseMultipartMessageForIPv6Tests = []icmp.Message{
-	{
-		Type: ipv6.ICMPTypeDestinationUnreachable, Code: 6,
-		Body: &icmp.DstUnreach{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{
-					Class: 1,
-					Type:  1,
-					Labels: []icmp.MPLSLabel{
-						{
-							Label: 16014,
-							TC:    0x4,
-							S:     true,
-							TTL:   255,
-						},
-					},
-				},
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x0f,
-					Interface: &net.Interface{
-						Index: 15,
-						Name:  "en101",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP:   net.ParseIP("fe80::1"),
-						Zone: "en101",
-					},
-				},
-			},
-		},
-	},
-	{
-		Type: ipv6.ICMPTypeTimeExceeded, Code: 1,
-		Body: &icmp.TimeExceeded{
-			Data: []byte("ERROR-INVOKING-PACKET"),
-			Extensions: []icmp.Extension{
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x0f,
-					Interface: &net.Interface{
-						Index: 15,
-						Name:  "en101",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP:   net.ParseIP("fe80::1"),
-						Zone: "en101",
-					},
-				},
-				&icmp.MPLSLabelStack{
-					Class: 1,
-					Type:  1,
-					Labels: []icmp.MPLSLabel{
-						{
-							Label: 16014,
-							TC:    0x4,
-							S:     true,
-							TTL:   255,
-						},
-					},
-				},
-				&icmp.InterfaceInfo{
-					Class: 2,
-					Type:  0x2f,
-					Interface: &net.Interface{
-						Index: 16,
-						Name:  "en102",
-						MTU:   8192,
-					},
-					Addr: &net.IPAddr{
-						IP:   net.ParseIP("fe80::1"),
-						Zone: "en102",
-					},
-				},
-			},
-		},
-	},
-}
-
-func TestMarshalAndParseMultipartMessageForIPv6(t *testing.T) {
-	pshicmp := icmp.IPv6PseudoHeader(net.ParseIP("fe80::1"), net.ParseIP("ff02::1"))
-	for i, tt := range marshalAndParseMultipartMessageForIPv6Tests {
-		for _, psh := range [][]byte{pshicmp, nil} {
-			b, err := tt.Marshal(psh)
-			if err != nil {
-				t.Fatal(err)
-			}
-			if b[4] != 16 {
-				t.Errorf("#%v: got %v; want 16", i, b[4])
-			}
-			m, err := icmp.ParseMessage(iana.ProtocolIPv6ICMP, b)
-			if err != nil {
-				t.Fatal(err)
-			}
-			if m.Type != tt.Type || m.Code != tt.Code {
-				t.Errorf("#%v: got %v; want %v", i, m, &tt)
-			}
-			switch m.Type {
-			case ipv6.ICMPTypeDestinationUnreachable:
-				got, want := m.Body.(*icmp.DstUnreach), tt.Body.(*icmp.DstUnreach)
-				if !reflect.DeepEqual(got.Extensions, want.Extensions) {
-					t.Error(dumpExtensions(i, got.Extensions, want.Extensions))
-				}
-				if len(got.Data) != 128 {
-					t.Errorf("#%v: got %v; want 128", i, len(got.Data))
-				}
-			case ipv6.ICMPTypeTimeExceeded:
-				got, want := m.Body.(*icmp.TimeExceeded), tt.Body.(*icmp.TimeExceeded)
-				if !reflect.DeepEqual(got.Extensions, want.Extensions) {
-					t.Error(dumpExtensions(i, got.Extensions, want.Extensions))
-				}
-				if len(got.Data) != 128 {
-					t.Errorf("#%v: got %v; want 128", i, len(got.Data))
-				}
-			}
-		}
-	}
-}
-
-func dumpExtensions(i int, gotExts, wantExts []icmp.Extension) string {
-	var s string
-	for j, got := range gotExts {
-		switch got := got.(type) {
-		case *icmp.MPLSLabelStack:
-			want := wantExts[j].(*icmp.MPLSLabelStack)
-			if !reflect.DeepEqual(got, want) {
-				s += fmt.Sprintf("#%v/%v: got %#v; want %#v\n", i, j, got, want)
-			}
-		case *icmp.InterfaceInfo:
-			want := wantExts[j].(*icmp.InterfaceInfo)
-			if !reflect.DeepEqual(got, want) {
-				s += fmt.Sprintf("#%v/%v: got %#v, %#v, %#v; want %#v, %#v, %#v\n", i, j, got, got.Interface, got.Addr, want, want.Interface, want.Addr)
-			}
-		}
-	}
-	return s[:len(s)-1]
-}
-
-var multipartMessageBodyLenTests = []struct {
-	proto int
-	in    icmp.MessageBody
-	out   int
-}{
-	{
-		iana.ProtocolICMP,
-		&icmp.DstUnreach{
-			Data: make([]byte, ipv4.HeaderLen),
-		},
-		4 + ipv4.HeaderLen, // unused and original datagram
-	},
-	{
-		iana.ProtocolICMP,
-		&icmp.TimeExceeded{
-			Data: make([]byte, ipv4.HeaderLen),
-		},
-		4 + ipv4.HeaderLen, // unused and original datagram
-	},
-	{
-		iana.ProtocolICMP,
-		&icmp.ParamProb{
-			Data: make([]byte, ipv4.HeaderLen),
-		},
-		4 + ipv4.HeaderLen, // [pointer, unused] and original datagram
-	},
-
-	{
-		iana.ProtocolICMP,
-		&icmp.ParamProb{
-			Data: make([]byte, ipv4.HeaderLen),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{},
-			},
-		},
-		4 + 4 + 4 + 0 + 128, // [pointer, length, unused], extension header, object header, object payload, original datagram
-	},
-	{
-		iana.ProtocolICMP,
-		&icmp.ParamProb{
-			Data: make([]byte, 128),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{},
-			},
-		},
-		4 + 4 + 4 + 0 + 128, // [pointer, length, unused], extension header, object header, object payload and original datagram
-	},
-	{
-		iana.ProtocolICMP,
-		&icmp.ParamProb{
-			Data: make([]byte, 129),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{},
-			},
-		},
-		4 + 4 + 4 + 0 + 132, // [pointer, length, unused], extension header, object header, object payload and original datagram
-	},
-
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.DstUnreach{
-			Data: make([]byte, ipv6.HeaderLen),
-		},
-		4 + ipv6.HeaderLen, // unused and original datagram
-	},
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.PacketTooBig{
-			Data: make([]byte, ipv6.HeaderLen),
-		},
-		4 + ipv6.HeaderLen, // mtu and original datagram
-	},
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.TimeExceeded{
-			Data: make([]byte, ipv6.HeaderLen),
-		},
-		4 + ipv6.HeaderLen, // unused and original datagram
-	},
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.ParamProb{
-			Data: make([]byte, ipv6.HeaderLen),
-		},
-		4 + ipv6.HeaderLen, // pointer and original datagram
-	},
-
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.DstUnreach{
-			Data: make([]byte, 127),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{},
-			},
-		},
-		4 + 4 + 4 + 0 + 128, // [length, unused], extension header, object header, object payload and original datagram
-	},
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.DstUnreach{
-			Data: make([]byte, 128),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{},
-			},
-		},
-		4 + 4 + 4 + 0 + 128, // [length, unused], extension header, object header, object payload and original datagram
-	},
-	{
-		iana.ProtocolIPv6ICMP,
-		&icmp.DstUnreach{
-			Data: make([]byte, 129),
-			Extensions: []icmp.Extension{
-				&icmp.MPLSLabelStack{},
-			},
-		},
-		4 + 4 + 4 + 0 + 136, // [length, unused], extension header, object header, object payload and original datagram
-	},
-}
-
-func TestMultipartMessageBodyLen(t *testing.T) {
-	for i, tt := range multipartMessageBodyLenTests {
-		if out := tt.in.Len(tt.proto); out != tt.out {
-			t.Errorf("#%d: got %d; want %d", i, out, tt.out)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/packettoobig.go b/vendor/golang.org/x/net/icmp/packettoobig.go
deleted file mode 100644
index a1c9df7b..00000000
--- a/vendor/golang.org/x/net/icmp/packettoobig.go
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import "encoding/binary"
-
-// A PacketTooBig represents an ICMP packet too big message body.
-type PacketTooBig struct {
-	MTU  int    // maximum transmission unit of the nexthop link
-	Data []byte // data, known as original datagram field
-}
-
-// Len implements the Len method of MessageBody interface.
-func (p *PacketTooBig) Len(proto int) int {
-	if p == nil {
-		return 0
-	}
-	return 4 + len(p.Data)
-}
-
-// Marshal implements the Marshal method of MessageBody interface.
-func (p *PacketTooBig) Marshal(proto int) ([]byte, error) {
-	b := make([]byte, 4+len(p.Data))
-	binary.BigEndian.PutUint32(b[:4], uint32(p.MTU))
-	copy(b[4:], p.Data)
-	return b, nil
-}
-
-// parsePacketTooBig parses b as an ICMP packet too big message body.
-func parsePacketTooBig(proto int, b []byte) (MessageBody, error) {
-	bodyLen := len(b)
-	if bodyLen < 4 {
-		return nil, errMessageTooShort
-	}
-	p := &PacketTooBig{MTU: int(binary.BigEndian.Uint32(b[:4]))}
-	if bodyLen > 4 {
-		p.Data = make([]byte, bodyLen-4)
-		copy(p.Data, b[4:])
-	}
-	return p, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/paramprob.go b/vendor/golang.org/x/net/icmp/paramprob.go
deleted file mode 100644
index 0a2548da..00000000
--- a/vendor/golang.org/x/net/icmp/paramprob.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import (
-	"encoding/binary"
-	"golang.org/x/net/internal/iana"
-)
-
-// A ParamProb represents an ICMP parameter problem message body.
-type ParamProb struct {
-	Pointer    uintptr     // offset within the data where the error was detected
-	Data       []byte      // data, known as original datagram field
-	Extensions []Extension // extensions
-}
-
-// Len implements the Len method of MessageBody interface.
-func (p *ParamProb) Len(proto int) int {
-	if p == nil {
-		return 0
-	}
-	l, _ := multipartMessageBodyDataLen(proto, p.Data, p.Extensions)
-	return 4 + l
-}
-
-// Marshal implements the Marshal method of MessageBody interface.
-func (p *ParamProb) Marshal(proto int) ([]byte, error) {
-	if proto == iana.ProtocolIPv6ICMP {
-		b := make([]byte, p.Len(proto))
-		binary.BigEndian.PutUint32(b[:4], uint32(p.Pointer))
-		copy(b[4:], p.Data)
-		return b, nil
-	}
-	b, err := marshalMultipartMessageBody(proto, p.Data, p.Extensions)
-	if err != nil {
-		return nil, err
-	}
-	b[0] = byte(p.Pointer)
-	return b, nil
-}
-
-// parseParamProb parses b as an ICMP parameter problem message body.
-func parseParamProb(proto int, b []byte) (MessageBody, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	p := &ParamProb{}
-	if proto == iana.ProtocolIPv6ICMP {
-		p.Pointer = uintptr(binary.BigEndian.Uint32(b[:4]))
-		p.Data = make([]byte, len(b)-4)
-		copy(p.Data, b[4:])
-		return p, nil
-	}
-	p.Pointer = uintptr(b[0])
-	var err error
-	p.Data, p.Extensions, err = parseMultipartMessageBody(proto, b)
-	if err != nil {
-		return nil, err
-	}
-	return p, nil
-}
diff --git a/vendor/golang.org/x/net/icmp/ping_test.go b/vendor/golang.org/x/net/icmp/ping_test.go
deleted file mode 100644
index 4ec26928..00000000
--- a/vendor/golang.org/x/net/icmp/ping_test.go
+++ /dev/null
@@ -1,166 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp_test
-
-import (
-	"errors"
-	"fmt"
-	"net"
-	"os"
-	"runtime"
-	"testing"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-	"golang.org/x/net/ipv6"
-)
-
-func googleAddr(c *icmp.PacketConn, protocol int) (net.Addr, error) {
-	const host = "www.google.com"
-	ips, err := net.LookupIP(host)
-	if err != nil {
-		return nil, err
-	}
-	netaddr := func(ip net.IP) (net.Addr, error) {
-		switch c.LocalAddr().(type) {
-		case *net.UDPAddr:
-			return &net.UDPAddr{IP: ip}, nil
-		case *net.IPAddr:
-			return &net.IPAddr{IP: ip}, nil
-		default:
-			return nil, errors.New("neither UDPAddr nor IPAddr")
-		}
-	}
-	for _, ip := range ips {
-		switch protocol {
-		case iana.ProtocolICMP:
-			if ip.To4() != nil {
-				return netaddr(ip)
-			}
-		case iana.ProtocolIPv6ICMP:
-			if ip.To16() != nil && ip.To4() == nil {
-				return netaddr(ip)
-			}
-		}
-	}
-	return nil, errors.New("no A or AAAA record")
-}
-
-type pingTest struct {
-	network, address string
-	protocol         int
-	mtype            icmp.Type
-}
-
-var nonPrivilegedPingTests = []pingTest{
-	{"udp4", "0.0.0.0", iana.ProtocolICMP, ipv4.ICMPTypeEcho},
-
-	{"udp6", "::", iana.ProtocolIPv6ICMP, ipv6.ICMPTypeEchoRequest},
-}
-
-func TestNonPrivilegedPing(t *testing.T) {
-	if testing.Short() {
-		t.Skip("avoid external network")
-	}
-	switch runtime.GOOS {
-	case "darwin":
-	case "linux":
-		t.Log("you may need to adjust the net.ipv4.ping_group_range kernel state")
-	default:
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-
-	for i, tt := range nonPrivilegedPingTests {
-		if err := doPing(tt, i); err != nil {
-			t.Error(err)
-		}
-	}
-}
-
-var privilegedPingTests = []pingTest{
-	{"ip4:icmp", "0.0.0.0", iana.ProtocolICMP, ipv4.ICMPTypeEcho},
-
-	{"ip6:ipv6-icmp", "::", iana.ProtocolIPv6ICMP, ipv6.ICMPTypeEchoRequest},
-}
-
-func TestPrivilegedPing(t *testing.T) {
-	if testing.Short() {
-		t.Skip("avoid external network")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	for i, tt := range privilegedPingTests {
-		if err := doPing(tt, i); err != nil {
-			t.Error(err)
-		}
-	}
-}
-
-func doPing(tt pingTest, seq int) error {
-	c, err := icmp.ListenPacket(tt.network, tt.address)
-	if err != nil {
-		return err
-	}
-	defer c.Close()
-
-	dst, err := googleAddr(c, tt.protocol)
-	if err != nil {
-		return err
-	}
-
-	if tt.network != "udp6" && tt.protocol == iana.ProtocolIPv6ICMP {
-		var f ipv6.ICMPFilter
-		f.SetAll(true)
-		f.Accept(ipv6.ICMPTypeDestinationUnreachable)
-		f.Accept(ipv6.ICMPTypePacketTooBig)
-		f.Accept(ipv6.ICMPTypeTimeExceeded)
-		f.Accept(ipv6.ICMPTypeParameterProblem)
-		f.Accept(ipv6.ICMPTypeEchoReply)
-		if err := c.IPv6PacketConn().SetICMPFilter(&f); err != nil {
-			return err
-		}
-	}
-
-	wm := icmp.Message{
-		Type: tt.mtype, Code: 0,
-		Body: &icmp.Echo{
-			ID: os.Getpid() & 0xffff, Seq: 1 << uint(seq),
-			Data: []byte("HELLO-R-U-THERE"),
-		},
-	}
-	wb, err := wm.Marshal(nil)
-	if err != nil {
-		return err
-	}
-	if n, err := c.WriteTo(wb, dst); err != nil {
-		return err
-	} else if n != len(wb) {
-		return fmt.Errorf("got %v; want %v", n, len(wb))
-	}
-
-	rb := make([]byte, 1500)
-	if err := c.SetReadDeadline(time.Now().Add(3 * time.Second)); err != nil {
-		return err
-	}
-	n, peer, err := c.ReadFrom(rb)
-	if err != nil {
-		return err
-	}
-	rm, err := icmp.ParseMessage(tt.protocol, rb[:n])
-	if err != nil {
-		return err
-	}
-	switch rm.Type {
-	case ipv4.ICMPTypeEchoReply, ipv6.ICMPTypeEchoReply:
-		return nil
-	default:
-		return fmt.Errorf("got %+v from %v; want echo reply", rm, peer)
-	}
-}
diff --git a/vendor/golang.org/x/net/icmp/sys_freebsd.go b/vendor/golang.org/x/net/icmp/sys_freebsd.go
deleted file mode 100644
index c75f3dda..00000000
--- a/vendor/golang.org/x/net/icmp/sys_freebsd.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-import "syscall"
-
-func init() {
-	freebsdVersion, _ = syscall.SysctlUint32("kern.osreldate")
-}
diff --git a/vendor/golang.org/x/net/icmp/timeexceeded.go b/vendor/golang.org/x/net/icmp/timeexceeded.go
deleted file mode 100644
index 344e1584..00000000
--- a/vendor/golang.org/x/net/icmp/timeexceeded.go
+++ /dev/null
@@ -1,39 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package icmp
-
-// A TimeExceeded represents an ICMP time exceeded message body.
-type TimeExceeded struct {
-	Data       []byte      // data, known as original datagram field
-	Extensions []Extension // extensions
-}
-
-// Len implements the Len method of MessageBody interface.
-func (p *TimeExceeded) Len(proto int) int {
-	if p == nil {
-		return 0
-	}
-	l, _ := multipartMessageBodyDataLen(proto, p.Data, p.Extensions)
-	return 4 + l
-}
-
-// Marshal implements the Marshal method of MessageBody interface.
-func (p *TimeExceeded) Marshal(proto int) ([]byte, error) {
-	return marshalMultipartMessageBody(proto, p.Data, p.Extensions)
-}
-
-// parseTimeExceeded parses b as an ICMP time exceeded message body.
-func parseTimeExceeded(proto int, b []byte) (MessageBody, error) {
-	if len(b) < 4 {
-		return nil, errMessageTooShort
-	}
-	p := &TimeExceeded{}
-	var err error
-	p.Data, p.Extensions, err = parseMultipartMessageBody(proto, b)
-	if err != nil {
-		return nil, err
-	}
-	return p, nil
-}
diff --git a/vendor/golang.org/x/net/idna/idna.go b/vendor/golang.org/x/net/idna/idna.go
deleted file mode 100644
index 3daa8979..00000000
--- a/vendor/golang.org/x/net/idna/idna.go
+++ /dev/null
@@ -1,68 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package idna implements IDNA2008 (Internationalized Domain Names for
-// Applications), defined in RFC 5890, RFC 5891, RFC 5892, RFC 5893 and
-// RFC 5894.
-package idna // import "golang.org/x/net/idna"
-
-import (
-	"strings"
-	"unicode/utf8"
-)
-
-// TODO(nigeltao): specify when errors occur. For example, is ToASCII(".") or
-// ToASCII("foo\x00") an error? See also http://www.unicode.org/faq/idn.html#11
-
-// acePrefix is the ASCII Compatible Encoding prefix.
-const acePrefix = "xn--"
-
-// ToASCII converts a domain or domain label to its ASCII form. For example,
-// ToASCII("bücher.example.com") is "xn--bcher-kva.example.com", and
-// ToASCII("golang") is "golang".
-func ToASCII(s string) (string, error) {
-	if ascii(s) {
-		return s, nil
-	}
-	labels := strings.Split(s, ".")
-	for i, label := range labels {
-		if !ascii(label) {
-			a, err := encode(acePrefix, label)
-			if err != nil {
-				return "", err
-			}
-			labels[i] = a
-		}
-	}
-	return strings.Join(labels, "."), nil
-}
-
-// ToUnicode converts a domain or domain label to its Unicode form. For example,
-// ToUnicode("xn--bcher-kva.example.com") is "bücher.example.com", and
-// ToUnicode("golang") is "golang".
-func ToUnicode(s string) (string, error) {
-	if !strings.Contains(s, acePrefix) {
-		return s, nil
-	}
-	labels := strings.Split(s, ".")
-	for i, label := range labels {
-		if strings.HasPrefix(label, acePrefix) {
-			u, err := decode(label[len(acePrefix):])
-			if err != nil {
-				return "", err
-			}
-			labels[i] = u
-		}
-	}
-	return strings.Join(labels, "."), nil
-}
-
-func ascii(s string) bool {
-	for i := 0; i < len(s); i++ {
-		if s[i] >= utf8.RuneSelf {
-			return false
-		}
-	}
-	return true
-}
diff --git a/vendor/golang.org/x/net/idna/idna_test.go b/vendor/golang.org/x/net/idna/idna_test.go
deleted file mode 100644
index b1bc6fa2..00000000
--- a/vendor/golang.org/x/net/idna/idna_test.go
+++ /dev/null
@@ -1,43 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package idna
-
-import (
-	"testing"
-)
-
-var idnaTestCases = [...]struct {
-	ascii, unicode string
-}{
-	// Labels.
-	{"books", "books"},
-	{"xn--bcher-kva", "bücher"},
-
-	// Domains.
-	{"foo--xn--bar.org", "foo--xn--bar.org"},
-	{"golang.org", "golang.org"},
-	{"example.xn--p1ai", "example.рф"},
-	{"xn--czrw28b.tw", "商業.tw"},
-	{"www.xn--mller-kva.de", "www.müller.de"},
-}
-
-func TestIDNA(t *testing.T) {
-	for _, tc := range idnaTestCases {
-		if a, err := ToASCII(tc.unicode); err != nil {
-			t.Errorf("ToASCII(%q): %v", tc.unicode, err)
-		} else if a != tc.ascii {
-			t.Errorf("ToASCII(%q): got %q, want %q", tc.unicode, a, tc.ascii)
-		}
-
-		if u, err := ToUnicode(tc.ascii); err != nil {
-			t.Errorf("ToUnicode(%q): %v", tc.ascii, err)
-		} else if u != tc.unicode {
-			t.Errorf("ToUnicode(%q): got %q, want %q", tc.ascii, u, tc.unicode)
-		}
-	}
-}
-
-// TODO(nigeltao): test errors, once we've specified when ToASCII and ToUnicode
-// return errors.
diff --git a/vendor/golang.org/x/net/idna/punycode.go b/vendor/golang.org/x/net/idna/punycode.go
deleted file mode 100644
index 92e733f6..00000000
--- a/vendor/golang.org/x/net/idna/punycode.go
+++ /dev/null
@@ -1,200 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package idna
-
-// This file implements the Punycode algorithm from RFC 3492.
-
-import (
-	"fmt"
-	"math"
-	"strings"
-	"unicode/utf8"
-)
-
-// These parameter values are specified in section 5.
-//
-// All computation is done with int32s, so that overflow behavior is identical
-// regardless of whether int is 32-bit or 64-bit.
-const (
-	base        int32 = 36
-	damp        int32 = 700
-	initialBias int32 = 72
-	initialN    int32 = 128
-	skew        int32 = 38
-	tmax        int32 = 26
-	tmin        int32 = 1
-)
-
-// decode decodes a string as specified in section 6.2.
-func decode(encoded string) (string, error) {
-	if encoded == "" {
-		return "", nil
-	}
-	pos := 1 + strings.LastIndex(encoded, "-")
-	if pos == 1 {
-		return "", fmt.Errorf("idna: invalid label %q", encoded)
-	}
-	if pos == len(encoded) {
-		return encoded[:len(encoded)-1], nil
-	}
-	output := make([]rune, 0, len(encoded))
-	if pos != 0 {
-		for _, r := range encoded[:pos-1] {
-			output = append(output, r)
-		}
-	}
-	i, n, bias := int32(0), initialN, initialBias
-	for pos < len(encoded) {
-		oldI, w := i, int32(1)
-		for k := base; ; k += base {
-			if pos == len(encoded) {
-				return "", fmt.Errorf("idna: invalid label %q", encoded)
-			}
-			digit, ok := decodeDigit(encoded[pos])
-			if !ok {
-				return "", fmt.Errorf("idna: invalid label %q", encoded)
-			}
-			pos++
-			i += digit * w
-			if i < 0 {
-				return "", fmt.Errorf("idna: invalid label %q", encoded)
-			}
-			t := k - bias
-			if t < tmin {
-				t = tmin
-			} else if t > tmax {
-				t = tmax
-			}
-			if digit < t {
-				break
-			}
-			w *= base - t
-			if w >= math.MaxInt32/base {
-				return "", fmt.Errorf("idna: invalid label %q", encoded)
-			}
-		}
-		x := int32(len(output) + 1)
-		bias = adapt(i-oldI, x, oldI == 0)
-		n += i / x
-		i %= x
-		if n > utf8.MaxRune || len(output) >= 1024 {
-			return "", fmt.Errorf("idna: invalid label %q", encoded)
-		}
-		output = append(output, 0)
-		copy(output[i+1:], output[i:])
-		output[i] = n
-		i++
-	}
-	return string(output), nil
-}
-
-// encode encodes a string as specified in section 6.3 and prepends prefix to
-// the result.
-//
-// The "while h < length(input)" line in the specification becomes "for
-// remaining != 0" in the Go code, because len(s) in Go is in bytes, not runes.
-func encode(prefix, s string) (string, error) {
-	output := make([]byte, len(prefix), len(prefix)+1+2*len(s))
-	copy(output, prefix)
-	delta, n, bias := int32(0), initialN, initialBias
-	b, remaining := int32(0), int32(0)
-	for _, r := range s {
-		if r < 0x80 {
-			b++
-			output = append(output, byte(r))
-		} else {
-			remaining++
-		}
-	}
-	h := b
-	if b > 0 {
-		output = append(output, '-')
-	}
-	for remaining != 0 {
-		m := int32(0x7fffffff)
-		for _, r := range s {
-			if m > r && r >= n {
-				m = r
-			}
-		}
-		delta += (m - n) * (h + 1)
-		if delta < 0 {
-			return "", fmt.Errorf("idna: invalid label %q", s)
-		}
-		n = m
-		for _, r := range s {
-			if r < n {
-				delta++
-				if delta < 0 {
-					return "", fmt.Errorf("idna: invalid label %q", s)
-				}
-				continue
-			}
-			if r > n {
-				continue
-			}
-			q := delta
-			for k := base; ; k += base {
-				t := k - bias
-				if t < tmin {
-					t = tmin
-				} else if t > tmax {
-					t = tmax
-				}
-				if q < t {
-					break
-				}
-				output = append(output, encodeDigit(t+(q-t)%(base-t)))
-				q = (q - t) / (base - t)
-			}
-			output = append(output, encodeDigit(q))
-			bias = adapt(delta, h+1, h == b)
-			delta = 0
-			h++
-			remaining--
-		}
-		delta++
-		n++
-	}
-	return string(output), nil
-}
-
-func decodeDigit(x byte) (digit int32, ok bool) {
-	switch {
-	case '0' <= x && x <= '9':
-		return int32(x - ('0' - 26)), true
-	case 'A' <= x && x <= 'Z':
-		return int32(x - 'A'), true
-	case 'a' <= x && x <= 'z':
-		return int32(x - 'a'), true
-	}
-	return 0, false
-}
-
-func encodeDigit(digit int32) byte {
-	switch {
-	case 0 <= digit && digit < 26:
-		return byte(digit + 'a')
-	case 26 <= digit && digit < 36:
-		return byte(digit + ('0' - 26))
-	}
-	panic("idna: internal error in punycode encoding")
-}
-
-// adapt is the bias adaptation function specified in section 6.1.
-func adapt(delta, numPoints int32, firstTime bool) int32 {
-	if firstTime {
-		delta /= damp
-	} else {
-		delta /= 2
-	}
-	delta += delta / numPoints
-	k := int32(0)
-	for delta > ((base-tmin)*tmax)/2 {
-		delta /= base - tmin
-		k += base
-	}
-	return k + (base-tmin+1)*delta/(delta+skew)
-}
diff --git a/vendor/golang.org/x/net/idna/punycode_test.go b/vendor/golang.org/x/net/idna/punycode_test.go
deleted file mode 100644
index bfec81de..00000000
--- a/vendor/golang.org/x/net/idna/punycode_test.go
+++ /dev/null
@@ -1,198 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package idna
-
-import (
-	"strings"
-	"testing"
-)
-
-var punycodeTestCases = [...]struct {
-	s, encoded string
-}{
-	{"", ""},
-	{"-", "--"},
-	{"-a", "-a-"},
-	{"-a-", "-a--"},
-	{"a", "a-"},
-	{"a-", "a--"},
-	{"a-b", "a-b-"},
-	{"books", "books-"},
-	{"bücher", "bcher-kva"},
-	{"Hello世界", "Hello-ck1hg65u"},
-	{"ü", "tda"},
-	{"üý", "tdac"},
-
-	// The test cases below come from RFC 3492 section 7.1 with Errata 3026.
-	{
-		// (A) Arabic (Egyptian).
-		"\u0644\u064A\u0647\u0645\u0627\u0628\u062A\u0643\u0644" +
-			"\u0645\u0648\u0634\u0639\u0631\u0628\u064A\u061F",
-		"egbpdaj6bu4bxfgehfvwxn",
-	},
-	{
-		// (B) Chinese (simplified).
-		"\u4ED6\u4EEC\u4E3A\u4EC0\u4E48\u4E0D\u8BF4\u4E2D\u6587",
-		"ihqwcrb4cv8a8dqg056pqjye",
-	},
-	{
-		// (C) Chinese (traditional).
-		"\u4ED6\u5011\u7232\u4EC0\u9EBD\u4E0D\u8AAA\u4E2D\u6587",
-		"ihqwctvzc91f659drss3x8bo0yb",
-	},
-	{
-		// (D) Czech.
-		"\u0050\u0072\u006F\u010D\u0070\u0072\u006F\u0073\u0074" +
-			"\u011B\u006E\u0065\u006D\u006C\u0075\u0076\u00ED\u010D" +
-			"\u0065\u0073\u006B\u0079",
-		"Proprostnemluvesky-uyb24dma41a",
-	},
-	{
-		// (E) Hebrew.
-		"\u05DC\u05DE\u05D4\u05D4\u05DD\u05E4\u05E9\u05D5\u05D8" +
-			"\u05DC\u05D0\u05DE\u05D3\u05D1\u05E8\u05D9\u05DD\u05E2" +
-			"\u05D1\u05E8\u05D9\u05EA",
-		"4dbcagdahymbxekheh6e0a7fei0b",
-	},
-	{
-		// (F) Hindi (Devanagari).
-		"\u092F\u0939\u0932\u094B\u0917\u0939\u093F\u0928\u094D" +
-			"\u0926\u0940\u0915\u094D\u092F\u094B\u0902\u0928\u0939" +
-			"\u0940\u0902\u092C\u094B\u0932\u0938\u0915\u0924\u0947" +
-			"\u0939\u0948\u0902",
-		"i1baa7eci9glrd9b2ae1bj0hfcgg6iyaf8o0a1dig0cd",
-	},
-	{
-		// (G) Japanese (kanji and hiragana).
-		"\u306A\u305C\u307F\u3093\u306A\u65E5\u672C\u8A9E\u3092" +
-			"\u8A71\u3057\u3066\u304F\u308C\u306A\u3044\u306E\u304B",
-		"n8jok5ay5dzabd5bym9f0cm5685rrjetr6pdxa",
-	},
-	{
-		// (H) Korean (Hangul syllables).
-		"\uC138\uACC4\uC758\uBAA8\uB4E0\uC0AC\uB78C\uB4E4\uC774" +
-			"\uD55C\uAD6D\uC5B4\uB97C\uC774\uD574\uD55C\uB2E4\uBA74" +
-			"\uC5BC\uB9C8\uB098\uC88B\uC744\uAE4C",
-		"989aomsvi5e83db1d2a355cv1e0vak1dwrv93d5xbh15a0dt30a5j" +
-			"psd879ccm6fea98c",
-	},
-	{
-		// (I) Russian (Cyrillic).
-		"\u043F\u043E\u0447\u0435\u043C\u0443\u0436\u0435\u043E" +
-			"\u043D\u0438\u043D\u0435\u0433\u043E\u0432\u043E\u0440" +
-			"\u044F\u0442\u043F\u043E\u0440\u0443\u0441\u0441\u043A" +
-			"\u0438",
-		"b1abfaaepdrnnbgefbadotcwatmq2g4l",
-	},
-	{
-		// (J) Spanish.
-		"\u0050\u006F\u0072\u0071\u0075\u00E9\u006E\u006F\u0070" +
-			"\u0075\u0065\u0064\u0065\u006E\u0073\u0069\u006D\u0070" +
-			"\u006C\u0065\u006D\u0065\u006E\u0074\u0065\u0068\u0061" +
-			"\u0062\u006C\u0061\u0072\u0065\u006E\u0045\u0073\u0070" +
-			"\u0061\u00F1\u006F\u006C",
-		"PorqunopuedensimplementehablarenEspaol-fmd56a",
-	},
-	{
-		// (K) Vietnamese.
-		"\u0054\u1EA1\u0069\u0073\u0061\u006F\u0068\u1ECD\u006B" +
-			"\u0068\u00F4\u006E\u0067\u0074\u0068\u1EC3\u0063\u0068" +
-			"\u1EC9\u006E\u00F3\u0069\u0074\u0069\u1EBF\u006E\u0067" +
-			"\u0056\u0069\u1EC7\u0074",
-		"TisaohkhngthchnitingVit-kjcr8268qyxafd2f1b9g",
-	},
-	{
-		// (L) 3B.
-		"\u0033\u5E74\u0042\u7D44\u91D1\u516B\u5148\u751F",
-		"3B-ww4c5e180e575a65lsy2b",
-	},
-	{
-		// (M) -with-SUPER-MONKEYS.
-		"\u5B89\u5BA4\u5948\u7F8E\u6075\u002D\u0077\u0069\u0074" +
-			"\u0068\u002D\u0053\u0055\u0050\u0045\u0052\u002D\u004D" +
-			"\u004F\u004E\u004B\u0045\u0059\u0053",
-		"-with-SUPER-MONKEYS-pc58ag80a8qai00g7n9n",
-	},
-	{
-		// (N) Hello-Another-Way-.
-		"\u0048\u0065\u006C\u006C\u006F\u002D\u0041\u006E\u006F" +
-			"\u0074\u0068\u0065\u0072\u002D\u0057\u0061\u0079\u002D" +
-			"\u305D\u308C\u305E\u308C\u306E\u5834\u6240",
-		"Hello-Another-Way--fc4qua05auwb3674vfr0b",
-	},
-	{
-		// (O) 2.
-		"\u3072\u3068\u3064\u5C4B\u6839\u306E\u4E0B\u0032",
-		"2-u9tlzr9756bt3uc0v",
-	},
-	{
-		// (P) MajiKoi5
-		"\u004D\u0061\u006A\u0069\u3067\u004B\u006F\u0069\u3059" +
-			"\u308B\u0035\u79D2\u524D",
-		"MajiKoi5-783gue6qz075azm5e",
-	},
-	{
-		// (Q) de
-		"\u30D1\u30D5\u30A3\u30FC\u0064\u0065\u30EB\u30F3\u30D0",
-		"de-jg4avhby1noc0d",
-	},
-	{
-		// (R) 
-		"\u305D\u306E\u30B9\u30D4\u30FC\u30C9\u3067",
-		"d9juau41awczczp",
-	},
-	{
-		// (S) -> $1.00 <-
-		"\u002D\u003E\u0020\u0024\u0031\u002E\u0030\u0030\u0020" +
-			"\u003C\u002D",
-		"-> $1.00 <--",
-	},
-}
-
-func TestPunycode(t *testing.T) {
-	for _, tc := range punycodeTestCases {
-		if got, err := decode(tc.encoded); err != nil {
-			t.Errorf("decode(%q): %v", tc.encoded, err)
-		} else if got != tc.s {
-			t.Errorf("decode(%q): got %q, want %q", tc.encoded, got, tc.s)
-		}
-
-		if got, err := encode("", tc.s); err != nil {
-			t.Errorf(`encode("", %q): %v`, tc.s, err)
-		} else if got != tc.encoded {
-			t.Errorf(`encode("", %q): got %q, want %q`, tc.s, got, tc.encoded)
-		}
-	}
-}
-
-var punycodeErrorTestCases = [...]string{
-	"decode -",            // A sole '-' is invalid.
-	"decode foo\x00bar",   // '\x00' is not in [0-9A-Za-z].
-	"decode foo#bar",      // '#' is not in [0-9A-Za-z].
-	"decode foo\u00A3bar", // '\u00A3' is not in [0-9A-Za-z].
-	"decode 9",            // "9a" decodes to codepoint \u00A3; "9" is truncated.
-	"decode 99999a",       // "99999a" decodes to codepoint \U0048A3C1, which is > \U0010FFFF.
-	"decode 9999999999a",  // "9999999999a" overflows the int32 calculation.
-
-	"encode " + strings.Repeat("x", 65536) + "\uff00", // int32 overflow.
-}
-
-func TestPunycodeErrors(t *testing.T) {
-	for _, tc := range punycodeErrorTestCases {
-		var err error
-		switch {
-		case strings.HasPrefix(tc, "decode "):
-			_, err = decode(tc[7:])
-		case strings.HasPrefix(tc, "encode "):
-			_, err = encode("", tc[7:])
-		}
-		if err == nil {
-			if len(tc) > 256 {
-				tc = tc[:100] + "..." + tc[len(tc)-100:]
-			}
-			t.Errorf("no error for %s", tc)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/internal/iana/const.go b/vendor/golang.org/x/net/internal/iana/const.go
deleted file mode 100644
index 3438a27c..00000000
--- a/vendor/golang.org/x/net/internal/iana/const.go
+++ /dev/null
@@ -1,180 +0,0 @@
-// go generate gen.go
-// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT
-
-// Package iana provides protocol number resources managed by the Internet Assigned Numbers Authority (IANA).
-package iana // import "golang.org/x/net/internal/iana"
-
-// Differentiated Services Field Codepoints (DSCP), Updated: 2013-06-25
-const (
-	DiffServCS0        = 0x0  // CS0
-	DiffServCS1        = 0x20 // CS1
-	DiffServCS2        = 0x40 // CS2
-	DiffServCS3        = 0x60 // CS3
-	DiffServCS4        = 0x80 // CS4
-	DiffServCS5        = 0xa0 // CS5
-	DiffServCS6        = 0xc0 // CS6
-	DiffServCS7        = 0xe0 // CS7
-	DiffServAF11       = 0x28 // AF11
-	DiffServAF12       = 0x30 // AF12
-	DiffServAF13       = 0x38 // AF13
-	DiffServAF21       = 0x48 // AF21
-	DiffServAF22       = 0x50 // AF22
-	DiffServAF23       = 0x58 // AF23
-	DiffServAF31       = 0x68 // AF31
-	DiffServAF32       = 0x70 // AF32
-	DiffServAF33       = 0x78 // AF33
-	DiffServAF41       = 0x88 // AF41
-	DiffServAF42       = 0x90 // AF42
-	DiffServAF43       = 0x98 // AF43
-	DiffServEFPHB      = 0xb8 // EF PHB
-	DiffServVOICEADMIT = 0xb0 // VOICE-ADMIT
-)
-
-// IPv4 TOS Byte and IPv6 Traffic Class Octet, Updated: 2001-09-06
-const (
-	NotECNTransport       = 0x0 // Not-ECT (Not ECN-Capable Transport)
-	ECNTransport1         = 0x1 // ECT(1) (ECN-Capable Transport(1))
-	ECNTransport0         = 0x2 // ECT(0) (ECN-Capable Transport(0))
-	CongestionExperienced = 0x3 // CE (Congestion Experienced)
-)
-
-// Protocol Numbers, Updated: 2015-10-06
-const (
-	ProtocolIP             = 0   // IPv4 encapsulation, pseudo protocol number
-	ProtocolHOPOPT         = 0   // IPv6 Hop-by-Hop Option
-	ProtocolICMP           = 1   // Internet Control Message
-	ProtocolIGMP           = 2   // Internet Group Management
-	ProtocolGGP            = 3   // Gateway-to-Gateway
-	ProtocolIPv4           = 4   // IPv4 encapsulation
-	ProtocolST             = 5   // Stream
-	ProtocolTCP            = 6   // Transmission Control
-	ProtocolCBT            = 7   // CBT
-	ProtocolEGP            = 8   // Exterior Gateway Protocol
-	ProtocolIGP            = 9   // any private interior gateway (used by Cisco for their IGRP)
-	ProtocolBBNRCCMON      = 10  // BBN RCC Monitoring
-	ProtocolNVPII          = 11  // Network Voice Protocol
-	ProtocolPUP            = 12  // PUP
-	ProtocolEMCON          = 14  // EMCON
-	ProtocolXNET           = 15  // Cross Net Debugger
-	ProtocolCHAOS          = 16  // Chaos
-	ProtocolUDP            = 17  // User Datagram
-	ProtocolMUX            = 18  // Multiplexing
-	ProtocolDCNMEAS        = 19  // DCN Measurement Subsystems
-	ProtocolHMP            = 20  // Host Monitoring
-	ProtocolPRM            = 21  // Packet Radio Measurement
-	ProtocolXNSIDP         = 22  // XEROX NS IDP
-	ProtocolTRUNK1         = 23  // Trunk-1
-	ProtocolTRUNK2         = 24  // Trunk-2
-	ProtocolLEAF1          = 25  // Leaf-1
-	ProtocolLEAF2          = 26  // Leaf-2
-	ProtocolRDP            = 27  // Reliable Data Protocol
-	ProtocolIRTP           = 28  // Internet Reliable Transaction
-	ProtocolISOTP4         = 29  // ISO Transport Protocol Class 4
-	ProtocolNETBLT         = 30  // Bulk Data Transfer Protocol
-	ProtocolMFENSP         = 31  // MFE Network Services Protocol
-	ProtocolMERITINP       = 32  // MERIT Internodal Protocol
-	ProtocolDCCP           = 33  // Datagram Congestion Control Protocol
-	Protocol3PC            = 34  // Third Party Connect Protocol
-	ProtocolIDPR           = 35  // Inter-Domain Policy Routing Protocol
-	ProtocolXTP            = 36  // XTP
-	ProtocolDDP            = 37  // Datagram Delivery Protocol
-	ProtocolIDPRCMTP       = 38  // IDPR Control Message Transport Proto
-	ProtocolTPPP           = 39  // TP++ Transport Protocol
-	ProtocolIL             = 40  // IL Transport Protocol
-	ProtocolIPv6           = 41  // IPv6 encapsulation
-	ProtocolSDRP           = 42  // Source Demand Routing Protocol
-	ProtocolIPv6Route      = 43  // Routing Header for IPv6
-	ProtocolIPv6Frag       = 44  // Fragment Header for IPv6
-	ProtocolIDRP           = 45  // Inter-Domain Routing Protocol
-	ProtocolRSVP           = 46  // Reservation Protocol
-	ProtocolGRE            = 47  // Generic Routing Encapsulation
-	ProtocolDSR            = 48  // Dynamic Source Routing Protocol
-	ProtocolBNA            = 49  // BNA
-	ProtocolESP            = 50  // Encap Security Payload
-	ProtocolAH             = 51  // Authentication Header
-	ProtocolINLSP          = 52  // Integrated Net Layer Security  TUBA
-	ProtocolNARP           = 54  // NBMA Address Resolution Protocol
-	ProtocolMOBILE         = 55  // IP Mobility
-	ProtocolTLSP           = 56  // Transport Layer Security Protocol using Kryptonet key management
-	ProtocolSKIP           = 57  // SKIP
-	ProtocolIPv6ICMP       = 58  // ICMP for IPv6
-	ProtocolIPv6NoNxt      = 59  // No Next Header for IPv6
-	ProtocolIPv6Opts       = 60  // Destination Options for IPv6
-	ProtocolCFTP           = 62  // CFTP
-	ProtocolSATEXPAK       = 64  // SATNET and Backroom EXPAK
-	ProtocolKRYPTOLAN      = 65  // Kryptolan
-	ProtocolRVD            = 66  // MIT Remote Virtual Disk Protocol
-	ProtocolIPPC           = 67  // Internet Pluribus Packet Core
-	ProtocolSATMON         = 69  // SATNET Monitoring
-	ProtocolVISA           = 70  // VISA Protocol
-	ProtocolIPCV           = 71  // Internet Packet Core Utility
-	ProtocolCPNX           = 72  // Computer Protocol Network Executive
-	ProtocolCPHB           = 73  // Computer Protocol Heart Beat
-	ProtocolWSN            = 74  // Wang Span Network
-	ProtocolPVP            = 75  // Packet Video Protocol
-	ProtocolBRSATMON       = 76  // Backroom SATNET Monitoring
-	ProtocolSUNND          = 77  // SUN ND PROTOCOL-Temporary
-	ProtocolWBMON          = 78  // WIDEBAND Monitoring
-	ProtocolWBEXPAK        = 79  // WIDEBAND EXPAK
-	ProtocolISOIP          = 80  // ISO Internet Protocol
-	ProtocolVMTP           = 81  // VMTP
-	ProtocolSECUREVMTP     = 82  // SECURE-VMTP
-	ProtocolVINES          = 83  // VINES
-	ProtocolTTP            = 84  // Transaction Transport Protocol
-	ProtocolIPTM           = 84  // Internet Protocol Traffic Manager
-	ProtocolNSFNETIGP      = 85  // NSFNET-IGP
-	ProtocolDGP            = 86  // Dissimilar Gateway Protocol
-	ProtocolTCF            = 87  // TCF
-	ProtocolEIGRP          = 88  // EIGRP
-	ProtocolOSPFIGP        = 89  // OSPFIGP
-	ProtocolSpriteRPC      = 90  // Sprite RPC Protocol
-	ProtocolLARP           = 91  // Locus Address Resolution Protocol
-	ProtocolMTP            = 92  // Multicast Transport Protocol
-	ProtocolAX25           = 93  // AX.25 Frames
-	ProtocolIPIP           = 94  // IP-within-IP Encapsulation Protocol
-	ProtocolSCCSP          = 96  // Semaphore Communications Sec. Pro.
-	ProtocolETHERIP        = 97  // Ethernet-within-IP Encapsulation
-	ProtocolENCAP          = 98  // Encapsulation Header
-	ProtocolGMTP           = 100 // GMTP
-	ProtocolIFMP           = 101 // Ipsilon Flow Management Protocol
-	ProtocolPNNI           = 102 // PNNI over IP
-	ProtocolPIM            = 103 // Protocol Independent Multicast
-	ProtocolARIS           = 104 // ARIS
-	ProtocolSCPS           = 105 // SCPS
-	ProtocolQNX            = 106 // QNX
-	ProtocolAN             = 107 // Active Networks
-	ProtocolIPComp         = 108 // IP Payload Compression Protocol
-	ProtocolSNP            = 109 // Sitara Networks Protocol
-	ProtocolCompaqPeer     = 110 // Compaq Peer Protocol
-	ProtocolIPXinIP        = 111 // IPX in IP
-	ProtocolVRRP           = 112 // Virtual Router Redundancy Protocol
-	ProtocolPGM            = 113 // PGM Reliable Transport Protocol
-	ProtocolL2TP           = 115 // Layer Two Tunneling Protocol
-	ProtocolDDX            = 116 // D-II Data Exchange (DDX)
-	ProtocolIATP           = 117 // Interactive Agent Transfer Protocol
-	ProtocolSTP            = 118 // Schedule Transfer Protocol
-	ProtocolSRP            = 119 // SpectraLink Radio Protocol
-	ProtocolUTI            = 120 // UTI
-	ProtocolSMP            = 121 // Simple Message Protocol
-	ProtocolPTP            = 123 // Performance Transparency Protocol
-	ProtocolISIS           = 124 // ISIS over IPv4
-	ProtocolFIRE           = 125 // FIRE
-	ProtocolCRTP           = 126 // Combat Radio Transport Protocol
-	ProtocolCRUDP          = 127 // Combat Radio User Datagram
-	ProtocolSSCOPMCE       = 128 // SSCOPMCE
-	ProtocolIPLT           = 129 // IPLT
-	ProtocolSPS            = 130 // Secure Packet Shield
-	ProtocolPIPE           = 131 // Private IP Encapsulation within IP
-	ProtocolSCTP           = 132 // Stream Control Transmission Protocol
-	ProtocolFC             = 133 // Fibre Channel
-	ProtocolRSVPE2EIGNORE  = 134 // RSVP-E2E-IGNORE
-	ProtocolMobilityHeader = 135 // Mobility Header
-	ProtocolUDPLite        = 136 // UDPLite
-	ProtocolMPLSinIP       = 137 // MPLS-in-IP
-	ProtocolMANET          = 138 // MANET Protocols
-	ProtocolHIP            = 139 // Host Identity Protocol
-	ProtocolShim6          = 140 // Shim6 Protocol
-	ProtocolWESP           = 141 // Wrapped Encapsulating Security Payload
-	ProtocolROHC           = 142 // Robust Header Compression
-	ProtocolReserved       = 255 // Reserved
-)
diff --git a/vendor/golang.org/x/net/internal/iana/gen.go b/vendor/golang.org/x/net/internal/iana/gen.go
deleted file mode 100644
index 2d8c07ca..00000000
--- a/vendor/golang.org/x/net/internal/iana/gen.go
+++ /dev/null
@@ -1,293 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-//go:generate go run gen.go
-
-// This program generates internet protocol constants and tables by
-// reading IANA protocol registries.
-package main
-
-import (
-	"bytes"
-	"encoding/xml"
-	"fmt"
-	"go/format"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"os"
-	"strconv"
-	"strings"
-)
-
-var registries = []struct {
-	url   string
-	parse func(io.Writer, io.Reader) error
-}{
-	{
-		"http://www.iana.org/assignments/dscp-registry/dscp-registry.xml",
-		parseDSCPRegistry,
-	},
-	{
-		"http://www.iana.org/assignments/ipv4-tos-byte/ipv4-tos-byte.xml",
-		parseTOSTCByte,
-	},
-	{
-		"http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xml",
-		parseProtocolNumbers,
-	},
-}
-
-func main() {
-	var bb bytes.Buffer
-	fmt.Fprintf(&bb, "// go generate gen.go\n")
-	fmt.Fprintf(&bb, "// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT\n\n")
-	fmt.Fprintf(&bb, "// Package iana provides protocol number resources managed by the Internet Assigned Numbers Authority (IANA).\n")
-	fmt.Fprintf(&bb, `package iana // import "golang.org/x/net/internal/iana"`+"\n\n")
-	for _, r := range registries {
-		resp, err := http.Get(r.url)
-		if err != nil {
-			fmt.Fprintln(os.Stderr, err)
-			os.Exit(1)
-		}
-		defer resp.Body.Close()
-		if resp.StatusCode != http.StatusOK {
-			fmt.Fprintf(os.Stderr, "got HTTP status code %v for %v\n", resp.StatusCode, r.url)
-			os.Exit(1)
-		}
-		if err := r.parse(&bb, resp.Body); err != nil {
-			fmt.Fprintln(os.Stderr, err)
-			os.Exit(1)
-		}
-		fmt.Fprintf(&bb, "\n")
-	}
-	b, err := format.Source(bb.Bytes())
-	if err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-	if err := ioutil.WriteFile("const.go", b, 0644); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-}
-
-func parseDSCPRegistry(w io.Writer, r io.Reader) error {
-	dec := xml.NewDecoder(r)
-	var dr dscpRegistry
-	if err := dec.Decode(&dr); err != nil {
-		return err
-	}
-	drs := dr.escape()
-	fmt.Fprintf(w, "// %s, Updated: %s\n", dr.Title, dr.Updated)
-	fmt.Fprintf(w, "const (\n")
-	for _, dr := range drs {
-		fmt.Fprintf(w, "DiffServ%s = %#x", dr.Name, dr.Value)
-		fmt.Fprintf(w, "// %s\n", dr.OrigName)
-	}
-	fmt.Fprintf(w, ")\n")
-	return nil
-}
-
-type dscpRegistry struct {
-	XMLName     xml.Name `xml:"registry"`
-	Title       string   `xml:"title"`
-	Updated     string   `xml:"updated"`
-	Note        string   `xml:"note"`
-	RegTitle    string   `xml:"registry>title"`
-	PoolRecords []struct {
-		Name  string `xml:"name"`
-		Space string `xml:"space"`
-	} `xml:"registry>record"`
-	Records []struct {
-		Name  string `xml:"name"`
-		Space string `xml:"space"`
-	} `xml:"registry>registry>record"`
-}
-
-type canonDSCPRecord struct {
-	OrigName string
-	Name     string
-	Value    int
-}
-
-func (drr *dscpRegistry) escape() []canonDSCPRecord {
-	drs := make([]canonDSCPRecord, len(drr.Records))
-	sr := strings.NewReplacer(
-		"+", "",
-		"-", "",
-		"/", "",
-		".", "",
-		" ", "",
-	)
-	for i, dr := range drr.Records {
-		s := strings.TrimSpace(dr.Name)
-		drs[i].OrigName = s
-		drs[i].Name = sr.Replace(s)
-		n, err := strconv.ParseUint(dr.Space, 2, 8)
-		if err != nil {
-			continue
-		}
-		drs[i].Value = int(n) << 2
-	}
-	return drs
-}
-
-func parseTOSTCByte(w io.Writer, r io.Reader) error {
-	dec := xml.NewDecoder(r)
-	var ttb tosTCByte
-	if err := dec.Decode(&ttb); err != nil {
-		return err
-	}
-	trs := ttb.escape()
-	fmt.Fprintf(w, "// %s, Updated: %s\n", ttb.Title, ttb.Updated)
-	fmt.Fprintf(w, "const (\n")
-	for _, tr := range trs {
-		fmt.Fprintf(w, "%s = %#x", tr.Keyword, tr.Value)
-		fmt.Fprintf(w, "// %s\n", tr.OrigKeyword)
-	}
-	fmt.Fprintf(w, ")\n")
-	return nil
-}
-
-type tosTCByte struct {
-	XMLName  xml.Name `xml:"registry"`
-	Title    string   `xml:"title"`
-	Updated  string   `xml:"updated"`
-	Note     string   `xml:"note"`
-	RegTitle string   `xml:"registry>title"`
-	Records  []struct {
-		Binary  string `xml:"binary"`
-		Keyword string `xml:"keyword"`
-	} `xml:"registry>record"`
-}
-
-type canonTOSTCByteRecord struct {
-	OrigKeyword string
-	Keyword     string
-	Value       int
-}
-
-func (ttb *tosTCByte) escape() []canonTOSTCByteRecord {
-	trs := make([]canonTOSTCByteRecord, len(ttb.Records))
-	sr := strings.NewReplacer(
-		"Capable", "",
-		"(", "",
-		")", "",
-		"+", "",
-		"-", "",
-		"/", "",
-		".", "",
-		" ", "",
-	)
-	for i, tr := range ttb.Records {
-		s := strings.TrimSpace(tr.Keyword)
-		trs[i].OrigKeyword = s
-		ss := strings.Split(s, " ")
-		if len(ss) > 1 {
-			trs[i].Keyword = strings.Join(ss[1:], " ")
-		} else {
-			trs[i].Keyword = ss[0]
-		}
-		trs[i].Keyword = sr.Replace(trs[i].Keyword)
-		n, err := strconv.ParseUint(tr.Binary, 2, 8)
-		if err != nil {
-			continue
-		}
-		trs[i].Value = int(n)
-	}
-	return trs
-}
-
-func parseProtocolNumbers(w io.Writer, r io.Reader) error {
-	dec := xml.NewDecoder(r)
-	var pn protocolNumbers
-	if err := dec.Decode(&pn); err != nil {
-		return err
-	}
-	prs := pn.escape()
-	prs = append([]canonProtocolRecord{{
-		Name:  "IP",
-		Descr: "IPv4 encapsulation, pseudo protocol number",
-		Value: 0,
-	}}, prs...)
-	fmt.Fprintf(w, "// %s, Updated: %s\n", pn.Title, pn.Updated)
-	fmt.Fprintf(w, "const (\n")
-	for _, pr := range prs {
-		if pr.Name == "" {
-			continue
-		}
-		fmt.Fprintf(w, "Protocol%s = %d", pr.Name, pr.Value)
-		s := pr.Descr
-		if s == "" {
-			s = pr.OrigName
-		}
-		fmt.Fprintf(w, "// %s\n", s)
-	}
-	fmt.Fprintf(w, ")\n")
-	return nil
-}
-
-type protocolNumbers struct {
-	XMLName  xml.Name `xml:"registry"`
-	Title    string   `xml:"title"`
-	Updated  string   `xml:"updated"`
-	RegTitle string   `xml:"registry>title"`
-	Note     string   `xml:"registry>note"`
-	Records  []struct {
-		Value string `xml:"value"`
-		Name  string `xml:"name"`
-		Descr string `xml:"description"`
-	} `xml:"registry>record"`
-}
-
-type canonProtocolRecord struct {
-	OrigName string
-	Name     string
-	Descr    string
-	Value    int
-}
-
-func (pn *protocolNumbers) escape() []canonProtocolRecord {
-	prs := make([]canonProtocolRecord, len(pn.Records))
-	sr := strings.NewReplacer(
-		"-in-", "in",
-		"-within-", "within",
-		"-over-", "over",
-		"+", "P",
-		"-", "",
-		"/", "",
-		".", "",
-		" ", "",
-	)
-	for i, pr := range pn.Records {
-		if strings.Contains(pr.Name, "Deprecated") ||
-			strings.Contains(pr.Name, "deprecated") {
-			continue
-		}
-		prs[i].OrigName = pr.Name
-		s := strings.TrimSpace(pr.Name)
-		switch pr.Name {
-		case "ISIS over IPv4":
-			prs[i].Name = "ISIS"
-		case "manet":
-			prs[i].Name = "MANET"
-		default:
-			prs[i].Name = sr.Replace(s)
-		}
-		ss := strings.Split(pr.Descr, "\n")
-		for i := range ss {
-			ss[i] = strings.TrimSpace(ss[i])
-		}
-		if len(ss) > 1 {
-			prs[i].Descr = strings.Join(ss, " ")
-		} else {
-			prs[i].Descr = ss[0]
-		}
-		prs[i].Value, _ = strconv.Atoi(pr.Value)
-	}
-	return prs
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/error_posix.go b/vendor/golang.org/x/net/internal/nettest/error_posix.go
deleted file mode 100644
index 963ed996..00000000
--- a/vendor/golang.org/x/net/internal/nettest/error_posix.go
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd solaris windows
-
-package nettest
-
-import (
-	"os"
-	"syscall"
-)
-
-func protocolNotSupported(err error) bool {
-	switch err := err.(type) {
-	case syscall.Errno:
-		switch err {
-		case syscall.EPROTONOSUPPORT, syscall.ENOPROTOOPT:
-			return true
-		}
-	case *os.SyscallError:
-		switch err := err.Err.(type) {
-		case syscall.Errno:
-			switch err {
-			case syscall.EPROTONOSUPPORT, syscall.ENOPROTOOPT:
-				return true
-			}
-		}
-	}
-	return false
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/error_stub.go b/vendor/golang.org/x/net/internal/nettest/error_stub.go
deleted file mode 100644
index 3c74d812..00000000
--- a/vendor/golang.org/x/net/internal/nettest/error_stub.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9
-
-package nettest
-
-func protocolNotSupported(err error) bool {
-	return false
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/interface.go b/vendor/golang.org/x/net/internal/nettest/interface.go
deleted file mode 100644
index 53ae13a9..00000000
--- a/vendor/golang.org/x/net/internal/nettest/interface.go
+++ /dev/null
@@ -1,94 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package nettest
-
-import "net"
-
-// IsMulticastCapable reports whether ifi is an IP multicast-capable
-// network interface. Network must be "ip", "ip4" or "ip6".
-func IsMulticastCapable(network string, ifi *net.Interface) (net.IP, bool) {
-	switch network {
-	case "ip", "ip4", "ip6":
-	default:
-		return nil, false
-	}
-	if ifi == nil || ifi.Flags&net.FlagUp == 0 || ifi.Flags&net.FlagMulticast == 0 {
-		return nil, false
-	}
-	return hasRoutableIP(network, ifi)
-}
-
-// RoutedInterface returns a network interface that can route IP
-// traffic and satisfies flags. It returns nil when an appropriate
-// network interface is not found. Network must be "ip", "ip4" or
-// "ip6".
-func RoutedInterface(network string, flags net.Flags) *net.Interface {
-	switch network {
-	case "ip", "ip4", "ip6":
-	default:
-		return nil
-	}
-	ift, err := net.Interfaces()
-	if err != nil {
-		return nil
-	}
-	for _, ifi := range ift {
-		if ifi.Flags&flags != flags {
-			continue
-		}
-		if _, ok := hasRoutableIP(network, &ifi); !ok {
-			continue
-		}
-		return &ifi
-	}
-	return nil
-}
-
-func hasRoutableIP(network string, ifi *net.Interface) (net.IP, bool) {
-	ifat, err := ifi.Addrs()
-	if err != nil {
-		return nil, false
-	}
-	for _, ifa := range ifat {
-		switch ifa := ifa.(type) {
-		case *net.IPAddr:
-			if ip := routableIP(network, ifa.IP); ip != nil {
-				return ip, true
-			}
-		case *net.IPNet:
-			if ip := routableIP(network, ifa.IP); ip != nil {
-				return ip, true
-			}
-		}
-	}
-	return nil, false
-}
-
-func routableIP(network string, ip net.IP) net.IP {
-	if !ip.IsLoopback() && !ip.IsLinkLocalUnicast() && !ip.IsGlobalUnicast() {
-		return nil
-	}
-	switch network {
-	case "ip4":
-		if ip := ip.To4(); ip != nil {
-			return ip
-		}
-	case "ip6":
-		if ip.IsLoopback() { // addressing scope of the loopback address depends on each implementation
-			return nil
-		}
-		if ip := ip.To16(); ip != nil && ip.To4() == nil {
-			return ip
-		}
-	default:
-		if ip := ip.To4(); ip != nil {
-			return ip
-		}
-		if ip := ip.To16(); ip != nil {
-			return ip
-		}
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/rlimit.go b/vendor/golang.org/x/net/internal/nettest/rlimit.go
deleted file mode 100644
index bb34aec0..00000000
--- a/vendor/golang.org/x/net/internal/nettest/rlimit.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package nettest
-
-const defaultMaxOpenFiles = 256
-
-// MaxOpenFiles returns the maximum number of open files for the
-// caller's process.
-func MaxOpenFiles() int { return maxOpenFiles() }
diff --git a/vendor/golang.org/x/net/internal/nettest/rlimit_stub.go b/vendor/golang.org/x/net/internal/nettest/rlimit_stub.go
deleted file mode 100644
index 102bef93..00000000
--- a/vendor/golang.org/x/net/internal/nettest/rlimit_stub.go
+++ /dev/null
@@ -1,9 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9
-
-package nettest
-
-func maxOpenFiles() int { return defaultMaxOpenFiles }
diff --git a/vendor/golang.org/x/net/internal/nettest/rlimit_unix.go b/vendor/golang.org/x/net/internal/nettest/rlimit_unix.go
deleted file mode 100644
index eb4312ce..00000000
--- a/vendor/golang.org/x/net/internal/nettest/rlimit_unix.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd solaris
-
-package nettest
-
-import "syscall"
-
-func maxOpenFiles() int {
-	var rlim syscall.Rlimit
-	if err := syscall.Getrlimit(syscall.RLIMIT_NOFILE, &rlim); err != nil {
-		return defaultMaxOpenFiles
-	}
-	return int(rlim.Cur)
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/rlimit_windows.go b/vendor/golang.org/x/net/internal/nettest/rlimit_windows.go
deleted file mode 100644
index de927b56..00000000
--- a/vendor/golang.org/x/net/internal/nettest/rlimit_windows.go
+++ /dev/null
@@ -1,7 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package nettest
-
-func maxOpenFiles() int { return 4 * defaultMaxOpenFiles /* actually it's 16581375 */ }
diff --git a/vendor/golang.org/x/net/internal/nettest/stack.go b/vendor/golang.org/x/net/internal/nettest/stack.go
deleted file mode 100644
index e07c015f..00000000
--- a/vendor/golang.org/x/net/internal/nettest/stack.go
+++ /dev/null
@@ -1,36 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package nettest provides utilities for IP testing.
-package nettest // import "golang.org/x/net/internal/nettest"
-
-import "net"
-
-// SupportsIPv4 reports whether the platform supports IPv4 networking
-// functionality.
-func SupportsIPv4() bool {
-	ln, err := net.Listen("tcp4", "127.0.0.1:0")
-	if err != nil {
-		return false
-	}
-	ln.Close()
-	return true
-}
-
-// SupportsIPv6 reports whether the platform supports IPv6 networking
-// functionality.
-func SupportsIPv6() bool {
-	ln, err := net.Listen("tcp6", "[::1]:0")
-	if err != nil {
-		return false
-	}
-	ln.Close()
-	return true
-}
-
-// ProtocolNotSupported reports whether err is a protocol not
-// supported error.
-func ProtocolNotSupported(err error) bool {
-	return protocolNotSupported(err)
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/stack_stub.go b/vendor/golang.org/x/net/internal/nettest/stack_stub.go
deleted file mode 100644
index 1b5fde1a..00000000
--- a/vendor/golang.org/x/net/internal/nettest/stack_stub.go
+++ /dev/null
@@ -1,18 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9
-
-package nettest
-
-import (
-	"fmt"
-	"runtime"
-)
-
-// SupportsRawIPSocket reports whether the platform supports raw IP
-// sockets.
-func SupportsRawIPSocket() (string, bool) {
-	return fmt.Sprintf("not supported on %s", runtime.GOOS), false
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/stack_unix.go b/vendor/golang.org/x/net/internal/nettest/stack_unix.go
deleted file mode 100644
index af89229f..00000000
--- a/vendor/golang.org/x/net/internal/nettest/stack_unix.go
+++ /dev/null
@@ -1,22 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd solaris
-
-package nettest
-
-import (
-	"fmt"
-	"os"
-	"runtime"
-)
-
-// SupportsRawIPSocket reports whether the platform supports raw IP
-// sockets.
-func SupportsRawIPSocket() (string, bool) {
-	if os.Getuid() != 0 {
-		return fmt.Sprintf("must be root on %s", runtime.GOOS), false
-	}
-	return "", true
-}
diff --git a/vendor/golang.org/x/net/internal/nettest/stack_windows.go b/vendor/golang.org/x/net/internal/nettest/stack_windows.go
deleted file mode 100644
index a21f4993..00000000
--- a/vendor/golang.org/x/net/internal/nettest/stack_windows.go
+++ /dev/null
@@ -1,32 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package nettest
-
-import (
-	"fmt"
-	"runtime"
-	"syscall"
-)
-
-// SupportsRawIPSocket reports whether the platform supports raw IP
-// sockets.
-func SupportsRawIPSocket() (string, bool) {
-	// From http://msdn.microsoft.com/en-us/library/windows/desktop/ms740548.aspx:
-	// Note: To use a socket of type SOCK_RAW requires administrative privileges.
-	// Users running Winsock applications that use raw sockets must be a member of
-	// the Administrators group on the local computer, otherwise raw socket calls
-	// will fail with an error code of WSAEACCES. On Windows Vista and later, access
-	// for raw sockets is enforced at socket creation. In earlier versions of Windows,
-	// access for raw sockets is enforced during other socket operations.
-	s, err := syscall.Socket(syscall.AF_INET, syscall.SOCK_RAW, 0)
-	if err == syscall.WSAEACCES {
-		return fmt.Sprintf("no access to raw socket allowed on %s", runtime.GOOS), false
-	}
-	if err != nil {
-		return err.Error(), false
-	}
-	syscall.Closesocket(s)
-	return "", true
-}
diff --git a/vendor/golang.org/x/net/internal/timeseries/timeseries.go b/vendor/golang.org/x/net/internal/timeseries/timeseries.go
deleted file mode 100644
index 1119f344..00000000
--- a/vendor/golang.org/x/net/internal/timeseries/timeseries.go
+++ /dev/null
@@ -1,525 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package timeseries implements a time series structure for stats collection.
-package timeseries // import "golang.org/x/net/internal/timeseries"
-
-import (
-	"fmt"
-	"log"
-	"time"
-)
-
-const (
-	timeSeriesNumBuckets       = 64
-	minuteHourSeriesNumBuckets = 60
-)
-
-var timeSeriesResolutions = []time.Duration{
-	1 * time.Second,
-	10 * time.Second,
-	1 * time.Minute,
-	10 * time.Minute,
-	1 * time.Hour,
-	6 * time.Hour,
-	24 * time.Hour,          // 1 day
-	7 * 24 * time.Hour,      // 1 week
-	4 * 7 * 24 * time.Hour,  // 4 weeks
-	16 * 7 * 24 * time.Hour, // 16 weeks
-}
-
-var minuteHourSeriesResolutions = []time.Duration{
-	1 * time.Second,
-	1 * time.Minute,
-}
-
-// An Observable is a kind of data that can be aggregated in a time series.
-type Observable interface {
-	Multiply(ratio float64)    // Multiplies the data in self by a given ratio
-	Add(other Observable)      // Adds the data from a different observation to self
-	Clear()                    // Clears the observation so it can be reused.
-	CopyFrom(other Observable) // Copies the contents of a given observation to self
-}
-
-// Float attaches the methods of Observable to a float64.
-type Float float64
-
-// NewFloat returns a Float.
-func NewFloat() Observable {
-	f := Float(0)
-	return &f
-}
-
-// String returns the float as a string.
-func (f *Float) String() string { return fmt.Sprintf("%g", f.Value()) }
-
-// Value returns the float's value.
-func (f *Float) Value() float64 { return float64(*f) }
-
-func (f *Float) Multiply(ratio float64) { *f *= Float(ratio) }
-
-func (f *Float) Add(other Observable) {
-	o := other.(*Float)
-	*f += *o
-}
-
-func (f *Float) Clear() { *f = 0 }
-
-func (f *Float) CopyFrom(other Observable) {
-	o := other.(*Float)
-	*f = *o
-}
-
-// A Clock tells the current time.
-type Clock interface {
-	Time() time.Time
-}
-
-type defaultClock int
-
-var defaultClockInstance defaultClock
-
-func (defaultClock) Time() time.Time { return time.Now() }
-
-// Information kept per level. Each level consists of a circular list of
-// observations. The start of the level may be derived from end and the
-// len(buckets) * sizeInMillis.
-type tsLevel struct {
-	oldest   int               // index to oldest bucketed Observable
-	newest   int               // index to newest bucketed Observable
-	end      time.Time         // end timestamp for this level
-	size     time.Duration     // duration of the bucketed Observable
-	buckets  []Observable      // collections of observations
-	provider func() Observable // used for creating new Observable
-}
-
-func (l *tsLevel) Clear() {
-	l.oldest = 0
-	l.newest = len(l.buckets) - 1
-	l.end = time.Time{}
-	for i := range l.buckets {
-		if l.buckets[i] != nil {
-			l.buckets[i].Clear()
-			l.buckets[i] = nil
-		}
-	}
-}
-
-func (l *tsLevel) InitLevel(size time.Duration, numBuckets int, f func() Observable) {
-	l.size = size
-	l.provider = f
-	l.buckets = make([]Observable, numBuckets)
-}
-
-// Keeps a sequence of levels. Each level is responsible for storing data at
-// a given resolution. For example, the first level stores data at a one
-// minute resolution while the second level stores data at a one hour
-// resolution.
-
-// Each level is represented by a sequence of buckets. Each bucket spans an
-// interval equal to the resolution of the level. New observations are added
-// to the last bucket.
-type timeSeries struct {
-	provider    func() Observable // make more Observable
-	numBuckets  int               // number of buckets in each level
-	levels      []*tsLevel        // levels of bucketed Observable
-	lastAdd     time.Time         // time of last Observable tracked
-	total       Observable        // convenient aggregation of all Observable
-	clock       Clock             // Clock for getting current time
-	pending     Observable        // observations not yet bucketed
-	pendingTime time.Time         // what time are we keeping in pending
-	dirty       bool              // if there are pending observations
-}
-
-// init initializes a level according to the supplied criteria.
-func (ts *timeSeries) init(resolutions []time.Duration, f func() Observable, numBuckets int, clock Clock) {
-	ts.provider = f
-	ts.numBuckets = numBuckets
-	ts.clock = clock
-	ts.levels = make([]*tsLevel, len(resolutions))
-
-	for i := range resolutions {
-		if i > 0 && resolutions[i-1] >= resolutions[i] {
-			log.Print("timeseries: resolutions must be monotonically increasing")
-			break
-		}
-		newLevel := new(tsLevel)
-		newLevel.InitLevel(resolutions[i], ts.numBuckets, ts.provider)
-		ts.levels[i] = newLevel
-	}
-
-	ts.Clear()
-}
-
-// Clear removes all observations from the time series.
-func (ts *timeSeries) Clear() {
-	ts.lastAdd = time.Time{}
-	ts.total = ts.resetObservation(ts.total)
-	ts.pending = ts.resetObservation(ts.pending)
-	ts.pendingTime = time.Time{}
-	ts.dirty = false
-
-	for i := range ts.levels {
-		ts.levels[i].Clear()
-	}
-}
-
-// Add records an observation at the current time.
-func (ts *timeSeries) Add(observation Observable) {
-	ts.AddWithTime(observation, ts.clock.Time())
-}
-
-// AddWithTime records an observation at the specified time.
-func (ts *timeSeries) AddWithTime(observation Observable, t time.Time) {
-
-	smallBucketDuration := ts.levels[0].size
-
-	if t.After(ts.lastAdd) {
-		ts.lastAdd = t
-	}
-
-	if t.After(ts.pendingTime) {
-		ts.advance(t)
-		ts.mergePendingUpdates()
-		ts.pendingTime = ts.levels[0].end
-		ts.pending.CopyFrom(observation)
-		ts.dirty = true
-	} else if t.After(ts.pendingTime.Add(-1 * smallBucketDuration)) {
-		// The observation is close enough to go into the pending bucket.
-		// This compensates for clock skewing and small scheduling delays
-		// by letting the update stay in the fast path.
-		ts.pending.Add(observation)
-		ts.dirty = true
-	} else {
-		ts.mergeValue(observation, t)
-	}
-}
-
-// mergeValue inserts the observation at the specified time in the past into all levels.
-func (ts *timeSeries) mergeValue(observation Observable, t time.Time) {
-	for _, level := range ts.levels {
-		index := (ts.numBuckets - 1) - int(level.end.Sub(t)/level.size)
-		if 0 <= index && index < ts.numBuckets {
-			bucketNumber := (level.oldest + index) % ts.numBuckets
-			if level.buckets[bucketNumber] == nil {
-				level.buckets[bucketNumber] = level.provider()
-			}
-			level.buckets[bucketNumber].Add(observation)
-		}
-	}
-	ts.total.Add(observation)
-}
-
-// mergePendingUpdates applies the pending updates into all levels.
-func (ts *timeSeries) mergePendingUpdates() {
-	if ts.dirty {
-		ts.mergeValue(ts.pending, ts.pendingTime)
-		ts.pending = ts.resetObservation(ts.pending)
-		ts.dirty = false
-	}
-}
-
-// advance cycles the buckets at each level until the latest bucket in
-// each level can hold the time specified.
-func (ts *timeSeries) advance(t time.Time) {
-	if !t.After(ts.levels[0].end) {
-		return
-	}
-	for i := 0; i < len(ts.levels); i++ {
-		level := ts.levels[i]
-		if !level.end.Before(t) {
-			break
-		}
-
-		// If the time is sufficiently far, just clear the level and advance
-		// directly.
-		if !t.Before(level.end.Add(level.size * time.Duration(ts.numBuckets))) {
-			for _, b := range level.buckets {
-				ts.resetObservation(b)
-			}
-			level.end = time.Unix(0, (t.UnixNano()/level.size.Nanoseconds())*level.size.Nanoseconds())
-		}
-
-		for t.After(level.end) {
-			level.end = level.end.Add(level.size)
-			level.newest = level.oldest
-			level.oldest = (level.oldest + 1) % ts.numBuckets
-			ts.resetObservation(level.buckets[level.newest])
-		}
-
-		t = level.end
-	}
-}
-
-// Latest returns the sum of the num latest buckets from the level.
-func (ts *timeSeries) Latest(level, num int) Observable {
-	now := ts.clock.Time()
-	if ts.levels[0].end.Before(now) {
-		ts.advance(now)
-	}
-
-	ts.mergePendingUpdates()
-
-	result := ts.provider()
-	l := ts.levels[level]
-	index := l.newest
-
-	for i := 0; i < num; i++ {
-		if l.buckets[index] != nil {
-			result.Add(l.buckets[index])
-		}
-		if index == 0 {
-			index = ts.numBuckets
-		}
-		index--
-	}
-
-	return result
-}
-
-// LatestBuckets returns a copy of the num latest buckets from level.
-func (ts *timeSeries) LatestBuckets(level, num int) []Observable {
-	if level < 0 || level > len(ts.levels) {
-		log.Print("timeseries: bad level argument: ", level)
-		return nil
-	}
-	if num < 0 || num >= ts.numBuckets {
-		log.Print("timeseries: bad num argument: ", num)
-		return nil
-	}
-
-	results := make([]Observable, num)
-	now := ts.clock.Time()
-	if ts.levels[0].end.Before(now) {
-		ts.advance(now)
-	}
-
-	ts.mergePendingUpdates()
-
-	l := ts.levels[level]
-	index := l.newest
-
-	for i := 0; i < num; i++ {
-		result := ts.provider()
-		results[i] = result
-		if l.buckets[index] != nil {
-			result.CopyFrom(l.buckets[index])
-		}
-
-		if index == 0 {
-			index = ts.numBuckets
-		}
-		index -= 1
-	}
-	return results
-}
-
-// ScaleBy updates observations by scaling by factor.
-func (ts *timeSeries) ScaleBy(factor float64) {
-	for _, l := range ts.levels {
-		for i := 0; i < ts.numBuckets; i++ {
-			l.buckets[i].Multiply(factor)
-		}
-	}
-
-	ts.total.Multiply(factor)
-	ts.pending.Multiply(factor)
-}
-
-// Range returns the sum of observations added over the specified time range.
-// If start or finish times don't fall on bucket boundaries of the same
-// level, then return values are approximate answers.
-func (ts *timeSeries) Range(start, finish time.Time) Observable {
-	return ts.ComputeRange(start, finish, 1)[0]
-}
-
-// Recent returns the sum of observations from the last delta.
-func (ts *timeSeries) Recent(delta time.Duration) Observable {
-	now := ts.clock.Time()
-	return ts.Range(now.Add(-delta), now)
-}
-
-// Total returns the total of all observations.
-func (ts *timeSeries) Total() Observable {
-	ts.mergePendingUpdates()
-	return ts.total
-}
-
-// ComputeRange computes a specified number of values into a slice using
-// the observations recorded over the specified time period. The return
-// values are approximate if the start or finish times don't fall on the
-// bucket boundaries at the same level or if the number of buckets spanning
-// the range is not an integral multiple of num.
-func (ts *timeSeries) ComputeRange(start, finish time.Time, num int) []Observable {
-	if start.After(finish) {
-		log.Printf("timeseries: start > finish, %v>%v", start, finish)
-		return nil
-	}
-
-	if num < 0 {
-		log.Printf("timeseries: num < 0, %v", num)
-		return nil
-	}
-
-	results := make([]Observable, num)
-
-	for _, l := range ts.levels {
-		if !start.Before(l.end.Add(-l.size * time.Duration(ts.numBuckets))) {
-			ts.extract(l, start, finish, num, results)
-			return results
-		}
-	}
-
-	// Failed to find a level that covers the desired range.  So just
-	// extract from the last level, even if it doesn't cover the entire
-	// desired range.
-	ts.extract(ts.levels[len(ts.levels)-1], start, finish, num, results)
-
-	return results
-}
-
-// RecentList returns the specified number of values in slice over the most
-// recent time period of the specified range.
-func (ts *timeSeries) RecentList(delta time.Duration, num int) []Observable {
-	if delta < 0 {
-		return nil
-	}
-	now := ts.clock.Time()
-	return ts.ComputeRange(now.Add(-delta), now, num)
-}
-
-// extract returns a slice of specified number of observations from a given
-// level over a given range.
-func (ts *timeSeries) extract(l *tsLevel, start, finish time.Time, num int, results []Observable) {
-	ts.mergePendingUpdates()
-
-	srcInterval := l.size
-	dstInterval := finish.Sub(start) / time.Duration(num)
-	dstStart := start
-	srcStart := l.end.Add(-srcInterval * time.Duration(ts.numBuckets))
-
-	srcIndex := 0
-
-	// Where should scanning start?
-	if dstStart.After(srcStart) {
-		advance := dstStart.Sub(srcStart) / srcInterval
-		srcIndex += int(advance)
-		srcStart = srcStart.Add(advance * srcInterval)
-	}
-
-	// The i'th value is computed as show below.
-	// interval = (finish/start)/num
-	// i'th value = sum of observation in range
-	//   [ start + i       * interval,
-	//     start + (i + 1) * interval )
-	for i := 0; i < num; i++ {
-		results[i] = ts.resetObservation(results[i])
-		dstEnd := dstStart.Add(dstInterval)
-		for srcIndex < ts.numBuckets && srcStart.Before(dstEnd) {
-			srcEnd := srcStart.Add(srcInterval)
-			if srcEnd.After(ts.lastAdd) {
-				srcEnd = ts.lastAdd
-			}
-
-			if !srcEnd.Before(dstStart) {
-				srcValue := l.buckets[(srcIndex+l.oldest)%ts.numBuckets]
-				if !srcStart.Before(dstStart) && !srcEnd.After(dstEnd) {
-					// dst completely contains src.
-					if srcValue != nil {
-						results[i].Add(srcValue)
-					}
-				} else {
-					// dst partially overlaps src.
-					overlapStart := maxTime(srcStart, dstStart)
-					overlapEnd := minTime(srcEnd, dstEnd)
-					base := srcEnd.Sub(srcStart)
-					fraction := overlapEnd.Sub(overlapStart).Seconds() / base.Seconds()
-
-					used := ts.provider()
-					if srcValue != nil {
-						used.CopyFrom(srcValue)
-					}
-					used.Multiply(fraction)
-					results[i].Add(used)
-				}
-
-				if srcEnd.After(dstEnd) {
-					break
-				}
-			}
-			srcIndex++
-			srcStart = srcStart.Add(srcInterval)
-		}
-		dstStart = dstStart.Add(dstInterval)
-	}
-}
-
-// resetObservation clears the content so the struct may be reused.
-func (ts *timeSeries) resetObservation(observation Observable) Observable {
-	if observation == nil {
-		observation = ts.provider()
-	} else {
-		observation.Clear()
-	}
-	return observation
-}
-
-// TimeSeries tracks data at granularities from 1 second to 16 weeks.
-type TimeSeries struct {
-	timeSeries
-}
-
-// NewTimeSeries creates a new TimeSeries using the function provided for creating new Observable.
-func NewTimeSeries(f func() Observable) *TimeSeries {
-	return NewTimeSeriesWithClock(f, defaultClockInstance)
-}
-
-// NewTimeSeriesWithClock creates a new TimeSeries using the function provided for creating new Observable and the clock for
-// assigning timestamps.
-func NewTimeSeriesWithClock(f func() Observable, clock Clock) *TimeSeries {
-	ts := new(TimeSeries)
-	ts.timeSeries.init(timeSeriesResolutions, f, timeSeriesNumBuckets, clock)
-	return ts
-}
-
-// MinuteHourSeries tracks data at granularities of 1 minute and 1 hour.
-type MinuteHourSeries struct {
-	timeSeries
-}
-
-// NewMinuteHourSeries creates a new MinuteHourSeries using the function provided for creating new Observable.
-func NewMinuteHourSeries(f func() Observable) *MinuteHourSeries {
-	return NewMinuteHourSeriesWithClock(f, defaultClockInstance)
-}
-
-// NewMinuteHourSeriesWithClock creates a new MinuteHourSeries using the function provided for creating new Observable and the clock for
-// assigning timestamps.
-func NewMinuteHourSeriesWithClock(f func() Observable, clock Clock) *MinuteHourSeries {
-	ts := new(MinuteHourSeries)
-	ts.timeSeries.init(minuteHourSeriesResolutions, f,
-		minuteHourSeriesNumBuckets, clock)
-	return ts
-}
-
-func (ts *MinuteHourSeries) Minute() Observable {
-	return ts.timeSeries.Latest(0, 60)
-}
-
-func (ts *MinuteHourSeries) Hour() Observable {
-	return ts.timeSeries.Latest(1, 60)
-}
-
-func minTime(a, b time.Time) time.Time {
-	if a.Before(b) {
-		return a
-	}
-	return b
-}
-
-func maxTime(a, b time.Time) time.Time {
-	if a.After(b) {
-		return a
-	}
-	return b
-}
diff --git a/vendor/golang.org/x/net/internal/timeseries/timeseries_test.go b/vendor/golang.org/x/net/internal/timeseries/timeseries_test.go
deleted file mode 100644
index 66325a91..00000000
--- a/vendor/golang.org/x/net/internal/timeseries/timeseries_test.go
+++ /dev/null
@@ -1,170 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package timeseries
-
-import (
-	"math"
-	"testing"
-	"time"
-)
-
-func isNear(x *Float, y float64, tolerance float64) bool {
-	return math.Abs(x.Value()-y) < tolerance
-}
-
-func isApproximate(x *Float, y float64) bool {
-	return isNear(x, y, 1e-2)
-}
-
-func checkApproximate(t *testing.T, o Observable, y float64) {
-	x := o.(*Float)
-	if !isApproximate(x, y) {
-		t.Errorf("Wanted %g, got %g", y, x.Value())
-	}
-}
-
-func checkNear(t *testing.T, o Observable, y, tolerance float64) {
-	x := o.(*Float)
-	if !isNear(x, y, tolerance) {
-		t.Errorf("Wanted %g +- %g, got %g", y, tolerance, x.Value())
-	}
-}
-
-var baseTime = time.Date(2013, 1, 1, 0, 0, 0, 0, time.UTC)
-
-func tu(s int64) time.Time {
-	return baseTime.Add(time.Duration(s) * time.Second)
-}
-
-func tu2(s int64, ns int64) time.Time {
-	return baseTime.Add(time.Duration(s)*time.Second + time.Duration(ns)*time.Nanosecond)
-}
-
-func TestBasicTimeSeries(t *testing.T) {
-	ts := NewTimeSeries(NewFloat)
-	fo := new(Float)
-	*fo = Float(10)
-	ts.AddWithTime(fo, tu(1))
-	ts.AddWithTime(fo, tu(1))
-	ts.AddWithTime(fo, tu(1))
-	ts.AddWithTime(fo, tu(1))
-	checkApproximate(t, ts.Range(tu(0), tu(1)), 40)
-	checkApproximate(t, ts.Total(), 40)
-	ts.AddWithTime(fo, tu(3))
-	ts.AddWithTime(fo, tu(3))
-	ts.AddWithTime(fo, tu(3))
-	checkApproximate(t, ts.Range(tu(0), tu(2)), 40)
-	checkApproximate(t, ts.Range(tu(2), tu(4)), 30)
-	checkApproximate(t, ts.Total(), 70)
-	ts.AddWithTime(fo, tu(1))
-	ts.AddWithTime(fo, tu(1))
-	checkApproximate(t, ts.Range(tu(0), tu(2)), 60)
-	checkApproximate(t, ts.Range(tu(2), tu(4)), 30)
-	checkApproximate(t, ts.Total(), 90)
-	*fo = Float(100)
-	ts.AddWithTime(fo, tu(100))
-	checkApproximate(t, ts.Range(tu(99), tu(100)), 100)
-	checkApproximate(t, ts.Range(tu(0), tu(4)), 36)
-	checkApproximate(t, ts.Total(), 190)
-	*fo = Float(10)
-	ts.AddWithTime(fo, tu(1))
-	ts.AddWithTime(fo, tu(1))
-	checkApproximate(t, ts.Range(tu(0), tu(4)), 44)
-	checkApproximate(t, ts.Range(tu(37), tu2(100, 100e6)), 100)
-	checkApproximate(t, ts.Range(tu(50), tu2(100, 100e6)), 100)
-	checkApproximate(t, ts.Range(tu(99), tu2(100, 100e6)), 100)
-	checkApproximate(t, ts.Total(), 210)
-
-	for i, l := range ts.ComputeRange(tu(36), tu(100), 64) {
-		if i == 63 {
-			checkApproximate(t, l, 100)
-		} else {
-			checkApproximate(t, l, 0)
-		}
-	}
-
-	checkApproximate(t, ts.Range(tu(0), tu(100)), 210)
-	checkApproximate(t, ts.Range(tu(10), tu(100)), 100)
-
-	for i, l := range ts.ComputeRange(tu(0), tu(100), 100) {
-		if i < 10 {
-			checkApproximate(t, l, 11)
-		} else if i >= 90 {
-			checkApproximate(t, l, 10)
-		} else {
-			checkApproximate(t, l, 0)
-		}
-	}
-}
-
-func TestFloat(t *testing.T) {
-	f := Float(1)
-	if g, w := f.String(), "1"; g != w {
-		t.Errorf("Float(1).String = %q; want %q", g, w)
-	}
-	f2 := Float(2)
-	var o Observable = &f2
-	f.Add(o)
-	if g, w := f.Value(), 3.0; g != w {
-		t.Errorf("Float post-add = %v; want %v", g, w)
-	}
-	f.Multiply(2)
-	if g, w := f.Value(), 6.0; g != w {
-		t.Errorf("Float post-multiply = %v; want %v", g, w)
-	}
-	f.Clear()
-	if g, w := f.Value(), 0.0; g != w {
-		t.Errorf("Float post-clear = %v; want %v", g, w)
-	}
-	f.CopyFrom(&f2)
-	if g, w := f.Value(), 2.0; g != w {
-		t.Errorf("Float post-CopyFrom = %v; want %v", g, w)
-	}
-}
-
-type mockClock struct {
-	time time.Time
-}
-
-func (m *mockClock) Time() time.Time { return m.time }
-func (m *mockClock) Set(t time.Time) { m.time = t }
-
-const buckets = 6
-
-var testResolutions = []time.Duration{
-	10 * time.Second,  // level holds one minute of observations
-	100 * time.Second, // level holds ten minutes of observations
-	10 * time.Minute,  // level holds one hour of observations
-}
-
-// TestTimeSeries uses a small number of buckets to force a higher
-// error rate on approximations from the timeseries.
-type TestTimeSeries struct {
-	timeSeries
-}
-
-func TestExpectedErrorRate(t *testing.T) {
-	ts := new(TestTimeSeries)
-	fake := new(mockClock)
-	fake.Set(time.Now())
-	ts.timeSeries.init(testResolutions, NewFloat, buckets, fake)
-	for i := 1; i <= 61*61; i++ {
-		fake.Set(fake.Time().Add(1 * time.Second))
-		ob := Float(1)
-		ts.AddWithTime(&ob, fake.Time())
-
-		// The results should be accurate within one missing bucket (1/6) of the observations recorded.
-		checkNear(t, ts.Latest(0, buckets), min(float64(i), 60), 10)
-		checkNear(t, ts.Latest(1, buckets), min(float64(i), 600), 100)
-		checkNear(t, ts.Latest(2, buckets), min(float64(i), 3600), 600)
-	}
-}
-
-func min(a, b float64) float64 {
-	if a < b {
-		return a
-	}
-	return b
-}
diff --git a/vendor/golang.org/x/net/ipv4/control.go b/vendor/golang.org/x/net/ipv4/control.go
deleted file mode 100644
index 8cadfd7f..00000000
--- a/vendor/golang.org/x/net/ipv4/control.go
+++ /dev/null
@@ -1,70 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"fmt"
-	"net"
-	"sync"
-)
-
-type rawOpt struct {
-	sync.RWMutex
-	cflags ControlFlags
-}
-
-func (c *rawOpt) set(f ControlFlags)        { c.cflags |= f }
-func (c *rawOpt) clear(f ControlFlags)      { c.cflags &^= f }
-func (c *rawOpt) isset(f ControlFlags) bool { return c.cflags&f != 0 }
-
-type ControlFlags uint
-
-const (
-	FlagTTL       ControlFlags = 1 << iota // pass the TTL on the received packet
-	FlagSrc                                // pass the source address on the received packet
-	FlagDst                                // pass the destination address on the received packet
-	FlagInterface                          // pass the interface index on the received packet
-)
-
-// A ControlMessage represents per packet basis IP-level socket options.
-type ControlMessage struct {
-	// Receiving socket options: SetControlMessage allows to
-	// receive the options from the protocol stack using ReadFrom
-	// method of PacketConn or RawConn.
-	//
-	// Specifying socket options: ControlMessage for WriteTo
-	// method of PacketConn or RawConn allows to send the options
-	// to the protocol stack.
-	//
-	TTL     int    // time-to-live, receiving only
-	Src     net.IP // source address, specifying only
-	Dst     net.IP // destination address, receiving only
-	IfIndex int    // interface index, must be 1 <= value when specifying
-}
-
-func (cm *ControlMessage) String() string {
-	if cm == nil {
-		return ""
-	}
-	return fmt.Sprintf("ttl=%d src=%v dst=%v ifindex=%d", cm.TTL, cm.Src, cm.Dst, cm.IfIndex)
-}
-
-// Ancillary data socket options
-const (
-	ctlTTL        = iota // header field
-	ctlSrc               // header field
-	ctlDst               // header field
-	ctlInterface         // inbound or outbound interface
-	ctlPacketInfo        // inbound or outbound packet path
-	ctlMax
-)
-
-// A ctlOpt represents a binding for ancillary data socket option.
-type ctlOpt struct {
-	name    int // option name, must be equal or greater than 1
-	length  int // option length
-	marshal func([]byte, *ControlMessage) []byte
-	parse   func(*ControlMessage, []byte)
-}
diff --git a/vendor/golang.org/x/net/ipv4/control_bsd.go b/vendor/golang.org/x/net/ipv4/control_bsd.go
deleted file mode 100644
index 33d8bc8b..00000000
--- a/vendor/golang.org/x/net/ipv4/control_bsd.go
+++ /dev/null
@@ -1,40 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd netbsd openbsd
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func marshalDst(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIP
-	m.Type = sysIP_RECVDSTADDR
-	m.SetLen(syscall.CmsgLen(net.IPv4len))
-	return b[syscall.CmsgSpace(net.IPv4len):]
-}
-
-func parseDst(cm *ControlMessage, b []byte) {
-	cm.Dst = b[:net.IPv4len]
-}
-
-func marshalInterface(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIP
-	m.Type = sysIP_RECVIF
-	m.SetLen(syscall.CmsgLen(syscall.SizeofSockaddrDatalink))
-	return b[syscall.CmsgSpace(syscall.SizeofSockaddrDatalink):]
-}
-
-func parseInterface(cm *ControlMessage, b []byte) {
-	sadl := (*syscall.SockaddrDatalink)(unsafe.Pointer(&b[0]))
-	cm.IfIndex = int(sadl.Index)
-}
diff --git a/vendor/golang.org/x/net/ipv4/control_pktinfo.go b/vendor/golang.org/x/net/ipv4/control_pktinfo.go
deleted file mode 100644
index 444782f3..00000000
--- a/vendor/golang.org/x/net/ipv4/control_pktinfo.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin linux
-
-package ipv4
-
-import (
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIP
-	m.Type = sysIP_PKTINFO
-	m.SetLen(syscall.CmsgLen(sysSizeofInetPktinfo))
-	if cm != nil {
-		pi := (*sysInetPktinfo)(unsafe.Pointer(&b[syscall.CmsgLen(0)]))
-		if ip := cm.Src.To4(); ip != nil {
-			copy(pi.Spec_dst[:], ip)
-		}
-		if cm.IfIndex > 0 {
-			pi.setIfindex(cm.IfIndex)
-		}
-	}
-	return b[syscall.CmsgSpace(sysSizeofInetPktinfo):]
-}
-
-func parsePacketInfo(cm *ControlMessage, b []byte) {
-	pi := (*sysInetPktinfo)(unsafe.Pointer(&b[0]))
-	cm.IfIndex = int(pi.Ifindex)
-	cm.Dst = pi.Addr[:]
-}
diff --git a/vendor/golang.org/x/net/ipv4/control_stub.go b/vendor/golang.org/x/net/ipv4/control_stub.go
deleted file mode 100644
index 4d850719..00000000
--- a/vendor/golang.org/x/net/ipv4/control_stub.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv4
-
-func setControlMessage(fd int, opt *rawOpt, cf ControlFlags, on bool) error {
-	return errOpNoSupport
-}
-
-func newControlMessage(opt *rawOpt) []byte {
-	return nil
-}
-
-func parseControlMessage(b []byte) (*ControlMessage, error) {
-	return nil, errOpNoSupport
-}
-
-func marshalControlMessage(cm *ControlMessage) []byte {
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/control_unix.go b/vendor/golang.org/x/net/ipv4/control_unix.go
deleted file mode 100644
index 3000c52e..00000000
--- a/vendor/golang.org/x/net/ipv4/control_unix.go
+++ /dev/null
@@ -1,164 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv4
-
-import (
-	"os"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func setControlMessage(fd int, opt *rawOpt, cf ControlFlags, on bool) error {
-	opt.Lock()
-	defer opt.Unlock()
-	if cf&FlagTTL != 0 && sockOpts[ssoReceiveTTL].name > 0 {
-		if err := setInt(fd, &sockOpts[ssoReceiveTTL], boolint(on)); err != nil {
-			return err
-		}
-		if on {
-			opt.set(FlagTTL)
-		} else {
-			opt.clear(FlagTTL)
-		}
-	}
-	if sockOpts[ssoPacketInfo].name > 0 {
-		if cf&(FlagSrc|FlagDst|FlagInterface) != 0 {
-			if err := setInt(fd, &sockOpts[ssoPacketInfo], boolint(on)); err != nil {
-				return err
-			}
-			if on {
-				opt.set(cf & (FlagSrc | FlagDst | FlagInterface))
-			} else {
-				opt.clear(cf & (FlagSrc | FlagDst | FlagInterface))
-			}
-		}
-	} else {
-		if cf&FlagDst != 0 && sockOpts[ssoReceiveDst].name > 0 {
-			if err := setInt(fd, &sockOpts[ssoReceiveDst], boolint(on)); err != nil {
-				return err
-			}
-			if on {
-				opt.set(FlagDst)
-			} else {
-				opt.clear(FlagDst)
-			}
-		}
-		if cf&FlagInterface != 0 && sockOpts[ssoReceiveInterface].name > 0 {
-			if err := setInt(fd, &sockOpts[ssoReceiveInterface], boolint(on)); err != nil {
-				return err
-			}
-			if on {
-				opt.set(FlagInterface)
-			} else {
-				opt.clear(FlagInterface)
-			}
-		}
-	}
-	return nil
-}
-
-func newControlMessage(opt *rawOpt) (oob []byte) {
-	opt.RLock()
-	var l int
-	if opt.isset(FlagTTL) && ctlOpts[ctlTTL].name > 0 {
-		l += syscall.CmsgSpace(ctlOpts[ctlTTL].length)
-	}
-	if ctlOpts[ctlPacketInfo].name > 0 {
-		if opt.isset(FlagSrc | FlagDst | FlagInterface) {
-			l += syscall.CmsgSpace(ctlOpts[ctlPacketInfo].length)
-		}
-	} else {
-		if opt.isset(FlagDst) && ctlOpts[ctlDst].name > 0 {
-			l += syscall.CmsgSpace(ctlOpts[ctlDst].length)
-		}
-		if opt.isset(FlagInterface) && ctlOpts[ctlInterface].name > 0 {
-			l += syscall.CmsgSpace(ctlOpts[ctlInterface].length)
-		}
-	}
-	if l > 0 {
-		oob = make([]byte, l)
-		b := oob
-		if opt.isset(FlagTTL) && ctlOpts[ctlTTL].name > 0 {
-			b = ctlOpts[ctlTTL].marshal(b, nil)
-		}
-		if ctlOpts[ctlPacketInfo].name > 0 {
-			if opt.isset(FlagSrc | FlagDst | FlagInterface) {
-				b = ctlOpts[ctlPacketInfo].marshal(b, nil)
-			}
-		} else {
-			if opt.isset(FlagDst) && ctlOpts[ctlDst].name > 0 {
-				b = ctlOpts[ctlDst].marshal(b, nil)
-			}
-			if opt.isset(FlagInterface) && ctlOpts[ctlInterface].name > 0 {
-				b = ctlOpts[ctlInterface].marshal(b, nil)
-			}
-		}
-	}
-	opt.RUnlock()
-	return
-}
-
-func parseControlMessage(b []byte) (*ControlMessage, error) {
-	if len(b) == 0 {
-		return nil, nil
-	}
-	cmsgs, err := syscall.ParseSocketControlMessage(b)
-	if err != nil {
-		return nil, os.NewSyscallError("parse socket control message", err)
-	}
-	cm := &ControlMessage{}
-	for _, m := range cmsgs {
-		if m.Header.Level != iana.ProtocolIP {
-			continue
-		}
-		switch int(m.Header.Type) {
-		case ctlOpts[ctlTTL].name:
-			ctlOpts[ctlTTL].parse(cm, m.Data[:])
-		case ctlOpts[ctlDst].name:
-			ctlOpts[ctlDst].parse(cm, m.Data[:])
-		case ctlOpts[ctlInterface].name:
-			ctlOpts[ctlInterface].parse(cm, m.Data[:])
-		case ctlOpts[ctlPacketInfo].name:
-			ctlOpts[ctlPacketInfo].parse(cm, m.Data[:])
-		}
-	}
-	return cm, nil
-}
-
-func marshalControlMessage(cm *ControlMessage) (oob []byte) {
-	if cm == nil {
-		return nil
-	}
-	var l int
-	pktinfo := false
-	if ctlOpts[ctlPacketInfo].name > 0 && (cm.Src.To4() != nil || cm.IfIndex > 0) {
-		pktinfo = true
-		l += syscall.CmsgSpace(ctlOpts[ctlPacketInfo].length)
-	}
-	if l > 0 {
-		oob = make([]byte, l)
-		b := oob
-		if pktinfo {
-			b = ctlOpts[ctlPacketInfo].marshal(b, cm)
-		}
-	}
-	return
-}
-
-func marshalTTL(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIP
-	m.Type = sysIP_RECVTTL
-	m.SetLen(syscall.CmsgLen(1))
-	return b[syscall.CmsgSpace(1):]
-}
-
-func parseTTL(cm *ControlMessage, b []byte) {
-	cm.TTL = int(*(*byte)(unsafe.Pointer(&b[:1][0])))
-}
diff --git a/vendor/golang.org/x/net/ipv4/control_windows.go b/vendor/golang.org/x/net/ipv4/control_windows.go
deleted file mode 100644
index 800f6377..00000000
--- a/vendor/golang.org/x/net/ipv4/control_windows.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import "syscall"
-
-func setControlMessage(fd syscall.Handle, opt *rawOpt, cf ControlFlags, on bool) error {
-	// TODO(mikio): implement this
-	return syscall.EWINDOWS
-}
-
-func newControlMessage(opt *rawOpt) []byte {
-	// TODO(mikio): implement this
-	return nil
-}
-
-func parseControlMessage(b []byte) (*ControlMessage, error) {
-	// TODO(mikio): implement this
-	return nil, syscall.EWINDOWS
-}
-
-func marshalControlMessage(cm *ControlMessage) []byte {
-	// TODO(mikio): implement this
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/defs_darwin.go b/vendor/golang.org/x/net/ipv4/defs_darwin.go
deleted file mode 100644
index 731d56a7..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_darwin.go
+++ /dev/null
@@ -1,77 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-
-#include 
-*/
-import "C"
-
-const (
-	sysIP_OPTIONS     = C.IP_OPTIONS
-	sysIP_HDRINCL     = C.IP_HDRINCL
-	sysIP_TOS         = C.IP_TOS
-	sysIP_TTL         = C.IP_TTL
-	sysIP_RECVOPTS    = C.IP_RECVOPTS
-	sysIP_RECVRETOPTS = C.IP_RECVRETOPTS
-	sysIP_RECVDSTADDR = C.IP_RECVDSTADDR
-	sysIP_RETOPTS     = C.IP_RETOPTS
-	sysIP_RECVIF      = C.IP_RECVIF
-	sysIP_STRIPHDR    = C.IP_STRIPHDR
-	sysIP_RECVTTL     = C.IP_RECVTTL
-	sysIP_BOUND_IF    = C.IP_BOUND_IF
-	sysIP_PKTINFO     = C.IP_PKTINFO
-	sysIP_RECVPKTINFO = C.IP_RECVPKTINFO
-
-	sysIP_MULTICAST_IF           = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL          = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP         = C.IP_MULTICAST_LOOP
-	sysIP_ADD_MEMBERSHIP         = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP        = C.IP_DROP_MEMBERSHIP
-	sysIP_MULTICAST_VIF          = C.IP_MULTICAST_VIF
-	sysIP_MULTICAST_IFINDEX      = C.IP_MULTICAST_IFINDEX
-	sysIP_ADD_SOURCE_MEMBERSHIP  = C.IP_ADD_SOURCE_MEMBERSHIP
-	sysIP_DROP_SOURCE_MEMBERSHIP = C.IP_DROP_SOURCE_MEMBERSHIP
-	sysIP_BLOCK_SOURCE           = C.IP_BLOCK_SOURCE
-	sysIP_UNBLOCK_SOURCE         = C.IP_UNBLOCK_SOURCE
-	sysMCAST_JOIN_GROUP          = C.MCAST_JOIN_GROUP
-	sysMCAST_LEAVE_GROUP         = C.MCAST_LEAVE_GROUP
-	sysMCAST_JOIN_SOURCE_GROUP   = C.MCAST_JOIN_SOURCE_GROUP
-	sysMCAST_LEAVE_SOURCE_GROUP  = C.MCAST_LEAVE_SOURCE_GROUP
-	sysMCAST_BLOCK_SOURCE        = C.MCAST_BLOCK_SOURCE
-	sysMCAST_UNBLOCK_SOURCE      = C.MCAST_UNBLOCK_SOURCE
-
-	sysSizeofSockaddrStorage = C.sizeof_struct_sockaddr_storage
-	sysSizeofSockaddrInet    = C.sizeof_struct_sockaddr_in
-	sysSizeofInetPktinfo     = C.sizeof_struct_in_pktinfo
-
-	sysSizeofIPMreq         = C.sizeof_struct_ip_mreq
-	sysSizeofIPMreqn        = C.sizeof_struct_ip_mreqn
-	sysSizeofIPMreqSource   = C.sizeof_struct_ip_mreq_source
-	sysSizeofGroupReq       = C.sizeof_struct_group_req
-	sysSizeofGroupSourceReq = C.sizeof_struct_group_source_req
-)
-
-type sysSockaddrStorage C.struct_sockaddr_storage
-
-type sysSockaddrInet C.struct_sockaddr_in
-
-type sysInetPktinfo C.struct_in_pktinfo
-
-type sysIPMreq C.struct_ip_mreq
-
-type sysIPMreqn C.struct_ip_mreqn
-
-type sysIPMreqSource C.struct_ip_mreq_source
-
-type sysGroupReq C.struct_group_req
-
-type sysGroupSourceReq C.struct_group_source_req
diff --git a/vendor/golang.org/x/net/ipv4/defs_dragonfly.go b/vendor/golang.org/x/net/ipv4/defs_dragonfly.go
deleted file mode 100644
index 08e3b855..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_dragonfly.go
+++ /dev/null
@@ -1,38 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-*/
-import "C"
-
-const (
-	sysIP_OPTIONS     = C.IP_OPTIONS
-	sysIP_HDRINCL     = C.IP_HDRINCL
-	sysIP_TOS         = C.IP_TOS
-	sysIP_TTL         = C.IP_TTL
-	sysIP_RECVOPTS    = C.IP_RECVOPTS
-	sysIP_RECVRETOPTS = C.IP_RECVRETOPTS
-	sysIP_RECVDSTADDR = C.IP_RECVDSTADDR
-	sysIP_RETOPTS     = C.IP_RETOPTS
-	sysIP_RECVIF      = C.IP_RECVIF
-	sysIP_RECVTTL     = C.IP_RECVTTL
-
-	sysIP_MULTICAST_IF    = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL   = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP  = C.IP_MULTICAST_LOOP
-	sysIP_MULTICAST_VIF   = C.IP_MULTICAST_VIF
-	sysIP_ADD_MEMBERSHIP  = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP = C.IP_DROP_MEMBERSHIP
-
-	sysSizeofIPMreq = C.sizeof_struct_ip_mreq
-)
-
-type sysIPMreq C.struct_ip_mreq
diff --git a/vendor/golang.org/x/net/ipv4/defs_freebsd.go b/vendor/golang.org/x/net/ipv4/defs_freebsd.go
deleted file mode 100644
index f12ca327..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_freebsd.go
+++ /dev/null
@@ -1,75 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-
-#include 
-*/
-import "C"
-
-const (
-	sysIP_OPTIONS     = C.IP_OPTIONS
-	sysIP_HDRINCL     = C.IP_HDRINCL
-	sysIP_TOS         = C.IP_TOS
-	sysIP_TTL         = C.IP_TTL
-	sysIP_RECVOPTS    = C.IP_RECVOPTS
-	sysIP_RECVRETOPTS = C.IP_RECVRETOPTS
-	sysIP_RECVDSTADDR = C.IP_RECVDSTADDR
-	sysIP_SENDSRCADDR = C.IP_SENDSRCADDR
-	sysIP_RETOPTS     = C.IP_RETOPTS
-	sysIP_RECVIF      = C.IP_RECVIF
-	sysIP_ONESBCAST   = C.IP_ONESBCAST
-	sysIP_BINDANY     = C.IP_BINDANY
-	sysIP_RECVTTL     = C.IP_RECVTTL
-	sysIP_MINTTL      = C.IP_MINTTL
-	sysIP_DONTFRAG    = C.IP_DONTFRAG
-	sysIP_RECVTOS     = C.IP_RECVTOS
-
-	sysIP_MULTICAST_IF           = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL          = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP         = C.IP_MULTICAST_LOOP
-	sysIP_ADD_MEMBERSHIP         = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP        = C.IP_DROP_MEMBERSHIP
-	sysIP_MULTICAST_VIF          = C.IP_MULTICAST_VIF
-	sysIP_ADD_SOURCE_MEMBERSHIP  = C.IP_ADD_SOURCE_MEMBERSHIP
-	sysIP_DROP_SOURCE_MEMBERSHIP = C.IP_DROP_SOURCE_MEMBERSHIP
-	sysIP_BLOCK_SOURCE           = C.IP_BLOCK_SOURCE
-	sysIP_UNBLOCK_SOURCE         = C.IP_UNBLOCK_SOURCE
-	sysMCAST_JOIN_GROUP          = C.MCAST_JOIN_GROUP
-	sysMCAST_LEAVE_GROUP         = C.MCAST_LEAVE_GROUP
-	sysMCAST_JOIN_SOURCE_GROUP   = C.MCAST_JOIN_SOURCE_GROUP
-	sysMCAST_LEAVE_SOURCE_GROUP  = C.MCAST_LEAVE_SOURCE_GROUP
-	sysMCAST_BLOCK_SOURCE        = C.MCAST_BLOCK_SOURCE
-	sysMCAST_UNBLOCK_SOURCE      = C.MCAST_UNBLOCK_SOURCE
-
-	sysSizeofSockaddrStorage = C.sizeof_struct_sockaddr_storage
-	sysSizeofSockaddrInet    = C.sizeof_struct_sockaddr_in
-
-	sysSizeofIPMreq         = C.sizeof_struct_ip_mreq
-	sysSizeofIPMreqn        = C.sizeof_struct_ip_mreqn
-	sysSizeofIPMreqSource   = C.sizeof_struct_ip_mreq_source
-	sysSizeofGroupReq       = C.sizeof_struct_group_req
-	sysSizeofGroupSourceReq = C.sizeof_struct_group_source_req
-)
-
-type sysSockaddrStorage C.struct_sockaddr_storage
-
-type sysSockaddrInet C.struct_sockaddr_in
-
-type sysIPMreq C.struct_ip_mreq
-
-type sysIPMreqn C.struct_ip_mreqn
-
-type sysIPMreqSource C.struct_ip_mreq_source
-
-type sysGroupReq C.struct_group_req
-
-type sysGroupSourceReq C.struct_group_source_req
diff --git a/vendor/golang.org/x/net/ipv4/defs_linux.go b/vendor/golang.org/x/net/ipv4/defs_linux.go
deleted file mode 100644
index fdba148a..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_linux.go
+++ /dev/null
@@ -1,111 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-
-#include 
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIP_TOS             = C.IP_TOS
-	sysIP_TTL             = C.IP_TTL
-	sysIP_HDRINCL         = C.IP_HDRINCL
-	sysIP_OPTIONS         = C.IP_OPTIONS
-	sysIP_ROUTER_ALERT    = C.IP_ROUTER_ALERT
-	sysIP_RECVOPTS        = C.IP_RECVOPTS
-	sysIP_RETOPTS         = C.IP_RETOPTS
-	sysIP_PKTINFO         = C.IP_PKTINFO
-	sysIP_PKTOPTIONS      = C.IP_PKTOPTIONS
-	sysIP_MTU_DISCOVER    = C.IP_MTU_DISCOVER
-	sysIP_RECVERR         = C.IP_RECVERR
-	sysIP_RECVTTL         = C.IP_RECVTTL
-	sysIP_RECVTOS         = C.IP_RECVTOS
-	sysIP_MTU             = C.IP_MTU
-	sysIP_FREEBIND        = C.IP_FREEBIND
-	sysIP_TRANSPARENT     = C.IP_TRANSPARENT
-	sysIP_RECVRETOPTS     = C.IP_RECVRETOPTS
-	sysIP_ORIGDSTADDR     = C.IP_ORIGDSTADDR
-	sysIP_RECVORIGDSTADDR = C.IP_RECVORIGDSTADDR
-	sysIP_MINTTL          = C.IP_MINTTL
-	sysIP_NODEFRAG        = C.IP_NODEFRAG
-	sysIP_UNICAST_IF      = C.IP_UNICAST_IF
-
-	sysIP_MULTICAST_IF           = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL          = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP         = C.IP_MULTICAST_LOOP
-	sysIP_ADD_MEMBERSHIP         = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP        = C.IP_DROP_MEMBERSHIP
-	sysIP_UNBLOCK_SOURCE         = C.IP_UNBLOCK_SOURCE
-	sysIP_BLOCK_SOURCE           = C.IP_BLOCK_SOURCE
-	sysIP_ADD_SOURCE_MEMBERSHIP  = C.IP_ADD_SOURCE_MEMBERSHIP
-	sysIP_DROP_SOURCE_MEMBERSHIP = C.IP_DROP_SOURCE_MEMBERSHIP
-	sysIP_MSFILTER               = C.IP_MSFILTER
-	sysMCAST_JOIN_GROUP          = C.MCAST_JOIN_GROUP
-	sysMCAST_LEAVE_GROUP         = C.MCAST_LEAVE_GROUP
-	sysMCAST_JOIN_SOURCE_GROUP   = C.MCAST_JOIN_SOURCE_GROUP
-	sysMCAST_LEAVE_SOURCE_GROUP  = C.MCAST_LEAVE_SOURCE_GROUP
-	sysMCAST_BLOCK_SOURCE        = C.MCAST_BLOCK_SOURCE
-	sysMCAST_UNBLOCK_SOURCE      = C.MCAST_UNBLOCK_SOURCE
-	sysMCAST_MSFILTER            = C.MCAST_MSFILTER
-	sysIP_MULTICAST_ALL          = C.IP_MULTICAST_ALL
-
-	//sysIP_PMTUDISC_DONT      = C.IP_PMTUDISC_DONT
-	//sysIP_PMTUDISC_WANT      = C.IP_PMTUDISC_WANT
-	//sysIP_PMTUDISC_DO        = C.IP_PMTUDISC_DO
-	//sysIP_PMTUDISC_PROBE     = C.IP_PMTUDISC_PROBE
-	//sysIP_PMTUDISC_INTERFACE = C.IP_PMTUDISC_INTERFACE
-	//sysIP_PMTUDISC_OMIT      = C.IP_PMTUDISC_OMIT
-
-	sysICMP_FILTER = C.ICMP_FILTER
-
-	sysSO_EE_ORIGIN_NONE         = C.SO_EE_ORIGIN_NONE
-	sysSO_EE_ORIGIN_LOCAL        = C.SO_EE_ORIGIN_LOCAL
-	sysSO_EE_ORIGIN_ICMP         = C.SO_EE_ORIGIN_ICMP
-	sysSO_EE_ORIGIN_ICMP6        = C.SO_EE_ORIGIN_ICMP6
-	sysSO_EE_ORIGIN_TXSTATUS     = C.SO_EE_ORIGIN_TXSTATUS
-	sysSO_EE_ORIGIN_TIMESTAMPING = C.SO_EE_ORIGIN_TIMESTAMPING
-
-	sysSizeofKernelSockaddrStorage = C.sizeof_struct___kernel_sockaddr_storage
-	sysSizeofSockaddrInet          = C.sizeof_struct_sockaddr_in
-	sysSizeofInetPktinfo           = C.sizeof_struct_in_pktinfo
-	sysSizeofSockExtendedErr       = C.sizeof_struct_sock_extended_err
-
-	sysSizeofIPMreq         = C.sizeof_struct_ip_mreq
-	sysSizeofIPMreqn        = C.sizeof_struct_ip_mreqn
-	sysSizeofIPMreqSource   = C.sizeof_struct_ip_mreq_source
-	sysSizeofGroupReq       = C.sizeof_struct_group_req
-	sysSizeofGroupSourceReq = C.sizeof_struct_group_source_req
-
-	sysSizeofICMPFilter = C.sizeof_struct_icmp_filter
-)
-
-type sysKernelSockaddrStorage C.struct___kernel_sockaddr_storage
-
-type sysSockaddrInet C.struct_sockaddr_in
-
-type sysInetPktinfo C.struct_in_pktinfo
-
-type sysSockExtendedErr C.struct_sock_extended_err
-
-type sysIPMreq C.struct_ip_mreq
-
-type sysIPMreqn C.struct_ip_mreqn
-
-type sysIPMreqSource C.struct_ip_mreq_source
-
-type sysGroupReq C.struct_group_req
-
-type sysGroupSourceReq C.struct_group_source_req
-
-type sysICMPFilter C.struct_icmp_filter
diff --git a/vendor/golang.org/x/net/ipv4/defs_netbsd.go b/vendor/golang.org/x/net/ipv4/defs_netbsd.go
deleted file mode 100644
index 8642354f..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_netbsd.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-*/
-import "C"
-
-const (
-	sysIP_OPTIONS     = C.IP_OPTIONS
-	sysIP_HDRINCL     = C.IP_HDRINCL
-	sysIP_TOS         = C.IP_TOS
-	sysIP_TTL         = C.IP_TTL
-	sysIP_RECVOPTS    = C.IP_RECVOPTS
-	sysIP_RECVRETOPTS = C.IP_RECVRETOPTS
-	sysIP_RECVDSTADDR = C.IP_RECVDSTADDR
-	sysIP_RETOPTS     = C.IP_RETOPTS
-	sysIP_RECVIF      = C.IP_RECVIF
-	sysIP_RECVTTL     = C.IP_RECVTTL
-
-	sysIP_MULTICAST_IF    = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL   = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP  = C.IP_MULTICAST_LOOP
-	sysIP_ADD_MEMBERSHIP  = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP = C.IP_DROP_MEMBERSHIP
-
-	sysSizeofIPMreq = C.sizeof_struct_ip_mreq
-)
-
-type sysIPMreq C.struct_ip_mreq
diff --git a/vendor/golang.org/x/net/ipv4/defs_openbsd.go b/vendor/golang.org/x/net/ipv4/defs_openbsd.go
deleted file mode 100644
index 8642354f..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_openbsd.go
+++ /dev/null
@@ -1,37 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-*/
-import "C"
-
-const (
-	sysIP_OPTIONS     = C.IP_OPTIONS
-	sysIP_HDRINCL     = C.IP_HDRINCL
-	sysIP_TOS         = C.IP_TOS
-	sysIP_TTL         = C.IP_TTL
-	sysIP_RECVOPTS    = C.IP_RECVOPTS
-	sysIP_RECVRETOPTS = C.IP_RECVRETOPTS
-	sysIP_RECVDSTADDR = C.IP_RECVDSTADDR
-	sysIP_RETOPTS     = C.IP_RETOPTS
-	sysIP_RECVIF      = C.IP_RECVIF
-	sysIP_RECVTTL     = C.IP_RECVTTL
-
-	sysIP_MULTICAST_IF    = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL   = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP  = C.IP_MULTICAST_LOOP
-	sysIP_ADD_MEMBERSHIP  = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP = C.IP_DROP_MEMBERSHIP
-
-	sysSizeofIPMreq = C.sizeof_struct_ip_mreq
-)
-
-type sysIPMreq C.struct_ip_mreq
diff --git a/vendor/golang.org/x/net/ipv4/defs_solaris.go b/vendor/golang.org/x/net/ipv4/defs_solaris.go
deleted file mode 100644
index bb74afa4..00000000
--- a/vendor/golang.org/x/net/ipv4/defs_solaris.go
+++ /dev/null
@@ -1,57 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in_addr [4]byte /* in_addr */
-
-package ipv4
-
-/*
-#include 
-*/
-import "C"
-
-const (
-	sysIP_OPTIONS       = C.IP_OPTIONS
-	sysIP_HDRINCL       = C.IP_HDRINCL
-	sysIP_TOS           = C.IP_TOS
-	sysIP_TTL           = C.IP_TTL
-	sysIP_RECVOPTS      = C.IP_RECVOPTS
-	sysIP_RECVRETOPTS   = C.IP_RECVRETOPTS
-	sysIP_RECVDSTADDR   = C.IP_RECVDSTADDR
-	sysIP_RETOPTS       = C.IP_RETOPTS
-	sysIP_RECVIF        = C.IP_RECVIF
-	sysIP_RECVSLLA      = C.IP_RECVSLLA
-	sysIP_RECVTTL       = C.IP_RECVTTL
-	sysIP_NEXTHOP       = C.IP_NEXTHOP
-	sysIP_PKTINFO       = C.IP_PKTINFO
-	sysIP_RECVPKTINFO   = C.IP_RECVPKTINFO
-	sysIP_DONTFRAG      = C.IP_DONTFRAG
-	sysIP_BOUND_IF      = C.IP_BOUND_IF
-	sysIP_UNSPEC_SRC    = C.IP_UNSPEC_SRC
-	sysIP_BROADCAST_TTL = C.IP_BROADCAST_TTL
-	sysIP_DHCPINIT_IF   = C.IP_DHCPINIT_IF
-
-	sysIP_MULTICAST_IF           = C.IP_MULTICAST_IF
-	sysIP_MULTICAST_TTL          = C.IP_MULTICAST_TTL
-	sysIP_MULTICAST_LOOP         = C.IP_MULTICAST_LOOP
-	sysIP_ADD_MEMBERSHIP         = C.IP_ADD_MEMBERSHIP
-	sysIP_DROP_MEMBERSHIP        = C.IP_DROP_MEMBERSHIP
-	sysIP_BLOCK_SOURCE           = C.IP_BLOCK_SOURCE
-	sysIP_UNBLOCK_SOURCE         = C.IP_UNBLOCK_SOURCE
-	sysIP_ADD_SOURCE_MEMBERSHIP  = C.IP_ADD_SOURCE_MEMBERSHIP
-	sysIP_DROP_SOURCE_MEMBERSHIP = C.IP_DROP_SOURCE_MEMBERSHIP
-
-	sysSizeofInetPktinfo = C.sizeof_struct_in_pktinfo
-
-	sysSizeofIPMreq       = C.sizeof_struct_ip_mreq
-	sysSizeofIPMreqSource = C.sizeof_struct_ip_mreq_source
-)
-
-type sysInetPktinfo C.struct_in_pktinfo
-
-type sysIPMreq C.struct_ip_mreq
-
-type sysIPMreqSource C.struct_ip_mreq_source
diff --git a/vendor/golang.org/x/net/ipv4/dgramopt_posix.go b/vendor/golang.org/x/net/ipv4/dgramopt_posix.go
deleted file mode 100644
index 103c4f6d..00000000
--- a/vendor/golang.org/x/net/ipv4/dgramopt_posix.go
+++ /dev/null
@@ -1,251 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd windows
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-)
-
-// MulticastTTL returns the time-to-live field value for outgoing
-// multicast packets.
-func (c *dgramOpt) MulticastTTL() (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	return getInt(fd, &sockOpts[ssoMulticastTTL])
-}
-
-// SetMulticastTTL sets the time-to-live field value for future
-// outgoing multicast packets.
-func (c *dgramOpt) SetMulticastTTL(ttl int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoMulticastTTL], ttl)
-}
-
-// MulticastInterface returns the default interface for multicast
-// packet transmissions.
-func (c *dgramOpt) MulticastInterface() (*net.Interface, error) {
-	if !c.ok() {
-		return nil, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return nil, err
-	}
-	return getInterface(fd, &sockOpts[ssoMulticastInterface])
-}
-
-// SetMulticastInterface sets the default interface for future
-// multicast packet transmissions.
-func (c *dgramOpt) SetMulticastInterface(ifi *net.Interface) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInterface(fd, &sockOpts[ssoMulticastInterface], ifi)
-}
-
-// MulticastLoopback reports whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) MulticastLoopback() (bool, error) {
-	if !c.ok() {
-		return false, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return false, err
-	}
-	on, err := getInt(fd, &sockOpts[ssoMulticastLoopback])
-	if err != nil {
-		return false, err
-	}
-	return on == 1, nil
-}
-
-// SetMulticastLoopback sets whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) SetMulticastLoopback(on bool) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoMulticastLoopback], boolint(on))
-}
-
-// JoinGroup joins the group address group on the interface ifi.
-// By default all sources that can cast data to group are accepted.
-// It's possible to mute and unmute data transmission from a specific
-// source by using ExcludeSourceSpecificGroup and
-// IncludeSourceSpecificGroup.
-// JoinGroup uses the system assigned multicast interface when ifi is
-// nil, although this is not recommended because the assignment
-// depends on platforms and sometimes it might require routing
-// configuration.
-func (c *dgramOpt) JoinGroup(ifi *net.Interface, group net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP4(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	return setGroup(fd, &sockOpts[ssoJoinGroup], ifi, grp)
-}
-
-// LeaveGroup leaves the group address group on the interface ifi
-// regardless of whether the group is any-source group or
-// source-specific group.
-func (c *dgramOpt) LeaveGroup(ifi *net.Interface, group net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP4(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	return setGroup(fd, &sockOpts[ssoLeaveGroup], ifi, grp)
-}
-
-// JoinSourceSpecificGroup joins the source-specific group comprising
-// group and source on the interface ifi.
-// JoinSourceSpecificGroup uses the system assigned multicast
-// interface when ifi is nil, although this is not recommended because
-// the assignment depends on platforms and sometimes it might require
-// routing configuration.
-func (c *dgramOpt) JoinSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP4(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP4(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoJoinSourceGroup], ifi, grp, src)
-}
-
-// LeaveSourceSpecificGroup leaves the source-specific group on the
-// interface ifi.
-func (c *dgramOpt) LeaveSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP4(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP4(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoLeaveSourceGroup], ifi, grp, src)
-}
-
-// ExcludeSourceSpecificGroup excludes the source-specific group from
-// the already joined any-source groups by JoinGroup on the interface
-// ifi.
-func (c *dgramOpt) ExcludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP4(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP4(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoBlockSourceGroup], ifi, grp, src)
-}
-
-// IncludeSourceSpecificGroup includes the excluded source-specific
-// group by ExcludeSourceSpecificGroup again on the interface ifi.
-func (c *dgramOpt) IncludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP4(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP4(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoUnblockSourceGroup], ifi, grp, src)
-}
-
-// ICMPFilter returns an ICMP filter.
-// Currently only Linux supports this.
-func (c *dgramOpt) ICMPFilter() (*ICMPFilter, error) {
-	if !c.ok() {
-		return nil, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return nil, err
-	}
-	return getICMPFilter(fd, &sockOpts[ssoICMPFilter])
-}
-
-// SetICMPFilter deploys the ICMP filter.
-// Currently only Linux supports this.
-func (c *dgramOpt) SetICMPFilter(f *ICMPFilter) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setICMPFilter(fd, &sockOpts[ssoICMPFilter], f)
-}
diff --git a/vendor/golang.org/x/net/ipv4/dgramopt_stub.go b/vendor/golang.org/x/net/ipv4/dgramopt_stub.go
deleted file mode 100644
index b74df693..00000000
--- a/vendor/golang.org/x/net/ipv4/dgramopt_stub.go
+++ /dev/null
@@ -1,106 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv4
-
-import "net"
-
-// MulticastTTL returns the time-to-live field value for outgoing
-// multicast packets.
-func (c *dgramOpt) MulticastTTL() (int, error) {
-	return 0, errOpNoSupport
-}
-
-// SetMulticastTTL sets the time-to-live field value for future
-// outgoing multicast packets.
-func (c *dgramOpt) SetMulticastTTL(ttl int) error {
-	return errOpNoSupport
-}
-
-// MulticastInterface returns the default interface for multicast
-// packet transmissions.
-func (c *dgramOpt) MulticastInterface() (*net.Interface, error) {
-	return nil, errOpNoSupport
-}
-
-// SetMulticastInterface sets the default interface for future
-// multicast packet transmissions.
-func (c *dgramOpt) SetMulticastInterface(ifi *net.Interface) error {
-	return errOpNoSupport
-}
-
-// MulticastLoopback reports whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) MulticastLoopback() (bool, error) {
-	return false, errOpNoSupport
-}
-
-// SetMulticastLoopback sets whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) SetMulticastLoopback(on bool) error {
-	return errOpNoSupport
-}
-
-// JoinGroup joins the group address group on the interface ifi.
-// By default all sources that can cast data to group are accepted.
-// It's possible to mute and unmute data transmission from a specific
-// source by using ExcludeSourceSpecificGroup and
-// IncludeSourceSpecificGroup.
-// JoinGroup uses the system assigned multicast interface when ifi is
-// nil, although this is not recommended because the assignment
-// depends on platforms and sometimes it might require routing
-// configuration.
-func (c *dgramOpt) JoinGroup(ifi *net.Interface, group net.Addr) error {
-	return errOpNoSupport
-}
-
-// LeaveGroup leaves the group address group on the interface ifi
-// regardless of whether the group is any-source group or
-// source-specific group.
-func (c *dgramOpt) LeaveGroup(ifi *net.Interface, group net.Addr) error {
-	return errOpNoSupport
-}
-
-// JoinSourceSpecificGroup joins the source-specific group comprising
-// group and source on the interface ifi.
-// JoinSourceSpecificGroup uses the system assigned multicast
-// interface when ifi is nil, although this is not recommended because
-// the assignment depends on platforms and sometimes it might require
-// routing configuration.
-func (c *dgramOpt) JoinSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// LeaveSourceSpecificGroup leaves the source-specific group on the
-// interface ifi.
-func (c *dgramOpt) LeaveSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// ExcludeSourceSpecificGroup excludes the source-specific group from
-// the already joined any-source groups by JoinGroup on the interface
-// ifi.
-func (c *dgramOpt) ExcludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// IncludeSourceSpecificGroup includes the excluded source-specific
-// group by ExcludeSourceSpecificGroup again on the interface ifi.
-func (c *dgramOpt) IncludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// ICMPFilter returns an ICMP filter.
-// Currently only Linux supports this.
-func (c *dgramOpt) ICMPFilter() (*ICMPFilter, error) {
-	return nil, errOpNoSupport
-}
-
-// SetICMPFilter deploys the ICMP filter.
-// Currently only Linux supports this.
-func (c *dgramOpt) SetICMPFilter(f *ICMPFilter) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/doc.go b/vendor/golang.org/x/net/ipv4/doc.go
deleted file mode 100644
index 9a79badf..00000000
--- a/vendor/golang.org/x/net/ipv4/doc.go
+++ /dev/null
@@ -1,242 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ipv4 implements IP-level socket options for the Internet
-// Protocol version 4.
-//
-// The package provides IP-level socket options that allow
-// manipulation of IPv4 facilities.
-//
-// The IPv4 protocol and basic host requirements for IPv4 are defined
-// in RFC 791 and RFC 1122.
-// Host extensions for multicasting and socket interface extensions
-// for multicast source filters are defined in RFC 1112 and RFC 3678.
-// IGMPv1, IGMPv2 and IGMPv3 are defined in RFC 1112, RFC 2236 and RFC
-// 3376.
-// Source-specific multicast is defined in RFC 4607.
-//
-//
-// Unicasting
-//
-// The options for unicasting are available for net.TCPConn,
-// net.UDPConn and net.IPConn which are created as network connections
-// that use the IPv4 transport.  When a single TCP connection carrying
-// a data flow of multiple packets needs to indicate the flow is
-// important, ipv4.Conn is used to set the type-of-service field on
-// the IPv4 header for each packet.
-//
-//	ln, err := net.Listen("tcp4", "0.0.0.0:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer ln.Close()
-//	for {
-//		c, err := ln.Accept()
-//		if err != nil {
-//			// error handling
-//		}
-//		go func(c net.Conn) {
-//			defer c.Close()
-//
-// The outgoing packets will be labeled DiffServ assured forwarding
-// class 1 low drop precedence, known as AF11 packets.
-//
-//			if err := ipv4.NewConn(c).SetTOS(0x28); err != nil {
-//				// error handling
-//			}
-//			if _, err := c.Write(data); err != nil {
-//				// error handling
-//			}
-//		}(c)
-//	}
-//
-//
-// Multicasting
-//
-// The options for multicasting are available for net.UDPConn and
-// net.IPconn which are created as network connections that use the
-// IPv4 transport.  A few network facilities must be prepared before
-// you begin multicasting, at a minimum joining network interfaces and
-// multicast groups.
-//
-//	en0, err := net.InterfaceByName("en0")
-//	if err != nil {
-//		// error handling
-//	}
-//	en1, err := net.InterfaceByIndex(911)
-//	if err != nil {
-//		// error handling
-//	}
-//	group := net.IPv4(224, 0, 0, 250)
-//
-// First, an application listens to an appropriate address with an
-// appropriate service port.
-//
-//	c, err := net.ListenPacket("udp4", "0.0.0.0:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c.Close()
-//
-// Second, the application joins multicast groups, starts listening to
-// the groups on the specified network interfaces.  Note that the
-// service port for transport layer protocol does not matter with this
-// operation as joining groups affects only network and link layer
-// protocols, such as IPv4 and Ethernet.
-//
-//	p := ipv4.NewPacketConn(c)
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: group}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: group}); err != nil {
-//		// error handling
-//	}
-//
-// The application might set per packet control message transmissions
-// between the protocol stack within the kernel.  When the application
-// needs a destination address on an incoming packet,
-// SetControlMessage of ipv4.PacketConn is used to enable control
-// message transmissons.
-//
-//	if err := p.SetControlMessage(ipv4.FlagDst, true); err != nil {
-//		// error handling
-//	}
-//
-// The application could identify whether the received packets are
-// of interest by using the control message that contains the
-// destination address of the received packet.
-//
-//	b := make([]byte, 1500)
-//	for {
-//		n, cm, src, err := p.ReadFrom(b)
-//		if err != nil {
-//			// error handling
-//		}
-//		if cm.Dst.IsMulticast() {
-//			if cm.Dst.Equal(group) {
-//				// joined group, do something
-//			} else {
-//				// unknown group, discard
-//				continue
-//			}
-//		}
-//
-// The application can also send both unicast and multicast packets.
-//
-//		p.SetTOS(0x0)
-//		p.SetTTL(16)
-//		if _, err := p.WriteTo(data, nil, src); err != nil {
-//			// error handling
-//		}
-//		dst := &net.UDPAddr{IP: group, Port: 1024}
-//		for _, ifi := range []*net.Interface{en0, en1} {
-//			if err := p.SetMulticastInterface(ifi); err != nil {
-//				// error handling
-//			}
-//			p.SetMulticastTTL(2)
-//			if _, err := p.WriteTo(data, nil, dst); err != nil {
-//				// error handling
-//			}
-//		}
-//	}
-//
-//
-// More multicasting
-//
-// An application that uses PacketConn or RawConn may join multiple
-// multicast groups.  For example, a UDP listener with port 1024 might
-// join two different groups across over two different network
-// interfaces by using:
-//
-//	c, err := net.ListenPacket("udp4", "0.0.0.0:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c.Close()
-//	p := ipv4.NewPacketConn(c)
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 249)}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 249)}); err != nil {
-//		// error handling
-//	}
-//
-// It is possible for multiple UDP listeners that listen on the same
-// UDP port to join the same multicast group.  The net package will
-// provide a socket that listens to a wildcard address with reusable
-// UDP port when an appropriate multicast address prefix is passed to
-// the net.ListenPacket or net.ListenUDP.
-//
-//	c1, err := net.ListenPacket("udp4", "224.0.0.0:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c1.Close()
-//	c2, err := net.ListenPacket("udp4", "224.0.0.0:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c2.Close()
-//	p1 := ipv4.NewPacketConn(c1)
-//	if err := p1.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
-//		// error handling
-//	}
-//	p2 := ipv4.NewPacketConn(c2)
-//	if err := p2.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
-//		// error handling
-//	}
-//
-// Also it is possible for the application to leave or rejoin a
-// multicast group on the network interface.
-//
-//	if err := p.LeaveGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 248)}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.IPv4(224, 0, 0, 250)}); err != nil {
-//		// error handling
-//	}
-//
-//
-// Source-specific multicasting
-//
-// An application that uses PacketConn or RawConn on IGMPv3 supported
-// platform is able to join source-specific multicast groups.
-// The application may use JoinSourceSpecificGroup and
-// LeaveSourceSpecificGroup for the operation known as "include" mode,
-//
-//	ssmgroup := net.UDPAddr{IP: net.IPv4(232, 7, 8, 9)}
-//	ssmsource := net.UDPAddr{IP: net.IPv4(192, 168, 0, 1)})
-//	if err := p.JoinSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
-//		// error handling
-//	}
-//	if err := p.LeaveSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
-//		// error handling
-//	}
-//
-// or JoinGroup, ExcludeSourceSpecificGroup,
-// IncludeSourceSpecificGroup and LeaveGroup for the operation known
-// as "exclude" mode.
-//
-//	exclsource := net.UDPAddr{IP: net.IPv4(192, 168, 0, 254)}
-//	if err := p.JoinGroup(en0, &ssmgroup); err != nil {
-//		// error handling
-//	}
-//	if err := p.ExcludeSourceSpecificGroup(en0, &ssmgroup, &exclsource); err != nil {
-//		// error handling
-//	}
-//	if err := p.LeaveGroup(en0, &ssmgroup); err != nil {
-//		// error handling
-//	}
-//
-// Note that it depends on each platform implementation what happens
-// when an application which runs on IGMPv3 unsupported platform uses
-// JoinSourceSpecificGroup and LeaveSourceSpecificGroup.
-// In general the platform tries to fall back to conversations using
-// IGMPv1 or IGMPv2 and starts to listen to multicast traffic.
-// In the fallback case, ExcludeSourceSpecificGroup and
-// IncludeSourceSpecificGroup may return an error.
-package ipv4 // import "golang.org/x/net/ipv4"
diff --git a/vendor/golang.org/x/net/ipv4/endpoint.go b/vendor/golang.org/x/net/ipv4/endpoint.go
deleted file mode 100644
index bc45bf05..00000000
--- a/vendor/golang.org/x/net/ipv4/endpoint.go
+++ /dev/null
@@ -1,187 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-	"time"
-)
-
-// A Conn represents a network endpoint that uses the IPv4 transport.
-// It is used to control basic IP-level socket options such as TOS and
-// TTL.
-type Conn struct {
-	genericOpt
-}
-
-type genericOpt struct {
-	net.Conn
-}
-
-func (c *genericOpt) ok() bool { return c != nil && c.Conn != nil }
-
-// NewConn returns a new Conn.
-func NewConn(c net.Conn) *Conn {
-	return &Conn{
-		genericOpt: genericOpt{Conn: c},
-	}
-}
-
-// A PacketConn represents a packet network endpoint that uses the
-// IPv4 transport.  It is used to control several IP-level socket
-// options including multicasting.  It also provides datagram based
-// network I/O methods specific to the IPv4 and higher layer protocols
-// such as UDP.
-type PacketConn struct {
-	genericOpt
-	dgramOpt
-	payloadHandler
-}
-
-type dgramOpt struct {
-	net.PacketConn
-}
-
-func (c *dgramOpt) ok() bool { return c != nil && c.PacketConn != nil }
-
-// SetControlMessage sets the per packet IP-level socket options.
-func (c *PacketConn) SetControlMessage(cf ControlFlags, on bool) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.payloadHandler.sysfd()
-	if err != nil {
-		return err
-	}
-	return setControlMessage(fd, &c.payloadHandler.rawOpt, cf, on)
-}
-
-// SetDeadline sets the read and write deadlines associated with the
-// endpoint.
-func (c *PacketConn) SetDeadline(t time.Time) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.PacketConn.SetDeadline(t)
-}
-
-// SetReadDeadline sets the read deadline associated with the
-// endpoint.
-func (c *PacketConn) SetReadDeadline(t time.Time) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.PacketConn.SetReadDeadline(t)
-}
-
-// SetWriteDeadline sets the write deadline associated with the
-// endpoint.
-func (c *PacketConn) SetWriteDeadline(t time.Time) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.PacketConn.SetWriteDeadline(t)
-}
-
-// Close closes the endpoint.
-func (c *PacketConn) Close() error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.PacketConn.Close()
-}
-
-// NewPacketConn returns a new PacketConn using c as its underlying
-// transport.
-func NewPacketConn(c net.PacketConn) *PacketConn {
-	p := &PacketConn{
-		genericOpt:     genericOpt{Conn: c.(net.Conn)},
-		dgramOpt:       dgramOpt{PacketConn: c},
-		payloadHandler: payloadHandler{PacketConn: c},
-	}
-	if _, ok := c.(*net.IPConn); ok && sockOpts[ssoStripHeader].name > 0 {
-		if fd, err := p.payloadHandler.sysfd(); err == nil {
-			setInt(fd, &sockOpts[ssoStripHeader], boolint(true))
-		}
-	}
-	return p
-}
-
-// A RawConn represents a packet network endpoint that uses the IPv4
-// transport.  It is used to control several IP-level socket options
-// including IPv4 header manipulation.  It also provides datagram
-// based network I/O methods specific to the IPv4 and higher layer
-// protocols that handle IPv4 datagram directly such as OSPF, GRE.
-type RawConn struct {
-	genericOpt
-	dgramOpt
-	packetHandler
-}
-
-// SetControlMessage sets the per packet IP-level socket options.
-func (c *RawConn) SetControlMessage(cf ControlFlags, on bool) error {
-	if !c.packetHandler.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.packetHandler.sysfd()
-	if err != nil {
-		return err
-	}
-	return setControlMessage(fd, &c.packetHandler.rawOpt, cf, on)
-}
-
-// SetDeadline sets the read and write deadlines associated with the
-// endpoint.
-func (c *RawConn) SetDeadline(t time.Time) error {
-	if !c.packetHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.packetHandler.c.SetDeadline(t)
-}
-
-// SetReadDeadline sets the read deadline associated with the
-// endpoint.
-func (c *RawConn) SetReadDeadline(t time.Time) error {
-	if !c.packetHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.packetHandler.c.SetReadDeadline(t)
-}
-
-// SetWriteDeadline sets the write deadline associated with the
-// endpoint.
-func (c *RawConn) SetWriteDeadline(t time.Time) error {
-	if !c.packetHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.packetHandler.c.SetWriteDeadline(t)
-}
-
-// Close closes the endpoint.
-func (c *RawConn) Close() error {
-	if !c.packetHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.packetHandler.c.Close()
-}
-
-// NewRawConn returns a new RawConn using c as its underlying
-// transport.
-func NewRawConn(c net.PacketConn) (*RawConn, error) {
-	r := &RawConn{
-		genericOpt:    genericOpt{Conn: c.(net.Conn)},
-		dgramOpt:      dgramOpt{PacketConn: c},
-		packetHandler: packetHandler{c: c.(*net.IPConn)},
-	}
-	fd, err := r.packetHandler.sysfd()
-	if err != nil {
-		return nil, err
-	}
-	if err := setInt(fd, &sockOpts[ssoHeaderPrepend], boolint(true)); err != nil {
-		return nil, err
-	}
-	return r, nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/example_test.go b/vendor/golang.org/x/net/ipv4/example_test.go
deleted file mode 100644
index 4f5e2f31..00000000
--- a/vendor/golang.org/x/net/ipv4/example_test.go
+++ /dev/null
@@ -1,224 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"fmt"
-	"log"
-	"net"
-	"os"
-	"runtime"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/ipv4"
-)
-
-func ExampleConn_markingTCP() {
-	ln, err := net.Listen("tcp", "0.0.0.0:1024")
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer ln.Close()
-
-	for {
-		c, err := ln.Accept()
-		if err != nil {
-			log.Fatal(err)
-		}
-		go func(c net.Conn) {
-			defer c.Close()
-			if c.RemoteAddr().(*net.TCPAddr).IP.To4() != nil {
-				p := ipv4.NewConn(c)
-				if err := p.SetTOS(0x28); err != nil { // DSCP AF11
-					log.Fatal(err)
-				}
-				if err := p.SetTTL(128); err != nil {
-					log.Fatal(err)
-				}
-			}
-			if _, err := c.Write([]byte("HELLO-R-U-THERE-ACK")); err != nil {
-				log.Fatal(err)
-			}
-		}(c)
-	}
-}
-
-func ExamplePacketConn_servingOneShotMulticastDNS() {
-	c, err := net.ListenPacket("udp4", "0.0.0.0:5353") // mDNS over UDP
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv4.NewPacketConn(c)
-
-	en0, err := net.InterfaceByName("en0")
-	if err != nil {
-		log.Fatal(err)
-	}
-	mDNSLinkLocal := net.UDPAddr{IP: net.IPv4(224, 0, 0, 251)}
-	if err := p.JoinGroup(en0, &mDNSLinkLocal); err != nil {
-		log.Fatal(err)
-	}
-	defer p.LeaveGroup(en0, &mDNSLinkLocal)
-	if err := p.SetControlMessage(ipv4.FlagDst, true); err != nil {
-		log.Fatal(err)
-	}
-
-	b := make([]byte, 1500)
-	for {
-		_, cm, peer, err := p.ReadFrom(b)
-		if err != nil {
-			log.Fatal(err)
-		}
-		if !cm.Dst.IsMulticast() || !cm.Dst.Equal(mDNSLinkLocal.IP) {
-			continue
-		}
-		answers := []byte("FAKE-MDNS-ANSWERS") // fake mDNS answers, you need to implement this
-		if _, err := p.WriteTo(answers, nil, peer); err != nil {
-			log.Fatal(err)
-		}
-	}
-}
-
-func ExamplePacketConn_tracingIPPacketRoute() {
-	// Tracing an IP packet route to www.google.com.
-
-	const host = "www.google.com"
-	ips, err := net.LookupIP(host)
-	if err != nil {
-		log.Fatal(err)
-	}
-	var dst net.IPAddr
-	for _, ip := range ips {
-		if ip.To4() != nil {
-			dst.IP = ip
-			fmt.Printf("using %v for tracing an IP packet route to %s\n", dst.IP, host)
-			break
-		}
-	}
-	if dst.IP == nil {
-		log.Fatal("no A record found")
-	}
-
-	c, err := net.ListenPacket("ip4:1", "0.0.0.0") // ICMP for IPv4
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv4.NewPacketConn(c)
-
-	if err := p.SetControlMessage(ipv4.FlagTTL|ipv4.FlagSrc|ipv4.FlagDst|ipv4.FlagInterface, true); err != nil {
-		log.Fatal(err)
-	}
-	wm := icmp.Message{
-		Type: ipv4.ICMPTypeEcho, Code: 0,
-		Body: &icmp.Echo{
-			ID:   os.Getpid() & 0xffff,
-			Data: []byte("HELLO-R-U-THERE"),
-		},
-	}
-
-	rb := make([]byte, 1500)
-	for i := 1; i <= 64; i++ { // up to 64 hops
-		wm.Body.(*icmp.Echo).Seq = i
-		wb, err := wm.Marshal(nil)
-		if err != nil {
-			log.Fatal(err)
-		}
-		if err := p.SetTTL(i); err != nil {
-			log.Fatal(err)
-		}
-
-		// In the real world usually there are several
-		// multiple traffic-engineered paths for each hop.
-		// You may need to probe a few times to each hop.
-		begin := time.Now()
-		if _, err := p.WriteTo(wb, nil, &dst); err != nil {
-			log.Fatal(err)
-		}
-		if err := p.SetReadDeadline(time.Now().Add(3 * time.Second)); err != nil {
-			log.Fatal(err)
-		}
-		n, cm, peer, err := p.ReadFrom(rb)
-		if err != nil {
-			if err, ok := err.(net.Error); ok && err.Timeout() {
-				fmt.Printf("%v\t*\n", i)
-				continue
-			}
-			log.Fatal(err)
-		}
-		rm, err := icmp.ParseMessage(1, rb[:n])
-		if err != nil {
-			log.Fatal(err)
-		}
-		rtt := time.Since(begin)
-
-		// In the real world you need to determine whether the
-		// received message is yours using ControlMessage.Src,
-		// ControlMessage.Dst, icmp.Echo.ID and icmp.Echo.Seq.
-		switch rm.Type {
-		case ipv4.ICMPTypeTimeExceeded:
-			names, _ := net.LookupAddr(peer.String())
-			fmt.Printf("%d\t%v %+v %v\n\t%+v\n", i, peer, names, rtt, cm)
-		case ipv4.ICMPTypeEchoReply:
-			names, _ := net.LookupAddr(peer.String())
-			fmt.Printf("%d\t%v %+v %v\n\t%+v\n", i, peer, names, rtt, cm)
-			return
-		default:
-			log.Printf("unknown ICMP message: %+v\n", rm)
-		}
-	}
-}
-
-func ExampleRawConn_advertisingOSPFHello() {
-	c, err := net.ListenPacket("ip4:89", "0.0.0.0") // OSPF for IPv4
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-	r, err := ipv4.NewRawConn(c)
-	if err != nil {
-		log.Fatal(err)
-	}
-
-	en0, err := net.InterfaceByName("en0")
-	if err != nil {
-		log.Fatal(err)
-	}
-	allSPFRouters := net.IPAddr{IP: net.IPv4(224, 0, 0, 5)}
-	if err := r.JoinGroup(en0, &allSPFRouters); err != nil {
-		log.Fatal(err)
-	}
-	defer r.LeaveGroup(en0, &allSPFRouters)
-
-	hello := make([]byte, 24) // fake hello data, you need to implement this
-	ospf := make([]byte, 24)  // fake ospf header, you need to implement this
-	ospf[0] = 2               // version 2
-	ospf[1] = 1               // hello packet
-	ospf = append(ospf, hello...)
-	iph := &ipv4.Header{
-		Version:  ipv4.Version,
-		Len:      ipv4.HeaderLen,
-		TOS:      0xc0, // DSCP CS6
-		TotalLen: ipv4.HeaderLen + len(ospf),
-		TTL:      1,
-		Protocol: 89,
-		Dst:      allSPFRouters.IP.To4(),
-	}
-
-	var cm *ipv4.ControlMessage
-	switch runtime.GOOS {
-	case "darwin", "linux":
-		cm = &ipv4.ControlMessage{IfIndex: en0.Index}
-	default:
-		if err := r.SetMulticastInterface(en0); err != nil {
-			log.Fatal(err)
-		}
-	}
-	if err := r.WriteTo(iph, ospf, cm); err != nil {
-		log.Fatal(err)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/gen.go b/vendor/golang.org/x/net/ipv4/gen.go
deleted file mode 100644
index 4785212a..00000000
--- a/vendor/golang.org/x/net/ipv4/gen.go
+++ /dev/null
@@ -1,208 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-//go:generate go run gen.go
-
-// This program generates system adaptation constants and types,
-// internet protocol constants and tables by reading template files
-// and IANA protocol registries.
-package main
-
-import (
-	"bytes"
-	"encoding/xml"
-	"fmt"
-	"go/format"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"os"
-	"os/exec"
-	"runtime"
-	"strconv"
-	"strings"
-)
-
-func main() {
-	if err := genzsys(); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-	if err := geniana(); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-}
-
-func genzsys() error {
-	defs := "defs_" + runtime.GOOS + ".go"
-	f, err := os.Open(defs)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return nil
-		}
-		return err
-	}
-	f.Close()
-	cmd := exec.Command("go", "tool", "cgo", "-godefs", defs)
-	b, err := cmd.Output()
-	if err != nil {
-		return err
-	}
-	// The ipv4 pacakge still supports go1.2, and so we need to
-	// take care of additional platforms in go1.3 and above for
-	// working with go1.2.
-	switch {
-	case runtime.GOOS == "dragonfly" || runtime.GOOS == "solaris":
-		b = bytes.Replace(b, []byte("package ipv4\n"), []byte("// +build "+runtime.GOOS+"\n\npackage ipv4\n"), 1)
-	case runtime.GOOS == "linux" && (runtime.GOARCH == "arm64" || runtime.GOARCH == "mips64" || runtime.GOARCH == "mips64le" || runtime.GOARCH == "ppc64" || runtime.GOARCH == "ppc64le"):
-		b = bytes.Replace(b, []byte("package ipv4\n"), []byte("// +build "+runtime.GOOS+","+runtime.GOARCH+"\n\npackage ipv4\n"), 1)
-	}
-	b, err = format.Source(b)
-	if err != nil {
-		return err
-	}
-	zsys := "zsys_" + runtime.GOOS + ".go"
-	switch runtime.GOOS {
-	case "freebsd", "linux":
-		zsys = "zsys_" + runtime.GOOS + "_" + runtime.GOARCH + ".go"
-	}
-	if err := ioutil.WriteFile(zsys, b, 0644); err != nil {
-		return err
-	}
-	return nil
-}
-
-var registries = []struct {
-	url   string
-	parse func(io.Writer, io.Reader) error
-}{
-	{
-		"http://www.iana.org/assignments/icmp-parameters/icmp-parameters.xml",
-		parseICMPv4Parameters,
-	},
-}
-
-func geniana() error {
-	var bb bytes.Buffer
-	fmt.Fprintf(&bb, "// go generate gen.go\n")
-	fmt.Fprintf(&bb, "// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT\n\n")
-	fmt.Fprintf(&bb, "package ipv4\n\n")
-	for _, r := range registries {
-		resp, err := http.Get(r.url)
-		if err != nil {
-			return err
-		}
-		defer resp.Body.Close()
-		if resp.StatusCode != http.StatusOK {
-			return fmt.Errorf("got HTTP status code %v for %v\n", resp.StatusCode, r.url)
-		}
-		if err := r.parse(&bb, resp.Body); err != nil {
-			return err
-		}
-		fmt.Fprintf(&bb, "\n")
-	}
-	b, err := format.Source(bb.Bytes())
-	if err != nil {
-		return err
-	}
-	if err := ioutil.WriteFile("iana.go", b, 0644); err != nil {
-		return err
-	}
-	return nil
-}
-
-func parseICMPv4Parameters(w io.Writer, r io.Reader) error {
-	dec := xml.NewDecoder(r)
-	var icp icmpv4Parameters
-	if err := dec.Decode(&icp); err != nil {
-		return err
-	}
-	prs := icp.escape()
-	fmt.Fprintf(w, "// %s, Updated: %s\n", icp.Title, icp.Updated)
-	fmt.Fprintf(w, "const (\n")
-	for _, pr := range prs {
-		if pr.Descr == "" {
-			continue
-		}
-		fmt.Fprintf(w, "ICMPType%s ICMPType = %d", pr.Descr, pr.Value)
-		fmt.Fprintf(w, "// %s\n", pr.OrigDescr)
-	}
-	fmt.Fprintf(w, ")\n\n")
-	fmt.Fprintf(w, "// %s, Updated: %s\n", icp.Title, icp.Updated)
-	fmt.Fprintf(w, "var icmpTypes = map[ICMPType]string{\n")
-	for _, pr := range prs {
-		if pr.Descr == "" {
-			continue
-		}
-		fmt.Fprintf(w, "%d: %q,\n", pr.Value, strings.ToLower(pr.OrigDescr))
-	}
-	fmt.Fprintf(w, "}\n")
-	return nil
-}
-
-type icmpv4Parameters struct {
-	XMLName    xml.Name `xml:"registry"`
-	Title      string   `xml:"title"`
-	Updated    string   `xml:"updated"`
-	Registries []struct {
-		Title   string `xml:"title"`
-		Records []struct {
-			Value string `xml:"value"`
-			Descr string `xml:"description"`
-		} `xml:"record"`
-	} `xml:"registry"`
-}
-
-type canonICMPv4ParamRecord struct {
-	OrigDescr string
-	Descr     string
-	Value     int
-}
-
-func (icp *icmpv4Parameters) escape() []canonICMPv4ParamRecord {
-	id := -1
-	for i, r := range icp.Registries {
-		if strings.Contains(r.Title, "Type") || strings.Contains(r.Title, "type") {
-			id = i
-			break
-		}
-	}
-	if id < 0 {
-		return nil
-	}
-	prs := make([]canonICMPv4ParamRecord, len(icp.Registries[id].Records))
-	sr := strings.NewReplacer(
-		"Messages", "",
-		"Message", "",
-		"ICMP", "",
-		"+", "P",
-		"-", "",
-		"/", "",
-		".", "",
-		" ", "",
-	)
-	for i, pr := range icp.Registries[id].Records {
-		if strings.Contains(pr.Descr, "Reserved") ||
-			strings.Contains(pr.Descr, "Unassigned") ||
-			strings.Contains(pr.Descr, "Deprecated") ||
-			strings.Contains(pr.Descr, "Experiment") ||
-			strings.Contains(pr.Descr, "experiment") {
-			continue
-		}
-		ss := strings.Split(pr.Descr, "\n")
-		if len(ss) > 1 {
-			prs[i].Descr = strings.Join(ss, " ")
-		} else {
-			prs[i].Descr = ss[0]
-		}
-		s := strings.TrimSpace(prs[i].Descr)
-		prs[i].OrigDescr = s
-		prs[i].Descr = sr.Replace(s)
-		prs[i].Value, _ = strconv.Atoi(pr.Value)
-	}
-	return prs
-}
diff --git a/vendor/golang.org/x/net/ipv4/genericopt_posix.go b/vendor/golang.org/x/net/ipv4/genericopt_posix.go
deleted file mode 100644
index fefa0be3..00000000
--- a/vendor/golang.org/x/net/ipv4/genericopt_posix.go
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd windows
-
-package ipv4
-
-import "syscall"
-
-// TOS returns the type-of-service field value for outgoing packets.
-func (c *genericOpt) TOS() (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	return getInt(fd, &sockOpts[ssoTOS])
-}
-
-// SetTOS sets the type-of-service field value for future outgoing
-// packets.
-func (c *genericOpt) SetTOS(tos int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoTOS], tos)
-}
-
-// TTL returns the time-to-live field value for outgoing packets.
-func (c *genericOpt) TTL() (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	return getInt(fd, &sockOpts[ssoTTL])
-}
-
-// SetTTL sets the time-to-live field value for future outgoing
-// packets.
-func (c *genericOpt) SetTTL(ttl int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoTTL], ttl)
-}
diff --git a/vendor/golang.org/x/net/ipv4/genericopt_stub.go b/vendor/golang.org/x/net/ipv4/genericopt_stub.go
deleted file mode 100644
index 1817badb..00000000
--- a/vendor/golang.org/x/net/ipv4/genericopt_stub.go
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv4
-
-// TOS returns the type-of-service field value for outgoing packets.
-func (c *genericOpt) TOS() (int, error) {
-	return 0, errOpNoSupport
-}
-
-// SetTOS sets the type-of-service field value for future outgoing
-// packets.
-func (c *genericOpt) SetTOS(tos int) error {
-	return errOpNoSupport
-}
-
-// TTL returns the time-to-live field value for outgoing packets.
-func (c *genericOpt) TTL() (int, error) {
-	return 0, errOpNoSupport
-}
-
-// SetTTL sets the time-to-live field value for future outgoing
-// packets.
-func (c *genericOpt) SetTTL(ttl int) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/header.go b/vendor/golang.org/x/net/ipv4/header.go
deleted file mode 100644
index 363d9c21..00000000
--- a/vendor/golang.org/x/net/ipv4/header.go
+++ /dev/null
@@ -1,132 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"encoding/binary"
-	"fmt"
-	"net"
-	"runtime"
-	"syscall"
-)
-
-const (
-	Version      = 4  // protocol version
-	HeaderLen    = 20 // header length without extension headers
-	maxHeaderLen = 60 // sensible default, revisit if later RFCs define new usage of version and header length fields
-)
-
-type HeaderFlags int
-
-const (
-	MoreFragments HeaderFlags = 1 << iota // more fragments flag
-	DontFragment                          // don't fragment flag
-)
-
-// A Header represents an IPv4 header.
-type Header struct {
-	Version  int         // protocol version
-	Len      int         // header length
-	TOS      int         // type-of-service
-	TotalLen int         // packet total length
-	ID       int         // identification
-	Flags    HeaderFlags // flags
-	FragOff  int         // fragment offset
-	TTL      int         // time-to-live
-	Protocol int         // next protocol
-	Checksum int         // checksum
-	Src      net.IP      // source address
-	Dst      net.IP      // destination address
-	Options  []byte      // options, extension headers
-}
-
-func (h *Header) String() string {
-	if h == nil {
-		return ""
-	}
-	return fmt.Sprintf("ver=%d hdrlen=%d tos=%#x totallen=%d id=%#x flags=%#x fragoff=%#x ttl=%d proto=%d cksum=%#x src=%v dst=%v", h.Version, h.Len, h.TOS, h.TotalLen, h.ID, h.Flags, h.FragOff, h.TTL, h.Protocol, h.Checksum, h.Src, h.Dst)
-}
-
-// Marshal returns the binary encoding of the IPv4 header h.
-func (h *Header) Marshal() ([]byte, error) {
-	if h == nil {
-		return nil, syscall.EINVAL
-	}
-	if h.Len < HeaderLen {
-		return nil, errHeaderTooShort
-	}
-	hdrlen := HeaderLen + len(h.Options)
-	b := make([]byte, hdrlen)
-	b[0] = byte(Version<<4 | (hdrlen >> 2 & 0x0f))
-	b[1] = byte(h.TOS)
-	flagsAndFragOff := (h.FragOff & 0x1fff) | int(h.Flags<<13)
-	switch runtime.GOOS {
-	case "darwin", "dragonfly", "freebsd", "netbsd":
-		nativeEndian.PutUint16(b[2:4], uint16(h.TotalLen))
-		nativeEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
-	default:
-		binary.BigEndian.PutUint16(b[2:4], uint16(h.TotalLen))
-		binary.BigEndian.PutUint16(b[6:8], uint16(flagsAndFragOff))
-	}
-	binary.BigEndian.PutUint16(b[4:6], uint16(h.ID))
-	b[8] = byte(h.TTL)
-	b[9] = byte(h.Protocol)
-	binary.BigEndian.PutUint16(b[10:12], uint16(h.Checksum))
-	if ip := h.Src.To4(); ip != nil {
-		copy(b[12:16], ip[:net.IPv4len])
-	}
-	if ip := h.Dst.To4(); ip != nil {
-		copy(b[16:20], ip[:net.IPv4len])
-	} else {
-		return nil, errMissingAddress
-	}
-	if len(h.Options) > 0 {
-		copy(b[HeaderLen:], h.Options)
-	}
-	return b, nil
-}
-
-// ParseHeader parses b as an IPv4 header.
-func ParseHeader(b []byte) (*Header, error) {
-	if len(b) < HeaderLen {
-		return nil, errHeaderTooShort
-	}
-	hdrlen := int(b[0]&0x0f) << 2
-	if hdrlen > len(b) {
-		return nil, errBufferTooShort
-	}
-	h := &Header{
-		Version:  int(b[0] >> 4),
-		Len:      hdrlen,
-		TOS:      int(b[1]),
-		ID:       int(binary.BigEndian.Uint16(b[4:6])),
-		TTL:      int(b[8]),
-		Protocol: int(b[9]),
-		Checksum: int(binary.BigEndian.Uint16(b[10:12])),
-		Src:      net.IPv4(b[12], b[13], b[14], b[15]),
-		Dst:      net.IPv4(b[16], b[17], b[18], b[19]),
-	}
-	switch runtime.GOOS {
-	case "darwin", "dragonfly", "netbsd":
-		h.TotalLen = int(nativeEndian.Uint16(b[2:4])) + hdrlen
-		h.FragOff = int(nativeEndian.Uint16(b[6:8]))
-	case "freebsd":
-		h.TotalLen = int(nativeEndian.Uint16(b[2:4]))
-		if freebsdVersion < 1000000 {
-			h.TotalLen += hdrlen
-		}
-		h.FragOff = int(nativeEndian.Uint16(b[6:8]))
-	default:
-		h.TotalLen = int(binary.BigEndian.Uint16(b[2:4]))
-		h.FragOff = int(binary.BigEndian.Uint16(b[6:8]))
-	}
-	h.Flags = HeaderFlags(h.FragOff&0xe000) >> 13
-	h.FragOff = h.FragOff & 0x1fff
-	if hdrlen-HeaderLen > 0 {
-		h.Options = make([]byte, hdrlen-HeaderLen)
-		copy(h.Options, b[HeaderLen:])
-	}
-	return h, nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/header_test.go b/vendor/golang.org/x/net/ipv4/header_test.go
deleted file mode 100644
index ac89358c..00000000
--- a/vendor/golang.org/x/net/ipv4/header_test.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"bytes"
-	"net"
-	"reflect"
-	"runtime"
-	"strings"
-	"testing"
-)
-
-var (
-	wireHeaderFromKernel = [HeaderLen]byte{
-		0x45, 0x01, 0xbe, 0xef,
-		0xca, 0xfe, 0x45, 0xdc,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	wireHeaderToKernel = [HeaderLen]byte{
-		0x45, 0x01, 0xbe, 0xef,
-		0xca, 0xfe, 0x45, 0xdc,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	wireHeaderFromTradBSDKernel = [HeaderLen]byte{
-		0x45, 0x01, 0xdb, 0xbe,
-		0xca, 0xfe, 0xdc, 0x45,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	wireHeaderFromFreeBSD10Kernel = [HeaderLen]byte{
-		0x45, 0x01, 0xef, 0xbe,
-		0xca, 0xfe, 0xdc, 0x45,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	wireHeaderToTradBSDKernel = [HeaderLen]byte{
-		0x45, 0x01, 0xef, 0xbe,
-		0xca, 0xfe, 0xdc, 0x45,
-		0xff, 0x01, 0xde, 0xad,
-		172, 16, 254, 254,
-		192, 168, 0, 1,
-	}
-	// TODO(mikio): Add platform dependent wire header formats when
-	// we support new platforms.
-
-	testHeader = &Header{
-		Version:  Version,
-		Len:      HeaderLen,
-		TOS:      1,
-		TotalLen: 0xbeef,
-		ID:       0xcafe,
-		Flags:    DontFragment,
-		FragOff:  1500,
-		TTL:      255,
-		Protocol: 1,
-		Checksum: 0xdead,
-		Src:      net.IPv4(172, 16, 254, 254),
-		Dst:      net.IPv4(192, 168, 0, 1),
-	}
-)
-
-func TestMarshalHeader(t *testing.T) {
-	b, err := testHeader.Marshal()
-	if err != nil {
-		t.Fatal(err)
-	}
-	var wh []byte
-	switch runtime.GOOS {
-	case "darwin", "dragonfly", "netbsd":
-		wh = wireHeaderToTradBSDKernel[:]
-	case "freebsd":
-		if freebsdVersion < 1000000 {
-			wh = wireHeaderToTradBSDKernel[:]
-		} else {
-			wh = wireHeaderFromFreeBSD10Kernel[:]
-		}
-	default:
-		wh = wireHeaderToKernel[:]
-	}
-	if !bytes.Equal(b, wh) {
-		t.Fatalf("got %#v; want %#v", b, wh)
-	}
-}
-
-func TestParseHeader(t *testing.T) {
-	var wh []byte
-	switch runtime.GOOS {
-	case "darwin", "dragonfly", "netbsd":
-		wh = wireHeaderFromTradBSDKernel[:]
-	case "freebsd":
-		if freebsdVersion < 1000000 {
-			wh = wireHeaderFromTradBSDKernel[:]
-		} else {
-			wh = wireHeaderFromFreeBSD10Kernel[:]
-		}
-	default:
-		wh = wireHeaderFromKernel[:]
-	}
-	h, err := ParseHeader(wh)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if !reflect.DeepEqual(h, testHeader) {
-		t.Fatalf("got %#v; want %#v", h, testHeader)
-	}
-	s := h.String()
-	if strings.Contains(s, ",") {
-		t.Fatalf("should be space-separated values: %s", s)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/helper.go b/vendor/golang.org/x/net/ipv4/helper.go
deleted file mode 100644
index acecfd0d..00000000
--- a/vendor/golang.org/x/net/ipv4/helper.go
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"encoding/binary"
-	"errors"
-	"net"
-	"unsafe"
-)
-
-var (
-	errMissingAddress           = errors.New("missing address")
-	errMissingHeader            = errors.New("missing header")
-	errHeaderTooShort           = errors.New("header too short")
-	errBufferTooShort           = errors.New("buffer too short")
-	errInvalidConnType          = errors.New("invalid conn type")
-	errOpNoSupport              = errors.New("operation not supported")
-	errNoSuchInterface          = errors.New("no such interface")
-	errNoSuchMulticastInterface = errors.New("no such multicast interface")
-
-	// See http://www.freebsd.org/doc/en/books/porters-handbook/freebsd-versions.html.
-	freebsdVersion uint32
-
-	nativeEndian binary.ByteOrder
-)
-
-func init() {
-	i := uint32(1)
-	b := (*[4]byte)(unsafe.Pointer(&i))
-	if b[0] == 1 {
-		nativeEndian = binary.LittleEndian
-	} else {
-		nativeEndian = binary.BigEndian
-	}
-}
-
-func boolint(b bool) int {
-	if b {
-		return 1
-	}
-	return 0
-}
-
-func netAddrToIP4(a net.Addr) net.IP {
-	switch v := a.(type) {
-	case *net.UDPAddr:
-		if ip := v.IP.To4(); ip != nil {
-			return ip
-		}
-	case *net.IPAddr:
-		if ip := v.IP.To4(); ip != nil {
-			return ip
-		}
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/helper_stub.go b/vendor/golang.org/x/net/ipv4/helper_stub.go
deleted file mode 100644
index dc2120cf..00000000
--- a/vendor/golang.org/x/net/ipv4/helper_stub.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv4
-
-func (c *genericOpt) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
-
-func (c *dgramOpt) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
-
-func (c *payloadHandler) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
-
-func (c *packetHandler) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/helper_unix.go b/vendor/golang.org/x/net/ipv4/helper_unix.go
deleted file mode 100644
index 345ca7dc..00000000
--- a/vendor/golang.org/x/net/ipv4/helper_unix.go
+++ /dev/null
@@ -1,50 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv4
-
-import (
-	"net"
-	"reflect"
-)
-
-func (c *genericOpt) sysfd() (int, error) {
-	switch p := c.Conn.(type) {
-	case *net.TCPConn, *net.UDPConn, *net.IPConn:
-		return sysfd(p)
-	}
-	return 0, errInvalidConnType
-}
-
-func (c *dgramOpt) sysfd() (int, error) {
-	switch p := c.PacketConn.(type) {
-	case *net.UDPConn, *net.IPConn:
-		return sysfd(p.(net.Conn))
-	}
-	return 0, errInvalidConnType
-}
-
-func (c *payloadHandler) sysfd() (int, error) {
-	return sysfd(c.PacketConn.(net.Conn))
-}
-
-func (c *packetHandler) sysfd() (int, error) {
-	return sysfd(c.c)
-}
-
-func sysfd(c net.Conn) (int, error) {
-	cv := reflect.ValueOf(c)
-	switch ce := cv.Elem(); ce.Kind() {
-	case reflect.Struct:
-		netfd := ce.FieldByName("conn").FieldByName("fd")
-		switch fe := netfd.Elem(); fe.Kind() {
-		case reflect.Struct:
-			fd := fe.FieldByName("sysfd")
-			return int(fd.Int()), nil
-		}
-	}
-	return 0, errInvalidConnType
-}
diff --git a/vendor/golang.org/x/net/ipv4/helper_windows.go b/vendor/golang.org/x/net/ipv4/helper_windows.go
deleted file mode 100644
index 322b2a5e..00000000
--- a/vendor/golang.org/x/net/ipv4/helper_windows.go
+++ /dev/null
@@ -1,49 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"reflect"
-	"syscall"
-)
-
-func (c *genericOpt) sysfd() (syscall.Handle, error) {
-	switch p := c.Conn.(type) {
-	case *net.TCPConn, *net.UDPConn, *net.IPConn:
-		return sysfd(p)
-	}
-	return syscall.InvalidHandle, errInvalidConnType
-}
-
-func (c *dgramOpt) sysfd() (syscall.Handle, error) {
-	switch p := c.PacketConn.(type) {
-	case *net.UDPConn, *net.IPConn:
-		return sysfd(p.(net.Conn))
-	}
-	return syscall.InvalidHandle, errInvalidConnType
-}
-
-func (c *payloadHandler) sysfd() (syscall.Handle, error) {
-	return sysfd(c.PacketConn.(net.Conn))
-}
-
-func (c *packetHandler) sysfd() (syscall.Handle, error) {
-	return sysfd(c.c)
-}
-
-func sysfd(c net.Conn) (syscall.Handle, error) {
-	cv := reflect.ValueOf(c)
-	switch ce := cv.Elem(); ce.Kind() {
-	case reflect.Struct:
-		netfd := ce.FieldByName("conn").FieldByName("fd")
-		switch fe := netfd.Elem(); fe.Kind() {
-		case reflect.Struct:
-			fd := fe.FieldByName("sysfd")
-			return syscall.Handle(fd.Uint()), nil
-		}
-	}
-	return syscall.InvalidHandle, errInvalidConnType
-}
diff --git a/vendor/golang.org/x/net/ipv4/iana.go b/vendor/golang.org/x/net/ipv4/iana.go
deleted file mode 100644
index be10c948..00000000
--- a/vendor/golang.org/x/net/ipv4/iana.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// go generate gen.go
-// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT
-
-package ipv4
-
-// Internet Control Message Protocol (ICMP) Parameters, Updated: 2013-04-19
-const (
-	ICMPTypeEchoReply              ICMPType = 0  // Echo Reply
-	ICMPTypeDestinationUnreachable ICMPType = 3  // Destination Unreachable
-	ICMPTypeRedirect               ICMPType = 5  // Redirect
-	ICMPTypeEcho                   ICMPType = 8  // Echo
-	ICMPTypeRouterAdvertisement    ICMPType = 9  // Router Advertisement
-	ICMPTypeRouterSolicitation     ICMPType = 10 // Router Solicitation
-	ICMPTypeTimeExceeded           ICMPType = 11 // Time Exceeded
-	ICMPTypeParameterProblem       ICMPType = 12 // Parameter Problem
-	ICMPTypeTimestamp              ICMPType = 13 // Timestamp
-	ICMPTypeTimestampReply         ICMPType = 14 // Timestamp Reply
-	ICMPTypePhoturis               ICMPType = 40 // Photuris
-)
-
-// Internet Control Message Protocol (ICMP) Parameters, Updated: 2013-04-19
-var icmpTypes = map[ICMPType]string{
-	0:  "echo reply",
-	3:  "destination unreachable",
-	5:  "redirect",
-	8:  "echo",
-	9:  "router advertisement",
-	10: "router solicitation",
-	11: "time exceeded",
-	12: "parameter problem",
-	13: "timestamp",
-	14: "timestamp reply",
-	40: "photuris",
-}
diff --git a/vendor/golang.org/x/net/ipv4/icmp.go b/vendor/golang.org/x/net/ipv4/icmp.go
deleted file mode 100644
index dbd05cff..00000000
--- a/vendor/golang.org/x/net/ipv4/icmp.go
+++ /dev/null
@@ -1,57 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import "golang.org/x/net/internal/iana"
-
-// An ICMPType represents a type of ICMP message.
-type ICMPType int
-
-func (typ ICMPType) String() string {
-	s, ok := icmpTypes[typ]
-	if !ok {
-		return ""
-	}
-	return s
-}
-
-// Protocol returns the ICMPv4 protocol number.
-func (typ ICMPType) Protocol() int {
-	return iana.ProtocolICMP
-}
-
-// An ICMPFilter represents an ICMP message filter for incoming
-// packets. The filter belongs to a packet delivery path on a host and
-// it cannot interact with forwarding packets or tunnel-outer packets.
-//
-// Note: RFC 2460 defines a reasonable role model and it works not
-// only for IPv6 but IPv4. A node means a device that implements IP.
-// A router means a node that forwards IP packets not explicitly
-// addressed to itself, and a host means a node that is not a router.
-type ICMPFilter struct {
-	sysICMPFilter
-}
-
-// Accept accepts incoming ICMP packets including the type field value
-// typ.
-func (f *ICMPFilter) Accept(typ ICMPType) {
-	f.accept(typ)
-}
-
-// Block blocks incoming ICMP packets including the type field value
-// typ.
-func (f *ICMPFilter) Block(typ ICMPType) {
-	f.block(typ)
-}
-
-// SetAll sets the filter action to the filter.
-func (f *ICMPFilter) SetAll(block bool) {
-	f.setAll(block)
-}
-
-// WillBlock reports whether the ICMP type will be blocked.
-func (f *ICMPFilter) WillBlock(typ ICMPType) bool {
-	return f.willBlock(typ)
-}
diff --git a/vendor/golang.org/x/net/ipv4/icmp_linux.go b/vendor/golang.org/x/net/ipv4/icmp_linux.go
deleted file mode 100644
index c9122533..00000000
--- a/vendor/golang.org/x/net/ipv4/icmp_linux.go
+++ /dev/null
@@ -1,25 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-func (f *sysICMPFilter) accept(typ ICMPType) {
-	f.Data &^= 1 << (uint32(typ) & 31)
-}
-
-func (f *sysICMPFilter) block(typ ICMPType) {
-	f.Data |= 1 << (uint32(typ) & 31)
-}
-
-func (f *sysICMPFilter) setAll(block bool) {
-	if block {
-		f.Data = 1<<32 - 1
-	} else {
-		f.Data = 0
-	}
-}
-
-func (f *sysICMPFilter) willBlock(typ ICMPType) bool {
-	return f.Data&(1<<(uint32(typ)&31)) != 0
-}
diff --git a/vendor/golang.org/x/net/ipv4/icmp_stub.go b/vendor/golang.org/x/net/ipv4/icmp_stub.go
deleted file mode 100644
index 9ee9b6a3..00000000
--- a/vendor/golang.org/x/net/ipv4/icmp_stub.go
+++ /dev/null
@@ -1,25 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !linux
-
-package ipv4
-
-const sysSizeofICMPFilter = 0x0
-
-type sysICMPFilter struct {
-}
-
-func (f *sysICMPFilter) accept(typ ICMPType) {
-}
-
-func (f *sysICMPFilter) block(typ ICMPType) {
-}
-
-func (f *sysICMPFilter) setAll(block bool) {
-}
-
-func (f *sysICMPFilter) willBlock(typ ICMPType) bool {
-	return false
-}
diff --git a/vendor/golang.org/x/net/ipv4/icmp_test.go b/vendor/golang.org/x/net/ipv4/icmp_test.go
deleted file mode 100644
index 3324b54d..00000000
--- a/vendor/golang.org/x/net/ipv4/icmp_test.go
+++ /dev/null
@@ -1,95 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"net"
-	"reflect"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-var icmpStringTests = []struct {
-	in  ipv4.ICMPType
-	out string
-}{
-	{ipv4.ICMPTypeDestinationUnreachable, "destination unreachable"},
-
-	{256, ""},
-}
-
-func TestICMPString(t *testing.T) {
-	for _, tt := range icmpStringTests {
-		s := tt.in.String()
-		if s != tt.out {
-			t.Errorf("got %s; want %s", s, tt.out)
-		}
-	}
-}
-
-func TestICMPFilter(t *testing.T) {
-	switch runtime.GOOS {
-	case "linux":
-	default:
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-
-	var f ipv4.ICMPFilter
-	for _, toggle := range []bool{false, true} {
-		f.SetAll(toggle)
-		for _, typ := range []ipv4.ICMPType{
-			ipv4.ICMPTypeDestinationUnreachable,
-			ipv4.ICMPTypeEchoReply,
-			ipv4.ICMPTypeTimeExceeded,
-			ipv4.ICMPTypeParameterProblem,
-		} {
-			f.Accept(typ)
-			if f.WillBlock(typ) {
-				t.Errorf("ipv4.ICMPFilter.Set(%v, false) failed", typ)
-			}
-			f.Block(typ)
-			if !f.WillBlock(typ) {
-				t.Errorf("ipv4.ICMPFilter.Set(%v, true) failed", typ)
-			}
-		}
-	}
-}
-
-func TestSetICMPFilter(t *testing.T) {
-	switch runtime.GOOS {
-	case "linux":
-	default:
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	c, err := net.ListenPacket("ip4:icmp", "127.0.0.1")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	p := ipv4.NewPacketConn(c)
-
-	var f ipv4.ICMPFilter
-	f.SetAll(true)
-	f.Accept(ipv4.ICMPTypeEcho)
-	f.Accept(ipv4.ICMPTypeEchoReply)
-	if err := p.SetICMPFilter(&f); err != nil {
-		t.Fatal(err)
-	}
-	kf, err := p.ICMPFilter()
-	if err != nil {
-		t.Fatal(err)
-	}
-	if !reflect.DeepEqual(kf, &f) {
-		t.Fatalf("got %#v; want %#v", kf, f)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/mocktransponder_test.go b/vendor/golang.org/x/net/ipv4/mocktransponder_test.go
deleted file mode 100644
index e55aaee9..00000000
--- a/vendor/golang.org/x/net/ipv4/mocktransponder_test.go
+++ /dev/null
@@ -1,21 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"net"
-	"testing"
-)
-
-func acceptor(t *testing.T, ln net.Listener, done chan<- bool) {
-	defer func() { done <- true }()
-
-	c, err := ln.Accept()
-	if err != nil {
-		t.Error(err)
-		return
-	}
-	c.Close()
-}
diff --git a/vendor/golang.org/x/net/ipv4/multicast_test.go b/vendor/golang.org/x/net/ipv4/multicast_test.go
deleted file mode 100644
index d2bcf853..00000000
--- a/vendor/golang.org/x/net/ipv4/multicast_test.go
+++ /dev/null
@@ -1,330 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"bytes"
-	"net"
-	"os"
-	"runtime"
-	"testing"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-var packetConnReadWriteMulticastUDPTests = []struct {
-	addr     string
-	grp, src *net.UDPAddr
-}{
-	{"224.0.0.0:0", &net.UDPAddr{IP: net.IPv4(224, 0, 0, 254)}, nil}, // see RFC 4727
-
-	{"232.0.1.0:0", &net.UDPAddr{IP: net.IPv4(232, 0, 1, 254)}, &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1)}}, // see RFC 5771
-}
-
-func TestPacketConnReadWriteMulticastUDP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	for _, tt := range packetConnReadWriteMulticastUDPTests {
-		c, err := net.ListenPacket("udp4", tt.addr)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		grp := *tt.grp
-		grp.Port = c.LocalAddr().(*net.UDPAddr).Port
-		p := ipv4.NewPacketConn(c)
-		defer p.Close()
-		if tt.src == nil {
-			if err := p.JoinGroup(ifi, &grp); err != nil {
-				t.Fatal(err)
-			}
-			defer p.LeaveGroup(ifi, &grp)
-		} else {
-			if err := p.JoinSourceSpecificGroup(ifi, &grp, tt.src); err != nil {
-				switch runtime.GOOS {
-				case "freebsd", "linux":
-				default: // platforms that don't support IGMPv2/3 fail here
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			defer p.LeaveSourceSpecificGroup(ifi, &grp, tt.src)
-		}
-		if err := p.SetMulticastInterface(ifi); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastInterface(); err != nil {
-			t.Fatal(err)
-		}
-		if err := p.SetMulticastLoopback(true); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastLoopback(); err != nil {
-			t.Fatal(err)
-		}
-		cf := ipv4.FlagTTL | ipv4.FlagDst | ipv4.FlagInterface
-		wb := []byte("HELLO-R-U-THERE")
-
-		for i, toggle := range []bool{true, false, true} {
-			if err := p.SetControlMessage(cf, toggle); err != nil {
-				if nettest.ProtocolNotSupported(err) {
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			if err := p.SetDeadline(time.Now().Add(200 * time.Millisecond)); err != nil {
-				t.Fatal(err)
-			}
-			p.SetMulticastTTL(i + 1)
-			if n, err := p.WriteTo(wb, nil, &grp); err != nil {
-				t.Fatal(err)
-			} else if n != len(wb) {
-				t.Fatalf("got %v; want %v", n, len(wb))
-			}
-			rb := make([]byte, 128)
-			if n, _, _, err := p.ReadFrom(rb); err != nil {
-				t.Fatal(err)
-			} else if !bytes.Equal(rb[:n], wb) {
-				t.Fatalf("got %v; want %v", rb[:n], wb)
-			}
-		}
-	}
-}
-
-var packetConnReadWriteMulticastICMPTests = []struct {
-	grp, src *net.IPAddr
-}{
-	{&net.IPAddr{IP: net.IPv4(224, 0, 0, 254)}, nil}, // see RFC 4727
-
-	{&net.IPAddr{IP: net.IPv4(232, 0, 1, 254)}, &net.IPAddr{IP: net.IPv4(127, 0, 0, 1)}}, // see RFC 5771
-}
-
-func TestPacketConnReadWriteMulticastICMP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	for _, tt := range packetConnReadWriteMulticastICMPTests {
-		c, err := net.ListenPacket("ip4:icmp", "0.0.0.0")
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		p := ipv4.NewPacketConn(c)
-		defer p.Close()
-		if tt.src == nil {
-			if err := p.JoinGroup(ifi, tt.grp); err != nil {
-				t.Fatal(err)
-			}
-			defer p.LeaveGroup(ifi, tt.grp)
-		} else {
-			if err := p.JoinSourceSpecificGroup(ifi, tt.grp, tt.src); err != nil {
-				switch runtime.GOOS {
-				case "freebsd", "linux":
-				default: // platforms that don't support IGMPv2/3 fail here
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			defer p.LeaveSourceSpecificGroup(ifi, tt.grp, tt.src)
-		}
-		if err := p.SetMulticastInterface(ifi); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastInterface(); err != nil {
-			t.Fatal(err)
-		}
-		if err := p.SetMulticastLoopback(true); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastLoopback(); err != nil {
-			t.Fatal(err)
-		}
-		cf := ipv4.FlagTTL | ipv4.FlagDst | ipv4.FlagInterface
-
-		for i, toggle := range []bool{true, false, true} {
-			wb, err := (&icmp.Message{
-				Type: ipv4.ICMPTypeEcho, Code: 0,
-				Body: &icmp.Echo{
-					ID: os.Getpid() & 0xffff, Seq: i + 1,
-					Data: []byte("HELLO-R-U-THERE"),
-				},
-			}).Marshal(nil)
-			if err != nil {
-				t.Fatal(err)
-			}
-			if err := p.SetControlMessage(cf, toggle); err != nil {
-				if nettest.ProtocolNotSupported(err) {
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			if err := p.SetDeadline(time.Now().Add(200 * time.Millisecond)); err != nil {
-				t.Fatal(err)
-			}
-			p.SetMulticastTTL(i + 1)
-			if n, err := p.WriteTo(wb, nil, tt.grp); err != nil {
-				t.Fatal(err)
-			} else if n != len(wb) {
-				t.Fatalf("got %v; want %v", n, len(wb))
-			}
-			rb := make([]byte, 128)
-			if n, _, _, err := p.ReadFrom(rb); err != nil {
-				t.Fatal(err)
-			} else {
-				m, err := icmp.ParseMessage(iana.ProtocolICMP, rb[:n])
-				if err != nil {
-					t.Fatal(err)
-				}
-				switch {
-				case m.Type == ipv4.ICMPTypeEchoReply && m.Code == 0: // net.inet.icmp.bmcastecho=1
-				case m.Type == ipv4.ICMPTypeEcho && m.Code == 0: // net.inet.icmp.bmcastecho=0
-				default:
-					t.Fatalf("got type=%v, code=%v; want type=%v, code=%v", m.Type, m.Code, ipv4.ICMPTypeEchoReply, 0)
-				}
-			}
-		}
-	}
-}
-
-var rawConnReadWriteMulticastICMPTests = []struct {
-	grp, src *net.IPAddr
-}{
-	{&net.IPAddr{IP: net.IPv4(224, 0, 0, 254)}, nil}, // see RFC 4727
-
-	{&net.IPAddr{IP: net.IPv4(232, 0, 1, 254)}, &net.IPAddr{IP: net.IPv4(127, 0, 0, 1)}}, // see RFC 5771
-}
-
-func TestRawConnReadWriteMulticastICMP(t *testing.T) {
-	if testing.Short() {
-		t.Skip("to avoid external network")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	for _, tt := range rawConnReadWriteMulticastICMPTests {
-		c, err := net.ListenPacket("ip4:icmp", "0.0.0.0")
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		r, err := ipv4.NewRawConn(c)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer r.Close()
-		if tt.src == nil {
-			if err := r.JoinGroup(ifi, tt.grp); err != nil {
-				t.Fatal(err)
-			}
-			defer r.LeaveGroup(ifi, tt.grp)
-		} else {
-			if err := r.JoinSourceSpecificGroup(ifi, tt.grp, tt.src); err != nil {
-				switch runtime.GOOS {
-				case "freebsd", "linux":
-				default: // platforms that don't support IGMPv2/3 fail here
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			defer r.LeaveSourceSpecificGroup(ifi, tt.grp, tt.src)
-		}
-		if err := r.SetMulticastInterface(ifi); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := r.MulticastInterface(); err != nil {
-			t.Fatal(err)
-		}
-		if err := r.SetMulticastLoopback(true); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := r.MulticastLoopback(); err != nil {
-			t.Fatal(err)
-		}
-		cf := ipv4.FlagTTL | ipv4.FlagDst | ipv4.FlagInterface
-
-		for i, toggle := range []bool{true, false, true} {
-			wb, err := (&icmp.Message{
-				Type: ipv4.ICMPTypeEcho, Code: 0,
-				Body: &icmp.Echo{
-					ID: os.Getpid() & 0xffff, Seq: i + 1,
-					Data: []byte("HELLO-R-U-THERE"),
-				},
-			}).Marshal(nil)
-			if err != nil {
-				t.Fatal(err)
-			}
-			wh := &ipv4.Header{
-				Version:  ipv4.Version,
-				Len:      ipv4.HeaderLen,
-				TOS:      i + 1,
-				TotalLen: ipv4.HeaderLen + len(wb),
-				Protocol: 1,
-				Dst:      tt.grp.IP,
-			}
-			if err := r.SetControlMessage(cf, toggle); err != nil {
-				if nettest.ProtocolNotSupported(err) {
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			if err := r.SetDeadline(time.Now().Add(200 * time.Millisecond)); err != nil {
-				t.Fatal(err)
-			}
-			r.SetMulticastTTL(i + 1)
-			if err := r.WriteTo(wh, wb, nil); err != nil {
-				t.Fatal(err)
-			}
-			rb := make([]byte, ipv4.HeaderLen+128)
-			if rh, b, _, err := r.ReadFrom(rb); err != nil {
-				t.Fatal(err)
-			} else {
-				m, err := icmp.ParseMessage(iana.ProtocolICMP, b)
-				if err != nil {
-					t.Fatal(err)
-				}
-				switch {
-				case (rh.Dst.IsLoopback() || rh.Dst.IsLinkLocalUnicast() || rh.Dst.IsGlobalUnicast()) && m.Type == ipv4.ICMPTypeEchoReply && m.Code == 0: // net.inet.icmp.bmcastecho=1
-				case rh.Dst.IsMulticast() && m.Type == ipv4.ICMPTypeEcho && m.Code == 0: // net.inet.icmp.bmcastecho=0
-				default:
-					t.Fatalf("got type=%v, code=%v; want type=%v, code=%v", m.Type, m.Code, ipv4.ICMPTypeEchoReply, 0)
-				}
-			}
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/multicastlistener_test.go b/vendor/golang.org/x/net/ipv4/multicastlistener_test.go
deleted file mode 100644
index e342bf1d..00000000
--- a/vendor/golang.org/x/net/ipv4/multicastlistener_test.go
+++ /dev/null
@@ -1,249 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-var udpMultipleGroupListenerTests = []net.Addr{
-	&net.UDPAddr{IP: net.IPv4(224, 0, 0, 249)}, // see RFC 4727
-	&net.UDPAddr{IP: net.IPv4(224, 0, 0, 250)},
-	&net.UDPAddr{IP: net.IPv4(224, 0, 0, 254)},
-}
-
-func TestUDPSinglePacketConnWithMultipleGroupListeners(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if testing.Short() {
-		t.Skip("to avoid external network")
-	}
-
-	for _, gaddr := range udpMultipleGroupListenerTests {
-		c, err := net.ListenPacket("udp4", "0.0.0.0:0") // wildcard address with no reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		p := ipv4.NewPacketConn(c)
-		var mift []*net.Interface
-
-		ift, err := net.Interfaces()
-		if err != nil {
-			t.Fatal(err)
-		}
-		for i, ifi := range ift {
-			if _, ok := nettest.IsMulticastCapable("ip4", &ifi); !ok {
-				continue
-			}
-			if err := p.JoinGroup(&ifi, gaddr); err != nil {
-				t.Fatal(err)
-			}
-			mift = append(mift, &ift[i])
-		}
-		for _, ifi := range mift {
-			if err := p.LeaveGroup(ifi, gaddr); err != nil {
-				t.Fatal(err)
-			}
-		}
-	}
-}
-
-func TestUDPMultiplePacketConnWithMultipleGroupListeners(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if testing.Short() {
-		t.Skip("to avoid external network")
-	}
-
-	for _, gaddr := range udpMultipleGroupListenerTests {
-		c1, err := net.ListenPacket("udp4", "224.0.0.0:1024") // wildcard address with reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c1.Close()
-
-		c2, err := net.ListenPacket("udp4", "224.0.0.0:1024") // wildcard address with reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c2.Close()
-
-		var ps [2]*ipv4.PacketConn
-		ps[0] = ipv4.NewPacketConn(c1)
-		ps[1] = ipv4.NewPacketConn(c2)
-		var mift []*net.Interface
-
-		ift, err := net.Interfaces()
-		if err != nil {
-			t.Fatal(err)
-		}
-		for i, ifi := range ift {
-			if _, ok := nettest.IsMulticastCapable("ip4", &ifi); !ok {
-				continue
-			}
-			for _, p := range ps {
-				if err := p.JoinGroup(&ifi, gaddr); err != nil {
-					t.Fatal(err)
-				}
-			}
-			mift = append(mift, &ift[i])
-		}
-		for _, ifi := range mift {
-			for _, p := range ps {
-				if err := p.LeaveGroup(ifi, gaddr); err != nil {
-					t.Fatal(err)
-				}
-			}
-		}
-	}
-}
-
-func TestUDPPerInterfaceSinglePacketConnWithSingleGroupListener(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if testing.Short() {
-		t.Skip("to avoid external network")
-	}
-
-	gaddr := net.IPAddr{IP: net.IPv4(224, 0, 0, 254)} // see RFC 4727
-	type ml struct {
-		c   *ipv4.PacketConn
-		ifi *net.Interface
-	}
-	var mlt []*ml
-
-	ift, err := net.Interfaces()
-	if err != nil {
-		t.Fatal(err)
-	}
-	for i, ifi := range ift {
-		ip, ok := nettest.IsMulticastCapable("ip4", &ifi)
-		if !ok {
-			continue
-		}
-		c, err := net.ListenPacket("udp4", ip.String()+":"+"1024") // unicast address with non-reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		p := ipv4.NewPacketConn(c)
-		if err := p.JoinGroup(&ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-		mlt = append(mlt, &ml{p, &ift[i]})
-	}
-	for _, m := range mlt {
-		if err := m.c.LeaveGroup(m.ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
-
-func TestIPSingleRawConnWithSingleGroupListener(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if testing.Short() {
-		t.Skip("to avoid external network")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	c, err := net.ListenPacket("ip4:icmp", "0.0.0.0") // wildcard address
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	r, err := ipv4.NewRawConn(c)
-	if err != nil {
-		t.Fatal(err)
-	}
-	gaddr := net.IPAddr{IP: net.IPv4(224, 0, 0, 254)} // see RFC 4727
-	var mift []*net.Interface
-
-	ift, err := net.Interfaces()
-	if err != nil {
-		t.Fatal(err)
-	}
-	for i, ifi := range ift {
-		if _, ok := nettest.IsMulticastCapable("ip4", &ifi); !ok {
-			continue
-		}
-		if err := r.JoinGroup(&ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-		mift = append(mift, &ift[i])
-	}
-	for _, ifi := range mift {
-		if err := r.LeaveGroup(ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
-
-func TestIPPerInterfaceSingleRawConnWithSingleGroupListener(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if testing.Short() {
-		t.Skip("to avoid external network")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	gaddr := net.IPAddr{IP: net.IPv4(224, 0, 0, 254)} // see RFC 4727
-	type ml struct {
-		c   *ipv4.RawConn
-		ifi *net.Interface
-	}
-	var mlt []*ml
-
-	ift, err := net.Interfaces()
-	if err != nil {
-		t.Fatal(err)
-	}
-	for i, ifi := range ift {
-		ip, ok := nettest.IsMulticastCapable("ip4", &ifi)
-		if !ok {
-			continue
-		}
-		c, err := net.ListenPacket("ip4:253", ip.String()) // unicast address
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		r, err := ipv4.NewRawConn(c)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if err := r.JoinGroup(&ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-		mlt = append(mlt, &ml{r, &ift[i]})
-	}
-	for _, m := range mlt {
-		if err := m.c.LeaveGroup(m.ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/multicastsockopt_test.go b/vendor/golang.org/x/net/ipv4/multicastsockopt_test.go
deleted file mode 100644
index c76dbe4d..00000000
--- a/vendor/golang.org/x/net/ipv4/multicastsockopt_test.go
+++ /dev/null
@@ -1,195 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-var packetConnMulticastSocketOptionTests = []struct {
-	net, proto, addr string
-	grp, src         net.Addr
-}{
-	{"udp4", "", "224.0.0.0:0", &net.UDPAddr{IP: net.IPv4(224, 0, 0, 249)}, nil}, // see RFC 4727
-	{"ip4", ":icmp", "0.0.0.0", &net.IPAddr{IP: net.IPv4(224, 0, 0, 250)}, nil},  // see RFC 4727
-
-	{"udp4", "", "232.0.0.0:0", &net.UDPAddr{IP: net.IPv4(232, 0, 1, 249)}, &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1)}}, // see RFC 5771
-	{"ip4", ":icmp", "0.0.0.0", &net.IPAddr{IP: net.IPv4(232, 0, 1, 250)}, &net.UDPAddr{IP: net.IPv4(127, 0, 0, 1)}},  // see RFC 5771
-}
-
-func TestPacketConnMulticastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	m, ok := nettest.SupportsRawIPSocket()
-	for _, tt := range packetConnMulticastSocketOptionTests {
-		if tt.net == "ip4" && !ok {
-			t.Log(m)
-			continue
-		}
-		c, err := net.ListenPacket(tt.net+tt.proto, tt.addr)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		p := ipv4.NewPacketConn(c)
-		defer p.Close()
-
-		if tt.src == nil {
-			testMulticastSocketOptions(t, p, ifi, tt.grp)
-		} else {
-			testSourceSpecificMulticastSocketOptions(t, p, ifi, tt.grp, tt.src)
-		}
-	}
-}
-
-var rawConnMulticastSocketOptionTests = []struct {
-	grp, src net.Addr
-}{
-	{&net.IPAddr{IP: net.IPv4(224, 0, 0, 250)}, nil}, // see RFC 4727
-
-	{&net.IPAddr{IP: net.IPv4(232, 0, 1, 250)}, &net.IPAddr{IP: net.IPv4(127, 0, 0, 1)}}, // see RFC 5771
-}
-
-func TestRawConnMulticastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	for _, tt := range rawConnMulticastSocketOptionTests {
-		c, err := net.ListenPacket("ip4:icmp", "0.0.0.0")
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		r, err := ipv4.NewRawConn(c)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer r.Close()
-
-		if tt.src == nil {
-			testMulticastSocketOptions(t, r, ifi, tt.grp)
-		} else {
-			testSourceSpecificMulticastSocketOptions(t, r, ifi, tt.grp, tt.src)
-		}
-	}
-}
-
-type testIPv4MulticastConn interface {
-	MulticastTTL() (int, error)
-	SetMulticastTTL(ttl int) error
-	MulticastLoopback() (bool, error)
-	SetMulticastLoopback(bool) error
-	JoinGroup(*net.Interface, net.Addr) error
-	LeaveGroup(*net.Interface, net.Addr) error
-	JoinSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-	LeaveSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-	ExcludeSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-	IncludeSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-}
-
-func testMulticastSocketOptions(t *testing.T, c testIPv4MulticastConn, ifi *net.Interface, grp net.Addr) {
-	const ttl = 255
-	if err := c.SetMulticastTTL(ttl); err != nil {
-		t.Error(err)
-		return
-	}
-	if v, err := c.MulticastTTL(); err != nil {
-		t.Error(err)
-		return
-	} else if v != ttl {
-		t.Errorf("got %v; want %v", v, ttl)
-		return
-	}
-
-	for _, toggle := range []bool{true, false} {
-		if err := c.SetMulticastLoopback(toggle); err != nil {
-			t.Error(err)
-			return
-		}
-		if v, err := c.MulticastLoopback(); err != nil {
-			t.Error(err)
-			return
-		} else if v != toggle {
-			t.Errorf("got %v; want %v", v, toggle)
-			return
-		}
-	}
-
-	if err := c.JoinGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-}
-
-func testSourceSpecificMulticastSocketOptions(t *testing.T, c testIPv4MulticastConn, ifi *net.Interface, grp, src net.Addr) {
-	// MCAST_JOIN_GROUP -> MCAST_BLOCK_SOURCE -> MCAST_UNBLOCK_SOURCE -> MCAST_LEAVE_GROUP
-	if err := c.JoinGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.ExcludeSourceSpecificGroup(ifi, grp, src); err != nil {
-		switch runtime.GOOS {
-		case "freebsd", "linux":
-		default: // platforms that don't support IGMPv2/3 fail here
-			t.Logf("not supported on %s", runtime.GOOS)
-			return
-		}
-		t.Error(err)
-		return
-	}
-	if err := c.IncludeSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-
-	// MCAST_JOIN_SOURCE_GROUP -> MCAST_LEAVE_SOURCE_GROUP
-	if err := c.JoinSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-
-	// MCAST_JOIN_SOURCE_GROUP -> MCAST_LEAVE_GROUP
-	if err := c.JoinSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/packet.go b/vendor/golang.org/x/net/ipv4/packet.go
deleted file mode 100644
index 09864314..00000000
--- a/vendor/golang.org/x/net/ipv4/packet.go
+++ /dev/null
@@ -1,97 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-)
-
-// A packetHandler represents the IPv4 datagram handler.
-type packetHandler struct {
-	c *net.IPConn
-	rawOpt
-}
-
-func (c *packetHandler) ok() bool { return c != nil && c.c != nil }
-
-// ReadFrom reads an IPv4 datagram from the endpoint c, copying the
-// datagram into b.  It returns the received datagram as the IPv4
-// header h, the payload p and the control message cm.
-func (c *packetHandler) ReadFrom(b []byte) (h *Header, p []byte, cm *ControlMessage, err error) {
-	if !c.ok() {
-		return nil, nil, nil, syscall.EINVAL
-	}
-	oob := newControlMessage(&c.rawOpt)
-	n, oobn, _, src, err := c.c.ReadMsgIP(b, oob)
-	if err != nil {
-		return nil, nil, nil, err
-	}
-	var hs []byte
-	if hs, p, err = slicePacket(b[:n]); err != nil {
-		return nil, nil, nil, err
-	}
-	if h, err = ParseHeader(hs); err != nil {
-		return nil, nil, nil, err
-	}
-	if cm, err = parseControlMessage(oob[:oobn]); err != nil {
-		return nil, nil, nil, err
-	}
-	if src != nil && cm != nil {
-		cm.Src = src.IP
-	}
-	return
-}
-
-func slicePacket(b []byte) (h, p []byte, err error) {
-	if len(b) < HeaderLen {
-		return nil, nil, errHeaderTooShort
-	}
-	hdrlen := int(b[0]&0x0f) << 2
-	return b[:hdrlen], b[hdrlen:], nil
-}
-
-// WriteTo writes an IPv4 datagram through the endpoint c, copying the
-// datagram from the IPv4 header h and the payload p.  The control
-// message cm allows the datagram path and the outgoing interface to be
-// specified.  Currently only Darwin and Linux support this.  The cm
-// may be nil if control of the outgoing datagram is not required.
-//
-// The IPv4 header h must contain appropriate fields that include:
-//
-//	Version       = ipv4.Version
-//	Len           = 
-//	TOS           = 
-//	TotalLen      = 
-//	ID            = platform sets an appropriate value if ID is zero
-//	FragOff       = 
-//	TTL           = 
-//	Protocol      = 
-//	Checksum      = platform sets an appropriate value if Checksum is zero
-//	Src           = platform sets an appropriate value if Src is nil
-//	Dst           = 
-//	Options       = optional
-func (c *packetHandler) WriteTo(h *Header, p []byte, cm *ControlMessage) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	oob := marshalControlMessage(cm)
-	wh, err := h.Marshal()
-	if err != nil {
-		return err
-	}
-	dst := &net.IPAddr{}
-	if cm != nil {
-		if ip := cm.Dst.To4(); ip != nil {
-			dst.IP = ip
-		}
-	}
-	if dst.IP == nil {
-		dst.IP = h.Dst
-	}
-	wh = append(wh, p...)
-	_, _, err = c.c.WriteMsgIP(wh, oob, dst)
-	return err
-}
diff --git a/vendor/golang.org/x/net/ipv4/payload.go b/vendor/golang.org/x/net/ipv4/payload.go
deleted file mode 100644
index d7698cbd..00000000
--- a/vendor/golang.org/x/net/ipv4/payload.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import "net"
-
-// A payloadHandler represents the IPv4 datagram payload handler.
-type payloadHandler struct {
-	net.PacketConn
-	rawOpt
-}
-
-func (c *payloadHandler) ok() bool { return c != nil && c.PacketConn != nil }
diff --git a/vendor/golang.org/x/net/ipv4/payload_cmsg.go b/vendor/golang.org/x/net/ipv4/payload_cmsg.go
deleted file mode 100644
index d358fc3a..00000000
--- a/vendor/golang.org/x/net/ipv4/payload_cmsg.go
+++ /dev/null
@@ -1,81 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !plan9,!solaris,!windows
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-)
-
-// ReadFrom reads a payload of the received IPv4 datagram, from the
-// endpoint c, copying the payload into b.  It returns the number of
-// bytes copied into b, the control message cm and the source address
-// src of the received datagram.
-func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
-	if !c.ok() {
-		return 0, nil, nil, syscall.EINVAL
-	}
-	oob := newControlMessage(&c.rawOpt)
-	var oobn int
-	switch c := c.PacketConn.(type) {
-	case *net.UDPConn:
-		if n, oobn, _, src, err = c.ReadMsgUDP(b, oob); err != nil {
-			return 0, nil, nil, err
-		}
-	case *net.IPConn:
-		if sockOpts[ssoStripHeader].name > 0 {
-			if n, oobn, _, src, err = c.ReadMsgIP(b, oob); err != nil {
-				return 0, nil, nil, err
-			}
-		} else {
-			nb := make([]byte, maxHeaderLen+len(b))
-			if n, oobn, _, src, err = c.ReadMsgIP(nb, oob); err != nil {
-				return 0, nil, nil, err
-			}
-			hdrlen := int(nb[0]&0x0f) << 2
-			copy(b, nb[hdrlen:])
-			n -= hdrlen
-		}
-	default:
-		return 0, nil, nil, errInvalidConnType
-	}
-	if cm, err = parseControlMessage(oob[:oobn]); err != nil {
-		return 0, nil, nil, err
-	}
-	if cm != nil {
-		cm.Src = netAddrToIP4(src)
-	}
-	return
-}
-
-// WriteTo writes a payload of the IPv4 datagram, to the destination
-// address dst through the endpoint c, copying the payload from b.  It
-// returns the number of bytes written.  The control message cm allows
-// the datagram path and the outgoing interface to be specified.
-// Currently only Darwin and Linux support this.  The cm may be nil if
-// control of the outgoing datagram is not required.
-func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	oob := marshalControlMessage(cm)
-	if dst == nil {
-		return 0, errMissingAddress
-	}
-	switch c := c.PacketConn.(type) {
-	case *net.UDPConn:
-		n, _, err = c.WriteMsgUDP(b, oob, dst.(*net.UDPAddr))
-	case *net.IPConn:
-		n, _, err = c.WriteMsgIP(b, oob, dst.(*net.IPAddr))
-	default:
-		return 0, errInvalidConnType
-	}
-	if err != nil {
-		return 0, err
-	}
-	return
-}
diff --git a/vendor/golang.org/x/net/ipv4/payload_nocmsg.go b/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
deleted file mode 100644
index d128c9c2..00000000
--- a/vendor/golang.org/x/net/ipv4/payload_nocmsg.go
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build plan9 solaris windows
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-)
-
-// ReadFrom reads a payload of the received IPv4 datagram, from the
-// endpoint c, copying the payload into b.  It returns the number of
-// bytes copied into b, the control message cm and the source address
-// src of the received datagram.
-func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
-	if !c.ok() {
-		return 0, nil, nil, syscall.EINVAL
-	}
-	if n, src, err = c.PacketConn.ReadFrom(b); err != nil {
-		return 0, nil, nil, err
-	}
-	return
-}
-
-// WriteTo writes a payload of the IPv4 datagram, to the destination
-// address dst through the endpoint c, copying the payload from b.  It
-// returns the number of bytes written.  The control message cm allows
-// the datagram path and the outgoing interface to be specified.
-// Currently only Darwin and Linux support this.  The cm may be nil if
-// control of the outgoing datagram is not required.
-func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	if dst == nil {
-		return 0, errMissingAddress
-	}
-	return c.PacketConn.WriteTo(b, dst)
-}
diff --git a/vendor/golang.org/x/net/ipv4/readwrite_test.go b/vendor/golang.org/x/net/ipv4/readwrite_test.go
deleted file mode 100644
index 247d06c1..00000000
--- a/vendor/golang.org/x/net/ipv4/readwrite_test.go
+++ /dev/null
@@ -1,174 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"bytes"
-	"net"
-	"runtime"
-	"strings"
-	"sync"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-func benchmarkUDPListener() (net.PacketConn, net.Addr, error) {
-	c, err := net.ListenPacket("udp4", "127.0.0.1:0")
-	if err != nil {
-		return nil, nil, err
-	}
-	dst, err := net.ResolveUDPAddr("udp4", c.LocalAddr().String())
-	if err != nil {
-		c.Close()
-		return nil, nil, err
-	}
-	return c, dst, nil
-}
-
-func BenchmarkReadWriteNetUDP(b *testing.B) {
-	c, dst, err := benchmarkUDPListener()
-	if err != nil {
-		b.Fatal(err)
-	}
-	defer c.Close()
-
-	wb, rb := []byte("HELLO-R-U-THERE"), make([]byte, 128)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		benchmarkReadWriteNetUDP(b, c, wb, rb, dst)
-	}
-}
-
-func benchmarkReadWriteNetUDP(b *testing.B, c net.PacketConn, wb, rb []byte, dst net.Addr) {
-	if _, err := c.WriteTo(wb, dst); err != nil {
-		b.Fatal(err)
-	}
-	if _, _, err := c.ReadFrom(rb); err != nil {
-		b.Fatal(err)
-	}
-}
-
-func BenchmarkReadWriteIPv4UDP(b *testing.B) {
-	c, dst, err := benchmarkUDPListener()
-	if err != nil {
-		b.Fatal(err)
-	}
-	defer c.Close()
-
-	p := ipv4.NewPacketConn(c)
-	defer p.Close()
-	cf := ipv4.FlagTTL | ipv4.FlagInterface
-	if err := p.SetControlMessage(cf, true); err != nil {
-		b.Fatal(err)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-
-	wb, rb := []byte("HELLO-R-U-THERE"), make([]byte, 128)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		benchmarkReadWriteIPv4UDP(b, p, wb, rb, dst, ifi)
-	}
-}
-
-func benchmarkReadWriteIPv4UDP(b *testing.B, p *ipv4.PacketConn, wb, rb []byte, dst net.Addr, ifi *net.Interface) {
-	cm := ipv4.ControlMessage{TTL: 1}
-	if ifi != nil {
-		cm.IfIndex = ifi.Index
-	}
-	if n, err := p.WriteTo(wb, &cm, dst); err != nil {
-		b.Fatal(err)
-	} else if n != len(wb) {
-		b.Fatalf("got %v; want %v", n, len(wb))
-	}
-	if _, _, _, err := p.ReadFrom(rb); err != nil {
-		b.Fatal(err)
-	}
-}
-
-func TestPacketConnConcurrentReadWriteUnicastUDP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-
-	c, err := net.ListenPacket("udp4", "127.0.0.1:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv4.NewPacketConn(c)
-	defer p.Close()
-
-	dst, err := net.ResolveUDPAddr("udp4", c.LocalAddr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	cf := ipv4.FlagTTL | ipv4.FlagSrc | ipv4.FlagDst | ipv4.FlagInterface
-	wb := []byte("HELLO-R-U-THERE")
-
-	if err := p.SetControlMessage(cf, true); err != nil { // probe before test
-		if nettest.ProtocolNotSupported(err) {
-			t.Skipf("not supported on %s", runtime.GOOS)
-		}
-		t.Fatal(err)
-	}
-
-	var wg sync.WaitGroup
-	reader := func() {
-		defer wg.Done()
-		rb := make([]byte, 128)
-		if n, cm, _, err := p.ReadFrom(rb); err != nil {
-			t.Error(err)
-			return
-		} else if !bytes.Equal(rb[:n], wb) {
-			t.Errorf("got %v; want %v", rb[:n], wb)
-			return
-		} else {
-			s := cm.String()
-			if strings.Contains(s, ",") {
-				t.Errorf("should be space-separated values: %s", s)
-			}
-		}
-	}
-	writer := func(toggle bool) {
-		defer wg.Done()
-		cm := ipv4.ControlMessage{
-			Src: net.IPv4(127, 0, 0, 1),
-		}
-		if ifi != nil {
-			cm.IfIndex = ifi.Index
-		}
-		if err := p.SetControlMessage(cf, toggle); err != nil {
-			t.Error(err)
-			return
-		}
-		if n, err := p.WriteTo(wb, &cm, dst); err != nil {
-			t.Error(err)
-			return
-		} else if n != len(wb) {
-			t.Errorf("short write: %v", n)
-			return
-		}
-	}
-
-	const N = 10
-	wg.Add(N)
-	for i := 0; i < N; i++ {
-		go reader()
-	}
-	wg.Add(2 * N)
-	for i := 0; i < 2*N; i++ {
-		go writer(i%2 != 0)
-	}
-	wg.Add(N)
-	for i := 0; i < N; i++ {
-		go reader()
-	}
-	wg.Wait()
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt.go b/vendor/golang.org/x/net/ipv4/sockopt.go
deleted file mode 100644
index ace37d30..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-// Sticky socket options
-const (
-	ssoTOS                = iota // header field for unicast packet
-	ssoTTL                       // header field for unicast packet
-	ssoMulticastTTL              // header field for multicast packet
-	ssoMulticastInterface        // outbound interface for multicast packet
-	ssoMulticastLoopback         // loopback for multicast packet
-	ssoReceiveTTL                // header field on received packet
-	ssoReceiveDst                // header field on received packet
-	ssoReceiveInterface          // inbound interface on received packet
-	ssoPacketInfo                // incbound or outbound packet path
-	ssoHeaderPrepend             // ipv4 header prepend
-	ssoStripHeader               // strip ipv4 header
-	ssoICMPFilter                // icmp filter
-	ssoJoinGroup                 // any-source multicast
-	ssoLeaveGroup                // any-source multicast
-	ssoJoinSourceGroup           // source-specific multicast
-	ssoLeaveSourceGroup          // source-specific multicast
-	ssoBlockSourceGroup          // any-source or source-specific multicast
-	ssoUnblockSourceGroup        // any-source or source-specific multicast
-	ssoMax
-)
-
-// Sticky socket option value types
-const (
-	ssoTypeByte = iota + 1
-	ssoTypeInt
-	ssoTypeInterface
-	ssoTypeICMPFilter
-	ssoTypeIPMreq
-	ssoTypeIPMreqn
-	ssoTypeGroupReq
-	ssoTypeGroupSourceReq
-)
-
-// A sockOpt represents a binding for sticky socket option.
-type sockOpt struct {
-	name int // option name, must be equal or greater than 1
-	typ  int // option value type, must be equal or greater than 1
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_asmreq.go b/vendor/golang.org/x/net/ipv4/sockopt_asmreq.go
deleted file mode 100644
index 4a6aa78e..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_asmreq.go
+++ /dev/null
@@ -1,83 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd netbsd openbsd windows
-
-package ipv4
-
-import "net"
-
-func setIPMreqInterface(mreq *sysIPMreq, ifi *net.Interface) error {
-	if ifi == nil {
-		return nil
-	}
-	ifat, err := ifi.Addrs()
-	if err != nil {
-		return err
-	}
-	for _, ifa := range ifat {
-		switch ifa := ifa.(type) {
-		case *net.IPAddr:
-			if ip := ifa.IP.To4(); ip != nil {
-				copy(mreq.Interface[:], ip)
-				return nil
-			}
-		case *net.IPNet:
-			if ip := ifa.IP.To4(); ip != nil {
-				copy(mreq.Interface[:], ip)
-				return nil
-			}
-		}
-	}
-	return errNoSuchInterface
-}
-
-func netIP4ToInterface(ip net.IP) (*net.Interface, error) {
-	ift, err := net.Interfaces()
-	if err != nil {
-		return nil, err
-	}
-	for _, ifi := range ift {
-		ifat, err := ifi.Addrs()
-		if err != nil {
-			return nil, err
-		}
-		for _, ifa := range ifat {
-			switch ifa := ifa.(type) {
-			case *net.IPAddr:
-				if ip.Equal(ifa.IP) {
-					return &ifi, nil
-				}
-			case *net.IPNet:
-				if ip.Equal(ifa.IP) {
-					return &ifi, nil
-				}
-			}
-		}
-	}
-	return nil, errNoSuchInterface
-}
-
-func netInterfaceToIP4(ifi *net.Interface) (net.IP, error) {
-	if ifi == nil {
-		return net.IPv4zero.To4(), nil
-	}
-	ifat, err := ifi.Addrs()
-	if err != nil {
-		return nil, err
-	}
-	for _, ifa := range ifat {
-		switch ifa := ifa.(type) {
-		case *net.IPAddr:
-			if ip := ifa.IP.To4(); ip != nil {
-				return ip, nil
-			}
-		case *net.IPNet:
-			if ip := ifa.IP.To4(); ip != nil {
-				return ip, nil
-			}
-		}
-	}
-	return nil, errNoSuchInterface
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_asmreq_stub.go b/vendor/golang.org/x/net/ipv4/sockopt_asmreq_stub.go
deleted file mode 100644
index 45551528..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_asmreq_stub.go
+++ /dev/null
@@ -1,21 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !darwin,!dragonfly,!freebsd,!netbsd,!openbsd,!windows
-
-package ipv4
-
-import "net"
-
-func setsockoptIPMreq(fd, name int, ifi *net.Interface, grp net.IP) error {
-	return errOpNoSupport
-}
-
-func getsockoptInterface(fd, name int) (*net.Interface, error) {
-	return nil, errOpNoSupport
-}
-
-func setsockoptInterface(fd, name int, ifi *net.Interface) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_asmreq_unix.go b/vendor/golang.org/x/net/ipv4/sockopt_asmreq_unix.go
deleted file mode 100644
index fefa901e..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_asmreq_unix.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd netbsd openbsd
-
-package ipv4
-
-import (
-	"net"
-	"os"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func setsockoptIPMreq(fd, name int, ifi *net.Interface, grp net.IP) error {
-	mreq := sysIPMreq{Multiaddr: [4]byte{grp[0], grp[1], grp[2], grp[3]}}
-	if err := setIPMreqInterface(&mreq, ifi); err != nil {
-		return err
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolIP, name, unsafe.Pointer(&mreq), sysSizeofIPMreq))
-}
-
-func getsockoptInterface(fd, name int) (*net.Interface, error) {
-	var b [4]byte
-	l := sysSockoptLen(4)
-	if err := getsockopt(fd, iana.ProtocolIP, name, unsafe.Pointer(&b[0]), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	ifi, err := netIP4ToInterface(net.IPv4(b[0], b[1], b[2], b[3]))
-	if err != nil {
-		return nil, err
-	}
-	return ifi, nil
-}
-
-func setsockoptInterface(fd, name int, ifi *net.Interface) error {
-	ip, err := netInterfaceToIP4(ifi)
-	if err != nil {
-		return err
-	}
-	var b [4]byte
-	copy(b[:], ip)
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolIP, name, unsafe.Pointer(&b[0]), sysSockoptLen(4)))
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_asmreq_windows.go b/vendor/golang.org/x/net/ipv4/sockopt_asmreq_windows.go
deleted file mode 100644
index 431930df..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_asmreq_windows.go
+++ /dev/null
@@ -1,45 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"os"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func setsockoptIPMreq(fd syscall.Handle, name int, ifi *net.Interface, grp net.IP) error {
-	mreq := sysIPMreq{Multiaddr: [4]byte{grp[0], grp[1], grp[2], grp[3]}}
-	if err := setIPMreqInterface(&mreq, ifi); err != nil {
-		return err
-	}
-	return os.NewSyscallError("setsockopt", syscall.Setsockopt(fd, iana.ProtocolIP, int32(name), (*byte)(unsafe.Pointer(&mreq)), int32(sysSizeofIPMreq)))
-}
-
-func getsockoptInterface(fd syscall.Handle, name int) (*net.Interface, error) {
-	var b [4]byte
-	l := int32(4)
-	if err := syscall.Getsockopt(fd, iana.ProtocolIP, int32(name), (*byte)(unsafe.Pointer(&b[0])), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	ifi, err := netIP4ToInterface(net.IPv4(b[0], b[1], b[2], b[3]))
-	if err != nil {
-		return nil, err
-	}
-	return ifi, nil
-}
-
-func setsockoptInterface(fd syscall.Handle, name int, ifi *net.Interface) error {
-	ip, err := netInterfaceToIP4(ifi)
-	if err != nil {
-		return err
-	}
-	var b [4]byte
-	copy(b[:], ip)
-	return os.NewSyscallError("setsockopt", syscall.Setsockopt(fd, iana.ProtocolIP, int32(name), (*byte)(unsafe.Pointer(&b[0])), 4))
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_asmreqn_stub.go b/vendor/golang.org/x/net/ipv4/sockopt_asmreqn_stub.go
deleted file mode 100644
index 332f403e..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_asmreqn_stub.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !darwin,!freebsd,!linux,!windows
-
-package ipv4
-
-import "net"
-
-func getsockoptIPMreqn(fd, name int) (*net.Interface, error) {
-	return nil, errOpNoSupport
-}
-
-func setsockoptIPMreqn(fd, name int, ifi *net.Interface, grp net.IP) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_asmreqn_unix.go b/vendor/golang.org/x/net/ipv4/sockopt_asmreqn_unix.go
deleted file mode 100644
index 92c8e34c..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_asmreqn_unix.go
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin freebsd linux
-
-package ipv4
-
-import (
-	"net"
-	"os"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func getsockoptIPMreqn(fd, name int) (*net.Interface, error) {
-	var mreqn sysIPMreqn
-	l := sysSockoptLen(sysSizeofIPMreqn)
-	if err := getsockopt(fd, iana.ProtocolIP, name, unsafe.Pointer(&mreqn), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	if mreqn.Ifindex == 0 {
-		return nil, nil
-	}
-	ifi, err := net.InterfaceByIndex(int(mreqn.Ifindex))
-	if err != nil {
-		return nil, err
-	}
-	return ifi, nil
-}
-
-func setsockoptIPMreqn(fd, name int, ifi *net.Interface, grp net.IP) error {
-	var mreqn sysIPMreqn
-	if ifi != nil {
-		mreqn.Ifindex = int32(ifi.Index)
-	}
-	if grp != nil {
-		mreqn.Multiaddr = [4]byte{grp[0], grp[1], grp[2], grp[3]}
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolIP, name, unsafe.Pointer(&mreqn), sysSizeofIPMreqn))
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_ssmreq_stub.go b/vendor/golang.org/x/net/ipv4/sockopt_ssmreq_stub.go
deleted file mode 100644
index 85465244..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_ssmreq_stub.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !darwin,!freebsd,!linux
-
-package ipv4
-
-import "net"
-
-func setsockoptGroupReq(fd, name int, ifi *net.Interface, grp net.IP) error {
-	return errOpNoSupport
-}
-
-func setsockoptGroupSourceReq(fd, name int, ifi *net.Interface, grp, src net.IP) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_ssmreq_unix.go b/vendor/golang.org/x/net/ipv4/sockopt_ssmreq_unix.go
deleted file mode 100644
index 6f647bc5..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_ssmreq_unix.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin freebsd linux
-
-package ipv4
-
-import (
-	"net"
-	"os"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-var freebsd32o64 bool
-
-func setsockoptGroupReq(fd, name int, ifi *net.Interface, grp net.IP) error {
-	var gr sysGroupReq
-	if ifi != nil {
-		gr.Interface = uint32(ifi.Index)
-	}
-	gr.setGroup(grp)
-	var p unsafe.Pointer
-	var l sysSockoptLen
-	if freebsd32o64 {
-		var d [sysSizeofGroupReq + 4]byte
-		s := (*[sysSizeofGroupReq]byte)(unsafe.Pointer(&gr))
-		copy(d[:4], s[:4])
-		copy(d[8:], s[4:])
-		p = unsafe.Pointer(&d[0])
-		l = sysSizeofGroupReq + 4
-	} else {
-		p = unsafe.Pointer(&gr)
-		l = sysSizeofGroupReq
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolIP, name, p, l))
-}
-
-func setsockoptGroupSourceReq(fd, name int, ifi *net.Interface, grp, src net.IP) error {
-	var gsr sysGroupSourceReq
-	if ifi != nil {
-		gsr.Interface = uint32(ifi.Index)
-	}
-	gsr.setSourceGroup(grp, src)
-	var p unsafe.Pointer
-	var l sysSockoptLen
-	if freebsd32o64 {
-		var d [sysSizeofGroupSourceReq + 4]byte
-		s := (*[sysSizeofGroupSourceReq]byte)(unsafe.Pointer(&gsr))
-		copy(d[:4], s[:4])
-		copy(d[8:], s[4:])
-		p = unsafe.Pointer(&d[0])
-		l = sysSizeofGroupSourceReq + 4
-	} else {
-		p = unsafe.Pointer(&gsr)
-		l = sysSizeofGroupSourceReq
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolIP, name, p, l))
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_stub.go b/vendor/golang.org/x/net/ipv4/sockopt_stub.go
deleted file mode 100644
index 9d19f5df..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_stub.go
+++ /dev/null
@@ -1,11 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv4
-
-func setInt(fd int, opt *sockOpt, v int) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_unix.go b/vendor/golang.org/x/net/ipv4/sockopt_unix.go
deleted file mode 100644
index 50cdbd81..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_unix.go
+++ /dev/null
@@ -1,122 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv4
-
-import (
-	"net"
-	"os"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func getInt(fd int, opt *sockOpt) (int, error) {
-	if opt.name < 1 || (opt.typ != ssoTypeByte && opt.typ != ssoTypeInt) {
-		return 0, errOpNoSupport
-	}
-	var i int32
-	var b byte
-	p := unsafe.Pointer(&i)
-	l := sysSockoptLen(4)
-	if opt.typ == ssoTypeByte {
-		p = unsafe.Pointer(&b)
-		l = sysSockoptLen(1)
-	}
-	if err := getsockopt(fd, iana.ProtocolIP, opt.name, p, &l); err != nil {
-		return 0, os.NewSyscallError("getsockopt", err)
-	}
-	if opt.typ == ssoTypeByte {
-		return int(b), nil
-	}
-	return int(i), nil
-}
-
-func setInt(fd int, opt *sockOpt, v int) error {
-	if opt.name < 1 || (opt.typ != ssoTypeByte && opt.typ != ssoTypeInt) {
-		return errOpNoSupport
-	}
-	i := int32(v)
-	var b byte
-	p := unsafe.Pointer(&i)
-	l := sysSockoptLen(4)
-	if opt.typ == ssoTypeByte {
-		b = byte(v)
-		p = unsafe.Pointer(&b)
-		l = sysSockoptLen(1)
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolIP, opt.name, p, l))
-}
-
-func getInterface(fd int, opt *sockOpt) (*net.Interface, error) {
-	if opt.name < 1 {
-		return nil, errOpNoSupport
-	}
-	switch opt.typ {
-	case ssoTypeInterface:
-		return getsockoptInterface(fd, opt.name)
-	case ssoTypeIPMreqn:
-		return getsockoptIPMreqn(fd, opt.name)
-	default:
-		return nil, errOpNoSupport
-	}
-}
-
-func setInterface(fd int, opt *sockOpt, ifi *net.Interface) error {
-	if opt.name < 1 {
-		return errOpNoSupport
-	}
-	switch opt.typ {
-	case ssoTypeInterface:
-		return setsockoptInterface(fd, opt.name, ifi)
-	case ssoTypeIPMreqn:
-		return setsockoptIPMreqn(fd, opt.name, ifi, nil)
-	default:
-		return errOpNoSupport
-	}
-}
-
-func getICMPFilter(fd int, opt *sockOpt) (*ICMPFilter, error) {
-	if opt.name < 1 || opt.typ != ssoTypeICMPFilter {
-		return nil, errOpNoSupport
-	}
-	var f ICMPFilter
-	l := sysSockoptLen(sysSizeofICMPFilter)
-	if err := getsockopt(fd, iana.ProtocolReserved, opt.name, unsafe.Pointer(&f.sysICMPFilter), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	return &f, nil
-}
-
-func setICMPFilter(fd int, opt *sockOpt, f *ICMPFilter) error {
-	if opt.name < 1 || opt.typ != ssoTypeICMPFilter {
-		return errOpNoSupport
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, iana.ProtocolReserved, opt.name, unsafe.Pointer(&f.sysICMPFilter), sysSizeofICMPFilter))
-}
-
-func setGroup(fd int, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	if opt.name < 1 {
-		return errOpNoSupport
-	}
-	switch opt.typ {
-	case ssoTypeIPMreq:
-		return setsockoptIPMreq(fd, opt.name, ifi, grp)
-	case ssoTypeIPMreqn:
-		return setsockoptIPMreqn(fd, opt.name, ifi, grp)
-	case ssoTypeGroupReq:
-		return setsockoptGroupReq(fd, opt.name, ifi, grp)
-	default:
-		return errOpNoSupport
-	}
-}
-
-func setSourceGroup(fd int, opt *sockOpt, ifi *net.Interface, grp, src net.IP) error {
-	if opt.name < 1 || opt.typ != ssoTypeGroupSourceReq {
-		return errOpNoSupport
-	}
-	return setsockoptGroupSourceReq(fd, opt.name, ifi, grp, src)
-}
diff --git a/vendor/golang.org/x/net/ipv4/sockopt_windows.go b/vendor/golang.org/x/net/ipv4/sockopt_windows.go
deleted file mode 100644
index c4c2441e..00000000
--- a/vendor/golang.org/x/net/ipv4/sockopt_windows.go
+++ /dev/null
@@ -1,68 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"os"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func getInt(fd syscall.Handle, opt *sockOpt) (int, error) {
-	if opt.name < 1 || opt.typ != ssoTypeInt {
-		return 0, errOpNoSupport
-	}
-	var i int32
-	l := int32(4)
-	if err := syscall.Getsockopt(fd, iana.ProtocolIP, int32(opt.name), (*byte)(unsafe.Pointer(&i)), &l); err != nil {
-		return 0, os.NewSyscallError("getsockopt", err)
-	}
-	return int(i), nil
-}
-
-func setInt(fd syscall.Handle, opt *sockOpt, v int) error {
-	if opt.name < 1 || opt.typ != ssoTypeInt {
-		return errOpNoSupport
-	}
-	i := int32(v)
-	return os.NewSyscallError("setsockopt", syscall.Setsockopt(fd, iana.ProtocolIP, int32(opt.name), (*byte)(unsafe.Pointer(&i)), 4))
-}
-
-func getInterface(fd syscall.Handle, opt *sockOpt) (*net.Interface, error) {
-	if opt.name < 1 || opt.typ != ssoTypeInterface {
-		return nil, errOpNoSupport
-	}
-	return getsockoptInterface(fd, opt.name)
-}
-
-func setInterface(fd syscall.Handle, opt *sockOpt, ifi *net.Interface) error {
-	if opt.name < 1 || opt.typ != ssoTypeInterface {
-		return errOpNoSupport
-	}
-	return setsockoptInterface(fd, opt.name, ifi)
-}
-
-func getICMPFilter(fd syscall.Handle, opt *sockOpt) (*ICMPFilter, error) {
-	return nil, errOpNoSupport
-}
-
-func setICMPFilter(fd syscall.Handle, opt *sockOpt, f *ICMPFilter) error {
-	return errOpNoSupport
-}
-
-func setGroup(fd syscall.Handle, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	if opt.name < 1 || opt.typ != ssoTypeIPMreq {
-		return errOpNoSupport
-	}
-	return setsockoptIPMreq(fd, opt.name, ifi, grp)
-}
-
-func setSourceGroup(fd syscall.Handle, opt *sockOpt, ifi *net.Interface, grp, src net.IP) error {
-	// TODO(mikio): implement this
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv4/sys_bsd.go b/vendor/golang.org/x/net/ipv4/sys_bsd.go
deleted file mode 100644
index a669a440..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_bsd.go
+++ /dev/null
@@ -1,36 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build dragonfly netbsd
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTTL:       {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
-		ctlDst:       {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
-		ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTOS:                {sysIP_TOS, ssoTypeInt},
-		ssoTTL:                {sysIP_TTL, ssoTypeInt},
-		ssoMulticastTTL:       {sysIP_MULTICAST_TTL, ssoTypeByte},
-		ssoMulticastInterface: {sysIP_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastLoopback:  {sysIP_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTTL:         {sysIP_RECVTTL, ssoTypeInt},
-		ssoReceiveDst:         {sysIP_RECVDSTADDR, ssoTypeInt},
-		ssoReceiveInterface:   {sysIP_RECVIF, ssoTypeInt},
-		ssoHeaderPrepend:      {sysIP_HDRINCL, ssoTypeInt},
-		ssoJoinGroup:          {sysIP_ADD_MEMBERSHIP, ssoTypeIPMreq},
-		ssoLeaveGroup:         {sysIP_DROP_MEMBERSHIP, ssoTypeIPMreq},
-	}
-)
diff --git a/vendor/golang.org/x/net/ipv4/sys_darwin.go b/vendor/golang.org/x/net/ipv4/sys_darwin.go
deleted file mode 100644
index 3f347348..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_darwin.go
+++ /dev/null
@@ -1,98 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-	"unsafe"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTTL:       {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
-		ctlDst:       {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
-		ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTOS:                {sysIP_TOS, ssoTypeInt},
-		ssoTTL:                {sysIP_TTL, ssoTypeInt},
-		ssoMulticastTTL:       {sysIP_MULTICAST_TTL, ssoTypeByte},
-		ssoMulticastInterface: {sysIP_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastLoopback:  {sysIP_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTTL:         {sysIP_RECVTTL, ssoTypeInt},
-		ssoReceiveDst:         {sysIP_RECVDSTADDR, ssoTypeInt},
-		ssoReceiveInterface:   {sysIP_RECVIF, ssoTypeInt},
-		ssoHeaderPrepend:      {sysIP_HDRINCL, ssoTypeInt},
-		ssoStripHeader:        {sysIP_STRIPHDR, ssoTypeInt},
-		ssoJoinGroup:          {sysIP_ADD_MEMBERSHIP, ssoTypeIPMreq},
-		ssoLeaveGroup:         {sysIP_DROP_MEMBERSHIP, ssoTypeIPMreq},
-	}
-)
-
-func init() {
-	// Seems like kern.osreldate is veiled on latest OS X. We use
-	// kern.osrelease instead.
-	osver, err := syscall.Sysctl("kern.osrelease")
-	if err != nil {
-		return
-	}
-	var i int
-	for i = range osver {
-		if osver[i] == '.' {
-			break
-		}
-	}
-	// The IP_PKTINFO and protocol-independent multicast API were
-	// introduced in OS X 10.7 (Darwin 11.0.0). But it looks like
-	// those features require OS X 10.8 (Darwin 12.0.0) and above.
-	// See http://support.apple.com/kb/HT1633.
-	if i > 2 || i == 2 && osver[0] >= '1' && osver[1] >= '2' {
-		ctlOpts[ctlPacketInfo].name = sysIP_PKTINFO
-		ctlOpts[ctlPacketInfo].length = sysSizeofInetPktinfo
-		ctlOpts[ctlPacketInfo].marshal = marshalPacketInfo
-		ctlOpts[ctlPacketInfo].parse = parsePacketInfo
-		sockOpts[ssoPacketInfo].name = sysIP_RECVPKTINFO
-		sockOpts[ssoPacketInfo].typ = ssoTypeInt
-		sockOpts[ssoMulticastInterface].typ = ssoTypeIPMreqn
-		sockOpts[ssoJoinGroup].name = sysMCAST_JOIN_GROUP
-		sockOpts[ssoJoinGroup].typ = ssoTypeGroupReq
-		sockOpts[ssoLeaveGroup].name = sysMCAST_LEAVE_GROUP
-		sockOpts[ssoLeaveGroup].typ = ssoTypeGroupReq
-		sockOpts[ssoJoinSourceGroup].name = sysMCAST_JOIN_SOURCE_GROUP
-		sockOpts[ssoJoinSourceGroup].typ = ssoTypeGroupSourceReq
-		sockOpts[ssoLeaveSourceGroup].name = sysMCAST_LEAVE_SOURCE_GROUP
-		sockOpts[ssoLeaveSourceGroup].typ = ssoTypeGroupSourceReq
-		sockOpts[ssoBlockSourceGroup].name = sysMCAST_BLOCK_SOURCE
-		sockOpts[ssoBlockSourceGroup].typ = ssoTypeGroupSourceReq
-		sockOpts[ssoUnblockSourceGroup].name = sysMCAST_UNBLOCK_SOURCE
-		sockOpts[ssoUnblockSourceGroup].typ = ssoTypeGroupSourceReq
-	}
-}
-
-func (pi *sysInetPktinfo) setIfindex(i int) {
-	pi.Ifindex = uint32(i)
-}
-
-func (gr *sysGroupReq) setGroup(grp net.IP) {
-	sa := (*sysSockaddrInet)(unsafe.Pointer(&gr.Pad_cgo_0[0]))
-	sa.Len = sysSizeofSockaddrInet
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], grp)
-}
-
-func (gsr *sysGroupSourceReq) setSourceGroup(grp, src net.IP) {
-	sa := (*sysSockaddrInet)(unsafe.Pointer(&gsr.Pad_cgo_0[0]))
-	sa.Len = sysSizeofSockaddrInet
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], grp)
-	sa = (*sysSockaddrInet)(unsafe.Pointer(&gsr.Pad_cgo_1[0]))
-	sa.Len = sysSizeofSockaddrInet
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], src)
-}
diff --git a/vendor/golang.org/x/net/ipv4/sys_freebsd.go b/vendor/golang.org/x/net/ipv4/sys_freebsd.go
deleted file mode 100644
index 09ef4910..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_freebsd.go
+++ /dev/null
@@ -1,75 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"runtime"
-	"strings"
-	"syscall"
-	"unsafe"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTTL:       {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
-		ctlDst:       {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
-		ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTOS:                {sysIP_TOS, ssoTypeInt},
-		ssoTTL:                {sysIP_TTL, ssoTypeInt},
-		ssoMulticastTTL:       {sysIP_MULTICAST_TTL, ssoTypeByte},
-		ssoMulticastInterface: {sysIP_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastLoopback:  {sysIP_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTTL:         {sysIP_RECVTTL, ssoTypeInt},
-		ssoReceiveDst:         {sysIP_RECVDSTADDR, ssoTypeInt},
-		ssoReceiveInterface:   {sysIP_RECVIF, ssoTypeInt},
-		ssoHeaderPrepend:      {sysIP_HDRINCL, ssoTypeInt},
-		ssoJoinGroup:          {sysMCAST_JOIN_GROUP, ssoTypeGroupReq},
-		ssoLeaveGroup:         {sysMCAST_LEAVE_GROUP, ssoTypeGroupReq},
-		ssoJoinSourceGroup:    {sysMCAST_JOIN_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoLeaveSourceGroup:   {sysMCAST_LEAVE_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoBlockSourceGroup:   {sysMCAST_BLOCK_SOURCE, ssoTypeGroupSourceReq},
-		ssoUnblockSourceGroup: {sysMCAST_UNBLOCK_SOURCE, ssoTypeGroupSourceReq},
-	}
-)
-
-func init() {
-	freebsdVersion, _ = syscall.SysctlUint32("kern.osreldate")
-	if freebsdVersion >= 1000000 {
-		sockOpts[ssoMulticastInterface].typ = ssoTypeIPMreqn
-	}
-	if runtime.GOOS == "freebsd" && runtime.GOARCH == "386" {
-		archs, _ := syscall.Sysctl("kern.supported_archs")
-		for _, s := range strings.Fields(archs) {
-			if s == "amd64" {
-				freebsd32o64 = true
-				break
-			}
-		}
-	}
-}
-
-func (gr *sysGroupReq) setGroup(grp net.IP) {
-	sa := (*sysSockaddrInet)(unsafe.Pointer(&gr.Group))
-	sa.Len = sysSizeofSockaddrInet
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], grp)
-}
-
-func (gsr *sysGroupSourceReq) setSourceGroup(grp, src net.IP) {
-	sa := (*sysSockaddrInet)(unsafe.Pointer(&gsr.Group))
-	sa.Len = sysSizeofSockaddrInet
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], grp)
-	sa = (*sysSockaddrInet)(unsafe.Pointer(&gsr.Source))
-	sa.Len = sysSizeofSockaddrInet
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], src)
-}
diff --git a/vendor/golang.org/x/net/ipv4/sys_linux.go b/vendor/golang.org/x/net/ipv4/sys_linux.go
deleted file mode 100644
index b1f38789..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_linux.go
+++ /dev/null
@@ -1,57 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-	"unsafe"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTTL:        {sysIP_TTL, 1, marshalTTL, parseTTL},
-		ctlPacketInfo: {sysIP_PKTINFO, sysSizeofInetPktinfo, marshalPacketInfo, parsePacketInfo},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTOS:                {sysIP_TOS, ssoTypeInt},
-		ssoTTL:                {sysIP_TTL, ssoTypeInt},
-		ssoMulticastTTL:       {sysIP_MULTICAST_TTL, ssoTypeInt},
-		ssoMulticastInterface: {sysIP_MULTICAST_IF, ssoTypeIPMreqn},
-		ssoMulticastLoopback:  {sysIP_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTTL:         {sysIP_RECVTTL, ssoTypeInt},
-		ssoPacketInfo:         {sysIP_PKTINFO, ssoTypeInt},
-		ssoHeaderPrepend:      {sysIP_HDRINCL, ssoTypeInt},
-		ssoICMPFilter:         {sysICMP_FILTER, ssoTypeICMPFilter},
-		ssoJoinGroup:          {sysMCAST_JOIN_GROUP, ssoTypeGroupReq},
-		ssoLeaveGroup:         {sysMCAST_LEAVE_GROUP, ssoTypeGroupReq},
-		ssoJoinSourceGroup:    {sysMCAST_JOIN_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoLeaveSourceGroup:   {sysMCAST_LEAVE_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoBlockSourceGroup:   {sysMCAST_BLOCK_SOURCE, ssoTypeGroupSourceReq},
-		ssoUnblockSourceGroup: {sysMCAST_UNBLOCK_SOURCE, ssoTypeGroupSourceReq},
-	}
-)
-
-func (pi *sysInetPktinfo) setIfindex(i int) {
-	pi.Ifindex = int32(i)
-}
-
-func (gr *sysGroupReq) setGroup(grp net.IP) {
-	sa := (*sysSockaddrInet)(unsafe.Pointer(&gr.Group))
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], grp)
-}
-
-func (gsr *sysGroupSourceReq) setSourceGroup(grp, src net.IP) {
-	sa := (*sysSockaddrInet)(unsafe.Pointer(&gsr.Group))
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], grp)
-	sa = (*sysSockaddrInet)(unsafe.Pointer(&gsr.Source))
-	sa.Family = syscall.AF_INET
-	copy(sa.Addr[:], src)
-}
diff --git a/vendor/golang.org/x/net/ipv4/sys_openbsd.go b/vendor/golang.org/x/net/ipv4/sys_openbsd.go
deleted file mode 100644
index 550f2081..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_openbsd.go
+++ /dev/null
@@ -1,34 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"net"
-	"syscall"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTTL:       {sysIP_RECVTTL, 1, marshalTTL, parseTTL},
-		ctlDst:       {sysIP_RECVDSTADDR, net.IPv4len, marshalDst, parseDst},
-		ctlInterface: {sysIP_RECVIF, syscall.SizeofSockaddrDatalink, marshalInterface, parseInterface},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTOS:                {sysIP_TOS, ssoTypeInt},
-		ssoTTL:                {sysIP_TTL, ssoTypeInt},
-		ssoMulticastTTL:       {sysIP_MULTICAST_TTL, ssoTypeByte},
-		ssoMulticastInterface: {sysIP_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastLoopback:  {sysIP_MULTICAST_LOOP, ssoTypeByte},
-		ssoReceiveTTL:         {sysIP_RECVTTL, ssoTypeInt},
-		ssoReceiveDst:         {sysIP_RECVDSTADDR, ssoTypeInt},
-		ssoReceiveInterface:   {sysIP_RECVIF, ssoTypeInt},
-		ssoHeaderPrepend:      {sysIP_HDRINCL, ssoTypeInt},
-		ssoJoinGroup:          {sysIP_ADD_MEMBERSHIP, ssoTypeIPMreq},
-		ssoLeaveGroup:         {sysIP_DROP_MEMBERSHIP, ssoTypeIPMreq},
-	}
-)
diff --git a/vendor/golang.org/x/net/ipv4/sys_stub.go b/vendor/golang.org/x/net/ipv4/sys_stub.go
deleted file mode 100644
index efbcc479..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_stub.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv4
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{}
-
-	sockOpts = [ssoMax]sockOpt{}
-)
diff --git a/vendor/golang.org/x/net/ipv4/sys_windows.go b/vendor/golang.org/x/net/ipv4/sys_windows.go
deleted file mode 100644
index 466489fe..00000000
--- a/vendor/golang.org/x/net/ipv4/sys_windows.go
+++ /dev/null
@@ -1,61 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-const (
-	// See ws2tcpip.h.
-	sysIP_OPTIONS                = 0x1
-	sysIP_HDRINCL                = 0x2
-	sysIP_TOS                    = 0x3
-	sysIP_TTL                    = 0x4
-	sysIP_MULTICAST_IF           = 0x9
-	sysIP_MULTICAST_TTL          = 0xa
-	sysIP_MULTICAST_LOOP         = 0xb
-	sysIP_ADD_MEMBERSHIP         = 0xc
-	sysIP_DROP_MEMBERSHIP        = 0xd
-	sysIP_DONTFRAGMENT           = 0xe
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0xf
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x10
-	sysIP_PKTINFO                = 0x13
-
-	sysSizeofInetPktinfo  = 0x8
-	sysSizeofIPMreq       = 0x8
-	sysSizeofIPMreqSource = 0xc
-)
-
-type sysInetPktinfo struct {
-	Addr    [4]byte
-	Ifindex int32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte
-	Interface [4]byte
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  [4]byte
-	Sourceaddr [4]byte
-	Interface  [4]byte
-}
-
-// See http://msdn.microsoft.com/en-us/library/windows/desktop/ms738586(v=vs.85).aspx
-var (
-	ctlOpts = [ctlMax]ctlOpt{}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTOS:                {sysIP_TOS, ssoTypeInt},
-		ssoTTL:                {sysIP_TTL, ssoTypeInt},
-		ssoMulticastTTL:       {sysIP_MULTICAST_TTL, ssoTypeInt},
-		ssoMulticastInterface: {sysIP_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastLoopback:  {sysIP_MULTICAST_LOOP, ssoTypeInt},
-		ssoJoinGroup:          {sysIP_ADD_MEMBERSHIP, ssoTypeIPMreq},
-		ssoLeaveGroup:         {sysIP_DROP_MEMBERSHIP, ssoTypeIPMreq},
-	}
-)
-
-func (pi *sysInetPktinfo) setIfindex(i int) {
-	pi.Ifindex = int32(i)
-}
diff --git a/vendor/golang.org/x/net/ipv4/syscall_linux_386.go b/vendor/golang.org/x/net/ipv4/syscall_linux_386.go
deleted file mode 100644
index ab4ad045..00000000
--- a/vendor/golang.org/x/net/ipv4/syscall_linux_386.go
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-const (
-	sysGETSOCKOPT = 0xf
-	sysSETSOCKOPT = 0xe
-)
-
-func socketcall(call int, a0, a1, a2, a3, a4, a5 uintptr) (int, syscall.Errno)
-
-func getsockopt(fd, level, name int, v unsafe.Pointer, l *sysSockoptLen) error {
-	if _, errno := socketcall(sysGETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(unsafe.Pointer(l)), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
-
-func setsockopt(fd, level, name int, v unsafe.Pointer, l sysSockoptLen) error {
-	if _, errno := socketcall(sysSETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(l), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/syscall_unix.go b/vendor/golang.org/x/net/ipv4/syscall_unix.go
deleted file mode 100644
index 5fe8e83b..00000000
--- a/vendor/golang.org/x/net/ipv4/syscall_unix.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux,!386 netbsd openbsd
-
-package ipv4
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-func getsockopt(fd, level, name int, v unsafe.Pointer, l *sysSockoptLen) error {
-	if _, _, errno := syscall.Syscall6(syscall.SYS_GETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(unsafe.Pointer(l)), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
-
-func setsockopt(fd, level, name int, v unsafe.Pointer, l sysSockoptLen) error {
-	if _, _, errno := syscall.Syscall6(syscall.SYS_SETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(l), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv4/thunk_linux_386.s b/vendor/golang.org/x/net/ipv4/thunk_linux_386.s
deleted file mode 100644
index daa78bc0..00000000
--- a/vendor/golang.org/x/net/ipv4/thunk_linux_386.s
+++ /dev/null
@@ -1,8 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build go1.2
-
-TEXT	·socketcall(SB),4,$0-36
-	JMP	syscall·socketcall(SB)
diff --git a/vendor/golang.org/x/net/ipv4/unicast_test.go b/vendor/golang.org/x/net/ipv4/unicast_test.go
deleted file mode 100644
index 9c632cd8..00000000
--- a/vendor/golang.org/x/net/ipv4/unicast_test.go
+++ /dev/null
@@ -1,246 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"bytes"
-	"net"
-	"os"
-	"runtime"
-	"testing"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-func TestPacketConnReadWriteUnicastUDP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	c, err := net.ListenPacket("udp4", "127.0.0.1:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	dst, err := net.ResolveUDPAddr("udp4", c.LocalAddr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-	p := ipv4.NewPacketConn(c)
-	defer p.Close()
-	cf := ipv4.FlagTTL | ipv4.FlagDst | ipv4.FlagInterface
-	wb := []byte("HELLO-R-U-THERE")
-
-	for i, toggle := range []bool{true, false, true} {
-		if err := p.SetControlMessage(cf, toggle); err != nil {
-			if nettest.ProtocolNotSupported(err) {
-				t.Logf("not supported on %s", runtime.GOOS)
-				continue
-			}
-			t.Fatal(err)
-		}
-		p.SetTTL(i + 1)
-		if err := p.SetWriteDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, err := p.WriteTo(wb, nil, dst); err != nil {
-			t.Fatal(err)
-		} else if n != len(wb) {
-			t.Fatalf("got %v; want %v", n, len(wb))
-		}
-		rb := make([]byte, 128)
-		if err := p.SetReadDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, _, _, err := p.ReadFrom(rb); err != nil {
-			t.Fatal(err)
-		} else if !bytes.Equal(rb[:n], wb) {
-			t.Fatalf("got %v; want %v", rb[:n], wb)
-		}
-	}
-}
-
-func TestPacketConnReadWriteUnicastICMP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	c, err := net.ListenPacket("ip4:icmp", "0.0.0.0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	dst, err := net.ResolveIPAddr("ip4", "127.0.0.1")
-	if err != nil {
-		t.Fatal(err)
-	}
-	p := ipv4.NewPacketConn(c)
-	defer p.Close()
-	cf := ipv4.FlagTTL | ipv4.FlagDst | ipv4.FlagInterface
-
-	for i, toggle := range []bool{true, false, true} {
-		wb, err := (&icmp.Message{
-			Type: ipv4.ICMPTypeEcho, Code: 0,
-			Body: &icmp.Echo{
-				ID: os.Getpid() & 0xffff, Seq: i + 1,
-				Data: []byte("HELLO-R-U-THERE"),
-			},
-		}).Marshal(nil)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if err := p.SetControlMessage(cf, toggle); err != nil {
-			if nettest.ProtocolNotSupported(err) {
-				t.Logf("not supported on %s", runtime.GOOS)
-				continue
-			}
-			t.Fatal(err)
-		}
-		p.SetTTL(i + 1)
-		if err := p.SetWriteDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, err := p.WriteTo(wb, nil, dst); err != nil {
-			t.Fatal(err)
-		} else if n != len(wb) {
-			t.Fatalf("got %v; want %v", n, len(wb))
-		}
-		rb := make([]byte, 128)
-	loop:
-		if err := p.SetReadDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, _, _, err := p.ReadFrom(rb); err != nil {
-			switch runtime.GOOS {
-			case "darwin": // older darwin kernels have some limitation on receiving icmp packet through raw socket
-				t.Logf("not supported on %s", runtime.GOOS)
-				continue
-			}
-			t.Fatal(err)
-		} else {
-			m, err := icmp.ParseMessage(iana.ProtocolICMP, rb[:n])
-			if err != nil {
-				t.Fatal(err)
-			}
-			if runtime.GOOS == "linux" && m.Type == ipv4.ICMPTypeEcho {
-				// On Linux we must handle own sent packets.
-				goto loop
-			}
-			if m.Type != ipv4.ICMPTypeEchoReply || m.Code != 0 {
-				t.Fatalf("got type=%v, code=%v; want type=%v, code=%v", m.Type, m.Code, ipv4.ICMPTypeEchoReply, 0)
-			}
-		}
-	}
-}
-
-func TestRawConnReadWriteUnicastICMP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	c, err := net.ListenPacket("ip4:icmp", "0.0.0.0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	dst, err := net.ResolveIPAddr("ip4", "127.0.0.1")
-	if err != nil {
-		t.Fatal(err)
-	}
-	r, err := ipv4.NewRawConn(c)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer r.Close()
-	cf := ipv4.FlagTTL | ipv4.FlagDst | ipv4.FlagInterface
-
-	for i, toggle := range []bool{true, false, true} {
-		wb, err := (&icmp.Message{
-			Type: ipv4.ICMPTypeEcho, Code: 0,
-			Body: &icmp.Echo{
-				ID: os.Getpid() & 0xffff, Seq: i + 1,
-				Data: []byte("HELLO-R-U-THERE"),
-			},
-		}).Marshal(nil)
-		if err != nil {
-			t.Fatal(err)
-		}
-		wh := &ipv4.Header{
-			Version:  ipv4.Version,
-			Len:      ipv4.HeaderLen,
-			TOS:      i + 1,
-			TotalLen: ipv4.HeaderLen + len(wb),
-			TTL:      i + 1,
-			Protocol: 1,
-			Dst:      dst.IP,
-		}
-		if err := r.SetControlMessage(cf, toggle); err != nil {
-			if nettest.ProtocolNotSupported(err) {
-				t.Logf("not supported on %s", runtime.GOOS)
-				continue
-			}
-			t.Fatal(err)
-		}
-		if err := r.SetWriteDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if err := r.WriteTo(wh, wb, nil); err != nil {
-			t.Fatal(err)
-		}
-		rb := make([]byte, ipv4.HeaderLen+128)
-	loop:
-		if err := r.SetReadDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if _, b, _, err := r.ReadFrom(rb); err != nil {
-			switch runtime.GOOS {
-			case "darwin": // older darwin kernels have some limitation on receiving icmp packet through raw socket
-				t.Logf("not supported on %s", runtime.GOOS)
-				continue
-			}
-			t.Fatal(err)
-		} else {
-			m, err := icmp.ParseMessage(iana.ProtocolICMP, b)
-			if err != nil {
-				t.Fatal(err)
-			}
-			if runtime.GOOS == "linux" && m.Type == ipv4.ICMPTypeEcho {
-				// On Linux we must handle own sent packets.
-				goto loop
-			}
-			if m.Type != ipv4.ICMPTypeEchoReply || m.Code != 0 {
-				t.Fatalf("got type=%v, code=%v; want type=%v, code=%v", m.Type, m.Code, ipv4.ICMPTypeEchoReply, 0)
-			}
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/unicastsockopt_test.go b/vendor/golang.org/x/net/ipv4/unicastsockopt_test.go
deleted file mode 100644
index 25606f21..00000000
--- a/vendor/golang.org/x/net/ipv4/unicastsockopt_test.go
+++ /dev/null
@@ -1,139 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv4_test
-
-import (
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv4"
-)
-
-func TestConnUnicastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	ln, err := net.Listen("tcp4", "127.0.0.1:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer ln.Close()
-
-	done := make(chan bool)
-	go acceptor(t, ln, done)
-
-	c, err := net.Dial("tcp4", ln.Addr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	testUnicastSocketOptions(t, ipv4.NewConn(c))
-
-	<-done
-}
-
-var packetConnUnicastSocketOptionTests = []struct {
-	net, proto, addr string
-}{
-	{"udp4", "", "127.0.0.1:0"},
-	{"ip4", ":icmp", "127.0.0.1"},
-}
-
-func TestPacketConnUnicastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	m, ok := nettest.SupportsRawIPSocket()
-	for _, tt := range packetConnUnicastSocketOptionTests {
-		if tt.net == "ip4" && !ok {
-			t.Log(m)
-			continue
-		}
-		c, err := net.ListenPacket(tt.net+tt.proto, tt.addr)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		testUnicastSocketOptions(t, ipv4.NewPacketConn(c))
-	}
-}
-
-func TestRawConnUnicastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip4", net.FlagUp|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	c, err := net.ListenPacket("ip4:icmp", "127.0.0.1")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	r, err := ipv4.NewRawConn(c)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	testUnicastSocketOptions(t, r)
-}
-
-type testIPv4UnicastConn interface {
-	TOS() (int, error)
-	SetTOS(int) error
-	TTL() (int, error)
-	SetTTL(int) error
-}
-
-func testUnicastSocketOptions(t *testing.T, c testIPv4UnicastConn) {
-	tos := iana.DiffServCS0 | iana.NotECNTransport
-	switch runtime.GOOS {
-	case "windows":
-		// IP_TOS option is supported on Windows 8 and beyond.
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-
-	if err := c.SetTOS(tos); err != nil {
-		t.Fatal(err)
-	}
-	if v, err := c.TOS(); err != nil {
-		t.Fatal(err)
-	} else if v != tos {
-		t.Fatalf("got %v; want %v", v, tos)
-	}
-	const ttl = 255
-	if err := c.SetTTL(ttl); err != nil {
-		t.Fatal(err)
-	}
-	if v, err := c.TTL(); err != nil {
-		t.Fatal(err)
-	} else if v != ttl {
-		t.Fatalf("got %v; want %v", v, ttl)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_darwin.go b/vendor/golang.org/x/net/ipv4/zsys_darwin.go
deleted file mode 100644
index 087c6390..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_darwin.go
+++ /dev/null
@@ -1,99 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_darwin.go
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x14
-	sysIP_STRIPHDR    = 0x17
-	sysIP_RECVTTL     = 0x18
-	sysIP_BOUND_IF    = 0x19
-	sysIP_PKTINFO     = 0x1a
-	sysIP_RECVPKTINFO = 0x1a
-
-	sysIP_MULTICAST_IF           = 0x9
-	sysIP_MULTICAST_TTL          = 0xa
-	sysIP_MULTICAST_LOOP         = 0xb
-	sysIP_ADD_MEMBERSHIP         = 0xc
-	sysIP_DROP_MEMBERSHIP        = 0xd
-	sysIP_MULTICAST_VIF          = 0xe
-	sysIP_MULTICAST_IFINDEX      = 0x42
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x46
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
-	sysIP_BLOCK_SOURCE           = 0x48
-	sysIP_UNBLOCK_SOURCE         = 0x49
-	sysMCAST_JOIN_GROUP          = 0x50
-	sysMCAST_LEAVE_GROUP         = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x53
-	sysMCAST_BLOCK_SOURCE        = 0x54
-	sysMCAST_UNBLOCK_SOURCE      = 0x55
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet    = 0x10
-	sysSizeofInetPktinfo     = 0xc
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet struct {
-	Len    uint8
-	Family uint8
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	Zero   [8]int8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  uint32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  [4]byte /* in_addr */
-	Sourceaddr [4]byte /* in_addr */
-	Interface  [4]byte /* in_addr */
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [128]byte
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [128]byte
-	Pad_cgo_1 [128]byte
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go b/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
deleted file mode 100644
index f5c9ccec..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_dragonfly.go
+++ /dev/null
@@ -1,33 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_dragonfly.go
-
-// +build dragonfly
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x14
-	sysIP_RECVTTL     = 0x41
-
-	sysIP_MULTICAST_IF    = 0x9
-	sysIP_MULTICAST_TTL   = 0xa
-	sysIP_MULTICAST_LOOP  = 0xb
-	sysIP_MULTICAST_VIF   = 0xe
-	sysIP_ADD_MEMBERSHIP  = 0xc
-	sysIP_DROP_MEMBERSHIP = 0xd
-
-	sysSizeofIPMreq = 0x8
-)
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
deleted file mode 100644
index 6fd67e1e..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_386.go
+++ /dev/null
@@ -1,93 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_freebsd.go
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_SENDSRCADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x14
-	sysIP_ONESBCAST   = 0x17
-	sysIP_BINDANY     = 0x18
-	sysIP_RECVTTL     = 0x41
-	sysIP_MINTTL      = 0x42
-	sysIP_DONTFRAG    = 0x43
-	sysIP_RECVTOS     = 0x44
-
-	sysIP_MULTICAST_IF           = 0x9
-	sysIP_MULTICAST_TTL          = 0xa
-	sysIP_MULTICAST_LOOP         = 0xb
-	sysIP_ADD_MEMBERSHIP         = 0xc
-	sysIP_DROP_MEMBERSHIP        = 0xd
-	sysIP_MULTICAST_VIF          = 0xe
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x46
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
-	sysIP_BLOCK_SOURCE           = 0x48
-	sysIP_UNBLOCK_SOURCE         = 0x49
-	sysMCAST_JOIN_GROUP          = 0x50
-	sysMCAST_LEAVE_GROUP         = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x53
-	sysMCAST_BLOCK_SOURCE        = 0x54
-	sysMCAST_UNBLOCK_SOURCE      = 0x55
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet    = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet struct {
-	Len    uint8
-	Family uint8
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	Zero   [8]int8
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  [4]byte /* in_addr */
-	Sourceaddr [4]byte /* in_addr */
-	Interface  [4]byte /* in_addr */
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Group     sysSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Group     sysSockaddrStorage
-	Source    sysSockaddrStorage
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
deleted file mode 100644
index ebac6d79..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_amd64.go
+++ /dev/null
@@ -1,95 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_freebsd.go
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_SENDSRCADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x14
-	sysIP_ONESBCAST   = 0x17
-	sysIP_BINDANY     = 0x18
-	sysIP_RECVTTL     = 0x41
-	sysIP_MINTTL      = 0x42
-	sysIP_DONTFRAG    = 0x43
-	sysIP_RECVTOS     = 0x44
-
-	sysIP_MULTICAST_IF           = 0x9
-	sysIP_MULTICAST_TTL          = 0xa
-	sysIP_MULTICAST_LOOP         = 0xb
-	sysIP_ADD_MEMBERSHIP         = 0xc
-	sysIP_DROP_MEMBERSHIP        = 0xd
-	sysIP_MULTICAST_VIF          = 0xe
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x46
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
-	sysIP_BLOCK_SOURCE           = 0x48
-	sysIP_UNBLOCK_SOURCE         = 0x49
-	sysMCAST_JOIN_GROUP          = 0x50
-	sysMCAST_LEAVE_GROUP         = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x53
-	sysMCAST_BLOCK_SOURCE        = 0x54
-	sysMCAST_UNBLOCK_SOURCE      = 0x55
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet    = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet struct {
-	Len    uint8
-	Family uint8
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	Zero   [8]int8
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  [4]byte /* in_addr */
-	Sourceaddr [4]byte /* in_addr */
-	Interface  [4]byte /* in_addr */
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-	Source    sysSockaddrStorage
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go b/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
deleted file mode 100644
index ebac6d79..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_freebsd_arm.go
+++ /dev/null
@@ -1,95 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_freebsd.go
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_SENDSRCADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x14
-	sysIP_ONESBCAST   = 0x17
-	sysIP_BINDANY     = 0x18
-	sysIP_RECVTTL     = 0x41
-	sysIP_MINTTL      = 0x42
-	sysIP_DONTFRAG    = 0x43
-	sysIP_RECVTOS     = 0x44
-
-	sysIP_MULTICAST_IF           = 0x9
-	sysIP_MULTICAST_TTL          = 0xa
-	sysIP_MULTICAST_LOOP         = 0xb
-	sysIP_ADD_MEMBERSHIP         = 0xc
-	sysIP_DROP_MEMBERSHIP        = 0xd
-	sysIP_MULTICAST_VIF          = 0xe
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x46
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x47
-	sysIP_BLOCK_SOURCE           = 0x48
-	sysIP_UNBLOCK_SOURCE         = 0x49
-	sysMCAST_JOIN_GROUP          = 0x50
-	sysMCAST_LEAVE_GROUP         = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x53
-	sysMCAST_BLOCK_SOURCE        = 0x54
-	sysMCAST_UNBLOCK_SOURCE      = 0x55
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet    = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet struct {
-	Len    uint8
-	Family uint8
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	Zero   [8]int8
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  [4]byte /* in_addr */
-	Sourceaddr [4]byte /* in_addr */
-	Interface  [4]byte /* in_addr */
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-	Source    sysSockaddrStorage
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_386.go b/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
deleted file mode 100644
index fc7a9ebf..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_386.go
+++ /dev/null
@@ -1,130 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
deleted file mode 100644
index e324b81b..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_amd64.go
+++ /dev/null
@@ -1,132 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go b/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
deleted file mode 100644
index fc7a9ebf..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_arm.go
+++ /dev/null
@@ -1,130 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
deleted file mode 100644
index ce4194a6..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_arm64.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,arm64
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
deleted file mode 100644
index 94116bfa..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,mips64
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go b/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
deleted file mode 100644
index 698d7db3..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_mips64le.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,mips64le
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
deleted file mode 100644
index 9fe5ee2b..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,ppc64
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
deleted file mode 100644
index 3891f54e..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_linux_ppc64le.go
+++ /dev/null
@@ -1,134 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,ppc64le
-
-package ipv4
-
-const (
-	sysIP_TOS             = 0x1
-	sysIP_TTL             = 0x2
-	sysIP_HDRINCL         = 0x3
-	sysIP_OPTIONS         = 0x4
-	sysIP_ROUTER_ALERT    = 0x5
-	sysIP_RECVOPTS        = 0x6
-	sysIP_RETOPTS         = 0x7
-	sysIP_PKTINFO         = 0x8
-	sysIP_PKTOPTIONS      = 0x9
-	sysIP_MTU_DISCOVER    = 0xa
-	sysIP_RECVERR         = 0xb
-	sysIP_RECVTTL         = 0xc
-	sysIP_RECVTOS         = 0xd
-	sysIP_MTU             = 0xe
-	sysIP_FREEBIND        = 0xf
-	sysIP_TRANSPARENT     = 0x13
-	sysIP_RECVRETOPTS     = 0x7
-	sysIP_ORIGDSTADDR     = 0x14
-	sysIP_RECVORIGDSTADDR = 0x14
-	sysIP_MINTTL          = 0x15
-	sysIP_NODEFRAG        = 0x16
-	sysIP_UNICAST_IF      = 0x32
-
-	sysIP_MULTICAST_IF           = 0x20
-	sysIP_MULTICAST_TTL          = 0x21
-	sysIP_MULTICAST_LOOP         = 0x22
-	sysIP_ADD_MEMBERSHIP         = 0x23
-	sysIP_DROP_MEMBERSHIP        = 0x24
-	sysIP_UNBLOCK_SOURCE         = 0x25
-	sysIP_BLOCK_SOURCE           = 0x26
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x27
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x28
-	sysIP_MSFILTER               = 0x29
-	sysMCAST_JOIN_GROUP          = 0x2a
-	sysMCAST_LEAVE_GROUP         = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP   = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP  = 0x2f
-	sysMCAST_BLOCK_SOURCE        = 0x2b
-	sysMCAST_UNBLOCK_SOURCE      = 0x2c
-	sysMCAST_MSFILTER            = 0x30
-	sysIP_MULTICAST_ALL          = 0x31
-
-	sysICMP_FILTER = 0x1
-
-	sysSO_EE_ORIGIN_NONE         = 0x0
-	sysSO_EE_ORIGIN_LOCAL        = 0x1
-	sysSO_EE_ORIGIN_ICMP         = 0x2
-	sysSO_EE_ORIGIN_ICMP6        = 0x3
-	sysSO_EE_ORIGIN_TXSTATUS     = 0x4
-	sysSO_EE_ORIGIN_TIMESTAMPING = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet          = 0x10
-	sysSizeofInetPktinfo           = 0xc
-	sysSizeofSockExtendedErr       = 0x10
-
-	sysSizeofIPMreq         = 0x8
-	sysSizeofIPMreqn        = 0xc
-	sysSizeofIPMreqSource   = 0xc
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPFilter = 0x4
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet struct {
-	Family uint16
-	Port   uint16
-	Addr   [4]byte /* in_addr */
-	X__pad [8]uint8
-}
-
-type sysInetPktinfo struct {
-	Ifindex  int32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysSockExtendedErr struct {
-	Errno  uint32
-	Origin uint8
-	Type   uint8
-	Code   uint8
-	Pad    uint8
-	Info   uint32
-	Data   uint32
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqn struct {
-	Multiaddr [4]byte /* in_addr */
-	Address   [4]byte /* in_addr */
-	Ifindex   int32
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  uint32
-	Interface  uint32
-	Sourceaddr uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPFilter struct {
-	Data uint32
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_netbsd.go b/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
deleted file mode 100644
index 8a440eb6..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_netbsd.go
+++ /dev/null
@@ -1,30 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_netbsd.go
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x14
-	sysIP_RECVTTL     = 0x17
-
-	sysIP_MULTICAST_IF    = 0x9
-	sysIP_MULTICAST_TTL   = 0xa
-	sysIP_MULTICAST_LOOP  = 0xb
-	sysIP_ADD_MEMBERSHIP  = 0xc
-	sysIP_DROP_MEMBERSHIP = 0xd
-
-	sysSizeofIPMreq = 0x8
-)
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_openbsd.go b/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
deleted file mode 100644
index fd522b57..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_openbsd.go
+++ /dev/null
@@ -1,30 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_openbsd.go
-
-package ipv4
-
-const (
-	sysIP_OPTIONS     = 0x1
-	sysIP_HDRINCL     = 0x2
-	sysIP_TOS         = 0x3
-	sysIP_TTL         = 0x4
-	sysIP_RECVOPTS    = 0x5
-	sysIP_RECVRETOPTS = 0x6
-	sysIP_RECVDSTADDR = 0x7
-	sysIP_RETOPTS     = 0x8
-	sysIP_RECVIF      = 0x1e
-	sysIP_RECVTTL     = 0x1f
-
-	sysIP_MULTICAST_IF    = 0x9
-	sysIP_MULTICAST_TTL   = 0xa
-	sysIP_MULTICAST_LOOP  = 0xb
-	sysIP_ADD_MEMBERSHIP  = 0xc
-	sysIP_DROP_MEMBERSHIP = 0xd
-
-	sysSizeofIPMreq = 0x8
-)
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
diff --git a/vendor/golang.org/x/net/ipv4/zsys_solaris.go b/vendor/golang.org/x/net/ipv4/zsys_solaris.go
deleted file mode 100644
index d7c23349..00000000
--- a/vendor/golang.org/x/net/ipv4/zsys_solaris.go
+++ /dev/null
@@ -1,60 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_solaris.go
-
-// +build solaris
-
-package ipv4
-
-const (
-	sysIP_OPTIONS       = 0x1
-	sysIP_HDRINCL       = 0x2
-	sysIP_TOS           = 0x3
-	sysIP_TTL           = 0x4
-	sysIP_RECVOPTS      = 0x5
-	sysIP_RECVRETOPTS   = 0x6
-	sysIP_RECVDSTADDR   = 0x7
-	sysIP_RETOPTS       = 0x8
-	sysIP_RECVIF        = 0x9
-	sysIP_RECVSLLA      = 0xa
-	sysIP_RECVTTL       = 0xb
-	sysIP_NEXTHOP       = 0x19
-	sysIP_PKTINFO       = 0x1a
-	sysIP_RECVPKTINFO   = 0x1a
-	sysIP_DONTFRAG      = 0x1b
-	sysIP_BOUND_IF      = 0x41
-	sysIP_UNSPEC_SRC    = 0x42
-	sysIP_BROADCAST_TTL = 0x43
-	sysIP_DHCPINIT_IF   = 0x45
-
-	sysIP_MULTICAST_IF           = 0x10
-	sysIP_MULTICAST_TTL          = 0x11
-	sysIP_MULTICAST_LOOP         = 0x12
-	sysIP_ADD_MEMBERSHIP         = 0x13
-	sysIP_DROP_MEMBERSHIP        = 0x14
-	sysIP_BLOCK_SOURCE           = 0x15
-	sysIP_UNBLOCK_SOURCE         = 0x16
-	sysIP_ADD_SOURCE_MEMBERSHIP  = 0x17
-	sysIP_DROP_SOURCE_MEMBERSHIP = 0x18
-
-	sysSizeofInetPktinfo = 0xc
-
-	sysSizeofIPMreq       = 0x8
-	sysSizeofIPMreqSource = 0xc
-)
-
-type sysInetPktinfo struct {
-	Ifindex  uint32
-	Spec_dst [4]byte /* in_addr */
-	Addr     [4]byte /* in_addr */
-}
-
-type sysIPMreq struct {
-	Multiaddr [4]byte /* in_addr */
-	Interface [4]byte /* in_addr */
-}
-
-type sysIPMreqSource struct {
-	Multiaddr  [4]byte /* in_addr */
-	Sourceaddr [4]byte /* in_addr */
-	Interface  [4]byte /* in_addr */
-}
diff --git a/vendor/golang.org/x/net/ipv6/control.go b/vendor/golang.org/x/net/ipv6/control.go
deleted file mode 100644
index b7362aae..00000000
--- a/vendor/golang.org/x/net/ipv6/control.go
+++ /dev/null
@@ -1,85 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"fmt"
-	"net"
-	"sync"
-)
-
-// Note that RFC 3542 obsoletes RFC 2292 but OS X Snow Leopard and the
-// former still support RFC 2292 only.  Please be aware that almost
-// all protocol implementations prohibit using a combination of RFC
-// 2292 and RFC 3542 for some practical reasons.
-
-type rawOpt struct {
-	sync.RWMutex
-	cflags ControlFlags
-}
-
-func (c *rawOpt) set(f ControlFlags)        { c.cflags |= f }
-func (c *rawOpt) clear(f ControlFlags)      { c.cflags &^= f }
-func (c *rawOpt) isset(f ControlFlags) bool { return c.cflags&f != 0 }
-
-// A ControlFlags represents per packet basis IP-level socket option
-// control flags.
-type ControlFlags uint
-
-const (
-	FlagTrafficClass ControlFlags = 1 << iota // pass the traffic class on the received packet
-	FlagHopLimit                              // pass the hop limit on the received packet
-	FlagSrc                                   // pass the source address on the received packet
-	FlagDst                                   // pass the destination address on the received packet
-	FlagInterface                             // pass the interface index on the received packet
-	FlagPathMTU                               // pass the path MTU on the received packet path
-)
-
-const flagPacketInfo = FlagDst | FlagInterface
-
-// A ControlMessage represents per packet basis IP-level socket
-// options.
-type ControlMessage struct {
-	// Receiving socket options: SetControlMessage allows to
-	// receive the options from the protocol stack using ReadFrom
-	// method of PacketConn.
-	//
-	// Specifying socket options: ControlMessage for WriteTo
-	// method of PacketConn allows to send the options to the
-	// protocol stack.
-	//
-	TrafficClass int    // traffic class, must be 1 <= value <= 255 when specifying
-	HopLimit     int    // hop limit, must be 1 <= value <= 255 when specifying
-	Src          net.IP // source address, specifying only
-	Dst          net.IP // destination address, receiving only
-	IfIndex      int    // interface index, must be 1 <= value when specifying
-	NextHop      net.IP // next hop address, specifying only
-	MTU          int    // path MTU, receiving only
-}
-
-func (cm *ControlMessage) String() string {
-	if cm == nil {
-		return ""
-	}
-	return fmt.Sprintf("tclass=%#x hoplim=%d src=%v dst=%v ifindex=%d nexthop=%v mtu=%d", cm.TrafficClass, cm.HopLimit, cm.Src, cm.Dst, cm.IfIndex, cm.NextHop, cm.MTU)
-}
-
-// Ancillary data socket options
-const (
-	ctlTrafficClass = iota // header field
-	ctlHopLimit            // header field
-	ctlPacketInfo          // inbound or outbound packet path
-	ctlNextHop             // nexthop
-	ctlPathMTU             // path mtu
-	ctlMax
-)
-
-// A ctlOpt represents a binding for ancillary data socket option.
-type ctlOpt struct {
-	name    int // option name, must be equal or greater than 1
-	length  int // option length
-	marshal func([]byte, *ControlMessage) []byte
-	parse   func(*ControlMessage, []byte)
-}
diff --git a/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go b/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
deleted file mode 100644
index 80ec2e2f..00000000
--- a/vendor/golang.org/x/net/ipv6/control_rfc2292_unix.go
+++ /dev/null
@@ -1,55 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin
-
-package ipv6
-
-import (
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func marshal2292HopLimit(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_2292HOPLIMIT
-	m.SetLen(syscall.CmsgLen(4))
-	if cm != nil {
-		data := b[syscall.CmsgLen(0):]
-		nativeEndian.PutUint32(data[:4], uint32(cm.HopLimit))
-	}
-	return b[syscall.CmsgSpace(4):]
-}
-
-func marshal2292PacketInfo(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_2292PKTINFO
-	m.SetLen(syscall.CmsgLen(sysSizeofInet6Pktinfo))
-	if cm != nil {
-		pi := (*sysInet6Pktinfo)(unsafe.Pointer(&b[syscall.CmsgLen(0)]))
-		if ip := cm.Src.To16(); ip != nil && ip.To4() == nil {
-			copy(pi.Addr[:], ip)
-		}
-		if cm.IfIndex > 0 {
-			pi.setIfindex(cm.IfIndex)
-		}
-	}
-	return b[syscall.CmsgSpace(sysSizeofInet6Pktinfo):]
-}
-
-func marshal2292NextHop(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_2292NEXTHOP
-	m.SetLen(syscall.CmsgLen(sysSizeofSockaddrInet6))
-	if cm != nil {
-		sa := (*sysSockaddrInet6)(unsafe.Pointer(&b[syscall.CmsgLen(0)]))
-		sa.setSockaddr(cm.NextHop, cm.IfIndex)
-	}
-	return b[syscall.CmsgSpace(sysSizeofSockaddrInet6):]
-}
diff --git a/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go b/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
deleted file mode 100644
index f344d16d..00000000
--- a/vendor/golang.org/x/net/ipv6/control_rfc3542_unix.go
+++ /dev/null
@@ -1,99 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv6
-
-import (
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func marshalTrafficClass(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_TCLASS
-	m.SetLen(syscall.CmsgLen(4))
-	if cm != nil {
-		data := b[syscall.CmsgLen(0):]
-		nativeEndian.PutUint32(data[:4], uint32(cm.TrafficClass))
-	}
-	return b[syscall.CmsgSpace(4):]
-}
-
-func parseTrafficClass(cm *ControlMessage, b []byte) {
-	cm.TrafficClass = int(nativeEndian.Uint32(b[:4]))
-}
-
-func marshalHopLimit(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_HOPLIMIT
-	m.SetLen(syscall.CmsgLen(4))
-	if cm != nil {
-		data := b[syscall.CmsgLen(0):]
-		nativeEndian.PutUint32(data[:4], uint32(cm.HopLimit))
-	}
-	return b[syscall.CmsgSpace(4):]
-}
-
-func parseHopLimit(cm *ControlMessage, b []byte) {
-	cm.HopLimit = int(nativeEndian.Uint32(b[:4]))
-}
-
-func marshalPacketInfo(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_PKTINFO
-	m.SetLen(syscall.CmsgLen(sysSizeofInet6Pktinfo))
-	if cm != nil {
-		pi := (*sysInet6Pktinfo)(unsafe.Pointer(&b[syscall.CmsgLen(0)]))
-		if ip := cm.Src.To16(); ip != nil && ip.To4() == nil {
-			copy(pi.Addr[:], ip)
-		}
-		if cm.IfIndex > 0 {
-			pi.setIfindex(cm.IfIndex)
-		}
-	}
-	return b[syscall.CmsgSpace(sysSizeofInet6Pktinfo):]
-}
-
-func parsePacketInfo(cm *ControlMessage, b []byte) {
-	pi := (*sysInet6Pktinfo)(unsafe.Pointer(&b[0]))
-	cm.Dst = pi.Addr[:]
-	cm.IfIndex = int(pi.Ifindex)
-}
-
-func marshalNextHop(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_NEXTHOP
-	m.SetLen(syscall.CmsgLen(sysSizeofSockaddrInet6))
-	if cm != nil {
-		sa := (*sysSockaddrInet6)(unsafe.Pointer(&b[syscall.CmsgLen(0)]))
-		sa.setSockaddr(cm.NextHop, cm.IfIndex)
-	}
-	return b[syscall.CmsgSpace(sysSizeofSockaddrInet6):]
-}
-
-func parseNextHop(cm *ControlMessage, b []byte) {
-}
-
-func marshalPathMTU(b []byte, cm *ControlMessage) []byte {
-	m := (*syscall.Cmsghdr)(unsafe.Pointer(&b[0]))
-	m.Level = iana.ProtocolIPv6
-	m.Type = sysIPV6_PATHMTU
-	m.SetLen(syscall.CmsgLen(sysSizeofIPv6Mtuinfo))
-	return b[syscall.CmsgSpace(sysSizeofIPv6Mtuinfo):]
-}
-
-func parsePathMTU(cm *ControlMessage, b []byte) {
-	mi := (*sysIPv6Mtuinfo)(unsafe.Pointer(&b[0]))
-	cm.Dst = mi.Addr.Addr[:]
-	cm.IfIndex = int(mi.Addr.Scope_id)
-	cm.MTU = int(mi.Mtu)
-}
diff --git a/vendor/golang.org/x/net/ipv6/control_stub.go b/vendor/golang.org/x/net/ipv6/control_stub.go
deleted file mode 100644
index 2fecf7e5..00000000
--- a/vendor/golang.org/x/net/ipv6/control_stub.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv6
-
-func setControlMessage(fd int, opt *rawOpt, cf ControlFlags, on bool) error {
-	return errOpNoSupport
-}
-
-func newControlMessage(opt *rawOpt) (oob []byte) {
-	return nil
-}
-
-func parseControlMessage(b []byte) (*ControlMessage, error) {
-	return nil, errOpNoSupport
-}
-
-func marshalControlMessage(cm *ControlMessage) (oob []byte) {
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv6/control_unix.go b/vendor/golang.org/x/net/ipv6/control_unix.go
deleted file mode 100644
index 2af5beb4..00000000
--- a/vendor/golang.org/x/net/ipv6/control_unix.go
+++ /dev/null
@@ -1,166 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv6
-
-import (
-	"os"
-	"syscall"
-
-	"golang.org/x/net/internal/iana"
-)
-
-func setControlMessage(fd int, opt *rawOpt, cf ControlFlags, on bool) error {
-	opt.Lock()
-	defer opt.Unlock()
-	if cf&FlagTrafficClass != 0 && sockOpts[ssoReceiveTrafficClass].name > 0 {
-		if err := setInt(fd, &sockOpts[ssoReceiveTrafficClass], boolint(on)); err != nil {
-			return err
-		}
-		if on {
-			opt.set(FlagTrafficClass)
-		} else {
-			opt.clear(FlagTrafficClass)
-		}
-	}
-	if cf&FlagHopLimit != 0 && sockOpts[ssoReceiveHopLimit].name > 0 {
-		if err := setInt(fd, &sockOpts[ssoReceiveHopLimit], boolint(on)); err != nil {
-			return err
-		}
-		if on {
-			opt.set(FlagHopLimit)
-		} else {
-			opt.clear(FlagHopLimit)
-		}
-	}
-	if cf&flagPacketInfo != 0 && sockOpts[ssoReceivePacketInfo].name > 0 {
-		if err := setInt(fd, &sockOpts[ssoReceivePacketInfo], boolint(on)); err != nil {
-			return err
-		}
-		if on {
-			opt.set(cf & flagPacketInfo)
-		} else {
-			opt.clear(cf & flagPacketInfo)
-		}
-	}
-	if cf&FlagPathMTU != 0 && sockOpts[ssoReceivePathMTU].name > 0 {
-		if err := setInt(fd, &sockOpts[ssoReceivePathMTU], boolint(on)); err != nil {
-			return err
-		}
-		if on {
-			opt.set(FlagPathMTU)
-		} else {
-			opt.clear(FlagPathMTU)
-		}
-	}
-	return nil
-}
-
-func newControlMessage(opt *rawOpt) (oob []byte) {
-	opt.RLock()
-	var l int
-	if opt.isset(FlagTrafficClass) && ctlOpts[ctlTrafficClass].name > 0 {
-		l += syscall.CmsgSpace(ctlOpts[ctlTrafficClass].length)
-	}
-	if opt.isset(FlagHopLimit) && ctlOpts[ctlHopLimit].name > 0 {
-		l += syscall.CmsgSpace(ctlOpts[ctlHopLimit].length)
-	}
-	if opt.isset(flagPacketInfo) && ctlOpts[ctlPacketInfo].name > 0 {
-		l += syscall.CmsgSpace(ctlOpts[ctlPacketInfo].length)
-	}
-	if opt.isset(FlagPathMTU) && ctlOpts[ctlPathMTU].name > 0 {
-		l += syscall.CmsgSpace(ctlOpts[ctlPathMTU].length)
-	}
-	if l > 0 {
-		oob = make([]byte, l)
-		b := oob
-		if opt.isset(FlagTrafficClass) && ctlOpts[ctlTrafficClass].name > 0 {
-			b = ctlOpts[ctlTrafficClass].marshal(b, nil)
-		}
-		if opt.isset(FlagHopLimit) && ctlOpts[ctlHopLimit].name > 0 {
-			b = ctlOpts[ctlHopLimit].marshal(b, nil)
-		}
-		if opt.isset(flagPacketInfo) && ctlOpts[ctlPacketInfo].name > 0 {
-			b = ctlOpts[ctlPacketInfo].marshal(b, nil)
-		}
-		if opt.isset(FlagPathMTU) && ctlOpts[ctlPathMTU].name > 0 {
-			b = ctlOpts[ctlPathMTU].marshal(b, nil)
-		}
-	}
-	opt.RUnlock()
-	return
-}
-
-func parseControlMessage(b []byte) (*ControlMessage, error) {
-	if len(b) == 0 {
-		return nil, nil
-	}
-	cmsgs, err := syscall.ParseSocketControlMessage(b)
-	if err != nil {
-		return nil, os.NewSyscallError("parse socket control message", err)
-	}
-	cm := &ControlMessage{}
-	for _, m := range cmsgs {
-		if m.Header.Level != iana.ProtocolIPv6 {
-			continue
-		}
-		switch int(m.Header.Type) {
