rpms/golang
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import golang-1.18.4-3.el9

Browse Source
This commit is contained in:
CentOS Sources 2022-11-15 01:41:59 -05:00 committed by Stepan Oksanichenko
parent 7c2f01c33c
commit 3c9f46127b
7 changed files with 60 additions and 1205 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/go1.17.12-1-openssl-fips.tar.gz SOURCES/go1.18.4-1-openssl-fips.tar.gz

2
.golang.metadata
View File

@ -1 +1 @@
ba529d47d6ee80a2ddca1a20dd5a5aa72ab9bdbd SOURCES/go1.17.12-1-openssl-fips.tar.gz 3798a6b5b37624922f5da08860f39da457caa856 SOURCES/go1.18.4-1-openssl-fips.tar.gz

2
SOURCES/fix_TestScript_list_std.patch
View File

@ -1,5 +1,5 @@
diff --git a/src/cmd/go/testdata/script/list_std.txt b/src/cmd/go/testdata/script/list_std.txt diff --git a/src/cmd/go/testdata/script/list_std.txt b/src/cmd/go/testdata/script/list_std.txt
index 6ab1bd1674..4a00e436fd 100644 index 6ab1bd1..4a00e43 100644
--- a/src/cmd/go/testdata/script/list_std.txt --- a/src/cmd/go/testdata/script/list_std.txt
+++ b/src/cmd/go/testdata/script/list_std.txt +++ b/src/cmd/go/testdata/script/list_std.txt
@@ -6,7 +6,7 @@ env GO111MODULE=off @@ -6,7 +6,7 @@ env GO111MODULE=off

27
SOURCES/go1.5-zoneinfo_testing_only.patch
View File

@ -1,6 +1,7 @@
diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go.time go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go diff --git a/src/time/internal_test.go b/src/time/internal_test.go
--- go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go.time 2017-12-05 01:10:10.000000000 +0100 index f0dddb7..415949a 100644
+++ go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go 2017-12-05 14:55:10.574637475 +0100 --- a/src/time/internal_test.go
+++ b/src/time/internal_test.go
@@ -4,13 +4,15 @@ @@ -4,13 +4,15 @@
package time package time
@ -16,7 +17,7 @@ diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go.t
- z, err := loadLocation("America/Los_Angeles", zoneSources[len(zoneSources)-1:]) - z, err := loadLocation("America/Los_Angeles", zoneSources[len(zoneSources)-1:])
+ z, err := loadLocation("America/Los_Angeles", zoneSources) + z, err := loadLocation("America/Los_Angeles", zoneSources)
if err != nil { if err != nil {
panic("cannot load America/Los_Angeles for testing: " + err.Error()) panic("cannot load America/Los_Angeles for testing: " + err.Error() + "; you may want to use -tags=timetzdata")
} }
@@ -21,8 +23,9 @@ func initTestingZone() { @@ -21,8 +23,9 @@ func initTestingZone() {
var OrigZoneSources = zoneSources var OrigZoneSources = zoneSources
@ -29,10 +30,11 @@ diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go.t
if zipOnly { if zipOnly {
zoneSources = zoneSources[len(zoneSources)-1:] zoneSources = zoneSources[len(zoneSources)-1:]
} }
diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go.time go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go diff --git a/src/time/zoneinfo_test.go b/src/time/zoneinfo_test.go
--- go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go.time 2017-12-05 01:10:10.000000000 +0100 index f032aa7..e3e5547 100644
+++ go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go 2017-12-05 14:58:09.823109248 +0100 --- a/src/time/zoneinfo_test.go
@@ -8,6 +8,7 @@ import ( +++ b/src/time/zoneinfo_test.go
@@ -9,6 +9,7 @@ import (
"fmt" "fmt"
"os" "os"
"reflect" "reflect"
@ -40,7 +42,7 @@ diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go.t
"testing" "testing"
"time" "time"
) )
@@ -128,7 +129,7 @@ func TestLoadLocationFromTZData(t *testi @@ -137,7 +138,7 @@ func TestLoadLocationFromTZData(t *testing.T) {
t.Fatal(err) t.Fatal(err)
} }
@ -49,9 +51,10 @@ diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go.t
if err != nil { if err != nil {
t.Fatal(err) t.Fatal(err)
} }
diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go.time go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go diff --git a/src/time/zoneinfo_unix.go b/src/time/zoneinfo_unix.go
--- go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go.time 2017-12-05 01:10:10.000000000 +0100 index 23f8b3c..228db1b 100644
+++ go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go 2017-12-05 14:55:10.574637475 +0100 --- a/src/time/zoneinfo_unix.go
+++ b/src/time/zoneinfo_unix.go
@@ -12,7 +12,6 @@ @@ -12,7 +12,6 @@
package time package time

