import golang-1.15.7-1.module+el8.4.0+9580+3b0e6c24
This commit is contained in:
parent
96493bbfc5
commit
7061b2ef39
2
.gitignore
vendored
2
.gitignore
vendored
@ -1 +1 @@
|
|||||||
SOURCES/go-go-1.14.4-1-openssl-fips.tar.gz
|
SOURCES/go-go-1.15.7-1-openssl-fips.tar.gz
|
||||||
|
@ -1 +1 @@
|
|||||||
c68072d707cf093fba93bc2d7cda172cd3749120 SOURCES/go-go-1.14.4-1-openssl-fips.tar.gz
|
501d01d764310874ec20f3d7555c70948ef15fb2 SOURCES/go-go-1.15.7-1-openssl-fips.tar.gz
|
||||||
|
25
SOURCES/golang-1.15-warnCN.patch
Normal file
25
SOURCES/golang-1.15-warnCN.patch
Normal file
@ -0,0 +1,25 @@
|
|||||||
|
diff --git a/src/crypto/x509/verify.go b/src/crypto/x509/verify.go
|
||||||
|
index 50f4d4a..121fd1b 100644
|
||||||
|
--- a/src/crypto/x509/verify.go
|
||||||
|
+++ b/src/crypto/x509/verify.go
|
||||||
|
@@ -20,6 +20,9 @@ import (
|
||||||
|
|
||||||
|
// ignoreCN disables interpreting Common Name as a hostname. See issue 24151.
|
||||||
|
var ignoreCN = !strings.Contains(os.Getenv("GODEBUG"), "x509ignoreCN=0")
|
||||||
|
+// if using Common Name as a hostname is enabled via x509ignoreCN=0,
|
||||||
|
+// warnCN enables a warning whenever Common Name is interpreted as a hostname.
|
||||||
|
+var warnCN = strings.Contains(os.Getenv("GODEBUG"), "x509warnCN=1")
|
||||||
|
|
||||||
|
type InvalidReason int
|
||||||
|
|
||||||
|
@@ -1078,6 +1081,10 @@ func (c *Certificate) VerifyHostname(h string) error {
|
||||||
|
names := c.DNSNames
|
||||||
|
if c.commonNameAsHostname() {
|
||||||
|
names = []string{c.Subject.CommonName}
|
||||||
|
+ if warnCN {
|
||||||
|
+ fmt.Fprintf(os.Stderr, "x509: Warning - certificate relies on legacy Common Name field. " +
|
||||||
|
+ "Using CN without SAN is deprecated and will not work in future versions.\n")
|
||||||
|
+ }
|
||||||
|
}
|
||||||
|
|
||||||
|
candidateName := toLowerCaseASCII(h) // Save allocations inside the loop.
|
157
SOURCES/net-http-graceful-shutdown.patch
Normal file
157
SOURCES/net-http-graceful-shutdown.patch
Normal file
@ -0,0 +1,157 @@
|
|||||||
|
diff --git a/src/net/http/export_test.go b/src/net/http/export_test.go
|
||||||
|
index 657ff9d..67a74ae 100644
|
||||||
|
--- a/src/net/http/export_test.go
|
||||||
|
+++ b/src/net/http/export_test.go
|
||||||
|
@@ -274,6 +274,17 @@ func (s *Server) ExportAllConnsIdle() bool {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
+func (s *Server) ExportAllConnsByState() map[ConnState]int {
|
||||||
|
+ states := map[ConnState]int{}
|
||||||
|
+ s.mu.Lock()
|
||||||
|
+ defer s.mu.Unlock()
|
||||||
|
+ for c := range s.activeConn {
|
||||||
|
+ st, _ := c.getState()
|
||||||
|
+ states[st] += 1
|
||||||
|
+ }
|
||||||
|
+ return states
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
func (r *Request) WithT(t *testing.T) *Request {
|
||||||
|
return r.WithContext(context.WithValue(r.Context(), tLogKey{}, t.Logf))
|
||||||
|
}
|
||||||
|
diff --git a/src/net/http/serve_test.go b/src/net/http/serve_test.go
|
||||||
|
index 5f56932..806272b 100644
|
||||||
|
--- a/src/net/http/serve_test.go
|
||||||
|
+++ b/src/net/http/serve_test.go
|
||||||
|
@@ -5519,16 +5519,23 @@ func TestServerSetKeepAlivesEnabledClosesConns(t *testing.T) {
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
-func TestServerShutdown_h1(t *testing.T) { testServerShutdown(t, h1Mode) }
|
||||||
|
-func TestServerShutdown_h2(t *testing.T) { testServerShutdown(t, h2Mode) }
|
||||||
|
+func TestServerShutdown_h1(t *testing.T) {
|
||||||
|
+ testServerShutdown(t, h1Mode)
|
||||||
|
+}
|
||||||
|
+func TestServerShutdown_h2(t *testing.T) {
|
||||||
|
+ testServerShutdown(t, h2Mode)
|
||||||
|
+}
|
||||||
|
|
||||||
|
func testServerShutdown(t *testing.T, h2 bool) {
|
||||||
|