-		case ctlOpts[ctlTrafficClass].name:
-			ctlOpts[ctlTrafficClass].parse(cm, m.Data[:])
-		case ctlOpts[ctlHopLimit].name:
-			ctlOpts[ctlHopLimit].parse(cm, m.Data[:])
-		case ctlOpts[ctlPacketInfo].name:
-			ctlOpts[ctlPacketInfo].parse(cm, m.Data[:])
-		case ctlOpts[ctlPathMTU].name:
-			ctlOpts[ctlPathMTU].parse(cm, m.Data[:])
-		}
-	}
-	return cm, nil
-}
-
-func marshalControlMessage(cm *ControlMessage) (oob []byte) {
-	if cm == nil {
-		return
-	}
-	var l int
-	tclass := false
-	if ctlOpts[ctlTrafficClass].name > 0 && cm.TrafficClass > 0 {
-		tclass = true
-		l += syscall.CmsgSpace(ctlOpts[ctlTrafficClass].length)
-	}
-	hoplimit := false
-	if ctlOpts[ctlHopLimit].name > 0 && cm.HopLimit > 0 {
-		hoplimit = true
-		l += syscall.CmsgSpace(ctlOpts[ctlHopLimit].length)
-	}
-	pktinfo := false
-	if ctlOpts[ctlPacketInfo].name > 0 && (cm.Src.To16() != nil && cm.Src.To4() == nil || cm.IfIndex > 0) {
-		pktinfo = true
-		l += syscall.CmsgSpace(ctlOpts[ctlPacketInfo].length)
-	}
-	nexthop := false
-	if ctlOpts[ctlNextHop].name > 0 && cm.NextHop.To16() != nil && cm.NextHop.To4() == nil {
-		nexthop = true
-		l += syscall.CmsgSpace(ctlOpts[ctlNextHop].length)
-	}
-	if l > 0 {
-		oob = make([]byte, l)
-		b := oob
-		if tclass {
-			b = ctlOpts[ctlTrafficClass].marshal(b, cm)
-		}
-		if hoplimit {
-			b = ctlOpts[ctlHopLimit].marshal(b, cm)
-		}
-		if pktinfo {
-			b = ctlOpts[ctlPacketInfo].marshal(b, cm)
-		}
-		if nexthop {
-			b = ctlOpts[ctlNextHop].marshal(b, cm)
-		}
-	}
-	return
-}
diff --git a/vendor/golang.org/x/net/ipv6/control_windows.go b/vendor/golang.org/x/net/ipv6/control_windows.go
deleted file mode 100644
index 72fdc1b0..00000000
--- a/vendor/golang.org/x/net/ipv6/control_windows.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import "syscall"
-
-func setControlMessage(fd syscall.Handle, opt *rawOpt, cf ControlFlags, on bool) error {
-	// TODO(mikio): implement this
-	return syscall.EWINDOWS
-}
-
-func newControlMessage(opt *rawOpt) (oob []byte) {
-	// TODO(mikio): implement this
-	return nil
-}
-
-func parseControlMessage(b []byte) (*ControlMessage, error) {
-	// TODO(mikio): implement this
-	return nil, syscall.EWINDOWS
-}
-
-func marshalControlMessage(cm *ControlMessage) (oob []byte) {
-	// TODO(mikio): implement this
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv6/defs_darwin.go b/vendor/golang.org/x/net/ipv6/defs_darwin.go
deleted file mode 100644
index 4c7f476a..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_darwin.go
+++ /dev/null
@@ -1,112 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#define __APPLE_USE_RFC_3542
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_UNICAST_HOPS   = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF   = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP = C.IPV6_MULTICAST_LOOP
-	sysIPV6_JOIN_GROUP     = C.IPV6_JOIN_GROUP
-	sysIPV6_LEAVE_GROUP    = C.IPV6_LEAVE_GROUP
-
-	sysIPV6_PORTRANGE    = C.IPV6_PORTRANGE
-	sysICMP6_FILTER      = C.ICMP6_FILTER
-	sysIPV6_2292PKTINFO  = C.IPV6_2292PKTINFO
-	sysIPV6_2292HOPLIMIT = C.IPV6_2292HOPLIMIT
-	sysIPV6_2292NEXTHOP  = C.IPV6_2292NEXTHOP
-	sysIPV6_2292HOPOPTS  = C.IPV6_2292HOPOPTS
-	sysIPV6_2292DSTOPTS  = C.IPV6_2292DSTOPTS
-	sysIPV6_2292RTHDR    = C.IPV6_2292RTHDR
-
-	sysIPV6_2292PKTOPTIONS = C.IPV6_2292PKTOPTIONS
-
-	sysIPV6_CHECKSUM = C.IPV6_CHECKSUM
-	sysIPV6_V6ONLY   = C.IPV6_V6ONLY
-
-	sysIPV6_IPSEC_POLICY = C.IPV6_IPSEC_POLICY
-
-	sysIPV6_RECVTCLASS = C.IPV6_RECVTCLASS
-	sysIPV6_TCLASS     = C.IPV6_TCLASS
-
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-
-	sysIPV6_RECVPKTINFO = C.IPV6_RECVPKTINFO
-
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_RECVRTHDR    = C.IPV6_RECVRTHDR
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-	sysIPV6_RECVDSTOPTS  = C.IPV6_RECVDSTOPTS
-
-	sysIPV6_USE_MIN_MTU = C.IPV6_USE_MIN_MTU
-	sysIPV6_RECVPATHMTU = C.IPV6_RECVPATHMTU
-
-	sysIPV6_PATHMTU = C.IPV6_PATHMTU
-
-	sysIPV6_PKTINFO  = C.IPV6_PKTINFO
-	sysIPV6_HOPLIMIT = C.IPV6_HOPLIMIT
-	sysIPV6_NEXTHOP  = C.IPV6_NEXTHOP
-	sysIPV6_HOPOPTS  = C.IPV6_HOPOPTS
-	sysIPV6_DSTOPTS  = C.IPV6_DSTOPTS
-	sysIPV6_RTHDR    = C.IPV6_RTHDR
-
-	sysIPV6_AUTOFLOWLABEL = C.IPV6_AUTOFLOWLABEL
-
-	sysIPV6_DONTFRAG = C.IPV6_DONTFRAG
-
-	sysIPV6_PREFER_TEMPADDR = C.IPV6_PREFER_TEMPADDR
-
-	sysIPV6_MSFILTER            = C.IPV6_MSFILTER
-	sysMCAST_JOIN_GROUP         = C.MCAST_JOIN_GROUP
-	sysMCAST_LEAVE_GROUP        = C.MCAST_LEAVE_GROUP
-	sysMCAST_JOIN_SOURCE_GROUP  = C.MCAST_JOIN_SOURCE_GROUP
-	sysMCAST_LEAVE_SOURCE_GROUP = C.MCAST_LEAVE_SOURCE_GROUP
-	sysMCAST_BLOCK_SOURCE       = C.MCAST_BLOCK_SOURCE
-	sysMCAST_UNBLOCK_SOURCE     = C.MCAST_UNBLOCK_SOURCE
-
-	sysIPV6_BOUND_IF = C.IPV6_BOUND_IF
-
-	sysIPV6_PORTRANGE_DEFAULT = C.IPV6_PORTRANGE_DEFAULT
-	sysIPV6_PORTRANGE_HIGH    = C.IPV6_PORTRANGE_HIGH
-	sysIPV6_PORTRANGE_LOW     = C.IPV6_PORTRANGE_LOW
-
-	sysSizeofSockaddrStorage = C.sizeof_struct_sockaddr_storage
-	sysSizeofSockaddrInet6   = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo    = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo     = C.sizeof_struct_ip6_mtuinfo
-
-	sysSizeofIPv6Mreq       = C.sizeof_struct_ipv6_mreq
-	sysSizeofGroupReq       = C.sizeof_struct_group_req
-	sysSizeofGroupSourceReq = C.sizeof_struct_group_source_req
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysSockaddrStorage C.struct_sockaddr_storage
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysICMPv6Filter C.struct_icmp6_filter
-
-type sysGroupReq C.struct_group_req
-
-type sysGroupSourceReq C.struct_group_source_req
diff --git a/vendor/golang.org/x/net/ipv6/defs_dragonfly.go b/vendor/golang.org/x/net/ipv6/defs_dragonfly.go
deleted file mode 100644
index c72487ce..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_dragonfly.go
+++ /dev/null
@@ -1,84 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#include 
-#include 
-
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_UNICAST_HOPS   = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF   = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP = C.IPV6_MULTICAST_LOOP
-	sysIPV6_JOIN_GROUP     = C.IPV6_JOIN_GROUP
-	sysIPV6_LEAVE_GROUP    = C.IPV6_LEAVE_GROUP
-	sysIPV6_PORTRANGE      = C.IPV6_PORTRANGE
-	sysICMP6_FILTER        = C.ICMP6_FILTER
-
-	sysIPV6_CHECKSUM = C.IPV6_CHECKSUM
-	sysIPV6_V6ONLY   = C.IPV6_V6ONLY
-
-	sysIPV6_IPSEC_POLICY = C.IPV6_IPSEC_POLICY
-
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-	sysIPV6_RECVPKTINFO  = C.IPV6_RECVPKTINFO
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_RECVRTHDR    = C.IPV6_RECVRTHDR
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-	sysIPV6_RECVDSTOPTS  = C.IPV6_RECVDSTOPTS
-
-	sysIPV6_USE_MIN_MTU = C.IPV6_USE_MIN_MTU
-	sysIPV6_RECVPATHMTU = C.IPV6_RECVPATHMTU
-
-	sysIPV6_PATHMTU = C.IPV6_PATHMTU
-
-	sysIPV6_PKTINFO  = C.IPV6_PKTINFO
-	sysIPV6_HOPLIMIT = C.IPV6_HOPLIMIT
-	sysIPV6_NEXTHOP  = C.IPV6_NEXTHOP
-	sysIPV6_HOPOPTS  = C.IPV6_HOPOPTS
-	sysIPV6_DSTOPTS  = C.IPV6_DSTOPTS
-	sysIPV6_RTHDR    = C.IPV6_RTHDR
-
-	sysIPV6_RECVTCLASS = C.IPV6_RECVTCLASS
-
-	sysIPV6_AUTOFLOWLABEL = C.IPV6_AUTOFLOWLABEL
-
-	sysIPV6_TCLASS   = C.IPV6_TCLASS
-	sysIPV6_DONTFRAG = C.IPV6_DONTFRAG
-
-	sysIPV6_PREFER_TEMPADDR = C.IPV6_PREFER_TEMPADDR
-
-	sysIPV6_PORTRANGE_DEFAULT = C.IPV6_PORTRANGE_DEFAULT
-	sysIPV6_PORTRANGE_HIGH    = C.IPV6_PORTRANGE_HIGH
-	sysIPV6_PORTRANGE_LOW     = C.IPV6_PORTRANGE_LOW
-
-	sysSizeofSockaddrInet6 = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo  = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo   = C.sizeof_struct_ip6_mtuinfo
-
-	sysSizeofIPv6Mreq = C.sizeof_struct_ipv6_mreq
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysICMPv6Filter C.struct_icmp6_filter
diff --git a/vendor/golang.org/x/net/ipv6/defs_freebsd.go b/vendor/golang.org/x/net/ipv6/defs_freebsd.go
deleted file mode 100644
index de199ec6..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_freebsd.go
+++ /dev/null
@@ -1,105 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#include 
-#include 
-
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_UNICAST_HOPS   = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF   = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP = C.IPV6_MULTICAST_LOOP
-	sysIPV6_JOIN_GROUP     = C.IPV6_JOIN_GROUP
-	sysIPV6_LEAVE_GROUP    = C.IPV6_LEAVE_GROUP
-	sysIPV6_PORTRANGE      = C.IPV6_PORTRANGE
-	sysICMP6_FILTER        = C.ICMP6_FILTER
-
-	sysIPV6_CHECKSUM = C.IPV6_CHECKSUM
-	sysIPV6_V6ONLY   = C.IPV6_V6ONLY
-
-	sysIPV6_IPSEC_POLICY = C.IPV6_IPSEC_POLICY
-
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-
-	sysIPV6_RECVPKTINFO  = C.IPV6_RECVPKTINFO
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_RECVRTHDR    = C.IPV6_RECVRTHDR
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-	sysIPV6_RECVDSTOPTS  = C.IPV6_RECVDSTOPTS
-
-	sysIPV6_USE_MIN_MTU = C.IPV6_USE_MIN_MTU
-	sysIPV6_RECVPATHMTU = C.IPV6_RECVPATHMTU
-
-	sysIPV6_PATHMTU = C.IPV6_PATHMTU
-
-	sysIPV6_PKTINFO  = C.IPV6_PKTINFO
-	sysIPV6_HOPLIMIT = C.IPV6_HOPLIMIT
-	sysIPV6_NEXTHOP  = C.IPV6_NEXTHOP
-	sysIPV6_HOPOPTS  = C.IPV6_HOPOPTS
-	sysIPV6_DSTOPTS  = C.IPV6_DSTOPTS
-	sysIPV6_RTHDR    = C.IPV6_RTHDR
-
-	sysIPV6_RECVTCLASS = C.IPV6_RECVTCLASS
-
-	sysIPV6_AUTOFLOWLABEL = C.IPV6_AUTOFLOWLABEL
-
-	sysIPV6_TCLASS   = C.IPV6_TCLASS
-	sysIPV6_DONTFRAG = C.IPV6_DONTFRAG
-
-	sysIPV6_PREFER_TEMPADDR = C.IPV6_PREFER_TEMPADDR
-
-	sysIPV6_BINDANY = C.IPV6_BINDANY
-
-	sysIPV6_MSFILTER = C.IPV6_MSFILTER
-
-	sysMCAST_JOIN_GROUP         = C.MCAST_JOIN_GROUP
-	sysMCAST_LEAVE_GROUP        = C.MCAST_LEAVE_GROUP
-	sysMCAST_JOIN_SOURCE_GROUP  = C.MCAST_JOIN_SOURCE_GROUP
-	sysMCAST_LEAVE_SOURCE_GROUP = C.MCAST_LEAVE_SOURCE_GROUP
-	sysMCAST_BLOCK_SOURCE       = C.MCAST_BLOCK_SOURCE
-	sysMCAST_UNBLOCK_SOURCE     = C.MCAST_UNBLOCK_SOURCE
-
-	sysIPV6_PORTRANGE_DEFAULT = C.IPV6_PORTRANGE_DEFAULT
-	sysIPV6_PORTRANGE_HIGH    = C.IPV6_PORTRANGE_HIGH
-	sysIPV6_PORTRANGE_LOW     = C.IPV6_PORTRANGE_LOW
-
-	sysSizeofSockaddrStorage = C.sizeof_struct_sockaddr_storage
-	sysSizeofSockaddrInet6   = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo    = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo     = C.sizeof_struct_ip6_mtuinfo
-
-	sysSizeofIPv6Mreq       = C.sizeof_struct_ipv6_mreq
-	sysSizeofGroupReq       = C.sizeof_struct_group_req
-	sysSizeofGroupSourceReq = C.sizeof_struct_group_source_req
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysSockaddrStorage C.struct_sockaddr_storage
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysGroupReq C.struct_group_req
-
-type sysGroupSourceReq C.struct_group_source_req
-
-type sysICMPv6Filter C.struct_icmp6_filter
diff --git a/vendor/golang.org/x/net/ipv6/defs_linux.go b/vendor/golang.org/x/net/ipv6/defs_linux.go
deleted file mode 100644
index d83abce3..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_linux.go
+++ /dev/null
@@ -1,136 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#include 
-#include 
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_ADDRFORM       = C.IPV6_ADDRFORM
-	sysIPV6_2292PKTINFO    = C.IPV6_2292PKTINFO
-	sysIPV6_2292HOPOPTS    = C.IPV6_2292HOPOPTS
-	sysIPV6_2292DSTOPTS    = C.IPV6_2292DSTOPTS
-	sysIPV6_2292RTHDR      = C.IPV6_2292RTHDR
-	sysIPV6_2292PKTOPTIONS = C.IPV6_2292PKTOPTIONS
-	sysIPV6_CHECKSUM       = C.IPV6_CHECKSUM
-	sysIPV6_2292HOPLIMIT   = C.IPV6_2292HOPLIMIT
-	sysIPV6_NEXTHOP        = C.IPV6_NEXTHOP
-	sysIPV6_FLOWINFO       = C.IPV6_FLOWINFO
-
-	sysIPV6_UNICAST_HOPS        = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF        = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS      = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP      = C.IPV6_MULTICAST_LOOP
-	sysIPV6_ADD_MEMBERSHIP      = C.IPV6_ADD_MEMBERSHIP
-	sysIPV6_DROP_MEMBERSHIP     = C.IPV6_DROP_MEMBERSHIP
-	sysMCAST_JOIN_GROUP         = C.MCAST_JOIN_GROUP
-	sysMCAST_LEAVE_GROUP        = C.MCAST_LEAVE_GROUP
-	sysMCAST_JOIN_SOURCE_GROUP  = C.MCAST_JOIN_SOURCE_GROUP
-	sysMCAST_LEAVE_SOURCE_GROUP = C.MCAST_LEAVE_SOURCE_GROUP
-	sysMCAST_BLOCK_SOURCE       = C.MCAST_BLOCK_SOURCE
-	sysMCAST_UNBLOCK_SOURCE     = C.MCAST_UNBLOCK_SOURCE
-	sysMCAST_MSFILTER           = C.MCAST_MSFILTER
-	sysIPV6_ROUTER_ALERT        = C.IPV6_ROUTER_ALERT
-	sysIPV6_MTU_DISCOVER        = C.IPV6_MTU_DISCOVER
-	sysIPV6_MTU                 = C.IPV6_MTU
-	sysIPV6_RECVERR             = C.IPV6_RECVERR
-	sysIPV6_V6ONLY              = C.IPV6_V6ONLY
-	sysIPV6_JOIN_ANYCAST        = C.IPV6_JOIN_ANYCAST
-	sysIPV6_LEAVE_ANYCAST       = C.IPV6_LEAVE_ANYCAST
-
-	//sysIPV6_PMTUDISC_DONT      = C.IPV6_PMTUDISC_DONT
-	//sysIPV6_PMTUDISC_WANT      = C.IPV6_PMTUDISC_WANT
-	//sysIPV6_PMTUDISC_DO        = C.IPV6_PMTUDISC_DO
-	//sysIPV6_PMTUDISC_PROBE     = C.IPV6_PMTUDISC_PROBE
-	//sysIPV6_PMTUDISC_INTERFACE = C.IPV6_PMTUDISC_INTERFACE
-	//sysIPV6_PMTUDISC_OMIT      = C.IPV6_PMTUDISC_OMIT
-
-	sysIPV6_FLOWLABEL_MGR = C.IPV6_FLOWLABEL_MGR
-	sysIPV6_FLOWINFO_SEND = C.IPV6_FLOWINFO_SEND
-
-	sysIPV6_IPSEC_POLICY = C.IPV6_IPSEC_POLICY
-	sysIPV6_XFRM_POLICY  = C.IPV6_XFRM_POLICY
-
-	sysIPV6_RECVPKTINFO  = C.IPV6_RECVPKTINFO
-	sysIPV6_PKTINFO      = C.IPV6_PKTINFO
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_HOPLIMIT     = C.IPV6_HOPLIMIT
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-	sysIPV6_HOPOPTS      = C.IPV6_HOPOPTS
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-	sysIPV6_RECVRTHDR    = C.IPV6_RECVRTHDR
-	sysIPV6_RTHDR        = C.IPV6_RTHDR
-	sysIPV6_RECVDSTOPTS  = C.IPV6_RECVDSTOPTS
-	sysIPV6_DSTOPTS      = C.IPV6_DSTOPTS
-	sysIPV6_RECVPATHMTU  = C.IPV6_RECVPATHMTU
-	sysIPV6_PATHMTU      = C.IPV6_PATHMTU
-	sysIPV6_DONTFRAG     = C.IPV6_DONTFRAG
-
-	sysIPV6_RECVTCLASS = C.IPV6_RECVTCLASS
-	sysIPV6_TCLASS     = C.IPV6_TCLASS
-
-	sysIPV6_ADDR_PREFERENCES = C.IPV6_ADDR_PREFERENCES
-
-	sysIPV6_PREFER_SRC_TMP            = C.IPV6_PREFER_SRC_TMP
-	sysIPV6_PREFER_SRC_PUBLIC         = C.IPV6_PREFER_SRC_PUBLIC
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = C.IPV6_PREFER_SRC_PUBTMP_DEFAULT
-	sysIPV6_PREFER_SRC_COA            = C.IPV6_PREFER_SRC_COA
-	sysIPV6_PREFER_SRC_HOME           = C.IPV6_PREFER_SRC_HOME
-	sysIPV6_PREFER_SRC_CGA            = C.IPV6_PREFER_SRC_CGA
-	sysIPV6_PREFER_SRC_NONCGA         = C.IPV6_PREFER_SRC_NONCGA
-
-	sysIPV6_MINHOPCOUNT = C.IPV6_MINHOPCOUNT
-
-	sysIPV6_ORIGDSTADDR     = C.IPV6_ORIGDSTADDR
-	sysIPV6_RECVORIGDSTADDR = C.IPV6_RECVORIGDSTADDR
-	sysIPV6_TRANSPARENT     = C.IPV6_TRANSPARENT
-	sysIPV6_UNICAST_IF      = C.IPV6_UNICAST_IF
-
-	sysICMPV6_FILTER = C.ICMPV6_FILTER
-
-	sysICMPV6_FILTER_BLOCK       = C.ICMPV6_FILTER_BLOCK
-	sysICMPV6_FILTER_PASS        = C.ICMPV6_FILTER_PASS
-	sysICMPV6_FILTER_BLOCKOTHERS = C.ICMPV6_FILTER_BLOCKOTHERS
-	sysICMPV6_FILTER_PASSONLY    = C.ICMPV6_FILTER_PASSONLY
-
-	sysSizeofKernelSockaddrStorage = C.sizeof_struct___kernel_sockaddr_storage
-	sysSizeofSockaddrInet6         = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo          = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo           = C.sizeof_struct_ip6_mtuinfo
-	sysSizeofIPv6FlowlabelReq      = C.sizeof_struct_in6_flowlabel_req
-
-	sysSizeofIPv6Mreq       = C.sizeof_struct_ipv6_mreq
-	sysSizeofGroupReq       = C.sizeof_struct_group_req
-	sysSizeofGroupSourceReq = C.sizeof_struct_group_source_req
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysKernelSockaddrStorage C.struct___kernel_sockaddr_storage
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6FlowlabelReq C.struct_in6_flowlabel_req
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysGroupReq C.struct_group_req
-
-type sysGroupSourceReq C.struct_group_source_req
-
-type sysICMPv6Filter C.struct_icmp6_filter
diff --git a/vendor/golang.org/x/net/ipv6/defs_netbsd.go b/vendor/golang.org/x/net/ipv6/defs_netbsd.go
deleted file mode 100644
index 7bd09e8e..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_netbsd.go
+++ /dev/null
@@ -1,80 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#include 
-#include 
-
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_UNICAST_HOPS   = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF   = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP = C.IPV6_MULTICAST_LOOP
-	sysIPV6_JOIN_GROUP     = C.IPV6_JOIN_GROUP
-	sysIPV6_LEAVE_GROUP    = C.IPV6_LEAVE_GROUP
-	sysIPV6_PORTRANGE      = C.IPV6_PORTRANGE
-	sysICMP6_FILTER        = C.ICMP6_FILTER
-
-	sysIPV6_CHECKSUM = C.IPV6_CHECKSUM
-	sysIPV6_V6ONLY   = C.IPV6_V6ONLY
-
-	sysIPV6_IPSEC_POLICY = C.IPV6_IPSEC_POLICY
-
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-
-	sysIPV6_RECVPKTINFO  = C.IPV6_RECVPKTINFO
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_RECVRTHDR    = C.IPV6_RECVRTHDR
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-	sysIPV6_RECVDSTOPTS  = C.IPV6_RECVDSTOPTS
-
-	sysIPV6_USE_MIN_MTU = C.IPV6_USE_MIN_MTU
-	sysIPV6_RECVPATHMTU = C.IPV6_RECVPATHMTU
-	sysIPV6_PATHMTU     = C.IPV6_PATHMTU
-
-	sysIPV6_PKTINFO  = C.IPV6_PKTINFO
-	sysIPV6_HOPLIMIT = C.IPV6_HOPLIMIT
-	sysIPV6_NEXTHOP  = C.IPV6_NEXTHOP
-	sysIPV6_HOPOPTS  = C.IPV6_HOPOPTS
-	sysIPV6_DSTOPTS  = C.IPV6_DSTOPTS
-	sysIPV6_RTHDR    = C.IPV6_RTHDR
-
-	sysIPV6_RECVTCLASS = C.IPV6_RECVTCLASS
-
-	sysIPV6_TCLASS   = C.IPV6_TCLASS
-	sysIPV6_DONTFRAG = C.IPV6_DONTFRAG
-
-	sysIPV6_PORTRANGE_DEFAULT = C.IPV6_PORTRANGE_DEFAULT
-	sysIPV6_PORTRANGE_HIGH    = C.IPV6_PORTRANGE_HIGH
-	sysIPV6_PORTRANGE_LOW     = C.IPV6_PORTRANGE_LOW
-
-	sysSizeofSockaddrInet6 = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo  = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo   = C.sizeof_struct_ip6_mtuinfo
-
-	sysSizeofIPv6Mreq = C.sizeof_struct_ipv6_mreq
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysICMPv6Filter C.struct_icmp6_filter
diff --git a/vendor/golang.org/x/net/ipv6/defs_openbsd.go b/vendor/golang.org/x/net/ipv6/defs_openbsd.go
deleted file mode 100644
index 6796d9b2..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_openbsd.go
+++ /dev/null
@@ -1,89 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#include 
-#include 
-
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_UNICAST_HOPS   = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF   = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP = C.IPV6_MULTICAST_LOOP
-	sysIPV6_JOIN_GROUP     = C.IPV6_JOIN_GROUP
-	sysIPV6_LEAVE_GROUP    = C.IPV6_LEAVE_GROUP
-	sysIPV6_PORTRANGE      = C.IPV6_PORTRANGE
-	sysICMP6_FILTER        = C.ICMP6_FILTER
-
-	sysIPV6_CHECKSUM = C.IPV6_CHECKSUM
-	sysIPV6_V6ONLY   = C.IPV6_V6ONLY
-
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-
-	sysIPV6_RECVPKTINFO  = C.IPV6_RECVPKTINFO
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_RECVRTHDR    = C.IPV6_RECVRTHDR
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-	sysIPV6_RECVDSTOPTS  = C.IPV6_RECVDSTOPTS
-
-	sysIPV6_USE_MIN_MTU = C.IPV6_USE_MIN_MTU
-	sysIPV6_RECVPATHMTU = C.IPV6_RECVPATHMTU
-
-	sysIPV6_PATHMTU = C.IPV6_PATHMTU
-
-	sysIPV6_PKTINFO  = C.IPV6_PKTINFO
-	sysIPV6_HOPLIMIT = C.IPV6_HOPLIMIT
-	sysIPV6_NEXTHOP  = C.IPV6_NEXTHOP
-	sysIPV6_HOPOPTS  = C.IPV6_HOPOPTS
-	sysIPV6_DSTOPTS  = C.IPV6_DSTOPTS
-	sysIPV6_RTHDR    = C.IPV6_RTHDR
-
-	sysIPV6_AUTH_LEVEL        = C.IPV6_AUTH_LEVEL
-	sysIPV6_ESP_TRANS_LEVEL   = C.IPV6_ESP_TRANS_LEVEL
-	sysIPV6_ESP_NETWORK_LEVEL = C.IPV6_ESP_NETWORK_LEVEL
-	sysIPSEC6_OUTSA           = C.IPSEC6_OUTSA
-	sysIPV6_RECVTCLASS        = C.IPV6_RECVTCLASS
-
-	sysIPV6_AUTOFLOWLABEL = C.IPV6_AUTOFLOWLABEL
-	sysIPV6_IPCOMP_LEVEL  = C.IPV6_IPCOMP_LEVEL
-
-	sysIPV6_TCLASS   = C.IPV6_TCLASS
-	sysIPV6_DONTFRAG = C.IPV6_DONTFRAG
-	sysIPV6_PIPEX    = C.IPV6_PIPEX
-
-	sysIPV6_RTABLE = C.IPV6_RTABLE
-
-	sysIPV6_PORTRANGE_DEFAULT = C.IPV6_PORTRANGE_DEFAULT
-	sysIPV6_PORTRANGE_HIGH    = C.IPV6_PORTRANGE_HIGH
-	sysIPV6_PORTRANGE_LOW     = C.IPV6_PORTRANGE_LOW
-
-	sysSizeofSockaddrInet6 = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo  = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo   = C.sizeof_struct_ip6_mtuinfo
-
-	sysSizeofIPv6Mreq = C.sizeof_struct_ipv6_mreq
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysICMPv6Filter C.struct_icmp6_filter
diff --git a/vendor/golang.org/x/net/ipv6/defs_solaris.go b/vendor/golang.org/x/net/ipv6/defs_solaris.go
deleted file mode 100644
index 972b1712..00000000
--- a/vendor/golang.org/x/net/ipv6/defs_solaris.go
+++ /dev/null
@@ -1,96 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-// +godefs map struct_in6_addr [16]byte /* in6_addr */
-
-package ipv6
-
-/*
-#include 
-#include 
-*/
-import "C"
-
-const (
-	sysIPV6_UNICAST_HOPS   = C.IPV6_UNICAST_HOPS
-	sysIPV6_MULTICAST_IF   = C.IPV6_MULTICAST_IF
-	sysIPV6_MULTICAST_HOPS = C.IPV6_MULTICAST_HOPS
-	sysIPV6_MULTICAST_LOOP = C.IPV6_MULTICAST_LOOP
-	sysIPV6_JOIN_GROUP     = C.IPV6_JOIN_GROUP
-	sysIPV6_LEAVE_GROUP    = C.IPV6_LEAVE_GROUP
-
-	sysIPV6_PKTINFO = C.IPV6_PKTINFO
-
-	sysIPV6_HOPLIMIT = C.IPV6_HOPLIMIT
-	sysIPV6_NEXTHOP  = C.IPV6_NEXTHOP
-	sysIPV6_HOPOPTS  = C.IPV6_HOPOPTS
-	sysIPV6_DSTOPTS  = C.IPV6_DSTOPTS
-
-	sysIPV6_RTHDR        = C.IPV6_RTHDR
-	sysIPV6_RTHDRDSTOPTS = C.IPV6_RTHDRDSTOPTS
-
-	sysIPV6_RECVPKTINFO  = C.IPV6_RECVPKTINFO
-	sysIPV6_RECVHOPLIMIT = C.IPV6_RECVHOPLIMIT
-	sysIPV6_RECVHOPOPTS  = C.IPV6_RECVHOPOPTS
-
-	sysIPV6_RECVRTHDR = C.IPV6_RECVRTHDR
-
-	sysIPV6_RECVRTHDRDSTOPTS = C.IPV6_RECVRTHDRDSTOPTS
-
-	sysIPV6_CHECKSUM        = C.IPV6_CHECKSUM
-	sysIPV6_RECVTCLASS      = C.IPV6_RECVTCLASS
-	sysIPV6_USE_MIN_MTU     = C.IPV6_USE_MIN_MTU
-	sysIPV6_DONTFRAG        = C.IPV6_DONTFRAG
-	sysIPV6_SEC_OPT         = C.IPV6_SEC_OPT
-	sysIPV6_SRC_PREFERENCES = C.IPV6_SRC_PREFERENCES
-	sysIPV6_RECVPATHMTU     = C.IPV6_RECVPATHMTU
-	sysIPV6_PATHMTU         = C.IPV6_PATHMTU
-	sysIPV6_TCLASS          = C.IPV6_TCLASS
-	sysIPV6_V6ONLY          = C.IPV6_V6ONLY
-
-	sysIPV6_RECVDSTOPTS = C.IPV6_RECVDSTOPTS
-
-	sysIPV6_PREFER_SRC_HOME   = C.IPV6_PREFER_SRC_HOME
-	sysIPV6_PREFER_SRC_COA    = C.IPV6_PREFER_SRC_COA
-	sysIPV6_PREFER_SRC_PUBLIC = C.IPV6_PREFER_SRC_PUBLIC
-	sysIPV6_PREFER_SRC_TMP    = C.IPV6_PREFER_SRC_TMP
-	sysIPV6_PREFER_SRC_NONCGA = C.IPV6_PREFER_SRC_NONCGA
-	sysIPV6_PREFER_SRC_CGA    = C.IPV6_PREFER_SRC_CGA
-
-	sysIPV6_PREFER_SRC_MIPMASK    = C.IPV6_PREFER_SRC_MIPMASK
-	sysIPV6_PREFER_SRC_MIPDEFAULT = C.IPV6_PREFER_SRC_MIPDEFAULT
-	sysIPV6_PREFER_SRC_TMPMASK    = C.IPV6_PREFER_SRC_TMPMASK
-	sysIPV6_PREFER_SRC_TMPDEFAULT = C.IPV6_PREFER_SRC_TMPDEFAULT
-	sysIPV6_PREFER_SRC_CGAMASK    = C.IPV6_PREFER_SRC_CGAMASK
-	sysIPV6_PREFER_SRC_CGADEFAULT = C.IPV6_PREFER_SRC_CGADEFAULT
-
-	sysIPV6_PREFER_SRC_MASK = C.IPV6_PREFER_SRC_MASK
-
-	sysIPV6_PREFER_SRC_DEFAULT = C.IPV6_PREFER_SRC_DEFAULT
-
-	sysIPV6_BOUND_IF   = C.IPV6_BOUND_IF
-	sysIPV6_UNSPEC_SRC = C.IPV6_UNSPEC_SRC
-
-	sysICMP6_FILTER = C.ICMP6_FILTER
-
-	sysSizeofSockaddrInet6 = C.sizeof_struct_sockaddr_in6
-	sysSizeofInet6Pktinfo  = C.sizeof_struct_in6_pktinfo
-	sysSizeofIPv6Mtuinfo   = C.sizeof_struct_ip6_mtuinfo
-
-	sysSizeofIPv6Mreq = C.sizeof_struct_ipv6_mreq
-
-	sysSizeofICMPv6Filter = C.sizeof_struct_icmp6_filter
-)
-
-type sysSockaddrInet6 C.struct_sockaddr_in6
-
-type sysInet6Pktinfo C.struct_in6_pktinfo
-
-type sysIPv6Mtuinfo C.struct_ip6_mtuinfo
-
-type sysIPv6Mreq C.struct_ipv6_mreq
-
-type sysICMPv6Filter C.struct_icmp6_filter
diff --git a/vendor/golang.org/x/net/ipv6/dgramopt_posix.go b/vendor/golang.org/x/net/ipv6/dgramopt_posix.go
deleted file mode 100644
index 93ff2f1a..00000000
--- a/vendor/golang.org/x/net/ipv6/dgramopt_posix.go
+++ /dev/null
@@ -1,288 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd windows
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-)
-
-// MulticastHopLimit returns the hop limit field value for outgoing
-// multicast packets.
-func (c *dgramOpt) MulticastHopLimit() (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	return getInt(fd, &sockOpts[ssoMulticastHopLimit])
-}
-
-// SetMulticastHopLimit sets the hop limit field value for future
-// outgoing multicast packets.
-func (c *dgramOpt) SetMulticastHopLimit(hoplim int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoMulticastHopLimit], hoplim)
-}
-
-// MulticastInterface returns the default interface for multicast
-// packet transmissions.
-func (c *dgramOpt) MulticastInterface() (*net.Interface, error) {
-	if !c.ok() {
-		return nil, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return nil, err
-	}
-	return getInterface(fd, &sockOpts[ssoMulticastInterface])
-}
-
-// SetMulticastInterface sets the default interface for future
-// multicast packet transmissions.
-func (c *dgramOpt) SetMulticastInterface(ifi *net.Interface) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInterface(fd, &sockOpts[ssoMulticastInterface], ifi)
-}
-
-// MulticastLoopback reports whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) MulticastLoopback() (bool, error) {
-	if !c.ok() {
-		return false, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return false, err
-	}
-	on, err := getInt(fd, &sockOpts[ssoMulticastLoopback])
-	if err != nil {
-		return false, err
-	}
-	return on == 1, nil
-}
-
-// SetMulticastLoopback sets whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) SetMulticastLoopback(on bool) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoMulticastLoopback], boolint(on))
-}
-
-// JoinGroup joins the group address group on the interface ifi.
-// By default all sources that can cast data to group are accepted.
-// It's possible to mute and unmute data transmission from a specific
-// source by using ExcludeSourceSpecificGroup and
-// IncludeSourceSpecificGroup.
-// JoinGroup uses the system assigned multicast interface when ifi is
-// nil, although this is not recommended because the assignment
-// depends on platforms and sometimes it might require routing
-// configuration.
-func (c *dgramOpt) JoinGroup(ifi *net.Interface, group net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP16(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	return setGroup(fd, &sockOpts[ssoJoinGroup], ifi, grp)
-}
-
-// LeaveGroup leaves the group address group on the interface ifi
-// regardless of whether the group is any-source group or
-// source-specific group.
-func (c *dgramOpt) LeaveGroup(ifi *net.Interface, group net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP16(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	return setGroup(fd, &sockOpts[ssoLeaveGroup], ifi, grp)
-}
-
-// JoinSourceSpecificGroup joins the source-specific group comprising
-// group and source on the interface ifi.
-// JoinSourceSpecificGroup uses the system assigned multicast
-// interface when ifi is nil, although this is not recommended because
-// the assignment depends on platforms and sometimes it might require
-// routing configuration.
-func (c *dgramOpt) JoinSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP16(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP16(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoJoinSourceGroup], ifi, grp, src)
-}
-
-// LeaveSourceSpecificGroup leaves the source-specific group on the
-// interface ifi.
-func (c *dgramOpt) LeaveSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP16(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP16(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoLeaveSourceGroup], ifi, grp, src)
-}
-
-// ExcludeSourceSpecificGroup excludes the source-specific group from
-// the already joined any-source groups by JoinGroup on the interface
-// ifi.
-func (c *dgramOpt) ExcludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP16(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP16(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoBlockSourceGroup], ifi, grp, src)
-}
-
-// IncludeSourceSpecificGroup includes the excluded source-specific
-// group by ExcludeSourceSpecificGroup again on the interface ifi.
-func (c *dgramOpt) IncludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	grp := netAddrToIP16(group)
-	if grp == nil {
-		return errMissingAddress
-	}
-	src := netAddrToIP16(source)
-	if src == nil {
-		return errMissingAddress
-	}
-	return setSourceGroup(fd, &sockOpts[ssoUnblockSourceGroup], ifi, grp, src)
-}
-
-// Checksum reports whether the kernel will compute, store or verify a
-// checksum for both incoming and outgoing packets.  If on is true, it
-// returns an offset in bytes into the data of where the checksum
-// field is located.
-func (c *dgramOpt) Checksum() (on bool, offset int, err error) {
-	if !c.ok() {
-		return false, 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return false, 0, err
-	}
-	offset, err = getInt(fd, &sockOpts[ssoChecksum])
-	if err != nil {
-		return false, 0, err
-	}
-	if offset < 0 {
-		return false, 0, nil
-	}
-	return true, offset, nil
-}
-
-// SetChecksum enables the kernel checksum processing.  If on is ture,
-// the offset should be an offset in bytes into the data of where the
-// checksum field is located.
-func (c *dgramOpt) SetChecksum(on bool, offset int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	if !on {
-		offset = -1
-	}
-	return setInt(fd, &sockOpts[ssoChecksum], offset)
-}
-
-// ICMPFilter returns an ICMP filter.
-func (c *dgramOpt) ICMPFilter() (*ICMPFilter, error) {
-	if !c.ok() {
-		return nil, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return nil, err
-	}
-	return getICMPFilter(fd, &sockOpts[ssoICMPFilter])
-}
-
-// SetICMPFilter deploys the ICMP filter.
-func (c *dgramOpt) SetICMPFilter(f *ICMPFilter) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setICMPFilter(fd, &sockOpts[ssoICMPFilter], f)
-}
diff --git a/vendor/golang.org/x/net/ipv6/dgramopt_stub.go b/vendor/golang.org/x/net/ipv6/dgramopt_stub.go
deleted file mode 100644
index fb067fb2..00000000
--- a/vendor/golang.org/x/net/ipv6/dgramopt_stub.go
+++ /dev/null
@@ -1,119 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv6
-
-import "net"
-
-// MulticastHopLimit returns the hop limit field value for outgoing
-// multicast packets.
-func (c *dgramOpt) MulticastHopLimit() (int, error) {
-	return 0, errOpNoSupport
-}
-
-// SetMulticastHopLimit sets the hop limit field value for future
-// outgoing multicast packets.
-func (c *dgramOpt) SetMulticastHopLimit(hoplim int) error {
-	return errOpNoSupport
-}
-
-// MulticastInterface returns the default interface for multicast
-// packet transmissions.
-func (c *dgramOpt) MulticastInterface() (*net.Interface, error) {
-	return nil, errOpNoSupport
-}
-
-// SetMulticastInterface sets the default interface for future
-// multicast packet transmissions.
-func (c *dgramOpt) SetMulticastInterface(ifi *net.Interface) error {
-	return errOpNoSupport
-}
-
-// MulticastLoopback reports whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) MulticastLoopback() (bool, error) {
-	return false, errOpNoSupport
-}
-
-// SetMulticastLoopback sets whether transmitted multicast packets
-// should be copied and send back to the originator.
-func (c *dgramOpt) SetMulticastLoopback(on bool) error {
-	return errOpNoSupport
-}
-
-// JoinGroup joins the group address group on the interface ifi.
-// By default all sources that can cast data to group are accepted.
-// It's possible to mute and unmute data transmission from a specific
-// source by using ExcludeSourceSpecificGroup and
-// IncludeSourceSpecificGroup.
-// JoinGroup uses the system assigned multicast interface when ifi is
-// nil, although this is not recommended because the assignment
-// depends on platforms and sometimes it might require routing
-// configuration.
-func (c *dgramOpt) JoinGroup(ifi *net.Interface, group net.Addr) error {
-	return errOpNoSupport
-}
-
-// LeaveGroup leaves the group address group on the interface ifi
-// regardless of whether the group is any-source group or
-// source-specific group.
-func (c *dgramOpt) LeaveGroup(ifi *net.Interface, group net.Addr) error {
-	return errOpNoSupport
-}
-
-// JoinSourceSpecificGroup joins the source-specific group comprising
-// group and source on the interface ifi.
-// JoinSourceSpecificGroup uses the system assigned multicast
-// interface when ifi is nil, although this is not recommended because
-// the assignment depends on platforms and sometimes it might require
-// routing configuration.
-func (c *dgramOpt) JoinSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// LeaveSourceSpecificGroup leaves the source-specific group on the
-// interface ifi.
-func (c *dgramOpt) LeaveSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// ExcludeSourceSpecificGroup excludes the source-specific group from
-// the already joined any-source groups by JoinGroup on the interface
-// ifi.
-func (c *dgramOpt) ExcludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// IncludeSourceSpecificGroup includes the excluded source-specific
-// group by ExcludeSourceSpecificGroup again on the interface ifi.
-func (c *dgramOpt) IncludeSourceSpecificGroup(ifi *net.Interface, group, source net.Addr) error {
-	return errOpNoSupport
-}
-
-// Checksum reports whether the kernel will compute, store or verify a
-// checksum for both incoming and outgoing packets.  If on is true, it
-// returns an offset in bytes into the data of where the checksum
-// field is located.
-func (c *dgramOpt) Checksum() (on bool, offset int, err error) {
-	return false, 0, errOpNoSupport
-}
-
-// SetChecksum enables the kernel checksum processing.  If on is ture,
-// the offset should be an offset in bytes into the data of where the
-// checksum field is located.
-func (c *dgramOpt) SetChecksum(on bool, offset int) error {
-	return errOpNoSupport
-}
-
-// ICMPFilter returns an ICMP filter.
-func (c *dgramOpt) ICMPFilter() (*ICMPFilter, error) {
-	return nil, errOpNoSupport
-}
-
-// SetICMPFilter deploys the ICMP filter.
-func (c *dgramOpt) SetICMPFilter(f *ICMPFilter) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv6/doc.go b/vendor/golang.org/x/net/ipv6/doc.go
deleted file mode 100644
index dd13aa21..00000000
--- a/vendor/golang.org/x/net/ipv6/doc.go
+++ /dev/null
@@ -1,240 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package ipv6 implements IP-level socket options for the Internet
-// Protocol version 6.
-//
-// The package provides IP-level socket options that allow
-// manipulation of IPv6 facilities.
-//
-// The IPv6 protocol is defined in RFC 2460.
-// Basic and advanced socket interface extensions are defined in RFC
-// 3493 and RFC 3542.
-// Socket interface extensions for multicast source filters are
-// defined in RFC 3678.
-// MLDv1 and MLDv2 are defined in RFC 2710 and RFC 3810.
-// Source-specific multicast is defined in RFC 4607.
-//
-//
-// Unicasting
-//
-// The options for unicasting are available for net.TCPConn,
-// net.UDPConn and net.IPConn which are created as network connections
-// that use the IPv6 transport.  When a single TCP connection carrying
-// a data flow of multiple packets needs to indicate the flow is
-// important, ipv6.Conn is used to set the traffic class field on the
-// IPv6 header for each packet.
-//
-//	ln, err := net.Listen("tcp6", "[::]:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer ln.Close()
-//	for {
-//		c, err := ln.Accept()
-//		if err != nil {
-//			// error handling
-//		}
-//		go func(c net.Conn) {
-//			defer c.Close()
-//
-// The outgoing packets will be labeled DiffServ assured forwarding
-// class 1 low drop precedence, known as AF11 packets.
-//
-//			if err := ipv6.NewConn(c).SetTrafficClass(0x28); err != nil {
-//				// error handling
-//			}
-//			if _, err := c.Write(data); err != nil {
-//				// error handling
-//			}
-//		}(c)
-//	}
-//
-//
-// Multicasting
-//
-// The options for multicasting are available for net.UDPConn and
-// net.IPconn which are created as network connections that use the
-// IPv6 transport.  A few network facilities must be prepared before
-// you begin multicasting, at a minimum joining network interfaces and
-// multicast groups.
-//
-//	en0, err := net.InterfaceByName("en0")
-//	if err != nil {
-//		// error handling
-//	}
-//	en1, err := net.InterfaceByIndex(911)
-//	if err != nil {
-//		// error handling
-//	}
-//	group := net.ParseIP("ff02::114")
-//
-// First, an application listens to an appropriate address with an
-// appropriate service port.
-//
-//	c, err := net.ListenPacket("udp6", "[::]:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c.Close()
-//
-// Second, the application joins multicast groups, starts listening to
-// the groups on the specified network interfaces.  Note that the
-// service port for transport layer protocol does not matter with this
-// operation as joining groups affects only network and link layer
-// protocols, such as IPv6 and Ethernet.
-//
-//	p := ipv6.NewPacketConn(c)
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: group}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: group}); err != nil {
-//		// error handling
-//	}
-//
-// The application might set per packet control message transmissions
-// between the protocol stack within the kernel.  When the application
-// needs a destination address on an incoming packet,
-// SetControlMessage of ipv6.PacketConn is used to enable control
-// message transmissons.
-//
-//	if err := p.SetControlMessage(ipv6.FlagDst, true); err != nil {
-//		// error handling
-//	}
-//
-// The application could identify whether the received packets are
-// of interest by using the control message that contains the
-// destination address of the received packet.
-//
-//	b := make([]byte, 1500)
-//	for {
-//		n, rcm, src, err := p.ReadFrom(b)
-//		if err != nil {
-//			// error handling
-//		}
-//		if rcm.Dst.IsMulticast() {
-//			if rcm.Dst.Equal(group) {
-//				// joined group, do something
-//			} else {
-//				// unknown group, discard
-//				continue
-//			}
-//		}
-//
-// The application can also send both unicast and multicast packets.
-//
-//		p.SetTrafficClass(0x0)
-//		p.SetHopLimit(16)
-//		if _, err := p.WriteTo(data[:n], nil, src); err != nil {
-//			// error handling
-//		}
-//		dst := &net.UDPAddr{IP: group, Port: 1024}
-//		wcm := ipv6.ControlMessage{TrafficClass: 0xe0, HopLimit: 1}
-//		for _, ifi := range []*net.Interface{en0, en1} {
-//			wcm.IfIndex = ifi.Index
-//			if _, err := p.WriteTo(data[:n], &wcm, dst); err != nil {
-//				// error handling
-//			}
-//		}
-//	}
-//
-//
-// More multicasting
-//
-// An application that uses PacketConn may join multiple multicast
-// groups.  For example, a UDP listener with port 1024 might join two
-// different groups across over two different network interfaces by
-// using:
-//
-//	c, err := net.ListenPacket("udp6", "[::]:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c.Close()
-//	p := ipv6.NewPacketConn(c)
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::1:114")}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::2:114")}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en1, &net.UDPAddr{IP: net.ParseIP("ff02::2:114")}); err != nil {
-//		// error handling
-//	}
-//
-// It is possible for multiple UDP listeners that listen on the same
-// UDP port to join the same multicast group.  The net package will
-// provide a socket that listens to a wildcard address with reusable
-// UDP port when an appropriate multicast address prefix is passed to
-// the net.ListenPacket or net.ListenUDP.
-//
-//	c1, err := net.ListenPacket("udp6", "[ff02::]:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c1.Close()
-//	c2, err := net.ListenPacket("udp6", "[ff02::]:1024")
-//	if err != nil {
-//		// error handling
-//	}
-//	defer c2.Close()
-//	p1 := ipv6.NewPacketConn(c1)
-//	if err := p1.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::114")}); err != nil {
-//		// error handling
-//	}
-//	p2 := ipv6.NewPacketConn(c2)
-//	if err := p2.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::114")}); err != nil {
-//		// error handling
-//	}
-//
-// Also it is possible for the application to leave or rejoin a
-// multicast group on the network interface.
-//
-//	if err := p.LeaveGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff02::114")}); err != nil {
-//		// error handling
-//	}
-//	if err := p.JoinGroup(en0, &net.UDPAddr{IP: net.ParseIP("ff01::114")}); err != nil {
-//		// error handling
-//	}
-//
-//
-// Source-specific multicasting
-//
-// An application that uses PacketConn on MLDv2 supported platform is
-// able to join source-specific multicast groups.
-// The application may use JoinSourceSpecificGroup and
-// LeaveSourceSpecificGroup for the operation known as "include" mode,
-//
-//	ssmgroup := net.UDPAddr{IP: net.ParseIP("ff32::8000:9")}
-//	ssmsource := net.UDPAddr{IP: net.ParseIP("fe80::cafe")}
-//	if err := p.JoinSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
-//		// error handling
-//	}
-//	if err := p.LeaveSourceSpecificGroup(en0, &ssmgroup, &ssmsource); err != nil {
-//		// error handling
-//	}
-//
-// or JoinGroup, ExcludeSourceSpecificGroup,
-// IncludeSourceSpecificGroup and LeaveGroup for the operation known
-// as "exclude" mode.
-//
-//	exclsource := net.UDPAddr{IP: net.ParseIP("fe80::dead")}
-//	if err := p.JoinGroup(en0, &ssmgroup); err != nil {
-//		// error handling
-//	}
-//	if err := p.ExcludeSourceSpecificGroup(en0, &ssmgroup, &exclsource); err != nil {
-//		// error handling
-//	}
-//	if err := p.LeaveGroup(en0, &ssmgroup); err != nil {
-//		// error handling
-//	}
-//
-// Note that it depends on each platform implementation what happens
-// when an application which runs on MLDv2 unsupported platform uses
-// JoinSourceSpecificGroup and LeaveSourceSpecificGroup.
-// In general the platform tries to fall back to conversations using
-// MLDv1 and starts to listen to multicast traffic.
-// In the fallback case, ExcludeSourceSpecificGroup and
-// IncludeSourceSpecificGroup may return an error.
-package ipv6 // import "golang.org/x/net/ipv6"
diff --git a/vendor/golang.org/x/net/ipv6/endpoint.go b/vendor/golang.org/x/net/ipv6/endpoint.go
deleted file mode 100644
index 966eaa89..00000000
--- a/vendor/golang.org/x/net/ipv6/endpoint.go
+++ /dev/null
@@ -1,123 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-	"time"
-)
-
-// A Conn represents a network endpoint that uses IPv6 transport.
-// It allows to set basic IP-level socket options such as traffic
-// class and hop limit.
-type Conn struct {
-	genericOpt
-}
-
-type genericOpt struct {
-	net.Conn
-}
-
-func (c *genericOpt) ok() bool { return c != nil && c.Conn != nil }
-
-// PathMTU returns a path MTU value for the destination associated
-// with the endpoint.
-func (c *Conn) PathMTU() (int, error) {
-	if !c.genericOpt.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.genericOpt.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	_, mtu, err := getMTUInfo(fd, &sockOpts[ssoPathMTU])
-	if err != nil {
-		return 0, err
-	}
-	return mtu, nil
-}
-
-// NewConn returns a new Conn.
-func NewConn(c net.Conn) *Conn {
-	return &Conn{
-		genericOpt: genericOpt{Conn: c},
-	}
-}
-
-// A PacketConn represents a packet network endpoint that uses IPv6
-// transport.  It is used to control several IP-level socket options
-// including IPv6 header manipulation.  It also provides datagram
-// based network I/O methods specific to the IPv6 and higher layer
-// protocols such as OSPF, GRE, and UDP.
-type PacketConn struct {
-	genericOpt
-	dgramOpt
-	payloadHandler
-}
-
-type dgramOpt struct {
-	net.PacketConn
-}
-
-func (c *dgramOpt) ok() bool { return c != nil && c.PacketConn != nil }
-
-// SetControlMessage allows to receive the per packet basis IP-level
-// socket options.
-func (c *PacketConn) SetControlMessage(cf ControlFlags, on bool) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.payloadHandler.sysfd()
-	if err != nil {
-		return err
-	}
-	return setControlMessage(fd, &c.payloadHandler.rawOpt, cf, on)
-}
-
-// SetDeadline sets the read and write deadlines associated with the
-// endpoint.
-func (c *PacketConn) SetDeadline(t time.Time) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.SetDeadline(t)
-}
-
-// SetReadDeadline sets the read deadline associated with the
-// endpoint.
-func (c *PacketConn) SetReadDeadline(t time.Time) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.SetReadDeadline(t)
-}
-
-// SetWriteDeadline sets the write deadline associated with the
-// endpoint.
-func (c *PacketConn) SetWriteDeadline(t time.Time) error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.SetWriteDeadline(t)
-}
-
-// Close closes the endpoint.
-func (c *PacketConn) Close() error {
-	if !c.payloadHandler.ok() {
-		return syscall.EINVAL
-	}
-	return c.payloadHandler.Close()
-}
-
-// NewPacketConn returns a new PacketConn using c as its underlying
-// transport.
-func NewPacketConn(c net.PacketConn) *PacketConn {
-	return &PacketConn{
-		genericOpt:     genericOpt{Conn: c.(net.Conn)},
-		dgramOpt:       dgramOpt{PacketConn: c},
-		payloadHandler: payloadHandler{PacketConn: c},
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/example_test.go b/vendor/golang.org/x/net/ipv6/example_test.go
deleted file mode 100644
index e761aa2a..00000000
--- a/vendor/golang.org/x/net/ipv6/example_test.go
+++ /dev/null
@@ -1,216 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"fmt"
-	"log"
-	"net"
-	"os"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/ipv6"
-)
-
-func ExampleConn_markingTCP() {
-	ln, err := net.Listen("tcp", "[::]:1024")
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer ln.Close()
-
-	for {
-		c, err := ln.Accept()
-		if err != nil {
-			log.Fatal(err)
-		}
-		go func(c net.Conn) {
-			defer c.Close()
-			if c.RemoteAddr().(*net.TCPAddr).IP.To16() != nil && c.RemoteAddr().(*net.TCPAddr).IP.To4() == nil {
-				p := ipv6.NewConn(c)
-				if err := p.SetTrafficClass(0x28); err != nil { // DSCP AF11
-					log.Fatal(err)
-				}
-				if err := p.SetHopLimit(128); err != nil {
-					log.Fatal(err)
-				}
-			}
-			if _, err := c.Write([]byte("HELLO-R-U-THERE-ACK")); err != nil {
-				log.Fatal(err)
-			}
-		}(c)
-	}
-}
-
-func ExamplePacketConn_servingOneShotMulticastDNS() {
-	c, err := net.ListenPacket("udp6", "[::]:5353") // mDNS over UDP
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv6.NewPacketConn(c)
-
-	en0, err := net.InterfaceByName("en0")
-	if err != nil {
-		log.Fatal(err)
-	}
-	mDNSLinkLocal := net.UDPAddr{IP: net.ParseIP("ff02::fb")}
-	if err := p.JoinGroup(en0, &mDNSLinkLocal); err != nil {
-		log.Fatal(err)
-	}
-	defer p.LeaveGroup(en0, &mDNSLinkLocal)
-	if err := p.SetControlMessage(ipv6.FlagDst|ipv6.FlagInterface, true); err != nil {
-		log.Fatal(err)
-	}
-
-	var wcm ipv6.ControlMessage
-	b := make([]byte, 1500)
-	for {
-		_, rcm, peer, err := p.ReadFrom(b)
-		if err != nil {
-			log.Fatal(err)
-		}
-		if !rcm.Dst.IsMulticast() || !rcm.Dst.Equal(mDNSLinkLocal.IP) {
-			continue
-		}
-		wcm.IfIndex = rcm.IfIndex
-		answers := []byte("FAKE-MDNS-ANSWERS") // fake mDNS answers, you need to implement this
-		if _, err := p.WriteTo(answers, &wcm, peer); err != nil {
-			log.Fatal(err)
-		}
-	}
-}
-
-func ExamplePacketConn_tracingIPPacketRoute() {
-	// Tracing an IP packet route to www.google.com.
-
-	const host = "www.google.com"
-	ips, err := net.LookupIP(host)
-	if err != nil {
-		log.Fatal(err)
-	}
-	var dst net.IPAddr
-	for _, ip := range ips {
-		if ip.To16() != nil && ip.To4() == nil {
-			dst.IP = ip
-			fmt.Printf("using %v for tracing an IP packet route to %s\n", dst.IP, host)
-			break
-		}
-	}
-	if dst.IP == nil {
-		log.Fatal("no AAAA record found")
-	}
-
-	c, err := net.ListenPacket("ip6:58", "::") // ICMP for IPv6
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv6.NewPacketConn(c)
-
-	if err := p.SetControlMessage(ipv6.FlagHopLimit|ipv6.FlagSrc|ipv6.FlagDst|ipv6.FlagInterface, true); err != nil {
-		log.Fatal(err)
-	}
-	wm := icmp.Message{
-		Type: ipv6.ICMPTypeEchoRequest, Code: 0,
-		Body: &icmp.Echo{
-			ID:   os.Getpid() & 0xffff,
-			Data: []byte("HELLO-R-U-THERE"),
-		},
-	}
-	var f ipv6.ICMPFilter
-	f.SetAll(true)
-	f.Accept(ipv6.ICMPTypeTimeExceeded)
-	f.Accept(ipv6.ICMPTypeEchoReply)
-	if err := p.SetICMPFilter(&f); err != nil {
-		log.Fatal(err)
-	}
-
-	var wcm ipv6.ControlMessage
-	rb := make([]byte, 1500)
-	for i := 1; i <= 64; i++ { // up to 64 hops
-		wm.Body.(*icmp.Echo).Seq = i
-		wb, err := wm.Marshal(nil)
-		if err != nil {
-			log.Fatal(err)
-		}
-
-		// In the real world usually there are several
-		// multiple traffic-engineered paths for each hop.
-		// You may need to probe a few times to each hop.
-		begin := time.Now()
-		wcm.HopLimit = i
-		if _, err := p.WriteTo(wb, &wcm, &dst); err != nil {
-			log.Fatal(err)
-		}
-		if err := p.SetReadDeadline(time.Now().Add(3 * time.Second)); err != nil {
-			log.Fatal(err)
-		}
-		n, rcm, peer, err := p.ReadFrom(rb)
-		if err != nil {
-			if err, ok := err.(net.Error); ok && err.Timeout() {
-				fmt.Printf("%v\t*\n", i)
-				continue
-			}
-			log.Fatal(err)
-		}
-		rm, err := icmp.ParseMessage(58, rb[:n])
-		if err != nil {
-			log.Fatal(err)
-		}
-		rtt := time.Since(begin)
-
-		// In the real world you need to determine whether the
-		// received message is yours using ControlMessage.Src,
-		// ControlMesage.Dst, icmp.Echo.ID and icmp.Echo.Seq.
-		switch rm.Type {
-		case ipv6.ICMPTypeTimeExceeded:
-			names, _ := net.LookupAddr(peer.String())
-			fmt.Printf("%d\t%v %+v %v\n\t%+v\n", i, peer, names, rtt, rcm)
-		case ipv6.ICMPTypeEchoReply:
-			names, _ := net.LookupAddr(peer.String())
-			fmt.Printf("%d\t%v %+v %v\n\t%+v\n", i, peer, names, rtt, rcm)
-			return
-		}
-	}
-}
-
-func ExamplePacketConn_advertisingOSPFHello() {
-	c, err := net.ListenPacket("ip6:89", "::") // OSPF for IPv6
-	if err != nil {
-		log.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv6.NewPacketConn(c)
-
-	en0, err := net.InterfaceByName("en0")
-	if err != nil {
-		log.Fatal(err)
-	}
-	allSPFRouters := net.IPAddr{IP: net.ParseIP("ff02::5")}
-	if err := p.JoinGroup(en0, &allSPFRouters); err != nil {
-		log.Fatal(err)
-	}
-	defer p.LeaveGroup(en0, &allSPFRouters)
-
-	hello := make([]byte, 24) // fake hello data, you need to implement this
-	ospf := make([]byte, 16)  // fake ospf header, you need to implement this
-	ospf[0] = 3               // version 3
-	ospf[1] = 1               // hello packet
-	ospf = append(ospf, hello...)
-	if err := p.SetChecksum(true, 12); err != nil {
-		log.Fatal(err)
-	}
-
-	cm := ipv6.ControlMessage{
-		TrafficClass: 0xc0, // DSCP CS6
-		HopLimit:     1,
-		IfIndex:      en0.Index,
-	}
-	if _, err := p.WriteTo(ospf, &cm, &allSPFRouters); err != nil {
-		log.Fatal(err)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/gen.go b/vendor/golang.org/x/net/ipv6/gen.go
deleted file mode 100644
index b1e0ea37..00000000
--- a/vendor/golang.org/x/net/ipv6/gen.go
+++ /dev/null
@@ -1,208 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-//go:generate go run gen.go
-
-// This program generates system adaptation constants and types,
-// internet protocol constants and tables by reading template files
-// and IANA protocol registries.
-package main
-
-import (
-	"bytes"
-	"encoding/xml"
-	"fmt"
-	"go/format"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"os"
-	"os/exec"
-	"runtime"
-	"strconv"
-	"strings"
-)
-
-func main() {
-	if err := genzsys(); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-	if err := geniana(); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-}
-
-func genzsys() error {
-	defs := "defs_" + runtime.GOOS + ".go"
-	f, err := os.Open(defs)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return nil
-		}
-		return err
-	}
-	f.Close()
-	cmd := exec.Command("go", "tool", "cgo", "-godefs", defs)
-	b, err := cmd.Output()
-	if err != nil {
-		return err
-	}
-	// The ipv6 pacakge still supports go1.2, and so we need to
-	// take care of additional platforms in go1.3 and above for
-	// working with go1.2.
-	switch {
-	case runtime.GOOS == "dragonfly" || runtime.GOOS == "solaris":
-		b = bytes.Replace(b, []byte("package ipv6\n"), []byte("// +build "+runtime.GOOS+"\n\npackage ipv6\n"), 1)
-	case runtime.GOOS == "linux" && (runtime.GOARCH == "arm64" || runtime.GOARCH == "mips64" || runtime.GOARCH == "mips64le" || runtime.GOARCH == "ppc64" || runtime.GOARCH == "ppc64le"):
-		b = bytes.Replace(b, []byte("package ipv6\n"), []byte("// +build "+runtime.GOOS+","+runtime.GOARCH+"\n\npackage ipv6\n"), 1)
-	}
-	b, err = format.Source(b)
-	if err != nil {
-		return err
-	}
-	zsys := "zsys_" + runtime.GOOS + ".go"
-	switch runtime.GOOS {
-	case "freebsd", "linux":
-		zsys = "zsys_" + runtime.GOOS + "_" + runtime.GOARCH + ".go"
-	}
-	if err := ioutil.WriteFile(zsys, b, 0644); err != nil {
-		return err
-	}
-	return nil
-}
-
-var registries = []struct {
-	url   string
-	parse func(io.Writer, io.Reader) error
-}{
-	{
-		"http://www.iana.org/assignments/icmpv6-parameters/icmpv6-parameters.xml",
-		parseICMPv6Parameters,
-	},
-}
-
-func geniana() error {
-	var bb bytes.Buffer
-	fmt.Fprintf(&bb, "// go generate gen.go\n")
-	fmt.Fprintf(&bb, "// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT\n\n")
-	fmt.Fprintf(&bb, "package ipv6\n\n")
-	for _, r := range registries {
-		resp, err := http.Get(r.url)
-		if err != nil {
-			return err
-		}
-		defer resp.Body.Close()
-		if resp.StatusCode != http.StatusOK {
-			return fmt.Errorf("got HTTP status code %v for %v\n", resp.StatusCode, r.url)
-		}
-		if err := r.parse(&bb, resp.Body); err != nil {
-			return err
-		}
-		fmt.Fprintf(&bb, "\n")
-	}
-	b, err := format.Source(bb.Bytes())
-	if err != nil {
-		return err
-	}
-	if err := ioutil.WriteFile("iana.go", b, 0644); err != nil {
-		return err
-	}
-	return nil
-}
-
-func parseICMPv6Parameters(w io.Writer, r io.Reader) error {
-	dec := xml.NewDecoder(r)
-	var icp icmpv6Parameters
-	if err := dec.Decode(&icp); err != nil {
-		return err
-	}
-	prs := icp.escape()
-	fmt.Fprintf(w, "// %s, Updated: %s\n", icp.Title, icp.Updated)
-	fmt.Fprintf(w, "const (\n")
-	for _, pr := range prs {
-		if pr.Name == "" {
-			continue
-		}
-		fmt.Fprintf(w, "ICMPType%s ICMPType = %d", pr.Name, pr.Value)
-		fmt.Fprintf(w, "// %s\n", pr.OrigName)
-	}
-	fmt.Fprintf(w, ")\n\n")
-	fmt.Fprintf(w, "// %s, Updated: %s\n", icp.Title, icp.Updated)
-	fmt.Fprintf(w, "var icmpTypes = map[ICMPType]string{\n")
-	for _, pr := range prs {
-		if pr.Name == "" {
-			continue
-		}
-		fmt.Fprintf(w, "%d: %q,\n", pr.Value, strings.ToLower(pr.OrigName))
-	}
-	fmt.Fprintf(w, "}\n")
-	return nil
-}
-
-type icmpv6Parameters struct {
-	XMLName    xml.Name `xml:"registry"`
-	Title      string   `xml:"title"`
-	Updated    string   `xml:"updated"`
-	Registries []struct {
-		Title   string `xml:"title"`
-		Records []struct {
-			Value string `xml:"value"`
-			Name  string `xml:"name"`
-		} `xml:"record"`
-	} `xml:"registry"`
-}
-
-type canonICMPv6ParamRecord struct {
-	OrigName string
-	Name     string
-	Value    int
-}
-
-func (icp *icmpv6Parameters) escape() []canonICMPv6ParamRecord {
-	id := -1
-	for i, r := range icp.Registries {
-		if strings.Contains(r.Title, "Type") || strings.Contains(r.Title, "type") {
-			id = i
-			break
-		}
-	}
-	if id < 0 {
-		return nil
-	}
-	prs := make([]canonICMPv6ParamRecord, len(icp.Registries[id].Records))
-	sr := strings.NewReplacer(
-		"Messages", "",
-		"Message", "",
-		"ICMP", "",
-		"+", "P",
-		"-", "",
-		"/", "",
-		".", "",
-		" ", "",
-	)
-	for i, pr := range icp.Registries[id].Records {
-		if strings.Contains(pr.Name, "Reserved") ||
-			strings.Contains(pr.Name, "Unassigned") ||
-			strings.Contains(pr.Name, "Deprecated") ||
-			strings.Contains(pr.Name, "Experiment") ||
-			strings.Contains(pr.Name, "experiment") {
-			continue
-		}
-		ss := strings.Split(pr.Name, "\n")
-		if len(ss) > 1 {
-			prs[i].Name = strings.Join(ss, " ")
-		} else {
-			prs[i].Name = ss[0]
-		}
-		s := strings.TrimSpace(prs[i].Name)
-		prs[i].OrigName = s
-		prs[i].Name = sr.Replace(s)
-		prs[i].Value, _ = strconv.Atoi(pr.Value)
-	}
-	return prs
-}
diff --git a/vendor/golang.org/x/net/ipv6/genericopt_posix.go b/vendor/golang.org/x/net/ipv6/genericopt_posix.go
deleted file mode 100644
index dd77a016..00000000
--- a/vendor/golang.org/x/net/ipv6/genericopt_posix.go
+++ /dev/null
@@ -1,60 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd windows
-
-package ipv6
-
-import "syscall"
-
-// TrafficClass returns the traffic class field value for outgoing
-// packets.
-func (c *genericOpt) TrafficClass() (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	return getInt(fd, &sockOpts[ssoTrafficClass])
-}
-
-// SetTrafficClass sets the traffic class field value for future
-// outgoing packets.
-func (c *genericOpt) SetTrafficClass(tclass int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoTrafficClass], tclass)
-}
-
-// HopLimit returns the hop limit field value for outgoing packets.
-func (c *genericOpt) HopLimit() (int, error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return 0, err
-	}
-	return getInt(fd, &sockOpts[ssoHopLimit])
-}
-
-// SetHopLimit sets the hop limit field value for future outgoing
-// packets.
-func (c *genericOpt) SetHopLimit(hoplim int) error {
-	if !c.ok() {
-		return syscall.EINVAL
-	}
-	fd, err := c.sysfd()
-	if err != nil {
-		return err
-	}
-	return setInt(fd, &sockOpts[ssoHopLimit], hoplim)
-}
diff --git a/vendor/golang.org/x/net/ipv6/genericopt_stub.go b/vendor/golang.org/x/net/ipv6/genericopt_stub.go
deleted file mode 100644
index f5c37224..00000000
--- a/vendor/golang.org/x/net/ipv6/genericopt_stub.go
+++ /dev/null
@@ -1,30 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv6
-
-// TrafficClass returns the traffic class field value for outgoing
-// packets.
-func (c *genericOpt) TrafficClass() (int, error) {
-	return 0, errOpNoSupport
-}
-
-// SetTrafficClass sets the traffic class field value for future
-// outgoing packets.
-func (c *genericOpt) SetTrafficClass(tclass int) error {
-	return errOpNoSupport
-}
-
-// HopLimit returns the hop limit field value for outgoing packets.
-func (c *genericOpt) HopLimit() (int, error) {
-	return 0, errOpNoSupport
-}
-
-// SetHopLimit sets the hop limit field value for future outgoing
-// packets.
-func (c *genericOpt) SetHopLimit(hoplim int) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv6/header.go b/vendor/golang.org/x/net/ipv6/header.go
deleted file mode 100644
index e05cb08b..00000000
--- a/vendor/golang.org/x/net/ipv6/header.go
+++ /dev/null
@@ -1,55 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"encoding/binary"
-	"fmt"
-	"net"
-)
-
-const (
-	Version   = 6  // protocol version
-	HeaderLen = 40 // header length
-)
-
-// A Header represents an IPv6 base header.
-type Header struct {
-	Version      int    // protocol version
-	TrafficClass int    // traffic class
-	FlowLabel    int    // flow label
-	PayloadLen   int    // payload length
-	NextHeader   int    // next header
-	HopLimit     int    // hop limit
-	Src          net.IP // source address
-	Dst          net.IP // destination address
-}
-
-func (h *Header) String() string {
-	if h == nil {
-		return ""
-	}
-	return fmt.Sprintf("ver=%d tclass=%#x flowlbl=%#x payloadlen=%d nxthdr=%d hoplim=%d src=%v dst=%v", h.Version, h.TrafficClass, h.FlowLabel, h.PayloadLen, h.NextHeader, h.HopLimit, h.Src, h.Dst)
-}
-
-// ParseHeader parses b as an IPv6 base header.
-func ParseHeader(b []byte) (*Header, error) {
-	if len(b) < HeaderLen {
-		return nil, errHeaderTooShort
-	}
-	h := &Header{
-		Version:      int(b[0]) >> 4,
-		TrafficClass: int(b[0]&0x0f)<<4 | int(b[1])>>4,
-		FlowLabel:    int(b[1]&0x0f)<<16 | int(b[2])<<8 | int(b[3]),
-		PayloadLen:   int(binary.BigEndian.Uint16(b[4:6])),
-		NextHeader:   int(b[6]),
-		HopLimit:     int(b[7]),
-	}
-	h.Src = make(net.IP, net.IPv6len)
-	copy(h.Src, b[8:24])
-	h.Dst = make(net.IP, net.IPv6len)
-	copy(h.Dst, b[24:40])
-	return h, nil
-}
diff --git a/vendor/golang.org/x/net/ipv6/header_test.go b/vendor/golang.org/x/net/ipv6/header_test.go
deleted file mode 100644
index ca11dc23..00000000
--- a/vendor/golang.org/x/net/ipv6/header_test.go
+++ /dev/null
@@ -1,55 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"net"
-	"reflect"
-	"strings"
-	"testing"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/ipv6"
-)
-
-var (
-	wireHeaderFromKernel = [ipv6.HeaderLen]byte{
-		0x69, 0x8b, 0xee, 0xf1,
-		0xca, 0xfe, 0x2c, 0x01,
-		0x20, 0x01, 0x0d, 0xb8,
-		0x00, 0x01, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x01,
-		0x20, 0x01, 0x0d, 0xb8,
-		0x00, 0x02, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x00,
-		0x00, 0x00, 0x00, 0x01,
-	}
-
-	testHeader = &ipv6.Header{
-		Version:      ipv6.Version,
-		TrafficClass: iana.DiffServAF43,
-		FlowLabel:    0xbeef1,
-		PayloadLen:   0xcafe,
-		NextHeader:   iana.ProtocolIPv6Frag,
-		HopLimit:     1,
-		Src:          net.ParseIP("2001:db8:1::1"),
-		Dst:          net.ParseIP("2001:db8:2::1"),
-	}
-)
-
-func TestParseHeader(t *testing.T) {
-	h, err := ipv6.ParseHeader(wireHeaderFromKernel[:])
-	if err != nil {
-		t.Fatal(err)
-	}
-	if !reflect.DeepEqual(h, testHeader) {
-		t.Fatalf("got %#v; want %#v", h, testHeader)
-	}
-	s := h.String()
-	if strings.Contains(s, ",") {
-		t.Fatalf("should be space-separated values: %s", s)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/helper.go b/vendor/golang.org/x/net/ipv6/helper.go
deleted file mode 100644
index 53b99990..00000000
--- a/vendor/golang.org/x/net/ipv6/helper.go
+++ /dev/null
@@ -1,53 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"encoding/binary"
-	"errors"
-	"net"
-	"unsafe"
-)
-
-var (
-	errMissingAddress  = errors.New("missing address")
-	errHeaderTooShort  = errors.New("header too short")
-	errInvalidConnType = errors.New("invalid conn type")
-	errOpNoSupport     = errors.New("operation not supported")
-	errNoSuchInterface = errors.New("no such interface")
-
-	nativeEndian binary.ByteOrder
-)
-
-func init() {
-	i := uint32(1)
-	b := (*[4]byte)(unsafe.Pointer(&i))
-	if b[0] == 1 {
-		nativeEndian = binary.LittleEndian
-	} else {
-		nativeEndian = binary.BigEndian
-	}
-}
-
-func boolint(b bool) int {
-	if b {
-		return 1
-	}
-	return 0
-}
-
-func netAddrToIP16(a net.Addr) net.IP {
-	switch v := a.(type) {
-	case *net.UDPAddr:
-		if ip := v.IP.To16(); ip != nil && ip.To4() == nil {
-			return ip
-		}
-	case *net.IPAddr:
-		if ip := v.IP.To16(); ip != nil && ip.To4() == nil {
-			return ip
-		}
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv6/helper_stub.go b/vendor/golang.org/x/net/ipv6/helper_stub.go
deleted file mode 100644
index 20354ab2..00000000
--- a/vendor/golang.org/x/net/ipv6/helper_stub.go
+++ /dev/null
@@ -1,19 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv6
-
-func (c *genericOpt) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
-
-func (c *dgramOpt) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
-
-func (c *payloadHandler) sysfd() (int, error) {
-	return 0, errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv6/helper_unix.go b/vendor/golang.org/x/net/ipv6/helper_unix.go
deleted file mode 100644
index 92868ed2..00000000
--- a/vendor/golang.org/x/net/ipv6/helper_unix.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv6
-
-import (
-	"net"
-	"reflect"
-)
-
-func (c *genericOpt) sysfd() (int, error) {
-	switch p := c.Conn.(type) {
-	case *net.TCPConn, *net.UDPConn, *net.IPConn:
-		return sysfd(p)
-	}
-	return 0, errInvalidConnType
-}
-
-func (c *dgramOpt) sysfd() (int, error) {
-	switch p := c.PacketConn.(type) {
-	case *net.UDPConn, *net.IPConn:
-		return sysfd(p.(net.Conn))
-	}
-	return 0, errInvalidConnType
-}
-
-func (c *payloadHandler) sysfd() (int, error) {
-	return sysfd(c.PacketConn.(net.Conn))
-}
-
-func sysfd(c net.Conn) (int, error) {
-	cv := reflect.ValueOf(c)
-	switch ce := cv.Elem(); ce.Kind() {
-	case reflect.Struct:
-		nfd := ce.FieldByName("conn").FieldByName("fd")
-		switch fe := nfd.Elem(); fe.Kind() {
-		case reflect.Struct:
-			fd := fe.FieldByName("sysfd")
-			return int(fd.Int()), nil
-		}
-	}
-	return 0, errInvalidConnType
-}
diff --git a/vendor/golang.org/x/net/ipv6/helper_windows.go b/vendor/golang.org/x/net/ipv6/helper_windows.go
deleted file mode 100644
index 28c401b5..00000000
--- a/vendor/golang.org/x/net/ipv6/helper_windows.go
+++ /dev/null
@@ -1,45 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"reflect"
-	"syscall"
-)
-
-func (c *genericOpt) sysfd() (syscall.Handle, error) {
-	switch p := c.Conn.(type) {
-	case *net.TCPConn, *net.UDPConn, *net.IPConn:
-		return sysfd(p)
-	}
-	return syscall.InvalidHandle, errInvalidConnType
-}
-
-func (c *dgramOpt) sysfd() (syscall.Handle, error) {
-	switch p := c.PacketConn.(type) {
-	case *net.UDPConn, *net.IPConn:
-		return sysfd(p.(net.Conn))
-	}
-	return syscall.InvalidHandle, errInvalidConnType
-}
-
-func (c *payloadHandler) sysfd() (syscall.Handle, error) {
-	return sysfd(c.PacketConn.(net.Conn))
-}
-
-func sysfd(c net.Conn) (syscall.Handle, error) {
-	cv := reflect.ValueOf(c)
-	switch ce := cv.Elem(); ce.Kind() {
-	case reflect.Struct:
-		netfd := ce.FieldByName("conn").FieldByName("fd")
-		switch fe := netfd.Elem(); fe.Kind() {
-		case reflect.Struct:
-			fd := fe.FieldByName("sysfd")
-			return syscall.Handle(fd.Uint()), nil
-		}
-	}
-	return syscall.InvalidHandle, errInvalidConnType
-}
diff --git a/vendor/golang.org/x/net/ipv6/iana.go b/vendor/golang.org/x/net/ipv6/iana.go
deleted file mode 100644
index 3c6214fb..00000000
--- a/vendor/golang.org/x/net/ipv6/iana.go
+++ /dev/null
@@ -1,82 +0,0 @@
-// go generate gen.go
-// GENERATED BY THE COMMAND ABOVE; DO NOT EDIT
-
-package ipv6
-
-// Internet Control Message Protocol version 6 (ICMPv6) Parameters, Updated: 2015-07-07
-const (
-	ICMPTypeDestinationUnreachable                ICMPType = 1   // Destination Unreachable
-	ICMPTypePacketTooBig                          ICMPType = 2   // Packet Too Big
-	ICMPTypeTimeExceeded                          ICMPType = 3   // Time Exceeded
-	ICMPTypeParameterProblem                      ICMPType = 4   // Parameter Problem
-	ICMPTypeEchoRequest                           ICMPType = 128 // Echo Request
-	ICMPTypeEchoReply                             ICMPType = 129 // Echo Reply
-	ICMPTypeMulticastListenerQuery                ICMPType = 130 // Multicast Listener Query
-	ICMPTypeMulticastListenerReport               ICMPType = 131 // Multicast Listener Report
-	ICMPTypeMulticastListenerDone                 ICMPType = 132 // Multicast Listener Done
-	ICMPTypeRouterSolicitation                    ICMPType = 133 // Router Solicitation
-	ICMPTypeRouterAdvertisement                   ICMPType = 134 // Router Advertisement
-	ICMPTypeNeighborSolicitation                  ICMPType = 135 // Neighbor Solicitation
-	ICMPTypeNeighborAdvertisement                 ICMPType = 136 // Neighbor Advertisement
-	ICMPTypeRedirect                              ICMPType = 137 // Redirect Message
-	ICMPTypeRouterRenumbering                     ICMPType = 138 // Router Renumbering
-	ICMPTypeNodeInformationQuery                  ICMPType = 139 // ICMP Node Information Query
-	ICMPTypeNodeInformationResponse               ICMPType = 140 // ICMP Node Information Response
-	ICMPTypeInverseNeighborDiscoverySolicitation  ICMPType = 141 // Inverse Neighbor Discovery Solicitation Message
-	ICMPTypeInverseNeighborDiscoveryAdvertisement ICMPType = 142 // Inverse Neighbor Discovery Advertisement Message
-	ICMPTypeVersion2MulticastListenerReport       ICMPType = 143 // Version 2 Multicast Listener Report
-	ICMPTypeHomeAgentAddressDiscoveryRequest      ICMPType = 144 // Home Agent Address Discovery Request Message
-	ICMPTypeHomeAgentAddressDiscoveryReply        ICMPType = 145 // Home Agent Address Discovery Reply Message
-	ICMPTypeMobilePrefixSolicitation              ICMPType = 146 // Mobile Prefix Solicitation
-	ICMPTypeMobilePrefixAdvertisement             ICMPType = 147 // Mobile Prefix Advertisement
-	ICMPTypeCertificationPathSolicitation         ICMPType = 148 // Certification Path Solicitation Message
-	ICMPTypeCertificationPathAdvertisement        ICMPType = 149 // Certification Path Advertisement Message
-	ICMPTypeMulticastRouterAdvertisement          ICMPType = 151 // Multicast Router Advertisement
-	ICMPTypeMulticastRouterSolicitation           ICMPType = 152 // Multicast Router Solicitation
-	ICMPTypeMulticastRouterTermination            ICMPType = 153 // Multicast Router Termination
-	ICMPTypeFMIPv6                                ICMPType = 154 // FMIPv6 Messages
-	ICMPTypeRPLControl                            ICMPType = 155 // RPL Control Message
-	ICMPTypeILNPv6LocatorUpdate                   ICMPType = 156 // ILNPv6 Locator Update Message
-	ICMPTypeDuplicateAddressRequest               ICMPType = 157 // Duplicate Address Request
-	ICMPTypeDuplicateAddressConfirmation          ICMPType = 158 // Duplicate Address Confirmation
-	ICMPTypeMPLControl                            ICMPType = 159 // MPL Control Message
-)
-
-// Internet Control Message Protocol version 6 (ICMPv6) Parameters, Updated: 2015-07-07
-var icmpTypes = map[ICMPType]string{
-	1:   "destination unreachable",
-	2:   "packet too big",
-	3:   "time exceeded",
-	4:   "parameter problem",
-	128: "echo request",
-	129: "echo reply",
-	130: "multicast listener query",
-	131: "multicast listener report",
-	132: "multicast listener done",
-	133: "router solicitation",
-	134: "router advertisement",
-	135: "neighbor solicitation",
-	136: "neighbor advertisement",
-	137: "redirect message",
-	138: "router renumbering",
-	139: "icmp node information query",
-	140: "icmp node information response",
-	141: "inverse neighbor discovery solicitation message",
-	142: "inverse neighbor discovery advertisement message",
-	143: "version 2 multicast listener report",
-	144: "home agent address discovery request message",
-	145: "home agent address discovery reply message",
-	146: "mobile prefix solicitation",
-	147: "mobile prefix advertisement",
-	148: "certification path solicitation message",
-	149: "certification path advertisement message",
-	151: "multicast router advertisement",
-	152: "multicast router solicitation",
-	153: "multicast router termination",
-	154: "fmipv6 messages",
-	155: "rpl control message",
-	156: "ilnpv6 locator update message",
-	157: "duplicate address request",
-	158: "duplicate address confirmation",
-	159: "mpl control message",
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp.go b/vendor/golang.org/x/net/ipv6/icmp.go
deleted file mode 100644
index a2de65a0..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp.go
+++ /dev/null
@@ -1,57 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import "golang.org/x/net/internal/iana"
-
-// An ICMPType represents a type of ICMP message.
-type ICMPType int
-
-func (typ ICMPType) String() string {
-	s, ok := icmpTypes[typ]
-	if !ok {
-		return ""
-	}
-	return s
-}
-
-// Protocol returns the ICMPv6 protocol number.
-func (typ ICMPType) Protocol() int {
-	return iana.ProtocolIPv6ICMP
-}
-
-// An ICMPFilter represents an ICMP message filter for incoming
-// packets. The filter belongs to a packet delivery path on a host and
-// it cannot interact with forwarding packets or tunnel-outer packets.
-//
-// Note: RFC 2460 defines a reasonable role model. A node means a
-// device that implements IP. A router means a node that forwards IP
-// packets not explicitly addressed to itself, and a host means a node
-// that is not a router.
-type ICMPFilter struct {
-	sysICMPv6Filter
-}
-
-// Accept accepts incoming ICMP packets including the type field value
-// typ.
-func (f *ICMPFilter) Accept(typ ICMPType) {
-	f.accept(typ)
-}
-
-// Block blocks incoming ICMP packets including the type field value
-// typ.
-func (f *ICMPFilter) Block(typ ICMPType) {
-	f.block(typ)
-}
-
-// SetAll sets the filter action to the filter.
-func (f *ICMPFilter) SetAll(block bool) {
-	f.setAll(block)
-}
-
-// WillBlock reports whether the ICMP type will be blocked.
-func (f *ICMPFilter) WillBlock(typ ICMPType) bool {
-	return f.willBlock(typ)
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp_bsd.go b/vendor/golang.org/x/net/ipv6/icmp_bsd.go
deleted file mode 100644
index 30e3ce42..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp_bsd.go
+++ /dev/null
@@ -1,29 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd netbsd openbsd
-
-package ipv6
-
-func (f *sysICMPv6Filter) accept(typ ICMPType) {
-	f.Filt[typ>>5] |= 1 << (uint32(typ) & 31)
-}
-
-func (f *sysICMPv6Filter) block(typ ICMPType) {
-	f.Filt[typ>>5] &^= 1 << (uint32(typ) & 31)
-}
-
-func (f *sysICMPv6Filter) setAll(block bool) {
-	for i := range f.Filt {
-		if block {
-			f.Filt[i] = 0
-		} else {
-			f.Filt[i] = 1<<32 - 1
-		}
-	}
-}
-
-func (f *sysICMPv6Filter) willBlock(typ ICMPType) bool {
-	return f.Filt[typ>>5]&(1<<(uint32(typ)&31)) == 0
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp_linux.go b/vendor/golang.org/x/net/ipv6/icmp_linux.go
deleted file mode 100644
index a67ecf69..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp_linux.go
+++ /dev/null
@@ -1,27 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-func (f *sysICMPv6Filter) accept(typ ICMPType) {
-	f.Data[typ>>5] &^= 1 << (uint32(typ) & 31)
-}
-
-func (f *sysICMPv6Filter) block(typ ICMPType) {
-	f.Data[typ>>5] |= 1 << (uint32(typ) & 31)
-}
-
-func (f *sysICMPv6Filter) setAll(block bool) {
-	for i := range f.Data {
-		if block {
-			f.Data[i] = 1<<32 - 1
-		} else {
-			f.Data[i] = 0
-		}
-	}
-}
-
-func (f *sysICMPv6Filter) willBlock(typ ICMPType) bool {
-	return f.Data[typ>>5]&(1<<(uint32(typ)&31)) != 0
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp_solaris.go b/vendor/golang.org/x/net/ipv6/icmp_solaris.go
deleted file mode 100644
index a942f354..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp_solaris.go
+++ /dev/null
@@ -1,24 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build solaris
-
-package ipv6
-
-func (f *sysICMPv6Filter) accept(typ ICMPType) {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) block(typ ICMPType) {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) setAll(block bool) {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) willBlock(typ ICMPType) bool {
-	// TODO(mikio): implement this
-	return false
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp_stub.go b/vendor/golang.org/x/net/ipv6/icmp_stub.go
deleted file mode 100644
index c1263eca..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp_stub.go
+++ /dev/null
@@ -1,23 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9
-
-package ipv6
-
-type sysICMPv6Filter struct {
-}
-
-func (f *sysICMPv6Filter) accept(typ ICMPType) {
-}
-
-func (f *sysICMPv6Filter) block(typ ICMPType) {
-}
-
-func (f *sysICMPv6Filter) setAll(block bool) {
-}
-
-func (f *sysICMPv6Filter) willBlock(typ ICMPType) bool {
-	return false
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp_test.go b/vendor/golang.org/x/net/ipv6/icmp_test.go
deleted file mode 100644
index e192d6d8..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp_test.go
+++ /dev/null
@@ -1,96 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"net"
-	"reflect"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-var icmpStringTests = []struct {
-	in  ipv6.ICMPType
-	out string
-}{
-	{ipv6.ICMPTypeDestinationUnreachable, "destination unreachable"},
-
-	{256, ""},
-}
-
-func TestICMPString(t *testing.T) {
-	for _, tt := range icmpStringTests {
-		s := tt.in.String()
-		if s != tt.out {
-			t.Errorf("got %s; want %s", s, tt.out)
-		}
-	}
-}
-
-func TestICMPFilter(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-
-	var f ipv6.ICMPFilter
-	for _, toggle := range []bool{false, true} {
-		f.SetAll(toggle)
-		for _, typ := range []ipv6.ICMPType{
-			ipv6.ICMPTypeDestinationUnreachable,
-			ipv6.ICMPTypeEchoReply,
-			ipv6.ICMPTypeNeighborSolicitation,
-			ipv6.ICMPTypeDuplicateAddressConfirmation,
-		} {
-			f.Accept(typ)
-			if f.WillBlock(typ) {
-				t.Errorf("ipv6.ICMPFilter.Set(%v, false) failed", typ)
-			}
-			f.Block(typ)
-			if !f.WillBlock(typ) {
-				t.Errorf("ipv6.ICMPFilter.Set(%v, true) failed", typ)
-			}
-		}
-	}
-}
-
-func TestSetICMPFilter(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	c, err := net.ListenPacket("ip6:ipv6-icmp", "::1")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	p := ipv6.NewPacketConn(c)
-
-	var f ipv6.ICMPFilter
-	f.SetAll(true)
-	f.Accept(ipv6.ICMPTypeEchoRequest)
-	f.Accept(ipv6.ICMPTypeEchoReply)
-	if err := p.SetICMPFilter(&f); err != nil {
-		t.Fatal(err)
-	}
-	kf, err := p.ICMPFilter()
-	if err != nil {
-		t.Fatal(err)
-	}
-	if !reflect.DeepEqual(kf, &f) {
-		t.Fatalf("got %#v; want %#v", kf, f)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/icmp_windows.go b/vendor/golang.org/x/net/ipv6/icmp_windows.go
deleted file mode 100644
index 9dcfb810..00000000
--- a/vendor/golang.org/x/net/ipv6/icmp_windows.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-type sysICMPv6Filter struct {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) accept(typ ICMPType) {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) block(typ ICMPType) {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) setAll(block bool) {
-	// TODO(mikio): implement this
-}
-
-func (f *sysICMPv6Filter) willBlock(typ ICMPType) bool {
-	// TODO(mikio): implement this
-	return false
-}
diff --git a/vendor/golang.org/x/net/ipv6/mocktransponder_test.go b/vendor/golang.org/x/net/ipv6/mocktransponder_test.go
deleted file mode 100644
index d587922a..00000000
--- a/vendor/golang.org/x/net/ipv6/mocktransponder_test.go
+++ /dev/null
@@ -1,32 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"net"
-	"testing"
-)
-
-func connector(t *testing.T, network, addr string, done chan<- bool) {
-	defer func() { done <- true }()
-
-	c, err := net.Dial(network, addr)
-	if err != nil {
-		t.Error(err)
-		return
-	}
-	c.Close()
-}
-
-func acceptor(t *testing.T, ln net.Listener, done chan<- bool) {
-	defer func() { done <- true }()
-
-	c, err := ln.Accept()
-	if err != nil {
-		t.Error(err)
-		return
-	}
-	c.Close()
-}
diff --git a/vendor/golang.org/x/net/ipv6/multicast_test.go b/vendor/golang.org/x/net/ipv6/multicast_test.go
deleted file mode 100644
index a3a8979d..00000000
--- a/vendor/golang.org/x/net/ipv6/multicast_test.go
+++ /dev/null
@@ -1,260 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"bytes"
-	"net"
-	"os"
-	"runtime"
-	"testing"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-var packetConnReadWriteMulticastUDPTests = []struct {
-	addr     string
-	grp, src *net.UDPAddr
-}{
-	{"[ff02::]:0", &net.UDPAddr{IP: net.ParseIP("ff02::114")}, nil}, // see RFC 4727
-
-	{"[ff30::8000:0]:0", &net.UDPAddr{IP: net.ParseIP("ff30::8000:1")}, &net.UDPAddr{IP: net.IPv6loopback}}, // see RFC 5771
-}
-
-func TestPacketConnReadWriteMulticastUDP(t *testing.T) {
-	switch runtime.GOOS {
-	case "freebsd": // due to a bug on loopback marking
-		// See http://www.freebsd.org/cgi/query-pr.cgi?pr=180065.
-		t.Skipf("not supported on %s", runtime.GOOS)
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	for _, tt := range packetConnReadWriteMulticastUDPTests {
-		c, err := net.ListenPacket("udp6", tt.addr)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		grp := *tt.grp
-		grp.Port = c.LocalAddr().(*net.UDPAddr).Port
-		p := ipv6.NewPacketConn(c)
-		defer p.Close()
-		if tt.src == nil {
-			if err := p.JoinGroup(ifi, &grp); err != nil {
-				t.Fatal(err)
-			}
-			defer p.LeaveGroup(ifi, &grp)
-		} else {
-			if err := p.JoinSourceSpecificGroup(ifi, &grp, tt.src); err != nil {
-				switch runtime.GOOS {
-				case "freebsd", "linux":
-				default: // platforms that don't support MLDv2 fail here
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			defer p.LeaveSourceSpecificGroup(ifi, &grp, tt.src)
-		}
-		if err := p.SetMulticastInterface(ifi); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastInterface(); err != nil {
-			t.Fatal(err)
-		}
-		if err := p.SetMulticastLoopback(true); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastLoopback(); err != nil {
-			t.Fatal(err)
-		}
-
-		cm := ipv6.ControlMessage{
-			TrafficClass: iana.DiffServAF11 | iana.CongestionExperienced,
-			Src:          net.IPv6loopback,
-			IfIndex:      ifi.Index,
-		}
-		cf := ipv6.FlagTrafficClass | ipv6.FlagHopLimit | ipv6.FlagSrc | ipv6.FlagDst | ipv6.FlagInterface | ipv6.FlagPathMTU
-		wb := []byte("HELLO-R-U-THERE")
-
-		for i, toggle := range []bool{true, false, true} {
-			if err := p.SetControlMessage(cf, toggle); err != nil {
-				if nettest.ProtocolNotSupported(err) {
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			if err := p.SetDeadline(time.Now().Add(200 * time.Millisecond)); err != nil {
-				t.Fatal(err)
-			}
-			cm.HopLimit = i + 1
-			if n, err := p.WriteTo(wb, &cm, &grp); err != nil {
-				t.Fatal(err)
-			} else if n != len(wb) {
-				t.Fatal(err)
-			}
-			rb := make([]byte, 128)
-			if n, _, _, err := p.ReadFrom(rb); err != nil {
-				t.Fatal(err)
-			} else if !bytes.Equal(rb[:n], wb) {
-				t.Fatalf("got %v; want %v", rb[:n], wb)
-			}
-		}
-	}
-}
-
-var packetConnReadWriteMulticastICMPTests = []struct {
-	grp, src *net.IPAddr
-}{
-	{&net.IPAddr{IP: net.ParseIP("ff02::114")}, nil}, // see RFC 4727
-
-	{&net.IPAddr{IP: net.ParseIP("ff30::8000:1")}, &net.IPAddr{IP: net.IPv6loopback}}, // see RFC 5771
-}
-
-func TestPacketConnReadWriteMulticastICMP(t *testing.T) {
-	switch runtime.GOOS {
-	case "freebsd": // due to a bug on loopback marking
-		// See http://www.freebsd.org/cgi/query-pr.cgi?pr=180065.
-		t.Skipf("not supported on %s", runtime.GOOS)
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	for _, tt := range packetConnReadWriteMulticastICMPTests {
-		c, err := net.ListenPacket("ip6:ipv6-icmp", "::")
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		pshicmp := icmp.IPv6PseudoHeader(c.LocalAddr().(*net.IPAddr).IP, tt.grp.IP)
-		p := ipv6.NewPacketConn(c)
-		defer p.Close()
-		if tt.src == nil {
-			if err := p.JoinGroup(ifi, tt.grp); err != nil {
-				t.Fatal(err)
-			}
-			defer p.LeaveGroup(ifi, tt.grp)
-		} else {
-			if err := p.JoinSourceSpecificGroup(ifi, tt.grp, tt.src); err != nil {
-				switch runtime.GOOS {
-				case "freebsd", "linux":
-				default: // platforms that don't support MLDv2 fail here
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			defer p.LeaveSourceSpecificGroup(ifi, tt.grp, tt.src)
-		}
-		if err := p.SetMulticastInterface(ifi); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastInterface(); err != nil {
-			t.Fatal(err)
-		}
-		if err := p.SetMulticastLoopback(true); err != nil {
-			t.Fatal(err)
-		}
-		if _, err := p.MulticastLoopback(); err != nil {
-			t.Fatal(err)
-		}
-
-		cm := ipv6.ControlMessage{
-			TrafficClass: iana.DiffServAF11 | iana.CongestionExperienced,
-			Src:          net.IPv6loopback,
-			IfIndex:      ifi.Index,
-		}
-		cf := ipv6.FlagTrafficClass | ipv6.FlagHopLimit | ipv6.FlagSrc | ipv6.FlagDst | ipv6.FlagInterface | ipv6.FlagPathMTU
-
-		var f ipv6.ICMPFilter
-		f.SetAll(true)
-		f.Accept(ipv6.ICMPTypeEchoReply)
-		if err := p.SetICMPFilter(&f); err != nil {
-			t.Fatal(err)
-		}
-
-		var psh []byte
-		for i, toggle := range []bool{true, false, true} {
-			if toggle {
-				psh = nil
-				if err := p.SetChecksum(true, 2); err != nil {
-					t.Fatal(err)
-				}
-			} else {
-				psh = pshicmp
-				// Some platforms never allow to
-				// disable the kernel checksum
-				// processing.
-				p.SetChecksum(false, -1)
-			}
-			wb, err := (&icmp.Message{
-				Type: ipv6.ICMPTypeEchoRequest, Code: 0,
-				Body: &icmp.Echo{
-					ID: os.Getpid() & 0xffff, Seq: i + 1,
-					Data: []byte("HELLO-R-U-THERE"),
-				},
-			}).Marshal(psh)
-			if err != nil {
-				t.Fatal(err)
-			}
-			if err := p.SetControlMessage(cf, toggle); err != nil {
-				if nettest.ProtocolNotSupported(err) {
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			}
-			if err := p.SetDeadline(time.Now().Add(200 * time.Millisecond)); err != nil {
-				t.Fatal(err)
-			}
-			cm.HopLimit = i + 1
-			if n, err := p.WriteTo(wb, &cm, tt.grp); err != nil {
-				t.Fatal(err)
-			} else if n != len(wb) {
-				t.Fatalf("got %v; want %v", n, len(wb))
-			}
-			rb := make([]byte, 128)
-			if n, _, _, err := p.ReadFrom(rb); err != nil {
-				switch runtime.GOOS {
-				case "darwin": // older darwin kernels have some limitation on receiving icmp packet through raw socket
-					t.Logf("not supported on %s", runtime.GOOS)
-					continue
-				}
-				t.Fatal(err)
-			} else {
-				if m, err := icmp.ParseMessage(iana.ProtocolIPv6ICMP, rb[:n]); err != nil {
-					t.Fatal(err)
-				} else if m.Type != ipv6.ICMPTypeEchoReply || m.Code != 0 {
-					t.Fatalf("got type=%v, code=%v; want type=%v, code=%v", m.Type, m.Code, ipv6.ICMPTypeEchoReply, 0)
-				}
-			}
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/multicastlistener_test.go b/vendor/golang.org/x/net/ipv6/multicastlistener_test.go
deleted file mode 100644
index 9711f751..00000000
--- a/vendor/golang.org/x/net/ipv6/multicastlistener_test.go
+++ /dev/null
@@ -1,246 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"fmt"
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-var udpMultipleGroupListenerTests = []net.Addr{
-	&net.UDPAddr{IP: net.ParseIP("ff02::114")}, // see RFC 4727
-	&net.UDPAddr{IP: net.ParseIP("ff02::1:114")},
-	&net.UDPAddr{IP: net.ParseIP("ff02::2:114")},
-}
-
-func TestUDPSinglePacketConnWithMultipleGroupListeners(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	for _, gaddr := range udpMultipleGroupListenerTests {
-		c, err := net.ListenPacket("udp6", "[::]:0") // wildcard address with non-reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		p := ipv6.NewPacketConn(c)
-		var mift []*net.Interface
-
-		ift, err := net.Interfaces()
-		if err != nil {
-			t.Fatal(err)
-		}
-		for i, ifi := range ift {
-			if _, ok := nettest.IsMulticastCapable("ip6", &ifi); !ok {
-				continue
-			}
-			if err := p.JoinGroup(&ifi, gaddr); err != nil {
-				t.Fatal(err)
-			}
-			mift = append(mift, &ift[i])
-		}
-		for _, ifi := range mift {
-			if err := p.LeaveGroup(ifi, gaddr); err != nil {
-				t.Fatal(err)
-			}
-		}
-	}
-}
-
-func TestUDPMultiplePacketConnWithMultipleGroupListeners(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	for _, gaddr := range udpMultipleGroupListenerTests {
-		c1, err := net.ListenPacket("udp6", "[ff02::]:1024") // wildcard address with reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c1.Close()
-
-		c2, err := net.ListenPacket("udp6", "[ff02::]:1024") // wildcard address with reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c2.Close()
-
-		var ps [2]*ipv6.PacketConn
-		ps[0] = ipv6.NewPacketConn(c1)
-		ps[1] = ipv6.NewPacketConn(c2)
-		var mift []*net.Interface
-
-		ift, err := net.Interfaces()
-		if err != nil {
-			t.Fatal(err)
-		}
-		for i, ifi := range ift {
-			if _, ok := nettest.IsMulticastCapable("ip6", &ifi); !ok {
-				continue
-			}
-			for _, p := range ps {
-				if err := p.JoinGroup(&ifi, gaddr); err != nil {
-					t.Fatal(err)
-				}
-			}
-			mift = append(mift, &ift[i])
-		}
-		for _, ifi := range mift {
-			for _, p := range ps {
-				if err := p.LeaveGroup(ifi, gaddr); err != nil {
-					t.Fatal(err)
-				}
-			}
-		}
-	}
-}
-
-func TestUDPPerInterfaceSinglePacketConnWithSingleGroupListener(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	gaddr := net.IPAddr{IP: net.ParseIP("ff02::114")} // see RFC 4727
-	type ml struct {
-		c   *ipv6.PacketConn
-		ifi *net.Interface
-	}
-	var mlt []*ml
-
-	ift, err := net.Interfaces()
-	if err != nil {
-		t.Fatal(err)
-	}
-	for i, ifi := range ift {
-		ip, ok := nettest.IsMulticastCapable("ip6", &ifi)
-		if !ok {
-			continue
-		}
-		c, err := net.ListenPacket("udp6", fmt.Sprintf("[%s%%%s]:1024", ip.String(), ifi.Name)) // unicast address with non-reusable port
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		p := ipv6.NewPacketConn(c)
-		if err := p.JoinGroup(&ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-		mlt = append(mlt, &ml{p, &ift[i]})
-	}
-	for _, m := range mlt {
-		if err := m.c.LeaveGroup(m.ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
-
-func TestIPSinglePacketConnWithSingleGroupListener(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	c, err := net.ListenPacket("ip6:ipv6-icmp", "::") // wildcard address
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	p := ipv6.NewPacketConn(c)
-	gaddr := net.IPAddr{IP: net.ParseIP("ff02::114")} // see RFC 4727
-	var mift []*net.Interface
-
-	ift, err := net.Interfaces()
-	if err != nil {
-		t.Fatal(err)
-	}
-	for i, ifi := range ift {
-		if _, ok := nettest.IsMulticastCapable("ip6", &ifi); !ok {
-			continue
-		}
-		if err := p.JoinGroup(&ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-		mift = append(mift, &ift[i])
-	}
-	for _, ifi := range mift {
-		if err := p.LeaveGroup(ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
-
-func TestIPPerInterfaceSinglePacketConnWithSingleGroupListener(t *testing.T) {
-	switch runtime.GOOS {
-	case "darwin", "dragonfly", "openbsd": // platforms that return fe80::1%lo0: bind: can't assign requested address
-		t.Skipf("not supported on %s", runtime.GOOS)
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	gaddr := net.IPAddr{IP: net.ParseIP("ff02::114")} // see RFC 4727
-	type ml struct {
-		c   *ipv6.PacketConn
-		ifi *net.Interface
-	}
-	var mlt []*ml
-
-	ift, err := net.Interfaces()
-	if err != nil {
-		t.Fatal(err)
-	}
-	for i, ifi := range ift {
-		ip, ok := nettest.IsMulticastCapable("ip6", &ifi)
-		if !ok {
-			continue
-		}
-		c, err := net.ListenPacket("ip6:ipv6-icmp", fmt.Sprintf("%s%%%s", ip.String(), ifi.Name)) // unicast address
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		p := ipv6.NewPacketConn(c)
-		if err := p.JoinGroup(&ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-		mlt = append(mlt, &ml{p, &ift[i]})
-	}
-	for _, m := range mlt {
-		if err := m.c.LeaveGroup(m.ifi, &gaddr); err != nil {
-			t.Fatal(err)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/multicastsockopt_test.go b/vendor/golang.org/x/net/ipv6/multicastsockopt_test.go
deleted file mode 100644
index fe0e6e1b..00000000
--- a/vendor/golang.org/x/net/ipv6/multicastsockopt_test.go
+++ /dev/null
@@ -1,157 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-var packetConnMulticastSocketOptionTests = []struct {
-	net, proto, addr string
-	grp, src         net.Addr
-}{
-	{"udp6", "", "[ff02::]:0", &net.UDPAddr{IP: net.ParseIP("ff02::114")}, nil}, // see RFC 4727
-	{"ip6", ":ipv6-icmp", "::", &net.IPAddr{IP: net.ParseIP("ff02::115")}, nil}, // see RFC 4727
-
-	{"udp6", "", "[ff30::8000:0]:0", &net.UDPAddr{IP: net.ParseIP("ff30::8000:1")}, &net.UDPAddr{IP: net.IPv6loopback}}, // see RFC 5771
-	{"ip6", ":ipv6-icmp", "::", &net.IPAddr{IP: net.ParseIP("ff30::8000:2")}, &net.IPAddr{IP: net.IPv6loopback}},        // see RFC 5771
-}
-
-func TestPacketConnMulticastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagMulticast|net.FlagLoopback)
-	if ifi == nil {
-		t.Skipf("not available on %s", runtime.GOOS)
-	}
-
-	m, ok := nettest.SupportsRawIPSocket()
-	for _, tt := range packetConnMulticastSocketOptionTests {
-		if tt.net == "ip6" && !ok {
-			t.Log(m)
-			continue
-		}
-		c, err := net.ListenPacket(tt.net+tt.proto, tt.addr)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-		p := ipv6.NewPacketConn(c)
-		defer p.Close()
-
-		if tt.src == nil {
-			testMulticastSocketOptions(t, p, ifi, tt.grp)
-		} else {
-			testSourceSpecificMulticastSocketOptions(t, p, ifi, tt.grp, tt.src)
-		}
-	}
-}
-
-type testIPv6MulticastConn interface {
-	MulticastHopLimit() (int, error)
-	SetMulticastHopLimit(ttl int) error
-	MulticastLoopback() (bool, error)
-	SetMulticastLoopback(bool) error
-	JoinGroup(*net.Interface, net.Addr) error
-	LeaveGroup(*net.Interface, net.Addr) error
-	JoinSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-	LeaveSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-	ExcludeSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-	IncludeSourceSpecificGroup(*net.Interface, net.Addr, net.Addr) error
-}
-
-func testMulticastSocketOptions(t *testing.T, c testIPv6MulticastConn, ifi *net.Interface, grp net.Addr) {
-	const hoplim = 255
-	if err := c.SetMulticastHopLimit(hoplim); err != nil {
-		t.Error(err)
-		return
-	}
-	if v, err := c.MulticastHopLimit(); err != nil {
-		t.Error(err)
-		return
-	} else if v != hoplim {
-		t.Errorf("got %v; want %v", v, hoplim)
-		return
-	}
-
-	for _, toggle := range []bool{true, false} {
-		if err := c.SetMulticastLoopback(toggle); err != nil {
-			t.Error(err)
-			return
-		}
-		if v, err := c.MulticastLoopback(); err != nil {
-			t.Error(err)
-			return
-		} else if v != toggle {
-			t.Errorf("got %v; want %v", v, toggle)
-			return
-		}
-	}
-
-	if err := c.JoinGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-}
-
-func testSourceSpecificMulticastSocketOptions(t *testing.T, c testIPv6MulticastConn, ifi *net.Interface, grp, src net.Addr) {
-	// MCAST_JOIN_GROUP -> MCAST_BLOCK_SOURCE -> MCAST_UNBLOCK_SOURCE -> MCAST_LEAVE_GROUP
-	if err := c.JoinGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.ExcludeSourceSpecificGroup(ifi, grp, src); err != nil {
-		switch runtime.GOOS {
-		case "freebsd", "linux":
-		default: // platforms that don't support MLDv2 fail here
-			t.Logf("not supported on %s", runtime.GOOS)
-			return
-		}
-		t.Error(err)
-		return
-	}
-	if err := c.IncludeSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-
-	// MCAST_JOIN_SOURCE_GROUP -> MCAST_LEAVE_SOURCE_GROUP
-	if err := c.JoinSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-
-	// MCAST_JOIN_SOURCE_GROUP -> MCAST_LEAVE_GROUP
-	if err := c.JoinSourceSpecificGroup(ifi, grp, src); err != nil {
-		t.Error(err)
-		return
-	}
-	if err := c.LeaveGroup(ifi, grp); err != nil {
-		t.Error(err)
-		return
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/payload.go b/vendor/golang.org/x/net/ipv6/payload.go
deleted file mode 100644
index 529b20bc..00000000
--- a/vendor/golang.org/x/net/ipv6/payload.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import "net"
-
-// A payloadHandler represents the IPv6 datagram payload handler.
-type payloadHandler struct {
-	net.PacketConn
-	rawOpt
-}
-
-func (c *payloadHandler) ok() bool { return c != nil && c.PacketConn != nil }
diff --git a/vendor/golang.org/x/net/ipv6/payload_cmsg.go b/vendor/golang.org/x/net/ipv6/payload_cmsg.go
deleted file mode 100644
index 8e90d324..00000000
--- a/vendor/golang.org/x/net/ipv6/payload_cmsg.go
+++ /dev/null
@@ -1,70 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !nacl,!plan9,!windows
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-)
-
-// ReadFrom reads a payload of the received IPv6 datagram, from the
-// endpoint c, copying the payload into b.  It returns the number of
-// bytes copied into b, the control message cm and the source address
-// src of the received datagram.
-func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
-	if !c.ok() {
-		return 0, nil, nil, syscall.EINVAL
-	}
-	oob := newControlMessage(&c.rawOpt)
-	var oobn int
-	switch c := c.PacketConn.(type) {
-	case *net.UDPConn:
-		if n, oobn, _, src, err = c.ReadMsgUDP(b, oob); err != nil {
-			return 0, nil, nil, err
-		}
-	case *net.IPConn:
-		if n, oobn, _, src, err = c.ReadMsgIP(b, oob); err != nil {
-			return 0, nil, nil, err
-		}
-	default:
-		return 0, nil, nil, errInvalidConnType
-	}
-	if cm, err = parseControlMessage(oob[:oobn]); err != nil {
-		return 0, nil, nil, err
-	}
-	if cm != nil {
-		cm.Src = netAddrToIP16(src)
-	}
-	return
-}
-
-// WriteTo writes a payload of the IPv6 datagram, to the destination
-// address dst through the endpoint c, copying the payload from b.  It
-// returns the number of bytes written.  The control message cm allows
-// the IPv6 header fields and the datagram path to be specified.  The
-// cm may be nil if control of the outgoing datagram is not required.
-func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	oob := marshalControlMessage(cm)
-	if dst == nil {
-		return 0, errMissingAddress
-	}
-	switch c := c.PacketConn.(type) {
-	case *net.UDPConn:
-		n, _, err = c.WriteMsgUDP(b, oob, dst.(*net.UDPAddr))
-	case *net.IPConn:
-		n, _, err = c.WriteMsgIP(b, oob, dst.(*net.IPAddr))
-	default:
-		return 0, errInvalidConnType
-	}
-	if err != nil {
-		return 0, err
-	}
-	return
-}
diff --git a/vendor/golang.org/x/net/ipv6/payload_nocmsg.go b/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
deleted file mode 100644
index 499204d0..00000000
--- a/vendor/golang.org/x/net/ipv6/payload_nocmsg.go
+++ /dev/null
@@ -1,41 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 windows
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-)
-
-// ReadFrom reads a payload of the received IPv6 datagram, from the
-// endpoint c, copying the payload into b.  It returns the number of
-// bytes copied into b, the control message cm and the source address
-// src of the received datagram.
-func (c *payloadHandler) ReadFrom(b []byte) (n int, cm *ControlMessage, src net.Addr, err error) {
-	if !c.ok() {
-		return 0, nil, nil, syscall.EINVAL
-	}
-	if n, src, err = c.PacketConn.ReadFrom(b); err != nil {
-		return 0, nil, nil, err
-	}
-	return
-}
-
-// WriteTo writes a payload of the IPv6 datagram, to the destination
-// address dst through the endpoint c, copying the payload from b.  It
-// returns the number of bytes written.  The control message cm allows
-// the IPv6 header fields and the datagram path to be specified.  The
-// cm may be nil if control of the outgoing datagram is not required.
-func (c *payloadHandler) WriteTo(b []byte, cm *ControlMessage, dst net.Addr) (n int, err error) {
-	if !c.ok() {
-		return 0, syscall.EINVAL
-	}
-	if dst == nil {
-		return 0, errMissingAddress
-	}
-	return c.PacketConn.WriteTo(b, dst)
-}
diff --git a/vendor/golang.org/x/net/ipv6/readwrite_test.go b/vendor/golang.org/x/net/ipv6/readwrite_test.go
deleted file mode 100644
index 8c8c6fde..00000000
--- a/vendor/golang.org/x/net/ipv6/readwrite_test.go
+++ /dev/null
@@ -1,189 +0,0 @@
-// Copyright 2013 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"bytes"
-	"net"
-	"runtime"
-	"strings"
-	"sync"
-	"testing"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-func benchmarkUDPListener() (net.PacketConn, net.Addr, error) {
-	c, err := net.ListenPacket("udp6", "[::1]:0")
-	if err != nil {
-		return nil, nil, err
-	}
-	dst, err := net.ResolveUDPAddr("udp6", c.LocalAddr().String())
-	if err != nil {
-		c.Close()
-		return nil, nil, err
-	}
-	return c, dst, nil
-}
-
-func BenchmarkReadWriteNetUDP(b *testing.B) {
-	if !supportsIPv6 {
-		b.Skip("ipv6 is not supported")
-	}
-
-	c, dst, err := benchmarkUDPListener()
-	if err != nil {
-		b.Fatal(err)
-	}
-	defer c.Close()
-
-	wb, rb := []byte("HELLO-R-U-THERE"), make([]byte, 128)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		benchmarkReadWriteNetUDP(b, c, wb, rb, dst)
-	}
-}
-
-func benchmarkReadWriteNetUDP(b *testing.B, c net.PacketConn, wb, rb []byte, dst net.Addr) {
-	if _, err := c.WriteTo(wb, dst); err != nil {
-		b.Fatal(err)
-	}
-	if _, _, err := c.ReadFrom(rb); err != nil {
-		b.Fatal(err)
-	}
-}
-
-func BenchmarkReadWriteIPv6UDP(b *testing.B) {
-	if !supportsIPv6 {
-		b.Skip("ipv6 is not supported")
-	}
-
-	c, dst, err := benchmarkUDPListener()
-	if err != nil {
-		b.Fatal(err)
-	}
-	defer c.Close()
-
-	p := ipv6.NewPacketConn(c)
-	cf := ipv6.FlagTrafficClass | ipv6.FlagHopLimit | ipv6.FlagSrc | ipv6.FlagDst | ipv6.FlagInterface | ipv6.FlagPathMTU
-	if err := p.SetControlMessage(cf, true); err != nil {
-		b.Fatal(err)
-	}
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagLoopback)
-
-	wb, rb := []byte("HELLO-R-U-THERE"), make([]byte, 128)
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		benchmarkReadWriteIPv6UDP(b, p, wb, rb, dst, ifi)
-	}
-}
-
-func benchmarkReadWriteIPv6UDP(b *testing.B, p *ipv6.PacketConn, wb, rb []byte, dst net.Addr, ifi *net.Interface) {
-	cm := ipv6.ControlMessage{
-		TrafficClass: iana.DiffServAF11 | iana.CongestionExperienced,
-		HopLimit:     1,
-	}
-	if ifi != nil {
-		cm.IfIndex = ifi.Index
-	}
-	if n, err := p.WriteTo(wb, &cm, dst); err != nil {
-		b.Fatal(err)
-	} else if n != len(wb) {
-		b.Fatalf("got %v; want %v", n, len(wb))
-	}
-	if _, _, _, err := p.ReadFrom(rb); err != nil {
-		b.Fatal(err)
-	}
-}
-
-func TestPacketConnConcurrentReadWriteUnicastUDP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	c, err := net.ListenPacket("udp6", "[::1]:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv6.NewPacketConn(c)
-	defer p.Close()
-
-	dst, err := net.ResolveUDPAddr("udp6", c.LocalAddr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagLoopback)
-	cf := ipv6.FlagTrafficClass | ipv6.FlagHopLimit | ipv6.FlagSrc | ipv6.FlagDst | ipv6.FlagInterface | ipv6.FlagPathMTU
-	wb := []byte("HELLO-R-U-THERE")
-
-	if err := p.SetControlMessage(cf, true); err != nil { // probe before test
-		if nettest.ProtocolNotSupported(err) {
-			t.Skipf("not supported on %s", runtime.GOOS)
-		}
-		t.Fatal(err)
-	}
-
-	var wg sync.WaitGroup
-	reader := func() {
-		defer wg.Done()
-		rb := make([]byte, 128)
-		if n, cm, _, err := p.ReadFrom(rb); err != nil {
-			t.Error(err)
-			return
-		} else if !bytes.Equal(rb[:n], wb) {
-			t.Errorf("got %v; want %v", rb[:n], wb)
-			return
-		} else {
-			s := cm.String()
-			if strings.Contains(s, ",") {
-				t.Errorf("should be space-separated values: %s", s)
-			}
-		}
-	}
-	writer := func(toggle bool) {
-		defer wg.Done()
-		cm := ipv6.ControlMessage{
-			TrafficClass: iana.DiffServAF11 | iana.CongestionExperienced,
-			Src:          net.IPv6loopback,
-		}
-		if ifi != nil {
-			cm.IfIndex = ifi.Index
-		}
-		if err := p.SetControlMessage(cf, toggle); err != nil {
-			t.Error(err)
-			return
-		}
-		if n, err := p.WriteTo(wb, &cm, dst); err != nil {
-			t.Error(err)
-			return
-		} else if n != len(wb) {
-			t.Errorf("got %v; want %v", n, len(wb))
-			return
-		}
-	}
-
-	const N = 10
-	wg.Add(N)
-	for i := 0; i < N; i++ {
-		go reader()
-	}
-	wg.Add(2 * N)
-	for i := 0; i < 2*N; i++ {
-		go writer(i%2 != 0)
-	}
-	wg.Add(N)
-	for i := 0; i < N; i++ {
-		go reader()
-	}
-	wg.Wait()
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt.go b/vendor/golang.org/x/net/ipv6/sockopt.go
deleted file mode 100644
index f0cfc2f9..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt.go
+++ /dev/null
@@ -1,46 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-// Sticky socket options
-const (
-	ssoTrafficClass        = iota // header field for unicast packet, RFC 3542
-	ssoHopLimit                   // header field for unicast packet, RFC 3493
-	ssoMulticastInterface         // outbound interface for multicast packet, RFC 3493
-	ssoMulticastHopLimit          // header field for multicast packet, RFC 3493
-	ssoMulticastLoopback          // loopback for multicast packet, RFC 3493
-	ssoReceiveTrafficClass        // header field on received packet, RFC 3542
-	ssoReceiveHopLimit            // header field on received packet, RFC 2292 or 3542
-	ssoReceivePacketInfo          // incbound or outbound packet path, RFC 2292 or 3542
-	ssoReceivePathMTU             // path mtu, RFC 3542
-	ssoPathMTU                    // path mtu, RFC 3542
-	ssoChecksum                   // packet checksum, RFC 2292 or 3542
-	ssoICMPFilter                 // icmp filter, RFC 2292 or 3542
-	ssoJoinGroup                  // any-source multicast, RFC 3493
-	ssoLeaveGroup                 // any-source multicast, RFC 3493
-	ssoJoinSourceGroup            // source-specific multicast
-	ssoLeaveSourceGroup           // source-specific multicast
-	ssoBlockSourceGroup           // any-source or source-specific multicast
-	ssoUnblockSourceGroup         // any-source or source-specific multicast
-	ssoMax
-)
-
-// Sticky socket option value types
-const (
-	ssoTypeInt = iota + 1
-	ssoTypeInterface
-	ssoTypeICMPFilter
-	ssoTypeMTUInfo
-	ssoTypeIPMreq
-	ssoTypeGroupReq
-	ssoTypeGroupSourceReq
-)
-
-// A sockOpt represents a binding for sticky socket option.
-type sockOpt struct {
-	level int // option level
-	name  int // option name, must be equal or greater than 1
-	typ   int // option value type, must be equal or greater than 1
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_asmreq_unix.go b/vendor/golang.org/x/net/ipv6/sockopt_asmreq_unix.go
deleted file mode 100644
index b7fd4fe6..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_asmreq_unix.go
+++ /dev/null
@@ -1,22 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv6
-
-import (
-	"net"
-	"os"
-	"unsafe"
-)
-
-func setsockoptIPMreq(fd int, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	var mreq sysIPv6Mreq
-	copy(mreq.Multiaddr[:], grp)
-	if ifi != nil {
-		mreq.setIfindex(ifi.Index)
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, opt.level, opt.name, unsafe.Pointer(&mreq), sysSizeofIPv6Mreq))
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_asmreq_windows.go b/vendor/golang.org/x/net/ipv6/sockopt_asmreq_windows.go
deleted file mode 100644
index c03c7313..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_asmreq_windows.go
+++ /dev/null
@@ -1,21 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"os"
-	"syscall"
-	"unsafe"
-)
-
-func setsockoptIPMreq(fd syscall.Handle, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	var mreq sysIPv6Mreq
-	copy(mreq.Multiaddr[:], grp)
-	if ifi != nil {
-		mreq.setIfindex(ifi.Index)
-	}
-	return os.NewSyscallError("setsockopt", syscall.Setsockopt(fd, int32(opt.level), int32(opt.name), (*byte)(unsafe.Pointer(&mreq)), sysSizeofIPv6Mreq))
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_ssmreq_stub.go b/vendor/golang.org/x/net/ipv6/sockopt_ssmreq_stub.go
deleted file mode 100644
index 7732e49f..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_ssmreq_stub.go
+++ /dev/null
@@ -1,17 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build !darwin,!freebsd,!linux
-
-package ipv6
-
-import "net"
-
-func setsockoptGroupReq(fd int, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	return errOpNoSupport
-}
-
-func setsockoptGroupSourceReq(fd int, opt *sockOpt, ifi *net.Interface, grp, src net.IP) error {
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_ssmreq_unix.go b/vendor/golang.org/x/net/ipv6/sockopt_ssmreq_unix.go
deleted file mode 100644
index c64d6d58..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_ssmreq_unix.go
+++ /dev/null
@@ -1,59 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin freebsd linux
-
-package ipv6
-
-import (
-	"net"
-	"os"
-	"unsafe"
-)
-
-var freebsd32o64 bool
-
-func setsockoptGroupReq(fd int, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	var gr sysGroupReq
-	if ifi != nil {
-		gr.Interface = uint32(ifi.Index)
-	}
-	gr.setGroup(grp)
-	var p unsafe.Pointer
-	var l sysSockoptLen
-	if freebsd32o64 {
-		var d [sysSizeofGroupReq + 4]byte
-		s := (*[sysSizeofGroupReq]byte)(unsafe.Pointer(&gr))
-		copy(d[:4], s[:4])
-		copy(d[8:], s[4:])
-		p = unsafe.Pointer(&d[0])
-		l = sysSizeofGroupReq + 4
-	} else {
-		p = unsafe.Pointer(&gr)
-		l = sysSizeofGroupReq
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, opt.level, opt.name, p, l))
-}
-
-func setsockoptGroupSourceReq(fd int, opt *sockOpt, ifi *net.Interface, grp, src net.IP) error {
-	var gsr sysGroupSourceReq
-	if ifi != nil {
-		gsr.Interface = uint32(ifi.Index)
-	}
-	gsr.setSourceGroup(grp, src)
-	var p unsafe.Pointer
-	var l sysSockoptLen
-	if freebsd32o64 {
-		var d [sysSizeofGroupSourceReq + 4]byte
-		s := (*[sysSizeofGroupSourceReq]byte)(unsafe.Pointer(&gsr))
-		copy(d[:4], s[:4])
-		copy(d[8:], s[4:])
-		p = unsafe.Pointer(&d[0])
-		l = sysSizeofGroupSourceReq + 4
-	} else {
-		p = unsafe.Pointer(&gsr)
-		l = sysSizeofGroupSourceReq
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, opt.level, opt.name, p, l))
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_stub.go b/vendor/golang.org/x/net/ipv6/sockopt_stub.go
deleted file mode 100644
index b8dacfde..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_stub.go
+++ /dev/null
@@ -1,13 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv6
-
-import "net"
-
-func getMTUInfo(fd int, opt *sockOpt) (*net.Interface, int, error) {
-	return nil, 0, errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_test.go b/vendor/golang.org/x/net/ipv6/sockopt_test.go
deleted file mode 100644
index 9c219031..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_test.go
+++ /dev/null
@@ -1,133 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"fmt"
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-var supportsIPv6 bool = nettest.SupportsIPv6()
-
-func TestConnInitiatorPathMTU(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	ln, err := net.Listen("tcp6", "[::1]:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer ln.Close()
-
-	done := make(chan bool)
-	go acceptor(t, ln, done)
-
-	c, err := net.Dial("tcp6", ln.Addr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	if pmtu, err := ipv6.NewConn(c).PathMTU(); err != nil {
-		switch runtime.GOOS {
-		case "darwin": // older darwin kernels don't support IPV6_PATHMTU option
-			t.Logf("not supported on %s", runtime.GOOS)
-		default:
-			t.Fatal(err)
-		}
-	} else {
-		t.Logf("path mtu for %v: %v", c.RemoteAddr(), pmtu)
-	}
-
-	<-done
-}
-
-func TestConnResponderPathMTU(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	ln, err := net.Listen("tcp6", "[::1]:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer ln.Close()
-
-	done := make(chan bool)
-	go connector(t, "tcp6", ln.Addr().String(), done)
-
-	c, err := ln.Accept()
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	if pmtu, err := ipv6.NewConn(c).PathMTU(); err != nil {
-		switch runtime.GOOS {
-		case "darwin": // older darwin kernels don't support IPV6_PATHMTU option
-			t.Logf("not supported on %s", runtime.GOOS)
-		default:
-			t.Fatal(err)
-		}
-	} else {
-		t.Logf("path mtu for %v: %v", c.RemoteAddr(), pmtu)
-	}
-
-	<-done
-}
-
-func TestPacketConnChecksum(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	c, err := net.ListenPacket(fmt.Sprintf("ip6:%d", iana.ProtocolOSPFIGP), "::") // OSPF for IPv6
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	p := ipv6.NewPacketConn(c)
-	offset := 12 // see RFC 5340
-
-	for _, toggle := range []bool{false, true} {
-		if err := p.SetChecksum(toggle, offset); err != nil {
-			if toggle {
-				t.Fatalf("ipv6.PacketConn.SetChecksum(%v, %v) failed: %v", toggle, offset, err)
-			} else {
-				// Some platforms never allow to disable the kernel
-				// checksum processing.
-				t.Logf("ipv6.PacketConn.SetChecksum(%v, %v) failed: %v", toggle, offset, err)
-			}
-		}
-		if on, offset, err := p.Checksum(); err != nil {
-			t.Fatal(err)
-		} else {
-			t.Logf("kernel checksum processing enabled=%v, offset=%v", on, offset)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_unix.go b/vendor/golang.org/x/net/ipv6/sockopt_unix.go
deleted file mode 100644
index 25ea545f..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_unix.go
+++ /dev/null
@@ -1,122 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux netbsd openbsd
-
-package ipv6
-
-import (
-	"net"
-	"os"
-	"unsafe"
-)
-
-func getInt(fd int, opt *sockOpt) (int, error) {
-	if opt.name < 1 || opt.typ != ssoTypeInt {
-		return 0, errOpNoSupport
-	}
-	var i int32
-	l := sysSockoptLen(4)
-	if err := getsockopt(fd, opt.level, opt.name, unsafe.Pointer(&i), &l); err != nil {
-		return 0, os.NewSyscallError("getsockopt", err)
-	}
-	return int(i), nil
-}
-
-func setInt(fd int, opt *sockOpt, v int) error {
-	if opt.name < 1 || opt.typ != ssoTypeInt {
-		return errOpNoSupport
-	}
-	i := int32(v)
-	return os.NewSyscallError("setsockopt", setsockopt(fd, opt.level, opt.name, unsafe.Pointer(&i), sysSockoptLen(4)))
-}
-
-func getInterface(fd int, opt *sockOpt) (*net.Interface, error) {
-	if opt.name < 1 || opt.typ != ssoTypeInterface {
-		return nil, errOpNoSupport
-	}
-	var i int32
-	l := sysSockoptLen(4)
-	if err := getsockopt(fd, opt.level, opt.name, unsafe.Pointer(&i), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	if i == 0 {
-		return nil, nil
-	}
-	ifi, err := net.InterfaceByIndex(int(i))
-	if err != nil {
-		return nil, err
-	}
-	return ifi, nil
-}
-
-func setInterface(fd int, opt *sockOpt, ifi *net.Interface) error {
-	if opt.name < 1 || opt.typ != ssoTypeInterface {
-		return errOpNoSupport
-	}
-	var i int32
-	if ifi != nil {
-		i = int32(ifi.Index)
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, opt.level, opt.name, unsafe.Pointer(&i), sysSockoptLen(4)))
-}
-
-func getICMPFilter(fd int, opt *sockOpt) (*ICMPFilter, error) {
-	if opt.name < 1 || opt.typ != ssoTypeICMPFilter {
-		return nil, errOpNoSupport
-	}
-	var f ICMPFilter
-	l := sysSockoptLen(sysSizeofICMPv6Filter)
-	if err := getsockopt(fd, opt.level, opt.name, unsafe.Pointer(&f.sysICMPv6Filter), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	return &f, nil
-}
-
-func setICMPFilter(fd int, opt *sockOpt, f *ICMPFilter) error {
-	if opt.name < 1 || opt.typ != ssoTypeICMPFilter {
-		return errOpNoSupport
-	}
-	return os.NewSyscallError("setsockopt", setsockopt(fd, opt.level, opt.name, unsafe.Pointer(&f.sysICMPv6Filter), sysSizeofICMPv6Filter))
-}
-
-func getMTUInfo(fd int, opt *sockOpt) (*net.Interface, int, error) {
-	if opt.name < 1 || opt.typ != ssoTypeMTUInfo {
-		return nil, 0, errOpNoSupport
-	}
-	var mi sysIPv6Mtuinfo
-	l := sysSockoptLen(sysSizeofIPv6Mtuinfo)
-	if err := getsockopt(fd, opt.level, opt.name, unsafe.Pointer(&mi), &l); err != nil {
-		return nil, 0, os.NewSyscallError("getsockopt", err)
-	}
-	if mi.Addr.Scope_id == 0 {
-		return nil, int(mi.Mtu), nil
-	}
-	ifi, err := net.InterfaceByIndex(int(mi.Addr.Scope_id))
-	if err != nil {
-		return nil, 0, err
-	}
-	return ifi, int(mi.Mtu), nil
-}
-
-func setGroup(fd int, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	if opt.name < 1 {
-		return errOpNoSupport
-	}
-	switch opt.typ {
-	case ssoTypeIPMreq:
-		return setsockoptIPMreq(fd, opt, ifi, grp)
-	case ssoTypeGroupReq:
-		return setsockoptGroupReq(fd, opt, ifi, grp)
-	default:
-		return errOpNoSupport
-	}
-}
-
-func setSourceGroup(fd int, opt *sockOpt, ifi *net.Interface, grp, src net.IP) error {
-	if opt.name < 1 || opt.typ != ssoTypeGroupSourceReq {
-		return errOpNoSupport
-	}
-	return setsockoptGroupSourceReq(fd, opt, ifi, grp, src)
-}
diff --git a/vendor/golang.org/x/net/ipv6/sockopt_windows.go b/vendor/golang.org/x/net/ipv6/sockopt_windows.go
deleted file mode 100644
index 32c73b72..00000000
--- a/vendor/golang.org/x/net/ipv6/sockopt_windows.go
+++ /dev/null
@@ -1,86 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"os"
-	"syscall"
-	"unsafe"
-)
-
-func getInt(fd syscall.Handle, opt *sockOpt) (int, error) {
-	if opt.name < 1 || opt.typ != ssoTypeInt {
-		return 0, errOpNoSupport
-	}
-	var i int32
-	l := int32(4)
-	if err := syscall.Getsockopt(fd, int32(opt.level), int32(opt.name), (*byte)(unsafe.Pointer(&i)), &l); err != nil {
-		return 0, os.NewSyscallError("getsockopt", err)
-	}
-	return int(i), nil
-}
-
-func setInt(fd syscall.Handle, opt *sockOpt, v int) error {
-	if opt.name < 1 || opt.typ != ssoTypeInt {
-		return errOpNoSupport
-	}
-	i := int32(v)
-	return os.NewSyscallError("setsockopt", syscall.Setsockopt(fd, int32(opt.level), int32(opt.name), (*byte)(unsafe.Pointer(&i)), 4))
-}
-
-func getInterface(fd syscall.Handle, opt *sockOpt) (*net.Interface, error) {
-	if opt.name < 1 || opt.typ != ssoTypeInterface {
-		return nil, errOpNoSupport
-	}
-	var i int32
-	l := int32(4)
-	if err := syscall.Getsockopt(fd, int32(opt.level), int32(opt.name), (*byte)(unsafe.Pointer(&i)), &l); err != nil {
-		return nil, os.NewSyscallError("getsockopt", err)
-	}
-	if i == 0 {
-		return nil, nil
-	}
-	ifi, err := net.InterfaceByIndex(int(i))
-	if err != nil {
-		return nil, err
-	}
-	return ifi, nil
-}
-
-func setInterface(fd syscall.Handle, opt *sockOpt, ifi *net.Interface) error {
-	if opt.name < 1 || opt.typ != ssoTypeInterface {
-		return errOpNoSupport
-	}
-	var i int32
-	if ifi != nil {
-		i = int32(ifi.Index)
-	}
-	return os.NewSyscallError("setsockopt", syscall.Setsockopt(fd, int32(opt.level), int32(opt.name), (*byte)(unsafe.Pointer(&i)), 4))
-}
-
-func getICMPFilter(fd syscall.Handle, opt *sockOpt) (*ICMPFilter, error) {
-	return nil, errOpNoSupport
-}
-
-func setICMPFilter(fd syscall.Handle, opt *sockOpt, f *ICMPFilter) error {
-	return errOpNoSupport
-}
-
-func getMTUInfo(fd syscall.Handle, opt *sockOpt) (*net.Interface, int, error) {
-	return nil, 0, errOpNoSupport
-}
-
-func setGroup(fd syscall.Handle, opt *sockOpt, ifi *net.Interface, grp net.IP) error {
-	if opt.name < 1 || opt.typ != ssoTypeIPMreq {
-		return errOpNoSupport
-	}
-	return setsockoptIPMreq(fd, opt, ifi, grp)
-}
-
-func setSourceGroup(fd syscall.Handle, opt *sockOpt, ifi *net.Interface, grp, src net.IP) error {
-	// TODO(mikio): implement this
-	return errOpNoSupport
-}
diff --git a/vendor/golang.org/x/net/ipv6/sys_bsd.go b/vendor/golang.org/x/net/ipv6/sys_bsd.go
deleted file mode 100644
index 75a8863b..00000000
--- a/vendor/golang.org/x/net/ipv6/sys_bsd.go
+++ /dev/null
@@ -1,58 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build dragonfly netbsd openbsd
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-
-	"golang.org/x/net/internal/iana"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
-		ctlHopLimit:     {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
-		ctlPacketInfo:   {sysIPV6_PKTINFO, sysSizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
-		ctlNextHop:      {sysIPV6_NEXTHOP, sysSizeofSockaddrInet6, marshalNextHop, parseNextHop},
-		ctlPathMTU:      {sysIPV6_PATHMTU, sysSizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTrafficClass:        {iana.ProtocolIPv6, sysIPV6_TCLASS, ssoTypeInt},
-		ssoHopLimit:            {iana.ProtocolIPv6, sysIPV6_UNICAST_HOPS, ssoTypeInt},
-		ssoMulticastInterface:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastHopLimit:   {iana.ProtocolIPv6, sysIPV6_MULTICAST_HOPS, ssoTypeInt},
-		ssoMulticastLoopback:   {iana.ProtocolIPv6, sysIPV6_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTrafficClass: {iana.ProtocolIPv6, sysIPV6_RECVTCLASS, ssoTypeInt},
-		ssoReceiveHopLimit:     {iana.ProtocolIPv6, sysIPV6_RECVHOPLIMIT, ssoTypeInt},
-		ssoReceivePacketInfo:   {iana.ProtocolIPv6, sysIPV6_RECVPKTINFO, ssoTypeInt},
-		ssoReceivePathMTU:      {iana.ProtocolIPv6, sysIPV6_RECVPATHMTU, ssoTypeInt},
-		ssoPathMTU:             {iana.ProtocolIPv6, sysIPV6_PATHMTU, ssoTypeMTUInfo},
-		ssoChecksum:            {iana.ProtocolIPv6, sysIPV6_CHECKSUM, ssoTypeInt},
-		ssoICMPFilter:          {iana.ProtocolIPv6ICMP, sysICMP6_FILTER, ssoTypeICMPFilter},
-		ssoJoinGroup:           {iana.ProtocolIPv6, sysIPV6_JOIN_GROUP, ssoTypeIPMreq},
-		ssoLeaveGroup:          {iana.ProtocolIPv6, sysIPV6_LEAVE_GROUP, ssoTypeIPMreq},
-	}
-)
-
-func (sa *sysSockaddrInet6) setSockaddr(ip net.IP, i int) {
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], ip)
-	sa.Scope_id = uint32(i)
-}
-
-func (pi *sysInet6Pktinfo) setIfindex(i int) {
-	pi.Ifindex = uint32(i)
-}
-
-func (mreq *sysIPv6Mreq) setIfindex(i int) {
-	mreq.Interface = uint32(i)
-}
diff --git a/vendor/golang.org/x/net/ipv6/sys_darwin.go b/vendor/golang.org/x/net/ipv6/sys_darwin.go
deleted file mode 100644
index 411fb498..00000000
--- a/vendor/golang.org/x/net/ipv6/sys_darwin.go
+++ /dev/null
@@ -1,135 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlHopLimit:   {sysIPV6_2292HOPLIMIT, 4, marshal2292HopLimit, parseHopLimit},
-		ctlPacketInfo: {sysIPV6_2292PKTINFO, sysSizeofInet6Pktinfo, marshal2292PacketInfo, parsePacketInfo},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoHopLimit:           {iana.ProtocolIPv6, sysIPV6_UNICAST_HOPS, ssoTypeInt},
-		ssoMulticastInterface: {iana.ProtocolIPv6, sysIPV6_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastHopLimit:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_HOPS, ssoTypeInt},
-		ssoMulticastLoopback:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveHopLimit:    {iana.ProtocolIPv6, sysIPV6_2292HOPLIMIT, ssoTypeInt},
-		ssoReceivePacketInfo:  {iana.ProtocolIPv6, sysIPV6_2292PKTINFO, ssoTypeInt},
-		ssoChecksum:           {iana.ProtocolIPv6, sysIPV6_CHECKSUM, ssoTypeInt},
-		ssoICMPFilter:         {iana.ProtocolIPv6ICMP, sysICMP6_FILTER, ssoTypeICMPFilter},
-		ssoJoinGroup:          {iana.ProtocolIPv6, sysIPV6_JOIN_GROUP, ssoTypeIPMreq},
-		ssoLeaveGroup:         {iana.ProtocolIPv6, sysIPV6_LEAVE_GROUP, ssoTypeIPMreq},
-	}
-)
-
-func init() {
-	// Seems like kern.osreldate is veiled on latest OS X. We use
-	// kern.osrelease instead.
-	osver, err := syscall.Sysctl("kern.osrelease")
-	if err != nil {
-		return
-	}
-	var i int
-	for i = range osver {
-		if osver[i] == '.' {
-			break
-		}
-	}
-	// The IP_PKTINFO and protocol-independent multicast API were
-	// introduced in OS X 10.7 (Darwin 11.0.0). But it looks like
-	// those features require OS X 10.8 (Darwin 12.0.0) and above.
-	// See http://support.apple.com/kb/HT1633.
-	if i > 2 || i == 2 && osver[0] >= '1' && osver[1] >= '2' {
-		ctlOpts[ctlTrafficClass].name = sysIPV6_TCLASS
-		ctlOpts[ctlTrafficClass].length = 4
-		ctlOpts[ctlTrafficClass].marshal = marshalTrafficClass
-		ctlOpts[ctlTrafficClass].parse = parseTrafficClass
-		ctlOpts[ctlHopLimit].name = sysIPV6_HOPLIMIT
-		ctlOpts[ctlHopLimit].marshal = marshalHopLimit
-		ctlOpts[ctlPacketInfo].name = sysIPV6_PKTINFO
-		ctlOpts[ctlPacketInfo].marshal = marshalPacketInfo
-		ctlOpts[ctlNextHop].name = sysIPV6_NEXTHOP
-		ctlOpts[ctlNextHop].length = sysSizeofSockaddrInet6
-		ctlOpts[ctlNextHop].marshal = marshalNextHop
-		ctlOpts[ctlNextHop].parse = parseNextHop
-		ctlOpts[ctlPathMTU].name = sysIPV6_PATHMTU
-		ctlOpts[ctlPathMTU].length = sysSizeofIPv6Mtuinfo
-		ctlOpts[ctlPathMTU].marshal = marshalPathMTU
-		ctlOpts[ctlPathMTU].parse = parsePathMTU
-		sockOpts[ssoTrafficClass].level = iana.ProtocolIPv6
-		sockOpts[ssoTrafficClass].name = sysIPV6_TCLASS
-		sockOpts[ssoTrafficClass].typ = ssoTypeInt
-		sockOpts[ssoReceiveTrafficClass].level = iana.ProtocolIPv6
-		sockOpts[ssoReceiveTrafficClass].name = sysIPV6_RECVTCLASS
-		sockOpts[ssoReceiveTrafficClass].typ = ssoTypeInt
-		sockOpts[ssoReceiveHopLimit].name = sysIPV6_RECVHOPLIMIT
-		sockOpts[ssoReceivePacketInfo].name = sysIPV6_RECVPKTINFO
-		sockOpts[ssoReceivePathMTU].level = iana.ProtocolIPv6
-		sockOpts[ssoReceivePathMTU].name = sysIPV6_RECVPATHMTU
-		sockOpts[ssoReceivePathMTU].typ = ssoTypeInt
-		sockOpts[ssoPathMTU].level = iana.ProtocolIPv6
-		sockOpts[ssoPathMTU].name = sysIPV6_PATHMTU
-		sockOpts[ssoPathMTU].typ = ssoTypeMTUInfo
-		sockOpts[ssoJoinGroup].name = sysMCAST_JOIN_GROUP
-		sockOpts[ssoJoinGroup].typ = ssoTypeGroupReq
-		sockOpts[ssoLeaveGroup].name = sysMCAST_LEAVE_GROUP
-		sockOpts[ssoLeaveGroup].typ = ssoTypeGroupReq
-		sockOpts[ssoJoinSourceGroup].level = iana.ProtocolIPv6
-		sockOpts[ssoJoinSourceGroup].name = sysMCAST_JOIN_SOURCE_GROUP
-		sockOpts[ssoJoinSourceGroup].typ = ssoTypeGroupSourceReq
-		sockOpts[ssoLeaveSourceGroup].level = iana.ProtocolIPv6
-		sockOpts[ssoLeaveSourceGroup].name = sysMCAST_LEAVE_SOURCE_GROUP
-		sockOpts[ssoLeaveSourceGroup].typ = ssoTypeGroupSourceReq
-		sockOpts[ssoBlockSourceGroup].level = iana.ProtocolIPv6
-		sockOpts[ssoBlockSourceGroup].name = sysMCAST_BLOCK_SOURCE
-		sockOpts[ssoBlockSourceGroup].typ = ssoTypeGroupSourceReq
-		sockOpts[ssoUnblockSourceGroup].level = iana.ProtocolIPv6
-		sockOpts[ssoUnblockSourceGroup].name = sysMCAST_UNBLOCK_SOURCE
-		sockOpts[ssoUnblockSourceGroup].typ = ssoTypeGroupSourceReq
-	}
-}
-
-func (sa *sysSockaddrInet6) setSockaddr(ip net.IP, i int) {
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], ip)
-	sa.Scope_id = uint32(i)
-}
-
-func (pi *sysInet6Pktinfo) setIfindex(i int) {
-	pi.Ifindex = uint32(i)
-}
-
-func (mreq *sysIPv6Mreq) setIfindex(i int) {
-	mreq.Interface = uint32(i)
-}
-
-func (gr *sysGroupReq) setGroup(grp net.IP) {
-	sa := (*sysSockaddrInet6)(unsafe.Pointer(&gr.Pad_cgo_0[0]))
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], grp)
-}
-
-func (gsr *sysGroupSourceReq) setSourceGroup(grp, src net.IP) {
-	sa := (*sysSockaddrInet6)(unsafe.Pointer(&gsr.Pad_cgo_0[0]))
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], grp)
-	sa = (*sysSockaddrInet6)(unsafe.Pointer(&gsr.Pad_cgo_1[0]))
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], src)
-}
diff --git a/vendor/golang.org/x/net/ipv6/sys_freebsd.go b/vendor/golang.org/x/net/ipv6/sys_freebsd.go
deleted file mode 100644
index b68725cb..00000000
--- a/vendor/golang.org/x/net/ipv6/sys_freebsd.go
+++ /dev/null
@@ -1,93 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"runtime"
-	"strings"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
-		ctlHopLimit:     {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
-		ctlPacketInfo:   {sysIPV6_PKTINFO, sysSizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
-		ctlNextHop:      {sysIPV6_NEXTHOP, sysSizeofSockaddrInet6, marshalNextHop, parseNextHop},
-		ctlPathMTU:      {sysIPV6_PATHMTU, sysSizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTrafficClass:        {iana.ProtocolIPv6, sysIPV6_TCLASS, ssoTypeInt},
-		ssoHopLimit:            {iana.ProtocolIPv6, sysIPV6_UNICAST_HOPS, ssoTypeInt},
-		ssoMulticastInterface:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastHopLimit:   {iana.ProtocolIPv6, sysIPV6_MULTICAST_HOPS, ssoTypeInt},
-		ssoMulticastLoopback:   {iana.ProtocolIPv6, sysIPV6_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTrafficClass: {iana.ProtocolIPv6, sysIPV6_RECVTCLASS, ssoTypeInt},
-		ssoReceiveHopLimit:     {iana.ProtocolIPv6, sysIPV6_RECVHOPLIMIT, ssoTypeInt},
-		ssoReceivePacketInfo:   {iana.ProtocolIPv6, sysIPV6_RECVPKTINFO, ssoTypeInt},
-		ssoReceivePathMTU:      {iana.ProtocolIPv6, sysIPV6_RECVPATHMTU, ssoTypeInt},
-		ssoPathMTU:             {iana.ProtocolIPv6, sysIPV6_PATHMTU, ssoTypeMTUInfo},
-		ssoChecksum:            {iana.ProtocolIPv6, sysIPV6_CHECKSUM, ssoTypeInt},
-		ssoICMPFilter:          {iana.ProtocolIPv6ICMP, sysICMP6_FILTER, ssoTypeICMPFilter},
-		ssoJoinGroup:           {iana.ProtocolIPv6, sysMCAST_JOIN_GROUP, ssoTypeGroupReq},
-		ssoLeaveGroup:          {iana.ProtocolIPv6, sysMCAST_LEAVE_GROUP, ssoTypeGroupReq},
-		ssoJoinSourceGroup:     {iana.ProtocolIPv6, sysMCAST_JOIN_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoLeaveSourceGroup:    {iana.ProtocolIPv6, sysMCAST_LEAVE_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoBlockSourceGroup:    {iana.ProtocolIPv6, sysMCAST_BLOCK_SOURCE, ssoTypeGroupSourceReq},
-		ssoUnblockSourceGroup:  {iana.ProtocolIPv6, sysMCAST_UNBLOCK_SOURCE, ssoTypeGroupSourceReq},
-	}
-)
-
-func init() {
-	if runtime.GOOS == "freebsd" && runtime.GOARCH == "386" {
-		archs, _ := syscall.Sysctl("kern.supported_archs")
-		for _, s := range strings.Fields(archs) {
-			if s == "amd64" {
-				freebsd32o64 = true
-				break
-			}
-		}
-	}
-}
-
-func (sa *sysSockaddrInet6) setSockaddr(ip net.IP, i int) {
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], ip)
-	sa.Scope_id = uint32(i)
-}
-
-func (pi *sysInet6Pktinfo) setIfindex(i int) {
-	pi.Ifindex = uint32(i)
-}
-
-func (mreq *sysIPv6Mreq) setIfindex(i int) {
-	mreq.Interface = uint32(i)
-}
-
-func (gr *sysGroupReq) setGroup(grp net.IP) {
-	sa := (*sysSockaddrInet6)(unsafe.Pointer(&gr.Group))
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], grp)
-}
-
-func (gsr *sysGroupSourceReq) setSourceGroup(grp, src net.IP) {
-	sa := (*sysSockaddrInet6)(unsafe.Pointer(&gsr.Group))
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], grp)
-	sa = (*sysSockaddrInet6)(unsafe.Pointer(&gsr.Source))
-	sa.Len = sysSizeofSockaddrInet6
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], src)
-}
diff --git a/vendor/golang.org/x/net/ipv6/sys_linux.go b/vendor/golang.org/x/net/ipv6/sys_linux.go
deleted file mode 100644
index 2fa6088d..00000000
--- a/vendor/golang.org/x/net/ipv6/sys_linux.go
+++ /dev/null
@@ -1,74 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-	"unsafe"
-
-	"golang.org/x/net/internal/iana"
-)
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{
-		ctlTrafficClass: {sysIPV6_TCLASS, 4, marshalTrafficClass, parseTrafficClass},
-		ctlHopLimit:     {sysIPV6_HOPLIMIT, 4, marshalHopLimit, parseHopLimit},
-		ctlPacketInfo:   {sysIPV6_PKTINFO, sysSizeofInet6Pktinfo, marshalPacketInfo, parsePacketInfo},
-		ctlPathMTU:      {sysIPV6_PATHMTU, sysSizeofIPv6Mtuinfo, marshalPathMTU, parsePathMTU},
-	}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoTrafficClass:        {iana.ProtocolIPv6, sysIPV6_TCLASS, ssoTypeInt},
-		ssoHopLimit:            {iana.ProtocolIPv6, sysIPV6_UNICAST_HOPS, ssoTypeInt},
-		ssoMulticastInterface:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastHopLimit:   {iana.ProtocolIPv6, sysIPV6_MULTICAST_HOPS, ssoTypeInt},
-		ssoMulticastLoopback:   {iana.ProtocolIPv6, sysIPV6_MULTICAST_LOOP, ssoTypeInt},
-		ssoReceiveTrafficClass: {iana.ProtocolIPv6, sysIPV6_RECVTCLASS, ssoTypeInt},
-		ssoReceiveHopLimit:     {iana.ProtocolIPv6, sysIPV6_RECVHOPLIMIT, ssoTypeInt},
-		ssoReceivePacketInfo:   {iana.ProtocolIPv6, sysIPV6_RECVPKTINFO, ssoTypeInt},
-		ssoReceivePathMTU:      {iana.ProtocolIPv6, sysIPV6_RECVPATHMTU, ssoTypeInt},
-		ssoPathMTU:             {iana.ProtocolIPv6, sysIPV6_PATHMTU, ssoTypeMTUInfo},
-		ssoChecksum:            {iana.ProtocolReserved, sysIPV6_CHECKSUM, ssoTypeInt},
-		ssoICMPFilter:          {iana.ProtocolIPv6ICMP, sysICMPV6_FILTER, ssoTypeICMPFilter},
-		ssoJoinGroup:           {iana.ProtocolIPv6, sysMCAST_JOIN_GROUP, ssoTypeGroupReq},
-		ssoLeaveGroup:          {iana.ProtocolIPv6, sysMCAST_LEAVE_GROUP, ssoTypeGroupReq},
-		ssoJoinSourceGroup:     {iana.ProtocolIPv6, sysMCAST_JOIN_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoLeaveSourceGroup:    {iana.ProtocolIPv6, sysMCAST_LEAVE_SOURCE_GROUP, ssoTypeGroupSourceReq},
-		ssoBlockSourceGroup:    {iana.ProtocolIPv6, sysMCAST_BLOCK_SOURCE, ssoTypeGroupSourceReq},
-		ssoUnblockSourceGroup:  {iana.ProtocolIPv6, sysMCAST_UNBLOCK_SOURCE, ssoTypeGroupSourceReq},
-	}
-)
-
-func (sa *sysSockaddrInet6) setSockaddr(ip net.IP, i int) {
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], ip)
-	sa.Scope_id = uint32(i)
-}
-
-func (pi *sysInet6Pktinfo) setIfindex(i int) {
-	pi.Ifindex = int32(i)
-}
-
-func (mreq *sysIPv6Mreq) setIfindex(i int) {
-	mreq.Ifindex = int32(i)
-}
-
-func (gr *sysGroupReq) setGroup(grp net.IP) {
-	sa := (*sysSockaddrInet6)(unsafe.Pointer(&gr.Group))
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], grp)
-}
-
-func (gsr *sysGroupSourceReq) setSourceGroup(grp, src net.IP) {
-	sa := (*sysSockaddrInet6)(unsafe.Pointer(&gsr.Group))
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], grp)
-	sa = (*sysSockaddrInet6)(unsafe.Pointer(&gsr.Source))
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], src)
-}
diff --git a/vendor/golang.org/x/net/ipv6/sys_stub.go b/vendor/golang.org/x/net/ipv6/sys_stub.go
deleted file mode 100644
index 6c9a1430..00000000
--- a/vendor/golang.org/x/net/ipv6/sys_stub.go
+++ /dev/null
@@ -1,15 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build nacl plan9 solaris
-
-package ipv6
-
-type sysSockoptLen int32
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{}
-
-	sockOpts = [ssoMax]sockOpt{}
-)
diff --git a/vendor/golang.org/x/net/ipv6/sys_windows.go b/vendor/golang.org/x/net/ipv6/sys_windows.go
deleted file mode 100644
index fda87573..00000000
--- a/vendor/golang.org/x/net/ipv6/sys_windows.go
+++ /dev/null
@@ -1,63 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"net"
-	"syscall"
-
-	"golang.org/x/net/internal/iana"
-)
-
-const (
-	// See ws2tcpip.h.
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PKTINFO        = 0x13
-
-	sysSizeofSockaddrInet6 = 0x1c
-
-	sysSizeofIPv6Mreq = 0x14
-)
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-var (
-	ctlOpts = [ctlMax]ctlOpt{}
-
-	sockOpts = [ssoMax]sockOpt{
-		ssoHopLimit:           {iana.ProtocolIPv6, sysIPV6_UNICAST_HOPS, ssoTypeInt},
-		ssoMulticastInterface: {iana.ProtocolIPv6, sysIPV6_MULTICAST_IF, ssoTypeInterface},
-		ssoMulticastHopLimit:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_HOPS, ssoTypeInt},
-		ssoMulticastLoopback:  {iana.ProtocolIPv6, sysIPV6_MULTICAST_LOOP, ssoTypeInt},
-		ssoJoinGroup:          {iana.ProtocolIPv6, sysIPV6_JOIN_GROUP, ssoTypeIPMreq},
-		ssoLeaveGroup:         {iana.ProtocolIPv6, sysIPV6_LEAVE_GROUP, ssoTypeIPMreq},
-	}
-)
-
-func (sa *sysSockaddrInet6) setSockaddr(ip net.IP, i int) {
-	sa.Family = syscall.AF_INET6
-	copy(sa.Addr[:], ip)
-	sa.Scope_id = uint32(i)
-}
-
-func (mreq *sysIPv6Mreq) setIfindex(i int) {
-	mreq.Interface = uint32(i)
-}
diff --git a/vendor/golang.org/x/net/ipv6/syscall_linux_386.go b/vendor/golang.org/x/net/ipv6/syscall_linux_386.go
deleted file mode 100644
index 82633a56..00000000
--- a/vendor/golang.org/x/net/ipv6/syscall_linux_386.go
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-const (
-	sysGETSOCKOPT = 0xf
-	sysSETSOCKOPT = 0xe
-)
-
-func socketcall(call int, a0, a1, a2, a3, a4, a5 uintptr) (int, syscall.Errno)
-
-func getsockopt(fd, level, name int, v unsafe.Pointer, l *sysSockoptLen) error {
-	if _, errno := socketcall(sysGETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(unsafe.Pointer(l)), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
-
-func setsockopt(fd, level, name int, v unsafe.Pointer, l sysSockoptLen) error {
-	if _, errno := socketcall(sysSETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(l), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv6/syscall_unix.go b/vendor/golang.org/x/net/ipv6/syscall_unix.go
deleted file mode 100644
index a2bd8363..00000000
--- a/vendor/golang.org/x/net/ipv6/syscall_unix.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build darwin dragonfly freebsd linux,!386 netbsd openbsd
-
-package ipv6
-
-import (
-	"syscall"
-	"unsafe"
-)
-
-func getsockopt(fd, level, name int, v unsafe.Pointer, l *sysSockoptLen) error {
-	if _, _, errno := syscall.Syscall6(syscall.SYS_GETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(unsafe.Pointer(l)), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
-
-func setsockopt(fd, level, name int, v unsafe.Pointer, l sysSockoptLen) error {
-	if _, _, errno := syscall.Syscall6(syscall.SYS_SETSOCKOPT, uintptr(fd), uintptr(level), uintptr(name), uintptr(v), uintptr(l), 0); errno != 0 {
-		return error(errno)
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/ipv6/thunk_linux_386.s b/vendor/golang.org/x/net/ipv6/thunk_linux_386.s
deleted file mode 100644
index daa78bc0..00000000
--- a/vendor/golang.org/x/net/ipv6/thunk_linux_386.s
+++ /dev/null
@@ -1,8 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build go1.2
-
-TEXT	·socketcall(SB),4,$0-36
-	JMP	syscall·socketcall(SB)
diff --git a/vendor/golang.org/x/net/ipv6/unicast_test.go b/vendor/golang.org/x/net/ipv6/unicast_test.go
deleted file mode 100644
index db5b08a2..00000000
--- a/vendor/golang.org/x/net/ipv6/unicast_test.go
+++ /dev/null
@@ -1,182 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"bytes"
-	"net"
-	"os"
-	"runtime"
-	"testing"
-	"time"
-
-	"golang.org/x/net/icmp"
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-func TestPacketConnReadWriteUnicastUDP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	c, err := net.ListenPacket("udp6", "[::1]:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv6.NewPacketConn(c)
-	defer p.Close()
-
-	dst, err := net.ResolveUDPAddr("udp6", c.LocalAddr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	cm := ipv6.ControlMessage{
-		TrafficClass: iana.DiffServAF11 | iana.CongestionExperienced,
-		Src:          net.IPv6loopback,
-	}
-	cf := ipv6.FlagTrafficClass | ipv6.FlagHopLimit | ipv6.FlagSrc | ipv6.FlagDst | ipv6.FlagInterface | ipv6.FlagPathMTU
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagLoopback)
-	if ifi != nil {
-		cm.IfIndex = ifi.Index
-	}
-	wb := []byte("HELLO-R-U-THERE")
-
-	for i, toggle := range []bool{true, false, true} {
-		if err := p.SetControlMessage(cf, toggle); err != nil {
-			if nettest.ProtocolNotSupported(err) {
-				t.Skipf("not supported on %s", runtime.GOOS)
-			}
-			t.Fatal(err)
-		}
-		cm.HopLimit = i + 1
-		if err := p.SetWriteDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, err := p.WriteTo(wb, &cm, dst); err != nil {
-			t.Fatal(err)
-		} else if n != len(wb) {
-			t.Fatalf("got %v; want %v", n, len(wb))
-		}
-		rb := make([]byte, 128)
-		if err := p.SetReadDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, _, _, err := p.ReadFrom(rb); err != nil {
-			t.Fatal(err)
-		} else if !bytes.Equal(rb[:n], wb) {
-			t.Fatalf("got %v; want %v", rb[:n], wb)
-		}
-	}
-}
-
-func TestPacketConnReadWriteUnicastICMP(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-	if m, ok := nettest.SupportsRawIPSocket(); !ok {
-		t.Skip(m)
-	}
-
-	c, err := net.ListenPacket("ip6:ipv6-icmp", "::1")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-	p := ipv6.NewPacketConn(c)
-	defer p.Close()
-
-	dst, err := net.ResolveIPAddr("ip6", "::1")
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	pshicmp := icmp.IPv6PseudoHeader(c.LocalAddr().(*net.IPAddr).IP, dst.IP)
-	cm := ipv6.ControlMessage{
-		TrafficClass: iana.DiffServAF11 | iana.CongestionExperienced,
-		Src:          net.IPv6loopback,
-	}
-	cf := ipv6.FlagTrafficClass | ipv6.FlagHopLimit | ipv6.FlagSrc | ipv6.FlagDst | ipv6.FlagInterface | ipv6.FlagPathMTU
-	ifi := nettest.RoutedInterface("ip6", net.FlagUp|net.FlagLoopback)
-	if ifi != nil {
-		cm.IfIndex = ifi.Index
-	}
-
-	var f ipv6.ICMPFilter
-	f.SetAll(true)
-	f.Accept(ipv6.ICMPTypeEchoReply)
-	if err := p.SetICMPFilter(&f); err != nil {
-		t.Fatal(err)
-	}
-
-	var psh []byte
-	for i, toggle := range []bool{true, false, true} {
-		if toggle {
-			psh = nil
-			if err := p.SetChecksum(true, 2); err != nil {
-				t.Fatal(err)
-			}
-		} else {
-			psh = pshicmp
-			// Some platforms never allow to disable the
-			// kernel checksum processing.
-			p.SetChecksum(false, -1)
-		}
-		wb, err := (&icmp.Message{
-			Type: ipv6.ICMPTypeEchoRequest, Code: 0,
-			Body: &icmp.Echo{
-				ID: os.Getpid() & 0xffff, Seq: i + 1,
-				Data: []byte("HELLO-R-U-THERE"),
-			},
-		}).Marshal(psh)
-		if err != nil {
-			t.Fatal(err)
-		}
-		if err := p.SetControlMessage(cf, toggle); err != nil {
-			if nettest.ProtocolNotSupported(err) {
-				t.Skipf("not supported on %s", runtime.GOOS)
-			}
-			t.Fatal(err)
-		}
-		cm.HopLimit = i + 1
-		if err := p.SetWriteDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, err := p.WriteTo(wb, &cm, dst); err != nil {
-			t.Fatal(err)
-		} else if n != len(wb) {
-			t.Fatalf("got %v; want %v", n, len(wb))
-		}
-		rb := make([]byte, 128)
-		if err := p.SetReadDeadline(time.Now().Add(100 * time.Millisecond)); err != nil {
-			t.Fatal(err)
-		}
-		if n, _, _, err := p.ReadFrom(rb); err != nil {
-			switch runtime.GOOS {
-			case "darwin": // older darwin kernels have some limitation on receiving icmp packet through raw socket
-				t.Logf("not supported on %s", runtime.GOOS)
-				continue
-			}
-			t.Fatal(err)
-		} else {
-			if m, err := icmp.ParseMessage(iana.ProtocolIPv6ICMP, rb[:n]); err != nil {
-				t.Fatal(err)
-			} else if m.Type != ipv6.ICMPTypeEchoReply || m.Code != 0 {
-				t.Fatalf("got type=%v, code=%v; want type=%v, code=%v", m.Type, m.Code, ipv6.ICMPTypeEchoReply, 0)
-			}
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/unicastsockopt_test.go b/vendor/golang.org/x/net/ipv6/unicastsockopt_test.go
deleted file mode 100644
index 7bb2e440..00000000
--- a/vendor/golang.org/x/net/ipv6/unicastsockopt_test.go
+++ /dev/null
@@ -1,111 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package ipv6_test
-
-import (
-	"net"
-	"runtime"
-	"testing"
-
-	"golang.org/x/net/internal/iana"
-	"golang.org/x/net/internal/nettest"
-	"golang.org/x/net/ipv6"
-)
-
-func TestConnUnicastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	ln, err := net.Listen("tcp6", "[::1]:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer ln.Close()
-
-	done := make(chan bool)
-	go acceptor(t, ln, done)
-
-	c, err := net.Dial("tcp6", ln.Addr().String())
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer c.Close()
-
-	testUnicastSocketOptions(t, ipv6.NewConn(c))
-
-	<-done
-}
-
-var packetConnUnicastSocketOptionTests = []struct {
-	net, proto, addr string
-}{
-	{"udp6", "", "[::1]:0"},
-	{"ip6", ":ipv6-icmp", "::1"},
-}
-
-func TestPacketConnUnicastSocketOptions(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl", "plan9", "solaris", "windows":
-		t.Skipf("not supported on %s", runtime.GOOS)
-	}
-	if !supportsIPv6 {
-		t.Skip("ipv6 is not supported")
-	}
-
-	m, ok := nettest.SupportsRawIPSocket()
-	for _, tt := range packetConnUnicastSocketOptionTests {
-		if tt.net == "ip6" && !ok {
-			t.Log(m)
-			continue
-		}
-		c, err := net.ListenPacket(tt.net+tt.proto, tt.addr)
-		if err != nil {
-			t.Fatal(err)
-		}
-		defer c.Close()
-
-		testUnicastSocketOptions(t, ipv6.NewPacketConn(c))
-	}
-}
-
-type testIPv6UnicastConn interface {
-	TrafficClass() (int, error)
-	SetTrafficClass(int) error
-	HopLimit() (int, error)
-	SetHopLimit(int) error
-}
-
-func testUnicastSocketOptions(t *testing.T, c testIPv6UnicastConn) {
-	tclass := iana.DiffServCS0 | iana.NotECNTransport
-	if err := c.SetTrafficClass(tclass); err != nil {
-		switch runtime.GOOS {
-		case "darwin": // older darwin kernels don't support IPV6_TCLASS option
-			t.Logf("not supported on %s", runtime.GOOS)
-			goto next
-		}
-		t.Fatal(err)
-	}
-	if v, err := c.TrafficClass(); err != nil {
-		t.Fatal(err)
-	} else if v != tclass {
-		t.Fatalf("got %v; want %v", v, tclass)
-	}
-
-next:
-	hoplim := 255
-	if err := c.SetHopLimit(hoplim); err != nil {
-		t.Fatal(err)
-	}
-	if v, err := c.HopLimit(); err != nil {
-		t.Fatal(err)
-	} else if v != hoplim {
-		t.Fatalf("got %v; want %v", v, hoplim)
-	}
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_darwin.go b/vendor/golang.org/x/net/ipv6/zsys_darwin.go
deleted file mode 100644
index cb044b03..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_darwin.go
+++ /dev/null
@@ -1,131 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_darwin.go
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-
-	sysIPV6_PORTRANGE    = 0xe
-	sysICMP6_FILTER      = 0x12
-	sysIPV6_2292PKTINFO  = 0x13
-	sysIPV6_2292HOPLIMIT = 0x14
-	sysIPV6_2292NEXTHOP  = 0x15
-	sysIPV6_2292HOPOPTS  = 0x16
-	sysIPV6_2292DSTOPTS  = 0x17
-	sysIPV6_2292RTHDR    = 0x18
-
-	sysIPV6_2292PKTOPTIONS = 0x19
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_IPSEC_POLICY = 0x1c
-
-	sysIPV6_RECVTCLASS = 0x23
-	sysIPV6_TCLASS     = 0x24
-
-	sysIPV6_RTHDRDSTOPTS = 0x39
-
-	sysIPV6_RECVPKTINFO = 0x3d
-
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-
-	sysIPV6_PATHMTU = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_AUTOFLOWLABEL = 0x3b
-
-	sysIPV6_DONTFRAG = 0x3e
-
-	sysIPV6_PREFER_TEMPADDR = 0x3f
-
-	sysIPV6_MSFILTER            = 0x4a
-	sysMCAST_JOIN_GROUP         = 0x50
-	sysMCAST_LEAVE_GROUP        = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x53
-	sysMCAST_BLOCK_SOURCE       = 0x54
-	sysMCAST_UNBLOCK_SOURCE     = 0x55
-
-	sysIPV6_BOUND_IF = 0x7d
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6   = 0x1c
-	sysSizeofInet6Pktinfo    = 0x14
-	sysSizeofIPv6Mtuinfo     = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [128]byte
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [128]byte
-	Pad_cgo_1 [128]byte
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go b/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
deleted file mode 100644
index 5a03ab73..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_dragonfly.go
+++ /dev/null
@@ -1,90 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_dragonfly.go
-
-// +build dragonfly
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PORTRANGE      = 0xe
-	sysICMP6_FILTER        = 0x12
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_IPSEC_POLICY = 0x1c
-
-	sysIPV6_RTHDRDSTOPTS = 0x23
-	sysIPV6_RECVPKTINFO  = 0x24
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-
-	sysIPV6_PATHMTU = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_RECVTCLASS = 0x39
-
-	sysIPV6_AUTOFLOWLABEL = 0x3b
-
-	sysIPV6_TCLASS   = 0x3d
-	sysIPV6_DONTFRAG = 0x3e
-
-	sysIPV6_PREFER_TEMPADDR = 0x3f
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrInet6 = 0x1c
-	sysSizeofInet6Pktinfo  = 0x14
-	sysSizeofIPv6Mtuinfo   = 0x20
-
-	sysSizeofIPv6Mreq = 0x14
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
deleted file mode 100644
index 4ace96f0..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_386.go
+++ /dev/null
@@ -1,122 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_freebsd.go
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PORTRANGE      = 0xe
-	sysICMP6_FILTER        = 0x12
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_IPSEC_POLICY = 0x1c
-
-	sysIPV6_RTHDRDSTOPTS = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x24
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-
-	sysIPV6_PATHMTU = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_RECVTCLASS = 0x39
-
-	sysIPV6_AUTOFLOWLABEL = 0x3b
-
-	sysIPV6_TCLASS   = 0x3d
-	sysIPV6_DONTFRAG = 0x3e
-
-	sysIPV6_PREFER_TEMPADDR = 0x3f
-
-	sysIPV6_BINDANY = 0x40
-
-	sysIPV6_MSFILTER = 0x4a
-
-	sysMCAST_JOIN_GROUP         = 0x50
-	sysMCAST_LEAVE_GROUP        = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x53
-	sysMCAST_BLOCK_SOURCE       = 0x54
-	sysMCAST_UNBLOCK_SOURCE     = 0x55
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6   = 0x1c
-	sysSizeofInet6Pktinfo    = 0x14
-	sysSizeofIPv6Mtuinfo     = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Group     sysSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Group     sysSockaddrStorage
-	Source    sysSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
deleted file mode 100644
index 4a62c2d5..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_amd64.go
+++ /dev/null
@@ -1,124 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_freebsd.go
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PORTRANGE      = 0xe
-	sysICMP6_FILTER        = 0x12
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_IPSEC_POLICY = 0x1c
-
-	sysIPV6_RTHDRDSTOPTS = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x24
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-
-	sysIPV6_PATHMTU = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_RECVTCLASS = 0x39
-
-	sysIPV6_AUTOFLOWLABEL = 0x3b
-
-	sysIPV6_TCLASS   = 0x3d
-	sysIPV6_DONTFRAG = 0x3e
-
-	sysIPV6_PREFER_TEMPADDR = 0x3f
-
-	sysIPV6_BINDANY = 0x40
-
-	sysIPV6_MSFILTER = 0x4a
-
-	sysMCAST_JOIN_GROUP         = 0x50
-	sysMCAST_LEAVE_GROUP        = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x53
-	sysMCAST_BLOCK_SOURCE       = 0x54
-	sysMCAST_UNBLOCK_SOURCE     = 0x55
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6   = 0x1c
-	sysSizeofInet6Pktinfo    = 0x14
-	sysSizeofIPv6Mtuinfo     = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-	Source    sysSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go b/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
deleted file mode 100644
index 4a62c2d5..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_freebsd_arm.go
+++ /dev/null
@@ -1,124 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_freebsd.go
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PORTRANGE      = 0xe
-	sysICMP6_FILTER        = 0x12
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_IPSEC_POLICY = 0x1c
-
-	sysIPV6_RTHDRDSTOPTS = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x24
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-
-	sysIPV6_PATHMTU = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_RECVTCLASS = 0x39
-
-	sysIPV6_AUTOFLOWLABEL = 0x3b
-
-	sysIPV6_TCLASS   = 0x3d
-	sysIPV6_DONTFRAG = 0x3e
-
-	sysIPV6_PREFER_TEMPADDR = 0x3f
-
-	sysIPV6_BINDANY = 0x40
-
-	sysIPV6_MSFILTER = 0x4a
-
-	sysMCAST_JOIN_GROUP         = 0x50
-	sysMCAST_LEAVE_GROUP        = 0x51
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x52
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x53
-	sysMCAST_BLOCK_SOURCE       = 0x54
-	sysMCAST_UNBLOCK_SOURCE     = 0x55
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6   = 0x1c
-	sysSizeofInet6Pktinfo    = 0x14
-	sysSizeofIPv6Mtuinfo     = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrStorage struct {
-	Len         uint8
-	Family      uint8
-	X__ss_pad1  [6]int8
-	X__ss_align int64
-	X__ss_pad2  [112]int8
-}
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysSockaddrStorage
-	Source    sysSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_386.go b/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
deleted file mode 100644
index 27279292..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_386.go
+++ /dev/null
@@ -1,152 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
deleted file mode 100644
index 2f742e95..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_amd64.go
+++ /dev/null
@@ -1,154 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go b/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
deleted file mode 100644
index 27279292..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_arm.go
+++ /dev/null
@@ -1,152 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x84
-	sysSizeofGroupSourceReq = 0x104
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
deleted file mode 100644
index ab104645..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_arm64.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,arm64
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
deleted file mode 100644
index ec8ce157..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,mips64
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go b/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
deleted file mode 100644
index 2341ae67..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_mips64le.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,mips64le
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
deleted file mode 100644
index b99b8a51..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,ppc64
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go b/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
deleted file mode 100644
index 992b56e2..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_linux_ppc64le.go
+++ /dev/null
@@ -1,156 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_linux.go
-
-// +build linux,ppc64le
-
-package ipv6
-
-const (
-	sysIPV6_ADDRFORM       = 0x1
-	sysIPV6_2292PKTINFO    = 0x2
-	sysIPV6_2292HOPOPTS    = 0x3
-	sysIPV6_2292DSTOPTS    = 0x4
-	sysIPV6_2292RTHDR      = 0x5
-	sysIPV6_2292PKTOPTIONS = 0x6
-	sysIPV6_CHECKSUM       = 0x7
-	sysIPV6_2292HOPLIMIT   = 0x8
-	sysIPV6_NEXTHOP        = 0x9
-	sysIPV6_FLOWINFO       = 0xb
-
-	sysIPV6_UNICAST_HOPS        = 0x10
-	sysIPV6_MULTICAST_IF        = 0x11
-	sysIPV6_MULTICAST_HOPS      = 0x12
-	sysIPV6_MULTICAST_LOOP      = 0x13
-	sysIPV6_ADD_MEMBERSHIP      = 0x14
-	sysIPV6_DROP_MEMBERSHIP     = 0x15
-	sysMCAST_JOIN_GROUP         = 0x2a
-	sysMCAST_LEAVE_GROUP        = 0x2d
-	sysMCAST_JOIN_SOURCE_GROUP  = 0x2e
-	sysMCAST_LEAVE_SOURCE_GROUP = 0x2f
-	sysMCAST_BLOCK_SOURCE       = 0x2b
-	sysMCAST_UNBLOCK_SOURCE     = 0x2c
-	sysMCAST_MSFILTER           = 0x30
-	sysIPV6_ROUTER_ALERT        = 0x16
-	sysIPV6_MTU_DISCOVER        = 0x17
-	sysIPV6_MTU                 = 0x18
-	sysIPV6_RECVERR             = 0x19
-	sysIPV6_V6ONLY              = 0x1a
-	sysIPV6_JOIN_ANYCAST        = 0x1b
-	sysIPV6_LEAVE_ANYCAST       = 0x1c
-
-	sysIPV6_FLOWLABEL_MGR = 0x20
-	sysIPV6_FLOWINFO_SEND = 0x21
-
-	sysIPV6_IPSEC_POLICY = 0x22
-	sysIPV6_XFRM_POLICY  = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x31
-	sysIPV6_PKTINFO      = 0x32
-	sysIPV6_RECVHOPLIMIT = 0x33
-	sysIPV6_HOPLIMIT     = 0x34
-	sysIPV6_RECVHOPOPTS  = 0x35
-	sysIPV6_HOPOPTS      = 0x36
-	sysIPV6_RTHDRDSTOPTS = 0x37
-	sysIPV6_RECVRTHDR    = 0x38
-	sysIPV6_RTHDR        = 0x39
-	sysIPV6_RECVDSTOPTS  = 0x3a
-	sysIPV6_DSTOPTS      = 0x3b
-	sysIPV6_RECVPATHMTU  = 0x3c
-	sysIPV6_PATHMTU      = 0x3d
-	sysIPV6_DONTFRAG     = 0x3e
-
-	sysIPV6_RECVTCLASS = 0x42
-	sysIPV6_TCLASS     = 0x43
-
-	sysIPV6_ADDR_PREFERENCES = 0x48
-
-	sysIPV6_PREFER_SRC_TMP            = 0x1
-	sysIPV6_PREFER_SRC_PUBLIC         = 0x2
-	sysIPV6_PREFER_SRC_PUBTMP_DEFAULT = 0x100
-	sysIPV6_PREFER_SRC_COA            = 0x4
-	sysIPV6_PREFER_SRC_HOME           = 0x400
-	sysIPV6_PREFER_SRC_CGA            = 0x8
-	sysIPV6_PREFER_SRC_NONCGA         = 0x800
-
-	sysIPV6_MINHOPCOUNT = 0x49
-
-	sysIPV6_ORIGDSTADDR     = 0x4a
-	sysIPV6_RECVORIGDSTADDR = 0x4a
-	sysIPV6_TRANSPARENT     = 0x4b
-	sysIPV6_UNICAST_IF      = 0x4c
-
-	sysICMPV6_FILTER = 0x1
-
-	sysICMPV6_FILTER_BLOCK       = 0x1
-	sysICMPV6_FILTER_PASS        = 0x2
-	sysICMPV6_FILTER_BLOCKOTHERS = 0x3
-	sysICMPV6_FILTER_PASSONLY    = 0x4
-
-	sysSizeofKernelSockaddrStorage = 0x80
-	sysSizeofSockaddrInet6         = 0x1c
-	sysSizeofInet6Pktinfo          = 0x14
-	sysSizeofIPv6Mtuinfo           = 0x20
-	sysSizeofIPv6FlowlabelReq      = 0x20
-
-	sysSizeofIPv6Mreq       = 0x14
-	sysSizeofGroupReq       = 0x88
-	sysSizeofGroupSourceReq = 0x108
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysKernelSockaddrStorage struct {
-	Family  uint16
-	X__data [126]int8
-}
-
-type sysSockaddrInet6 struct {
-	Family   uint16
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex int32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6FlowlabelReq struct {
-	Dst        [16]byte /* in6_addr */
-	Label      uint32
-	Action     uint8
-	Share      uint8
-	Flags      uint16
-	Expires    uint16
-	Linger     uint16
-	X__flr_pad uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Ifindex   int32
-}
-
-type sysGroupReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-}
-
-type sysGroupSourceReq struct {
-	Interface uint32
-	Pad_cgo_0 [4]byte
-	Group     sysKernelSockaddrStorage
-	Source    sysKernelSockaddrStorage
-}
-
-type sysICMPv6Filter struct {
-	Data [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_netbsd.go b/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
deleted file mode 100644
index d6ec88e3..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_netbsd.go
+++ /dev/null
@@ -1,84 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_netbsd.go
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PORTRANGE      = 0xe
-	sysICMP6_FILTER        = 0x12
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_IPSEC_POLICY = 0x1c
-
-	sysIPV6_RTHDRDSTOPTS = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x24
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-	sysIPV6_PATHMTU     = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_RECVTCLASS = 0x39
-
-	sysIPV6_TCLASS   = 0x3d
-	sysIPV6_DONTFRAG = 0x3e
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrInet6 = 0x1c
-	sysSizeofInet6Pktinfo  = 0x14
-	sysSizeofIPv6Mtuinfo   = 0x20
-
-	sysSizeofIPv6Mreq = 0x14
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_openbsd.go b/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
deleted file mode 100644
index 3e080b78..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_openbsd.go
+++ /dev/null
@@ -1,93 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_openbsd.go
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x4
-	sysIPV6_MULTICAST_IF   = 0x9
-	sysIPV6_MULTICAST_HOPS = 0xa
-	sysIPV6_MULTICAST_LOOP = 0xb
-	sysIPV6_JOIN_GROUP     = 0xc
-	sysIPV6_LEAVE_GROUP    = 0xd
-	sysIPV6_PORTRANGE      = 0xe
-	sysICMP6_FILTER        = 0x12
-
-	sysIPV6_CHECKSUM = 0x1a
-	sysIPV6_V6ONLY   = 0x1b
-
-	sysIPV6_RTHDRDSTOPTS = 0x23
-
-	sysIPV6_RECVPKTINFO  = 0x24
-	sysIPV6_RECVHOPLIMIT = 0x25
-	sysIPV6_RECVRTHDR    = 0x26
-	sysIPV6_RECVHOPOPTS  = 0x27
-	sysIPV6_RECVDSTOPTS  = 0x28
-
-	sysIPV6_USE_MIN_MTU = 0x2a
-	sysIPV6_RECVPATHMTU = 0x2b
-
-	sysIPV6_PATHMTU = 0x2c
-
-	sysIPV6_PKTINFO  = 0x2e
-	sysIPV6_HOPLIMIT = 0x2f
-	sysIPV6_NEXTHOP  = 0x30
-	sysIPV6_HOPOPTS  = 0x31
-	sysIPV6_DSTOPTS  = 0x32
-	sysIPV6_RTHDR    = 0x33
-
-	sysIPV6_AUTH_LEVEL        = 0x35
-	sysIPV6_ESP_TRANS_LEVEL   = 0x36
-	sysIPV6_ESP_NETWORK_LEVEL = 0x37
-	sysIPSEC6_OUTSA           = 0x38
-	sysIPV6_RECVTCLASS        = 0x39
-
-	sysIPV6_AUTOFLOWLABEL = 0x3b
-	sysIPV6_IPCOMP_LEVEL  = 0x3c
-
-	sysIPV6_TCLASS   = 0x3d
-	sysIPV6_DONTFRAG = 0x3e
-	sysIPV6_PIPEX    = 0x3f
-
-	sysIPV6_RTABLE = 0x1021
-
-	sysIPV6_PORTRANGE_DEFAULT = 0x0
-	sysIPV6_PORTRANGE_HIGH    = 0x1
-	sysIPV6_PORTRANGE_LOW     = 0x2
-
-	sysSizeofSockaddrInet6 = 0x1c
-	sysSizeofInet6Pktinfo  = 0x14
-	sysSizeofIPv6Mtuinfo   = 0x20
-
-	sysSizeofIPv6Mreq = 0x14
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrInet6 struct {
-	Len      uint8
-	Family   uint8
-	Port     uint16
-	Flowinfo uint32
-	Addr     [16]byte /* in6_addr */
-	Scope_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysICMPv6Filter struct {
-	Filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/ipv6/zsys_solaris.go b/vendor/golang.org/x/net/ipv6/zsys_solaris.go
deleted file mode 100644
index cdf00c25..00000000
--- a/vendor/golang.org/x/net/ipv6/zsys_solaris.go
+++ /dev/null
@@ -1,105 +0,0 @@
-// Created by cgo -godefs - DO NOT EDIT
-// cgo -godefs defs_solaris.go
-
-// +build solaris
-
-package ipv6
-
-const (
-	sysIPV6_UNICAST_HOPS   = 0x5
-	sysIPV6_MULTICAST_IF   = 0x6
-	sysIPV6_MULTICAST_HOPS = 0x7
-	sysIPV6_MULTICAST_LOOP = 0x8
-	sysIPV6_JOIN_GROUP     = 0x9
-	sysIPV6_LEAVE_GROUP    = 0xa
-
-	sysIPV6_PKTINFO = 0xb
-
-	sysIPV6_HOPLIMIT = 0xc
-	sysIPV6_NEXTHOP  = 0xd
-	sysIPV6_HOPOPTS  = 0xe
-	sysIPV6_DSTOPTS  = 0xf
-
-	sysIPV6_RTHDR        = 0x10
-	sysIPV6_RTHDRDSTOPTS = 0x11
-
-	sysIPV6_RECVPKTINFO  = 0x12
-	sysIPV6_RECVHOPLIMIT = 0x13
-	sysIPV6_RECVHOPOPTS  = 0x14
-
-	sysIPV6_RECVRTHDR = 0x16
-
-	sysIPV6_RECVRTHDRDSTOPTS = 0x17
-
-	sysIPV6_CHECKSUM        = 0x18
-	sysIPV6_RECVTCLASS      = 0x19
-	sysIPV6_USE_MIN_MTU     = 0x20
-	sysIPV6_DONTFRAG        = 0x21
-	sysIPV6_SEC_OPT         = 0x22
-	sysIPV6_SRC_PREFERENCES = 0x23
-	sysIPV6_RECVPATHMTU     = 0x24
-	sysIPV6_PATHMTU         = 0x25
-	sysIPV6_TCLASS          = 0x26
-	sysIPV6_V6ONLY          = 0x27
-
-	sysIPV6_RECVDSTOPTS = 0x28
-
-	sysIPV6_PREFER_SRC_HOME   = 0x1
-	sysIPV6_PREFER_SRC_COA    = 0x2
-	sysIPV6_PREFER_SRC_PUBLIC = 0x4
-	sysIPV6_PREFER_SRC_TMP    = 0x8
-	sysIPV6_PREFER_SRC_NONCGA = 0x10
-	sysIPV6_PREFER_SRC_CGA    = 0x20
-
-	sysIPV6_PREFER_SRC_MIPMASK    = 0x3
-	sysIPV6_PREFER_SRC_MIPDEFAULT = 0x1
-	sysIPV6_PREFER_SRC_TMPMASK    = 0xc
-	sysIPV6_PREFER_SRC_TMPDEFAULT = 0x4
-	sysIPV6_PREFER_SRC_CGAMASK    = 0x30
-	sysIPV6_PREFER_SRC_CGADEFAULT = 0x10
-
-	sysIPV6_PREFER_SRC_MASK = 0x3f
-
-	sysIPV6_PREFER_SRC_DEFAULT = 0x15
-
-	sysIPV6_BOUND_IF   = 0x41
-	sysIPV6_UNSPEC_SRC = 0x42
-
-	sysICMP6_FILTER = 0x1
-
-	sysSizeofSockaddrInet6 = 0x20
-	sysSizeofInet6Pktinfo  = 0x14
-	sysSizeofIPv6Mtuinfo   = 0x24
-
-	sysSizeofIPv6Mreq = 0x14
-
-	sysSizeofICMPv6Filter = 0x20
-)
-
-type sysSockaddrInet6 struct {
-	Family         uint16
-	Port           uint16
-	Flowinfo       uint32
-	Addr           [16]byte /* in6_addr */
-	Scope_id       uint32
-	X__sin6_src_id uint32
-}
-
-type sysInet6Pktinfo struct {
-	Addr    [16]byte /* in6_addr */
-	Ifindex uint32
-}
-
-type sysIPv6Mtuinfo struct {
-	Addr sysSockaddrInet6
-	Mtu  uint32
-}
-
-type sysIPv6Mreq struct {
-	Multiaddr [16]byte /* in6_addr */
-	Interface uint32
-}
-
-type sysICMPv6Filter struct {
-	X__icmp6_filt [8]uint32
-}
diff --git a/vendor/golang.org/x/net/netutil/listen.go b/vendor/golang.org/x/net/netutil/listen.go
deleted file mode 100644
index b317ba2e..00000000
--- a/vendor/golang.org/x/net/netutil/listen.go
+++ /dev/null
@@ -1,48 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package netutil provides network utility functions, complementing the more
-// common ones in the net package.
-package netutil // import "golang.org/x/net/netutil"
-
-import (
-	"net"
-	"sync"
-)
-
-// LimitListener returns a Listener that accepts at most n simultaneous
-// connections from the provided Listener.
-func LimitListener(l net.Listener, n int) net.Listener {
-	return &limitListener{l, make(chan struct{}, n)}
-}
-
-type limitListener struct {
-	net.Listener
-	sem chan struct{}
-}
-
-func (l *limitListener) acquire() { l.sem <- struct{}{} }
-func (l *limitListener) release() { <-l.sem }
-
-func (l *limitListener) Accept() (net.Conn, error) {
-	l.acquire()
-	c, err := l.Listener.Accept()
-	if err != nil {
-		l.release()
-		return nil, err
-	}
-	return &limitListenerConn{Conn: c, release: l.release}, nil
-}
-
-type limitListenerConn struct {
-	net.Conn
-	releaseOnce sync.Once
-	release     func()
-}
-
-func (l *limitListenerConn) Close() error {
-	err := l.Conn.Close()
-	l.releaseOnce.Do(l.release)
-	return err
-}
diff --git a/vendor/golang.org/x/net/netutil/listen_test.go b/vendor/golang.org/x/net/netutil/listen_test.go
deleted file mode 100644
index c1a3d552..00000000
--- a/vendor/golang.org/x/net/netutil/listen_test.go
+++ /dev/null
@@ -1,101 +0,0 @@
-// Copyright 2013 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package netutil
-
-import (
-	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net"
-	"net/http"
-	"sync"
-	"sync/atomic"
-	"testing"
-	"time"
-
-	"golang.org/x/net/internal/nettest"
-)
-
-func TestLimitListener(t *testing.T) {
-	const max = 5
-	attempts := (nettest.MaxOpenFiles() - max) / 2
-	if attempts > 256 { // maximum length of accept queue is 128 by default
-		attempts = 256
-	}
-
-	l, err := net.Listen("tcp", "127.0.0.1:0")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer l.Close()
-	l = LimitListener(l, max)
-
-	var open int32
-	go http.Serve(l, http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if n := atomic.AddInt32(&open, 1); n > max {
-			t.Errorf("%d open connections, want <= %d", n, max)
-		}
-		defer atomic.AddInt32(&open, -1)
-		time.Sleep(10 * time.Millisecond)
-		fmt.Fprint(w, "some body")
-	}))
-
-	var wg sync.WaitGroup
-	var failed int32
-	for i := 0; i < attempts; i++ {
-		wg.Add(1)
-		go func() {
-			defer wg.Done()
-			c := http.Client{Timeout: 3 * time.Second}
-			r, err := c.Get("http://" + l.Addr().String())
-			if err != nil {
-				t.Log(err)
-				atomic.AddInt32(&failed, 1)
-				return
-			}
-			defer r.Body.Close()
-			io.Copy(ioutil.Discard, r.Body)
-		}()
-	}
-	wg.Wait()
-
-	// We expect some Gets to fail as the kernel's accept queue is filled,
-	// but most should succeed.
-	if int(failed) >= attempts/2 {
-		t.Errorf("%d requests failed within %d attempts", failed, attempts)
-	}
-}
-
-type errorListener struct {
-	net.Listener
-}
-
-func (errorListener) Accept() (net.Conn, error) {
-	return nil, errFake
-}
-
-var errFake = errors.New("fake error from errorListener")
-
-// This used to hang.
-func TestLimitListenerError(t *testing.T) {
-	donec := make(chan bool, 1)
-	go func() {
-		const n = 2
-		ll := LimitListener(errorListener{}, n)
-		for i := 0; i < n+1; i++ {
-			_, err := ll.Accept()
-			if err != errFake {
-				t.Fatalf("Accept error = %v; want errFake", err)
-			}
-		}
-		donec <- true
-	}()
-	select {
-	case <-donec:
-	case <-time.After(5 * time.Second):
-		t.Fatal("timeout. deadlock?")
-	}
-}
diff --git a/vendor/golang.org/x/net/proxy/direct.go b/vendor/golang.org/x/net/proxy/direct.go
deleted file mode 100644
index 4c5ad88b..00000000
--- a/vendor/golang.org/x/net/proxy/direct.go
+++ /dev/null
@@ -1,18 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proxy
-
-import (
-	"net"
-)
-
-type direct struct{}
-
-// Direct is a direct proxy: one that makes network connections directly.
-var Direct = direct{}
-
-func (direct) Dial(network, addr string) (net.Conn, error) {
-	return net.Dial(network, addr)
-}
diff --git a/vendor/golang.org/x/net/proxy/per_host.go b/vendor/golang.org/x/net/proxy/per_host.go
deleted file mode 100644
index f540b196..00000000
--- a/vendor/golang.org/x/net/proxy/per_host.go
+++ /dev/null
@@ -1,140 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proxy
-
-import (
-	"net"
-	"strings"
-)
-
-// A PerHost directs connections to a default Dialer unless the hostname
-// requested matches one of a number of exceptions.
-type PerHost struct {
-	def, bypass Dialer
-
-	bypassNetworks []*net.IPNet
-	bypassIPs      []net.IP
-	bypassZones    []string
-	bypassHosts    []string
-}
-
-// NewPerHost returns a PerHost Dialer that directs connections to either
-// defaultDialer or bypass, depending on whether the connection matches one of
-// the configured rules.
-func NewPerHost(defaultDialer, bypass Dialer) *PerHost {
-	return &PerHost{
-		def:    defaultDialer,
-		bypass: bypass,
-	}
-}
-
-// Dial connects to the address addr on the given network through either
-// defaultDialer or bypass.
-func (p *PerHost) Dial(network, addr string) (c net.Conn, err error) {
-	host, _, err := net.SplitHostPort(addr)
-	if err != nil {
-		return nil, err
-	}
-
-	return p.dialerForRequest(host).Dial(network, addr)
-}
-
-func (p *PerHost) dialerForRequest(host string) Dialer {
-	if ip := net.ParseIP(host); ip != nil {
-		for _, net := range p.bypassNetworks {
-			if net.Contains(ip) {
-				return p.bypass
-			}
-		}
-		for _, bypassIP := range p.bypassIPs {
-			if bypassIP.Equal(ip) {
-				return p.bypass
-			}
-		}
-		return p.def
-	}
-
-	for _, zone := range p.bypassZones {
-		if strings.HasSuffix(host, zone) {
-			return p.bypass
-		}
-		if host == zone[1:] {
-			// For a zone "example.com", we match "example.com"
-			// too.
-			return p.bypass
-		}
-	}
-	for _, bypassHost := range p.bypassHosts {
-		if bypassHost == host {
-			return p.bypass
-		}
-	}
-	return p.def
-}
-
-// AddFromString parses a string that contains comma-separated values
-// specifying hosts that should use the bypass proxy. Each value is either an
-// IP address, a CIDR range, a zone (*.example.com) or a hostname
-// (localhost). A best effort is made to parse the string and errors are
-// ignored.
-func (p *PerHost) AddFromString(s string) {
-	hosts := strings.Split(s, ",")
-	for _, host := range hosts {
-		host = strings.TrimSpace(host)
-		if len(host) == 0 {
-			continue
-		}
-		if strings.Contains(host, "/") {
-			// We assume that it's a CIDR address like 127.0.0.0/8
-			if _, net, err := net.ParseCIDR(host); err == nil {
-				p.AddNetwork(net)
-			}
-			continue
-		}
-		if ip := net.ParseIP(host); ip != nil {
-			p.AddIP(ip)
-			continue
-		}
-		if strings.HasPrefix(host, "*.") {
-			p.AddZone(host[1:])
-			continue
-		}
-		p.AddHost(host)
-	}
-}
-
-// AddIP specifies an IP address that will use the bypass proxy. Note that
-// this will only take effect if a literal IP address is dialed. A connection
-// to a named host will never match an IP.
-func (p *PerHost) AddIP(ip net.IP) {
-	p.bypassIPs = append(p.bypassIPs, ip)
-}
-
-// AddNetwork specifies an IP range that will use the bypass proxy. Note that
-// this will only take effect if a literal IP address is dialed. A connection
-// to a named host will never match.
-func (p *PerHost) AddNetwork(net *net.IPNet) {
-	p.bypassNetworks = append(p.bypassNetworks, net)
-}
-
-// AddZone specifies a DNS suffix that will use the bypass proxy. A zone of
-// "example.com" matches "example.com" and all of its subdomains.
-func (p *PerHost) AddZone(zone string) {
-	if strings.HasSuffix(zone, ".") {
-		zone = zone[:len(zone)-1]
-	}
-	if !strings.HasPrefix(zone, ".") {
-		zone = "." + zone
-	}
-	p.bypassZones = append(p.bypassZones, zone)
-}
-
-// AddHost specifies a hostname that will use the bypass proxy.
-func (p *PerHost) AddHost(host string) {
-	if strings.HasSuffix(host, ".") {
-		host = host[:len(host)-1]
-	}
-	p.bypassHosts = append(p.bypassHosts, host)
-}
diff --git a/vendor/golang.org/x/net/proxy/per_host_test.go b/vendor/golang.org/x/net/proxy/per_host_test.go
deleted file mode 100644
index a7d80957..00000000
--- a/vendor/golang.org/x/net/proxy/per_host_test.go
+++ /dev/null
@@ -1,55 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proxy
-
-import (
-	"errors"
-	"net"
-	"reflect"
-	"testing"
-)
-
-type recordingProxy struct {
-	addrs []string
-}
-
-func (r *recordingProxy) Dial(network, addr string) (net.Conn, error) {
-	r.addrs = append(r.addrs, addr)
-	return nil, errors.New("recordingProxy")
-}
-
-func TestPerHost(t *testing.T) {
-	var def, bypass recordingProxy
-	perHost := NewPerHost(&def, &bypass)
-	perHost.AddFromString("localhost,*.zone,127.0.0.1,10.0.0.1/8,1000::/16")
-
-	expectedDef := []string{
-		"example.com:123",
-		"1.2.3.4:123",
-		"[1001::]:123",
-	}
-	expectedBypass := []string{
-		"localhost:123",
-		"zone:123",
-		"foo.zone:123",
-		"127.0.0.1:123",
-		"10.1.2.3:123",
-		"[1000::]:123",
-	}
-
-	for _, addr := range expectedDef {
-		perHost.Dial("tcp", addr)
-	}
-	for _, addr := range expectedBypass {
-		perHost.Dial("tcp", addr)
-	}
-
-	if !reflect.DeepEqual(expectedDef, def.addrs) {
-		t.Errorf("Hosts which went to the default proxy didn't match. Got %v, want %v", def.addrs, expectedDef)
-	}
-	if !reflect.DeepEqual(expectedBypass, bypass.addrs) {
-		t.Errorf("Hosts which went to the bypass proxy didn't match. Got %v, want %v", bypass.addrs, expectedBypass)
-	}
-}
diff --git a/vendor/golang.org/x/net/proxy/proxy.go b/vendor/golang.org/x/net/proxy/proxy.go
deleted file mode 100644
index 78a8b7be..00000000
--- a/vendor/golang.org/x/net/proxy/proxy.go
+++ /dev/null
@@ -1,94 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package proxy provides support for a variety of protocols to proxy network
-// data.
-package proxy // import "golang.org/x/net/proxy"
-
-import (
-	"errors"
-	"net"
-	"net/url"
-	"os"
-)
-
-// A Dialer is a means to establish a connection.
-type Dialer interface {
-	// Dial connects to the given address via the proxy.
-	Dial(network, addr string) (c net.Conn, err error)
-}
-
-// Auth contains authentication parameters that specific Dialers may require.
-type Auth struct {
-	User, Password string
-}
-
-// FromEnvironment returns the dialer specified by the proxy related variables in
-// the environment.
-func FromEnvironment() Dialer {
-	allProxy := os.Getenv("all_proxy")
-	if len(allProxy) == 0 {
-		return Direct
-	}
-
-	proxyURL, err := url.Parse(allProxy)
-	if err != nil {
-		return Direct
-	}
-	proxy, err := FromURL(proxyURL, Direct)
-	if err != nil {
-		return Direct
-	}
-
-	noProxy := os.Getenv("no_proxy")
-	if len(noProxy) == 0 {
-		return proxy
-	}
-
-	perHost := NewPerHost(proxy, Direct)
-	perHost.AddFromString(noProxy)
-	return perHost
-}
-
-// proxySchemes is a map from URL schemes to a function that creates a Dialer
-// from a URL with such a scheme.
-var proxySchemes map[string]func(*url.URL, Dialer) (Dialer, error)
-
-// RegisterDialerType takes a URL scheme and a function to generate Dialers from
-// a URL with that scheme and a forwarding Dialer. Registered schemes are used
-// by FromURL.
-func RegisterDialerType(scheme string, f func(*url.URL, Dialer) (Dialer, error)) {
-	if proxySchemes == nil {
-		proxySchemes = make(map[string]func(*url.URL, Dialer) (Dialer, error))
-	}
-	proxySchemes[scheme] = f
-}
-
-// FromURL returns a Dialer given a URL specification and an underlying
-// Dialer for it to make network requests.
-func FromURL(u *url.URL, forward Dialer) (Dialer, error) {
-	var auth *Auth
-	if u.User != nil {
-		auth = new(Auth)
-		auth.User = u.User.Username()
-		if p, ok := u.User.Password(); ok {
-			auth.Password = p
-		}
-	}
-
-	switch u.Scheme {
-	case "socks5":
-		return SOCKS5("tcp", u.Host, auth, forward)
-	}
-
-	// If the scheme doesn't match any of the built-in schemes, see if it
-	// was registered by another package.
-	if proxySchemes != nil {
-		if f, ok := proxySchemes[u.Scheme]; ok {
-			return f(u, forward)
-		}
-	}
-
-	return nil, errors.New("proxy: unknown scheme: " + u.Scheme)
-}
diff --git a/vendor/golang.org/x/net/proxy/proxy_test.go b/vendor/golang.org/x/net/proxy/proxy_test.go
deleted file mode 100644
index c19a5c06..00000000
--- a/vendor/golang.org/x/net/proxy/proxy_test.go
+++ /dev/null
@@ -1,142 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proxy
-
-import (
-	"io"
-	"net"
-	"net/url"
-	"strconv"
-	"sync"
-	"testing"
-)
-
-func TestFromURL(t *testing.T) {
-	endSystem, err := net.Listen("tcp", "127.0.0.1:0")
-	if err != nil {
-		t.Fatalf("net.Listen failed: %v", err)
-	}
-	defer endSystem.Close()
-	gateway, err := net.Listen("tcp", "127.0.0.1:0")
-	if err != nil {
-		t.Fatalf("net.Listen failed: %v", err)
-	}
-	defer gateway.Close()
-
-	var wg sync.WaitGroup
-	wg.Add(1)
-	go socks5Gateway(t, gateway, endSystem, socks5Domain, &wg)
-
-	url, err := url.Parse("socks5://user:password@" + gateway.Addr().String())
-	if err != nil {
-		t.Fatalf("url.Parse failed: %v", err)
-	}
-	proxy, err := FromURL(url, Direct)
-	if err != nil {
-		t.Fatalf("FromURL failed: %v", err)
-	}
-	_, port, err := net.SplitHostPort(endSystem.Addr().String())
-	if err != nil {
-		t.Fatalf("net.SplitHostPort failed: %v", err)
-	}
-	if c, err := proxy.Dial("tcp", "localhost:"+port); err != nil {
-		t.Fatalf("FromURL.Dial failed: %v", err)
-	} else {
-		c.Close()
-	}
-
-	wg.Wait()
-}
-
-func TestSOCKS5(t *testing.T) {
-	endSystem, err := net.Listen("tcp", "127.0.0.1:0")
-	if err != nil {
-		t.Fatalf("net.Listen failed: %v", err)
-	}
-	defer endSystem.Close()
-	gateway, err := net.Listen("tcp", "127.0.0.1:0")
-	if err != nil {
-		t.Fatalf("net.Listen failed: %v", err)
-	}
-	defer gateway.Close()
-
-	var wg sync.WaitGroup
-	wg.Add(1)
-	go socks5Gateway(t, gateway, endSystem, socks5IP4, &wg)
-
-	proxy, err := SOCKS5("tcp", gateway.Addr().String(), nil, Direct)
-	if err != nil {
-		t.Fatalf("SOCKS5 failed: %v", err)
-	}
-	if c, err := proxy.Dial("tcp", endSystem.Addr().String()); err != nil {
-		t.Fatalf("SOCKS5.Dial failed: %v", err)
-	} else {
-		c.Close()
-	}
-
-	wg.Wait()
-}
-
-func socks5Gateway(t *testing.T, gateway, endSystem net.Listener, typ byte, wg *sync.WaitGroup) {
-	defer wg.Done()
-
-	c, err := gateway.Accept()
-	if err != nil {
-		t.Errorf("net.Listener.Accept failed: %v", err)
-		return
-	}
-	defer c.Close()
-
-	b := make([]byte, 32)
-	var n int
-	if typ == socks5Domain {
-		n = 4
-	} else {
-		n = 3
-	}
-	if _, err := io.ReadFull(c, b[:n]); err != nil {
-		t.Errorf("io.ReadFull failed: %v", err)
-		return
-	}
-	if _, err := c.Write([]byte{socks5Version, socks5AuthNone}); err != nil {
-		t.Errorf("net.Conn.Write failed: %v", err)
-		return
-	}
-	if typ == socks5Domain {
-		n = 16
-	} else {
-		n = 10
-	}
-	if _, err := io.ReadFull(c, b[:n]); err != nil {
-		t.Errorf("io.ReadFull failed: %v", err)
-		return
-	}
-	if b[0] != socks5Version || b[1] != socks5Connect || b[2] != 0x00 || b[3] != typ {
-		t.Errorf("got an unexpected packet: %#02x %#02x %#02x %#02x", b[0], b[1], b[2], b[3])
-		return
-	}
-	if typ == socks5Domain {
-		copy(b[:5], []byte{socks5Version, 0x00, 0x00, socks5Domain, 9})
-		b = append(b, []byte("localhost")...)
-	} else {
-		copy(b[:4], []byte{socks5Version, 0x00, 0x00, socks5IP4})
-	}
-	host, port, err := net.SplitHostPort(endSystem.Addr().String())
-	if err != nil {
-		t.Errorf("net.SplitHostPort failed: %v", err)
-		return
-	}
-	b = append(b, []byte(net.ParseIP(host).To4())...)
-	p, err := strconv.Atoi(port)
-	if err != nil {
-		t.Errorf("strconv.Atoi failed: %v", err)
-		return
-	}
-	b = append(b, []byte{byte(p >> 8), byte(p)}...)
-	if _, err := c.Write(b); err != nil {
-		t.Errorf("net.Conn.Write failed: %v", err)
-		return
-	}
-}
diff --git a/vendor/golang.org/x/net/proxy/socks5.go b/vendor/golang.org/x/net/proxy/socks5.go
deleted file mode 100644
index 9b962823..00000000
--- a/vendor/golang.org/x/net/proxy/socks5.go
+++ /dev/null
@@ -1,210 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package proxy
-
-import (
-	"errors"
-	"io"
-	"net"
-	"strconv"
-)
-
-// SOCKS5 returns a Dialer that makes SOCKSv5 connections to the given address
-// with an optional username and password. See RFC 1928.
-func SOCKS5(network, addr string, auth *Auth, forward Dialer) (Dialer, error) {
-	s := &socks5{
-		network: network,
-		addr:    addr,
-		forward: forward,
-	}
-	if auth != nil {
-		s.user = auth.User
-		s.password = auth.Password
-	}
-
-	return s, nil
-}
-
-type socks5 struct {
-	user, password string
-	network, addr  string
-	forward        Dialer
-}
-
-const socks5Version = 5
-
-const (
-	socks5AuthNone     = 0
-	socks5AuthPassword = 2
-)
-
-const socks5Connect = 1
-
-const (
-	socks5IP4    = 1
-	socks5Domain = 3
-	socks5IP6    = 4
-)
-
-var socks5Errors = []string{
-	"",
-	"general failure",
-	"connection forbidden",
-	"network unreachable",
-	"host unreachable",
-	"connection refused",
-	"TTL expired",
-	"command not supported",
-	"address type not supported",
-}
-
-// Dial connects to the address addr on the network net via the SOCKS5 proxy.
-func (s *socks5) Dial(network, addr string) (net.Conn, error) {
-	switch network {
-	case "tcp", "tcp6", "tcp4":
-	default:
-		return nil, errors.New("proxy: no support for SOCKS5 proxy connections of type " + network)
-	}
-
-	conn, err := s.forward.Dial(s.network, s.addr)
-	if err != nil {
-		return nil, err
-	}
-	closeConn := &conn
-	defer func() {
-		if closeConn != nil {
-			(*closeConn).Close()
-		}
-	}()
-
-	host, portStr, err := net.SplitHostPort(addr)
-	if err != nil {
-		return nil, err
-	}
-
-	port, err := strconv.Atoi(portStr)
-	if err != nil {
-		return nil, errors.New("proxy: failed to parse port number: " + portStr)
-	}
-	if port < 1 || port > 0xffff {
-		return nil, errors.New("proxy: port number out of range: " + portStr)
-	}
-
-	// the size here is just an estimate
-	buf := make([]byte, 0, 6+len(host))
-
-	buf = append(buf, socks5Version)
-	if len(s.user) > 0 && len(s.user) < 256 && len(s.password) < 256 {
-		buf = append(buf, 2 /* num auth methods */, socks5AuthNone, socks5AuthPassword)
-	} else {
-		buf = append(buf, 1 /* num auth methods */, socks5AuthNone)
-	}
-
-	if _, err := conn.Write(buf); err != nil {
-		return nil, errors.New("proxy: failed to write greeting to SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	if _, err := io.ReadFull(conn, buf[:2]); err != nil {
-		return nil, errors.New("proxy: failed to read greeting from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-	if buf[0] != 5 {
-		return nil, errors.New("proxy: SOCKS5 proxy at " + s.addr + " has unexpected version " + strconv.Itoa(int(buf[0])))
-	}
-	if buf[1] == 0xff {
-		return nil, errors.New("proxy: SOCKS5 proxy at " + s.addr + " requires authentication")
-	}
-
-	if buf[1] == socks5AuthPassword {
-		buf = buf[:0]
-		buf = append(buf, 1 /* password protocol version */)
-		buf = append(buf, uint8(len(s.user)))
-		buf = append(buf, s.user...)
-		buf = append(buf, uint8(len(s.password)))
-		buf = append(buf, s.password...)
-
-		if _, err := conn.Write(buf); err != nil {
-			return nil, errors.New("proxy: failed to write authentication request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
-		}
-
-		if _, err := io.ReadFull(conn, buf[:2]); err != nil {
-			return nil, errors.New("proxy: failed to read authentication reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-		}
-
-		if buf[1] != 0 {
-			return nil, errors.New("proxy: SOCKS5 proxy at " + s.addr + " rejected username/password")
-		}
-	}
-
-	buf = buf[:0]
-	buf = append(buf, socks5Version, socks5Connect, 0 /* reserved */)
-
-	if ip := net.ParseIP(host); ip != nil {
-		if ip4 := ip.To4(); ip4 != nil {
-			buf = append(buf, socks5IP4)
-			ip = ip4
-		} else {
-			buf = append(buf, socks5IP6)
-		}
-		buf = append(buf, ip...)
-	} else {
-		if len(host) > 255 {
-			return nil, errors.New("proxy: destination hostname too long: " + host)
-		}
-		buf = append(buf, socks5Domain)
-		buf = append(buf, byte(len(host)))
-		buf = append(buf, host...)
-	}
-	buf = append(buf, byte(port>>8), byte(port))
-
-	if _, err := conn.Write(buf); err != nil {
-		return nil, errors.New("proxy: failed to write connect request to SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	if _, err := io.ReadFull(conn, buf[:4]); err != nil {
-		return nil, errors.New("proxy: failed to read connect reply from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	failure := "unknown error"
-	if int(buf[1]) < len(socks5Errors) {
-		failure = socks5Errors[buf[1]]
-	}
-
-	if len(failure) > 0 {
-		return nil, errors.New("proxy: SOCKS5 proxy at " + s.addr + " failed to connect: " + failure)
-	}
-
-	bytesToDiscard := 0
-	switch buf[3] {
-	case socks5IP4:
-		bytesToDiscard = net.IPv4len
-	case socks5IP6:
-		bytesToDiscard = net.IPv6len
-	case socks5Domain:
-		_, err := io.ReadFull(conn, buf[:1])
-		if err != nil {
-			return nil, errors.New("proxy: failed to read domain length from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-		}
-		bytesToDiscard = int(buf[0])
-	default:
-		return nil, errors.New("proxy: got unknown address type " + strconv.Itoa(int(buf[3])) + " from SOCKS5 proxy at " + s.addr)
-	}
-
-	if cap(buf) < bytesToDiscard {
-		buf = make([]byte, bytesToDiscard)
-	} else {
-		buf = buf[:bytesToDiscard]
-	}
-	if _, err := io.ReadFull(conn, buf); err != nil {
-		return nil, errors.New("proxy: failed to read address from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	// Also need to discard the port number
-	if _, err := io.ReadFull(conn, buf[:2]); err != nil {
-		return nil, errors.New("proxy: failed to read port from SOCKS5 proxy at " + s.addr + ": " + err.Error())
-	}
-
-	closeConn = nil
-	return conn, nil
-}
diff --git a/vendor/golang.org/x/net/publicsuffix/gen.go b/vendor/golang.org/x/net/publicsuffix/gen.go
deleted file mode 100644
index 5c8d7b5f..00000000
--- a/vendor/golang.org/x/net/publicsuffix/gen.go
+++ /dev/null
@@ -1,663 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-package main
-
-// This program generates table.go and table_test.go.
-// Invoke as:
-//
-//	go run gen.go -version "xxx"       >table.go
-//	go run gen.go -version "xxx" -test >table_test.go
-//
-// Pass -v to print verbose progress information.
-//
-// The version is derived from information found at
-// https://github.com/publicsuffix/list/commits/master/public_suffix_list.dat
-//
-// To fetch a particular git revision, such as 5c70ccd250, pass
-// -url "https://raw.githubusercontent.com/publicsuffix/list/5c70ccd250/public_suffix_list.dat"
-
-import (
-	"bufio"
-	"bytes"
-	"flag"
-	"fmt"
-	"go/format"
-	"io"
-	"net/http"
-	"os"
-	"regexp"
-	"sort"
-	"strings"
-
-	"golang.org/x/net/idna"
-)
-
-const (
-	// These sum of these four values must be no greater than 32.
-	nodesBitsChildren   = 9
-	nodesBitsICANN      = 1
-	nodesBitsTextOffset = 15
-	nodesBitsTextLength = 6
-
-	// These sum of these four values must be no greater than 32.
-	childrenBitsWildcard = 1
-	childrenBitsNodeType = 2
-	childrenBitsHi       = 14
-	childrenBitsLo       = 14
-)
-
-var (
-	maxChildren   int
-	maxTextOffset int
-	maxTextLength int
-	maxHi         uint32
-	maxLo         uint32
-)
-
-func max(a, b int) int {
-	if a < b {
-		return b
-	}
-	return a
-}
-
-func u32max(a, b uint32) uint32 {
-	if a < b {
-		return b
-	}
-	return a
-}
-
-const (
-	nodeTypeNormal     = 0
-	nodeTypeException  = 1
-	nodeTypeParentOnly = 2
-	numNodeType        = 3
-)
-
-func nodeTypeStr(n int) string {
-	switch n {
-	case nodeTypeNormal:
-		return "+"
-	case nodeTypeException:
-		return "!"
-	case nodeTypeParentOnly:
-		return "o"
-	}
-	panic("unreachable")
-}
-
-var (
-	labelEncoding = map[string]uint32{}
-	labelsList    = []string{}
-	labelsMap     = map[string]bool{}
-	rules         = []string{}
-
-	// validSuffix is used to check that the entries in the public suffix list
-	// are in canonical form (after Punycode encoding). Specifically, capital
-	// letters are not allowed.
-	validSuffix = regexp.MustCompile(`^[a-z0-9_\!\*\-\.]+$`)
-
-	subset = flag.Bool("subset", false, "generate only a subset of the full table, for debugging")
-	url    = flag.String("url",
-		"https://publicsuffix.org/list/effective_tld_names.dat",
-		"URL of the publicsuffix.org list. If empty, stdin is read instead")
-	v       = flag.Bool("v", false, "verbose output (to stderr)")
-	version = flag.String("version", "", "the effective_tld_names.dat version")
-	test    = flag.Bool("test", false, "generate table_test.go")
-)
-
-func main() {
-	if err := main1(); err != nil {
-		fmt.Fprintln(os.Stderr, err)
-		os.Exit(1)
-	}
-}
-
-func main1() error {
-	flag.Parse()
-	if nodesBitsTextLength+nodesBitsTextOffset+nodesBitsICANN+nodesBitsChildren > 32 {
-		return fmt.Errorf("not enough bits to encode the nodes table")
-	}
-	if childrenBitsLo+childrenBitsHi+childrenBitsNodeType+childrenBitsWildcard > 32 {
-		return fmt.Errorf("not enough bits to encode the children table")
-	}
-	if *version == "" {
-		return fmt.Errorf("-version was not specified")
-	}
-	var r io.Reader = os.Stdin
-	if *url != "" {
-		res, err := http.Get(*url)
-		if err != nil {
-			return err
-		}
-		if res.StatusCode != http.StatusOK {
-			return fmt.Errorf("bad GET status for %s: %d", *url, res.Status)
-		}
-		r = res.Body
-		defer res.Body.Close()
-	}
-
-	var root node
-	icann := false
-	buf := new(bytes.Buffer)
-	br := bufio.NewReader(r)
-	for {
-		s, err := br.ReadString('\n')
-		if err != nil {
-			if err == io.EOF {
-				break
-			}
-			return err
-		}
-		s = strings.TrimSpace(s)
-		if strings.Contains(s, "BEGIN ICANN DOMAINS") {
-			icann = true
-			continue
-		}
-		if strings.Contains(s, "END ICANN DOMAINS") {
-			icann = false
-			continue
-		}
-		if s == "" || strings.HasPrefix(s, "//") {
-			continue
-		}
-		s, err = idna.ToASCII(s)
-		if err != nil {
-			return err
-		}
-		if !validSuffix.MatchString(s) {
-			return fmt.Errorf("bad publicsuffix.org list data: %q", s)
-		}
-
-		if *subset {
-			switch {
-			case s == "ac.jp" || strings.HasSuffix(s, ".ac.jp"):
-			case s == "ak.us" || strings.HasSuffix(s, ".ak.us"):
-			case s == "ao" || strings.HasSuffix(s, ".ao"):
-			case s == "ar" || strings.HasSuffix(s, ".ar"):
-			case s == "arpa" || strings.HasSuffix(s, ".arpa"):
-			case s == "cy" || strings.HasSuffix(s, ".cy"):
-			case s == "dyndns.org" || strings.HasSuffix(s, ".dyndns.org"):
-			case s == "jp":
-			case s == "kobe.jp" || strings.HasSuffix(s, ".kobe.jp"):
-			case s == "kyoto.jp" || strings.HasSuffix(s, ".kyoto.jp"):
-			case s == "om" || strings.HasSuffix(s, ".om"):
-			case s == "uk" || strings.HasSuffix(s, ".uk"):
-			case s == "uk.com" || strings.HasSuffix(s, ".uk.com"):
-			case s == "tw" || strings.HasSuffix(s, ".tw"):
-			case s == "zw" || strings.HasSuffix(s, ".zw"):
-			case s == "xn--p1ai" || strings.HasSuffix(s, ".xn--p1ai"):
-				// xn--p1ai is Russian-Cyrillic "рф".
-			default:
-				continue
-			}
-		}
-
-		rules = append(rules, s)
-
-		nt, wildcard := nodeTypeNormal, false
-		switch {
-		case strings.HasPrefix(s, "*."):
-			s, nt = s[2:], nodeTypeParentOnly
-			wildcard = true
-		case strings.HasPrefix(s, "!"):
-			s, nt = s[1:], nodeTypeException
-		}
-		labels := strings.Split(s, ".")
-		for n, i := &root, len(labels)-1; i >= 0; i-- {
-			label := labels[i]
-			n = n.child(label)
-			if i == 0 {
-				if nt != nodeTypeParentOnly && n.nodeType == nodeTypeParentOnly {
-					n.nodeType = nt
-				}
-				n.icann = n.icann && icann
-				n.wildcard = n.wildcard || wildcard
-			}
-			labelsMap[label] = true
-		}
-	}
-	labelsList = make([]string, 0, len(labelsMap))
-	for label := range labelsMap {
-		labelsList = append(labelsList, label)
-	}
-	sort.Strings(labelsList)
-
-	p := printReal
-	if *test {
-		p = printTest
-	}
-	if err := p(buf, &root); err != nil {
-		return err
-	}
-
-	b, err := format.Source(buf.Bytes())
-	if err != nil {
-		return err
-	}
-	_, err = os.Stdout.Write(b)
-	return err
-}
-
-func printTest(w io.Writer, n *node) error {
-	fmt.Fprintf(w, "// generated by go run gen.go; DO NOT EDIT\n\n")
-	fmt.Fprintf(w, "package publicsuffix\n\nvar rules = [...]string{\n")
-	for _, rule := range rules {
-		fmt.Fprintf(w, "%q,\n", rule)
-	}
-	fmt.Fprintf(w, "}\n\nvar nodeLabels = [...]string{\n")
-	if err := n.walk(w, printNodeLabel); err != nil {
-		return err
-	}
-	fmt.Fprintf(w, "}\n")
-	return nil
-}
-
-func printReal(w io.Writer, n *node) error {
-	const header = `// generated by go run gen.go; DO NOT EDIT
-
-package publicsuffix
-
-const version = %q
-
-const (
-	nodesBitsChildren   = %d
-	nodesBitsICANN      = %d
-	nodesBitsTextOffset = %d
-	nodesBitsTextLength = %d
-
-	childrenBitsWildcard = %d
-	childrenBitsNodeType = %d
-	childrenBitsHi       = %d
-	childrenBitsLo       = %d
-)
-
-const (
-	nodeTypeNormal     = %d
-	nodeTypeException  = %d
-	nodeTypeParentOnly = %d
-)
-
-// numTLD is the number of top level domains.
-const numTLD = %d
-
-`
-	fmt.Fprintf(w, header, *version,
-		nodesBitsChildren, nodesBitsICANN, nodesBitsTextOffset, nodesBitsTextLength,
-		childrenBitsWildcard, childrenBitsNodeType, childrenBitsHi, childrenBitsLo,
-		nodeTypeNormal, nodeTypeException, nodeTypeParentOnly, len(n.children))
-
-	text := combineText(labelsList)
-	if text == "" {
-		return fmt.Errorf("internal error: makeText returned no text")
-	}
-	for _, label := range labelsList {
-		offset, length := strings.Index(text, label), len(label)
-		if offset < 0 {
-			return fmt.Errorf("internal error: could not find %q in text %q", label, text)
-		}
-		maxTextOffset, maxTextLength = max(maxTextOffset, offset), max(maxTextLength, length)
-		if offset >= 1<= 1< 64 {
-			n, plus = 64, " +"
-		}
-		fmt.Fprintf(w, "%q%s\n", text[:n], plus)
-		text = text[n:]
-	}
-
-	if err := n.walk(w, assignIndexes); err != nil {
-		return err
-	}
-
-	fmt.Fprintf(w, `
-
-// nodes is the list of nodes. Each node is represented as a uint32, which
-// encodes the node's children, wildcard bit and node type (as an index into
-// the children array), ICANN bit and text.
-//
-// In the //-comment after each node's data, the nodes indexes of the children
-// are formatted as (n0x1234-n0x1256), with * denoting the wildcard bit. The
-// nodeType is printed as + for normal, ! for exception, and o for parent-only
-// nodes that have children but don't match a domain label in their own right.
-// An I denotes an ICANN domain.
-//
-// The layout within the uint32, from MSB to LSB, is:
-//	[%2d bits] unused
-//	[%2d bits] children index
-//	[%2d bits] ICANN bit
-//	[%2d bits] text index
-//	[%2d bits] text length
-var nodes = [...]uint32{
-`,
-		32-nodesBitsChildren-nodesBitsICANN-nodesBitsTextOffset-nodesBitsTextLength,
-		nodesBitsChildren, nodesBitsICANN, nodesBitsTextOffset, nodesBitsTextLength)
-	if err := n.walk(w, printNode); err != nil {
-		return err
-	}
-	fmt.Fprintf(w, `}
-
-// children is the list of nodes' children, the parent's wildcard bit and the
-// parent's node type. If a node has no children then their children index
-// will be in the range [0, 6), depending on the wildcard bit and node type.
-//
-// The layout within the uint32, from MSB to LSB, is:
-//	[%2d bits] unused
-//	[%2d bits] wildcard bit
-//	[%2d bits] node type
-//	[%2d bits] high nodes index (exclusive) of children
-//	[%2d bits] low nodes index (inclusive) of children
-var children=[...]uint32{
-`,
-		32-childrenBitsWildcard-childrenBitsNodeType-childrenBitsHi-childrenBitsLo,
-		childrenBitsWildcard, childrenBitsNodeType, childrenBitsHi, childrenBitsLo)
-	for i, c := range childrenEncoding {
-		s := "---------------"
-		lo := c & (1<> childrenBitsLo) & (1<>(childrenBitsLo+childrenBitsHi)) & (1<>(childrenBitsLo+childrenBitsHi+childrenBitsNodeType) != 0
-		fmt.Fprintf(w, "0x%08x, // c0x%04x (%s)%s %s\n",
-			c, i, s, wildcardStr(wildcard), nodeTypeStr(nodeType))
-	}
-	fmt.Fprintf(w, "}\n\n")
-	fmt.Fprintf(w, "// max children %d (capacity %d)\n", maxChildren, 1<= 1<= 1<= 1< 0 && ss[0] == "" {
-		ss = ss[1:]
-	}
-	return ss
-}
-
-// crush combines a list of strings, taking advantage of overlaps. It returns a
-// single string that contains each input string as a substring.
-func crush(ss []string) string {
-	maxLabelLen := 0
-	for _, s := range ss {
-		if maxLabelLen < len(s) {
-			maxLabelLen = len(s)
-		}
-	}
-
-	for prefixLen := maxLabelLen; prefixLen > 0; prefixLen-- {
-		prefixes := makePrefixMap(ss, prefixLen)
-		for i, s := range ss {
-			if len(s) <= prefixLen {
-				continue
-			}
-			mergeLabel(ss, i, prefixLen, prefixes)
-		}
-	}
-
-	return strings.Join(ss, "")
-}
-
-// mergeLabel merges the label at ss[i] with the first available matching label
-// in prefixMap, where the last "prefixLen" characters in ss[i] match the first
-// "prefixLen" characters in the matching label.
-// It will merge ss[i] repeatedly until no more matches are available.
-// All matching labels merged into ss[i] are replaced by "".
-func mergeLabel(ss []string, i, prefixLen int, prefixes prefixMap) {
-	s := ss[i]
-	suffix := s[len(s)-prefixLen:]
-	for _, j := range prefixes[suffix] {
-		// Empty strings mean "already used." Also avoid merging with self.
-		if ss[j] == "" || i == j {
-			continue
-		}
-		if *v {
-			fmt.Fprintf(os.Stderr, "%d-length overlap at (%4d,%4d): %q and %q share %q\n",
-				prefixLen, i, j, ss[i], ss[j], suffix)
-		}
-		ss[i] += ss[j][prefixLen:]
-		ss[j] = ""
-		// ss[i] has a new suffix, so merge again if possible.
-		// Note: we only have to merge again at the same prefix length. Shorter
-		// prefix lengths will be handled in the next iteration of crush's for loop.
-		// Can there be matches for longer prefix lengths, introduced by the merge?
-		// I believe that any such matches would by necessity have been eliminated
-		// during substring removal or merged at a higher prefix length. For
-		// instance, in crush("abc", "cde", "bcdef"), combining "abc" and "cde"
-		// would yield "abcde", which could be merged with "bcdef." However, in
-		// practice "cde" would already have been elimintated by removeSubstrings.
-		mergeLabel(ss, i, prefixLen, prefixes)
-		return
-	}
-}
-
-// prefixMap maps from a prefix to a list of strings containing that prefix. The
-// list of strings is represented as indexes into a slice of strings stored
-// elsewhere.
-type prefixMap map[string][]int
-
-// makePrefixMap constructs a prefixMap from a slice of strings.
-func makePrefixMap(ss []string, prefixLen int) prefixMap {
-	prefixes := make(prefixMap)
-	for i, s := range ss {
-		// We use < rather than <= because if a label matches on a prefix equal to
-		// its full length, that's actually a substring match handled by
-		// removeSubstrings.
-		if prefixLen < len(s) {
-			prefix := s[:prefixLen]
-			prefixes[prefix] = append(prefixes[prefix], i)
-		}
-	}
-
-	return prefixes
-}
diff --git a/vendor/golang.org/x/net/publicsuffix/list.go b/vendor/golang.org/x/net/publicsuffix/list.go
deleted file mode 100644
index 9419ca99..00000000
--- a/vendor/golang.org/x/net/publicsuffix/list.go
+++ /dev/null
@@ -1,133 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package publicsuffix provides a public suffix list based on data from
-// http://publicsuffix.org/. A public suffix is one under which Internet users
-// can directly register names.
-package publicsuffix // import "golang.org/x/net/publicsuffix"
-
-// TODO: specify case sensitivity and leading/trailing dot behavior for
-// func PublicSuffix and func EffectiveTLDPlusOne.
-
-import (
-	"fmt"
-	"net/http/cookiejar"
-	"strings"
-)
-
-// List implements the cookiejar.PublicSuffixList interface by calling the
-// PublicSuffix function.
-var List cookiejar.PublicSuffixList = list{}
-
-type list struct{}
-
-func (list) PublicSuffix(domain string) string {
-	ps, _ := PublicSuffix(domain)
-	return ps
-}
-
-func (list) String() string {
-	return version
-}
-
-// PublicSuffix returns the public suffix of the domain using a copy of the
-// publicsuffix.org database compiled into the library.
-//
-// icann is whether the public suffix is managed by the Internet Corporation
-// for Assigned Names and Numbers. If not, the public suffix is privately
-// managed. For example, foo.org and foo.co.uk are ICANN domains,
-// foo.dyndns.org and foo.blogspot.co.uk are private domains.
-//
-// Use cases for distinguishing ICANN domains like foo.com from private
-// domains like foo.appspot.com can be found at
-// https://wiki.mozilla.org/Public_Suffix_List/Use_Cases
-func PublicSuffix(domain string) (publicSuffix string, icann bool) {
-	lo, hi := uint32(0), uint32(numTLD)
-	s, suffix, wildcard := domain, len(domain), false
-loop:
-	for {
-		dot := strings.LastIndex(s, ".")
-		if wildcard {
-			suffix = 1 + dot
-		}
-		if lo == hi {
-			break
-		}
-		f := find(s[1+dot:], lo, hi)
-		if f == notFound {
-			break
-		}
-
-		u := nodes[f] >> (nodesBitsTextOffset + nodesBitsTextLength)
-		icann = u&(1<>= nodesBitsICANN
-		u = children[u&(1<>= childrenBitsLo
-		hi = u & (1<>= childrenBitsHi
-		switch u & (1<>= childrenBitsNodeType
-		wildcard = u&(1<>= nodesBitsTextLength
-	offset := x & (1< len(b[j])
-}
-
-// eTLDPlusOneTestCases come from
-// https://github.com/publicsuffix/list/blob/master/tests/test_psl.txt
-var eTLDPlusOneTestCases = []struct {
-	domain, want string
-}{
-	// Empty input.
-	{"", ""},
-	// Unlisted TLD.
-	{"example", ""},
-	{"example.example", "example.example"},
-	{"b.example.example", "example.example"},
-	{"a.b.example.example", "example.example"},
-	// TLD with only 1 rule.
-	{"biz", ""},
-	{"domain.biz", "domain.biz"},
-	{"b.domain.biz", "domain.biz"},
-	{"a.b.domain.biz", "domain.biz"},
-	// TLD with some 2-level rules.
-	{"com", ""},
-	{"example.com", "example.com"},
-	{"b.example.com", "example.com"},
-	{"a.b.example.com", "example.com"},
-	{"uk.com", ""},
-	{"example.uk.com", "example.uk.com"},
-	{"b.example.uk.com", "example.uk.com"},
-	{"a.b.example.uk.com", "example.uk.com"},
-	{"test.ac", "test.ac"},
-	// TLD with only 1 (wildcard) rule.
-	{"mm", ""},
-	{"c.mm", ""},
-	{"b.c.mm", "b.c.mm"},
-	{"a.b.c.mm", "b.c.mm"},
-	// More complex TLD.
-	{"jp", ""},
-	{"test.jp", "test.jp"},
-	{"www.test.jp", "test.jp"},
-	{"ac.jp", ""},
-	{"test.ac.jp", "test.ac.jp"},
-	{"www.test.ac.jp", "test.ac.jp"},
-	{"kyoto.jp", ""},
-	{"test.kyoto.jp", "test.kyoto.jp"},
-	{"ide.kyoto.jp", ""},
-	{"b.ide.kyoto.jp", "b.ide.kyoto.jp"},
-	{"a.b.ide.kyoto.jp", "b.ide.kyoto.jp"},
-	{"c.kobe.jp", ""},
-	{"b.c.kobe.jp", "b.c.kobe.jp"},
-	{"a.b.c.kobe.jp", "b.c.kobe.jp"},
-	{"city.kobe.jp", "city.kobe.jp"},
-	{"www.city.kobe.jp", "city.kobe.jp"},
-	// TLD with a wildcard rule and exceptions.
-	{"ck", ""},
-	{"test.ck", ""},
-	{"b.test.ck", "b.test.ck"},
-	{"a.b.test.ck", "b.test.ck"},
-	{"www.ck", "www.ck"},
-	{"www.www.ck", "www.ck"},
-	// US K12.
-	{"us", ""},
-	{"test.us", "test.us"},
-	{"www.test.us", "test.us"},
-	{"ak.us", ""},
-	{"test.ak.us", "test.ak.us"},
-	{"www.test.ak.us", "test.ak.us"},
-	{"k12.ak.us", ""},
-	{"test.k12.ak.us", "test.k12.ak.us"},
-	{"www.test.k12.ak.us", "test.k12.ak.us"},
-	// Punycoded IDN labels
-	{"xn--85x722f.com.cn", "xn--85x722f.com.cn"},
-	{"xn--85x722f.xn--55qx5d.cn", "xn--85x722f.xn--55qx5d.cn"},
-	{"www.xn--85x722f.xn--55qx5d.cn", "xn--85x722f.xn--55qx5d.cn"},
-	{"shishi.xn--55qx5d.cn", "shishi.xn--55qx5d.cn"},
-	{"xn--55qx5d.cn", ""},
-	{"xn--85x722f.xn--fiqs8s", "xn--85x722f.xn--fiqs8s"},
-	{"www.xn--85x722f.xn--fiqs8s", "xn--85x722f.xn--fiqs8s"},
-	{"shishi.xn--fiqs8s", "shishi.xn--fiqs8s"},
-	{"xn--fiqs8s", ""},
-}
-
-func TestEffectiveTLDPlusOne(t *testing.T) {
-	for _, tc := range eTLDPlusOneTestCases {
-		got, _ := EffectiveTLDPlusOne(tc.domain)
-		if got != tc.want {
-			t.Errorf("%q: got %q, want %q", tc.domain, got, tc.want)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/publicsuffix/table.go b/vendor/golang.org/x/net/publicsuffix/table.go
deleted file mode 100644
index ebcb1395..00000000
--- a/vendor/golang.org/x/net/publicsuffix/table.go
+++ /dev/null
@@ -1,8786 +0,0 @@
-// generated by go run gen.go; DO NOT EDIT
-
-package publicsuffix
-
-const version = "publicsuffix.org's public_suffix_list.dat, git revision bade64c (2016-03-01)"
-
-const (
-	nodesBitsChildren   = 9
-	nodesBitsICANN      = 1
-	nodesBitsTextOffset = 15
-	nodesBitsTextLength = 6
-
-	childrenBitsWildcard = 1
-	childrenBitsNodeType = 2
-	childrenBitsHi       = 14
-	childrenBitsLo       = 14
-)
-
-const (
-	nodeTypeNormal     = 0
-	nodeTypeException  = 1
-	nodeTypeParentOnly = 2
-)
-
-// numTLD is the number of top level domains.
-const numTLD = 1545
-
-// Text is the combined text of all labels.
-const text = "bievatmallorcadaquesanfranciscotlandupontarioceanographiquebifuk" +
-	"agawalmartateshinanomachintaijinuyamanouchikuhokuryugasakitashio" +
-	"barabihorologyusuharabikedagestangebilbaogakievenesangoddabillus" +
-	"trationikkoebenhavnikolaeverbankashiwarabiomutashinainvestmentsa" +
-	"njotateyamabirdartcenterprisesakikonaircraftraeumtgeradealstahau" +
-	"gesundurbanamexeterbirkenesoddtangenovaravennaharimalvikashiwaza" +
-	"kiyokawarabirthplacebjarkoyusuisservicesannanikonantanangerbjerk" +
-	"reimmobilieninohelplfinancialipetskasukabedzin-the-bandaioiraseb" +
-	"astopologyeongnamegawakembuchikumagayagawakkanaibetsubamericanfa" +
-	"milydscloudappspotenzachpomorskienebakkeshibechambagriculturenne" +
-	"budapest-a-la-masioninomiyakonojoshkar-olayangroupaleostrowiecar" +
-	"toonartdecoffeedbackasumigaurawa-mazowszextraspace-to-rentalstom" +
-	"akomaibarabjugnirasakis-a-candidateblockbusternidurhamburgliwice" +
-	"bloombergbauernrtatsunostrowwlkpmglobalashovhachinoheguris-a-cat" +
-	"ererbluedatingloboehringerikebmoattachmentsannohelsinkitahiroshi" +
-	"marshallstatebankasuyakutiabmsanokaszubyuudmurtiabmwegroweibolza" +
-	"nore-og-uvdalivornobnpparibaselburglogoweirbomloansantabarbarabo" +
-	"ndvrdnsantacruzsantafedexhibitionishiazais-a-celticsfanishigotpa" +
-	"ntheonishiharabonnishiizunazukis-a-chefarsundwgloppenzaogashimad" +
-	"achicagobododgemologicallyngenglandyndns-homednsanukis-a-conserv" +
-	"ativefsncfailomzansimagicasadelamonedavvesiidazaifudaigodoesntex" +
-	"istanbullensakerbookingmbhartiffanynysafetysfjordyndns-ip6bootsa" +
-	"otomeldalorenskogminakamichigangwonishikatakazakis-a-cpadoval-da" +
-	"ostavalleyuzawaboschaefflerdalotenkawabostikatowicebostonakijins" +
-	"ekikogentingmodenakasatsunairtrafficaseihichisobetsuitairabotani" +
-	"calgardenishikatsuragithubusercontentattoolsztynsettlersapodhale" +
-	"vangerbotanicgardenishikawazukanazawabotanyuzhno-sakhalinskatsus" +
-	"hikabeeldengeluidyndns-mailotteboutiquebecngmxboxenapponazure-mo" +
-	"bilebozentsujiiebradescorporationishimerabrandywinevalleybrasilj" +
-	"an-mayenishinomiyashironobresciabrindisibenikebristolgalsacebrit" +
-	"ishcolumbialowiezagannakadomari-elasticbeanstalkatsuyamasfjorden" +
-	"ishinoomotegotsukisosakitagatakamatsukawabroadcastlebtimnetzgora" +
-	"broadwaybroke-itaxihuanishinoshimatta-varjjatgorybrokerrypropert" +
-	"iesapporobronnoysundyndns-office-on-the-webcambridgestonewspaper" +
-	"brothermesaverdefensejnybrumunddalottokigawabrunelblagdenesnaase" +
-	"ralingenkainanaejrietisalatinabenogatachikawakayamagadancebetsuk" +
-	"ubabia-goracleaningatlantagajobojis-a-cubicle-slavellinowtvallea" +
-	"ostavernishiokoppegardyndns-picsaratovalled-aostavropolicebrusse" +
-	"lsardegnamsskoganeis-a-democratjeldsundyndns-remotegildeskalmyki" +
-	"abruxellesardiniabryanskjakdnepropetrovskiervaapsteiermarkaufeni" +
-	"shitosashimizunaminamiashigarabryneustarhubalestrandabergamoarek" +
-	"ehimejibestadishakotankarmoyokozembroideryomitanobninskarpaczela" +
-	"dz-1buskerudinewhampshirechtrainingretakamoriokamchatkameokameya" +
-	"mashinatsukigatakanabeatsarlouvrepairbusantiquest-a-la-maisondre" +
-	"-landebusinessebykleclercasertaishinomakikuchikuseikarugapartmen" +
-	"tsarpsborgrimstadyndns-serverbaniabuzenishiwakis-a-designerbuzzg" +
-	"orzeleccollegersundyndns-weberlincolnissandnessjoenissayokoshiba" +
-	"hikariwanumataketomisatokuyamatteledatabaseballooningripebwfashi" +
-	"onissedalovegaskimitsubatamicabbottjmaxxxfinitybzhitomirkutskjer" +
-	"voyagecloudfunctionsaudacntkmaxxn--11b4c3dcolognewmexicoldwarmia" +
-	"miastaplesauheradcolonialwilliamsburguideventsavannahgacoloradop" +
-	"lateaudiocolumbusheycommunitysnesaves-the-whalessandria-trani-ba" +
-	"rletta-andriatranibarlettaandriacomobaracomparemarkerryhotelsavo" +
-	"naplesaxocompute-1computerhistoryofscience-fictioncomsecuritysva" +
-	"rdoharuhrcondoshichinohedmarkhangelskypescaravantaaconferencecon" +
-	"structionconsuladollsbschokoladenconsultanthropologyconsultingvo" +
-	"llutskddielddanuorrikuzentakatajirissagaeroclubmedecincinnationw" +
-	"idealerimo-i-ranadexchangeiseiyoichiropracticbcn-north-1contactm" +
-	"palmspringsakercontemporaryarteducationalchikugojomedicaltanisse" +
-	"ttaiwanairguardcontractorskenconventureshinodesashibetsuikimobet" +
-	"suliguriacookingchannelveruminamibosogndaluxembourguitarscholars" +
-	"hipschooluxurycoolkuszgradcoopocznorthwesternmutualuzerncopenhag" +
-	"encyclopedicdn77-sslattumetlifeinsurancecorsicagliaridagawarszaw" +
-	"ashingtondclkfhskhabarovskhakassiacorvettemasekharkivguccipriani" +
-	"igataitogitsuldalvivano-frankivskharkovalledaostakkofuelcosenzam" +
-	"amibuilderschulexuslivinghistorycostumedio-campidano-mediocampid" +
-	"anomediocouncilcouponschwarzgwangjuifminamidaitomangotembaixadac" +
-	"ourseschweizippodlasiellakasamatsudovre-eikercq-acranbrookuwanal" +
-	"yticsciencecentersciencehistorycreditcardcreditunioncremonashoro" +
-	"kanaiecrewiiheyaizuwakamatsubushikusakadogawacricketrzyncrimeacr" +
-	"otonewportlligatewaycrowncrscientistor-elvdalcruisescjohnsoncuis" +
-	"inellajollamericanexpressexyzjcbnlculturalcentertainmentoyokawac" +
-	"uneocupcakecxn--1ck2e1balsanagochihayaakasakawaharaumakeupowiath" +
-	"letajimabariakepnordkappgjesdalillyonabaruconnectarnobrzegjovika" +
-	"ruizawaugustowadaegubs3-ap-southeast-2cymruovatoyonakagyokutoshi" +
-	"macyouthdfcbankhersonfilateliafilminamiechizenfinalfinancefinear" +
-	"tsettsurfastlyfinlandfinnoyfirebaseappamperedchefauskedsmokorset" +
-	"agayaseljordfirenzefirestonextdirectoryfirmdalegoldpointelligenc" +
-	"efishingolfbsbxn--1ctwolominamatamayukis-a-geekhmelnitskiyamashi" +
-	"kefitjarqhachiojiyahikobeautydalfitnessettlementoyookarasjohkami" +
-	"noyamatsuris-a-greenfjalerflickragerotikaluganskhmelnytskyivalle" +
-	"e-aosteroyflightsevastopolezajskhvalleeaosteigenflirumansionseve" +
-	"nassisicilyfloguchikuzenfloraflorencefloridafloristanohatakaharu" +
-	"ssiafloromskoguovdageaidnulminamifuranoflowersewildlifestyleflsm" +
-	"idthruhereggio-emilia-romagnakanotoddenflynnhubalsfjordiskstatio" +
-	"naustdalimanowarudaukraanghke164fndfolldalfoodnetworkangerfor-be" +
-	"tter-thandafor-ourfor-somedizinhistorischesfranziskanerimamatera" +
-	"mochizukirafor-theaterforexrothachirogatakanezawaforgotdnshangri" +
-	"langevagrarboretumbriaforli-cesena-forlicesenaforlikes-piedmontb" +
-	"lancomeeresharis-a-gurulsandoyforsaleikangerforsandasuolodingenf" +
-	"ortmissoulan-udell-ogliastrakhanawawilliamhillfortworthadanotoga" +
-	"waforuminamiiselectoyosatotalfosnesharpanamafotoyotaris-a-hard-w" +
-	"orkerfoxn--1lqs03nfreiburgushikamifuranotaireshawaiijimarylandfr" +
-	"eightcmwinbaltimore-og-romsdalimitedunetflixilimoliserniaurskog-" +
-	"holandroverhalla-speziaetnagahamaroygardendoftheinternetcimdbala" +
-	"tinordre-landds3-ap-northeast-2freseniusdecorativeartshellaspezi" +
-	"afribourgxn--1lqs71dfriuli-v-giuliafriuli-ve-giuliafriuli-vegiul" +
-	"iafriuli-venezia-giuliafriuli-veneziagiuliafriuli-vgiuliafriuliv" +
-	"-giuliafriulive-giuliafriulivegiuliafriulivenezia-giuliafriulive" +
-	"neziagiuliafriulivgiuliafrlfroganshimokawafrognfrolandfrom-akreh" +
-	"amnfrom-alfrom-arfrom-azlgzpanasonicheltenham-radio-operaunitele" +
-	"markautokeinofrom-canonoichikawamisatodayfrom-collectionfrom-cto" +
-	"yotomiyazakis-a-hunterfrom-dchelyabinskodjeffersonisshinguernsey" +
-	"from-dellogliastraderfrom-flandershimokitayamafrom-gaulardalfrom" +
-	"-higashiagatsumagoirmitakeharafrom-iafrom-idfrom-ilfrom-incheonf" +
-	"rom-kshimonitayanagivestbytomaritimekeepingfrom-kyknetoyotsukaid" +
-	"ownloadfrom-lanbibaidarfrom-manxn--1qqw23afrom-mdfrom-meetoyoura" +
-	"from-microsoftbanklabudhabikinokawabarthadselfipirangafrom-mnfro" +
-	"m-modalenfrom-mshimonosekikawafrom-mtnfrom-nchernigovernmentjome" +
-	"morialucaniafrom-ndfrom-nexusgardenfrom-nhktoystre-slidrettozawa" +
-	"from-njcparaglidingfrom-nminamiizukamitondabayashiogamagoriziafr" +
-	"om-nvanylvenicefrom-nyfrom-ohkurafrom-oketogurafrom-orfrom-pader" +
-	"bornfrom-pratohmaoris-a-knightozsdefrom-ris-a-landscaperugiafrom" +
-	"-schoenbrunnfrom-sdnipropetrovskmpspbambleborkarumaifarmsteadivt" +
-	"asvuodnakaiwamizawaustevollavangenativeamericanantiques3-eu-cent" +
-	"ral-1from-tnfrom-txn--2m4a15efrom-utazuerichardlikescandyndns-at" +
-	"-homedepotaruis-a-lawyerfrom-vadsochildrensgardenfrom-vtranbyfro" +
-	"m-wafrom-wielunnerfrom-wvaolbia-tempio-olbiatempioolbialystokkem" +
-	"erovodkagoshimaintenancefrom-wyfrosinonefrostalowa-wolawafroyaha" +
-	"badajozorahkkeravjudygarlandfstcgrouparisor-fronfujiiderafujikaw" +
-	"aguchikonefujiminohtawaramotoineppugliafujinomiyadafujiokayamarb" +
-	"urgfujisatoshonairportland-4-salernogiessengerdalaskanittedallas" +
-	"alleaseeklogesquarezzoologyfujisawafujishiroishidakabiratoridelm" +
-	"enhorstalbanshimosuwalkis-a-liberalfujitsurugashimarinefujixerox" +
-	"n--30rr7yfujiyoshidafukayabeardubaiduckdnsdojoburgfukuchiyamadaf" +
-	"ukudominichernihivanovosibirskydivingrondarfukuis-a-libertarianf" +
-	"ukumitsubishigakirkeneshimotsukefukuokazakirovogradoyfukuroishik" +
-	"arikaturindalfukusakiryuohaebaruminamimakis-a-linux-useranishiar" +
-	"itabashikaoizumizakitaurayasudafukuyamagatakahashimamakisarazure" +
-	"websiteshikagamiishibukawafunabashiriuchinadafunagatakahatakaish" +
-	"imoichinosekigaharafunahashikamiamakusatsumasendaisennangonoheji" +
-	"s-a-llamarylhursteinkjerusalembetsukuis-a-musicianfundaciofuoisk" +
-	"ujukuriyamarcheaparliamentrani-andria-barletta-trani-andriafuoss" +
-	"koczowindmillfurnitureggiocalabriafurubiraquarelleasingleshimots" +
-	"umafurudonostiafurukawairtelecityeatshinichinanfusodegaurafussai" +
-	"kishiwadafutabayamaguchinomigawafutboldlygoingnowhere-for-morego" +
-	"ntrailroadfuttsurugiminamiminowafvgfyis-a-nascarfanfylkesbiblack" +
-	"fridayfyresdalhannovareserveftparocherkasyzrankoshigayaltaikis-a" +
-	"-painteractivegarsheis-a-patsfanhanyuzenhapmirhappoulvikokonoeha" +
-	"reidsbergenharstadharvestcelebrationhasamarahasaminami-alpssells" +
-	"-for-unzenhashbanghasudahasvikolobrzegyptianpachigasakidsmynaspe" +
-	"rschlesischesurancehatogayahoooshikamaishimofusartshinkamigotoyo" +
-	"hashimotomobellunordreisa-geekomaganehatoyamazakitahatakaokamiki" +
-	"tayamatotakadahatsukaichiharahattfjelldalhayashimamotobuildingha" +
-	"zuminobusells-itraniandriabarlettatraniandriahbofagehembygdsforb" +
-	"undhemneshinshinotsurgeonshalloffamelhustkamisunagawahemsedalher" +
-	"okussldheroyhgtvarggatranoyhigashichichibungotakadatsunanjoetsuw" +
-	"anouchikujogaszkoladbrokesennumamurogawalterhigashihiroshimanehi" +
-	"gashiizumozakitakamiizumisanofiatransportrapaniimimatakatoris-a-" +
-	"personaltrainerhigashikagawahigashikagurasoedahigashikawakitaaik" +
-	"itakatakarazukamikoaniikappulawyhigashikurumeguroroskoleirvikoma" +
-	"kiyosatokamachippubetsubetsugaruhigashimatsushimarugame-hostingh" +
-	"igashimatsuyamakitaakitadaitoigawahigashimurayamalatvuopmidoris-" +
-	"a-photographerokuapparshinshirohigashinarusellsyourhomegoodshint" +
-	"okushimahigashinehigashiomihachimanchesterhigashiosakasayamamoto" +
-	"rcycleshintomikasaharahigashishirakawamatakasagooglecodespotrave" +
-	"lchannelhigashisumiyoshikawaminamiaikitakyushuaiahigashitsunowru" +
-	"zhgorodoyhigashiurausukitamidsundhigashiyamatokoriyamanakakogawa" +
-	"higashiyodogawahigashiyoshinogaris-a-playerhiraizumisatohnoshooh" +
-	"irakatashinagawahiranais-a-republicancerresearchaeologicaliforni" +
-	"ahirarahiratsukagawahirayaitakasakitamotosumitakaginankokubunjis" +
-	"-a-rockstarachowicehisayamanashiibaghdadultravelersinsurancehist" +
-	"orichouseshinyoshitomiokaniepcehitachiomiyaginowaniihamatamakawa" +
-	"jimaritimodellinghitachiotagopartis-a-socialistmeindianapolis-a-" +
-	"bloggerhitoyoshimifunehitradinghjartdalhjelmelandholeckobierzyce" +
-	"holidayhomeipartnershiojirishirifujiedahomelinuxn--32vp30hagebos" +
-	"tadhomesensembokukitanakagusukumoduminamiogunicomcastresistanceh" +
-	"omeunixn--3bst00minamisanrikubetsupplyhondahonefosshioyameloyali" +
-	"stockholmestrandhoneywellhongorgehonjyoitakashimarumorimachidaho" +
-	"rnindalhorseminehortendofinternetrdhoteleshirahamatonbetsurgeryh" +
-	"otmailhoyangerhoylandetroitskomatsushimashikiyosemitehumanitiesh" +
-	"irakoenighurdalhurumajis-a-soxfanhyllestadhyogoris-a-studentalhy" +
-	"ugawarahyundaiwafunejgorajlchitachinakagawatchandclockazimierz-d" +
-	"olnyjlljmpartshishikuis-an-actorjnjelenia-gorajoyokaichibahcavuo" +
-	"tnagaraholtalenjpmorganichitosetogakushimotoganewjerseyjpnchloej" +
-	"prshisognejuniperjurkristiansandcatshisuifuettertdasnetzwindowsh" +
-	"itaramakristiansundkrodsheradkrokstadelvaldaostarostwodzislawinn" +
-	"ershizukuishimogosenkryminamitanekumatorinokumejimasudakumenanyo" +
-	"kkaichirurgiens-dentisteshizuokanoyakagekunisakis-an-entertainer" +
-	"kunitachiarailwaykunitomigusukumamotoyamassa-carrara-massacarrar" +
-	"amassabunkyonanaoshimageandsoundandvisionkunneppupartykunstsamml" +
-	"ungkunstunddesignkuokgroupasadenamsosnowiechocolatelevisionrwhal" +
-	"ingrongausdaluccapebretonamiasakuchinotsuchiurakawassamukawatari" +
-	"cohdavvenjargamvikazokureitrentino-stirolkurgankurobelaudiblebes" +
-	"byglandkurogimilitarykuroisoftwarendalenugkuromatsunais-bykurota" +
-	"kikawasakis-certifiedekakegawakurskomonokushirogawakustanais-fou" +
-	"ndationkusupersportrentino-sud-tirolkutchanelkutnokuzbassnillfjo" +
-	"rdkuzumakis-gonekvafjordkvalsundkvamlidlugolekagaminord-aurdalvd" +
-	"alipayufuchukotkafjordkvanangenkvinesdalkvinnheradkviteseidskogk" +
-	"vitsoykwpspjelkavikomorotsukamishihoronobeokaminokawanishiaizuba" +
-	"ngekyotobetsupplieshoujis-into-animeiwamaseratis-a-therapistoiak" +
-	"yowariasahikawamishimatsumotofukemissileksvikongsbergmisugitokon" +
-	"amegatakayamatsunomitourismolanciamitoyoakemiuramiyazumiyotamano" +
-	"mjondalenmlbarclaycards3-us-west-1monmouthaibarakitagawamonsterm" +
-	"onticellolmontrealestatefarmequipmentrentino-sudtirolmonza-brian" +
-	"zaporizhzhekinannestadmonza-e-della-brianzaporizhzhiamonzabrianz" +
-	"apposlombardiamondshowtimemerckongsvingermonzaebrianzaramonzaede" +
-	"llabrianzamoparachutingmordoviajessheiminamiuonumatsumaebashimod" +
-	"atemoriyamatsusakahoginozawaonsenmoriyoshiokamitsuemormoneymoroy" +
-	"amatsushigemortgagemoscowiostrolekaneyamaxunjargamoseushistorymo" +
-	"sjoenmoskeneshriramsterdambulanceomossienarashinomosvikoninjamis" +
-	"onmoviemovistargardmtpccwitdkonskowolancashirehabmermtranakayama" +
-	"tsuuramuenstermugithubcloudusercontentrentino-sued-tirolmuikamog" +
-	"awamukochikushinonsenergymulhouservebbsigdalmultichoicemunakatan" +
-	"emuncieszynmuosattemupassagensimbirskonsulatrobeermurmanskonyvel" +
-	"oftrentino-s-tirollagrigentomologyeonggiehtavuoatnagaivuotnagaok" +
-	"akyotambabydgoszczecinemailmurotorcraftrentino-suedtirolmusashim" +
-	"urayamatsuzakis-leetrentino-a-adigemusashinoharamuseetrentinoa-a" +
-	"digemuseumverenigingmutsuzawamutuellelmyokohamamatsudamypetsimpl" +
-	"e-urlmyphotoshibahccavuotnagareyamaizurubtsovskiptveterinairebun" +
-	"goonomichinomiyakemytis-a-bookkeeperminamiyamashirokawanabelgoro" +
-	"deophiladelphiaareadmyblogsitephilatelyphilipsyphoenixn--3e0b707" +
-	"ephotographysiopiagetmyipassenger-associationpictetrentinoaadige" +
-	"pictureslupskooris-an-actresshiraois-a-techietis-a-teacherkassym" +
-	"antechnologypiemontepilotsmolenskopervikommunalforbundpinkoryola" +
-	"sitepioneerpippupiszpittsburghofedjejuegoshikiminokamoenairlineb" +
-	"raskaunbieidsvollpiwatepizzapkosaigawaplanetariuminanoplantation" +
-	"plantsnoasaitamatsukuris-lostre-toteneis-an-accountantshiranukan" +
-	"makiwakunigamihamadaplatformincommbankomvuxn--3ds443gplaystation" +
-	"plazaplchofunatorientexpressasayamaplombardyndns-at-workinggroup" +
-	"aviancapetownplumbingotvbarclays3-us-west-2plusterpmnpodzonepohl" +
-	"pokerpokrovskosakaerodromegallupinbarcelonagasakijobservercellie" +
-	"rneues3-us-gov-west-1politiendapolkowicepoltavalle-aostathellewi" +
-	"smillerpomorzeszowithgoogleapisa-hockeynutrentinoalto-adigeporde" +
-	"nonepornporsangerporsangugeporsgrunnanpoznanpraxis-a-bruinsfansn" +
-	"zprdpreservationpresidioprgmrprimelbourneprincipeprivneprochowic" +
-	"eproductionsokanraprofermobilyprogressivenneslaskerrylogisticsok" +
-	"ndalprojectrentinoaltoadigepromombetsupportrentinos-tirolpropert" +
-	"yprotectionprudentialpruszkowithyoutubeneventochiokinoshimalselv" +
-	"endrellprzeworskogptzpvtrentinostirolpwchonanbugattipschmidtre-g" +
-	"auldalucernepzqldqponqslgbtrentinosud-tirolqvchoseiroumuenchenst" +
-	"orfjordstpetersburgstreamurskinderoystudiostudyndns-freemasonryo" +
-	"kamikawanehonbetsurutaharastuff-4-salestuttgartrentinosuedtirols" +
-	"urnadalsurreysusakis-slickomforbananarepublicargodaddynathomebui" +
-	"ltarumizusawaustinnaturalhistorymuseumcentereviewskrakowebhopage" +
-	"frontappagespeedmobilizerobihirosakikamijimagroks-thisamitsukeis" +
-	"enbahnasushiobaraeroportalabamagasakishimabarackmaze-burggfarmer" +
-	"seinewyorkshireggio-calabriabruzzoologicalvinklein-addrammenuern" +
-	"bergdyniabogadocscbg12000susonosuzakanumazurysuzukanzakiwiensuzu" +
-	"kis-uberleetrentino-aadigesvalbardudinkakamigaharasveiosvelvikos" +
-	"himizumakiyosumykolaivaroysvizzeraswedenswidnicapitalonewholland" +
-	"swiebodzindianmarketingswiftcoverisignswinoujscienceandhistorysw" +
-	"isshikis-very-badaddjamalborkdalsxn--3oq18vl8pn36atuscanytushuis" +
-	"sier-justicetuvalle-daostavangervestnesopotrentinosudtirolvestre" +
-	"-slidreamhostersor-odalvestre-totennishiawakuravestvagoyvevelsta" +
-	"dvibo-valentiavibovalentiavideovillaskoyabearalvahkihokumakogeni" +
-	"waizumiotsukumiyamazonawsabaerobaticketsor-varangervinnicarbonia" +
-	"-iglesias-carboniaiglesiascarboniavinnytsiavipsinaappfizervirgin" +
-	"iavirtualvirtuelvisakatakinouevistaprintuitrentottoris-very-evil" +
-	"lageviterboltrevisohughesolognevivoldavladikavkazanvladimirvladi" +
-	"vostokaizukarasuyamazoevlogvolkenkunderseaportroandinosaurepbody" +
-	"ndns-blogdnsolundbeckoseis-an-anarchistoricalsocietyvolkswagents" +
-	"orfoldvologdanskostromahachijorpelandvolvolgogradvolyngdalvorone" +
-	"zhytomyrvossevangenvotevotingvotoursorreisahayakawakamiichikaise" +
-	"is-saveducatorahimeshimakanegasakinkobayashikshacknetnedalvrnwor" +
-	"se-thangglidingwowiwatsukiyonowritesthisblogspotrogstadwroclawlo" +
-	"clawekosugewtchoshibuyachiyodawtferrarawuozuwwworldwzmiuwajimaxn" +
-	"--4gq48lf9jeonnamerikawauexn--4it168dxn--4it797kotouraxn--4pvxso" +
-	"rtlandxn--54b7fta0cchromediaxn--55qw42gxn--55qx5dxn--5js045dxn--" +
-	"5rtp49chryslerxn--5rtq34kouhokutamakis-an-artistjohnxn--5su34j93" +
-	"6bgsgxn--5tzm5gxn--6btw5axn--6frz82gxn--6orx2rxn--6qq986b3xlxn--" +
-	"7t0a264chungbukazunoxn--80adxhksoruminnesotaketakatsukis-into-ca" +
-	"rshiraokannamiharuxn--80ao21axn--80aqecdr1axn--80asehdbarefootba" +
-	"llangenoamishirasatobishimalopolskanlandivttasvuotnakamagayachts" +
-	"akuraibigawaustraliaisondriodejaneirochesterhcloudcontrolledigit" +
-	"alaziobirakunedre-eikereportarantomsk-uralsk12xn--80aswgxn--80au" +
-	"dnedalnxn--8ltr62kounosunndalxn--8pvr4uxn--8y0a063axn--90a3acade" +
-	"mydroboatsaritsynologyeongbukouyamashikokuchuoxn--90aishobaraomo" +
-	"riguchiharagusaarlandxn--90azhair-surveillancexn--9dbhblg6diethn" +
-	"ologyxn--9dbq2axn--9et52uxn--9krt00axn--andy-iraxn--aroport-byan" +
-	"agawaxn--asky-iraxn--aurskog-hland-jnbargainstitutelefonicafeder" +
-	"ationaval-d-aosta-valleyonagoyaustrheimatunduhrennesoyekaterinbu" +
-	"rgjemnes3-eu-west-1xn--avery-yuasakegawaxn--b-5gaxn--b4w605ferdx" +
-	"n--bck1b9a5dre4chungnamdalseidfjordyroyrvikingrossetouchijiwadel" +
-	"tajimicrolightingroundhandlingroznyxn--bdddj-mrabdxn--bearalvhki" +
-	"-y4axn--berlevg-jxaxn--bhcavuotna-s4axn--bhccavuotna-k7axn--bidr" +
-	"-5nachikatsuuraxn--bievt-0qa2xn--bjarky-fyanaizuxn--bjddar-ptamb" +
-	"oversaillesooxn--blt-elaborxn--bmlo-graingerxn--bod-2naroyxn--br" +
-	"nny-wuaccident-investigationjukudoyamaceratabuseat-band-campania" +
-	"mallamadridvagsoyericssonlineat-urlxn--brnnysund-m8accident-prev" +
-	"entionxn--brum-voagatromsakakinokiaxn--btsfjord-9zaxn--c1avgxn--" +
-	"c2br7gxn--c3s14minternationalfirearmshowaxn--cck2b3barreauctiona" +
-	"vigationavuotnakhodkanagawauthordalandroidiscountyumenaturalscie" +
-	"ncesnaturelles3-external-1xn--cg4bkis-very-goodhandsonxn--ciqpnx" +
-	"n--clchc0ea0b2g2a9gcdn77-securecipesaro-urbino-pesarourbinopesar" +
-	"omaniwakuratelekommunikationxn--comunicaes-v6a2oxn--correios-e-t" +
-	"elecomunicaes-ghc29axn--czr694barrel-of-knowledgeometre-experts-" +
-	"comptablesakyotanabellevuelosangelesjaguarchitecturealtychyattor" +
-	"neyagawalbrzycharternopilawalesundiyonaguniversityoriikasaokamio" +
-	"kamiminersalangenayoroceanographicsalondonetskashibatakasugaibmd" +
-	"npalacemergencyberlevagangaviikanonjiinetatamotorsaltdalindasiau" +
-	"tomotivecodyn-o-saurlandes3-external-2xn--czrs0tromsojavald-aost" +
-	"arnbergxn--czru2dxn--czrw28barrell-of-knowledgeorgeorgiautoscana" +
-	"daejeonbukariyakumoldebinagisoccertificationaturbruksgymnaturhis" +
-	"torisches3-fips-us-gov-west-1xn--d1acj3bashkiriaveroykenvironmen" +
-	"talconservationatuurwetenschappenaumburgjerdrumckinseyokosukarel" +
-	"iancebinosegawasmatartanddesignieznorddalavagiske12xn--d1alfarom" +
-	"eoxn--d1atrusteexn--d5qv7z876churchaseljeepilepsydneyxn--davvenj" +
-	"rga-y4axn--djrs72d6uyxn--djty4kouzushimasoyxn--dnna-grajewolters" +
-	"kluwerxn--drbak-wuaxn--dyry-iraxn--eckvdtc9dxn--efvn9southcaroli" +
-	"nazawaxn--efvy88hakatanotteroyxn--ehqz56nxn--elqq16hakodatevaksd" +
-	"alxn--estv75gxn--eveni-0qa01gaxn--f6qx53axn--fct429kozagawaxn--f" +
-	"hbeiarnxn--finny-yuaxn--fiq228c5hsouthwestfalenxn--fiq64basilica" +
-	"taniavocatanzaroweddingjerstadotsuruokamakurazakisofukushimarnar" +
-	"dalillesandefjordiscoveryggeelvinckarlsoyokotebizenakaniikawatan" +
-	"agurasnesoddenmarkets3-ap-southeast-1kappleangaviikadenaamesjevu" +
-	"emielnoboribetsucks3-ap-northeast-1xn--fiqs8sowaxn--fiqz9spreadb" +
-	"ettingxn--fjord-lraxn--fjq720axn--fl-ziaxn--flor-jraxn--flw351ex" +
-	"n--fpcrj9c3dxn--frde-grandrapidspydebergxn--frna-woaraisaijosoyr" +
-	"ovigorlicexn--frya-hraxn--fzc2c9e2chuvashiaxn--fzys8d69uvgmailxn" +
-	"--g2xx48circlegallocuscountryestateofdelawarecreationxn--gckr3f0" +
-	"ferrarittogokasells-for-lesscrapper-sitexn--gecrj9circuscultured" +
-	"umbrellahppiacenzakopanerairforcechirealtorlandxn--ggaviika-8ya4" +
-	"7hakonexn--gildeskl-g0axn--givuotna-8yandexn--3pxu8kotohiradomai" +
-	"nsureisenxn--gjvik-wuaxn--gk3at1exn--gls-elacaixaxn--gmq050is-ve" +
-	"ry-nicexn--gmqw5axn--h-2fairwindsrlxn--h1aeghakubankmshinjournal" +
-	"ismailillehammerfest-mon-blogueurovisionxn--h2brj9citadeliverybn" +
-	"ikahokutogliattiresaskatchewanggouvicenzaxn--hbmer-xqaxn--hcesuo" +
-	"lo-7ya35basketballfinanz-2xn--hery-iraxn--hgebostad-g3axn--hmmrf" +
-	"easta-s4acctrverranzanxn--hnefoss-q1axn--hobl-iraxn--holtlen-hxa" +
-	"xn--hpmir-xqaxn--hxt814exn--hyanger-q1axn--hylandet-54axn--i1b6b" +
-	"1a6a2exn--imr513nxn--indery-fyaotsurgutsiracusaitokyotangovtrysi" +
-	"lkoshunantokashikizunokunimilanoxn--io0a7is-very-sweetrentino-al" +
-	"to-adigexn--j1aeferreroticampobassociatescrappingujolsterxn--j1a" +
-	"mhakuis-a-nurseoullensvanguardxn--j6w193gxn--jlq61u9w7batochigif" +
-	"tsalvadordalibabaikaliszczytnordlandrangedalindesnesalzburgladel" +
-	"oittenrightathomeftpaccessamegawavoues3-sa-east-1xn--jlster-byar" +
-	"oslavlaanderenxn--jrpeland-54axn--jvr189misakis-into-cartoonshir" +
-	"atakahagivingxn--k7yn95exn--karmy-yuaxn--kbrq7oxn--kcrx77d1x4axn" +
-	"--kfjord-iuaxn--klbu-woaxn--klt787dxn--kltp7dxn--kltx9axn--klty5" +
-	"xn--42c2d9axn--koluokta-7ya57hakusandiegoodyearthagakhanamigawax" +
-	"n--kprw13dxn--kpry57dxn--kpu716fetsundxn--kput3is-with-thebandoo" +
-	"mdnsaliascolipicenord-odalxn--krager-gyasakaiminatoyakokamisatoh" +
-	"obby-sitexasdaburyatiaarpharmaciensirdalxn--kranghke-b0axn--krds" +
-	"herad-m8axn--krehamn-dxaxn--krjohka-hwab49jetztrentino-altoadige" +
-	"xn--ksnes-uuaxn--kvfjord-nxaxn--kvitsy-fyasugisleofmandalxn--kvn" +
-	"angen-k0axn--l-1faitheguardianquanconagawakuyabukicks-assediciti" +
-	"cateringebudejjuedischesapeakebayernurembergriwataraidyndns-work" +
-	"shoppdalowiczest-le-patrondheimperiaxn--l1accentureklamborghinii" +
-	"zaxn--laheadju-7yasuokaratexn--langevg-jxaxn--lcvr32dxn--ldingen" +
-	"-q1axn--leagaviika-52batsfjordrivelandrobaknoluoktainaikawachina" +
-	"ganoharamcoalaheadjudaicaaarborteaches-yogasawaracingroks-theatr" +
-	"eemersongdalenviknakanojohanamakinoharaxastronomydstvedestrandgc" +
-	"ahcesuolocalhistoryazannefrankfurtargets-itargi234xn--lesund-hua" +
-	"xn--lgbbat1ad8jevnakerxn--lgrd-poacoachampionshiphopenair-traffi" +
-	"c-controlleyxn--lhppi-xqaxn--linds-pramericanartulansolutionsola" +
-	"rssonxn--lns-qlanxessrtrentinosued-tirolxn--loabt-0qaxn--lrdal-s" +
-	"raxn--lrenskog-54axn--lt-liacivilaviationxn--lten-granexn--lury-" +
-	"iraxn--mely-iraxn--merker-kuaxn--mgb2ddesrvdonskosherbrookegawax" +
-	"n--mgb9awbfgulenxn--mgba3a3ejtunesomaxn--mgba3a4f16axn--mgba3a4f" +
-	"ranamizuholdingsmileirfjordxn--mgba7c0bbn0axn--mgbaakc7dvfidelit" +
-	"yxn--mgbaam7a8haldenxn--mgbab2bdxn--mgbai9a5eva00bauhausposts-an" +
-	"d-telecommunicationsnasadoes-itveronagasukemrxn--mgbai9azgqp6jew" +
-	"elryxn--mgbayh7gpaduaxn--mgbb9fbpobanazawaxn--mgbbh1a71exn--mgbc" +
-	"0a9azcgxn--mgbca7dzdoxn--mgberp4a5d4a87gxn--mgberp4a5d4arxn--mgb" +
-	"i4ecexposedxn--mgbpl2fhvalerxn--mgbqly7c0a67fbcivilisationxn--mg" +
-	"bqly7cvafredrikstadtvstoragexn--mgbt3dhdxn--mgbtf8flekkefjordxn-" +
-	"-mgbtx2bbcarrierxn--mgbx4cd0abbvieeexn--mix082fidonnakamuratakah" +
-	"amannortonsbergunmarriottoyonezawaxn--mix891fieldxn--mjndalen-64" +
-	"axn--mk0axindustriesteamfamberkeleyxn--mk1bu44civilizationxn--mk" +
-	"ru45issmarterthanyouxn--mlatvuopmi-s4axn--mli-tlapyatigorskozaki" +
-	"s-an-engineeringxn--mlselv-iuaxn--moreke-juaxn--mori-qsakuhokkai" +
-	"dontexisteingeekpnxn--mosjen-eyatominamiawajikiwchiryukyuragifue" +
-	"fukihaborokunohealthcareersarufutsunomiyawakasaikaitakoelniyodog" +
-	"awaxn--mot-tlaquilancasterxn--mre-og-romsdal-qqbbtatarstanflatan" +
-	"gerxn--msy-ula0halsaintlouis-a-anarchistoireggioemiliaromagnakat" +
-	"ombetsumidatlantichernivtsiciliaxn--mtta-vrjjat-k7afamilycompany" +
-	"civilwarmanagementjxjaworznoxn--muost-0qaxn--mxtq1misasaguris-in" +
-	"to-gamessinashikitchenxn--ngbc5azdxn--ngbe9e0axn--ngbrxn--45brj9" +
-	"choyodobashichikashukujitawaraxn--nit225kppspiegelxn--nmesjevuem" +
-	"ie-tcbajddarchaeologyxn--nnx388axn--nodessakuragawaxn--nqv7fs00e" +
-	"maxn--nry-yla5gxn--ntso0iqx3axn--ntsq17gxn--nttery-byaeservegame" +
-	"-serverdalxn--nvuotna-hwaxn--nyqy26axn--o1achattanooganorilsklep" +
-	"pharmacyslingxn--o3cw4hammarfeastafricamagichernovtsykkylvenetoe" +
-	"iheijis-a-doctorayxn--od0algxn--od0aq3bbvacationswatch-and-clock" +
-	"erxn--ogbpf8flesbergxn--oppegrd-ixaxn--ostery-fyatsukaratsuginam" +
-	"ikatagamihoboleslawieclaimsassaris-a-financialadvisor-aurdaluroy" +
-	"xn--osyro-wuaxn--p1acfdxn--p1aixn--pbt977clickchristiansburgrpal" +
-	"ermomasvuotnakatsugawaxn--pgbs0dhlxn--porsgu-sta26figuerestauran" +
-	"toyonoxn--pssu33lxn--pssy2uxn--q9jyb4clinicatholicasinorfolkebib" +
-	"lefrakkestadyndns-wikindlegnicamerakershus-east-1xn--qcka1pmcdon" +
-	"aldstordalxn--qqqt11misawaxn--qxamusementurystykarasjoksnesomnar" +
-	"itakurashikis-not-certifiedogawarabikomaezakirunoshiroomuraxn--r" +
-	"ady-iraxn--rdal-poaxn--rde-ularvikrasnodarxn--rdy-0nabarixn--ren" +
-	"nesy-v1axn--rhkkervju-01aflakstadaokagakibichuoxn--rholt-mragowo" +
-	"odsidexn--rhqv96gxn--rht27zxn--rht3dxn--rht61exn--risa-5narusawa" +
-	"xn--risr-iraxn--rland-uuaxn--rlingen-mxaxn--rmskog-byatsushiroxn" +
-	"--rny31hamurakamigoriginshinjukumanoxn--rovu88bentleyukuhashimoj" +
-	"iitatebayashijonawatextileitungsenfshostrodawaraxn--rros-granvin" +
-	"dafjordxn--rskog-uuaxn--rst-0narutokorozawaxn--rsta-francaisehar" +
-	"axn--ryken-vuaxn--ryrvik-byawaraxn--s-1fareastcoastaldefencexn--" +
-	"s9brj9cliniquenoharaxn--sandnessjen-ogbizhevskrasnoyarskommunexn" +
-	"--sandy-yuaxn--seral-lraxn--ses554gxn--sgne-gratangenxn--skierv-" +
-	"utazaskvolloabathsbclintonoshoesatxn--0trq7p7nnxn--skjervy-v1axn" +
-	"--skjk-soaxn--sknit-yqaxn--sknland-fxaxn--slat-5narviikananporov" +
-	"noxn--slt-elabourxn--smla-hraxn--smna-gratis-a-bulls-fanxn--snas" +
-	"e-nraxn--sndre-land-0cbremangerxn--snes-poaxn--snsa-roaxn--sr-au" +
-	"rdal-l8axn--sr-fron-q1axn--sr-odal-q1axn--sr-varanger-ggbeppubol" +
-	"ognagatorockartuzyurihonjournalistjordalshalsenhsamnangerxn--srf" +
-	"old-byawatahamaxn--srreisa-q1axn--srum-grazxn--stfold-9xaxn--stj" +
-	"rdal-s1axn--stjrdalshalsen-sqberndunloppacificartierxn--stre-tot" +
-	"en-zcbstorenburgxn--t60b56axn--tckweatherchannelxn--tiq49xqyjewi" +
-	"shartgalleryxn--tjme-hraxn--tn0agrinetbankzxn--tnsberg-q1axn--to" +
-	"r131oxn--trany-yuaxn--trgstad-r1axn--trna-woaxn--troms-zuaxn--ty" +
-	"svr-vraxn--uc0atversicherungxn--uc0ay4axn--uist22hangoutsystemsc" +
-	"loudcontrolapparmaxn--uisz3gxn--unjrga-rtaobaokinawashirosatobam" +
-	"agazinemurorangeologyxn--unup4yxn--uuwu58axn--vads-jraxn--vard-j" +
-	"raxn--vegrshei-c0axn--vermgensberater-ctbeskidynaliascoli-piceno" +
-	"rd-frontierxn--vermgensberatung-pwbestbuyshousesamsclubindalinka" +
-	"shiharaxn--vestvgy-ixa6oxn--vg-yiabcgxn--vgan-qoaxn--vgsy-qoa0jf" +
-	"komitamamuraxn--vgu402clothingruexn--vhquvestfoldxn--vler-qoaxn-" +
-	"-vre-eiker-k8axn--vrggt-xqadxn--vry-yla5gxn--vuq861betainaboxfor" +
-	"deatnuorogersvpalanaklodzkodairaxn--w4r85el8fhu5dnraxn--w4rs40lx" +
-	"n--wcvs22dxn--wgbh1cloudfrontdoorxn--wgbl6axn--xhq521bielawallon" +
-	"ieruchomoscienceandindustrynikiiyamanobeauxartsandcraftsamsungla" +
-	"ssassinationalheritagematsubarakawagoepostfoldnavyatkakudamatsue" +
-	"psonyoursidegreevje-og-hornnesandvikcoromantovalle-d-aostatoilin" +
-	"zainfinitinfoggiaxn--xkc2al3hye2axn--xkc2dl3a5ee0hannanmokuizumo" +
-	"dernxn--y9a3aquariumisconfusedxn--yer-znarvikredstonexn--yfro4i6" +
-	"7oxn--ygarden-p1axn--ygbi2ammxn--45q11christmasakikugawatchesase" +
-	"boknowsitallukowhoswhokksundynv6xn--ystre-slidre-ujbiellaakesvue" +
-	"mieleccexn--zbx025dxn--zf0ao64axn--zf0avxn--4gbriminingxn--zfr16" +
-	"4bieszczadygeyachimataipeigersundunsagamiharaxperiaxz"
-
-// nodes is the list of nodes. Each node is represented as a uint32, which
-// encodes the node's children, wildcard bit and node type (as an index into
-// the children array), ICANN bit and text.
-//
-// In the //-comment after each node's data, the nodes indexes of the children
-// are formatted as (n0x1234-n0x1256), with * denoting the wildcard bit. The
-// nodeType is printed as + for normal, ! for exception, and o for parent-only
-// nodes that have children but don't match a domain label in their own right.
-// An I denotes an ICANN domain.
-//
-// The layout within the uint32, from MSB to LSB, is:
-//	[ 1 bits] unused
-//	[ 9 bits] children index
-//	[ 1 bits] ICANN bit
-//	[15 bits] text index
-//	[ 6 bits] text length
-var nodes = [...]uint32{
-	0x00355603, // n0x0000 c0x0000 (---------------)  + I aaa
-	0x0034d544, // n0x0001 c0x0000 (---------------)  + I aarp
-	0x0026b886, // n0x0002 c0x0000 (---------------)  + I abarth
-	0x00230743, // n0x0003 c0x0000 (---------------)  + I abb
-	0x00230746, // n0x0004 c0x0000 (---------------)  + I abbott
-	0x00365706, // n0x0005 c0x0000 (---------------)  + I abbvie
-	0x00399843, // n0x0006 c0x0000 (---------------)  + I abc
-	0x0031f144, // n0x0007 c0x0000 (---------------)  + I able
-	0x002ee207, // n0x0008 c0x0000 (---------------)  + I abogado
-	0x0026b4c8, // n0x0009 c0x0000 (---------------)  + I abudhabi
-	0x01a01542, // n0x000a c0x0006 (n0x0609-n0x060f)  + I ac
-	0x0030aec7, // n0x000b c0x0000 (---------------)  + I academy
-	0x00352a89, // n0x000c c0x0000 (---------------)  + I accenture
-	0x002d9b0a, // n0x000d c0x0000 (---------------)  + I accountant
-	0x002d9b0b, // n0x000e c0x0000 (---------------)  + I accountants
-	0x00232d83, // n0x000f c0x0000 (---------------)  + I aco
-	0x0028a206, // n0x0010 c0x0000 (---------------)  + I active
-	0x0023b505, // n0x0011 c0x0000 (---------------)  + I actor
-	0x01e00342, // n0x0012 c0x0007 (n0x060f-n0x0610)  + I ad
-	0x00212f84, // n0x0013 c0x0000 (---------------)  + I adac
-	0x0026ba03, // n0x0014 c0x0000 (---------------)  + I ads
-	0x002a1985, // n0x0015 c0x0000 (---------------)  + I adult
-	0x022035c2, // n0x0016 c0x0008 (n0x0610-n0x0618)  + I ae
-	0x0024a403, // n0x0017 c0x0000 (---------------)  + I aeg
-	0x026389c4, // n0x0018 c0x0009 (n0x0618-n0x066f)  + I aero
-	0x0025e585, // n0x0019 c0x0000 (---------------)  + I aetna
-	0x02a04a42, // n0x001a c0x000a (n0x066f-n0x0674)  + I af
-	0x0036ec8e, // n0x001b c0x0000 (---------------)  + I afamilycompany
-	0x00252703, // n0x001c c0x0000 (---------------)  + I afl
-	0x00375846, // n0x001d c0x0000 (---------------)  + I africa
-	0x0037584b, // n0x001e c0x0000 (---------------)  + I africamagic
-	0x02e01002, // n0x001f c0x000b (n0x0674-n0x0679)  + I ag
-	0x0034ac47, // n0x0020 c0x0000 (---------------)  + I agakhan
-	0x0023df86, // n0x0021 c0x0000 (---------------)  + I agency
-	0x032016c2, // n0x0022 c0x000c (n0x0679-n0x067d)  + I ai
-	0x00214d03, // n0x0023 c0x0000 (---------------)  + I aig
-	0x00214d04, // n0x0024 c0x0000 (---------------)  + I aigo
-	0x0022b886, // n0x0025 c0x0000 (---------------)  + I airbus
-	0x00338648, // n0x0026 c0x0000 (---------------)  + I airforce
-	0x00286586, // n0x0027 c0x0000 (---------------)  + I airtel
-	0x00227644, // n0x0028 c0x0000 (---------------)  + I akdn
-	0x036001c2, // n0x0029 c0x000d (n0x067d-n0x0684)  + I al
-	0x00328e49, // n0x002a c0x0000 (---------------)  + I alfaromeo
-	0x00345287, // n0x002b c0x0000 (---------------)  + I alibaba
-	0x002bc006, // n0x002c c0x0000 (---------------)  + I alipay
-	0x0033e3c9, // n0x002d c0x0000 (---------------)  + I allfinanz
-	0x0020f148, // n0x002e c0x0000 (---------------)  + I allstate
-	0x00213584, // n0x002f c0x0000 (---------------)  + I ally
-	0x0021dd86, // n0x0030 c0x0000 (---------------)  + I alsace
-	0x0020be86, // n0x0031 c0x0000 (---------------)  + I alstom
-	0x03a01882, // n0x0032 c0x000e (n0x0684-n0x0685)  + I am
-	0x0024728f, // n0x0033 c0x0000 (---------------)  + I americanexpress
-	0x00208d8e, // n0x0034 c0x0000 (---------------)  + I americanfamily
-	0x002052c4, // n0x0035 c0x0000 (---------------)  + I amex
-	0x00367585, // n0x0036 c0x0000 (---------------)  + I amfam
-	0x00230645, // n0x0037 c0x0000 (---------------)  + I amica
-	0x002c8449, // n0x0038 c0x0000 (---------------)  + I amsterdam
-	0x00243f09, // n0x0039 c0x0000 (---------------)  + I analytics
-	0x0031a8c7, // n0x003a c0x0000 (---------------)  + I android
-	0x00350706, // n0x003b c0x0000 (---------------)  + I anquan
-	0x00256b43, // n0x003c c0x0000 (---------------)  + I anz
-	0x03e029c2, // n0x003d c0x000f (n0x0685-n0x068b)  + I ao
-	0x00275643, // n0x003e c0x0000 (---------------)  + I aol
-	0x0022ce0a, // n0x003f c0x0000 (---------------)  + I apartments
-	0x002092c3, // n0x0040 c0x0000 (---------------)  + I app
-	0x00331985, // n0x0041 c0x0000 (---------------)  + I apple
-	0x002003c2, // n0x0042 c0x0000 (---------------)  + I aq
-	0x00285a49, // n0x0043 c0x0000 (---------------)  + I aquarelle
-	0x04200a42, // n0x0044 c0x0010 (n0x068b-n0x0694)  + I ar
-	0x00202044, // n0x0045 c0x0000 (---------------)  + I arab
-	0x00355146, // n0x0046 c0x0000 (---------------)  + I aramco
-	0x002fb805, // n0x0047 c0x0000 (---------------)  + I archi
-	0x00348744, // n0x0048 c0x0000 (---------------)  + I army
-	0x04a29dc4, // n0x0049 c0x0012 (n0x0695-n0x069b)  + I arpa
-	0x0023a6c4, // n0x004a c0x0000 (---------------)  + I arte
-	0x04e01d42, // n0x004b c0x0013 (n0x069b-n0x069c)  + I as
-	0x0034d284, // n0x004c c0x0000 (---------------)  + I asda
-	0x00322ec4, // n0x004d c0x0000 (---------------)  + I asia
-	0x003437ca, // n0x004e c0x0000 (---------------)  + I associates
-	0x05200102, // n0x004f c0x0014 (n0x069c-n0x06a3)  + I at
-	0x00248f47, // n0x0050 c0x0000 (---------------)  + I athleta
-	0x0031fec8, // n0x0051 c0x0000 (---------------)  + I attorney
-	0x05a04f82, // n0x0052 c0x0016 (n0x06a4-n0x06b6)  + I au
-	0x00319e07, // n0x0053 c0x0000 (---------------)  + I auction
-	0x00233104, // n0x0054 c0x0000 (---------------)  + I audi
-	0x002b7d87, // n0x0055 c0x0000 (---------------)  + I audible
-	0x00233105, // n0x0056 c0x0000 (---------------)  + I audio
-	0x0035fd47, // n0x0057 c0x0000 (---------------)  + I auspost
-	0x0031a686, // n0x0058 c0x0000 (---------------)  + I author
-	0x00265104, // n0x0059 c0x0000 (---------------)  + I auto
-	0x00324dc5, // n0x005a c0x0000 (---------------)  + I autos
-	0x002dc007, // n0x005b c0x0000 (---------------)  + I avianca
-	0x06a01082, // n0x005c c0x001a (n0x06c4-n0x06c5)  + I aw
-	0x002f6583, // n0x005d c0x0000 (---------------)  + I aws
-	0x00220402, // n0x005e c0x0000 (---------------)  + I ax
-	0x00356983, // n0x005f c0x0000 (---------------)  + I axa
-	0x06e05f42, // n0x0060 c0x001b (n0x06c5-n0x06d1)  + I az
-	0x0021be05, // n0x0061 c0x0000 (---------------)  + I azure
-	0x07202002, // n0x0062 c0x001c (n0x06d1-n0x06dc)  + I ba
-	0x002ce1c4, // n0x0063 c0x0000 (---------------)  + I baby
-	0x0027c805, // n0x0064 c0x0000 (---------------)  + I baidu
-	0x00205207, // n0x0065 c0x0000 (---------------)  + I banamex
-	0x002e97ce, // n0x0066 c0x0000 (---------------)  + I bananarepublic
-	0x00207cc4, // n0x0067 c0x0000 (---------------)  + I band
-	0x00203704, // n0x0068 c0x0000 (---------------)  + I bank
-	0x00202003, // n0x0069 c0x0000 (---------------)  + I bar
-	0x002dd889, // n0x006a c0x0000 (---------------)  + I barcelona
-	0x002c12cb, // n0x006b c0x0000 (---------------)  + I barclaycard
-	0x002dc608, // n0x006c c0x0000 (---------------)  + I barclays
-	0x00306d88, // n0x006d c0x0000 (---------------)  + I barefoot
-	0x0030e948, // n0x006e c0x0000 (---------------)  + I bargains
-	0x0022f9c8, // n0x006f c0x0000 (---------------)  + I baseball
-	0x0033e20a, // n0x0070 c0x0000 (---------------)  + I basketball
-	0x0035fc47, // n0x0071 c0x0000 (---------------)  + I bauhaus
-	0x00351786, // n0x0072 c0x0000 (---------------)  + I bayern
-	0x07630782, // n0x0073 c0x001d (n0x06dc-n0x06e6)  + I bb
-	0x003651c3, // n0x0074 c0x0000 (---------------)  + I bbc
-	0x0036cbc3, // n0x0075 c0x0000 (---------------)  + I bbt
-	0x00376984, // n0x0076 c0x0000 (---------------)  + I bbva
-	0x00399883, // n0x0077 c0x0000 (---------------)  + I bcg
-	0x00239b43, // n0x0078 c0x0000 (---------------)  + I bcn
-	0x017129c2, // n0x0079 c0x0005 (---------------)* o I bd
-	0x07a03302, // n0x007a c0x001e (n0x06e6-n0x06e8)  + I be
-	0x0022b505, // n0x007b c0x0000 (---------------)  + I beats
-	0x0024f5c6, // n0x007c c0x0000 (---------------)  + I beauty
-	0x002ccb84, // n0x007d c0x0000 (---------------)  + I beer
-	0x00383b87, // n0x007e c0x0000 (---------------)  + I bentley
-	0x0022e6c6, // n0x007f c0x0000 (---------------)  + I berlin
-	0x002291c4, // n0x0080 c0x0000 (---------------)  + I best
-	0x00398887, // n0x0081 c0x0000 (---------------)  + I bestbuy
-	0x00208c03, // n0x0082 c0x0000 (---------------)  + I bet
-	0x07f5d242, // n0x0083 c0x001f (n0x06e8-n0x06e9)  + I bf
-	0x082ee482, // n0x0084 c0x0020 (n0x06e9-n0x070e)  + I bg
-	0x08615602, // n0x0085 c0x0021 (n0x070e-n0x0713)  + I bh
-	0x00215606, // n0x0086 c0x0000 (---------------)  + I bharti
-	0x08a00002, // n0x0087 c0x0022 (n0x0713-n0x0718)  + I bi
-	0x0037bf45, // n0x0088 c0x0000 (---------------)  + I bible
-	0x00313f03, // n0x0089 c0x0000 (---------------)  + I bid
-	0x00202544, // n0x008a c0x0000 (---------------)  + I bike
-	0x002dc444, // n0x008b c0x0000 (---------------)  + I bing
-	0x002dc445, // n0x008c c0x0000 (---------------)  + I bingo
-	0x00203a03, // n0x008d c0x0000 (---------------)  + I bio
-	0x08f30b83, // n0x008e c0x0023 (n0x0718-n0x0720)  + I biz
-	0x09206502, // n0x008f c0x0024 (n0x0720-n0x0724)  + I bj
-	0x00288ec5, // n0x0090 c0x0000 (---------------)  + I black
-	0x00288ecb, // n0x0091 c0x0000 (---------------)  + I blackfriday
-	0x00258fc6, // n0x0092 c0x0000 (---------------)  + I blanco
-	0x0020c8cb, // n0x0093 c0x0000 (---------------)  + I blockbuster
-	0x002a4004, // n0x0094 c0x0000 (---------------)  + I blog
-	0x0020d009, // n0x0095 c0x0000 (---------------)  + I bloomberg
-	0x0020e104, // n0x0096 c0x0000 (---------------)  + I blue
-	0x0960e742, // n0x0097 c0x0025 (n0x0724-n0x0729)  + I bm
-	0x0020f6c3, // n0x0098 c0x0000 (---------------)  + I bms
-	0x0020fc43, // n0x0099 c0x0000 (---------------)  + I bmw
-	0x016104c2, // n0x009a c0x0005 (---------------)* o I bn
-	0x002477c3, // n0x009b c0x0000 (---------------)  + I bnl
-	0x002104ca, // n0x009c c0x0000 (---------------)  + I bnpparibas
-	0x09a0e402, // n0x009d c0x0026 (n0x0729-n0x0732)  + I bo
-	0x0030b145, // n0x009e c0x0000 (---------------)  + I boats
-	0x0020e40a, // n0x009f c0x0000 (---------------)  + I boehringer
-	0x00290b84, // n0x00a0 c0x0000 (---------------)  + I bofa
-	0x00210ac3, // n0x00a1 c0x0000 (---------------)  + I bom
-	0x00210f84, // n0x00a2 c0x0000 (---------------)  + I bond
-	0x00215403, // n0x00a3 c0x0000 (---------------)  + I boo
-	0x00215404, // n0x00a4 c0x0000 (---------------)  + I book
-	0x00215407, // n0x00a5 c0x0000 (---------------)  + I booking
-	0x00215e85, // n0x00a6 c0x0000 (---------------)  + I boots
-	0x002173c5, // n0x00a7 c0x0000 (---------------)  + I bosch
-	0x00217986, // n0x00a8 c0x0000 (---------------)  + I bostik
-	0x00217cc6, // n0x00a9 c0x0000 (---------------)  + I boston
-	0x00218e83, // n0x00aa c0x0000 (---------------)  + I bot
-	0x0021b7c8, // n0x00ab c0x0000 (---------------)  + I boutique
-	0x0021bb83, // n0x00ac c0x0000 (---------------)  + I box
-	0x09e1c402, // n0x00ad c0x0027 (n0x0732-n0x0778)  + I br
-	0x0021c408, // n0x00ae c0x0000 (---------------)  + I bradesco
-	0x00221b8b, // n0x00af c0x0000 (---------------)  + I bridgestone
-	0x00220008, // n0x00b0 c0x0000 (---------------)  + I broadway
-	0x00220c46, // n0x00b1 c0x0000 (---------------)  + I broker
-	0x00222007, // n0x00b2 c0x0000 (---------------)  + I brother
-	0x00225e88, // n0x00b3 c0x0000 (---------------)  + I brussels
-	0x0a637542, // n0x00b4 c0x0029 (n0x0779-n0x077e)  + I bs
-	0x0aa1fd02, // n0x00b5 c0x002a (n0x077e-n0x0783)  + I bt
-	0x0020a008, // n0x00b6 c0x0000 (---------------)  + I budapest
-	0x002e5b47, // n0x00b7 c0x0000 (---------------)  + I bugatti
-	0x002410c5, // n0x00b8 c0x0000 (---------------)  + I build
-	0x002410c8, // n0x00b9 c0x0000 (---------------)  + I builders
-	0x0022c188, // n0x00ba c0x0000 (---------------)  + I business
-	0x003004c3, // n0x00bb c0x0000 (---------------)  + I buy
-	0x0022dec4, // n0x00bc c0x0000 (---------------)  + I buzz
-	0x00365782, // n0x00bd c0x0000 (---------------)  + I bv
-	0x0ae2fe42, // n0x00be c0x002b (n0x0783-n0x0785)  + I bw
-	0x0b20f982, // n0x00bf c0x002c (n0x0785-n0x0789)  + I by
-	0x0ba30bc2, // n0x00c0 c0x002e (n0x078a-n0x0790)  + I bz
-	0x00230bc3, // n0x00c1 c0x0000 (---------------)  + I bzh
-	0x0be00302, // n0x00c2 c0x002f (n0x0790-n0x07a1)  + I ca
-	0x00230703, // n0x00c3 c0x0000 (---------------)  + I cab
-	0x0030ee44, // n0x00c4 c0x0000 (---------------)  + I cafe
-	0x00213543, // n0x00c5 c0x0000 (---------------)  + I cal
-	0x00213544, // n0x00c6 c0x0000 (---------------)  + I call
-	0x002ed9cb, // n0x00c7 c0x0000 (---------------)  + I calvinklein
-	0x0037c746, // n0x00c8 c0x0000 (---------------)  + I camera
-	0x00241ac4, // n0x00c9 c0x0000 (---------------)  + I camp
-	0x0029f88e, // n0x00ca c0x0000 (---------------)  + I cancerresearch
-	0x00265485, // n0x00cb c0x0000 (---------------)  + I canon
-	0x002dc148, // n0x00cc c0x0000 (---------------)  + I capetown
-	0x002f0b87, // n0x00cd c0x0000 (---------------)  + I capital
-	0x002f0b8a, // n0x00ce c0x0000 (---------------)  + I capitalone
-	0x0020af43, // n0x00cf c0x0000 (---------------)  + I car
-	0x00236a47, // n0x00d0 c0x0000 (---------------)  + I caravan
-	0x002c1485, // n0x00d1 c0x0000 (---------------)  + I cards
-	0x0036b504, // n0x00d2 c0x0000 (---------------)  + I care
-	0x0036b506, // n0x00d3 c0x0000 (---------------)  + I career
-	0x0036b507, // n0x00d4 c0x0000 (---------------)  + I careers
-	0x00305f84, // n0x00d5 c0x0000 (---------------)  + I cars
-	0x00390b47, // n0x00d6 c0x0000 (---------------)  + I cartier
-	0x00214604, // n0x00d7 c0x0000 (---------------)  + I casa
-	0x002188c4, // n0x00d8 c0x0000 (---------------)  + I case
-	0x002188c6, // n0x00d9 c0x0000 (---------------)  + I caseih
-	0x002c99c4, // n0x00da c0x0000 (---------------)  + I cash
-	0x0037bc46, // n0x00db c0x0000 (---------------)  + I casino
-	0x0020df43, // n0x00dc c0x0000 (---------------)  + I cat
-	0x00351008, // n0x00dd c0x0000 (---------------)  + I catering
-	0x0037ba88, // n0x00de c0x0000 (---------------)  + I catholic
-	0x0024b283, // n0x00df c0x0000 (---------------)  + I cba
-	0x00247783, // n0x00e0 c0x0000 (---------------)  + I cbn
-	0x0038c544, // n0x00e1 c0x0000 (---------------)  + I cbre
-	0x00391103, // n0x00e2 c0x0000 (---------------)  + I cbs
-	0x0c22e182, // n0x00e3 c0x0030 (n0x07a1-n0x07a5)  + I cc
-	0x0c63e2c2, // n0x00e4 c0x0031 (n0x07a5-n0x07a6)  + I cd
-	0x00206483, // n0x00e5 c0x0000 (---------------)  + I ceb
-	0x00204486, // n0x00e6 c0x0000 (---------------)  + I center
-	0x002c87c3, // n0x00e7 c0x0000 (---------------)  + I ceo
-	0x002e61c4, // n0x00e8 c0x0000 (---------------)  + I cern
-	0x0ca14202, // n0x00e9 c0x0032 (n0x07a6-n0x07a7)  + I cf
-	0x00214203, // n0x00ea c0x0000 (---------------)  + I cfa
-	0x00379503, // n0x00eb c0x0000 (---------------)  + I cfd
-	0x0021a302, // n0x00ec c0x0000 (---------------)  + I cg
-	0x0ce01582, // n0x00ed c0x0033 (n0x07a7-n0x07a8)  + I ch
-	0x002ba9c6, // n0x00ee c0x0000 (---------------)  + I chanel
-	0x0023c407, // n0x00ef c0x0000 (---------------)  + I channel
-	0x00329845, // n0x00f0 c0x0000 (---------------)  + I chase
-	0x0022ac44, // n0x00f1 c0x0000 (---------------)  + I chat
-	0x00284305, // n0x00f2 c0x0000 (---------------)  + I cheap
-	0x00201587, // n0x00f3 c0x0000 (---------------)  + I chintai
-	0x002aee85, // n0x00f4 c0x0000 (---------------)  + I chloe
-	0x003a3989, // n0x00f5 c0x0000 (---------------)  + I christmas
-	0x003024c6, // n0x00f6 c0x0000 (---------------)  + I chrome
-	0x00303188, // n0x00f7 c0x0000 (---------------)  + I chrysler
-	0x00329746, // n0x00f8 c0x0000 (---------------)  + I church
-	0x0d200682, // n0x00f9 c0x0034 (n0x07a8-n0x07b7)  + I ci
-	0x0023fe08, // n0x00fa c0x0000 (---------------)  + I cipriani
-	0x00336206, // n0x00fb c0x0000 (---------------)  + I circle
-	0x00200685, // n0x00fc c0x0000 (---------------)  + I cisco
-	0x0033cc87, // n0x00fd c0x0000 (---------------)  + I citadel
-	0x00350f04, // n0x00fe c0x0000 (---------------)  + I citi
