import golang-1.17.7-1.module+el8.6.0+14297+32a15e19
This commit is contained in:
parent
cc55b2ba52
commit
6511984bd9
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
||||
SOURCES/go-go-1.16.7-1-openssl-fips.tar.gz
|
||||
SOURCES/go-go-1.17.7-1-openssl-fips.tar.gz
|
||||
|
@ -1 +1 @@
|
||||
e693273f254789980a55720bd48ac8741d446f21 SOURCES/go-go-1.16.7-1-openssl-fips.tar.gz
|
||||
139fe29f985b3feda50c407d194f1a102352388a SOURCES/go-go-1.17.7-1-openssl-fips.tar.gz
|
||||
|
@ -1,235 +0,0 @@
|
||||
diff --git a/src/crypto/internal/boring/goopenssl.h b/src/crypto/internal/boring/goopenssl.h
|
||||
index 3585458..ae1607b 100644
|
||||
--- a/src/crypto/internal/boring/goopenssl.h
|
||||
+++ b/src/crypto/internal/boring/goopenssl.h
|
||||
@@ -667,6 +667,7 @@ typedef EVP_PKEY GO_EVP_PKEY;
|
||||
DEFINEFUNC(GO_EVP_PKEY *, EVP_PKEY_new, (void), ())
|
||||
DEFINEFUNC(void, EVP_PKEY_free, (GO_EVP_PKEY * arg0), (arg0))
|
||||
DEFINEFUNC(int, EVP_PKEY_set1_RSA, (GO_EVP_PKEY * arg0, GO_RSA *arg1), (arg0, arg1))
|
||||
+DEFINEFUNC(int, EVP_PKEY_set1_EC_KEY, (GO_EVP_PKEY * arg0, GO_EC_KEY *arg1), (arg0, arg1))
|
||||
DEFINEFUNC(int, EVP_PKEY_verify,
|
||||
(EVP_PKEY_CTX *ctx, const unsigned char *sig, unsigned int siglen, const unsigned char *tbs, size_t tbslen),
|
||||
(ctx, sig, siglen, tbs, tbslen))
|
||||
diff --git a/src/crypto/internal/boring/openssl_ecdsa_signature.c b/src/crypto/internal/boring/openssl_ecdsa_signature.c
|
||||
index 4c14cc9..daa1252 100644
|
||||
--- a/src/crypto/internal/boring/openssl_ecdsa_signature.c
|
||||
+++ b/src/crypto/internal/boring/openssl_ecdsa_signature.c
|
||||
@@ -9,19 +9,32 @@
|
||||
int
|
||||
_goboringcrypto_ECDSA_sign(EVP_MD* md, const uint8_t *msg, size_t msgLen, uint8_t *sig, unsigned int *slen, GO_EC_KEY *eckey)
|
||||
{
|
||||
+ int result;
|
||||
EVP_PKEY *key = _goboringcrypto_EVP_PKEY_new();
|
||||
- if (!_goboringcrypto_EVP_PKEY_assign_EC_KEY(key, eckey))
|
||||
- return 0;
|
||||
- return _goboringcrypto_EVP_sign(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+ if (!_goboringcrypto_EVP_PKEY_set1_EC_KEY(key, eckey)) {
|
||||
+ result = 0;
|
||||
+ goto err;
|
||||
+ }
|
||||
+ result = _goboringcrypto_EVP_sign(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+err:
|
||||
+ _goboringcrypto_EVP_PKEY_free(key);
|
||||
+ return result;
|
||||
}
|
||||
|
||||
int
|
||||
_goboringcrypto_ECDSA_verify(EVP_MD* md, const uint8_t *msg, size_t msgLen, const uint8_t *sig, unsigned int slen, GO_EC_KEY *eckey)
|
||||
{
|
||||
|
||||
+ int result;
|
||||
EVP_PKEY *key = _goboringcrypto_EVP_PKEY_new();
|
||||
- if (!_goboringcrypto_EVP_PKEY_assign_EC_KEY(key, eckey))
|
||||
- return 0;
|
||||
+ if (!_goboringcrypto_EVP_PKEY_set1_EC_KEY(key, eckey)) {
|
||||
+ result = 0;
|
||||
+ goto err;
|
||||
+ }
|
||||
|
||||
- return _goboringcrypto_EVP_verify(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+ result = _goboringcrypto_EVP_verify(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+
|
||||
+err:
|
||||