setParallel(t)
|
||||||
|
defer afterTest(t)
|
||||||
|
var doShutdown func() // set later
|
||||||
|
+ var doStateCount func()
|
||||||
|
var shutdownRes = make(chan error, 1)
|
||||||
|
+ var statesRes = make(chan map[ConnState]int, 1)
|
||||||
|
var gotOnShutdown = make(chan struct{}, 1)
|
||||||
|
handler := HandlerFunc(func(w ResponseWriter, r *Request) {
|
||||||
|
+ doStateCount()
|
||||||
|
go doShutdown()
|
||||||
|
// Shutdown is graceful, so it should not interrupt
|
||||||
|
// this in-flight response. Add a tiny sleep here to
|
||||||
|
@@ -5545,6 +5552,9 @@ func testServerShutdown(t *testing.T, h2 bool) {
|
||||||
|
doShutdown = func() {
|
||||||
|
shutdownRes <- cst.ts.Config.Shutdown(context.Background())
|
||||||
|
}
|
||||||
|
+ doStateCount = func() {
|
||||||
|
+ statesRes <- cst.ts.Config.ExportAllConnsByState()
|
||||||
|
+ }
|
||||||
|
get(t, cst.c, cst.ts.URL) // calls t.Fail on failure
|
||||||
|
|
||||||
|
if err := <-shutdownRes; err != nil {
|
||||||
|
@@ -5556,6 +5566,10 @@ func testServerShutdown(t *testing.T, h2 bool) {
|
||||||
|
t.Errorf("onShutdown callback not called, RegisterOnShutdown broken?")
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if states := <-statesRes; states[StateActive] != 1 {
|
||||||
|
+ t.Errorf("connection in wrong state, %v", states)
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
res, err := cst.c.Get(cst.ts.URL)
|
||||||
|
if err == nil {
|
||||||
|
res.Body.Close()
|
||||||
|
diff --git a/src/net/http/server.go b/src/net/http/server.go
|
||||||
|
index d41b5f6..14a6336 100644
|
||||||
|
--- a/src/net/http/server.go
|
||||||
|
+++ b/src/net/http/server.go
|
||||||
|
@@ -324,7 +324,7 @@ func (c *conn) hijackLocked() (rwc net.Conn, buf *bufio.ReadWriter, err error) {
|
||||||
|
return nil, nil, fmt.Errorf("unexpected Peek failure reading buffered byte: %v", err)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- c.setState(rwc, StateHijacked)
|
||||||
|
+ c.setState(rwc, StateHijacked, runHooks)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1737,7 +1737,12 @@ func validNextProto(proto string) bool {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
|
||||||
|
-func (c *conn) setState(nc net.Conn, state ConnState) {
|
||||||
|
+const (
|
||||||
|
+ runHooks = true
|
||||||
|
+ skipHooks = false
|
||||||
|
+)
|
||||||
|
+
|
||||||
|
+func (c *conn) setState(nc net.Conn, state ConnState, runHook bool) {
|
||||||
|
srv := c.server
|
||||||
|
switch state {
|
||||||
|
case StateNew:
|
||||||
|
@@ -1750,6 +1755,9 @@ func (c *conn) setState(nc net.Conn, state ConnState) {
|
||||||
|
}
|
||||||
|
packedState := uint64(time.Now().Unix()<<8) | uint64(state)
|
||||||
|
atomic.StoreUint64(&c.curState.atomic, packedState)
|
||||||
|
+ if !runHook {
|
||||||
|
+ return
|
||||||
|
+ }
|
||||||
|
if hook := srv.ConnState; hook != nil {
|
||||||
|
hook(nc, state)
|
||||||
|
}
|
||||||
|
@@ -1803,7 +1811,7 @@ func (c *conn) serve(ctx context.Context) {
|
||||||
|
}
|
||||||
|
if !c.hijacked() {
|
||||||
|
c.close()
|
||||||
|
- c.setState(c.rwc, StateClosed)
|
||||||
|
+ c.setState(c.rwc, StateClosed, runHooks)
|
||||||
|
}
|
||||||
|
}()
|
||||||
|
|
||||||
|
@@ -1831,6 +1839,10 @@ func (c *conn) serve(ctx context.Context) {
|
||||||
|
if proto := c.tlsState.NegotiatedProtocol; validNextProto(proto) {
|
||||||
|
if fn := c.server.TLSNextProto[proto]; fn != nil {
|
||||||
|
h := initALPNRequest{ctx, tlsConn, serverHandler{c.server}}
|
||||||
|
+ // Mark freshly created HTTP/2 as active and prevent any server state hooks
|
||||||
|
+ // from being run on these connections. This prevents closeIdleConns from
|
||||||
|
+ // closing such connections. See issue https://golang.org/issue/39776.
