all: replace io/ioutil with io and os package

Signed-off-by: cui fliter <imcusg@gmail.com>

acme/autocert/autocert_test.go

@@ -17,7 +17,7 @@ import (
 	"crypto/x509/pkix"
 	"encoding/asn1"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"math/big"
 	"net/http"
 	"net/http/httptest"
@@ -941,7 +941,7 @@ func TestEndToEndALPN(t *testing.T) {
 		t.Fatal(err)
 	}
 	defer res.Body.Close()
-	b, err := ioutil.ReadAll(res.Body)
+	b, err := io.ReadAll(res.Body)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -995,7 +995,7 @@ func TestEndToEndHTTP(t *testing.T) {
 		t.Fatal(err)
 	}
 	defer res.Body.Close()
-	b, err := ioutil.ReadAll(res.Body)
+	b, err := io.ReadAll(res.Body)
 	if err != nil {
 		t.Fatal(err)
 	}

acme/autocert/cache.go

@@ -7,7 +7,6 @@ package autocert
 import (
 	"context"
 	"errors"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 )
@@ -48,7 +47,7 @@ func (d DirCache) Get(ctx context.Context, name string) ([]byte, error) {
 		done = make(chan struct{})
 	)
 	go func() {
-		data, err = ioutil.ReadFile(name)
+		data, err = os.ReadFile(name)
 		close(done)
 	}()
 	select {
@@ -119,7 +118,7 @@ func (d DirCache) Delete(ctx context.Context, name string) error {
 // writeTempFile writes b to a temporary file, closes the file and returns its path.
 func (d DirCache) writeTempFile(prefix string, b []byte) (name string, reterr error) {
 	// TempFile uses 0600 permissions
-	f, err := ioutil.TempFile(string(d), prefix)
+	f, err := os.CreateTemp(string(d), prefix)
 	if err != nil {
 		return "", err
 	}

acme/autocert/cache_test.go

@@ -6,7 +6,6 @@ package autocert
 
 import (
 	"context"
-	"io/ioutil"
 	"os"
 	"path/filepath"
 	"reflect"
@@ -17,7 +16,7 @@ import (
 var _ Cache = DirCache("/")
 
 func TestDirCache(t *testing.T) {
-	dir, err := ioutil.TempDir("", "autocert")
+	dir, err := os.MkdirTemp("", "autocert")
 	if err != nil {
 		t.Fatal(err)
 	}

acme/http.go

@@ -12,7 +12,7 @@ import (
 	"encoding/json"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"math/big"
 	"net/http"
 	"strconv"
@@ -310,7 +310,7 @@ func isRetriable(code int) bool {
 func responseError(resp *http.Response) error {
 	// don't care if ReadAll returns an error:
 	// json.Unmarshal will fail in that case anyway
-	b, _ := ioutil.ReadAll(resp.Body)
+	b, _ := io.ReadAll(resp.Body)
 	e := &wireError{Status: resp.StatusCode}
 	if err := json.Unmarshal(b, e); err != nil {
 		// this is not a regular error response:

acme/http_test.go

@@ -7,7 +7,7 @@ package acme
 import (
 	"context"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"net/http"
 	"net/http/httptest"
 	"reflect"
@@ -54,7 +54,7 @@ func TestErrorResponse(t *testing.T) {
 	res := &http.Response{
 		StatusCode: 400,
 		Status:     "400 Bad Request",
-		Body:       ioutil.NopCloser(strings.NewReader(s)),
+		Body:       io.NopCloser(strings.NewReader(s)),
 		Header:     http.Header{"X-Foo": {"bar"}},
 	}
 	err := responseError(res)

acme/rfc8555.go

@@ -13,7 +13,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net/http"
 	"time"
 )
@@ -390,7 +389,7 @@ func (c *Client) fetchCertRFC(ctx context.Context, url string, bundle bool) ([][
 	// Get all the bytes up to a sane maximum.
 	// Account very roughly for base64 overhead.
 	const max = maxCertChainSize + maxCertChainSize/33
-	b, err := ioutil.ReadAll(io.LimitReader(res.Body, max+1))
+	b, err := io.ReadAll(io.LimitReader(res.Body, max+1))
 	if err != nil {
 		return nil, fmt.Errorf("acme: fetch cert response stream: %v", err)
 	}
@@ -469,7 +468,7 @@ func (c *Client) ListCertAlternates(ctx context.Context, url string) ([]string,
 
