From 6ef61b11fb02480e924ed8722bfa04fa8440c5d5 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Wed, 24 Apr 2024 04:38:30 +0000
Subject: [PATCH] import UBI golang-1.20.12-4.el9_3

---
 .gitignore        |  2 +-
 .golang.metadata  |  2 +-
 SPECS/golang.spec | 23 ++++++++++++++++++-----
 3 files changed, 20 insertions(+), 7 deletions(-)

diff --git a/.gitignore b/.gitignore
index 064d926..cfa204d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,2 @@
-SOURCES/go1.20.12-1-openssl-fips.tar.gz
+SOURCES/go1.20.12-2-openssl-fips.tar.gz
 SOURCES/go1.20.12.tar.gz
diff --git a/.golang.metadata b/.golang.metadata
index 7fa7699..07c4ff0 100644
--- a/.golang.metadata
+++ b/.golang.metadata
@@ -1,2 +1,2 @@
-551cf7aae2d428bb376cf2b8d56443ab2ee7d133 SOURCES/go1.20.12-1-openssl-fips.tar.gz
+f57205df5fc5d2e0392ca39c795c6d60d22f0c80 SOURCES/go1.20.12-2-openssl-fips.tar.gz
 6d5bc127443fc42b1af8d9ba4115abe18554feb7 SOURCES/go1.20.12.tar.gz
diff --git a/SPECS/golang.spec b/SPECS/golang.spec
index 9f63774..4be2065 100644
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@@ -2,6 +2,8 @@
 
 %global bcond_with strict_fips
 
+%global run_fips_test 0
+
 # build ids are not currently generated:
 # https://code.google.com/p/go/issues/detail?id=5238
 #
@@ -95,11 +97,11 @@
 %global go_api 1.20
 %global go_version 1.20.12
 %global version %{go_version}
-%global pkg_release 1
+%global pkg_release 2
 
 Name:           golang
 Version:        %{version}
-Release:        2%{?dist}
+Release:        4%{?dist}
 Summary:        The Go Programming Language
 # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
 License:        BSD and Public Domain
@@ -255,10 +257,10 @@ This is the main package for go-toolset.
 pushd ..
 tar -xf %{SOURCE1}
 popd
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/000-initial-setup.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/001-initial-openssl-for-fips.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/002-strict-fips-runtime-detection.patch
 
+for patch in ../go-go%{version}-%{pkg_release}-openssl-fips/patches/*.patch; do
+  patch -p1 < "${patch}"
+done
 
 # Configure crypto tests
 pushd ../go-go%{version}-%{pkg_release}-openssl-fips
@@ -457,6 +459,7 @@ export GO_TEST_RUN=""
 ./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
 
 # Run tests with FIPS enabled.
+%if %{run_fips_test}
 export GOLANG_FIPS=1
 export OPENSSL_FORCE_FIPS_MODE=1
 pushd crypto
@@ -469,6 +472,7 @@ popd
 pushd crypto/tls
   go test -v -run "Boring"
 popd
+%endif
 %else
 ./run.bash --no-rebuild -v -v -v -k || :
 %endif
@@ -528,6 +532,15 @@ cd ..
 %files -n go-toolset
 
 %changelog
+* Fri Apr 19 2024 David Benoit <dbenoit@redhat.com> - 1.20.12-4
+- Rebuild for z-stream
+- Related: RHEL-28939
+
+* Wed Apr 10 2024 David Benoit <dbenoit@redhat.com> - 1.20.12-3
+- Fix CVE-2023-45288
+- Resolves: RHEL-28939
+- Temporarily disable FIPS tests (RHELBLD-14822)
+
 * Tue Mar 05 2024 David Benoit <dbenoit@redhat.com> - 1.20.12-2
 - Fix CVE-2024-1394
 - Resolves: RHEL-27189