|
||||||
|
+ c.setState(c.rwc, StateActive, skipHooks)
|
||||||
|
fn(c.server, tlsConn, h)
|
||||||
|
}
|
||||||
|
return
|
||||||
|
@@ -1851,7 +1863,7 @@ func (c *conn) serve(ctx context.Context) {
|
||||||
|
w, err := c.readRequest(ctx)
|
||||||
|
if c.r.remain != c.server.initialReadLimitSize() {
|
||||||
|
// If we read any bytes off the wire, we're active.
|
||||||
|
- c.setState(c.rwc, StateActive)
|
||||||
|
+ c.setState(c.rwc, StateActive, runHooks)
|
||||||
|
}
|
||||||
|
if err != nil {
|
||||||
|
const errorHeaders = "\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\n"
|
||||||
|
@@ -1934,7 +1946,7 @@ func (c *conn) serve(ctx context.Context) {
|
||||||
|
}
|
||||||
|
return
|
||||||
|
}
|
||||||
|
- c.setState(c.rwc, StateIdle)
|
||||||
|
+ c.setState(c.rwc, StateIdle, runHooks)
|
||||||
|
c.curReq.Store((*response)(nil))
|
||||||
|
|
||||||
|
if !w.conn.server.doKeepAlives() {
|
||||||
|
@@ -2965,7 +2977,7 @@ func (srv *Server) Serve(l net.Listener) error {
|
||||||
|
}
|
||||||
|
tempDelay = 0
|
||||||
|
c := srv.newConn(rw)
|
||||||
|
- c.setState(c.rwc, StateNew) // before Serve can return
|
||||||
|
+ c.setState(c.rwc, StateNew, runHooks) // before Serve can return
|
||||||
|
go c.serve(connCtx)
|
||||||
|
}
|
||||||
|
}
|
24
SOURCES/x-text-infinite-loop.patch
Normal file
24
SOURCES/x-text-infinite-loop.patch
Normal file
@ -0,0 +1,24 @@
|
|||||||
|
diff --git a/src/vendor/golang.org/x/text/transform/transform.go b/src/vendor/golang.org/x/text/transform/transform.go
|
||||||
|
index 520b9ad..48ec64b 100644
|
||||||
|
--- a/src/vendor/golang.org/x/text/transform/transform.go
|
||||||
|
+++ b/src/vendor/golang.org/x/text/transform/transform.go
|
||||||
|
@@ -648,7 +648,8 @@ func String(t Transformer, s string) (result string, n int, err error) {
|
||||||
|
// Transform the remaining input, growing dst and src buffers as necessary.