+ _goboringcrypto_EVP_PKEY_free(key);
|
||||
+ return result;
|
||||
}
|
||||
diff --git a/src/crypto/internal/boring/openssl_port_rsa.c b/src/crypto/internal/boring/openssl_port_rsa.c
|
||||
index a8d047d..2e56499 100644
|
||||
--- a/src/crypto/internal/boring/openssl_port_rsa.c
|
||||
+++ b/src/crypto/internal/boring/openssl_port_rsa.c
|
||||
@@ -25,14 +25,13 @@ int _goboringcrypto_RSA_digest_and_sign_pss_mgf1(GO_RSA *rsa, unsigned int *out_
|
||||
EVP_PKEY_CTX *ctx;
|
||||
unsigned int siglen;
|
||||
|
||||
+ int ret = 0;
|
||||
EVP_PKEY *key = _goboringcrypto_EVP_PKEY_new();
|
||||
- if (!_goboringcrypto_EVP_PKEY_assign_RSA(key, rsa))
|
||||
- return 0;
|
||||
+ if (!_goboringcrypto_EVP_PKEY_set1_RSA(key, rsa))
|
||||
+ goto err;
|
||||
ctx = _goboringcrypto_EVP_PKEY_CTX_new(key, NULL /* no engine */);
|
||||
if (!ctx)
|
||||
- return 0;
|
||||
-
|
||||
- int ret = 0;
|
||||
+ goto err;
|
||||
|
||||
EVP_MD_CTX *mdctx = NULL;
|
||||
if (!(mdctx = _goboringcrypto_EVP_MD_CTX_create()))
|
||||
@@ -67,6 +66,10 @@ int _goboringcrypto_RSA_digest_and_sign_pss_mgf1(GO_RSA *rsa, unsigned int *out_
|
||||
err:
|
||||
if (mdctx)
|
||||
_goboringcrypto_EVP_MD_CTX_free(mdctx);
|
||||
+ if (ctx)
|
||||
+ _goboringcrypto_EVP_PKEY_CTX_free(ctx);
|
||||
+ if (key)
|
||||
+ _goboringcrypto_EVP_PKEY_free(key);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -78,18 +81,17 @@ int _goboringcrypto_RSA_sign_pss_mgf1(GO_RSA *rsa, unsigned int *out_len, uint8_
|
||||
EVP_PKEY *pkey;
|
||||
size_t siglen;
|
||||
|
||||
+ int ret = 0;
|
||||
pkey = _goboringcrypto_EVP_PKEY_new();
|
||||
if (!pkey)
|
||||
- return 0;
|
||||
+ goto err;
|
||||
|
||||
if (_goboringcrypto_EVP_PKEY_set1_RSA(pkey, rsa) <= 0)
|
||||
- return 0;
|
||||
-
|
||||
+ goto err;
|
||||
+
|
||||
ctx = _goboringcrypto_EVP_PKEY_CTX_new(pkey, NULL /* no engine */);
|
||||
if (!ctx)
|
||||
- return 0;
|
||||
-
|
||||
- int ret = 0;
|
||||
+ goto err;
|
||||
|
||||
if (_goboringcrypto_EVP_PKEY_sign_init(ctx) <= 0)
|
||||
goto err;
|
||||
@@ -101,7 +103,7 @@ int _goboringcrypto_RSA_sign_pss_mgf1(GO_RSA *rsa, unsigned int *out_len, uint8_
|
||||
goto err;
|
||||
if (_goboringcrypto_EVP_PKEY_CTX_set_rsa_mgf1_md(ctx, mgf1_md) <= 0)
|
||||
goto err;
|
||||
-
|
||||
+
|
||||
/* Determine buffer length */
|
||||
if (_goboringcrypto_EVP_PKEY_sign(ctx, NULL, &siglen, in, in_len) <= 0)
|
||||
goto err;
|
||||
@@ -116,7 +118,10 @@ int _goboringcrypto_RSA_sign_pss_mgf1(GO_RSA *rsa, unsigned int *out_len, uint8_
|
||||
ret = 1;
|
||||
|
||||
err:
|
||||
- _goboringcrypto_EVP_PKEY_CTX_free(ctx);
|
||||
+ if (ctx)
|
||||
+ _goboringcrypto_EVP_PKEY_CTX_free(ctx);
|
||||
+ if (pkey)
|
||||
+ _goboringcrypto_EVP_PKEY_free(pkey);
|
||||
|
||||
return ret;
|
||||
}
|
||||
@@ -130,14 +135,14 @@ int _goboringcrypto_RSA_verify_pss_mgf1(RSA *rsa, const uint8_t *msg, unsigned i
|
||||
|
||||
pkey = _goboringcrypto_EVP_PKEY_new();
|
||||
if (!pkey)
|
||||
- return 0;
|
||||
+ goto err;
|
||||
|
||||
if (_goboringcrypto_EVP_PKEY_set1_RSA(pkey, rsa) <= 0)
