rpms
/
golang
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Rebase to Go 1.17.2 

Related: rhbz#2014087
Remove favicon.ico and robots.txt references
Exclude TestEd25519Vectors test
Update patch rhbz1952381
Remove rhbz1904567 patch
Remove rhbz1939923 patch
This commit is contained in:
Alejandro Sáez 2021-11-03 20:05:55 +01:00
parent f1e89cd833
commit bf182b7c2e
6 changed files with 39 additions and 308 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -38,3 +38,4 @@
/go-go-1.16.4-1-openssl-fips.tar.gz
/go-go-1.16.6-2-openssl-fips.tar.gz
/go-go-1.16.6-3-openssl-fips.tar.gz
/go-go-1.17.2-1-openssl-fips.tar.gz

25
golang-1.15-warnCN.patch
View File

@ -1,25 +0,0 @@
diff --git a/src/crypto/x509/verify.go b/src/crypto/x509/verify.go
index 50f4d4a..121fd1b 100644
--- a/src/crypto/x509/verify.go
+++ b/src/crypto/x509/verify.go
@@ -20,6 +20,9 @@ import (
// ignoreCN disables interpreting Common Name as a hostname. See issue 24151.
var ignoreCN = !strings.Contains(os.Getenv("GODEBUG"), "x509ignoreCN=0")
+// if using Common Name as a hostname is enabled via x509ignoreCN=0,
+// warnCN enables a warning whenever Common Name is interpreted as a hostname.
+var warnCN = strings.Contains(os.Getenv("GODEBUG"), "x509warnCN=1")
type InvalidReason int
@@ -1078,6 +1081,10 @@ func (c *Certificate) VerifyHostname(h string) error {
names := c.DNSNames
if c.commonNameAsHostname() {
names = []string{c.Subject.CommonName}
+ if warnCN {
+ fmt.Fprintf(os.Stderr, "x509: Warning - certificate relies on legacy Common Name field. " +
+ "Using CN without SAN is deprecated and will not work in future versions.\n")
+ }
}
candidateName := toLowerCaseASCII(h) // Save allocations inside the loop.

