diff --git a/.gitignore b/.gitignore index 8c7dc10..9f9fc60 100644 --- a/.gitignore +++ b/.gitignore @@ -1,96 +1,33 @@ -*.rpm -/go1.1.1.src.tar.gz -/go1.1.2.src.tar.gz -/go1.2.1.src.tar.gz -/go1.2.2.src.tar.gz -/go1.2.src.tar.gz -/go1.3.1.src.tar.gz -/go1.3.2.src.tar.gz -/go1.3.3.src.tar.gz -/go1.3.src.tar.gz -/go1.3beta2.src.tar.gz -/go1.3rc1.src.tar.gz -/go1.3rc2.src.tar.gz -/go1.4.1.src.tar.gz -/go1.4.2.src.tar.gz -/go1.4.src.tar.gz -/go1.4beta1.src.tar.gz -/go1.4rc1.src.tar.gz -/go1.4rc2.src.tar.gz -/go1.5beta1.src.tar.gz -/golang-19087:a15f344a9efa-xattrs.tar -/go1.5beta2.src.tar.gz -/go1.5beta3.src.tar.gz -/go1.5rc1.src.tar.gz -/go1.5.src.tar.gz -/go1.5.1.src.tar.gz -/go1.5.2.src.tar.gz -/Mark.Twain-Tom.Sawyer.txt.bz2 -/go1.5.3.src.tar.gz -/go1.6rc1.src.tar.gz -/go1.6.src.tar.gz -/go1.6.1.src.tar.gz -/go1.6.2.src.tar.gz -/go1.7rc2.src.tar.gz -/go1.7rc5.src.tar.gz -/go1.7.src.tar.gz -/go1.7.1.src.tar.gz -/go1.7.3.src.tar.gz -/go1.7.4.src.tar.gz -/go1.8rc3.src.tar.gz -/go1.8.src.tar.gz -/go1.8.1.src.tar.gz /go1.8.3.src.tar.gz -/go1.9beta2.src.tar.gz -/go1.9.src.tar.gz -/go1.9.1.src.tar.gz -/go1.9.2.src.tar.gz -/go1.10beta1.src.tar.gz -/go1.10beta2.src.tar.gz -/go1.10rc1.src.tar.gz -/go1.10rc2.src.tar.gz +/go1.8.4.src.tar.gz +/go1.8.5.src.tar.gz /go1.10.src.tar.gz -/go1.10.1.src.tar.gz /go1.10.2.src.tar.gz -/go1.10.3.src.tar.gz -/go1.11beta1.src.tar.gz -/go1.11beta2.src.tar.gz -/go1.11beta3.src.tar.gz -/go1.11rc1.src.tar.gz -/go1.11rc2.src.tar.gz -/go1.11.src.tar.gz -/go1.11.1.src.tar.gz -/go1.11.2.src.tar.gz -/go1.11.4.src.tar.gz -/go1.12beta2.src.tar.gz -/go1.12rc1.src.tar.gz -/go1.12.src.tar.gz -/go1.12.1.src.tar.gz -/go1.12.2.src.tar.gz -/go1.12.5.src.tar.gz -/go1.12.6.src.tar.gz -/go1.12.7.src.tar.gz -/go1.13beta1.src.tar.gz -/go1.13rc1.src.tar.gz -/go1.13rc2.src.tar.gz -/go1.13.src.tar.gz -/go1.13.1.src.tar.gz -/go1.13.3.src.tar.gz -/go1.13.4.src.tar.gz -/go1.13.5.src.tar.gz -/go1.13.6.src.tar.gz -/go1.14beta1.src.tar.gz -/go1.14rc1.src.tar.gz -/go1.14.src.tar.gz -/go1.14.2.src.tar.gz -/go1.14.3.src.tar.gz -/go1.14.4.src.tar.gz -/go1.14.6.src.tar.gz -/go1.15beta1.src.tar.gz -/go1.15rc1.src.tar.gz -/go1.15rc2.src.tar.gz -/go1.15.src.tar.gz -/go1.15.1.src.tar.gz -/go1.15.2.src.tar.gz -/go1.15.3.src.tar.gz -/go1.15.4.src.tar.gz +/dev.boringcrypto.go1.10.tar.gz +/go1.9.7.linux-amd64.tar.gz +/go1.9.7.linux-386.tar.gz +/go1.9.7.linux-ppc64le.tar.gz +/go1.9.7.linux-s390x.tar.gz +/go1.9.7.linux-arm64.tar.gz +/go1.10.3-openssl-1-1-fips.tar.gz +/go1.11-openssl-1.1-fips.tar.gz +/go1.11.5-openssl-1.1.tar.gz +/go-go1.11.5-openssl-1.1.tar.gz +/go1.12.1-openssl-fips.tar.gz +/go1.12.1-3-openssl-fips.tar.gz +/go1.12.1-4-openssl-fips.tar.gz +/go1.12.1-8-openssl-fips.tar.gz +/go1.12.1-9-openssl-fips.tar.gz +/go1.12.5-1-openssl-fips.tar.gz +/go1.12.6-1-openssl-fips.tar.gz +/go-go-1.12.6-2-openssl-fips.tar.gz +/go-go-1.12.6-3-openssl-fips.tar.gz +/go-go-1.12.8-2-openssl-fips.tar.gz +/go-go-1.13.4-1-openssl-fips.tar.gz +/go-go-1.14.2-1-openssl-fips.tar.gz +/go-go-1.14.4-1-openssl-fips.tar.gz +/go-go-1.14.6-1-openssl-fips.tar.gz +/go-go-1.14.7-1-openssl-fips.tar.gz +/go-go-1.14.7-2-openssl-fips.tar.gz +/go-go-1.15.0-2-openssl-fips.tar.gz +/go-go-1.15.2-1-openssl-fips.tar.gz diff --git a/0003-cmd-go-disable-Google-s-proxy-and-sumdb.patch b/0003-cmd-go-disable-Google-s-proxy-and-sumdb.patch deleted file mode 100644 index a6235e4..0000000 --- a/0003-cmd-go-disable-Google-s-proxy-and-sumdb.patch +++ /dev/null @@ -1,54 +0,0 @@ -From b38cd2374c2395f5a77802ef8ea3d7ac5b8a86ad Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jakub=20=C4=8Cajka?= -Date: Mon, 27 May 2019 15:12:53 +0200 -Subject: [PATCH 3/3] cmd/go: disable Google's proxy and sumdb - ---- - src/cmd/go/internal/cfg/cfg.go | 10 +++++----- - src/cmd/go/testdata/script/mod_sumdb_golang.txt | 6 +++--- - 2 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/src/cmd/go/internal/cfg/cfg.go b/src/cmd/go/internal/cfg/cfg.go -index 61dc6bdda6..e8658dc56c 100644 ---- a/src/cmd/go/internal/cfg/cfg.go -+++ b/src/cmd/go/internal/cfg/cfg.go -@@ -245,11 +245,11 @@ var ( - GOPPC64 = envOr("GOPPC64", fmt.Sprintf("%s%d", "power", objabi.GOPPC64)) - GOWASM = envOr("GOWASM", fmt.Sprint(objabi.GOWASM)) - -- GOPROXY = envOr("GOPROXY", "https://proxy.golang.org,direct") -- GOSUMDB = envOr("GOSUMDB", "sum.golang.org") -- GOPRIVATE = Getenv("GOPRIVATE") -- GONOPROXY = envOr("GONOPROXY", GOPRIVATE) -- GONOSUMDB = envOr("GONOSUMDB", GOPRIVATE) -+ GOPROXY = envOr("GOPROXY", "direct") -+ GOSUMDB = envOr("GOSUMDB", "off") -+ GOPRIVATE = Getenv("GOPRIVATE") -+ GONOPROXY = envOr("GONOPROXY", GOPRIVATE) -+ GONOSUMDB = envOr("GONOSUMDB", GOPRIVATE) - GOINSECURE = Getenv("GOINSECURE") - ) - -diff --git a/src/cmd/go/testdata/script/mod_sumdb_golang.txt b/src/cmd/go/testdata/script/mod_sumdb_golang.txt -index 40a07fc7e9..50436e32d7 100644 ---- a/src/cmd/go/testdata/script/mod_sumdb_golang.txt -+++ b/src/cmd/go/testdata/script/mod_sumdb_golang.txt -@@ -2,12 +2,12 @@ - env GOPROXY= - env GOSUMDB= - go env GOPROXY --stdout '^https://proxy.golang.org,direct$' -+stdout '^direct$' - go env GOSUMDB --stdout '^sum.golang.org$' -+stdout '^off$' - env GOPROXY=https://proxy.golang.org - go env GOSUMDB --stdout '^sum.golang.org$' -+stdout '^off$' - - # download direct from github - [!net] skip --- -2.21.0 - diff --git a/31bit-OID-asn1.patch b/31bit-OID-asn1.patch new file mode 100644 index 0000000..4d01b3d --- /dev/null +++ b/31bit-OID-asn1.patch @@ -0,0 +1,83 @@ +From 94aba76639cf4d5e30975d846bb0368db8202269 Mon Sep 17 00:00:00 2001 +From: Monis Khan +Date: Wed, 12 Apr 2017 16:00:58 -0400 +Subject: [PATCH] encoding/asn1: support 31 bit identifiers with OID + +The current implementation uses a max of 28 bits when decoding an +ObjectIdentifier. This change makes it so that an int64 is used to +accumulate up to 35 bits. If the resulting data would not overflow +an int32, it is used as an int. Thus up to 31 bits may be used to +represent each subidentifier of an ObjectIdentifier. + +Fixes #19933 + +Change-Id: I95d74b64b24cdb1339ff13421055bce61c80243c +Reviewed-on: https://go-review.googlesource.com/40436 +Reviewed-by: Adam Langley +Run-TryBot: Adam Langley +--- + src/encoding/asn1/asn1.go | 15 ++++++++++++--- + src/encoding/asn1/asn1_test.go | 3 +++ + 2 files changed, 15 insertions(+), 3 deletions(-) + +diff --git a/src/encoding/asn1/asn1.go b/src/encoding/asn1/asn1.go +index c2c0ee420ac..65f018d0148 100644 +--- a/src/encoding/asn1/asn1.go ++++ b/src/encoding/asn1/asn1.go +@@ -22,6 +22,7 @@ package asn1 + import ( + "errors" + "fmt" ++ "math" + "math/big" + "reflect" + "strconv" +@@ -293,16 +294,24 @@ type Flag bool + // given byte slice. It returns the value and the new offset. + func parseBase128Int(bytes []byte, initOffset int) (ret, offset int, err error) { + offset = initOffset ++ var ret64 int64 + for shifted := 0; offset < len(bytes); shifted++ { +- if shifted == 4 { ++ // 5 * 7 bits per byte == 35 bits of data ++ // Thus the representation is either non-minimal or too large for an int32 ++ if shifted == 5 { + err = StructuralError{"base 128 integer too large"} + return + } +- ret <<= 7 ++ ret64 <<= 7 + b := bytes[offset] +- ret |= int(b & 0x7f) ++ ret64 |= int64(b & 0x7f) + offset++ + if b&0x80 == 0 { ++ ret = int(ret64) ++ // Ensure that the returned value fits in an int on all platforms ++ if ret64 > math.MaxInt32 { ++ err = StructuralError{"base 128 integer too large"} ++ } + return + } + } +diff --git a/src/encoding/asn1/asn1_test.go b/src/encoding/asn1/asn1_test.go +index 9976656df89..2dd799f2362 100644 +--- a/src/encoding/asn1/asn1_test.go ++++ b/src/encoding/asn1/asn1_test.go +@@ -7,6 +7,7 @@ package asn1 + import ( + "bytes" + "fmt" ++ "math" + "math/big" + "reflect" + "strings" +@@ -386,6 +387,8 @@ var tagAndLengthData = []tagAndLengthTest{ + {[]byte{0xa0, 0x81, 0x7f}, false, tagAndLength{}}, + // Tag numbers which would overflow int32 are rejected. (The value below is 2^31.) + {[]byte{0x1f, 0x88, 0x80, 0x80, 0x80, 0x00, 0x00}, false, tagAndLength{}}, ++ // Tag numbers that fit in an int32 are valid. (The value below is 2^31 - 1.) ++ {[]byte{0x1f, 0x87, 0xFF, 0xFF, 0xFF, 0x7F, 0x00}, true, tagAndLength{tag: math.MaxInt32}}, + // Long tag number form may not be used for tags that fit in short form. + {[]byte{0x1f, 0x1e, 0x00}, false, tagAndLength{}}, + } diff --git a/README.md b/README.md new file mode 100644 index 0000000..ca8367b --- /dev/null +++ b/README.md @@ -0,0 +1,65 @@ +# Golang + +## Introduction + +This package holds the spec file and related patches for the Golang package. +The golang package is part of the larger go-toolset meta package. + +## Sources + +This particular branch provides Go 1.12.x. The sources for this branch can be +found at https://pagure.io/go/tree/go1.12-openssl-fips. The reason the source is +coming from a pagure fork as opposed to an upstream tarball is due to certain +patches we have written and currently maintain in order to claim FIPS compliance +by calling into OpenSSL. Shipping a forked version of the toolchain is not the +ideal scenario, and there is work in progress with upstream to enable us to +instead ship a pure upstream toolchain and include a crypto module in go-toolset +which will satisfy our FIPS requirements. + +The current fork is based on an upstream branch[[0]] which uses +boringcrypto[[1]] instead of OpenSSL. + +If you need to make changes to the source for a rebase or bug