-	0x00350f05, // n0x00ff c0x0000 (---------------)  + I citic
-	0x00286744, // n0x0100 c0x0000 (---------------)  + I city
-	0x00286748, // n0x0101 c0x0000 (---------------)  + I cityeats
-	0x0d60b482, // n0x0102 c0x0035 (n0x07b7-n0x07b8)* o I ck
-	0x0da09182, // n0x0103 c0x0036 (n0x07b8-n0x07bd)  + I cl
-	0x00378546, // n0x0104 c0x0000 (---------------)  + I claims
-	0x002242c8, // n0x0105 c0x0000 (---------------)  + I cleaning
-	0x00379a45, // n0x0106 c0x0000 (---------------)  + I click
-	0x0037b946, // n0x0107 c0x0000 (---------------)  + I clinic
-	0x00387188, // n0x0108 c0x0000 (---------------)  + I clinique
-	0x0039a588, // n0x0109 c0x0000 (---------------)  + I clothing
-	0x00209185, // n0x010a c0x0000 (---------------)  + I cloud
-	0x00238ac4, // n0x010b c0x0000 (---------------)  + I club
-	0x00238ac7, // n0x010c c0x0000 (---------------)  + I clubmed
-	0x0de5d142, // n0x010d c0x0037 (n0x07bd-n0x07c1)  + I cm
-	0x0e21ba42, // n0x010e c0x0038 (n0x07c1-n0x07ee)  + I cn
-	0x0fa00742, // n0x010f c0x003e (n0x07f3-n0x0800)  + I co
-	0x00358885, // n0x0110 c0x0000 (---------------)  + I coach
-	0x0029bd05, // n0x0111 c0x0000 (---------------)  + I codes
-	0x0020b246, // n0x0112 c0x0000 (---------------)  + I coffee
-	0x0022e1c7, // n0x0113 c0x0000 (---------------)  + I college
-	0x00231a87, // n0x0114 c0x0000 (---------------)  + I cologne
-	0x10233503, // n0x0115 c0x0040 (n0x0801-n0x08d7)  + I com
-	0x002a6b87, // n0x0116 c0x0000 (---------------)  + I comcast
-	0x002da788, // n0x0117 c0x0000 (---------------)  + I commbank
-	0x00233509, // n0x0118 c0x0000 (---------------)  + I community
-	0x0036ee47, // n0x0119 c0x0000 (---------------)  + I company
-	0x00234a07, // n0x011a c0x0000 (---------------)  + I compare
-	0x00235488, // n0x011b c0x0000 (---------------)  + I computer
-	0x00235c86, // n0x011c c0x0000 (---------------)  + I comsec
-	0x00236246, // n0x011d c0x0000 (---------------)  + I condos
-	0x00236f4c, // n0x011e c0x0000 (---------------)  + I construction
-	0x00237d0a, // n0x011f c0x0000 (---------------)  + I consulting
-	0x00239e07, // n0x0120 c0x0000 (---------------)  + I contact
-	0x0023b3cb, // n0x0121 c0x0000 (---------------)  + I contractors
-	0x0023c247, // n0x0122 c0x0000 (---------------)  + I cooking
-	0x0023c24e, // n0x0123 c0x0000 (---------------)  + I cookingchannel
-	0x0023d384, // n0x0124 c0x0000 (---------------)  + I cool
-	0x0023d684, // n0x0125 c0x0000 (---------------)  + I coop
-	0x0023ea07, // n0x0126 c0x0000 (---------------)  + I corsica
-	0x00336587, // n0x0127 c0x0000 (---------------)  + I country
-	0x002423c6, // n0x0128 c0x0000 (---------------)  + I coupon
-	0x002423c7, // n0x0129 c0x0000 (---------------)  + I coupons
-	0x00242fc7, // n0x012a c0x0000 (---------------)  + I courses
-	0x126049c2, // n0x012b c0x0049 (n0x08fe-n0x0905)  + I cr
-	0x002447c6, // n0x012c c0x0000 (---------------)  + I credit
-	0x002447ca, // n0x012d c0x0000 (---------------)  + I creditcard
-	0x00244a4b, // n0x012e c0x0000 (---------------)  + I creditunion
-	0x00245b47, // n0x012f c0x0000 (---------------)  + I cricket
-	0x00246505, // n0x0130 c0x0000 (---------------)  + I crown
-	0x00246643, // n0x0131 c0x0000 (---------------)  + I crs
-	0x00246b46, // n0x0132 c0x0000 (---------------)  + I cruise
-	0x00246b47, // n0x0133 c0x0000 (---------------)  + I cruises
-	0x002440c3, // n0x0134 c0x0000 (---------------)  + I csc
-	0x12a09d82, // n0x0135 c0x004a (n0x0905-n0x090b)  + I cu
-	0x00246f0a, // n0x0136 c0x0000 (---------------)  + I cuisinella
-	0x12f53bc2, // n0x0137 c0x004b (n0x090b-n0x090c)  + I cv
-	0x132c95c2, // n0x0138 c0x004c (n0x090c-n0x0910)  + I cw
-	0x136482c2, // n0x0139 c0x004d (n0x0910-n0x0912)  + I cx
-	0x13a3e082, // n0x013a c0x004e (n0x0912-n0x091f)  o I cy
-	0x0024a985, // n0x013b c0x0000 (---------------)  + I cymru
-	0x0024b084, // n0x013c c0x0000 (---------------)  + I cyou
-	0x14229ec2, // n0x013d c0x0050 (n0x0920-n0x0922)  + I cz
-	0x0034d305, // n0x013e c0x0000 (---------------)  + I dabur
-	0x002a1943, // n0x013f c0x0000 (---------------)  + I dad
-	0x00223d45, // n0x0140 c0x0000 (---------------)  + I dance
-	0x0020c7c4, // n0x0141 c0x0000 (---------------)  + I date
-	0x0020e206, // n0x0142 c0x0000 (---------------)  + I dating
-	0x00292c46, // n0x0143 c0x0000 (---------------)  + I datsun
-	0x00265983, // n0x0144 c0x0000 (---------------)  + I day
-	0x0023f244, // n0x0145 c0x0000 (---------------)  + I dclk
-	0x0025f303, // n0x0146 c0x0000 (---------------)  + I dds
-	0x14604d82, // n0x0147 c0x0051 (n0x0922-n0x092a)  + I de
-	0x00204d84, // n0x0148 c0x0000 (---------------)  + I deal
-	0x00239046, // n0x0149 c0x0000 (---------------)  + I dealer
-	0x00204d85, // n0x014a c0x0000 (---------------)  + I deals
-	0x003a0286, // n0x014b c0x0000 (---------------)  + I degree
-	0x0033cd88, // n0x014c c0x0000 (---------------)  + I delivery
-	0x0025a384, // n0x014d c0x0000 (---------------)  + I dell
-	0x00345f48, // n0x014e c0x0000 (---------------)  + I deloitte
-	0x00311f45, // n0x014f c0x0000 (---------------)  + I delta
-	0x002265c8, // n0x0150 c0x0000 (---------------)  + I democrat
-	0x002abe06, // n0x0151 c0x0000 (---------------)  + I dental
-	0x002b2407, // n0x0152 c0x0000 (---------------)  + I dentist
-	0x0022dcc4, // n0x0153 c0x0000 (---------------)  + I desi
-	0x0022dcc6, // n0x0154 c0x0000 (---------------)  + I design
-	0x002329c3, // n0x0155 c0x0000 (---------------)  + I dev
-	0x0037a7c3, // n0x0156 c0x0000 (---------------)  + I dhl
-	0x002c42c8, // n0x0157 c0x0000 (---------------)  + I diamonds
-	0x0030ce84, // n0x0158 c0x0000 (---------------)  + I diet
-	0x00308ec7, // n0x0159 c0x0000 (---------------)  + I digital
-	0x0024d786, // n0x015a c0x0000 (---------------)  + I direct
-	0x0024d789, // n0x015b c0x0000 (---------------)  + I directory
-	0x0031aa48, // n0x015c c0x0000 (---------------)  + I discount
-	0x00330408, // n0x015d c0x0000 (---------------)  + I discover
-	0x00229304, // n0x015e c0x0000 (---------------)  + I dish
-	0x00320843, // n0x015f c0x0000 (---------------)  + I diy
-	0x00266a02, // n0x0160 c0x0000 (---------------)  + I dj
-	0x14a494c2, // n0x0161 c0x0052 (n0x092a-n0x092b)  + I dk
-	0x14e0fa82, // n0x0162 c0x0053 (n0x092b-n0x0930)  + I dm
-	0x00321fc3, // n0x0163 c0x0000 (---------------)  + I dnp
-	0x15213282, // n0x0164 c0x0054 (n0x0930-n0x093a)  + I do
-	0x002ee344, // n0x0165 c0x0000 (---------------)  + I docs
-	0x00213285, // n0x0166 c0x0000 (---------------)  + I dodge
-	0x002459c3, // n0x0167 c0x0000 (---------------)  + I dog
-	0x00236044, // n0x0168 c0x0000 (---------------)  + I doha
-	0x00339ec7, // n0x0169 c0x0000 (---------------)  + I domains
-	0x0032f743, // n0x016a c0x0000 (---------------)  + I dot
-	0x00269fc8, // n0x016b c0x0000 (---------------)  + I download
-	0x00354745, // n0x016c c0x0000 (---------------)  + I drive
-	0x00356c44, // n0x016d c0x0000 (---------------)  + I dstv
-	0x00364483, // n0x016e c0x0000 (---------------)  + I dtv
-	0x0027c785, // n0x016f c0x0000 (---------------)  + I dubai
-	0x0027c8c4, // n0x0170 c0x0000 (---------------)  + I duck
-	0x00390846, // n0x0171 c0x0000 (---------------)  + I dunlop
-	0x003a6804, // n0x0172 c0x0000 (---------------)  + I duns
-	0x002008c6, // n0x0173 c0x0000 (---------------)  + I dupont
-	0x00205146, // n0x0174 c0x0000 (---------------)  + I durban
-	0x00317284, // n0x0175 c0x0000 (---------------)  + I dvag
-	0x00212b03, // n0x0176 c0x0000 (---------------)  + I dwg
-	0x15607a82, // n0x0177 c0x0055 (n0x093a-n0x0942)  + I dz
-	0x0034ab05, // n0x0178 c0x0000 (---------------)  + I earth
-	0x0022b543, // n0x0179 c0x0000 (---------------)  + I eat
-	0x15a09b02, // n0x017a c0x0056 (n0x0942-n0x094e)  + I ec
-	0x002b94c5, // n0x017b c0x0000 (---------------)  + I edeka
-	0x0023a783, // n0x017c c0x0000 (---------------)  + I edu
-	0x0023a789, // n0x017d c0x0000 (---------------)  + I education
-	0x15e0b342, // n0x017e c0x0057 (n0x094e-n0x0958)  + I ee
-	0x16608442, // n0x017f c0x0059 (n0x0959-n0x0962)  + I eg
-	0x002ce585, // n0x0180 c0x0000 (---------------)  + I email
-	0x002c4646, // n0x0181 c0x0000 (---------------)  + I emerck
-	0x00356047, // n0x0182 c0x0000 (---------------)  + I emerson
-	0x002cb4c6, // n0x0183 c0x0000 (---------------)  + I energy
-	0x00369148, // n0x0184 c0x0000 (---------------)  + I engineer
-	0x0036914b, // n0x0185 c0x0000 (---------------)  + I engineering
-	0x002044cb, // n0x0186 c0x0000 (---------------)  + I enterprises
-	0x0039f945, // n0x0187 c0x0000 (---------------)  + I epost
-	0x0039ffc5, // n0x0188 c0x0000 (---------------)  + I epson
-	0x002c2709, // n0x0189 c0x0000 (---------------)  + I equipment
-	0x01603682, // n0x018a c0x0005 (---------------)* o I er
-	0x00317448, // n0x018b c0x0000 (---------------)  + I ericsson
-	0x0020cb04, // n0x018c c0x0000 (---------------)  + I erni
-	0x16e00482, // n0x018d c0x005b (n0x0963-n0x0968)  + I es
-	0x0027a303, // n0x018e c0x0000 (---------------)  + I esq
-	0x002c2486, // n0x018f c0x0000 (---------------)  + I estate
-	0x0028d2c8, // n0x0190 c0x0000 (---------------)  + I esurance
-	0x176053c2, // n0x0191 c0x005d (n0x0969-n0x0971)  + I et
-	0x002234c8, // n0x0192 c0x0000 (---------------)  + I etisalat
-	0x00204b82, // n0x0193 c0x0000 (---------------)  + I eu
-	0x0033c78a, // n0x0194 c0x0000 (---------------)  + I eurovision
-	0x00228883, // n0x0195 c0x0000 (---------------)  + I eus
-	0x00232a06, // n0x0196 c0x0000 (---------------)  + I events
-	0x00203608, // n0x0197 c0x0000 (---------------)  + I everbank
-	0x00239488, // n0x0198 c0x0000 (---------------)  + I exchange
-	0x0031ee06, // n0x0199 c0x0000 (---------------)  + I expert
-	0x00363107, // n0x019a c0x0000 (---------------)  + I exposed
-	0x00247487, // n0x019b c0x0000 (---------------)  + I express
-	0x0020ba0a, // n0x019c c0x0000 (---------------)  + I extraspace
-	0x00290c04, // n0x019d c0x0000 (---------------)  + I fage
-	0x00214244, // n0x019e c0x0000 (---------------)  + I fail
-	0x0033b609, // n0x019f c0x0000 (---------------)  + I fairwinds
-	0x00350405, // n0x01a0 c0x0000 (---------------)  + I faith
-	0x00208f86, // n0x01a1 c0x0000 (---------------)  + I family
-	0x00211d03, // n0x01a2 c0x0000 (---------------)  + I fan
-	0x002e0ec4, // n0x01a3 c0x0000 (---------------)  + I fans
-	0x00271d04, // n0x01a4 c0x0000 (---------------)  + I farm
-	0x002ece87, // n0x01a5 c0x0000 (---------------)  + I farmers
-	0x0022fec7, // n0x01a6 c0x0000 (---------------)  + I fashion
-	0x0024c204, // n0x01a7 c0x0000 (---------------)  + I fast
-	0x00211505, // n0x01a8 c0x0000 (---------------)  + I fedex
-	0x0020b308, // n0x01a9 c0x0000 (---------------)  + I feedback
-	0x00337007, // n0x01aa c0x0000 (---------------)  + I ferrari
-	0x00343407, // n0x01ab c0x0000 (---------------)  + I ferrero
-	0x17a07502, // n0x01ac c0x005e (n0x0971-n0x0974)  + I fi
-	0x00294744, // n0x01ad c0x0000 (---------------)  + I fiat
-	0x0035ee48, // n0x01ae c0x0000 (---------------)  + I fidelity
-	0x00365b84, // n0x01af c0x0000 (---------------)  + I fido
-	0x0024b784, // n0x01b0 c0x0000 (---------------)  + I film
-	0x0024bb85, // n0x01b1 c0x0000 (---------------)  + I final
-	0x0024bcc7, // n0x01b2 c0x0000 (---------------)  + I finance
-	0x00207509, // n0x01b3 c0x0000 (---------------)  + I financial
-	0x0024c6c4, // n0x01b4 c0x0000 (---------------)  + I fire
-	0x0024d4c9, // n0x01b5 c0x0000 (---------------)  + I firestone
-	0x0024d9c8, // n0x01b6 c0x0000 (---------------)  + I firmdale
-	0x0024e044, // n0x01b7 c0x0000 (---------------)  + I fish
-	0x0024e047, // n0x01b8 c0x0000 (---------------)  + I fishing
-	0x0024f083, // n0x01b9 c0x0000 (---------------)  + I fit
-	0x0024f807, // n0x01ba c0x0000 (---------------)  + I fitness
-	0x01615b02, // n0x01bb c0x0005 (---------------)* o I fj
-	0x01799fc2, // n0x01bc c0x0005 (---------------)* o I fk
-	0x00250686, // n0x01bd c0x0000 (---------------)  + I flickr
-	0x00251287, // n0x01be c0x0000 (---------------)  + I flights
-	0x00251c04, // n0x01bf c0x0000 (---------------)  + I flir
-	0x00252b07, // n0x01c0 c0x0000 (---------------)  + I florist
-	0x002539c7, // n0x01c1 c0x0000 (---------------)  + I flowers
-	0x00253f08, // n0x01c2 c0x0000 (---------------)  + I flsmidth
-	0x002549c3, // n0x01c3 c0x0000 (---------------)  + I fly
-	0x00242902, // n0x01c4 c0x0000 (---------------)  + I fm
-	0x002558c2, // n0x01c5 c0x0000 (---------------)  + I fo
-	0x00255a83, // n0x01c6 c0x0000 (---------------)  + I foo
-	0x00255a8b, // n0x01c7 c0x0000 (---------------)  + I foodnetwork
-	0x00306e88, // n0x01c8 c0x0000 (---------------)  + I football
-	0x0039bf44, // n0x01c9 c0x0000 (---------------)  + I ford
-	0x00257585, // n0x01ca c0x0000 (---------------)  + I forex
-	0x00259787, // n0x01cb c0x0000 (---------------)  + I forsale
-	0x0025b085, // n0x01cc c0x0000 (---------------)  + I forum
-	0x002b9f4a, // n0x01cd c0x0000 (---------------)  + I foundation
-	0x0025c143, // n0x01ce c0x0000 (---------------)  + I fox
-	0x17e00582, // n0x01cf c0x005f (n0x0974-n0x098c)  + I fr
-	0x002e7d04, // n0x01d0 c0x0000 (---------------)  + I free
-	0x0025f7c9, // n0x01d1 c0x0000 (---------------)  + I fresenius
-	0x00263603, // n0x01d2 c0x0000 (---------------)  + I frl
-	0x002636c7, // n0x01d3 c0x0000 (---------------)  + I frogans
-	0x0039d609, // n0x01d4 c0x0000 (---------------)  + I frontdoor
-	0x003980c8, // n0x01d5 c0x0000 (---------------)  + I frontier
-	0x00204a83, // n0x01d6 c0x0000 (---------------)  + I ftr
-	0x0027b8c7, // n0x01d7 c0x0000 (---------------)  + I fujitsu
-	0x0027bdc9, // n0x01d8 c0x0000 (---------------)  + I fujixerox
-	0x002312c3, // n0x01d9 c0x0000 (---------------)  + I fun
-	0x00283c84, // n0x01da c0x0000 (---------------)  + I fund
-	0x00285349, // n0x01db c0x0000 (---------------)  + I furniture
-	0x00287806, // n0x01dc c0x0000 (---------------)  + I futbol
-	0x002888c3, // n0x01dd c0x0000 (---------------)  + I fyi
-	0x00201042, // n0x01de c0x0000 (---------------)  + I ga
-	0x0021dd43, // n0x01df c0x0000 (---------------)  + I gal
-	0x00392147, // n0x01e0 c0x0000 (---------------)  + I gallery
-	0x00336385, // n0x01e1 c0x0000 (---------------)  + I gallo
-	0x002dd686, // n0x01e2 c0x0000 (---------------)  + I gallup
-	0x00297cc4, // n0x01e3 c0x0000 (---------------)  + I game
-	0x003700c5, // n0x01e4 c0x0000 (---------------)  + I games
-	0x0022cdc3, // n0x01e5 c0x0000 (---------------)  + I gap
-	0x002190c6, // n0x01e6 c0x0000 (---------------)  + I garden
-	0x0020d202, // n0x01e7 c0x0000 (---------------)  + I gb
-	0x00387944, // n0x01e8 c0x0000 (---------------)  + I gbiz
-	0x00222d42, // n0x01e9 c0x0000 (---------------)  + I gd
-	0x002fb203, // n0x01ea c0x0000 (---------------)  + I gdn
-	0x182026c2, // n0x01eb c0x0060 (n0x098c-n0x0993)  + I ge
-	0x002534c3, // n0x01ec c0x0000 (---------------)  + I gea
-	0x00218144, // n0x01ed c0x0000 (---------------)  + I gent
-	0x00218147, // n0x01ee c0x0000 (---------------)  + I genting
-	0x00324b46, // n0x01ef c0x0000 (---------------)  + I george
-	0x00269a82, // n0x01f0 c0x0000 (---------------)  + I gf
-	0x18654282, // n0x01f1 c0x0061 (n0x0993-n0x0996)  + I gg
-	0x00330644, // n0x01f2 c0x0000 (---------------)  + I ggee
-	0x18a41602, // n0x01f3 c0x0062 (n0x0996-n0x099b)  + I gh
-	0x18e134c2, // n0x01f4 c0x0063 (n0x099b-n0x09a1)  + I gi
-	0x00344f44, // n0x01f5 c0x0000 (---------------)  + I gift
-	0x00344f45, // n0x01f6 c0x0000 (---------------)  + I gifts
-	0x00269485, // n0x01f7 c0x0000 (---------------)  + I gives
-	0x003481c6, // n0x01f8 c0x0000 (---------------)  + I giving
-	0x1920ce42, // n0x01f9 c0x0064 (n0x09a1-n0x09a6)  + I gl
-	0x00345e85, // n0x01fa c0x0000 (---------------)  + I glade
-	0x0039ef45, // n0x01fb c0x0000 (---------------)  + I glass
-	0x00285d83, // n0x01fc c0x0000 (---------------)  + I gle
-	0x0020d846, // n0x01fd c0x0000 (---------------)  + I global
-	0x0020e345, // n0x01fe c0x0000 (---------------)  + I globo
-	0x00215582, // n0x01ff c0x0000 (---------------)  + I gm
-	0x00335e45, // n0x0200 c0x0000 (---------------)  + I gmail
-	0x00215584, // n0x0201 c0x0000 (---------------)  + I gmbh
-	0x002182c3, // n0x0202 c0x0000 (---------------)  + I gmo
-	0x0021bac3, // n0x0203 c0x0000 (---------------)  + I gmx
-	0x19608342, // n0x0204 c0x0065 (n0x09a6-n0x09ac)  + I gn
-	0x002e9bc7, // n0x0205 c0x0000 (---------------)  + I godaddy
-	0x0024dbc4, // n0x0206 c0x0000 (---------------)  + I gold
-	0x0024dbc9, // n0x0207 c0x0000 (---------------)  + I goldpoint
-	0x0024e1c4, // n0x0208 c0x0000 (---------------)  + I golf
-	0x00299dc3, // n0x0209 c0x0000 (---------------)  + I goo
-	0x0031bac9, // n0x020a c0x0000 (---------------)  + I goodhands
-	0x0034a9c8, // n0x020b c0x0000 (---------------)  + I goodyear
-	0x0029bb84, // n0x020c c0x0000 (---------------)  + I goog
-	0x0029bb86, // n0x020d c0x0000 (---------------)  + I google
-	0x002a36c3, // n0x020e c0x0000 (---------------)  + I gop
-	0x00211ec3, // n0x020f c0x0000 (---------------)  + I got
-	0x002dc504, // n0x0210 c0x0000 (---------------)  + I gotv
-	0x0026cc83, // n0x0211 c0x0000 (---------------)  + I gov
-	0x19adad02, // n0x0212 c0x0066 (n0x09ac-n0x09b2)  + I gp
-	0x003010c2, // n0x0213 c0x0000 (---------------)  + I gq
-	0x19e00c82, // n0x0214 c0x0067 (n0x09b2-n0x09b8)  + I gr
-	0x00315908, // n0x0215 c0x0000 (---------------)  + I grainger
-	0x003216c8, // n0x0216 c0x0000 (---------------)  + I graphics
-	0x0038b986, // n0x0217 c0x0000 (---------------)  + I gratis
-	0x002503c5, // n0x0218 c0x0000 (---------------)  + I green
-	0x0022fd05, // n0x0219 c0x0000 (---------------)  + I gripe
-	0x0020ab45, // n0x021a c0x0000 (---------------)  + I group
-	0x0023a242, // n0x021b c0x0000 (---------------)  + I gs
-	0x1a23f142, // n0x021c c0x0068 (n0x09b8-n0x09bf)  + I gt
-	0x0160dd42, // n0x021d c0x0005 (---------------)* o I gu
-	0x00350588, // n0x021e c0x0000 (---------------)  + I guardian
-	0x0023fd45, // n0x021f c0x0000 (---------------)  + I gucci
-	0x002e05c4, // n0x0220 c0x0000 (---------------)  + I guge
-	0x00232905, // n0x0221 c0x0000 (---------------)  + I guide
-	0x0023cc87, // n0x0222 c0x0000 (---------------)  + I guitars
-	0x002594c4, // n0x0223 c0x0000 (---------------)  + I guru
-	0x002167c2, // n0x0224 c0x0000 (---------------)  + I gw
-	0x1a602302, // n0x0225 c0x0069 (n0x09bf-n0x09c5)  + I gy
-	0x0030c744, // n0x0226 c0x0000 (---------------)  + I hair
-	0x0020ccc7, // n0x0227 c0x0000 (---------------)  + I hamburg
-	0x00394c47, // n0x0228 c0x0000 (---------------)  + I hangout
-	0x0035fd04, // n0x0229 c0x0000 (---------------)  + I haus
-	0x00290b43, // n0x022a c0x0000 (---------------)  + I hbo
-	0x0024b1c4, // n0x022b c0x0000 (---------------)  + I hdfc
-	0x0024b1c8, // n0x022c c0x0000 (---------------)  + I hdfcbank
-	0x0036b386, // n0x022d c0x0000 (---------------)  + I health
-	0x0036b38a, // n0x022e c0x0000 (---------------)  + I healthcare
-	0x002073c4, // n0x022f c0x0000 (---------------)  + I help
-	0x0020ebc8, // n0x0230 c0x0000 (---------------)  + I helsinki
-	0x00254184, // n0x0231 c0x0000 (---------------)  + I here
-	0x00222106, // n0x0232 c0x0000 (---------------)  + I hermes
-	0x00292304, // n0x0233 c0x0000 (---------------)  + I hgtv
-	0x00358b86, // n0x0234 c0x0000 (---------------)  + I hiphop
-	0x002ebcc9, // n0x0235 c0x0000 (---------------)  + I hisamitsu
-	0x002a27c7, // n0x0236 c0x0000 (---------------)  + I hitachi
-	0x0027d3c3, // n0x0237 c0x0000 (---------------)  + I hiv
-	0x1aa0a882, // n0x0238 c0x006a (n0x09c5-n0x09dd)  + I hk
-	0x0026da43, // n0x0239 c0x0000 (---------------)  + I hkt
-	0x0020e942, // n0x023a c0x0000 (---------------)  + I hm
-	0x1ae1ab42, // n0x023b c0x006b (n0x09dd-n0x09e3)  + I hn
-	0x002df846, // n0x023c c0x0000 (---------------)  + I hockey
-	0x0035e208, // n0x023d c0x0000 (---------------)  + I holdings
-	0x002a5007, // n0x023e c0x0000 (---------------)  + I holiday
-	0x00274049, // n0x023f c0x0000 (---------------)  + I homedepot
-	0x00299cc9, // n0x0240 c0x0000 (---------------)  + I homegoods
-	0x002a60c5, // n0x0241 c0x0000 (---------------)  + I homes
-	0x002a60c9, // n0x0242 c0x0000 (---------------)  + I homesense
-	0x002a7985, // n0x0243 c0x0000 (---------------)  + I honda
-	0x002a8409, // n0x0244 c0x0000 (---------------)  + I honeywell
-	0x002a91c5, // n0x0245 c0x0000 (---------------)  + I horse
-	0x00297e04, // n0x0246 c0x0000 (---------------)  + I host
-	0x00297e07, // n0x0247 c0x0000 (---------------)  + I hosting
-	0x00234dc3, // n0x0248 c0x0000 (---------------)  + I hot
-	0x002a98c7, // n0x0249 c0x0000 (---------------)  + I hoteles
-	0x002a9fc7, // n0x024a c0x0000 (---------------)  + I hotmail
-	0x002a2105, // n0x024b c0x0000 (---------------)  + I house
-	0x002a1343, // n0x024c c0x0000 (---------------)  + I how
-	0x1b20e4c2, // n0x024d c0x006c (n0x09e3-n0x09e8)  + I hr
-	0x00389404, // n0x024e c0x0000 (---------------)  + I hsbc
-	0x1b62a682, // n0x024f c0x006d (n0x09e8-n0x09f9)  + I ht
-	0x0025d0c3, // n0x0250 c0x0000 (---------------)  + I htc
-	0x1ba195c2, // n0x0251 c0x006e (n0x09f9-n0x0a19)  + I hu
-	0x002f94c6, // n0x0252 c0x0000 (---------------)  + I hughes
-	0x0031fe45, // n0x0253 c0x0000 (---------------)  + I hyatt
-	0x002ac1c7, // n0x0254 c0x0000 (---------------)  + I hyundai
-	0x00321f03, // n0x0255 c0x0000 (---------------)  + I ibm
-	0x00239ac4, // n0x0256 c0x0000 (---------------)  + I icbc
-	0x00206903, // n0x0257 c0x0000 (---------------)  + I ice
-	0x00209d43, // n0x0258 c0x0000 (---------------)  + I icu
-	0x1be0c782, // n0x0259 c0x006f (n0x0a19-n0x0a24)  + I id
-	0x1c600042, // n0x025a c0x0071 (n0x0a25-n0x0a27)  + I ie
-	0x00365804, // n0x025b c0x0000 (---------------)  + I ieee
-	0x002428c3, // n0x025c c0x0000 (---------------)  + I ifm
-	0x00322905, // n0x025d c0x0000 (---------------)  + I iinet
-	0x00322745, // n0x025e c0x0000 (---------------)  + I ikano
-	0x1ca02902, // n0x025f c0x0072 (n0x0a27-n0x0a2f)  + I il
-	0x1d205c42, // n0x0260 c0x0074 (n0x0a30-n0x0a37)  + I im
-	0x00256dc6, // n0x0261 c0x0000 (---------------)  + I imamat
-	0x0025ee44, // n0x0262 c0x0000 (---------------)  + I imdb
-	0x00207084, // n0x0263 c0x0000 (---------------)  + I immo
-	0x0020708a, // n0x0264 c0x0000 (---------------)  + I immobilien
-	0x1da013c2, // n0x0265 c0x0076 (n0x0a39-n0x0a46)  + I in
-	0x0036728a, // n0x0266 c0x0000 (---------------)  + I industries
-	0x003a1088, // n0x0267 c0x0000 (---------------)  + I infiniti
-	0x1dfa1244, // n0x0268 c0x0077 (n0x0a46-n0x0a50)  + I info
-	0x0020e2c3, // n0x0269 c0x0000 (---------------)  + I ing
-	0x0020ecc3, // n0x026a c0x0000 (---------------)  + I ink
-	0x0030ea89, // n0x026b c0x0000 (---------------)  + I institute
-	0x0023e7c9, // n0x026c c0x0000 (---------------)  + I insurance
-	0x00339fc6, // n0x026d c0x0000 (---------------)  + I insure
-	0x1e201603, // n0x026e c0x0078 (n0x0a50-n0x0a51)  + I int
-	0x0024dd45, // n0x026f c0x0000 (---------------)  + I intel
-	0x0031940d, // n0x0270 c0x0000 (---------------)  + I international
-	0x002f8946, // n0x0271 c0x0000 (---------------)  + I intuit
-	0x00203d0b, // n0x0272 c0x0000 (---------------)  + I investments
-	0x1e600ac2, // n0x0273 c0x0079 (n0x0a51-n0x0a57)  + I io
-	0x0026bb88, // n0x0274 c0x0000 (---------------)  + I ipiranga
-	0x1ea00dc2, // n0x0275 c0x007a (n0x0a57-n0x0a5d)  + I iq
-	0x1ee04302, // n0x0276 c0x007b (n0x0a5d-n0x0a66)  + I ir
-	0x002a5605, // n0x0277 c0x0000 (---------------)  + I irish
-	0x1f2006c2, // n0x0278 c0x007c (n0x0a66-n0x0a6e)  + I is
-	0x0025b307, // n0x0279 c0x0000 (---------------)  + I iselect
-	0x0033c007, // n0x027a c0x0000 (---------------)  + I ismaili
-	0x00215003, // n0x027b c0x0000 (---------------)  + I ist
-	0x00215008, // n0x027c c0x0000 (---------------)  + I istanbul
-	0x1f601e42, // n0x027d c0x007d (n0x0a6e-n0x0bdf)  + I it
-	0x002804c4, // n0x027e c0x0000 (---------------)  + I itau
-	0x00360743, // n0x027f c0x0000 (---------------)  + I itv
-	0x00323145, // n0x0280 c0x0000 (---------------)  + I iveco
-	0x0036ab83, // n0x0281 c0x0000 (---------------)  + I iwc
-	0x0031f906, // n0x0282 c0x0000 (---------------)  + I jaguar
-	0x00323d44, // n0x0283 c0x0000 (---------------)  + I java
-	0x00247743, // n0x0284 c0x0000 (---------------)  + I jcb
-	0x0026e183, // n0x0285 c0x0000 (---------------)  + I jcp
-	0x1fa06f02, // n0x0286 c0x007e (n0x0bdf-n0x0be2)  + I je
-	0x003299c4, // n0x0287 c0x0000 (---------------)  + I jeep
-	0x0034ea85, // n0x0288 c0x0000 (---------------)  + I jetzt
-	0x00360f47, // n0x0289 c0x0000 (---------------)  + I jewelry
-	0x00278d43, // n0x028a c0x0000 (---------------)  + I jio
-	0x002ac643, // n0x028b c0x0000 (---------------)  + I jlc
-	0x002ad103, // n0x028c c0x0000 (---------------)  + I jll
-	0x016308c2, // n0x028d c0x0005 (---------------)* o I jm
-	0x002ad1c3, // n0x028e c0x0000 (---------------)  + I jmp
-	0x002ad803, // n0x028f c0x0000 (---------------)  + I jnj
-	0x1fe04042, // n0x0290 c0x007f (n0x0be2-n0x0bea)  + I jo
-	0x002ddc44, // n0x0291 c0x0000 (---------------)  + I jobs
-	0x0027cb06, // n0x0292 c0x0000 (---------------)  + I joburg
-	0x00204043, // n0x0293 c0x0000 (---------------)  + I jot
-	0x002adb83, // n0x0294 c0x0000 (---------------)  + I joy
-	0x202ae3c2, // n0x0295 c0x0080 (n0x0bea-n0x0c59)  + I jp
-	0x002ae3c8, // n0x0296 c0x0000 (---------------)  + I jpmorgan
-	0x002aefc4, // n0x0297 c0x0000 (---------------)  + I jprs
-	0x002d7906, // n0x0298 c0x0000 (---------------)  + I juegos
-	0x002af287, // n0x0299 c0x0000 (---------------)  + I juniper
-	0x00227e46, // n0x029a c0x0000 (---------------)  + I kaufen
-	0x00238144, // n0x029b c0x0000 (---------------)  + I kddi
-	0x2de025c2, // n0x029c c0x00b7 (n0x12ed-n0x12ee)* o I ke
-	0x00234c8b, // n0x029d c0x0000 (---------------)  + I kerryhotels
-	0x002e2c0e, // n0x029e c0x0000 (---------------)  + I kerrylogistics
-	0x00220d0f, // n0x029f c0x0000 (---------------)  + I kerryproperties
-	0x0023f303, // n0x02a0 c0x0000 (---------------)  + I kfh
-	0x2e6b5502, // n0x02a1 c0x00b9 (n0x12ef-n0x12f5)  + I kg
-	0x0161acc2, // n0x02a2 c0x0005 (---------------)* o I kh
-	0x2ea01e02, // n0x02a3 c0x00ba (n0x12f5-n0x12fc)  + I ki
-	0x00226f83, // n0x02a4 c0x0000 (---------------)  + I kia
-	0x002303c3, // n0x02a5 c0x0000 (---------------)  + I kim
-	0x002e7706, // n0x02a6 c0x0000 (---------------)  + I kinder
-	0x0037c506, // n0x02a7 c0x0000 (---------------)  + I kindle
-	0x003703c7, // n0x02a8 c0x0000 (---------------)  + I kitchen
-	0x002eed84, // n0x02a9 c0x0000 (---------------)  + I kiwi
-	0x2ee316c2, // n0x02aa c0x00bb (n0x12fc-n0x130d)  + I km
-	0x2f269c82, // n0x02ab c0x00bc (n0x130d-n0x1311)  + I kn
-	0x0036bd45, // n0x02ac c0x0000 (---------------)  + I koeln
-	0x002aa707, // n0x02ad c0x0000 (---------------)  + I komatsu
-	0x0035cbc6, // n0x02ae c0x0000 (---------------)  + I kosher
-	0x2f60d782, // n0x02af c0x00bd (n0x1311-n0x1317)  + I kp
-	0x0020d784, // n0x02b0 c0x0000 (---------------)  + I kpmg
-	0x0036a3c3, // n0x02b1 c0x0000 (---------------)  + I kpn
-	0x2fa06fc2, // n0x02b2 c0x00be (n0x1317-n0x1335)  + I kr
-	0x0034df03, // n0x02b3 c0x0000 (---------------)  + I krd
-	0x003a2b04, // n0x02b4 c0x0000 (---------------)  + I kred
-	0x002b5449, // n0x02b5 c0x0000 (---------------)  + I kuokgroup
-	0x016bd182, // n0x02b6 c0x0005 (---------------)* o I kw
-	0x2fe36902, // n0x02b7 c0x00bf (n0x1335-n0x133a)  + I ky
-	0x00269c06, // n0x02b8 c0x0000 (---------------)  + I kyknet
-	0x002be0c5, // n0x02b9 c0x0000 (---------------)  + I kyoto
-	0x30392a42, // n0x02ba c0x00c0 (n0x133a-n0x1340)  + I kz
-	0x30600802, // n0x02bb c0x00c1 (n0x1340-n0x1349)  + I la
-	0x0033aa87, // n0x02bc c0x0000 (---------------)  + I lacaixa
-	0x00293449, // n0x02bd c0x0000 (---------------)  + I ladbrokes
-	0x00352d0b, // n0x02be c0x0000 (---------------)  + I lamborghini
-	0x00247245, // n0x02bf c0x0000 (---------------)  + I lamer
-	0x0036c449, // n0x02c0 c0x0000 (---------------)  + I lancaster
-	0x002c0706, // n0x02c1 c0x0000 (---------------)  + I lancia
-	0x00259007, // n0x02c2 c0x0000 (---------------)  + I lancome
-	0x00200804, // n0x02c3 c0x0000 (---------------)  + I land
-	0x0025e089, // n0x02c4 c0x0000 (---------------)  + I landrover
-	0x0035a387, // n0x02c5 c0x0000 (---------------)  + I lanxess
-	0x00279f47, // n0x02c6 c0x0000 (---------------)  + I lasalle
-	0x00223603, // n0x02c7 c0x0000 (---------------)  + I lat
-	0x0025ef86, // n0x02c8 c0x0000 (---------------)  + I latino
-	0x002cca47, // n0x02c9 c0x0000 (---------------)  + I latrobe
-	0x00274483, // n0x02ca c0x0000 (---------------)  + I law
-	0x00274486, // n0x02cb c0x0000 (---------------)  + I lawyer
-	0x30a02942, // n0x02cc c0x00c2 (n0x1349-n0x134e)  + I lb
-	0x30e3aa02, // n0x02cd c0x00c3 (n0x134e-n0x1354)  + I lc
-	0x00226843, // n0x02ce c0x0000 (---------------)  + I lds
-	0x0027a085, // n0x02cf c0x0000 (---------------)  + I lease
-	0x0022c487, // n0x02d0 c0x0000 (---------------)  + I leclerc
-	0x0037c006, // n0x02d1 c0x0000 (---------------)  + I lefrak
-	0x00336305, // n0x02d2 c0x0000 (---------------)  + I legal
-	0x0024db44, // n0x02d3 c0x0000 (---------------)  + I lego
-	0x00241385, // n0x02d4 c0x0000 (---------------)  + I lexus
-	0x002e65c4, // n0x02d5 c0x0000 (---------------)  + I lgbt
-	0x31207202, // n0x02d6 c0x00c4 (n0x1354-n0x1355)  + I li
-	0x00308447, // n0x02d7 c0x0000 (---------------)  + I liaison
-	0x002bb904, // n0x02d8 c0x0000 (---------------)  + I lidl
-	0x0023e6c4, // n0x02d9 c0x0000 (---------------)  + I life
-	0x0023e6cd, // n0x02da c0x0000 (---------------)  + I lifeinsurance
-	0x00253cc9, // n0x02db c0x0000 (---------------)  + I lifestyle
-	0x00312248, // n0x02dc c0x0000 (---------------)  + I lighting
-	0x00258c44, // n0x02dd c0x0000 (---------------)  + I like
-	0x00249785, // n0x02de c0x0000 (---------------)  + I lilly
-	0x0025d747, // n0x02df c0x0000 (---------------)  + I limited
-	0x0025db44, // n0x02e0 c0x0000 (---------------)  + I limo
-	0x0022e787, // n0x02e1 c0x0000 (---------------)  + I lincoln
-	0x00345ac5, // n0x02e2 c0x0000 (---------------)  + I linde
-	0x00398ec4, // n0x02e3 c0x0000 (---------------)  + I link
-	0x002d3a85, // n0x02e4 c0x0000 (---------------)  + I lipsy
-	0x002622c4, // n0x02e5 c0x0000 (---------------)  + I live
-	0x002414c6, // n0x02e6 c0x0000 (---------------)  + I living
-	0x0025da45, // n0x02e7 c0x0000 (---------------)  + I lixil
-	0x3160d742, // n0x02e8 c0x00c5 (n0x1355-n0x1364)  + I lk
-	0x00210b84, // n0x02e9 c0x0000 (---------------)  + I loan
-	0x00210b85, // n0x02ea c0x0000 (---------------)  + I loans
-	0x00376f06, // n0x02eb c0x0000 (---------------)  + I locker
-	0x00336445, // n0x02ec c0x0000 (---------------)  + I locus
-	0x002ccfc4, // n0x02ed c0x0000 (---------------)  + I loft
-	0x002c21c3, // n0x02ee c0x0000 (---------------)  + I lol
-	0x00321906, // n0x02ef c0x0000 (---------------)  + I london
-	0x0021b685, // n0x02f0 c0x0000 (---------------)  + I lotte
-	0x00222845, // n0x02f1 c0x0000 (---------------)  + I lotto
-	0x00230204, // n0x02f2 c0x0000 (---------------)  + I love
-	0x00207443, // n0x02f3 c0x0000 (---------------)  + I lpl
-	0x0020744c, // n0x02f4 c0x0000 (---------------)  + I lplfinancial
-	0x31a88142, // n0x02f5 c0x00c6 (n0x1364-n0x1369)  + I lr
-	0x31e04e42, // n0x02f6 c0x00c7 (n0x1369-n0x136b)  + I ls
-	0x32209e02, // n0x02f7 c0x00c8 (n0x136b-n0x136d)  + I lt
-	0x00322cc3, // n0x02f8 c0x0000 (---------------)  + I ltd
-	0x00322cc4, // n0x02f9 c0x0000 (---------------)  + I ltda
-	0x32602f42, // n0x02fa c0x00c9 (n0x136d-n0x136e)  + I lu
-	0x002fb348, // n0x02fb c0x0000 (---------------)  + I lundbeck
-	0x002dd745, // n0x02fc c0x0000 (---------------)  + I lupin
-	0x0023ca44, // n0x02fd c0x0000 (---------------)  + I luxe
-	0x0023d206, // n0x02fe c0x0000 (---------------)  + I luxury
-	0x32a05d02, // n0x02ff c0x00ca (n0x136e-n0x1377)  + I lv
-	0x32e09082, // n0x0300 c0x00cb (n0x1377-n0x1380)  + I ly
-	0x33200182, // n0x0301 c0x00cc (n0x1380-n0x1386)  + I ma
-	0x00375105, // n0x0302 c0x0000 (---------------)  + I macys
-	0x00317146, // n0x0303 c0x0000 (---------------)  + I madrid
-	0x00271c44, // n0x0304 c0x0000 (---------------)  + I maif
-	0x0022bdc6, // n0x0305 c0x0000 (---------------)  + I maison
-	0x00248d06, // n0x0306 c0x0000 (---------------)  + I makeup
-	0x002018c3, // n0x0307 c0x0000 (---------------)  + I man
-	0x0036f20a, // n0x0308 c0x0000 (---------------)  + I management
-	0x00242c05, // n0x0309 c0x0000 (---------------)  + I mango
-	0x002f1386, // n0x030a c0x0000 (---------------)  + I market
-	0x002f1389, // n0x030b c0x0000 (---------------)  + I marketing
-	0x00331387, // n0x030c c0x0000 (---------------)  + I markets
-	0x00366448, // n0x030d c0x0000 (---------------)  + I marriott
-	0x0020f009, // n0x030e c0x0000 (---------------)  + I marshalls
-	0x002be9c8, // n0x030f c0x0000 (---------------)  + I maserati
-	0x0022f706, // n0x0310 c0x0000 (---------------)  + I mattel
-	0x00209c03, // n0x0311 c0x0000 (---------------)  + I mba
-	0x3362ac02, // n0x0312 c0x00cd (n0x1386-n0x1388)  + I mc
-	0x0037cec3, // n0x0313 c0x0000 (---------------)  + I mcd
-	0x0037cec9, // n0x0314 c0x0000 (---------------)  + I mcdonalds
-	0x00327b88, // n0x0315 c0x0000 (---------------)  + I mckinsey
-	0x33a4da82, // n0x0316 c0x00ce (n0x1388-n0x1389)  + I md
-	0x33e03e82, // n0x0317 c0x00cf (n0x1389-n0x1396)  + I me
-	0x00213ac3, // n0x0318 c0x0000 (---------------)  + I med
-	0x003025c5, // n0x0319 c0x0000 (---------------)  + I media
-	0x0026ad84, // n0x031a c0x0000 (---------------)  + I meet
-	0x002e1809, // n0x031b c0x0000 (---------------)  + I melbourne
-	0x002c4604, // n0x031c c0x0000 (---------------)  + I meme
-	0x0026cf88, // n0x031d c0x0000 (---------------)  + I memorial
-	0x00203e83, // n0x031e c0x0000 (---------------)  + I men
-	0x002ede44, // n0x031f c0x0000 (---------------)  + I menu
-	0x0022adc3, // n0x0320 c0x0000 (---------------)  + I meo
-	0x0023e607, // n0x0321 c0x0000 (---------------)  + I metlife
-	0x3420d802, // n0x0322 c0x00d0 (n0x1396-n0x139f)  + I mg
-	0x0025aa42, // n0x0323 c0x0000 (---------------)  + I mh
-	0x00231f45, // n0x0324 c0x0000 (---------------)  + I miami
-	0x0026b149, // n0x0325 c0x0000 (---------------)  + I microsoft
-	0x00209003, // n0x0326 c0x0000 (---------------)  + I mil
-	0x0027d144, // n0x0327 c0x0000 (---------------)  + I mini
-	0x003193c4, // n0x0328 c0x0000 (---------------)  + I mint
-	0x00229ac3, // n0x0329 c0x0000 (---------------)  + I mit
-	0x0027e0ca, // n0x032a c0x0000 (---------------)  + I mitsubishi
-	0x34767142, // n0x032b c0x00d1 (n0x139f-n0x13a7)  + I mk
-	0x34a10b42, // n0x032c c0x00d2 (n0x13a7-n0x13ae)  + I ml
-	0x002c1243, // n0x032d c0x0000 (---------------)  + I mlb
-	0x00369503, // n0x032e c0x0000 (---------------)  + I mls
-	0x016070c2, // n0x032f c0x0005 (---------------)* o I mm
-	0x00375603, // n0x0330 c0x0000 (---------------)  + I mma
-	0x34e1fdc2, // n0x0331 c0x00d3 (n0x13ae-n0x13b2)  + I mn
-	0x0021fdc4, // n0x0332 c0x0000 (---------------)  + I mnet
-	0x35207102, // n0x0333 c0x00d4 (n0x13b2-n0x13b7)  + I mo
-	0x35607104, // n0x0334 c0x00d5 (n0x13b7-n0x13b8)  + I mobi
-	0x002e2606, // n0x0335 c0x0000 (---------------)  + I mobily
-	0x0026c084, // n0x0336 c0x0000 (---------------)  + I moda
-	0x002d7d03, // n0x0337 c0x0000 (---------------)  + I moe
-	0x00282043, // n0x0338 c0x0000 (---------------)  + I moi
-	0x002e3783, // n0x0339 c0x0000 (---------------)  + I mom
-	0x00244dc6, // n0x033a c0x0000 (---------------)  + I monash
-	0x002c6d85, // n0x033b c0x0000 (---------------)  + I money
-	0x002c1e07, // n0x033c c0x0000 (---------------)  + I monster
-	0x00258ec9, // n0x033d c0x0000 (---------------)  + I montblanc
-	0x002c5285, // n0x033e c0x0000 (---------------)  + I mopar
-	0x002c6cc6, // n0x033f c0x0000 (---------------)  + I mormon
-	0x002c72c8, // n0x0340 c0x0000 (---------------)  + I mortgage
-	0x002c74c6, // n0x0341 c0x0000 (---------------)  + I moscow
-	0x00278644, // n0x0342 c0x0000 (---------------)  + I moto
-	0x0029af0b, // n0x0343 c0x0000 (---------------)  + I motorcycles
-	0x002c9083, // n0x0344 c0x0000 (---------------)  + I mov
-	0x002c9085, // n0x0345 c0x0000 (---------------)  + I movie
-	0x002c91c8, // n0x0346 c0x0000 (---------------)  + I movistar
-	0x0022a482, // n0x0347 c0x0000 (---------------)  + I mp
-	0x0033ad82, // n0x0348 c0x0000 (---------------)  + I mq
-	0x35a4aa02, // n0x0349 c0x00d6 (n0x13b8-n0x13ba)  + I mr
-	0x35e0f702, // n0x034a c0x00d7 (n0x13ba-n0x13bf)  + I ms
-	0x0025d643, // n0x034b c0x0000 (---------------)  + I msd
-	0x36204c02, // n0x034c c0x00d8 (n0x13bf-n0x13c3)  + I mt
-	0x0026c8c3, // n0x034d c0x0000 (---------------)  + I mtn
-	0x002c94c4, // n0x034e c0x0000 (---------------)  + I mtpc
-	0x002c9d03, // n0x034f c0x0000 (---------------)  + I mtr
-	0x36a03ac2, // n0x0350 c0x00da (n0x13c4-n0x13cb)  + I mu
-	0x002cbb0b, // n0x0351 c0x0000 (---------------)  + I multichoice
-	0x36ed0106, // n0x0352 c0x00db (n0x13cb-n0x15ef)  + I museum
-	0x0023db46, // n0x0353 c0x0000 (---------------)  + I mutual
-	0x002d0748, // n0x0354 c0x0000 (---------------)  + I mutuelle
-	0x372b7382, // n0x0355 c0x00dc (n0x15ef-n0x15fd)  + I mv
-	0x3760fc82, // n0x0356 c0x00dd (n0x15fd-n0x1608)  + I mw
-	0x37a1bb02, // n0x0357 c0x00de (n0x1608-n0x160e)  + I mx
-	0x37e26f02, // n0x0358 c0x00df (n0x160e-n0x1616)  + I my
-	0x38214382, // n0x0359 c0x00e0 (n0x1616-n0x1617)* o I mz
-	0x0021438b, // n0x035a c0x0000 (---------------)  + I mzansimagic
-	0x38601402, // n0x035b c0x00e1 (n0x1617-n0x1628)  + I na
-	0x00223703, // n0x035c c0x0000 (---------------)  + I nab
-	0x002393c5, // n0x035d c0x0000 (---------------)  + I nadex
-	0x0030f646, // n0x035e c0x0000 (---------------)  + I nagoya
-	0x38a05284, // n0x035f c0x00e2 (n0x1628-n0x162a)  + I name
-	0x0028cec7, // n0x0360 c0x0000 (---------------)  + I naspers
-	0x00238e4a, // n0x0361 c0x0000 (---------------)  + I nationwide
-	0x002ea486, // n0x0362 c0x0000 (---------------)  + I natura
-	0x0039fb84, // n0x0363 c0x0000 (---------------)  + I navy
-	0x0025d243, // n0x0364 c0x0000 (---------------)  + I nba
-	0x39600642, // n0x0365 c0x00e5 (n0x162c-n0x162d)  + I nc
-	0x00202c02, // n0x0366 c0x0000 (---------------)  + I ne
-	0x00249b43, // n0x0367 c0x0000 (---------------)  + I nec
-	0x39a1fe03, // n0x0368 c0x00e6 (n0x162d-n0x1663)  + I net
-	0x003928c7, // n0x0369 c0x0000 (---------------)  + I netbank
-	0x0025d947, // n0x036a c0x0000 (---------------)  + I netflix
-	0x00255b87, // n0x036b c0x0000 (---------------)  + I network
-	0x00228847, // n0x036c c0x0000 (---------------)  + I neustar
-	0x00221dc3, // n0x036d c0x0000 (---------------)  + I new
-	0x002f0d8a, // n0x036e c0x0000 (---------------)  + I newholland
-	0x00221dc4, // n0x036f c0x0000 (---------------)  + I news
-	0x0024d684, // n0x0370 c0x0000 (---------------)  + I next
-	0x0024d68a, // n0x0371 c0x0000 (---------------)  + I nextdirect
-	0x0026d605, // n0x0372 c0x0000 (---------------)  + I nexus
-	0x3ae00542, // n0x0373 c0x00eb (n0x166b-n0x1675)  + I nf
-	0x00251bc3, // n0x0374 c0x0000 (---------------)  + I nfl
-	0x3b202802, // n0x0375 c0x00ec (n0x1675-n0x167f)  + I ng
-	0x00202d03, // n0x0376 c0x0000 (---------------)  + I ngo
-	0x0026da03, // n0x0377 c0x0000 (---------------)  + I nhk
-	0x3ba03182, // n0x0378 c0x00ee (n0x1680-n0x168e)  o I ni
-	0x002a6b04, // n0x0379 c0x0000 (---------------)  + I nico
-	0x0021da84, // n0x037a c0x0000 (---------------)  + I nike
-	0x00206b05, // n0x037b c0x0000 (---------------)  + I nikon
-	0x002c8e05, // n0x037c c0x0000 (---------------)  + I ninja
-	0x0022e906, // n0x037d c0x0000 (---------------)  + I nissan
-	0x0022ec86, // n0x037e c0x0000 (---------------)  + I nissay
-	0x3be47802, // n0x037f c0x00ef (n0x168e-n0x1691)  + I nl
-	0x3c200c02, // n0x0380 c0x00f0 (n0x1691-n0x1967)  + I no
-	0x00318785, // n0x0381 c0x0000 (---------------)  + I nokia
-	0x0023d852, // n0x0382 c0x0000 (---------------)  + I northwesternmutual
-	0x00366106, // n0x0383 c0x0000 (---------------)  + I norton
-	0x00224d83, // n0x0384 c0x0000 (---------------)  + I now
-	0x0029cec6, // n0x0385 c0x0000 (---------------)  + I nowruz
-	0x00224d85, // n0x0386 c0x0000 (---------------)  + I nowtv
-	0x01610502, // n0x0387 c0x0005 (---------------)* o I np
-	0x4460d382, // n0x0388 c0x0111 (n0x198f-n0x1996)  + I nr
-	0x002e23c3, // n0x0389 c0x0000 (---------------)  + I nra
-	0x002b5e83, // n0x038a c0x0000 (---------------)  + I nrw
-	0x00373b03, // n0x038b c0x0000 (---------------)  + I ntt
-	0x44a017c2, // n0x038c c0x0112 (n0x1996-n0x1999)  + I nu
-	0x0036ef83, // n0x038d c0x0000 (---------------)  + I nyc
-	0x44e094c2, // n0x038e c0x0113 (n0x1999-n0x19a9)  + I nz
-	0x00207143, // n0x038f c0x0000 (---------------)  + I obi
-	0x002ddc88, // n0x0390 c0x0000 (---------------)  + I observer
-	0x0020b283, // n0x0391 c0x0000 (---------------)  + I off
-	0x00221686, // n0x0392 c0x0000 (---------------)  + I office
-	0x00395b47, // n0x0393 c0x0000 (---------------)  + I okinawa
-	0x0020a9c6, // n0x0394 c0x0000 (---------------)  + I olayan
-	0x0020a9cb, // n0x0395 c0x0000 (---------------)  + I olayangroup
-	0x0039fac7, // n0x0396 c0x0000 (---------------)  + I oldnavy
-	0x00389204, // n0x0397 c0x0000 (---------------)  + I ollo
-	0x456014c2, // n0x0398 c0x0115 (n0x19aa-n0x19b3)  + I om
-	0x002dd5c5, // n0x0399 c0x0000 (---------------)  + I omega
-	0x00214843, // n0x039a c0x0000 (---------------)  + I one
-	0x002082c3, // n0x039b c0x0000 (---------------)  + I ong
-	0x003175c3, // n0x039c c0x0000 (---------------)  + I onl
-	0x003175c6, // n0x039d c0x0000 (---------------)  + I online
-	0x003a008a, // n0x039e c0x0000 (---------------)  + I onyourside
-	0x0028d703, // n0x039f c0x0000 (---------------)  + I ooo
-	0x0023de44, // n0x03a0 c0x0000 (---------------)  + I open
-	0x00224206, // n0x03a1 c0x0000 (---------------)  + I oracle
-	0x00396286, // n0x03a2 c0x0000 (---------------)  + I orange
-	0x45a2d1c3, // n0x03a3 c0x0116 (n0x19b3-n0x19f0)  + I org
-	0x002ae487, // n0x03a4 c0x0000 (---------------)  + I organic
-	0x002db3cd, // n0x03a5 c0x0000 (---------------)  + I orientexpress
-	0x00383487, // n0x03a6 c0x0000 (---------------)  + I origins
-	0x0029ac45, // n0x03a7 c0x0000 (---------------)  + I osaka
-	0x00269e06, // n0x03a8 c0x0000 (---------------)  + I otsuka
-	0x0021b6c3, // n0x03a9 c0x0000 (---------------)  + I ott
-	0x0020da83, // n0x03aa c0x0000 (---------------)  + I ovh
-	0x4720ac42, // n0x03ab c0x011c (n0x1a2d-n0x1a38)  + I pa
-	0x002eaf04, // n0x03ac c0x0000 (---------------)  + I page
-	0x0024c94c, // n0x03ad c0x0000 (---------------)  + I pamperedchef
-	0x002646c9, // n0x03ae c0x0000 (---------------)  + I panasonic
-	0x00338507, // n0x03af c0x0000 (---------------)  + I panerai
-	0x00277905, // n0x03b0 c0x0000 (---------------)  + I paris
-	0x002994c4, // n0x03b1 c0x0000 (---------------)  + I pars
-	0x002a5308, // n0x03b2 c0x0000 (---------------)  + I partners
-	0x002ad245, // n0x03b3 c0x0000 (---------------)  + I parts
-	0x002b4c45, // n0x03b4 c0x0000 (---------------)  + I party
-	0x002cc549, // n0x03b5 c0x0000 (---------------)  + I passagens
-	0x002bc0c3, // n0x03b6 c0x0000 (---------------)  + I pay
-	0x002bc0c4, // n0x03b7 c0x0000 (---------------)  + I payu
-	0x002c9544, // n0x03b8 c0x0000 (---------------)  + I pccw
-	0x47607782, // n0x03b9 c0x011d (n0x1a38-n0x1a40)  + I pe
-	0x00207783, // n0x03ba c0x0000 (---------------)  + I pet
-	0x47af7d02, // n0x03bb c0x011e (n0x1a40-n0x1a43)  + I pf
-	0x002f7d06, // n0x03bc c0x0000 (---------------)  + I pfizer
-	0x016495c2, // n0x03bd c0x0005 (---------------)* o I pg
-	0x47e00d42, // n0x03be c0x011f (n0x1a43-n0x1a4b)  + I ph
-	0x00375008, // n0x03bf c0x0000 (---------------)  + I pharmacy
-	0x002d39c7, // n0x03c0 c0x0000 (---------------)  + I philips
-	0x00299085, // n0x03c1 c0x0000 (---------------)  + I photo
-	0x002d404b, // n0x03c2 c0x0000 (---------------)  + I photography
-	0x002d11c6, // n0x03c3 c0x0000 (---------------)  + I photos
-	0x002d4246, // n0x03c4 c0x0000 (---------------)  + I physio
-	0x002d43c6, // n0x03c5 c0x0000 (---------------)  + I piaget
-	0x00225704, // n0x03c6 c0x0000 (---------------)  + I pics
-	0x002d4b46, // n0x03c7 c0x0000 (---------------)  + I pictet
-	0x002d5008, // n0x03c8 c0x0000 (---------------)  + I pictures
-	0x00241b83, // n0x03c9 c0x0000 (---------------)  + I pid
-	0x002699c3, // n0x03ca c0x0000 (---------------)  + I pin
-	0x002699c4, // n0x03cb c0x0000 (---------------)  + I ping
-	0x002d6d84, // n0x03cc c0x0000 (---------------)  + I pink
-	0x002d7107, // n0x03cd c0x0000 (---------------)  + I pioneer
-	0x002d85c5, // n0x03ce c0x0000 (---------------)  + I pizza
-	0x482d8702, // n0x03cf c0x0120 (n0x1a4b-n0x1a59)  + I pk
-	0x486063c2, // n0x03d0 c0x0121 (n0x1a59-n0x1afe)  + I pl
-	0x002063c5, // n0x03d1 c0x0000 (---------------)  + I place
-	0x0029e944, // n0x03d2 c0x0000 (---------------)  + I play
-	0x002dad4b, // n0x03d3 c0x0000 (---------------)  + I playstation
-	0x002dc348, // n0x03d4 c0x0000 (---------------)  + I plumbing
-	0x002dcac4, // n0x03d5 c0x0000 (---------------)  + I plus
-	0x0020d7c2, // n0x03d6 c0x0000 (---------------)  + I pm
-	0x48e493c2, // n0x03d7 c0x0123 (n0x1b2d-n0x1b32)  + I pn
-	0x002aee03, // n0x03d8 c0x0000 (---------------)  + I pnc
-	0x002dcf04, // n0x03d9 c0x0000 (---------------)  + I pohl
-	0x002dd005, // n0x03da c0x0000 (---------------)  + I poker
-	0x002de547, // n0x03db c0x0000 (---------------)  + I politie
-	0x002e0104, // n0x03dc c0x0000 (---------------)  + I porn
-	0x0035fe04, // n0x03dd c0x0000 (---------------)  + I post
-	0x49204602, // n0x03de c0x0124 (n0x1b32-n0x1b3f)  + I pr
-	0x003598c9, // n0x03df c0x0000 (---------------)  + I pramerica
-	0x002e0b05, // n0x03e0 c0x0000 (---------------)  + I praxi
-	0x00247505, // n0x03e1 c0x0000 (---------------)  + I press
-	0x002e1745, // n0x03e2 c0x0000 (---------------)  + I prime
-	0x49620e43, // n0x03e3 c0x0125 (n0x1b3f-n0x1b4a)  + I pro
-	0x002e2044, // n0x03e4 c0x0000 (---------------)  + I prod
-	0x002e204b, // n0x03e5 c0x0000 (---------------)  + I productions
-	0x002e2484, // n0x03e6 c0x0000 (---------------)  + I prof
-	0x002e278b, // n0x03e7 c0x0000 (---------------)  + I progressive
-	0x002e36c5, // n0x03e8 c0x0000 (---------------)  + I promo
-	0x00220e4a, // n0x03e9 c0x0000 (---------------)  + I properties
-	0x002e3e48, // n0x03ea c0x0000 (---------------)  + I property
-	0x002e404a, // n0x03eb c0x0000 (---------------)  + I protection
-	0x002e42c3, // n0x03ec c0x0000 (---------------)  + I pru
-	0x002e42ca, // n0x03ed c0x0000 (---------------)  + I prudential
-	0x49a09342, // n0x03ee c0x0126 (n0x1b4a-n0x1b51)  + I ps
-	0x49e8c9c2, // n0x03ef c0x0127 (n0x1b51-n0x1b5a)  + I pt
-	0x00297403, // n0x03f0 c0x0000 (---------------)  + I pub
-	0x4a2e5942, // n0x03f1 c0x0128 (n0x1b5a-n0x1b60)  + I pw
-	0x002e5943, // n0x03f2 c0x0000 (---------------)  + I pwc
-	0x4a734802, // n0x03f3 c0x0129 (n0x1b60-n0x1b67)  + I py
-	0x4ab14682, // n0x03f4 c0x012a (n0x1b67-n0x1b70)  + I qa
-	0x002e6444, // n0x03f5 c0x0000 (---------------)  + I qpon
-	0x0021b906, // n0x03f6 c0x0000 (---------------)  + I quebec
-	0x0022bb05, // n0x03f7 c0x0000 (---------------)  + I quest
-	0x002e6ac3, // n0x03f8 c0x0000 (---------------)  + I qvc
-	0x00355bc6, // n0x03f9 c0x0000 (---------------)  + I racing
-	0x00351c84, // n0x03fa c0x0000 (---------------)  + I raid
-	0x4ae07002, // n0x03fb c0x012b (n0x1b70-n0x1b74)  + I re
-	0x002d3404, // n0x03fc c0x0000 (---------------)  + I read
-	0x002c238a, // n0x03fd c0x0000 (---------------)  + I realestate
-	0x00338907, // n0x03fe c0x0000 (---------------)  + I realtor
-	0x0031fc86, // n0x03ff c0x0000 (---------------)  + I realty
-	0x0031c747, // n0x0400 c0x0000 (---------------)  + I recipes
-	0x00244803, // n0x0401 c0x0000 (---------------)  + I red
-	0x003a2b48, // n0x0402 c0x0000 (---------------)  + I redstone
-	0x00337f4b, // n0x0403 c0x0000 (---------------)  + I redumbrella
-	0x002c9b05, // n0x0404 c0x0000 (---------------)  + I rehab
-	0x0033a0c5, // n0x0405 c0x0000 (---------------)  + I reise
-	0x0033a0c6, // n0x0406 c0x0000 (---------------)  + I reisen
-	0x002b75c4, // n0x0407 c0x0000 (---------------)  + I reit
-	0x00327f48, // n0x0408 c0x0000 (---------------)  + I reliance
-	0x00209ec3, // n0x0409 c0x0000 (---------------)  + I ren
-	0x0020bd84, // n0x040a c0x0000 (---------------)  + I rent
-	0x0020bd87, // n0x040b c0x0000 (---------------)  + I rentals
-	0x0022b7c6, // n0x040c c0x0000 (---------------)  + I repair
-	0x00309586, // n0x040d c0x0000 (---------------)  + I report
-	0x0029f6ca, // n0x040e c0x0000 (---------------)  + I republican
-	0x0024d544, // n0x040f c0x0000 (---------------)  + I rest
-	0x0037adca, // n0x0410 c0x0000 (---------------)  + I restaurant
-	0x002eaac6, // n0x0411 c0x0000 (---------------)  + I review
-	0x002eaac7, // n0x0412 c0x0000 (---------------)  + I reviews
-	0x00257607, // n0x0413 c0x0000 (---------------)  + I rexroth
-	0x00273a04, // n0x0414 c0x0000 (---------------)  + I rich
-	0x00273a09, // n0x0415 c0x0000 (---------------)  + I richardli
-	0x002b6f85, // n0x0416 c0x0000 (---------------)  + I ricoh
-	0x0034618b, // n0x0417 c0x0000 (---------------)  + I rightathome
-	0x00257f83, // n0x0418 c0x0000 (---------------)  + I ril
-	0x00200a83, // n0x0419 c0x0000 (---------------)  + I rio
-	0x0022fd43, // n0x041a c0x0000 (---------------)  + I rip
-	0x002684c4, // n0x041b c0x0000 (---------------)  + I rmit
-	0x4b202202, // n0x041c c0x012c (n0x1b74-n0x1b80)  + I ro
-	0x00289806, // n0x041d c0x0000 (---------------)  + I rocher
-	0x002a10c5, // n0x041e c0x0000 (---------------)  + I rocks
-	0x002d2f85, // n0x041f c0x0000 (---------------)  + I rodeo
-	0x0039c1c6, // n0x0420 c0x0000 (---------------)  + I rogers
-	0x0037ed04, // n0x0421 c0x0000 (---------------)  + I room
-	0x4b609702, // n0x0422 c0x012d (n0x1b80-n0x1b87)  + I rs
-	0x0039c2c4, // n0x0423 c0x0000 (---------------)  + I rsvp
-	0x4ba11302, // n0x0424 c0x012e (n0x1b87-n0x1c0a)  + I ru
-	0x00236144, // n0x0425 c0x0000 (---------------)  + I ruhr
-	0x00222b43, // n0x0426 c0x0000 (---------------)  + I run
-	0x4beb5ec2, // n0x0427 c0x012f (n0x1c0a-n0x1c13)  + I rw
-	0x003274c3, // n0x0428 c0x0000 (---------------)  + I rwe
-	0x0036acc6, // n0x0429 c0x0000 (---------------)  + I ryukyu
-	0x4c2004c2, // n0x042a c0x0130 (n0x1c13-n0x1c1b)  + I sa
-	0x0030c348, // n0x042b c0x0000 (---------------)  + I saarland
-	0x00215944, // n0x042c c0x0000 (---------------)  + I safe
-	0x00215946, // n0x042d c0x0000 (---------------)  + I safety
-	0x00307fc6, // n0x042e c0x0000 (---------------)  + I sakura
-	0x00259844, // n0x042f c0x0000 (---------------)  + I sale
-	0x00321885, // n0x0430 c0x0000 (---------------)  + I salon
-	0x00398bc8, // n0x0431 c0x0000 (---------------)  + I samsclub
-	0x0039edc7, // n0x0432 c0x0000 (---------------)  + I samsung
-	0x003a0747, // n0x0433 c0x0000 (---------------)  + I sandvik
-	0x003a074f, // n0x0434 c0x0000 (---------------)  + I sandvikcoromant
-	0x00294646, // n0x0435 c0x0000 (---------------)  + I sanofi
-	0x00219dc3, // n0x0436 c0x0000 (---------------)  + I sap
-	0x00219dc4, // n0x0437 c0x0000 (---------------)  + I sapo
-	0x0022b604, // n0x0438 c0x0000 (---------------)  + I sarl
-	0x00228143, // n0x0439 c0x0000 (---------------)  + I sas
-	0x00222244, // n0x043a c0x0000 (---------------)  + I save
-	0x00235144, // n0x043b c0x0000 (---------------)  + I saxo
-	0x4c62d142, // n0x043c c0x0131 (n0x1c1b-n0x1c20)  + I sb
-	0x00288e03, // n0x043d c0x0000 (---------------)  + I sbi
-	0x00237503, // n0x043e c0x0000 (---------------)  + I sbs
-	0x4ca00702, // n0x043f c0x0132 (n0x1c20-n0x1c25)  + I sc
-	0x00236a03, // n0x0440 c0x0000 (---------------)  + I sca
-	0x002ee403, // n0x0441 c0x0000 (---------------)  + I scb
-	0x0021744a, // n0x0442 c0x0000 (---------------)  + I schaeffler
-	0x002e5d47, // n0x0443 c0x0000 (---------------)  + I schmidt
-	0x0023ce0c, // n0x0444 c0x0000 (---------------)  + I scholarships
-	0x0023d0c6, // n0x0445 c0x0000 (---------------)  + I school
-	0x00241286, // n0x0446 c0x0000 (---------------)  + I schule
-	0x00242547, // n0x0447 c0x0000 (---------------)  + I schwarz
-	0x002358c7, // n0x0448 c0x0000 (---------------)  + I science
-	0x00246cc9, // n0x0449 c0x0000 (---------------)  + I scjohnson
-	0x0021c544, // n0x044a c0x0000 (---------------)  + I scor
-	0x00200704, // n0x044b c0x0000 (---------------)  + I scot
-	0x4ce496c2, // n0x044c c0x0133 (n0x1c25-n0x1c2d)  + I sd
-	0x4d2046c2, // n0x044d c0x0134 (n0x1c2d-n0x1c56)  + I se
-	0x00316b84, // n0x044e c0x0000 (---------------)  + I seat
-	0x0031c646, // n0x044f c0x0000 (---------------)  + I secure
-	0x00235d48, // n0x0450 c0x0000 (---------------)  + I security
-	0x0027a144, // n0x0451 c0x0000 (---------------)  + I seek
-	0x0025b346, // n0x0452 c0x0000 (---------------)  + I select
-	0x002cb485, // n0x0453 c0x0000 (---------------)  + I sener
-	0x00206808, // n0x0454 c0x0000 (---------------)  + I services
-	0x002046c3, // n0x0455 c0x0000 (---------------)  + I ses
-	0x00251f05, // n0x0456 c0x0000 (---------------)  + I seven
-	0x00253b43, // n0x0457 c0x0000 (---------------)  + I sew
-	0x00247603, // n0x0458 c0x0000 (---------------)  + I sex
-	0x00247604, // n0x0459 c0x0000 (---------------)  + I sexy
-	0x00256a83, // n0x045a c0x0000 (---------------)  + I sfr
-	0x4d66d702, // n0x045b c0x0135 (n0x1c56-n0x1c5d)  + I sg
-	0x4da01342, // n0x045c c0x0136 (n0x1c5d-n0x1c64)  + I sh
-	0x00257e49, // n0x045d c0x0000 (---------------)  + I shangrila
-	0x0025b885, // n0x045e c0x0000 (---------------)  + I sharp
-	0x0025cb44, // n0x045f c0x0000 (---------------)  + I shaw
-	0x0025fd45, // n0x0460 c0x0000 (---------------)  + I shell
-	0x00211884, // n0x0461 c0x0000 (---------------)  + I shia
-	0x002fea47, // n0x0462 c0x0000 (---------------)  + I shiksha
-	0x003896c5, // n0x0463 c0x0000 (---------------)  + I shoes
-	0x002be486, // n0x0464 c0x0000 (---------------)  + I shouji
-	0x002c4484, // n0x0465 c0x0000 (---------------)  + I show
-	0x002c4488, // n0x0466 c0x0000 (---------------)  + I showtime
-	0x002c8307, // n0x0467 c0x0000 (---------------)  + I shriram
-	0x4de0a402, // n0x0468 c0x0137 (n0x1c64-n0x1c65)  + I si
-	0x00341f84, // n0x0469 c0x0000 (---------------)  + I silk
-	0x002f7b84, // n0x046a c0x0000 (---------------)  + I sina
-	0x00285cc7, // n0x046b c0x0000 (---------------)  + I singles
-	0x002810c4, // n0x046c c0x0000 (---------------)  + I site
-	0x0022eb82, // n0x046d c0x0000 (---------------)  + I sj
-	0x4e207842, // n0x046e c0x0138 (n0x1c65-n0x1c66)  + I sk
-	0x00209743, // n0x046f c0x0000 (---------------)  + I ski
-	0x002e76c4, // n0x0470 c0x0000 (---------------)  + I skin
-	0x002368c3, // n0x0471 c0x0000 (---------------)  + I sky
-	0x002368c5, // n0x0472 c0x0000 (---------------)  + I skype
-	0x4e624b82, // n0x0473 c0x0139 (n0x1c66-n0x1c6b)  + I sl
-	0x00375205, // n0x0474 c0x0000 (---------------)  + I sling
-	0x0024cdc2, // n0x0475 c0x0000 (---------------)  + I sm
-	0x00368185, // n0x0476 c0x0000 (---------------)  + I smart
-	0x0035e3c5, // n0x0477 c0x0000 (---------------)  + I smile
-	0x4ea14182, // n0x0478 c0x013a (n0x1c6b-n0x1c73)  + I sn
-	0x00214184, // n0x0479 c0x0000 (---------------)  + I sncf
-	0x4ee05682, // n0x047a c0x013b (n0x1c73-n0x1c76)  + I so
-	0x00325706, // n0x047b c0x0000 (---------------)  + I soccer
-	0x002a3986, // n0x047c c0x0000 (---------------)  + I social
-	0x0026b288, // n0x047d c0x0000 (---------------)  + I softbank
-	0x002b8688, // n0x047e c0x0000 (---------------)  + I software
-	0x002f9444, // n0x047f c0x0000 (---------------)  + I sohu
-	0x00359f05, // n0x0480 c0x0000 (---------------)  + I solar
-	0x00359d09, // n0x0481 c0x0000 (---------------)  + I solutions
-	0x00356144, // n0x0482 c0x0000 (---------------)  + I song
-	0x003a0044, // n0x0483 c0x0000 (---------------)  + I sony
-	0x002bd0c3, // n0x0484 c0x0000 (---------------)  + I soy
-	0x0020bb45, // n0x0485 c0x0000 (---------------)  + I space
-	0x00371ac7, // n0x0486 c0x0000 (---------------)  + I spiegel
-	0x00209384, // n0x0487 c0x0000 (---------------)  + I spot
-	0x00332e4d, // n0x0488 c0x0000 (---------------)  + I spreadbetting
-	0x0033b802, // n0x0489 c0x0000 (---------------)  + I sr
-	0x0033b803, // n0x048a c0x0000 (---------------)  + I srl
-	0x0035a503, // n0x048b c0x0000 (---------------)  + I srt
-	0x4f202742, // n0x048c c0x013c (n0x1c76-n0x1c82)  + I st
-	0x00380745, // n0x048d c0x0000 (---------------)  + I stada
-	0x002320c7, // n0x048e c0x0000 (---------------)  + I staples
-	0x00228904, // n0x048f c0x0000 (---------------)  + I star
-	0x00228907, // n0x0490 c0x0000 (---------------)  + I starhub
-	0x0020f209, // n0x0491 c0x0000 (---------------)  + I statebank
-	0x002c24c9, // n0x0492 c0x0000 (---------------)  + I statefarm
-	0x003a0dc7, // n0x0493 c0x0000 (---------------)  + I statoil
-	0x00277743, // n0x0494 c0x0000 (---------------)  + I stc
-	0x00277748, // n0x0495 c0x0000 (---------------)  + I stcgroup
-	0x002a8009, // n0x0496 c0x0000 (---------------)  + I stockholm
-	0x00364547, // n0x0497 c0x0000 (---------------)  + I storage
-	0x00391185, // n0x0498 c0x0000 (---------------)  + I store
-	0x002e74c6, // n0x0499 c0x0000 (---------------)  + I stream
-	0x002e7906, // n0x049a c0x0000 (---------------)  + I studio
-	0x002e7a85, // n0x049b c0x0000 (---------------)  + I study
-	0x00253dc5, // n0x049c c0x0000 (---------------)  + I style
-	0x4f6023c2, // n0x049d c0x013d (n0x1c82-n0x1ca2)  + I su
-	0x00332385, // n0x049e c0x0000 (---------------)  + I sucks
-	0x002ba24a, // n0x049f c0x0000 (---------------)  + I supersport
-	0x002be2c8, // n0x04a0 c0x0000 (---------------)  + I supplies
-	0x002a7806, // n0x04a1 c0x0000 (---------------)  + I supply
-	0x002e3907, // n0x04a2 c0x0000 (---------------)  + I support
-	0x0024c144, // n0x04a3 c0x0000 (---------------)  + I surf
-	0x002a9e07, // n0x04a4 c0x0000 (---------------)  + I surgery
-	0x002eef06, // n0x04a5 c0x0000 (---------------)  + I suzuki
-	0x4fa35f42, // n0x04a6 c0x013e (n0x1ca2-n0x1ca7)  + I sv
-	0x00376c06, // n0x04a7 c0x0000 (---------------)  + I swatch
-	0x002f15ca, // n0x04a8 c0x0000 (---------------)  + I swiftcover
-	0x002f1f85, // n0x04a9 c0x0000 (---------------)  + I swiss
-	0x4fef2802, // n0x04aa c0x013f (n0x1ca7-n0x1ca8)  + I sx
-	0x50289a02, // n0x04ab c0x0140 (n0x1ca8-n0x1cae)  + I sy
-	0x00329bc6, // n0x04ac c0x0000 (---------------)  + I sydney
-	0x002d5f48, // n0x04ad c0x0000 (---------------)  + I symantec
-	0x00394e07, // n0x04ae c0x0000 (---------------)  + I systems
-	0x5060b982, // n0x04af c0x0141 (n0x1cae-n0x1cb1)  + I sz
-	0x00210d43, // n0x04b0 c0x0000 (---------------)  + I tab
-	0x003a6506, // n0x04b1 c0x0000 (---------------)  + I taipei
-	0x0021eb04, // n0x04b2 c0x0000 (---------------)  + I talk
-	0x00395a06, // n0x04b3 c0x0000 (---------------)  + I taobao
-	0x00357846, // n0x04b4 c0x0000 (---------------)  + I target
-	0x00322a0a, // n0x04b5 c0x0000 (---------------)  + I tatamotors
-	0x0036cc45, // n0x04b6 c0x0000 (---------------)  + I tatar
-	0x00219906, // n0x04b7 c0x0000 (---------------)  + I tattoo
-	0x002203c3, // n0x04b8 c0x0000 (---------------)  + I tax
-	0x002203c4, // n0x04b9 c0x0000 (---------------)  + I taxi
-	0x00204442, // n0x04ba c0x0000 (---------------)  + I tc
-	0x0025edc3, // n0x04bb c0x0000 (---------------)  + I tci
-	0x50a0b182, // n0x04bc c0x0142 (n0x1cb1-n0x1cb2)  + I td
-	0x002c9683, // n0x04bd c0x0000 (---------------)  + I tdk
-	0x00367504, // n0x04be c0x0000 (---------------)  + I team
-	0x002d59c4, // n0x04bf c0x0000 (---------------)  + I tech
-	0x002d608a, // n0x04c0 c0x0000 (---------------)  + I technology
-	0x0022f7c3, // n0x04c1 c0x0000 (---------------)  + I tel
-	0x00286648, // n0x04c2 c0x0000 (---------------)  + I telecity
-	0x0030ec4a, // n0x04c3 c0x0000 (---------------)  + I telefonica
-	0x0023fa07, // n0x04c4 c0x0000 (---------------)  + I temasek
-	0x002f4806, // n0x04c5 c0x0000 (---------------)  + I tennis
-	0x0032ce44, // n0x04c6 c0x0000 (---------------)  + I teva
-	0x0025d9c2, // n0x04c7 c0x0000 (---------------)  + I tf
-	0x00204c42, // n0x04c8 c0x0000 (---------------)  + I tg
-	0x50e06342, // n0x04c9 c0x0143 (n0x1cb2-n0x1cb9)  + I th
-	0x0024b183, // n0x04ca c0x0000 (---------------)  + I thd
-	0x002573c7, // n0x04cb c0x0000 (---------------)  + I theater
-	0x00355e87, // n0x04cc c0x0000 (---------------)  + I theatre
-	0x003504cb, // n0x04cd c0x0000 (---------------)  + I theguardian
-	0x0034d4c4, // n0x04ce c0x0000 (---------------)  + I tiaa
-	0x002f6847, // n0x04cf c0x0000 (---------------)  + I tickets
-	0x002de646, // n0x04d0 c0x0000 (---------------)  + I tienda
-	0x00215707, // n0x04d1 c0x0000 (---------------)  + I tiffany
-	0x002e5c84, // n0x04d2 c0x0000 (---------------)  + I tips
-	0x0033d385, // n0x04d3 c0x0000 (---------------)  + I tires
-	0x002b7905, // n0x04d4 c0x0000 (---------------)  + I tirol
-	0x51226782, // n0x04d5 c0x0144 (n0x1cb9-n0x1cc8)  + I tj
-	0x00230886, // n0x04d6 c0x0000 (---------------)  + I tjmaxx
-	0x0036f443, // n0x04d7 c0x0000 (---------------)  + I tjx
-	0x0022ad02, // n0x04d8 c0x0000 (---------------)  + I tk
-	0x00231686, // n0x04d9 c0x0000 (---------------)  + I tkmaxx
-	0x516007c2, // n0x04da c0x0145 (n0x1cc8-n0x1cc9)  + I tl
-	0x51a00142, // n0x04db c0x0146 (n0x1cc9-n0x1cd1)  + I tm
-	0x00200145, // n0x04dc c0x0000 (---------------)  + I tmall
-	0x51e4f882, // n0x04dd c0x0147 (n0x1cd1-n0x1ce5)  + I tn
-	0x52208082, // n0x04de c0x0148 (n0x1ce5-n0x1ceb)  + I to
-	0x00265905, // n0x04df c0x0000 (---------------)  + I today
-	0x00341c05, // n0x04e0 c0x0000 (---------------)  + I tokyo
-	0x002199c5, // n0x04e1 c0x0000 (---------------)  + I tools
-	0x00208083, // n0x04e2 c0x0000 (---------------)  + I top
-	0x00376345, // n0x04e3 c0x0000 (---------------)  + I toray
-	0x002d1287, // n0x04e4 c0x0000 (---------------)  + I toshiba
-	0x0025b605, // n0x04e5 c0x0000 (---------------)  + I total
-	0x002fd7c5, // n0x04e6 c0x0000 (---------------)  + I tours
-	0x002dc244, // n0x04e7 c0x0000 (---------------)  + I town
-	0x0025bb86, // n0x04e8 c0x0000 (---------------)  + I toyota
-	0x0026dac4, // n0x04e9 c0x0000 (---------------)  + I toys
-	0x52603002, // n0x04ea c0x0149 (n0x1ceb-n0x1d00)  + I tr
-	0x002673c5, // n0x04eb c0x0000 (---------------)  + I trade
-	0x002a4607, // n0x04ec c0x0000 (---------------)  + I trading
-	0x0022a6c8, // n0x04ed c0x0000 (---------------)  + I training
-	0x0029bec6, // n0x04ee c0x0000 (---------------)  + I travel
-	0x0029becd, // n0x04ef c0x0000 (---------------)  + I travelchannel
-	0x002a1a89, // n0x04f0 c0x0000 (---------------)  + I travelers
-	0x002a1a92, // n0x04f1 c0x0000 (---------------)  + I travelersinsurance
-	0x00329245, // n0x04f2 c0x0000 (---------------)  + I trust
-	0x0033f2c3, // n0x04f3 c0x0000 (---------------)  + I trv
-	0x5320e842, // n0x04f4 c0x014c (n0x1d02-n0x1d13)  + I tt
-	0x002e48c4, // n0x04f5 c0x0000 (---------------)  + I tube
-	0x002f89c3, // n0x04f6 c0x0000 (---------------)  + I tui
-	0x0035d745, // n0x04f7 c0x0000 (---------------)  + I tunes
-	0x002f2e45, // n0x04f8 c0x0000 (---------------)  + I tushu
-	0x53624e42, // n0x04f9 c0x014d (n0x1d13-n0x1d17)  + I tv
-	0x003644c3, // n0x04fa c0x0000 (---------------)  + I tvs
-	0x53a4e502, // n0x04fb c0x014e (n0x1d17-n0x1d25)  + I tw
-	0x53e1fe82, // n0x04fc c0x014f (n0x1d25-n0x1d31)  + I tz
-	0x54220502, // n0x04fd c0x0150 (n0x1d31-n0x1d80)  + I ua
-	0x0033bbc5, // n0x04fe c0x0000 (---------------)  + I ubank
-	0x0024a4c3, // n0x04ff c0x0000 (---------------)  + I ubs
-	0x00249a48, // n0x0500 c0x0000 (---------------)  + I uconnect
-	0x54601cc2, // n0x0501 c0x0151 (n0x1d80-n0x1d89)  + I ug
-	0x54a00f82, // n0x0502 c0x0152 (n0x1d89-n0x1d94)  + I uk
-	0x002a6ac6, // n0x0503 c0x0000 (---------------)  + I unicom
-	0x00320a0a, // n0x0504 c0x0000 (---------------)  + I university
-	0x0020d503, // n0x0505 c0x0000 (---------------)  + I uno
-	0x00259d43, // n0x0506 c0x0000 (---------------)  + I uol
-	0x002d5243, // n0x0507 c0x0000 (---------------)  + I ups
-	0x55602382, // n0x0508 c0x0155 (n0x1d96-n0x1dd5)  + I us
-	0x63a01802, // n0x0509 c0x018e (n0x1e78-n0x1e7e)  + I uy
-	0x64211342, // n0x050a c0x0190 (n0x1e7f-n0x1e83)  + I uz
-	0x002000c2, // n0x050b c0x0000 (---------------)  + I va
-	0x00376a09, // n0x050c c0x0000 (---------------)  + I vacations
-	0x002bc5c4, // n0x050d c0x0000 (---------------)  + I vana
-	0x00344588, // n0x050e c0x0000 (---------------)  + I vanguard
-	0x646e6b02, // n0x050f c0x0191 (n0x1e83-n0x1e89)  + I vc
-	0x64a02b82, // n0x0510 c0x0192 (n0x1e89-n0x1e9a)  + I ve
-	0x00230285, // n0x0511 c0x0000 (---------------)  + I vegas
-	0x0023b808, // n0x0512 c0x0000 (---------------)  + I ventures
-	0x002f1788, // n0x0513 c0x0000 (---------------)  + I verisign
-	0x0039440c, // n0x0514 c0x0000 (---------------)  + I versicherung
-	0x0023f943, // n0x0515 c0x0000 (---------------)  + I vet
-	0x0023fd02, // n0x0516 c0x0000 (---------------)  + I vg
-	0x64e05d42, // n0x0517 c0x0193 (n0x1e9a-n0x1e9f)  + I vi
-	0x002c5706, // n0x0518 c0x0000 (---------------)  + I viajes
-	0x002f5685, // n0x0519 c0x0000 (---------------)  + I video
-	0x0031a003, // n0x051a c0x0000 (---------------)  + I vig
-	0x00311a06, // n0x051b c0x0000 (---------------)  + I viking
-	0x002f57c6, // n0x051c c0x0000 (---------------)  + I villas
-	0x00241543, // n0x051d c0x0000 (---------------)  + I vin
-	0x002f7ac3, // n0x051e c0x0000 (---------------)  + I vip
-	0x002f7e86, // n0x051f c0x0000 (---------------)  + I virgin
-	0x002f8404, // n0x0520 c0x0000 (---------------)  + I visa
-	0x002b48c6, // n0x0521 c0x0000 (---------------)  + I vision
-	0x002c9245, // n0x0522 c0x0000 (---------------)  + I vista
-	0x002f878a, // n0x0523 c0x0000 (---------------)  + I vistaprint
-	0x00240444, // n0x0524 c0x0000 (---------------)  + I viva
-	0x002f97c4, // n0x0525 c0x0000 (---------------)  + I vivo
-	0x0034710a, // n0x0526 c0x0000 (---------------)  + I vlaanderen
-	0x65203442, // n0x0527 c0x0194 (n0x1e9f-n0x1eac)  + I vn
-	0x002760c5, // n0x0528 c0x0000 (---------------)  + I vodka
-	0x002fbd0a, // n0x0529 c0x0000 (---------------)  + I volkswagen
-	0x002fc945, // n0x052a c0x0000 (---------------)  + I volvo
-	0x002fd4c4, // n0x052b c0x0000 (---------------)  + I vote
-	0x002fd5c6, // n0x052c c0x0000 (---------------)  + I voting
-	0x002fd744, // n0x052d c0x0000 (---------------)  + I voto
-	0x00231006, // n0x052e c0x0000 (---------------)  + I voyage
-	0x65672082, // n0x052f c0x0195 (n0x1eac-n0x1eb0)  + I vu
-	0x0031f5c6, // n0x0530 c0x0000 (---------------)  + I vuelos
-	0x00320685, // n0x0531 c0x0000 (---------------)  + I wales
-	0x002010c7, // n0x0532 c0x0000 (---------------)  + I walmart
-	0x00293986, // n0x0533 c0x0000 (---------------)  + I walter
-	0x00242744, // n0x0534 c0x0000 (---------------)  + I wang
-	0x0033d6c7, // n0x0535 c0x0000 (---------------)  + I wanggou
-	0x0036f146, // n0x0536 c0x0000 (---------------)  + I warman
-	0x002aca45, // n0x0537 c0x0000 (---------------)  + I watch
-	0x003a3d87, // n0x0538 c0x0000 (---------------)  + I watches
-	0x00391887, // n0x0539 c0x0000 (---------------)  + I weather
-	0x0039188e, // n0x053a c0x0000 (---------------)  + I weatherchannel
-	0x00221a06, // n0x053b c0x0000 (---------------)  + I webcam
-	0x0022e645, // n0x053c c0x0000 (---------------)  + I weber
-	0x00281007, // n0x053d c0x0000 (---------------)  + I website
-	0x002f08c3, // n0x053e c0x0000 (---------------)  + I wed
-	0x0032f407, // n0x053f c0x0000 (---------------)  + I wedding
-	0x0020fe05, // n0x0540 c0x0000 (---------------)  + I weibo
-	0x002109c4, // n0x0541 c0x0000 (---------------)  + I weir
-	0x0022fe82, // n0x0542 c0x0000 (---------------)  + I wf
-	0x003a43c7, // n0x0543 c0x0000 (---------------)  + I whoswho
-	0x002eee04, // n0x0544 c0x0000 (---------------)  + I wien
-	0x0037c484, // n0x0545 c0x0000 (---------------)  + I wiki
-	0x0025a8cb, // n0x0546 c0x0000 (---------------)  + I williamhill
-	0x0021cbc3, // n0x0547 c0x0000 (---------------)  + I win
-	0x002afe07, // n0x0548 c0x0000 (---------------)  + I windows
-	0x0021cbc4, // n0x0549 c0x0000 (---------------)  + I wine
-	0x002b0f07, // n0x054a c0x0000 (---------------)  + I winners
-	0x00231c43, // n0x054b c0x0000 (---------------)  + I wme
-	0x0032ae4d, // n0x054c c0x0000 (---------------)  + I wolterskluwer
-	0x00380f88, // n0x054d c0x0000 (---------------)  + I woodside
-	0x00255c44, // n0x054e c0x0000 (---------------)  + I work
-	0x00351f05, // n0x054f c0x0000 (---------------)  + I works
-	0x00300b85, // n0x0550 c0x0000 (---------------)  + I world
-	0x002ff3c3, // n0x0551 c0x0000 (---------------)  + I wow
-	0x65a0b942, // n0x0552 c0x0196 (n0x1eb0-n0x1eb7)  + I ws
-	0x003002c3, // n0x0553 c0x0000 (---------------)  + I wtc
-	0x00300783, // n0x0554 c0x0000 (---------------)  + I wtf
-	0x0021bb44, // n0x0555 c0x0000 (---------------)  + I xbox
-	0x0027bec5, // n0x0556 c0x0000 (---------------)  + I xerox
-	0x00230a07, // n0x0557 c0x0000 (---------------)  + I xfinity
-	0x00220446, // n0x0558 c0x0000 (---------------)  + I xihuan
-	0x00367243, // n0x0559 c0x0000 (---------------)  + I xin
-	0x002317cb, // n0x055a c0x0000 (---------------)  + I xn--11b4c3d
-	0x0024830b, // n0x055b c0x0000 (---------------)  + I xn--1ck2e1b
-	0x0026a7cb, // n0x055c c0x0000 (---------------)  + I xn--1qqw23a
-	0x0027bfca, // n0x055d c0x0000 (---------------)  + I xn--30rr7y
-	0x002a718b, // n0x055e c0x0000 (---------------)  + I xn--3bst00m
-	0x002daa8b, // n0x055f c0x0000 (---------------)  + I xn--3ds443g
-	0x002d3d4c, // n0x0560 c0x0000 (---------------)  + I xn--3e0b707e
-	0x002f2851, // n0x0561 c0x0000 (---------------)  + I xn--3oq18vl8pn36a
-	0x00339a8a, // n0x0562 c0x0000 (---------------)  + I xn--3pxu8k
-	0x0034a00b, // n0x0563 c0x0000 (---------------)  + I xn--42c2d9a
-	0x00370d8b, // n0x0564 c0x0000 (---------------)  + I xn--45brj9c
-	0x003a374a, // n0x0565 c0x0000 (---------------)  + I xn--45q11c
-	0x003a5a0a, // n0x0566 c0x0000 (---------------)  + I xn--4gbrim
-	0x00300f8d, // n0x0567 c0x0000 (---------------)  + I xn--4gq48lf9j
-	0x0030218e, // n0x0568 c0x0000 (---------------)  + I xn--54b7fta0cc
-	0x0030270b, // n0x0569 c0x0000 (---------------)  + I xn--55qw42g
-	0x003029ca, // n0x056a c0x0000 (---------------)  + I xn--55qx5d
-	0x00303d11, // n0x056b c0x0000 (---------------)  + I xn--5su34j936bgsg
-	0x0030414a, // n0x056c c0x0000 (---------------)  + I xn--5tzm5g
-	0x0030464b, // n0x056d c0x0000 (---------------)  + I xn--6frz82g
-	0x00304b8e, // n0x056e c0x0000 (---------------)  + I xn--6qq986b3xl
-	0x0030550c, // n0x056f c0x0000 (---------------)  + I xn--80adxhks
-	0x0030648b, // n0x0570 c0x0000 (---------------)  + I xn--80ao21a
-	0x0030674e, // n0x0571 c0x0000 (---------------)  + I xn--80aqecdr1a
-	0x00306acc, // n0x0572 c0x0000 (---------------)  + I xn--80asehdb
-	0x00309b8a, // n0x0573 c0x0000 (---------------)  + I xn--80aswg
-	0x0030a9cc, // n0x0574 c0x0000 (---------------)  + I xn--8y0a063a
-	0x65f0acca, // n0x0575 c0x0197 (n0x1eb7-n0x1ebd)  + I xn--90a3ac
-	0x0030bb89, // n0x0576 c0x0000 (---------------)  + I xn--90ais
-	0x0030d14a, // n0x0577 c0x0000 (---------------)  + I xn--9dbq2a
-	0x0030d3ca, // n0x0578 c0x0000 (---------------)  + I xn--9et52u
-	0x0030d64b, // n0x0579 c0x0000 (---------------)  + I xn--9krt00a
-	0x00310c4e, // n0x057a c0x0000 (---------------)  + I xn--b4w605ferd
-	0x00310fd1, // n0x057b c0x0000 (---------------)  + I xn--bck1b9a5dre4c
-	0x00318cc9, // n0x057c c0x0000 (---------------)  + I xn--c1avg
-	0x00318f0a, // n0x057d c0x0000 (---------------)  + I xn--c2br7g
-	0x00319a4b, // n0x057e c0x0000 (---------------)  + I xn--cck2b3b
-	0x0031b68a, // n0x057f c0x0000 (---------------)  + I xn--cg4bki
-	0x0031bfd6, // n0x0580 c0x0000 (---------------)  + I xn--clchc0ea0b2g2a9gcd
-	0x0031e50b, // n0x0581 c0x0000 (---------------)  + I xn--czr694b
-	0x0032398a, // n0x0582 c0x0000 (---------------)  + I xn--czrs0t
-	0x003241ca, // n0x0583 c0x0000 (---------------)  + I xn--czru2d
-	0x0032674b, // n0x0584 c0x0000 (---------------)  + I xn--d1acj3b
-	0x00328cc9, // n0x0585 c0x0000 (---------------)  + I xn--d1alf
-	0x0032b7cd, // n0x0586 c0x0000 (---------------)  + I xn--eckvdtc9d
-	0x0032c18b, // n0x0587 c0x0000 (---------------)  + I xn--efvy88h
-	0x0032d08b, // n0x0588 c0x0000 (---------------)  + I xn--estv75g
-	0x0032da4b, // n0x0589 c0x0000 (---------------)  + I xn--fct429k
-	0x0032dec9, // n0x058a c0x0000 (---------------)  + I xn--fhbei
-	0x0032e50e, // n0x058b c0x0000 (---------------)  + I xn--fiq228c5hs
-	0x0032ebca, // n0x058c c0x0000 (---------------)  + I xn--fiq64b
-	0x003328ca, // n0x058d c0x0000 (---------------)  + I xn--fiqs8s
-	0x00332c0a, // n0x058e c0x0000 (---------------)  + I xn--fiqz9s
-	0x003334cb, // n0x058f c0x0000 (---------------)  + I xn--fjq720a
-	0x00333d0b, // n0x0590 c0x0000 (---------------)  + I xn--flw351e
-	0x00333fcd, // n0x0591 c0x0000 (---------------)  + I xn--fpcrj9c3d
-	0x0033558d, // n0x0592 c0x0000 (---------------)  + I xn--fzc2c9e2c
-	0x00335ad0, // n0x0593 c0x0000 (---------------)  + I xn--fzys8d69uvgm
-	0x00335f8b, // n0x0594 c0x0000 (---------------)  + I xn--g2xx48c
-	0x00336d4c, // n0x0595 c0x0000 (---------------)  + I xn--gckr3f0f
-	0x00337a0b, // n0x0596 c0x0000 (---------------)  + I xn--gecrj9c
-	0x0033a58b, // n0x0597 c0x0000 (---------------)  + I xn--gk3at1e
-	0x0033ca0b, // n0x0598 c0x0000 (---------------)  + I xn--h2brj9c
-	0x0034034b, // n0x0599 c0x0000 (---------------)  + I xn--hxt814e
-	0x00340dcf, // n0x059a c0x0000 (---------------)  + I xn--i1b6b1a6a2e
-	0x0034118b, // n0x059b c0x0000 (---------------)  + I xn--imr513n
-	0x0034280a, // n0x059c c0x0000 (---------------)  + I xn--io0a7i
-	0x00343209, // n0x059d c0x0000 (---------------)  + I xn--j1aef
-	0x00343e49, // n0x059e c0x0000 (---------------)  + I xn--j1amh
-	0x0034478b, // n0x059f c0x0000 (---------------)  + I xn--j6w193g
-	0x00344a4e, // n0x05a0 c0x0000 (---------------)  + I xn--jlq61u9w7b
-	0x0034778b, // n0x05a1 c0x0000 (---------------)  + I xn--jvr189m
-	0x00348bcf, // n0x05a2 c0x0000 (---------------)  + I xn--kcrx77d1x4a
-	0x0034afcb, // n0x05a3 c0x0000 (---------------)  + I xn--kprw13d
-	0x0034b28b, // n0x05a4 c0x0000 (---------------)  + I xn--kpry57d
-	0x0034b54b, // n0x05a5 c0x0000 (---------------)  + I xn--kpu716f
-	0x0034b98a, // n0x05a6 c0x0000 (---------------)  + I xn--kput3i
-	0x00352909, // n0x05a7 c0x0000 (---------------)  + I xn--l1acc
-	0x0035800f, // n0x05a8 c0x0000 (---------------)  + I xn--lgbbat1ad8j
-	0x0035c74c, // n0x05a9 c0x0000 (---------------)  + I xn--mgb2ddes
-	0x0035cfcc, // n0x05aa c0x0000 (---------------)  + I xn--mgb9awbf
-	0x0035d40e, // n0x05ab c0x0000 (---------------)  + I xn--mgba3a3ejt
-	0x0035d94f, // n0x05ac c0x0000 (---------------)  + I xn--mgba3a4f16a
-	0x0035dd0e, // n0x05ad c0x0000 (---------------)  + I xn--mgba3a4fra
-	0x0035e6d0, // n0x05ae c0x0000 (---------------)  + I xn--mgba7c0bbn0a
-	0x0035eacf, // n0x05af c0x0000 (---------------)  + I xn--mgbaakc7dvf
-	0x0035f04e, // n0x05b0 c0x0000 (---------------)  + I xn--mgbaam7a8h
-	0x0035f50c, // n0x05b1 c0x0000 (---------------)  + I xn--mgbab2bd
-	0x0035f812, // n0x05b2 c0x0000 (---------------)  + I xn--mgbai9a5eva00b
-	0x00360b51, // n0x05b3 c0x0000 (---------------)  + I xn--mgbai9azgqp6j
-	0x0036110e, // n0x05b4 c0x0000 (---------------)  + I xn--mgbayh7gpa
-	0x0036154e, // n0x05b5 c0x0000 (---------------)  + I xn--mgbb9fbpob
-	0x00361a8e, // n0x05b6 c0x0000 (---------------)  + I xn--mgbbh1a71e
-	0x00361e0f, // n0x05b7 c0x0000 (---------------)  + I xn--mgbc0a9azcg
-	0x003621ce, // n0x05b8 c0x0000 (---------------)  + I xn--mgbca7dzdo
-	0x00362553, // n0x05b9 c0x0000 (---------------)  + I xn--mgberp4a5d4a87g
-	0x00362a11, // n0x05ba c0x0000 (---------------)  + I xn--mgberp4a5d4ar
-	0x00362e4e, // n0x05bb c0x0000 (---------------)  + I xn--mgbi4ecexp
-	0x003632cc, // n0x05bc c0x0000 (---------------)  + I xn--mgbpl2fh
-	0x00363713, // n0x05bd c0x0000 (---------------)  + I xn--mgbqly7c0a67fbc
-	0x00363e90, // n0x05be c0x0000 (---------------)  + I xn--mgbqly7cvafr
-	0x0036470c, // n0x05bf c0x0000 (---------------)  + I xn--mgbt3dhd
-	0x00364a0c, // n0x05c0 c0x0000 (---------------)  + I xn--mgbtf8fl
-	0x00364f4b, // n0x05c1 c0x0000 (---------------)  + I xn--mgbtx2b
-	0x0036540e, // n0x05c2 c0x0000 (---------------)  + I xn--mgbx4cd0ab
-	0x0036590b, // n0x05c3 c0x0000 (---------------)  + I xn--mix082f
-	0x0036688b, // n0x05c4 c0x0000 (---------------)  + I xn--mix891f
-	0x003678cc, // n0x05c5 c0x0000 (---------------)  + I xn--mk1bu44c
-	0x0036fa4a, // n0x05c6 c0x0000 (---------------)  + I xn--mxtq1m
-	0x0037058c, // n0x05c7 c0x0000 (---------------)  + I xn--ngbc5azd
-	0x0037088c, // n0x05c8 c0x0000 (---------------)  + I xn--ngbe9e0a
-	0x00370b89, // n0x05c9 c0x0000 (---------------)  + I xn--ngbrx
-	0x0037254b, // n0x05ca c0x0000 (---------------)  + I xn--nnx388a
-	0x00372808, // n0x05cb c0x0000 (---------------)  + I xn--node
-	0x00372cc9, // n0x05cc c0x0000 (---------------)  + I xn--nqv7f
-	0x00372ccf, // n0x05cd c0x0000 (---------------)  + I xn--nqv7fs00ema
-	0x0037464b, // n0x05ce c0x0000 (---------------)  + I xn--nyqy26a
-	0x0037534a, // n0x05cf c0x0000 (---------------)  + I xn--o3cw4h
-	0x0037708c, // n0x05d0 c0x0000 (---------------)  + I xn--ogbpf8fl
-	0x00379349, // n0x05d1 c0x0000 (---------------)  + I xn--p1acf
-	0x003795c8, // n0x05d2 c0x0000 (---------------)  + I xn--p1ai
-	0x003797cb, // n0x05d3 c0x0000 (---------------)  + I xn--pbt977c
-	0x0037a58b, // n0x05d4 c0x0000 (---------------)  + I xn--pgbs0dh
-	0x0037b44a, // n0x05d5 c0x0000 (---------------)  + I xn--pssy2u
-	0x0037b6cb, // n0x05d6 c0x0000 (---------------)  + I xn--q9jyb4c
-	0x0037cc4c, // n0x05d7 c0x0000 (---------------)  + I xn--qcka1pmc
-	0x0037d688, // n0x05d8 c0x0000 (---------------)  + I xn--qxam
-	0x0038118b, // n0x05d9 c0x0000 (---------------)  + I xn--rhqv96g
-	0x0038390b, // n0x05da c0x0000 (---------------)  + I xn--rovu88b
-	0x00386f0b, // n0x05db c0x0000 (---------------)  + I xn--s9brj9c
-	0x0038860b, // n0x05dc c0x0000 (---------------)  + I xn--ses554g
-	0x0039140b, // n0x05dd c0x0000 (---------------)  + I xn--t60b56a
-	0x003916c9, // n0x05de c0x0000 (---------------)  + I xn--tckwe
-	0x00391c0d, // n0x05df c0x0000 (---------------)  + I xn--tiq49xqyj
-	0x0039654a, // n0x05e0 c0x0000 (---------------)  + I xn--unup4y
-	0x00397497, // n0x05e1 c0x0000 (---------------)  + I xn--vermgensberater-ctb
-	0x003982d8, // n0x05e2 c0x0000 (---------------)  + I xn--vermgensberatung-pwb
-	0x0039a849, // n0x05e3 c0x0000 (---------------)  + I xn--vhquv
-	0x0039ba4b, // n0x05e4 c0x0000 (---------------)  + I xn--vuq861b
-	0x0039c814, // n0x05e5 c0x0000 (---------------)  + I xn--w4r85el8fhu5dnra
-	0x0039cd0b, // n0x05e6 c0x0000 (---------------)  + I xn--w4rs40l
-	0x0039d28a, // n0x05e7 c0x0000 (---------------)  + I xn--wgbh1c
-	0x0039d84a, // n0x05e8 c0x0000 (---------------)  + I xn--wgbl6a
-	0x0039dacb, // n0x05e9 c0x0000 (---------------)  + I xn--xhq521b
-	0x003a1450, // n0x05ea c0x0000 (---------------)  + I xn--xkc2al3hye2a
-	0x003a1851, // n0x05eb c0x0000 (---------------)  + I xn--xkc2dl3a5ee0h
-	0x003a210a, // n0x05ec c0x0000 (---------------)  + I xn--y9a3aq
-	0x003a2d4d, // n0x05ed c0x0000 (---------------)  + I xn--yfro4i67o
-	0x003a344d, // n0x05ee c0x0000 (---------------)  + I xn--ygbi2ammx
-	0x003a5dcb, // n0x05ef c0x0000 (---------------)  + I xn--zfr164b
-	0x003a6b46, // n0x05f0 c0x0000 (---------------)  + I xperia
-	0x00230983, // n0x05f1 c0x0000 (---------------)  + I xxx
-	0x00247683, // n0x05f2 c0x0000 (---------------)  + I xyz
-	0x00307e86, // n0x05f3 c0x0000 (---------------)  + I yachts
-	0x0028d645, // n0x05f4 c0x0000 (---------------)  + I yahoo
-	0x002c7947, // n0x05f5 c0x0000 (---------------)  + I yamaxun
-	0x00339946, // n0x05f6 c0x0000 (---------------)  + I yandex
-	0x01608242, // n0x05f7 c0x0005 (---------------)* o I ye
-	0x003710c9, // n0x05f8 c0x0000 (---------------)  + I yodobashi
-	0x003559c4, // n0x05f9 c0x0000 (---------------)  + I yoga
-	0x002d09c8, // n0x05fa c0x0000 (---------------)  + I yokohama
-	0x0024b0c3, // n0x05fb c0x0000 (---------------)  + I you
-	0x002e4807, // n0x05fc c0x0000 (---------------)  + I youtube
-	0x00244002, // n0x05fd c0x0000 (---------------)  + I yt
-	0x002ac203, // n0x05fe c0x0000 (---------------)  + I yun
-	0x66205f82, // n0x05ff c0x0198 (n0x1ebd-n0x1ece)  o I za
-	0x002c3fc6, // n0x0600 c0x0000 (---------------)  + I zappos
-	0x002c4d04, // n0x0601 c0x0000 (---------------)  + I zara
-	0x002eb584, // n0x0602 c0x0000 (---------------)  + I zero
-	0x002432c3, // n0x0603 c0x0000 (---------------)  + I zip
-	0x002432c5, // n0x0604 c0x0000 (---------------)  + I zippo
-	0x01700d02, // n0x0605 c0x0005 (---------------)* o I zm
-	0x002dce04, // n0x0606 c0x0000 (---------------)  + I zone
-	0x00273947, // n0x0607 c0x0000 (---------------)  + I zuerich
-	0x016afdc2, // n0x0608 c0x0005 (---------------)* o I zw
-	0x00233503, // n0x0609 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x060a c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x060b c0x0000 (---------------)  + I gov
-	0x00209003, // n0x060c c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x060d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x060e c0x0000 (---------------)  + I org
-	0x00201483, // n0x060f c0x0000 (---------------)  + I nom
-	0x00201542, // n0x0610 c0x0000 (---------------)  + I ac
-	0x000ffa08, // n0x0611 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x0612 c0x0000 (---------------)  + I co
-	0x0026cc83, // n0x0613 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0614 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0615 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0616 c0x0000 (---------------)  + I org
-	0x00217443, // n0x0617 c0x0000 (---------------)  + I sch
-	0x00316196, // n0x0618 c0x0000 (---------------)  + I accident-investigation
-	0x00317cd3, // n0x0619 c0x0000 (---------------)  + I accident-prevention
-	0x002f66c9, // n0x061a c0x0000 (---------------)  + I aerobatic
-	0x002389c8, // n0x061b c0x0000 (---------------)  + I aeroclub
-	0x002dd449, // n0x061c c0x0000 (---------------)  + I aerodrome
-	0x002fbe86, // n0x061d c0x0000 (---------------)  + I agents
-	0x0030c790, // n0x061e c0x0000 (---------------)  + I air-surveillance
-	0x00358d93, // n0x061f c0x0000 (---------------)  + I air-traffic-control
-	0x00204908, // n0x0620 c0x0000 (---------------)  + I aircraft
-	0x002d7e07, // n0x0621 c0x0000 (---------------)  + I airline
-	0x002793c7, // n0x0622 c0x0000 (---------------)  + I airport
-	0x0021868a, // n0x0623 c0x0000 (---------------)  + I airtraffic
-	0x002c8609, // n0x0624 c0x0000 (---------------)  + I ambulance
-	0x0037d809, // n0x0625 c0x0000 (---------------)  + I amusement
-	0x002d488b, // n0x0626 c0x0000 (---------------)  + I association
-	0x0031a686, // n0x0627 c0x0000 (---------------)  + I author
-	0x0022faca, // n0x0628 c0x0000 (---------------)  + I ballooning
-	0x00220c46, // n0x0629 c0x0000 (---------------)  + I broker
-	0x003555c3, // n0x062a c0x0000 (---------------)  + I caa
-	0x002e9b05, // n0x062b c0x0000 (---------------)  + I cargo
-	0x00351008, // n0x062c c0x0000 (---------------)  + I catering
-	0x003257cd, // n0x062d c0x0000 (---------------)  + I certification
-	0x0035894c, // n0x062e c0x0000 (---------------)  + I championship
-	0x00320347, // n0x062f c0x0000 (---------------)  + I charter
-	0x0035b70d, // n0x0630 c0x0000 (---------------)  + I civilaviation
-	0x00238ac4, // n0x0631 c0x0000 (---------------)  + I club
-	0x00236cca, // n0x0632 c0x0000 (---------------)  + I conference
-	0x0023784a, // n0x0633 c0x0000 (---------------)  + I consultant
-	0x00237d0a, // n0x0634 c0x0000 (---------------)  + I consulting
-	0x00308c87, // n0x0635 c0x0000 (---------------)  + I control
-	0x00242207, // n0x0636 c0x0000 (---------------)  + I council
-	0x00245184, // n0x0637 c0x0000 (---------------)  + I crew
-	0x0022dcc6, // n0x0638 c0x0000 (---------------)  + I design
-	0x00356f44, // n0x0639 c0x0000 (---------------)  + I dgca
-	0x002fe188, // n0x063a c0x0000 (---------------)  + I educator
-	0x00322189, // n0x063b c0x0000 (---------------)  + I emergency
-	0x00369146, // n0x063c c0x0000 (---------------)  + I engine
-	0x00369148, // n0x063d c0x0000 (---------------)  + I engineer
-	0x00247acd, // n0x063e c0x0000 (---------------)  + I entertainment
-	0x002c2709, // n0x063f c0x0000 (---------------)  + I equipment
-	0x00239488, // n0x0640 c0x0000 (---------------)  + I exchange
-	0x00247487, // n0x0641 c0x0000 (---------------)  + I express
-	0x0030eeca, // n0x0642 c0x0000 (---------------)  + I federation
-	0x00251286, // n0x0643 c0x0000 (---------------)  + I flight
-	0x0025cf87, // n0x0644 c0x0000 (---------------)  + I freight
-	0x00240d04, // n0x0645 c0x0000 (---------------)  + I fuel
-	0x0026e307, // n0x0646 c0x0000 (---------------)  + I gliding
-	0x0026cc8a, // n0x0647 c0x0000 (---------------)  + I government
-	0x0031240e, // n0x0648 c0x0000 (---------------)  + I groundhandling
-	0x0020ab45, // n0x0649 c0x0000 (---------------)  + I group
-	0x002ff10b, // n0x064a c0x0000 (---------------)  + I hanggliding
-	0x002e9e49, // n0x064b c0x0000 (---------------)  + I homebuilt
-	0x0023e7c9, // n0x064c c0x0000 (---------------)  + I insurance
-	0x0033be47, // n0x064d c0x0000 (---------------)  + I journal
-	0x0038e60a, // n0x064e c0x0000 (---------------)  + I journalist
-	0x00285c07, // n0x064f c0x0000 (---------------)  + I leasing
-	0x002e2d49, // n0x0650 c0x0000 (---------------)  + I logistics
-	0x00395fc8, // n0x0651 c0x0000 (---------------)  + I magazine
-	0x0027634b, // n0x0652 c0x0000 (---------------)  + I maintenance
-	0x003025c5, // n0x0653 c0x0000 (---------------)  + I media
-	0x0031210a, // n0x0654 c0x0000 (---------------)  + I microlight
-	0x002a3209, // n0x0655 c0x0000 (---------------)  + I modelling
-	0x00319f8a, // n0x0656 c0x0000 (---------------)  + I navigation
-	0x002c530b, // n0x0657 c0x0000 (---------------)  + I parachuting
-	0x0026e20b, // n0x0658 c0x0000 (---------------)  + I paragliding
-	0x002d4615, // n0x0659 c0x0000 (---------------)  + I passenger-association
-	0x002d6505, // n0x065a c0x0000 (---------------)  + I pilot
-	0x00247505, // n0x065b c0x0000 (---------------)  + I press
-	0x002e204a, // n0x065c c0x0000 (---------------)  + I production
-	0x00336aca, // n0x065d c0x0000 (---------------)  + I recreation
-	0x002fae47, // n0x065e c0x0000 (---------------)  + I repbody
-	0x0021d683, // n0x065f c0x0000 (---------------)  + I res
-	0x0029fa08, // n0x0660 c0x0000 (---------------)  + I research
-	0x002ce74a, // n0x0661 c0x0000 (---------------)  + I rotorcraft
-	0x00215946, // n0x0662 c0x0000 (---------------)  + I safety
-	0x002466c9, // n0x0663 c0x0000 (---------------)  + I scientist
-	0x00206808, // n0x0664 c0x0000 (---------------)  + I services
-	0x002c4484, // n0x0665 c0x0000 (---------------)  + I show
-	0x0027d709, // n0x0666 c0x0000 (---------------)  + I skydiving
-	0x002b8688, // n0x0667 c0x0000 (---------------)  + I software
-	0x002abd47, // n0x0668 c0x0000 (---------------)  + I student
-	0x002673c6, // n0x0669 c0x0000 (---------------)  + I trader
-	0x002a4607, // n0x066a c0x0000 (---------------)  + I trading
-	0x00295207, // n0x066b c0x0000 (---------------)  + I trainer
-	0x00244bc5, // n0x066c c0x0000 (---------------)  + I union
-	0x002dbd0c, // n0x066d c0x0000 (---------------)  + I workinggroup
-	0x00351f05, // n0x066e c0x0000 (---------------)  + I works
-	0x00233503, // n0x066f c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0670 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0671 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x0672 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0673 c0x0000 (---------------)  + I org
-	0x00200742, // n0x0674 c0x0000 (---------------)  + I co
-	0x00233503, // n0x0675 c0x0000 (---------------)  + I com
-	0x0021fe03, // n0x0676 c0x0000 (---------------)  + I net
-	0x00201483, // n0x0677 c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x0678 c0x0000 (---------------)  + I org
-	0x00233503, // n0x0679 c0x0000 (---------------)  + I com
-	0x0021fe03, // n0x067a c0x0000 (---------------)  + I net
-	0x0020b283, // n0x067b c0x0000 (---------------)  + I off
-	0x0022d1c3, // n0x067c c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x067d c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x067e c0x0000 (---------------)  + I com
-	0x0023a783, // n0x067f c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0680 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0681 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0682 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0683 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x0684 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x0685 c0x0000 (---------------)  + I co
-	0x00202602, // n0x0686 c0x0000 (---------------)  + I ed
-	0x00237f42, // n0x0687 c0x0000 (---------------)  + I gv
-	0x00201e42, // n0x0688 c0x0000 (---------------)  + I it
-	0x00200c42, // n0x0689 c0x0000 (---------------)  + I og
-	0x002718c2, // n0x068a c0x0000 (---------------)  + I pb
-	0x04633503, // n0x068b c0x0011 (n0x0694-n0x0695)  + I com
-	0x0023a783, // n0x068c c0x0000 (---------------)  + I edu
-	0x00213183, // n0x068d c0x0000 (---------------)  + I gob
-	0x0026cc83, // n0x068e c0x0000 (---------------)  + I gov
-	0x00201603, // n0x068f c0x0000 (---------------)  + I int
-	0x00209003, // n0x0690 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0691 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0692 c0x0000 (---------------)  + I org
-	0x00209e43, // n0x0693 c0x0000 (---------------)  + I tur
-	0x000ffa08, // n0x0694 c0x0000 (---------------)  +   blogspot
-	0x00255704, // n0x0695 c0x0000 (---------------)  + I e164
-	0x002edc07, // n0x0696 c0x0000 (---------------)  + I in-addr
-	0x00215dc3, // n0x0697 c0x0000 (---------------)  + I ip6
-	0x00238804, // n0x0698 c0x0000 (---------------)  + I iris
-	0x0020dd83, // n0x0699 c0x0000 (---------------)  + I uri
-	0x00285383, // n0x069a c0x0000 (---------------)  + I urn
-	0x0026cc83, // n0x069b c0x0000 (---------------)  + I gov
-	0x00201542, // n0x069c c0x0000 (---------------)  + I ac
-	0x00130b83, // n0x069d c0x0000 (---------------)  +   biz
-	0x05600742, // n0x069e c0x0015 (n0x06a3-n0x06a4)  + I co
-	0x00237f42, // n0x069f c0x0000 (---------------)  + I gv
-	0x001a1244, // n0x06a0 c0x0000 (---------------)  +   info
-	0x00200282, // n0x06a1 c0x0000 (---------------)  + I or
-	0x000e1c44, // n0x06a2 c0x0000 (---------------)  +   priv
-	0x000ffa08, // n0x06a3 c0x0000 (---------------)  +   blogspot
-	0x00239a03, // n0x06a4 c0x0000 (---------------)  + I act
-	0x002afc83, // n0x06a5 c0x0000 (---------------)  + I asn
-	0x05e33503, // n0x06a6 c0x0017 (n0x06b6-n0x06b7)  + I com
-	0x00236cc4, // n0x06a7 c0x0000 (---------------)  + I conf
-	0x0623a783, // n0x06a8 c0x0018 (n0x06b7-n0x06bf)  + I edu
-	0x0666cc83, // n0x06a9 c0x0019 (n0x06bf-n0x06c4)  + I gov
-	0x0020c782, // n0x06aa c0x0000 (---------------)  + I id
-	0x003a1244, // n0x06ab c0x0000 (---------------)  + I info
-	0x0021fe03, // n0x06ac c0x0000 (---------------)  + I net
-	0x002f09c3, // n0x06ad c0x0000 (---------------)  + I nsw
-	0x002009c2, // n0x06ae c0x0000 (---------------)  + I nt
-	0x0022d1c3, // n0x06af c0x0000 (---------------)  + I org
-	0x0021c142, // n0x06b0 c0x0000 (---------------)  + I oz
-	0x002e6383, // n0x06b1 c0x0000 (---------------)  + I qld
-	0x002004c2, // n0x06b2 c0x0000 (---------------)  + I sa
-	0x00201e83, // n0x06b3 c0x0000 (---------------)  + I tas
-	0x002068c3, // n0x06b4 c0x0000 (---------------)  + I vic
-	0x002010c2, // n0x06b5 c0x0000 (---------------)  + I wa
-	0x000ffa08, // n0x06b6 c0x0000 (---------------)  +   blogspot
-	0x00239a03, // n0x06b7 c0x0000 (---------------)  + I act
-	0x002f09c3, // n0x06b8 c0x0000 (---------------)  + I nsw
-	0x002009c2, // n0x06b9 c0x0000 (---------------)  + I nt
-	0x002e6383, // n0x06ba c0x0000 (---------------)  + I qld
-	0x002004c2, // n0x06bb c0x0000 (---------------)  + I sa
-	0x00201e83, // n0x06bc c0x0000 (---------------)  + I tas
-	0x002068c3, // n0x06bd c0x0000 (---------------)  + I vic
-	0x002010c2, // n0x06be c0x0000 (---------------)  + I wa
-	0x002e6383, // n0x06bf c0x0000 (---------------)  + I qld
-	0x002004c2, // n0x06c0 c0x0000 (---------------)  + I sa
-	0x00201e83, // n0x06c1 c0x0000 (---------------)  + I tas
-	0x002068c3, // n0x06c2 c0x0000 (---------------)  + I vic
-	0x002010c2, // n0x06c3 c0x0000 (---------------)  + I wa
-	0x00233503, // n0x06c4 c0x0000 (---------------)  + I com
-	0x00330b83, // n0x06c5 c0x0000 (---------------)  + I biz
-	0x00233503, // n0x06c6 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x06c7 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x06c8 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x06c9 c0x0000 (---------------)  + I info
-	0x00201603, // n0x06ca c0x0000 (---------------)  + I int
-	0x00209003, // n0x06cb c0x0000 (---------------)  + I mil
-	0x00205284, // n0x06cc c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x06cd c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x06ce c0x0000 (---------------)  + I org
-	0x00209302, // n0x06cf c0x0000 (---------------)  + I pp
-	0x00220e43, // n0x06d0 c0x0000 (---------------)  + I pro
-	0x000ffa08, // n0x06d1 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x06d2 c0x0000 (---------------)  + I co
-	0x00233503, // n0x06d3 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x06d4 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x06d5 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x06d6 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x06d7 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x06d8 c0x0000 (---------------)  + I org
-	0x00209702, // n0x06d9 c0x0000 (---------------)  + I rs
-	0x002d8144, // n0x06da c0x0000 (---------------)  + I unbi
-	0x003a6844, // n0x06db c0x0000 (---------------)  + I unsa
-	0x00330b83, // n0x06dc c0x0000 (---------------)  + I biz
-	0x00200742, // n0x06dd c0x0000 (---------------)  + I co
-	0x00233503, // n0x06de c0x0000 (---------------)  + I com
-	0x0023a783, // n0x06df c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x06e0 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x06e1 c0x0000 (---------------)  + I info
-	0x0021fe03, // n0x06e2 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x06e3 c0x0000 (---------------)  + I org
-	0x00391185, // n0x06e4 c0x0000 (---------------)  + I store
-	0x00224e42, // n0x06e5 c0x0000 (---------------)  + I tv
-	0x00201542, // n0x06e6 c0x0000 (---------------)  + I ac
-	0x000ffa08, // n0x06e7 c0x0000 (---------------)  +   blogspot
-	0x0026cc83, // n0x06e8 c0x0000 (---------------)  + I gov
-	0x0025c3c1, // n0x06e9 c0x0000 (---------------)  + I 0
-	0x0022a0c1, // n0x06ea c0x0000 (---------------)  + I 1
-	0x002484c1, // n0x06eb c0x0000 (---------------)  + I 2
-	0x00231a01, // n0x06ec c0x0000 (---------------)  + I 3
-	0x00231981, // n0x06ed c0x0000 (---------------)  + I 4
-	0x002736c1, // n0x06ee c0x0000 (---------------)  + I 5
-	0x00215e41, // n0x06ef c0x0000 (---------------)  + I 6
-	0x0023e381, // n0x06f0 c0x0000 (---------------)  + I 7
-	0x002f2a41, // n0x06f1 c0x0000 (---------------)  + I 8
-	0x00301241, // n0x06f2 c0x0000 (---------------)  + I 9
-	0x00200101, // n0x06f3 c0x0000 (---------------)  + I a
-	0x00200001, // n0x06f4 c0x0000 (---------------)  + I b
-	0x000ffa08, // n0x06f5 c0x0000 (---------------)  +   blogspot
-	0x00200301, // n0x06f6 c0x0000 (---------------)  + I c
-	0x00200381, // n0x06f7 c0x0000 (---------------)  + I d
-	0x00200081, // n0x06f8 c0x0000 (---------------)  + I e
-	0x00200581, // n0x06f9 c0x0000 (---------------)  + I f
-	0x00200c81, // n0x06fa c0x0000 (---------------)  + I g
-	0x00200d81, // n0x06fb c0x0000 (---------------)  + I h
-	0x00200041, // n0x06fc c0x0000 (---------------)  + I i
-	0x00201741, // n0x06fd c0x0000 (---------------)  + I j
-	0x00200fc1, // n0x06fe c0x0000 (---------------)  + I k
-	0x00200201, // n0x06ff c0x0000 (---------------)  + I l
-	0x00200181, // n0x0700 c0x0000 (---------------)  + I m
-	0x00200541, // n0x0701 c0x0000 (---------------)  + I n
-	0x00200281, // n0x0702 c0x0000 (---------------)  + I o
-	0x00200941, // n0x0703 c0x0000 (---------------)  + I p
-	0x00200401, // n0x0704 c0x0000 (---------------)  + I q
-	0x002002c1, // n0x0705 c0x0000 (---------------)  + I r
-	0x002004c1, // n0x0706 c0x0000 (---------------)  + I s
-	0x00200141, // n0x0707 c0x0000 (---------------)  + I t
-	0x00200441, // n0x0708 c0x0000 (---------------)  + I u
-	0x002000c1, // n0x0709 c0x0000 (---------------)  + I v
-	0x002010c1, // n0x070a c0x0000 (---------------)  + I w
-	0x00205381, // n0x070b c0x0000 (---------------)  + I x
-	0x00201841, // n0x070c c0x0000 (---------------)  + I y
-	0x00205f81, // n0x070d c0x0000 (---------------)  + I z
-	0x00233503, // n0x070e c0x0000 (---------------)  + I com
-	0x0023a783, // n0x070f c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0710 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x0711 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0712 c0x0000 (---------------)  + I org
-	0x00200742, // n0x0713 c0x0000 (---------------)  + I co
-	0x00233503, // n0x0714 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0715 c0x0000 (---------------)  + I edu
-	0x00200282, // n0x0716 c0x0000 (---------------)  + I or
-	0x0022d1c3, // n0x0717 c0x0000 (---------------)  + I org
-	0x00009107, // n0x0718 c0x0000 (---------------)  +   dscloud
-	0x00013886, // n0x0719 c0x0000 (---------------)  +   dyndns
-	0x00055e8a, // n0x071a c0x0000 (---------------)  +   for-better
-	0x00087d88, // n0x071b c0x0000 (---------------)  +   for-more
-	0x00056488, // n0x071c c0x0000 (---------------)  +   for-some
-	0x000572c7, // n0x071d c0x0000 (---------------)  +   for-the
-	0x0006ba86, // n0x071e c0x0000 (---------------)  +   selfip
-	0x000eadc6, // n0x071f c0x0000 (---------------)  +   webhop
-	0x002d4884, // n0x0720 c0x0000 (---------------)  + I asso
-	0x00319cc7, // n0x0721 c0x0000 (---------------)  + I barreau
-	0x000ffa08, // n0x0722 c0x0000 (---------------)  +   blogspot
-	0x0033d7c4, // n0x0723 c0x0000 (---------------)  + I gouv
-	0x00233503, // n0x0724 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0725 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0726 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x0727 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0728 c0x0000 (---------------)  + I org
-	0x00233503, // n0x0729 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x072a c0x0000 (---------------)  + I edu
-	0x00213183, // n0x072b c0x0000 (---------------)  + I gob
-	0x0026cc83, // n0x072c c0x0000 (---------------)  + I gov
-	0x00201603, // n0x072d c0x0000 (---------------)  + I int
-	0x00209003, // n0x072e c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x072f c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0730 c0x0000 (---------------)  + I org
-	0x00224e42, // n0x0731 c0x0000 (---------------)  + I tv
-	0x002c3503, // n0x0732 c0x0000 (---------------)  + I adm
-	0x002f4fc3, // n0x0733 c0x0000 (---------------)  + I adv
-	0x00209c83, // n0x0734 c0x0000 (---------------)  + I agr
-	0x00201882, // n0x0735 c0x0000 (---------------)  + I am
-	0x0024f183, // n0x0736 c0x0000 (---------------)  + I arq
-	0x002011c3, // n0x0737 c0x0000 (---------------)  + I art
-	0x00217b03, // n0x0738 c0x0000 (---------------)  + I ato
-	0x00200001, // n0x0739 c0x0000 (---------------)  + I b
-	0x00203a03, // n0x073a c0x0000 (---------------)  + I bio
-	0x002a4004, // n0x073b c0x0000 (---------------)  + I blog
-	0x00321f43, // n0x073c c0x0000 (---------------)  + I bmd
-	0x0025ee03, // n0x073d c0x0000 (---------------)  + I cim
-	0x0021ba43, // n0x073e c0x0000 (---------------)  + I cng
-	0x00231603, // n0x073f c0x0000 (---------------)  + I cnt
-	0x0a233503, // n0x0740 c0x0028 (n0x0778-n0x0779)  + I com
-	0x0023d684, // n0x0741 c0x0000 (---------------)  + I coop
-	0x0021ba03, // n0x0742 c0x0000 (---------------)  + I ecn
-	0x0020b203, // n0x0743 c0x0000 (---------------)  + I eco
-	0x0023a783, // n0x0744 c0x0000 (---------------)  + I edu
-	0x0023a4c3, // n0x0745 c0x0000 (---------------)  + I emp
-	0x00213703, // n0x0746 c0x0000 (---------------)  + I eng
-	0x0029bdc3, // n0x0747 c0x0000 (---------------)  + I esp
-	0x0025ed83, // n0x0748 c0x0000 (---------------)  + I etc
-	0x002234c3, // n0x0749 c0x0000 (---------------)  + I eti
-	0x00212983, // n0x074a c0x0000 (---------------)  + I far
-	0x002522c4, // n0x074b c0x0000 (---------------)  + I flog
-	0x00242902, // n0x074c c0x0000 (---------------)  + I fm
-	0x00255803, // n0x074d c0x0000 (---------------)  + I fnd
-	0x0025bb03, // n0x074e c0x0000 (---------------)  + I fot
-	0x00277703, // n0x074f c0x0000 (---------------)  + I fst
-	0x002ee4c3, // n0x0750 c0x0000 (---------------)  + I g12
-	0x002ece03, // n0x0751 c0x0000 (---------------)  + I ggf
-	0x0026cc83, // n0x0752 c0x0000 (---------------)  + I gov
-	0x002cc783, // n0x0753 c0x0000 (---------------)  + I imb
-	0x0021d883, // n0x0754 c0x0000 (---------------)  + I ind
-	0x003a1083, // n0x0755 c0x0000 (---------------)  + I inf
-	0x00215b43, // n0x0756 c0x0000 (---------------)  + I jor
-	0x002f3143, // n0x0757 c0x0000 (---------------)  + I jus
-	0x0022e283, // n0x0758 c0x0000 (---------------)  + I leg
-	0x002d08c3, // n0x0759 c0x0000 (---------------)  + I lel
-	0x0021f803, // n0x075a c0x0000 (---------------)  + I mat
-	0x00213ac3, // n0x075b c0x0000 (---------------)  + I med
-	0x00209003, // n0x075c c0x0000 (---------------)  + I mil
-	0x0022a482, // n0x075d c0x0000 (---------------)  + I mp
-	0x00283a83, // n0x075e c0x0000 (---------------)  + I mus
-	0x0021fe03, // n0x075f c0x0000 (---------------)  + I net
-	0x01601483, // n0x0760 c0x0005 (---------------)* o I nom
-	0x002547c3, // n0x0761 c0x0000 (---------------)  + I not
-	0x0023b443, // n0x0762 c0x0000 (---------------)  + I ntr
-	0x00213243, // n0x0763 c0x0000 (---------------)  + I odo
-	0x0022d1c3, // n0x0764 c0x0000 (---------------)  + I org
-	0x00249583, // n0x0765 c0x0000 (---------------)  + I ppg
-	0x00220e43, // n0x0766 c0x0000 (---------------)  + I pro
-	0x0023d083, // n0x0767 c0x0000 (---------------)  + I psc
-	0x002f7b43, // n0x0768 c0x0000 (---------------)  + I psi
-	0x002e6543, // n0x0769 c0x0000 (---------------)  + I qsl
-	0x00264b85, // n0x076a c0x0000 (---------------)  + I radio
-	0x0022a5c3, // n0x076b c0x0000 (---------------)  + I rec
-	0x002e6583, // n0x076c c0x0000 (---------------)  + I slg
-	0x0035ca03, // n0x076d c0x0000 (---------------)  + I srv
-	0x002203c4, // n0x076e c0x0000 (---------------)  + I taxi
-	0x00336843, // n0x076f c0x0000 (---------------)  + I teo
-	0x00239f83, // n0x0770 c0x0000 (---------------)  + I tmp
-	0x002a9803, // n0x0771 c0x0000 (---------------)  + I trd
-	0x00209e43, // n0x0772 c0x0000 (---------------)  + I tur
-	0x00224e42, // n0x0773 c0x0000 (---------------)  + I tv
-	0x0023f943, // n0x0774 c0x0000 (---------------)  + I vet
-	0x002fa5c4, // n0x0775 c0x0000 (---------------)  + I vlog
-	0x0037c484, // n0x0776 c0x0000 (---------------)  + I wiki
-	0x002645c3, // n0x0777 c0x0000 (---------------)  + I zlg
-	0x000ffa08, // n0x0778 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x0779 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x077a c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x077b c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x077c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x077d c0x0000 (---------------)  + I org
-	0x00233503, // n0x077e c0x0000 (---------------)  + I com
-	0x0023a783, // n0x077f c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0780 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x0781 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0782 c0x0000 (---------------)  + I org
-	0x00200742, // n0x0783 c0x0000 (---------------)  + I co
-	0x0022d1c3, // n0x0784 c0x0000 (---------------)  + I org
-	0x0b633503, // n0x0785 c0x002d (n0x0789-n0x078a)  + I com
-	0x0026cc83, // n0x0786 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0787 c0x0000 (---------------)  + I mil
-	0x0020b282, // n0x0788 c0x0000 (---------------)  + I of
-	0x000ffa08, // n0x0789 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x078a c0x0000 (---------------)  + I com
-	0x0023a783, // n0x078b c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x078c c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x078d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x078e c0x0000 (---------------)  + I org
-	0x00005f82, // n0x078f c0x0000 (---------------)  +   za
-	0x002020c2, // n0x0790 c0x0000 (---------------)  + I ab
-	0x00221a82, // n0x0791 c0x0000 (---------------)  + I bc
-	0x000ffa08, // n0x0792 c0x0000 (---------------)  +   blogspot
-	0x00000742, // n0x0793 c0x0000 (---------------)  +   co
-	0x0023c3c2, // n0x0794 c0x0000 (---------------)  + I gc
-	0x00208602, // n0x0795 c0x0000 (---------------)  + I mb
-	0x00215102, // n0x0796 c0x0000 (---------------)  + I nb
-	0x00200542, // n0x0797 c0x0000 (---------------)  + I nf
-	0x00247802, // n0x0798 c0x0000 (---------------)  + I nl
-	0x00210c42, // n0x0799 c0x0000 (---------------)  + I ns
-	0x002009c2, // n0x079a c0x0000 (---------------)  + I nt
-	0x002017c2, // n0x079b c0x0000 (---------------)  + I nu
-	0x00200982, // n0x079c c0x0000 (---------------)  + I on
-	0x00207782, // n0x079d c0x0000 (---------------)  + I pe
-	0x0037cd42, // n0x079e c0x0000 (---------------)  + I qc
-	0x00207842, // n0x079f c0x0000 (---------------)  + I sk
-	0x00226f42, // n0x07a0 c0x0000 (---------------)  + I yk
-	0x00146449, // n0x07a1 c0x0000 (---------------)  +   ftpaccess
-	0x00173f0b, // n0x07a2 c0x0000 (---------------)  +   game-server
-	0x000d1148, // n0x07a3 c0x0000 (---------------)  +   myphotos
-	0x00143a09, // n0x07a4 c0x0000 (---------------)  +   scrapping
-	0x0026cc83, // n0x07a5 c0x0000 (---------------)  + I gov
-	0x000ffa08, // n0x07a6 c0x0000 (---------------)  +   blogspot
-	0x000ffa08, // n0x07a7 c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x07a8 c0x0000 (---------------)  + I ac
-	0x002d4884, // n0x07a9 c0x0000 (---------------)  + I asso
-	0x00200742, // n0x07aa c0x0000 (---------------)  + I co
-	0x00233503, // n0x07ab c0x0000 (---------------)  + I com
-	0x00202602, // n0x07ac c0x0000 (---------------)  + I ed
-	0x0023a783, // n0x07ad c0x0000 (---------------)  + I edu
-	0x00202d42, // n0x07ae c0x0000 (---------------)  + I go
-	0x0033d7c4, // n0x07af c0x0000 (---------------)  + I gouv
-	0x00201603, // n0x07b0 c0x0000 (---------------)  + I int
-	0x0024da82, // n0x07b1 c0x0000 (---------------)  + I md
-	0x0021fe03, // n0x07b2 c0x0000 (---------------)  + I net
-	0x00200282, // n0x07b3 c0x0000 (---------------)  + I or
-	0x0022d1c3, // n0x07b4 c0x0000 (---------------)  + I org
-	0x00247506, // n0x07b5 c0x0000 (---------------)  + I presse
-	0x0030dc0f, // n0x07b6 c0x0000 (---------------)  + I xn--aroport-bya
-	0x00700b03, // n0x07b7 c0x0001 (---------------)  ! I www
-	0x000ffa08, // n0x07b8 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x07b9 c0x0000 (---------------)  + I co
-	0x00213183, // n0x07ba c0x0000 (---------------)  + I gob
-	0x0026cc83, // n0x07bb c0x0000 (---------------)  + I gov
-	0x00209003, // n0x07bc c0x0000 (---------------)  + I mil
-	0x00200742, // n0x07bd c0x0000 (---------------)  + I co
-	0x00233503, // n0x07be c0x0000 (---------------)  + I com
-	0x0026cc83, // n0x07bf c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x07c0 c0x0000 (---------------)  + I net
-	0x00201542, // n0x07c1 c0x0000 (---------------)  + I ac
-	0x00204f02, // n0x07c2 c0x0000 (---------------)  + I ah
-	0x0e6f6409, // n0x07c3 c0x0039 (n0x07ee-n0x07ef)  o I amazonaws
-	0x00206502, // n0x07c4 c0x0000 (---------------)  + I bj
-	0x0ee33503, // n0x07c5 c0x003b (n0x07f0-n0x07f1)  + I com
-	0x00243b42, // n0x07c6 c0x0000 (---------------)  + I cq
-	0x0023a783, // n0x07c7 c0x0000 (---------------)  + I edu
-	0x00215b02, // n0x07c8 c0x0000 (---------------)  + I fj
-	0x00222d42, // n0x07c9 c0x0000 (---------------)  + I gd
-	0x0026cc83, // n0x07ca c0x0000 (---------------)  + I gov
-	0x0023a242, // n0x07cb c0x0000 (---------------)  + I gs
-	0x00260202, // n0x07cc c0x0000 (---------------)  + I gx
-	0x00264642, // n0x07cd c0x0000 (---------------)  + I gz
-	0x00202442, // n0x07ce c0x0000 (---------------)  + I ha
-	0x0028c342, // n0x07cf c0x0000 (---------------)  + I hb
-	0x002073c2, // n0x07d0 c0x0000 (---------------)  + I he
-	0x00200d82, // n0x07d1 c0x0000 (---------------)  + I hi
-	0x0020a882, // n0x07d2 c0x0000 (---------------)  + I hk
-	0x00248fc2, // n0x07d3 c0x0000 (---------------)  + I hl
-	0x0021ab42, // n0x07d4 c0x0000 (---------------)  + I hn
-	0x002ac642, // n0x07d5 c0x0000 (---------------)  + I jl
-	0x00251742, // n0x07d6 c0x0000 (---------------)  + I js
-	0x00313402, // n0x07d7 c0x0000 (---------------)  + I jx
-	0x0022e8c2, // n0x07d8 c0x0000 (---------------)  + I ln
-	0x00209003, // n0x07d9 c0x0000 (---------------)  + I mil
-	0x00207102, // n0x07da c0x0000 (---------------)  + I mo
-	0x0021fe03, // n0x07db c0x0000 (---------------)  + I net
-	0x0023db02, // n0x07dc c0x0000 (---------------)  + I nm
-	0x0026a782, // n0x07dd c0x0000 (---------------)  + I nx
-	0x0022d1c3, // n0x07de c0x0000 (---------------)  + I org
-	0x0024f202, // n0x07df c0x0000 (---------------)  + I qh
-	0x00200702, // n0x07e0 c0x0000 (---------------)  + I sc
-	0x002496c2, // n0x07e1 c0x0000 (---------------)  + I sd
-	0x00201342, // n0x07e2 c0x0000 (---------------)  + I sh
-	0x00214182, // n0x07e3 c0x0000 (---------------)  + I sn
-	0x002f2802, // n0x07e4 c0x0000 (---------------)  + I sx
-	0x00226782, // n0x07e5 c0x0000 (---------------)  + I tj
-	0x0024e502, // n0x07e6 c0x0000 (---------------)  + I tw
-	0x0036f4c2, // n0x07e7 c0x0000 (---------------)  + I xj
-	0x003029ca, // n0x07e8 c0x0000 (---------------)  + I xn--55qx5d
-	0x0034280a, // n0x07e9 c0x0000 (---------------)  + I xn--io0a7i
-	0x0037648a, // n0x07ea c0x0000 (---------------)  + I xn--od0alg
-	0x003a6cc2, // n0x07eb c0x0000 (---------------)  + I xz
-	0x00213642, // n0x07ec c0x0000 (---------------)  + I yn
-	0x00247702, // n0x07ed c0x0000 (---------------)  + I zj
-	0x0e835247, // n0x07ee c0x003a (n0x07ef-n0x07f0)  +   compute
-	0x00039b8a, // n0x07ef c0x0000 (---------------)  +   cn-north-1
-	0x0f2f6409, // n0x07f0 c0x003c (n0x07f1-n0x07f2)  o I amazonaws
-	0x0f639b8a, // n0x07f1 c0x003d (n0x07f2-n0x07f3)  o I cn-north-1
-	0x0004a542, // n0x07f2 c0x0000 (---------------)  +   s3
-	0x0024bf84, // n0x07f3 c0x0000 (---------------)  + I arts
-	0x0fe33503, // n0x07f4 c0x003f (n0x0800-n0x0801)  + I com
-	0x0023a783, // n0x07f5 c0x0000 (---------------)  + I edu
-	0x0024d9c4, // n0x07f6 c0x0000 (---------------)  + I firm
-	0x0026cc83, // n0x07f7 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x07f8 c0x0000 (---------------)  + I info
-	0x00201603, // n0x07f9 c0x0000 (---------------)  + I int
-	0x00209003, // n0x07fa c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x07fb c0x0000 (---------------)  + I net
-	0x00201483, // n0x07fc c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x07fd c0x0000 (---------------)  + I org
-	0x0022a5c3, // n0x07fe c0x0000 (---------------)  + I rec
-	0x00221a03, // n0x07ff c0x0000 (---------------)  + I web
-	0x000ffa08, // n0x0800 c0x0000 (---------------)  +   blogspot
-	0x00131905, // n0x0801 c0x0000 (---------------)  +   1kapp
-	0x0010a942, // n0x0802 c0x0000 (---------------)  +   4u
-	0x00175846, // n0x0803 c0x0000 (---------------)  +   africa
-	0x106f6409, // n0x0804 c0x0041 (n0x08d7-n0x08eb)  o I amazonaws
-	0x000092c7, // n0x0805 c0x0000 (---------------)  +   appspot
-	0x00000a42, // n0x0806 c0x0000 (---------------)  +   ar
-	0x0019bcca, // n0x0807 c0x0000 (---------------)  +   betainabox
-	0x000fb147, // n0x0808 c0x0000 (---------------)  +   blogdns
-	0x000ffa08, // n0x0809 c0x0000 (---------------)  +   blogspot
-	0x0001c402, // n0x080a c0x0000 (---------------)  +   br
-	0x001387c7, // n0x080b c0x0000 (---------------)  +   cechire
-	0x00194fcf, // n0x080c c0x0000 (---------------)  +   cloudcontrolapp
-	0x00108b4f, // n0x080d c0x0000 (---------------)  +   cloudcontrolled
-	0x0001ba42, // n0x080e c0x0000 (---------------)  +   cn
-	0x00000742, // n0x080f c0x0000 (---------------)  +   co
-	0x0009bd08, // n0x0810 c0x0000 (---------------)  +   codespot
-	0x00004d82, // n0x0811 c0x0000 (---------------)  +   de
-	0x0014c048, // n0x0812 c0x0000 (---------------)  +   dnsalias
-	0x0007c9c7, // n0x0813 c0x0000 (---------------)  +   dnsdojo
-	0x00014e0b, // n0x0814 c0x0000 (---------------)  +   doesntexist
-	0x0016a009, // n0x0815 c0x0000 (---------------)  +   dontexist
-	0x0014bf47, // n0x0816 c0x0000 (---------------)  +   doomdns
-	0x000f410c, // n0x0817 c0x0000 (---------------)  +   dreamhosters
-	0x0008cdc7, // n0x0818 c0x0000 (---------------)  +   dsmynas
-	0x0012328a, // n0x0819 c0x0000 (---------------)  +   dyn-o-saur
-	0x00197b48, // n0x081a c0x0000 (---------------)  +   dynalias
-	0x00073dce, // n0x081b c0x0000 (---------------)  +   dyndns-at-home
-	0x000dba8e, // n0x081c c0x0000 (---------------)  +   dyndns-at-work
-	0x000faf8b, // n0x081d c0x0000 (---------------)  +   dyndns-blog
-	0x000e7b4b, // n0x081e c0x0000 (---------------)  +   dyndns-free
-	0x0001388b, // n0x081f c0x0000 (---------------)  +   dyndns-home
-	0x00015c09, // n0x0820 c0x0000 (---------------)  +   dyndns-ip
-	0x0001b40b, // n0x0821 c0x0000 (---------------)  +   dyndns-mail
-	0x000214cd, // n0x0822 c0x0000 (---------------)  +   dyndns-office
-	0x0002554b, // n0x0823 c0x0000 (---------------)  +   dyndns-pics
-	0x0002698d, // n0x0824 c0x0000 (---------------)  +   dyndns-remote
-	0x0002d40d, // n0x0825 c0x0000 (---------------)  +   dyndns-server
-	0x0002e48a, // n0x0826 c0x0000 (---------------)  +   dyndns-web
-	0x0017c2cb, // n0x0827 c0x0000 (---------------)  +   dyndns-wiki
-	0x00151d4b, // n0x0828 c0x0000 (---------------)  +   dyndns-work
-	0x0001e810, // n0x0829 c0x0000 (---------------)  +   elasticbeanstalk
-	0x0002bb8f, // n0x082a c0x0000 (---------------)  +   est-a-la-maison
-	0x0000a14f, // n0x082b c0x0000 (---------------)  +   est-a-la-masion
-	0x0015234d, // n0x082c c0x0000 (---------------)  +   est-le-patron
-	0x0013c450, // n0x082d c0x0000 (---------------)  +   est-mon-blogueur
-	0x00004b82, // n0x082e c0x0000 (---------------)  +   eu
-	0x00008f88, // n0x082f c0x0000 (---------------)  +   familyds
-	0x11a4e285, // n0x0830 c0x0046 (n0x08f9-n0x08fa)  o I fbsbx
-	0x0004c6cb, // n0x0831 c0x0000 (---------------)  +   firebaseapp
-	0x000549c8, // n0x0832 c0x0000 (---------------)  +   flynnhub
-	0x00063d87, // n0x0833 c0x0000 (---------------)  +   from-ak
-	0x000640c7, // n0x0834 c0x0000 (---------------)  +   from-al
-	0x00064287, // n0x0835 c0x0000 (---------------)  +   from-ar
-	0x00065347, // n0x0836 c0x0000 (---------------)  +   from-ca
-	0x00065e07, // n0x0837 c0x0000 (---------------)  +   from-ct
-	0x00066587, // n0x0838 c0x0000 (---------------)  +   from-dc
-	0x00067007, // n0x0839 c0x0000 (---------------)  +   from-de
-	0x00067547, // n0x083a c0x0000 (---------------)  +   from-fl
-	0x00067b87, // n0x083b c0x0000 (---------------)  +   from-ga
-	0x00067f07, // n0x083c c0x0000 (---------------)  +   from-hi
-	0x00068787, // n0x083d c0x0000 (---------------)  +   from-ia
-	0x00068947, // n0x083e c0x0000 (---------------)  +   from-id
-	0x00068b07, // n0x083f c0x0000 (---------------)  +   from-il
-	0x00068cc7, // n0x0840 c0x0000 (---------------)  +   from-in
-	0x00068fc7, // n0x0841 c0x0000 (---------------)  +   from-ks
-	0x00069ac7, // n0x0842 c0x0000 (---------------)  +   from-ky
-	0x0006a5c7, // n0x0843 c0x0000 (---------------)  +   from-ma
-	0x0006aa87, // n0x0844 c0x0000 (---------------)  +   from-md
-	0x0006b007, // n0x0845 c0x0000 (---------------)  +   from-mi
-	0x0006bd87, // n0x0846 c0x0000 (---------------)  +   from-mn
-	0x0006bf47, // n0x0847 c0x0000 (---------------)  +   from-mo
-	0x0006c247, // n0x0848 c0x0000 (---------------)  +   from-ms
-	0x0006c787, // n0x0849 c0x0000 (---------------)  +   from-mt
-	0x0006c987, // n0x084a c0x0000 (---------------)  +   from-nc
-	0x0006d307, // n0x084b c0x0000 (---------------)  +   from-nd
-	0x0006d4c7, // n0x084c c0x0000 (---------------)  +   from-ne
-	0x0006d8c7, // n0x084d c0x0000 (---------------)  +   from-nh
-	0x0006e007, // n0x084e c0x0000 (---------------)  +   from-nj
-	0x0006e4c7, // n0x084f c0x0000 (---------------)  +   from-nm
-	0x0006ef87, // n0x0850 c0x0000 (---------------)  +   from-nv
-	0x0006f587, // n0x0851 c0x0000 (---------------)  +   from-oh
-	0x0006f847, // n0x0852 c0x0000 (---------------)  +   from-ok
-	0x0006fbc7, // n0x0853 c0x0000 (---------------)  +   from-or
-	0x0006fd87, // n0x0854 c0x0000 (---------------)  +   from-pa
-	0x00070107, // n0x0855 c0x0000 (---------------)  +   from-pr
-	0x000708c7, // n0x0856 c0x0000 (---------------)  +   from-ri
-	0x00070f07, // n0x0857 c0x0000 (---------------)  +   from-sc
-	0x00071307, // n0x0858 c0x0000 (---------------)  +   from-sd
-	0x00073147, // n0x0859 c0x0000 (---------------)  +   from-tn
-	0x00073307, // n0x085a c0x0000 (---------------)  +   from-tx
-	0x00073747, // n0x085b c0x0000 (---------------)  +   from-ut
-	0x00074607, // n0x085c c0x0000 (---------------)  +   from-va
-	0x00074c47, // n0x085d c0x0000 (---------------)  +   from-vt
-	0x00074f47, // n0x085e c0x0000 (---------------)  +   from-wa
-	0x00075107, // n0x085f c0x0000 (---------------)  +   from-wi
-	0x00075487, // n0x0860 c0x0000 (---------------)  +   from-wv
-	0x00076607, // n0x0861 c0x0000 (---------------)  +   from-wy
-	0x0000d202, // n0x0862 c0x0000 (---------------)  +   gb
-	0x000d4487, // n0x0863 c0x0000 (---------------)  +   getmyip
-	0x11cca40b, // n0x0864 c0x0047 (n0x08fa-n0x08fd)  +   githubcloud
-	0x014ca416, // n0x0865 c0x0005 (---------------)* o   githubcloudusercontent
-	0x00019511, // n0x0866 c0x0000 (---------------)  +   githubusercontent
-	0x000df54a, // n0x0867 c0x0000 (---------------)  +   googleapis
-	0x0009bb8a, // n0x0868 c0x0000 (---------------)  +   googlecode
-	0x00057d06, // n0x0869 c0x0000 (---------------)  +   gotdns
-	0x00011ecb, // n0x086a c0x0000 (---------------)  +   gotpantheon
-	0x00000c82, // n0x086b c0x0000 (---------------)  +   gr
-	0x000992c9, // n0x086c c0x0000 (---------------)  +   herokuapp
-	0x00091f49, // n0x086d c0x0000 (---------------)  +   herokussl
-	0x0000a882, // n0x086e c0x0000 (---------------)  +   hk
-	0x0014cfca, // n0x086f c0x0000 (---------------)  +   hobby-site
-	0x000a59c9, // n0x0870 c0x0000 (---------------)  +   homelinux
-	0x000a6fc8, // n0x0871 c0x0000 (---------------)  +   homeunix
-	0x000195c2, // n0x0872 c0x0000 (---------------)  +   hu
-	0x00116f89, // n0x0873 c0x0000 (---------------)  +   iamallama
-	0x0016d68e, // n0x0874 c0x0000 (---------------)  +   is-a-anarchist
-	0x000a3ecc, // n0x0875 c0x0000 (---------------)  +   is-a-blogger
-	0x000d254f, // n0x0876 c0x0000 (---------------)  +   is-a-bookkeeper
-	0x0018ba8e, // n0x0877 c0x0000 (---------------)  +   is-a-bulls-fan
-	0x0000de0c, // n0x0878 c0x0000 (---------------)  +   is-a-caterer
-	0x00012789, // n0x0879 c0x0000 (---------------)  +   is-a-chef
-	0x00013d11, // n0x087a c0x0000 (---------------)  +   is-a-conservative
-	0x00016c08, // n0x087b c0x0000 (---------------)  +   is-a-cpa
-	0x00024852, // n0x087c c0x0000 (---------------)  +   is-a-cubicle-slave
-	0x0002648d, // n0x087d c0x0000 (---------------)  +   is-a-democrat
-	0x0002db8d, // n0x087e c0x0000 (---------------)  +   is-a-designer
-	0x0017614b, // n0x087f c0x0000 (---------------)  +   is-a-doctor
-	0x00178815, // n0x0880 c0x0000 (---------------)  +   is-a-financialadvisor
-	0x0004e989, // n0x0881 c0x0000 (---------------)  +   is-a-geek
-	0x0005028a, // n0x0882 c0x0000 (---------------)  +   is-a-green
-	0x00059389, // n0x0883 c0x0000 (---------------)  +   is-a-guru
-	0x0005bd50, // n0x0884 c0x0000 (---------------)  +   is-a-hard-worker
-	0x000662cb, // n0x0885 c0x0000 (---------------)  +   is-a-hunter
-	0x00070a4f, // n0x0886 c0x0000 (---------------)  +   is-a-landscaper
-	0x0007434b, // n0x0887 c0x0000 (---------------)  +   is-a-lawyer
-	0x0007b5cc, // n0x0888 c0x0000 (---------------)  +   is-a-liberal
-	0x0007dbd0, // n0x0889 c0x0000 (---------------)  +   is-a-libertarian
-	0x00082fca, // n0x088a c0x0000 (---------------)  +   is-a-llama
-	0x0008394d, // n0x088b c0x0000 (---------------)  +   is-a-musician
-	0x0008894e, // n0x088c c0x0000 (---------------)  +   is-a-nascarfan
-	0x0014414a, // n0x088d c0x0000 (---------------)  +   is-a-nurse
-	0x00089f0c, // n0x088e c0x0000 (---------------)  +   is-a-painter
-	0x00094ed4, // n0x088f c0x0000 (---------------)  +   is-a-personaltrainer
-	0x00098f51, // n0x0890 c0x0000 (---------------)  +   is-a-photographer
-	0x0009e80b, // n0x0891 c0x0000 (---------------)  +   is-a-player
-	0x0009f58f, // n0x0892 c0x0000 (---------------)  +   is-a-republican
-	0x000a0f8d, // n0x0893 c0x0000 (---------------)  +   is-a-rockstar
-	0x000a384e, // n0x0894 c0x0000 (---------------)  +   is-a-socialist
-	0x000abc0c, // n0x0895 c0x0000 (---------------)  +   is-a-student
-	0x000d5b8c, // n0x0896 c0x0000 (---------------)  +   is-a-teacher
-	0x000d588b, // n0x0897 c0x0000 (---------------)  +   is-a-techie
-	0x000beb8e, // n0x0898 c0x0000 (---------------)  +   is-a-therapist
-	0x000d9990, // n0x0899 c0x0000 (---------------)  +   is-an-accountant
-	0x000ad54b, // n0x089a c0x0000 (---------------)  +   is-an-actor
-	0x000d540d, // n0x089b c0x0000 (---------------)  +   is-an-actress
-	0x000fb60f, // n0x089c c0x0000 (---------------)  +   is-an-anarchist
-	0x0010390c, // n0x089d c0x0000 (---------------)  +   is-an-artist
-	0x00168fce, // n0x089e c0x0000 (---------------)  +   is-an-engineer
-	0x000b2bd1, // n0x089f c0x0000 (---------------)  +   is-an-entertainer
-	0x000b924c, // n0x08a0 c0x0000 (---------------)  +   is-certified
-	0x000bb247, // n0x08a1 c0x0000 (---------------)  +   is-gone
-	0x000be5cd, // n0x08a2 c0x0000 (---------------)  +   is-into-anime
-	0x00105d8c, // n0x08a3 c0x0000 (---------------)  +   is-into-cars
-	0x00147b50, // n0x08a4 c0x0000 (---------------)  +   is-into-cartoons
-	0x0016fecd, // n0x08a5 c0x0000 (---------------)  +   is-into-games
-	0x000cf347, // n0x08a6 c0x0000 (---------------)  +   is-leet
-	0x0017e2d0, // n0x08a7 c0x0000 (---------------)  +   is-not-certified
-	0x000e9488, // n0x08a8 c0x0000 (---------------)  +   is-slick
-	0x000ef04b, // n0x08a9 c0x0000 (---------------)  +   is-uberleet
-	0x0014bbcf, // n0x08aa c0x0000 (---------------)  +   is-with-theband
-	0x0008e588, // n0x08ab c0x0000 (---------------)  +   isa-geek
-	0x000df74d, // n0x08ac c0x0000 (---------------)  +   isa-hockeynut
-	0x00168110, // n0x08ad c0x0000 (---------------)  +   issmarterthanyou
-	0x000aedc3, // n0x08ae c0x0000 (---------------)  +   jpn
-	0x00006fc2, // n0x08af c0x0000 (---------------)  +   kr
-	0x00058c49, // n0x08b0 c0x0000 (---------------)  +   likes-pie
-	0x00073bca, // n0x08b1 c0x0000 (---------------)  +   likescandy
-	0x00005303, // n0x08b2 c0x0000 (---------------)  +   mex
-	0x0010b007, // n0x08b3 c0x0000 (---------------)  +   mydrobo
-	0x001176c8, // n0x08b4 c0x0000 (---------------)  +   neat-url
-	0x00184847, // n0x08b5 c0x0000 (---------------)  +   nfshost
-	0x00000c02, // n0x08b6 c0x0000 (---------------)  +   no
-	0x00064d0a, // n0x08b7 c0x0000 (---------------)  +   operaunite
-	0x00194d4f, // n0x08b8 c0x0000 (---------------)  +   outsystemscloud
-	0x000eaf0c, // n0x08b9 c0x0000 (---------------)  +   pagefrontapp
-	0x000eb1d2, // n0x08ba c0x0000 (---------------)  +   pagespeedmobilizer
-	0x122e1605, // n0x08bb c0x0048 (n0x08fd-n0x08fe)  o I prgmr
-	0x00114683, // n0x08bc c0x0000 (---------------)  +   qa2
-	0x0017cd42, // n0x08bd c0x0000 (---------------)  +   qc
-	0x000ecb08, // n0x08be c0x0000 (---------------)  +   rackmaze
-	0x00108ac7, // n0x08bf c0x0000 (---------------)  +   rhcloud
-	0x00002202, // n0x08c0 c0x0000 (---------------)  +   ro
-	0x00011302, // n0x08c1 c0x0000 (---------------)  +   ru
-	0x000004c2, // n0x08c2 c0x0000 (---------------)  +   sa
-	0x00033810, // n0x08c3 c0x0000 (---------------)  +   saves-the-whales
-	0x000046c2, // n0x08c4 c0x0000 (---------------)  +   se
-	0x0006ba86, // n0x08c5 c0x0000 (---------------)  +   selfip
-	0x0013738e, // n0x08c6 c0x0000 (---------------)  +   sells-for-less
-	0x0008becb, // n0x08c7 c0x0000 (---------------)  +   sells-for-u
-	0x000cb7c8, // n0x08c8 c0x0000 (---------------)  +   servebbs
-	0x000d0eca, // n0x08c9 c0x0000 (---------------)  +   simple-url
-	0x000f7b87, // n0x08ca c0x0000 (---------------)  +   sinaapp
-	0x0000bb4d, // n0x08cb c0x0000 (---------------)  +   space-to-rent
-	0x001557cc, // n0x08cc c0x0000 (---------------)  +   teaches-yoga
-	0x00000f82, // n0x08cd c0x0000 (---------------)  +   uk
-	0x00002382, // n0x08ce c0x0000 (---------------)  +   us
-	0x00001802, // n0x08cf c0x0000 (---------------)  +   uy
-	0x000f7aca, // n0x08d0 c0x0000 (---------------)  +   vipsinaapp
-	0x000df44a, // n0x08d1 c0x0000 (---------------)  +   withgoogle
-	0x000e470b, // n0x08d2 c0x0000 (---------------)  +   withyoutube
-	0x000ff78e, // n0x08d3 c0x0000 (---------------)  +   writesthisblog
-	0x0001bc0d, // n0x08d4 c0x0000 (---------------)  +   xenapponazure
-	0x000d6f08, // n0x08d5 c0x0000 (---------------)  +   yolasite
-	0x00005f82, // n0x08d6 c0x0000 (---------------)  +   za
-	0x10a5f44e, // n0x08d7 c0x0042 (n0x08eb-n0x08ec)  o I ap-northeast-2
-	0x10c35247, // n0x08d8 c0x0043 (n0x08ec-n0x08f6)  +   compute
-	0x11035249, // n0x08d9 c0x0044 (n0x08f6-n0x08f8)  +   compute-1
-	0x00010743, // n0x08da c0x0000 (---------------)  +   elb
-	0x11672e4c, // n0x08db c0x0045 (n0x08f8-n0x08f9)  o I eu-central-1
-	0x0004a542, // n0x08dc c0x0000 (---------------)  +   s3
-	0x00132491, // n0x08dd c0x0000 (---------------)  +   s3-ap-northeast-1
-	0x0005f391, // n0x08de c0x0000 (---------------)  +   s3-ap-northeast-2
-	0x00131511, // n0x08df c0x0000 (---------------)  +   s3-ap-southeast-1
-	0x0004a551, // n0x08e0 c0x0000 (---------------)  +   s3-ap-southeast-2
-	0x00072d8f, // n0x08e1 c0x0000 (---------------)  +   s3-eu-central-1
-	0x001101cc, // n0x08e2 c0x0000 (---------------)  +   s3-eu-west-1
-	0x0011b34d, // n0x08e3 c0x0000 (---------------)  +   s3-external-1
-	0x0012364d, // n0x08e4 c0x0000 (---------------)  +   s3-external-2
-	0x00126215, // n0x08e5 c0x0000 (---------------)  +   s3-fips-us-gov-west-1
-	0x0014694c, // n0x08e6 c0x0000 (---------------)  +   s3-sa-east-1
-	0x000de150, // n0x08e7 c0x0000 (---------------)  +   s3-us-gov-west-1
-	0x000c158c, // n0x08e8 c0x0000 (---------------)  +   s3-us-west-1
-	0x000dc7cc, // n0x08e9 c0x0000 (---------------)  +   s3-us-west-2
-	0x0017ca09, // n0x08ea c0x0000 (---------------)  +   us-east-1
-	0x0004a542, // n0x08eb c0x0000 (---------------)  +   s3
-	0x0013254e, // n0x08ec c0x0000 (---------------)  +   ap-northeast-1
-	0x0005f44e, // n0x08ed c0x0000 (---------------)  +   ap-northeast-2
-	0x001315ce, // n0x08ee c0x0000 (---------------)  +   ap-southeast-1
-	0x0004a60e, // n0x08ef c0x0000 (---------------)  +   ap-southeast-2
-	0x00072e4c, // n0x08f0 c0x0000 (---------------)  +   eu-central-1
-	0x00110289, // n0x08f1 c0x0000 (---------------)  +   eu-west-1
-	0x00146a09, // n0x08f2 c0x0000 (---------------)  +   sa-east-1
-	0x000de20d, // n0x08f3 c0x0000 (---------------)  +   us-gov-west-1
-	0x000c1649, // n0x08f4 c0x0000 (---------------)  +   us-west-1
-	0x000dc889, // n0x08f5 c0x0000 (---------------)  +   us-west-2
-	0x0002a043, // n0x08f6 c0x0000 (---------------)  +   z-1
-	0x0013e5c3, // n0x08f7 c0x0000 (---------------)  +   z-2
-	0x0004a542, // n0x08f8 c0x0000 (---------------)  +   s3
-	0x000092c4, // n0x08f9 c0x0000 (---------------)  +   apps
-	0x014bedc3, // n0x08fa c0x0005 (---------------)* o   api
-	0x0140ba03, // n0x08fb c0x0005 (---------------)* o   ext
-	0x000e2dc4, // n0x08fc c0x0000 (---------------)  +   gist
-	0x0001bc03, // n0x08fd c0x0000 (---------------)  +   xen
-	0x00201542, // n0x08fe c0x0000 (---------------)  + I ac
-	0x00200742, // n0x08ff c0x0000 (---------------)  + I co
-	0x00202602, // n0x0900 c0x0000 (---------------)  + I ed
-	0x00207502, // n0x0901 c0x0000 (---------------)  + I fi
-	0x00202d42, // n0x0902 c0x0000 (---------------)  + I go
-	0x00200282, // n0x0903 c0x0000 (---------------)  + I or
-	0x002004c2, // n0x0904 c0x0000 (---------------)  + I sa
-	0x00233503, // n0x0905 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0906 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0907 c0x0000 (---------------)  + I gov
-	0x003a1083, // n0x0908 c0x0000 (---------------)  + I inf
-	0x0021fe03, // n0x0909 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x090a c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x090b c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x090c c0x0000 (---------------)  + I com
-	0x0023a783, // n0x090d c0x0000 (---------------)  + I edu
-	0x0021fe03, // n0x090e c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x090f c0x0000 (---------------)  + I org
-	0x00048f43, // n0x0910 c0x0000 (---------------)  +   ath
-	0x0026cc83, // n0x0911 c0x0000 (---------------)  + I gov
-	0x00201542, // n0x0912 c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x0913 c0x0000 (---------------)  + I biz
-	0x13e33503, // n0x0914 c0x004f (n0x091f-n0x0920)  + I com
-	0x0027a1c7, // n0x0915 c0x0000 (---------------)  + I ekloges
-	0x0026cc83, // n0x0916 c0x0000 (---------------)  + I gov
-	0x00322cc3, // n0x0917 c0x0000 (---------------)  + I ltd
-	0x00205284, // n0x0918 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x0919 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x091a c0x0000 (---------------)  + I org
-	0x0028440a, // n0x091b c0x0000 (---------------)  + I parliament
-	0x00247505, // n0x091c c0x0000 (---------------)  + I press
-	0x00220e43, // n0x091d c0x0000 (---------------)  + I pro
-	0x00200142, // n0x091e c0x0000 (---------------)  + I tm
-	0x000ffa08, // n0x091f c0x0000 (---------------)  +   blogspot
-	0x000ffa08, // n0x0920 c0x0000 (---------------)  +   blogspot
-	0x00000742, // n0x0921 c0x0000 (---------------)  +   co
-	0x000ffa08, // n0x0922 c0x0000 (---------------)  +   blogspot
-	0x00033503, // n0x0923 c0x0000 (---------------)  +   com
-	0x000afa4f, // n0x0924 c0x0000 (---------------)  +   fuettertdasnetz
-	0x0016a18a, // n0x0925 c0x0000 (---------------)  +   isteingeek
-	0x000a3b07, // n0x0926 c0x0000 (---------------)  +   istmein
-	0x0001fc8a, // n0x0927 c0x0000 (---------------)  +   lebtimnetz
-	0x0018460a, // n0x0928 c0x0000 (---------------)  +   leitungsen
-	0x00004acd, // n0x0929 c0x0000 (---------------)  +   traeumtgerade
-	0x000ffa08, // n0x092a c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x092b c0x0000 (---------------)  + I com
-	0x0023a783, // n0x092c c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x092d c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x092e c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x092f c0x0000 (---------------)  + I org
-	0x002011c3, // n0x0930 c0x0000 (---------------)  + I art
-	0x00233503, // n0x0931 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0932 c0x0000 (---------------)  + I edu
-	0x00213183, // n0x0933 c0x0000 (---------------)  + I gob
-	0x0026cc83, // n0x0934 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0935 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0936 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0937 c0x0000 (---------------)  + I org
-	0x00292103, // n0x0938 c0x0000 (---------------)  + I sld
-	0x00221a03, // n0x0939 c0x0000 (---------------)  + I web
-	0x002011c3, // n0x093a c0x0000 (---------------)  + I art
-	0x002d4884, // n0x093b c0x0000 (---------------)  + I asso
-	0x00233503, // n0x093c c0x0000 (---------------)  + I com
-	0x0023a783, // n0x093d c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x093e c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x093f c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0940 c0x0000 (---------------)  + I org
-	0x00208103, // n0x0941 c0x0000 (---------------)  + I pol
-	0x00233503, // n0x0942 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0943 c0x0000 (---------------)  + I edu
-	0x00207503, // n0x0944 c0x0000 (---------------)  + I fin
-	0x00213183, // n0x0945 c0x0000 (---------------)  + I gob
-	0x0026cc83, // n0x0946 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x0947 c0x0000 (---------------)  + I info
-	0x00309ac3, // n0x0948 c0x0000 (---------------)  + I k12
-	0x00213ac3, // n0x0949 c0x0000 (---------------)  + I med
-	0x00209003, // n0x094a c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x094b c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x094c c0x0000 (---------------)  + I org
-	0x00220e43, // n0x094d c0x0000 (---------------)  + I pro
-	0x003a6543, // n0x094e c0x0000 (---------------)  + I aip
-	0x16233503, // n0x094f c0x0058 (n0x0958-n0x0959)  + I com
-	0x0023a783, // n0x0950 c0x0000 (---------------)  + I edu
-	0x002b9443, // n0x0951 c0x0000 (---------------)  + I fie
-	0x0026cc83, // n0x0952 c0x0000 (---------------)  + I gov
-	0x0027b703, // n0x0953 c0x0000 (---------------)  + I lib
-	0x00213ac3, // n0x0954 c0x0000 (---------------)  + I med
-	0x0022d1c3, // n0x0955 c0x0000 (---------------)  + I org
-	0x00204603, // n0x0956 c0x0000 (---------------)  + I pri
-	0x00320cc4, // n0x0957 c0x0000 (---------------)  + I riik
-	0x000ffa08, // n0x0958 c0x0000 (---------------)  +   blogspot
-	0x16a33503, // n0x0959 c0x005a (n0x0962-n0x0963)  + I com
-	0x0023a783, // n0x095a c0x0000 (---------------)  + I edu
-	0x002a7083, // n0x095b c0x0000 (---------------)  + I eun
-	0x0026cc83, // n0x095c c0x0000 (---------------)  + I gov
-	0x00209003, // n0x095d c0x0000 (---------------)  + I mil
-	0x00205284, // n0x095e c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x095f c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0960 c0x0000 (---------------)  + I org
-	0x0021d703, // n0x0961 c0x0000 (---------------)  + I sci
-	0x000ffa08, // n0x0962 c0x0000 (---------------)  +   blogspot
-	0x17233503, // n0x0963 c0x005c (n0x0968-n0x0969)  + I com
-	0x0023a783, // n0x0964 c0x0000 (---------------)  + I edu
-	0x00213183, // n0x0965 c0x0000 (---------------)  + I gob
-	0x00201483, // n0x0966 c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x0967 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x0968 c0x0000 (---------------)  +   blogspot
-	0x00330b83, // n0x0969 c0x0000 (---------------)  + I biz
-	0x00233503, // n0x096a c0x0000 (---------------)  + I com
-	0x0023a783, // n0x096b c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x096c c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x096d c0x0000 (---------------)  + I info
-	0x00205284, // n0x096e c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x096f c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0970 c0x0000 (---------------)  + I org
-	0x0031a845, // n0x0971 c0x0000 (---------------)  + I aland
-	0x000ffa08, // n0x0972 c0x0000 (---------------)  +   blogspot
-	0x0003be03, // n0x0973 c0x0000 (---------------)  +   iki
-	0x002ec408, // n0x0974 c0x0000 (---------------)  + I aeroport
-	0x00350d87, // n0x0975 c0x0000 (---------------)  + I assedic
-	0x002d4884, // n0x0976 c0x0000 (---------------)  + I asso
-	0x0032f106, // n0x0977 c0x0000 (---------------)  + I avocat
-	0x00346806, // n0x0978 c0x0000 (---------------)  + I avoues
-	0x000ffa08, // n0x0979 c0x0000 (---------------)  +   blogspot
-	0x0023fdc3, // n0x097a c0x0000 (---------------)  + I cci
-	0x00209b49, // n0x097b c0x0000 (---------------)  + I chambagri
-	0x002b2115, // n0x097c c0x0000 (---------------)  + I chirurgiens-dentistes
-	0x00233503, // n0x097d c0x0000 (---------------)  + I com
-	0x0031ee12, // n0x097e c0x0000 (---------------)  + I experts-comptables
-	0x0031ebcf, // n0x097f c0x0000 (---------------)  + I geometre-expert
-	0x0033d7c4, // n0x0980 c0x0000 (---------------)  + I gouv
-	0x0022a885, // n0x0981 c0x0000 (---------------)  + I greta
-	0x002f2f10, // n0x0982 c0x0000 (---------------)  + I huissier-justice
-	0x00238bc7, // n0x0983 c0x0000 (---------------)  + I medecin
-	0x00201483, // n0x0984 c0x0000 (---------------)  + I nom
-	0x0025c988, // n0x0985 c0x0000 (---------------)  + I notaires
-	0x0034d60a, // n0x0986 c0x0000 (---------------)  + I pharmacien
-	0x00246184, // n0x0987 c0x0000 (---------------)  + I port
-	0x002e1043, // n0x0988 c0x0000 (---------------)  + I prd
-	0x00247506, // n0x0989 c0x0000 (---------------)  + I presse
-	0x00200142, // n0x098a c0x0000 (---------------)  + I tm
-	0x002d1c8b, // n0x098b c0x0000 (---------------)  + I veterinaire
-	0x00233503, // n0x098c c0x0000 (---------------)  + I com
-	0x0023a783, // n0x098d c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x098e c0x0000 (---------------)  + I gov
-	0x00209003, // n0x098f c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0990 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0991 c0x0000 (---------------)  + I org
-	0x002e5543, // n0x0992 c0x0000 (---------------)  + I pvt
-	0x00200742, // n0x0993 c0x0000 (---------------)  + I co
-	0x0021fe03, // n0x0994 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0995 c0x0000 (---------------)  + I org
-	0x00233503, // n0x0996 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0997 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0998 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0999 c0x0000 (---------------)  + I mil
-	0x0022d1c3, // n0x099a c0x0000 (---------------)  + I org
-	0x00233503, // n0x099b c0x0000 (---------------)  + I com
-	0x0023a783, // n0x099c c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x099d c0x0000 (---------------)  + I gov
-	0x00322cc3, // n0x099e c0x0000 (---------------)  + I ltd
-	0x00218303, // n0x099f c0x0000 (---------------)  + I mod
-	0x0022d1c3, // n0x09a0 c0x0000 (---------------)  + I org
-	0x00200742, // n0x09a1 c0x0000 (---------------)  + I co
-	0x00233503, // n0x09a2 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09a3 c0x0000 (---------------)  + I edu
-	0x0021fe03, // n0x09a4 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09a5 c0x0000 (---------------)  + I org
-	0x00201542, // n0x09a6 c0x0000 (---------------)  + I ac
-	0x00233503, // n0x09a7 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09a8 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x09a9 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x09aa c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09ab c0x0000 (---------------)  + I org
-	0x002d4884, // n0x09ac c0x0000 (---------------)  + I asso
-	0x00233503, // n0x09ad c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09ae c0x0000 (---------------)  + I edu
-	0x00207104, // n0x09af c0x0000 (---------------)  + I mobi
-	0x0021fe03, // n0x09b0 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09b1 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x09b2 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x09b3 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09b4 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x09b5 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x09b6 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09b7 c0x0000 (---------------)  + I org
-	0x00233503, // n0x09b8 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09b9 c0x0000 (---------------)  + I edu
-	0x00213183, // n0x09ba c0x0000 (---------------)  + I gob
-	0x0021d883, // n0x09bb c0x0000 (---------------)  + I ind
-	0x00209003, // n0x09bc c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x09bd c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09be c0x0000 (---------------)  + I org
-	0x00200742, // n0x09bf c0x0000 (---------------)  + I co
-	0x00233503, // n0x09c0 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09c1 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x09c2 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x09c3 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09c4 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x09c5 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x09c6 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09c7 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x09c8 c0x0000 (---------------)  + I gov
-	0x00317243, // n0x09c9 c0x0000 (---------------)  + I idv
-	0x0002e7c3, // n0x09ca c0x0000 (---------------)  +   inc
-	0x00122cc3, // n0x09cb c0x0000 (---------------)  +   ltd
-	0x0021fe03, // n0x09cc c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09cd c0x0000 (---------------)  + I org
-	0x003029ca, // n0x09ce c0x0000 (---------------)  + I xn--55qx5d
-	0x0031bd89, // n0x09cf c0x0000 (---------------)  + I xn--ciqpn
-	0x0033ac4b, // n0x09d0 c0x0000 (---------------)  + I xn--gmq050i
-	0x0033b1ca, // n0x09d1 c0x0000 (---------------)  + I xn--gmqw5a
-	0x0034280a, // n0x09d2 c0x0000 (---------------)  + I xn--io0a7i
-	0x00353a8b, // n0x09d3 c0x0000 (---------------)  + I xn--lcvr32d
-	0x0036704a, // n0x09d4 c0x0000 (---------------)  + I xn--mk0axi
-	0x0036fa4a, // n0x09d5 c0x0000 (---------------)  + I xn--mxtq1m
-	0x0037648a, // n0x09d6 c0x0000 (---------------)  + I xn--od0alg
-	0x0037670b, // n0x09d7 c0x0000 (---------------)  + I xn--od0aq3b
-	0x00392609, // n0x09d8 c0x0000 (---------------)  + I xn--tn0ag
-	0x003941ca, // n0x09d9 c0x0000 (---------------)  + I xn--uc0atv
-	0x0039470b, // n0x09da c0x0000 (---------------)  + I xn--uc0ay4a
-	0x0039cfcb, // n0x09db c0x0000 (---------------)  + I xn--wcvs22d
-	0x003a57ca, // n0x09dc c0x0000 (---------------)  + I xn--zf0avx
-	0x00233503, // n0x09dd c0x0000 (---------------)  + I com
-	0x0023a783, // n0x09de c0x0000 (---------------)  + I edu
-	0x00213183, // n0x09df c0x0000 (---------------)  + I gob
-	0x00209003, // n0x09e0 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x09e1 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09e2 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x09e3 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x09e4 c0x0000 (---------------)  + I com
-	0x00263d84, // n0x09e5 c0x0000 (---------------)  + I from
-	0x00212582, // n0x09e6 c0x0000 (---------------)  + I iz
-	0x00205284, // n0x09e7 c0x0000 (---------------)  + I name
-	0x002a1985, // n0x09e8 c0x0000 (---------------)  + I adult
-	0x002011c3, // n0x09e9 c0x0000 (---------------)  + I art
-	0x002d4884, // n0x09ea c0x0000 (---------------)  + I asso
-	0x00233503, // n0x09eb c0x0000 (---------------)  + I com
-	0x0023d684, // n0x09ec c0x0000 (---------------)  + I coop
-	0x0023a783, // n0x09ed c0x0000 (---------------)  + I edu
-	0x0024d9c4, // n0x09ee c0x0000 (---------------)  + I firm
-	0x0033d7c4, // n0x09ef c0x0000 (---------------)  + I gouv
-	0x003a1244, // n0x09f0 c0x0000 (---------------)  + I info
-	0x00213ac3, // n0x09f1 c0x0000 (---------------)  + I med
-	0x0021fe03, // n0x09f2 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x09f3 c0x0000 (---------------)  + I org
-	0x00295005, // n0x09f4 c0x0000 (---------------)  + I perso
-	0x00208103, // n0x09f5 c0x0000 (---------------)  + I pol
-	0x00220e43, // n0x09f6 c0x0000 (---------------)  + I pro
-	0x00285b43, // n0x09f7 c0x0000 (---------------)  + I rel
-	0x00352004, // n0x09f8 c0x0000 (---------------)  + I shop
-	0x002ee544, // n0x09f9 c0x0000 (---------------)  + I 2000
-	0x00258185, // n0x09fa c0x0000 (---------------)  + I agrar
-	0x000ffa08, // n0x09fb c0x0000 (---------------)  +   blogspot
-	0x002f9244, // n0x09fc c0x0000 (---------------)  + I bolt
-	0x0037bc46, // n0x09fd c0x0000 (---------------)  + I casino
-	0x00286744, // n0x09fe c0x0000 (---------------)  + I city
-	0x00200742, // n0x09ff c0x0000 (---------------)  + I co
-	0x00343507, // n0x0a00 c0x0000 (---------------)  + I erotica
-	0x00250887, // n0x0a01 c0x0000 (---------------)  + I erotika
-	0x0024b784, // n0x0a02 c0x0000 (---------------)  + I film
-	0x0025b085, // n0x0a03 c0x0000 (---------------)  + I forum
-	0x003700c5, // n0x0a04 c0x0000 (---------------)  + I games
-	0x00234dc5, // n0x0a05 c0x0000 (---------------)  + I hotel
-	0x003a1244, // n0x0a06 c0x0000 (---------------)  + I info
-	0x00224408, // n0x0a07 c0x0000 (---------------)  + I ingatlan
-	0x00293246, // n0x0a08 c0x0000 (---------------)  + I jogasz
-	0x002cce48, // n0x0a09 c0x0000 (---------------)  + I konyvelo
-	0x002435c5, // n0x0a0a c0x0000 (---------------)  + I lakas
-	0x003025c5, // n0x0a0b c0x0000 (---------------)  + I media
-	0x00221dc4, // n0x0a0c c0x0000 (---------------)  + I news
-	0x0022d1c3, // n0x0a0d c0x0000 (---------------)  + I org
-	0x002e1c44, // n0x0a0e c0x0000 (---------------)  + I priv
-	0x00352c46, // n0x0a0f c0x0000 (---------------)  + I reklam
-	0x00247603, // n0x0a10 c0x0000 (---------------)  + I sex
-	0x00352004, // n0x0a11 c0x0000 (---------------)  + I shop
-	0x00294905, // n0x0a12 c0x0000 (---------------)  + I sport
-	0x0023c004, // n0x0a13 c0x0000 (---------------)  + I suli
-	0x0020b984, // n0x0a14 c0x0000 (---------------)  + I szex
-	0x00200142, // n0x0a15 c0x0000 (---------------)  + I tm
-	0x00270746, // n0x0a16 c0x0000 (---------------)  + I tozsde
-	0x00389006, // n0x0a17 c0x0000 (---------------)  + I utazas
-	0x002f5685, // n0x0a18 c0x0000 (---------------)  + I video
-	0x00201542, // n0x0a19 c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x0a1a c0x0000 (---------------)  + I biz
-	0x1c200742, // n0x0a1b c0x0070 (n0x0a24-n0x0a25)  + I co
-	0x0023bb04, // n0x0a1c c0x0000 (---------------)  + I desa
-	0x00202d42, // n0x0a1d c0x0000 (---------------)  + I go
-	0x00209003, // n0x0a1e c0x0000 (---------------)  + I mil
-	0x00226f02, // n0x0a1f c0x0000 (---------------)  + I my
-	0x0021fe03, // n0x0a20 c0x0000 (---------------)  + I net
-	0x00200282, // n0x0a21 c0x0000 (---------------)  + I or
-	0x00217443, // n0x0a22 c0x0000 (---------------)  + I sch
-	0x00221a03, // n0x0a23 c0x0000 (---------------)  + I web
-	0x000ffa08, // n0x0a24 c0x0000 (---------------)  +   blogspot
-	0x000ffa08, // n0x0a25 c0x0000 (---------------)  +   blogspot
-	0x0026cc83, // n0x0a26 c0x0000 (---------------)  + I gov
-	0x00201542, // n0x0a27 c0x0000 (---------------)  + I ac
-	0x1ce00742, // n0x0a28 c0x0073 (n0x0a2f-n0x0a30)  + I co
-	0x0026cc83, // n0x0a29 c0x0000 (---------------)  + I gov
-	0x00268a83, // n0x0a2a c0x0000 (---------------)  + I idf
-	0x00309ac3, // n0x0a2b c0x0000 (---------------)  + I k12
-	0x002335c4, // n0x0a2c c0x0000 (---------------)  + I muni
-	0x0021fe03, // n0x0a2d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0a2e c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x0a2f c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x0a30 c0x0000 (---------------)  + I ac
-	0x1d600742, // n0x0a31 c0x0075 (n0x0a37-n0x0a39)  + I co
-	0x00233503, // n0x0a32 c0x0000 (---------------)  + I com
-	0x0021fe03, // n0x0a33 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0a34 c0x0000 (---------------)  + I org
-	0x0020e842, // n0x0a35 c0x0000 (---------------)  + I tt
-	0x00224e42, // n0x0a36 c0x0000 (---------------)  + I tv
-	0x00322cc3, // n0x0a37 c0x0000 (---------------)  + I ltd
-	0x002db143, // n0x0a38 c0x0000 (---------------)  + I plc
-	0x00201542, // n0x0a39 c0x0000 (---------------)  + I ac
-	0x000ffa08, // n0x0a3a c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x0a3b c0x0000 (---------------)  + I co
-	0x0023a783, // n0x0a3c c0x0000 (---------------)  + I edu
-	0x0024d9c4, // n0x0a3d c0x0000 (---------------)  + I firm
-	0x00205843, // n0x0a3e c0x0000 (---------------)  + I gen
-	0x0026cc83, // n0x0a3f c0x0000 (---------------)  + I gov
-	0x0021d883, // n0x0a40 c0x0000 (---------------)  + I ind
-	0x00209003, // n0x0a41 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0a42 c0x0000 (---------------)  + I net
-	0x00218f83, // n0x0a43 c0x0000 (---------------)  + I nic
-	0x0022d1c3, // n0x0a44 c0x0000 (---------------)  + I org
-	0x0021d683, // n0x0a45 c0x0000 (---------------)  + I res
-	0x0011e793, // n0x0a46 c0x0000 (---------------)  +   barrel-of-knowledge
-	0x001246d4, // n0x0a47 c0x0000 (---------------)  +   barrell-of-knowledge
-	0x00013886, // n0x0a48 c0x0000 (---------------)  +   dyndns
-	0x000562c7, // n0x0a49 c0x0000 (---------------)  +   for-our
-	0x00155d09, // n0x0a4a c0x0000 (---------------)  +   groks-the
-	0x000ebb0a, // n0x0a4b c0x0000 (---------------)  +   groks-this
-	0x00087c4d, // n0x0a4c c0x0000 (---------------)  +   here-for-more
-	0x001a408a, // n0x0a4d c0x0000 (---------------)  +   knowsitall
-	0x0006ba86, // n0x0a4e c0x0000 (---------------)  +   selfip
-	0x000eadc6, // n0x0a4f c0x0000 (---------------)  +   webhop
-	0x00204b82, // n0x0a50 c0x0000 (---------------)  + I eu
-	0x00233503, // n0x0a51 c0x0000 (---------------)  + I com
-	0x00019506, // n0x0a52 c0x0000 (---------------)  +   github
-	0x00155cc5, // n0x0a53 c0x0000 (---------------)  +   ngrok
-	0x0000cb83, // n0x0a54 c0x0000 (---------------)  +   nid
-	0x00011f88, // n0x0a55 c0x0000 (---------------)  +   pantheon
-	0x000af708, // n0x0a56 c0x0000 (---------------)  +   sandcats
-	0x00233503, // n0x0a57 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0a58 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0a59 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0a5a c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x0a5b c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0a5c c0x0000 (---------------)  + I org
-	0x00201542, // n0x0a5d c0x0000 (---------------)  + I ac
-	0x00200742, // n0x0a5e c0x0000 (---------------)  + I co
-	0x0026cc83, // n0x0a5f c0x0000 (---------------)  + I gov
-	0x0020c782, // n0x0a60 c0x0000 (---------------)  + I id
-	0x0021fe03, // n0x0a61 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0a62 c0x0000 (---------------)  + I org
-	0x00217443, // n0x0a63 c0x0000 (---------------)  + I sch
-	0x0035d94f, // n0x0a64 c0x0000 (---------------)  + I xn--mgba3a4f16a
-	0x0035dd0e, // n0x0a65 c0x0000 (---------------)  + I xn--mgba3a4fra
-	0x000ffa08, // n0x0a66 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x0a67 c0x0000 (---------------)  + I com
-	0x00048107, // n0x0a68 c0x0000 (---------------)  +   cupcake
-	0x0023a783, // n0x0a69 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0a6a c0x0000 (---------------)  + I gov
-	0x00201603, // n0x0a6b c0x0000 (---------------)  + I int
-	0x0021fe03, // n0x0a6c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0a6d c0x0000 (---------------)  + I org
-	0x0021ca03, // n0x0a6e c0x0000 (---------------)  + I abr
-	0x002ed6c7, // n0x0a6f c0x0000 (---------------)  + I abruzzo
-	0x00201002, // n0x0a70 c0x0000 (---------------)  + I ag
-	0x002cd4c9, // n0x0a71 c0x0000 (---------------)  + I agrigento
-	0x002001c2, // n0x0a72 c0x0000 (---------------)  + I al
-	0x00233b0b, // n0x0a73 c0x0000 (---------------)  + I alessandria
-	0x002dfc4a, // n0x0a74 c0x0000 (---------------)  + I alto-adige
-	0x002e3489, // n0x0a75 c0x0000 (---------------)  + I altoadige
-	0x00200502, // n0x0a76 c0x0000 (---------------)  + I an
-	0x00350806, // n0x0a77 c0x0000 (---------------)  + I ancona
-	0x002847d5, // n0x0a78 c0x0000 (---------------)  + I andria-barletta-trani
-	0x00233c55, // n0x0a79 c0x0000 (---------------)  + I andria-trani-barletta
-	0x00290513, // n0x0a7a c0x0000 (---------------)  + I andriabarlettatrani
-	0x002341d3, // n0x0a7b c0x0000 (---------------)  + I andriatranibarletta
-	0x002029c2, // n0x0a7c c0x0000 (---------------)  + I ao
-	0x00216fc5, // n0x0a7d c0x0000 (---------------)  + I aosta
-	0x0030f30c, // n0x0a7e c0x0000 (---------------)  + I aosta-valley
-	0x00216fcb, // n0x0a7f c0x0000 (---------------)  + I aostavalley
-	0x00251085, // n0x0a80 c0x0000 (---------------)  + I aoste
-	0x00200d02, // n0x0a81 c0x0000 (---------------)  + I ap
-	0x002003c2, // n0x0a82 c0x0000 (---------------)  + I aq
-	0x0036c346, // n0x0a83 c0x0000 (---------------)  + I aquila
-	0x00200a42, // n0x0a84 c0x0000 (---------------)  + I ar
-	0x0027a406, // n0x0a85 c0x0000 (---------------)  + I arezzo
-	0x00397ccd, // n0x0a86 c0x0000 (---------------)  + I ascoli-piceno
-	0x0034c1cc, // n0x0a87 c0x0000 (---------------)  + I ascolipiceno
-	0x0021e884, // n0x0a88 c0x0000 (---------------)  + I asti
-	0x00200102, // n0x0a89 c0x0000 (---------------)  + I at
-	0x00203402, // n0x0a8a c0x0000 (---------------)  + I av
-	0x00224c08, // n0x0a8b c0x0000 (---------------)  + I avellino
-	0x00202002, // n0x0a8c c0x0000 (---------------)  + I ba
-	0x00248586, // n0x0a8d c0x0000 (---------------)  + I balsan
-	0x00249204, // n0x0a8e c0x0000 (---------------)  + I bari
-	0x00284995, // n0x0a8f c0x0000 (---------------)  + I barletta-trani-andria
-	0x00290693, // n0x0a90 c0x0000 (---------------)  + I barlettatraniandria
-	0x00207fc3, // n0x0a91 c0x0000 (---------------)  + I bas
-	0x0032ee0a, // n0x0a92 c0x0000 (---------------)  + I basilicata
-	0x0028e2c7, // n0x0a93 c0x0000 (---------------)  + I belluno
-	0x002e4949, // n0x0a94 c0x0000 (---------------)  + I benevento
-	0x00228d47, // n0x0a95 c0x0000 (---------------)  + I bergamo
-	0x002ee482, // n0x0a96 c0x0000 (---------------)  + I bg
-	0x00200002, // n0x0a97 c0x0000 (---------------)  + I bi
-	0x003a4cc6, // n0x0a98 c0x0000 (---------------)  + I biella
-	0x0020c8c2, // n0x0a99 c0x0000 (---------------)  + I bl
-	0x000ffa08, // n0x0a9a c0x0000 (---------------)  +   blogspot
-	0x002104c2, // n0x0a9b c0x0000 (---------------)  + I bn
-	0x0020e402, // n0x0a9c c0x0000 (---------------)  + I bo
-	0x0038df47, // n0x0a9d c0x0000 (---------------)  + I bologna
-	0x0020fec7, // n0x0a9e c0x0000 (---------------)  + I bolzano
-	0x0021c105, // n0x0a9f c0x0000 (---------------)  + I bozen
-	0x0021c402, // n0x0aa0 c0x0000 (---------------)  + I br
-	0x0021d647, // n0x0aa1 c0x0000 (---------------)  + I brescia
-	0x0021d808, // n0x0aa2 c0x0000 (---------------)  + I brindisi
-	0x00237542, // n0x0aa3 c0x0000 (---------------)  + I bs
-	0x0021fd02, // n0x0aa4 c0x0000 (---------------)  + I bt
-	0x00230bc2, // n0x0aa5 c0x0000 (---------------)  + I bz
-	0x00200302, // n0x0aa6 c0x0000 (---------------)  + I ca
-	0x0023eb48, // n0x0aa7 c0x0000 (---------------)  + I cagliari
-	0x00213543, // n0x0aa8 c0x0000 (---------------)  + I cal
-	0x00285688, // n0x0aa9 c0x0000 (---------------)  + I calabria
-	0x0023ad8d, // n0x0aaa c0x0000 (---------------)  + I caltanissetta
-	0x00221ac3, // n0x0aab c0x0000 (---------------)  + I cam
-	0x00316e08, // n0x0aac c0x0000 (---------------)  + I campania
-	0x00241acf, // n0x0aad c0x0000 (---------------)  + I campidano-medio
-	0x00241e8e, // n0x0aae c0x0000 (---------------)  + I campidanomedio
-	0x0034364a, // n0x0aaf c0x0000 (---------------)  + I campobasso
-	0x002f6e11, // n0x0ab0 c0x0000 (---------------)  + I carbonia-iglesias
-	0x002f7290, // n0x0ab1 c0x0000 (---------------)  + I carboniaiglesias
-	0x002b3b4d, // n0x0ab2 c0x0000 (---------------)  + I carrara-massa
-	0x002b3e8c, // n0x0ab3 c0x0000 (---------------)  + I carraramassa
-	0x0022c607, // n0x0ab4 c0x0000 (---------------)  + I caserta
-	0x0032ef87, // n0x0ab5 c0x0000 (---------------)  + I catania
-	0x0032f1c9, // n0x0ab6 c0x0000 (---------------)  + I catanzaro
-	0x0021e982, // n0x0ab7 c0x0000 (---------------)  + I cb
-	0x00200b42, // n0x0ab8 c0x0000 (---------------)  + I ce
-	0x0025870c, // n0x0ab9 c0x0000 (---------------)  + I cesena-forli
-	0x00258a0b, // n0x0aba c0x0000 (---------------)  + I cesenaforli
-	0x00201582, // n0x0abb c0x0000 (---------------)  + I ch
-	0x002d5a46, // n0x0abc c0x0000 (---------------)  + I chieti
-	0x00200682, // n0x0abd c0x0000 (---------------)  + I ci
-	0x00209182, // n0x0abe c0x0000 (---------------)  + I cl
-	0x0021ba42, // n0x0abf c0x0000 (---------------)  + I cn
-	0x00200742, // n0x0ac0 c0x0000 (---------------)  + I co
-	0x00234804, // n0x0ac1 c0x0000 (---------------)  + I como
-	0x00240e07, // n0x0ac2 c0x0000 (---------------)  + I cosenza
-	0x002049c2, // n0x0ac3 c0x0000 (---------------)  + I cr
-	0x00244d07, // n0x0ac4 c0x0000 (---------------)  + I cremona
-	0x00245f87, // n0x0ac5 c0x0000 (---------------)  + I crotone
-	0x00211c82, // n0x0ac6 c0x0000 (---------------)  + I cs
-	0x00231382, // n0x0ac7 c0x0000 (---------------)  + I ct
-	0x00247fc5, // n0x0ac8 c0x0000 (---------------)  + I cuneo
-	0x00229ec2, // n0x0ac9 c0x0000 (---------------)  + I cz
-	0x0025a38e, // n0x0aca c0x0000 (---------------)  + I dell-ogliastra
-	0x0026714d, // n0x0acb c0x0000 (---------------)  + I dellogliastra
-	0x0023a783, // n0x0acc c0x0000 (---------------)  + I edu
-	0x002543ce, // n0x0acd c0x0000 (---------------)  + I emilia-romagna
-	0x0036dc0d, // n0x0ace c0x0000 (---------------)  + I emiliaromagna
-	0x00360a83, // n0x0acf c0x0000 (---------------)  + I emr
-	0x00202bc2, // n0x0ad0 c0x0000 (---------------)  + I en
-	0x00205a84, // n0x0ad1 c0x0000 (---------------)  + I enna
-	0x0024b242, // n0x0ad2 c0x0000 (---------------)  + I fc
-	0x0020b302, // n0x0ad3 c0x0000 (---------------)  + I fe
-	0x002e2545, // n0x0ad4 c0x0000 (---------------)  + I fermo
-	0x00300807, // n0x0ad5 c0x0000 (---------------)  + I ferrara
-	0x0035d282, // n0x0ad6 c0x0000 (---------------)  + I fg
-	0x00207502, // n0x0ad7 c0x0000 (---------------)  + I fi
-	0x0024d307, // n0x0ad8 c0x0000 (---------------)  + I firenze
-	0x00252748, // n0x0ad9 c0x0000 (---------------)  + I florence
-	0x00242902, // n0x0ada c0x0000 (---------------)  + I fm
-	0x003a12c6, // n0x0adb c0x0000 (---------------)  + I foggia
-	0x0025858c, // n0x0adc c0x0000 (---------------)  + I forli-cesena
-	0x002588cb, // n0x0add c0x0000 (---------------)  + I forlicesena
-	0x00200582, // n0x0ade c0x0000 (---------------)  + I fr
-	0x0026050f, // n0x0adf c0x0000 (---------------)  + I friuli-v-giulia
-	0x002608d0, // n0x0ae0 c0x0000 (---------------)  + I friuli-ve-giulia
-	0x00260ccf, // n0x0ae1 c0x0000 (---------------)  + I friuli-vegiulia
-	0x00261095, // n0x0ae2 c0x0000 (---------------)  + I friuli-venezia-giulia
-	0x002615d4, // n0x0ae3 c0x0000 (---------------)  + I friuli-veneziagiulia
-	0x00261ace, // n0x0ae4 c0x0000 (---------------)  + I friuli-vgiulia
-	0x00261e4e, // n0x0ae5 c0x0000 (---------------)  + I friuliv-giulia
-	0x002621cf, // n0x0ae6 c0x0000 (---------------)  + I friulive-giulia
-	0x0026258e, // n0x0ae7 c0x0000 (---------------)  + I friulivegiulia
-	0x00262914, // n0x0ae8 c0x0000 (---------------)  + I friulivenezia-giulia
-	0x00262e13, // n0x0ae9 c0x0000 (---------------)  + I friuliveneziagiulia
-	0x002632cd, // n0x0aea c0x0000 (---------------)  + I friulivgiulia
-	0x002767c9, // n0x0aeb c0x0000 (---------------)  + I frosinone
-	0x00288803, // n0x0aec c0x0000 (---------------)  + I fvg
-	0x002026c2, // n0x0aed c0x0000 (---------------)  + I ge
-	0x00307105, // n0x0aee c0x0000 (---------------)  + I genoa
-	0x00205846, // n0x0aef c0x0000 (---------------)  + I genova
-	0x00202d42, // n0x0af0 c0x0000 (---------------)  + I go
-	0x0026edc7, // n0x0af1 c0x0000 (---------------)  + I gorizia
-	0x0026cc83, // n0x0af2 c0x0000 (---------------)  + I gov
-	0x00200c82, // n0x0af3 c0x0000 (---------------)  + I gr
-	0x00311b48, // n0x0af4 c0x0000 (---------------)  + I grosseto
-	0x002f7051, // n0x0af5 c0x0000 (---------------)  + I iglesias-carbonia
-	0x002f7490, // n0x0af6 c0x0000 (---------------)  + I iglesiascarbonia
-	0x00205c42, // n0x0af7 c0x0000 (---------------)  + I im
-	0x00352747, // n0x0af8 c0x0000 (---------------)  + I imperia
-	0x002006c2, // n0x0af9 c0x0000 (---------------)  + I is
-	0x0025dc87, // n0x0afa c0x0000 (---------------)  + I isernia
-	0x00206fc2, // n0x0afb c0x0000 (---------------)  + I kr
-	0x0025e389, // n0x0afc c0x0000 (---------------)  + I la-spezia
-	0x0036c307, // n0x0afd c0x0000 (---------------)  + I laquila
-	0x0025fe48, // n0x0afe c0x0000 (---------------)  + I laspezia
-	0x00223606, // n0x0aff c0x0000 (---------------)  + I latina
-	0x002db043, // n0x0b00 c0x0000 (---------------)  + I laz
-	0x00309045, // n0x0b01 c0x0000 (---------------)  + I lazio
-	0x0023aa02, // n0x0b02 c0x0000 (---------------)  + I lc
-	0x0020acc2, // n0x0b03 c0x0000 (---------------)  + I le
-	0x003a50c5, // n0x0b04 c0x0000 (---------------)  + I lecce
-	0x0022e105, // n0x0b05 c0x0000 (---------------)  + I lecco
-	0x00207202, // n0x0b06 c0x0000 (---------------)  + I li
-	0x0023c083, // n0x0b07 c0x0000 (---------------)  + I lig
-	0x0023c087, // n0x0b08 c0x0000 (---------------)  + I liguria
-	0x00210307, // n0x0b09 c0x0000 (---------------)  + I livorno
-	0x00200242, // n0x0b0a c0x0000 (---------------)  + I lo
-	0x00259dc4, // n0x0b0b c0x0000 (---------------)  + I lodi
-	0x00214303, // n0x0b0c c0x0000 (---------------)  + I lom
-	0x002c4149, // n0x0b0d c0x0000 (---------------)  + I lombardia
-	0x002db908, // n0x0b0e c0x0000 (---------------)  + I lombardy
-	0x00209e02, // n0x0b0f c0x0000 (---------------)  + I lt
-	0x00202f42, // n0x0b10 c0x0000 (---------------)  + I lu
-	0x0026d147, // n0x0b11 c0x0000 (---------------)  + I lucania
-	0x002b6305, // n0x0b12 c0x0000 (---------------)  + I lucca
-	0x00316908, // n0x0b13 c0x0000 (---------------)  + I macerata
-	0x003a0a07, // n0x0b14 c0x0000 (---------------)  + I mantova
-	0x00201183, // n0x0b15 c0x0000 (---------------)  + I mar
-	0x00284246, // n0x0b16 c0x0000 (---------------)  + I marche
-	0x002b39cd, // n0x0b17 c0x0000 (---------------)  + I massa-carrara
-	0x002b3d4c, // n0x0b18 c0x0000 (---------------)  + I massacarrara
-	0x00256e86, // n0x0b19 c0x0000 (---------------)  + I matera
-	0x00208602, // n0x0b1a c0x0000 (---------------)  + I mb
-	0x0022ac02, // n0x0b1b c0x0000 (---------------)  + I mc
-	0x00203e82, // n0x0b1c c0x0000 (---------------)  + I me
-	0x0024194f, // n0x0b1d c0x0000 (---------------)  + I medio-campidano
-	0x00241d4e, // n0x0b1e c0x0000 (---------------)  + I mediocampidano
-	0x00370147, // n0x0b1f c0x0000 (---------------)  + I messina
-	0x00209002, // n0x0b20 c0x0000 (---------------)  + I mi
-	0x00342685, // n0x0b21 c0x0000 (---------------)  + I milan
-	0x00342686, // n0x0b22 c0x0000 (---------------)  + I milano
-	0x0021fdc2, // n0x0b23 c0x0000 (---------------)  + I mn
-	0x00207102, // n0x0b24 c0x0000 (---------------)  + I mo
-	0x00218306, // n0x0b25 c0x0000 (---------------)  + I modena
-	0x002133c3, // n0x0b26 c0x0000 (---------------)  + I mol
-	0x0025dbc6, // n0x0b27 c0x0000 (---------------)  + I molise
-	0x002c2d45, // n0x0b28 c0x0000 (---------------)  + I monza
-	0x002c2d4d, // n0x0b29 c0x0000 (---------------)  + I monza-brianza
-	0x002c3595, // n0x0b2a c0x0000 (---------------)  + I monza-e-della-brianza
-	0x002c3d4c, // n0x0b2b c0x0000 (---------------)  + I monzabrianza
-	0x002c4a4d, // n0x0b2c c0x0000 (---------------)  + I monzaebrianza
-	0x002c4e12, // n0x0b2d c0x0000 (---------------)  + I monzaedellabrianza
-	0x0020f702, // n0x0b2e c0x0000 (---------------)  + I ms
-	0x00204c02, // n0x0b2f c0x0000 (---------------)  + I mt
-	0x00201402, // n0x0b30 c0x0000 (---------------)  + I na
-	0x00235006, // n0x0b31 c0x0000 (---------------)  + I naples
-	0x002a3d86, // n0x0b32 c0x0000 (---------------)  + I napoli
-	0x00200c02, // n0x0b33 c0x0000 (---------------)  + I no
-	0x002058c6, // n0x0b34 c0x0000 (---------------)  + I novara
-	0x002017c2, // n0x0b35 c0x0000 (---------------)  + I nu
-	0x0039c105, // n0x0b36 c0x0000 (---------------)  + I nuoro
-	0x00200c42, // n0x0b37 c0x0000 (---------------)  + I og
-	0x0025a4c9, // n0x0b38 c0x0000 (---------------)  + I ogliastra
-	0x0027568c, // n0x0b39 c0x0000 (---------------)  + I olbia-tempio
-	0x002759cb, // n0x0b3a c0x0000 (---------------)  + I olbiatempio
-	0x00200282, // n0x0b3b c0x0000 (---------------)  + I or
-	0x00252b88, // n0x0b3c c0x0000 (---------------)  + I oristano
-	0x00200782, // n0x0b3d c0x0000 (---------------)  + I ot
-	0x0020ac42, // n0x0b3e c0x0000 (---------------)  + I pa
-	0x00216d86, // n0x0b3f c0x0000 (---------------)  + I padova
-	0x00361405, // n0x0b40 c0x0000 (---------------)  + I padua
-	0x00379f47, // n0x0b41 c0x0000 (---------------)  + I palermo
-	0x00395345, // n0x0b42 c0x0000 (---------------)  + I parma
-	0x002dbfc5, // n0x0b43 c0x0000 (---------------)  + I pavia
-	0x00248182, // n0x0b44 c0x0000 (---------------)  + I pc
-	0x00352102, // n0x0b45 c0x0000 (---------------)  + I pd
-	0x00207782, // n0x0b46 c0x0000 (---------------)  + I pe
-	0x00270d47, // n0x0b47 c0x0000 (---------------)  + I perugia
-	0x0031c84d, // n0x0b48 c0x0000 (---------------)  + I pesaro-urbino
-	0x0031cbcc, // n0x0b49 c0x0000 (---------------)  + I pesarourbino
-	0x00236987, // n0x0b4a c0x0000 (---------------)  + I pescara
-	0x002495c2, // n0x0b4b c0x0000 (---------------)  + I pg
-	0x00225702, // n0x0b4c c0x0000 (---------------)  + I pi
-	0x00338288, // n0x0b4d c0x0000 (---------------)  + I piacenza
-	0x00258dc8, // n0x0b4e c0x0000 (---------------)  + I piedmont
-	0x002d6308, // n0x0b4f c0x0000 (---------------)  + I piemonte
-	0x002df704, // n0x0b50 c0x0000 (---------------)  + I pisa
-	0x002bee07, // n0x0b51 c0x0000 (---------------)  + I pistoia
-	0x002dcc83, // n0x0b52 c0x0000 (---------------)  + I pmn
-	0x002493c2, // n0x0b53 c0x0000 (---------------)  + I pn
-	0x00200942, // n0x0b54 c0x0000 (---------------)  + I po
-	0x002dfec9, // n0x0b55 c0x0000 (---------------)  + I pordenone
-	0x002093c7, // n0x0b56 c0x0000 (---------------)  + I potenza
-	0x00204602, // n0x0b57 c0x0000 (---------------)  + I pr
-	0x00270245, // n0x0b58 c0x0000 (---------------)  + I prato
-	0x0028c9c2, // n0x0b59 c0x0000 (---------------)  + I pt
-	0x00235302, // n0x0b5a c0x0000 (---------------)  + I pu
-	0x00278843, // n0x0b5b c0x0000 (---------------)  + I pug
-	0x00278846, // n0x0b5c c0x0000 (---------------)  + I puglia
-	0x002e5542, // n0x0b5d c0x0000 (---------------)  + I pv
-	0x002e6302, // n0x0b5e c0x0000 (---------------)  + I pz
-	0x002005c2, // n0x0b5f c0x0000 (---------------)  + I ra
-	0x0030c246, // n0x0b60 c0x0000 (---------------)  + I ragusa
-	0x002059c7, // n0x0b61 c0x0000 (---------------)  + I ravenna
-	0x002002c2, // n0x0b62 c0x0000 (---------------)  + I rc
-	0x00207002, // n0x0b63 c0x0000 (---------------)  + I re
-	0x002ed34f, // n0x0b64 c0x0000 (---------------)  + I reggio-calabria
-	0x0025420d, // n0x0b65 c0x0000 (---------------)  + I reggio-emilia
-	0x0028550e, // n0x0b66 c0x0000 (---------------)  + I reggiocalabria
-	0x0036da8c, // n0x0b67 c0x0000 (---------------)  + I reggioemilia
-	0x0020ce02, // n0x0b68 c0x0000 (---------------)  + I rg
-	0x00200a82, // n0x0b69 c0x0000 (---------------)  + I ri
-	0x00223445, // n0x0b6a c0x0000 (---------------)  + I rieti
-	0x003a5bc6, // n0x0b6b c0x0000 (---------------)  + I rimini
-	0x00222182, // n0x0b6c c0x0000 (---------------)  + I rm
-	0x0020cb42, // n0x0b6d c0x0000 (---------------)  + I rn
-	0x00202202, // n0x0b6e c0x0000 (---------------)  + I ro
-	0x00254584, // n0x0b6f c0x0000 (---------------)  + I roma
-	0x002dd584, // n0x0b70 c0x0000 (---------------)  + I rome
-	0x00334fc6, // n0x0b71 c0x0000 (---------------)  + I rovigo
-	0x002004c2, // n0x0b72 c0x0000 (---------------)  + I sa
-	0x00279747, // n0x0b73 c0x0000 (---------------)  + I salerno
-	0x002257c3, // n0x0b74 c0x0000 (---------------)  + I sar
-	0x00226048, // n0x0b75 c0x0000 (---------------)  + I sardegna
-	0x00227248, // n0x0b76 c0x0000 (---------------)  + I sardinia
-	0x00378687, // n0x0b77 c0x0000 (---------------)  + I sassari
-	0x00234f06, // n0x0b78 c0x0000 (---------------)  + I savona
-	0x0020a402, // n0x0b79 c0x0000 (---------------)  + I si
-	0x0023eac3, // n0x0b7a c0x0000 (---------------)  + I sic
-	0x0036e647, // n0x0b7b c0x0000 (---------------)  + I sicilia
-	0x00252146, // n0x0b7c c0x0000 (---------------)  + I sicily
-	0x002c8945, // n0x0b7d c0x0000 (---------------)  + I siena
-	0x003419c8, // n0x0b7e c0x0000 (---------------)  + I siracusa
-	0x00205682, // n0x0b7f c0x0000 (---------------)  + I so
-	0x00308547, // n0x0b80 c0x0000 (---------------)  + I sondrio
-	0x00209382, // n0x0b81 c0x0000 (---------------)  + I sp
-	0x0033b802, // n0x0b82 c0x0000 (---------------)  + I sr
-	0x002067c2, // n0x0b83 c0x0000 (---------------)  + I ss
-	0x002cebc9, // n0x0b84 c0x0000 (---------------)  + I suedtirol
-	0x00235f42, // n0x0b85 c0x0000 (---------------)  + I sv
-	0x00200a02, // n0x0b86 c0x0000 (---------------)  + I ta
-	0x00234603, // n0x0b87 c0x0000 (---------------)  + I taa
-	0x003096c7, // n0x0b88 c0x0000 (---------------)  + I taranto
-	0x002012c2, // n0x0b89 c0x0000 (---------------)  + I te
-	0x0027580c, // n0x0b8a c0x0000 (---------------)  + I tempio-olbia
-	0x00275b0b, // n0x0b8b c0x0000 (---------------)  + I tempioolbia
-	0x00256f06, // n0x0b8c c0x0000 (---------------)  + I teramo
-	0x0020cac5, // n0x0b8d c0x0000 (---------------)  + I terni
-	0x0024f882, // n0x0b8e c0x0000 (---------------)  + I tn
-	0x00208082, // n0x0b8f c0x0000 (---------------)  + I to
-	0x002b1946, // n0x0b90 c0x0000 (---------------)  + I torino
-	0x002280c3, // n0x0b91 c0x0000 (---------------)  + I tos
-	0x00324e47, // n0x0b92 c0x0000 (---------------)  + I toscana
-	0x00211f42, // n0x0b93 c0x0000 (---------------)  + I tp
-	0x00203002, // n0x0b94 c0x0000 (---------------)  + I tr
-	0x00284655, // n0x0b95 c0x0000 (---------------)  + I trani-andria-barletta
-	0x00233e15, // n0x0b96 c0x0000 (---------------)  + I trani-barletta-andria
-	0x002903d3, // n0x0b97 c0x0000 (---------------)  + I traniandriabarletta
-	0x00234353, // n0x0b98 c0x0000 (---------------)  + I tranibarlettaandria
-	0x00294a07, // n0x0b99 c0x0000 (---------------)  + I trapani
-	0x002b7688, // n0x0b9a c0x0000 (---------------)  + I trentino
-	0x002cf4d0, // n0x0b9b c0x0000 (---------------)  + I trentino-a-adige
-	0x002ef2cf, // n0x0b9c c0x0000 (---------------)  + I trentino-aadige
-	0x00342d53, // n0x0b9d c0x0000 (---------------)  + I trentino-alto-adige
-	0x0034eb92, // n0x0b9e c0x0000 (---------------)  + I trentino-altoadige
-	0x002cd090, // n0x0b9f c0x0000 (---------------)  + I trentino-s-tirol
-	0x002b768f, // n0x0ba0 c0x0000 (---------------)  + I trentino-stirol
-	0x002ba492, // n0x0ba1 c0x0000 (---------------)  + I trentino-sud-tirol
-	0x002c2911, // n0x0ba2 c0x0000 (---------------)  + I trentino-sudtirol
-	0x002ca953, // n0x0ba3 c0x0000 (---------------)  + I trentino-sued-tirol
-	0x002ce992, // n0x0ba4 c0x0000 (---------------)  + I trentino-suedtirol
-	0x002cfd4f, // n0x0ba5 c0x0000 (---------------)  + I trentinoa-adige
-	0x002d4c8e, // n0x0ba6 c0x0000 (---------------)  + I trentinoaadige
-	0x002dfa52, // n0x0ba7 c0x0000 (---------------)  + I trentinoalto-adige
-	0x002e3291, // n0x0ba8 c0x0000 (---------------)  + I trentinoaltoadige
-	0x002e3a8f, // n0x0ba9 c0x0000 (---------------)  + I trentinos-tirol
-	0x002e55ce, // n0x0baa c0x0000 (---------------)  + I trentinostirol
-	0x002e6691, // n0x0bab c0x0000 (---------------)  + I trentinosud-tirol
-	0x002f3a90, // n0x0bac c0x0000 (---------------)  + I trentinosudtirol
-	0x0035a592, // n0x0bad c0x0000 (---------------)  + I trentinosued-tirol
-	0x002e8b91, // n0x0bae c0x0000 (---------------)  + I trentinosuedtirol
-	0x002f8a86, // n0x0baf c0x0000 (---------------)  + I trento
-	0x002f9307, // n0x0bb0 c0x0000 (---------------)  + I treviso
-	0x003673c7, // n0x0bb1 c0x0000 (---------------)  + I trieste
-	0x00203f42, // n0x0bb2 c0x0000 (---------------)  + I ts
-	0x0027f145, // n0x0bb3 c0x0000 (---------------)  + I turin
-	0x002f2c87, // n0x0bb4 c0x0000 (---------------)  + I tuscany
-	0x00224e42, // n0x0bb5 c0x0000 (---------------)  + I tv
-	0x00209242, // n0x0bb6 c0x0000 (---------------)  + I ud
-	0x0022a285, // n0x0bb7 c0x0000 (---------------)  + I udine
-	0x0021e183, // n0x0bb8 c0x0000 (---------------)  + I umb
-	0x00258406, // n0x0bb9 c0x0000 (---------------)  + I umbria
-	0x0031ca0d, // n0x0bba c0x0000 (---------------)  + I urbino-pesaro
-	0x0031cd4c, // n0x0bbb c0x0000 (---------------)  + I urbinopesaro
-	0x002000c2, // n0x0bbc c0x0000 (---------------)  + I va
-	0x0030f18b, // n0x0bbd c0x0000 (---------------)  + I val-d-aosta
-	0x00216e8a, // n0x0bbe c0x0000 (---------------)  + I val-daosta
-	0x00323dca, // n0x0bbf c0x0000 (---------------)  + I vald-aosta
-	0x002b09c9, // n0x0bc0 c0x0000 (---------------)  + I valdaosta
-	0x002deb4b, // n0x0bc1 c0x0000 (---------------)  + I valle-aosta
-	0x003a0b4d, // n0x0bc2 c0x0000 (---------------)  + I valle-d-aosta
-	0x002f338c, // n0x0bc3 c0x0000 (---------------)  + I valle-daosta
-	0x00224e8a, // n0x0bc4 c0x0000 (---------------)  + I valleaosta
-	0x0022594c, // n0x0bc5 c0x0000 (---------------)  + I valled-aosta
-	0x0024098b, // n0x0bc6 c0x0000 (---------------)  + I valledaosta
-	0x00250ecc, // n0x0bc7 c0x0000 (---------------)  + I vallee-aoste
-	0x0025184b, // n0x0bc8 c0x0000 (---------------)  + I valleeaoste
-	0x00275603, // n0x0bc9 c0x0000 (---------------)  + I vao
-	0x002894c6, // n0x0bca c0x0000 (---------------)  + I varese
-	0x002dc5c2, // n0x0bcb c0x0000 (---------------)  + I vb
-	0x002e6b02, // n0x0bcc c0x0000 (---------------)  + I vc
-	0x00210243, // n0x0bcd c0x0000 (---------------)  + I vda
-	0x00202b82, // n0x0bce c0x0000 (---------------)  + I ve
-	0x00202b83, // n0x0bcf c0x0000 (---------------)  + I ven
-	0x00375e46, // n0x0bd0 c0x0000 (---------------)  + I veneto
-	0x00261247, // n0x0bd1 c0x0000 (---------------)  + I venezia
-	0x0026f246, // n0x0bd2 c0x0000 (---------------)  + I venice
-	0x0022d688, // n0x0bd3 c0x0000 (---------------)  + I verbania
-	0x002dddc8, // n0x0bd4 c0x0000 (---------------)  + I vercelli
-	0x003607c6, // n0x0bd5 c0x0000 (---------------)  + I verona
-	0x00205d42, // n0x0bd6 c0x0000 (---------------)  + I vi
-	0x002f504d, // n0x0bd7 c0x0000 (---------------)  + I vibo-valentia
-	0x002f538c, // n0x0bd8 c0x0000 (---------------)  + I vibovalentia
-	0x0033d887, // n0x0bd9 c0x0000 (---------------)  + I vicenza
-	0x002f9107, // n0x0bda c0x0000 (---------------)  + I viterbo
-	0x00211082, // n0x0bdb c0x0000 (---------------)  + I vr
-	0x00227982, // n0x0bdc c0x0000 (---------------)  + I vs
-	0x00271f82, // n0x0bdd c0x0000 (---------------)  + I vt
-	0x00214982, // n0x0bde c0x0000 (---------------)  + I vv
-	0x00200742, // n0x0bdf c0x0000 (---------------)  + I co
-	0x0021fe03, // n0x0be0 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0be1 c0x0000 (---------------)  + I org
-	0x00233503, // n0x0be2 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x0be3 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x0be4 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x0be5 c0x0000 (---------------)  + I mil
-	0x00205284, // n0x0be6 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x0be7 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x0be8 c0x0000 (---------------)  + I org
-	0x00217443, // n0x0be9 c0x0000 (---------------)  + I sch
-	0x00201542, // n0x0bea c0x0000 (---------------)  + I ac
-	0x00200342, // n0x0beb c0x0000 (---------------)  + I ad
-	0x2068f505, // n0x0bec c0x0081 (n0x0c59-n0x0c8d)  + I aichi
-	0x20a01dc5, // n0x0bed c0x0082 (n0x0c8d-n0x0ca9)  + I akita
-	0x20f0bf06, // n0x0bee c0x0083 (n0x0ca9-n0x0cbf)  + I aomori
-	0x000ffa08, // n0x0bef c0x0000 (---------------)  +   blogspot
-	0x212add45, // n0x0bf0 c0x0084 (n0x0cbf-n0x0cf9)  + I chiba
-	0x00200742, // n0x0bf1 c0x0000 (---------------)  + I co
-	0x00202602, // n0x0bf2 c0x0000 (---------------)  + I ed
-	0x21629005, // n0x0bf3 c0x0085 (n0x0cf9-n0x0d0f)  + I ehime
-	0x21a7dac5, // n0x0bf4 c0x0086 (n0x0d0f-n0x0d1e)  + I fukui
-	0x21e7e807, // n0x0bf5 c0x0087 (n0x0d1e-n0x0d5d)  + I fukuoka
-	0x2232fcc9, // n0x0bf6 c0x0088 (n0x0d5d-n0x0d90)  + I fukushima
-	0x2276aec4, // n0x0bf7 c0x0089 (n0x0d90-n0x0db6)  + I gifu
-	0x00202d42, // n0x0bf8 c0x0000 (---------------)  + I go
-	0x00200c82, // n0x0bf9 c0x0000 (---------------)  + I gr
-	0x22b66385, // n0x0bfa c0x008a (n0x0db6-n0x0dda)  + I gunma
-	0x22e0ee49, // n0x0bfb c0x008b (n0x0dda-n0x0df3)  + I hiroshima
-	0x23369e88, // n0x0bfc c0x008c (n0x0df3-n0x0e81)  + I hokkaido
-	0x236aba85, // n0x0bfd c0x008d (n0x0e81-n0x0eaf)  + I hyogo
-	0x23ac1ac7, // n0x0bfe c0x008e (n0x0eaf-n0x0ee2)  + I ibaraki
-	0x23e1a4c8, // n0x0bff c0x008f (n0x0ee2-n0x0ef5)  + I ishikawa
-	0x242d8485, // n0x0c00 c0x0090 (n0x0ef5-n0x0f17)  + I iwate
-	0x24600fc6, // n0x0c01 c0x0091 (n0x0f17-n0x0f26)  + I kagawa
-	0x24a76189, // n0x0c02 c0x0092 (n0x0f26-n0x0f3a)  + I kagoshima
-	0x24f1a4c8, // n0x0c03 c0x0093 (n0x0f3a-n0x0f58)  + I kanagawa
-	0x252b9088, // n0x0c04 c0x0094 (n0x0f58-n0x0f59)* o I kawasaki
-	0x2569c90a, // n0x0c05 c0x0095 (n0x0f59-n0x0f5a)* o I kitakyushu
-	0x25a4f544, // n0x0c06 c0x0096 (n0x0f5a-n0x0f5b)* o I kobe
-	0x25ecb145, // n0x0c07 c0x0097 (n0x0f5b-n0x0f7a)  + I kochi
-	0x262b3748, // n0x0c08 c0x0098 (n0x0f7a-n0x0f94)  + I kumamoto
-	0x266be0c5, // n0x0c09 c0x0099 (n0x0f94-n0x0fb3)  + I kyoto
-	0x00219082, // n0x0c0a c0x0000 (---------------)  + I lg
-	0x26a4b943, // n0x0c0b c0x009a (n0x0fb3-n0x0fd1)  + I mie
-	0x26ea29c6, // n0x0c0c c0x009b (n0x0fd1-n0x0ff2)  + I miyagi
-	0x27266108, // n0x0c0d c0x009c (n0x0ff2-n0x100d)  + I miyazaki
-	0x27754f86, // n0x0c0e c0x009d (n0x100d-n0x1058)  + I nagano
-	0x27adda48, // n0x0c0f c0x009e (n0x1058-n0x106e)  + I nagasaki
-	0x27f0f646, // n0x0c10 c0x009f (n0x106e-n0x106f)* o I nagoya
-	0x282c8a04, // n0x0c11 c0x00a0 (n0x106f-n0x1095)  + I nara
-	0x00202c02, // n0x0c12 c0x0000 (---------------)  + I ne
-	0x2863ff87, // n0x0c13 c0x00a1 (n0x1095-n0x10b7)  + I niigata
-	0x28aa8984, // n0x0c14 c0x00a2 (n0x10b7-n0x10ca)  + I oita
-	0x28e78dc7, // n0x0c15 c0x00a3 (n0x10ca-n0x10e4)  + I okayama
-	0x29395b47, // n0x0c16 c0x00a4 (n0x10e4-n0x110e)  + I okinawa
-	0x00200282, // n0x0c17 c0x0000 (---------------)  + I or
-	0x2969ac45, // n0x0c18 c0x00a5 (n0x110e-n0x1140)  + I osaka
-	0x29a38904, // n0x0c19 c0x00a6 (n0x1140-n0x115a)  + I saga
-	0x29ed9247, // n0x0c1a c0x00a7 (n0x115a-n0x119f)  + I saitama
-	0x2a221087, // n0x0c1b c0x00a8 (n0x119f-n0x11a0)* o I sapporo
-	0x2a682b06, // n0x0c1c c0x00a9 (n0x11a0-n0x11a1)* o I sendai
-	0x2aa285c5, // n0x0c1d c0x00aa (n0x11a1-n0x11b8)  + I shiga
-	0x2ae93dc7, // n0x0c1e c0x00ab (n0x11b8-n0x11cf)  + I shimane
-	0x2b2b2608, // n0x0c1f c0x00ac (n0x11cf-n0x11f3)  + I shizuoka
-	0x2b744e07, // n0x0c20 c0x00ad (n0x11f3-n0x1212)  + I tochigi
-	0x2ba99fc9, // n0x0c21 c0x00ae (n0x1212-n0x1223)  + I tokushima
-	0x2bf41c05, // n0x0c22 c0x00af (n0x1223-n0x125c)  + I tokyo
-	0x2c2f8b87, // n0x0c23 c0x00b0 (n0x125c-n0x1269)  + I tottori
-	0x2c68e9c6, // n0x0c24 c0x00b1 (n0x1269-n0x1281)  + I toyama
-	0x2ca23ac8, // n0x0c25 c0x00b2 (n0x1281-n0x129e)  + I wakayama
-	0x0038988d, // n0x0c26 c0x0000 (---------------)  + I xn--0trq7p7nn
-	0x0024e389, // n0x0c27 c0x0000 (---------------)  + I xn--1ctwo
-	0x0025c1cb, // n0x0c28 c0x0000 (---------------)  + I xn--1lqs03n
-	0x0026024b, // n0x0c29 c0x0000 (---------------)  + I xn--1lqs71d
-	0x0027348b, // n0x0c2a c0x0000 (---------------)  + I xn--2m4a15e
-	0x002a5bcb, // n0x0c2b c0x0000 (---------------)  + I xn--32vp30h
-	0x0030168b, // n0x0c2c c0x0000 (---------------)  + I xn--4it168d
-	0x0030194b, // n0x0c2d c0x0000 (---------------)  + I xn--4it797k
-	0x00301d89, // n0x0c2e c0x0000 (---------------)  + I xn--4pvxs
-	0x00302c4b, // n0x0c2f c0x0000 (---------------)  + I xn--5js045d
-	0x00302f0b, // n0x0c30 c0x0000 (---------------)  + I xn--5rtp49c
-	0x0030338b, // n0x0c31 c0x0000 (---------------)  + I xn--5rtq34k
-	0x003043ca, // n0x0c32 c0x0000 (---------------)  + I xn--6btw5a
-	0x0030490a, // n0x0c33 c0x0000 (---------------)  + I xn--6orx2r
-	0x00304f0c, // n0x0c34 c0x0000 (---------------)  + I xn--7t0a264c
-	0x0030a1cb, // n0x0c35 c0x0000 (---------------)  + I xn--8ltr62k
-	0x0030a74a, // n0x0c36 c0x0000 (---------------)  + I xn--8pvr4u
-	0x0031918a, // n0x0c37 c0x0000 (---------------)  + I xn--c3s14m
-	0x0032940e, // n0x0c38 c0x0000 (---------------)  + I xn--d5qv7z876c
-	0x0032a1ce, // n0x0c39 c0x0000 (---------------)  + I xn--djrs72d6uy
-	0x0032a54a, // n0x0c3a c0x0000 (---------------)  + I xn--djty4k
-	0x0032bb0a, // n0x0c3b c0x0000 (---------------)  + I xn--efvn9s
-	0x0032c78b, // n0x0c3c c0x0000 (---------------)  + I xn--ehqz56n
-	0x0032ca4b, // n0x0c3d c0x0000 (---------------)  + I xn--elqq16h
-	0x0032d78b, // n0x0c3e c0x0000 (---------------)  + I xn--f6qx53a
-	0x0034834b, // n0x0c3f c0x0000 (---------------)  + I xn--k7yn95e
-	0x0034894a, // n0x0c40 c0x0000 (---------------)  + I xn--kbrq7o
-	0x0034960b, // n0x0c41 c0x0000 (---------------)  + I xn--klt787d
-	0x003498ca, // n0x0c42 c0x0000 (---------------)  + I xn--kltp7d
-	0x00349b4a, // n0x0c43 c0x0000 (---------------)  + I xn--kltx9a
-	0x00349dca, // n0x0c44 c0x0000 (---------------)  + I xn--klty5x
-	0x00367e8b, // n0x0c45 c0x0000 (---------------)  + I xn--mkru45i
-	0x0037178b, // n0x0c46 c0x0000 (---------------)  + I xn--nit225k
-	0x003733ce, // n0x0c47 c0x0000 (---------------)  + I xn--ntso0iqx3a
-	0x0037374b, // n0x0c48 c0x0000 (---------------)  + I xn--ntsq17g
-	0x0037b18b, // n0x0c49 c0x0000 (---------------)  + I xn--pssu33l
-	0x0037d28b, // n0x0c4a c0x0000 (---------------)  + I xn--qqqt11m
-	0x0038144a, // n0x0c4b c0x0000 (---------------)  + I xn--rht27z
-	0x003816c9, // n0x0c4c c0x0000 (---------------)  + I xn--rht3d
-	0x0038190a, // n0x0c4d c0x0000 (---------------)  + I xn--rht61e
-	0x00382f8a, // n0x0c4e c0x0000 (---------------)  + I xn--rny31h
-	0x00392e8b, // n0x0c4f c0x0000 (---------------)  + I xn--tor131o
-	0x003949cb, // n0x0c50 c0x0000 (---------------)  + I xn--uist22h
-	0x0039548a, // n0x0c51 c0x0000 (---------------)  + I xn--uisz3g
-	0x003967cb, // n0x0c52 c0x0000 (---------------)  + I xn--uuwu58a
-	0x0039a30b, // n0x0c53 c0x0000 (---------------)  + I xn--vgu402c
-	0x003a520b, // n0x0c54 c0x0000 (---------------)  + I xn--zbx025d
-	0x2ce808c8, // n0x0c55 c0x00b3 (n0x129e-n0x12c0)  + I yamagata
-	0x2d2873c9, // n0x0c56 c0x00b4 (n0x12c0-n0x12d0)  + I yamaguchi
-	0x2d6a15c9, // n0x0c57 c0x00b5 (n0x12d0-n0x12ec)  + I yamanashi
-	0x2dad09c8, // n0x0c58 c0x00b6 (n0x12ec-n0x12ed)* o I yokohama
-	0x00334d45, // n0x0c59 c0x0000 (---------------)  + I aisai
-	0x00201883, // n0x0c5a c0x0000 (---------------)  + I ama
-	0x00203fc4, // n0x0c5b c0x0000 (---------------)  + I anjo
-	0x00360985, // n0x0c5c c0x0000 (---------------)  + I asuke
-	0x0036ac06, // n0x0c5d c0x0000 (---------------)  + I chiryu
-	0x002ac6c5, // n0x0c5e c0x0000 (---------------)  + I chita
-	0x00286bc4, // n0x0c5f c0x0000 (---------------)  + I fuso
-	0x0026ecc8, // n0x0c60 c0x0000 (---------------)  + I gamagori
-	0x00256185, // n0x0c61 c0x0000 (---------------)  + I handa
-	0x0028ff84, // n0x0c62 c0x0000 (---------------)  + I hazu
-	0x002c3247, // n0x0c63 c0x0000 (---------------)  + I hekinan
-	0x0029d24a, // n0x0c64 c0x0000 (---------------)  + I higashiura
-	0x002d218a, // n0x0c65 c0x0000 (---------------)  + I ichinomiya
-	0x0032bfc7, // n0x0c66 c0x0000 (---------------)  + I inazawa
-	0x00201787, // n0x0c67 c0x0000 (---------------)  + I inuyama
-	0x002f2007, // n0x0c68 c0x0000 (---------------)  + I isshiki
-	0x0031d107, // n0x0c69 c0x0000 (---------------)  + I iwakura
-	0x002a25c5, // n0x0c6a c0x0000 (---------------)  + I kanie
-	0x00325246, // n0x0c6b c0x0000 (---------------)  + I kariya
-	0x00321d87, // n0x0c6c c0x0000 (---------------)  + I kasugai
-	0x002571c4, // n0x0c6d c0x0000 (---------------)  + I kira
-	0x002f0206, // n0x0c6e c0x0000 (---------------)  + I kiyosu
-	0x00296f06, // n0x0c6f c0x0000 (---------------)  + I komaki
-	0x00206b85, // n0x0c70 c0x0000 (---------------)  + I konan
-	0x00229444, // n0x0c71 c0x0000 (---------------)  + I kota
-	0x002da306, // n0x0c72 c0x0000 (---------------)  + I mihama
-	0x0029c447, // n0x0c73 c0x0000 (---------------)  + I miyoshi
-	0x002251c6, // n0x0c74 c0x0000 (---------------)  + I nishio
-	0x00266c47, // n0x0c75 c0x0000 (---------------)  + I nisshin
-	0x0027cb43, // n0x0c76 c0x0000 (---------------)  + I obu
-	0x00252346, // n0x0c77 c0x0000 (---------------)  + I oguchi
-	0x00236085, // n0x0c78 c0x0000 (---------------)  + I oharu
-	0x0027e907, // n0x0c79 c0x0000 (---------------)  + I okazaki
-	0x002bf04a, // n0x0c7a c0x0000 (---------------)  + I owariasahi
-	0x002ae744, // n0x0c7b c0x0000 (---------------)  + I seto
-	0x00219288, // n0x0c7c c0x0000 (---------------)  + I shikatsu
-	0x00299589, // n0x0c7d c0x0000 (---------------)  + I shinshiro
-	0x002aff87, // n0x0c7e c0x0000 (---------------)  + I shitara
-	0x002e8506, // n0x0c7f c0x0000 (---------------)  + I tahara
-	0x00365ec8, // n0x0c80 c0x0000 (---------------)  + I takahama
-	0x00307489, // n0x0c81 c0x0000 (---------------)  + I tobishima
-	0x00375f44, // n0x0c82 c0x0000 (---------------)  + I toei
-	0x00337204, // n0x0c83 c0x0000 (---------------)  + I togo
-	0x002fa0c5, // n0x0c84 c0x0000 (---------------)  + I tokai
-	0x002bfec8, // n0x0c85 c0x0000 (---------------)  + I tokoname
-	0x002c0907, // n0x0c86 c0x0000 (---------------)  + I toyoake
-	0x0028df09, // n0x0c87 c0x0000 (---------------)  + I toyohashi
-	0x00247dc8, // n0x0c88 c0x0000 (---------------)  + I toyokawa
-	0x00366606, // n0x0c89 c0x0000 (---------------)  + I toyone
-	0x0025bb86, // n0x0c8a c0x0000 (---------------)  + I toyota
-	0x00297a48, // n0x0c8b c0x0000 (---------------)  + I tsushima
-	0x0036a786, // n0x0c8c c0x0000 (---------------)  + I yatomi
-	0x00201dc5, // n0x0c8d c0x0000 (---------------)  + I akita
-	0x00282bc6, // n0x0c8e c0x0000 (---------------)  + I daisen
-	0x002790c8, // n0x0c8f c0x0000 (---------------)  + I fujisato
-	0x0023ab86, // n0x0c90 c0x0000 (---------------)  + I gojome
-	0x0025778b, // n0x0c91 c0x0000 (---------------)  + I hachirogata
-	0x0028ab86, // n0x0c92 c0x0000 (---------------)  + I happou
-	0x002997cd, // n0x0c93 c0x0000 (---------------)  + I higashinaruse
-	0x0038e545, // n0x0c94 c0x0000 (---------------)  + I honjo
-	0x002a8846, // n0x0c95 c0x0000 (---------------)  + I honjyo
-	0x0021a585, // n0x0c96 c0x0000 (---------------)  + I ikawa
-	0x00296349, // n0x0c97 c0x0000 (---------------)  + I kamikoani
-	0x00320ec7, // n0x0c98 c0x0000 (---------------)  + I kamioka
-	0x00378048, // n0x0c99 c0x0000 (---------------)  + I katagami
-	0x00305386, // n0x0c9a c0x0000 (---------------)  + I kazuno
-	0x002983c9, // n0x0c9b c0x0000 (---------------)  + I kitaakita
-	0x002dd306, // n0x0c9c c0x0000 (---------------)  + I kosaka
-	0x002befc5, // n0x0c9d c0x0000 (---------------)  + I kyowa
-	0x0022f486, // n0x0c9e c0x0000 (---------------)  + I misato
-	0x002b16c6, // n0x0c9f c0x0000 (---------------)  + I mitane
-	0x002c6849, // n0x0ca0 c0x0000 (---------------)  + I moriyoshi
-	0x0033cfc6, // n0x0ca1 c0x0000 (---------------)  + I nikaho
-	0x0037ebc7, // n0x0ca2 c0x0000 (---------------)  + I noshiro
-	0x002c5f85, // n0x0ca3 c0x0000 (---------------)  + I odate
-	0x00202a03, // n0x0ca4 c0x0000 (---------------)  + I oga
-	0x00223845, // n0x0ca5 c0x0000 (---------------)  + I ogata
-	0x002a6287, // n0x0ca6 c0x0000 (---------------)  + I semboku
-	0x00330a06, // n0x0ca7 c0x0000 (---------------)  + I yokote
-	0x0038e449, // n0x0ca8 c0x0000 (---------------)  + I yurihonjo
-	0x0030bf06, // n0x0ca9 c0x0000 (---------------)  + I aomori
-	0x00282e06, // n0x0caa c0x0000 (---------------)  + I gonohe
-	0x0020db09, // n0x0cab c0x0000 (---------------)  + I hachinohe
-	0x002825c9, // n0x0cac c0x0000 (---------------)  + I hashikami
-	0x0029f407, // n0x0cad c0x0000 (---------------)  + I hiranai
-	0x002eb708, // n0x0cae c0x0000 (---------------)  + I hirosaki
-	0x002692c9, // n0x0caf c0x0000 (---------------)  + I itayanagi
-	0x0027edc8, // n0x0cb0 c0x0000 (---------------)  + I kuroishi
-	0x0037d506, // n0x0cb1 c0x0000 (---------------)  + I misawa
-	0x002d0505, // n0x0cb2 c0x0000 (---------------)  + I mutsu
-	0x0021e54a, // n0x0cb3 c0x0000 (---------------)  + I nakadomari
-	0x00282e86, // n0x0cb4 c0x0000 (---------------)  + I noheji
-	0x00207e46, // n0x0cb5 c0x0000 (---------------)  + I oirase
-	0x002a2b85, // n0x0cb6 c0x0000 (---------------)  + I owani
-	0x0036b208, // n0x0cb7 c0x0000 (---------------)  + I rokunohe
-	0x0020ea87, // n0x0cb8 c0x0000 (---------------)  + I sannohe
-	0x0023638a, // n0x0cb9 c0x0000 (---------------)  + I shichinohe
-	0x0024e0c6, // n0x0cba c0x0000 (---------------)  + I shingo
-	0x00240bc5, // n0x0cbb c0x0000 (---------------)  + I takko
-	0x0024a2c6, // n0x0cbc c0x0000 (---------------)  + I towada
-	0x00297647, // n0x0cbd c0x0000 (---------------)  + I tsugaru
-	0x002e83c7, // n0x0cbe c0x0000 (---------------)  + I tsuruta
-	0x0037e845, // n0x0cbf c0x0000 (---------------)  + I abiko
-	0x002bf185, // n0x0cc0 c0x0000 (---------------)  + I asahi
-	0x002e59c6, // n0x0cc1 c0x0000 (---------------)  + I chonan
-	0x002e6b46, // n0x0cc2 c0x0000 (---------------)  + I chosei
-	0x00300346, // n0x0cc3 c0x0000 (---------------)  + I choshi
-	0x0030ba84, // n0x0cc4 c0x0000 (---------------)  + I chuo
-	0x00281689, // n0x0cc5 c0x0000 (---------------)  + I funabashi
-	0x00288286, // n0x0cc6 c0x0000 (---------------)  + I futtsu
-	0x0034ad4a, // n0x0cc7 c0x0000 (---------------)  + I hanamigawa
-	0x0028f548, // n0x0cc8 c0x0000 (---------------)  + I ichihara
-	0x00265608, // n0x0cc9 c0x0000 (---------------)  + I ichikawa
-	0x002d218a, // n0x0cca c0x0000 (---------------)  + I ichinomiya
-	0x003a0f85, // n0x0ccb c0x0000 (---------------)  + I inzai
-	0x0029c385, // n0x0ccc c0x0000 (---------------)  + I isumi
-	0x00307d08, // n0x0ccd c0x0000 (---------------)  + I kamagaya
-	0x002caec8, // n0x0cce c0x0000 (---------------)  + I kamogawa
-	0x002037c7, // n0x0ccf c0x0000 (---------------)  + I kashiwa
-	0x00294d86, // n0x0cd0 c0x0000 (---------------)  + I katori
-	0x003141c8, // n0x0cd1 c0x0000 (---------------)  + I katsuura
-	0x002303c7, // n0x0cd2 c0x0000 (---------------)  + I kimitsu
-	0x00280d88, // n0x0cd3 c0x0000 (---------------)  + I kisarazu
-	0x00368e86, // n0x0cd4 c0x0000 (---------------)  + I kozaki
-	0x00283fc8, // n0x0cd5 c0x0000 (---------------)  + I kujukuri
-	0x002b4246, // n0x0cd6 c0x0000 (---------------)  + I kyonan
-	0x00243747, // n0x0cd7 c0x0000 (---------------)  + I matsudo
-	0x00298e06, // n0x0cd8 c0x0000 (---------------)  + I midori
-	0x002da306, // n0x0cd9 c0x0000 (---------------)  + I mihama
-	0x0023c6ca, // n0x0cda c0x0000 (---------------)  + I minamiboso
-	0x00234886, // n0x0cdb c0x0000 (---------------)  + I mobara
-	0x002d0509, // n0x0cdc c0x0000 (---------------)  + I mutsuzawa
-	0x002ae046, // n0x0cdd c0x0000 (---------------)  + I nagara
-	0x002d164a, // n0x0cde c0x0000 (---------------)  + I nagareyama
-	0x002c8a09, // n0x0cdf c0x0000 (---------------)  + I narashino
-	0x0037df46, // n0x0ce0 c0x0000 (---------------)  + I narita
-	0x0037f944, // n0x0ce1 c0x0000 (---------------)  + I noda
-	0x003071cd, // n0x0ce2 c0x0000 (---------------)  + I oamishirasato
-	0x00287647, // n0x0ce3 c0x0000 (---------------)  + I omigawa
-	0x00316686, // n0x0ce4 c0x0000 (---------------)  + I onjuku
-	0x002b8f45, // n0x0ce5 c0x0000 (---------------)  + I otaki
-	0x002dd385, // n0x0ce6 c0x0000 (---------------)  + I sakae
-	0x00307fc6, // n0x0ce7 c0x0000 (---------------)  + I sakura
-	0x0028d9c9, // n0x0ce8 c0x0000 (---------------)  + I shimofusa
-	0x002aaf87, // n0x0ce9 c0x0000 (---------------)  + I shirako
-	0x0027a9c6, // n0x0cea c0x0000 (---------------)  + I shiroi
-	0x002af8c6, // n0x0ceb c0x0000 (---------------)  + I shisui
-	0x00286c49, // n0x0cec c0x0000 (---------------)  + I sodegaura
-	0x0021f484, // n0x0ced c0x0000 (---------------)  + I sosa
-	0x0036bcc4, // n0x0cee c0x0000 (---------------)  + I tako
-	0x002040c8, // n0x0cef c0x0000 (---------------)  + I tateyama
-	0x002aea86, // n0x0cf0 c0x0000 (---------------)  + I togane
-	0x0029ed88, // n0x0cf1 c0x0000 (---------------)  + I tohnosho
-	0x0022f408, // n0x0cf2 c0x0000 (---------------)  + I tomisato
-	0x00280587, // n0x0cf3 c0x0000 (---------------)  + I urayasu
-	0x003a6349, // n0x0cf4 c0x0000 (---------------)  + I yachimata
-	0x00300547, // n0x0cf5 c0x0000 (---------------)  + I yachiyo
-	0x002adc0a, // n0x0cf6 c0x0000 (---------------)  + I yokaichiba
-	0x0022edcf, // n0x0cf7 c0x0000 (---------------)  + I yokoshibahikari
-	0x00269dca, // n0x0cf8 c0x0000 (---------------)  + I yotsukaido
-	0x00223245, // n0x0cf9 c0x0000 (---------------)  + I ainan
-	0x00279305, // n0x0cfa c0x0000 (---------------)  + I honai
-	0x00216985, // n0x0cfb c0x0000 (---------------)  + I ikata
-	0x00249147, // n0x0cfc c0x0000 (---------------)  + I imabari
-	0x00206043, // n0x0cfd c0x0000 (---------------)  + I iyo
-	0x002eb908, // n0x0cfe c0x0000 (---------------)  + I kamijima
-	0x002f5c86, // n0x0cff c0x0000 (---------------)  + I kihoku
-	0x002f5d89, // n0x0d00 c0x0000 (---------------)  + I kumakogen
-	0x003a3b06, // n0x0d01 c0x0000 (---------------)  + I masaki
-	0x002c02c7, // n0x0d02 c0x0000 (---------------)  + I matsuno
-	0x00298189, // n0x0d03 c0x0000 (---------------)  + I matsuyama
-	0x00377f48, // n0x0d04 c0x0000 (---------------)  + I namikata
-	0x002a2c47, // n0x0d05 c0x0000 (---------------)  + I niihama
-	0x00300a43, // n0x0d06 c0x0000 (---------------)  + I ozu
-	0x00334dc5, // n0x0d07 c0x0000 (---------------)  + I saijo
-	0x002396c5, // n0x0d08 c0x0000 (---------------)  + I seiyo
-	0x0030b8cb, // n0x0d09 c0x0000 (---------------)  + I shikokuchuo
-	0x002be184, // n0x0d0a c0x0000 (---------------)  + I tobe
-	0x0020b004, // n0x0d0b c0x0000 (---------------)  + I toon
-	0x00278086, // n0x0d0c c0x0000 (---------------)  + I uchiko
-	0x00300dc7, // n0x0d0d c0x0000 (---------------)  + I uwajima
-	0x0038f14a, // n0x0d0e c0x0000 (---------------)  + I yawatahama
-	0x0024b9c7, // n0x0d0f c0x0000 (---------------)  + I echizen
-	0x00375fc7, // n0x0d10 c0x0000 (---------------)  + I eiheiji
-	0x0027dac5, // n0x0d11 c0x0000 (---------------)  + I fukui
-	0x00202585, // n0x0d12 c0x0000 (---------------)  + I ikeda
-	0x0021ebc9, // n0x0d13 c0x0000 (---------------)  + I katsuyama
-	0x002da306, // n0x0d14 c0x0000 (---------------)  + I mihama
-	0x0024b84d, // n0x0d15 c0x0000 (---------------)  + I minamiechizen
-	0x00395f05, // n0x0d16 c0x0000 (---------------)  + I obama
-	0x00299783, // n0x0d17 c0x0000 (---------------)  + I ohi
-	0x0020a703, // n0x0d18 c0x0000 (---------------)  + I ono
-	0x002f6605, // n0x0d19 c0x0000 (---------------)  + I sabae
-	0x0034ca05, // n0x0d1a c0x0000 (---------------)  + I sakai
-	0x00365ec8, // n0x0d1b c0x0000 (---------------)  + I takahama
-	0x0027b9c7, // n0x0d1c c0x0000 (---------------)  + I tsuruga
-	0x0036ba46, // n0x0d1d c0x0000 (---------------)  + I wakasa
-	0x0029d906, // n0x0d1e c0x0000 (---------------)  + I ashiya
-	0x0022d885, // n0x0d1f c0x0000 (---------------)  + I buzen
-	0x0023aa47, // n0x0d20 c0x0000 (---------------)  + I chikugo
-	0x00201a07, // n0x0d21 c0x0000 (---------------)  + I chikuho
-	0x00293107, // n0x0d22 c0x0000 (---------------)  + I chikujo
-	0x002cb1ca, // n0x0d23 c0x0000 (---------------)  + I chikushino
-	0x00252408, // n0x0d24 c0x0000 (---------------)  + I chikuzen
-	0x0030ba84, // n0x0d25 c0x0000 (---------------)  + I chuo
-	0x00214b07, // n0x0d26 c0x0000 (---------------)  + I dazaifu
-	0x0027cc87, // n0x0d27 c0x0000 (---------------)  + I fukuchi
-	0x0032c406, // n0x0d28 c0x0000 (---------------)  + I hakata
-	0x00268047, // n0x0d29 c0x0000 (---------------)  + I higashi
-	0x002d2bc8, // n0x0d2a c0x0000 (---------------)  + I hirokawa
-	0x002a14c8, // n0x0d2b c0x0000 (---------------)  + I hisayama
-	0x0026e786, // n0x0d2c c0x0000 (---------------)  + I iizuka
-	0x0022b108, // n0x0d2d c0x0000 (---------------)  + I inatsuki
-	0x002c6404, // n0x0d2e c0x0000 (---------------)  + I kaho
-	0x00321d86, // n0x0d2f c0x0000 (---------------)  + I kasuga
-	0x0020f406, // n0x0d30 c0x0000 (---------------)  + I kasuya
-	0x00206106, // n0x0d31 c0x0000 (---------------)  + I kawara
-	0x002ebf06, // n0x0d32 c0x0000 (---------------)  + I keisen
-	0x00226304, // n0x0d33 c0x0000 (---------------)  + I koga
-	0x0031d1c6, // n0x0d34 c0x0000 (---------------)  + I kurate
-	0x002b81c6, // n0x0d35 c0x0000 (---------------)  + I kurogi
-	0x002969c6, // n0x0d36 c0x0000 (---------------)  + I kurume
-	0x00228406, // n0x0d37 c0x0000 (---------------)  + I minami
-	0x0020a5c6, // n0x0d38 c0x0000 (---------------)  + I miyako
-	0x002d2a06, // n0x0d39 c0x0000 (---------------)  + I miyama
-	0x0036b948, // n0x0d3a c0x0000 (---------------)  + I miyawaka
-	0x002f0088, // n0x0d3b c0x0000 (---------------)  + I mizumaki
-	0x002cbdc8, // n0x0d3c c0x0000 (---------------)  + I munakata
-	0x002ac8c8, // n0x0d3d c0x0000 (---------------)  + I nakagawa
-	0x00307c86, // n0x0d3e c0x0000 (---------------)  + I nakama
-	0x00211805, // n0x0d3f c0x0000 (---------------)  + I nishi
-	0x00223806, // n0x0d40 c0x0000 (---------------)  + I nogata
-	0x002abb05, // n0x0d41 c0x0000 (---------------)  + I ogori
-	0x00380887, // n0x0d42 c0x0000 (---------------)  + I okagaki
-	0x002060c5, // n0x0d43 c0x0000 (---------------)  + I okawa
-	0x00215483, // n0x0d44 c0x0000 (---------------)  + I oki
-	0x00203a85, // n0x0d45 c0x0000 (---------------)  + I omuta
-	0x002b6104, // n0x0d46 c0x0000 (---------------)  + I onga
-	0x0020a705, // n0x0d47 c0x0000 (---------------)  + I onojo
-	0x00216003, // n0x0d48 c0x0000 (---------------)  + I oto
-	0x002d87c7, // n0x0d49 c0x0000 (---------------)  + I saigawa
-	0x0036fd08, // n0x0d4a c0x0000 (---------------)  + I sasaguri
-	0x00266d06, // n0x0d4b c0x0000 (---------------)  + I shingu
-	0x002a224d, // n0x0d4c c0x0000 (---------------)  + I shinyoshitomi
-	0x002792c6, // n0x0d4d c0x0000 (---------------)  + I shonai
-	0x00295a45, // n0x0d4e c0x0000 (---------------)  + I soeda
-	0x002c6c03, // n0x0d4f c0x0000 (---------------)  + I sue
-	0x002b3109, // n0x0d50 c0x0000 (---------------)  + I tachiarai
-	0x002c1c86, // n0x0d51 c0x0000 (---------------)  + I tagawa
-	0x00238646, // n0x0d52 c0x0000 (---------------)  + I takata
-	0x0034cf44, // n0x0d53 c0x0000 (---------------)  + I toho
-	0x00269d47, // n0x0d54 c0x0000 (---------------)  + I toyotsu
-	0x0023bd46, // n0x0d55 c0x0000 (---------------)  + I tsuiki
-	0x0036b045, // n0x0d56 c0x0000 (---------------)  + I ukiha
-	0x0020b583, // n0x0d57 c0x0000 (---------------)  + I umi
-	0x002066c4, // n0x0d58 c0x0000 (---------------)  + I usui
-	0x0027ce46, // n0x0d59 c0x0000 (---------------)  + I yamada
-	0x002a7d84, // n0x0d5a c0x0000 (---------------)  + I yame
-	0x0030df48, // n0x0d5b c0x0000 (---------------)  + I yanagawa
-	0x00383d09, // n0x0d5c c0x0000 (---------------)  + I yukuhashi
-	0x002bde89, // n0x0d5d c0x0000 (---------------)  + I aizubange
-	0x0029eb8a, // n0x0d5e c0x0000 (---------------)  + I aizumisato
-	0x002453cd, // n0x0d5f c0x0000 (---------------)  + I aizuwakamatsu
-	0x00248a07, // n0x0d60 c0x0000 (---------------)  + I asakawa
-	0x00207cc6, // n0x0d61 c0x0000 (---------------)  + I bandai
-	0x0020c7c4, // n0x0d62 c0x0000 (---------------)  + I date
-	0x0032fcc9, // n0x0d63 c0x0000 (---------------)  + I fukushima
-	0x002860c8, // n0x0d64 c0x0000 (---------------)  + I furudono
-	0x00287246, // n0x0d65 c0x0000 (---------------)  + I futaba
-	0x0025a746, // n0x0d66 c0x0000 (---------------)  + I hanawa
-	0x00268047, // n0x0d67 c0x0000 (---------------)  + I higashi
-	0x00347f46, // n0x0d68 c0x0000 (---------------)  + I hirata
-	0x0021d4c6, // n0x0d69 c0x0000 (---------------)  + I hirono
-	0x00384006, // n0x0d6a c0x0000 (---------------)  + I iitate
-	0x00395bca, // n0x0d6b c0x0000 (---------------)  + I inawashiro
-	0x0021a4c8, // n0x0d6c c0x0000 (---------------)  + I ishikawa
-	0x0022da85, // n0x0d6d c0x0000 (---------------)  + I iwaki
-	0x002802c9, // n0x0d6e c0x0000 (---------------)  + I izumizaki
-	0x0028128a, // n0x0d6f c0x0000 (---------------)  + I kagamiishi
-	0x002c7848, // n0x0d70 c0x0000 (---------------)  + I kaneyama
-	0x0029b888, // n0x0d71 c0x0000 (---------------)  + I kawamata
-	0x00295fc8, // n0x0d72 c0x0000 (---------------)  + I kitakata
-	0x00201e0c, // n0x0d73 c0x0000 (---------------)  + I kitashiobara
-	0x002d5305, // n0x0d74 c0x0000 (---------------)  + I koori
-	0x0029db88, // n0x0d75 c0x0000 (---------------)  + I koriyama
-	0x00342586, // n0x0d76 c0x0000 (---------------)  + I kunimi
-	0x00306306, // n0x0d77 c0x0000 (---------------)  + I miharu
-	0x002bf3c7, // n0x0d78 c0x0000 (---------------)  + I mishima
-	0x0024b8c5, // n0x0d79 c0x0000 (---------------)  + I namie
-	0x00282d45, // n0x0d7a c0x0000 (---------------)  + I nango
-	0x002bdd49, // n0x0d7b c0x0000 (---------------)  + I nishiaizu
-	0x00211d87, // n0x0d7c c0x0000 (---------------)  + I nishigo
-	0x002f5d45, // n0x0d7d c0x0000 (---------------)  + I okuma
-	0x0021f187, // n0x0d7e c0x0000 (---------------)  + I omotego
-	0x0020a703, // n0x0d7f c0x0000 (---------------)  + I ono
-	0x002c0e45, // n0x0d80 c0x0000 (---------------)  + I otama
-	0x00346648, // n0x0d81 c0x0000 (---------------)  + I samegawa
-	0x002b1287, // n0x0d82 c0x0000 (---------------)  + I shimogo
-	0x0029b749, // n0x0d83 c0x0000 (---------------)  + I shirakawa
-	0x00319905, // n0x0d84 c0x0000 (---------------)  + I showa
-	0x0035d844, // n0x0d85 c0x0000 (---------------)  + I soma
-	0x002a0308, // n0x0d86 c0x0000 (---------------)  + I sukagawa
-	0x0022c747, // n0x0d87 c0x0000 (---------------)  + I taishin
-	0x002a2e08, // n0x0d88 c0x0000 (---------------)  + I tamakawa
-	0x00330f48, // n0x0d89 c0x0000 (---------------)  + I tanagura
-	0x002d9885, // n0x0d8a c0x0000 (---------------)  + I tenei
-	0x00350b06, // n0x0d8b c0x0000 (---------------)  + I yabuki
-	0x0028f086, // n0x0d8c c0x0000 (---------------)  + I yamato
-	0x00250089, // n0x0d8d c0x0000 (---------------)  + I yamatsuri
-	0x00314a47, // n0x0d8e c0x0000 (---------------)  + I yanaizu
-	0x002abfc6, // n0x0d8f c0x0000 (---------------)  + I yugawa
-	0x0028ca87, // n0x0d90 c0x0000 (---------------)  + I anpachi
-	0x002183c3, // n0x0d91 c0x0000 (---------------)  + I ena
-	0x0036aec4, // n0x0d92 c0x0000 (---------------)  + I gifu
-	0x002a0c45, // n0x0d93 c0x0000 (---------------)  + I ginan
-	0x00214d84, // n0x0d94 c0x0000 (---------------)  + I godo
-	0x00343c04, // n0x0d95 c0x0000 (---------------)  + I gujo
-	0x00280b47, // n0x0d96 c0x0000 (---------------)  + I hashima
-	0x00218a07, // n0x0d97 c0x0000 (---------------)  + I hichiso
-	0x0027ab84, // n0x0d98 c0x0000 (---------------)  + I hida
-	0x0029b590, // n0x0d99 c0x0000 (---------------)  + I higashishirakawa
-	0x00308147, // n0x0d9a c0x0000 (---------------)  + I ibigawa
-	0x00202585, // n0x0d9b c0x0000 (---------------)  + I ikeda
-	0x002ef98c, // n0x0d9c c0x0000 (---------------)  + I kakamigahara
-	0x00279cc4, // n0x0d9d c0x0000 (---------------)  + I kani
-	0x0029b388, // n0x0d9e c0x0000 (---------------)  + I kasahara
-	0x00243649, // n0x0d9f c0x0000 (---------------)  + I kasamatsu
-	0x00301506, // n0x0da0 c0x0000 (---------------)  + I kawaue
-	0x0021f588, // n0x0da1 c0x0000 (---------------)  + I kitagata
-	0x0024ff84, // n0x0da2 c0x0000 (---------------)  + I mino
-	0x002d7b88, // n0x0da3 c0x0000 (---------------)  + I minokamo
-	0x00268506, // n0x0da4 c0x0000 (---------------)  + I mitake
-	0x00228288, // n0x0da5 c0x0000 (---------------)  + I mizunami
-	0x002a0946, // n0x0da6 c0x0000 (---------------)  + I motosu
-	0x0037a2cb, // n0x0da7 c0x0000 (---------------)  + I nakatsugawa
-	0x00202a05, // n0x0da8 c0x0000 (---------------)  + I ogaki
-	0x002c6388, // n0x0da9 c0x0000 (---------------)  + I sakahogi
-	0x00217fc4, // n0x0daa c0x0000 (---------------)  + I seki
-	0x0028224a, // n0x0dab c0x0000 (---------------)  + I sekigahara
-	0x0029b749, // n0x0dac c0x0000 (---------------)  + I shirakawa
-	0x00312006, // n0x0dad c0x0000 (---------------)  + I tajimi
-	0x002c0148, // n0x0dae c0x0000 (---------------)  + I takayama
-	0x00274245, // n0x0daf c0x0000 (---------------)  + I tarui
-	0x00222904, // n0x0db0 c0x0000 (---------------)  + I toki
-	0x0029b286, // n0x0db1 c0x0000 (---------------)  + I tomika
-	0x00292fc8, // n0x0db2 c0x0000 (---------------)  + I wanouchi
-	0x002808c8, // n0x0db3 c0x0000 (---------------)  + I yamagata
-	0x00341746, // n0x0db4 c0x0000 (---------------)  + I yaotsu
-	0x00321484, // n0x0db5 c0x0000 (---------------)  + I yoro
-	0x0021e4c6, // n0x0db6 c0x0000 (---------------)  + I annaka
-	0x003005c7, // n0x0db7 c0x0000 (---------------)  + I chiyoda
-	0x00278cc7, // n0x0db8 c0x0000 (---------------)  + I fujioka
-	0x0026804f, // n0x0db9 c0x0000 (---------------)  + I higashiagatsuma
-	0x00204687, // n0x0dba c0x0000 (---------------)  + I isesaki
-	0x0037e007, // n0x0dbb c0x0000 (---------------)  + I itakura
-	0x003061c5, // n0x0dbc c0x0000 (---------------)  + I kanna
-	0x002e2345, // n0x0dbd c0x0000 (---------------)  + I kanra
-	0x0029f0c9, // n0x0dbe c0x0000 (---------------)  + I katashina
-	0x0026b7c6, // n0x0dbf c0x0000 (---------------)  + I kawaba
-	0x0027f4c5, // n0x0dc0 c0x0000 (---------------)  + I kiryu
-	0x002828c7, // n0x0dc1 c0x0000 (---------------)  + I kusatsu
-	0x002c5d48, // n0x0dc2 c0x0000 (---------------)  + I maebashi
-	0x002be885, // n0x0dc3 c0x0000 (---------------)  + I meiwa
-	0x00298e06, // n0x0dc4 c0x0000 (---------------)  + I midori
-	0x00216448, // n0x0dc5 c0x0000 (---------------)  + I minakami
-	0x00354f8a, // n0x0dc6 c0x0000 (---------------)  + I naganohara
-	0x00356448, // n0x0dc7 c0x0000 (---------------)  + I nakanojo
-	0x003a1d07, // n0x0dc8 c0x0000 (---------------)  + I nanmoku
-	0x0022f206, // n0x0dc9 c0x0000 (---------------)  + I numata
-	0x00280286, // n0x0dca c0x0000 (---------------)  + I oizumi
-	0x0021c683, // n0x0dcb c0x0000 (---------------)  + I ora
-	0x00204083, // n0x0dcc c0x0000 (---------------)  + I ota
-	0x00281449, // n0x0dcd c0x0000 (---------------)  + I shibukawa
-	0x00269149, // n0x0dce c0x0000 (---------------)  + I shimonita
-	0x00299ec6, // n0x0dcf c0x0000 (---------------)  + I shinto
-	0x00319905, // n0x0dd0 c0x0000 (---------------)  + I showa
-	0x002a06c8, // n0x0dd1 c0x0000 (---------------)  + I takasaki
-	0x002c0148, // n0x0dd2 c0x0000 (---------------)  + I takayama
-	0x0039a108, // n0x0dd3 c0x0000 (---------------)  + I tamamura
-	0x0038408b, // n0x0dd4 c0x0000 (---------------)  + I tatebayashi
-	0x002a2487, // n0x0dd5 c0x0000 (---------------)  + I tomioka
-	0x002ff549, // n0x0dd6 c0x0000 (---------------)  + I tsukiyono
-	0x002682c8, // n0x0dd7 c0x0000 (---------------)  + I tsumagoi
-	0x00387304, // n0x0dd8 c0x0000 (---------------)  + I ueno
-	0x002c6948, // n0x0dd9 c0x0000 (---------------)  + I yoshioka
-	0x0028bb49, // n0x0dda c0x0000 (---------------)  + I asaminami
-	0x002ac2c5, // n0x0ddb c0x0000 (---------------)  + I daiwa
-	0x00249047, // n0x0ddc c0x0000 (---------------)  + I etajima
-	0x002bc1c5, // n0x0ddd c0x0000 (---------------)  + I fuchu
-	0x002807c8, // n0x0dde c0x0000 (---------------)  + I fukuyama
-	0x0028f38b, // n0x0ddf c0x0000 (---------------)  + I hatsukaichi
-	0x00293b10, // n0x0de0 c0x0000 (---------------)  + I higashihiroshima
-	0x002a8645, // n0x0de1 c0x0000 (---------------)  + I hongo
-	0x00217f0c, // n0x0de2 c0x0000 (---------------)  + I jinsekikogen
-	0x0036bc05, // n0x0de3 c0x0000 (---------------)  + I kaita
-	0x0027db43, // n0x0de4 c0x0000 (---------------)  + I kui
-	0x00383786, // n0x0de5 c0x0000 (---------------)  + I kumano
-	0x002b7544, // n0x0de6 c0x0000 (---------------)  + I kure
-	0x003a69c6, // n0x0de7 c0x0000 (---------------)  + I mihara
-	0x0029c447, // n0x0de8 c0x0000 (---------------)  + I miyoshi
-	0x002164c4, // n0x0de9 c0x0000 (---------------)  + I naka
-	0x002d2088, // n0x0dea c0x0000 (---------------)  + I onomichi
-	0x002eb7cd, // n0x0deb c0x0000 (---------------)  + I osakikamijima
-	0x00305a45, // n0x0dec c0x0000 (---------------)  + I otake
-	0x002458c4, // n0x0ded c0x0000 (---------------)  + I saka
-	0x00222f84, // n0x0dee c0x0000 (---------------)  + I sera
-	0x0027fd49, // n0x0def c0x0000 (---------------)  + I seranishi
-	0x00286908, // n0x0df0 c0x0000 (---------------)  + I shinichi
-	0x0030bd87, // n0x0df1 c0x0000 (---------------)  + I shobara
-	0x00268588, // n0x0df2 c0x0000 (---------------)  + I takehara
-	0x00281748, // n0x0df3 c0x0000 (---------------)  + I abashiri
-	0x0027acc5, // n0x0df4 c0x0000 (---------------)  + I abira
-	0x00208b87, // n0x0df5 c0x0000 (---------------)  + I aibetsu
-	0x0027ac47, // n0x0df6 c0x0000 (---------------)  + I akabira
-	0x00209907, // n0x0df7 c0x0000 (---------------)  + I akkeshi
-	0x002bf189, // n0x0df8 c0x0000 (---------------)  + I asahikawa
-	0x0023bbc9, // n0x0df9 c0x0000 (---------------)  + I ashibetsu
-	0x00244e86, // n0x0dfa c0x0000 (---------------)  + I ashoro
-	0x002b4086, // n0x0dfb c0x0000 (---------------)  + I assabu
-	0x00268286, // n0x0dfc c0x0000 (---------------)  + I atsuma
-	0x0026a3c5, // n0x0dfd c0x0000 (---------------)  + I bibai
-	0x002d81c4, // n0x0dfe c0x0000 (---------------)  + I biei
-	0x00200ec6, // n0x0dff c0x0000 (---------------)  + I bifuka
-	0x00202106, // n0x0e00 c0x0000 (---------------)  + I bihoro
-	0x0027ad08, // n0x0e01 c0x0000 (---------------)  + I biratori
-	0x0029730b, // n0x0e02 c0x0000 (---------------)  + I chippubetsu
-	0x002ae607, // n0x0e03 c0x0000 (---------------)  + I chitose
-	0x0020c7c4, // n0x0e04 c0x0000 (---------------)  + I date
-	0x00223e46, // n0x0e05 c0x0000 (---------------)  + I ebetsu
-	0x00283707, // n0x0e06 c0x0000 (---------------)  + I embetsu
-	0x002f5f45, // n0x0e07 c0x0000 (---------------)  + I eniwa
-	0x00239145, // n0x0e08 c0x0000 (---------------)  + I erimo
-	0x00200484, // n0x0e09 c0x0000 (---------------)  + I esan
-	0x0023bb46, // n0x0e0a c0x0000 (---------------)  + I esashi
-	0x00200f48, // n0x0e0b c0x0000 (---------------)  + I fukagawa
-	0x0032fcc9, // n0x0e0c c0x0000 (---------------)  + I fukushima
-	0x00253846, // n0x0e0d c0x0000 (---------------)  + I furano
-	0x00285888, // n0x0e0e c0x0000 (---------------)  + I furubira
-	0x0036b106, // n0x0e0f c0x0000 (---------------)  + I haboro
-	0x0032ccc8, // n0x0e10 c0x0000 (---------------)  + I hakodate
-	0x002a9b8c, // n0x0e11 c0x0000 (---------------)  + I hamatonbetsu
-	0x0027ab86, // n0x0e12 c0x0000 (---------------)  + I hidaka
-	0x0029570d, // n0x0e13 c0x0000 (---------------)  + I higashikagura
-	0x00295b8b, // n0x0e14 c0x0000 (---------------)  + I higashikawa
-	0x0037ec85, // n0x0e15 c0x0000 (---------------)  + I hiroo
-	0x00201b47, // n0x0e16 c0x0000 (---------------)  + I hokuryu
-	0x0033d0c6, // n0x0e17 c0x0000 (---------------)  + I hokuto
-	0x002e8288, // n0x0e18 c0x0000 (---------------)  + I honbetsu
-	0x00244f09, // n0x0e19 c0x0000 (---------------)  + I horokanai
-	0x002bd888, // n0x0e1a c0x0000 (---------------)  + I horonobe
-	0x00202585, // n0x0e1b c0x0000 (---------------)  + I ikeda
-	0x002fe547, // n0x0e1c c0x0000 (---------------)  + I imakane
-	0x0027eec8, // n0x0e1d c0x0000 (---------------)  + I ishikari
-	0x00272289, // n0x0e1e c0x0000 (---------------)  + I iwamizawa
-	0x0023b0c6, // n0x0e1f c0x0000 (---------------)  + I iwanai
-	0x0025c78a, // n0x0e20 c0x0000 (---------------)  + I kamifurano
-	0x002e8008, // n0x0e21 c0x0000 (---------------)  + I kamikawa
-	0x002bd6cb, // n0x0e22 c0x0000 (---------------)  + I kamishihoro
-	0x00291a4c, // n0x0e23 c0x0000 (---------------)  + I kamisunagawa
-	0x002d7c88, // n0x0e24 c0x0000 (---------------)  + I kamoenai
-	0x0027c586, // n0x0e25 c0x0000 (---------------)  + I kayabe
-	0x00208588, // n0x0e26 c0x0000 (---------------)  + I kembuchi
-	0x002047c7, // n0x0e27 c0x0000 (---------------)  + I kikonai
-	0x0023be49, // n0x0e28 c0x0000 (---------------)  + I kimobetsu
-	0x0020ed4d, // n0x0e29 c0x0000 (---------------)  + I kitahiroshima
-	0x0029d586, // n0x0e2a c0x0000 (---------------)  + I kitami
-	0x00297008, // n0x0e2b c0x0000 (---------------)  + I kiyosato
-	0x002eff49, // n0x0e2c c0x0000 (---------------)  + I koshimizu
-	0x002b4a48, // n0x0e2d c0x0000 (---------------)  + I kunneppu
-	0x002840c8, // n0x0e2e c0x0000 (---------------)  + I kuriyama
-	0x002b8a8c, // n0x0e2f c0x0000 (---------------)  + I kuromatsunai
-	0x002b9a07, // n0x0e30 c0x0000 (---------------)  + I kushiro
-	0x002ba907, // n0x0e31 c0x0000 (---------------)  + I kutchan
-	0x002befc5, // n0x0e32 c0x0000 (---------------)  + I kyowa
-	0x0024eec7, // n0x0e33 c0x0000 (---------------)  + I mashike
-	0x002c5c08, // n0x0e34 c0x0000 (---------------)  + I matsumae
-	0x0029b306, // n0x0e35 c0x0000 (---------------)  + I mikasa
-	0x002536cc, // n0x0e36 c0x0000 (---------------)  + I minamifurano
-	0x002e3788, // n0x0e37 c0x0000 (---------------)  + I mombetsu
-	0x002c7c48, // n0x0e38 c0x0000 (---------------)  + I moseushi
-	0x002b6d86, // n0x0e39 c0x0000 (---------------)  + I mukawa
-	0x003961c7, // n0x0e3a c0x0000 (---------------)  + I muroran
-	0x00245084, // n0x0e3b c0x0000 (---------------)  + I naie
-	0x002ac8c8, // n0x0e3c c0x0000 (---------------)  + I nakagawa
-	0x0021840c, // n0x0e3d c0x0000 (---------------)  + I nakasatsunai
-	0x0036decc, // n0x0e3e c0x0000 (---------------)  + I nakatombetsu
-	0x002232c5, // n0x0e3f c0x0000 (---------------)  + I nanae
-	0x0038ae07, // n0x0e40 c0x0000 (---------------)  + I nanporo
-	0x00321406, // n0x0e41 c0x0000 (---------------)  + I nayoro
-	0x00396146, // n0x0e42 c0x0000 (---------------)  + I nemuro
-	0x00296508, // n0x0e43 c0x0000 (---------------)  + I niikappu
-	0x0039e6c4, // n0x0e44 c0x0000 (---------------)  + I niki
-	0x002251cb, // n0x0e45 c0x0000 (---------------)  + I nishiokoppe
-	0x0033214b, // n0x0e46 c0x0000 (---------------)  + I noboribetsu
-	0x0022f206, // n0x0e47 c0x0000 (---------------)  + I numata
-	0x002eb647, // n0x0e48 c0x0000 (---------------)  + I obihiro
-	0x00309145, // n0x0e49 c0x0000 (---------------)  + I obira
-	0x0026f985, // n0x0e4a c0x0000 (---------------)  + I oketo
-	0x00225306, // n0x0e4b c0x0000 (---------------)  + I okoppe
-	0x00274205, // n0x0e4c c0x0000 (---------------)  + I otaru
-	0x002be145, // n0x0e4d c0x0000 (---------------)  + I otobe
-	0x002bf687, // n0x0e4e c0x0000 (---------------)  + I otofuke
-	0x00278689, // n0x0e4f c0x0000 (---------------)  + I otoineppu
-	0x002e6d04, // n0x0e50 c0x0000 (---------------)  + I oumu
-	0x00277145, // n0x0e51 c0x0000 (---------------)  + I ozora
-	0x002d72c5, // n0x0e52 c0x0000 (---------------)  + I pippu
-	0x00289ac8, // n0x0e53 c0x0000 (---------------)  + I rankoshi
-	0x002d1ec5, // n0x0e54 c0x0000 (---------------)  + I rebun
-	0x002a7649, // n0x0e55 c0x0000 (---------------)  + I rikubetsu
-	0x002a5647, // n0x0e56 c0x0000 (---------------)  + I rishiri
-	0x002a564b, // n0x0e57 c0x0000 (---------------)  + I rishirifuji
-	0x0031cf46, // n0x0e58 c0x0000 (---------------)  + I saroma
-	0x0036b689, // n0x0e59 c0x0000 (---------------)  + I sarufutsu
-	0x00229388, // n0x0e5a c0x0000 (---------------)  + I shakotan
-	0x00259285, // n0x0e5b c0x0000 (---------------)  + I shari
-	0x00209a08, // n0x0e5c c0x0000 (---------------)  + I shibecha
-	0x0023bc08, // n0x0e5d c0x0000 (---------------)  + I shibetsu
-	0x0021afc7, // n0x0e5e c0x0000 (---------------)  + I shikabe
-	0x00280147, // n0x0e5f c0x0000 (---------------)  + I shikaoi
-	0x00280bc9, // n0x0e60 c0x0000 (---------------)  + I shimamaki
-	0x002281c7, // n0x0e61 c0x0000 (---------------)  + I shimizu
-	0x00263849, // n0x0e62 c0x0000 (---------------)  + I shimokawa
-	0x0029120c, // n0x0e63 c0x0000 (---------------)  + I shinshinotsu
-	0x00299ec8, // n0x0e64 c0x0000 (---------------)  + I shintoku
-	0x002d9d89, // n0x0e65 c0x0000 (---------------)  + I shiranuka
-	0x002d5707, // n0x0e66 c0x0000 (---------------)  + I shiraoi
-	0x00281809, // n0x0e67 c0x0000 (---------------)  + I shiriuchi
-	0x00218b47, // n0x0e68 c0x0000 (---------------)  + I sobetsu
-	0x00291b48, // n0x0e69 c0x0000 (---------------)  + I sunagawa
-	0x00289e05, // n0x0e6a c0x0000 (---------------)  + I taiki
-	0x00321d06, // n0x0e6b c0x0000 (---------------)  + I takasu
-	0x002b8f88, // n0x0e6c c0x0000 (---------------)  + I takikawa
-	0x002f8588, // n0x0e6d c0x0000 (---------------)  + I takinoue
-	0x00281149, // n0x0e6e c0x0000 (---------------)  + I teshikaga
-	0x002be187, // n0x0e6f c0x0000 (---------------)  + I tobetsu
-	0x00270305, // n0x0e70 c0x0000 (---------------)  + I tohma
-	0x0020bf49, // n0x0e71 c0x0000 (---------------)  + I tomakomai
-	0x00269686, // n0x0e72 c0x0000 (---------------)  + I tomari
-	0x0028e9c4, // n0x0e73 c0x0000 (---------------)  + I toya
-	0x0034cc46, // n0x0e74 c0x0000 (---------------)  + I toyako
-	0x00265f88, // n0x0e75 c0x0000 (---------------)  + I toyotomi
-	0x0026ae47, // n0x0e76 c0x0000 (---------------)  + I toyoura
-	0x00297508, // n0x0e77 c0x0000 (---------------)  + I tsubetsu
-	0x0022b1c9, // n0x0e78 c0x0000 (---------------)  + I tsukigata
-	0x002b6b07, // n0x0e79 c0x0000 (---------------)  + I urakawa
-	0x0029d406, // n0x0e7a c0x0000 (---------------)  + I urausu
-	0x00201c04, // n0x0e7b c0x0000 (---------------)  + I uryu
-	0x00203b09, // n0x0e7c c0x0000 (---------------)  + I utashinai
-	0x00208a08, // n0x0e7d c0x0000 (---------------)  + I wakkanai
-	0x002b6c47, // n0x0e7e c0x0000 (---------------)  + I wassamu
-	0x00325346, // n0x0e7f c0x0000 (---------------)  + I yakumo
-	0x00239786, // n0x0e80 c0x0000 (---------------)  + I yoichi
-	0x00207dc4, // n0x0e81 c0x0000 (---------------)  + I aioi
-	0x002a8a46, // n0x0e82 c0x0000 (---------------)  + I akashi
-	0x0020a683, // n0x0e83 c0x0000 (---------------)  + I ako
-	0x002ec709, // n0x0e84 c0x0000 (---------------)  + I amagasaki
-	0x002029c6, // n0x0e85 c0x0000 (---------------)  + I aogaki
-	0x0029bac5, // n0x0e86 c0x0000 (---------------)  + I asago
-	0x0029d906, // n0x0e87 c0x0000 (---------------)  + I ashiya
-	0x002a2f45, // n0x0e88 c0x0000 (---------------)  + I awaji
-	0x0027f348, // n0x0e89 c0x0000 (---------------)  + I fukusaki
-	0x002d79c7, // n0x0e8a c0x0000 (---------------)  + I goshiki
-	0x00205b86, // n0x0e8b c0x0000 (---------------)  + I harima
-	0x00229046, // n0x0e8c c0x0000 (---------------)  + I himeji
-	0x00265608, // n0x0e8d c0x0000 (---------------)  + I ichikawa
-	0x0029f247, // n0x0e8e c0x0000 (---------------)  + I inagawa
-	0x0029d5c5, // n0x0e8f c0x0000 (---------------)  + I itami
-	0x0029de08, // n0x0e90 c0x0000 (---------------)  + I kakogawa
-	0x00383348, // n0x0e91 c0x0000 (---------------)  + I kamigori
-	0x002e8008, // n0x0e92 c0x0000 (---------------)  + I kamikawa
-	0x0036bac5, // n0x0e93 c0x0000 (---------------)  + I kasai
-	0x00321d86, // n0x0e94 c0x0000 (---------------)  + I kasuga
-	0x002bdc49, // n0x0e95 c0x0000 (---------------)  + I kawanishi
-	0x0028ef04, // n0x0e96 c0x0000 (---------------)  + I miki
-	0x0036a88b, // n0x0e97 c0x0000 (---------------)  + I minamiawaji
-	0x0021d1cb, // n0x0e98 c0x0000 (---------------)  + I nishinomiya
-	0x0022d989, // n0x0e99 c0x0000 (---------------)  + I nishiwaki
-	0x0020a703, // n0x0e9a c0x0000 (---------------)  + I ono
-	0x00259bc5, // n0x0e9b c0x0000 (---------------)  + I sanda
-	0x002069c6, // n0x0e9c c0x0000 (---------------)  + I sannan
-	0x002db6c8, // n0x0e9d c0x0000 (---------------)  + I sasayama
-	0x0022ed44, // n0x0e9e c0x0000 (---------------)  + I sayo
-	0x00266d06, // n0x0e9f c0x0000 (---------------)  + I shingu
-	0x002cb309, // n0x0ea0 c0x0000 (---------------)  + I shinonsen
-	0x002af085, // n0x0ea1 c0x0000 (---------------)  + I shiso
-	0x002bf5c6, // n0x0ea2 c0x0000 (---------------)  + I sumoto
-	0x0022c746, // n0x0ea3 c0x0000 (---------------)  + I taishi
-	0x00216a44, // n0x0ea4 c0x0000 (---------------)  + I taka
-	0x0029614a, // n0x0ea5 c0x0000 (---------------)  + I takarazuka
-	0x0029ba08, // n0x0ea6 c0x0000 (---------------)  + I takasago
-	0x002f8586, // n0x0ea7 c0x0000 (---------------)  + I takino
-	0x002ce105, // n0x0ea8 c0x0000 (---------------)  + I tamba
-	0x0020d407, // n0x0ea9 c0x0000 (---------------)  + I tatsuno
-	0x0024fbc7, // n0x0eaa c0x0000 (---------------)  + I toyooka
-	0x00350b04, // n0x0eab c0x0000 (---------------)  + I yabu
-	0x0021d407, // n0x0eac c0x0000 (---------------)  + I yashiro
-	0x00206084, // n0x0ead c0x0000 (---------------)  + I yoka
-	0x00206086, // n0x0eae c0x0000 (---------------)  + I yokawa
-	0x00208fc3, // n0x0eaf c0x0000 (---------------)  + I ami
-	0x002bf185, // n0x0eb0 c0x0000 (---------------)  + I asahi
-	0x0034be85, // n0x0eb1 c0x0000 (---------------)  + I bando
-	0x0022cac8, // n0x0eb2 c0x0000 (---------------)  + I chikusei
-	0x00214cc5, // n0x0eb3 c0x0000 (---------------)  + I daigo
-	0x0027a8c9, // n0x0eb4 c0x0000 (---------------)  + I fujishiro
-	0x002a27c7, // n0x0eb5 c0x0000 (---------------)  + I hitachi
-	0x002ac70b, // n0x0eb6 c0x0000 (---------------)  + I hitachinaka
-	0x002a27cc, // n0x0eb7 c0x0000 (---------------)  + I hitachiomiya
-	0x002a344a, // n0x0eb8 c0x0000 (---------------)  + I hitachiota
-	0x002c1ac7, // n0x0eb9 c0x0000 (---------------)  + I ibaraki
-	0x002013c3, // n0x0eba c0x0000 (---------------)  + I ina
-	0x00370248, // n0x0ebb c0x0000 (---------------)  + I inashiki
-	0x0036bc85, // n0x0ebc c0x0000 (---------------)  + I itako
-	0x002be905, // n0x0ebd c0x0000 (---------------)  + I iwama
-	0x00334e84, // n0x0ebe c0x0000 (---------------)  + I joso
-	0x00291a46, // n0x0ebf c0x0000 (---------------)  + I kamisu
-	0x00243646, // n0x0ec0 c0x0000 (---------------)  + I kasama
-	0x002a8a87, // n0x0ec1 c0x0000 (---------------)  + I kashima
-	0x0020b4cb, // n0x0ec2 c0x0000 (---------------)  + I kasumigaura
-	0x00226304, // n0x0ec3 c0x0000 (---------------)  + I koga
-	0x003781c4, // n0x0ec4 c0x0000 (---------------)  + I miho
-	0x0026e904, // n0x0ec5 c0x0000 (---------------)  + I mito
-	0x002c60c6, // n0x0ec6 c0x0000 (---------------)  + I moriya
-	0x002164c4, // n0x0ec7 c0x0000 (---------------)  + I naka
-	0x002bffc8, // n0x0ec8 c0x0000 (---------------)  + I namegata
-	0x00334c85, // n0x0ec9 c0x0000 (---------------)  + I oarai
-	0x00245a05, // n0x0eca c0x0000 (---------------)  + I ogawa
-	0x0039a047, // n0x0ecb c0x0000 (---------------)  + I omitama
-	0x00201c49, // n0x0ecc c0x0000 (---------------)  + I ryugasaki
-	0x0034ca05, // n0x0ecd c0x0000 (---------------)  + I sakai
-	0x00372a4a, // n0x0ece c0x0000 (---------------)  + I sakuragawa
-	0x002c5e89, // n0x0ecf c0x0000 (---------------)  + I shimodate
-	0x00285e4a, // n0x0ed0 c0x0000 (---------------)  + I shimotsuma
-	0x00395d09, // n0x0ed1 c0x0000 (---------------)  + I shirosato
-	0x00332b04, // n0x0ed2 c0x0000 (---------------)  + I sowa
-	0x002af985, // n0x0ed3 c0x0000 (---------------)  + I suifu
-	0x00348048, // n0x0ed4 c0x0000 (---------------)  + I takahagi
-	0x002d930b, // n0x0ed5 c0x0000 (---------------)  + I tamatsukuri
-	0x002fa0c5, // n0x0ed6 c0x0000 (---------------)  + I tokai
-	0x0028e1c6, // n0x0ed7 c0x0000 (---------------)  + I tomobe
-	0x00221d44, // n0x0ed8 c0x0000 (---------------)  + I tone
-	0x0027ae06, // n0x0ed9 c0x0000 (---------------)  + I toride
-	0x002b6989, // n0x0eda c0x0000 (---------------)  + I tsuchiura
-	0x00223f07, // n0x0edb c0x0000 (---------------)  + I tsukuba
-	0x0030c0c8, // n0x0edc c0x0000 (---------------)  + I uchihara
-	0x00245746, // n0x0edd c0x0000 (---------------)  + I ushiku
-	0x00300547, // n0x0ede c0x0000 (---------------)  + I yachiyo
-	0x002808c8, // n0x0edf c0x0000 (---------------)  + I yamagata
-	0x00386686, // n0x0ee0 c0x0000 (---------------)  + I yawara
-	0x0024e8c4, // n0x0ee1 c0x0000 (---------------)  + I yuki
-	0x0035e047, // n0x0ee2 c0x0000 (---------------)  + I anamizu
-	0x00344045, // n0x0ee3 c0x0000 (---------------)  + I hakui
-	0x0034a747, // n0x0ee4 c0x0000 (---------------)  + I hakusan
-	0x00200fc4, // n0x0ee5 c0x0000 (---------------)  + I kaga
-	0x0033d046, // n0x0ee6 c0x0000 (---------------)  + I kahoku
-	0x0021a748, // n0x0ee7 c0x0000 (---------------)  + I kanazawa
-	0x00295d48, // n0x0ee8 c0x0000 (---------------)  + I kawakita
-	0x002aa707, // n0x0ee9 c0x0000 (---------------)  + I komatsu
-	0x002546c8, // n0x0eea c0x0000 (---------------)  + I nakanoto
-	0x002b4305, // n0x0eeb c0x0000 (---------------)  + I nanao
-	0x0020a544, // n0x0eec c0x0000 (---------------)  + I nomi
-	0x00265508, // n0x0eed c0x0000 (---------------)  + I nonoichi
-	0x002547c4, // n0x0eee c0x0000 (---------------)  + I noto
-	0x00216905, // n0x0eef c0x0000 (---------------)  + I shika
-	0x002eeb44, // n0x0ef0 c0x0000 (---------------)  + I suzu
-	0x002304c7, // n0x0ef1 c0x0000 (---------------)  + I tsubata
-	0x00288347, // n0x0ef2 c0x0000 (---------------)  + I tsurugi
-	0x00281948, // n0x0ef3 c0x0000 (---------------)  + I uchinada
-	0x002a2f86, // n0x0ef4 c0x0000 (---------------)  + I wajima
-	0x00214c45, // n0x0ef5 c0x0000 (---------------)  + I fudai
-	0x0027a6c8, // n0x0ef6 c0x0000 (---------------)  + I fujisawa
-	0x00356648, // n0x0ef7 c0x0000 (---------------)  + I hanamaki
-	0x0029eac9, // n0x0ef8 c0x0000 (---------------)  + I hiraizumi
-	0x0021d4c6, // n0x0ef9 c0x0000 (---------------)  + I hirono
-	0x00236408, // n0x0efa c0x0000 (---------------)  + I ichinohe
-	0x002820ca, // n0x0efb c0x0000 (---------------)  + I ichinoseki
-	0x002f5fc8, // n0x0efc c0x0000 (---------------)  + I iwaizumi
-	0x002d8485, // n0x0efd c0x0000 (---------------)  + I iwate
-	0x00224706, // n0x0efe c0x0000 (---------------)  + I joboji
-	0x0028d888, // n0x0eff c0x0000 (---------------)  + I kamaishi
-	0x002fe60a, // n0x0f00 c0x0000 (---------------)  + I kanegasaki
-	0x00271b47, // n0x0f01 c0x0000 (---------------)  + I karumai
-	0x002864c5, // n0x0f02 c0x0000 (---------------)  + I kawai
-	0x00294308, // n0x0f03 c0x0000 (---------------)  + I kitakami
-	0x00371504, // n0x0f04 c0x0000 (---------------)  + I kuji
-	0x0036b286, // n0x0f05 c0x0000 (---------------)  + I kunohe
-	0x002bb088, // n0x0f06 c0x0000 (---------------)  + I kuzumaki
-	0x0020a5c6, // n0x0f07 c0x0000 (---------------)  + I miyako
-	0x002ea148, // n0x0f08 c0x0000 (---------------)  + I mizusawa
-	0x0022aa47, // n0x0f09 c0x0000 (---------------)  + I morioka
-	0x002072c6, // n0x0f0a c0x0000 (---------------)  + I ninohe
-	0x0037f944, // n0x0f0b c0x0000 (---------------)  + I noda
-	0x002db247, // n0x0f0c c0x0000 (---------------)  + I ofunato
-	0x00342084, // n0x0f0d c0x0000 (---------------)  + I oshu
-	0x002b6947, // n0x0f0e c0x0000 (---------------)  + I otsuchi
-	0x0023848d, // n0x0f0f c0x0000 (---------------)  + I rikuzentakata
-	0x00203845, // n0x0f10 c0x0000 (---------------)  + I shiwa
-	0x002b108b, // n0x0f11 c0x0000 (---------------)  + I shizukuishi
-	0x002a0a46, // n0x0f12 c0x0000 (---------------)  + I sumita
-	0x00252c88, // n0x0f13 c0x0000 (---------------)  + I tanohata
-	0x003895c4, // n0x0f14 c0x0000 (---------------)  + I tono
-	0x00276f06, // n0x0f15 c0x0000 (---------------)  + I yahaba
-	0x0027ce46, // n0x0f16 c0x0000 (---------------)  + I yamada
-	0x002088c7, // n0x0f17 c0x0000 (---------------)  + I ayagawa
-	0x002953cd, // n0x0f18 c0x0000 (---------------)  + I higashikagawa
-	0x00322787, // n0x0f19 c0x0000 (---------------)  + I kanonji
-	0x00339cc8, // n0x0f1a c0x0000 (---------------)  + I kotohira
-	0x00366045, // n0x0f1b c0x0000 (---------------)  + I manno
-	0x00297bc8, // n0x0f1c c0x0000 (---------------)  + I marugame
-	0x002c0886, // n0x0f1d c0x0000 (---------------)  + I mitoyo
-	0x002b4388, // n0x0f1e c0x0000 (---------------)  + I naoshima
-	0x00213bc6, // n0x0f1f c0x0000 (---------------)  + I sanuki
-	0x0032f6c7, // n0x0f20 c0x0000 (---------------)  + I tadotsu
-	0x0021f709, // n0x0f21 c0x0000 (---------------)  + I takamatsu
-	0x003895c7, // n0x0f22 c0x0000 (---------------)  + I tonosho
-	0x00287508, // n0x0f23 c0x0000 (---------------)  + I uchinomi
-	0x00273885, // n0x0f24 c0x0000 (---------------)  + I utazu
-	0x0021c188, // n0x0f25 c0x0000 (---------------)  + I zentsuji
-	0x00309245, // n0x0f26 c0x0000 (---------------)  + I akune
-	0x00240f85, // n0x0f27 c0x0000 (---------------)  + I amami
-	0x002e4bc5, // n0x0f28 c0x0000 (---------------)  + I hioki
-	0x00223543, // n0x0f29 c0x0000 (---------------)  + I isa
-	0x00282c44, // n0x0f2a c0x0000 (---------------)  + I isen
-	0x002802c5, // n0x0f2b c0x0000 (---------------)  + I izumi
-	0x00276189, // n0x0f2c c0x0000 (---------------)  + I kagoshima
-	0x002b2786, // n0x0f2d c0x0000 (---------------)  + I kanoya
-	0x002d2cc8, // n0x0f2e c0x0000 (---------------)  + I kawanabe
-	0x002fe805, // n0x0f2f c0x0000 (---------------)  + I kinko
-	0x0030b707, // n0x0f30 c0x0000 (---------------)  + I kouyama
-	0x0032f9ca, // n0x0f31 c0x0000 (---------------)  + I makurazaki
-	0x002bf509, // n0x0f32 c0x0000 (---------------)  + I matsumoto
-	0x002b15ca, // n0x0f33 c0x0000 (---------------)  + I minamitane
-	0x002cbe48, // n0x0f34 c0x0000 (---------------)  + I nakatane
-	0x0021efcc, // n0x0f35 c0x0000 (---------------)  + I nishinoomote
-	0x0028294d, // n0x0f36 c0x0000 (---------------)  + I satsumasendai
-	0x00315283, // n0x0f37 c0x0000 (---------------)  + I soo
-	0x002ea048, // n0x0f38 c0x0000 (---------------)  + I tarumizu
-	0x00206685, // n0x0f39 c0x0000 (---------------)  + I yusui
-	0x00354d46, // n0x0f3a c0x0000 (---------------)  + I aikawa
-	0x00377dc6, // n0x0f3b c0x0000 (---------------)  + I atsugi
-	0x0024d085, // n0x0f3c c0x0000 (---------------)  + I ayase
-	0x0028cb89, // n0x0f3d c0x0000 (---------------)  + I chigasaki
-	0x00325545, // n0x0f3e c0x0000 (---------------)  + I ebina
-	0x0027a6c8, // n0x0f3f c0x0000 (---------------)  + I fujisawa
-	0x0025ad86, // n0x0f40 c0x0000 (---------------)  + I hadano
-	0x00339046, // n0x0f41 c0x0000 (---------------)  + I hakone
-	0x002a01c9, // n0x0f42 c0x0000 (---------------)  + I hiratsuka
-	0x00385e87, // n0x0f43 c0x0000 (---------------)  + I isehara
-	0x002fdec6, // n0x0f44 c0x0000 (---------------)  + I kaisei
-	0x0032f948, // n0x0f45 c0x0000 (---------------)  + I kamakura
-	0x00206008, // n0x0f46 c0x0000 (---------------)  + I kiyokawa
-	0x002d0bc7, // n0x0f47 c0x0000 (---------------)  + I matsuda
-	0x0022840e, // n0x0f48 c0x0000 (---------------)  + I minamiashigara
-	0x002c0ac5, // n0x0f49 c0x0000 (---------------)  + I miura
-	0x00272185, // n0x0f4a c0x0000 (---------------)  + I nakai
-	0x0020a4c8, // n0x0f4b c0x0000 (---------------)  + I ninomiya
-	0x00384a47, // n0x0f4c c0x0000 (---------------)  + I odawara
-	0x00207e42, // n0x0f4d c0x0000 (---------------)  + I oi
-	0x002b8604, // n0x0f4e c0x0000 (---------------)  + I oiso
-	0x003a68ca, // n0x0f4f c0x0000 (---------------)  + I sagamihara
-	0x002b6d08, // n0x0f50 c0x0000 (---------------)  + I samukawa
-	0x00283806, // n0x0f51 c0x0000 (---------------)  + I tsukui
-	0x002982c8, // n0x0f52 c0x0000 (---------------)  + I yamakita
-	0x0028f086, // n0x0f53 c0x0000 (---------------)  + I yamato
-	0x00327d48, // n0x0f54 c0x0000 (---------------)  + I yokosuka
-	0x002abfc8, // n0x0f55 c0x0000 (---------------)  + I yugawara
-	0x00240f44, // n0x0f56 c0x0000 (---------------)  + I zama
-	0x0032a845, // n0x0f57 c0x0000 (---------------)  + I zushi
-	0x00686744, // n0x0f58 c0x0001 (---------------)  ! I city
-	0x00686744, // n0x0f59 c0x0001 (---------------)  ! I city
-	0x00686744, // n0x0f5a c0x0001 (---------------)  ! I city
-	0x00201dc3, // n0x0f5b c0x0000 (---------------)  + I aki
-	0x00239606, // n0x0f5c c0x0000 (---------------)  + I geisei
-	0x0027ab86, // n0x0f5d c0x0000 (---------------)  + I hidaka
-	0x0029cc4c, // n0x0f5e c0x0000 (---------------)  + I higashitsuno
-	0x00207303, // n0x0f5f c0x0000 (---------------)  + I ino
-	0x00281286, // n0x0f60 c0x0000 (---------------)  + I kagami
-	0x00216544, // n0x0f61 c0x0000 (---------------)  + I kami
-	0x002c1c08, // n0x0f62 c0x0000 (---------------)  + I kitagawa
-	0x002cb145, // n0x0f63 c0x0000 (---------------)  + I kochi
-	0x003a69c6, // n0x0f64 c0x0000 (---------------)  + I mihara
-	0x002b3848, // n0x0f65 c0x0000 (---------------)  + I motoyama
-	0x002ce6c6, // n0x0f66 c0x0000 (---------------)  + I muroto
-	0x00205b06, // n0x0f67 c0x0000 (---------------)  + I nahari
-	0x00365cc8, // n0x0f68 c0x0000 (---------------)  + I nakamura
-	0x002a0cc7, // n0x0f69 c0x0000 (---------------)  + I nankoku
-	0x00227f89, // n0x0f6a c0x0000 (---------------)  + I nishitosa
-	0x0036be4a, // n0x0f6b c0x0000 (---------------)  + I niyodogawa
-	0x00248784, // n0x0f6c c0x0000 (---------------)  + I ochi
-	0x002060c5, // n0x0f6d c0x0000 (---------------)  + I okawa
-	0x0025bb45, // n0x0f6e c0x0000 (---------------)  + I otoyo
-	0x0021f306, // n0x0f6f c0x0000 (---------------)  + I otsuki
-	0x00248a46, // n0x0f70 c0x0000 (---------------)  + I sakawa
-	0x002a66c6, // n0x0f71 c0x0000 (---------------)  + I sukumo
-	0x002e9346, // n0x0f72 c0x0000 (---------------)  + I susaki
-	0x002280c4, // n0x0f73 c0x0000 (---------------)  + I tosa
-	0x002280cb, // n0x0f74 c0x0000 (---------------)  + I tosashimizu
-	0x00247dc4, // n0x0f75 c0x0000 (---------------)  + I toyo
-	0x0020d485, // n0x0f76 c0x0000 (---------------)  + I tsuno
-	0x002ab485, // n0x0f77 c0x0000 (---------------)  + I umaji
-	0x00280646, // n0x0f78 c0x0000 (---------------)  + I yasuda
-	0x00202348, // n0x0f79 c0x0000 (---------------)  + I yusuhara
-	0x00282807, // n0x0f7a c0x0000 (---------------)  + I amakusa
-	0x0030be84, // n0x0f7b c0x0000 (---------------)  + I arao
-	0x00264783, // n0x0f7c c0x0000 (---------------)  + I aso
-	0x00371005, // n0x0f7d c0x0000 (---------------)  + I choyo
-	0x0024ad87, // n0x0f7e c0x0000 (---------------)  + I gyokuto
-	0x002a41c9, // n0x0f7f c0x0000 (---------------)  + I hitoyoshi
-	0x0028270b, // n0x0f80 c0x0000 (---------------)  + I kamiamakusa
-	0x002a8a87, // n0x0f81 c0x0000 (---------------)  + I kashima
-	0x0022c9c7, // n0x0f82 c0x0000 (---------------)  + I kikuchi
-	0x002d8744, // n0x0f83 c0x0000 (---------------)  + I kosa
-	0x002b3748, // n0x0f84 c0x0000 (---------------)  + I kumamoto
-	0x002aa987, // n0x0f85 c0x0000 (---------------)  + I mashiki
-	0x002a4406, // n0x0f86 c0x0000 (---------------)  + I mifune
-	0x0024e648, // n0x0f87 c0x0000 (---------------)  + I minamata
-	0x002a68cb, // n0x0f88 c0x0000 (---------------)  + I minamioguni
-	0x003608c6, // n0x0f89 c0x0000 (---------------)  + I nagasu
-	0x00212149, // n0x0f8a c0x0000 (---------------)  + I nishihara
-	0x002a6a45, // n0x0f8b c0x0000 (---------------)  + I oguni
-	0x00300a43, // n0x0f8c c0x0000 (---------------)  + I ozu
-	0x002bf5c6, // n0x0f8d c0x0000 (---------------)  + I sumoto
-	0x0022a948, // n0x0f8e c0x0000 (---------------)  + I takamori
-	0x00212703, // n0x0f8f c0x0000 (---------------)  + I uki
-	0x0024ae83, // n0x0f90 c0x0000 (---------------)  + I uto
-	0x00223bc6, // n0x0f91 c0x0000 (---------------)  + I yamaga
-	0x0028f086, // n0x0f92 c0x0000 (---------------)  + I yamato
-	0x00382d0a, // n0x0f93 c0x0000 (---------------)  + I yatsushiro
-	0x0027c5c5, // n0x0f94 c0x0000 (---------------)  + I ayabe
-	0x0027cc8b, // n0x0f95 c0x0000 (---------------)  + I fukuchiyama
-	0x0029d84b, // n0x0f96 c0x0000 (---------------)  + I higashiyama
-	0x00229943, // n0x0f97 c0x0000 (---------------)  + I ide
-	0x0021cc03, // n0x0f98 c0x0000 (---------------)  + I ine
-	0x002adb84, // n0x0f99 c0x0000 (---------------)  + I joyo
-	0x0022ad47, // n0x0f9a c0x0000 (---------------)  + I kameoka
-	0x0022a9c4, // n0x0f9b c0x0000 (---------------)  + I kamo
-	0x00201e04, // n0x0f9c c0x0000 (---------------)  + I kita
-	0x00342404, // n0x0f9d c0x0000 (---------------)  + I kizu
-	0x002f62c8, // n0x0f9e c0x0000 (---------------)  + I kumiyama
-	0x002ce048, // n0x0f9f c0x0000 (---------------)  + I kyotamba
-	0x0031f2c9, // n0x0fa0 c0x0000 (---------------)  + I kyotanabe
-	0x00341c88, // n0x0fa1 c0x0000 (---------------)  + I kyotango
-	0x002d1847, // n0x0fa2 c0x0000 (---------------)  + I maizuru
-	0x00228406, // n0x0fa3 c0x0000 (---------------)  + I minami
-	0x002d290f, // n0x0fa4 c0x0000 (---------------)  + I minamiyamashiro
-	0x002c0c06, // n0x0fa5 c0x0000 (---------------)  + I miyazu
-	0x002cb0c4, // n0x0fa6 c0x0000 (---------------)  + I muko
-	0x002cde8a, // n0x0fa7 c0x0000 (---------------)  + I nagaokakyo
-	0x0024ac87, // n0x0fa8 c0x0000 (---------------)  + I nakagyo
-	0x00206c06, // n0x0fa9 c0x0000 (---------------)  + I nantan
-	0x0028ea09, // n0x0faa c0x0000 (---------------)  + I oyamazaki
-	0x0031f245, // n0x0fab c0x0000 (---------------)  + I sakyo
-	0x0022cc05, // n0x0fac c0x0000 (---------------)  + I seika
-	0x0031f386, // n0x0fad c0x0000 (---------------)  + I tanabe
-	0x0021c2c3, // n0x0fae c0x0000 (---------------)  + I uji
-	0x00371549, // n0x0faf c0x0000 (---------------)  + I ujitawara
-	0x0021a646, // n0x0fb0 c0x0000 (---------------)  + I wazuka
-	0x0022af89, // n0x0fb1 c0x0000 (---------------)  + I yamashina
-	0x0038f146, // n0x0fb2 c0x0000 (---------------)  + I yawata
-	0x002bf185, // n0x0fb3 c0x0000 (---------------)  + I asahi
-	0x002236c5, // n0x0fb4 c0x0000 (---------------)  + I inabe
-	0x00204683, // n0x0fb5 c0x0000 (---------------)  + I ise
-	0x0022ae88, // n0x0fb6 c0x0000 (---------------)  + I kameyama
-	0x0039f7c7, // n0x0fb7 c0x0000 (---------------)  + I kawagoe
-	0x002f5c84, // n0x0fb8 c0x0000 (---------------)  + I kiho
-	0x0021f408, // n0x0fb9 c0x0000 (---------------)  + I kisosaki
-	0x002da084, // n0x0fba c0x0000 (---------------)  + I kiwa
-	0x002b9886, // n0x0fbb c0x0000 (---------------)  + I komono
-	0x00383786, // n0x0fbc c0x0000 (---------------)  + I kumano
-	0x00243e46, // n0x0fbd c0x0000 (---------------)  + I kuwana
-	0x002c6249, // n0x0fbe c0x0000 (---------------)  + I matsusaka
-	0x002be885, // n0x0fbf c0x0000 (---------------)  + I meiwa
-	0x002da306, // n0x0fc0 c0x0000 (---------------)  + I mihama
-	0x0025b189, // n0x0fc1 c0x0000 (---------------)  + I minamiise
-	0x002bfd46, // n0x0fc2 c0x0000 (---------------)  + I misugi
-	0x002d2a06, // n0x0fc3 c0x0000 (---------------)  + I miyama
-	0x0037fcc6, // n0x0fc4 c0x0000 (---------------)  + I nabari
-	0x0020ef45, // n0x0fc5 c0x0000 (---------------)  + I shima
-	0x002eeb46, // n0x0fc6 c0x0000 (---------------)  + I suzuka
-	0x0032f6c4, // n0x0fc7 c0x0000 (---------------)  + I tado
-	0x00289e05, // n0x0fc8 c0x0000 (---------------)  + I taiki
-	0x002b8f84, // n0x0fc9 c0x0000 (---------------)  + I taki
-	0x003037c6, // n0x0fca c0x0000 (---------------)  + I tamaki
-	0x00395ec4, // n0x0fcb c0x0000 (---------------)  + I toba
-	0x00208c83, // n0x0fcc c0x0000 (---------------)  + I tsu
-	0x00286185, // n0x0fcd c0x0000 (---------------)  + I udono
-	0x0023b908, // n0x0fce c0x0000 (---------------)  + I ureshino
-	0x00351b87, // n0x0fcf c0x0000 (---------------)  + I watarai
-	0x002b1f89, // n0x0fd0 c0x0000 (---------------)  + I yokkaichi
-	0x002863c8, // n0x0fd1 c0x0000 (---------------)  + I furukawa
-	0x00297811, // n0x0fd2 c0x0000 (---------------)  + I higashimatsushima
-	0x0022c7ca, // n0x0fd3 c0x0000 (---------------)  + I ishinomaki
-	0x0022f147, // n0x0fd4 c0x0000 (---------------)  + I iwanuma
-	0x0039fd06, // n0x0fd5 c0x0000 (---------------)  + I kakuda
-	0x00216544, // n0x0fd6 c0x0000 (---------------)  + I kami
-	0x002b9088, // n0x0fd7 c0x0000 (---------------)  + I kawasaki
-	0x002935c9, // n0x0fd8 c0x0000 (---------------)  + I kesennuma
-	0x002a8bc8, // n0x0fd9 c0x0000 (---------------)  + I marumori
-	0x002979ca, // n0x0fda c0x0000 (---------------)  + I matsushima
-	0x002a740d, // n0x0fdb c0x0000 (---------------)  + I minamisanriku
-	0x0022f486, // n0x0fdc c0x0000 (---------------)  + I misato
-	0x00365dc6, // n0x0fdd c0x0000 (---------------)  + I murata
-	0x002db306, // n0x0fde c0x0000 (---------------)  + I natori
-	0x0037e6c7, // n0x0fdf c0x0000 (---------------)  + I ogawara
-	0x0029ef85, // n0x0fe0 c0x0000 (---------------)  + I ohira
-	0x003508c7, // n0x0fe1 c0x0000 (---------------)  + I onagawa
-	0x0021f4c5, // n0x0fe2 c0x0000 (---------------)  + I osaki
-	0x002a5784, // n0x0fe3 c0x0000 (---------------)  + I rifu
-	0x002a9286, // n0x0fe4 c0x0000 (---------------)  + I semine
-	0x00321bc7, // n0x0fe5 c0x0000 (---------------)  + I shibata
-	0x0037124d, // n0x0fe6 c0x0000 (---------------)  + I shichikashuku
-	0x0028d7c7, // n0x0fe7 c0x0000 (---------------)  + I shikama
-	0x0026ebc8, // n0x0fe8 c0x0000 (---------------)  + I shiogama
-	0x0027a9c9, // n0x0fe9 c0x0000 (---------------)  + I shiroishi
-	0x00224606, // n0x0fea c0x0000 (---------------)  + I tagajo
-	0x0023b045, // n0x0feb c0x0000 (---------------)  + I taiwa
-	0x00216044, // n0x0fec c0x0000 (---------------)  + I tome
-	0x00266086, // n0x0fed c0x0000 (---------------)  + I tomiya
-	0x00350a06, // n0x0fee c0x0000 (---------------)  + I wakuya
-	0x002b6e86, // n0x0fef c0x0000 (---------------)  + I watari
-	0x0029ae08, // n0x0ff0 c0x0000 (---------------)  + I yamamoto
-	0x00212d43, // n0x0ff1 c0x0000 (---------------)  + I zao
-	0x002088c3, // n0x0ff2 c0x0000 (---------------)  + I aya
-	0x00328105, // n0x0ff3 c0x0000 (---------------)  + I ebino
-	0x00337286, // n0x0ff4 c0x0000 (---------------)  + I gokase
-	0x002abf85, // n0x0ff5 c0x0000 (---------------)  + I hyuga
-	0x00245948, // n0x0ff6 c0x0000 (---------------)  + I kadogawa
-	0x0029c60a, // n0x0ff7 c0x0000 (---------------)  + I kawaminami
-	0x002ddbc4, // n0x0ff8 c0x0000 (---------------)  + I kijo
-	0x002c1c08, // n0x0ff9 c0x0000 (---------------)  + I kitagawa
-	0x00295fc8, // n0x0ffa c0x0000 (---------------)  + I kitakata
-	0x00280487, // n0x0ffb c0x0000 (---------------)  + I kitaura
-	0x002fe8c9, // n0x0ffc c0x0000 (---------------)  + I kobayashi
-	0x002b3448, // n0x0ffd c0x0000 (---------------)  + I kunitomi
-	0x0029a047, // n0x0ffe c0x0000 (---------------)  + I kushima
-	0x00294c06, // n0x0fff c0x0000 (---------------)  + I mimata
-	0x0020a5ca, // n0x1000 c0x0000 (---------------)  + I miyakonojo
-	0x00266108, // n0x1001 c0x0000 (---------------)  + I miyazaki
-	0x002bd509, // n0x1002 c0x0000 (---------------)  + I morotsuka
-	0x002869c8, // n0x1003 c0x0000 (---------------)  + I nichinan
-	0x0021c809, // n0x1004 c0x0000 (---------------)  + I nishimera
-	0x002bd987, // n0x1005 c0x0000 (---------------)  + I nobeoka
-	0x00341b45, // n0x1006 c0x0000 (---------------)  + I saito
-	0x002a1746, // n0x1007 c0x0000 (---------------)  + I shiiba
-	0x0029b188, // n0x1008 c0x0000 (---------------)  + I shintomi
-	0x00252e08, // n0x1009 c0x0000 (---------------)  + I takaharu
-	0x0022b388, // n0x100a c0x0000 (---------------)  + I takanabe
-	0x00216a48, // n0x100b c0x0000 (---------------)  + I takazaki
-	0x0020d485, // n0x100c c0x0000 (---------------)  + I tsuno
-	0x00201544, // n0x100d c0x0000 (---------------)  + I achi
-	0x0039f4c8, // n0x100e c0x0000 (---------------)  + I agematsu
-	0x00206d04, // n0x100f c0x0000 (---------------)  + I anan
-	0x00395b04, // n0x1010 c0x0000 (---------------)  + I aoki
-	0x002bf185, // n0x1011 c0x0000 (---------------)  + I asahi
-	0x0028ffc7, // n0x1012 c0x0000 (---------------)  + I azumino
-	0x00201a09, // n0x1013 c0x0000 (---------------)  + I chikuhoku
-	0x002086c7, // n0x1014 c0x0000 (---------------)  + I chikuma
-	0x0020db85, // n0x1015 c0x0000 (---------------)  + I chino
-	0x00278286, // n0x1016 c0x0000 (---------------)  + I fujimi
-	0x0033bb06, // n0x1017 c0x0000 (---------------)  + I hakuba
-	0x00202444, // n0x1018 c0x0000 (---------------)  + I hara
-	0x002a0506, // n0x1019 c0x0000 (---------------)  + I hiraya
-	0x00214a84, // n0x101a c0x0000 (---------------)  + I iida
-	0x0025cc86, // n0x101b c0x0000 (---------------)  + I iijima
-	0x0039e786, // n0x101c c0x0000 (---------------)  + I iiyama
-	0x00212546, // n0x101d c0x0000 (---------------)  + I iizuna
-	0x00202585, // n0x101e c0x0000 (---------------)  + I ikeda
-	0x00245807, // n0x101f c0x0000 (---------------)  + I ikusaka
-	0x002013c3, // n0x1020 c0x0000 (---------------)  + I ina
-	0x00249f89, // n0x1021 c0x0000 (---------------)  + I karuizawa
-	0x002fdbc8, // n0x1022 c0x0000 (---------------)  + I kawakami
-	0x0021f404, // n0x1023 c0x0000 (---------------)  + I kiso
-	0x0032fbcd, // n0x1024 c0x0000 (---------------)  + I kisofukushima
-	0x00295e48, // n0x1025 c0x0000 (---------------)  + I kitaaiki
-	0x0028e748, // n0x1026 c0x0000 (---------------)  + I komagane
-	0x002bd486, // n0x1027 c0x0000 (---------------)  + I komoro
-	0x0021f809, // n0x1028 c0x0000 (---------------)  + I matsukawa
-	0x002bf509, // n0x1029 c0x0000 (---------------)  + I matsumoto
-	0x002b6685, // n0x102a c0x0000 (---------------)  + I miasa
-	0x0029c70a, // n0x102b c0x0000 (---------------)  + I minamiaiki
-	0x0027f80a, // n0x102c c0x0000 (---------------)  + I minamimaki
-	0x0028850c, // n0x102d c0x0000 (---------------)  + I minamiminowa
-	0x00288686, // n0x102e c0x0000 (---------------)  + I minowa
-	0x00278b46, // n0x102f c0x0000 (---------------)  + I miyada
-	0x002c0d86, // n0x1030 c0x0000 (---------------)  + I miyota
-	0x00257009, // n0x1031 c0x0000 (---------------)  + I mochizuki
-	0x00354f86, // n0x1032 c0x0000 (---------------)  + I nagano
-	0x00291bc6, // n0x1033 c0x0000 (---------------)  + I nagawa
-	0x00325606, // n0x1034 c0x0000 (---------------)  + I nagiso
-	0x002ac8c8, // n0x1035 c0x0000 (---------------)  + I nakagawa
-	0x002546c6, // n0x1036 c0x0000 (---------------)  + I nakano
-	0x002c658b, // n0x1037 c0x0000 (---------------)  + I nozawaonsen
-	0x00290145, // n0x1038 c0x0000 (---------------)  + I obuse
-	0x00245a05, // n0x1039 c0x0000 (---------------)  + I ogawa
-	0x00278dc5, // n0x103a c0x0000 (---------------)  + I okaya
-	0x002014c6, // n0x103b c0x0000 (---------------)  + I omachi
