import golang-1.18.4-1.module+el8.7.0+16015+724888d8

2022-11-08 01:39:20 -05:00 · 2022-11-08 01:39:20 -05:00 · 745e4f82ea
parent f68aa6940d
commit 745e4f82ea
7 changed files with 474 additions and 35 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/go1.17.12-1-openssl-fips.tar.gz
+SOURCES/go1.18.4-1-openssl-fips.tar.gz
--- a/.golang.metadata
+++ b/.golang.metadata
@ -1 +1 @@
-ba529d47d6ee80a2ddca1a20dd5a5aa72ab9bdbd SOURCES/go1.17.12-1-openssl-fips.tar.gz
+3798a6b5b37624922f5da08860f39da457caa856 SOURCES/go1.18.4-1-openssl-fips.tar.gz
--- a/SOURCES/disable_static_external_tests.patch
+++ b/SOURCES/disable_static_external_tests.patch
@ -0,0 +1,310 @@
+diff --git a/src/cmd/dist/test.go b/src/cmd/dist/test.go
+index d9eb9c3..506f979 100644
+--- a/src/cmd/dist/test.go
+++ b/src/cmd/dist/test.go
+@@ -1180,18 +1180,20 @@ func (t *tester) cgoTest(dt *distTest) error {
+ 				fmt.Println("No support for static linking found (lacks libc.a?), skip cgo static linking test.")
+ 			} else {
+ 				if goos != "android" {
+-					t.addCmd(dt, "misc/cgo/testtls", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`)
+					t.addCmd(dt, "misc/cgo/testtls", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, "-tags=no_openssl")
+ 				}
+ 				t.addCmd(dt, "misc/cgo/nocgo", t.goTest())
+ 				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-ldflags", `-linkmode=external`)
+ 				if goos != "android" {
+-					t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`)
+					t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, "-tags=no_openssl")
+					/*
+ 					t.addCmd(dt, "misc/cgo/test", t.goTest(), "-tags=static", "-ldflags", `-linkmode=external -extldflags "-static -pthread"`)
+ 					// -static in CGO_LDFLAGS triggers a different code path
+ 					// than -static in -extldflags, so test both.
+ 					// See issue #16651.
+ 					cmd := t.addCmd(dt, "misc/cgo/test", t.goTest(), "-tags=static")
+ 					setEnv(cmd, "CGO_LDFLAGS", "-static -pthread")
+					*/
+ 				}
+ 			}
+ 
+@@ -1201,7 +1203,7 @@ func (t *tester) cgoTest(dt *distTest) error {
+ 					t.addCmd(dt, "misc/cgo/test", t.goTest(), "-buildmode=pie", "-ldflags=-linkmode=internal", "-tags=internal,internal_pie")
+ 				}
+ 				t.addCmd(dt, "misc/cgo/testtls", t.goTest(), "-buildmode=pie")
+-				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-buildmode=pie")
+				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-buildmode=pie", "-tags=no_openssl")
+ 			}
+ 		}
+ 	}
+diff --git a/src/crypto/internal/boring/aes.go b/src/crypto/internal/boring/aes.go
+index a495bd7..2c6107b 100644
+--- a/src/crypto/internal/boring/aes.go
+++ b/src/crypto/internal/boring/aes.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/aes_test.go b/src/crypto/internal/boring/aes_test.go
+index 3b4c364..371bc20 100644
+--- a/src/crypto/internal/boring/aes_test.go
+++ b/src/crypto/internal/boring/aes_test.go
+@@ -1,9 +1,5 @@
+-// +build linux
+-// +build !android
+-// +build !no_openssl
+-// +build !cmd_go_bootstrap
+-// +build !msan
+-// +build cgo
+//go:build linux && !android && !no_openssl && !cmd_go_bootstrap && !msan && cgo && !static
+// +build linux,!android,!no_openssl,!cmd_go_bootstrap,!msan,cgo,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/boring.go b/src/crypto/internal/boring/boring.go
+index ec6e80c..05431b1 100644
+--- a/src/crypto/internal/boring/boring.go
+++ b/src/crypto/internal/boring/boring.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/ecdsa.go b/src/crypto/internal/boring/ecdsa.go