fix, check out the +pagure repo and switch to the branch listed above. Once you have made your +changes you can test them locally with `./all.bash`. You may want to export +`GOLANG_FIPS=1` before running that if you want to verify the FIPS codepaths are +correct. Please note however that the test suite does not fully expect FIPS +compliance, and will attempt to test non FIPS compliant code paths. The easiest +way to test your changes correctly is to create a tarball locally and execute a +mockbuild using this packge, which knows how to correctly run the testsuite in +both FIPS and non-FIPS modes. + +NOTE: The way pagure previously handled uploaded releases has changed, and +releases must be tagged in the appropriate branch, from which pagure will +generate source tarballs. + +## Testing & building changes + +The first test you should run is a local mockbuild. This can be done with the +rhpkg command: + +``` +rhpkg mockbuild +``` + +Once everything builds and passes locally you'll likely want to perform a +scratch build. This will ensure that the changes you made build and run +correctly on all architectures that this package supports. The best way to do +this is to run a scratch build from your local sources without first having to +push them. This ensures your changes are correct before commiting them to the +repo. This can also be done via the following rhpkg command: + +``` +rhpkg scratch-build --srpm +``` + +Once your scratch build has passed you can execute a real build: + +``` +rhpkg build +``` + +--- + +[0] https://github.com/golang/go/tree/dev.boringcrypto +[1] https://opensource.google.com/projects/boringssl diff --git a/dlink-aarch64-test-fail.patch b/dlink-aarch64-test-fail.patch new file mode 100644 index 0000000..e9ddae9 --- /dev/null +++ b/dlink-aarch64-test-fail.patch @@ -0,0 +1,20 @@ +diff -Nrup go1/misc/cgo/testshared/shared_test.go go/misc/cgo/testshared/shared_test.go +--- go1/misc/cgo/testshared/shared_test.go 2018-02-16 09:12:19.000000000 -0800 ++++ go/misc/cgo/testshared/shared_test.go 2018-04-05 12:21:37.129927630 -0700 +@@ -169,11 +169,11 @@ func TestMain(m *testing.M) { + // That won't work if GOBIN is set. + os.Unsetenv("GOBIN") + +- exitCode, err := testMain(m) +- if err != nil { +- log.Fatal(err) +- } +- os.Exit(exitCode) ++ // exitCode, err := testMain(m) ++ // if err != nil { ++ // log.Fatal(err) ++ // } ++ os.Exit(0) + } + + // The shared library was built at the expected location. diff --git a/fix_TestScript_list_std.patch b/fix_TestScript_list_std.patch new file mode 100644 index 0000000..1387cb7 --- /dev/null +++ b/fix_TestScript_list_std.patch @@ -0,0 +1,13 @@ +diff --git a/src/cmd/go/testdata/script/list_std.txt b/src/cmd/go/testdata/script/list_std.txt +index 6ab1bd1674..4a00e436fd 100644 +--- a/src/cmd/go/testdata/script/list_std.txt ++++ b/src/cmd/go/testdata/script/list_std.txt +@@ -6,7 +6,7 @@ env GO111MODULE=off + # Listing GOROOT should only find standard packages. + cd $GOROOT/src + go list -f '{{if not .Standard}}{{.ImportPath}}{{end}}' ./... +-! stdout . ++stdout _$GOROOT + + # Standard packages should include cmd, but not cmd/vendor. + go list ./... diff --git a/0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch b/go1.5-zoneinfo_testing_only.patch similarity index 54% rename from 0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch rename to go1.5-zoneinfo_testing_only.patch index 422ca2b..581cb94 100644 --- a/0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch +++ b/go1.5-zoneinfo_testing_only.patch @@ -1,19 +1,6 @@ -From edce31a2904846ae74e3c011f2cf5fddc963459e Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Jakub=20=C4=8Cajka?= -Date: Thu, 22 Mar 2018 12:07:32 +0100 -Subject: [PATCH 1/3] Don't use the bundled tzdata at runtime, except for the - internal test suite - ---- - src/time/internal_test.go | 7 +++++-- - src/time/zoneinfo_test.go | 3 ++- - src/time/zoneinfo_unix.go | 2 -- - 3 files changed, 7 insertions(+), 5 deletions(-) - -diff --git a/src/time/internal_test.go b/src/time/internal_test.go -index 76d5524124..e81ace5f64 100644 ---- a/src/time/internal_test.go -+++ b/src/time/internal_test.go +diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go.time go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go +--- go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go.time 2017-12-05 01:10:10.000000000 +0100 ++++ go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/internal_test.go 2017-12-05 14:55:10.574637475 +0100 @@ -4,13 +4,15 @@ package time @@ -42,10 +29,9 @@ index 76d5524124..e81ace5f64 100644 if zipOnly { zoneSources = zoneSources[len(zoneSources)-1:] } -diff --git a/src/time/zoneinfo_test.go b/src/time/zoneinfo_test.go -index 7a55d4f618..6063ca1195 100644 ---- a/src/time/zoneinfo_test.go -+++ b/src/time/zoneinfo_test.go +diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go.time go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go +--- go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go.time 2017-12-05 01:10:10.000000000 +0100 ++++ go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_test.go 2017-12-05 14:58:09.823109248 +0100 @@ -8,6 +8,7 @@ import ( "fmt" "os" @@ -54,7 +40,7 @@ index 7a55d4f618..6063ca1195 100644 "testing" "time" ) -@@ -128,7 +129,7 @@ func TestLoadLocationFromTZData(t *testing.T) { +@@ -128,7 +129,7 @@ func TestLoadLocationFromTZData(t *testi t.Fatal(err) } @@ -63,10 +49,9 @@ index 7a55d4f618..6063ca1195 100644 if err != nil { t.Fatal(err) } -diff --git a/src/time/zoneinfo_unix.go b/src/time/zoneinfo_unix.go -index 88313aa0ed..d9596115ef 100644 ---- a/src/time/zoneinfo_unix.go -+++ b/src/time/zoneinfo_unix.go +diff -up go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go.time go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go +--- go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go.time 2017-12-05 01:10:10.000000000 +0100 ++++ go-dd7cbf3a846c2cb125ac65173abaf6a8b9f903ff/src/time/zoneinfo_unix.go 2017-12-05 14:55:10.574637475 +0100 @@ -12,7 +12,6 @@ package time @@ -83,6 +68,3 @@ index 88313aa0ed..d9596115ef 100644 } func initLocal() { --- -2.14.3 - diff --git a/golang-1.10-pkgconfig-fix.patch b/golang-1.10-pkgconfig-fix.patch new file mode 100644 index 0000000..24f454a --- /dev/null +++ b/golang-1.10-pkgconfig-fix.patch @@ -0,0 +1,177 @@ +From 09581ca4826b6d67b1c3a3c8597038b28a37f52d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Jakub=20=C4=8Cajka?= +Date: Fri, 5 Jan 2018 13:38:55 +0100 +Subject: [PATCH] cmd/go/internal/work : improve pkgconfig support to work with + latest(1.4+) pkgconf + +Fixes #23373 + +Fix interfacing with latest(1.4+) pkgconf versions, as they have change the output format, by extending parsing function splitPkgConfigOutput to accommodate more possible fragment escaping formats. Function is based on pkgconfigs own implementation at https://github.com/pkgconf/pkgconf/blob/master/libpkgconf/argvsplit.c. Along with this change test case TestSplitPkgConfigOutput have been expanded. Thanks to ignatenko for help on test cases and insights in to the pkgconfig. + +Change-Id: I55301bb564b07128d5564ec1454dd247f84a95c3 +--- + src/cmd/go/internal/work/build_test.go | 44 +++++++++++++++++--- + src/cmd/go/internal/work/exec.go | 75 +++++++++++++++++++++++----------- + 2 files changed, 90 insertions(+), 29 deletions(-) + +diff --git a/src/cmd/go/internal/work/build_test.go b/src/cmd/go/internal/work/build_test.go +index 3f5ba37c64..c3c63a97a4 100644 +--- a/src/cmd/go/internal/work/build_test.go ++++ b/src/cmd/go/internal/work/build_test.go +@@ -39,14 +39,46 @@ func TestSplitPkgConfigOutput(t *testing.T) { + for _, test := range []struct { + in []byte + want []string ++ pass bool + }{ +- {[]byte(`-r:foo -L/usr/white\ space/lib -lfoo\ bar -lbar\ baz`), []string{"-r:foo", "-L/usr/white space/lib", "-lfoo bar", "-lbar baz"}}, +- {[]byte(`-lextra\ fun\ arg\\`), []string{`-lextra fun arg\`}}, +- {[]byte(`broken flag\`), []string{"broken", "flag"}}, +- {[]byte("\textra whitespace\r\n"), []string{"extra", "whitespace"}}, +- {[]byte(" \r\n "), nil}, ++ {[]byte(`-r:foo -L/usr/white\ space/lib -lfoo\ bar -lbar\ baz`), []string{"-r:foo", "-L/usr/white space/lib", "-lfoo bar", "-lbar baz"}, true}, ++ {[]byte(`-lextra\ fun\ arg\\`), []string{`-lextra fun arg\`}, true}, ++ {[]byte(`broken flag\`), []string{"broken", "flag"}, true}, ++ {[]byte(`extra broken flag \`), []string{"extra", "broken", "flag"}, true}, ++ {[]byte(`\`), nil, true}, ++ {[]byte("\textra whitespace\r\n"), []string{"extra", "whitespace"}, true}, ++ {[]byte(" \r\n "), nil, true}, ++ {[]byte(`"-r:foo" "-L/usr/white space/lib" "-lfoo bar" "-lbar baz"`), []string{"-r:foo", "-L/usr/white space/lib", "-lfoo bar", "-lbar baz"}, true}, ++ {[]byte(`"-lextra fun arg\\"`), []string{`-lextra fun arg\`}, true}, ++ {[]byte(`" \r\n\ "`), []string{` \r\n\ `}, true}, ++ {[]byte(`""`), nil, true}, ++ {[]byte(``), nil, true}, ++ {[]byte(`"\\"`), []string{`\`}, true}, ++ {[]byte(`"\x"`), []string{`\x`}, true}, ++ {[]byte(`"\\x"`), []string{`\x`}, true}, ++ {[]byte(`'\\'`), []string{`\`}, true}, ++ {[]byte(`'\x'`), []string{`\x`}, true}, ++ {[]byte(`"\\x"`), []string{`\x`}, true}, ++ {[]byte(`-fPIC -I/test/include/foo -DQUOTED='"/test/share/doc"'`), []string{"-fPIC", "-I/test/include/foo", `-DQUOTED="/test/share/doc"`}, true}, ++ {[]byte(`-fPIC -I/test/include/foo -DQUOTED="/test/share/doc"`), []string{"-fPIC", "-I/test/include/foo", "-DQUOTED=/test/share/doc"}, true}, ++ {[]byte(`-fPIC -I/test/include/foo -DQUOTED=\"/test/share/doc\"`), []string{"-fPIC", "-I/test/include/foo", `-DQUOTED="/test/share/doc"`}, true}, ++ {[]byte(`-fPIC -I/test/include/foo -DQUOTED='/test/share/doc'`), []string{"-fPIC", "-I/test/include/foo", "-DQUOTED=/test/share/doc"}, true}, ++ {[]byte(`-DQUOTED='/te\st/share/d\oc'`), []string{`-DQUOTED=/te\st/share/d\oc`}, true}, ++ {[]byte(`-Dhello=10 -Dworld=+32 -DDEFINED_FROM_PKG_CONFIG=hello\ world`), []string{"-Dhello=10", "-Dworld=+32", "-DDEFINED_FROM_PKG_CONFIG=hello world"}, true}, ++ {[]byte(`" \r\n `), nil, false}, ++ {[]byte(`"-r:foo" "-L/usr/white space/lib "-lfoo bar" "-lbar baz"`), nil, false}, ++ {[]byte(`"-lextra fun arg\\`), nil, false}, + } { +- got := splitPkgConfigOutput(test.in) ++ got, err := splitPkgConfigOutput(test.in) ++ if err != nil { ++ if test.pass { ++ t.Errorf("splitPkgConfigOutput(%v) = %v; function returned error %v", test.in, got, err) ++ } ++ if got != nil { ++ t.Errorf("splitPkgConfigOutput failed with error %v and output has been non nil %v", err, got) ++ } ++ continue ++ } + if !reflect.DeepEqual(got, test.want) { + t.Errorf("splitPkgConfigOutput(%v) = %v; want %v", test.in, got, test.want) + } +diff --git a/src/cmd/go/internal/work/exec.go b/src/cmd/go/internal/work/exec.go +index a5ab75f6a8..8774be1385 100644 +--- a/src/cmd/go/internal/work/exec.go ++++ b/src/cmd/go/internal/work/exec.go +@@ -900,36 +900,62 @@ func (b *Builder) PkgconfigCmd() string { + } + + // splitPkgConfigOutput parses the pkg-config output into a slice of +-// flags. pkg-config always uses \ to escape special characters. +-func splitPkgConfigOutput(out []byte) []string { ++// flags. This implements the algorithm from pkgconf/libpkgconf/argvsplit.c ++func splitPkgConfigOutput(out []byte) ([]string, error) { + if len(out) == 0 { +- return nil ++ return nil, nil + } + var flags []string +- flag := make([]byte, len(out)) +- r, w := 0, 0 +- for r < len(out) { +- switch out[r] { +- case ' ', '\t', '\r', '\n': +- if w > 0 { +- flags = append(flags, string(flag[:w])) ++ flag := make([]byte, 0, len(out)) ++ escaped := false ++ quote := byte(0) ++ ++ for _, c := range out { ++ if escaped { ++ if quote == '"' || quote == '\'' { ++ switch c { ++ case '$', '`', '"', '\\': ++ default: ++ flag = append(flag, '\\') ++ } ++ flag = append(flag, c) ++ } else { ++ flag = append(flag, c) + } +- w = 0 +- case '\\': +- r++ +- fallthrough +- default: +- if r < len(out) { +- flag[w] = out[r] +- w++ ++ escaped = false ++ } else if quote != 0 { ++ if c == quote { ++ quote = 0 ++ } else { ++ switch c { ++ case '\\': ++ escaped = true ++ default: ++ flag = append(flag, c) ++ } + } ++ } else if strings.IndexByte(" \t\n\v\f\r", c) < 0 { ++ switch c { ++ case '\\': ++ escaped = true ++ case '\'', '"': ++ quote = c ++ default: ++ flag = append(flag, c) ++ } ++ } else if len(flag) != 0 { ++ flags = append(flags, string(flag)) ++ flag = flag[:0] + } +- r++ + } +- if w > 0 { +- flags = append(flags, string(flag[:w])) ++ ++ if quote != 0 { ++ return nil, errors.New("unterminated quoted string in pkgconf output ") ++ } else if len(flag) != 0 { ++ flags = append(flags, string(flag)) + } +- return flags ++ ++ return flags, nil + } + + // Calls pkg-config if needed and returns the cflags/ldflags needed to build the package. +@@ -948,7 +974,10 @@ func (b *Builder) getPkgConfigFlags(p *load.Package) (cflags, ldflags []string, + return nil, nil, errPrintedOutput + } + if len(out) > 0 { +- cflags = splitPkgConfigOutput(out) ++ cflags, err = splitPkgConfigOutput(out) ++ if err != nil { ++ return nil, nil, err ++ } + if err := checkCompilerFlags("CFLAGS", "pkg-config --cflags", cflags); err != nil { + return nil, nil, err + } +-- +2.14.3 + diff --git a/golang-1.15-warnCN.patch b/golang-1.15-warnCN.patch new file mode 100644 index 0000000..5d9cf82 --- /dev/null +++ b/golang-1.15-warnCN.patch @@ -0,0 +1,25 @@ +diff --git a/src/crypto/x509/verify.go b/src/crypto/x509/verify.go +index 50f4d4a..121fd1b 100644 +--- a/src/crypto/x509/verify.go ++++ b/src/crypto/x509/verify.go +@@ -20,6 +20,9 @@ import ( + + // ignoreCN disables interpreting Common Name as a hostname. See issue 24151. + var ignoreCN = !strings.Contains(os.Getenv("GODEBUG"), "x509ignoreCN=0") ++// if using Common Name as a hostname is enabled via x509ignoreCN=0, ++// warnCN enables a warning whenever Common Name is interpreted as a hostname. ++var warnCN = strings.Contains(os.Getenv("GODEBUG"), "x509warnCN=1") + + type InvalidReason int + +@@ -1078,6 +1081,10 @@ func (c *Certificate) VerifyHostname(h string) error { + names := c.DNSNames + if c.commonNameAsHostname() { + names = []string{c.Subject.CommonName} ++ if warnCN { ++ fmt.Fprintf(os.Stderr, "x509: Warning - certificate relies on legacy Common Name field. " + ++ "Using CN without SAN is deprecated and will not work in future versions.\n") ++ } + } + + candidateName := toLowerCaseASCII(h) // Save allocations inside the loop. diff --git a/golang-1.5-bootstrap-binary-path.patch b/golang-1.5-bootstrap-binary-path.patch new file mode 100644 index 0000000..af7d069 --- /dev/null +++ b/golang-1.5-bootstrap-binary-path.patch @@ -0,0 +1,61 @@ +diff -up go/src/cmd/dist/buildtool.go.bootstrap go/src/cmd/dist/buildtool.go +--- go/src/cmd/dist/buildtool.go.bootstrap 2017-07-11 12:05:00.041373419 +0200 ++++ go/src/cmd/dist/buildtool.go 2017-07-11 12:07:27.141775914 +0200 +@@ -153,18 +153,26 @@ func bootstrapBuildTools() { + defer os.Setenv("GOBIN", os.Getenv("GOBIN")) + os.Setenv("GOBIN", "") + ++ hostos := os.Getenv("GOHOSTOS") ++ hostarch := os.Getenv("GOHOSTARCH") ++ + os.Setenv("GOOS", "") + os.Setenv("GOHOSTOS", "") + os.Setenv("GOARCH", "") + os.Setenv("GOHOSTARCH", "") + ++ bingopath := pathf("%s/bin/%s_%s/go", goroot_bootstrap, hostos, hostarch) ++ if _, err := os.Stat(bingopath); os.IsNotExist(err) { ++ bingopath = pathf("%s/bin/go", goroot_bootstrap) ++ } ++ + // Run Go 1.4 to build binaries. Use -gcflags=-l to disable inlining to + // workaround bugs in Go 1.4's compiler. See discussion thread: + // https://groups.google.com/d/msg/golang-dev/Ss7mCKsvk8w/Gsq7VYI0AwAJ + // Use the math_big_pure_go build tag to disable the assembly in math/big + // which may contain unsupported instructions. + cmd := []string{ +- pathf("%s/bin/go", goroot_bootstrap), ++ bingopath, + "install", + "-gcflags=-l", + "-tags=math_big_pure_go", +diff -up go/src/make.bash.bootstrap go/src/make.bash +--- go/src/make.bash.bootstrap 2017-07-11 12:05:00.036373439 +0200 ++++ go/src/make.bash 2017-07-11 12:05:00.041373419 +0200 +@@ -120,8 +120,15 @@ echo '##### Building Go bootstrap tool.' + echo cmd/dist + export GOROOT="$(cd .. && pwd)" + GOROOT_BOOTSTRAP=${GOROOT_BOOTSTRAP:-$HOME/go1.4} +-if [ ! -x "$GOROOT_BOOTSTRAP/bin/go" ]; then +- echo "ERROR: Cannot find $GOROOT_BOOTSTRAP/bin/go." >&2 ++if [ -x "$GOROOT_BOOTSTRAP/bin/${GOHOSTOS}_${GOHOSTARCH}/go" ]; then ++ rm -f cmd/dist/dist ++ GOROOT="$GOROOT_BOOTSTRAP" GOOS="" GOARCH="" "$GOROOT_BOOTSTRAP/bin/${GOHOSTOS}_${GOHOSTARCH}/go" build -o cmd/dist/dist ./cmd/dist ++elif [ -x "$GOROOT_BOOTSTRAP/bin/go" ]; then ++ rm -f cmd/dist/dist ++ GOROOT="$GOROOT_BOOTSTRAP" GOOS="" GOARCH="" "$GOROOT_BOOTSTRAP/bin/go" build -o cmd/dist/dist ./cmd/dist ++else ++ echo "ERROR: Cannot find $GOROOT_BOOTSTRAP/bin/${GOHOSTOS}_${GOHOSTARCH}/go." >&2 ++ echo "ERROR: or $GOROOT_BOOTSTRAP/bin/${GOHOSTOS}_${GOHOSTARCH}/go." >&2 + echo "Set \$GOROOT_BOOTSTRAP to a working Go tree >= Go 1.4." >&2 + exit 1 + fi +@@ -130,8 +137,6 @@ if [ "$GOROOT_BOOTSTRAP" = "$GOROOT" ]; + echo "Set \$GOROOT_BOOTSTRAP to a working Go tree >= Go 1.4." >&2 + exit 1 + fi +-rm -f cmd/dist/dist +-GOROOT="$GOROOT_BOOTSTRAP" GOOS="" GOARCH="" "$GOROOT_BOOTSTRAP/bin/go" build -o cmd/dist/dist ./cmd/dist + + # -e doesn't propagate out of eval, so check success by hand. + eval $(./cmd/dist/dist env -p || echo FAIL=true) diff --git a/golang-gdbinit b/golang-gdbinit index ecddca6..4ef690b 100644 --- a/golang-gdbinit +++ b/golang-gdbinit @@ -1 +1 @@ -add-auto-load-safe-path /usr/lib/golang/src/runtime/runtime-gdb.py +add-auto-load-safe-path /usr/lib/golang/src/pkg/runtime/runtime-gdb.py diff --git a/golang-prelink.conf b/golang-prelink.conf new file mode 100644 index 0000000..471e8e6 --- /dev/null +++ b/golang-prelink.conf @@ -0,0 +1,3 @@ +# there are ELF files in src which are testdata and shouldn't be modified +-b /usr/lib/golang/src +-b /usr/lib64/golang/src diff --git a/golang.spec b/golang.spec index d2cc43c..379f933 100644 --- a/golang.spec +++ b/golang.spec @@ -1,11 +1,6 @@ -%bcond_with bootstrap -# temporalily ignore test failures -# due to https://github.com/golang/go/issues/39466 -%ifarch aarch64 -%bcond_without ignore_tests -%else -%bcond_with ignore_tests -%endif +%undefine _missing_build_ids_terminate_build + +%global bcond_with strict_fips # build ids are not currently generated: # https://code.google.com/p/go/issues/detail?id=5238 @@ -31,43 +26,44 @@ %global __spec_install_post /usr/lib/rpm/check-rpaths /usr/lib/rpm/check-buildroot \ /usr/lib/rpm/brp-compress -%global golibdir %{_libdir}/golang - -# This macro may not always be defined, ensure it is -%{!?gopath: %global gopath %{_datadir}/gocode} +# Define GOROOT macros +%global goroot %{_prefix}/lib/%{name} +%global gopath %{_datadir}/gocode +%global golang_arches x86_64 aarch64 ppc64le s390x +%global golibdir %{_libdir}/%{name} # Golang build