import golang-1.15.7-1.module+el8.4.0+9580+3b0e6c24

2021-05-18 02:48:30 -04:00 · 2021-05-18 02:48:30 -04:00 · 976e46743a
commit 976e46743a
parent 6bb7ae61c4
6 changed files with 276 additions and 16 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-SOURCES/go-go-1.14.12-1-openssl-fips.tar.gz
+SOURCES/go-go-1.15.7-1-openssl-fips.tar.gz
--- a/.golang.metadata
+++ b/.golang.metadata
@ -1 +1 @@
-92e0ddaaba022868005061bccaa42290daf354e1 SOURCES/go-go-1.14.12-1-openssl-fips.tar.gz
+501d01d764310874ec20f3d7555c70948ef15fb2 SOURCES/go-go-1.15.7-1-openssl-fips.tar.gz
--- a/SOURCES/golang-1.15-warnCN.patch
+++ b/SOURCES/golang-1.15-warnCN.patch
@ -0,0 +1,25 @@
+diff --git a/src/crypto/x509/verify.go b/src/crypto/x509/verify.go
+index 50f4d4a..121fd1b 100644
+--- a/src/crypto/x509/verify.go
+++ b/src/crypto/x509/verify.go
+@@ -20,6 +20,9 @@ import (
+ 
+ // ignoreCN disables interpreting Common Name as a hostname. See issue 24151.
+ var ignoreCN = !strings.Contains(os.Getenv("GODEBUG"), "x509ignoreCN=0")
+// if using Common Name as a hostname is enabled via x509ignoreCN=0,
+// warnCN enables a warning whenever Common Name is interpreted as a hostname.
+var warnCN = strings.Contains(os.Getenv("GODEBUG"), "x509warnCN=1")
+ 
+ type InvalidReason int
+ 
+@@ -1078,6 +1081,10 @@ func (c *Certificate) VerifyHostname(h string) error {
+ 	names := c.DNSNames
+ 	if c.commonNameAsHostname() {
+ 		names = []string{c.Subject.CommonName}
+		if warnCN {
+			fmt.Fprintf(os.Stderr, "x509: Warning - certificate relies on legacy Common Name field. " +
+				"Using CN without SAN is deprecated and will not work in future versions.\n")
+		}
+ 	}
+ 
+ 	candidateName := toLowerCaseASCII(h) // Save allocations inside the loop.
--- a/SOURCES/net-http-graceful-shutdown.patch
+++ b/SOURCES/net-http-graceful-shutdown.patch
@ -0,0 +1,157 @@
+diff --git a/src/net/http/export_test.go b/src/net/http/export_test.go
+index 657ff9d..67a74ae 100644
+--- a/src/net/http/export_test.go
+++ b/src/net/http/export_test.go
+@@ -274,6 +274,17 @@ func (s *Server) ExportAllConnsIdle() bool {
+ 	return true
+ }
+ 
+func (s *Server) ExportAllConnsByState() map[ConnState]int {
+	states := map[ConnState]int{}
+	s.mu.Lock()
+	defer s.mu.Unlock()
+	for c := range s.activeConn {
+		st, _ := c.getState()
+		states[st] += 1
+	}
+	return states
+}
+
+ func (r *Request) WithT(t *testing.T) *Request {
+ 	return r.WithContext(context.WithValue(r.Context(), tLogKey{}, t.Logf))
+ }
+diff --git a/src/net/http/serve_test.go b/src/net/http/serve_test.go
+index 5f56932..806272b 100644
+--- a/src/net/http/serve_test.go
+++ b/src/net/http/serve_test.go
+@@ -5519,16 +5519,23 @@ func TestServerSetKeepAlivesEnabledClosesConns(t *testing.T) {
+ 	}
+ }
+ 