+index f72da41..33ee442 100644
+--- a/src/crypto/internal/boring/ecdsa.go
+++ b/src/crypto/internal/boring/ecdsa.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/goboringcrypto.h b/src/crypto/internal/boring/goboringcrypto.h
+index 4547ade..b8aaae4 100644
+--- a/src/crypto/internal/boring/goboringcrypto.h
+++ b/src/crypto/internal/boring/goboringcrypto.h
+@@ -1,6 +1,12 @@
+ // Copyright 2017 The Go Authors. All rights reserved.
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+// +build linux
+// +build !android
+// +build !no_openssl
+// +build !cmd_go_bootstrap
+// +build !msan
+// +build !static
+ 
+ // This header file describes the BoringCrypto ABI as built for use in Go.
+ // The BoringCrypto build for Go (which generates goboringcrypto_*.syso)
+diff --git a/src/crypto/internal/boring/goopenssl.h b/src/crypto/internal/boring/goopenssl.h
+index 4820385..ac41482 100644
+--- a/src/crypto/internal/boring/goopenssl.h
+++ b/src/crypto/internal/boring/goopenssl.h
+@@ -6,6 +6,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ // This header file describes the OpenSSL ABI as built for use in Go.
+ 
+diff --git a/src/crypto/internal/boring/hmac.go b/src/crypto/internal/boring/hmac.go
+index 4e913c3..10cfbb3 100644
+--- a/src/crypto/internal/boring/hmac.go
+++ b/src/crypto/internal/boring/hmac.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/notboring.go b/src/crypto/internal/boring/notboring.go
+index e513834..08c5245 100644
+--- a/src/crypto/internal/boring/notboring.go
+++ b/src/crypto/internal/boring/notboring.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl
+-// +build !linux !cgo android cmd_go_bootstrap msan no_openssl
+//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || static
+// +build !linux !cgo android cmd_go_bootstrap msan no_openssl static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/openssl_ecdsa_signature.c b/src/crypto/internal/boring/openssl_ecdsa_signature.c
+index 710d074..853be3d 100644
+--- a/src/crypto/internal/boring/openssl_ecdsa_signature.c
+++ b/src/crypto/internal/boring/openssl_ecdsa_signature.c
+@@ -3,6 +3,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ 
+diff --git a/src/crypto/internal/boring/openssl_evp.c b/src/crypto/internal/boring/openssl_evp.c
+index 36be702..331dfd3 100644
+--- a/src/crypto/internal/boring/openssl_evp.c
+++ b/src/crypto/internal/boring/openssl_evp.c
+@@ -3,6 +3,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ 
+diff --git a/src/crypto/internal/boring/openssl_lock_setup.c b/src/crypto/internal/boring/openssl_lock_setup.c
+index 955924e..c0f3435 100644
+--- a/src/crypto/internal/boring/openssl_lock_setup.c
+++ b/src/crypto/internal/boring/openssl_lock_setup.c
+@@ -3,6 +3,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ #include <stdio.h>
+diff --git a/src/crypto/internal/boring/openssl_port_aead_gcm.c b/src/crypto/internal/boring/openssl_port_aead_gcm.c
+index b39bf54..80c933a 100644
+--- a/src/crypto/internal/boring/openssl_port_aead_gcm.c
+++ b/src/crypto/internal/boring/openssl_port_aead_gcm.c
+@@ -4,6 +4,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ #include <openssl/err.h>
+diff --git a/src/crypto/internal/boring/openssl_port_ctr128.c b/src/crypto/internal/boring/openssl_port_ctr128.c
+index abaff5c..e2263a5 100644
+--- a/src/crypto/internal/boring/openssl_port_ctr128.c
+++ b/src/crypto/internal/boring/openssl_port_ctr128.c
+@@ -3,6 +3,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ 