|
||||
- return 0;
|
||||
-
|
||||
+ goto err;
|
||||
+
|
||||
ctx = _goboringcrypto_EVP_PKEY_CTX_new(pkey, NULL /* no engine */);
|
||||
if (!ctx)
|
||||
- return 0;
|
||||
+ goto err;
|
||||
|
||||
if (_goboringcrypto_EVP_PKEY_verify_init(ctx) <= 0)
|
||||
goto err;
|
||||
@@ -155,25 +160,40 @@ int _goboringcrypto_RSA_verify_pss_mgf1(RSA *rsa, const uint8_t *msg, unsigned i
|
||||
ret = 1;
|
||||
|
||||
err:
|
||||
- _goboringcrypto_EVP_PKEY_CTX_free(ctx);
|
||||
+ if (ctx)
|
||||
+ _goboringcrypto_EVP_PKEY_CTX_free(ctx);
|
||||
+ if (pkey)
|
||||
+ _goboringcrypto_EVP_PKEY_free(pkey);
|
||||
+
|
||||
|
||||
return ret;
|
||||
}
|
||||
|
||||
int _goboringcrypto_EVP_RSA_sign(EVP_MD *md, const uint8_t *msg, unsigned int msgLen, uint8_t *sig, unsigned int *slen, RSA *rsa)
|
||||
{
|
||||
+ int result;
|
||||
EVP_PKEY *key = _goboringcrypto_EVP_PKEY_new();
|
||||
- if (!_goboringcrypto_EVP_PKEY_assign_RSA(key, rsa))
|
||||
- return 0;
|
||||
- return _goboringcrypto_EVP_sign(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+ if (!_goboringcrypto_EVP_PKEY_set1_RSA(key, rsa)) {
|
||||
+ result = 0;
|
||||
+ goto err;
|
||||
+ }
|
||||
+ result = _goboringcrypto_EVP_sign(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+err:
|
||||
+ _goboringcrypto_EVP_PKEY_free(key);
|
||||
+ return result;
|
||||
}
|
||||
|
||||
int _goboringcrypto_EVP_RSA_verify(EVP_MD *md, const uint8_t *msg, unsigned int msgLen, const uint8_t *sig, unsigned int slen, GO_RSA *rsa)
|
||||
{
|
||||
+ int result;
|
||||
EVP_PKEY *key = _goboringcrypto_EVP_PKEY_new();
|
||||
- if (!_goboringcrypto_EVP_PKEY_assign_RSA(key, rsa))
|
||||
- {
|
||||
- return 0;
|
||||
+ if (!_goboringcrypto_EVP_PKEY_set1_RSA(key, rsa)) {
|
||||
+ result = 0;
|
||||
+ goto err;
|
||||
}
|
||||
- return _goboringcrypto_EVP_verify(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+ result = _goboringcrypto_EVP_verify(md, NULL, msg, msgLen, sig, slen, key);
|
||||
+err:
|
||||
+ _goboringcrypto_EVP_PKEY_free(key);
|
||||
+ return result;
|
||||
+
|
||||
}
|
||||
diff --git a/src/crypto/internal/boring/rsa.go b/src/crypto/internal/boring/rsa.go
|
||||
index 2eefc27..698c08e 100644
|
||||
--- a/src/crypto/internal/boring/rsa.go
|
||||
+++ b/src/crypto/internal/boring/rsa.go
|
||||
@@ -162,12 +162,23 @@ func setupRSA(withKey func(func(*C.GO_RSA) C.int) C.int,
|
||||
return nil, nil, NewOpenSSLError("EVP_PKEY_set_rsa_oaep_md failed")
|
||||
}
|
||||
// ctx takes ownership of label, so malloc a copy for BoringCrypto to free.
|
||||
- clabel := (*C.uint8_t)(C.malloc(C.size_t(len(label))))
|
||||
- if clabel == nil {
|
||||
- return nil, nil, fail("OPENSSL_malloc")
|
||||
+ var clabel *C.uint8_t
|
||||
+ clabel = nil
|
||||
+ // OpenSSL 1.1.1 does not take ownership of the label if the length is zero.
|
||||
+ // Depending on the malloc implementation, if clabel is allocated with malloc(0),
|
||||
+ // metadata for the size-zero allocation is never cleaned up, which is a memory leak.