-	0x0020a583, // n0x103c c0x0000 (---------------)  + I omi
-	0x00243dc6, // n0x103d c0x0000 (---------------)  + I ookuwa
-	0x0028d747, // n0x103e c0x0000 (---------------)  + I ooshika
-	0x002b8f45, // n0x103f c0x0000 (---------------)  + I otaki
-	0x0025bc45, // n0x1040 c0x0000 (---------------)  + I otari
-	0x002dd385, // n0x1041 c0x0000 (---------------)  + I sakae
-	0x00318606, // n0x1042 c0x0000 (---------------)  + I sakaki
-	0x002b6744, // n0x1043 c0x0000 (---------------)  + I saku
-	0x00369d86, // n0x1044 c0x0000 (---------------)  + I sakuho
-	0x0027b309, // n0x1045 c0x0000 (---------------)  + I shimosuwa
-	0x0020134c, // n0x1046 c0x0000 (---------------)  + I shinanomachi
-	0x002a54c8, // n0x1047 c0x0000 (---------------)  + I shiojiri
-	0x0027b444, // n0x1048 c0x0000 (---------------)  + I suwa
-	0x002ee7c6, // n0x1049 c0x0000 (---------------)  + I suzaka
-	0x002a0b46, // n0x104a c0x0000 (---------------)  + I takagi
-	0x0022a948, // n0x104b c0x0000 (---------------)  + I takamori
-	0x002c0148, // n0x104c c0x0000 (---------------)  + I takayama
-	0x00201249, // n0x104d c0x0000 (---------------)  + I tateshina
-	0x0020d407, // n0x104e c0x0000 (---------------)  + I tatsuno
-	0x002ae7c9, // n0x104f c0x0000 (---------------)  + I togakushi
-	0x0026fa46, // n0x1050 c0x0000 (---------------)  + I togura
-	0x0022f404, // n0x1051 c0x0000 (---------------)  + I tomi
-	0x0020e184, // n0x1052 c0x0000 (---------------)  + I ueda
-	0x0024a344, // n0x1053 c0x0000 (---------------)  + I wada
-	0x002808c8, // n0x1054 c0x0000 (---------------)  + I yamagata
-	0x0020184a, // n0x1055 c0x0000 (---------------)  + I yamanouchi
-	0x0034c986, // n0x1056 c0x0000 (---------------)  + I yasaka
-	0x00353407, // n0x1057 c0x0000 (---------------)  + I yasuoka
-	0x00311d87, // n0x1058 c0x0000 (---------------)  + I chijiwa
-	0x0036b785, // n0x1059 c0x0000 (---------------)  + I futsu
-	0x0028de84, // n0x105a c0x0000 (---------------)  + I goto
-	0x0028bb06, // n0x105b c0x0000 (---------------)  + I hasami
-	0x00339dc6, // n0x105c c0x0000 (---------------)  + I hirado
-	0x0023be03, // n0x105d c0x0000 (---------------)  + I iki
-	0x002fda07, // n0x105e c0x0000 (---------------)  + I isahaya
-	0x00330e48, // n0x105f c0x0000 (---------------)  + I kawatana
-	0x002b67ca, // n0x1060 c0x0000 (---------------)  + I kuchinotsu
-	0x002c9f88, // n0x1061 c0x0000 (---------------)  + I matsuura
-	0x002dda48, // n0x1062 c0x0000 (---------------)  + I nagasaki
-	0x00395f05, // n0x1063 c0x0000 (---------------)  + I obama
-	0x0037ed85, // n0x1064 c0x0000 (---------------)  + I omura
-	0x002ae705, // n0x1065 c0x0000 (---------------)  + I oseto
-	0x0036bb46, // n0x1066 c0x0000 (---------------)  + I saikai
-	0x003a3f06, // n0x1067 c0x0000 (---------------)  + I sasebo
-	0x00218945, // n0x1068 c0x0000 (---------------)  + I seihi
-	0x002ec949, // n0x1069 c0x0000 (---------------)  + I shimabara
-	0x0028dc8c, // n0x106a c0x0000 (---------------)  + I shinkamigoto
-	0x00240187, // n0x106b c0x0000 (---------------)  + I togitsu
-	0x00297a48, // n0x106c c0x0000 (---------------)  + I tsushima
-	0x0028c145, // n0x106d c0x0000 (---------------)  + I unzen
-	0x00686744, // n0x106e c0x0001 (---------------)  ! I city
-	0x00259644, // n0x106f c0x0000 (---------------)  + I ando
-	0x002b13c4, // n0x1070 c0x0000 (---------------)  + I gose
-	0x0020dcc6, // n0x1071 c0x0000 (---------------)  + I heguri
-	0x0029e3ce, // n0x1072 c0x0000 (---------------)  + I higashiyoshino
-	0x0022cc87, // n0x1073 c0x0000 (---------------)  + I ikaruga
-	0x00296ec5, // n0x1074 c0x0000 (---------------)  + I ikoma
-	0x0028ee8c, // n0x1075 c0x0000 (---------------)  + I kamikitayama
-	0x002d9f47, // n0x1076 c0x0000 (---------------)  + I kanmaki
-	0x00321b47, // n0x1077 c0x0000 (---------------)  + I kashiba
-	0x00398f89, // n0x1078 c0x0000 (---------------)  + I kashihara
-	0x00219349, // n0x1079 c0x0000 (---------------)  + I katsuragi
-	0x002864c5, // n0x107a c0x0000 (---------------)  + I kawai
-	0x002fdbc8, // n0x107b c0x0000 (---------------)  + I kawakami
-	0x002bdc49, // n0x107c c0x0000 (---------------)  + I kawanishi
-	0x002d6e45, // n0x107d c0x0000 (---------------)  + I koryo
-	0x002b8e88, // n0x107e c0x0000 (---------------)  + I kurotaki
-	0x002c6b46, // n0x107f c0x0000 (---------------)  + I mitsue
-	0x002d2306, // n0x1080 c0x0000 (---------------)  + I miyake
-	0x002c8a04, // n0x1081 c0x0000 (---------------)  + I nara
-	0x003281c8, // n0x1082 c0x0000 (---------------)  + I nosegawa
-	0x002247c3, // n0x1083 c0x0000 (---------------)  + I oji
-	0x00209204, // n0x1084 c0x0000 (---------------)  + I ouda
-	0x00371085, // n0x1085 c0x0000 (---------------)  + I oyodo
-	0x00307fc7, // n0x1086 c0x0000 (---------------)  + I sakurai
-	0x00202c85, // n0x1087 c0x0000 (---------------)  + I sango
-	0x00281f89, // n0x1088 c0x0000 (---------------)  + I shimoichi
-	0x0026784d, // n0x1089 c0x0000 (---------------)  + I shimokitayama
-	0x0033bd46, // n0x108a c0x0000 (---------------)  + I shinjo
-	0x002647c4, // n0x108b c0x0000 (---------------)  + I soni
-	0x00294d08, // n0x108c c0x0000 (---------------)  + I takatori
-	0x002784ca, // n0x108d c0x0000 (---------------)  + I tawaramoto
-	0x002177c7, // n0x108e c0x0000 (---------------)  + I tenkawa
-	0x003460c5, // n0x108f c0x0000 (---------------)  + I tenri
-	0x00209243, // n0x1090 c0x0000 (---------------)  + I uda
-	0x0029da0e, // n0x1091 c0x0000 (---------------)  + I yamatokoriyama
-	0x0028f08c, // n0x1092 c0x0000 (---------------)  + I yamatotakada
-	0x002fa407, // n0x1093 c0x0000 (---------------)  + I yamazoe
-	0x0029e587, // n0x1094 c0x0000 (---------------)  + I yoshino
-	0x00201003, // n0x1095 c0x0000 (---------------)  + I aga
-	0x00354fc5, // n0x1096 c0x0000 (---------------)  + I agano
-	0x002b13c5, // n0x1097 c0x0000 (---------------)  + I gosen
-	0x00298688, // n0x1098 c0x0000 (---------------)  + I itoigawa
-	0x00294149, // n0x1099 c0x0000 (---------------)  + I izumozaki
-	0x00292e46, // n0x109a c0x0000 (---------------)  + I joetsu
-	0x0022a9c4, // n0x109b c0x0000 (---------------)  + I kamo
-	0x0022f086, // n0x109c c0x0000 (---------------)  + I kariwa
-	0x00205dcb, // n0x109d c0x0000 (---------------)  + I kashiwazaki
-	0x002c598c, // n0x109e c0x0000 (---------------)  + I minamiuonuma
-	0x002ebdc7, // n0x109f c0x0000 (---------------)  + I mitsuke
-	0x002cae05, // n0x10a0 c0x0000 (---------------)  + I muika
-	0x00383248, // n0x10a1 c0x0000 (---------------)  + I murakami
-	0x002d0985, // n0x10a2 c0x0000 (---------------)  + I myoko
-	0x002cde87, // n0x10a3 c0x0000 (---------------)  + I nagaoka
-	0x0023ff87, // n0x10a4 c0x0000 (---------------)  + I niigata
-	0x0024f385, // n0x10a5 c0x0000 (---------------)  + I ojiya
-	0x0020a583, // n0x10a6 c0x0000 (---------------)  + I omi
-	0x00360584, // n0x10a7 c0x0000 (---------------)  + I sado
-	0x00203f85, // n0x10a8 c0x0000 (---------------)  + I sanjo
-	0x002e6c05, // n0x10a9 c0x0000 (---------------)  + I seiro
-	0x002e6c06, // n0x10aa c0x0000 (---------------)  + I seirou
-	0x0026c588, // n0x10ab c0x0000 (---------------)  + I sekikawa
-	0x00321bc7, // n0x10ac c0x0000 (---------------)  + I shibata
-	0x003780c6, // n0x10ad c0x0000 (---------------)  + I tagami
-	0x00354c46, // n0x10ae c0x0000 (---------------)  + I tainai
-	0x002e4b06, // n0x10af c0x0000 (---------------)  + I tochio
-	0x00297189, // n0x10b0 c0x0000 (---------------)  + I tokamachi
-	0x00208c87, // n0x10b1 c0x0000 (---------------)  + I tsubame
-	0x00292cc6, // n0x10b2 c0x0000 (---------------)  + I tsunan
-	0x002c5b06, // n0x10b3 c0x0000 (---------------)  + I uonuma
-	0x0024f446, // n0x10b4 c0x0000 (---------------)  + I yahiko
-	0x002a8945, // n0x10b5 c0x0000 (---------------)  + I yoita
-	0x00217246, // n0x10b6 c0x0000 (---------------)  + I yuzawa
-	0x0038de05, // n0x10b7 c0x0000 (---------------)  + I beppu
-	0x002d1f48, // n0x10b8 c0x0000 (---------------)  + I bungoono
-	0x00292a0b, // n0x10b9 c0x0000 (---------------)  + I bungotakada
-	0x0028b906, // n0x10ba c0x0000 (---------------)  + I hasama
-	0x00311dc4, // n0x10bb c0x0000 (---------------)  + I hiji
-	0x002fe3c9, // n0x10bc c0x0000 (---------------)  + I himeshima
-	0x002a27c4, // n0x10bd c0x0000 (---------------)  + I hita
-	0x002c6ac8, // n0x10be c0x0000 (---------------)  + I kamitsue
-	0x0028adc7, // n0x10bf c0x0000 (---------------)  + I kokonoe
-	0x00283fc4, // n0x10c0 c0x0000 (---------------)  + I kuju
-	0x002b2a08, // n0x10c1 c0x0000 (---------------)  + I kunisaki
-	0x002ba1c4, // n0x10c2 c0x0000 (---------------)  + I kusu
-	0x002a8984, // n0x10c3 c0x0000 (---------------)  + I oita
-	0x00286f45, // n0x10c4 c0x0000 (---------------)  + I saiki
-	0x00305a86, // n0x10c5 c0x0000 (---------------)  + I taketa
-	0x002f6207, // n0x10c6 c0x0000 (---------------)  + I tsukumi
-	0x0022b983, // n0x10c7 c0x0000 (---------------)  + I usa
-	0x0029d4c5, // n0x10c8 c0x0000 (---------------)  + I usuki
-	0x002bc144, // n0x10c9 c0x0000 (---------------)  + I yufu
-	0x002721c6, // n0x10ca c0x0000 (---------------)  + I akaiwa
-	0x002b6708, // n0x10cb c0x0000 (---------------)  + I asakuchi
-	0x00330b85, // n0x10cc c0x0000 (---------------)  + I bizen
-	0x0028fa49, // n0x10cd c0x0000 (---------------)  + I hayashima
-	0x0020c145, // n0x10ce c0x0000 (---------------)  + I ibara
-	0x002bbb48, // n0x10cf c0x0000 (---------------)  + I kagamino
-	0x00320d87, // n0x10d0 c0x0000 (---------------)  + I kasaoka
-	0x003809c8, // n0x10d1 c0x0000 (---------------)  + I kibichuo
-	0x002b1dc7, // n0x10d2 c0x0000 (---------------)  + I kumenan
-	0x0037e0c9, // n0x10d3 c0x0000 (---------------)  + I kurashiki
-	0x0031d046, // n0x10d4 c0x0000 (---------------)  + I maniwa
-	0x00347a06, // n0x10d5 c0x0000 (---------------)  + I misaki
-	0x00269404, // n0x10d6 c0x0000 (---------------)  + I nagi
-	0x00294b45, // n0x10d7 c0x0000 (---------------)  + I niimi
-	0x002f48cc, // n0x10d8 c0x0000 (---------------)  + I nishiawakura
-	0x00278dc7, // n0x10d9 c0x0000 (---------------)  + I okayama
-	0x002791c7, // n0x10da c0x0000 (---------------)  + I satosho
-	0x00311c48, // n0x10db c0x0000 (---------------)  + I setouchi
-	0x0033bd46, // n0x10dc c0x0000 (---------------)  + I shinjo
-	0x0029eec4, // n0x10dd c0x0000 (---------------)  + I shoo
-	0x00323cc4, // n0x10de c0x0000 (---------------)  + I soja
-	0x00280a49, // n0x10df c0x0000 (---------------)  + I takahashi
-	0x002c0e86, // n0x10e0 c0x0000 (---------------)  + I tamano
-	0x0021ec47, // n0x10e1 c0x0000 (---------------)  + I tsuyama
-	0x00208504, // n0x10e2 c0x0000 (---------------)  + I wake
-	0x002b2886, // n0x10e3 c0x0000 (---------------)  + I yakage
-	0x00320985, // n0x10e4 c0x0000 (---------------)  + I aguni
-	0x002a2ac7, // n0x10e5 c0x0000 (---------------)  + I ginowan
-	0x002c6506, // n0x10e6 c0x0000 (---------------)  + I ginoza
-	0x0025c649, // n0x10e7 c0x0000 (---------------)  + I gushikami
-	0x0027f647, // n0x10e8 c0x0000 (---------------)  + I haebaru
-	0x00268047, // n0x10e9 c0x0000 (---------------)  + I higashi
-	0x002a0046, // n0x10ea c0x0000 (---------------)  + I hirara
-	0x002452c5, // n0x10eb c0x0000 (---------------)  + I iheya
-	0x0027e248, // n0x10ec c0x0000 (---------------)  + I ishigaki
-	0x0021a4c8, // n0x10ed c0x0000 (---------------)  + I ishikawa
-	0x00242b46, // n0x10ee c0x0000 (---------------)  + I itoman
-	0x00330bc5, // n0x10ef c0x0000 (---------------)  + I izena
-	0x00331c86, // n0x10f0 c0x0000 (---------------)  + I kadena
-	0x002154c3, // n0x10f1 c0x0000 (---------------)  + I kin
-	0x00298509, // n0x10f2 c0x0000 (---------------)  + I kitadaito
-	0x002a644e, // n0x10f3 c0x0000 (---------------)  + I kitanakagusuku
-	0x002b1ac8, // n0x10f4 c0x0000 (---------------)  + I kumejima
-	0x002da188, // n0x10f5 c0x0000 (---------------)  + I kunigami
-	0x0024294b, // n0x10f6 c0x0000 (---------------)  + I minamidaito
-	0x0028fc86, // n0x10f7 c0x0000 (---------------)  + I motobu
-	0x002486c4, // n0x10f8 c0x0000 (---------------)  + I nago
-	0x00205b04, // n0x10f9 c0x0000 (---------------)  + I naha
-	0x002a654a, // n0x10fa c0x0000 (---------------)  + I nakagusuku
-	0x00217e07, // n0x10fb c0x0000 (---------------)  + I nakijin
-	0x00292d85, // n0x10fc c0x0000 (---------------)  + I nanjo
-	0x00212149, // n0x10fd c0x0000 (---------------)  + I nishihara
-	0x002b8285, // n0x10fe c0x0000 (---------------)  + I ogimi
-	0x00395b47, // n0x10ff c0x0000 (---------------)  + I okinawa
-	0x00301304, // n0x1100 c0x0000 (---------------)  + I onna
-	0x00383e87, // n0x1101 c0x0000 (---------------)  + I shimoji
-	0x0022f308, // n0x1102 c0x0000 (---------------)  + I taketomi
-	0x002b0046, // n0x1103 c0x0000 (---------------)  + I tarama
-	0x00342249, // n0x1104 c0x0000 (---------------)  + I tokashiki
-	0x002b354a, // n0x1105 c0x0000 (---------------)  + I tomigusuku
-	0x00217d86, // n0x1106 c0x0000 (---------------)  + I tonaki
-	0x00295986, // n0x1107 c0x0000 (---------------)  + I urasoe
-	0x002ab405, // n0x1108 c0x0000 (---------------)  + I uruma
-	0x00373d05, // n0x1109 c0x0000 (---------------)  + I yaese
-	0x00229a47, // n0x110a c0x0000 (---------------)  + I yomitan
-	0x00249888, // n0x110b c0x0000 (---------------)  + I yonabaru
-	0x003208c8, // n0x110c c0x0000 (---------------)  + I yonaguni
-	0x00240f46, // n0x110d c0x0000 (---------------)  + I zamami
-	0x00223745, // n0x110e c0x0000 (---------------)  + I abeno
-	0x002487ce, // n0x110f c0x0000 (---------------)  + I chihayaakasaka
-	0x0030ba84, // n0x1110 c0x0000 (---------------)  + I chuo
-	0x00242ac5, // n0x1111 c0x0000 (---------------)  + I daito
-	0x00277c09, // n0x1112 c0x0000 (---------------)  + I fujiidera
-	0x0026b5c8, // n0x1113 c0x0000 (---------------)  + I habikino
-	0x003a1c46, // n0x1114 c0x0000 (---------------)  + I hannan
-	0x0029aa8c, // n0x1115 c0x0000 (---------------)  + I higashiosaka
-	0x0029c210, // n0x1116 c0x0000 (---------------)  + I higashisumiyoshi
-	0x0029e00f, // n0x1117 c0x0000 (---------------)  + I higashiyodogawa
-	0x0029efc8, // n0x1118 c0x0000 (---------------)  + I hirakata
-	0x002c1ac7, // n0x1119 c0x0000 (---------------)  + I ibaraki
-	0x00202585, // n0x111a c0x0000 (---------------)  + I ikeda
-	0x002802c5, // n0x111b c0x0000 (---------------)  + I izumi
-	0x002f6089, // n0x111c c0x0000 (---------------)  + I izumiotsu
-	0x00294509, // n0x111d c0x0000 (---------------)  + I izumisano
-	0x0021e5c6, // n0x111e c0x0000 (---------------)  + I kadoma
-	0x002fa147, // n0x111f c0x0000 (---------------)  + I kaizuka
-	0x0038ad85, // n0x1120 c0x0000 (---------------)  + I kanan
-	0x002037c9, // n0x1121 c0x0000 (---------------)  + I kashiwara
-	0x0032c486, // n0x1122 c0x0000 (---------------)  + I katano
-	0x00354dcd, // n0x1123 c0x0000 (---------------)  + I kawachinagano
-	0x00287009, // n0x1124 c0x0000 (---------------)  + I kishiwada
-	0x00201e04, // n0x1125 c0x0000 (---------------)  + I kita
-	0x002b1848, // n0x1126 c0x0000 (---------------)  + I kumatori
-	0x0039f589, // n0x1127 c0x0000 (---------------)  + I matsubara
-	0x0034cb46, // n0x1128 c0x0000 (---------------)  + I minato
-	0x00278385, // n0x1129 c0x0000 (---------------)  + I minoh
-	0x00347a06, // n0x112a c0x0000 (---------------)  + I misaki
-	0x0030bf89, // n0x112b c0x0000 (---------------)  + I moriguchi
-	0x00320008, // n0x112c c0x0000 (---------------)  + I neyagawa
-	0x00211805, // n0x112d c0x0000 (---------------)  + I nishi
-	0x0026c504, // n0x112e c0x0000 (---------------)  + I nose
-	0x0029ac4b, // n0x112f c0x0000 (---------------)  + I osakasayama
-	0x0034ca05, // n0x1130 c0x0000 (---------------)  + I sakai
-	0x0029ad86, // n0x1131 c0x0000 (---------------)  + I sayama
-	0x00282c86, // n0x1132 c0x0000 (---------------)  + I sennan
-	0x0024c046, // n0x1133 c0x0000 (---------------)  + I settsu
-	0x0038428b, // n0x1134 c0x0000 (---------------)  + I shijonawate
-	0x0028fb49, // n0x1135 c0x0000 (---------------)  + I shimamoto
-	0x00218c85, // n0x1136 c0x0000 (---------------)  + I suita
-	0x00380787, // n0x1137 c0x0000 (---------------)  + I tadaoka
-	0x0022c746, // n0x1138 c0x0000 (---------------)  + I taishi
-	0x00238746, // n0x1139 c0x0000 (---------------)  + I tajiri
-	0x00281e48, // n0x113a c0x0000 (---------------)  + I takaishi
-	0x00305b89, // n0x113b c0x0000 (---------------)  + I takatsuki
-	0x0026e98c, // n0x113c c0x0000 (---------------)  + I tondabayashi
-	0x0024ab88, // n0x113d c0x0000 (---------------)  + I toyonaka
-	0x0037b006, // n0x113e c0x0000 (---------------)  + I toyono
-	0x00341743, // n0x113f c0x0000 (---------------)  + I yao
-	0x00249246, // n0x1140 c0x0000 (---------------)  + I ariake
-	0x0027ff85, // n0x1141 c0x0000 (---------------)  + I arita
-	0x0027cfc8, // n0x1142 c0x0000 (---------------)  + I fukudomi
-	0x00223146, // n0x1143 c0x0000 (---------------)  + I genkai
-	0x002a2d08, // n0x1144 c0x0000 (---------------)  + I hamatama
-	0x0024ba45, // n0x1145 c0x0000 (---------------)  + I hizen
-	0x0027bc05, // n0x1146 c0x0000 (---------------)  + I imari
-	0x00321008, // n0x1147 c0x0000 (---------------)  + I kamimine
-	0x002eec47, // n0x1148 c0x0000 (---------------)  + I kanzaki
-	0x00377d07, // n0x1149 c0x0000 (---------------)  + I karatsu
-	0x002a8a87, // n0x114a c0x0000 (---------------)  + I kashima
-	0x0021f588, // n0x114b c0x0000 (---------------)  + I kitagata
-	0x0028ebc8, // n0x114c c0x0000 (---------------)  + I kitahata
-	0x0024edc6, // n0x114d c0x0000 (---------------)  + I kiyama
-	0x00303607, // n0x114e c0x0000 (---------------)  + I kouhoku
-	0x0036ad87, // n0x114f c0x0000 (---------------)  + I kyuragi
-	0x0027fe4a, // n0x1150 c0x0000 (---------------)  + I nishiarita
-	0x00213483, // n0x1151 c0x0000 (---------------)  + I ogi
-	0x002014c6, // n0x1152 c0x0000 (---------------)  + I omachi
-	0x00201985, // n0x1153 c0x0000 (---------------)  + I ouchi
-	0x00238904, // n0x1154 c0x0000 (---------------)  + I saga
-	0x0027a9c9, // n0x1155 c0x0000 (---------------)  + I shiroishi
-	0x0037e044, // n0x1156 c0x0000 (---------------)  + I taku
-	0x002a1204, // n0x1157 c0x0000 (---------------)  + I tara
-	0x002a09c4, // n0x1158 c0x0000 (---------------)  + I tosu
-	0x0029e58b, // n0x1159 c0x0000 (---------------)  + I yoshinogari
-	0x0039f707, // n0x115a c0x0000 (---------------)  + I arakawa
-	0x00248a05, // n0x115b c0x0000 (---------------)  + I asaka
-	0x00292888, // n0x115c c0x0000 (---------------)  + I chichibu
-	0x00278286, // n0x115d c0x0000 (---------------)  + I fujimi
-	0x00278288, // n0x115e c0x0000 (---------------)  + I fujimino
-	0x0027c506, // n0x115f c0x0000 (---------------)  + I fukaya
-	0x00289385, // n0x1160 c0x0000 (---------------)  + I hanno
-	0x0028a805, // n0x1161 c0x0000 (---------------)  + I hanyu
-	0x0028c486, // n0x1162 c0x0000 (---------------)  + I hasuda
-	0x0028d4c8, // n0x1163 c0x0000 (---------------)  + I hatogaya
-	0x0028e948, // n0x1164 c0x0000 (---------------)  + I hatoyama
-	0x0027ab86, // n0x1165 c0x0000 (---------------)  + I hidaka
-	0x002926cf, // n0x1166 c0x0000 (---------------)  + I higashichichibu
-	0x00297fd0, // n0x1167 c0x0000 (---------------)  + I higashimatsuyama
-	0x0038e545, // n0x1168 c0x0000 (---------------)  + I honjo
-	0x002013c3, // n0x1169 c0x0000 (---------------)  + I ina
-	0x00251c85, // n0x116a c0x0000 (---------------)  + I iruma
-	0x002ff488, // n0x116b c0x0000 (---------------)  + I iwatsuki
-	0x00294409, // n0x116c c0x0000 (---------------)  + I kamiizumi
-	0x002e8008, // n0x116d c0x0000 (---------------)  + I kamikawa
-	0x0034cdc8, // n0x116e c0x0000 (---------------)  + I kamisato
-	0x00207888, // n0x116f c0x0000 (---------------)  + I kasukabe
-	0x0039f7c7, // n0x1170 c0x0000 (---------------)  + I kawagoe
-	0x00277f49, // n0x1171 c0x0000 (---------------)  + I kawaguchi
-	0x002a2f08, // n0x1172 c0x0000 (---------------)  + I kawajima
-	0x002b7444, // n0x1173 c0x0000 (---------------)  + I kazo
-	0x002a0848, // n0x1174 c0x0000 (---------------)  + I kitamoto
-	0x00289b89, // n0x1175 c0x0000 (---------------)  + I koshigaya
-	0x0030a447, // n0x1176 c0x0000 (---------------)  + I kounosu
-	0x002a63c4, // n0x1177 c0x0000 (---------------)  + I kuki
-	0x00208788, // n0x1178 c0x0000 (---------------)  + I kumagaya
-	0x002455ca, // n0x1179 c0x0000 (---------------)  + I matsubushi
-	0x002d8c06, // n0x117a c0x0000 (---------------)  + I minano
-	0x0022f486, // n0x117b c0x0000 (---------------)  + I misato
-	0x0021d389, // n0x117c c0x0000 (---------------)  + I miyashiro
-	0x0029c447, // n0x117d c0x0000 (---------------)  + I miyoshi
-	0x002c6ec8, // n0x117e c0x0000 (---------------)  + I moroyama
-	0x0038e088, // n0x117f c0x0000 (---------------)  + I nagatoro
-	0x00208388, // n0x1180 c0x0000 (---------------)  + I namegawa
-	0x00352f45, // n0x1181 c0x0000 (---------------)  + I niiza
-	0x00374cc5, // n0x1182 c0x0000 (---------------)  + I ogano
-	0x00245a05, // n0x1183 c0x0000 (---------------)  + I ogawa
-	0x002b1385, // n0x1184 c0x0000 (---------------)  + I ogose
-	0x0035ce07, // n0x1185 c0x0000 (---------------)  + I okegawa
-	0x0020a585, // n0x1186 c0x0000 (---------------)  + I omiya
-	0x002b8f45, // n0x1187 c0x0000 (---------------)  + I otaki
-	0x0033f406, // n0x1188 c0x0000 (---------------)  + I ranzan
-	0x002e7f47, // n0x1189 c0x0000 (---------------)  + I ryokami
-	0x002d9247, // n0x118a c0x0000 (---------------)  + I saitama
-	0x002458c6, // n0x118b c0x0000 (---------------)  + I sakado
-	0x002cc385, // n0x118c c0x0000 (---------------)  + I satte
-	0x0029ad86, // n0x118d c0x0000 (---------------)  + I sayama
-	0x002aaa05, // n0x118e c0x0000 (---------------)  + I shiki
-	0x00306048, // n0x118f c0x0000 (---------------)  + I shiraoka
-	0x002e22c4, // n0x1190 c0x0000 (---------------)  + I soka
-	0x002bfdc6, // n0x1191 c0x0000 (---------------)  + I sugito
-	0x00265904, // n0x1192 c0x0000 (---------------)  + I toda
-	0x00222908, // n0x1193 c0x0000 (---------------)  + I tokigawa
-	0x0038584a, // n0x1194 c0x0000 (---------------)  + I tokorozawa
-	0x0027b9cc, // n0x1195 c0x0000 (---------------)  + I tsurugashima
-	0x0020b6c5, // n0x1196 c0x0000 (---------------)  + I urawa
-	0x00203906, // n0x1197 c0x0000 (---------------)  + I warabi
-	0x0026eb46, // n0x1198 c0x0000 (---------------)  + I yashio
-	0x002296c6, // n0x1199 c0x0000 (---------------)  + I yokoze
-	0x002ff684, // n0x119a c0x0000 (---------------)  + I yono
-	0x00320c45, // n0x119b c0x0000 (---------------)  + I yorii
-	0x0027c347, // n0x119c c0x0000 (---------------)  + I yoshida
-	0x0029c4c9, // n0x119d c0x0000 (---------------)  + I yoshikawa
-	0x002a42c7, // n0x119e c0x0000 (---------------)  + I yoshimi
-	0x00686744, // n0x119f c0x0001 (---------------)  ! I city
-	0x00686744, // n0x11a0 c0x0001 (---------------)  ! I city
-	0x0030bd05, // n0x11a1 c0x0000 (---------------)  + I aisho
-	0x00228e04, // n0x11a2 c0x0000 (---------------)  + I gamo
-	0x0029a44a, // n0x11a3 c0x0000 (---------------)  + I higashiomi
-	0x00278106, // n0x11a4 c0x0000 (---------------)  + I hikone
-	0x0034cd44, // n0x11a5 c0x0000 (---------------)  + I koka
-	0x00206b85, // n0x11a6 c0x0000 (---------------)  + I konan
-	0x002fb505, // n0x11a7 c0x0000 (---------------)  + I kosei
-	0x00301bc4, // n0x11a8 c0x0000 (---------------)  + I koto
-	0x002828c7, // n0x11a9 c0x0000 (---------------)  + I kusatsu
-	0x0020c0c7, // n0x11aa c0x0000 (---------------)  + I maibara
-	0x002c60c8, // n0x11ab c0x0000 (---------------)  + I moriyama
-	0x0025e648, // n0x11ac c0x0000 (---------------)  + I nagahama
-	0x00211809, // n0x11ad c0x0000 (---------------)  + I nishiazai
-	0x0025ae88, // n0x11ae c0x0000 (---------------)  + I notogawa
-	0x0029a60b, // n0x11af c0x0000 (---------------)  + I omihachiman
-	0x0021f304, // n0x11b0 c0x0000 (---------------)  + I otsu
-	0x00337145, // n0x11b1 c0x0000 (---------------)  + I ritto
-	0x0027f545, // n0x11b2 c0x0000 (---------------)  + I ryuoh
-	0x002a8a09, // n0x11b3 c0x0000 (---------------)  + I takashima
-	0x00305b89, // n0x11b4 c0x0000 (---------------)  + I takatsuki
-	0x002fe2c8, // n0x11b5 c0x0000 (---------------)  + I torahime
-	0x0025b488, // n0x11b6 c0x0000 (---------------)  + I toyosato
-	0x00280644, // n0x11b7 c0x0000 (---------------)  + I yasu
-	0x002a0b85, // n0x11b8 c0x0000 (---------------)  + I akagi
-	0x00201883, // n0x11b9 c0x0000 (---------------)  + I ama
-	0x0021f2c5, // n0x11ba c0x0000 (---------------)  + I gotsu
-	0x002da386, // n0x11bb c0x0000 (---------------)  + I hamada
-	0x00293f8c, // n0x11bc c0x0000 (---------------)  + I higashiizumo
-	0x0021a546, // n0x11bd c0x0000 (---------------)  + I hikawa
-	0x002d7a86, // n0x11be c0x0000 (---------------)  + I hikimi
-	0x00294145, // n0x11bf c0x0000 (---------------)  + I izumo
-	0x00318688, // n0x11c0 c0x0000 (---------------)  + I kakinoki
-	0x002b1c46, // n0x11c1 c0x0000 (---------------)  + I masuda
-	0x0039fe86, // n0x11c2 c0x0000 (---------------)  + I matsue
-	0x0022f486, // n0x11c3 c0x0000 (---------------)  + I misato
-	0x0022058c, // n0x11c4 c0x0000 (---------------)  + I nishinoshima
-	0x002b7044, // n0x11c5 c0x0000 (---------------)  + I ohda
-	0x002e4c4a, // n0x11c6 c0x0000 (---------------)  + I okinoshima
-	0x003a1e08, // n0x11c7 c0x0000 (---------------)  + I okuizumo
-	0x00293dc7, // n0x11c8 c0x0000 (---------------)  + I shimane
-	0x0024e7c6, // n0x11c9 c0x0000 (---------------)  + I tamayu
-	0x00292f07, // n0x11ca c0x0000 (---------------)  + I tsuwano
-	0x002e0845, // n0x11cb c0x0000 (---------------)  + I unnan
-	0x00325346, // n0x11cc c0x0000 (---------------)  + I yakumo
-	0x0034fa06, // n0x11cd c0x0000 (---------------)  + I yasugi
-	0x00377bc7, // n0x11ce c0x0000 (---------------)  + I yatsuka
-	0x002b3244, // n0x11cf c0x0000 (---------------)  + I arai
-	0x002305c5, // n0x11d0 c0x0000 (---------------)  + I atami
-	0x00277c04, // n0x11d1 c0x0000 (---------------)  + I fuji
-	0x002a5807, // n0x11d2 c0x0000 (---------------)  + I fujieda
-	0x00277e48, // n0x11d3 c0x0000 (---------------)  + I fujikawa
-	0x002789ca, // n0x11d4 c0x0000 (---------------)  + I fujinomiya
-	0x0027ed47, // n0x11d5 c0x0000 (---------------)  + I fukuroi
-	0x00242cc7, // n0x11d6 c0x0000 (---------------)  + I gotemba
-	0x002c1a47, // n0x11d7 c0x0000 (---------------)  + I haibara
-	0x002d0ac9, // n0x11d8 c0x0000 (---------------)  + I hamamatsu
-	0x00293f8a, // n0x11d9 c0x0000 (---------------)  + I higashiizu
-	0x00228083, // n0x11da c0x0000 (---------------)  + I ito
-	0x00351b45, // n0x11db c0x0000 (---------------)  + I iwata
-	0x00212583, // n0x11dc c0x0000 (---------------)  + I izu
-	0x00342449, // n0x11dd c0x0000 (---------------)  + I izunokuni
-	0x002b9588, // n0x11de c0x0000 (---------------)  + I kakegawa
-	0x003061c7, // n0x11df c0x0000 (---------------)  + I kannami
-	0x002e8109, // n0x11e0 c0x0000 (---------------)  + I kawanehon
-	0x0021a5c6, // n0x11e1 c0x0000 (---------------)  + I kawazu
-	0x003a3c08, // n0x11e2 c0x0000 (---------------)  + I kikugawa
-	0x002d8745, // n0x11e3 c0x0000 (---------------)  + I kosai
-	0x0035674a, // n0x11e4 c0x0000 (---------------)  + I makinohara
-	0x002cf149, // n0x11e5 c0x0000 (---------------)  + I matsuzaki
-	0x0026e649, // n0x11e6 c0x0000 (---------------)  + I minamiizu
-	0x002bf3c7, // n0x11e7 c0x0000 (---------------)  + I mishima
-	0x002a8cc9, // n0x11e8 c0x0000 (---------------)  + I morimachi
-	0x00212448, // n0x11e9 c0x0000 (---------------)  + I nishiizu
-	0x002ee946, // n0x11ea c0x0000 (---------------)  + I numazu
-	0x0037e948, // n0x11eb c0x0000 (---------------)  + I omaezaki
-	0x00212e87, // n0x11ec c0x0000 (---------------)  + I shimada
-	0x002281c7, // n0x11ed c0x0000 (---------------)  + I shimizu
-	0x002c5e87, // n0x11ee c0x0000 (---------------)  + I shimoda
-	0x002b2608, // n0x11ef c0x0000 (---------------)  + I shizuoka
-	0x002ee646, // n0x11f0 c0x0000 (---------------)  + I susono
-	0x00245385, // n0x11f1 c0x0000 (---------------)  + I yaizu
-	0x0027c347, // n0x11f2 c0x0000 (---------------)  + I yoshida
-	0x00295488, // n0x11f3 c0x0000 (---------------)  + I ashikaga
-	0x00344d84, // n0x11f4 c0x0000 (---------------)  + I bato
-	0x0034ac04, // n0x11f5 c0x0000 (---------------)  + I haga
-	0x002fddc7, // n0x11f6 c0x0000 (---------------)  + I ichikai
-	0x002ac347, // n0x11f7 c0x0000 (---------------)  + I iwafune
-	0x002bdaca, // n0x11f8 c0x0000 (---------------)  + I kaminokawa
-	0x002ee8c6, // n0x11f9 c0x0000 (---------------)  + I kanuma
-	0x002fa28a, // n0x11fa c0x0000 (---------------)  + I karasuyama
-	0x002b8547, // n0x11fb c0x0000 (---------------)  + I kuroiso
-	0x0030b847, // n0x11fc c0x0000 (---------------)  + I mashiko
-	0x00241044, // n0x11fd c0x0000 (---------------)  + I mibu
-	0x00263904, // n0x11fe c0x0000 (---------------)  + I moka
-	0x00226bc6, // n0x11ff c0x0000 (---------------)  + I motegi
-	0x002ec144, // n0x1200 c0x0000 (---------------)  + I nasu
-	0x002ec14c, // n0x1201 c0x0000 (---------------)  + I nasushiobara
-	0x00203185, // n0x1202 c0x0000 (---------------)  + I nikko
-	0x00216889, // n0x1203 c0x0000 (---------------)  + I nishikata
-	0x00279884, // n0x1204 c0x0000 (---------------)  + I nogi
-	0x0029ef85, // n0x1205 c0x0000 (---------------)  + I ohira
-	0x00278448, // n0x1206 c0x0000 (---------------)  + I ohtawara
-	0x00250045, // n0x1207 c0x0000 (---------------)  + I oyama
-	0x00307fc6, // n0x1208 c0x0000 (---------------)  + I sakura
-	0x0020f744, // n0x1209 c0x0000 (---------------)  + I sano
-	0x0027e58a, // n0x120a c0x0000 (---------------)  + I shimotsuke
-	0x002a7c86, // n0x120b c0x0000 (---------------)  + I shioya
-	0x002579ca, // n0x120c c0x0000 (---------------)  + I takanezawa
-	0x00344e07, // n0x120d c0x0000 (---------------)  + I tochigi
-	0x00297645, // n0x120e c0x0000 (---------------)  + I tsuga
-	0x0021c2c5, // n0x120f c0x0000 (---------------)  + I ujiie
-	0x0036b7ca, // n0x1210 c0x0000 (---------------)  + I utsunomiya
-	0x002a0605, // n0x1211 c0x0000 (---------------)  + I yaita
-	0x0029eb86, // n0x1212 c0x0000 (---------------)  + I aizumi
-	0x00206d04, // n0x1213 c0x0000 (---------------)  + I anan
-	0x002add06, // n0x1214 c0x0000 (---------------)  + I ichiba
-	0x00229b05, // n0x1215 c0x0000 (---------------)  + I itano
-	0x00223206, // n0x1216 c0x0000 (---------------)  + I kainan
-	0x002aa70c, // n0x1217 c0x0000 (---------------)  + I komatsushima
-	0x002c704a, // n0x1218 c0x0000 (---------------)  + I matsushige
-	0x0027f904, // n0x1219 c0x0000 (---------------)  + I mima
-	0x00228406, // n0x121a c0x0000 (---------------)  + I minami
-	0x0029c447, // n0x121b c0x0000 (---------------)  + I miyoshi
-	0x002ca384, // n0x121c c0x0000 (---------------)  + I mugi
-	0x002ac8c8, // n0x121d c0x0000 (---------------)  + I nakagawa
-	0x00385746, // n0x121e c0x0000 (---------------)  + I naruto
-	0x00248649, // n0x121f c0x0000 (---------------)  + I sanagochi
-	0x002ad349, // n0x1220 c0x0000 (---------------)  + I shishikui
-	0x00299fc9, // n0x1221 c0x0000 (---------------)  + I tokushima
-	0x0036aa46, // n0x1222 c0x0000 (---------------)  + I wajiki
-	0x00212f86, // n0x1223 c0x0000 (---------------)  + I adachi
-	0x0037ea87, // n0x1224 c0x0000 (---------------)  + I akiruno
-	0x002ec888, // n0x1225 c0x0000 (---------------)  + I akishima
-	0x00212d89, // n0x1226 c0x0000 (---------------)  + I aogashima
-	0x0039f707, // n0x1227 c0x0000 (---------------)  + I arakawa
-	0x002b4186, // n0x1228 c0x0000 (---------------)  + I bunkyo
-	0x003005c7, // n0x1229 c0x0000 (---------------)  + I chiyoda
-	0x002db1c5, // n0x122a c0x0000 (---------------)  + I chofu
-	0x0030ba84, // n0x122b c0x0000 (---------------)  + I chuo
-	0x0037e647, // n0x122c c0x0000 (---------------)  + I edogawa
-	0x002bc1c5, // n0x122d c0x0000 (---------------)  + I fuchu
-	0x00286e85, // n0x122e c0x0000 (---------------)  + I fussa
-	0x002fc5c7, // n0x122f c0x0000 (---------------)  + I hachijo
-	0x0024f248, // n0x1230 c0x0000 (---------------)  + I hachioji
-	0x003831c6, // n0x1231 c0x0000 (---------------)  + I hamura
-	0x0029680d, // n0x1232 c0x0000 (---------------)  + I higashikurume
-	0x0029888f, // n0x1233 c0x0000 (---------------)  + I higashimurayama
-	0x0029d84d, // n0x1234 c0x0000 (---------------)  + I higashiyamato
-	0x0020dbc4, // n0x1235 c0x0000 (---------------)  + I hino
-	0x0023ba06, // n0x1236 c0x0000 (---------------)  + I hinode
-	0x002cfa08, // n0x1237 c0x0000 (---------------)  + I hinohara
-	0x003255c5, // n0x1238 c0x0000 (---------------)  + I inagi
-	0x00280008, // n0x1239 c0x0000 (---------------)  + I itabashi
-	0x0021ae8a, // n0x123a c0x0000 (---------------)  + I katsushika
-	0x00201e04, // n0x123b c0x0000 (---------------)  + I kita
-	0x002aaac6, // n0x123c c0x0000 (---------------)  + I kiyose
-	0x0039c647, // n0x123d c0x0000 (---------------)  + I kodaira
-	0x00226307, // n0x123e c0x0000 (---------------)  + I koganei
-	0x002a0d89, // n0x123f c0x0000 (---------------)  + I kokubunji
-	0x0037e905, // n0x1240 c0x0000 (---------------)  + I komae
-	0x00301bc4, // n0x1241 c0x0000 (---------------)  + I koto
-	0x0032a78a, // n0x1242 c0x0000 (---------------)  + I kouzushima
-	0x002b3009, // n0x1243 c0x0000 (---------------)  + I kunitachi
-	0x002a8dc7, // n0x1244 c0x0000 (---------------)  + I machida
-	0x00296ac6, // n0x1245 c0x0000 (---------------)  + I meguro
-	0x0034cb46, // n0x1246 c0x0000 (---------------)  + I minato
-	0x002a0ac6, // n0x1247 c0x0000 (---------------)  + I mitaka
-	0x0035e106, // n0x1248 c0x0000 (---------------)  + I mizuho
-	0x002cee0f, // n0x1249 c0x0000 (---------------)  + I musashimurayama
-	0x002cf8c9, // n0x124a c0x0000 (---------------)  + I musashino
-	0x002546c6, // n0x124b c0x0000 (---------------)  + I nakano
-	0x00256d06, // n0x124c c0x0000 (---------------)  + I nerima
-	0x00355a09, // n0x124d c0x0000 (---------------)  + I ogasawara
-	0x00303707, // n0x124e c0x0000 (---------------)  + I okutama
-	0x00213a83, // n0x124f c0x0000 (---------------)  + I ome
-	0x0020ef06, // n0x1250 c0x0000 (---------------)  + I oshima
-	0x00204083, // n0x1251 c0x0000 (---------------)  + I ota
-	0x0024cf48, // n0x1252 c0x0000 (---------------)  + I setagaya
-	0x00300407, // n0x1253 c0x0000 (---------------)  + I shibuya
-	0x0029f1c9, // n0x1254 c0x0000 (---------------)  + I shinagawa
-	0x00383608, // n0x1255 c0x0000 (---------------)  + I shinjuku
-	0x00377e48, // n0x1256 c0x0000 (---------------)  + I suginami
-	0x0036e146, // n0x1257 c0x0000 (---------------)  + I sumida
-	0x00223909, // n0x1258 c0x0000 (---------------)  + I tachikawa
-	0x002400c5, // n0x1259 c0x0000 (---------------)  + I taito
-	0x0024e7c4, // n0x125a c0x0000 (---------------)  + I tama
-	0x0024aec7, // n0x125b c0x0000 (---------------)  + I toshima
-	0x00257085, // n0x125c c0x0000 (---------------)  + I chizu
-	0x0020dbc4, // n0x125d c0x0000 (---------------)  + I hino
-	0x00248ac8, // n0x125e c0x0000 (---------------)  + I kawahara
-	0x002180c4, // n0x125f c0x0000 (---------------)  + I koge
-	0x00301bc7, // n0x1260 c0x0000 (---------------)  + I kotoura
-	0x0036fc86, // n0x1261 c0x0000 (---------------)  + I misasa
-	0x002e5a85, // n0x1262 c0x0000 (---------------)  + I nanbu
-	0x002869c8, // n0x1263 c0x0000 (---------------)  + I nichinan
-	0x0034ca0b, // n0x1264 c0x0000 (---------------)  + I sakaiminato
-	0x002f8b87, // n0x1265 c0x0000 (---------------)  + I tottori
-	0x0036ba46, // n0x1266 c0x0000 (---------------)  + I wakasa
-	0x002c0c84, // n0x1267 c0x0000 (---------------)  + I yazu
-	0x0030f5c6, // n0x1268 c0x0000 (---------------)  + I yonago
-	0x002bf185, // n0x1269 c0x0000 (---------------)  + I asahi
-	0x002bc1c5, // n0x126a c0x0000 (---------------)  + I fuchu
-	0x0027dfc9, // n0x126b c0x0000 (---------------)  + I fukumitsu
-	0x002824c9, // n0x126c c0x0000 (---------------)  + I funahashi
-	0x00228204, // n0x126d c0x0000 (---------------)  + I himi
-	0x00228245, // n0x126e c0x0000 (---------------)  + I imizu
-	0x00228445, // n0x126f c0x0000 (---------------)  + I inami
-	0x003565c6, // n0x1270 c0x0000 (---------------)  + I johana
-	0x002fdcc8, // n0x1271 c0x0000 (---------------)  + I kamiichi
-	0x002b7bc6, // n0x1272 c0x0000 (---------------)  + I kurobe
-	0x00330c8b, // n0x1273 c0x0000 (---------------)  + I nakaniikawa
-	0x0030138a, // n0x1274 c0x0000 (---------------)  + I namerikawa
-	0x00342185, // n0x1275 c0x0000 (---------------)  + I nanto
-	0x0028a886, // n0x1276 c0x0000 (---------------)  + I nyuzen
-	0x002f5985, // n0x1277 c0x0000 (---------------)  + I oyabe
-	0x00218d45, // n0x1278 c0x0000 (---------------)  + I taira
-	0x0028ed47, // n0x1279 c0x0000 (---------------)  + I takaoka
-	0x002040c8, // n0x127a c0x0000 (---------------)  + I tateyama
-	0x0025af04, // n0x127b c0x0000 (---------------)  + I toga
-	0x002b6586, // n0x127c c0x0000 (---------------)  + I tonami
-	0x0028e9c6, // n0x127d c0x0000 (---------------)  + I toyama
-	0x00212607, // n0x127e c0x0000 (---------------)  + I unazuki
-	0x00300a04, // n0x127f c0x0000 (---------------)  + I uozu
-	0x0027ce46, // n0x1280 c0x0000 (---------------)  + I yamada
-	0x0023ec85, // n0x1281 c0x0000 (---------------)  + I arida
-	0x0023ec89, // n0x1282 c0x0000 (---------------)  + I aridagawa
-	0x00213184, // n0x1283 c0x0000 (---------------)  + I gobo
-	0x0028e009, // n0x1284 c0x0000 (---------------)  + I hashimoto
-	0x0027ab86, // n0x1285 c0x0000 (---------------)  + I hidaka
-	0x002b9ac8, // n0x1286 c0x0000 (---------------)  + I hirogawa
-	0x00228445, // n0x1287 c0x0000 (---------------)  + I inami
-	0x00311e85, // n0x1288 c0x0000 (---------------)  + I iwade
-	0x00223206, // n0x1289 c0x0000 (---------------)  + I kainan
-	0x0026e889, // n0x128a c0x0000 (---------------)  + I kamitonda
-	0x00219349, // n0x128b c0x0000 (---------------)  + I katsuragi
-	0x002d7b06, // n0x128c c0x0000 (---------------)  + I kimino
-	0x0026b6c8, // n0x128d c0x0000 (---------------)  + I kinokawa
-	0x00267988, // n0x128e c0x0000 (---------------)  + I kitayama
-	0x002f5944, // n0x128f c0x0000 (---------------)  + I koya
-	0x0032dcc4, // n0x1290 c0x0000 (---------------)  + I koza
-	0x0032dcc8, // n0x1291 c0x0000 (---------------)  + I kozagawa
-	0x00316788, // n0x1292 c0x0000 (---------------)  + I kudoyama
-	0x002ae8c9, // n0x1293 c0x0000 (---------------)  + I kushimoto
-	0x002da306, // n0x1294 c0x0000 (---------------)  + I mihama
-	0x0022f486, // n0x1295 c0x0000 (---------------)  + I misato
-	0x0031408d, // n0x1296 c0x0000 (---------------)  + I nachikatsuura
-	0x00266d06, // n0x1297 c0x0000 (---------------)  + I shingu
-	0x002a9a49, // n0x1298 c0x0000 (---------------)  + I shirahama
-	0x00201685, // n0x1299 c0x0000 (---------------)  + I taiji
-	0x0031f386, // n0x129a c0x0000 (---------------)  + I tanabe
-	0x00223ac8, // n0x129b c0x0000 (---------------)  + I wakayama
-	0x00310745, // n0x129c c0x0000 (---------------)  + I yuasa
-	0x0036adc4, // n0x129d c0x0000 (---------------)  + I yura
-	0x002bf185, // n0x129e c0x0000 (---------------)  + I asahi
-	0x00281b48, // n0x129f c0x0000 (---------------)  + I funagata
-	0x0029a209, // n0x12a0 c0x0000 (---------------)  + I higashine
-	0x00277cc4, // n0x12a1 c0x0000 (---------------)  + I iide
-	0x0033d046, // n0x12a2 c0x0000 (---------------)  + I kahoku
-	0x0024ff0a, // n0x12a3 c0x0000 (---------------)  + I kaminoyama
-	0x002c7848, // n0x12a4 c0x0000 (---------------)  + I kaneyama
-	0x002bdc49, // n0x12a5 c0x0000 (---------------)  + I kawanishi
-	0x0029378a, // n0x12a6 c0x0000 (---------------)  + I mamurogawa
-	0x002e8086, // n0x12a7 c0x0000 (---------------)  + I mikawa
-	0x00298a48, // n0x12a8 c0x0000 (---------------)  + I murayama
-	0x002cdc45, // n0x12a9 c0x0000 (---------------)  + I nagai
-	0x002c9e08, // n0x12aa c0x0000 (---------------)  + I nakayama
-	0x002b1ec5, // n0x12ab c0x0000 (---------------)  + I nanyo
-	0x0021a489, // n0x12ac c0x0000 (---------------)  + I nishikawa
-	0x00361849, // n0x12ad c0x0000 (---------------)  + I obanazawa
-	0x00203282, // n0x12ae c0x0000 (---------------)  + I oe
-	0x002a6a45, // n0x12af c0x0000 (---------------)  + I oguni
-	0x0026f6c6, // n0x12b0 c0x0000 (---------------)  + I ohkura
-	0x0027aac7, // n0x12b1 c0x0000 (---------------)  + I oishida
-	0x00238905, // n0x12b2 c0x0000 (---------------)  + I sagae
-	0x002f8486, // n0x12b3 c0x0000 (---------------)  + I sakata
-	0x00310808, // n0x12b4 c0x0000 (---------------)  + I sakegawa
-	0x0033bd46, // n0x12b5 c0x0000 (---------------)  + I shinjo
-	0x00347f09, // n0x12b6 c0x0000 (---------------)  + I shirataka
-	0x002792c6, // n0x12b7 c0x0000 (---------------)  + I shonai
-	0x00281cc8, // n0x12b8 c0x0000 (---------------)  + I takahata
-	0x002a94c5, // n0x12b9 c0x0000 (---------------)  + I tendo
-	0x0026de86, // n0x12ba c0x0000 (---------------)  + I tozawa
-	0x0032f7c8, // n0x12bb c0x0000 (---------------)  + I tsuruoka
-	0x002808c8, // n0x12bc c0x0000 (---------------)  + I yamagata
-	0x0039e808, // n0x12bd c0x0000 (---------------)  + I yamanobe
-	0x00366688, // n0x12be c0x0000 (---------------)  + I yonezawa
-	0x00217244, // n0x12bf c0x0000 (---------------)  + I yuza
-	0x0022d843, // n0x12c0 c0x0000 (---------------)  + I abu
-	0x00348144, // n0x12c1 c0x0000 (---------------)  + I hagi
-	0x0022f006, // n0x12c2 c0x0000 (---------------)  + I hikari
-	0x002db204, // n0x12c3 c0x0000 (---------------)  + I hofu
-	0x002da0c7, // n0x12c4 c0x0000 (---------------)  + I iwakuni
-	0x0039fd89, // n0x12c5 c0x0000 (---------------)  + I kudamatsu
-	0x002c0485, // n0x12c6 c0x0000 (---------------)  + I mitou
-	0x0038e086, // n0x12c7 c0x0000 (---------------)  + I nagato
-	0x0020ef06, // n0x12c8 c0x0000 (---------------)  + I oshima
-	0x0026c3cb, // n0x12c9 c0x0000 (---------------)  + I shimonoseki
-	0x003420c6, // n0x12ca c0x0000 (---------------)  + I shunan
-	0x00316a86, // n0x12cb c0x0000 (---------------)  + I tabuse
-	0x0022f588, // n0x12cc c0x0000 (---------------)  + I tokuyama
-	0x0025bb86, // n0x12cd c0x0000 (---------------)  + I toyota
-	0x00297443, // n0x12ce c0x0000 (---------------)  + I ube
-	0x0020f9c3, // n0x12cf c0x0000 (---------------)  + I yuu
-	0x0030ba84, // n0x12d0 c0x0000 (---------------)  + I chuo
-	0x00236305, // n0x12d1 c0x0000 (---------------)  + I doshi
-	0x0036af47, // n0x12d2 c0x0000 (---------------)  + I fuefuki
-	0x00277e48, // n0x12d3 c0x0000 (---------------)  + I fujikawa
-	0x00277e4f, // n0x12d4 c0x0000 (---------------)  + I fujikawaguchiko
-	0x0027c24b, // n0x12d5 c0x0000 (---------------)  + I fujiyoshida
-	0x002fdac8, // n0x12d6 c0x0000 (---------------)  + I hayakawa
-	0x0033d0c6, // n0x12d7 c0x0000 (---------------)  + I hokuto
-	0x0026560e, // n0x12d8 c0x0000 (---------------)  + I ichikawamisato
-	0x00223203, // n0x12d9 c0x0000 (---------------)  + I kai
-	0x00240c84, // n0x12da c0x0000 (---------------)  + I kofu
-	0x00342045, // n0x12db c0x0000 (---------------)  + I koshu
-	0x00300146, // n0x12dc c0x0000 (---------------)  + I kosuge
-	0x0028bc0b, // n0x12dd c0x0000 (---------------)  + I minami-alps
-	0x00290086, // n0x12de c0x0000 (---------------)  + I minobu
-	0x002164c9, // n0x12df c0x0000 (---------------)  + I nakamichi
-	0x002e5a85, // n0x12e0 c0x0000 (---------------)  + I nanbu
-	0x00381e08, // n0x12e1 c0x0000 (---------------)  + I narusawa
-	0x0020c388, // n0x12e2 c0x0000 (---------------)  + I nirasaki
-	0x0021920c, // n0x12e3 c0x0000 (---------------)  + I nishikatsura
-	0x0029e5c6, // n0x12e4 c0x0000 (---------------)  + I oshino
-	0x0021f306, // n0x12e5 c0x0000 (---------------)  + I otsuki
-	0x00319905, // n0x12e6 c0x0000 (---------------)  + I showa
-	0x002872c8, // n0x12e7 c0x0000 (---------------)  + I tabayama
-	0x0027b9c5, // n0x12e8 c0x0000 (---------------)  + I tsuru
-	0x00387308, // n0x12e9 c0x0000 (---------------)  + I uenohara
-	0x0029dc8a, // n0x12ea c0x0000 (---------------)  + I yamanakako
-	0x002a15c9, // n0x12eb c0x0000 (---------------)  + I yamanashi
-	0x00686744, // n0x12ec c0x0001 (---------------)  ! I city
-	0x2e200742, // n0x12ed c0x00b8 (n0x12ee-n0x12ef)  o I co
-	0x000ffa08, // n0x12ee c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x12ef c0x0000 (---------------)  + I com
-	0x0023a783, // n0x12f0 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x12f1 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x12f2 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x12f3 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x12f4 c0x0000 (---------------)  + I org
-	0x00330b83, // n0x12f5 c0x0000 (---------------)  + I biz
-	0x00233503, // n0x12f6 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x12f7 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x12f8 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x12f9 c0x0000 (---------------)  + I info
-	0x0021fe03, // n0x12fa c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x12fb c0x0000 (---------------)  + I org
-	0x0023f743, // n0x12fc c0x0000 (---------------)  + I ass
-	0x002d4884, // n0x12fd c0x0000 (---------------)  + I asso
-	0x00233503, // n0x12fe c0x0000 (---------------)  + I com
-	0x0023d684, // n0x12ff c0x0000 (---------------)  + I coop
-	0x0023a783, // n0x1300 c0x0000 (---------------)  + I edu
-	0x0033d7c4, // n0x1301 c0x0000 (---------------)  + I gouv
-	0x0026cc83, // n0x1302 c0x0000 (---------------)  + I gov
-	0x00238bc7, // n0x1303 c0x0000 (---------------)  + I medecin
-	0x00209003, // n0x1304 c0x0000 (---------------)  + I mil
-	0x00201483, // n0x1305 c0x0000 (---------------)  + I nom
-	0x0025c988, // n0x1306 c0x0000 (---------------)  + I notaires
-	0x0022d1c3, // n0x1307 c0x0000 (---------------)  + I org
-	0x0034d60b, // n0x1308 c0x0000 (---------------)  + I pharmaciens
-	0x002e1043, // n0x1309 c0x0000 (---------------)  + I prd
-	0x00247506, // n0x130a c0x0000 (---------------)  + I presse
-	0x00200142, // n0x130b c0x0000 (---------------)  + I tm
-	0x002d1c8b, // n0x130c c0x0000 (---------------)  + I veterinaire
-	0x0023a783, // n0x130d c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x130e c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x130f c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1310 c0x0000 (---------------)  + I org
-	0x00233503, // n0x1311 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1312 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1313 c0x0000 (---------------)  + I gov
-	0x0022d1c3, // n0x1314 c0x0000 (---------------)  + I org
-	0x0022b7c3, // n0x1315 c0x0000 (---------------)  + I rep
-	0x00203003, // n0x1316 c0x0000 (---------------)  + I tra
-	0x00201542, // n0x1317 c0x0000 (---------------)  + I ac
-	0x000ffa08, // n0x1318 c0x0000 (---------------)  +   blogspot
-	0x0022b945, // n0x1319 c0x0000 (---------------)  + I busan
-	0x003051c8, // n0x131a c0x0000 (---------------)  + I chungbuk
-	0x003113c8, // n0x131b c0x0000 (---------------)  + I chungnam
-	0x00200742, // n0x131c c0x0000 (---------------)  + I co
-	0x0024a3c5, // n0x131d c0x0000 (---------------)  + I daegu
-	0x00325007, // n0x131e c0x0000 (---------------)  + I daejeon
-	0x00200482, // n0x131f c0x0000 (---------------)  + I es
-	0x00216707, // n0x1320 c0x0000 (---------------)  + I gangwon
-	0x00202d42, // n0x1321 c0x0000 (---------------)  + I go
-	0x00242707, // n0x1322 c0x0000 (---------------)  + I gwangju
-	0x0030b509, // n0x1323 c0x0000 (---------------)  + I gyeongbuk
-	0x002cd808, // n0x1324 c0x0000 (---------------)  + I gyeonggi
-	0x00208209, // n0x1325 c0x0000 (---------------)  + I gyeongnam
-	0x0023f382, // n0x1326 c0x0000 (---------------)  + I hs
-	0x00268e07, // n0x1327 c0x0000 (---------------)  + I incheon
-	0x002d7884, // n0x1328 c0x0000 (---------------)  + I jeju
-	0x003250c7, // n0x1329 c0x0000 (---------------)  + I jeonbuk
-	0x00301287, // n0x132a c0x0000 (---------------)  + I jeonnam
-	0x002b5502, // n0x132b c0x0000 (---------------)  + I kg
-	0x00209003, // n0x132c c0x0000 (---------------)  + I mil
-	0x0020f702, // n0x132d c0x0000 (---------------)  + I ms
-	0x00202c02, // n0x132e c0x0000 (---------------)  + I ne
-	0x00200282, // n0x132f c0x0000 (---------------)  + I or
-	0x00207782, // n0x1330 c0x0000 (---------------)  + I pe
-	0x00207002, // n0x1331 c0x0000 (---------------)  + I re
-	0x00200702, // n0x1332 c0x0000 (---------------)  + I sc
-	0x00344345, // n0x1333 c0x0000 (---------------)  + I seoul
-	0x00259585, // n0x1334 c0x0000 (---------------)  + I ulsan
-	0x00233503, // n0x1335 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1336 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1337 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1338 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1339 c0x0000 (---------------)  + I org
-	0x00233503, // n0x133a c0x0000 (---------------)  + I com
-	0x0023a783, // n0x133b c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x133c c0x0000 (---------------)  + I gov
-	0x00209003, // n0x133d c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x133e c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x133f c0x0000 (---------------)  + I org
-	0x00000301, // n0x1340 c0x0000 (---------------)  +   c
-	0x00233503, // n0x1341 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1342 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1343 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1344 c0x0000 (---------------)  + I info
-	0x00201603, // n0x1345 c0x0000 (---------------)  + I int
-	0x0021fe03, // n0x1346 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1347 c0x0000 (---------------)  + I org
-	0x00220f03, // n0x1348 c0x0000 (---------------)  + I per
-	0x00233503, // n0x1349 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x134a c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x134b c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x134c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x134d c0x0000 (---------------)  + I org
-	0x00200742, // n0x134e c0x0000 (---------------)  + I co
-	0x00233503, // n0x134f c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1350 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1351 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1352 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1353 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x1354 c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x1355 c0x0000 (---------------)  + I ac
-	0x002bad84, // n0x1356 c0x0000 (---------------)  + I assn
-	0x00233503, // n0x1357 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1358 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1359 c0x0000 (---------------)  + I gov
-	0x00379ec3, // n0x135a c0x0000 (---------------)  + I grp
-	0x00234dc5, // n0x135b c0x0000 (---------------)  + I hotel
-	0x00201603, // n0x135c c0x0000 (---------------)  + I int
-	0x00322cc3, // n0x135d c0x0000 (---------------)  + I ltd
-	0x0021fe03, // n0x135e c0x0000 (---------------)  + I net
-	0x00202d03, // n0x135f c0x0000 (---------------)  + I ngo
-	0x0022d1c3, // n0x1360 c0x0000 (---------------)  + I org
-	0x00217443, // n0x1361 c0x0000 (---------------)  + I sch
-	0x00274803, // n0x1362 c0x0000 (---------------)  + I soc
-	0x00221a03, // n0x1363 c0x0000 (---------------)  + I web
-	0x00233503, // n0x1364 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1365 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1366 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1367 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1368 c0x0000 (---------------)  + I org
-	0x00200742, // n0x1369 c0x0000 (---------------)  + I co
-	0x0022d1c3, // n0x136a c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x136b c0x0000 (---------------)  +   blogspot
-	0x0026cc83, // n0x136c c0x0000 (---------------)  + I gov
-	0x000ffa08, // n0x136d c0x0000 (---------------)  +   blogspot
-	0x002afc83, // n0x136e c0x0000 (---------------)  + I asn
-	0x00233503, // n0x136f c0x0000 (---------------)  + I com
-	0x00236cc4, // n0x1370 c0x0000 (---------------)  + I conf
-	0x0023a783, // n0x1371 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1372 c0x0000 (---------------)  + I gov
-	0x0020c782, // n0x1373 c0x0000 (---------------)  + I id
-	0x00209003, // n0x1374 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1375 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1376 c0x0000 (---------------)  + I org
-	0x00233503, // n0x1377 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1378 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1379 c0x0000 (---------------)  + I gov
-	0x0020c782, // n0x137a c0x0000 (---------------)  + I id
-	0x00213ac3, // n0x137b c0x0000 (---------------)  + I med
-	0x0021fe03, // n0x137c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x137d c0x0000 (---------------)  + I org
-	0x002db143, // n0x137e c0x0000 (---------------)  + I plc
-	0x00217443, // n0x137f c0x0000 (---------------)  + I sch
-	0x00201542, // n0x1380 c0x0000 (---------------)  + I ac
-	0x00200742, // n0x1381 c0x0000 (---------------)  + I co
-	0x0026cc83, // n0x1382 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1383 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1384 c0x0000 (---------------)  + I org
-	0x00247505, // n0x1385 c0x0000 (---------------)  + I press
-	0x002d4884, // n0x1386 c0x0000 (---------------)  + I asso
-	0x00200142, // n0x1387 c0x0000 (---------------)  + I tm
-	0x000ffa08, // n0x1388 c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x1389 c0x0000 (---------------)  + I ac
-	0x00200742, // n0x138a c0x0000 (---------------)  + I co
-	0x00054d8b, // n0x138b c0x0000 (---------------)  +   diskstation
-	0x00009107, // n0x138c c0x0000 (---------------)  +   dscloud
-	0x0023a783, // n0x138d c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x138e c0x0000 (---------------)  + I gov
-	0x00157b84, // n0x138f c0x0000 (---------------)  +   i234
-	0x00230483, // n0x1390 c0x0000 (---------------)  + I its
-	0x00156bc4, // n0x1391 c0x0000 (---------------)  +   myds
-	0x0021fe03, // n0x1392 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1393 c0x0000 (---------------)  + I org
-	0x002e1c44, // n0x1394 c0x0000 (---------------)  + I priv
-	0x0010b388, // n0x1395 c0x0000 (---------------)  +   synology
-	0x00200742, // n0x1396 c0x0000 (---------------)  + I co
-	0x00233503, // n0x1397 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1398 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1399 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x139a c0x0000 (---------------)  + I mil
-	0x00201483, // n0x139b c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x139c c0x0000 (---------------)  + I org
-	0x002e1043, // n0x139d c0x0000 (---------------)  + I prd
-	0x00200142, // n0x139e c0x0000 (---------------)  + I tm
-	0x000ffa08, // n0x139f c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x13a0 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x13a1 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x13a2 c0x0000 (---------------)  + I gov
-	0x003a1083, // n0x13a3 c0x0000 (---------------)  + I inf
-	0x00205284, // n0x13a4 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x13a5 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x13a6 c0x0000 (---------------)  + I org
-	0x00233503, // n0x13a7 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x13a8 c0x0000 (---------------)  + I edu
-	0x0033d7c4, // n0x13a9 c0x0000 (---------------)  + I gouv
-	0x0026cc83, // n0x13aa c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x13ab c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x13ac c0x0000 (---------------)  + I org
-	0x00247506, // n0x13ad c0x0000 (---------------)  + I presse
-	0x0023a783, // n0x13ae c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x13af c0x0000 (---------------)  + I gov
-	0x0016ef83, // n0x13b0 c0x0000 (---------------)  +   nyc
-	0x0022d1c3, // n0x13b1 c0x0000 (---------------)  + I org
-	0x00233503, // n0x13b2 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x13b3 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x13b4 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x13b5 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x13b6 c0x0000 (---------------)  + I org
-	0x00009107, // n0x13b7 c0x0000 (---------------)  +   dscloud
-	0x000ffa08, // n0x13b8 c0x0000 (---------------)  +   blogspot
-	0x0026cc83, // n0x13b9 c0x0000 (---------------)  + I gov
-	0x00233503, // n0x13ba c0x0000 (---------------)  + I com
-	0x0023a783, // n0x13bb c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x13bc c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x13bd c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x13be c0x0000 (---------------)  + I org
-	0x36633503, // n0x13bf c0x00d9 (n0x13c3-n0x13c4)  + I com
-	0x0023a783, // n0x13c0 c0x0000 (---------------)  + I edu
-	0x0021fe03, // n0x13c1 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x13c2 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x13c3 c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x13c4 c0x0000 (---------------)  + I ac
-	0x00200742, // n0x13c5 c0x0000 (---------------)  + I co
-	0x00233503, // n0x13c6 c0x0000 (---------------)  + I com
-	0x0026cc83, // n0x13c7 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x13c8 c0x0000 (---------------)  + I net
-	0x00200282, // n0x13c9 c0x0000 (---------------)  + I or
-	0x0022d1c3, // n0x13ca c0x0000 (---------------)  + I org
-	0x0030aec7, // n0x13cb c0x0000 (---------------)  + I academy
-	0x00209c8b, // n0x13cc c0x0000 (---------------)  + I agriculture
-	0x00204903, // n0x13cd c0x0000 (---------------)  + I air
-	0x0023b1c8, // n0x13ce c0x0000 (---------------)  + I airguard
-	0x002ec607, // n0x13cf c0x0000 (---------------)  + I alabama
-	0x00279bc6, // n0x13d0 c0x0000 (---------------)  + I alaska
-	0x00367645, // n0x13d1 c0x0000 (---------------)  + I amber
-	0x002c8609, // n0x13d2 c0x0000 (---------------)  + I ambulance
-	0x00208d88, // n0x13d3 c0x0000 (---------------)  + I american
-	0x002729c9, // n0x13d4 c0x0000 (---------------)  + I americana
-	0x002729d0, // n0x13d5 c0x0000 (---------------)  + I americanantiques
-	0x0035994b, // n0x13d6 c0x0000 (---------------)  + I americanart
-	0x002c8449, // n0x13d7 c0x0000 (---------------)  + I amsterdam
-	0x00200843, // n0x13d8 c0x0000 (---------------)  + I and
-	0x00357549, // n0x13d9 c0x0000 (---------------)  + I annefrank
-	0x00237a06, // n0x13da c0x0000 (---------------)  + I anthro
-	0x00237a0c, // n0x13db c0x0000 (---------------)  + I anthropology
-	0x0022ba08, // n0x13dc c0x0000 (---------------)  + I antiques
-	0x003a2308, // n0x13dd c0x0000 (---------------)  + I aquarium
-	0x00258249, // n0x13de c0x0000 (---------------)  + I arboretum
-	0x0029fb0e, // n0x13df c0x0000 (---------------)  + I archaeological
-	0x0037228b, // n0x13e0 c0x0000 (---------------)  + I archaeology
-	0x0031fa0c, // n0x13e1 c0x0000 (---------------)  + I architecture
-	0x002011c3, // n0x13e2 c0x0000 (---------------)  + I art
-	0x003284cc, // n0x13e3 c0x0000 (---------------)  + I artanddesign
-	0x002043c9, // n0x13e4 c0x0000 (---------------)  + I artcenter
-	0x0020b107, // n0x13e5 c0x0000 (---------------)  + I artdeco
-	0x0023a6cc, // n0x13e6 c0x0000 (---------------)  + I arteducation
-	0x0039208a, // n0x13e7 c0x0000 (---------------)  + I artgallery
-	0x0024bf84, // n0x13e8 c0x0000 (---------------)  + I arts
-	0x0039eacd, // n0x13e9 c0x0000 (---------------)  + I artsandcrafts
-	0x00328388, // n0x13ea c0x0000 (---------------)  + I asmatart
-	0x0039efcd, // n0x13eb c0x0000 (---------------)  + I assassination
-	0x00252046, // n0x13ec c0x0000 (---------------)  + I assisi
-	0x002d488b, // n0x13ed c0x0000 (---------------)  + I association
-	0x00356a09, // n0x13ee c0x0000 (---------------)  + I astronomy
-	0x002244c7, // n0x13ef c0x0000 (---------------)  + I atlanta
-	0x002ea306, // n0x13f0 c0x0000 (---------------)  + I austin
-	0x003082c9, // n0x13f1 c0x0000 (---------------)  + I australia
-	0x00322f8a, // n0x13f2 c0x0000 (---------------)  + I automotive
-	0x0035b848, // n0x13f3 c0x0000 (---------------)  + I aviation
-	0x002e0b84, // n0x13f4 c0x0000 (---------------)  + I axis
-	0x00277007, // n0x13f5 c0x0000 (---------------)  + I badajoz
-	0x002a1847, // n0x13f6 c0x0000 (---------------)  + I baghdad
-	0x002ec084, // n0x13f7 c0x0000 (---------------)  + I bahn
-	0x00228a84, // n0x13f8 c0x0000 (---------------)  + I bale
-	0x0025d289, // n0x13f9 c0x0000 (---------------)  + I baltimore
-	0x002dd889, // n0x13fa c0x0000 (---------------)  + I barcelona
-	0x0022f9c8, // n0x13fb c0x0000 (---------------)  + I baseball
-	0x00210685, // n0x13fc c0x0000 (---------------)  + I basel
-	0x00389345, // n0x13fd c0x0000 (---------------)  + I baths
-	0x0020d246, // n0x13fe c0x0000 (---------------)  + I bauern
-	0x0039e989, // n0x13ff c0x0000 (---------------)  + I beauxarts
-	0x0021b10d, // n0x1400 c0x0000 (---------------)  + I beeldengeluid
-	0x0031f488, // n0x1401 c0x0000 (---------------)  + I bellevue
-	0x0020d147, // n0x1402 c0x0000 (---------------)  + I bergbau
-	0x003676c8, // n0x1403 c0x0000 (---------------)  + I berkeley
-	0x0022e6c6, // n0x1404 c0x0000 (---------------)  + I berlin
-	0x00390744, // n0x1405 c0x0000 (---------------)  + I bern
-	0x0037bf45, // n0x1406 c0x0000 (---------------)  + I bible
-	0x002028c6, // n0x1407 c0x0000 (---------------)  + I bilbao
-	0x00202e84, // n0x1408 c0x0000 (---------------)  + I bill
-	0x002042c7, // n0x1409 c0x0000 (---------------)  + I birdart
-	0x0020628a, // n0x140a c0x0000 (---------------)  + I birthplace
-	0x00212384, // n0x140b c0x0000 (---------------)  + I bonn
-	0x00217cc6, // n0x140c c0x0000 (---------------)  + I boston
-	0x00218e89, // n0x140d c0x0000 (---------------)  + I botanical
-	0x00218e8f, // n0x140e c0x0000 (---------------)  + I botanicalgarden
-	0x0021a18d, // n0x140f c0x0000 (---------------)  + I botanicgarden
-	0x0021a946, // n0x1410 c0x0000 (---------------)  + I botany
-	0x0021ca50, // n0x1411 c0x0000 (---------------)  + I brandywinevalley
-	0x0021ce46, // n0x1412 c0x0000 (---------------)  + I brasil
-	0x0021db87, // n0x1413 c0x0000 (---------------)  + I bristol
-	0x0021df07, // n0x1414 c0x0000 (---------------)  + I british
-	0x0021df0f, // n0x1415 c0x0000 (---------------)  + I britishcolumbia
-	0x0021fa49, // n0x1416 c0x0000 (---------------)  + I broadcast
-	0x00222b06, // n0x1417 c0x0000 (---------------)  + I brunel
-	0x00225e87, // n0x1418 c0x0000 (---------------)  + I brussel
-	0x00225e88, // n0x1419 c0x0000 (---------------)  + I brussels
-	0x00227049, // n0x141a c0x0000 (---------------)  + I bruxelles
-	0x0028fd88, // n0x141b c0x0000 (---------------)  + I building
-	0x002d7647, // n0x141c c0x0000 (---------------)  + I burghof
-	0x0020ca03, // n0x141d c0x0000 (---------------)  + I bus
-	0x00233386, // n0x141e c0x0000 (---------------)  + I bushey
-	0x00200308, // n0x141f c0x0000 (---------------)  + I cadaques
-	0x0029fdca, // n0x1420 c0x0000 (---------------)  + I california
-	0x00221ac9, // n0x1421 c0x0000 (---------------)  + I cambridge
-	0x00208ec3, // n0x1422 c0x0000 (---------------)  + I can
-	0x00324f06, // n0x1423 c0x0000 (---------------)  + I canada
-	0x002b63ca, // n0x1424 c0x0000 (---------------)  + I capebreton
-	0x00365247, // n0x1425 c0x0000 (---------------)  + I carrier
-	0x0020af4a, // n0x1426 c0x0000 (---------------)  + I cartoonart
-	0x0021460e, // n0x1427 c0x0000 (---------------)  + I casadelamoneda
-	0x0021fb86, // n0x1428 c0x0000 (---------------)  + I castle
-	0x002a6c47, // n0x1429 c0x0000 (---------------)  + I castres
-	0x00211b46, // n0x142a c0x0000 (---------------)  + I celtic
-	0x00204486, // n0x142b c0x0000 (---------------)  + I center
-	0x00374acb, // n0x142c c0x0000 (---------------)  + I chattanooga
-	0x002648ca, // n0x142d c0x0000 (---------------)  + I cheltenham
-	0x0035150d, // n0x142e c0x0000 (---------------)  + I chesapeakebay
-	0x00213047, // n0x142f c0x0000 (---------------)  + I chicago
-	0x00274888, // n0x1430 c0x0000 (---------------)  + I children
-	0x00274889, // n0x1431 c0x0000 (---------------)  + I childrens
-	0x0027488f, // n0x1432 c0x0000 (---------------)  + I childrensgarden
-	0x0023984c, // n0x1433 c0x0000 (---------------)  + I chiropractic
-	0x002b5a89, // n0x1434 c0x0000 (---------------)  + I chocolate
-	0x00379b8e, // n0x1435 c0x0000 (---------------)  + I christiansburg
-	0x00238cca, // n0x1436 c0x0000 (---------------)  + I cincinnati
-	0x002ce4c6, // n0x1437 c0x0000 (---------------)  + I cinema
-	0x00337c86, // n0x1438 c0x0000 (---------------)  + I circus
-	0x00363b8c, // n0x1439 c0x0000 (---------------)  + I civilisation
-	0x00367b8c, // n0x143a c0x0000 (---------------)  + I civilization
-	0x0036f008, // n0x143b c0x0000 (---------------)  + I civilwar
-	0x003894c7, // n0x143c c0x0000 (---------------)  + I clinton
-	0x002acc45, // n0x143d c0x0000 (---------------)  + I clock
-	0x00355244, // n0x143e c0x0000 (---------------)  + I coal
-	0x00386b8e, // n0x143f c0x0000 (---------------)  + I coastaldefence
-	0x00323204, // n0x1440 c0x0000 (---------------)  + I cody
-	0x00231d87, // n0x1441 c0x0000 (---------------)  + I coldwar
-	0x00265b8a, // n0x1442 c0x0000 (---------------)  + I collection
-	0x00232454, // n0x1443 c0x0000 (---------------)  + I colonialwilliamsburg
-	0x00232dcf, // n0x1444 c0x0000 (---------------)  + I coloradoplateau
-	0x0021e0c8, // n0x1445 c0x0000 (---------------)  + I columbia
-	0x00233248, // n0x1446 c0x0000 (---------------)  + I columbus
-	0x0036018d, // n0x1447 c0x0000 (---------------)  + I communication
-	0x0036018e, // n0x1448 c0x0000 (---------------)  + I communications
-	0x00233509, // n0x1449 c0x0000 (---------------)  + I community
-	0x00235488, // n0x144a c0x0000 (---------------)  + I computer
-	0x0023548f, // n0x144b c0x0000 (---------------)  + I computerhistory
-	0x0023a3cc, // n0x144c c0x0000 (---------------)  + I contemporary
-	0x0023a3cf, // n0x144d c0x0000 (---------------)  + I contemporaryart
-	0x0023b747, // n0x144e c0x0000 (---------------)  + I convent
-	0x0023de0a, // n0x144f c0x0000 (---------------)  + I copenhagen
-	0x0021c58b, // n0x1450 c0x0000 (---------------)  + I corporation
-	0x0023f888, // n0x1451 c0x0000 (---------------)  + I corvette
-	0x00241807, // n0x1452 c0x0000 (---------------)  + I costume
-	0x0033658d, // n0x1453 c0x0000 (---------------)  + I countryestate
-	0x0031ab06, // n0x1454 c0x0000 (---------------)  + I county
-	0x0039ec86, // n0x1455 c0x0000 (---------------)  + I crafts
-	0x00243c49, // n0x1456 c0x0000 (---------------)  + I cranbrook
-	0x00336b48, // n0x1457 c0x0000 (---------------)  + I creation
-	0x00247888, // n0x1458 c0x0000 (---------------)  + I cultural
-	0x0024788e, // n0x1459 c0x0000 (---------------)  + I culturalcenter
-	0x00209d87, // n0x145a c0x0000 (---------------)  + I culture
-	0x00322345, // n0x145b c0x0000 (---------------)  + I cyber
-	0x0024a985, // n0x145c c0x0000 (---------------)  + I cymru
-	0x00210284, // n0x145d c0x0000 (---------------)  + I dali
-	0x00279e86, // n0x145e c0x0000 (---------------)  + I dallas
-	0x0022f8c8, // n0x145f c0x0000 (---------------)  + I database
-	0x002edd03, // n0x1460 c0x0000 (---------------)  + I ddr
-	0x0025fa0e, // n0x1461 c0x0000 (---------------)  + I decorativearts
-	0x00336948, // n0x1462 c0x0000 (---------------)  + I delaware
-	0x0027af0b, // n0x1463 c0x0000 (---------------)  + I delmenhorst
-	0x003312c7, // n0x1464 c0x0000 (---------------)  + I denmark
-	0x00274145, // n0x1465 c0x0000 (---------------)  + I depot
-	0x0022dcc6, // n0x1466 c0x0000 (---------------)  + I design
-	0x002aa507, // n0x1467 c0x0000 (---------------)  + I detroit
-	0x002fac88, // n0x1468 c0x0000 (---------------)  + I dinosaur
-	0x00330409, // n0x1469 c0x0000 (---------------)  + I discovery
-	0x00237405, // n0x146a c0x0000 (---------------)  + I dolls
-	0x002861c8, // n0x146b c0x0000 (---------------)  + I donostia
-	0x0020cc06, // n0x146c c0x0000 (---------------)  + I durham
-	0x0037574a, // n0x146d c0x0000 (---------------)  + I eastafrica
-	0x00386a89, // n0x146e c0x0000 (---------------)  + I eastcoast
-	0x0023a789, // n0x146f c0x0000 (---------------)  + I education
-	0x0023a78b, // n0x1470 c0x0000 (---------------)  + I educational
-	0x0028c908, // n0x1471 c0x0000 (---------------)  + I egyptian
-	0x002ebf49, // n0x1472 c0x0000 (---------------)  + I eisenbahn
-	0x00210746, // n0x1473 c0x0000 (---------------)  + I elburg
-	0x002e4f4a, // n0x1474 c0x0000 (---------------)  + I elvendrell
-	0x0022980a, // n0x1475 c0x0000 (---------------)  + I embroidery
-	0x0023e00c, // n0x1476 c0x0000 (---------------)  + I encyclopedic
-	0x00213707, // n0x1477 c0x0000 (---------------)  + I england
-	0x002cd60a, // n0x1478 c0x0000 (---------------)  + I entomology
-	0x00326d8b, // n0x1479 c0x0000 (---------------)  + I environment
-	0x00326d99, // n0x147a c0x0000 (---------------)  + I environmentalconservation
-	0x00329a48, // n0x147b c0x0000 (---------------)  + I epilepsy
-	0x00247585, // n0x147c c0x0000 (---------------)  + I essex
-	0x002c2486, // n0x147d c0x0000 (---------------)  + I estate
-	0x0030cf09, // n0x147e c0x0000 (---------------)  + I ethnology
-	0x00205346, // n0x147f c0x0000 (---------------)  + I exeter
-	0x002115ca, // n0x1480 c0x0000 (---------------)  + I exhibition
-	0x00208f86, // n0x1481 c0x0000 (---------------)  + I family
-	0x00271d04, // n0x1482 c0x0000 (---------------)  + I farm
-	0x002c260d, // n0x1483 c0x0000 (---------------)  + I farmequipment
-	0x002ece87, // n0x1484 c0x0000 (---------------)  + I farmers
-	0x00271d09, // n0x1485 c0x0000 (---------------)  + I farmstead
-	0x00366b05, // n0x1486 c0x0000 (---------------)  + I field
-	0x0037ac88, // n0x1487 c0x0000 (---------------)  + I figueres
-	0x0024b549, // n0x1488 c0x0000 (---------------)  + I filatelia
-	0x0024b784, // n0x1489 c0x0000 (---------------)  + I film
-	0x0024be87, // n0x148a c0x0000 (---------------)  + I fineart
-	0x0024be88, // n0x148b c0x0000 (---------------)  + I finearts
-	0x0024c387, // n0x148c c0x0000 (---------------)  + I finland
-	0x00267688, // n0x148d c0x0000 (---------------)  + I flanders
-	0x00252947, // n0x148e c0x0000 (---------------)  + I florida
-	0x00338705, // n0x148f c0x0000 (---------------)  + I force
-	0x00259fcc, // n0x1490 c0x0000 (---------------)  + I fortmissoula
-	0x0025ab89, // n0x1491 c0x0000 (---------------)  + I fortworth
-	0x002b9f4a, // n0x1492 c0x0000 (---------------)  + I foundation
-	0x00385d09, // n0x1493 c0x0000 (---------------)  + I francaise
-	0x00357649, // n0x1494 c0x0000 (---------------)  + I frankfurt
-	0x00256acc, // n0x1495 c0x0000 (---------------)  + I franziskaner
-	0x002e7d0b, // n0x1496 c0x0000 (---------------)  + I freemasonry
-	0x0025c488, // n0x1497 c0x0000 (---------------)  + I freiburg
-	0x00260048, // n0x1498 c0x0000 (---------------)  + I fribourg
-	0x002636c4, // n0x1499 c0x0000 (---------------)  + I frog
-	0x00283c88, // n0x149a c0x0000 (---------------)  + I fundacio
-	0x00285349, // n0x149b c0x0000 (---------------)  + I furniture
-	0x00392147, // n0x149c c0x0000 (---------------)  + I gallery
-	0x002190c6, // n0x149d c0x0000 (---------------)  + I garden
-	0x00246347, // n0x149e c0x0000 (---------------)  + I gateway
-	0x00330689, // n0x149f c0x0000 (---------------)  + I geelvinck
-	0x0021334b, // n0x14a0 c0x0000 (---------------)  + I gemological
-	0x00396387, // n0x14a1 c0x0000 (---------------)  + I geology
-	0x00324c47, // n0x14a2 c0x0000 (---------------)  + I georgia
-	0x00279907, // n0x14a3 c0x0000 (---------------)  + I giessen
-	0x0039ef44, // n0x14a4 c0x0000 (---------------)  + I glas
-	0x0039ef45, // n0x14a5 c0x0000 (---------------)  + I glass
-	0x002a8705, // n0x14a6 c0x0000 (---------------)  + I gorge
-	0x0033454b, // n0x14a7 c0x0000 (---------------)  + I grandrapids
-	0x0038f9c4, // n0x14a8 c0x0000 (---------------)  + I graz
-	0x00266e08, // n0x14a9 c0x0000 (---------------)  + I guernsey
-	0x0029168a, // n0x14aa c0x0000 (---------------)  + I halloffame
-	0x0020ccc7, // n0x14ab c0x0000 (---------------)  + I hamburg
-	0x0031bbc7, // n0x14ac c0x0000 (---------------)  + I handson
-	0x0028b492, // n0x14ad c0x0000 (---------------)  + I harvestcelebration
-	0x0025cb86, // n0x14ae c0x0000 (---------------)  + I hawaii
-	0x0036b386, // n0x14af c0x0000 (---------------)  + I health
-	0x0030f8ce, // n0x14b0 c0x0000 (---------------)  + I heimatunduhren
-	0x0025fd86, // n0x14b1 c0x0000 (---------------)  + I hellas
-	0x0020ebc8, // n0x14b2 c0x0000 (---------------)  + I helsinki
-	0x00290d0f, // n0x14b3 c0x0000 (---------------)  + I hembygdsforbund
-	0x0039f388, // n0x14b4 c0x0000 (---------------)  + I heritage
-	0x0036d908, // n0x14b5 c0x0000 (---------------)  + I histoire
-	0x002fb8ca, // n0x14b6 c0x0000 (---------------)  + I historical
-	0x002fb8d1, // n0x14b7 c0x0000 (---------------)  + I historicalsociety
-	0x002a1f0e, // n0x14b8 c0x0000 (---------------)  + I historichouses
-	0x002567ca, // n0x14b9 c0x0000 (---------------)  + I historisch
-	0x002567cc, // n0x14ba c0x0000 (---------------)  + I historisches
-	0x00235687, // n0x14bb c0x0000 (---------------)  + I history
-	0x00235690, // n0x14bc c0x0000 (---------------)  + I historyofscience
-	0x00202188, // n0x14bd c0x0000 (---------------)  + I horology
-	0x002a2105, // n0x14be c0x0000 (---------------)  + I house
-	0x002aad4a, // n0x14bf c0x0000 (---------------)  + I humanities
-	0x00202ecc, // n0x14c0 c0x0000 (---------------)  + I illustration
-	0x002b44cd, // n0x14c1 c0x0000 (---------------)  + I imageandsound
-	0x002a3c46, // n0x14c2 c0x0000 (---------------)  + I indian
-	0x002a3c47, // n0x14c3 c0x0000 (---------------)  + I indiana
-	0x002a3c4c, // n0x14c4 c0x0000 (---------------)  + I indianapolis
-	0x002f120c, // n0x14c5 c0x0000 (---------------)  + I indianmarket
-	0x0024dd4c, // n0x14c6 c0x0000 (---------------)  + I intelligence
-	0x0028a0cb, // n0x14c7 c0x0000 (---------------)  + I interactive
-	0x002859c4, // n0x14c8 c0x0000 (---------------)  + I iraq
-	0x0021d504, // n0x14c9 c0x0000 (---------------)  + I iron
-	0x0034fb49, // n0x14ca c0x0000 (---------------)  + I isleofman
-	0x002c8ec7, // n0x14cb c0x0000 (---------------)  + I jamison
-	0x00266a49, // n0x14cc c0x0000 (---------------)  + I jefferson
-	0x00283549, // n0x14cd c0x0000 (---------------)  + I jerusalem
-	0x00360f47, // n0x14ce c0x0000 (---------------)  + I jewelry
-	0x00391f06, // n0x14cf c0x0000 (---------------)  + I jewish
-	0x00391f09, // n0x14d0 c0x0000 (---------------)  + I jewishart
-	0x00399f83, // n0x14d1 c0x0000 (---------------)  + I jfk
-	0x0033be4a, // n0x14d2 c0x0000 (---------------)  + I journalism
-	0x00355487, // n0x14d3 c0x0000 (---------------)  + I judaica
-	0x0027744b, // n0x14d4 c0x0000 (---------------)  + I judygarland
-	0x0035138a, // n0x14d5 c0x0000 (---------------)  + I juedisches
-	0x00242844, // n0x14d6 c0x0000 (---------------)  + I juif
-	0x00353546, // n0x14d7 c0x0000 (---------------)  + I karate
-	0x0027efc9, // n0x14d8 c0x0000 (---------------)  + I karikatur
-	0x0028cd44, // n0x14d9 c0x0000 (---------------)  + I kids
-	0x0020324a, // n0x14da c0x0000 (---------------)  + I koebenhavn
-	0x0036bd45, // n0x14db c0x0000 (---------------)  + I koeln
-	0x002b4d85, // n0x14dc c0x0000 (---------------)  + I kunst
-	0x002b4d8d, // n0x14dd c0x0000 (---------------)  + I kunstsammlung
-	0x002b50ce, // n0x14de c0x0000 (---------------)  + I kunstunddesign
-	0x00315585, // n0x14df c0x0000 (---------------)  + I labor
-	0x0038b2c6, // n0x14e0 c0x0000 (---------------)  + I labour
-	0x00247107, // n0x14e1 c0x0000 (---------------)  + I lajolla
-	0x002c990a, // n0x14e2 c0x0000 (---------------)  + I lancashire
-	0x00323506, // n0x14e3 c0x0000 (---------------)  + I landes
-	0x00359c44, // n0x14e4 c0x0000 (---------------)  + I lans
-	0x00359f87, // n0x14e5 c0x0000 (---------------)  + I larsson
-	0x002def0b, // n0x14e6 c0x0000 (---------------)  + I lewismiller
-	0x0022e787, // n0x14e7 c0x0000 (---------------)  + I lincoln
-	0x003a0f44, // n0x14e8 c0x0000 (---------------)  + I linz
-	0x002414c6, // n0x14e9 c0x0000 (---------------)  + I living
-	0x002414cd, // n0x14ea c0x0000 (---------------)  + I livinghistory
-	0x003571cc, // n0x14eb c0x0000 (---------------)  + I localhistory
-	0x00321906, // n0x14ec c0x0000 (---------------)  + I london
-	0x0031f68a, // n0x14ed c0x0000 (---------------)  + I losangeles
-	0x0022b6c6, // n0x14ee c0x0000 (---------------)  + I louvre
-	0x002a7e88, // n0x14ef c0x0000 (---------------)  + I loyalist
-	0x002e6147, // n0x14f0 c0x0000 (---------------)  + I lucerne
-	0x0023ca4a, // n0x14f1 c0x0000 (---------------)  + I luxembourg
-	0x0023dc86, // n0x14f2 c0x0000 (---------------)  + I luzern
-	0x00212f43, // n0x14f3 c0x0000 (---------------)  + I mad
-	0x00317146, // n0x14f4 c0x0000 (---------------)  + I madrid
-	0x00200188, // n0x14f5 c0x0000 (---------------)  + I mallorca
-	0x0029a80a, // n0x14f6 c0x0000 (---------------)  + I manchester
-	0x00251d47, // n0x14f7 c0x0000 (---------------)  + I mansion
-	0x00251d48, // n0x14f8 c0x0000 (---------------)  + I mansions
-	0x0026a704, // n0x14f9 c0x0000 (---------------)  + I manx
-	0x00278f07, // n0x14fa c0x0000 (---------------)  + I marburg
-	0x00269708, // n0x14fb c0x0000 (---------------)  + I maritime
-	0x002a3088, // n0x14fc c0x0000 (---------------)  + I maritimo
-	0x0025cd88, // n0x14fd c0x0000 (---------------)  + I maryland
-	0x002831ca, // n0x14fe c0x0000 (---------------)  + I marylhurst
-	0x003025c5, // n0x14ff c0x0000 (---------------)  + I media
-	0x0023ac87, // n0x1500 c0x0000 (---------------)  + I medical
-	0x00256613, // n0x1501 c0x0000 (---------------)  + I medizinhistorisches
-	0x00259146, // n0x1502 c0x0000 (---------------)  + I meeres
-	0x0026cf88, // n0x1503 c0x0000 (---------------)  + I memorial
-	0x002221c9, // n0x1504 c0x0000 (---------------)  + I mesaverde
-	0x002165c8, // n0x1505 c0x0000 (---------------)  + I michigan
-	0x0036e1cb, // n0x1506 c0x0000 (---------------)  + I midatlantic
-	0x002b8348, // n0x1507 c0x0000 (---------------)  + I military
-	0x00285244, // n0x1508 c0x0000 (---------------)  + I mill
-	0x00321106, // n0x1509 c0x0000 (---------------)  + I miners
-	0x003a5c46, // n0x150a c0x0000 (---------------)  + I mining
-	0x003058c9, // n0x150b c0x0000 (---------------)  + I minnesota
-	0x002bf847, // n0x150c c0x0000 (---------------)  + I missile
-	0x0025a0c8, // n0x150d c0x0000 (---------------)  + I missoula
-	0x003a1f86, // n0x150e c0x0000 (---------------)  + I modern
-	0x0037a084, // n0x150f c0x0000 (---------------)  + I moma
-	0x002c6d85, // n0x1510 c0x0000 (---------------)  + I money
-	0x002c1888, // n0x1511 c0x0000 (---------------)  + I monmouth
-	0x002c1fca, // n0x1512 c0x0000 (---------------)  + I monticello
-	0x002c2288, // n0x1513 c0x0000 (---------------)  + I montreal
-	0x002c74c6, // n0x1514 c0x0000 (---------------)  + I moscow
-	0x0029af0a, // n0x1515 c0x0000 (---------------)  + I motorcycle
-	0x002e6d88, // n0x1516 c0x0000 (---------------)  + I muenchen
-	0x002ca188, // n0x1517 c0x0000 (---------------)  + I muenster
-	0x002cb648, // n0x1518 c0x0000 (---------------)  + I mulhouse
-	0x002cc046, // n0x1519 c0x0000 (---------------)  + I muncie
-	0x002cfc06, // n0x151a c0x0000 (---------------)  + I museet
-	0x002ea80c, // n0x151b c0x0000 (---------------)  + I museumcenter
-	0x002d0110, // n0x151c c0x0000 (---------------)  + I museumvereniging
-	0x00283a85, // n0x151d c0x0000 (---------------)  + I music
-	0x00319548, // n0x151e c0x0000 (---------------)  + I national
-	0x00319550, // n0x151f c0x0000 (---------------)  + I nationalfirearms
-	0x0039f190, // n0x1520 c0x0000 (---------------)  + I nationalheritage
-	0x0027284e, // n0x1521 c0x0000 (---------------)  + I nativeamerican
-	0x002ea48e, // n0x1522 c0x0000 (---------------)  + I naturalhistory
-	0x002ea494, // n0x1523 c0x0000 (---------------)  + I naturalhistorymuseum
-	0x0031ad4f, // n0x1524 c0x0000 (---------------)  + I naturalsciences
-	0x0031b106, // n0x1525 c0x0000 (---------------)  + I nature
-	0x00325e11, // n0x1526 c0x0000 (---------------)  + I naturhistorisches
-	0x00327393, // n0x1527 c0x0000 (---------------)  + I natuurwetenschappen
-	0x00327808, // n0x1528 c0x0000 (---------------)  + I naumburg
-	0x0030f105, // n0x1529 c0x0000 (---------------)  + I naval
-	0x002d7f48, // n0x152a c0x0000 (---------------)  + I nebraska
-	0x002de045, // n0x152b c0x0000 (---------------)  + I neues
-	0x0022a34c, // n0x152c c0x0000 (---------------)  + I newhampshire
-	0x002aeb89, // n0x152d c0x0000 (---------------)  + I newjersey
-	0x00231bc9, // n0x152e c0x0000 (---------------)  + I newmexico
-	0x002460c7, // n0x152f c0x0000 (---------------)  + I newport
-	0x00221dc9, // n0x1530 c0x0000 (---------------)  + I newspaper
-	0x002ed0c7, // n0x1531 c0x0000 (---------------)  + I newyork
-	0x002a2646, // n0x1532 c0x0000 (---------------)  + I niepce
-	0x0037bd47, // n0x1533 c0x0000 (---------------)  + I norfolk
-	0x00239c45, // n0x1534 c0x0000 (---------------)  + I north
-	0x002b5e83, // n0x1535 c0x0000 (---------------)  + I nrw
-	0x002edec9, // n0x1536 c0x0000 (---------------)  + I nuernberg
-	0x003518c9, // n0x1537 c0x0000 (---------------)  + I nuremberg
-	0x0036ef83, // n0x1538 c0x0000 (---------------)  + I nyc
-	0x00215844, // n0x1539 c0x0000 (---------------)  + I nyny
-	0x0032154d, // n0x153a c0x0000 (---------------)  + I oceanographic
-	0x00200b0f, // n0x153b c0x0000 (---------------)  + I oceanographique
-	0x002fc505, // n0x153c c0x0000 (---------------)  + I omaha
-	0x003175c6, // n0x153d c0x0000 (---------------)  + I online
-	0x00200987, // n0x153e c0x0000 (---------------)  + I ontario
-	0x00358c87, // n0x153f c0x0000 (---------------)  + I openair
-	0x00287ec6, // n0x1540 c0x0000 (---------------)  + I oregon
-	0x00287ecb, // n0x1541 c0x0000 (---------------)  + I oregontrail
-	0x002a3605, // n0x1542 c0x0000 (---------------)  + I otago
-	0x0039bec6, // n0x1543 c0x0000 (---------------)  + I oxford
-	0x003909c7, // n0x1544 c0x0000 (---------------)  + I pacific
-	0x0026fec9, // n0x1545 c0x0000 (---------------)  + I paderborn
-	0x00322046, // n0x1546 c0x0000 (---------------)  + I palace
-	0x0020ac45, // n0x1547 c0x0000 (---------------)  + I paleo
-	0x0023a00b, // n0x1548 c0x0000 (---------------)  + I palmsprings
-	0x0025b986, // n0x1549 c0x0000 (---------------)  + I panama
-	0x00277905, // n0x154a c0x0000 (---------------)  + I paris
-	0x002b5648, // n0x154b c0x0000 (---------------)  + I pasadena
-	0x00375008, // n0x154c c0x0000 (---------------)  + I pharmacy
-	0x002d30cc, // n0x154d c0x0000 (---------------)  + I philadelphia
-	0x002d30d0, // n0x154e c0x0000 (---------------)  + I philadelphiaarea
-	0x002d3789, // n0x154f c0x0000 (---------------)  + I philately
-	0x002d3bc7, // n0x1550 c0x0000 (---------------)  + I phoenix
-	0x002d404b, // n0x1551 c0x0000 (---------------)  + I photography
-	0x002d6506, // n0x1552 c0x0000 (---------------)  + I pilots
-	0x002d750a, // n0x1553 c0x0000 (---------------)  + I pittsburgh
-	0x002d898b, // n0x1554 c0x0000 (---------------)  + I planetarium
-	0x002d8d8a, // n0x1555 c0x0000 (---------------)  + I plantation
-	0x002d9006, // n0x1556 c0x0000 (---------------)  + I plants
-	0x002db005, // n0x1557 c0x0000 (---------------)  + I plaza
-	0x002ec506, // n0x1558 c0x0000 (---------------)  + I portal
-	0x00279488, // n0x1559 c0x0000 (---------------)  + I portland
-	0x0024618a, // n0x155a c0x0000 (---------------)  + I portlligat
-	0x0035fe1c, // n0x155b c0x0000 (---------------)  + I posts-and-telecommunications
-	0x002e110c, // n0x155c c0x0000 (---------------)  + I preservation
-	0x002e1408, // n0x155d c0x0000 (---------------)  + I presidio
-	0x00247505, // n0x155e c0x0000 (---------------)  + I press
-	0x002e3107, // n0x155f c0x0000 (---------------)  + I project
-	0x0029f746, // n0x1560 c0x0000 (---------------)  + I public
-	0x0038dec5, // n0x1561 c0x0000 (---------------)  + I pubol
-	0x0021b906, // n0x1562 c0x0000 (---------------)  + I quebec
-	0x00288088, // n0x1563 c0x0000 (---------------)  + I railroad
-	0x002b3287, // n0x1564 c0x0000 (---------------)  + I railway
-	0x0029fa08, // n0x1565 c0x0000 (---------------)  + I research
-	0x002a6d4a, // n0x1566 c0x0000 (---------------)  + I resistance
-	0x0030864c, // n0x1567 c0x0000 (---------------)  + I riodejaneiro
-	0x003088c9, // n0x1568 c0x0000 (---------------)  + I rochester
-	0x0038e207, // n0x1569 c0x0000 (---------------)  + I rockart
-	0x00254584, // n0x156a c0x0000 (---------------)  + I roma
-	0x00252f86, // n0x156b c0x0000 (---------------)  + I russia
-	0x0036d48a, // n0x156c c0x0000 (---------------)  + I saintlouis
-	0x00283645, // n0x156d c0x0000 (---------------)  + I salem
-	0x0034504c, // n0x156e c0x0000 (---------------)  + I salvadordali
-	0x00345cc8, // n0x156f c0x0000 (---------------)  + I salzburg
-	0x0034a848, // n0x1570 c0x0000 (---------------)  + I sandiego
-	0x002004cc, // n0x1571 c0x0000 (---------------)  + I sanfrancisco
-	0x00210c8c, // n0x1572 c0x0000 (---------------)  + I santabarbara
-	0x00211189, // n0x1573 c0x0000 (---------------)  + I santacruz
-	0x002113c7, // n0x1574 c0x0000 (---------------)  + I santafe
-	0x0033d48c, // n0x1575 c0x0000 (---------------)  + I saskatchewan
-	0x003897c4, // n0x1576 c0x0000 (---------------)  + I satx
-	0x00232b4a, // n0x1577 c0x0000 (---------------)  + I savannahga
-	0x0028d04c, // n0x1578 c0x0000 (---------------)  + I schlesisches
-	0x0027104b, // n0x1579 c0x0000 (---------------)  + I schoenbrunn
-	0x0023758b, // n0x157a c0x0000 (---------------)  + I schokoladen
-	0x0023d0c6, // n0x157b c0x0000 (---------------)  + I school
-	0x00243147, // n0x157c c0x0000 (---------------)  + I schweiz
-	0x002358c7, // n0x157d c0x0000 (---------------)  + I science
-	0x002358cf, // n0x157e c0x0000 (---------------)  + I science-fiction
-	0x002f1b51, // n0x157f c0x0000 (---------------)  + I scienceandhistory
-	0x0039e252, // n0x1580 c0x0000 (---------------)  + I scienceandindustry
-	0x0024410d, // n0x1581 c0x0000 (---------------)  + I sciencecenter
-	0x0024410e, // n0x1582 c0x0000 (---------------)  + I sciencecenters
-	0x0024444e, // n0x1583 c0x0000 (---------------)  + I sciencehistory
-	0x0031af08, // n0x1584 c0x0000 (---------------)  + I sciences
-	0x0031af12, // n0x1585 c0x0000 (---------------)  + I sciencesnaturelles
-	0x00200708, // n0x1586 c0x0000 (---------------)  + I scotland
-	0x002fa9c7, // n0x1587 c0x0000 (---------------)  + I seaport
-	0x0024f98a, // n0x1588 c0x0000 (---------------)  + I settlement
-	0x00219c08, // n0x1589 c0x0000 (---------------)  + I settlers
-	0x0025fd45, // n0x158a c0x0000 (---------------)  + I shell
-	0x0035cc4a, // n0x158b c0x0000 (---------------)  + I sherbrooke
-	0x0021d987, // n0x158c c0x0000 (---------------)  + I sibenik
-	0x00341f84, // n0x158d c0x0000 (---------------)  + I silk
-	0x00209743, // n0x158e c0x0000 (---------------)  + I ski
-	0x00296cc5, // n0x158f c0x0000 (---------------)  + I skole
-	0x002fbb47, // n0x1590 c0x0000 (---------------)  + I society
-	0x002f9607, // n0x1591 c0x0000 (---------------)  + I sologne
-	0x002b46ce, // n0x1592 c0x0000 (---------------)  + I soundandvision
-	0x0032bd4d, // n0x1593 c0x0000 (---------------)  + I southcarolina
-	0x0032e849, // n0x1594 c0x0000 (---------------)  + I southwest
-	0x0020bb45, // n0x1595 c0x0000 (---------------)  + I space
-	0x003347c3, // n0x1596 c0x0000 (---------------)  + I spy
-	0x0027a346, // n0x1597 c0x0000 (---------------)  + I square
-	0x003643c5, // n0x1598 c0x0000 (---------------)  + I stadt
-	0x0027b148, // n0x1599 c0x0000 (---------------)  + I stalbans
-	0x00323f89, // n0x159a c0x0000 (---------------)  + I starnberg
-	0x0020f205, // n0x159b c0x0000 (---------------)  + I state
-	0x0033678f, // n0x159c c0x0000 (---------------)  + I stateofdelaware
-	0x00254e87, // n0x159d c0x0000 (---------------)  + I station
-	0x003674c5, // n0x159e c0x0000 (---------------)  + I steam
-	0x00227c0a, // n0x159f c0x0000 (---------------)  + I steiermark
-	0x00303b86, // n0x15a0 c0x0000 (---------------)  + I stjohn
-	0x002a8009, // n0x15a1 c0x0000 (---------------)  + I stockholm
-	0x002e71cc, // n0x15a2 c0x0000 (---------------)  + I stpetersburg
-	0x002e8989, // n0x15a3 c0x0000 (---------------)  + I stuttgart
-	0x00206706, // n0x15a4 c0x0000 (---------------)  + I suisse
-	0x0029148c, // n0x15a5 c0x0000 (---------------)  + I surgeonshall
-	0x002e91c6, // n0x15a6 c0x0000 (---------------)  + I surrey
-	0x002f0688, // n0x15a7 c0x0000 (---------------)  + I svizzera
-	0x002f0886, // n0x15a8 c0x0000 (---------------)  + I sweden
-	0x00329bc6, // n0x15a9 c0x0000 (---------------)  + I sydney
-	0x002294c4, // n0x15aa c0x0000 (---------------)  + I tank
-	0x0025d103, // n0x15ab c0x0000 (---------------)  + I tcm
-	0x002d608a, // n0x15ac c0x0000 (---------------)  + I technology
-	0x0031d2d1, // n0x15ad c0x0000 (---------------)  + I telekommunikation
-	0x002b5c4a, // n0x15ae c0x0000 (---------------)  + I television
-	0x0034d1c5, // n0x15af c0x0000 (---------------)  + I texas
-	0x003844c7, // n0x15b0 c0x0000 (---------------)  + I textile
-	0x002573c7, // n0x15b1 c0x0000 (---------------)  + I theater
-	0x00269804, // n0x15b2 c0x0000 (---------------)  + I time
-	0x0026980b, // n0x15b3 c0x0000 (---------------)  + I timekeeping
-	0x00208088, // n0x15b4 c0x0000 (---------------)  + I topology
-	0x002b1946, // n0x15b5 c0x0000 (---------------)  + I torino
-	0x00311cc5, // n0x15b6 c0x0000 (---------------)  + I touch
-	0x002dc244, // n0x15b7 c0x0000 (---------------)  + I town
-	0x00294809, // n0x15b8 c0x0000 (---------------)  + I transport
-	0x00355f84, // n0x15b9 c0x0000 (---------------)  + I tree
-	0x00359147, // n0x15ba c0x0000 (---------------)  + I trolley
-	0x00329245, // n0x15bb c0x0000 (---------------)  + I trust
-	0x00329247, // n0x15bc c0x0000 (---------------)  + I trustee
-	0x0030fb05, // n0x15bd c0x0000 (---------------)  + I uhren
-	0x00253643, // n0x15be c0x0000 (---------------)  + I ulm
-	0x002fa888, // n0x15bf c0x0000 (---------------)  + I undersea
-	0x00320a0a, // n0x15c0 c0x0000 (---------------)  + I university
-	0x0022b983, // n0x15c1 c0x0000 (---------------)  + I usa
-	0x0022b98a, // n0x15c2 c0x0000 (---------------)  + I usantiques
-	0x0028db46, // n0x15c3 c0x0000 (---------------)  + I usarts
-	0x0033650f, // n0x15c4 c0x0000 (---------------)  + I uscountryestate
-	0x00337d89, // n0x15c5 c0x0000 (---------------)  + I usculture
-	0x0025f990, // n0x15c6 c0x0000 (---------------)  + I usdecorativearts
-	0x0026d6c8, // n0x15c7 c0x0000 (---------------)  + I usgarden
-	0x002c7d49, // n0x15c8 c0x0000 (---------------)  + I ushistory
-	0x0029ca87, // n0x15c9 c0x0000 (---------------)  + I ushuaia
-	0x0024144f, // n0x15ca c0x0000 (---------------)  + I uslivinghistory
-	0x002e84c4, // n0x15cb c0x0000 (---------------)  + I utah
-	0x0033d844, // n0x15cc c0x0000 (---------------)  + I uvic
-	0x00217106, // n0x15cd c0x0000 (---------------)  + I valley
-	0x00236b46, // n0x15ce c0x0000 (---------------)  + I vantaa
-	0x0031504a, // n0x15cf c0x0000 (---------------)  + I versailles
-	0x00311a06, // n0x15d0 c0x0000 (---------------)  + I viking
-	0x002f8f47, // n0x15d1 c0x0000 (---------------)  + I village
-	0x002f7e88, // n0x15d2 c0x0000 (---------------)  + I virginia
-	0x002f8087, // n0x15d3 c0x0000 (---------------)  + I virtual
-	0x002f8247, // n0x15d4 c0x0000 (---------------)  + I virtuel
-	0x0034710a, // n0x15d5 c0x0000 (---------------)  + I vlaanderen
-	0x002fa6cb, // n0x15d6 c0x0000 (---------------)  + I volkenkunde
-	0x00320685, // n0x15d7 c0x0000 (---------------)  + I wales
-	0x0039de88, // n0x15d8 c0x0000 (---------------)  + I wallonie
-	0x00203903, // n0x15d9 c0x0000 (---------------)  + I war
-	0x0023efcc, // n0x15da c0x0000 (---------------)  + I washingtondc
-	0x00376c4f, // n0x15db c0x0000 (---------------)  + I watch-and-clock
-	0x002aca4d, // n0x15dc c0x0000 (---------------)  + I watchandclock
-	0x0023d987, // n0x15dd c0x0000 (---------------)  + I western
-	0x0032e989, // n0x15de c0x0000 (---------------)  + I westfalen
-	0x002b5f07, // n0x15df c0x0000 (---------------)  + I whaling
-	0x00253bc8, // n0x15e0 c0x0000 (---------------)  + I wildlife
-	0x0023264c, // n0x15e1 c0x0000 (---------------)  + I williamsburg
-	0x00285148, // n0x15e2 c0x0000 (---------------)  + I windmill
-	0x00351f08, // n0x15e3 c0x0000 (---------------)  + I workshop
-	0x0030cb8e, // n0x15e4 c0x0000 (---------------)  + I xn--9dbhblg6di
-	0x0031d714, // n0x15e5 c0x0000 (---------------)  + I xn--comunicaes-v6a2o
-	0x0031dc24, // n0x15e6 c0x0000 (---------------)  + I xn--correios-e-telecomunicaes-ghc29a
-	0x0033b8ca, // n0x15e7 c0x0000 (---------------)  + I xn--h1aegh
-	0x0035a14b, // n0x15e8 c0x0000 (---------------)  + I xn--lns-qla
-	0x002ed184, // n0x15e9 c0x0000 (---------------)  + I york
-	0x002ed189, // n0x15ea c0x0000 (---------------)  + I yorkshire
-	0x002aab48, // n0x15eb c0x0000 (---------------)  + I yosemite
-	0x0024b0c5, // n0x15ec c0x0000 (---------------)  + I youth
-	0x002ed80a, // n0x15ed c0x0000 (---------------)  + I zoological
-	0x0027a507, // n0x15ee c0x0000 (---------------)  + I zoology
-	0x002389c4, // n0x15ef c0x0000 (---------------)  + I aero
-	0x00330b83, // n0x15f0 c0x0000 (---------------)  + I biz
-	0x00233503, // n0x15f1 c0x0000 (---------------)  + I com
-	0x0023d684, // n0x15f2 c0x0000 (---------------)  + I coop
-	0x0023a783, // n0x15f3 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x15f4 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x15f5 c0x0000 (---------------)  + I info
-	0x00201603, // n0x15f6 c0x0000 (---------------)  + I int
-	0x00209003, // n0x15f7 c0x0000 (---------------)  + I mil
-	0x002d0106, // n0x15f8 c0x0000 (---------------)  + I museum
-	0x00205284, // n0x15f9 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x15fa c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x15fb c0x0000 (---------------)  + I org
-	0x00220e43, // n0x15fc c0x0000 (---------------)  + I pro
-	0x00201542, // n0x15fd c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x15fe c0x0000 (---------------)  + I biz
-	0x00200742, // n0x15ff c0x0000 (---------------)  + I co
-	0x00233503, // n0x1600 c0x0000 (---------------)  + I com
-	0x0023d684, // n0x1601 c0x0000 (---------------)  + I coop
-	0x0023a783, // n0x1602 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1603 c0x0000 (---------------)  + I gov
-	0x00201603, // n0x1604 c0x0000 (---------------)  + I int
-	0x002d0106, // n0x1605 c0x0000 (---------------)  + I museum
-	0x0021fe03, // n0x1606 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1607 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x1608 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1609 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x160a c0x0000 (---------------)  + I edu
-	0x00213183, // n0x160b c0x0000 (---------------)  + I gob
-	0x0021fe03, // n0x160c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x160d c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x160e c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x160f c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1610 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1611 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1612 c0x0000 (---------------)  + I mil
-	0x00205284, // n0x1613 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x1614 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1615 c0x0000 (---------------)  + I org
-	0x0062f7c8, // n0x1616 c0x0001 (---------------)  ! I teledata
-	0x00200302, // n0x1617 c0x0000 (---------------)  + I ca
-	0x0022e182, // n0x1618 c0x0000 (---------------)  + I cc
-	0x00200742, // n0x1619 c0x0000 (---------------)  + I co
-	0x00233503, // n0x161a c0x0000 (---------------)  + I com
-	0x0022bf42, // n0x161b c0x0000 (---------------)  + I dr
-	0x002013c2, // n0x161c c0x0000 (---------------)  + I in
-	0x003a1244, // n0x161d c0x0000 (---------------)  + I info
-	0x00207104, // n0x161e c0x0000 (---------------)  + I mobi
-	0x0021bb02, // n0x161f c0x0000 (---------------)  + I mx
-	0x00205284, // n0x1620 c0x0000 (---------------)  + I name
-	0x00200282, // n0x1621 c0x0000 (---------------)  + I or
-	0x0022d1c3, // n0x1622 c0x0000 (---------------)  + I org
-	0x00220e43, // n0x1623 c0x0000 (---------------)  + I pro
-	0x0023d0c6, // n0x1624 c0x0000 (---------------)  + I school
-	0x00224e42, // n0x1625 c0x0000 (---------------)  + I tv
-	0x00202382, // n0x1626 c0x0000 (---------------)  + I us
-	0x0020b942, // n0x1627 c0x0000 (---------------)  + I ws
-	0x38e22103, // n0x1628 c0x00e3 (n0x162a-n0x162b)  o I her
-	0x39218ac3, // n0x1629 c0x00e4 (n0x162b-n0x162c)  o I his
-	0x00057c46, // n0x162a c0x0000 (---------------)  +   forgot
-	0x00057c46, // n0x162b c0x0000 (---------------)  +   forgot
-	0x002d4884, // n0x162c c0x0000 (---------------)  + I asso
-	0x00116c0c, // n0x162d c0x0000 (---------------)  +   at-band-camp
-	0x0001be0c, // n0x162e c0x0000 (---------------)  +   azure-mobile
-	0x00080ecd, // n0x162f c0x0000 (---------------)  +   azurewebsites
-	0x000fb147, // n0x1630 c0x0000 (---------------)  +   blogdns
-	0x00020208, // n0x1631 c0x0000 (---------------)  +   broke-it
-	0x0019898a, // n0x1632 c0x0000 (---------------)  +   buyshouses
-	0x39e3e2c5, // n0x1633 c0x00e7 (n0x1663-n0x1664)  o I cdn77
-	0x0003e2c9, // n0x1634 c0x0000 (---------------)  +   cdn77-ssl
-	0x00009188, // n0x1635 c0x0000 (---------------)  +   cloudapp
-	0x0019d4ca, // n0x1636 c0x0000 (---------------)  +   cloudfront
-	0x0003118e, // n0x1637 c0x0000 (---------------)  +   cloudfunctions
-	0x0014c048, // n0x1638 c0x0000 (---------------)  +   dnsalias
-	0x0007c9c7, // n0x1639 c0x0000 (---------------)  +   dnsdojo
-	0x00160607, // n0x163a c0x0000 (---------------)  +   does-it
-	0x0016a009, // n0x163b c0x0000 (---------------)  +   dontexist
-	0x0008cdc7, // n0x163c c0x0000 (---------------)  +   dsmynas
-	0x00197b48, // n0x163d c0x0000 (---------------)  +   dynalias
-	0x000e9d09, // n0x163e c0x0000 (---------------)  +   dynathome
-	0x001a46c5, // n0x163f c0x0000 (---------------)  +   dynv6
-	0x000a950d, // n0x1640 c0x0000 (---------------)  +   endofinternet
-	0x00008f88, // n0x1641 c0x0000 (---------------)  +   familyds
-	0x3a24c206, // n0x1642 c0x00e8 (n0x1664-n0x1666)  o I fastly
-	0x00064447, // n0x1643 c0x0000 (---------------)  +   from-az
-	0x00065a47, // n0x1644 c0x0000 (---------------)  +   from-co
-	0x0006a1c7, // n0x1645 c0x0000 (---------------)  +   from-la
-	0x0006f3c7, // n0x1646 c0x0000 (---------------)  +   from-ny
-	0x0000d202, // n0x1647 c0x0000 (---------------)  +   gb
-	0x00157907, // n0x1648 c0x0000 (---------------)  +   gets-it
-	0x00064a8c, // n0x1649 c0x0000 (---------------)  +   ham-radio-op
-	0x00146347, // n0x164a c0x0000 (---------------)  +   homeftp
-	0x000a51c6, // n0x164b c0x0000 (---------------)  +   homeip
-	0x000a59c9, // n0x164c c0x0000 (---------------)  +   homelinux
-	0x000a6fc8, // n0x164d c0x0000 (---------------)  +   homeunix
-	0x000195c2, // n0x164e c0x0000 (---------------)  +   hu
-	0x000013c2, // n0x164f c0x0000 (---------------)  +   in
-	0x00007b0b, // n0x1650 c0x0000 (---------------)  +   in-the-band
-	0x00012789, // n0x1651 c0x0000 (---------------)  +   is-a-chef
-	0x0004e989, // n0x1652 c0x0000 (---------------)  +   is-a-geek
-	0x0008e588, // n0x1653 c0x0000 (---------------)  +   isa-geek
-	0x000ae3c2, // n0x1654 c0x0000 (---------------)  +   jp
-	0x00150c09, // n0x1655 c0x0000 (---------------)  +   kicks-ass
-	0x0002168d, // n0x1656 c0x0000 (---------------)  +   office-on-the
-	0x000dcd47, // n0x1657 c0x0000 (---------------)  +   podzone
-	0x000ecb08, // n0x1658 c0x0000 (---------------)  +   rackmaze
-	0x001376cd, // n0x1659 c0x0000 (---------------)  +   scrapper-site
-	0x000046c2, // n0x165a c0x0000 (---------------)  +   se
-	0x0006ba86, // n0x165b c0x0000 (---------------)  +   selfip
-	0x00090208, // n0x165c c0x0000 (---------------)  +   sells-it
-	0x000cb7c8, // n0x165d c0x0000 (---------------)  +   servebbs
-	0x000895c8, // n0x165e c0x0000 (---------------)  +   serveftp
-	0x00054088, // n0x165f c0x0000 (---------------)  +   thruhere
-	0x00000f82, // n0x1660 c0x0000 (---------------)  +   uk
-	0x000eadc6, // n0x1661 c0x0000 (---------------)  +   webhop
-	0x00005f82, // n0x1662 c0x0000 (---------------)  +   za
-	0x000002c1, // n0x1663 c0x0000 (---------------)  +   r
-	0x3a6e2044, // n0x1664 c0x00e9 (n0x1666-n0x1668)  o I prod
-	0x3aa3e443, // n0x1665 c0x00ea (n0x1668-n0x166b)  o I ssl
-	0x00000101, // n0x1666 c0x0000 (---------------)  +   a
-	0x0000d846, // n0x1667 c0x0000 (---------------)  +   global
-	0x00000101, // n0x1668 c0x0000 (---------------)  +   a
-	0x00000001, // n0x1669 c0x0000 (---------------)  +   b
-	0x0000d846, // n0x166a c0x0000 (---------------)  +   global
-	0x0024bf84, // n0x166b c0x0000 (---------------)  + I arts
-	0x00233503, // n0x166c c0x0000 (---------------)  + I com
-	0x0024d9c4, // n0x166d c0x0000 (---------------)  + I firm
-	0x003a1244, // n0x166e c0x0000 (---------------)  + I info
-	0x0021fe03, // n0x166f c0x0000 (---------------)  + I net
-	0x00222085, // n0x1670 c0x0000 (---------------)  + I other
-	0x00220f03, // n0x1671 c0x0000 (---------------)  + I per
-	0x0022a5c3, // n0x1672 c0x0000 (---------------)  + I rec
-	0x00391185, // n0x1673 c0x0000 (---------------)  + I store
-	0x00221a03, // n0x1674 c0x0000 (---------------)  + I web
-	0x3b633503, // n0x1675 c0x00ed (n0x167f-n0x1680)  + I com
-	0x0023a783, // n0x1676 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1677 c0x0000 (---------------)  + I gov
-	0x00200041, // n0x1678 c0x0000 (---------------)  + I i
-	0x00209003, // n0x1679 c0x0000 (---------------)  + I mil
-	0x00207104, // n0x167a c0x0000 (---------------)  + I mobi
-	0x00205284, // n0x167b c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x167c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x167d c0x0000 (---------------)  + I org
-	0x00217443, // n0x167e c0x0000 (---------------)  + I sch
-	0x000ffa08, // n0x167f c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x1680 c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x1681 c0x0000 (---------------)  + I biz
-	0x00200742, // n0x1682 c0x0000 (---------------)  + I co
-	0x00233503, // n0x1683 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1684 c0x0000 (---------------)  + I edu
-	0x00213183, // n0x1685 c0x0000 (---------------)  + I gob
-	0x002013c2, // n0x1686 c0x0000 (---------------)  + I in
-	0x003a1244, // n0x1687 c0x0000 (---------------)  + I info
-	0x00201603, // n0x1688 c0x0000 (---------------)  + I int
-	0x00209003, // n0x1689 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x168a c0x0000 (---------------)  + I net
-	0x00201483, // n0x168b c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x168c c0x0000 (---------------)  + I org
-	0x00221a03, // n0x168d c0x0000 (---------------)  + I web
-	0x000ffa08, // n0x168e c0x0000 (---------------)  +   blogspot
-	0x00365782, // n0x168f c0x0000 (---------------)  + I bv
-	0x00000742, // n0x1690 c0x0000 (---------------)  +   co
-	0x3c622f02, // n0x1691 c0x00f1 (n0x1967-n0x1968)  + I aa
-	0x00355648, // n0x1692 c0x0000 (---------------)  + I aarborte
-	0x00223386, // n0x1693 c0x0000 (---------------)  + I aejrie
-	0x002bb486, // n0x1694 c0x0000 (---------------)  + I afjord
-	0x00222d07, // n0x1695 c0x0000 (---------------)  + I agdenes
-	0x3ca04f02, // n0x1696 c0x00f2 (n0x1968-n0x1969)  + I ah
-	0x3cf7c888, // n0x1697 c0x00f3 (n0x1969-n0x196a)  o I akershus
-	0x00354a4a, // n0x1698 c0x0000 (---------------)  + I aknoluokta
-	0x00263ec8, // n0x1699 c0x0000 (---------------)  + I akrehamn
-	0x002001c2, // n0x169a c0x0000 (---------------)  + I al
-	0x003552c9, // n0x169b c0x0000 (---------------)  + I alaheadju
-	0x003206c7, // n0x169c c0x0000 (---------------)  + I alesund
-	0x00219046, // n0x169d c0x0000 (---------------)  + I algard
-	0x00204e09, // n0x169e c0x0000 (---------------)  + I alstahaug
-	0x0023adc4, // n0x169f c0x0000 (---------------)  + I alta
-	0x002bbf06, // n0x16a0 c0x0000 (---------------)  + I alvdal
-	0x002bb884, // n0x16a1 c0x0000 (---------------)  + I amli
-	0x00278604, // n0x16a2 c0x0000 (---------------)  + I amot
-	0x00259c09, // n0x16a3 c0x0000 (---------------)  + I andasuolo
-	0x0022c086, // n0x16a4 c0x0000 (---------------)  + I andebu
-	0x00259645, // n0x16a5 c0x0000 (---------------)  + I andoy
-	0x00267dc5, // n0x16a6 c0x0000 (---------------)  + I ardal
-	0x00234b07, // n0x16a7 c0x0000 (---------------)  + I aremark
-	0x002b87c7, // n0x16a8 c0x0000 (---------------)  + I arendal
-	0x0032fec4, // n0x16a9 c0x0000 (---------------)  + I arna
-	0x00222f46, // n0x16aa c0x0000 (---------------)  + I aseral
-	0x002e2b85, // n0x16ab c0x0000 (---------------)  + I asker
-	0x00230345, // n0x16ac c0x0000 (---------------)  + I askim
-	0x002f58c5, // n0x16ad c0x0000 (---------------)  + I askoy
-	0x00389107, // n0x16ae c0x0000 (---------------)  + I askvoll
-	0x00331105, // n0x16af c0x0000 (---------------)  + I asnes
-	0x00309f89, // n0x16b0 c0x0000 (---------------)  + I audnedaln
-	0x00255485, // n0x16b1 c0x0000 (---------------)  + I aukra
-	0x002fadc4, // n0x16b2 c0x0000 (---------------)  + I aure
-	0x00323447, // n0x16b3 c0x0000 (---------------)  + I aurland
-	0x0025de0e, // n0x16b4 c0x0000 (---------------)  + I aurskog-holand
-	0x00272489, // n0x16b5 c0x0000 (---------------)  + I austevoll
-	0x0030f789, // n0x16b6 c0x0000 (---------------)  + I austrheim
-	0x00326bc6, // n0x16b7 c0x0000 (---------------)  + I averoy
-	0x002f2388, // n0x16b8 c0x0000 (---------------)  + I badaddja
-	0x002ade0b, // n0x16b9 c0x0000 (---------------)  + I bahcavuotna
-	0x002d13cc, // n0x16ba c0x0000 (---------------)  + I bahccavuotna
-	0x0026a446, // n0x16bb c0x0000 (---------------)  + I baidar
-	0x00372147, // n0x16bc c0x0000 (---------------)  + I bajddar
-	0x0025ef05, // n0x16bd c0x0000 (---------------)  + I balat
-	0x00228a8a, // n0x16be c0x0000 (---------------)  + I balestrand
-	0x00306f89, // n0x16bf c0x0000 (---------------)  + I ballangen
-	0x00254b89, // n0x16c0 c0x0000 (---------------)  + I balsfjord
-	0x00271906, // n0x16c1 c0x0000 (---------------)  + I bamble
-	0x002ef785, // n0x16c2 c0x0000 (---------------)  + I bardu
-	0x0027f705, // n0x16c3 c0x0000 (---------------)  + I barum
-	0x00354549, // n0x16c4 c0x0000 (---------------)  + I batsfjord
-	0x002f5a4b, // n0x16c5 c0x0000 (---------------)  + I bearalvahki
-	0x0027c686, // n0x16c6 c0x0000 (---------------)  + I beardu
-	0x0032e046, // n0x16c7 c0x0000 (---------------)  + I beiarn
-	0x0020d144, // n0x16c8 c0x0000 (---------------)  + I berg
-	0x0028b146, // n0x16c9 c0x0000 (---------------)  + I bergen
-	0x003223c8, // n0x16ca c0x0000 (---------------)  + I berlevag
-	0x00200006, // n0x16cb c0x0000 (---------------)  + I bievat
-	0x00398d86, // n0x16cc c0x0000 (---------------)  + I bindal
-	0x002054c8, // n0x16cd c0x0000 (---------------)  + I birkenes
-	0x00206507, // n0x16ce c0x0000 (---------------)  + I bjarkoy
-	0x00206ec9, // n0x16cf c0x0000 (---------------)  + I bjerkreim
-	0x0020c285, // n0x16d0 c0x0000 (---------------)  + I bjugn
-	0x000ffa08, // n0x16d1 c0x0000 (---------------)  +   blogspot
-	0x00213204, // n0x16d2 c0x0000 (---------------)  + I bodo
-	0x003a4004, // n0x16d3 c0x0000 (---------------)  + I bokn
-	0x00210ac5, // n0x16d4 c0x0000 (---------------)  + I bomlo
-	0x0038c589, // n0x16d5 c0x0000 (---------------)  + I bremanger
-	0x00221247, // n0x16d6 c0x0000 (---------------)  + I bronnoy
-	0x0022124b, // n0x16d7 c0x0000 (---------------)  + I bronnoysund
-	0x0022260a, // n0x16d8 c0x0000 (---------------)  + I brumunddal
-	0x00228785, // n0x16d9 c0x0000 (---------------)  + I bryne
-	0x3d208642, // n0x16da c0x00f4 (n0x196a-n0x196b)  + I bu
-	0x00351247, // n0x16db c0x0000 (---------------)  + I budejju
-	0x3d62a108, // n0x16dc c0x00f5 (n0x196b-n0x196c)  o I buskerud
-	0x002b8007, // n0x16dd c0x0000 (---------------)  + I bygland
-	0x0022c3c5, // n0x16de c0x0000 (---------------)  + I bykle
-	0x00356fca, // n0x16df c0x0000 (---------------)  + I cahcesuolo
-	0x00000742, // n0x16e0 c0x0000 (---------------)  +   co
-	0x002b70cb, // n0x16e1 c0x0000 (---------------)  + I davvenjarga
-	0x0021490a, // n0x16e2 c0x0000 (---------------)  + I davvesiida
-	0x0039c006, // n0x16e3 c0x0000 (---------------)  + I deatnu
-	0x00274143, // n0x16e4 c0x0000 (---------------)  + I dep
-	0x002381cd, // n0x16e5 c0x0000 (---------------)  + I dielddanuorri
-	0x00271f0c, // n0x16e6 c0x0000 (---------------)  + I divtasvuodna
-	0x003079cd, // n0x16e7 c0x0000 (---------------)  + I divttasvuotna
-	0x00365c05, // n0x16e8 c0x0000 (---------------)  + I donna
-	0x00243885, // n0x16e9 c0x0000 (---------------)  + I dovre
-	0x002edd47, // n0x16ea c0x0000 (---------------)  + I drammen
-	0x003458c9, // n0x16eb c0x0000 (---------------)  + I drangedal
-	0x00354946, // n0x16ec c0x0000 (---------------)  + I drobak
-	0x00311885, // n0x16ed c0x0000 (---------------)  + I dyroy
-	0x0022e2c8, // n0x16ee c0x0000 (---------------)  + I egersund
-	0x0028b043, // n0x16ef c0x0000 (---------------)  + I eid
-	0x003116c8, // n0x16f0 c0x0000 (---------------)  + I eidfjord
-	0x0028b048, // n0x16f1 c0x0000 (---------------)  + I eidsberg
-	0x002bce07, // n0x16f2 c0x0000 (---------------)  + I eidskog
-	0x002d8248, // n0x16f3 c0x0000 (---------------)  + I eidsvoll
-	0x003a6609, // n0x16f4 c0x0000 (---------------)  + I eigersund
-	0x0023c547, // n0x16f5 c0x0000 (---------------)  + I elverum
-	0x00209807, // n0x16f6 c0x0000 (---------------)  + I enebakk
-	0x00279a48, // n0x16f7 c0x0000 (---------------)  + I engerdal
-	0x002fecc4, // n0x16f8 c0x0000 (---------------)  + I etne
-	0x002fecc7, // n0x16f9 c0x0000 (---------------)  + I etnedal
-	0x00251f48, // n0x16fa c0x0000 (---------------)  + I evenassi
-	0x00202b46, // n0x16fb c0x0000 (---------------)  + I evenes
-	0x003a03cf, // n0x16fc c0x0000 (---------------)  + I evje-og-hornnes
-	0x00212987, // n0x16fd c0x0000 (---------------)  + I farsund
-	0x0024cc06, // n0x16fe c0x0000 (---------------)  + I fauske
-	0x002d77c5, // n0x16ff c0x0000 (---------------)  + I fedje
-	0x002159c3, // n0x1700 c0x0000 (---------------)  + I fet
-	0x0034b7c7, // n0x1701 c0x0000 (---------------)  + I fetsund
-	0x0023f343, // n0x1702 c0x0000 (---------------)  + I fhs
-	0x0024c546, // n0x1703 c0x0000 (---------------)  + I finnoy
-	0x0024f086, // n0x1704 c0x0000 (---------------)  + I fitjar
-	0x00250506, // n0x1705 c0x0000 (---------------)  + I fjaler
-	0x0028f845, // n0x1706 c0x0000 (---------------)  + I fjell
-	0x00267683, // n0x1707 c0x0000 (---------------)  + I fla
-	0x00380648, // n0x1708 c0x0000 (---------------)  + I flakstad
-	0x0036ce89, // n0x1709 c0x0000 (---------------)  + I flatanger
-	0x00364c8b, // n0x170a c0x0000 (---------------)  + I flekkefjord
-	0x00377308, // n0x170b c0x0000 (---------------)  + I flesberg
-	0x00252605, // n0x170c c0x0000 (---------------)  + I flora
-	0x00253105, // n0x170d c0x0000 (---------------)  + I floro
-	0x3da42902, // n0x170e c0x00f6 (n0x196c-n0x196d)  + I fm
-	0x0037be09, // n0x170f c0x0000 (---------------)  + I folkebibl
-	0x002558c7, // n0x1710 c0x0000 (---------------)  + I folldal
-	0x0039bf45, // n0x1711 c0x0000 (---------------)  + I forde
-	0x00259b07, // n0x1712 c0x0000 (---------------)  + I forsand
-	0x0025b746, // n0x1713 c0x0000 (---------------)  + I fosnes
-	0x0035dfc5, // n0x1714 c0x0000 (---------------)  + I frana
-	0x0036420b, // n0x1715 c0x0000 (---------------)  + I fredrikstad
-	0x0025c484, // n0x1716 c0x0000 (---------------)  + I frei
-	0x00263a85, // n0x1717 c0x0000 (---------------)  + I frogn
-	0x00263bc7, // n0x1718 c0x0000 (---------------)  + I froland
-	0x00276a06, // n0x1719 c0x0000 (---------------)  + I frosta
-	0x00276e45, // n0x171a c0x0000 (---------------)  + I froya
-	0x00283e87, // n0x171b c0x0000 (---------------)  + I fuoisku
-	0x00284ec7, // n0x171c c0x0000 (---------------)  + I fuossko
-	0x0028db04, // n0x171d c0x0000 (---------------)  + I fusa
-	0x00288cca, // n0x171e c0x0000 (---------------)  + I fylkesbibl
-	0x00289188, // n0x171f c0x0000 (---------------)  + I fyresdal
-	0x002cdcc9, // n0x1720 c0x0000 (---------------)  + I gaivuotna
-	0x0021dd45, // n0x1721 c0x0000 (---------------)  + I galsa
-	0x002b7306, // n0x1722 c0x0000 (---------------)  + I gamvik
-	0x0032258a, // n0x1723 c0x0000 (---------------)  + I gangaviika
-	0x00267cc6, // n0x1724 c0x0000 (---------------)  + I gaular
-	0x002b6187, // n0x1725 c0x0000 (---------------)  + I gausdal
-	0x002cd98d, // n0x1726 c0x0000 (---------------)  + I giehtavuoatna
-	0x00226cc9, // n0x1727 c0x0000 (---------------)  + I gildeskal
-	0x00328b05, // n0x1728 c0x0000 (---------------)  + I giske
-	0x00310047, // n0x1729 c0x0000 (---------------)  + I gjemnes
-	0x003279c8, // n0x172a c0x0000 (---------------)  + I gjerdrum
-	0x0032f588, // n0x172b c0x0000 (---------------)  + I gjerstad
-	0x00249607, // n0x172c c0x0000 (---------------)  + I gjesdal
-	0x00249e46, // n0x172d c0x0000 (---------------)  + I gjovik
-	0x00212b87, // n0x172e c0x0000 (---------------)  + I gloppen
-	0x0024dbc3, // n0x172f c0x0000 (---------------)  + I gol
-	0x00334544, // n0x1730 c0x0000 (---------------)  + I gran
-	0x0035bc85, // n0x1731 c0x0000 (---------------)  + I grane
-	0x00384e47, // n0x1732 c0x0000 (---------------)  + I granvin
-	0x00388b09, // n0x1733 c0x0000 (---------------)  + I gratangen
-	0x0022d248, // n0x1734 c0x0000 (---------------)  + I grimstad
-	0x002b6085, // n0x1735 c0x0000 (---------------)  + I grong
-	0x0039a744, // n0x1736 c0x0000 (---------------)  + I grue
-	0x0035d2c5, // n0x1737 c0x0000 (---------------)  + I gulen
-	0x0025334d, // n0x1738 c0x0000 (---------------)  + I guovdageaidnu
-	0x00202442, // n0x1739 c0x0000 (---------------)  + I ha
-	0x002c9b86, // n0x173a c0x0000 (---------------)  + I habmer
-	0x0026b9c6, // n0x173b c0x0000 (---------------)  + I hadsel
-	0x002a5e4a, // n0x173c c0x0000 (---------------)  + I hagebostad
-	0x0035f386, // n0x173d c0x0000 (---------------)  + I halden
-	0x0036d3c5, // n0x173e c0x0000 (---------------)  + I halsa
-	0x0025e745, // n0x173f c0x0000 (---------------)  + I hamar
-	0x0025e747, // n0x1740 c0x0000 (---------------)  + I hamaroy
-	0x0037558c, // n0x1741 c0x0000 (---------------)  + I hammarfeasta
-	0x0033c28a, // n0x1742 c0x0000 (---------------)  + I hammerfest
-	0x0028aa06, // n0x1743 c0x0000 (---------------)  + I hapmir
-	0x002cfb05, // n0x1744 c0x0000 (---------------)  + I haram
-	0x0028af86, // n0x1745 c0x0000 (---------------)  + I hareid
-	0x0028b2c7, // n0x1746 c0x0000 (---------------)  + I harstad
-	0x0028c606, // n0x1747 c0x0000 (---------------)  + I hasvik
-	0x0028f74c, // n0x1748 c0x0000 (---------------)  + I hattfjelldal
-	0x00204f49, // n0x1749 c0x0000 (---------------)  + I haugesund
-	0x3de36587, // n0x174a c0x00f7 (n0x196d-n0x1970)  o I hedmark
-	0x002910c5, // n0x174b c0x0000 (---------------)  + I hemne
-	0x002910c6, // n0x174c c0x0000 (---------------)  + I hemnes
-	0x00291d48, // n0x174d c0x0000 (---------------)  + I hemsedal
-	0x00232305, // n0x174e c0x0000 (---------------)  + I herad
-	0x002a4585, // n0x174f c0x0000 (---------------)  + I hitra
-	0x002a47c8, // n0x1750 c0x0000 (---------------)  + I hjartdal
-	0x002a49ca, // n0x1751 c0x0000 (---------------)  + I hjelmeland
-	0x3e248fc2, // n0x1752 c0x00f8 (n0x1970-n0x1971)  + I hl
-	0x3e60e942, // n0x1753 c0x00f9 (n0x1971-n0x1972)  + I hm
-	0x00378245, // n0x1754 c0x0000 (---------------)  + I hobol
-	0x002d7743, // n0x1755 c0x0000 (---------------)  + I hof
-	0x003a4508, // n0x1756 c0x0000 (---------------)  + I hokksund
-	0x0023ce83, // n0x1757 c0x0000 (---------------)  + I hol
-	0x002a4c44, // n0x1758 c0x0000 (---------------)  + I hole
-	0x002a814b, // n0x1759 c0x0000 (---------------)  + I holmestrand
-	0x002ae1c8, // n0x175a c0x0000 (---------------)  + I holtalen
-	0x002a7ac8, // n0x175b c0x0000 (---------------)  + I honefoss
-	0x3eb1a749, // n0x175c c0x00fa (n0x1972-n0x1973)  o I hordaland
-	0x002a8f89, // n0x175d c0x0000 (---------------)  + I hornindal
-	0x002a9406, // n0x175e c0x0000 (---------------)  + I horten
-	0x002aa188, // n0x175f c0x0000 (---------------)  + I hoyanger
-	0x002aa389, // n0x1760 c0x0000 (---------------)  + I hoylandet
-	0x002ab246, // n0x1761 c0x0000 (---------------)  + I hurdal
-	0x002ab3c5, // n0x1762 c0x0000 (---------------)  + I hurum
-	0x00363586, // n0x1763 c0x0000 (---------------)  + I hvaler
-	0x002ab849, // n0x1764 c0x0000 (---------------)  + I hyllestad
-	0x00229187, // n0x1765 c0x0000 (---------------)  + I ibestad
-	0x0026dd46, // n0x1766 c0x0000 (---------------)  + I idrett
-	0x002e7747, // n0x1767 c0x0000 (---------------)  + I inderoy
-	0x003547c7, // n0x1768 c0x0000 (---------------)  + I iveland
-	0x0023fcc4, // n0x1769 c0x0000 (---------------)  + I ivgu
-	0x3ee1cfc9, // n0x176a c0x00fb (n0x1973-n0x1974)  + I jan-mayen
-	0x002c57c8, // n0x176b c0x0000 (---------------)  + I jessheim
-	0x00358388, // n0x176c c0x0000 (---------------)  + I jevnaker
-	0x00343c87, // n0x176d c0x0000 (---------------)  + I jolster
-	0x002c1046, // n0x176e c0x0000 (---------------)  + I jondal
-	0x002fc709, // n0x176f c0x0000 (---------------)  + I jorpeland
-	0x002bc3c7, // n0x1770 c0x0000 (---------------)  + I kafjord
-	0x0024fd0a, // n0x1771 c0x0000 (---------------)  + I karasjohka
-	0x0037dbc8, // n0x1772 c0x0000 (---------------)  + I karasjok
-	0x00330887, // n0x1773 c0x0000 (---------------)  + I karlsoy
-	0x00229586, // n0x1774 c0x0000 (---------------)  + I karmoy
-	0x002650ca, // n0x1775 c0x0000 (---------------)  + I kautokeino
-	0x0027e3c8, // n0x1776 c0x0000 (---------------)  + I kirkenes
-	0x0026b445, // n0x1777 c0x0000 (---------------)  + I klabu
-	0x00374f05, // n0x1778 c0x0000 (---------------)  + I klepp
-	0x00387dc7, // n0x1779 c0x0000 (---------------)  + I kommune
-	0x002bfb09, // n0x177a c0x0000 (---------------)  + I kongsberg
-	0x002c478b, // n0x177b c0x0000 (---------------)  + I kongsvinger
-	0x002d6808, // n0x177c c0x0000 (---------------)  + I kopervik
-	0x00255509, // n0x177d c0x0000 (---------------)  + I kraanghke
-	0x00250787, // n0x177e c0x0000 (---------------)  + I kragero
-	0x002af50c, // n0x177f c0x0000 (---------------)  + I kristiansand
-	0x002b01cc, // n0x1780 c0x0000 (---------------)  + I kristiansund
-	0x002b04ca, // n0x1781 c0x0000 (---------------)  + I krodsherad
-	0x002b074c, // n0x1782 c0x0000 (---------------)  + I krokstadelva
-	0x002bb408, // n0x1783 c0x0000 (---------------)  + I kvafjord
-	0x002bb608, // n0x1784 c0x0000 (---------------)  + I kvalsund
-	0x002bb804, // n0x1785 c0x0000 (---------------)  + I kvam
-	0x002bc589, // n0x1786 c0x0000 (---------------)  + I kvanangen
-	0x002bc7c9, // n0x1787 c0x0000 (---------------)  + I kvinesdal
-	0x002bca0a, // n0x1788 c0x0000 (---------------)  + I kvinnherad
-	0x002bcc89, // n0x1789 c0x0000 (---------------)  + I kviteseid
-	0x002bcfc7, // n0x178a c0x0000 (---------------)  + I kvitsoy
-	0x003a4dcc, // n0x178b c0x0000 (---------------)  + I laakesvuemie
-	0x00338186, // n0x178c c0x0000 (---------------)  + I lahppi
-	0x00258008, // n0x178d c0x0000 (---------------)  + I langevag
-	0x00267d86, // n0x178e c0x0000 (---------------)  + I lardal
-	0x0037f706, // n0x178f c0x0000 (---------------)  + I larvik
-	0x00328a07, // n0x1790 c0x0000 (---------------)  + I lavagis
-	0x00272688, // n0x1791 c0x0000 (---------------)  + I lavangen
-	0x00331a4b, // n0x1792 c0x0000 (---------------)  + I leangaviika
-	0x002b7ec7, // n0x1793 c0x0000 (---------------)  + I lebesby
-	0x002598c9, // n0x1794 c0x0000 (---------------)  + I leikanger
-	0x0035e489, // n0x1795 c0x0000 (---------------)  + I leirfjord
-	0x00296d87, // n0x1796 c0x0000 (---------------)  + I leirvik
-	0x002bbac4, // n0x1797 c0x0000 (---------------)  + I leka
-	0x002bf987, // n0x1798 c0x0000 (---------------)  + I leksvik
-	0x003562c6, // n0x1799 c0x0000 (---------------)  + I lenvik
-	0x00217606, // n0x179a c0x0000 (---------------)  + I lerdal
-	0x0031f845, // n0x179b c0x0000 (---------------)  + I lesja
-	0x00219f88, // n0x179c c0x0000 (---------------)  + I levanger
-	0x002ddf44, // n0x179d c0x0000 (---------------)  + I lier
-	0x002ddf46, // n0x179e c0x0000 (---------------)  + I lierne
-	0x0033c14b, // n0x179f c0x0000 (---------------)  + I lillehammer
-	0x00330089, // n0x17a0 c0x0000 (---------------)  + I lillesand
-	0x00322dc6, // n0x17a1 c0x0000 (---------------)  + I lindas
-	0x00345ac9, // n0x17a2 c0x0000 (---------------)  + I lindesnes
-	0x00389286, // n0x17a3 c0x0000 (---------------)  + I loabat
-	0x00259dc8, // n0x17a4 c0x0000 (---------------)  + I lodingen
-	0x00214303, // n0x17a5 c0x0000 (---------------)  + I lom
-	0x00390905, // n0x17a6 c0x0000 (---------------)  + I loppa
-	0x00216209, // n0x17a7 c0x0000 (---------------)  + I lorenskog
-	0x00217745, // n0x17a8 c0x0000 (---------------)  + I loten
-	0x002fb344, // n0x17a9 c0x0000 (---------------)  + I lund
-	0x00275306, // n0x17aa c0x0000 (---------------)  + I lunner
-	0x00378ec5, // n0x17ab c0x0000 (---------------)  + I luroy
-	0x002dcb06, // n0x17ac c0x0000 (---------------)  + I luster
-	0x002fccc7, // n0x17ad c0x0000 (---------------)  + I lyngdal
-	0x00213606, // n0x17ae c0x0000 (---------------)  + I lyngen
-	0x00298bcb, // n0x17af c0x0000 (---------------)  + I malatvuopmi
-	0x002e4e47, // n0x17b0 c0x0000 (---------------)  + I malselv
-	0x00205c86, // n0x17b1 c0x0000 (---------------)  + I malvik
-	0x0034fcc6, // n0x17b2 c0x0000 (---------------)  + I mandal
-	0x00234bc6, // n0x17b3 c0x0000 (---------------)  + I marker
-	0x0032fe89, // n0x17b4 c0x0000 (---------------)  + I marnardal
-	0x0021ed8a, // n0x17b5 c0x0000 (---------------)  + I masfjorden
-	0x0032a985, // n0x17b6 c0x0000 (---------------)  + I masoy
-	0x0022080d, // n0x17b7 c0x0000 (---------------)  + I matta-varjjat
-	0x002a4ac6, // n0x17b8 c0x0000 (---------------)  + I meland
-	0x002160c6, // n0x17b9 c0x0000 (---------------)  + I meldal
-	0x00291886, // n0x17ba c0x0000 (---------------)  + I melhus
-	0x002a7e05, // n0x17bb c0x0000 (---------------)  + I meloy
-	0x0037c7c7, // n0x17bc c0x0000 (---------------)  + I meraker
-	0x0029d687, // n0x17bd c0x0000 (---------------)  + I midsund
-	0x002e5e0e, // n0x17be c0x0000 (---------------)  + I midtre-gauldal
-	0x00209003, // n0x17bf c0x0000 (---------------)  + I mil
-	0x002c1009, // n0x17c0 c0x0000 (---------------)  + I mjondalen
-	0x00239209, // n0x17c1 c0x0000 (---------------)  + I mo-i-rana
-	0x00228e87, // n0x17c2 c0x0000 (---------------)  + I moareke
-	0x0026c087, // n0x17c3 c0x0000 (---------------)  + I modalen
-	0x002a67c5, // n0x17c4 c0x0000 (---------------)  + I modum
-	0x00325445, // n0x17c5 c0x0000 (---------------)  + I molde
-	0x3f25d3cf, // n0x17c6 c0x00fc (n0x1974-n0x1976)  o I more-og-romsdal
-	0x002c7f87, // n0x17c7 c0x0000 (---------------)  + I mosjoen
-	0x002c8148, // n0x17c8 c0x0000 (---------------)  + I moskenes
-	0x002c8884, // n0x17c9 c0x0000 (---------------)  + I moss
-	0x002c8c46, // n0x17ca c0x0000 (---------------)  + I mosvik
-	0x3f64aa02, // n0x17cb c0x00fd (n0x1976-n0x1977)  + I mr
-	0x002cc2c6, // n0x17cc c0x0000 (---------------)  + I muosat
-	0x002d0106, // n0x17cd c0x0000 (---------------)  + I museum
-	0x00331d8e, // n0x17ce c0x0000 (---------------)  + I naamesjevuemie
-	0x0031150a, // n0x17cf c0x0000 (---------------)  + I namdalseid
-	0x002b57c6, // n0x17d0 c0x0000 (---------------)  + I namsos
-	0x002261ca, // n0x17d1 c0x0000 (---------------)  + I namsskogan
-	0x002c3349, // n0x17d2 c0x0000 (---------------)  + I nannestad
-	0x00315d45, // n0x17d3 c0x0000 (---------------)  + I naroy
-	0x0038ac08, // n0x17d4 c0x0000 (---------------)  + I narviika
-	0x003a29c6, // n0x17d5 c0x0000 (---------------)  + I narvik
-	0x00255008, // n0x17d6 c0x0000 (---------------)  + I naustdal
-	0x0031a1c8, // n0x17d7 c0x0000 (---------------)  + I navuotna
-	0x0030930b, // n0x17d8 c0x0000 (---------------)  + I nedre-eiker
-	0x00222e05, // n0x17d9 c0x0000 (---------------)  + I nesna
-	0x00331188, // n0x17da c0x0000 (---------------)  + I nesodden
-	0x0020560c, // n0x17db c0x0000 (---------------)  + I nesoddtangen
-	0x0022c287, // n0x17dc c0x0000 (---------------)  + I nesseby
-	0x0024f8c6, // n0x17dd c0x0000 (---------------)  + I nesset
-	0x00230048, // n0x17de c0x0000 (---------------)  + I nissedal
-	0x00279d48, // n0x17df c0x0000 (---------------)  + I nittedal
-	0x3fa47802, // n0x17e0 c0x00fe (n0x1977-n0x1978)  + I nl
-	0x002bbccb, // n0x17e1 c0x0000 (---------------)  + I nord-aurdal
-	0x00397f89, // n0x17e2 c0x0000 (---------------)  + I nord-fron
-	0x0034c449, // n0x17e3 c0x0000 (---------------)  + I nord-odal
-	0x00328887, // n0x17e4 c0x0000 (---------------)  + I norddal
-	0x00249408, // n0x17e5 c0x0000 (---------------)  + I nordkapp
-	0x3ff45708, // n0x17e6 c0x00ff (n0x1978-n0x197c)  o I nordland
-	0x0025f08b, // n0x17e7 c0x0000 (---------------)  + I nordre-land
-	0x0028e409, // n0x17e8 c0x0000 (---------------)  + I nordreisa
-	0x0021000d, // n0x17e9 c0x0000 (---------------)  + I nore-og-uvdal
-	0x002547c8, // n0x17ea c0x0000 (---------------)  + I notodden
-	0x0032c588, // n0x17eb c0x0000 (---------------)  + I notteroy
-	0x402009c2, // n0x17ec c0x0100 (n0x197c-n0x197d)  + I nt
-	0x00202d84, // n0x17ed c0x0000 (---------------)  + I odda
-	0x4060b282, // n0x17ee c0x0101 (n0x197d-n0x197e)  + I of
-	0x0037dd46, // n0x17ef c0x0000 (---------------)  + I oksnes
-	0x40a02242, // n0x17f0 c0x0102 (n0x197e-n0x197f)  + I ol
-	0x0037a0ca, // n0x17f1 c0x0000 (---------------)  + I omasvuotna
-	0x00352086, // n0x17f2 c0x0000 (---------------)  + I oppdal
-	0x00225388, // n0x17f3 c0x0000 (---------------)  + I oppegard
-	0x00255c88, // n0x17f4 c0x0000 (---------------)  + I orkanger
-	0x002f2686, // n0x17f5 c0x0000 (---------------)  + I orkdal
-	0x00338a46, // n0x17f6 c0x0000 (---------------)  + I orland
-	0x002e5306, // n0x17f7 c0x0000 (---------------)  + I orskog
-	0x0027b0c5, // n0x17f8 c0x0000 (---------------)  + I orsta
-	0x00240e44, // n0x17f9 c0x0000 (---------------)  + I osen
-	0x40ec40c4, // n0x17fa c0x0103 (n0x197f-n0x1980)  + I oslo
-	0x00334ec6, // n0x17fb c0x0000 (---------------)  + I osoyro
-	0x002510c7, // n0x17fc c0x0000 (---------------)  + I osteroy
-	0x4139f9c7, // n0x17fd c0x0104 (n0x1980-n0x1981)  o I ostfold
-	0x002d968b, // n0x17fe c0x0000 (---------------)  + I ostre-toten
-	0x0025e1c9, // n0x17ff c0x0000 (---------------)  + I overhalla
-	0x002438ca, // n0x1800 c0x0000 (---------------)  + I ovre-eiker
-	0x003173c4, // n0x1801 c0x0000 (---------------)  + I oyer
-	0x0025e888, // n0x1802 c0x0000 (---------------)  + I oygarden
-	0x0026db0d, // n0x1803 c0x0000 (---------------)  + I oystre-slidre
-	0x002e0209, // n0x1804 c0x0000 (---------------)  + I porsanger
-	0x002e0448, // n0x1805 c0x0000 (---------------)  + I porsangu
-	0x002e06c9, // n0x1806 c0x0000 (---------------)  + I porsgrunn
-	0x002e1c44, // n0x1807 c0x0000 (---------------)  + I priv
-	0x00204d04, // n0x1808 c0x0000 (---------------)  + I rade
-	0x0027ec05, // n0x1809 c0x0000 (---------------)  + I radoy
-	0x0027720b, // n0x180a c0x0000 (---------------)  + I rahkkeravju
-	0x002ae146, // n0x180b c0x0000 (---------------)  + I raholt
-	0x00334d05, // n0x180c c0x0000 (---------------)  + I raisa
-	0x0037c0c9, // n0x180d c0x0000 (---------------)  + I rakkestad
-	0x00223008, // n0x180e c0x0000 (---------------)  + I ralingen
-	0x00239344, // n0x180f c0x0000 (---------------)  + I rana
-	0x00228c09, // n0x1810 c0x0000 (---------------)  + I randaberg
-	0x00248c45, // n0x1811 c0x0000 (---------------)  + I rauma
-	0x002b8808, // n0x1812 c0x0000 (---------------)  + I rendalen
-	0x00209ec7, // n0x1813 c0x0000 (---------------)  + I rennebu
-	0x0030fb88, // n0x1814 c0x0000 (---------------)  + I rennesoy
-	0x0027f1c6, // n0x1815 c0x0000 (---------------)  + I rindal
-	0x00351107, // n0x1816 c0x0000 (---------------)  + I ringebu
-	0x0020e509, // n0x1817 c0x0000 (---------------)  + I ringerike
-	0x0023a189, // n0x1818 c0x0000 (---------------)  + I ringsaker
-	0x00277985, // n0x1819 c0x0000 (---------------)  + I risor
-	0x00238845, // n0x181a c0x0000 (---------------)  + I rissa
-	0x4162b682, // n0x181b c0x0105 (n0x1981-n0x1982)  + I rl
-	0x002fab84, // n0x181c c0x0000 (---------------)  + I roan
-	0x0029d105, // n0x181d c0x0000 (---------------)  + I rodoy
-	0x002cd3c6, // n0x181e c0x0000 (---------------)  + I rollag
-	0x00318545, // n0x181f c0x0000 (---------------)  + I romsa
-	0x002531c7, // n0x1820 c0x0000 (---------------)  + I romskog
-	0x00296bc5, // n0x1821 c0x0000 (---------------)  + I roros
-	0x00276a44, // n0x1822 c0x0000 (---------------)  + I rost
-	0x00326c86, // n0x1823 c0x0000 (---------------)  + I royken
-	0x00311907, // n0x1824 c0x0000 (---------------)  + I royrvik
-	0x0024aa46, // n0x1825 c0x0000 (---------------)  + I ruovat
-	0x003305c5, // n0x1826 c0x0000 (---------------)  + I rygge
-	0x00321248, // n0x1827 c0x0000 (---------------)  + I salangen
-	0x00223585, // n0x1828 c0x0000 (---------------)  + I salat
-	0x00322c47, // n0x1829 c0x0000 (---------------)  + I saltdal
-	0x0038ec09, // n0x182a c0x0000 (---------------)  + I samnanger
-	0x003301ca, // n0x182b c0x0000 (---------------)  + I sandefjord
-	0x0022e9c7, // n0x182c c0x0000 (---------------)  + I sandnes
-	0x0022e9cc, // n0x182d c0x0000 (---------------)  + I sandnessjoen
-	0x00259606, // n0x182e c0x0000 (---------------)  + I sandoy
-	0x0022d049, // n0x182f c0x0000 (---------------)  + I sarpsborg
-	0x002314c5, // n0x1830 c0x0000 (---------------)  + I sauda
-	0x00232248, // n0x1831 c0x0000 (---------------)  + I sauherad
-	0x00210703, // n0x1832 c0x0000 (---------------)  + I sel
-	0x00210705, // n0x1833 c0x0000 (---------------)  + I selbu
-	0x00329905, // n0x1834 c0x0000 (---------------)  + I selje
-	0x0024d147, // n0x1835 c0x0000 (---------------)  + I seljord
-	0x41a11cc2, // n0x1836 c0x0106 (n0x1982-n0x1983)  + I sf
-	0x002434c7, // n0x1837 c0x0000 (---------------)  + I siellak
-	0x002cb986, // n0x1838 c0x0000 (---------------)  + I sigdal
-	0x0021cf06, // n0x1839 c0x0000 (---------------)  + I siljan
-	0x0034d886, // n0x183a c0x0000 (---------------)  + I sirdal
-	0x00279c86, // n0x183b c0x0000 (---------------)  + I skanit
-	0x00307808, // n0x183c c0x0000 (---------------)  + I skanland
-	0x002d8085, // n0x183d c0x0000 (---------------)  + I skaun
-	0x0024ccc7, // n0x183e c0x0000 (---------------)  + I skedsmo
-	0x0024cccd, // n0x183f c0x0000 (---------------)  + I skedsmokorset
-	0x00209743, // n0x1840 c0x0000 (---------------)  + I ski
-	0x00209745, // n0x1841 c0x0000 (---------------)  + I skien
-	0x002279c7, // n0x1842 c0x0000 (---------------)  + I skierva
-	0x002d1b48, // n0x1843 c0x0000 (---------------)  + I skiptvet
-	0x00227585, // n0x1844 c0x0000 (---------------)  + I skjak
-	0x00230ec8, // n0x1845 c0x0000 (---------------)  + I skjervoy
-	0x00266946, // n0x1846 c0x0000 (---------------)  + I skodje
-	0x0023e487, // n0x1847 c0x0000 (---------------)  + I slattum
-	0x002c0645, // n0x1848 c0x0000 (---------------)  + I smola
-	0x00222e86, // n0x1849 c0x0000 (---------------)  + I snaase
-	0x003604c5, // n0x184a c0x0000 (---------------)  + I snasa
-	0x002bae0a, // n0x184b c0x0000 (---------------)  + I snillfjord
-	0x002d9146, // n0x184c c0x0000 (---------------)  + I snoasa
-	0x0023c8c7, // n0x184d c0x0000 (---------------)  + I sogndal
-	0x002af145, // n0x184e c0x0000 (---------------)  + I sogne
-	0x002e2f47, // n0x184f c0x0000 (---------------)  + I sokndal
-	0x00359f04, // n0x1850 c0x0000 (---------------)  + I sola
-	0x002fb2c6, // n0x1851 c0x0000 (---------------)  + I solund
-	0x0037de85, // n0x1852 c0x0000 (---------------)  + I somna
-	0x0022be8b, // n0x1853 c0x0000 (---------------)  + I sondre-land
-	0x00356149, // n0x1854 c0x0000 (---------------)  + I songdalen
-	0x00378c8a, // n0x1855 c0x0000 (---------------)  + I sor-aurdal
-	0x00277a08, // n0x1856 c0x0000 (---------------)  + I sor-fron
-	0x002f43c8, // n0x1857 c0x0000 (---------------)  + I sor-odal
-	0x002f69cc, // n0x1858 c0x0000 (---------------)  + I sor-varanger
-	0x002fbfc7, // n0x1859 c0x0000 (---------------)  + I sorfold
-	0x002fd8c8, // n0x185a c0x0000 (---------------)  + I sorreisa
-	0x00301f88, // n0x185b c0x0000 (---------------)  + I sortland
-	0x003057c5, // n0x185c c0x0000 (---------------)  + I sorum
-	0x002bd24a, // n0x185d c0x0000 (---------------)  + I spjelkavik
-	0x003347c9, // n0x185e c0x0000 (---------------)  + I spydeberg
-	0x41e02742, // n0x185f c0x0107 (n0x1983-n0x1984)  + I st
-	0x00202746, // n0x1860 c0x0000 (---------------)  + I stange
-	0x0020f204, // n0x1861 c0x0000 (---------------)  + I stat
-	0x002ded49, // n0x1862 c0x0000 (---------------)  + I stathelle
-	0x002f35c9, // n0x1863 c0x0000 (---------------)  + I stavanger
-	0x00225047, // n0x1864 c0x0000 (---------------)  + I stavern
-	0x00251a47, // n0x1865 c0x0000 (---------------)  + I steigen
-	0x002833c9, // n0x1866 c0x0000 (---------------)  + I steinkjer
-	0x0038e808, // n0x1867 c0x0000 (---------------)  + I stjordal
-	0x0038e80f, // n0x1868 c0x0000 (---------------)  + I stjordalshalsen
-	0x00275e46, // n0x1869 c0x0000 (---------------)  + I stokke
-	0x0024688b, // n0x186a c0x0000 (---------------)  + I stor-elvdal
-	0x0037d0c5, // n0x186b c0x0000 (---------------)  + I stord
-	0x0037d0c7, // n0x186c c0x0000 (---------------)  + I stordal
-	0x002e6f89, // n0x186d c0x0000 (---------------)  + I storfjord
-	0x00228b86, // n0x186e c0x0000 (---------------)  + I strand
-	0x00228b87, // n0x186f c0x0000 (---------------)  + I stranda
-	0x0039e5c5, // n0x1870 c0x0000 (---------------)  + I stryn
-	0x00237304, // n0x1871 c0x0000 (---------------)  + I sula
-	0x002402c6, // n0x1872 c0x0000 (---------------)  + I suldal
-	0x00205084, // n0x1873 c0x0000 (---------------)  + I sund
-	0x0030a587, // n0x1874 c0x0000 (---------------)  + I sunndal
-	0x002e8fc8, // n0x1875 c0x0000 (---------------)  + I surnadal
-	0x422ef688, // n0x1876 c0x0108 (n0x1984-n0x1985)  + I svalbard
-	0x002efc85, // n0x1877 c0x0000 (---------------)  + I sveio
-	0x002efdc7, // n0x1878 c0x0000 (---------------)  + I svelvik
-	0x00375cc9, // n0x1879 c0x0000 (---------------)  + I sykkylven
-	0x00206cc4, // n0x187a c0x0000 (---------------)  + I tana
-	0x00206cc8, // n0x187b c0x0000 (---------------)  + I tananger
-	0x42664f08, // n0x187c c0x0109 (n0x1985-n0x1987)  o I telemark
-	0x00269804, // n0x187d c0x0000 (---------------)  + I time
-	0x00237e88, // n0x187e c0x0000 (---------------)  + I tingvoll
-	0x002ea3c4, // n0x187f c0x0000 (---------------)  + I tinn
-	0x00226789, // n0x1880 c0x0000 (---------------)  + I tjeldsund
-	0x0026cec5, // n0x1881 c0x0000 (---------------)  + I tjome
-	0x42a00142, // n0x1882 c0x010a (n0x1987-n0x1988)  + I tm
-	0x00275e85, // n0x1883 c0x0000 (---------------)  + I tokke
-	0x0021dc85, // n0x1884 c0x0000 (---------------)  + I tolga
-	0x003661c8, // n0x1885 c0x0000 (---------------)  + I tonsberg
-	0x0023b587, // n0x1886 c0x0000 (---------------)  + I torsken
-	0x42e03002, // n0x1887 c0x010b (n0x1988-n0x1989)  + I tr
-	0x002c9d45, // n0x1888 c0x0000 (---------------)  + I trana
-	0x00274dc6, // n0x1889 c0x0000 (---------------)  + I tranby
-	0x00292546, // n0x188a c0x0000 (---------------)  + I tranoy
-	0x002fab48, // n0x188b c0x0000 (---------------)  + I troandin
-	0x002ffbc8, // n0x188c c0x0000 (---------------)  + I trogstad
-	0x00318506, // n0x188d c0x0000 (---------------)  + I tromsa
-	0x00323bc6, // n0x188e c0x0000 (---------------)  + I tromso
-	0x00352589, // n0x188f c0x0000 (---------------)  + I trondheim
-	0x00341ec6, // n0x1890 c0x0000 (---------------)  + I trysil
-	0x00356ccb, // n0x1891 c0x0000 (---------------)  + I tvedestrand
-	0x0024f6c5, // n0x1892 c0x0000 (---------------)  + I tydal
-	0x00219b46, // n0x1893 c0x0000 (---------------)  + I tynset
-	0x00215a48, // n0x1894 c0x0000 (---------------)  + I tysfjord
-	0x002336c6, // n0x1895 c0x0000 (---------------)  + I tysnes
-	0x00235ec6, // n0x1896 c0x0000 (---------------)  + I tysvar
-	0x0021518a, // n0x1897 c0x0000 (---------------)  + I ullensaker
-	0x0034440a, // n0x1898 c0x0000 (---------------)  + I ullensvang
-	0x0028acc5, // n0x1899 c0x0000 (---------------)  + I ulvik
-	0x002c7a87, // n0x189a c0x0000 (---------------)  + I unjarga
-	0x00341946, // n0x189b c0x0000 (---------------)  + I utsira
-	0x432000c2, // n0x189c c0x010c (n0x1989-n0x198a)  + I va
-	0x00227b07, // n0x189d c0x0000 (---------------)  + I vaapste
-	0x00274745, // n0x189e c0x0000 (---------------)  + I vadso
-	0x00322504, // n0x189f c0x0000 (---------------)  + I vaga
-	0x00322505, // n0x18a0 c0x0000 (---------------)  + I vagan
-	0x003172c6, // n0x18a1 c0x0000 (---------------)  + I vagsoy
-	0x0032cec7, // n0x18a2 c0x0000 (---------------)  + I vaksdal
-	0x00217105, // n0x18a3 c0x0000 (---------------)  + I valle
-	0x0021a004, // n0x18a4 c0x0000 (---------------)  + I vang
-	0x0026f108, // n0x18a5 c0x0000 (---------------)  + I vanylven
-	0x00235f85, // n0x18a6 c0x0000 (---------------)  + I vardo
-	0x002923c7, // n0x18a7 c0x0000 (---------------)  + I varggat
-	0x002f0545, // n0x18a8 c0x0000 (---------------)  + I varoy
-	0x002140c5, // n0x18a9 c0x0000 (---------------)  + I vefsn
-	0x00230284, // n0x18aa c0x0000 (---------------)  + I vega
-	0x0028a309, // n0x18ab c0x0000 (---------------)  + I vegarshei
-	0x002e29c8, // n0x18ac c0x0000 (---------------)  + I vennesla
-	0x00374106, // n0x18ad c0x0000 (---------------)  + I verdal
-	0x0033f346, // n0x18ae c0x0000 (---------------)  + I verran
-	0x00269506, // n0x18af c0x0000 (---------------)  + I vestby
-	0x4379aa48, // n0x18b0 c0x010d (n0x198a-n0x198b)  o I vestfold
-	0x002f3807, // n0x18b1 c0x0000 (---------------)  + I vestnes
-	0x002f3e8d, // n0x18b2 c0x0000 (---------------)  + I vestre-slidre
-	0x002f45cc, // n0x18b3 c0x0000 (---------------)  + I vestre-toten
-	0x002f4bc9, // n0x18b4 c0x0000 (---------------)  + I vestvagoy
-	0x002f4e09, // n0x18b5 c0x0000 (---------------)  + I vevelstad
-	0x43b4f482, // n0x18b6 c0x010e (n0x198b-n0x198c)  + I vf
-	0x00399d43, // n0x18b7 c0x0000 (---------------)  + I vgs
-	0x00205d43, // n0x18b8 c0x0000 (---------------)  + I vik
-	0x00356385, // n0x18b9 c0x0000 (---------------)  + I vikna
-	0x00384f4a, // n0x18ba c0x0000 (---------------)  + I vindafjord
-	0x003183c6, // n0x18bb c0x0000 (---------------)  + I voagat
-	0x002f9845, // n0x18bc c0x0000 (---------------)  + I volda
-	0x002fd204, // n0x18bd c0x0000 (---------------)  + I voss
-	0x002fd20b, // n0x18be c0x0000 (---------------)  + I vossevangen
-	0x0030d90c, // n0x18bf c0x0000 (---------------)  + I xn--andy-ira
-	0x0030e14c, // n0x18c0 c0x0000 (---------------)  + I xn--asky-ira
-	0x0030e455, // n0x18c1 c0x0000 (---------------)  + I xn--aurskog-hland-jnb
-	0x003104cd, // n0x18c2 c0x0000 (---------------)  + I xn--avery-yua
-	0x003128cf, // n0x18c3 c0x0000 (---------------)  + I xn--bdddj-mrabd
-	0x00312c92, // n0x18c4 c0x0000 (---------------)  + I xn--bearalvhki-y4a
-	0x0031310f, // n0x18c5 c0x0000 (---------------)  + I xn--berlevg-jxa
-	0x003134d2, // n0x18c6 c0x0000 (---------------)  + I xn--bhcavuotna-s4a
-	0x00313953, // n0x18c7 c0x0000 (---------------)  + I xn--bhccavuotna-k7a
-	0x00313e0d, // n0x18c8 c0x0000 (---------------)  + I xn--bidr-5nac
-	0x003143cd, // n0x18c9 c0x0000 (---------------)  + I xn--bievt-0qa
-	0x0031474e, // n0x18ca c0x0000 (---------------)  + I xn--bjarky-fya
-	0x00314c0e, // n0x18cb c0x0000 (---------------)  + I xn--bjddar-pta
-	0x0031534c, // n0x18cc c0x0000 (---------------)  + I xn--blt-elab
-	0x003156cc, // n0x18cd c0x0000 (---------------)  + I xn--bmlo-gra
-	0x00315b0b, // n0x18ce c0x0000 (---------------)  + I xn--bod-2na
-	0x00315e8e, // n0x18cf c0x0000 (---------------)  + I xn--brnny-wuac
-	0x003178d2, // n0x18d0 c0x0000 (---------------)  + I xn--brnnysund-m8ac
-	0x0031818c, // n0x18d1 c0x0000 (---------------)  + I xn--brum-voa
-	0x003188d0, // n0x18d2 c0x0000 (---------------)  + I xn--btsfjord-9za
-	0x00329d52, // n0x18d3 c0x0000 (---------------)  + I xn--davvenjrga-y4a
-	0x0032aacc, // n0x18d4 c0x0000 (---------------)  + I xn--dnna-gra
-	0x0032b18d, // n0x18d5 c0x0000 (---------------)  + I xn--drbak-wua
-	0x0032b4cc, // n0x18d6 c0x0000 (---------------)  + I xn--dyry-ira
-	0x0032d351, // n0x18d7 c0x0000 (---------------)  + I xn--eveni-0qa01ga
-	0x0032e1cd, // n0x18d8 c0x0000 (---------------)  + I xn--finny-yua
-	0x0033318d, // n0x18d9 c0x0000 (---------------)  + I xn--fjord-lra
-	0x0033378a, // n0x18da c0x0000 (---------------)  + I xn--fl-zia
-	0x00333a0c, // n0x18db c0x0000 (---------------)  + I xn--flor-jra
-	0x0033430c, // n0x18dc c0x0000 (---------------)  + I xn--frde-gra
-	0x00334a0c, // n0x18dd c0x0000 (---------------)  + I xn--frna-woa
-	0x0033528c, // n0x18de c0x0000 (---------------)  + I xn--frya-hra
-	0x00338bd3, // n0x18df c0x0000 (---------------)  + I xn--ggaviika-8ya47h
-	0x003391d0, // n0x18e0 c0x0000 (---------------)  + I xn--gildeskl-g0a
-	0x003395d0, // n0x18e1 c0x0000 (---------------)  + I xn--givuotna-8ya
-	0x0033a24d, // n0x18e2 c0x0000 (---------------)  + I xn--gjvik-wua
-	0x0033a84c, // n0x18e3 c0x0000 (---------------)  + I xn--gls-elac
-	0x0033b449, // n0x18e4 c0x0000 (---------------)  + I xn--h-2fa
-	0x0033da4d, // n0x18e5 c0x0000 (---------------)  + I xn--hbmer-xqa
-	0x0033dd93, // n0x18e6 c0x0000 (---------------)  + I xn--hcesuolo-7ya35b
-	0x0033e991, // n0x18e7 c0x0000 (---------------)  + I xn--hgebostad-g3a
-	0x0033edd3, // n0x18e8 c0x0000 (---------------)  + I xn--hmmrfeasta-s4ac
-	0x0033f58f, // n0x18e9 c0x0000 (---------------)  + I xn--hnefoss-q1a
-	0x0033f94c, // n0x18ea c0x0000 (---------------)  + I xn--hobl-ira
-	0x0033fc4f, // n0x18eb c0x0000 (---------------)  + I xn--holtlen-hxa
-	0x0034000d, // n0x18ec c0x0000 (---------------)  + I xn--hpmir-xqa
-	0x0034060f, // n0x18ed c0x0000 (---------------)  + I xn--hyanger-q1a
-	0x003409d0, // n0x18ee c0x0000 (---------------)  + I xn--hylandet-54a
-	0x0034144e, // n0x18ef c0x0000 (---------------)  + I xn--indery-fya
-	0x00346c4e, // n0x18f0 c0x0000 (---------------)  + I xn--jlster-bya
-	0x00347390, // n0x18f1 c0x0000 (---------------)  + I xn--jrpeland-54a
-	0x0034860d, // n0x18f2 c0x0000 (---------------)  + I xn--karmy-yua
-	0x00348f8e, // n0x18f3 c0x0000 (---------------)  + I xn--kfjord-iua
-	0x0034930c, // n0x18f4 c0x0000 (---------------)  + I xn--klbu-woa
-	0x0034a2d3, // n0x18f5 c0x0000 (---------------)  + I xn--koluokta-7ya57h
-	0x0034c68e, // n0x18f6 c0x0000 (---------------)  + I xn--krager-gya
-	0x0034da10, // n0x18f7 c0x0000 (---------------)  + I xn--kranghke-b0a
-	0x0034de11, // n0x18f8 c0x0000 (---------------)  + I xn--krdsherad-m8a
-	0x0034e24f, // n0x18f9 c0x0000 (---------------)  + I xn--krehamn-dxa
-	0x0034e613, // n0x18fa c0x0000 (---------------)  + I xn--krjohka-hwab49j
-	0x0034f00d, // n0x18fb c0x0000 (---------------)  + I xn--ksnes-uua
-	0x0034f34f, // n0x18fc c0x0000 (---------------)  + I xn--kvfjord-nxa
-	0x0034f70e, // n0x18fd c0x0000 (---------------)  + I xn--kvitsy-fya
-	0x0034fe50, // n0x18fe c0x0000 (---------------)  + I xn--kvnangen-k0a
-	0x00350249, // n0x18ff c0x0000 (---------------)  + I xn--l-1fa
-	0x00353090, // n0x1900 c0x0000 (---------------)  + I xn--laheadju-7ya
-	0x003536cf, // n0x1901 c0x0000 (---------------)  + I xn--langevg-jxa
-	0x00353d4f, // n0x1902 c0x0000 (---------------)  + I xn--ldingen-q1a
-	0x00354112, // n0x1903 c0x0000 (---------------)  + I xn--leagaviika-52b
-	0x00357c8e, // n0x1904 c0x0000 (---------------)  + I xn--lesund-hua
-	0x0035858d, // n0x1905 c0x0000 (---------------)  + I xn--lgrd-poac
-	0x0035930d, // n0x1906 c0x0000 (---------------)  + I xn--lhppi-xqa
-	0x0035964d, // n0x1907 c0x0000 (---------------)  + I xn--linds-pra
-	0x0035aa0d, // n0x1908 c0x0000 (---------------)  + I xn--loabt-0qa
-	0x0035ad4d, // n0x1909 c0x0000 (---------------)  + I xn--lrdal-sra
-	0x0035b090, // n0x190a c0x0000 (---------------)  + I xn--lrenskog-54a
-	0x0035b48b, // n0x190b c0x0000 (---------------)  + I xn--lt-liac
-	0x0035ba4c, // n0x190c c0x0000 (---------------)  + I xn--lten-gra
-	0x0035bdcc, // n0x190d c0x0000 (---------------)  + I xn--lury-ira
-	0x0035c0cc, // n0x190e c0x0000 (---------------)  + I xn--mely-ira
-	0x0035c3ce, // n0x190f c0x0000 (---------------)  + I xn--merker-kua
-	0x00366c50, // n0x1910 c0x0000 (---------------)  + I xn--mjndalen-64a
-	0x00368512, // n0x1911 c0x0000 (---------------)  + I xn--mlatvuopmi-s4a
-	0x0036898b, // n0x1912 c0x0000 (---------------)  + I xn--mli-tla
-	0x0036940e, // n0x1913 c0x0000 (---------------)  + I xn--mlselv-iua
-	0x0036978e, // n0x1914 c0x0000 (---------------)  + I xn--moreke-jua
-	0x0036a48e, // n0x1915 c0x0000 (---------------)  + I xn--mosjen-eya
-	0x0036c0cb, // n0x1916 c0x0000 (---------------)  + I xn--mot-tla
-	0x43f6c696, // n0x1917 c0x010f (n0x198c-n0x198e)  o I xn--mre-og-romsdal-qqb
-	0x0036d0cd, // n0x1918 c0x0000 (---------------)  + I xn--msy-ula0h
-	0x0036e814, // n0x1919 c0x0000 (---------------)  + I xn--mtta-vrjjat-k7af
-	0x0036f70d, // n0x191a c0x0000 (---------------)  + I xn--muost-0qa
-	0x00371c95, // n0x191b c0x0000 (---------------)  + I xn--nmesjevuemie-tcba
-	0x0037308d, // n0x191c c0x0000 (---------------)  + I xn--nry-yla5g
-	0x00373a0f, // n0x191d c0x0000 (---------------)  + I xn--nttery-byae
-	0x0037428f, // n0x191e c0x0000 (---------------)  + I xn--nvuotna-hwa
-	0x0037750f, // n0x191f c0x0000 (---------------)  + I xn--oppegrd-ixa
-	0x003778ce, // n0x1920 c0x0000 (---------------)  + I xn--ostery-fya
-	0x0037900d, // n0x1921 c0x0000 (---------------)  + I xn--osyro-wua
-	0x0037a891, // n0x1922 c0x0000 (---------------)  + I xn--porsgu-sta26f
-	0x0037eecc, // n0x1923 c0x0000 (---------------)  + I xn--rady-ira
-	0x0037f1cc, // n0x1924 c0x0000 (---------------)  + I xn--rdal-poa
-	0x0037f4cb, // n0x1925 c0x0000 (---------------)  + I xn--rde-ula
-	0x0037fa8c, // n0x1926 c0x0000 (---------------)  + I xn--rdy-0nab
-	0x0037fe4f, // n0x1927 c0x0000 (---------------)  + I xn--rennesy-v1a
-	0x00380212, // n0x1928 c0x0000 (---------------)  + I xn--rhkkervju-01af
-	0x00380bcd, // n0x1929 c0x0000 (---------------)  + I xn--rholt-mra
-	0x00381b8c, // n0x192a c0x0000 (---------------)  + I xn--risa-5na
-	0x0038200c, // n0x192b c0x0000 (---------------)  + I xn--risr-ira
-	0x0038230d, // n0x192c c0x0000 (---------------)  + I xn--rland-uua
-	0x0038264f, // n0x192d c0x0000 (---------------)  + I xn--rlingen-mxa
-	0x00382a0e, // n0x192e c0x0000 (---------------)  + I xn--rmskog-bya
-	0x00384c0c, // n0x192f c0x0000 (---------------)  + I xn--rros-gra
-	0x003851cd, // n0x1930 c0x0000 (---------------)  + I xn--rskog-uua
-	0x0038550b, // n0x1931 c0x0000 (---------------)  + I xn--rst-0na
-	0x00385acc, // n0x1932 c0x0000 (---------------)  + I xn--rsta-fra
-	0x0038604d, // n0x1933 c0x0000 (---------------)  + I xn--ryken-vua
-	0x0038638e, // n0x1934 c0x0000 (---------------)  + I xn--ryrvik-bya
-	0x00386809, // n0x1935 c0x0000 (---------------)  + I xn--s-1fa
-	0x00387513, // n0x1936 c0x0000 (---------------)  + I xn--sandnessjen-ogb
-	0x00387f8d, // n0x1937 c0x0000 (---------------)  + I xn--sandy-yua
-	0x003882cd, // n0x1938 c0x0000 (---------------)  + I xn--seral-lra
-	0x003888cc, // n0x1939 c0x0000 (---------------)  + I xn--sgne-gra
-	0x00388d4e, // n0x193a c0x0000 (---------------)  + I xn--skierv-uta
-	0x00389bcf, // n0x193b c0x0000 (---------------)  + I xn--skjervy-v1a
-	0x00389f8c, // n0x193c c0x0000 (---------------)  + I xn--skjk-soa
-	0x0038a28d, // n0x193d c0x0000 (---------------)  + I xn--sknit-yqa
-	0x0038a5cf, // n0x193e c0x0000 (---------------)  + I xn--sknland-fxa
-	0x0038a98c, // n0x193f c0x0000 (---------------)  + I xn--slat-5na
-	0x0038b08c, // n0x1940 c0x0000 (---------------)  + I xn--slt-elab
-	0x0038b44c, // n0x1941 c0x0000 (---------------)  + I xn--smla-hra
-	0x0038b74c, // n0x1942 c0x0000 (---------------)  + I xn--smna-gra
-	0x0038be0d, // n0x1943 c0x0000 (---------------)  + I xn--snase-nra
-	0x0038c152, // n0x1944 c0x0000 (---------------)  + I xn--sndre-land-0cb
-	0x0038c7cc, // n0x1945 c0x0000 (---------------)  + I xn--snes-poa
-	0x0038cacc, // n0x1946 c0x0000 (---------------)  + I xn--snsa-roa
-	0x0038cdd1, // n0x1947 c0x0000 (---------------)  + I xn--sr-aurdal-l8a
-	0x0038d20f, // n0x1948 c0x0000 (---------------)  + I xn--sr-fron-q1a
-	0x0038d5cf, // n0x1949 c0x0000 (---------------)  + I xn--sr-odal-q1a
-	0x0038d993, // n0x194a c0x0000 (---------------)  + I xn--sr-varanger-ggb
-	0x0038ee4e, // n0x194b c0x0000 (---------------)  + I xn--srfold-bya
-	0x0038f3cf, // n0x194c c0x0000 (---------------)  + I xn--srreisa-q1a
-	0x0038f78c, // n0x194d c0x0000 (---------------)  + I xn--srum-gra
-	0x4438face, // n0x194e c0x0110 (n0x198e-n0x198f)  o I xn--stfold-9xa
-	0x0038fe4f, // n0x194f c0x0000 (---------------)  + I xn--stjrdal-s1a
-	0x00390216, // n0x1950 c0x0000 (---------------)  + I xn--stjrdalshalsen-sqb
-	0x00390d12, // n0x1951 c0x0000 (---------------)  + I xn--stre-toten-zcb
-	0x0039230c, // n0x1952 c0x0000 (---------------)  + I xn--tjme-hra
-	0x00392acf, // n0x1953 c0x0000 (---------------)  + I xn--tnsberg-q1a
-	0x0039314d, // n0x1954 c0x0000 (---------------)  + I xn--trany-yua
-	0x0039348f, // n0x1955 c0x0000 (---------------)  + I xn--trgstad-r1a
-	0x0039384c, // n0x1956 c0x0000 (---------------)  + I xn--trna-woa
-	0x00393b4d, // n0x1957 c0x0000 (---------------)  + I xn--troms-zua
-	0x00393e8d, // n0x1958 c0x0000 (---------------)  + I xn--tysvr-vra
-	0x0039570e, // n0x1959 c0x0000 (---------------)  + I xn--unjrga-rta
-	0x00396a8c, // n0x195a c0x0000 (---------------)  + I xn--vads-jra
-	0x00396d8c, // n0x195b c0x0000 (---------------)  + I xn--vard-jra
-	0x00397090, // n0x195c c0x0000 (---------------)  + I xn--vegrshei-c0a
-	0x003991d1, // n0x195d c0x0000 (---------------)  + I xn--vestvgy-ixa6o
-	0x0039960b, // n0x195e c0x0000 (---------------)  + I xn--vg-yiab
-	0x0039994c, // n0x195f c0x0000 (---------------)  + I xn--vgan-qoa
-	0x00399c4e, // n0x1960 c0x0000 (---------------)  + I xn--vgsy-qoa0j
-	0x0039af51, // n0x1961 c0x0000 (---------------)  + I xn--vre-eiker-k8a
-	0x0039b38e, // n0x1962 c0x0000 (---------------)  + I xn--vrggt-xqad
-	0x0039b70d, // n0x1963 c0x0000 (---------------)  + I xn--vry-yla5g
-	0x003a278b, // n0x1964 c0x0000 (---------------)  + I xn--yer-zna
-	0x003a308f, // n0x1965 c0x0000 (---------------)  + I xn--ygarden-p1a
-	0x003a4814, // n0x1966 c0x0000 (---------------)  + I xn--ystre-slidre-ujb
-	0x0023a242, // n0x1967 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1968 c0x0000 (---------------)  + I gs
-	0x00202c03, // n0x1969 c0x0000 (---------------)  + I nes
-	0x0023a242, // n0x196a c0x0000 (---------------)  + I gs
-	0x00202c03, // n0x196b c0x0000 (---------------)  + I nes
-	0x0023a242, // n0x196c c0x0000 (---------------)  + I gs
-	0x0020a802, // n0x196d c0x0000 (---------------)  + I os
-	0x003635c5, // n0x196e c0x0000 (---------------)  + I valer
-	0x0039ac4c, // n0x196f c0x0000 (---------------)  + I xn--vler-qoa
-	0x0023a242, // n0x1970 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1971 c0x0000 (---------------)  + I gs
-	0x0020a802, // n0x1972 c0x0000 (---------------)  + I os
-	0x0023a242, // n0x1973 c0x0000 (---------------)  + I gs
-	0x002921c5, // n0x1974 c0x0000 (---------------)  + I heroy
-	0x003301c5, // n0x1975 c0x0000 (---------------)  + I sande
-	0x0023a242, // n0x1976 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1977 c0x0000 (---------------)  + I gs
-	0x0020e402, // n0x1978 c0x0000 (---------------)  + I bo
-	0x002921c5, // n0x1979 c0x0000 (---------------)  + I heroy
-	0x00310a09, // n0x197a c0x0000 (---------------)  + I xn--b-5ga
-	0x0033e68c, // n0x197b c0x0000 (---------------)  + I xn--hery-ira
-	0x0023a242, // n0x197c c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x197d c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x197e c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x197f c0x0000 (---------------)  + I gs
-	0x003635c5, // n0x1980 c0x0000 (---------------)  + I valer
-	0x0023a242, // n0x1981 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1982 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1983 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1984 c0x0000 (---------------)  + I gs
-	0x0020e402, // n0x1985 c0x0000 (---------------)  + I bo
-	0x00310a09, // n0x1986 c0x0000 (---------------)  + I xn--b-5ga
-	0x0023a242, // n0x1987 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1988 c0x0000 (---------------)  + I gs
-	0x0023a242, // n0x1989 c0x0000 (---------------)  + I gs
-	0x003301c5, // n0x198a c0x0000 (---------------)  + I sande
-	0x0023a242, // n0x198b c0x0000 (---------------)  + I gs
-	0x003301c5, // n0x198c c0x0000 (---------------)  + I sande
-	0x0033e68c, // n0x198d c0x0000 (---------------)  + I xn--hery-ira
-	0x0039ac4c, // n0x198e c0x0000 (---------------)  + I xn--vler-qoa
-	0x00330b83, // n0x198f c0x0000 (---------------)  + I biz
-	0x00233503, // n0x1990 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1991 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1992 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1993 c0x0000 (---------------)  + I info
-	0x0021fe03, // n0x1994 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1995 c0x0000 (---------------)  + I org
-	0x000ecf48, // n0x1996 c0x0000 (---------------)  +   merseine
-	0x000a9304, // n0x1997 c0x0000 (---------------)  +   mine
-	0x000feb48, // n0x1998 c0x0000 (---------------)  +   shacknet
-	0x00201542, // n0x1999 c0x0000 (---------------)  + I ac
-	0x45200742, // n0x199a c0x0114 (n0x19a9-n0x19aa)  + I co
-	0x00245b43, // n0x199b c0x0000 (---------------)  + I cri
-	0x0024eac4, // n0x199c c0x0000 (---------------)  + I geek
-	0x00205843, // n0x199d c0x0000 (---------------)  + I gen
-	0x00341e04, // n0x199e c0x0000 (---------------)  + I govt
-	0x0036b386, // n0x199f c0x0000 (---------------)  + I health
-	0x0020cec3, // n0x19a0 c0x0000 (---------------)  + I iwi
-	0x002eed84, // n0x19a1 c0x0000 (---------------)  + I kiwi
-	0x002703c5, // n0x19a2 c0x0000 (---------------)  + I maori
-	0x00209003, // n0x19a3 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x19a4 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x19a5 c0x0000 (---------------)  + I org
-	0x0028440a, // n0x19a6 c0x0000 (---------------)  + I parliament
-	0x0023d0c6, // n0x19a7 c0x0000 (---------------)  + I school
-	0x00369b0c, // n0x19a8 c0x0000 (---------------)  + I xn--mori-qsa
-	0x000ffa08, // n0x19a9 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x19aa c0x0000 (---------------)  + I co
-	0x00233503, // n0x19ab c0x0000 (---------------)  + I com
-	0x0023a783, // n0x19ac c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x19ad c0x0000 (---------------)  + I gov
-	0x00213ac3, // n0x19ae c0x0000 (---------------)  + I med
-	0x002d0106, // n0x19af c0x0000 (---------------)  + I museum
-	0x0021fe03, // n0x19b0 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x19b1 c0x0000 (---------------)  + I org
-	0x00220e43, // n0x19b2 c0x0000 (---------------)  + I pro
-	0x000035c2, // n0x19b3 c0x0000 (---------------)  +   ae
-	0x000fb147, // n0x19b4 c0x0000 (---------------)  +   blogdns
-	0x000d3588, // n0x19b5 c0x0000 (---------------)  +   blogsite
-	0x0000e74e, // n0x19b6 c0x0000 (---------------)  +   bmoattachments
-	0x000878d2, // n0x19b7 c0x0000 (---------------)  +   boldlygoingnowhere
-	0x45e3e2c5, // n0x19b8 c0x0117 (n0x19f0-n0x19f2)  o I cdn77
-	0x4631c4cc, // n0x19b9 c0x0118 (n0x19f2-n0x19f3)  o I cdn77-secure
-	0x0014c048, // n0x19ba c0x0000 (---------------)  +   dnsalias
-	0x0007c9c7, // n0x19bb c0x0000 (---------------)  +   dnsdojo
-	0x00014e0b, // n0x19bc c0x0000 (---------------)  +   doesntexist
-	0x0016a009, // n0x19bd c0x0000 (---------------)  +   dontexist
-	0x0014bf47, // n0x19be c0x0000 (---------------)  +   doomdns
-	0x0008cdc7, // n0x19bf c0x0000 (---------------)  +   dsmynas
-	0x0007c8c7, // n0x19c0 c0x0000 (---------------)  +   duckdns
-	0x00011046, // n0x19c1 c0x0000 (---------------)  +   dvrdns
-	0x00197b48, // n0x19c2 c0x0000 (---------------)  +   dynalias
-	0x46813886, // n0x19c3 c0x011a (n0x19f4-n0x19f6)  +   dyndns
-	0x000a950d, // n0x19c4 c0x0000 (---------------)  +   endofinternet
-	0x0005ea10, // n0x19c5 c0x0000 (---------------)  +   endoftheinternet
-	0x46c04b82, // n0x19c6 c0x011b (n0x19f6-n0x1a2d)  +   eu
-	0x00008f88, // n0x19c7 c0x0000 (---------------)  +   familyds
-	0x0006ac47, // n0x19c8 c0x0000 (---------------)  +   from-me
-	0x00097cc9, // n0x19c9 c0x0000 (---------------)  +   game-host
-	0x00057d06, // n0x19ca c0x0000 (---------------)  +   gotdns
-	0x0000a882, // n0x19cb c0x0000 (---------------)  +   hk
-	0x0014cfca, // n0x19cc c0x0000 (---------------)  +   hobby-site
-	0x00013a47, // n0x19cd c0x0000 (---------------)  +   homedns
-	0x00146347, // n0x19ce c0x0000 (---------------)  +   homeftp
-	0x000a59c9, // n0x19cf c0x0000 (---------------)  +   homelinux
-	0x000a6fc8, // n0x19d0 c0x0000 (---------------)  +   homeunix
-	0x000e0c0e, // n0x19d1 c0x0000 (---------------)  +   is-a-bruinsfan
-	0x0000c54e, // n0x19d2 c0x0000 (---------------)  +   is-a-candidate
-	0x00011a0f, // n0x19d3 c0x0000 (---------------)  +   is-a-celticsfan
-	0x00012789, // n0x19d4 c0x0000 (---------------)  +   is-a-chef
-	0x0004e989, // n0x19d5 c0x0000 (---------------)  +   is-a-geek
-	0x000704cb, // n0x19d6 c0x0000 (---------------)  +   is-a-knight
-	0x0007fa4f, // n0x19d7 c0x0000 (---------------)  +   is-a-linux-user
-	0x0008a50c, // n0x19d8 c0x0000 (---------------)  +   is-a-patsfan
-	0x000ab58b, // n0x19d9 c0x0000 (---------------)  +   is-a-soxfan
-	0x000b9e88, // n0x19da c0x0000 (---------------)  +   is-found
-	0x000d9587, // n0x19db c0x0000 (---------------)  +   is-lost
-	0x000fe008, // n0x19dc c0x0000 (---------------)  +   is-saved
-	0x000f218b, // n0x19dd c0x0000 (---------------)  +   is-very-bad
-	0x000f8d0c, // n0x19de c0x0000 (---------------)  +   is-very-evil
-	0x0011b8cc, // n0x19df c0x0000 (---------------)  +   is-very-good
-	0x0013aecc, // n0x19e0 c0x0000 (---------------)  +   is-very-nice
-	0x00142a4d, // n0x19e1 c0x0000 (---------------)  +   is-very-sweet
-	0x0008e588, // n0x19e2 c0x0000 (---------------)  +   isa-geek
-	0x00150c09, // n0x19e3 c0x0000 (---------------)  +   kicks-ass
-	0x001a24cb, // n0x19e4 c0x0000 (---------------)  +   misconfused
-	0x000dcd47, // n0x19e5 c0x0000 (---------------)  +   podzone
-	0x000d340a, // n0x19e6 c0x0000 (---------------)  +   readmyblog
-	0x0006ba86, // n0x19e7 c0x0000 (---------------)  +   selfip
-	0x00099a8d, // n0x19e8 c0x0000 (---------------)  +   sellsyourhome
-	0x000cb7c8, // n0x19e9 c0x0000 (---------------)  +   servebbs
-	0x000895c8, // n0x19ea c0x0000 (---------------)  +   serveftp
-	0x00173dc9, // n0x19eb c0x0000 (---------------)  +   servegame
-	0x000e868c, // n0x19ec c0x0000 (---------------)  +   stuff-4-sale
-	0x00002382, // n0x19ed c0x0000 (---------------)  +   us
-	0x000eadc6, // n0x19ee c0x0000 (---------------)  +   webhop
-	0x00005f82, // n0x19ef c0x0000 (---------------)  +   za
-	0x00000301, // n0x19f0 c0x0000 (---------------)  +   c
-	0x0003cdc3, // n0x19f1 c0x0000 (---------------)  +   rsc
-	0x46783486, // n0x19f2 c0x0119 (n0x19f3-n0x19f4)  o I origin
-	0x0003e443, // n0x19f3 c0x0000 (---------------)  +   ssl
-	0x00002d42, // n0x19f4 c0x0000 (---------------)  +   go
-	0x00013a44, // n0x19f5 c0x0000 (---------------)  +   home
-	0x000001c2, // n0x19f6 c0x0000 (---------------)  +   al
-	0x000d4884, // n0x19f7 c0x0000 (---------------)  +   asso
-	0x00000102, // n0x19f8 c0x0000 (---------------)  +   at
-	0x00004f82, // n0x19f9 c0x0000 (---------------)  +   au
-	0x00003302, // n0x19fa c0x0000 (---------------)  +   be
-	0x000ee482, // n0x19fb c0x0000 (---------------)  +   bg
-	0x00000302, // n0x19fc c0x0000 (---------------)  +   ca
-	0x0003e2c2, // n0x19fd c0x0000 (---------------)  +   cd
-	0x00001582, // n0x19fe c0x0000 (---------------)  +   ch
-	0x0001ba42, // n0x19ff c0x0000 (---------------)  +   cn
-	0x0003e082, // n0x1a00 c0x0000 (---------------)  +   cy
-	0x00029ec2, // n0x1a01 c0x0000 (---------------)  +   cz
-	0x00004d82, // n0x1a02 c0x0000 (---------------)  +   de
-	0x000494c2, // n0x1a03 c0x0000 (---------------)  +   dk
-	0x0003a783, // n0x1a04 c0x0000 (---------------)  +   edu
-	0x0000b342, // n0x1a05 c0x0000 (---------------)  +   ee
-	0x00000482, // n0x1a06 c0x0000 (---------------)  +   es
-	0x00007502, // n0x1a07 c0x0000 (---------------)  +   fi
-	0x00000582, // n0x1a08 c0x0000 (---------------)  +   fr
-	0x00000c82, // n0x1a09 c0x0000 (---------------)  +   gr
-	0x0000e4c2, // n0x1a0a c0x0000 (---------------)  +   hr
-	0x000195c2, // n0x1a0b c0x0000 (---------------)  +   hu
-	0x00000042, // n0x1a0c c0x0000 (---------------)  +   ie
-	0x00002902, // n0x1a0d c0x0000 (---------------)  +   il
-	0x000013c2, // n0x1a0e c0x0000 (---------------)  +   in
-	0x00001603, // n0x1a0f c0x0000 (---------------)  +   int
-	0x000006c2, // n0x1a10 c0x0000 (---------------)  +   is
-	0x00001e42, // n0x1a11 c0x0000 (---------------)  +   it
-	0x000ae3c2, // n0x1a12 c0x0000 (---------------)  +   jp
-	0x00006fc2, // n0x1a13 c0x0000 (---------------)  +   kr
-	0x00009e02, // n0x1a14 c0x0000 (---------------)  +   lt
-	0x00002f42, // n0x1a15 c0x0000 (---------------)  +   lu
-	0x00005d02, // n0x1a16 c0x0000 (---------------)  +   lv
-	0x0002ac02, // n0x1a17 c0x0000 (---------------)  +   mc
-	0x00003e82, // n0x1a18 c0x0000 (---------------)  +   me
-	0x00167142, // n0x1a19 c0x0000 (---------------)  +   mk
-	0x00004c02, // n0x1a1a c0x0000 (---------------)  +   mt
-	0x00026f02, // n0x1a1b c0x0000 (---------------)  +   my
-	0x0001fe03, // n0x1a1c c0x0000 (---------------)  +   net
-	0x00002802, // n0x1a1d c0x0000 (---------------)  +   ng
-	0x00047802, // n0x1a1e c0x0000 (---------------)  +   nl
-	0x00000c02, // n0x1a1f c0x0000 (---------------)  +   no
-	0x000094c2, // n0x1a20 c0x0000 (---------------)  +   nz
-	0x00077905, // n0x1a21 c0x0000 (---------------)  +   paris
-	0x000063c2, // n0x1a22 c0x0000 (---------------)  +   pl
-	0x0008c9c2, // n0x1a23 c0x0000 (---------------)  +   pt
-	0x00043b83, // n0x1a24 c0x0000 (---------------)  +   q-a
-	0x00002202, // n0x1a25 c0x0000 (---------------)  +   ro
-	0x00011302, // n0x1a26 c0x0000 (---------------)  +   ru
-	0x000046c2, // n0x1a27 c0x0000 (---------------)  +   se
-	0x0000a402, // n0x1a28 c0x0000 (---------------)  +   si
-	0x00007842, // n0x1a29 c0x0000 (---------------)  +   sk
-	0x00003002, // n0x1a2a c0x0000 (---------------)  +   tr
-	0x00000f82, // n0x1a2b c0x0000 (---------------)  +   uk
-	0x00002382, // n0x1a2c c0x0000 (---------------)  +   us
-	0x00210f43, // n0x1a2d c0x0000 (---------------)  + I abo
-	0x00201542, // n0x1a2e c0x0000 (---------------)  + I ac
-	0x00233503, // n0x1a2f c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1a30 c0x0000 (---------------)  + I edu
-	0x00213183, // n0x1a31 c0x0000 (---------------)  + I gob
-	0x0020e2c3, // n0x1a32 c0x0000 (---------------)  + I ing
-	0x00213ac3, // n0x1a33 c0x0000 (---------------)  + I med
-	0x0021fe03, // n0x1a34 c0x0000 (---------------)  + I net
-	0x00201483, // n0x1a35 c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x1a36 c0x0000 (---------------)  + I org
-	0x00292103, // n0x1a37 c0x0000 (---------------)  + I sld
-	0x000ffa08, // n0x1a38 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1a39 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1a3a c0x0000 (---------------)  + I edu
-	0x00213183, // n0x1a3b c0x0000 (---------------)  + I gob
-	0x00209003, // n0x1a3c c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1a3d c0x0000 (---------------)  + I net
-	0x00201483, // n0x1a3e c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x1a3f c0x0000 (---------------)  + I org
-	0x00233503, // n0x1a40 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1a41 c0x0000 (---------------)  + I edu
-	0x0022d1c3, // n0x1a42 c0x0000 (---------------)  + I org
-	0x00233503, // n0x1a43 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1a44 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1a45 c0x0000 (---------------)  + I gov
-	0x00200041, // n0x1a46 c0x0000 (---------------)  + I i
-	0x00209003, // n0x1a47 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1a48 c0x0000 (---------------)  + I net
-	0x00202d03, // n0x1a49 c0x0000 (---------------)  + I ngo
-	0x0022d1c3, // n0x1a4a c0x0000 (---------------)  + I org
-	0x00330b83, // n0x1a4b c0x0000 (---------------)  + I biz
-	0x00233503, // n0x1a4c c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1a4d c0x0000 (---------------)  + I edu
-	0x00208f83, // n0x1a4e c0x0000 (---------------)  + I fam
-	0x00213183, // n0x1a4f c0x0000 (---------------)  + I gob
-	0x00337283, // n0x1a50 c0x0000 (---------------)  + I gok
-	0x00282e03, // n0x1a51 c0x0000 (---------------)  + I gon
-	0x002a36c3, // n0x1a52 c0x0000 (---------------)  + I gop
-	0x00276203, // n0x1a53 c0x0000 (---------------)  + I gos
-	0x0026cc83, // n0x1a54 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1a55 c0x0000 (---------------)  + I info
-	0x0021fe03, // n0x1a56 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1a57 c0x0000 (---------------)  + I org
-	0x00221a03, // n0x1a58 c0x0000 (---------------)  + I web
-	0x002ebac4, // n0x1a59 c0x0000 (---------------)  + I agro
-	0x00253543, // n0x1a5a c0x0000 (---------------)  + I aid
-	0x000011c3, // n0x1a5b c0x0000 (---------------)  +   art
-	0x00200103, // n0x1a5c c0x0000 (---------------)  + I atm
-	0x0024a188, // n0x1a5d c0x0000 (---------------)  + I augustow
-	0x00265104, // n0x1a5e c0x0000 (---------------)  + I auto
-	0x0022404a, // n0x1a5f c0x0000 (---------------)  + I babia-gora
-	0x00207a06, // n0x1a60 c0x0000 (---------------)  + I bedzin
-	0x00397a07, // n0x1a61 c0x0000 (---------------)  + I beskidy
-	0x0021e20a, // n0x1a62 c0x0000 (---------------)  + I bialowieza
-	0x00275d09, // n0x1a63 c0x0000 (---------------)  + I bialystok
-	0x0039dd47, // n0x1a64 c0x0000 (---------------)  + I bielawa
-	0x003a604a, // n0x1a65 c0x0000 (---------------)  + I bieszczady
-	0x00330b83, // n0x1a66 c0x0000 (---------------)  + I biz
-	0x003782cb, // n0x1a67 c0x0000 (---------------)  + I boleslawiec
-	0x002ce249, // n0x1a68 c0x0000 (---------------)  + I bydgoszcz
-	0x00269605, // n0x1a69 c0x0000 (---------------)  + I bytom
-	0x002cc107, // n0x1a6a c0x0000 (---------------)  + I cieszyn
-	0x00000742, // n0x1a6b c0x0000 (---------------)  +   co
-	0x00233503, // n0x1a6c c0x0000 (---------------)  + I com
-	0x00229ec7, // n0x1a6d c0x0000 (---------------)  + I czeladz
-	0x003522c5, // n0x1a6e c0x0000 (---------------)  + I czest
-	0x002bb989, // n0x1a6f c0x0000 (---------------)  + I dlugoleka
-	0x0023a783, // n0x1a70 c0x0000 (---------------)  + I edu
-	0x00222c06, // n0x1a71 c0x0000 (---------------)  + I elblag
-	0x002baac3, // n0x1a72 c0x0000 (---------------)  + I elk
-	0x000cba03, // n0x1a73 c0x0000 (---------------)  +   gda
-	0x000fc286, // n0x1a74 c0x0000 (---------------)  +   gdansk
-	0x000ee0c6, // n0x1a75 c0x0000 (---------------)  +   gdynia
-	0x0000ce47, // n0x1a76 c0x0000 (---------------)  +   gliwice
-	0x00210886, // n0x1a77 c0x0000 (---------------)  + I glogow
-	0x00216405, // n0x1a78 c0x0000 (---------------)  + I gmina
-	0x00328747, // n0x1a79 c0x0000 (---------------)  + I gniezno
-	0x003350c7, // n0x1a7a c0x0000 (---------------)  + I gorlice
-	0x48a6cc83, // n0x1a7b c0x0122 (n0x1afe-n0x1b2d)  + I gov
-	0x0032ad07, // n0x1a7c c0x0000 (---------------)  + I grajewo
-	0x0035e383, // n0x1a7d c0x0000 (---------------)  + I gsm
-	0x003205c5, // n0x1a7e c0x0000 (---------------)  + I ilawa
-	0x003a1244, // n0x1a7f c0x0000 (---------------)  + I info
-	0x0036f508, // n0x1a80 c0x0000 (---------------)  + I jaworzno
-	0x002ad88c, // n0x1a81 c0x0000 (---------------)  + I jelenia-gora
-	0x002ac505, // n0x1a82 c0x0000 (---------------)  + I jgora
-	0x00345486, // n0x1a83 c0x0000 (---------------)  + I kalisz
-	0x00229d87, // n0x1a84 c0x0000 (---------------)  + I karpacz
-	0x0038e2c7, // n0x1a85 c0x0000 (---------------)  + I kartuzy
-	0x0020f847, // n0x1a86 c0x0000 (---------------)  + I kaszuby
-	0x00217ac8, // n0x1a87 c0x0000 (---------------)  + I katowice
-	0x002acd4f, // n0x1a88 c0x0000 (---------------)  + I kazimierz-dolny
-	0x00249345, // n0x1a89 c0x0000 (---------------)  + I kepno
-	0x00245c47, // n0x1a8a c0x0000 (---------------)  + I ketrzyn
-	0x0039c507, // n0x1a8b c0x0000 (---------------)  + I klodzko
-	0x002a4d8a, // n0x1a8c c0x0000 (---------------)  + I kobierzyce
-	0x0028c749, // n0x1a8d c0x0000 (---------------)  + I kolobrzeg
-	0x002c8d85, // n0x1a8e c0x0000 (---------------)  + I konin
-	0x002c970a, // n0x1a8f c0x0000 (---------------)  + I konskowola
-	0x000eac86, // n0x1a90 c0x0000 (---------------)  +   krakow
-	0x002bab45, // n0x1a91 c0x0000 (---------------)  + I kutno
-	0x00368bc4, // n0x1a92 c0x0000 (---------------)  + I lapy
-	0x00271a06, // n0x1a93 c0x0000 (---------------)  + I lebork
-	0x0037c607, // n0x1a94 c0x0000 (---------------)  + I legnica
-	0x00251647, // n0x1a95 c0x0000 (---------------)  + I lezajsk
-	0x002551c8, // n0x1a96 c0x0000 (---------------)  + I limanowa
-	0x00214305, // n0x1a97 c0x0000 (---------------)  + I lomza
-	0x003521c6, // n0x1a98 c0x0000 (---------------)  + I lowicz
-	0x00398d05, // n0x1a99 c0x0000 (---------------)  + I lubin
-	0x003a42c5, // n0x1a9a c0x0000 (---------------)  + I lukow
-	0x0021b5c4, // n0x1a9b c0x0000 (---------------)  + I mail
-	0x002f2587, // n0x1a9c c0x0000 (---------------)  + I malbork
-	0x0030764a, // n0x1a9d c0x0000 (---------------)  + I malopolska
-	0x0020b848, // n0x1a9e c0x0000 (---------------)  + I mazowsze
-	0x002ee9c6, // n0x1a9f c0x0000 (---------------)  + I mazury
-	0x00013ac3, // n0x1aa0 c0x0000 (---------------)  +   med
-	0x003025c5, // n0x1aa1 c0x0000 (---------------)  + I media
-	0x00232006, // n0x1aa2 c0x0000 (---------------)  + I miasta
-	0x003a5006, // n0x1aa3 c0x0000 (---------------)  + I mielec
-	0x00332046, // n0x1aa4 c0x0000 (---------------)  + I mielno
-	0x00209003, // n0x1aa5 c0x0000 (---------------)  + I mil
-	0x00380e47, // n0x1aa6 c0x0000 (---------------)  + I mragowo
-	0x0039c485, // n0x1aa7 c0x0000 (---------------)  + I naklo
-	0x0021fe03, // n0x1aa8 c0x0000 (---------------)  + I net
-	0x0039dfcd, // n0x1aa9 c0x0000 (---------------)  + I nieruchomosci
-	0x00201483, // n0x1aaa c0x0000 (---------------)  + I nom
-	0x002552c8, // n0x1aab c0x0000 (---------------)  + I nowaruda
-	0x002158c4, // n0x1aac c0x0000 (---------------)  + I nysa
-	0x00276d05, // n0x1aad c0x0000 (---------------)  + I olawa
-	0x002a4c86, // n0x1aae c0x0000 (---------------)  + I olecko
-	0x0023d406, // n0x1aaf c0x0000 (---------------)  + I olkusz
-	0x00219a47, // n0x1ab0 c0x0000 (---------------)  + I olsztyn
-	0x0023d707, // n0x1ab1 c0x0000 (---------------)  + I opoczno
-	0x00251585, // n0x1ab2 c0x0000 (---------------)  + I opole
-	0x0022d1c3, // n0x1ab3 c0x0000 (---------------)  + I org
-	0x00384947, // n0x1ab4 c0x0000 (---------------)  + I ostroda
-	0x002c7689, // n0x1ab5 c0x0000 (---------------)  + I ostroleka
-	0x0020ad49, // n0x1ab6 c0x0000 (---------------)  + I ostrowiec
-	0x0020d58a, // n0x1ab7 c0x0000 (---------------)  + I ostrowwlkp
-	0x00248182, // n0x1ab8 c0x0000 (---------------)  + I pc
-	0x00320584, // n0x1ab9 c0x0000 (---------------)  + I pila
-	0x002d7404, // n0x1aba c0x0000 (---------------)  + I pisz
-	0x00219e47, // n0x1abb c0x0000 (---------------)  + I podhale
-	0x00243388, // n0x1abc c0x0000 (---------------)  + I podlasie
-	0x002de7c9, // n0x1abd c0x0000 (---------------)  + I polkowice
-	0x00209609, // n0x1abe c0x0000 (---------------)  + I pomorskie
-	0x002df1c7, // n0x1abf c0x0000 (---------------)  + I pomorze
-	0x00248e46, // n0x1ac0 c0x0000 (---------------)  + I powiat
-	0x000e0986, // n0x1ac1 c0x0000 (---------------)  +   poznan
-	0x002e1c44, // n0x1ac2 c0x0000 (---------------)  + I priv
-	0x002e1dca, // n0x1ac3 c0x0000 (---------------)  + I prochowice
-	0x002e4548, // n0x1ac4 c0x0000 (---------------)  + I pruszkow
-	0x002e51c9, // n0x1ac5 c0x0000 (---------------)  + I przeworsk
-	0x00296686, // n0x1ac6 c0x0000 (---------------)  + I pulawy
-	0x00339e45, // n0x1ac7 c0x0000 (---------------)  + I radom
-	0x0020b708, // n0x1ac8 c0x0000 (---------------)  + I rawa-maz
-	0x002c238a, // n0x1ac9 c0x0000 (---------------)  + I realestate
-	0x00285b43, // n0x1aca c0x0000 (---------------)  + I rel
-	0x0033cf06, // n0x1acb c0x0000 (---------------)  + I rybnik
-	0x002df2c7, // n0x1acc c0x0000 (---------------)  + I rzeszow
-	0x0020f745, // n0x1acd c0x0000 (---------------)  + I sanok
-	0x002224c5, // n0x1ace c0x0000 (---------------)  + I sejny
-	0x00247603, // n0x1acf c0x0000 (---------------)  + I sex
-	0x00352004, // n0x1ad0 c0x0000 (---------------)  + I shop
-	0x00374ec5, // n0x1ad1 c0x0000 (---------------)  + I sklep
-	0x00284fc7, // n0x1ad2 c0x0000 (---------------)  + I skoczow
-	0x002e2b05, // n0x1ad3 c0x0000 (---------------)  + I slask
-	0x002d51c6, // n0x1ad4 c0x0000 (---------------)  + I slupsk
-	0x000f3985, // n0x1ad5 c0x0000 (---------------)  +   sopot
-	0x0021f483, // n0x1ad6 c0x0000 (---------------)  + I sos
-	0x002b5889, // n0x1ad7 c0x0000 (---------------)  + I sosnowiec
-	0x00276acc, // n0x1ad8 c0x0000 (---------------)  + I stalowa-wola
-	0x002a11cc, // n0x1ad9 c0x0000 (---------------)  + I starachowice
-	0x002c92c8, // n0x1ada c0x0000 (---------------)  + I stargard
-	0x0027b447, // n0x1adb c0x0000 (---------------)  + I suwalki
-	0x002f0a08, // n0x1adc c0x0000 (---------------)  + I swidnica
-	0x002f100a, // n0x1add c0x0000 (---------------)  + I swiebodzin
-	0x002f198b, // n0x1ade c0x0000 (---------------)  + I swinoujscie
-	0x002ce388, // n0x1adf c0x0000 (---------------)  + I szczecin
-	0x00345588, // n0x1ae0 c0x0000 (---------------)  + I szczytno
-	0x00293346, // n0x1ae1 c0x0000 (---------------)  + I szkola
-	0x00357a85, // n0x1ae2 c0x0000 (---------------)  + I targi
-	0x00249c0a, // n0x1ae3 c0x0000 (---------------)  + I tarnobrzeg
-	0x00220b05, // n0x1ae4 c0x0000 (---------------)  + I tgory
-	0x00200142, // n0x1ae5 c0x0000 (---------------)  + I tm
-	0x002c0507, // n0x1ae6 c0x0000 (---------------)  + I tourism
-	0x0029bec6, // n0x1ae7 c0x0000 (---------------)  + I travel
-	0x00352bc5, // n0x1ae8 c0x0000 (---------------)  + I turek
-	0x0037da09, // n0x1ae9 c0x0000 (---------------)  + I turystyka
-	0x0031fd85, // n0x1aea c0x0000 (---------------)  + I tychy
-	0x00291985, // n0x1aeb c0x0000 (---------------)  + I ustka
-	0x00320189, // n0x1aec c0x0000 (---------------)  + I walbrzych
-	0x00231e86, // n0x1aed c0x0000 (---------------)  + I warmia
-	0x0023ee48, // n0x1aee c0x0000 (---------------)  + I warszawa
-	0x0025a843, // n0x1aef c0x0000 (---------------)  + I waw
-	0x0020fcc6, // n0x1af0 c0x0000 (---------------)  + I wegrow
-	0x00275246, // n0x1af1 c0x0000 (---------------)  + I wielun
-	0x002fff45, // n0x1af2 c0x0000 (---------------)  + I wlocl
-	0x002fff49, // n0x1af3 c0x0000 (---------------)  + I wloclawek
-	0x002b0d09, // n0x1af4 c0x0000 (---------------)  + I wodzislaw
-	0x0024e547, // n0x1af5 c0x0000 (---------------)  + I wolomin
-	0x000ffdc4, // n0x1af6 c0x0000 (---------------)  +   wroc
-	0x002ffdc7, // n0x1af7 c0x0000 (---------------)  + I wroclaw
-	0x00209509, // n0x1af8 c0x0000 (---------------)  + I zachpomor
-	0x0021e405, // n0x1af9 c0x0000 (---------------)  + I zagan
-	0x00138408, // n0x1afa c0x0000 (---------------)  +   zakopane
-	0x0032f305, // n0x1afb c0x0000 (---------------)  + I zarow
-	0x0021fec5, // n0x1afc c0x0000 (---------------)  + I zgora
-	0x0022df89, // n0x1afd c0x0000 (---------------)  + I zgorzelec
-	0x00200d02, // n0x1afe c0x0000 (---------------)  + I ap
-	0x00351ac4, // n0x1aff c0x0000 (---------------)  + I griw
-	0x00206902, // n0x1b00 c0x0000 (---------------)  + I ic
-	0x002006c2, // n0x1b01 c0x0000 (---------------)  + I is
-	0x002717c5, // n0x1b02 c0x0000 (---------------)  + I kmpsp
-	0x002cc908, // n0x1b03 c0x0000 (---------------)  + I konsulat
-	0x00371a05, // n0x1b04 c0x0000 (---------------)  + I kppsp
-	0x002bd183, // n0x1b05 c0x0000 (---------------)  + I kwp
-	0x002bd185, // n0x1b06 c0x0000 (---------------)  + I kwpsp
-	0x002cc4c3, // n0x1b07 c0x0000 (---------------)  + I mup
-	0x0020fc82, // n0x1b08 c0x0000 (---------------)  + I mw
-	0x00268444, // n0x1b09 c0x0000 (---------------)  + I oirm
-	0x002e6d03, // n0x1b0a c0x0000 (---------------)  + I oum
-	0x0020ac42, // n0x1b0b c0x0000 (---------------)  + I pa
-	0x002dd7c4, // n0x1b0c c0x0000 (---------------)  + I pinb
-	0x002d8443, // n0x1b0d c0x0000 (---------------)  + I piw
-	0x00200942, // n0x1b0e c0x0000 (---------------)  + I po
-	0x00209343, // n0x1b0f c0x0000 (---------------)  + I psp
-	0x0028be44, // n0x1b10 c0x0000 (---------------)  + I psse
-	0x002b4bc3, // n0x1b11 c0x0000 (---------------)  + I pup
-	0x00242684, // n0x1b12 c0x0000 (---------------)  + I rzgw
-	0x002004c2, // n0x1b13 c0x0000 (---------------)  + I sa
-	0x00271443, // n0x1b14 c0x0000 (---------------)  + I sdn
-	0x00216343, // n0x1b15 c0x0000 (---------------)  + I sko
-	0x00205682, // n0x1b16 c0x0000 (---------------)  + I so
-	0x0033b802, // n0x1b17 c0x0000 (---------------)  + I sr
-	0x002b0b49, // n0x1b18 c0x0000 (---------------)  + I starostwo
-	0x00201cc2, // n0x1b19 c0x0000 (---------------)  + I ug
-	0x00288444, // n0x1b1a c0x0000 (---------------)  + I ugim
-	0x00204bc2, // n0x1b1b c0x0000 (---------------)  + I um
-	0x0020b584, // n0x1b1c c0x0000 (---------------)  + I umig
-	0x00248e04, // n0x1b1d c0x0000 (---------------)  + I upow
-	0x002e3944, // n0x1b1e c0x0000 (---------------)  + I uppo
-	0x00202382, // n0x1b1f c0x0000 (---------------)  + I us
-	0x00243e82, // n0x1b20 c0x0000 (---------------)  + I uw
-	0x00211343, // n0x1b21 c0x0000 (---------------)  + I uzs
-	0x002f1603, // n0x1b22 c0x0000 (---------------)  + I wif
-	0x00245244, // n0x1b23 c0x0000 (---------------)  + I wiih
-	0x0025d1c4, // n0x1b24 c0x0000 (---------------)  + I winb
-	0x002c7604, // n0x1b25 c0x0000 (---------------)  + I wios
-	0x002c9604, // n0x1b26 c0x0000 (---------------)  + I witd
-	0x002ff443, // n0x1b27 c0x0000 (---------------)  + I wiw
-	0x002f65c3, // n0x1b28 c0x0000 (---------------)  + I wsa
-	0x002eac04, // n0x1b29 c0x0000 (---------------)  + I wskr
-	0x003009c4, // n0x1b2a c0x0000 (---------------)  + I wuoz
-	0x00300cc6, // n0x1b2b c0x0000 (---------------)  + I wzmiuw
-	0x00264682, // n0x1b2c c0x0000 (---------------)  + I zp
-	0x00200742, // n0x1b2d c0x0000 (---------------)  + I co
-	0x0023a783, // n0x1b2e c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1b2f c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1b30 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1b31 c0x0000 (---------------)  + I org
-	0x00201542, // n0x1b32 c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x1b33 c0x0000 (---------------)  + I biz
-	0x00233503, // n0x1b34 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1b35 c0x0000 (---------------)  + I edu
-	0x00202703, // n0x1b36 c0x0000 (---------------)  + I est
-	0x0026cc83, // n0x1b37 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1b38 c0x0000 (---------------)  + I info
-	0x002b0e04, // n0x1b39 c0x0000 (---------------)  + I isla
-	0x00205284, // n0x1b3a c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x1b3b c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1b3c c0x0000 (---------------)  + I org
-	0x00220e43, // n0x1b3d c0x0000 (---------------)  + I pro
-	0x002e2484, // n0x1b3e c0x0000 (---------------)  + I prof
-	0x00355603, // n0x1b3f c0x0000 (---------------)  + I aaa
-	0x002b3e43, // n0x1b40 c0x0000 (---------------)  + I aca
-	0x0033f204, // n0x1b41 c0x0000 (---------------)  + I acct
-	0x0032f106, // n0x1b42 c0x0000 (---------------)  + I avocat
-	0x00202003, // n0x1b43 c0x0000 (---------------)  + I bar
-	0x00216d43, // n0x1b44 c0x0000 (---------------)  + I cpa
-	0x00213703, // n0x1b45 c0x0000 (---------------)  + I eng
-	0x002af443, // n0x1b46 c0x0000 (---------------)  + I jur
-	0x00274483, // n0x1b47 c0x0000 (---------------)  + I law
-	0x00213ac3, // n0x1b48 c0x0000 (---------------)  + I med
-	0x0022a5c5, // n0x1b49 c0x0000 (---------------)  + I recht
-	0x00233503, // n0x1b4a c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1b4b c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1b4c c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1b4d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1b4e c0x0000 (---------------)  + I org
-	0x002db8c3, // n0x1b4f c0x0000 (---------------)  + I plo
-	0x00235d43, // n0x1b50 c0x0000 (---------------)  + I sec
-	0x000ffa08, // n0x1b51 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1b52 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1b53 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1b54 c0x0000 (---------------)  + I gov
-	0x00201603, // n0x1b55 c0x0000 (---------------)  + I int
-	0x0021fe03, // n0x1b56 c0x0000 (---------------)  + I net
-	0x00242044, // n0x1b57 c0x0000 (---------------)  + I nome
-	0x0022d1c3, // n0x1b58 c0x0000 (---------------)  + I org
-	0x0029f744, // n0x1b59 c0x0000 (---------------)  + I publ
-	0x002b7cc5, // n0x1b5a c0x0000 (---------------)  + I belau
-	0x00200742, // n0x1b5b c0x0000 (---------------)  + I co
-	0x00202602, // n0x1b5c c0x0000 (---------------)  + I ed
-	0x00202d42, // n0x1b5d c0x0000 (---------------)  + I go
-	0x00202c02, // n0x1b5e c0x0000 (---------------)  + I ne
-	0x00200282, // n0x1b5f c0x0000 (---------------)  + I or
-	0x00233503, // n0x1b60 c0x0000 (---------------)  + I com
-	0x0023d684, // n0x1b61 c0x0000 (---------------)  + I coop
-	0x0023a783, // n0x1b62 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1b63 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1b64 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1b65 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1b66 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x1b67 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1b68 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1b69 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1b6a c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1b6b c0x0000 (---------------)  + I mil
-	0x00205284, // n0x1b6c c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x1b6d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1b6e c0x0000 (---------------)  + I org
-	0x00217443, // n0x1b6f c0x0000 (---------------)  + I sch
-	0x002d4884, // n0x1b70 c0x0000 (---------------)  + I asso
-	0x000ffa08, // n0x1b71 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1b72 c0x0000 (---------------)  + I com
-	0x00201483, // n0x1b73 c0x0000 (---------------)  + I nom
-	0x0024bf84, // n0x1b74 c0x0000 (---------------)  + I arts
-	0x000ffa08, // n0x1b75 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1b76 c0x0000 (---------------)  + I com
-	0x0024d9c4, // n0x1b77 c0x0000 (---------------)  + I firm
-	0x003a1244, // n0x1b78 c0x0000 (---------------)  + I info
-	0x00201483, // n0x1b79 c0x0000 (---------------)  + I nom
-	0x002009c2, // n0x1b7a c0x0000 (---------------)  + I nt
-	0x0022d1c3, // n0x1b7b c0x0000 (---------------)  + I org
-	0x0022a5c3, // n0x1b7c c0x0000 (---------------)  + I rec
-	0x00391185, // n0x1b7d c0x0000 (---------------)  + I store
-	0x00200142, // n0x1b7e c0x0000 (---------------)  + I tm
-	0x00300b03, // n0x1b7f c0x0000 (---------------)  + I www
-	0x00201542, // n0x1b80 c0x0000 (---------------)  + I ac
-	0x000ffa08, // n0x1b81 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x1b82 c0x0000 (---------------)  + I co
-	0x0023a783, // n0x1b83 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1b84 c0x0000 (---------------)  + I gov
-	0x002013c2, // n0x1b85 c0x0000 (---------------)  + I in
-	0x0022d1c3, // n0x1b86 c0x0000 (---------------)  + I org
-	0x00201542, // n0x1b87 c0x0000 (---------------)  + I ac
-	0x003a6207, // n0x1b88 c0x0000 (---------------)  + I adygeya
-	0x00289d85, // n0x1b89 c0x0000 (---------------)  + I altai
-	0x002937c4, // n0x1b8a c0x0000 (---------------)  + I amur
-	0x002e75c6, // n0x1b8b c0x0000 (---------------)  + I amursk
-	0x0023668b, // n0x1b8c c0x0000 (---------------)  + I arkhangelsk
-	0x0025a5c9, // n0x1b8d c0x0000 (---------------)  + I astrakhan
-	0x003453c6, // n0x1b8e c0x0000 (---------------)  + I baikal
-	0x003269c9, // n0x1b8f c0x0000 (---------------)  + I bashkiria
-	0x002d2e48, // n0x1b90 c0x0000 (---------------)  + I belgorod
-	0x002042c3, // n0x1b91 c0x0000 (---------------)  + I bir
-	0x000ffa08, // n0x1b92 c0x0000 (---------------)  +   blogspot
-	0x00227447, // n0x1b93 c0x0000 (---------------)  + I bryansk
-	0x0034d388, // n0x1b94 c0x0000 (---------------)  + I buryatia
-	0x002ee443, // n0x1b95 c0x0000 (---------------)  + I cbg
-	0x002648c4, // n0x1b96 c0x0000 (---------------)  + I chel
-	0x0026670b, // n0x1b97 c0x0000 (---------------)  + I chelyabinsk
-	0x002ac6c5, // n0x1b98 c0x0000 (---------------)  + I chita
-	0x002bc248, // n0x1b99 c0x0000 (---------------)  + I chukotka
-	0x00335889, // n0x1b9a c0x0000 (---------------)  + I chuvashia
-	0x0025d143, // n0x1b9b c0x0000 (---------------)  + I cmw
-	0x00233503, // n0x1b9c c0x0000 (---------------)  + I com
-	0x00202648, // n0x1b9d c0x0000 (---------------)  + I dagestan
-	0x002ef847, // n0x1b9e c0x0000 (---------------)  + I dudinka
-	0x002eccc6, // n0x1b9f c0x0000 (---------------)  + I e-burg
-	0x0023a783, // n0x1ba0 c0x0000 (---------------)  + I edu
-	0x003869c7, // n0x1ba1 c0x0000 (---------------)  + I fareast
-	0x0026cc83, // n0x1ba2 c0x0000 (---------------)  + I gov
-	0x00312746, // n0x1ba3 c0x0000 (---------------)  + I grozny
-	0x00201603, // n0x1ba4 c0x0000 (---------------)  + I int
-	0x00230d87, // n0x1ba5 c0x0000 (---------------)  + I irkutsk
-	0x0027d407, // n0x1ba6 c0x0000 (---------------)  + I ivanovo
-	0x003879c7, // n0x1ba7 c0x0000 (---------------)  + I izhevsk
-	0x002f2505, // n0x1ba8 c0x0000 (---------------)  + I jamal
-	0x00206543, // n0x1ba9 c0x0000 (---------------)  + I jar
-	0x0020a7cb, // n0x1baa c0x0000 (---------------)  + I joshkar-ola
-	0x00309908, // n0x1bab c0x0000 (---------------)  + I k-uralsk
-	0x00226e48, // n0x1bac c0x0000 (---------------)  + I kalmykia
-	0x002509c6, // n0x1bad c0x0000 (---------------)  + I kaluga
-	0x0022ab89, // n0x1bae c0x0000 (---------------)  + I kamchatka
-	0x00327ec7, // n0x1baf c0x0000 (---------------)  + I karelia
-	0x002f9b85, // n0x1bb0 c0x0000 (---------------)  + I kazan
-	0x00379b44, // n0x1bb1 c0x0000 (---------------)  + I kchr
-	0x00275f48, // n0x1bb2 c0x0000 (---------------)  + I kemerovo
-	0x0023f40a, // n0x1bb3 c0x0000 (---------------)  + I khabarovsk
-	0x0023f649, // n0x1bb4 c0x0000 (---------------)  + I khakassia
-	0x002517c3, // n0x1bb5 c0x0000 (---------------)  + I khv
-	0x0027ea45, // n0x1bb6 c0x0000 (---------------)  + I kirov
-	0x0033bcc3, // n0x1bb7 c0x0000 (---------------)  + I kms
-	0x002ab0c6, // n0x1bb8 c0x0000 (---------------)  + I koenig
-	0x0039a004, // n0x1bb9 c0x0000 (---------------)  + I komi
-	0x002fc3c8, // n0x1bba c0x0000 (---------------)  + I kostroma
-	0x00387b4b, // n0x1bbb c0x0000 (---------------)  + I krasnoyarsk
-	0x0033bb85, // n0x1bbc c0x0000 (---------------)  + I kuban
-	0x002b7a46, // n0x1bbd c0x0000 (---------------)  + I kurgan
-	0x002b9785, // n0x1bbe c0x0000 (---------------)  + I kursk
-	0x002b9cc8, // n0x1bbf c0x0000 (---------------)  + I kustanai
-	0x002bac87, // n0x1bc0 c0x0000 (---------------)  + I kuzbass
-	0x00207707, // n0x1bc1 c0x0000 (---------------)  + I lipetsk
-	0x00223c47, // n0x1bc2 c0x0000 (---------------)  + I magadan
-	0x0021e6c4, // n0x1bc3 c0x0000 (---------------)  + I mari
-	0x0021e6c7, // n0x1bc4 c0x0000 (---------------)  + I mari-el
-	0x0027bc46, // n0x1bc5 c0x0000 (---------------)  + I marine
-	0x00209003, // n0x1bc6 c0x0000 (---------------)  + I mil
-	0x002c55c8, // n0x1bc7 c0x0000 (---------------)  + I mordovia
-	0x00253243, // n0x1bc8 c0x0000 (---------------)  + I msk
-	0x002ccc88, // n0x1bc9 c0x0000 (---------------)  + I murmansk
-	0x002d2485, // n0x1bca c0x0000 (---------------)  + I mytis
-	0x0031a348, // n0x1bcb c0x0000 (---------------)  + I nakhodka
-	0x0023a987, // n0x1bcc c0x0000 (---------------)  + I nalchik
-	0x0021fe03, // n0x1bcd c0x0000 (---------------)  + I net
-	0x00392a03, // n0x1bce c0x0000 (---------------)  + I nkz
-	0x00289404, // n0x1bcf c0x0000 (---------------)  + I nnov
-	0x00374d87, // n0x1bd0 c0x0000 (---------------)  + I norilsk
-	0x002058c3, // n0x1bd1 c0x0000 (---------------)  + I nov
-	0x0027d4cb, // n0x1bd2 c0x0000 (---------------)  + I novosibirsk
-	0x00216303, // n0x1bd3 c0x0000 (---------------)  + I nsk
-	0x00253204, // n0x1bd4 c0x0000 (---------------)  + I omsk
-	0x00391208, // n0x1bd5 c0x0000 (---------------)  + I orenburg
-	0x0022d1c3, // n0x1bd6 c0x0000 (---------------)  + I org
-	0x002d6e85, // n0x1bd7 c0x0000 (---------------)  + I oryol
-	0x00296c85, // n0x1bd8 c0x0000 (---------------)  + I oskol
-	0x0039c386, // n0x1bd9 c0x0000 (---------------)  + I palana
-	0x00212c85, // n0x1bda c0x0000 (---------------)  + I penza
-	0x002d2844, // n0x1bdb c0x0000 (---------------)  + I perm
-	0x00209302, // n0x1bdc c0x0000 (---------------)  + I pp
-	0x002e5483, // n0x1bdd c0x0000 (---------------)  + I ptz
-	0x00368c4a, // n0x1bde c0x0000 (---------------)  + I pyatigorsk
-	0x003907c3, // n0x1bdf c0x0000 (---------------)  + I rnd
-	0x002d1989, // n0x1be0 c0x0000 (---------------)  + I rubtsovsk
-	0x00357446, // n0x1be1 c0x0000 (---------------)  + I ryazan
-	0x0021ac48, // n0x1be2 c0x0000 (---------------)  + I sakhalin
-	0x0028b986, // n0x1be3 c0x0000 (---------------)  + I samara
-	0x002257c7, // n0x1be4 c0x0000 (---------------)  + I saratov
-	0x002cc748, // n0x1be5 c0x0000 (---------------)  + I simbirsk
-	0x002d6648, // n0x1be6 c0x0000 (---------------)  + I smolensk
-	0x002e0f83, // n0x1be7 c0x0000 (---------------)  + I snz
-	0x00271883, // n0x1be8 c0x0000 (---------------)  + I spb
-	0x00225b89, // n0x1be9 c0x0000 (---------------)  + I stavropol
-	0x002f4c43, // n0x1bea c0x0000 (---------------)  + I stv
-	0x00341846, // n0x1beb c0x0000 (---------------)  + I surgut
-	0x00289a06, // n0x1bec c0x0000 (---------------)  + I syzran
-	0x00314f06, // n0x1bed c0x0000 (---------------)  + I tambov
-	0x0036cc49, // n0x1bee c0x0000 (---------------)  + I tatarstan
-	0x002ff844, // n0x1bef c0x0000 (---------------)  + I test
-	0x0020bf43, // n0x1bf0 c0x0000 (---------------)  + I tom
-	0x00309805, // n0x1bf1 c0x0000 (---------------)  + I tomsk
-	0x0030b209, // n0x1bf2 c0x0000 (---------------)  + I tsaritsyn
-	0x00207803, // n0x1bf3 c0x0000 (---------------)  + I tsk
-	0x00359bc4, // n0x1bf4 c0x0000 (---------------)  + I tula
-	0x002f3304, // n0x1bf5 c0x0000 (---------------)  + I tuva
-	0x00360784, // n0x1bf6 c0x0000 (---------------)  + I tver
-	0x0031ac06, // n0x1bf7 c0x0000 (---------------)  + I tyumen
-	0x0020fa43, // n0x1bf8 c0x0000 (---------------)  + I udm
-	0x0020fa48, // n0x1bf9 c0x0000 (---------------)  + I udmurtia
-	0x0025a208, // n0x1bfa c0x0000 (---------------)  + I ulan-ude
-	0x0035ca86, // n0x1bfb c0x0000 (---------------)  + I vdonsk
-	0x002f998b, // n0x1bfc c0x0000 (---------------)  + I vladikavkaz
-	0x002f9cc8, // n0x1bfd c0x0000 (---------------)  + I vladimir
-	0x002f9ecb, // n0x1bfe c0x0000 (---------------)  + I vladivostok
-	0x002fca09, // n0x1bff c0x0000 (---------------)  + I volgograd
-	0x002fc187, // n0x1c00 c0x0000 (---------------)  + I vologda
-	0x002fce88, // n0x1c01 c0x0000 (---------------)  + I voronezh
-	0x002fee83, // n0x1c02 c0x0000 (---------------)  + I vrn
-	0x0039fc06, // n0x1c03 c0x0000 (---------------)  + I vyatka
-	0x0020f507, // n0x1c04 c0x0000 (---------------)  + I yakutia
-	0x00298b45, // n0x1c05 c0x0000 (---------------)  + I yamal
-	0x00346f49, // n0x1c06 c0x0000 (---------------)  + I yaroslavl
-	0x0030fd4d, // n0x1c07 c0x0000 (---------------)  + I yekaterinburg
-	0x0021aa91, // n0x1c08 c0x0000 (---------------)  + I yuzhno-sakhalinsk
-	0x0023d545, // n0x1c09 c0x0000 (---------------)  + I zgrad
-	0x00201542, // n0x1c0a c0x0000 (---------------)  + I ac
-	0x00200742, // n0x1c0b c0x0000 (---------------)  + I co
-	0x00233503, // n0x1c0c c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c0d c0x0000 (---------------)  + I edu
-	0x0033d7c4, // n0x1c0e c0x0000 (---------------)  + I gouv
-	0x0026cc83, // n0x1c0f c0x0000 (---------------)  + I gov
-	0x00201603, // n0x1c10 c0x0000 (---------------)  + I int
-	0x00209003, // n0x1c11 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1c12 c0x0000 (---------------)  + I net
-	0x00233503, // n0x1c13 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c14 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1c15 c0x0000 (---------------)  + I gov
-	0x00213ac3, // n0x1c16 c0x0000 (---------------)  + I med
-	0x0021fe03, // n0x1c17 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c18 c0x0000 (---------------)  + I org
-	0x00297403, // n0x1c19 c0x0000 (---------------)  + I pub
-	0x00217443, // n0x1c1a c0x0000 (---------------)  + I sch
-	0x00233503, // n0x1c1b c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c1c c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1c1d c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1c1e c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c1f c0x0000 (---------------)  + I org
-	0x00233503, // n0x1c20 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c21 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1c22 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1c23 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c24 c0x0000 (---------------)  + I org
-	0x00233503, // n0x1c25 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c26 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1c27 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1c28 c0x0000 (---------------)  + I info
-	0x00213ac3, // n0x1c29 c0x0000 (---------------)  + I med
-	0x0021fe03, // n0x1c2a c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c2b c0x0000 (---------------)  + I org
-	0x00224e42, // n0x1c2c c0x0000 (---------------)  + I tv
-	0x00200101, // n0x1c2d c0x0000 (---------------)  + I a
-	0x00201542, // n0x1c2e c0x0000 (---------------)  + I ac
-	0x00200001, // n0x1c2f c0x0000 (---------------)  + I b
-	0x003129c2, // n0x1c30 c0x0000 (---------------)  + I bd
-	0x000ffa08, // n0x1c31 c0x0000 (---------------)  +   blogspot
-	0x0021ca45, // n0x1c32 c0x0000 (---------------)  + I brand
-	0x00200301, // n0x1c33 c0x0000 (---------------)  + I c
-	0x00033503, // n0x1c34 c0x0000 (---------------)  +   com
-	0x00200381, // n0x1c35 c0x0000 (---------------)  + I d
-	0x00200081, // n0x1c36 c0x0000 (---------------)  + I e
-	0x00200581, // n0x1c37 c0x0000 (---------------)  + I f
-	0x0023f342, // n0x1c38 c0x0000 (---------------)  + I fh
-	0x0023f344, // n0x1c39 c0x0000 (---------------)  + I fhsk
-	0x00363543, // n0x1c3a c0x0000 (---------------)  + I fhv
-	0x00200c81, // n0x1c3b c0x0000 (---------------)  + I g
-	0x00200d81, // n0x1c3c c0x0000 (---------------)  + I h
-	0x00200041, // n0x1c3d c0x0000 (---------------)  + I i
-	0x00200fc1, // n0x1c3e c0x0000 (---------------)  + I k
-	0x002e9647, // n0x1c3f c0x0000 (---------------)  + I komforb
-	0x002d69cf, // n0x1c40 c0x0000 (---------------)  + I kommunalforbund
-	0x002da946, // n0x1c41 c0x0000 (---------------)  + I komvux
-	0x00200201, // n0x1c42 c0x0000 (---------------)  + I l
-	0x0026a306, // n0x1c43 c0x0000 (---------------)  + I lanbib
-	0x00200181, // n0x1c44 c0x0000 (---------------)  + I m
-	0x00200541, // n0x1c45 c0x0000 (---------------)  + I n
-	0x00325ace, // n0x1c46 c0x0000 (---------------)  + I naturbruksgymn
-	0x00200281, // n0x1c47 c0x0000 (---------------)  + I o
-	0x0022d1c3, // n0x1c48 c0x0000 (---------------)  + I org
-	0x00200941, // n0x1c49 c0x0000 (---------------)  + I p
-	0x002a3745, // n0x1c4a c0x0000 (---------------)  + I parti
-	0x00209302, // n0x1c4b c0x0000 (---------------)  + I pp
-	0x00247505, // n0x1c4c c0x0000 (---------------)  + I press
-	0x002002c1, // n0x1c4d c0x0000 (---------------)  + I r
-	0x002004c1, // n0x1c4e c0x0000 (---------------)  + I s
-	0x00200141, // n0x1c4f c0x0000 (---------------)  + I t
-	0x00200142, // n0x1c50 c0x0000 (---------------)  + I tm
-	0x00200441, // n0x1c51 c0x0000 (---------------)  + I u
-	0x002010c1, // n0x1c52 c0x0000 (---------------)  + I w
-	0x00205381, // n0x1c53 c0x0000 (---------------)  + I x
-	0x00201841, // n0x1c54 c0x0000 (---------------)  + I y
-	0x00205f81, // n0x1c55 c0x0000 (---------------)  + I z
-	0x000ffa08, // n0x1c56 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1c57 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c58 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1c59 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1c5a c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c5b c0x0000 (---------------)  + I org
-	0x00220f03, // n0x1c5c c0x0000 (---------------)  + I per
-	0x00233503, // n0x1c5d c0x0000 (---------------)  + I com
-	0x0026cc83, // n0x1c5e c0x0000 (---------------)  + I gov
-	0x0008c288, // n0x1c5f c0x0000 (---------------)  +   hashbang
-	0x00209003, // n0x1c60 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1c61 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c62 c0x0000 (---------------)  + I org
-	0x014da508, // n0x1c63 c0x0005 (---------------)* o   platform
-	0x000ffa08, // n0x1c64 c0x0000 (---------------)  +   blogspot
-	0x000ffa08, // n0x1c65 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1c66 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c67 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1c68 c0x0000 (---------------)  + I gov
-	0x0021fe03, // n0x1c69 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c6a c0x0000 (---------------)  + I org
-	0x002011c3, // n0x1c6b c0x0000 (---------------)  + I art
-	0x000ffa08, // n0x1c6c c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1c6d c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1c6e c0x0000 (---------------)  + I edu
-	0x0033d7c4, // n0x1c6f c0x0000 (---------------)  + I gouv
-	0x0022d1c3, // n0x1c70 c0x0000 (---------------)  + I org
-	0x00295005, // n0x1c71 c0x0000 (---------------)  + I perso
-	0x00320a04, // n0x1c72 c0x0000 (---------------)  + I univ
-	0x00233503, // n0x1c73 c0x0000 (---------------)  + I com
-	0x0021fe03, // n0x1c74 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c75 c0x0000 (---------------)  + I org
-	0x00200742, // n0x1c76 c0x0000 (---------------)  + I co
-	0x00233503, // n0x1c77 c0x0000 (---------------)  + I com
-	0x00237249, // n0x1c78 c0x0000 (---------------)  + I consulado
-	0x0023a783, // n0x1c79 c0x0000 (---------------)  + I edu
-	0x00242d89, // n0x1c7a c0x0000 (---------------)  + I embaixada
-	0x0026cc83, // n0x1c7b c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1c7c c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1c7d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1c7e c0x0000 (---------------)  + I org
-	0x002e1a48, // n0x1c7f c0x0000 (---------------)  + I principe
-	0x00215f87, // n0x1c80 c0x0000 (---------------)  + I saotome
-	0x00391185, // n0x1c81 c0x0000 (---------------)  + I store
-	0x003a6207, // n0x1c82 c0x0000 (---------------)  + I adygeya
-	0x0023668b, // n0x1c83 c0x0000 (---------------)  + I arkhangelsk
-	0x0020d908, // n0x1c84 c0x0000 (---------------)  + I balashov
-	0x003269c9, // n0x1c85 c0x0000 (---------------)  + I bashkiria
-	0x00227447, // n0x1c86 c0x0000 (---------------)  + I bryansk
-	0x00202648, // n0x1c87 c0x0000 (---------------)  + I dagestan
-	0x00312746, // n0x1c88 c0x0000 (---------------)  + I grozny
-	0x0027d407, // n0x1c89 c0x0000 (---------------)  + I ivanovo
-	0x00226e48, // n0x1c8a c0x0000 (---------------)  + I kalmykia
-	0x002509c6, // n0x1c8b c0x0000 (---------------)  + I kaluga
-	0x00327ec7, // n0x1c8c c0x0000 (---------------)  + I karelia
-	0x0023f649, // n0x1c8d c0x0000 (---------------)  + I khakassia
-	0x0037f849, // n0x1c8e c0x0000 (---------------)  + I krasnodar
-	0x002b7a46, // n0x1c8f c0x0000 (---------------)  + I kurgan
-	0x002b8945, // n0x1c90 c0x0000 (---------------)  + I lenug
-	0x002c55c8, // n0x1c91 c0x0000 (---------------)  + I mordovia
-	0x00253243, // n0x1c92 c0x0000 (---------------)  + I msk
-	0x002ccc88, // n0x1c93 c0x0000 (---------------)  + I murmansk
-	0x0023a987, // n0x1c94 c0x0000 (---------------)  + I nalchik
-	0x002058c3, // n0x1c95 c0x0000 (---------------)  + I nov
-	0x00229c07, // n0x1c96 c0x0000 (---------------)  + I obninsk
-	0x00212c85, // n0x1c97 c0x0000 (---------------)  + I penza
-	0x002dd148, // n0x1c98 c0x0000 (---------------)  + I pokrovsk
-	0x00274805, // n0x1c99 c0x0000 (---------------)  + I sochi
-	0x00271883, // n0x1c9a c0x0000 (---------------)  + I spb
-	0x0033d1c9, // n0x1c9b c0x0000 (---------------)  + I togliatti
-	0x002aa587, // n0x1c9c c0x0000 (---------------)  + I troitsk
-	0x00359bc4, // n0x1c9d c0x0000 (---------------)  + I tula
-	0x002f3304, // n0x1c9e c0x0000 (---------------)  + I tuva
-	0x002f998b, // n0x1c9f c0x0000 (---------------)  + I vladikavkaz
-	0x002f9cc8, // n0x1ca0 c0x0000 (---------------)  + I vladimir
-	0x002fc187, // n0x1ca1 c0x0000 (---------------)  + I vologda
-	0x00233503, // n0x1ca2 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1ca3 c0x0000 (---------------)  + I edu
-	0x00213183, // n0x1ca4 c0x0000 (---------------)  + I gob
-	0x0022d1c3, // n0x1ca5 c0x0000 (---------------)  + I org
-	0x00244803, // n0x1ca6 c0x0000 (---------------)  + I red
-	0x0026cc83, // n0x1ca7 c0x0000 (---------------)  + I gov
-	0x00233503, // n0x1ca8 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1ca9 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1caa c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1cab c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1cac c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1cad c0x0000 (---------------)  + I org
-	0x00201542, // n0x1cae c0x0000 (---------------)  + I ac
-	0x00200742, // n0x1caf c0x0000 (---------------)  + I co
-	0x0022d1c3, // n0x1cb0 c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x1cb1 c0x0000 (---------------)  +   blogspot
-	0x00201542, // n0x1cb2 c0x0000 (---------------)  + I ac
-	0x00200742, // n0x1cb3 c0x0000 (---------------)  + I co
-	0x00202d42, // n0x1cb4 c0x0000 (---------------)  + I go
-	0x002013c2, // n0x1cb5 c0x0000 (---------------)  + I in
-	0x00209002, // n0x1cb6 c0x0000 (---------------)  + I mi
-	0x0021fe03, // n0x1cb7 c0x0000 (---------------)  + I net
-	0x00200282, // n0x1cb8 c0x0000 (---------------)  + I or
-	0x00201542, // n0x1cb9 c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x1cba c0x0000 (---------------)  + I biz
-	0x00200742, // n0x1cbb c0x0000 (---------------)  + I co
-	0x00233503, // n0x1cbc c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1cbd c0x0000 (---------------)  + I edu
-	0x00202d42, // n0x1cbe c0x0000 (---------------)  + I go
-	0x0026cc83, // n0x1cbf c0x0000 (---------------)  + I gov
-	0x00201603, // n0x1cc0 c0x0000 (---------------)  + I int
-	0x00209003, // n0x1cc1 c0x0000 (---------------)  + I mil
-	0x00205284, // n0x1cc2 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x1cc3 c0x0000 (---------------)  + I net
-	0x00218f83, // n0x1cc4 c0x0000 (---------------)  + I nic
-	0x0022d1c3, // n0x1cc5 c0x0000 (---------------)  + I org
-	0x002ff844, // n0x1cc6 c0x0000 (---------------)  + I test
-	0x00221a03, // n0x1cc7 c0x0000 (---------------)  + I web
-	0x0026cc83, // n0x1cc8 c0x0000 (---------------)  + I gov
-	0x00200742, // n0x1cc9 c0x0000 (---------------)  + I co
-	0x00233503, // n0x1cca c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1ccb c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1ccc c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1ccd c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1cce c0x0000 (---------------)  + I net
-	0x00201483, // n0x1ccf c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x1cd0 c0x0000 (---------------)  + I org
-	0x003927c7, // n0x1cd1 c0x0000 (---------------)  + I agrinet
-	0x00233503, // n0x1cd2 c0x0000 (---------------)  + I com
-	0x00222387, // n0x1cd3 c0x0000 (---------------)  + I defense
-	0x0025d886, // n0x1cd4 c0x0000 (---------------)  + I edunet
-	0x00215243, // n0x1cd5 c0x0000 (---------------)  + I ens
-	0x00207503, // n0x1cd6 c0x0000 (---------------)  + I fin
-	0x0026cc83, // n0x1cd7 c0x0000 (---------------)  + I gov
-	0x0021d883, // n0x1cd8 c0x0000 (---------------)  + I ind
-	0x003a1244, // n0x1cd9 c0x0000 (---------------)  + I info
-	0x0036d504, // n0x1cda c0x0000 (---------------)  + I intl
-	0x002da6c6, // n0x1cdb c0x0000 (---------------)  + I mincom
-	0x0022b143, // n0x1cdc c0x0000 (---------------)  + I nat
-	0x0021fe03, // n0x1cdd c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1cde c0x0000 (---------------)  + I org
-	0x00295005, // n0x1cdf c0x0000 (---------------)  + I perso
-	0x0020d344, // n0x1ce0 c0x0000 (---------------)  + I rnrt
-	0x00266ec3, // n0x1ce1 c0x0000 (---------------)  + I rns
-	0x00351883, // n0x1ce2 c0x0000 (---------------)  + I rnu
-	0x002c0507, // n0x1ce3 c0x0000 (---------------)  + I tourism
-	0x00209e45, // n0x1ce4 c0x0000 (---------------)  + I turen
-	0x00233503, // n0x1ce5 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1ce6 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1ce7 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1ce8 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1ce9 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1cea c0x0000 (---------------)  + I org
-	0x00203402, // n0x1ceb c0x0000 (---------------)  + I av
-	0x002cb903, // n0x1cec c0x0000 (---------------)  + I bbs
-	0x0028e2c3, // n0x1ced c0x0000 (---------------)  + I bel
-	0x00330b83, // n0x1cee c0x0000 (---------------)  + I biz
-	0x52a33503, // n0x1cef c0x014a (n0x1d00-n0x1d01)  + I com
-	0x0022bf42, // n0x1cf0 c0x0000 (---------------)  + I dr
-	0x0023a783, // n0x1cf1 c0x0000 (---------------)  + I edu
-	0x00205843, // n0x1cf2 c0x0000 (---------------)  + I gen
-	0x0026cc83, // n0x1cf3 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1cf4 c0x0000 (---------------)  + I info
-	0x00309ac3, // n0x1cf5 c0x0000 (---------------)  + I k12
-	0x00249343, // n0x1cf6 c0x0000 (---------------)  + I kep
-	0x00209003, // n0x1cf7 c0x0000 (---------------)  + I mil
-	0x00205284, // n0x1cf8 c0x0000 (---------------)  + I name
-	0x52e00642, // n0x1cf9 c0x014b (n0x1d01-n0x1d02)  + I nc
-	0x0021fe03, // n0x1cfa c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1cfb c0x0000 (---------------)  + I org
-	0x00208103, // n0x1cfc c0x0000 (---------------)  + I pol
-	0x0022f7c3, // n0x1cfd c0x0000 (---------------)  + I tel
-	0x00224e42, // n0x1cfe c0x0000 (---------------)  + I tv
-	0x00221a03, // n0x1cff c0x0000 (---------------)  + I web
-	0x000ffa08, // n0x1d00 c0x0000 (---------------)  +   blogspot
-	0x0026cc83, // n0x1d01 c0x0000 (---------------)  + I gov
-	0x002389c4, // n0x1d02 c0x0000 (---------------)  + I aero
-	0x00330b83, // n0x1d03 c0x0000 (---------------)  + I biz
-	0x00200742, // n0x1d04 c0x0000 (---------------)  + I co
-	0x00233503, // n0x1d05 c0x0000 (---------------)  + I com
-	0x0023d684, // n0x1d06 c0x0000 (---------------)  + I coop
-	0x0023a783, // n0x1d07 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1d08 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1d09 c0x0000 (---------------)  + I info
-	0x00201603, // n0x1d0a c0x0000 (---------------)  + I int
-	0x002ddc44, // n0x1d0b c0x0000 (---------------)  + I jobs
-	0x00207104, // n0x1d0c c0x0000 (---------------)  + I mobi
-	0x002d0106, // n0x1d0d c0x0000 (---------------)  + I museum
-	0x00205284, // n0x1d0e c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x1d0f c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1d10 c0x0000 (---------------)  + I org
-	0x00220e43, // n0x1d11 c0x0000 (---------------)  + I pro
-	0x0029bec6, // n0x1d12 c0x0000 (---------------)  + I travel
-	0x00055f8b, // n0x1d13 c0x0000 (---------------)  +   better-than
-	0x00013886, // n0x1d14 c0x0000 (---------------)  +   dyndns
-	0x0002184a, // n0x1d15 c0x0000 (---------------)  +   on-the-web
-	0x000fef4a, // n0x1d16 c0x0000 (---------------)  +   worse-than
-	0x000ffa08, // n0x1d17 c0x0000 (---------------)  +   blogspot
-	0x00238ac4, // n0x1d18 c0x0000 (---------------)  + I club
-	0x00233503, // n0x1d19 c0x0000 (---------------)  + I com
-	0x00330b44, // n0x1d1a c0x0000 (---------------)  + I ebiz
-	0x0023a783, // n0x1d1b c0x0000 (---------------)  + I edu
-	0x00297cc4, // n0x1d1c c0x0000 (---------------)  + I game
-	0x0026cc83, // n0x1d1d c0x0000 (---------------)  + I gov
-	0x00317243, // n0x1d1e c0x0000 (---------------)  + I idv
-	0x00209003, // n0x1d1f c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1d20 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1d21 c0x0000 (---------------)  + I org
-	0x0032444b, // n0x1d22 c0x0000 (---------------)  + I xn--czrw28b
-	0x003941ca, // n0x1d23 c0x0000 (---------------)  + I xn--uc0atv
-	0x003a54cc, // n0x1d24 c0x0000 (---------------)  + I xn--zf0ao64a
-	0x00201542, // n0x1d25 c0x0000 (---------------)  + I ac
-	0x00200742, // n0x1d26 c0x0000 (---------------)  + I co
-	0x00202d42, // n0x1d27 c0x0000 (---------------)  + I go
-	0x00234dc5, // n0x1d28 c0x0000 (---------------)  + I hotel
-	0x003a1244, // n0x1d29 c0x0000 (---------------)  + I info
-	0x00203e82, // n0x1d2a c0x0000 (---------------)  + I me
-	0x00209003, // n0x1d2b c0x0000 (---------------)  + I mil
-	0x00207104, // n0x1d2c c0x0000 (---------------)  + I mobi
-	0x00202c02, // n0x1d2d c0x0000 (---------------)  + I ne
-	0x00200282, // n0x1d2e c0x0000 (---------------)  + I or
-	0x00200702, // n0x1d2f c0x0000 (---------------)  + I sc
-	0x00224e42, // n0x1d30 c0x0000 (---------------)  + I tv
-	0x00130b83, // n0x1d31 c0x0000 (---------------)  +   biz
-	0x002d5d89, // n0x1d32 c0x0000 (---------------)  + I cherkassy
-	0x00289888, // n0x1d33 c0x0000 (---------------)  + I cherkasy
-	0x0026cb09, // n0x1d34 c0x0000 (---------------)  + I chernigov
-	0x0027d249, // n0x1d35 c0x0000 (---------------)  + I chernihiv
-	0x0036e44a, // n0x1d36 c0x0000 (---------------)  + I chernivtsi
-	0x00375aca, // n0x1d37 c0x0000 (---------------)  + I chernovtsy
-	0x0020b482, // n0x1d38 c0x0000 (---------------)  + I ck
-	0x0021ba42, // n0x1d39 c0x0000 (---------------)  + I cn
-	0x00000742, // n0x1d3a c0x0000 (---------------)  +   co
-	0x00233503, // n0x1d3b c0x0000 (---------------)  + I com
-	0x002049c2, // n0x1d3c c0x0000 (---------------)  + I cr
-	0x00245e06, // n0x1d3d c0x0000 (---------------)  + I crimea
-	0x00353bc2, // n0x1d3e c0x0000 (---------------)  + I cv
-	0x00211102, // n0x1d3f c0x0000 (---------------)  + I dn
-	0x002276ce, // n0x1d40 c0x0000 (---------------)  + I dnepropetrovsk
-	0x0027148e, // n0x1d41 c0x0000 (---------------)  + I dnipropetrovsk
-	0x0027d0c7, // n0x1d42 c0x0000 (---------------)  + I dominic
-	0x003219c7, // n0x1d43 c0x0000 (---------------)  + I donetsk
-	0x0024dc82, // n0x1d44 c0x0000 (---------------)  + I dp
-	0x0023a783, // n0x1d45 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1d46 c0x0000 (---------------)  + I gov
-	0x00200f02, // n0x1d47 c0x0000 (---------------)  + I if
-	0x002013c2, // n0x1d48 c0x0000 (---------------)  + I in
-	0x0024048f, // n0x1d49 c0x0000 (---------------)  + I ivano-frankivsk
-	0x0021acc2, // n0x1d4a c0x0000 (---------------)  + I kh
-	0x0023fb87, // n0x1d4b c0x0000 (---------------)  + I kharkiv
-	0x00240807, // n0x1d4c c0x0000 (---------------)  + I kharkov
-	0x0024b387, // n0x1d4d c0x0000 (---------------)  + I kherson
-	0x0024eb8c, // n0x1d4e c0x0000 (---------------)  + I khmelnitskiy
-	0x00250bcc, // n0x1d4f c0x0000 (---------------)  + I khmelnytskyi
-	0x00202ac4, // n0x1d50 c0x0000 (---------------)  + I kiev
-	0x0027ea4a, // n0x1d51 c0x0000 (---------------)  + I kirovograd
-	0x002316c2, // n0x1d52 c0x0000 (---------------)  + I km
-	0x00206fc2, // n0x1d53 c0x0000 (---------------)  + I kr
-	0x002b1504, // n0x1d54 c0x0000 (---------------)  + I krym
-	0x00254e42, // n0x1d55 c0x0000 (---------------)  + I ks
-	0x002bb402, // n0x1d56 c0x0000 (---------------)  + I kv
-	0x00250e04, // n0x1d57 c0x0000 (---------------)  + I kyiv
-	0x00219082, // n0x1d58 c0x0000 (---------------)  + I lg
-	0x00209e02, // n0x1d59 c0x0000 (---------------)  + I lt
-	0x00250a47, // n0x1d5a c0x0000 (---------------)  + I lugansk
-	0x00238045, // n0x1d5b c0x0000 (---------------)  + I lutsk
-	0x00205d02, // n0x1d5c c0x0000 (---------------)  + I lv
-	0x00240404, // n0x1d5d c0x0000 (---------------)  + I lviv
-	0x00367142, // n0x1d5e c0x0000 (---------------)  + I mk
-	0x002f0388, // n0x1d5f c0x0000 (---------------)  + I mykolaiv
-	0x0021fe03, // n0x1d60 c0x0000 (---------------)  + I net
-	0x00203488, // n0x1d61 c0x0000 (---------------)  + I nikolaev
-	0x00202d82, // n0x1d62 c0x0000 (---------------)  + I od
-	0x0023bac5, // n0x1d63 c0x0000 (---------------)  + I odesa
-	0x00372946, // n0x1d64 c0x0000 (---------------)  + I odessa
-	0x0022d1c3, // n0x1d65 c0x0000 (---------------)  + I org
-	0x002063c2, // n0x1d66 c0x0000 (---------------)  + I pl
-	0x002dea07, // n0x1d67 c0x0000 (---------------)  + I poltava
-	0x00009302, // n0x1d68 c0x0000 (---------------)  +   pp
-	0x002e1c85, // n0x1d69 c0x0000 (---------------)  + I rivne
-	0x0038af45, // n0x1d6a c0x0000 (---------------)  + I rovno
-	0x00206882, // n0x1d6b c0x0000 (---------------)  + I rv
-	0x0022d142, // n0x1d6c c0x0000 (---------------)  + I sb
-	0x00207f4a, // n0x1d6d c0x0000 (---------------)  + I sebastopol
-	0x0025140a, // n0x1d6e c0x0000 (---------------)  + I sevastopol
-	0x0024cdc2, // n0x1d6f c0x0000 (---------------)  + I sm
-	0x002f0304, // n0x1d70 c0x0000 (---------------)  + I sumy
-	0x002012c2, // n0x1d71 c0x0000 (---------------)  + I te
-	0x00320448, // n0x1d72 c0x0000 (---------------)  + I ternopil
-	0x00211342, // n0x1d73 c0x0000 (---------------)  + I uz
-	0x0029cfc8, // n0x1d74 c0x0000 (---------------)  + I uzhgorod
-	0x002f6cc7, // n0x1d75 c0x0000 (---------------)  + I vinnica
-	0x002f7889, // n0x1d76 c0x0000 (---------------)  + I vinnytsia
-	0x00203442, // n0x1d77 c0x0000 (---------------)  + I vn
-	0x002fcc45, // n0x1d78 c0x0000 (---------------)  + I volyn
-	0x00289d45, // n0x1d79 c0x0000 (---------------)  + I yalta
-	0x002c300b, // n0x1d7a c0x0000 (---------------)  + I zaporizhzhe
-	0x002c3a4c, // n0x1d7b c0x0000 (---------------)  + I zaporizhzhia
-	0x00230c08, // n0x1d7c c0x0000 (---------------)  + I zhitomir
-	0x002fd008, // n0x1d7d c0x0000 (---------------)  + I zhytomyr
-	0x00264682, // n0x1d7e c0x0000 (---------------)  + I zp
-	0x00219b02, // n0x1d7f c0x0000 (---------------)  + I zt
-	0x00201542, // n0x1d80 c0x0000 (---------------)  + I ac
-	0x000ffa08, // n0x1d81 c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x1d82 c0x0000 (---------------)  + I co
-	0x00233503, // n0x1d83 c0x0000 (---------------)  + I com
-	0x00202d42, // n0x1d84 c0x0000 (---------------)  + I go
-	0x00202c02, // n0x1d85 c0x0000 (---------------)  + I ne
-	0x00200282, // n0x1d86 c0x0000 (---------------)  + I or
-	0x0022d1c3, // n0x1d87 c0x0000 (---------------)  + I org
-	0x00200702, // n0x1d88 c0x0000 (---------------)  + I sc
-	0x00201542, // n0x1d89 c0x0000 (---------------)  + I ac
-	0x54e00742, // n0x1d8a c0x0153 (n0x1d94-n0x1d95)  + I co
-	0x5526cc83, // n0x1d8b c0x0154 (n0x1d95-n0x1d96)  + I gov
-	0x00322cc3, // n0x1d8c c0x0000 (---------------)  + I ltd
-	0x00203e82, // n0x1d8d c0x0000 (---------------)  + I me
-	0x0021fe03, // n0x1d8e c0x0000 (---------------)  + I net
-	0x0038eb83, // n0x1d8f c0x0000 (---------------)  + I nhs
-	0x0022d1c3, // n0x1d90 c0x0000 (---------------)  + I org
-	0x002db143, // n0x1d91 c0x0000 (---------------)  + I plc
-	0x00225d06, // n0x1d92 c0x0000 (---------------)  + I police
-	0x01617443, // n0x1d93 c0x0005 (---------------)* o I sch
-	0x000ffa08, // n0x1d94 c0x0000 (---------------)  +   blogspot
-	0x00006807, // n0x1d95 c0x0000 (---------------)  +   service
-	0x55a01dc2, // n0x1d96 c0x0156 (n0x1dd5-n0x1dd8)  + I ak
-	0x55e001c2, // n0x1d97 c0x0157 (n0x1dd8-n0x1ddb)  + I al
-	0x56200a42, // n0x1d98 c0x0158 (n0x1ddb-n0x1dde)  + I ar
-	0x56601d42, // n0x1d99 c0x0159 (n0x1dde-n0x1de1)  + I as
-	0x56a05f42, // n0x1d9a c0x015a (n0x1de1-n0x1de4)  + I az
-	0x56e00302, // n0x1d9b c0x015b (n0x1de4-n0x1de7)  + I ca
-	0x57200742, // n0x1d9c c0x015c (n0x1de7-n0x1dea)  + I co
-	0x57631382, // n0x1d9d c0x015d (n0x1dea-n0x1ded)  + I ct
-	0x57a1fb42, // n0x1d9e c0x015e (n0x1ded-n0x1df0)  + I dc
-	0x57e04d82, // n0x1d9f c0x015f (n0x1df0-n0x1df3)  + I de
-	0x00271483, // n0x1da0 c0x0000 (---------------)  + I dni
-	0x00211503, // n0x1da1 c0x0000 (---------------)  + I fed
-	0x582175c2, // n0x1da2 c0x0160 (n0x1df3-n0x1df6)  + I fl
-	0x58601042, // n0x1da3 c0x0161 (n0x1df6-n0x1df9)  + I ga
-	0x58a0dd42, // n0x1da4 c0x0162 (n0x1df9-n0x1dfc)  + I gu
-	0x58e00d82, // n0x1da5 c0x0163 (n0x1dfc-n0x1dfe)  + I hi
-	0x59207682, // n0x1da6 c0x0164 (n0x1dfe-n0x1e01)  + I ia
-	0x5960c782, // n0x1da7 c0x0165 (n0x1e01-n0x1e04)  + I id
-	0x59a02902, // n0x1da8 c0x0166 (n0x1e04-n0x1e07)  + I il
-	0x59e013c2, // n0x1da9 c0x0167 (n0x1e07-n0x1e0a)  + I in
-	0x000b8d45, // n0x1daa c0x0000 (---------------)  +   is-by
-	0x00223543, // n0x1dab c0x0000 (---------------)  + I isa
-	0x0028cd44, // n0x1dac c0x0000 (---------------)  + I kids
-	0x5a254e42, // n0x1dad c0x0168 (n0x1e0a-n0x1e0d)  + I ks
-	0x5a636902, // n0x1dae c0x0169 (n0x1e0d-n0x1e10)  + I ky
-	0x5aa00802, // n0x1daf c0x016a (n0x1e10-n0x1e13)  + I la
-	0x0007958b, // n0x1db0 c0x0000 (---------------)  +   land-4-sale
-	0x5ae00182, // n0x1db1 c0x016b (n0x1e13-n0x1e16)  + I ma
-	0x5b64da82, // n0x1db2 c0x016d (n0x1e19-n0x1e1c)  + I md
-	0x5ba03e82, // n0x1db3 c0x016e (n0x1e1c-n0x1e1f)  + I me
-	0x5be09002, // n0x1db4 c0x016f (n0x1e1f-n0x1e22)  + I mi
-	0x5c21fdc2, // n0x1db5 c0x0170 (n0x1e22-n0x1e25)  + I mn
-	0x5c607102, // n0x1db6 c0x0171 (n0x1e25-n0x1e28)  + I mo
-	0x5ca0f702, // n0x1db7 c0x0172 (n0x1e28-n0x1e2b)  + I ms
-	0x5ce04c02, // n0x1db8 c0x0173 (n0x1e2b-n0x1e2e)  + I mt
-	0x5d200642, // n0x1db9 c0x0174 (n0x1e2e-n0x1e31)  + I nc
-	0x5d600882, // n0x1dba c0x0175 (n0x1e31-n0x1e33)  + I nd
-	0x5da02c02, // n0x1dbb c0x0176 (n0x1e33-n0x1e36)  + I ne
-	0x5de03382, // n0x1dbc c0x0177 (n0x1e36-n0x1e39)  + I nh
-	0x5e204002, // n0x1dbd c0x0178 (n0x1e39-n0x1e3c)  + I nj
-	0x5e63db02, // n0x1dbe c0x0179 (n0x1e3c-n0x1e3f)  + I nm
-	0x002e0f43, // n0x1dbf c0x0000 (---------------)  + I nsn
-	0x5ea03d42, // n0x1dc0 c0x017a (n0x1e3f-n0x1e42)  + I nv
-	0x5ee15842, // n0x1dc1 c0x017b (n0x1e42-n0x1e45)  + I ny
-	0x5f207382, // n0x1dc2 c0x017c (n0x1e45-n0x1e48)  + I oh
-	0x5f601b82, // n0x1dc3 c0x017d (n0x1e48-n0x1e4b)  + I ok
-	0x5fa00282, // n0x1dc4 c0x017e (n0x1e4b-n0x1e4e)  + I or
-	0x5fe0ac42, // n0x1dc5 c0x017f (n0x1e4e-n0x1e51)  + I pa
-	0x60204602, // n0x1dc6 c0x0180 (n0x1e51-n0x1e54)  + I pr
-	0x60600a82, // n0x1dc7 c0x0181 (n0x1e54-n0x1e57)  + I ri
-	0x60a00702, // n0x1dc8 c0x0182 (n0x1e57-n0x1e5a)  + I sc
-	0x60e496c2, // n0x1dc9 c0x0183 (n0x1e5a-n0x1e5c)  + I sd
-	0x000e868c, // n0x1dca c0x0000 (---------------)  +   stuff-4-sale
-	0x6124f882, // n0x1dcb c0x0184 (n0x1e5c-n0x1e5f)  + I tn
-	0x61673442, // n0x1dcc c0x0185 (n0x1e5f-n0x1e62)  + I tx
-	0x61a03b02, // n0x1dcd c0x0186 (n0x1e62-n0x1e65)  + I ut
-	0x61e000c2, // n0x1dce c0x0187 (n0x1e65-n0x1e68)  + I va
-	0x62205d42, // n0x1dcf c0x0188 (n0x1e68-n0x1e6b)  + I vi
-	0x62671f82, // n0x1dd0 c0x0189 (n0x1e6b-n0x1e6e)  + I vt
-	0x62a010c2, // n0x1dd1 c0x018a (n0x1e6e-n0x1e71)  + I wa
-	0x62e0ae82, // n0x1dd2 c0x018b (n0x1e71-n0x1e74)  + I wi
-	0x632755c2, // n0x1dd3 c0x018c (n0x1e74-n0x1e75)  + I wv
-	0x63674502, // n0x1dd4 c0x018d (n0x1e75-n0x1e78)  + I wy
-	0x0022e182, // n0x1dd5 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1dd6 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1dd7 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1dd8 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1dd9 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1dda c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1ddb c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1ddc c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1ddd c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1dde c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1ddf c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1de0 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1de1 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1de2 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1de3 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1de4 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1de5 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1de6 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1de7 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1de8 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1de9 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1dea c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1deb c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1dec c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1ded c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1dee c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1def c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1df0 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1df1 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1df2 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1df3 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1df4 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1df5 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1df6 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1df7 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1df8 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1df9 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1dfa c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1dfb c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1dfc c0x0000 (---------------)  + I cc
-	0x0027b703, // n0x1dfd c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1dfe c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1dff c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e00 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e01 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e02 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e03 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e04 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e05 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e06 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e07 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e08 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e09 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e0a c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e0b c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e0c c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e0d c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e0e c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e0f c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e10 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e11 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e12 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e13 c0x0000 (---------------)  + I cc
-	0x5b309ac3, // n0x1e14 c0x016c (n0x1e16-n0x1e19)  + I k12
-	0x0027b703, // n0x1e15 c0x0000 (---------------)  + I lib
-	0x0022a644, // n0x1e16 c0x0000 (---------------)  + I chtr
-	0x00289786, // n0x1e17 c0x0000 (---------------)  + I paroch
-	0x002e5543, // n0x1e18 c0x0000 (---------------)  + I pvt
-	0x0022e182, // n0x1e19 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e1a c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e1b c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e1c c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e1d c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e1e c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e1f c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e20 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e21 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e22 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e23 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e24 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e25 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e26 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e27 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e28 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e29 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e2a c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e2b c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e2c c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e2d c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e2e c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e2f c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e30 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e31 c0x0000 (---------------)  + I cc
-	0x0027b703, // n0x1e32 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e33 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e34 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e35 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e36 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e37 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e38 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e39 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e3a c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e3b c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e3c c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e3d c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e3e c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e3f c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e40 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e41 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e42 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e43 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e44 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e45 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e46 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e47 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e48 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e49 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e4a c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e4b c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e4c c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e4d c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e4e c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e4f c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e50 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e51 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e52 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e53 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e54 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e55 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e56 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e57 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e58 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e59 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e5a c0x0000 (---------------)  + I cc
-	0x0027b703, // n0x1e5b c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e5c c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e5d c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e5e c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e5f c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e60 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e61 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e62 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e63 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e64 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e65 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e66 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e67 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e68 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e69 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e6a c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e6b c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e6c c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e6d c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e6e c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e6f c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e70 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e71 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e72 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e73 c0x0000 (---------------)  + I lib
-	0x0022e182, // n0x1e74 c0x0000 (---------------)  + I cc
-	0x0022e182, // n0x1e75 c0x0000 (---------------)  + I cc
-	0x00309ac3, // n0x1e76 c0x0000 (---------------)  + I k12
-	0x0027b703, // n0x1e77 c0x0000 (---------------)  + I lib
-	0x63e33503, // n0x1e78 c0x018f (n0x1e7e-n0x1e7f)  + I com
-	0x0023a783, // n0x1e79 c0x0000 (---------------)  + I edu
-	0x0024a483, // n0x1e7a c0x0000 (---------------)  + I gub
-	0x00209003, // n0x1e7b c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1e7c c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1e7d c0x0000 (---------------)  + I org
-	0x000ffa08, // n0x1e7e c0x0000 (---------------)  +   blogspot
-	0x00200742, // n0x1e7f c0x0000 (---------------)  + I co
-	0x00233503, // n0x1e80 c0x0000 (---------------)  + I com
-	0x0021fe03, // n0x1e81 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1e82 c0x0000 (---------------)  + I org
-	0x00233503, // n0x1e83 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1e84 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1e85 c0x0000 (---------------)  + I gov
-	0x00209003, // n0x1e86 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1e87 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1e88 c0x0000 (---------------)  + I org
-	0x0024bf84, // n0x1e89 c0x0000 (---------------)  + I arts
-	0x00200742, // n0x1e8a c0x0000 (---------------)  + I co
-	0x00233503, // n0x1e8b c0x0000 (---------------)  + I com
-	0x00328c03, // n0x1e8c c0x0000 (---------------)  + I e12
-	0x0023a783, // n0x1e8d c0x0000 (---------------)  + I edu
-	0x0024d9c4, // n0x1e8e c0x0000 (---------------)  + I firm
-	0x00213183, // n0x1e8f c0x0000 (---------------)  + I gob
-	0x0026cc83, // n0x1e90 c0x0000 (---------------)  + I gov
-	0x003a1244, // n0x1e91 c0x0000 (---------------)  + I info
-	0x00201603, // n0x1e92 c0x0000 (---------------)  + I int
-	0x00209003, // n0x1e93 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1e94 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1e95 c0x0000 (---------------)  + I org
-	0x0022a5c3, // n0x1e96 c0x0000 (---------------)  + I rec
-	0x00391185, // n0x1e97 c0x0000 (---------------)  + I store
-	0x002d59c3, // n0x1e98 c0x0000 (---------------)  + I tec
-	0x00221a03, // n0x1e99 c0x0000 (---------------)  + I web
-	0x00200742, // n0x1e9a c0x0000 (---------------)  + I co
-	0x00233503, // n0x1e9b c0x0000 (---------------)  + I com
-	0x00309ac3, // n0x1e9c c0x0000 (---------------)  + I k12
-	0x0021fe03, // n0x1e9d c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1e9e c0x0000 (---------------)  + I org
-	0x00201542, // n0x1e9f c0x0000 (---------------)  + I ac
-	0x00330b83, // n0x1ea0 c0x0000 (---------------)  + I biz
-	0x000ffa08, // n0x1ea1 c0x0000 (---------------)  +   blogspot
-	0x00233503, // n0x1ea2 c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1ea3 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1ea4 c0x0000 (---------------)  + I gov
-	0x0036b386, // n0x1ea5 c0x0000 (---------------)  + I health
-	0x003a1244, // n0x1ea6 c0x0000 (---------------)  + I info
-	0x00201603, // n0x1ea7 c0x0000 (---------------)  + I int
-	0x00205284, // n0x1ea8 c0x0000 (---------------)  + I name
-	0x0021fe03, // n0x1ea9 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1eaa c0x0000 (---------------)  + I org
-	0x00220e43, // n0x1eab c0x0000 (---------------)  + I pro
-	0x00233503, // n0x1eac c0x0000 (---------------)  + I com
-	0x0023a783, // n0x1ead c0x0000 (---------------)  + I edu
-	0x0021fe03, // n0x1eae c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1eaf c0x0000 (---------------)  + I org
-	0x00233503, // n0x1eb0 c0x0000 (---------------)  + I com
-	0x00013886, // n0x1eb1 c0x0000 (---------------)  +   dyndns
-	0x0023a783, // n0x1eb2 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1eb3 c0x0000 (---------------)  + I gov
-	0x000d0d86, // n0x1eb4 c0x0000 (---------------)  +   mypets
-	0x0021fe03, // n0x1eb5 c0x0000 (---------------)  + I net
-	0x0022d1c3, // n0x1eb6 c0x0000 (---------------)  + I org
-	0x00309e08, // n0x1eb7 c0x0000 (---------------)  + I xn--80au
-	0x0030c549, // n0x1eb8 c0x0000 (---------------)  + I xn--90azh
-	0x00318cc9, // n0x1eb9 c0x0000 (---------------)  + I xn--c1avg
-	0x00329088, // n0x1eba c0x0000 (---------------)  + I xn--d1at
-	0x00374908, // n0x1ebb c0x0000 (---------------)  + I xn--o1ac
-	0x00374909, // n0x1ebc c0x0000 (---------------)  + I xn--o1ach
-	0x00201542, // n0x1ebd c0x0000 (---------------)  + I ac
-	0x00209c85, // n0x1ebe c0x0000 (---------------)  + I agric
-	0x0023adc3, // n0x1ebf c0x0000 (---------------)  + I alt
-	0x66600742, // n0x1ec0 c0x0199 (n0x1ece-n0x1ecf)  + I co
-	0x0023a783, // n0x1ec1 c0x0000 (---------------)  + I edu
-	0x0026cc83, // n0x1ec2 c0x0000 (---------------)  + I gov
-	0x0027d907, // n0x1ec3 c0x0000 (---------------)  + I grondar
-	0x00274483, // n0x1ec4 c0x0000 (---------------)  + I law
-	0x00209003, // n0x1ec5 c0x0000 (---------------)  + I mil
-	0x0021fe03, // n0x1ec6 c0x0000 (---------------)  + I net
-	0x00202d03, // n0x1ec7 c0x0000 (---------------)  + I ngo
-	0x00211803, // n0x1ec8 c0x0000 (---------------)  + I nis
-	0x00201483, // n0x1ec9 c0x0000 (---------------)  + I nom
-	0x0022d1c3, // n0x1eca c0x0000 (---------------)  + I org
-	0x0023d0c6, // n0x1ecb c0x0000 (---------------)  + I school
-	0x00200142, // n0x1ecc c0x0000 (---------------)  + I tm
-	0x00221a03, // n0x1ecd c0x0000 (---------------)  + I web
-	0x000ffa08, // n0x1ece c0x0000 (---------------)  +   blogspot
-}
-
-// children is the list of nodes' children, the parent's wildcard bit and the
-// parent's node type. If a node has no children then their children index
-// will be in the range [0, 6), depending on the wildcard bit and node type.
-//
-// The layout within the uint32, from MSB to LSB, is:
-//	[ 1 bits] unused
-//	[ 1 bits] wildcard bit
-//	[ 2 bits] node type
-//	[14 bits] high nodes index (exclusive) of children
-//	[14 bits] low nodes index (inclusive) of children
-var children = [...]uint32{
-	0x00000000, // c0x0000 (---------------)  +
-	0x10000000, // c0x0001 (---------------)  !
-	0x20000000, // c0x0002 (---------------)  o
-	0x40000000, // c0x0003 (---------------)* +
-	0x50000000, // c0x0004 (---------------)* !
-	0x60000000, // c0x0005 (---------------)* o
-	0x0183c609, // c0x0006 (n0x0609-n0x060f)  +
-	0x0184060f, // c0x0007 (n0x060f-n0x0610)  +
-	0x01860610, // c0x0008 (n0x0610-n0x0618)  +
-	0x019bc618, // c0x0009 (n0x0618-n0x066f)  +
-	0x019d066f, // c0x000a (n0x066f-n0x0674)  +
-	0x019e4674, // c0x000b (n0x0674-n0x0679)  +
-	0x019f4679, // c0x000c (n0x0679-n0x067d)  +
-	0x01a1067d, // c0x000d (n0x067d-n0x0684)  +
-	0x01a14684, // c0x000e (n0x0684-n0x0685)  +
-	0x01a2c685, // c0x000f (n0x0685-n0x068b)  +
-	0x01a5068b, // c0x0010 (n0x068b-n0x0694)  +
-	0x01a54694, // c0x0011 (n0x0694-n0x0695)  +
-	0x01a6c695, // c0x0012 (n0x0695-n0x069b)  +
-	0x01a7069b, // c0x0013 (n0x069b-n0x069c)  +
-	0x01a8c69c, // c0x0014 (n0x069c-n0x06a3)  +
-	0x01a906a3, // c0x0015 (n0x06a3-n0x06a4)  +
-	0x01ad86a4, // c0x0016 (n0x06a4-n0x06b6)  +
-	0x01adc6b6, // c0x0017 (n0x06b6-n0x06b7)  +
-	0x01afc6b7, // c0x0018 (n0x06b7-n0x06bf)  +
-	0x01b106bf, // c0x0019 (n0x06bf-n0x06c4)  +
-	0x01b146c4, // c0x001a (n0x06c4-n0x06c5)  +
-	0x01b446c5, // c0x001b (n0x06c5-n0x06d1)  +
-	0x01b706d1, // c0x001c (n0x06d1-n0x06dc)  +
-	0x01b986dc, // c0x001d (n0x06dc-n0x06e6)  +
-	0x01ba06e6, // c0x001e (n0x06e6-n0x06e8)  +
-	0x01ba46e8, // c0x001f (n0x06e8-n0x06e9)  +
-	0x01c386e9, // c0x0020 (n0x06e9-n0x070e)  +
-	0x01c4c70e, // c0x0021 (n0x070e-n0x0713)  +
-	0x01c60713, // c0x0022 (n0x0713-n0x0718)  +
-	0x01c80718, // c0x0023 (n0x0718-n0x0720)  +
-	0x01c90720, // c0x0024 (n0x0720-n0x0724)  +
-	0x01ca4724, // c0x0025 (n0x0724-n0x0729)  +
-	0x01cc8729, // c0x0026 (n0x0729-n0x0732)  +
-	0x01de0732, // c0x0027 (n0x0732-n0x0778)  +
-	0x01de4778, // c0x0028 (n0x0778-n0x0779)  +
-	0x01df8779, // c0x0029 (n0x0779-n0x077e)  +
-	0x01e0c77e, // c0x002a (n0x077e-n0x0783)  +
-	0x01e14783, // c0x002b (n0x0783-n0x0785)  +
-	0x01e24785, // c0x002c (n0x0785-n0x0789)  +
-	0x01e28789, // c0x002d (n0x0789-n0x078a)  +
-	0x01e4078a, // c0x002e (n0x078a-n0x0790)  +
-	0x01e84790, // c0x002f (n0x0790-n0x07a1)  +
-	0x01e947a1, // c0x0030 (n0x07a1-n0x07a5)  +
-	0x01e987a5, // c0x0031 (n0x07a5-n0x07a6)  +
-	0x01e9c7a6, // c0x0032 (n0x07a6-n0x07a7)  +
-	0x01ea07a7, // c0x0033 (n0x07a7-n0x07a8)  +
-	0x01edc7a8, // c0x0034 (n0x07a8-n0x07b7)  +
-	0x61ee07b7, // c0x0035 (n0x07b7-n0x07b8)* o
-	0x01ef47b8, // c0x0036 (n0x07b8-n0x07bd)  +
-	0x01f047bd, // c0x0037 (n0x07bd-n0x07c1)  +
-	0x01fb87c1, // c0x0038 (n0x07c1-n0x07ee)  +
-	0x21fbc7ee, // c0x0039 (n0x07ee-n0x07ef)  o
-	0x01fc07ef, // c0x003a (n0x07ef-n0x07f0)  +
-	0x01fc47f0, // c0x003b (n0x07f0-n0x07f1)  +
-	0x21fc87f1, // c0x003c (n0x07f1-n0x07f2)  o
-	0x21fcc7f2, // c0x003d (n0x07f2-n0x07f3)  o
-	0x020007f3, // c0x003e (n0x07f3-n0x0800)  +
-	0x02004800, // c0x003f (n0x0800-n0x0801)  +
-	0x0235c801, // c0x0040 (n0x0801-n0x08d7)  +
-	0x223ac8d7, // c0x0041 (n0x08d7-n0x08eb)  o
-	0x223b08eb, // c0x0042 (n0x08eb-n0x08ec)  o
-	0x023d88ec, // c0x0043 (n0x08ec-n0x08f6)  +
-	0x023e08f6, // c0x0044 (n0x08f6-n0x08f8)  +
-	0x223e48f8, // c0x0045 (n0x08f8-n0x08f9)  o
-	0x223e88f9, // c0x0046 (n0x08f9-n0x08fa)  o
-	0x023f48fa, // c0x0047 (n0x08fa-n0x08fd)  +
-	0x223f88fd, // c0x0048 (n0x08fd-n0x08fe)  o
-	0x024148fe, // c0x0049 (n0x08fe-n0x0905)  +
-	0x0242c905, // c0x004a (n0x0905-n0x090b)  +
-	0x0243090b, // c0x004b (n0x090b-n0x090c)  +
-	0x0244090c, // c0x004c (n0x090c-n0x0910)  +
-	0x02448910, // c0x004d (n0x0910-n0x0912)  +
-	0x2247c912, // c0x004e (n0x0912-n0x091f)  o
-	0x0248091f, // c0x004f (n0x091f-n0x0920)  +
-	0x02488920, // c0x0050 (n0x0920-n0x0922)  +
-	0x024a8922, // c0x0051 (n0x0922-n0x092a)  +
-	0x024ac92a, // c0x0052 (n0x092a-n0x092b)  +
-	0x024c092b, // c0x0053 (n0x092b-n0x0930)  +
-	0x024e8930, // c0x0054 (n0x0930-n0x093a)  +
-	0x0250893a, // c0x0055 (n0x093a-n0x0942)  +
-	0x02538942, // c0x0056 (n0x0942-n0x094e)  +
-	0x0256094e, // c0x0057 (n0x094e-n0x0958)  +
-	0x02564958, // c0x0058 (n0x0958-n0x0959)  +
-	0x02588959, // c0x0059 (n0x0959-n0x0962)  +
-	0x0258c962, // c0x005a (n0x0962-n0x0963)  +
-	0x025a0963, // c0x005b (n0x0963-n0x0968)  +
-	0x025a4968, // c0x005c (n0x0968-n0x0969)  +
-	0x025c4969, // c0x005d (n0x0969-n0x0971)  +
-	0x025d0971, // c0x005e (n0x0971-n0x0974)  +
-	0x02630974, // c0x005f (n0x0974-n0x098c)  +
-	0x0264c98c, // c0x0060 (n0x098c-n0x0993)  +
-	0x02658993, // c0x0061 (n0x0993-n0x0996)  +
-	0x0266c996, // c0x0062 (n0x0996-n0x099b)  +
-	0x0268499b, // c0x0063 (n0x099b-n0x09a1)  +
-	0x026989a1, // c0x0064 (n0x09a1-n0x09a6)  +
-	0x026b09a6, // c0x0065 (n0x09a6-n0x09ac)  +
-	0x026c89ac, // c0x0066 (n0x09ac-n0x09b2)  +
-	0x026e09b2, // c0x0067 (n0x09b2-n0x09b8)  +
-	0x026fc9b8, // c0x0068 (n0x09b8-n0x09bf)  +
-	0x027149bf, // c0x0069 (n0x09bf-n0x09c5)  +
-	0x027749c5, // c0x006a (n0x09c5-n0x09dd)  +
-	0x0278c9dd, // c0x006b (n0x09dd-n0x09e3)  +
-	0x027a09e3, // c0x006c (n0x09e3-n0x09e8)  +
-	0x027e49e8, // c0x006d (n0x09e8-n0x09f9)  +
-	0x028649f9, // c0x006e (n0x09f9-n0x0a19)  +
-	0x02890a19, // c0x006f (n0x0a19-n0x0a24)  +
-	0x02894a24, // c0x0070 (n0x0a24-n0x0a25)  +
-	0x0289ca25, // c0x0071 (n0x0a25-n0x0a27)  +
-	0x028bca27, // c0x0072 (n0x0a27-n0x0a2f)  +
-	0x028c0a2f, // c0x0073 (n0x0a2f-n0x0a30)  +
-	0x028dca30, // c0x0074 (n0x0a30-n0x0a37)  +
-	0x028e4a37, // c0x0075 (n0x0a37-n0x0a39)  +
-	0x02918a39, // c0x0076 (n0x0a39-n0x0a46)  +
-	0x02940a46, // c0x0077 (n0x0a46-n0x0a50)  +
-	0x02944a50, // c0x0078 (n0x0a50-n0x0a51)  +
-	0x0295ca51, // c0x0079 (n0x0a51-n0x0a57)  +
-	0x02974a57, // c0x007a (n0x0a57-n0x0a5d)  +
-	0x02998a5d, // c0x007b (n0x0a5d-n0x0a66)  +
-	0x029b8a66, // c0x007c (n0x0a66-n0x0a6e)  +
-	0x02f7ca6e, // c0x007d (n0x0a6e-n0x0bdf)  +
-	0x02f88bdf, // c0x007e (n0x0bdf-n0x0be2)  +
-	0x02fa8be2, // c0x007f (n0x0be2-n0x0bea)  +
-	0x03164bea, // c0x0080 (n0x0bea-n0x0c59)  +
-	0x03234c59, // c0x0081 (n0x0c59-n0x0c8d)  +
-	0x032a4c8d, // c0x0082 (n0x0c8d-n0x0ca9)  +
-	0x032fcca9, // c0x0083 (n0x0ca9-n0x0cbf)  +
-	0x033e4cbf, // c0x0084 (n0x0cbf-n0x0cf9)  +
-	0x0343ccf9, // c0x0085 (n0x0cf9-n0x0d0f)  +
-	0x03478d0f, // c0x0086 (n0x0d0f-n0x0d1e)  +
-	0x03574d1e, // c0x0087 (n0x0d1e-n0x0d5d)  +
-	0x03640d5d, // c0x0088 (n0x0d5d-n0x0d90)  +
-	0x036d8d90, // c0x0089 (n0x0d90-n0x0db6)  +
-	0x03768db6, // c0x008a (n0x0db6-n0x0dda)  +
-	0x037ccdda, // c0x008b (n0x0dda-n0x0df3)  +
-	0x03a04df3, // c0x008c (n0x0df3-n0x0e81)  +
-	0x03abce81, // c0x008d (n0x0e81-n0x0eaf)  +
-	0x03b88eaf, // c0x008e (n0x0eaf-n0x0ee2)  +
-	0x03bd4ee2, // c0x008f (n0x0ee2-n0x0ef5)  +
-	0x03c5cef5, // c0x0090 (n0x0ef5-n0x0f17)  +
-	0x03c98f17, // c0x0091 (n0x0f17-n0x0f26)  +
-	0x03ce8f26, // c0x0092 (n0x0f26-n0x0f3a)  +
-	0x03d60f3a, // c0x0093 (n0x0f3a-n0x0f58)  +
-	0x63d64f58, // c0x0094 (n0x0f58-n0x0f59)* o
-	0x63d68f59, // c0x0095 (n0x0f59-n0x0f5a)* o
-	0x63d6cf5a, // c0x0096 (n0x0f5a-n0x0f5b)* o
-	0x03de8f5b, // c0x0097 (n0x0f5b-n0x0f7a)  +
-	0x03e50f7a, // c0x0098 (n0x0f7a-n0x0f94)  +
-	0x03eccf94, // c0x0099 (n0x0f94-n0x0fb3)  +
-	0x03f44fb3, // c0x009a (n0x0fb3-n0x0fd1)  +
-	0x03fc8fd1, // c0x009b (n0x0fd1-n0x0ff2)  +
-	0x04034ff2, // c0x009c (n0x0ff2-n0x100d)  +
-	0x0416100d, // c0x009d (n0x100d-n0x1058)  +
-	0x041b9058, // c0x009e (n0x1058-n0x106e)  +
-	0x641bd06e, // c0x009f (n0x106e-n0x106f)* o
-	0x0425506f, // c0x00a0 (n0x106f-n0x1095)  +
-	0x042dd095, // c0x00a1 (n0x1095-n0x10b7)  +
-	0x043290b7, // c0x00a2 (n0x10b7-n0x10ca)  +
-	0x043910ca, // c0x00a3 (n0x10ca-n0x10e4)  +
-	0x044390e4, // c0x00a4 (n0x10e4-n0x110e)  +
-	0x0450110e, // c0x00a5 (n0x110e-n0x1140)  +
-	0x04569140, // c0x00a6 (n0x1140-n0x115a)  +
-	0x0467d15a, // c0x00a7 (n0x115a-n0x119f)  +
-	0x6468119f, // c0x00a8 (n0x119f-n0x11a0)* o
-	0x646851a0, // c0x00a9 (n0x11a0-n0x11a1)* o
-	0x046e11a1, // c0x00aa (n0x11a1-n0x11b8)  +
-	0x0473d1b8, // c0x00ab (n0x11b8-n0x11cf)  +
-	0x047cd1cf, // c0x00ac (n0x11cf-n0x11f3)  +
-	0x048491f3, // c0x00ad (n0x11f3-n0x1212)  +
-	0x0488d212, // c0x00ae (n0x1212-n0x1223)  +
-	0x04971223, // c0x00af (n0x1223-n0x125c)  +
-	0x049a525c, // c0x00b0 (n0x125c-n0x1269)  +
-	0x04a05269, // c0x00b1 (n0x1269-n0x1281)  +
-	0x04a79281, // c0x00b2 (n0x1281-n0x129e)  +
-	0x04b0129e, // c0x00b3 (n0x129e-n0x12c0)  +
-	0x04b412c0, // c0x00b4 (n0x12c0-n0x12d0)  +
-	0x04bb12d0, // c0x00b5 (n0x12d0-n0x12ec)  +
-	0x64bb52ec, // c0x00b6 (n0x12ec-n0x12ed)* o
-	0x64bb92ed, // c0x00b7 (n0x12ed-n0x12ee)* o
-	0x24bbd2ee, // c0x00b8 (n0x12ee-n0x12ef)  o
-	0x04bd52ef, // c0x00b9 (n0x12ef-n0x12f5)  +
-	0x04bf12f5, // c0x00ba (n0x12f5-n0x12fc)  +
-	0x04c352fc, // c0x00bb (n0x12fc-n0x130d)  +
-	0x04c4530d, // c0x00bc (n0x130d-n0x1311)  +
-	0x04c5d311, // c0x00bd (n0x1311-n0x1317)  +
-	0x04cd5317, // c0x00be (n0x1317-n0x1335)  +
-	0x04ce9335, // c0x00bf (n0x1335-n0x133a)  +
-	0x04d0133a, // c0x00c0 (n0x133a-n0x1340)  +
-	0x04d25340, // c0x00c1 (n0x1340-n0x1349)  +
-	0x04d39349, // c0x00c2 (n0x1349-n0x134e)  +
-	0x04d5134e, // c0x00c3 (n0x134e-n0x1354)  +
-	0x04d55354, // c0x00c4 (n0x1354-n0x1355)  +
-	0x04d91355, // c0x00c5 (n0x1355-n0x1364)  +
-	0x04da5364, // c0x00c6 (n0x1364-n0x1369)  +
-	0x04dad369, // c0x00c7 (n0x1369-n0x136b)  +
-	0x04db536b, // c0x00c8 (n0x136b-n0x136d)  +
-	0x04db936d, // c0x00c9 (n0x136d-n0x136e)  +
-	0x04ddd36e, // c0x00ca (n0x136e-n0x1377)  +
-	0x04e01377, // c0x00cb (n0x1377-n0x1380)  +
-	0x04e19380, // c0x00cc (n0x1380-n0x1386)  +
-	0x04e21386, // c0x00cd (n0x1386-n0x1388)  +
-	0x04e25388, // c0x00ce (n0x1388-n0x1389)  +
-	0x04e59389, // c0x00cf (n0x1389-n0x1396)  +
-	0x04e7d396, // c0x00d0 (n0x1396-n0x139f)  +
-	0x04e9d39f, // c0x00d1 (n0x139f-n0x13a7)  +
-	0x04eb93a7, // c0x00d2 (n0x13a7-n0x13ae)  +
-	0x04ec93ae, // c0x00d3 (n0x13ae-n0x13b2)  +
-	0x04edd3b2, // c0x00d4 (n0x13b2-n0x13b7)  +
-	0x04ee13b7, // c0x00d5 (n0x13b7-n0x13b8)  +
-	0x04ee93b8, // c0x00d6 (n0x13b8-n0x13ba)  +
-	0x04efd3ba, // c0x00d7 (n0x13ba-n0x13bf)  +
-	0x04f0d3bf, // c0x00d8 (n0x13bf-n0x13c3)  +
-	0x04f113c3, // c0x00d9 (n0x13c3-n0x13c4)  +
-	0x04f2d3c4, // c0x00da (n0x13c4-n0x13cb)  +
-	0x057bd3cb, // c0x00db (n0x13cb-n0x15ef)  +
-	0x057f55ef, // c0x00dc (n0x15ef-n0x15fd)  +
-	0x058215fd, // c0x00dd (n0x15fd-n0x1608)  +
-	0x05839608, // c0x00de (n0x1608-n0x160e)  +
-	0x0585960e, // c0x00df (n0x160e-n0x1616)  +
-	0x6585d616, // c0x00e0 (n0x1616-n0x1617)* o
-	0x058a1617, // c0x00e1 (n0x1617-n0x1628)  +
-	0x058a9628, // c0x00e2 (n0x1628-n0x162a)  +
-	0x258ad62a, // c0x00e3 (n0x162a-n0x162b)  o
