From ad651d4a3dcf17af1e87d6d0275afc718a44f672 Mon Sep 17 00:00:00 2001 From: Aaron Gable Date: Mon, 10 Mar 2025 14:58:44 -0500 Subject: [PATCH] Update PSL (#8050) Update the Public Suffix List (last updated in August 2024). Transitively update various golang.org/x/ packages, as used by the publicsuffix-go repo: - /x/crypto: v0.32.0 -> v0.36.0 - /x/net: v0.29.0 -> v0.37.0 - /x/sync: v0.10.0 -> v0.12.0 - /x/term: v0.28.0 -> v0.30.0 - /x/text: v0.21.0 -> v0.23.0 - /x/sys: v0.29.0 -> v0.31.0 --- go.mod | 14 +- go.sum | 35 +- .../publicsuffix-go/publicsuffix/rules.go | 1619 ++++++++--------- .../x/net/context/ctxhttp/ctxhttp.go | 2 +- .../x/net/http2/client_conn_pool.go | 8 +- vendor/golang.org/x/net/http2/config.go | 122 ++ vendor/golang.org/x/net/http2/config_go124.go | 61 + .../x/net/http2/config_pre_go124.go | 16 + vendor/golang.org/x/net/http2/frame.go | 4 +- vendor/golang.org/x/net/http2/http2.go | 112 +- vendor/golang.org/x/net/http2/server.go | 355 ++-- vendor/golang.org/x/net/http2/transport.go | 831 ++++----- vendor/golang.org/x/net/http2/unencrypted.go | 32 + vendor/golang.org/x/net/http2/write.go | 13 +- .../x/net/internal/httpcommon/ascii.go | 53 + .../httpcommon}/headermap.go | 24 +- .../x/net/internal/httpcommon/request.go | 467 +++++ .../net/internal/socket/zsys_openbsd_ppc64.go | 28 +- .../internal/socket/zsys_openbsd_riscv64.go | 28 +- vendor/golang.org/x/sync/errgroup/errgroup.go | 3 +- vendor/golang.org/x/sync/errgroup/go120.go | 13 - .../golang.org/x/sync/errgroup/pre_go120.go | 14 - vendor/golang.org/x/sys/unix/auxv.go | 36 + .../golang.org/x/sys/unix/auxv_unsupported.go | 13 + .../golang.org/x/sys/unix/syscall_solaris.go | 87 + vendor/golang.org/x/sys/unix/zerrors_linux.go | 20 +- .../x/sys/unix/zerrors_linux_386.go | 3 + .../x/sys/unix/zerrors_linux_amd64.go | 3 + .../x/sys/unix/zerrors_linux_arm.go | 3 + .../x/sys/unix/zerrors_linux_arm64.go | 4 + .../x/sys/unix/zerrors_linux_loong64.go | 3 + .../x/sys/unix/zerrors_linux_mips.go | 3 + .../x/sys/unix/zerrors_linux_mips64.go | 3 + .../x/sys/unix/zerrors_linux_mips64le.go | 3 + .../x/sys/unix/zerrors_linux_mipsle.go | 3 + .../x/sys/unix/zerrors_linux_ppc.go | 3 + .../x/sys/unix/zerrors_linux_ppc64.go | 3 + .../x/sys/unix/zerrors_linux_ppc64le.go | 3 + .../x/sys/unix/zerrors_linux_riscv64.go | 3 + .../x/sys/unix/zerrors_linux_s390x.go | 3 + .../x/sys/unix/zerrors_linux_sparc64.go | 3 + .../x/sys/unix/zsyscall_solaris_amd64.go | 114 ++ .../x/sys/unix/zsysnum_linux_386.go | 4 + .../x/sys/unix/zsysnum_linux_amd64.go | 4 + .../x/sys/unix/zsysnum_linux_arm.go | 4 + .../x/sys/unix/zsysnum_linux_arm64.go | 4 + .../x/sys/unix/zsysnum_linux_loong64.go | 4 + .../x/sys/unix/zsysnum_linux_mips.go | 4 + .../x/sys/unix/zsysnum_linux_mips64.go | 4 + .../x/sys/unix/zsysnum_linux_mips64le.go | 4 + .../x/sys/unix/zsysnum_linux_mipsle.go | 4 + .../x/sys/unix/zsysnum_linux_ppc.go | 4 + .../x/sys/unix/zsysnum_linux_ppc64.go | 4 + .../x/sys/unix/zsysnum_linux_ppc64le.go | 4 + .../x/sys/unix/zsysnum_linux_riscv64.go | 4 + .../x/sys/unix/zsysnum_linux_s390x.go | 4 + .../x/sys/unix/zsysnum_linux_sparc64.go | 4 + vendor/golang.org/x/sys/unix/ztypes_linux.go | 6 +- vendor/modules.txt | 27 +- 59 files changed, 2673 insertions(+), 1590 deletions(-) create mode 100644 vendor/golang.org/x/net/http2/config.go create mode 100644 vendor/golang.org/x/net/http2/config_go124.go create mode 100644 vendor/golang.org/x/net/http2/config_pre_go124.go create mode 100644 vendor/golang.org/x/net/http2/unencrypted.go create mode 100644 vendor/golang.org/x/net/internal/httpcommon/ascii.go rename vendor/golang.org/x/net/{http2 => internal/httpcommon}/headermap.go (74%) create mode 100644 vendor/golang.org/x/net/internal/httpcommon/request.go delete mode 100644 vendor/golang.org/x/sync/errgroup/go120.go delete mode 100644 vendor/golang.org/x/sync/errgroup/pre_go120.go create mode 100644 vendor/golang.org/x/sys/unix/auxv.go create mode 100644 vendor/golang.org/x/sys/unix/auxv_unsupported.go diff --git a/go.mod b/go.mod index a123466f5..1d5d341fc 100644 --- a/go.mod +++ b/go.mod @@ -27,7 +27,7 @@ require ( github.com/redis/go-redis/extra/redisotel/v9 v9.5.3 github.com/redis/go-redis/v9 v9.5.3 github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 - github.com/weppos/publicsuffix-go v0.40.3-0.20240815124645-a8ed110559c9 + github.com/weppos/publicsuffix-go v0.40.3-0.20250307081557-c05521c3453a github.com/zmap/zcrypto v0.0.0-20231219022726-a1f61fb1661c github.com/zmap/zlint/v3 v3.6.4 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc v0.55.0 @@ -36,11 +36,11 @@ require ( go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.30.0 go.opentelemetry.io/otel/sdk v1.30.0 go.opentelemetry.io/otel/trace v1.30.0 - golang.org/x/crypto v0.32.0 - golang.org/x/net v0.29.0 - golang.org/x/sync v0.10.0 - golang.org/x/term v0.28.0 - golang.org/x/text v0.21.0 + golang.org/x/crypto v0.36.0 + golang.org/x/net v0.37.0 + golang.org/x/sync v0.12.0 + golang.org/x/term v0.30.0 + golang.org/x/text v0.23.0 google.golang.org/grpc v1.66.1 google.golang.org/protobuf v1.34.2 gopkg.in/yaml.v3 v3.0.1 @@ -84,7 +84,7 @@ require ( go.opentelemetry.io/otel/metric v1.30.0 // indirect go.opentelemetry.io/proto/otlp v1.3.1 // indirect golang.org/x/mod v0.18.0 // indirect - golang.org/x/sys v0.29.0 // indirect + golang.org/x/sys v0.31.0 // indirect golang.org/x/time v0.10.0 golang.org/x/tools v0.22.0 // indirect google.golang.org/genproto/googleapis/api v0.0.0-20240903143218-8af14fe29dc1 // indirect diff --git a/go.sum b/go.sum index 23272ad04..b94d598b9 100644 --- a/go.sum +++ b/go.sum @@ -256,8 +256,8 @@ github.com/tmc/grpc-websocket-proxy v0.0.0-20190109142713-0ad062ec5ee5/go.mod h1 github.com/ugorji/go v1.1.4/go.mod h1:uQMGLiO92mf5W77hV/PUCpI3pbzQx3CRekS0kk+RGrc= github.com/weppos/publicsuffix-go v0.13.0/go.mod h1:z3LCPQ38eedDQSwmsSRW4Y7t2L8Ln16JPQ02lHAdn5k= github.com/weppos/publicsuffix-go v0.30.2-0.20230730094716-a20f9abcc222/go.mod h1:s41lQh6dIsDWIC1OWh7ChWJXLH0zkJ9KHZVqA7vHyuQ= -github.com/weppos/publicsuffix-go v0.40.3-0.20240815124645-a8ed110559c9 h1:4pH9wXOWQdW8kVMJ8P/kxbuxJKR+iNvDeC8zEVLy7eM= -github.com/weppos/publicsuffix-go v0.40.3-0.20240815124645-a8ed110559c9/go.mod h1:o4XOb/pL91sSlesP+I2Xcp38P4/emRvDF6N6xUWvwzg= +github.com/weppos/publicsuffix-go v0.40.3-0.20250307081557-c05521c3453a h1:YTfQ27VVE3PLzEZnGeSrxSKXMOs0JM2lfK0u4qT3/Mk= +github.com/weppos/publicsuffix-go v0.40.3-0.20250307081557-c05521c3453a/go.mod h1:Uao6F2ZmUjG3hDVL4Bn43YHRLuLapqXWKOa9GWk9JC0= github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU= github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q= github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= @@ -310,9 +310,8 @@ golang.org/x/crypto v0.13.0/go.mod h1:y6Z2r+Rw4iayiXXAIxJIDAJ1zMW4yaTpebo8fPOliY golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/crypto v0.19.0/go.mod h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= -golang.org/x/crypto v0.26.0/go.mod h1:GY7jblb9wI+FOo5y8/S2oY4zWP07AkOJ4+jxCqdqn54= -golang.org/x/crypto v0.32.0 h1:euUpcYgM8WcP71gNpTqQCn6rC2t6ULUPiOzfWaXVVfc= -golang.org/x/crypto v0.32.0/go.mod h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc= +golang.org/x/crypto v0.36.0 h1:AnAEvhDddvBdpY+uR+MyHmuZzzNqXSe/GvuDeob5L34= +golang.org/x/crypto v0.36.0/go.mod h1:Y4J0ReaxCR1IMaabaSMugxJES1EpwhBHhv2bDHklZvc= golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= @@ -343,9 +342,8 @@ golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA= golang.org/x/net v0.15.0/go.mod h1:idbUs1IY1+zTqbi8yxTbhexhEEk5ur9LInksu6HrEpk= golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= -golang.org/x/net v0.28.0/go.mod h1:yqtgsTWOOnlGLG9GFRrK3++bGOUEkNBoHZc8MEDWPNg= -golang.org/x/net v0.29.0 h1:5ORfpBpCs4HzDYoodCDBbwHzdR5UrLBZ3sOnUJmFoHo= -golang.org/x/net v0.29.0/go.mod h1:gLkgy8jTGERgjzMic6DS9+SP0ajcu6Xu3Orq/SpETg0= +golang.org/x/net v0.37.0 h1:1zLorHbz+LYj7MQlSf1+2tPIIgibq2eL5xkrGk6f+2c= +golang.org/x/net v0.37.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/oauth2 v0.6.0/go.mod h1:ycmewcwgD4Rpr3eZJLSB4Kyyljb3qDh40vJ8STE5HKw= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -359,9 +357,8 @@ golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.3.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.8.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= -golang.org/x/sync v0.10.0 h1:3NQrjDixjgGwUOCaF8w2+VYHv0Ve/vGYSbdkTa98gmQ= -golang.org/x/sync v0.10.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= +golang.org/x/sync v0.12.0 h1:MHc5BpPuC30uJk597Ri8TV3CNZcTLu6B6z4lJy+g6Jw= +golang.org/x/sync v0.12.0/go.mod h1:1dzgHSNfp02xaA81J2MS99Qcpr2w7fw1gpm99rleRqA= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -388,9 +385,8 @@ golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.23.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/sys v0.29.0 h1:TPYlXGxvx1MGTn2GiZDhnjPA9wZzZeGKHHmKhHYvgaU= -golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= +golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE= golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= @@ -403,9 +399,8 @@ golang.org/x/term v0.12.0/go.mod h1:owVbMEjm3cBLCHdkQu9b1opXd4ETQWc3BhuQGKgXgvU= golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/term v0.17.0/go.mod h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= -golang.org/x/term v0.23.0/go.mod h1:DgV24QBUrK6jhZXl+20l6UWznPlwAHm1Q1mGHtydmSk= -golang.org/x/term v0.28.0 h1:/Ts8HFuMR2E6IP/jlo7QVLZHggjKQbhu/7H0LJFr3Gg= -golang.org/x/term v0.28.0/go.mod h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek= +golang.org/x/term v0.30.0 h1:PQ39fJZ+mfadBm0y5WlL4vlM7Sx1Hgf13sMIY2+QS9Y= +golang.org/x/term v0.30.0/go.mod h1:NYYFdzHoI5wRh/h5tDMdMqCqPJZEuNqVR5xJLd/n67g= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= @@ -418,9 +413,8 @@ golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= -golang.org/x/text v0.17.0/go.mod h1:BuEKDfySbSR4drPmRPG/7iBdf8hvFMuRexcpahXilzY= -golang.org/x/text v0.21.0 h1:zyQAAkrwaneQ066sspRyJaG9VNi/YJ1NfzcGB3hZ/qo= -golang.org/x/text v0.21.0/go.mod h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ= +golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= +golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/time v0.10.0 h1:3usCWA8tQn0L8+hFJQNgzpWbd89begxN66o1Ojdn5L4= golang.org/x/time v0.10.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= @@ -454,7 +448,6 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= -google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= google.golang.org/protobuf v1.34.2 h1:6xV6lTsCfpGD21XK49h7MhtcApnLqkfYgPcdHftf6hg= google.golang.org/protobuf v1.34.2/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw= gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw= diff --git a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go index 6df6e9323..5c4862e7c 100644 --- a/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go +++ b/vendor/github.com/weppos/publicsuffix-go/publicsuffix/rules.go @@ -3,30 +3,29 @@ package publicsuffix -const ListVersion = "PSL version 354f0d (Wed Aug 14 01:25:28 2024)" +const ListVersion = "PSL version b5aa82 (Wed Mar 5 07:06:20 2025)" -func DefaultRules() [9784]Rule { +func DefaultRules() [9735]Rule { return r } -var r = [9784]Rule{ +var r = [9735]Rule{ {1, "ac", 1, false}, {1, "com.ac", 2, false}, {1, "edu.ac", 2, false}, {1, "gov.ac", 2, false}, - {1, "net.ac", 2, false}, {1, "mil.ac", 2, false}, + {1, "net.ac", 2, false}, {1, "org.ac", 2, false}, {1, "ad", 1, false}, - {1, "nom.ad", 2, false}, {1, "ae", 1, false}, + {1, "ac.ae", 2, false}, {1, "co.ae", 2, false}, + {1, "gov.ae", 2, false}, + {1, "mil.ae", 2, false}, {1, "net.ae", 2, false}, {1, "org.ae", 2, false}, {1, "sch.ae", 2, false}, - {1, "ac.ae", 2, false}, - {1, "gov.ae", 2, false}, - {1, "mil.ae", 2, false}, {1, "aero", 1, false}, {1, "airline.aero", 2, false}, {1, "airport.aero", 2, false}, @@ -117,21 +116,21 @@ var r = [9784]Rule{ {1, "workinggroup.aero", 2, false}, {1, "works.aero", 2, false}, {1, "af", 1, false}, - {1, "gov.af", 2, false}, {1, "com.af", 2, false}, - {1, "org.af", 2, false}, - {1, "net.af", 2, false}, {1, "edu.af", 2, false}, + {1, "gov.af", 2, false}, + {1, "net.af", 2, false}, + {1, "org.af", 2, false}, {1, "ag", 1, false}, - {1, "com.ag", 2, false}, - {1, "org.ag", 2, false}, - {1, "net.ag", 2, false}, {1, "co.ag", 2, false}, + {1, "com.ag", 2, false}, + {1, "net.ag", 2, false}, {1, "nom.ag", 2, false}, + {1, "org.ag", 2, false}, {1, "ai", 1, false}, - {1, "off.ai", 2, false}, {1, "com.ai", 2, false}, {1, "net.ai", 2, false}, + {1, "off.ai", 2, false}, {1, "org.ai", 2, false}, {1, "al", 1, false}, {1, "com.al", 2, false}, @@ -147,12 +146,15 @@ var r = [9784]Rule{ {1, "net.am", 2, false}, {1, "org.am", 2, false}, {1, "ao", 1, false}, - {1, "ed.ao", 2, false}, - {1, "gv.ao", 2, false}, - {1, "og.ao", 2, false}, {1, "co.ao", 2, false}, - {1, "pb.ao", 2, false}, + {1, "ed.ao", 2, false}, + {1, "edu.ao", 2, false}, + {1, "gov.ao", 2, false}, + {1, "gv.ao", 2, false}, {1, "it.ao", 2, false}, + {1, "og.ao", 2, false}, + {1, "org.ao", 2, false}, + {1, "pb.ao", 2, false}, {1, "aq", 1, false}, {1, "ar", 1, false}, {1, "bet.ar", 2, false}, @@ -171,6 +173,7 @@ var r = [9784]Rule{ {1, "tur.ar", 2, false}, {1, "arpa", 1, false}, {1, "e164.arpa", 2, false}, + {1, "home.arpa", 2, false}, {1, "in-addr.arpa", 2, false}, {1, "ip6.arpa", 2, false}, {1, "iris.arpa", 2, false}, @@ -181,19 +184,18 @@ var r = [9784]Rule{ {1, "asia", 1, false}, {1, "at", 1, false}, {1, "ac.at", 2, false}, + {1, "sth.ac.at", 3, false}, {1, "co.at", 2, false}, {1, "gv.at", 2, false}, {1, "or.at", 2, false}, - {1, "sth.ac.at", 3, false}, {1, "au", 1, false}, + {1, "asn.au", 2, false}, {1, "com.au", 2, false}, - {1, "net.au", 2, false}, - {1, "org.au", 2, false}, {1, "edu.au", 2, false}, {1, "gov.au", 2, false}, - {1, "asn.au", 2, false}, {1, "id.au", 2, false}, - {1, "info.au", 2, false}, + {1, "net.au", 2, false}, + {1, "org.au", 2, false}, {1, "conf.au", 2, false}, {1, "oz.au", 2, false}, {1, "act.au", 2, false}, @@ -223,18 +225,19 @@ var r = [9784]Rule{ {1, "com.aw", 2, false}, {1, "ax", 1, false}, {1, "az", 1, false}, + {1, "biz.az", 2, false}, + {1, "co.az", 2, false}, {1, "com.az", 2, false}, - {1, "net.az", 2, false}, - {1, "int.az", 2, false}, - {1, "gov.az", 2, false}, - {1, "org.az", 2, false}, {1, "edu.az", 2, false}, + {1, "gov.az", 2, false}, {1, "info.az", 2, false}, - {1, "pp.az", 2, false}, + {1, "int.az", 2, false}, {1, "mil.az", 2, false}, {1, "name.az", 2, false}, + {1, "net.az", 2, false}, + {1, "org.az", 2, false}, + {1, "pp.az", 2, false}, {1, "pro.az", 2, false}, - {1, "biz.az", 2, false}, {1, "ba", 1, false}, {1, "com.ba", 2, false}, {1, "edu.ba", 2, false}, @@ -259,6 +262,16 @@ var r = [9784]Rule{ {1, "bf", 1, false}, {1, "gov.bf", 2, false}, {1, "bg", 1, false}, + {1, "0.bg", 2, false}, + {1, "1.bg", 2, false}, + {1, "2.bg", 2, false}, + {1, "3.bg", 2, false}, + {1, "4.bg", 2, false}, + {1, "5.bg", 2, false}, + {1, "6.bg", 2, false}, + {1, "7.bg", 2, false}, + {1, "8.bg", 2, false}, + {1, "9.bg", 2, false}, {1, "a.bg", 2, false}, {1, "b.bg", 2, false}, {1, "c.bg", 2, false}, @@ -285,22 +298,12 @@ var r = [9784]Rule{ {1, "x.bg", 2, false}, {1, "y.bg", 2, false}, {1, "z.bg", 2, false}, - {1, "0.bg", 2, false}, - {1, "1.bg", 2, false}, - {1, "2.bg", 2, false}, - {1, "3.bg", 2, false}, - {1, "4.bg", 2, false}, - {1, "5.bg", 2, false}, - {1, "6.bg", 2, false}, - {1, "7.bg", 2, false}, - {1, "8.bg", 2, false}, - {1, "9.bg", 2, false}, {1, "bh", 1, false}, {1, "com.bh", 2, false}, {1, "edu.bh", 2, false}, + {1, "gov.bh", 2, false}, {1, "net.bh", 2, false}, {1, "org.bh", 2, false}, - {1, "gov.bh", 2, false}, {1, "bi", 1, false}, {1, "co.bi", 2, false}, {1, "com.bi", 2, false}, @@ -325,8 +328,8 @@ var r = [9784]Rule{ {1, "net.bj", 2, false}, {1, "org.bj", 2, false}, {1, "ote.bj", 2, false}, - {1, "resto.bj", 2, false}, {1, "restaurant.bj", 2, false}, + {1, "resto.bj", 2, false}, {1, "tourism.bj", 2, false}, {1, "univ.bj", 2, false}, {1, "bm", 1, false}, @@ -346,9 +349,9 @@ var r = [9784]Rule{ {1, "edu.bo", 2, false}, {1, "gob.bo", 2, false}, {1, "int.bo", 2, false}, - {1, "org.bo", 2, false}, - {1, "net.bo", 2, false}, {1, "mil.bo", 2, false}, + {1, "net.bo", 2, false}, + {1, "org.bo", 2, false}, {1, "tv.bo", 2, false}, {1, "web.bo", 2, false}, {1, "academia.bo", 2, false}, @@ -373,9 +376,9 @@ var r = [9784]Rule{ {1, "nombre.bo", 2, false}, {1, "noticias.bo", 2, false}, {1, "patria.bo", 2, false}, + {1, "plurinacional.bo", 2, false}, {1, "politica.bo", 2, false}, {1, "profesional.bo", 2, false}, - {1, "plurinacional.bo", 2, false}, {1, "pueblo.bo", 2, false}, {1, "revista.bo", 2, false}, {1, "salud.bo", 2, false}, @@ -400,6 +403,7 @@ var r = [9784]Rule{ {1, "b.br", 2, false}, {1, "barueri.br", 2, false}, {1, "belem.br", 2, false}, + {1, "bet.br", 2, false}, {1, "bhz.br", 2, false}, {1, "bib.br", 2, false}, {1, "bio.br", 2, false}, @@ -486,6 +490,7 @@ var r = [9784]Rule{ {1, "jor.br", 2, false}, {1, "jus.br", 2, false}, {1, "leg.br", 2, false}, + {1, "leilao.br", 2, false}, {1, "lel.br", 2, false}, {1, "log.br", 2, false}, {1, "londrina.br", 2, false}, @@ -554,10 +559,10 @@ var r = [9784]Rule{ {1, "zlg.br", 2, false}, {1, "bs", 1, false}, {1, "com.bs", 2, false}, - {1, "net.bs", 2, false}, - {1, "org.bs", 2, false}, {1, "edu.bs", 2, false}, {1, "gov.bs", 2, false}, + {1, "net.bs", 2, false}, + {1, "org.bs", 2, false}, {1, "bt", 1, false}, {1, "com.bt", 2, false}, {1, "edu.bt", 2, false}, @@ -566,7 +571,10 @@ var r = [9784]Rule{ {1, "org.bt", 2, false}, {1, "bv", 1, false}, {1, "bw", 1, false}, + {1, "ac.bw", 2, false}, {1, "co.bw", 2, false}, + {1, "gov.bw", 2, false}, + {1, "net.bw", 2, false}, {1, "org.bw", 2, false}, {1, "by", 1, false}, {1, "gov.by", 2, false}, @@ -574,11 +582,12 @@ var r = [9784]Rule{ {1, "com.by", 2, false}, {1, "of.by", 2, false}, {1, "bz", 1, false}, + {1, "co.bz", 2, false}, {1, "com.bz", 2, false}, - {1, "net.bz", 2, false}, - {1, "org.bz", 2, false}, {1, "edu.bz", 2, false}, {1, "gov.bz", 2, false}, + {1, "net.bz", 2, false}, + {1, "org.bz", 2, false}, {1, "ca", 1, false}, {1, "ab.ca", 2, false}, {1, "bc.ca", 2, false}, @@ -603,21 +612,19 @@ var r = [9784]Rule{ {1, "cg", 1, false}, {1, "ch", 1, false}, {1, "ci", 1, false}, - {1, "org.ci", 2, false}, - {1, "or.ci", 2, false}, - {1, "com.ci", 2, false}, - {1, "co.ci", 2, false}, - {1, "edu.ci", 2, false}, - {1, "ed.ci", 2, false}, {1, "ac.ci", 2, false}, - {1, "net.ci", 2, false}, - {1, "go.ci", 2, false}, - {1, "asso.ci", 2, false}, {1, "xn--aroport-bya.ci", 2, false}, - {1, "int.ci", 2, false}, - {1, "presse.ci", 2, false}, - {1, "md.ci", 2, false}, + {1, "asso.ci", 2, false}, + {1, "co.ci", 2, false}, + {1, "com.ci", 2, false}, + {1, "ed.ci", 2, false}, + {1, "edu.ci", 2, false}, + {1, "go.ci", 2, false}, {1, "gouv.ci", 2, false}, + {1, "int.ci", 2, false}, + {1, "net.ci", 2, false}, + {1, "or.ci", 2, false}, + {1, "org.ci", 2, false}, {2, "ck", 2, false}, {3, "www.ck", 2, false}, {1, "cl", 1, false}, @@ -635,30 +642,32 @@ var r = [9784]Rule{ {1, "com.cn", 2, false}, {1, "edu.cn", 2, false}, {1, "gov.cn", 2, false}, + {1, "mil.cn", 2, false}, {1, "net.cn", 2, false}, {1, "org.cn", 2, false}, - {1, "mil.cn", 2, false}, {1, "xn--55qx5d.cn", 2, false}, - {1, "xn--io0a7i.cn", 2, false}, {1, "xn--od0alg.cn", 2, false}, + {1, "xn--io0a7i.cn", 2, false}, {1, "ah.cn", 2, false}, {1, "bj.cn", 2, false}, {1, "cq.cn", 2, false}, {1, "fj.cn", 2, false}, {1, "gd.cn", 2, false}, {1, "gs.cn", 2, false}, - {1, "gz.cn", 2, false}, {1, "gx.cn", 2, false}, + {1, "gz.cn", 2, false}, {1, "ha.cn", 2, false}, {1, "hb.cn", 2, false}, {1, "he.cn", 2, false}, {1, "hi.cn", 2, false}, + {1, "hk.cn", 2, false}, {1, "hl.cn", 2, false}, {1, "hn.cn", 2, false}, {1, "jl.cn", 2, false}, {1, "js.cn", 2, false}, {1, "jx.cn", 2, false}, {1, "ln.cn", 2, false}, + {1, "mo.cn", 2, false}, {1, "nm.cn", 2, false}, {1, "nx.cn", 2, false}, {1, "qh.cn", 2, false}, @@ -668,27 +677,19 @@ var r = [9784]Rule{ {1, "sn.cn", 2, false}, {1, "sx.cn", 2, false}, {1, "tj.cn", 2, false}, + {1, "tw.cn", 2, false}, {1, "xj.cn", 2, false}, {1, "xz.cn", 2, false}, {1, "yn.cn", 2, false}, {1, "zj.cn", 2, false}, - {1, "hk.cn", 2, false}, - {1, "mo.cn", 2, false}, - {1, "tw.cn", 2, false}, {1, "co", 1, false}, - {1, "arts.co", 2, false}, {1, "com.co", 2, false}, {1, "edu.co", 2, false}, - {1, "firm.co", 2, false}, {1, "gov.co", 2, false}, - {1, "info.co", 2, false}, - {1, "int.co", 2, false}, {1, "mil.co", 2, false}, {1, "net.co", 2, false}, {1, "nom.co", 2, false}, {1, "org.co", 2, false}, - {1, "rec.co", 2, false}, - {1, "web.co", 2, false}, {1, "com", 1, false}, {1, "coop", 1, false}, {1, "cr", 1, false}, @@ -702,16 +703,20 @@ var r = [9784]Rule{ {1, "cu", 1, false}, {1, "com.cu", 2, false}, {1, "edu.cu", 2, false}, - {1, "org.cu", 2, false}, - {1, "net.cu", 2, false}, - {1, "gov.cu", 2, false}, + {1, "gob.cu", 2, false}, {1, "inf.cu", 2, false}, + {1, "nat.cu", 2, false}, + {1, "net.cu", 2, false}, + {1, "org.cu", 2, false}, {1, "cv", 1, false}, {1, "com.cv", 2, false}, {1, "edu.cv", 2, false}, + {1, "id.cv", 2, false}, {1, "int.cv", 2, false}, + {1, "net.cv", 2, false}, {1, "nome.cv", 2, false}, {1, "org.cv", 2, false}, + {1, "publ.cv", 2, false}, {1, "cw", 1, false}, {1, "com.cw", 2, false}, {1, "edu.cw", 2, false}, @@ -737,11 +742,12 @@ var r = [9784]Rule{ {1, "dj", 1, false}, {1, "dk", 1, false}, {1, "dm", 1, false}, + {1, "co.dm", 2, false}, {1, "com.dm", 2, false}, - {1, "net.dm", 2, false}, - {1, "org.dm", 2, false}, {1, "edu.dm", 2, false}, {1, "gov.dm", 2, false}, + {1, "net.dm", 2, false}, + {1, "org.dm", 2, false}, {1, "do", 1, false}, {1, "art.do", 2, false}, {1, "com.do", 2, false}, @@ -759,62 +765,67 @@ var r = [9784]Rule{ {1, "com.dz", 2, false}, {1, "edu.dz", 2, false}, {1, "gov.dz", 2, false}, - {1, "org.dz", 2, false}, {1, "net.dz", 2, false}, + {1, "org.dz", 2, false}, {1, "pol.dz", 2, false}, {1, "soc.dz", 2, false}, {1, "tm.dz", 2, false}, {1, "ec", 1, false}, {1, "com.ec", 2, false}, - {1, "info.ec", 2, false}, - {1, "net.ec", 2, false}, + {1, "edu.ec", 2, false}, {1, "fin.ec", 2, false}, + {1, "gob.ec", 2, false}, + {1, "gov.ec", 2, false}, + {1, "info.ec", 2, false}, {1, "k12.ec", 2, false}, {1, "med.ec", 2, false}, - {1, "pro.ec", 2, false}, - {1, "org.ec", 2, false}, - {1, "edu.ec", 2, false}, - {1, "gov.ec", 2, false}, - {1, "gob.ec", 2, false}, {1, "mil.ec", 2, false}, + {1, "net.ec", 2, false}, + {1, "org.ec", 2, false}, + {1, "pro.ec", 2, false}, {1, "edu", 1, false}, {1, "ee", 1, false}, + {1, "aip.ee", 2, false}, + {1, "com.ee", 2, false}, {1, "edu.ee", 2, false}, + {1, "fie.ee", 2, false}, {1, "gov.ee", 2, false}, - {1, "riik.ee", 2, false}, {1, "lib.ee", 2, false}, {1, "med.ee", 2, false}, - {1, "com.ee", 2, false}, - {1, "pri.ee", 2, false}, - {1, "aip.ee", 2, false}, {1, "org.ee", 2, false}, - {1, "fie.ee", 2, false}, + {1, "pri.ee", 2, false}, + {1, "riik.ee", 2, false}, {1, "eg", 1, false}, + {1, "ac.eg", 2, false}, {1, "com.eg", 2, false}, {1, "edu.eg", 2, false}, {1, "eun.eg", 2, false}, {1, "gov.eg", 2, false}, + {1, "info.eg", 2, false}, + {1, "me.eg", 2, false}, {1, "mil.eg", 2, false}, {1, "name.eg", 2, false}, {1, "net.eg", 2, false}, {1, "org.eg", 2, false}, {1, "sci.eg", 2, false}, + {1, "sport.eg", 2, false}, + {1, "tv.eg", 2, false}, {2, "er", 2, false}, {1, "es", 1, false}, {1, "com.es", 2, false}, + {1, "edu.es", 2, false}, + {1, "gob.es", 2, false}, {1, "nom.es", 2, false}, {1, "org.es", 2, false}, - {1, "gob.es", 2, false}, - {1, "edu.es", 2, false}, {1, "et", 1, false}, - {1, "com.et", 2, false}, - {1, "gov.et", 2, false}, - {1, "org.et", 2, false}, - {1, "edu.et", 2, false}, {1, "biz.et", 2, false}, - {1, "name.et", 2, false}, + {1, "com.et", 2, false}, + {1, "edu.et", 2, false}, + {1, "gov.et", 2, false}, {1, "info.et", 2, false}, + {1, "name.et", 2, false}, {1, "net.et", 2, false}, + {1, "org.et", 2, false}, {1, "eu", 1, false}, {1, "fi", 1, false}, {1, "aland.fi", 2, false}, @@ -830,11 +841,11 @@ var r = [9784]Rule{ {1, "org.fj", 2, false}, {1, "pro.fj", 2, false}, {2, "fk", 2, false}, + {1, "fm", 1, false}, {1, "com.fm", 2, false}, {1, "edu.fm", 2, false}, {1, "net.fm", 2, false}, {1, "org.fm", 2, false}, - {1, "fm", 1, false}, {1, "fo", 1, false}, {1, "fr", 1, false}, {1, "asso.fr", 2, false}, @@ -849,17 +860,17 @@ var r = [9784]Rule{ {1, "huissier-justice.fr", 2, false}, {1, "ga", 1, false}, {1, "gb", 1, false}, + {1, "gd", 1, false}, {1, "edu.gd", 2, false}, {1, "gov.gd", 2, false}, - {1, "gd", 1, false}, {1, "ge", 1, false}, {1, "com.ge", 2, false}, {1, "edu.ge", 2, false}, {1, "gov.ge", 2, false}, - {1, "org.ge", 2, false}, - {1, "mil.ge", 2, false}, {1, "net.ge", 2, false}, + {1, "org.ge", 2, false}, {1, "pvt.ge", 2, false}, + {1, "school.ge", 2, false}, {1, "gf", 1, false}, {1, "gg", 1, false}, {1, "co.gg", 2, false}, @@ -869,14 +880,14 @@ var r = [9784]Rule{ {1, "com.gh", 2, false}, {1, "edu.gh", 2, false}, {1, "gov.gh", 2, false}, - {1, "org.gh", 2, false}, {1, "mil.gh", 2, false}, + {1, "org.gh", 2, false}, {1, "gi", 1, false}, {1, "com.gi", 2, false}, - {1, "ltd.gi", 2, false}, - {1, "gov.gi", 2, false}, - {1, "mod.gi", 2, false}, {1, "edu.gi", 2, false}, + {1, "gov.gi", 2, false}, + {1, "ltd.gi", 2, false}, + {1, "mod.gi", 2, false}, {1, "org.gi", 2, false}, {1, "gl", 1, false}, {1, "co.gl", 2, false}, @@ -890,23 +901,23 @@ var r = [9784]Rule{ {1, "com.gn", 2, false}, {1, "edu.gn", 2, false}, {1, "gov.gn", 2, false}, - {1, "org.gn", 2, false}, {1, "net.gn", 2, false}, + {1, "org.gn", 2, false}, {1, "gov", 1, false}, {1, "gp", 1, false}, - {1, "com.gp", 2, false}, - {1, "net.gp", 2, false}, - {1, "mobi.gp", 2, false}, - {1, "edu.gp", 2, false}, - {1, "org.gp", 2, false}, {1, "asso.gp", 2, false}, + {1, "com.gp", 2, false}, + {1, "edu.gp", 2, false}, + {1, "mobi.gp", 2, false}, + {1, "net.gp", 2, false}, + {1, "org.gp", 2, false}, {1, "gq", 1, false}, {1, "gr", 1, false}, {1, "com.gr", 2, false}, {1, "edu.gr", 2, false}, + {1, "gov.gr", 2, false}, {1, "net.gr", 2, false}, {1, "org.gr", 2, false}, - {1, "gov.gr", 2, false}, {1, "gs", 1, false}, {1, "gt", 1, false}, {1, "com.gt", 2, false}, @@ -940,81 +951,81 @@ var r = [9784]Rule{ {1, "idv.hk", 2, false}, {1, "net.hk", 2, false}, {1, "org.hk", 2, false}, - {1, "xn--55qx5d.hk", 2, false}, - {1, "xn--wcvs22d.hk", 2, false}, - {1, "xn--lcvr32d.hk", 2, false}, - {1, "xn--mxtq1m.hk", 2, false}, - {1, "xn--gmqw5a.hk", 2, false}, {1, "xn--ciqpn.hk", 2, false}, + {1, "xn--gmqw5a.hk", 2, false}, + {1, "xn--55qx5d.hk", 2, false}, + {1, "xn--mxtq1m.hk", 2, false}, + {1, "xn--lcvr32d.hk", 2, false}, + {1, "xn--wcvs22d.hk", 2, false}, {1, "xn--gmq050i.hk", 2, false}, - {1, "xn--zf0avx.hk", 2, false}, - {1, "xn--io0a7i.hk", 2, false}, - {1, "xn--mk0axi.hk", 2, false}, - {1, "xn--od0alg.hk", 2, false}, - {1, "xn--od0aq3b.hk", 2, false}, - {1, "xn--tn0ag.hk", 2, false}, {1, "xn--uc0atv.hk", 2, false}, {1, "xn--uc0ay4a.hk", 2, false}, + {1, "xn--od0alg.hk", 2, false}, + {1, "xn--zf0avx.hk", 2, false}, + {1, "xn--mk0axi.hk", 2, false}, + {1, "xn--tn0ag.hk", 2, false}, + {1, "xn--od0aq3b.hk", 2, false}, + {1, "xn--io0a7i.hk", 2, false}, {1, "hm", 1, false}, {1, "hn", 1, false}, {1, "com.hn", 2, false}, {1, "edu.hn", 2, false}, - {1, "org.hn", 2, false}, - {1, "net.hn", 2, false}, - {1, "mil.hn", 2, false}, {1, "gob.hn", 2, false}, + {1, "mil.hn", 2, false}, + {1, "net.hn", 2, false}, + {1, "org.hn", 2, false}, {1, "hr", 1, false}, - {1, "iz.hr", 2, false}, - {1, "from.hr", 2, false}, - {1, "name.hr", 2, false}, {1, "com.hr", 2, false}, + {1, "from.hr", 2, false}, + {1, "iz.hr", 2, false}, + {1, "name.hr", 2, false}, {1, "ht", 1, false}, - {1, "com.ht", 2, false}, - {1, "shop.ht", 2, false}, - {1, "firm.ht", 2, false}, - {1, "info.ht", 2, false}, {1, "adult.ht", 2, false}, - {1, "net.ht", 2, false}, - {1, "pro.ht", 2, false}, - {1, "org.ht", 2, false}, - {1, "med.ht", 2, false}, {1, "art.ht", 2, false}, - {1, "coop.ht", 2, false}, - {1, "pol.ht", 2, false}, {1, "asso.ht", 2, false}, + {1, "com.ht", 2, false}, + {1, "coop.ht", 2, false}, {1, "edu.ht", 2, false}, - {1, "rel.ht", 2, false}, + {1, "firm.ht", 2, false}, {1, "gouv.ht", 2, false}, + {1, "info.ht", 2, false}, + {1, "med.ht", 2, false}, + {1, "net.ht", 2, false}, + {1, "org.ht", 2, false}, {1, "perso.ht", 2, false}, + {1, "pol.ht", 2, false}, + {1, "pro.ht", 2, false}, + {1, "rel.ht", 2, false}, + {1, "shop.ht", 2, false}, {1, "hu", 1, false}, - {1, "co.hu", 2, false}, - {1, "info.hu", 2, false}, - {1, "org.hu", 2, false}, - {1, "priv.hu", 2, false}, - {1, "sport.hu", 2, false}, - {1, "tm.hu", 2, false}, {1, "2000.hu", 2, false}, {1, "agrar.hu", 2, false}, {1, "bolt.hu", 2, false}, {1, "casino.hu", 2, false}, {1, "city.hu", 2, false}, + {1, "co.hu", 2, false}, {1, "erotica.hu", 2, false}, {1, "erotika.hu", 2, false}, {1, "film.hu", 2, false}, {1, "forum.hu", 2, false}, {1, "games.hu", 2, false}, {1, "hotel.hu", 2, false}, + {1, "info.hu", 2, false}, {1, "ingatlan.hu", 2, false}, {1, "jogasz.hu", 2, false}, {1, "konyvelo.hu", 2, false}, {1, "lakas.hu", 2, false}, {1, "media.hu", 2, false}, {1, "news.hu", 2, false}, + {1, "org.hu", 2, false}, + {1, "priv.hu", 2, false}, {1, "reklam.hu", 2, false}, {1, "sex.hu", 2, false}, {1, "shop.hu", 2, false}, + {1, "sport.hu", 2, false}, {1, "suli.hu", 2, false}, {1, "szex.hu", 2, false}, + {1, "tm.hu", 2, false}, {1, "tozsde.hu", 2, false}, {1, "utazas.hu", 2, false}, {1, "video.hu", 2, false}, @@ -1050,11 +1061,11 @@ var r = [9784]Rule{ {1, "im", 1, false}, {1, "ac.im", 2, false}, {1, "co.im", 2, false}, - {1, "com.im", 2, false}, {1, "ltd.co.im", 3, false}, + {1, "plc.co.im", 3, false}, + {1, "com.im", 2, false}, {1, "net.im", 2, false}, {1, "org.im", 2, false}, - {1, "plc.co.im", 3, false}, {1, "tt.im", 2, false}, {1, "tv.im", 2, false}, {1, "in", 1, false}, @@ -1103,14 +1114,21 @@ var r = [9784]Rule{ {1, "int", 1, false}, {1, "eu.int", 2, false}, {1, "io", 1, false}, + {1, "co.io", 2, false}, {1, "com.io", 2, false}, + {1, "edu.io", 2, false}, + {1, "gov.io", 2, false}, + {1, "mil.io", 2, false}, + {1, "net.io", 2, false}, + {1, "nom.io", 2, false}, + {1, "org.io", 2, false}, {1, "iq", 1, false}, - {1, "gov.iq", 2, false}, - {1, "edu.iq", 2, false}, - {1, "mil.iq", 2, false}, {1, "com.iq", 2, false}, - {1, "org.iq", 2, false}, + {1, "edu.iq", 2, false}, + {1, "gov.iq", 2, false}, + {1, "mil.iq", 2, false}, {1, "net.iq", 2, false}, + {1, "org.iq", 2, false}, {1, "ir", 1, false}, {1, "ac.ir", 2, false}, {1, "co.ir", 2, false}, @@ -1122,15 +1140,9 @@ var r = [9784]Rule{ {1, "xn--mgba3a4f16a.ir", 2, false}, {1, "xn--mgba3a4fra.ir", 2, false}, {1, "is", 1, false}, - {1, "net.is", 2, false}, - {1, "com.is", 2, false}, - {1, "edu.is", 2, false}, - {1, "gov.is", 2, false}, - {1, "org.is", 2, false}, - {1, "int.is", 2, false}, {1, "it", 1, false}, - {1, "gov.it", 2, false}, {1, "edu.it", 2, false}, + {1, "gov.it", 2, false}, {1, "abr.it", 2, false}, {1, "abruzzo.it", 2, false}, {1, "aosta-valley.it", 2, false}, @@ -1189,6 +1201,7 @@ var r = [9784]Rule{ {1, "xn--trentin-sdtirol-7vb.it", 2, false}, {1, "trentin-sued-tirol.it", 2, false}, {1, "trentin-suedtirol.it", 2, false}, + {1, "trentino.it", 2, false}, {1, "trentino-a-adige.it", 2, false}, {1, "trentino-aadige.it", 2, false}, {1, "trentino-alto-adige.it", 2, false}, @@ -1201,7 +1214,6 @@ var r = [9784]Rule{ {1, "xn--trentino-sdtirol-szb.it", 2, false}, {1, "trentino-sued-tirol.it", 2, false}, {1, "trentino-suedtirol.it", 2, false}, - {1, "trentino.it", 2, false}, {1, "trentinoa-adige.it", 2, false}, {1, "trentinoaadige.it", 2, false}, {1, "trentinoalto-adige.it", 2, false}, @@ -1272,10 +1284,10 @@ var r = [9784]Rule{ {1, "av.it", 2, false}, {1, "avellino.it", 2, false}, {1, "ba.it", 2, false}, + {1, "balsan.it", 2, false}, {1, "balsan-sudtirol.it", 2, false}, {1, "xn--balsan-sdtirol-nsb.it", 2, false}, {1, "balsan-suedtirol.it", 2, false}, - {1, "balsan.it", 2, false}, {1, "bari.it", 2, false}, {1, "barletta-trani-andria.it", 2, false}, {1, "barlettatraniandria.it", 2, false}, @@ -1289,21 +1301,21 @@ var r = [9784]Rule{ {1, "bn.it", 2, false}, {1, "bo.it", 2, false}, {1, "bologna.it", 2, false}, - {1, "bolzano-altoadige.it", 2, false}, {1, "bolzano.it", 2, false}, + {1, "bolzano-altoadige.it", 2, false}, + {1, "bozen.it", 2, false}, {1, "bozen-sudtirol.it", 2, false}, {1, "xn--bozen-sdtirol-2ob.it", 2, false}, {1, "bozen-suedtirol.it", 2, false}, - {1, "bozen.it", 2, false}, {1, "br.it", 2, false}, {1, "brescia.it", 