|
||||
+ // As such, we must only allocate clabel if the label is of non zero length.
|
||||
+ if len(label) > 0 {
|
||||
+ clabel = (*C.uint8_t)(C.malloc(C.size_t(len(label))))
|
||||
+ if clabel == nil {
|
||||
+ return nil, nil, fail("OPENSSL_malloc")
|
||||
+ }
|
||||
+ copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label)
|
||||
}
|
||||
- copy((*[1 << 30]byte)(unsafe.Pointer(clabel))[:len(label)], label)
|
||||
- if C._goboringcrypto_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, clabel, C.int(len(label))) == 0 {
|
||||
+ if C._goboringcrypto_EVP_PKEY_CTX_set0_rsa_oaep_label(ctx, clabel, C.int(len(label))) != 1 {
|
||||
+ if clabel != nil {
|
||||
+ C.free(unsafe.Pointer(clabel))
|
||||
+ }
|
||||
return nil, nil, NewOpenSSLError("EVP_PKEY_CTX_set0_rsa_oaep_label failed")
|
||||
}
|
||||
}
|
@ -1,25 +0,0 @@
|
||||
diff --git a/src/crypto/x509/verify.go b/src/crypto/x509/verify.go
|
||||
index 50f4d4a..121fd1b 100644
|
||||
--- a/src/crypto/x509/verify.go
|
||||
+++ b/src/crypto/x509/verify.go
|
||||
@@ -20,6 +20,9 @@ import (
|
||||
|
||||
// ignoreCN disables interpreting Common Name as a hostname. See issue 24151.
|
||||
var ignoreCN = !strings.Contains(os.Getenv("GODEBUG"), "x509ignoreCN=0")
|
||||
+// if using Common Name as a hostname is enabled via x509ignoreCN=0,
|
||||
+// warnCN enables a warning whenever Common Name is interpreted as a hostname.
|
||||
+var warnCN = strings.Contains(os.Getenv("GODEBUG"), "x509warnCN=1")
|
||||
|
||||
type InvalidReason int
|
||||
|
||||
@@ -1078,6 +1081,10 @@ func (c *Certificate) VerifyHostname(h string) error {
|
||||
names := c.DNSNames
|
||||
if c.commonNameAsHostname() {
|
||||
names = []string{c.Subject.CommonName}
|
||||
+ if warnCN {
|
||||
+ fmt.Fprintf(os.Stderr, "x509: Warning - certificate relies on legacy Common Name field. " +
|
||||
+ "Using CN without SAN is deprecated and will not work in future versions.\n")
|
||||
+ }
|
||||
}
|
||||
|
||||
candidateName := toLowerCaseASCII(h) // Save allocations inside the loop.
|
@ -1,109 +0,0 @@
|
||||
diff --git a/doc/go1.16.html b/doc/go1.16.html
|
||||
index 0beb62d..fc6b668 100644
|
||||
--- a/doc/go1.16.html
|
||||
+++ b/doc/go1.16.html
|
||||
@@ -891,6 +891,14 @@ func TestFoo(t *testing.T) {
|
||||
is missing; this is common on musl-based systems and makes
|
||||
Go programs match the behavior of C programs on those systems.
|
||||
</p>
|
||||
+ <p><!-- CL325829 -->
|
||||
+ The <a href="/pkg/net/#ParseIP"><code>ParseIP</code></a> and <a href="/pkg/net/#ParseCIDR"><code>ParseCIDR</code></a>
|
||||
+ functions now reject IPv4 addresses which contain decimal components with leading zeros.
|
||||
+ These components were always interpreted as decimal, but some operating systems treat them as octal.
|
||||
+ This mismatch could hypothetically lead to security issues if a Go application was used to validate IP addresses
|
||||
+ which were then used in their original form with non-Go applications which interpreted components as octal. Generally,
|
||||
+ it is advisable to always re-encoded values after validation, which avoids this class of parser misalignment issues.