28
SOURCES/openssl_deprecated_algorithm_tests.patch
View File

@ -1,5 +1,5 @@
diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go
index 60c769c..b8aae23 100644 index a4f2e2dbbe..76701d2e2b 100644
--- a/src/crypto/rsa/pkcs1v15_test.go --- a/src/crypto/rsa/pkcs1v15_test.go
+++ b/src/crypto/rsa/pkcs1v15_test.go +++ b/src/crypto/rsa/pkcs1v15_test.go
@@ -52,6 +52,7 @@ var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{ @@ -52,6 +52,7 @@ var decryptPKCS1v15Tests = []DecryptPKCS1v15Test{
@ -41,9 +41,9 @@ index 60c769c..b8aae23 100644
+ t.Skip("not supported in FIPS mode") + t.Skip("not supported in FIPS mode")
// This tests that attempting to decrypt a session key where the // This tests that attempting to decrypt a session key where the
// ciphertext is too small doesn't run outside the array bounds. // ciphertext is too small doesn't run outside the array bounds.
var keys []*PrivateKey ciphertext, err := EncryptPKCS1v15(rand.Reader, &testRSA2048PrivateKey.PublicKey, []byte{1})
diff --git a/src/crypto/rsa/pss_test.go b/src/crypto/rsa/pss_test.go diff --git a/src/crypto/rsa/pss_test.go b/src/crypto/rsa/pss_test.go
index 2032b4b..fdddfab 100644 index b547a87c71..99e7882866 100644
--- a/src/crypto/rsa/pss_test.go --- a/src/crypto/rsa/pss_test.go
+++ b/src/crypto/rsa/pss_test.go +++ b/src/crypto/rsa/pss_test.go
@@ -77,6 +77,7 @@ func TestEMSAPSS(t *testing.T) { @@ -77,6 +77,7 @@ func TestEMSAPSS(t *testing.T) {
@ -55,17 +55,16 @@ index 2032b4b..fdddfab 100644
if err != nil { if err != nil {
t.Fatalf("Failed to open input file: %s", err) t.Fatalf("Failed to open input file: %s", err)
diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go diff --git a/src/crypto/rsa/rsa_test.go b/src/crypto/rsa/rsa_test.go
index cfe020e..d918841 100644 index 9aa67655ab..2f4e666abb 100644
--- a/src/crypto/rsa/rsa_test.go --- a/src/crypto/rsa/rsa_test.go
+++ b/src/crypto/rsa/rsa_test.go +++ b/src/crypto/rsa/rsa_test.go
@@ -123,38 +123,29 @@ func testKeyBasics(t *testing.T, priv *PrivateKey) { @@ -123,28 +123,29 @@ func testKeyBasics(t *testing.T, priv *PrivateKey) {
t.Errorf("private exponent too large") t.Errorf("private exponent too large")
} }
- if boring.Enabled() { - if boring.Enabled() {
- // Cannot call encrypt/decrypt directly. Test via PKCS1v15. - // Cannot call encrypt/decrypt directly. Test via PKCS1v15.
- msg := []byte("hi!") - msg := []byte("hi!")
- // Should not accept keys smaller than 2048 bits (256 bytes)
- if priv.Size() >= 256 { - if priv.Size() >= 256 {
- enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) - enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg)
- if err != nil { - if err != nil {
@ -81,22 +80,13 @@ index cfe020e..d918841 100644
- t.Errorf("got:%x want:%x (%+v)", dec, msg, priv) - t.Errorf("got:%x want:%x (%+v)", dec, msg, priv)
- } - }
- } else { - } else {
- enc, err := EncryptPKCS1v15(rand.Reader, &priv.PublicKey, msg) - t.Logf("skipping check for unsupported key less than 2048 bits")
- if err == nil {
- t.Errorf("EncryptPKCS1v15: Should not accept key of size %v", priv.Size() * 8)
- return
- }
- _ , err = DecryptPKCS1v15(rand.Reader, priv, enc)
- if err == nil {
- t.Errorf("DecryptPKCS1v15: Should not accept key of size %v", priv.Size() * 8)
- return
- }
- } - }
- return - return
- } - }
+ if boring.Enabled() { + if boring.Enabled() {
+ // Cannot call encrypt/decrypt directly. Test via EncryptOAEP. + // Cannot call encrypt/decrypt directly. Test via EncryptOAEP.
+ sha256 := sha256.New() + sha256 := sha256.New()
+ msg := []byte("hi!") + msg := []byte("hi!")
+ if priv.Size() >= 256 { + if priv.Size() >= 256 {
+ enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, msg, nil) + enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, msg, nil)
@ -120,13 +110,13 @@ index cfe020e..d918841 100644
pub := &priv.PublicKey pub := &priv.PublicKey
m := big.NewInt(42) m := big.NewInt(42)
@@ -323,6 +314,11 @@ func TestDecryptOAEP(t *testing.T) { @@ -312,6 +312,11 @@ func TestDecryptOAEP(t *testing.T) {
private.PublicKey = PublicKey{N: n, E: test.e} private.PublicKey = PublicKey{N: n, E: test.e}
private.D = d private.D = d
+ if boring.Enabled() && private.PublicKey.Size() < 256 { + if boring.Enabled() && private.PublicKey.Size() < 256 {
+ t.Logf("skipping check for unsupported key less than 2048 bits") + t.Logf("skipping check for unsupported key less than 2048 bits")
+ continue; + continue
+ } + }
+ t.Logf("running check for supported key size") + t.Logf("running check for supported key size")
for j, message := range test.msgs { for j, message := range test.msgs {