2, false}, {1, "brindisi.it", 2, false}, {1, "bs.it", 2, false}, {1, "bt.it", 2, false}, + {1, "bulsan.it", 2, false}, {1, "bulsan-sudtirol.it", 2, false}, {1, "xn--bulsan-sdtirol-nsb.it", 2, false}, {1, "bulsan-suedtirol.it", 2, false}, - {1, "bulsan.it", 2, false}, {1, "bz.it", 2, false}, {1, "ca.it", 2, false}, {1, "cagliari.it", 2, false}, @@ -1405,9 +1417,9 @@ var r = [9784]Rule{ {1, "mn.it", 2, false}, {1, "mo.it", 2, false}, {1, "modena.it", 2, false}, + {1, "monza.it", 2, false}, {1, "monza-brianza.it", 2, false}, {1, "monza-e-della-brianza.it", 2, false}, - {1, "monza.it", 2, false}, {1, "monzabrianza.it", 2, false}, {1, "monzaebrianza.it", 2, false}, {1, "monzaedellabrianza.it", 2, false}, @@ -1486,8 +1498,8 @@ var r = [9784]Rule{ {1, "sp.it", 2, false}, {1, "sr.it", 2, false}, {1, "ss.it", 2, false}, - {1, "suedtirol.it", 2, false}, {1, "xn--sdtirol-n2a.it", 2, false}, + {1, "suedtirol.it", 2, false}, {1, "sv.it", 2, false}, {1, "ta.it", 2, false}, {1, "taranto.it", 2, false}, @@ -1541,14 +1553,20 @@ var r = [9784]Rule{ {1, "org.je", 2, false}, {2, "jm", 2, false}, {1, "jo", 1, false}, + {1, "agri.jo", 2, false}, + {1, "ai.jo", 2, false}, {1, "com.jo", 2, false}, - {1, "org.jo", 2, false}, - {1, "net.jo", 2, false}, {1, "edu.jo", 2, false}, - {1, "sch.jo", 2, false}, + {1, "eng.jo", 2, false}, + {1, "fm.jo", 2, false}, {1, "gov.jo", 2, false}, {1, "mil.jo", 2, false}, - {1, "name.jo", 2, false}, + {1, "net.jo", 2, false}, + {1, "org.jo", 2, false}, + {1, "per.jo", 2, false}, + {1, "phd.jo", 2, false}, + {1, "sch.jo", 2, false}, + {1, "tv.jo", 2, false}, {1, "jobs", 1, false}, {1, "jp", 1, false}, {1, "ac.jp", 2, false}, @@ -1607,26 +1625,14 @@ var r = [9784]Rule{ {1, "yamagata.jp", 2, false}, {1, "yamaguchi.jp", 2, false}, {1, "yamanashi.jp", 2, false}, - {1, "xn--4pvxs.jp", 2, false}, - {1, "xn--vgu402c.jp", 2, false}, - {1, "xn--c3s14m.jp", 2, false}, - {1, "xn--f6qx53a.jp", 2, false}, - {1, "xn--8pvr4u.jp", 2, false}, - {1, "xn--uist22h.jp", 2, false}, - {1, "xn--djrs72d6uy.jp", 2, false}, - {1, "xn--mkru45i.jp", 2, false}, - {1, "xn--0trq7p7nn.jp", 2, false}, - {1, "xn--8ltr62k.jp", 2, false}, - {1, "xn--2m4a15e.jp", 2, false}, - {1, "xn--efvn9s.jp", 2, false}, - {1, "xn--32vp30h.jp", 2, false}, - {1, "xn--4it797k.jp", 2, false}, - {1, "xn--1lqs71d.jp", 2, false}, - {1, "xn--5rtp49c.jp", 2, false}, - {1, "xn--5js045d.jp", 2, false}, {1, "xn--ehqz56n.jp", 2, false}, {1, "xn--1lqs03n.jp", 2, false}, {1, "xn--qqqt11m.jp", 2, false}, + {1, "xn--f6qx53a.jp", 2, false}, + {1, "xn--djrs72d6uy.jp", 2, false}, + {1, "xn--mkru45i.jp", 2, false}, + {1, "xn--0trq7p7nn.jp", 2, false}, + {1, "xn--5js045d.jp", 2, false}, {1, "xn--kbrq7o.jp", 2, false}, {1, "xn--pssu33l.jp", 2, false}, {1, "xn--ntsq17g.jp", 2, false}, @@ -1636,20 +1642,32 @@ var r = [9784]Rule{ {1, "xn--6orx2r.jp", 2, false}, {1, "xn--rht61e.jp", 2, false}, {1, "xn--rht27z.jp", 2, false}, - {1, "xn--djty4k.jp", 2, false}, {1, "xn--nit225k.jp", 2, false}, {1, "xn--rht3d.jp", 2, false}, + {1, "xn--djty4k.jp", 2, false}, {1, "xn--klty5x.jp", 2, false}, {1, "xn--kltx9a.jp", 2, false}, {1, "xn--kltp7d.jp", 2, false}, + {1, "xn--c3s14m.jp", 2, false}, + {1, "xn--vgu402c.jp", 2, false}, + {1, "xn--efvn9s.jp", 2, false}, + {1, "xn--1lqs71d.jp", 2, false}, + {1, "xn--4pvxs.jp", 2, false}, {1, "xn--uuwu58a.jp", 2, false}, {1, "xn--zbx025d.jp", 2, false}, + {1, "xn--8pvr4u.jp", 2, false}, + {1, "xn--5rtp49c.jp", 2, false}, {1, "xn--ntso0iqx3a.jp", 2, false}, {1, "xn--elqq16h.jp", 2, false}, {1, "xn--4it168d.jp", 2, false}, {1, "xn--klt787d.jp", 2, false}, {1, "xn--rny31h.jp", 2, false}, {1, "xn--7t0a264c.jp", 2, false}, + {1, "xn--uist22h.jp", 2, false}, + {1, "xn--8ltr62k.jp", 2, false}, + {1, "xn--2m4a15e.jp", 2, false}, + {1, "xn--32vp30h.jp", 2, false}, + {1, "xn--4it797k.jp", 2, false}, {1, "xn--5rtq34k.jp", 2, false}, {1, "xn--k7yn95e.jp", 2, false}, {1, "xn--tor131o.jp", 2, false}, @@ -3352,44 +3370,44 @@ var r = [9784]Rule{ {1, "or.ke", 2, false}, {1, "sc.ke", 2, false}, {1, "kg", 1, false}, - {1, "org.kg", 2, false}, - {1, "net.kg", 2, false}, {1, "com.kg", 2, false}, {1, "edu.kg", 2, false}, {1, "gov.kg", 2, false}, {1, "mil.kg", 2, false}, + {1, "net.kg", 2, false}, + {1, "org.kg", 2, false}, {2, "kh", 2, false}, {1, "ki", 1, false}, - {1, "edu.ki", 2, false}, {1, "biz.ki", 2, false}, - {1, "net.ki", 2, false}, - {1, "org.ki", 2, false}, + {1, "com.ki", 2, false}, + {1, "edu.ki", 2, false}, {1, "gov.ki", 2, false}, {1, "info.ki", 2, false}, - {1, "com.ki", 2, false}, + {1, "net.ki", 2, false}, + {1, "org.ki", 2, false}, {1, "km", 1, false}, - {1, "org.km", 2, false}, - {1, "nom.km", 2, false}, - {1, "gov.km", 2, false}, - {1, "prd.km", 2, false}, - {1, "tm.km", 2, false}, - {1, "edu.km", 2, false}, - {1, "mil.km", 2, false}, {1, "ass.km", 2, false}, {1, "com.km", 2, false}, - {1, "coop.km", 2, false}, + {1, "edu.km", 2, false}, + {1, "gov.km", 2, false}, + {1, "mil.km", 2, false}, + {1, "nom.km", 2, false}, + {1, "org.km", 2, false}, + {1, "prd.km", 2, false}, + {1, "tm.km", 2, false}, {1, "asso.km", 2, false}, - {1, "presse.km", 2, false}, + {1, "coop.km", 2, false}, + {1, "gouv.km", 2, false}, {1, "medecin.km", 2, false}, {1, "notaires.km", 2, false}, {1, "pharmaciens.km", 2, false}, + {1, "presse.km", 2, false}, {1, "veterinaire.km", 2, false}, - {1, "gouv.km", 2, false}, {1, "kn", 1, false}, - {1, "net.kn", 2, false}, - {1, "org.kn", 2, false}, {1, "edu.kn", 2, false}, {1, "gov.kn", 2, false}, + {1, "net.kn", 2, false}, + {1, "org.kn", 2, false}, {1, "kp", 1, false}, {1, "com.kp", 2, false}, {1, "edu.kp", 2, false}, @@ -3441,21 +3459,21 @@ var r = [9784]Rule{ {1, "net.ky", 2, false}, {1, "org.ky", 2, false}, {1, "kz", 1, false}, - {1, "org.kz", 2, false}, + {1, "com.kz", 2, false}, {1, "edu.kz", 2, false}, - {1, "net.kz", 2, false}, {1, "gov.kz", 2, false}, {1, "mil.kz", 2, false}, - {1, "com.kz", 2, false}, + {1, "net.kz", 2, false}, + {1, "org.kz", 2, false}, {1, "la", 1, false}, - {1, "int.la", 2, false}, - {1, "net.la", 2, false}, - {1, "info.la", 2, false}, + {1, "com.la", 2, false}, {1, "edu.la", 2, false}, {1, "gov.la", 2, false}, - {1, "per.la", 2, false}, - {1, "com.la", 2, false}, + {1, "info.la", 2, false}, + {1, "int.la", 2, false}, + {1, "net.la", 2, false}, {1, "org.la", 2, false}, + {1, "per.la", 2, false}, {1, "lb", 1, false}, {1, "com.lb", 2, false}, {1, "edu.lb", 2, false}, @@ -3463,35 +3481,35 @@ var r = [9784]Rule{ {1, "net.lb", 2, false}, {1, "org.lb", 2, false}, {1, "lc", 1, false}, - {1, "com.lc", 2, false}, - {1, "net.lc", 2, false}, {1, "co.lc", 2, false}, - {1, "org.lc", 2, false}, + {1, "com.lc", 2, false}, {1, "edu.lc", 2, false}, {1, "gov.lc", 2, false}, + {1, "net.lc", 2, false}, + {1, "org.lc", 2, false}, {1, "li", 1, false}, {1, "lk", 1, false}, - {1, "gov.lk", 2, false}, - {1, "sch.lk", 2, false}, - {1, "net.lk", 2, false}, - {1, "int.lk", 2, false}, - {1, "com.lk", 2, false}, - {1, "org.lk", 2, false}, - {1, "edu.lk", 2, false}, - {1, "ngo.lk", 2, false}, - {1, "soc.lk", 2, false}, - {1, "web.lk", 2, false}, - {1, "ltd.lk", 2, false}, + {1, "ac.lk", 2, false}, {1, "assn.lk", 2, false}, + {1, "com.lk", 2, false}, + {1, "edu.lk", 2, false}, + {1, "gov.lk", 2, false}, {1, "grp.lk", 2, false}, {1, "hotel.lk", 2, false}, - {1, "ac.lk", 2, false}, + {1, "int.lk", 2, false}, + {1, "ltd.lk", 2, false}, + {1, "net.lk", 2, false}, + {1, "ngo.lk", 2, false}, + {1, "org.lk", 2, false}, + {1, "sch.lk", 2, false}, + {1, "soc.lk", 2, false}, + {1, "web.lk", 2, false}, {1, "lr", 1, false}, {1, "com.lr", 2, false}, {1, "edu.lr", 2, false}, {1, "gov.lr", 2, false}, - {1, "org.lr", 2, false}, {1, "net.lr", 2, false}, + {1, "org.lr", 2, false}, {1, "ls", 1, false}, {1, "ac.ls", 2, false}, {1, "biz.ls", 2, false}, @@ -3506,84 +3524,89 @@ var r = [9784]Rule{ {1, "gov.lt", 2, false}, {1, "lu", 1, false}, {1, "lv", 1, false}, + {1, "asn.lv", 2, false}, {1, "com.lv", 2, false}, + {1, "conf.lv", 2, false}, {1, "edu.lv", 2, false}, {1, "gov.lv", 2, false}, - {1, "org.lv", 2, false}, - {1, "mil.lv", 2, false}, {1, "id.lv", 2, false}, + {1, "mil.lv", 2, false}, {1, "net.lv", 2, false}, - {1, "asn.lv", 2, false}, - {1, "conf.lv", 2, false}, + {1, "org.lv", 2, false}, {1, "ly", 1, false}, {1, "com.ly", 2, false}, - {1, "net.ly", 2, false}, - {1, "gov.ly", 2, false}, - {1, "plc.ly", 2, false}, {1, "edu.ly", 2, false}, - {1, "sch.ly", 2, false}, - {1, "med.ly", 2, false}, - {1, "org.ly", 2, false}, + {1, "gov.ly", 2, false}, {1, "id.ly", 2, false}, + {1, "med.ly", 2, false}, + {1, "net.ly", 2, false}, + {1, "org.ly", 2, false}, + {1, "plc.ly", 2, false}, + {1, "sch.ly", 2, false}, {1, "ma", 1, false}, - {1, "co.ma", 2, false}, - {1, "net.ma", 2, false}, - {1, "gov.ma", 2, false}, - {1, "org.ma", 2, false}, {1, "ac.ma", 2, false}, + {1, "co.ma", 2, false}, + {1, "gov.ma", 2, false}, + {1, "net.ma", 2, false}, + {1, "org.ma", 2, false}, {1, "press.ma", 2, false}, {1, "mc", 1, false}, - {1, "tm.mc", 2, false}, {1, "asso.mc", 2, false}, + {1, "tm.mc", 2, false}, {1, "md", 1, false}, {1, "me", 1, false}, - {1, "co.me", 2, false}, - {1, "net.me", 2, false}, - {1, "org.me", 2, false}, - {1, "edu.me", 2, false}, {1, "ac.me", 2, false}, + {1, "co.me", 2, false}, + {1, "edu.me", 2, false}, {1, "gov.me", 2, false}, {1, "its.me", 2, false}, + {1, "net.me", 2, false}, + {1, "org.me", 2, false}, {1, "priv.me", 2, false}, {1, "mg", 1, false}, - {1, "org.mg", 2, false}, - {1, "nom.mg", 2, false}, - {1, "gov.mg", 2, false}, - {1, "prd.mg", 2, false}, - {1, "tm.mg", 2, false}, - {1, "edu.mg", 2, false}, - {1, "mil.mg", 2, false}, - {1, "com.mg", 2, false}, {1, "co.mg", 2, false}, + {1, "com.mg", 2, false}, + {1, "edu.mg", 2, false}, + {1, "gov.mg", 2, false}, + {1, "mil.mg", 2, false}, + {1, "nom.mg", 2, false}, + {1, "org.mg", 2, false}, + {1, "prd.mg", 2, false}, {1, "mh", 1, false}, {1, "mil", 1, false}, {1, "mk", 1, false}, {1, "com.mk", 2, false}, - {1, "org.mk", 2, false}, - {1, "net.mk", 2, false}, {1, "edu.mk", 2, false}, {1, "gov.mk", 2, false}, {1, "inf.mk", 2, false}, {1, "name.mk", 2, false}, + {1, "net.mk", 2, false}, + {1, "org.mk", 2, false}, {1, "ml", 1, false}, + {1, "ac.ml", 2, false}, + {1, "art.ml", 2, false}, + {1, "asso.ml", 2, false}, {1, "com.ml", 2, false}, {1, "edu.ml", 2, false}, {1, "gouv.ml", 2, false}, {1, "gov.ml", 2, false}, + {1, "info.ml", 2, false}, + {1, "inst.ml", 2, false}, {1, "net.ml", 2, false}, {1, "org.ml", 2, false}, + {1, "pr.ml", 2, false}, {1, "presse.ml", 2, false}, {2, "mm", 2, false}, {1, "mn", 1, false}, - {1, "gov.mn", 2, false}, {1, "edu.mn", 2, false}, + {1, "gov.mn", 2, false}, {1, "org.mn", 2, false}, {1, "mo", 1, false}, {1, "com.mo", 2, false}, - {1, "net.mo", 2, false}, - {1, "org.mo", 2, false}, {1, "edu.mo", 2, false}, {1, "gov.mo", 2, false}, + {1, "net.mo", 2, false}, + {1, "org.mo", 2, false}, {1, "mobi", 1, false}, {1, "mp", 1, false}, {1, "mq", 1, false}, @@ -3601,13 +3624,13 @@ var r = [9784]Rule{ {1, "net.mt", 2, false}, {1, "org.mt", 2, false}, {1, "mu", 1, false}, - {1, "com.mu", 2, false}, - {1, "net.mu", 2, false}, - {1, "org.mu", 2, false}, - {1, "gov.mu", 2, false}, {1, "ac.mu", 2, false}, {1, "co.mu", 2, false}, + {1, "com.mu", 2, false}, + {1, "gov.mu", 2, false}, + {1, "net.mu", 2, false}, {1, "or.mu", 2, false}, + {1, "org.mu", 2, false}, {1, "museum", 1, false}, {1, "mv", 1, false}, {1, "aero.mv", 2, false}, @@ -3633,15 +3656,14 @@ var r = [9784]Rule{ {1, "edu.mw", 2, false}, {1, "gov.mw", 2, false}, {1, "int.mw", 2, false}, - {1, "museum.mw", 2, false}, {1, "net.mw", 2, false}, {1, "org.mw", 2, false}, {1, "mx", 1, false}, {1, "com.mx", 2, false}, - {1, "org.mx", 2, false}, - {1, "gob.mx", 2, false}, {1, "edu.mx", 2, false}, + {1, "gob.mx", 2, false}, {1, "net.mx", 2, false}, + {1, "org.mx", 2, false}, {1, "my", 1, false}, {1, "biz.my", 2, false}, {1, "com.my", 2, false}, @@ -3661,22 +3683,11 @@ var r = [9784]Rule{ {1, "net.mz", 2, false}, {1, "org.mz", 2, false}, {1, "na", 1, false}, - {1, "info.na", 2, false}, - {1, "pro.na", 2, false}, - {1, "name.na", 2, false}, - {1, "school.na", 2, false}, - {1, "or.na", 2, false}, - {1, "dr.na", 2, false}, - {1, "us.na", 2, false}, - {1, "mx.na", 2, false}, - {1, "ca.na", 2, false}, - {1, "in.na", 2, false}, - {1, "cc.na", 2, false}, - {1, "tv.na", 2, false}, - {1, "ws.na", 2, false}, - {1, "mobi.na", 2, false}, + {1, "alt.na", 2, false}, {1, "co.na", 2, false}, {1, "com.na", 2, false}, + {1, "gov.na", 2, false}, + {1, "net.na", 2, false}, {1, "org.na", 2, false}, {1, "name", 1, false}, {1, "nc", 1, false}, @@ -3685,16 +3696,16 @@ var r = [9784]Rule{ {1, "ne", 1, false}, {1, "net", 1, false}, {1, "nf", 1, false}, - {1, "com.nf", 2, false}, - {1, "net.nf", 2, false}, - {1, "per.nf", 2, false}, - {1, "rec.nf", 2, false}, - {1, "web.nf", 2, false}, {1, "arts.nf", 2, false}, + {1, "com.nf", 2, false}, {1, "firm.nf", 2, false}, {1, "info.nf", 2, false}, + {1, "net.nf", 2, false}, {1, "other.nf", 2, false}, + {1, "per.nf", 2, false}, + {1, "rec.nf", 2, false}, {1, "store.nf", 2, false}, + {1, "web.nf", 2, false}, {1, "ng", 1, false}, {1, "com.ng", 2, false}, {1, "edu.ng", 2, false}, @@ -3724,17 +3735,17 @@ var r = [9784]Rule{ {1, "nl", 1, false}, {1, "no", 1, false}, {1, "fhs.no", 2, false}, - {1, "vgs.no", 2, false}, - {1, "fylkesbibl.no", 2, false}, {1, "folkebibl.no", 2, false}, - {1, "museum.no", 2, false}, + {1, "fylkesbibl.no", 2, false}, {1, "idrett.no", 2, false}, + {1, "museum.no", 2, false}, {1, "priv.no", 2, false}, + {1, "vgs.no", 2, false}, + {1, "dep.no", 2, false}, + {1, "herad.no", 2, false}, + {1, "kommune.no", 2, false}, {1, "mil.no", 2, false}, {1, "stat.no", 2, false}, - {1, "dep.no", 2, false}, - {1, "kommune.no", 2, false}, - {1, "herad.no", 2, false}, {1, "aa.no", 2, false}, {1, "ah.no", 2, false}, {1, "bu.no", 2, false}, @@ -3782,10 +3793,10 @@ var r = [9784]Rule{ {1, "algard.no", 2, false}, {1, "xn--lgrd-poac.no", 2, false}, {1, "arna.no", 2, false}, - {1, "brumunddal.no", 2, false}, - {1, "bryne.no", 2, false}, {1, "bronnoysund.no", 2, false}, {1, "xn--brnnysund-m8ac.no", 2, false}, + {1, "brumunddal.no", 2, false}, + {1, "bryne.no", 2, false}, {1, "drobak.no", 2, false}, {1, "xn--drbak-wua.no", 2, false}, {1, "egersund.no", 2, false}, @@ -3828,27 +3839,32 @@ var r = [9784]Rule{ {1, "tananger.no", 2, false}, {1, "tranby.no", 2, false}, {1, "vossevangen.no", 2, false}, + {1, "aarborte.no", 2, false}, + {1, "aejrie.no", 2, false}, {1, "afjord.no", 2, false}, {1, "xn--fjord-lra.no", 2, false}, {1, "agdenes.no", 2, false}, + {1, "nes.akershus.no", 3, false}, + {1, "aknoluokta.no", 2, false}, + {1, "xn--koluokta-7ya57h.no", 2, false}, {1, "al.no", 2, false}, {1, "xn--l-1fa.no", 2, false}, + {1, "alaheadju.no", 2, false}, + {1, "xn--laheadju-7ya.no", 2, false}, {1, "alesund.no", 2, false}, {1, "xn--lesund-hua.no", 2, false}, {1, "alstahaug.no", 2, false}, {1, "alta.no", 2, false}, {1, "xn--lt-liac.no", 2, false}, - {1, "alaheadju.no", 2, false}, - {1, "xn--laheadju-7ya.no", 2, false}, {1, "alvdal.no", 2, false}, {1, "amli.no", 2, false}, {1, "xn--mli-tla.no", 2, false}, {1, "amot.no", 2, false}, {1, "xn--mot-tla.no", 2, false}, + {1, "andasuolo.no", 2, false}, {1, "andebu.no", 2, false}, {1, "andoy.no", 2, false}, {1, "xn--andy-ira.no", 2, false}, - {1, "andasuolo.no", 2, false}, {1, "ardal.no", 2, false}, {1, "xn--rdal-poa.no", 2, false}, {1, "aremark.no", 2, false}, @@ -3858,9 +3874,9 @@ var r = [9784]Rule{ {1, "xn--seral-lra.no", 2, false}, {1, "asker.no", 2, false}, {1, "askim.no", 2, false}, - {1, "askvoll.no", 2, false}, {1, "askoy.no", 2, false}, {1, "xn--asky-ira.no", 2, false}, + {1, "askvoll.no", 2, false}, {1, "asnes.no", 2, false}, {1, "xn--snes-poa.no", 2, false}, {1, "audnedaln.no", 2, false}, @@ -3873,27 +3889,37 @@ var r = [9784]Rule{ {1, "austrheim.no", 2, false}, {1, "averoy.no", 2, false}, {1, "xn--avery-yua.no", 2, false}, - {1, "balestrand.no", 2, false}, - {1, "ballangen.no", 2, false}, - {1, "balat.no", 2, false}, - {1, "xn--blt-elab.no", 2, false}, - {1, "balsfjord.no", 2, false}, + {1, "badaddja.no", 2, false}, + {1, "xn--bdddj-mrabd.no", 2, false}, + {1, "xn--brum-voa.no", 2, false}, + {1, "bahcavuotna.no", 2, false}, + {1, "xn--bhcavuotna-s4a.no", 2, false}, {1, "bahccavuotna.no", 2, false}, {1, "xn--bhccavuotna-k7a.no", 2, false}, - {1, "bamble.no", 2, false}, - {1, "bardu.no", 2, false}, - {1, "beardu.no", 2, false}, - {1, "beiarn.no", 2, false}, - {1, "bajddar.no", 2, false}, - {1, "xn--bjddar-pta.no", 2, false}, {1, "baidar.no", 2, false}, {1, "xn--bidr-5nac.no", 2, false}, + {1, "bajddar.no", 2, false}, + {1, "xn--bjddar-pta.no", 2, false}, + {1, "balat.no", 2, false}, + {1, "xn--blt-elab.no", 2, false}, + {1, "balestrand.no", 2, false}, + {1, "ballangen.no", 2, false}, + {1, "balsfjord.no", 2, false}, + {1, "bamble.no", 2, false}, + {1, "bardu.no", 2, false}, + {1, "barum.no", 2, false}, + {1, "batsfjord.no", 2, false}, + {1, "xn--btsfjord-9za.no", 2, false}, + {1, "bearalvahki.no", 2, false}, + {1, "xn--bearalvhki-y4a.no", 2, false}, + {1, "beardu.no", 2, false}, + {1, "beiarn.no", 2, false}, {1, "berg.no", 2, false}, {1, "bergen.no", 2, false}, {1, "berlevag.no", 2, false}, {1, "xn--berlevg-jxa.no", 2, false}, - {1, "bearalvahki.no", 2, false}, - {1, "xn--bearalvhki-y4a.no", 2, false}, + {1, "bievat.no", 2, false}, + {1, "xn--bievt-0qa.no", 2, false}, {1, "bindal.no", 2, false}, {1, "birkenes.no", 2, false}, {1, "bjarkoy.no", 2, false}, @@ -3902,36 +3928,32 @@ var r = [9784]Rule{ {1, "bjugn.no", 2, false}, {1, "bodo.no", 2, false}, {1, "xn--bod-2na.no", 2, false}, - {1, "badaddja.no", 2, false}, - {1, "xn--bdddj-mrabd.no", 2, false}, - {1, "budejju.no", 2, false}, {1, "bokn.no", 2, false}, + {1, "bomlo.no", 2, false}, + {1, "xn--bmlo-gra.no", 2, false}, {1, "bremanger.no", 2, false}, {1, "bronnoy.no", 2, false}, {1, "xn--brnny-wuac.no", 2, false}, + {1, "budejju.no", 2, false}, + {1, "nes.buskerud.no", 3, false}, {1, "bygland.no", 2, false}, {1, "bykle.no", 2, false}, - {1, "barum.no", 2, false}, - {1, "xn--brum-voa.no", 2, false}, - {1, "bo.telemark.no", 3, false}, - {1, "xn--b-5ga.telemark.no", 3, false}, - {1, "bo.nordland.no", 3, false}, - {1, "xn--b-5ga.nordland.no", 3, false}, - {1, "bievat.no", 2, false}, - {1, "xn--bievt-0qa.no", 2, false}, - {1, "bomlo.no", 2, false}, - {1, "xn--bmlo-gra.no", 2, false}, - {1, "batsfjord.no", 2, false}, - {1, "xn--btsfjord-9za.no", 2, false}, - {1, "bahcavuotna.no", 2, false}, - {1, "xn--bhcavuotna-s4a.no", 2, false}, + {1, "cahcesuolo.no", 2, false}, + {1, "xn--hcesuolo-7ya35b.no", 2, false}, + {1, "davvenjarga.no", 2, false}, + {1, "xn--davvenjrga-y4a.no", 2, false}, + {1, "davvesiida.no", 2, false}, + {1, "deatnu.no", 2, false}, + {1, "dielddanuorri.no", 2, false}, + {1, "divtasvuodna.no", 2, false}, + {1, "divttasvuotna.no", 2, false}, + {1, "donna.no", 2, false}, + {1, "xn--dnna-gra.no", 2, false}, {1, "dovre.no", 2, false}, {1, "drammen.no", 2, false}, {1, "drangedal.no", 2, false}, {1, "dyroy.no", 2, false}, {1, "xn--dyry-ira.no", 2, false}, - {1, "donna.no", 2, false}, - {1, "xn--dnna-gra.no", 2, false}, {1, "eid.no", 2, false}, {1, "eidfjord.no", 2, false}, {1, "eidsberg.no", 2, false}, @@ -3943,14 +3965,12 @@ var r = [9784]Rule{ {1, "engerdal.no", 2, false}, {1, "etne.no", 2, false}, {1, "etnedal.no", 2, false}, - {1, "evenes.no", 2, false}, {1, "evenassi.no", 2, false}, {1, "xn--eveni-0qa01ga.no", 2, false}, + {1, "evenes.no", 2, false}, {1, "evje-og-hornnes.no", 2, false}, {1, "farsund.no", 2, false}, {1, "fauske.no", 2, false}, - {1, "fuossko.no", 2, false}, - {1, "fuoisku.no", 2, false}, {1, "fedje.no", 2, false}, {1, "fet.no", 2, false}, {1, "finnoy.no", 2, false}, @@ -3958,33 +3978,40 @@ var r = [9784]Rule{ {1, "fitjar.no", 2, false}, {1, "fjaler.no", 2, false}, {1, "fjell.no", 2, false}, + {1, "fla.no", 2, false}, + {1, "xn--fl-zia.no", 2, false}, {1, "flakstad.no", 2, false}, {1, "flatanger.no", 2, false}, {1, "flekkefjord.no", 2, false}, {1, "flesberg.no", 2, false}, {1, "flora.no", 2, false}, - {1, "fla.no", 2, false}, - {1, "xn--fl-zia.no", 2, false}, {1, "folldal.no", 2, false}, + {1, "forde.no", 2, false}, + {1, "xn--frde-gra.no", 2, false}, {1, "forsand.no", 2, false}, {1, "fosnes.no", 2, false}, + {1, "xn--frna-woa.no", 2, false}, + {1, "frana.no", 2, false}, {1, "frei.no", 2, false}, {1, "frogn.no", 2, false}, {1, "froland.no", 2, false}, {1, "frosta.no", 2, false}, - {1, "frana.no", 2, false}, - {1, "xn--frna-woa.no", 2, false}, {1, "froya.no", 2, false}, {1, "xn--frya-hra.no", 2, false}, + {1, "fuoisku.no", 2, false}, + {1, "fuossko.no", 2, false}, {1, "fusa.no", 2, false}, {1, "fyresdal.no", 2, false}, - {1, "forde.no", 2, false}, - {1, "xn--frde-gra.no", 2, false}, + {1, "gaivuotna.no", 2, false}, + {1, "xn--givuotna-8ya.no", 2, false}, + {1, "galsa.no", 2, false}, + {1, "xn--gls-elac.no", 2, false}, {1, "gamvik.no", 2, false}, {1, "gangaviika.no", 2, false}, {1, "xn--ggaviika-8ya47h.no", 2, false}, {1, "gaular.no", 2, false}, {1, "gausdal.no", 2, false}, + {1, "giehtavuoatna.no", 2, false}, {1, "gildeskal.no", 2, false}, {1, "xn--gildeskl-g0a.no", 2, false}, {1, "giske.no", 2, false}, @@ -4002,38 +4029,37 @@ var r = [9784]Rule{ {1, "gratangen.no", 2, false}, {1, "grimstad.no", 2, false}, {1, "grong.no", 2, false}, - {1, "kraanghke.no", 2, false}, - {1, "xn--kranghke-b0a.no", 2, false}, {1, "grue.no", 2, false}, {1, "gulen.no", 2, false}, + {1, "guovdageaidnu.no", 2, false}, + {1, "ha.no", 2, false}, + {1, "xn--h-2fa.no", 2, false}, + {1, "habmer.no", 2, false}, + {1, "xn--hbmer-xqa.no", 2, false}, {1, "hadsel.no", 2, false}, + {1, "xn--hgebostad-g3a.no", 2, false}, + {1, "hagebostad.no", 2, false}, {1, "halden.no", 2, false}, {1, "halsa.no", 2, false}, {1, "hamar.no", 2, false}, {1, "hamaroy.no", 2, false}, - {1, "habmer.no", 2, false}, - {1, "xn--hbmer-xqa.no", 2, false}, - {1, "hapmir.no", 2, false}, - {1, "xn--hpmir-xqa.no", 2, false}, - {1, "hammerfest.no", 2, false}, {1, "hammarfeasta.no", 2, false}, {1, "xn--hmmrfeasta-s4ac.no", 2, false}, + {1, "hammerfest.no", 2, false}, + {1, "hapmir.no", 2, false}, + {1, "xn--hpmir-xqa.no", 2, false}, {1, "haram.no", 2, false}, {1, "hareid.no", 2, false}, {1, "harstad.no", 2, false}, {1, "hasvik.no", 2, false}, - {1, "aknoluokta.no", 2, false}, - {1, "xn--koluokta-7ya57h.no", 2, false}, {1, "hattfjelldal.no", 2, false}, - {1, "aarborte.no", 2, false}, {1, "haugesund.no", 2, false}, + {1, "os.hedmark.no", 3, false}, + {1, "valer.hedmark.no", 3, false}, + {1, "xn--vler-qoa.hedmark.no", 3, false}, {1, "hemne.no", 2, false}, {1, "hemnes.no", 2, false}, {1, "hemsedal.no", 2, false}, - {1, "heroy.more-og-romsdal.no", 3, false}, - {1, "xn--hery-ira.xn--mre-og-romsdal-qqb.no", 3, false}, - {1, "heroy.nordland.no", 3, false}, - {1, "xn--hery-ira.nordland.no", 3, false}, {1, "hitra.no", 2, false}, {1, "hjartdal.no", 2, false}, {1, "hjelmeland.no", 2, false}, @@ -4045,96 +4071,95 @@ var r = [9784]Rule{ {1, "holmestrand.no", 2, false}, {1, "holtalen.no", 2, false}, {1, "xn--holtlen-hxa.no", 2, false}, + {1, "os.hordaland.no", 3, false}, {1, "hornindal.no", 2, false}, {1, "horten.no", 2, false}, - {1, "hurdal.no", 2, false}, - {1, "hurum.no", 2, false}, - {1, "hvaler.no", 2, false}, - {1, "hyllestad.no", 2, false}, - {1, "hagebostad.no", 2, false}, - {1, "xn--hgebostad-g3a.no", 2, false}, {1, "hoyanger.no", 2, false}, {1, "xn--hyanger-q1a.no", 2, false}, {1, "hoylandet.no", 2, false}, {1, "xn--hylandet-54a.no", 2, false}, - {1, "ha.no", 2, false}, - {1, "xn--h-2fa.no", 2, false}, + {1, "hurdal.no", 2, false}, + {1, "hurum.no", 2, false}, + {1, "hvaler.no", 2, false}, + {1, "hyllestad.no", 2, false}, {1, "ibestad.no", 2, false}, {1, "inderoy.no", 2, false}, {1, "xn--indery-fya.no", 2, false}, {1, "iveland.no", 2, false}, + {1, "ivgu.no", 2, false}, {1, "jevnaker.no", 2, false}, - {1, "jondal.no", 2, false}, {1, "jolster.no", 2, false}, {1, "xn--jlster-bya.no", 2, false}, - {1, "karasjok.no", 2, false}, + {1, "jondal.no", 2, false}, + {1, "kafjord.no", 2, false}, + {1, "xn--kfjord-iua.no", 2, false}, {1, "karasjohka.no", 2, false}, {1, "xn--krjohka-hwab49j.no", 2, false}, + {1, "karasjok.no", 2, false}, {1, "karlsoy.no", 2, false}, - {1, "galsa.no", 2, false}, - {1, "xn--gls-elac.no", 2, false}, {1, "karmoy.no", 2, false}, {1, "xn--karmy-yua.no", 2, false}, {1, "kautokeino.no", 2, false}, - {1, "guovdageaidnu.no", 2, false}, - {1, "klepp.no", 2, false}, {1, "klabu.no", 2, false}, {1, "xn--klbu-woa.no", 2, false}, + {1, "klepp.no", 2, false}, {1, "kongsberg.no", 2, false}, {1, "kongsvinger.no", 2, false}, + {1, "kraanghke.no", 2, false}, + {1, "xn--kranghke-b0a.no", 2, false}, {1, "kragero.no", 2, false}, {1, "xn--krager-gya.no", 2, false}, {1, "kristiansand.no", 2, false}, {1, "kristiansund.no", 2, false}, {1, "krodsherad.no", 2, false}, {1, "xn--krdsherad-m8a.no", 2, false}, + {1, "xn--kvfjord-nxa.no", 2, false}, + {1, "xn--kvnangen-k0a.no", 2, false}, + {1, "kvafjord.no", 2, false}, {1, "kvalsund.no", 2, false}, - {1, "rahkkeravju.no", 2, false}, - {1, "xn--rhkkervju-01af.no", 2, false}, {1, "kvam.no", 2, false}, + {1, "kvanangen.no", 2, false}, {1, "kvinesdal.no", 2, false}, {1, "kvinnherad.no", 2, false}, {1, "kviteseid.no", 2, false}, {1, "kvitsoy.no", 2, false}, {1, "xn--kvitsy-fya.no", 2, false}, - {1, "kvafjord.no", 2, false}, - {1, "xn--kvfjord-nxa.no", 2, false}, - {1, "giehtavuoatna.no", 2, false}, - {1, "kvanangen.no", 2, false}, - {1, "xn--kvnangen-k0a.no", 2, false}, - {1, "navuotna.no", 2, false}, - {1, "xn--nvuotna-hwa.no", 2, false}, - {1, "kafjord.no", 2, false}, - {1, "xn--kfjord-iua.no", 2, false}, - {1, "gaivuotna.no", 2, false}, - {1, "xn--givuotna-8ya.no", 2, false}, + {1, "laakesvuemie.no", 2, false}, + {1, "xn--lrdal-sra.no", 2, false}, + {1, "lahppi.no", 2, false}, + {1, "xn--lhppi-xqa.no", 2, false}, + {1, "lardal.no", 2, false}, {1, "larvik.no", 2, false}, - {1, "lavangen.no", 2, false}, {1, "lavagis.no", 2, false}, - {1, "loabat.no", 2, false}, - {1, "xn--loabt-0qa.no", 2, false}, + {1, "lavangen.no", 2, false}, + {1, "leangaviika.no", 2, false}, + {1, "xn--leagaviika-52b.no", 2, false}, {1, "lebesby.no", 2, false}, - {1, "davvesiida.no", 2, false}, {1, "leikanger.no", 2, false}, {1, "leirfjord.no", 2, false}, {1, "leka.no", 2, false}, {1, "leksvik.no", 2, false}, {1, "lenvik.no", 2, false}, - {1, "leangaviika.no", 2, false}, - {1, "xn--leagaviika-52b.no", 2, false}, + {1, "lerdal.no", 2, false}, {1, "lesja.no", 2, false}, {1, "levanger.no", 2, false}, {1, "lier.no", 2, false}, {1, "lierne.no", 2, false}, {1, "lillehammer.no", 2, false}, {1, "lillesand.no", 2, false}, - {1, "lindesnes.no", 2, false}, {1, "lindas.no", 2, false}, {1, "xn--linds-pra.no", 2, false}, + {1, "lindesnes.no", 2, false}, + {1, "loabat.no", 2, false}, + {1, "xn--loabt-0qa.no", 2, false}, + {1, "lodingen.no", 2, false}, + {1, "xn--ldingen-q1a.no", 2, false}, {1, "lom.no", 2, false}, {1, "loppa.no", 2, false}, - {1, "lahppi.no", 2, false}, - {1, "xn--lhppi-xqa.no", 2, false}, + {1, "lorenskog.no", 2, false}, + {1, "xn--lrenskog-54a.no", 2, false}, + {1, "loten.no", 2, false}, + {1, "xn--lten-gra.no", 2, false}, {1, "lund.no", 2, false}, {1, "lunner.no", 2, false}, {1, "luroy.no", 2, false}, @@ -4142,25 +4167,19 @@ var r = [9784]Rule{ {1, "luster.no", 2, false}, {1, "lyngdal.no", 2, false}, {1, "lyngen.no", 2, false}, - {1, "ivgu.no", 2, false}, - {1, "lardal.no", 2, false}, - {1, "lerdal.no", 2, false}, - {1, "xn--lrdal-sra.no", 2, false}, - {1, "lodingen.no", 2, false}, - {1, "xn--ldingen-q1a.no", 2, false}, - {1, "lorenskog.no", 2, false}, - {1, "xn--lrenskog-54a.no", 2, false}, - {1, "loten.no", 2, false}, - {1, "xn--lten-gra.no", 2, false}, + {1, "malatvuopmi.no", 2, false}, + {1, "xn--mlatvuopmi-s4a.no", 2, false}, + {1, "malselv.no", 2, false}, + {1, "xn--mlselv-iua.no", 2, false}, {1, "malvik.no", 2, false}, - {1, "masoy.no", 2, false}, - {1, "xn--msy-ula0h.no", 2, false}, - {1, "muosat.no", 2, false}, - {1, "xn--muost-0qa.no", 2, false}, {1, "mandal.no", 2, false}, {1, "marker.no", 2, false}, {1, "marnardal.no", 2, false}, {1, "masfjorden.no", 2, false}, + {1, "masoy.no", 2, false}, + {1, "xn--msy-ula0h.no", 2, false}, + {1, "matta-varjjat.no", 2, false}, + {1, "xn--mtta-vrjjat-k7af.no", 2, false}, {1, "meland.no", 2, false}, {1, "meldal.no", 2, false}, {1, "melhus.no", 2, false}, @@ -4168,39 +4187,39 @@ var r = [9784]Rule{ {1, "xn--mely-ira.no", 2, false}, {1, "meraker.no", 2, false}, {1, "xn--merker-kua.no", 2, false}, - {1, "moareke.no", 2, false}, - {1, "xn--moreke-jua.no", 2, false}, {1, "midsund.no", 2, false}, {1, "midtre-gauldal.no", 2, false}, + {1, "moareke.no", 2, false}, + {1, "xn--moreke-jua.no", 2, false}, {1, "modalen.no", 2, false}, {1, "modum.no", 2, false}, {1, "molde.no", 2, false}, + {1, "heroy.more-og-romsdal.no", 3, false}, + {1, "sande.more-og-romsdal.no", 3, false}, + {1, "xn--hery-ira.xn--mre-og-romsdal-qqb.no", 3, false}, + {1, "sande.xn--mre-og-romsdal-qqb.no", 3, false}, {1, "moskenes.no", 2, false}, {1, "moss.no", 2, false}, {1, "mosvik.no", 2, false}, - {1, "malselv.no", 2, false}, - {1, "xn--mlselv-iua.no", 2, false}, - {1, "malatvuopmi.no", 2, false}, - {1, "xn--mlatvuopmi-s4a.no", 2, false}, - {1, "namdalseid.no", 2, false}, - {1, "aejrie.no", 2, false}, - {1, "namsos.no", 2, false}, - {1, "namsskogan.no", 2, false}, + {1, "muosat.no", 2, false}, + {1, "xn--muost-0qa.no", 2, false}, {1, "naamesjevuemie.no", 2, false}, {1, "xn--nmesjevuemie-tcba.no", 2, false}, - {1, "laakesvuemie.no", 2, false}, + {1, "xn--nry-yla5g.no", 2, false}, + {1, "namdalseid.no", 2, false}, + {1, "namsos.no", 2, false}, + {1, "namsskogan.no", 2, false}, {1, "nannestad.no", 2, false}, - {1, "narvik.no", 2, false}, + {1, "naroy.no", 2, false}, {1, "narviika.no", 2, false}, + {1, "narvik.no", 2, false}, {1, "naustdal.no", 2, false}, + {1, "navuotna.no", 2, false}, + {1, "xn--nvuotna-hwa.no", 2, false}, {1, "nedre-eiker.no", 2, false}, - {1, "nes.akershus.no", 3, false}, - {1, "nes.buskerud.no", 3, false}, {1, "nesna.no", 2, false}, {1, "nesodden.no", 2, false}, {1, "nesseby.no", 2, false}, - {1, "unjarga.no", 2, false}, - {1, "xn--unjrga-rta.no", 2, false}, {1, "nesset.no", 2, false}, {1, "nissedal.no", 2, false}, {1, "nittedal.no", 2, false}, @@ -4209,21 +4228,20 @@ var r = [9784]Rule{ {1, "nord-odal.no", 2, false}, {1, "norddal.no", 2, false}, {1, "nordkapp.no", 2, false}, - {1, "davvenjarga.no", 2, false}, - {1, "xn--davvenjrga-y4a.no", 2, false}, + {1, "bo.nordland.no", 3, false}, + {1, "xn--b-5ga.nordland.no", 3, false}, + {1, "heroy.nordland.no", 3, false}, + {1, "xn--hery-ira.nordland.no", 3, false}, {1, "nordre-land.no", 2, false}, {1, "nordreisa.no", 2, false}, - {1, "raisa.no", 2, false}, - {1, "xn--risa-5na.no", 2, false}, {1, "nore-og-uvdal.no", 2, false}, {1, "notodden.no", 2, false}, - {1, "naroy.no", 2, false}, - {1, "xn--nry-yla5g.no", 2, false}, {1, "notteroy.no", 2, false}, {1, "xn--nttery-byae.no", 2, false}, {1, "odda.no", 2, false}, {1, "oksnes.no", 2, false}, {1, "xn--ksnes-uua.no", 2, false}, + {1, "omasvuotna.no", 2, false}, {1, "oppdal.no", 2, false}, {1, "oppegard.no", 2, false}, {1, "xn--oppegrd-ixa.no", 2, false}, @@ -4234,11 +4252,11 @@ var r = [9784]Rule{ {1, "xn--rskog-uua.no", 2, false}, {1, "orsta.no", 2, false}, {1, "xn--rsta-fra.no", 2, false}, - {1, "os.hedmark.no", 3, false}, - {1, "os.hordaland.no", 3, false}, {1, "osen.no", 2, false}, {1, "osteroy.no", 2, false}, {1, "xn--ostery-fya.no", 2, false}, + {1, "valer.ostfold.no", 3, false}, + {1, "xn--vler-qoa.xn--stfold-9xa.no", 3, false}, {1, "ostre-toten.no", 2, false}, {1, "xn--stre-toten-zcb.no", 2, false}, {1, "overhalla.no", 2, false}, @@ -4254,11 +4272,18 @@ var r = [9784]Rule{ {1, "porsangu.no", 2, false}, {1, "xn--porsgu-sta26f.no", 2, false}, {1, "porsgrunn.no", 2, false}, + {1, "rade.no", 2, false}, + {1, "xn--rde-ula.no", 2, false}, {1, "radoy.no", 2, false}, {1, "xn--rady-ira.no", 2, false}, + {1, "xn--rlingen-mxa.no", 2, false}, + {1, "rahkkeravju.no", 2, false}, + {1, "xn--rhkkervju-01af.no", 2, false}, + {1, "raisa.no", 2, false}, + {1, "xn--risa-5na.no", 2, false}, {1, "rakkestad.no", 2, false}, + {1, "ralingen.no", 2, false}, {1, "rana.no", 2, false}, - {1, "ruovat.no", 2, false}, {1, "randaberg.no", 2, false}, {1, "rauma.no", 2, false}, {1, "rendalen.no", 2, false}, @@ -4269,16 +4294,14 @@ var r = [9784]Rule{ {1, "ringebu.no", 2, false}, {1, "ringerike.no", 2, false}, {1, "ringsaker.no", 2, false}, - {1, "rissa.no", 