-	0x258b162b, // c0x00e4 (n0x162b-n0x162c)  o
-	0x058b562c, // c0x00e5 (n0x162c-n0x162d)  +
-	0x0598d62d, // c0x00e6 (n0x162d-n0x1663)  +
-	0x25991663, // c0x00e7 (n0x1663-n0x1664)  o
-	0x25999664, // c0x00e8 (n0x1664-n0x1666)  o
-	0x259a1666, // c0x00e9 (n0x1666-n0x1668)  o
-	0x259ad668, // c0x00ea (n0x1668-n0x166b)  o
-	0x059d566b, // c0x00eb (n0x166b-n0x1675)  +
-	0x059fd675, // c0x00ec (n0x1675-n0x167f)  +
-	0x05a0167f, // c0x00ed (n0x167f-n0x1680)  +
-	0x25a39680, // c0x00ee (n0x1680-n0x168e)  o
-	0x05a4568e, // c0x00ef (n0x168e-n0x1691)  +
-	0x0659d691, // c0x00f0 (n0x1691-n0x1967)  +
-	0x065a1967, // c0x00f1 (n0x1967-n0x1968)  +
-	0x065a5968, // c0x00f2 (n0x1968-n0x1969)  +
-	0x265a9969, // c0x00f3 (n0x1969-n0x196a)  o
-	0x065ad96a, // c0x00f4 (n0x196a-n0x196b)  +
-	0x265b196b, // c0x00f5 (n0x196b-n0x196c)  o
-	0x065b596c, // c0x00f6 (n0x196c-n0x196d)  +
-	0x265c196d, // c0x00f7 (n0x196d-n0x1970)  o
-	0x065c5970, // c0x00f8 (n0x1970-n0x1971)  +
-	0x065c9971, // c0x00f9 (n0x1971-n0x1972)  +
-	0x265cd972, // c0x00fa (n0x1972-n0x1973)  o
-	0x065d1973, // c0x00fb (n0x1973-n0x1974)  +
-	0x265d9974, // c0x00fc (n0x1974-n0x1976)  o
-	0x065dd976, // c0x00fd (n0x1976-n0x1977)  +
-	0x065e1977, // c0x00fe (n0x1977-n0x1978)  +
-	0x265f1978, // c0x00ff (n0x1978-n0x197c)  o
-	0x065f597c, // c0x0100 (n0x197c-n0x197d)  +
-	0x065f997d, // c0x0101 (n0x197d-n0x197e)  +
-	0x065fd97e, // c0x0102 (n0x197e-n0x197f)  +
-	0x0660197f, // c0x0103 (n0x197f-n0x1980)  +
-	0x26605980, // c0x0104 (n0x1980-n0x1981)  o
-	0x06609981, // c0x0105 (n0x1981-n0x1982)  +
-	0x0660d982, // c0x0106 (n0x1982-n0x1983)  +
-	0x06611983, // c0x0107 (n0x1983-n0x1984)  +
-	0x06615984, // c0x0108 (n0x1984-n0x1985)  +
-	0x2661d985, // c0x0109 (n0x1985-n0x1987)  o
-	0x06621987, // c0x010a (n0x1987-n0x1988)  +
-	0x06625988, // c0x010b (n0x1988-n0x1989)  +
-	0x06629989, // c0x010c (n0x1989-n0x198a)  +
-	0x2662d98a, // c0x010d (n0x198a-n0x198b)  o
-	0x0663198b, // c0x010e (n0x198b-n0x198c)  +
-	0x2663998c, // c0x010f (n0x198c-n0x198e)  o
-	0x2663d98e, // c0x0110 (n0x198e-n0x198f)  o
-	0x0665998f, // c0x0111 (n0x198f-n0x1996)  +
-	0x06665996, // c0x0112 (n0x1996-n0x1999)  +
-	0x066a5999, // c0x0113 (n0x1999-n0x19a9)  +
-	0x066a99a9, // c0x0114 (n0x19a9-n0x19aa)  +
-	0x066cd9aa, // c0x0115 (n0x19aa-n0x19b3)  +
-	0x067c19b3, // c0x0116 (n0x19b3-n0x19f0)  +
-	0x267c99f0, // c0x0117 (n0x19f0-n0x19f2)  o
-	0x267cd9f2, // c0x0118 (n0x19f2-n0x19f3)  o
-	0x267d19f3, // c0x0119 (n0x19f3-n0x19f4)  o
-	0x067d99f4, // c0x011a (n0x19f4-n0x19f6)  +
-	0x068b59f6, // c0x011b (n0x19f6-n0x1a2d)  +
-	0x068e1a2d, // c0x011c (n0x1a2d-n0x1a38)  +
-	0x06901a38, // c0x011d (n0x1a38-n0x1a40)  +
-	0x0690da40, // c0x011e (n0x1a40-n0x1a43)  +
-	0x0692da43, // c0x011f (n0x1a43-n0x1a4b)  +
-	0x06965a4b, // c0x0120 (n0x1a4b-n0x1a59)  +
-	0x06bf9a59, // c0x0121 (n0x1a59-n0x1afe)  +
-	0x06cb5afe, // c0x0122 (n0x1afe-n0x1b2d)  +
-	0x06cc9b2d, // c0x0123 (n0x1b2d-n0x1b32)  +
-	0x06cfdb32, // c0x0124 (n0x1b32-n0x1b3f)  +
-	0x06d29b3f, // c0x0125 (n0x1b3f-n0x1b4a)  +
-	0x06d45b4a, // c0x0126 (n0x1b4a-n0x1b51)  +
-	0x06d69b51, // c0x0127 (n0x1b51-n0x1b5a)  +
-	0x06d81b5a, // c0x0128 (n0x1b5a-n0x1b60)  +
-	0x06d9db60, // c0x0129 (n0x1b60-n0x1b67)  +
-	0x06dc1b67, // c0x012a (n0x1b67-n0x1b70)  +
-	0x06dd1b70, // c0x012b (n0x1b70-n0x1b74)  +
-	0x06e01b74, // c0x012c (n0x1b74-n0x1b80)  +
-	0x06e1db80, // c0x012d (n0x1b80-n0x1b87)  +
-	0x07029b87, // c0x012e (n0x1b87-n0x1c0a)  +
-	0x0704dc0a, // c0x012f (n0x1c0a-n0x1c13)  +
-	0x0706dc13, // c0x0130 (n0x1c13-n0x1c1b)  +
-	0x07081c1b, // c0x0131 (n0x1c1b-n0x1c20)  +
-	0x07095c20, // c0x0132 (n0x1c20-n0x1c25)  +
-	0x070b5c25, // c0x0133 (n0x1c25-n0x1c2d)  +
-	0x07159c2d, // c0x0134 (n0x1c2d-n0x1c56)  +
-	0x07175c56, // c0x0135 (n0x1c56-n0x1c5d)  +
-	0x07191c5d, // c0x0136 (n0x1c5d-n0x1c64)  +
-	0x07195c64, // c0x0137 (n0x1c64-n0x1c65)  +
-	0x07199c65, // c0x0138 (n0x1c65-n0x1c66)  +
-	0x071adc66, // c0x0139 (n0x1c66-n0x1c6b)  +
-	0x071cdc6b, // c0x013a (n0x1c6b-n0x1c73)  +
-	0x071d9c73, // c0x013b (n0x1c73-n0x1c76)  +
-	0x07209c76, // c0x013c (n0x1c76-n0x1c82)  +
-	0x07289c82, // c0x013d (n0x1c82-n0x1ca2)  +
-	0x0729dca2, // c0x013e (n0x1ca2-n0x1ca7)  +
-	0x072a1ca7, // c0x013f (n0x1ca7-n0x1ca8)  +
-	0x072b9ca8, // c0x0140 (n0x1ca8-n0x1cae)  +
-	0x072c5cae, // c0x0141 (n0x1cae-n0x1cb1)  +
-	0x072c9cb1, // c0x0142 (n0x1cb1-n0x1cb2)  +
-	0x072e5cb2, // c0x0143 (n0x1cb2-n0x1cb9)  +
-	0x07321cb9, // c0x0144 (n0x1cb9-n0x1cc8)  +
-	0x07325cc8, // c0x0145 (n0x1cc8-n0x1cc9)  +
-	0x07345cc9, // c0x0146 (n0x1cc9-n0x1cd1)  +
-	0x07395cd1, // c0x0147 (n0x1cd1-n0x1ce5)  +
-	0x073adce5, // c0x0148 (n0x1ce5-n0x1ceb)  +
-	0x07401ceb, // c0x0149 (n0x1ceb-n0x1d00)  +
-	0x07405d00, // c0x014a (n0x1d00-n0x1d01)  +
-	0x07409d01, // c0x014b (n0x1d01-n0x1d02)  +
-	0x0744dd02, // c0x014c (n0x1d02-n0x1d13)  +
-	0x0745dd13, // c0x014d (n0x1d13-n0x1d17)  +
-	0x07495d17, // c0x014e (n0x1d17-n0x1d25)  +
-	0x074c5d25, // c0x014f (n0x1d25-n0x1d31)  +
-	0x07601d31, // c0x0150 (n0x1d31-n0x1d80)  +
-	0x07625d80, // c0x0151 (n0x1d80-n0x1d89)  +
-	0x07651d89, // c0x0152 (n0x1d89-n0x1d94)  +
-	0x07655d94, // c0x0153 (n0x1d94-n0x1d95)  +
-	0x07659d95, // c0x0154 (n0x1d95-n0x1d96)  +
-	0x07755d96, // c0x0155 (n0x1d96-n0x1dd5)  +
-	0x07761dd5, // c0x0156 (n0x1dd5-n0x1dd8)  +
-	0x0776ddd8, // c0x0157 (n0x1dd8-n0x1ddb)  +
-	0x07779ddb, // c0x0158 (n0x1ddb-n0x1dde)  +
-	0x07785dde, // c0x0159 (n0x1dde-n0x1de1)  +
-	0x07791de1, // c0x015a (n0x1de1-n0x1de4)  +
-	0x0779dde4, // c0x015b (n0x1de4-n0x1de7)  +
-	0x077a9de7, // c0x015c (n0x1de7-n0x1dea)  +
-	0x077b5dea, // c0x015d (n0x1dea-n0x1ded)  +
-	0x077c1ded, // c0x015e (n0x1ded-n0x1df0)  +
-	0x077cddf0, // c0x015f (n0x1df0-n0x1df3)  +
-	0x077d9df3, // c0x0160 (n0x1df3-n0x1df6)  +
-	0x077e5df6, // c0x0161 (n0x1df6-n0x1df9)  +
-	0x077f1df9, // c0x0162 (n0x1df9-n0x1dfc)  +
-	0x077f9dfc, // c0x0163 (n0x1dfc-n0x1dfe)  +
-	0x07805dfe, // c0x0164 (n0x1dfe-n0x1e01)  +
-	0x07811e01, // c0x0165 (n0x1e01-n0x1e04)  +
-	0x0781de04, // c0x0166 (n0x1e04-n0x1e07)  +
-	0x07829e07, // c0x0167 (n0x1e07-n0x1e0a)  +
-	0x07835e0a, // c0x0168 (n0x1e0a-n0x1e0d)  +
-	0x07841e0d, // c0x0169 (n0x1e0d-n0x1e10)  +
-	0x0784de10, // c0x016a (n0x1e10-n0x1e13)  +
-	0x07859e13, // c0x016b (n0x1e13-n0x1e16)  +
-	0x07865e16, // c0x016c (n0x1e16-n0x1e19)  +
-	0x07871e19, // c0x016d (n0x1e19-n0x1e1c)  +
-	0x0787de1c, // c0x016e (n0x1e1c-n0x1e1f)  +
-	0x07889e1f, // c0x016f (n0x1e1f-n0x1e22)  +
-	0x07895e22, // c0x0170 (n0x1e22-n0x1e25)  +
-	0x078a1e25, // c0x0171 (n0x1e25-n0x1e28)  +
-	0x078ade28, // c0x0172 (n0x1e28-n0x1e2b)  +
-	0x078b9e2b, // c0x0173 (n0x1e2b-n0x1e2e)  +
-	0x078c5e2e, // c0x0174 (n0x1e2e-n0x1e31)  +
-	0x078cde31, // c0x0175 (n0x1e31-n0x1e33)  +
-	0x078d9e33, // c0x0176 (n0x1e33-n0x1e36)  +
-	0x078e5e36, // c0x0177 (n0x1e36-n0x1e39)  +
-	0x078f1e39, // c0x0178 (n0x1e39-n0x1e3c)  +
-	0x078fde3c, // c0x0179 (n0x1e3c-n0x1e3f)  +
-	0x07909e3f, // c0x017a (n0x1e3f-n0x1e42)  +
-	0x07915e42, // c0x017b (n0x1e42-n0x1e45)  +
-	0x07921e45, // c0x017c (n0x1e45-n0x1e48)  +
-	0x0792de48, // c0x017d (n0x1e48-n0x1e4b)  +
-	0x07939e4b, // c0x017e (n0x1e4b-n0x1e4e)  +
-	0x07945e4e, // c0x017f (n0x1e4e-n0x1e51)  +
-	0x07951e51, // c0x0180 (n0x1e51-n0x1e54)  +
-	0x0795de54, // c0x0181 (n0x1e54-n0x1e57)  +
-	0x07969e57, // c0x0182 (n0x1e57-n0x1e5a)  +
-	0x07971e5a, // c0x0183 (n0x1e5a-n0x1e5c)  +
-	0x0797de5c, // c0x0184 (n0x1e5c-n0x1e5f)  +
-	0x07989e5f, // c0x0185 (n0x1e5f-n0x1e62)  +
-	0x07995e62, // c0x0186 (n0x1e62-n0x1e65)  +
-	0x079a1e65, // c0x0187 (n0x1e65-n0x1e68)  +
-	0x079ade68, // c0x0188 (n0x1e68-n0x1e6b)  +
-	0x079b9e6b, // c0x0189 (n0x1e6b-n0x1e6e)  +
-	0x079c5e6e, // c0x018a (n0x1e6e-n0x1e71)  +
-	0x079d1e71, // c0x018b (n0x1e71-n0x1e74)  +
-	0x079d5e74, // c0x018c (n0x1e74-n0x1e75)  +
-	0x079e1e75, // c0x018d (n0x1e75-n0x1e78)  +
-	0x079f9e78, // c0x018e (n0x1e78-n0x1e7e)  +
-	0x079fde7e, // c0x018f (n0x1e7e-n0x1e7f)  +
-	0x07a0de7f, // c0x0190 (n0x1e7f-n0x1e83)  +
-	0x07a25e83, // c0x0191 (n0x1e83-n0x1e89)  +
-	0x07a69e89, // c0x0192 (n0x1e89-n0x1e9a)  +
-	0x07a7de9a, // c0x0193 (n0x1e9a-n0x1e9f)  +
-	0x07ab1e9f, // c0x0194 (n0x1e9f-n0x1eac)  +
-	0x07ac1eac, // c0x0195 (n0x1eac-n0x1eb0)  +
-	0x07addeb0, // c0x0196 (n0x1eb0-n0x1eb7)  +
-	0x07af5eb7, // c0x0197 (n0x1eb7-n0x1ebd)  +
-	0x27b39ebd, // c0x0198 (n0x1ebd-n0x1ece)  o
-	0x07b3dece, // c0x0199 (n0x1ece-n0x1ecf)  +
-}
-
-// max children 409 (capacity 511)
-// max text offset 27059 (capacity 32767)
-// max text length 36 (capacity 63)
-// max hi 7887 (capacity 16383)
-// max lo 7886 (capacity 16383)
diff --git a/vendor/golang.org/x/net/publicsuffix/table_test.go b/vendor/golang.org/x/net/publicsuffix/table_test.go
deleted file mode 100644
index 5b635b97..00000000
--- a/vendor/golang.org/x/net/publicsuffix/table_test.go
+++ /dev/null
@@ -1,15751 +0,0 @@
-// generated by go run gen.go; DO NOT EDIT
-
-package publicsuffix
-
-var rules = [...]string{
-	"ac",
-	"com.ac",
-	"edu.ac",
-	"gov.ac",
-	"net.ac",
-	"mil.ac",
-	"org.ac",
-	"ad",
-	"nom.ad",
-	"ae",
-	"co.ae",
-	"net.ae",
-	"org.ae",
-	"sch.ae",
-	"ac.ae",
-	"gov.ae",
-	"mil.ae",
-	"aero",
-	"accident-investigation.aero",
-	"accident-prevention.aero",
-	"aerobatic.aero",
-	"aeroclub.aero",
-	"aerodrome.aero",
-	"agents.aero",
-	"aircraft.aero",
-	"airline.aero",
-	"airport.aero",
-	"air-surveillance.aero",
-	"airtraffic.aero",
-	"air-traffic-control.aero",
-	"ambulance.aero",
-	"amusement.aero",
-	"association.aero",
-	"author.aero",
-	"ballooning.aero",
-	"broker.aero",
-	"caa.aero",
-	"cargo.aero",
-	"catering.aero",
-	"certification.aero",
-	"championship.aero",
-	"charter.aero",
-	"civilaviation.aero",
-	"club.aero",
-	"conference.aero",
-	"consultant.aero",
-	"consulting.aero",
-	"control.aero",
-	"council.aero",
-	"crew.aero",
-	"design.aero",
-	"dgca.aero",
-	"educator.aero",
-	"emergency.aero",
-	"engine.aero",
-	"engineer.aero",
-	"entertainment.aero",
-	"equipment.aero",
-	"exchange.aero",
-	"express.aero",
-	"federation.aero",
-	"flight.aero",
-	"freight.aero",
-	"fuel.aero",
-	"gliding.aero",
-	"government.aero",
-	"groundhandling.aero",
-	"group.aero",
-	"hanggliding.aero",
-	"homebuilt.aero",
-	"insurance.aero",
-	"journal.aero",
-	"journalist.aero",
-	"leasing.aero",
-	"logistics.aero",
-	"magazine.aero",
-	"maintenance.aero",
-	"media.aero",
-	"microlight.aero",
-	"modelling.aero",
-	"navigation.aero",
-	"parachuting.aero",
-	"paragliding.aero",
-	"passenger-association.aero",
-	"pilot.aero",
-	"press.aero",
-	"production.aero",
-	"recreation.aero",
-	"repbody.aero",
-	"res.aero",
-	"research.aero",
-	"rotorcraft.aero",
-	"safety.aero",
-	"scientist.aero",
-	"services.aero",
-	"show.aero",
-	"skydiving.aero",
-	"software.aero",
-	"student.aero",
-	"trader.aero",
-	"trading.aero",
-	"trainer.aero",
-	"union.aero",
-	"workinggroup.aero",
-	"works.aero",
-	"af",
-	"gov.af",
-	"com.af",
-	"org.af",
-	"net.af",
-	"edu.af",
-	"ag",
-	"com.ag",
-	"org.ag",
-	"net.ag",
-	"co.ag",
-	"nom.ag",
-	"ai",
-	"off.ai",
-	"com.ai",
-	"net.ai",
-	"org.ai",
-	"al",
-	"com.al",
-	"edu.al",
-	"gov.al",
-	"mil.al",
-	"net.al",
-	"org.al",
-	"am",
-	"ao",
-	"ed.ao",
-	"gv.ao",
-	"og.ao",
-	"co.ao",
-	"pb.ao",
-	"it.ao",
-	"aq",
-	"ar",
-	"com.ar",
-	"edu.ar",
-	"gob.ar",
-	"gov.ar",
-	"int.ar",
-	"mil.ar",
-	"net.ar",
-	"org.ar",
-	"tur.ar",
-	"arpa",
-	"e164.arpa",
-	"in-addr.arpa",
-	"ip6.arpa",
-	"iris.arpa",
-	"uri.arpa",
-	"urn.arpa",
-	"as",
-	"gov.as",
-	"asia",
-	"at",
-	"ac.at",
-	"co.at",
-	"gv.at",
-	"or.at",
-	"au",
-	"com.au",
-	"net.au",
-	"org.au",
-	"edu.au",
-	"gov.au",
-	"asn.au",
-	"id.au",
-	"info.au",
-	"conf.au",
-	"oz.au",
-	"act.au",
-	"nsw.au",
-	"nt.au",
-	"qld.au",
-	"sa.au",
-	"tas.au",
-	"vic.au",
-	"wa.au",
-	"act.edu.au",
-	"nsw.edu.au",
-	"nt.edu.au",
-	"qld.edu.au",
-	"sa.edu.au",
-	"tas.edu.au",
-	"vic.edu.au",
-	"wa.edu.au",
-	"qld.gov.au",
-	"sa.gov.au",
-	"tas.gov.au",
-	"vic.gov.au",
-	"wa.gov.au",
-	"aw",
-	"com.aw",
-	"ax",
-	"az",
-	"com.az",
-	"net.az",
-	"int.az",
-	"gov.az",
-	"org.az",
-	"edu.az",
-	"info.az",
-	"pp.az",
-	"mil.az",
-	"name.az",
-	"pro.az",
-	"biz.az",
-	"ba",
-	"org.ba",
-	"net.ba",
-	"edu.ba",
-	"gov.ba",
-	"mil.ba",
-	"unsa.ba",
-	"unbi.ba",
-	"co.ba",
-	"com.ba",
-	"rs.ba",
-	"bb",
-	"biz.bb",
-	"co.bb",
-	"com.bb",
-	"edu.bb",
-	"gov.bb",
-	"info.bb",
-	"net.bb",
-	"org.bb",
-	"store.bb",
-	"tv.bb",
-	"*.bd",
-	"be",
-	"ac.be",
-	"bf",
-	"gov.bf",
-	"bg",
-	"a.bg",
-	"b.bg",
-	"c.bg",
-	"d.bg",
-	"e.bg",
-	"f.bg",
-	"g.bg",
-	"h.bg",
-	"i.bg",
-	"j.bg",
-	"k.bg",
-	"l.bg",
-	"m.bg",
-	"n.bg",
-	"o.bg",
-	"p.bg",
-	"q.bg",
-	"r.bg",
-	"s.bg",
-	"t.bg",
-	"u.bg",
-	"v.bg",
-	"w.bg",
-	"x.bg",
-	"y.bg",
-	"z.bg",
-	"0.bg",
-	"1.bg",
-	"2.bg",
-	"3.bg",
-	"4.bg",
-	"5.bg",
-	"6.bg",
-	"7.bg",
-	"8.bg",
-	"9.bg",
-	"bh",
-	"com.bh",
-	"edu.bh",
-	"net.bh",
-	"org.bh",
-	"gov.bh",
-	"bi",
-	"co.bi",
-	"com.bi",
-	"edu.bi",
-	"or.bi",
-	"org.bi",
-	"biz",
-	"bj",
-	"asso.bj",
-	"barreau.bj",
-	"gouv.bj",
-	"bm",
-	"com.bm",
-	"edu.bm",
-	"gov.bm",
-	"net.bm",
-	"org.bm",
-	"*.bn",
-	"bo",
-	"com.bo",
-	"edu.bo",
-	"gov.bo",
-	"gob.bo",
-	"int.bo",
-	"org.bo",
-	"net.bo",
-	"mil.bo",
-	"tv.bo",
-	"br",
-	"adm.br",
-	"adv.br",
-	"agr.br",
-	"am.br",
-	"arq.br",
-	"art.br",
-	"ato.br",
-	"b.br",
-	"bio.br",
-	"blog.br",
-	"bmd.br",
-	"cim.br",
-	"cng.br",
-	"cnt.br",
-	"com.br",
-	"coop.br",
-	"ecn.br",
-	"eco.br",
-	"edu.br",
-	"emp.br",
-	"eng.br",
-	"esp.br",
-	"etc.br",
-	"eti.br",
-	"far.br",
-	"flog.br",
-	"fm.br",
-	"fnd.br",
-	"fot.br",
-	"fst.br",
-	"g12.br",
-	"ggf.br",
-	"gov.br",
-	"imb.br",
-	"ind.br",
-	"inf.br",
-	"jor.br",
-	"jus.br",
-	"leg.br",
-	"lel.br",
-	"mat.br",
-	"med.br",
-	"mil.br",
-	"mp.br",
-	"mus.br",
-	"net.br",
-	"*.nom.br",
-	"not.br",
-	"ntr.br",
-	"odo.br",
-	"org.br",
-	"ppg.br",
-	"pro.br",
-	"psc.br",
-	"psi.br",
-	"qsl.br",
-	"radio.br",
-	"rec.br",
-	"slg.br",
-	"srv.br",
-	"taxi.br",
-	"teo.br",
-	"tmp.br",
-	"trd.br",
-	"tur.br",
-	"tv.br",
-	"vet.br",
-	"vlog.br",
-	"wiki.br",
-	"zlg.br",
-	"bs",
-	"com.bs",
-	"net.bs",
-	"org.bs",
-	"edu.bs",
-	"gov.bs",
-	"bt",
-	"com.bt",
-	"edu.bt",
-	"gov.bt",
-	"net.bt",
-	"org.bt",
-	"bv",
-	"bw",
-	"co.bw",
-	"org.bw",
-	"by",
-	"gov.by",
-	"mil.by",
-	"com.by",
-	"of.by",
-	"bz",
-	"com.bz",
-	"net.bz",
-	"org.bz",
-	"edu.bz",
-	"gov.bz",
-	"ca",
-	"ab.ca",
-	"bc.ca",
-	"mb.ca",
-	"nb.ca",
-	"nf.ca",
-	"nl.ca",
-	"ns.ca",
-	"nt.ca",
-	"nu.ca",
-	"on.ca",
-	"pe.ca",
-	"qc.ca",
-	"sk.ca",
-	"yk.ca",
-	"gc.ca",
-	"cat",
-	"cc",
-	"cd",
-	"gov.cd",
-	"cf",
-	"cg",
-	"ch",
-	"ci",
-	"org.ci",
-	"or.ci",
-	"com.ci",
-	"co.ci",
-	"edu.ci",
-	"ed.ci",
-	"ac.ci",
-	"net.ci",
-	"go.ci",
-	"asso.ci",
-	"xn--aroport-bya.ci",
-	"int.ci",
-	"presse.ci",
-	"md.ci",
-	"gouv.ci",
-	"*.ck",
-	"!www.ck",
-	"cl",
-	"gov.cl",
-	"gob.cl",
-	"co.cl",
-	"mil.cl",
-	"cm",
-	"co.cm",
-	"com.cm",
-	"gov.cm",
-	"net.cm",
-	"cn",
-	"ac.cn",
-	"com.cn",
-	"edu.cn",
-	"gov.cn",
-	"net.cn",
-	"org.cn",
-	"mil.cn",
-	"xn--55qx5d.cn",
-	"xn--io0a7i.cn",
-	"xn--od0alg.cn",
-	"ah.cn",
-	"bj.cn",
-	"cq.cn",
-	"fj.cn",
-	"gd.cn",
-	"gs.cn",
-	"gz.cn",
-	"gx.cn",
-	"ha.cn",
-	"hb.cn",
-	"he.cn",
-	"hi.cn",
-	"hl.cn",
-	"hn.cn",
-	"jl.cn",
-	"js.cn",
-	"jx.cn",
-	"ln.cn",
-	"nm.cn",
-	"nx.cn",
-	"qh.cn",
-	"sc.cn",
-	"sd.cn",
-	"sh.cn",
-	"sn.cn",
-	"sx.cn",
-	"tj.cn",
-	"xj.cn",
-	"xz.cn",
-	"yn.cn",
-	"zj.cn",
-	"hk.cn",
-	"mo.cn",
-	"tw.cn",
-	"co",
-	"arts.co",
-	"com.co",
-	"edu.co",
-	"firm.co",
-	"gov.co",
-	"info.co",
-	"int.co",
-	"mil.co",
-	"net.co",
-	"nom.co",
-	"org.co",
-	"rec.co",
-	"web.co",
-	"com",
-	"coop",
-	"cr",
-	"ac.cr",
-	"co.cr",
-	"ed.cr",
-	"fi.cr",
-	"go.cr",
-	"or.cr",
-	"sa.cr",
-	"cu",
-	"com.cu",
-	"edu.cu",
-	"org.cu",
-	"net.cu",
-	"gov.cu",
-	"inf.cu",
-	"cv",
-	"cw",
-	"com.cw",
-	"edu.cw",
-	"net.cw",
-	"org.cw",
-	"cx",
-	"gov.cx",
-	"ac.cy",
-	"biz.cy",
-	"com.cy",
-	"ekloges.cy",
-	"gov.cy",
-	"ltd.cy",
-	"name.cy",
-	"net.cy",
-	"org.cy",
-	"parliament.cy",
-	"press.cy",
-	"pro.cy",
-	"tm.cy",
-	"cz",
-	"de",
-	"dj",
-	"dk",
-	"dm",
-	"com.dm",
-	"net.dm",
-	"org.dm",
-	"edu.dm",
-	"gov.dm",
-	"do",
-	"art.do",
-	"com.do",
-	"edu.do",
-	"gob.do",
-	"gov.do",
-	"mil.do",
-	"net.do",
-	"org.do",
-	"sld.do",
-	"web.do",
-	"dz",
-	"com.dz",
-	"org.dz",
-	"net.dz",
-	"gov.dz",
-	"edu.dz",
-	"asso.dz",
-	"pol.dz",
-	"art.dz",
-	"ec",
-	"com.ec",
-	"info.ec",
-	"net.ec",
-	"fin.ec",
-	"k12.ec",
-	"med.ec",
-	"pro.ec",
-	"org.ec",
-	"edu.ec",
-	"gov.ec",
-	"gob.ec",
-	"mil.ec",
-	"edu",
-	"ee",
-	"edu.ee",
-	"gov.ee",
-	"riik.ee",
-	"lib.ee",
-	"med.ee",
-	"com.ee",
-	"pri.ee",
-	"aip.ee",
-	"org.ee",
-	"fie.ee",
-	"eg",
-	"com.eg",
-	"edu.eg",
-	"eun.eg",
-	"gov.eg",
-	"mil.eg",
-	"name.eg",
-	"net.eg",
-	"org.eg",
-	"sci.eg",
-	"*.er",
-	"es",
-	"com.es",
-	"nom.es",
-	"org.es",
-	"gob.es",
-	"edu.es",
-	"et",
-	"com.et",
-	"gov.et",
-	"org.et",
-	"edu.et",
-	"biz.et",
-	"name.et",
-	"info.et",
-	"net.et",
-	"eu",
-	"fi",
-	"aland.fi",
-	"*.fj",
-	"*.fk",
-	"fm",
-	"fo",
-	"fr",
-	"com.fr",
-	"asso.fr",
-	"nom.fr",
-	"prd.fr",
-	"presse.fr",
-	"tm.fr",
-	"aeroport.fr",
-	"assedic.fr",
-	"avocat.fr",
-	"avoues.fr",
-	"cci.fr",
-	"chambagri.fr",
-	"chirurgiens-dentistes.fr",
-	"experts-comptables.fr",
-	"geometre-expert.fr",
-	"gouv.fr",
-	"greta.fr",
-	"huissier-justice.fr",
-	"medecin.fr",
-	"notaires.fr",
-	"pharmacien.fr",
-	"port.fr",
-	"veterinaire.fr",
-	"ga",
-	"gb",
-	"gd",
-	"ge",
-	"com.ge",
-	"edu.ge",
-	"gov.ge",
-	"org.ge",
-	"mil.ge",
-	"net.ge",
-	"pvt.ge",
-	"gf",
-	"gg",
-	"co.gg",
-	"net.gg",
-	"org.gg",
-	"gh",
-	"com.gh",
-	"edu.gh",
-	"gov.gh",
-	"org.gh",
-	"mil.gh",
-	"gi",
-	"com.gi",
-	"ltd.gi",
-	"gov.gi",
-	"mod.gi",
-	"edu.gi",
-	"org.gi",
-	"gl",
-	"co.gl",
-	"com.gl",
-	"edu.gl",
-	"net.gl",
-	"org.gl",
-	"gm",
-	"gn",
-	"ac.gn",
-	"com.gn",
-	"edu.gn",
-	"gov.gn",
-	"org.gn",
-	"net.gn",
-	"gov",
-	"gp",
-	"com.gp",
-	"net.gp",
-	"mobi.gp",
-	"edu.gp",
-	"org.gp",
-	"asso.gp",
-	"gq",
-	"gr",
-	"com.gr",
-	"edu.gr",
-	"net.gr",
-	"org.gr",
-	"gov.gr",
-	"gs",
-	"gt",
-	"com.gt",
-	"edu.gt",
-	"gob.gt",
-	"ind.gt",
-	"mil.gt",
-	"net.gt",
-	"org.gt",
-	"*.gu",
-	"gw",
-	"gy",
-	"co.gy",
-	"com.gy",
-	"edu.gy",
-	"gov.gy",
-	"net.gy",
-	"org.gy",
-	"hk",
-	"com.hk",
-	"edu.hk",
-	"gov.hk",
-	"idv.hk",
-	"net.hk",
-	"org.hk",
-	"xn--55qx5d.hk",
-	"xn--wcvs22d.hk",
-	"xn--lcvr32d.hk",
-	"xn--mxtq1m.hk",
-	"xn--gmqw5a.hk",
-	"xn--ciqpn.hk",
-	"xn--gmq050i.hk",
-	"xn--zf0avx.hk",
-	"xn--io0a7i.hk",
-	"xn--mk0axi.hk",
-	"xn--od0alg.hk",
-	"xn--od0aq3b.hk",
-	"xn--tn0ag.hk",
-	"xn--uc0atv.hk",
-	"xn--uc0ay4a.hk",
-	"hm",
-	"hn",
-	"com.hn",
-	"edu.hn",
-	"org.hn",
-	"net.hn",
-	"mil.hn",
-	"gob.hn",
-	"hr",
-	"iz.hr",
-	"from.hr",
-	"name.hr",
-	"com.hr",
-	"ht",
-	"com.ht",
-	"shop.ht",
-	"firm.ht",
-	"info.ht",
-	"adult.ht",
-	"net.ht",
-	"pro.ht",
-	"org.ht",
-	"med.ht",
-	"art.ht",
-	"coop.ht",
-	"pol.ht",
-	"asso.ht",
-	"edu.ht",
-	"rel.ht",
-	"gouv.ht",
-	"perso.ht",
-	"hu",
-	"co.hu",
-	"info.hu",
-	"org.hu",
-	"priv.hu",
-	"sport.hu",
-	"tm.hu",
-	"2000.hu",
-	"agrar.hu",
-	"bolt.hu",
-	"casino.hu",
-	"city.hu",
-	"erotica.hu",
-	"erotika.hu",
-	"film.hu",
-	"forum.hu",
-	"games.hu",
-	"hotel.hu",
-	"ingatlan.hu",
-	"jogasz.hu",
-	"konyvelo.hu",
-	"lakas.hu",
-	"media.hu",
-	"news.hu",
-	"reklam.hu",
-	"sex.hu",
-	"shop.hu",
-	"suli.hu",
-	"szex.hu",
-	"tozsde.hu",
-	"utazas.hu",
-	"video.hu",
-	"id",
-	"ac.id",
-	"biz.id",
-	"co.id",
-	"desa.id",
-	"go.id",
-	"mil.id",
-	"my.id",
-	"net.id",
-	"or.id",
-	"sch.id",
-	"web.id",
-	"ie",
-	"gov.ie",
-	"il",
-	"ac.il",
-	"co.il",
-	"gov.il",
-	"idf.il",
-	"k12.il",
-	"muni.il",
-	"net.il",
-	"org.il",
-	"im",
-	"ac.im",
-	"co.im",
-	"com.im",
-	"ltd.co.im",
-	"net.im",
-	"org.im",
-	"plc.co.im",
-	"tt.im",
-	"tv.im",
-	"in",
-	"co.in",
-	"firm.in",
-	"net.in",
-	"org.in",
-	"gen.in",
-	"ind.in",
-	"nic.in",
-	"ac.in",
-	"edu.in",
-	"res.in",
-	"gov.in",
-	"mil.in",
-	"info",
-	"int",
-	"eu.int",
-	"io",
-	"com.io",
-	"iq",
-	"gov.iq",
-	"edu.iq",
-	"mil.iq",
-	"com.iq",
-	"org.iq",
-	"net.iq",
-	"ir",
-	"ac.ir",
-	"co.ir",
-	"gov.ir",
-	"id.ir",
-	"net.ir",
-	"org.ir",
-	"sch.ir",
-	"xn--mgba3a4f16a.ir",
-	"xn--mgba3a4fra.ir",
-	"is",
-	"net.is",
-	"com.is",
-	"edu.is",
-	"gov.is",
-	"org.is",
-	"int.is",
-	"it",
-	"gov.it",
-	"edu.it",
-	"abr.it",
-	"abruzzo.it",
-	"aosta-valley.it",
-	"aostavalley.it",
-	"bas.it",
-	"basilicata.it",
-	"cal.it",
-	"calabria.it",
-	"cam.it",
-	"campania.it",
-	"emilia-romagna.it",
-	"emiliaromagna.it",
-	"emr.it",
-	"friuli-v-giulia.it",
-	"friuli-ve-giulia.it",
-	"friuli-vegiulia.it",
-	"friuli-venezia-giulia.it",
-	"friuli-veneziagiulia.it",
-	"friuli-vgiulia.it",
-	"friuliv-giulia.it",
-	"friulive-giulia.it",
-	"friulivegiulia.it",
-	"friulivenezia-giulia.it",
-	"friuliveneziagiulia.it",
-	"friulivgiulia.it",
-	"fvg.it",
-	"laz.it",
-	"lazio.it",
-	"lig.it",
-	"liguria.it",
-	"lom.it",
-	"lombardia.it",
-	"lombardy.it",
-	"lucania.it",
-	"mar.it",
-	"marche.it",
-	"mol.it",
-	"molise.it",
-	"piedmont.it",
-	"piemonte.it",
-	"pmn.it",
-	"pug.it",
-	"puglia.it",
-	"sar.it",
-	"sardegna.it",
-	"sardinia.it",
-	"sic.it",
-	"sicilia.it",
-	"sicily.it",
-	"taa.it",
-	"tos.it",
-	"toscana.it",
-	"trentino-a-adige.it",
-	"trentino-aadige.it",
-	"trentino-alto-adige.it",
-	"trentino-altoadige.it",
-	"trentino-s-tirol.it",
-	"trentino-stirol.it",
-	"trentino-sud-tirol.it",
-	"trentino-sudtirol.it",
-	"trentino-sued-tirol.it",
-	"trentino-suedtirol.it",
-	"trentinoa-adige.it",
-	"trentinoaadige.it",
-	"trentinoalto-adige.it",
-	"trentinoaltoadige.it",
-	"trentinos-tirol.it",
-	"trentinostirol.it",
-	"trentinosud-tirol.it",
-	"trentinosudtirol.it",
-	"trentinosued-tirol.it",
-	"trentinosuedtirol.it",
-	"tuscany.it",
-	"umb.it",
-	"umbria.it",
-	"val-d-aosta.it",
-	"val-daosta.it",
-	"vald-aosta.it",
-	"valdaosta.it",
-	"valle-aosta.it",
-	"valle-d-aosta.it",
-	"valle-daosta.it",
-	"valleaosta.it",
-	"valled-aosta.it",
-	"valledaosta.it",
-	"vallee-aoste.it",
-	"valleeaoste.it",
-	"vao.it",
-	"vda.it",
-	"ven.it",
-	"veneto.it",
-	"ag.it",
-	"agrigento.it",
-	"al.it",
-	"alessandria.it",
-	"alto-adige.it",
-	"altoadige.it",
-	"an.it",
-	"ancona.it",
-	"andria-barletta-trani.it",
-	"andria-trani-barletta.it",
-	"andriabarlettatrani.it",
-	"andriatranibarletta.it",
-	"ao.it",
-	"aosta.it",
-	"aoste.it",
-	"ap.it",
-	"aq.it",
-	"aquila.it",
-	"ar.it",
-	"arezzo.it",
-	"ascoli-piceno.it",
-	"ascolipiceno.it",
-	"asti.it",
-	"at.it",
-	"av.it",
-	"avellino.it",
-	"ba.it",
-	"balsan.it",
-	"bari.it",
-	"barletta-trani-andria.it",
-	"barlettatraniandria.it",
-	"belluno.it",
-	"benevento.it",
-	"bergamo.it",
-	"bg.it",
-	"bi.it",
-	"biella.it",
-	"bl.it",
-	"bn.it",
-	"bo.it",
-	"bologna.it",
-	"bolzano.it",
-	"bozen.it",
-	"br.it",
-	"brescia.it",
-	"brindisi.it",
-	"bs.it",
-	"bt.it",
-	"bz.it",
-	"ca.it",
-	"cagliari.it",
-	"caltanissetta.it",
-	"campidano-medio.it",
-	"campidanomedio.it",
-	"campobasso.it",
-	"carbonia-iglesias.it",
-	"carboniaiglesias.it",
-	"carrara-massa.it",
-	"carraramassa.it",
-	"caserta.it",
-	"catania.it",
-	"catanzaro.it",
-	"cb.it",
-	"ce.it",
-	"cesena-forli.it",
-	"cesenaforli.it",
-	"ch.it",
-	"chieti.it",
-	"ci.it",
-	"cl.it",
-	"cn.it",
-	"co.it",
-	"como.it",
-	"cosenza.it",
-	"cr.it",
-	"cremona.it",
-	"crotone.it",
-	"cs.it",
-	"ct.it",
-	"cuneo.it",
-	"cz.it",
-	"dell-ogliastra.it",
-	"dellogliastra.it",
-	"en.it",
-	"enna.it",
-	"fc.it",
-	"fe.it",
-	"fermo.it",
-	"ferrara.it",
-	"fg.it",
-	"fi.it",
-	"firenze.it",
-	"florence.it",
-	"fm.it",
-	"foggia.it",
-	"forli-cesena.it",
-	"forlicesena.it",
-	"fr.it",
-	"frosinone.it",
-	"ge.it",
-	"genoa.it",
-	"genova.it",
-	"go.it",
-	"gorizia.it",
-	"gr.it",
-	"grosseto.it",
-	"iglesias-carbonia.it",
-	"iglesiascarbonia.it",
-	"im.it",
-	"imperia.it",
-	"is.it",
-	"isernia.it",
-	"kr.it",
-	"la-spezia.it",
-	"laquila.it",
-	"laspezia.it",
-	"latina.it",
-	"lc.it",
-	"le.it",
-	"lecce.it",
-	"lecco.it",
-	"li.it",
-	"livorno.it",
-	"lo.it",
-	"lodi.it",
-	"lt.it",
-	"lu.it",
-	"lucca.it",
-	"macerata.it",
-	"mantova.it",
-	"massa-carrara.it",
-	"massacarrara.it",
-	"matera.it",
-	"mb.it",
-	"mc.it",
-	"me.it",
-	"medio-campidano.it",
-	"mediocampidano.it",
-	"messina.it",
-	"mi.it",
-	"milan.it",
-	"milano.it",
-	"mn.it",
-	"mo.it",
-	"modena.it",
-	"monza-brianza.it",
-	"monza-e-della-brianza.it",
-	"monza.it",
-	"monzabrianza.it",
-	"monzaebrianza.it",
-	"monzaedellabrianza.it",
-	"ms.it",
-	"mt.it",
-	"na.it",
-	"naples.it",
-	"napoli.it",
-	"no.it",
-	"novara.it",
-	"nu.it",
-	"nuoro.it",
-	"og.it",
-	"ogliastra.it",
-	"olbia-tempio.it",
-	"olbiatempio.it",
-	"or.it",
-	"oristano.it",
-	"ot.it",
-	"pa.it",
-	"padova.it",
-	"padua.it",
-	"palermo.it",
-	"parma.it",
-	"pavia.it",
-	"pc.it",
-	"pd.it",
-	"pe.it",
-	"perugia.it",
-	"pesaro-urbino.it",
-	"pesarourbino.it",
-	"pescara.it",
-	"pg.it",
-	"pi.it",
-	"piacenza.it",
-	"pisa.it",
-	"pistoia.it",
-	"pn.it",
-	"po.it",
-	"pordenone.it",
-	"potenza.it",
-	"pr.it",
-	"prato.it",
-	"pt.it",
-	"pu.it",
-	"pv.it",
-	"pz.it",
-	"ra.it",
-	"ragusa.it",
-	"ravenna.it",
-	"rc.it",
-	"re.it",
-	"reggio-calabria.it",
-	"reggio-emilia.it",
-	"reggiocalabria.it",
-	"reggioemilia.it",
-	"rg.it",
-	"ri.it",
-	"rieti.it",
-	"rimini.it",
-	"rm.it",
-	"rn.it",
-	"ro.it",
-	"roma.it",
-	"rome.it",
-	"rovigo.it",
-	"sa.it",
-	"salerno.it",
-	"sassari.it",
-	"savona.it",
-	"si.it",
-	"siena.it",
-	"siracusa.it",
-	"so.it",
-	"sondrio.it",
-	"sp.it",
-	"sr.it",
-	"ss.it",
-	"suedtirol.it",
-	"sv.it",
-	"ta.it",
-	"taranto.it",
-	"te.it",
-	"tempio-olbia.it",
-	"tempioolbia.it",
-	"teramo.it",
-	"terni.it",
-	"tn.it",
-	"to.it",
-	"torino.it",
-	"tp.it",
-	"tr.it",
-	"trani-andria-barletta.it",
-	"trani-barletta-andria.it",
-	"traniandriabarletta.it",
-	"tranibarlettaandria.it",
-	"trapani.it",
-	"trentino.it",
-	"trento.it",
-	"treviso.it",
-	"trieste.it",
-	"ts.it",
-	"turin.it",
-	"tv.it",
-	"ud.it",
-	"udine.it",
-	"urbino-pesaro.it",
-	"urbinopesaro.it",
-	"va.it",
-	"varese.it",
-	"vb.it",
-	"vc.it",
-	"ve.it",
-	"venezia.it",
-	"venice.it",
-	"verbania.it",
-	"vercelli.it",
-	"verona.it",
-	"vi.it",
-	"vibo-valentia.it",
-	"vibovalentia.it",
-	"vicenza.it",
-	"viterbo.it",
-	"vr.it",
-	"vs.it",
-	"vt.it",
-	"vv.it",
-	"je",
-	"co.je",
-	"net.je",
-	"org.je",
-	"*.jm",
-	"jo",
-	"com.jo",
-	"org.jo",
-	"net.jo",
-	"edu.jo",
-	"sch.jo",
-	"gov.jo",
-	"mil.jo",
-	"name.jo",
-	"jobs",
-	"jp",
-	"ac.jp",
-	"ad.jp",
-	"co.jp",
-	"ed.jp",
-	"go.jp",
-	"gr.jp",
-	"lg.jp",
-	"ne.jp",
-	"or.jp",
-	"aichi.jp",
-	"akita.jp",
-	"aomori.jp",
-	"chiba.jp",
-	"ehime.jp",
-	"fukui.jp",
-	"fukuoka.jp",
-	"fukushima.jp",
-	"gifu.jp",
-	"gunma.jp",
-	"hiroshima.jp",
-	"hokkaido.jp",
-	"hyogo.jp",
-	"ibaraki.jp",
-	"ishikawa.jp",
-	"iwate.jp",
-	"kagawa.jp",
-	"kagoshima.jp",
-	"kanagawa.jp",
-	"kochi.jp",
-	"kumamoto.jp",
-	"kyoto.jp",
-	"mie.jp",
-	"miyagi.jp",
-	"miyazaki.jp",
-	"nagano.jp",
-	"nagasaki.jp",
-	"nara.jp",
-	"niigata.jp",
-	"oita.jp",
-	"okayama.jp",
-	"okinawa.jp",
-	"osaka.jp",
-	"saga.jp",
-	"saitama.jp",
-	"shiga.jp",
-	"shimane.jp",
-	"shizuoka.jp",
-	"tochigi.jp",
-	"tokushima.jp",
-	"tokyo.jp",
-	"tottori.jp",
-	"toyama.jp",
-	"wakayama.jp",
-	"yamagata.jp",
-	"yamaguchi.jp",
-	"yamanashi.jp",
-	"xn--4pvxs.jp",
-	"xn--vgu402c.jp",
-	"xn--c3s14m.jp",
-	"xn--f6qx53a.jp",
-	"xn--8pvr4u.jp",
-	"xn--uist22h.jp",
-	"xn--djrs72d6uy.jp",
-	"xn--mkru45i.jp",
-	"xn--0trq7p7nn.jp",
-	"xn--8ltr62k.jp",
-	"xn--2m4a15e.jp",
-	"xn--efvn9s.jp",
-	"xn--32vp30h.jp",
-	"xn--4it797k.jp",
-	"xn--1lqs71d.jp",
-	"xn--5rtp49c.jp",
-	"xn--5js045d.jp",
-	"xn--ehqz56n.jp",
-	"xn--1lqs03n.jp",
-	"xn--qqqt11m.jp",
-	"xn--kbrq7o.jp",
-	"xn--pssu33l.jp",
-	"xn--ntsq17g.jp",
-	"xn--uisz3g.jp",
-	"xn--6btw5a.jp",
-	"xn--1ctwo.jp",
-	"xn--6orx2r.jp",
-	"xn--rht61e.jp",
-	"xn--rht27z.jp",
-	"xn--djty4k.jp",
-	"xn--nit225k.jp",
-	"xn--rht3d.jp",
-	"xn--klty5x.jp",
-	"xn--kltx9a.jp",
-	"xn--kltp7d.jp",
-	"xn--uuwu58a.jp",
-	"xn--zbx025d.jp",
-	"xn--ntso0iqx3a.jp",
-	"xn--elqq16h.jp",
-	"xn--4it168d.jp",
-	"xn--klt787d.jp",
-	"xn--rny31h.jp",
-	"xn--7t0a264c.jp",
-	"xn--5rtq34k.jp",
-	"xn--k7yn95e.jp",
-	"xn--tor131o.jp",
-	"xn--d5qv7z876c.jp",
-	"*.kawasaki.jp",
-	"*.kitakyushu.jp",
-	"*.kobe.jp",
-	"*.nagoya.jp",
-	"*.sapporo.jp",
-	"*.sendai.jp",
-	"*.yokohama.jp",
-	"!city.kawasaki.jp",
-	"!city.kitakyushu.jp",
-	"!city.kobe.jp",
-	"!city.nagoya.jp",
-	"!city.sapporo.jp",
-	"!city.sendai.jp",
-	"!city.yokohama.jp",
-	"aisai.aichi.jp",
-	"ama.aichi.jp",
-	"anjo.aichi.jp",
-	"asuke.aichi.jp",
-	"chiryu.aichi.jp",
-	"chita.aichi.jp",
-	"fuso.aichi.jp",
-	"gamagori.aichi.jp",
-	"handa.aichi.jp",
-	"hazu.aichi.jp",
-	"hekinan.aichi.jp",
-	"higashiura.aichi.jp",
-	"ichinomiya.aichi.jp",
-	"inazawa.aichi.jp",
-	"inuyama.aichi.jp",
-	"isshiki.aichi.jp",
-	"iwakura.aichi.jp",
-	"kanie.aichi.jp",
-	"kariya.aichi.jp",
-	"kasugai.aichi.jp",
-	"kira.aichi.jp",
-	"kiyosu.aichi.jp",
-	"komaki.aichi.jp",
-	"konan.aichi.jp",
-	"kota.aichi.jp",
-	"mihama.aichi.jp",
-	"miyoshi.aichi.jp",
-	"nishio.aichi.jp",
-	"nisshin.aichi.jp",
-	"obu.aichi.jp",
-	"oguchi.aichi.jp",
-	"oharu.aichi.jp",
-	"okazaki.aichi.jp",
-	"owariasahi.aichi.jp",
-	"seto.aichi.jp",
-	"shikatsu.aichi.jp",
-	"shinshiro.aichi.jp",
-	"shitara.aichi.jp",
-	"tahara.aichi.jp",
-	"takahama.aichi.jp",
-	"tobishima.aichi.jp",
-	"toei.aichi.jp",
-	"togo.aichi.jp",
-	"tokai.aichi.jp",
-	"tokoname.aichi.jp",
-	"toyoake.aichi.jp",
-	"toyohashi.aichi.jp",
-	"toyokawa.aichi.jp",
-	"toyone.aichi.jp",
-	"toyota.aichi.jp",
-	"tsushima.aichi.jp",
-	"yatomi.aichi.jp",
-	"akita.akita.jp",
-	"daisen.akita.jp",
-	"fujisato.akita.jp",
-	"gojome.akita.jp",
-	"hachirogata.akita.jp",
-	"happou.akita.jp",
-	"higashinaruse.akita.jp",
-	"honjo.akita.jp",
-	"honjyo.akita.jp",
-	"ikawa.akita.jp",
-	"kamikoani.akita.jp",
-	"kamioka.akita.jp",
-	"katagami.akita.jp",
-	"kazuno.akita.jp",
-	"kitaakita.akita.jp",
-	"kosaka.akita.jp",
-	"kyowa.akita.jp",
-	"misato.akita.jp",
-	"mitane.akita.jp",
-	"moriyoshi.akita.jp",
-	"nikaho.akita.jp",
-	"noshiro.akita.jp",
-	"odate.akita.jp",
-	"oga.akita.jp",
-	"ogata.akita.jp",
-	"semboku.akita.jp",
-	"yokote.akita.jp",
-	"yurihonjo.akita.jp",
-	"aomori.aomori.jp",
-	"gonohe.aomori.jp",
-	"hachinohe.aomori.jp",
-	"hashikami.aomori.jp",
-	"hiranai.aomori.jp",
-	"hirosaki.aomori.jp",
-	"itayanagi.aomori.jp",
-	"kuroishi.aomori.jp",
-	"misawa.aomori.jp",
-	"mutsu.aomori.jp",
-	"nakadomari.aomori.jp",
-	"noheji.aomori.jp",
-	"oirase.aomori.jp",
-	"owani.aomori.jp",
-	"rokunohe.aomori.jp",
-	"sannohe.aomori.jp",
-	"shichinohe.aomori.jp",
-	"shingo.aomori.jp",
-	"takko.aomori.jp",
-	"towada.aomori.jp",
-	"tsugaru.aomori.jp",
-	"tsuruta.aomori.jp",
-	"abiko.chiba.jp",
-	"asahi.chiba.jp",
-	"chonan.chiba.jp",
-	"chosei.chiba.jp",
-	"choshi.chiba.jp",
-	"chuo.chiba.jp",
-	"funabashi.chiba.jp",
-	"futtsu.chiba.jp",
-	"hanamigawa.chiba.jp",
-	"ichihara.chiba.jp",
-	"ichikawa.chiba.jp",
-	"ichinomiya.chiba.jp",
-	"inzai.chiba.jp",
-	"isumi.chiba.jp",
-	"kamagaya.chiba.jp",
-	"kamogawa.chiba.jp",
-	"kashiwa.chiba.jp",
-	"katori.chiba.jp",
-	"katsuura.chiba.jp",
-	"kimitsu.chiba.jp",
-	"kisarazu.chiba.jp",
-	"kozaki.chiba.jp",
-	"kujukuri.chiba.jp",
-	"kyonan.chiba.jp",
-	"matsudo.chiba.jp",
-	"midori.chiba.jp",
-	"mihama.chiba.jp",
-	"minamiboso.chiba.jp",
-	"mobara.chiba.jp",
-	"mutsuzawa.chiba.jp",
-	"nagara.chiba.jp",
-	"nagareyama.chiba.jp",
-	"narashino.chiba.jp",
-	"narita.chiba.jp",
-	"noda.chiba.jp",
-	"oamishirasato.chiba.jp",
-	"omigawa.chiba.jp",
-	"onjuku.chiba.jp",
-	"otaki.chiba.jp",
-	"sakae.chiba.jp",
-	"sakura.chiba.jp",
-	"shimofusa.chiba.jp",
-	"shirako.chiba.jp",
-	"shiroi.chiba.jp",
-	"shisui.chiba.jp",
-	"sodegaura.chiba.jp",
-	"sosa.chiba.jp",
-	"tako.chiba.jp",
-	"tateyama.chiba.jp",
-	"togane.chiba.jp",
-	"tohnosho.chiba.jp",
-	"tomisato.chiba.jp",
-	"urayasu.chiba.jp",
-	"yachimata.chiba.jp",
-	"yachiyo.chiba.jp",
-	"yokaichiba.chiba.jp",
-	"yokoshibahikari.chiba.jp",
-	"yotsukaido.chiba.jp",
-	"ainan.ehime.jp",
-	"honai.ehime.jp",
-	"ikata.ehime.jp",
-	"imabari.ehime.jp",
-	"iyo.ehime.jp",
-	"kamijima.ehime.jp",
-	"kihoku.ehime.jp",
-	"kumakogen.ehime.jp",
-	"masaki.ehime.jp",
-	"matsuno.ehime.jp",
-	"matsuyama.ehime.jp",
-	"namikata.ehime.jp",
-	"niihama.ehime.jp",
-	"ozu.ehime.jp",
-	"saijo.ehime.jp",
-	"seiyo.ehime.jp",
-	"shikokuchuo.ehime.jp",
-	"tobe.ehime.jp",
-	"toon.ehime.jp",
-	"uchiko.ehime.jp",
-	"uwajima.ehime.jp",
-	"yawatahama.ehime.jp",
-	"echizen.fukui.jp",
-	"eiheiji.fukui.jp",
-	"fukui.fukui.jp",
-	"ikeda.fukui.jp",
-	"katsuyama.fukui.jp",
-	"mihama.fukui.jp",
-	"minamiechizen.fukui.jp",
-	"obama.fukui.jp",
-	"ohi.fukui.jp",
-	"ono.fukui.jp",
-	"sabae.fukui.jp",
-	"sakai.fukui.jp",
-	"takahama.fukui.jp",
-	"tsuruga.fukui.jp",
-	"wakasa.fukui.jp",
-	"ashiya.fukuoka.jp",
-	"buzen.fukuoka.jp",
-	"chikugo.fukuoka.jp",
-	"chikuho.fukuoka.jp",
-	"chikujo.fukuoka.jp",
-	"chikushino.fukuoka.jp",
-	"chikuzen.fukuoka.jp",
-	"chuo.fukuoka.jp",
-	"dazaifu.fukuoka.jp",
-	"fukuchi.fukuoka.jp",
-	"hakata.fukuoka.jp",
-	"higashi.fukuoka.jp",
-	"hirokawa.fukuoka.jp",
-	"hisayama.fukuoka.jp",
-	"iizuka.fukuoka.jp",
-	"inatsuki.fukuoka.jp",
-	"kaho.fukuoka.jp",
-	"kasuga.fukuoka.jp",
-	"kasuya.fukuoka.jp",
-	"kawara.fukuoka.jp",
-	"keisen.fukuoka.jp",
-	"koga.fukuoka.jp",
-	"kurate.fukuoka.jp",
-	"kurogi.fukuoka.jp",
-	"kurume.fukuoka.jp",
-	"minami.fukuoka.jp",
-	"miyako.fukuoka.jp",
-	"miyama.fukuoka.jp",
-	"miyawaka.fukuoka.jp",
-	"mizumaki.fukuoka.jp",
-	"munakata.fukuoka.jp",
-	"nakagawa.fukuoka.jp",
-	"nakama.fukuoka.jp",
-	"nishi.fukuoka.jp",
-	"nogata.fukuoka.jp",
-	"ogori.fukuoka.jp",
-	"okagaki.fukuoka.jp",
-	"okawa.fukuoka.jp",
-	"oki.fukuoka.jp",
-	"omuta.fukuoka.jp",
-	"onga.fukuoka.jp",
-	"onojo.fukuoka.jp",
-	"oto.fukuoka.jp",
-	"saigawa.fukuoka.jp",
-	"sasaguri.fukuoka.jp",
-	"shingu.fukuoka.jp",
-	"shinyoshitomi.fukuoka.jp",
-	"shonai.fukuoka.jp",
-	"soeda.fukuoka.jp",
-	"sue.fukuoka.jp",
-	"tachiarai.fukuoka.jp",
-	"tagawa.fukuoka.jp",
-	"takata.fukuoka.jp",
-	"toho.fukuoka.jp",
-	"toyotsu.fukuoka.jp",
-	"tsuiki.fukuoka.jp",
-	"ukiha.fukuoka.jp",
-	"umi.fukuoka.jp",
-	"usui.fukuoka.jp",
-	"yamada.fukuoka.jp",
-	"yame.fukuoka.jp",
-	"yanagawa.fukuoka.jp",
-	"yukuhashi.fukuoka.jp",
-	"aizubange.fukushima.jp",
-	"aizumisato.fukushima.jp",
-	"aizuwakamatsu.fukushima.jp",
-	"asakawa.fukushima.jp",
-	"bandai.fukushima.jp",
-	"date.fukushima.jp",
-	"fukushima.fukushima.jp",
-	"furudono.fukushima.jp",
-	"futaba.fukushima.jp",
-	"hanawa.fukushima.jp",
-	"higashi.fukushima.jp",
-	"hirata.fukushima.jp",
-	"hirono.fukushima.jp",
-	"iitate.fukushima.jp",
-	"inawashiro.fukushima.jp",
-	"ishikawa.fukushima.jp",
-	"iwaki.fukushima.jp",
-	"izumizaki.fukushima.jp",
-	"kagamiishi.fukushima.jp",
-	"kaneyama.fukushima.jp",
-	"kawamata.fukushima.jp",
-	"kitakata.fukushima.jp",
-	"kitashiobara.fukushima.jp",
-	"koori.fukushima.jp",
-	"koriyama.fukushima.jp",
-	"kunimi.fukushima.jp",
-	"miharu.fukushima.jp",
-	"mishima.fukushima.jp",
-	"namie.fukushima.jp",
-	"nango.fukushima.jp",
-	"nishiaizu.fukushima.jp",
-	"nishigo.fukushima.jp",
-	"okuma.fukushima.jp",
-	"omotego.fukushima.jp",
-	"ono.fukushima.jp",
-	"otama.fukushima.jp",
-	"samegawa.fukushima.jp",
-	"shimogo.fukushima.jp",
-	"shirakawa.fukushima.jp",
-	"showa.fukushima.jp",
-	"soma.fukushima.jp",
-	"sukagawa.fukushima.jp",
-	"taishin.fukushima.jp",
-	"tamakawa.fukushima.jp",
-	"tanagura.fukushima.jp",
-	"tenei.fukushima.jp",
-	"yabuki.fukushima.jp",
-	"yamato.fukushima.jp",
-	"yamatsuri.fukushima.jp",
-	"yanaizu.fukushima.jp",
-	"yugawa.fukushima.jp",
-	"anpachi.gifu.jp",
-	"ena.gifu.jp",
-	"gifu.gifu.jp",
-	"ginan.gifu.jp",
-	"godo.gifu.jp",
-	"gujo.gifu.jp",
-	"hashima.gifu.jp",
-	"hichiso.gifu.jp",
-	"hida.gifu.jp",
-	"higashishirakawa.gifu.jp",
-	"ibigawa.gifu.jp",
-	"ikeda.gifu.jp",
-	"kakamigahara.gifu.jp",
-	"kani.gifu.jp",
-	"kasahara.gifu.jp",
-	"kasamatsu.gifu.jp",
-	"kawaue.gifu.jp",
-	"kitagata.gifu.jp",
-	"mino.gifu.jp",
-	"minokamo.gifu.jp",
-	"mitake.gifu.jp",
-	"mizunami.gifu.jp",
-	"motosu.gifu.jp",
-	"nakatsugawa.gifu.jp",
-	"ogaki.gifu.jp",
-	"sakahogi.gifu.jp",
-	"seki.gifu.jp",
-	"sekigahara.gifu.jp",
-	"shirakawa.gifu.jp",
-	"tajimi.gifu.jp",
-	"takayama.gifu.jp",
-	"tarui.gifu.jp",
-	"toki.gifu.jp",
-	"tomika.gifu.jp",
-	"wanouchi.gifu.jp",
-	"yamagata.gifu.jp",
-	"yaotsu.gifu.jp",
-	"yoro.gifu.jp",
-	"annaka.gunma.jp",
-	"chiyoda.gunma.jp",
-	"fujioka.gunma.jp",
-	"higashiagatsuma.gunma.jp",
-	"isesaki.gunma.jp",
-	"itakura.gunma.jp",
-	"kanna.gunma.jp",
-	"kanra.gunma.jp",
-	"katashina.gunma.jp",
-	"kawaba.gunma.jp",
-	"kiryu.gunma.jp",
-	"kusatsu.gunma.jp",
-	"maebashi.gunma.jp",
-	"meiwa.gunma.jp",
-	"midori.gunma.jp",
-	"minakami.gunma.jp",
-	"naganohara.gunma.jp",
-	"nakanojo.gunma.jp",
-	"nanmoku.gunma.jp",
-	"numata.gunma.jp",
-	"oizumi.gunma.jp",
-	"ora.gunma.jp",
-	"ota.gunma.jp",
-	"shibukawa.gunma.jp",
-	"shimonita.gunma.jp",
-	"shinto.gunma.jp",
-	"showa.gunma.jp",
-	"takasaki.gunma.jp",
-	"takayama.gunma.jp",
-	"tamamura.gunma.jp",
-	"tatebayashi.gunma.jp",
-	"tomioka.gunma.jp",
-	"tsukiyono.gunma.jp",
-	"tsumagoi.gunma.jp",
-	"ueno.gunma.jp",
-	"yoshioka.gunma.jp",
-	"asaminami.hiroshima.jp",
-	"daiwa.hiroshima.jp",
-	"etajima.hiroshima.jp",
-	"fuchu.hiroshima.jp",
-	"fukuyama.hiroshima.jp",
-	"hatsukaichi.hiroshima.jp",
-	"higashihiroshima.hiroshima.jp",
-	"hongo.hiroshima.jp",
-	"jinsekikogen.hiroshima.jp",
-	"kaita.hiroshima.jp",
-	"kui.hiroshima.jp",
-	"kumano.hiroshima.jp",
-	"kure.hiroshima.jp",
-	"mihara.hiroshima.jp",
-	"miyoshi.hiroshima.jp",
-	"naka.hiroshima.jp",
-	"onomichi.hiroshima.jp",
-	"osakikamijima.hiroshima.jp",
-	"otake.hiroshima.jp",
-	"saka.hiroshima.jp",
-	"sera.hiroshima.jp",
-	"seranishi.hiroshima.jp",
-	"shinichi.hiroshima.jp",
-	"shobara.hiroshima.jp",
-	"takehara.hiroshima.jp",
-	"abashiri.hokkaido.jp",
-	"abira.hokkaido.jp",
-	"aibetsu.hokkaido.jp",
-	"akabira.hokkaido.jp",
-	"akkeshi.hokkaido.jp",
-	"asahikawa.hokkaido.jp",
-	"ashibetsu.hokkaido.jp",
-	"ashoro.hokkaido.jp",
-	"assabu.hokkaido.jp",
-	"atsuma.hokkaido.jp",
-	"bibai.hokkaido.jp",
-	"biei.hokkaido.jp",
-	"bifuka.hokkaido.jp",
-	"bihoro.hokkaido.jp",
-	"biratori.hokkaido.jp",
-	"chippubetsu.hokkaido.jp",
-	"chitose.hokkaido.jp",
-	"date.hokkaido.jp",
-	"ebetsu.hokkaido.jp",
-	"embetsu.hokkaido.jp",
-	"eniwa.hokkaido.jp",
-	"erimo.hokkaido.jp",
-	"esan.hokkaido.jp",
-	"esashi.hokkaido.jp",
-	"fukagawa.hokkaido.jp",
-	"fukushima.hokkaido.jp",
-	"furano.hokkaido.jp",
-	"furubira.hokkaido.jp",
-	"haboro.hokkaido.jp",
-	"hakodate.hokkaido.jp",
-	"hamatonbetsu.hokkaido.jp",
-	"hidaka.hokkaido.jp",
-	"higashikagura.hokkaido.jp",
-	"higashikawa.hokkaido.jp",
-	"hiroo.hokkaido.jp",
-	"hokuryu.hokkaido.jp",
-	"hokuto.hokkaido.jp",
-	"honbetsu.hokkaido.jp",
-	"horokanai.hokkaido.jp",
-	"horonobe.hokkaido.jp",
-	"ikeda.hokkaido.jp",
-	"imakane.hokkaido.jp",
-	"ishikari.hokkaido.jp",
-	"iwamizawa.hokkaido.jp",
-	"iwanai.hokkaido.jp",
-	"kamifurano.hokkaido.jp",
-	"kamikawa.hokkaido.jp",
-	"kamishihoro.hokkaido.jp",
-	"kamisunagawa.hokkaido.jp",
-	"kamoenai.hokkaido.jp",
-	"kayabe.hokkaido.jp",
-	"kembuchi.hokkaido.jp",
-	"kikonai.hokkaido.jp",
-	"kimobetsu.hokkaido.jp",
-	"kitahiroshima.hokkaido.jp",
-	"kitami.hokkaido.jp",
-	"kiyosato.hokkaido.jp",
-	"koshimizu.hokkaido.jp",
-	"kunneppu.hokkaido.jp",
-	"kuriyama.hokkaido.jp",
-	"kuromatsunai.hokkaido.jp",
-	"kushiro.hokkaido.jp",
-	"kutchan.hokkaido.jp",
-	"kyowa.hokkaido.jp",
-	"mashike.hokkaido.jp",
-	"matsumae.hokkaido.jp",
-	"mikasa.hokkaido.jp",
-	"minamifurano.hokkaido.jp",
-	"mombetsu.hokkaido.jp",
-	"moseushi.hokkaido.jp",
-	"mukawa.hokkaido.jp",
-	"muroran.hokkaido.jp",
-	"naie.hokkaido.jp",
-	"nakagawa.hokkaido.jp",
-	"nakasatsunai.hokkaido.jp",
-	"nakatombetsu.hokkaido.jp",
-	"nanae.hokkaido.jp",
-	"nanporo.hokkaido.jp",
-	"nayoro.hokkaido.jp",
-	"nemuro.hokkaido.jp",
-	"niikappu.hokkaido.jp",
-	"niki.hokkaido.jp",
-	"nishiokoppe.hokkaido.jp",
-	"noboribetsu.hokkaido.jp",
-	"numata.hokkaido.jp",
-	"obihiro.hokkaido.jp",
-	"obira.hokkaido.jp",
-	"oketo.hokkaido.jp",
-	"okoppe.hokkaido.jp",
-	"otaru.hokkaido.jp",
-	"otobe.hokkaido.jp",
-	"otofuke.hokkaido.jp",
-	"otoineppu.hokkaido.jp",
-	"oumu.hokkaido.jp",
-	"ozora.hokkaido.jp",
-	"pippu.hokkaido.jp",
-	"rankoshi.hokkaido.jp",
-	"rebun.hokkaido.jp",
-	"rikubetsu.hokkaido.jp",
-	"rishiri.hokkaido.jp",
-	"rishirifuji.hokkaido.jp",
-	"saroma.hokkaido.jp",
-	"sarufutsu.hokkaido.jp",
-	"shakotan.hokkaido.jp",
-	"shari.hokkaido.jp",
-	"shibecha.hokkaido.jp",
-	"shibetsu.hokkaido.jp",
-	"shikabe.hokkaido.jp",
-	"shikaoi.hokkaido.jp",
-	"shimamaki.hokkaido.jp",
-	"shimizu.hokkaido.jp",
-	"shimokawa.hokkaido.jp",
-	"shinshinotsu.hokkaido.jp",
-	"shintoku.hokkaido.jp",
-	"shiranuka.hokkaido.jp",
-	"shiraoi.hokkaido.jp",
-	"shiriuchi.hokkaido.jp",
-	"sobetsu.hokkaido.jp",
-	"sunagawa.hokkaido.jp",
-	"taiki.hokkaido.jp",
-	"takasu.hokkaido.jp",
-	"takikawa.hokkaido.jp",
-	"takinoue.hokkaido.jp",
-	"teshikaga.hokkaido.jp",
-	"tobetsu.hokkaido.jp",
-	"tohma.hokkaido.jp",
-	"tomakomai.hokkaido.jp",
-	"tomari.hokkaido.jp",
-	"toya.hokkaido.jp",
-	"toyako.hokkaido.jp",
-	"toyotomi.hokkaido.jp",
-	"toyoura.hokkaido.jp",
-	"tsubetsu.hokkaido.jp",
-	"tsukigata.hokkaido.jp",
-	"urakawa.hokkaido.jp",
-	"urausu.hokkaido.jp",
-	"uryu.hokkaido.jp",
-	"utashinai.hokkaido.jp",
-	"wakkanai.hokkaido.jp",
-	"wassamu.hokkaido.jp",
-	"yakumo.hokkaido.jp",
-	"yoichi.hokkaido.jp",
-	"aioi.hyogo.jp",
-	"akashi.hyogo.jp",
-	"ako.hyogo.jp",
-	"amagasaki.hyogo.jp",
-	"aogaki.hyogo.jp",
-	"asago.hyogo.jp",
-	"ashiya.hyogo.jp",
-	"awaji.hyogo.jp",
-	"fukusaki.hyogo.jp",
-	"goshiki.hyogo.jp",
-	"harima.hyogo.jp",
-	"himeji.hyogo.jp",
-	"ichikawa.hyogo.jp",
-	"inagawa.hyogo.jp",
-	"itami.hyogo.jp",
-	"kakogawa.hyogo.jp",
-	"kamigori.hyogo.jp",
-	"kamikawa.hyogo.jp",
-	"kasai.hyogo.jp",
-	"kasuga.hyogo.jp",
-	"kawanishi.hyogo.jp",
-	"miki.hyogo.jp",
-	"minamiawaji.hyogo.jp",
-	"nishinomiya.hyogo.jp",
-	"nishiwaki.hyogo.jp",
-	"ono.hyogo.jp",
-	"sanda.hyogo.jp",
-	"sannan.hyogo.jp",
-	"sasayama.hyogo.jp",
-	"sayo.hyogo.jp",
-	"shingu.hyogo.jp",
-	"shinonsen.hyogo.jp",
-	"shiso.hyogo.jp",
-	"sumoto.hyogo.jp",
-	"taishi.hyogo.jp",
-	"taka.hyogo.jp",
-	"takarazuka.hyogo.jp",
-	"takasago.hyogo.jp",
-	"takino.hyogo.jp",
-	"tamba.hyogo.jp",
-	"tatsuno.hyogo.jp",
-	"toyooka.hyogo.jp",
-	"yabu.hyogo.jp",
-	"yashiro.hyogo.jp",
-	"yoka.hyogo.jp",
-	"yokawa.hyogo.jp",
-	"ami.ibaraki.jp",
-	"asahi.ibaraki.jp",
-	"bando.ibaraki.jp",
-	"chikusei.ibaraki.jp",
-	"daigo.ibaraki.jp",
-	"fujishiro.ibaraki.jp",
-	"hitachi.ibaraki.jp",
-	"hitachinaka.ibaraki.jp",
-	"hitachiomiya.ibaraki.jp",
-	"hitachiota.ibaraki.jp",
-	"ibaraki.ibaraki.jp",
-	"ina.ibaraki.jp",
-	"inashiki.ibaraki.jp",
-	"itako.ibaraki.jp",
-	"iwama.ibaraki.jp",
-	"joso.ibaraki.jp",
-	"kamisu.ibaraki.jp",
-	"kasama.ibaraki.jp",
-	"kashima.ibaraki.jp",
-	"kasumigaura.ibaraki.jp",
-	"koga.ibaraki.jp",
-	"miho.ibaraki.jp",
-	"mito.ibaraki.jp",
-	"moriya.ibaraki.jp",
-	"naka.ibaraki.jp",
-	"namegata.ibaraki.jp",
-	"oarai.ibaraki.jp",
-	"ogawa.ibaraki.jp",
-	"omitama.ibaraki.jp",
-	"ryugasaki.ibaraki.jp",
-	"sakai.ibaraki.jp",
-	"sakuragawa.ibaraki.jp",
-	"shimodate.ibaraki.jp",
-	"shimotsuma.ibaraki.jp",
-	"shirosato.ibaraki.jp",
-	"sowa.ibaraki.jp",
-	"suifu.ibaraki.jp",
-	"takahagi.ibaraki.jp",
-	"tamatsukuri.ibaraki.jp",
-	"tokai.ibaraki.jp",
-	"tomobe.ibaraki.jp",
-	"tone.ibaraki.jp",
-	"toride.ibaraki.jp",
-	"tsuchiura.ibaraki.jp",
-	"tsukuba.ibaraki.jp",
-	"uchihara.ibaraki.jp",
-	"ushiku.ibaraki.jp",
-	"yachiyo.ibaraki.jp",
-	"yamagata.ibaraki.jp",
-	"yawara.ibaraki.jp",
-	"yuki.ibaraki.jp",
-	"anamizu.ishikawa.jp",
-	"hakui.ishikawa.jp",
-	"hakusan.ishikawa.jp",
-	"kaga.ishikawa.jp",
-	"kahoku.ishikawa.jp",
-	"kanazawa.ishikawa.jp",
-	"kawakita.ishikawa.jp",
-	"komatsu.ishikawa.jp",
-	"nakanoto.ishikawa.jp",
-	"nanao.ishikawa.jp",
-	"nomi.ishikawa.jp",
-	"nonoichi.ishikawa.jp",
-	"noto.ishikawa.jp",
-	"shika.ishikawa.jp",
-	"suzu.ishikawa.jp",
-	"tsubata.ishikawa.jp",
-	"tsurugi.ishikawa.jp",
-	"uchinada.ishikawa.jp",
-	"wajima.ishikawa.jp",
-	"fudai.iwate.jp",
-	"fujisawa.iwate.jp",
-	"hanamaki.iwate.jp",
-	"hiraizumi.iwate.jp",
-	"hirono.iwate.jp",
-	"ichinohe.iwate.jp",
-	"ichinoseki.iwate.jp",
-	"iwaizumi.iwate.jp",
-	"iwate.iwate.jp",
-	"joboji.iwate.jp",
-	"kamaishi.iwate.jp",
-	"kanegasaki.iwate.jp",
-	"karumai.iwate.jp",
-	"kawai.iwate.jp",
-	"kitakami.iwate.jp",
-	"kuji.iwate.jp",
-	"kunohe.iwate.jp",
-	"kuzumaki.iwate.jp",
-	"miyako.iwate.jp",
-	"mizusawa.iwate.jp",
-	"morioka.iwate.jp",
-	"ninohe.iwate.jp",
-	"noda.iwate.jp",
-	"ofunato.iwate.jp",
-	"oshu.iwate.jp",
-	"otsuchi.iwate.jp",
-	"rikuzentakata.iwate.jp",
-	"shiwa.iwate.jp",
-	"shizukuishi.iwate.jp",
-	"sumita.iwate.jp",
-	"tanohata.iwate.jp",
-	"tono.iwate.jp",
-	"yahaba.iwate.jp",
-	"yamada.iwate.jp",
-	"ayagawa.kagawa.jp",
-	"higashikagawa.kagawa.jp",
-	"kanonji.kagawa.jp",
-	"kotohira.kagawa.jp",
-	"manno.kagawa.jp",
-	"marugame.kagawa.jp",
-	"mitoyo.kagawa.jp",
-	"naoshima.kagawa.jp",
-	"sanuki.kagawa.jp",
-	"tadotsu.kagawa.jp",
-	"takamatsu.kagawa.jp",
-	"tonosho.kagawa.jp",
-	"uchinomi.kagawa.jp",
-	"utazu.kagawa.jp",
-	"zentsuji.kagawa.jp",
-	"akune.kagoshima.jp",
-	"amami.kagoshima.jp",
-	"hioki.kagoshima.jp",
-	"isa.kagoshima.jp",
-	"isen.kagoshima.jp",
-	"izumi.kagoshima.jp",
-	"kagoshima.kagoshima.jp",
-	"kanoya.kagoshima.jp",
-	"kawanabe.kagoshima.jp",
-	"kinko.kagoshima.jp",
-	"kouyama.kagoshima.jp",
-	"makurazaki.kagoshima.jp",
-	"matsumoto.kagoshima.jp",
-	"minamitane.kagoshima.jp",
-	"nakatane.kagoshima.jp",
-	"nishinoomote.kagoshima.jp",
-	"satsumasendai.kagoshima.jp",
-	"soo.kagoshima.jp",
-	"tarumizu.kagoshima.jp",
-	"yusui.kagoshima.jp",
-	"aikawa.kanagawa.jp",
-	"atsugi.kanagawa.jp",
-	"ayase.kanagawa.jp",
-	"chigasaki.kanagawa.jp",
-	"ebina.kanagawa.jp",
-	"fujisawa.kanagawa.jp",
-	"hadano.kanagawa.jp",
-	"hakone.kanagawa.jp",
-	"hiratsuka.kanagawa.jp",
-	"isehara.kanagawa.jp",
-	"kaisei.kanagawa.jp",
-	"kamakura.kanagawa.jp",
-	"kiyokawa.kanagawa.jp",
-	"matsuda.kanagawa.jp",
-	"minamiashigara.kanagawa.jp",
-	"miura.kanagawa.jp",
-	"nakai.kanagawa.jp",
-	"ninomiya.kanagawa.jp",
-	"odawara.kanagawa.jp",
-	"oi.kanagawa.jp",
-	"oiso.kanagawa.jp",
-	"sagamihara.kanagawa.jp",
-	"samukawa.kanagawa.jp",
-	"tsukui.kanagawa.jp",
-	"yamakita.kanagawa.jp",
-	"yamato.kanagawa.jp",
-	"yokosuka.kanagawa.jp",
-	"yugawara.kanagawa.jp",
-	"zama.kanagawa.jp",
-	"zushi.kanagawa.jp",
-	"aki.kochi.jp",
-	"geisei.kochi.jp",
-	"hidaka.kochi.jp",
-	"higashitsuno.kochi.jp",
-	"ino.kochi.jp",
-	"kagami.kochi.jp",
-	"kami.kochi.jp",
-	"kitagawa.kochi.jp",
-	"kochi.kochi.jp",
-	"mihara.kochi.jp",
-	"motoyama.kochi.jp",
-	"muroto.kochi.jp",
-	"nahari.kochi.jp",
-	"nakamura.kochi.jp",
-	"nankoku.kochi.jp",
-	"nishitosa.kochi.jp",
-	"niyodogawa.kochi.jp",
-	"ochi.kochi.jp",
-	"okawa.kochi.jp",
-	"otoyo.kochi.jp",
-	"otsuki.kochi.jp",
-	"sakawa.kochi.jp",
-	"sukumo.kochi.jp",
-	"susaki.kochi.jp",
-	"tosa.kochi.jp",
-	"tosashimizu.kochi.jp",
-	"toyo.kochi.jp",
-	"tsuno.kochi.jp",
-	"umaji.kochi.jp",
-	"yasuda.kochi.jp",
-	"yusuhara.kochi.jp",
-	"amakusa.kumamoto.jp",
-	"arao.kumamoto.jp",
-	"aso.kumamoto.jp",
-	"choyo.kumamoto.jp",
-	"gyokuto.kumamoto.jp",
-	"hitoyoshi.kumamoto.jp",
-	"kamiamakusa.kumamoto.jp",
-	"kashima.kumamoto.jp",
-	"kikuchi.kumamoto.jp",
-	"kosa.kumamoto.jp",
-	"kumamoto.kumamoto.jp",
-	"mashiki.kumamoto.jp",
-	"mifune.kumamoto.jp",
-	"minamata.kumamoto.jp",
-	"minamioguni.kumamoto.jp",
-	"nagasu.kumamoto.jp",
-	"nishihara.kumamoto.jp",
-	"oguni.kumamoto.jp",
-	"ozu.kumamoto.jp",
-	"sumoto.kumamoto.jp",
-	"takamori.kumamoto.jp",
-	"uki.kumamoto.jp",
-	"uto.kumamoto.jp",
-	"yamaga.kumamoto.jp",
-	"yamato.kumamoto.jp",
-	"yatsushiro.kumamoto.jp",
-	"ayabe.kyoto.jp",
-	"fukuchiyama.kyoto.jp",
-	"higashiyama.kyoto.jp",
-	"ide.kyoto.jp",
-	"ine.kyoto.jp",
-	"joyo.kyoto.jp",
-	"kameoka.kyoto.jp",
-	"kamo.kyoto.jp",
-	"kita.kyoto.jp",
-	"kizu.kyoto.jp",
-	"kumiyama.kyoto.jp",
-	"kyotamba.kyoto.jp",
-	"kyotanabe.kyoto.jp",
-	"kyotango.kyoto.jp",
-	"maizuru.kyoto.jp",
-	"minami.kyoto.jp",
-	"minamiyamashiro.kyoto.jp",
-	"miyazu.kyoto.jp",
-	"muko.kyoto.jp",
-	"nagaokakyo.kyoto.jp",
-	"nakagyo.kyoto.jp",
-	"nantan.kyoto.jp",
-	"oyamazaki.kyoto.jp",
-	"sakyo.kyoto.jp",
-	"seika.kyoto.jp",
-	"tanabe.kyoto.jp",
-	"uji.kyoto.jp",
-	"ujitawara.kyoto.jp",
-	"wazuka.kyoto.jp",
-	"yamashina.kyoto.jp",
-	"yawata.kyoto.jp",
-	"asahi.mie.jp",
-	"inabe.mie.jp",
-	"ise.mie.jp",
-	"kameyama.mie.jp",
-	"kawagoe.mie.jp",
-	"kiho.mie.jp",
-	"kisosaki.mie.jp",
-	"kiwa.mie.jp",
-	"komono.mie.jp",
-	"kumano.mie.jp",
-	"kuwana.mie.jp",
-	"matsusaka.mie.jp",
-	"meiwa.mie.jp",
-	"mihama.mie.jp",
-	"minamiise.mie.jp",
-	"misugi.mie.jp",
-	"miyama.mie.jp",
-	"nabari.mie.jp",
-	"shima.mie.jp",
-	"suzuka.mie.jp",
-	"tado.mie.jp",
-	"taiki.mie.jp",
-	"taki.mie.jp",
-	"tamaki.mie.jp",
-	"toba.mie.jp",
-	"tsu.mie.jp",
-	"udono.mie.jp",
-	"ureshino.mie.jp",
-	"watarai.mie.jp",
-	"yokkaichi.mie.jp",
-	"furukawa.miyagi.jp",
-	"higashimatsushima.miyagi.jp",
-	"ishinomaki.miyagi.jp",
-	"iwanuma.miyagi.jp",
-	"kakuda.miyagi.jp",
-	"kami.miyagi.jp",
-	"kawasaki.miyagi.jp",
-	"kesennuma.miyagi.jp",
-	"marumori.miyagi.jp",
-	"matsushima.miyagi.jp",
-	"minamisanriku.miyagi.jp",
-	"misato.miyagi.jp",
-	"murata.miyagi.jp",
-	"natori.miyagi.jp",
-	"ogawara.miyagi.jp",
-	"ohira.miyagi.jp",
-	"onagawa.miyagi.jp",
-	"osaki.miyagi.jp",
-	"rifu.miyagi.jp",
-	"semine.miyagi.jp",
-	"shibata.miyagi.jp",
-	"shichikashuku.miyagi.jp",
-	"shikama.miyagi.jp",
-	"shiogama.miyagi.jp",
-	"shiroishi.miyagi.jp",
-	"tagajo.miyagi.jp",
-	"taiwa.miyagi.jp",
-	"tome.miyagi.jp",
-	"tomiya.miyagi.jp",
-	"wakuya.miyagi.jp",
-	"watari.miyagi.jp",
-	"yamamoto.miyagi.jp",
-	"zao.miyagi.jp",
-	"aya.miyazaki.jp",
-	"ebino.miyazaki.jp",
-	"gokase.miyazaki.jp",
-	"hyuga.miyazaki.jp",
-	"kadogawa.miyazaki.jp",
-	"kawaminami.miyazaki.jp",
-	"kijo.miyazaki.jp",
-	"kitagawa.miyazaki.jp",
-	"kitakata.miyazaki.jp",
-	"kitaura.miyazaki.jp",
-	"kobayashi.miyazaki.jp",
-	"kunitomi.miyazaki.jp",
-	"kushima.miyazaki.jp",
-	"mimata.miyazaki.jp",
-	"miyakonojo.miyazaki.jp",
-	"miyazaki.miyazaki.jp",
-	"morotsuka.miyazaki.jp",
-	"nichinan.miyazaki.jp",
-	"nishimera.miyazaki.jp",
-	"nobeoka.miyazaki.jp",
-	"saito.miyazaki.jp",
-	"shiiba.miyazaki.jp",
-	"shintomi.miyazaki.jp",
-	"takaharu.miyazaki.jp",
-	"takanabe.miyazaki.jp",
-	"takazaki.miyazaki.jp",
-	"tsuno.miyazaki.jp",
-	"achi.nagano.jp",
-	"agematsu.nagano.jp",
-	"anan.nagano.jp",
-	"aoki.nagano.jp",
-	"asahi.nagano.jp",
-	"azumino.nagano.jp",
-	"chikuhoku.nagano.jp",
-	"chikuma.nagano.jp",
-	"chino.nagano.jp",
-	"fujimi.nagano.jp",
-	"hakuba.nagano.jp",
-	"hara.nagano.jp",
-	"hiraya.nagano.jp",
-	"iida.nagano.jp",
-	"iijima.nagano.jp",
-	"iiyama.nagano.jp",
-	"iizuna.nagano.jp",
-	"ikeda.nagano.jp",
-	"ikusaka.nagano.jp",
-	"ina.nagano.jp",
-	"karuizawa.nagano.jp",
-	"kawakami.nagano.jp",
-	"kiso.nagano.jp",
-	"kisofukushima.nagano.jp",
-	"kitaaiki.nagano.jp",
-	"komagane.nagano.jp",
-	"komoro.nagano.jp",
-	"matsukawa.nagano.jp",
-	"matsumoto.nagano.jp",
-	"miasa.nagano.jp",
-	"minamiaiki.nagano.jp",
-	"minamimaki.nagano.jp",
-	"minamiminowa.nagano.jp",
-	"minowa.nagano.jp",
-	"miyada.nagano.jp",
-	"miyota.nagano.jp",
-	"mochizuki.nagano.jp",
-	"nagano.nagano.jp",
-	"nagawa.nagano.jp",
-	"nagiso.nagano.jp",
-	"nakagawa.nagano.jp",
-	"nakano.nagano.jp",
-	"nozawaonsen.nagano.jp",
-	"obuse.nagano.jp",
-	"ogawa.nagano.jp",
-	"okaya.nagano.jp",
-	"omachi.nagano.jp",
-	"omi.nagano.jp",
-	"ookuwa.nagano.jp",
-	"ooshika.nagano.jp",
-	"otaki.nagano.jp",
-	"otari.nagano.jp",
-	"sakae.nagano.jp",
-	"sakaki.nagano.jp",
-	"saku.nagano.jp",
-	"sakuho.nagano.jp",
-	"shimosuwa.nagano.jp",
-	"shinanomachi.nagano.jp",
-	"shiojiri.nagano.jp",
-	"suwa.nagano.jp",
-	"suzaka.nagano.jp",
-	"takagi.nagano.jp",
-	"takamori.nagano.jp",
-	"takayama.nagano.jp",
-	"tateshina.nagano.jp",
-	"tatsuno.nagano.jp",
-	"togakushi.nagano.jp",
-	"togura.nagano.jp",
-	"tomi.nagano.jp",
-	"ueda.nagano.jp",
-	"wada.nagano.jp",
-	"yamagata.nagano.jp",
-	"yamanouchi.nagano.jp",
-	"yasaka.nagano.jp",
-	"yasuoka.nagano.jp",
-	"chijiwa.nagasaki.jp",
-	"futsu.nagasaki.jp",
-	"goto.nagasaki.jp",
-	"hasami.nagasaki.jp",
-	"hirado.nagasaki.jp",
-	"iki.nagasaki.jp",
-	"isahaya.nagasaki.jp",
-	"kawatana.nagasaki.jp",
-	"kuchinotsu.nagasaki.jp",
-	"matsuura.nagasaki.jp",
-	"nagasaki.nagasaki.jp",
-	"obama.nagasaki.jp",
-	"omura.nagasaki.jp",
-	"oseto.nagasaki.jp",
-	"saikai.nagasaki.jp",
-	"sasebo.nagasaki.jp",
-	"seihi.nagasaki.jp",
-	"shimabara.nagasaki.jp",
-	"shinkamigoto.nagasaki.jp",
-	"togitsu.nagasaki.jp",
-	"tsushima.nagasaki.jp",
-	"unzen.nagasaki.jp",
-	"ando.nara.jp",
-	"gose.nara.jp",
-	"heguri.nara.jp",
-	"higashiyoshino.nara.jp",
-	"ikaruga.nara.jp",
-	"ikoma.nara.jp",
-	"kamikitayama.nara.jp",
-	"kanmaki.nara.jp",
-	"kashiba.nara.jp",
-	"kashihara.nara.jp",
-	"katsuragi.nara.jp",
-	"kawai.nara.jp",
-	"kawakami.nara.jp",
-	"kawanishi.nara.jp",
-	"koryo.nara.jp",
-	"kurotaki.nara.jp",
-	"mitsue.nara.jp",
-	"miyake.nara.jp",
-	"nara.nara.jp",
-	"nosegawa.nara.jp",
-	"oji.nara.jp",
-	"ouda.nara.jp",
-	"oyodo.nara.jp",
-	"sakurai.nara.jp",
-	"sango.nara.jp",
-	"shimoichi.nara.jp",
-	"shimokitayama.nara.jp",
-	"shinjo.nara.jp",
-	"soni.nara.jp",
-	"takatori.nara.jp",
-	"tawaramoto.nara.jp",
-	"tenkawa.nara.jp",
-	"tenri.nara.jp",
-	"uda.nara.jp",
-	"yamatokoriyama.nara.jp",
-	"yamatotakada.nara.jp",
-	"yamazoe.nara.jp",
-	"yoshino.nara.jp",
-	"aga.niigata.jp",
-	"agano.niigata.jp",
-	"gosen.niigata.jp",
-	"itoigawa.niigata.jp",
-	"izumozaki.niigata.jp",
-	"joetsu.niigata.jp",
-	"kamo.niigata.jp",
-	"kariwa.niigata.jp",
-	"kashiwazaki.niigata.jp",
-	"minamiuonuma.niigata.jp",
-	"mitsuke.niigata.jp",
-	"muika.niigata.jp",
-	"murakami.niigata.jp",
-	"myoko.niigata.jp",
-	"nagaoka.niigata.jp",
-	"niigata.niigata.jp",
-	"ojiya.niigata.jp",
-	"omi.niigata.jp",
-	"sado.niigata.jp",
-	"sanjo.niigata.jp",
-	"seiro.niigata.jp",
-	"seirou.niigata.jp",
-	"sekikawa.niigata.jp",
-	"shibata.niigata.jp",
-	"tagami.niigata.jp",
-	"tainai.niigata.jp",
-	"tochio.niigata.jp",
-	"tokamachi.niigata.jp",
-	"tsubame.niigata.jp",
-	"tsunan.niigata.jp",
-	"uonuma.niigata.jp",
-	"yahiko.niigata.jp",
-	"yoita.niigata.jp",
-	"yuzawa.niigata.jp",
-	"beppu.oita.jp",
-	"bungoono.oita.jp",
-	"bungotakada.oita.jp",
-	"hasama.oita.jp",
-	"hiji.oita.jp",
-	"himeshima.oita.jp",
-	"hita.oita.jp",
-	"kamitsue.oita.jp",
-	"kokonoe.oita.jp",
-	"kuju.oita.jp",
-	"kunisaki.oita.jp",
-	"kusu.oita.jp",
-	"oita.oita.jp",
-	"saiki.oita.jp",
-	"taketa.oita.jp",
-	"tsukumi.oita.jp",
-	"usa.oita.jp",
-	"usuki.oita.jp",
-	"yufu.oita.jp",
-	"akaiwa.okayama.jp",
-	"asakuchi.okayama.jp",
-	"bizen.okayama.jp",
-	"hayashima.okayama.jp",
-	"ibara.okayama.jp",
-	"kagamino.okayama.jp",
-	"kasaoka.okayama.jp",
-	"kibichuo.okayama.jp",
-	"kumenan.okayama.jp",
-	"kurashiki.okayama.jp",
-	"maniwa.okayama.jp",
-	"misaki.okayama.jp",
-	"nagi.okayama.jp",
-	"niimi.okayama.jp",
-	"nishiawakura.okayama.jp",
-	"okayama.okayama.jp",
-	"satosho.okayama.jp",
-	"setouchi.okayama.jp",
-	"shinjo.okayama.jp",
-	"shoo.okayama.jp",
-	"soja.okayama.jp",
-	"takahashi.okayama.jp",
-	"tamano.okayama.jp",
-	"tsuyama.okayama.jp",
-	"wake.okayama.jp",
-	"yakage.okayama.jp",
-	"aguni.okinawa.jp",
-	"ginowan.okinawa.jp",
-	"ginoza.okinawa.jp",
-	"gushikami.okinawa.jp",
-	"haebaru.okinawa.jp",
-	"higashi.okinawa.jp",
-	"hirara.okinawa.jp",
-	"iheya.okinawa.jp",
-	"ishigaki.okinawa.jp",
-	"ishikawa.okinawa.jp",
-	"itoman.okinawa.jp",
-	"izena.okinawa.jp",
-	"kadena.okinawa.jp",
-	"kin.okinawa.jp",
-	"kitadaito.okinawa.jp",
-	"kitanakagusuku.okinawa.jp",
-	"kumejima.okinawa.jp",
-	"kunigami.okinawa.jp",
-	"minamidaito.okinawa.jp",
-	"motobu.okinawa.jp",
-	"nago.okinawa.jp",
-	"naha.okinawa.jp",
-	"nakagusuku.okinawa.jp",
-	"nakijin.okinawa.jp",
-	"nanjo.okinawa.jp",
-	"nishihara.okinawa.jp",
-	"ogimi.okinawa.jp",
-	"okinawa.okinawa.jp",
-	"onna.okinawa.jp",
-	"shimoji.okinawa.jp",
-	"taketomi.okinawa.jp",
-	"tarama.okinawa.jp",
-	"tokashiki.okinawa.jp",
-	"tomigusuku.okinawa.jp",
-	"tonaki.okinawa.jp",
-	"urasoe.okinawa.jp",
-	"uruma.okinawa.jp",
-	"yaese.okinawa.jp",
-	"yomitan.okinawa.jp",
-	"yonabaru.okinawa.jp",
-	"yonaguni.okinawa.jp",
-	"zamami.okinawa.jp",
-	"abeno.osaka.jp",
-	"chihayaakasaka.osaka.jp",
-	"chuo.osaka.jp",
-	"daito.osaka.jp",
-	"fujiidera.osaka.jp",
-	"habikino.osaka.jp",
-	"hannan.osaka.jp",
-	"higashiosaka.osaka.jp",
-	"higashisumiyoshi.osaka.jp",
-	"higashiyodogawa.osaka.jp",
-	"hirakata.osaka.jp",
-	"ibaraki.osaka.jp",
-	"ikeda.osaka.jp",
-	"izumi.osaka.jp",
-	"izumiotsu.osaka.jp",
-	"izumisano.osaka.jp",
-	"kadoma.osaka.jp",
-	"kaizuka.osaka.jp",
-	"kanan.osaka.jp",
-	"kashiwara.osaka.jp",
-	"katano.osaka.jp",
-	"kawachinagano.osaka.jp",
-	"kishiwada.osaka.jp",
-	"kita.osaka.jp",
-	"kumatori.osaka.jp",
-	"matsubara.osaka.jp",
-	"minato.osaka.jp",
-	"minoh.osaka.jp",
-	"misaki.osaka.jp",
-	"moriguchi.osaka.jp",
-	"neyagawa.osaka.jp",
-	"nishi.osaka.jp",
-	"nose.osaka.jp",
-	"osakasayama.osaka.jp",
-	"sakai.osaka.jp",
-	"sayama.osaka.jp",
-	"sennan.osaka.jp",
-	"settsu.osaka.jp",
-	"shijonawate.osaka.jp",
-	"shimamoto.osaka.jp",
-	"suita.osaka.jp",
-	"tadaoka.osaka.jp",
-	"taishi.osaka.jp",
-	"tajiri.osaka.jp",
-	"takaishi.osaka.jp",
-	"takatsuki.osaka.jp",
-	"tondabayashi.osaka.jp",
-	"toyonaka.osaka.jp",
-	"toyono.osaka.jp",
-	"yao.osaka.jp",
-	"ariake.saga.jp",
-	"arita.saga.jp",
-	"fukudomi.saga.jp",
-	"genkai.saga.jp",
-	"hamatama.saga.jp",
-	"hizen.saga.jp",
-	"imari.saga.jp",
-	"kamimine.saga.jp",
-	"kanzaki.saga.jp",
-	"karatsu.saga.jp",
-	"kashima.saga.jp",
-	"kitagata.saga.jp",
-	"kitahata.saga.jp",
-	"kiyama.saga.jp",
-	"kouhoku.saga.jp",
-	"kyuragi.saga.jp",
-	"nishiarita.saga.jp",
-	"ogi.saga.jp",
-	"omachi.saga.jp",
-	"ouchi.saga.jp",
-	"saga.saga.jp",
-	"shiroishi.saga.jp",
-	"taku.saga.jp",
-	"tara.saga.jp",
-	"tosu.saga.jp",
-	"yoshinogari.saga.jp",
-	"arakawa.saitama.jp",
-	"asaka.saitama.jp",
-	"chichibu.saitama.jp",
-	"fujimi.saitama.jp",
-	"fujimino.saitama.jp",
-	"fukaya.saitama.jp",
-	"hanno.saitama.jp",
-	"hanyu.saitama.jp",
-	"hasuda.saitama.jp",
-	"hatogaya.saitama.jp",
-	"hatoyama.saitama.jp",
-	"hidaka.saitama.jp",
-	"higashichichibu.saitama.jp",
-	"higashimatsuyama.saitama.jp",
-	"honjo.saitama.jp",
-	"ina.saitama.jp",
-	"iruma.saitama.jp",
-	"iwatsuki.saitama.jp",
-	"kamiizumi.saitama.jp",
-	"kamikawa.saitama.jp",
-	"kamisato.saitama.jp",
-	"kasukabe.saitama.jp",
-	"kawagoe.saitama.jp",
-	"kawaguchi.saitama.jp",
-	"kawajima.saitama.jp",
-	"kazo.saitama.jp",
-	"kitamoto.saitama.jp",
-	"koshigaya.saitama.jp",
-	"kounosu.saitama.jp",
-	"kuki.saitama.jp",
-	"kumagaya.saitama.jp",
-	"matsubushi.saitama.jp",
-	"minano.saitama.jp",
-	"misato.saitama.jp",
-	"miyashiro.saitama.jp",
-	"miyoshi.saitama.jp",
-	"moroyama.saitama.jp",
-	"nagatoro.saitama.jp",
-	"namegawa.saitama.jp",
-	"niiza.saitama.jp",
-	"ogano.saitama.jp",
-	"ogawa.saitama.jp",
-	"ogose.saitama.jp",
-	"okegawa.saitama.jp",
-	"omiya.saitama.jp",
-	"otaki.saitama.jp",
-	"ranzan.saitama.jp",
-	"ryokami.saitama.jp",
-	"saitama.saitama.jp",
-	"sakado.saitama.jp",
-	"satte.saitama.jp",
-	"sayama.saitama.jp",
-	"shiki.saitama.jp",
-	"shiraoka.saitama.jp",
-	"soka.saitama.jp",
-	"sugito.saitama.jp",
-	"toda.saitama.jp",
-	"tokigawa.saitama.jp",
-	"tokorozawa.saitama.jp",
-	"tsurugashima.saitama.jp",
-	"urawa.saitama.jp",
-	"warabi.saitama.jp",
-	"yashio.saitama.jp",
-	"yokoze.saitama.jp",
-	"yono.saitama.jp",
-	"yorii.saitama.jp",
-	"yoshida.saitama.jp",
-	"yoshikawa.saitama.jp",
-	"yoshimi.saitama.jp",
-	"aisho.shiga.jp",
-	"gamo.shiga.jp",
-	"higashiomi.shiga.jp",
-	"hikone.shiga.jp",
-	"koka.shiga.jp",
-	"konan.shiga.jp",
-	"kosei.shiga.jp",
-	"koto.shiga.jp",
-	"kusatsu.shiga.jp",
-	"maibara.shiga.jp",
-	"moriyama.shiga.jp",
-	"nagahama.shiga.jp",
-	"nishiazai.shiga.jp",
-	"notogawa.shiga.jp",
-	"omihachiman.shiga.jp",
-	"otsu.shiga.jp",
-	"ritto.shiga.jp",
-	"ryuoh.shiga.jp",
-	"takashima.shiga.jp",
-	"takatsuki.shiga.jp",
-	"torahime.shiga.jp",
-	"toyosato.shiga.jp",
-	"yasu.shiga.jp",
-	"akagi.shimane.jp",
-	"ama.shimane.jp",
-	"gotsu.shimane.jp",
-	"hamada.shimane.jp",
-	"higashiizumo.shimane.jp",
-	"hikawa.shimane.jp",
-	"hikimi.shimane.jp",
-	"izumo.shimane.jp",
-	"kakinoki.shimane.jp",
-	"masuda.shimane.jp",
-	"matsue.shimane.jp",
-	"misato.shimane.jp",
-	"nishinoshima.shimane.jp",
-	"ohda.shimane.jp",
-	"okinoshima.shimane.jp",
-	"okuizumo.shimane.jp",
-	"shimane.shimane.jp",
-	"tamayu.shimane.jp",
-	"tsuwano.shimane.jp",
-	"unnan.shimane.jp",
-	"yakumo.shimane.jp",
-	"yasugi.shimane.jp",
-	"yatsuka.shimane.jp",
-	"arai.shizuoka.jp",
-	"atami.shizuoka.jp",
-	"fuji.shizuoka.jp",
-	"fujieda.shizuoka.jp",
-	"fujikawa.shizuoka.jp",
-	"fujinomiya.shizuoka.jp",
-	"fukuroi.shizuoka.jp",
-	"gotemba.shizuoka.jp",
-	"haibara.shizuoka.jp",
-	"hamamatsu.shizuoka.jp",
-	"higashiizu.shizuoka.jp",
-	"ito.shizuoka.jp",
-	"iwata.shizuoka.jp",
-	"izu.shizuoka.jp",
-	"izunokuni.shizuoka.jp",
-	"kakegawa.shizuoka.jp",
-	"kannami.shizuoka.jp",
-	"kawanehon.shizuoka.jp",
-	"kawazu.shizuoka.jp",
-	"kikugawa.shizuoka.jp",
-	"kosai.shizuoka.jp",
-	"makinohara.shizuoka.jp",
-	"matsuzaki.shizuoka.jp",
-	"minamiizu.shizuoka.jp",
-	"mishima.shizuoka.jp",
-	"morimachi.shizuoka.jp",
-	"nishiizu.shizuoka.jp",
-	"numazu.shizuoka.jp",
-	"omaezaki.shizuoka.jp",
-	"shimada.shizuoka.jp",
-	"shimizu.shizuoka.jp",
-	"shimoda.shizuoka.jp",
-	"shizuoka.shizuoka.jp",
-	"susono.shizuoka.jp",
-	"yaizu.shizuoka.jp",
-	"yoshida.shizuoka.jp",
-	"ashikaga.tochigi.jp",
-	"bato.tochigi.jp",
-	"haga.tochigi.jp",
-	"ichikai.tochigi.jp",
-	"iwafune.tochigi.jp",
-	"kaminokawa.tochigi.jp",
-	"kanuma.tochigi.jp",
-	"karasuyama.tochigi.jp",
-	"kuroiso.tochigi.jp",
-	"mashiko.tochigi.jp",
-	"mibu.tochigi.jp",
-	"moka.tochigi.jp",
-	"motegi.tochigi.jp",
-	"nasu.tochigi.jp",
-	"nasushiobara.tochigi.jp",
-	"nikko.tochigi.jp",
-	"nishikata.tochigi.jp",
-	"nogi.tochigi.jp",
-	"ohira.tochigi.jp",
-	"ohtawara.tochigi.jp",
-	"oyama.tochigi.jp",
-	"sakura.tochigi.jp",
-	"sano.tochigi.jp",
-	"shimotsuke.tochigi.jp",
-	"shioya.tochigi.jp",
-	"takanezawa.tochigi.jp",
-	"tochigi.tochigi.jp",
-	"tsuga.tochigi.jp",
-	"ujiie.tochigi.jp",
-	"utsunomiya.tochigi.jp",
-	"yaita.tochigi.jp",
-	"aizumi.tokushima.jp",
-	"anan.tokushima.jp",
-	"ichiba.tokushima.jp",
-	"itano.tokushima.jp",
-	"kainan.tokushima.jp",
-	"komatsushima.tokushima.jp",
-	"matsushige.tokushima.jp",
-	"mima.tokushima.jp",
-	"minami.tokushima.jp",
-	"miyoshi.tokushima.jp",
-	"mugi.tokushima.jp",
-	"nakagawa.tokushima.jp",
-	"naruto.tokushima.jp",
-	"sanagochi.tokushima.jp",
-	"shishikui.tokushima.jp",
-	"tokushima.tokushima.jp",
-	"wajiki.tokushima.jp",
-	"adachi.tokyo.jp",
-	"akiruno.tokyo.jp",
-	"akishima.tokyo.jp",
-	"aogashima.tokyo.jp",
-	"arakawa.tokyo.jp",
-	"bunkyo.tokyo.jp",
-	"chiyoda.tokyo.jp",
-	"chofu.tokyo.jp",
-	"chuo.tokyo.jp",
-	"edogawa.tokyo.jp",
-	"fuchu.tokyo.jp",
-	"fussa.tokyo.jp",
-	"hachijo.tokyo.jp",
-	"hachioji.tokyo.jp",
-	"hamura.tokyo.jp",
-	"higashikurume.tokyo.jp",
-	"higashimurayama.tokyo.jp",
-	"higashiyamato.tokyo.jp",
-	"hino.tokyo.jp",
-	"hinode.tokyo.jp",
-	"hinohara.tokyo.jp",
-	"inagi.tokyo.jp",
-	"itabashi.tokyo.jp",
-	"katsushika.tokyo.jp",
-	"kita.tokyo.jp",
-	"kiyose.tokyo.jp",
-	"kodaira.tokyo.jp",
-	"koganei.tokyo.jp",
-	"kokubunji.tokyo.jp",
-	"komae.tokyo.jp",
-	"koto.tokyo.jp",
-	"kouzushima.tokyo.jp",
-	"kunitachi.tokyo.jp",
-	"machida.tokyo.jp",
-	"meguro.tokyo.jp",
-	"minato.tokyo.jp",
-	"mitaka.tokyo.jp",
-	"mizuho.tokyo.jp",
-	"musashimurayama.tokyo.jp",
-	"musashino.tokyo.jp",
-	"nakano.tokyo.jp",
-	"nerima.tokyo.jp",
-	"ogasawara.tokyo.jp",
-	"okutama.tokyo.jp",
-	"ome.tokyo.jp",
-	"oshima.tokyo.jp",
-	"ota.tokyo.jp",
-	"setagaya.tokyo.jp",
-	"shibuya.tokyo.jp",
-	"shinagawa.tokyo.jp",
-	"shinjuku.tokyo.jp",
-	"suginami.tokyo.jp",
-	"sumida.tokyo.jp",
-	"tachikawa.tokyo.jp",
-	"taito.tokyo.jp",
-	"tama.tokyo.jp",
-	"toshima.tokyo.jp",
-	"chizu.tottori.jp",
-	"hino.tottori.jp",
-	"kawahara.tottori.jp",
-	"koge.tottori.jp",
-	"kotoura.tottori.jp",
-	"misasa.tottori.jp",
-	"nanbu.tottori.jp",
-	"nichinan.tottori.jp",
-	"sakaiminato.tottori.jp",
-	"tottori.tottori.jp",
-	"wakasa.tottori.jp",
-	"yazu.tottori.jp",
-	"yonago.tottori.jp",
-	"asahi.toyama.jp",
-	"fuchu.toyama.jp",
-	"fukumitsu.toyama.jp",
-	"funahashi.toyama.jp",
-	"himi.toyama.jp",
-	"imizu.toyama.jp",
-	"inami.toyama.jp",
-	"johana.toyama.jp",
-	"kamiichi.toyama.jp",
-	"kurobe.toyama.jp",
-	"nakaniikawa.toyama.jp",
-	"namerikawa.toyama.jp",
-	"nanto.toyama.jp",
-	"nyuzen.toyama.jp",
-	"oyabe.toyama.jp",
-	"taira.toyama.jp",
-	"takaoka.toyama.jp",
-	"tateyama.toyama.jp",
-	"toga.toyama.jp",
-	"tonami.toyama.jp",
-	"toyama.toyama.jp",
-	"unazuki.toyama.jp",
-	"uozu.toyama.jp",
-	"yamada.toyama.jp",
-	"arida.wakayama.jp",
-	"aridagawa.wakayama.jp",
-	"gobo.wakayama.jp",
-	"hashimoto.wakayama.jp",
-	"hidaka.wakayama.jp",
-	"hirogawa.wakayama.jp",
-	"inami.wakayama.jp",
-	"iwade.wakayama.jp",
-	"kainan.wakayama.jp",
-	"kamitonda.wakayama.jp",
-	"katsuragi.wakayama.jp",
-	"kimino.wakayama.jp",
-	"kinokawa.wakayama.jp",
-	"kitayama.wakayama.jp",
-	"koya.wakayama.jp",
-	"koza.wakayama.jp",
-	"kozagawa.wakayama.jp",
-	"kudoyama.wakayama.jp",
-	"kushimoto.wakayama.jp",
-	"mihama.wakayama.jp",
-	"misato.wakayama.jp",
-	"nachikatsuura.wakayama.jp",
-	"shingu.wakayama.jp",
-	"shirahama.wakayama.jp",
-	"taiji.wakayama.jp",
-	"tanabe.wakayama.jp",
-	"wakayama.wakayama.jp",
-	"yuasa.wakayama.jp",
-	"yura.wakayama.jp",
-	"asahi.yamagata.jp",
-	"funagata.yamagata.jp",
-	"higashine.yamagata.jp",
-	"iide.yamagata.jp",
-	"kahoku.yamagata.jp",
-	"kaminoyama.yamagata.jp",
-	"kaneyama.yamagata.jp",
-	"kawanishi.yamagata.jp",
-	"mamurogawa.yamagata.jp",
-	"mikawa.yamagata.jp",
-	"murayama.yamagata.jp",
-	"nagai.yamagata.jp",
-	"nakayama.yamagata.jp",
-	"nanyo.yamagata.jp",
-	"nishikawa.yamagata.jp",
-	"obanazawa.yamagata.jp",
-	"oe.yamagata.jp",
-	"oguni.yamagata.jp",
-	"ohkura.yamagata.jp",
-	"oishida.yamagata.jp",
-	"sagae.yamagata.jp",
-	"sakata.yamagata.jp",
-	"sakegawa.yamagata.jp",
-	"shinjo.yamagata.jp",
-	"shirataka.yamagata.jp",
-	"shonai.yamagata.jp",
-	"takahata.yamagata.jp",
-	"tendo.yamagata.jp",
-	"tozawa.yamagata.jp",
-	"tsuruoka.yamagata.jp",
-	"yamagata.yamagata.jp",
-	"yamanobe.yamagata.jp",
-	"yonezawa.yamagata.jp",
-	"yuza.yamagata.jp",
-	"abu.yamaguchi.jp",
-	"hagi.yamaguchi.jp",
-	"hikari.yamaguchi.jp",
-	"hofu.yamaguchi.jp",
-	"iwakuni.yamaguchi.jp",
-	"kudamatsu.yamaguchi.jp",
-	"mitou.yamaguchi.jp",
-	"nagato.yamaguchi.jp",
-	"oshima.yamaguchi.jp",
-	"shimonoseki.yamaguchi.jp",
-	"shunan.yamaguchi.jp",
-	"tabuse.yamaguchi.jp",
-	"tokuyama.yamaguchi.jp",
-	"toyota.yamaguchi.jp",
-	"ube.yamaguchi.jp",
-	"yuu.yamaguchi.jp",
-	"chuo.yamanashi.jp",
-	"doshi.yamanashi.jp",
-	"fuefuki.yamanashi.jp",
-	"fujikawa.yamanashi.jp",
-	"fujikawaguchiko.yamanashi.jp",
-	"fujiyoshida.yamanashi.jp",
-	"hayakawa.yamanashi.jp",
-	"hokuto.yamanashi.jp",
-	"ichikawamisato.yamanashi.jp",
-	"kai.yamanashi.jp",
-	"kofu.yamanashi.jp",
-	"koshu.yamanashi.jp",
-	"kosuge.yamanashi.jp",
-	"minami-alps.yamanashi.jp",
-	"minobu.yamanashi.jp",
-	"nakamichi.yamanashi.jp",
-	"nanbu.yamanashi.jp",
-	"narusawa.yamanashi.jp",
-	"nirasaki.yamanashi.jp",
-	"nishikatsura.yamanashi.jp",
-	"oshino.yamanashi.jp",
-	"otsuki.yamanashi.jp",
-	"showa.yamanashi.jp",
-	"tabayama.yamanashi.jp",
-	"tsuru.yamanashi.jp",
-	"uenohara.yamanashi.jp",
-	"yamanakako.yamanashi.jp",
-	"yamanashi.yamanashi.jp",
-	"*.ke",
-	"kg",
-	"org.kg",
-	"net.kg",
-	"com.kg",
-	"edu.kg",
-	"gov.kg",
-	"mil.kg",
-	"*.kh",
-	"ki",
-	"edu.ki",
-	"biz.ki",
-	"net.ki",
-	"org.ki",
-	"gov.ki",
-	"info.ki",
-	"com.ki",
-	"km",
-	"org.km",
-	"nom.km",
-	"gov.km",
-	"prd.km",
-	"tm.km",
-	"edu.km",
-	"mil.km",
-	"ass.km",
-	"com.km",
-	"coop.km",
-	"asso.km",
-	"presse.km",
-	"medecin.km",
-	"notaires.km",
-	"pharmaciens.km",
-	"veterinaire.km",
-	"gouv.km",
-	"kn",
-	"net.kn",
-	"org.kn",
-	"edu.kn",
-	"gov.kn",
-	"kp",
-	"com.kp",
-	"edu.kp",
-	"gov.kp",
-	"org.kp",
-	"rep.kp",
-	"tra.kp",
-	"kr",
-	"ac.kr",
-	"co.kr",
-	"es.kr",
-	"go.kr",
-	"hs.kr",
-	"kg.kr",
-	"mil.kr",
-	"ms.kr",
-	"ne.kr",
-	"or.kr",
-	"pe.kr",
-	"re.kr",
-	"sc.kr",
-	"busan.kr",
-	"chungbuk.kr",
-	"chungnam.kr",
-	"daegu.kr",
-	"daejeon.kr",
-	"gangwon.kr",
-	"gwangju.kr",
-	"gyeongbuk.kr",
-	"gyeonggi.kr",
-	"gyeongnam.kr",
-	"incheon.kr",
-	"jeju.kr",
-	"jeonbuk.kr",
-	"jeonnam.kr",
-	"seoul.kr",
-	"ulsan.kr",
-	"*.kw",
-	"ky",
-	"edu.ky",
-	"gov.ky",
-	"com.ky",
-	"org.ky",
-	"net.ky",
-	"kz",
-	"org.kz",
-	"edu.kz",
-	"net.kz",
-	"gov.kz",
-	"mil.kz",
-	"com.kz",
-	"la",
-	"int.la",
-	"net.la",
-	"info.la",
-	"edu.la",
-	"gov.la",
-	"per.la",
-	"com.la",
-	"org.la",
-	"lb",
-	"com.lb",
-	"edu.lb",
-	"gov.lb",
-	"net.lb",
-	"org.lb",
-	"lc",
-	"com.lc",
-	"net.lc",
-	"co.lc",
-	"org.lc",
-	"edu.lc",
-	"gov.lc",
-	"li",
-	"lk",
-	"gov.lk",
-	"sch.lk",
-	"net.lk",
-	"int.lk",
-	"com.lk",
-	"org.lk",
-	"edu.lk",
-	"ngo.lk",
-	"soc.lk",
-	"web.lk",
-	"ltd.lk",
-	"assn.lk",
-	"grp.lk",
-	"hotel.lk",
-	"ac.lk",
-	"lr",
-	"com.lr",
-	"edu.lr",
-	"gov.lr",
-	"org.lr",
-	"net.lr",
-	"ls",
-	"co.ls",
-	"org.ls",
-	"lt",
-	"gov.lt",
-	"lu",
-	"lv",
-	"com.lv",
-	"edu.lv",
-	"gov.lv",
-	"org.lv",
-	"mil.lv",
-	"id.lv",
-	"net.lv",
-	"asn.lv",
-	"conf.lv",
-	"ly",
-	"com.ly",
-	"net.ly",
-	"gov.ly",
-	"plc.ly",
-	"edu.ly",
-	"sch.ly",
-	"med.ly",
-	"org.ly",
-	"id.ly",
-	"ma",
-	"co.ma",
-	"net.ma",
-	"gov.ma",
-	"org.ma",
-	"ac.ma",
-	"press.ma",
-	"mc",
-	"tm.mc",
-	"asso.mc",
-	"md",
-	"me",
-	"co.me",
-	"net.me",
-	"org.me",
-	"edu.me",
-	"ac.me",
-	"gov.me",
-	"its.me",
-	"priv.me",
-	"mg",
-	"org.mg",
-	"nom.mg",
-	"gov.mg",
-	"prd.mg",
-	"tm.mg",
-	"edu.mg",
-	"mil.mg",
-	"com.mg",
-	"co.mg",
-	"mh",
-	"mil",
-	"mk",
-	"com.mk",
-	"org.mk",
-	"net.mk",
-	"edu.mk",
-	"gov.mk",
-	"inf.mk",
-	"name.mk",
-	"ml",
-	"com.ml",
-	"edu.ml",
-	"gouv.ml",
-	"gov.ml",
-	"net.ml",
-	"org.ml",
-	"presse.ml",
-	"*.mm",
-	"mn",
-	"gov.mn",
-	"edu.mn",
-	"org.mn",
-	"mo",
-	"com.mo",
-	"net.mo",
-	"org.mo",
-	"edu.mo",
-	"gov.mo",
-	"mobi",
-	"mp",
-	"mq",
-	"mr",
-	"gov.mr",
-	"ms",
-	"com.ms",
-	"edu.ms",
-	"gov.ms",
-	"net.ms",
-	"org.ms",
-	"mt",
-	"com.mt",
-	"edu.mt",
-	"net.mt",
-	"org.mt",
-	"mu",
-	"com.mu",
-	"net.mu",
-	"org.mu",
-	"gov.mu",
-	"ac.mu",
-	"co.mu",
-	"or.mu",
-	"museum",
-	"academy.museum",
-	"agriculture.museum",
-	"air.museum",
-	"airguard.museum",
-	"alabama.museum",
-	"alaska.museum",
-	"amber.museum",
-	"ambulance.museum",
-	"american.museum",
-	"americana.museum",
-	"americanantiques.museum",
-	"americanart.museum",
-	"amsterdam.museum",
-	"and.museum",
-	"annefrank.museum",
-	"anthro.museum",
-	"anthropology.museum",
-	"antiques.museum",
-	"aquarium.museum",
-	"arboretum.museum",
-	"archaeological.museum",
-	"archaeology.museum",
-	"architecture.museum",
-	"art.museum",
-	"artanddesign.museum",
-	"artcenter.museum",
-	"artdeco.museum",
-	"arteducation.museum",
-	"artgallery.museum",
-	"arts.museum",
-	"artsandcrafts.museum",
-	"asmatart.museum",
-	"assassination.museum",
-	"assisi.museum",
-	"association.museum",
-	"astronomy.museum",
-	"atlanta.museum",
-	"austin.museum",
-	"australia.museum",
-	"automotive.museum",
-	"aviation.museum",
-	"axis.museum",
-	"badajoz.museum",
-	"baghdad.museum",
-	"bahn.museum",
-	"bale.museum",
-	"baltimore.museum",
-	"barcelona.museum",
-	"baseball.museum",
-	"basel.museum",
-	"baths.museum",
-	"bauern.museum",
-	"beauxarts.museum",
-	"beeldengeluid.museum",
-	"bellevue.museum",
-	"bergbau.museum",
-	"berkeley.museum",
-	"berlin.museum",
-	"bern.museum",
-	"bible.museum",
-	"bilbao.museum",
-	"bill.museum",
-	"birdart.museum",
-	"birthplace.museum",
-	"bonn.museum",
-	"boston.museum",
-	"botanical.museum",
-	"botanicalgarden.museum",
-	"botanicgarden.museum",
-	"botany.museum",
-	"brandywinevalley.museum",
-	"brasil.museum",
-	"bristol.museum",
-	"british.museum",
-	"britishcolumbia.museum",
-	"broadcast.museum",
-	"brunel.museum",
-	"brussel.museum",
-	"brussels.museum",
-	"bruxelles.museum",
-	"building.museum",
-	"burghof.museum",
-	"bus.museum",
-	"bushey.museum",
-	"cadaques.museum",
-	"california.museum",
-	"cambridge.museum",
-	"can.museum",
-	"canada.museum",
-	"capebreton.museum",
-	"carrier.museum",
-	"cartoonart.museum",
-	"casadelamoneda.museum",
-	"castle.museum",
-	"castres.museum",
-	"celtic.museum",
-	"center.museum",
-	"chattanooga.museum",
-	"cheltenham.museum",
-	"chesapeakebay.museum",
-	"chicago.museum",
-	"children.museum",
-	"childrens.museum",
-	"childrensgarden.museum",
-	"chiropractic.museum",
-	"chocolate.museum",
-	"christiansburg.museum",
-	"cincinnati.museum",
-	"cinema.museum",
-	"circus.museum",
-	"civilisation.museum",
-	"civilization.museum",
-	"civilwar.museum",
-	"clinton.museum",
-	"clock.museum",
-	"coal.museum",
-	"coastaldefence.museum",
-	"cody.museum",
-	"coldwar.museum",
-	"collection.museum",
-	"colonialwilliamsburg.museum",
-	"coloradoplateau.museum",
-	"columbia.museum",
-	"columbus.museum",
-	"communication.museum",
-	"communications.museum",
-	"community.museum",
-	"computer.museum",
-	"computerhistory.museum",
-	"xn--comunicaes-v6a2o.museum",
-	"contemporary.museum",
-	"contemporaryart.museum",
-	"convent.museum",
-	"copenhagen.museum",
-	"corporation.museum",
-	"xn--correios-e-telecomunicaes-ghc29a.museum",
-	"corvette.museum",
-	"costume.museum",
-	"countryestate.museum",
-	"county.museum",
-	"crafts.museum",
-	"cranbrook.museum",
-	"creation.museum",
-	"cultural.museum",
-	"culturalcenter.museum",
-	"culture.museum",
-	"cyber.museum",
-	"cymru.museum",
-	"dali.museum",
-	"dallas.museum",
-	"database.museum",
-	"ddr.museum",
-	"decorativearts.museum",
-	"delaware.museum",
-	"delmenhorst.museum",
-	"denmark.museum",
-	"depot.museum",
-	"design.museum",
-	"detroit.museum",
-	"dinosaur.museum",
-	"discovery.museum",
-	"dolls.museum",
-	"donostia.museum",
-	"durham.museum",
-	"eastafrica.museum",
-	"eastcoast.museum",
-	"education.museum",
-	"educational.museum",
-	"egyptian.museum",
-	"eisenbahn.museum",
-	"elburg.museum",
-	"elvendrell.museum",
-	"embroidery.museum",
-	"encyclopedic.museum",
-	"england.museum",
-	"entomology.museum",
-	"environment.museum",
-	"environmentalconservation.museum",
-	"epilepsy.museum",
-	"essex.museum",
-	"estate.museum",
-	"ethnology.museum",
-	"exeter.museum",
-	"exhibition.museum",
-	"family.museum",
-	"farm.museum",
-	"farmequipment.museum",
-	"farmers.museum",
-	"farmstead.museum",
-	"field.museum",
-	"figueres.museum",
-	"filatelia.museum",
-	"film.museum",
-	"fineart.museum",
-	"finearts.museum",
-	"finland.museum",
-	"flanders.museum",
-	"florida.museum",
-	"force.museum",
-	"fortmissoula.museum",
-	"fortworth.museum",
-	"foundation.museum",
-	"francaise.museum",
-	"frankfurt.museum",
-	"franziskaner.museum",
-	"freemasonry.museum",
-	"freiburg.museum",
-	"fribourg.museum",
-	"frog.museum",
-	"fundacio.museum",
-	"furniture.museum",
-	"gallery.museum",
-	"garden.museum",
-	"gateway.museum",
-	"geelvinck.museum",
-	"gemological.museum",
-	"geology.museum",
-	"georgia.museum",
-	"giessen.museum",
-	"glas.museum",
-	"glass.museum",
-	"gorge.museum",
-	"grandrapids.museum",
-	"graz.museum",
-	"guernsey.museum",
-	"halloffame.museum",
-	"hamburg.museum",
-	"handson.museum",
-	"harvestcelebration.museum",
-	"hawaii.museum",
-	"health.museum",
-	"heimatunduhren.museum",
-	"hellas.museum",
-	"helsinki.museum",
-	"hembygdsforbund.museum",
-	"heritage.museum",
-	"histoire.museum",
-	"historical.museum",
-	"historicalsociety.museum",
-	"historichouses.museum",
-	"historisch.museum",
-	"historisches.museum",
-	"history.museum",
-	"historyofscience.museum",
-	"horology.museum",
-	"house.museum",
-	"humanities.museum",
-	"illustration.museum",
-	"imageandsound.museum",
-	"indian.museum",
-	"indiana.museum",
-	"indianapolis.museum",
-	"indianmarket.museum",
-	"intelligence.museum",
-	"interactive.museum",
-	"iraq.museum",
-	"iron.museum",
-	"isleofman.museum",
-	"jamison.museum",
-	"jefferson.museum",
-	"jerusalem.museum",
-	"jewelry.museum",
-	"jewish.museum",
-	"jewishart.museum",
-	"jfk.museum",
-	"journalism.museum",
-	"judaica.museum",
-	"judygarland.museum",
-	"juedisches.museum",
-	"juif.museum",
-	"karate.museum",
-	"karikatur.museum",
-	"kids.museum",
-	"koebenhavn.museum",
-	"koeln.museum",
-	"kunst.museum",
-	"kunstsammlung.museum",
-	"kunstunddesign.museum",
-	"labor.museum",
-	"labour.museum",
-	"lajolla.museum",
-	"lancashire.museum",
-	"landes.museum",
-	"lans.museum",
-	"xn--lns-qla.museum",
-	"larsson.museum",
-	"lewismiller.museum",
-	"lincoln.museum",
-	"linz.museum",
-	"living.museum",
-	"livinghistory.museum",
-	"localhistory.museum",
-	"london.museum",
-	"losangeles.museum",
-	"louvre.museum",
-	"loyalist.museum",
-	"lucerne.museum",
-	"luxembourg.museum",
-	"luzern.museum",
-	"mad.museum",
-	"madrid.museum",
-	"mallorca.museum",
-	"manchester.museum",
-	"mansion.museum",
-	"mansions.museum",
-	"manx.museum",
-	"marburg.museum",
-	"maritime.museum",
-	"maritimo.museum",
-	"maryland.museum",
-	"marylhurst.museum",
-	"media.museum",
-	"medical.museum",
-	"medizinhistorisches.museum",
-	"meeres.museum",
-	"memorial.museum",
-	"mesaverde.museum",
-	"michigan.museum",
-	"midatlantic.museum",
-	"military.museum",
-	"mill.museum",
-	"miners.museum",
-	"mining.museum",
-	"minnesota.museum",
-	"missile.museum",
-	"missoula.museum",
-	"modern.museum",
-	"moma.museum",
-	"money.museum",
-	"monmouth.museum",
-	"monticello.museum",
-	"montreal.museum",
-	"moscow.museum",
-	"motorcycle.museum",
-	"muenchen.museum",
-	"muenster.museum",
-	"mulhouse.museum",
-	"muncie.museum",
-	"museet.museum",
-	"museumcenter.museum",
-	"museumvereniging.museum",
-	"music.museum",
-	"national.museum",
-	"nationalfirearms.museum",
-	"nationalheritage.museum",
-	"nativeamerican.museum",
-	"naturalhistory.museum",
-	"naturalhistorymuseum.museum",
-	"naturalsciences.museum",
-	"nature.museum",
-	"naturhistorisches.museum",
-	"natuurwetenschappen.museum",
-	"naumburg.museum",
-	"naval.museum",
-	"nebraska.museum",
-	"neues.museum",
-	"newhampshire.museum",
-	"newjersey.museum",
-	"newmexico.museum",
-	"newport.museum",
-	"newspaper.museum",
-	"newyork.museum",
-	"niepce.museum",
-	"norfolk.museum",
-	"north.museum",
-	"nrw.museum",
-	"nuernberg.museum",
-	"nuremberg.museum",
-	"nyc.museum",
-	"nyny.museum",
-	"oceanographic.museum",
-	"oceanographique.museum",
-	"omaha.museum",
-	"online.museum",
-	"ontario.museum",
-	"openair.museum",
-	"oregon.museum",
-	"oregontrail.museum",
-	"otago.museum",
-	"oxford.museum",
-	"pacific.museum",
-	"paderborn.museum",
-	"palace.museum",
-	"paleo.museum",
-	"palmsprings.museum",
-	"panama.museum",
-	"paris.museum",
-	"pasadena.museum",
-	"pharmacy.museum",
-	"philadelphia.museum",
-	"philadelphiaarea.museum",
-	"philately.museum",
-	"phoenix.museum",
-	"photography.museum",
-	"pilots.museum",
-	"pittsburgh.museum",
-	"planetarium.museum",
-	"plantation.museum",
-	"plants.museum",
-	"plaza.museum",
-	"portal.museum",
-	"portland.museum",
-	"portlligat.museum",
-	"posts-and-telecommunications.museum",
-	"preservation.museum",
-	"presidio.museum",
-	"press.museum",
-	"project.museum",
-	"public.museum",
-	"pubol.museum",
-	"quebec.museum",
-	"railroad.museum",
-	"railway.museum",
-	"research.museum",
-	"resistance.museum",
-	"riodejaneiro.museum",
-	"rochester.museum",
-	"rockart.museum",
-	"roma.museum",
-	"russia.museum",
-	"saintlouis.museum",
-	"salem.museum",
-	"salvadordali.museum",
-	"salzburg.museum",
-	"sandiego.museum",
-	"sanfrancisco.museum",
-	"santabarbara.museum",
-	"santacruz.museum",
-	"santafe.museum",
-	"saskatchewan.museum",
-	"satx.museum",
-	"savannahga.museum",
-	"schlesisches.museum",
-	"schoenbrunn.museum",
-	"schokoladen.museum",
-	"school.museum",
-	"schweiz.museum",
-	"science.museum",
-	"scienceandhistory.museum",
-	"scienceandindustry.museum",
-	"sciencecenter.museum",
-	"sciencecenters.museum",
-	"science-fiction.museum",
-	"sciencehistory.museum",
-	"sciences.museum",
-	"sciencesnaturelles.museum",
-	"scotland.museum",
-	"seaport.museum",
-	"settlement.museum",
-	"settlers.museum",
-	"shell.museum",
-	"sherbrooke.museum",
-	"sibenik.museum",
-	"silk.museum",
-	"ski.museum",
-	"skole.museum",
-	"society.museum",
-	"sologne.museum",
-	"soundandvision.museum",
-	"southcarolina.museum",
-	"southwest.museum",
-	"space.museum",
-	"spy.museum",
-	"square.museum",
-	"stadt.museum",
-	"stalbans.museum",
-	"starnberg.museum",
-	"state.museum",
-	"stateofdelaware.museum",
-	"station.museum",
-	"steam.museum",
-	"steiermark.museum",
-	"stjohn.museum",
-	"stockholm.museum",
-	"stpetersburg.museum",
-	"stuttgart.museum",
-	"suisse.museum",
-	"surgeonshall.museum",
-	"surrey.museum",
-	"svizzera.museum",
-	"sweden.museum",
-	"sydney.museum",
-	"tank.museum",
-	"tcm.museum",
-	"technology.museum",
-	"telekommunikation.museum",
-	"television.museum",
-	"texas.museum",
-	"textile.museum",
-	"theater.museum",
-	"time.museum",
-	"timekeeping.museum",
-	"topology.museum",
-	"torino.museum",
-	"touch.museum",
-	"town.museum",
-	"transport.museum",
-	"tree.museum",
-	"trolley.museum",
-	"trust.museum",
-	"trustee.museum",
-	"uhren.museum",
-	"ulm.museum",
-	"undersea.museum",
-	"university.museum",
-	"usa.museum",
-	"usantiques.museum",
-	"usarts.museum",
-	"uscountryestate.museum",
-	"usculture.museum",
-	"usdecorativearts.museum",
-	"usgarden.museum",
-	"ushistory.museum",
-	"ushuaia.museum",
-	"uslivinghistory.museum",
-	"utah.museum",
-	"uvic.museum",
-	"valley.museum",
-	"vantaa.museum",
-	"versailles.museum",
-	"viking.museum",
-	"village.museum",
-	"virginia.museum",
-	"virtual.museum",
-	"virtuel.museum",
-	"vlaanderen.museum",
-	"volkenkunde.museum",
-	"wales.museum",
-	"wallonie.museum",
-	"war.museum",
-	"washingtondc.museum",
-	"watchandclock.museum",
-	"watch-and-clock.museum",
-	"western.museum",
-	"westfalen.museum",
-	"whaling.museum",
-	"wildlife.museum",
-	"williamsburg.museum",
-	"windmill.museum",
-	"workshop.museum",
-	"york.museum",
-	"yorkshire.museum",
-	"yosemite.museum",
-	"youth.museum",
-	"zoological.museum",
-	"zoology.museum",
-	"xn--9dbhblg6di.museum",
-	"xn--h1aegh.museum",
-	"mv",
-	"aero.mv",
-	"biz.mv",
-	"com.mv",
-	"coop.mv",
-	"edu.mv",
-	"gov.mv",
-	"info.mv",
-	"int.mv",
-	"mil.mv",
-	"museum.mv",
-	"name.mv",
-	"net.mv",
-	"org.mv",
-	"pro.mv",
-	"mw",
-	"ac.mw",
-	"biz.mw",
-	"co.mw",
-	"com.mw",
-	"coop.mw",
-	"edu.mw",
-	"gov.mw",
-	"int.mw",
-	"museum.mw",
-	"net.mw",
-	"org.mw",
-	"mx",
-	"com.mx",
-	"org.mx",
-	"gob.mx",
-	"edu.mx",
-	"net.mx",
-	"my",
-	"com.my",
-	"net.my",
-	"org.my",
-	"gov.my",
-	"edu.my",
-	"mil.my",
-	"name.my",
-	"*.mz",
-	"!teledata.mz",
-	"na",
-	"info.na",
-	"pro.na",
-	"name.na",
-	"school.na",
-	"or.na",
-	"dr.na",
-	"us.na",
-	"mx.na",
-	"ca.na",
-	"in.na",
-	"cc.na",
-	"tv.na",
-	"ws.na",
-	"mobi.na",
-	"co.na",
-	"com.na",
-	"org.na",
-	"name",
-	"nc",
-	"asso.nc",
-	"ne",
-	"net",
-	"nf",
-	"com.nf",
-	"net.nf",
-	"per.nf",
-	"rec.nf",
-	"web.nf",
-	"arts.nf",
-	"firm.nf",
-	"info.nf",
-	"other.nf",
-	"store.nf",
-	"ng",
-	"com.ng",
-	"edu.ng",
-	"gov.ng",
-	"i.ng",
-	"mil.ng",
-	"mobi.ng",
-	"name.ng",
-	"net.ng",
-	"org.ng",
-	"sch.ng",
-	"com.ni",
-	"gob.ni",
-	"edu.ni",
-	"org.ni",
-	"nom.ni",
-	"net.ni",
-	"mil.ni",
-	"co.ni",
-	"biz.ni",
-	"web.ni",
-	"int.ni",
-	"ac.ni",
-	"in.ni",
-	"info.ni",
-	"nl",
-	"bv.nl",
-	"no",
-	"fhs.no",
-	"vgs.no",
-	"fylkesbibl.no",
-	"folkebibl.no",
-	"museum.no",
-	"idrett.no",
-	"priv.no",
-	"mil.no",
-	"stat.no",
-	"dep.no",
-	"kommune.no",
-	"herad.no",
-	"aa.no",
-	"ah.no",
-	"bu.no",
-	"fm.no",
-	"hl.no",
-	"hm.no",
-	"jan-mayen.no",
-	"mr.no",
-	"nl.no",
-	"nt.no",
-	"of.no",
-	"ol.no",
-	"oslo.no",
-	"rl.no",
-	"sf.no",
-	"st.no",
-	"svalbard.no",
-	"tm.no",
-	"tr.no",
-	"va.no",
-	"vf.no",
-	"gs.aa.no",
-	"gs.ah.no",
-	"gs.bu.no",
-	"gs.fm.no",
-	"gs.hl.no",
-	"gs.hm.no",
-	"gs.jan-mayen.no",
-	"gs.mr.no",
-	"gs.nl.no",
-	"gs.nt.no",
-	"gs.of.no",
-	"gs.ol.no",
-	"gs.oslo.no",
-	"gs.rl.no",
-	"gs.sf.no",
-	"gs.st.no",
-	"gs.svalbard.no",
-	"gs.tm.no",
-	"gs.tr.no",
-	"gs.va.no",
-	"gs.vf.no",
-	"akrehamn.no",
-	"xn--krehamn-dxa.no",
-	"algard.no",
-	"xn--lgrd-poac.no",
-	"arna.no",
-	"brumunddal.no",
-	"bryne.no",
-	"bronnoysund.no",
-	"xn--brnnysund-m8ac.no",
-	"drobak.no",
-	"xn--drbak-wua.no",
-	"egersund.no",
-	"fetsund.no",
-	"floro.no",
-	"xn--flor-jra.no",
-	"fredrikstad.no",
-	"hokksund.no",
-	"honefoss.no",
-	"xn--hnefoss-q1a.no",
-	"jessheim.no",
-	"jorpeland.no",
-	"xn--jrpeland-54a.no",
-	"kirkenes.no",
-	"kopervik.no",
-	"krokstadelva.no",
-	"langevag.no",
-	"xn--langevg-jxa.no",
-	"leirvik.no",
-	"mjondalen.no",
-	"xn--mjndalen-64a.no",
-	"mo-i-rana.no",
-	"mosjoen.no",
-	"xn--mosjen-eya.no",
-	"nesoddtangen.no",
-	"orkanger.no",
-	"osoyro.no",
-	"xn--osyro-wua.no",
-	"raholt.no",
-	"xn--rholt-mra.no",
-	"sandnessjoen.no",
-	"xn--sandnessjen-ogb.no",
-	"skedsmokorset.no",
-	"slattum.no",
-	"spjelkavik.no",
-	"stathelle.no",
-	"stavern.no",
-	"stjordalshalsen.no",
-	"xn--stjrdalshalsen-sqb.no",
-	"tananger.no",
-	"tranby.no",
-	"vossevangen.no",
-	"afjord.no",
-	"xn--fjord-lra.no",
-	"agdenes.no",
-	"al.no",
-	"xn--l-1fa.no",
-	"alesund.no",
-	"xn--lesund-hua.no",
-	"alstahaug.no",
-	"alta.no",
-	"xn--lt-liac.no",
-	"alaheadju.no",
-	"xn--laheadju-7ya.no",
-	"alvdal.no",
-	"amli.no",
-	"xn--mli-tla.no",
-	"amot.no",
-	"xn--mot-tla.no",
-	"andebu.no",
-	"andoy.no",
-	"xn--andy-ira.no",
-	"andasuolo.no",
-	"ardal.no",
-	"xn--rdal-poa.no",
-	"aremark.no",
-	"arendal.no",
-	"xn--s-1fa.no",
-	"aseral.no",
-	"xn--seral-lra.no",
-	"asker.no",
-	"askim.no",
-	"askvoll.no",
-	"askoy.no",
-	"xn--asky-ira.no",
-	"asnes.no",
-	"xn--snes-poa.no",
-	"audnedaln.no",
-	"aukra.no",
-	"aure.no",
-	"aurland.no",
-	"aurskog-holand.no",
-	"xn--aurskog-hland-jnb.no",
-	"austevoll.no",
-	"austrheim.no",
-	"averoy.no",
-	"xn--avery-yua.no",
-	"balestrand.no",
-	"ballangen.no",
-	"balat.no",
-	"xn--blt-elab.no",
-	"balsfjord.no",
-	"bahccavuotna.no",
-	"xn--bhccavuotna-k7a.no",
-	"bamble.no",
-	"bardu.no",
-	"beardu.no",
-	"beiarn.no",
-	"bajddar.no",
-	"xn--bjddar-pta.no",
-	"baidar.no",
-	"xn--bidr-5nac.no",
-	"berg.no",
-	"bergen.no",
-	"berlevag.no",
-	"xn--berlevg-jxa.no",
-	"bearalvahki.no",
-	"xn--bearalvhki-y4a.no",
-	"bindal.no",
-	"birkenes.no",
-	"bjarkoy.no",
-	"xn--bjarky-fya.no",
-	"bjerkreim.no",
-	"bjugn.no",
-	"bodo.no",
-	"xn--bod-2na.no",
-	"badaddja.no",
-	"xn--bdddj-mrabd.no",
-	"budejju.no",
-	"bokn.no",
-	"bremanger.no",
-	"bronnoy.no",
-	"xn--brnny-wuac.no",
-	"bygland.no",
-	"bykle.no",
-	"barum.no",
-	"xn--brum-voa.no",
-	"bo.telemark.no",
-	"xn--b-5ga.telemark.no",
-	"bo.nordland.no",
-	"xn--b-5ga.nordland.no",
-	"bievat.no",
-	"xn--bievt-0qa.no",
-	"bomlo.no",
-	"xn--bmlo-gra.no",
-	"batsfjord.no",
-	"xn--btsfjord-9za.no",
-	"bahcavuotna.no",
-	"xn--bhcavuotna-s4a.no",
-	"dovre.no",
-	"drammen.no",
-	"drangedal.no",
-	"dyroy.no",
-	"xn--dyry-ira.no",
-	"donna.no",
-	"xn--dnna-gra.no",
-	"eid.no",
-	"eidfjord.no",
-	"eidsberg.no",
-	"eidskog.no",
-	"eidsvoll.no",
-	"eigersund.no",
-	"elverum.no",
-	"enebakk.no",
-	"engerdal.no",
-	"etne.no",
-	"etnedal.no",
-	"evenes.no",
-	"evenassi.no",
-	"xn--eveni-0qa01ga.no",
-	"evje-og-hornnes.no",
-	"farsund.no",
-	"fauske.no",
-	"fuossko.no",
-	"fuoisku.no",
-	"fedje.no",
-	"fet.no",
-	"finnoy.no",
-	"xn--finny-yua.no",
-	"fitjar.no",
-	"fjaler.no",
-	"fjell.no",
-	"flakstad.no",
-	"flatanger.no",
-	"flekkefjord.no",
-	"flesberg.no",
-	"flora.no",
-	"fla.no",
-	"xn--fl-zia.no",
-	"folldal.no",
-	"forsand.no",
-	"fosnes.no",
-	"frei.no",
-	"frogn.no",
-	"froland.no",
-	"frosta.no",
-	"frana.no",
-	"xn--frna-woa.no",
-	"froya.no",
-	"xn--frya-hra.no",
-	"fusa.no",
-	"fyresdal.no",
-	"forde.no",
-	"xn--frde-gra.no",
-	"gamvik.no",
-	"gangaviika.no",
-	"xn--ggaviika-8ya47h.no",
-	"gaular.no",
-	"gausdal.no",
-	"gildeskal.no",
-	"xn--gildeskl-g0a.no",
-	"giske.no",
-	"gjemnes.no",
-	"gjerdrum.no",
-	"gjerstad.no",
-	"gjesdal.no",
-	"gjovik.no",
-	"xn--gjvik-wua.no",
-	"gloppen.no",
-	"gol.no",
-	"gran.no",
-	"grane.no",
-	"granvin.no",
-	"gratangen.no",
-	"grimstad.no",
-	"grong.no",
-	"kraanghke.no",
-	"xn--kranghke-b0a.no",
-	"grue.no",
-	"gulen.no",
-	"hadsel.no",
-	"halden.no",
-	"halsa.no",
-	"hamar.no",
-	"hamaroy.no",
-	"habmer.no",
-	"xn--hbmer-xqa.no",
-	"hapmir.no",
-	"xn--hpmir-xqa.no",
-	"hammerfest.no",
-	"hammarfeasta.no",
-	"xn--hmmrfeasta-s4ac.no",
-	"haram.no",
-	"hareid.no",
-	"harstad.no",
-	"hasvik.no",
-	"aknoluokta.no",
-	"xn--koluokta-7ya57h.no",
-	"hattfjelldal.no",
-	"aarborte.no",
-	"haugesund.no",
-	"hemne.no",
-	"hemnes.no",
-	"hemsedal.no",
-	"heroy.more-og-romsdal.no",
-	"xn--hery-ira.xn--mre-og-romsdal-qqb.no",
-	"heroy.nordland.no",
-	"xn--hery-ira.nordland.no",
-	"hitra.no",
-	"hjartdal.no",
-	"hjelmeland.no",
-	"hobol.no",
-	"xn--hobl-ira.no",
-	"hof.no",
-	"hol.no",
-	"hole.no",
-	"holmestrand.no",
-	"holtalen.no",
-	"xn--holtlen-hxa.no",
-	"hornindal.no",
-	"horten.no",
-	"hurdal.no",
-	"hurum.no",
-	"hvaler.no",
-	"hyllestad.no",
-	"hagebostad.no",
-	"xn--hgebostad-g3a.no",
-	"hoyanger.no",
-	"xn--hyanger-q1a.no",
-	"hoylandet.no",
-	"xn--hylandet-54a.no",
-	"ha.no",
-	"xn--h-2fa.no",
-	"ibestad.no",
-	"inderoy.no",
-	"xn--indery-fya.no",
-	"iveland.no",
-	"jevnaker.no",
-	"jondal.no",
-	"jolster.no",
-	"xn--jlster-bya.no",
-	"karasjok.no",
-	"karasjohka.no",
-	"xn--krjohka-hwab49j.no",
-	"karlsoy.no",
-	"galsa.no",
-	"xn--gls-elac.no",
-	"karmoy.no",
-	"xn--karmy-yua.no",
-	"kautokeino.no",
-	"guovdageaidnu.no",
-	"klepp.no",
-	"klabu.no",
-	"xn--klbu-woa.no",
-	"kongsberg.no",
-	"kongsvinger.no",
-	"kragero.no",
-	"xn--krager-gya.no",
-	"kristiansand.no",
-	"kristiansund.no",
-	"krodsherad.no",
-	"xn--krdsherad-m8a.no",
-	"kvalsund.no",
-	"rahkkeravju.no",
-	"xn--rhkkervju-01af.no",
-	"kvam.no",
-	"kvinesdal.no",
-	"kvinnherad.no",
-	"kviteseid.no",
-	"kvitsoy.no",
-	"xn--kvitsy-fya.no",
-	"kvafjord.no",
-	"xn--kvfjord-nxa.no",
-	"giehtavuoatna.no",
-	"kvanangen.no",
-	"xn--kvnangen-k0a.no",
-	"navuotna.no",
-	"xn--nvuotna-hwa.no",
-	"kafjord.no",
-	"xn--kfjord-iua.no",
-	"gaivuotna.no",
-	"xn--givuotna-8ya.no",
-	"larvik.no",
-	"lavangen.no",
-	"lavagis.no",
-	"loabat.no",
-	"xn--loabt-0qa.no",
-	"lebesby.no",
-	"davvesiida.no",
-	"leikanger.no",
-	"leirfjord.no",
-	"leka.no",
-	"leksvik.no",
-	"lenvik.no",
-	"leangaviika.no",
-	"xn--leagaviika-52b.no",
-	"lesja.no",
-	"levanger.no",
-	"lier.no",
-	"lierne.no",
-	"lillehammer.no",
-	"lillesand.no",
-	"lindesnes.no",
-	"lindas.no",
-	"xn--linds-pra.no",
-	"lom.no",
-	"loppa.no",
-	"lahppi.no",
-	"xn--lhppi-xqa.no",
-	"lund.no",
-	"lunner.no",
-	"luroy.no",
-	"xn--lury-ira.no",
-	"luster.no",
-	"lyngdal.no",
-	"lyngen.no",
-	"ivgu.no",
-	"lardal.no",
-	"lerdal.no",
-	"xn--lrdal-sra.no",
-	"lodingen.no",
-	"xn--ldingen-q1a.no",
-	"lorenskog.no",
-	"xn--lrenskog-54a.no",
-	"loten.no",
-	"xn--lten-gra.no",
-	"malvik.no",
-	"masoy.no",
-	"xn--msy-ula0h.no",
-	"muosat.no",
-	"xn--muost-0qa.no",
-	"mandal.no",
-	"marker.no",
-	"marnardal.no",
-	"masfjorden.no",
-	"meland.no",
-	"meldal.no",
-	"melhus.no",
-	"meloy.no",
-	"xn--mely-ira.no",
-	"meraker.no",
-	"xn--merker-kua.no",
-	"moareke.no",
-	"xn--moreke-jua.no",
-	"midsund.no",
-	"midtre-gauldal.no",
-	"modalen.no",
-	"modum.no",
-	"molde.no",
-	"moskenes.no",
-	"moss.no",
-	"mosvik.no",
-	"malselv.no",
-	"xn--mlselv-iua.no",
-	"malatvuopmi.no",
-	"xn--mlatvuopmi-s4a.no",
-	"namdalseid.no",
-	"aejrie.no",
-	"namsos.no",
-	"namsskogan.no",
-	"naamesjevuemie.no",
-	"xn--nmesjevuemie-tcba.no",
-	"laakesvuemie.no",
-	"nannestad.no",
-	"narvik.no",
-	"narviika.no",
-	"naustdal.no",
-	"nedre-eiker.no",
-	"nes.akershus.no",
-	"nes.buskerud.no",
-	"nesna.no",
-	"nesodden.no",
-	"nesseby.no",
-	"unjarga.no",
-	"xn--unjrga-rta.no",
-	"nesset.no",
-	"nissedal.no",
-	"nittedal.no",
-	"nord-aurdal.no",
-	"nord-fron.no",
-	"nord-odal.no",
-	"norddal.no",
-	"nordkapp.no",
-	"davvenjarga.no",
-	"xn--davvenjrga-y4a.no",
-	"nordre-land.no",
-	"nordreisa.no",
-	"raisa.no",
-	"xn--risa-5na.no",
-	"nore-og-uvdal.no",
-	"notodden.no",
-	"naroy.no",
-	"xn--nry-yla5g.no",
-	"notteroy.no",
-	"xn--nttery-byae.no",
-	"odda.no",
-	"oksnes.no",
-	"xn--ksnes-uua.no",
-	"oppdal.no",
-	"oppegard.no",
-	"xn--oppegrd-ixa.no",
-	"orkdal.no",
-	"orland.no",
-	"xn--rland-uua.no",
-	"orskog.no",
-	"xn--rskog-uua.no",
-	"orsta.no",
-	"xn--rsta-fra.no",
-	"os.hedmark.no",
-	"os.hordaland.no",
-	"osen.no",
-	"osteroy.no",
-	"xn--ostery-fya.no",
-	"ostre-toten.no",
-	"xn--stre-toten-zcb.no",
-	"overhalla.no",
-	"ovre-eiker.no",
-	"xn--vre-eiker-k8a.no",
-	"oyer.no",
-	"xn--yer-zna.no",
-	"oygarden.no",
-	"xn--ygarden-p1a.no",
-	"oystre-slidre.no",
-	"xn--ystre-slidre-ujb.no",
-	"porsanger.no",
-	"porsangu.no",
-	"xn--porsgu-sta26f.no",
-	"porsgrunn.no",
-	"radoy.no",
-	"xn--rady-ira.no",
-	"rakkestad.no",
-	"rana.no",
-	"ruovat.no",
-	"randaberg.no",
-	"rauma.no",
-	"rendalen.no",
-	"rennebu.no",
-	"rennesoy.no",
-	"xn--rennesy-v1a.no",
-	"rindal.no",
-	"ringebu.no",
-	"ringerike.no",
-	"ringsaker.no",
-	"rissa.no",
-	"risor.no",
-	"xn--risr-ira.no",
-	"roan.no",
-	"rollag.no",
-	"rygge.no",
-	"ralingen.no",
-	"xn--rlingen-mxa.no",
-	"rodoy.no",
-	"xn--rdy-0nab.no",
-	"romskog.no",
-	"xn--rmskog-bya.no",
-	"roros.no",
-	"xn--rros-gra.no",
-	"rost.no",
-	"xn--rst-0na.no",
-	"royken.no",
-	"xn--ryken-vua.no",
-	"royrvik.no",
-	"xn--ryrvik-bya.no",
-	"rade.no",
-	"xn--rde-ula.no",
-	"salangen.no",
-	"siellak.no",
-	"saltdal.no",
-	"salat.no",
-	"xn--slt-elab.no",
-	"xn--slat-5na.no",
-	"samnanger.no",
-	"sande.more-og-romsdal.no",
-	"sande.xn--mre-og-romsdal-qqb.no",
-	"sande.vestfold.no",
-	"sandefjord.no",
-	"sandnes.no",
-	"sandoy.no",
-	"xn--sandy-yua.no",
-	"sarpsborg.no",
-	"sauda.no",
-	"sauherad.no",
-	"sel.no",
-	"selbu.no",
-	"selje.no",
-	"seljord.no",
-	"sigdal.no",
-	"siljan.no",
-	"sirdal.no",
-	"skaun.no",
-	"skedsmo.no",
-	"ski.no",
-	"skien.no",
-	"skiptvet.no",
-	"skjervoy.no",
-	"xn--skjervy-v1a.no",
-	"skierva.no",
-	"xn--skierv-uta.no",
-	"skjak.no",
-	"xn--skjk-soa.no",
-	"skodje.no",
-	"skanland.no",
-	"xn--sknland-fxa.no",
-	"skanit.no",
-	"xn--sknit-yqa.no",
-	"smola.no",
-	"xn--smla-hra.no",
-	"snillfjord.no",
-	"snasa.no",
-	"xn--snsa-roa.no",
-	"snoasa.no",
-	"snaase.no",
-	"xn--snase-nra.no",
-	"sogndal.no",
-	"sokndal.no",
-	"sola.no",
-	"solund.no",
-	"songdalen.no",
-	"sortland.no",
-	"spydeberg.no",
-	"stange.no",
-	"stavanger.no",
-	"steigen.no",
-	"steinkjer.no",
-	"stjordal.no",
-	"xn--stjrdal-s1a.no",
-	"stokke.no",
-	"stor-elvdal.no",
-	"stord.no",
-	"stordal.no",
-	"storfjord.no",
-	"omasvuotna.no",
-	"strand.no",
-	"stranda.no",
-	"stryn.no",
-	"sula.no",
-	"suldal.no",
-	"sund.no",
-	"sunndal.no",
-	"surnadal.no",
-	"sveio.no",
-	"svelvik.no",
-	"sykkylven.no",
-	"sogne.no",
-	"xn--sgne-gra.no",
-	"somna.no",
-	"xn--smna-gra.no",
-	"sondre-land.no",
-	"xn--sndre-land-0cb.no",
-	"sor-aurdal.no",
-	"xn--sr-aurdal-l8a.no",
-	"sor-fron.no",
-	"xn--sr-fron-q1a.no",
-	"sor-odal.no",
-	"xn--sr-odal-q1a.no",
-	"sor-varanger.no",
-	"xn--sr-varanger-ggb.no",
-	"matta-varjjat.no",
-	"xn--mtta-vrjjat-k7af.no",
-	"sorfold.no",
-	"xn--srfold-bya.no",
-	"sorreisa.no",
-	"xn--srreisa-q1a.no",
-	"sorum.no",
-	"xn--srum-gra.no",
-	"tana.no",
-	"deatnu.no",
-	"time.no",
-	"tingvoll.no",
-	"tinn.no",
-	"tjeldsund.no",
-	"dielddanuorri.no",
-	"tjome.no",
-	"xn--tjme-hra.no",
-	"tokke.no",
-	"tolga.no",
-	"torsken.no",
-	"tranoy.no",
-	"xn--trany-yua.no",
-	"tromso.no",
-	"xn--troms-zua.no",
-	"tromsa.no",
-	"romsa.no",
-	"trondheim.no",
-	"troandin.no",
-	"trysil.no",
-	"trana.no",
-	"xn--trna-woa.no",
-	"trogstad.no",
-	"xn--trgstad-r1a.no",
-	"tvedestrand.no",
-	"tydal.no",
-	"tynset.no",
-	"tysfjord.no",
-	"divtasvuodna.no",
-	"divttasvuotna.no",
-	"tysnes.no",
-	"tysvar.no",
-	"xn--tysvr-vra.no",
-	"tonsberg.no",
-	"xn--tnsberg-q1a.no",
-	"ullensaker.no",
-	"ullensvang.no",
-	"ulvik.no",
-	"utsira.no",
-	"vadso.no",
-	"xn--vads-jra.no",
-	"cahcesuolo.no",
-	"xn--hcesuolo-7ya35b.no",
-	"vaksdal.no",
-	"valle.no",
-	"vang.no",
-	"vanylven.no",
-	"vardo.no",
-	"xn--vard-jra.no",
-	"varggat.no",
-	"xn--vrggt-xqad.no",
-	"vefsn.no",
-	"vaapste.no",
-	"vega.no",
-	"vegarshei.no",
-	"xn--vegrshei-c0a.no",
-	"vennesla.no",
-	"verdal.no",
-	"verran.no",
-	"vestby.no",
-	"vestnes.no",
-	"vestre-slidre.no",
-	"vestre-toten.no",
-	"vestvagoy.no",
-	"xn--vestvgy-ixa6o.no",
-	"vevelstad.no",
-	"vik.no",
-	"vikna.no",
-	"vindafjord.no",
-	"volda.no",
-	"voss.no",
-	"varoy.no",
-	"xn--vry-yla5g.no",
-	"vagan.no",
-	"xn--vgan-qoa.no",
-	"voagat.no",
-	"vagsoy.no",
-	"xn--vgsy-qoa0j.no",
-	"vaga.no",
-	"xn--vg-yiab.no",
-	"valer.ostfold.no",
-	"xn--vler-qoa.xn--stfold-9xa.no",
-	"valer.hedmark.no",
-	"xn--vler-qoa.hedmark.no",
-	"*.np",
-	"nr",
-	"biz.nr",
-	"info.nr",
-	"gov.nr",
-	"edu.nr",
-	"org.nr",
-	"net.nr",
-	"com.nr",
-	"nu",
-	"nz",
-	"ac.nz",
-	"co.nz",
-	"cri.nz",
-	"geek.nz",
-	"gen.nz",
-	"govt.nz",
-	"health.nz",
-	"iwi.nz",
-	"kiwi.nz",
-	"maori.nz",
-	"mil.nz",
-	"xn--mori-qsa.nz",
-	"net.nz",
-	"org.nz",
-	"parliament.nz",
-	"school.nz",
-	"om",
-	"co.om",
-	"com.om",
-	"edu.om",
-	"gov.om",
-	"med.om",
-	"museum.om",
-	"net.om",
-	"org.om",
-	"pro.om",
-	"org",
-	"pa",
-	"ac.pa",
-	"gob.pa",
-	"com.pa",
-	"org.pa",
-	"sld.pa",
-	"edu.pa",
-	"net.pa",
-	"ing.pa",
-	"abo.pa",
-	"med.pa",
-	"nom.pa",
-	"pe",
-	"edu.pe",
-	"gob.pe",
-	"nom.pe",
-	"mil.pe",
-	"org.pe",
-	"com.pe",
-	"net.pe",
-	"pf",
-	"com.pf",
-	"org.pf",
-	"edu.pf",
-	"*.pg",
-	"ph",
-	"com.ph",
-	"net.ph",
-	"org.ph",
-	"gov.ph",
-	"edu.ph",
-	"ngo.ph",
-	"mil.ph",
-	"i.ph",
-	"pk",
-	"com.pk",
-	"net.pk",
-	"edu.pk",
-	"org.pk",
-	"fam.pk",
-	"biz.pk",
-	"web.pk",
-	"gov.pk",
-	"gob.pk",
-	"gok.pk",
-	"gon.pk",
-	"gop.pk",
-	"gos.pk",
-	"info.pk",
-	"pl",
-	"com.pl",
-	"net.pl",
-	"org.pl",
-	"aid.pl",
-	"agro.pl",
-	"atm.pl",
-	"auto.pl",
-	"biz.pl",
-	"edu.pl",
-	"gmina.pl",
-	"gsm.pl",
-	"info.pl",
-	"mail.pl",
-	"miasta.pl",
-	"media.pl",
-	"mil.pl",
-	"nieruchomosci.pl",
-	"nom.pl",
-	"pc.pl",
-	"powiat.pl",
-	"priv.pl",
-	"realestate.pl",
-	"rel.pl",
-	"sex.pl",
-	"shop.pl",
-	"sklep.pl",
-	"sos.pl",
-	"szkola.pl",
-	"targi.pl",
-	"tm.pl",
-	"tourism.pl",
-	"travel.pl",
-	"turystyka.pl",
-	"gov.pl",
-	"ap.gov.pl",
-	"ic.gov.pl",
-	"is.gov.pl",
-	"us.gov.pl",
-	"kmpsp.gov.pl",
-	"kppsp.gov.pl",
-	"kwpsp.gov.pl",
-	"psp.gov.pl",
-	"wskr.gov.pl",
-	"kwp.gov.pl",
-	"mw.gov.pl",
-	"ug.gov.pl",
-	"um.gov.pl",
-	"umig.gov.pl",
-	"ugim.gov.pl",
-	"upow.gov.pl",
-	"uw.gov.pl",
-	"starostwo.gov.pl",
-	"pa.gov.pl",
-	"po.gov.pl",
-	"psse.gov.pl",
-	"pup.gov.pl",
-	"rzgw.gov.pl",
-	"sa.gov.pl",
-	"so.gov.pl",
-	"sr.gov.pl",
-	"wsa.gov.pl",
-	"sko.gov.pl",
-	"uzs.gov.pl",
-	"wiih.gov.pl",
-	"winb.gov.pl",
-	"pinb.gov.pl",
-	"wios.gov.pl",
-	"witd.gov.pl",
-	"wzmiuw.gov.pl",
-	"piw.gov.pl",
-	"wiw.gov.pl",
-	"griw.gov.pl",
-	"wif.gov.pl",
-	"oum.gov.pl",
-	"sdn.gov.pl",
-	"zp.gov.pl",
-	"uppo.gov.pl",
-	"mup.gov.pl",
-	"wuoz.gov.pl",
-	"konsulat.gov.pl",
-	"oirm.gov.pl",
-	"augustow.pl",
-	"babia-gora.pl",
-	"bedzin.pl",
-	"beskidy.pl",
-	"bialowieza.pl",
-	"bialystok.pl",
-	"bielawa.pl",
-	"bieszczady.pl",
-	"boleslawiec.pl",
-	"bydgoszcz.pl",
-	"bytom.pl",
-	"cieszyn.pl",
-	"czeladz.pl",
-	"czest.pl",
-	"dlugoleka.pl",
-	"elblag.pl",
-	"elk.pl",
-	"glogow.pl",
-	"gniezno.pl",
-	"gorlice.pl",
-	"grajewo.pl",
-	"ilawa.pl",
-	"jaworzno.pl",
-	"jelenia-gora.pl",
-	"jgora.pl",
-	"kalisz.pl",
-	"kazimierz-dolny.pl",
-	"karpacz.pl",
-	"kartuzy.pl",
-	"kaszuby.pl",
-	"katowice.pl",
-	"kepno.pl",
-	"ketrzyn.pl",
-	"klodzko.pl",
-	"kobierzyce.pl",
-	"kolobrzeg.pl",
-	"konin.pl",
-	"konskowola.pl",
-	"kutno.pl",
-	"lapy.pl",
-	"lebork.pl",
-	"legnica.pl",
-	"lezajsk.pl",
-	"limanowa.pl",
-	"lomza.pl",
-	"lowicz.pl",
-	"lubin.pl",
-	"lukow.pl",
-	"malbork.pl",
-	"malopolska.pl",
-	"mazowsze.pl",
-	"mazury.pl",
-	"mielec.pl",
-	"mielno.pl",
-	"mragowo.pl",
-	"naklo.pl",
-	"nowaruda.pl",
-	"nysa.pl",
-	"olawa.pl",
-	"olecko.pl",
-	"olkusz.pl",
-	"olsztyn.pl",
-	"opoczno.pl",
-	"opole.pl",
-	"ostroda.pl",
-	"ostroleka.pl",
-	"ostrowiec.pl",
-	"ostrowwlkp.pl",
-	"pila.pl",
-	"pisz.pl",
-	"podhale.pl",
-	"podlasie.pl",
-	"polkowice.pl",
-	"pomorze.pl",
-	"pomorskie.pl",
-	"prochowice.pl",
-	"pruszkow.pl",
-	"przeworsk.pl",
-	"pulawy.pl",
-	"radom.pl",
-	"rawa-maz.pl",
-	"rybnik.pl",
-	"rzeszow.pl",
-	"sanok.pl",
-	"sejny.pl",
-	"slask.pl",
-	"slupsk.pl",
-	"sosnowiec.pl",
-	"stalowa-wola.pl",
-	"skoczow.pl",
-	"starachowice.pl",
-	"stargard.pl",
-	"suwalki.pl",
-	"swidnica.pl",
-	"swiebodzin.pl",
-	"swinoujscie.pl",
-	"szczecin.pl",
-	"szczytno.pl",
-	"tarnobrzeg.pl",
-	"tgory.pl",
-	"turek.pl",
-	"tychy.pl",
-	"ustka.pl",
-	"walbrzych.pl",
-	"warmia.pl",
-	"warszawa.pl",
-	"waw.pl",
-	"wegrow.pl",
-	"wielun.pl",
-	"wlocl.pl",
-	"wloclawek.pl",
-	"wodzislaw.pl",
-	"wolomin.pl",
-	"wroclaw.pl",
-	"zachpomor.pl",
-	"zagan.pl",
-	"zarow.pl",
-	"zgora.pl",
-	"zgorzelec.pl",
-	"pm",
-	"pn",
-	"gov.pn",
-	"co.pn",
-	"org.pn",
-	"edu.pn",
-	"net.pn",
-	"post",
-	"pr",
-	"com.pr",
-	"net.pr",
-	"org.pr",
-	"gov.pr",
-	"edu.pr",
-	"isla.pr",
-	"pro.pr",
-	"biz.pr",
-	"info.pr",
-	"name.pr",
-	"est.pr",
-	"prof.pr",
-	"ac.pr",
-	"pro",
-	"aaa.pro",
-	"aca.pro",
-	"acct.pro",
-	"avocat.pro",
-	"bar.pro",
-	"cpa.pro",
-	"eng.pro",
-	"jur.pro",
-	"law.pro",
-	"med.pro",
-	"recht.pro",
-	"ps",
-	"edu.ps",
-	"gov.ps",
-	"sec.ps",
-	"plo.ps",
-	"com.ps",
-	"org.ps",
-	"net.ps",
-	"pt",
-	"net.pt",
-	"gov.pt",
-	"org.pt",
-	"edu.pt",
-	"int.pt",
-	"publ.pt",
-	"com.pt",
-	"nome.pt",
-	"pw",
-	"co.pw",
-	"ne.pw",
-	"or.pw",
-	"ed.pw",
-	"go.pw",
-	"belau.pw",
-	"py",
-	"com.py",
-	"coop.py",
-	"edu.py",
-	"gov.py",
-	"mil.py",
-	"net.py",
-	"org.py",
-	"qa",
-	"com.qa",
-	"edu.qa",
-	"gov.qa",
-	"mil.qa",
-	"name.qa",
-	"net.qa",
-	"org.qa",
-	"sch.qa",
-	"re",
-	"asso.re",
-	"com.re",
-	"nom.re",
-	"ro",
-	"arts.ro",
-	"com.ro",
-	"firm.ro",
-	"info.ro",
-	"nom.ro",
-	"nt.ro",
-	"org.ro",
-	"rec.ro",
-	"store.ro",
-	"tm.ro",
-	"www.ro",
-	"rs",
-	"ac.rs",
-	"co.rs",
-	"edu.rs",
-	"gov.rs",
-	"in.rs",
-	"org.rs",
-	"ru",
-	"ac.ru",
-	"com.ru",
-	"edu.ru",
-	"int.ru",
-	"net.ru",
-	"org.ru",
-	"pp.ru",
-	"adygeya.ru",
-	"altai.ru",
-	"amur.ru",
-	"arkhangelsk.ru",
-	"astrakhan.ru",
-	"bashkiria.ru",
-	"belgorod.ru",
-	"bir.ru",
-	"bryansk.ru",
-	"buryatia.ru",
-	"cbg.ru",
-	"chel.ru",
-	"chelyabinsk.ru",
-	"chita.ru",
-	"chukotka.ru",
-	"chuvashia.ru",
-	"dagestan.ru",
-	"dudinka.ru",
-	"e-burg.ru",
-	"grozny.ru",
-	"irkutsk.ru",
-	"ivanovo.ru",
-	"izhevsk.ru",
-	"jar.ru",
-	"joshkar-ola.ru",
-	"kalmykia.ru",
-	"kaluga.ru",
-	"kamchatka.ru",
-	"karelia.ru",
-	"kazan.ru",
-	"kchr.ru",
-	"kemerovo.ru",
-	"khabarovsk.ru",
-	"khakassia.ru",
-	"khv.ru",
-	"kirov.ru",
-	"koenig.ru",
-	"komi.ru",
-	"kostroma.ru",
-	"krasnoyarsk.ru",
-	"kuban.ru",
-	"kurgan.ru",
-	"kursk.ru",
-	"lipetsk.ru",
-	"magadan.ru",
-	"mari.ru",
-	"mari-el.ru",
-	"marine.ru",
-	"mordovia.ru",
-	"msk.ru",
-	"murmansk.ru",
-	"nalchik.ru",
-	"nnov.ru",
-	"nov.ru",
-	"novosibirsk.ru",
-	"nsk.ru",
-	"omsk.ru",
-	"orenburg.ru",
-	"oryol.ru",
-	"palana.ru",
-	"penza.ru",
-	"perm.ru",
-	"ptz.ru",
-	"rnd.ru",
-	"ryazan.ru",
-	"sakhalin.ru",
-	"samara.ru",
-	"saratov.ru",
-	"simbirsk.ru",
-	"smolensk.ru",
-	"spb.ru",
-	"stavropol.ru",
-	"stv.ru",
-	"surgut.ru",
-	"tambov.ru",
-	"tatarstan.ru",
-	"tom.ru",
-	"tomsk.ru",
-	"tsaritsyn.ru",
-	"tsk.ru",
-	"tula.ru",
-	"tuva.ru",
-	"tver.ru",
-	"tyumen.ru",
-	"udm.ru",
-	"udmurtia.ru",
-	"ulan-ude.ru",
-	"vladikavkaz.ru",
-	"vladimir.ru",
-	"vladivostok.ru",
-	"volgograd.ru",
-	"vologda.ru",
-	"voronezh.ru",
-	"vrn.ru",
-	"vyatka.ru",
-	"yakutia.ru",
-	"yamal.ru",
-	"yaroslavl.ru",
-	"yekaterinburg.ru",
-	"yuzhno-sakhalinsk.ru",
-	"amursk.ru",
-	"baikal.ru",
-	"cmw.ru",
-	"fareast.ru",
-	"jamal.ru",
-	"kms.ru",
-	"k-uralsk.ru",
-	"kustanai.ru",
-	"kuzbass.ru",
-	"mytis.ru",
-	"nakhodka.ru",
-	"nkz.ru",
-	"norilsk.ru",
-	"oskol.ru",
-	"pyatigorsk.ru",
-	"rubtsovsk.ru",
-	"snz.ru",
-	"syzran.ru",
-	"vdonsk.ru",
-	"zgrad.ru",
-	"gov.ru",
-	"mil.ru",
-	"test.ru",
-	"rw",
-	"gov.rw",
-	"net.rw",
-	"edu.rw",
-	"ac.rw",
-	"com.rw",
-	"co.rw",
-	"int.rw",
-	"mil.rw",
-	"gouv.rw",
-	"sa",
-	"com.sa",
-	"net.sa",
-	"org.sa",
-	"gov.sa",
-	"med.sa",
-	"pub.sa",
-	"edu.sa",
-	"sch.sa",
-	"sb",
-	"com.sb",
-	"edu.sb",
-	"gov.sb",
-	"net.sb",
-	"org.sb",
-	"sc",
-	"com.sc",
-	"gov.sc",
-	"net.sc",
-	"org.sc",
-	"edu.sc",
-	"sd",
-	"com.sd",
-	"net.sd",
-	"org.sd",
-	"edu.sd",
-	"med.sd",
-	"tv.sd",
-	"gov.sd",
-	"info.sd",
-	"se",
-	"a.se",
-	"ac.se",
-	"b.se",
-	"bd.se",
-	"brand.se",
-	"c.se",
-	"d.se",
-	"e.se",
-	"f.se",
-	"fh.se",
-	"fhsk.se",
-	"fhv.se",
-	"g.se",
-	"h.se",
-	"i.se",
-	"k.se",
-	"komforb.se",
-	"kommunalforbund.se",
-	"komvux.se",
-	"l.se",
-	"lanbib.se",
-	"m.se",
-	"n.se",
-	"naturbruksgymn.se",
-	"o.se",
-	"org.se",
-	"p.se",
-	"parti.se",
-	"pp.se",
-	"press.se",
-	"r.se",
-	"s.se",
-	"t.se",
-	"tm.se",
-	"u.se",
-	"w.se",
-	"x.se",
-	"y.se",
-	"z.se",
-	"sg",
-	"com.sg",
-	"net.sg",
-	"org.sg",
-	"gov.sg",
-	"edu.sg",
-	"per.sg",
-	"sh",
-	"com.sh",
-	"net.sh",
-	"gov.sh",
-	"org.sh",
-	"mil.sh",
-	"si",
-	"sj",
-	"sk",
-	"sl",
-	"com.sl",
-	"net.sl",
-	"edu.sl",
-	"gov.sl",
-	"org.sl",
-	"sm",
-	"sn",
-	"art.sn",
-	"com.sn",
-	"edu.sn",
-	"gouv.sn",
-	"org.sn",
-	"perso.sn",
-	"univ.sn",
-	"so",
-	"com.so",
-	"net.so",
-	"org.so",
-	"sr",
-	"st",
-	"co.st",
-	"com.st",
-	"consulado.st",
-	"edu.st",
-	"embaixada.st",
-	"gov.st",
-	"mil.st",
-	"net.st",
-	"org.st",
-	"principe.st",
-	"saotome.st",
-	"store.st",
-	"su",
-	"adygeya.su",
-	"arkhangelsk.su",
-	"balashov.su",
-	"bashkiria.su",
-	"bryansk.su",
-	"dagestan.su",
-	"grozny.su",
-	"ivanovo.su",
-	"kalmykia.su",
-	"kaluga.su",
-	"karelia.su",
-	"khakassia.su",
-	"krasnodar.su",
-	"kurgan.su",
-	"lenug.su",
-	"mordovia.su",
-	"msk.su",
-	"murmansk.su",
-	"nalchik.su",
-	"nov.su",
-	"obninsk.su",
-	"penza.su",
-	"pokrovsk.su",
-	"sochi.su",
-	"spb.su",
-	"togliatti.su",
-	"troitsk.su",
-	"tula.su",
-	"tuva.su",
-	"vladikavkaz.su",
-	"vladimir.su",
-	"vologda.su",
-	"sv",
-	"com.sv",
-	"edu.sv",
-	"gob.sv",
-	"org.sv",
-	"red.sv",
-	"sx",
-	"gov.sx",
-	"sy",
-	"edu.sy",
-	"gov.sy",
-	"net.sy",
-	"mil.sy",
-	"com.sy",
-	"org.sy",
-	"sz",
-	"co.sz",
-	"ac.sz",
-	"org.sz",
-	"tc",
-	"td",
-	"tel",
-	"tf",
-	"tg",
-	"th",
-	"ac.th",
-	"co.th",
-	"go.th",
-	"in.th",
-	"mi.th",
-	"net.th",
-	"or.th",
-	"tj",
-	"ac.tj",
-	"biz.tj",
-	"co.tj",
-	"com.tj",
-	"edu.tj",
-	"go.tj",
-	"gov.tj",
-	"int.tj",
-	"mil.tj",
-	"name.tj",
-	"net.tj",
-	"nic.tj",
-	"org.tj",
-	"test.tj",
-	"web.tj",
-	"tk",
-	"tl",
-	"gov.tl",
-	"tm",
-	"com.tm",
-	"co.tm",
-	"org.tm",
-	"net.tm",
-	"nom.tm",
-	"gov.tm",
-	"mil.tm",
-	"edu.tm",
-	"tn",
-	"com.tn",
-	"ens.tn",
-	"fin.tn",
-	"gov.tn",
-	"ind.tn",
-	"intl.tn",
-	"nat.tn",
-	"net.tn",
-	"org.tn",
-	"info.tn",
-	"perso.tn",
-	"tourism.tn",
-	"edunet.tn",
-	"rnrt.tn",
-	"rns.tn",
-	"rnu.tn",
-	"mincom.tn",
-	"agrinet.tn",
-	"defense.tn",
-	"turen.tn",
-	"to",
-	"com.to",
-	"gov.to",
-	"net.to",
-	"org.to",
-	"edu.to",
-	"mil.to",
-	"tr",
-	"com.tr",
-	"info.tr",
-	"biz.tr",
-	"net.tr",
-	"org.tr",
-	"web.tr",
-	"gen.tr",
-	"tv.tr",
-	"av.tr",
-	"dr.tr",
-	"bbs.tr",
-	"name.tr",
-	"tel.tr",
-	"gov.tr",
-	"bel.tr",
-	"pol.tr",
-	"mil.tr",
-	"k12.tr",
-	"edu.tr",
-	"kep.tr",
-	"nc.tr",
-	"gov.nc.tr",
-	"travel",
-	"tt",
-	"co.tt",
-	"com.tt",
-	"org.tt",
-	"net.tt",
-	"biz.tt",
-	"info.tt",
-	"pro.tt",
-	"int.tt",
-	"coop.tt",
-	"jobs.tt",
-	"mobi.tt",
-	"travel.tt",
-	"museum.tt",
-	"aero.tt",
-	"name.tt",
-	"gov.tt",
-	"edu.tt",
-	"tv",
-	"tw",
-	"edu.tw",
-	"gov.tw",
-	"mil.tw",
-	"com.tw",
-	"net.tw",
-	"org.tw",
-	"idv.tw",
-	"game.tw",
-	"ebiz.tw",
-	"club.tw",
-	"xn--zf0ao64a.tw",
-	"xn--uc0atv.tw",
-	"xn--czrw28b.tw",
-	"tz",
-	"ac.tz",
-	"co.tz",
-	"go.tz",
-	"hotel.tz",
-	"info.tz",
-	"me.tz",
-	"mil.tz",
-	"mobi.tz",
-	"ne.tz",
-	"or.tz",
-	"sc.tz",
-	"tv.tz",
-	"ua",
-	"com.ua",
-	"edu.ua",
-	"gov.ua",
-	"in.ua",
-	"net.ua",
-	"org.ua",
-	"cherkassy.ua",
-	"cherkasy.ua",
-	"chernigov.ua",
-	"chernihiv.ua",
-	"chernivtsi.ua",
-	"chernovtsy.ua",
-	"ck.ua",
-	"cn.ua",
-	"cr.ua",
-	"crimea.ua",
-	"cv.ua",
-	"dn.ua",
-	"dnepropetrovsk.ua",
-	"dnipropetrovsk.ua",
-	"dominic.ua",
-	"donetsk.ua",
-	"dp.ua",
-	"if.ua",
-	"ivano-frankivsk.ua",
-	"kh.ua",
-	"kharkiv.ua",
-	"kharkov.ua",
-	"kherson.ua",
-	"khmelnitskiy.ua",
-	"khmelnytskyi.ua",
-	"kiev.ua",
-	"kirovograd.ua",
-	"km.ua",
-	"kr.ua",
-	"krym.ua",
-	"ks.ua",
-	"kv.ua",
-	"kyiv.ua",
-	"lg.ua",
-	"lt.ua",
-	"lugansk.ua",
-	"lutsk.ua",
-	"lv.ua",
-	"lviv.ua",
-	"mk.ua",
-	"mykolaiv.ua",
-	"nikolaev.ua",
-	"od.ua",
-	"odesa.ua",
-	"odessa.ua",
-	"pl.ua",
-	"poltava.ua",
-	"rivne.ua",
-	"rovno.ua",
-	"rv.ua",
-	"sb.ua",
-	"sebastopol.ua",
-	"sevastopol.ua",
-	"sm.ua",
-	"sumy.ua",
-	"te.ua",
-	"ternopil.ua",
-	"uz.ua",
-	"uzhgorod.ua",
-	"vinnica.ua",
-	"vinnytsia.ua",
-	"vn.ua",
-	"volyn.ua",
-	"yalta.ua",
-	"zaporizhzhe.ua",
-	"zaporizhzhia.ua",
-	"zhitomir.ua",
-	"zhytomyr.ua",
-	"zp.ua",
-	"zt.ua",
-	"ug",
-	"co.ug",
-	"or.ug",
-	"ac.ug",
-	"sc.ug",
-	"go.ug",
-	"ne.ug",
-	"com.ug",
-	"org.ug",
-	"uk",
-	"ac.uk",
-	"co.uk",
-	"gov.uk",
-	"ltd.uk",
-	"me.uk",
-	"net.uk",
-	"nhs.uk",
-	"org.uk",
-	"plc.uk",
-	"police.uk",
-	"*.sch.uk",
-	"us",
-	"dni.us",
-	"fed.us",
-	"isa.us",
-	"kids.us",
-	"nsn.us",
-	"ak.us",
-	"al.us",
-	"ar.us",
-	"as.us",
-	"az.us",
-	"ca.us",
-	"co.us",
-	"ct.us",
-	"dc.us",
-	"de.us",
-	"fl.us",
-	"ga.us",
-	"gu.us",
-	"hi.us",
-	"ia.us",
-	"id.us",
-	"il.us",
-	"in.us",
-	"ks.us",
-	"ky.us",
-	"la.us",
-	"ma.us",
-	"md.us",
-	"me.us",
-	"mi.us",
-	"mn.us",
-	"mo.us",
-	"ms.us",
-	"mt.us",
-	"nc.us",
-	"nd.us",
-	"ne.us",
-	"nh.us",
-	"nj.us",
-	"nm.us",
-	"nv.us",
-	"ny.us",
-	"oh.us",
-	"ok.us",
-	"or.us",
-	"pa.us",
-	"pr.us",
-	"ri.us",
-	"sc.us",
-	"sd.us",
-	"tn.us",
-	"tx.us",
-	"ut.us",
-	"vi.us",
-	"vt.us",
-	"va.us",
-	"wa.us",
-	"wi.us",
-	"wv.us",
-	"wy.us",
-	"k12.ak.us",
-	"k12.al.us",
-	"k12.ar.us",
-	"k12.as.us",
-	"k12.az.us",
-	"k12.ca.us",
-	"k12.co.us",
-	"k12.ct.us",
-	"k12.dc.us",
-	"k12.de.us",
-	"k12.fl.us",
-	"k12.ga.us",
-	"k12.gu.us",
-	"k12.ia.us",
-	"k12.id.us",
-	"k12.il.us",
-	"k12.in.us",
-	"k12.ks.us",
-	"k12.ky.us",
-	"k12.la.us",
-	"k12.ma.us",
-	"k12.md.us",
-	"k12.me.us",
-	"k12.mi.us",
-	"k12.mn.us",
-	"k12.mo.us",
-	"k12.ms.us",
-	"k12.mt.us",
-	"k12.nc.us",
-	"k12.ne.us",
-	"k12.nh.us",
-	"k12.nj.us",
-	"k12.nm.us",
-	"k12.nv.us",
-	"k12.ny.us",
-	"k12.oh.us",
-	"k12.ok.us",
-	"k12.or.us",
-	"k12.pa.us",
-	"k12.pr.us",
-	"k12.ri.us",
-	"k12.sc.us",
-	"k12.tn.us",
-	"k12.tx.us",
-	"k12.ut.us",
-	"k12.vi.us",
-	"k12.vt.us",
-	"k12.va.us",
-	"k12.wa.us",
-	"k12.wi.us",
-	"k12.wy.us",
-	"cc.ak.us",
-	"cc.al.us",
-	"cc.ar.us",
-	"cc.as.us",
-	"cc.az.us",
-	"cc.ca.us",
-	"cc.co.us",
-	"cc.ct.us",
-	"cc.dc.us",
-	"cc.de.us",
-	"cc.fl.us",
-	"cc.ga.us",
-	"cc.gu.us",
-	"cc.hi.us",
-	"cc.ia.us",
-	"cc.id.us",
-	"cc.il.us",
-	"cc.in.us",
-	"cc.ks.us",
-	"cc.ky.us",
-	"cc.la.us",
-	"cc.ma.us",
-	"cc.md.us",
-	"cc.me.us",
-	"cc.mi.us",
-	"cc.mn.us",
-	"cc.mo.us",
-	"cc.ms.us",
-	"cc.mt.us",
-	"cc.nc.us",
-	"cc.nd.us",
-	"cc.ne.us",
-	"cc.nh.us",
-	"cc.nj.us",
-	"cc.nm.us",
-	"cc.nv.us",
-	"cc.ny.us",
-	"cc.oh.us",
-	"cc.ok.us",
-	"cc.or.us",
-	"cc.pa.us",
-	"cc.pr.us",
-	"cc.ri.us",
-	"cc.sc.us",
-	"cc.sd.us",
-	"cc.tn.us",
-	"cc.tx.us",
-	"cc.ut.us",
-	"cc.vi.us",
-	"cc.vt.us",
-	"cc.va.us",
-	"cc.wa.us",
-	"cc.wi.us",
-	"cc.wv.us",
-	"cc.wy.us",
-	"lib.ak.us",
-	"lib.al.us",
-	"lib.ar.us",
-	"lib.as.us",
-	"lib.az.us",
-	"lib.ca.us",
-	"lib.co.us",
-	"lib.ct.us",
-	"lib.dc.us",
-	"lib.de.us",
-	"lib.fl.us",
-	"lib.ga.us",
-	"lib.gu.us",
-	"lib.hi.us",
-	"lib.ia.us",
-	"lib.id.us",
-	"lib.il.us",
-	"lib.in.us",
-	"lib.ks.us",
-	"lib.ky.us",
-	"lib.la.us",
-	"lib.ma.us",
-	"lib.md.us",
-	"lib.me.us",
-	"lib.mi.us",
-	"lib.mn.us",
-	"lib.mo.us",
-	"lib.ms.us",
-	"lib.mt.us",
-	"lib.nc.us",
-	"lib.nd.us",
-	"lib.ne.us",
-	"lib.nh.us",
-	"lib.nj.us",
-	"lib.nm.us",
-	"lib.nv.us",
-	"lib.ny.us",
-	"lib.oh.us",
-	"lib.ok.us",
-	"lib.or.us",
-	"lib.pa.us",
-	"lib.pr.us",
-	"lib.ri.us",
-	"lib.sc.us",
-	"lib.sd.us",
-	"lib.tn.us",
-	"lib.tx.us",
-	"lib.ut.us",
-	"lib.vi.us",
-	"lib.vt.us",
-	"lib.va.us",
-	"lib.wa.us",
-	"lib.wi.us",
-	"lib.wy.us",
-	"pvt.k12.ma.us",
-	"chtr.k12.ma.us",
-	"paroch.k12.ma.us",
-	"uy",
-	"com.uy",
-	"edu.uy",
-	"gub.uy",
-	"mil.uy",
-	"net.uy",
-	"org.uy",
-	"uz",
-	"co.uz",
-	"com.uz",
-	"net.uz",
-	"org.uz",
-	"va",
-	"vc",
-	"com.vc",
-	"net.vc",
-	"org.vc",
-	"gov.vc",
-	"mil.vc",
-	"edu.vc",
-	"ve",
-	"arts.ve",
-	"co.ve",
-	"com.ve",
-	"e12.ve",
-	"edu.ve",
-	"firm.ve",
-	"gob.ve",
-	"gov.ve",
-	"info.ve",
-	"int.ve",
-	"mil.ve",
-	"net.ve",
-	"org.ve",
-	"rec.ve",
-	"store.ve",
-	"tec.ve",
-	"web.ve",
-	"vg",
-	"vi",
-	"co.vi",
-	"com.vi",
-	"k12.vi",
-	"net.vi",
-	"org.vi",
-	"vn",
-	"com.vn",
-	"net.vn",
-	"org.vn",
-	"edu.vn",
-	"gov.vn",
-	"int.vn",
-	"ac.vn",
-	"biz.vn",
-	"info.vn",
-	"name.vn",
-	"pro.vn",
-	"health.vn",
-	"vu",
-	"com.vu",
-	"edu.vu",
-	"net.vu",
-	"org.vu",
-	"wf",
-	"ws",
-	"com.ws",
-	"net.ws",
-	"org.ws",
-	"gov.ws",
-	"edu.ws",
-	"yt",
-	"xn--mgbaam7a8h",
-	"xn--y9a3aq",
-	"xn--54b7fta0cc",
-	"xn--90ais",
-	"xn--fiqs8s",
-	"xn--fiqz9s",
-	"xn--lgbbat1ad8j",
-	"xn--wgbh1c",
-	"xn--node",
-	"xn--qxam",
-	"xn--j6w193g",
-	"xn--h2brj9c",
-	"xn--mgbbh1a71e",
-	"xn--fpcrj9c3d",
-	"xn--gecrj9c",
-	"xn--s9brj9c",
-	"xn--45brj9c",
-	"xn--xkc2dl3a5ee0h",
-	"xn--mgba3a4f16a",
-	"xn--mgba3a4fra",
-	"xn--mgbtx2b",
-	"xn--mgbayh7gpa",
-	"xn--3e0b707e",
-	"xn--80ao21a",
-	"xn--fzc2c9e2c",
-	"xn--xkc2al3hye2a",
-	"xn--mgbc0a9azcg",
-	"xn--d1alf",
-	"xn--l1acc",
-	"xn--mix891f",
-	"xn--mix082f",
-	"xn--mgbx4cd0ab",
-	"xn--mgb9awbf",
-	"xn--mgbai9azgqp6j",
-	"xn--mgbai9a5eva00b",
-	"xn--ygbi2ammx",
-	"xn--90a3ac",
-	"xn--o1ac.xn--90a3ac",
-	"xn--c1avg.xn--90a3ac",
-	"xn--90azh.xn--90a3ac",
-	"xn--d1at.xn--90a3ac",
-	"xn--o1ach.xn--90a3ac",
-	"xn--80au.xn--90a3ac",
-	"xn--p1ai",
-	"xn--wgbl6a",
-	"xn--mgberp4a5d4ar",
-	"xn--mgberp4a5d4a87g",
-	"xn--mgbqly7c0a67fbc",
-	"xn--mgbqly7cvafr",
-	"xn--mgbpl2fh",
-	"xn--yfro4i67o",
-	"xn--clchc0ea0b2g2a9gcd",
-	"xn--ogbpf8fl",
-	"xn--mgbtf8fl",
-	"xn--o3cw4h",
-	"xn--pgbs0dh",
-	"xn--kpry57d",
-	"xn--kprw13d",
-	"xn--nnx388a",
-	"xn--j1amh",
-	"xn--mgb2ddes",
-	"xxx",
-	"*.ye",
-	"ac.za",
-	"agric.za",
-	"alt.za",
-	"co.za",
-	"edu.za",
-	"gov.za",
-	"grondar.za",
-	"law.za",
-	"mil.za",
-	"net.za",
-	"ngo.za",
-	"nis.za",
-	"nom.za",
-	"org.za",
-	"school.za",
-	"tm.za",
-	"web.za",
-	"*.zm",
-	"*.zw",
-	"aaa",
-	"aarp",
-	"abarth",
-	"abb",
-	"abbott",
-	"abbvie",
-	"abc",
-	"able",
-	"abogado",
-	"abudhabi",
-	"academy",
-	"accenture",
-	"accountant",
-	"accountants",
-	"aco",
-	"active",
-	"actor",
-	"adac",
-	"ads",
-	"adult",
-	"aeg",
-	"aetna",
-	"afamilycompany",
-	"afl",
-	"africa",
-	"africamagic",
-	"agakhan",
-	"agency",
-	"aig",
-	"aigo",
-	"airbus",
-	"airforce",
-	"airtel",
-	"akdn",
-	"alfaromeo",
-	"alibaba",
-	"alipay",
-	"allfinanz",
-	"allstate",
-	"ally",
-	"alsace",
-	"alstom",
-	"americanexpress",
-	"americanfamily",
-	"amex",
-	"amfam",
-	"amica",
-	"amsterdam",
-	"analytics",
-	"android",
-	"anquan",
-	"anz",
-	"aol",
-	"apartments",
-	"app",
-	"apple",
-	"aquarelle",
-	"arab",
-	"aramco",
-	"archi",
-	"army",
-	"arte",
-	"asda",
-	"associates",
-	"athleta",
-	"attorney",
-	"auction",
-	"audi",
-	"audible",
-	"audio",
-	"auspost",
-	"author",
-	"auto",
-	"autos",
-	"avianca",
-	"aws",
-	"axa",
-	"azure",
-	"baby",
-	"baidu",
-	"banamex",
-	"bananarepublic",
-	"band",
-	"bank",
-	"bar",
-	"barcelona",
-	"barclaycard",
-	"barclays",
-	"barefoot",
-	"bargains",
-	"baseball",
-	"basketball",
-	"bauhaus",
-	"bayern",
-	"bbc",
-	"bbt",
-	"bbva",
-	"bcg",
-	"bcn",
-	"beats",
-	"beauty",
-	"beer",
-	"bentley",
-	"berlin",
-	"best",
-	"bestbuy",
-	"bet",
-	"bharti",
-	"bible",
-	"bid",
-	"bike",
-	"bing",
-	"bingo",
-	"bio",
-	"black",
-	"blackfriday",
-	"blanco",
-	"blockbuster",
-	"blog",
-	"bloomberg",
-	"blue",
-	"bms",
-	"bmw",
-	"bnl",
-	"bnpparibas",
-	"boats",
-	"boehringer",
-	"bofa",
-	"bom",
-	"bond",
-	"boo",
-	"book",
-	"booking",
-	"boots",
-	"bosch",
-	"bostik",
-	"boston",
-	"bot",
-	"boutique",
-	"box",
-	"bradesco",
-	"bridgestone",
-	"broadway",
-	"broker",
-	"brother",
-	"brussels",
-	"budapest",
-	"bugatti",
-	"build",
-	"builders",
-	"business",
-	"buy",
-	"buzz",
-	"bzh",
-	"cab",
-	"cafe",
-	"cal",
-	"call",
-	"calvinklein",
-	"camera",
-	"camp",
-	"cancerresearch",
-	"canon",
-	"capetown",
-	"capital",
-	"capitalone",
-	"car",
-	"caravan",
-	"cards",
-	"care",
-	"career",
-	"careers",
-	"cars",
-	"cartier",
-	"casa",
-	"case",
-	"caseih",
-	"cash",
-	"casino",
-	"catering",
-	"catholic",
-	"cba",
-	"cbn",
-	"cbre",
-	"cbs",
-	"ceb",
-	"center",
-	"ceo",
-	"cern",
-	"cfa",
-	"cfd",
-	"chanel",
-	"channel",
-	"chase",
-	"chat",
-	"cheap",
-	"chintai",
-	"chloe",
-	"christmas",
-	"chrome",
-	"chrysler",
-	"church",
-	"cipriani",
-	"circle",
-	"cisco",
-	"citadel",
-	"citi",
-	"citic",
-	"city",
-	"cityeats",
-	"claims",
-	"cleaning",
-	"click",
-	"clinic",
-	"clinique",
-	"clothing",
-	"cloud",
-	"club",
-	"clubmed",
-	"coach",
-	"codes",
-	"coffee",
-	"college",
-	"cologne",
-	"comcast",
-	"commbank",
-	"community",
-	"company",
-	"compare",
-	"computer",
-	"comsec",
-	"condos",
-	"construction",
-	"consulting",
-	"contact",
-	"contractors",
-	"cooking",
-	"cookingchannel",
-	"cool",
-	"corsica",
-	"country",
-	"coupon",
-	"coupons",
-	"courses",
-	"credit",
-	"creditcard",
-	"creditunion",
-	"cricket",
-	"crown",
-	"crs",
-	"cruise",
-	"cruises",
-	"csc",
-	"cuisinella",
-	"cymru",
-	"cyou",
-	"dabur",
-	"dad",
-	"dance",
-	"date",
-	"dating",
-	"datsun",
-	"day",
-	"dclk",
-	"dds",
-	"deal",
-	"dealer",
-	"deals",
-	"degree",
-	"delivery",
-	"dell",
-	"deloitte",
-	"delta",
-	"democrat",
-	"dental",
-	"dentist",
-	"desi",
-	"design",
-	"dev",
-	"dhl",
-	"diamonds",
-	"diet",
-	"digital",
-	"direct",
-	"directory",
-	"discount",
-	"discover",
-	"dish",
-	"diy",
-	"dnp",
-	"docs",
-	"dodge",
-	"dog",
-	"doha",
-	"domains",
-	"dot",
-	"download",
-	"drive",
-	"dstv",
-	"dtv",
-	"dubai",
-	"duck",
-	"dunlop",
-	"duns",
-	"dupont",
-	"durban",
-	"dvag",
-	"dwg",
-	"earth",
-	"eat",
-	"edeka",
-	"education",
-	"email",
-	"emerck",
-	"emerson",
-	"energy",
-	"engineer",
-	"engineering",
-	"enterprises",
-	"epost",
-	"epson",
-	"equipment",
-	"ericsson",
-	"erni",
-	"esq",
-	"estate",
-	"esurance",
-	"etisalat",
-	"eurovision",
-	"eus",
-	"events",
-	"everbank",
-	"exchange",
-	"expert",
-	"exposed",
-	"express",
-	"extraspace",
-	"fage",
-	"fail",
-	"fairwinds",
-	"faith",
-	"family",
-	"fan",
-	"fans",
-	"farm",
-	"farmers",
-	"fashion",
-	"fast",
-	"fedex",
-	"feedback",
-	"ferrari",
-	"ferrero",
-	"fiat",
-	"fidelity",
-	"fido",
-	"film",
-	"final",
-	"finance",
-	"financial",
-	"fire",
-	"firestone",
-	"firmdale",
-	"fish",
-	"fishing",
-	"fit",
-	"fitness",
-	"flickr",
-	"flights",
-	"flir",
-	"florist",
-	"flowers",
-	"flsmidth",
-	"fly",
-	"foo",
-	"foodnetwork",
-	"football",
-	"ford",
-	"forex",
-	"forsale",
-	"forum",
-	"foundation",
-	"fox",
-	"free",
-	"fresenius",
-	"frl",
-	"frogans",
-	"frontdoor",
-	"frontier",
-	"ftr",
-	"fujitsu",
-	"fujixerox",
-	"fun",
-	"fund",
-	"furniture",
-	"futbol",
-	"fyi",
-	"gal",
-	"gallery",
-	"gallo",
-	"gallup",
-	"game",
-	"games",
-	"gap",
-	"garden",
-	"gbiz",
-	"gdn",
-	"gea",
-	"gent",
-	"genting",
-	"george",
-	"ggee",
-	"gift",
-	"gifts",
-	"gives",
-	"giving",
-	"glade",
-	"glass",
-	"gle",
-	"global",
-	"globo",
-	"gmail",
-	"gmbh",
-	"gmo",
-	"gmx",
-	"godaddy",
-	"gold",
-	"goldpoint",
-	"golf",
-	"goo",
-	"goodhands",
-	"goodyear",
-	"goog",
-	"google",
-	"gop",
-	"got",
-	"gotv",
-	"grainger",
-	"graphics",
-	"gratis",
-	"green",
-	"gripe",
-	"group",
-	"guardian",
-	"gucci",
-	"guge",
-	"guide",
-	"guitars",
-	"guru",
-	"hair",
-	"hamburg",
-	"hangout",
-	"haus",
-	"hbo",
-	"hdfc",
-	"hdfcbank",
-	"health",
-	"healthcare",
-	"help",
-	"helsinki",
-	"here",
-	"hermes",
-	"hgtv",
-	"hiphop",
-	"hisamitsu",
-	"hitachi",
-	"hiv",
-	"hkt",
-	"hockey",
-	"holdings",
-	"holiday",
-	"homedepot",
-	"homegoods",
-	"homes",
-	"homesense",
-	"honda",
-	"honeywell",
-	"horse",
-	"host",
-	"hosting",
-	"hot",
-	"hoteles",
-	"hotmail",
-	"house",
-	"how",
-	"hsbc",
-	"htc",
-	"hughes",
-	"hyatt",
-	"hyundai",
-	"ibm",
-	"icbc",
-	"ice",
-	"icu",
-	"ieee",
-	"ifm",
-	"iinet",
-	"ikano",
-	"imamat",
-	"imdb",
-	"immo",
-	"immobilien",
-	"industries",
-	"infiniti",
-	"ing",
-	"ink",
-	"institute",
-	"insurance",
-	"insure",
-	"intel",
-	"international",
-	"intuit",
-	"investments",
-	"ipiranga",
-	"irish",
-	"iselect",
-	"ismaili",
-	"ist",
-	"istanbul",
-	"itau",
-	"itv",
-	"iveco",
-	"iwc",
-	"jaguar",
-	"java",
-	"jcb",
-	"jcp",
-	"jeep",
-	"jetzt",
-	"jewelry",
-	"jio",
-	"jlc",
-	"jll",
-	"jmp",
-	"jnj",
-	"joburg",
-	"jot",
-	"joy",
-	"jpmorgan",
-	"jprs",
-	"juegos",
-	"juniper",
-	"kaufen",
-	"kddi",
-	"kerryhotels",
-	"kerrylogistics",
-	"kerryproperties",
-	"kfh",
-	"kia",
-	"kim",
-	"kinder",
-	"kindle",
-	"kitchen",
-	"kiwi",
-	"koeln",
-	"komatsu",
-	"kosher",
-	"kpmg",
-	"kpn",
-	"krd",
-	"kred",
-	"kuokgroup",
-	"kyknet",
-	"kyoto",
-	"lacaixa",
-	"ladbrokes",
-	"lamborghini",
-	"lamer",
-	"lancaster",
-	"lancia",
-	"lancome",
-	"land",
-	"landrover",
-	"lanxess",
-	"lasalle",
-	"lat",
-	"latino",
-	"latrobe",
-	"law",
-	"lawyer",
-	"lds",
-	"lease",
-	"leclerc",
-	"lefrak",
-	"legal",
-	"lego",
-	"lexus",
-	"lgbt",
-	"liaison",
-	"lidl",
-	"life",
-	"lifeinsurance",
-	"lifestyle",
-	"lighting",
-	"like",
-	"lilly",
-	"limited",
-	"limo",
-	"lincoln",
-	"linde",
-	"link",
-	"lipsy",
-	"live",
-	"living",
-	"lixil",
-	"loan",
-	"loans",
-	"locker",
-	"locus",
-	"loft",
-	"lol",
-	"london",
-	"lotte",
-	"lotto",
-	"love",
-	"lpl",
-	"lplfinancial",
-	"ltd",
-	"ltda",
-	"lundbeck",
-	"lupin",
-	"luxe",
-	"luxury",
-	"macys",
-	"madrid",
-	"maif",
-	"maison",
-	"makeup",
-	"man",
-	"management",
-	"mango",
-	"market",
-	"marketing",
-	"markets",
-	"marriott",
-	"marshalls",
-	"maserati",
-	"mattel",
-	"mba",
-	"mcd",
-	"mcdonalds",
-	"mckinsey",
-	"med",
-	"media",
-	"meet",
-	"melbourne",
-	"meme",
-	"memorial",
-	"men",
-	"menu",
-	"meo",
-	"metlife",
-	"miami",
-	"microsoft",
-	"mini",
-	"mint",
-	"mit",
-	"mitsubishi",
-	"mlb",
-	"mls",
-	"mma",
-	"mnet",
-	"mobily",
-	"moda",
-	"moe",
-	"moi",
-	"mom",
-	"monash",
-	"money",
-	"monster",
-	"montblanc",
-	"mopar",
-	"mormon",
-	"mortgage",
-	"moscow",
-	"moto",
-	"motorcycles",
-	"mov",
-	"movie",
-	"movistar",
-	"msd",
-	"mtn",
-	"mtpc",
-	"mtr",
-	"multichoice",
-	"mutual",
-	"mutuelle",
-	"mzansimagic",
-	"nab",
-	"nadex",
-	"nagoya",
-	"naspers",
-	"nationwide",
-	"natura",
-	"navy",
-	"nba",
-	"nec",
-	"netbank",
-	"netflix",
-	"network",
-	"neustar",
-	"new",
-	"newholland",
-	"news",
-	"next",
-	"nextdirect",
-	"nexus",
-	"nfl",
-	"ngo",
-	"nhk",
-	"nico",
-	"nike",
-	"nikon",
-	"ninja",
-	"nissan",
-	"nissay",
-	"nokia",
-	"northwesternmutual",
-	"norton",
-	"now",
-	"nowruz",
-	"nowtv",
-	"nra",
-	"nrw",
-	"ntt",
-	"nyc",
-	"obi",
-	"observer",
-	"off",
-	"office",
-	"okinawa",
-	"olayan",
-	"olayangroup",
-	"oldnavy",
-	"ollo",
-	"omega",
-	"one",
-	"ong",
-	"onl",
-	"online",
-	"onyourside",
-	"ooo",
-	"open",
-	"oracle",
-	"orange",
-	"organic",
-	"orientexpress",
-	"origins",
-	"osaka",
-	"otsuka",
-	"ott",
-	"ovh",
-	"page",
-	"pamperedchef",
-	"panasonic",
-	"panerai",
-	"paris",
-	"pars",
-	"partners",
-	"parts",
-	"party",
-	"passagens",
-	"pay",
-	"payu",
-	"pccw",
-	"pet",
-	"pfizer",
-	"pharmacy",
-	"philips",
-	"photo",
-	"photography",
-	"photos",
-	"physio",
-	"piaget",
-	"pics",
-	"pictet",
-	"pictures",
-	"pid",
-	"pin",
-	"ping",
-	"pink",
-	"pioneer",
-	"pizza",
-	"place",
-	"play",
-	"playstation",
-	"plumbing",
-	"plus",
-	"pnc",
-	"pohl",
-	"poker",
-	"politie",
-	"porn",
-	"pramerica",
-	"praxi",
-	"press",
-	"prime",
-	"prod",
-	"productions",
-	"prof",
-	"progressive",
-	"promo",
-	"properties",
-	"property",
-	"protection",
-	"pru",
-	"prudential",
-	"pub",
-	"pwc",
-	"qpon",
-	"quebec",
-	"quest",
-	"qvc",
-	"racing",
-	"raid",
-	"read",
-	"realestate",
-	"realtor",
-	"realty",
-	"recipes",
-	"red",
-	"redstone",
-	"redumbrella",
-	"rehab",
-	"reise",
-	"reisen",
-	"reit",
-	"reliance",
-	"ren",
-	"rent",
-	"rentals",
-	"repair",
-	"report",
-	"republican",
-	"rest",
-	"restaurant",
-	"review",
-	"reviews",
-	"rexroth",
-	"rich",
-	"richardli",
-	"ricoh",
-	"rightathome",
-	"ril",
-	"rio",
-	"rip",
-	"rmit",
-	"rocher",
-	"rocks",
-	"rodeo",
-	"rogers",
-	"room",
-	"rsvp",
-	"ruhr",
-	"run",
-	"rwe",
-	"ryukyu",
-	"saarland",
-	"safe",
-	"safety",
-	"sakura",
-	"sale",
-	"salon",
-	"samsclub",
-	"samsung",
-	"sandvik",
-	"sandvikcoromant",
-	"sanofi",
-	"sap",
-	"sapo",
-	"sarl",
-	"sas",
-	"save",
-	"saxo",
-	"sbi",
-	"sbs",
-	"sca",
-	"scb",
-	"schaeffler",
-	"schmidt",
-	"scholarships",
-	"school",
-	"schule",
-	"schwarz",
-	"science",
-	"scjohnson",
-	"scor",
-	"scot",
-	"seat",
-	"secure",
-	"security",
-	"seek",
-	"select",
-	"sener",
-	"services",
-	"ses",
-	"seven",
-	"sew",
-	"sex",
-	"sexy",
-	"sfr",
-	"shangrila",
-	"sharp",
-	"shaw",
-	"shell",
-	"shia",
-	"shiksha",
-	"shoes",
-	"shouji",
-	"show",
-	"showtime",
-	"shriram",
-	"silk",
-	"sina",
-	"singles",
-	"site",
-	"ski",
-	"skin",
-	"sky",
-	"skype",
-	"sling",
-	"smart",
-	"smile",
-	"sncf",
-	"soccer",
-	"social",
-	"softbank",
-	"software",
-	"sohu",
-	"solar",
-	"solutions",
-	"song",
-	"sony",
-	"soy",
-	"space",
-	"spiegel",
-	"spot",
-	"spreadbetting",
-	"srl",
-	"srt",
-	"stada",
-	"staples",
-	"star",
-	"starhub",
-	"statebank",
-	"statefarm",
-	"statoil",
-	"stc",
-	"stcgroup",
-	"stockholm",
-	"storage",
-	"store",
-	"stream",
-	"studio",
-	"study",
-	"style",
-	"sucks",
-	"supersport",
-	"supplies",
-	"supply",
-	"support",
-	"surf",
-	"surgery",
-	"suzuki",
-	"swatch",
-	"swiftcover",
-	"swiss",
-	"sydney",
-	"symantec",
-	"systems",
-	"tab",
-	"taipei",
-	"talk",
-	"taobao",
-	"target",
-	"tatamotors",
-	"tatar",
-	"tattoo",
-	"tax",
-	"taxi",
-	"tci",
-	"tdk",
-	"team",
-	"tech",
-	"technology",
-	"telecity",
-	"telefonica",
-	"temasek",
-	"tennis",
-	"teva",
-	"thd",
-	"theater",
-	"theatre",
-	"theguardian",
-	"tiaa",
-	"tickets",
-	"tienda",
-	"tiffany",
-	"tips",
-	"tires",
-	"tirol",
-	"tjmaxx",
-	"tjx",
-	"tkmaxx",
-	"tmall",
-	"today",
-	"tokyo",
-	"tools",
-	"top",
-	"toray",
-	"toshiba",
-	"total",
-	"tours",
-	"town",
-	"toyota",
-	"toys",
-	"trade",
-	"trading",
-	"training",
-	"travelchannel",
-	"travelers",
-	"travelersinsurance",
-	"trust",
-	"trv",
-	"tube",
-	"tui",
-	"tunes",
-	"tushu",
-	"tvs",
-	"ubank",
-	"ubs",
-	"uconnect",
-	"unicom",
-	"university",
-	"uno",
-	"uol",
-	"ups",
-	"vacations",
-	"vana",
-	"vanguard",
-	"vegas",
-	"ventures",
-	"verisign",
-	"versicherung",
-	"vet",
-	"viajes",
-	"video",
-	"vig",
-	"viking",
-	"villas",
-	"vin",
-	"vip",
-	"virgin",
-	"visa",
-	"vision",
-	"vista",
-	"vistaprint",
-	"viva",
-	"vivo",
-	"vlaanderen",
-	"vodka",
-	"volkswagen",
-	"volvo",
-	"vote",
-	"voting",
-	"voto",
-	"voyage",
-	"vuelos",
-	"wales",
-	"walmart",
-	"walter",
-	"wang",
-	"wanggou",
-	"warman",
-	"watch",
-	"watches",
-	"weather",
-	"weatherchannel",
-	"webcam",
-	"weber",
-	"website",
-	"wed",
-	"wedding",
-	"weibo",
-	"weir",
-	"whoswho",
-	"wien",
-	"wiki",
-	"williamhill",
-	"win",
-	"windows",
-	"wine",
-	"winners",
-	"wme",
-	"wolterskluwer",
-	"woodside",
-	"work",
-	"works",
-	"world",
-	"wow",
-	"wtc",
-	"wtf",
-	"xbox",
-	"xerox",
-	"xfinity",
-	"xihuan",
-	"xin",
-	"xn--11b4c3d",
-	"xn--1ck2e1b",
-	"xn--1qqw23a",
-	"xn--30rr7y",
-	"xn--3bst00m",
-	"xn--3ds443g",
-	"xn--3oq18vl8pn36a",
-	"xn--3pxu8k",
-	"xn--42c2d9a",
-	"xn--45q11c",
-	"xn--4gbrim",
-	"xn--4gq48lf9j",
-	"xn--55qw42g",
-	"xn--55qx5d",
-	"xn--5su34j936bgsg",
-	"xn--5tzm5g",
-	"xn--6frz82g",
-	"xn--6qq986b3xl",
-	"xn--80adxhks",
-	"xn--80aqecdr1a",
-	"xn--80asehdb",
-	"xn--80aswg",
-	"xn--8y0a063a",
-	"xn--9dbq2a",
-	"xn--9et52u",
-	"xn--9krt00a",
-	"xn--b4w605ferd",
-	"xn--bck1b9a5dre4c",
-	"xn--c1avg",
-	"xn--c2br7g",
-	"xn--cck2b3b",
-	"xn--cg4bki",
-	"xn--czr694b",
-	"xn--czrs0t",
-	"xn--czru2d",
-	"xn--d1acj3b",
-	"xn--eckvdtc9d",
-	"xn--efvy88h",
-	"xn--estv75g",
-	"xn--fct429k",
-	"xn--fhbei",
-	"xn--fiq228c5hs",
-	"xn--fiq64b",
-	"xn--fjq720a",
-	"xn--flw351e",
-	"xn--fzys8d69uvgm",
-	"xn--g2xx48c",
-	"xn--gckr3f0f",
-	"xn--gk3at1e",
-	"xn--hxt814e",
-	"xn--i1b6b1a6a2e",
-	"xn--imr513n",
-	"xn--io0a7i",
-	"xn--j1aef",
-	"xn--jlq61u9w7b",
-	"xn--jvr189m",
-	"xn--kcrx77d1x4a",
-	"xn--kpu716f",
-	"xn--kput3i",
-	"xn--mgba3a3ejt",
-	"xn--mgba7c0bbn0a",
-	"xn--mgbaakc7dvf",
-	"xn--mgbab2bd",
-	"xn--mgbb9fbpob",
-	"xn--mgbca7dzdo",
-	"xn--mgbi4ecexp",
-	"xn--mgbt3dhd",
-	"xn--mk1bu44c",
-	"xn--mxtq1m",
-	"xn--ngbc5azd",
-	"xn--ngbe9e0a",
-	"xn--ngbrx",
-	"xn--nqv7f",
-	"xn--nqv7fs00ema",
-	"xn--nyqy26a",
-	"xn--p1acf",
-	"xn--pbt977c",
-	"xn--pssy2u",
-	"xn--q9jyb4c",
-	"xn--qcka1pmc",
-	"xn--rhqv96g",
-	"xn--rovu88b",
-	"xn--ses554g",
-	"xn--t60b56a",
-	"xn--tckwe",
-	"xn--tiq49xqyj",
-	"xn--unup4y",
-	"xn--vermgensberater-ctb",
-	"xn--vermgensberatung-pwb",
-	"xn--vhquv",
-	"xn--vuq861b",
-	"xn--w4r85el8fhu5dnra",
-	"xn--w4rs40l",
-	"xn--xhq521b",
-	"xn--zfr164b",
-	"xperia",
-	"xyz",
-	"yachts",
-	"yahoo",
-	"yamaxun",
-	"yandex",
-	"yodobashi",
-	"yoga",
-	"yokohama",
-	"you",
-	"youtube",
-	"yun",
-	"zappos",
-	"zara",
-	"zero",
-	"zip",
-	"zippo",
-	"zone",
-	"zuerich",
-	"cloudfront.net",
-	"ap-northeast-1.compute.amazonaws.com",
-	"ap-northeast-2.compute.amazonaws.com",
-	"ap-southeast-1.compute.amazonaws.com",
-	"ap-southeast-2.compute.amazonaws.com",
-	"cn-north-1.compute.amazonaws.cn",
-	"compute-1.amazonaws.com",
-	"compute.amazonaws.cn",
-	"compute.amazonaws.com",
-	"eu-central-1.compute.amazonaws.com",
-	"eu-west-1.compute.amazonaws.com",
-	"sa-east-1.compute.amazonaws.com",
-	"us-east-1.amazonaws.com",
-	"us-gov-west-1.compute.amazonaws.com",
-	"us-west-1.compute.amazonaws.com",
-	"us-west-2.compute.amazonaws.com",
-	"z-1.compute-1.amazonaws.com",
-	"z-2.compute-1.amazonaws.com",
-	"elasticbeanstalk.com",
-	"elb.amazonaws.com",
-	"s3.amazonaws.com",
-	"s3-ap-northeast-1.amazonaws.com",
-	"s3-ap-northeast-2.amazonaws.com",
-	"s3-ap-southeast-1.amazonaws.com",
-	"s3-ap-southeast-2.amazonaws.com",
-	"s3-eu-central-1.amazonaws.com",
-	"s3-eu-west-1.amazonaws.com",
-	"s3-external-1.amazonaws.com",
-	"s3-external-2.amazonaws.com",
-	"s3-fips-us-gov-west-1.amazonaws.com",
-	"s3-sa-east-1.amazonaws.com",
-	"s3-us-gov-west-1.amazonaws.com",
-	"s3-us-west-1.amazonaws.com",
-	"s3-us-west-2.amazonaws.com",
-	"s3.ap-northeast-2.amazonaws.com",
-	"s3.cn-north-1.amazonaws.com.cn",
-	"s3.eu-central-1.amazonaws.com",
-	"betainabox.com",
-	"ae.org",
-	"ar.com",
-	"br.com",
-	"cn.com",
-	"com.de",
-	"com.se",
-	"de.com",
-	"eu.com",
-	"gb.com",
-	"gb.net",
-	"hu.com",
-	"hu.net",
-	"jp.net",
-	"jpn.com",
-	"kr.com",
-	"mex.com",
-	"no.com",
-	"qc.com",
-	"ru.com",
-	"sa.com",
-	"se.com",
-	"se.net",
-	"uk.com",
-	"uk.net",
-	"us.com",
-	"uy.com",
-	"za.bz",
-	"za.com",
-	"africa.com",
-	"xenapponazure.com",
-	"gr.com",
-	"in.net",
-	"us.org",
-	"co.com",
-	"c.la",
-	"cloudcontrolled.com",
-	"cloudcontrolapp.com",
-	"co.ca",
-	"co.cz",
-	"c.cdn77.org",
-	"cdn77-ssl.net",
-	"r.cdn77.net",
-	"rsc.cdn77.org",
-	"ssl.origin.cdn77-secure.org",
-	"co.nl",
-	"co.no",
-	"*.platform.sh",
-	"cupcake.is",
-	"dreamhosters.com",
-	"mydrobo.com",
-	"duckdns.org",
-	"dyndns-at-home.com",
-	"dyndns-at-work.com",
-	"dyndns-blog.com",
-	"dyndns-free.com",
-	"dyndns-home.com",
-	"dyndns-ip.com",
-	"dyndns-mail.com",
-	"dyndns-office.com",
-	"dyndns-pics.com",
-	"dyndns-remote.com",
-	"dyndns-server.com",
-	"dyndns-web.com",
-	"dyndns-wiki.com",
-	"dyndns-work.com",
-	"dyndns.biz",
-	"dyndns.info",
-	"dyndns.org",
-	"dyndns.tv",
-	"at-band-camp.net",
-	"ath.cx",
-	"barrel-of-knowledge.info",
-	"barrell-of-knowledge.info",
-	"better-than.tv",
-	"blogdns.com",
-	"blogdns.net",
-	"blogdns.org",
-	"blogsite.org",
-	"boldlygoingnowhere.org",
-	"broke-it.net",
-	"buyshouses.net",
-	"cechire.com",
-	"dnsalias.com",
-	"dnsalias.net",
-	"dnsalias.org",
-	"dnsdojo.com",
-	"dnsdojo.net",
-	"dnsdojo.org",
-	"does-it.net",
-	"doesntexist.com",
-	"doesntexist.org",
-	"dontexist.com",
-	"dontexist.net",
-	"dontexist.org",
-	"doomdns.com",
-	"doomdns.org",
-	"dvrdns.org",
-	"dyn-o-saur.com",
-	"dynalias.com",
-	"dynalias.net",
-	"dynalias.org",
-	"dynathome.net",
-	"dyndns.ws",
-	"endofinternet.net",
-	"endofinternet.org",
-	"endoftheinternet.org",
-	"est-a-la-maison.com",
-	"est-a-la-masion.com",
-	"est-le-patron.com",
-	"est-mon-blogueur.com",
-	"for-better.biz",
-	"for-more.biz",
-	"for-our.info",
-	"for-some.biz",
-	"for-the.biz",
-	"forgot.her.name",
-	"forgot.his.name",
-	"from-ak.com",
-	"from-al.com",
-	"from-ar.com",
-	"from-az.net",
-	"from-ca.com",
-	"from-co.net",
-	"from-ct.com",
-	"from-dc.com",
-	"from-de.com",
-	"from-fl.com",
-	"from-ga.com",
-	"from-hi.com",
-	"from-ia.com",
-	"from-id.com",
-	"from-il.com",
-	"from-in.com",
-	"from-ks.com",
-	"from-ky.com",
-	"from-la.net",
-	"from-ma.com",
-	"from-md.com",
-	"from-me.org",
-	"from-mi.com",
-	"from-mn.com",
-	"from-mo.com",
-	"from-ms.com",
-	"from-mt.com",
-	"from-nc.com",
-	"from-nd.com",
-	"from-ne.com",
-	"from-nh.com",
-	"from-nj.com",
-	"from-nm.com",
-	"from-nv.com",
-	"from-ny.net",
-	"from-oh.com",
-	"from-ok.com",
-	"from-or.com",
-	"from-pa.com",
-	"from-pr.com",
-	"from-ri.com",
-	"from-sc.com",
-	"from-sd.com",
-	"from-tn.com",
-	"from-tx.com",
-	"from-ut.com",
-	"from-va.com",
-	"from-vt.com",
-	"from-wa.com",
-	"from-wi.com",
-	"from-wv.com",
-	"from-wy.com",
-	"ftpaccess.cc",
-	"fuettertdasnetz.de",
-	"game-host.org",
-	"game-server.cc",
-	"getmyip.com",
-	"gets-it.net",
-	"go.dyndns.org",
-	"gotdns.com",
-	"gotdns.org",
-	"groks-the.info",
-	"groks-this.info",
-	"ham-radio-op.net",
-	"here-for-more.info",
-	"hobby-site.com",
-	"hobby-site.org",
-	"home.dyndns.org",
-	"homedns.org",
-	"homeftp.net",
-	"homeftp.org",
-	"homeip.net",
-	"homelinux.com",
-	"homelinux.net",
-	"homelinux.org",
-	"homeunix.com",
-	"homeunix.net",
-	"homeunix.org",
-	"iamallama.com",
-	"in-the-band.net",
-	"is-a-anarchist.com",
-	"is-a-blogger.com",
-	"is-a-bookkeeper.com",
-	"is-a-bruinsfan.org",
-	"is-a-bulls-fan.com",
-	"is-a-candidate.org",
-	"is-a-caterer.com",
-	"is-a-celticsfan.org",
-	"is-a-chef.com",
-	"is-a-chef.net",
-	"is-a-chef.org",
-	"is-a-conservative.com",
-	"is-a-cpa.com",
-	"is-a-cubicle-slave.com",
-	"is-a-democrat.com",
-	"is-a-designer.com",
-	"is-a-doctor.com",
-	"is-a-financialadvisor.com",
-	"is-a-geek.com",
-	"is-a-geek.net",
-	"is-a-geek.org",
-	"is-a-green.com",
-	"is-a-guru.com",
-	"is-a-hard-worker.com",
-	"is-a-hunter.com",
-	"is-a-knight.org",
-	"is-a-landscaper.com",
-	"is-a-lawyer.com",
-	"is-a-liberal.com",
-	"is-a-libertarian.com",
-	"is-a-linux-user.org",
-	"is-a-llama.com",
-	"is-a-musician.com",
-	"is-a-nascarfan.com",
-	"is-a-nurse.com",
-	"is-a-painter.com",
-	"is-a-patsfan.org",
-	"is-a-personaltrainer.com",
-	"is-a-photographer.com",
-	"is-a-player.com",
-	"is-a-republican.com",
-	"is-a-rockstar.com",
-	"is-a-socialist.com",
-	"is-a-soxfan.org",
-	"is-a-student.com",
-	"is-a-teacher.com",
-	"is-a-techie.com",
-	"is-a-therapist.com",
-	"is-an-accountant.com",
-	"is-an-actor.com",
-	"is-an-actress.com",
-	"is-an-anarchist.com",
-	"is-an-artist.com",
-	"is-an-engineer.com",
-	"is-an-entertainer.com",
-	"is-by.us",
-	"is-certified.com",
-	"is-found.org",
-	"is-gone.com",
-	"is-into-anime.com",
-	"is-into-cars.com",
-	"is-into-cartoons.com",
-	"is-into-games.com",
-	"is-leet.com",
-	"is-lost.org",
-	"is-not-certified.com",
-	"is-saved.org",
-	"is-slick.com",
-	"is-uberleet.com",
-	"is-very-bad.org",
-	"is-very-evil.org",
-	"is-very-good.org",
-	"is-very-nice.org",
-	"is-very-sweet.org",
-	"is-with-theband.com",
-	"isa-geek.com",
-	"isa-geek.net",
-	"isa-geek.org",
-	"isa-hockeynut.com",
-	"issmarterthanyou.com",
-	"isteingeek.de",
-	"istmein.de",
-	"kicks-ass.net",
-	"kicks-ass.org",
-	"knowsitall.info",
-	"land-4-sale.us",
-	"lebtimnetz.de",
-	"leitungsen.de",
-	"likes-pie.com",
-	"likescandy.com",
-	"merseine.nu",
-	"mine.nu",
-	"misconfused.org",
-	"mypets.ws",
-	"myphotos.cc",
-	"neat-url.com",
-	"office-on-the.net",
-	"on-the-web.tv",
-	"podzone.net",
-	"podzone.org",
-	"readmyblog.org",
-	"saves-the-whales.com",
-	"scrapper-site.net",
-	"scrapping.cc",
-	"selfip.biz",
-	"selfip.com",
-	"selfip.info",
-	"selfip.net",
-	"selfip.org",
-	"sells-for-less.com",
-	"sells-for-u.com",
-	"sells-it.net",
-	"sellsyourhome.org",
-	"servebbs.com",
-	"servebbs.net",
-	"servebbs.org",
-	"serveftp.net",
-	"serveftp.org",
-	"servegame.org",
-	"shacknet.nu",
-	"simple-url.com",
-	"space-to-rent.com",
-	"stuff-4-sale.org",
-	"stuff-4-sale.us",
-	"teaches-yoga.com",
-	"thruhere.net",
-	"traeumtgerade.de",
-	"webhop.biz",
-	"webhop.info",
-	"webhop.net",
-	"webhop.org",
-	"worse-than.tv",
-	"writesthisblog.com",
-	"dynv6.net",
-	"eu.org",
-	"al.eu.org",
-	"asso.eu.org",
-	"at.eu.org",
-	"au.eu.org",
-	"be.eu.org",
-	"bg.eu.org",
-	"ca.eu.org",
-	"cd.eu.org",
-	"ch.eu.org",
-	"cn.eu.org",
-	"cy.eu.org",
-	"cz.eu.org",
-	"de.eu.org",
-	"dk.eu.org",
-	"edu.eu.org",
-	"ee.eu.org",
-	"es.eu.org",
-	"fi.eu.org",
-	"fr.eu.org",
-	"gr.eu.org",
-	"hr.eu.org",
-	"hu.eu.org",
-	"ie.eu.org",
-	"il.eu.org",
-	"in.eu.org",
-	"int.eu.org",
-	"is.eu.org",
-	"it.eu.org",
-	"jp.eu.org",
-	"kr.eu.org",
-	"lt.eu.org",
-	"lu.eu.org",
-	"lv.eu.org",
-	"mc.eu.org",
-	"me.eu.org",
-	"mk.eu.org",
-	"mt.eu.org",
-	"my.eu.org",
-	"net.eu.org",
-	"ng.eu.org",
-	"nl.eu.org",
-	"no.eu.org",
-	"nz.eu.org",
-	"paris.eu.org",
-	"pl.eu.org",
-	"pt.eu.org",
-	"q-a.eu.org",
-	"ro.eu.org",
-	"ru.eu.org",
-	"se.eu.org",
-	"si.eu.org",
-	"sk.eu.org",
-	"tr.eu.org",
-	"uk.eu.org",
-	"us.eu.org",
-	"apps.fbsbx.com",
-	"a.ssl.fastly.net",
-	"b.ssl.fastly.net",
-	"global.ssl.fastly.net",
-	"a.prod.fastly.net",
-	"global.prod.fastly.net",
-	"firebaseapp.com",
-	"flynnhub.com",
-	"service.gov.uk",
-	"github.io",
-	"githubusercontent.com",
-	"githubcloud.com",
-	"*.api.githubcloud.com",
-	"*.ext.githubcloud.com",
-	"gist.githubcloud.com",
-	"*.githubcloudusercontent.com",
-	"ro.com",
-	"appspot.com",
-	"blogspot.ae",
-	"blogspot.al",
-	"blogspot.am",
-	"blogspot.ba",
-	"blogspot.be",
-	"blogspot.bg",
-	"blogspot.bj",
-	"blogspot.ca",
-	"blogspot.cf",
-	"blogspot.ch",
-	"blogspot.cl",
-	"blogspot.co.at",
-	"blogspot.co.id",
-	"blogspot.co.il",
-	"blogspot.co.ke",
-	"blogspot.co.nz",
-	"blogspot.co.uk",
-	"blogspot.co.za",
-	"blogspot.com",
-	"blogspot.com.ar",
-	"blogspot.com.au",
-	"blogspot.com.br",
-	"blogspot.com.by",
-	"blogspot.com.co",
-	"blogspot.com.cy",
-	"blogspot.com.ee",
-	"blogspot.com.eg",
-	"blogspot.com.es",
-	"blogspot.com.mt",
-	"blogspot.com.ng",
-	"blogspot.com.tr",
-	"blogspot.com.uy",
-	"blogspot.cv",
-	"blogspot.cz",
-	"blogspot.de",
-	"blogspot.dk",
-	"blogspot.fi",
-	"blogspot.fr",
-	"blogspot.gr",
-	"blogspot.hk",
-	"blogspot.hr",
-	"blogspot.hu",
-	"blogspot.ie",
-	"blogspot.in",
-	"blogspot.is",
-	"blogspot.it",
-	"blogspot.jp",
-	"blogspot.kr",
-	"blogspot.li",
-	"blogspot.lt",
-	"blogspot.lu",
-	"blogspot.md",
-	"blogspot.mk",
-	"blogspot.mr",
-	"blogspot.mx",
-	"blogspot.my",
-	"blogspot.nl",
-	"blogspot.no",
-	"blogspot.pe",
-	"blogspot.pt",
-	"blogspot.qa",
-	"blogspot.re",
-	"blogspot.ro",
-	"blogspot.rs",
-	"blogspot.ru",
-	"blogspot.se",
-	"blogspot.sg",
-	"blogspot.si",
-	"blogspot.sk",
-	"blogspot.sn",
-	"blogspot.td",
-	"blogspot.tw",
-	"blogspot.ug",
-	"blogspot.vn",
-	"cloudfunctions.net",
-	"codespot.com",
-	"googleapis.com",
-	"googlecode.com",
-	"pagespeedmobilizer.com",
-	"withgoogle.com",
-	"withyoutube.com",
-	"hashbang.sh",
-	"herokuapp.com",
-	"herokussl.com",
-	"iki.fi",
-	"biz.at",
-	"info.at",
-	"co.pl",
-	"azurewebsites.net",
-	"azure-mobile.net",
-	"cloudapp.net",
-	"bmoattachments.org",
-	"4u.com",
-	"ngrok.io",
-	"nfshost.com",
-	"nyc.mn",
-	"nid.io",
-	"operaunite.com",
-	"outsystemscloud.com",
-	"pagefrontapp.com",
-	"art.pl",
-	"gliwice.pl",
-	"krakow.pl",
-	"poznan.pl",
-	"wroc.pl",
-	"zakopane.pl",
-	"pantheon.io",
-	"gotpantheon.com",
-	"xen.prgmr.com",
-	"priv.at",
-	"qa2.com",
-	"rackmaze.com",
-	"rackmaze.net",
-	"rhcloud.com",
-	"sandcats.io",
-	"biz.ua",
-	"co.ua",
-	"pp.ua",
-	"sinaapp.com",
-	"vipsinaapp.com",
-	"1kapp.com",
-	"diskstation.me",
-	"dscloud.biz",
-	"dscloud.me",
-	"dscloud.mobi",
-	"dsmynas.com",
-	"dsmynas.net",
-	"dsmynas.org",
-	"familyds.com",
-	"familyds.net",
-	"familyds.org",
-	"i234.me",
-	"myds.me",
-	"synology.me",
-	"gda.pl",
-	"gdansk.pl",
-	"gdynia.pl",
-	"med.pl",
-	"sopot.pl",
-	"hk.com",
-	"hk.org",
-	"ltd.hk",
-	"inc.hk",
-	"yolasite.com",
-	"za.net",
-	"za.org",
-}
-
-var nodeLabels = [...]string{
-	"aaa",
-	"aarp",
-	"abarth",
-	"abb",
-	"abbott",
-	"abbvie",
-	"abc",
-	"able",
-	"abogado",
-	"abudhabi",
-	"ac",
-	"academy",
-	"accenture",
-	"accountant",
-	"accountants",
-	"aco",
-	"active",
-	"actor",
-	"ad",
-	"adac",
-	"ads",
-	"adult",
-	"ae",
-	"aeg",
-	"aero",
-	"aetna",
-	"af",
-	"afamilycompany",
-	"afl",
-	"africa",
-	"africamagic",
-	"ag",
-	"agakhan",
-	"agency",
-	"ai",
-	"aig",
-	"aigo",
-	"airbus",
-	"airforce",
-	"airtel",
-	"akdn",
-	"al",
-	"alfaromeo",
-	"alibaba",
-	"alipay",
-	"allfinanz",
-	"allstate",
-	"ally",
-	"alsace",
-	"alstom",
-	"am",
-	"americanexpress",
-	"americanfamily",
-	"amex",
-	"amfam",
-	"amica",
-	"amsterdam",
-	"analytics",
-	"android",
-	"anquan",
-	"anz",
-	"ao",
-	"aol",
-	"apartments",
-	"app",
-	"apple",
-	"aq",
-	"aquarelle",
-	"ar",
-	"arab",
-	"aramco",
-	"archi",
-	"army",
-	"arpa",
-	"arte",
-	"as",
-	"asda",
-	"asia",
-	"associates",
-	"at",
-	"athleta",
-	"attorney",
-	"au",
-	"auction",
-	"audi",
-	"audible",
-	"audio",
-	"auspost",
-	"author",
-	"auto",
-	"autos",
-	"avianca",
-	"aw",
-	"aws",
-	"ax",
-	"axa",
-	"az",
-	"azure",
-	"ba",
-	"baby",
-	"baidu",
-	"banamex",
-	"bananarepublic",
-	"band",
-	"bank",
-	"bar",
-	"barcelona",
-	"barclaycard",
-	"barclays",
-	"barefoot",
-	"bargains",
-	"baseball",
-	"basketball",
-	"bauhaus",
-	"bayern",
-	"bb",
-	"bbc",
-	"bbt",
-	"bbva",
-	"bcg",
-	"bcn",
-	"bd",
-	"be",
-	"beats",
-	"beauty",
-	"beer",
-	"bentley",
-	"berlin",
-	"best",
-	"bestbuy",
-	"bet",
-	"bf",
-	"bg",
-	"bh",
-	"bharti",
-	"bi",
-	"bible",
-	"bid",
-	"bike",
-	"bing",
-	"bingo",
-	"bio",
-	"biz",
-	"bj",
-	"black",
-	"blackfriday",
-	"blanco",
-	"blockbuster",
-	"blog",
-	"bloomberg",
-	"blue",
-	"bm",
-	"bms",
-	"bmw",
-	"bn",
-	"bnl",
-	"bnpparibas",
-	"bo",
-	"boats",
-	"boehringer",
-	"bofa",
-	"bom",
-	"bond",
-	"boo",
-	"book",
-	"booking",
-	"boots",
-	"bosch",
-	"bostik",
-	"boston",
-	"bot",
-	"boutique",
-	"box",
-	"br",
-	"bradesco",
-	"bridgestone",
-	"broadway",
-	"broker",
-	"brother",
-	"brussels",
-	"bs",
-	"bt",
-	"budapest",
-	"bugatti",
-	"build",
-	"builders",
-	"business",
-	"buy",
-	"buzz",
-	"bv",
-	"bw",
-	"by",
-	"bz",
-	"bzh",
-	"ca",
-	"cab",
-	"cafe",
-	"cal",
-	"call",
-	"calvinklein",
-	"camera",
-	"camp",
-	"cancerresearch",
-	"canon",
-	"capetown",
-	"capital",
-	"capitalone",
-	"car",
-	"caravan",
-	"cards",
-	"care",
-	"career",
-	"careers",
-	"cars",
-	"cartier",
-	"casa",
-	"case",
-	"caseih",
-	"cash",
-	"casino",
-	"cat",
-	"catering",
-	"catholic",
-	"cba",
-	"cbn",
-	"cbre",
-	"cbs",
-	"cc",
-	"cd",
-	"ceb",
-	"center",
-	"ceo",
-	"cern",
-	"cf",
-	"cfa",
-	"cfd",
-	"cg",
-	"ch",
-	"chanel",
-	"channel",
-	"chase",
-	"chat",
-	"cheap",
-	"chintai",
-	"chloe",
-	"christmas",
-	"chrome",
-	"chrysler",
-	"church",
-	"ci",
-	"cipriani",
-	"circle",
-	"cisco",
-	"citadel",
-	"citi",
-	"citic",
-	"city",
-	"cityeats",
-	"ck",
-	"cl",
-	"claims",
-	"cleaning",
-	"click",
-	"clinic",
-	"clinique",
-	"clothing",
-	"cloud",
-	"club",
-	"clubmed",
-	"cm",
-	"cn",
-	"co",
-	"coach",
-	"codes",
-	"coffee",
-	"college",
-	"cologne",
-	"com",
-	"comcast",
-	"commbank",
-	"community",
-	"company",
-	"compare",
-	"computer",
-	"comsec",
-	"condos",
-	"construction",
-	"consulting",
-	"contact",
-	"contractors",
-	"cooking",
-	"cookingchannel",
-	"cool",
-	"coop",
-	"corsica",
-	"country",
-	"coupon",
-	"coupons",
-	"courses",
-	"cr",
-	"credit",
-	"creditcard",
-	"creditunion",
-	"cricket",
-	"crown",
-	"crs",
-	"cruise",
-	"cruises",
-	"csc",
-	"cu",
-	"cuisinella",
-	"cv",
-	"cw",
-	"cx",
-	"cy",
-	"cymru",
-	"cyou",
-	"cz",
-	"dabur",
-	"dad",
-	"dance",
-	"date",
-	"dating",
-	"datsun",
-	"day",
-	"dclk",
-	"dds",
-	"de",
-	"deal",
-	"dealer",
-	"deals",
-	"degree",
-	"delivery",
-	"dell",
-	"deloitte",
-	"delta",
-	"democrat",
-	"dental",
-	"dentist",
-	"desi",
-	"design",
-	"dev",
-	"dhl",
-	"diamonds",
-	"diet",
-	"digital",
-	"direct",
-	"directory",
-	"discount",
-	"discover",
-	"dish",
-	"diy",
-	"dj",
-	"dk",
-	"dm",
-	"dnp",
-	"do",
-	"docs",
-	"dodge",
-	"dog",
-	"doha",
-	"domains",
-	"dot",
-	"download",
-	"drive",
-	"dstv",
-	"dtv",
-	"dubai",
-	"duck",
-	"dunlop",
-	"duns",
-	"dupont",
-	"durban",
-	"dvag",
-	"dwg",
-	"dz",
-	"earth",
-	"eat",
-	"ec",
-	"edeka",
-	"edu",
-	"education",
-	"ee",
-	"eg",
-	"email",
-	"emerck",
-	"emerson",
-	"energy",
-	"engineer",
-	"engineering",
-	"enterprises",
-	"epost",
-	"epson",
-	"equipment",
-	"er",
-	"ericsson",
-	"erni",
-	"es",
-	"esq",
-	"estate",
-	"esurance",
-	"et",
-	"etisalat",
-	"eu",
-	"eurovision",
-	"eus",
-	"events",
-	"everbank",
-	"exchange",
-	"expert",
-	"exposed",
-	"express",
-	"extraspace",
-	"fage",
-	"fail",
-	"fairwinds",
-	"faith",
-	"family",
-	"fan",
-	"fans",
-	"farm",
-	"farmers",
-	"fashion",
-	"fast",
-	"fedex",
-	"feedback",
-	"ferrari",
-	"ferrero",
-	"fi",
-	"fiat",
-	"fidelity",
-	"fido",
-	"film",
-	"final",
-	"finance",
-	"financial",
-	"fire",
-	"firestone",
-	"firmdale",
-	"fish",
-	"fishing",
-	"fit",
-	"fitness",
-	"fj",
-	"fk",
-	"flickr",
-	"flights",
-	"flir",
-	"florist",
-	"flowers",
-	"flsmidth",
-	"fly",
-	"fm",
-	"fo",
-	"foo",
-	"foodnetwork",
-	"football",
-	"ford",
-	"forex",
-	"forsale",
-	"forum",
-	"foundation",
-	"fox",
-	"fr",
-	"free",
-	"fresenius",
-	"frl",
-	"frogans",
-	"frontdoor",
-	"frontier",
-	"ftr",
-	"fujitsu",
-	"fujixerox",
-	"fun",
-	"fund",
-	"furniture",
-	"futbol",
-	"fyi",
-	"ga",
-	"gal",
-	"gallery",
-	"gallo",
-	"gallup",
-	"game",
-	"games",
-	"gap",
-	"garden",
-	"gb",
-	"gbiz",
-	"gd",
-	"gdn",
-	"ge",
-	"gea",
-	"gent",
-	"genting",
-	"george",
-	"gf",
-	"gg",
-	"ggee",
-	"gh",
-	"gi",
-	"gift",
-	"gifts",
-	"gives",
-	"giving",
-	"gl",
-	"glade",
-	"glass",
-	"gle",
-	"global",
-	"globo",
-	"gm",
-	"gmail",
-	"gmbh",
-	"gmo",
-	"gmx",
-	"gn",
-	"godaddy",
-	"gold",
-	"goldpoint",
-	"golf",
-	"goo",
-	"goodhands",
-	"goodyear",
-	"goog",
-	"google",
-	"gop",
-	"got",
-	"gotv",
-	"gov",
-	"gp",
-	"gq",
-	"gr",
-	"grainger",
-	"graphics",
-	"gratis",
-	"green",
-	"gripe",
-	"group",
-	"gs",
-	"gt",
-	"gu",
-	"guardian",
-	"gucci",
-	"guge",
-	"guide",
-	"guitars",
-	"guru",
-	"gw",
-	"gy",
-	"hair",
-	"hamburg",
-	"hangout",
-	"haus",
-	"hbo",
-	"hdfc",
-	"hdfcbank",
-	"health",
-	"healthcare",
-	"help",
-	"helsinki",
-	"here",
-	"hermes",
-	"hgtv",
-	"hiphop",
-	"hisamitsu",
-	"hitachi",
-	"hiv",
-	"hk",
-	"hkt",
-	"hm",
-	"hn",
-	"hockey",
-	"holdings",
-	"holiday",
-	"homedepot",
-	"homegoods",
-	"homes",
-	"homesense",
-	"honda",
-	"honeywell",
-	"horse",
-	"host",
-	"hosting",
-	"hot",
-	"hoteles",
-	"hotmail",
-	"house",
-	"how",
-	"hr",
-	"hsbc",
-	"ht",
-	"htc",
-	"hu",
-	"hughes",
-	"hyatt",
-	"hyundai",
-	"ibm",
-	"icbc",
-	"ice",
-	"icu",
-	"id",
-	"ie",
-	"ieee",
-	"ifm",
-	"iinet",
-	"ikano",
-	"il",
-	"im",
-	"imamat",
-	"imdb",
-	"immo",
-	"immobilien",
-	"in",
-	"industries",
-	"infiniti",
-	"info",
-	"ing",
-	"ink",
-	"institute",
-	"insurance",
-	"insure",
-	"int",
-	"intel",
-	"international",
-	"intuit",
-	"investments",
-	"io",
-	"ipiranga",
-	"iq",
-	"ir",
-	"irish",
-	"is",
-	"iselect",
-	"ismaili",
-	"ist",
-	"istanbul",
-	"it",
-	"itau",
-	"itv",
-	"iveco",
-	"iwc",
-	"jaguar",
-	"java",
-	"jcb",
-	"jcp",
-	"je",
-	"jeep",
-	"jetzt",
-	"jewelry",
-	"jio",
-	"jlc",
-	"jll",
-	"jm",
-	"jmp",
-	"jnj",
-	"jo",
-	"jobs",
-	"joburg",
-	"jot",
-	"joy",
-	"jp",
-	"jpmorgan",
-	"jprs",
-	"juegos",
-	"juniper",
-	"kaufen",
-	"kddi",
-	"ke",
-	"kerryhotels",
-	"kerrylogistics",
-	"kerryproperties",
-	"kfh",
-	"kg",
-	"kh",
-	"ki",
-	"kia",
-	"kim",
-	"kinder",
-	"kindle",
-	"kitchen",
-	"kiwi",
-	"km",
-	"kn",
-	"koeln",
-	"komatsu",
-	"kosher",
-	"kp",
-	"kpmg",
-	"kpn",
-	"kr",
-	"krd",
-	"kred",
-	"kuokgroup",
-	"kw",
-	"ky",
-	"kyknet",
-	"kyoto",
-	"kz",
-	"la",
-	"lacaixa",
-	"ladbrokes",
-	"lamborghini",
-	"lamer",
-	"lancaster",
-	"lancia",
-	"lancome",
-	"land",
-	"landrover",
-	"lanxess",
-	"lasalle",
-	"lat",
-	"latino",
-	"latrobe",
-	"law",
-	"lawyer",
-	"lb",
-	"lc",
-	"lds",
-	"lease",
-	"leclerc",
-	"lefrak",
-	"legal",
-	"lego",
-	"lexus",
-	"lgbt",
-	"li",
-	"liaison",
-	"lidl",
-	"life",
-	"lifeinsurance",
-	"lifestyle",
-	"lighting",
-	"like",
-	"lilly",
-	"limited",
-	"limo",
-	"lincoln",
-	"linde",
-	"link",
-	"lipsy",
-	"live",
-	"living",
-	"lixil",
-	"lk",
-	"loan",
-	"loans",
-	"locker",
-	"locus",
-	"loft",
-	"lol",
-	"london",
-	"lotte",
-	"lotto",
-	"love",
-	"lpl",
-	"lplfinancial",
-	"lr",
-	"ls",
-	"lt",
-	"ltd",
-	"ltda",
-	"lu",
-	"lundbeck",
-	"lupin",
-	"luxe",
-	"luxury",
-	"lv",
-	"ly",
-	"ma",
-	"macys",
-	"madrid",
-	"maif",
-	"maison",
-	"makeup",
-	"man",
-	"management",
-	"mango",
-	"market",
-	"marketing",
-	"markets",
-	"marriott",
-	"marshalls",
-	"maserati",
-	"mattel",
-	"mba",
-	"mc",
-	"mcd",
-	"mcdonalds",
-	"mckinsey",
-	"md",
-	"me",
-	"med",
-	"media",
-	"meet",
-	"melbourne",
-	"meme",
-	"memorial",
-	"men",
-	"menu",
-	"meo",
-	"metlife",
-	"mg",
-	"mh",
-	"miami",
-	"microsoft",
-	"mil",
-	"mini",
-	"mint",
-	"mit",
-	"mitsubishi",
-	"mk",
-	"ml",
-	"mlb",
-	"mls",
-	"mm",
-	"mma",
-	"mn",
-	"mnet",
-	"mo",
-	"mobi",
-	"mobily",
-	"moda",
-	"moe",
-	"moi",
-	"mom",
-	"monash",
-	"money",
-	"monster",
-	"montblanc",
-	"mopar",
-	"mormon",
-	"mortgage",
-	"moscow",
-	"moto",
-	"motorcycles",
-	"mov",
-	"movie",
-	"movistar",
-	"mp",
-	"mq",
-	"mr",
-	"ms",
-	"msd",
-	"mt",
-	"mtn",
-	"mtpc",
-	"mtr",
-	"mu",
-	"multichoice",
-	"museum",
-	"mutual",
-	"mutuelle",
-	"mv",
-	"mw",
-	"mx",
-	"my",
-	"mz",
-	"mzansimagic",
-	"na",
-	"nab",
-	"nadex",
-	"nagoya",
-	"name",
-	"naspers",
-	"nationwide",
-	"natura",
-	"navy",
-	"nba",
-	"nc",
-	"ne",
-	"nec",
-	"net",
-	"netbank",
-	"netflix",
-	"network",
-	"neustar",
-	"new",
-	"newholland",
-	"news",
-	"next",
-	"nextdirect",
-	"nexus",
-	"nf",
-	"nfl",
-	"ng",
-	"ngo",
-	"nhk",
-	"ni",
-	"nico",
-	"nike",
-	"nikon",
-	"ninja",
-	"nissan",
-	"nissay",
-	"nl",
-	"no",
-	"nokia",
-	"northwesternmutual",
-	"norton",
-	"now",
-	"nowruz",
-	"nowtv",
-	"np",
-	"nr",
-	"nra",
-	"nrw",
-	"ntt",
-	"nu",
-	"nyc",
-	"nz",
-	"obi",
-	"observer",
-	"off",
-	"office",
-	"okinawa",
-	"olayan",
-	"olayangroup",
-	"oldnavy",
-	"ollo",
-	"om",
-	"omega",
-	"one",
-	"ong",
-	"onl",
-	"online",
-	"onyourside",
-	"ooo",
-	"open",
-	"oracle",
-	"orange",
-	"org",
-	"organic",
-	"orientexpress",
-	"origins",
-	"osaka",
-	"otsuka",
-	"ott",
-	"ovh",
-	"pa",
-	"page",
-	"pamperedchef",
-	"panasonic",
-	"panerai",
-	"paris",
-	"pars",
-	"partners",
-	"parts",
-	"party",
-	"passagens",
-	"pay",
-	"payu",
-	"pccw",
-	"pe",
-	"pet",
-	"pf",
-	"pfizer",
-	"pg",
-	"ph",
-	"pharmacy",
-	"philips",
-	"photo",
-	"photography",
-	"photos",
-	"physio",
-	"piaget",
-	"pics",
-	"pictet",
-	"pictures",
-	"pid",
-	"pin",
-	"ping",
-	"pink",
-	"pioneer",
-	"pizza",
-	"pk",
-	"pl",
-	"place",
-	"play",
-	"playstation",
-	"plumbing",
-	"plus",
-	"pm",
-	"pn",
-	"pnc",
-	"pohl",
-	"poker",
-	"politie",
-	"porn",
-	"post",
-	"pr",
-	"pramerica",
-	"praxi",
-	"press",
-	"prime",
-	"pro",
-	"prod",
-	"productions",
-	"prof",
-	"progressive",
-	"promo",
-	"properties",
-	"property",
-	"protection",
-	"pru",
-	"prudential",
-	"ps",
-	"pt",
-	"pub",
-	"pw",
-	"pwc",
-	"py",
-	"qa",
-	"qpon",
-	"quebec",
-	"quest",
-	"qvc",
-	"racing",
-	"raid",
-	"re",
-	"read",
-	"realestate",
-	"realtor",
-	"realty",
-	"recipes",
-	"red",
-	"redstone",
-	"redumbrella",
-	"rehab",
-	"reise",
-	"reisen",
-	"reit",
-	"reliance",
-	"ren",
-	"rent",
-	"rentals",
-	"repair",
-	"report",
-	"republican",
-	"rest",
-	"restaurant",
-	"review",
-	"reviews",
-	"rexroth",
-	"rich",
-	"richardli",
-	"ricoh",
-	"rightathome",
-	"ril",
-	"rio",
-	"rip",
-	"rmit",
-	"ro",
-	"rocher",
-	"rocks",
-	"rodeo",
-	"rogers",
-	"room",
-	"rs",
-	"rsvp",
-	"ru",
-	"ruhr",
-	"run",
-	"rw",
-	"rwe",
-	"ryukyu",
-	"sa",
-	"saarland",
-	"safe",
-	"safety",
-	"sakura",
-	"sale",
-	"salon",
-	"samsclub",
-	"samsung",
-	"sandvik",
-	"sandvikcoromant",
-	"sanofi",
-	"sap",
-	"sapo",
-	"sarl",
-	"sas",
-	"save",
-	"saxo",
-	"sb",
-	"sbi",
-	"sbs",
-	"sc",
-	"sca",
-	"scb",
-	"schaeffler",
-	"schmidt",
-	"scholarships",
-	"school",
-	"schule",
-	"schwarz",
-	"science",
-	"scjohnson",
-	"scor",
-	"scot",
-	"sd",
-	"se",
-	"seat",
-	"secure",
-	"security",
-	"seek",
-	"select",
-	"sener",
-	"services",
-	"ses",
-	"seven",
-	"sew",
-	"sex",
-	"sexy",
-	"sfr",
-	"sg",
-	"sh",
-	"shangrila",
-	"sharp",
-	"shaw",
-	"shell",
-	"shia",
-	"shiksha",
-	"shoes",
-	"shouji",
-	"show",
-	"showtime",
-	"shriram",
-	"si",
-	"silk",
-	"sina",
-	"singles",
-	"site",
-	"sj",
-	"sk",
-	"ski",
-	"skin",
-	"sky",
-	"skype",
-	"sl",
-	"sling",
-	"sm",
-	"smart",
-	"smile",
-	"sn",
-	"sncf",
-	"so",
-	"soccer",
-	"social",
-	"softbank",
-	"software",
-	"sohu",
-	"solar",
-	"solutions",
-	"song",
-	"sony",
-	"soy",
-	"space",
-	"spiegel",
-	"spot",
-	"spreadbetting",
-	"sr",
-	"srl",
-	"srt",
-	"st",
-	"stada",
-	"staples",
-	"star",
-	"starhub",
-	"statebank",
-	"statefarm",
-	"statoil",
-	"stc",
-	"stcgroup",
-	"stockholm",
-	"storage",
-	"store",
-	"stream",
-	"studio",
-	"study",
-	"style",
-	"su",
-	"sucks",
-	"supersport",
-	"supplies",
-	"supply",
-	"support",
-	"surf",
-	"surgery",
-	"suzuki",
-	"sv",
-	"swatch",
-	"swiftcover",
-	"swiss",
-	"sx",
-	"sy",
-	"sydney",
-	"symantec",
-	"systems",
-	"sz",
-	"tab",
-	"taipei",
-	"talk",
-	"taobao",
-	"target",
-	"tatamotors",
-	"tatar",
-	"tattoo",
-	"tax",
-	"taxi",
-	"tc",
-	"tci",
-	"td",
-	"tdk",
-	"team",
-	"tech",
-	"technology",
-	"tel",
-	"telecity",
-	"telefonica",
-	"temasek",
-	"tennis",
-	"teva",
-	"tf",
-	"tg",
-	"th",
-	"thd",
-	"theater",
-	"theatre",
-	"theguardian",
-	"tiaa",
-	"tickets",
-	"tienda",
-	"tiffany",
-	"tips",
-	"tires",
-	"tirol",
-	"tj",
-	"tjmaxx",
-	"tjx",
-	"tk",
-	"tkmaxx",
-	"tl",
-	"tm",
-	"tmall",
-	"tn",
-	"to",
-	"today",
-	"tokyo",
-	"tools",
-	"top",
-	"toray",
-	"toshiba",
-	"total",
-	"tours",
-	"town",
-	"toyota",
-	"toys",
-	"tr",
-	"trade",
-	"trading",
-	"training",
-	"travel",
-	"travelchannel",
-	"travelers",
-	"travelersinsurance",
-	"trust",
-	"trv",
-	"tt",
-	"tube",
-	"tui",
-	"tunes",
-	"tushu",
-	"tv",
-	"tvs",
-	"tw",
-	"tz",
-	"ua",
-	"ubank",
-	"ubs",
-	"uconnect",
-	"ug",
-	"uk",
-	"unicom",
-	"university",
-	"uno",
-	"uol",
-	"ups",
-	"us",
-	"uy",
-	"uz",
-	"va",
-	"vacations",
-	"vana",
-	"vanguard",
-	"vc",
-	"ve",
-	"vegas",
-	"ventures",
-	"verisign",
-	"versicherung",
-	"vet",
-	"vg",
-	"vi",
-	"viajes",
-	"video",
-	"vig",
-	"viking",
-	"villas",
-	"vin",
-	"vip",
-	"virgin",
-	"visa",
-	"vision",
-	"vista",
-	"vistaprint",
-	"viva",
-	"vivo",
-	"vlaanderen",
-	"vn",
-	"vodka",
-	"volkswagen",
-	"volvo",
-	"vote",
-	"voting",
-	"voto",
-	"voyage",
-	"vu",
-	"vuelos",
-	"wales",
-	"walmart",
-	"walter",
-	"wang",
-	"wanggou",
-	"warman",
-	"watch",
-	"watches",
-	"weather",
-	"weatherchannel",
-	"webcam",
-	"weber",
-	"website",
-	"wed",
-	"wedding",
-	"weibo",
-	"weir",
-	"wf",
-	"whoswho",
-	"wien",
-	"wiki",
-	"williamhill",
-	"win",
-	"windows",
-	"wine",
-	"winners",
-	"wme",
-	"wolterskluwer",
-	"woodside",
-	"work",
-	"works",
-	"world",
-	"wow",
-	"ws",
-	"wtc",
-	"wtf",
-	"xbox",
-	"xerox",
-	"xfinity",
-	"xihuan",
-	"xin",
-	"xn--11b4c3d",
-	"xn--1ck2e1b",
-	"xn--1qqw23a",
-	"xn--30rr7y",
-	"xn--3bst00m",
-	"xn--3ds443g",
-	"xn--3e0b707e",
-	"xn--3oq18vl8pn36a",
-	"xn--3pxu8k",
-	"xn--42c2d9a",
-	"xn--45brj9c",
-	"xn--45q11c",
-	"xn--4gbrim",
-	"xn--4gq48lf9j",
-	"xn--54b7fta0cc",
-	"xn--55qw42g",
-	"xn--55qx5d",
-	"xn--5su34j936bgsg",
-	"xn--5tzm5g",
-	"xn--6frz82g",
-	"xn--6qq986b3xl",
-	"xn--80adxhks",
-	"xn--80ao21a",
-	"xn--80aqecdr1a",
-	"xn--80asehdb",
-	"xn--80aswg",
-	"xn--8y0a063a",
-	"xn--90a3ac",
-	"xn--90ais",
-	"xn--9dbq2a",
-	"xn--9et52u",
-	"xn--9krt00a",
-	"xn--b4w605ferd",
-	"xn--bck1b9a5dre4c",
-	"xn--c1avg",
-	"xn--c2br7g",
-	"xn--cck2b3b",
-	"xn--cg4bki",
-	"xn--clchc0ea0b2g2a9gcd",
-	"xn--czr694b",
-	"xn--czrs0t",
-	"xn--czru2d",
-	"xn--d1acj3b",
-	"xn--d1alf",
-	"xn--eckvdtc9d",
-	"xn--efvy88h",
-	"xn--estv75g",
-	"xn--fct429k",
-	"xn--fhbei",
-	"xn--fiq228c5hs",
-	"xn--fiq64b",
-	"xn--fiqs8s",
-	"xn--fiqz9s",
-	"xn--fjq720a",
-	"xn--flw351e",
-	"xn--fpcrj9c3d",
-	"xn--fzc2c9e2c",
-	"xn--fzys8d69uvgm",
-	"xn--g2xx48c",
-	"xn--gckr3f0f",
-	"xn--gecrj9c",
-	"xn--gk3at1e",
-	"xn--h2brj9c",
-	"xn--hxt814e",
-	"xn--i1b6b1a6a2e",
-	"xn--imr513n",
-	"xn--io0a7i",
-	"xn--j1aef",
-	"xn--j1amh",
-	"xn--j6w193g",
-	"xn--jlq61u9w7b",
-	"xn--jvr189m",
-	"xn--kcrx77d1x4a",
-	"xn--kprw13d",
-	"xn--kpry57d",
-	"xn--kpu716f",
-	"xn--kput3i",
-	"xn--l1acc",
-	"xn--lgbbat1ad8j",
-	"xn--mgb2ddes",
-	"xn--mgb9awbf",
-	"xn--mgba3a3ejt",
-	"xn--mgba3a4f16a",
-	"xn--mgba3a4fra",
-	"xn--mgba7c0bbn0a",
-	"xn--mgbaakc7dvf",
-	"xn--mgbaam7a8h",
-	"xn--mgbab2bd",
-	"xn--mgbai9a5eva00b",
-	"xn--mgbai9azgqp6j",
-	"xn--mgbayh7gpa",
-	"xn--mgbb9fbpob",
-	"xn--mgbbh1a71e",
-	"xn--mgbc0a9azcg",
-	"xn--mgbca7dzdo",
-	"xn--mgberp4a5d4a87g",
-	"xn--mgberp4a5d4ar",
-	"xn--mgbi4ecexp",
-	"xn--mgbpl2fh",
-	"xn--mgbqly7c0a67fbc",
-	"xn--mgbqly7cvafr",
-	"xn--mgbt3dhd",
-	"xn--mgbtf8fl",
-	"xn--mgbtx2b",
-	"xn--mgbx4cd0ab",
-	"xn--mix082f",
-	"xn--mix891f",
-	"xn--mk1bu44c",
-	"xn--mxtq1m",
-	"xn--ngbc5azd",
-	"xn--ngbe9e0a",
-	"xn--ngbrx",
-	"xn--nnx388a",
-	"xn--node",
-	"xn--nqv7f",
-	"xn--nqv7fs00ema",
-	"xn--nyqy26a",
-	"xn--o3cw4h",
-	"xn--ogbpf8fl",
-	"xn--p1acf",
-	"xn--p1ai",
-	"xn--pbt977c",
-	"xn--pgbs0dh",
-	"xn--pssy2u",
-	"xn--q9jyb4c",
-	"xn--qcka1pmc",
-	"xn--qxam",
-	"xn--rhqv96g",
-	"xn--rovu88b",
-	"xn--s9brj9c",
-	"xn--ses554g",
-	"xn--t60b56a",
-	"xn--tckwe",
-	"xn--tiq49xqyj",
-	"xn--unup4y",
-	"xn--vermgensberater-ctb",
-	"xn--vermgensberatung-pwb",
-	"xn--vhquv",
-	"xn--vuq861b",
-	"xn--w4r85el8fhu5dnra",
-	"xn--w4rs40l",
-	"xn--wgbh1c",
-	"xn--wgbl6a",
-	"xn--xhq521b",
-	"xn--xkc2al3hye2a",
-	"xn--xkc2dl3a5ee0h",
-	"xn--y9a3aq",
-	"xn--yfro4i67o",
-	"xn--ygbi2ammx",
-	"xn--zfr164b",
-	"xperia",
-	"xxx",
-	"xyz",
-	"yachts",
-	"yahoo",
-	"yamaxun",
-	"yandex",
-	"ye",
-	"yodobashi",
-	"yoga",
-	"yokohama",
-	"you",
-	"youtube",
-	"yt",
-	"yun",
-	"za",
-	"zappos",
-	"zara",
-	"zero",
-	"zip",
-	"zippo",
-	"zm",
-	"zone",
-	"zuerich",
-	"zw",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"nom",
-	"ac",
-	"blogspot",
-	"co",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"sch",
-	"accident-investigation",
-	"accident-prevention",
-	"aerobatic",
-	"aeroclub",
-	"aerodrome",
-	"agents",
-	"air-surveillance",
-	"air-traffic-control",
-	"aircraft",
-	"airline",
-	"airport",
-	"airtraffic",
-	"ambulance",
-	"amusement",
-	"association",
-	"author",
-	"ballooning",
-	"broker",
-	"caa",
-	"cargo",
-	"catering",
-	"certification",
-	"championship",
-	"charter",
-	"civilaviation",
-	"club",
-	"conference",
-	"consultant",
-	"consulting",
-	"control",
-	"council",
-	"crew",
-	"design",
-	"dgca",
-	"educator",
-	"emergency",
-	"engine",
-	"engineer",
-	"entertainment",
-	"equipment",
-	"exchange",
-	"express",
-	"federation",
-	"flight",
-	"freight",
-	"fuel",
-	"gliding",
-	"government",
-	"groundhandling",
-	"group",
-	"hanggliding",
-	"homebuilt",
-	"insurance",
-	"journal",
-	"journalist",
-	"leasing",
-	"logistics",
-	"magazine",
-	"maintenance",
-	"media",
-	"microlight",
-	"modelling",
-	"navigation",
-	"parachuting",
-	"paragliding",
-	"passenger-association",
-	"pilot",
-	"press",
-	"production",
-	"recreation",
-	"repbody",
-	"res",
-	"research",
-	"rotorcraft",
-	"safety",
-	"scientist",
-	"services",
-	"show",
-	"skydiving",
-	"software",
-	"student",
-	"trader",
-	"trading",
-	"trainer",
-	"union",
-	"workinggroup",
-	"works",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"co",
-	"com",
-	"net",
-	"nom",
-	"org",
-	"com",
-	"net",
-	"off",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"blogspot",
-	"co",
-	"ed",
-	"gv",
-	"it",
-	"og",
-	"pb",
-	"com",
-	"edu",
-	"gob",
-	"gov",
-	"int",
-	"mil",
-	"net",
-	"org",
-	"tur",
-	"blogspot",
-	"e164",
-	"in-addr",
-	"ip6",
-	"iris",
-	"uri",
-	"urn",
-	"gov",
-	"ac",
-	"biz",
-	"co",
-	"gv",
-	"info",
-	"or",
-	"priv",
-	"blogspot",
-	"act",
-	"asn",
-	"com",
-	"conf",
-	"edu",
-	"gov",
-	"id",
-	"info",
-	"net",
-	"nsw",
-	"nt",
-	"org",
-	"oz",
-	"qld",
-	"sa",
-	"tas",
-	"vic",
-	"wa",
-	"blogspot",
-	"act",
-	"nsw",
-	"nt",
-	"qld",
-	"sa",
-	"tas",
-	"vic",
-	"wa",
-	"qld",
-	"sa",
-	"tas",
-	"vic",
-	"wa",
-	"com",
-	"biz",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"int",
-	"mil",
-	"name",
-	"net",
-	"org",
-	"pp",
-	"pro",
-	"blogspot",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"rs",
-	"unbi",
-	"unsa",
-	"biz",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"net",
-	"org",
-	"store",
-	"tv",
-	"ac",
-	"blogspot",
-	"gov",
-	"0",
-	"1",
-	"2",
-	"3",
-	"4",
-	"5",
-	"6",
-	"7",
-	"8",
-	"9",
-	"a",
-	"b",
-	"blogspot",
-	"c",
-	"d",
-	"e",
-	"f",
-	"g",
-	"h",
-	"i",
-	"j",
-	"k",
-	"l",
-	"m",
-	"n",
-	"o",
-	"p",
-	"q",
-	"r",
-	"s",
-	"t",
-	"u",
-	"v",
-	"w",
-	"x",
-	"y",
-	"z",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"co",
-	"com",
-	"edu",
-	"or",
-	"org",
-	"dscloud",
-	"dyndns",
-	"for-better",
-	"for-more",
-	"for-some",
-	"for-the",
-	"selfip",
-	"webhop",
-	"asso",
-	"barreau",
-	"blogspot",
-	"gouv",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gob",
-	"gov",
-	"int",
-	"mil",
-	"net",
-	"org",
-	"tv",
-	"adm",
-	"adv",
-	"agr",
-	"am",
-	"arq",
-	"art",
-	"ato",
-	"b",
-	"bio",
-	"blog",
-	"bmd",
-	"cim",
-	"cng",
-	"cnt",
-	"com",
-	"coop",
-	"ecn",
-	"eco",
-	"edu",
-	"emp",
-	"eng",
-	"esp",
-	"etc",
-	"eti",
-	"far",
-	"flog",
-	"fm",
-	"fnd",
-	"fot",
-	"fst",
-	"g12",
-	"ggf",
-	"gov",
-	"imb",
-	"ind",
-	"inf",
-	"jor",
-	"jus",
-	"leg",
-	"lel",
-	"mat",
-	"med",
-	"mil",
-	"mp",
-	"mus",
-	"net",
-	"nom",
-	"not",
-	"ntr",
-	"odo",
-	"org",
-	"ppg",
-	"pro",
-	"psc",
-	"psi",
-	"qsl",
-	"radio",
-	"rec",
-	"slg",
-	"srv",
-	"taxi",
-	"teo",
-	"tmp",
-	"trd",
-	"tur",
-	"tv",
-	"vet",
-	"vlog",
-	"wiki",
-	"zlg",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"co",
-	"org",
-	"com",
-	"gov",
-	"mil",
-	"of",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"za",
-	"ab",
-	"bc",
-	"blogspot",
-	"co",
-	"gc",
-	"mb",
-	"nb",
-	"nf",
-	"nl",
-	"ns",
-	"nt",
-	"nu",
-	"on",
-	"pe",
-	"qc",
-	"sk",
-	"yk",
-	"ftpaccess",
-	"game-server",
-	"myphotos",
-	"scrapping",
-	"gov",
-	"blogspot",
-	"blogspot",
-	"ac",
-	"asso",
-	"co",
-	"com",
-	"ed",
-	"edu",
-	"go",
-	"gouv",
-	"int",
-	"md",
-	"net",
-	"or",
-	"org",
-	"presse",
-	"xn--aroport-bya",
-	"www",
-	"blogspot",
-	"co",
-	"gob",
-	"gov",
-	"mil",
-	"co",
-	"com",
-	"gov",
-	"net",
-	"ac",
-	"ah",
-	"amazonaws",
-	"bj",
-	"com",
-	"cq",
-	"edu",
-	"fj",
-	"gd",
-	"gov",
-	"gs",
-	"gx",
-	"gz",
-	"ha",
-	"hb",
-	"he",
-	"hi",
-	"hk",
-	"hl",
-	"hn",
-	"jl",
-	"js",
-	"jx",
-	"ln",
-	"mil",
-	"mo",
-	"net",
-	"nm",
-	"nx",
-	"org",
-	"qh",
-	"sc",
-	"sd",
-	"sh",
-	"sn",
-	"sx",
-	"tj",
-	"tw",
-	"xj",
-	"xn--55qx5d",
-	"xn--io0a7i",
-	"xn--od0alg",
-	"xz",
-	"yn",
-	"zj",
-	"compute",
-	"cn-north-1",
-	"amazonaws",
-	"cn-north-1",
-	"s3",
-	"arts",
-	"com",
-	"edu",
-	"firm",
-	"gov",
-	"info",
-	"int",
-	"mil",
-	"net",
-	"nom",
-	"org",
-	"rec",
-	"web",
-	"blogspot",
-	"1kapp",
-	"4u",
-	"africa",
-	"amazonaws",
-	"appspot",
-	"ar",
-	"betainabox",
-	"blogdns",
-	"blogspot",
-	"br",
-	"cechire",
-	"cloudcontrolapp",
-	"cloudcontrolled",
-	"cn",
-	"co",
-	"codespot",
-	"de",
-	"dnsalias",
-	"dnsdojo",
-	"doesntexist",
-	"dontexist",
-	"doomdns",
-	"dreamhosters",
-	"dsmynas",
-	"dyn-o-saur",
-	"dynalias",
-	"dyndns-at-home",
-	"dyndns-at-work",
-	"dyndns-blog",
-	"dyndns-free",
-	"dyndns-home",
-	"dyndns-ip",
-	"dyndns-mail",
-	"dyndns-office",
-	"dyndns-pics",
-	"dyndns-remote",
-	"dyndns-server",
-	"dyndns-web",
-	"dyndns-wiki",
-	"dyndns-work",
-	"elasticbeanstalk",
-	"est-a-la-maison",
-	"est-a-la-masion",
-	"est-le-patron",
-	"est-mon-blogueur",
-	"eu",
-	"familyds",
-	"fbsbx",
-	"firebaseapp",
-	"flynnhub",
-	"from-ak",
-	"from-al",
-	"from-ar",
-	"from-ca",
-	"from-ct",
-	"from-dc",
-	"from-de",
-	"from-fl",
-	"from-ga",
-	"from-hi",
-	"from-ia",
-	"from-id",
-	"from-il",
-	"from-in",
-	"from-ks",
-	"from-ky",
-	"from-ma",
-	"from-md",
-	"from-mi",
-	"from-mn",
-	"from-mo",
-	"from-ms",
-	"from-mt",
-	"from-nc",
-	"from-nd",
-	"from-ne",
-	"from-nh",
-	"from-nj",
-	"from-nm",
-	"from-nv",
-	"from-oh",
-	"from-ok",
-	"from-or",
-	"from-pa",
-	"from-pr",
-	"from-ri",
-	"from-sc",
-	"from-sd",
-	"from-tn",
-	"from-tx",
-	"from-ut",
-	"from-va",
-	"from-vt",
-	"from-wa",
-	"from-wi",
-	"from-wv",
-	"from-wy",
-	"gb",
-	"getmyip",
-	"githubcloud",
-	"githubcloudusercontent",
-	"githubusercontent",
-	"googleapis",
-	"googlecode",
-	"gotdns",
-	"gotpantheon",
-	"gr",
-	"herokuapp",
-	"herokussl",
-	"hk",
-	"hobby-site",
-	"homelinux",
-	"homeunix",
-	"hu",
-	"iamallama",
-	"is-a-anarchist",
-	"is-a-blogger",
-	"is-a-bookkeeper",
-	"is-a-bulls-fan",
-	"is-a-caterer",
-	"is-a-chef",
-	"is-a-conservative",
-	"is-a-cpa",
-	"is-a-cubicle-slave",
-	"is-a-democrat",
-	"is-a-designer",
-	"is-a-doctor",
-	"is-a-financialadvisor",
-	"is-a-geek",
-	"is-a-green",
-	"is-a-guru",
-	"is-a-hard-worker",
-	"is-a-hunter",
-	"is-a-landscaper",
-	"is-a-lawyer",
-	"is-a-liberal",
-	"is-a-libertarian",
-	"is-a-llama",
-	"is-a-musician",
-	"is-a-nascarfan",
-	"is-a-nurse",
-	"is-a-painter",
-	"is-a-personaltrainer",
-	"is-a-photographer",
-	"is-a-player",
-	"is-a-republican",
-	"is-a-rockstar",
-	"is-a-socialist",
-	"is-a-student",
-	"is-a-teacher",
-	"is-a-techie",
-	"is-a-therapist",
-	"is-an-accountant",
-	"is-an-actor",
-	"is-an-actress",
-	"is-an-anarchist",
-	"is-an-artist",
-	"is-an-engineer",
-	"is-an-entertainer",
-	"is-certified",
-	"is-gone",
-	"is-into-anime",
-	"is-into-cars",
-	"is-into-cartoons",
-	"is-into-games",
-	"is-leet",
-	"is-not-certified",
-	"is-slick",
-	"is-uberleet",
-	"is-with-theband",
-	"isa-geek",
-	"isa-hockeynut",
-	"issmarterthanyou",
-	"jpn",
-	"kr",
-	"likes-pie",
-	"likescandy",
-	"mex",
-	"mydrobo",
-	"neat-url",
-	"nfshost",
-	"no",
-	"operaunite",
-	"outsystemscloud",
-	"pagefrontapp",
-	"pagespeedmobilizer",
-	"prgmr",
-	"qa2",
-	"qc",
-	"rackmaze",
-	"rhcloud",
-	"ro",
-	"ru",
-	"sa",
-	"saves-the-whales",
-	"se",
-	"selfip",
-	"sells-for-less",
-	"sells-for-u",
-	"servebbs",
-	"simple-url",
-	"sinaapp",
-	"space-to-rent",
-	"teaches-yoga",
-	"uk",
-	"us",
-	"uy",
-	"vipsinaapp",
-	"withgoogle",
-	"withyoutube",
-	"writesthisblog",
-	"xenapponazure",
-	"yolasite",
-	"za",
-	"ap-northeast-2",
-	"compute",
-	"compute-1",
-	"elb",
-	"eu-central-1",
-	"s3",
-	"s3-ap-northeast-1",
-	"s3-ap-northeast-2",
-	"s3-ap-southeast-1",
-	"s3-ap-southeast-2",
-	"s3-eu-central-1",
-	"s3-eu-west-1",
-	"s3-external-1",
-	"s3-external-2",
-	"s3-fips-us-gov-west-1",
-	"s3-sa-east-1",
-	"s3-us-gov-west-1",
-	"s3-us-west-1",
-	"s3-us-west-2",
-	"us-east-1",
-	"s3",
-	"ap-northeast-1",
-	"ap-northeast-2",
-	"ap-southeast-1",
-	"ap-southeast-2",
-	"eu-central-1",
-	"eu-west-1",
-	"sa-east-1",
-	"us-gov-west-1",
-	"us-west-1",
-	"us-west-2",
-	"z-1",
-	"z-2",
-	"s3",
-	"apps",
-	"api",
-	"ext",
-	"gist",
-	"xen",
-	"ac",
-	"co",
-	"ed",
-	"fi",
-	"go",
-	"or",
-	"sa",
-	"com",
-	"edu",
-	"gov",
-	"inf",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"net",
-	"org",
-	"ath",
-	"gov",
-	"ac",
-	"biz",
-	"com",
-	"ekloges",
-	"gov",
-	"ltd",
-	"name",
-	"net",
-	"org",
-	"parliament",
-	"press",
-	"pro",
-	"tm",
-	"blogspot",
-	"blogspot",
-	"co",
-	"blogspot",
-	"com",
-	"fuettertdasnetz",
-	"isteingeek",
-	"istmein",
-	"lebtimnetz",
-	"leitungsen",
-	"traeumtgerade",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"art",
-	"com",
-	"edu",
-	"gob",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"sld",
-	"web",
-	"art",
-	"asso",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"pol",
-	"com",
-	"edu",
-	"fin",
-	"gob",
-	"gov",
-	"info",
-	"k12",
-	"med",
-	"mil",
-	"net",
-	"org",
-	"pro",
-	"aip",
-	"com",
-	"edu",
-	"fie",
-	"gov",
-	"lib",
-	"med",
-	"org",
-	"pri",
-	"riik",
-	"blogspot",
-	"com",
-	"edu",
-	"eun",
-	"gov",
-	"mil",
-	"name",
-	"net",
-	"org",
-	"sci",
-	"blogspot",
-	"com",
-	"edu",
-	"gob",
-	"nom",
-	"org",
-	"blogspot",
-	"biz",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"name",
-	"net",
-	"org",
-	"aland",
-	"blogspot",
-	"iki",
-	"aeroport",
-	"assedic",
-	"asso",
-	"avocat",
-	"avoues",
-	"blogspot",
-	"cci",
-	"chambagri",
-	"chirurgiens-dentistes",
-	"com",
-	"experts-comptables",
-	"geometre-expert",
-	"gouv",
-	"greta",
-	"huissier-justice",
-	"medecin",
-	"nom",
-	"notaires",
-	"pharmacien",
-	"port",
-	"prd",
-	"presse",
-	"tm",
-	"veterinaire",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"pvt",
-	"co",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"ltd",
-	"mod",
-	"org",
-	"co",
-	"com",
-	"edu",
-	"net",
-	"org",
-	"ac",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"asso",
-	"com",
-	"edu",
-	"mobi",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gob",
-	"ind",
-	"mil",
-	"net",
-	"org",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"idv",
-	"inc",
-	"ltd",
-	"net",
-	"org",
-	"xn--55qx5d",
-	"xn--ciqpn",
-	"xn--gmq050i",
-	"xn--gmqw5a",
-	"xn--io0a7i",
-	"xn--lcvr32d",
-	"xn--mk0axi",
-	"xn--mxtq1m",
-	"xn--od0alg",
-	"xn--od0aq3b",
-	"xn--tn0ag",
-	"xn--uc0atv",
-	"xn--uc0ay4a",
-	"xn--wcvs22d",
-	"xn--zf0avx",
-	"com",
-	"edu",
-	"gob",
-	"mil",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"from",
-	"iz",
-	"name",
-	"adult",
-	"art",
-	"asso",
-	"com",
-	"coop",
-	"edu",
-	"firm",
-	"gouv",
-	"info",
-	"med",
-	"net",
-	"org",
-	"perso",
-	"pol",
-	"pro",
-	"rel",
-	"shop",
-	"2000",
-	"agrar",
-	"blogspot",
-	"bolt",
-	"casino",
-	"city",
-	"co",
-	"erotica",
-	"erotika",
-	"film",
-	"forum",
-	"games",
-	"hotel",
-	"info",
-	"ingatlan",
-	"jogasz",
-	"konyvelo",
-	"lakas",
-	"media",
-	"news",
-	"org",
-	"priv",
-	"reklam",
-	"sex",
-	"shop",
-	"sport",
-	"suli",
-	"szex",
-	"tm",
-	"tozsde",
-	"utazas",
-	"video",
-	"ac",
-	"biz",
-	"co",
-	"desa",
-	"go",
-	"mil",
-	"my",
-	"net",
-	"or",
-	"sch",
-	"web",
-	"blogspot",
-	"blogspot",
-	"gov",
-	"ac",
-	"co",
-	"gov",
-	"idf",
-	"k12",
-	"muni",
-	"net",
-	"org",
-	"blogspot",
-	"ac",
-	"co",
-	"com",
-	"net",
-	"org",
-	"tt",
-	"tv",
-	"ltd",
-	"plc",
-	"ac",
-	"blogspot",
-	"co",
-	"edu",
-	"firm",
-	"gen",
-	"gov",
-	"ind",
-	"mil",
-	"net",
-	"nic",
-	"org",
-	"res",
-	"barrel-of-knowledge",
-	"barrell-of-knowledge",
-	"dyndns",
-	"for-our",
-	"groks-the",
-	"groks-this",
-	"here-for-more",
-	"knowsitall",
-	"selfip",
-	"webhop",
-	"eu",
-	"com",
-	"github",
-	"ngrok",
-	"nid",
-	"pantheon",
-	"sandcats",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"ac",
-	"co",
-	"gov",
-	"id",
-	"net",
-	"org",
-	"sch",
-	"xn--mgba3a4f16a",
-	"xn--mgba3a4fra",
-	"blogspot",
-	"com",
-	"cupcake",
-	"edu",
-	"gov",
-	"int",
-	"net",
-	"org",
-	"abr",
-	"abruzzo",
-	"ag",
-	"agrigento",
-	"al",
-	"alessandria",
-	"alto-adige",
-	"altoadige",
-	"an",
-	"ancona",
-	"andria-barletta-trani",
-	"andria-trani-barletta",
-	"andriabarlettatrani",
-	"andriatranibarletta",
-	"ao",
-	"aosta",
-	"aosta-valley",
-	"aostavalley",
-	"aoste",
-	"ap",
-	"aq",
-	"aquila",
-	"ar",
-	"arezzo",
-	"ascoli-piceno",
-	"ascolipiceno",
-	"asti",
-	"at",
-	"av",
-	"avellino",
-	"ba",
-	"balsan",
-	"bari",
-	"barletta-trani-andria",
-	"barlettatraniandria",
-	"bas",
-	"basilicata",
-	"belluno",
-	"benevento",
-	"bergamo",
-	"bg",
-	"bi",
-	"biella",
-	"bl",
-	"blogspot",
-	"bn",
-	"bo",
-	"bologna",
-	"bolzano",
-	"bozen",
-	"br",
-	"brescia",
-	"brindisi",
-	"bs",
-	"bt",
-	"bz",
-	"ca",
-	"cagliari",
-	"cal",
-	"calabria",
-	"caltanissetta",
-	"cam",
-	"campania",
-	"campidano-medio",
-	"campidanomedio",
-	"campobasso",
-	"carbonia-iglesias",
-	"carboniaiglesias",
-	"carrara-massa",
-	"carraramassa",
-	"caserta",
-	"catania",
-	"catanzaro",
-	"cb",
-	"ce",
-	"cesena-forli",
-	"cesenaforli",
-	"ch",
-	"chieti",
-	"ci",
-	"cl",
-	"cn",
-	"co",
-	"como",
-	"cosenza",
-	"cr",
-	"cremona",
-	"crotone",
-	"cs",
-	"ct",
-	"cuneo",
-	"cz",
-	"dell-ogliastra",
-	"dellogliastra",
-	"edu",
-	"emilia-romagna",
-	"emiliaromagna",
-	"emr",
-	"en",
-	"enna",
-	"fc",
-	"fe",
-	"fermo",
-	"ferrara",
-	"fg",
-	"fi",
-	"firenze",
-	"florence",
-	"fm",
-	"foggia",
-	"forli-cesena",
-	"forlicesena",
-	"fr",
-	"friuli-v-giulia",
-	"friuli-ve-giulia",
-	"friuli-vegiulia",
-	"friuli-venezia-giulia",
-	"friuli-veneziagiulia",
-	"friuli-vgiulia",
-	"friuliv-giulia",
-	"friulive-giulia",
-	"friulivegiulia",
-	"friulivenezia-giulia",
-	"friuliveneziagiulia",
-	"friulivgiulia",
-	"frosinone",
-	"fvg",
-	"ge",
-	"genoa",
-	"genova",
-	"go",
-	"gorizia",
-	"gov",
-	"gr",
-	"grosseto",
-	"iglesias-carbonia",
-	"iglesiascarbonia",
-	"im",
-	"imperia",
-	"is",
-	"isernia",
-	"kr",
-	"la-spezia",
-	"laquila",
-	"laspezia",
-	"latina",
-	"laz",
-	"lazio",
-	"lc",
-	"le",
-	"lecce",
-	"lecco",
-	"li",
-	"lig",
-	"liguria",
-	"livorno",
-	"lo",
-	"lodi",
-	"lom",
-	"lombardia",
-	"lombardy",
-	"lt",
-	"lu",
-	"lucania",
-	"lucca",
-	"macerata",
-	"mantova",
-	"mar",
-	"marche",
-	"massa-carrara",
-	"massacarrara",
-	"matera",
-	"mb",
-	"mc",
-	"me",
-	"medio-campidano",
-	"mediocampidano",
-	"messina",
-	"mi",
-	"milan",
-	"milano",
-	"mn",
-	"mo",
-	"modena",
-	"mol",
-	"molise",
-	"monza",
-	"monza-brianza",
-	"monza-e-della-brianza",
-	"monzabrianza",
-	"monzaebrianza",
-	"monzaedellabrianza",
-	"ms",
-	"mt",
-	"na",
-	"naples",
-	"napoli",
-	"no",
-	"novara",
-	"nu",
-	"nuoro",
-	"og",
-	"ogliastra",
-	"olbia-tempio",
-	"olbiatempio",
-	"or",
-	"oristano",
-	"ot",
-	"pa",
-	"padova",
-	"padua",
-	"palermo",
-	"parma",
-	"pavia",
-	"pc",
-	"pd",
-	"pe",
-	"perugia",
-	"pesaro-urbino",
-	"pesarourbino",
-	"pescara",
-	"pg",
-	"pi",
-	"piacenza",
-	"piedmont",
-	"piemonte",
-	"pisa",
-	"pistoia",
-	"pmn",
-	"pn",
-	"po",
-	"pordenone",
-	"potenza",
-	"pr",
-	"prato",
-	"pt",
-	"pu",
-	"pug",
-	"puglia",
-	"pv",
-	"pz",
-	"ra",
-	"ragusa",
-	"ravenna",
-	"rc",
-	"re",
-	"reggio-calabria",
-	"reggio-emilia",
-	"reggiocalabria",
-	"reggioemilia",
-	"rg",
-	"ri",
-	"rieti",
-	"rimini",
-	"rm",
-	"rn",
-	"ro",
-	"roma",
-	"rome",
-	"rovigo",
-	"sa",
-	"salerno",
-	"sar",
-	"sardegna",
-	"sardinia",
-	"sassari",
-	"savona",
-	"si",
-	"sic",
-	"sicilia",
-	"sicily",
-	"siena",
-	"siracusa",
-	"so",
-	"sondrio",
-	"sp",
-	"sr",
-	"ss",
-	"suedtirol",
-	"sv",
-	"ta",
-	"taa",
-	"taranto",
-	"te",
-	"tempio-olbia",
-	"tempioolbia",
-	"teramo",
-	"terni",
-	"tn",
-	"to",
-	"torino",
-	"tos",
-	"toscana",
-	"tp",
-	"tr",
-	"trani-andria-barletta",
-	"trani-barletta-andria",
-	"traniandriabarletta",
-	"tranibarlettaandria",
-	"trapani",
-	"trentino",
-	"trentino-a-adige",
-	"trentino-aadige",
-	"trentino-alto-adige",
-	"trentino-altoadige",
-	"trentino-s-tirol",
-	"trentino-stirol",
-	"trentino-sud-tirol",
-	"trentino-sudtirol",
-	"trentino-sued-tirol",
-	"trentino-suedtirol",
-	"trentinoa-adige",
-	"trentinoaadige",
-	"trentinoalto-adige",
-	"trentinoaltoadige",
-	"trentinos-tirol",
-	"trentinostirol",
-	"trentinosud-tirol",
-	"trentinosudtirol",
-	"trentinosued-tirol",
-	"trentinosuedtirol",
-	"trento",
-	"treviso",
-	"trieste",
-	"ts",
-	"turin",
-	"tuscany",
-	"tv",
-	"ud",
-	"udine",
-	"umb",
-	"umbria",
-	"urbino-pesaro",
-	"urbinopesaro",
-	"va",
-	"val-d-aosta",
-	"val-daosta",
-	"vald-aosta",
-	"valdaosta",
-	"valle-aosta",
-	"valle-d-aosta",
-	"valle-daosta",
-	"valleaosta",
-	"valled-aosta",
-	"valledaosta",
-	"vallee-aoste",
-	"valleeaoste",
-	"vao",
-	"varese",
-	"vb",
-	"vc",
-	"vda",
-	"ve",
-	"ven",
-	"veneto",
-	"venezia",
-	"venice",
-	"verbania",
-	"vercelli",
-	"verona",
-	"vi",
-	"vibo-valentia",
-	"vibovalentia",
-	"vicenza",
-	"viterbo",
-	"vr",
-	"vs",
-	"vt",
-	"vv",
-	"co",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"name",
-	"net",
-	"org",
-	"sch",
-	"ac",
-	"ad",
-	"aichi",
-	"akita",
-	"aomori",
-	"blogspot",
-	"chiba",
-	"co",
-	"ed",
-	"ehime",
-	"fukui",
-	"fukuoka",
-	"fukushima",
-	"gifu",
-	"go",
-	"gr",
-	"gunma",
-	"hiroshima",
-	"hokkaido",
-	"hyogo",
-	"ibaraki",
-	"ishikawa",
-	"iwate",
-	"kagawa",
-	"kagoshima",
-	"kanagawa",
-	"kawasaki",
-	"kitakyushu",
-	"kobe",
-	"kochi",
-	"kumamoto",
-	"kyoto",
-	"lg",
-	"mie",
-	"miyagi",
-	"miyazaki",
-	"nagano",
-	"nagasaki",
-	"nagoya",
-	"nara",
-	"ne",
-	"niigata",
-	"oita",
-	"okayama",
-	"okinawa",
-	"or",
-	"osaka",
-	"saga",
-	"saitama",
-	"sapporo",
-	"sendai",
-	"shiga",
-	"shimane",
-	"shizuoka",
-	"tochigi",
-	"tokushima",
-	"tokyo",
-	"tottori",
-	"toyama",
-	"wakayama",
-	"xn--0trq7p7nn",
-	"xn--1ctwo",
-	"xn--1lqs03n",
-	"xn--1lqs71d",
-	"xn--2m4a15e",
-	"xn--32vp30h",
-	"xn--4it168d",
-	"xn--4it797k",
-	"xn--4pvxs",
-	"xn--5js045d",
-	"xn--5rtp49c",
-	"xn--5rtq34k",
-	"xn--6btw5a",
-	"xn--6orx2r",
-	"xn--7t0a264c",
-	"xn--8ltr62k",
-	"xn--8pvr4u",
-	"xn--c3s14m",
-	"xn--d5qv7z876c",
-	"xn--djrs72d6uy",
-	"xn--djty4k",
-	"xn--efvn9s",
-	"xn--ehqz56n",
-	"xn--elqq16h",
-	"xn--f6qx53a",
-	"xn--k7yn95e",
-	"xn--kbrq7o",
-	"xn--klt787d",
-	"xn--kltp7d",
-	"xn--kltx9a",
-	"xn--klty5x",
-	"xn--mkru45i",
-	"xn--nit225k",
-	"xn--ntso0iqx3a",
-	"xn--ntsq17g",
-	"xn--pssu33l",
-	"xn--qqqt11m",
-	"xn--rht27z",
-	"xn--rht3d",
-	"xn--rht61e",
-	"xn--rny31h",
-	"xn--tor131o",
-	"xn--uist22h",
-	"xn--uisz3g",
-	"xn--uuwu58a",
-	"xn--vgu402c",
-	"xn--zbx025d",
-	"yamagata",
-	"yamaguchi",
-	"yamanashi",
-	"yokohama",
-	"aisai",
-	"ama",
-	"anjo",
-	"asuke",
-	"chiryu",
-	"chita",
-	"fuso",
-	"gamagori",
-	"handa",
-	"hazu",
-	"hekinan",
-	"higashiura",
-	"ichinomiya",
-	"inazawa",
-	"inuyama",
-	"isshiki",
-	"iwakura",
-	"kanie",
-	"kariya",
-	"kasugai",
-	"kira",
-	"kiyosu",
-	"komaki",
-	"konan",
-	"kota",
-	"mihama",
-	"miyoshi",
-	"nishio",
-	"nisshin",
-	"obu",
-	"oguchi",
-	"oharu",
-	"okazaki",
-	"owariasahi",
-	"seto",
-	"shikatsu",
-	"shinshiro",
-	"shitara",
-	"tahara",
-	"takahama",
-	"tobishima",
-	"toei",
-	"togo",
-	"tokai",
-	"tokoname",
-	"toyoake",
-	"toyohashi",
-	"toyokawa",
-	"toyone",
-	"toyota",
-	"tsushima",
-	"yatomi",
-	"akita",
-	"daisen",
-	"fujisato",
-	"gojome",
-	"hachirogata",
-	"happou",
-	"higashinaruse",
-	"honjo",
-	"honjyo",
-	"ikawa",
-	"kamikoani",
-	"kamioka",
-	"katagami",
-	"kazuno",
-	"kitaakita",
-	"kosaka",
-	"kyowa",
-	"misato",
-	"mitane",
-	"moriyoshi",
-	"nikaho",
-	"noshiro",
-	"odate",
-	"oga",
-	"ogata",
-	"semboku",
-	"yokote",
-	"yurihonjo",
-	"aomori",
-	"gonohe",
-	"hachinohe",
-	"hashikami",
-	"hiranai",
-	"hirosaki",
-	"itayanagi",
-	"kuroishi",
-	"misawa",
-	"mutsu",
-	"nakadomari",
-	"noheji",
-	"oirase",
-	"owani",
-	"rokunohe",
-	"sannohe",
-	"shichinohe",
-	"shingo",
-	"takko",
-	"towada",
-	"tsugaru",
-	"tsuruta",
-	"abiko",
-	"asahi",
-	"chonan",
-	"chosei",
-	"choshi",
-	"chuo",
-	"funabashi",
-	"futtsu",
-	"hanamigawa",
-	"ichihara",
-	"ichikawa",
-	"ichinomiya",
-	"inzai",
-	"isumi",
-	"kamagaya",
-	"kamogawa",
-	"kashiwa",
-	"katori",
-	"katsuura",
-	"kimitsu",
-	"kisarazu",
-	"kozaki",
-	"kujukuri",
-	"kyonan",
-	"matsudo",
-	"midori",
-	"mihama",
-	"minamiboso",
-	"mobara",
-	"mutsuzawa",
-	"nagara",
-	"nagareyama",
-	"narashino",
-	"narita",
-	"noda",
-	"oamishirasato",
-	"omigawa",
-	"onjuku",
-	"otaki",
-	"sakae",
-	"sakura",
-	"shimofusa",
-	"shirako",
-	"shiroi",
-	"shisui",
-	"sodegaura",
-	"sosa",
-	"tako",
-	"tateyama",
-	"togane",
-	"tohnosho",
-	"tomisato",
-	"urayasu",
-	"yachimata",
-	"yachiyo",
-	"yokaichiba",
-	"yokoshibahikari",
-	"yotsukaido",
-	"ainan",
-	"honai",
-	"ikata",
-	"imabari",
-	"iyo",
-	"kamijima",
-	"kihoku",
-	"kumakogen",
-	"masaki",
-	"matsuno",
-	"matsuyama",
-	"namikata",
-	"niihama",
-	"ozu",
-	"saijo",
-	"seiyo",
-	"shikokuchuo",
-	"tobe",
-	"toon",
-	"uchiko",
-	"uwajima",
-	"yawatahama",
-	"echizen",
-	"eiheiji",
-	"fukui",
-	"ikeda",
-	"katsuyama",
-	"mihama",
-	"minamiechizen",
-	"obama",
-	"ohi",
-	"ono",
-	"sabae",
-	"sakai",
-	"takahama",
-	"tsuruga",
-	"wakasa",
-	"ashiya",
-	"buzen",
-	"chikugo",
-	"chikuho",
-	"chikujo",
-	"chikushino",
-	"chikuzen",
-	"chuo",
-	"dazaifu",
-	"fukuchi",
-	"hakata",
-	"higashi",
-	"hirokawa",
-	"hisayama",
-	"iizuka",
-	"inatsuki",
-	"kaho",
-	"kasuga",
-	"kasuya",
-	"kawara",
-	"keisen",
-	"koga",
-	"kurate",
-	"kurogi",
-	"kurume",
-	"minami",
-	"miyako",
-	"miyama",
-	"miyawaka",
-	"mizumaki",
-	"munakata",
-	"nakagawa",
-	"nakama",
-	"nishi",
-	"nogata",
-	"ogori",
-	"okagaki",
-	"okawa",
-	"oki",
-	"omuta",
-	"onga",
-	"onojo",
-	"oto",
-	"saigawa",
-	"sasaguri",
-	"shingu",
-	"shinyoshitomi",
-	"shonai",
-	"soeda",
-	"sue",
-	"tachiarai",
-	"tagawa",
-	"takata",
-	"toho",
-	"toyotsu",
-	"tsuiki",
-	"ukiha",
-	"umi",
-	"usui",
-	"yamada",
-	"yame",
-	"yanagawa",
-	"yukuhashi",
-	"aizubange",
-	"aizumisato",
-	"aizuwakamatsu",
-	"asakawa",
-	"bandai",
-	"date",
-	"fukushima",
-	"furudono",
-	"futaba",
-	"hanawa",
-	"higashi",
-	"hirata",
-	"hirono",
-	"iitate",
-	"inawashiro",
-	"ishikawa",
-	"iwaki",
-	"izumizaki",
-	"kagamiishi",
-	"kaneyama",
-	"kawamata",
-	"kitakata",
-	"kitashiobara",
-	"koori",
-	"koriyama",
-	"kunimi",
-	"miharu",
-	"mishima",
-	"namie",
-	"nango",
-	"nishiaizu",
-	"nishigo",
-	"okuma",
-	"omotego",
-	"ono",
-	"otama",
-	"samegawa",
-	"shimogo",
-	"shirakawa",
-	"showa",
-	"soma",
-	"sukagawa",
-	"taishin",
-	"tamakawa",
-	"tanagura",
-	"tenei",
-	"yabuki",
-	"yamato",
-	"yamatsuri",
-	"yanaizu",
-	"yugawa",
-	"anpachi",
-	"ena",
-	"gifu",
-	"ginan",
-	"godo",
-	"gujo",
-	"hashima",
-	"hichiso",
-	"hida",
-	"higashishirakawa",
-	"ibigawa",
-	"ikeda",
-	"kakamigahara",
-	"kani",
-	"kasahara",
-	"kasamatsu",
-	"kawaue",
-	"kitagata",
-	"mino",
-	"minokamo",
-	"mitake",
-	"mizunami",
-	"motosu",
-	"nakatsugawa",
-	"ogaki",
-	"sakahogi",
-	"seki",
-	"sekigahara",
-	"shirakawa",
-	"tajimi",
-	"takayama",
-	"tarui",
-	"toki",
-	"tomika",
-	"wanouchi",
-	"yamagata",
-	"yaotsu",
-	"yoro",
-	"annaka",
-	"chiyoda",
-	"fujioka",
-	"higashiagatsuma",
-	"isesaki",
-	"itakura",
-	"kanna",
-	"kanra",
-	"katashina",
-	"kawaba",
-	"kiryu",
-	"kusatsu",
-	"maebashi",
-	"meiwa",
-	"midori",
-	"minakami",
-	"naganohara",
-	"nakanojo",
-	"nanmoku",
-	"numata",
-	"oizumi",
-	"ora",
-	"ota",
-	"shibukawa",
-	"shimonita",
-	"shinto",
-	"showa",
-	"takasaki",
-	"takayama",
-	"tamamura",
-	"tatebayashi",
-	"tomioka",
-	"tsukiyono",
-	"tsumagoi",
-	"ueno",
-	"yoshioka",
-	"asaminami",
-	"daiwa",
-	"etajima",
-	"fuchu",
-	"fukuyama",
-	"hatsukaichi",
-	"higashihiroshima",
-	"hongo",
-	"jinsekikogen",
-	"kaita",
-	"kui",
-	"kumano",
-	"kure",
-	"mihara",
-	"miyoshi",
-	"naka",
-	"onomichi",
-	"osakikamijima",
-	"otake",
-	"saka",
-	"sera",
-	"seranishi",
-	"shinichi",
-	"shobara",
-	"takehara",
-	"abashiri",
-	"abira",
-	"aibetsu",
-	"akabira",
-	"akkeshi",
-	"asahikawa",
-	"ashibetsu",
-	"ashoro",
-	"assabu",
-	"atsuma",
-	"bibai",
-	"biei",
-	"bifuka",
-	"bihoro",
-	"biratori",
-	"chippubetsu",
-	"chitose",
-	"date",
-	"ebetsu",
-	"embetsu",
-	"eniwa",
-	"erimo",
-	"esan",
-	"esashi",
-	"fukagawa",
-	"fukushima",
-	"furano",
-	"furubira",
-	"haboro",
-	"hakodate",
-	"hamatonbetsu",
-	"hidaka",
-	"higashikagura",
-	"higashikawa",
-	"hiroo",
-	"hokuryu",
-	"hokuto",
-	"honbetsu",
-	"horokanai",
-	"horonobe",
-	"ikeda",
-	"imakane",
-	"ishikari",
-	"iwamizawa",
-	"iwanai",
-	"kamifurano",
-	"kamikawa",
-	"kamishihoro",
-	"kamisunagawa",
-	"kamoenai",
-	"kayabe",
-	"kembuchi",
-	"kikonai",
-	"kimobetsu",
-	"kitahiroshima",
-	"kitami",
-	"kiyosato",
-	"koshimizu",
-	"kunneppu",
-	"kuriyama",
-	"kuromatsunai",
-	"kushiro",
-	"kutchan",
-	"kyowa",
-	"mashike",
-	"matsumae",
-	"mikasa",
-	"minamifurano",
-	"mombetsu",
-	"moseushi",
-	"mukawa",
-	"muroran",
-	"naie",
-	"nakagawa",
-	"nakasatsunai",
-	"nakatombetsu",
-	"nanae",
-	"nanporo",
-	"nayoro",
-	"nemuro",
-	"niikappu",
-	"niki",
-	"nishiokoppe",
-	"noboribetsu",
-	"numata",
-	"obihiro",
-	"obira",
-	"oketo",
-	"okoppe",
-	"otaru",
-	"otobe",
-	"otofuke",
-	"otoineppu",
-	"oumu",
-	"ozora",
-	"pippu",
-	"rankoshi",
-	"rebun",
-	"rikubetsu",
-	"rishiri",
-	"rishirifuji",
-	"saroma",
-	"sarufutsu",
-	"shakotan",
-	"shari",
-	"shibecha",
-	"shibetsu",
-	"shikabe",
-	"shikaoi",
-	"shimamaki",
-	"shimizu",
-	"shimokawa",
-	"shinshinotsu",
-	"shintoku",
-	"shiranuka",
-	"shiraoi",
-	"shiriuchi",
-	"sobetsu",
-	"sunagawa",
-	"taiki",
-	"takasu",
-	"takikawa",
-	"takinoue",
-	"teshikaga",
-	"tobetsu",
-	"tohma",
-	"tomakomai",
-	"tomari",
-	"toya",
-	"toyako",
-	"toyotomi",
-	"toyoura",
-	"tsubetsu",
-	"tsukigata",
-	"urakawa",
-	"urausu",
-	"uryu",
-	"utashinai",
-	"wakkanai",
-	"wassamu",
-	"yakumo",
-	"yoichi",
-	"aioi",
-	"akashi",
-	"ako",
-	"amagasaki",
-	"aogaki",
-	"asago",
-	"ashiya",
-	"awaji",
-	"fukusaki",
-	"goshiki",
-	"harima",
-	"himeji",
-	"ichikawa",
-	"inagawa",
-	"itami",
-	"kakogawa",
-	"kamigori",
-	"kamikawa",
-	"kasai",
-	"kasuga",
-	"kawanishi",
-	"miki",
-	"minamiawaji",
-	"nishinomiya",
-	"nishiwaki",
-	"ono",
-	"sanda",
-	"sannan",
-	"sasayama",
-	"sayo",
-	"shingu",
-	"shinonsen",
-	"shiso",
-	"sumoto",
-	"taishi",
-	"taka",
-	"takarazuka",
-	"takasago",
-	"takino",
-	"tamba",
-	"tatsuno",
-	"toyooka",
-	"yabu",
-	"yashiro",
-	"yoka",
-	"yokawa",
-	"ami",
-	"asahi",
-	"bando",
-	"chikusei",
-	"daigo",
-	"fujishiro",
-	"hitachi",
-	"hitachinaka",
-	"hitachiomiya",
-	"hitachiota",
-	"ibaraki",
-	"ina",
-	"inashiki",
-	"itako",
-	"iwama",
-	"joso",
-	"kamisu",
-	"kasama",
-	"kashima",
-	"kasumigaura",
-	"koga",
-	"miho",
-	"mito",
-	"moriya",
-	"naka",
-	"namegata",
-	"oarai",
-	"ogawa",
-	"omitama",
-	"ryugasaki",
-	"sakai",
-	"sakuragawa",
-	"shimodate",
-	"shimotsuma",
-	"shirosato",
-	"sowa",
-	"suifu",
-	"takahagi",
-	"tamatsukuri",
-	"tokai",
-	"tomobe",
-	"tone",
-	"toride",
-	"tsuchiura",
-	"tsukuba",
-	"uchihara",
-	"ushiku",
-	"yachiyo",
-	"yamagata",
-	"yawara",
-	"yuki",
-	"anamizu",
-	"hakui",
-	"hakusan",
-	"kaga",
-	"kahoku",
-	"kanazawa",
-	"kawakita",
-	"komatsu",
-	"nakanoto",
-	"nanao",
-	"nomi",
-	"nonoichi",
-	"noto",
-	"shika",
-	"suzu",
-	"tsubata",
-	"tsurugi",
-	"uchinada",
-	"wajima",
-	"fudai",
-	"fujisawa",
-	"hanamaki",
-	"hiraizumi",
-	"hirono",
-	"ichinohe",
-	"ichinoseki",
-	"iwaizumi",
-	"iwate",
-	"joboji",
-	"kamaishi",
-	"kanegasaki",
-	"karumai",
-	"kawai",
-	"kitakami",
-	"kuji",
-	"kunohe",
-	"kuzumaki",
-	"miyako",
-	"mizusawa",
-	"morioka",
-	"ninohe",
-	"noda",
-	"ofunato",
-	"oshu",
-	"otsuchi",
-	"rikuzentakata",
-	"shiwa",
-	"shizukuishi",
-	"sumita",
-	"tanohata",
-	"tono",
-	"yahaba",
-	"yamada",
-	"ayagawa",
-	"higashikagawa",
-	"kanonji",
-	"kotohira",
-	"manno",
-	"marugame",
-	"mitoyo",
-	"naoshima",
-	"sanuki",
-	"tadotsu",
-	"takamatsu",
-	"tonosho",
-	"uchinomi",
-	"utazu",
-	"zentsuji",
-	"akune",
-	"amami",
-	"hioki",
-	"isa",
-	"isen",
-	"izumi",
-	"kagoshima",
-	"kanoya",
-	"kawanabe",
-	"kinko",
-	"kouyama",
-	"makurazaki",
-	"matsumoto",
-	"minamitane",
-	"nakatane",
-	"nishinoomote",
-	"satsumasendai",
-	"soo",
-	"tarumizu",
-	"yusui",
-	"aikawa",
-	"atsugi",
-	"ayase",
-	"chigasaki",
-	"ebina",
-	"fujisawa",
-	"hadano",
-	"hakone",
-	"hiratsuka",
-	"isehara",
-	"kaisei",
-	"kamakura",
-	"kiyokawa",
-	"matsuda",
-	"minamiashigara",
-	"miura",
-	"nakai",
-	"ninomiya",
-	"odawara",
-	"oi",
-	"oiso",
-	"sagamihara",
-	"samukawa",
-	"tsukui",
-	"yamakita",
-	"yamato",
-	"yokosuka",
-	"yugawara",
-	"zama",
-	"zushi",
-	"city",
-	"city",
-	"city",
-	"aki",
-	"geisei",
-	"hidaka",
-	"higashitsuno",
-	"ino",
-	"kagami",
-	"kami",
-	"kitagawa",
-	"kochi",
-	"mihara",
-	"motoyama",
-	"muroto",
-	"nahari",
-	"nakamura",
-	"nankoku",
-	"nishitosa",
-	"niyodogawa",
-	"ochi",
-	"okawa",
-	"otoyo",
-	"otsuki",
-	"sakawa",
-	"sukumo",
-	"susaki",
-	"tosa",
-	"tosashimizu",
-	"toyo",
-	"tsuno",
-	"umaji",
-	"yasuda",
-	"yusuhara",
-	"amakusa",
-	"arao",
-	"aso",
-	"choyo",
-	"gyokuto",
-	"hitoyoshi",
-	"kamiamakusa",
-	"kashima",
-	"kikuchi",
-	"kosa",
-	"kumamoto",
-	"mashiki",
-	"mifune",
-	"minamata",
-	"minamioguni",
-	"nagasu",
-	"nishihara",
-	"oguni",
-	"ozu",
-	"sumoto",
-	"takamori",
-	"uki",
-	"uto",
-	"yamaga",
-	"yamato",
-	"yatsushiro",
-	"ayabe",
-	"fukuchiyama",
-	"higashiyama",
-	"ide",
-	"ine",
-	"joyo",
-	"kameoka",
-	"kamo",
-	"kita",
-	"kizu",
-	"kumiyama",
-	"kyotamba",
-	"kyotanabe",
-	"kyotango",
-	"maizuru",
-	"minami",
-	"minamiyamashiro",
-	"miyazu",
-	"muko",
-	"nagaokakyo",
-	"nakagyo",
-	"nantan",
-	"oyamazaki",
-	"sakyo",
-	"seika",
-	"tanabe",
-	"uji",
-	"ujitawara",
-	"wazuka",
-	"yamashina",
-	"yawata",
-	"asahi",
-	"inabe",
-	"ise",
-	"kameyama",
-	"kawagoe",
-	"kiho",
-	"kisosaki",
-	"kiwa",
-	"komono",
-	"kumano",
-	"kuwana",
-	"matsusaka",
-	"meiwa",
-	"mihama",
-	"minamiise",
-	"misugi",
-	"miyama",
-	"nabari",
-	"shima",
-	"suzuka",
-	"tado",
-	"taiki",
-	"taki",
-	"tamaki",
-	"toba",
-	"tsu",
-	"udono",
-	"ureshino",
-	"watarai",
-	"yokkaichi",
-	"furukawa",
-	"higashimatsushima",
-	"ishinomaki",
-	"iwanuma",
-	"kakuda",
-	"kami",
-	"kawasaki",
-	"kesennuma",
-	"marumori",
-	"matsushima",
-	"minamisanriku",
-	"misato",
-	"murata",
-	"natori",
-	"ogawara",
-	"ohira",
-	"onagawa",
-	"osaki",
-	"rifu",
-	"semine",
-	"shibata",
-	"shichikashuku",
-	"shikama",
-	"shiogama",
-	"shiroishi",
-	"tagajo",
-	"taiwa",
-	"tome",
-	"tomiya",
-	"wakuya",
-	"watari",
-	"yamamoto",
-	"zao",
-	"aya",
-	"ebino",
-	"gokase",
-	"hyuga",
-	"kadogawa",
-	"kawaminami",
-	"kijo",
-	"kitagawa",
-	"kitakata",
-	"kitaura",
-	"kobayashi",
-	"kunitomi",
-	"kushima",
-	"mimata",
-	"miyakonojo",
-	"miyazaki",
-	"morotsuka",
-	"nichinan",
-	"nishimera",
-	"nobeoka",
-	"saito",
-	"shiiba",
-	"shintomi",
-	"takaharu",
-	"takanabe",
-	"takazaki",
-	"tsuno",
-	"achi",
-	"agematsu",
-	"anan",
-	"aoki",
-	"asahi",
-	"azumino",
-	"chikuhoku",
-	"chikuma",
-	"chino",
-	"fujimi",
-	"hakuba",
-	"hara",
-	"hiraya",
-	"iida",
-	"iijima",
-	"iiyama",
-	"iizuna",
-	"ikeda",
-	"ikusaka",
-	"ina",
-	"karuizawa",
-	"kawakami",
-	"kiso",
-	"kisofukushima",
-	"kitaaiki",
-	"komagane",
-	"komoro",
-	"matsukawa",
-	"matsumoto",
-	"miasa",
-	"minamiaiki",
-	"minamimaki",
-	"minamiminowa",
-	"minowa",
-	"miyada",
-	"miyota",
-	"mochizuki",
-	"nagano",
-	"nagawa",
-	"nagiso",
-	"nakagawa",
-	"nakano",
-	"nozawaonsen",
-	"obuse",
-	"ogawa",
-	"okaya",
-	"omachi",
-	"omi",
-	"ookuwa",
-	"ooshika",
-	"otaki",
-	"otari",
-	"sakae",
-	"sakaki",
-	"saku",
-	"sakuho",
-	"shimosuwa",
-	"shinanomachi",
-	"shiojiri",
-	"suwa",
-	"suzaka",
-	"takagi",
-	"takamori",
-	"takayama",
-	"tateshina",
-	"tatsuno",
-	"togakushi",
-	"togura",
-	"tomi",
-	"ueda",
-	"wada",
-	"yamagata",
-	"yamanouchi",
-	"yasaka",
-	"yasuoka",
-	"chijiwa",
-	"futsu",
-	"goto",
-	"hasami",
-	"hirado",
-	"iki",
-	"isahaya",
-	"kawatana",
-	"kuchinotsu",
-	"matsuura",
-	"nagasaki",
-	"obama",
-	"omura",
-	"oseto",
-	"saikai",
-	"sasebo",
-	"seihi",
-	"shimabara",
-	"shinkamigoto",
-	"togitsu",
-	"tsushima",
-	"unzen",
-	"city",
-	"ando",
-	"gose",
-	"heguri",
-	"higashiyoshino",
-	"ikaruga",
-	"ikoma",
-	"kamikitayama",
-	"kanmaki",
-	"kashiba",
-	"kashihara",
-	"katsuragi",
-	"kawai",
-	"kawakami",
-	"kawanishi",
-	"koryo",
-	"kurotaki",
-	"mitsue",
-	"miyake",
-	"nara",
-	"nosegawa",
-	"oji",
-	"ouda",
-	"oyodo",
-	"sakurai",
-	"sango",
-	"shimoichi",
-	"shimokitayama",
-	"shinjo",
-	"soni",
-	"takatori",
-	"tawaramoto",
-	"tenkawa",
-	"tenri",
-	"uda",
-	"yamatokoriyama",
-	"yamatotakada",
-	"yamazoe",
-	"yoshino",
-	"aga",
-	"agano",
-	"gosen",
-	"itoigawa",
-	"izumozaki",
-	"joetsu",
-	"kamo",
-	"kariwa",
-	"kashiwazaki",
-	"minamiuonuma",
-	"mitsuke",
-	"muika",
-	"murakami",
-	"myoko",
-	"nagaoka",
-	"niigata",
-	"ojiya",
-	"omi",
-	"sado",
-	"sanjo",
-	"seiro",
-	"seirou",
-	"sekikawa",
-	"shibata",
-	"tagami",
-	"tainai",
-	"tochio",
-	"tokamachi",
-	"tsubame",
-	"tsunan",
-	"uonuma",
-	"yahiko",
-	"yoita",
-	"yuzawa",
-	"beppu",
-	"bungoono",
-	"bungotakada",
-	"hasama",
-	"hiji",
-	"himeshima",
-	"hita",
-	"kamitsue",
-	"kokonoe",
-	"kuju",
-	"kunisaki",
-	"kusu",
-	"oita",
-	"saiki",
-	"taketa",
-	"tsukumi",
-	"usa",
-	"usuki",
-	"yufu",
-	"akaiwa",
-	"asakuchi",
-	"bizen",
-	"hayashima",
-	"ibara",
-	"kagamino",
-	"kasaoka",
-	"kibichuo",
-	"kumenan",
-	"kurashiki",
-	"maniwa",
-	"misaki",
-	"nagi",
-	"niimi",
-	"nishiawakura",
-	"okayama",
-	"satosho",
-	"setouchi",
-	"shinjo",
-	"shoo",
-	"soja",
-	"takahashi",
-	"tamano",
-	"tsuyama",
-	"wake",
-	"yakage",
-	"aguni",
-	"ginowan",
-	"ginoza",
-	"gushikami",
-	"haebaru",
-	"higashi",
-	"hirara",
-	"iheya",
-	"ishigaki",
-	"ishikawa",
-	"itoman",
-	"izena",
-	"kadena",
-	"kin",
-	"kitadaito",
-	"kitanakagusuku",
-	"kumejima",
-	"kunigami",
-	"minamidaito",
-	"motobu",
-	"nago",
-	"naha",
-	"nakagusuku",
-	"nakijin",
-	"nanjo",
-	"nishihara",
-	"ogimi",
-	"okinawa",
-	"onna",
-	"shimoji",
-	"taketomi",
-	"tarama",
-	"tokashiki",
-	"tomigusuku",
-	"tonaki",
-	"urasoe",
-	"uruma",
-	"yaese",
-	"yomitan",
-	"yonabaru",
-	"yonaguni",
-	"zamami",
-	"abeno",
-	"chihayaakasaka",
-	"chuo",
-	"daito",
-	"fujiidera",
-	"habikino",
-	"hannan",
-	"higashiosaka",
-	"higashisumiyoshi",
-	"higashiyodogawa",
-	"hirakata",
-	"ibaraki",
-	"ikeda",
-	"izumi",
-	"izumiotsu",
-	"izumisano",
-	"kadoma",
-	"kaizuka",
-	"kanan",
-	"kashiwara",
-	"katano",
-	"kawachinagano",
-	"kishiwada",
-	"kita",
-	"kumatori",
-	"matsubara",
-	"minato",
-	"minoh",
-	"misaki",
-	"moriguchi",
-	"neyagawa",
-	"nishi",
-	"nose",
-	"osakasayama",
-	"sakai",
-	"sayama",
-	"sennan",
-	"settsu",
-	"shijonawate",
-	"shimamoto",
-	"suita",
-	"tadaoka",
-	"taishi",
-	"tajiri",
-	"takaishi",
-	"takatsuki",
-	"tondabayashi",
-	"toyonaka",
-	"toyono",
-	"yao",
-	"ariake",
-	"arita",
-	"fukudomi",
-	"genkai",
-	"hamatama",
-	"hizen",
-	"imari",
-	"kamimine",
-	"kanzaki",
-	"karatsu",
-	"kashima",
-	"kitagata",
-	"kitahata",
-	"kiyama",
-	"kouhoku",
-	"kyuragi",
-	"nishiarita",
-	"ogi",
-	"omachi",
-	"ouchi",
-	"saga",
-	"shiroishi",
-	"taku",
-	"tara",
-	"tosu",
-	"yoshinogari",
-	"arakawa",
-	"asaka",
-	"chichibu",
-	"fujimi",
-	"fujimino",
-	"fukaya",
-	"hanno",
-	"hanyu",
-	"hasuda",
-	"hatogaya",
-	"hatoyama",
-	"hidaka",
-	"higashichichibu",
-	"higashimatsuyama",
-	"honjo",
-	"ina",
-	"iruma",
-	"iwatsuki",
-	"kamiizumi",
-	"kamikawa",
-	"kamisato",
-	"kasukabe",
-	"kawagoe",
-	"kawaguchi",
-	"kawajima",
-	"kazo",
-	"kitamoto",
-	"koshigaya",
-	"kounosu",
-	"kuki",
-	"kumagaya",
-	"matsubushi",
-	"minano",
-	"misato",
-	"miyashiro",
-	"miyoshi",
-	"moroyama",
-	"nagatoro",
-	"namegawa",
-	"niiza",
-	"ogano",
-	"ogawa",
-	"ogose",
-	"okegawa",
-	"omiya",
-	"otaki",
-	"ranzan",
-	"ryokami",
-	"saitama",
-	"sakado",
-	"satte",
-	"sayama",
-	"shiki",
-	"shiraoka",
-	"soka",
-	"sugito",
-	"toda",
-	"tokigawa",
-	"tokorozawa",
-	"tsurugashima",
-	"urawa",
-	"warabi",
-	"yashio",
-	"yokoze",
-	"yono",
-	"yorii",
-	"yoshida",
-	"yoshikawa",
-	"yoshimi",
-	"city",
-	"city",
-	"aisho",
-	"gamo",
-	"higashiomi",
-	"hikone",
-	"koka",
-	"konan",
-	"kosei",
-	"koto",
-	"kusatsu",
-	"maibara",
-	"moriyama",
-	"nagahama",
-	"nishiazai",
-	"notogawa",
-	"omihachiman",
-	"otsu",
-	"ritto",
-	"ryuoh",
-	"takashima",
-	"takatsuki",
-	"torahime",
-	"toyosato",
-	"yasu",
-	"akagi",
-	"ama",
-	"gotsu",
-	"hamada",
-	"higashiizumo",
-	"hikawa",
-	"hikimi",
-	"izumo",
-	"kakinoki",
-	"masuda",
-	"matsue",
-	"misato",
-	"nishinoshima",
-	"ohda",
-	"okinoshima",
-	"okuizumo",
-	"shimane",
-	"tamayu",
-	"tsuwano",
-	"unnan",
-	"yakumo",
-	"yasugi",
-	"yatsuka",
-	"arai",
-	"atami",
-	"fuji",
-	"fujieda",
-	"fujikawa",
-	"fujinomiya",
-	"fukuroi",
-	"gotemba",
-	"haibara",
-	"hamamatsu",
-	"higashiizu",
-	"ito",
-	"iwata",
-	"izu",
-	"izunokuni",
-	"kakegawa",
-	"kannami",
-	"kawanehon",
-	"kawazu",
-	"kikugawa",
-	"kosai",
-	"makinohara",
-	"matsuzaki",
-	"minamiizu",
-	"mishima",
-	"morimachi",
-	"nishiizu",
-	"numazu",
-	"omaezaki",
-	"shimada",
-	"shimizu",
-	"shimoda",
-	"shizuoka",
-	"susono",
-	"yaizu",
-	"yoshida",
-	"ashikaga",
-	"bato",
-	"haga",
-	"ichikai",
-	"iwafune",
-	"kaminokawa",
-	"kanuma",
-	"karasuyama",
-	"kuroiso",
-	"mashiko",
-	"mibu",
-	"moka",
-	"motegi",
-	"nasu",
-	"nasushiobara",
-	"nikko",
-	"nishikata",
-	"nogi",
-	"ohira",
-	"ohtawara",
-	"oyama",
-	"sakura",
-	"sano",
-	"shimotsuke",
-	"shioya",
-	"takanezawa",
-	"tochigi",
-	"tsuga",
-	"ujiie",
-	"utsunomiya",
-	"yaita",
-	"aizumi",
-	"anan",
-	"ichiba",
-	"itano",
-	"kainan",
-	"komatsushima",
-	"matsushige",
-	"mima",
-	"minami",
-	"miyoshi",
-	"mugi",
-	"nakagawa",
-	"naruto",
-	"sanagochi",
-	"shishikui",
-	"tokushima",
-	"wajiki",
-	"adachi",
-	"akiruno",
-	"akishima",
-	"aogashima",
-	"arakawa",
-	"bunkyo",
-	"chiyoda",
-	"chofu",
-	"chuo",
-	"edogawa",
-	"fuchu",
-	"fussa",
-	"hachijo",
-	"hachioji",
-	"hamura",
-	"higashikurume",
-	"higashimurayama",
-	"higashiyamato",
-	"hino",
-	"hinode",
-	"hinohara",
-	"inagi",
-	"itabashi",
-	"katsushika",
-	"kita",
-	"kiyose",
-	"kodaira",
-	"koganei",
-	"kokubunji",
-	"komae",
-	"koto",
-	"kouzushima",
-	"kunitachi",
-	"machida",
-	"meguro",
-	"minato",
-	"mitaka",
-	"mizuho",
-	"musashimurayama",
-	"musashino",
-	"nakano",
-	"nerima",
-	"ogasawara",
-	"okutama",
-	"ome",
-	"oshima",
-	"ota",
-	"setagaya",
-	"shibuya",
-	"shinagawa",
-	"shinjuku",
-	"suginami",
-	"sumida",
-	"tachikawa",
-	"taito",
-	"tama",
-	"toshima",
-	"chizu",
-	"hino",
-	"kawahara",
-	"koge",
-	"kotoura",
-	"misasa",
-	"nanbu",
-	"nichinan",
-	"sakaiminato",
-	"tottori",
-	"wakasa",
-	"yazu",
-	"yonago",
-	"asahi",
-	"fuchu",
-	"fukumitsu",
-	"funahashi",
-	"himi",
-	"imizu",
-	"inami",
-	"johana",
-	"kamiichi",
-	"kurobe",
-	"nakaniikawa",
-	"namerikawa",
-	"nanto",
-	"nyuzen",
-	"oyabe",
-	"taira",
-	"takaoka",
-	"tateyama",
-	"toga",
-	"tonami",
-	"toyama",
-	"unazuki",
-	"uozu",
-	"yamada",
-	"arida",
-	"aridagawa",
-	"gobo",
-	"hashimoto",
-	"hidaka",
-	"hirogawa",
-	"inami",
-	"iwade",
-	"kainan",
-	"kamitonda",
-	"katsuragi",
-	"kimino",
-	"kinokawa",
-	"kitayama",
-	"koya",
-	"koza",
-	"kozagawa",
-	"kudoyama",
-	"kushimoto",
-	"mihama",
-	"misato",
-	"nachikatsuura",
-	"shingu",
-	"shirahama",
-	"taiji",
-	"tanabe",
-	"wakayama",
-	"yuasa",
-	"yura",
-	"asahi",
-	"funagata",
-	"higashine",
-	"iide",
-	"kahoku",
-	"kaminoyama",
-	"kaneyama",
-	"kawanishi",
-	"mamurogawa",
-	"mikawa",
-	"murayama",
-	"nagai",
-	"nakayama",
-	"nanyo",
-	"nishikawa",
-	"obanazawa",
-	"oe",
-	"oguni",
-	"ohkura",
-	"oishida",
-	"sagae",
-	"sakata",
-	"sakegawa",
-	"shinjo",
-	"shirataka",
-	"shonai",
-	"takahata",
-	"tendo",
-	"tozawa",
-	"tsuruoka",
-	"yamagata",
-	"yamanobe",
-	"yonezawa",
-	"yuza",
-	"abu",
-	"hagi",
-	"hikari",
-	"hofu",
-	"iwakuni",
-	"kudamatsu",
-	"mitou",
-	"nagato",
-	"oshima",
-	"shimonoseki",
-	"shunan",
-	"tabuse",
-	"tokuyama",
-	"toyota",
-	"ube",
-	"yuu",
-	"chuo",
-	"doshi",
-	"fuefuki",
-	"fujikawa",
-	"fujikawaguchiko",
-	"fujiyoshida",
-	"hayakawa",
-	"hokuto",
-	"ichikawamisato",
-	"kai",
-	"kofu",
-	"koshu",
-	"kosuge",
-	"minami-alps",
-	"minobu",
-	"nakamichi",
-	"nanbu",
-	"narusawa",
-	"nirasaki",
-	"nishikatsura",
-	"oshino",
-	"otsuki",
-	"showa",
-	"tabayama",
-	"tsuru",
-	"uenohara",
-	"yamanakako",
-	"yamanashi",
-	"city",
-	"co",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"biz",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"net",
-	"org",
-	"ass",
-	"asso",
-	"com",
-	"coop",
-	"edu",
-	"gouv",
-	"gov",
-	"medecin",
-	"mil",
-	"nom",
-	"notaires",
-	"org",
-	"pharmaciens",
-	"prd",
-	"presse",
-	"tm",
-	"veterinaire",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"org",
-	"rep",
-	"tra",
-	"ac",
-	"blogspot",
-	"busan",
-	"chungbuk",
-	"chungnam",
-	"co",
-	"daegu",
-	"daejeon",
-	"es",
-	"gangwon",
-	"go",
-	"gwangju",
-	"gyeongbuk",
-	"gyeonggi",
-	"gyeongnam",
-	"hs",
-	"incheon",
-	"jeju",
-	"jeonbuk",
-	"jeonnam",
-	"kg",
-	"mil",
-	"ms",
-	"ne",
-	"or",
-	"pe",
-	"re",
-	"sc",
-	"seoul",
-	"ulsan",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"c",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"int",
-	"net",
-	"org",
-	"per",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"blogspot",
-	"ac",
-	"assn",
-	"com",
-	"edu",
-	"gov",
-	"grp",
-	"hotel",
-	"int",
-	"ltd",
-	"net",
-	"ngo",
-	"org",
-	"sch",
-	"soc",
-	"web",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"co",
-	"org",
-	"blogspot",
-	"gov",
-	"blogspot",
-	"asn",
-	"com",
-	"conf",
-	"edu",
-	"gov",
-	"id",
-	"mil",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"id",
-	"med",
-	"net",
-	"org",
-	"plc",
-	"sch",
-	"ac",
-	"co",
-	"gov",
-	"net",
-	"org",
-	"press",
-	"asso",
-	"tm",
-	"blogspot",
-	"ac",
-	"co",
-	"diskstation",
-	"dscloud",
-	"edu",
-	"gov",
-	"i234",
-	"its",
-	"myds",
-	"net",
-	"org",
-	"priv",
-	"synology",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"nom",
-	"org",
-	"prd",
-	"tm",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"inf",
-	"name",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gouv",
-	"gov",
-	"net",
-	"org",
-	"presse",
-	"edu",
-	"gov",
-	"nyc",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"dscloud",
-	"blogspot",
-	"gov",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"net",
-	"org",
-	"blogspot",
-	"ac",
-	"co",
-	"com",
-	"gov",
-	"net",
-	"or",
-	"org",
-	"academy",
-	"agriculture",
-	"air",
-	"airguard",
-	"alabama",
-	"alaska",
-	"amber",
-	"ambulance",
-	"american",
-	"americana",
-	"americanantiques",
-	"americanart",
-	"amsterdam",
-	"and",
-	"annefrank",
-	"anthro",
-	"anthropology",
-	"antiques",
-	"aquarium",
-	"arboretum",
-	"archaeological",
-	"archaeology",
-	"architecture",
-	"art",
-	"artanddesign",
-	"artcenter",
-	"artdeco",
-	"arteducation",
-	"artgallery",
-	"arts",
-	"artsandcrafts",
-	"asmatart",
-	"assassination",
-	"assisi",
-	"association",
-	"astronomy",
-	"atlanta",
-	"austin",
-	"australia",
-	"automotive",
-	"aviation",
-	"axis",
-	"badajoz",
-	"baghdad",
-	"bahn",
-	"bale",
-	"baltimore",
-	"barcelona",
-	"baseball",
-	"basel",
-	"baths",
-	"bauern",
-	"beauxarts",
-	"beeldengeluid",
-	"bellevue",
-	"bergbau",
-	"berkeley",
-	"berlin",
-	"bern",
-	"bible",
-	"bilbao",
-	"bill",
-	"birdart",
-	"birthplace",
-	"bonn",
-	"boston",
-	"botanical",
-	"botanicalgarden",
-	"botanicgarden",
-	"botany",
-	"brandywinevalley",
-	"brasil",
-	"bristol",
-	"british",
-	"britishcolumbia",
-	"broadcast",
-	"brunel",
-	"brussel",
-	"brussels",
-	"bruxelles",
-	"building",
-	"burghof",
-	"bus",
-	"bushey",
-	"cadaques",
-	"california",
-	"cambridge",
-	"can",
-	"canada",
-	"capebreton",
-	"carrier",
-	"cartoonart",
-	"casadelamoneda",
-	"castle",
-	"castres",
-	"celtic",
-	"center",
-	"chattanooga",
-	"cheltenham",
-	"chesapeakebay",
-	"chicago",
-	"children",
-	"childrens",
-	"childrensgarden",
-	"chiropractic",
-	"chocolate",
-	"christiansburg",
-	"cincinnati",
-	"cinema",
-	"circus",
-	"civilisation",
-	"civilization",
-	"civilwar",
-	"clinton",
-	"clock",
-	"coal",
-	"coastaldefence",
-	"cody",
-	"coldwar",
-	"collection",
-	"colonialwilliamsburg",
-	"coloradoplateau",
-	"columbia",
-	"columbus",
-	"communication",
-	"communications",
-	"community",
-	"computer",
-	"computerhistory",
-	"contemporary",
-	"contemporaryart",
-	"convent",
-	"copenhagen",
-	"corporation",
-	"corvette",
-	"costume",
-	"countryestate",
-	"county",
-	"crafts",
-	"cranbrook",
-	"creation",
-	"cultural",
-	"culturalcenter",
-	"culture",
-	"cyber",
-	"cymru",
-	"dali",
-	"dallas",
-	"database",
-	"ddr",
-	"decorativearts",
-	"delaware",
-	"delmenhorst",
-	"denmark",
-	"depot",
-	"design",
-	"detroit",
-	"dinosaur",
-	"discovery",
-	"dolls",
-	"donostia",
-	"durham",
-	"eastafrica",
-	"eastcoast",
-	"education",
-	"educational",
-	"egyptian",
-	"eisenbahn",
-	"elburg",
-	"elvendrell",
-	"embroidery",
-	"encyclopedic",
-	"england",
-	"entomology",
-	"environment",
-	"environmentalconservation",
-	"epilepsy",
-	"essex",
-	"estate",
-	"ethnology",
-	"exeter",
-	"exhibition",
-	"family",
-	"farm",
-	"farmequipment",
-	"farmers",
-	"farmstead",
-	"field",
-	"figueres",
-	"filatelia",
-	"film",
-	"fineart",
-	"finearts",
-	"finland",
-	"flanders",
-	"florida",
-	"force",
-	"fortmissoula",
-	"fortworth",
-	"foundation",
-	"francaise",
-	"frankfurt",
-	"franziskaner",
-	"freemasonry",
-	"freiburg",
-	"fribourg",
-	"frog",
-	"fundacio",
-	"furniture",
-	"gallery",
-	"garden",
-	"gateway",
-	"geelvinck",
-	"gemological",
-	"geology",
-	"georgia",
-	"giessen",
-	"glas",
-	"glass",
-	"gorge",
-	"grandrapids",
-	"graz",
-	"guernsey",
-	"halloffame",
-	"hamburg",
-	"handson",
-	"harvestcelebration",
-	"hawaii",
-	"health",
-	"heimatunduhren",
-	"hellas",
-	"helsinki",
-	"hembygdsforbund",
-	"heritage",
-	"histoire",
-	"historical",
-	"historicalsociety",
-	"historichouses",
-	"historisch",
-	"historisches",
-	"history",
-	"historyofscience",
-	"horology",
-	"house",
-	"humanities",
-	"illustration",
-	"imageandsound",
-	"indian",
-	"indiana",
-	"indianapolis",
-	"indianmarket",
-	"intelligence",
-	"interactive",
-	"iraq",
-	"iron",
-	"isleofman",
-	"jamison",
-	"jefferson",
-	"jerusalem",
-	"jewelry",
-	"jewish",
-	"jewishart",
-	"jfk",
-	"journalism",
-	"judaica",
-	"judygarland",
-	"juedisches",
-	"juif",
-	"karate",
-	"karikatur",
-	"kids",
-	"koebenhavn",
-	"koeln",
-	"kunst",
-	"kunstsammlung",
-	"kunstunddesign",
-	"labor",
-	"labour",
-	"lajolla",
-	"lancashire",
-	"landes",
-	"lans",
-	"larsson",
-	"lewismiller",
-	"lincoln",
-	"linz",
-	"living",
-	"livinghistory",
-	"localhistory",
-	"london",
-	"losangeles",
-	"louvre",
-	"loyalist",
-	"lucerne",
-	"luxembourg",
-	"luzern",
-	"mad",
-	"madrid",
-	"mallorca",
-	"manchester",
-	"mansion",
-	"mansions",
-	"manx",
-	"marburg",
-	"maritime",
-	"maritimo",
-	"maryland",
-	"marylhurst",
-	"media",
-	"medical",
-	"medizinhistorisches",
-	"meeres",
-	"memorial",
-	"mesaverde",
-	"michigan",
-	"midatlantic",
-	"military",
-	"mill",
-	"miners",
-	"mining",
-	"minnesota",
-	"missile",
-	"missoula",
-	"modern",
-	"moma",
-	"money",
-	"monmouth",
-	"monticello",
-	"montreal",
-	"moscow",
-	"motorcycle",
-	"muenchen",
-	"muenster",
-	"mulhouse",
-	"muncie",
-	"museet",
-	"museumcenter",
-	"museumvereniging",
-	"music",
-	"national",
-	"nationalfirearms",
-	"nationalheritage",
-	"nativeamerican",
-	"naturalhistory",
-	"naturalhistorymuseum",
-	"naturalsciences",
-	"nature",
-	"naturhistorisches",
-	"natuurwetenschappen",
-	"naumburg",
-	"naval",
-	"nebraska",
-	"neues",
-	"newhampshire",
-	"newjersey",
-	"newmexico",
-	"newport",
-	"newspaper",
-	"newyork",
-	"niepce",
-	"norfolk",
-	"north",
-	"nrw",
-	"nuernberg",
-	"nuremberg",
-	"nyc",
-	"nyny",
-	"oceanographic",
-	"oceanographique",
-	"omaha",
-	"online",
-	"ontario",
-	"openair",
-	"oregon",
-	"oregontrail",
-	"otago",
-	"oxford",
-	"pacific",
-	"paderborn",
-	"palace",
-	"paleo",
-	"palmsprings",
-	"panama",
-	"paris",
-	"pasadena",
-	"pharmacy",
-	"philadelphia",
-	"philadelphiaarea",
-	"philately",
-	"phoenix",
-	"photography",
-	"pilots",
-	"pittsburgh",
-	"planetarium",
-	"plantation",
-	"plants",
-	"plaza",
-	"portal",
-	"portland",
-	"portlligat",
-	"posts-and-telecommunications",
-	"preservation",
-	"presidio",
-	"press",
-	"project",
-	"public",
-	"pubol",
-	"quebec",
-	"railroad",
-	"railway",
-	"research",
-	"resistance",
-	"riodejaneiro",
-	"rochester",
-	"rockart",
-	"roma",
-	"russia",
-	"saintlouis",
-	"salem",
-	"salvadordali",
-	"salzburg",
-	"sandiego",
-	"sanfrancisco",
-	"santabarbara",
-	"santacruz",
-	"santafe",
-	"saskatchewan",
-	"satx",
-	"savannahga",
-	"schlesisches",
-	"schoenbrunn",
-	"schokoladen",
-	"school",
-	"schweiz",
-	"science",
-	"science-fiction",
-	"scienceandhistory",
-	"scienceandindustry",
-	"sciencecenter",
-	"sciencecenters",
-	"sciencehistory",
-	"sciences",
-	"sciencesnaturelles",
-	"scotland",
-	"seaport",
-	"settlement",
-	"settlers",
-	"shell",
-	"sherbrooke",
-	"sibenik",
-	"silk",
-	"ski",
-	"skole",
-	"society",
-	"sologne",
-	"soundandvision",
-	"southcarolina",
-	"southwest",
-	"space",
-	"spy",
-	"square",
-	"stadt",
-	"stalbans",
-	"starnberg",
-	"state",
-	"stateofdelaware",
-	"station",
-	"steam",
-	"steiermark",
-	"stjohn",
-	"stockholm",
-	"stpetersburg",
-	"stuttgart",
-	"suisse",
-	"surgeonshall",
-	"surrey",
-	"svizzera",
-	"sweden",
-	"sydney",
-	"tank",
-	"tcm",
-	"technology",
-	"telekommunikation",
-	"television",
-	"texas",
-	"textile",
-	"theater",
-	"time",
-	"timekeeping",
-	"topology",
-	"torino",
-	"touch",
-	"town",
-	"transport",
-	"tree",
-	"trolley",
-	"trust",
-	"trustee",
-	"uhren",
-	"ulm",
-	"undersea",
-	"university",
-	"usa",
-	"usantiques",
-	"usarts",
-	"uscountryestate",
-	"usculture",
-	"usdecorativearts",
-	"usgarden",
-	"ushistory",
-	"ushuaia",
-	"uslivinghistory",
-	"utah",
-	"uvic",
-	"valley",
-	"vantaa",
-	"versailles",
-	"viking",
-	"village",
-	"virginia",
-	"virtual",
-	"virtuel",
-	"vlaanderen",
-	"volkenkunde",
-	"wales",
-	"wallonie",
-	"war",
-	"washingtondc",
-	"watch-and-clock",
-	"watchandclock",
-	"western",
-	"westfalen",
-	"whaling",
-	"wildlife",
-	"williamsburg",
-	"windmill",
-	"workshop",
-	"xn--9dbhblg6di",
-	"xn--comunicaes-v6a2o",
-	"xn--correios-e-telecomunicaes-ghc29a",
-	"xn--h1aegh",
-	"xn--lns-qla",
-	"york",
-	"yorkshire",
-	"yosemite",
-	"youth",
-	"zoological",
-	"zoology",
-	"aero",
-	"biz",
-	"com",
-	"coop",
-	"edu",
-	"gov",
-	"info",
-	"int",
-	"mil",
-	"museum",
-	"name",
-	"net",
-	"org",
-	"pro",
-	"ac",
-	"biz",
-	"co",
-	"com",
-	"coop",
-	"edu",
-	"gov",
-	"int",
-	"museum",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"gob",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"name",
-	"net",
-	"org",
-	"teledata",
-	"ca",
-	"cc",
-	"co",
-	"com",
-	"dr",
-	"in",
-	"info",
-	"mobi",
-	"mx",
-	"name",
-	"or",
-	"org",
-	"pro",
-	"school",
-	"tv",
-	"us",
-	"ws",
-	"her",
-	"his",
-	"forgot",
-	"forgot",
-	"asso",
-	"at-band-camp",
-	"azure-mobile",
-	"azurewebsites",
-	"blogdns",
-	"broke-it",
-	"buyshouses",
-	"cdn77",
-	"cdn77-ssl",
-	"cloudapp",
-	"cloudfront",
-	"cloudfunctions",
-	"dnsalias",
-	"dnsdojo",
-	"does-it",
-	"dontexist",
-	"dsmynas",
-	"dynalias",
-	"dynathome",
-	"dynv6",
-	"endofinternet",
-	"familyds",
-	"fastly",
-	"from-az",
-	"from-co",
-	"from-la",
-	"from-ny",
-	"gb",
-	"gets-it",
-	"ham-radio-op",
-	"homeftp",
-	"homeip",
-	"homelinux",
-	"homeunix",
-	"hu",
-	"in",
-	"in-the-band",
-	"is-a-chef",
-	"is-a-geek",
-	"isa-geek",
-	"jp",
-	"kicks-ass",
-	"office-on-the",
-	"podzone",
-	"rackmaze",
-	"scrapper-site",
-	"se",
-	"selfip",
-	"sells-it",
-	"servebbs",
-	"serveftp",
-	"thruhere",
-	"uk",
-	"webhop",
-	"za",
-	"r",
-	"prod",
-	"ssl",
-	"a",
-	"global",
-	"a",
-	"b",
-	"global",
-	"arts",
-	"com",
-	"firm",
-	"info",
-	"net",
-	"other",
-	"per",
-	"rec",
-	"store",
-	"web",
-	"com",
-	"edu",
-	"gov",
-	"i",
-	"mil",
-	"mobi",
-	"name",
-	"net",
-	"org",
-	"sch",
-	"blogspot",
-	"ac",
-	"biz",
-	"co",
-	"com",
-	"edu",
-	"gob",
-	"in",
-	"info",
-	"int",
-	"mil",
-	"net",
-	"nom",
-	"org",
-	"web",
-	"blogspot",
-	"bv",
-	"co",
-	"aa",
-	"aarborte",
-	"aejrie",
-	"afjord",
-	"agdenes",
-	"ah",
-	"akershus",
-	"aknoluokta",
-	"akrehamn",
-	"al",
-	"alaheadju",
-	"alesund",
-	"algard",
-	"alstahaug",
-	"alta",
-	"alvdal",
-	"amli",
-	"amot",
-	"andasuolo",
-	"andebu",
-	"andoy",
-	"ardal",
-	"aremark",
-	"arendal",
-	"arna",
-	"aseral",
-	"asker",
-	"askim",
-	"askoy",
-	"askvoll",
-	"asnes",
-	"audnedaln",
-	"aukra",
-	"aure",
-	"aurland",
-	"aurskog-holand",
-	"austevoll",
-	"austrheim",
-	"averoy",
-	"badaddja",
-	"bahcavuotna",
-	"bahccavuotna",
-	"baidar",
-	"bajddar",
-	"balat",
-	"balestrand",
-	"ballangen",
-	"balsfjord",
-	"bamble",
-	"bardu",
-	"barum",
-	"batsfjord",
-	"bearalvahki",
-	"beardu",
-	"beiarn",
-	"berg",
-	"bergen",
-	"berlevag",
-	"bievat",
-	"bindal",
-	"birkenes",
-	"bjarkoy",
-	"bjerkreim",
-	"bjugn",
-	"blogspot",
-	"bodo",
-	"bokn",
-	"bomlo",
-	"bremanger",
-	"bronnoy",
-	"bronnoysund",
-	"brumunddal",
-	"bryne",
-	"bu",
-	"budejju",
-	"buskerud",
-	"bygland",
-	"bykle",
-	"cahcesuolo",
-	"co",
-	"davvenjarga",
-	"davvesiida",
-	"deatnu",
-	"dep",
-	"dielddanuorri",
-	"divtasvuodna",
-	"divttasvuotna",
-	"donna",
-	"dovre",
-	"drammen",
-	"drangedal",
-	"drobak",
-	"dyroy",
-	"egersund",
-	"eid",
-	"eidfjord",
-	"eidsberg",
-	"eidskog",
-	"eidsvoll",
-	"eigersund",
-	"elverum",
-	"enebakk",
-	"engerdal",
-	"etne",
-	"etnedal",
-	"evenassi",
-	"evenes",
-	"evje-og-hornnes",
-	"farsund",
-	"fauske",
-	"fedje",
-	"fet",
-	"fetsund",
-	"fhs",
-	"finnoy",
-	"fitjar",
-	"fjaler",
-	"fjell",
-	"fla",
-	"flakstad",
-	"flatanger",
-	"flekkefjord",
-	"flesberg",
-	"flora",
-	"floro",
-	"fm",
-	"folkebibl",
-	"folldal",
-	"forde",
-	"forsand",
-	"fosnes",
-	"frana",
-	"fredrikstad",
-	"frei",
-	"frogn",
-	"froland",
-	"frosta",
-	"froya",
-	"fuoisku",
-	"fuossko",
-	"fusa",
-	"fylkesbibl",
-	"fyresdal",
-	"gaivuotna",
-	"galsa",
-	"gamvik",
-	"gangaviika",
-	"gaular",
-	"gausdal",
-	"giehtavuoatna",
-	"gildeskal",
-	"giske",
-	"gjemnes",
-	"gjerdrum",
-	"gjerstad",
-	"gjesdal",
-	"gjovik",
-	"gloppen",
-	"gol",
-	"gran",
-	"grane",
-	"granvin",
-	"gratangen",
-	"grimstad",
-	"grong",
-	"grue",
-	"gulen",
-	"guovdageaidnu",
-	"ha",
-	"habmer",
-	"hadsel",
-	"hagebostad",
-	"halden",
-	"halsa",
-	"hamar",
-	"hamaroy",
-	"hammarfeasta",
-	"hammerfest",
-	"hapmir",
-	"haram",
-	"hareid",
-	"harstad",
-	"hasvik",
-	"hattfjelldal",
-	"haugesund",
-	"hedmark",
-	"hemne",
-	"hemnes",
-	"hemsedal",
-	"herad",
-	"hitra",
-	"hjartdal",
-	"hjelmeland",
-	"hl",
-	"hm",
-	"hobol",
-	"hof",
-	"hokksund",
-	"hol",
-	"hole",
-	"holmestrand",
-	"holtalen",
-	"honefoss",
-	"hordaland",
-	"hornindal",
-	"horten",
-	"hoyanger",
-	"hoylandet",
-	"hurdal",
-	"hurum",
-	"hvaler",
-	"hyllestad",
-	"ibestad",
-	"idrett",
-	"inderoy",
-	"iveland",
-	"ivgu",
-	"jan-mayen",
-	"jessheim",
-	"jevnaker",
-	"jolster",
-	"jondal",
-	"jorpeland",
-	"kafjord",
-	"karasjohka",
-	"karasjok",
-	"karlsoy",
-	"karmoy",
-	"kautokeino",
-	"kirkenes",
-	"klabu",
-	"klepp",
-	"kommune",
-	"kongsberg",
-	"kongsvinger",
-	"kopervik",
-	"kraanghke",
-	"kragero",
-	"kristiansand",
-	"kristiansund",
-	"krodsherad",
-	"krokstadelva",
-	"kvafjord",
-	"kvalsund",
-	"kvam",
-	"kvanangen",
-	"kvinesdal",
-	"kvinnherad",
-	"kviteseid",
-	"kvitsoy",
-	"laakesvuemie",
-	"lahppi",
-	"langevag",
-	"lardal",
-	"larvik",
-	"lavagis",
-	"lavangen",
-	"leangaviika",
-	"lebesby",
-	"leikanger",
-	"leirfjord",
-	"leirvik",
-	"leka",
-	"leksvik",
-	"lenvik",
-	"lerdal",
-	"lesja",
-	"levanger",
-	"lier",
-	"lierne",
-	"lillehammer",
-	"lillesand",
-	"lindas",
-	"lindesnes",
-	"loabat",
-	"lodingen",
-	"lom",
-	"loppa",
-	"lorenskog",
-	"loten",
-	"lund",
-	"lunner",
-	"luroy",
-	"luster",
-	"lyngdal",
-	"lyngen",
-	"malatvuopmi",
-	"malselv",
-	"malvik",
-	"mandal",
-	"marker",
-	"marnardal",
-	"masfjorden",
-	"masoy",
-	"matta-varjjat",
-	"meland",
-	"meldal",
-	"melhus",
-	"meloy",
-	"meraker",
-	"midsund",
-	"midtre-gauldal",
-	"mil",
-	"mjondalen",
-	"mo-i-rana",
-	"moareke",
-	"modalen",
-	"modum",
-	"molde",
-	"more-og-romsdal",
-	"mosjoen",
-	"moskenes",
-	"moss",
-	"mosvik",
-	"mr",
-	"muosat",
-	"museum",
-	"naamesjevuemie",
-	"namdalseid",
-	"namsos",
-	"namsskogan",
-	"nannestad",
-	"naroy",
-	"narviika",
-	"narvik",
-	"naustdal",
-	"navuotna",
-	"nedre-eiker",
-	"nesna",
-	"nesodden",
-	"nesoddtangen",
-	"nesseby",
-	"nesset",
-	"nissedal",
-	"nittedal",
-	"nl",
-	"nord-aurdal",
-	"nord-fron",
-	"nord-odal",
-	"norddal",
-	"nordkapp",
-	"nordland",
-	"nordre-land",
-	"nordreisa",
-	"nore-og-uvdal",
-	"notodden",
-	"notteroy",
-	"nt",
-	"odda",
-	"of",
-	"oksnes",
-	"ol",
-	"omasvuotna",
-	"oppdal",
-	"oppegard",
-	"orkanger",
-	"orkdal",
-	"orland",
-	"orskog",
-	"orsta",
-	"osen",
-	"oslo",
-	"osoyro",
-	"osteroy",
-	"ostfold",
-	"ostre-toten",
-	"overhalla",
-	"ovre-eiker",
-	"oyer",
-	"oygarden",
-	"oystre-slidre",
-	"porsanger",
-	"porsangu",
-	"porsgrunn",
-	"priv",
-	"rade",
-	"radoy",
-	"rahkkeravju",
-	"raholt",
-	"raisa",
-	"rakkestad",
-	"ralingen",
-	"rana",
-	"randaberg",
-	"rauma",
-	"rendalen",
-	"rennebu",
-	"rennesoy",
-	"rindal",
-	"ringebu",
-	"ringerike",
-	"ringsaker",
-	"risor",
-	"rissa",
-	"rl",
-	"roan",
-	"rodoy",
-	"rollag",
-	"romsa",
-	"romskog",
-	"roros",
-	"rost",
-	"royken",
-	"royrvik",
-	"ruovat",
-	"rygge",
-	"salangen",
-	"salat",
-	"saltdal",
-	"samnanger",
-	"sandefjord",
-	"sandnes",
-	"sandnessjoen",
-	"sandoy",
-	"sarpsborg",
-	"sauda",
-	"sauherad",
-	"sel",
-	"selbu",
-	"selje",
-	"seljord",
-	"sf",
-	"siellak",
-	"sigdal",
-	"siljan",
-	"sirdal",
-	"skanit",
-	"skanland",
-	"skaun",
-	"skedsmo",
-	"skedsmokorset",
-	"ski",
-	"skien",
-	"skierva",
-	"skiptvet",
-	"skjak",
-	"skjervoy",
-	"skodje",
-	"slattum",
-	"smola",
-	"snaase",
-	"snasa",
-	"snillfjord",
-	"snoasa",
-	"sogndal",
-	"sogne",
-	"sokndal",
-	"sola",
-	"solund",
-	"somna",
-	"sondre-land",
-	"songdalen",
-	"sor-aurdal",
-	"sor-fron",
-	"sor-odal",
-	"sor-varanger",
-	"sorfold",
-	"sorreisa",
-	"sortland",
-	"sorum",
-	"spjelkavik",
-	"spydeberg",
-	"st",
-	"stange",
-	"stat",
-	"stathelle",
-	"stavanger",
-	"stavern",
-	"steigen",
-	"steinkjer",
-	"stjordal",
-	"stjordalshalsen",
-	"stokke",
-	"stor-elvdal",
-	"stord",
-	"stordal",
-	"storfjord",
-	"strand",
-	"stranda",
-	"stryn",
-	"sula",
-	"suldal",
-	"sund",
-	"sunndal",
-	"surnadal",
-	"svalbard",
-	"sveio",
-	"svelvik",
-	"sykkylven",
-	"tana",
-	"tananger",
-	"telemark",
-	"time",
-	"tingvoll",
-	"tinn",
-	"tjeldsund",
-	"tjome",
-	"tm",
-	"tokke",
-	"tolga",
-	"tonsberg",
-	"torsken",
-	"tr",
-	"trana",
-	"tranby",
-	"tranoy",
-	"troandin",
-	"trogstad",
-	"tromsa",
-	"tromso",
-	"trondheim",
-	"trysil",
-	"tvedestrand",
-	"tydal",
-	"tynset",
-	"tysfjord",
-	"tysnes",
-	"tysvar",
-	"ullensaker",
-	"ullensvang",
-	"ulvik",
-	"unjarga",
-	"utsira",
-	"va",
-	"vaapste",
-	"vadso",
-	"vaga",
-	"vagan",
-	"vagsoy",
-	"vaksdal",
-	"valle",
-	"vang",
-	"vanylven",
-	"vardo",
-	"varggat",
-	"varoy",
-	"vefsn",
-	"vega",
-	"vegarshei",
-	"vennesla",
-	"verdal",
-	"verran",
-	"vestby",
-	"vestfold",
-	"vestnes",
-	"vestre-slidre",
-	"vestre-toten",
-	"vestvagoy",
-	"vevelstad",
-	"vf",
-	"vgs",
-	"vik",
-	"vikna",
-	"vindafjord",
-	"voagat",
-	"volda",
-	"voss",
-	"vossevangen",
-	"xn--andy-ira",
-	"xn--asky-ira",
-	"xn--aurskog-hland-jnb",
-	"xn--avery-yua",
-	"xn--bdddj-mrabd",
-	"xn--bearalvhki-y4a",
-	"xn--berlevg-jxa",
-	"xn--bhcavuotna-s4a",
-	"xn--bhccavuotna-k7a",
-	"xn--bidr-5nac",
-	"xn--bievt-0qa",
-	"xn--bjarky-fya",
-	"xn--bjddar-pta",
-	"xn--blt-elab",
-	"xn--bmlo-gra",
-	"xn--bod-2na",
-	"xn--brnny-wuac",
-	"xn--brnnysund-m8ac",
-	"xn--brum-voa",
-	"xn--btsfjord-9za",
-	"xn--davvenjrga-y4a",
-	"xn--dnna-gra",
-	"xn--drbak-wua",
-	"xn--dyry-ira",
-	"xn--eveni-0qa01ga",
-	"xn--finny-yua",
-	"xn--fjord-lra",
-	"xn--fl-zia",
-	"xn--flor-jra",
-	"xn--frde-gra",
-	"xn--frna-woa",
-	"xn--frya-hra",
-	"xn--ggaviika-8ya47h",
-	"xn--gildeskl-g0a",
-	"xn--givuotna-8ya",
-	"xn--gjvik-wua",
-	"xn--gls-elac",
-	"xn--h-2fa",
-	"xn--hbmer-xqa",
-	"xn--hcesuolo-7ya35b",
-	"xn--hgebostad-g3a",
-	"xn--hmmrfeasta-s4ac",
-	"xn--hnefoss-q1a",
-	"xn--hobl-ira",
-	"xn--holtlen-hxa",
-	"xn--hpmir-xqa",
-	"xn--hyanger-q1a",
-	"xn--hylandet-54a",
-	"xn--indery-fya",
-	"xn--jlster-bya",
-	"xn--jrpeland-54a",
-	"xn--karmy-yua",
-	"xn--kfjord-iua",
-	"xn--klbu-woa",
-	"xn--koluokta-7ya57h",
-	"xn--krager-gya",
-	"xn--kranghke-b0a",
-	"xn--krdsherad-m8a",
-	"xn--krehamn-dxa",
-	"xn--krjohka-hwab49j",
-	"xn--ksnes-uua",
-	"xn--kvfjord-nxa",
-	"xn--kvitsy-fya",
-	"xn--kvnangen-k0a",
-	"xn--l-1fa",
-	"xn--laheadju-7ya",
-	"xn--langevg-jxa",
-	"xn--ldingen-q1a",
-	"xn--leagaviika-52b",
-	"xn--lesund-hua",
-	"xn--lgrd-poac",
-	"xn--lhppi-xqa",
-	"xn--linds-pra",
-	"xn--loabt-0qa",
-	"xn--lrdal-sra",
-	"xn--lrenskog-54a",
-	"xn--lt-liac",
-	"xn--lten-gra",
-	"xn--lury-ira",
-	"xn--mely-ira",
-	"xn--merker-kua",
-	"xn--mjndalen-64a",
-	"xn--mlatvuopmi-s4a",
-	"xn--mli-tla",
-	"xn--mlselv-iua",
-	"xn--moreke-jua",
-	"xn--mosjen-eya",
-	"xn--mot-tla",
-	"xn--mre-og-romsdal-qqb",
-	"xn--msy-ula0h",
-	"xn--mtta-vrjjat-k7af",
-	"xn--muost-0qa",
-	"xn--nmesjevuemie-tcba",
-	"xn--nry-yla5g",
-	"xn--nttery-byae",
-	"xn--nvuotna-hwa",
-	"xn--oppegrd-ixa",
-	"xn--ostery-fya",
-	"xn--osyro-wua",
-	"xn--porsgu-sta26f",
-	"xn--rady-ira",
-	"xn--rdal-poa",
-	"xn--rde-ula",
-	"xn--rdy-0nab",
-	"xn--rennesy-v1a",
-	"xn--rhkkervju-01af",
-	"xn--rholt-mra",
-	"xn--risa-5na",
-	"xn--risr-ira",
-	"xn--rland-uua",
-	"xn--rlingen-mxa",
-	"xn--rmskog-bya",
-	"xn--rros-gra",
-	"xn--rskog-uua",
-	"xn--rst-0na",
-	"xn--rsta-fra",
-	"xn--ryken-vua",
-	"xn--ryrvik-bya",
-	"xn--s-1fa",
-	"xn--sandnessjen-ogb",
-	"xn--sandy-yua",
-	"xn--seral-lra",
-	"xn--sgne-gra",
-	"xn--skierv-uta",
-	"xn--skjervy-v1a",
-	"xn--skjk-soa",
-	"xn--sknit-yqa",
-	"xn--sknland-fxa",
-	"xn--slat-5na",
-	"xn--slt-elab",
-	"xn--smla-hra",
-	"xn--smna-gra",
-	"xn--snase-nra",
-	"xn--sndre-land-0cb",
-	"xn--snes-poa",
-	"xn--snsa-roa",
-	"xn--sr-aurdal-l8a",
-	"xn--sr-fron-q1a",
-	"xn--sr-odal-q1a",
-	"xn--sr-varanger-ggb",
-	"xn--srfold-bya",
-	"xn--srreisa-q1a",
-	"xn--srum-gra",
-	"xn--stfold-9xa",
-	"xn--stjrdal-s1a",
-	"xn--stjrdalshalsen-sqb",
-	"xn--stre-toten-zcb",
-	"xn--tjme-hra",
-	"xn--tnsberg-q1a",
-	"xn--trany-yua",
-	"xn--trgstad-r1a",
-	"xn--trna-woa",
-	"xn--troms-zua",
-	"xn--tysvr-vra",
-	"xn--unjrga-rta",
-	"xn--vads-jra",
-	"xn--vard-jra",
-	"xn--vegrshei-c0a",
-	"xn--vestvgy-ixa6o",
-	"xn--vg-yiab",
-	"xn--vgan-qoa",
-	"xn--vgsy-qoa0j",
-	"xn--vre-eiker-k8a",
-	"xn--vrggt-xqad",
-	"xn--vry-yla5g",
-	"xn--yer-zna",
-	"xn--ygarden-p1a",
-	"xn--ystre-slidre-ujb",
-	"gs",
-	"gs",
-	"nes",
-	"gs",
-	"nes",
-	"gs",
-	"os",
-	"valer",
-	"xn--vler-qoa",
-	"gs",
-	"gs",
-	"os",
-	"gs",
-	"heroy",
-	"sande",
-	"gs",
-	"gs",
-	"bo",
-	"heroy",
-	"xn--b-5ga",
-	"xn--hery-ira",
-	"gs",
-	"gs",
-	"gs",
-	"gs",
-	"valer",
-	"gs",
-	"gs",
-	"gs",
-	"gs",
-	"bo",
-	"xn--b-5ga",
-	"gs",
-	"gs",
-	"gs",
-	"sande",
-	"gs",
-	"sande",
-	"xn--hery-ira",
-	"xn--vler-qoa",
-	"biz",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"net",
-	"org",
-	"merseine",
-	"mine",
-	"shacknet",
-	"ac",
-	"co",
-	"cri",
-	"geek",
-	"gen",
-	"govt",
-	"health",
-	"iwi",
-	"kiwi",
-	"maori",
-	"mil",
-	"net",
-	"org",
-	"parliament",
-	"school",
-	"xn--mori-qsa",
-	"blogspot",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"med",
-	"museum",
-	"net",
-	"org",
-	"pro",
-	"ae",
-	"blogdns",
-	"blogsite",
-	"bmoattachments",
-	"boldlygoingnowhere",
-	"cdn77",
-	"cdn77-secure",
-	"dnsalias",
-	"dnsdojo",
-	"doesntexist",
-	"dontexist",
-	"doomdns",
-	"dsmynas",
-	"duckdns",
-	"dvrdns",
-	"dynalias",
-	"dyndns",
-	"endofinternet",
-	"endoftheinternet",
-	"eu",
-	"familyds",
-	"from-me",
-	"game-host",
-	"gotdns",
-	"hk",
-	"hobby-site",
-	"homedns",
-	"homeftp",
-	"homelinux",
-	"homeunix",
-	"is-a-bruinsfan",
-	"is-a-candidate",
-	"is-a-celticsfan",
-	"is-a-chef",
-	"is-a-geek",
-	"is-a-knight",
-	"is-a-linux-user",
-	"is-a-patsfan",
-	"is-a-soxfan",
-	"is-found",
-	"is-lost",
-	"is-saved",
-	"is-very-bad",
-	"is-very-evil",
-	"is-very-good",
-	"is-very-nice",
-	"is-very-sweet",
-	"isa-geek",
-	"kicks-ass",
-	"misconfused",
-	"podzone",
-	"readmyblog",
-	"selfip",
-	"sellsyourhome",
-	"servebbs",
-	"serveftp",
-	"servegame",
-	"stuff-4-sale",
-	"us",
-	"webhop",
-	"za",
-	"c",
-	"rsc",
-	"origin",
-	"ssl",
-	"go",
-	"home",
-	"al",
-	"asso",
-	"at",
-	"au",
-	"be",
-	"bg",
-	"ca",
-	"cd",
-	"ch",
-	"cn",
-	"cy",
-	"cz",
-	"de",
-	"dk",
-	"edu",
-	"ee",
-	"es",
-	"fi",
-	"fr",
-	"gr",
-	"hr",
-	"hu",
-	"ie",
-	"il",
-	"in",
-	"int",
-	"is",
-	"it",
-	"jp",
-	"kr",
-	"lt",
-	"lu",
-	"lv",
-	"mc",
-	"me",
-	"mk",
-	"mt",
-	"my",
-	"net",
-	"ng",
-	"nl",
-	"no",
-	"nz",
-	"paris",
-	"pl",
-	"pt",
-	"q-a",
-	"ro",
-	"ru",
-	"se",
-	"si",
-	"sk",
-	"tr",
-	"uk",
-	"us",
-	"abo",
-	"ac",
-	"com",
-	"edu",
-	"gob",
-	"ing",
-	"med",
-	"net",
-	"nom",
-	"org",
-	"sld",
-	"blogspot",
-	"com",
-	"edu",
-	"gob",
-	"mil",
-	"net",
-	"nom",
-	"org",
-	"com",
-	"edu",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"i",
-	"mil",
-	"net",
-	"ngo",
-	"org",
-	"biz",
-	"com",
-	"edu",
-	"fam",
-	"gob",
-	"gok",
-	"gon",
-	"gop",
-	"gos",
-	"gov",
-	"info",
-	"net",
-	"org",
-	"web",
-	"agro",
-	"aid",
-	"art",
-	"atm",
-	"augustow",
-	"auto",
-	"babia-gora",
-	"bedzin",
-	"beskidy",
-	"bialowieza",
-	"bialystok",
-	"bielawa",
-	"bieszczady",
-	"biz",
-	"boleslawiec",
-	"bydgoszcz",
-	"bytom",
-	"cieszyn",
-	"co",
-	"com",
-	"czeladz",
-	"czest",
-	"dlugoleka",
-	"edu",
-	"elblag",
-	"elk",
-	"gda",
-	"gdansk",
-	"gdynia",
-	"gliwice",
-	"glogow",
-	"gmina",
-	"gniezno",
-	"gorlice",
-	"gov",
-	"grajewo",
-	"gsm",
-	"ilawa",
-	"info",
-	"jaworzno",
-	"jelenia-gora",
-	"jgora",
-	"kalisz",
-	"karpacz",
-	"kartuzy",
-	"kaszuby",
-	"katowice",
-	"kazimierz-dolny",
-	"kepno",
-	"ketrzyn",
-	"klodzko",
-	"kobierzyce",
-	"kolobrzeg",
-	"konin",
-	"konskowola",
-	"krakow",
-	"kutno",
-	"lapy",
-	"lebork",
-	"legnica",
-	"lezajsk",
-	"limanowa",
-	"lomza",
-	"lowicz",
-	"lubin",
-	"lukow",
-	"mail",
-	"malbork",
-	"malopolska",
-	"mazowsze",
-	"mazury",
-	"med",
-	"media",
-	"miasta",
-	"mielec",
-	"mielno",
-	"mil",
-	"mragowo",
-	"naklo",
-	"net",
-	"nieruchomosci",
-	"nom",
-	"nowaruda",
-	"nysa",
-	"olawa",
-	"olecko",
-	"olkusz",
-	"olsztyn",
-	"opoczno",
-	"opole",
-	"org",
-	"ostroda",
-	"ostroleka",
-	"ostrowiec",
-	"ostrowwlkp",
-	"pc",
-	"pila",
-	"pisz",
-	"podhale",
-	"podlasie",
-	"polkowice",
-	"pomorskie",
-	"pomorze",
-	"powiat",
-	"poznan",
-	"priv",
-	"prochowice",
-	"pruszkow",
-	"przeworsk",
-	"pulawy",
-	"radom",
-	"rawa-maz",
-	"realestate",
-	"rel",
-	"rybnik",
-	"rzeszow",
-	"sanok",
-	"sejny",
-	"sex",
-	"shop",
-	"sklep",
-	"skoczow",
-	"slask",
-	"slupsk",
-	"sopot",
-	"sos",
-	"sosnowiec",
-	"stalowa-wola",
-	"starachowice",
-	"stargard",
-	"suwalki",
-	"swidnica",
-	"swiebodzin",
-	"swinoujscie",
-	"szczecin",
-	"szczytno",
-	"szkola",
-	"targi",
-	"tarnobrzeg",
-	"tgory",
-	"tm",
-	"tourism",
-	"travel",
-	"turek",
-	"turystyka",
-	"tychy",
-	"ustka",
-	"walbrzych",
-	"warmia",
-	"warszawa",
-	"waw",
-	"wegrow",
-	"wielun",
-	"wlocl",
-	"wloclawek",
-	"wodzislaw",
-	"wolomin",
-	"wroc",
-	"wroclaw",
-	"zachpomor",
-	"zagan",
-	"zakopane",
-	"zarow",
-	"zgora",
-	"zgorzelec",
-	"ap",
-	"griw",
-	"ic",
-	"is",
-	"kmpsp",
-	"konsulat",
-	"kppsp",
-	"kwp",
-	"kwpsp",
-	"mup",
-	"mw",
-	"oirm",
-	"oum",
-	"pa",
-	"pinb",
-	"piw",
-	"po",
-	"psp",
-	"psse",
-	"pup",
-	"rzgw",
-	"sa",
-	"sdn",
-	"sko",
-	"so",
-	"sr",
-	"starostwo",
-	"ug",
-	"ugim",
-	"um",
-	"umig",
-	"upow",
-	"uppo",
-	"us",
-	"uw",
-	"uzs",
-	"wif",
-	"wiih",
-	"winb",
-	"wios",
-	"witd",
-	"wiw",
-	"wsa",
-	"wskr",
-	"wuoz",
-	"wzmiuw",
-	"zp",
-	"co",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"ac",
-	"biz",
-	"com",
-	"edu",
-	"est",
-	"gov",
-	"info",
-	"isla",
-	"name",
-	"net",
-	"org",
-	"pro",
-	"prof",
-	"aaa",
-	"aca",
-	"acct",
-	"avocat",
-	"bar",
-	"cpa",
-	"eng",
-	"jur",
-	"law",
-	"med",
-	"recht",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"plo",
-	"sec",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"int",
-	"net",
-	"nome",
-	"org",
-	"publ",
-	"belau",
-	"co",
-	"ed",
-	"go",
-	"ne",
-	"or",
-	"com",
-	"coop",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"name",
-	"net",
-	"org",
-	"sch",
-	"asso",
-	"blogspot",
-	"com",
-	"nom",
-	"arts",
-	"blogspot",
-	"com",
-	"firm",
-	"info",
-	"nom",
-	"nt",
-	"org",
-	"rec",
-	"store",
-	"tm",
-	"www",
-	"ac",
-	"blogspot",
-	"co",
-	"edu",
-	"gov",
-	"in",
-	"org",
-	"ac",
-	"adygeya",
-	"altai",
-	"amur",
-	"amursk",
-	"arkhangelsk",
-	"astrakhan",
-	"baikal",
-	"bashkiria",
-	"belgorod",
-	"bir",
-	"blogspot",
-	"bryansk",
-	"buryatia",
-	"cbg",
-	"chel",
-	"chelyabinsk",
-	"chita",
-	"chukotka",
-	"chuvashia",
-	"cmw",
-	"com",
-	"dagestan",
-	"dudinka",
-	"e-burg",
-	"edu",
-	"fareast",
-	"gov",
-	"grozny",
-	"int",
-	"irkutsk",
-	"ivanovo",
-	"izhevsk",
-	"jamal",
-	"jar",
-	"joshkar-ola",
-	"k-uralsk",
-	"kalmykia",
-	"kaluga",
-	"kamchatka",
-	"karelia",
-	"kazan",
-	"kchr",
-	"kemerovo",
-	"khabarovsk",
-	"khakassia",
-	"khv",
-	"kirov",
-	"kms",
-	"koenig",
-	"komi",
-	"kostroma",
-	"krasnoyarsk",
-	"kuban",
-	"kurgan",
-	"kursk",
-	"kustanai",
-	"kuzbass",
-	"lipetsk",
-	"magadan",
-	"mari",
-	"mari-el",
-	"marine",
-	"mil",
-	"mordovia",
-	"msk",
-	"murmansk",
-	"mytis",
-	"nakhodka",
-	"nalchik",
-	"net",
-	"nkz",
-	"nnov",
-	"norilsk",
-	"nov",
-	"novosibirsk",
-	"nsk",
-	"omsk",
-	"orenburg",
-	"org",
-	"oryol",
-	"oskol",
-	"palana",
-	"penza",
-	"perm",
-	"pp",
-	"ptz",
-	"pyatigorsk",
-	"rnd",
-	"rubtsovsk",
-	"ryazan",
-	"sakhalin",
-	"samara",
-	"saratov",
-	"simbirsk",
-	"smolensk",
-	"snz",
-	"spb",
-	"stavropol",
-	"stv",
-	"surgut",
-	"syzran",
-	"tambov",
-	"tatarstan",
-	"test",
-	"tom",
-	"tomsk",
-	"tsaritsyn",
-	"tsk",
-	"tula",
-	"tuva",
-	"tver",
-	"tyumen",
-	"udm",
-	"udmurtia",
-	"ulan-ude",
-	"vdonsk",
-	"vladikavkaz",
-	"vladimir",
-	"vladivostok",
-	"volgograd",
-	"vologda",
-	"voronezh",
-	"vrn",
-	"vyatka",
-	"yakutia",
-	"yamal",
-	"yaroslavl",
-	"yekaterinburg",
-	"yuzhno-sakhalinsk",
-	"zgrad",
-	"ac",
-	"co",
-	"com",
-	"edu",
-	"gouv",
-	"gov",
-	"int",
-	"mil",
-	"net",
-	"com",
-	"edu",
-	"gov",
-	"med",
-	"net",
-	"org",
-	"pub",
-	"sch",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"info",
-	"med",
-	"net",
-	"org",
-	"tv",
-	"a",
-	"ac",
-	"b",
-	"bd",
-	"blogspot",
-	"brand",
-	"c",
-	"com",
-	"d",
-	"e",
-	"f",
-	"fh",
-	"fhsk",
-	"fhv",
-	"g",
-	"h",
-	"i",
-	"k",
-	"komforb",
-	"kommunalforbund",
-	"komvux",
-	"l",
-	"lanbib",
-	"m",
-	"n",
-	"naturbruksgymn",
-	"o",
-	"org",
-	"p",
-	"parti",
-	"pp",
-	"press",
-	"r",
-	"s",
-	"t",
-	"tm",
-	"u",
-	"w",
-	"x",
-	"y",
-	"z",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"per",
-	"com",
-	"gov",
-	"hashbang",
-	"mil",
-	"net",
-	"org",
-	"platform",
-	"blogspot",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"net",
-	"org",
-	"art",
-	"blogspot",
-	"com",
-	"edu",
-	"gouv",
-	"org",
-	"perso",
-	"univ",
-	"com",
-	"net",
-	"org",
-	"co",
-	"com",
-	"consulado",
-	"edu",
-	"embaixada",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"principe",
-	"saotome",
-	"store",
-	"adygeya",
-	"arkhangelsk",
-	"balashov",
-	"bashkiria",
-	"bryansk",
-	"dagestan",
-	"grozny",
-	"ivanovo",
-	"kalmykia",
-	"kaluga",
-	"karelia",
-	"khakassia",
-	"krasnodar",
-	"kurgan",
-	"lenug",
-	"mordovia",
-	"msk",
-	"murmansk",
-	"nalchik",
-	"nov",
-	"obninsk",
-	"penza",
-	"pokrovsk",
-	"sochi",
-	"spb",
-	"togliatti",
-	"troitsk",
-	"tula",
-	"tuva",
-	"vladikavkaz",
-	"vladimir",
-	"vologda",
-	"com",
-	"edu",
-	"gob",
-	"org",
-	"red",
-	"gov",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"ac",
-	"co",
-	"org",
-	"blogspot",
-	"ac",
-	"co",
-	"go",
-	"in",
-	"mi",
-	"net",
-	"or",
-	"ac",
-	"biz",
-	"co",
-	"com",
-	"edu",
-	"go",
-	"gov",
-	"int",
-	"mil",
-	"name",
-	"net",
-	"nic",
-	"org",
-	"test",
-	"web",
-	"gov",
-	"co",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"nom",
-	"org",
-	"agrinet",
-	"com",
-	"defense",
-	"edunet",
-	"ens",
-	"fin",
-	"gov",
-	"ind",
-	"info",
-	"intl",
-	"mincom",
-	"nat",
-	"net",
-	"org",
-	"perso",
-	"rnrt",
-	"rns",
-	"rnu",
-	"tourism",
-	"turen",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"av",
-	"bbs",
-	"bel",
-	"biz",
-	"com",
-	"dr",
-	"edu",
-	"gen",
-	"gov",
-	"info",
-	"k12",
-	"kep",
-	"mil",
-	"name",
-	"nc",
-	"net",
-	"org",
-	"pol",
-	"tel",
-	"tv",
-	"web",
-	"blogspot",
-	"gov",
-	"aero",
-	"biz",
-	"co",
-	"com",
-	"coop",
-	"edu",
-	"gov",
-	"info",
-	"int",
-	"jobs",
-	"mobi",
-	"museum",
-	"name",
-	"net",
-	"org",
-	"pro",
-	"travel",
-	"better-than",
-	"dyndns",
-	"on-the-web",
-	"worse-than",
-	"blogspot",
-	"club",
-	"com",
-	"ebiz",
-	"edu",
-	"game",
-	"gov",
-	"idv",
-	"mil",
-	"net",
-	"org",
-	"xn--czrw28b",
-	"xn--uc0atv",
-	"xn--zf0ao64a",
-	"ac",
-	"co",
-	"go",
-	"hotel",
-	"info",
-	"me",
-	"mil",
-	"mobi",
-	"ne",
-	"or",
-	"sc",
-	"tv",
-	"biz",
-	"cherkassy",
-	"cherkasy",
-	"chernigov",
-	"chernihiv",
-	"chernivtsi",
-	"chernovtsy",
-	"ck",
-	"cn",
-	"co",
-	"com",
-	"cr",
-	"crimea",
-	"cv",
-	"dn",
-	"dnepropetrovsk",
-	"dnipropetrovsk",
-	"dominic",
-	"donetsk",
-	"dp",
-	"edu",
-	"gov",
-	"if",
-	"in",
-	"ivano-frankivsk",
-	"kh",
-	"kharkiv",
-	"kharkov",
-	"kherson",
-	"khmelnitskiy",
-	"khmelnytskyi",
-	"kiev",
-	"kirovograd",
-	"km",
-	"kr",
-	"krym",
-	"ks",
-	"kv",
-	"kyiv",
-	"lg",
-	"lt",
-	"lugansk",
-	"lutsk",
-	"lv",
-	"lviv",
-	"mk",
-	"mykolaiv",
-	"net",
-	"nikolaev",
-	"od",
-	"odesa",
-	"odessa",
-	"org",
-	"pl",
-	"poltava",
-	"pp",
-	"rivne",
-	"rovno",
-	"rv",
-	"sb",
-	"sebastopol",
-	"sevastopol",
-	"sm",
-	"sumy",
-	"te",
-	"ternopil",
-	"uz",
-	"uzhgorod",
-	"vinnica",
-	"vinnytsia",
-	"vn",
-	"volyn",
-	"yalta",
-	"zaporizhzhe",
-	"zaporizhzhia",
-	"zhitomir",
-	"zhytomyr",
-	"zp",
-	"zt",
-	"ac",
-	"blogspot",
-	"co",
-	"com",
-	"go",
-	"ne",
-	"or",
-	"org",
-	"sc",
-	"ac",
-	"co",
-	"gov",
-	"ltd",
-	"me",
-	"net",
-	"nhs",
-	"org",
-	"plc",
-	"police",
-	"sch",
-	"blogspot",
-	"service",
-	"ak",
-	"al",
-	"ar",
-	"as",
-	"az",
-	"ca",
-	"co",
-	"ct",
-	"dc",
-	"de",
-	"dni",
-	"fed",
-	"fl",
-	"ga",
-	"gu",
-	"hi",
-	"ia",
-	"id",
-	"il",
-	"in",
-	"is-by",
-	"isa",
-	"kids",
-	"ks",
-	"ky",
-	"la",
-	"land-4-sale",
-	"ma",
-	"md",
-	"me",
-	"mi",
-	"mn",
-	"mo",
-	"ms",
-	"mt",
-	"nc",
-	"nd",
-	"ne",
-	"nh",
-	"nj",
-	"nm",
-	"nsn",
-	"nv",
-	"ny",
-	"oh",
-	"ok",
-	"or",
-	"pa",
-	"pr",
-	"ri",
-	"sc",
-	"sd",
-	"stuff-4-sale",
-	"tn",
-	"tx",
-	"ut",
-	"va",
-	"vi",
-	"vt",
-	"wa",
-	"wi",
-	"wv",
-	"wy",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"chtr",
-	"paroch",
-	"pvt",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"k12",
-	"lib",
-	"cc",
-	"cc",
-	"k12",
-	"lib",
-	"com",
-	"edu",
-	"gub",
-	"mil",
-	"net",
-	"org",
-	"blogspot",
-	"co",
-	"com",
-	"net",
-	"org",
-	"com",
-	"edu",
-	"gov",
-	"mil",
-	"net",
-	"org",
-	"arts",
-	"co",
-	"com",
-	"e12",
-	"edu",
-	"firm",
-	"gob",
-	"gov",
-	"info",
-	"int",
-	"mil",
-	"net",
-	"org",
-	"rec",
-	"store",
-	"tec",
-	"web",
-	"co",
-	"com",
-	"k12",
-	"net",
-	"org",
-	"ac",
-	"biz",
-	"blogspot",
-	"com",
-	"edu",
-	"gov",
-	"health",
-	"info",
-	"int",
-	"name",
-	"net",
-	"org",
-	"pro",
-	"com",
-	"edu",
-	"net",
-	"org",
-	"com",
-	"dyndns",
-	"edu",
-	"gov",
-	"mypets",
-	"net",
-	"org",
-	"xn--80au",
-	"xn--90azh",
-	"xn--c1avg",
-	"xn--d1at",
-	"xn--o1ac",
-	"xn--o1ach",
-	"ac",
-	"agric",
-	"alt",
-	"co",
-	"edu",
-	"gov",
-	"grondar",
-	"law",
-	"mil",
-	"net",
-	"ngo",
-	"nis",
-	"nom",
-	"org",
-	"school",
-	"tm",
-	"web",
-	"blogspot",
-}
diff --git a/vendor/golang.org/x/net/trace/events.go b/vendor/golang.org/x/net/trace/events.go
deleted file mode 100644
index e66c7e32..00000000
--- a/vendor/golang.org/x/net/trace/events.go
+++ /dev/null
@@ -1,524 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package trace
-
-import (
-	"bytes"
-	"fmt"
-	"html/template"
-	"io"
-	"log"
-	"net/http"
-	"runtime"
-	"sort"
-	"strconv"
-	"strings"
-	"sync"
-	"sync/atomic"
-	"text/tabwriter"
-	"time"
-)
-
-var eventsTmpl = template.Must(template.New("events").Funcs(template.FuncMap{
-	"elapsed":   elapsed,
-	"trimSpace": strings.TrimSpace,
-}).Parse(eventsHTML))
-
-const maxEventsPerLog = 100
-
-type bucket struct {
-	MaxErrAge time.Duration
-	String    string
-}
-
-var buckets = []bucket{
-	{0, "total"},
-	{10 * time.Second, "errs<10s"},
-	{1 * time.Minute, "errs<1m"},
-	{10 * time.Minute, "errs<10m"},
-	{1 * time.Hour, "errs<1h"},
-	{10 * time.Hour, "errs<10h"},
-	{24000 * time.Hour, "errors"},
-}
-
-// RenderEvents renders the HTML page typically served at /debug/events.
-// It does not do any auth checking; see AuthRequest for the default auth check
-// used by the handler registered on http.DefaultServeMux.
-// req may be nil.
-func RenderEvents(w http.ResponseWriter, req *http.Request, sensitive bool) {
-	now := time.Now()
-	data := &struct {
-		Families []string // family names
-		Buckets  []bucket
-		Counts   [][]int // eventLog count per family/bucket
-
-		// Set when a bucket has been selected.
-		Family    string
-		Bucket    int
-		EventLogs eventLogs
-		Expanded  bool
-	}{
-		Buckets: buckets,
-	}
-
-	data.Families = make([]string, 0, len(families))
-	famMu.RLock()
-	for name := range families {
-		data.Families = append(data.Families, name)
-	}
-	famMu.RUnlock()
-	sort.Strings(data.Families)
-
-	// Count the number of eventLogs in each family for each error age.
-	data.Counts = make([][]int, len(data.Families))
-	for i, name := range data.Families {
-		// TODO(sameer): move this loop under the family lock.
-		f := getEventFamily(name)
-		data.Counts[i] = make([]int, len(data.Buckets))
-		for j, b := range data.Buckets {
-			data.Counts[i][j] = f.Count(now, b.MaxErrAge)
-		}
-	}
-
-	if req != nil {
-		var ok bool
-		data.Family, data.Bucket, ok = parseEventsArgs(req)
-		if !ok {
-			// No-op
-		} else {
-			data.EventLogs = getEventFamily(data.Family).Copy(now, buckets[data.Bucket].MaxErrAge)
-		}
-		if data.EventLogs != nil {
-			defer data.EventLogs.Free()
-			sort.Sort(data.EventLogs)
-		}
-		if exp, err := strconv.ParseBool(req.FormValue("exp")); err == nil {
-			data.Expanded = exp
-		}
-	}
-
-	famMu.RLock()
-	defer famMu.RUnlock()
-	if err := eventsTmpl.Execute(w, data); err != nil {
-		log.Printf("net/trace: Failed executing template: %v", err)
-	}
-}
-
-func parseEventsArgs(req *http.Request) (fam string, b int, ok bool) {
-	fam, bStr := req.FormValue("fam"), req.FormValue("b")
-	if fam == "" || bStr == "" {
-		return "", 0, false
-	}
-	b, err := strconv.Atoi(bStr)
-	if err != nil || b < 0 || b >= len(buckets) {
-		return "", 0, false
-	}
-	return fam, b, true
-}
-
-// An EventLog provides a log of events associated with a specific object.
-type EventLog interface {
-	// Printf formats its arguments with fmt.Sprintf and adds the
-	// result to the event log.
-	Printf(format string, a ...interface{})
-
-	// Errorf is like Printf, but it marks this event as an error.
-	Errorf(format string, a ...interface{})
-
-	// Finish declares that this event log is complete.
-	// The event log should not be used after calling this method.
-	Finish()
-}
-
-// NewEventLog returns a new EventLog with the specified family name
-// and title.
-func NewEventLog(family, title string) EventLog {
-	el := newEventLog()
-	el.ref()
-	el.Family, el.Title = family, title
-	el.Start = time.Now()
-	el.events = make([]logEntry, 0, maxEventsPerLog)
-	el.stack = make([]uintptr, 32)
-	n := runtime.Callers(2, el.stack)
-	el.stack = el.stack[:n]
-
-	getEventFamily(family).add(el)
-	return el
-}
-
-func (el *eventLog) Finish() {
-	getEventFamily(el.Family).remove(el)
-	el.unref() // matches ref in New
-}
-
-var (
-	famMu    sync.RWMutex
-	families = make(map[string]*eventFamily) // family name => family
-)
-
-func getEventFamily(fam string) *eventFamily {
-	famMu.Lock()
-	defer famMu.Unlock()
-	f := families[fam]
-	if f == nil {
-		f = &eventFamily{}
-		families[fam] = f
-	}
-	return f
-}
-
-type eventFamily struct {
-	mu        sync.RWMutex
-	eventLogs eventLogs
-}
-
-func (f *eventFamily) add(el *eventLog) {
-	f.mu.Lock()
-	f.eventLogs = append(f.eventLogs, el)
-	f.mu.Unlock()
-}
-
-func (f *eventFamily) remove(el *eventLog) {
-	f.mu.Lock()
-	defer f.mu.Unlock()
-	for i, el0 := range f.eventLogs {
-		if el == el0 {
-			copy(f.eventLogs[i:], f.eventLogs[i+1:])
-			f.eventLogs = f.eventLogs[:len(f.eventLogs)-1]
-			return
-		}
-	}
-}
-
-func (f *eventFamily) Count(now time.Time, maxErrAge time.Duration) (n int) {
-	f.mu.RLock()
-	defer f.mu.RUnlock()
-	for _, el := range f.eventLogs {
-		if el.hasRecentError(now, maxErrAge) {
-			n++
-		}
-	}
-	return
-}
-
-func (f *eventFamily) Copy(now time.Time, maxErrAge time.Duration) (els eventLogs) {
-	f.mu.RLock()
-	defer f.mu.RUnlock()
-	els = make(eventLogs, 0, len(f.eventLogs))
-	for _, el := range f.eventLogs {
-		if el.hasRecentError(now, maxErrAge) {
-			el.ref()
-			els = append(els, el)
-		}
-	}
-	return
-}
-
-type eventLogs []*eventLog
-
-// Free calls unref on each element of the list.
-func (els eventLogs) Free() {
-	for _, el := range els {
-		el.unref()
-	}
-}
-
-// eventLogs may be sorted in reverse chronological order.
-func (els eventLogs) Len() int           { return len(els) }
-func (els eventLogs) Less(i, j int) bool { return els[i].Start.After(els[j].Start) }
-func (els eventLogs) Swap(i, j int)      { els[i], els[j] = els[j], els[i] }
-
-// A logEntry is a timestamped log entry in an event log.
-type logEntry struct {
-	When    time.Time
-	Elapsed time.Duration // since previous event in log
-	NewDay  bool          // whether this event is on a different day to the previous event
-	What    string
-	IsErr   bool
-}
-
-// WhenString returns a string representation of the elapsed time of the event.
-// It will include the date if midnight was crossed.
-func (e logEntry) WhenString() string {
-	if e.NewDay {
-		return e.When.Format("2006/01/02 15:04:05.000000")
-	}
-	return e.When.Format("15:04:05.000000")
-}
-
-// An eventLog represents an active event log.
-type eventLog struct {
-	// Family is the top-level grouping of event logs to which this belongs.
-	Family string
-
-	// Title is the title of this event log.
-	Title string
-
-	// Timing information.
-	Start time.Time
-
-	// Call stack where this event log was created.
-	stack []uintptr
-
-	// Append-only sequence of events.
-	//
-	// TODO(sameer): change this to a ring buffer to avoid the array copy
-	// when we hit maxEventsPerLog.
-	mu            sync.RWMutex
-	events        []logEntry
-	LastErrorTime time.Time
-	discarded     int
-
-	refs int32 // how many buckets this is in
-}
-
-func (el *eventLog) reset() {
-	// Clear all but the mutex. Mutexes may not be copied, even when unlocked.
-	el.Family = ""
-	el.Title = ""
-	el.Start = time.Time{}
-	el.stack = nil
-	el.events = nil
-	el.LastErrorTime = time.Time{}
-	el.discarded = 0
-	el.refs = 0
-}
-
-func (el *eventLog) hasRecentError(now time.Time, maxErrAge time.Duration) bool {
-	if maxErrAge == 0 {
-		return true
-	}
-	el.mu.RLock()
-	defer el.mu.RUnlock()
-	return now.Sub(el.LastErrorTime) < maxErrAge
-}
-
-// delta returns the elapsed time since the last event or the log start,
-// and whether it spans midnight.
-// L >= el.mu
-func (el *eventLog) delta(t time.Time) (time.Duration, bool) {
-	if len(el.events) == 0 {
-		return t.Sub(el.Start), false
-	}
-	prev := el.events[len(el.events)-1].When
-	return t.Sub(prev), prev.Day() != t.Day()
-
-}
-
-func (el *eventLog) Printf(format string, a ...interface{}) {
-	el.printf(false, format, a...)
-}
-
-func (el *eventLog) Errorf(format string, a ...interface{}) {
-	el.printf(true, format, a...)
-}
-
-func (el *eventLog) printf(isErr bool, format string, a ...interface{}) {
-	e := logEntry{When: time.Now(), IsErr: isErr, What: fmt.Sprintf(format, a...)}
-	el.mu.Lock()
-	e.Elapsed, e.NewDay = el.delta(e.When)
-	if len(el.events) < maxEventsPerLog {
-		el.events = append(el.events, e)
-	} else {
-		// Discard the oldest event.
-		if el.discarded == 0 {
-			// el.discarded starts at two to count for the event it
-			// is replacing, plus the next one that we are about to
-			// drop.
-			el.discarded = 2
-		} else {
-			el.discarded++
-		}
-		// TODO(sameer): if this causes allocations on a critical path,
-		// change eventLog.What to be a fmt.Stringer, as in trace.go.
-		el.events[0].What = fmt.Sprintf("(%d events discarded)", el.discarded)
-		// The timestamp of the discarded meta-event should be
-		// the time of the last event it is representing.
-		el.events[0].When = el.events[1].When
-		copy(el.events[1:], el.events[2:])
-		el.events[maxEventsPerLog-1] = e
-	}
-	if e.IsErr {
-		el.LastErrorTime = e.When
-	}
-	el.mu.Unlock()
-}
-
-func (el *eventLog) ref() {
-	atomic.AddInt32(&el.refs, 1)
-}
-
-func (el *eventLog) unref() {
-	if atomic.AddInt32(&el.refs, -1) == 0 {
-		freeEventLog(el)
-	}
-}
-
-func (el *eventLog) When() string {
-	return el.Start.Format("2006/01/02 15:04:05.000000")
-}
-
-func (el *eventLog) ElapsedTime() string {
-	elapsed := time.Since(el.Start)
-	return fmt.Sprintf("%.6f", elapsed.Seconds())
-}
-
-func (el *eventLog) Stack() string {
-	buf := new(bytes.Buffer)
-	tw := tabwriter.NewWriter(buf, 1, 8, 1, '\t', 0)
-	printStackRecord(tw, el.stack)
-	tw.Flush()
-	return buf.String()
-}
-
-// printStackRecord prints the function + source line information
-// for a single stack trace.
-// Adapted from runtime/pprof/pprof.go.
-func printStackRecord(w io.Writer, stk []uintptr) {
-	for _, pc := range stk {
-		f := runtime.FuncForPC(pc)
-		if f == nil {
-			continue
-		}
-		file, line := f.FileLine(pc)
-		name := f.Name()
-		// Hide runtime.goexit and any runtime functions at the beginning.
-		if strings.HasPrefix(name, "runtime.") {
-			continue
-		}
-		fmt.Fprintf(w, "#   %s\t%s:%d\n", name, file, line)
-	}
-}
-
-func (el *eventLog) Events() []logEntry {
-	el.mu.RLock()
-	defer el.mu.RUnlock()
-	return el.events
-}
-
-// freeEventLogs is a freelist of *eventLog
-var freeEventLogs = make(chan *eventLog, 1000)
-
-// newEventLog returns a event log ready to use.
-func newEventLog() *eventLog {
-	select {
-	case el := <-freeEventLogs:
-		return el
-	default:
-		return new(eventLog)
-	}
-}
-
-// freeEventLog adds el to freeEventLogs if there's room.
-// This is non-blocking.
-func freeEventLog(el *eventLog) {
-	el.reset()
-	select {
-	case freeEventLogs <- el:
-	default:
-	}
-}
-
-const eventsHTML = `
-
-	
-		events
-	
-	
-	
-
-
    /debug/events
    