|
||||
+ </p>
|
||||
</dd>
|
||||
</dl><!-- net -->
|
||||
|
||||
diff --git a/src/net/hosts_test.go b/src/net/hosts_test.go
|
||||
index f850e2f..19c4399 100644
|
||||
--- a/src/net/hosts_test.go
|
||||
+++ b/src/net/hosts_test.go
|
||||
@@ -36,7 +36,7 @@ var lookupStaticHostTests = []struct {
|
||||
},
|
||||
},
|
||||
{
|
||||
- "testdata/ipv4-hosts", // see golang.org/issue/8996
|
||||
+ "testdata/ipv4-hosts",
|
||||
[]staticHostEntry{
|
||||
{"localhost", []string{"127.0.0.1", "127.0.0.2", "127.0.0.3"}},
|
||||
{"localhost.localdomain", []string{"127.0.0.3"}},
|
||||
@@ -102,7 +102,7 @@ var lookupStaticAddrTests = []struct {
|
||||
},
|
||||
},
|
||||
{
|
||||
- "testdata/ipv4-hosts", // see golang.org/issue/8996
|
||||
+ "testdata/ipv4-hosts",
|
||||
[]staticHostEntry{
|
||||
{"127.0.0.1", []string{"localhost"}},
|
||||
{"127.0.0.2", []string{"localhost"}},
|
||||
diff --git a/src/net/ip.go b/src/net/ip.go
|
||||
index c00fe8e..007f3f7 100644
|
||||
--- a/src/net/ip.go
|
||||
+++ b/src/net/ip.go
|
||||
@@ -552,6 +552,10 @@ func parseIPv4(s string) IP {
|
||||
if !ok || n > 0xFF {
|
||||
return nil
|
||||
}
|
||||
+ if c > 1 && s[0] == '0' {
|
||||
+ // Reject non-zero components with leading zeroes.
|
||||
+ return nil
|
||||
+ }
|
||||
s = s[c:]
|
||||
p[i] = byte(n)
|
||||
}
|
||||
diff --git a/src/net/ip_test.go b/src/net/ip_test.go
|
||||
index a5fc5e6..585381d 100644
|
||||
--- a/src/net/ip_test.go
|
||||
+++ b/src/net/ip_test.go
|
||||
@@ -20,9 +20,7 @@ var parseIPTests = []struct {
|
||||
}{
|
||||
{"127.0.1.2", IPv4(127, 0, 1, 2)},
|
||||
{"127.0.0.1", IPv4(127, 0, 0, 1)},
|
||||
- {"127.001.002.003", IPv4(127, 1, 2, 3)},
|
||||
{"::ffff:127.1.2.3", IPv4(127, 1, 2, 3)},
|
||||
- {"::ffff:127.001.002.003", IPv4(127, 1, 2, 3)},
|
||||
{"::ffff:7f01:0203", IPv4(127, 1, 2, 3)},
|
||||
{"0:0:0:0:0000:ffff:127.1.2.3", IPv4(127, 1, 2, 3)},
|
||||
{"0:0:0:0:000000:ffff:127.1.2.3", IPv4(127, 1, 2, 3)},
|
||||
@@ -42,6 +40,11 @@ var parseIPTests = []struct {
|
||||
{"fe80::1%911", nil},
|
||||
{"", nil},
|
||||
{"a1:a2:a3:a4::b1:b2:b3:b4", nil}, // Issue 6628
|
||||
+ {"127.001.002.003", nil},
|
||||
+ {"::ffff:127.001.002.003", nil},
|
||||
+ {"123.000.000.000", nil},
|
||||
+ {"1.2..4", nil},
|
||||
+ {"0123.0.0.1", nil},
|
||||
}
|
||||
|
||||
func TestParseIP(t *testing.T) {
|
||||
@@ -357,6 +360,7 @@ var parseCIDRTests = []struct {
|
||||
{"0.0.-2.0/32", nil, nil, &ParseError{Type: "CIDR address", Text: "0.0.-2.0/32"}},
|
||||
{"0.0.0.-3/32", nil, nil, &ParseError{Type: "CIDR address", Text: "0.0.0.-3/32"}},
|
||||
{"0.0.0.0/-0", nil, nil, &ParseError{Type: "CIDR address", Text: "0.0.0.0/-0"}},
|
||||
+ {"127.000.000.001/32", nil, nil, &ParseError{Type: "CIDR address", Text: "127.000.000.001/32"}},
|
||||
{"", nil, nil, &ParseError{Type: "CIDR address", Text: ""}},
|
||||
}
|
||||
|
||||
diff --git a/src/net/testdata/ipv4-hosts b/src/net/testdata/ipv4-hosts
|
||||
index 5208bb4..6b99675 100644
|
||||
--- a/src/net/testdata/ipv4-hosts
|
||||
+++ b/src/net/testdata/ipv4-hosts
|
||||
@@ -1,12 +1,8 @@
|
||||
# See https://tools.ietf.org/html/rfc1123.
|
||||
-#
|
||||
-# The literal IPv4 address parser in the net package is a relaxed
|
||||
-# one. It may accept a literal IPv4 address in dotted-decimal notation
|
||||
-# with leading zeros such as "001.2.003.4".