2, false}, {1, "risor.no", 2, false}, {1, "xn--risr-ira.no", 2, false}, + {1, "rissa.no", 2, false}, {1, "roan.no", 2, false}, - {1, "rollag.no", 2, false}, - {1, "rygge.no", 2, false}, - {1, "ralingen.no", 2, false}, - {1, "xn--rlingen-mxa.no", 2, false}, {1, "rodoy.no", 2, false}, {1, "xn--rdy-0nab.no", 2, false}, + {1, "rollag.no", 2, false}, + {1, "romsa.no", 2, false}, {1, "romskog.no", 2, false}, {1, "xn--rmskog-bya.no", 2, false}, {1, "roros.no", 2, false}, @@ -4289,18 +4312,14 @@ var r = [9784]Rule{ {1, "xn--ryken-vua.no", 2, false}, {1, "royrvik.no", 2, false}, {1, "xn--ryrvik-bya.no", 2, false}, - {1, "rade.no", 2, false}, - {1, "xn--rde-ula.no", 2, false}, + {1, "ruovat.no", 2, false}, + {1, "rygge.no", 2, false}, {1, "salangen.no", 2, false}, - {1, "siellak.no", 2, false}, - {1, "saltdal.no", 2, false}, {1, "salat.no", 2, false}, - {1, "xn--slt-elab.no", 2, false}, {1, "xn--slat-5na.no", 2, false}, + {1, "xn--slt-elab.no", 2, false}, + {1, "saltdal.no", 2, false}, {1, "samnanger.no", 2, false}, - {1, "sande.more-og-romsdal.no", 3, false}, - {1, "sande.xn--mre-og-romsdal-qqb.no", 3, false}, - {1, "sande.vestfold.no", 3, false}, {1, "sandefjord.no", 2, false}, {1, "sandnes.no", 2, false}, {1, "sandoy.no", 2, false}, @@ -4312,39 +4331,60 @@ var r = [9784]Rule{ {1, "selbu.no", 2, false}, {1, "selje.no", 2, false}, {1, "seljord.no", 2, false}, + {1, "siellak.no", 2, false}, {1, "sigdal.no", 2, false}, {1, "siljan.no", 2, false}, {1, "sirdal.no", 2, false}, + {1, "skanit.no", 2, false}, + {1, "xn--sknit-yqa.no", 2, false}, + {1, "skanland.no", 2, false}, + {1, "xn--sknland-fxa.no", 2, false}, {1, "skaun.no", 2, false}, {1, "skedsmo.no", 2, false}, {1, "ski.no", 2, false}, {1, "skien.no", 2, false}, - {1, "skiptvet.no", 2, false}, - {1, "skjervoy.no", 2, false}, - {1, "xn--skjervy-v1a.no", 2, false}, {1, "skierva.no", 2, false}, {1, "xn--skierv-uta.no", 2, false}, + {1, "skiptvet.no", 2, false}, {1, "skjak.no", 2, false}, {1, "xn--skjk-soa.no", 2, false}, + {1, "skjervoy.no", 2, false}, + {1, "xn--skjervy-v1a.no", 2, false}, {1, "skodje.no", 2, false}, - {1, "skanland.no", 2, false}, - {1, "xn--sknland-fxa.no", 2, false}, - {1, "skanit.no", 2, false}, - {1, "xn--sknit-yqa.no", 2, false}, {1, "smola.no", 2, false}, {1, "xn--smla-hra.no", 2, false}, - {1, "snillfjord.no", 2, false}, - {1, "snasa.no", 2, false}, - {1, "xn--snsa-roa.no", 2, false}, - {1, "snoasa.no", 2, false}, {1, "snaase.no", 2, false}, {1, "xn--snase-nra.no", 2, false}, + {1, "snasa.no", 2, false}, + {1, "xn--snsa-roa.no", 2, false}, + {1, "snillfjord.no", 2, false}, + {1, "snoasa.no", 2, false}, {1, "sogndal.no", 2, false}, + {1, "sogne.no", 2, false}, + {1, "xn--sgne-gra.no", 2, false}, {1, "sokndal.no", 2, false}, {1, "sola.no", 2, false}, {1, "solund.no", 2, false}, + {1, "somna.no", 2, false}, + {1, "xn--smna-gra.no", 2, false}, + {1, "sondre-land.no", 2, false}, + {1, "xn--sndre-land-0cb.no", 2, false}, {1, "songdalen.no", 2, false}, + {1, "sor-aurdal.no", 2, false}, + {1, "xn--sr-aurdal-l8a.no", 2, false}, + {1, "sor-fron.no", 2, false}, + {1, "xn--sr-fron-q1a.no", 2, false}, + {1, "sor-odal.no", 2, false}, + {1, "xn--sr-odal-q1a.no", 2, false}, + {1, "sor-varanger.no", 2, false}, + {1, "xn--sr-varanger-ggb.no", 2, false}, + {1, "sorfold.no", 2, false}, + {1, "xn--srfold-bya.no", 2, false}, + {1, "sorreisa.no", 2, false}, + {1, "xn--srreisa-q1a.no", 2, false}, {1, "sortland.no", 2, false}, + {1, "sorum.no", 2, false}, + {1, "xn--srum-gra.no", 2, false}, {1, "spydeberg.no", 2, false}, {1, "stange.no", 2, false}, {1, "stavanger.no", 2, false}, @@ -4357,7 +4397,6 @@ var r = [9784]Rule{ {1, "stord.no", 2, false}, {1, "stordal.no", 2, false}, {1, "storfjord.no", 2, false}, - {1, "omasvuotna.no", 2, false}, {1, "strand.no", 2, false}, {1, "stranda.no", 2, false}, {1, "stryn.no", 2, false}, @@ -4369,72 +4408,55 @@ var r = [9784]Rule{ {1, "sveio.no", 2, false}, {1, "svelvik.no", 2, false}, {1, "sykkylven.no", 2, false}, - {1, "sogne.no", 2, false}, - {1, "xn--sgne-gra.no", 2, false}, - {1, "somna.no", 2, false}, - {1, "xn--smna-gra.no", 2, false}, - {1, "sondre-land.no", 2, false}, - {1, "xn--sndre-land-0cb.no", 2, false}, - {1, "sor-aurdal.no", 2, false}, - {1, "xn--sr-aurdal-l8a.no", 2, false}, - {1, "sor-fron.no", 2, false}, - {1, "xn--sr-fron-q1a.no", 2, false}, - {1, "sor-odal.no", 2, false}, - {1, "xn--sr-odal-q1a.no", 2, false}, - {1, "sor-varanger.no", 2, false}, - {1, "xn--sr-varanger-ggb.no", 2, false}, - {1, "matta-varjjat.no", 2, false}, - {1, "xn--mtta-vrjjat-k7af.no", 2, false}, - {1, "sorfold.no", 2, false}, - {1, "xn--srfold-bya.no", 2, false}, - {1, "sorreisa.no", 2, false}, - {1, "xn--srreisa-q1a.no", 2, false}, - {1, "sorum.no", 2, false}, - {1, "xn--srum-gra.no", 2, false}, {1, "tana.no", 2, false}, - {1, "deatnu.no", 2, false}, + {1, "bo.telemark.no", 3, false}, + {1, "xn--b-5ga.telemark.no", 3, false}, {1, "time.no", 2, false}, {1, "tingvoll.no", 2, false}, {1, "tinn.no", 2, false}, {1, "tjeldsund.no", 2, false}, - {1, "dielddanuorri.no", 2, false}, {1, "tjome.no", 2, false}, {1, "xn--tjme-hra.no", 2, false}, {1, "tokke.no", 2, false}, {1, "tolga.no", 2, false}, + {1, "tonsberg.no", 2, false}, + {1, "xn--tnsberg-q1a.no", 2, false}, {1, "torsken.no", 2, false}, + {1, "xn--trna-woa.no", 2, false}, + {1, "trana.no", 2, false}, {1, "tranoy.no", 2, false}, {1, "xn--trany-yua.no", 2, false}, - {1, "tromso.no", 2, false}, - {1, "xn--troms-zua.no", 2, false}, - {1, "tromsa.no", 2, false}, - {1, "romsa.no", 2, false}, - {1, "trondheim.no", 2, false}, {1, "troandin.no", 2, false}, - {1, "trysil.no", 2, false}, - {1, "trana.no", 2, false}, - {1, "xn--trna-woa.no", 2, false}, {1, "trogstad.no", 2, false}, {1, "xn--trgstad-r1a.no", 2, false}, + {1, "tromsa.no", 2, false}, + {1, "tromso.no", 2, false}, + {1, "xn--troms-zua.no", 2, false}, + {1, "trondheim.no", 2, false}, + {1, "trysil.no", 2, false}, {1, "tvedestrand.no", 2, false}, {1, "tydal.no", 2, false}, {1, "tynset.no", 2, false}, {1, "tysfjord.no", 2, false}, - {1, "divtasvuodna.no", 2, false}, - {1, "divttasvuotna.no", 2, false}, {1, "tysnes.no", 2, false}, - {1, "tysvar.no", 2, false}, {1, "xn--tysvr-vra.no", 2, false}, - {1, "tonsberg.no", 2, false}, - {1, "xn--tnsberg-q1a.no", 2, false}, + {1, "tysvar.no", 2, false}, {1, "ullensaker.no", 2, false}, {1, "ullensvang.no", 2, false}, {1, "ulvik.no", 2, false}, + {1, "unjarga.no", 2, false}, + {1, "xn--unjrga-rta.no", 2, false}, {1, "utsira.no", 2, false}, + {1, "vaapste.no", 2, false}, {1, "vadso.no", 2, false}, {1, "xn--vads-jra.no", 2, false}, - {1, "cahcesuolo.no", 2, false}, - {1, "xn--hcesuolo-7ya35b.no", 2, false}, + {1, "xn--vry-yla5g.no", 2, false}, + {1, "vaga.no", 2, false}, + {1, "xn--vg-yiab.no", 2, false}, + {1, "vagan.no", 2, false}, + {1, "xn--vgan-qoa.no", 2, false}, + {1, "vagsoy.no", 2, false}, + {1, "xn--vgsy-qoa0j.no", 2, false}, {1, "vaksdal.no", 2, false}, {1, "valle.no", 2, false}, {1, "vang.no", 2, false}, @@ -4443,8 +4465,8 @@ var r = [9784]Rule{ {1, "xn--vard-jra.no", 2, false}, {1, "varggat.no", 2, false}, {1, "xn--vrggt-xqad.no", 2, false}, + {1, "varoy.no", 2, false}, {1, "vefsn.no", 2, false}, - {1, "vaapste.no", 2, false}, {1, "vega.no", 2, false}, {1, "vegarshei.no", 2, false}, {1, "xn--vegrshei-c0a.no", 2, false}, @@ -4452,6 +4474,7 @@ var r = [9784]Rule{ {1, "verdal.no", 2, false}, {1, "verran.no", 2, false}, {1, "vestby.no", 2, false}, + {1, "sande.vestfold.no", 3, false}, {1, "vestnes.no", 2, false}, {1, "vestre-slidre.no", 2, false}, {1, "vestre-toten.no", 2, false}, @@ -4461,30 +4484,18 @@ var r = [9784]Rule{ {1, "vik.no", 2, false}, {1, "vikna.no", 2, false}, {1, "vindafjord.no", 2, false}, + {1, "voagat.no", 2, false}, {1, "volda.no", 2, false}, {1, "voss.no", 2, false}, - {1, "varoy.no", 2, false}, - {1, "xn--vry-yla5g.no", 2, false}, - {1, "vagan.no", 2, false}, - {1, "xn--vgan-qoa.no", 2, false}, - {1, "voagat.no", 2, false}, - {1, "vagsoy.no", 2, false}, - {1, "xn--vgsy-qoa0j.no", 2, false}, - {1, "vaga.no", 2, false}, - {1, "xn--vg-yiab.no", 2, false}, - {1, "valer.ostfold.no", 3, false}, - {1, "xn--vler-qoa.xn--stfold-9xa.no", 3, false}, - {1, "valer.hedmark.no", 3, false}, - {1, "xn--vler-qoa.hedmark.no", 3, false}, {2, "np", 2, false}, {1, "nr", 1, false}, {1, "biz.nr", 2, false}, - {1, "info.nr", 2, false}, - {1, "gov.nr", 2, false}, - {1, "edu.nr", 2, false}, - {1, "org.nr", 2, false}, - {1, "net.nr", 2, false}, {1, "com.nr", 2, false}, + {1, "edu.nr", 2, false}, + {1, "gov.nr", 2, false}, + {1, "info.nr", 2, false}, + {1, "net.nr", 2, false}, + {1, "org.nr", 2, false}, {1, "nu", 1, false}, {1, "nz", 1, false}, {1, "ac.nz", 2, false}, @@ -4497,8 +4508,8 @@ var r = [9784]Rule{ {1, "iwi.nz", 2, false}, {1, "kiwi.nz", 2, false}, {1, "maori.nz", 2, false}, - {1, "mil.nz", 2, false}, {1, "xn--mori-qsa.nz", 2, false}, + {1, "mil.nz", 2, false}, {1, "net.nz", 2, false}, {1, "org.nz", 2, false}, {1, "parliament.nz", 2, false}, @@ -4516,39 +4527,39 @@ var r = [9784]Rule{ {1, "onion", 1, false}, {1, "org", 1, false}, {1, "pa", 1, false}, + {1, "abo.pa", 2, false}, {1, "ac.pa", 2, false}, - {1, "gob.pa", 2, false}, {1, "com.pa", 2, false}, + {1, "edu.pa", 2, false}, + {1, "gob.pa", 2, false}, + {1, "ing.pa", 2, false}, + {1, "med.pa", 2, false}, + {1, "net.pa", 2, false}, + {1, "nom.pa", 2, false}, {1, "org.pa", 2, false}, {1, "sld.pa", 2, false}, - {1, "edu.pa", 2, false}, - {1, "net.pa", 2, false}, - {1, "ing.pa", 2, false}, - {1, "abo.pa", 2, false}, - {1, "med.pa", 2, false}, - {1, "nom.pa", 2, false}, {1, "pe", 1, false}, + {1, "com.pe", 2, false}, {1, "edu.pe", 2, false}, {1, "gob.pe", 2, false}, - {1, "nom.pe", 2, false}, {1, "mil.pe", 2, false}, - {1, "org.pe", 2, false}, - {1, "com.pe", 2, false}, {1, "net.pe", 2, false}, + {1, "nom.pe", 2, false}, + {1, "org.pe", 2, false}, {1, "pf", 1, false}, {1, "com.pf", 2, false}, - {1, "org.pf", 2, false}, {1, "edu.pf", 2, false}, + {1, "org.pf", 2, false}, {2, "pg", 2, false}, {1, "ph", 1, false}, {1, "com.ph", 2, false}, - {1, "net.ph", 2, false}, - {1, "org.ph", 2, false}, - {1, "gov.ph", 2, false}, {1, "edu.ph", 2, false}, - {1, "ngo.ph", 2, false}, - {1, "mil.ph", 2, false}, + {1, "gov.ph", 2, false}, {1, "i.ph", 2, false}, + {1, "mil.ph", 2, false}, + {1, "net.ph", 2, false}, + {1, "ngo.ph", 2, false}, + {1, "org.ph", 2, false}, {1, "pk", 1, false}, {1, "ac.pk", 2, false}, {1, "biz.pk", 2, false}, @@ -4559,7 +4570,6 @@ var r = [9784]Rule{ {1, "gob.pk", 2, false}, {1, "gog.pk", 2, false}, {1, "gok.pk", 2, false}, - {1, "gon.pk", 2, false}, {1, "gop.pk", 2, false}, {1, "gos.pk", 2, false}, {1, "gov.pk", 2, false}, @@ -4570,8 +4580,8 @@ var r = [9784]Rule{ {1, "com.pl", 2, false}, {1, "net.pl", 2, false}, {1, "org.pl", 2, false}, - {1, "aid.pl", 2, false}, {1, "agro.pl", 2, false}, + {1, "aid.pl", 2, false}, {1, "atm.pl", 2, false}, {1, "auto.pl", 2, false}, {1, "biz.pl", 2, false}, @@ -4580,8 +4590,8 @@ var r = [9784]Rule{ {1, "gsm.pl", 2, false}, {1, "info.pl", 2, false}, {1, "mail.pl", 2, false}, - {1, "miasta.pl", 2, false}, {1, "media.pl", 2, false}, + {1, "miasta.pl", 2, false}, {1, "mil.pl", 2, false}, {1, "nieruchomosci.pl", 2, false}, {1, "nom.pl", 2, false}, @@ -4682,11 +4692,11 @@ var r = [9784]Rule{ {1, "jelenia-gora.pl", 2, false}, {1, "jgora.pl", 2, false}, {1, "kalisz.pl", 2, false}, - {1, "kazimierz-dolny.pl", 2, false}, {1, "karpacz.pl", 2, false}, {1, "kartuzy.pl", 2, false}, {1, "kaszuby.pl", 2, false}, {1, "katowice.pl", 2, false}, + {1, "kazimierz-dolny.pl", 2, false}, {1, "kepno.pl", 2, false}, {1, "ketrzyn.pl", 2, false}, {1, "klodzko.pl", 2, false}, @@ -4729,8 +4739,8 @@ var r = [9784]Rule{ {1, "podhale.pl", 2, false}, {1, "podlasie.pl", 2, false}, {1, "polkowice.pl", 2, false}, - {1, "pomorze.pl", 2, false}, {1, "pomorskie.pl", 2, false}, + {1, "pomorze.pl", 2, false}, {1, "prochowice.pl", 2, false}, {1, "pruszkow.pl", 2, false}, {1, "przeworsk.pl", 2, false}, @@ -4741,11 +4751,11 @@ var r = [9784]Rule{ {1, "rzeszow.pl", 2, false}, {1, "sanok.pl", 2, false}, {1, "sejny.pl", 2, false}, + {1, "skoczow.pl", 2, false}, {1, "slask.pl", 2, false}, {1, "slupsk.pl", 2, false}, {1, "sosnowiec.pl", 2, false}, {1, "stalowa-wola.pl", 2, false}, - {1, "skoczow.pl", 2, false}, {1, "starachowice.pl", 2, false}, {1, "stargard.pl", 2, false}, {1, "suwalki.pl", 2, false}, @@ -4777,26 +4787,26 @@ var r = [9784]Rule{ {1, "zgorzelec.pl", 2, false}, {1, "pm", 1, false}, {1, "pn", 1, false}, - {1, "gov.pn", 2, false}, {1, "co.pn", 2, false}, - {1, "org.pn", 2, false}, {1, "edu.pn", 2, false}, + {1, "gov.pn", 2, false}, {1, "net.pn", 2, false}, + {1, "org.pn", 2, false}, {1, "post", 1, false}, {1, "pr", 1, false}, + {1, "biz.pr", 2, false}, {1, "com.pr", 2, false}, + {1, "edu.pr", 2, false}, + {1, "gov.pr", 2, false}, + {1, "info.pr", 2, false}, + {1, "isla.pr", 2, false}, + {1, "name.pr", 2, false}, {1, "net.pr", 2, false}, {1, "org.pr", 2, false}, - {1, "gov.pr", 2, false}, - {1, "edu.pr", 2, false}, - {1, "isla.pr", 2, false}, {1, "pro.pr", 2, false}, - {1, "biz.pr", 2, false}, - {1, "info.pr", 2, false}, - {1, "name.pr", 2, false}, + {1, "ac.pr", 2, false}, {1, "est.pr", 2, false}, {1, "prof.pr", 2, false}, - {1, "ac.pr", 2, false}, {1, "pro", 1, false}, {1, "aaa.pro", 2, false}, {1, "aca.pro", 2, false}, @@ -4810,29 +4820,24 @@ var r = [9784]Rule{ {1, "med.pro", 2, false}, {1, "recht.pro", 2, false}, {1, "ps", 1, false}, + {1, "com.ps", 2, false}, {1, "edu.ps", 2, false}, {1, "gov.ps", 2, false}, - {1, "sec.ps", 2, false}, - {1, "plo.ps", 2, false}, - {1, "com.ps", 2, false}, - {1, "org.ps", 2, false}, {1, "net.ps", 2, false}, + {1, "org.ps", 2, false}, + {1, "plo.ps", 2, false}, + {1, "sec.ps", 2, false}, {1, "pt", 1, false}, - {1, "net.pt", 2, false}, - {1, "gov.pt", 2, false}, - {1, "org.pt", 2, false}, - {1, "edu.pt", 2, false}, - {1, "int.pt", 2, false}, - {1, "publ.pt", 2, false}, {1, "com.pt", 2, false}, + {1, "edu.pt", 2, false}, + {1, "gov.pt", 2, false}, + {1, "int.pt", 2, false}, + {1, "net.pt", 2, false}, {1, "nome.pt", 2, false}, + {1, "org.pt", 2, false}, + {1, "publ.pt", 2, false}, {1, "pw", 1, false}, - {1, "co.pw", 2, false}, - {1, "ne.pw", 2, false}, - {1, "or.pw", 2, false}, - {1, "ed.pw", 2, false}, - {1, "go.pw", 2, false}, - {1, "belau.pw", 2, false}, + {1, "gov.pw", 2, false}, {1, "py", 1, false}, {1, "com.py", 2, false}, {1, "coop.py", 2, false}, @@ -4853,7 +4858,6 @@ var r = [9784]Rule{ {1, "re", 1, false}, {1, "asso.re", 2, false}, {1, "com.re", 2, false}, - {1, "nom.re", 2, false}, {1, "ro", 1, false}, {1, "arts.ro", 2, false}, {1, "com.ro", 2, false}, @@ -4884,12 +4888,12 @@ var r = [9784]Rule{ {1, "org.rw", 2, false}, {1, "sa", 1, false}, {1, "com.sa", 2, false}, - {1, "net.sa", 2, false}, - {1, "org.sa", 2, false}, + {1, "edu.sa", 2, false}, {1, "gov.sa", 2, false}, {1, "med.sa", 2, false}, + {1, "net.sa", 2, false}, + {1, "org.sa", 2, false}, {1, "pub.sa", 2, false}, - {1, "edu.sa", 2, false}, {1, "sch.sa", 2, false}, {1, "sb", 1, false}, {1, "com.sb", 2, false}, @@ -4899,19 +4903,19 @@ var r = [9784]Rule{ {1, "org.sb", 2, false}, {1, "sc", 1, false}, {1, "com.sc", 2, false}, + {1, "edu.sc", 2, false}, {1, "gov.sc", 2, false}, {1, "net.sc", 2, false}, {1, "org.sc", 2, false}, - {1, "edu.sc", 2, false}, {1, "sd", 1, false}, {1, "com.sd", 2, false}, - {1, "net.sd", 2, false}, - {1, "org.sd", 2, false}, {1, "edu.sd", 2, false}, - {1, "med.sd", 2, false}, - {1, "tv.sd", 2, false}, {1, "gov.sd", 2, false}, {1, "info.sd", 2, false}, + {1, "med.sd", 2, false}, + {1, "net.sd", 2, false}, + {1, "org.sd", 2, false}, + {1, "tv.sd", 2, false}, {1, "se", 1, false}, {1, "a.se", 2, false}, {1, "ac.se", 2, false}, @@ -4954,25 +4958,24 @@ var r = [9784]Rule{ {1, "z.se", 2, false}, {1, "sg", 1, false}, {1, "com.sg", 2, false}, + {1, "edu.sg", 2, false}, + {1, "gov.sg", 2, false}, {1, "net.sg", 2, false}, {1, "org.sg", 2, false}, - {1, "gov.sg", 2, false}, - {1, "edu.sg", 2, false}, - {1, "per.sg", 2, false}, {1, "sh", 1, false}, {1, "com.sh", 2, false}, - {1, "net.sh", 2, false}, {1, "gov.sh", 2, false}, - {1, "org.sh", 2, false}, {1, "mil.sh", 2, false}, + {1, "net.sh", 2, false}, + {1, "org.sh", 2, false}, {1, "si", 1, false}, {1, "sj", 1, false}, {1, "sk", 1, false}, {1, "sl", 1, false}, {1, "com.sl", 2, false}, - {1, "net.sl", 2, false}, {1, "edu.sl", 2, false}, {1, "gov.sl", 2, false}, + {1, "net.sl", 2, false}, {1, "org.sl", 2, false}, {1, "sm", 1, false}, {1, "sn", 1, false}, @@ -4993,6 +4996,7 @@ var r = [9784]Rule{ {1, "sr", 1, false}, {1, "ss", 1, false}, {1, "biz.ss", 2, false}, + {1, "co.ss", 2, false}, {1, "com.ss", 2, false}, {1, "edu.ss", 2, false}, {1, "gov.ss", 2, false}, @@ -5022,15 +5026,15 @@ var r = [9784]Rule{ {1, "sx", 1, false}, {1, "gov.sx", 2, false}, {1, "sy", 1, false}, + {1, "com.sy", 2, false}, {1, "edu.sy", 2, false}, {1, "gov.sy", 2, false}, - {1, "net.sy", 2, false}, {1, "mil.sy", 2, false}, - {1, "com.sy", 2, false}, + {1, "net.sy", 2, false}, {1, "org.sy", 2, false}, {1, "sz", 1, false}, - {1, "co.sz", 2, false}, {1, "ac.sz", 2, false}, + {1, "co.sz", 2, false}, {1, "org.sz", 2, false}, {1, "tc", 1, false}, {1, "td", 1, false}, @@ -5065,14 +5069,14 @@ var r = [9784]Rule{ {1, "tl", 1, false}, {1, "gov.tl", 2, false}, {1, "tm", 1, false}, - {1, "com.tm", 2, false}, {1, "co.tm", 2, false}, - {1, "org.tm", 2, false}, - {1, "net.tm", 2, false}, - {1, "nom.tm", 2, false}, + {1, "com.tm", 2, false}, + {1, "edu.tm", 2, false}, {1, "gov.tm", 2, false}, {1, "mil.tm", 2, false}, - {1, "edu.tm", 2, false}, + {1, "net.tm", 2, false}, + {1, "nom.tm", 2, false}, + {1, "org.tm", 2, false}, {1, "tn", 1, false}, {1, "com.tn", 2, false}, {1, "ens.tn", 2, false}, @@ -5089,11 +5093,11 @@ var r = [9784]Rule{ {1, "tourism.tn", 2, false}, {1, "to", 1, false}, {1, "com.to", 2, false}, + {1, "edu.to", 2, false}, {1, "gov.to", 2, false}, + {1, "mil.to", 2, false}, {1, "net.to", 2, false}, {1, "org.to", 2, false}, - {1, "edu.to", 2, false}, - {1, "mil.to", 2, false}, {1, "tr", 1, false}, {1, "av.tr", 2, false}, {1, "bbs.tr", 2, false}, @@ -5105,9 +5109,9 @@ var r = [9784]Rule{ {1, "gen.tr", 2, false}, {1, "gov.tr", 2, false}, {1, "info.tr", 2, false}, - {1, "mil.tr", 2, false}, {1, "k12.tr", 2, false}, {1, "kep.tr", 2, false}, + {1, "mil.tr", 2, false}, {1, "name.tr", 2, false}, {1, "net.tr", 2, false}, {1, "org.tr", 2, false}, @@ -5119,38 +5123,29 @@ var r = [9784]Rule{ {1, "nc.tr", 2, false}, {1, "gov.nc.tr", 3, false}, {1, "tt", 1, false}, + {1, "biz.tt", 2, false}, {1, "co.tt", 2, false}, {1, "com.tt", 2, false}, - {1, "org.tt", 2, false}, - {1, "net.tt", 2, false}, - {1, "biz.tt", 2, false}, - {1, "info.tt", 2, false}, - {1, "pro.tt", 2, false}, - {1, "int.tt", 2, false}, - {1, "coop.tt", 2, false}, - {1, "jobs.tt", 2, false}, - {1, "mobi.tt", 2, false}, - {1, "travel.tt", 2, false}, - {1, "museum.tt", 2, false}, - {1, "aero.tt", 2, false}, - {1, "name.tt", 2, false}, - {1, "gov.tt", 2, false}, {1, "edu.tt", 2, false}, + {1, "gov.tt", 2, false}, + {1, "info.tt", 2, false}, + {1, "mil.tt", 2, false}, + {1, "name.tt", 2, false}, + {1, "net.tt", 2, false}, + {1, "org.tt", 2, false}, + {1, "pro.tt", 2, false}, {1, "tv", 1, false}, {1, "tw", 1, false}, - {1, "edu.tw", 2, false}, - {1, "gov.tw", 2, false}, - {1, "mil.tw", 2, false}, + {1, "club.tw", 2, false}, {1, "com.tw", 2, false}, + {1, "ebiz.tw", 2, false}, + {1, "edu.tw", 2, false}, + {1, "game.tw", 2, false}, + {1, "gov.tw", 2, false}, + {1, "idv.tw", 2, false}, + {1, "mil.tw", 2, false}, {1, "net.tw", 2, false}, {1, "org.tw", 2, false}, - {1, "idv.tw", 2, false}, - {1, "game.tw", 2, false}, - {1, "ebiz.tw", 2, false}, - {1, "club.tw", 2, false}, - {1, "xn--zf0ao64a.tw", 2, false}, - {1, "xn--uc0atv.tw", 2, false}, - {1, "xn--czrw28b.tw", 2, false}, {1, "tz", 1, false}, {1, "ac.tz", 2, false}, {1, "co.tz", 2, false}, @@ -5245,14 +5240,18 @@ var r = [9784]Rule{ {1, "zp.ua", 2, false}, {1, "zt.ua", 2, false}, {1, "ug", 1, false}, - {1, "co.ug", 2, false}, - {1, "or.ug", 2, false}, {1, "ac.ug", 2, false}, - {1, "sc.ug", 2, false}, - {1, "go.ug", 2, false}, - {1, "ne.ug", 2, false}, + {1, "co.ug", 2, false}, {1, "com.ug", 2, false}, + {1, "edu.ug", 2, false}, + {1, "go.ug", 2, false}, + {1, "gov.ug", 2, false}, + {1, "mil.ug", 2, false}, + {1, "ne.ug", 2, false}, + {1, "or.ug", 2, false}, {1, "org.ug", 2, false}, + {1, "sc.ug", 2, false}, + {1, "us.ug", 2, false}, {1, "uk", 1, false}, {1, "ac.uk", 2, false}, {1, "co.uk", 2, false}, @@ -5267,9 +5266,7 @@ var r = [9784]Rule{ {2, "sch.uk", 3, false}, {1, "us", 1, false}, {1, "dni.us", 2, false}, - {1, "fed.us", 2, false}, {1, "isa.us", 2, false}, - {1, "kids.us", 2, false}, {1, "nsn.us", 2, false}, {1, "ak.us", 2, false}, {1, "al.us", 2, false}, @@ -5319,9 +5316,9 @@ var r = [9784]Rule{ {1, "tn.us", 2, false}, {1, "tx.us", 2, false}, {1, "ut.us", 2, false}, + {1, "va.us", 2, false}, {1, "vi.us", 2, false}, {1, "vt.us", 2, false}, - {1, "va.us", 2, false}, {1, "wa.us", 2, false}, {1, "wi.us", 2, false}, {1, "wv.us", 2, false}, @@ -5369,21 +5366,29 @@ var r = [9784]Rule{ {1, "k12.tn.us", 3, false}, {1, "k12.tx.us", 3, false}, {1, "k12.ut.us", 3, false}, + {1, "k12.va.us", 3, false}, {1, "k12.vi.us", 3, false}, {1, "k12.vt.us", 3, false}, - {1, "k12.va.us", 3, false}, {1, "k12.wa.us", 3, false}, {1, "k12.wi.us", 3, false}, - {1, "k12.wy.us", 3, false}, {1, "cc.ak.us", 3, false}, + {1, "lib.ak.us", 3, false}, {1, "cc.al.us", 3, false}, + {1, "lib.al.us", 3, false}, {1, "cc.ar.us", 3, false}, + {1, "lib.ar.us", 3, false}, {1, "cc.as.us", 3, false}, + {1, "lib.as.us", 3, false}, {1, "cc.az.us", 3, false}, + {1, "lib.az.us", 3, false}, {1, "cc.ca.us", 3, false}, + {1, "lib.ca.us", 3, false}, {1, "cc.co.us", 3, false}, + {1, "lib.co.us", 3, false}, {1, "cc.ct.us", 3, false}, + {1, "lib.ct.us", 3, false}, {1, "cc.dc.us", 3, false}, + {1, "lib.dc.us", 3, false}, {1, "cc.de.us", 3, false}, {1, "cc.fl.us", 3, false}, {1, "cc.ga.us", 3, false}, @@ -5423,22 +5428,14 @@ var r = [9784]Rule{ {1, "cc.tn.us", 3, false}, {1, "cc.tx.us", 3, false}, {1, "cc.ut.us", 3, false}, + {1, "cc.va.us", 3, false}, {1, "cc.vi.us", 3, false}, {1, "cc.vt.us", 3, false}, - {1, "cc.va.us", 3, false}, {1, "cc.wa.us", 3, false}, {1, "cc.wi.us", 3, false}, {1, "cc.wv.us", 3, false}, {1, "cc.wy.us", 3, false}, - {1, "lib.ak.us", 3, false}, - {1, "lib.al.us", 3, false}, - {1, "lib.ar.us", 3, false}, - {1, "lib.as.us", 3, false}, - {1, "lib.az.us", 3, false}, - {1, "lib.ca.us", 3, false}, - {1, "lib.co.us", 3, false}, - {1, "lib.ct.us", 3, false}, - {1, "lib.dc.us", 3, false}, + {1, "k12.wy.us", 3, false}, {1, "lib.fl.us", 3, false}, {1, "lib.ga.us", 3, false}, {1, "lib.gu.us", 3, false}, @@ -5477,15 +5474,15 @@ var r = [9784]Rule{ {1, "lib.tn.us", 3, false}, {1, "lib.tx.us", 3, false}, {1, "lib.ut.us", 3, false}, + {1, "lib.va.us", 3, false}, {1, "lib.vi.us", 3, false}, {1, "lib.vt.us", 3, false}, - {1, "lib.va.us", 3, false}, {1, "lib.wa.us", 3, false}, {1, "lib.wi.us", 3, false}, {1, "lib.wy.us", 3, false}, - {1, "pvt.k12.ma.us", 4, false}, {1, "chtr.k12.ma.us", 4, false}, {1, "paroch.k12.ma.us", 4, false}, + {1, "pvt.k12.ma.us", 4, false}, {1, "ann-arbor.mi.us", 3, false}, {1, "cog.mi.us", 3, false}, {1, "dst.mi.us", 3, false}, @@ -5509,11 +5506,11 @@ var r = [9784]Rule{ {1, "va", 1, false}, {1, "vc", 1, false}, {1, "com.vc", 2, false}, - {1, "net.vc", 2, false}, - {1, "org.vc", 2, false}, + {1, "edu.vc", 2, false}, {1, "gov.vc", 2, false}, {1, "mil.vc", 2, false}, - {1, "edu.vc", 2, false}, + {1, "net.vc", 2, false}, + {1, "org.vc", 2, false}, {1, "ve", 1, false}, {1, "arts.ve", 2, false}, {1, "bib.ve", 2, false}, @@ -5521,6 +5518,7 @@ var r = [9784]Rule{ {1, "com.ve", 2, false}, {1, "e12.ve", 2, false}, {1, "edu.ve", 2, false}, + {1, "emprende.ve", 2, false}, {1, "firm.ve", 2, false}, {1, "gob.ve", 2, false}, {1, "gov.ve", 2, false}, @@ -5536,6 +5534,7 @@ var r = [9784]Rule{ {1, "tec.ve", 2, false}, {1, "web.ve", 2, false}, {1, "vg", 1, false}, + {1, "edu.vg", 2, false}, {1, "vi", 1, false}, {1, "co.vi", 2, false}, {1, "com.vi", 2, false}, @@ -5629,10 +5628,10 @@ var r = [9784]Rule{ {1, "wf", 1, false}, {1, "ws", 1, false}, {1, "com.ws", 2, false}, + {1, "edu.ws", 2, false}, + {1, "gov.ws", 2, false}, {1, "net.ws", 2, false}, {1, "org.ws", 2, false}, - {1, "gov.ws", 2, false}, - {1, "edu.ws", 2, false}, {1, "yt", 1, false}, {1, "xn--mgbaam7a8h", 1, false}, {1, "xn--y9a3aq", 1, false}, @@ -5650,12 +5649,12 @@ var r = [9784]Rule{ {1, "xn--node", 1, false}, {1, "xn--qxam", 1, false}, {1, "xn--j6w193g", 1, false}, - {1, "xn--55qx5d.xn--j6w193g", 2, false}, - {1, "xn--wcvs22d.xn--j6w193g", 2, false}, - {1, "xn--mxtq1m.xn--j6w193g", 2, false}, {1, "xn--gmqw5a.xn--j6w193g", 2, false}, - {1, "xn--od0alg.xn--j6w193g", 2, false}, + {1, "xn--55qx5d.xn--j6w193g", 2, false}, + {1, "xn--mxtq1m.xn--j6w193g", 2, false}, + {1, "xn--wcvs22d.xn--j6w193g", 2, false}, {1, "xn--uc0atv.xn--j6w193g", 2, false}, + {1, "xn--od0alg.xn--j6w193g", 2, false}, {1, "xn--2scrj9c", 1, false}, {1, "xn--3hcrj9c", 1, false}, {1, "xn--45br5cyl", 1, false}, @@ -5691,12 +5690,12 @@ var r = [9784]Rule{ {1, "xn--mgbai9a5eva00b", 1, false}, {1, "xn--ygbi2ammx", 1, false}, {1, "xn--90a3ac", 1, false}, - {1, "xn--o1ac.xn--90a3ac", 2, false}, - {1, "xn--c1avg.xn--90a3ac", 2, false}, + {1, "xn--80au.xn--90a3ac", 2, false}, {1, "xn--90azh.xn--90a3ac", 2, false}, {1, "xn--d1at.xn--90a3ac", 2, false}, + {1, "xn--c1avg.xn--90a3ac", 2, false}, + {1, "xn--o1ac.xn--90a3ac", 2, false}, {1, "xn--o1ach.xn--90a3ac", 2, false}, - {1, "xn--80au.xn--90a3ac", 2, false}, {1, "xn--p1ai", 1, false}, {1, "xn--wgbl6a", 1, false}, {1, "xn--mgberp4a5d4ar", 1, false}, @@ -5709,11 +5708,11 @@ var r = [9784]Rule{ {1, "xn--ogbpf8fl", 1, false}, {1, "xn--mgbtf8fl", 1, false}, {1, "xn--o3cw4h", 1, false}, - {1, "xn--12c1fe0br.xn--o3cw4h", 2, false}, - {1, "xn--12co0c3b4eva.xn--o3cw4h", 2, false}, - {1, "xn--h3cuzk1di.xn--o3cw4h", 2, false}, {1, "xn--o3cyx2a.xn--o3cw4h", 2, false}, + {1, "xn--12co0c3b4eva.xn--o3cw4h", 2, false}, {1, "xn--m3ch0j3a.xn--o3cw4h", 2, false}, + {1, "xn--h3cuzk1di.xn--o3cw4h", 2, false}, + {1, "xn--12c1fe0br.xn--o3cw4h", 2, false}, {1, "xn--12cfi8ixb8l.xn--o3cw4h", 2, false}, {1, "xn--pgbs0dh", 1, false}, {1, "xn--kpry57d", 1, false}, @@ -5726,8 +5725,8 @@ var r = [9784]Rule{ {1, "com.ye", 2, false}, {1, "edu.ye", 2, false}, {1, "gov.ye", 2, false}, - {1, "net.ye", 2, false}, {1, "mil.ye", 2, false}, + {1, "net.ye", 2, false}, {1, "org.ye", 2, false}, {1, "ac.za", 2, false}, {1, "agric.za", 2, false}, @@ -6001,7 +6000,6 @@ var r = [9784]Rule{ {1, "cuisinella", 1, false}, {1, "cymru", 1, false}, {1, "cyou", 1, false}, - {1, "dabur", 1, false}, {1, "dad", 1, false}, {1, "dance", 1, false}, {1, "data", 1, false}, @@ -6268,7 +6266,6 @@ var r = [9784]Rule{ {1, "kaufen", 1, false}, {1, "kddi", 1, false}, {1, "kerryhotels", 1, false}, - {1, "kerrylogistics", 1, false}, {1, "kerryproperties", 1, false}, {1, "kfh", 1, false}, {1, "kia", 1, false}, @@ -6318,7 +6315,6 @@ var r = [9784]Rule{ {1, "limo", 1, false}, {1, "lincoln", 1, false}, {1, "link", 1, false}, - {1, "lipsy", 1, false}, {1, "live", 1, false}, {1, "living", 1, false}, {1, "llc", 1, false}, @@ -6363,6 +6359,7 @@ var r = [9784]Rule{ {1, "memorial", 1, false}, {1, "men", 1, false}, {1, "menu", 1, false}, + {1, "merck", 1, false}, {1, "merckmsd", 1, false}, {1, "miami", 1, false}, {1, "microsoft", 1, false}, @@ -6898,10 +6895,13 @@ var r = [9784]Rule{ {1, "611.to", 2, true}, {1, "a2hosted.com", 2, true}, {1, "cpserver.com", 2, true}, - {1, "aaa.vodka", 2, true}, {2, "on-acorn.io", 3, true}, {1, "activetrail.biz", 2, true}, {1, "adaptable.app", 2, true}, + {1, "myaddr.dev", 2, true}, + {1, "myaddr.io", 2, true}, + {1, "dyn.addr.tools", 3, true}, + {1, "myaddr.tools", 2, true}, {1, "adobeaemcloud.com", 2, true}, {2, "dev.adobeaemcloud.com", 4, true}, {1, "aem.live", 2, true}, @@ -6917,6 +6917,7 @@ var r = [9784]Rule{ {1, "airkitapps.com", 2, true}, {1, "airkitapps-au.com", 2, true}, {1, "airkitapps.eu", 2, true}, + {1, "aiven.app", 2, true}, {1, "aivencloud.com", 2, true}, {1, "akadns.net", 2, true}, {1, "akamai.net", 2, true}, @@ -6936,6 +6937,7 @@ var r = [9784]Rule{ {1, "barsy.ca", 2, true}, {2, "compute.estate", 3, true}, {2, "alces.network", 3, true}, + {1, "alibabacloudcs.com", 2, true}, {1, "kasserver.com", 2, true}, {1, "altervista.org", 2, true}, {1, "alwaysdata.net", 2, true}, @@ -6953,6 +6955,7 @@ var r = [9784]Rule{ {1, "execute-api.ap-southeast-2.amazonaws.com", 4, true}, {1, "execute-api.ap-southeast-3.amazonaws.com", 4, true}, {1, "execute-api.ap-southeast-4.amazonaws.com", 4, true}, + {1, "execute-api.ap-southeast-5.amazonaws.com", 4, true}, {1, "execute-api.ca-central-1.amazonaws.com", 4, true}, {1, "execute-api.ca-west-1.amazonaws.com", 4, true}, {1, "execute-api.eu-central-1.amazonaws.com", 4, true}, @@ -7199,6 +7202,7 @@ var r = [9784]Rule{ {1, "s3-website.ap-south-1.amazonaws.com", 4, true}, {1, "s3.dualstack.ap-south-2.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.ap-south-2.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.ap-south-2.amazonaws.com", 5, true}, {1, "s3.ap-south-2.amazonaws.com", 4, true}, {1, "s3-accesspoint.ap-south-2.amazonaws.com", 4, true}, {1, "s3-object-lambda.ap-south-2.amazonaws.com", 4, true}, @@ -7219,16 +7223,26 @@ var r = [9784]Rule{ {1, "s3-website.ap-southeast-2.amazonaws.com", 4, true}, {1, "s3.dualstack.ap-southeast-3.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.ap-southeast-3.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.ap-southeast-3.amazonaws.com", 5, true}, {1, "s3.ap-southeast-3.amazonaws.com", 4, true}, {1, "s3-accesspoint.ap-southeast-3.amazonaws.com", 4, true}, {1, "s3-object-lambda.ap-southeast-3.amazonaws.com", 4, true}, {1, "s3-website.ap-southeast-3.amazonaws.com", 4, true}, {1, "s3.dualstack.ap-southeast-4.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.ap-southeast-4.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.ap-southeast-4.amazonaws.com", 5, true}, {1, "s3.ap-southeast-4.amazonaws.com", 4, true}, {1, "s3-accesspoint.ap-southeast-4.amazonaws.com", 4, true}, {1, "s3-object-lambda.ap-southeast-4.amazonaws.com", 4, true}, {1, "s3-website.ap-southeast-4.amazonaws.com", 4, true}, + {1, "s3.dualstack.ap-southeast-5.amazonaws.com", 5, true}, + {1, "s3-accesspoint.dualstack.ap-southeast-5.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.ap-southeast-5.amazonaws.com", 5, true}, + {1, "s3.ap-southeast-5.amazonaws.com", 4, true}, + {1, "s3-accesspoint.ap-southeast-5.amazonaws.com", 4, true}, + {1, "s3-deprecated.ap-southeast-5.amazonaws.com", 4, true}, + {1, "s3-object-lambda.ap-southeast-5.amazonaws.com", 4, true}, + {1, "s3-website.ap-southeast-5.amazonaws.com", 4, true}, {1, "s3.dualstack.ca-central-1.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.ca-central-1.amazonaws.com", 5, true}, {1, "s3-accesspoint-fips.dualstack.ca-central-1.amazonaws.com", 5, true}, @@ -7249,6 +7263,7 @@ var r = [9784]Rule{ {1, "s3-accesspoint.ca-west-1.amazonaws.com", 4, true}, {1, "s3-accesspoint-fips.ca-west-1.amazonaws.com", 4, true}, {1, "s3-fips.ca-west-1.amazonaws.com", 4, true}, + {1, "s3-object-lambda.ca-west-1.amazonaws.com", 4, true}, {1, "s3-website.ca-west-1.amazonaws.com", 4, true}, {1, "s3.dualstack.eu-central-1.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.eu-central-1.amazonaws.com", 5, true}, @@ -7259,6 +7274,7 @@ var r = [9784]Rule{ {1, "s3-website.eu-central-1.amazonaws.com", 4, true}, {1, "s3.dualstack.eu-central-2.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.eu-central-2.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.eu-central-2.amazonaws.com", 5, true}, {1, "s3.eu-central-2.amazonaws.com", 4, true}, {1, "s3-accesspoint.eu-central-2.amazonaws.com", 4, true}, {1, "s3-object-lambda.eu-central-2.amazonaws.com", 4, true}, @@ -7278,6 +7294,7 @@ var r = [9784]Rule{ {1, "s3-website.eu-south-1.amazonaws.com", 4, true}, {1, "s3.dualstack.eu-south-2.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.eu-south-2.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.eu-south-2.amazonaws.com", 5, true}, {1, "s3.eu-south-2.amazonaws.com", 4, true}, {1, "s3-accesspoint.eu-south-2.amazonaws.com", 4, true}, {1, "s3-object-lambda.eu-south-2.amazonaws.com", 4, true}, @@ -7305,12 +7322,14 @@ var r = [9784]Rule{ {1, "s3-website.eu-west-3.amazonaws.com", 4, true}, {1, "s3.dualstack.il-central-1.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.il-central-1.