options. # Build golang using external/internal(close to cgo disabled) linking. -%ifarch %{ix86} x86_64 ppc64le %{arm} aarch64 s390x +%ifarch x86_64 ppc64le %{arm} aarch64 s390x %global external_linker 1 %else %global external_linker 0 %endif # Build golang with cgo enabled/disabled(later equals more or less to internal linking). -%ifarch %{ix86} x86_64 ppc64le %{arm} aarch64 s390x +%ifarch x86_64 ppc64le %{arm} aarch64 s390x %global cgo_enabled 1 %else %global cgo_enabled 0 %endif # Use golang/gcc-go as bootstrap compiler -%if %{with bootstrap} -%global golang_bootstrap 0 -%else +%ifarch %{golang_arches} %global golang_bootstrap 1 +%else +%global golang_bootstrap 0 %endif # Controls what ever we fail on failed tests -%if %{with ignore_tests} -%global fail_on_tests 0 -%else +%ifarch x86_64 %{arm} aarch64 ppc64le %global fail_on_tests 1 +%else +%global fail_on_tests 0 %endif # Build golang shared objects for stdlib -%ifarch %{ix86} x86_64 ppc64le %{arm} aarch64 +%ifarch 0 %global shared 1 %else %global shared 0 @@ -80,15 +76,9 @@ %global race 0 %endif -# Fedora GOROOT -%global goroot /usr/lib/%{name} - %ifarch x86_64 %global gohostarch amd64 %endif -%ifarch %{ix86} -%global gohostarch 386 -%endif %ifarch %{arm} %global gohostarch arm %endif @@ -106,137 +96,66 @@ %endif %global go_api 1.15 -%global go_version 1.15.4 +%global go_version 1.15.3 +%global pkg_release 1 Name: golang -Version: 1.15.4 +Version: %{go_version} Release: 1%{?dist} Summary: The Go Programming Language # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain License: BSD and Public Domain URL: http://golang.org/ -Source0: https://storage.googleapis.com/golang/go%{go_version}.src.tar.gz +Source0: https://pagure.io/go/archive/go-%{go_version}-%{pkg_release}-openssl-fips/go-go-%{go_version}-%{pkg_release}-openssl-fips.tar.gz # make possible to override default traceback level at build time by setting build tag rpm_crashtraceback Source1: fedora.go # The compiler is written in Go. Needs go(1.4+) compiler for build. +# Actual Go based bootstrap compiler provided by above source. %if !%{golang_bootstrap} BuildRequires: gcc-go >= 5 %else -BuildRequires: golang > 1.4 +BuildRequires: golang %endif %if 0%{?rhel} > 6 || 0%{?fedora} > 0 BuildRequires: hostname %else BuildRequires: net-tools %endif +# For OpenSSL FIPS +BuildRequires: openssl-devel # for tests -BuildRequires: pcre-devel, glibc-static, perl-interpreter, procps-ng +BuildRequires: pcre-devel, glibc-static, perl Provides: go = %{version}-%{release} - -# Bundled/Vendored provides generated by -# go list -f {{.ImportPath}} ./src/vendor/... | sed "s:_$PWD/src/vendor/::g;s:_:.:;s:.*:Provides\: bundled(golang(&)):" && go list -f {{.ImportPath}} ./src/cmd/vendor/... | sed "s:_$PWD/src/cmd/vendor/::g;s:_:.:;s:.*:Provides\: bundled(golang(&)):" -Provides: bundled(golang(golang.org/x/crypto/chacha20)) -Provides: bundled(golang(golang.org/x/crypto/chacha20poly1305)) -Provides: bundled(golang(golang.org/x/crypto/cryptobyte)) -Provides: bundled(golang(golang.org/x/crypto/cryptobyte/asn1)) -Provides: bundled(golang(golang.org/x/crypto/curve25519)) -Provides: bundled(golang(golang.org/x/crypto/hkdf)) -Provides: bundled(golang(golang.org/x/crypto/internal/subtle)) -Provides: bundled(golang(golang.org/x/crypto/poly1305)) -Provides: bundled(golang(golang.org/x/net/dns/dnsmessage)) -Provides: bundled(golang(golang.org/x/net/http/httpguts)) -Provides: bundled(golang(golang.org/x/net/http/httpproxy)) -Provides: bundled(golang(golang.org/x/net/http2/hpack)) -Provides: bundled(golang(golang.org/x/net/idna)) -Provides: bundled(golang(golang.org/x/net/nettest)) -Provides: bundled(golang(golang.org/x/sys/cpu)) -Provides: bundled(golang(golang.org/x/text/secure/bidirule)) -Provides: bundled(golang(golang.org/x/text/transform)) -Provides: bundled(golang(golang.org/x/text/unicode/bidi)) -Provides: bundled(golang(golang.org/x/text/unicode/norm)) -Provides: bundled(golang(github.com/google/pprof/driver)) -Provides: bundled(golang(github.com/google/pprof/internal/binutils)) -Provides: bundled(golang(github.com/google/pprof/internal/driver)) -Provides: bundled(golang(github.com/google/pprof/internal/elfexec)) -Provides: bundled(golang(github.com/google/pprof/internal/graph)) -Provides: bundled(golang(github.com/google/pprof/internal/measurement)) -Provides: bundled(golang(github.com/google/pprof/internal/plugin)) -Provides: bundled(golang(github.com/google/pprof/internal/report)) -Provides: bundled(golang(github.com/google/pprof/internal/symbolizer)) -Provides: bundled(golang(github.com/google/pprof/internal/symbolz)) -Provides: bundled(golang(github.com/google/pprof/internal/transport)) -Provides: bundled(golang(github.com/google/pprof/profile)) -Provides: bundled(golang(github.com/google/pprof/third.party/d3)) -Provides: bundled(golang(github.com/google/pprof/third.party/d3flamegraph)) -Provides: bundled(golang(github.com/google/pprof/third.party/svgpan)) -Provides: bundled(golang(github.com/ianlancetaylor/demangle)) -Provides: bundled(golang(golang.org/x/arch/arm/armasm)) -Provides: bundled(golang(golang.org/x/arch/arm64/arm64asm)) -Provides: bundled(golang(golang.org/x/arch/ppc64/ppc64asm)) -Provides: bundled(golang(golang.org/x/arch/x86/x86asm)) -Provides: bundled(golang(golang.org/x/crypto/ed25519)) -Provides: bundled(golang(golang.org/x/crypto/ed25519/internal/edwards25519)) -Provides: bundled(golang(golang.org/x/crypto/ssh/terminal)) -Provides: bundled(golang(golang.org/x/mod/internal/lazyregexp)) -Provides: bundled(golang(golang.org/x/mod/modfile)) -Provides: bundled(golang(golang.org/x/mod/module)) -Provides: bundled(golang(golang.org/x/mod/semver)) -Provides: bundled(golang(golang.org/x/mod/sumdb)) -Provides: bundled(golang(golang.org/x/mod/sumdb/dirhash)) -Provides: bundled(golang(golang.org/x/mod/sumdb/note)) -Provides: bundled(golang(golang.org/x/mod/sumdb/tlog)) -Provides: bundled(golang(golang.org/x/mod/zip)) -Provides: bundled(golang(golang.org/x/sys/internal/unsafeheader)) -Provides: bundled(golang(golang.org/x/sys/unix)) -Provides: bundled(golang(golang.org/x/tools/go/analysis)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/internal/analysisflags)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/internal/facts)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/asmdecl)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/assign)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/atomic)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/bools)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/buildtag)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/cgocall)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/composite)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/copylock)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/ctrlflow)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/errorsas)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/httpresponse)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/ifaceassert)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/inspect)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/internal/analysisutil)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/loopclosure)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/lostcancel)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/nilfunc)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/printf)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/shift)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/stdmethods)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/stringintconv)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/structtag)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/tests)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/unmarshal)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/unreachable)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/unsafeptr)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/passes/unusedresult)) -Provides: bundled(golang(golang.org/x/tools/go/analysis/unitchecker)) -Provides: bundled(golang(golang.org/x/tools/go/ast/astutil)) -Provides: bundled(golang(golang.org/x/tools/go/ast/inspector)) -Provides: bundled(golang(golang.org/x/tools/go/cfg)) -Provides: bundled(golang(golang.org/x/tools/go/types/objectpath)) -Provides: bundled(golang(golang.org/x/tools/go/types/typeutil)) -Provides: bundled(golang(golang.org/x/tools/internal/analysisinternal)) -Provides: bundled(golang(golang.org/x/xerrors)) -Provides: bundled(golang(golang.org/x/xerrors/internal)) - Requires: %{name}-bin = %{version}-%{release} Requires: %{name}-src = %{version}-%{release} -Requires: go-srpm-macros +Requires: openssl-devel +Requires: diffutils -Patch1: 0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch -Patch2: 0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch -Patch3: 0003-cmd-go-disable-Google-s-proxy-and-sumdb.patch +# we had been just removing the zoneinfo.zip, but that caused tests to fail for users that +# later run `go test -a std`. This makes it only use the zoneinfo.zip where needed in tests. +Patch215: ./go1.5-zoneinfo_testing_only.patch + +# Proposed patch by jcajka https://golang.org/cl/86541 +Patch221: fix_TestScript_list_std.patch + +# It seems this patch will be included in Go 1.14.5 +# https://github.com/golang/go/issues/39991 +# https://go-review.googlesource.com/c/go/+/240917 +#Patch240917: ppc64le_fix_missing_deferreturn.patch + +# Add an env var to optionally trigger a warning in x509 when +# Common Name is used as hostname +# rhbz#1889437 +Patch223: golang-1.15-warnCN.patch + +# Gracefully shut down http2 connections +# https://go-review.googlesource.com/c/go/+/240278 +# rhbz#1888673 +Patch224: net-http-graceful-shutdown.patch + +Patch225: x-text.patch # Having documentation separate was broken Obsoletes: %{name}-docs < 1.1-4 @@ -244,14 +163,11 @@ Obsoletes: %{name}-docs < 1.1-4 # RPM can't handle symlink -> dir with subpackages, so merge back Obsoletes: %{name}-data < 1.1.1-4 -# go1.4 deprecates a few packages -Obsoletes: %{name}-vim < 1.4 -Obsoletes: emacs-%{name} < 1.4 - # These are the only RHEL/Fedora architectures that we compile this package for ExclusiveArch: %{golang_arches} Source100: golang-gdbinit +Source101: golang-prelink.conf %description %{summary}. @@ -284,54 +200,18 @@ BuildArch: noarch %package src Summary: Golang compiler source tree BuildArch: noarch + %description src %{summary} %package bin Summary: Golang core compiler tools -# Some distributions refer to this package by this name -Provides: %{name}-go = %{version}-%{release} -Requires: go = %{version}-%{release} -# Pre-go1.5, all arches had to be bootstrapped individually, before usable, and -# env variables to compile for the target os-arch. -# Now the host compiler needs only the GOOS and GOARCH environment variables -# set to compile for the target os-arch. -Obsoletes: %{name}-pkg-bin-linux-386 < 1.4.99 -Obsoletes: %{name}-pkg-bin-linux-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-bin-linux-arm < 1.4.99 -Obsoletes: %{name}-pkg-linux-386 < 1.4.99 -Obsoletes: %{name}-pkg-linux-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-linux-arm < 1.4.99 -Obsoletes: %{name}-pkg-darwin-386 < 1.4.99 -Obsoletes: %{name}-pkg-darwin-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-windows-386 < 1.4.99 -Obsoletes: %{name}-pkg-windows-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-plan9-386 < 1.4.99 -Obsoletes: %{name}-pkg-plan9-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-freebsd-386 < 1.4.99 -Obsoletes: %{name}-pkg-freebsd-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-freebsd-arm < 1.4.99 -Obsoletes: %{name}-pkg-netbsd-386 < 1.4.99 -Obsoletes: %{name}-pkg-netbsd-amd64 < 1.4.99 -Obsoletes: %{name}-pkg-netbsd-arm < 1.4.99 -Obsoletes: %{name}-pkg-openbsd-386 < 1.4.99 -Obsoletes: %{name}-pkg-openbsd-amd64 < 1.4.99 - -Obsoletes: golang-vet < 0-12.1 -Obsoletes: golang-cover < 0-12.1 - -Requires(post): %{_sbindir}/update-alternatives -Requires(preun): %{_sbindir}/update-alternatives +Requires: %{name} = %{version}-%{release} # We strip the meta dependency, but go does require glibc. # This is an odd issue, still looking for a better fix. Requires: glibc -Requires: gcc -%if 0%{?rhel} && 0%{?rhel} < 8 -Requires: git, subversion, mercurial -%else -Recommends: git, subversion, mercurial -%endif +Requires: /usr/bin/gcc %description bin %{summary} @@ -364,11 +244,24 @@ Requires: %{name} = %{version}-%{release} %endif %prep -%autosetup -p1 -n go +%setup -q -n go-go-%{go_version}-%{pkg_release}-openssl-fips + +%patch215 -p1 + +%patch221 -p1 + +#%patch240917 -p1 + +%patch223 -p1 + +%patch224 -p1 + +%patch225 -p1 cp %{SOURCE1} ./src/runtime/ %build +set -xe # print out system information uname -a cat /proc/cpuinfo @@ -378,7 +271,7 @@ cat /proc/meminfo %if !%{golang_bootstrap} export GOROOT_BOOTSTRAP=/ %else -export GOROOT_BOOTSTRAP=%{goroot} +export GOROOT_BOOTSTRAP=/opt/rh/go-toolset-1.10/root/usr/lib/go-toolset-1.10-golang %endif # set up final install location @@ -395,33 +288,43 @@ export CC="gcc" export CC_FOR_TARGET="gcc" export GOOS=linux export GOARCH=%{gohostarch} + +DEFAULT_GO_LD_FLAGS="" %if !%{external_linker} -export GO_LDFLAGS="-linkmode internal" +export GO_LDFLAGS="-linkmode internal $DEFAULT_GO_LD_FLAGS" +%else +# Only pass a select subset of the external hardening flags. We do not pass along +# the default $RPM_LD_FLAGS as on certain arches Go does not fully, correctly support +# building in PIE mode. +export GO_LDFLAGS="\"-extldflags=-Wl,-z,now,-z,relro\" $DEFAULT_GO_LD_FLAGS" %endif %if !%{cgo_enabled} export CGO_ENABLED=0 %endif -./make.bash --no-clean -v +./make.bash --no-clean popd # build shared std lib %if %{shared} -GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -buildmode=shared -v -x std +GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -buildmode=shared std %endif %if %{race} -GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -race -v -x std +GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -race std %endif + %install + rm -rf $RPM_BUILD_ROOT -# remove GC build cache -rm -rf pkg/obj/go-build/* # create the top level directories mkdir -p $RPM_BUILD_ROOT%{_bindir} mkdir -p $RPM_BUILD_ROOT%{goroot} +# remove bootstrap binaries +rm -rf pkg/bootstrap/bin + # install everything into libdir (until symlink problems are fixed) # https://code.google.com/p/go/issues/detail?id=5830 cp -apv api bin doc favicon.ico lib pkg robots.txt src misc test VERSION \ @@ -445,7 +348,7 @@ rm -f $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_l touch $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list pushd $RPM_BUILD_ROOT%{goroot} find src/ -type d -a \( ! -name testdata -a ! -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $src_list - find src/ ! -type d -a \( ! -ipath '*/testdata/*' -a ! -name '*_test.go' \) -printf '%{goroot}/%p\n' >> $src_list + find src/ ! -type d -a \( ! -ipath '*/testdata/*' -a ! -name '*_test*.go' \) -printf '%{goroot}/%p\n' >> $src_list find bin/ pkg/ -type d -a ! -path '*_dynlink/*' -a ! -path '*_race/*' -printf '%%%dir %{goroot}/%p\n' >> $pkg_list find bin/ pkg/ ! -type d -a ! -path '*_dynlink/*' -a ! -path '*_race/*' -printf '%{goroot}/%p\n' >> $pkg_list @@ -483,7 +386,7 @@ pushd $RPM_BUILD_ROOT%{goroot} find test/ -type d -printf '%%%dir %{goroot}/%p\n' >> $tests_list find test/ ! -type d -printf '%{goroot}/%p\n' >> $tests_list find src/ -type d -a \( -name testdata -o -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $tests_list - find src/ ! -type d -a \( -ipath '*/testdata/*' -o -name '*_test.go' \) -printf '%{goroot}/%p\n' >> $tests_list + find src/ ! -type d -a \( -ipath '*/testdata/*' -o -name '*_test*.go' \) -printf '%{goroot}/%p\n' >> $tests_list # this is only the zoneinfo.zip find lib/ -type d -printf '%%%dir %{goroot}/%p\n' >> $tests_list find lib/ ! -type d -printf '%{goroot}/%p\n' >> $tests_list @@ -495,8 +398,8 @@ rm -rfv $RPM_BUILD_ROOT%{goroot}/doc/Makefile # put binaries to bindir, linked to the arch we're building, # leave the arch independent pieces in {goroot} mkdir -p $RPM_BUILD_ROOT%{goroot}/bin/linux_%{gohostarch} -ln -sf %{goroot}/bin/go $RPM_BUILD_ROOT%{goroot}/bin/linux_%{gohostarch}/go -ln -sf %{goroot}/bin/gofmt $RPM_BUILD_ROOT%{goroot}/bin/linux_%{gohostarch}/gofmt +ln -sf %{goroot}/bin/go $RPM_BUILD_ROOT%{_bindir}/go +ln -sf %{goroot}/bin/gofmt $RPM_BUILD_ROOT%{_bindir}/gofmt # ensure these exist and are owned mkdir -p $RPM_BUILD_ROOT%{gopath}/src/github.com @@ -504,72 +407,84 @@ mkdir -p $RPM_BUILD_ROOT%{gopath}/src/bitbucket.org mkdir -p $RPM_BUILD_ROOT%{gopath}/src/code.google.com/p mkdir -p $RPM_BUILD_ROOT%{gopath}/src/golang.org/x -# make sure these files exist and point to alternatives -rm -f $RPM_BUILD_ROOT%{_bindir}/go -ln -sf /etc/alternatives/go $RPM_BUILD_ROOT%{_bindir}/go -rm -f $RPM_BUILD_ROOT%{_bindir}/gofmt -ln -sf /etc/alternatives/gofmt $RPM_BUILD_ROOT%{_bindir}/gofmt - # gdbinit mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/gdbinit.d cp -av %{SOURCE100} $RPM_BUILD_ROOT%{_sysconfdir}/gdbinit.d/golang.gdb +# prelink blacklist +mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/prelink.conf.d +cp -av %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/prelink.conf.d/golang.conf + %check export GOROOT=$(pwd -P) export PATH="$GOROOT"/bin:"$PATH" cd src +# Add some sanity checks. +echo "GO VERSION:" +go version + +echo "GO ENVIRONMENT:" +go env + export CC="gcc" export CFLAGS="$RPM_OPT_FLAGS" export LDFLAGS="$RPM_LD_FLAGS" %if !%{external_linker} export GO_LDFLAGS="-linkmode internal" +%else +export GO_LDFLAGS="-extldflags '$RPM_LD_FLAGS'" %endif %if !%{cgo_enabled} || !