 	// We don't need the body but we need to discard it so we don't end up
 	// preventing keep-alive
-	if _, err := io.Copy(ioutil.Discard, res.Body); err != nil {
+	if _, err := io.Copy(io.Discard, res.Body); err != nil {
 		return nil, fmt.Errorf("acme: cert alternates response stream: %v", err)
 	}
 	alts := linkHeader(res.Header, "alternate")

acme/rfc8555_test.go

@@ -17,7 +17,7 @@ import (
 	"encoding/pem"
 	"errors"
 	"fmt"
-	"io/ioutil"
+	"io"
 	"math/big"
 	"net/http"
 	"net/http/httptest"
@@ -148,7 +148,7 @@ func TestRFC_postKID(t *testing.T) {
 			w.Header().Set("Location", "/account-1")
 			w.Write([]byte(`{"status":"valid"}`))
 		case "/post":
-			b, _ := ioutil.ReadAll(r.Body) // check err later in decodeJWSxxx
+			b, _ := io.ReadAll(r.Body) // check err later in decodeJWSxxx
 			head, err := decodeJWSHead(bytes.NewReader(b))
 			if err != nil {
 				t.Errorf("decodeJWSHead: %v", err)
@@ -194,7 +194,7 @@ func TestRFC_postKID(t *testing.T) {
 		t.Fatal(err)
 	}
 	defer res.Body.Close()
-	b, _ := ioutil.ReadAll(res.Body) // don't care about err - just checking b
+	b, _ := io.ReadAll(res.Body) // don't care about err - just checking b
 	if string(b) != "pong" {
 		t.Errorf("res.Body = %q; want pong", b)
 	}
@@ -297,7 +297,7 @@ func TestRFC_Register(t *testing.T) {
 			"orders": %q
 		}`, email, s.url("/accounts/1/orders"))
 
-		b, _ := ioutil.ReadAll(r.Body) // check err later in decodeJWSxxx
+		b, _ := io.ReadAll(r.Body) // check err later in decodeJWSxxx
 		head, err := decodeJWSHead(bytes.NewReader(b))
 		if err != nil {
 			t.Errorf("decodeJWSHead: %v", err)
@@ -528,7 +528,7 @@ func TestRFC_UpdateReg(t *testing.T) {
 		w.WriteHeader(http.StatusOK)
 		w.Write([]byte(`{"status": "valid"}`))
 
-		b, _ := ioutil.ReadAll(r.Body) // check err later in decodeJWSxxx
+		b, _ := io.ReadAll(r.Body) // check err later in decodeJWSxxx
 		head, err := decodeJWSHead(bytes.NewReader(b))
 		if err != nil {
 			t.Errorf("decodeJWSHead: %v", err)
@@ -668,7 +668,7 @@ func TestRFC_DeactivateReg(t *testing.T) {
 			Orders:    s.url("/accounts/1/orders"),
 		})
 
-		b, _ := ioutil.ReadAll(r.Body) // check err later in decodeJWSxxx
+		b, _ := io.ReadAll(r.Body) // check err later in decodeJWSxxx
 		head, err := decodeJWSHead(bytes.NewReader(b))
 		if err != nil {
 			t.Errorf("decodeJWSHead: %v", err)
@@ -700,7 +700,7 @@ func TestRFC_DeactivateReg(t *testing.T) {
 			})
 		}
 		var req account
-		b, _ := ioutil.ReadAll(r.Body) // check err later in decodeJWSxxx
+		b, _ := io.ReadAll(r.Body) // check err later in decodeJWSxxx
 		head, err := decodeJWSHead(bytes.NewReader(b))
 		if err != nil {
 			t.Errorf("decodeJWSHead: %v", err)