+diff --git a/src/crypto/internal/boring/openssl_port_evp_md5_sha1.c b/src/crypto/internal/boring/openssl_port_evp_md5_sha1.c
+index 8418c38..39bf3ae 100644
+--- a/src/crypto/internal/boring/openssl_port_evp_md5_sha1.c
+++ b/src/crypto/internal/boring/openssl_port_evp_md5_sha1.c
+@@ -4,6 +4,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ // The following is a partial backport of crypto/evp/m_md5_sha1.c,
+ // commit cbc8a839959418d8a2c2e3ec6bdf394852c9501e on the
+diff --git a/src/crypto/internal/boring/openssl_port_hmac.c b/src/crypto/internal/boring/openssl_port_hmac.c
+index be7c71a..35e1860 100644
+--- a/src/crypto/internal/boring/openssl_port_hmac.c
+++ b/src/crypto/internal/boring/openssl_port_hmac.c
+@@ -4,6 +4,8 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+
+ 
+ #include "goboringcrypto.h"
+ 
+diff --git a/src/crypto/internal/boring/openssl_port_rsa.c b/src/crypto/internal/boring/openssl_port_rsa.c
+index 5174f66..a8008e9 100644
+--- a/src/crypto/internal/boring/openssl_port_rsa.c
+++ b/src/crypto/internal/boring/openssl_port_rsa.c
+@@ -4,6 +4,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ 
+diff --git a/src/crypto/internal/boring/openssl_stub_rand.c b/src/crypto/internal/boring/openssl_stub_rand.c
+index 18d6777..e8ac53b 100644
+--- a/src/crypto/internal/boring/openssl_stub_rand.c
+++ b/src/crypto/internal/boring/openssl_stub_rand.c
+@@ -3,6 +3,7 @@
+ // +build !no_openssl
+ // +build !cmd_go_bootstrap
+ // +build !msan
+// +build !static
+ 
+ #include "goboringcrypto.h"
+ #include <openssl/rand.h>
+diff --git a/src/crypto/internal/boring/rand.go b/src/crypto/internal/boring/rand.go
+index e9c334f..3adbd4d 100644
+--- a/src/crypto/internal/boring/rand.go
+++ b/src/crypto/internal/boring/rand.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/rsa.go b/src/crypto/internal/boring/rsa.go
+index b1a2f57..0cabadb 100644
+--- a/src/crypto/internal/boring/rsa.go
+++ b/src/crypto/internal/boring/rsa.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
+diff --git a/src/crypto/internal/boring/sha.go b/src/crypto/internal/boring/sha.go
+index bdcc782..6184d6c 100644
+--- a/src/crypto/internal/boring/sha.go
+++ b/src/crypto/internal/boring/sha.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
+-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
+ 
+ package boring
+ 
--- a/SOURCES/go1.5-zoneinfo_testing_only.patch
+++ b/SOURCES/go1.5-zoneinfo_testing_only.patch
@ -1,5 +1,5 @@
 diff --git a/src/time/internal_test.go b/src/time/internal_test.go
-index 87a4208..0923e75 100644
+index f0dddb7..415949a 100644
 --- a/src/time/internal_test.go
 +++ b/src/time/internal_test.go
@@ -4,13 +4,15 @@
@ -17,7 +17,7 @@ index 87a4208..0923e75 100644
 -	z, err := loadLocation("America/Los_Angeles", zoneSources[len(zoneSources)-1:])
 +	z, err := loadLocation("America/Los_Angeles", zoneSources)
 	if err != nil {
- 		panic("cannot load America/Los_Angeles for testing: " + err.Error())
+ 		panic("cannot load America/Los_Angeles for testing: " + err.Error() + "; you may want to use -tags=timetzdata")
 	}
@@ -21,8 +23,9 @@ func initTestingZone() {
 var OrigZoneSources = zoneSources
@ -52,10 +52,10 @@ index f032aa7..e3e5547 100644
 		t.Fatal(err)
 	}
 diff --git a/src/time/zoneinfo_unix.go b/src/time/zoneinfo_unix.go
-index 4ea029d..e887769 100644
+index 23f8b3c..228db1b 100644
 --- a/src/time/zoneinfo_unix.go
 +++ b/src/time/zoneinfo_unix.go
-@@ -13,7 +13,6 @@
+@@ -12,7 +12,6 @@
 package time
 