44
golang.spec
View File

@ -95,13 +95,13 @@
%global gohostarch s390x
%endif
%global go_api 1.16
%global go_version 1.16.6
%global pkg_release 3
%global go_api 1.17
%global go_version 1.17.2
%global pkg_release 1
Name: golang
Version: %{go_version}
Release: 4%{?dist}
Release: 1%{?dist}
Summary: The Go Programming Language
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
License: BSD and Public Domain
@ -144,19 +144,9 @@ Patch215: go1.5-zoneinfo_testing_only.patch
# Proposed patch by jcajka https://golang.org/cl/86541
Patch221: fix_TestScript_list_std.patch
# Add an env var to optionally trigger a warning in x509 when
# Common Name is used as hostname
# rhbz#1889437
Patch223: golang-1.15-warnCN.patch
Patch1939923: skip_test_rhbz1939923.patch
# Port to openssl 3.0
Patch1952381: rhbz1952381.patch
Patch1904567: cgo-lto-fix.patch
Patch334410: ppc64le-vdso-segfault-fix.patch
# Having documentation separate was broken
Obsoletes: %{name}-docs < 1.1-4
@ -250,15 +240,8 @@ Requires: %{name} = %{version}-%{release}
%patch221 -p1
%patch223 -p1
%patch1952381 -p1
%patch1939923 -p1
%patch1904567 -p1
%patch334410 -p1
cp %{SOURCE1} ./src/runtime/
%build
@ -328,7 +311,7 @@ rm -rf pkg/bootstrap/bin
# install everything into libdir (until symlink problems are fixed)
# https://code.google.com/p/go/issues/detail?id=5830
cp -apv api bin doc favicon.ico lib pkg robots.txt src misc test VERSION \
cp -apv api bin doc lib pkg src misc test VERSION \
$RPM_BUILD_ROOT%{goroot}
# bz1099206
@ -415,6 +398,7 @@ cp -av %{SOURCE100} $RPM_BUILD_ROOT%{_sysconfdir}/gdbinit.d/golang.gdb
# prelink blacklist
mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/prelink.conf.d
cp -av %{SOURCE101} $RPM_BUILD_ROOT%{_sysconfdir}/prelink.conf.d/golang.conf
sed -i 's/const defaultGO_LDSO = `.*`/const defaultGO_LDSO = ``/' $RPM_BUILD_ROOT%{goroot}/src/internal/buildcfg/zbootstrap.go
%check
export GOROOT=$(pwd -P)
@ -501,15 +485,16 @@ EOM
export OPENSSL_CONF=$TEST_BORING_CNF
# Run tests with FIPS enabled.
export DISABLE_Ed25519_TEST="-run=!^TestEd25519Vectors$"
pushd crypto
# Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
GOLANG_FIPS=1 go test $(go list ./... | grep -v tls) -v
GOLANG_FIPS=1 go test $(go list ./... | grep -v tls) -v $DISABLE_Ed25519_TEST
# Check that signature functions have parity between boring and notboring
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v $DISABLE_Ed25519_TEST
popd
# Run all FIPS specific TLS tests
pushd crypto/tls
GOLANG_FIPS=1 go test -v -run "Boring"
GOLANG_FIPS=1 go test -v -run "Boring" $DISABLE_Ed25519_TEST
popd
%else
./run.bash --no-rebuild -v -v -v -k || :
@ -572,6 +557,15 @@ cd ..
%endif
%changelog
* Wed Nov 03 2021 Alejandro Sáez <asm@redhat.com> - 1.17.2-1
- Rebase to Go 1.17.2
- Related: rhbz#2014087
- Remove favicon.ico and robots.txt references
- Exclude TestEd25519Vectors test
- Update patch rhbz1952381
- Remove rhbz1904567 patch
- Remove rhbz1939923 patch
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.16.6-4
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688