|
||||||
|
for {
|
||||||
|
n := copy(src, s[pSrc:])
|
||||||
|
- nDst, nSrc, err := t.Transform(dst[pDst:], src[:n], pSrc+n == len(s))
|
||||||
|
+ atEOF := pSrc+n == len(s)
|
||||||
|
+ nDst, nSrc, err := t.Transform(dst[pDst:], src[:n], atEOF)
|
||||||
|
pDst += nDst
|
||||||
|
pSrc += nSrc
|
||||||
|
|
||||||
|
@@ -659,6 +660,9 @@ func String(t Transformer, s string) (result string, n int, err error) {
|
||||||
|
dst = grow(dst, pDst)
|
||||||
|
}
|
||||||
|
} else if err == ErrShortSrc {
|
||||||
|
+ if atEOF {
|
||||||
|
+ return string(dst[:pDst]), pSrc, err
|
||||||
|
+ }
|
||||||
|
if nSrc == 0 {
|
||||||
|
src = grow(src, 0)
|
||||||
|
}
|
@ -95,8 +95,8 @@
|
|||||||
%global gohostarch s390x
|
%global gohostarch s390x
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
%global go_api 1.14
|
%global go_api 1.15
|
||||||
%global go_version 1.14.4
|
%global go_version 1.15.7
|
||||||
%global pkg_release 1
|
%global pkg_release 1
|
||||||
|
|
||||||
Name: golang
|
Name: golang
|
||||||
@ -131,6 +131,7 @@ Provides: go = %{version}-%{release}
|
|||||||
Requires: %{name}-bin = %{version}-%{release}
|
Requires: %{name}-bin = %{version}-%{release}
|
||||||
Requires: %{name}-src = %{version}-%{release}
|
Requires: %{name}-src = %{version}-%{release}
|
||||||
Requires: openssl-devel
|
Requires: openssl-devel
|
||||||
|
Requires: diffutils
|
||||||
|
|
||||||
# we had been just removing the zoneinfo.zip, but that caused tests to fail for users that
|
# we had been just removing the zoneinfo.zip, but that caused tests to fail for users that
|
||||||
# later run `go test -a std`. This makes it only use the zoneinfo.zip where needed in tests.
|
# later run `go test -a std`. This makes it only use the zoneinfo.zip where needed in tests.
|
||||||
@ -139,6 +140,28 @@ Patch215: ./go1.5-zoneinfo_testing_only.patch
|
|||||||
# Proposed patch by jcajka https://golang.org/cl/86541
|
# Proposed patch by jcajka https://golang.org/cl/86541
|
||||||
Patch221: fix_TestScript_list_std.patch
|
Patch221: fix_TestScript_list_std.patch
|
||||||
|
|
||||||
|
# It seems this patch will be included in Go 1.14.5
|
||||||
|
# https://github.com/golang/go/issues/39991
|
||||||
|
# https://go-review.googlesource.com/c/go/+/240917
|
||||||
|
#Patch240917: ppc64le_fix_missing_deferreturn.patch
|
||||||
|
|
||||||
|
# Add an env var to optionally trigger a warning in x509 when
|
||||||
|
# Common Name is used as hostname
|
||||||
|
# rhbz#1889437
|
||||||
|
Patch223: golang-1.15-warnCN.patch
|
||||||
|
|
||||||
|
# Gracefully shut down http2 connections
|
||||||
|
# https://go-review.googlesource.com/c/go/+/240278
|
||||||
|
# rhbz#1888673
|
||||||
|
Patch224: net-http-graceful-shutdown.patch
|
||||||
|
|
||||||
|
# Prevent transform from entering infinite loop.
|
||||||
|
# We're just picking the change from transform.go
|
||||||
|
# because the encoding module is not included
|
||||||
|
# as a vendor dependency.
|
||||||
|
# https://go-review.googlesource.com/c/text/+/238238
|
||||||
|
Patch225: x-text-infinite-loop.patch
|
||||||
|
|
||||||
# Having documentation separate was broken
|
# Having documentation separate was broken
|
||||||
Obsoletes: %{name}-docs < 1.1-4
|
Obsoletes: %{name}-docs < 1.1-4
|
||||||
|
|
||||||
@ -232,6 +255,14 @@ Requires: %{name} = %{version}-%{release}
|
|||||||
|
|
||||||
%patch221 -p1
|
%patch221 -p1
|
||||||
|
|
||||||
|
#%patch240917 -p1
|
||||||
|
|
||||||
|
%patch223 -p1
|
||||||
|
|
||||||
|
%patch224 -p1
|
||||||
|
|
||||||
|
%patch225 -p1
|
||||||
|
|
||||||
cp %{SOURCE1} ./src/runtime/
|
cp %{SOURCE1} ./src/runtime/
|
||||||
|
|
||||||
%build
|
%build
|
||||||
@ -429,9 +460,9 @@ export GO_TEST_RUN=""
|
|||||||
export GOLANG_FIPS=1
|
export GOLANG_FIPS=1
|
||||||
pushd crypto
|
pushd crypto
|
||||||
# Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
|
# Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
|
||||||
go test $(go list | grep -v tls) -v
|
go test $(go list ./... | grep -v tls) -v
|
||||||
# Check that signature functions have parity between boring and notboring
|
# Check that signature functions have parity between boring and notboring
|
||||||
CGO_ENABLED=0 go test ./ecdsa
|
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
|
||||||
popd
|
popd
|
||||||
# Run all FIPS specific TLS tests
|
# Run all FIPS specific TLS tests
|
||||||
pushd crypto/tls
|
pushd crypto/tls
|
||||||
@ -498,6 +529,57 @@ cd ..