1142
SOURCES/rhbz1952381.patch
View File

File diff suppressed because it is too large Load Diff

62
SPECS/golang.spec
View File

@ -95,19 +95,18 @@
%global gohostarch s390x %global gohostarch s390x
%endif %endif
%global go_api 1.17 %global go_api 1.18
%global go_version 1.17.12 %global go_version 1.18.4
%global pkg_release 1 %global pkg_release 1
Name: golang Name: golang
Version: %{go_version} Version: %{go_version}
Release: 1%{?dist} Release: 3%{?dist}
Summary: The Go Programming Language Summary: The Go Programming Language
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
License: BSD and Public Domain License: BSD and Public Domain
URL: http://golang.org/ URL: http://golang.org/
Source0: https://github.com/golang-fips/go/archive/refs/tags/go%{go_version}-%{pkg_release}-openssl-fips.tar.gz Source0: https://github.com/golang-fips/go/archive/refs/tags/go%{go_version}-%{pkg_release}-openssl-fips.tar.gz
# make possible to override default traceback level at build time by setting build tag rpm_crashtraceback # make possible to override default traceback level at build time by setting build tag rpm_crashtraceback
Source1: fedora.go Source1: fedora.go
@ -145,9 +144,6 @@ Patch215: go1.5-zoneinfo_testing_only.patch
# Proposed patch by jcajka https://golang.org/cl/86541 # Proposed patch by jcajka https://golang.org/cl/86541
Patch221: fix_TestScript_list_std.patch Patch221: fix_TestScript_list_std.patch
# Port to openssl 3.0
Patch1952381: rhbz1952381.patch
Patch223: remove_ed25519vectors_test.patch Patch223: remove_ed25519vectors_test.patch
Patch224: openssl_deprecated_algorithm_tests.patch Patch224: openssl_deprecated_algorithm_tests.patch
@ -241,15 +237,9 @@ Requires: %{name} = %{version}-%{release}
%prep %prep
%setup -q -n go-go%{go_version}-%{pkg_release}-openssl-fips %setup -q -n go-go%{go_version}-%{pkg_release}-openssl-fips
%patch215 -p1 %patch215 -p1
%patch221 -p1 %patch221 -p1
%patch1952381 -p1
%patch223 -p1 %patch223 -p1
%patch224 -p1 %patch224 -p1
cp %{SOURCE1} ./src/runtime/ cp %{SOURCE1} ./src/runtime/
@ -434,12 +424,6 @@ export GO_LDFLAGS="-extldflags '$RPM_LD_FLAGS'"
export CGO_ENABLED=0 export CGO_ENABLED=0
%endif %endif
# work around aarch64 issue
# https://src.fedoraproject.org/rpms/golang/c/ea99ebaff6b9561243bb43039458771edb691eaf?branch=f32
%ifarch aarch64
export CGO_CFLAGS="-mno-outline-atomics"
%endif