229
ppc64le-vdso-segfault-fix.patch
View File

@ -1,229 +0,0 @@
From 16ab7e49d4070c4f68e88836b123dbe6da8bb015 Mon Sep 17 00:00:00 2001
From: Derek Parker <parkerderek86@gmail.com>
Date: Thu, 17 Jun 2021 20:22:40 +0000
Subject: [PATCH] [release-branch.go1.16] runtime: fix crash during VDSO calls on PowerPC
This patch reinstates a fix for PowerPC with regard to making VDSO calls
while receiving a signal, and subsequently crashing. The crash happens
because certain VDSO calls can modify the r30 register, which is where g
is stored. This change was reverted for PowerPC because r30 is supposed
to be a non-volatile register. This is true, but that only makes a
guarantee across function calls, but not "within" a function call. This
patch was seemingly fine before because the Linux kernel still had hand
rolled assembly VDSO function calls, however with a recent change to C
function calls it seems the compiler used can generate instructions
which temporarily clobber r30. This means that when we receive a signal
during one of these calls the value of r30 will not be the g as the
runtime expects, causing a segfault.
You can see from this assembly dump how the register is clobbered during
the call:
(the following is from a 5.13rc2 kernel)
```
Dump of assembler code for function __cvdso_clock_gettime_data:
0x00007ffff7ff0700 <+0>: cmplwi r4,15
0x00007ffff7ff0704 <+4>: bgt 0x7ffff7ff07f0 <__cvdso_clock_gettime_data+240>
0x00007ffff7ff0708 <+8>: li r9,1
0x00007ffff7ff070c <+12>: slw r9,r9,r4
0x00007ffff7ff0710 <+16>: andi. r10,r9,2179
0x00007ffff7ff0714 <+20>: beq 0x7ffff7ff0810 <__cvdso_clock_gettime_data+272>
0x00007ffff7ff0718 <+24>: rldicr r10,r4,4,59
0x00007ffff7ff071c <+28>: lis r9,32767
0x00007ffff7ff0720 <+32>: std r30,-16(r1)
0x00007ffff7ff0724 <+36>: std r31,-8(r1)
0x00007ffff7ff0728 <+40>: add r6,r3,r10
0x00007ffff7ff072c <+44>: ori r4,r9,65535
0x00007ffff7ff0730 <+48>: lwz r8,0(r3)
0x00007ffff7ff0734 <+52>: andi. r9,r8,1
0x00007ffff7ff0738 <+56>: bne 0x7ffff7ff07d0 <__cvdso_clock_gettime_data+208>
0x00007ffff7ff073c <+60>: lwsync
0x00007ffff7ff0740 <+64>: mftb r30 <---- RIGHT HERE
=> 0x00007ffff7ff0744 <+68>: ld r12,40(r6)
```
What I believe is happening is that the kernel changed the PowerPC VDSO
calls to use standard C calls instead of using hand rolled assembly. The
hand rolled assembly calls never touched r30, so this change was safe to
roll back. That does not seem to be the case anymore as on the 5.13rc2
kernel the compiler *is* generating assembly which modifies r30, making
this change again unsafe and causing a crash when the program receives a
signal during these calls (which will happen often due to async
preempt). This change happened here:
https://lwn.net/ml/linux-kernel/235e5571959cfa89ced081d7e838ed5ff38447d2.1601365870.git.christophe.leroy@csgroup.eu/.
I realize this was reverted due to unexplained hangs in PowerPC
builders, but I think we should reinstate this change and investigate
those issues separately:
https://github.com/golang/go/commit/f4ca3c1e0a2066ca4f7bd6203866d282ed34acf2
Fixes #46858
Change-Id: Ib18d7bbfc80a1a9cb558f0098878d41081324b52
GitHub-Last-Rev: c3002bcfca3ef58b27485e31328e6297b7a9dfe7
GitHub-Pull-Request: golang/go#46767
Reviewed-on: https://go-review.googlesource.com/c/go/+/328110
Run-TryBot: Lynn Boger <laboger@linux.vnet.ibm.com>
TryBot-Result: Go Bot <gobot@golang.org>
Reviewed-by: Cherry Mui <cherryyz@google.com>
Trust: Lynn Boger <laboger@linux.vnet.ibm.com>
(cherry picked from commit 16e82be454cbf41299e6a055d54d489ca4612ee0)
Reviewed-on: https://go-review.googlesource.com/c/go/+/334410
Run-TryBot: Cherry Mui <cherryyz@google.com>
---
diff --git a/src/runtime/signal_unix.go b/src/runtime/signal_unix.go