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.il-central-1.amazonaws.com", 5, true}, {1, "s3.il-central-1.amazonaws.com", 4, true}, {1, "s3-accesspoint.il-central-1.amazonaws.com", 4, true}, {1, "s3-object-lambda.il-central-1.amazonaws.com", 4, true}, {1, "s3-website.il-central-1.amazonaws.com", 4, true}, {1, "s3.dualstack.me-central-1.amazonaws.com", 5, true}, {1, "s3-accesspoint.dualstack.me-central-1.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.me-central-1.amazonaws.com", 5, true}, {1, "s3.me-central-1.amazonaws.com", 4, true}, {1, "s3-accesspoint.me-central-1.amazonaws.com", 4, true}, {1, "s3-object-lambda.me-central-1.amazonaws.com", 4, true}, @@ -7379,6 +7398,7 @@ var r = [9784]Rule{ {1, "s3-accesspoint.dualstack.us-east-2.amazonaws.com", 5, true}, {1, "s3-accesspoint-fips.dualstack.us-east-2.amazonaws.com", 5, true}, {1, "s3-fips.dualstack.us-east-2.amazonaws.com", 5, true}, + {1, "s3-website.dualstack.us-east-2.amazonaws.com", 5, true}, {1, "s3.us-east-2.amazonaws.com", 4, true}, {1, "s3-accesspoint.us-east-2.amazonaws.com", 4, true}, {1, "s3-accesspoint-fips.us-east-2.amazonaws.com", 4, true}, @@ -7493,6 +7513,7 @@ var r = [9784]Rule{ {1, "studio.ap-southeast-3.sagemaker.aws", 4, true}, {1, "studio.ca-central-1.sagemaker.aws", 4, true}, {1, "studio.eu-central-1.sagemaker.aws", 4, true}, + {1, "studio.eu-central-2.sagemaker.aws", 4, true}, {1, "studio.eu-north-1.sagemaker.aws", 4, true}, {1, "studio.eu-south-1.sagemaker.aws", 4, true}, {1, "studio.eu-south-2.sagemaker.aws", 4, true}, @@ -7624,6 +7645,15 @@ var r = [9784]Rule{ {2, "elb.amazonaws.com", 4, true}, {1, "awsglobalaccelerator.com", 2, true}, {2, "private.repost.aws", 4, true}, + {1, "transfer-webapp.ap-northeast-1.on.aws", 4, true}, + {1, "transfer-webapp.ap-southeast-1.on.aws", 4, true}, + {1, "transfer-webapp.ap-southeast-2.on.aws", 4, true}, + {1, "transfer-webapp.eu-central-1.on.aws", 4, true}, + {1, "transfer-webapp.eu-north-1.on.aws", 4, true}, + {1, "transfer-webapp.eu-west-1.on.aws", 4, true}, + {1, "transfer-webapp.us-east-1.on.aws", 4, true}, + {1, "transfer-webapp.us-east-2.on.aws", 4, true}, + {1, "transfer-webapp.us-west-2.on.aws", 4, true}, {1, "eero.online", 2, true}, {1, "eero-stage.online", 2, true}, {1, "apigee.io", 2, true}, @@ -7634,6 +7664,7 @@ var r = [9784]Rule{ {1, "appudo.net", 2, true}, {1, "on-aptible.com", 2, true}, {1, "f5.si", 2, true}, + {1, "arvanedge.ir", 2, true}, {1, "user.aseinet.ne.jp", 4, true}, {1, "gv.vc", 2, true}, {1, "d.gv.vc", 3, true}, @@ -7645,7 +7676,6 @@ var r = [9784]Rule{ {1, "myasustor.com", 2, true}, {1, "cdn.prod.atlassian-dev.net", 4, true}, {1, "translated.page", 2, true}, - {1, "autocode.dev", 2, true}, {1, "myfritz.link", 2, true}, {1, "myfritz.net", 2, true}, {1, "onavstack.net", 2, true}, @@ -7654,9 +7684,6 @@ var r = [9784]Rule{ {1, "ecommerce-shop.pl", 2, true}, {1, "b-data.io", 2, true}, {1, "balena-devices.com", 2, true}, - {2, "banzai.cloud", 3, true}, - {1, "app.banzaicloud.io", 3, true}, - {2, "backyards.banzaicloud.io", 4, true}, {1, "base.ec", 2, true}, {1, "official.ec", 2, true}, {1, "buyshop.jp", 2, true}, @@ -7670,12 +7697,11 @@ var r = [9784]Rule{ {1, "beagleboard.io", 2, true}, {2, "beget.app", 3, true}, {1, "pages.gay", 2, true}, - {1, "betainabox.com", 2, true}, {1, "bnr.la", 2, true}, - {1, "bip.sh", 2, true}, {1, "bitbucket.io", 2, true}, {1, "blackbaudcdn.net", 2, true}, {1, "of.je", 2, true}, + {1, "square.site", 2, true}, {1, "bluebite.io", 2, true}, {1, "boomla.net", 2, true}, {1, "boutir.com", 2, true}, @@ -7686,17 +7712,21 @@ var r = [9784]Rule{ {1, "square7.de", 2, true}, {1, "bplaced.net", 2, true}, {1, "square7.net", 2, true}, + {1, "brave.app", 2, true}, + {2, "s.brave.app", 4, true}, + {1, "brave.io", 2, true}, {2, "s.brave.io", 4, true}, {1, "shop.brendly.hr", 3, true}, {1, "shop.brendly.rs", 3, true}, {1, "browsersafetymark.io", 2, true}, {1, "radio.am", 2, true}, {1, "radio.fm", 2, true}, + {1, "cdn.bubble.io", 3, true}, + {1, "bubbleapps.io", 2, true}, {1, "uk0.bigv.io", 3, true}, {1, "dh.bytemark.co.uk", 4, true}, {1, "vm.bytemark.co.uk", 4, true}, {1, "cafjs.com", 2, true}, - {1, "mycd.eu", 2, true}, {1, "canva-apps.cn", 2, true}, {2, "my.canvasite.cn", 4, true}, {1, "canva-apps.com", 2, true}, @@ -7734,7 +7764,6 @@ var r = [9784]Rule{ {1, "uk.net", 2, true}, {1, "ae.org", 2, true}, {1, "com.se", 2, true}, - {1, "certmgr.org", 2, true}, {1, "cx.ua", 2, true}, {1, "discourse.group", 2, true}, {1, "discourse.team", 2, true}, @@ -7751,20 +7780,24 @@ var r = [9784]Rule{ {1, "clickrising.net", 2, true}, {1, "cloudns.asia", 2, true}, {1, "cloudns.be", 2, true}, + {1, "cloud-ip.biz", 2, true}, {1, "cloudns.biz", 2, true}, {1, "cloudns.cc", 2, true}, {1, "cloudns.ch", 2, true}, {1, "cloudns.cl", 2, true}, {1, "cloudns.club", 2, true}, {1, "dnsabr.com", 2, true}, + {1, "ip-ddns.com", 2, true}, {1, "cloudns.cx", 2, true}, {1, "cloudns.eu", 2, true}, {1, "cloudns.in", 2, true}, {1, "cloudns.info", 2, true}, + {1, "ddns-ip.net", 2, true}, {1, "dns-cloud.net", 2, true}, {1, "dns-dynamic.net", 2, true}, {1, "cloudns.nz", 2, true}, {1, "cloudns.org", 2, true}, + {1, "ip-dynamic.org", 2, true}, {1, "cloudns.ph", 2, true}, {1, "cloudns.pro", 2, true}, {1, "cloudns.pw", 2, true}, @@ -7777,6 +7810,7 @@ var r = [9784]Rule{ {1, "cloudaccess.host", 2, true}, {1, "freesite.host", 2, true}, {1, "cloudaccess.net", 2, true}, + {1, "cloudbeesusercontent.io", 2, true}, {2, "cloudera.site", 3, true}, {1, "cf-ipfs.com", 2, true}, {1, "cloudflare-ipfs.com", 2, true}, @@ -7804,13 +7838,13 @@ var r = [9784]Rule{ {1, "co.no", 2, true}, {1, "webhosting.be", 2, true}, {1, "hosting-cluster.nl", 2, true}, + {1, "ctfcloud.net", 2, true}, {1, "convex.site", 2, true}, {1, "ac.ru", 2, true}, {1, "edu.ru", 2, true}, {1, "gov.ru", 2, true}, {1, "int.ru", 2, true}, {1, "mil.ru", 2, true}, - {1, "test.ru", 2, true}, {1, "dyn.cosidns.de", 3, true}, {1, "dnsupdater.de", 2, true}, {1, "dynamisches-dns.de", 2, true}, @@ -7824,27 +7858,15 @@ var r = [9784]Rule{ {1, "realm.cz", 2, true}, {1, "on.crisp.email", 3, true}, {2, "cryptonomic.net", 3, true}, - {1, "curv.dev", 2, true}, - {2, "customer-oci.com", 3, true}, - {2, "oci.customer-oci.com", 4, true}, - {2, "ocp.customer-oci.com", 4, true}, - {2, "ocs.customer-oci.com", 4, true}, {1, "cfolks.pl", 2, true}, {1, "cyon.link", 2, true}, {1, "cyon.site", 2, true}, - {1, "platform0.app", 2, true}, - {1, "fnwk.site", 2, true}, - {1, "folionetwork.site", 2, true}, {1, "biz.dk", 2, true}, {1, "co.dk", 2, true}, {1, "firm.dk", 2, true}, {1, "reg.dk", 2, true}, {1, "store.dk", 2, true}, - {1, "daplie.me", 2, true}, - {1, "localhost.daplie.me", 3, true}, {1, "dyndns.dappnode.io", 3, true}, - {2, "dapps.earth", 3, true}, - {2, "bzz.dapps.earth", 4, true}, {1, "builtwithdark.com", 2, true}, {1, "darklang.io", 2, true}, {1, "demo.datadetect.com", 3, true}, @@ -7856,7 +7878,6 @@ var r = [9784]Rule{ {1, "mydatto.com", 2, true}, {1, "dattolocal.net", 2, true}, {1, "mydatto.net", 2, true}, - {1, "ddns5.com", 2, true}, {1, "ddnss.de", 2, true}, {1, "dyn.ddnss.de", 3, true}, {1, "dyndns.ddnss.de", 3, true}, @@ -7871,6 +7892,7 @@ var r = [9784]Rule{ {1, "definima.net", 2, true}, {1, "deno.dev", 2, true}, {1, "deno-staging.dev", 2, true}, + {1, "deno.net", 2, true}, {1, "dedyn.io", 2, true}, {1, "deta.app", 2, true}, {1, "deta.dev", 2, true}, @@ -7880,13 +7902,10 @@ var r = [9784]Rule{ {1, "ondigitalocean.app", 2, true}, {2, "digitaloceanspaces.com", 3, true}, {1, "us.kg", 2, true}, - {2, "rss.my.id", 4, true}, - {2, "diher.solutions", 3, true}, {1, "discordsays.com", 2, true}, {1, "discordsez.com", 2, true}, {1, "jozi.biz", 2, true}, {1, "dnshome.de", 2, true}, - {1, "bci.dnstrace.pro", 3, true}, {1, "online.th", 2, true}, {1, "shop.th", 2, true}, {1, "drayddns.com", 2, true}, @@ -7894,8 +7913,6 @@ var r = [9784]Rule{ {1, "dreamhosters.com", 2, true}, {1, "durumis.com", 2, true}, {1, "mydrobo.com", 2, true}, - {1, "drud.io", 2, true}, - {1, "drud.us", 2, true}, {1, "duckdns.org", 2, true}, {1, "dy.fi", 2, true}, {1, "tunk.org", 2, true}, @@ -8194,14 +8211,11 @@ var r = [9784]Rule{ {1, "mywire.org", 2, true}, {1, "webredirect.org", 2, true}, {1, "myddns.rocks", 2, true}, - {1, "blogsite.xyz", 2, true}, {1, "dynv6.net", 2, true}, {1, "e4.cz", 2, true}, {1, "easypanel.app", 2, true}, {1, "easypanel.host", 2, true}, {2, "ewp.live", 3, true}, - {1, "onred.one", 2, true}, - {1, "staging.onred.one", 3, true}, {1, "twmail.cc", 2, true}, {1, "twmail.net", 2, true}, {1, "twmail.org", 2, true}, @@ -8251,7 +8265,6 @@ var r = [9784]Rule{ {1, "lt.eu.org", 3, true}, {1, "lu.eu.org", 3, true}, {1, "lv.eu.org", 3, true}, - {1, "mc.eu.org", 3, true}, {1, "me.eu.org", 3, true}, {1, "mk.eu.org", 3, true}, {1, "mt.eu.org", 3, true}, @@ -8261,10 +8274,8 @@ var r = [9784]Rule{ {1, "nl.eu.org", 3, true}, {1, "no.eu.org", 3, true}, {1, "nz.eu.org", 3, true}, - {1, "paris.eu.org", 3, true}, {1, "pl.eu.org", 3, true}, {1, "pt.eu.org", 3, true}, - {1, "q-a.eu.org", 3, true}, {1, "ro.eu.org", 3, true}, {1, "ru.eu.org", 3, true}, {1, "se.eu.org", 3, true}, @@ -8391,9 +8402,8 @@ var r = [9784]Rule{ {1, "fh-muenster.io", 2, true}, {1, "filegear.me", 2, true}, {1, "firebaseapp.com", 2, true}, - {1, "fireweb.app", 2, true}, - {1, "flap.id", 2, true}, {1, "fldrv.com", 2, true}, + {1, "on-fleek.app", 2, true}, {1, "flutterflow.app", 2, true}, {1, "fly.dev", 2, true}, {1, "shw.io", 2, true}, @@ -8407,7 +8417,7 @@ var r = [9784]Rule{ {1, "framer.photos", 2, true}, {1, "framer.website", 2, true}, {1, "framer.wiki", 2, true}, - {1, "0e.vc", 2, true}, + {2, "0e.vc", 3, true}, {1, "freebox-os.com", 2, true}, {1, "freeboxos.com", 2, true}, {1, "fbx-os.fr", 2, true}, @@ -8455,11 +8465,7 @@ var r = [9784]Rule{ {1, "usercontent.jp", 2, true}, {1, "gentapps.com", 2, true}, {1, "gentlentapis.com", 2, true}, - {1, "lab.ms", 2, true}, {1, "cdn-edges.net", 2, true}, - {1, "localcert.net", 2, true}, - {1, "localhostcert.net", 2, true}, - {1, "corpnet.work", 2, true}, {1, "gsj.bz", 2, true}, {1, "githubusercontent.com", 2, true}, {1, "githubpreview.dev", 2, true}, @@ -8580,26 +8586,9 @@ var r = [9784]Rule{ {1, "heteml.net", 2, true}, {1, "graphic.design", 2, true}, {1, "goip.de", 2, true}, - {1, "blogspot.ae", 2, true}, - {1, "blogspot.al", 2, true}, - {1, "blogspot.am", 2, true}, {2, "hosted.app", 3, true}, {2, "run.app", 3, true}, {1, "web.app", 2, true}, - {1, "blogspot.com.ar", 3, true}, - {1, "blogspot.co.at", 3, true}, - {1, "blogspot.com.au", 3, true}, - {1, "blogspot.ba", 2, true}, - {1, "blogspot.be", 2, true}, - {1, "blogspot.bg", 2, true}, - {1, "blogspot.bj", 2, true}, - {1, "blogspot.com.br", 3, true}, - {1, "blogspot.com.by", 3, true}, - {1, "blogspot.ca", 2, true}, - {1, "blogspot.cf", 2, true}, - {1, "blogspot.ch", 2, true}, - {1, "blogspot.cl", 2, true}, - {1, "blogspot.com.co", 3, true}, {2, "0emm.com", 3, true}, {1, "appspot.com", 2, true}, {2, "r.appspot.com", 4, true}, @@ -8608,86 +8597,24 @@ var r = [9784]Rule{ {1, "googleapis.com", 2, true}, {1, "googlecode.com", 2, true}, {1, "pagespeedmobilizer.com", 2, true}, - {1, "publishproxy.com", 2, true}, {1, "withgoogle.com", 2, true}, {1, "withyoutube.com", 2, true}, - {1, "blogspot.cv", 2, true}, - {1, "blogspot.com.cy", 3, true}, - {1, "blogspot.cz", 2, true}, - {1, "blogspot.de", 2, true}, {2, "gateway.dev", 3, true}, - {1, "blogspot.dk", 2, true}, - {1, "blogspot.com.ee", 3, true}, - {1, "blogspot.com.eg", 3, true}, - {1, "blogspot.com.es", 3, true}, - {1, "blogspot.fi", 2, true}, - {1, "blogspot.fr", 2, true}, {1, "cloud.goog", 2, true}, {1, "translate.goog", 2, true}, {2, "usercontent.goog", 3, true}, - {1, "blogspot.gr", 2, true}, - {1, "blogspot.hk", 2, true}, - {1, "blogspot.hr", 2, true}, - {1, "blogspot.hu", 2, true}, - {1, "blogspot.co.id", 3, true}, - {1, "blogspot.ie", 2, true}, - {1, "blogspot.co.il", 3, true}, - {1, "blogspot.in", 2, true}, - {1, "blogspot.is", 2, true}, - {1, "blogspot.it", 2, true}, - {1, "blogspot.jp", 2, true}, - {1, "blogspot.co.ke", 3, true}, - {1, "blogspot.kr", 2, true}, - {1, "blogspot.li", 2, true}, - {1, "blogspot.lt", 2, true}, - {1, "blogspot.lu", 2, true}, - {1, "blogspot.md", 2, true}, - {1, "blogspot.mk", 2, true}, - {1, "blogspot.mr", 2, true}, - {1, "blogspot.com.mt", 3, true}, - {1, "blogspot.mx", 2, true}, - {1, "blogspot.my", 2, true}, {1, "cloudfunctions.net", 2, true}, - {1, "blogspot.com.ng", 3, true}, - {1, "blogspot.nl", 2, true}, - {1, "blogspot.no", 2, true}, - {1, "blogspot.co.nz", 3, true}, - {1, "blogspot.pe", 2, true}, - {1, "blogspot.pt", 2, true}, - {1, "blogspot.qa", 2, true}, - {1, "blogspot.re", 2, true}, - {1, "blogspot.ro", 2, true}, - {1, "blogspot.rs", 2, true}, - {1, "blogspot.ru", 2, true}, - {1, "blogspot.se", 2, true}, - {1, "blogspot.sg", 2, true}, - {1, "blogspot.si", 2, true}, - {1, "blogspot.sk", 2, true}, - {1, "blogspot.sn", 2, true}, - {1, "blogspot.td", 2, true}, - {1, "blogspot.com.tr", 3, true}, - {1, "blogspot.tw", 2, true}, - {1, "blogspot.ug", 2, true}, - {1, "blogspot.co.uk", 3, true}, - {1, "blogspot.com.uy", 3, true}, - {1, "blogspot.vn", 2, true}, - {1, "blogspot.co.za", 3, true}, {1, "goupile.fr", 2, true}, {1, "pymnt.uk", 2, true}, {1, "cloudapps.digital", 2, true}, {1, "london.cloudapps.digital", 3, true}, {1, "gov.nl", 2, true}, + {1, "grafana-dev.net", 2, true}, {1, "grayjayleagues.com", 2, true}, {1, "xn--gnstigbestellen-zvb.de", 2, true}, {1, "xn--gnstigliefern-wob.de", 2, true}, - {1, "fin.ci", 2, true}, - {1, "free.hr", 2, true}, - {1, "caa.li", 2, true}, - {1, "ua.rs", 2, true}, - {1, "conf.se", 2, true}, {1, "xn--hkkinen-5wa.fi", 2, true}, - {1, "hs.run", 2, true}, - {1, "hs.zone", 2, true}, + {1, "hrsn.dev", 2, true}, {1, "hashbang.sh", 2, true}, {1, "hasura.app", 2, true}, {1, "hasura-app.io", 2, true}, @@ -8698,12 +8625,14 @@ var r = [9784]Rule{ {1, "hatenadiary.jp", 2, true}, {1, "hatenadiary.org", 2, true}, {1, "pages.it.hs-heilbronn.de", 4, true}, + {1, "pages-research.it.hs-heilbronn.de", 4, true}, {1, "heiyu.space", 2, true}, {1, "helioho.st", 2, true}, {1, "heliohost.us", 2, true}, {1, "hepforge.org", 2, true}, {1, "herokuapp.com", 2, true}, - {1, "herokussl.com", 2, true}, + {1, "heyflow.page", 2, true}, + {1, "heyflow.site", 2, true}, {1, "ravendb.cloud", 2, true}, {1, "ravendb.community", 2, true}, {1, "development.run", 2, true}, @@ -8712,19 +8641,25 @@ var r = [9784]Rule{ {2, "kin.one", 3, true}, {2, "id.pub", 3, true}, {2, "kin.pub", 3, true}, - {1, "secaas.hk", 2, true}, {1, "hoplix.shop", 2, true}, {1, "orx.biz", 2, true}, {1, "biz.gl", 2, true}, + {1, "biz.ng", 2, true}, + {1, "co.biz.ng", 3, true}, + {1, "dl.biz.ng", 3, true}, + {1, "go.biz.ng", 3, true}, + {1, "lg.biz.ng", 3, true}, + {1, "on.biz.ng", 3, true}, {1, "col.ng", 2, true}, {1, "firm.ng", 2, true}, {1, "gen.ng", 2, true}, {1, "ltd.ng", 2, true}, {1, "ngo.ng", 2, true}, - {1, "edu.scot", 2, true}, - {1, "sch.so", 2, true}, + {1, "plc.ng", 2, true}, {1, "ie.ua", 2, true}, {1, "hostyhosting.io", 2, true}, + {1, "hf.space", 2, true}, + {1, "static.hf.space", 3, true}, {1, "hypernode.io", 2, true}, {1, "iobb.net", 2, true}, {1, "co.cz", 2, true}, @@ -8781,16 +8716,23 @@ var r = [9784]Rule{ {1, "to.leg.br", 3, true}, {1, "pixolino.com", 2, true}, {1, "na4u.ru", 2, true}, + {1, "botdash.app", 2, true}, + {1, "botdash.dev", 2, true}, + {1, "botdash.gg", 2, true}, + {1, "botdash.net", 2, true}, + {1, "botda.sh", 2, true}, + {1, "botdash.xyz", 2, true}, {1, "apps-1and1.com", 2, true}, {1, "live-website.com", 2, true}, {1, "apps-1and1.net", 2, true}, {1, "websitebuilder.online", 2, true}, {1, "app-ionos.space", 2, true}, {1, "iopsys.se", 2, true}, + {2, "dweb.link", 3, true}, {1, "ipifony.net", 2, true}, {1, "ir.md", 2, true}, - {1, "is-a.dev", 2, true}, {1, "is-a-good.dev", 2, true}, + {1, "is-a.dev", 2, true}, {1, "iservschule.de", 2, true}, {1, "mein-iserv.de", 2, true}, {1, "schulplattform.de", 2, true}, @@ -8799,7 +8741,6 @@ var r = [9784]Rule{ {1, "iserv.dev", 2, true}, {1, "mel.cloudlets.com.au", 4, true}, {1, "cloud.interhostsolutions.be", 3, true}, - {1, "mycloud.by", 2, true}, {1, "alp1.ae.flow.ch", 4, true}, {1, "appengine.flow.ch", 3, true}, {1, "es-1.axarnet.cloud", 3, true}, @@ -8821,7 +8762,6 @@ var r = [9784]Rule{ {1, "ch.trendhosting.cloud", 3, true}, {1, "de.trendhosting.cloud", 3, true}, {1, "jele.club", 2, true}, - {1, "amscompute.com", 2, true}, {1, "dopaas.com", 2, true}, {1, "paas.hosted-by-previder.com", 3, true}, {1, "rag-cloud.hosteur.com", 3, true}, @@ -8829,10 +8769,8 @@ var r = [9784]Rule{ {1, "jcloud.ik-server.com", 3, true}, {1, "jcloud-ver-jpc.ik-server.com", 3, true}, {1, "demo.jelastic.com", 3, true}, - {1, "kilatiron.com", 2, true}, {1, "paas.massivegrid.com", 3, true}, {1, "jed.wafaicloud.com", 3, true}, - {1, "lon.wafaicloud.com", 3, true}, {1, "ryd.wafaicloud.com", 3, true}, {1, "j.scaleforce.com.cy", 4, true}, {1, "jelastic.dogado.eu", 3, true}, @@ -8844,18 +8782,14 @@ var r = [9784]Rule{ {1, "paas.beebyte.io", 3, true}, {1, "sekd1.beebyteapp.io", 3, true}, {1, "jele.io", 2, true}, - {1, "cloud-fr1.unispace.io", 3, true}, {1, "jc.neen.it", 3, true}, - {1, "cloud.jelastic.open.tim.it", 5, true}, {1, "jcloud.kz", 2, true}, - {1, "upaas.kazteleport.kz", 3, true}, {1, "cloudjiffy.net", 2, true}, {1, "fra1-de.cloudjiffy.net", 3, true}, {1, "west1-us.cloudjiffy.net", 3, true}, {1, "jls-sto1.elastx.net", 3, true}, {1, "jls-sto2.elastx.net", 3, true}, {1, "jls-sto3.elastx.net", 3, true}, - {1, "faststacks.net", 2, true}, {1, "fr-1.paas.massivegrid.net", 4, true}, {1, "lon-1.paas.massivegrid.net", 4, true}, {1, "lon-2.paas.massivegrid.net", 4, true}, @@ -8865,11 +8799,9 @@ var r = [9784]Rule{ {1, "jelastic.saveincloud.net", 3, true}, {1, "nordeste-idc.saveincloud.net", 3, true}, {1, "j.scaleforce.net", 3, true}, - {1, "jelastic.tsukaeru.net", 3, true}, {1, "sdscloud.pl", 2, true}, {1, "unicloud.pl", 2, true}, {1, "mircloud.ru", 2, true}, - {1, "jelastic.regruhosting.ru", 3, true}, {1, "enscaled.sg", 2, true}, {1, "jele.site", 2, true}, {1, "jelastic.team", 2, true}, @@ -8890,7 +8822,6 @@ var r = [9784]Rule{ {1, "js.org", 2, true}, {1, "kaas.gg", 2, true}, {1, "khplay.nl", 2, true}, - {1, "ktistory.com", 2, true}, {1, "kapsi.fi", 2, true}, {1, "ezproxy.kuleuven.be", 3, true}, {1, "kuleuven.cloud", 2, true}, @@ -8902,13 +8833,15 @@ var r = [9784]Rule{ {1, "webthings.io", 2, true}, {1, "krellian.net", 2, true}, {1, "oya.to", 2, true}, + {1, "laravel.cloud", 2, true}, {1, "git-repos.de", 2, true}, {1, "lcube-server.de", 2, true}, {1, "svn-repos.de", 2, true}, {1, "leadpages.co", 2, true}, {1, "lpages.co", 2, true}, {1, "lpusercontent.com", 2, true}, - {1, "lelux.site", 2, true}, + {1, "liara.run", 2, true}, + {1, "iran.liara.run", 3, true}, {1, "libp2p.direct", 2, true}, {1, "runcontainers.dev", 2, true}, {1, "co.business", 2, true}, @@ -8928,6 +8861,16 @@ var r = [9784]Rule{ {1, "filegear-sg.me", 2, true}, {1, "ggff.net", 2, true}, {2, "user.localcert.dev", 4, true}, + {1, "localcert.net", 2, true}, + {1, "localhostcert.net", 2, true}, + {1, "localtonet.com", 2, true}, + {2, "localto.net", 3, true}, + {1, "lodz.pl", 2, true}, + {1, "pabianice.pl", 2, true}, + {1, "plock.pl", 2, true}, + {1, "sieradz.pl", 2, true}, + {1, "skierniewice.pl", 2, true}, + {1, "zgierz.pl", 2, true}, {1, "loginline.app", 2, true}, {1, "loginline.dev", 2, true}, {1, "loginline.io", 2, true}, @@ -8935,6 +8878,8 @@ var r = [9784]Rule{ {1, "loginline.site", 2, true}, {1, "lohmus.me", 2, true}, {1, "servers.run", 2, true}, + {1, "lovable.app", 2, true}, + {1, "lovableproject.com", 2, true}, {1, "krasnik.pl", 2, true}, {1, "leczna.pl", 2, true}, {1, "lubartow.pl", 2, true}, @@ -8976,6 +8921,10 @@ var r = [9784]Rule{ {1, "barsyonline.co.uk", 3, true}, {2, "magentosite.cloud", 3, true}, {1, "hb.cldmail.ru", 3, true}, + {1, "matlab.cloud", 2, true}, + {1, "modelscape.com", 2, true}, + {1, "mwcloudnonprod.com", 2, true}, + {1, "polyspace.com", 2, true}, {1, "mayfirst.info", 2, true}, {1, "mayfirst.org", 2, true}, {1, "mazeplay.com", 2, true}, @@ -8983,10 +8932,10 @@ var r = [9784]Rule{ {1, "mcdir.ru", 2, true}, {1, "vps.mcdir.ru", 3, true}, {1, "mcpre.ru", 2, true}, - {1, "mcpe.me", 2, true}, {1, "mediatech.by", 2, true}, {1, "mediatech.dev", 2, true}, {1, "hra.health", 2, true}, + {1, "medusajs.app", 2, true}, {1, "miniserver.com", 2, true}, {1, "memset.net", 2, true}, {1, "messerli.app", 2, true}, @@ -9022,9 +8971,17 @@ var r = [9784]Rule{ {1, "trafficmanager.net", 2, true}, {1, "blob.core.windows.net", 4, true}, {1, "servicebus.windows.net", 3, true}, + {1, "routingthecloud.com", 2, true}, {1, "sn.mynetname.net", 3, true}, + {1, "routingthecloud.net", 2, true}, + {1, "routingthecloud.org", 2, true}, {1, "csx.cc", 2, true}, - {1, "forte.id", 2, true}, + {1, "mydbserver.com", 2, true}, + {1, "webspaceconfig.de", 2, true}, + {1, "mittwald.info", 2, true}, + {1, "mittwaldserver.info", 2, true}, + {1, "typo3server.info", 2, true}, + {1, "project.space", 2, true}, {1, "modx.dev", 2, true}, {1, "bmoattachments.org", 2, true}, {1, "net.ru", 2, true}, @@ -9045,6 +9002,8 @@ var r = [9784]Rule{ {1, "cust.retrosnub.co.uk", 4, true}, {1, "ui.nabu.casa", 3, true}, {1, "cloud.nospamproxy.com", 3, true}, + {1, "o365.cloud.nospamproxy.com", 4, true}, + {1, "netlib.re", 2, true}, {1, "netfy.app", 2, true}, {1, "netlify.app", 2, true}, {1, "4u.com", 2, true}, @@ -9068,12 +9027,6 @@ var r = [9784]Rule{ {1, "torun.pl", 2, true}, {1, "nh-serv.co.uk", 3, true}, {1, "nimsite.uk", 2, true}, - {1, "ar.com", 2, true}, - {1, "hu.com", 2, true}, - {1, "kr.com", 2, true}, - {1, "no.com", 2, true}, - {1, "qc.com", 2, true}, - {1, "uy.com", 2, true}, {1, "mmafan.biz", 2, true}, {1, "myftp.biz", 2, true}, {1, "no-ip.biz", 2, true}, @@ -9171,14 +9124,8 @@ var r = [9784]Rule{ {1, "notion.site", 2, true}, {1, "dnsking.ch", 2, true}, {1, "mypi.co", 2, true}, - {1, "n4t.co", 2, true}, - {1, "001www.com", 2, true}, - {1, "ddnslive.com", 2, true}, {1, "myiphost.com", 2, true}, {1, "forumz.info", 2, true}, - {1, "16-b.it", 2, true}, - {1, "32-b.it", 2, true}, - {1, "64-b.it", 2, true}, {1, "soundcast.me", 2, true}, {1, "tcp4.me", 2, true}, {1, "dnsup.net", 2, true}, @@ -9189,11 +9136,8 @@ var r = [9784]Rule{ {1, "dynserv.org", 2, true}, {1, "now-dns.org", 2, true}, {1, "x443.pw", 2, true}, - {1, "now-dns.top", 2, true}, {1, "ntdll.top", 2, true}, {1, "freeddns.us", 2, true}, - {1, "crafting.xyz", 2, true}, - {1, "zapto.xyz", 2, true}, {1, "nsupdate.info", 2, true}, {1, "nerdpol.ovh", 2, true}, {1, "nyc.mn", 2, true}, @@ -9230,8 +9174,18 @@ var r = [9784]Rule{ {1, "is-local.org", 2, true}, {1, "opensocial.site", 2, true}, {1, "opencraft.hosting", 2, true}, + {1, "16-b.it", 2, true}, + {1, "32-b.it", 2, true}, + {1, "64-b.it", 2, true}, {1, "orsites.com", 2, true}, {1, "operaunite.com", 2, true}, + {2, "customer-oci.com", 3, true}, + {2, "oci.customer-oci.com", 4, true}, + {2, "ocp.customer-oci.com", 4, true}, + {2, "ocs.customer-oci.com", 4, true}, + {2, "oraclecloudapps.com", 3, true}, + {2, "oraclegovcloudapps.com", 3, true}, + {2, "oraclegovcloudapps.uk", 3, true}, {1, "tech.orange", 2, true}, {1, "can.re", 2, true}, {1, "authgear-staging.com", 2, true}, @@ -9267,11 +9221,9 @@ var r = [9784]Rule{ {1, "us.platform.sh", 3, true}, {2, "platformsh.site", 3, true}, {2, "tst.site", 3, true}, - {1, "platter-app.com", 2, true}, {1, "platter-app.dev", 2, true}, {1, "platterp.us", 2, true}, {1, "pley.games", 2, true}, - {1, "dyn53.io", 2, true}, {1, "onporter.run", 2, true}, {1, "co.bn", 2, true}, {1, "postman-echo.com", 2, true}, @@ -9281,8 +9233,12 @@ var r = [9784]Rule{ {1, "prequalifyme.today", 2, true}, {1, "xen.prgmr.com", 3, true}, {1, "priv.at", 2, true}, - {2, "dweb.link", 3, true}, {1, "protonet.io", 2, true}, + {1, "sub.psl.hrsn.dev", 4, true}, + {2, "wc.psl.hrsn.dev", 5, true}, + {3, "ignored.wc.psl.hrsn.dev", 5, true}, + {2, "sub.wc.psl.hrsn.dev", 6, true}, + {3, "ignored.sub.wc.psl.hrsn.dev", 6, true}, {1, "chirurgiens-dentistes-en-france.fr", 2, true}, {1, "byen.site", 2, true}, {1, "pubtls.org", 2, true}, @@ -9317,6 +9273,7 @@ var r = [9784]Rule{ {2, "on-k3s.io", 3, true}, {2, "on-rio.io", 3, true}, {1, "ravpage.co.il", 3, true}, + {1, "readthedocs-hosted.com", 2, true}, {1, "readthedocs.io", 2, true}, {1, "rhcloud.com", 2, true}, {1, "instances.spawn.cc", 3, true}, @@ -9359,14 +9316,17 @@ var r = [9784]Rule{ {1, "resindevice.io", 2, true}, {1, "devices.resinstaging.io", 3, true}, {1, "hzc.io", 2, true}, - {1, "wellbeingzone.eu", 2, true}, - {1, "wellbeingzone.co.uk", 3, true}, {1, "adimo.co.uk", 3, true}, {1, "itcouldbewor.se", 2, true}, {1, "aus.basketball", 2, true}, {1, "nz.basketball", 2, true}, + {1, "subsc-pay.com", 2, true}, + {1, "subsc-pay.net", 2, true}, {1, "git-pages.rit.edu", 3, true}, {1, "rocky.page", 2, true}, + {1, "rub.de", 2, true}, + {1, "ruhr-uni-bochum.de", 2, true}, + {1, "io.noc.ruhr-uni-bochum.de", 4, true}, {1, "xn--90amc.xn--p1acf", 2, true}, {1, "xn--j1aef.xn--p1acf", 2, true}, {1, "xn--j1ael8b.xn--p1acf", 2, true}, @@ -9378,6 +9338,7 @@ var r = [9784]Rule{ {1, "xn--90a1af.xn--p1acf", 2, true}, {1, "xn--41a.xn--p1acf", 2, true}, {1, "ras.ru", 2, true}, + {1, "nyat.app", 2, true}, {1, "180r.com", 2, true}, {1, "dojin.com", 2, true}, {1, "sakuratan.com", 2, true}, @@ -9488,16 +9449,15 @@ var r = [9784]Rule{ {1, "minisite.ms", 2, true}, {1, "senseering.net", 2, true}, {1, "servebolt.cloud", 2, true}, - {1, "magnet.page", 2, true}, {1, "biz.ua", 2, true}, {1, "co.ua", 2, true}, {1, "pp.ua", 2, true}, {1, "as.sh.cn", 3, true}, {1, "sheezy.games", 2, true}, - {1, "shiftedit.io", 2, true}, {1, "myshopblocks.com", 2, true}, {1, "myshopify.com", 2, true}, {1, "shopitsite.com", 2, true}, + {1, "shopware.shop", 2, true}, {1, "shopware.store", 2, true}, {1, "mo-siemens.io", 2, true}, {1, "1kapp.com", 2, true}, @@ -9506,9 +9466,6 @@ var r = [9784]Rule{ {1, "sinaapp.com", 2, true}, {1, "vipsinaapp.com", 2, true}, {1, "siteleaf.net", 2, true}, - {1, "bounty-full.com", 2, true}, - {1, "alpha.bounty-full.com", 3, true}, - {1, "beta.bounty-full.com", 3, true}, {1, "small-web.org", 2, true}, {1, "aeroport.fr", 2, true}, {1, "avocat.fr", 2, true}, @@ -9531,7 +9488,6 @@ var r = [9784]Rule{ {1, "srht.site", 2, true}, {1, "apps.lair.io", 3, true}, {2, "stolos.io", 3, true}, - {1, "spacekit.io", 2, true}, {1, "ind.mom", 2, true}, {1, "customer.speedpartner.de", 3, true}, {1, "myspreadshop.at", 2, true}, @@ -9594,8 +9550,6 @@ var r = [9784]Rule{ {1, "supabase.co", 2, true}, {1, "supabase.in", 2, true}, {1, "supabase.net", 2, true}, - {2, "sensiosite.cloud", 3, true}, - {2, "s5y.io", 3, true}, {1, "syncloud.it", 2, true}, {1, "dscloud.biz", 2, true}, {1, "direct.quickconnect.cn", 3, true}, @@ -9617,7 +9571,6 @@ var r = [9784]Rule{ {1, "mytabit.co.il", 3, true}, {1, "tabitorder.co.il", 3, true}, {1, "taifun-dns.de", 2, true}, - {1, "beta.tailscale.net", 3, true}, {1, "ts.net", 2, true}, {2, "c.ts.net", 4, true}, {1, "gda.pl", 2, true}, @@ -9625,6 +9578,7 @@ var r = [9784]Rule{ {1, "gdynia.pl", 2, true}, {1, "med.pl", 2, true}, {1, "sopot.pl", 2, true}, + {1, "taveusercontent.com", 2, true}, {1, "p.tawk.email", 3, true}, {1, "p.tawkto.email", 3, true}, {1, "site.tb-hosting.com", 3, true}, @@ -9650,7 +9604,6 @@ var r = [9784]Rule{ {1, "tlon.network", 2, true}, {1, "torproject.net", 2, true}, {1, "pages.torproject.net", 3, true}, - {1, "bloxcms.com", 2, true}, {1, "townnews-staging.com", 2, true}, {1, "12hp.at", 2, true}, {1, "2ix.at", 2, true}, @@ -9673,8 +9626,8 @@ var r = [9784]Rule{ {1, "lima.zone", 2, true}, {2, "transurl.be", 3, true}, {2, "transurl.eu", 3, true}, - {2, "transurl.nl", 3, true}, {1, "site.transip.me", 3, true}, + {2, "transurl.nl", 3, true}, {1, "tuxfamily.org", 2, true}, {1, "dd-dns.de", 2, true}, {1, "dray-dns.de", 2, true}, @@ -9701,6 +9654,7 @@ var r = [9784]Rule{ {1, "unison-services.cloud", 2, true}, {1, "virtual-user.de", 2, true}, {1, "virtualuser.de", 2, true}, + {1, "obj.ag", 2, true}, {1, "name.pm", 2, true}, {1, "sch.tf", 2, true}, {1, "biz.wf", 2, true}, @@ -9708,7 +9662,6 @@ var r = [9784]Rule{ {1, "org.yt", 2, true}, {1, "rs.ba", 2, true}, {1, "bielsko.pl", 2, true}, - {1, "upli.io", 2, true}, {1, "urown.cloud", 2, true}, {1, "dnsupdate.info", 2, true}, {1, "us.org", 2, true}, @@ -9716,7 +9669,9 @@ var r = [9784]Rule{ {1, "express.val.run", 3, true}, {1, "web.val.run", 3, true}, {1, "vercel.app", 2, true}, + {1, "v0.build", 2, true}, {1, "vercel.dev", 2, true}, + {1, "vusercontent.net", 2, true}, {1, "now.sh", 2, true}, {1, "2038.io", 2, true}, {1, "router.management", 2, true}, @@ -9736,6 +9691,7 @@ var r = [9784]Rule{ {1, "wp2.host", 2, true}, {1, "pdns.page", 2, true}, {1, "plesk.page", 2, true}, + {1, "cpanel.site", 2, true}, {1, "wpsquared.site", 2, true}, {2, "wadl.top", 3, true}, {1, "remotewd.com", 2, true}, @@ -9744,7 +9700,7 @@ var r = [9784]Rule{ {1, "toolforge.org", 2, true}, {1, "wmcloud.org", 2, true}, {1, "wmflabs.org", 2, true}, - {2, "wdh.app", 3, true}, + {1, "wdh.app", 2, true}, {1, "panel.gg", 2, true}, {1, "daemon.panel.gg", 3, true}, {1, "wixsite.com", 2, true}, @@ -9776,13 +9732,6 @@ var r = [9784]Rule{ {1, "website.yandexcloud.net", 3, true}, {1, "official.academy", 2, true}, {1, "yolasite.com", 2, true}, - {1, "ybo.faith", 2, true}, - {1, "yombo.me", 2, true}, - {1, "homelink.one", 2, true}, - {1, "ybo.party", 2, true}, - {1, "ybo.review", 2, true}, - {1, "ybo.science", 2, true}, - {1, "ybo.trade", 2, true}, {1, "ynh.fr", 2, true}, {1, "nohost.me", 2, true}, {1, "noho.st", 2, true}, @@ -9790,10 +9739,12 @@ var r = [9784]Rule{ {1, "za.org", 2, true}, {1, "zap.cloud", 2, true}, {1, "zeabur.app", 2, true}, + {2, "zerops.app", 3, true}, {1, "bss.design", 2, true}, {1, "basicserver.io", 2, true}, {1, "virtualserver.io", 2, true}, {1, "enterprisecloud.nu", 2, true}, + {1, "zone.id", 2, true}, } func init() { diff --git a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go b/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go index 37dc0cfdb..e0df203ce 100644 --- a/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go +++ b/vendor/golang.org/x/net/context/ctxhttp/ctxhttp.go @@ -3,7 +3,7 @@ // license that can be found in the LICENSE file. // Package ctxhttp provides helper functions for performing context-aware HTTP requests. -package ctxhttp // import "golang.org/x/net/context/ctxhttp" +package ctxhttp import ( "context" diff --git a/vendor/golang.org/x/net/http2/client_conn_pool.go b/vendor/golang.org/x/net/http2/client_conn_pool.go index 780968d6c..e81b73e6a 100644 --- a/vendor/golang.org/x/net/http2/client_conn_pool.go +++ b/vendor/golang.org/x/net/http2/client_conn_pool.go @@ -8,8 +8,8 @@ package http2 import ( "context" - "crypto/tls" "errors" + "net" "net/http" "sync" ) @@ -158,7 +158,7 @@ func (c *dialCall) dial(ctx context.Context, addr string) { // This code decides which ones live or die. // The return value used is whether c was used. // c is never closed. -func (p *clientConnPool) addConnIfNeeded(key string, t *Transport, c *tls.Conn) (used bool, err error) { +func (p *clientConnPool) addConnIfNeeded(key string, t *Transport, c net.Conn) (used bool, err error) { p.mu.Lock() for _, cc := range p.conns[key] { if cc.CanTakeNewRequest() { @@ -194,8 +194,8 @@ type addConnCall struct { err error } -func (c *addConnCall) run(t *Transport, key string, tc *tls.Conn) { - cc, err := t.NewClientConn(tc) +func (c *addConnCall) run(t *Transport, key string, nc net.Conn) { + cc, err := t.NewClientConn(nc) p := c.p p.mu.Lock() diff --git a/vendor/golang.org/x/net/http2/config.go b/vendor/golang.org/x/net/http2/config.go new file mode 100644 index 000000000..ca645d9a1 --- /dev/null +++ b/vendor/golang.org/x/net/http2/config.go @@ -0,0 +1,122 @@ +// Copyright 2024 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package http2 + +import ( + "math" + "net/http" + "time" +) + +// http2Config is a package-internal version of net/http.HTTP2Config. +// +// http.HTTP2Config was added in Go 1.24. +// When running with a version of net/http that includes HTTP2Config, +// we merge the configuration with the fields in Transport or Server +// to produce an http2Config. +// +// Zero valued fields in http2Config are interpreted as in the +// net/http.HTTPConfig documentation. +// +// Precedence order for reconciling configurations is: +// +// - Use the net/http.{Server,Transport}.HTTP2Config value, when non-zero. +// - Otherwise use the http2.