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Fri Jan 22 2021 David Benoit <dbenoit@redhat.com> - 1.15.7-1
|
||||||
|
- Rebase to 1.15.7
|
||||||
|
- Resolves: rhbz#1870531
|
||||||
|
- Resolves: rhbz#1919261
|
||||||
|
|
||||||
|
* Tue Nov 24 2020 David Benoit <dbenoit@redhat.com> - 1.15.5-1
|
||||||
|
- Rebase to 1.15.5
|
||||||
|
- Resolves: rhbz#1898652
|
||||||
|
- Resolves: rhbz#1898660
|
||||||
|
- Resolves: rhbz#1898649
|
||||||
|
|
||||||
|
* Mon Nov 16 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-2
|
||||||
|
- fix typo in patch file name
|
||||||
|
- Related: rhbz#1881539
|
||||||
|
|
||||||
|
* Thu Nov 12 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-1
|
||||||
|
- Rebase to 1.15.3
|
||||||
|
- fix x/text infinite loop
|
||||||
|
- Resolves: rhbz#1881539
|
||||||
|
|
||||||
|
* Tue Nov 03 2020 Alejandro Sáez <asm@redhat.com> - 1.15.2-2
|
||||||
|
- Resolves: rhbz#1850045
|
||||||
|
|
||||||
|
* Mon Oct 19 2020 David Benoit <dbenoit@redhat.com> - 1.15.2-1
|
||||||
|
- Rebase to 1.15.2
|
||||||
|
- fix rhbz#1872622 in commit af9a1b1f6567a1c5273a134d395bfe7bb840b7f8
|
||||||
|
- Resolves: rhbz#1872622
|
||||||
|
- add net/http graceful shutdown patch
|
||||||
|
- Resolves: rhbz#1888673
|
||||||
|
- add x509warnCN patch
|
||||||
|
- Resolves: rhbz#1889437
|
||||||
|
|
||||||
|
* Wed Sep 09 2020 Alejandro Sáez <asm@redhat.com> - 1.15.0-1
|
||||||
|
- Rebase to 1.15.0
|
||||||
|
- Related: rhbz#1870531
|
||||||
|
|
||||||
|
* Thu Aug 27 2020 Alejandro Sáez <asm@redhat.com> - 1.14.7-2
|
||||||
|
- Improve test suite
|
||||||
|
- Resolves: rhbz#1854693
|
||||||
|
|
||||||
|
* Tue Aug 18 2020 Alejandro Sáez <asm@redhat.com> - 1.14.7-1
|
||||||
|
- Rebase to 1.14.7
|
||||||
|
|
||||||
|
* Mon Aug 03 2020 Alejandro Sáez <asm@redhat.com> - 1.14.6-1
|
||||||
|
- Rebase to 1.14.6
|
||||||
|
- Resolves: rhbz#1820596
|
||||||
|
|
||||||
|
* Wed Jul 08 2020 Alejandro Sáez <asm@redhat.com> - 1.14.4-2
|
||||||
|
- Include patch to fix missing deferreturn on linux/ppc64le
|
||||||
|
- Resolves: rhbz#1854836
|
||||||
|
|
||||||
* Thu Jun 25 2020 Alejandro Sáez <asm@redhat.com> - 1.14.4-1
|
* Thu Jun 25 2020 Alejandro Sáez <asm@redhat.com> - 1.14.4-1
|
||||||
- Rebase to 1.14.4
|
- Rebase to 1.14.4
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user