internal/wycheproof/wycheproof_test.go

@@ -12,7 +12,6 @@ import (
 	"encoding/hex"
 	"encoding/json"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"os"
 	"os/exec"
@@ -62,7 +61,7 @@ func TestMain(m *testing.M) {
 }
 
 func readTestVector(t *testing.T, f string, dest interface{}) {
-	b, err := ioutil.ReadFile(filepath.Join(wycheproofTestVectorsDir, f))
+	b, err := os.ReadFile(filepath.Join(wycheproofTestVectorsDir, f))
 	if err != nil {
 		t.Fatalf("failed to read json file: %v", err)
 	}

openpgp/armor/armor_test.go

@@ -7,7 +7,7 @@ package armor
 import (
 	"bytes"
 	"hash/adler32"
-	"io/ioutil"
+	"io"
 	"testing"
 )
 
@@ -29,7 +29,7 @@ func TestDecodeEncode(t *testing.T) {
 		t.Errorf("result.Header: got:%#v", result.Header)
 	}
 
-	contents, err := ioutil.ReadAll(result.Body)
+	contents, err := io.ReadAll(result.Body)
 	if err != nil {
 		t.Error(err)
 	}

openpgp/packet/compressed_test.go

@@ -8,7 +8,6 @@ import (
 	"bytes"
 	"encoding/hex"
 	"io"
-	"io/ioutil"
 	"testing"
 )
 
@@ -25,7 +24,7 @@ func TestCompressed(t *testing.T) {
 		return
 	}
 
-	contents, err := ioutil.ReadAll(c.Body)
+	contents, err := io.ReadAll(c.Body)
 	if err != nil && err != io.EOF {
 		t.Error(err)
 		return

openpgp/packet/opaque.go

@@ -7,7 +7,6 @@ package packet
 import (
 	"bytes"
 	"io"
-	"io/ioutil"
 
 	"golang.org/x/crypto/openpgp/errors"
 )
@@ -26,7 +25,7 @@ type OpaquePacket struct {
 }
 
 func (op *OpaquePacket) parse(r io.Reader) (err error) {
-	op.Contents, err = ioutil.ReadAll(r)
+	op.Contents, err = io.ReadAll(r)
 	return
 }
 

openpgp/packet/packet_test.go

@@ -10,7 +10,6 @@ import (
 	"fmt"
 	"golang.org/x/crypto/openpgp/errors"
 	"io"
-	"io/ioutil"
 	"testing"
 )
 
@@ -100,7 +99,7 @@ var partialLengthReaderTests = []struct {
 func TestPartialLengthReader(t *testing.T) {
 	for i, test := range partialLengthReaderTests {
 		r := &partialLengthReader{readerFromHex(test.hexInput), 0, true}
-		out, err := ioutil.ReadAll(r)
+		out, err := io.ReadAll(r)
 		if test.err != nil {
 			if err != test.err {
 				t.Errorf("%d: expected different error got:%s want:%s", i, err, test.err)
@@ -172,7 +171,7 @@ func TestReadHeader(t *testing.T) {
 			continue
 		}
 
-		body, err := ioutil.ReadAll(contents)
+		body, err := io.ReadAll(contents)
 		if err != nil {
 			if !test.unexpectedEOF || err != io.ErrUnexpectedEOF {
 				t.Errorf("%d: unexpected error from contents: %s", i, err)

openpgp/packet/private_key.go

@@ -13,7 +13,6 @@ import (
 	"crypto/rsa"
 	"crypto/sha1"
 	"io"
-	"io/ioutil"
 	"math/big"
 	"strconv"
 	"time"
@@ -133,7 +132,7 @@ func (pk *PrivateKey) parse(r io.Reader) (err error) {
 		}
 	}
 