-
-
    • 
-	{{range $i, $fam := .Families}}
-	
-		
-
-	        {{range $j, $bucket := $.Buckets}}
-	        {{$n := index $.Counts $i $j}}
-		
-                {{end}}
-
-	{{end}}
-
    {{$fam}}
-	                {{if $n}}{{end}}
-		        [{{$n}} {{$bucket.String}}]
-			{{if $n}}{{end}}
-		
    
-
-{{if $.EventLogs}}
-
    
-
    Family: {{$.Family}}
    
-
-{{if $.Expanded}}{{end}}
-[Summary]{{if $.Expanded}}{{end}}
-
-{{if not $.Expanded}}{{end}}
-[Expanded]{{if not $.Expanded}}{{end}}
-
-
-	
-	{{range $el := $.EventLogs}}
-	
-		
-		
-		
-	{{if $.Expanded}}
-	
-		
-		
-		
-	
-	{{range $el.Events}}
-	
-		
-		
-		
-	
-	{{end}}
-	{{end}}
-	{{end}}
-
    WhenElapsed
    {{$el.When}}{{$el.ElapsedTime}}{{$el.Title}}
-	
    {{$el.Stack|trimSpace}}
    {{.WhenString}}{{elapsed .Elapsed}}.{{if .IsErr}}E{{else}}.{{end}}. {{.What}}
    
-{{end}}
-	
-
-`
diff --git a/vendor/golang.org/x/net/trace/histogram.go b/vendor/golang.org/x/net/trace/histogram.go
deleted file mode 100644
index bb42aa53..00000000
--- a/vendor/golang.org/x/net/trace/histogram.go
+++ /dev/null
@@ -1,356 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package trace
-
-// This file implements histogramming for RPC statistics collection.
-
-import (
-	"bytes"
-	"fmt"
-	"html/template"
-	"log"
-	"math"
-
-	"golang.org/x/net/internal/timeseries"
-)
-
-const (
-	bucketCount = 38
-)
-
-// histogram keeps counts of values in buckets that are spaced
-// out in powers of 2: 0-1, 2-3, 4-7...
-// histogram implements timeseries.Observable
-type histogram struct {
-	sum          int64   // running total of measurements
-	sumOfSquares float64 // square of running total
-	buckets      []int64 // bucketed values for histogram
-	value        int     // holds a single value as an optimization
-	valueCount   int64   // number of values recorded for single value
-}
-
-// AddMeasurement records a value measurement observation to the histogram.
-func (h *histogram) addMeasurement(value int64) {
-	// TODO: assert invariant
-	h.sum += value
-	h.sumOfSquares += float64(value) * float64(value)
-
-	bucketIndex := getBucket(value)
-
-	if h.valueCount == 0 || (h.valueCount > 0 && h.value == bucketIndex) {
-		h.value = bucketIndex
-		h.valueCount++
-	} else {
-		h.allocateBuckets()
-		h.buckets[bucketIndex]++
-	}
-}
-
-func (h *histogram) allocateBuckets() {
-	if h.buckets == nil {
-		h.buckets = make([]int64, bucketCount)
-		h.buckets[h.value] = h.valueCount
-		h.value = 0
-		h.valueCount = -1
-	}
-}
-
-func log2(i int64) int {
-	n := 0
-	for ; i >= 0x100; i >>= 8 {
-		n += 8
-	}
-	for ; i > 0; i >>= 1 {
-		n += 1
-	}
-	return n
-}
-
-func getBucket(i int64) (index int) {
-	index = log2(i) - 1
-	if index < 0 {
-		index = 0
-	}
-	if index >= bucketCount {
-		index = bucketCount - 1
-	}
-	return
-}
-
-// Total returns the number of recorded observations.
-func (h *histogram) total() (total int64) {
-	if h.valueCount >= 0 {
-		total = h.valueCount
-	}
-	for _, val := range h.buckets {
-		total += int64(val)
-	}
-	return
-}
-
-// Average returns the average value of recorded observations.
-func (h *histogram) average() float64 {
-	t := h.total()
-	if t == 0 {
-		return 0
-	}
-	return float64(h.sum) / float64(t)
-}
-
-// Variance returns the variance of recorded observations.
-func (h *histogram) variance() float64 {
-	t := float64(h.total())
-	if t == 0 {
-		return 0
-	}
-	s := float64(h.sum) / t
-	return h.sumOfSquares/t - s*s
-}
-
-// StandardDeviation returns the standard deviation of recorded observations.
-func (h *histogram) standardDeviation() float64 {
-	return math.Sqrt(h.variance())
-}
-
-// PercentileBoundary estimates the value that the given fraction of recorded
-// observations are less than.
-func (h *histogram) percentileBoundary(percentile float64) int64 {
-	total := h.total()
-
-	// Corner cases (make sure result is strictly less than Total())
-	if total == 0 {
-		return 0
-	} else if total == 1 {
-		return int64(h.average())
-	}
-
-	percentOfTotal := round(float64(total) * percentile)
-	var runningTotal int64
-
-	for i := range h.buckets {
-		value := h.buckets[i]
-		runningTotal += value
-		if runningTotal == percentOfTotal {
-			// We hit an exact bucket boundary. If the next bucket has data, it is a
-			// good estimate of the value. If the bucket is empty, we interpolate the
-			// midpoint between the next bucket's boundary and the next non-zero
-			// bucket. If the remaining buckets are all empty, then we use the
-			// boundary for the next bucket as the estimate.
-			j := uint8(i + 1)
-			min := bucketBoundary(j)
-			if runningTotal < total {
-				for h.buckets[j] == 0 {
-					j++
-				}
-			}
-			max := bucketBoundary(j)
-			return min + round(float64(max-min)/2)
-		} else if runningTotal > percentOfTotal {
-			// The value is in this bucket. Interpolate the value.
-			delta := runningTotal - percentOfTotal
-			percentBucket := float64(value-delta) / float64(value)
-			bucketMin := bucketBoundary(uint8(i))
-			nextBucketMin := bucketBoundary(uint8(i + 1))
-			bucketSize := nextBucketMin - bucketMin
-			return bucketMin + round(percentBucket*float64(bucketSize))
-		}
-	}
-	return bucketBoundary(bucketCount - 1)
-}
-
-// Median returns the estimated median of the observed values.
-func (h *histogram) median() int64 {
-	return h.percentileBoundary(0.5)
-}
-
-// Add adds other to h.
-func (h *histogram) Add(other timeseries.Observable) {
-	o := other.(*histogram)
-	if o.valueCount == 0 {
-		// Other histogram is empty
-	} else if h.valueCount >= 0 && o.valueCount > 0 && h.value == o.value {
-		// Both have a single bucketed value, aggregate them
-		h.valueCount += o.valueCount
-	} else {
-		// Two different values necessitate buckets in this histogram
-		h.allocateBuckets()
-		if o.valueCount >= 0 {
-			h.buckets[o.value] += o.valueCount
-		} else {
-			for i := range h.buckets {
-				h.buckets[i] += o.buckets[i]
-			}
-		}
-	}
-	h.sumOfSquares += o.sumOfSquares
-	h.sum += o.sum
-}
-
-// Clear resets the histogram to an empty state, removing all observed values.
-func (h *histogram) Clear() {
-	h.buckets = nil
-	h.value = 0
-	h.valueCount = 0
-	h.sum = 0
-	h.sumOfSquares = 0
-}
-
-// CopyFrom copies from other, which must be a *histogram, into h.
-func (h *histogram) CopyFrom(other timeseries.Observable) {
-	o := other.(*histogram)
-	if o.valueCount == -1 {
-		h.allocateBuckets()
-		copy(h.buckets, o.buckets)
-	}
-	h.sum = o.sum
-	h.sumOfSquares = o.sumOfSquares
-	h.value = o.value
-	h.valueCount = o.valueCount
-}
-
-// Multiply scales the histogram by the specified ratio.
-func (h *histogram) Multiply(ratio float64) {
-	if h.valueCount == -1 {
-		for i := range h.buckets {
-			h.buckets[i] = int64(float64(h.buckets[i]) * ratio)
-		}
-	} else {
-		h.valueCount = int64(float64(h.valueCount) * ratio)
-	}
-	h.sum = int64(float64(h.sum) * ratio)
-	h.sumOfSquares = h.sumOfSquares * ratio
-}
-
-// New creates a new histogram.
-func (h *histogram) New() timeseries.Observable {
-	r := new(histogram)
-	r.Clear()
-	return r
-}
-
-func (h *histogram) String() string {
-	return fmt.Sprintf("%d, %f, %d, %d, %v",
-		h.sum, h.sumOfSquares, h.value, h.valueCount, h.buckets)
-}
-
-// round returns the closest int64 to the argument
-func round(in float64) int64 {
-	return int64(math.Floor(in + 0.5))
-}
-
-// bucketBoundary returns the first value in the bucket.
-func bucketBoundary(bucket uint8) int64 {
-	if bucket == 0 {
-		return 0
-	}
-	return 1 << bucket
-}
-
-// bucketData holds data about a specific bucket for use in distTmpl.
-type bucketData struct {
-	Lower, Upper       int64
-	N                  int64
-	Pct, CumulativePct float64
-	GraphWidth         int
-}
-
-// data holds data about a Distribution for use in distTmpl.
-type data struct {
-	Buckets                 []*bucketData
-	Count, Median           int64
-	Mean, StandardDeviation float64
-}
-
-// maxHTMLBarWidth is the maximum width of the HTML bar for visualizing buckets.
-const maxHTMLBarWidth = 350.0
-
-// newData returns data representing h for use in distTmpl.
-func (h *histogram) newData() *data {
-	// Force the allocation of buckets to simplify the rendering implementation
-	h.allocateBuckets()
-	// We scale the bars on the right so that the largest bar is
-	// maxHTMLBarWidth pixels in width.
-	maxBucket := int64(0)
-	for _, n := range h.buckets {
-		if n > maxBucket {
-			maxBucket = n
-		}
-	}
-	total := h.total()
-	barsizeMult := maxHTMLBarWidth / float64(maxBucket)
-	var pctMult float64
-	if total == 0 {
-		pctMult = 1.0
-	} else {
-		pctMult = 100.0 / float64(total)
-	}
-
-	buckets := make([]*bucketData, len(h.buckets))
-	runningTotal := int64(0)
-	for i, n := range h.buckets {
-		if n == 0 {
-			continue
-		}
-		runningTotal += n
-		var upperBound int64
-		if i < bucketCount-1 {
-			upperBound = bucketBoundary(uint8(i + 1))
-		} else {
-			upperBound = math.MaxInt64
-		}
-		buckets[i] = &bucketData{
-			Lower:         bucketBoundary(uint8(i)),
-			Upper:         upperBound,
-			N:             n,
-			Pct:           float64(n) * pctMult,
-			CumulativePct: float64(runningTotal) * pctMult,
-			GraphWidth:    int(float64(n) * barsizeMult),
-		}
-	}
-	return &data{
-		Buckets:           buckets,
-		Count:             total,
-		Median:            h.median(),
-		Mean:              h.average(),
-		StandardDeviation: h.standardDeviation(),
-	}
-}
-
-func (h *histogram) html() template.HTML {
-	buf := new(bytes.Buffer)
-	if err := distTmpl.Execute(buf, h.newData()); err != nil {
-		buf.Reset()
-		log.Printf("net/trace: couldn't execute template: %v", err)
-	}
-	return template.HTML(buf.String())
-}
-
-// Input: data
-var distTmpl = template.Must(template.New("distTmpl").Parse(`
-
-
-    
-    
-    
-    
-
-
    Count: {{.Count}}Mean: {{printf "%.0f" .Mean}}StdDev: {{printf "%.0f" .StandardDeviation}}Median: {{.Median}}
    