|
||||
|
||||
# internet address and host name
|
||||
127.0.0.1 localhost # inline comment separated by tab
|
||||
-127.000.000.002 localhost # inline comment separated by space
|
||||
+127.0.0.2 localhost # inline comment separated by space
|
||||
|
||||
# internet address, host name and aliases
|
||||
-127.000.000.003 localhost localhost.localdomain
|
||||
+127.0.0.3 localhost localhost.localdomain
|
151
SOURCES/remove_waitgroup_misuse_tests.patch
Normal file
151
SOURCES/remove_waitgroup_misuse_tests.patch
Normal file
@ -0,0 +1,151 @@
|
||||
diff --git a/src/sync/waitgroup_test.go b/src/sync/waitgroup_test.go
|
||||
index c569e0faa2eb..4ded218d2d8d 100644
|
||||
--- a/src/sync/waitgroup_test.go
|
||||
+++ b/src/sync/waitgroup_test.go
|
||||
@@ -5,8 +5,6 @@
|
||||
package sync_test
|
||||
|
||||
import (
|
||||
- "internal/race"
|
||||
- "runtime"
|
||||
. "sync"
|
||||
"sync/atomic"
|
||||
"testing"
|
||||
@@ -48,12 +46,6 @@ func TestWaitGroup(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
-func knownRacy(t *testing.T) {
|
||||
- if race.Enabled {
|
||||
- t.Skip("skipping known-racy test under the race detector")
|
||||
- }
|
||||
-}
|
||||
-
|
||||
func TestWaitGroupMisuse(t *testing.T) {
|
||||
defer func() {
|
||||
err := recover()
|
||||
@@ -68,124 +60,6 @@ func TestWaitGroupMisuse(t *testing.T) {
|
||||
t.Fatal("Should panic")
|
||||
}
|
||||
|
||||
-// pollUntilEqual blocks until v, loaded atomically, is
|
||||
-// equal to the target.
|
||||
-func pollUntilEqual(v *uint32, target uint32) {
|
||||
- for {
|
||||
- for i := 0; i < 1e3; i++ {
|
||||
- if atomic.LoadUint32(v) == target {
|
||||
- return
|
||||
- }
|
||||
- }
|
||||
- // yield to avoid deadlock with the garbage collector
|
||||
- // see issue #20072
|
||||
- runtime.Gosched()
|
||||
- }
|
||||
-}
|
||||
-
|
||||
-func TestWaitGroupMisuse2(t *testing.T) {
|
||||
- knownRacy(t)
|
||||
- if runtime.NumCPU() <= 4 {
|
||||
- t.Skip("NumCPU<=4, skipping: this test requires parallelism")
|
||||
- }
|
||||
- defer func() {
|
||||
- err := recover()
|
||||
- if err != "sync: negative WaitGroup counter" &&
|
||||
- err != "sync: WaitGroup misuse: Add called concurrently with Wait" &&
|
||||
- err != "sync: WaitGroup is reused before previous Wait has returned" {
|
||||
- t.Fatalf("Unexpected panic: %#v", err)
|
||||
- }
|
||||
- }()
|
||||
- defer runtime.GOMAXPROCS(runtime.GOMAXPROCS(4))
|
||||
- done := make(chan interface{}, 2)
|
||||
- // The detection is opportunistic, so we want it to panic
|
||||
- // at least in one run out of a million.
|
||||
- for i := 0; i < 1e6; i++ {
|
||||
- var wg WaitGroup
|
||||
- var here uint32
|
||||
- wg.Add(1)
|
||||
- go func() {
|
||||
- defer func() {
|
||||
- done <- recover()
|
||||
- }()
|
||||
- atomic.AddUint32(&here, 1)
|
||||
- pollUntilEqual(&here, 3)
|
||||
- wg.Wait()
|
||||
- }()
|
||||
- go func() {
|
||||
- defer func() {
|
||||
- done <- recover()
|
||||
- }()
|
||||
- atomic.AddUint32(&here, 1)
|
||||
- pollUntilEqual(&here, 3)
|
||||
- wg.Add(1) // This is the bad guy.