-	pk.encryptedData, err = ioutil.ReadAll(r)
+	pk.encryptedData, err = io.ReadAll(r)
 	if err != nil {
 		return
 	}

openpgp/packet/signature_v3_test.go

@@ -9,7 +9,6 @@ import (
 	"crypto"
 	"encoding/hex"
 	"io"
-	"io/ioutil"
 	"testing"
 
 	"golang.org/x/crypto/openpgp/armor"
@@ -45,7 +44,7 @@ func TestSignatureV3Reserialize(t *testing.T) {
 		t.Errorf("error reserializing: %s", err)
 		return
 	}
-	expected, err := ioutil.ReadAll(v3KeyReader(t))
+	expected, err := io.ReadAll(v3KeyReader(t))
 	if err != nil {
 		t.Error(err)
 		return

openpgp/packet/symmetric_key_encrypted_test.go

@@ -8,7 +8,6 @@ import (
 	"bytes"
 	"encoding/hex"
 	"io"
-	"io/ioutil"
 	"testing"
 )
 
@@ -46,7 +45,7 @@ func TestSymmetricKeyEncrypted(t *testing.T) {
 		return
 	}
 
-	contents, err := ioutil.ReadAll(r)
+	contents, err := io.ReadAll(r)
 	if err != nil && err != io.EOF {
 		t.Error(err)
 		return

openpgp/packet/symmetrically_encrypted.go

@@ -236,7 +236,7 @@ func (w *seMDCWriter) Close() (err error) {
 	return w.w.Close()
 }
 
-// noOpCloser is like an ioutil.NopCloser, but for an io.Writer.
+// noOpCloser is like an io.NopCloser, but for an io.Writer.
 type noOpCloser struct {
 	w io.Writer
 }

openpgp/packet/symmetrically_encrypted_test.go

@@ -10,7 +10,6 @@ import (
 	"encoding/hex"
 	"golang.org/x/crypto/openpgp/errors"
 	"io"
-	"io/ioutil"
 	"testing"
 )
 
@@ -42,7 +41,7 @@ func testMDCReader(t *testing.T) {
 	for stride := 1; stride < len(mdcPlaintext)/2; stride++ {
 		r := &testReader{data: mdcPlaintext, stride: stride}
 		mdcReader := &seMDCReader{in: r, h: sha1.New()}
-		body, err := ioutil.ReadAll(mdcReader)
+		body, err := io.ReadAll(mdcReader)
 		if err != nil {
 			t.Errorf("stride: %d, error: %s", stride, err)
 			continue
@@ -62,7 +61,7 @@ func testMDCReader(t *testing.T) {
 
 	r := &testReader{data: mdcPlaintext, stride: 2}
 	mdcReader := &seMDCReader{in: r, h: sha1.New()}
-	_, err := ioutil.ReadAll(mdcReader)
+	_, err := io.ReadAll(mdcReader)
 	if err != nil {
 		t.Errorf("corruption test, error: %s", err)
 		return

openpgp/packet/userattribute.go

@@ -9,7 +9,6 @@ import (
 	"image"
 	"image/jpeg"
 	"io"
-	"io/ioutil"
 )
 
 const UserAttrImageSubpacket = 1
@@ -56,7 +55,7 @@ func NewUserAttribute(contents ...*OpaqueSubpacket) *UserAttribute {
 
 func (uat *UserAttribute) parse(r io.Reader) (err error) {
 	// RFC 4880, section 5.13
-	b, err := ioutil.ReadAll(r)
+	b, err := io.ReadAll(r)
 	if err != nil {
 		return
 	}

openpgp/packet/userid.go

@@ -6,7 +6,6 @@ package packet
 
 import (
 	"io"
-	"io/ioutil"
 	"strings"
 )
 