{Server.Transport} value. +// - If the resulting value is zero or out of range, use a default. +type http2Config struct { + MaxConcurrentStreams uint32 + MaxDecoderHeaderTableSize uint32 + MaxEncoderHeaderTableSize uint32 + MaxReadFrameSize uint32 + MaxUploadBufferPerConnection int32 + MaxUploadBufferPerStream int32 + SendPingTimeout time.Duration + PingTimeout time.Duration + WriteByteTimeout time.Duration + PermitProhibitedCipherSuites bool + CountError func(errType string) +} + +// configFromServer merges configuration settings from +// net/http.Server.HTTP2Config and http2.Server. +func configFromServer(h1 *http.Server, h2 *Server) http2Config { + conf := http2Config{ + MaxConcurrentStreams: h2.MaxConcurrentStreams, + MaxEncoderHeaderTableSize: h2.MaxEncoderHeaderTableSize, + MaxDecoderHeaderTableSize: h2.MaxDecoderHeaderTableSize, + MaxReadFrameSize: h2.MaxReadFrameSize, + MaxUploadBufferPerConnection: h2.MaxUploadBufferPerConnection, + MaxUploadBufferPerStream: h2.MaxUploadBufferPerStream, + SendPingTimeout: h2.ReadIdleTimeout, + PingTimeout: h2.PingTimeout, + WriteByteTimeout: h2.WriteByteTimeout, + PermitProhibitedCipherSuites: h2.PermitProhibitedCipherSuites, + CountError: h2.CountError, + } + fillNetHTTPServerConfig(&conf, h1) + setConfigDefaults(&conf, true) + return conf +} + +// configFromTransport merges configuration settings from h2 and h2.t1.HTTP2 +// (the net/http Transport). +func configFromTransport(h2 *Transport) http2Config { + conf := http2Config{ + MaxEncoderHeaderTableSize: h2.MaxEncoderHeaderTableSize, + MaxDecoderHeaderTableSize: h2.MaxDecoderHeaderTableSize, + MaxReadFrameSize: h2.MaxReadFrameSize, + SendPingTimeout: h2.ReadIdleTimeout, + PingTimeout: h2.PingTimeout, + WriteByteTimeout: h2.WriteByteTimeout, + } + + // Unlike most config fields, where out-of-range values revert to the default, + // Transport.MaxReadFrameSize clips. + if conf.MaxReadFrameSize < minMaxFrameSize { + conf.MaxReadFrameSize = minMaxFrameSize + } else if conf.MaxReadFrameSize > maxFrameSize { + conf.MaxReadFrameSize = maxFrameSize + } + + if h2.t1 != nil { + fillNetHTTPTransportConfig(&conf, h2.t1) + } + setConfigDefaults(&conf, false) + return conf +} + +func setDefault[T ~int | ~int32 | ~uint32 | ~int64](v *T, minval, maxval, defval T) { + if *v < minval || *v > maxval { + *v = defval + } +} + +func setConfigDefaults(conf *http2Config, server bool) { + setDefault(&conf.MaxConcurrentStreams, 1, math.MaxUint32, defaultMaxStreams) + setDefault(&conf.MaxEncoderHeaderTableSize, 1, math.MaxUint32, initialHeaderTableSize) + setDefault(&conf.MaxDecoderHeaderTableSize, 1, math.MaxUint32, initialHeaderTableSize) + if server { + setDefault(&conf.MaxUploadBufferPerConnection, initialWindowSize, math.MaxInt32, 1<<20) + } else { + setDefault(&conf.MaxUploadBufferPerConnection, initialWindowSize, math.MaxInt32, transportDefaultConnFlow) + } + if server { + setDefault(&conf.MaxUploadBufferPerStream, 1, math.MaxInt32, 1<<20) + } else { + setDefault(&conf.MaxUploadBufferPerStream, 1, math.MaxInt32, transportDefaultStreamFlow) + } + setDefault(&conf.MaxReadFrameSize, minMaxFrameSize, maxFrameSize, defaultMaxReadFrameSize) + setDefault(&conf.PingTimeout, 1, math.MaxInt64, 15*time.Second) +} + +// adjustHTTP1MaxHeaderSize converts a limit in bytes on the size of an HTTP/1 header +// to an HTTP/2 MAX_HEADER_LIST_SIZE value. +func adjustHTTP1MaxHeaderSize(n int64) int64 { + // http2's count is in a slightly different unit and includes 32 bytes per pair. + // So, take the net/http.Server value and pad it up a bit, assuming 10 headers. + const perFieldOverhead = 32 // per http2 spec + const typicalHeaders = 10 // conservative + return n + typicalHeaders*perFieldOverhead +} diff --git a/vendor/golang.org/x/net/http2/config_go124.go b/vendor/golang.org/x/net/http2/config_go124.go new file mode 100644 index 000000000..5b516c55f --- /dev/null +++ b/vendor/golang.org/x/net/http2/config_go124.go @@ -0,0 +1,61 @@ +// Copyright 2024 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build go1.24 + +package http2 + +import "net/http" + +// fillNetHTTPServerConfig sets fields in conf from srv.HTTP2. +func fillNetHTTPServerConfig(conf *http2Config, srv *http.Server) { + fillNetHTTPConfig(conf, srv.HTTP2) +} + +// fillNetHTTPTransportConfig sets fields in conf from tr.HTTP2. +func fillNetHTTPTransportConfig(conf *http2Config, tr *http.Transport) { + fillNetHTTPConfig(conf, tr.HTTP2) +} + +func fillNetHTTPConfig(conf *http2Config, h2 *http.HTTP2Config) { + if h2 == nil { + return + } + if h2.MaxConcurrentStreams != 0 { + conf.MaxConcurrentStreams = uint32(h2.MaxConcurrentStreams) + } + if h2.MaxEncoderHeaderTableSize != 0 { + conf.MaxEncoderHeaderTableSize = uint32(h2.MaxEncoderHeaderTableSize) + } + if h2.MaxDecoderHeaderTableSize != 0 { + conf.MaxDecoderHeaderTableSize = uint32(h2.MaxDecoderHeaderTableSize) + } + if h2.MaxConcurrentStreams != 0 { + conf.MaxConcurrentStreams = uint32(h2.MaxConcurrentStreams) + } + if h2.MaxReadFrameSize != 0 { + conf.MaxReadFrameSize = uint32(h2.MaxReadFrameSize) + } + if h2.MaxReceiveBufferPerConnection != 0 { + conf.MaxUploadBufferPerConnection = int32(h2.MaxReceiveBufferPerConnection) + } + if h2.MaxReceiveBufferPerStream != 0 { + conf.MaxUploadBufferPerStream = int32(h2.MaxReceiveBufferPerStream) + } + if h2.SendPingTimeout != 0 { + conf.SendPingTimeout = h2.SendPingTimeout + } + if h2.PingTimeout != 0 { + conf.PingTimeout = h2.PingTimeout + } + if h2.WriteByteTimeout != 0 { + conf.WriteByteTimeout = h2.WriteByteTimeout + } + if h2.PermitProhibitedCipherSuites { + conf.PermitProhibitedCipherSuites = true + } + if h2.CountError != nil { + conf.CountError = h2.CountError + } +} diff --git a/vendor/golang.org/x/net/http2/config_pre_go124.go b/vendor/golang.org/x/net/http2/config_pre_go124.go new file mode 100644 index 000000000..060fd6c64 --- /dev/null +++ b/vendor/golang.org/x/net/http2/config_pre_go124.go @@ -0,0 +1,16 @@ +// Copyright 2024 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !go1.24 + +package http2 + +import "net/http" + +// Pre-Go 1.24 fallback. +// The Server.HTTP2 and Transport.HTTP2 config fields were added in Go 1.24. + +func fillNetHTTPServerConfig(conf *http2Config, srv *http.Server) {} + +func fillNetHTTPTransportConfig(conf *http2Config, tr *http.Transport) {} diff --git a/vendor/golang.org/x/net/http2/frame.go b/vendor/golang.org/x/net/http2/frame.go index 105c3b279..81faec7e7 100644 --- a/vendor/golang.org/x/net/http2/frame.go +++ b/vendor/golang.org/x/net/http2/frame.go @@ -1490,7 +1490,7 @@ func (mh *MetaHeadersFrame) checkPseudos() error { pf := mh.PseudoFields() for i, hf := range pf { switch hf.Name { - case ":method", ":path", ":scheme", ":authority": + case ":method", ":path", ":scheme", ":authority", ":protocol": isRequest = true case ":status": isResponse = true @@ -1498,7 +1498,7 @@ func (mh *MetaHeadersFrame) checkPseudos() error { return pseudoHeaderError(hf.Name) } // Check for duplicates. - // This would be a bad algorithm, but N is 4. + // This would be a bad algorithm, but N is 5. // And this doesn't allocate. for _, hf2 := range pf[:i] { if hf.Name == hf2.Name { diff --git a/vendor/golang.org/x/net/http2/http2.go b/vendor/golang.org/x/net/http2/http2.go index 003e649f3..6c18ea230 100644 --- a/vendor/golang.org/x/net/http2/http2.go +++ b/vendor/golang.org/x/net/http2/http2.go @@ -19,8 +19,9 @@ import ( "bufio" "context" "crypto/tls" + "errors" "fmt" - "io" + "net" "net/http" "os" "sort" @@ -37,6 +38,15 @@ var ( logFrameWrites bool logFrameReads bool inTests bool + + // Enabling extended CONNECT by causes browsers to attempt to use + // WebSockets-over-HTTP/2. This results in problems when the server's websocket + // package doesn't support extended CONNECT. + // + // Disable extended CONNECT by default for now. + // + // Issue #71128. + disableExtendedConnectProtocol = true ) func init() { @@ -49,6 +59,9 @@ func init() { logFrameWrites = true logFrameReads = true } + if strings.Contains(e, "http2xconnect=1") { + disableExtendedConnectProtocol = false + } } const ( @@ -140,6 +153,10 @@ func (s Setting) Valid() error { if s.Val < 16384 || s.Val > 1<<24-1 { return ConnectionError(ErrCodeProtocol) } + case SettingEnableConnectProtocol: + if s.Val != 1 && s.Val != 0 { + return ConnectionError(ErrCodeProtocol) + } } return nil } @@ -149,21 +166,23 @@ func (s Setting) Valid() error { type SettingID uint16 const ( - SettingHeaderTableSize SettingID = 0x1 - SettingEnablePush SettingID = 0x2 - SettingMaxConcurrentStreams SettingID = 0x3 - SettingInitialWindowSize SettingID = 0x4 - SettingMaxFrameSize SettingID = 0x5 - SettingMaxHeaderListSize SettingID = 0x6 + SettingHeaderTableSize SettingID = 0x1 + SettingEnablePush SettingID = 0x2 + SettingMaxConcurrentStreams SettingID = 0x3 + SettingInitialWindowSize SettingID = 0x4 + SettingMaxFrameSize SettingID = 0x5 + SettingMaxHeaderListSize SettingID = 0x6 + SettingEnableConnectProtocol SettingID = 0x8 ) var settingName = map[SettingID]string{ - SettingHeaderTableSize: "HEADER_TABLE_SIZE", - SettingEnablePush: "ENABLE_PUSH", - SettingMaxConcurrentStreams: "MAX_CONCURRENT_STREAMS", - SettingInitialWindowSize: "INITIAL_WINDOW_SIZE", - SettingMaxFrameSize: "MAX_FRAME_SIZE", - SettingMaxHeaderListSize: "MAX_HEADER_LIST_SIZE", + SettingHeaderTableSize: "HEADER_TABLE_SIZE", + SettingEnablePush: "ENABLE_PUSH", + SettingMaxConcurrentStreams: "MAX_CONCURRENT_STREAMS", + SettingInitialWindowSize: "INITIAL_WINDOW_SIZE", + SettingMaxFrameSize: "MAX_FRAME_SIZE", + SettingMaxHeaderListSize: "MAX_HEADER_LIST_SIZE", + SettingEnableConnectProtocol: "ENABLE_CONNECT_PROTOCOL", } func (s SettingID) String() string { @@ -237,13 +256,19 @@ func (cw closeWaiter) Wait() { // Its buffered writer is lazily allocated as needed, to minimize // idle memory usage with many connections. type bufferedWriter struct { - _ incomparable - w io.Writer // immutable - bw *bufio.Writer // non-nil when data is buffered + _ incomparable + group synctestGroupInterface // immutable + conn net.Conn // immutable + bw *bufio.Writer // non-nil when data is buffered + byteTimeout time.Duration // immutable, WriteByteTimeout } -func newBufferedWriter(w io.Writer) *bufferedWriter { - return &bufferedWriter{w: w} +func newBufferedWriter(group synctestGroupInterface, conn net.Conn, timeout time.Duration) *bufferedWriter { + return &bufferedWriter{ + group: group, + conn: conn, + byteTimeout: timeout, + } } // bufWriterPoolBufferSize is the size of bufio.Writer's @@ -270,7 +295,7 @@ func (w *bufferedWriter) Available() int { func (w *bufferedWriter) Write(p []byte) (n int, err error) { if w.bw == nil { bw := bufWriterPool.Get().(*bufio.Writer) - bw.Reset(w.w) + bw.Reset((*bufferedWriterTimeoutWriter)(w)) w.bw = bw } return w.bw.Write(p) @@ -288,6 +313,38 @@ func (w *bufferedWriter) Flush() error { return err } +type bufferedWriterTimeoutWriter bufferedWriter + +func (w *bufferedWriterTimeoutWriter) Write(p []byte) (n int, err error) { + return writeWithByteTimeout(w.group, w.conn, w.byteTimeout, p) +} + +// writeWithByteTimeout writes to conn. +// If more than timeout passes without any bytes being written to the connection, +// the write fails. +func writeWithByteTimeout(group synctestGroupInterface, conn net.Conn, timeout time.Duration, p []byte) (n int, err error) { + if timeout <= 0 { + return conn.Write(p) + } + for { + var now time.Time + if group == nil { + now = time.Now() + } else { + now = group.Now() + } + conn.SetWriteDeadline(now.Add(timeout)) + nn, err := conn.Write(p[n:]) + n += nn + if n == len(p) || nn == 0 || !errors.Is(err, os.ErrDeadlineExceeded) { + // Either we finished the write, made no progress, or hit the deadline. + // Whichever it is, we're done now. + conn.SetWriteDeadline(time.Time{}) + return n, err + } + } +} + func mustUint31(v int32) uint32 { if v < 0 || v > 2147483647 { panic("out of range") @@ -358,23 +415,6 @@ func (s *sorter) SortStrings(ss []string) { s.v = save } -// validPseudoPath reports whether v is a valid :path pseudo-header -// value. It must be either: -// -// - a non-empty string starting with '/' -// - the string '*', for OPTIONS requests. -// -// For now this is only used a quick check for deciding when to clean -// up Opaque URLs before sending requests from the Transport. -// See golang.org/issue/16847 -// -// We used to enforce that the path also didn't start with "//", but -// Google's GFE accepts such paths and Chrome sends them, so ignore -// that part of the spec. See golang.org/issue/19103. -func validPseudoPath(v string) bool { - return (len(v) > 0 && v[0] == '/') || v == "*" -} - // incomparable is a zero-width, non-comparable type. Adding it to a struct // makes that struct also non-comparable, and generally doesn't add // any size (as long as it's first). diff --git a/vendor/golang.org/x/net/http2/server.go b/vendor/golang.org/x/net/http2/server.go index 6c349f3ec..b640deb0e 100644 --- a/vendor/golang.org/x/net/http2/server.go +++ b/vendor/golang.org/x/net/http2/server.go @@ -29,6 +29,7 @@ import ( "bufio" "bytes" "context" + "crypto/rand" "crypto/tls" "errors" "fmt" @@ -49,13 +50,18 @@ import ( "golang.org/x/net/http/httpguts" "golang.org/x/net/http2/hpack" + "golang.org/x/net/internal/httpcommon" ) const ( - prefaceTimeout = 10 * time.Second - firstSettingsTimeout = 2 * time.Second // should be in-flight with preface anyway - handlerChunkWriteSize = 4 << 10 - defaultMaxStreams = 250 // TODO: make this 100 as the GFE seems to? + prefaceTimeout = 10 * time.Second + firstSettingsTimeout = 2 * time.Second // should be in-flight with preface anyway + handlerChunkWriteSize = 4 << 10 + defaultMaxStreams = 250 // TODO: make this 100 as the GFE seems to? + + // maxQueuedControlFrames is the maximum number of control frames like + // SETTINGS, PING and RST_STREAM that will be queued for writing before + // the connection is closed to prevent memory exhaustion attacks. maxQueuedControlFrames = 10000 ) @@ -127,6 +133,22 @@ type Server struct { // If zero or negative, there is no timeout. IdleTimeout time.Duration + // ReadIdleTimeout is the timeout after which a health check using a ping + // frame will be carried out if no frame is received on the connection. + // If zero, no health check is performed. + ReadIdleTimeout time.Duration + + // PingTimeout is the timeout after which the connection will be closed + // if a response to a ping is not received. + // If zero, a default of 15 seconds is used. + PingTimeout time.Duration + + // WriteByteTimeout is the timeout after which a connection will be + // closed if no data can be written to it. The timeout begins when data is + // available to write, and is extended whenever any bytes are written. + // If zero or negative, there is no timeout. + WriteByteTimeout time.Duration + // MaxUploadBufferPerConnection is the size of the initial flow // control window for each connections. The HTTP/2 spec does not // allow this to be smaller than 65535 or larger than 2^32-1. @@ -189,57 +211,6 @@ func (s *Server) afterFunc(d time.Duration, f func()) timer { return timeTimer{time.AfterFunc(d, f)} } -func (s *Server) initialConnRecvWindowSize() int32 { - if s.MaxUploadBufferPerConnection >= initialWindowSize { - return s.MaxUploadBufferPerConnection - } - return 1 << 20 -} - -func (s *Server) initialStreamRecvWindowSize() int32 { - if s.MaxUploadBufferPerStream > 0 { - return s.MaxUploadBufferPerStream - } - return 1 << 20 -} - -func (s *Server) maxReadFrameSize() uint32 { - if v := s.MaxReadFrameSize; v >= minMaxFrameSize && v <= maxFrameSize { - return v - } - return defaultMaxReadFrameSize -} - -func (s *Server) maxConcurrentStreams() uint32 { - if v := s.MaxConcurrentStreams; v > 0 { - return v - } - return defaultMaxStreams -} - -func (s *Server) maxDecoderHeaderTableSize() uint32 { - if v := s.MaxDecoderHeaderTableSize; v > 0 { - return v - } - return initialHeaderTableSize -} - -func (s *Server) maxEncoderHeaderTableSize() uint32 { - if v := s.MaxEncoderHeaderTableSize; v > 0 { - return v - } - return initialHeaderTableSize -} - -// maxQueuedControlFrames is the maximum number of control frames like -// SETTINGS, PING and RST_STREAM that will be queued for writing before -// the connection is closed to prevent memory exhaustion attacks. -func (s *Server) maxQueuedControlFrames() int { - // TODO: if anybody asks, add a Server field, and remember to define the - // behavior of negative values. - return maxQueuedControlFrames -} - type serverInternalState struct { mu sync.Mutex activeConns map[*serverConn]struct{} @@ -336,7 +307,7 @@ func ConfigureServer(s *http.Server, conf *Server) error { if s.TLSNextProto == nil { s.TLSNextProto = map[string]func(*http.Server, *tls.Conn, http.Handler){} } - protoHandler := func(hs *http.Server, c *tls.Conn, h http.Handler) { + protoHandler := func(hs *http.Server, c net.Conn, h http.Handler, sawClientPreface bool) { if testHookOnConn != nil { testHookOnConn() } @@ -353,12 +324,31 @@ func ConfigureServer(s *http.Server, conf *Server) error { ctx = bc.BaseContext() } conf.ServeConn(c, &ServeConnOpts{ - Context: ctx, - Handler: h, - BaseConfig: hs, + Context: ctx, + Handler: h, + BaseConfig: hs, + SawClientPreface: sawClientPreface, }) } - s.TLSNextProto[NextProtoTLS] = protoHandler + s.TLSNextProto[NextProtoTLS] = func(hs *http.Server, c *tls.Conn, h http.Handler) { + protoHandler(hs, c, h, false) + } + // The "unencrypted_http2" TLSNextProto key is used to pass off non-TLS HTTP/2 conns. + // + // A connection passed in this method has already had the HTTP/2 preface read from it. + s.TLSNextProto[nextProtoUnencryptedHTTP2] = func(hs *http.Server, c *tls.Conn, h http.Handler) { + nc, err := unencryptedNetConnFromTLSConn(c) + if err != nil { + if lg := hs.ErrorLog; lg != nil { + lg.Print(err) + } else { + log.Print(err) + } + go c.Close() + return + } + protoHandler(hs, nc, h, true) + } return nil } @@ -440,13 +430,15 @@ func (s *Server) serveConn(c net.Conn, opts *ServeConnOpts, newf func(*serverCon baseCtx, cancel := serverConnBaseContext(c, opts) defer cancel() + http1srv := opts.baseConfig() + conf := configFromServer(http1srv, s) sc := &serverConn{ srv: s, - hs: opts.baseConfig(), + hs: http1srv, conn: c, baseCtx: baseCtx, remoteAddrStr: c.RemoteAddr().String(), - bw: newBufferedWriter(c), + bw: newBufferedWriter(s.group, c, conf.WriteByteTimeout), handler: opts.handler(), streams: make(map[uint32]*stream), readFrameCh: make(chan readFrameResult), @@ -456,9 +448,12 @@ func (s *Server) serveConn(c net.Conn, opts *ServeConnOpts, newf func(*serverCon bodyReadCh: make(chan bodyReadMsg), // buffering doesn't matter either way doneServing: make(chan struct{}), clientMaxStreams: math.MaxUint32, // Section 6.5.2: "Initially, there is no limit to this value" - advMaxStreams: s.maxConcurrentStreams(), + advMaxStreams: conf.MaxConcurrentStreams, initialStreamSendWindowSize: initialWindowSize, + initialStreamRecvWindowSize: conf.MaxUploadBufferPerStream, maxFrameSize: initialMaxFrameSize, + pingTimeout: conf.PingTimeout, + countErrorFunc: conf.CountError, serveG: newGoroutineLock(), pushEnabled: true, sawClientPreface: opts.SawClientPreface, @@ -491,15 +486,15 @@ func (s *Server) serveConn(c net.Conn, opts *ServeConnOpts, newf func(*serverCon sc.flow.add(initialWindowSize) sc.inflow.init(initialWindowSize) sc.hpackEncoder = hpack.NewEncoder(&sc.headerWriteBuf) - sc.hpackEncoder.SetMaxDynamicTableSizeLimit(s.maxEncoderHeaderTableSize()) + sc.hpackEncoder.SetMaxDynamicTableSizeLimit(conf.MaxEncoderHeaderTableSize) fr := NewFramer(sc.bw, c) - if s.CountError != nil { - fr.countError = s.CountError + if conf.CountError != nil { + fr.countError = conf.CountError } - fr.ReadMetaHeaders = hpack.NewDecoder(s.maxDecoderHeaderTableSize(), nil) + fr.ReadMetaHeaders = hpack.NewDecoder(conf.MaxDecoderHeaderTableSize, nil) fr.MaxHeaderListSize = sc.maxHeaderListSize() - fr.SetMaxReadFrameSize(s.maxReadFrameSize()) + fr.SetMaxReadFrameSize(conf.MaxReadFrameSize) sc.framer = fr if tc, ok := c.(connectionStater); ok { @@ -532,7 +527,7 @@ func (s *Server) serveConn(c net.Conn, opts *ServeConnOpts, newf func(*serverCon // So for now, do nothing here again. } - if !s.PermitProhibitedCipherSuites && isBadCipher(sc.tlsState.CipherSuite) { + if !conf.PermitProhibitedCipherSuites && isBadCipher(sc.tlsState.CipherSuite) { // "Endpoints MAY choose to generate a connection error // (Section 5.4.1) of type INADEQUATE_SECURITY if one of // the prohibited cipher suites are negotiated." @@ -569,7 +564,7 @@ func (s *Server) serveConn(c net.Conn, opts *ServeConnOpts, newf func(*serverCon opts.UpgradeRequest = nil } - sc.serve() + sc.serve(conf) } func serverConnBaseContext(c net.Conn, opts *ServeConnOpts) (ctx context.Context, cancel func()) { @@ -609,6 +604,7 @@ type serverConn struct { tlsState *tls.ConnectionState // shared by all handlers, like net/http remoteAddrStr string writeSched WriteScheduler + countErrorFunc func(errType string) // Everything following is owned by the serve loop; use serveG.check(): serveG goroutineLock // used to verify funcs are on serve() @@ -628,6 +624,7 @@ type serverConn struct { streams map[uint32]*stream unstartedHandlers []unstartedHandler initialStreamSendWindowSize int32 + initialStreamRecvWindowSize int32 maxFrameSize int32 peerMaxHeaderListSize uint32 // zero means unknown (default) canonHeader map[string]string // http2-lower-case -> Go-Canonical-Case @@ -638,9 +635,14 @@ type serverConn struct { inGoAway bool // we've started to or sent GOAWAY inFrameScheduleLoop bool // whether we're in the scheduleFrameWrite loop needToSendGoAway bool // we need to schedule a GOAWAY frame write + pingSent bool + sentPingData [8]byte goAwayCode ErrCode shutdownTimer timer // nil until used idleTimer timer // nil if unused + readIdleTimeout time.Duration + pingTimeout time.Duration + readIdleTimer timer // nil if unused // Owned by the writeFrameAsync goroutine: headerWriteBuf bytes.Buffer @@ -655,11 +657,7 @@ func (sc *serverConn) maxHeaderListSize() uint32 { if n <= 0 { n = http.DefaultMaxHeaderBytes } - // http2's count is in a slightly different unit and includes 32 bytes per pair. - // So, take the net/http.Server value and pad it up a bit, assuming 10 headers. - const perFieldOverhead = 32 // per http2 spec - const typicalHeaders = 10 // conservative - return uint32(n + typicalHeaders*perFieldOverhead) + return uint32(adjustHTTP1MaxHeaderSize(int64(n))) } func (sc *serverConn) curOpenStreams() uint32 { @@ -815,8 +813,7 @@ const maxCachedCanonicalHeadersKeysSize = 2048 func (sc *serverConn) canonicalHeader(v string) string { sc.serveG.check() - buildCommonHeaderMapsOnce() - cv, ok := commonCanonHeader[v] + cv, ok := httpcommon.CachedCanonicalHeader(v) if ok { return cv } @@ -923,7 +920,7 @@ func (sc *serverConn) notePanic() { } } -func (sc *serverConn) serve() { +func (sc *serverConn) serve(conf http2Config) { sc.serveG.check() defer sc.notePanic() defer sc.conn.Close() @@ -935,20 +932,24 @@ func (sc *serverConn) serve() { sc.vlogf("http2: server connection from %v on %p", sc.conn.RemoteAddr(), sc.hs) } + settings := writeSettings{ + {SettingMaxFrameSize, conf.MaxReadFrameSize}, + {SettingMaxConcurrentStreams, sc.advMaxStreams}, + {SettingMaxHeaderListSize, sc.maxHeaderListSize()}, + {SettingHeaderTableSize, conf.MaxDecoderHeaderTableSize}, + {SettingInitialWindowSize, uint32(sc.initialStreamRecvWindowSize)}, + } + if !disableExtendedConnectProtocol { + settings = append(settings, Setting{SettingEnableConnectProtocol, 1}) + } sc.writeFrame(FrameWriteRequest{ - write: writeSettings{ - {SettingMaxFrameSize, sc.srv.maxReadFrameSize()}, - {SettingMaxConcurrentStreams, sc.advMaxStreams}, - {SettingMaxHeaderListSize, sc.maxHeaderListSize()}, - {SettingHeaderTableSize, sc.srv.maxDecoderHeaderTableSize()}, - {SettingInitialWindowSize, uint32(sc.srv.initialStreamRecvWindowSize())}, - }, + write: settings, }) sc.unackedSettings++ // Each connection starts with initialWindowSize inflow tokens. // If a higher value is configured, we add more tokens. - if diff := sc.srv.initialConnRecvWindowSize() - initialWindowSize; diff > 0 { + if diff := conf.MaxUploadBufferPerConnection - initialWindowSize; diff > 0 { sc.sendWindowUpdate(nil, int(diff)) } @@ -968,11 +969,18 @@ func (sc *serverConn) serve() { defer sc.idleTimer.Stop() } + if conf.SendPingTimeout > 0 { + sc.readIdleTimeout = conf.SendPingTimeout + sc.readIdleTimer = sc.srv.afterFunc(conf.SendPingTimeout, sc.onReadIdleTimer) + defer sc.readIdleTimer.Stop() + } + go sc.readFrames() // closed by defer sc.conn.Close above settingsTimer := sc.srv.afterFunc(firstSettingsTimeout, sc.onSettingsTimer) defer settingsTimer.Stop() + lastFrameTime := sc.srv.now() loopNum := 0 for { loopNum++ @@ -986,6 +994,7 @@ func (sc *serverConn) serve() { case res := <-sc.wroteFrameCh: sc.wroteFrame(res) case res := <-sc.readFrameCh: + lastFrameTime = sc.srv.now() // Process any written frames before reading new frames from the client since a // written frame could have triggered a new stream to be started. if sc.writingFrameAsync { @@ -1017,6 +1026,8 @@ func (sc *serverConn) serve() { case idleTimerMsg: sc.vlogf("connection is idle") sc.goAway(ErrCodeNo) + case readIdleTimerMsg: + sc.handlePingTimer(lastFrameTime) case shutdownTimerMsg: sc.vlogf("GOAWAY close timer fired; closing conn from %v", sc.conn.RemoteAddr()) return @@ -1039,7 +1050,7 @@ func (sc *serverConn) serve() { // If the peer is causing us to generate a lot of control frames, // but not reading them from us, assume they are trying to make us // run out of memory. - if sc.queuedControlFrames > sc.srv.maxQueuedControlFrames() { + if sc.queuedControlFrames > maxQueuedControlFrames { sc.vlogf("http2: too many control frames in send queue, closing connection") return } @@ -1055,12 +1066,39 @@ func (sc *serverConn) serve() { } } +func (sc *serverConn) handlePingTimer(lastFrameReadTime time.Time) { + if sc.pingSent { + sc.vlogf("timeout waiting for PING response") + sc.conn.Close() + return + } + + pingAt := lastFrameReadTime.Add(sc.readIdleTimeout) + now := sc.srv.now() + if pingAt.After(now) { + // We received frames since arming the ping timer. + // Reset it for the next possible timeout. + sc.readIdleTimer.Reset(pingAt.Sub(now)) + return + } + + sc.pingSent = true + // Ignore crypto/rand.Read errors: It generally can't fail, and worse case if it does + // is we send a PING frame containing 0s. + _, _ = rand.Read(sc.sentPingData[:]) + sc.writeFrame(FrameWriteRequest{ + write: &writePing{data: sc.sentPingData}, + }) + sc.readIdleTimer.Reset(sc.pingTimeout) +} + type serverMessage int // Message values sent to serveMsgCh. var ( settingsTimerMsg = new(serverMessage) idleTimerMsg = new(serverMessage) + readIdleTimerMsg = new(serverMessage) shutdownTimerMsg = new(serverMessage) gracefulShutdownMsg = new(serverMessage) handlerDoneMsg = new(serverMessage) @@ -1068,6 +1106,7 @@ var ( func (sc *serverConn) onSettingsTimer() { sc.sendServeMsg(settingsTimerMsg) } func (sc *serverConn) onIdleTimer() { sc.sendServeMsg(idleTimerMsg) } +func (sc *serverConn) onReadIdleTimer() { sc.sendServeMsg(readIdleTimerMsg) } func (sc *serverConn) onShutdownTimer() { sc.sendServeMsg(shutdownTimerMsg) } func (sc *serverConn) sendServeMsg(msg interface{}) { @@ -1320,6 +1359,10 @@ func (sc *serverConn) wroteFrame(res frameWriteResult) { sc.writingFrame = false sc.writingFrameAsync = false + if res.err != nil { + sc.conn.Close() + } + wr := res.wr if writeEndsStream(wr.write) { @@ -1594,6 +1637,11 @@ func (sc *serverConn) processFrame(f Frame) error { func (sc *serverConn) processPing(f *PingFrame) error { sc.serveG.check() if f.IsAck() { + if sc.pingSent && sc.sentPingData == f.Data { + // This is a response to a PING we sent. + sc.pingSent = false + sc.readIdleTimer.Reset(sc.readIdleTimeout) + } // 6.7 PING: " An endpoint MUST NOT respond to PING frames // containing this flag." return nil @@ -1757,6 +1805,9 @@ func (sc *serverConn) processSetting(s Setting) error { sc.maxFrameSize = int32(s.Val) // the maximum valid s.Val is < 2^31 case SettingMaxHeaderListSize: sc.peerMaxHeaderListSize = s.Val + case SettingEnableConnectProtocol: + // Receipt of this parameter by a server does not + // have any impact default: // Unknown setting: "An endpoint that receives a SETTINGS // frame with any unknown or unsupported identifier MUST @@ -2160,7 +2211,7 @@ func (sc *serverConn) newStream(id, pusherID uint32, state streamState) *stream st.cw.Init() st.flow.conn = &sc.flow // link to conn-level counter st.flow.add(sc.initialStreamSendWindowSize) - st.inflow.init(sc.srv.initialStreamRecvWindowSize()) + st.inflow.init(sc.initialStreamRecvWindowSize) if sc.hs.WriteTimeout > 0 { st.writeDeadline = sc.srv.afterFunc(sc.hs.WriteTimeout, st.onWriteTimeout) } @@ -2182,19 +2233,25 @@ func (sc *serverConn) newStream(id, pusherID uint32, state streamState) *stream func (sc *serverConn) newWriterAndRequest(st *stream, f *MetaHeadersFrame) (*responseWriter, *http.Request, error) { sc.serveG.check() - rp := requestParam{ - method: f.PseudoValue("method"), - scheme: f.PseudoValue("scheme"), - authority: f.PseudoValue("authority"), - path: f.PseudoValue("path"), + rp := httpcommon.ServerRequestParam{ + Method: f.PseudoValue("method"), + Scheme: f.PseudoValue("scheme"), + Authority: f.PseudoValue("authority"), + Path: f.PseudoValue("path"), + Protocol: f.PseudoValue("protocol"), } - isConnect := rp.method == "CONNECT" + // extended connect is disabled, so we should not see :protocol + if disableExtendedConnectProtocol && rp.Protocol != "" { + return nil, nil, sc.countError("bad_connect", streamError(f.StreamID, ErrCodeProtocol)) + } + + isConnect := rp.Method == "CONNECT" if isConnect { - if rp.path != "" || rp.scheme != "" || rp.authority == "" { + if rp.Protocol == "" && (rp.Path != "" || rp.Scheme != "" || rp.Authority == "") { return nil, nil, sc.countError("bad_connect", streamError(f.StreamID, ErrCodeProtocol)) } - } else if rp.method == "" || rp.path == "" || (rp.scheme != "https" && rp.scheme != "http") { + } else if rp.Method == "" || rp.Path == "" || (rp.Scheme != "https" && rp.Scheme != "http") { // See 8.1.2.6 Malformed Requests and Responses: // // Malformed requests or responses that are detected @@ -2208,12 +2265,16 @@ func (sc *serverConn) newWriterAndRequest(st *stream, f *MetaHeadersFrame) (*res return nil, nil, sc.countError("bad_path_method", streamError(f.StreamID, ErrCodeProtocol)) } - rp.header = make(http.Header) + header := make(http.Header) + rp.Header = header for _, hf := range f.RegularFields() { - rp.header.Add(sc.canonicalHeader(hf.Name), hf.Value) + header.Add(sc.canonicalHeader(hf.Name), hf.Value) } - if rp.authority == "" { - rp.authority = rp.header.Get("Host") + if rp.Authority == "" { + rp.Authority = header.Get("Host") + } + if rp.Protocol != "" { + header.Set(":protocol", rp.Protocol) } rw, req, err := sc.newWriterAndRequestNoBody(st, rp) @@ -2222,7 +2283,7 @@ func (sc *serverConn) newWriterAndRequest(st *stream, f *MetaHeadersFrame) (*res } bodyOpen := !f.StreamEnded() if bodyOpen { - if vv, ok := rp.header["Content-Length"]; ok { + if vv, ok := rp.Header["Content-Length"]; ok { if cl, err := strconv.ParseUint(vv[0], 10, 63); err == nil { req.ContentLength = int64(cl) } else { @@ -2238,83 +2299,38 @@ func (sc *serverConn) newWriterAndRequest(st *stream, f *MetaHeadersFrame) (*res return rw, req, nil } -type requestParam struct { - method string - scheme, authority, path string - header http.Header -} - -func (sc *serverConn) newWriterAndRequestNoBody(st *stream, rp requestParam) (*responseWriter, *http.Request, error) { +func (sc *serverConn) newWriterAndRequestNoBody(st *stream, rp httpcommon.ServerRequestParam) (*responseWriter, *http.Request, error) { sc.serveG.check() var tlsState *tls.ConnectionState // nil if not scheme https - if rp.scheme == "https" { + if rp.Scheme == "https" { tlsState = sc.tlsState } - needsContinue := httpguts.HeaderValuesContainsToken(rp.header["Expect"], "100-continue") - if needsContinue { - rp.header.Del("Expect") - } - // Merge Cookie headers into one "; "-delimited value. - if cookies := rp.header["Cookie"]; len(cookies) > 1 { - rp.header.Set("Cookie", strings.Join(cookies, "; ")) - } - - // Setup Trailers - var trailer http.Header - for _, v := range rp.header["Trailer"] { - for _, key := range strings.Split(v, ",") { - key = http.CanonicalHeaderKey(textproto.TrimString(key)) - switch key { - case "Transfer-Encoding", "Trailer", "Content-Length": - // Bogus. (copy of http1 rules) - // Ignore. - default: - if trailer == nil { - trailer = make(http.Header) - } - trailer[key] = nil - } - } - } - delete(rp.header, "Trailer") - - var url_ *url.URL - var requestURI string - if rp.method == "CONNECT" { - url_ = &url.URL{Host: rp.authority} - requestURI = rp.authority // mimic HTTP/1 server behavior - } else { - var err error - url_, err = url.ParseRequestURI(rp.path) - if err != nil { - return nil, nil, sc.countError("bad_path", streamError(st.id, ErrCodeProtocol)) - } - requestURI = rp.path + res := httpcommon.NewServerRequest(rp) + if res.InvalidReason != "" { + return nil, nil, sc.countError(res.InvalidReason, streamError(st.id, ErrCodeProtocol)) } body := &requestBody{ conn: sc, stream: st, - needsContinue: needsContinue, + needsContinue: res.NeedsContinue, } - req := &http.Request{ - Method: rp.method, - URL: url_, + req := (&http.Request{ + Method: rp.Method, + URL: res.URL, RemoteAddr: sc.remoteAddrStr, - Header: rp.header, - RequestURI: requestURI, + Header: rp.Header, + RequestURI: res.RequestURI, Proto: "HTTP/2.0", ProtoMajor: 2, ProtoMinor: 0, TLS: tlsState, - Host: rp.authority, + Host: rp.Authority, Body: body, - Trailer: trailer, - } - req = req.WithContext(st.ctx) - + Trailer: res.Trailer, + }).WithContext(st.ctx) rw := sc.newResponseWriter(st, req) return rw, req, nil } @@ -2855,6 +2871,11 @@ func (w *responseWriter) SetWriteDeadline(deadline time.Time) error { return nil } +func (w *responseWriter) EnableFullDuplex() error { + // We always support full duplex responses, so this is a no-op. + return nil +} + func (w *responseWriter) Flush() { w.FlushError() } @@ -3204,12 +3225,12 @@ func (sc *serverConn) startPush(msg *startPushRequest) { // we start in "half closed (remote)" for simplicity. // See further comments at the definition of stateHalfClosedRemote. promised := sc.newStream(promisedID, msg.parent.id, stateHalfClosedRemote) - rw, req, err := sc.newWriterAndRequestNoBody(promised, requestParam{ - method: msg.method, - scheme: msg.url.Scheme, - authority: msg.url.Host, - path: msg.url.RequestURI(), - header: cloneHeader(msg.header), // clone since handler runs concurrently with writing the PUSH_PROMISE + rw, req, err := sc.newWriterAndRequestNoBody(promised, httpcommon.ServerRequestParam{ + Method: msg.method, + Scheme: msg.url.Scheme, + Authority: msg.url.Host, + Path: msg.url.RequestURI(), + Header: cloneHeader(msg.header), // clone since handler runs concurrently with writing the PUSH_PROMISE }) if err != nil { // Should not happen, since we've already validated msg.url. @@ -3301,7 +3322,7 @@ func (sc *serverConn) countError(name string, err error) error { if sc == nil || sc.srv == nil { return err } - f := sc.srv.CountError + f := sc.countErrorFunc if f == nil { return err } diff --git a/vendor/golang.org/x/net/http2/transport.go b/vendor/golang.org/x/net/http2/transport.go index 61f511f97..f26356b9c 100644 --- a/vendor/golang.org/x/net/http2/transport.go +++ b/vendor/golang.org/x/net/http2/transport.go @@ -25,8 +25,6 @@ import ( "net/http" "net/http/httptrace" "net/textproto" - "os" - "sort" "strconv" "strings" "sync" @@ -36,6 +34,7 @@ import ( "golang.org/x/net/http/httpguts" "golang.org/x/net/http2/hpack" "golang.org/x/net/idna" + "golang.org/x/net/internal/httpcommon" ) const ( @@ -203,6 +202,20 @@ func (t *Transport) markNewGoroutine() { } } +func (t *Transport) now() time.Time { + if t != nil && t.transportTestHooks != nil { + return t.transportTestHooks.group.Now() + } + return time.Now() +} + +func (t *Transport) timeSince(when time.Time) time.Duration { + if t != nil && t.transportTestHooks != nil { + return t.now().Sub(when) + } + return time.Since(when) +} + // newTimer creates a new time.Timer, or a synthetic timer in tests. func (t *Transport) newTimer(d time.Duration) timer { if t.transportTestHooks != nil { @@ -227,40 +240,26 @@ func (t *Transport) contextWithTimeout(ctx context.Context, d time.Duration) (co } func (t *Transport) maxHeaderListSize() uint32 { - if t.MaxHeaderListSize == 0 { + n := int64(t.MaxHeaderListSize) + if t.t1 != nil && t.t1.MaxResponseHeaderBytes != 0 { + n = t.t1.MaxResponseHeaderBytes + if n > 0 { + n = adjustHTTP1MaxHeaderSize(n) + } + } + if n <= 0 { return 10 << 20 } - if t.MaxHeaderListSize == 0xffffffff { + if n >= 0xffffffff { return 0 } - return t.MaxHeaderListSize -} - -func (t *Transport) maxFrameReadSize() uint32 { - if t.MaxReadFrameSize == 0 { - return 0 // use the default provided by the peer - } - if t.MaxReadFrameSize < minMaxFrameSize { - return minMaxFrameSize - } - if t.MaxReadFrameSize > maxFrameSize { - return maxFrameSize - } - return t.MaxReadFrameSize + return uint32(n) } func (t *Transport) disableCompression() bool { return t.DisableCompression || (t.t1 != nil && t.t1.DisableCompression) } -func (t *Transport) pingTimeout() time.Duration { - if t.PingTimeout == 0 { - return 15 * time.Second - } - return t.PingTimeout - -} - // ConfigureTransport configures a net/http HTTP/1 Transport to use HTTP/2. // It returns an error if t1 has already been HTTP/2-enabled. // @@ -296,8 +295,8 @@ func configureTransports(t1 *http.Transport) (*Transport, error) { if !strSliceContains(t1.TLSClientConfig.NextProtos, "http/1.1") { t1.TLSClientConfig.NextProtos = append(t1.TLSClientConfig.NextProtos, "http/1.1") } - upgradeFn := func(authority string, c *tls.Conn) http.RoundTripper { - addr := authorityAddr("https", authority) + upgradeFn := func(scheme, authority string, c net.Conn) http.RoundTripper { + addr := authorityAddr(scheme, authority) if used, err := connPool.addConnIfNeeded(addr, t2, c); err != nil { go c.Close() return erringRoundTripper{err} @@ -308,18 +307,37 @@ func configureTransports(t1 *http.Transport) (*Transport, error) { // was unknown) go c.Close() } + if scheme == "http" { + return (*unencryptedTransport)(t2) + } return t2 } - if m := t1.TLSNextProto; len(m) == 0 { - t1.TLSNextProto = map[string]func(string, *tls.Conn) http.RoundTripper{ - "h2": upgradeFn, + if t1.TLSNextProto == nil { + t1.TLSNextProto = make(map[string]func(string, *tls.Conn) http.RoundTripper) + } + t1.TLSNextProto[NextProtoTLS] = func(authority string, c *tls.Conn) http.RoundTripper { + return upgradeFn("https", authority, c) + } + // The "unencrypted_http2" TLSNextProto key is used to pass off non-TLS HTTP/2 conns. + t1.TLSNextProto[nextProtoUnencryptedHTTP2] = func(authority string, c *tls.Conn) http.RoundTripper { + nc, err := unencryptedNetConnFromTLSConn(c) + if err != nil { + go c.Close() + return erringRoundTripper{err} } - } else { - m["h2"] = upgradeFn + return upgradeFn("http", authority, nc) } return t2, nil } +// unencryptedTransport is a Transport with a RoundTrip method that +// always permits http:// URLs. +type unencryptedTransport Transport + +func (t *unencryptedTransport) RoundTrip(req *http.Request) (*http.Response, error) { + return (*Transport)(t).RoundTripOpt(req, RoundTripOpt{allowHTTP: true}) +} + func (t *Transport) connPool() ClientConnPool { t.connPoolOnce.Do(t.initConnPool) return t.connPoolOrDef @@ -339,7 +357,7 @@ type ClientConn struct { t *Transport tconn net.Conn // usually *tls.Conn, except specialized impls tlsState *tls.ConnectionState // nil only for specialized impls - reused uint32 // whether conn is being reused; atomic + atomicReused uint32 // whether conn is being reused; atomic singleUse bool // whether being used for a single http.Request getConnCalled bool // used by clientConnPool @@ -350,31 +368,55 @@ type ClientConn struct { idleTimeout time.Duration // or 0 for never idleTimer timer - mu sync.Mutex // guards following - cond *sync.Cond // hold mu; broadcast on flow/closed changes - flow outflow // our conn-level flow control quota (cs.outflow is per stream) - inflow inflow // peer's conn-level flow control - doNotReuse bool // whether conn is marked to not be reused for any future requests - closing bool - closed bool - seenSettings bool // true if we've seen a settings frame, false otherwise - wantSettingsAck bool // we sent a SETTINGS frame and haven't heard back - goAway *GoAwayFrame // if non-nil, the GoAwayFrame we received - goAwayDebug string // goAway frame's debug data, retained as a string - streams map[uint32]*clientStream // client-initiated - streamsReserved int // incr by ReserveNewRequest; decr on RoundTrip - nextStreamID uint32 - pendingRequests int // requests blocked and waiting to be sent because len(streams) == maxConcurrentStreams - pings map[[8]byte]chan struct{} // in flight ping data to notification channel - br *bufio.Reader - lastActive time.Time - lastIdle time.Time // time last idle + mu sync.Mutex // guards following + cond *sync.Cond // hold mu; broadcast on flow/closed changes + flow outflow // our conn-level flow control quota (cs.outflow is per stream) + inflow inflow // peer's conn-level flow control + doNotReuse bool // whether conn is marked to not be reused for any future requests + closing bool + closed bool + closedOnIdle bool // true if conn was closed for idleness + seenSettings bool // true if we've seen a settings frame, false otherwise + seenSettingsChan chan struct{} // closed when seenSettings is true or frame reading fails + wantSettingsAck bool // we sent a SETTINGS frame and haven't heard back + goAway *GoAwayFrame // if non-nil, the GoAwayFrame we received + goAwayDebug string // goAway frame's debug data, retained as a string + streams map[uint32]*clientStream // client-initiated + streamsReserved int // incr by ReserveNewRequest; decr on RoundTrip + nextStreamID uint32 + pendingRequests int // requests blocked and waiting to be sent because len(streams) == maxConcurrentStreams + pings map[[8]byte]chan struct{} // in flight ping data to notification channel + br *bufio.Reader + lastActive time.Time + lastIdle time.Time // time last idle // Settings from peer: (also guarded by wmu) - maxFrameSize uint32 - maxConcurrentStreams uint32 - peerMaxHeaderListSize uint64 - peerMaxHeaderTableSize uint32 - initialWindowSize uint32 + maxFrameSize uint32 + maxConcurrentStreams uint32 + peerMaxHeaderListSize uint64 + peerMaxHeaderTableSize uint32 + initialWindowSize uint32 + initialStreamRecvWindowSize int32 + readIdleTimeout time.Duration + pingTimeout time.Duration + extendedConnectAllowed bool + + // rstStreamPingsBlocked works around an unfortunate gRPC behavior. + // gRPC strictly limits the number of PING frames that it will receive. + // The default is two pings per two hours, but the limit resets every time + // the gRPC endpoint sends a HEADERS or DATA frame. See golang/go#70575. + // + // rstStreamPingsBlocked is set after receiving a response to a PING frame + // bundled with an RST_STREAM (see pendingResets below), and cleared after + // receiving a HEADERS or DATA frame. + rstStreamPingsBlocked bool + + // pendingResets is the number of RST_STREAM frames we have sent to the peer, + // without confirming that the peer has received them. When we send a RST_STREAM, + // we bundle it with a PING frame, unless a PING is already in flight. We count + // the reset stream against the connection's concurrency limit until we get + // a PING response. This limits the number of requests we'll try to send to a + // completely unresponsive connection. + pendingResets int // reqHeaderMu is a 1-element semaphore channel controlling access to sending new requests. // Write to reqHeaderMu to lock it, read from it to unlock. @@ -432,12 +474,12 @@ type clientStream struct { sentHeaders bool // owned by clientConnReadLoop: - firstByte bool // got the first response byte - pastHeaders bool // got first MetaHeadersFrame (actual headers) - pastTrailers bool // got optional second MetaHeadersFrame (trailers) - num1xx uint8 // number of 1xx responses seen - readClosed bool // peer sent an END_STREAM flag - readAborted bool // read loop reset the stream + firstByte bool // got the first response byte + pastHeaders bool // got first MetaHeadersFrame (actual headers) + pastTrailers bool // got optional second MetaHeadersFrame (trailers) + readClosed bool // peer sent an END_STREAM flag + readAborted bool // read loop reset the stream + totalHeaderSize int64 // total size of 1xx headers seen trailer http.Header // accumulated trailers resTrailer *http.Header // client's Response.Trailer @@ -499,6 +541,7 @@ func (cs *clientStream) closeReqBodyLocked() { } type stickyErrWriter struct { + group synctestGroupInterface conn net.Conn timeout time.Duration err *error @@ -508,22 +551,9 @@ func (sew stickyErrWriter) Write(p []byte) (n int, err error) { if *sew.err != nil { return 0, *sew.err } - for { - if sew.timeout != 0 { - sew.conn.SetWriteDeadline(time.Now().Add(sew.timeout)) - } - nn, err := sew.conn.Write(p[n:]) - n += nn - if n < len(p) && nn > 0 && errors.Is(err, os.ErrDeadlineExceeded) { - // Keep extending the deadline so long as we're making progress. - continue - } - if sew.timeout != 0 { - sew.conn.SetWriteDeadline(time.Time{}) - } - *sew.err = err - return n, err - } + n, err = writeWithByteTimeout(sew.group, sew.conn, sew.timeout, p) + *sew.err = err + return n, err } // noCachedConnError is the concrete type of ErrNoCachedConn, which @@ -554,6 +584,8 @@ type RoundTripOpt struct { // no cached connection is available, RoundTripOpt // will return ErrNoCachedConn. OnlyCachedConn bool + + allowHTTP bool // allow http:// URLs } func (t *Transport) RoundTrip(req *http.Request) (*http.Response, error) { @@ -586,7 +618,14 @@ func authorityAddr(scheme string, authority string) (addr string) { // RoundTripOpt is like RoundTrip, but takes options. func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Response, error) { - if !(req.URL.Scheme == "https" || (req.URL.Scheme == "http" && t.AllowHTTP)) { + switch req.URL.Scheme { + case "https": + // Always okay. + case "http": + if !t.AllowHTTP && !opt.allowHTTP { + return nil, errors.New("http2: unencrypted HTTP/2 not enabled") + } + default: return nil, errors.New("http2: unsupported scheme") } @@ -597,7 +636,7 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res t.vlogf("http2: Transport failed to get client conn for %s: %v", addr, err) return nil, err } - reused := !atomic.CompareAndSwapUint32(&cc.reused, 0, 1) + reused := !atomic.CompareAndSwapUint32(&cc.atomicReused, 0, 1) traceGotConn(req, cc, reused) res, err := cc.RoundTrip(req) if err != nil && retry <= 6 { @@ -622,6 +661,22 @@ func (t *Transport) RoundTripOpt(req *http.Request, opt RoundTripOpt) (*http.Res } } } + if err == errClientConnNotEstablished { + // This ClientConn was created recently, + // this is the first request to use it, + // and the connection is closed and not usable. + // + // In this state, cc.idleTimer will remove the conn from the pool + // when it fires. Stop the timer and remove it here so future requests + // won't try to use this connection. + // + // If the timer has already fired and we're racing it, the redundant + // call to MarkDead is harmless. + if cc.idleTimer != nil { + cc.idleTimer.Stop() + } + t.connPool().MarkDead(cc) + } if err != nil { t.vlogf("RoundTrip failure: %v", err) return nil, err @@ -640,9 +695,10 @@ func (t *Transport) CloseIdleConnections() { } var ( - errClientConnClosed = errors.New("http2: client conn is closed") - errClientConnUnusable = errors.New("http2: client conn not usable") - errClientConnGotGoAway = errors.New("http2: Transport received Server's graceful shutdown GOAWAY") + errClientConnClosed = errors.New("http2: client conn is closed") + errClientConnUnusable = errors.New("http2: client conn not usable") + errClientConnNotEstablished = errors.New("http2: client conn could not be established") + errClientConnGotGoAway = errors.New("http2: Transport received Server's graceful shutdown GOAWAY") ) // shouldRetryRequest is called by RoundTrip when a request fails to get @@ -758,44 +814,38 @@ func (t *Transport) expectContinueTimeout() time.Duration { return t.t1.ExpectContinueTimeout } -func (t *Transport) maxDecoderHeaderTableSize() uint32 { - if v := t.MaxDecoderHeaderTableSize; v > 0 { - return v - } - return initialHeaderTableSize -} - -func (t *Transport) maxEncoderHeaderTableSize() uint32 { - if v := t.MaxEncoderHeaderTableSize; v > 0 { - return v - } - return initialHeaderTableSize -} - func (t *Transport) NewClientConn(c net.Conn) (*ClientConn, error) { return t.newClientConn(c, t.disableKeepAlives()) } func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, error) { + conf := configFromTransport(t) cc := &ClientConn{ - t: t, - tconn: c, - readerDone: make(chan struct{}), - nextStreamID: 1, - maxFrameSize: 16 << 10, // spec default - initialWindowSize: 65535, // spec default - maxConcurrentStreams: initialMaxConcurrentStreams, // "infinite", per spec. Use a smaller value until we have received server settings. - peerMaxHeaderListSize: 0xffffffffffffffff, // "infinite", per spec. Use 2^64-1 instead. - streams: make(map[uint32]*clientStream), - singleUse: singleUse, - wantSettingsAck: true, - pings: make(map[[8]byte]chan struct{}), - reqHeaderMu: make(chan struct{}, 1), + t: t, + tconn: c, + readerDone: make(chan struct{}), + nextStreamID: 1, + maxFrameSize: 16 << 10, // spec default + initialWindowSize: 65535, // spec default + initialStreamRecvWindowSize: conf.MaxUploadBufferPerStream, + maxConcurrentStreams: initialMaxConcurrentStreams, // "infinite", per spec. Use a smaller value until we have received server settings. + peerMaxHeaderListSize: 0xffffffffffffffff, // "infinite", per spec. Use 2^64-1 instead. + streams: make(map[uint32]*clientStream), + singleUse: singleUse, + seenSettingsChan: make(chan struct{}), + wantSettingsAck: true, + readIdleTimeout: conf.SendPingTimeout, + pingTimeout: conf.PingTimeout, + pings: make(map[[8]byte]chan struct{}), + reqHeaderMu: make(chan struct{}, 1), + lastActive: t.now(), } + var group synctestGroupInterface if t.transportTestHooks != nil { t.markNewGoroutine() t.transportTestHooks.newclientconn(cc) c = cc.tconn + group = t.group } if VerboseLogs { t.vlogf("http2: Transport creating client conn %p to %v", cc, c.RemoteAddr()) @@ -807,24 +857,23 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro // TODO: adjust this writer size to account for frame size + // MTU + crypto/tls record padding. cc.bw = bufio.NewWriter(stickyErrWriter{ + group: group, conn: c, - timeout: t.WriteByteTimeout, + timeout: conf.WriteByteTimeout, err: &cc.werr, }) cc.br = bufio.NewReader(c) cc.fr = NewFramer(cc.bw, cc.br) - if t.maxFrameReadSize() != 0 { - cc.fr.SetMaxReadFrameSize(t.maxFrameReadSize()) - } + cc.fr.SetMaxReadFrameSize(conf.MaxReadFrameSize) if t.CountError != nil { cc.fr.countError = t.CountError } - maxHeaderTableSize := t.maxDecoderHeaderTableSize() + maxHeaderTableSize := conf.MaxDecoderHeaderTableSize cc.fr.ReadMetaHeaders = hpack.NewDecoder(maxHeaderTableSize, nil) cc.fr.MaxHeaderListSize = t.maxHeaderListSize() cc.henc = hpack.NewEncoder(&cc.hbuf) - cc.henc.SetMaxDynamicTableSizeLimit(t.maxEncoderHeaderTableSize()) + cc.henc.SetMaxDynamicTableSizeLimit(conf.MaxEncoderHeaderTableSize) cc.peerMaxHeaderTableSize = initialHeaderTableSize if cs, ok := c.(connectionStater); ok { @@ -834,11 +883,9 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro initialSettings := []Setting{ {ID: SettingEnablePush, Val: 0}, - {ID: SettingInitialWindowSize, Val: transportDefaultStreamFlow}, - } - if max := t.maxFrameReadSize(); max != 0 { - initialSettings = append(initialSettings, Setting{ID: SettingMaxFrameSize, Val: max}) + {ID: SettingInitialWindowSize, Val: uint32(cc.initialStreamRecvWindowSize)}, } + initialSettings = append(initialSettings, Setting{ID: SettingMaxFrameSize, Val: conf.MaxReadFrameSize}) if max := t.maxHeaderListSize(); max != 0 { initialSettings = append(initialSettings, Setting{ID: SettingMaxHeaderListSize, Val: max}) } @@ -848,8 +895,8 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro cc.bw.Write(clientPreface) cc.fr.WriteSettings(initialSettings...) - cc.fr.WriteWindowUpdate(0, transportDefaultConnFlow) - cc.inflow.init(transportDefaultConnFlow + initialWindowSize) + cc.fr.WriteWindowUpdate(0, uint32(conf.MaxUploadBufferPerConnection)) + cc.inflow.init(conf.MaxUploadBufferPerConnection + initialWindowSize) cc.bw.Flush() if cc.werr != nil { cc.Close() @@ -867,7 +914,7 @@ func (t *Transport) newClientConn(c net.Conn, singleUse bool) (*ClientConn, erro } func (cc *ClientConn) healthCheck() { - pingTimeout := cc.t.pingTimeout() + pingTimeout := cc.pingTimeout // We don't need to periodically ping in the health check, because the readLoop of ClientConn will // trigger the healthCheck again if there is no frame received. ctx, cancel := cc.t.contextWithTimeout(context.Background(), pingTimeout) @@ -995,7 +1042,7 @@ func (cc *ClientConn) State() ClientConnState { return ClientConnState{ Closed: cc.closed, Closing: cc.closing || cc.singleUse || cc.doNotReuse || cc.goAway != nil, - StreamsActive: len(cc.streams), + StreamsActive: len(cc.streams) + cc.pendingResets, StreamsReserved: cc.streamsReserved, StreamsPending: cc.pendingRequests, LastIdle: cc.lastIdle, @@ -1027,16 +1074,40 @@ func (cc *ClientConn) idleStateLocked() (st clientConnIdleState) { // writing it. maxConcurrentOkay = true } else { - maxConcurrentOkay = int64(len(cc.streams)+cc.streamsReserved+1) <= int64(cc.maxConcurrentStreams) + // We can take a new request if the total of + // - active streams; + // - reservation slots for new streams; and + // - streams for which we have sent a RST_STREAM and a PING, + // but received no subsequent frame + // is less than the concurrency limit. + maxConcurrentOkay = cc.currentRequestCountLocked() < int(cc.maxConcurrentStreams) } st.canTakeNewRequest = cc.goAway == nil && !cc.closed && !cc.closing && maxConcurrentOkay && !cc.doNotReuse && int64(cc.nextStreamID)+2*int64(cc.pendingRequests) < math.MaxInt32 && !cc.tooIdleLocked() + + // If this connection has never been used for a request and is closed, + // then let it take a request (which will fail). + // If the conn was closed for idleness, we're racing the idle timer; + // don't try to use the conn. (Issue #70515.) + // + // This avoids a situation where an error early in a connection's lifetime + // goes unreported. + if cc.nextStreamID == 1 && cc.streamsReserved == 0 && cc.closed && !cc.closedOnIdle { + st.canTakeNewRequest = true + } + return } +// currentRequestCountLocked reports the number of concurrency slots currently in use, +// including active streams, reserved slots, and reset streams waiting for acknowledgement. +func (cc *ClientConn) currentRequestCountLocked() int { + return len(cc.streams) + cc.streamsReserved + cc.pendingResets +} + func (cc *ClientConn) canTakeNewRequestLocked() bool { st := cc.idleStateLocked() return st.canTakeNewRequest @@ -1049,7 +1120,7 @@ func (cc *ClientConn) tooIdleLocked() bool { // times are compared based on their wall time. We don't want // to reuse a connection that's been sitting idle during // VM/laptop suspend if monotonic time was also frozen. - return cc.idleTimeout != 0 && !cc.lastIdle.IsZero() && time.Since(cc.lastIdle.Round(0)) > cc.idleTimeout + return cc.idleTimeout != 0 && !cc.lastIdle.IsZero() && cc.t.timeSince(cc.lastIdle.Round(0)) > cc.idleTimeout } // onIdleTimeout is called from a time.AfterFunc goroutine. It will @@ -1087,6 +1158,7 @@ func (cc *ClientConn) closeIfIdle() { return } cc.closed = true + cc.closedOnIdle = true nextID := cc.nextStreamID // TODO: do clients send GOAWAY too? maybe? Just Close: cc.mu.Unlock() @@ -1203,23 +1275,6 @@ func (cc *ClientConn) closeForLostPing() { // exported. At least they'll be DeepEqual for h1-vs-h2 comparisons tests. var errRequestCanceled = errors.New("net/http: request canceled") -func commaSeparatedTrailers(req *http.Request) (string, error) { - keys := make([]string, 0, len(req.Trailer)) - for k := range req.Trailer { - k = canonicalHeader(k) - switch k { - case "Transfer-Encoding", "Trailer", "Content-Length": - return "", fmt.Errorf("invalid Trailer key %q", k) - } - keys = append(keys, k) - } - if len(keys) > 0 { - sort.Strings(keys) - return strings.Join(keys, ","), nil - } - return "", nil -} - func (cc *ClientConn) responseHeaderTimeout() time.Duration { if cc.t.t1 != nil { return cc.t.t1.ResponseHeaderTimeout @@ -1231,22 +1286,6 @@ func (cc *ClientConn) responseHeaderTimeout() time.Duration { return 0 } -// checkConnHeaders checks whether req has any invalid connection-level headers. -// per RFC 7540 section 8.1.2.2: Connection-Specific Header Fields. -// Certain headers are special-cased as okay but not transmitted later. -func checkConnHeaders(req *http.Request) error { - if v := req.Header.Get("Upgrade"); v != "" { - return fmt.Errorf("http2: invalid Upgrade request header: %q", req.Header["Upgrade"]) - } - if vv := req.Header["Transfer-Encoding"]; len(vv) > 0 && (len(vv) > 1 || vv[0] != "" && vv[0] != "chunked") { - return fmt.Errorf("http2: invalid Transfer-Encoding request header: %q", vv) - } - if vv := req.Header["Connection"]; len(vv) > 0 && (len(vv) > 1 || vv[0] != "" && !asciiEqualFold(vv[0], "close") && !asciiEqualFold(vv[0], "keep-alive")) { - return fmt.Errorf("http2: invalid Connection request header: %q", vv) - } - return nil -} - // actualContentLength returns a sanitized version of // req.ContentLength, where 0 actually means zero (not unknown) and -1 // means unknown. @@ -1292,25 +1331,7 @@ func (cc *ClientConn) roundTrip(req *http.Request, streamf func(*clientStream)) donec: make(chan struct{}), } - // TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere? - if !cc.t.disableCompression() && - req.Header.Get("Accept-Encoding") == "" && - req.Header.Get("Range") == "" && - !cs.isHead { - // Request gzip only, not deflate. Deflate is ambiguous and - // not as universally supported anyway. - // See: https://zlib.net/zlib_faq.html#faq39 - // - // Note that we don't request this for HEAD requests, - // due to a bug in nginx: - // http://trac.nginx.org/nginx/ticket/358 - // https://golang.org/issue/5522 - // - // We don't request gzip if the request is for a range, since - // auto-decoding a portion of a gzipped document will just fail - // anyway. See https://golang.org/issue/8923 - cs.requestedGzip = true - } + cs.requestedGzip = httpcommon.IsRequestGzip(req.Method, req.Header, cc.t.disableCompression()) go cs.doRequest(req, streamf) @@ -1411,6 +1432,8 @@ func (cs *clientStream) doRequest(req *http.Request, streamf func(*clientStream) cs.cleanupWriteRequest(err) } +var errExtendedConnectNotSupported = errors.New("net/http: extended connect not supported by peer") + // writeRequest sends a request. // // It returns nil after the request is written, the response read, @@ -1422,8 +1445,11 @@ func (cs *clientStream) writeRequest(req *http.Request, streamf func(*clientStre cc := cs.cc ctx := cs.ctx - if err := checkConnHeaders(req); err != nil { - return err + // wait for setting frames to be received, a server can change this value later, + // but we just wait for the first settings frame + var isExtendedConnect bool + if req.Method == "CONNECT" && req.Header.Get(":protocol") != "" { + isExtendedConnect = true } // Acquire the new-request lock by writing to reqHeaderMu. @@ -1432,6 +1458,18 @@ func (cs *clientStream) writeRequest(req *http.Request, streamf func(*clientStre if cc.reqHeaderMu == nil { panic("RoundTrip on uninitialized ClientConn") // for tests } + if isExtendedConnect { + select { + case <-cs.reqCancel: + return errRequestCanceled + case <-ctx.Done(): + return ctx.Err() + case <-cc.seenSettingsChan: + if !cc.extendedConnectAllowed { + return errExtendedConnectNotSupported + } + } + } select { case cc.reqHeaderMu <- struct{}{}: case <-cs.reqCancel: @@ -1570,26 +1608,39 @@ func (cs *clientStream) encodeAndWriteHeaders(req *http.Request) error { // we send: HEADERS{1}, CONTINUATION{0,} + DATA{0,} (DATA is // sent by writeRequestBody below, along with any Trailers, // again in form HEADERS{1}, CONTINUATION{0,}) - trailers, err := commaSeparatedTrailers(req) + cc.hbuf.Reset() + res, err := encodeRequestHeaders(req, cs.requestedGzip, cc.peerMaxHeaderListSize, func(name, value string) { + cc.writeHeader(name, value) + }) if err != nil { - return err - } - hasTrailers := trailers != "" - contentLen := actualContentLength(req) - hasBody := contentLen != 0 - hdrs, err := cc.encodeHeaders(req, cs.requestedGzip, trailers, contentLen) - if err != nil { - return err + return fmt.Errorf("http2: %w", err) } + hdrs := cc.hbuf.Bytes() // Write the request. - endStream := !hasBody && !hasTrailers + endStream := !res.HasBody && !res.HasTrailers cs.sentHeaders = true err = cc.writeHeaders(cs.ID, endStream, int(cc.maxFrameSize), hdrs) traceWroteHeaders(cs.trace) return err } +func encodeRequestHeaders(req *http.Request, addGzipHeader bool, peerMaxHeaderListSize uint64, headerf func(name, value string)) (httpcommon.EncodeHeadersResult, error) { + return httpcommon.EncodeHeaders(req.Context(), httpcommon.EncodeHeadersParam{ + Request: httpcommon.Request{ + Header: req.Header, + Trailer: req.Trailer, + URL: req.URL, + Host: req.Host, + Method: req.Method, + ActualContentLength: actualContentLength(req), + }, + AddGzipHeader: addGzipHeader, + PeerMaxHeaderListSize: peerMaxHeaderListSize, + DefaultUserAgent: defaultUserAgent, + }, headerf) +} + // cleanupWriteRequest performs post-request tasks. // // If err (the result of writeRequest) is non-nil and the stream is not closed, @@ -1613,6 +1664,7 @@ func (cs *clientStream) cleanupWriteRequest(err error) { cs.reqBodyClosed = make(chan struct{}) } bodyClosed := cs.reqBodyClosed + closeOnIdle := cc.singleUse || cc.doNotReuse || cc.t.disableKeepAlives() || cc.goAway != nil cc.mu.Unlock() if mustCloseBody { cs.reqBody.Close() @@ -1637,16 +1689,44 @@ func (cs *clientStream) cleanupWriteRequest(err error) { if cs.sentHeaders { if se, ok := err.