|
||||
- wg.Done()
|
||||
- }()
|
||||
- atomic.AddUint32(&here, 1)
|
||||
- pollUntilEqual(&here, 3)
|
||||
- wg.Done()
|
||||
- for j := 0; j < 2; j++ {
|
||||
- if err := <-done; err != nil {
|
||||
- panic(err)
|
||||
- }
|
||||
- }
|
||||
- }
|
||||
- t.Fatal("Should panic")
|
||||
-}
|
||||
-
|
||||
-func TestWaitGroupMisuse3(t *testing.T) {
|
||||
- knownRacy(t)
|
||||
- if runtime.NumCPU() <= 1 {
|
||||
- t.Skip("NumCPU==1, skipping: this test requires parallelism")
|
||||
- }
|
||||
- defer func() {
|
||||
- err := recover()
|
||||
- if err != "sync: negative WaitGroup counter" &&
|
||||
- err != "sync: WaitGroup misuse: Add called concurrently with Wait" &&
|
||||
- err != "sync: WaitGroup is reused before previous Wait has returned" {
|
||||
- t.Fatalf("Unexpected panic: %#v", err)
|
||||
- }
|
||||
- }()
|
||||
- defer runtime.GOMAXPROCS(runtime.GOMAXPROCS(4))
|
||||
- done := make(chan interface{}, 3)
|
||||
- // The detection is opportunistically, so we want it to panic
|
||||
- // at least in one run out of a million.
|
||||
- for i := 0; i < 1e6; i++ {
|
||||
- var wg WaitGroup
|
||||
- wg.Add(1)
|
||||
- go func() {
|
||||
- defer func() {
|
||||
- done <- recover()
|
||||
- }()
|
||||
- wg.Done()
|
||||
- }()
|
||||
- go func() {
|
||||
- defer func() {
|
||||
- done <- recover()
|
||||
- }()
|
||||
- wg.Wait()
|
||||
- // Start reusing the wg before waiting for the Wait below to return.
|
||||
- wg.Add(1)
|
||||
- go func() {
|
||||
- wg.Done()
|
||||
- }()
|
||||
- wg.Wait()
|
||||
- }()
|
||||
- go func() {
|
||||
- defer func() {
|
||||
- done <- recover()
|
||||
- }()
|
||||
- wg.Wait()
|
||||
- }()
|
||||
- for j := 0; j < 3; j++ {
|
||||
- if err := <-done; err != nil {
|
||||
- panic(err)
|
||||
- }
|
||||
- }
|
||||
- }
|
||||
- t.Fatal("Should panic")
|
||||
-}
|
||||
-
|
||||
func TestWaitGroupRace(t *testing.T) {
|
||||
// Run this test for about 1ms.
|
||||
for i := 0; i < 1000; i++ {
|
@ -95,8 +95,8 @@
|
||||
%global gohostarch s390x
|
||||
%endif
|
||||
|
||||
%global go_api 1.16
|
||||
%global go_version 1.16.7
|
||||
%global go_api 1.17
|
||||
%global go_version 1.17.7
|
||||
%global pkg_release 1
|
||||
|
||||
Name: golang
|
||||
@ -140,20 +140,12 @@ Patch215: go1.5-zoneinfo_testing_only.patch
|
||||
# Proposed patch by jcajka https://golang.org/cl/86541
|
||||
Patch221: fix_TestScript_list_std.patch
|
||||
|
||||
# Add an env var to optionally trigger a warning in x509 when
|
||||
# Common Name is used as hostname
|
||||
# rhbz#1889437
|
||||
Patch223: golang-1.15-warnCN.patch
|
||||
|
||||
# Fix incorrect parsing of extraneous zeros in net/ip
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1993316
|
||||
# https://go-review.googlesource.com/c/go/+/325829
|
||||
Patch1993316: reject-leading-zeros.patch
|
||||
|
||||
Patch1939923: skip_test_rhbz1939923.patch
|
||||
|
||||
# Fix FIPS mode memory leaks
|
||||
Patch1951877: fix-crypto-memory-leaks.patch
|
||||
# These tests has been removed upstream due to
|
||||
# nondeterministic flakiness
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=2028662
|
||||
Patch2028662: remove_waitgroup_misuse_tests.patch
|
||||
|
||||
# Having documentation separate was broken
|
||||
Obsoletes: %{name}-docs < 1.1-4
|
||||
@ -248,14 +240,9 @@ Requires: %{name} = %{version}-%{release}
|
||||
|
||||
%patch221 -p1
|
||||
|
||||
%patch223 -p1
|
||||
|
||||
%patch1939923 -p1
|
||||
|
||||
%patch1993316 -p1
|
||||
|
||||
%patch1951877 -p1
|
||||
|
||||
%patch2028662 -p1
|
||||
|
||||
cp %{SOURCE1} ./src/runtime/
|
||||
|
||||