+-func TestServerShutdown_h1(t *testing.T) { testServerShutdown(t, h1Mode) }
+-func TestServerShutdown_h2(t *testing.T) { testServerShutdown(t, h2Mode) }
+func TestServerShutdown_h1(t *testing.T) {
+	testServerShutdown(t, h1Mode)
+}
+func TestServerShutdown_h2(t *testing.T) {
+	testServerShutdown(t, h2Mode)
+}
+ 
+ func testServerShutdown(t *testing.T, h2 bool) {
+ 	setParallel(t)
+ 	defer afterTest(t)
+ 	var doShutdown func() // set later
+	var doStateCount func()
+ 	var shutdownRes = make(chan error, 1)
+	var statesRes = make(chan map[ConnState]int, 1)
+ 	var gotOnShutdown = make(chan struct{}, 1)
+ 	handler := HandlerFunc(func(w ResponseWriter, r *Request) {
+		doStateCount()
+ 		go doShutdown()
+ 		// Shutdown is graceful, so it should not interrupt
+ 		// this in-flight response. Add a tiny sleep here to
+@@ -5545,6 +5552,9 @@ func testServerShutdown(t *testing.T, h2 bool) {
+ 	doShutdown = func() {
+ 		shutdownRes <- cst.ts.Config.Shutdown(context.Background())
+ 	}
+	doStateCount = func() {
+		statesRes <- cst.ts.Config.ExportAllConnsByState()
+	}
+ 	get(t, cst.c, cst.ts.URL) // calls t.Fail on failure
+ 
+ 	if err := <-shutdownRes; err != nil {
+@@ -5556,6 +5566,10 @@ func testServerShutdown(t *testing.T, h2 bool) {
+ 		t.Errorf("onShutdown callback not called, RegisterOnShutdown broken?")
+ 	}
+ 
+	if states := <-statesRes; states[StateActive] != 1 {
+		t.Errorf("connection in wrong state, %v", states)
+	}
+
+ 	res, err := cst.c.Get(cst.ts.URL)
+ 	if err == nil {
+ 		res.Body.Close()
+diff --git a/src/net/http/server.go b/src/net/http/server.go
+index d41b5f6..14a6336 100644
+--- a/src/net/http/server.go
+++ b/src/net/http/server.go
+@@ -324,7 +324,7 @@ func (c *conn) hijackLocked() (rwc net.Conn, buf *bufio.ReadWriter, err error) {
+ 			return nil, nil, fmt.Errorf("unexpected Peek failure reading buffered byte: %v", err)
+ 		}
+ 	}
+-	c.setState(rwc, StateHijacked)
+	c.setState(rwc, StateHijacked, runHooks)
+ 	return
+ }
+ 
+@@ -1737,7 +1737,12 @@ func validNextProto(proto string) bool {
+ 	return true
+ }
+ 
+-func (c *conn) setState(nc net.Conn, state ConnState) {
+const (
+	runHooks  = true
+	skipHooks = false
+)
+
+func (c *conn) setState(nc net.Conn, state ConnState, runHook bool) {
+ 	srv := c.server
+ 	switch state {
+ 	case StateNew:
+@@ -1750,6 +1755,9 @@ func (c *conn) setState(nc net.Conn, state ConnState) {
+ 	}
+ 	packedState := uint64(time.Now().Unix()<<8) | uint64(state)
+ 	atomic.StoreUint64(&c.curState.atomic, packedState)
+	if !runHook {
+		return
+	}
+ 	if hook := srv.ConnState; hook != nil {
+ 		hook(nc, state)
+ 	}
+@@ -1803,7 +1811,7 @@ func (c *conn) serve(ctx context.Context) {
+ 		}
+ 		if !c.hijacked() {
+ 			c.close()
+-			c.setState(c.rwc, StateClosed)