@@ -66,7 +65,7 @@ func NewUserId(name, comment, email string) *UserId {
 
 func (uid *UserId) parse(r io.Reader) (err error) {
 	// RFC 4880, section 5.11
-	b, err := ioutil.ReadAll(r)
+	b, err := io.ReadAll(r)
 	if err != nil {
 		return
 	}

openpgp/read_test.go

@@ -9,7 +9,6 @@ import (
 	_ "crypto/sha512"
 	"encoding/hex"
 	"io"
-	"io/ioutil"
 	"strings"
 	"testing"
 
@@ -128,7 +127,7 @@ func checkSignedMessage(t *testing.T, signedHex, expected string) {
 		t.Errorf("bad MessageDetails: %#v", md)
 	}
 
-	contents, err := ioutil.ReadAll(md.UnverifiedBody)
+	contents, err := io.ReadAll(md.UnverifiedBody)
 	if err != nil {
 		t.Errorf("error reading UnverifiedBody: %s", err)
 	}
@@ -221,7 +220,7 @@ func TestSignedEncryptedMessage(t *testing.T) {
 			t.Errorf("#%d: bad MessageDetails: %#v", i, md)
 		}
 
-		contents, err := ioutil.ReadAll(md.UnverifiedBody)
+		contents, err := io.ReadAll(md.UnverifiedBody)
 		if err != nil {
 			t.Errorf("#%d: error reading UnverifiedBody: %s", i, err)
 		}
@@ -245,7 +244,7 @@ func TestUnspecifiedRecipient(t *testing.T) {
 		return
 	}
 
-	contents, err := ioutil.ReadAll(md.UnverifiedBody)
+	contents, err := io.ReadAll(md.UnverifiedBody)
 	if err != nil {
 		t.Errorf("error reading UnverifiedBody: %s", err)
 	}
@@ -280,7 +279,7 @@ func TestSymmetricallyEncrypted(t *testing.T) {
 		return
 	}
 
-	contents, err := ioutil.ReadAll(md.UnverifiedBody)
+	contents, err := io.ReadAll(md.UnverifiedBody)
 	if err != nil {
 		t.Errorf("ReadAll: %s", err)
 	}
@@ -454,7 +453,7 @@ func TestSignatureV3Message(t *testing.T) {
 		return
 	}
 
-	_, err = ioutil.ReadAll(md.UnverifiedBody)
+	_, err = io.ReadAll(md.UnverifiedBody)
 	if err != nil {
 		t.Error(err)
 		return

openpgp/write.go

@@ -402,7 +402,7 @@ func (s signatureWriter) Close() error {
 	return s.encryptedData.Close()
 }
 
-// noOpCloser is like an ioutil.NopCloser, but for an io.Writer.
+// noOpCloser is like an io.NopCloser, but for an io.Writer.
 // TODO: we have two of these in OpenPGP packages alone. This probably needs
 // to be promoted somewhere more common.
 type noOpCloser struct {

openpgp/write_test.go

@@ -7,7 +7,6 @@ package openpgp
 import (
 	"bytes"
 	"io"
-	"io/ioutil"
 	"testing"
 	"time"
 
@@ -245,7 +244,7 @@ func TestEncryption(t *testing.T) {
 			}
 		}
 
-		plaintext, err := ioutil.ReadAll(md.UnverifiedBody)
+		plaintext, err := io.ReadAll(md.UnverifiedBody)
 		if err != nil {
 			t.Errorf("#%d: error reading encrypted contents: %s", i, err)
 			continue
@@ -342,7 +341,7 @@ func TestSigning(t *testing.T) {
 			t.Errorf("#%d: failed to find the signing Entity", i)
 		}
 
-		plaintext, err := ioutil.ReadAll(md.UnverifiedBody)
+		plaintext, err := io.ReadAll(md.UnverifiedBody)
 		if err != nil {
 			t.Errorf("#%d: error reading contents: %v", i, err)
 			continue

ssh/cipher.go

@@ -15,7 +15,6 @@ import (
 	"fmt"
 	"hash"
 	"io"
-	"io/ioutil"
 