(StreamError); ok { if se.Cause != errFromPeer { - cc.writeStreamReset(cs.ID, se.Code, err) + cc.writeStreamReset(cs.ID, se.Code, false, err) } } else { - cc.writeStreamReset(cs.ID, ErrCodeCancel, err) + // We're cancelling an in-flight request. + // + // This could be due to the server becoming unresponsive. + // To avoid sending too many requests on a dead connection, + // we let the request continue to consume a concurrency slot + // until we can confirm the server is still responding. + // We do this by sending a PING frame along with the RST_STREAM + // (unless a ping is already in flight). + // + // For simplicity, we don't bother tracking the PING payload: + // We reset cc.pendingResets any time we receive a PING ACK. + // + // We skip this if the conn is going to be closed on idle, + // because it's short lived and will probably be closed before + // we get the ping response. + ping := false + if !closeOnIdle { + cc.mu.Lock() + // rstStreamPingsBlocked works around a gRPC behavior: + // see comment on the field for details. + if !cc.rstStreamPingsBlocked { + if cc.pendingResets == 0 { + ping = true + } + cc.pendingResets++ + } + cc.mu.Unlock() + } + cc.writeStreamReset(cs.ID, ErrCodeCancel, ping, err) } } cs.bufPipe.CloseWithError(err) // no-op if already closed } else { if cs.sentHeaders && !cs.sentEndStream { - cc.writeStreamReset(cs.ID, ErrCodeNo, nil) + cc.writeStreamReset(cs.ID, ErrCodeNo, false, nil) } cs.bufPipe.CloseWithError(errRequestCanceled) } @@ -1668,12 +1748,17 @@ func (cs *clientStream) cleanupWriteRequest(err error) { // Must hold cc.mu. func (cc *ClientConn) awaitOpenSlotForStreamLocked(cs *clientStream) error { for { - cc.lastActive = time.Now() + if cc.closed && cc.nextStreamID == 1 && cc.streamsReserved == 0 { + // This is the very first request sent to this connection. + // Return a fatal error which aborts the retry loop. + return errClientConnNotEstablished + } + cc.lastActive = cc.t.now() if cc.closed || !cc.canTakeNewRequestLocked() { return errClientConnUnusable } cc.lastIdle = time.Time{} - if int64(len(cc.streams)) < int64(cc.maxConcurrentStreams) { + if cc.currentRequestCountLocked() < int(cc.maxConcurrentStreams) { return nil } cc.pendingRequests++ @@ -1943,214 +2028,6 @@ func (cs *clientStream) awaitFlowControl(maxBytes int) (taken int32, err error) } } -func validateHeaders(hdrs http.Header) string { - for k, vv := range hdrs { - if !httpguts.ValidHeaderFieldName(k) { - return fmt.Sprintf("name %q", k) - } - for _, v := range vv { - if !httpguts.ValidHeaderFieldValue(v) { - // Don't include the value in the error, - // because it may be sensitive. - return fmt.Sprintf("value for header %q", k) - } - } - } - return "" -} - -var errNilRequestURL = errors.New("http2: Request.URI is nil") - -// requires cc.wmu be held. -func (cc *ClientConn) encodeHeaders(req *http.Request, addGzipHeader bool, trailers string, contentLength int64) ([]byte, error) { - cc.hbuf.Reset() - if req.URL == nil { - return nil, errNilRequestURL - } - - host := req.Host - if host == "" { - host = req.URL.Host - } - host, err := httpguts.PunycodeHostPort(host) - if err != nil { - return nil, err - } - if !httpguts.ValidHostHeader(host) { - return nil, errors.New("http2: invalid Host header") - } - - var path string - if req.Method != "CONNECT" { - path = req.URL.RequestURI() - if !validPseudoPath(path) { - orig := path - path = strings.TrimPrefix(path, req.URL.Scheme+"://"+host) - if !validPseudoPath(path) { - if req.URL.Opaque != "" { - return nil, fmt.Errorf("invalid request :path %q from URL.Opaque = %q", orig, req.URL.Opaque) - } else { - return nil, fmt.Errorf("invalid request :path %q", orig) - } - } - } - } - - // Check for any invalid headers+trailers and return an error before we - // potentially pollute our hpack state. (We want to be able to - // continue to reuse the hpack encoder for future requests) - if err := validateHeaders(req.Header); err != "" { - return nil, fmt.Errorf("invalid HTTP header %s", err) - } - if err := validateHeaders(req.Trailer); err != "" { - return nil, fmt.Errorf("invalid HTTP trailer %s", err) - } - - enumerateHeaders := func(f func(name, value string)) { - // 8.1.2.3 Request Pseudo-Header Fields - // The :path pseudo-header field includes the path and query parts of the - // target URI (the path-absolute production and optionally a '?' character - // followed by the query production, see Sections 3.3 and 3.4 of - // [RFC3986]). - f(":authority", host) - m := req.Method - if m == "" { - m = http.MethodGet - } - f(":method", m) - if req.Method != "CONNECT" { - f(":path", path) - f(":scheme", req.URL.Scheme) - } - if trailers != "" { - f("trailer", trailers) - } - - var didUA bool - for k, vv := range req.Header { - if asciiEqualFold(k, "host") || asciiEqualFold(k, "content-length") { - // Host is :authority, already sent. - // Content-Length is automatic, set below. - continue - } else if asciiEqualFold(k, "connection") || - asciiEqualFold(k, "proxy-connection") || - asciiEqualFold(k, "transfer-encoding") || - asciiEqualFold(k, "upgrade") || - asciiEqualFold(k, "keep-alive") { - // Per 8.1.2.2 Connection-Specific Header - // Fields, don't send connection-specific - // fields. We have already checked if any - // are error-worthy so just ignore the rest. - continue - } else if asciiEqualFold(k, "user-agent") { - // Match Go's http1 behavior: at most one - // User-Agent. If set to nil or empty string, - // then omit it. Otherwise if not mentioned, - // include the default (below). - didUA = true - if len(vv) < 1 { - continue - } - vv = vv[:1] - if vv[0] == "" { - continue - } - } else if asciiEqualFold(k, "cookie") { - // Per 8.1.2.5 To allow for better compression efficiency, the - // Cookie header field MAY be split into separate header fields, - // each with one or more cookie-pairs. - for _, v := range vv { - for { - p := strings.IndexByte(v, ';') - if p < 0 { - break - } - f("cookie", v[:p]) - p++ - // strip space after semicolon if any. - for p+1 <= len(v) && v[p] == ' ' { - p++ - } - v = v[p:] - } - if len(v) > 0 { - f("cookie", v) - } - } - continue - } - - for _, v := range vv { - f(k, v) - } - } - if shouldSendReqContentLength(req.Method, contentLength) { - f("content-length", strconv.FormatInt(contentLength, 10)) - } - if addGzipHeader { - f("accept-encoding", "gzip") - } - if !didUA { - f("user-agent", defaultUserAgent) - } - } - - // Do a first pass over the headers counting bytes to ensure - // we don't exceed cc.peerMaxHeaderListSize. This is done as a - // separate pass before encoding the headers to prevent - // modifying the hpack state. - hlSize := uint64(0) - enumerateHeaders(func(name, value string) { - hf := hpack.HeaderField{Name: name, Value: value} - hlSize += uint64(hf.Size()) - }) - - if hlSize > cc.peerMaxHeaderListSize { - return nil, errRequestHeaderListSize - } - - trace := httptrace.ContextClientTrace(req.Context()) - traceHeaders := traceHasWroteHeaderField(trace) - - // Header list size is ok. Write the headers. - enumerateHeaders(func(name, value string) { - name, ascii := lowerHeader(name) - if !ascii { - // Skip writing invalid headers. Per RFC 7540, Section 8.1.2, header - // field names have to be ASCII characters (just as in HTTP/1.x). - return - } - cc.writeHeader(name, value) - if traceHeaders { - traceWroteHeaderField(trace, name, value) - } - }) - - return cc.hbuf.Bytes(), nil -} - -// shouldSendReqContentLength reports whether the http2.Transport should send -// a "content-length" request header. This logic is basically a copy of the net/http -// transferWriter.shouldSendContentLength. -// The contentLength is the corrected contentLength (so 0 means actually 0, not unknown). -// -1 means unknown. -func shouldSendReqContentLength(method string, contentLength int64) bool { - if contentLength > 0 { - return true - } - if contentLength < 0 { - return false - } - // For zero bodies, whether we send a content-length depends on the method. - // It also kinda doesn't matter for http2 either way, with END_STREAM. - switch method { - case "POST", "PUT", "PATCH": - return true - default: - return false - } -} - // requires cc.wmu be held. func (cc *ClientConn) encodeTrailers(trailer http.Header) ([]byte, error) { cc.hbuf.Reset() @@ -2167,7 +2044,7 @@ func (cc *ClientConn) encodeTrailers(trailer http.Header) ([]byte, error) { } for k, vv := range trailer { - lowKey, ascii := lowerHeader(k) + lowKey, ascii := httpcommon.LowerHeader(k) if !ascii { // Skip writing invalid headers. Per RFC 7540, Section 8.1.2, header // field names have to be ASCII characters (just as in HTTP/1.x). @@ -2199,7 +2076,7 @@ type resAndError struct { func (cc *ClientConn) addStreamLocked(cs *clientStream) { cs.flow.add(int32(cc.initialWindowSize)) cs.flow.setConnFlow(&cc.flow) - cs.inflow.init(transportDefaultStreamFlow) + cs.inflow.init(cc.initialStreamRecvWindowSize) cs.ID = cc.nextStreamID cc.nextStreamID += 2 cc.streams[cs.ID] = cs @@ -2215,10 +2092,10 @@ func (cc *ClientConn) forgetStreamID(id uint32) { if len(cc.streams) != slen-1 { panic("forgetting unknown stream id") } - cc.lastActive = time.Now() + cc.lastActive = cc.t.now() if len(cc.streams) == 0 && cc.idleTimer != nil { cc.idleTimer.Reset(cc.idleTimeout) - cc.lastIdle = time.Now() + cc.lastIdle = cc.t.now() } // Wake up writeRequestBody via clientStream.awaitFlowControl and // wake up RoundTrip if there is a pending request. @@ -2278,7 +2155,6 @@ func isEOFOrNetReadError(err error) bool { func (rl *clientConnReadLoop) cleanup() { cc := rl.cc - cc.t.connPool().MarkDead(cc) defer cc.closeConn() defer close(cc.readerDone) @@ -2302,6 +2178,27 @@ func (rl *clientConnReadLoop) cleanup() { } cc.closed = true + // If the connection has never been used, and has been open for only a short time, + // leave it in the connection pool for a little while. + // + // This avoids a situation where new connections are constantly created, + // added to the pool, fail, and are removed from the pool, without any error + // being surfaced to the user. + unusedWaitTime := 5 * time.Second + if cc.idleTimeout > 0 && unusedWaitTime > cc.idleTimeout { + unusedWaitTime = cc.idleTimeout + } + idleTime := cc.t.now().Sub(cc.lastActive) + if atomic.LoadUint32(&cc.atomicReused) == 0 && idleTime < unusedWaitTime && !cc.closedOnIdle { + cc.idleTimer = cc.t.afterFunc(unusedWaitTime-idleTime, func() { + cc.t.connPool().MarkDead(cc) + }) + } else { + cc.mu.Unlock() // avoid any deadlocks in MarkDead + cc.t.connPool().MarkDead(cc) + cc.mu.Lock() + } + for _, cs := range cc.streams { select { case <-cs.peerClosed: @@ -2313,6 +2210,13 @@ func (rl *clientConnReadLoop) cleanup() { } cc.cond.Broadcast() cc.mu.Unlock() + + if !cc.seenSettings { + // If we have a pending request that wants extended CONNECT, + // let it continue and fail with the connection error. + cc.extendedConnectAllowed = true + close(cc.seenSettingsChan) + } } // countReadFrameError calls Transport.CountError with a string @@ -2345,7 +2249,7 @@ func (cc *ClientConn) countReadFrameError(err error) { func (rl *clientConnReadLoop) run() error { cc := rl.cc gotSettings := false - readIdleTimeout := cc.t.ReadIdleTimeout + readIdleTimeout := cc.readIdleTimeout var t timer if readIdleTimeout != 0 { t = cc.t.afterFunc(readIdleTimeout, cc.healthCheck) @@ -2359,7 +2263,7 @@ func (rl *clientConnReadLoop) run() error { cc.vlogf("http2: Transport readFrame error on conn %p: (%T) %v", cc, err, err) } if se, ok := err.(StreamError); ok { - if cs := rl.streamByID(se.StreamID); cs != nil { + if cs := rl.streamByID(se.StreamID, notHeaderOrDataFrame); cs != nil { if se.Cause == nil { se.Cause = cc.fr.errDetail } @@ -2411,7 +2315,7 @@ func (rl *clientConnReadLoop) run() error { } func (rl *clientConnReadLoop) processHeaders(f *MetaHeadersFrame) error { - cs := rl.streamByID(f.StreamID) + cs := rl.streamByID(f.StreamID, headerOrDataFrame) if cs == nil { // We'd get here if we canceled a request while the // server had its response still in flight. So if this @@ -2499,7 +2403,7 @@ func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFra Status: status + " " + http.StatusText(statusCode), } for _, hf := range regularFields { - key := canonicalHeader(hf.Name) + key := httpcommon.CanonicalHeader(hf.Name) if key == "Trailer" { t := res.Trailer if t == nil { @@ -2507,7 +2411,7 @@ func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFra res.Trailer = t } foreachHeaderElement(hf.Value, func(v string) { - t[canonicalHeader(v)] = nil + t[httpcommon.CanonicalHeader(v)] = nil }) } else { vv := header[key] @@ -2529,15 +2433,34 @@ func (rl *clientConnReadLoop) handleResponse(cs *clientStream, f *MetaHeadersFra if f.StreamEnded() { return nil, errors.New("1xx informational response with END_STREAM flag") } - cs.num1xx++ - const max1xxResponses = 5 // arbitrary bound on number of informational responses, same as net/http - if cs.num1xx > max1xxResponses { - return nil, errors.New("http2: too many 1xx informational responses") - } if fn := cs.get1xxTraceFunc(); fn != nil { + // If the 1xx response is being delivered to the user, + // then they're responsible for limiting the number + // of responses. if err := fn(statusCode, textproto.MIMEHeader(header)); err != nil { return nil, err } + } else { + // If the user didn't examine the 1xx response, then we + // limit the size of all 1xx headers. + // + // This differs a bit from the HTTP/1 implementation, which + // limits the size of all 1xx headers plus the final response. + // Use the larger limit of MaxHeaderListSize and + // net/http.Transport.MaxResponseHeaderBytes. + limit := int64(cs.cc.t.maxHeaderListSize()) + if t1 := cs.cc.t.t1; t1 != nil && t1.MaxResponseHeaderBytes > limit { + limit = t1.MaxResponseHeaderBytes + } + for _, h := range f.Fields { + cs.totalHeaderSize += int64(h.Size()) + } + if cs.totalHeaderSize > limit { + if VerboseLogs { + log.Printf("http2: 1xx informational responses too large") + } + return nil, errors.New("header list too large") + } } if statusCode == 100 { traceGot100Continue(cs.trace) @@ -2612,7 +2535,7 @@ func (rl *clientConnReadLoop) processTrailers(cs *clientStream, f *MetaHeadersFr trailer := make(http.Header) for _, hf := range f.RegularFields() { - key := canonicalHeader(hf.Name) + key := httpcommon.CanonicalHeader(hf.Name) trailer[key] = append(trailer[key], hf.Value) } cs.trailer = trailer @@ -2721,7 +2644,7 @@ func (b transportResponseBody) Close() error { func (rl *clientConnReadLoop) processData(f *DataFrame) error { cc := rl.cc - cs := rl.streamByID(f.StreamID) + cs := rl.streamByID(f.StreamID, headerOrDataFrame) data := f.Data() if cs == nil { cc.mu.Lock() @@ -2856,9 +2779,22 @@ func (rl *clientConnReadLoop) endStreamError(cs *clientStream, err error) { cs.abortStream(err) } -func (rl *clientConnReadLoop) streamByID(id uint32) *clientStream { +// Constants passed to streamByID for documentation purposes. +const ( + headerOrDataFrame = true + notHeaderOrDataFrame = false +) + +// streamByID returns the stream with the given id, or nil if no stream has that id. +// If headerOrData is true, it clears rst.StreamPingsBlocked. +func (rl *clientConnReadLoop) streamByID(id uint32, headerOrData bool) *clientStream { rl.cc.mu.Lock() defer rl.cc.mu.Unlock() + if headerOrData { + // Work around an unfortunate gRPC behavior. + // See comment on ClientConn.rstStreamPingsBlocked for details. + rl.cc.rstStreamPingsBlocked = false + } cs := rl.cc.streams[id] if cs != nil && !cs.readAborted { return cs @@ -2952,6 +2888,21 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error { case SettingHeaderTableSize: cc.henc.SetMaxDynamicTableSize(s.Val) cc.peerMaxHeaderTableSize = s.Val + case SettingEnableConnectProtocol: + if err := s.Valid(); err != nil { + return err + } + // If the peer wants to send us SETTINGS_ENABLE_CONNECT_PROTOCOL, + // we require that it do so in the first SETTINGS frame. + // + // When we attempt to use extended CONNECT, we wait for the first + // SETTINGS frame to see if the server supports it. If we let the + // server enable the feature with a later SETTINGS frame, then + // users will see inconsistent results depending on whether we've + // seen that frame or not. + if !cc.seenSettings { + cc.extendedConnectAllowed = s.Val == 1 + } default: cc.vlogf("Unhandled Setting: %v", s) } @@ -2969,6 +2920,7 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error { // connection can establish to our default. cc.maxConcurrentStreams = defaultMaxConcurrentStreams } + close(cc.seenSettingsChan) cc.seenSettings = true } @@ -2977,7 +2929,7 @@ func (rl *clientConnReadLoop) processSettingsNoWrite(f *SettingsFrame) error { func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error { cc := rl.cc - cs := rl.streamByID(f.StreamID) + cs := rl.streamByID(f.StreamID, notHeaderOrDataFrame) if f.StreamID != 0 && cs == nil { return nil } @@ -3006,7 +2958,7 @@ func (rl *clientConnReadLoop) processWindowUpdate(f *WindowUpdateFrame) error { } func (rl *clientConnReadLoop) processResetStream(f *RSTStreamFrame) error { - cs := rl.streamByID(f.StreamID) + cs := rl.streamByID(f.StreamID, notHeaderOrDataFrame) if cs == nil { // TODO: return error if server tries to RST_STREAM an idle stream return nil @@ -3081,6 +3033,12 @@ func (rl *clientConnReadLoop) processPing(f *PingFrame) error { close(c) delete(cc.pings, f.Data) } + if cc.pendingResets > 0 { + // See clientStream.cleanupWriteRequest. + cc.pendingResets = 0 + cc.rstStreamPingsBlocked = true + cc.cond.Broadcast() + } return nil } cc := rl.cc @@ -3103,20 +3061,27 @@ func (rl *clientConnReadLoop) processPushPromise(f *PushPromiseFrame) error { return ConnectionError(ErrCodeProtocol) } -func (cc *ClientConn) writeStreamReset(streamID uint32, code ErrCode, err error) { +// writeStreamReset sends a RST_STREAM frame. +// When ping is true, it also sends a PING frame with a random payload. +func (cc *ClientConn) writeStreamReset(streamID uint32, code ErrCode, ping bool, err error) { // TODO: map err to more interesting error codes, once the // HTTP community comes up with some. But currently for // RST_STREAM there's no equivalent to GOAWAY frame's debug // data, and the error codes are all pretty vague ("cancel"). cc.wmu.Lock() cc.fr.WriteRSTStream(streamID, code) + if ping { + var payload [8]byte + rand.Read(payload[:]) + cc.fr.WritePing(false, payload) + } cc.bw.Flush() cc.wmu.Unlock() } var ( errResponseHeaderListSize = errors.New("http2: response header list larger than advertised limit") - errRequestHeaderListSize = errors.New("http2: request header list larger than peer's advertised limit") + errRequestHeaderListSize = httpcommon.ErrRequestHeaderListSize ) func (cc *ClientConn) logf(format string, args ...interface{}) { @@ -3263,7 +3228,7 @@ func traceGotConn(req *http.Request, cc *ClientConn, reused bool) { cc.mu.Lock() ci.WasIdle = len(cc.streams) == 0 && reused if ci.WasIdle && !cc.lastActive.IsZero() { - ci.IdleTime = time.Since(cc.lastActive) + ci.IdleTime = cc.t.timeSince(cc.lastActive) } cc.mu.Unlock() @@ -3300,16 +3265,6 @@ func traceFirstResponseByte(trace *httptrace.ClientTrace) { } } -func traceHasWroteHeaderField(trace *httptrace.ClientTrace) bool { - return trace != nil && trace.WroteHeaderField != nil -} - -func traceWroteHeaderField(trace *httptrace.ClientTrace, k, v string) { - if trace != nil && trace.WroteHeaderField != nil { - trace.WroteHeaderField(k, []string{v}) - } -} - func traceGot1xxResponseFunc(trace *httptrace.ClientTrace) func(int, textproto.MIMEHeader) error { if trace != nil { return trace.Got1xxResponse diff --git a/vendor/golang.org/x/net/http2/unencrypted.go b/vendor/golang.org/x/net/http2/unencrypted.go new file mode 100644 index 000000000..b2de21161 --- /dev/null +++ b/vendor/golang.org/x/net/http2/unencrypted.go @@ -0,0 +1,32 @@ +// Copyright 2024 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package http2 + +import ( + "crypto/tls" + "errors" + "net" +) + +const nextProtoUnencryptedHTTP2 = "unencrypted_http2" + +// unencryptedNetConnFromTLSConn retrieves a net.Conn wrapped in a *tls.Conn. +// +// TLSNextProto functions accept a *tls.Conn. +// +// When passing an unencrypted HTTP/2 connection to a TLSNextProto function, +// we pass a *tls.Conn with an underlying net.Conn containing the unencrypted connection. +// To be extra careful about mistakes (accidentally dropping TLS encryption in a place +// where we want it), the tls.Conn contains a net.Conn with an UnencryptedNetConn method +// that returns the actual connection we want to use. +func unencryptedNetConnFromTLSConn(tc *tls.Conn) (net.Conn, error) { + conner, ok := tc.NetConn().(interface { + UnencryptedNetConn() net.Conn + }) + if !ok { + return nil, errors.New("http2: TLS conn unexpectedly found in unencrypted handoff") + } + return conner.UnencryptedNetConn(), nil +} diff --git a/vendor/golang.org/x/net/http2/write.go b/vendor/golang.org/x/net/http2/write.go index 33f61398a..fdb35b947 100644 --- a/vendor/golang.org/x/net/http2/write.go +++ b/vendor/golang.org/x/net/http2/write.go @@ -13,6 +13,7 @@ import ( "golang.org/x/net/http/httpguts" "golang.org/x/net/http2/hpack" + "golang.org/x/net/internal/httpcommon" ) // writeFramer is implemented by any type that is used to write frames. @@ -131,6 +132,16 @@ func (se StreamError) writeFrame(ctx writeContext) error { func (se StreamError) staysWithinBuffer(max int) bool { return frameHeaderLen+4 <= max } +type writePing struct { + data [8]byte +} + +func (w writePing) writeFrame(ctx writeContext) error { + return ctx.Framer().WritePing(false, w.data) +} + +func (w writePing) staysWithinBuffer(max int) bool { return frameHeaderLen+len(w.data) <= max } + type writePingAck struct{ pf *PingFrame } func (w writePingAck) writeFrame(ctx writeContext) error { @@ -341,7 +352,7 @@ func encodeHeaders(enc *hpack.Encoder, h http.Header, keys []string) { } for _, k := range keys { vv := h[k] - k, ascii := lowerHeader(k) + k, ascii := httpcommon.LowerHeader(k) if !ascii { // Skip writing invalid headers. Per RFC 7540, Section 8.1.2, header // field names have to be ASCII characters (just as in HTTP/1.x). diff --git a/vendor/golang.org/x/net/internal/httpcommon/ascii.go b/vendor/golang.org/x/net/internal/httpcommon/ascii.go new file mode 100644 index 000000000..ed14da5af --- /dev/null +++ b/vendor/golang.org/x/net/internal/httpcommon/ascii.go @@ -0,0 +1,53 @@ +// Copyright 2025 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package httpcommon + +import "strings" + +// The HTTP protocols are defined in terms of ASCII, not Unicode. This file +// contains helper functions which may use Unicode-aware functions which would +// otherwise be unsafe and could introduce vulnerabilities if used improperly. + +// asciiEqualFold is strings.EqualFold, ASCII only. It reports whether s and t +// are equal, ASCII-case-insensitively. +func asciiEqualFold(s, t string) bool { + if len(s) != len(t) { + return false + } + for i := 0; i < len(s); i++ { + if lower(s[i]) != lower(t[i]) { + return false + } + } + return true +} + +// lower returns the ASCII lowercase version of b. +func lower(b byte) byte { + if 'A' <= b && b <= 'Z' { + return b + ('a' - 'A') + } + return b +} + +// isASCIIPrint returns whether s is ASCII and printable according to +// https://tools.ietf.org/html/rfc20#section-4.2. +func isASCIIPrint(s string) bool { + for i := 0; i < len(s); i++ { + if s[i] < ' ' || s[i] > '~' { + return false + } + } + return true +} + +// asciiToLower returns the lowercase version of s if s is ASCII and printable, +// and whether or not it was. +func asciiToLower(s string) (lower string, ok bool) { + if !isASCIIPrint(s) { + return "", false + } + return strings.ToLower(s), true +} diff --git a/vendor/golang.org/x/net/http2/headermap.go b/vendor/golang.org/x/net/internal/httpcommon/headermap.go similarity index 74% rename from vendor/golang.org/x/net/http2/headermap.go rename to vendor/golang.org/x/net/internal/httpcommon/headermap.go index 149b3dd20..92483d8e4 100644 --- a/vendor/golang.org/x/net/http2/headermap.go +++ b/vendor/golang.org/x/net/internal/httpcommon/headermap.go @@ -1,11 +1,11 @@ -// Copyright 2014 The Go Authors. All rights reserved. +// Copyright 2025 The Go Authors. All rights reserved. // Use of this source code is governed by a BSD-style // license that can be found in the LICENSE file. -package http2 +package httpcommon import ( - "net/http" + "net/textproto" "sync" ) @@ -82,13 +82,15 @@ func buildCommonHeaderMaps() { commonLowerHeader = make(map[string]string, len(common)) commonCanonHeader = make(map[string]string, len(common)) for _, v := range common { - chk := http.CanonicalHeaderKey(v) + chk := textproto.CanonicalMIMEHeaderKey(v) commonLowerHeader[chk] = v commonCanonHeader[v] = chk } } -func lowerHeader(v string) (lower string, ascii bool) { +// LowerHeader returns the lowercase form of a header name, +// used on the wire for HTTP/2 and HTTP/3 requests. +func LowerHeader(v string) (lower string, ascii bool) { buildCommonHeaderMapsOnce() if s, ok := commonLowerHeader[v]; ok { return s, true @@ -96,10 +98,18 @@ func lowerHeader(v string) (lower string, ascii bool) { return asciiToLower(v) } -func canonicalHeader(v string) string { +// CanonicalHeader canonicalizes a header name. (For example, "host" becomes "Host".) +func CanonicalHeader(v string) string { buildCommonHeaderMapsOnce() if s, ok := commonCanonHeader[v]; ok { return s } - return http.CanonicalHeaderKey(v) + return textproto.CanonicalMIMEHeaderKey(v) +} + +// CachedCanonicalHeader returns the canonical form of a well-known header name. +func CachedCanonicalHeader(v string) (string, bool) { + buildCommonHeaderMapsOnce() + s, ok := commonCanonHeader[v] + return s, ok } diff --git a/vendor/golang.org/x/net/internal/httpcommon/request.go b/vendor/golang.org/x/net/internal/httpcommon/request.go new file mode 100644 index 000000000..4b7055317 --- /dev/null +++ b/vendor/golang.org/x/net/internal/httpcommon/request.go @@ -0,0 +1,467 @@ +// Copyright 2025 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package httpcommon + +import ( + "context" + "errors" + "fmt" + "net/http/httptrace" + "net/textproto" + "net/url" + "sort" + "strconv" + "strings" + + "golang.org/x/net/http/httpguts" + "golang.org/x/net/http2/hpack" +) + +var ( + ErrRequestHeaderListSize = errors.New("request header list larger than peer's advertised limit") +) + +// Request is a subset of http.Request. +// It'd be simpler to pass an *http.Request, of course, but we can't depend on net/http +// without creating a dependency cycle. +type Request struct { + URL *url.URL + Method string + Host string + Header map[string][]string + Trailer map[string][]string + ActualContentLength int64 // 0 means 0, -1 means unknown +} + +// EncodeHeadersParam is parameters to EncodeHeaders. +type EncodeHeadersParam struct { + Request Request + + // AddGzipHeader indicates that an "accept-encoding: gzip" header should be + // added to the request. + AddGzipHeader bool + + // PeerMaxHeaderListSize, when non-zero, is the peer's MAX_HEADER_LIST_SIZE setting. + PeerMaxHeaderListSize uint64 + + // DefaultUserAgent is the User-Agent header to send when the request + // neither contains a User-Agent nor disables it. + DefaultUserAgent string +} + +// EncodeHeadersParam is the result of EncodeHeaders. +type EncodeHeadersResult struct { + HasBody bool + HasTrailers bool +} + +// EncodeHeaders constructs request headers common to HTTP/2 and HTTP/3. +// It validates a request and calls headerf with each pseudo-header and header +// for the request. +// The headerf function is called with the validated, canonicalized header name. +func EncodeHeaders(ctx context.Context, param EncodeHeadersParam, headerf func(name, value string)) (res EncodeHeadersResult, _ error) { + req := param.Request + + // Check for invalid connection-level headers. + if err := checkConnHeaders(req.Header); err != nil { + return res, err + } + + if req.URL == nil { + return res, errors.New("Request.URL is nil") + } + + host := req.Host + if host == "" { + host = req.URL.Host + } + host, err := httpguts.PunycodeHostPort(host) + if err != nil { + return res, err + } + if !httpguts.ValidHostHeader(host) { + return res, errors.New("invalid Host header") + } + + // isNormalConnect is true if this is a non-extended CONNECT request. + isNormalConnect := false + var protocol string + if vv := req.Header[":protocol"]; len(vv) > 0 { + protocol = vv[0] + } + if req.Method == "CONNECT" && protocol == "" { + isNormalConnect = true + } else if protocol != "" && req.Method != "CONNECT" { + return res, errors.New("invalid :protocol header in non-CONNECT request") + } + + // Validate the path, except for non-extended CONNECT requests which have no path. + var path string + if !isNormalConnect { + path = req.URL.RequestURI() + if !validPseudoPath(path) { + orig := path + path = strings.TrimPrefix(path, req.URL.Scheme+"://"+host) + if !validPseudoPath(path) { + if req.URL.Opaque != "" { + return res, fmt.Errorf("invalid request :path %q from URL.Opaque = %q", orig, req.URL.Opaque) + } else { + return res, fmt.Errorf("invalid request :path %q", orig) + } + } + } + } + + // Check for any invalid headers+trailers and return an error before we + // potentially pollute our hpack state. (We want to be able to + // continue to reuse the hpack encoder for future requests) + if err := validateHeaders(req.Header); err != "" { + return res, fmt.Errorf("invalid HTTP header %s", err) + } + if err := validateHeaders(req.Trailer); err != "" { + return res, fmt.Errorf("invalid HTTP trailer %s", err) + } + + trailers, err := commaSeparatedTrailers(req.Trailer) + if err != nil { + return res, err + } + + enumerateHeaders := func(f func(name, value string)) { + // 8.1.2.3 Request Pseudo-Header Fields + // The :path pseudo-header field includes the path and query parts of the + // target URI (the path-absolute production and optionally a '?' character + // followed by the query production, see Sections 3.3 and 3.4 of + // [RFC3986]). + f(":authority", host) + m := req.Method + if m == "" { + m = "GET" + } + f(":method", m) + if !isNormalConnect { + f(":path", path) + f(":scheme", req.URL.Scheme) + } + if protocol != "" { + f(":protocol", protocol) + } + if trailers != "" { + f("trailer", trailers) + } + + var didUA bool + for k, vv := range req.Header { + if asciiEqualFold(k, "host") || asciiEqualFold(k, "content-length") { + // Host is :authority, already sent. + // Content-Length is automatic, set below. + continue + } else if asciiEqualFold(k, "connection") || + asciiEqualFold(k, "proxy-connection") || + asciiEqualFold(k, "transfer-encoding") || + asciiEqualFold(k, "upgrade") || + asciiEqualFold(k, "keep-alive") { + // Per 8.1.2.2 Connection-Specific Header + // Fields, don't send connection-specific + // fields. We have already checked if any + // are error-worthy so just ignore the rest. + continue + } else if asciiEqualFold(k, "user-agent") { + // Match Go's http1 behavior: at most one + // User-Agent. If set to nil or empty string, + // then omit it. Otherwise if not mentioned, + // include the default (below). + didUA = true + if len(vv) < 1 { + continue + } + vv = vv[:1] + if vv[0] == "" { + continue + } + } else if asciiEqualFold(k, "cookie") { + // Per 8.1.2.5 To allow for better compression efficiency, the + // Cookie header field MAY be split into separate header fields, + // each with one or more cookie-pairs. + for _, v := range vv { + for { + p := strings.IndexByte(v, ';') + if p < 0 { + break + } + f("cookie", v[:p]) + p++ + // strip space after semicolon if any. + for p+1 <= len(v) && v[p] == ' ' { + p++ + } + v = v[p:] + } + if len(v) > 0 { + f("cookie", v) + } + } + continue + } else if k == ":protocol" { + // :protocol pseudo-header was already sent above. + continue + } + + for _, v := range vv { + f(k, v) + } + } + if shouldSendReqContentLength(req.Method, req.ActualContentLength) { + f("content-length", strconv.FormatInt(req.ActualContentLength, 10)) + } + if param.AddGzipHeader { + f("accept-encoding", "gzip") + } + if !didUA { + f("user-agent", param.DefaultUserAgent) + } + } + + // Do a first pass over the headers counting bytes to ensure + // we don't exceed cc.peerMaxHeaderListSize. This is done as a + // separate pass before encoding the headers to prevent + // modifying the hpack state. + if param.PeerMaxHeaderListSize > 0 { + hlSize := uint64(0) + enumerateHeaders(func(name, value string) { + hf := hpack.HeaderField{Name: name, Value: value} + hlSize += uint64(hf.Size()) + }) + + if hlSize > param.PeerMaxHeaderListSize { + return res, ErrRequestHeaderListSize + } + } + + trace := httptrace.ContextClientTrace(ctx) + + // Header list size is ok. Write the headers. + enumerateHeaders(func(name, value string) { + name, ascii := LowerHeader(name) + if !ascii { + // Skip writing invalid headers. Per RFC 7540, Section 8.1.2, header + // field names have to be ASCII characters (just as in HTTP/1.x). + return + } + + headerf(name, value) + + if trace != nil && trace.WroteHeaderField != nil { + trace.WroteHeaderField(name, []string{value}) + } + }) + + res.HasBody = req.ActualContentLength != 0 + res.HasTrailers = trailers != "" + return res, nil +} + +// IsRequestGzip reports whether we should add an Accept-Encoding: gzip header +// for a request. +func IsRequestGzip(method string, header map[string][]string, disableCompression bool) bool { + // TODO(bradfitz): this is a copy of the logic in net/http. Unify somewhere? + if !disableCompression && + len(header["Accept-Encoding"]) == 0 && + len(header["Range"]) == 0 && + method != "HEAD" { + // Request gzip only, not deflate. Deflate is ambiguous and + // not as universally supported anyway. + // See: https://zlib.net/zlib_faq.html#faq39 + // + // Note that we don't request this for HEAD requests, + // due to a bug in nginx: + // http://trac.nginx.org/nginx/ticket/358 + // https://golang.org/issue/5522 + // + // We don't request gzip if the request is for a range, since + // auto-decoding a portion of a gzipped document will just fail + // anyway. See https://golang.org/issue/8923 + return true + } + return false +} + +// checkConnHeaders checks whether req has any invalid connection-level headers. +// +// https://www.rfc-editor.org/rfc/rfc9114.html#section-4.2-3 +// https://www.rfc-editor.org/rfc/rfc9113.html#section-8.2.2-1 +// +// Certain headers are special-cased as okay but not transmitted later. +// For example, we allow "Transfer-Encoding: chunked", but drop the header when encoding. +func checkConnHeaders(h map[string][]string) error { + if vv := h["Upgrade"]; len(vv) > 0 && (vv[0] != "" && vv[0] != "chunked") { + return fmt.Errorf("invalid Upgrade request header: %q", vv) + } + if vv := h["Transfer-Encoding"]; len(vv) > 0 && (len(vv) > 1 || vv[0] != "" && vv[0] != "chunked") { + return fmt.Errorf("invalid