@ -326,7 +313,7 @@ rm -rf pkg/bootstrap/bin
|
||||
|
||||
# install everything into libdir (until symlink problems are fixed)
|
||||
# https://code.google.com/p/go/issues/detail?id=5830
|
||||
cp -apv api bin doc favicon.ico lib pkg robots.txt src misc test VERSION \
|
||||
cp -apv api bin doc lib pkg src misc test VERSION \
|
||||
$RPM_BUILD_ROOT%{goroot}
|
||||
|
||||
# bz1099206
|
||||
@ -414,6 +401,9 @@ cp -av %{SOURCE100} $RPM_BUILD_ROOT%{_sysconfdir}/gdbinit.d/golang.gdb
|
||||
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/prelink.conf.d
|
||||
cp -av %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/prelink.conf.d/golang.conf
|
||||
|
||||
# Quick fix for the rhbz#2014704
|
||||
sed -i 's/const defaultGO_LDSO = `.*`/const defaultGO_LDSO = ``/' $RPM_BUILD_ROOT%{goroot}/src/internal/buildcfg/zbootstrap.go
|
||||
|
||||
%check
|
||||
export GOROOT=$(pwd -P)
|
||||
export PATH="$GOROOT"/bin:"$PATH"
|
||||
@ -448,19 +438,23 @@ export GO_TEST_RUN=""
|
||||
|
||||
%if %{fail_on_tests}
|
||||
|
||||
./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
|
||||
# TestEd25519Vectors needs network connectivity but it should be cover by
|
||||
# this test https://pkgs.devel.redhat.com/cgit/tests/golang/tree/Regression/internal-testsuite/runtest.sh#n127
|
||||
export DISABLE_Ed25519_TEST="-run=!^TestEd25519Vectors$"
|
||||
|
||||
./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN $DISABLE_Ed25519_TEST
|
||||
|
||||
# Run tests with FIPS enabled.
|
||||
export GOLANG_FIPS=1
|
||||
pushd crypto
|
||||
# Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
|
||||
go test $(go list ./... | grep -v tls) -v
|
||||
go test $(go list ./... | grep -v tls) -v $DISABLE_Ed25519_TEST
|
||||
# Check that signature functions have parity between boring and notboring
|
||||
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
|
||||
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v $DISABLE_Ed25519_TEST
|
||||
popd
|
||||
# Run all FIPS specific TLS tests
|
||||
pushd crypto/tls
|
||||
go test -v -run "Boring"
|
||||
go test -v -run "Boring" $DISABLE_Ed25519_TEST
|
||||
popd
|
||||
%else
|
||||
./run.bash --no-rebuild -v -v -v -k || :
|
||||
@ -523,6 +517,37 @@ cd ..
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Feb 17 2022 David Benoit <dbenoit@redhat.com> - 1.17.7-1
|
||||
- Rebase to Go 1.17.7
|
||||
- Remove fips memory leak patch (fixed in tree)
|
||||
- Resolves: rhbz#2015930
|
||||
|
||||
* Fri Dec 10 2021 David Benoit <dbenoit@redhat.com> - 1.17.5-1
|
||||
- Rebase to Go 1.17.5
|
||||
- Remove vdso_s390x_gettime patch
|
||||
- Resolves: rhbz#2031112
|
||||
- Related: rhbz#2028570
|
||||
|
||||
* Fri Dec 03 2021 David Benoit <dbenoit@redhat.com> - 1.17.4-1
|
||||
- Rebase Go to 1.17.4
|
||||
- Add remove_waitgroup_misuse_tests patch
|
||||
- Related: rhbz#2014088
|
||||
- Resolves: rhbz#2028570
|
||||
- Resolves: rhbz#2022828
|
||||
- Resolves: rhbz#2024686
|
||||
- Resolves: rhbz#2028662
|
||||
|
||||
* Wed Oct 27 2021 Alejandro Sáez <asm@redhat.com> - 1.17.2-2
|
||||
- Resolves: rhbz#2014704
|
||||
|
||||
* Tue Oct 12 2021 Alejandro Sáez <asm@redhat.com> - 1.17.2-1
|
||||
- Rebase to Go 1.17.2
|
||||
- Related: rhbz#2014088
|
||||
- Remove golang-1.15-warnCN.patch
|
||||
- Remove reject-leading-zeros.patch
|
||||
- Remove favicon.ico and robots.txt references
|
||||
- Exclude TestEd25519Vectors test
|
||||
|
||||
* Tue Aug 17 2021 David Benoit <dbenoit@redhat.com> - 1.16.7-1
|
||||
- Rebase to Go 1.16.7
|
||||
- Resolves: rhbz#1994079
|
||||
|
Loading…
Reference in New Issue
Block a user