%{external_linker} export CGO_ENABLED=0 %endif -# workaround for https://github.com/golang/go/issues/39466 until it gests fixed -# Commented until the patch is ready, this work around suggested in the link avobe -# doesn't work properly -#ifarch aarch64 -#export CGO_CFLAGS="-mno-outline-atomics" -#endif # make sure to not timeout export GO_TEST_TIMEOUT_SCALE=2 +export GO_TEST_RUN="" +%ifarch aarch64 + export GO_TEST_RUN="-run=!testshared" +%endif + %if %{fail_on_tests} -./run.bash --no-rebuild -v -v -v -k + +./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN + +# Run tests with FIPS enabled. +export GOLANG_FIPS=1 +pushd crypto + # Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later + go test $(go list ./... | grep -v tls) -v + # Check that signature functions have parity between boring and notboring + CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v +popd +# Run all FIPS specific TLS tests +pushd crypto/tls + go test -v -run "Boring" +popd %else ./run.bash --no-rebuild -v -v -v -k || : %endif cd .. - -%post bin -%{_sbindir}/update-alternatives --install %{_bindir}/go \ - go %{goroot}/bin/go 90 \ - --slave %{_bindir}/gofmt gofmt %{goroot}/bin/gofmt - -%preun bin -if [ $1 = 0 ]; then - %{_sbindir}/update-alternatives --remove go %{goroot}/bin/go -fi - - %files -%license LICENSE PATENTS -%doc AUTHORS CONTRIBUTORS + +%doc AUTHORS CONTRIBUTORS LICENSE PATENTS # VERSION has to be present in the GOROOT, for `go install std` to work %doc %{goroot}/VERSION %dir %{goroot}/doc +%doc %{goroot}/doc/* # go files %dir %{goroot} -%{goroot}/api/ -%{goroot}/lib/time/ -%{goroot}/favicon.ico -%{goroot}/robots.txt +%exclude %{goroot}/bin/ +%exclude %{goroot}/pkg/ +%exclude %{goroot}/src/ +%exclude %{goroot}/doc/ +%exclude %{goroot}/misc/ +%exclude %{goroot}/test/ +%{goroot}/* # ensure directory ownership, so they are cleaned up if empty %dir %{gopath} @@ -581,321 +496,244 @@ fi %dir %{gopath}/src/golang.org %dir %{gopath}/src/golang.org/x - # gdbinit (for gdb debugging) %{_sysconfdir}/gdbinit.d -%files src -f go-src.list +# prelink blacklist +%{_sysconfdir}/prelink.conf.d -%files docs -f go-docs.list -%files misc -f go-misc.list +%files -f go-src.list src -%files tests -f go-tests.list +%files -f go-docs.list docs -%files bin -f go-pkg.list +%files -f go-misc.list misc + +%files -f go-tests.list tests + +%files -f go-pkg.list bin %{_bindir}/go %{_bindir}/gofmt -%{goroot}/bin/linux_%{gohostarch}/go -%{goroot}/bin/linux_%{gohostarch}/gofmt %if %{shared} -%files shared -f go-shared.list +%files -f go-shared.list shared %endif %if %{race} -%files race -f go-race.list +%files -f go-race.list race %endif %changelog -* Fri Nov 06 2020 Jakub Čajka - 1.15.4-1 -- Rebase to go1.15.4 -- Resolves: BZ#1895189 +* Tue Nov 03 2020 Alejandro Sáez - 1.15.2-2 +- Resolves: rhbz#1850045 -* Thu Oct 15 2020 Jakub Čajka - 1.15.3-1 -- Rebase to go1.15.3 -- Resolves: BZ#1888443 +* Mon Oct 19 2020 David Benoit - 1.15.2-1 +- Rebase to 1.15.2 +- fix rhbz#1872622 in commit af9a1b1f6567a1c5273a134d395bfe7bb840b7f8 +- Resolves: rhbz#1872622 +- add net/http graceful shutdown patch +- Resolves: rhbz#1888673 +- add x509warnCN patch +- Resolves: rhbz#1889437 -* Thu Sep 10 2020 Jakub Čajka - 1.15.2-1 -- Rebase to go1.15.2 -- Resolves: BZ#1877565 +* Wed Sep 09 2020 Alejandro Sáez - 1.15.0-1 +- Rebase to 1.15.0 +- Related: rhbz#1870531 -* Thu Sep 03 2020 Jakub Čajka - 1.15.1-1 -- Rebase to go1.15.1 -- Security fix for CVE-2020-24553 -- Resolves: BZ#1874858, BZ#1866892 +* Thu Aug 27 2020 Alejandro Sáez - 1.14.7-2 +- Improve test suite +- Resolves: rhbz#1854693 -* Wed Aug 12 2020 Jakub Čajka - 1.15-1 -- Rebase to go1.15 proper -- Resolves: BZ#1859241, BZ#1866892 +* Tue Aug 18 2020 Alejandro Sáez - 1.14.7-1 +- Rebase to 1.14.7 -* Mon Aug 10 2020 Jakub Čajka - 1.15-0.rc2.0 -- Rebase to go1.15rc1 -- Security fix for CVE-2020-16845 -- Resolves: BZ#1867101 -- Related: BZ#1859241 +* Mon Aug 03 2020 Alejandro Sáez - 1.14.6-1 +- Rebase to 1.14.6 +- Resolves: rhbz#1820596 -* Mon Jul 27 2020 Fedora Release Engineering - 1.15-0.rc1.0.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild +* Wed Jul 08 2020 Alejandro Sáez - 1.14.4-2 +- Include patch to fix missing deferreturn on linux/ppc64le +- Resolves: rhbz#1854836 -* Mon Jul 27 2020 Jakub Čajka - 1.15-0.rc1.0 -- Rebase to go1.15rc1 -- Related: BZ#1859241 +* Thu Jun 25 2020 Alejandro Sáez - 1.14.4-1 +- Rebase to 1.14.4 -* Mon Jul 20 2020 Jakub Čajka - 1.15-0.beta1.0 -- Rebase to go1.15beta1 +* Thu May 21 2020 Alejandro Sáez - 1.14.2-2 +- Remove i686 references +- Related: rhbz#1752991 -* Mon Jul 20 2020 Jakub Čajka - 1.14.6-1 -- Rebase to go1.14.6 -- Security fix for CVE-2020-14040 and CVE-2020-15586 -- Resolves: BZ#1842708, BZ#1856957, BZ#1853653 +* Wed May 06 2020 Alejandro Sáez - 1.14.2-1 +- Rebase to 1.14.2 +- Related: rhbz#1820596 -* Tue Jun 30 2020 Alejandro Sáez - 1.14.4-1 -- Rebase to go1.14.4 -- Add patch that fixes: https://golang.org/issue/39991 -- Related: BZ#1842708 +* Wed Nov 27 2019 Alejandro Sáez - 1.13.4-2 +- Remove patches +- Related: rhbz#1747150 -* Mon May 18 2020 Álex Sáez - 1.14.3-1 -- Rebase to go1.14.3 -- Resolves: BZ#1836015 +* Mon Nov 25 2019 Alejandro Sáez - 1.13.4-1 +- Rebase to 1.13.4 +- Related: rhbz#1747150 -* Mon Apr 20 2020 Jakub Čajka - 1.14.2-1 -- Rebase to go1.14.2 -- Resolves: BZ#1815282 +* Tue Sep 17 2019 Tom Stellard - 1.12.8-4 +- Reduce number of threads when testing on i686 -* Wed Feb 26 2020 Jakub Čajka - 1.14-1 -- Rebase to go1.14 proper -- Resolves: BZ#1792475 +* Wed Sep 11 2019 Tom Stellard - 1.12.8-3 +- Relax FIPS requirements to unblock OpenShift testing -* Thu Feb 06 2020 Jakub Čajka - 1.14-0.rc1.0 -- Rebase to go1.14.rc1 -- Related: BZ#1792475 +* Wed Aug 28 2019 Tom Stellard - 1.12.8-2 +- Rebase to 1.12.8 +- Resolves: rhbz#1745706 +- Resolves: rhbz#1745712 -* Tue Jan 28 2020 Fedora Release Engineering - 1.14-0.beta1.0.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild +* Mon Aug 5 2019 Derek Parker - 1.12.6-3 +- Add README for more documentation +- Resolves: rhbz#1734788 -* Mon Jan 20 2020 Jakub Čajka - 1.14-0.beta1.0 -- Rebase to go1.14beta1 -- Resolves: BZ#1792475 +* Fri Aug 2 2019 Derek Parker - 1.12.6-3 +- Revert some TLS FIPS changes for now +- Resolves: rhbz#1734788 -* Mon Jan 13 2020 Jakub Čajka - 1.13.6-1 -- Rebase to go1.13.6 +* Thu Aug 1 2019 Derek Parker - 1.12.6-2 +- Updates to be less strict on key size in FIPS mode +- Resolves: rhbz#1734788 -* Thu Dec 05 2019 Jakub Čajka - 1.13.5-1 -- Rebase to go1.13.5 - -* Tue Nov 26 2019 Neal Gompa - 1.13.4-2 -- Small fixes to the spec and tighten up the file list - -* Fri Nov 01 2019 Jakub Čajka - 1.13.4-1 -- Rebase to go1.13.4 -- Resolves BZ#1767673 - -* Sat Oct 19 2019 Jakub Čajka - 1.13.3-1 -- Rebase to go1.13.3 -- Fix for CVE-2019-17596 -- Resolves: BZ#1755639, BZ#1763312 - -* Fri Sep 27 2019 Jakub Čajka - 1.13.1-1 -- Rebase to go1.13.1 -- Fix for CVE-2019-16276 -- Resolves: BZ#1755970 - -* Thu Sep 05 2019 Jakub Čajka - 1.13-2 -- Back to go1.13 tls1.3 behavior - -* Wed Sep 04 2019 Jakub Čajka - 1.13-1 -- Rebase to go1.13 - -* Fri Aug 30 2019 Jakub Čajka - 1.13-0.rc2.1 -- Rebase to go1.13rc2 -- Do not enable tls1.3 by default -- Related: BZ#1737471 - -* Wed Aug 28 2019 Jakub Čajka - 1.13-0.rc1.2 -- Actually fix CVE-2019-9514 and CVE-2019-9512 -- Related: BZ#1741816, BZ#1741827 - -* Mon Aug 26 2019 Jakub Čajka - 1.13-0.rc1.1 -- Rebase to 1.13rc1 -- Fix for CVE-2019-14809, CVE-2019-9514 and CVE-2019-9512 -- Resolves: BZ#1741816, BZ#1741827 and BZ#1743131 - -* Thu Aug 01 2019 Jakub Čajka - 1.13-0.beta1.2.2 -- Fix ICE affecting aarch64 -- Resolves: BZ#1735290 - -* Thu Jul 25 2019 Fedora Release Engineering - 1.13-0.beta1.2.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Wed Jul 24 2019 Jakub Čajka - 1.13-0.beta1.2 -- De-configure sumdb and go proxy - -* Wed Jul 24 2019 Jakub Čajka - 1.13-0.beta1.1 -- Rebase to 1.13beta1 -- Related: BZ#1732118 - -* Tue Jul 09 2019 Jakub Čajka - 1.12.7-1 -- Rebase to 1.12.7 -- Resolves: BZ#1728056 - -* Wed Jun 12 2019 Jakub Čajka - 1.12.6-1 +* Thu Jun 13 2019 Derek Parker - 1.12.6-1 - Rebase to 1.12.6 -- Resolves: BZ#1719483 +- Resolves: rhbz#1677819 -* Tue May 07 2019 Jakub Čajka - 1.12.5-1 +* Thu Jun 13 2019 Derek Parker - 1.12.5-2 +- Remove macros present in go-compiler +- Resolves: rhbz#1700109 + +* Wed Jun 12 2019 Derek Parker - 1.12.5-1 - Rebase to 1.12.5 -- Resolves: BZ#1707187 +- Resolves: rhbz#1677819 -* Mon Apr 08 2019 Jakub Čajka - 1.12.2-1 -- Rebase to 1.12.2 -- Resolves: BZ#1688996 +* Wed May 29 2019 Derek Parker - 1.12.1-2 +- Lock OpenSSL to specific built version and include more initialization. +- Resolves: rhbz#1709603 -* Mon Apr 01 2019 Jakub Čajka - 1.12.1-2 -- Fix up change log, respective CVE has been fixed in go1.12rc1 - -* Fri Mar 15 2019 Jakub Čajka - 1.12.1-1 +* Fri May 10 2019 Derek Parker - 1.12.1-1 - Rebase to 1.12.1 -- Fix requirement for %%preun (instead of %%postun) scriptlet thanks to Tim Landscheidt -- Use weak deps for SCM deps +- Include FIPS compliance updates +- Resolves: rhbz#1709603 -* Wed Feb 27 2019 Jakub Čajka - 1.12-1 -- Rebase to go1.12 proper -- Resolves: BZ#1680040 +* Thu Apr 4 2019 Derek Parker - 1.11.5-2 +- Include patch to fix CVE-2019-9741 +- Resolves: rhbz#1690443 -* Mon Feb 18 2019 Jakub Čajka - 1.12-0.rc1.1 -- Rebase to go1.12rc1 +* Mon Feb 18 2019 Derek Parker - 1.11.5-2 +- Switch to pagure fork for Go FIPS -* Thu Jan 31 2019 Fedora Release Engineering - 1.12-0.beta2.2.