 import (
@ -63,7 +63,7 @@ index 4ea029d..e887769 100644
 	"syscall"
 )
 
-@@ -23,7 +22,6 @@ var zoneSources = []string{
+@@ -22,7 +21,6 @@ var zoneSources = []string{
 	"/usr/share/zoneinfo/",
 	"/usr/share/lib/zoneinfo/",
 	"/usr/lib/locale/TZ/",
--- a/SOURCES/remove_ed25519vectors_test.patch
+++ b/SOURCES/remove_ed25519vectors_test.patch
@ -0,0 +1,128 @@
+From d7cad65ab9179804e9f089ce97bc124e9ef79494 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
+Date: Wed, 15 Dec 2021 16:02:15 +0100
+Subject: [PATCH] Remove ed25519vectors_test.go
+
+---
+ src/crypto/ed25519/ed25519vectors_test.go | 109 ----------------------
+ 1 file changed, 109 deletions(-)
+ delete mode 100644 src/crypto/ed25519/ed25519vectors_test.go
+
+diff --git a/src/crypto/ed25519/ed25519vectors_test.go b/src/crypto/ed25519/ed25519vectors_test.go
+deleted file mode 100644
+index 74fcdcdf4e..0000000000
+--- a/src/crypto/ed25519/ed25519vectors_test.go
+++ /dev/null
+@@ -1,109 +0,0 @@
+-// Copyright 2021 The Go Authors. All rights reserved.
+-// Use of this source code is governed by a BSD-style
+-// license that can be found in the LICENSE file.
+-
+-package ed25519_test
+-
+-import (
+-	"crypto/ed25519"
+-	"encoding/hex"
+-	"encoding/json"
+-	"internal/testenv"
+-	"os"
+-	"os/exec"
+-	"path/filepath"
+-	"testing"
+-)
+-
+-// TestEd25519Vectors runs a very large set of test vectors that exercise all
+-// combinations of low-order points, low-order components, and non-canonical
+-// encodings. These vectors lock in unspecified and spec-divergent behaviors in
+-// edge cases that are not security relevant in most contexts, but that can
+-// cause issues in consensus applications if changed.
+-//
+-// Our behavior matches the "classic" unwritten verification rules of the
+-// "ref10" reference implementation.
+-//
+-// Note that although we test for these edge cases, they are not covered by the
+-// Go 1 Compatibility Promise. Applications that need stable verification rules
+-// should use github.com/hdevalence/ed25519consensus.
+-//
+-// See https://hdevalence.ca/blog/2020-10-04-its-25519am for more details.
+-func TestEd25519Vectors(t *testing.T) {
+-	jsonVectors := downloadEd25519Vectors(t)
+-	var vectors []struct {
+-		A, R, S, M string
+-		Flags      []string
+-	}
+-	if err := json.Unmarshal(jsonVectors, &vectors); err != nil {
+-		t.Fatal(err)
+-	}
+-	for i, v := range vectors {
+-		expectedToVerify := true
+-		for _, f := range v.Flags {
+-			switch f {
+-			// We use the simplified verification formula that doesn't multiply
+-			// by the cofactor, so any low order residue will cause the
+-			// signature not to verify.
+-			//
+-			// This is allowed, but not required, by RFC 8032.
+-			case "LowOrderResidue":
+-				expectedToVerify = false
+-			// Our point decoding allows non-canonical encodings (in violation
+-			// of RFC 8032) but R is not decoded: instead, R is recomputed and
+-			// compared bytewise against the canonical encoding.
+-			case "NonCanonicalR":
+-				expectedToVerify = false
+-			}
+-		}
+-
+-		publicKey := decodeHex(t, v.A)
+-		signature := append(decodeHex(t, v.R), decodeHex(t, v.S)...)
+-		message := []byte(v.M)
+-
+-		didVerify := ed25519.Verify(publicKey, message, signature)
+-		if didVerify && !expectedToVerify {
+-			t.Errorf("#%d: vector with flags %s unexpectedly verified", i, v.Flags)
+-		}
+-		if !didVerify && expectedToVerify {
+-			t.Errorf("#%d: vector with flags %s unexpectedly rejected", i, v.Flags)
+-		}
+-	}
+-}
+-
+-func downloadEd25519Vectors(t *testing.T) []byte {
+-	testenv.MustHaveExternalNetwork(t)
+-
+-	// Download the JSON test file from the GOPROXY with `go mod download`,
+-	// pinning the version so test and module caching works as expected.
+-	goTool := testenv.GoToolPath(t)
+-	path := "filippo.io/mostly-harmless/ed25519vectors@v0.0.0-20210322192420-30a2d7243a94"
+-	cmd := exec.Command(goTool, "mod", "download", "-json", path)
+-	// TODO: enable the sumdb once the TryBots proxy supports it.
+-	cmd.Env = append(os.Environ(), "GONOSUMDB=*")
+-	output, err := cmd.Output()
+-	if err != nil {
+-		t.Fatalf("failed to run `go mod download -json %s`, output: %s", path, output)
+-	}
+-	var dm struct {
+-		Dir string // absolute path to cached source root directory
+-	}
+-	if err := json.Unmarshal(output, &dm); err != nil {
+-		t.Fatal(err)
+-	}
+-
+-	jsonVectors, err := os.ReadFile(filepath.Join(dm.Dir, "ed25519vectors.json"))
+-	if err != nil {
+-		t.Fatalf("failed to read ed25519vectors.json: %v", err)
+-	}
+-	return jsonVectors
+-}
+-
+-func decodeHex(t *testing.T, s string) []byte {
+-	t.Helper()
+-	b, err := hex.DecodeString(s)
+-	if err != nil {
+-		t.Errorf("invalid hex: %v", err)
+-	}
+-	return b
+-}
+-- 
+2.33.1
+
--- a/SOURCES/skip_test_rhbz1939923.patch
+++ b/SOURCES/skip_test_rhbz1939923.patch
@ -1,12 +0,0 @@
-diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
-index f32dc7d..54db97c 100644
--- a/src/crypto/x509/x509_test.go
-+++ b/src/crypto/x509/x509_test.go
-@@ -2880,6 +2880,7 @@ func (bs *brokenSigner) Sign(_ io.Reader, _ []byte, _ crypto.SignerOpts) ([]byte
- }
- 
- func TestCreateCertificateBrokenSigner(t *testing.T) {
-+	t.Skip("TODO Fix me: rhbz#1939923")
- 	template := &Certificate{
- 		SerialNumber: big.NewInt(10),
- 		DNSNames:     []string{"example.com"},
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@ -95,8 +95,8 @@
 %global gohostarch  s390x
 %endif