Transfer-Encoding request header: %q", vv) + } + if vv := h["Connection"]; len(vv) > 0 && (len(vv) > 1 || vv[0] != "" && !asciiEqualFold(vv[0], "close") && !asciiEqualFold(vv[0], "keep-alive")) { + return fmt.Errorf("invalid Connection request header: %q", vv) + } + return nil +} + +func commaSeparatedTrailers(trailer map[string][]string) (string, error) { + keys := make([]string, 0, len(trailer)) + for k := range trailer { + k = CanonicalHeader(k) + switch k { + case "Transfer-Encoding", "Trailer", "Content-Length": + return "", fmt.Errorf("invalid Trailer key %q", k) + } + keys = append(keys, k) + } + if len(keys) > 0 { + sort.Strings(keys) + return strings.Join(keys, ","), nil + } + return "", nil +} + +// validPseudoPath reports whether v is a valid :path pseudo-header +// value. It must be either: +// +// - a non-empty string starting with '/' +// - the string '*', for OPTIONS requests. +// +// For now this is only used a quick check for deciding when to clean +// up Opaque URLs before sending requests from the Transport. +// See golang.org/issue/16847 +// +// We used to enforce that the path also didn't start with "//", but +// Google's GFE accepts such paths and Chrome sends them, so ignore +// that part of the spec. See golang.org/issue/19103. +func validPseudoPath(v string) bool { + return (len(v) > 0 && v[0] == '/') || v == "*" +} + +func validateHeaders(hdrs map[string][]string) string { + for k, vv := range hdrs { + if !httpguts.ValidHeaderFieldName(k) && k != ":protocol" { + return fmt.Sprintf("name %q", k) + } + for _, v := range vv { + if !httpguts.ValidHeaderFieldValue(v) { + // Don't include the value in the error, + // because it may be sensitive. + return fmt.Sprintf("value for header %q", k) + } + } + } + return "" +} + +// shouldSendReqContentLength reports whether we should send +// a "content-length" request header. This logic is basically a copy of the net/http +// transferWriter.shouldSendContentLength. +// The contentLength is the corrected contentLength (so 0 means actually 0, not unknown). +// -1 means unknown. +func shouldSendReqContentLength(method string, contentLength int64) bool { + if contentLength > 0 { + return true + } + if contentLength < 0 { + return false + } + // For zero bodies, whether we send a content-length depends on the method. + // It also kinda doesn't matter for http2 either way, with END_STREAM. + switch method { + case "POST", "PUT", "PATCH": + return true + default: + return false + } +} + +// ServerRequestParam is parameters to NewServerRequest. +type ServerRequestParam struct { + Method string + Scheme, Authority, Path string + Protocol string + Header map[string][]string +} + +// ServerRequestResult is the result of NewServerRequest. +type ServerRequestResult struct { + // Various http.Request fields. + URL *url.URL + RequestURI string + Trailer map[string][]string + + NeedsContinue bool // client provided an "Expect: 100-continue" header + + // If the request should be rejected, this is a short string suitable for passing + // to the http2 package's CountError function. + // It might be a bit odd to return errors this way rather than returing an error, + // but this ensures we don't forget to include a CountError reason. + InvalidReason string +} + +func NewServerRequest(rp ServerRequestParam) ServerRequestResult { + needsContinue := httpguts.HeaderValuesContainsToken(rp.Header["Expect"], "100-continue") + if needsContinue { + delete(rp.Header, "Expect") + } + // Merge Cookie headers into one "; "-delimited value. + if cookies := rp.Header["Cookie"]; len(cookies) > 1 { + rp.Header["Cookie"] = []string{strings.Join(cookies, "; ")} + } + + // Setup Trailers + var trailer map[string][]string + for _, v := range rp.Header["Trailer"] { + for _, key := range strings.Split(v, ",") { + key = textproto.CanonicalMIMEHeaderKey(textproto.TrimString(key)) + switch key { + case "Transfer-Encoding", "Trailer", "Content-Length": + // Bogus. (copy of http1 rules) + // Ignore. + default: + if trailer == nil { + trailer = make(map[string][]string) + } + trailer[key] = nil + } + } + } + delete(rp.Header, "Trailer") + + // "':authority' MUST NOT include the deprecated userinfo subcomponent + // for "http" or "https" schemed URIs." + // https://www.rfc-editor.org/rfc/rfc9113.html#section-8.3.1-2.3.8 + if strings.IndexByte(rp.Authority, '@') != -1 && (rp.Scheme == "http" || rp.Scheme == "https") { + return ServerRequestResult{ + InvalidReason: "userinfo_in_authority", + } + } + + var url_ *url.URL + var requestURI string + if rp.Method == "CONNECT" && rp.Protocol == "" { + url_ = &url.URL{Host: rp.Authority} + requestURI = rp.Authority // mimic HTTP/1 server behavior + } else { + var err error + url_, err = url.ParseRequestURI(rp.Path) + if err != nil { + return ServerRequestResult{ + InvalidReason: "bad_path", + } + } + requestURI = rp.Path + } + + return ServerRequestResult{ + URL: url_, + NeedsContinue: needsContinue, + RequestURI: requestURI, + Trailer: trailer, + } +} diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go index cebde7634..3c9576e2d 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_ppc64.go @@ -4,27 +4,27 @@ package socket type iovec struct { - Base *byte - Len uint64 + Base *byte + Len uint64 } type msghdr struct { - Name *byte - Namelen uint32 - Iov *iovec - Iovlen uint32 - Control *byte - Controllen uint32 - Flags int32 + Name *byte + Namelen uint32 + Iov *iovec + Iovlen uint32 + Control *byte + Controllen uint32 + Flags int32 } type cmsghdr struct { - Len uint32 - Level int32 - Type int32 + Len uint32 + Level int32 + Type int32 } const ( - sizeofIovec = 0x10 - sizeofMsghdr = 0x30 + sizeofIovec = 0x10 + sizeofMsghdr = 0x30 ) diff --git a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go index cebde7634..3c9576e2d 100644 --- a/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go +++ b/vendor/golang.org/x/net/internal/socket/zsys_openbsd_riscv64.go @@ -4,27 +4,27 @@ package socket type iovec struct { - Base *byte - Len uint64 + Base *byte + Len uint64 } type msghdr struct { - Name *byte - Namelen uint32 - Iov *iovec - Iovlen uint32 - Control *byte - Controllen uint32 - Flags int32 + Name *byte + Namelen uint32 + Iov *iovec + Iovlen uint32 + Control *byte + Controllen uint32 + Flags int32 } type cmsghdr struct { - Len uint32 - Level int32 - Type int32 + Len uint32 + Level int32 + Type int32 } const ( - sizeofIovec = 0x10 - sizeofMsghdr = 0x30 + sizeofIovec = 0x10 + sizeofMsghdr = 0x30 ) diff --git a/vendor/golang.org/x/sync/errgroup/errgroup.go b/vendor/golang.org/x/sync/errgroup/errgroup.go index 948a3ee63..a4ea5d14f 100644 --- a/vendor/golang.org/x/sync/errgroup/errgroup.go +++ b/vendor/golang.org/x/sync/errgroup/errgroup.go @@ -46,7 +46,7 @@ func (g *Group) done() { // returns a non-nil error or the first time Wait returns, whichever occurs // first. func WithContext(ctx context.Context) (*Group, context.Context) { - ctx, cancel := withCancelCause(ctx) + ctx, cancel := context.WithCancelCause(ctx) return &Group{cancel: cancel}, ctx } @@ -118,6 +118,7 @@ func (g *Group) TryGo(f func() error) bool { // SetLimit limits the number of active goroutines in this group to at most n. // A negative value indicates no limit. +// A limit of zero will prevent any new goroutines from being added. // // Any subsequent call to the Go method will block until it can add an active // goroutine without exceeding the configured limit. diff --git a/vendor/golang.org/x/sync/errgroup/go120.go b/vendor/golang.org/x/sync/errgroup/go120.go deleted file mode 100644 index f93c740b6..000000000 --- a/vendor/golang.org/x/sync/errgroup/go120.go +++ /dev/null @@ -1,13 +0,0 @@ -// Copyright 2023 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build go1.20 - -package errgroup - -import "context" - -func withCancelCause(parent context.Context) (context.Context, func(error)) { - return context.WithCancelCause(parent) -} diff --git a/vendor/golang.org/x/sync/errgroup/pre_go120.go b/vendor/golang.org/x/sync/errgroup/pre_go120.go deleted file mode 100644 index 88ce33434..000000000 --- a/vendor/golang.org/x/sync/errgroup/pre_go120.go +++ /dev/null @@ -1,14 +0,0 @@ -// Copyright 2023 The Go Authors. All rights reserved. -// Use of this source code is governed by a BSD-style -// license that can be found in the LICENSE file. - -//go:build !go1.20 - -package errgroup - -import "context" - -func withCancelCause(parent context.Context) (context.Context, func(error)) { - ctx, cancel := context.WithCancel(parent) - return ctx, func(error) { cancel() } -} diff --git a/vendor/golang.org/x/sys/unix/auxv.go b/vendor/golang.org/x/sys/unix/auxv.go new file mode 100644 index 000000000..37a82528f --- /dev/null +++ b/vendor/golang.org/x/sys/unix/auxv.go @@ -0,0 +1,36 @@ +// Copyright 2025 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build go1.21 && (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) + +package unix + +import ( + "syscall" + "unsafe" +) + +//go:linkname runtime_getAuxv runtime.getAuxv +func runtime_getAuxv() []uintptr + +// Auxv returns the ELF auxiliary vector as a sequence of key/value pairs. +// The returned slice is always a fresh copy, owned by the caller. +// It returns an error on non-ELF platforms, or if the auxiliary vector cannot be accessed, +// which happens in some locked-down environments and build modes. +func Auxv() ([][2]uintptr, error) { + vec := runtime_getAuxv() + vecLen := len(vec) + + if vecLen == 0 { + return nil, syscall.ENOENT + } + + if vecLen%2 != 0 { + return nil, syscall.EINVAL + } + + result := make([]uintptr, vecLen) + copy(result, vec) + return unsafe.Slice((*[2]uintptr)(unsafe.Pointer(&result[0])), vecLen/2), nil +} diff --git a/vendor/golang.org/x/sys/unix/auxv_unsupported.go b/vendor/golang.org/x/sys/unix/auxv_unsupported.go new file mode 100644 index 000000000..1200487f2 --- /dev/null +++ b/vendor/golang.org/x/sys/unix/auxv_unsupported.go @@ -0,0 +1,13 @@ +// Copyright 2025 The Go Authors. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +//go:build !go1.21 && (aix || darwin || dragonfly || freebsd || linux || netbsd || openbsd || solaris || zos) + +package unix + +import "syscall" + +func Auxv() ([][2]uintptr, error) { + return nil, syscall.ENOTSUP +} diff --git a/vendor/golang.org/x/sys/unix/syscall_solaris.go b/vendor/golang.org/x/sys/unix/syscall_solaris.go index 21974af06..abc395547 100644 --- a/vendor/golang.org/x/sys/unix/syscall_solaris.go +++ b/vendor/golang.org/x/sys/unix/syscall_solaris.go @@ -1102,3 +1102,90 @@ func (s *Strioctl) SetInt(i int) { func IoctlSetStrioctlRetInt(fd int, req int, s *Strioctl) (int, error) { return ioctlPtrRet(fd, req, unsafe.Pointer(s)) } + +// Ucred Helpers +// See ucred(3c) and getpeerucred(3c) + +//sys getpeerucred(fd uintptr, ucred *uintptr) (err error) +//sys ucredFree(ucred uintptr) = ucred_free +//sys ucredGet(pid int) (ucred uintptr, err error) = ucred_get +//sys ucredGeteuid(ucred uintptr) (uid int) = ucred_geteuid +//sys ucredGetegid(ucred uintptr) (gid int) = ucred_getegid +//sys ucredGetruid(ucred uintptr) (uid int) = ucred_getruid +//sys ucredGetrgid(ucred uintptr) (gid int) = ucred_getrgid +//sys ucredGetsuid(ucred uintptr) (uid int) = ucred_getsuid +//sys ucredGetsgid(ucred uintptr) (gid int) = ucred_getsgid +//sys ucredGetpid(ucred uintptr) (pid int) = ucred_getpid + +// Ucred is an opaque struct that holds user credentials. +type Ucred struct { + ucred uintptr +} + +// We need to ensure that ucredFree is called on the underlying ucred +// when the Ucred is garbage collected. +func ucredFinalizer(u *Ucred) { + ucredFree(u.ucred) +} + +func GetPeerUcred(fd uintptr) (*Ucred, error) { + var ucred uintptr + err := getpeerucred(fd, &ucred) + if err != nil { + return nil, err + } + result := &Ucred{ + ucred: ucred, + } + // set the finalizer on the result so that the ucred will be freed + runtime.SetFinalizer(result, ucredFinalizer) + return result, nil +} + +func UcredGet(pid int) (*Ucred, error) { + ucred, err := ucredGet(pid) + if err != nil { + return nil, err + } + result := &Ucred{ + ucred: ucred, + } + // set the finalizer on the result so that the ucred will be freed + runtime.SetFinalizer(result, ucredFinalizer) + return result, nil +} + +func (u *Ucred) Geteuid() int { + defer runtime.KeepAlive(u) + return ucredGeteuid(u.ucred) +} + +func (u *Ucred) Getruid() int { + defer runtime.KeepAlive(u) + return ucredGetruid(u.ucred) +} + +func (u *Ucred) Getsuid() int { + defer runtime.KeepAlive(u) + return ucredGetsuid(u.ucred) +} + +func (u *Ucred) Getegid() int { + defer runtime.KeepAlive(u) + return ucredGetegid(u.ucred) +} + +func (u *Ucred) Getrgid() int { + defer runtime.KeepAlive(u) + return ucredGetrgid(u.ucred) +} + +func (u *Ucred) Getsgid() int { + defer runtime.KeepAlive(u) + return ucredGetsgid(u.ucred) +} + +func (u *Ucred) Getpid() int { + defer runtime.KeepAlive(u) + return ucredGetpid(u.ucred) +} diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux.go b/vendor/golang.org/x/sys/unix/zerrors_linux.go index 6ebc48b3f..4f432bfe8 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux.go @@ -1245,6 +1245,7 @@ const ( FAN_REPORT_DFID_NAME = 0xc00 FAN_REPORT_DFID_NAME_TARGET = 0x1e00 FAN_REPORT_DIR_FID = 0x400 + FAN_REPORT_FD_ERROR = 0x2000 FAN_REPORT_FID = 0x200 FAN_REPORT_NAME = 0x800 FAN_REPORT_PIDFD = 0x80 @@ -1330,8 +1331,10 @@ const ( FUSE_SUPER_MAGIC = 0x65735546 FUTEXFS_SUPER_MAGIC = 0xbad1dea F_ADD_SEALS = 0x409 + F_CREATED_QUERY = 0x404 F_DUPFD = 0x0 F_DUPFD_CLOEXEC = 0x406 + F_DUPFD_QUERY = 0x403 F_EXLCK = 0x4 F_GETFD = 0x1 F_GETFL = 0x3 @@ -1551,6 +1554,7 @@ const ( IPPROTO_ROUTING = 0x2b IPPROTO_RSVP = 0x2e IPPROTO_SCTP = 0x84 + IPPROTO_SMC = 0x100 IPPROTO_TCP = 0x6 IPPROTO_TP = 0x1d IPPROTO_UDP = 0x11 @@ -1623,6 +1627,8 @@ const ( IPV6_UNICAST_IF = 0x4c IPV6_USER_FLOW = 0xe IPV6_V6ONLY = 0x1a + IPV6_VERSION = 0x60 + IPV6_VERSION_MASK = 0xf0 IPV6_XFRM_POLICY = 0x23 IP_ADD_MEMBERSHIP = 0x23 IP_ADD_SOURCE_MEMBERSHIP = 0x27 @@ -1867,6 +1873,7 @@ const ( MADV_UNMERGEABLE = 0xd MADV_WILLNEED = 0x3 MADV_WIPEONFORK = 0x12 + MAP_DROPPABLE = 0x8 MAP_FILE = 0x0 MAP_FIXED = 0x10 MAP_FIXED_NOREPLACE = 0x100000 @@ -1967,6 +1974,7 @@ const ( MSG_PEEK = 0x2 MSG_PROXY = 0x10 MSG_RST = 0x1000 + MSG_SOCK_DEVMEM = 0x2000000 MSG_SYN = 0x400 MSG_TRUNC = 0x20 MSG_TRYHARD = 0x4 @@ -2083,6 +2091,7 @@ const ( NFC_ATR_REQ_MAXSIZE = 0x40 NFC_ATR_RES_GB_MAXSIZE = 0x2f NFC_ATR_RES_MAXSIZE = 0x40 + NFC_ATS_MAXSIZE = 0x14 NFC_COMM_ACTIVE = 0x0 NFC_COMM_PASSIVE = 0x1 NFC_DEVICE_NAME_MAXSIZE = 0x8 @@ -2163,6 +2172,7 @@ const ( NFNL_SUBSYS_QUEUE = 0x3 NFNL_SUBSYS_ULOG = 0x4 NFS_SUPER_MAGIC = 0x6969 + NFT_BITWISE_BOOL = 0x0 NFT_CHAIN_FLAGS = 0x7 NFT_CHAIN_MAXNAMELEN = 0x100 NFT_CT_MAX = 0x17 @@ -2491,6 +2501,7 @@ const ( PR_GET_PDEATHSIG = 0x2 PR_GET_SECCOMP = 0x15 PR_GET_SECUREBITS = 0x1b + PR_GET_SHADOW_STACK_STATUS = 0x4a PR_GET_SPECULATION_CTRL = 0x34 PR_GET_TAGGED_ADDR_CTRL = 0x38 PR_GET_THP_DISABLE = 0x2a @@ -2499,6 +2510,7 @@ const ( PR_GET_TIMING = 0xd PR_GET_TSC = 0x19 PR_GET_UNALIGN = 0x5 + PR_LOCK_SHADOW_STACK_STATUS = 0x4c PR_MCE_KILL = 0x21 PR_MCE_KILL_CLEAR = 0x0 PR_MCE_KILL_DEFAULT = 0x2 @@ -2525,6 +2537,8 @@ const ( PR_PAC_GET_ENABLED_KEYS = 0x3d PR_PAC_RESET_KEYS = 0x36 PR_PAC_SET_ENABLED_KEYS = 0x3c + PR_PMLEN_MASK = 0x7f000000 + PR_PMLEN_SHIFT = 0x18 PR_PPC_DEXCR_CTRL_CLEAR = 0x4 PR_PPC_DEXCR_CTRL_CLEAR_ONEXEC = 0x10 PR_PPC_DEXCR_CTRL_EDITABLE = 0x1 @@ -2592,6 +2606,7 @@ const ( PR_SET_PTRACER = 0x59616d61 PR_SET_SECCOMP = 0x16 PR_SET_SECUREBITS = 0x1c + PR_SET_SHADOW_STACK_STATUS = 0x4b PR_SET_SPECULATION_CTRL = 0x35 PR_SET_SYSCALL_USER_DISPATCH = 0x3b PR_SET_TAGGED_ADDR_CTRL = 0x37 @@ -2602,6 +2617,9 @@ const ( PR_SET_UNALIGN = 0x6 PR_SET_VMA = 0x53564d41 PR_SET_VMA_ANON_NAME = 0x0 + PR_SHADOW_STACK_ENABLE = 0x1 + PR_SHADOW_STACK_PUSH = 0x4 + PR_SHADOW_STACK_WRITE = 0x2 PR_SME_GET_VL = 0x40 PR_SME_SET_VL = 0x3f PR_SME_SET_VL_ONEXEC = 0x40000 @@ -2911,7 +2929,6 @@ const ( RTM_NEWNEXTHOP = 0x68 RTM_NEWNEXTHOPBUCKET = 0x74 RTM_NEWNSID = 0x58 - RTM_NEWNVLAN = 0x70 RTM_NEWPREFIX = 0x34 RTM_NEWQDISC = 0x24 RTM_NEWROUTE = 0x18 @@ -2920,6 +2937,7 @@ const ( RTM_NEWTCLASS = 0x28 RTM_NEWTFILTER = 0x2c RTM_NEWTUNNEL = 0x78 + RTM_NEWVLAN = 0x70 RTM_NR_FAMILIES = 0x1b RTM_NR_MSGTYPES = 0x6c RTM_SETDCB = 0x4f diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go index c0d45e320..75207613c 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_386.go @@ -116,6 +116,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -304,6 +306,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go index c731d24f0..c68acda53 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_amd64.go @@ -116,6 +116,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -305,6 +307,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go index 680018a4a..a8c607ab8 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -310,6 +312,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go index a63909f30..18563dd8d 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_arm64.go @@ -109,6 +109,7 @@ const ( F_SETOWN = 0x8 F_UNLCK = 0x2 F_WRLCK = 0x1 + GCS_MAGIC = 0x47435300 HIDIOCGRAWINFO = 0x80084803 HIDIOCGRDESC = 0x90044802 HIDIOCGRDESCSIZE = 0x80044801 @@ -119,6 +120,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -302,6 +305,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go index 9b0a2573f..22912cdaa 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_loong64.go @@ -116,6 +116,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -297,6 +299,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go index 958e6e064..29344eb37 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x80 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xfffffff + IPV6_FLOWLABEL_MASK = 0xfffff ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -303,6 +305,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go index 50c7f25bd..20d51fb96 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x80 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xfffffff + IPV6_FLOWLABEL_MASK = 0xfffff ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -303,6 +305,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go index ced21d66d..321b60902 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mips64le.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x80 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -303,6 +305,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go index 226c04419..9bacdf1e2 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_mipsle.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x80 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -303,6 +305,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go index 3122737cd..c22427261 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xfffffff + IPV6_FLOWLABEL_MASK = 0xfffff ISIG = 0x80 IUCLC = 0x1000 IXOFF = 0x400 @@ -358,6 +360,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go index eb5d3467e..6270c8ee1 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xfffffff + IPV6_FLOWLABEL_MASK = 0xfffff ISIG = 0x80 IUCLC = 0x1000 IXOFF = 0x400 @@ -362,6 +364,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go index e921ebc60..9966c1941 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_ppc64le.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x80 IUCLC = 0x1000 IXOFF = 0x400 @@ -362,6 +364,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go index 38ba81c55..848e5fcc4 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_riscv64.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xffffff0f + IPV6_FLOWLABEL_MASK = 0xffff0f00 ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -294,6 +296,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go index 71f040097..669b2adb8 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_s390x.go @@ -115,6 +115,8 @@ const ( IN_CLOEXEC = 0x80000 IN_NONBLOCK = 0x800 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x7b9 + IPV6_FLOWINFO_MASK = 0xfffffff + IPV6_FLOWLABEL_MASK = 0xfffff ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -366,6 +368,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x36 SCM_TIMESTAMPING_PKTINFO = 0x3a SCM_TIMESTAMPNS = 0x23 + SCM_TS_OPT_ID = 0x51 SCM_TXTIME = 0x3d SCM_WIFI_STATUS = 0x29 SECCOMP_IOCTL_NOTIF_ADDFD = 0x40182103 diff --git a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go index c44a31332..4834e5751 100644 --- a/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zerrors_linux_sparc64.go @@ -119,6 +119,8 @@ const ( IN_CLOEXEC = 0x400000 IN_NONBLOCK = 0x4000 IOCTL_VM_SOCKETS_GET_LOCAL_CID = 0x200007b9 + IPV6_FLOWINFO_MASK = 0xfffffff + IPV6_FLOWLABEL_MASK = 0xfffff ISIG = 0x1 IUCLC = 0x200 IXOFF = 0x1000 @@ -357,6 +359,7 @@ const ( SCM_TIMESTAMPING_OPT_STATS = 0x38 SCM_TIMESTAMPING_PKTINFO = 0x3c SCM_TIMESTAMPNS = 0x21 + SCM_TS_OPT_ID = 0x5a SCM_TXTIME = 0x3f SCM_WIFI_STATUS = 0x25 SECCOMP_IOCTL_NOTIF_ADDFD = 0x80182103 diff --git a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go index 829b87feb..c6545413c 100644 --- a/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsyscall_solaris_amd64.go @@ -141,6 +141,16 @@ import ( //go:cgo_import_dynamic libc_getpeername getpeername "libsocket.so" //go:cgo_import_dynamic libc_setsockopt setsockopt "libsocket.so" //go:cgo_import_dynamic libc_recvfrom recvfrom "libsocket.so" +//go:cgo_import_dynamic libc_getpeerucred getpeerucred "libc.so" +//go:cgo_import_dynamic libc_ucred_get ucred_get "libc.so" +//go:cgo_import_dynamic libc_ucred_geteuid ucred_geteuid "libc.so" +//go:cgo_import_dynamic libc_ucred_getegid ucred_getegid "libc.so" +//go:cgo_import_dynamic libc_ucred_getruid ucred_getruid "libc.so" +//go:cgo_import_dynamic libc_ucred_getrgid ucred_getrgid "libc.so" +//go:cgo_import_dynamic libc_ucred_getsuid ucred_getsuid "libc.so" +//go:cgo_import_dynamic libc_ucred_getsgid ucred_getsgid "libc.so" +//go:cgo_import_dynamic libc_ucred_getpid ucred_getpid "libc.so" +//go:cgo_import_dynamic libc_ucred_free ucred_free "libc.so" //go:cgo_import_dynamic libc_port_create port_create "libc.so" //go:cgo_import_dynamic libc_port_associate port_associate "libc.so" //go:cgo_import_dynamic libc_port_dissociate port_dissociate "libc.so" @@ -280,6 +290,16 @@ import ( //go:linkname procgetpeername libc_getpeername //go:linkname procsetsockopt libc_setsockopt //go:linkname procrecvfrom libc_recvfrom +//go:linkname procgetpeerucred libc_getpeerucred +//go:linkname procucred_get libc_ucred_get +//go:linkname procucred_geteuid libc_ucred_geteuid +//go:linkname procucred_getegid libc_ucred_getegid +//go:linkname procucred_getruid libc_ucred_getruid +//go:linkname procucred_getrgid libc_ucred_getrgid +//go:linkname procucred_getsuid libc_ucred_getsuid +//go:linkname procucred_getsgid libc_ucred_getsgid +//go:linkname procucred_getpid libc_ucred_getpid +//go:linkname procucred_free libc_ucred_free //go:linkname procport_create libc_port_create //go:linkname procport_associate libc_port_associate //go:linkname procport_dissociate libc_port_dissociate @@ -420,6 +440,16 @@ var ( procgetpeername, procsetsockopt, procrecvfrom, + procgetpeerucred, + procucred_get, + procucred_geteuid, + procucred_getegid, + procucred_getruid, + procucred_getrgid, + procucred_getsuid, + procucred_getsgid, + procucred_getpid, + procucred_free, procport_create, procport_associate, procport_dissociate, @@ -2029,6 +2059,90 @@ func recvfrom(fd int, p []byte, flags int, from *RawSockaddrAny, fromlen *_Sockl // THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT +func getpeerucred(fd uintptr, ucred *uintptr) (err error) { + _, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procgetpeerucred)), 2, uintptr(fd), uintptr(unsafe.Pointer(ucred)), 0, 0, 0, 0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGet(pid int) (ucred uintptr, err error) { + r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procucred_get)), 1, uintptr(pid), 0, 0, 0, 0, 0) + ucred = uintptr(r0) + if e1 != 0 { + err = errnoErr(e1) + } + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGeteuid(ucred uintptr) (uid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_geteuid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + uid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGetegid(ucred uintptr) (gid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_getegid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + gid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGetruid(ucred uintptr) (uid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_getruid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + uid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGetrgid(ucred uintptr) (gid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_getrgid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + gid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGetsuid(ucred uintptr) (uid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_getsuid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + uid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGetsgid(ucred uintptr) (gid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_getsgid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + gid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredGetpid(ucred uintptr) (pid int) { + r0, _, _ := sysvicall6(uintptr(unsafe.Pointer(&procucred_getpid)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + pid = int(r0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + +func ucredFree(ucred uintptr) { + sysvicall6(uintptr(unsafe.Pointer(&procucred_free)), 1, uintptr(ucred), 0, 0, 0, 0, 0) + return +} + +// THIS FILE IS GENERATED BY THE COMMAND AT THE TOP; DO NOT EDIT + func port_create() (n int, err error) { r0, _, e1 := sysvicall6(uintptr(unsafe.Pointer(&procport_create)), 0, 0, 0, 0, 0, 0, 0) n = int(r0) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go index 524b0820c..c79aaff30 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_386.go @@ -458,4 +458,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go index f485dbf45..5eb450695 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_amd64.go @@ -381,4 +381,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go index 70b35bf3b..05e502974 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm.go @@ -422,4 +422,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go index 1893e2fe8..38c53ec51 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_arm64.go @@ -325,4 +325,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go index 16a4017da..31d2e71a1 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_loong64.go @@ -321,4 +321,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go index 7e567f1ef..f4184a336 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips.go @@ -442,4 +442,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 4460 SYS_LSM_LIST_MODULES = 4461 SYS_MSEAL = 4462 + SYS_SETXATTRAT = 4463 + SYS_GETXATTRAT = 4464 + SYS_LISTXATTRAT = 4465 + SYS_REMOVEXATTRAT = 4466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go index 38ae55e5e..05b996227 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64.go @@ -372,4 +372,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 5460 SYS_LSM_LIST_MODULES = 5461 SYS_MSEAL = 5462 + SYS_SETXATTRAT = 5463 + SYS_GETXATTRAT = 5464 + SYS_LISTXATTRAT = 5465 + SYS_REMOVEXATTRAT = 5466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go index 55e92e60a..43a256e9e 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mips64le.go @@ -372,4 +372,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 5460 SYS_LSM_LIST_MODULES = 5461 SYS_MSEAL = 5462 + SYS_SETXATTRAT = 5463 + SYS_GETXATTRAT = 5464 + SYS_LISTXATTRAT = 5465 + SYS_REMOVEXATTRAT = 5466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go index 60658d6a0..eea5ddfc2 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_mipsle.go @@ -442,4 +442,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 4460 SYS_LSM_LIST_MODULES = 4461 SYS_MSEAL = 4462 + SYS_SETXATTRAT = 4463 + SYS_GETXATTRAT = 4464 + SYS_LISTXATTRAT = 4465 + SYS_REMOVEXATTRAT = 4466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go index e203e8a7e..0d777bfbb 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc.go @@ -449,4 +449,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go index 5944b97d5..b44636502 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64.go @@ -421,4 +421,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go index c66d416da..0c7d21c18 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_ppc64le.go @@ -421,4 +421,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go index a5459e766..840539169 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_riscv64.go @@ -326,4 +326,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go index 01d86825b..fcf1b790d 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_s390x.go @@ -387,4 +387,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go index 7b703e77c..52d15b5f9 100644 --- a/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go +++ b/vendor/golang.org/x/sys/unix/zsysnum_linux_sparc64.go @@ -400,4 +400,8 @@ const ( SYS_LSM_SET_SELF_ATTR = 460 SYS_LSM_LIST_MODULES = 461 SYS_MSEAL = 462 + SYS_SETXATTRAT = 463 + SYS_GETXATTRAT = 464 + SYS_LISTXATTRAT = 465 + SYS_REMOVEXATTRAT = 466 ) diff --git a/vendor/golang.org/x/sys/unix/ztypes_linux.go b/vendor/golang.org/x/sys/unix/ztypes_linux.go index 5537148dc..a46abe647 100644 --- a/vendor/golang.org/x/sys/unix/ztypes_linux.go +++ b/vendor/golang.org/x/sys/unix/ztypes_linux.go @@ -4747,7 +4747,7 @@ const ( NL80211_ATTR_MAC_HINT = 0xc8 NL80211_ATTR_MAC_MASK = 0xd7 NL80211_ATTR_MAX_AP_ASSOC_STA = 0xca - NL80211_ATTR_MAX = 0x14c + NL80211_ATTR_MAX = 0x14d NL80211_ATTR_MAX_CRIT_PROT_DURATION = 0xb4 NL80211_ATTR_MAX_CSA_COUNTERS = 0xce NL80211_ATTR_MAX_MATCH_SETS = 0x85 @@ -5519,7 +5519,7 @@ const ( NL80211_MNTR_FLAG_CONTROL = 0x3 NL80211_MNTR_FLAG_COOK_FRAMES = 0x5 NL80211_MNTR_FLAG_FCSFAIL = 0x1 - NL80211_MNTR_FLAG_MAX = 0x6 + NL80211_MNTR_FLAG_MAX = 0x7 NL80211_MNTR_FLAG_OTHER_BSS = 0x4 NL80211_MNTR_FLAG_PLCPFAIL = 0x2 NL80211_MPATH_FLAG_ACTIVE = 0x1 @@ -6174,3 +6174,5 @@ type SockDiagReq struct { Family uint8 Protocol uint8 } + +const RTM_NEWNVLAN = 0x70 diff --git a/vendor/modules.txt b/vendor/modules.txt index 1001e6a84..78ccc928d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -275,7 +275,7 @@ github.com/redis/go-redis/v9/internal/util # github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 ## explicit github.com/titanous/rocacheck -# github.com/weppos/publicsuffix-go v0.40.3-0.20240815124645-a8ed110559c9 +# github.com/weppos/publicsuffix-go v0.40.3-0.20250307081557-c05521c3453a ## explicit; go 1.16 github.com/weppos/publicsuffix-go/publicsuffix # github.com/zmap/zcrypto v0.0.0-20231219022726-a1f61fb1661c @@ -366,8 +366,8 @@ go.opentelemetry.io/proto/otlp/collector/trace/v1 go.opentelemetry.io/proto/otlp/common/v1 go.opentelemetry.io/proto/otlp/resource/v1 go.opentelemetry.io/proto/otlp/trace/v1 -# golang.org/x/crypto v0.32.0 -## explicit; go 1.20 +# golang.org/x/crypto v0.36.0 +## explicit; go 1.23.0 golang.org/x/crypto/cryptobyte golang.org/x/crypto/cryptobyte/asn1 golang.org/x/crypto/ed25519 @@ -376,35 +376,36 @@ golang.org/x/crypto/pbkdf2 # golang.org/x/mod v0.18.0 ## explicit; go 1.18 golang.org/x/mod/semver -# golang.org/x/net v0.29.0 -## explicit; go 1.18 +# golang.org/x/net v0.37.0 +## explicit; go 1.23.0 golang.org/x/net/bpf golang.org/x/net/context/ctxhttp golang.org/x/net/http/httpguts golang.org/x/net/http2 golang.org/x/net/http2/hpack golang.org/x/net/idna +golang.org/x/net/internal/httpcommon golang.org/x/net/internal/iana golang.org/x/net/internal/socket golang.org/x/net/internal/timeseries golang.org/x/net/ipv4 golang.org/x/net/ipv6 golang.org/x/net/trace -# golang.org/x/sync v0.10.0 -## explicit; go 1.18 +# golang.org/x/sync v0.12.0 +## explicit; go 1.23.0 golang.org/x/sync/errgroup golang.org/x/sync/semaphore -# golang.org/x/sys v0.29.0 -## explicit; go 1.18 +# golang.org/x/sys v0.31.0 +## explicit; go 1.23.0 golang.org/x/sys/plan9 golang.org/x/sys/unix golang.org/x/sys/windows golang.org/x/sys/windows/registry -# golang.org/x/term v0.28.0 -## explicit; go 1.18 +# golang.org/x/term v0.30.0 +## explicit; go 1.23.0 golang.org/x/term -# golang.org/x/text v0.21.0 -## explicit; go 1.18 +# golang.org/x/text v0.23.0 +## explicit; go 1.23.0 golang.org/x/text/secure/bidirule golang.org/x/text/transform golang.org/x/text/unicode/bidi