+			c.setState(c.rwc, StateClosed, runHooks)
+ 		}
+ 	}()
+ 
+@@ -1831,6 +1839,10 @@ func (c *conn) serve(ctx context.Context) {
+ 		if proto := c.tlsState.NegotiatedProtocol; validNextProto(proto) {
+ 			if fn := c.server.TLSNextProto[proto]; fn != nil {
+ 				h := initALPNRequest{ctx, tlsConn, serverHandler{c.server}}
+				// Mark freshly created HTTP/2 as active and prevent any server state hooks
+				// from being run on these connections. This prevents closeIdleConns from
+				// closing such connections. See issue https://golang.org/issue/39776.
+				c.setState(c.rwc, StateActive, skipHooks)
+ 				fn(c.server, tlsConn, h)
+ 			}
+ 			return
+@@ -1851,7 +1863,7 @@ func (c *conn) serve(ctx context.Context) {
+ 		w, err := c.readRequest(ctx)
+ 		if c.r.remain != c.server.initialReadLimitSize() {
+ 			// If we read any bytes off the wire, we're active.
+-			c.setState(c.rwc, StateActive)
+			c.setState(c.rwc, StateActive, runHooks)
+ 		}
+ 		if err != nil {
+ 			const errorHeaders = "\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\n"
+@@ -1934,7 +1946,7 @@ func (c *conn) serve(ctx context.Context) {
+ 			}
+ 			return
+ 		}
+-		c.setState(c.rwc, StateIdle)
+		c.setState(c.rwc, StateIdle, runHooks)
+ 		c.curReq.Store((*response)(nil))
+ 
+ 		if !w.conn.server.doKeepAlives() {
+@@ -2965,7 +2977,7 @@ func (srv *Server) Serve(l net.Listener) error {
+ 		}
+ 		tempDelay = 0
+ 		c := srv.newConn(rw)
+-		c.setState(c.rwc, StateNew) // before Serve can return
+		c.setState(c.rwc, StateNew, runHooks) // before Serve can return
+ 		go c.serve(connCtx)
+ 	}
+ }
--- a/SOURCES/x-text-infinite-loop.patch
+++ b/SOURCES/x-text-infinite-loop.patch
@ -0,0 +1,24 @@
+diff --git a/src/vendor/golang.org/x/text/transform/transform.go b/src/vendor/golang.org/x/text/transform/transform.go
+index 520b9ad..48ec64b 100644
+--- a/src/vendor/golang.org/x/text/transform/transform.go
+++ b/src/vendor/golang.org/x/text/transform/transform.go
+@@ -648,7 +648,8 @@ func String(t Transformer, s string) (result string, n int, err error) {
+ 	// Transform the remaining input, growing dst and src buffers as necessary.
+ 	for {
+ 		n := copy(src, s[pSrc:])
+-		nDst, nSrc, err := t.Transform(dst[pDst:], src[:n], pSrc+n == len(s))
+		atEOF := pSrc+n == len(s)
+		nDst, nSrc, err := t.Transform(dst[pDst:], src[:n], atEOF)
+ 		pDst += nDst
+ 		pSrc += nSrc
+ 
+@@ -659,6 +660,9 @@ func String(t Transformer, s string) (result string, n int, err error) {
+ 				dst = grow(dst, pDst)
+ 			}
+ 		} else if err == ErrShortSrc {
+			if atEOF {
+				return string(dst[:pDst]), pSrc, err
+			}
+ 			if nSrc == 0 {
+ 				src = grow(src, 0)
+ 			}
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@ -95,8 +95,8 @@
 %global gohostarch  s390x
 %endif