 	"golang.org/x/crypto/chacha20"
 	"golang.org/x/crypto/internal/poly1305"
@@ -497,7 +496,7 @@ func (c *cbcCipher) readCipherPacket(seqNum uint32, r io.Reader) ([]byte, error)
 			// data, to make distinguishing between
 			// failing MAC and failing length check more
 			// difficult.
-			io.CopyN(ioutil.Discard, r, int64(c.oracleCamouflage))
+			io.CopyN(io.Discard, r, int64(c.oracleCamouflage))
 		}
 	}
 	return p, err

ssh/example_test.go

@@ -8,7 +8,6 @@ import (
 	"bufio"
 	"bytes"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"net"
 	"net/http"
@@ -24,7 +23,7 @@ func ExampleNewServerConn() {
 	// Public key authentication is done by comparing
 	// the public key of a received connection
 	// with the entries in the authorized_keys file.
-	authorizedKeysBytes, err := ioutil.ReadFile("authorized_keys")
+	authorizedKeysBytes, err := os.ReadFile("authorized_keys")
 	if err != nil {
 		log.Fatalf("Failed to load authorized_keys, err: %v", err)
 	}
@@ -67,7 +66,7 @@ func ExampleNewServerConn() {
 		},
 	}
 
-	privateBytes, err := ioutil.ReadFile("id_rsa")
+	privateBytes, err := os.ReadFile("id_rsa")
 	if err != nil {
 		log.Fatal("Failed to load private key: ", err)
 	}
@@ -225,7 +224,7 @@ func ExamplePublicKeys() {
 	//
 	// If you have an encrypted private key, the crypto/x509 package
 	// can be used to decrypt it.
-	key, err := ioutil.ReadFile("/home/user/.ssh/id_rsa")
+	key, err := os.ReadFile("/home/user/.ssh/id_rsa")
 	if err != nil {
 		log.Fatalf("unable to read private key: %v", err)
 	}

ssh/mux_test.go

@@ -6,7 +6,6 @@ package ssh
 
 import (
 	"io"
-	"io/ioutil"
 	"sync"
 	"testing"
 	"time"
@@ -73,14 +72,14 @@ func TestMuxChannelExtendedThreadSafety(t *testing.T) {
 
 	rd.Add(2)
 	go func() {
-		c, err := ioutil.ReadAll(reader)
+		c, err := io.ReadAll(reader)
 		if string(c) != magic {
 			t.Fatalf("stdout read got %q, want %q (error %s)", c, magic, err)
 		}
 		rd.Done()
 	}()
 	go func() {
-		c, err := ioutil.ReadAll(reader.Stderr())
+		c, err := io.ReadAll(reader.Stderr())
 		if string(c) != magic {
 			t.Fatalf("stderr read got %q, want %q (error %s)", c, magic, err)
 		}
@@ -670,7 +669,7 @@ func TestZeroWindowAdjust(t *testing.T) {
 	}()
 
 	want := "helloworld"
-	c, _ := ioutil.ReadAll(b)
+	c, _ := io.ReadAll(b)
 	if string(c) != want {
 		t.Errorf("got %q want %q", c, want)
 	}

ssh/session.go

@@ -13,7 +13,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"sync"
 )
 
@@ -124,7 +123,7 @@ type Session struct {
 	// output and error.
 	//
 	// If either is nil, Run connects the corresponding file
-	// descriptor to an instance of ioutil.Discard. There is a
+	// descriptor to an instance of io.Discard. There is a
 	// fixed amount of buffering that is shared for the two streams.
 	// If either blocks it may eventually cause the remote
 	// command to block.
@@ -506,7 +505,7 @@ func (s *Session) stdout() {
 		return
 	}
 	if s.Stdout == nil {
-		s.Stdout = ioutil.Discard
+		s.Stdout = io.Discard
 	}
 	s.copyFuncs = append(s.copyFuncs, func() error {
 		_, err := io.Copy(s.Stdout, s.ch)
@@ -519,7 +518,7 @@ func (s *Session) stderr() {
 		return
 	}
 	if s.Stderr == nil {
-		s.Stderr = ioutil.Discard
+		s.Stderr = io.Discard
 	}
 	s.copyFuncs = append(s.copyFuncs, func() error {
 		_, err := io.Copy(s.Stderr, s.ch.Stderr())