-%global go_api 1.17
-%global go_version 1.17.12
+%global go_api 1.18
+%global go_version 1.18.4
 %global pkg_release 1

 Name:           golang
@ -106,9 +106,8 @@ Summary:        The Go Programming Language
 # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
 License:        BSD and Public Domain
 URL:            http://golang.org/
+Source0:	https://github.com/golang-fips/go/archive/refs/tags/go%{go_version}-%{pkg_release}-openssl-fips.tar.gz
 # make possible to override default traceback level at build time by setting build tag rpm_crashtraceback
-Source0:         https://github.com/golang-fips/go/archive/refs/tags/go%{go_version}-%{pkg_release}-openssl-fips.tar.gz
-
 Source1:        fedora.go

 # The compiler is written in Go. Needs go(1.4+) compiler for build.
@ -141,7 +140,10 @@ Patch215:       go1.5-zoneinfo_testing_only.patch
 # Proposed patch by jcajka https://golang.org/cl/86541
 Patch221:       fix_TestScript_list_std.patch

-Patch1939923:   skip_test_rhbz1939923.patch
+# static linking of dlopen is unsupported
+Patch226:	disable_static_external_tests.patch
+
+Patch223: remove_ed25519vectors_test.patch

 # Having documentation separate was broken
 Obsoletes:      %{name}-docs < 1.1-4
@ -233,10 +235,9 @@ Requires:       %{name} = %{version}-%{release}
 %setup -q -n go-go%{go_version}-%{pkg_release}-openssl-fips

 %patch215 -p1
-
 %patch221 -p1
-
-%patch1939923 -p1
+%patch223 -p1
+%patch226 -p1

 cp %{SOURCE1} ./src/runtime/

@ -511,17 +512,29 @@ cd ..
 %endif

 %changelog
-* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.17.12-1
- Update Go to version 1.17.12
- Resolves: rhbz#2109182
+* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.18.4-1
+- Update Go to version 1.18.4
+- Resolves: rhbz#2109179

-* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.17.10-2
+* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-3
 - Clean up dist-git patches
- Resolves: rhbz#2109173
+- Resolves: rhbz#2109175

-* Fri May 27 2022 David Benoit <dbenoit@redhat.com> - 1.17.10-1
- Rebase to Go 1.17.10
- Resolves: rhbz#2091077
+* Thu Jul 07 2022 Alejandro Sáez <asm@redhat.com> - 1.18.2-2
+- Bump up release version
+- Related: rhbz#2075162
+
+* Thu Jun 16 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-1
+- Update to Go 1.18.2
+- Related: rhbz#2075162
+
+* Mon Apr 18 2022 David Benoit <dbenoit@redhat.com> - 1.18.0-2
+- Enable SHA1 in some contexts
+- Related: rhbz#2075162
+
+* Wed Apr 13 2022 David Benoit <dbenoit@redhat.com> - 1.18.0-1
+- Update Go to 1.18.0
+- Resolves: rhbz#2075162

 * Thu Feb 17 2022 David Benoit <dbenoit@redhat.com> - 1.17.7-1
 - Rebase to Go 1.17.7