-
    
-
-{{range $b := .Buckets}}
-{{if $b}}
-  
-    
-    
-    
-    
-    
-    
-    
-  
-{{end}}
-{{end}}
-
    [{{.Lower}},{{.Upper}}){{.N}}{{printf "%#.3f" .Pct}}%{{printf "%#.3f" .CumulativePct}}%
    
-`))
diff --git a/vendor/golang.org/x/net/trace/histogram_test.go b/vendor/golang.org/x/net/trace/histogram_test.go
deleted file mode 100644
index d384b933..00000000
--- a/vendor/golang.org/x/net/trace/histogram_test.go
+++ /dev/null
@@ -1,325 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package trace
-
-import (
-	"math"
-	"testing"
-)
-
-type sumTest struct {
-	value        int64
-	sum          int64
-	sumOfSquares float64
-	total        int64
-}
-
-var sumTests = []sumTest{
-	{100, 100, 10000, 1},
-	{50, 150, 12500, 2},
-	{50, 200, 15000, 3},
-	{50, 250, 17500, 4},
-}
-
-type bucketingTest struct {
-	in     int64
-	log    int
-	bucket int
-}
-
-var bucketingTests = []bucketingTest{
-	{0, 0, 0},
-	{1, 1, 0},
-	{2, 2, 1},
-	{3, 2, 1},
-	{4, 3, 2},
-	{1000, 10, 9},
-	{1023, 10, 9},
-	{1024, 11, 10},
-	{1000000, 20, 19},
-}
-
-type multiplyTest struct {
-	in                   int64
-	ratio                float64
-	expectedSum          int64
-	expectedTotal        int64
-	expectedSumOfSquares float64
-}
-
-var multiplyTests = []multiplyTest{
-	{15, 2.5, 37, 2, 562.5},
-	{128, 4.6, 758, 13, 77953.9},
-}
-
-type percentileTest struct {
-	fraction float64
-	expected int64
-}
-
-var percentileTests = []percentileTest{
-	{0.25, 48},
-	{0.5, 96},
-	{0.6, 109},
-	{0.75, 128},
-	{0.90, 205},
-	{0.95, 230},
-	{0.99, 256},
-}
-
-func TestSum(t *testing.T) {
-	var h histogram
-
-	for _, test := range sumTests {
-		h.addMeasurement(test.value)
-		sum := h.sum
-		if sum != test.sum {
-			t.Errorf("h.Sum = %v WANT: %v", sum, test.sum)
-		}
-
-		sumOfSquares := h.sumOfSquares
-		if sumOfSquares != test.sumOfSquares {
-			t.Errorf("h.SumOfSquares = %v WANT: %v", sumOfSquares, test.sumOfSquares)
-		}
-
-		total := h.total()
-		if total != test.total {
-			t.Errorf("h.Total = %v WANT: %v", total, test.total)
-		}
-	}
-}
-
-func TestMultiply(t *testing.T) {
-	var h histogram
-	for i, test := range multiplyTests {
-		h.addMeasurement(test.in)
-		h.Multiply(test.ratio)
-		if h.sum != test.expectedSum {
-			t.Errorf("#%v: h.sum = %v WANT: %v", i, h.sum, test.expectedSum)
-		}
-		if h.total() != test.expectedTotal {
-			t.Errorf("#%v: h.total = %v WANT: %v", i, h.total(), test.expectedTotal)
-		}
-		if h.sumOfSquares != test.expectedSumOfSquares {
-			t.Errorf("#%v: h.SumOfSquares = %v WANT: %v", i, test.expectedSumOfSquares, h.sumOfSquares)
-		}
-	}
-}
-
-func TestBucketingFunctions(t *testing.T) {
-	for _, test := range bucketingTests {
-		log := log2(test.in)
-		if log != test.log {
-			t.Errorf("log2 = %v WANT: %v", log, test.log)
-		}
-
-		bucket := getBucket(test.in)
-		if bucket != test.bucket {
-			t.Errorf("getBucket = %v WANT: %v", bucket, test.bucket)
-		}
-	}
-}
-
-func TestAverage(t *testing.T) {
-	a := new(histogram)
-	average := a.average()
-	if average != 0 {
-		t.Errorf("Average of empty histogram was %v WANT: 0", average)
-	}
-
-	a.addMeasurement(1)
-	a.addMeasurement(1)
-	a.addMeasurement(3)
-	const expected = float64(5) / float64(3)
-	average = a.average()
-
-	if !isApproximate(average, expected) {
-		t.Errorf("Average = %g WANT: %v", average, expected)
-	}
-}
-
-func TestStandardDeviation(t *testing.T) {
-	a := new(histogram)
-	add(a, 10, 1<<4)
-	add(a, 10, 1<<5)
-	add(a, 10, 1<<6)
-	stdDev := a.standardDeviation()
-	const expected = 19.95
-
-	if !isApproximate(stdDev, expected) {
-		t.Errorf("StandardDeviation = %v WANT: %v", stdDev, expected)
-	}
-
-	// No values
-	a = new(histogram)
-	stdDev = a.standardDeviation()
-
-	if !isApproximate(stdDev, 0) {
-		t.Errorf("StandardDeviation = %v WANT: 0", stdDev)
-	}
-
-	add(a, 1, 1<<4)
-	if !isApproximate(stdDev, 0) {
-		t.Errorf("StandardDeviation = %v WANT: 0", stdDev)
-	}
-
-	add(a, 10, 1<<4)
-	if !isApproximate(stdDev, 0) {
-		t.Errorf("StandardDeviation = %v WANT: 0", stdDev)
-	}
-}
-
-func TestPercentileBoundary(t *testing.T) {
-	a := new(histogram)
-	add(a, 5, 1<<4)
-	add(a, 10, 1<<6)
-	add(a, 5, 1<<7)
-
-	for _, test := range percentileTests {
-		percentile := a.percentileBoundary(test.fraction)
-		if percentile != test.expected {
-			t.Errorf("h.PercentileBoundary (fraction=%v) = %v WANT: %v", test.fraction, percentile, test.expected)
-		}
-	}
-}
-
-func TestCopyFrom(t *testing.T) {
-	a := histogram{5, 25, []int64{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
-		19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38}, 4, -1}
-	b := histogram{6, 36, []int64{2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19,
-		20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39}, 5, -1}
-
-	a.CopyFrom(&b)
-
-	if a.String() != b.String() {
-		t.Errorf("a.String = %s WANT: %s", a.String(), b.String())
-	}
-}
-
-func TestClear(t *testing.T) {
-	a := histogram{5, 25, []int64{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
-		19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38}, 4, -1}
-
-	a.Clear()
-
-	expected := "0, 0.000000, 0, 0, []"
-	if a.String() != expected {
-		t.Errorf("a.String = %s WANT %s", a.String(), expected)
-	}
-}
-
-func TestNew(t *testing.T) {
-	a := histogram{5, 25, []int64{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
-		19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38}, 4, -1}
-	b := a.New()
-
-	expected := "0, 0.000000, 0, 0, []"
-	if b.(*histogram).String() != expected {
-		t.Errorf("b.(*histogram).String = %s WANT: %s", b.(*histogram).String(), expected)
-	}
-}
-
-func TestAdd(t *testing.T) {
-	// The tests here depend on the associativity of addMeasurement and Add.
-	// Add empty observation
-	a := histogram{5, 25, []int64{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18,
-		19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38}, 4, -1}
-	b := a.New()
-
-	expected := a.String()
-	a.Add(b)
-	if a.String() != expected {
-		t.Errorf("a.String = %s WANT: %s", a.String(), expected)
-	}
-
-	// Add same bucketed value, no new buckets
-	c := new(histogram)
-	d := new(histogram)
-	e := new(histogram)
-	c.addMeasurement(12)
-	d.addMeasurement(11)
-	e.addMeasurement(12)
-	e.addMeasurement(11)
-	c.Add(d)
-	if c.String() != e.String() {
-		t.Errorf("c.String = %s WANT: %s", c.String(), e.String())
-	}
-
-	// Add bucketed values
-	f := new(histogram)
-	g := new(histogram)
-	h := new(histogram)
-	f.addMeasurement(4)
-	f.addMeasurement(12)
-	f.addMeasurement(100)
-	g.addMeasurement(18)
-	g.addMeasurement(36)
-	g.addMeasurement(255)
-	h.addMeasurement(4)
-	h.addMeasurement(12)
-	h.addMeasurement(100)
-	h.addMeasurement(18)
-	h.addMeasurement(36)
-	h.addMeasurement(255)
-	f.Add(g)
-	if f.String() != h.String() {
-		t.Errorf("f.String = %q WANT: %q", f.String(), h.String())
-	}
-
-	// add buckets to no buckets
-	i := new(histogram)
-	j := new(histogram)
-	k := new(histogram)
-	j.addMeasurement(18)
-	j.addMeasurement(36)
-	j.addMeasurement(255)
-	k.addMeasurement(18)
-	k.addMeasurement(36)
-	k.addMeasurement(255)
-	i.Add(j)
-	if i.String() != k.String() {
-		t.Errorf("i.String = %q WANT: %q", i.String(), k.String())
-	}
-
-	// add buckets to single value (no overlap)
-	l := new(histogram)
-	m := new(histogram)
-	n := new(histogram)
-	l.addMeasurement(0)
-	m.addMeasurement(18)
-	m.addMeasurement(36)
-	m.addMeasurement(255)
-	n.addMeasurement(0)
-	n.addMeasurement(18)
-	n.addMeasurement(36)
-	n.addMeasurement(255)
-	l.Add(m)
-	if l.String() != n.String() {
-		t.Errorf("l.String = %q WANT: %q", l.String(), n.String())
-	}
-
-	// mixed order
-	o := new(histogram)
-	p := new(histogram)
-	o.addMeasurement(0)
-	o.addMeasurement(2)
-	o.addMeasurement(0)
-	p.addMeasurement(0)
-	p.addMeasurement(0)
-	p.addMeasurement(2)
-	if o.String() != p.String() {
-		t.Errorf("o.String = %q WANT: %q", o.String(), p.String())
-	}
-}
-
-func add(h *histogram, times int, val int64) {
-	for i := 0; i < times; i++ {
-		h.addMeasurement(val)
-	}
-}
-
-func isApproximate(x, y float64) bool {
-	return math.Abs(x-y) < 1e-2
-}
diff --git a/vendor/golang.org/x/net/trace/trace.go b/vendor/golang.org/x/net/trace/trace.go
deleted file mode 100644
index dd67007d..00000000
--- a/vendor/golang.org/x/net/trace/trace.go
+++ /dev/null
@@ -1,1062 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-/*
-Package trace implements tracing of requests and long-lived objects.
-It exports HTTP interfaces on /debug/requests and /debug/events.
-
-A trace.Trace provides tracing for short-lived objects, usually requests.
-A request handler might be implemented like this:
-
-	func fooHandler(w http.ResponseWriter, req *http.Request) {
-		tr := trace.New("mypkg.Foo", req.URL.Path)
-		defer tr.Finish()
-		...
-		tr.LazyPrintf("some event %q happened", str)
-		...
-		if err := somethingImportant(); err != nil {
-			tr.LazyPrintf("somethingImportant failed: %v", err)
-			tr.SetError()
-		}
-	}
-
-The /debug/requests HTTP endpoint organizes the traces by family,
-errors, and duration.  It also provides histogram of request duration
-for each family.
-
-A trace.EventLog provides tracing for long-lived objects, such as RPC
-connections.
-
-	// A Fetcher fetches URL paths for a single domain.
-	type Fetcher struct {
-		domain string
-		events trace.EventLog
-	}
-
-	func NewFetcher(domain string) *Fetcher {
-		return &Fetcher{
-			domain,
-			trace.NewEventLog("mypkg.Fetcher", domain),
-		}
-	}
-
-	func (f *Fetcher) Fetch(path string) (string, error) {
-		resp, err := http.Get("http://" + f.domain + "/" + path)
-		if err != nil {
-			f.events.Errorf("Get(%q) = %v", path, err)
-			return "", err
-		}
-		f.events.Printf("Get(%q) = %s", path, resp.Status)
-		...
-	}
-
-	func (f *Fetcher) Close() error {
-		f.events.Finish()
-		return nil
-	}
-
-The /debug/events HTTP endpoint organizes the event logs by family and
-by time since the last error.  The expanded view displays recent log
-entries and the log's call stack.
-*/
-package trace // import "golang.org/x/net/trace"
-
-import (
-	"bytes"
-	"fmt"
-	"html/template"
-	"io"
-	"log"
-	"net"
-	"net/http"
-	"runtime"
-	"sort"
-	"strconv"
-	"sync"
-	"sync/atomic"
-	"time"
-
-	"golang.org/x/net/context"
-	"golang.org/x/net/internal/timeseries"
-)
-
-// DebugUseAfterFinish controls whether to debug uses of Trace values after finishing.
-// FOR DEBUGGING ONLY. This will slow down the program.
-var DebugUseAfterFinish = false
-
-// AuthRequest determines whether a specific request is permitted to load the
-// /debug/requests or /debug/events pages.
-//
-// It returns two bools; the first indicates whether the page may be viewed at all,
-// and the second indicates whether sensitive events will be shown.
-//
-// AuthRequest may be replaced by a program to customise its authorisation requirements.
-//
-// The default AuthRequest function returns (true, true) iff the request comes from localhost/127.0.0.1/[::1].
-var AuthRequest = func(req *http.Request) (any, sensitive bool) {
-	// RemoteAddr is commonly in the form "IP" or "IP:port".
-	// If it is in the form "IP:port", split off the port.
-	host, _, err := net.SplitHostPort(req.RemoteAddr)
-	if err != nil {
-		host = req.RemoteAddr
-	}
-	switch host {
-	case "localhost", "127.0.0.1", "::1":
-		return true, true
-	default:
-		return false, false
-	}
-}
-
-func init() {
-	http.HandleFunc("/debug/requests", func(w http.ResponseWriter, req *http.Request) {
-		any, sensitive := AuthRequest(req)
-		if !any {
-			http.Error(w, "not allowed", http.StatusUnauthorized)
-			return
-		}
-		w.Header().Set("Content-Type", "text/html; charset=utf-8")
-		Render(w, req, sensitive)
-	})
-	http.HandleFunc("/debug/events", func(w http.ResponseWriter, req *http.Request) {
-		any, sensitive := AuthRequest(req)
-		if !any {
-			http.Error(w, "not allowed", http.StatusUnauthorized)
-			return
-		}
-		w.Header().Set("Content-Type", "text/html; charset=utf-8")
-		RenderEvents(w, req, sensitive)
-	})
-}
-
-// Render renders the HTML page typically served at /debug/requests.
-// It does not do any auth checking; see AuthRequest for the default auth check
-// used by the handler registered on http.DefaultServeMux.
-// req may be nil.
-func Render(w io.Writer, req *http.Request, sensitive bool) {
-	data := &struct {
-		Families         []string
-		ActiveTraceCount map[string]int
-		CompletedTraces  map[string]*family
-
-		// Set when a bucket has been selected.
-		Traces        traceList
-		Family        string
-		Bucket        int
-		Expanded      bool
-		Traced        bool
-		Active        bool
-		ShowSensitive bool // whether to show sensitive events
-
-		Histogram       template.HTML
-		HistogramWindow string // e.g. "last minute", "last hour", "all time"
-
-		// If non-zero, the set of traces is a partial set,
-		// and this is the total number.
-		Total int
-	}{
-		CompletedTraces: completedTraces,
-	}
-
-	data.ShowSensitive = sensitive
-	if req != nil {
-		// Allow show_sensitive=0 to force hiding of sensitive data for testing.
-		// This only goes one way; you can't use show_sensitive=1 to see things.
-		if req.FormValue("show_sensitive") == "0" {
-			data.ShowSensitive = false
-		}
-
-		if exp, err := strconv.ParseBool(req.FormValue("exp")); err == nil {
-			data.Expanded = exp
-		}
-		if exp, err := strconv.ParseBool(req.FormValue("rtraced")); err == nil {
-			data.Traced = exp
-		}
-	}
-
-	completedMu.RLock()
-	data.Families = make([]string, 0, len(completedTraces))
-	for fam := range completedTraces {
-		data.Families = append(data.Families, fam)
-	}
-	completedMu.RUnlock()
-	sort.Strings(data.Families)
-
-	// We are careful here to minimize the time spent locking activeMu,
-	// since that lock is required every time an RPC starts and finishes.
-	data.ActiveTraceCount = make(map[string]int, len(data.Families))
-	activeMu.RLock()
-	for fam, s := range activeTraces {
-		data.ActiveTraceCount[fam] = s.Len()
-	}
-	activeMu.RUnlock()
-
-	var ok bool
-	data.Family, data.Bucket, ok = parseArgs(req)
-	switch {
-	case !ok:
-		// No-op
-	case data.Bucket == -1:
-		data.Active = true
-		n := data.ActiveTraceCount[data.Family]
-		data.Traces = getActiveTraces(data.Family)
-		if len(data.Traces) < n {
-			data.Total = n
-		}
-	case data.Bucket < bucketsPerFamily:
-		if b := lookupBucket(data.Family, data.Bucket); b != nil {
-			data.Traces = b.Copy(data.Traced)
-		}
-	default:
-		if f := getFamily(data.Family, false); f != nil {
-			var obs timeseries.Observable
-			f.LatencyMu.RLock()
-			switch o := data.Bucket - bucketsPerFamily; o {
-			case 0:
-				obs = f.Latency.Minute()
-				data.HistogramWindow = "last minute"
-			case 1:
-				obs = f.Latency.Hour()
-				data.HistogramWindow = "last hour"
-			case 2:
-				obs = f.Latency.Total()
-				data.HistogramWindow = "all time"
-			}
-			f.LatencyMu.RUnlock()
-			if obs != nil {
-				data.Histogram = obs.(*histogram).html()
-			}
-		}
-	}
-
-	if data.Traces != nil {
-		defer data.Traces.Free()
-		sort.Sort(data.Traces)
-	}
-
-	completedMu.RLock()
-	defer completedMu.RUnlock()
-	if err := pageTmpl.ExecuteTemplate(w, "Page", data); err != nil {
-		log.Printf("net/trace: Failed executing template: %v", err)
-	}
-}
-
-func parseArgs(req *http.Request) (fam string, b int, ok bool) {
-	if req == nil {
-		return "", 0, false
-	}
-	fam, bStr := req.FormValue("fam"), req.FormValue("b")
-	if fam == "" || bStr == "" {
-		return "", 0, false
-	}
-	b, err := strconv.Atoi(bStr)
-	if err != nil || b < -1 {
-		return "", 0, false
-	}
-
-	return fam, b, true
-}
-
-func lookupBucket(fam string, b int) *traceBucket {
-	f := getFamily(fam, false)
-	if f == nil || b < 0 || b >= len(f.Buckets) {
-		return nil
-	}
-	return f.Buckets[b]
-}
-
-type contextKeyT string
-
-var contextKey = contextKeyT("golang.org/x/net/trace.Trace")
-
-// NewContext returns a copy of the parent context
-// and associates it with a Trace.
-func NewContext(ctx context.Context, tr Trace) context.Context {
-	return context.WithValue(ctx, contextKey, tr)
-}
-
-// FromContext returns the Trace bound to the context, if any.
-func FromContext(ctx context.Context) (tr Trace, ok bool) {
-	tr, ok = ctx.Value(contextKey).(Trace)
-	return
-}
-
-// Trace represents an active request.
-type Trace interface {
-	// LazyLog adds x to the event log. It will be evaluated each time the
-	// /debug/requests page is rendered. Any memory referenced by x will be
-	// pinned until the trace is finished and later discarded.
-	LazyLog(x fmt.Stringer, sensitive bool)
-
-	// LazyPrintf evaluates its arguments with fmt.Sprintf each time the
-	// /debug/requests page is rendered. Any memory referenced by a will be
-	// pinned until the trace is finished and later discarded.
-	LazyPrintf(format string, a ...interface{})
-
-	// SetError declares that this trace resulted in an error.
-	SetError()
-
-	// SetRecycler sets a recycler for the trace.
-	// f will be called for each event passed to LazyLog at a time when
-	// it is no longer required, whether while the trace is still active
-	// and the event is discarded, or when a completed trace is discarded.
-	SetRecycler(f func(interface{}))
-
-	// SetTraceInfo sets the trace info for the trace.
-	// This is currently unused.
-	SetTraceInfo(traceID, spanID uint64)
-
-	// SetMaxEvents sets the maximum number of events that will be stored
-	// in the trace. This has no effect if any events have already been
-	// added to the trace.
-	SetMaxEvents(m int)
-
-	// Finish declares that this trace is complete.
-	// The trace should not be used after calling this method.
-	Finish()
-}
-
-type lazySprintf struct {
-	format string
-	a      []interface{}
-}
-
-func (l *lazySprintf) String() string {
-	return fmt.Sprintf(l.format, l.a...)
-}
-
-// New returns a new Trace with the specified family and title.
-func New(family, title string) Trace {
-	tr := newTrace()
-	tr.ref()
-	tr.Family, tr.Title = family, title
-	tr.Start = time.Now()
-	tr.events = make([]event, 0, maxEventsPerTrace)
-
-	activeMu.RLock()
-	s := activeTraces[tr.Family]
-	activeMu.RUnlock()
-	if s == nil {
-		activeMu.Lock()
-		s = activeTraces[tr.Family] // check again
-		if s == nil {
-			s = new(traceSet)
-			activeTraces[tr.Family] = s
-		}
-		activeMu.Unlock()
-	}
-	s.Add(tr)
-
-	// Trigger allocation of the completed trace structure for this family.
-	// This will cause the family to be present in the request page during
-	// the first trace of this family. We don't care about the return value,
-	// nor is there any need for this to run inline, so we execute it in its
-	// own goroutine, but only if the family isn't allocated yet.
-	completedMu.RLock()
-	if _, ok := completedTraces[tr.Family]; !ok {
-		go allocFamily(tr.Family)
-	}
-	completedMu.RUnlock()
-
-	return tr
-}
-
-func (tr *trace) Finish() {
-	tr.Elapsed = time.Now().Sub(tr.Start)
-	if DebugUseAfterFinish {
-		buf := make([]byte, 4<<10) // 4 KB should be enough
-		n := runtime.Stack(buf, false)
-		tr.finishStack = buf[:n]
-	}
-
-	activeMu.RLock()
-	m := activeTraces[tr.Family]
-	activeMu.RUnlock()
-	m.Remove(tr)
-
-	f := getFamily(tr.Family, true)
-	for _, b := range f.Buckets {
-		if b.Cond.match(tr) {
-			b.Add(tr)
-		}
-	}
-	// Add a sample of elapsed time as microseconds to the family's timeseries
-	h := new(histogram)
-	h.addMeasurement(tr.Elapsed.Nanoseconds() / 1e3)
-	f.LatencyMu.Lock()
-	f.Latency.Add(h)
-	f.LatencyMu.Unlock()
-
-	tr.unref() // matches ref in New
-}
-
-const (
-	bucketsPerFamily    = 9
-	tracesPerBucket     = 10
-	maxActiveTraces     = 20 // Maximum number of active traces to show.
-	maxEventsPerTrace   = 10
-	numHistogramBuckets = 38
-)
-
-var (
-	// The active traces.
-	activeMu     sync.RWMutex
-	activeTraces = make(map[string]*traceSet) // family -> traces
-
-	// Families of completed traces.
-	completedMu     sync.RWMutex
-	completedTraces = make(map[string]*family) // family -> traces
-)
-
-type traceSet struct {
-	mu sync.RWMutex
-	m  map[*trace]bool
-
-	// We could avoid the entire map scan in FirstN by having a slice of all the traces
-	// ordered by start time, and an index into that from the trace struct, with a periodic
-	// repack of the slice after enough traces finish; we could also use a skip list or similar.
-	// However, that would shift some of the expense from /debug/requests time to RPC time,
-	// which is probably the wrong trade-off.
-}
-
-func (ts *traceSet) Len() int {
-	ts.mu.RLock()
-	defer ts.mu.RUnlock()
-	return len(ts.m)
-}
-
-func (ts *traceSet) Add(tr *trace) {
-	ts.mu.Lock()
-	if ts.m == nil {
-		ts.m = make(map[*trace]bool)
-	}
-	ts.m[tr] = true
-	ts.mu.Unlock()
-}
-
-func (ts *traceSet) Remove(tr *trace) {
-	ts.mu.Lock()
-	delete(ts.m, tr)
-	ts.mu.Unlock()
-}
-
-// FirstN returns the first n traces ordered by time.
-func (ts *traceSet) FirstN(n int) traceList {
-	ts.mu.RLock()
-	defer ts.mu.RUnlock()
-
-	if n > len(ts.m) {
-		n = len(ts.m)
-	}
-	trl := make(traceList, 0, n)
-
-	// Fast path for when no selectivity is needed.
-	if n == len(ts.m) {
-		for tr := range ts.m {
-			tr.ref()
-			trl = append(trl, tr)
-		}
-		sort.Sort(trl)
-		return trl
-	}
-
-	// Pick the oldest n traces.
-	// This is inefficient. See the comment in the traceSet struct.
-	for tr := range ts.m {
-		// Put the first n traces into trl in the order they occur.
-		// When we have n, sort trl, and thereafter maintain its order.
-		if len(trl) < n {
-			tr.ref()
-			trl = append(trl, tr)
-			if len(trl) == n {
-				// This is guaranteed to happen exactly once during this loop.
-				sort.Sort(trl)
-			}
-			continue
-		}
-		if tr.Start.After(trl[n-1].Start) {
-			continue
-		}
-
-		// Find where to insert this one.
-		tr.ref()
-		i := sort.Search(n, func(i int) bool { return trl[i].Start.After(tr.Start) })
-		trl[n-1].unref()
-		copy(trl[i+1:], trl[i:])
-		trl[i] = tr
-	}
-
-	return trl
-}
-
-func getActiveTraces(fam string) traceList {
-	activeMu.RLock()
-	s := activeTraces[fam]
-	activeMu.RUnlock()
-	if s == nil {
-		return nil
-	}
-	return s.FirstN(maxActiveTraces)
-}
-
-func getFamily(fam string, allocNew bool) *family {
-	completedMu.RLock()
-	f := completedTraces[fam]
-	completedMu.RUnlock()
-	if f == nil && allocNew {
-		f = allocFamily(fam)
-	}
-	return f
-}
-
-func allocFamily(fam string) *family {
-	completedMu.Lock()
-	defer completedMu.Unlock()
-	f := completedTraces[fam]
-	if f == nil {
-		f = newFamily()
-		completedTraces[fam] = f
-	}
-	return f
-}
-
-// family represents a set of trace buckets and associated latency information.
-type family struct {
-	// traces may occur in multiple buckets.
-	Buckets [bucketsPerFamily]*traceBucket
-
-	// latency time series
-	LatencyMu sync.RWMutex
-	Latency   *timeseries.MinuteHourSeries
-}
-
-func newFamily() *family {
-	return &family{
-		Buckets: [bucketsPerFamily]*traceBucket{
-			{Cond: minCond(0)},
-			{Cond: minCond(50 * time.Millisecond)},
-			{Cond: minCond(100 * time.Millisecond)},
-			{Cond: minCond(200 * time.Millisecond)},
-			{Cond: minCond(500 * time.Millisecond)},
-			{Cond: minCond(1 * time.Second)},
-			{Cond: minCond(10 * time.Second)},
-			{Cond: minCond(100 * time.Second)},
-			{Cond: errorCond{}},
-		},
-		Latency: timeseries.NewMinuteHourSeries(func() timeseries.Observable { return new(histogram) }),
-	}
-}
-
-// traceBucket represents a size-capped bucket of historic traces,
-// along with a condition for a trace to belong to the bucket.
-type traceBucket struct {
-	Cond cond
-
-	// Ring buffer implementation of a fixed-size FIFO queue.
-	mu     sync.RWMutex
-	buf    [tracesPerBucket]*trace
-	start  int // < tracesPerBucket
-	length int // <= tracesPerBucket
-}
-
-func (b *traceBucket) Add(tr *trace) {
-	b.mu.Lock()
-	defer b.mu.Unlock()
-
-	i := b.start + b.length
-	if i >= tracesPerBucket {
-		i -= tracesPerBucket
-	}
-	if b.length == tracesPerBucket {
-		// "Remove" an element from the bucket.
-		b.buf[i].unref()
-		b.start++
-		if b.start == tracesPerBucket {
-			b.start = 0
-		}
-	}
-	b.buf[i] = tr
-	if b.length < tracesPerBucket {
-		b.length++
-	}
-	tr.ref()
-}
-
-// Copy returns a copy of the traces in the bucket.
-// If tracedOnly is true, only the traces with trace information will be returned.
-// The logs will be ref'd before returning; the caller should call
-// the Free method when it is done with them.
-// TODO(dsymonds): keep track of traced requests in separate buckets.
-func (b *traceBucket) Copy(tracedOnly bool) traceList {
-	b.mu.RLock()
-	defer b.mu.RUnlock()
-
-	trl := make(traceList, 0, b.length)
-	for i, x := 0, b.start; i < b.length; i++ {
-		tr := b.buf[x]
-		if !tracedOnly || tr.spanID != 0 {
-			tr.ref()
-			trl = append(trl, tr)
-		}
-		x++
-		if x == b.length {
-			x = 0
-		}
-	}
-	return trl
-}
-
-func (b *traceBucket) Empty() bool {
-	b.mu.RLock()
-	defer b.mu.RUnlock()
-	return b.length == 0
-}
-
-// cond represents a condition on a trace.
-type cond interface {
-	match(t *trace) bool
-	String() string
-}
-
-type minCond time.Duration
-
-func (m minCond) match(t *trace) bool { return t.Elapsed >= time.Duration(m) }
-func (m minCond) String() string      { return fmt.Sprintf("≥%gs", time.Duration(m).Seconds()) }
-
-type errorCond struct{}
-
-func (e errorCond) match(t *trace) bool { return t.IsError }
-func (e errorCond) String() string      { return "errors" }
-
-type traceList []*trace
-
-// Free calls unref on each element of the list.
-func (trl traceList) Free() {
-	for _, t := range trl {
-		t.unref()
-	}
-}
-
-// traceList may be sorted in reverse chronological order.
-func (trl traceList) Len() int           { return len(trl) }
-func (trl traceList) Less(i, j int) bool { return trl[i].Start.After(trl[j].Start) }
-func (trl traceList) Swap(i, j int)      { trl[i], trl[j] = trl[j], trl[i] }
-
-// An event is a timestamped log entry in a trace.
-type event struct {
-	When       time.Time
-	Elapsed    time.Duration // since previous event in trace
-	NewDay     bool          // whether this event is on a different day to the previous event
-	Recyclable bool          // whether this event was passed via LazyLog
-	What       interface{}   // string or fmt.Stringer
-	Sensitive  bool          // whether this event contains sensitive information
-}
-
-// WhenString returns a string representation of the elapsed time of the event.
-// It will include the date if midnight was crossed.
-func (e event) WhenString() string {
-	if e.NewDay {
-		return e.When.Format("2006/01/02 15:04:05.000000")
-	}
-	return e.When.Format("15:04:05.000000")
-}
-
-// discarded represents a number of discarded events.
-// It is stored as *discarded to make it easier to update in-place.
-type discarded int
-
-func (d *discarded) String() string {
-	return fmt.Sprintf("(%d events discarded)", int(*d))
-}
-
-// trace represents an active or complete request,
-// either sent or received by this program.
-type trace struct {
-	// Family is the top-level grouping of traces to which this belongs.
-	Family string
-
-	// Title is the title of this trace.
-	Title string
-
-	// Timing information.
-	Start   time.Time
-	Elapsed time.Duration // zero while active
-
-	// Trace information if non-zero.
-	traceID uint64
-	spanID  uint64
-
-	// Whether this trace resulted in an error.
-	IsError bool
-
-	// Append-only sequence of events (modulo discards).
-	mu     sync.RWMutex
-	events []event
-
-	refs     int32 // how many buckets this is in
-	recycler func(interface{})
-	disc     discarded // scratch space to avoid allocation
-
-	finishStack []byte // where finish was called, if DebugUseAfterFinish is set
-}
-
-func (tr *trace) reset() {
-	// Clear all but the mutex. Mutexes may not be copied, even when unlocked.
-	tr.Family = ""
-	tr.Title = ""
-	tr.Start = time.Time{}
-	tr.Elapsed = 0
-	tr.traceID = 0
-	tr.spanID = 0
-	tr.IsError = false
-	tr.events = nil
-	tr.refs = 0
-	tr.recycler = nil
-	tr.disc = 0
-	tr.finishStack = nil
-}
-
-// delta returns the elapsed time since the last event or the trace start,
-// and whether it spans midnight.
-// L >= tr.mu
-func (tr *trace) delta(t time.Time) (time.Duration, bool) {
-	if len(tr.events) == 0 {
-		return t.Sub(tr.Start), false
-	}
-	prev := tr.events[len(tr.events)-1].When
-	return t.Sub(prev), prev.Day() != t.Day()
-}
-
-func (tr *trace) addEvent(x interface{}, recyclable, sensitive bool) {
-	if DebugUseAfterFinish && tr.finishStack != nil {
-		buf := make([]byte, 4<<10) // 4 KB should be enough
-		n := runtime.Stack(buf, false)
-		log.Printf("net/trace: trace used after finish:\nFinished at:\n%s\nUsed at:\n%s", tr.finishStack, buf[:n])
-	}
-
-	/*
-		NOTE TO DEBUGGERS
-
-		If you are here because your program panicked in this code,
-		it is almost definitely the fault of code using this package,
-		and very unlikely to be the fault of this code.
-
-		The most likely scenario is that some code elsewhere is using
-		a requestz.Trace after its Finish method is called.
-		You can temporarily set the DebugUseAfterFinish var
-		to help discover where that is; do not leave that var set,
-		since it makes this package much less efficient.
-	*/
-
-	e := event{When: time.Now(), What: x, Recyclable: recyclable, Sensitive: sensitive}
-	tr.mu.Lock()
-	e.Elapsed, e.NewDay = tr.delta(e.When)
-	if len(tr.events) < cap(tr.events) {
-		tr.events = append(tr.events, e)
-	} else {
-		// Discard the middle events.
-		di := int((cap(tr.events) - 1) / 2)
-		if d, ok := tr.events[di].What.(*discarded); ok {
-			(*d)++
-		} else {
-			// disc starts at two to count for the event it is replacing,
-			// plus the next one that we are about to drop.
-			tr.disc = 2
-			if tr.recycler != nil && tr.events[di].Recyclable {
-				go tr.recycler(tr.events[di].What)
-			}
-			tr.events[di].What = &tr.disc
-		}
-		// The timestamp of the discarded meta-event should be
-		// the time of the last event it is representing.
-		tr.events[di].When = tr.events[di+1].When
-
-		if tr.recycler != nil && tr.events[di+1].Recyclable {
-			go tr.recycler(tr.events[di+1].What)
-		}
-		copy(tr.events[di+1:], tr.events[di+2:])
-		tr.events[cap(tr.events)-1] = e
-	}
-	tr.mu.Unlock()
-}
-
-func (tr *trace) LazyLog(x fmt.Stringer, sensitive bool) {
-	tr.addEvent(x, true, sensitive)
-}
-
-func (tr *trace) LazyPrintf(format string, a ...interface{}) {
-	tr.addEvent(&lazySprintf{format, a}, false, false)
-}
-
-func (tr *trace) SetError() { tr.IsError = true }
-
-func (tr *trace) SetRecycler(f func(interface{})) {
-	tr.recycler = f
-}
-
-func (tr *trace) SetTraceInfo(traceID, spanID uint64) {
-	tr.traceID, tr.spanID = traceID, spanID
-}
-
-func (tr *trace) SetMaxEvents(m int) {
-	// Always keep at least three events: first, discarded count, last.
-	if len(tr.events) == 0 && m > 3 {
-		tr.events = make([]event, 0, m)
-	}
-}
-
-func (tr *trace) ref() {
-	atomic.AddInt32(&tr.refs, 1)
-}
-
-func (tr *trace) unref() {
-	if atomic.AddInt32(&tr.refs, -1) == 0 {
-		if tr.recycler != nil {
-			// freeTrace clears tr, so we hold tr.recycler and tr.events here.
-			go func(f func(interface{}), es []event) {
-				for _, e := range es {
-					if e.Recyclable {
-						f(e.What)
-					}
-				}
-			}(tr.recycler, tr.events)
-		}
-
-		freeTrace(tr)
-	}
-}
-
-func (tr *trace) When() string {
-	return tr.Start.Format("2006/01/02 15:04:05.000000")
-}
-
-func (tr *trace) ElapsedTime() string {
-	t := tr.Elapsed
-	if t == 0 {
-		// Active trace.
-		t = time.Since(tr.Start)
-	}
-	return fmt.Sprintf("%.6f", t.Seconds())
-}
-
-func (tr *trace) Events() []event {
-	tr.mu.RLock()
-	defer tr.mu.RUnlock()
-	return tr.events
-}
-
-var traceFreeList = make(chan *trace, 1000) // TODO(dsymonds): Use sync.Pool?
-
-// newTrace returns a trace ready to use.
-func newTrace() *trace {
-	select {
-	case tr := <-traceFreeList:
-		return tr
-	default:
-		return new(trace)
-	}
-}
-
-// freeTrace adds tr to traceFreeList if there's room.
-// This is non-blocking.
-func freeTrace(tr *trace) {
-	if DebugUseAfterFinish {
-		return // never reuse
-	}
-	tr.reset()
-	select {
-	case traceFreeList <- tr:
-	default:
-	}
-}
-
-func elapsed(d time.Duration) string {
-	b := []byte(fmt.Sprintf("%.6f", d.Seconds()))
-
-	// For subsecond durations, blank all zeros before decimal point,
-	// and all zeros between the decimal point and the first non-zero digit.
-	if d < time.Second {
-		dot := bytes.IndexByte(b, '.')
-		for i := 0; i < dot; i++ {
-			b[i] = ' '
-		}
-		for i := dot + 1; i < len(b); i++ {
-			if b[i] == '0' {
-				b[i] = ' '
-			} else {
-				break
-			}
-		}
-	}
-
-	return string(b)
-}
-
-var pageTmpl = template.Must(template.New("Page").Funcs(template.FuncMap{
-	"elapsed": elapsed,
-	"add":     func(a, b int) int { return a + b },
-}).Parse(pageHTML))
-
-const pageHTML = `
-{{template "Prolog" .}}
-{{template "StatusTable" .}}
-{{template "Epilog" .}}
-
-{{define "Prolog"}}
-
-	
-	/debug/requests
-	
-	
-	
-
-
    /debug/requests
    
-{{end}} {{/* end of Prolog */}}
-
-{{define "StatusTable"}}
-
-	{{range $fam := .Families}}
-	
-		
-
-		{{$n := index $.ActiveTraceCount $fam}}
-		
-
-		{{$f := index $.CompletedTraces $fam}}
-		{{range $i, $b := $f.Buckets}}
-		{{$empty := $b.Empty}}
-		
-		{{end}}
-
-		{{$nb := len $f.Buckets}}
-		
-		
-		
-
-	
-	{{end}}
-
    {{$fam}}
-			{{if $n}}{{end}}
-			[{{$n}} active]
-			{{if $n}}{{end}}
-		
-		{{if not $empty}}{{end}}
-		[{{.Cond}}]
-		{{if not $empty}}{{end}}
-		
-		[minute]
-		
-		[hour]
-		
-		[total]
-		
    
-{{end}} {{/* end of StatusTable */}}
-
-{{define "Epilog"}}
-{{if $.Traces}}
-
    
-
    Family: {{$.Family}}
    
-
-{{if or $.Expanded $.Traced}}
-  [Normal/Summary]
-{{else}}
-  [Normal/Summary]
-{{end}}
-
-{{if or (not $.Expanded) $.Traced}}
-  [Normal/Expanded]
-{{else}}
-  [Normal/Expanded]
-{{end}}
-
-{{if not $.Active}}
-	{{if or $.Expanded (not $.Traced)}}
-	[Traced/Summary]
-	{{else}}
-	[Traced/Summary]
-	{{end}}
-	{{if or (not $.Expanded) (not $.Traced)}}
-	[Traced/Expanded]
-        {{else}}
-	[Traced/Expanded]
-	{{end}}
-{{end}}
-
-{{if $.Total}}
-
    Showing {{len $.Traces}} of {{$.Total}} traces.
    
-{{end}}
-
-
-	
-	
-	{{range $tr := $.Traces}}
-	
-		
-		
-		
-		{{/* TODO: include traceID/spanID */}}
-	
-	{{if $.Expanded}}
-	{{range $tr.Events}}
-	
-		
-		
-		
-	
-	{{end}}
-	{{end}}
-	{{end}}
-
    
-		{{if $.Active}}Active{{else}}Completed{{end}} Requests
-	
    WhenElapsed (s)
    {{$tr.When}}{{$tr.ElapsedTime}}{{$tr.Title}}
    {{.WhenString}}{{elapsed .Elapsed}}{{if or $.ShowSensitive (not .Sensitive)}}... {{.What}}{{else}}[redacted]{{end}}
    
-{{end}} {{/* if $.Traces */}}
-
-{{if $.Histogram}}
-
    Latency (µs) of {{$.Family}} over {{$.HistogramWindow}}
    
-{{$.Histogram}}
-{{end}} {{/* if $.Histogram */}}
-
-	
-
-{{end}} {{/* end of Epilog */}}
-`
diff --git a/vendor/golang.org/x/net/trace/trace_test.go b/vendor/golang.org/x/net/trace/trace_test.go
deleted file mode 100644
index 14d7c237..00000000
--- a/vendor/golang.org/x/net/trace/trace_test.go
+++ /dev/null
@@ -1,71 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package trace
-
-import (
-	"net/http"
-	"reflect"
-	"testing"
-)
-
-type s struct{}
-
-func (s) String() string { return "lazy string" }
-
-// TestReset checks whether all the fields are zeroed after reset.
-func TestReset(t *testing.T) {
-	tr := New("foo", "bar")
-	tr.LazyLog(s{}, false)
-	tr.LazyPrintf("%d", 1)
-	tr.SetRecycler(func(_ interface{}) {})
-	tr.SetTraceInfo(3, 4)
-	tr.SetMaxEvents(100)
-	tr.SetError()
-	tr.Finish()
-
-	tr.(*trace).reset()
-
-	if !reflect.DeepEqual(tr, new(trace)) {
-		t.Errorf("reset didn't clear all fields: %+v", tr)
-	}
-}
-
-// TestResetLog checks whether all the fields are zeroed after reset.
-func TestResetLog(t *testing.T) {
-	el := NewEventLog("foo", "bar")
-	el.Printf("message")
-	el.Errorf("error")
-	el.Finish()
-
-	el.(*eventLog).reset()
-
-	if !reflect.DeepEqual(el, new(eventLog)) {
-		t.Errorf("reset didn't clear all fields: %+v", el)
-	}
-}
-
-func TestAuthRequest(t *testing.T) {
-	testCases := []struct {
-		host string
-		want bool
-	}{
-		{host: "192.168.23.1", want: false},
-		{host: "192.168.23.1:8080", want: false},
-		{host: "malformed remote addr", want: false},
-		{host: "localhost", want: true},
-		{host: "localhost:8080", want: true},
-		{host: "127.0.0.1", want: true},
-		{host: "127.0.0.1:8080", want: true},
-		{host: "::1", want: true},
-		{host: "[::1]:8080", want: true},
-	}
-	for _, tt := range testCases {
-		req := &http.Request{RemoteAddr: tt.host}
-		any, sensitive := AuthRequest(req)
-		if any != tt.want || sensitive != tt.want {
-			t.Errorf("AuthRequest(%q) = %t, %t; want %t, %t", tt.host, any, sensitive, tt.want, tt.want)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/file.go b/vendor/golang.org/x/net/webdav/file.go
deleted file mode 100644
index 9ba1ca16..00000000
--- a/vendor/golang.org/x/net/webdav/file.go
+++ /dev/null
@@ -1,795 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"io"
-	"net/http"
-	"os"
-	"path"
-	"path/filepath"
-	"strings"
-	"sync"
-	"time"
-
-	"golang.org/x/net/webdav/internal/xml"
-)
-
-// slashClean is equivalent to but slightly more efficient than
-// path.Clean("/" + name).
-func slashClean(name string) string {
-	if name == "" || name[0] != '/' {
-		name = "/" + name
-	}
-	return path.Clean(name)
-}
-
-// A FileSystem implements access to a collection of named files. The elements
-// in a file path are separated by slash ('/', U+002F) characters, regardless
-// of host operating system convention.
-//
-// Each method has the same semantics as the os package's function of the same
-// name.
-//
-// Note that the os.Rename documentation says that "OS-specific restrictions
-// might apply". In particular, whether or not renaming a file or directory
-// overwriting another existing file or directory is an error is OS-dependent.
-type FileSystem interface {
-	Mkdir(name string, perm os.FileMode) error
-	OpenFile(name string, flag int, perm os.FileMode) (File, error)
-	RemoveAll(name string) error
-	Rename(oldName, newName string) error
-	Stat(name string) (os.FileInfo, error)
-}
-
-// A File is returned by a FileSystem's OpenFile method and can be served by a
-// Handler.
-//
-// A File may optionally implement the DeadPropsHolder interface, if it can
-// load and save dead properties.
-type File interface {
-	http.File
-	io.Writer
-}
-
-// A Dir implements FileSystem using the native file system restricted to a
-// specific directory tree.
-//
-// While the FileSystem.OpenFile method takes '/'-separated paths, a Dir's
-// string value is a filename on the native file system, not a URL, so it is
-// separated by filepath.Separator, which isn't necessarily '/'.
-//
-// An empty Dir is treated as ".".
-type Dir string
-
-func (d Dir) resolve(name string) string {
-	// This implementation is based on Dir.Open's code in the standard net/http package.
-	if filepath.Separator != '/' && strings.IndexRune(name, filepath.Separator) >= 0 ||
-		strings.Contains(name, "\x00") {
-		return ""
-	}
-	dir := string(d)
-	if dir == "" {
-		dir = "."
-	}
-	return filepath.Join(dir, filepath.FromSlash(slashClean(name)))
-}
-
-func (d Dir) Mkdir(name string, perm os.FileMode) error {
-	if name = d.resolve(name); name == "" {
-		return os.ErrNotExist
-	}
-	return os.Mkdir(name, perm)
-}
-
-func (d Dir) OpenFile(name string, flag int, perm os.FileMode) (File, error) {
-	if name = d.resolve(name); name == "" {
-		return nil, os.ErrNotExist
-	}
-	f, err := os.OpenFile(name, flag, perm)
-	if err != nil {
-		return nil, err
-	}
-	return f, nil
-}
-
-func (d Dir) RemoveAll(name string) error {
-	if name = d.resolve(name); name == "" {
-		return os.ErrNotExist
-	}
-	if name == filepath.Clean(string(d)) {
-		// Prohibit removing the virtual root directory.
-		return os.ErrInvalid
-	}
-	return os.RemoveAll(name)
-}
-
-func (d Dir) Rename(oldName, newName string) error {
-	if oldName = d.resolve(oldName); oldName == "" {
-		return os.ErrNotExist
-	}
-	if newName = d.resolve(newName); newName == "" {
-		return os.ErrNotExist
-	}
-	if root := filepath.Clean(string(d)); root == oldName || root == newName {
-		// Prohibit renaming from or to the virtual root directory.
-		return os.ErrInvalid
-	}
-	return os.Rename(oldName, newName)
-}
-
-func (d Dir) Stat(name string) (os.FileInfo, error) {
-	if name = d.resolve(name); name == "" {
-		return nil, os.ErrNotExist
-	}
-	return os.Stat(name)
-}
-
-// NewMemFS returns a new in-memory FileSystem implementation.
-func NewMemFS() FileSystem {
-	return &memFS{
-		root: memFSNode{
-			children: make(map[string]*memFSNode),
-			mode:     0660 | os.ModeDir,
-			modTime:  time.Now(),
-		},
-	}
-}
-
-// A memFS implements FileSystem, storing all metadata and actual file data
-// in-memory. No limits on filesystem size are used, so it is not recommended
-// this be used where the clients are untrusted.
-//
-// Concurrent access is permitted. The tree structure is protected by a mutex,
-// and each node's contents and metadata are protected by a per-node mutex.
-//
-// TODO: Enforce file permissions.
-type memFS struct {
-	mu   sync.Mutex
-	root memFSNode
-}
-
-// TODO: clean up and rationalize the walk/find code.
-
-// walk walks the directory tree for the fullname, calling f at each step. If f
-// returns an error, the walk will be aborted and return that same error.
-//
-// dir is the directory at that step, frag is the name fragment, and final is
-// whether it is the final step. For example, walking "/foo/bar/x" will result
-// in 3 calls to f:
-//   - "/", "foo", false
-//   - "/foo/", "bar", false
-//   - "/foo/bar/", "x", true
-// The frag argument will be empty only if dir is the root node and the walk
-// ends at that root node.
-func (fs *memFS) walk(op, fullname string, f func(dir *memFSNode, frag string, final bool) error) error {
-	original := fullname
-	fullname = slashClean(fullname)
-
-	// Strip any leading "/"s to make fullname a relative path, as the walk
-	// starts at fs.root.
-	if fullname[0] == '/' {
-		fullname = fullname[1:]
-	}
-	dir := &fs.root
-
-	for {
-		frag, remaining := fullname, ""
-		i := strings.IndexRune(fullname, '/')
-		final := i < 0
-		if !final {
-			frag, remaining = fullname[:i], fullname[i+1:]
-		}
-		if frag == "" && dir != &fs.root {
-			panic("webdav: empty path fragment for a clean path")
-		}
-		if err := f(dir, frag, final); err != nil {
-			return &os.PathError{
-				Op:   op,
-				Path: original,
-				Err:  err,
-			}
-		}
-		if final {
-			break
-		}
-		child := dir.children[frag]
-		if child == nil {
-			return &os.PathError{
-				Op:   op,
-				Path: original,
-				Err:  os.ErrNotExist,
-			}
-		}
-		if !child.mode.IsDir() {
-			return &os.PathError{
-				Op:   op,
-				Path: original,
-				Err:  os.ErrInvalid,
-			}
-		}
-		dir, fullname = child, remaining
-	}
-	return nil
-}
-
-// find returns the parent of the named node and the relative name fragment
-// from the parent to the child. For example, if finding "/foo/bar/baz" then
-// parent will be the node for "/foo/bar" and frag will be "baz".
-//
-// If the fullname names the root node, then parent, frag and err will be zero.
-//
-// find returns an error if the parent does not already exist or the parent
-// isn't a directory, but it will not return an error per se if the child does
-// not already exist. The error returned is either nil or an *os.PathError
-// whose Op is op.
-func (fs *memFS) find(op, fullname string) (parent *memFSNode, frag string, err error) {
-	err = fs.walk(op, fullname, func(parent0 *memFSNode, frag0 string, final bool) error {
-		if !final {
-			return nil
-		}
-		if frag0 != "" {
-			parent, frag = parent0, frag0
-		}
-		return nil
-	})
-	return parent, frag, err
-}
-
-func (fs *memFS) Mkdir(name string, perm os.FileMode) error {
-	fs.mu.Lock()
-	defer fs.mu.Unlock()
-
-	dir, frag, err := fs.find("mkdir", name)
-	if err != nil {
-		return err
-	}
-	if dir == nil {
-		// We can't create the root.
-		return os.ErrInvalid
-	}
-	if _, ok := dir.children[frag]; ok {
-		return os.ErrExist
-	}
-	dir.children[frag] = &memFSNode{
-		children: make(map[string]*memFSNode),
-		mode:     perm.Perm() | os.ModeDir,
-		modTime:  time.Now(),
-	}
-	return nil
-}
-
-func (fs *memFS) OpenFile(name string, flag int, perm os.FileMode) (File, error) {
-	fs.mu.Lock()
-	defer fs.mu.Unlock()
-
-	dir, frag, err := fs.find("open", name)
-	if err != nil {
-		return nil, err
-	}
-	var n *memFSNode
-	if dir == nil {
-		// We're opening the root.
-		if flag&(os.O_WRONLY|os.O_RDWR) != 0 {
-			return nil, os.ErrPermission
-		}
-		n, frag = &fs.root, "/"
-
-	} else {
-		n = dir.children[frag]
-		if flag&(os.O_SYNC|os.O_APPEND) != 0 {
-			// memFile doesn't support these flags yet.
-			return nil, os.ErrInvalid
-		}
-		if flag&os.O_CREATE != 0 {
-			if flag&os.O_EXCL != 0 && n != nil {
-				return nil, os.ErrExist
-			}
-			if n == nil {
-				n = &memFSNode{
-					mode: perm.Perm(),
-				}
-				dir.children[frag] = n
-			}
-		}
-		if n == nil {
-			return nil, os.ErrNotExist
-		}
-		if flag&(os.O_WRONLY|os.O_RDWR) != 0 && flag&os.O_TRUNC != 0 {
-			n.mu.Lock()
-			n.data = nil
-			n.mu.Unlock()
-		}
-	}
-
-	children := make([]os.FileInfo, 0, len(n.children))
-	for cName, c := range n.children {
-		children = append(children, c.stat(cName))
-	}
-	return &memFile{
-		n:                n,
-		nameSnapshot:     frag,
-		childrenSnapshot: children,
-	}, nil
-}
-
-func (fs *memFS) RemoveAll(name string) error {
-	fs.mu.Lock()
-	defer fs.mu.Unlock()
-
-	dir, frag, err := fs.find("remove", name)
-	if err != nil {
-		return err
-	}
-	if dir == nil {
-		// We can't remove the root.
-		return os.ErrInvalid
-	}
-	delete(dir.children, frag)
-	return nil
-}
-
-func (fs *memFS) Rename(oldName, newName string) error {
-	fs.mu.Lock()
-	defer fs.mu.Unlock()
-
-	oldName = slashClean(oldName)
-	newName = slashClean(newName)
-	if oldName == newName {
-		return nil
-	}
-	if strings.HasPrefix(newName, oldName+"/") {
-		// We can't rename oldName to be a sub-directory of itself.
-		return os.ErrInvalid
-	}
-
-	oDir, oFrag, err := fs.find("rename", oldName)
-	if err != nil {
-		return err
-	}
-	if oDir == nil {
-		// We can't rename from the root.
-		return os.ErrInvalid
-	}
-
-	nDir, nFrag, err := fs.find("rename", newName)
-	if err != nil {
-		return err
-	}
-	if nDir == nil {
-		// We can't rename to the root.
-		return os.ErrInvalid
-	}
-
-	oNode, ok := oDir.children[oFrag]
-	if !ok {
-		return os.ErrNotExist
-	}
-	if oNode.children != nil {
-		if nNode, ok := nDir.children[nFrag]; ok {
-			if nNode.children == nil {
-				return errNotADirectory
-			}
-			if len(nNode.children) != 0 {
-				return errDirectoryNotEmpty
-			}
-		}
-	}
-	delete(oDir.children, oFrag)
-	nDir.children[nFrag] = oNode
-	return nil
-}
-
-func (fs *memFS) Stat(name string) (os.FileInfo, error) {
-	fs.mu.Lock()
-	defer fs.mu.Unlock()
-
-	dir, frag, err := fs.find("stat", name)
-	if err != nil {
-		return nil, err
-	}
-	if dir == nil {
-		// We're stat'ting the root.
-		return fs.root.stat("/"), nil
-	}
-	if n, ok := dir.children[frag]; ok {
-		return n.stat(path.Base(name)), nil
-	}
-	return nil, os.ErrNotExist
-}
-
-// A memFSNode represents a single entry in the in-memory filesystem and also
-// implements os.FileInfo.
-type memFSNode struct {
-	// children is protected by memFS.mu.
-	children map[string]*memFSNode
-
-	mu        sync.Mutex
-	data      []byte
-	mode      os.FileMode
-	modTime   time.Time
-	deadProps map[xml.Name]Property
-}
-
-func (n *memFSNode) stat(name string) *memFileInfo {
-	n.mu.Lock()
-	defer n.mu.Unlock()
-	return &memFileInfo{
-		name:    name,
-		size:    int64(len(n.data)),
-		mode:    n.mode,
-		modTime: n.modTime,
-	}
-}
-
-func (n *memFSNode) DeadProps() (map[xml.Name]Property, error) {
-	n.mu.Lock()
-	defer n.mu.Unlock()
-	if len(n.deadProps) == 0 {
-		return nil, nil
-	}
-	ret := make(map[xml.Name]Property, len(n.deadProps))
-	for k, v := range n.deadProps {
-		ret[k] = v
-	}
-	return ret, nil
-}
-
-func (n *memFSNode) Patch(patches []Proppatch) ([]Propstat, error) {
-	n.mu.Lock()
-	defer n.mu.Unlock()
-	pstat := Propstat{Status: http.StatusOK}
-	for _, patch := range patches {
-		for _, p := range patch.Props {
-			pstat.Props = append(pstat.Props, Property{XMLName: p.XMLName})
-			if patch.Remove {
-				delete(n.deadProps, p.XMLName)
-				continue
-			}
-			if n.deadProps == nil {
-				n.deadProps = map[xml.Name]Property{}
-			}
-			n.deadProps[p.XMLName] = p
-		}
-	}
-	return []Propstat{pstat}, nil
-}
-
-type memFileInfo struct {
-	name    string
-	size    int64
-	mode    os.FileMode
-	modTime time.Time
-}
-
-func (f *memFileInfo) Name() string       { return f.name }
-func (f *memFileInfo) Size() int64        { return f.size }
-func (f *memFileInfo) Mode() os.FileMode  { return f.mode }
-func (f *memFileInfo) ModTime() time.Time { return f.modTime }
-func (f *memFileInfo) IsDir() bool        { return f.mode.IsDir() }
-func (f *memFileInfo) Sys() interface{}   { return nil }
-
-// A memFile is a File implementation for a memFSNode. It is a per-file (not
-// per-node) read/write position, and a snapshot of the memFS' tree structure
-// (a node's name and children) for that node.
-type memFile struct {
-	n                *memFSNode
-	nameSnapshot     string
-	childrenSnapshot []os.FileInfo
-	// pos is protected by n.mu.
-	pos int
-}
-
-// A *memFile implements the optional DeadPropsHolder interface.
-var _ DeadPropsHolder = (*memFile)(nil)
-
-func (f *memFile) DeadProps() (map[xml.Name]Property, error)     { return f.n.DeadProps() }
-func (f *memFile) Patch(patches []Proppatch) ([]Propstat, error) { return f.n.Patch(patches) }
-
-func (f *memFile) Close() error {
-	return nil
-}
-
-func (f *memFile) Read(p []byte) (int, error) {
-	f.n.mu.Lock()
-	defer f.n.mu.Unlock()
-	if f.n.mode.IsDir() {
-		return 0, os.ErrInvalid
-	}
-	if f.pos >= len(f.n.data) {
-		return 0, io.EOF
-	}
-	n := copy(p, f.n.data[f.pos:])
-	f.pos += n
-	return n, nil
-}
-
-func (f *memFile) Readdir(count int) ([]os.FileInfo, error) {
-	f.n.mu.Lock()
-	defer f.n.mu.Unlock()
-	if !f.n.mode.IsDir() {
-		return nil, os.ErrInvalid
-	}
-	old := f.pos
-	if old >= len(f.childrenSnapshot) {
-		// The os.File Readdir docs say that at the end of a directory,
-		// the error is io.EOF if count > 0 and nil if count <= 0.
-		if count > 0 {
-			return nil, io.EOF
-		}
-		return nil, nil
-	}
-	if count > 0 {
-		f.pos += count
-		if f.pos > len(f.childrenSnapshot) {
-			f.pos = len(f.childrenSnapshot)
-		}
-	} else {
-		f.pos = len(f.childrenSnapshot)
-		old = 0
-	}
-	return f.childrenSnapshot[old:f.pos], nil
-}
-
-func (f *memFile) Seek(offset int64, whence int) (int64, error) {
-	f.n.mu.Lock()
-	defer f.n.mu.Unlock()
-	npos := f.pos
-	// TODO: How to handle offsets greater than the size of system int?
-	switch whence {
-	case os.SEEK_SET:
-		npos = int(offset)
-	case os.SEEK_CUR:
-		npos += int(offset)
-	case os.SEEK_END:
-		npos = len(f.n.data) + int(offset)
-	default:
-		npos = -1
-	}
-	if npos < 0 {
-		return 0, os.ErrInvalid
-	}
-	f.pos = npos
-	return int64(f.pos), nil
-}
-
-func (f *memFile) Stat() (os.FileInfo, error) {
-	return f.n.stat(f.nameSnapshot), nil
-}
-
-func (f *memFile) Write(p []byte) (int, error) {
-	lenp := len(p)
-	f.n.mu.Lock()
-	defer f.n.mu.Unlock()
-
-	if f.n.mode.IsDir() {
-		return 0, os.ErrInvalid
-	}
-	if f.pos < len(f.n.data) {
-		n := copy(f.n.data[f.pos:], p)
-		f.pos += n
-		p = p[n:]
-	} else if f.pos > len(f.n.data) {
-		// Write permits the creation of holes, if we've seek'ed past the
-		// existing end of file.
-		if f.pos <= cap(f.n.data) {
-			oldLen := len(f.n.data)
-			f.n.data = f.n.data[:f.pos]
-			hole := f.n.data[oldLen:]
-			for i := range hole {
-				hole[i] = 0
-			}
-		} else {
-			d := make([]byte, f.pos, f.pos+len(p))
-			copy(d, f.n.data)
-			f.n.data = d
-		}
-	}
-
-	if len(p) > 0 {
-		// We should only get here if f.pos == len(f.n.data).
-		f.n.data = append(f.n.data, p...)
-		f.pos = len(f.n.data)
-	}
-	f.n.modTime = time.Now()
-	return lenp, nil
-}
-
-// moveFiles moves files and/or directories from src to dst.
-//
-// See section 9.9.4 for when various HTTP status codes apply.
-func moveFiles(fs FileSystem, src, dst string, overwrite bool) (status int, err error) {
-	created := false
-	if _, err := fs.Stat(dst); err != nil {
-		if !os.IsNotExist(err) {
-			return http.StatusForbidden, err
-		}
-		created = true
-	} else if overwrite {
-		// Section 9.9.3 says that "If a resource exists at the destination
-		// and the Overwrite header is "T", then prior to performing the move,
-		// the server must perform a DELETE with "Depth: infinity" on the
-		// destination resource.
-		if err := fs.RemoveAll(dst); err != nil {
-			return http.StatusForbidden, err
-		}
-	} else {
-		return http.StatusPreconditionFailed, os.ErrExist
-	}
-	if err := fs.Rename(src, dst); err != nil {
-		return http.StatusForbidden, err
-	}
-	if created {
-		return http.StatusCreated, nil
-	}
-	return http.StatusNoContent, nil
-}
-
-func copyProps(dst, src File) error {
-	d, ok := dst.(DeadPropsHolder)
-	if !ok {
-		return nil
-	}
-	s, ok := src.(DeadPropsHolder)
-	if !ok {
-		return nil
-	}
-	m, err := s.DeadProps()
-	if err != nil {
-		return err
-	}
-	props := make([]Property, 0, len(m))
-	for _, prop := range m {
-		props = append(props, prop)
-	}
-	_, err = d.Patch([]Proppatch{{Props: props}})
-	return err
-}
-
-// copyFiles copies files and/or directories from src to dst.
-//
-// See section 9.8.5 for when various HTTP status codes apply.
-func copyFiles(fs FileSystem, src, dst string, overwrite bool, depth int, recursion int) (status int, err error) {
-	if recursion == 1000 {
-		return http.StatusInternalServerError, errRecursionTooDeep
-	}
-	recursion++
-
-	// TODO: section 9.8.3 says that "Note that an infinite-depth COPY of /A/
-	// into /A/B/ could lead to infinite recursion if not handled correctly."
-
-	srcFile, err := fs.OpenFile(src, os.O_RDONLY, 0)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return http.StatusNotFound, err
-		}
-		return http.StatusInternalServerError, err
-	}
-	defer srcFile.Close()
-	srcStat, err := srcFile.Stat()
-	if err != nil {
-		if os.IsNotExist(err) {
-			return http.StatusNotFound, err
-		}
-		return http.StatusInternalServerError, err
-	}
-	srcPerm := srcStat.Mode() & os.ModePerm
-
-	created := false
-	if _, err := fs.Stat(dst); err != nil {
-		if os.IsNotExist(err) {
-			created = true
-		} else {
-			return http.StatusForbidden, err
-		}
-	} else {
-		if !overwrite {
-			return http.StatusPreconditionFailed, os.ErrExist
-		}
-		if err := fs.RemoveAll(dst); err != nil && !os.IsNotExist(err) {
-			return http.StatusForbidden, err
-		}
-	}
-
-	if srcStat.IsDir() {
-		if err := fs.Mkdir(dst, srcPerm); err != nil {
-			return http.StatusForbidden, err
-		}
-		if depth == infiniteDepth {
-			children, err := srcFile.Readdir(-1)
-			if err != nil {
-				return http.StatusForbidden, err
-			}
-			for _, c := range children {
-				name := c.Name()
-				s := path.Join(src, name)
-				d := path.Join(dst, name)
-				cStatus, cErr := copyFiles(fs, s, d, overwrite, depth, recursion)
-				if cErr != nil {
-					// TODO: MultiStatus.
-					return cStatus, cErr
-				}
-			}
-		}
-
-	} else {
-		dstFile, err := fs.OpenFile(dst, os.O_RDWR|os.O_CREATE|os.O_TRUNC, srcPerm)
-		if err != nil {
-			if os.IsNotExist(err) {
-				return http.StatusConflict, err
-			}
-			return http.StatusForbidden, err
-
-		}
-		_, copyErr := io.Copy(dstFile, srcFile)
-		propsErr := copyProps(dstFile, srcFile)
-		closeErr := dstFile.Close()
-		if copyErr != nil {
-			return http.StatusInternalServerError, copyErr
-		}
-		if propsErr != nil {
-			return http.StatusInternalServerError, propsErr
-		}
-		if closeErr != nil {
-			return http.StatusInternalServerError, closeErr
-		}
-	}
-
-	if created {
-		return http.StatusCreated, nil
-	}
-	return http.StatusNoContent, nil
-}
-
-// walkFS traverses filesystem fs starting at name up to depth levels.
-//
-// Allowed values for depth are 0, 1 or infiniteDepth. For each visited node,
-// walkFS calls walkFn. If a visited file system node is a directory and
-// walkFn returns filepath.SkipDir, walkFS will skip traversal of this node.
-func walkFS(fs FileSystem, depth int, name string, info os.FileInfo, walkFn filepath.WalkFunc) error {
-	// This implementation is based on Walk's code in the standard path/filepath package.
-	err := walkFn(name, info, nil)
-	if err != nil {
-		if info.IsDir() && err == filepath.SkipDir {
-			return nil
-		}
-		return err
-	}
-	if !info.IsDir() || depth == 0 {
-		return nil
-	}
-	if depth == 1 {
-		depth = 0
-	}
-
-	// Read directory names.
-	f, err := fs.OpenFile(name, os.O_RDONLY, 0)
-	if err != nil {
-		return walkFn(name, info, err)
-	}
-	fileInfos, err := f.Readdir(0)
-	f.Close()
-	if err != nil {
-		return walkFn(name, info, err)
-	}
-
-	for _, fileInfo := range fileInfos {
-		filename := path.Join(name, fileInfo.Name())
-		fileInfo, err := fs.Stat(filename)
-		if err != nil {
-			if err := walkFn(filename, fileInfo, err); err != nil && err != filepath.SkipDir {
-				return err
-			}
-		} else {
-			err = walkFS(fs, depth, filename, fileInfo, walkFn)
-			if err != nil {
-				if !fileInfo.IsDir() || err != filepath.SkipDir {
-					return err
-				}
-			}
-		}
-	}
-	return nil
-}
diff --git a/vendor/golang.org/x/net/webdav/file_test.go b/vendor/golang.org/x/net/webdav/file_test.go
deleted file mode 100644
index 99547e16..00000000
--- a/vendor/golang.org/x/net/webdav/file_test.go
+++ /dev/null
@@ -1,1167 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"fmt"
-	"io"
-	"io/ioutil"
-	"os"
-	"path"
-	"path/filepath"
-	"reflect"
-	"runtime"
-	"sort"
-	"strconv"
-	"strings"
-	"testing"
-
-	"golang.org/x/net/webdav/internal/xml"
-)
-
-func TestSlashClean(t *testing.T) {
-	testCases := []string{
-		"",
-		".",
-		"/",
-		"/./",
-		"//",
-		"//.",
-		"//a",
-		"/a",
-		"/a/b/c",
-		"/a//b/./../c/d/",
-		"a",
-		"a/b/c",
-	}
-	for _, tc := range testCases {
-		got := slashClean(tc)
-		want := path.Clean("/" + tc)
-		if got != want {
-			t.Errorf("tc=%q: got %q, want %q", tc, got, want)
-		}
-	}
-}
-
-func TestDirResolve(t *testing.T) {
-	testCases := []struct {
-		dir, name, want string
-	}{
-		{"/", "", "/"},
-		{"/", "/", "/"},
-		{"/", ".", "/"},
-		{"/", "./a", "/a"},
-		{"/", "..", "/"},
-		{"/", "..", "/"},
-		{"/", "../", "/"},
-		{"/", "../.", "/"},
-		{"/", "../a", "/a"},
-		{"/", "../..", "/"},
-		{"/", "../bar/a", "/bar/a"},
-		{"/", "../baz/a", "/baz/a"},
-		{"/", "...", "/..."},
-		{"/", ".../a", "/.../a"},
-		{"/", ".../..", "/"},
-		{"/", "a", "/a"},
-		{"/", "a/./b", "/a/b"},
-		{"/", "a/../../b", "/b"},
-		{"/", "a/../b", "/b"},
-		{"/", "a/b", "/a/b"},
-		{"/", "a/b/c/../../d", "/a/d"},
-		{"/", "a/b/c/../../../d", "/d"},
-		{"/", "a/b/c/../../../../d", "/d"},
-		{"/", "a/b/c/d", "/a/b/c/d"},
-
-		{"/foo/bar", "", "/foo/bar"},
-		{"/foo/bar", "/", "/foo/bar"},
-		{"/foo/bar", ".", "/foo/bar"},
-		{"/foo/bar", "./a", "/foo/bar/a"},
-		{"/foo/bar", "..", "/foo/bar"},
-		{"/foo/bar", "../", "/foo/bar"},
-		{"/foo/bar", "../.", "/foo/bar"},
-		{"/foo/bar", "../a", "/foo/bar/a"},
-		{"/foo/bar", "../..", "/foo/bar"},
-		{"/foo/bar", "../bar/a", "/foo/bar/bar/a"},
-		{"/foo/bar", "../baz/a", "/foo/bar/baz/a"},
-		{"/foo/bar", "...", "/foo/bar/..."},
-		{"/foo/bar", ".../a", "/foo/bar/.../a"},
-		{"/foo/bar", ".../..", "/foo/bar"},
-		{"/foo/bar", "a", "/foo/bar/a"},
-		{"/foo/bar", "a/./b", "/foo/bar/a/b"},
-		{"/foo/bar", "a/../../b", "/foo/bar/b"},
-		{"/foo/bar", "a/../b", "/foo/bar/b"},
-		{"/foo/bar", "a/b", "/foo/bar/a/b"},
-		{"/foo/bar", "a/b/c/../../d", "/foo/bar/a/d"},
-		{"/foo/bar", "a/b/c/../../../d", "/foo/bar/d"},
-		{"/foo/bar", "a/b/c/../../../../d", "/foo/bar/d"},
-		{"/foo/bar", "a/b/c/d", "/foo/bar/a/b/c/d"},
-
-		{"/foo/bar/", "", "/foo/bar"},
-		{"/foo/bar/", "/", "/foo/bar"},
-		{"/foo/bar/", ".", "/foo/bar"},
-		{"/foo/bar/", "./a", "/foo/bar/a"},
-		{"/foo/bar/", "..", "/foo/bar"},
-
-		{"/foo//bar///", "", "/foo/bar"},
-		{"/foo//bar///", "/", "/foo/bar"},
-		{"/foo//bar///", ".", "/foo/bar"},
-		{"/foo//bar///", "./a", "/foo/bar/a"},
-		{"/foo//bar///", "..", "/foo/bar"},
-
-		{"/x/y/z", "ab/c\x00d/ef", ""},
-
-		{".", "", "."},
-		{".", "/", "."},
-		{".", ".", "."},
-		{".", "./a", "a"},
-		{".", "..", "."},
-		{".", "..", "."},
-		{".", "../", "."},
-		{".", "../.", "."},
-		{".", "../a", "a"},
-		{".", "../..", "."},
-		{".", "../bar/a", "bar/a"},
-		{".", "../baz/a", "baz/a"},
-		{".", "...", "..."},
-		{".", ".../a", ".../a"},
-		{".", ".../..", "."},
-		{".", "a", "a"},
-		{".", "a/./b", "a/b"},
-		{".", "a/../../b", "b"},
-		{".", "a/../b", "b"},
-		{".", "a/b", "a/b"},
-		{".", "a/b/c/../../d", "a/d"},
-		{".", "a/b/c/../../../d", "d"},
-		{".", "a/b/c/../../../../d", "d"},
-		{".", "a/b/c/d", "a/b/c/d"},
-
-		{"", "", "."},
-		{"", "/", "."},
-		{"", ".", "."},
-		{"", "./a", "a"},
-		{"", "..", "."},
-	}
-
-	for _, tc := range testCases {
-		d := Dir(filepath.FromSlash(tc.dir))
-		if got := filepath.ToSlash(d.resolve(tc.name)); got != tc.want {
-			t.Errorf("dir=%q, name=%q: got %q, want %q", tc.dir, tc.name, got, tc.want)
-		}
-	}
-}
-
-func TestWalk(t *testing.T) {
-	type walkStep struct {
-		name, frag string
-		final      bool
-	}
-
-	testCases := []struct {
-		dir  string
-		want []walkStep
-	}{
-		{"", []walkStep{
-			{"", "", true},
-		}},
-		{"/", []walkStep{
-			{"", "", true},
-		}},
-		{"/a", []walkStep{
-			{"", "a", true},
-		}},
-		{"/a/", []walkStep{
-			{"", "a", true},
-		}},
-		{"/a/b", []walkStep{
-			{"", "a", false},
-			{"a", "b", true},
-		}},
-		{"/a/b/", []walkStep{
-			{"", "a", false},
-			{"a", "b", true},
-		}},
-		{"/a/b/c", []walkStep{
-			{"", "a", false},
-			{"a", "b", false},
-			{"b", "c", true},
-		}},
-		// The following test case is the one mentioned explicitly
-		// in the method description.
-		{"/foo/bar/x", []walkStep{
-			{"", "foo", false},
-			{"foo", "bar", false},
-			{"bar", "x", true},
-		}},
-	}
-
-	for _, tc := range testCases {
-		fs := NewMemFS().(*memFS)
-
-		parts := strings.Split(tc.dir, "/")
-		for p := 2; p < len(parts); p++ {
-			d := strings.Join(parts[:p], "/")
-			if err := fs.Mkdir(d, 0666); err != nil {
-				t.Errorf("tc.dir=%q: mkdir: %q: %v", tc.dir, d, err)
-			}
-		}
-
-		i, prevFrag := 0, ""
-		err := fs.walk("test", tc.dir, func(dir *memFSNode, frag string, final bool) error {
-			got := walkStep{
-				name:  prevFrag,
-				frag:  frag,
-				final: final,
-			}
-			want := tc.want[i]
-
-			if got != want {
-				return fmt.Errorf("got %+v, want %+v", got, want)
-			}
-			i, prevFrag = i+1, frag
-			return nil
-		})
-		if err != nil {
-			t.Errorf("tc.dir=%q: %v", tc.dir, err)
-		}
-	}
-}
-
-// find appends to ss the names of the named file and its children. It is
-// analogous to the Unix find command.
-//
-// The returned strings are not guaranteed to be in any particular order.
-func find(ss []string, fs FileSystem, name string) ([]string, error) {
-	stat, err := fs.Stat(name)
-	if err != nil {
-		return nil, err
-	}
-	ss = append(ss, name)
-	if stat.IsDir() {
-		f, err := fs.OpenFile(name, os.O_RDONLY, 0)
-		if err != nil {
-			return nil, err
-		}
-		defer f.Close()
-		children, err := f.Readdir(-1)
-		if err != nil {
-			return nil, err
-		}
-		for _, c := range children {
-			ss, err = find(ss, fs, path.Join(name, c.Name()))
-			if err != nil {
-				return nil, err
-			}
-		}
-	}
-	return ss, nil
-}
-
-func testFS(t *testing.T, fs FileSystem) {
-	errStr := func(err error) string {
-		switch {
-		case os.IsExist(err):
-			return "errExist"
-		case os.IsNotExist(err):
-			return "errNotExist"
-		case err != nil:
-			return "err"
-		}
-		return "ok"
-	}
-
-	// The non-"find" non-"stat" test cases should change the file system state. The
-	// indentation of the "find"s and "stat"s helps distinguish such test cases.
-	testCases := []string{
-		"  stat / want dir",
-		"  stat /a want errNotExist",
-		"  stat /d want errNotExist",
-		"  stat /d/e want errNotExist",
-		"create /a A want ok",
-		"  stat /a want 1",
-		"create /d/e EEE want errNotExist",
-		"mk-dir /a want errExist",
-		"mk-dir /d/m want errNotExist",
-		"mk-dir /d want ok",
-		"  stat /d want dir",
-		"create /d/e EEE want ok",
-		"  stat /d/e want 3",
-		"  find / /a /d /d/e",
-		"create /d/f FFFF want ok",
-		"create /d/g GGGGGGG want ok",
-		"mk-dir /d/m want ok",
-		"mk-dir /d/m want errExist",
-		"create /d/m/p PPPPP want ok",
-		"  stat /d/e want 3",
-		"  stat /d/f want 4",
-		"  stat /d/g want 7",
-		"  stat /d/h want errNotExist",
-		"  stat /d/m want dir",
-		"  stat /d/m/p want 5",
-		"  find / /a /d /d/e /d/f /d/g /d/m /d/m/p",
-		"rm-all /d want ok",
-		"  stat /a want 1",
-		"  stat /d want errNotExist",
-		"  stat /d/e want errNotExist",
-		"  stat /d/f want errNotExist",
-		"  stat /d/g want errNotExist",
-		"  stat /d/m want errNotExist",
-		"  stat /d/m/p want errNotExist",
-		"  find / /a",
-		"mk-dir /d/m want errNotExist",
-		"mk-dir /d want ok",
-		"create /d/f FFFF want ok",
-		"rm-all /d/f want ok",
-		"mk-dir /d/m want ok",
-		"rm-all /z want ok",
-		"rm-all / want err",
-		"create /b BB want ok",
-		"  stat / want dir",
-		"  stat /a want 1",
-		"  stat /b want 2",
-		"  stat /c want errNotExist",
-		"  stat /d want dir",
-		"  stat /d/m want dir",
-		"  find / /a /b /d /d/m",
-		"move__ o=F /b /c want ok",
-		"  stat /b want errNotExist",
-		"  stat /c want 2",
-		"  stat /d/m want dir",
-		"  stat /d/n want errNotExist",
-		"  find / /a /c /d /d/m",
-		"move__ o=F /d/m /d/n want ok",
-		"create /d/n/q QQQQ want ok",
-		"  stat /d/m want errNotExist",
-		"  stat /d/n want dir",
-		"  stat /d/n/q want 4",
-		"move__ o=F /d /d/n/z want err",
-		"move__ o=T /c /d/n/q want ok",
-		"  stat /c want errNotExist",
-		"  stat /d/n/q want 2",
-		"  find / /a /d /d/n /d/n/q",
-		"create /d/n/r RRRRR want ok",
-		"mk-dir /u want ok",
-		"mk-dir /u/v want ok",
-		"move__ o=F /d/n /u want errExist",
-		"create /t TTTTTT want ok",
-		"move__ o=F /d/n /t want errExist",
-		"rm-all /t want ok",
-		"move__ o=F /d/n /t want ok",
-		"  stat /d want dir",
-		"  stat /d/n want errNotExist",
-		"  stat /d/n/r want errNotExist",
-		"  stat /t want dir",
-		"  stat /t/q want 2",
-		"  stat /t/r want 5",
-		"  find / /a /d /t /t/q /t/r /u /u/v",
-		"move__ o=F /t / want errExist",
-		"move__ o=T /t /u/v want ok",
-		"  stat /u/v/r want 5",
-		"move__ o=F / /z want err",
-		"  find / /a /d /u /u/v /u/v/q /u/v/r",
-		"  stat /a want 1",
-		"  stat /b want errNotExist",
-		"  stat /c want errNotExist",
-		"  stat /u/v/r want 5",
-		"copy__ o=F d=0 /a /b want ok",
-		"copy__ o=T d=0 /a /c want ok",
-		"  stat /a want 1",
-		"  stat /b want 1",
-		"  stat /c want 1",
-		"  stat /u/v/r want 5",
-		"copy__ o=F d=0 /u/v/r /b want errExist",
-		"  stat /b want 1",
-		"copy__ o=T d=0 /u/v/r /b want ok",
-		"  stat /a want 1",
-		"  stat /b want 5",
-		"  stat /u/v/r want 5",
-		"rm-all /a want ok",
-		"rm-all /b want ok",
-		"mk-dir /u/v/w want ok",
-		"create /u/v/w/s SSSSSSSS want ok",
-		"  stat /d want dir",
-		"  stat /d/x want errNotExist",
-		"  stat /d/y want errNotExist",
-		"  stat /u/v/r want 5",
-		"  stat /u/v/w/s want 8",
-		"  find / /c /d /u /u/v /u/v/q /u/v/r /u/v/w /u/v/w/s",
-		"copy__ o=T d=0 /u/v /d/x want ok",
-		"copy__ o=T d=∞ /u/v /d/y want ok",
-		"rm-all /u want ok",
-		"  stat /d/x want dir",
-		"  stat /d/x/q want errNotExist",
-		"  stat /d/x/r want errNotExist",
-		"  stat /d/x/w want errNotExist",
-		"  stat /d/x/w/s want errNotExist",
-		"  stat /d/y want dir",
-		"  stat /d/y/q want 2",
-		"  stat /d/y/r want 5",
-		"  stat /d/y/w want dir",
-		"  stat /d/y/w/s want 8",
-		"  stat /u want errNotExist",
-		"  find / /c /d /d/x /d/y /d/y/q /d/y/r /d/y/w /d/y/w/s",
-		"copy__ o=F d=∞ /d/y /d/x want errExist",
-	}
-
-	for i, tc := range testCases {
-		tc = strings.TrimSpace(tc)
-		j := strings.IndexByte(tc, ' ')
-		if j < 0 {
-			t.Fatalf("test case #%d %q: invalid command", i, tc)
-		}
-		op, arg := tc[:j], tc[j+1:]
-
-		switch op {
-		default:
-			t.Fatalf("test case #%d %q: invalid operation %q", i, tc, op)
-
-		case "create":
-			parts := strings.Split(arg, " ")
-			if len(parts) != 4 || parts[2] != "want" {
-				t.Fatalf("test case #%d %q: invalid write", i, tc)
-			}
-			f, opErr := fs.OpenFile(parts[0], os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-			if got := errStr(opErr); got != parts[3] {
-				t.Fatalf("test case #%d %q: OpenFile: got %q (%v), want %q", i, tc, got, opErr, parts[3])
-			}
-			if f != nil {
-				if _, err := f.Write([]byte(parts[1])); err != nil {
-					t.Fatalf("test case #%d %q: Write: %v", i, tc, err)
-				}
-				if err := f.Close(); err != nil {
-					t.Fatalf("test case #%d %q: Close: %v", i, tc, err)
-				}
-			}
-
-		case "find":
-			got, err := find(nil, fs, "/")
-			if err != nil {
-				t.Fatalf("test case #%d %q: find: %v", i, tc, err)
-			}
-			sort.Strings(got)
-			want := strings.Split(arg, " ")
-			if !reflect.DeepEqual(got, want) {
-				t.Fatalf("test case #%d %q:\ngot  %s\nwant %s", i, tc, got, want)
-			}
-
-		case "copy__", "mk-dir", "move__", "rm-all", "stat":
-			nParts := 3
-			switch op {
-			case "copy__":
-				nParts = 6
-			case "move__":
-				nParts = 5
-			}
-			parts := strings.Split(arg, " ")
-			if len(parts) != nParts {
-				t.Fatalf("test case #%d %q: invalid %s", i, tc, op)
-			}
-
-			got, opErr := "", error(nil)
-			switch op {
-			case "copy__":
-				depth := 0
-				if parts[1] == "d=∞" {
-					depth = infiniteDepth
-				}
-				_, opErr = copyFiles(fs, parts[2], parts[3], parts[0] == "o=T", depth, 0)
-			case "mk-dir":
-				opErr = fs.Mkdir(parts[0], 0777)
-			case "move__":
-				_, opErr = moveFiles(fs, parts[1], parts[2], parts[0] == "o=T")
-			case "rm-all":
-				opErr = fs.RemoveAll(parts[0])
-			case "stat":
-				var stat os.FileInfo
-				fileName := parts[0]
-				if stat, opErr = fs.Stat(fileName); opErr == nil {
-					if stat.IsDir() {
-						got = "dir"
-					} else {
-						got = strconv.Itoa(int(stat.Size()))
-					}
-
-					if fileName == "/" {
-						// For a Dir FileSystem, the virtual file system root maps to a
-						// real file system name like "/tmp/webdav-test012345", which does
-						// not end with "/". We skip such cases.
-					} else if statName := stat.Name(); path.Base(fileName) != statName {
-						t.Fatalf("test case #%d %q: file name %q inconsistent with stat name %q",
-							i, tc, fileName, statName)
-					}
-				}
-			}
-			if got == "" {
-				got = errStr(opErr)
-			}
-
-			if parts[len(parts)-2] != "want" {
-				t.Fatalf("test case #%d %q: invalid %s", i, tc, op)
-			}
-			if want := parts[len(parts)-1]; got != want {
-				t.Fatalf("test case #%d %q: got %q (%v), want %q", i, tc, got, opErr, want)
-			}
-		}
-	}
-}
-
-func TestDir(t *testing.T) {
-	switch runtime.GOOS {
-	case "nacl":
-		t.Skip("see golang.org/issue/12004")
-	case "plan9":
-		t.Skip("see golang.org/issue/11453")
-	}
-
-	td, err := ioutil.TempDir("", "webdav-test")
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer os.RemoveAll(td)
-	testFS(t, Dir(td))
-}
-
-func TestMemFS(t *testing.T) {
-	testFS(t, NewMemFS())
-}
-
-func TestMemFSRoot(t *testing.T) {
-	fs := NewMemFS()
-	for i := 0; i < 5; i++ {
-		stat, err := fs.Stat("/")
-		if err != nil {
-			t.Fatalf("i=%d: Stat: %v", i, err)
-		}
-		if !stat.IsDir() {
-			t.Fatalf("i=%d: Stat.IsDir is false, want true", i)
-		}
-
-		f, err := fs.OpenFile("/", os.O_RDONLY, 0)
-		if err != nil {
-			t.Fatalf("i=%d: OpenFile: %v", i, err)
-		}
-		defer f.Close()
-		children, err := f.Readdir(-1)
-		if err != nil {
-			t.Fatalf("i=%d: Readdir: %v", i, err)
-		}
-		if len(children) != i {
-			t.Fatalf("i=%d: got %d children, want %d", i, len(children), i)
-		}
-
-		if _, err := f.Write(make([]byte, 1)); err == nil {
-			t.Fatalf("i=%d: Write: got nil error, want non-nil", i)
-		}
-
-		if err := fs.Mkdir(fmt.Sprintf("/dir%d", i), 0777); err != nil {
-			t.Fatalf("i=%d: Mkdir: %v", i, err)
-		}
-	}
-}
-
-func TestMemFileReaddir(t *testing.T) {
-	fs := NewMemFS()
-	if err := fs.Mkdir("/foo", 0777); err != nil {
-		t.Fatalf("Mkdir: %v", err)
-	}
-	readdir := func(count int) ([]os.FileInfo, error) {
-		f, err := fs.OpenFile("/foo", os.O_RDONLY, 0)
-		if err != nil {
-			t.Fatalf("OpenFile: %v", err)
-		}
-		defer f.Close()
-		return f.Readdir(count)
-	}
-	if got, err := readdir(-1); len(got) != 0 || err != nil {
-		t.Fatalf("readdir(-1): got %d fileInfos with err=%v, want 0, ", len(got), err)
-	}
-	if got, err := readdir(+1); len(got) != 0 || err != io.EOF {
-		t.Fatalf("readdir(+1): got %d fileInfos with err=%v, want 0, EOF", len(got), err)
-	}
-}
-
-func TestMemFile(t *testing.T) {
-	testCases := []string{
-		"wantData ",
-		"wantSize 0",
-		"write abc",
-		"wantData abc",
-		"write de",
-		"wantData abcde",
-		"wantSize 5",
-		"write 5*x",
-		"write 4*y+2*z",
-		"write 3*st",
-		"wantData abcdexxxxxyyyyzzststst",
-		"wantSize 22",
-		"seek set 4 want 4",
-		"write EFG",
-		"wantData abcdEFGxxxyyyyzzststst",
-		"wantSize 22",
-		"seek set 2 want 2",
-		"read cdEF",
-		"read Gx",
-		"seek cur 0 want 8",
-		"seek cur 2 want 10",
-		"seek cur -1 want 9",
-		"write J",
-		"wantData abcdEFGxxJyyyyzzststst",
-		"wantSize 22",
-		"seek cur -4 want 6",
-		"write ghijk",
-		"wantData abcdEFghijkyyyzzststst",
-		"wantSize 22",
-		"read yyyz",
-		"seek cur 0 want 15",
-		"write ",
-		"seek cur 0 want 15",
-		"read ",
-		"seek cur 0 want 15",
-		"seek end -3 want 19",
-		"write ZZ",
-		"wantData abcdEFghijkyyyzzstsZZt",
-		"wantSize 22",
-		"write 4*A",
-		"wantData abcdEFghijkyyyzzstsZZAAAA",
-		"wantSize 25",
-		"seek end 0 want 25",
-		"seek end -5 want 20",
-		"read Z+4*A",
-		"write 5*B",
-		"wantData abcdEFghijkyyyzzstsZZAAAABBBBB",
-		"wantSize 30",
-		"seek end 10 want 40",
-		"write C",
-		"wantData abcdEFghijkyyyzzstsZZAAAABBBBB..........C",
-		"wantSize 41",
-		"write D",
-		"wantData abcdEFghijkyyyzzstsZZAAAABBBBB..........CD",
-		"wantSize 42",
-		"seek set 43 want 43",
-		"write E",
-		"wantData abcdEFghijkyyyzzstsZZAAAABBBBB..........CD.E",
-		"wantSize 44",
-		"seek set 0 want 0",
-		"write 5*123456789_",
-		"wantData 123456789_123456789_123456789_123456789_123456789_",
-		"wantSize 50",
-		"seek cur 0 want 50",
-		"seek cur -99 want err",
-	}
-
-	const filename = "/foo"
-	fs := NewMemFS()
-	f, err := fs.OpenFile(filename, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-	if err != nil {
-		t.Fatalf("OpenFile: %v", err)
-	}
-	defer f.Close()
-
-	for i, tc := range testCases {
-		j := strings.IndexByte(tc, ' ')
-		if j < 0 {
-			t.Fatalf("test case #%d %q: invalid command", i, tc)
-		}
-		op, arg := tc[:j], tc[j+1:]
-
-		// Expand an arg like "3*a+2*b" to "aaabb".
-		parts := strings.Split(arg, "+")
-		for j, part := range parts {
-			if k := strings.IndexByte(part, '*'); k >= 0 {
-				repeatCount, repeatStr := part[:k], part[k+1:]
-				n, err := strconv.Atoi(repeatCount)
-				if err != nil {
-					t.Fatalf("test case #%d %q: invalid repeat count %q", i, tc, repeatCount)
-				}
-				parts[j] = strings.Repeat(repeatStr, n)
-			}
-		}
-		arg = strings.Join(parts, "")
-
-		switch op {
-		default:
-			t.Fatalf("test case #%d %q: invalid operation %q", i, tc, op)
-
-		case "read":
-			buf := make([]byte, len(arg))
-			if _, err := io.ReadFull(f, buf); err != nil {
-				t.Fatalf("test case #%d %q: ReadFull: %v", i, tc, err)
-			}
-			if got := string(buf); got != arg {
-				t.Fatalf("test case #%d %q:\ngot  %q\nwant %q", i, tc, got, arg)
-			}
-
-		case "seek":
-			parts := strings.Split(arg, " ")
-			if len(parts) != 4 {
-				t.Fatalf("test case #%d %q: invalid seek", i, tc)
-			}
-
-			whence := 0
-			switch parts[0] {
-			default:
-				t.Fatalf("test case #%d %q: invalid seek whence", i, tc)
-			case "set":
-				whence = os.SEEK_SET
-			case "cur":
-				whence = os.SEEK_CUR
-			case "end":
-				whence = os.SEEK_END
-			}
-			offset, err := strconv.Atoi(parts[1])
-			if err != nil {
-				t.Fatalf("test case #%d %q: invalid offset %q", i, tc, parts[1])
-			}
-
-			if parts[2] != "want" {
-				t.Fatalf("test case #%d %q: invalid seek", i, tc)
-			}
-			if parts[3] == "err" {
-				_, err := f.Seek(int64(offset), whence)
-				if err == nil {
-					t.Fatalf("test case #%d %q: Seek returned nil error, want non-nil", i, tc)
-				}
-			} else {
-				got, err := f.Seek(int64(offset), whence)
-				if err != nil {
-					t.Fatalf("test case #%d %q: Seek: %v", i, tc, err)
-				}
-				want, err := strconv.Atoi(parts[3])
-				if err != nil {
-					t.Fatalf("test case #%d %q: invalid want %q", i, tc, parts[3])
-				}
-				if got != int64(want) {
-					t.Fatalf("test case #%d %q: got %d, want %d", i, tc, got, want)
-				}
-			}
-
-		case "write":
-			n, err := f.Write([]byte(arg))
-			if err != nil {
-				t.Fatalf("test case #%d %q: write: %v", i, tc, err)
-			}
-			if n != len(arg) {
-				t.Fatalf("test case #%d %q: write returned %d bytes, want %d", i, tc, n, len(arg))
-			}
-
-		case "wantData":
-			g, err := fs.OpenFile(filename, os.O_RDONLY, 0666)
-			if err != nil {
-				t.Fatalf("test case #%d %q: OpenFile: %v", i, tc, err)
-			}
-			gotBytes, err := ioutil.ReadAll(g)
-			if err != nil {
-				t.Fatalf("test case #%d %q: ReadAll: %v", i, tc, err)
-			}
-			for i, c := range gotBytes {
-				if c == '\x00' {
-					gotBytes[i] = '.'
-				}
-			}
-			got := string(gotBytes)
-			if got != arg {
-				t.Fatalf("test case #%d %q:\ngot  %q\nwant %q", i, tc, got, arg)
-			}
-			if err := g.Close(); err != nil {
-				t.Fatalf("test case #%d %q: Close: %v", i, tc, err)
-			}
-
-		case "wantSize":
-			n, err := strconv.Atoi(arg)
-			if err != nil {
-				t.Fatalf("test case #%d %q: invalid size %q", i, tc, arg)
-			}
-			fi, err := fs.Stat(filename)
-			if err != nil {
-				t.Fatalf("test case #%d %q: Stat: %v", i, tc, err)
-			}
-			if got, want := fi.Size(), int64(n); got != want {
-				t.Fatalf("test case #%d %q: got %d, want %d", i, tc, got, want)
-			}
-		}
-	}
-}
-
-// TestMemFileWriteAllocs tests that writing N consecutive 1KiB chunks to a
-// memFile doesn't allocate a new buffer for each of those N times. Otherwise,
-// calling io.Copy(aMemFile, src) is likely to have quadratic complexity.
-func TestMemFileWriteAllocs(t *testing.T) {
-	fs := NewMemFS()
-	f, err := fs.OpenFile("/xxx", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-	if err != nil {
-		t.Fatalf("OpenFile: %v", err)
-	}
-	defer f.Close()
-
-	xxx := make([]byte, 1024)
-	for i := range xxx {
-		xxx[i] = 'x'
-	}
-
-	a := testing.AllocsPerRun(100, func() {
-		f.Write(xxx)
-	})
-	// AllocsPerRun returns an integral value, so we compare the rounded-down
-	// number to zero.
-	if a > 0 {
-		t.Fatalf("%v allocs per run, want 0", a)
-	}
-}
-
-func BenchmarkMemFileWrite(b *testing.B) {
-	fs := NewMemFS()
-	xxx := make([]byte, 1024)
-	for i := range xxx {
-		xxx[i] = 'x'
-	}
-
-	b.ResetTimer()
-	for i := 0; i < b.N; i++ {
-		f, err := fs.OpenFile("/xxx", os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-		if err != nil {
-			b.Fatalf("OpenFile: %v", err)
-		}
-		for j := 0; j < 100; j++ {
-			f.Write(xxx)
-		}
-		if err := f.Close(); err != nil {
-			b.Fatalf("Close: %v", err)
-		}
-		if err := fs.RemoveAll("/xxx"); err != nil {
-			b.Fatalf("RemoveAll: %v", err)
-		}
-	}
-}
-
-func TestCopyMoveProps(t *testing.T) {
-	fs := NewMemFS()
-	create := func(name string) error {
-		f, err := fs.OpenFile(name, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-		if err != nil {
-			return err
-		}
-		_, wErr := f.Write([]byte("contents"))
-		cErr := f.Close()
-		if wErr != nil {
-			return wErr
-		}
-		return cErr
-	}
-	patch := func(name string, patches ...Proppatch) error {
-		f, err := fs.OpenFile(name, os.O_RDWR, 0666)
-		if err != nil {
-			return err
-		}
-		_, pErr := f.(DeadPropsHolder).Patch(patches)
-		cErr := f.Close()
-		if pErr != nil {
-			return pErr
-		}
-		return cErr
-	}
-	props := func(name string) (map[xml.Name]Property, error) {
-		f, err := fs.OpenFile(name, os.O_RDWR, 0666)
-		if err != nil {
-			return nil, err
-		}
-		m, pErr := f.(DeadPropsHolder).DeadProps()
-		cErr := f.Close()
-		if pErr != nil {
-			return nil, pErr
-		}
-		if cErr != nil {
-			return nil, cErr
-		}
-		return m, nil
-	}
-
-	p0 := Property{
-		XMLName:  xml.Name{Space: "x:", Local: "boat"},
-		InnerXML: []byte("pea-green"),
-	}
-	p1 := Property{
-		XMLName:  xml.Name{Space: "x:", Local: "ring"},
-		InnerXML: []byte("1 shilling"),
-	}
-	p2 := Property{
-		XMLName:  xml.Name{Space: "x:", Local: "spoon"},
-		InnerXML: []byte("runcible"),
-	}
-	p3 := Property{
-		XMLName:  xml.Name{Space: "x:", Local: "moon"},
-		InnerXML: []byte("light"),
-	}
-
-	if err := create("/src"); err != nil {
-		t.Fatalf("create /src: %v", err)
-	}
-	if err := patch("/src", Proppatch{Props: []Property{p0, p1}}); err != nil {
-		t.Fatalf("patch /src +p0 +p1: %v", err)
-	}
-	if _, err := copyFiles(fs, "/src", "/tmp", true, infiniteDepth, 0); err != nil {
-		t.Fatalf("copyFiles /src /tmp: %v", err)
-	}
-	if _, err := moveFiles(fs, "/tmp", "/dst", true); err != nil {
-		t.Fatalf("moveFiles /tmp /dst: %v", err)
-	}
-	if err := patch("/src", Proppatch{Props: []Property{p0}, Remove: true}); err != nil {
-		t.Fatalf("patch /src -p0: %v", err)
-	}
-	if err := patch("/src", Proppatch{Props: []Property{p2}}); err != nil {
-		t.Fatalf("patch /src +p2: %v", err)
-	}
-	if err := patch("/dst", Proppatch{Props: []Property{p1}, Remove: true}); err != nil {
-		t.Fatalf("patch /dst -p1: %v", err)
-	}
-	if err := patch("/dst", Proppatch{Props: []Property{p3}}); err != nil {
-		t.Fatalf("patch /dst +p3: %v", err)
-	}
-
-	gotSrc, err := props("/src")
-	if err != nil {
-		t.Fatalf("props /src: %v", err)
-	}
-	wantSrc := map[xml.Name]Property{
-		p1.XMLName: p1,
-		p2.XMLName: p2,
-	}
-	if !reflect.DeepEqual(gotSrc, wantSrc) {
-		t.Fatalf("props /src:\ngot  %v\nwant %v", gotSrc, wantSrc)
-	}
-
-	gotDst, err := props("/dst")
-	if err != nil {
-		t.Fatalf("props /dst: %v", err)
-	}
-	wantDst := map[xml.Name]Property{
-		p0.XMLName: p0,
-		p3.XMLName: p3,
-	}
-	if !reflect.DeepEqual(gotDst, wantDst) {
-		t.Fatalf("props /dst:\ngot  %v\nwant %v", gotDst, wantDst)
-	}
-}
-
-func TestWalkFS(t *testing.T) {
-	testCases := []struct {
-		desc    string
-		buildfs []string
-		startAt string
-		depth   int
-		walkFn  filepath.WalkFunc
-		want    []string
-	}{{
-		"just root",
-		[]string{},
-		"/",
-		infiniteDepth,
-		nil,
-		[]string{
-			"/",
-		},
-	}, {
-		"infinite walk from root",
-		[]string{
-			"mkdir /a",
-			"mkdir /a/b",
-			"touch /a/b/c",
-			"mkdir /a/d",
-			"mkdir /e",
-			"touch /f",
-		},
-		"/",
-		infiniteDepth,
-		nil,
-		[]string{
-			"/",
-			"/a",
-			"/a/b",
-			"/a/b/c",
-			"/a/d",
-			"/e",
-			"/f",
-		},
-	}, {
-		"infinite walk from subdir",
-		[]string{
-			"mkdir /a",
-			"mkdir /a/b",
-			"touch /a/b/c",
-			"mkdir /a/d",
-			"mkdir /e",
-			"touch /f",
-		},
-		"/a",
-		infiniteDepth,
-		nil,
-		[]string{
-			"/a",
-			"/a/b",
-			"/a/b/c",
-			"/a/d",
-		},
-	}, {
-		"depth 1 walk from root",
-		[]string{
-			"mkdir /a",
-			"mkdir /a/b",
-			"touch /a/b/c",
-			"mkdir /a/d",
-			"mkdir /e",
-			"touch /f",
-		},
-		"/",
-		1,
-		nil,
-		[]string{
-			"/",
-			"/a",
-			"/e",
-			"/f",
-		},
-	}, {
-		"depth 1 walk from subdir",
-		[]string{
-			"mkdir /a",
-			"mkdir /a/b",
-			"touch /a/b/c",
-			"mkdir /a/b/g",
-			"mkdir /a/b/g/h",
-			"touch /a/b/g/i",
-			"touch /a/b/g/h/j",
-		},
-		"/a/b",
-		1,
-		nil,
-		[]string{
-			"/a/b",
-			"/a/b/c",
-			"/a/b/g",
-		},
-	}, {
-		"depth 0 walk from subdir",
-		[]string{
-			"mkdir /a",
-			"mkdir /a/b",
-			"touch /a/b/c",
-			"mkdir /a/b/g",
-			"mkdir /a/b/g/h",
-			"touch /a/b/g/i",
-			"touch /a/b/g/h/j",
-		},
-		"/a/b",
-		0,
-		nil,
-		[]string{
-			"/a/b",
-		},
-	}, {
-		"infinite walk from file",
-		[]string{
-			"mkdir /a",
-			"touch /a/b",
-			"touch /a/c",
-		},
-		"/a/b",
-		0,
-		nil,
-		[]string{
-			"/a/b",
-		},
-	}, {
-		"infinite walk with skipped subdir",
-		[]string{
-			"mkdir /a",
-			"mkdir /a/b",
-			"touch /a/b/c",
-			"mkdir /a/b/g",
-			"mkdir /a/b/g/h",
-			"touch /a/b/g/i",
-			"touch /a/b/g/h/j",
-			"touch /a/b/z",
-		},
-		"/",
-		infiniteDepth,
-		func(path string, info os.FileInfo, err error) error {
-			if path == "/a/b/g" {
-				return filepath.SkipDir
-			}
-			return nil
-		},
-		[]string{
-			"/",
-			"/a",
-			"/a/b",
-			"/a/b/c",
-			"/a/b/z",
-		},
-	}}
-	for _, tc := range testCases {
-		fs, err := buildTestFS(tc.buildfs)
-		if err != nil {
-			t.Fatalf("%s: cannot create test filesystem: %v", tc.desc, err)
-		}
-		var got []string
-		traceFn := func(path string, info os.FileInfo, err error) error {
-			if tc.walkFn != nil {
-				err = tc.walkFn(path, info, err)
-				if err != nil {
-					return err
-				}
-			}
-			got = append(got, path)
-			return nil
-		}
-		fi, err := fs.Stat(tc.startAt)
-		if err != nil {
-			t.Fatalf("%s: cannot stat: %v", tc.desc, err)
-		}
-		err = walkFS(fs, tc.depth, tc.startAt, fi, traceFn)
-		if err != nil {
-			t.Errorf("%s:\ngot error %v, want nil", tc.desc, err)
-			continue
-		}
-		sort.Strings(got)
-		sort.Strings(tc.want)
-		if !reflect.DeepEqual(got, tc.want) {
-			t.Errorf("%s:\ngot  %q\nwant %q", tc.desc, got, tc.want)
-			continue
-		}
-	}
-}
-
-func buildTestFS(buildfs []string) (FileSystem, error) {
-	// TODO: Could this be merged with the build logic in TestFS?
-
-	fs := NewMemFS()
-	for _, b := range buildfs {
-		op := strings.Split(b, " ")
-		switch op[0] {
-		case "mkdir":
-			err := fs.Mkdir(op[1], os.ModeDir|0777)
-			if err != nil {
-				return nil, err
-			}
-		case "touch":
-			f, err := fs.OpenFile(op[1], os.O_RDWR|os.O_CREATE, 0666)
-			if err != nil {
-				return nil, err
-			}
-			f.Close()
-		case "write":
-			f, err := fs.OpenFile(op[1], os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-			if err != nil {
-				return nil, err
-			}
-			_, err = f.Write([]byte(op[2]))
-			f.Close()
-			if err != nil {
-				return nil, err
-			}
-		default:
-			return nil, fmt.Errorf("unknown file operation %q", op[0])
-		}
-	}
-	return fs, nil
-}
diff --git a/vendor/golang.org/x/net/webdav/if.go b/vendor/golang.org/x/net/webdav/if.go
deleted file mode 100644
index 416e81cd..00000000
--- a/vendor/golang.org/x/net/webdav/if.go
+++ /dev/null
@@ -1,173 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-// The If header is covered by Section 10.4.
-// http://www.webdav.org/specs/rfc4918.html#HEADER_If
-
-import (
-	"strings"
-)
-
-// ifHeader is a disjunction (OR) of ifLists.
-type ifHeader struct {
-	lists []ifList
-}
-
-// ifList is a conjunction (AND) of Conditions, and an optional resource tag.
-type ifList struct {
-	resourceTag string
-	conditions  []Condition
-}
-
-// parseIfHeader parses the "If: foo bar" HTTP header. The httpHeader string
-// should omit the "If:" prefix and have any "\r\n"s collapsed to a " ", as is
-// returned by req.Header.Get("If") for a http.Request req.
-func parseIfHeader(httpHeader string) (h ifHeader, ok bool) {
-	s := strings.TrimSpace(httpHeader)
-	switch tokenType, _, _ := lex(s); tokenType {
-	case '(':
-		return parseNoTagLists(s)
-	case angleTokenType:
-		return parseTaggedLists(s)
-	default:
-		return ifHeader{}, false
-	}
-}
-
-func parseNoTagLists(s string) (h ifHeader, ok bool) {
-	for {
-		l, remaining, ok := parseList(s)
-		if !ok {
-			return ifHeader{}, false
-		}
-		h.lists = append(h.lists, l)
-		if remaining == "" {
-			return h, true
-		}
-		s = remaining
-	}
-}
-
-func parseTaggedLists(s string) (h ifHeader, ok bool) {
-	resourceTag, n := "", 0
-	for first := true; ; first = false {
-		tokenType, tokenStr, remaining := lex(s)
-		switch tokenType {
-		case angleTokenType:
-			if !first && n == 0 {
-				return ifHeader{}, false
-			}
-			resourceTag, n = tokenStr, 0
-			s = remaining
-		case '(':
-			n++
-			l, remaining, ok := parseList(s)
-			if !ok {
-				return ifHeader{}, false
-			}
-			l.resourceTag = resourceTag
-			h.lists = append(h.lists, l)
-			if remaining == "" {
-				return h, true
-			}
-			s = remaining
-		default:
-			return ifHeader{}, false
-		}
-	}
-}
-
-func parseList(s string) (l ifList, remaining string, ok bool) {
-	tokenType, _, s := lex(s)
-	if tokenType != '(' {
-		return ifList{}, "", false
-	}
-	for {
-		tokenType, _, remaining = lex(s)
-		if tokenType == ')' {
-			if len(l.conditions) == 0 {
-				return ifList{}, "", false
-			}
-			return l, remaining, true
-		}
-		c, remaining, ok := parseCondition(s)
-		if !ok {
-			return ifList{}, "", false
-		}
-		l.conditions = append(l.conditions, c)
-		s = remaining
-	}
-}
-
-func parseCondition(s string) (c Condition, remaining string, ok bool) {
-	tokenType, tokenStr, s := lex(s)
-	if tokenType == notTokenType {
-		c.Not = true
-		tokenType, tokenStr, s = lex(s)
-	}
-	switch tokenType {
-	case strTokenType, angleTokenType:
-		c.Token = tokenStr
-	case squareTokenType:
-		c.ETag = tokenStr
-	default:
-		return Condition{}, "", false
-	}
-	return c, s, true
-}
-
-// Single-rune tokens like '(' or ')' have a token type equal to their rune.
-// All other tokens have a negative token type.
-const (
-	errTokenType    = rune(-1)
-	eofTokenType    = rune(-2)
-	strTokenType    = rune(-3)
-	notTokenType    = rune(-4)
-	angleTokenType  = rune(-5)
-	squareTokenType = rune(-6)
-)
-
-func lex(s string) (tokenType rune, tokenStr string, remaining string) {
-	// The net/textproto Reader that parses the HTTP header will collapse
-	// Linear White Space that spans multiple "\r\n" lines to a single " ",
-	// so we don't need to look for '\r' or '\n'.
-	for len(s) > 0 && (s[0] == '\t' || s[0] == ' ') {
-		s = s[1:]
-	}
-	if len(s) == 0 {
-		return eofTokenType, "", ""
-	}
-	i := 0
-loop:
-	for ; i < len(s); i++ {
-		switch s[i] {
-		case '\t', ' ', '(', ')', '<', '>', '[', ']':
-			break loop
-		}
-	}
-
-	if i != 0 {
-		tokenStr, remaining = s[:i], s[i:]
-		if tokenStr == "Not" {
-			return notTokenType, "", remaining
-		}
-		return strTokenType, tokenStr, remaining
-	}
-
-	j := 0
-	switch s[0] {
-	case '<':
-		j, tokenType = strings.IndexByte(s, '>'), angleTokenType
-	case '[':
-		j, tokenType = strings.IndexByte(s, ']'), squareTokenType
-	default:
-		return rune(s[0]), "", s[1:]
-	}
-	if j < 0 {
-		return errTokenType, "", ""
-	}
-	return tokenType, s[1:j], s[j+1:]
-}
diff --git a/vendor/golang.org/x/net/webdav/if_test.go b/vendor/golang.org/x/net/webdav/if_test.go
deleted file mode 100644
index aad61a40..00000000
--- a/vendor/golang.org/x/net/webdav/if_test.go
+++ /dev/null
@@ -1,322 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"reflect"
-	"strings"
-	"testing"
-)
-
-func TestParseIfHeader(t *testing.T) {
-	// The "section x.y.z" test cases come from section x.y.z of the spec at
-	// http://www.webdav.org/specs/rfc4918.html
-	testCases := []struct {
-		desc  string
-		input string
-		want  ifHeader
-	}{{
-		"bad: empty",
-		``,
-		ifHeader{},
-	}, {
-		"bad: no parens",
-		`foobar`,
-		ifHeader{},
-	}, {
-		"bad: empty list #1",
-		`()`,
-		ifHeader{},
-	}, {
-		"bad: empty list #2",
-		`(a) (b c) () (d)`,
-		ifHeader{},
-	}, {
-		"bad: no list after resource #1",
-		``,
-		ifHeader{},
-	}, {
-		"bad: no list after resource #2",
-		`  (a)`,
-		ifHeader{},
-	}, {
-		"bad: no list after resource #3",
-		` (a) (b) `,
-		ifHeader{},
-	}, {
-		"bad: no-tag-list followed by tagged-list",
-		`(a) (b)  (c)`,
-		ifHeader{},
-	}, {
-		"bad: unfinished list",
-		`(a`,
-		ifHeader{},
-	}, {
-		"bad: unfinished ETag",
-		`([b`,
-		ifHeader{},
-	}, {
-		"bad: unfinished Notted list",
-		`(Not a`,
-		ifHeader{},
-	}, {
-		"bad: double Not",
-		`(Not Not a)`,
-		ifHeader{},
-	}, {
-		"good: one list with a Token",
-		`(a)`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `a`,
-				}},
-			}},
-		},
-	}, {
-		"good: one list with an ETag",
-		`([a])`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					ETag: `a`,
-				}},
-			}},
-		},
-	}, {
-		"good: one list with three Nots",
-		`(Not a Not b Not [d])`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Not:   true,
-					Token: `a`,
-				}, {
-					Not:   true,
-					Token: `b`,
-				}, {
-					Not:  true,
-					ETag: `d`,
-				}},
-			}},
-		},
-	}, {
-		"good: two lists",
-		`(a) (b)`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `a`,
-				}},
-			}, {
-				conditions: []Condition{{
-					Token: `b`,
-				}},
-			}},
-		},
-	}, {
-		"good: two Notted lists",
-		`(Not a) (Not b)`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Not:   true,
-					Token: `a`,
-				}},
-			}, {
-				conditions: []Condition{{
-					Not:   true,
-					Token: `b`,
-				}},
-			}},
-		},
-	}, {
-		"section 7.5.1",
-		` 
-			()`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `http://www.example.com/users/f/fielding/index.html`,
-				conditions: []Condition{{
-					Token: `urn:uuid:f81d4fae-7dec-11d0-a765-00a0c91e6bf6`,
-				}},
-			}},
-		},
-	}, {
-		"section 7.5.2 #1",
-		`()`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `urn:uuid:150852e2-3847-42d5-8cbe-0f4f296f26cf`,
-				}},
-			}},
-		},
-	}, {
-		"section 7.5.2 #2",
-		`
-			()`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `http://example.com/locked/`,
-				conditions: []Condition{{
-					Token: `urn:uuid:150852e2-3847-42d5-8cbe-0f4f296f26cf`,
-				}},
-			}},
-		},
-	}, {
-		"section 7.5.2 #3",
-		`
-			()`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `http://example.com/locked/member`,
-				conditions: []Condition{{
-					Token: `urn:uuid:150852e2-3847-42d5-8cbe-0f4f296f26cf`,
-				}},
-			}},
-		},
-	}, {
-		"section 9.9.6",
-		`() 
-			()`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `urn:uuid:fe184f2e-6eec-41d0-c765-01adc56e6bb4`,
-				}},
-			}, {
-				conditions: []Condition{{
-					Token: `urn:uuid:e454f3f3-acdc-452a-56c7-00a5c91e4b77`,
-				}},
-			}},
-		},
-	}, {
-		"section 9.10.8",
-		`()`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `urn:uuid:e71d4fae-5dec-22d6-fea5-00a0c91e6be4`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.6",
-		`( 
-			["I am an ETag"])
-			(["I am another ETag"])`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `urn:uuid:181d4fae-7d8c-11d0-a765-00a0c91e6bf2`,
-				}, {
-					ETag: `"I am an ETag"`,
-				}},
-			}, {
-				conditions: []Condition{{
-					ETag: `"I am another ETag"`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.7",
-		`(Not  
-			)`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Not:   true,
-					Token: `urn:uuid:181d4fae-7d8c-11d0-a765-00a0c91e6bf2`,
-				}, {
-					Token: `urn:uuid:58f202ac-22cf-11d1-b12d-002035b29092`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.8",
-		`() 
-			(Not )`,
-		ifHeader{
-			lists: []ifList{{
-				conditions: []Condition{{
-					Token: `urn:uuid:181d4fae-7d8c-11d0-a765-00a0c91e6bf2`,
-				}},
-			}, {
-				conditions: []Condition{{
-					Not:   true,
-					Token: `DAV:no-lock`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.9",
-		` 
-			( 
-			[W/"A weak ETag"]) (["strong ETag"])`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `/resource1`,
-				conditions: []Condition{{
-					Token: `urn:uuid:181d4fae-7d8c-11d0-a765-00a0c91e6bf2`,
-				}, {
-					ETag: `W/"A weak ETag"`,
-				}},
-			}, {
-				resourceTag: `/resource1`,
-				conditions: []Condition{{
-					ETag: `"strong ETag"`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.10",
-		` 
-			()`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `http://www.example.com/specs/`,
-				conditions: []Condition{{
-					Token: `urn:uuid:181d4fae-7d8c-11d0-a765-00a0c91e6bf2`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.11 #1",
-		` (["4217"])`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `/specs/rfc2518.doc`,
-				conditions: []Condition{{
-					ETag: `"4217"`,
-				}},
-			}},
-		},
-	}, {
-		"section 10.4.11 #2",
-		` (Not ["4217"])`,
-		ifHeader{
-			lists: []ifList{{
-				resourceTag: `/specs/rfc2518.doc`,
-				conditions: []Condition{{
-					Not:  true,
-					ETag: `"4217"`,
-				}},
-			}},
-		},
-	}}
-
-	for _, tc := range testCases {
-		got, ok := parseIfHeader(strings.Replace(tc.input, "\n", "", -1))
-		if gotEmpty := reflect.DeepEqual(got, ifHeader{}); gotEmpty == ok {
-			t.Errorf("%s: should be different: empty header == %t, ok == %t", tc.desc, gotEmpty, ok)
-			continue
-		}
-		if !reflect.DeepEqual(got, tc.want) {
-			t.Errorf("%s:\ngot  %v\nwant %v", tc.desc, got, tc.want)
-			continue
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/README b/vendor/golang.org/x/net/webdav/internal/xml/README
deleted file mode 100644
index 89656f48..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/README
+++ /dev/null
@@ -1,11 +0,0 @@
-This is a fork of the encoding/xml package at ca1d6c4, the last commit before
-https://go.googlesource.com/go/+/c0d6d33 "encoding/xml: restore Go 1.4 name
-space behavior" made late in the lead-up to the Go 1.5 release.
-
-The list of encoding/xml changes is at
-https://go.googlesource.com/go/+log/master/src/encoding/xml
-
-This fork is temporary, and I (nigeltao) expect to revert it after Go 1.6 is
-released.
-
-See http://golang.org/issue/11841
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/atom_test.go b/vendor/golang.org/x/net/webdav/internal/xml/atom_test.go
deleted file mode 100644
index a7128431..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/atom_test.go
+++ /dev/null
@@ -1,56 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml
-
-import "time"
-
-var atomValue = &Feed{
-	XMLName: Name{"http://www.w3.org/2005/Atom", "feed"},
-	Title:   "Example Feed",
-	Link:    []Link{{Href: "http://example.org/"}},
-	Updated: ParseTime("2003-12-13T18:30:02Z"),
-	Author:  Person{Name: "John Doe"},
-	Id:      "urn:uuid:60a76c80-d399-11d9-b93C-0003939e0af6",
-
-	Entry: []Entry{
-		{
-			Title:   "Atom-Powered Robots Run Amok",
-			Link:    []Link{{Href: "http://example.org/2003/12/13/atom03"}},
-			Id:      "urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a",
-			Updated: ParseTime("2003-12-13T18:30:02Z"),
-			Summary: NewText("Some text."),
-		},
-	},
-}
-
-var atomXml = `` +
-	`` +
-	`Example Feed` +
-	`urn:uuid:60a76c80-d399-11d9-b93C-0003939e0af6` +
-	`` +
-	`John Doe` +
-	`` +
-	`Atom-Powered Robots Run Amok` +
-	`urn:uuid:1225c695-cfb8-4ebb-aaaa-80da344efa6a` +
-	`` +
-	`2003-12-13T18:30:02Z` +
-	`` +
-	`Some text.` +
-	`` +
-	``
-
-func ParseTime(str string) time.Time {
-	t, err := time.Parse(time.RFC3339, str)
-	if err != nil {
-		panic(err)
-	}
-	return t
-}
-
-func NewText(text string) Text {
-	return Text{
-		Body: text,
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/example_test.go b/vendor/golang.org/x/net/webdav/internal/xml/example_test.go
deleted file mode 100644
index becedd58..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/example_test.go
+++ /dev/null
@@ -1,151 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml_test
-
-import (
-	"encoding/xml"
-	"fmt"
-	"os"
-)
-
-func ExampleMarshalIndent() {
-	type Address struct {
-		City, State string
-	}
-	type Person struct {
-		XMLName   xml.Name `xml:"person"`
-		Id        int      `xml:"id,attr"`
-		FirstName string   `xml:"name>first"`
-		LastName  string   `xml:"name>last"`
-		Age       int      `xml:"age"`
-		Height    float32  `xml:"height,omitempty"`
-		Married   bool
-		Address
-		Comment string `xml:",comment"`
-	}
-
-	v := &Person{Id: 13, FirstName: "John", LastName: "Doe", Age: 42}
-	v.Comment = " Need more details. "
-	v.Address = Address{"Hanga Roa", "Easter Island"}
-
-	output, err := xml.MarshalIndent(v, "  ", "    ")
-	if err != nil {
-		fmt.Printf("error: %v\n", err)
-	}
-
-	os.Stdout.Write(output)
-	// Output:
-	//   
-	//       
-	//           John
-	//           Doe
-	//       
-	//       42
-	//       false
-	//       Hanga Roa
-	//       Easter Island
-	//       
-	//   
-}
-
-func ExampleEncoder() {
-	type Address struct {
-		City, State string
-	}
-	type Person struct {
-		XMLName   xml.Name `xml:"person"`
-		Id        int      `xml:"id,attr"`
-		FirstName string   `xml:"name>first"`
-		LastName  string   `xml:"name>last"`
-		Age       int      `xml:"age"`
-		Height    float32  `xml:"height,omitempty"`
-		Married   bool
-		Address
-		Comment string `xml:",comment"`
-	}
-
-	v := &Person{Id: 13, FirstName: "John", LastName: "Doe", Age: 42}
-	v.Comment = " Need more details. "
-	v.Address = Address{"Hanga Roa", "Easter Island"}
-
-	enc := xml.NewEncoder(os.Stdout)
-	enc.Indent("  ", "    ")
-	if err := enc.Encode(v); err != nil {
-		fmt.Printf("error: %v\n", err)
-	}
-
-	// Output:
-	//   
-	//       
-	//           John
-	//           Doe
-	//       
-	//       42
-	//       false
-	//       Hanga Roa
-	//       Easter Island
-	//       
-	//   
-}
-
-// This example demonstrates unmarshaling an XML excerpt into a value with
-// some preset fields. Note that the Phone field isn't modified and that
-// the XML  element is ignored. Also, the Groups field is assigned
-// considering the element path provided in its tag.
-func ExampleUnmarshal() {
-	type Email struct {
-		Where string `xml:"where,attr"`
-		Addr  string
-	}
-	type Address struct {
-		City, State string
-	}
-	type Result struct {
-		XMLName xml.Name `xml:"Person"`
-		Name    string   `xml:"FullName"`
-		Phone   string
-		Email   []Email
-		Groups  []string `xml:"Group>Value"`
-		Address
-	}
-	v := Result{Name: "none", Phone: "none"}
-
-	data := `
-		
-			Grace R. Emlin
-			Example Inc.
-			
-				gre@example.com
-			
-			
-				gre@work.com
-			
-			
-				Friends
-				Squash
-			
-			Hanga Roa
-			Easter Island
-		
-	`
-	err := xml.Unmarshal([]byte(data), &v)
-	if err != nil {
-		fmt.Printf("error: %v", err)
-		return
-	}
-	fmt.Printf("XMLName: %#v\n", v.XMLName)
-	fmt.Printf("Name: %q\n", v.Name)
-	fmt.Printf("Phone: %q\n", v.Phone)
-	fmt.Printf("Email: %v\n", v.Email)
-	fmt.Printf("Groups: %v\n", v.Groups)
-	fmt.Printf("Address: %v\n", v.Address)
-	// Output:
-	// XMLName: xml.Name{Space:"", Local:"Person"}
-	// Name: "Grace R. Emlin"
-	// Phone: "none"
-	// Email: [{home gre@example.com} {work gre@work.com}]
-	// Groups: [Friends Squash]
-	// Address: {Hanga Roa Easter Island}
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/marshal.go b/vendor/golang.org/x/net/webdav/internal/xml/marshal.go
deleted file mode 100644
index 3c3b6aca..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/marshal.go
+++ /dev/null
@@ -1,1223 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml
-
-import (
-	"bufio"
-	"bytes"
-	"encoding"
-	"fmt"
-	"io"
-	"reflect"
-	"strconv"
-	"strings"
-)
-
-const (
-	// A generic XML header suitable for use with the output of Marshal.
-	// This is not automatically added to any output of this package,
-	// it is provided as a convenience.
-	Header = `` + "\n"
-)
-
-// Marshal returns the XML encoding of v.
-//
-// Marshal handles an array or slice by marshalling each of the elements.
-// Marshal handles a pointer by marshalling the value it points at or, if the
-// pointer is nil, by writing nothing.  Marshal handles an interface value by
-// marshalling the value it contains or, if the interface value is nil, by
-// writing nothing.  Marshal handles all other data by writing one or more XML
-// elements containing the data.
-//
-// The name for the XML elements is taken from, in order of preference:
-//     - the tag on the XMLName field, if the data is a struct
-//     - the value of the XMLName field of type xml.Name
-//     - the tag of the struct field used to obtain the data
-//     - the name of the struct field used to obtain the data
-//     - the name of the marshalled type
-//
-// The XML element for a struct contains marshalled elements for each of the
-// exported fields of the struct, with these exceptions:
-//     - the XMLName field, described above, is omitted.
-//     - a field with tag "-" is omitted.
-//     - a field with tag "name,attr" becomes an attribute with
-//       the given name in the XML element.
-//     - a field with tag ",attr" becomes an attribute with the
-//       field name in the XML element.
-//     - a field with tag ",chardata" is written as character data,
-//       not as an XML element.
-//     - a field with tag ",innerxml" is written verbatim, not subject
-//       to the usual marshalling procedure.
-//     - a field with tag ",comment" is written as an XML comment, not
-//       subject to the usual marshalling procedure. It must not contain
-//       the "--" string within it.
-//     - a field with a tag including the "omitempty" option is omitted
-//       if the field value is empty. The empty values are false, 0, any
-//       nil pointer or interface value, and any array, slice, map, or
-//       string of length zero.
-//     - an anonymous struct field is handled as if the fields of its
-//       value were part of the outer struct.
-//
-// If a field uses a tag "a>b>c", then the element c will be nested inside
-// parent elements a and b.  Fields that appear next to each other that name
-// the same parent will be enclosed in one XML element.
-//
-// See MarshalIndent for an example.
-//
-// Marshal will return an error if asked to marshal a channel, function, or map.
-func Marshal(v interface{}) ([]byte, error) {
-	var b bytes.Buffer
-	if err := NewEncoder(&b).Encode(v); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
-
-// Marshaler is the interface implemented by objects that can marshal
-// themselves into valid XML elements.
-//
-// MarshalXML encodes the receiver as zero or more XML elements.
-// By convention, arrays or slices are typically encoded as a sequence
-// of elements, one per entry.
-// Using start as the element tag is not required, but doing so
-// will enable Unmarshal to match the XML elements to the correct
-// struct field.
-// One common implementation strategy is to construct a separate
-// value with a layout corresponding to the desired XML and then
-// to encode it using e.EncodeElement.
-// Another common strategy is to use repeated calls to e.EncodeToken
-// to generate the XML output one token at a time.
-// The sequence of encoded tokens must make up zero or more valid
-// XML elements.
-type Marshaler interface {
-	MarshalXML(e *Encoder, start StartElement) error
-}
-
-// MarshalerAttr is the interface implemented by objects that can marshal
-// themselves into valid XML attributes.
-//
-// MarshalXMLAttr returns an XML attribute with the encoded value of the receiver.
-// Using name as the attribute name is not required, but doing so
-// will enable Unmarshal to match the attribute to the correct
-// struct field.
-// If MarshalXMLAttr returns the zero attribute Attr{}, no attribute
-// will be generated in the output.
-// MarshalXMLAttr is used only for struct fields with the
-// "attr" option in the field tag.
-type MarshalerAttr interface {
-	MarshalXMLAttr(name Name) (Attr, error)
-}
-
-// MarshalIndent works like Marshal, but each XML element begins on a new
-// indented line that starts with prefix and is followed by one or more
-// copies of indent according to the nesting depth.
-func MarshalIndent(v interface{}, prefix, indent string) ([]byte, error) {
-	var b bytes.Buffer
-	enc := NewEncoder(&b)
-	enc.Indent(prefix, indent)
-	if err := enc.Encode(v); err != nil {
-		return nil, err
-	}
-	return b.Bytes(), nil
-}
-
-// An Encoder writes XML data to an output stream.
-type Encoder struct {
-	p printer
-}
-
-// NewEncoder returns a new encoder that writes to w.
-func NewEncoder(w io.Writer) *Encoder {
-	e := &Encoder{printer{Writer: bufio.NewWriter(w)}}
-	e.p.encoder = e
-	return e
-}
-
-// Indent sets the encoder to generate XML in which each element
-// begins on a new indented line that starts with prefix and is followed by
-// one or more copies of indent according to the nesting depth.
-func (enc *Encoder) Indent(prefix, indent string) {
-	enc.p.prefix = prefix
-	enc.p.indent = indent
-}
-
-// Encode writes the XML encoding of v to the stream.
-//
-// See the documentation for Marshal for details about the conversion
-// of Go values to XML.
-//
-// Encode calls Flush before returning.
-func (enc *Encoder) Encode(v interface{}) error {
-	err := enc.p.marshalValue(reflect.ValueOf(v), nil, nil)
-	if err != nil {
-		return err
-	}
-	return enc.p.Flush()
-}
-
-// EncodeElement writes the XML encoding of v to the stream,
-// using start as the outermost tag in the encoding.
-//
-// See the documentation for Marshal for details about the conversion
-// of Go values to XML.
-//
-// EncodeElement calls Flush before returning.
-func (enc *Encoder) EncodeElement(v interface{}, start StartElement) error {
-	err := enc.p.marshalValue(reflect.ValueOf(v), nil, &start)
-	if err != nil {
-		return err
-	}
-	return enc.p.Flush()
-}
-
-var (
-	begComment   = []byte("")
-	endProcInst  = []byte("?>")
-	endDirective = []byte(">")
-)
-
-// EncodeToken writes the given XML token to the stream.
-// It returns an error if StartElement and EndElement tokens are not
-// properly matched.
-//
-// EncodeToken does not call Flush, because usually it is part of a
-// larger operation such as Encode or EncodeElement (or a custom
-// Marshaler's MarshalXML invoked during those), and those will call
-// Flush when finished. Callers that create an Encoder and then invoke
-// EncodeToken directly, without using Encode or EncodeElement, need to
-// call Flush when finished to ensure that the XML is written to the
-// underlying writer.
-//
-// EncodeToken allows writing a ProcInst with Target set to "xml" only
-// as the first token in the stream.
-//
-// When encoding a StartElement holding an XML namespace prefix
-// declaration for a prefix that is not already declared, contained
-// elements (including the StartElement itself) will use the declared
-// prefix when encoding names with matching namespace URIs.
-func (enc *Encoder) EncodeToken(t Token) error {
-
-	p := &enc.p
-	switch t := t.(type) {
-	case StartElement:
-		if err := p.writeStart(&t); err != nil {
-			return err
-		}
-	case EndElement:
-		if err := p.writeEnd(t.Name); err != nil {
-			return err
-		}
-	case CharData:
-		escapeText(p, t, false)
-	case Comment:
-		if bytes.Contains(t, endComment) {
-			return fmt.Errorf("xml: EncodeToken of Comment containing --> marker")
-		}
-		p.WriteString("")
-		return p.cachedWriteError()
-	case ProcInst:
-		// First token to be encoded which is also a ProcInst with target of xml
-		// is the xml declaration.  The only ProcInst where target of xml is allowed.
-		if t.Target == "xml" && p.Buffered() != 0 {
-			return fmt.Errorf("xml: EncodeToken of ProcInst xml target only valid for xml declaration, first token encoded")
-		}
-		if !isNameString(t.Target) {
-			return fmt.Errorf("xml: EncodeToken of ProcInst with invalid Target")
-		}
-		if bytes.Contains(t.Inst, endProcInst) {
-			return fmt.Errorf("xml: EncodeToken of ProcInst containing ?> marker")
-		}
-		p.WriteString(" 0 {
-			p.WriteByte(' ')
-			p.Write(t.Inst)
-		}
-		p.WriteString("?>")
-	case Directive:
-		if !isValidDirective(t) {
-			return fmt.Errorf("xml: EncodeToken of Directive containing wrong < or > markers")
-		}
-		p.WriteString("")
-	default:
-		return fmt.Errorf("xml: EncodeToken of invalid token type")
-
-	}
-	return p.cachedWriteError()
-}
-
-// isValidDirective reports whether dir is a valid directive text,
-// meaning angle brackets are matched, ignoring comments and strings.
-func isValidDirective(dir Directive) bool {
-	var (
-		depth     int
-		inquote   uint8
-		incomment bool
-	)
-	for i, c := range dir {
-		switch {
-		case incomment:
-			if c == '>' {
-				if n := 1 + i - len(endComment); n >= 0 && bytes.Equal(dir[n:i+1], endComment) {
-					incomment = false
-				}
-			}
-			// Just ignore anything in comment
-		case inquote != 0:
-			if c == inquote {
-				inquote = 0
-			}
-			// Just ignore anything within quotes
-		case c == '\'' || c == '"':
-			inquote = c
-		case c == '<':
-			if i+len(begComment) < len(dir) && bytes.Equal(dir[i:i+len(begComment)], begComment) {
-				incomment = true
-			} else {
-				depth++
-			}
-		case c == '>':
-			if depth == 0 {
-				return false
-			}
-			depth--
-		}
-	}
-	return depth == 0 && inquote == 0 && !incomment
-}
-
-// Flush flushes any buffered XML to the underlying writer.
-// See the EncodeToken documentation for details about when it is necessary.
-func (enc *Encoder) Flush() error {
-	return enc.p.Flush()
-}
-
-type printer struct {
-	*bufio.Writer
-	encoder    *Encoder
-	seq        int
-	indent     string
-	prefix     string
-	depth      int
-	indentedIn bool
-	putNewline bool
-	defaultNS  string
-	attrNS     map[string]string // map prefix -> name space
-	attrPrefix map[string]string // map name space -> prefix
-	prefixes   []printerPrefix
-	tags       []Name
-}
-
-// printerPrefix holds a namespace undo record.
-// When an element is popped, the prefix record
-// is set back to the recorded URL. The empty
-// prefix records the URL for the default name space.
-//
-// The start of an element is recorded with an element
-// that has mark=true.
-type printerPrefix struct {
-	prefix string
-	url    string
-	mark   bool
-}
-
-func (p *printer) prefixForNS(url string, isAttr bool) string {
-	// The "http://www.w3.org/XML/1998/namespace" name space is predefined as "xml"
-	// and must be referred to that way.
-	// (The "http://www.w3.org/2000/xmlns/" name space is also predefined as "xmlns",
-	// but users should not be trying to use that one directly - that's our job.)
-	if url == xmlURL {
-		return "xml"
-	}
-	if !isAttr && url == p.defaultNS {
-		// We can use the default name space.
-		return ""
-	}
-	return p.attrPrefix[url]
-}
-
-// defineNS pushes any namespace definition found in the given attribute.
-// If ignoreNonEmptyDefault is true, an xmlns="nonempty"
-// attribute will be ignored.
-func (p *printer) defineNS(attr Attr, ignoreNonEmptyDefault bool) error {
-	var prefix string
-	if attr.Name.Local == "xmlns" {
-		if attr.Name.Space != "" && attr.Name.Space != "xml" && attr.Name.Space != xmlURL {
-			return fmt.Errorf("xml: cannot redefine xmlns attribute prefix")
-		}
-	} else if attr.Name.Space == "xmlns" && attr.Name.Local != "" {
-		prefix = attr.Name.Local
-		if attr.Value == "" {
-			// Technically, an empty XML namespace is allowed for an attribute.
-			// From http://www.w3.org/TR/xml-names11/#scoping-defaulting:
-			//
-			// 	The attribute value in a namespace declaration for a prefix may be
-			//	empty. This has the effect, within the scope of the declaration, of removing
-			//	any association of the prefix with a namespace name.
-			//
-			// However our namespace prefixes here are used only as hints. There's
-			// no need to respect the removal of a namespace prefix, so we ignore it.
-			return nil
-		}
-	} else {
-		// Ignore: it's not a namespace definition
-		return nil
-	}
-	if prefix == "" {
-		if attr.Value == p.defaultNS {
-			// No need for redefinition.
-			return nil
-		}
-		if attr.Value != "" && ignoreNonEmptyDefault {
-			// We have an xmlns="..." value but
-			// it can't define a name space in this context,
-			// probably because the element has an empty
-			// name space. In this case, we just ignore
-			// the name space declaration.
-			return nil
-		}
-	} else if _, ok := p.attrPrefix[attr.Value]; ok {
-		// There's already a prefix for the given name space,
-		// so use that. This prevents us from
-		// having two prefixes for the same name space
-		// so attrNS and attrPrefix can remain bijective.
-		return nil
-	}
-	p.pushPrefix(prefix, attr.Value)
-	return nil
-}
-
-// createNSPrefix creates a name space prefix attribute
-// to use for the given name space, defining a new prefix
-// if necessary.
-// If isAttr is true, the prefix is to be created for an attribute
-// prefix, which means that the default name space cannot
-// be used.
-func (p *printer) createNSPrefix(url string, isAttr bool) {
-	if _, ok := p.attrPrefix[url]; ok {
-		// We already have a prefix for the given URL.
-		return
-	}
-	switch {
-	case !isAttr && url == p.defaultNS:
-		// We can use the default name space.
-		return
-	case url == "":
-		// The only way we can encode names in the empty
-		// name space is by using the default name space,
-		// so we must use that.
-		if p.defaultNS != "" {
-			// The default namespace is non-empty, so we
-			// need to set it to empty.
-			p.pushPrefix("", "")
-		}
-		return
-	case url == xmlURL:
-		return
-	}
-	// TODO If the URL is an existing prefix, we could
-	// use it as is. That would enable the
-	// marshaling of elements that had been unmarshaled
-	// and with a name space prefix that was not found.
-	// although technically it would be incorrect.
-
-	// Pick a name. We try to use the final element of the path
-	// but fall back to _.
-	prefix := strings.TrimRight(url, "/")
-	if i := strings.LastIndex(prefix, "/"); i >= 0 {
-		prefix = prefix[i+1:]
-	}
-	if prefix == "" || !isName([]byte(prefix)) || strings.Contains(prefix, ":") {
-		prefix = "_"
-	}
-	if strings.HasPrefix(prefix, "xml") {
-		// xmlanything is reserved.
-		prefix = "_" + prefix
-	}
-	if p.attrNS[prefix] != "" {
-		// Name is taken. Find a better one.
-		for p.seq++; ; p.seq++ {
-			if id := prefix + "_" + strconv.Itoa(p.seq); p.attrNS[id] == "" {
-				prefix = id
-				break
-			}
-		}
-	}
-
-	p.pushPrefix(prefix, url)
-}
-
-// writeNamespaces writes xmlns attributes for all the
-// namespace prefixes that have been defined in
-// the current element.
-func (p *printer) writeNamespaces() {
-	for i := len(p.prefixes) - 1; i >= 0; i-- {
-		prefix := p.prefixes[i]
-		if prefix.mark {
-			return
-		}
-		p.WriteString(" ")
-		if prefix.prefix == "" {
-			// Default name space.
-			p.WriteString(`xmlns="`)
-		} else {
-			p.WriteString("xmlns:")
-			p.WriteString(prefix.prefix)
-			p.WriteString(`="`)
-		}
-		EscapeText(p, []byte(p.nsForPrefix(prefix.prefix)))
-		p.WriteString(`"`)
-	}
-}
-
-// pushPrefix pushes a new prefix on the prefix stack
-// without checking to see if it is already defined.
-func (p *printer) pushPrefix(prefix, url string) {
-	p.prefixes = append(p.prefixes, printerPrefix{
-		prefix: prefix,
-		url:    p.nsForPrefix(prefix),
-	})
-	p.setAttrPrefix(prefix, url)
-}
-
-// nsForPrefix returns the name space for the given
-// prefix. Note that this is not valid for the
-// empty attribute prefix, which always has an empty
-// name space.
-func (p *printer) nsForPrefix(prefix string) string {
-	if prefix == "" {
-		return p.defaultNS
-	}
-	return p.attrNS[prefix]
-}
-
-// markPrefix marks the start of an element on the prefix
-// stack.
-func (p *printer) markPrefix() {
-	p.prefixes = append(p.prefixes, printerPrefix{
-		mark: true,
-	})
-}
-
-// popPrefix pops all defined prefixes for the current
-// element.
-func (p *printer) popPrefix() {
-	for len(p.prefixes) > 0 {
-		prefix := p.prefixes[len(p.prefixes)-1]
-		p.prefixes = p.prefixes[:len(p.prefixes)-1]
-		if prefix.mark {
-			break
-		}
-		p.setAttrPrefix(prefix.prefix, prefix.url)
-	}
-}
-
-// setAttrPrefix sets an attribute name space prefix.
-// If url is empty, the attribute is removed.
-// If prefix is empty, the default name space is set.
-func (p *printer) setAttrPrefix(prefix, url string) {
-	if prefix == "" {
-		p.defaultNS = url
-		return
-	}
-	if url == "" {
-		delete(p.attrPrefix, p.attrNS[prefix])
-		delete(p.attrNS, prefix)
-		return
-	}
-	if p.attrPrefix == nil {
-		// Need to define a new name space.
-		p.attrPrefix = make(map[string]string)
-		p.attrNS = make(map[string]string)
-	}
-	// Remove any old prefix value. This is OK because we maintain a
-	// strict one-to-one mapping between prefix and URL (see
-	// defineNS)
-	delete(p.attrPrefix, p.attrNS[prefix])
-	p.attrPrefix[url] = prefix
-	p.attrNS[prefix] = url
-}
-
-var (
-	marshalerType     = reflect.TypeOf((*Marshaler)(nil)).Elem()
-	marshalerAttrType = reflect.TypeOf((*MarshalerAttr)(nil)).Elem()
-	textMarshalerType = reflect.TypeOf((*encoding.TextMarshaler)(nil)).Elem()
-)
-
-// marshalValue writes one or more XML elements representing val.
-// If val was obtained from a struct field, finfo must have its details.
-func (p *printer) marshalValue(val reflect.Value, finfo *fieldInfo, startTemplate *StartElement) error {
-	if startTemplate != nil && startTemplate.Name.Local == "" {
-		return fmt.Errorf("xml: EncodeElement of StartElement with missing name")
-	}
-
-	if !val.IsValid() {
-		return nil
-	}
-	if finfo != nil && finfo.flags&fOmitEmpty != 0 && isEmptyValue(val) {
-		return nil
-	}
-
-	// Drill into interfaces and pointers.
-	// This can turn into an infinite loop given a cyclic chain,
-	// but it matches the Go 1 behavior.
-	for val.Kind() == reflect.Interface || val.Kind() == reflect.Ptr {
-		if val.IsNil() {
-			return nil
-		}
-		val = val.Elem()
-	}
-
-	kind := val.Kind()
-	typ := val.Type()
-
-	// Check for marshaler.
-	if val.CanInterface() && typ.Implements(marshalerType) {
-		return p.marshalInterface(val.Interface().(Marshaler), p.defaultStart(typ, finfo, startTemplate))
-	}
-	if val.CanAddr() {
-		pv := val.Addr()
-		if pv.CanInterface() && pv.Type().Implements(marshalerType) {
-			return p.marshalInterface(pv.Interface().(Marshaler), p.defaultStart(pv.Type(), finfo, startTemplate))
-		}
-	}
-
-	// Check for text marshaler.
-	if val.CanInterface() && typ.Implements(textMarshalerType) {
-		return p.marshalTextInterface(val.Interface().(encoding.TextMarshaler), p.defaultStart(typ, finfo, startTemplate))
-	}
-	if val.CanAddr() {
-		pv := val.Addr()
-		if pv.CanInterface() && pv.Type().Implements(textMarshalerType) {
-			return p.marshalTextInterface(pv.Interface().(encoding.TextMarshaler), p.defaultStart(pv.Type(), finfo, startTemplate))
-		}
-	}
-
-	// Slices and arrays iterate over the elements. They do not have an enclosing tag.
-	if (kind == reflect.Slice || kind == reflect.Array) && typ.Elem().Kind() != reflect.Uint8 {
-		for i, n := 0, val.Len(); i < n; i++ {
-			if err := p.marshalValue(val.Index(i), finfo, startTemplate); err != nil {
-				return err
-			}
-		}
-		return nil
-	}
-
-	tinfo, err := getTypeInfo(typ)
-	if err != nil {
-		return err
-	}
-
-	// Create start element.
-	// Precedence for the XML element name is:
-	// 0. startTemplate
-	// 1. XMLName field in underlying struct;
-	// 2. field name/tag in the struct field; and
-	// 3. type name
-	var start StartElement
-
-	// explicitNS records whether the element's name space has been
-	// explicitly set (for example an XMLName field).
-	explicitNS := false
-
-	if startTemplate != nil {
-		start.Name = startTemplate.Name
-		explicitNS = true
-		start.Attr = append(start.Attr, startTemplate.Attr...)
-	} else if tinfo.xmlname != nil {
-		xmlname := tinfo.xmlname
-		if xmlname.name != "" {
-			start.Name.Space, start.Name.Local = xmlname.xmlns, xmlname.name
-		} else if v, ok := xmlname.value(val).Interface().(Name); ok && v.Local != "" {
-			start.Name = v
-		}
-		explicitNS = true
-	}
-	if start.Name.Local == "" && finfo != nil {
-		start.Name.Local = finfo.name
-		if finfo.xmlns != "" {
-			start.Name.Space = finfo.xmlns
-			explicitNS = true
-		}
-	}
-	if start.Name.Local == "" {
-		name := typ.Name()
-		if name == "" {
-			return &UnsupportedTypeError{typ}
-		}
-		start.Name.Local = name
-	}
-
-	// defaultNS records the default name space as set by a xmlns="..."
-	// attribute. We don't set p.defaultNS because we want to let
-	// the attribute writing code (in p.defineNS) be solely responsible
-	// for maintaining that.
-	defaultNS := p.defaultNS
-
-	// Attributes
-	for i := range tinfo.fields {
-		finfo := &tinfo.fields[i]
-		if finfo.flags&fAttr == 0 {
-			continue
-		}
-		attr, err := p.fieldAttr(finfo, val)
-		if err != nil {
-			return err
-		}
-		if attr.Name.Local == "" {
-			continue
-		}
-		start.Attr = append(start.Attr, attr)
-		if attr.Name.Space == "" && attr.Name.Local == "xmlns" {
-			defaultNS = attr.Value
-		}
-	}
-	if !explicitNS {
-		// Historic behavior: elements use the default name space
-		// they are contained in by default.
-		start.Name.Space = defaultNS
-	}
-	// Historic behaviour: an element that's in a namespace sets
-	// the default namespace for all elements contained within it.
-	start.setDefaultNamespace()
-
-	if err := p.writeStart(&start); err != nil {
-		return err
-	}
-
-	if val.Kind() == reflect.Struct {
-		err = p.marshalStruct(tinfo, val)
-	} else {
-		s, b, err1 := p.marshalSimple(typ, val)
-		if err1 != nil {
-			err = err1
-		} else if b != nil {
-			EscapeText(p, b)
-		} else {
-			p.EscapeString(s)
-		}
-	}
-	if err != nil {
-		return err
-	}
-
-	if err := p.writeEnd(start.Name); err != nil {
-		return err
-	}
-
-	return p.cachedWriteError()
-}
-
-// fieldAttr returns the attribute of the given field.
-// If the returned attribute has an empty Name.Local,
-// it should not be used.
-// The given value holds the value containing the field.
-func (p *printer) fieldAttr(finfo *fieldInfo, val reflect.Value) (Attr, error) {
-	fv := finfo.value(val)
-	name := Name{Space: finfo.xmlns, Local: finfo.name}
-	if finfo.flags&fOmitEmpty != 0 && isEmptyValue(fv) {
-		return Attr{}, nil
-	}
-	if fv.Kind() == reflect.Interface && fv.IsNil() {
-		return Attr{}, nil
-	}
-	if fv.CanInterface() && fv.Type().Implements(marshalerAttrType) {
-		attr, err := fv.Interface().(MarshalerAttr).MarshalXMLAttr(name)
-		return attr, err
-	}
-	if fv.CanAddr() {
-		pv := fv.Addr()
-		if pv.CanInterface() && pv.Type().Implements(marshalerAttrType) {
-			attr, err := pv.Interface().(MarshalerAttr).MarshalXMLAttr(name)
-			return attr, err
-		}
-	}
-	if fv.CanInterface() && fv.Type().Implements(textMarshalerType) {
-		text, err := fv.Interface().(encoding.TextMarshaler).MarshalText()
-		if err != nil {
-			return Attr{}, err
-		}
-		return Attr{name, string(text)}, nil
-	}
-	if fv.CanAddr() {
-		pv := fv.Addr()
-		if pv.CanInterface() && pv.Type().Implements(textMarshalerType) {
-			text, err := pv.Interface().(encoding.TextMarshaler).MarshalText()
-			if err != nil {
-				return Attr{}, err
-			}
-			return Attr{name, string(text)}, nil
-		}
-	}
-	// Dereference or skip nil pointer, interface values.
-	switch fv.Kind() {
-	case reflect.Ptr, reflect.Interface:
-		if fv.IsNil() {
-			return Attr{}, nil
-		}
-		fv = fv.Elem()
-	}
-	s, b, err := p.marshalSimple(fv.Type(), fv)
-	if err != nil {
-		return Attr{}, err
-	}
-	if b != nil {
-		s = string(b)
-	}
-	return Attr{name, s}, nil
-}
-
-// defaultStart returns the default start element to use,
-// given the reflect type, field info, and start template.
-func (p *printer) defaultStart(typ reflect.Type, finfo *fieldInfo, startTemplate *StartElement) StartElement {
-	var start StartElement
-	// Precedence for the XML element name is as above,
-	// except that we do not look inside structs for the first field.
-	if startTemplate != nil {
-		start.Name = startTemplate.Name
-		start.Attr = append(start.Attr, startTemplate.Attr...)
-	} else if finfo != nil && finfo.name != "" {
-		start.Name.Local = finfo.name
-		start.Name.Space = finfo.xmlns
-	} else if typ.Name() != "" {
-		start.Name.Local = typ.Name()
-	} else {
-		// Must be a pointer to a named type,
-		// since it has the Marshaler methods.
-		start.Name.Local = typ.Elem().Name()
-	}
-	// Historic behaviour: elements use the name space of
-	// the element they are contained in by default.
-	if start.Name.Space == "" {
-		start.Name.Space = p.defaultNS
-	}
-	start.setDefaultNamespace()
-	return start
-}
-
-// marshalInterface marshals a Marshaler interface value.
-func (p *printer) marshalInterface(val Marshaler, start StartElement) error {
-	// Push a marker onto the tag stack so that MarshalXML
-	// cannot close the XML tags that it did not open.
-	p.tags = append(p.tags, Name{})
-	n := len(p.tags)
-
-	err := val.MarshalXML(p.encoder, start)
-	if err != nil {
-		return err
-	}
-
-	// Make sure MarshalXML closed all its tags. p.tags[n-1] is the mark.
-	if len(p.tags) > n {
-		return fmt.Errorf("xml: %s.MarshalXML wrote invalid XML: <%s> not closed", receiverType(val), p.tags[len(p.tags)-1].Local)
-	}
-	p.tags = p.tags[:n-1]
-	return nil
-}
-
-// marshalTextInterface marshals a TextMarshaler interface value.
-func (p *printer) marshalTextInterface(val encoding.TextMarshaler, start StartElement) error {
-	if err := p.writeStart(&start); err != nil {
-		return err
-	}
-	text, err := val.MarshalText()
-	if err != nil {
-		return err
-	}
-	EscapeText(p, text)
-	return p.writeEnd(start.Name)
-}
-
-// writeStart writes the given start element.
-func (p *printer) writeStart(start *StartElement) error {
-	if start.Name.Local == "" {
-		return fmt.Errorf("xml: start tag with no name")
-	}
-
-	p.tags = append(p.tags, start.Name)
-	p.markPrefix()
-	// Define any name spaces explicitly declared in the attributes.
-	// We do this as a separate pass so that explicitly declared prefixes
-	// will take precedence over implicitly declared prefixes
-	// regardless of the order of the attributes.
-	ignoreNonEmptyDefault := start.Name.Space == ""
-	for _, attr := range start.Attr {
-		if err := p.defineNS(attr, ignoreNonEmptyDefault); err != nil {
-			return err
-		}
-	}
-	// Define any new name spaces implied by the attributes.
-	for _, attr := range start.Attr {
-		name := attr.Name
-		// From http://www.w3.org/TR/xml-names11/#defaulting
-		// "Default namespace declarations do not apply directly
-		// to attribute names; the interpretation of unprefixed
-		// attributes is determined by the element on which they
-		// appear."
-		// This means we don't need to create a new namespace
-		// when an attribute name space is empty.
-		if name.Space != "" && !name.isNamespace() {
-			p.createNSPrefix(name.Space, true)
-		}
-	}
-	p.createNSPrefix(start.Name.Space, false)
-
-	p.writeIndent(1)
-	p.WriteByte('<')
-	p.writeName(start.Name, false)
-	p.writeNamespaces()
-	for _, attr := range start.Attr {
-		name := attr.Name
-		if name.Local == "" || name.isNamespace() {
-			// Namespaces have already been written by writeNamespaces above.
-			continue
-		}
-		p.WriteByte(' ')
-		p.writeName(name, true)
-		p.WriteString(`="`)
-		p.EscapeString(attr.Value)
-		p.WriteByte('"')
-	}
-	p.WriteByte('>')
-	return nil
-}
-
-// writeName writes the given name. It assumes
-// that p.createNSPrefix(name) has already been called.
-func (p *printer) writeName(name Name, isAttr bool) {
-	if prefix := p.prefixForNS(name.Space, isAttr); prefix != "" {
-		p.WriteString(prefix)
-		p.WriteByte(':')
-	}
-	p.WriteString(name.Local)
-}
-
-func (p *printer) writeEnd(name Name) error {
-	if name.Local == "" {
-		return fmt.Errorf("xml: end tag with no name")
-	}
-	if len(p.tags) == 0 || p.tags[len(p.tags)-1].Local == "" {
-		return fmt.Errorf("xml: end tag  without start tag", name.Local)
-	}
-	if top := p.tags[len(p.tags)-1]; top != name {
-		if top.Local != name.Local {
-			return fmt.Errorf("xml: end tag  does not match start tag <%s>", name.Local, top.Local)
-		}
-		return fmt.Errorf("xml: end tag  in namespace %s does not match start tag <%s> in namespace %s", name.Local, name.Space, top.Local, top.Space)
-	}
-	p.tags = p.tags[:len(p.tags)-1]
-
-	p.writeIndent(-1)
-	p.WriteByte('<')
-	p.WriteByte('/')
-	p.writeName(name, false)
-	p.WriteByte('>')
-	p.popPrefix()
-	return nil
-}
-
-func (p *printer) marshalSimple(typ reflect.Type, val reflect.Value) (string, []byte, error) {
-	switch val.Kind() {
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		return strconv.FormatInt(val.Int(), 10), nil, nil
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		return strconv.FormatUint(val.Uint(), 10), nil, nil
-	case reflect.Float32, reflect.Float64:
-		return strconv.FormatFloat(val.Float(), 'g', -1, val.Type().Bits()), nil, nil
-	case reflect.String:
-		return val.String(), nil, nil
-	case reflect.Bool:
-		return strconv.FormatBool(val.Bool()), nil, nil
-	case reflect.Array:
-		if typ.Elem().Kind() != reflect.Uint8 {
-			break
-		}
-		// [...]byte
-		var bytes []byte
-		if val.CanAddr() {
-			bytes = val.Slice(0, val.Len()).Bytes()
-		} else {
-			bytes = make([]byte, val.Len())
-			reflect.Copy(reflect.ValueOf(bytes), val)
-		}
-		return "", bytes, nil
-	case reflect.Slice:
-		if typ.Elem().Kind() != reflect.Uint8 {
-			break
-		}
-		// []byte
-		return "", val.Bytes(), nil
-	}
-	return "", nil, &UnsupportedTypeError{typ}
-}
-
-var ddBytes = []byte("--")
-
-func (p *printer) marshalStruct(tinfo *typeInfo, val reflect.Value) error {
-	s := parentStack{p: p}
-	for i := range tinfo.fields {
-		finfo := &tinfo.fields[i]
-		if finfo.flags&fAttr != 0 {
-			continue
-		}
-		vf := finfo.value(val)
-
-		// Dereference or skip nil pointer, interface values.
-		switch vf.Kind() {
-		case reflect.Ptr, reflect.Interface:
-			if !vf.IsNil() {
-				vf = vf.Elem()
-			}
-		}
-
-		switch finfo.flags & fMode {
-		case fCharData:
-			if err := s.setParents(&noField, reflect.Value{}); err != nil {
-				return err
-			}
-			if vf.CanInterface() && vf.Type().Implements(textMarshalerType) {
-				data, err := vf.Interface().(encoding.TextMarshaler).MarshalText()
-				if err != nil {
-					return err
-				}
-				Escape(p, data)
-				continue
-			}
-			if vf.CanAddr() {
-				pv := vf.Addr()
-				if pv.CanInterface() && pv.Type().Implements(textMarshalerType) {
-					data, err := pv.Interface().(encoding.TextMarshaler).MarshalText()
-					if err != nil {
-						return err
-					}
-					Escape(p, data)
-					continue
-				}
-			}
-			var scratch [64]byte
-			switch vf.Kind() {
-			case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-				Escape(p, strconv.AppendInt(scratch[:0], vf.Int(), 10))
-			case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-				Escape(p, strconv.AppendUint(scratch[:0], vf.Uint(), 10))
-			case reflect.Float32, reflect.Float64:
-				Escape(p, strconv.AppendFloat(scratch[:0], vf.Float(), 'g', -1, vf.Type().Bits()))
-			case reflect.Bool:
-				Escape(p, strconv.AppendBool(scratch[:0], vf.Bool()))
-			case reflect.String:
-				if err := EscapeText(p, []byte(vf.String())); err != nil {
-					return err
-				}
-			case reflect.Slice:
-				if elem, ok := vf.Interface().([]byte); ok {
-					if err := EscapeText(p, elem); err != nil {
-						return err
-					}
-				}
-			}
-			continue
-
-		case fComment:
-			if err := s.setParents(&noField, reflect.Value{}); err != nil {
-				return err
-			}
-			k := vf.Kind()
-			if !(k == reflect.String || k == reflect.Slice && vf.Type().Elem().Kind() == reflect.Uint8) {
-				return fmt.Errorf("xml: bad type for comment field of %s", val.Type())
-			}
-			if vf.Len() == 0 {
-				continue
-			}
-			p.writeIndent(0)
-			p.WriteString("" is invalid grammar. Make it "- -->"
-				p.WriteByte(' ')
-			}
-			p.WriteString("-->")
-			continue
-
-		case fInnerXml:
-			iface := vf.Interface()
-			switch raw := iface.(type) {
-			case []byte:
-				p.Write(raw)
-				continue
-			case string:
-				p.WriteString(raw)
-				continue
-			}
-
-		case fElement, fElement | fAny:
-			if err := s.setParents(finfo, vf); err != nil {
-				return err
-			}
-		}
-		if err := p.marshalValue(vf, finfo, nil); err != nil {
-			return err
-		}
-	}
-	if err := s.setParents(&noField, reflect.Value{}); err != nil {
-		return err
-	}
-	return p.cachedWriteError()
-}
-
-var noField fieldInfo
-
-// return the bufio Writer's cached write error
-func (p *printer) cachedWriteError() error {
-	_, err := p.Write(nil)
-	return err
-}
-
-func (p *printer) writeIndent(depthDelta int) {
-	if len(p.prefix) == 0 && len(p.indent) == 0 {
-		return
-	}
-	if depthDelta < 0 {
-		p.depth--
-		if p.indentedIn {
-			p.indentedIn = false
-			return
-		}
-		p.indentedIn = false
-	}
-	if p.putNewline {
-		p.WriteByte('\n')
-	} else {
-		p.putNewline = true
-	}
-	if len(p.prefix) > 0 {
-		p.WriteString(p.prefix)
-	}
-	if len(p.indent) > 0 {
-		for i := 0; i < p.depth; i++ {
-			p.WriteString(p.indent)
-		}
-	}
-	if depthDelta > 0 {
-		p.depth++
-		p.indentedIn = true
-	}
-}
-
-type parentStack struct {
-	p       *printer
-	xmlns   string
-	parents []string
-}
-
-// setParents sets the stack of current parents to those found in finfo.
-// It only writes the start elements if vf holds a non-nil value.
-// If finfo is &noField, it pops all elements.
-func (s *parentStack) setParents(finfo *fieldInfo, vf reflect.Value) error {
-	xmlns := s.p.defaultNS
-	if finfo.xmlns != "" {
-		xmlns = finfo.xmlns
-	}
-	commonParents := 0
-	if xmlns == s.xmlns {
-		for ; commonParents < len(finfo.parents) && commonParents < len(s.parents); commonParents++ {
-			if finfo.parents[commonParents] != s.parents[commonParents] {
-				break
-			}
-		}
-	}
-	// Pop off any parents that aren't in common with the previous field.
-	for i := len(s.parents) - 1; i >= commonParents; i-- {
-		if err := s.p.writeEnd(Name{
-			Space: s.xmlns,
-			Local: s.parents[i],
-		}); err != nil {
-			return err
-		}
-	}
-	s.parents = finfo.parents
-	s.xmlns = xmlns
-	if commonParents >= len(s.parents) {
-		// No new elements to push.
-		return nil
-	}
-	if (vf.Kind() == reflect.Ptr || vf.Kind() == reflect.Interface) && vf.IsNil() {
-		// The element is nil, so no need for the start elements.
-		s.parents = s.parents[:commonParents]
-		return nil
-	}
-	// Push any new parents required.
-	for _, name := range s.parents[commonParents:] {
-		start := &StartElement{
-			Name: Name{
-				Space: s.xmlns,
-				Local: name,
-			},
-		}
-		// Set the default name space for parent elements
-		// to match what we do with other elements.
-		if s.xmlns != s.p.defaultNS {
-			start.setDefaultNamespace()
-		}
-		if err := s.p.writeStart(start); err != nil {
-			return err
-		}
-	}
-	return nil
-}
-
-// A MarshalXMLError is returned when Marshal encounters a type
-// that cannot be converted into XML.
-type UnsupportedTypeError struct {
-	Type reflect.Type
-}
-
-func (e *UnsupportedTypeError) Error() string {
-	return "xml: unsupported type: " + e.Type.String()
-}
-
-func isEmptyValue(v reflect.Value) bool {
-	switch v.Kind() {
-	case reflect.Array, reflect.Map, reflect.Slice, reflect.String:
-		return v.Len() == 0
-	case reflect.Bool:
-		return !v.Bool()
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		return v.Int() == 0
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		return v.Uint() == 0
-	case reflect.Float32, reflect.Float64:
-		return v.Float() == 0
-	case reflect.Interface, reflect.Ptr:
-		return v.IsNil()
-	}
-	return false
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/marshal_test.go b/vendor/golang.org/x/net/webdav/internal/xml/marshal_test.go
deleted file mode 100644
index 5dc78e74..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/marshal_test.go
+++ /dev/null
@@ -1,1939 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml
-
-import (
-	"bytes"
-	"errors"
-	"fmt"
-	"io"
-	"reflect"
-	"strconv"
-	"strings"
-	"sync"
-	"testing"
-	"time"
-)
-
-type DriveType int
-
-const (
-	HyperDrive DriveType = iota
-	ImprobabilityDrive
-)
-
-type Passenger struct {
-	Name   []string `xml:"name"`
-	Weight float32  `xml:"weight"`
-}
-
-type Ship struct {
-	XMLName struct{} `xml:"spaceship"`
-
-	Name      string       `xml:"name,attr"`
-	Pilot     string       `xml:"pilot,attr"`
-	Drive     DriveType    `xml:"drive"`
-	Age       uint         `xml:"age"`
-	Passenger []*Passenger `xml:"passenger"`
-	secret    string
-}
-
-type NamedType string
-
-type Port struct {
-	XMLName struct{} `xml:"port"`
-	Type    string   `xml:"type,attr,omitempty"`
-	Comment string   `xml:",comment"`
-	Number  string   `xml:",chardata"`
-}
-
-type Domain struct {
-	XMLName struct{} `xml:"domain"`
-	Country string   `xml:",attr,omitempty"`
-	Name    []byte   `xml:",chardata"`
-	Comment []byte   `xml:",comment"`
-}
-
-type Book struct {
-	XMLName struct{} `xml:"book"`
-	Title   string   `xml:",chardata"`
-}
-
-type Event struct {
-	XMLName struct{} `xml:"event"`
-	Year    int      `xml:",chardata"`
-}
-
-type Movie struct {
-	XMLName struct{} `xml:"movie"`
-	Length  uint     `xml:",chardata"`
-}
-
-type Pi struct {
-	XMLName       struct{} `xml:"pi"`
-	Approximation float32  `xml:",chardata"`
-}
-
-type Universe struct {
-	XMLName struct{} `xml:"universe"`
-	Visible float64  `xml:",chardata"`
-}
-
-type Particle struct {
-	XMLName struct{} `xml:"particle"`
-	HasMass bool     `xml:",chardata"`
-}
-
-type Departure struct {
-	XMLName struct{}  `xml:"departure"`
-	When    time.Time `xml:",chardata"`
-}
-
-type SecretAgent struct {
-	XMLName   struct{} `xml:"agent"`
-	Handle    string   `xml:"handle,attr"`
-	Identity  string
-	Obfuscate string `xml:",innerxml"`
-}
-
-type NestedItems struct {
-	XMLName struct{} `xml:"result"`
-	Items   []string `xml:">item"`
-	Item1   []string `xml:"Items>item1"`
-}
-
-type NestedOrder struct {
-	XMLName struct{} `xml:"result"`
-	Field1  string   `xml:"parent>c"`
-	Field2  string   `xml:"parent>b"`
-	Field3  string   `xml:"parent>a"`
-}
-
-type MixedNested struct {
-	XMLName struct{} `xml:"result"`
-	A       string   `xml:"parent1>a"`
-	B       string   `xml:"b"`
-	C       string   `xml:"parent1>parent2>c"`
-	D       string   `xml:"parent1>d"`
-}
-
-type NilTest struct {
-	A interface{} `xml:"parent1>parent2>a"`
-	B interface{} `xml:"parent1>b"`
-	C interface{} `xml:"parent1>parent2>c"`
-}
-
-type Service struct {
-	XMLName struct{} `xml:"service"`
-	Domain  *Domain  `xml:"host>domain"`
-	Port    *Port    `xml:"host>port"`
-	Extra1  interface{}
-	Extra2  interface{} `xml:"host>extra2"`
-}
-
-var nilStruct *Ship
-
-type EmbedA struct {
-	EmbedC
-	EmbedB EmbedB
-	FieldA string
-}
-
-type EmbedB struct {
-	FieldB string
-	*EmbedC
-}
-
-type EmbedC struct {
-	FieldA1 string `xml:"FieldA>A1"`
-	FieldA2 string `xml:"FieldA>A2"`
-	FieldB  string
-	FieldC  string
-}
-
-type NameCasing struct {
-	XMLName struct{} `xml:"casing"`
-	Xy      string
-	XY      string
-	XyA     string `xml:"Xy,attr"`
-	XYA     string `xml:"XY,attr"`
-}
-
-type NamePrecedence struct {
-	XMLName     Name              `xml:"Parent"`
-	FromTag     XMLNameWithoutTag `xml:"InTag"`
-	FromNameVal XMLNameWithoutTag
-	FromNameTag XMLNameWithTag
-	InFieldName string
-}
-
-type XMLNameWithTag struct {
-	XMLName Name   `xml:"InXMLNameTag"`
-	Value   string `xml:",chardata"`
-}
-
-type XMLNameWithNSTag struct {
-	XMLName Name   `xml:"ns InXMLNameWithNSTag"`
-	Value   string `xml:",chardata"`
-}
-
-type XMLNameWithoutTag struct {
-	XMLName Name
-	Value   string `xml:",chardata"`
-}
-
-type NameInField struct {
-	Foo Name `xml:"ns foo"`
-}
-
-type AttrTest struct {
-	Int   int     `xml:",attr"`
-	Named int     `xml:"int,attr"`
-	Float float64 `xml:",attr"`
-	Uint8 uint8   `xml:",attr"`
-	Bool  bool    `xml:",attr"`
-	Str   string  `xml:",attr"`
-	Bytes []byte  `xml:",attr"`
-}
-
-type OmitAttrTest struct {
-	Int   int     `xml:",attr,omitempty"`
-	Named int     `xml:"int,attr,omitempty"`
-	Float float64 `xml:",attr,omitempty"`
-	Uint8 uint8   `xml:",attr,omitempty"`
-	Bool  bool    `xml:",attr,omitempty"`
-	Str   string  `xml:",attr,omitempty"`
-	Bytes []byte  `xml:",attr,omitempty"`
-}
-
-type OmitFieldTest struct {
-	Int   int           `xml:",omitempty"`
-	Named int           `xml:"int,omitempty"`
-	Float float64       `xml:",omitempty"`
-	Uint8 uint8         `xml:",omitempty"`
-	Bool  bool          `xml:",omitempty"`
-	Str   string        `xml:",omitempty"`
-	Bytes []byte        `xml:",omitempty"`
-	Ptr   *PresenceTest `xml:",omitempty"`
-}
-
-type AnyTest struct {
-	XMLName  struct{}  `xml:"a"`
-	Nested   string    `xml:"nested>value"`
-	AnyField AnyHolder `xml:",any"`
-}
-
-type AnyOmitTest struct {
-	XMLName  struct{}   `xml:"a"`
-	Nested   string     `xml:"nested>value"`
-	AnyField *AnyHolder `xml:",any,omitempty"`
-}
-
-type AnySliceTest struct {
-	XMLName  struct{}    `xml:"a"`
-	Nested   string      `xml:"nested>value"`
-	AnyField []AnyHolder `xml:",any"`
-}
-
-type AnyHolder struct {
-	XMLName Name
-	XML     string `xml:",innerxml"`
-}
-
-type RecurseA struct {
-	A string
-	B *RecurseB
-}
-
-type RecurseB struct {
-	A *RecurseA
-	B string
-}
-
-type PresenceTest struct {
-	Exists *struct{}
-}
-
-type IgnoreTest struct {
-	PublicSecret string `xml:"-"`
-}
-
-type MyBytes []byte
-
-type Data struct {
-	Bytes  []byte
-	Attr   []byte `xml:",attr"`
-	Custom MyBytes
-}
-
-type Plain struct {
-	V interface{}
-}
-
-type MyInt int
-
-type EmbedInt struct {
-	MyInt
-}
-
-type Strings struct {
-	X []string `xml:"A>B,omitempty"`
-}
-
-type PointerFieldsTest struct {
-	XMLName  Name    `xml:"dummy"`
-	Name     *string `xml:"name,attr"`
-	Age      *uint   `xml:"age,attr"`
-	Empty    *string `xml:"empty,attr"`
-	Contents *string `xml:",chardata"`
-}
-
-type ChardataEmptyTest struct {
-	XMLName  Name    `xml:"test"`
-	Contents *string `xml:",chardata"`
-}
-
-type MyMarshalerTest struct {
-}
-
-var _ Marshaler = (*MyMarshalerTest)(nil)
-
-func (m *MyMarshalerTest) MarshalXML(e *Encoder, start StartElement) error {
-	e.EncodeToken(start)
-	e.EncodeToken(CharData([]byte("hello world")))
-	e.EncodeToken(EndElement{start.Name})
-	return nil
-}
-
-type MyMarshalerAttrTest struct{}
-
-var _ MarshalerAttr = (*MyMarshalerAttrTest)(nil)
-
-func (m *MyMarshalerAttrTest) MarshalXMLAttr(name Name) (Attr, error) {
-	return Attr{name, "hello world"}, nil
-}
-
-type MyMarshalerValueAttrTest struct{}
-
-var _ MarshalerAttr = MyMarshalerValueAttrTest{}
-
-func (m MyMarshalerValueAttrTest) MarshalXMLAttr(name Name) (Attr, error) {
-	return Attr{name, "hello world"}, nil
-}
-
-type MarshalerStruct struct {
-	Foo MyMarshalerAttrTest `xml:",attr"`
-}
-
-type MarshalerValueStruct struct {
-	Foo MyMarshalerValueAttrTest `xml:",attr"`
-}
-
-type InnerStruct struct {
-	XMLName Name `xml:"testns outer"`
-}
-
-type OuterStruct struct {
-	InnerStruct
-	IntAttr int `xml:"int,attr"`
-}
-
-type OuterNamedStruct struct {
-	InnerStruct
-	XMLName Name `xml:"outerns test"`
-	IntAttr int  `xml:"int,attr"`
-}
-
-type OuterNamedOrderedStruct struct {
-	XMLName Name `xml:"outerns test"`
-	InnerStruct
-	IntAttr int `xml:"int,attr"`
-}
-
-type OuterOuterStruct struct {
-	OuterStruct
-}
-
-type NestedAndChardata struct {
-	AB       []string `xml:"A>B"`
-	Chardata string   `xml:",chardata"`
-}
-
-type NestedAndComment struct {
-	AB      []string `xml:"A>B"`
-	Comment string   `xml:",comment"`
-}
-
-type XMLNSFieldStruct struct {
-	Ns   string `xml:"xmlns,attr"`
-	Body string
-}
-
-type NamedXMLNSFieldStruct struct {
-	XMLName struct{} `xml:"testns test"`
-	Ns      string   `xml:"xmlns,attr"`
-	Body    string
-}
-
-type XMLNSFieldStructWithOmitEmpty struct {
-	Ns   string `xml:"xmlns,attr,omitempty"`
-	Body string
-}
-
-type NamedXMLNSFieldStructWithEmptyNamespace struct {
-	XMLName struct{} `xml:"test"`
-	Ns      string   `xml:"xmlns,attr"`
-	Body    string
-}
-
-type RecursiveXMLNSFieldStruct struct {
-	Ns   string                     `xml:"xmlns,attr"`
-	Body *RecursiveXMLNSFieldStruct `xml:",omitempty"`
-	Text string                     `xml:",omitempty"`
-}
-
-func ifaceptr(x interface{}) interface{} {
-	return &x
-}
-
-var (
-	nameAttr     = "Sarah"
-	ageAttr      = uint(12)
-	contentsAttr = "lorem ipsum"
-)
-
-// Unless explicitly stated as such (or *Plain), all of the
-// tests below are two-way tests. When introducing new tests,
-// please try to make them two-way as well to ensure that
-// marshalling and unmarshalling are as symmetrical as feasible.
-var marshalTests = []struct {
-	Value         interface{}
-	ExpectXML     string
-	MarshalOnly   bool
-	UnmarshalOnly bool
-}{
-	// Test nil marshals to nothing
-	{Value: nil, ExpectXML: ``, MarshalOnly: true},
-	{Value: nilStruct, ExpectXML: ``, MarshalOnly: true},
-
-	// Test value types
-	{Value: &Plain{true}, ExpectXML: `true`},
-	{Value: &Plain{false}, ExpectXML: `false`},
-	{Value: &Plain{int(42)}, ExpectXML: `42`},
-	{Value: &Plain{int8(42)}, ExpectXML: `42`},
-	{Value: &Plain{int16(42)}, ExpectXML: `42`},
-	{Value: &Plain{int32(42)}, ExpectXML: `42`},
-	{Value: &Plain{uint(42)}, ExpectXML: `42`},
-	{Value: &Plain{uint8(42)}, ExpectXML: `42`},
-	{Value: &Plain{uint16(42)}, ExpectXML: `42`},
-	{Value: &Plain{uint32(42)}, ExpectXML: `42`},
-	{Value: &Plain{float32(1.25)}, ExpectXML: `1.25`},
-	{Value: &Plain{float64(1.25)}, ExpectXML: `1.25`},
-	{Value: &Plain{uintptr(0xFFDD)}, ExpectXML: `65501`},
-	{Value: &Plain{"gopher"}, ExpectXML: `gopher`},
-	{Value: &Plain{[]byte("gopher")}, ExpectXML: `gopher`},
-	{Value: &Plain{""}, ExpectXML: `</>`},
-	{Value: &Plain{[]byte("")}, ExpectXML: `</>`},
-	{Value: &Plain{[3]byte{'<', '/', '>'}}, ExpectXML: `</>`},
-	{Value: &Plain{NamedType("potato")}, ExpectXML: `potato`},
-	{Value: &Plain{[]int{1, 2, 3}}, ExpectXML: `123`},
-	{Value: &Plain{[3]int{1, 2, 3}}, ExpectXML: `123`},
-	{Value: ifaceptr(true), MarshalOnly: true, ExpectXML: `true`},
-
-	// Test time.
-	{
-		Value:     &Plain{time.Unix(1e9, 123456789).UTC()},
-		ExpectXML: `2001-09-09T01:46:40.123456789Z`,
-	},
-
-	// A pointer to struct{} may be used to test for an element's presence.
-	{
-		Value:     &PresenceTest{new(struct{})},
-		ExpectXML: ``,
-	},
-	{
-		Value:     &PresenceTest{},
-		ExpectXML: ``,
-	},
-
-	// A pointer to struct{} may be used to test for an element's presence.
-	{
-		Value:     &PresenceTest{new(struct{})},
-		ExpectXML: ``,
-	},
-	{
-		Value:     &PresenceTest{},
-		ExpectXML: ``,
-	},
-
-	// A []byte field is only nil if the element was not found.
-	{
-		Value:         &Data{},
-		ExpectXML:     ``,
-		UnmarshalOnly: true,
-	},
-	{
-		Value:         &Data{Bytes: []byte{}, Custom: MyBytes{}, Attr: []byte{}},
-		ExpectXML:     ``,
-		UnmarshalOnly: true,
-	},
-
-	// Check that []byte works, including named []byte types.
-	{
-		Value:     &Data{Bytes: []byte("ab"), Custom: MyBytes("cd"), Attr: []byte{'v'}},
-		ExpectXML: `abcd`,
-	},
-
-	// Test innerxml
-	{
-		Value: &SecretAgent{
-			Handle:    "007",
-			Identity:  "James Bond",
-			Obfuscate: "",
-		},
-		ExpectXML:   `James Bond`,
-		MarshalOnly: true,
-	},
-	{
-		Value: &SecretAgent{
-			Handle:    "007",
-			Identity:  "James Bond",
-			Obfuscate: "James Bond",
-		},
-		ExpectXML:     `James Bond`,
-		UnmarshalOnly: true,
-	},
-
-	// Test structs
-	{Value: &Port{Type: "ssl", Number: "443"}, ExpectXML: `443`},
-	{Value: &Port{Number: "443"}, ExpectXML: `443`},
-	{Value: &Port{Type: ""}, ExpectXML: ``},
-	{Value: &Port{Number: "443", Comment: "https"}, ExpectXML: `443`},
-	{Value: &Port{Number: "443", Comment: "add space-"}, ExpectXML: `443`, MarshalOnly: true},
-	{Value: &Domain{Name: []byte("google.com&friends")}, ExpectXML: `google.com&friends`},
-	{Value: &Domain{Name: []byte("google.com"), Comment: []byte(" &friends ")}, ExpectXML: `google.com`},
-	{Value: &Book{Title: "Pride & Prejudice"}, ExpectXML: `Pride & Prejudice`},
-	{Value: &Event{Year: -3114}, ExpectXML: `-3114`},
-	{Value: &Movie{Length: 13440}, ExpectXML: `13440`},
-	{Value: &Pi{Approximation: 3.14159265}, ExpectXML: `3.1415927`},
-	{Value: &Universe{Visible: 9.3e13}, ExpectXML: `9.3e+13`},
-	{Value: &Particle{HasMass: true}, ExpectXML: `true`},
-	{Value: &Departure{When: ParseTime("2013-01-09T00:15:00-09:00")}, ExpectXML: `2013-01-09T00:15:00-09:00`},
-	{Value: atomValue, ExpectXML: atomXml},
-	{
-		Value: &Ship{
-			Name:  "Heart of Gold",
-			Pilot: "Computer",
-			Age:   1,
-			Drive: ImprobabilityDrive,
-			Passenger: []*Passenger{
-				{
-					Name:   []string{"Zaphod", "Beeblebrox"},
-					Weight: 7.25,
-				},
-				{
-					Name:   []string{"Trisha", "McMillen"},
-					Weight: 5.5,
-				},
-				{
-					Name:   []string{"Ford", "Prefect"},
-					Weight: 7,
-				},
-				{
-					Name:   []string{"Arthur", "Dent"},
-					Weight: 6.75,
-				},
-			},
-		},
-		ExpectXML: `` +
-			`` + strconv.Itoa(int(ImprobabilityDrive)) + `` +
-			`1` +
-			`` +
-			`Zaphod` +
-			`Beeblebrox` +
-			`7.25` +
-			`` +
-			`` +
-			`Trisha` +
-			`McMillen` +
-			`5.5` +
-			`` +
-			`` +
-			`Ford` +
-			`Prefect` +
-			`7` +
-			`` +
-			`` +
-			`Arthur` +
-			`Dent` +
-			`6.75` +
-			`` +
-			``,
-	},
-
-	// Test a>b
-	{
-		Value: &NestedItems{Items: nil, Item1: nil},
-		ExpectXML: `` +
-			`` +
-			`` +
-			``,
-	},
-	{
-		Value: &NestedItems{Items: []string{}, Item1: []string{}},
-		ExpectXML: `` +
-			`` +
-			`` +
-			``,
-		MarshalOnly: true,
-	},
-	{
-		Value: &NestedItems{Items: nil, Item1: []string{"A"}},
-		ExpectXML: `` +
-			`` +
-			`A` +
-			`` +
-			``,
-	},
-	{
-		Value: &NestedItems{Items: []string{"A", "B"}, Item1: nil},
-		ExpectXML: `` +
-			`` +
-			`A` +
-			`B` +
-			`` +
-			``,
-	},
-	{
-		Value: &NestedItems{Items: []string{"A", "B"}, Item1: []string{"C"}},
-		ExpectXML: `` +
-			`` +
-			`A` +
-			`B` +
-			`C` +
-			`` +
-			``,
-	},
-	{
-		Value: &NestedOrder{Field1: "C", Field2: "B", Field3: "A"},
-		ExpectXML: `` +
-			`` +
-			`C` +
-			`B` +
-			`A` +
-			`` +
-			``,
-	},
-	{
-		Value: &NilTest{A: "A", B: nil, C: "C"},
-		ExpectXML: `` +
-			`` +
-			`A` +
-			`C` +
-			`` +
-			``,
-		MarshalOnly: true, // Uses interface{}
-	},
-	{
-		Value: &MixedNested{A: "A", B: "B", C: "C", D: "D"},
-		ExpectXML: `` +
-			`A` +
-			`B` +
-			`` +
-			`C` +
-			`D` +
-			`` +
-			``,
-	},
-	{
-		Value:     &Service{Port: &Port{Number: "80"}},
-		ExpectXML: `80`,
-	},
-	{
-		Value:     &Service{},
-		ExpectXML: ``,
-	},
-	{
-		Value: &Service{Port: &Port{Number: "80"}, Extra1: "A", Extra2: "B"},
-		ExpectXML: `` +
-			`80` +
-			`A` +
-			`B` +
-			``,
-		MarshalOnly: true,
-	},
-	{
-		Value: &Service{Port: &Port{Number: "80"}, Extra2: "example"},
-		ExpectXML: `` +
-			`80` +
-			`example` +
-			``,
-		MarshalOnly: true,
-	},
-	{
-		Value: &struct {
-			XMLName struct{} `xml:"space top"`
-			A       string   `xml:"x>a"`
-			B       string   `xml:"x>b"`
-			C       string   `xml:"space x>c"`
-			C1      string   `xml:"space1 x>c"`
-			D1      string   `xml:"space1 x>d"`
-			E1      string   `xml:"x>e"`
-		}{
-			A:  "a",
-			B:  "b",
-			C:  "c",
-			C1: "c1",
-			D1: "d1",
-			E1: "e1",
-		},
-		ExpectXML: `` +
-			`abc` +
-			`` +
-			`c1` +
-			`d1` +
-			`` +
-			`` +
-			`e1` +
-			`` +
-			``,
-	},
-	{
-		Value: &struct {
-			XMLName Name
-			A       string `xml:"x>a"`
-			B       string `xml:"x>b"`
-			C       string `xml:"space x>c"`
-			C1      string `xml:"space1 x>c"`
-			D1      string `xml:"space1 x>d"`
-		}{
-			XMLName: Name{
-				Space: "space0",
-				Local: "top",
-			},
-			A:  "a",
-			B:  "b",
-			C:  "c",
-			C1: "c1",
-			D1: "d1",
-		},
-		ExpectXML: `` +
-			`ab` +
-			`c` +
-			`` +
-			`c1` +
-			`d1` +
-			`` +
-			``,
-	},
-	{
-		Value: &struct {
-			XMLName struct{} `xml:"top"`
-			B       string   `xml:"space x>b"`
-			B1      string   `xml:"space1 x>b"`
-		}{
-			B:  "b",
-			B1: "b1",
-		},
-		ExpectXML: `` +
-			`b` +
-			`b1` +
-			``,
-	},
-
-	// Test struct embedding
-	{
-		Value: &EmbedA{
-			EmbedC: EmbedC{
-				FieldA1: "", // Shadowed by A.A
-				FieldA2: "", // Shadowed by A.A
-				FieldB:  "A.C.B",
-				FieldC:  "A.C.C",
-			},
-			EmbedB: EmbedB{
-				FieldB: "A.B.B",
-				EmbedC: &EmbedC{
-					FieldA1: "A.B.C.A1",
-					FieldA2: "A.B.C.A2",
-					FieldB:  "", // Shadowed by A.B.B
-					FieldC:  "A.B.C.C",
-				},
-			},
-			FieldA: "A.A",
-		},
-		ExpectXML: `` +
-			`A.C.B` +
-			`A.C.C` +
-			`` +
-			`A.B.B` +
-			`` +
-			`A.B.C.A1` +
-			`A.B.C.A2` +
-			`` +
-			`A.B.C.C` +
-			`` +
-			`A.A` +
-			``,
-	},
-
-	// Test that name casing matters
-	{
-		Value:     &NameCasing{Xy: "mixed", XY: "upper", XyA: "mixedA", XYA: "upperA"},
-		ExpectXML: `mixedupper`,
-	},
-
-	// Test the order in which the XML element name is chosen
-	{
-		Value: &NamePrecedence{
-			FromTag:     XMLNameWithoutTag{Value: "A"},
-			FromNameVal: XMLNameWithoutTag{XMLName: Name{Local: "InXMLName"}, Value: "B"},
-			FromNameTag: XMLNameWithTag{Value: "C"},
-			InFieldName: "D",
-		},
-		ExpectXML: `` +
-			`A` +
-			`B` +
-			`C` +
-			`D` +
-			``,
-		MarshalOnly: true,
-	},
-	{
-		Value: &NamePrecedence{
-			XMLName:     Name{Local: "Parent"},
-			FromTag:     XMLNameWithoutTag{XMLName: Name{Local: "InTag"}, Value: "A"},
-			FromNameVal: XMLNameWithoutTag{XMLName: Name{Local: "FromNameVal"}, Value: "B"},
-			FromNameTag: XMLNameWithTag{XMLName: Name{Local: "InXMLNameTag"}, Value: "C"},
-			InFieldName: "D",
-		},
-		ExpectXML: `` +
-			`A` +
-			`B` +
-			`C` +
-			`D` +
-			``,
-		UnmarshalOnly: true,
-	},
-
-	// xml.Name works in a plain field as well.
-	{
-		Value:     &NameInField{Name{Space: "ns", Local: "foo"}},
-		ExpectXML: ``,
-	},
-	{
-		Value:         &NameInField{Name{Space: "ns", Local: "foo"}},
-		ExpectXML:     ``,
-		UnmarshalOnly: true,
-	},
-
-	// Marshaling zero xml.Name uses the tag or field name.
-	{
-		Value:       &NameInField{},
-		ExpectXML:   ``,
-		MarshalOnly: true,
-	},
-
-	// Test attributes
-	{
-		Value: &AttrTest{
-			Int:   8,
-			Named: 9,
-			Float: 23.5,
-			Uint8: 255,
-			Bool:  true,
-			Str:   "str",
-			Bytes: []byte("byt"),
-		},
-		ExpectXML: ``,
-	},
-	{
-		Value: &AttrTest{Bytes: []byte{}},
-		ExpectXML: ``,
-	},
-	{
-		Value: &OmitAttrTest{
-			Int:   8,
-			Named: 9,
-			Float: 23.5,
-			Uint8: 255,
-			Bool:  true,
-			Str:   "str",
-			Bytes: []byte("byt"),
-		},
-		ExpectXML: ``,
-	},
-	{
-		Value:     &OmitAttrTest{},
-		ExpectXML: ``,
-	},
-
-	// pointer fields
-	{
-		Value:       &PointerFieldsTest{Name: &nameAttr, Age: &ageAttr, Contents: &contentsAttr},
-		ExpectXML:   `lorem ipsum`,
-		MarshalOnly: true,
-	},
-
-	// empty chardata pointer field
-	{
-		Value:       &ChardataEmptyTest{},
-		ExpectXML:   ``,
-		MarshalOnly: true,
-	},
-
-	// omitempty on fields
-	{
-		Value: &OmitFieldTest{
-			Int:   8,
-			Named: 9,
-			Float: 23.5,
-			Uint8: 255,
-			Bool:  true,
-			Str:   "str",
-			Bytes: []byte("byt"),
-			Ptr:   &PresenceTest{},
-		},
-		ExpectXML: `` +
-			`8` +
-			`9` +
-			`23.5` +
-			`255` +
-			`true` +
-			`str` +
-			`byt` +
-			`` +
-			``,
-	},
-	{
-		Value:     &OmitFieldTest{},
-		ExpectXML: ``,
-	},
-
-	// Test ",any"
-	{
-		ExpectXML: `knownunknown`,
-		Value: &AnyTest{
-			Nested: "known",
-			AnyField: AnyHolder{
-				XMLName: Name{Local: "other"},
-				XML:     "unknown",
-			},
-		},
-	},
-	{
-		Value: &AnyTest{Nested: "known",
-			AnyField: AnyHolder{
-				XML:     "",
-				XMLName: Name{Local: "AnyField"},
-			},
-		},
-		ExpectXML: `known`,
-	},
-	{
-		ExpectXML: `b`,
-		Value: &AnyOmitTest{
-			Nested: "b",
-		},
-	},
-	{
-		ExpectXML: `bei`,
-		Value: &AnySliceTest{
-			Nested: "b",
-			AnyField: []AnyHolder{
-				{
-					XMLName: Name{Local: "c"},
-					XML:     "e",
-				},
-				{
-					XMLName: Name{Space: "f", Local: "g"},
-					XML:     "i",
-				},
-			},
-		},
-	},
-	{
-		ExpectXML: `b`,
-		Value: &AnySliceTest{
-			Nested: "b",
-		},
-	},
-
-	// Test recursive types.
-	{
-		Value: &RecurseA{
-			A: "a1",
-			B: &RecurseB{
-				A: &RecurseA{"a2", nil},
-				B: "b1",
-			},
-		},
-		ExpectXML: `a1a2b1`,
-	},
-
-	// Test ignoring fields via "-" tag
-	{
-		ExpectXML: ``,
-		Value:     &IgnoreTest{},
-	},
-	{
-		ExpectXML:   ``,
-		Value:       &IgnoreTest{PublicSecret: "can't tell"},
-		MarshalOnly: true,
-	},
-	{
-		ExpectXML:     `ignore me`,
-		Value:         &IgnoreTest{},
-		UnmarshalOnly: true,
-	},
-
-	// Test escaping.
-	{
-		ExpectXML: `dquote: "; squote: '; ampersand: &; less: <; greater: >;`,
-		Value: &AnyTest{
-			Nested:   `dquote: "; squote: '; ampersand: &; less: <; greater: >;`,
-			AnyField: AnyHolder{XMLName: Name{Local: "empty"}},
-		},
-	},
-	{
-		ExpectXML: `newline: 
; cr: 
; tab: 	;`,
-		Value: &AnyTest{
-			Nested:   "newline: \n; cr: \r; tab: \t;",
-			AnyField: AnyHolder{XMLName: Name{Local: "AnyField"}},
-		},
-	},
-	{
-		ExpectXML: "1\r2\r\n3\n\r4\n5",
-		Value: &AnyTest{
-			Nested: "1\n2\n3\n\n4\n5",
-		},
-		UnmarshalOnly: true,
-	},
-	{
-		ExpectXML: `42`,
-		Value: &EmbedInt{
-			MyInt: 42,
-		},
-	},
-	// Test omitempty with parent chain; see golang.org/issue/4168.
-	{
-		ExpectXML: ``,
-		Value:     &Strings{},
-	},
-	// Custom marshalers.
-	{
-		ExpectXML: `hello world`,
-		Value:     &MyMarshalerTest{},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &MarshalerStruct{},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &MarshalerValueStruct{},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &OuterStruct{IntAttr: 10},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &OuterNamedStruct{XMLName: Name{Space: "outerns", Local: "test"}, IntAttr: 10},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &OuterNamedOrderedStruct{XMLName: Name{Space: "outerns", Local: "test"}, IntAttr: 10},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &OuterOuterStruct{OuterStruct{IntAttr: 10}},
-	},
-	{
-		ExpectXML: `test`,
-		Value:     &NestedAndChardata{AB: make([]string, 2), Chardata: "test"},
-	},
-	{
-		ExpectXML: ``,
-		Value:     &NestedAndComment{AB: make([]string, 2), Comment: "test"},
-	},
-	{
-		ExpectXML: `hello world`,
-		Value:     &XMLNSFieldStruct{Ns: "http://example.com/ns", Body: "hello world"},
-	},
-	{
-		ExpectXML: `hello world`,
-		Value:     &NamedXMLNSFieldStruct{Ns: "http://example.com/ns", Body: "hello world"},
-	},
-	{
-		ExpectXML: `hello world`,
-		Value:     &NamedXMLNSFieldStruct{Ns: "", Body: "hello world"},
-	},
-	{
-		ExpectXML: `hello world`,
-		Value:     &XMLNSFieldStructWithOmitEmpty{Body: "hello world"},
-	},
-	{
-		// The xmlns attribute must be ignored because the 
-		// element is in the empty namespace, so it's not possible
-		// to set the default namespace to something non-empty.
-		ExpectXML:   `hello world`,
-		Value:       &NamedXMLNSFieldStructWithEmptyNamespace{Ns: "foo", Body: "hello world"},
-		MarshalOnly: true,
-	},
-	{
-		ExpectXML: `hello world`,
-		Value: &RecursiveXMLNSFieldStruct{
-			Ns: "foo",
-			Body: &RecursiveXMLNSFieldStruct{
-				Text: "hello world",
-			},
-		},
-	},
-}
-
-func TestMarshal(t *testing.T) {
-	for idx, test := range marshalTests {
-		if test.UnmarshalOnly {
-			continue
-		}
-		data, err := Marshal(test.Value)
-		if err != nil {
-			t.Errorf("#%d: marshal(%#v): %s", idx, test.Value, err)
-			continue
-		}
-		if got, want := string(data), test.ExpectXML; got != want {
-			if strings.Contains(want, "\n") {
-				t.Errorf("#%d: marshal(%#v):\nHAVE:\n%s\nWANT:\n%s", idx, test.Value, got, want)
-			} else {
-				t.Errorf("#%d: marshal(%#v):\nhave %#q\nwant %#q", idx, test.Value, got, want)
-			}
-		}
-	}
-}
-
-type AttrParent struct {
-	X string `xml:"X>Y,attr"`
-}
-
-type BadAttr struct {
-	Name []string `xml:"name,attr"`
-}
-
-var marshalErrorTests = []struct {
-	Value interface{}
-	Err   string
-	Kind  reflect.Kind
-}{
-	{
-		Value: make(chan bool),
-		Err:   "xml: unsupported type: chan bool",
-		Kind:  reflect.Chan,
-	},
-	{
-		Value: map[string]string{
-			"question": "What do you get when you multiply six by nine?",
-			"answer":   "42",
-		},
-		Err:  "xml: unsupported type: map[string]string",
-		Kind: reflect.Map,
-	},
-	{
-		Value: map[*Ship]bool{nil: false},
-		Err:   "xml: unsupported type: map[*xml.Ship]bool",
-		Kind:  reflect.Map,
-	},
-	{
-		Value: &Domain{Comment: []byte("f--bar")},
-		Err:   `xml: comments must not contain "--"`,
-	},
-	// Reject parent chain with attr, never worked; see golang.org/issue/5033.
-	{
-		Value: &AttrParent{},
-		Err:   `xml: X>Y chain not valid with attr flag`,
-	},
-	{
-		Value: BadAttr{[]string{"X", "Y"}},
-		Err:   `xml: unsupported type: []string`,
-	},
-}
-
-var marshalIndentTests = []struct {
-	Value     interface{}
-	Prefix    string
-	Indent    string
-	ExpectXML string
-}{
-	{
-		Value: &SecretAgent{
-			Handle:    "007",
-			Identity:  "James Bond",
-			Obfuscate: "",
-		},
-		Prefix:    "",
-		Indent:    "\t",
-		ExpectXML: fmt.Sprintf("\n\tJames Bond\n"),
-	},
-}
-
-func TestMarshalErrors(t *testing.T) {
-	for idx, test := range marshalErrorTests {
-		data, err := Marshal(test.Value)
-		if err == nil {
-			t.Errorf("#%d: marshal(%#v) = [success] %q, want error %v", idx, test.Value, data, test.Err)
-			continue
-		}
-		if err.Error() != test.Err {
-			t.Errorf("#%d: marshal(%#v) = [error] %v, want %v", idx, test.Value, err, test.Err)
-		}
-		if test.Kind != reflect.Invalid {
-			if kind := err.(*UnsupportedTypeError).Type.Kind(); kind != test.Kind {
-				t.Errorf("#%d: marshal(%#v) = [error kind] %s, want %s", idx, test.Value, kind, test.Kind)
-			}
-		}
-	}
-}
-
-// Do invertibility testing on the various structures that we test
-func TestUnmarshal(t *testing.T) {
-	for i, test := range marshalTests {
-		if test.MarshalOnly {
-			continue
-		}
-		if _, ok := test.Value.(*Plain); ok {
-			continue
-		}
-		vt := reflect.TypeOf(test.Value)
-		dest := reflect.New(vt.Elem()).Interface()
-		err := Unmarshal([]byte(test.ExpectXML), dest)
-
-		switch fix := dest.(type) {
-		case *Feed:
-			fix.Author.InnerXML = ""
-			for i := range fix.Entry {
-				fix.Entry[i].Author.InnerXML = ""
-			}
-		}
-
-		if err != nil {
-			t.Errorf("#%d: unexpected error: %#v", i, err)
-		} else if got, want := dest, test.Value; !reflect.DeepEqual(got, want) {
-			t.Errorf("#%d: unmarshal(%q):\nhave %#v\nwant %#v", i, test.ExpectXML, got, want)
-		}
-	}
-}
-
-func TestMarshalIndent(t *testing.T) {
-	for i, test := range marshalIndentTests {
-		data, err := MarshalIndent(test.Value, test.Prefix, test.Indent)
-		if err != nil {
-			t.Errorf("#%d: Error: %s", i, err)
-			continue
-		}
-		if got, want := string(data), test.ExpectXML; got != want {
-			t.Errorf("#%d: MarshalIndent:\nGot:%s\nWant:\n%s", i, got, want)
-		}
-	}
-}
-
-type limitedBytesWriter struct {
-	w      io.Writer
-	remain int // until writes fail
-}
-
-func (lw *limitedBytesWriter) Write(p []byte) (n int, err error) {
-	if lw.remain <= 0 {
-		println("error")
-		return 0, errors.New("write limit hit")
-	}
-	if len(p) > lw.remain {
-		p = p[:lw.remain]
-		n, _ = lw.w.Write(p)
-		lw.remain = 0
-		return n, errors.New("write limit hit")
-	}
-	n, err = lw.w.Write(p)
-	lw.remain -= n
-	return n, err
-}
-
-func TestMarshalWriteErrors(t *testing.T) {
-	var buf bytes.Buffer
-	const writeCap = 1024
-	w := &limitedBytesWriter{&buf, writeCap}
-	enc := NewEncoder(w)
-	var err error
-	var i int
-	const n = 4000
-	for i = 1; i <= n; i++ {
-		err = enc.Encode(&Passenger{
-			Name:   []string{"Alice", "Bob"},
-			Weight: 5,
-		})
-		if err != nil {
-			break
-		}
-	}
-	if err == nil {
-		t.Error("expected an error")
-	}
-	if i == n {
-		t.Errorf("expected to fail before the end")
-	}
-	if buf.Len() != writeCap {
-		t.Errorf("buf.Len() = %d; want %d", buf.Len(), writeCap)
-	}
-}
-
-func TestMarshalWriteIOErrors(t *testing.T) {
-	enc := NewEncoder(errWriter{})
-
-	expectErr := "unwritable"
-	err := enc.Encode(&Passenger{})
-	if err == nil || err.Error() != expectErr {
-		t.Errorf("EscapeTest = [error] %v, want %v", err, expectErr)
-	}
-}
-
-func TestMarshalFlush(t *testing.T) {
-	var buf bytes.Buffer
-	enc := NewEncoder(&buf)
-	if err := enc.EncodeToken(CharData("hello world")); err != nil {
-		t.Fatalf("enc.EncodeToken: %v", err)
-	}
-	if buf.Len() > 0 {
-		t.Fatalf("enc.EncodeToken caused actual write: %q", buf.Bytes())
-	}
-	if err := enc.Flush(); err != nil {
-		t.Fatalf("enc.Flush: %v", err)
-	}
-	if buf.String() != "hello world" {
-		t.Fatalf("after enc.Flush, buf.String() = %q, want %q", buf.String(), "hello world")
-	}
-}
-
-var encodeElementTests = []struct {
-	desc      string
-	value     interface{}
-	start     StartElement
-	expectXML string
-}{{
-	desc:  "simple string",
-	value: "hello",
-	start: StartElement{
-		Name: Name{Local: "a"},
-	},
-	expectXML: `hello`,
-}, {
-	desc:  "string with added attributes",
-	value: "hello",
-	start: StartElement{
-		Name: Name{Local: "a"},
-		Attr: []Attr{{
-			Name:  Name{Local: "x"},
-			Value: "y",
-		}, {
-			Name:  Name{Local: "foo"},
-			Value: "bar",
-		}},
-	},
-	expectXML: `hello`,
-}, {
-	desc: "start element with default name space",
-	value: struct {
-		Foo XMLNameWithNSTag
-	}{
-		Foo: XMLNameWithNSTag{
-			Value: "hello",
-		},
-	},
-	start: StartElement{
-		Name: Name{Space: "ns", Local: "a"},
-		Attr: []Attr{{
-			Name: Name{Local: "xmlns"},
-			// "ns" is the name space defined in XMLNameWithNSTag
-			Value: "ns",
-		}},
-	},
-	expectXML: `hello`,
-}, {
-	desc: "start element in name space with different default name space",
-	value: struct {
-		Foo XMLNameWithNSTag
-	}{
-		Foo: XMLNameWithNSTag{
-			Value: "hello",
-		},
-	},
-	start: StartElement{
-		Name: Name{Space: "ns2", Local: "a"},
-		Attr: []Attr{{
-			Name: Name{Local: "xmlns"},
-			// "ns" is the name space defined in XMLNameWithNSTag
-			Value: "ns",
-		}},
-	},
-	expectXML: `hello`,
-}, {
-	desc:  "XMLMarshaler with start element with default name space",
-	value: &MyMarshalerTest{},
-	start: StartElement{
-		Name: Name{Space: "ns2", Local: "a"},
-		Attr: []Attr{{
-			Name: Name{Local: "xmlns"},
-			// "ns" is the name space defined in XMLNameWithNSTag
-			Value: "ns",
-		}},
-	},
-	expectXML: `hello world`,
-}}
-
-func TestEncodeElement(t *testing.T) {
-	for idx, test := range encodeElementTests {
-		var buf bytes.Buffer
-		enc := NewEncoder(&buf)
-		err := enc.EncodeElement(test.value, test.start)
-		if err != nil {
-			t.Fatalf("enc.EncodeElement: %v", err)
-		}
-		err = enc.Flush()
-		if err != nil {
-			t.Fatalf("enc.Flush: %v", err)
-		}
-		if got, want := buf.String(), test.expectXML; got != want {
-			t.Errorf("#%d(%s): EncodeElement(%#v, %#v):\nhave %#q\nwant %#q", idx, test.desc, test.value, test.start, got, want)
-		}
-	}
-}
-
-func BenchmarkMarshal(b *testing.B) {
-	b.ReportAllocs()
-	for i := 0; i < b.N; i++ {
-		Marshal(atomValue)
-	}
-}
-
-func BenchmarkUnmarshal(b *testing.B) {
-	b.ReportAllocs()
-	xml := []byte(atomXml)
-	for i := 0; i < b.N; i++ {
-		Unmarshal(xml, &Feed{})
-	}
-}
-
-// golang.org/issue/6556
-func TestStructPointerMarshal(t *testing.T) {
-	type A struct {
-		XMLName string `xml:"a"`
-		B       []interface{}
-	}
-	type C struct {
-		XMLName Name
-		Value   string `xml:"value"`
-	}
-
-	a := new(A)
-	a.B = append(a.B, &C{
-		XMLName: Name{Local: "c"},
-		Value:   "x",
-	})
-
-	b, err := Marshal(a)
-	if err != nil {
-		t.Fatal(err)
-	}
-	if x := string(b); x != "x" {
-		t.Fatal(x)
-	}
-	var v A
-	err = Unmarshal(b, &v)
-	if err != nil {
-		t.Fatal(err)
-	}
-}
-
-var encodeTokenTests = []struct {
-	desc string
-	toks []Token
-	want string
-	err  string
-}{{
-	desc: "start element with name space",
-	toks: []Token{
-		StartElement{Name{"space", "local"}, nil},
-	},
-	want: ``,
-}, {
-	desc: "start element with no name",
-	toks: []Token{
-		StartElement{Name{"space", ""}, nil},
-	},
-	err: "xml: start tag with no name",
-}, {
-	desc: "end element with no name",
-	toks: []Token{
-		EndElement{Name{"space", ""}},
-	},
-	err: "xml: end tag with no name",
-}, {
-	desc: "char data",
-	toks: []Token{
-		CharData("foo"),
-	},
-	want: `foo`,
-}, {
-	desc: "char data with escaped chars",
-	toks: []Token{
-		CharData(" \t\n"),
-	},
-	want: " 	\n",
-}, {
-	desc: "comment",
-	toks: []Token{
-		Comment("foo"),
-	},
-	want: ``,
-}, {
-	desc: "comment with invalid content",
-	toks: []Token{
-		Comment("foo-->"),
-	},
-	err: "xml: EncodeToken of Comment containing --> marker",
-}, {
-	desc: "proc instruction",
-	toks: []Token{
-		ProcInst{"Target", []byte("Instruction")},
-	},
-	want: ``,
-}, {
-	desc: "proc instruction with empty target",
-	toks: []Token{
-		ProcInst{"", []byte("Instruction")},
-	},
-	err: "xml: EncodeToken of ProcInst with invalid Target",
-}, {
-	desc: "proc instruction with bad content",
-	toks: []Token{
-		ProcInst{"", []byte("Instruction?>")},
-	},
-	err: "xml: EncodeToken of ProcInst with invalid Target",
-}, {
-	desc: "directive",
-	toks: []Token{
-		Directive("foo"),
-	},
-	want: ``,
-}, {
-	desc: "more complex directive",
-	toks: []Token{
-		Directive("DOCTYPE doc [ '>  ]"),
-	},
-	want: `'>  ]>`,
-}, {
-	desc: "directive instruction with bad name",
-	toks: []Token{
-		Directive("foo>"),
-	},
-	err: "xml: EncodeToken of Directive containing wrong < or > markers",
-}, {
-	desc: "end tag without start tag",
-	toks: []Token{
-		EndElement{Name{"foo", "bar"}},
-	},
-	err: "xml: end tag  without start tag",
-}, {
-	desc: "mismatching end tag local name",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, nil},
-		EndElement{Name{"", "bar"}},
-	},
-	err:  "xml: end tag  does not match start tag ",
-	want: ``,
-}, {
-	desc: "mismatching end tag namespace",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, nil},
-		EndElement{Name{"another", "foo"}},
-	},
-	err:  "xml: end tag  in namespace another does not match start tag  in namespace space",
-	want: ``,
-}, {
-	desc: "start element with explicit namespace",
-	toks: []Token{
-		StartElement{Name{"space", "local"}, []Attr{
-			{Name{"xmlns", "x"}, "space"},
-			{Name{"space", "foo"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "start element with explicit namespace and colliding prefix",
-	toks: []Token{
-		StartElement{Name{"space", "local"}, []Attr{
-			{Name{"xmlns", "x"}, "space"},
-			{Name{"space", "foo"}, "value"},
-			{Name{"x", "bar"}, "other"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "start element using previously defined namespace",
-	toks: []Token{
-		StartElement{Name{"", "local"}, []Attr{
-			{Name{"xmlns", "x"}, "space"},
-		}},
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"space", "x"}, "y"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "nested name space with same prefix",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"xmlns", "x"}, "space1"},
-		}},
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"xmlns", "x"}, "space2"},
-		}},
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"space1", "a"}, "space1 value"},
-			{Name{"space2", "b"}, "space2 value"},
-		}},
-		EndElement{Name{"", "foo"}},
-		EndElement{Name{"", "foo"}},
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"space1", "a"}, "space1 value"},
-			{Name{"space2", "b"}, "space2 value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "start element defining several prefixes for the same name space",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"xmlns", "a"}, "space"},
-			{Name{"xmlns", "b"}, "space"},
-			{Name{"space", "x"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "nested element redefines name space",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"xmlns", "x"}, "space"},
-		}},
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"xmlns", "y"}, "space"},
-			{Name{"space", "a"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "nested element creates alias for default name space",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-		}},
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"xmlns", "y"}, "space"},
-			{Name{"space", "a"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "nested element defines default name space with existing prefix",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"xmlns", "x"}, "space"},
-		}},
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-			{Name{"space", "a"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "nested element uses empty attribute name space when default ns defined",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-		}},
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "attr"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "redefine xmlns",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"foo", "xmlns"}, "space"},
-		}},
-	},
-	err: `xml: cannot redefine xmlns attribute prefix`,
-}, {
-	desc: "xmlns with explicit name space #1",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"xml", "xmlns"}, "space"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "xmlns with explicit name space #2",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{xmlURL, "xmlns"}, "space"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "empty name space declaration is ignored",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"xmlns", "foo"}, ""},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "attribute with no name is ignored",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"", ""}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "namespace URL with non-valid name",
-	toks: []Token{
-		StartElement{Name{"/34", "foo"}, []Attr{
-			{Name{"/34", "x"}, "value"},
-		}},
-	},
-	want: `<_:foo xmlns:_="/34" _:x="value">`,
-}, {
-	desc: "nested element resets default namespace to empty",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-		}},
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"", "xmlns"}, ""},
-			{Name{"", "x"}, "value"},
-			{Name{"space", "x"}, "value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "nested element requires empty default name space",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-		}},
-		StartElement{Name{"", "foo"}, nil},
-	},
-	want: ``,
-}, {
-	desc: "attribute uses name space from xmlns",
-	toks: []Token{
-		StartElement{Name{"some/space", "foo"}, []Attr{
-			{Name{"", "attr"}, "value"},
-			{Name{"some/space", "other"}, "other value"},
-		}},
-	},
-	want: ``,
-}, {
-	desc: "default name space should not be used by attributes",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-			{Name{"xmlns", "bar"}, "space"},
-			{Name{"space", "baz"}, "foo"},
-		}},
-		StartElement{Name{"space", "baz"}, nil},
-		EndElement{Name{"space", "baz"}},
-		EndElement{Name{"space", "foo"}},
-	},
-	want: ``,
-}, {
-	desc: "default name space not used by attributes, not explicitly defined",
-	toks: []Token{
-		StartElement{Name{"space", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-			{Name{"space", "baz"}, "foo"},
-		}},
-		StartElement{Name{"space", "baz"}, nil},
-		EndElement{Name{"space", "baz"}},
-		EndElement{Name{"space", "foo"}},
-	},
-	want: ``,
-}, {
-	desc: "impossible xmlns declaration",
-	toks: []Token{
-		StartElement{Name{"", "foo"}, []Attr{
-			{Name{"", "xmlns"}, "space"},
-		}},
-		StartElement{Name{"space", "bar"}, []Attr{
-			{Name{"space", "attr"}, "value"},
-		}},
-	},
-	want: ``,
-}}
-
-func TestEncodeToken(t *testing.T) {
-loop:
-	for i, tt := range encodeTokenTests {
-		var buf bytes.Buffer
-		enc := NewEncoder(&buf)
-		var err error
-		for j, tok := range tt.toks {
-			err = enc.EncodeToken(tok)
-			if err != nil && j < len(tt.toks)-1 {
-				t.Errorf("#%d %s token #%d: %v", i, tt.desc, j, err)
-				continue loop
-			}
-		}
-		errorf := func(f string, a ...interface{}) {
-			t.Errorf("#%d %s token #%d:%s", i, tt.desc, len(tt.toks)-1, fmt.Sprintf(f, a...))
-		}
-		switch {
-		case tt.err != "" && err == nil:
-			errorf(" expected error; got none")
-			continue
-		case tt.err == "" && err != nil:
-			errorf(" got error: %v", err)
-			continue
-		case tt.err != "" && err != nil && tt.err != err.Error():
-			errorf(" error mismatch; got %v, want %v", err, tt.err)
-			continue
-		}
-		if err := enc.Flush(); err != nil {
-			errorf(" %v", err)
-			continue
-		}
-		if got := buf.String(); got != tt.want {
-			errorf("\ngot  %v\nwant %v", got, tt.want)
-			continue
-		}
-	}
-}
-
-func TestProcInstEncodeToken(t *testing.T) {
-	var buf bytes.Buffer
-	enc := NewEncoder(&buf)
-
-	if err := enc.EncodeToken(ProcInst{"xml", []byte("Instruction")}); err != nil {
-		t.Fatalf("enc.EncodeToken: expected to be able to encode xml target ProcInst as first token, %s", err)
-	}
-
-	if err := enc.EncodeToken(ProcInst{"Target", []byte("Instruction")}); err != nil {
-		t.Fatalf("enc.EncodeToken: expected to be able to add non-xml target ProcInst")
-	}
-
-	if err := enc.EncodeToken(ProcInst{"xml", []byte("Instruction")}); err == nil {
-		t.Fatalf("enc.EncodeToken: expected to not be allowed to encode xml target ProcInst when not first token")
-	}
-}
-
-func TestDecodeEncode(t *testing.T) {
-	var in, out bytes.Buffer
-	in.WriteString(`
-
-
-	
-`)
-	dec := NewDecoder(&in)
-	enc := NewEncoder(&out)
-	for tok, err := dec.Token(); err == nil; tok, err = dec.Token() {
-		err = enc.EncodeToken(tok)
-		if err != nil {
-			t.Fatalf("enc.EncodeToken: Unable to encode token (%#v), %v", tok, err)
-		}
-	}
-}
-
-// Issue 9796. Used to fail with GORACE="halt_on_error=1" -race.
-func TestRace9796(t *testing.T) {
-	type A struct{}
-	type B struct {
-		C []A `xml:"X>Y"`
-	}
-	var wg sync.WaitGroup
-	for i := 0; i < 2; i++ {
-		wg.Add(1)
-		go func() {
-			Marshal(B{[]A{A{}}})
-			wg.Done()
-		}()
-	}
-	wg.Wait()
-}
-
-func TestIsValidDirective(t *testing.T) {
-	testOK := []string{
-		"<>",
-		"< < > >",
-		"' '>' >",
-		"  ]>",
-		" '<' ' doc ANY> ]>",
-		">>> a < comment --> [  ] >",
-	}
-	testKO := []string{
-		"<",
-		">",
-		"",
-		"< > > < < >",
-		" -->",
-		"",
-		"'",
-		"",
-	}
-	for _, s := range testOK {
-		if !isValidDirective(Directive(s)) {
-			t.Errorf("Directive %q is expected to be valid", s)
-		}
-	}
-	for _, s := range testKO {
-		if isValidDirective(Directive(s)) {
-			t.Errorf("Directive %q is expected to be invalid", s)
-		}
-	}
-}
-
-// Issue 11719. EncodeToken used to silently eat tokens with an invalid type.
-func TestSimpleUseOfEncodeToken(t *testing.T) {
-	var buf bytes.Buffer
-	enc := NewEncoder(&buf)
-	if err := enc.EncodeToken(&StartElement{Name: Name{"", "object1"}}); err == nil {
-		t.Errorf("enc.EncodeToken: pointer type should be rejected")
-	}
-	if err := enc.EncodeToken(&EndElement{Name: Name{"", "object1"}}); err == nil {
-		t.Errorf("enc.EncodeToken: pointer type should be rejected")
-	}
-	if err := enc.EncodeToken(StartElement{Name: Name{"", "object2"}}); err != nil {
-		t.Errorf("enc.EncodeToken: StartElement %s", err)
-	}
-	if err := enc.EncodeToken(EndElement{Name: Name{"", "object2"}}); err != nil {
-		t.Errorf("enc.EncodeToken: EndElement %s", err)
-	}
-	if err := enc.EncodeToken(Universe{}); err == nil {
-		t.Errorf("enc.EncodeToken: invalid type not caught")
-	}
-	if err := enc.Flush(); err != nil {
-		t.Errorf("enc.Flush: %s", err)
-	}
-	if buf.Len() == 0 {
-		t.Errorf("enc.EncodeToken: empty buffer")
-	}
-	want := ""
-	if buf.String() != want {
-		t.Errorf("enc.EncodeToken: expected %q; got %q", want, buf.String())
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/read.go b/vendor/golang.org/x/net/webdav/internal/xml/read.go
deleted file mode 100644
index 75b9f2ba..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/read.go
+++ /dev/null
@@ -1,692 +0,0 @@
-// Copyright 2009 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml
-
-import (
-	"bytes"
-	"encoding"
-	"errors"
-	"fmt"
-	"reflect"
-	"strconv"
-	"strings"
-)
-
-// BUG(rsc): Mapping between XML elements and data structures is inherently flawed:
-// an XML element is an order-dependent collection of anonymous
-// values, while a data structure is an order-independent collection
-// of named values.
-// See package json for a textual representation more suitable
-// to data structures.
-
-// Unmarshal parses the XML-encoded data and stores the result in
-// the value pointed to by v, which must be an arbitrary struct,
-// slice, or string. Well-formed data that does not fit into v is
-// discarded.
-//
-// Because Unmarshal uses the reflect package, it can only assign
-// to exported (upper case) fields.  Unmarshal uses a case-sensitive
-// comparison to match XML element names to tag values and struct
-// field names.
-//
-// Unmarshal maps an XML element to a struct using the following rules.
-// In the rules, the tag of a field refers to the value associated with the
-// key 'xml' in the struct field's tag (see the example above).
-//
-//   * If the struct has a field of type []byte or string with tag
-//      ",innerxml", Unmarshal accumulates the raw XML nested inside the
-//      element in that field.  The rest of the rules still apply.
-//
-//   * If the struct has a field named XMLName of type xml.Name,
-//      Unmarshal records the element name in that field.
-//
-//   * If the XMLName field has an associated tag of the form
-//      "name" or "namespace-URL name", the XML element must have
-//      the given name (and, optionally, name space) or else Unmarshal
-//      returns an error.
-//
-//   * If the XML element has an attribute whose name matches a
-//      struct field name with an associated tag containing ",attr" or
-//      the explicit name in a struct field tag of the form "name,attr",
-//      Unmarshal records the attribute value in that field.
-//
-//   * If the XML element contains character data, that data is
-//      accumulated in the first struct field that has tag ",chardata".
-//      The struct field may have type []byte or string.
-//      If there is no such field, the character data is discarded.
-//
-//   * If the XML element contains comments, they are accumulated in
-//      the first struct field that has tag ",comment".  The struct
-//      field may have type []byte or string.  If there is no such
-//      field, the comments are discarded.
-//
-//   * If the XML element contains a sub-element whose name matches
-//      the prefix of a tag formatted as "a" or "a>b>c", unmarshal
-//      will descend into the XML structure looking for elements with the
-//      given names, and will map the innermost elements to that struct
-//      field. A tag starting with ">" is equivalent to one starting
-//      with the field name followed by ">".
-//
-//   * If the XML element contains a sub-element whose name matches
-//      a struct field's XMLName tag and the struct field has no
-//      explicit name tag as per the previous rule, unmarshal maps
-//      the sub-element to that struct field.
-//
-//   * If the XML element contains a sub-element whose name matches a
-//      field without any mode flags (",attr", ",chardata", etc), Unmarshal
-//      maps the sub-element to that struct field.
-//
-//   * If the XML element contains a sub-element that hasn't matched any
-//      of the above rules and the struct has a field with tag ",any",
-//      unmarshal maps the sub-element to that struct field.
-//
-//   * An anonymous struct field is handled as if the fields of its
-//      value were part of the outer struct.
-//
-//   * A struct field with tag "-" is never unmarshalled into.
-//
-// Unmarshal maps an XML element to a string or []byte by saving the
-// concatenation of that element's character data in the string or
-// []byte. The saved []byte is never nil.
-//
-// Unmarshal maps an attribute value to a string or []byte by saving
-// the value in the string or slice.
-//
-// Unmarshal maps an XML element to a slice by extending the length of
-// the slice and mapping the element to the newly created value.
-//
-// Unmarshal maps an XML element or attribute value to a bool by
-// setting it to the boolean value represented by the string.
-//
-// Unmarshal maps an XML element or attribute value to an integer or
-// floating-point field by setting the field to the result of
-// interpreting the string value in decimal.  There is no check for
-// overflow.
-//
-// Unmarshal maps an XML element to an xml.Name by recording the
-// element name.
-//
-// Unmarshal maps an XML element to a pointer by setting the pointer
-// to a freshly allocated value and then mapping the element to that value.
-//
-func Unmarshal(data []byte, v interface{}) error {
-	return NewDecoder(bytes.NewReader(data)).Decode(v)
-}
-
-// Decode works like xml.Unmarshal, except it reads the decoder
-// stream to find the start element.
-func (d *Decoder) Decode(v interface{}) error {
-	return d.DecodeElement(v, nil)
-}
-
-// DecodeElement works like xml.Unmarshal except that it takes
-// a pointer to the start XML element to decode into v.
-// It is useful when a client reads some raw XML tokens itself
-// but also wants to defer to Unmarshal for some elements.
-func (d *Decoder) DecodeElement(v interface{}, start *StartElement) error {
-	val := reflect.ValueOf(v)
-	if val.Kind() != reflect.Ptr {
-		return errors.New("non-pointer passed to Unmarshal")
-	}
-	return d.unmarshal(val.Elem(), start)
-}
-
-// An UnmarshalError represents an error in the unmarshalling process.
-type UnmarshalError string
-
-func (e UnmarshalError) Error() string { return string(e) }
-
-// Unmarshaler is the interface implemented by objects that can unmarshal
-// an XML element description of themselves.
-//
-// UnmarshalXML decodes a single XML element
-// beginning with the given start element.
-// If it returns an error, the outer call to Unmarshal stops and
-// returns that error.
-// UnmarshalXML must consume exactly one XML element.
-// One common implementation strategy is to unmarshal into
-// a separate value with a layout matching the expected XML
-// using d.DecodeElement,  and then to copy the data from
-// that value into the receiver.
-// Another common strategy is to use d.Token to process the
-// XML object one token at a time.
-// UnmarshalXML may not use d.RawToken.
-type Unmarshaler interface {
-	UnmarshalXML(d *Decoder, start StartElement) error
-}
-
-// UnmarshalerAttr is the interface implemented by objects that can unmarshal
-// an XML attribute description of themselves.
-//
-// UnmarshalXMLAttr decodes a single XML attribute.
-// If it returns an error, the outer call to Unmarshal stops and
-// returns that error.
-// UnmarshalXMLAttr is used only for struct fields with the
-// "attr" option in the field tag.
-type UnmarshalerAttr interface {
-	UnmarshalXMLAttr(attr Attr) error
-}
-
-// receiverType returns the receiver type to use in an expression like "%s.MethodName".
-func receiverType(val interface{}) string {
-	t := reflect.TypeOf(val)
-	if t.Name() != "" {
-		return t.String()
-	}
-	return "(" + t.String() + ")"
-}
-
-// unmarshalInterface unmarshals a single XML element into val.
-// start is the opening tag of the element.
-func (p *Decoder) unmarshalInterface(val Unmarshaler, start *StartElement) error {
-	// Record that decoder must stop at end tag corresponding to start.
-	p.pushEOF()
-
-	p.unmarshalDepth++
-	err := val.UnmarshalXML(p, *start)
-	p.unmarshalDepth--
-	if err != nil {
-		p.popEOF()
-		return err
-	}
-
-	if !p.popEOF() {
-		return fmt.Errorf("xml: %s.UnmarshalXML did not consume entire <%s> element", receiverType(val), start.Name.Local)
-	}
-
-	return nil
-}
-
-// unmarshalTextInterface unmarshals a single XML element into val.
-// The chardata contained in the element (but not its children)
-// is passed to the text unmarshaler.
-func (p *Decoder) unmarshalTextInterface(val encoding.TextUnmarshaler, start *StartElement) error {
-	var buf []byte
-	depth := 1
-	for depth > 0 {
-		t, err := p.Token()
-		if err != nil {
-			return err
-		}
-		switch t := t.(type) {
-		case CharData:
-			if depth == 1 {
-				buf = append(buf, t...)
-			}
-		case StartElement:
-			depth++
-		case EndElement:
-			depth--
-		}
-	}
-	return val.UnmarshalText(buf)
-}
-
-// unmarshalAttr unmarshals a single XML attribute into val.
-func (p *Decoder) unmarshalAttr(val reflect.Value, attr Attr) error {
-	if val.Kind() == reflect.Ptr {
-		if val.IsNil() {
-			val.Set(reflect.New(val.Type().Elem()))
-		}
-		val = val.Elem()
-	}
-
-	if val.CanInterface() && val.Type().Implements(unmarshalerAttrType) {
-		// This is an unmarshaler with a non-pointer receiver,
-		// so it's likely to be incorrect, but we do what we're told.
-		return val.Interface().(UnmarshalerAttr).UnmarshalXMLAttr(attr)
-	}
-	if val.CanAddr() {
-		pv := val.Addr()
-		if pv.CanInterface() && pv.Type().Implements(unmarshalerAttrType) {
-			return pv.Interface().(UnmarshalerAttr).UnmarshalXMLAttr(attr)
-		}
-	}
-
-	// Not an UnmarshalerAttr; try encoding.TextUnmarshaler.
-	if val.CanInterface() && val.Type().Implements(textUnmarshalerType) {
-		// This is an unmarshaler with a non-pointer receiver,
-		// so it's likely to be incorrect, but we do what we're told.
-		return val.Interface().(encoding.TextUnmarshaler).UnmarshalText([]byte(attr.Value))
-	}
-	if val.CanAddr() {
-		pv := val.Addr()
-		if pv.CanInterface() && pv.Type().Implements(textUnmarshalerType) {
-			return pv.Interface().(encoding.TextUnmarshaler).UnmarshalText([]byte(attr.Value))
-		}
-	}
-
-	copyValue(val, []byte(attr.Value))
-	return nil
-}
-
-var (
-	unmarshalerType     = reflect.TypeOf((*Unmarshaler)(nil)).Elem()
-	unmarshalerAttrType = reflect.TypeOf((*UnmarshalerAttr)(nil)).Elem()
-	textUnmarshalerType = reflect.TypeOf((*encoding.TextUnmarshaler)(nil)).Elem()
-)
-
-// Unmarshal a single XML element into val.
-func (p *Decoder) unmarshal(val reflect.Value, start *StartElement) error {
-	// Find start element if we need it.
-	if start == nil {
-		for {
-			tok, err := p.Token()
-			if err != nil {
-				return err
-			}
-			if t, ok := tok.(StartElement); ok {
-				start = &t
-				break
-			}
-		}
-	}
-
-	// Load value from interface, but only if the result will be
-	// usefully addressable.
-	if val.Kind() == reflect.Interface && !val.IsNil() {
-		e := val.Elem()
-		if e.Kind() == reflect.Ptr && !e.IsNil() {
-			val = e
-		}
-	}
-
-	if val.Kind() == reflect.Ptr {
-		if val.IsNil() {
-			val.Set(reflect.New(val.Type().Elem()))
-		}
-		val = val.Elem()
-	}
-
-	if val.CanInterface() && val.Type().Implements(unmarshalerType) {
-		// This is an unmarshaler with a non-pointer receiver,
-		// so it's likely to be incorrect, but we do what we're told.
-		return p.unmarshalInterface(val.Interface().(Unmarshaler), start)
-	}
-
-	if val.CanAddr() {
-		pv := val.Addr()
-		if pv.CanInterface() && pv.Type().Implements(unmarshalerType) {
-			return p.unmarshalInterface(pv.Interface().(Unmarshaler), start)
-		}
-	}
-
-	if val.CanInterface() && val.Type().Implements(textUnmarshalerType) {
-		return p.unmarshalTextInterface(val.Interface().(encoding.TextUnmarshaler), start)
-	}
-
-	if val.CanAddr() {
-		pv := val.Addr()
-		if pv.CanInterface() && pv.Type().Implements(textUnmarshalerType) {
-			return p.unmarshalTextInterface(pv.Interface().(encoding.TextUnmarshaler), start)
-		}
-	}
-
-	var (
-		data         []byte
-		saveData     reflect.Value
-		comment      []byte
-		saveComment  reflect.Value
-		saveXML      reflect.Value
-		saveXMLIndex int
-		saveXMLData  []byte
-		saveAny      reflect.Value
-		sv           reflect.Value
-		tinfo        *typeInfo
-		err          error
-	)
-
-	switch v := val; v.Kind() {
-	default:
-		return errors.New("unknown type " + v.Type().String())
-
-	case reflect.Interface:
-		// TODO: For now, simply ignore the field. In the near
-		//       future we may choose to unmarshal the start
-		//       element on it, if not nil.
-		return p.Skip()
-
-	case reflect.Slice:
-		typ := v.Type()
-		if typ.Elem().Kind() == reflect.Uint8 {
-			// []byte
-			saveData = v
-			break
-		}
-
-		// Slice of element values.
-		// Grow slice.
-		n := v.Len()
-		if n >= v.Cap() {
-			ncap := 2 * n
-			if ncap < 4 {
-				ncap = 4
-			}
-			new := reflect.MakeSlice(typ, n, ncap)
-			reflect.Copy(new, v)
-			v.Set(new)
-		}
-		v.SetLen(n + 1)
-
-		// Recur to read element into slice.
-		if err := p.unmarshal(v.Index(n), start); err != nil {
-			v.SetLen(n)
-			return err
-		}
-		return nil
-
-	case reflect.Bool, reflect.Float32, reflect.Float64, reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64, reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr, reflect.String:
-		saveData = v
-
-	case reflect.Struct:
-		typ := v.Type()
-		if typ == nameType {
-			v.Set(reflect.ValueOf(start.Name))
-			break
-		}
-
-		sv = v
-		tinfo, err = getTypeInfo(typ)
-		if err != nil {
-			return err
-		}
-
-		// Validate and assign element name.
-		if tinfo.xmlname != nil {
-			finfo := tinfo.xmlname
-			if finfo.name != "" && finfo.name != start.Name.Local {
-				return UnmarshalError("expected element type <" + finfo.name + "> but have <" + start.Name.Local + ">")
-			}
-			if finfo.xmlns != "" && finfo.xmlns != start.Name.Space {
-				e := "expected element <" + finfo.name + "> in name space " + finfo.xmlns + " but have "
-				if start.Name.Space == "" {
-					e += "no name space"
-				} else {
-					e += start.Name.Space
-				}
-				return UnmarshalError(e)
-			}
-			fv := finfo.value(sv)
-			if _, ok := fv.Interface().(Name); ok {
-				fv.Set(reflect.ValueOf(start.Name))
-			}
-		}
-
-		// Assign attributes.
-		// Also, determine whether we need to save character data or comments.
-		for i := range tinfo.fields {
-			finfo := &tinfo.fields[i]
-			switch finfo.flags & fMode {
-			case fAttr:
-				strv := finfo.value(sv)
-				// Look for attribute.
-				for _, a := range start.Attr {
-					if a.Name.Local == finfo.name && (finfo.xmlns == "" || finfo.xmlns == a.Name.Space) {
-						if err := p.unmarshalAttr(strv, a); err != nil {
-							return err
-						}
-						break
-					}
-				}
-
-			case fCharData:
-				if !saveData.IsValid() {
-					saveData = finfo.value(sv)
-				}
-
-			case fComment:
-				if !saveComment.IsValid() {
-					saveComment = finfo.value(sv)
-				}
-
-			case fAny, fAny | fElement:
-				if !saveAny.IsValid() {
-					saveAny = finfo.value(sv)
-				}
-
-			case fInnerXml:
-				if !saveXML.IsValid() {
-					saveXML = finfo.value(sv)
-					if p.saved == nil {
-						saveXMLIndex = 0
-						p.saved = new(bytes.Buffer)
-					} else {
-						saveXMLIndex = p.savedOffset()
-					}
-				}
-			}
-		}
-	}
-
-	// Find end element.
-	// Process sub-elements along the way.
-Loop:
-	for {
-		var savedOffset int
-		if saveXML.IsValid() {
-			savedOffset = p.savedOffset()
-		}
-		tok, err := p.Token()
-		if err != nil {
-			return err
-		}
-		switch t := tok.(type) {
-		case StartElement:
-			consumed := false
-			if sv.IsValid() {
-				consumed, err = p.unmarshalPath(tinfo, sv, nil, &t)
-				if err != nil {
-					return err
-				}
-				if !consumed && saveAny.IsValid() {
-					consumed = true
-					if err := p.unmarshal(saveAny, &t); err != nil {
-						return err
-					}
-				}
-			}
-			if !consumed {
-				if err := p.Skip(); err != nil {
-					return err
-				}
-			}
-
-		case EndElement:
-			if saveXML.IsValid() {
-				saveXMLData = p.saved.Bytes()[saveXMLIndex:savedOffset]
-				if saveXMLIndex == 0 {
-					p.saved = nil
-				}
-			}
-			break Loop
-
-		case CharData:
-			if saveData.IsValid() {
-				data = append(data, t...)
-			}
-
-		case Comment:
-			if saveComment.IsValid() {
-				comment = append(comment, t...)
-			}
-		}
-	}
-
-	if saveData.IsValid() && saveData.CanInterface() && saveData.Type().Implements(textUnmarshalerType) {
-		if err := saveData.Interface().(encoding.TextUnmarshaler).UnmarshalText(data); err != nil {
-			return err
-		}
-		saveData = reflect.Value{}
-	}
-
-	if saveData.IsValid() && saveData.CanAddr() {
-		pv := saveData.Addr()
-		if pv.CanInterface() && pv.Type().Implements(textUnmarshalerType) {
-			if err := pv.Interface().(encoding.TextUnmarshaler).UnmarshalText(data); err != nil {
-				return err
-			}
-			saveData = reflect.Value{}
-		}
-	}
-
-	if err := copyValue(saveData, data); err != nil {
-		return err
-	}
-
-	switch t := saveComment; t.Kind() {
-	case reflect.String:
-		t.SetString(string(comment))
-	case reflect.Slice:
-		t.Set(reflect.ValueOf(comment))
-	}
-
-	switch t := saveXML; t.Kind() {
-	case reflect.String:
-		t.SetString(string(saveXMLData))
-	case reflect.Slice:
-		t.Set(reflect.ValueOf(saveXMLData))
-	}
-
-	return nil
-}
-
-func copyValue(dst reflect.Value, src []byte) (err error) {
-	dst0 := dst
-
-	if dst.Kind() == reflect.Ptr {
-		if dst.IsNil() {
-			dst.Set(reflect.New(dst.Type().Elem()))
-		}
-		dst = dst.Elem()
-	}
-
-	// Save accumulated data.
-	switch dst.Kind() {
-	case reflect.Invalid:
-		// Probably a comment.
-	default:
-		return errors.New("cannot unmarshal into " + dst0.Type().String())
-	case reflect.Int, reflect.Int8, reflect.Int16, reflect.Int32, reflect.Int64:
-		itmp, err := strconv.ParseInt(string(src), 10, dst.Type().Bits())
-		if err != nil {
-			return err
-		}
-		dst.SetInt(itmp)
-	case reflect.Uint, reflect.Uint8, reflect.Uint16, reflect.Uint32, reflect.Uint64, reflect.Uintptr:
-		utmp, err := strconv.ParseUint(string(src), 10, dst.Type().Bits())
-		if err != nil {
-			return err
-		}
-		dst.SetUint(utmp)
-	case reflect.Float32, reflect.Float64:
-		ftmp, err := strconv.ParseFloat(string(src), dst.Type().Bits())
-		if err != nil {
-			return err
-		}
-		dst.SetFloat(ftmp)
-	case reflect.Bool:
-		value, err := strconv.ParseBool(strings.TrimSpace(string(src)))
-		if err != nil {
-			return err
-		}
-		dst.SetBool(value)
-	case reflect.String:
-		dst.SetString(string(src))
-	case reflect.Slice:
-		if len(src) == 0 {
-			// non-nil to flag presence
-			src = []byte{}
-		}
-		dst.SetBytes(src)
-	}
-	return nil
-}
-
-// unmarshalPath walks down an XML structure looking for wanted
-// paths, and calls unmarshal on them.
-// The consumed result tells whether XML elements have been consumed
-// from the Decoder until start's matching end element, or if it's
-// still untouched because start is uninteresting for sv's fields.
-func (p *Decoder) unmarshalPath(tinfo *typeInfo, sv reflect.Value, parents []string, start *StartElement) (consumed bool, err error) {
-	recurse := false
-Loop:
-	for i := range tinfo.fields {
-		finfo := &tinfo.fields[i]
-		if finfo.flags&fElement == 0 || len(finfo.parents) < len(parents) || finfo.xmlns != "" && finfo.xmlns != start.Name.Space {
-			continue
-		}
-		for j := range parents {
-			if parents[j] != finfo.parents[j] {
-				continue Loop
-			}
-		}
-		if len(finfo.parents) == len(parents) && finfo.name == start.Name.Local {
-			// It's a perfect match, unmarshal the field.
-			return true, p.unmarshal(finfo.value(sv), start)
-		}
-		if len(finfo.parents) > len(parents) && finfo.parents[len(parents)] == start.Name.Local {
-			// It's a prefix for the field. Break and recurse
-			// since it's not ok for one field path to be itself
-			// the prefix for another field path.
-			recurse = true
-
-			// We can reuse the same slice as long as we
-			// don't try to append to it.
-			parents = finfo.parents[:len(parents)+1]
-			break
-		}
-	}
-	if !recurse {
-		// We have no business with this element.
-		return false, nil
-	}
-	// The element is not a perfect match for any field, but one
-	// or more fields have the path to this element as a parent
-	// prefix. Recurse and attempt to match these.
-	for {
-		var tok Token
-		tok, err = p.Token()
-		if err != nil {
-			return true, err
-		}
-		switch t := tok.(type) {
-		case StartElement:
-			consumed2, err := p.unmarshalPath(tinfo, sv, parents, &t)
-			if err != nil {
-				return true, err
-			}
-			if !consumed2 {
-				if err := p.Skip(); err != nil {
-					return true, err
-				}
-			}
-		case EndElement:
-			return true, nil
-		}
-	}
-}
-
-// Skip reads tokens until it has consumed the end element
-// matching the most recent start element already consumed.
-// It recurs if it encounters a start element, so it can be used to
-// skip nested structures.
-// It returns nil if it finds an end element matching the start
-// element; otherwise it returns an error describing the problem.
-func (d *Decoder) Skip() error {
-	for {
-		tok, err := d.Token()
-		if err != nil {
-			return err
-		}
-		switch tok.(type) {
-		case StartElement:
-			if err := d.Skip(); err != nil {
-				return err
-			}
-		case EndElement:
-			return nil
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/read_test.go b/vendor/golang.org/x/net/webdav/internal/xml/read_test.go
deleted file mode 100644
index 02f1e10c..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/read_test.go
+++ /dev/null
@@ -1,744 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"reflect"
-	"strings"
-	"testing"
-	"time"
-)
-
-// Stripped down Atom feed data structures.
-
-func TestUnmarshalFeed(t *testing.T) {
-	var f Feed
-	if err := Unmarshal([]byte(atomFeedString), &f); err != nil {
-		t.Fatalf("Unmarshal: %s", err)
-	}
-	if !reflect.DeepEqual(f, atomFeed) {
-		t.Fatalf("have %#v\nwant %#v", f, atomFeed)
-	}
-}
-
-// hget http://codereview.appspot.com/rss/mine/rsc
-const atomFeedString = `
-
-Code Review - My issueshttp://codereview.appspot.com/rietveld<>rietveld: an attempt at pubsubhubbub
-2009-10-04T01:35:58+00:00email-address-removedurn:md5:134d9179c41f806be79b3a5f7877d19a
-  An attempt at adding pubsubhubbub support to Rietveld.
-http://code.google.com/p/pubsubhubbub
-http://code.google.com/p/rietveld/issues/detail?id=155
-
-The server side of the protocol is trivial:
-  1. add a &lt;link rel=&quot;hub&quot; href=&quot;hub-server&quot;&gt; tag to all
-     feeds that will be pubsubhubbubbed.
-  2. every time one of those feeds changes, tell the hub
-     with a simple POST request.
-
-I have tested this by adding debug prints to a local hub
-server and checking that the server got the right publish
-requests.
-
-I can&#39;t quite get the server to work, but I think the bug
-is not in my code.  I think that the server expects to be
-able to grab the feed and see the feed&#39;s actual URL in
-the link rel=&quot;self&quot;, but the default value for that drops
-the :port from the URL, and I cannot for the life of me
-figure out how to get the Atom generator deep inside
-django not to do that, or even where it is doing that,
-or even what code is running to generate the Atom feed.
-(I thought I knew but I added some assert False statements
-and it kept running!)
-
-Ignoring that particular problem, I would appreciate
-feedback on the right way to get the two values at
-the top of feeds.py marked NOTE(rsc).
-
-
-rietveld: correct tab handling
-2009-10-03T23:02:17+00:00email-address-removedurn:md5:0a2a4f19bb815101f0ba2904aed7c35a
-  This fixes the buggy tab rendering that can be seen at
-http://codereview.appspot.com/116075/diff/1/2
-
-The fundamental problem was that the tab code was
-not being told what column the text began in, so it
-didn&#39;t know where to put the tab stops.  Another problem
-was that some of the code assumed that string byte
-offsets were the same as column offsets, which is only
-true if there are no tabs.
-
-In the process of fixing this, I cleaned up the arguments
-to Fold and ExpandTabs and renamed them Break and
-_ExpandTabs so that I could be sure that I found all the
-call sites.  I also wanted to verify that ExpandTabs was
-not being used from outside intra_region_diff.py.
-
-
- 	   `
-
-type Feed struct {
-	XMLName Name      `xml:"http://www.w3.org/2005/Atom feed"`
-	Title   string    `xml:"title"`
-	Id      string    `xml:"id"`
-	Link    []Link    `xml:"link"`
-	Updated time.Time `xml:"updated,attr"`
-	Author  Person    `xml:"author"`
-	Entry   []Entry   `xml:"entry"`
-}
-
-type Entry struct {
-	Title   string    `xml:"title"`
-	Id      string    `xml:"id"`
-	Link    []Link    `xml:"link"`
-	Updated time.Time `xml:"updated"`
-	Author  Person    `xml:"author"`
-	Summary Text      `xml:"summary"`
-}
-
-type Link struct {
-	Rel  string `xml:"rel,attr,omitempty"`
-	Href string `xml:"href,attr"`
-}
-
-type Person struct {
-	Name     string `xml:"name"`
-	URI      string `xml:"uri"`
-	Email    string `xml:"email"`
-	InnerXML string `xml:",innerxml"`
-}
-
-type Text struct {
-	Type string `xml:"type,attr,omitempty"`
-	Body string `xml:",chardata"`
-}
-
-var atomFeed = Feed{
-	XMLName: Name{"http://www.w3.org/2005/Atom", "feed"},
-	Title:   "Code Review - My issues",
-	Link: []Link{
-		{Rel: "alternate", Href: "http://codereview.appspot.com/"},
-		{Rel: "self", Href: "http://codereview.appspot.com/rss/mine/rsc"},
-	},
-	Id:      "http://codereview.appspot.com/",
-	Updated: ParseTime("2009-10-04T01:35:58+00:00"),
-	Author: Person{
-		Name:     "rietveld<>",
-		InnerXML: "rietveld<>",
-	},
-	Entry: []Entry{
-		{
-			Title: "rietveld: an attempt at pubsubhubbub\n",
-			Link: []Link{
-				{Rel: "alternate", Href: "http://codereview.appspot.com/126085"},
-			},
-			Updated: ParseTime("2009-10-04T01:35:58+00:00"),
-			Author: Person{
-				Name:     "email-address-removed",
-				InnerXML: "email-address-removed",
-			},
-			Id: "urn:md5:134d9179c41f806be79b3a5f7877d19a",
-			Summary: Text{
-				Type: "html",
-				Body: `
-  An attempt at adding pubsubhubbub support to Rietveld.
-http://code.google.com/p/pubsubhubbub
-http://code.google.com/p/rietveld/issues/detail?id=155
-
-The server side of the protocol is trivial:
-  1. add a <link rel="hub" href="hub-server"> tag to all
-     feeds that will be pubsubhubbubbed.
-  2. every time one of those feeds changes, tell the hub
-     with a simple POST request.
-
-I have tested this by adding debug prints to a local hub
-server and checking that the server got the right publish
-requests.
-
-I can't quite get the server to work, but I think the bug
-is not in my code.  I think that the server expects to be
-able to grab the feed and see the feed's actual URL in
-the link rel="self", but the default value for that drops
-the :port from the URL, and I cannot for the life of me
-figure out how to get the Atom generator deep inside
-django not to do that, or even where it is doing that,
-or even what code is running to generate the Atom feed.
-(I thought I knew but I added some assert False statements
-and it kept running!)
-
-Ignoring that particular problem, I would appreciate
-feedback on the right way to get the two values at
-the top of feeds.py marked NOTE(rsc).
-
-
-`,
-			},
-		},
-		{
-			Title: "rietveld: correct tab handling\n",
-			Link: []Link{
-				{Rel: "alternate", Href: "http://codereview.appspot.com/124106"},
-			},
-			Updated: ParseTime("2009-10-03T23:02:17+00:00"),
-			Author: Person{
-				Name:     "email-address-removed",
-				InnerXML: "email-address-removed",
-			},
-			Id: "urn:md5:0a2a4f19bb815101f0ba2904aed7c35a",
-			Summary: Text{
-				Type: "html",
-				Body: `
-  This fixes the buggy tab rendering that can be seen at
-http://codereview.appspot.com/116075/diff/1/2
-
-The fundamental problem was that the tab code was
-not being told what column the text began in, so it
-didn't know where to put the tab stops.  Another problem
-was that some of the code assumed that string byte
-offsets were the same as column offsets, which is only
-true if there are no tabs.
-
-In the process of fixing this, I cleaned up the arguments
-to Fold and ExpandTabs and renamed them Break and
-_ExpandTabs so that I could be sure that I found all the
-call sites.  I also wanted to verify that ExpandTabs was
-not being used from outside intra_region_diff.py.
-
-
-`,
-			},
-		},
-	},
-}
-
-const pathTestString = `
-
-    1
-    
-        
-            A
-        
-        
-            B
-        
-        
-            C
-            D
-        
-        <_>
-            E
-        
-    
-    2
-
-`
-
-type PathTestItem struct {
-	Value string
-}
-
-type PathTestA struct {
-	Items         []PathTestItem `xml:">Item1"`
-	Before, After string
-}
-
-type PathTestB struct {
-	Other         []PathTestItem `xml:"Items>Item1"`
-	Before, After string
-}
-
-type PathTestC struct {
-	Values1       []string `xml:"Items>Item1>Value"`
-	Values2       []string `xml:"Items>Item2>Value"`
-	Before, After string
-}
-
-type PathTestSet struct {
-	Item1 []PathTestItem
-}
-
-type PathTestD struct {
-	Other         PathTestSet `xml:"Items"`
-	Before, After string
-}
-
-type PathTestE struct {
-	Underline     string `xml:"Items>_>Value"`
-	Before, After string
-}
-
-var pathTests = []interface{}{
-	&PathTestA{Items: []PathTestItem{{"A"}, {"D"}}, Before: "1", After: "2"},
-	&PathTestB{Other: []PathTestItem{{"A"}, {"D"}}, Before: "1", After: "2"},
-	&PathTestC{Values1: []string{"A", "C", "D"}, Values2: []string{"B"}, Before: "1", After: "2"},
-	&PathTestD{Other: PathTestSet{Item1: []PathTestItem{{"A"}, {"D"}}}, Before: "1", After: "2"},
-	&PathTestE{Underline: "E", Before: "1", After: "2"},
-}
-
-func TestUnmarshalPaths(t *testing.T) {
-	for _, pt := range pathTests {
-		v := reflect.New(reflect.TypeOf(pt).Elem()).Interface()
-		if err := Unmarshal([]byte(pathTestString), v); err != nil {
-			t.Fatalf("Unmarshal: %s", err)
-		}
-		if !reflect.DeepEqual(v, pt) {
-			t.Fatalf("have %#v\nwant %#v", v, pt)
-		}
-	}
-}
-
-type BadPathTestA struct {
-	First  string `xml:"items>item1"`
-	Other  string `xml:"items>item2"`
-	Second string `xml:"items"`
-}
-
-type BadPathTestB struct {
-	Other  string `xml:"items>item2>value"`
-	First  string `xml:"items>item1"`
-	Second string `xml:"items>item1>value"`
-}
-
-type BadPathTestC struct {
-	First  string
-	Second string `xml:"First"`
-}
-
-type BadPathTestD struct {
-	BadPathEmbeddedA
-	BadPathEmbeddedB
-}
-
-type BadPathEmbeddedA struct {
-	First string
-}
-
-type BadPathEmbeddedB struct {
-	Second string `xml:"First"`
-}
-
-var badPathTests = []struct {
-	v, e interface{}
-}{
-	{&BadPathTestA{}, &TagPathError{reflect.TypeOf(BadPathTestA{}), "First", "items>item1", "Second", "items"}},
-	{&BadPathTestB{}, &TagPathError{reflect.TypeOf(BadPathTestB{}), "First", "items>item1", "Second", "items>item1>value"}},
-	{&BadPathTestC{}, &TagPathError{reflect.TypeOf(BadPathTestC{}), "First", "", "Second", "First"}},
-	{&BadPathTestD{}, &TagPathError{reflect.TypeOf(BadPathTestD{}), "First", "", "Second", "First"}},
-}
-
-func TestUnmarshalBadPaths(t *testing.T) {
-	for _, tt := range badPathTests {
-		err := Unmarshal([]byte(pathTestString), tt.v)
-		if !reflect.DeepEqual(err, tt.e) {
-			t.Fatalf("Unmarshal with %#v didn't fail properly:\nhave %#v,\nwant %#v", tt.v, err, tt.e)
-		}
-	}
-}
-
-const OK = "OK"
-const withoutNameTypeData = `
-
-`
-
-type TestThree struct {
-	XMLName Name   `xml:"Test3"`
-	Attr    string `xml:",attr"`
-}
-
-func TestUnmarshalWithoutNameType(t *testing.T) {
-	var x TestThree
-	if err := Unmarshal([]byte(withoutNameTypeData), &x); err != nil {
-		t.Fatalf("Unmarshal: %s", err)
-	}
-	if x.Attr != OK {
-		t.Fatalf("have %v\nwant %v", x.Attr, OK)
-	}
-}
-
-func TestUnmarshalAttr(t *testing.T) {
-	type ParamVal struct {
-		Int int `xml:"int,attr"`
-	}
-
-	type ParamPtr struct {
-		Int *int `xml:"int,attr"`
-	}
-
-	type ParamStringPtr struct {
-		Int *string `xml:"int,attr"`
-	}
-
-	x := []byte(``)
-
-	p1 := &ParamPtr{}
-	if err := Unmarshal(x, p1); err != nil {
-		t.Fatalf("Unmarshal: %s", err)
-	}
-	if p1.Int == nil {
-		t.Fatalf("Unmarshal failed in to *int field")
-	} else if *p1.Int != 1 {
-		t.Fatalf("Unmarshal with %s failed:\nhave %#v,\n want %#v", x, p1.Int, 1)
-	}
-
-	p2 := &ParamVal{}
-	if err := Unmarshal(x, p2); err != nil {
-		t.Fatalf("Unmarshal: %s", err)
-	}
-	if p2.Int != 1 {
-		t.Fatalf("Unmarshal with %s failed:\nhave %#v,\n want %#v", x, p2.Int, 1)
-	}
-
-	p3 := &ParamStringPtr{}
-	if err := Unmarshal(x, p3); err != nil {
-		t.Fatalf("Unmarshal: %s", err)
-	}
-	if p3.Int == nil {
-		t.Fatalf("Unmarshal failed in to *string field")
-	} else if *p3.Int != "1" {
-		t.Fatalf("Unmarshal with %s failed:\nhave %#v,\n want %#v", x, p3.Int, 1)
-	}
-}
-
-type Tables struct {
-	HTable string `xml:"http://www.w3.org/TR/html4/ table"`
-	FTable string `xml:"http://www.w3schools.com/furniture table"`
-}
-
-var tables = []struct {
-	xml string
-	tab Tables
-	ns  string
-}{
-	{
-		xml: `` +
-			`hello
    ` +
-			`world
    ` +
-			`    `,
-		tab: Tables{"hello", "world"},
-	},
-	{
-		xml: `` +
-			`world
    ` +
-			`hello
    ` +
-			`    `,
-		tab: Tables{"hello", "world"},
-	},
-	{
-		xml: `` +
-			`world` +
-			`hello` +
-			``,
-		tab: Tables{"hello", "world"},
-	},
-	{
-		xml: `` +
-			`bogus
    ` +
-			`    `,
-		tab: Tables{},
-	},
-	{
-		xml: `` +
-			`only
    ` +
-			`    `,
-		tab: Tables{HTable: "only"},
-		ns:  "http://www.w3.org/TR/html4/",
-	},
-	{
-		xml: `` +
-			`only
    ` +
-			`    `,
-		tab: Tables{FTable: "only"},
-		ns:  "http://www.w3schools.com/furniture",
-	},
-	{
-		xml: `` +
-			`only
    ` +
-			`    `,
-		tab: Tables{},
-		ns:  "something else entirely",
-	},
-}
-
-func TestUnmarshalNS(t *testing.T) {
-	for i, tt := range tables {
-		var dst Tables
-		var err error
-		if tt.ns != "" {
-			d := NewDecoder(strings.NewReader(tt.xml))
-			d.DefaultSpace = tt.ns
-			err = d.Decode(&dst)
-		} else {
-			err = Unmarshal([]byte(tt.xml), &dst)
-		}
-		if err != nil {
-			t.Errorf("#%d: Unmarshal: %v", i, err)
-			continue
-		}
-		want := tt.tab
-		if dst != want {
-			t.Errorf("#%d: dst=%+v, want %+v", i, dst, want)
-		}
-	}
-}
-
-func TestRoundTrip(t *testing.T) {
-	// From issue 7535
-	const s = ``
-	in := bytes.NewBufferString(s)
-	for i := 0; i < 10; i++ {
-		out := &bytes.Buffer{}
-		d := NewDecoder(in)
-		e := NewEncoder(out)
-
-		for {
-			t, err := d.Token()
-			if err == io.EOF {
-				break
-			}
-			if err != nil {
-				fmt.Println("failed:", err)
-				return
-			}
-			e.EncodeToken(t)
-		}
-		e.Flush()
-		in = out
-	}
-	if got := in.String(); got != s {
-		t.Errorf("have: %q\nwant: %q\n", got, s)
-	}
-}
-
-func TestMarshalNS(t *testing.T) {
-	dst := Tables{"hello", "world"}
-	data, err := Marshal(&dst)
-	if err != nil {
-		t.Fatalf("Marshal: %v", err)
-	}
-	want := `hello
    world
    `
-	str := string(data)
-	if str != want {
-		t.Errorf("have: %q\nwant: %q\n", str, want)
-	}
-}
-
-type TableAttrs struct {
-	TAttr TAttr
-}
-
-type TAttr struct {
-	HTable string `xml:"http://www.w3.org/TR/html4/ table,attr"`
-	FTable string `xml:"http://www.w3schools.com/furniture table,attr"`
-	Lang   string `xml:"http://www.w3.org/XML/1998/namespace lang,attr,omitempty"`
-	Other1 string `xml:"http://golang.org/xml/ other,attr,omitempty"`
-	Other2 string `xml:"http://golang.org/xmlfoo/ other,attr,omitempty"`
-	Other3 string `xml:"http://golang.org/json/ other,attr,omitempty"`
-	Other4 string `xml:"http://golang.org/2/json/ other,attr,omitempty"`
-}
-
-var tableAttrs = []struct {
-	xml string
-	tab TableAttrs
-	ns  string
-}{
-	{
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "hello", FTable: "world"}},
-	},
-	{
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "hello", FTable: "world"}},
-	},
-	{
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "hello", FTable: "world"}},
-	},
-	{
-		// Default space does not apply to attribute names.
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "hello", FTable: ""}},
-	},
-	{
-		// Default space does not apply to attribute names.
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "", FTable: "world"}},
-	},
-	{
-		xml: ``,
-		tab: TableAttrs{},
-	},
-	{
-		// Default space does not apply to attribute names.
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "hello", FTable: ""}},
-		ns:  "http://www.w3schools.com/furniture",
-	},
-	{
-		// Default space does not apply to attribute names.
-		xml: ``,
-		tab: TableAttrs{TAttr{HTable: "", FTable: "world"}},
-		ns:  "http://www.w3.org/TR/html4/",
-	},
-	{
-		xml: ``,
-		tab: TableAttrs{},
-		ns:  "something else entirely",
-	},
-}
-
-func TestUnmarshalNSAttr(t *testing.T) {
-	for i, tt := range tableAttrs {
-		var dst TableAttrs
-		var err error
-		if tt.ns != "" {
-			d := NewDecoder(strings.NewReader(tt.xml))
-			d.DefaultSpace = tt.ns
-			err = d.Decode(&dst)
-		} else {
-			err = Unmarshal([]byte(tt.xml), &dst)
-		}
-		if err != nil {
-			t.Errorf("#%d: Unmarshal: %v", i, err)
-			continue
-		}
-		want := tt.tab
-		if dst != want {
-			t.Errorf("#%d: dst=%+v, want %+v", i, dst, want)
-		}
-	}
-}
-
-func TestMarshalNSAttr(t *testing.T) {
-	src := TableAttrs{TAttr{"hello", "world", "en_US", "other1", "other2", "other3", "other4"}}
-	data, err := Marshal(&src)
-	if err != nil {
-		t.Fatalf("Marshal: %v", err)
-	}
-	want := ``
-	str := string(data)
-	if str != want {
-		t.Errorf("Marshal:\nhave: %#q\nwant: %#q\n", str, want)
-	}
-
-	var dst TableAttrs
-	if err := Unmarshal(data, &dst); err != nil {
-		t.Errorf("Unmarshal: %v", err)
-	}
-
-	if dst != src {
-		t.Errorf("Unmarshal = %q, want %q", dst, src)
-	}
-}
-
-type MyCharData struct {
-	body string
-}
-
-func (m *MyCharData) UnmarshalXML(d *Decoder, start StartElement) error {
-	for {
-		t, err := d.Token()
-		if err == io.EOF { // found end of element
-			break
-		}
-		if err != nil {
-			return err
-		}
-		if char, ok := t.(CharData); ok {
-			m.body += string(char)
-		}
-	}
-	return nil
-}
-
-var _ Unmarshaler = (*MyCharData)(nil)
-
-func (m *MyCharData) UnmarshalXMLAttr(attr Attr) error {
-	panic("must not call")
-}
-
-type MyAttr struct {
-	attr string
-}
-
-func (m *MyAttr) UnmarshalXMLAttr(attr Attr) error {
-	m.attr = attr.Value
-	return nil
-}
-
-var _ UnmarshalerAttr = (*MyAttr)(nil)
-
-type MyStruct struct {
-	Data *MyCharData
-	Attr *MyAttr `xml:",attr"`
-
-	Data2 MyCharData
-	Attr2 MyAttr `xml:",attr"`
-}
-
-func TestUnmarshaler(t *testing.T) {
-	xml := `
-		
-		hello world
-		howdy world
-		
-	`
-
-	var m MyStruct
-	if err := Unmarshal([]byte(xml), &m); err != nil {
-		t.Fatal(err)
-	}
-
-	if m.Data == nil || m.Attr == nil || m.Data.body != "hello world" || m.Attr.attr != "attr1" || m.Data2.body != "howdy world" || m.Attr2.attr != "attr2" {
-		t.Errorf("m=%#+v\n", m)
-	}
-}
-
-type Pea struct {
-	Cotelydon string
-}
-
-type Pod struct {
-	Pea interface{} `xml:"Pea"`
-}
-
-// https://golang.org/issue/6836
-func TestUnmarshalIntoInterface(t *testing.T) {
-	pod := new(Pod)
-	pod.Pea = new(Pea)
-	xml := `Green stuff`
-	err := Unmarshal([]byte(xml), pod)
-	if err != nil {
-		t.Fatalf("failed to unmarshal %q: %v", xml, err)
-	}
-	pea, ok := pod.Pea.(*Pea)
-	if !ok {
-		t.Fatalf("unmarshalled into wrong type: have %T want *Pea", pod.Pea)
-	}
-	have, want := pea.Cotelydon, "Green stuff"
-	if have != want {
-		t.Errorf("failed to unmarshal into interface, have %q want %q", have, want)
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/typeinfo.go b/vendor/golang.org/x/net/webdav/internal/xml/typeinfo.go
deleted file mode 100644
index c9a6421f..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/typeinfo.go
+++ /dev/null
@@ -1,371 +0,0 @@
-// Copyright 2011 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xml
-
-import (
-	"fmt"
-	"reflect"
-	"strings"
-	"sync"
-)
-
-// typeInfo holds details for the xml representation of a type.
-type typeInfo struct {
-	xmlname *fieldInfo
-	fields  []fieldInfo
-}
-
-// fieldInfo holds details for the xml representation of a single field.
-type fieldInfo struct {
-	idx     []int
-	name    string
-	xmlns   string
-	flags   fieldFlags
-	parents []string
-}
-
-type fieldFlags int
-
-const (
-	fElement fieldFlags = 1 << iota
-	fAttr
-	fCharData
-	fInnerXml
-	fComment
-	fAny
-
-	fOmitEmpty
-
-	fMode = fElement | fAttr | fCharData | fInnerXml | fComment | fAny
-)
-
-var tinfoMap = make(map[reflect.Type]*typeInfo)
-var tinfoLock sync.RWMutex
-
-var nameType = reflect.TypeOf(Name{})
-
-// getTypeInfo returns the typeInfo structure with details necessary
-// for marshalling and unmarshalling typ.
-func getTypeInfo(typ reflect.Type) (*typeInfo, error) {
-	tinfoLock.RLock()
-	tinfo, ok := tinfoMap[typ]
-	tinfoLock.RUnlock()
-	if ok {
-		return tinfo, nil
-	}
-	tinfo = &typeInfo{}
-	if typ.Kind() == reflect.Struct && typ != nameType {
-		n := typ.NumField()
-		for i := 0; i < n; i++ {
-			f := typ.Field(i)
-			if f.PkgPath != "" || f.Tag.Get("xml") == "-" {
-				continue // Private field
-			}
-
-			// For embedded structs, embed its fields.
-			if f.Anonymous {
-				t := f.Type
-				if t.Kind() == reflect.Ptr {
-					t = t.Elem()
-				}
-				if t.Kind() == reflect.Struct {
-					inner, err := getTypeInfo(t)
-					if err != nil {
-						return nil, err
-					}
-					if tinfo.xmlname == nil {
-						tinfo.xmlname = inner.xmlname
-					}
-					for _, finfo := range inner.fields {
-						finfo.idx = append([]int{i}, finfo.idx...)
-						if err := addFieldInfo(typ, tinfo, &finfo); err != nil {
-							return nil, err
-						}
-					}
-					continue
-				}
-			}
-
-			finfo, err := structFieldInfo(typ, &f)
-			if err != nil {
-				return nil, err
-			}
-
-			if f.Name == "XMLName" {
-				tinfo.xmlname = finfo
-				continue
-			}
-
-			// Add the field if it doesn't conflict with other fields.
-			if err := addFieldInfo(typ, tinfo, finfo); err != nil {
-				return nil, err
-			}
-		}
-	}
-	tinfoLock.Lock()
-	tinfoMap[typ] = tinfo
-	tinfoLock.Unlock()
-	return tinfo, nil
-}
-
-// structFieldInfo builds and returns a fieldInfo for f.
-func structFieldInfo(typ reflect.Type, f *reflect.StructField) (*fieldInfo, error) {
-	finfo := &fieldInfo{idx: f.Index}
-
-	// Split the tag from the xml namespace if necessary.
-	tag := f.Tag.Get("xml")
-	if i := strings.Index(tag, " "); i >= 0 {
-		finfo.xmlns, tag = tag[:i], tag[i+1:]
-	}
-
-	// Parse flags.
-	tokens := strings.Split(tag, ",")
-	if len(tokens) == 1 {
-		finfo.flags = fElement
-	} else {
-		tag = tokens[0]
-		for _, flag := range tokens[1:] {
-			switch flag {
-			case "attr":
-				finfo.flags |= fAttr
-			case "chardata":
-				finfo.flags |= fCharData
-			case "innerxml":
-				finfo.flags |= fInnerXml
-			case "comment":
-				finfo.flags |= fComment
-			case "any":
-				finfo.flags |= fAny
-			case "omitempty":
-				finfo.flags |= fOmitEmpty
-			}
-		}
-
-		// Validate the flags used.
-		valid := true
-		switch mode := finfo.flags & fMode; mode {
-		case 0:
-			finfo.flags |= fElement
-		case fAttr, fCharData, fInnerXml, fComment, fAny:
-			if f.Name == "XMLName" || tag != "" && mode != fAttr {
-				valid = false
-			}
-		default:
-			// This will also catch multiple modes in a single field.
-			valid = false
-		}
-		if finfo.flags&fMode == fAny {
-			finfo.flags |= fElement
-		}
-		if finfo.flags&fOmitEmpty != 0 && finfo.flags&(fElement|fAttr) == 0 {
-			valid = false
-		}
-		if !valid {
-			return nil, fmt.Errorf("xml: invalid tag in field %s of type %s: %q",
-				f.Name, typ, f.Tag.Get("xml"))
-		}
-	}
-
-	// Use of xmlns without a name is not allowed.
-	if finfo.xmlns != "" && tag == "" {
-		return nil, fmt.Errorf("xml: namespace without name in field %s of type %s: %q",
-			f.Name, typ, f.Tag.Get("xml"))
-	}
-
-	if f.Name == "XMLName" {
-		// The XMLName field records the XML element name. Don't
-		// process it as usual because its name should default to
-		// empty rather than to the field name.
-		finfo.name = tag
-		return finfo, nil
-	}
-
-	if tag == "" {
-		// If the name part of the tag is completely empty, get
-		// default from XMLName of underlying struct if feasible,
-		// or field name otherwise.
-		if xmlname := lookupXMLName(f.Type); xmlname != nil {
-			finfo.xmlns, finfo.name = xmlname.xmlns, xmlname.name
-		} else {
-			finfo.name = f.Name
-		}
-		return finfo, nil
-	}
-
-	if finfo.xmlns == "" && finfo.flags&fAttr == 0 {
-		// If it's an element no namespace specified, get the default
-		// from the XMLName of enclosing struct if possible.
-		if xmlname := lookupXMLName(typ); xmlname != nil {
-			finfo.xmlns = xmlname.xmlns
-		}
-	}
-
-	// Prepare field name and parents.
-	parents := strings.Split(tag, ">")
-	if parents[0] == "" {
-		parents[0] = f.Name
-	}
-	if parents[len(parents)-1] == "" {
-		return nil, fmt.Errorf("xml: trailing '>' in field %s of type %s", f.Name, typ)
-	}
-	finfo.name = parents[len(parents)-1]
-	if len(parents) > 1 {
-		if (finfo.flags & fElement) == 0 {
-			return nil, fmt.Errorf("xml: %s chain not valid with %s flag", tag, strings.Join(tokens[1:], ","))
-		}
-		finfo.parents = parents[:len(parents)-1]
-	}
-
-	// If the field type has an XMLName field, the names must match
-	// so that the behavior of both marshalling and unmarshalling
-	// is straightforward and unambiguous.
-	if finfo.flags&fElement != 0 {
-		ftyp := f.Type
-		xmlname := lookupXMLName(ftyp)
-		if xmlname != nil && xmlname.name != finfo.name {
-			return nil, fmt.Errorf("xml: name %q in tag of %s.%s conflicts with name %q in %s.XMLName",
-				finfo.name, typ, f.Name, xmlname.name, ftyp)
-		}
-	}
-	return finfo, nil
-}
-
-// lookupXMLName returns the fieldInfo for typ's XMLName field
-// in case it exists and has a valid xml field tag, otherwise
-// it returns nil.
-func lookupXMLName(typ reflect.Type) (xmlname *fieldInfo) {
-	for typ.Kind() == reflect.Ptr {
-		typ = typ.Elem()
-	}
-	if typ.Kind() != reflect.Struct {
-		return nil
-	}
-	for i, n := 0, typ.NumField(); i < n; i++ {
-		f := typ.Field(i)
-		if f.Name != "XMLName" {
-			continue
-		}
-		finfo, err := structFieldInfo(typ, &f)
-		if finfo.name != "" && err == nil {
-			return finfo
-		}
-		// Also consider errors as a non-existent field tag
-		// and let getTypeInfo itself report the error.
-		break
-	}
-	return nil
-}
-
-func min(a, b int) int {
-	if a <= b {
-		return a
-	}
-	return b
-}
-
-// addFieldInfo adds finfo to tinfo.fields if there are no
-// conflicts, or if conflicts arise from previous fields that were
-// obtained from deeper embedded structures than finfo. In the latter
-// case, the conflicting entries are dropped.
-// A conflict occurs when the path (parent + name) to a field is
-// itself a prefix of another path, or when two paths match exactly.
-// It is okay for field paths to share a common, shorter prefix.
-func addFieldInfo(typ reflect.Type, tinfo *typeInfo, newf *fieldInfo) error {
-	var conflicts []int
-Loop:
-	// First, figure all conflicts. Most working code will have none.
-	for i := range tinfo.fields {
-		oldf := &tinfo.fields[i]
-		if oldf.flags&fMode != newf.flags&fMode {
-			continue
-		}
-		if oldf.xmlns != "" && newf.xmlns != "" && oldf.xmlns != newf.xmlns {
-			continue
-		}
-		minl := min(len(newf.parents), len(oldf.parents))
-		for p := 0; p < minl; p++ {
-			if oldf.parents[p] != newf.parents[p] {
-				continue Loop
-			}
-		}
-		if len(oldf.parents) > len(newf.parents) {
-			if oldf.parents[len(newf.parents)] == newf.name {
-				conflicts = append(conflicts, i)
-			}
-		} else if len(oldf.parents) < len(newf.parents) {
-			if newf.parents[len(oldf.parents)] == oldf.name {
-				conflicts = append(conflicts, i)
-			}
-		} else {
-			if newf.name == oldf.name {
-				conflicts = append(conflicts, i)
-			}
-		}
-	}
-	// Without conflicts, add the new field and return.
-	if conflicts == nil {
-		tinfo.fields = append(tinfo.fields, *newf)
-		return nil
-	}
-
-	// If any conflict is shallower, ignore the new field.
-	// This matches the Go field resolution on embedding.
-	for _, i := range conflicts {
-		if len(tinfo.fields[i].idx) < len(newf.idx) {
-			return nil
-		}
-	}
-
-	// Otherwise, if any of them is at the same depth level, it's an error.
-	for _, i := range conflicts {
-		oldf := &tinfo.fields[i]
-		if len(oldf.idx) == len(newf.idx) {
-			f1 := typ.FieldByIndex(oldf.idx)
-			f2 := typ.FieldByIndex(newf.idx)
-			return &TagPathError{typ, f1.Name, f1.Tag.Get("xml"), f2.Name, f2.Tag.Get("xml")}
-		}
-	}
-
-	// Otherwise, the new field is shallower, and thus takes precedence,
-	// so drop the conflicting fields from tinfo and append the new one.
-	for c := len(conflicts) - 1; c >= 0; c-- {
-		i := conflicts[c]
-		copy(tinfo.fields[i:], tinfo.fields[i+1:])
-		tinfo.fields = tinfo.fields[:len(tinfo.fields)-1]
-	}
-	tinfo.fields = append(tinfo.fields, *newf)
-	return nil
-}
-
-// A TagPathError represents an error in the unmarshalling process
-// caused by the use of field tags with conflicting paths.
-type TagPathError struct {
-	Struct       reflect.Type
-	Field1, Tag1 string
-	Field2, Tag2 string
-}
-
-func (e *TagPathError) Error() string {
-	return fmt.Sprintf("%s field %q with tag %q conflicts with field %q with tag %q", e.Struct, e.Field1, e.Tag1, e.Field2, e.Tag2)
-}
-
-// value returns v's field value corresponding to finfo.
-// It's equivalent to v.FieldByIndex(finfo.idx), but initializes
-// and dereferences pointers as necessary.
-func (finfo *fieldInfo) value(v reflect.Value) reflect.Value {
-	for i, x := range finfo.idx {
-		if i > 0 {
-			t := v.Type()
-			if t.Kind() == reflect.Ptr && t.Elem().Kind() == reflect.Struct {
-				if v.IsNil() {
-					v.Set(reflect.New(v.Type().Elem()))
-				}
-				v = v.Elem()
-			}
-		}
-		v = v.Field(x)
-	}
-	return v
-}
diff --git a/vendor/golang.org/x/net/webdav/internal/xml/xml.go b/vendor/golang.org/x/net/webdav/internal/xml/xml.go
deleted file mode 100644
index ffab4a70..00000000
--- a/vendor/golang.org/x/net/webdav/internal/xml/xml.go
+++ /dev/null
@@ -1,1998 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package xml implements a simple XML 1.0 parser that
-// understands XML name spaces.
-package xml
-
-// References:
-//    Annotated XML spec: http://www.xml.com/axml/testaxml.htm
-//    XML name spaces: http://www.w3.org/TR/REC-xml-names/
-
-// TODO(rsc):
-//	Test error handling.
-
-import (
-	"bufio"
-	"bytes"
-	"errors"
-	"fmt"
-	"io"
-	"strconv"
-	"strings"
-	"unicode"
-	"unicode/utf8"
-)
-
-// A SyntaxError represents a syntax error in the XML input stream.
-type SyntaxError struct {
-	Msg  string
-	Line int
-}
-
-func (e *SyntaxError) Error() string {
-	return "XML syntax error on line " + strconv.Itoa(e.Line) + ": " + e.Msg
-}
-
-// A Name represents an XML name (Local) annotated with a name space
-// identifier (Space). In tokens returned by Decoder.Token, the Space
-// identifier is given as a canonical URL, not the short prefix used in
-// the document being parsed.
-//
-// As a special case, XML namespace declarations will use the literal
-// string "xmlns" for the Space field instead of the fully resolved URL.
-// See Encoder.EncodeToken for more information on namespace encoding
-// behaviour.
-type Name struct {
-	Space, Local string
-}
-
-// isNamespace reports whether the name is a namespace-defining name.
-func (name Name) isNamespace() bool {
-	return name.Local == "xmlns" || name.Space == "xmlns"
-}
-
-// An Attr represents an attribute in an XML element (Name=Value).
-type Attr struct {
-	Name  Name
-	Value string
-}
-
-// A Token is an interface holding one of the token types:
-// StartElement, EndElement, CharData, Comment, ProcInst, or Directive.
-type Token interface{}
-
-// A StartElement represents an XML start element.
-type StartElement struct {
-	Name Name
-	Attr []Attr
-}
-
-func (e StartElement) Copy() StartElement {
-	attrs := make([]Attr, len(e.Attr))
-	copy(attrs, e.Attr)
-	e.Attr = attrs
-	return e
-}
-
-// End returns the corresponding XML end element.
-func (e StartElement) End() EndElement {
-	return EndElement{e.Name}
-}
-
-// setDefaultNamespace sets the namespace of the element
-// as the default for all elements contained within it.
-func (e *StartElement) setDefaultNamespace() {
-	if e.Name.Space == "" {
-		// If there's no namespace on the element, don't
-		// set the default. Strictly speaking this might be wrong, as
-		// we can't tell if the element had no namespace set
-		// or was just using the default namespace.
-		return
-	}
-	// Don't add a default name space if there's already one set.
-	for _, attr := range e.Attr {
-		if attr.Name.Space == "" && attr.Name.Local == "xmlns" {
-			return
-		}
-	}
-	e.Attr = append(e.Attr, Attr{
-		Name: Name{
-			Local: "xmlns",
-		},
-		Value: e.Name.Space,
-	})
-}
-
-// An EndElement represents an XML end element.
-type EndElement struct {
-	Name Name
-}
-
-// A CharData represents XML character data (raw text),
-// in which XML escape sequences have been replaced by
-// the characters they represent.
-type CharData []byte
-
-func makeCopy(b []byte) []byte {
-	b1 := make([]byte, len(b))
-	copy(b1, b)
-	return b1
-}
-
-func (c CharData) Copy() CharData { return CharData(makeCopy(c)) }
-
-// A Comment represents an XML comment of the form .
-// The bytes do not include the  comment markers.
-type Comment []byte
-
-func (c Comment) Copy() Comment { return Comment(makeCopy(c)) }
-
-// A ProcInst represents an XML processing instruction of the form 
-type ProcInst struct {
-	Target string
-	Inst   []byte
-}
-
-func (p ProcInst) Copy() ProcInst {
-	p.Inst = makeCopy(p.Inst)
-	return p
-}
-
-// A Directive represents an XML directive of the form .
-// The bytes do not include the  markers.
-type Directive []byte
-
-func (d Directive) Copy() Directive { return Directive(makeCopy(d)) }
-
-// CopyToken returns a copy of a Token.
-func CopyToken(t Token) Token {
-	switch v := t.(type) {
-	case CharData:
-		return v.Copy()
-	case Comment:
-		return v.Copy()
-	case Directive:
-		return v.Copy()
-	case ProcInst:
-		return v.Copy()
-	case StartElement:
-		return v.Copy()
-	}
-	return t
-}
-
-// A Decoder represents an XML parser reading a particular input stream.
-// The parser assumes that its input is encoded in UTF-8.
-type Decoder struct {
-	// Strict defaults to true, enforcing the requirements
-	// of the XML specification.
-	// If set to false, the parser allows input containing common
-	// mistakes:
-	//	* If an element is missing an end tag, the parser invents
-	//	  end tags as necessary to keep the return values from Token
-	//	  properly balanced.
-	//	* In attribute values and character data, unknown or malformed
-	//	  character entities (sequences beginning with &) are left alone.
-	//
-	// Setting:
-	//
-	//	d.Strict = false;
-	//	d.AutoClose = HTMLAutoClose;
-	//	d.Entity = HTMLEntity
-	//
-	// creates a parser that can handle typical HTML.
-	//
-	// Strict mode does not enforce the requirements of the XML name spaces TR.
-	// In particular it does not reject name space tags using undefined prefixes.
-	// Such tags are recorded with the unknown prefix as the name space URL.
-	Strict bool
-
-	// When Strict == false, AutoClose indicates a set of elements to
-	// consider closed immediately after they are opened, regardless
-	// of whether an end element is present.
-	AutoClose []string
-
-	// Entity can be used to map non-standard entity names to string replacements.
-	// The parser behaves as if these standard mappings are present in the map,
-	// regardless of the actual map content:
-	//
-	//	"lt": "<",
-	//	"gt": ">",
-	//	"amp": "&",
-	//	"apos": "'",
-	//	"quot": `"`,
-	Entity map[string]string
-
-	// CharsetReader, if non-nil, defines a function to generate
-	// charset-conversion readers, converting from the provided
-	// non-UTF-8 charset into UTF-8. If CharsetReader is nil or
-	// returns an error, parsing stops with an error. One of the
-	// the CharsetReader's result values must be non-nil.
-	CharsetReader func(charset string, input io.Reader) (io.Reader, error)
-
-	// DefaultSpace sets the default name space used for unadorned tags,
-	// as if the entire XML stream were wrapped in an element containing
-	// the attribute xmlns="DefaultSpace".
-	DefaultSpace string
-
-	r              io.ByteReader
-	buf            bytes.Buffer
-	saved          *bytes.Buffer
-	stk            *stack
-	free           *stack
-	needClose      bool
-	toClose        Name
-	nextToken      Token
-	nextByte       int
-	ns             map[string]string
-	err            error
-	line           int
-	offset         int64
-	unmarshalDepth int
-}
-
-// NewDecoder creates a new XML parser reading from r.
-// If r does not implement io.ByteReader, NewDecoder will
-// do its own buffering.
-func NewDecoder(r io.Reader) *Decoder {
-	d := &Decoder{
-		ns:       make(map[string]string),
-		nextByte: -1,
-		line:     1,
-		Strict:   true,
-	}
-	d.switchToReader(r)
-	return d
-}
-
-// Token returns the next XML token in the input stream.
-// At the end of the input stream, Token returns nil, io.EOF.
-//
-// Slices of bytes in the returned token data refer to the
-// parser's internal buffer and remain valid only until the next
-// call to Token.  To acquire a copy of the bytes, call CopyToken
-// or the token's Copy method.
-//
-// Token expands self-closing elements such as 
    
