diff --git a/.gitignore b/.gitignore index 7a7dfeb..f64db63 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1,3 @@ SOURCES/compiler-rt-18.1.8.src.tar.xz -SOURCES/go1.22.5-1-openssl-fips.tar.gz -SOURCES/go1.22.5.tar.gz +SOURCES/go1.23.4-1-openssl-fips.tar.gz +SOURCES/go1.23.4.tar.gz diff --git a/.golang.metadata b/.golang.metadata index 86764e5..9e68745 100644 --- a/.golang.metadata +++ b/.golang.metadata @@ -1,3 +1,3 @@ 6ecbfa5516b60adb4e4e60f991b0d8ddf5aab12a SOURCES/compiler-rt-18.1.8.src.tar.xz -aa46d1a360c3c9e85a2c5b75dfa927d3d4ccf016 SOURCES/go1.22.5-1-openssl-fips.tar.gz -38de97e677498c347fb7350e40a5d61be29973f9 SOURCES/go1.22.5.tar.gz +9b42354f2830d187e2344de3320318bf55a05688 SOURCES/go1.23.4-1-openssl-fips.tar.gz +624687f9c24f3d1ad6b8e20c39c35f792d0f83e6 SOURCES/go1.23.4.tar.gz diff --git a/SOURCES/fix-standard-crypto-panic.patch b/SOURCES/fix-standard-crypto-panic.patch deleted file mode 100644 index bb3a1db..0000000 --- a/SOURCES/fix-standard-crypto-panic.patch +++ /dev/null @@ -1,44 +0,0 @@ -diff --git a/src/crypto/internal/backend/openssl.go b/src/crypto/internal/backend/openssl.go -index 3d3a9a36ee..8dc2d46b52 100644 ---- a/src/crypto/internal/backend/openssl.go -+++ b/src/crypto/internal/backend/openssl.go -@@ -25,6 +25,22 @@ var enabled bool - var knownVersions = [...]string{"3", "1.1", "11", "111", "1.0.2", "1.0.0", "10"} - - func init() { -+ // 0: FIPS opt-out: abort the process if it is enabled and can't be disabled. -+ // 1: FIPS required: abort the process if it is not enabled and can't be enabled. -+ // other values: do not override OpenSSL configured FIPS mode. -+ var fips string -+ if v, ok := syscall.Getenv("GOLANG_FIPS"); ok { -+ fips = v -+ } else if hostFIPSModeEnabled() { -+ // System configuration can only force FIPS mode. -+ fips = "1" -+ } -+ -+ // Use Go standard crypto, do not load openssl -+ if (fips != "1") { -+ return -+ } -+ - version, _ := syscall.Getenv("GO_OPENSSL_VERSION_OVERRIDE") - if version == "" { - var fallbackVersion string -@@ -49,16 +65,6 @@ func init() { - if err := openssl.Init(version); err != nil { - panic("opensslcrypto: can't initialize OpenSSL " + version + ": " + err.Error()) - } -- // 0: FIPS opt-out: abort the process if it is enabled and can't be disabled. -- // 1: FIPS required: abort the process if it is not enabled and can't be enabled. -- // other values: do not override OpenSSL configured FIPS mode. -- var fips string -- if v, ok := syscall.Getenv("GOLANG_FIPS"); ok { -- fips = v -- } else if hostFIPSModeEnabled() { -- // System configuration can only force FIPS mode. -- fips = "1" -- } - switch fips { - case "0": - if openssl.FIPS() { diff --git a/SPECS/golang.spec b/SPECS/golang.spec index e647dfa..3efe041 100644 --- a/SPECS/golang.spec +++ b/SPECS/golang.spec @@ -92,8 +92,8 @@ %global gohostarch s390x %endif -%global go_api 1.22 -%global go_version 1.22.5 +%global go_api 1.23 +%global go_version 1.23.4 %global version %{go_version} %global pkg_release 1 @@ -102,7 +102,7 @@ Name: golang Version: %{version} -Release: 2%{?dist} +Release: 1%{?dist} Summary: The Go Programming Language # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain License: BSD and Public Domain @@ -154,7 +154,6 @@ Patch1939923: skip_test_rhbz1939923.patch Patch4: modify_go.env.patch Patch6: skip_TestCrashDumpsAllThreads.patch -Patch7: fix-standard-crypto-panic.patch # Having documentation separate was broken Obsoletes: %{name}-docs < 1.1-4 @@ -584,6 +583,16 @@ cd .. %endif %changelog +* Thu Jan 09 2025 David Benoit - 1.23.4-1 +- Update to Go 1.23.4 (fips-1) +- Resolves: RHEL-61048 +- Resolves: RHEL-61223 + +* Wed Oct 23 2024 Archana - 1.23.2-1 +- Rebase to Go1.23.2 +- Remove fix standard crypto panic patch as the source already has changes +- Resolves: RHEL-62392 + * Wed Aug 14 2024 David Benoit - 1.22.5-2 - Rebuild race detector archives from LLVM sources - Add golang-race subpackage