ssh/session_test.go

@@ -11,7 +11,6 @@ import (
 	crypto_rand "crypto/rand"
 	"errors"
 	"io"
-	"io/ioutil"
 	"math/rand"
 	"net"
 	"testing"
@@ -531,7 +530,7 @@ func sendSignal(signal string, ch Channel, t *testing.T) {
 
 func discardHandler(ch Channel, t *testing.T) {
 	defer ch.Close()
-	io.Copy(ioutil.Discard, ch)
+	io.Copy(io.Discard, ch)
 }
 
 func echoHandler(ch Channel, in <-chan *Request, t *testing.T) {
@@ -606,7 +605,7 @@ func TestClientWriteEOF(t *testing.T) {
 	}
 	stdin.Close()
 
-	res, err := ioutil.ReadAll(stdout)
+	res, err := io.ReadAll(stdout)
 	if err != nil {
 		t.Fatalf("Read failed: %v", err)
 	}
@@ -618,7 +617,7 @@ func TestClientWriteEOF(t *testing.T) {
 
 func simpleEchoHandler(ch Channel, in <-chan *Request, t *testing.T) {
 	defer ch.Close()
-	data, err := ioutil.ReadAll(ch)
+	data, err := io.ReadAll(ch)
 	if err != nil {
 		t.Errorf("handler read error: %v", err)
 	}

ssh/test/dial_unix_test.go

@@ -12,7 +12,6 @@ package test
 import (
 	"fmt"
 	"io"
-	"io/ioutil"
 	"net"
 	"strings"
 	"testing"
@@ -55,7 +54,7 @@ func testDial(t *testing.T, n, listenAddr string, x dialTester) {
 	}
 	x.TestClientConn(t, conn)
 	defer conn.Close()
-	b, err := ioutil.ReadAll(conn)
+	b, err := io.ReadAll(conn)
 	if err != nil {
 		t.Fatalf("ReadAll: %v", err)
 	}

ssh/test/forward_unix_test.go

@@ -11,7 +11,6 @@ import (
 	"bytes"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"math/rand"
 	"net"
 	"testing"
@@ -58,7 +57,7 @@ func testPortForward(t *testing.T, n, listenAddr string) {
 
 	readChan := make(chan []byte)
 	go func() {
-		data, _ := ioutil.ReadAll(netConn)
+		data, _ := io.ReadAll(netConn)
 		readChan <- data
 	}()
 

ssh/test/test_unix_test.go

@@ -14,7 +14,6 @@ import (
 	"crypto/rand"
 	"encoding/base64"
 	"fmt"
-	"io/ioutil"
 	"log"
 	"net"
 	"os"
@@ -151,7 +150,7 @@ func clientConfig() *ssh.ClientConfig {
 // is used for connecting the Go SSH client with sshd without opening
 // ports.
 func unixConnection() (*net.UnixConn, *net.UnixConn, error) {
-	dir, err := ioutil.TempDir("", "unixConnection")
+	dir, err := os.MkdirTemp("", "unixConnection")
 	if err != nil {
 		return nil, nil, err
 	}
@@ -316,7 +315,7 @@ func newServerForConfig(t *testing.T, config string, configVars map[string]strin
 	if uname == "root" {
 		t.Skip("skipping test because current user is root")
 	}
-	dir, err := ioutil.TempDir("", "sshtest")
+	dir, err := os.MkdirTemp("", "sshtest")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -365,7 +364,7 @@ func newServerForConfig(t *testing.T, config string, configVars map[string]strin
 }
 
 func newTempSocket(t *testing.T) (string, func()) {
-	dir, err := ioutil.TempDir("", "socket")
+	dir, err := os.MkdirTemp("", "socket")
 	if err != nil {
 		t.Fatal(err)
 	}