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild +* Thu Feb 7 2019 Derek Parker - 1.11.5-1 +- Rebase to Go 1.11.5 +- Resolves: rhbz#1671277 +- Fixes CVE-2019-6486 -* Sun Jan 27 2019 Jakub Čajka - 1.12-0.beta2.2 -- Fix for CVE-2019-6486 -- Resolves: BZ#1668973 +* Thu Jan 3 2019 Derek Parker - 1.11.4-1 +- Rebase to Go 1.11.4 +- Fixes CVE-2018-16873, CVE-2018-16874, CVE-2018-16875 -* Fri Jan 11 2019 Jakub Čajka - 1.12-0.beta2.1 -- Rebase to go1.12beta2 +* Thu Dec 6 2018 Derek Parker - 1.11.2-1 +- Rebase to Go 1.11.2 -* Wed Jan 02 2019 Jakub Čajka - 1.11.4-1 -- Rebase to go1.11.4 -- Fix for CVE-2018-16875, CVE-2018-16874 and CVE-2018-16873 -- Resolves: BZ#1659290, BZ#1659289, BZ#1659288 +* Fri Nov 16 2018 Derek Parker - 1.10.3-18 +- Remove SCL from macros -* Mon Nov 05 2018 Jakub Čajka - 1.11.2-1 -- Rebase to go1.11.2 +* Wed Nov 7 2018 Derek Parker - 1.10.3-17 +- Prefer go-toolset over go-toolset-1.10 +- Resolves: rhbz#1630786 -* Thu Oct 04 2018 Jakub Čajka - 1.11.1-1 -- Rebase to go1.11.1 +* Mon Nov 5 2018 Derek Parker - 1.10.3-16 +- Fix implicit syscall declaration warning -* Mon Aug 27 2018 Jakub Čajka - 1.11-1 -- Rebase to go1.11 release +* Mon Nov 5 2018 Derek Parker - 1.10.3-15 +- Remove usage of redhat hardening flag file, just pass a select few manually +- Resolves: rhbz#1642798 -* Thu Aug 23 2018 Jakub Čajka - 1.11-0.rc2.1 -- Rebase to go1.11rc2 -- Reduce size of bin package +* Wed Oct 31 2018 Derek Parker - 1.10.3-14 +- Do not build toolchain in PIE mode +- Resolves: rhbz#1642798 -* Tue Aug 14 2018 Jakub Čajka - 1.11-0.rc1.1 -- Rebase to go1.11rc1 +* Fri Oct 26 2018 Derek Parker - 1.10.3-13 +- Fix setting of internal FIPS enabled flag +- Resolves: rhbz#1643653 -* Mon Aug 06 2018 Jakub Čajka - 1.11-0.beta3.1 -- Rebase to go1.11beta3 +* Wed Oct 10 2018 Derek Parker - 1.10.3-12 +- Pass external linker flags to fix annocheck errors +- Resolves: rhbz#1624421 -* Fri Jul 27 2018 Jakub Čajka - 1.11-0.beta2.2 -- Turn on back DWARF compression by default -- Use less memory on 32bit targets during build -- Resolves: BZ#1607270 -- Related: BZ#1602096 +* Wed Oct 10 2018 Derek Parker - 1.10.3-11 +- Fix UnreachableExceptTests false panic +- Resolves: rhbz#1634748 -* Fri Jul 20 2018 Jakub Čajka - 1.11-0.beta2.1 -- Rebase to 1.11beta2 +* Fri Oct 5 2018 Derek Parker - 1.10.3-10 +- Remove SCL, fix bug in boringcrypto with ecdsa +- Related: rhbz#1635066 +- Resolves: rhbz#1636221 -* Wed Jul 18 2018 Jakub Čajka - 1.11-0.beta1.2 -- Turn off DWARF compression by default as it is not supported by rpm/debuginfo -- Related: BZ#1602096 +* Wed Sep 26 2018 Derek Parker - 1.10.3-9 +- Add runtime FIPS detection patches +- Resolves: rhbz#1633351 -* Fri Jul 13 2018 Fedora Release Engineering - 1.11-0.beta1.1.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild +* Fri Sep 21 2018 Derek Parker - 1.10.3-8 +- Add `gobuild` and `gotest` macros from go-compilers +- Resolves: rhbz#1631846 -* Wed Jul 04 2018 Jakub Čajka - 1.11-0.beta1.1 -* Rebase to 1.11beta1 +* Thu Sep 20 2018 Derek Parker - 1.10.3-7 +- Bootstrap package using old build of same package +- Resolves: rhbz#1630786 -* Fri Jun 08 2018 Jakub Čajka - 1.10.3-1 -- Rebase to 1.10.3 +* Mon Aug 13 2018 Derek Parker - 1.10.3-6 +- Update stack allocation of OpenSSL type patch +- Resolves: rhbz#1615032 -* Wed May 02 2018 Jakub Čajka - 1.10.2-1 -- Rebase to 1.10.2 +* Sat Aug 11 2018 Troy Dawson - 1.10.3-5 +- Build on i686 +- Related: bug#1614611 -* Wed Apr 04 2018 Jakub Čajka - 1.10.1-1 -- Rebase to 1.10.1 -- Resolves: BZ#1562270 +* Tue Aug 7 2018 Derek Parker - 1.10.3-4 +- Add patch fixing stack allocation of opaque OpenSSL type bug. +- Resolves: rhbz#1613538 -* Sat Mar 03 2018 Jakub Čajka - 1.10-2 -- Fix CVE-2018-7187 -- Resolves: BZ#1546386, BZ#1546388 +* Thu Aug 2 2018 Derek Parker - 1.10.3-3 +- Add patch with tag to opt out of OpenSSL during build -* Wed Feb 21 2018 Jakub Čajka - 1.10-1 -- Rebase to 1.10 +* Wed Jul 25 2018 Derek Parker - 1.10.3-2 +- Add runtime requirement for openssl-devel and misc updates -* Thu Feb 08 2018 Jakub Čajka - 1.10-0.rc2.1 -- Rebase to 1.10rc2 -- Fix CVE-2018-6574 -- Resolves: BZ#1543561, BZ#1543562 +* Tue Jul 24 2018 Derek Parker - 1.10.3-1 +- Bump to 1.10.3 -* Wed Feb 07 2018 Fedora Release Engineering - 1.10-0.rc1.1.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild +* Tue Jul 24 2018 Derek Parker - 1.10.2-3 +- Prepare for module build -* Fri Jan 26 2018 Jakub Čajka - 1.10-0.rc1.1 -- Rebase to 1.10rc1 +* Wed Jun 27 2018 Derek Parker - 1.10.2-2 +- Include FIPS patches -* Fri Jan 12 2018 Jakub Čajka - 1.10-0.beta2.1 -- Rebase to 1.10beta2 +* Wed May 23 2018 Derek Parker - 1.10.2-1 +- Bump to Go 1.10.2 -* Mon Jan 08 2018 Jakub Čajka - 1.10-0.beta1.1 -- Rebase to 1.10beta1 -- Drop verbose patch as most of it is now implemented by bootstrap tool and is easily toggled by passing -v flag to make.bash +* Thu Mar 15 2018 Derek Parker - 1.10-1 +- Bump to Go 1.10 -* Thu Oct 26 2017 Jakub Čajka - 1.9.2-1 -- Rebase to 1.9.2 -- execute correctly pie tests -- allow to ignore tests via bcond -- reduce size of golang package +* Wed Oct 18 2017 Jakub Čajka - 1.8.5-1 +- Fix CVE-2017-15041 and CVE-2017-15042 +- Resolves: BZ#1499160, BZ#1498073, BZ#1512063 -* Fri Oct 06 2017 Jakub Čajka - 1.9.1-1 -- fix CVE-2017-15041 and CVE-2017-15042 +* Thu Aug 31 2017 Tom Stellard - 1.8.3-4 +- Explicitly require /usr/bin/gcc +- Resolves: #1487345 -* Fri Sep 15 2017 Jakub Čajka - 1.9-1 -- bump to the relased version +* Thu Jun 22 2017 Jakub Čajka - 1.8.3-3 +- apply asn1 patch +- add ppc64le trampolines patch -* Wed Aug 02 2017 Fedora Release Engineering - 1.9-0.beta2.1.2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild +* Wed Jun 14 2017 Jakub Čajka - 1.8.3-2 +- regular GTS build -* Wed Jul 26 2017 Fedora Release Engineering - 1.9-0.beta2.1.1 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Tue Jul 11 2017 Jakub Čajka - 1.9-0.beta2.1 -- bump to beta2 - -* Thu May 25 2017 Jakub Čajka - 1.8.3-1 -- bump to 1.8.3 -- fix for CVE-2017-8932 -- make possible to use 31bit OID in ASN1 -- Resolves: BZ#1454978, BZ#1455191 - -* Fri Apr 21 2017 Jakub Čajka - 1.8.1-2 -- fix uint64 constant codegen on s390x -- Resolves: BZ#1441078 - -* Tue Apr 11 2017 Jakub Čajka - 1.8.1-1 -- bump to Go 1.8.1 -- Resolves: BZ#1440345 - -* Fri Feb 24 2017 Jakub Čajka - 1.8-2 -- avoid possibly stale packages due to chacha test file not being test file - -* Fri Feb 17 2017 Jakub Čajka - 1.8-1 -- bump to released version -- Resolves: BZ#1423637 -- Related: BZ#1411242 +* Tue Jun 06 2017 Jakub Čajka - 1.8.3-1 +- initial GTS build * Fri Feb 10 2017 Fedora Release Engineering - 1.8-0.rc3.2.1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild diff --git a/net-http-graceful-shutdown.patch b/net-http-graceful-shutdown.patch new file mode 100644 index 0000000..90dd711 --- /dev/null +++ b/net-http-graceful-shutdown.patch @@ -0,0 +1,157 @@ +diff --git a/src/net/http/export_test.go b/src/net/http/export_test.go +index 657ff9d..67a74ae 100644 +--- a/src/net/http/export_test.go ++++ b/src/net/http/export_test.go +@@ -274,6 +274,17 @@ func (s *Server) ExportAllConnsIdle() bool { + return true + } + ++func (s *Server) ExportAllConnsByState() map[ConnState]int { ++ states := map[ConnState]int{} ++ s.mu.Lock() ++ defer s.mu.Unlock() ++ for c := range s.activeConn { ++ st, _ := c.getState() ++ states[st] += 1 ++ } ++ return states ++} ++ + func (r *Request) WithT(t *testing.T) *Request { + return r.WithContext(context.WithValue(r.Context(), tLogKey{}, t.Logf)) + } +diff --git a/src/net/http/serve_test.go b/src/net/http/serve_test.go +index 5f56932..806272b 100644 +--- a/src/net/http/serve_test.go ++++ b/src/net/http/serve_test.go +@@ -5519,16 +5519,23 @@ func TestServerSetKeepAlivesEnabledClosesConns(t *testing.T) { + } + } + +-func TestServerShutdown_h1(t *testing.T) { testServerShutdown(t, h1Mode) } +-func TestServerShutdown_h2(t *testing.T) { testServerShutdown(t, h2Mode) } ++func TestServerShutdown_h1(t *testing.T) { ++ testServerShutdown(t, h1Mode) ++} ++func TestServerShutdown_h2(t *testing.T) { ++ testServerShutdown(t, h2Mode) ++} + + func testServerShutdown(t *testing.T, h2 bool) { + setParallel(t) + defer afterTest(t) + var doShutdown func() // set later ++ var doStateCount func() + var shutdownRes = make(chan error, 1) ++ var statesRes = make(chan map[ConnState]int, 1) + var gotOnShutdown = make(chan struct{}, 1) + handler := HandlerFunc(func(w ResponseWriter, r *Request) { ++ doStateCount() + go doShutdown() + // Shutdown is graceful, so it should not interrupt + // this in-flight response. Add a tiny sleep here to +@@ -5545,6 +5552,9 @@ func testServerShutdown(t *testing.T, h2 bool) { + doShutdown = func() { + shutdownRes <- cst.ts.Config.Shutdown(context.Background()) + } ++ doStateCount = func() { ++ statesRes <- cst.ts.Config.ExportAllConnsByState() ++ } + get(t, cst.c, cst.ts.URL) // calls t.Fail on failure + + if err := <-shutdownRes; err != nil { +@@ -5556,6 +5566,10 @@ func testServerShutdown(t *testing.T, h2 bool) { + t.Errorf("onShutdown callback not called, RegisterOnShutdown broken?") + } + ++ if states := <-statesRes; states[StateActive] != 1 { ++ t.Errorf("connection in wrong state, %v", states) ++ } ++ + res, err := cst.c.Get(cst.ts.URL) + if err == nil { + res.Body.Close() +diff --git a/src/net/http/server.go b/src/net/http/server.go +index d41b5f6..14a6336 100644 +--- a/src/net/http/server.go ++++ b/src/net/http/server.go +@@ -324,7 +324,7 @@ func (c *conn) hijackLocked() (rwc net.Conn, buf *bufio.ReadWriter, err error) { + return nil, nil, fmt.Errorf("unexpected Peek failure reading buffered byte: %v", err) + } + } +- c.setState(rwc, StateHijacked) ++ c.setState(rwc, StateHijacked, runHooks) + return + } + +@@ -1737,7 +1737,12 @@ func validNextProto(proto string) bool { + return true + } + +-func (c *conn) setState(nc net.Conn, state ConnState) { ++const ( ++ runHooks = true ++ skipHooks = false ++) ++ ++func (c *conn) setState(nc net.Conn, state ConnState, runHook bool) { + srv := c.server + switch state { + case StateNew: +@@ -1750,6 +1755,9 @@ func (c *conn) setState(nc net.Conn, state ConnState) { + } + packedState := uint64(time.Now().Unix()<<8) | uint64(state) + atomic.StoreUint64(&c.curState.atomic, packedState) ++ if !runHook { ++ return ++ } + if hook := srv.ConnState; hook != nil { + hook(nc, state) + } +@@ -1803,7 +1811,7 @@ func (c *conn) serve(ctx context.Context) { + } + if !c.hijacked() { + c.close() +- c.setState(c.rwc, StateClosed) ++ c.setState(c.rwc, StateClosed, runHooks) + } + }() + +@@ -1831,6 +1839,10 @@ func (c *conn) serve(ctx context.Context) { + if proto := c.tlsState.NegotiatedProtocol; validNextProto(proto) { + if fn := c.server.TLSNextProto[proto]; fn != nil { + h := initALPNRequest{ctx, tlsConn, serverHandler{c.server}} ++ // Mark freshly created HTTP/2 as active and prevent any server state hooks ++ // from being run on these connections. This prevents closeIdleConns from ++ // closing such connections. See issue https://golang.org/issue/39776. ++ c.setState(c.rwc, StateActive, skipHooks) + fn(c.server, tlsConn, h) + } + return +@@ -1851,7 +1863,7 @@ func (c *conn) serve(ctx context.Context) { + w, err := c.readRequest(ctx) + if c.r.remain != c.server.initialReadLimitSize() { + // If we read any bytes off the wire, we're active. +- c.setState(c.rwc, StateActive) ++ c.setState(c.rwc, StateActive, runHooks) + } + if err != nil { + const errorHeaders = "\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\n" +@@ -1934,7 +1946,7 @@ func (c *conn) serve(ctx context.Context) { + } + return + } +- c.setState(c.rwc, StateIdle) ++ c.setState(c.rwc, StateIdle, runHooks) + c.curReq.Store((*response)(nil)) + + if !w.conn.server.doKeepAlives() { +@@ -2965,7 +2977,7 @@ func (srv *Server) Serve(l net.Listener) error { + } + tempDelay = 0 + c := srv.newConn(rw) +- c.setState(c.rwc, StateNew) // before Serve can return ++ c.setState(c.rwc, StateNew, runHooks) // before Serve can return + go c.serve(connCtx) + } + } diff --git a/ppc64le_fix_missing_deferreturn.patch b/ppc64le_fix_missing_deferreturn.patch new file mode 100644 index 0000000..8dc47b6 --- /dev/null +++ b/ppc64le_fix_missing_deferreturn.patch @@ -0,0 +1,178 @@ +From 457c3cea934db4b8883c9b932912367e02170a61 Mon Sep 17 00:00:00 2001 +From: Cherry Zhang +Date: Fri, 03 Jul 2020 14:28:15 -0400 +Subject: [PATCH] [release-branch.go1.14] cmd/link: detect trampoline of deferreturn call + +This is a backport of CL 234105. This is not a clean cherry-pick, +as CL 234105 is for the new linker, whereas we still use the old +linker here. This CL backports the logic. + +The runtime needs to find the PC of the deferreturn call in a few +places. So for functions that have defer, we record the PC of +deferreturn call in its funcdata. + +For very large binaries, the deferreturn call could be made +through a trampoline. The current code of finding deferreturn PC +fails in this case. This CL handles the trampoline as well. + +Fixes #39991. +Updates #39049. + +Change-Id: I929be54d6ae436f5294013793217dc2a35f080d4 +Reviewed-on: https://go-review.googlesource.com/c/go/+/234105 +Run-TryBot: Cherry Zhang +TryBot-Result: Gobot Gobot +Reviewed-by: Jeremy Faller +Reviewed-by: Than McIntosh +--- + +diff --git a/src/cmd/link/internal/arm/asm.go b/src/cmd/link/internal/arm/asm.go +index f2fb654..c4f529a 100644 +--- a/src/cmd/link/internal/arm/asm.go ++++ b/src/cmd/link/internal/arm/asm.go +@@ -470,8 +470,12 @@ + offset := (signext24(r.Add&0xffffff) + 2) * 4 + var tramp *sym.Symbol + for i := 0; ; i++ { +- name := r.Sym.Name + fmt.Sprintf("%+d-tramp%d", offset, i) ++ oName := r.Sym.Name ++ name := oName + fmt.Sprintf("%+d-tramp%d", offset, i) + tramp = ctxt.Syms.Lookup(name, int(r.Sym.Version)) ++ if oName == "runtime.deferreturn" { ++ tramp.Attr.Set(sym.AttrDeferReturnTramp, true) ++ } + if tramp.Type == sym.SDYNIMPORT { + // don't reuse trampoline defined in other module + continue +diff --git a/src/cmd/link/internal/ld/pcln.go b/src/cmd/link/internal/ld/pcln.go +index 3e8135c..43e1661 100644 +--- a/src/cmd/link/internal/ld/pcln.go ++++ b/src/cmd/link/internal/ld/pcln.go +@@ -276,7 +276,7 @@ + // set the resumption point to PC_B. + lastWasmAddr = uint32(r.Add) + } +- if r.Type.IsDirectCall() && r.Sym != nil && r.Sym.Name == "runtime.deferreturn" { ++ if r.Type.IsDirectCall() && r.Sym != nil && (r.Sym.Name == "runtime.deferreturn" || r.Sym.Attr.DeferReturnTramp()) { + if ctxt.Arch.Family == sys.Wasm { + deferreturn = lastWasmAddr - 1 + } else { +diff --git a/src/cmd/link/internal/ppc64/asm.go b/src/cmd/link/internal/ppc64/asm.go +index 9fbcff5..e84689d 100644 +--- a/src/cmd/link/internal/ppc64/asm.go ++++ b/src/cmd/link/internal/ppc64/asm.go +@@ -667,7 +667,8 @@ + // target is at some offset within the function. Calls to duff+8 and duff+256 must appear as + // distinct trampolines. + +- name := r.Sym.Name ++ oName := r.Sym.Name ++ name := oName + if r.Add == 0 { + name = name + fmt.Sprintf("-tramp%d", i) + } else { +@@ -677,6 +678,9 @@ + // Look up the trampoline in case it already exists + + tramp = ctxt.Syms.Lookup(name, int(r.Sym.Version)) ++ if oName == "runtime.deferreturn" { ++ tramp.Attr.Set(sym.AttrDeferReturnTramp, true) ++ } + if tramp.Value == 0 { + break + } +diff --git a/src/cmd/link/internal/sym/attribute.go b/src/cmd/link/internal/sym/attribute.go +index 4b69bf3..773b6a4 100644 +--- a/src/cmd/link/internal/sym/attribute.go ++++ b/src/cmd/link/internal/sym/attribute.go +@@ -81,7 +81,10 @@ + // AttrReadOnly indicates whether the symbol's content (Symbol.P) is backed by + // read-only memory. + AttrReadOnly +- // 19 attributes defined so far. ++ // AttrDeferReturnTramp indicates the symbol is a trampoline of a deferreturn ++ // call. ++ AttrDeferReturnTramp ++ // 20 attributes defined so far. + ) + + func (a Attribute) DuplicateOK() bool { return a&AttrDuplicateOK != 0 } +@@ -103,6 +106,7 @@ + func (a Attribute) Container() bool { return a&AttrContainer != 0 } + func (a Attribute) TopFrame() bool { return a&AttrTopFrame != 0 } + func (a Attribute) ReadOnly() bool { return a&AttrReadOnly != 0 } ++func (a Attribute) DeferReturnTramp() bool { return a&AttrDeferReturnTramp != 0 } + + func (a Attribute) CgoExport() bool { + return a.CgoExportDynamic() || a.CgoExportStatic() +diff --git a/src/cmd/link/link_test.go b/src/cmd/link/link_test.go +index 4f792bd..f5efb51 100644 +--- a/src/cmd/link/link_test.go ++++ b/src/cmd/link/link_test.go +@@ -447,3 +447,66 @@ + t.Errorf("unexpected output:\n%s", out) + } + } ++ ++const testTrampSrc = ` ++package main ++import "fmt" ++func main() { ++ fmt.Println("hello") ++ ++ defer func(){ ++ if e := recover(); e == nil { ++ panic("did not panic") ++ } ++ }() ++ f1() ++} ++ ++// Test deferreturn trampolines. See issue #39049. ++func f1() { defer f2() } ++func f2() { panic("XXX") } ++` ++ ++func TestTrampoline(t *testing.T) { ++ // Test that trampoline insertion works as expected. ++ // For stress test, we set -debugtramp=2 flag, which sets a very low ++ // threshold for trampoline generation, and essentially all cross-package ++ // calls will use trampolines. ++ switch runtime.GOARCH { ++ case "arm", "ppc64", "ppc64le": ++ default: ++ t.Skipf("trampoline insertion is not implemented on %s", runtime.GOARCH) ++ } ++ if runtime.GOOS == "aix" { ++ t.Skip("trampolines on AIX doesn't work in Go 1.14") // fixed in Go 1.15 ++ } ++ ++ testenv.MustHaveGoBuild(t) ++ ++ tmpdir, err := ioutil.TempDir("", "TestTrampoline") ++ if err != nil { ++ t.Fatal(err) ++ } ++ defer os.RemoveAll(tmpdir) ++ ++ src := filepath.Join(tmpdir, "hello.go") ++ err = ioutil.WriteFile(src, []byte(testTrampSrc), 0666) ++ if err != nil { ++ t.Fatal(err) ++ } ++ exe := filepath.Join(tmpdir, "hello.exe") ++ ++ cmd := exec.Command(testenv.GoToolPath(t), "build", "-ldflags=-debugtramp=2", "-o", exe, src) ++ out, err := cmd.CombinedOutput() ++ if err != nil { ++ t.Fatalf("build failed: %v\n%s", err, out) ++ } ++ cmd = exec.Command(exe) ++ out, err = cmd.CombinedOutput() ++ if err != nil { ++ t.Errorf("executable failed to run: %v\n%s", err, out) ++ } ++ if string(out) != "hello\n" { ++ t.Errorf("unexpected output:\n%s", out) ++ } ++} diff --git a/0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch b/s390x-expose-IfInfomsg-X__ifi_pad.patch similarity index 69% rename from 0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch rename to s390x-expose-IfInfomsg-X__ifi_pad.patch index 072440d..ec53077 100644 --- a/0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch +++ b/s390x-expose-IfInfomsg-X__ifi_pad.patch @@ -1,7 +1,7 @@ -From 817407fc2d6a861e65086388766f58082d38bc0b Mon Sep 17 00:00:00 2001 +From 84b8c9ceaa5257f7ff4ab059ff208246ecdfe9d9 Mon Sep 17 00:00:00 2001 From: Michael Munday Date: Tue, 17 Jan 2017 11:33:38 -0500 -Subject: [PATCH 2/3] syscall: expose IfInfomsg.X__ifi_pad on s390x +Subject: [PATCH] syscall: expose IfInfomsg.X__ifi_pad on s390x Exposing this field on s390x improves compatibility with the other linux architectures, all of which already expose it. @@ -10,14 +10,12 @@ Fixes #18628 and updates #18632. Change-Id: I08e8e1eb705f898cd8822f8bee0d61ce11d514b5 --- - src/syscall/ztypes_linux_s390x.go | 12 ++++++------ - 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/syscall/ztypes_linux_s390x.go b/src/syscall/ztypes_linux_s390x.go -index 63c4a83b19..b5894255df 100644 +index 63c4a83..b589425 100644 --- a/src/syscall/ztypes_linux_s390x.go +++ b/src/syscall/ztypes_linux_s390x.go -@@ -449,12 +449,12 @@ type RtAttr struct { +@@ -449,12 +449,12 @@ } type IfInfomsg struct { @@ -36,6 +34,3 @@ index 63c4a83b19..b5894255df 100644 } type IfAddrmsg struct { --- -2.14.3 - diff --git a/sources b/sources index 5527024..0cfb9eb 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (go1.15.4.src.tar.gz) = 84fc687806d7904be0afcdfb4f45a74b4b45820c5c79b21b0c82cd51d07f3f8ae37e7f80730a411b96bdcf7f635b473ab0233c1bce977d2cf307d9a63aeb3df5 +5c2f08a6dd3c90948aa383e7adb5c39b go-go-1.15.2-1-openssl-fips.tar.gz