-// into separate start and end elements returned by successive calls.
-//
-// Token guarantees that the StartElement and EndElement
-// tokens it returns are properly nested and matched:
-// if Token encounters an unexpected end element,
-// it will return an error.
-//
-// Token implements XML name spaces as described by
-// http://www.w3.org/TR/REC-xml-names/.  Each of the
-// Name structures contained in the Token has the Space
-// set to the URL identifying its name space when known.
-// If Token encounters an unrecognized name space prefix,
-// it uses the prefix as the Space rather than report an error.
-func (d *Decoder) Token() (t Token, err error) {
-	if d.stk != nil && d.stk.kind == stkEOF {
-		err = io.EOF
-		return
-	}
-	if d.nextToken != nil {
-		t = d.nextToken
-		d.nextToken = nil
-	} else if t, err = d.rawToken(); err != nil {
-		return
-	}
-
-	if !d.Strict {
-		if t1, ok := d.autoClose(t); ok {
-			d.nextToken = t
-			t = t1
-		}
-	}
-	switch t1 := t.(type) {
-	case StartElement:
-		// In XML name spaces, the translations listed in the
-		// attributes apply to the element name and
-		// to the other attribute names, so process
-		// the translations first.
-		for _, a := range t1.Attr {
-			if a.Name.Space == "xmlns" {
-				v, ok := d.ns[a.Name.Local]
-				d.pushNs(a.Name.Local, v, ok)
-				d.ns[a.Name.Local] = a.Value
-			}
-			if a.Name.Space == "" && a.Name.Local == "xmlns" {
-				// Default space for untagged names
-				v, ok := d.ns[""]
-				d.pushNs("", v, ok)
-				d.ns[""] = a.Value
-			}
-		}
-
-		d.translate(&t1.Name, true)
-		for i := range t1.Attr {
-			d.translate(&t1.Attr[i].Name, false)
-		}
-		d.pushElement(t1.Name)
-		t = t1
-
-	case EndElement:
-		d.translate(&t1.Name, true)
-		if !d.popElement(&t1) {
-			return nil, d.err
-		}
-		t = t1
-	}
-	return
-}
-
-const xmlURL = "http://www.w3.org/XML/1998/namespace"
-
-// Apply name space translation to name n.
-// The default name space (for Space=="")
-// applies only to element names, not to attribute names.
-func (d *Decoder) translate(n *Name, isElementName bool) {
-	switch {
-	case n.Space == "xmlns":
-		return
-	case n.Space == "" && !isElementName:
-		return
-	case n.Space == "xml":
-		n.Space = xmlURL
-	case n.Space == "" && n.Local == "xmlns":
-		return
-	}
-	if v, ok := d.ns[n.Space]; ok {
-		n.Space = v
-	} else if n.Space == "" {
-		n.Space = d.DefaultSpace
-	}
-}
-
-func (d *Decoder) switchToReader(r io.Reader) {
-	// Get efficient byte at a time reader.
-	// Assume that if reader has its own
-	// ReadByte, it's efficient enough.
-	// Otherwise, use bufio.
-	if rb, ok := r.(io.ByteReader); ok {
-		d.r = rb
-	} else {
-		d.r = bufio.NewReader(r)
-	}
-}
-
-// Parsing state - stack holds old name space translations
-// and the current set of open elements.  The translations to pop when
-// ending a given tag are *below* it on the stack, which is
-// more work but forced on us by XML.
-type stack struct {
-	next *stack
-	kind int
-	name Name
-	ok   bool
-}
-
-const (
-	stkStart = iota
-	stkNs
-	stkEOF
-)
-
-func (d *Decoder) push(kind int) *stack {
-	s := d.free
-	if s != nil {
-		d.free = s.next
-	} else {
-		s = new(stack)
-	}
-	s.next = d.stk
-	s.kind = kind
-	d.stk = s
-	return s
-}
-
-func (d *Decoder) pop() *stack {
-	s := d.stk
-	if s != nil {
-		d.stk = s.next
-		s.next = d.free
-		d.free = s
-	}
-	return s
-}
-
-// Record that after the current element is finished
-// (that element is already pushed on the stack)
-// Token should return EOF until popEOF is called.
-func (d *Decoder) pushEOF() {
-	// Walk down stack to find Start.
-	// It might not be the top, because there might be stkNs
-	// entries above it.
-	start := d.stk
-	for start.kind != stkStart {
-		start = start.next
-	}
-	// The stkNs entries below a start are associated with that
-	// element too; skip over them.
-	for start.next != nil && start.next.kind == stkNs {
-		start = start.next
-	}
-	s := d.free
-	if s != nil {
-		d.free = s.next
-	} else {
-		s = new(stack)
-	}
-	s.kind = stkEOF
-	s.next = start.next
-	start.next = s
-}
-
-// Undo a pushEOF.
-// The element must have been finished, so the EOF should be at the top of the stack.
-func (d *Decoder) popEOF() bool {
-	if d.stk == nil || d.stk.kind != stkEOF {
-		return false
-	}
-	d.pop()
-	return true
-}
-
-// Record that we are starting an element with the given name.
-func (d *Decoder) pushElement(name Name) {
-	s := d.push(stkStart)
-	s.name = name
-}
-
-// Record that we are changing the value of ns[local].
-// The old value is url, ok.
-func (d *Decoder) pushNs(local string, url string, ok bool) {
-	s := d.push(stkNs)
-	s.name.Local = local
-	s.name.Space = url
-	s.ok = ok
-}
-
-// Creates a SyntaxError with the current line number.
-func (d *Decoder) syntaxError(msg string) error {
-	return &SyntaxError{Msg: msg, Line: d.line}
-}
-
-// Record that we are ending an element with the given name.
-// The name must match the record at the top of the stack,
-// which must be a pushElement record.
-// After popping the element, apply any undo records from
-// the stack to restore the name translations that existed
-// before we saw this element.
-func (d *Decoder) popElement(t *EndElement) bool {
-	s := d.pop()
-	name := t.Name
-	switch {
-	case s == nil || s.kind != stkStart:
-		d.err = d.syntaxError("unexpected end element ")
-		return false
-	case s.name.Local != name.Local:
-		if !d.Strict {
-			d.needClose = true
-			d.toClose = t.Name
-			t.Name = s.name
-			return true
-		}
-		d.err = d.syntaxError("element <" + s.name.Local + "> closed by ")
-		return false
-	case s.name.Space != name.Space:
-		d.err = d.syntaxError("element <" + s.name.Local + "> in space " + s.name.Space +
-			"closed by  in space " + name.Space)
-		return false
-	}
-
-	// Pop stack until a Start or EOF is on the top, undoing the
-	// translations that were associated with the element we just closed.
-	for d.stk != nil && d.stk.kind != stkStart && d.stk.kind != stkEOF {
-		s := d.pop()
-		if s.ok {
-			d.ns[s.name.Local] = s.name.Space
-		} else {
-			delete(d.ns, s.name.Local)
-		}
-	}
-
-	return true
-}
-
-// If the top element on the stack is autoclosing and
-// t is not the end tag, invent the end tag.
-func (d *Decoder) autoClose(t Token) (Token, bool) {
-	if d.stk == nil || d.stk.kind != stkStart {
-		return nil, false
-	}
-	name := strings.ToLower(d.stk.name.Local)
-	for _, s := range d.AutoClose {
-		if strings.ToLower(s) == name {
-			// This one should be auto closed if t doesn't close it.
-			et, ok := t.(EndElement)
-			if !ok || et.Name.Local != name {
-				return EndElement{d.stk.name}, true
-			}
-			break
-		}
-	}
-	return nil, false
-}
-
-var errRawToken = errors.New("xml: cannot use RawToken from UnmarshalXML method")
-
-// RawToken is like Token but does not verify that
-// start and end elements match and does not translate
-// name space prefixes to their corresponding URLs.
-func (d *Decoder) RawToken() (Token, error) {
-	if d.unmarshalDepth > 0 {
-		return nil, errRawToken
-	}
-	return d.rawToken()
-}
-
-func (d *Decoder) rawToken() (Token, error) {
-	if d.err != nil {
-		return nil, d.err
-	}
-	if d.needClose {
-		// The last element we read was self-closing and
-		// we returned just the StartElement half.
-		// Return the EndElement half now.
-		d.needClose = false
-		return EndElement{d.toClose}, nil
-	}
-
-	b, ok := d.getc()
-	if !ok {
-		return nil, d.err
-	}
-
-	if b != '<' {
-		// Text section.
-		d.ungetc(b)
-		data := d.text(-1, false)
-		if data == nil {
-			return nil, d.err
-		}
-		return CharData(data), nil
-	}
-
-	if b, ok = d.mustgetc(); !ok {
-		return nil, d.err
-	}
-	switch b {
-	case '/':
-		// ' {
-			d.err = d.syntaxError("invalid characters between ")
-			return nil, d.err
-		}
-		return EndElement{name}, nil
-
-	case '?':
-		// ' {
-				break
-			}
-			b0 = b
-		}
-		data := d.buf.Bytes()
-		data = data[0 : len(data)-2] // chop ?>
-
-		if target == "xml" {
-			content := string(data)
-			ver := procInst("version", content)
-			if ver != "" && ver != "1.0" {
-				d.err = fmt.Errorf("xml: unsupported version %q; only version 1.0 is supported", ver)
-				return nil, d.err
-			}
-			enc := procInst("encoding", content)
-			if enc != "" && enc != "utf-8" && enc != "UTF-8" {
-				if d.CharsetReader == nil {
-					d.err = fmt.Errorf("xml: encoding %q declared but Decoder.CharsetReader is nil", enc)
-					return nil, d.err
-				}
-				newr, err := d.CharsetReader(enc, d.r.(io.Reader))
-				if err != nil {
-					d.err = fmt.Errorf("xml: opening charset %q: %v", enc, err)
-					return nil, d.err
-				}
-				if newr == nil {
-					panic("CharsetReader returned a nil Reader for charset " + enc)
-				}
-				d.switchToReader(newr)
-			}
-		}
-		return ProcInst{target, data}, nil
-
-	case '!':
-		// ' {
-					break
-				}
-				b0, b1 = b1, b
-			}
-			data := d.buf.Bytes()
-			data = data[0 : len(data)-3] // chop -->
-			return Comment(data), nil
-
-		case '[': // .
-			data := d.text(-1, true)
-			if data == nil {
-				return nil, d.err
-			}
-			return CharData(data), nil
-		}
-
-		// Probably a directive: , , etc.
-		// We don't care, but accumulate for caller. Quoted angle
-		// brackets do not count for nesting.
-		d.buf.Reset()
-		d.buf.WriteByte(b)
-		inquote := uint8(0)
-		depth := 0
-		for {
-			if b, ok = d.mustgetc(); !ok {
-				return nil, d.err
-			}
-			if inquote == 0 && b == '>' && depth == 0 {
-				break
-			}
-		HandleB:
-			d.buf.WriteByte(b)
-			switch {
-			case b == inquote:
-				inquote = 0
-
-			case inquote != 0:
-				// in quotes, no special action
-
-			case b == '\'' || b == '"':
-				inquote = b
-
-			case b == '>' && inquote == 0:
-				depth--
-
-			case b == '<' && inquote == 0:
-				// Look for `
-
-var testEntity = map[string]string{"何": "What", "is-it": "is it?"}
-
-var rawTokens = []Token{
-	CharData("\n"),
-	ProcInst{"xml", []byte(`version="1.0" encoding="UTF-8"`)},
-	CharData("\n"),
-	Directive(`DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"`),
-	CharData("\n"),
-	StartElement{Name{"", "body"}, []Attr{{Name{"xmlns", "foo"}, "ns1"}, {Name{"", "xmlns"}, "ns2"}, {Name{"xmlns", "tag"}, "ns3"}}},
-	CharData("\n  "),
-	StartElement{Name{"", "hello"}, []Attr{{Name{"", "lang"}, "en"}}},
-	CharData("World <>'\" 白鵬翔"),
-	EndElement{Name{"", "hello"}},
-	CharData("\n  "),
-	StartElement{Name{"", "query"}, []Attr{}},
-	CharData("What is it?"),
-	EndElement{Name{"", "query"}},
-	CharData("\n  "),
-	StartElement{Name{"", "goodbye"}, []Attr{}},
-	EndElement{Name{"", "goodbye"}},
-	CharData("\n  "),
-	StartElement{Name{"", "outer"}, []Attr{{Name{"foo", "attr"}, "value"}, {Name{"xmlns", "tag"}, "ns4"}}},
-	CharData("\n    "),
-	StartElement{Name{"", "inner"}, []Attr{}},
-	EndElement{Name{"", "inner"}},
-	CharData("\n  "),
-	EndElement{Name{"", "outer"}},
-	CharData("\n  "),
-	StartElement{Name{"tag", "name"}, []Attr{}},
-	CharData("\n    "),
-	CharData("Some text here."),
-	CharData("\n  "),
-	EndElement{Name{"tag", "name"}},
-	CharData("\n"),
-	EndElement{Name{"", "body"}},
-	Comment(" missing final newline "),
-}
-
-var cookedTokens = []Token{
-	CharData("\n"),
-	ProcInst{"xml", []byte(`version="1.0" encoding="UTF-8"`)},
-	CharData("\n"),
-	Directive(`DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
-  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"`),
-	CharData("\n"),
-	StartElement{Name{"ns2", "body"}, []Attr{{Name{"xmlns", "foo"}, "ns1"}, {Name{"", "xmlns"}, "ns2"}, {Name{"xmlns", "tag"}, "ns3"}}},
-	CharData("\n  "),
-	StartElement{Name{"ns2", "hello"}, []Attr{{Name{"", "lang"}, "en"}}},
-	CharData("World <>'\" 白鵬翔"),
-	EndElement{Name{"ns2", "hello"}},
-	CharData("\n  "),
-	StartElement{Name{"ns2", "query"}, []Attr{}},
-	CharData("What is it?"),
-	EndElement{Name{"ns2", "query"}},
-	CharData("\n  "),
-	StartElement{Name{"ns2", "goodbye"}, []Attr{}},
-	EndElement{Name{"ns2", "goodbye"}},
-	CharData("\n  "),
-	StartElement{Name{"ns2", "outer"}, []Attr{{Name{"ns1", "attr"}, "value"}, {Name{"xmlns", "tag"}, "ns4"}}},
-	CharData("\n    "),
-	StartElement{Name{"ns2", "inner"}, []Attr{}},
-	EndElement{Name{"ns2", "inner"}},
-	CharData("\n  "),
-	EndElement{Name{"ns2", "outer"}},
-	CharData("\n  "),
-	StartElement{Name{"ns3", "name"}, []Attr{}},
-	CharData("\n    "),
-	CharData("Some text here."),
-	CharData("\n  "),
-	EndElement{Name{"ns3", "name"}},
-	CharData("\n"),
-	EndElement{Name{"ns2", "body"}},
-	Comment(" missing final newline "),
-}
-
-const testInputAltEncoding = `
-
-VALUE`
-
-var rawTokensAltEncoding = []Token{
-	CharData("\n"),
-	ProcInst{"xml", []byte(`version="1.0" encoding="x-testing-uppercase"`)},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("value"),
-	EndElement{Name{"", "tag"}},
-}
-
-var xmlInput = []string{
-	// unexpected EOF cases
-	"<",
-	"",
-	"",
-	"",
-	//	"",	// let the Token() caller handle
-	"",
-	"",
-	"",
-	"",
-	" c;",
-	"",
-	"",
-	"",
-	//	"",	// let the Token() caller handle
-	"",
-	"",
-	"cdata]]>",
-}
-
-func TestRawToken(t *testing.T) {
-	d := NewDecoder(strings.NewReader(testInput))
-	d.Entity = testEntity
-	testRawToken(t, d, testInput, rawTokens)
-}
-
-const nonStrictInput = `
-non&entity
-&unknown;entity
-{
-&#zzz;
-&なまえ3;
-<-gt;
-&;
-&0a;
-`
-
-var nonStringEntity = map[string]string{"": "oops!", "0a": "oops!"}
-
-var nonStrictTokens = []Token{
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("non&entity"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("&unknown;entity"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("{"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("&#zzz;"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("&なまえ3;"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("<-gt;"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("&;"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-	StartElement{Name{"", "tag"}, []Attr{}},
-	CharData("&0a;"),
-	EndElement{Name{"", "tag"}},
-	CharData("\n"),
-}
-
-func TestNonStrictRawToken(t *testing.T) {
-	d := NewDecoder(strings.NewReader(nonStrictInput))
-	d.Strict = false
-	testRawToken(t, d, nonStrictInput, nonStrictTokens)
-}
-
-type downCaser struct {
-	t *testing.T
-	r io.ByteReader
-}
-
-func (d *downCaser) ReadByte() (c byte, err error) {
-	c, err = d.r.ReadByte()
-	if c >= 'A' && c <= 'Z' {
-		c += 'a' - 'A'
-	}
-	return
-}
-
-func (d *downCaser) Read(p []byte) (int, error) {
-	d.t.Fatalf("unexpected Read call on downCaser reader")
-	panic("unreachable")
-}
-
-func TestRawTokenAltEncoding(t *testing.T) {
-	d := NewDecoder(strings.NewReader(testInputAltEncoding))
-	d.CharsetReader = func(charset string, input io.Reader) (io.Reader, error) {
-		if charset != "x-testing-uppercase" {
-			t.Fatalf("unexpected charset %q", charset)
-		}
-		return &downCaser{t, input.(io.ByteReader)}, nil
-	}
-	testRawToken(t, d, testInputAltEncoding, rawTokensAltEncoding)
-}
-
-func TestRawTokenAltEncodingNoConverter(t *testing.T) {
-	d := NewDecoder(strings.NewReader(testInputAltEncoding))
-	token, err := d.RawToken()
-	if token == nil {
-		t.Fatalf("expected a token on first RawToken call")
-	}
-	if err != nil {
-		t.Fatal(err)
-	}
-	token, err = d.RawToken()
-	if token != nil {
-		t.Errorf("expected a nil token; got %#v", token)
-	}
-	if err == nil {
-		t.Fatalf("expected an error on second RawToken call")
-	}
-	const encoding = "x-testing-uppercase"
-	if !strings.Contains(err.Error(), encoding) {
-		t.Errorf("expected error to contain %q; got error: %v",
-			encoding, err)
-	}
-}
-
-func testRawToken(t *testing.T, d *Decoder, raw string, rawTokens []Token) {
-	lastEnd := int64(0)
-	for i, want := range rawTokens {
-		start := d.InputOffset()
-		have, err := d.RawToken()
-		end := d.InputOffset()
-		if err != nil {
-			t.Fatalf("token %d: unexpected error: %s", i, err)
-		}
-		if !reflect.DeepEqual(have, want) {
-			var shave, swant string
-			if _, ok := have.(CharData); ok {
-				shave = fmt.Sprintf("CharData(%q)", have)
-			} else {
-				shave = fmt.Sprintf("%#v", have)
-			}
-			if _, ok := want.(CharData); ok {
-				swant = fmt.Sprintf("CharData(%q)", want)
-			} else {
-				swant = fmt.Sprintf("%#v", want)
-			}
-			t.Errorf("token %d = %s, want %s", i, shave, swant)
-		}
-
-		// Check that InputOffset returned actual token.
-		switch {
-		case start < lastEnd:
-			t.Errorf("token %d: position [%d,%d) for %T is before previous token", i, start, end, have)
-		case start >= end:
-			// Special case: EndElement can be synthesized.
-			if start == end && end == lastEnd {
-				break
-			}
-			t.Errorf("token %d: position [%d,%d) for %T is empty", i, start, end, have)
-		case end > int64(len(raw)):
-			t.Errorf("token %d: position [%d,%d) for %T extends beyond input", i, start, end, have)
-		default:
-			text := raw[start:end]
-			if strings.ContainsAny(text, "<>") && (!strings.HasPrefix(text, "<") || !strings.HasSuffix(text, ">")) {
-				t.Errorf("token %d: misaligned raw token %#q for %T", i, text, have)
-			}
-		}
-		lastEnd = end
-	}
-}
-
-// Ensure that directives (specifically !DOCTYPE) include the complete
-// text of any nested directives, noting that < and > do not change
-// nesting depth if they are in single or double quotes.
-
-var nestedDirectivesInput = `
-]>
-">]>
-]>
-'>]>
-]>
-'>]>
-]>
-`
-
-var nestedDirectivesTokens = []Token{
-	CharData("\n"),
-	Directive(`DOCTYPE []`),
-	CharData("\n"),
-	Directive(`DOCTYPE [">]`),
-	CharData("\n"),
-	Directive(`DOCTYPE []`),
-	CharData("\n"),
-	Directive(`DOCTYPE ['>]`),
-	CharData("\n"),
-	Directive(`DOCTYPE []`),
-	CharData("\n"),
-	Directive(`DOCTYPE ['>]`),
-	CharData("\n"),
-	Directive(`DOCTYPE []`),
-	CharData("\n"),
-}
-
-func TestNestedDirectives(t *testing.T) {
-	d := NewDecoder(strings.NewReader(nestedDirectivesInput))
-
-	for i, want := range nestedDirectivesTokens {
-		have, err := d.Token()
-		if err != nil {
-			t.Fatalf("token %d: unexpected error: %s", i, err)
-		}
-		if !reflect.DeepEqual(have, want) {
-			t.Errorf("token %d = %#v want %#v", i, have, want)
-		}
-	}
-}
-
-func TestToken(t *testing.T) {
-	d := NewDecoder(strings.NewReader(testInput))
-	d.Entity = testEntity
-
-	for i, want := range cookedTokens {
-		have, err := d.Token()
-		if err != nil {
-			t.Fatalf("token %d: unexpected error: %s", i, err)
-		}
-		if !reflect.DeepEqual(have, want) {
-			t.Errorf("token %d = %#v want %#v", i, have, want)
-		}
-	}
-}
-
-func TestSyntax(t *testing.T) {
-	for i := range xmlInput {
-		d := NewDecoder(strings.NewReader(xmlInput[i]))
-		var err error
-		for _, err = d.Token(); err == nil; _, err = d.Token() {
-		}
-		if _, ok := err.(*SyntaxError); !ok {
-			t.Fatalf(`xmlInput "%s": expected SyntaxError not received`, xmlInput[i])
-		}
-	}
-}
-
-type allScalars struct {
-	True1     bool
-	True2     bool
-	False1    bool
-	False2    bool
-	Int       int
-	Int8      int8
-	Int16     int16
-	Int32     int32
-	Int64     int64
-	Uint      int
-	Uint8     uint8
-	Uint16    uint16
-	Uint32    uint32
-	Uint64    uint64
-	Uintptr   uintptr
-	Float32   float32
-	Float64   float64
-	String    string
-	PtrString *string
-}
-
-var all = allScalars{
-	True1:     true,
-	True2:     true,
-	False1:    false,
-	False2:    false,
-	Int:       1,
-	Int8:      -2,
-	Int16:     3,
-	Int32:     -4,
-	Int64:     5,
-	Uint:      6,
-	Uint8:     7,
-	Uint16:    8,
-	Uint32:    9,
-	Uint64:    10,
-	Uintptr:   11,
-	Float32:   13.0,
-	Float64:   14.0,
-	String:    "15",
-	PtrString: &sixteen,
-}
-
-var sixteen = "16"
-
-const testScalarsInput = `
-	true
-	1
-	false
-	0
-	1
-	-2
-	3
-	-4
-	5
-	6
-	7
-	8
-	9
-	10
-	11
-	12.0
-	13.0
-	14.0
-	15
-	16
-`
-
-func TestAllScalars(t *testing.T) {
-	var a allScalars
-	err := Unmarshal([]byte(testScalarsInput), &a)
-
-	if err != nil {
-		t.Fatal(err)
-	}
-	if !reflect.DeepEqual(a, all) {
-		t.Errorf("have %+v want %+v", a, all)
-	}
-}
-
-type item struct {
-	Field_a string
-}
-
-func TestIssue569(t *testing.T) {
-	data := `abcd`
-	var i item
-	err := Unmarshal([]byte(data), &i)
-
-	if err != nil || i.Field_a != "abcd" {
-		t.Fatal("Expecting abcd")
-	}
-}
-
-func TestUnquotedAttrs(t *testing.T) {
-	data := ""
-	d := NewDecoder(strings.NewReader(data))
-	d.Strict = false
-	token, err := d.Token()
-	if _, ok := err.(*SyntaxError); ok {
-		t.Errorf("Unexpected error: %v", err)
-	}
-	if token.(StartElement).Name.Local != "tag" {
-		t.Errorf("Unexpected tag name: %v", token.(StartElement).Name.Local)
-	}
-	attr := token.(StartElement).Attr[0]
-	if attr.Value != "azAZ09:-_" {
-		t.Errorf("Unexpected attribute value: %v", attr.Value)
-	}
-	if attr.Name.Local != "attr" {
-		t.Errorf("Unexpected attribute name: %v", attr.Name.Local)
-	}
-}
-
-func TestValuelessAttrs(t *testing.T) {
-	tests := [][3]string{
-		{"
    ", "p", "nowrap"},
-		{"
    ", "p", "nowrap"},
-		{"", "input", "checked"},
-		{"", "input", "checked"},
-	}
-	for _, test := range tests {
-		d := NewDecoder(strings.NewReader(test[0]))
-		d.Strict = false
-		token, err := d.Token()
-		if _, ok := err.(*SyntaxError); ok {
-			t.Errorf("Unexpected error: %v", err)
-		}
-		if token.(StartElement).Name.Local != test[1] {
-			t.Errorf("Unexpected tag name: %v", token.(StartElement).Name.Local)
-		}
-		attr := token.(StartElement).Attr[0]
-		if attr.Value != test[2] {
-			t.Errorf("Unexpected attribute value: %v", attr.Value)
-		}
-		if attr.Name.Local != test[2] {
-			t.Errorf("Unexpected attribute name: %v", attr.Name.Local)
-		}
-	}
-}
-
-func TestCopyTokenCharData(t *testing.T) {
-	data := []byte("same data")
-	var tok1 Token = CharData(data)
-	tok2 := CopyToken(tok1)
-	if !reflect.DeepEqual(tok1, tok2) {
-		t.Error("CopyToken(CharData) != CharData")
-	}
-	data[1] = 'o'
-	if reflect.DeepEqual(tok1, tok2) {
-		t.Error("CopyToken(CharData) uses same buffer.")
-	}
-}
-
-func TestCopyTokenStartElement(t *testing.T) {
-	elt := StartElement{Name{"", "hello"}, []Attr{{Name{"", "lang"}, "en"}}}
-	var tok1 Token = elt
-	tok2 := CopyToken(tok1)
-	if tok1.(StartElement).Attr[0].Value != "en" {
-		t.Error("CopyToken overwrote Attr[0]")
-	}
-	if !reflect.DeepEqual(tok1, tok2) {
-		t.Error("CopyToken(StartElement) != StartElement")
-	}
-	tok1.(StartElement).Attr[0] = Attr{Name{"", "lang"}, "de"}
-	if reflect.DeepEqual(tok1, tok2) {
-		t.Error("CopyToken(CharData) uses same buffer.")
-	}
-}
-
-func TestSyntaxErrorLineNum(t *testing.T) {
-	testInput := "
    Foo
    \n\n
    Bar\n"
-	d := NewDecoder(strings.NewReader(testInput))
-	var err error
-	for _, err = d.Token(); err == nil; _, err = d.Token() {
-	}
-	synerr, ok := err.(*SyntaxError)
-	if !ok {
-		t.Error("Expected SyntaxError.")
-	}
-	if synerr.Line != 3 {
-		t.Error("SyntaxError didn't have correct line number.")
-	}
-}
-
-func TestTrailingRawToken(t *testing.T) {
-	input := `  `
-	d := NewDecoder(strings.NewReader(input))
-	var err error
-	for _, err = d.RawToken(); err == nil; _, err = d.RawToken() {
-	}
-	if err != io.EOF {
-		t.Fatalf("d.RawToken() = _, %v, want _, io.EOF", err)
-	}
-}
-
-func TestTrailingToken(t *testing.T) {
-	input := `  `
-	d := NewDecoder(strings.NewReader(input))
-	var err error
-	for _, err = d.Token(); err == nil; _, err = d.Token() {
-	}
-	if err != io.EOF {
-		t.Fatalf("d.Token() = _, %v, want _, io.EOF", err)
-	}
-}
-
-func TestEntityInsideCDATA(t *testing.T) {
-	input := ``
-	d := NewDecoder(strings.NewReader(input))
-	var err error
-	for _, err = d.Token(); err == nil; _, err = d.Token() {
-	}
-	if err != io.EOF {
-		t.Fatalf("d.Token() = _, %v, want _, io.EOF", err)
-	}
-}
-
-var characterTests = []struct {
-	in  string
-	err string
-}{
-	{"\x12", "illegal character code U+0012"},
-	{"\x0b", "illegal character code U+000B"},
-	{"\xef\xbf\xbe", "illegal character code U+FFFE"},
-	{"\r\n\x07", "illegal character code U+0007"},
-	{"what's up", "expected attribute name in element"},
-	{"&abc\x01;", "invalid character entity &abc (no semicolon)"},
-	{"&\x01;", "invalid character entity & (no semicolon)"},
-	{"&\xef\xbf\xbe;", "invalid character entity &\uFFFE;"},
-	{"&hello;", "invalid character entity &hello;"},
-}
-
-func TestDisallowedCharacters(t *testing.T) {
-
-	for i, tt := range characterTests {
-		d := NewDecoder(strings.NewReader(tt.in))
-		var err error
-
-		for err == nil {
-			_, err = d.Token()
-		}
-		synerr, ok := err.(*SyntaxError)
-		if !ok {
-			t.Fatalf("input %d d.Token() = _, %v, want _, *SyntaxError", i, err)
-		}
-		if synerr.Msg != tt.err {
-			t.Fatalf("input %d synerr.Msg wrong: want %q, got %q", i, tt.err, synerr.Msg)
-		}
-	}
-}
-
-type procInstEncodingTest struct {
-	expect, got string
-}
-
-var procInstTests = []struct {
-	input  string
-	expect [2]string
-}{
-	{`version="1.0" encoding="utf-8"`, [2]string{"1.0", "utf-8"}},
-	{`version="1.0" encoding='utf-8'`, [2]string{"1.0", "utf-8"}},
-	{`version="1.0" encoding='utf-8' `, [2]string{"1.0", "utf-8"}},
-	{`version="1.0" encoding=utf-8`, [2]string{"1.0", ""}},
-	{`encoding="FOO" `, [2]string{"", "FOO"}},
-}
-
-func TestProcInstEncoding(t *testing.T) {
-	for _, test := range procInstTests {
-		if got := procInst("version", test.input); got != test.expect[0] {
-			t.Errorf("procInst(version, %q) = %q; want %q", test.input, got, test.expect[0])
-		}
-		if got := procInst("encoding", test.input); got != test.expect[1] {
-			t.Errorf("procInst(encoding, %q) = %q; want %q", test.input, got, test.expect[1])
-		}
-	}
-}
-
-// Ensure that directives with comments include the complete
-// text of any nested directives.
-
-var directivesWithCommentsInput = `
-]>
-]>
-   --> --> []>
-`
-
-var directivesWithCommentsTokens = []Token{
-	CharData("\n"),
-	Directive(`DOCTYPE []`),
-	CharData("\n"),
-	Directive(`DOCTYPE []`),
-	CharData("\n"),
-	Directive(`DOCTYPE      []`),
-	CharData("\n"),
-}
-
-func TestDirectivesWithComments(t *testing.T) {
-	d := NewDecoder(strings.NewReader(directivesWithCommentsInput))
-
-	for i, want := range directivesWithCommentsTokens {
-		have, err := d.Token()
-		if err != nil {
-			t.Fatalf("token %d: unexpected error: %s", i, err)
-		}
-		if !reflect.DeepEqual(have, want) {
-			t.Errorf("token %d = %#v want %#v", i, have, want)
-		}
-	}
-}
-
-// Writer whose Write method always returns an error.
-type errWriter struct{}
-
-func (errWriter) Write(p []byte) (n int, err error) { return 0, fmt.Errorf("unwritable") }
-
-func TestEscapeTextIOErrors(t *testing.T) {
-	expectErr := "unwritable"
-	err := EscapeText(errWriter{}, []byte{'A'})
-
-	if err == nil || err.Error() != expectErr {
-		t.Errorf("have %v, want %v", err, expectErr)
-	}
-}
-
-func TestEscapeTextInvalidChar(t *testing.T) {
-	input := []byte("A \x00 terminated string.")
-	expected := "A \uFFFD terminated string."
-
-	buff := new(bytes.Buffer)
-	if err := EscapeText(buff, input); err != nil {
-		t.Fatalf("have %v, want nil", err)
-	}
-	text := buff.String()
-
-	if text != expected {
-		t.Errorf("have %v, want %v", text, expected)
-	}
-}
-
-func TestIssue5880(t *testing.T) {
-	type T []byte
-	data, err := Marshal(T{192, 168, 0, 1})
-	if err != nil {
-		t.Errorf("Marshal error: %v", err)
-	}
-	if !utf8.Valid(data) {
-		t.Errorf("Marshal generated invalid UTF-8: %x", data)
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/litmus_test_server.go b/vendor/golang.org/x/net/webdav/litmus_test_server.go
deleted file mode 100644
index 514db5dd..00000000
--- a/vendor/golang.org/x/net/webdav/litmus_test_server.go
+++ /dev/null
@@ -1,94 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// +build ignore
-
-/*
-This program is a server for the WebDAV 'litmus' compliance test at
-http://www.webdav.org/neon/litmus/
-To run the test:
-
-go run litmus_test_server.go
-
-and separately, from the downloaded litmus-xxx directory:
-
-make URL=http://localhost:9999/ check
-*/
-package main
-
-import (
-	"flag"
-	"fmt"
-	"log"
-	"net/http"
-	"net/url"
-
-	"golang.org/x/net/webdav"
-)
-
-var port = flag.Int("port", 9999, "server port")
-
-func main() {
-	flag.Parse()
-	log.SetFlags(0)
-	h := &webdav.Handler{
-		FileSystem: webdav.NewMemFS(),
-		LockSystem: webdav.NewMemLS(),
-		Logger: func(r *http.Request, err error) {
-			litmus := r.Header.Get("X-Litmus")
-			if len(litmus) > 19 {
-				litmus = litmus[:16] + "..."
-			}
-
-			switch r.Method {
-			case "COPY", "MOVE":
-				dst := ""
-				if u, err := url.Parse(r.Header.Get("Destination")); err == nil {
-					dst = u.Path
-				}
-				o := r.Header.Get("Overwrite")
-				log.Printf("%-20s%-10s%-30s%-30so=%-2s%v", litmus, r.Method, r.URL.Path, dst, o, err)
-			default:
-				log.Printf("%-20s%-10s%-30s%v", litmus, r.Method, r.URL.Path, err)
-			}
-		},
-	}
-
-	// The next line would normally be:
-	//	http.Handle("/", h)
-	// but we wrap that HTTP handler h to cater for a special case.
-	//
-	// The propfind_invalid2 litmus test case expects an empty namespace prefix
-	// declaration to be an error. The FAQ in the webdav litmus test says:
-	//
-	// "What does the "propfind_invalid2" test check for?...
-	//
-	// If a request was sent with an XML body which included an empty namespace
-	// prefix declaration (xmlns:ns1=""), then the server must reject that with
-	// a "400 Bad Request" response, as it is invalid according to the XML
-	// Namespace specification."
-	//
-	// On the other hand, the Go standard library's encoding/xml package
-	// accepts an empty xmlns namespace, as per the discussion at
-	// https://github.com/golang/go/issues/8068
-	//
-	// Empty namespaces seem disallowed in the second (2006) edition of the XML
-	// standard, but allowed in a later edition. The grammar differs between
-	// http://www.w3.org/TR/2006/REC-xml-names-20060816/#ns-decl and
-	// http://www.w3.org/TR/REC-xml-names/#dt-prefix
-	//
-	// Thus, we assume that the propfind_invalid2 test is obsolete, and
-	// hard-code the 400 Bad Request response that the test expects.
-	http.Handle("/", http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		if r.Header.Get("X-Litmus") == "props: 3 (propfind_invalid2)" {
-			http.Error(w, "400 Bad Request", http.StatusBadRequest)
-			return
-		}
-		h.ServeHTTP(w, r)
-	}))
-
-	addr := fmt.Sprintf(":%d", *port)
-	log.Printf("Serving %v", addr)
-	log.Fatal(http.ListenAndServe(addr, nil))
-}
diff --git a/vendor/golang.org/x/net/webdav/lock.go b/vendor/golang.org/x/net/webdav/lock.go
deleted file mode 100644
index 344ac5ce..00000000
--- a/vendor/golang.org/x/net/webdav/lock.go
+++ /dev/null
@@ -1,445 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"container/heap"
-	"errors"
-	"strconv"
-	"strings"
-	"sync"
-	"time"
-)
-
-var (
-	// ErrConfirmationFailed is returned by a LockSystem's Confirm method.
-	ErrConfirmationFailed = errors.New("webdav: confirmation failed")
-	// ErrForbidden is returned by a LockSystem's Unlock method.
-	ErrForbidden = errors.New("webdav: forbidden")
-	// ErrLocked is returned by a LockSystem's Create, Refresh and Unlock methods.
-	ErrLocked = errors.New("webdav: locked")
-	// ErrNoSuchLock is returned by a LockSystem's Refresh and Unlock methods.
-	ErrNoSuchLock = errors.New("webdav: no such lock")
-)
-
-// Condition can match a WebDAV resource, based on a token or ETag.
-// Exactly one of Token and ETag should be non-empty.
-type Condition struct {
-	Not   bool
-	Token string
-	ETag  string
-}
-
-// LockSystem manages access to a collection of named resources. The elements
-// in a lock name are separated by slash ('/', U+002F) characters, regardless
-// of host operating system convention.
-type LockSystem interface {
-	// Confirm confirms that the caller can claim all of the locks specified by
-	// the given conditions, and that holding the union of all of those locks
-	// gives exclusive access to all of the named resources. Up to two resources
-	// can be named. Empty names are ignored.
-	//
-	// Exactly one of release and err will be non-nil. If release is non-nil,
-	// all of the requested locks are held until release is called. Calling
-	// release does not unlock the lock, in the WebDAV UNLOCK sense, but once
-	// Confirm has confirmed that a lock claim is valid, that lock cannot be
-	// Confirmed again until it has been released.
-	//
-	// If Confirm returns ErrConfirmationFailed then the Handler will continue
-	// to try any other set of locks presented (a WebDAV HTTP request can
-	// present more than one set of locks). If it returns any other non-nil
-	// error, the Handler will write a "500 Internal Server Error" HTTP status.
-	Confirm(now time.Time, name0, name1 string, conditions ...Condition) (release func(), err error)
-
-	// Create creates a lock with the given depth, duration, owner and root
-	// (name). The depth will either be negative (meaning infinite) or zero.
-	//
-	// If Create returns ErrLocked then the Handler will write a "423 Locked"
-	// HTTP status. If it returns any other non-nil error, the Handler will
-	// write a "500 Internal Server Error" HTTP status.
-	//
-	// See http://www.webdav.org/specs/rfc4918.html#rfc.section.9.10.6 for
-	// when to use each error.
-	//
-	// The token returned identifies the created lock. It should be an absolute
-	// URI as defined by RFC 3986, Section 4.3. In particular, it should not
-	// contain whitespace.
-	Create(now time.Time, details LockDetails) (token string, err error)
-
-	// Refresh refreshes the lock with the given token.
-	//
-	// If Refresh returns ErrLocked then the Handler will write a "423 Locked"
-	// HTTP Status. If Refresh returns ErrNoSuchLock then the Handler will write
-	// a "412 Precondition Failed" HTTP Status. If it returns any other non-nil
-	// error, the Handler will write a "500 Internal Server Error" HTTP status.
-	//
-	// See http://www.webdav.org/specs/rfc4918.html#rfc.section.9.10.6 for
-	// when to use each error.
-	Refresh(now time.Time, token string, duration time.Duration) (LockDetails, error)
-
-	// Unlock unlocks the lock with the given token.
-	//
-	// If Unlock returns ErrForbidden then the Handler will write a "403
-	// Forbidden" HTTP Status. If Unlock returns ErrLocked then the Handler
-	// will write a "423 Locked" HTTP status. If Unlock returns ErrNoSuchLock
-	// then the Handler will write a "409 Conflict" HTTP Status. If it returns
-	// any other non-nil error, the Handler will write a "500 Internal Server
-	// Error" HTTP status.
-	//
-	// See http://www.webdav.org/specs/rfc4918.html#rfc.section.9.11.1 for
-	// when to use each error.
-	Unlock(now time.Time, token string) error
-}
-
-// LockDetails are a lock's metadata.
-type LockDetails struct {
-	// Root is the root resource name being locked. For a zero-depth lock, the
-	// root is the only resource being locked.
-	Root string
-	// Duration is the lock timeout. A negative duration means infinite.
-	Duration time.Duration
-	// OwnerXML is the verbatim  XML given in a LOCK HTTP request.
-	//
-	// TODO: does the "verbatim" nature play well with XML namespaces?
-	// Does the OwnerXML field need to have more structure? See
-	// https://codereview.appspot.com/175140043/#msg2
-	OwnerXML string
-	// ZeroDepth is whether the lock has zero depth. If it does not have zero
-	// depth, it has infinite depth.
-	ZeroDepth bool
-}
-
-// NewMemLS returns a new in-memory LockSystem.
-func NewMemLS() LockSystem {
-	return &memLS{
-		byName:  make(map[string]*memLSNode),
-		byToken: make(map[string]*memLSNode),
-		gen:     uint64(time.Now().Unix()),
-	}
-}
-
-type memLS struct {
-	mu      sync.Mutex
-	byName  map[string]*memLSNode
-	byToken map[string]*memLSNode
-	gen     uint64
-	// byExpiry only contains those nodes whose LockDetails have a finite
-	// Duration and are yet to expire.
-	byExpiry byExpiry
-}
-
-func (m *memLS) nextToken() string {
-	m.gen++
-	return strconv.FormatUint(m.gen, 10)
-}
-
-func (m *memLS) collectExpiredNodes(now time.Time) {
-	for len(m.byExpiry) > 0 {
-		if now.Before(m.byExpiry[0].expiry) {
-			break
-		}
-		m.remove(m.byExpiry[0])
-	}
-}
-
-func (m *memLS) Confirm(now time.Time, name0, name1 string, conditions ...Condition) (func(), error) {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	m.collectExpiredNodes(now)
-
-	var n0, n1 *memLSNode
-	if name0 != "" {
-		if n0 = m.lookup(slashClean(name0), conditions...); n0 == nil {
-			return nil, ErrConfirmationFailed
-		}
-	}
-	if name1 != "" {
-		if n1 = m.lookup(slashClean(name1), conditions...); n1 == nil {
-			return nil, ErrConfirmationFailed
-		}
-	}
-
-	// Don't hold the same node twice.
-	if n1 == n0 {
-		n1 = nil
-	}
-
-	if n0 != nil {
-		m.hold(n0)
-	}
-	if n1 != nil {
-		m.hold(n1)
-	}
-	return func() {
-		m.mu.Lock()
-		defer m.mu.Unlock()
-		if n1 != nil {
-			m.unhold(n1)
-		}
-		if n0 != nil {
-			m.unhold(n0)
-		}
-	}, nil
-}
-
-// lookup returns the node n that locks the named resource, provided that n
-// matches at least one of the given conditions and that lock isn't held by
-// another party. Otherwise, it returns nil.
-//
-// n may be a parent of the named resource, if n is an infinite depth lock.
-func (m *memLS) lookup(name string, conditions ...Condition) (n *memLSNode) {
-	// TODO: support Condition.Not and Condition.ETag.
-	for _, c := range conditions {
-		n = m.byToken[c.Token]
-		if n == nil || n.held {
-			continue
-		}
-		if name == n.details.Root {
-			return n
-		}
-		if n.details.ZeroDepth {
-			continue
-		}
-		if n.details.Root == "/" || strings.HasPrefix(name, n.details.Root+"/") {
-			return n
-		}
-	}
-	return nil
-}
-
-func (m *memLS) hold(n *memLSNode) {
-	if n.held {
-		panic("webdav: memLS inconsistent held state")
-	}
-	n.held = true
-	if n.details.Duration >= 0 && n.byExpiryIndex >= 0 {
-		heap.Remove(&m.byExpiry, n.byExpiryIndex)
-	}
-}
-
-func (m *memLS) unhold(n *memLSNode) {
-	if !n.held {
-		panic("webdav: memLS inconsistent held state")
-	}
-	n.held = false
-	if n.details.Duration >= 0 {
-		heap.Push(&m.byExpiry, n)
-	}
-}
-
-func (m *memLS) Create(now time.Time, details LockDetails) (string, error) {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	m.collectExpiredNodes(now)
-	details.Root = slashClean(details.Root)
-
-	if !m.canCreate(details.Root, details.ZeroDepth) {
-		return "", ErrLocked
-	}
-	n := m.create(details.Root)
-	n.token = m.nextToken()
-	m.byToken[n.token] = n
-	n.details = details
-	if n.details.Duration >= 0 {
-		n.expiry = now.Add(n.details.Duration)
-		heap.Push(&m.byExpiry, n)
-	}
-	return n.token, nil
-}
-
-func (m *memLS) Refresh(now time.Time, token string, duration time.Duration) (LockDetails, error) {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	m.collectExpiredNodes(now)
-
-	n := m.byToken[token]
-	if n == nil {
-		return LockDetails{}, ErrNoSuchLock
-	}
-	if n.held {
-		return LockDetails{}, ErrLocked
-	}
-	if n.byExpiryIndex >= 0 {
-		heap.Remove(&m.byExpiry, n.byExpiryIndex)
-	}
-	n.details.Duration = duration
-	if n.details.Duration >= 0 {
-		n.expiry = now.Add(n.details.Duration)
-		heap.Push(&m.byExpiry, n)
-	}
-	return n.details, nil
-}
-
-func (m *memLS) Unlock(now time.Time, token string) error {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-	m.collectExpiredNodes(now)
-
-	n := m.byToken[token]
-	if n == nil {
-		return ErrNoSuchLock
-	}
-	if n.held {
-		return ErrLocked
-	}
-	m.remove(n)
-	return nil
-}
-
-func (m *memLS) canCreate(name string, zeroDepth bool) bool {
-	return walkToRoot(name, func(name0 string, first bool) bool {
-		n := m.byName[name0]
-		if n == nil {
-			return true
-		}
-		if first {
-			if n.token != "" {
-				// The target node is already locked.
-				return false
-			}
-			if !zeroDepth {
-				// The requested lock depth is infinite, and the fact that n exists
-				// (n != nil) means that a descendent of the target node is locked.
-				return false
-			}
-		} else if n.token != "" && !n.details.ZeroDepth {
-			// An ancestor of the target node is locked with infinite depth.
-			return false
-		}
-		return true
-	})
-}
-
-func (m *memLS) create(name string) (ret *memLSNode) {
-	walkToRoot(name, func(name0 string, first bool) bool {
-		n := m.byName[name0]
-		if n == nil {
-			n = &memLSNode{
-				details: LockDetails{
-					Root: name0,
-				},
-				byExpiryIndex: -1,
-			}
-			m.byName[name0] = n
-		}
-		n.refCount++
-		if first {
-			ret = n
-		}
-		return true
-	})
-	return ret
-}
-
-func (m *memLS) remove(n *memLSNode) {
-	delete(m.byToken, n.token)
-	n.token = ""
-	walkToRoot(n.details.Root, func(name0 string, first bool) bool {
-		x := m.byName[name0]
-		x.refCount--
-		if x.refCount == 0 {
-			delete(m.byName, name0)
-		}
-		return true
-	})
-	if n.byExpiryIndex >= 0 {
-		heap.Remove(&m.byExpiry, n.byExpiryIndex)
-	}
-}
-
-func walkToRoot(name string, f func(name0 string, first bool) bool) bool {
-	for first := true; ; first = false {
-		if !f(name, first) {
-			return false
-		}
-		if name == "/" {
-			break
-		}
-		name = name[:strings.LastIndex(name, "/")]
-		if name == "" {
-			name = "/"
-		}
-	}
-	return true
-}
-
-type memLSNode struct {
-	// details are the lock metadata. Even if this node's name is not explicitly locked,
-	// details.Root will still equal the node's name.
-	details LockDetails
-	// token is the unique identifier for this node's lock. An empty token means that
-	// this node is not explicitly locked.
-	token string
-	// refCount is the number of self-or-descendent nodes that are explicitly locked.
-	refCount int
-	// expiry is when this node's lock expires.
-	expiry time.Time
-	// byExpiryIndex is the index of this node in memLS.byExpiry. It is -1
-	// if this node does not expire, or has expired.
-	byExpiryIndex int
-	// held is whether this node's lock is actively held by a Confirm call.
-	held bool
-}
-
-type byExpiry []*memLSNode
-
-func (b *byExpiry) Len() int {
-	return len(*b)
-}
-
-func (b *byExpiry) Less(i, j int) bool {
-	return (*b)[i].expiry.Before((*b)[j].expiry)
-}
-
-func (b *byExpiry) Swap(i, j int) {
-	(*b)[i], (*b)[j] = (*b)[j], (*b)[i]
-	(*b)[i].byExpiryIndex = i
-	(*b)[j].byExpiryIndex = j
-}
-
-func (b *byExpiry) Push(x interface{}) {
-	n := x.(*memLSNode)
-	n.byExpiryIndex = len(*b)
-	*b = append(*b, n)
-}
-
-func (b *byExpiry) Pop() interface{} {
-	i := len(*b) - 1
-	n := (*b)[i]
-	(*b)[i] = nil
-	n.byExpiryIndex = -1
-	*b = (*b)[:i]
-	return n
-}
-
-const infiniteTimeout = -1
-
-// parseTimeout parses the Timeout HTTP header, as per section 10.7. If s is
-// empty, an infiniteTimeout is returned.
-func parseTimeout(s string) (time.Duration, error) {
-	if s == "" {
-		return infiniteTimeout, nil
-	}
-	if i := strings.IndexByte(s, ','); i >= 0 {
-		s = s[:i]
-	}
-	s = strings.TrimSpace(s)
-	if s == "Infinite" {
-		return infiniteTimeout, nil
-	}
-	const pre = "Second-"
-	if !strings.HasPrefix(s, pre) {
-		return 0, errInvalidTimeout
-	}
-	s = s[len(pre):]
-	if s == "" || s[0] < '0' || '9' < s[0] {
-		return 0, errInvalidTimeout
-	}
-	n, err := strconv.ParseInt(s, 10, 64)
-	if err != nil || 1<<32-1 < n {
-		return 0, errInvalidTimeout
-	}
-	return time.Duration(n) * time.Second, nil
-}
diff --git a/vendor/golang.org/x/net/webdav/lock_test.go b/vendor/golang.org/x/net/webdav/lock_test.go
deleted file mode 100644
index 116d6c0d..00000000
--- a/vendor/golang.org/x/net/webdav/lock_test.go
+++ /dev/null
@@ -1,731 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"fmt"
-	"math/rand"
-	"path"
-	"reflect"
-	"sort"
-	"strconv"
-	"strings"
-	"testing"
-	"time"
-)
-
-func TestWalkToRoot(t *testing.T) {
-	testCases := []struct {
-		name string
-		want []string
-	}{{
-		"/a/b/c/d",
-		[]string{
-			"/a/b/c/d",
-			"/a/b/c",
-			"/a/b",
-			"/a",
-			"/",
-		},
-	}, {
-		"/a",
-		[]string{
-			"/a",
-			"/",
-		},
-	}, {
-		"/",
-		[]string{
-			"/",
-		},
-	}}
-
-	for _, tc := range testCases {
-		var got []string
-		if !walkToRoot(tc.name, func(name0 string, first bool) bool {
-			if first != (len(got) == 0) {
-				t.Errorf("name=%q: first=%t but len(got)==%d", tc.name, first, len(got))
-				return false
-			}
-			got = append(got, name0)
-			return true
-		}) {
-			continue
-		}
-		if !reflect.DeepEqual(got, tc.want) {
-			t.Errorf("name=%q:\ngot  %q\nwant %q", tc.name, got, tc.want)
-		}
-	}
-}
-
-var lockTestDurations = []time.Duration{
-	infiniteTimeout, // infiniteTimeout means to never expire.
-	0,               // A zero duration means to expire immediately.
-	100 * time.Hour, // A very large duration will not expire in these tests.
-}
-
-// lockTestNames are the names of a set of mutually compatible locks. For each
-// name fragment:
-//	- _ means no explicit lock.
-//	- i means a infinite-depth lock,
-//	- z means a zero-depth lock,
-var lockTestNames = []string{
-	"/_/_/_/_/z",
-	"/_/_/i",
-	"/_/z",
-	"/_/z/i",
-	"/_/z/z",
-	"/_/z/_/i",
-	"/_/z/_/z",
-	"/i",
-	"/z",
-	"/z/_/i",
-	"/z/_/z",
-}
-
-func lockTestZeroDepth(name string) bool {
-	switch name[len(name)-1] {
-	case 'i':
-		return false
-	case 'z':
-		return true
-	}
-	panic(fmt.Sprintf("lock name %q did not end with 'i' or 'z'", name))
-}
-
-func TestMemLSCanCreate(t *testing.T) {
-	now := time.Unix(0, 0)
-	m := NewMemLS().(*memLS)
-
-	for _, name := range lockTestNames {
-		_, err := m.Create(now, LockDetails{
-			Root:      name,
-			Duration:  infiniteTimeout,
-			ZeroDepth: lockTestZeroDepth(name),
-		})
-		if err != nil {
-			t.Fatalf("creating lock for %q: %v", name, err)
-		}
-	}
-
-	wantCanCreate := func(name string, zeroDepth bool) bool {
-		for _, n := range lockTestNames {
-			switch {
-			case n == name:
-				// An existing lock has the same name as the proposed lock.
-				return false
-			case strings.HasPrefix(n, name):
-				// An existing lock would be a child of the proposed lock,
-				// which conflicts if the proposed lock has infinite depth.
-				if !zeroDepth {
-					return false
-				}
-			case strings.HasPrefix(name, n):
-				// An existing lock would be an ancestor of the proposed lock,
-				// which conflicts if the ancestor has infinite depth.
-				if n[len(n)-1] == 'i' {
-					return false
-				}
-			}
-		}
-		return true
-	}
-
-	var check func(int, string)
-	check = func(recursion int, name string) {
-		for _, zeroDepth := range []bool{false, true} {
-			got := m.canCreate(name, zeroDepth)
-			want := wantCanCreate(name, zeroDepth)
-			if got != want {
-				t.Errorf("canCreate name=%q zeroDepth=%t: got %t, want %t", name, zeroDepth, got, want)
-			}
-		}
-		if recursion == 6 {
-			return
-		}
-		if name != "/" {
-			name += "/"
-		}
-		for _, c := range "_iz" {
-			check(recursion+1, name+string(c))
-		}
-	}
-	check(0, "/")
-}
-
-func TestMemLSLookup(t *testing.T) {
-	now := time.Unix(0, 0)
-	m := NewMemLS().(*memLS)
-
-	badToken := m.nextToken()
-	t.Logf("badToken=%q", badToken)
-
-	for _, name := range lockTestNames {
-		token, err := m.Create(now, LockDetails{
-			Root:      name,
-			Duration:  infiniteTimeout,
-			ZeroDepth: lockTestZeroDepth(name),
-		})
-		if err != nil {
-			t.Fatalf("creating lock for %q: %v", name, err)
-		}
-		t.Logf("%-15q -> node=%p token=%q", name, m.byName[name], token)
-	}
-
-	baseNames := append([]string{"/a", "/b/c"}, lockTestNames...)
-	for _, baseName := range baseNames {
-		for _, suffix := range []string{"", "/0", "/1/2/3"} {
-			name := baseName + suffix
-
-			goodToken := ""
-			base := m.byName[baseName]
-			if base != nil && (suffix == "" || !lockTestZeroDepth(baseName)) {
-				goodToken = base.token
-			}
-
-			for _, token := range []string{badToken, goodToken} {
-				if token == "" {
-					continue
-				}
-
-				got := m.lookup(name, Condition{Token: token})
-				want := base
-				if token == badToken {
-					want = nil
-				}
-				if got != want {
-					t.Errorf("name=%-20qtoken=%q (bad=%t): got %p, want %p",
-						name, token, token == badToken, got, want)
-				}
-			}
-		}
-	}
-}
-
-func TestMemLSConfirm(t *testing.T) {
-	now := time.Unix(0, 0)
-	m := NewMemLS().(*memLS)
-	alice, err := m.Create(now, LockDetails{
-		Root:      "/alice",
-		Duration:  infiniteTimeout,
-		ZeroDepth: false,
-	})
-	tweedle, err := m.Create(now, LockDetails{
-		Root:      "/tweedle",
-		Duration:  infiniteTimeout,
-		ZeroDepth: false,
-	})
-	if err != nil {
-		t.Fatalf("Create: %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Create: inconsistent state: %v", err)
-	}
-
-	// Test a mismatch between name and condition.
-	_, err = m.Confirm(now, "/tweedle/dee", "", Condition{Token: alice})
-	if err != ErrConfirmationFailed {
-		t.Fatalf("Confirm (mismatch): got %v, want ErrConfirmationFailed", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Confirm (mismatch): inconsistent state: %v", err)
-	}
-
-	// Test two names (that fall under the same lock) in the one Confirm call.
-	release, err := m.Confirm(now, "/tweedle/dee", "/tweedle/dum", Condition{Token: tweedle})
-	if err != nil {
-		t.Fatalf("Confirm (twins): %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Confirm (twins): inconsistent state: %v", err)
-	}
-	release()
-	if err := m.consistent(); err != nil {
-		t.Fatalf("release (twins): inconsistent state: %v", err)
-	}
-
-	// Test the same two names in overlapping Confirm / release calls.
-	releaseDee, err := m.Confirm(now, "/tweedle/dee", "", Condition{Token: tweedle})
-	if err != nil {
-		t.Fatalf("Confirm (sequence #0): %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Confirm (sequence #0): inconsistent state: %v", err)
-	}
-
-	_, err = m.Confirm(now, "/tweedle/dum", "", Condition{Token: tweedle})
-	if err != ErrConfirmationFailed {
-		t.Fatalf("Confirm (sequence #1): got %v, want ErrConfirmationFailed", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Confirm (sequence #1): inconsistent state: %v", err)
-	}
-
-	releaseDee()
-	if err := m.consistent(); err != nil {
-		t.Fatalf("release (sequence #2): inconsistent state: %v", err)
-	}
-
-	releaseDum, err := m.Confirm(now, "/tweedle/dum", "", Condition{Token: tweedle})
-	if err != nil {
-		t.Fatalf("Confirm (sequence #3): %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Confirm (sequence #3): inconsistent state: %v", err)
-	}
-
-	// Test that you can't unlock a held lock.
-	err = m.Unlock(now, tweedle)
-	if err != ErrLocked {
-		t.Fatalf("Unlock (sequence #4): got %v, want ErrLocked", err)
-	}
-
-	releaseDum()
-	if err := m.consistent(); err != nil {
-		t.Fatalf("release (sequence #5): inconsistent state: %v", err)
-	}
-
-	err = m.Unlock(now, tweedle)
-	if err != nil {
-		t.Fatalf("Unlock (sequence #6): %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Unlock (sequence #6): inconsistent state: %v", err)
-	}
-}
-
-func TestMemLSNonCanonicalRoot(t *testing.T) {
-	now := time.Unix(0, 0)
-	m := NewMemLS().(*memLS)
-	token, err := m.Create(now, LockDetails{
-		Root:     "/foo/./bar//",
-		Duration: 1 * time.Second,
-	})
-	if err != nil {
-		t.Fatalf("Create: %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Create: inconsistent state: %v", err)
-	}
-	if err := m.Unlock(now, token); err != nil {
-		t.Fatalf("Unlock: %v", err)
-	}
-	if err := m.consistent(); err != nil {
-		t.Fatalf("Unlock: inconsistent state: %v", err)
-	}
-}
-
-func TestMemLSExpiry(t *testing.T) {
-	m := NewMemLS().(*memLS)
-	testCases := []string{
-		"setNow 0",
-		"create /a.5",
-		"want /a.5",
-		"create /c.6",
-		"want /a.5 /c.6",
-		"create /a/b.7",
-		"want /a.5 /a/b.7 /c.6",
-		"setNow 4",
-		"want /a.5 /a/b.7 /c.6",
-		"setNow 5",
-		"want /a/b.7 /c.6",
-		"setNow 6",
-		"want /a/b.7",
-		"setNow 7",
-		"want ",
-		"setNow 8",
-		"want ",
-		"create /a.12",
-		"create /b.13",
-		"create /c.15",
-		"create /a/d.16",
-		"want /a.12 /a/d.16 /b.13 /c.15",
-		"refresh /a.14",
-		"want /a.14 /a/d.16 /b.13 /c.15",
-		"setNow 12",
-		"want /a.14 /a/d.16 /b.13 /c.15",
-		"setNow 13",
-		"want /a.14 /a/d.16 /c.15",
-		"setNow 14",
-		"want /a/d.16 /c.15",
-		"refresh /a/d.20",
-		"refresh /c.20",
-		"want /a/d.20 /c.20",
-		"setNow 20",
-		"want ",
-	}
-
-	tokens := map[string]string{}
-	zTime := time.Unix(0, 0)
-	now := zTime
-	for i, tc := range testCases {
-		j := strings.IndexByte(tc, ' ')
-		if j < 0 {
-			t.Fatalf("test case #%d %q: invalid command", i, tc)
-		}
-		op, arg := tc[:j], tc[j+1:]
-		switch op {
-		default:
-			t.Fatalf("test case #%d %q: invalid operation %q", i, tc, op)
-
-		case "create", "refresh":
-			parts := strings.Split(arg, ".")
-			if len(parts) != 2 {
-				t.Fatalf("test case #%d %q: invalid create", i, tc)
-			}
-			root := parts[0]
-			d, err := strconv.Atoi(parts[1])
-			if err != nil {
-				t.Fatalf("test case #%d %q: invalid duration", i, tc)
-			}
-			dur := time.Unix(0, 0).Add(time.Duration(d) * time.Second).Sub(now)
-
-			switch op {
-			case "create":
-				token, err := m.Create(now, LockDetails{
-					Root:      root,
-					Duration:  dur,
-					ZeroDepth: true,
-				})
-				if err != nil {
-					t.Fatalf("test case #%d %q: Create: %v", i, tc, err)
-				}
-				tokens[root] = token
-
-			case "refresh":
-				token := tokens[root]
-				if token == "" {
-					t.Fatalf("test case #%d %q: no token for %q", i, tc, root)
-				}
-				got, err := m.Refresh(now, token, dur)
-				if err != nil {
-					t.Fatalf("test case #%d %q: Refresh: %v", i, tc, err)
-				}
-				want := LockDetails{
-					Root:      root,
-					Duration:  dur,
-					ZeroDepth: true,
-				}
-				if got != want {
-					t.Fatalf("test case #%d %q:\ngot  %v\nwant %v", i, tc, got, want)
-				}
-			}
-
-		case "setNow":
-			d, err := strconv.Atoi(arg)
-			if err != nil {
-				t.Fatalf("test case #%d %q: invalid duration", i, tc)
-			}
-			now = time.Unix(0, 0).Add(time.Duration(d) * time.Second)
-
-		case "want":
-			m.mu.Lock()
-			m.collectExpiredNodes(now)
-			got := make([]string, 0, len(m.byToken))
-			for _, n := range m.byToken {
-				got = append(got, fmt.Sprintf("%s.%d",
-					n.details.Root, n.expiry.Sub(zTime)/time.Second))
-			}
-			m.mu.Unlock()
-			sort.Strings(got)
-			want := []string{}
-			if arg != "" {
-				want = strings.Split(arg, " ")
-			}
-			if !reflect.DeepEqual(got, want) {
-				t.Fatalf("test case #%d %q:\ngot  %q\nwant %q", i, tc, got, want)
-			}
-		}
-
-		if err := m.consistent(); err != nil {
-			t.Fatalf("test case #%d %q: inconsistent state: %v", i, tc, err)
-		}
-	}
-}
-
-func TestMemLS(t *testing.T) {
-	now := time.Unix(0, 0)
-	m := NewMemLS().(*memLS)
-	rng := rand.New(rand.NewSource(0))
-	tokens := map[string]string{}
-	nConfirm, nCreate, nRefresh, nUnlock := 0, 0, 0, 0
-	const N = 2000
-
-	for i := 0; i < N; i++ {
-		name := lockTestNames[rng.Intn(len(lockTestNames))]
-		duration := lockTestDurations[rng.Intn(len(lockTestDurations))]
-		confirmed, unlocked := false, false
-
-		// If the name was already locked, we randomly confirm/release, refresh
-		// or unlock it. Otherwise, we create a lock.
-		token := tokens[name]
-		if token != "" {
-			switch rng.Intn(3) {
-			case 0:
-				confirmed = true
-				nConfirm++
-				release, err := m.Confirm(now, name, "", Condition{Token: token})
-				if err != nil {
-					t.Fatalf("iteration #%d: Confirm %q: %v", i, name, err)
-				}
-				if err := m.consistent(); err != nil {
-					t.Fatalf("iteration #%d: inconsistent state: %v", i, err)
-				}
-				release()
-
-			case 1:
-				nRefresh++
-				if _, err := m.Refresh(now, token, duration); err != nil {
-					t.Fatalf("iteration #%d: Refresh %q: %v", i, name, err)
-				}
-
-			case 2:
-				unlocked = true
-				nUnlock++
-				if err := m.Unlock(now, token); err != nil {
-					t.Fatalf("iteration #%d: Unlock %q: %v", i, name, err)
-				}
-			}
-
-		} else {
-			nCreate++
-			var err error
-			token, err = m.Create(now, LockDetails{
-				Root:      name,
-				Duration:  duration,
-				ZeroDepth: lockTestZeroDepth(name),
-			})
-			if err != nil {
-				t.Fatalf("iteration #%d: Create %q: %v", i, name, err)
-			}
-		}
-
-		if !confirmed {
-			if duration == 0 || unlocked {
-				// A zero-duration lock should expire immediately and is
-				// effectively equivalent to being unlocked.
-				tokens[name] = ""
-			} else {
-				tokens[name] = token
-			}
-		}
-
-		if err := m.consistent(); err != nil {
-			t.Fatalf("iteration #%d: inconsistent state: %v", i, err)
-		}
-	}
-
-	if nConfirm < N/10 {
-		t.Fatalf("too few Confirm calls: got %d, want >= %d", nConfirm, N/10)
-	}
-	if nCreate < N/10 {
-		t.Fatalf("too few Create calls: got %d, want >= %d", nCreate, N/10)
-	}
-	if nRefresh < N/10 {
-		t.Fatalf("too few Refresh calls: got %d, want >= %d", nRefresh, N/10)
-	}
-	if nUnlock < N/10 {
-		t.Fatalf("too few Unlock calls: got %d, want >= %d", nUnlock, N/10)
-	}
-}
-
-func (m *memLS) consistent() error {
-	m.mu.Lock()
-	defer m.mu.Unlock()
-
-	// If m.byName is non-empty, then it must contain an entry for the root "/",
-	// and its refCount should equal the number of locked nodes.
-	if len(m.byName) > 0 {
-		n := m.byName["/"]
-		if n == nil {
-			return fmt.Errorf(`non-empty m.byName does not contain the root "/"`)
-		}
-		if n.refCount != len(m.byToken) {
-			return fmt.Errorf("root node refCount=%d, differs from len(m.byToken)=%d", n.refCount, len(m.byToken))
-		}
-	}
-
-	for name, n := range m.byName {
-		// The map keys should be consistent with the node's copy of the key.
-		if n.details.Root != name {
-			return fmt.Errorf("node name %q != byName map key %q", n.details.Root, name)
-		}
-
-		// A name must be clean, and start with a "/".
-		if len(name) == 0 || name[0] != '/' {
-			return fmt.Errorf(`node name %q does not start with "/"`, name)
-		}
-		if name != path.Clean(name) {
-			return fmt.Errorf(`node name %q is not clean`, name)
-		}
-
-		// A node's refCount should be positive.
-		if n.refCount <= 0 {
-			return fmt.Errorf("non-positive refCount for node at name %q", name)
-		}
-
-		// A node's refCount should be the number of self-or-descendents that
-		// are locked (i.e. have a non-empty token).
-		var list []string
-		for name0, n0 := range m.byName {
-			// All of lockTestNames' name fragments are one byte long: '_', 'i' or 'z',
-			// so strings.HasPrefix is equivalent to self-or-descendent name match.
-			// We don't have to worry about "/foo/bar" being a false positive match
-			// for "/foo/b".
-			if strings.HasPrefix(name0, name) && n0.token != "" {
-				list = append(list, name0)
-			}
-		}
-		if n.refCount != len(list) {
-			sort.Strings(list)
-			return fmt.Errorf("node at name %q has refCount %d but locked self-or-descendents are %q (len=%d)",
-				name, n.refCount, list, len(list))
-		}
-
-		// A node n is in m.byToken if it has a non-empty token.
-		if n.token != "" {
-			if _, ok := m.byToken[n.token]; !ok {
-				return fmt.Errorf("node at name %q has token %q but not in m.byToken", name, n.token)
-			}
-		}
-
-		// A node n is in m.byExpiry if it has a non-negative byExpiryIndex.
-		if n.byExpiryIndex >= 0 {
-			if n.byExpiryIndex >= len(m.byExpiry) {
-				return fmt.Errorf("node at name %q has byExpiryIndex %d but m.byExpiry has length %d", name, n.byExpiryIndex, len(m.byExpiry))
-			}
-			if n != m.byExpiry[n.byExpiryIndex] {
-				return fmt.Errorf("node at name %q has byExpiryIndex %d but that indexes a different node", name, n.byExpiryIndex)
-			}
-		}
-	}
-
-	for token, n := range m.byToken {
-		// The map keys should be consistent with the node's copy of the key.
-		if n.token != token {
-			return fmt.Errorf("node token %q != byToken map key %q", n.token, token)
-		}
-
-		// Every node in m.byToken is in m.byName.
-		if _, ok := m.byName[n.details.Root]; !ok {
-			return fmt.Errorf("node at name %q in m.byToken but not in m.byName", n.details.Root)
-		}
-	}
-
-	for i, n := range m.byExpiry {
-		// The slice indices should be consistent with the node's copy of the index.
-		if n.byExpiryIndex != i {
-			return fmt.Errorf("node byExpiryIndex %d != byExpiry slice index %d", n.byExpiryIndex, i)
-		}
-
-		// Every node in m.byExpiry is in m.byName.
-		if _, ok := m.byName[n.details.Root]; !ok {
-			return fmt.Errorf("node at name %q in m.byExpiry but not in m.byName", n.details.Root)
-		}
-
-		// No node in m.byExpiry should be held.
-		if n.held {
-			return fmt.Errorf("node at name %q in m.byExpiry is held", n.details.Root)
-		}
-	}
-	return nil
-}
-
-func TestParseTimeout(t *testing.T) {
-	testCases := []struct {
-		s       string
-		want    time.Duration
-		wantErr error
-	}{{
-		"",
-		infiniteTimeout,
-		nil,
-	}, {
-		"Infinite",
-		infiniteTimeout,
-		nil,
-	}, {
-		"Infinitesimal",
-		0,
-		errInvalidTimeout,
-	}, {
-		"infinite",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second-0",
-		0 * time.Second,
-		nil,
-	}, {
-		"Second-123",
-		123 * time.Second,
-		nil,
-	}, {
-		"  Second-456    ",
-		456 * time.Second,
-		nil,
-	}, {
-		"Second-4100000000",
-		4100000000 * time.Second,
-		nil,
-	}, {
-		"junk",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second-",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second--1",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second--123",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second-+123",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second-0x123",
-		0,
-		errInvalidTimeout,
-	}, {
-		"second-123",
-		0,
-		errInvalidTimeout,
-	}, {
-		"Second-4294967295",
-		4294967295 * time.Second,
-		nil,
-	}, {
-		// Section 10.7 says that "The timeout value for TimeType "Second"
-		// must not be greater than 2^32-1."
-		"Second-4294967296",
-		0,
-		errInvalidTimeout,
-	}, {
-		// This test case comes from section 9.10.9 of the spec. It says,
-		//
-		// "In this request, the client has specified that it desires an
-		// infinite-length lock, if available, otherwise a timeout of 4.1
-		// billion seconds, if available."
-		//
-		// The Go WebDAV package always supports infinite length locks,
-		// and ignores the fallback after the comma.
-		"Infinite, Second-4100000000",
-		infiniteTimeout,
-		nil,
-	}}
-
-	for _, tc := range testCases {
-		got, gotErr := parseTimeout(tc.s)
-		if got != tc.want || gotErr != tc.wantErr {
-			t.Errorf("parsing %q:\ngot  %v, %v\nwant %v, %v", tc.s, got, gotErr, tc.want, tc.wantErr)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/prop.go b/vendor/golang.org/x/net/webdav/prop.go
deleted file mode 100644
index 88b9a3a3..00000000
--- a/vendor/golang.org/x/net/webdav/prop.go
+++ /dev/null
@@ -1,389 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"fmt"
-	"io"
-	"mime"
-	"net/http"
-	"os"
-	"path/filepath"
-	"strconv"
-
-	"golang.org/x/net/webdav/internal/xml"
-)
-
-// Proppatch describes a property update instruction as defined in RFC 4918.
-// See http://www.webdav.org/specs/rfc4918.html#METHOD_PROPPATCH
-type Proppatch struct {
-	// Remove specifies whether this patch removes properties. If it does not
-	// remove them, it sets them.
-	Remove bool
-	// Props contains the properties to be set or removed.
-	Props []Property
-}
-
-// Propstat describes a XML propstat element as defined in RFC 4918.
-// See http://www.webdav.org/specs/rfc4918.html#ELEMENT_propstat
-type Propstat struct {
-	// Props contains the properties for which Status applies.
-	Props []Property
-
-	// Status defines the HTTP status code of the properties in Prop.
-	// Allowed values include, but are not limited to the WebDAV status
-	// code extensions for HTTP/1.1.
-	// http://www.webdav.org/specs/rfc4918.html#status.code.extensions.to.http11
-	Status int
-
-	// XMLError contains the XML representation of the optional error element.
-	// XML content within this field must not rely on any predefined
-	// namespace declarations or prefixes. If empty, the XML error element
-	// is omitted.
-	XMLError string
-
-	// ResponseDescription contains the contents of the optional
-	// responsedescription field. If empty, the XML element is omitted.
-	ResponseDescription string
-}
-
-// makePropstats returns a slice containing those of x and y whose Props slice
-// is non-empty. If both are empty, it returns a slice containing an otherwise
-// zero Propstat whose HTTP status code is 200 OK.
-func makePropstats(x, y Propstat) []Propstat {
-	pstats := make([]Propstat, 0, 2)
-	if len(x.Props) != 0 {
-		pstats = append(pstats, x)
-	}
-	if len(y.Props) != 0 {
-		pstats = append(pstats, y)
-	}
-	if len(pstats) == 0 {
-		pstats = append(pstats, Propstat{
-			Status: http.StatusOK,
-		})
-	}
-	return pstats
-}
-
-// DeadPropsHolder holds the dead properties of a resource.
-//
-// Dead properties are those properties that are explicitly defined. In
-// comparison, live properties, such as DAV:getcontentlength, are implicitly
-// defined by the underlying resource, and cannot be explicitly overridden or
-// removed. See the Terminology section of
-// http://www.webdav.org/specs/rfc4918.html#rfc.section.3
-//
-// There is a whitelist of the names of live properties. This package handles
-// all live properties, and will only pass non-whitelisted names to the Patch
-// method of DeadPropsHolder implementations.
-type DeadPropsHolder interface {
-	// DeadProps returns a copy of the dead properties held.
-	DeadProps() (map[xml.Name]Property, error)
-
-	// Patch patches the dead properties held.
-	//
-	// Patching is atomic; either all or no patches succeed. It returns (nil,
-	// non-nil) if an internal server error occurred, otherwise the Propstats
-	// collectively contain one Property for each proposed patch Property. If
-	// all patches succeed, Patch returns a slice of length one and a Propstat
-	// element with a 200 OK HTTP status code. If none succeed, for reasons
-	// other than an internal server error, no Propstat has status 200 OK.
-	//
-	// For more details on when various HTTP status codes apply, see
-	// http://www.webdav.org/specs/rfc4918.html#PROPPATCH-status
-	Patch([]Proppatch) ([]Propstat, error)
-}
-
-// liveProps contains all supported, protected DAV: properties.
-var liveProps = map[xml.Name]struct {
-	// findFn implements the propfind function of this property. If nil,
-	// it indicates a hidden property.
-	findFn func(FileSystem, LockSystem, string, os.FileInfo) (string, error)
-	// dir is true if the property applies to directories.
-	dir bool
-}{
-	xml.Name{Space: "DAV:", Local: "resourcetype"}: {
-		findFn: findResourceType,
-		dir:    true,
-	},
-	xml.Name{Space: "DAV:", Local: "displayname"}: {
-		findFn: findDisplayName,
-		dir:    true,
-	},
-	xml.Name{Space: "DAV:", Local: "getcontentlength"}: {
-		findFn: findContentLength,
-		dir:    false,
-	},
-	xml.Name{Space: "DAV:", Local: "getlastmodified"}: {
-		findFn: findLastModified,
-		dir:    false,
-	},
-	xml.Name{Space: "DAV:", Local: "creationdate"}: {
-		findFn: nil,
-		dir:    false,
-	},
-	xml.Name{Space: "DAV:", Local: "getcontentlanguage"}: {
-		findFn: nil,
-		dir:    false,
-	},
-	xml.Name{Space: "DAV:", Local: "getcontenttype"}: {
-		findFn: findContentType,
-		dir:    false,
-	},
-	xml.Name{Space: "DAV:", Local: "getetag"}: {
-		findFn: findETag,
-		// findETag implements ETag as the concatenated hex values of a file's
-		// modification time and size. This is not a reliable synchronization
-		// mechanism for directories, so we do not advertise getetag for DAV
-		// collections.
-		dir: false,
-	},
-
-	// TODO: The lockdiscovery property requires LockSystem to list the
-	// active locks on a resource.
-	xml.Name{Space: "DAV:", Local: "lockdiscovery"}: {},
-	xml.Name{Space: "DAV:", Local: "supportedlock"}: {
-		findFn: findSupportedLock,
-		dir:    true,
-	},
-}
-
-// TODO(nigeltao) merge props and allprop?
-
-// Props returns the status of the properties named pnames for resource name.
-//
-// Each Propstat has a unique status and each property name will only be part
-// of one Propstat element.
-func props(fs FileSystem, ls LockSystem, name string, pnames []xml.Name) ([]Propstat, error) {
-	f, err := fs.OpenFile(name, os.O_RDONLY, 0)
-	if err != nil {
-		return nil, err
-	}
-	defer f.Close()
-	fi, err := f.Stat()
-	if err != nil {
-		return nil, err
-	}
-	isDir := fi.IsDir()
-
-	var deadProps map[xml.Name]Property
-	if dph, ok := f.(DeadPropsHolder); ok {
-		deadProps, err = dph.DeadProps()
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	pstatOK := Propstat{Status: http.StatusOK}
-	pstatNotFound := Propstat{Status: http.StatusNotFound}
-	for _, pn := range pnames {
-		// If this file has dead properties, check if they contain pn.
-		if dp, ok := deadProps[pn]; ok {
-			pstatOK.Props = append(pstatOK.Props, dp)
-			continue
-		}
-		// Otherwise, it must either be a live property or we don't know it.
-		if prop := liveProps[pn]; prop.findFn != nil && (prop.dir || !isDir) {
-			innerXML, err := prop.findFn(fs, ls, name, fi)
-			if err != nil {
-				return nil, err
-			}
-			pstatOK.Props = append(pstatOK.Props, Property{
-				XMLName:  pn,
-				InnerXML: []byte(innerXML),
-			})
-		} else {
-			pstatNotFound.Props = append(pstatNotFound.Props, Property{
-				XMLName: pn,
-			})
-		}
-	}
-	return makePropstats(pstatOK, pstatNotFound), nil
-}
-
-// Propnames returns the property names defined for resource name.
-func propnames(fs FileSystem, ls LockSystem, name string) ([]xml.Name, error) {
-	f, err := fs.OpenFile(name, os.O_RDONLY, 0)
-	if err != nil {
-		return nil, err
-	}
-	defer f.Close()
-	fi, err := f.Stat()
-	if err != nil {
-		return nil, err
-	}
-	isDir := fi.IsDir()
-
-	var deadProps map[xml.Name]Property
-	if dph, ok := f.(DeadPropsHolder); ok {
-		deadProps, err = dph.DeadProps()
-		if err != nil {
-			return nil, err
-		}
-	}
-
-	pnames := make([]xml.Name, 0, len(liveProps)+len(deadProps))
-	for pn, prop := range liveProps {
-		if prop.findFn != nil && (prop.dir || !isDir) {
-			pnames = append(pnames, pn)
-		}
-	}
-	for pn := range deadProps {
-		pnames = append(pnames, pn)
-	}
-	return pnames, nil
-}
-
-// Allprop returns the properties defined for resource name and the properties
-// named in include.
-//
-// Note that RFC 4918 defines 'allprop' to return the DAV: properties defined
-// within the RFC plus dead properties. Other live properties should only be
-// returned if they are named in 'include'.
-//
-// See http://www.webdav.org/specs/rfc4918.html#METHOD_PROPFIND
-func allprop(fs FileSystem, ls LockSystem, name string, include []xml.Name) ([]Propstat, error) {
-	pnames, err := propnames(fs, ls, name)
-	if err != nil {
-		return nil, err
-	}
-	// Add names from include if they are not already covered in pnames.
-	nameset := make(map[xml.Name]bool)
-	for _, pn := range pnames {
-		nameset[pn] = true
-	}
-	for _, pn := range include {
-		if !nameset[pn] {
-			pnames = append(pnames, pn)
-		}
-	}
-	return props(fs, ls, name, pnames)
-}
-
-// Patch patches the properties of resource name. The return values are
-// constrained in the same manner as DeadPropsHolder.Patch.
-func patch(fs FileSystem, ls LockSystem, name string, patches []Proppatch) ([]Propstat, error) {
-	conflict := false
-loop:
-	for _, patch := range patches {
-		for _, p := range patch.Props {
-			if _, ok := liveProps[p.XMLName]; ok {
-				conflict = true
-				break loop
-			}
-		}
-	}
-	if conflict {
-		pstatForbidden := Propstat{
-			Status:   http.StatusForbidden,
-			XMLError: ``,
-		}
-		pstatFailedDep := Propstat{
-			Status: StatusFailedDependency,
-		}
-		for _, patch := range patches {
-			for _, p := range patch.Props {
-				if _, ok := liveProps[p.XMLName]; ok {
-					pstatForbidden.Props = append(pstatForbidden.Props, Property{XMLName: p.XMLName})
-				} else {
-					pstatFailedDep.Props = append(pstatFailedDep.Props, Property{XMLName: p.XMLName})
-				}
-			}
-		}
-		return makePropstats(pstatForbidden, pstatFailedDep), nil
-	}
-
-	f, err := fs.OpenFile(name, os.O_RDWR, 0)
-	if err != nil {
-		return nil, err
-	}
-	defer f.Close()
-	if dph, ok := f.(DeadPropsHolder); ok {
-		ret, err := dph.Patch(patches)
-		if err != nil {
-			return nil, err
-		}
-		// http://www.webdav.org/specs/rfc4918.html#ELEMENT_propstat says that
-		// "The contents of the prop XML element must only list the names of
-		// properties to which the result in the status element applies."
-		for _, pstat := range ret {
-			for i, p := range pstat.Props {
-				pstat.Props[i] = Property{XMLName: p.XMLName}
-			}
-		}
-		return ret, nil
-	}
-	// The file doesn't implement the optional DeadPropsHolder interface, so
-	// all patches are forbidden.
-	pstat := Propstat{Status: http.StatusForbidden}
-	for _, patch := range patches {
-		for _, p := range patch.Props {
-			pstat.Props = append(pstat.Props, Property{XMLName: p.XMLName})
-		}
-	}
-	return []Propstat{pstat}, nil
-}
-
-func findResourceType(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	if fi.IsDir() {
-		return ``, nil
-	}
-	return "", nil
-}
-
-func findDisplayName(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	if slashClean(name) == "/" {
-		// Hide the real name of a possibly prefixed root directory.
-		return "", nil
-	}
-	return fi.Name(), nil
-}
-
-func findContentLength(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	return strconv.FormatInt(fi.Size(), 10), nil
-}
-
-func findLastModified(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	return fi.ModTime().Format(http.TimeFormat), nil
-}
-
-func findContentType(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	f, err := fs.OpenFile(name, os.O_RDONLY, 0)
-	if err != nil {
-		return "", err
-	}
-	defer f.Close()
-	// This implementation is based on serveContent's code in the standard net/http package.
-	ctype := mime.TypeByExtension(filepath.Ext(name))
-	if ctype != "" {
-		return ctype, nil
-	}
-	// Read a chunk to decide between utf-8 text and binary.
-	var buf [512]byte
-	n, err := io.ReadFull(f, buf[:])
-	if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
-		return "", err
-	}
-	ctype = http.DetectContentType(buf[:n])
-	// Rewind file.
-	_, err = f.Seek(0, os.SEEK_SET)
-	return ctype, err
-}
-
-func findETag(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	// The Apache http 2.4 web server by default concatenates the
-	// modification time and size of a file. We replicate the heuristic
-	// with nanosecond granularity.
-	return fmt.Sprintf(`"%x%x"`, fi.ModTime().UnixNano(), fi.Size()), nil
-}
-
-func findSupportedLock(fs FileSystem, ls LockSystem, name string, fi os.FileInfo) (string, error) {
-	return `` +
-		`` +
-		`` +
-		`` +
-		``, nil
-}
diff --git a/vendor/golang.org/x/net/webdav/prop_test.go b/vendor/golang.org/x/net/webdav/prop_test.go
deleted file mode 100644
index ad4ec5b1..00000000
--- a/vendor/golang.org/x/net/webdav/prop_test.go
+++ /dev/null
@@ -1,607 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"fmt"
-	"net/http"
-	"os"
-	"reflect"
-	"sort"
-	"testing"
-
-	"golang.org/x/net/webdav/internal/xml"
-)
-
-func TestMemPS(t *testing.T) {
-	// calcProps calculates the getlastmodified and getetag DAV: property
-	// values in pstats for resource name in file-system fs.
-	calcProps := func(name string, fs FileSystem, ls LockSystem, pstats []Propstat) error {
-		fi, err := fs.Stat(name)
-		if err != nil {
-			return err
-		}
-		for _, pst := range pstats {
-			for i, p := range pst.Props {
-				switch p.XMLName {
-				case xml.Name{Space: "DAV:", Local: "getlastmodified"}:
-					p.InnerXML = []byte(fi.ModTime().Format(http.TimeFormat))
-					pst.Props[i] = p
-				case xml.Name{Space: "DAV:", Local: "getetag"}:
-					if fi.IsDir() {
-						continue
-					}
-					etag, err := findETag(fs, ls, name, fi)
-					if err != nil {
-						return err
-					}
-					p.InnerXML = []byte(etag)
-					pst.Props[i] = p
-				}
-			}
-		}
-		return nil
-	}
-
-	const (
-		lockEntry = `` +
-			`` +
-			`` +
-			`` +
-			``
-		statForbiddenError = ``
-	)
-
-	type propOp struct {
-		op            string
-		name          string
-		pnames        []xml.Name
-		patches       []Proppatch
-		wantPnames    []xml.Name
-		wantPropstats []Propstat
-	}
-
-	testCases := []struct {
-		desc        string
-		noDeadProps bool
-		buildfs     []string
-		propOp      []propOp
-	}{{
-		desc:    "propname",
-		buildfs: []string{"mkdir /dir", "touch /file"},
-		propOp: []propOp{{
-			op:   "propname",
-			name: "/dir",
-			wantPnames: []xml.Name{
-				xml.Name{Space: "DAV:", Local: "resourcetype"},
-				xml.Name{Space: "DAV:", Local: "displayname"},
-				xml.Name{Space: "DAV:", Local: "supportedlock"},
-			},
-		}, {
-			op:   "propname",
-			name: "/file",
-			wantPnames: []xml.Name{
-				xml.Name{Space: "DAV:", Local: "resourcetype"},
-				xml.Name{Space: "DAV:", Local: "displayname"},
-				xml.Name{Space: "DAV:", Local: "getcontentlength"},
-				xml.Name{Space: "DAV:", Local: "getlastmodified"},
-				xml.Name{Space: "DAV:", Local: "getcontenttype"},
-				xml.Name{Space: "DAV:", Local: "getetag"},
-				xml.Name{Space: "DAV:", Local: "supportedlock"},
-			},
-		}},
-	}, {
-		desc:    "allprop dir and file",
-		buildfs: []string{"mkdir /dir", "write /file foobarbaz"},
-		propOp: []propOp{{
-			op:   "allprop",
-			name: "/dir",
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "resourcetype"},
-					InnerXML: []byte(``),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "displayname"},
-					InnerXML: []byte("dir"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "supportedlock"},
-					InnerXML: []byte(lockEntry),
-				}},
-			}},
-		}, {
-			op:   "allprop",
-			name: "/file",
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "resourcetype"},
-					InnerXML: []byte(""),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "displayname"},
-					InnerXML: []byte("file"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getcontentlength"},
-					InnerXML: []byte("9"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getlastmodified"},
-					InnerXML: nil, // Calculated during test.
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getcontenttype"},
-					InnerXML: []byte("text/plain; charset=utf-8"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getetag"},
-					InnerXML: nil, // Calculated during test.
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "supportedlock"},
-					InnerXML: []byte(lockEntry),
-				}},
-			}},
-		}, {
-			op:   "allprop",
-			name: "/file",
-			pnames: []xml.Name{
-				{"DAV:", "resourcetype"},
-				{"foo", "bar"},
-			},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "resourcetype"},
-					InnerXML: []byte(""),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "displayname"},
-					InnerXML: []byte("file"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getcontentlength"},
-					InnerXML: []byte("9"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getlastmodified"},
-					InnerXML: nil, // Calculated during test.
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getcontenttype"},
-					InnerXML: []byte("text/plain; charset=utf-8"),
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "getetag"},
-					InnerXML: nil, // Calculated during test.
-				}, {
-					XMLName:  xml.Name{Space: "DAV:", Local: "supportedlock"},
-					InnerXML: []byte(lockEntry),
-				}}}, {
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}}},
-			},
-		}},
-	}, {
-		desc:    "propfind DAV:resourcetype",
-		buildfs: []string{"mkdir /dir", "touch /file"},
-		propOp: []propOp{{
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{"DAV:", "resourcetype"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "resourcetype"},
-					InnerXML: []byte(``),
-				}},
-			}},
-		}, {
-			op:     "propfind",
-			name:   "/file",
-			pnames: []xml.Name{{"DAV:", "resourcetype"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "resourcetype"},
-					InnerXML: []byte(""),
-				}},
-			}},
-		}},
-	}, {
-		desc:    "propfind unsupported DAV properties",
-		buildfs: []string{"mkdir /dir"},
-		propOp: []propOp{{
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{"DAV:", "getcontentlanguage"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "DAV:", Local: "getcontentlanguage"},
-				}},
-			}},
-		}, {
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{"DAV:", "creationdate"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "DAV:", Local: "creationdate"},
-				}},
-			}},
-		}},
-	}, {
-		desc:    "propfind getetag for files but not for directories",
-		buildfs: []string{"mkdir /dir", "touch /file"},
-		propOp: []propOp{{
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{"DAV:", "getetag"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "DAV:", Local: "getetag"},
-				}},
-			}},
-		}, {
-			op:     "propfind",
-			name:   "/file",
-			pnames: []xml.Name{{"DAV:", "getetag"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "getetag"},
-					InnerXML: nil, // Calculated during test.
-				}},
-			}},
-		}},
-	}, {
-		desc:        "proppatch property on no-dead-properties file system",
-		buildfs:     []string{"mkdir /dir"},
-		noDeadProps: true,
-		propOp: []propOp{{
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusForbidden,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}, {
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Props: []Property{{
-					XMLName: xml.Name{Space: "DAV:", Local: "getetag"},
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status:   http.StatusForbidden,
-				XMLError: statForbiddenError,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "DAV:", Local: "getetag"},
-				}},
-			}},
-		}},
-	}, {
-		desc:    "proppatch dead property",
-		buildfs: []string{"mkdir /dir"},
-		propOp: []propOp{{
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "foo", Local: "bar"},
-					InnerXML: []byte("baz"),
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}, {
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{Space: "foo", Local: "bar"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "foo", Local: "bar"},
-					InnerXML: []byte("baz"),
-				}},
-			}},
-		}},
-	}, {
-		desc:    "proppatch dead property with failed dependency",
-		buildfs: []string{"mkdir /dir"},
-		propOp: []propOp{{
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "foo", Local: "bar"},
-					InnerXML: []byte("baz"),
-				}},
-			}, {
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "DAV:", Local: "displayname"},
-					InnerXML: []byte("xxx"),
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status:   http.StatusForbidden,
-				XMLError: statForbiddenError,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "DAV:", Local: "displayname"},
-				}},
-			}, {
-				Status: StatusFailedDependency,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}, {
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{Space: "foo", Local: "bar"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}},
-	}, {
-		desc:    "proppatch remove dead property",
-		buildfs: []string{"mkdir /dir"},
-		propOp: []propOp{{
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "foo", Local: "bar"},
-					InnerXML: []byte("baz"),
-				}, {
-					XMLName:  xml.Name{Space: "spam", Local: "ham"},
-					InnerXML: []byte("eggs"),
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}, {
-					XMLName: xml.Name{Space: "spam", Local: "ham"},
-				}},
-			}},
-		}, {
-			op:   "propfind",
-			name: "/dir",
-			pnames: []xml.Name{
-				{Space: "foo", Local: "bar"},
-				{Space: "spam", Local: "ham"},
-			},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "foo", Local: "bar"},
-					InnerXML: []byte("baz"),
-				}, {
-					XMLName:  xml.Name{Space: "spam", Local: "ham"},
-					InnerXML: []byte("eggs"),
-				}},
-			}},
-		}, {
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Remove: true,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}, {
-			op:   "propfind",
-			name: "/dir",
-			pnames: []xml.Name{
-				{Space: "foo", Local: "bar"},
-				{Space: "spam", Local: "ham"},
-			},
-			wantPropstats: []Propstat{{
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}, {
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "spam", Local: "ham"},
-					InnerXML: []byte("eggs"),
-				}},
-			}},
-		}},
-	}, {
-		desc:    "propname with dead property",
-		buildfs: []string{"touch /file"},
-		propOp: []propOp{{
-			op:   "proppatch",
-			name: "/file",
-			patches: []Proppatch{{
-				Props: []Property{{
-					XMLName:  xml.Name{Space: "foo", Local: "bar"},
-					InnerXML: []byte("baz"),
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}, {
-			op:   "propname",
-			name: "/file",
-			wantPnames: []xml.Name{
-				xml.Name{Space: "DAV:", Local: "resourcetype"},
-				xml.Name{Space: "DAV:", Local: "displayname"},
-				xml.Name{Space: "DAV:", Local: "getcontentlength"},
-				xml.Name{Space: "DAV:", Local: "getlastmodified"},
-				xml.Name{Space: "DAV:", Local: "getcontenttype"},
-				xml.Name{Space: "DAV:", Local: "getetag"},
-				xml.Name{Space: "DAV:", Local: "supportedlock"},
-				xml.Name{Space: "foo", Local: "bar"},
-			},
-		}},
-	}, {
-		desc:    "proppatch remove unknown dead property",
-		buildfs: []string{"mkdir /dir"},
-		propOp: []propOp{{
-			op:   "proppatch",
-			name: "/dir",
-			patches: []Proppatch{{
-				Remove: true,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusOK,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo", Local: "bar"},
-				}},
-			}},
-		}},
-	}, {
-		desc:    "bad: propfind unknown property",
-		buildfs: []string{"mkdir /dir"},
-		propOp: []propOp{{
-			op:     "propfind",
-			name:   "/dir",
-			pnames: []xml.Name{{"foo:", "bar"}},
-			wantPropstats: []Propstat{{
-				Status: http.StatusNotFound,
-				Props: []Property{{
-					XMLName: xml.Name{Space: "foo:", Local: "bar"},
-				}},
-			}},
-		}},
-	}}
-
-	for _, tc := range testCases {
-		fs, err := buildTestFS(tc.buildfs)
-		if err != nil {
-			t.Fatalf("%s: cannot create test filesystem: %v", tc.desc, err)
-		}
-		if tc.noDeadProps {
-			fs = noDeadPropsFS{fs}
-		}
-		ls := NewMemLS()
-		for _, op := range tc.propOp {
-			desc := fmt.Sprintf("%s: %s %s", tc.desc, op.op, op.name)
-			if err = calcProps(op.name, fs, ls, op.wantPropstats); err != nil {
-				t.Fatalf("%s: calcProps: %v", desc, err)
-			}
-
-			// Call property system.
-			var propstats []Propstat
-			switch op.op {
-			case "propname":
-				pnames, err := propnames(fs, ls, op.name)
-				if err != nil {
-					t.Errorf("%s: got error %v, want nil", desc, err)
-					continue
-				}
-				sort.Sort(byXMLName(pnames))
-				sort.Sort(byXMLName(op.wantPnames))
-				if !reflect.DeepEqual(pnames, op.wantPnames) {
-					t.Errorf("%s: pnames\ngot  %q\nwant %q", desc, pnames, op.wantPnames)
-				}
-				continue
-			case "allprop":
-				propstats, err = allprop(fs, ls, op.name, op.pnames)
-			case "propfind":
-				propstats, err = props(fs, ls, op.name, op.pnames)
-			case "proppatch":
-				propstats, err = patch(fs, ls, op.name, op.patches)
-			default:
-				t.Fatalf("%s: %s not implemented", desc, op.op)
-			}
-			if err != nil {
-				t.Errorf("%s: got error %v, want nil", desc, err)
-				continue
-			}
-			// Compare return values from allprop, propfind or proppatch.
-			for _, pst := range propstats {
-				sort.Sort(byPropname(pst.Props))
-			}
-			for _, pst := range op.wantPropstats {
-				sort.Sort(byPropname(pst.Props))
-			}
-			sort.Sort(byStatus(propstats))
-			sort.Sort(byStatus(op.wantPropstats))
-			if !reflect.DeepEqual(propstats, op.wantPropstats) {
-				t.Errorf("%s: propstat\ngot  %q\nwant %q", desc, propstats, op.wantPropstats)
-			}
-		}
-	}
-}
-
-func cmpXMLName(a, b xml.Name) bool {
-	if a.Space != b.Space {
-		return a.Space < b.Space
-	}
-	return a.Local < b.Local
-}
-
-type byXMLName []xml.Name
-
-func (b byXMLName) Len() int           { return len(b) }
-func (b byXMLName) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
-func (b byXMLName) Less(i, j int) bool { return cmpXMLName(b[i], b[j]) }
-
-type byPropname []Property
-
-func (b byPropname) Len() int           { return len(b) }
-func (b byPropname) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
-func (b byPropname) Less(i, j int) bool { return cmpXMLName(b[i].XMLName, b[j].XMLName) }
-
-type byStatus []Propstat
-
-func (b byStatus) Len() int           { return len(b) }
-func (b byStatus) Swap(i, j int)      { b[i], b[j] = b[j], b[i] }
-func (b byStatus) Less(i, j int) bool { return b[i].Status < b[j].Status }
-
-type noDeadPropsFS struct {
-	FileSystem
-}
-
-func (fs noDeadPropsFS) OpenFile(name string, flag int, perm os.FileMode) (File, error) {
-	f, err := fs.FileSystem.OpenFile(name, flag, perm)
-	if err != nil {
-		return nil, err
-	}
-	return noDeadPropsFile{f}, nil
-}
-
-// noDeadPropsFile wraps a File but strips any optional DeadPropsHolder methods
-// provided by the underlying File implementation.
-type noDeadPropsFile struct {
-	f File
-}
-
-func (f noDeadPropsFile) Close() error                              { return f.f.Close() }
-func (f noDeadPropsFile) Read(p []byte) (int, error)                { return f.f.Read(p) }
-func (f noDeadPropsFile) Readdir(count int) ([]os.FileInfo, error)  { return f.f.Readdir(count) }
-func (f noDeadPropsFile) Seek(off int64, whence int) (int64, error) { return f.f.Seek(off, whence) }
-func (f noDeadPropsFile) Stat() (os.FileInfo, error)                { return f.f.Stat() }
-func (f noDeadPropsFile) Write(p []byte) (int, error)               { return f.f.Write(p) }
diff --git a/vendor/golang.org/x/net/webdav/webdav.go b/vendor/golang.org/x/net/webdav/webdav.go
deleted file mode 100644
index df6ef450..00000000
--- a/vendor/golang.org/x/net/webdav/webdav.go
+++ /dev/null
@@ -1,707 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package webdav etc etc TODO.
-package webdav // import "golang.org/x/net/webdav"
-
-import (
-	"errors"
-	"fmt"
-	"io"
-	"log"
-	"net/http"
-	"net/url"
-	"os"
-	"path"
-	"runtime"
-	"strings"
-	"time"
-)
-
-// Package webdav's XML output requires the standard library's encoding/xml
-// package version 1.5 or greater. Otherwise, it will produce malformed XML.
-//
-// As of May 2015, the Go stable release is version 1.4, so we print a message
-// to let users know that this golang.org/x/etc package won't work yet.
-//
-// This package also won't work with Go 1.3 and earlier, but making this
-// runtime version check catch all the earlier versions too, and not just
-// "1.4.x", isn't worth the complexity.
-//
-// TODO: delete this check at some point after Go 1.5 is released.
-var go1Dot4 = strings.HasPrefix(runtime.Version(), "go1.4.")
-
-func init() {
-	if go1Dot4 {
-		log.Println("package webdav requires Go version 1.5 or greater")
-	}
-}
-
-type Handler struct {
-	// Prefix is the URL path prefix to strip from WebDAV resource paths.
-	Prefix string
-	// FileSystem is the virtual file system.
-	FileSystem FileSystem
-	// LockSystem is the lock management system.
-	LockSystem LockSystem
-	// Logger is an optional error logger. If non-nil, it will be called
-	// for all HTTP requests.
-	Logger func(*http.Request, error)
-}
-
-func (h *Handler) stripPrefix(p string) (string, int, error) {
-	if h.Prefix == "" {
-		return p, http.StatusOK, nil
-	}
-	if r := strings.TrimPrefix(p, h.Prefix); len(r) < len(p) {
-		return r, http.StatusOK, nil
-	}
-	return p, http.StatusNotFound, errPrefixMismatch
-}
-
-func (h *Handler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
-	status, err := http.StatusBadRequest, errUnsupportedMethod
-	if h.FileSystem == nil {
-		status, err = http.StatusInternalServerError, errNoFileSystem
-	} else if h.LockSystem == nil {
-		status, err = http.StatusInternalServerError, errNoLockSystem
-	} else {
-		switch r.Method {
-		case "OPTIONS":
-			status, err = h.handleOptions(w, r)
-		case "GET", "HEAD", "POST":
-			status, err = h.handleGetHeadPost(w, r)
-		case "DELETE":
-			status, err = h.handleDelete(w, r)
-		case "PUT":
-			status, err = h.handlePut(w, r)
-		case "MKCOL":
-			status, err = h.handleMkcol(w, r)
-		case "COPY", "MOVE":
-			status, err = h.handleCopyMove(w, r)
-		case "LOCK":
-			status, err = h.handleLock(w, r)
-		case "UNLOCK":
-			status, err = h.handleUnlock(w, r)
-		case "PROPFIND":
-			status, err = h.handlePropfind(w, r)
-		case "PROPPATCH":
-			status, err = h.handleProppatch(w, r)
-		}
-	}
-
-	if status != 0 {
-		w.WriteHeader(status)
-		if status != http.StatusNoContent {
-			w.Write([]byte(StatusText(status)))
-		}
-	}
-	if h.Logger != nil {
-		h.Logger(r, err)
-	}
-}
-
-func (h *Handler) lock(now time.Time, root string) (token string, status int, err error) {
-	token, err = h.LockSystem.Create(now, LockDetails{
-		Root:      root,
-		Duration:  infiniteTimeout,
-		ZeroDepth: true,
-	})
-	if err != nil {
-		if err == ErrLocked {
-			return "", StatusLocked, err
-		}
-		return "", http.StatusInternalServerError, err
-	}
-	return token, 0, nil
-}
-
-func (h *Handler) confirmLocks(r *http.Request, src, dst string) (release func(), status int, err error) {
-	hdr := r.Header.Get("If")
-	if hdr == "" {
-		// An empty If header means that the client hasn't previously created locks.
-		// Even if this client doesn't care about locks, we still need to check that
-		// the resources aren't locked by another client, so we create temporary
-		// locks that would conflict with another client's locks. These temporary
-		// locks are unlocked at the end of the HTTP request.
-		now, srcToken, dstToken := time.Now(), "", ""
-		if src != "" {
-			srcToken, status, err = h.lock(now, src)
-			if err != nil {
-				return nil, status, err
-			}
-		}
-		if dst != "" {
-			dstToken, status, err = h.lock(now, dst)
-			if err != nil {
-				if srcToken != "" {
-					h.LockSystem.Unlock(now, srcToken)
-				}
-				return nil, status, err
-			}
-		}
-
-		return func() {
-			if dstToken != "" {
-				h.LockSystem.Unlock(now, dstToken)
-			}
-			if srcToken != "" {
-				h.LockSystem.Unlock(now, srcToken)
-			}
-		}, 0, nil
-	}
-
-	ih, ok := parseIfHeader(hdr)
-	if !ok {
-		return nil, http.StatusBadRequest, errInvalidIfHeader
-	}
-	// ih is a disjunction (OR) of ifLists, so any ifList will do.
-	for _, l := range ih.lists {
-		lsrc := l.resourceTag
-		if lsrc == "" {
-			lsrc = src
-		} else {
-			u, err := url.Parse(lsrc)
-			if err != nil {
-				continue
-			}
-			if u.Host != r.Host {
-				continue
-			}
-			lsrc = u.Path
-		}
-		release, err = h.LockSystem.Confirm(time.Now(), lsrc, dst, l.conditions...)
-		if err == ErrConfirmationFailed {
-			continue
-		}
-		if err != nil {
-			return nil, http.StatusInternalServerError, err
-		}
-		return release, 0, nil
-	}
-	// Section 10.4.1 says that "If this header is evaluated and all state lists
-	// fail, then the request must fail with a 412 (Precondition Failed) status."
-	// We follow the spec even though the cond_put_corrupt_token test case from
-	// the litmus test warns on seeing a 412 instead of a 423 (Locked).
-	return nil, http.StatusPreconditionFailed, ErrLocked
-}
-
-func (h *Handler) handleOptions(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	allow := "OPTIONS, LOCK, PUT, MKCOL"
-	if fi, err := h.FileSystem.Stat(reqPath); err == nil {
-		if fi.IsDir() {
-			allow = "OPTIONS, LOCK, DELETE, PROPPATCH, COPY, MOVE, UNLOCK, PROPFIND"
-		} else {
-			allow = "OPTIONS, LOCK, GET, HEAD, POST, DELETE, PROPPATCH, COPY, MOVE, UNLOCK, PROPFIND, PUT"
-		}
-	}
-	w.Header().Set("Allow", allow)
-	// http://www.webdav.org/specs/rfc4918.html#dav.compliance.classes
-	w.Header().Set("DAV", "1, 2")
-	// http://msdn.microsoft.com/en-au/library/cc250217.aspx
-	w.Header().Set("MS-Author-Via", "DAV")
-	return 0, nil
-}
-
-func (h *Handler) handleGetHeadPost(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	// TODO: check locks for read-only access??
-	f, err := h.FileSystem.OpenFile(reqPath, os.O_RDONLY, 0)
-	if err != nil {
-		return http.StatusNotFound, err
-	}
-	defer f.Close()
-	fi, err := f.Stat()
-	if err != nil {
-		return http.StatusNotFound, err
-	}
-	if fi.IsDir() {
-		return http.StatusMethodNotAllowed, nil
-	}
-	etag, err := findETag(h.FileSystem, h.LockSystem, reqPath, fi)
-	if err != nil {
-		return http.StatusInternalServerError, err
-	}
-	w.Header().Set("ETag", etag)
-	// Let ServeContent determine the Content-Type header.
-	http.ServeContent(w, r, reqPath, fi.ModTime(), f)
-	return 0, nil
-}
-
-func (h *Handler) handleDelete(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	release, status, err := h.confirmLocks(r, reqPath, "")
-	if err != nil {
-		return status, err
-	}
-	defer release()
-
-	// TODO: return MultiStatus where appropriate.
-
-	// "godoc os RemoveAll" says that "If the path does not exist, RemoveAll
-	// returns nil (no error)." WebDAV semantics are that it should return a
-	// "404 Not Found". We therefore have to Stat before we RemoveAll.
-	if _, err := h.FileSystem.Stat(reqPath); err != nil {
-		if os.IsNotExist(err) {
-			return http.StatusNotFound, err
-		}
-		return http.StatusMethodNotAllowed, err
-	}
-	if err := h.FileSystem.RemoveAll(reqPath); err != nil {
-		return http.StatusMethodNotAllowed, err
-	}
-	return http.StatusNoContent, nil
-}
-
-func (h *Handler) handlePut(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	release, status, err := h.confirmLocks(r, reqPath, "")
-	if err != nil {
-		return status, err
-	}
-	defer release()
-	// TODO(rost): Support the If-Match, If-None-Match headers? See bradfitz'
-	// comments in http.checkEtag.
-
-	f, err := h.FileSystem.OpenFile(reqPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-	if err != nil {
-		return http.StatusNotFound, err
-	}
-	_, copyErr := io.Copy(f, r.Body)
-	fi, statErr := f.Stat()
-	closeErr := f.Close()
-	// TODO(rost): Returning 405 Method Not Allowed might not be appropriate.
-	if copyErr != nil {
-		return http.StatusMethodNotAllowed, copyErr
-	}
-	if statErr != nil {
-		return http.StatusMethodNotAllowed, statErr
-	}
-	if closeErr != nil {
-		return http.StatusMethodNotAllowed, closeErr
-	}
-	etag, err := findETag(h.FileSystem, h.LockSystem, reqPath, fi)
-	if err != nil {
-		return http.StatusInternalServerError, err
-	}
-	w.Header().Set("ETag", etag)
-	return http.StatusCreated, nil
-}
-
-func (h *Handler) handleMkcol(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	release, status, err := h.confirmLocks(r, reqPath, "")
-	if err != nil {
-		return status, err
-	}
-	defer release()
-
-	if r.ContentLength > 0 {
-		return http.StatusUnsupportedMediaType, nil
-	}
-	if err := h.FileSystem.Mkdir(reqPath, 0777); err != nil {
-		if os.IsNotExist(err) {
-			return http.StatusConflict, err
-		}
-		return http.StatusMethodNotAllowed, err
-	}
-	return http.StatusCreated, nil
-}
-
-func (h *Handler) handleCopyMove(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	hdr := r.Header.Get("Destination")
-	if hdr == "" {
-		return http.StatusBadRequest, errInvalidDestination
-	}
-	u, err := url.Parse(hdr)
-	if err != nil {
-		return http.StatusBadRequest, errInvalidDestination
-	}
-	if u.Host != r.Host {
-		return http.StatusBadGateway, errInvalidDestination
-	}
-
-	src, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-
-	dst, status, err := h.stripPrefix(u.Path)
-	if err != nil {
-		return status, err
-	}
-
-	if dst == "" {
-		return http.StatusBadGateway, errInvalidDestination
-	}
-	if dst == src {
-		return http.StatusForbidden, errDestinationEqualsSource
-	}
-
-	if r.Method == "COPY" {
-		// Section 7.5.1 says that a COPY only needs to lock the destination,
-		// not both destination and source. Strictly speaking, this is racy,
-		// even though a COPY doesn't modify the source, if a concurrent
-		// operation modifies the source. However, the litmus test explicitly
-		// checks that COPYing a locked-by-another source is OK.
-		release, status, err := h.confirmLocks(r, "", dst)
-		if err != nil {
-			return status, err
-		}
-		defer release()
-
-		// Section 9.8.3 says that "The COPY method on a collection without a Depth
-		// header must act as if a Depth header with value "infinity" was included".
-		depth := infiniteDepth
-		if hdr := r.Header.Get("Depth"); hdr != "" {
-			depth = parseDepth(hdr)
-			if depth != 0 && depth != infiniteDepth {
-				// Section 9.8.3 says that "A client may submit a Depth header on a
-				// COPY on a collection with a value of "0" or "infinity"."
-				return http.StatusBadRequest, errInvalidDepth
-			}
-		}
-		return copyFiles(h.FileSystem, src, dst, r.Header.Get("Overwrite") != "F", depth, 0)
-	}
-
-	release, status, err := h.confirmLocks(r, src, dst)
-	if err != nil {
-		return status, err
-	}
-	defer release()
-
-	// Section 9.9.2 says that "The MOVE method on a collection must act as if
-	// a "Depth: infinity" header was used on it. A client must not submit a
-	// Depth header on a MOVE on a collection with any value but "infinity"."
-	if hdr := r.Header.Get("Depth"); hdr != "" {
-		if parseDepth(hdr) != infiniteDepth {
-			return http.StatusBadRequest, errInvalidDepth
-		}
-	}
-	return moveFiles(h.FileSystem, src, dst, r.Header.Get("Overwrite") == "T")
-}
-
-func (h *Handler) handleLock(w http.ResponseWriter, r *http.Request) (retStatus int, retErr error) {
-	duration, err := parseTimeout(r.Header.Get("Timeout"))
-	if err != nil {
-		return http.StatusBadRequest, err
-	}
-	li, status, err := readLockInfo(r.Body)
-	if err != nil {
-		return status, err
-	}
-
-	token, ld, now, created := "", LockDetails{}, time.Now(), false
-	if li == (lockInfo{}) {
-		// An empty lockInfo means to refresh the lock.
-		ih, ok := parseIfHeader(r.Header.Get("If"))
-		if !ok {
-			return http.StatusBadRequest, errInvalidIfHeader
-		}
-		if len(ih.lists) == 1 && len(ih.lists[0].conditions) == 1 {
-			token = ih.lists[0].conditions[0].Token
-		}
-		if token == "" {
-			return http.StatusBadRequest, errInvalidLockToken
-		}
-		ld, err = h.LockSystem.Refresh(now, token, duration)
-		if err != nil {
-			if err == ErrNoSuchLock {
-				return http.StatusPreconditionFailed, err
-			}
-			return http.StatusInternalServerError, err
-		}
-
-	} else {
-		// Section 9.10.3 says that "If no Depth header is submitted on a LOCK request,
-		// then the request MUST act as if a "Depth:infinity" had been submitted."
-		depth := infiniteDepth
-		if hdr := r.Header.Get("Depth"); hdr != "" {
-			depth = parseDepth(hdr)
-			if depth != 0 && depth != infiniteDepth {
-				// Section 9.10.3 says that "Values other than 0 or infinity must not be
-				// used with the Depth header on a LOCK method".
-				return http.StatusBadRequest, errInvalidDepth
-			}
-		}
-		reqPath, status, err := h.stripPrefix(r.URL.Path)
-		if err != nil {
-			return status, err
-		}
-		ld = LockDetails{
-			Root:      reqPath,
-			Duration:  duration,
-			OwnerXML:  li.Owner.InnerXML,
-			ZeroDepth: depth == 0,
-		}
-		token, err = h.LockSystem.Create(now, ld)
-		if err != nil {
-			if err == ErrLocked {
-				return StatusLocked, err
-			}
-			return http.StatusInternalServerError, err
-		}
-		defer func() {
-			if retErr != nil {
-				h.LockSystem.Unlock(now, token)
-			}
-		}()
-
-		// Create the resource if it didn't previously exist.
-		if _, err := h.FileSystem.Stat(reqPath); err != nil {
-			f, err := h.FileSystem.OpenFile(reqPath, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
-			if err != nil {
-				// TODO: detect missing intermediate dirs and return http.StatusConflict?
-				return http.StatusInternalServerError, err
-			}
-			f.Close()
-			created = true
-		}
-
-		// http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the
-		// Lock-Token value is a Coded-URL. We add angle brackets.
-		w.Header().Set("Lock-Token", "<"+token+">")
-	}
-
-	w.Header().Set("Content-Type", "application/xml; charset=utf-8")
-	if created {
-		// This is "w.WriteHeader(http.StatusCreated)" and not "return
-		// http.StatusCreated, nil" because we write our own (XML) response to w
-		// and Handler.ServeHTTP would otherwise write "Created".
-		w.WriteHeader(http.StatusCreated)
-	}
-	writeLockInfo(w, token, ld)
-	return 0, nil
-}
-
-func (h *Handler) handleUnlock(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	// http://www.webdav.org/specs/rfc4918.html#HEADER_Lock-Token says that the
-	// Lock-Token value is a Coded-URL. We strip its angle brackets.
-	t := r.Header.Get("Lock-Token")
-	if len(t) < 2 || t[0] != '<' || t[len(t)-1] != '>' {
-		return http.StatusBadRequest, errInvalidLockToken
-	}
-	t = t[1 : len(t)-1]
-
-	switch err = h.LockSystem.Unlock(time.Now(), t); err {
-	case nil:
-		return http.StatusNoContent, err
-	case ErrForbidden:
-		return http.StatusForbidden, err
-	case ErrLocked:
-		return StatusLocked, err
-	case ErrNoSuchLock:
-		return http.StatusConflict, err
-	default:
-		return http.StatusInternalServerError, err
-	}
-}
-
-func (h *Handler) handlePropfind(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	fi, err := h.FileSystem.Stat(reqPath)
-	if err != nil {
-		if os.IsNotExist(err) {
-			return http.StatusNotFound, err
-		}
-		return http.StatusMethodNotAllowed, err
-	}
-	depth := infiniteDepth
-	if hdr := r.Header.Get("Depth"); hdr != "" {
-		depth = parseDepth(hdr)
-		if depth == invalidDepth {
-			return http.StatusBadRequest, errInvalidDepth
-		}
-	}
-	pf, status, err := readPropfind(r.Body)
-	if err != nil {
-		return status, err
-	}
-
-	mw := multistatusWriter{w: w}
-
-	walkFn := func(reqPath string, info os.FileInfo, err error) error {
-		if err != nil {
-			return err
-		}
-		var pstats []Propstat
-		if pf.Propname != nil {
-			pnames, err := propnames(h.FileSystem, h.LockSystem, reqPath)
-			if err != nil {
-				return err
-			}
-			pstat := Propstat{Status: http.StatusOK}
-			for _, xmlname := range pnames {
-				pstat.Props = append(pstat.Props, Property{XMLName: xmlname})
-			}
-			pstats = append(pstats, pstat)
-		} else if pf.Allprop != nil {
-			pstats, err = allprop(h.FileSystem, h.LockSystem, reqPath, pf.Prop)
-		} else {
-			pstats, err = props(h.FileSystem, h.LockSystem, reqPath, pf.Prop)
-		}
-		if err != nil {
-			return err
-		}
-		return mw.write(makePropstatResponse(path.Join(h.Prefix, reqPath), pstats))
-	}
-
-	walkErr := walkFS(h.FileSystem, depth, reqPath, fi, walkFn)
-	closeErr := mw.close()
-	if walkErr != nil {
-		return http.StatusInternalServerError, walkErr
-	}
-	if closeErr != nil {
-		return http.StatusInternalServerError, closeErr
-	}
-	return 0, nil
-}
-
-func (h *Handler) handleProppatch(w http.ResponseWriter, r *http.Request) (status int, err error) {
-	reqPath, status, err := h.stripPrefix(r.URL.Path)
-	if err != nil {
-		return status, err
-	}
-	release, status, err := h.confirmLocks(r, reqPath, "")
-	if err != nil {
-		return status, err
-	}
-	defer release()
-
-	if _, err := h.FileSystem.Stat(reqPath); err != nil {
-		if os.IsNotExist(err) {
-			return http.StatusNotFound, err
-		}
-		return http.StatusMethodNotAllowed, err
-	}
-	patches, status, err := readProppatch(r.Body)
-	if err != nil {
-		return status, err
-	}
-	pstats, err := patch(h.FileSystem, h.LockSystem, reqPath, patches)
-	if err != nil {
-		return http.StatusInternalServerError, err
-	}
-	mw := multistatusWriter{w: w}
-	writeErr := mw.write(makePropstatResponse(r.URL.Path, pstats))
-	closeErr := mw.close()
-	if writeErr != nil {
-		return http.StatusInternalServerError, writeErr
-	}
-	if closeErr != nil {
-		return http.StatusInternalServerError, closeErr
-	}
-	return 0, nil
-}
-
-func makePropstatResponse(href string, pstats []Propstat) *response {
-	resp := response{
-		Href:     []string{(&url.URL{Path: href}).EscapedPath()},
-		Propstat: make([]propstat, 0, len(pstats)),
-	}
-	for _, p := range pstats {
-		var xmlErr *xmlError
-		if p.XMLError != "" {
-			xmlErr = &xmlError{InnerXML: []byte(p.XMLError)}
-		}
-		resp.Propstat = append(resp.Propstat, propstat{
-			Status:              fmt.Sprintf("HTTP/1.1 %d %s", p.Status, StatusText(p.Status)),
-			Prop:                p.Props,
-			ResponseDescription: p.ResponseDescription,
-			Error:               xmlErr,
-		})
-	}
-	return &resp
-}
-
-const (
-	infiniteDepth = -1
-	invalidDepth  = -2
-)
-
-// parseDepth maps the strings "0", "1" and "infinity" to 0, 1 and
-// infiniteDepth. Parsing any other string returns invalidDepth.
-//
-// Different WebDAV methods have further constraints on valid depths:
-//	- PROPFIND has no further restrictions, as per section 9.1.
-//	- COPY accepts only "0" or "infinity", as per section 9.8.3.
-//	- MOVE accepts only "infinity", as per section 9.9.2.
-//	- LOCK accepts only "0" or "infinity", as per section 9.10.3.
-// These constraints are enforced by the handleXxx methods.
-func parseDepth(s string) int {
-	switch s {
-	case "0":
-		return 0
-	case "1":
-		return 1
-	case "infinity":
-		return infiniteDepth
-	}
-	return invalidDepth
-}
-
-// http://www.webdav.org/specs/rfc4918.html#status.code.extensions.to.http11
-const (
-	StatusMulti               = 207
-	StatusUnprocessableEntity = 422
-	StatusLocked              = 423
-	StatusFailedDependency    = 424
-	StatusInsufficientStorage = 507
-)
-
-func StatusText(code int) string {
-	switch code {
-	case StatusMulti:
-		return "Multi-Status"
-	case StatusUnprocessableEntity:
-		return "Unprocessable Entity"
-	case StatusLocked:
-		return "Locked"
-	case StatusFailedDependency:
-		return "Failed Dependency"
-	case StatusInsufficientStorage:
-		return "Insufficient Storage"
-	}
-	return http.StatusText(code)
-}
-
-var (
-	errDestinationEqualsSource = errors.New("webdav: destination equals source")
-	errDirectoryNotEmpty       = errors.New("webdav: directory not empty")
-	errInvalidDepth            = errors.New("webdav: invalid depth")
-	errInvalidDestination      = errors.New("webdav: invalid destination")
-	errInvalidIfHeader         = errors.New("webdav: invalid If header")
-	errInvalidLockInfo         = errors.New("webdav: invalid lock info")
-	errInvalidLockToken        = errors.New("webdav: invalid lock token")
-	errInvalidPropfind         = errors.New("webdav: invalid propfind")
-	errInvalidProppatch        = errors.New("webdav: invalid proppatch")
-	errInvalidResponse         = errors.New("webdav: invalid response")
-	errInvalidTimeout          = errors.New("webdav: invalid timeout")
-	errNoFileSystem            = errors.New("webdav: no file system")
-	errNoLockSystem            = errors.New("webdav: no lock system")
-	errNotADirectory           = errors.New("webdav: not a directory")
-	errPrefixMismatch          = errors.New("webdav: prefix mismatch")
-	errRecursionTooDeep        = errors.New("webdav: recursion too deep")
-	errUnsupportedLockInfo     = errors.New("webdav: unsupported lock info")
-	errUnsupportedMethod       = errors.New("webdav: unsupported method")
-)
diff --git a/vendor/golang.org/x/net/webdav/webdav_test.go b/vendor/golang.org/x/net/webdav/webdav_test.go
deleted file mode 100644
index 70a3bf2c..00000000
--- a/vendor/golang.org/x/net/webdav/webdav_test.go
+++ /dev/null
@@ -1,242 +0,0 @@
-// Copyright 2015 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"errors"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"os"
-	"reflect"
-	"regexp"
-	"sort"
-	"strings"
-	"testing"
-)
-
-// TODO: add tests to check XML responses with the expected prefix path
-func TestPrefix(t *testing.T) {
-	const dst, blah = "Destination", "blah blah blah"
-
-	do := func(method, urlStr string, body io.Reader, wantStatusCode int, headers ...string) error {
-		req, err := http.NewRequest(method, urlStr, body)
-		if err != nil {
-			return err
-		}
-		for len(headers) >= 2 {
-			req.Header.Add(headers[0], headers[1])
-			headers = headers[2:]
-		}
-		res, err := http.DefaultClient.Do(req)
-		if err != nil {
-			return err
-		}
-		defer res.Body.Close()
-		if res.StatusCode != wantStatusCode {
-			return fmt.Errorf("got status code %d, want %d", res.StatusCode, wantStatusCode)
-		}
-		return nil
-	}
-
-	prefixes := []string{
-		"/",
-		"/a/",
-		"/a/b/",
-		"/a/b/c/",
-	}
-	for _, prefix := range prefixes {
-		fs := NewMemFS()
-		h := &Handler{
-			FileSystem: fs,
-			LockSystem: NewMemLS(),
-		}
-		mux := http.NewServeMux()
-		if prefix != "/" {
-			h.Prefix = prefix
-		}
-		mux.Handle(prefix, h)
-		srv := httptest.NewServer(mux)
-		defer srv.Close()
-
-		// The script is:
-		//	MKCOL /a
-		//	MKCOL /a/b
-		//	PUT   /a/b/c
-		//	COPY  /a/b/c /a/b/d
-		//	MKCOL /a/b/e
-		//	MOVE  /a/b/d /a/b/e/f
-		// which should yield the (possibly stripped) filenames /a/b/c and
-		// /a/b/e/f, plus their parent directories.
-
-		wantA := map[string]int{
-			"/":       http.StatusCreated,
-			"/a/":     http.StatusMovedPermanently,
-			"/a/b/":   http.StatusNotFound,
-			"/a/b/c/": http.StatusNotFound,
-		}[prefix]
-		if err := do("MKCOL", srv.URL+"/a", nil, wantA); err != nil {
-			t.Errorf("prefix=%-9q MKCOL /a: %v", prefix, err)
-			continue
-		}
-
-		wantB := map[string]int{
-			"/":       http.StatusCreated,
-			"/a/":     http.StatusCreated,
-			"/a/b/":   http.StatusMovedPermanently,
-			"/a/b/c/": http.StatusNotFound,
-		}[prefix]
-		if err := do("MKCOL", srv.URL+"/a/b", nil, wantB); err != nil {
-			t.Errorf("prefix=%-9q MKCOL /a/b: %v", prefix, err)
-			continue
-		}
-
-		wantC := map[string]int{
-			"/":       http.StatusCreated,
-			"/a/":     http.StatusCreated,
-			"/a/b/":   http.StatusCreated,
-			"/a/b/c/": http.StatusMovedPermanently,
-		}[prefix]
-		if err := do("PUT", srv.URL+"/a/b/c", strings.NewReader(blah), wantC); err != nil {
-			t.Errorf("prefix=%-9q PUT /a/b/c: %v", prefix, err)
-			continue
-		}
-
-		wantD := map[string]int{
-			"/":       http.StatusCreated,
-			"/a/":     http.StatusCreated,
-			"/a/b/":   http.StatusCreated,
-			"/a/b/c/": http.StatusMovedPermanently,
-		}[prefix]
-		if err := do("COPY", srv.URL+"/a/b/c", nil, wantD, dst, srv.URL+"/a/b/d"); err != nil {
-			t.Errorf("prefix=%-9q COPY /a/b/c /a/b/d: %v", prefix, err)
-			continue
-		}
-
-		wantE := map[string]int{
-			"/":       http.StatusCreated,
-			"/a/":     http.StatusCreated,
-			"/a/b/":   http.StatusCreated,
-			"/a/b/c/": http.StatusNotFound,
-		}[prefix]
-		if err := do("MKCOL", srv.URL+"/a/b/e", nil, wantE); err != nil {
-			t.Errorf("prefix=%-9q MKCOL /a/b/e: %v", prefix, err)
-			continue
-		}
-
-		wantF := map[string]int{
-			"/":       http.StatusCreated,
-			"/a/":     http.StatusCreated,
-			"/a/b/":   http.StatusCreated,
-			"/a/b/c/": http.StatusNotFound,
-		}[prefix]
-		if err := do("MOVE", srv.URL+"/a/b/d", nil, wantF, dst, srv.URL+"/a/b/e/f"); err != nil {
-			t.Errorf("prefix=%-9q MOVE /a/b/d /a/b/e/f: %v", prefix, err)
-			continue
-		}
-
-		got, err := find(nil, fs, "/")
-		if err != nil {
-			t.Errorf("prefix=%-9q find: %v", prefix, err)
-			continue
-		}
-		sort.Strings(got)
-		want := map[string][]string{
-			"/":       []string{"/", "/a", "/a/b", "/a/b/c", "/a/b/e", "/a/b/e/f"},
-			"/a/":     []string{"/", "/b", "/b/c", "/b/e", "/b/e/f"},
-			"/a/b/":   []string{"/", "/c", "/e", "/e/f"},
-			"/a/b/c/": []string{"/"},
-		}[prefix]
-		if !reflect.DeepEqual(got, want) {
-			t.Errorf("prefix=%-9q find:\ngot  %v\nwant %v", prefix, got, want)
-			continue
-		}
-	}
-}
-
-func TestFilenameEscape(t *testing.T) {
-	re := regexp.MustCompile(`([^<]*)`)
-	do := func(method, urlStr string) (string, error) {
-		req, err := http.NewRequest(method, urlStr, nil)
-		if err != nil {
-			return "", err
-		}
-		res, err := http.DefaultClient.Do(req)
-		if err != nil {
-			return "", err
-		}
-		defer res.Body.Close()
-
-		b, err := ioutil.ReadAll(res.Body)
-		if err != nil {
-			return "", err
-		}
-		m := re.FindStringSubmatch(string(b))
-		if len(m) != 2 {
-			return "", errors.New("D:href not found")
-		}
-
-		return m[1], nil
-	}
-
-	testCases := []struct {
-		name, want string
-	}{{
-		name: `/foo%bar`,
-		want: `/foo%25bar`,
-	}, {
-		name: `/こんにちわ世界`,
-		want: `/%E3%81%93%E3%82%93%E3%81%AB%E3%81%A1%E3%82%8F%E4%B8%96%E7%95%8C`,
-	}, {
-		name: `/Program Files/`,
-		want: `/Program%20Files`,
-	}, {
-		name: `/go+lang`,
-		want: `/go+lang`,
-	}, {
-		name: `/go&lang`,
-		want: `/go&lang`,
-	}}
-	fs := NewMemFS()
-	for _, tc := range testCases {
-		if strings.HasSuffix(tc.name, "/") {
-			if err := fs.Mkdir(tc.name, 0755); err != nil {
-				t.Fatalf("name=%q: Mkdir: %v", tc.name, err)
-			}
-		} else {
-			f, err := fs.OpenFile(tc.name, os.O_CREATE, 0644)
-			if err != nil {
-				t.Fatalf("name=%q: OpenFile: %v", tc.name, err)
-			}
-			f.Close()
-		}
-	}
-
-	srv := httptest.NewServer(&Handler{
-		FileSystem: fs,
-		LockSystem: NewMemLS(),
-	})
-	defer srv.Close()
-
-	u, err := url.Parse(srv.URL)
-	if err != nil {
-		t.Fatal(err)
-	}
-
-	for _, tc := range testCases {
-		u.Path = tc.name
-		got, err := do("PROPFIND", u.String())
-		if err != nil {
-			t.Errorf("name=%q: PROPFIND: %v", tc.name, err)
-			continue
-		}
-		if got != tc.want {
-			t.Errorf("name=%q: got %q, want %q", tc.name, got, tc.want)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/webdav/xml.go b/vendor/golang.org/x/net/webdav/xml.go
deleted file mode 100644
index 8705cda2..00000000
--- a/vendor/golang.org/x/net/webdav/xml.go
+++ /dev/null
@@ -1,469 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-// The XML encoding is covered by Section 14.
-// http://www.webdav.org/specs/rfc4918.html#xml.element.definitions
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"net/http"
-	"time"
-
-	"golang.org/x/net/webdav/internal/xml"
-)
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_lockinfo
-type lockInfo struct {
-	XMLName   xml.Name  `xml:"lockinfo"`
-	Exclusive *struct{} `xml:"lockscope>exclusive"`
-	Shared    *struct{} `xml:"lockscope>shared"`
-	Write     *struct{} `xml:"locktype>write"`
-	Owner     owner     `xml:"owner"`
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_owner
-type owner struct {
-	InnerXML string `xml:",innerxml"`
-}
-
-func readLockInfo(r io.Reader) (li lockInfo, status int, err error) {
-	c := &countingReader{r: r}
-	if err = xml.NewDecoder(c).Decode(&li); err != nil {
-		if err == io.EOF {
-			if c.n == 0 {
-				// An empty body means to refresh the lock.
-				// http://www.webdav.org/specs/rfc4918.html#refreshing-locks
-				return lockInfo{}, 0, nil
-			}
-			err = errInvalidLockInfo
-		}
-		return lockInfo{}, http.StatusBadRequest, err
-	}
-	// We only support exclusive (non-shared) write locks. In practice, these are
-	// the only types of locks that seem to matter.
-	if li.Exclusive == nil || li.Shared != nil || li.Write == nil {
-		return lockInfo{}, http.StatusNotImplemented, errUnsupportedLockInfo
-	}
-	return li, 0, nil
-}
-
-type countingReader struct {
-	n int
-	r io.Reader
-}
-
-func (c *countingReader) Read(p []byte) (int, error) {
-	n, err := c.r.Read(p)
-	c.n += n
-	return n, err
-}
-
-func writeLockInfo(w io.Writer, token string, ld LockDetails) (int, error) {
-	depth := "infinity"
-	if ld.ZeroDepth {
-		depth = "0"
-	}
-	timeout := ld.Duration / time.Second
-	return fmt.Fprintf(w, "\n"+
-		"\n"+
-		"	\n"+
-		"	\n"+
-		"	%s\n"+
-		"	%s\n"+
-		"	Second-%d\n"+
-		"	%s\n"+
-		"	%s\n"+
-		"",
-		depth, ld.OwnerXML, timeout, escape(token), escape(ld.Root),
-	)
-}
-
-func escape(s string) string {
-	for i := 0; i < len(s); i++ {
-		switch s[i] {
-		case '"', '&', '\'', '<', '>':
-			b := bytes.NewBuffer(nil)
-			xml.EscapeText(b, []byte(s))
-			return b.String()
-		}
-	}
-	return s
-}
-
-// Next returns the next token, if any, in the XML stream of d.
-// RFC 4918 requires to ignore comments, processing instructions
-// and directives.
-// http://www.webdav.org/specs/rfc4918.html#property_values
-// http://www.webdav.org/specs/rfc4918.html#xml-extensibility
-func next(d *xml.Decoder) (xml.Token, error) {
-	for {
-		t, err := d.Token()
-		if err != nil {
-			return t, err
-		}
-		switch t.(type) {
-		case xml.Comment, xml.Directive, xml.ProcInst:
-			continue
-		default:
-			return t, nil
-		}
-	}
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_prop (for propfind)
-type propfindProps []xml.Name
-
-// UnmarshalXML appends the property names enclosed within start to pn.
-//
-// It returns an error if start does not contain any properties or if
-// properties contain values. Character data between properties is ignored.
-func (pn *propfindProps) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
-	for {
-		t, err := next(d)
-		if err != nil {
-			return err
-		}
-		switch t.(type) {
-		case xml.EndElement:
-			if len(*pn) == 0 {
-				return fmt.Errorf("%s must not be empty", start.Name.Local)
-			}
-			return nil
-		case xml.StartElement:
-			name := t.(xml.StartElement).Name
-			t, err = next(d)
-			if err != nil {
-				return err
-			}
-			if _, ok := t.(xml.EndElement); !ok {
-				return fmt.Errorf("unexpected token %T", t)
-			}
-			*pn = append(*pn, name)
-		}
-	}
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_propfind
-type propfind struct {
-	XMLName  xml.Name      `xml:"DAV: propfind"`
-	Allprop  *struct{}     `xml:"DAV: allprop"`
-	Propname *struct{}     `xml:"DAV: propname"`
-	Prop     propfindProps `xml:"DAV: prop"`
-	Include  propfindProps `xml:"DAV: include"`
-}
-
-func readPropfind(r io.Reader) (pf propfind, status int, err error) {
-	c := countingReader{r: r}
-	if err = xml.NewDecoder(&c).Decode(&pf); err != nil {
-		if err == io.EOF {
-			if c.n == 0 {
-				// An empty body means to propfind allprop.
-				// http://www.webdav.org/specs/rfc4918.html#METHOD_PROPFIND
-				return propfind{Allprop: new(struct{})}, 0, nil
-			}
-			err = errInvalidPropfind
-		}
-		return propfind{}, http.StatusBadRequest, err
-	}
-
-	if pf.Allprop == nil && pf.Include != nil {
-		return propfind{}, http.StatusBadRequest, errInvalidPropfind
-	}
-	if pf.Allprop != nil && (pf.Prop != nil || pf.Propname != nil) {
-		return propfind{}, http.StatusBadRequest, errInvalidPropfind
-	}
-	if pf.Prop != nil && pf.Propname != nil {
-		return propfind{}, http.StatusBadRequest, errInvalidPropfind
-	}
-	if pf.Propname == nil && pf.Allprop == nil && pf.Prop == nil {
-		return propfind{}, http.StatusBadRequest, errInvalidPropfind
-	}
-	return pf, 0, nil
-}
-
-// Property represents a single DAV resource property as defined in RFC 4918.
-// See http://www.webdav.org/specs/rfc4918.html#data.model.for.resource.properties
-type Property struct {
-	// XMLName is the fully qualified name that identifies this property.
-	XMLName xml.Name
-
-	// Lang is an optional xml:lang attribute.
-	Lang string `xml:"xml:lang,attr,omitempty"`
-
-	// InnerXML contains the XML representation of the property value.
-	// See http://www.webdav.org/specs/rfc4918.html#property_values
-	//
-	// Property values of complex type or mixed-content must have fully
-	// expanded XML namespaces or be self-contained with according
-	// XML namespace declarations. They must not rely on any XML
-	// namespace declarations within the scope of the XML document,
-	// even including the DAV: namespace.
-	InnerXML []byte `xml:",innerxml"`
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_error
-// See multistatusWriter for the "D:" namespace prefix.
-type xmlError struct {
-	XMLName  xml.Name `xml:"D:error"`
-	InnerXML []byte   `xml:",innerxml"`
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_propstat
-// See multistatusWriter for the "D:" namespace prefix.
-type propstat struct {
-	Prop                []Property `xml:"D:prop>_ignored_"`
-	Status              string     `xml:"D:status"`
-	Error               *xmlError  `xml:"D:error"`
-	ResponseDescription string     `xml:"D:responsedescription,omitempty"`
-}
-
-// MarshalXML prepends the "D:" namespace prefix on properties in the DAV: namespace
-// before encoding. See multistatusWriter.
-func (ps propstat) MarshalXML(e *xml.Encoder, start xml.StartElement) error {
-	for k, prop := range ps.Prop {
-		if prop.XMLName.Space == "DAV:" {
-			prop.XMLName = xml.Name{Space: "", Local: "D:" + prop.XMLName.Local}
-			ps.Prop[k] = prop
-		}
-	}
-	// Distinct type to avoid infinite recursion of MarshalXML.
-	type newpropstat propstat
-	return e.EncodeElement(newpropstat(ps), start)
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_response
-// See multistatusWriter for the "D:" namespace prefix.
-type response struct {
-	XMLName             xml.Name   `xml:"D:response"`
-	Href                []string   `xml:"D:href"`
-	Propstat            []propstat `xml:"D:propstat"`
-	Status              string     `xml:"D:status,omitempty"`
-	Error               *xmlError  `xml:"D:error"`
-	ResponseDescription string     `xml:"D:responsedescription,omitempty"`
-}
-
-// MultistatusWriter marshals one or more Responses into a XML
-// multistatus response.
-// See http://www.webdav.org/specs/rfc4918.html#ELEMENT_multistatus
-// TODO(rsto, mpl): As a workaround, the "D:" namespace prefix, defined as
-// "DAV:" on this element, is prepended on the nested response, as well as on all
-// its nested elements. All property names in the DAV: namespace are prefixed as
-// well. This is because some versions of Mini-Redirector (on windows 7) ignore
-// elements with a default namespace (no prefixed namespace). A less intrusive fix
-// should be possible after golang.org/cl/11074. See https://golang.org/issue/11177
-type multistatusWriter struct {
-	// ResponseDescription contains the optional responsedescription
-	// of the multistatus XML element. Only the latest content before
-	// close will be emitted. Empty response descriptions are not
-	// written.
-	responseDescription string
-
-	w   http.ResponseWriter
-	enc *xml.Encoder
-}
-
-// Write validates and emits a DAV response as part of a multistatus response
-// element.
-//
-// It sets the HTTP status code of its underlying http.ResponseWriter to 207
-// (Multi-Status) and populates the Content-Type header. If r is the
-// first, valid response to be written, Write prepends the XML representation
-// of r with a multistatus tag. Callers must call close after the last response
-// has been written.
-func (w *multistatusWriter) write(r *response) error {
-	switch len(r.Href) {
-	case 0:
-		return errInvalidResponse
-	case 1:
-		if len(r.Propstat) > 0 != (r.Status == "") {
-			return errInvalidResponse
-		}
-	default:
-		if len(r.Propstat) > 0 || r.Status == "" {
-			return errInvalidResponse
-		}
-	}
-	err := w.writeHeader()
-	if err != nil {
-		return err
-	}
-	return w.enc.Encode(r)
-}
-
-// writeHeader writes a XML multistatus start element on w's underlying
-// http.ResponseWriter and returns the result of the write operation.
-// After the first write attempt, writeHeader becomes a no-op.
-func (w *multistatusWriter) writeHeader() error {
-	if w.enc != nil {
-		return nil
-	}
-	w.w.Header().Add("Content-Type", "text/xml; charset=utf-8")
-	w.w.WriteHeader(StatusMulti)
-	_, err := fmt.Fprintf(w.w, ``)
-	if err != nil {
-		return err
-	}
-	w.enc = xml.NewEncoder(w.w)
-	return w.enc.EncodeToken(xml.StartElement{
-		Name: xml.Name{
-			Space: "DAV:",
-			Local: "multistatus",
-		},
-		Attr: []xml.Attr{{
-			Name:  xml.Name{Space: "xmlns", Local: "D"},
-			Value: "DAV:",
-		}},
-	})
-}
-
-// Close completes the marshalling of the multistatus response. It returns
-// an error if the multistatus response could not be completed. If both the
-// return value and field enc of w are nil, then no multistatus response has
-// been written.
-func (w *multistatusWriter) close() error {
-	if w.enc == nil {
-		return nil
-	}
-	var end []xml.Token
-	if w.responseDescription != "" {
-		name := xml.Name{Space: "DAV:", Local: "responsedescription"}
-		end = append(end,
-			xml.StartElement{Name: name},
-			xml.CharData(w.responseDescription),
-			xml.EndElement{Name: name},
-		)
-	}
-	end = append(end, xml.EndElement{
-		Name: xml.Name{Space: "DAV:", Local: "multistatus"},
-	})
-	for _, t := range end {
-		err := w.enc.EncodeToken(t)
-		if err != nil {
-			return err
-		}
-	}
-	return w.enc.Flush()
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_prop (for proppatch)
-type proppatchProps []Property
-
-var xmlLangName = xml.Name{Space: "http://www.w3.org/XML/1998/namespace", Local: "lang"}
-
-func xmlLang(s xml.StartElement, d string) string {
-	for _, attr := range s.Attr {
-		if attr.Name == xmlLangName {
-			return attr.Value
-		}
-	}
-	return d
-}
-
-type xmlValue []byte
-
-func (v *xmlValue) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
-	// The XML value of a property can be arbitrary, mixed-content XML.
-	// To make sure that the unmarshalled value contains all required
-	// namespaces, we encode all the property value XML tokens into a
-	// buffer. This forces the encoder to redeclare any used namespaces.
-	var b bytes.Buffer
-	e := xml.NewEncoder(&b)
-	for {
-		t, err := next(d)
-		if err != nil {
-			return err
-		}
-		if e, ok := t.(xml.EndElement); ok && e.Name == start.Name {
-			break
-		}
-		if err = e.EncodeToken(t); err != nil {
-			return err
-		}
-	}
-	err := e.Flush()
-	if err != nil {
-		return err
-	}
-	*v = b.Bytes()
-	return nil
-}
-
-// UnmarshalXML appends the property names and values enclosed within start
-// to ps.
-//
-// An xml:lang attribute that is defined either on the DAV:prop or property
-// name XML element is propagated to the property's Lang field.
-//
-// UnmarshalXML returns an error if start does not contain any properties or if
-// property values contain syntactically incorrect XML.
-func (ps *proppatchProps) UnmarshalXML(d *xml.Decoder, start xml.StartElement) error {
-	lang := xmlLang(start, "")
-	for {
-		t, err := next(d)
-		if err != nil {
-			return err
-		}
-		switch elem := t.(type) {
-		case xml.EndElement:
-			if len(*ps) == 0 {
-				return fmt.Errorf("%s must not be empty", start.Name.Local)
-			}
-			return nil
-		case xml.StartElement:
-			p := Property{
-				XMLName: t.(xml.StartElement).Name,
-				Lang:    xmlLang(t.(xml.StartElement), lang),
-			}
-			err = d.DecodeElement(((*xmlValue)(&p.InnerXML)), &elem)
-			if err != nil {
-				return err
-			}
-			*ps = append(*ps, p)
-		}
-	}
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_set
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_remove
-type setRemove struct {
-	XMLName xml.Name
-	Lang    string         `xml:"xml:lang,attr,omitempty"`
-	Prop    proppatchProps `xml:"DAV: prop"`
-}
-
-// http://www.webdav.org/specs/rfc4918.html#ELEMENT_propertyupdate
-type propertyupdate struct {
-	XMLName   xml.Name    `xml:"DAV: propertyupdate"`
-	Lang      string      `xml:"xml:lang,attr,omitempty"`
-	SetRemove []setRemove `xml:",any"`
-}
-
-func readProppatch(r io.Reader) (patches []Proppatch, status int, err error) {
-	var pu propertyupdate
-	if err = xml.NewDecoder(r).Decode(&pu); err != nil {
-		return nil, http.StatusBadRequest, err
-	}
-	for _, op := range pu.SetRemove {
-		remove := false
-		switch op.XMLName {
-		case xml.Name{Space: "DAV:", Local: "set"}:
-			// No-op.
-		case xml.Name{Space: "DAV:", Local: "remove"}:
-			for _, p := range op.Prop {
-				if len(p.InnerXML) > 0 {
-					return nil, http.StatusBadRequest, errInvalidProppatch
-				}
-			}
-			remove = true
-		default:
-			return nil, http.StatusBadRequest, errInvalidProppatch
-		}
-		patches = append(patches, Proppatch{Remove: remove, Props: op.Prop})
-	}
-	return patches, 0, nil
-}
diff --git a/vendor/golang.org/x/net/webdav/xml_test.go b/vendor/golang.org/x/net/webdav/xml_test.go
deleted file mode 100644
index bc5641f4..00000000
--- a/vendor/golang.org/x/net/webdav/xml_test.go
+++ /dev/null
@@ -1,909 +0,0 @@
-// Copyright 2014 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package webdav
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"reflect"
-	"sort"
-	"strings"
-	"testing"
-
-	"golang.org/x/net/webdav/internal/xml"
-)
-
-func TestReadLockInfo(t *testing.T) {
-	// The "section x.y.z" test cases come from section x.y.z of the spec at
-	// http://www.webdav.org/specs/rfc4918.html
-	testCases := []struct {
-		desc       string
-		input      string
-		wantLI     lockInfo
-		wantStatus int
-	}{{
-		"bad: junk",
-		"xxx",
-		lockInfo{},
-		http.StatusBadRequest,
-	}, {
-		"bad: invalid owner XML",
-		"" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"  \n" +
-			"       no end tag   \n" +
-			"  \n" +
-			"",
-		lockInfo{},
-		http.StatusBadRequest,
-	}, {
-		"bad: invalid UTF-8",
-		"" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"  \n" +
-			"       \xff   \n" +
-			"  \n" +
-			"",
-		lockInfo{},
-		http.StatusBadRequest,
-	}, {
-		"bad: unfinished XML #1",
-		"" +
-			"\n" +
-			"  \n" +
-			"  \n",
-		lockInfo{},
-		http.StatusBadRequest,
-	}, {
-		"bad: unfinished XML #2",
-		"" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"  \n",
-		lockInfo{},
-		http.StatusBadRequest,
-	}, {
-		"good: empty",
-		"",
-		lockInfo{},
-		0,
-	}, {
-		"good: plain-text owner",
-		"" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"  gopher\n" +
-			"",
-		lockInfo{
-			XMLName:   xml.Name{Space: "DAV:", Local: "lockinfo"},
-			Exclusive: new(struct{}),
-			Write:     new(struct{}),
-			Owner: owner{
-				InnerXML: "gopher",
-			},
-		},
-		0,
-	}, {
-		"section 9.10.7",
-		"" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"  \n" +
-			"    http://example.org/~ejw/contact.html\n" +
-			"  \n" +
-			"",
-		lockInfo{
-			XMLName:   xml.Name{Space: "DAV:", Local: "lockinfo"},
-			Exclusive: new(struct{}),
-			Write:     new(struct{}),
-			Owner: owner{
-				InnerXML: "\n    http://example.org/~ejw/contact.html\n  ",
-			},
-		},
-		0,
-	}}
-
-	for _, tc := range testCases {
-		li, status, err := readLockInfo(strings.NewReader(tc.input))
-		if tc.wantStatus != 0 {
-			if err == nil {
-				t.Errorf("%s: got nil error, want non-nil", tc.desc)
-				continue
-			}
-		} else if err != nil {
-			t.Errorf("%s: %v", tc.desc, err)
-			continue
-		}
-		if !reflect.DeepEqual(li, tc.wantLI) || status != tc.wantStatus {
-			t.Errorf("%s:\ngot  lockInfo=%v, status=%v\nwant lockInfo=%v, status=%v",
-				tc.desc, li, status, tc.wantLI, tc.wantStatus)
-			continue
-		}
-	}
-}
-
-func TestReadPropfind(t *testing.T) {
-	testCases := []struct {
-		desc       string
-		input      string
-		wantPF     propfind
-		wantStatus int
-	}{{
-		desc: "propfind: propname",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"",
-		wantPF: propfind{
-			XMLName:  xml.Name{Space: "DAV:", Local: "propfind"},
-			Propname: new(struct{}),
-		},
-	}, {
-		desc:  "propfind: empty body means allprop",
-		input: "",
-		wantPF: propfind{
-			Allprop: new(struct{}),
-		},
-	}, {
-		desc: "propfind: allprop",
-		input: "" +
-			"\n" +
-			"   \n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Allprop: new(struct{}),
-		},
-	}, {
-		desc: "propfind: allprop followed by include",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Allprop: new(struct{}),
-			Include: propfindProps{xml.Name{Space: "DAV:", Local: "displayname"}},
-		},
-	}, {
-		desc: "propfind: include followed by allprop",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Allprop: new(struct{}),
-			Include: propfindProps{xml.Name{Space: "DAV:", Local: "displayname"}},
-		},
-	}, {
-		desc: "propfind: propfind",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Prop:    propfindProps{xml.Name{Space: "DAV:", Local: "displayname"}},
-		},
-	}, {
-		desc: "propfind: prop with ignored comments",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"    \n" +
-			"    \n" +
-			"  \n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Prop:    propfindProps{xml.Name{Space: "DAV:", Local: "displayname"}},
-		},
-	}, {
-		desc: "propfind: propfind with ignored whitespace",
-		input: "" +
-			"\n" +
-			"     \n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Prop:    propfindProps{xml.Name{Space: "DAV:", Local: "displayname"}},
-		},
-	}, {
-		desc: "propfind: propfind with ignored mixed-content",
-		input: "" +
-			"\n" +
-			"  foobar\n" +
-			"",
-		wantPF: propfind{
-			XMLName: xml.Name{Space: "DAV:", Local: "propfind"},
-			Prop:    propfindProps{xml.Name{Space: "DAV:", Local: "displayname"}},
-		},
-	}, {
-		desc: "propfind: propname with ignored element (section A.4)",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"  *boss*\n" +
-			"",
-		wantPF: propfind{
-			XMLName:  xml.Name{Space: "DAV:", Local: "propfind"},
-			Propname: new(struct{}),
-		},
-	}, {
-		desc:       "propfind: bad: junk",
-		input:      "xxx",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: propname and allprop (section A.3)",
-		input: "" +
-			"\n" +
-			"  " +
-			"  " +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: propname and prop",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: allprop and prop",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"  \n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: empty propfind with ignored element (section A.4)",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: empty prop",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: prop with just chardata",
-		input: "" +
-			"\n" +
-			"  foo\n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "bad: interrupted prop",
-		input: "" +
-			"\n" +
-			"  \n",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "bad: malformed end element prop",
-		input: "" +
-			"\n" +
-			"  \n",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: property with chardata value",
-		input: "" +
-			"\n" +
-			"  bar\n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: property with whitespace value",
-		input: "" +
-			"\n" +
-			"   \n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "propfind: bad: include without allprop",
-		input: "" +
-			"\n" +
-			"  \n" +
-			"",
-		wantStatus: http.StatusBadRequest,
-	}}
-
-	for _, tc := range testCases {
-		pf, status, err := readPropfind(strings.NewReader(tc.input))
-		if tc.wantStatus != 0 {
-			if err == nil {
-				t.Errorf("%s: got nil error, want non-nil", tc.desc)
-				continue
-			}
-		} else if err != nil {
-			t.Errorf("%s: %v", tc.desc, err)
-			continue
-		}
-		if !reflect.DeepEqual(pf, tc.wantPF) || status != tc.wantStatus {
-			t.Errorf("%s:\ngot  propfind=%v, status=%v\nwant propfind=%v, status=%v",
-				tc.desc, pf, status, tc.wantPF, tc.wantStatus)
-			continue
-		}
-	}
-}
-
-func TestMultistatusWriter(t *testing.T) {
-	if go1Dot4 {
-		t.Skip("TestMultistatusWriter requires Go version 1.5 or greater")
-	}
-
-	///The "section x.y.z" test cases come from section x.y.z of the spec at
-	// http://www.webdav.org/specs/rfc4918.html
-	testCases := []struct {
-		desc        string
-		responses   []response
-		respdesc    string
-		writeHeader bool
-		wantXML     string
-		wantCode    int
-		wantErr     error
-	}{{
-		desc: "section 9.2.2 (failed dependency)",
-		responses: []response{{
-			Href: []string{"http://example.com/foo"},
-			Propstat: []propstat{{
-				Prop: []Property{{
-					XMLName: xml.Name{
-						Space: "http://ns.example.com/",
-						Local: "Authors",
-					},
-				}},
-				Status: "HTTP/1.1 424 Failed Dependency",
-			}, {
-				Prop: []Property{{
-					XMLName: xml.Name{
-						Space: "http://ns.example.com/",
-						Local: "Copyright-Owner",
-					},
-				}},
-				Status: "HTTP/1.1 409 Conflict",
-			}},
-			ResponseDescription: "Copyright Owner cannot be deleted or altered.",
-		}},
-		wantXML: `` +
-			`` +
-			`` +
-			`  ` +
-			`    http://example.com/foo` +
-			`    ` +
-			`      ` +
-			`        ` +
-			`      ` +
-			`      HTTP/1.1 424 Failed Dependency` +
-			`    ` +
-			`    ` +
-			`      ` +
-			`        ` +
-			`      ` +
-			`      HTTP/1.1 409 Conflict` +
-			`    ` +
-			`  Copyright Owner cannot be deleted or altered.` +
-			`` +
-			``,
-		wantCode: StatusMulti,
-	}, {
-		desc: "section 9.6.2 (lock-token-submitted)",
-		responses: []response{{
-			Href:   []string{"http://example.com/foo"},
-			Status: "HTTP/1.1 423 Locked",
-			Error: &xmlError{
-				InnerXML: []byte(``),
-			},
-		}},
-		wantXML: `` +
-			`` +
-			`` +
-			`  ` +
-			`    http://example.com/foo` +
-			`    HTTP/1.1 423 Locked` +
-			`    ` +
-			`  ` +
-			``,
-		wantCode: StatusMulti,
-	}, {
-		desc: "section 9.1.3",
-		responses: []response{{
-			Href: []string{"http://example.com/foo"},
-			Propstat: []propstat{{
-				Prop: []Property{{
-					XMLName: xml.Name{Space: "http://ns.example.com/boxschema/", Local: "bigbox"},
-					InnerXML: []byte(`` +
-						`` +
-						`Box type A` +
-						``),
-				}, {
-					XMLName: xml.Name{Space: "http://ns.example.com/boxschema/", Local: "author"},
-					InnerXML: []byte(`` +
-						`` +
-						`J.J. Johnson` +
-						``),
-				}},
-				Status: "HTTP/1.1 200 OK",
-			}, {
-				Prop: []Property{{
-					XMLName: xml.Name{Space: "http://ns.example.com/boxschema/", Local: "DingALing"},
-				}, {
-					XMLName: xml.Name{Space: "http://ns.example.com/boxschema/", Local: "Random"},
-				}},
-				Status:              "HTTP/1.1 403 Forbidden",
-				ResponseDescription: "The user does not have access to the DingALing property.",
-			}},
-		}},
-		respdesc: "There has been an access violation error.",
-		wantXML: `` +
-			`` +
-			`` +
-			`  ` +
-			`    http://example.com/foo` +
-			`    ` +
-			`      ` +
-			`        Box type A` +
-			`        J.J. Johnson` +
-			`      ` +
-			`      HTTP/1.1 200 OK` +
-			`    ` +
-			`    ` +
-			`      ` +
-			`        ` +
-			`        ` +
-			`      ` +
-			`      HTTP/1.1 403 Forbidden` +
-			`      The user does not have access to the DingALing property.` +
-			`    ` +
-			`  ` +
-			`  There has been an access violation error.` +
-			``,
-		wantCode: StatusMulti,
-	}, {
-		desc: "no response written",
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}, {
-		desc:     "no response written (with description)",
-		respdesc: "too bad",
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}, {
-		desc:        "empty multistatus with header",
-		writeHeader: true,
-		wantXML:     ``,
-		wantCode:    StatusMulti,
-	}, {
-		desc: "bad: no href",
-		responses: []response{{
-			Propstat: []propstat{{
-				Prop: []Property{{
-					XMLName: xml.Name{
-						Space: "http://example.com/",
-						Local: "foo",
-					},
-				}},
-				Status: "HTTP/1.1 200 OK",
-			}},
-		}},
-		wantErr: errInvalidResponse,
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}, {
-		desc: "bad: multiple hrefs and no status",
-		responses: []response{{
-			Href: []string{"http://example.com/foo", "http://example.com/bar"},
-		}},
-		wantErr: errInvalidResponse,
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}, {
-		desc: "bad: one href and no propstat",
-		responses: []response{{
-			Href: []string{"http://example.com/foo"},
-		}},
-		wantErr: errInvalidResponse,
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}, {
-		desc: "bad: status with one href and propstat",
-		responses: []response{{
-			Href: []string{"http://example.com/foo"},
-			Propstat: []propstat{{
-				Prop: []Property{{
-					XMLName: xml.Name{
-						Space: "http://example.com/",
-						Local: "foo",
-					},
-				}},
-				Status: "HTTP/1.1 200 OK",
-			}},
-			Status: "HTTP/1.1 200 OK",
-		}},
-		wantErr: errInvalidResponse,
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}, {
-		desc: "bad: multiple hrefs and propstat",
-		responses: []response{{
-			Href: []string{
-				"http://example.com/foo",
-				"http://example.com/bar",
-			},
-			Propstat: []propstat{{
-				Prop: []Property{{
-					XMLName: xml.Name{
-						Space: "http://example.com/",
-						Local: "foo",
-					},
-				}},
-				Status: "HTTP/1.1 200 OK",
-			}},
-		}},
-		wantErr: errInvalidResponse,
-		// default of http.responseWriter
-		wantCode: http.StatusOK,
-	}}
-
-	n := xmlNormalizer{omitWhitespace: true}
-loop:
-	for _, tc := range testCases {
-		rec := httptest.NewRecorder()
-		w := multistatusWriter{w: rec, responseDescription: tc.respdesc}
-		if tc.writeHeader {
-			if err := w.writeHeader(); err != nil {
-				t.Errorf("%s: got writeHeader error %v, want nil", tc.desc, err)
-				continue
-			}
-		}
-		for _, r := range tc.responses {
-			if err := w.write(&r); err != nil {
-				if err != tc.wantErr {
-					t.Errorf("%s: got write error %v, want %v",
-						tc.desc, err, tc.wantErr)
-				}
-				continue loop
-			}
-		}
-		if err := w.close(); err != tc.wantErr {
-			t.Errorf("%s: got close error %v, want %v",
-				tc.desc, err, tc.wantErr)
-			continue
-		}
-		if rec.Code != tc.wantCode {
-			t.Errorf("%s: got HTTP status code %d, want %d\n",
-				tc.desc, rec.Code, tc.wantCode)
-			continue
-		}
-		gotXML := rec.Body.String()
-		eq, err := n.equalXML(strings.NewReader(gotXML), strings.NewReader(tc.wantXML))
-		if err != nil {
-			t.Errorf("%s: equalXML: %v", tc.desc, err)
-			continue
-		}
-		if !eq {
-			t.Errorf("%s: XML body\ngot  %s\nwant %s", tc.desc, gotXML, tc.wantXML)
-		}
-	}
-}
-
-func TestReadProppatch(t *testing.T) {
-	ppStr := func(pps []Proppatch) string {
-		var outer []string
-		for _, pp := range pps {
-			var inner []string
-			for _, p := range pp.Props {
-				inner = append(inner, fmt.Sprintf("{XMLName: %q, Lang: %q, InnerXML: %q}",
-					p.XMLName, p.Lang, p.InnerXML))
-			}
-			outer = append(outer, fmt.Sprintf("{Remove: %t, Props: [%s]}",
-				pp.Remove, strings.Join(inner, ", ")))
-		}
-		return "[" + strings.Join(outer, ", ") + "]"
-	}
-
-	testCases := []struct {
-		desc       string
-		input      string
-		wantPP     []Proppatch
-		wantStatus int
-	}{{
-		desc: "proppatch: section 9.2 (with simple property value)",
-		input: `` +
-			`` +
-			`` +
-			`    ` +
-			`         somevalue` +
-			`    ` +
-			`    ` +
-			`         ` +
-			`    ` +
-			``,
-		wantPP: []Proppatch{{
-			Props: []Property{{
-				xml.Name{Space: "http://ns.example.com/z/", Local: "Authors"},
-				"",
-				[]byte(`somevalue`),
-			}},
-		}, {
-			Remove: true,
-			Props: []Property{{
-				xml.Name{Space: "http://ns.example.com/z/", Local: "Copyright-Owner"},
-				"",
-				nil,
-			}},
-		}},
-	}, {
-		desc: "proppatch: lang attribute on prop",
-		input: `` +
-			`` +
-			`` +
-			`    ` +
-			`         ` +
-			`              ` +
-			`         ` +
-			`    ` +
-			``,
-		wantPP: []Proppatch{{
-			Props: []Property{{
-				xml.Name{Space: "http://example.com/ns", Local: "foo"},
-				"en",
-				nil,
-			}},
-		}},
-	}, {
-		desc: "bad: remove with value",
-		input: `` +
-			`` +
-			`` +
-			`    ` +
-			`         ` +
-			`              ` +
-			`              Jim Whitehead` +
-			`              ` +
-			`         ` +
-			`    ` +
-			``,
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "bad: empty propertyupdate",
-		input: `` +
-			`` +
-			``,
-		wantStatus: http.StatusBadRequest,
-	}, {
-		desc: "bad: empty prop",
-		input: `` +
-			`` +
-			`` +
-			`    ` +
-			`        ` +
-			`    ` +
-			``,
-		wantStatus: http.StatusBadRequest,
-	}}
-
-	for _, tc := range testCases {
-		pp, status, err := readProppatch(strings.NewReader(tc.input))
-		if tc.wantStatus != 0 {
-			if err == nil {
-				t.Errorf("%s: got nil error, want non-nil", tc.desc)
-				continue
-			}
-		} else if err != nil {
-			t.Errorf("%s: %v", tc.desc, err)
-			continue
-		}
-		if status != tc.wantStatus {
-			t.Errorf("%s: got status %d, want %d", tc.desc, status, tc.wantStatus)
-			continue
-		}
-		if !reflect.DeepEqual(pp, tc.wantPP) || status != tc.wantStatus {
-			t.Errorf("%s: proppatch\ngot  %v\nwant %v", tc.desc, ppStr(pp), ppStr(tc.wantPP))
-		}
-	}
-}
-
-func TestUnmarshalXMLValue(t *testing.T) {
-	testCases := []struct {
-		desc    string
-		input   string
-		wantVal string
-	}{{
-		desc:    "simple char data",
-		input:   "foo",
-		wantVal: "foo",
-	}, {
-		desc:    "empty element",
-		input:   "",
-		wantVal: "",
-	}, {
-		desc:    "preserve namespace",
-		input:   ``,
-		wantVal: ``,
-	}, {
-		desc:    "preserve root element namespace",
-		input:   ``,
-		wantVal: ``,
-	}, {
-		desc:    "preserve whitespace",
-		input:   "  \t ",
-		wantVal: "  \t ",
-	}, {
-		desc:    "preserve mixed content",
-		input:   `  a  `,
-		wantVal: `  a  `,
-	}, {
-		desc: "section 9.2",
-		input: `` +
-			`` +
-			`  Jim Whitehead` +
-			`  Roy Fielding` +
-			``,
-		wantVal: `` +
-			`  Jim Whitehead` +
-			`  Roy Fielding`,
-	}, {
-		desc: "section 4.3.1 (mixed content)",
-		input: `` +
-			`` +
-			`  Jane Doe` +
-			`  ` +
-			`  mailto:jane.doe@example.com` +
-			`  http://www.example.com` +
-			`  ` +
-			`    Jane has been working way too long on the` +
-			`    long-awaited revision of ]]>.` +
-			`  ` +
-			``,
-		wantVal: `` +
-			`  Jane Doe` +
-			`  ` +
-			`  mailto:jane.doe@example.com` +
-			`  http://www.example.com` +
-			`  ` +
-			`    Jane has been working way too long on the` +
-			`    long-awaited revision of <RFC2518>.` +
-			`  `,
-	}}
-
-	var n xmlNormalizer
-	for _, tc := range testCases {
-		d := xml.NewDecoder(strings.NewReader(tc.input))
-		var v xmlValue
-		if err := d.Decode(&v); err != nil {
-			t.Errorf("%s: got error %v, want nil", tc.desc, err)
-			continue
-		}
-		eq, err := n.equalXML(bytes.NewReader(v), strings.NewReader(tc.wantVal))
-		if err != nil {
-			t.Errorf("%s: equalXML: %v", tc.desc, err)
-			continue
-		}
-		if !eq {
-			t.Errorf("%s:\ngot  %s\nwant %s", tc.desc, string(v), tc.wantVal)
-		}
-	}
-}
-
-// xmlNormalizer normalizes XML.
-type xmlNormalizer struct {
-	// omitWhitespace instructs to ignore whitespace between element tags.
-	omitWhitespace bool
-	// omitComments instructs to ignore XML comments.
-	omitComments bool
-}
-
-// normalize writes the normalized XML content of r to w. It applies the
-// following rules
-//
-//     * Rename namespace prefixes according to an internal heuristic.
-//     * Remove unnecessary namespace declarations.
-//     * Sort attributes in XML start elements in lexical order of their
-//       fully qualified name.
-//     * Remove XML directives and processing instructions.
-//     * Remove CDATA between XML tags that only contains whitespace, if
-//       instructed to do so.
-//     * Remove comments, if instructed to do so.
-//
-func (n *xmlNormalizer) normalize(w io.Writer, r io.Reader) error {
-	d := xml.NewDecoder(r)
-	e := xml.NewEncoder(w)
-	for {
-		t, err := d.Token()
-		if err != nil {
-			if t == nil && err == io.EOF {
-				break
-			}
-			return err
-		}
-		switch val := t.(type) {
-		case xml.Directive, xml.ProcInst:
-			continue
-		case xml.Comment:
-			if n.omitComments {
-				continue
-			}
-		case xml.CharData:
-			if n.omitWhitespace && len(bytes.TrimSpace(val)) == 0 {
-				continue
-			}
-		case xml.StartElement:
-			start, _ := xml.CopyToken(val).(xml.StartElement)
-			attr := start.Attr[:0]
-			for _, a := range start.Attr {
-				if a.Name.Space == "xmlns" || a.Name.Local == "xmlns" {
-					continue
-				}
-				attr = append(attr, a)
-			}
-			sort.Sort(byName(attr))
-			start.Attr = attr
-			t = start
-		}
-		err = e.EncodeToken(t)
-		if err != nil {
-			return err
-		}
-	}
-	return e.Flush()
-}
-
-// equalXML tests for equality of the normalized XML contents of a and b.
-func (n *xmlNormalizer) equalXML(a, b io.Reader) (bool, error) {
-	var buf bytes.Buffer
-	if err := n.normalize(&buf, a); err != nil {
-		return false, err
-	}
-	normA := buf.String()
-	buf.Reset()
-	if err := n.normalize(&buf, b); err != nil {
-		return false, err
-	}
-	normB := buf.String()
-	return normA == normB, nil
-}
-
-type byName []xml.Attr
-
-func (a byName) Len() int      { return len(a) }
-func (a byName) Swap(i, j int) { a[i], a[j] = a[j], a[i] }
-func (a byName) Less(i, j int) bool {
-	if a[i].Name.Space != a[j].Name.Space {
-		return a[i].Name.Space < a[j].Name.Space
-	}
-	return a[i].Name.Local < a[j].Name.Local
-}
diff --git a/vendor/golang.org/x/net/websocket/client.go b/vendor/golang.org/x/net/websocket/client.go
deleted file mode 100644
index 20d1e1e3..00000000
--- a/vendor/golang.org/x/net/websocket/client.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket
-
-import (
-	"bufio"
-	"crypto/tls"
-	"io"
-	"net"
-	"net/http"
-	"net/url"
-)
-
-// DialError is an error that occurs while dialling a websocket server.
-type DialError struct {
-	*Config
-	Err error
-}
-
-func (e *DialError) Error() string {
-	return "websocket.Dial " + e.Config.Location.String() + ": " + e.Err.Error()
-}
-
-// NewConfig creates a new WebSocket config for client connection.
-func NewConfig(server, origin string) (config *Config, err error) {
-	config = new(Config)
-	config.Version = ProtocolVersionHybi13
-	config.Location, err = url.ParseRequestURI(server)
-	if err != nil {
-		return
-	}
-	config.Origin, err = url.ParseRequestURI(origin)
-	if err != nil {
-		return
-	}
-	config.Header = http.Header(make(map[string][]string))
-	return
-}
-
-// NewClient creates a new WebSocket client connection over rwc.
-func NewClient(config *Config, rwc io.ReadWriteCloser) (ws *Conn, err error) {
-	br := bufio.NewReader(rwc)
-	bw := bufio.NewWriter(rwc)
-	err = hybiClientHandshake(config, br, bw)
-	if err != nil {
-		return
-	}
-	buf := bufio.NewReadWriter(br, bw)
-	ws = newHybiClientConn(config, buf, rwc)
-	return
-}
-
-// Dial opens a new client connection to a WebSocket.
-func Dial(url_, protocol, origin string) (ws *Conn, err error) {
-	config, err := NewConfig(url_, origin)
-	if err != nil {
-		return nil, err
-	}
-	if protocol != "" {
-		config.Protocol = []string{protocol}
-	}
-	return DialConfig(config)
-}
-
-var portMap = map[string]string{
-	"ws":  "80",
-	"wss": "443",
-}
-
-func parseAuthority(location *url.URL) string {
-	if _, ok := portMap[location.Scheme]; ok {
-		if _, _, err := net.SplitHostPort(location.Host); err != nil {
-			return net.JoinHostPort(location.Host, portMap[location.Scheme])
-		}
-	}
-	return location.Host
-}
-
-// DialConfig opens a new client connection to a WebSocket with a config.
-func DialConfig(config *Config) (ws *Conn, err error) {
-	var client net.Conn
-	if config.Location == nil {
-		return nil, &DialError{config, ErrBadWebSocketLocation}
-	}
-	if config.Origin == nil {
-		return nil, &DialError{config, ErrBadWebSocketOrigin}
-	}
-	switch config.Location.Scheme {
-	case "ws":
-		client, err = net.Dial("tcp", parseAuthority(config.Location))
-
-	case "wss":
-		client, err = tls.Dial("tcp", parseAuthority(config.Location), config.TlsConfig)
-
-	default:
-		err = ErrBadScheme
-	}
-	if err != nil {
-		goto Error
-	}
-
-	ws, err = NewClient(config, client)
-	if err != nil {
-		client.Close()
-		goto Error
-	}
-	return
-
-Error:
-	return nil, &DialError{config, err}
-}
diff --git a/vendor/golang.org/x/net/websocket/exampledial_test.go b/vendor/golang.org/x/net/websocket/exampledial_test.go
deleted file mode 100644
index 72bb9d48..00000000
--- a/vendor/golang.org/x/net/websocket/exampledial_test.go
+++ /dev/null
@@ -1,31 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket_test
-
-import (
-	"fmt"
-	"log"
-
-	"golang.org/x/net/websocket"
-)
-
-// This example demonstrates a trivial client.
-func ExampleDial() {
-	origin := "http://localhost/"
-	url := "ws://localhost:12345/ws"
-	ws, err := websocket.Dial(url, "", origin)
-	if err != nil {
-		log.Fatal(err)
-	}
-	if _, err := ws.Write([]byte("hello, world!\n")); err != nil {
-		log.Fatal(err)
-	}
-	var msg = make([]byte, 512)
-	var n int
-	if n, err = ws.Read(msg); err != nil {
-		log.Fatal(err)
-	}
-	fmt.Printf("Received: %s.\n", msg[:n])
-}
diff --git a/vendor/golang.org/x/net/websocket/examplehandler_test.go b/vendor/golang.org/x/net/websocket/examplehandler_test.go
deleted file mode 100644
index f22a98fc..00000000
--- a/vendor/golang.org/x/net/websocket/examplehandler_test.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright 2012 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket_test
-
-import (
-	"io"
-	"net/http"
-
-	"golang.org/x/net/websocket"
-)
-
-// Echo the data received on the WebSocket.
-func EchoServer(ws *websocket.Conn) {
-	io.Copy(ws, ws)
-}
-
-// This example demonstrates a trivial echo server.
-func ExampleHandler() {
-	http.Handle("/echo", websocket.Handler(EchoServer))
-	err := http.ListenAndServe(":12345", nil)
-	if err != nil {
-		panic("ListenAndServe: " + err.Error())
-	}
-}
diff --git a/vendor/golang.org/x/net/websocket/hybi.go b/vendor/golang.org/x/net/websocket/hybi.go
deleted file mode 100644
index 60bbc841..00000000
--- a/vendor/golang.org/x/net/websocket/hybi.go
+++ /dev/null
@@ -1,586 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket
-
-// This file implements a protocol of hybi draft.
-// http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17
-
-import (
-	"bufio"
-	"bytes"
-	"crypto/rand"
-	"crypto/sha1"
-	"encoding/base64"
-	"encoding/binary"
-	"fmt"
-	"io"
-	"io/ioutil"
-	"net/http"
-	"net/url"
-	"strings"
-)
-
-const (
-	websocketGUID = "258EAFA5-E914-47DA-95CA-C5AB0DC85B11"
-
-	closeStatusNormal            = 1000
-	closeStatusGoingAway         = 1001
-	closeStatusProtocolError     = 1002
-	closeStatusUnsupportedData   = 1003
-	closeStatusFrameTooLarge     = 1004
-	closeStatusNoStatusRcvd      = 1005
-	closeStatusAbnormalClosure   = 1006
-	closeStatusBadMessageData    = 1007
-	closeStatusPolicyViolation   = 1008
-	closeStatusTooBigData        = 1009
-	closeStatusExtensionMismatch = 1010
-
-	maxControlFramePayloadLength = 125
-)
-
-var (
-	ErrBadMaskingKey         = &ProtocolError{"bad masking key"}
-	ErrBadPongMessage        = &ProtocolError{"bad pong message"}
-	ErrBadClosingStatus      = &ProtocolError{"bad closing status"}
-	ErrUnsupportedExtensions = &ProtocolError{"unsupported extensions"}
-	ErrNotImplemented        = &ProtocolError{"not implemented"}
-
-	handshakeHeader = map[string]bool{
-		"Host":                   true,
-		"Upgrade":                true,
-		"Connection":             true,
-		"Sec-Websocket-Key":      true,
-		"Sec-Websocket-Origin":   true,
-		"Sec-Websocket-Version":  true,
-		"Sec-Websocket-Protocol": true,
-		"Sec-Websocket-Accept":   true,
-	}
-)
-
-// A hybiFrameHeader is a frame header as defined in hybi draft.
-type hybiFrameHeader struct {
-	Fin        bool
-	Rsv        [3]bool
-	OpCode     byte
-	Length     int64
-	MaskingKey []byte
-
-	data *bytes.Buffer
-}
-
-// A hybiFrameReader is a reader for hybi frame.
-type hybiFrameReader struct {
-	reader io.Reader
-
-	header hybiFrameHeader
-	pos    int64
-	length int
-}
-
-func (frame *hybiFrameReader) Read(msg []byte) (n int, err error) {
-	n, err = frame.reader.Read(msg)
-	if err != nil {
-		return 0, err
-	}
-	if frame.header.MaskingKey != nil {
-		for i := 0; i < n; i++ {
-			msg[i] = msg[i] ^ frame.header.MaskingKey[frame.pos%4]
-			frame.pos++
-		}
-	}
-	return n, err
-}
-
-func (frame *hybiFrameReader) PayloadType() byte { return frame.header.OpCode }
-
-func (frame *hybiFrameReader) HeaderReader() io.Reader {
-	if frame.header.data == nil {
-		return nil
-	}
-	if frame.header.data.Len() == 0 {
-		return nil
-	}
-	return frame.header.data
-}
-
-func (frame *hybiFrameReader) TrailerReader() io.Reader { return nil }
-
-func (frame *hybiFrameReader) Len() (n int) { return frame.length }
-
-// A hybiFrameReaderFactory creates new frame reader based on its frame type.
-type hybiFrameReaderFactory struct {
-	*bufio.Reader
-}
-
-// NewFrameReader reads a frame header from the connection, and creates new reader for the frame.
-// See Section 5.2 Base Framing protocol for detail.
-// http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17#section-5.2
-func (buf hybiFrameReaderFactory) NewFrameReader() (frame frameReader, err error) {
-	hybiFrame := new(hybiFrameReader)
-	frame = hybiFrame
-	var header []byte
-	var b byte
-	// First byte. FIN/RSV1/RSV2/RSV3/OpCode(4bits)
-	b, err = buf.ReadByte()
-	if err != nil {
-		return
-	}
-	header = append(header, b)
-	hybiFrame.header.Fin = ((header[0] >> 7) & 1) != 0
-	for i := 0; i < 3; i++ {
-		j := uint(6 - i)
-		hybiFrame.header.Rsv[i] = ((header[0] >> j) & 1) != 0
-	}
-	hybiFrame.header.OpCode = header[0] & 0x0f
-
-	// Second byte. Mask/Payload len(7bits)
-	b, err = buf.ReadByte()
-	if err != nil {
-		return
-	}
-	header = append(header, b)
-	mask := (b & 0x80) != 0
-	b &= 0x7f
-	lengthFields := 0
-	switch {
-	case b <= 125: // Payload length 7bits.
-		hybiFrame.header.Length = int64(b)
-	case b == 126: // Payload length 7+16bits
-		lengthFields = 2
-	case b == 127: // Payload length 7+64bits
-		lengthFields = 8
-	}
-	for i := 0; i < lengthFields; i++ {
-		b, err = buf.ReadByte()
-		if err != nil {
-			return
-		}
-		if lengthFields == 8 && i == 0 { // MSB must be zero when 7+64 bits
-			b &= 0x7f
-		}
-		header = append(header, b)
-		hybiFrame.header.Length = hybiFrame.header.Length*256 + int64(b)
-	}
-	if mask {
-		// Masking key. 4 bytes.
-		for i := 0; i < 4; i++ {
-			b, err = buf.ReadByte()
-			if err != nil {
-				return
-			}
-			header = append(header, b)
-			hybiFrame.header.MaskingKey = append(hybiFrame.header.MaskingKey, b)
-		}
-	}
-	hybiFrame.reader = io.LimitReader(buf.Reader, hybiFrame.header.Length)
-	hybiFrame.header.data = bytes.NewBuffer(header)
-	hybiFrame.length = len(header) + int(hybiFrame.header.Length)
-	return
-}
-
-// A HybiFrameWriter is a writer for hybi frame.
-type hybiFrameWriter struct {
-	writer *bufio.Writer
-
-	header *hybiFrameHeader
-}
-
-func (frame *hybiFrameWriter) Write(msg []byte) (n int, err error) {
-	var header []byte
-	var b byte
-	if frame.header.Fin {
-		b |= 0x80
-	}
-	for i := 0; i < 3; i++ {
-		if frame.header.Rsv[i] {
-			j := uint(6 - i)
-			b |= 1 << j
-		}
-	}
-	b |= frame.header.OpCode
-	header = append(header, b)
-	if frame.header.MaskingKey != nil {
-		b = 0x80
-	} else {
-		b = 0
-	}
-	lengthFields := 0
-	length := len(msg)
-	switch {
-	case length <= 125:
-		b |= byte(length)
-	case length < 65536:
-		b |= 126
-		lengthFields = 2
-	default:
-		b |= 127
-		lengthFields = 8
-	}
-	header = append(header, b)
-	for i := 0; i < lengthFields; i++ {
-		j := uint((lengthFields - i - 1) * 8)
-		b = byte((length >> j) & 0xff)
-		header = append(header, b)
-	}
-	if frame.header.MaskingKey != nil {
-		if len(frame.header.MaskingKey) != 4 {
-			return 0, ErrBadMaskingKey
-		}
-		header = append(header, frame.header.MaskingKey...)
-		frame.writer.Write(header)
-		data := make([]byte, length)
-		for i := range data {
-			data[i] = msg[i] ^ frame.header.MaskingKey[i%4]
-		}
-		frame.writer.Write(data)
-		err = frame.writer.Flush()
-		return length, err
-	}
-	frame.writer.Write(header)
-	frame.writer.Write(msg)
-	err = frame.writer.Flush()
-	return length, err
-}
-
-func (frame *hybiFrameWriter) Close() error { return nil }
-
-type hybiFrameWriterFactory struct {
-	*bufio.Writer
-	needMaskingKey bool
-}
-
-func (buf hybiFrameWriterFactory) NewFrameWriter(payloadType byte) (frame frameWriter, err error) {
-	frameHeader := &hybiFrameHeader{Fin: true, OpCode: payloadType}
-	if buf.needMaskingKey {
-		frameHeader.MaskingKey, err = generateMaskingKey()
-		if err != nil {
-			return nil, err
-		}
-	}
-	return &hybiFrameWriter{writer: buf.Writer, header: frameHeader}, nil
-}
-
-type hybiFrameHandler struct {
-	conn        *Conn
-	payloadType byte
-}
-
-func (handler *hybiFrameHandler) HandleFrame(frame frameReader) (frameReader, error) {
-	if handler.conn.IsServerConn() {
-		// The client MUST mask all frames sent to the server.
-		if frame.(*hybiFrameReader).header.MaskingKey == nil {
-			handler.WriteClose(closeStatusProtocolError)
-			return nil, io.EOF
-		}
-	} else {
-		// The server MUST NOT mask all frames.
-		if frame.(*hybiFrameReader).header.MaskingKey != nil {
-			handler.WriteClose(closeStatusProtocolError)
-			return nil, io.EOF
-		}
-	}
-	if header := frame.HeaderReader(); header != nil {
-		io.Copy(ioutil.Discard, header)
-	}
-	switch frame.PayloadType() {
-	case ContinuationFrame:
-		frame.(*hybiFrameReader).header.OpCode = handler.payloadType
-	case TextFrame, BinaryFrame:
-		handler.payloadType = frame.PayloadType()
-	case CloseFrame:
-		return nil, io.EOF
-	case PingFrame, PongFrame:
-		b := make([]byte, maxControlFramePayloadLength)
-		n, err := io.ReadFull(frame, b)
-		if err != nil && err != io.EOF && err != io.ErrUnexpectedEOF {
-			return nil, err
-		}
-		io.Copy(ioutil.Discard, frame)
-		if frame.PayloadType() == PingFrame {
-			if _, err := handler.WritePong(b[:n]); err != nil {
-				return nil, err
-			}
-		}
-		return nil, nil
-	}
-	return frame, nil
-}
-
-func (handler *hybiFrameHandler) WriteClose(status int) (err error) {
-	handler.conn.wio.Lock()
-	defer handler.conn.wio.Unlock()
-	w, err := handler.conn.frameWriterFactory.NewFrameWriter(CloseFrame)
-	if err != nil {
-		return err
-	}
-	msg := make([]byte, 2)
-	binary.BigEndian.PutUint16(msg, uint16(status))
-	_, err = w.Write(msg)
-	w.Close()
-	return err
-}
-
-func (handler *hybiFrameHandler) WritePong(msg []byte) (n int, err error) {
-	handler.conn.wio.Lock()
-	defer handler.conn.wio.Unlock()
-	w, err := handler.conn.frameWriterFactory.NewFrameWriter(PongFrame)
-	if err != nil {
-		return 0, err
-	}
-	n, err = w.Write(msg)
-	w.Close()
-	return n, err
-}
-
-// newHybiConn creates a new WebSocket connection speaking hybi draft protocol.
-func newHybiConn(config *Config, buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) *Conn {
-	if buf == nil {
-		br := bufio.NewReader(rwc)
-		bw := bufio.NewWriter(rwc)
-		buf = bufio.NewReadWriter(br, bw)
-	}
-	ws := &Conn{config: config, request: request, buf: buf, rwc: rwc,
-		frameReaderFactory: hybiFrameReaderFactory{buf.Reader},
-		frameWriterFactory: hybiFrameWriterFactory{
-			buf.Writer, request == nil},
-		PayloadType:        TextFrame,
-		defaultCloseStatus: closeStatusNormal}
-	ws.frameHandler = &hybiFrameHandler{conn: ws}
-	return ws
-}
-
-// generateMaskingKey generates a masking key for a frame.
-func generateMaskingKey() (maskingKey []byte, err error) {
-	maskingKey = make([]byte, 4)
-	if _, err = io.ReadFull(rand.Reader, maskingKey); err != nil {
-		return
-	}
-	return
-}
-
-// generateNonce generates a nonce consisting of a randomly selected 16-byte
-// value that has been base64-encoded.
-func generateNonce() (nonce []byte) {
-	key := make([]byte, 16)
-	if _, err := io.ReadFull(rand.Reader, key); err != nil {
-		panic(err)
-	}
-	nonce = make([]byte, 24)
-	base64.StdEncoding.Encode(nonce, key)
-	return
-}
-
-// removeZone removes IPv6 zone identifer from host.
-// E.g., "[fe80::1%en0]:8080" to "[fe80::1]:8080"
-func removeZone(host string) string {
-	if !strings.HasPrefix(host, "[") {
-		return host
-	}
-	i := strings.LastIndex(host, "]")
-	if i < 0 {
-		return host
-	}
-	j := strings.LastIndex(host[:i], "%")
-	if j < 0 {
-		return host
-	}
-	return host[:j] + host[i:]
-}
-
-// getNonceAccept computes the base64-encoded SHA-1 of the concatenation of
-// the nonce ("Sec-WebSocket-Key" value) with the websocket GUID string.
-func getNonceAccept(nonce []byte) (expected []byte, err error) {
-	h := sha1.New()
-	if _, err = h.Write(nonce); err != nil {
-		return
-	}
-	if _, err = h.Write([]byte(websocketGUID)); err != nil {
-		return
-	}
-	expected = make([]byte, 28)
-	base64.StdEncoding.Encode(expected, h.Sum(nil))
-	return
-}
-
-// Client handshake described in draft-ietf-hybi-thewebsocket-protocol-17
-func hybiClientHandshake(config *Config, br *bufio.Reader, bw *bufio.Writer) (err error) {
-	bw.WriteString("GET " + config.Location.RequestURI() + " HTTP/1.1\r\n")
-
-	// According to RFC 6874, an HTTP client, proxy, or other
-	// intermediary must remove any IPv6 zone identifier attached
-	// to an outgoing URI.
-	bw.WriteString("Host: " + removeZone(config.Location.Host) + "\r\n")
-	bw.WriteString("Upgrade: websocket\r\n")
-	bw.WriteString("Connection: Upgrade\r\n")
-	nonce := generateNonce()
-	if config.handshakeData != nil {
-		nonce = []byte(config.handshakeData["key"])
-	}
-	bw.WriteString("Sec-WebSocket-Key: " + string(nonce) + "\r\n")
-	bw.WriteString("Origin: " + strings.ToLower(config.Origin.String()) + "\r\n")
-
-	if config.Version != ProtocolVersionHybi13 {
-		return ErrBadProtocolVersion
-	}
-
-	bw.WriteString("Sec-WebSocket-Version: " + fmt.Sprintf("%d", config.Version) + "\r\n")
-	if len(config.Protocol) > 0 {
-		bw.WriteString("Sec-WebSocket-Protocol: " + strings.Join(config.Protocol, ", ") + "\r\n")
-	}
-	// TODO(ukai): send Sec-WebSocket-Extensions.
-	err = config.Header.WriteSubset(bw, handshakeHeader)
-	if err != nil {
-		return err
-	}
-
-	bw.WriteString("\r\n")
-	if err = bw.Flush(); err != nil {
-		return err
-	}
-
-	resp, err := http.ReadResponse(br, &http.Request{Method: "GET"})
-	if err != nil {
-		return err
-	}
-	if resp.StatusCode != 101 {
-		return ErrBadStatus
-	}
-	if strings.ToLower(resp.Header.Get("Upgrade")) != "websocket" ||
-		strings.ToLower(resp.Header.Get("Connection")) != "upgrade" {
-		return ErrBadUpgrade
-	}
-	expectedAccept, err := getNonceAccept(nonce)
-	if err != nil {
-		return err
-	}
-	if resp.Header.Get("Sec-WebSocket-Accept") != string(expectedAccept) {
-		return ErrChallengeResponse
-	}
-	if resp.Header.Get("Sec-WebSocket-Extensions") != "" {
-		return ErrUnsupportedExtensions
-	}
-	offeredProtocol := resp.Header.Get("Sec-WebSocket-Protocol")
-	if offeredProtocol != "" {
-		protocolMatched := false
-		for i := 0; i < len(config.Protocol); i++ {
-			if config.Protocol[i] == offeredProtocol {
-				protocolMatched = true
-				break
-			}
-		}
-		if !protocolMatched {
-			return ErrBadWebSocketProtocol
-		}
-		config.Protocol = []string{offeredProtocol}
-	}
-
-	return nil
-}
-
-// newHybiClientConn creates a client WebSocket connection after handshake.
-func newHybiClientConn(config *Config, buf *bufio.ReadWriter, rwc io.ReadWriteCloser) *Conn {
-	return newHybiConn(config, buf, rwc, nil)
-}
-
-// A HybiServerHandshaker performs a server handshake using hybi draft protocol.
-type hybiServerHandshaker struct {
-	*Config
-	accept []byte
-}
-
-func (c *hybiServerHandshaker) ReadHandshake(buf *bufio.Reader, req *http.Request) (code int, err error) {
-	c.Version = ProtocolVersionHybi13
-	if req.Method != "GET" {
-		return http.StatusMethodNotAllowed, ErrBadRequestMethod
-	}
-	// HTTP version can be safely ignored.
-
-	if strings.ToLower(req.Header.Get("Upgrade")) != "websocket" ||
-		!strings.Contains(strings.ToLower(req.Header.Get("Connection")), "upgrade") {
-		return http.StatusBadRequest, ErrNotWebSocket
-	}
-
-	key := req.Header.Get("Sec-Websocket-Key")
-	if key == "" {
-		return http.StatusBadRequest, ErrChallengeResponse
-	}
-	version := req.Header.Get("Sec-Websocket-Version")
-	switch version {
-	case "13":
-		c.Version = ProtocolVersionHybi13
-	default:
-		return http.StatusBadRequest, ErrBadWebSocketVersion
-	}
-	var scheme string
-	if req.TLS != nil {
-		scheme = "wss"
-	} else {
-		scheme = "ws"
-	}
-	c.Location, err = url.ParseRequestURI(scheme + "://" + req.Host + req.URL.RequestURI())
-	if err != nil {
-		return http.StatusBadRequest, err
-	}
-	protocol := strings.TrimSpace(req.Header.Get("Sec-Websocket-Protocol"))
-	if protocol != "" {
-		protocols := strings.Split(protocol, ",")
-		for i := 0; i < len(protocols); i++ {
-			c.Protocol = append(c.Protocol, strings.TrimSpace(protocols[i]))
-		}
-	}
-	c.accept, err = getNonceAccept([]byte(key))
-	if err != nil {
-		return http.StatusInternalServerError, err
-	}
-	return http.StatusSwitchingProtocols, nil
-}
-
-// Origin parses the Origin header in req.
-// If the Origin header is not set, it returns nil and nil.
-func Origin(config *Config, req *http.Request) (*url.URL, error) {
-	var origin string
-	switch config.Version {
-	case ProtocolVersionHybi13:
-		origin = req.Header.Get("Origin")
-	}
-	if origin == "" {
-		return nil, nil
-	}
-	return url.ParseRequestURI(origin)
-}
-
-func (c *hybiServerHandshaker) AcceptHandshake(buf *bufio.Writer) (err error) {
-	if len(c.Protocol) > 0 {
-		if len(c.Protocol) != 1 {
-			// You need choose a Protocol in Handshake func in Server.
-			return ErrBadWebSocketProtocol
-		}
-	}
-	buf.WriteString("HTTP/1.1 101 Switching Protocols\r\n")
-	buf.WriteString("Upgrade: websocket\r\n")
-	buf.WriteString("Connection: Upgrade\r\n")
-	buf.WriteString("Sec-WebSocket-Accept: " + string(c.accept) + "\r\n")
-	if len(c.Protocol) > 0 {
-		buf.WriteString("Sec-WebSocket-Protocol: " + c.Protocol[0] + "\r\n")
-	}
-	// TODO(ukai): send Sec-WebSocket-Extensions.
-	if c.Header != nil {
-		err := c.Header.WriteSubset(buf, handshakeHeader)
-		if err != nil {
-			return err
-		}
-	}
-	buf.WriteString("\r\n")
-	return buf.Flush()
-}
-
-func (c *hybiServerHandshaker) NewServerConn(buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) *Conn {
-	return newHybiServerConn(c.Config, buf, rwc, request)
-}
-
-// newHybiServerConn returns a new WebSocket connection speaking hybi draft protocol.
-func newHybiServerConn(config *Config, buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) *Conn {
-	return newHybiConn(config, buf, rwc, request)
-}
diff --git a/vendor/golang.org/x/net/websocket/hybi_test.go b/vendor/golang.org/x/net/websocket/hybi_test.go
deleted file mode 100644
index 9504aa2d..00000000
--- a/vendor/golang.org/x/net/websocket/hybi_test.go
+++ /dev/null
@@ -1,608 +0,0 @@
-// Copyright 2011 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket
-
-import (
-	"bufio"
-	"bytes"
-	"fmt"
-	"io"
-	"net/http"
-	"net/url"
-	"strings"
-	"testing"
-)
-
-// Test the getNonceAccept function with values in
-// http://tools.ietf.org/html/draft-ietf-hybi-thewebsocketprotocol-17
-func TestSecWebSocketAccept(t *testing.T) {
-	nonce := []byte("dGhlIHNhbXBsZSBub25jZQ==")
-	expected := []byte("s3pPLMBiTxaQ9kYGzzhZRbK+xOo=")
-	accept, err := getNonceAccept(nonce)
-	if err != nil {
-		t.Errorf("getNonceAccept: returned error %v", err)
-		return
-	}
-	if !bytes.Equal(expected, accept) {
-		t.Errorf("getNonceAccept: expected %q got %q", expected, accept)
-	}
-}
-
-func TestHybiClientHandshake(t *testing.T) {
-	type test struct {
-		url, host string
-	}
-	tests := []test{
-		{"ws://server.example.com/chat", "server.example.com"},
-		{"ws://127.0.0.1/chat", "127.0.0.1"},
-	}
-	if _, err := url.ParseRequestURI("http://[fe80::1%25lo0]"); err == nil {
-		tests = append(tests, test{"ws://[fe80::1%25lo0]/chat", "[fe80::1]"})
-	}
-
-	for _, tt := range tests {
-		var b bytes.Buffer
-		bw := bufio.NewWriter(&b)
-		br := bufio.NewReader(strings.NewReader(`HTTP/1.1 101 Switching Protocols
-Upgrade: websocket
-Connection: Upgrade
-Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
-Sec-WebSocket-Protocol: chat
-
-`))
-		var err error
-		var config Config
-		config.Location, err = url.ParseRequestURI(tt.url)
-		if err != nil {
-			t.Fatal("location url", err)
-		}
-		config.Origin, err = url.ParseRequestURI("http://example.com")
-		if err != nil {
-			t.Fatal("origin url", err)
-		}
-		config.Protocol = append(config.Protocol, "chat")
-		config.Protocol = append(config.Protocol, "superchat")
-		config.Version = ProtocolVersionHybi13
-		config.handshakeData = map[string]string{
-			"key": "dGhlIHNhbXBsZSBub25jZQ==",
-		}
-		if err := hybiClientHandshake(&config, br, bw); err != nil {
-			t.Fatal("handshake", err)
-		}
-		req, err := http.ReadRequest(bufio.NewReader(&b))
-		if err != nil {
-			t.Fatal("read request", err)
-		}
-		if req.Method != "GET" {
-			t.Errorf("request method expected GET, but got %s", req.Method)
-		}
-		if req.URL.Path != "/chat" {
-			t.Errorf("request path expected /chat, but got %s", req.URL.Path)
-		}
-		if req.Proto != "HTTP/1.1" {
-			t.Errorf("request proto expected HTTP/1.1, but got %s", req.Proto)
-		}
-		if req.Host != tt.host {
-			t.Errorf("request host expected %s, but got %s", tt.host, req.Host)
-		}
-		var expectedHeader = map[string]string{
-			"Connection":             "Upgrade",
-			"Upgrade":                "websocket",
-			"Sec-Websocket-Key":      config.handshakeData["key"],
-			"Origin":                 config.Origin.String(),
-			"Sec-Websocket-Protocol": "chat, superchat",
-			"Sec-Websocket-Version":  fmt.Sprintf("%d", ProtocolVersionHybi13),
-		}
-		for k, v := range expectedHeader {
-			if req.Header.Get(k) != v {
-				t.Errorf("%s expected %s, but got %v", k, v, req.Header.Get(k))
-			}
-		}
-	}
-}
-
-func TestHybiClientHandshakeWithHeader(t *testing.T) {
-	b := bytes.NewBuffer([]byte{})
-	bw := bufio.NewWriter(b)
-	br := bufio.NewReader(strings.NewReader(`HTTP/1.1 101 Switching Protocols
-Upgrade: websocket
-Connection: Upgrade
-Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=
-Sec-WebSocket-Protocol: chat
-
-`))
-	var err error
-	config := new(Config)
-	config.Location, err = url.ParseRequestURI("ws://server.example.com/chat")
-	if err != nil {
-		t.Fatal("location url", err)
-	}
-	config.Origin, err = url.ParseRequestURI("http://example.com")
-	if err != nil {
-		t.Fatal("origin url", err)
-	}
-	config.Protocol = append(config.Protocol, "chat")
-	config.Protocol = append(config.Protocol, "superchat")
-	config.Version = ProtocolVersionHybi13
-	config.Header = http.Header(make(map[string][]string))
-	config.Header.Add("User-Agent", "test")
-
-	config.handshakeData = map[string]string{
-		"key": "dGhlIHNhbXBsZSBub25jZQ==",
-	}
-	err = hybiClientHandshake(config, br, bw)
-	if err != nil {
-		t.Errorf("handshake failed: %v", err)
-	}
-	req, err := http.ReadRequest(bufio.NewReader(b))
-	if err != nil {
-		t.Fatalf("read request: %v", err)
-	}
-	if req.Method != "GET" {
-		t.Errorf("request method expected GET, but got %q", req.Method)
-	}
-	if req.URL.Path != "/chat" {
-		t.Errorf("request path expected /chat, but got %q", req.URL.Path)
-	}
-	if req.Proto != "HTTP/1.1" {
-		t.Errorf("request proto expected HTTP/1.1, but got %q", req.Proto)
-	}
-	if req.Host != "server.example.com" {
-		t.Errorf("request Host expected server.example.com, but got %v", req.Host)
-	}
-	var expectedHeader = map[string]string{
-		"Connection":             "Upgrade",
-		"Upgrade":                "websocket",
-		"Sec-Websocket-Key":      config.handshakeData["key"],
-		"Origin":                 config.Origin.String(),
-		"Sec-Websocket-Protocol": "chat, superchat",
-		"Sec-Websocket-Version":  fmt.Sprintf("%d", ProtocolVersionHybi13),
-		"User-Agent":             "test",
-	}
-	for k, v := range expectedHeader {
-		if req.Header.Get(k) != v {
-			t.Errorf(fmt.Sprintf("%s expected %q but got %q", k, v, req.Header.Get(k)))
-		}
-	}
-}
-
-func TestHybiServerHandshake(t *testing.T) {
-	config := new(Config)
-	handshaker := &hybiServerHandshaker{Config: config}
-	br := bufio.NewReader(strings.NewReader(`GET /chat HTTP/1.1
-Host: server.example.com
-Upgrade: websocket
-Connection: Upgrade
-Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
-Origin: http://example.com
-Sec-WebSocket-Protocol: chat, superchat
-Sec-WebSocket-Version: 13
-
-`))
-	req, err := http.ReadRequest(br)
-	if err != nil {
-		t.Fatal("request", err)
-	}
-	code, err := handshaker.ReadHandshake(br, req)
-	if err != nil {
-		t.Errorf("handshake failed: %v", err)
-	}
-	if code != http.StatusSwitchingProtocols {
-		t.Errorf("status expected %q but got %q", http.StatusSwitchingProtocols, code)
-	}
-	expectedProtocols := []string{"chat", "superchat"}
-	if fmt.Sprintf("%v", config.Protocol) != fmt.Sprintf("%v", expectedProtocols) {
-		t.Errorf("protocol expected %q but got %q", expectedProtocols, config.Protocol)
-	}
-	b := bytes.NewBuffer([]byte{})
-	bw := bufio.NewWriter(b)
-
-	config.Protocol = config.Protocol[:1]
-
-	err = handshaker.AcceptHandshake(bw)
-	if err != nil {
-		t.Errorf("handshake response failed: %v", err)
-	}
-	expectedResponse := strings.Join([]string{
-		"HTTP/1.1 101 Switching Protocols",
-		"Upgrade: websocket",
-		"Connection: Upgrade",
-		"Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=",
-		"Sec-WebSocket-Protocol: chat",
-		"", ""}, "\r\n")
-
-	if b.String() != expectedResponse {
-		t.Errorf("handshake expected %q but got %q", expectedResponse, b.String())
-	}
-}
-
-func TestHybiServerHandshakeNoSubProtocol(t *testing.T) {
-	config := new(Config)
-	handshaker := &hybiServerHandshaker{Config: config}
-	br := bufio.NewReader(strings.NewReader(`GET /chat HTTP/1.1
-Host: server.example.com
-Upgrade: websocket
-Connection: Upgrade
-Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
-Origin: http://example.com
-Sec-WebSocket-Version: 13
-
-`))
-	req, err := http.ReadRequest(br)
-	if err != nil {
-		t.Fatal("request", err)
-	}
-	code, err := handshaker.ReadHandshake(br, req)
-	if err != nil {
-		t.Errorf("handshake failed: %v", err)
-	}
-	if code != http.StatusSwitchingProtocols {
-		t.Errorf("status expected %q but got %q", http.StatusSwitchingProtocols, code)
-	}
-	if len(config.Protocol) != 0 {
-		t.Errorf("len(config.Protocol) expected 0, but got %q", len(config.Protocol))
-	}
-	b := bytes.NewBuffer([]byte{})
-	bw := bufio.NewWriter(b)
-
-	err = handshaker.AcceptHandshake(bw)
-	if err != nil {
-		t.Errorf("handshake response failed: %v", err)
-	}
-	expectedResponse := strings.Join([]string{
-		"HTTP/1.1 101 Switching Protocols",
-		"Upgrade: websocket",
-		"Connection: Upgrade",
-		"Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=",
-		"", ""}, "\r\n")
-
-	if b.String() != expectedResponse {
-		t.Errorf("handshake expected %q but got %q", expectedResponse, b.String())
-	}
-}
-
-func TestHybiServerHandshakeHybiBadVersion(t *testing.T) {
-	config := new(Config)
-	handshaker := &hybiServerHandshaker{Config: config}
-	br := bufio.NewReader(strings.NewReader(`GET /chat HTTP/1.1
-Host: server.example.com
-Upgrade: websocket
-Connection: Upgrade
-Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
-Sec-WebSocket-Origin: http://example.com
-Sec-WebSocket-Protocol: chat, superchat
-Sec-WebSocket-Version: 9
-
-`))
-	req, err := http.ReadRequest(br)
-	if err != nil {
-		t.Fatal("request", err)
-	}
-	code, err := handshaker.ReadHandshake(br, req)
-	if err != ErrBadWebSocketVersion {
-		t.Errorf("handshake expected err %q but got %q", ErrBadWebSocketVersion, err)
-	}
-	if code != http.StatusBadRequest {
-		t.Errorf("status expected %q but got %q", http.StatusBadRequest, code)
-	}
-}
-
-func testHybiFrame(t *testing.T, testHeader, testPayload, testMaskedPayload []byte, frameHeader *hybiFrameHeader) {
-	b := bytes.NewBuffer([]byte{})
-	frameWriterFactory := &hybiFrameWriterFactory{bufio.NewWriter(b), false}
-	w, _ := frameWriterFactory.NewFrameWriter(TextFrame)
-	w.(*hybiFrameWriter).header = frameHeader
-	_, err := w.Write(testPayload)
-	w.Close()
-	if err != nil {
-		t.Errorf("Write error %q", err)
-	}
-	var expectedFrame []byte
-	expectedFrame = append(expectedFrame, testHeader...)
-	expectedFrame = append(expectedFrame, testMaskedPayload...)
-	if !bytes.Equal(expectedFrame, b.Bytes()) {
-		t.Errorf("frame expected %q got %q", expectedFrame, b.Bytes())
-	}
-	frameReaderFactory := &hybiFrameReaderFactory{bufio.NewReader(b)}
-	r, err := frameReaderFactory.NewFrameReader()
-	if err != nil {
-		t.Errorf("Read error %q", err)
-	}
-	if header := r.HeaderReader(); header == nil {
-		t.Errorf("no header")
-	} else {
-		actualHeader := make([]byte, r.Len())
-		n, err := header.Read(actualHeader)
-		if err != nil {
-			t.Errorf("Read header error %q", err)
-		} else {
-			if n < len(testHeader) {
-				t.Errorf("header too short %q got %q", testHeader, actualHeader[:n])
-			}
-			if !bytes.Equal(testHeader, actualHeader[:n]) {
-				t.Errorf("header expected %q got %q", testHeader, actualHeader[:n])
-			}
-		}
-	}
-	if trailer := r.TrailerReader(); trailer != nil {
-		t.Errorf("unexpected trailer %q", trailer)
-	}
-	frame := r.(*hybiFrameReader)
-	if frameHeader.Fin != frame.header.Fin ||
-		frameHeader.OpCode != frame.header.OpCode ||
-		len(testPayload) != int(frame.header.Length) {
-		t.Errorf("mismatch %v (%d) vs %v", frameHeader, len(testPayload), frame)
-	}
-	payload := make([]byte, len(testPayload))
-	_, err = r.Read(payload)
-	if err != nil && err != io.EOF {
-		t.Errorf("read %v", err)
-	}
-	if !bytes.Equal(testPayload, payload) {
-		t.Errorf("payload %q vs %q", testPayload, payload)
-	}
-}
-
-func TestHybiShortTextFrame(t *testing.T) {
-	frameHeader := &hybiFrameHeader{Fin: true, OpCode: TextFrame}
-	payload := []byte("hello")
-	testHybiFrame(t, []byte{0x81, 0x05}, payload, payload, frameHeader)
-
-	payload = make([]byte, 125)
-	testHybiFrame(t, []byte{0x81, 125}, payload, payload, frameHeader)
-}
-
-func TestHybiShortMaskedTextFrame(t *testing.T) {
-	frameHeader := &hybiFrameHeader{Fin: true, OpCode: TextFrame,
-		MaskingKey: []byte{0xcc, 0x55, 0x80, 0x20}}
-	payload := []byte("hello")
-	maskedPayload := []byte{0xa4, 0x30, 0xec, 0x4c, 0xa3}
-	header := []byte{0x81, 0x85}
-	header = append(header, frameHeader.MaskingKey...)
-	testHybiFrame(t, header, payload, maskedPayload, frameHeader)
-}
-
-func TestHybiShortBinaryFrame(t *testing.T) {
-	frameHeader := &hybiFrameHeader{Fin: true, OpCode: BinaryFrame}
-	payload := []byte("hello")
-	testHybiFrame(t, []byte{0x82, 0x05}, payload, payload, frameHeader)
-
-	payload = make([]byte, 125)
-	testHybiFrame(t, []byte{0x82, 125}, payload, payload, frameHeader)
-}
-
-func TestHybiControlFrame(t *testing.T) {
-	payload := []byte("hello")
-
-	frameHeader := &hybiFrameHeader{Fin: true, OpCode: PingFrame}
-	testHybiFrame(t, []byte{0x89, 0x05}, payload, payload, frameHeader)
-
-	frameHeader = &hybiFrameHeader{Fin: true, OpCode: PingFrame}
-	testHybiFrame(t, []byte{0x89, 0x00}, nil, nil, frameHeader)
-
-	frameHeader = &hybiFrameHeader{Fin: true, OpCode: PongFrame}
-	testHybiFrame(t, []byte{0x8A, 0x05}, payload, payload, frameHeader)
-
-	frameHeader = &hybiFrameHeader{Fin: true, OpCode: PongFrame}
-	testHybiFrame(t, []byte{0x8A, 0x00}, nil, nil, frameHeader)
-
-	frameHeader = &hybiFrameHeader{Fin: true, OpCode: CloseFrame}
-	payload = []byte{0x03, 0xe8} // 1000
-	testHybiFrame(t, []byte{0x88, 0x02}, payload, payload, frameHeader)
-}
-
-func TestHybiLongFrame(t *testing.T) {
-	frameHeader := &hybiFrameHeader{Fin: true, OpCode: TextFrame}
-	payload := make([]byte, 126)
-	testHybiFrame(t, []byte{0x81, 126, 0x00, 126}, payload, payload, frameHeader)
-
-	payload = make([]byte, 65535)
-	testHybiFrame(t, []byte{0x81, 126, 0xff, 0xff}, payload, payload, frameHeader)
-
-	payload = make([]byte, 65536)
-	testHybiFrame(t, []byte{0x81, 127, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00}, payload, payload, frameHeader)
-}
-
-func TestHybiClientRead(t *testing.T) {
-	wireData := []byte{0x81, 0x05, 'h', 'e', 'l', 'l', 'o',
-		0x89, 0x05, 'h', 'e', 'l', 'l', 'o', // ping
-		0x81, 0x05, 'w', 'o', 'r', 'l', 'd'}
-	br := bufio.NewReader(bytes.NewBuffer(wireData))
-	bw := bufio.NewWriter(bytes.NewBuffer([]byte{}))
-	conn := newHybiConn(newConfig(t, "/"), bufio.NewReadWriter(br, bw), nil, nil)
-
-	msg := make([]byte, 512)
-	n, err := conn.Read(msg)
-	if err != nil {
-		t.Errorf("read 1st frame, error %q", err)
-	}
-	if n != 5 {
-		t.Errorf("read 1st frame, expect 5, got %d", n)
-	}
-	if !bytes.Equal(wireData[2:7], msg[:n]) {
-		t.Errorf("read 1st frame %v, got %v", wireData[2:7], msg[:n])
-	}
-	n, err = conn.Read(msg)
-	if err != nil {
-		t.Errorf("read 2nd frame, error %q", err)
-	}
-	if n != 5 {
-		t.Errorf("read 2nd frame, expect 5, got %d", n)
-	}
-	if !bytes.Equal(wireData[16:21], msg[:n]) {
-		t.Errorf("read 2nd frame %v, got %v", wireData[16:21], msg[:n])
-	}
-	n, err = conn.Read(msg)
-	if err == nil {
-		t.Errorf("read not EOF")
-	}
-	if n != 0 {
-		t.Errorf("expect read 0, got %d", n)
-	}
-}
-
-func TestHybiShortRead(t *testing.T) {
-	wireData := []byte{0x81, 0x05, 'h', 'e', 'l', 'l', 'o',
-		0x89, 0x05, 'h', 'e', 'l', 'l', 'o', // ping
-		0x81, 0x05, 'w', 'o', 'r', 'l', 'd'}
-	br := bufio.NewReader(bytes.NewBuffer(wireData))
-	bw := bufio.NewWriter(bytes.NewBuffer([]byte{}))
-	conn := newHybiConn(newConfig(t, "/"), bufio.NewReadWriter(br, bw), nil, nil)
-
-	step := 0
-	pos := 0
-	expectedPos := []int{2, 5, 16, 19}
-	expectedLen := []int{3, 2, 3, 2}
-	for {
-		msg := make([]byte, 3)
-		n, err := conn.Read(msg)
-		if step >= len(expectedPos) {
-			if err == nil {
-				t.Errorf("read not EOF")
-			}
-			if n != 0 {
-				t.Errorf("expect read 0, got %d", n)
-			}
-			return
-		}
-		pos = expectedPos[step]
-		endPos := pos + expectedLen[step]
-		if err != nil {
-			t.Errorf("read from %d, got error %q", pos, err)
-			return
-		}
-		if n != endPos-pos {
-			t.Errorf("read from %d, expect %d, got %d", pos, endPos-pos, n)
-		}
-		if !bytes.Equal(wireData[pos:endPos], msg[:n]) {
-			t.Errorf("read from %d, frame %v, got %v", pos, wireData[pos:endPos], msg[:n])
-		}
-		step++
-	}
-}
-
-func TestHybiServerRead(t *testing.T) {
-	wireData := []byte{0x81, 0x85, 0xcc, 0x55, 0x80, 0x20,
-		0xa4, 0x30, 0xec, 0x4c, 0xa3, // hello
-		0x89, 0x85, 0xcc, 0x55, 0x80, 0x20,
-		0xa4, 0x30, 0xec, 0x4c, 0xa3, // ping: hello
-		0x81, 0x85, 0xed, 0x83, 0xb4, 0x24,
-		0x9a, 0xec, 0xc6, 0x48, 0x89, // world
-	}
-	br := bufio.NewReader(bytes.NewBuffer(wireData))
-	bw := bufio.NewWriter(bytes.NewBuffer([]byte{}))
-	conn := newHybiConn(newConfig(t, "/"), bufio.NewReadWriter(br, bw), nil, new(http.Request))
-
-	expected := [][]byte{[]byte("hello"), []byte("world")}
-
-	msg := make([]byte, 512)
-	n, err := conn.Read(msg)
-	if err != nil {
-		t.Errorf("read 1st frame, error %q", err)
-	}
-	if n != 5 {
-		t.Errorf("read 1st frame, expect 5, got %d", n)
-	}
-	if !bytes.Equal(expected[0], msg[:n]) {
-		t.Errorf("read 1st frame %q, got %q", expected[0], msg[:n])
-	}
-
-	n, err = conn.Read(msg)
-	if err != nil {
-		t.Errorf("read 2nd frame, error %q", err)
-	}
-	if n != 5 {
-		t.Errorf("read 2nd frame, expect 5, got %d", n)
-	}
-	if !bytes.Equal(expected[1], msg[:n]) {
-		t.Errorf("read 2nd frame %q, got %q", expected[1], msg[:n])
-	}
-
-	n, err = conn.Read(msg)
-	if err == nil {
-		t.Errorf("read not EOF")
-	}
-	if n != 0 {
-		t.Errorf("expect read 0, got %d", n)
-	}
-}
-
-func TestHybiServerReadWithoutMasking(t *testing.T) {
-	wireData := []byte{0x81, 0x05, 'h', 'e', 'l', 'l', 'o'}
-	br := bufio.NewReader(bytes.NewBuffer(wireData))
-	bw := bufio.NewWriter(bytes.NewBuffer([]byte{}))
-	conn := newHybiConn(newConfig(t, "/"), bufio.NewReadWriter(br, bw), nil, new(http.Request))
-	// server MUST close the connection upon receiving a non-masked frame.
-	msg := make([]byte, 512)
-	_, err := conn.Read(msg)
-	if err != io.EOF {
-		t.Errorf("read 1st frame, expect %q, but got %q", io.EOF, err)
-	}
-}
-
-func TestHybiClientReadWithMasking(t *testing.T) {
-	wireData := []byte{0x81, 0x85, 0xcc, 0x55, 0x80, 0x20,
-		0xa4, 0x30, 0xec, 0x4c, 0xa3, // hello
-	}
-	br := bufio.NewReader(bytes.NewBuffer(wireData))
-	bw := bufio.NewWriter(bytes.NewBuffer([]byte{}))
-	conn := newHybiConn(newConfig(t, "/"), bufio.NewReadWriter(br, bw), nil, nil)
-
-	// client MUST close the connection upon receiving a masked frame.
-	msg := make([]byte, 512)
-	_, err := conn.Read(msg)
-	if err != io.EOF {
-		t.Errorf("read 1st frame, expect %q, but got %q", io.EOF, err)
-	}
-}
-
-// Test the hybiServerHandshaker supports firefox implementation and
-// checks Connection request header include (but it's not necessary
-// equal to) "upgrade"
-func TestHybiServerFirefoxHandshake(t *testing.T) {
-	config := new(Config)
-	handshaker := &hybiServerHandshaker{Config: config}
-	br := bufio.NewReader(strings.NewReader(`GET /chat HTTP/1.1
-Host: server.example.com
-Upgrade: websocket
-Connection: keep-alive, upgrade
-Sec-WebSocket-Key: dGhlIHNhbXBsZSBub25jZQ==
-Origin: http://example.com
-Sec-WebSocket-Protocol: chat, superchat
-Sec-WebSocket-Version: 13
-
-`))
-	req, err := http.ReadRequest(br)
-	if err != nil {
-		t.Fatal("request", err)
-	}
-	code, err := handshaker.ReadHandshake(br, req)
-	if err != nil {
-		t.Errorf("handshake failed: %v", err)
-	}
-	if code != http.StatusSwitchingProtocols {
-		t.Errorf("status expected %q but got %q", http.StatusSwitchingProtocols, code)
-	}
-	b := bytes.NewBuffer([]byte{})
-	bw := bufio.NewWriter(b)
-
-	config.Protocol = []string{"chat"}
-
-	err = handshaker.AcceptHandshake(bw)
-	if err != nil {
-		t.Errorf("handshake response failed: %v", err)
-	}
-	expectedResponse := strings.Join([]string{
-		"HTTP/1.1 101 Switching Protocols",
-		"Upgrade: websocket",
-		"Connection: Upgrade",
-		"Sec-WebSocket-Accept: s3pPLMBiTxaQ9kYGzzhZRbK+xOo=",
-		"Sec-WebSocket-Protocol: chat",
-		"", ""}, "\r\n")
-
-	if b.String() != expectedResponse {
-		t.Errorf("handshake expected %q but got %q", expectedResponse, b.String())
-	}
-}
diff --git a/vendor/golang.org/x/net/websocket/server.go b/vendor/golang.org/x/net/websocket/server.go
deleted file mode 100644
index 0895dea1..00000000
--- a/vendor/golang.org/x/net/websocket/server.go
+++ /dev/null
@@ -1,113 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket
-
-import (
-	"bufio"
-	"fmt"
-	"io"
-	"net/http"
-)
-
-func newServerConn(rwc io.ReadWriteCloser, buf *bufio.ReadWriter, req *http.Request, config *Config, handshake func(*Config, *http.Request) error) (conn *Conn, err error) {
-	var hs serverHandshaker = &hybiServerHandshaker{Config: config}
-	code, err := hs.ReadHandshake(buf.Reader, req)
-	if err == ErrBadWebSocketVersion {
-		fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
-		fmt.Fprintf(buf, "Sec-WebSocket-Version: %s\r\n", SupportedProtocolVersion)
-		buf.WriteString("\r\n")
-		buf.WriteString(err.Error())
-		buf.Flush()
-		return
-	}
-	if err != nil {
-		fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
-		buf.WriteString("\r\n")
-		buf.WriteString(err.Error())
-		buf.Flush()
-		return
-	}
-	if handshake != nil {
-		err = handshake(config, req)
-		if err != nil {
-			code = http.StatusForbidden
-			fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
-			buf.WriteString("\r\n")
-			buf.Flush()
-			return
-		}
-	}
-	err = hs.AcceptHandshake(buf.Writer)
-	if err != nil {
-		code = http.StatusBadRequest
-		fmt.Fprintf(buf, "HTTP/1.1 %03d %s\r\n", code, http.StatusText(code))
-		buf.WriteString("\r\n")
-		buf.Flush()
-		return
-	}
-	conn = hs.NewServerConn(buf, rwc, req)
-	return
-}
-
-// Server represents a server of a WebSocket.
-type Server struct {
-	// Config is a WebSocket configuration for new WebSocket connection.
-	Config
-
-	// Handshake is an optional function in WebSocket handshake.
-	// For example, you can check, or don't check Origin header.
-	// Another example, you can select config.Protocol.
-	Handshake func(*Config, *http.Request) error
-
-	// Handler handles a WebSocket connection.
-	Handler
-}
-
-// ServeHTTP implements the http.Handler interface for a WebSocket
-func (s Server) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	s.serveWebSocket(w, req)
-}
-
-func (s Server) serveWebSocket(w http.ResponseWriter, req *http.Request) {
-	rwc, buf, err := w.(http.Hijacker).Hijack()
-	if err != nil {
-		panic("Hijack failed: " + err.Error())
-	}
-	// The server should abort the WebSocket connection if it finds
-	// the client did not send a handshake that matches with protocol
-	// specification.
-	defer rwc.Close()
-	conn, err := newServerConn(rwc, buf, req, &s.Config, s.Handshake)
-	if err != nil {
-		return
-	}
-	if conn == nil {
-		panic("unexpected nil conn")
-	}
-	s.Handler(conn)
-}
-
-// Handler is a simple interface to a WebSocket browser client.
-// It checks if Origin header is valid URL by default.
-// You might want to verify websocket.Conn.Config().Origin in the func.
-// If you use Server instead of Handler, you could call websocket.Origin and
-// check the origin in your Handshake func. So, if you want to accept
-// non-browser clients, which do not send an Origin header, set a
-// Server.Handshake that does not check the origin.
-type Handler func(*Conn)
-
-func checkOrigin(config *Config, req *http.Request) (err error) {
-	config.Origin, err = Origin(config, req)
-	if err == nil && config.Origin == nil {
-		return fmt.Errorf("null origin")
-	}
-	return err
-}
-
-// ServeHTTP implements the http.Handler interface for a WebSocket
-func (h Handler) ServeHTTP(w http.ResponseWriter, req *http.Request) {
-	s := Server{Handler: h, Handshake: checkOrigin}
-	s.serveWebSocket(w, req)
-}
diff --git a/vendor/golang.org/x/net/websocket/websocket.go b/vendor/golang.org/x/net/websocket/websocket.go
deleted file mode 100644
index e069b330..00000000
--- a/vendor/golang.org/x/net/websocket/websocket.go
+++ /dev/null
@@ -1,414 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package websocket implements a client and server for the WebSocket protocol
-// as specified in RFC 6455.
-package websocket // import "golang.org/x/net/websocket"
-
-import (
-	"bufio"
-	"crypto/tls"
-	"encoding/json"
-	"errors"
-	"io"
-	"io/ioutil"
-	"net"
-	"net/http"
-	"net/url"
-	"sync"
-	"time"
-)
-
-const (
-	ProtocolVersionHybi13    = 13
-	ProtocolVersionHybi      = ProtocolVersionHybi13
-	SupportedProtocolVersion = "13"
-
-	ContinuationFrame = 0
-	TextFrame         = 1
-	BinaryFrame       = 2
-	CloseFrame        = 8
-	PingFrame         = 9
-	PongFrame         = 10
-	UnknownFrame      = 255
-)
-
-// ProtocolError represents WebSocket protocol errors.
-type ProtocolError struct {
-	ErrorString string
-}
-
-func (err *ProtocolError) Error() string { return err.ErrorString }
-
-var (
-	ErrBadProtocolVersion   = &ProtocolError{"bad protocol version"}
-	ErrBadScheme            = &ProtocolError{"bad scheme"}
-	ErrBadStatus            = &ProtocolError{"bad status"}
-	ErrBadUpgrade           = &ProtocolError{"missing or bad upgrade"}
-	ErrBadWebSocketOrigin   = &ProtocolError{"missing or bad WebSocket-Origin"}
-	ErrBadWebSocketLocation = &ProtocolError{"missing or bad WebSocket-Location"}
-	ErrBadWebSocketProtocol = &ProtocolError{"missing or bad WebSocket-Protocol"}
-	ErrBadWebSocketVersion  = &ProtocolError{"missing or bad WebSocket Version"}
-	ErrChallengeResponse    = &ProtocolError{"mismatch challenge/response"}
-	ErrBadFrame             = &ProtocolError{"bad frame"}
-	ErrBadFrameBoundary     = &ProtocolError{"not on frame boundary"}
-	ErrNotWebSocket         = &ProtocolError{"not websocket protocol"}
-	ErrBadRequestMethod     = &ProtocolError{"bad method"}
-	ErrNotSupported         = &ProtocolError{"not supported"}
-)
-
-// Addr is an implementation of net.Addr for WebSocket.
-type Addr struct {
-	*url.URL
-}
-
-// Network returns the network type for a WebSocket, "websocket".
-func (addr *Addr) Network() string { return "websocket" }
-
-// Config is a WebSocket configuration
-type Config struct {
-	// A WebSocket server address.
-	Location *url.URL
-
-	// A Websocket client origin.
-	Origin *url.URL
-
-	// WebSocket subprotocols.
-	Protocol []string
-
-	// WebSocket protocol version.
-	Version int
-
-	// TLS config for secure WebSocket (wss).
-	TlsConfig *tls.Config
-
-	// Additional header fields to be sent in WebSocket opening handshake.
-	Header http.Header
-
-	handshakeData map[string]string
-}
-
-// serverHandshaker is an interface to handle WebSocket server side handshake.
-type serverHandshaker interface {
-	// ReadHandshake reads handshake request message from client.
-	// Returns http response code and error if any.
-	ReadHandshake(buf *bufio.Reader, req *http.Request) (code int, err error)
-
-	// AcceptHandshake accepts the client handshake request and sends
-	// handshake response back to client.
-	AcceptHandshake(buf *bufio.Writer) (err error)
-
-	// NewServerConn creates a new WebSocket connection.
-	NewServerConn(buf *bufio.ReadWriter, rwc io.ReadWriteCloser, request *http.Request) (conn *Conn)
-}
-
-// frameReader is an interface to read a WebSocket frame.
-type frameReader interface {
-	// Reader is to read payload of the frame.
-	io.Reader
-
-	// PayloadType returns payload type.
-	PayloadType() byte
-
-	// HeaderReader returns a reader to read header of the frame.
-	HeaderReader() io.Reader
-
-	// TrailerReader returns a reader to read trailer of the frame.
-	// If it returns nil, there is no trailer in the frame.
-	TrailerReader() io.Reader
-
-	// Len returns total length of the frame, including header and trailer.
-	Len() int
-}
-
-// frameReaderFactory is an interface to creates new frame reader.
-type frameReaderFactory interface {
-	NewFrameReader() (r frameReader, err error)
-}
-
-// frameWriter is an interface to write a WebSocket frame.
-type frameWriter interface {
-	// Writer is to write payload of the frame.
-	io.WriteCloser
-}
-
-// frameWriterFactory is an interface to create new frame writer.
-type frameWriterFactory interface {
-	NewFrameWriter(payloadType byte) (w frameWriter, err error)
-}
-
-type frameHandler interface {
-	HandleFrame(frame frameReader) (r frameReader, err error)
-	WriteClose(status int) (err error)
-}
-
-// Conn represents a WebSocket connection.
-//
-// Multiple goroutines may invoke methods on a Conn simultaneously.
-type Conn struct {
-	config  *Config
-	request *http.Request
-
-	buf *bufio.ReadWriter
-	rwc io.ReadWriteCloser
-
-	rio sync.Mutex
-	frameReaderFactory
-	frameReader
-
-	wio sync.Mutex
-	frameWriterFactory
-
-	frameHandler
-	PayloadType        byte
-	defaultCloseStatus int
-}
-
-// Read implements the io.Reader interface:
-// it reads data of a frame from the WebSocket connection.
-// if msg is not large enough for the frame data, it fills the msg and next Read
-// will read the rest of the frame data.
-// it reads Text frame or Binary frame.
-func (ws *Conn) Read(msg []byte) (n int, err error) {
-	ws.rio.Lock()
-	defer ws.rio.Unlock()
-again:
-	if ws.frameReader == nil {
-		frame, err := ws.frameReaderFactory.NewFrameReader()
-		if err != nil {
-			return 0, err
-		}
-		ws.frameReader, err = ws.frameHandler.HandleFrame(frame)
-		if err != nil {
-			return 0, err
-		}
-		if ws.frameReader == nil {
-			goto again
-		}
-	}
-	n, err = ws.frameReader.Read(msg)
-	if err == io.EOF {
-		if trailer := ws.frameReader.TrailerReader(); trailer != nil {
-			io.Copy(ioutil.Discard, trailer)
-		}
-		ws.frameReader = nil
-		goto again
-	}
-	return n, err
-}
-
-// Write implements the io.Writer interface:
-// it writes data as a frame to the WebSocket connection.
-func (ws *Conn) Write(msg []byte) (n int, err error) {
-	ws.wio.Lock()
-	defer ws.wio.Unlock()
-	w, err := ws.frameWriterFactory.NewFrameWriter(ws.PayloadType)
-	if err != nil {
-		return 0, err
-	}
-	n, err = w.Write(msg)
-	w.Close()
-	if err != nil {
-		return n, err
-	}
-	return n, err
-}
-
-// Close implements the io.Closer interface.
-func (ws *Conn) Close() error {
-	err := ws.frameHandler.WriteClose(ws.defaultCloseStatus)
-	err1 := ws.rwc.Close()
-	if err != nil {
-		return err
-	}
-	return err1
-}
-
-func (ws *Conn) IsClientConn() bool { return ws.request == nil }
-func (ws *Conn) IsServerConn() bool { return ws.request != nil }
-
-// LocalAddr returns the WebSocket Origin for the connection for client, or
-// the WebSocket location for server.
-func (ws *Conn) LocalAddr() net.Addr {
-	if ws.IsClientConn() {
-		return &Addr{ws.config.Origin}
-	}
-	return &Addr{ws.config.Location}
-}
-
-// RemoteAddr returns the WebSocket location for the connection for client, or
-// the Websocket Origin for server.
-func (ws *Conn) RemoteAddr() net.Addr {
-	if ws.IsClientConn() {
-		return &Addr{ws.config.Location}
-	}
-	return &Addr{ws.config.Origin}
-}
-
-var errSetDeadline = errors.New("websocket: cannot set deadline: not using a net.Conn")
-
-// SetDeadline sets the connection's network read & write deadlines.
-func (ws *Conn) SetDeadline(t time.Time) error {
-	if conn, ok := ws.rwc.(net.Conn); ok {
-		return conn.SetDeadline(t)
-	}
-	return errSetDeadline
-}
-
-// SetReadDeadline sets the connection's network read deadline.
-func (ws *Conn) SetReadDeadline(t time.Time) error {
-	if conn, ok := ws.rwc.(net.Conn); ok {
-		return conn.SetReadDeadline(t)
-	}
-	return errSetDeadline
-}
-
-// SetWriteDeadline sets the connection's network write deadline.
-func (ws *Conn) SetWriteDeadline(t time.Time) error {
-	if conn, ok := ws.rwc.(net.Conn); ok {
-		return conn.SetWriteDeadline(t)
-	}
-	return errSetDeadline
-}
-
-// Config returns the WebSocket config.
-func (ws *Conn) Config() *Config { return ws.config }
-
-// Request returns the http request upgraded to the WebSocket.
-// It is nil for client side.
-func (ws *Conn) Request() *http.Request { return ws.request }
-
-// Codec represents a symmetric pair of functions that implement a codec.
-type Codec struct {
-	Marshal   func(v interface{}) (data []byte, payloadType byte, err error)
-	Unmarshal func(data []byte, payloadType byte, v interface{}) (err error)
-}
-
-// Send sends v marshaled by cd.Marshal as single frame to ws.
-func (cd Codec) Send(ws *Conn, v interface{}) (err error) {
-	data, payloadType, err := cd.Marshal(v)
-	if err != nil {
-		return err
-	}
-	ws.wio.Lock()
-	defer ws.wio.Unlock()
-	w, err := ws.frameWriterFactory.NewFrameWriter(payloadType)
-	if err != nil {
-		return err
-	}
-	_, err = w.Write(data)
-	w.Close()
-	return err
-}
-
-// Receive receives single frame from ws, unmarshaled by cd.Unmarshal and stores in v.
-func (cd Codec) Receive(ws *Conn, v interface{}) (err error) {
-	ws.rio.Lock()
-	defer ws.rio.Unlock()
-	if ws.frameReader != nil {
-		_, err = io.Copy(ioutil.Discard, ws.frameReader)
-		if err != nil {
-			return err
-		}
-		ws.frameReader = nil
-	}
-again:
-	frame, err := ws.frameReaderFactory.NewFrameReader()
-	if err != nil {
-		return err
-	}
-	frame, err = ws.frameHandler.HandleFrame(frame)
-	if err != nil {
-		return err
-	}
-	if frame == nil {
-		goto again
-	}
-	payloadType := frame.PayloadType()
-	data, err := ioutil.ReadAll(frame)
-	if err != nil {
-		return err
-	}
-	return cd.Unmarshal(data, payloadType, v)
-}
-
-func marshal(v interface{}) (msg []byte, payloadType byte, err error) {
-	switch data := v.(type) {
-	case string:
-		return []byte(data), TextFrame, nil
-	case []byte:
-		return data, BinaryFrame, nil
-	}
-	return nil, UnknownFrame, ErrNotSupported
-}
-
-func unmarshal(msg []byte, payloadType byte, v interface{}) (err error) {
-	switch data := v.(type) {
-	case *string:
-		*data = string(msg)
-		return nil
-	case *[]byte:
-		*data = msg
-		return nil
-	}
-	return ErrNotSupported
-}
-
-/*
-Message is a codec to send/receive text/binary data in a frame on WebSocket connection.
-To send/receive text frame, use string type.
-To send/receive binary frame, use []byte type.
-
-Trivial usage:
-
-	import "websocket"
-
-	// receive text frame
-	var message string
-	websocket.Message.Receive(ws, &message)
-
-	// send text frame
-	message = "hello"
-	websocket.Message.Send(ws, message)
-
-	// receive binary frame
-	var data []byte
-	websocket.Message.Receive(ws, &data)
-
-	// send binary frame
-	data = []byte{0, 1, 2}
-	websocket.Message.Send(ws, data)
-
-*/
-var Message = Codec{marshal, unmarshal}
-
-func jsonMarshal(v interface{}) (msg []byte, payloadType byte, err error) {
-	msg, err = json.Marshal(v)
-	return msg, TextFrame, err
-}
-
-func jsonUnmarshal(msg []byte, payloadType byte, v interface{}) (err error) {
-	return json.Unmarshal(msg, v)
-}
-
-/*
-JSON is a codec to send/receive JSON data in a frame from a WebSocket connection.
-
-Trivial usage:
-
-	import "websocket"
-
-	type T struct {
-		Msg string
-		Count int
-	}
-
-	// receive JSON type T
-	var data T
-	websocket.JSON.Receive(ws, &data)
-
-	// send JSON type T
-	websocket.JSON.Send(ws, data)
-*/
-var JSON = Codec{jsonMarshal, jsonUnmarshal}
diff --git a/vendor/golang.org/x/net/websocket/websocket_test.go b/vendor/golang.org/x/net/websocket/websocket_test.go
deleted file mode 100644
index 05b7e535..00000000
--- a/vendor/golang.org/x/net/websocket/websocket_test.go
+++ /dev/null
@@ -1,587 +0,0 @@
-// Copyright 2009 The Go Authors. All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package websocket
-
-import (
-	"bytes"
-	"fmt"
-	"io"
-	"log"
-	"net"
-	"net/http"
-	"net/http/httptest"
-	"net/url"
-	"reflect"
-	"runtime"
-	"strings"
-	"sync"
-	"testing"
-	"time"
-)
-
-var serverAddr string
-var once sync.Once
-
-func echoServer(ws *Conn) {
-	defer ws.Close()
-	io.Copy(ws, ws)
-}
-
-type Count struct {
-	S string
-	N int
-}
-
-func countServer(ws *Conn) {
-	defer ws.Close()
-	for {
-		var count Count
-		err := JSON.Receive(ws, &count)
-		if err != nil {
-			return
-		}
-		count.N++
-		count.S = strings.Repeat(count.S, count.N)
-		err = JSON.Send(ws, count)
-		if err != nil {
-			return
-		}
-	}
-}
-
-type testCtrlAndDataHandler struct {
-	hybiFrameHandler
-}
-
-func (h *testCtrlAndDataHandler) WritePing(b []byte) (int, error) {
-	h.hybiFrameHandler.conn.wio.Lock()
-	defer h.hybiFrameHandler.conn.wio.Unlock()
-	w, err := h.hybiFrameHandler.conn.frameWriterFactory.NewFrameWriter(PingFrame)
-	if err != nil {
-		return 0, err
-	}
-	n, err := w.Write(b)
-	w.Close()
-	return n, err
-}
-
-func ctrlAndDataServer(ws *Conn) {
-	defer ws.Close()
-	h := &testCtrlAndDataHandler{hybiFrameHandler: hybiFrameHandler{conn: ws}}
-	ws.frameHandler = h
-
-	go func() {
-		for i := 0; ; i++ {
-			var b []byte
-			if i%2 != 0 { // with or without payload
-				b = []byte(fmt.Sprintf("#%d-CONTROL-FRAME-FROM-SERVER", i))
-			}
-			if _, err := h.WritePing(b); err != nil {
-				break
-			}
-			if _, err := h.WritePong(b); err != nil { // unsolicited pong
-				break
-			}
-			time.Sleep(10 * time.Millisecond)
-		}
-	}()
-
-	b := make([]byte, 128)
-	for {
-		n, err := ws.Read(b)
-		if err != nil {
-			break
-		}
-		if _, err := ws.Write(b[:n]); err != nil {
-			break
-		}
-	}
-}
-
-func subProtocolHandshake(config *Config, req *http.Request) error {
-	for _, proto := range config.Protocol {
-		if proto == "chat" {
-			config.Protocol = []string{proto}
-			return nil
-		}
-	}
-	return ErrBadWebSocketProtocol
-}
-
-func subProtoServer(ws *Conn) {
-	for _, proto := range ws.Config().Protocol {
-		io.WriteString(ws, proto)
-	}
-}
-
-func startServer() {
-	http.Handle("/echo", Handler(echoServer))
-	http.Handle("/count", Handler(countServer))
-	http.Handle("/ctrldata", Handler(ctrlAndDataServer))
-	subproto := Server{
-		Handshake: subProtocolHandshake,
-		Handler:   Handler(subProtoServer),
-	}
-	http.Handle("/subproto", subproto)
-	server := httptest.NewServer(nil)
-	serverAddr = server.Listener.Addr().String()
-	log.Print("Test WebSocket server listening on ", serverAddr)
-}
-
-func newConfig(t *testing.T, path string) *Config {
-	config, _ := NewConfig(fmt.Sprintf("ws://%s%s", serverAddr, path), "http://localhost")
-	return config
-}
-
-func TestEcho(t *testing.T) {
-	once.Do(startServer)
-
-	// websocket.Dial()
-	client, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-	conn, err := NewClient(newConfig(t, "/echo"), client)
-	if err != nil {
-		t.Errorf("WebSocket handshake error: %v", err)
-		return
-	}
-
-	msg := []byte("hello, world\n")
-	if _, err := conn.Write(msg); err != nil {
-		t.Errorf("Write: %v", err)
-	}
-	var actual_msg = make([]byte, 512)
-	n, err := conn.Read(actual_msg)
-	if err != nil {
-		t.Errorf("Read: %v", err)
-	}
-	actual_msg = actual_msg[0:n]
-	if !bytes.Equal(msg, actual_msg) {
-		t.Errorf("Echo: expected %q got %q", msg, actual_msg)
-	}
-	conn.Close()
-}
-
-func TestAddr(t *testing.T) {
-	once.Do(startServer)
-
-	// websocket.Dial()
-	client, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-	conn, err := NewClient(newConfig(t, "/echo"), client)
-	if err != nil {
-		t.Errorf("WebSocket handshake error: %v", err)
-		return
-	}
-
-	ra := conn.RemoteAddr().String()
-	if !strings.HasPrefix(ra, "ws://") || !strings.HasSuffix(ra, "/echo") {
-		t.Errorf("Bad remote addr: %v", ra)
-	}
-	la := conn.LocalAddr().String()
-	if !strings.HasPrefix(la, "http://") {
-		t.Errorf("Bad local addr: %v", la)
-	}
-	conn.Close()
-}
-
-func TestCount(t *testing.T) {
-	once.Do(startServer)
-
-	// websocket.Dial()
-	client, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-	conn, err := NewClient(newConfig(t, "/count"), client)
-	if err != nil {
-		t.Errorf("WebSocket handshake error: %v", err)
-		return
-	}
-
-	var count Count
-	count.S = "hello"
-	if err := JSON.Send(conn, count); err != nil {
-		t.Errorf("Write: %v", err)
-	}
-	if err := JSON.Receive(conn, &count); err != nil {
-		t.Errorf("Read: %v", err)
-	}
-	if count.N != 1 {
-		t.Errorf("count: expected %d got %d", 1, count.N)
-	}
-	if count.S != "hello" {
-		t.Errorf("count: expected %q got %q", "hello", count.S)
-	}
-	if err := JSON.Send(conn, count); err != nil {
-		t.Errorf("Write: %v", err)
-	}
-	if err := JSON.Receive(conn, &count); err != nil {
-		t.Errorf("Read: %v", err)
-	}
-	if count.N != 2 {
-		t.Errorf("count: expected %d got %d", 2, count.N)
-	}
-	if count.S != "hellohello" {
-		t.Errorf("count: expected %q got %q", "hellohello", count.S)
-	}
-	conn.Close()
-}
-
-func TestWithQuery(t *testing.T) {
-	once.Do(startServer)
-
-	client, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-
-	config := newConfig(t, "/echo")
-	config.Location, err = url.ParseRequestURI(fmt.Sprintf("ws://%s/echo?q=v", serverAddr))
-	if err != nil {
-		t.Fatal("location url", err)
-	}
-
-	ws, err := NewClient(config, client)
-	if err != nil {
-		t.Errorf("WebSocket handshake: %v", err)
-		return
-	}
-	ws.Close()
-}
-
-func testWithProtocol(t *testing.T, subproto []string) (string, error) {
-	once.Do(startServer)
-
-	client, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-
-	config := newConfig(t, "/subproto")
-	config.Protocol = subproto
-
-	ws, err := NewClient(config, client)
-	if err != nil {
-		return "", err
-	}
-	msg := make([]byte, 16)
-	n, err := ws.Read(msg)
-	if err != nil {
-		return "", err
-	}
-	ws.Close()
-	return string(msg[:n]), nil
-}
-
-func TestWithProtocol(t *testing.T) {
-	proto, err := testWithProtocol(t, []string{"chat"})
-	if err != nil {
-		t.Errorf("SubProto: unexpected error: %v", err)
-	}
-	if proto != "chat" {
-		t.Errorf("SubProto: expected %q, got %q", "chat", proto)
-	}
-}
-
-func TestWithTwoProtocol(t *testing.T) {
-	proto, err := testWithProtocol(t, []string{"test", "chat"})
-	if err != nil {
-		t.Errorf("SubProto: unexpected error: %v", err)
-	}
-	if proto != "chat" {
-		t.Errorf("SubProto: expected %q, got %q", "chat", proto)
-	}
-}
-
-func TestWithBadProtocol(t *testing.T) {
-	_, err := testWithProtocol(t, []string{"test"})
-	if err != ErrBadStatus {
-		t.Errorf("SubProto: expected %v, got %v", ErrBadStatus, err)
-	}
-}
-
-func TestHTTP(t *testing.T) {
-	once.Do(startServer)
-
-	// If the client did not send a handshake that matches the protocol
-	// specification, the server MUST return an HTTP response with an
-	// appropriate error code (such as 400 Bad Request)
-	resp, err := http.Get(fmt.Sprintf("http://%s/echo", serverAddr))
-	if err != nil {
-		t.Errorf("Get: error %#v", err)
-		return
-	}
-	if resp == nil {
-		t.Error("Get: resp is null")
-		return
-	}
-	if resp.StatusCode != http.StatusBadRequest {
-		t.Errorf("Get: expected %q got %q", http.StatusBadRequest, resp.StatusCode)
-	}
-}
-
-func TestTrailingSpaces(t *testing.T) {
-	// http://code.google.com/p/go/issues/detail?id=955
-	// The last runs of this create keys with trailing spaces that should not be
-	// generated by the client.
-	once.Do(startServer)
-	config := newConfig(t, "/echo")
-	for i := 0; i < 30; i++ {
-		// body
-		ws, err := DialConfig(config)
-		if err != nil {
-			t.Errorf("Dial #%d failed: %v", i, err)
-			break
-		}
-		ws.Close()
-	}
-}
-
-func TestDialConfigBadVersion(t *testing.T) {
-	once.Do(startServer)
-	config := newConfig(t, "/echo")
-	config.Version = 1234
-
-	_, err := DialConfig(config)
-
-	if dialerr, ok := err.(*DialError); ok {
-		if dialerr.Err != ErrBadProtocolVersion {
-			t.Errorf("dial expected err %q but got %q", ErrBadProtocolVersion, dialerr.Err)
-		}
-	}
-}
-
-func TestSmallBuffer(t *testing.T) {
-	// http://code.google.com/p/go/issues/detail?id=1145
-	// Read should be able to handle reading a fragment of a frame.
-	once.Do(startServer)
-
-	// websocket.Dial()
-	client, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-	conn, err := NewClient(newConfig(t, "/echo"), client)
-	if err != nil {
-		t.Errorf("WebSocket handshake error: %v", err)
-		return
-	}
-
-	msg := []byte("hello, world\n")
-	if _, err := conn.Write(msg); err != nil {
-		t.Errorf("Write: %v", err)
-	}
-	var small_msg = make([]byte, 8)
-	n, err := conn.Read(small_msg)
-	if err != nil {
-		t.Errorf("Read: %v", err)
-	}
-	if !bytes.Equal(msg[:len(small_msg)], small_msg) {
-		t.Errorf("Echo: expected %q got %q", msg[:len(small_msg)], small_msg)
-	}
-	var second_msg = make([]byte, len(msg))
-	n, err = conn.Read(second_msg)
-	if err != nil {
-		t.Errorf("Read: %v", err)
-	}
-	second_msg = second_msg[0:n]
-	if !bytes.Equal(msg[len(small_msg):], second_msg) {
-		t.Errorf("Echo: expected %q got %q", msg[len(small_msg):], second_msg)
-	}
-	conn.Close()
-}
-
-var parseAuthorityTests = []struct {
-	in  *url.URL
-	out string
-}{
-	{
-		&url.URL{
-			Scheme: "ws",
-			Host:   "www.google.com",
-		},
-		"www.google.com:80",
-	},
-	{
-		&url.URL{
-			Scheme: "wss",
-			Host:   "www.google.com",
-		},
-		"www.google.com:443",
-	},
-	{
-		&url.URL{
-			Scheme: "ws",
-			Host:   "www.google.com:80",
-		},
-		"www.google.com:80",
-	},
-	{
-		&url.URL{
-			Scheme: "wss",
-			Host:   "www.google.com:443",
-		},
-		"www.google.com:443",
-	},
-	// some invalid ones for parseAuthority. parseAuthority doesn't
-	// concern itself with the scheme unless it actually knows about it
-	{
-		&url.URL{
-			Scheme: "http",
-			Host:   "www.google.com",
-		},
-		"www.google.com",
-	},
-	{
-		&url.URL{
-			Scheme: "http",
-			Host:   "www.google.com:80",
-		},
-		"www.google.com:80",
-	},
-	{
-		&url.URL{
-			Scheme: "asdf",
-			Host:   "127.0.0.1",
-		},
-		"127.0.0.1",
-	},
-	{
-		&url.URL{
-			Scheme: "asdf",
-			Host:   "www.google.com",
-		},
-		"www.google.com",
-	},
-}
-
-func TestParseAuthority(t *testing.T) {
-	for _, tt := range parseAuthorityTests {
-		out := parseAuthority(tt.in)
-		if out != tt.out {
-			t.Errorf("got %v; want %v", out, tt.out)
-		}
-	}
-}
-
-type closerConn struct {
-	net.Conn
-	closed int // count of the number of times Close was called
-}
-
-func (c *closerConn) Close() error {
-	c.closed++
-	return c.Conn.Close()
-}
-
-func TestClose(t *testing.T) {
-	if runtime.GOOS == "plan9" {
-		t.Skip("see golang.org/issue/11454")
-	}
-
-	once.Do(startServer)
-
-	conn, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal("dialing", err)
-	}
-
-	cc := closerConn{Conn: conn}
-
-	client, err := NewClient(newConfig(t, "/echo"), &cc)
-	if err != nil {
-		t.Fatalf("WebSocket handshake: %v", err)
-	}
-
-	// set the deadline to ten minutes ago, which will have expired by the time
-	// client.Close sends the close status frame.
-	conn.SetDeadline(time.Now().Add(-10 * time.Minute))
-
-	if err := client.Close(); err == nil {
-		t.Errorf("ws.Close(): expected error, got %v", err)
-	}
-	if cc.closed < 1 {
-		t.Fatalf("ws.Close(): expected underlying ws.rwc.Close to be called > 0 times, got: %v", cc.closed)
-	}
-}
-
-var originTests = []struct {
-	req    *http.Request
-	origin *url.URL
-}{
-	{
-		req: &http.Request{
-			Header: http.Header{
-				"Origin": []string{"http://www.example.com"},
-			},
-		},
-		origin: &url.URL{
-			Scheme: "http",
-			Host:   "www.example.com",
-		},
-	},
-	{
-		req: &http.Request{},
-	},
-}
-
-func TestOrigin(t *testing.T) {
-	conf := newConfig(t, "/echo")
-	conf.Version = ProtocolVersionHybi13
-	for i, tt := range originTests {
-		origin, err := Origin(conf, tt.req)
-		if err != nil {
-			t.Error(err)
-			continue
-		}
-		if !reflect.DeepEqual(origin, tt.origin) {
-			t.Errorf("#%d: got origin %v; want %v", i, origin, tt.origin)
-			continue
-		}
-	}
-}
-
-func TestCtrlAndData(t *testing.T) {
-	once.Do(startServer)
-
-	c, err := net.Dial("tcp", serverAddr)
-	if err != nil {
-		t.Fatal(err)
-	}
-	ws, err := NewClient(newConfig(t, "/ctrldata"), c)
-	if err != nil {
-		t.Fatal(err)
-	}
-	defer ws.Close()
-
-	h := &testCtrlAndDataHandler{hybiFrameHandler: hybiFrameHandler{conn: ws}}
-	ws.frameHandler = h
-
-	b := make([]byte, 128)
-	for i := 0; i < 2; i++ {
-		data := []byte(fmt.Sprintf("#%d-DATA-FRAME-FROM-CLIENT", i))
-		if _, err := ws.Write(data); err != nil {
-			t.Fatalf("#%d: %v", i, err)
-		}
-		var ctrl []byte
-		if i%2 != 0 { // with or without payload
-			ctrl = []byte(fmt.Sprintf("#%d-CONTROL-FRAME-FROM-CLIENT", i))
-		}
-		if _, err := h.WritePing(ctrl); err != nil {
-			t.Fatalf("#%d: %v", i, err)
-		}
-		n, err := ws.Read(b)
-		if err != nil {
-			t.Fatalf("#%d: %v", i, err)
-		}
-		if !bytes.Equal(b[:n], data) {
-			t.Fatalf("#%d: got %v; want %v", i, b[:n], data)
-		}
-	}
-}
diff --git a/vendor/golang.org/x/net/xsrftoken/xsrf.go b/vendor/golang.org/x/net/xsrftoken/xsrf.go
deleted file mode 100644
index 8d218787..00000000
--- a/vendor/golang.org/x/net/xsrftoken/xsrf.go
+++ /dev/null
@@ -1,88 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-// Package xsrftoken provides methods for generating and validating secure XSRF tokens.
-package xsrftoken // import "golang.org/x/net/xsrftoken"
-
-import (
-	"crypto/hmac"
-	"crypto/sha1"
-	"crypto/subtle"
-	"encoding/base64"
-	"fmt"
-	"strconv"
-	"strings"
-	"time"
-)
-
-// Timeout is the duration for which XSRF tokens are valid.
-// It is exported so clients may set cookie timeouts that match generated tokens.
-const Timeout = 24 * time.Hour
-
-// clean sanitizes a string for inclusion in a token by replacing all ":"s.
-func clean(s string) string {
-	return strings.Replace(s, ":", "_", -1)
-}
-
-// Generate returns a URL-safe secure XSRF token that expires in 24 hours.
-//
-// key is a secret key for your application.
-// userID is a unique identifier for the user.
-// actionID is the action the user is taking (e.g. POSTing to a particular path).
-func Generate(key, userID, actionID string) string {
-	return generateTokenAtTime(key, userID, actionID, time.Now())
-}
-
-// generateTokenAtTime is like Generate, but returns a token that expires 24 hours from now.
-func generateTokenAtTime(key, userID, actionID string, now time.Time) string {
-	// Round time up and convert to milliseconds.
-	milliTime := (now.UnixNano() + 1e6 - 1) / 1e6
-
-	h := hmac.New(sha1.New, []byte(key))
-	fmt.Fprintf(h, "%s:%s:%d", clean(userID), clean(actionID), milliTime)
-
-	// Get the padded base64 string then removing the padding.
-	tok := string(h.Sum(nil))
-	tok = base64.URLEncoding.EncodeToString([]byte(tok))
-	tok = strings.TrimRight(tok, "=")
-
-	return fmt.Sprintf("%s:%d", tok, milliTime)
-}
-
-// Valid reports whether a token is a valid, unexpired token returned by Generate.
-func Valid(token, key, userID, actionID string) bool {
-	return validTokenAtTime(token, key, userID, actionID, time.Now())
-}
-
-// validTokenAtTime reports whether a token is valid at the given time.
-func validTokenAtTime(token, key, userID, actionID string, now time.Time) bool {
-	// Extract the issue time of the token.
-	sep := strings.LastIndex(token, ":")
-	if sep < 0 {
-		return false
-	}
-	millis, err := strconv.ParseInt(token[sep+1:], 10, 64)
-	if err != nil {
-		return false
-	}
-	issueTime := time.Unix(0, millis*1e6)
-
-	// Check that the token is not expired.
-	if now.Sub(issueTime) >= Timeout {
-		return false
-	}
-
-	// Check that the token is not from the future.
-	// Allow 1 minute grace period in case the token is being verified on a
-	// machine whose clock is behind the machine that issued the token.
-	if issueTime.After(now.Add(1 * time.Minute)) {
-		return false
-	}
-
-	expected := generateTokenAtTime(key, userID, actionID, issueTime)
-
-	// Check that the token matches the expected value.
-	// Use constant time comparison to avoid timing attacks.
-	return subtle.ConstantTimeCompare([]byte(token), []byte(expected)) == 1
-}
diff --git a/vendor/golang.org/x/net/xsrftoken/xsrf_test.go b/vendor/golang.org/x/net/xsrftoken/xsrf_test.go
deleted file mode 100644
index 9933f867..00000000
--- a/vendor/golang.org/x/net/xsrftoken/xsrf_test.go
+++ /dev/null
@@ -1,83 +0,0 @@
-// Copyright 2012 The Go Authors.  All rights reserved.
-// Use of this source code is governed by a BSD-style
-// license that can be found in the LICENSE file.
-
-package xsrftoken
-
-import (
-	"encoding/base64"
-	"testing"
-	"time"
-)
-
-const (
-	key      = "quay"
-	userID   = "12345678"
-	actionID = "POST /form"
-)
-
-var (
-	now              = time.Now()
-	oneMinuteFromNow = now.Add(1 * time.Minute)
-)
-
-func TestValidToken(t *testing.T) {
-	tok := generateTokenAtTime(key, userID, actionID, now)
-	if !validTokenAtTime(tok, key, userID, actionID, oneMinuteFromNow) {
-		t.Error("One second later: Expected token to be valid")
-	}
-	if !validTokenAtTime(tok, key, userID, actionID, now.Add(Timeout-1*time.Nanosecond)) {
-		t.Error("Just before timeout: Expected token to be valid")
-	}
-	if !validTokenAtTime(tok, key, userID, actionID, now.Add(-1*time.Minute+1*time.Millisecond)) {
-		t.Error("One minute in the past: Expected token to be valid")
-	}
-}
-
-// TestSeparatorReplacement tests that separators are being correctly substituted
-func TestSeparatorReplacement(t *testing.T) {
-	tok := generateTokenAtTime("foo:bar", "baz", "wah", now)
-	tok2 := generateTokenAtTime("foo", "bar:baz", "wah", now)
-	if tok == tok2 {
-		t.Errorf("Expected generated tokens to be different")
-	}
-}
-
-func TestInvalidToken(t *testing.T) {
-	invalidTokenTests := []struct {
-		name, key, userID, actionID string
-		t                           time.Time
-	}{
-		{"Bad key", "foobar", userID, actionID, oneMinuteFromNow},
-		{"Bad userID", key, "foobar", actionID, oneMinuteFromNow},
-		{"Bad actionID", key, userID, "foobar", oneMinuteFromNow},
-		{"Expired", key, userID, actionID, now.Add(Timeout + 1*time.Millisecond)},
-		{"More than 1 minute from the future", key, userID, actionID, now.Add(-1*time.Nanosecond - 1*time.Minute)},
-	}
-
-	tok := generateTokenAtTime(key, userID, actionID, now)
-	for _, itt := range invalidTokenTests {
-		if validTokenAtTime(tok, itt.key, itt.userID, itt.actionID, itt.t) {
-			t.Errorf("%v: Expected token to be invalid", itt.name)
-		}
-	}
-}
-
-// TestValidateBadData primarily tests that no unexpected panics are triggered
-// during parsing
-func TestValidateBadData(t *testing.T) {
-	badDataTests := []struct {
-		name, tok string
-	}{
-		{"Invalid Base64", "ASDab24(@)$*=="},
-		{"No delimiter", base64.URLEncoding.EncodeToString([]byte("foobar12345678"))},
-		{"Invalid time", base64.URLEncoding.EncodeToString([]byte("foobar:foobar"))},
-		{"Wrong length", "1234" + generateTokenAtTime(key, userID, actionID, now)},
-	}
-
-	for _, bdt := range badDataTests {
-		if validTokenAtTime(bdt.tok, key, userID, actionID, oneMinuteFromNow) {
-			t.Errorf("%v: Expected token to be invalid", bdt.name)
-		}
-	}
-}