-%global go_api 1.14
-%global go_version 1.14.12
+%global go_api 1.15
+%global go_version 1.15.7
 %global pkg_release 1

 Name:           golang
@ -131,6 +131,7 @@ Provides:       go = %{version}-%{release}
 Requires:       %{name}-bin = %{version}-%{release}
 Requires:       %{name}-src = %{version}-%{release}
 Requires:       openssl-devel
+Requires:       diffutils

 # we had been just removing the zoneinfo.zip, but that caused tests to fail for users that 
 # later run `go test -a std`. This makes it only use the zoneinfo.zip where needed in tests.
@ -139,6 +140,28 @@ Patch215:       ./go1.5-zoneinfo_testing_only.patch
 # Proposed patch by jcajka https://golang.org/cl/86541
 Patch221: fix_TestScript_list_std.patch

+# It seems this patch will be included in Go 1.14.5
+# https://github.com/golang/go/issues/39991
+# https://go-review.googlesource.com/c/go/+/240917
+#Patch240917: ppc64le_fix_missing_deferreturn.patch
+
+# Add an env var to optionally trigger a warning in x509 when
+# Common Name is used as hostname
+# rhbz#1889437
+Patch223: golang-1.15-warnCN.patch
+
+# Gracefully shut down http2 connections
+# https://go-review.googlesource.com/c/go/+/240278
+# rhbz#1888673
+Patch224: net-http-graceful-shutdown.patch
+
+# Prevent transform from entering infinite loop.
+# We're just picking the change from transform.go
+# because the encoding module is not included
+# as a vendor dependency.
+# https://go-review.googlesource.com/c/text/+/238238
+Patch225: x-text-infinite-loop.patch
+
 # Having documentation separate was broken
 Obsoletes:      %{name}-docs < 1.1-4

@ -232,6 +255,14 @@ Requires:       %{name} = %{version}-%{release}

 %patch221 -p1

+#%patch240917 -p1
+
+%patch223 -p1
+
+%patch224 -p1
+
+%patch225 -p1
+
 cp %{SOURCE1} ./src/runtime/

 %build
@ -498,21 +529,44 @@ cd ..
 %endif

 %changelog
-* Tue Nov 17 2020 David Benoit <dbenoit@redhat.com> - 1.14.12-1
- Rebase to 1.14.12
- Resolves: rhbz#1898829
- Resolves: rhbz#1898832
- Resolves: rhbz#1898834
+* Fri Jan 22 2021 David Benoit <dbenoit@redhat.com> - 1.15.7-1
+- Rebase to 1.15.7
+- Resolves: rhbz#1870531
+- Resolves: rhbz#1919261

-* Thu Nov 12 2020 Alejandro Sáez <asm@redhat.com> - 1.14.10-1
- Rebase to 1.14.10
- Remove patch to fix missing deferreturn on linux/ppc64le rhbz#1854836
- Resolves: rhbz#1897181
- Resolves: rhbz#1897182
- Resolves: rhbz#1897185
+* Tue Nov 24 2020 David Benoit <dbenoit@redhat.com> - 1.15.5-1
+- Rebase to 1.15.5
+- Resolves: rhbz#1898652
+- Resolves: rhbz#1898660
+- Resolves: rhbz#1898649
+
+* Mon Nov 16 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-2
+- fix typo in patch file name
+- Related: rhbz#1881539
+
+* Thu Nov 12 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-1
+- Rebase to 1.15.3
+- fix x/text infinite loop
+- Resolves: rhbz#1881539
+
+* Tue Nov 03 2020 Alejandro Sáez <asm@redhat.com> - 1.15.2-2
+- Resolves: rhbz#1850045
+
+* Mon Oct 19 2020 David Benoit <dbenoit@redhat.com> - 1.15.2-1
+- Rebase to 1.15.2
+- fix rhbz#1872622 in commit af9a1b1f6567a1c5273a134d395bfe7bb840b7f8
+- Resolves: rhbz#1872622
+- add net/http graceful shutdown patch
+- Resolves: rhbz#1888673
+- add x509warnCN patch
+- Resolves: rhbz#1889437
+
+* Wed Sep 09 2020 Alejandro Sáez <asm@redhat.com> - 1.15.0-1
+- Rebase to 1.15.0
+- Related: rhbz#1870531

 * Thu Aug 27 2020 Alejandro Sáez <asm@redhat.com> - 1.14.7-2
- Improve test suit
+- Improve test suite
 - Resolves: rhbz#1854693

 * Tue Aug 18 2020 Alejandro Sáez <asm@redhat.com> - 1.14.7-1