# make sure to not timeout # make sure to not timeout
export GO_TEST_TIMEOUT_SCALE=2 export GO_TEST_TIMEOUT_SCALE=2
@ -452,6 +436,9 @@ export GO_TEST_RUN=""
./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN ./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
# tests timeout on ppc64le due to
# https://bugzilla.redhat.com/show_bug.cgi?id=2118776
%ifnarch ppc64le
export OPENSSL_FORCE_FIPS_MODE=1 export OPENSSL_FORCE_FIPS_MODE=1
# Run tests with FIPS enabled. # Run tests with FIPS enabled.
pushd crypto pushd crypto
@ -464,6 +451,8 @@ popd
pushd crypto/tls pushd crypto/tls
GOLANG_FIPS=1 go test -v -run "Boring" GOLANG_FIPS=1 go test -v -run "Boring"
popd popd
%endif
%else %else
./run.bash --no-rebuild -v -v -v -k || : ./run.bash --no-rebuild -v -v -v -k || :
%endif %endif
@ -525,19 +514,34 @@ cd ..
%endif %endif
%changelog %changelog
* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.17.12-1 * Tue Aug 16 2022 David Benoit <dbenoit@redhat.com> - 1.18.4-3
- Update Go to version 1.17.12 - Temporarily disable crypto tests on ppc64le
- Resolves: rhbz#2109183 - Related: rhbz#2109180
* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.17.7-2 * Wed Aug 10 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-2
- Clean up dist-git patches - Update to Go 1.18.4
- Resolves: rhbz#2109174 - Resolves: rhbz#2109180
- Deprecates keys smaller than 2048 bits in TestDecryptOAEP in boring mode
* Thu Feb 17 2022 David Benoit <dbenoit@redhat.com> - 1.17.7-1 * Fri Aug 05 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-1
- Rebase to Go 1.17.7 - Update to Go 1.18.4
- Update ecdsa tests to reject SHA1 signatures in boring mode - Resolves: rhbz#2109180
* Fri Jun 10 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-2
- Update deprecated openssl algorithms patch
- Rebuild against openssl-3.0.1-33
- Resolves: rhbz#2092136
- Related: rhbz#2092016
* Mon May 02 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-1
- Rebase to Go 1.18.2
- Move to github.com/golang-fips/go
- Resolves: rhbz#2075169
- Resolves: rhbz#2060769
- Resolves: rhbz#2067531
- Resolves: rhbz#2067536
- Resolves: rhbz#2067552
- Resolves: rhbz#2025637 - Resolves: rhbz#2025637
- Resolves: rhbz#1975396
* Mon Dec 13 2021 Alejandro Sáez <asm@redhat.com> - 1.17.5-1 * Mon Dec 13 2021 Alejandro Sáez <asm@redhat.com> - 1.17.5-1
- Rebase to Go 1.17.5 - Rebase to Go 1.17.5