index 3f70707..89f936e 100644
--- a/src/runtime/signal_unix.go
+++ b/src/runtime/signal_unix.go
@@ -381,7 +381,7 @@
//go:nosplit
func sigFetchG(c *sigctxt) *g {
switch GOARCH {
- case "arm", "arm64":
+ case "arm", "arm64", "ppc64", "ppc64le":
if !iscgo && inVDSOPage(c.sigpc()) {
// When using cgo, we save the g on TLS and load it from there
// in sigtramp. Just use that.
diff --git a/src/runtime/sys_linux_ppc64x.s b/src/runtime/sys_linux_ppc64x.s
index fd69ee7..7be8c4c 100644
--- a/src/runtime/sys_linux_ppc64x.s
+++ b/src/runtime/sys_linux_ppc64x.s
@@ -215,15 +215,45 @@
MOVD (g_sched+gobuf_sp)(R7), R1 // Set SP to g0 stack
noswitch:
- SUB $16, R1 // Space for results
- RLDICR $0, R1, $59, R1 // Align for C code
+ SUB $16, R1 // Space for results
+ RLDICR $0, R1, $59, R1 // Align for C code
MOVD R12, CTR
MOVD R1, R4
- BL (CTR) // Call from VDSO
- MOVD $0, R0 // Restore R0
- MOVD 0(R1), R3 // sec
- MOVD 8(R1), R5 // nsec
- MOVD R15, R1 // Restore SP
+
+ // Store g on gsignal's stack, so if we receive a signal
+ // during VDSO code we can find the g.
+ // If we don't have a signal stack, we won't receive signal,
+ // so don't bother saving g.
+ // When using cgo, we already saved g on TLS, also don't save
+ // g here.
+ // Also don't save g if we are already on the signal stack.
+ // We won't get a nested signal.
+ MOVBZ runtime·iscgo(SB), R22
+ CMP R22, $0
+ BNE nosaveg
+ MOVD m_gsignal(R21), R22 // g.m.gsignal
+ CMP R22, $0
+ BEQ nosaveg
+
+ CMP g, R22
+ BEQ nosaveg
+ MOVD (g_stack+stack_lo)(R22), R22 // g.m.gsignal.stack.lo
+ MOVD g, (R22)
+
+ BL (CTR) // Call from VDSO
+
+ MOVD $0, (R22) // clear g slot, R22 is unchanged by C code
+
+ JMP finish
+
+nosaveg:
+ BL (CTR) // Call from VDSO
+
+finish:
+ MOVD $0, R0 // Restore R0
+ MOVD 0(R1), R3 // sec
+ MOVD 8(R1), R5 // nsec
+ MOVD R15, R1 // Restore SP
// Restore vdsoPC, vdsoSP
// We don't worry about being signaled between the two stores.
@@ -235,7 +265,7 @@
MOVD 32(R1), R6
MOVD R6, m_vdsoPC(R21)
-finish:
+return:
MOVD R3, sec+0(FP)
MOVW R5, nsec+8(FP)
RET
@@ -246,7 +276,7 @@
SYSCALL $SYS_clock_gettime
MOVD 32(R1), R3
MOVD 40(R1), R5
- JMP finish
+ JMP return
TEXT runtime·nanotime1(SB),NOSPLIT,$16-8
MOVD $1, R3 // CLOCK_MONOTONIC
@@ -282,7 +312,37 @@
RLDICR $0, R1, $59, R1 // Align for C code
MOVD R12, CTR
MOVD R1, R4
- BL (CTR) // Call from VDSO
+
+ // Store g on gsignal's stack, so if we receive a signal
+ // during VDSO code we can find the g.
+ // If we don't have a signal stack, we won't receive signal,
+ // so don't bother saving g.
+ // When using cgo, we already saved g on TLS, also don't save
+ // g here.
+ // Also don't save g if we are already on the signal stack.
+ // We won't get a nested signal.
+ MOVBZ runtime·iscgo(SB), R22
+ CMP R22, $0
+ BNE nosaveg
+ MOVD m_gsignal(R21), R22 // g.m.gsignal
+ CMP R22, $0
+ BEQ nosaveg
+
+ CMP g, R22
+ BEQ nosaveg
+ MOVD (g_stack+stack_lo)(R22), R22 // g.m.gsignal.stack.lo
+ MOVD g, (R22)
+
+ BL (CTR) // Call from VDSO
+
+ MOVD $0, (R22) // clear g slot, R22 is unchanged by C code
+
+ JMP finish
+
+nosaveg:
+ BL (CTR) // Call from VDSO
+
+finish:
MOVD $0, R0 // Restore R0
MOVD 0(R1), R3 // sec
MOVD 8(R1), R5 // nsec
@@ -298,7 +358,7 @@
MOVD 32(R1), R6
MOVD R6, m_vdsoPC(R21)
-finish:
+return:
// sec is in R3, nsec in R5
// return nsec in R3
MOVD $1000000000, R4
@@ -313,7 +373,7 @@
SYSCALL $SYS_clock_gettime
MOVD 32(R1), R3
MOVD 40(R1), R5
- JMP finish
+ JMP return
TEXT runtime·rtsigprocmask(SB),NOSPLIT|NOFRAME,$0-28
MOVW how+0(FP), R3
@@ -366,7 +426,7 @@
// this might be called in external code context,
// where g is not set.
MOVBZ runtime·iscgo(SB), R6
- CMP R6, $0
+ CMP R6, $0
BEQ 2(PC)
BL runtime·load_g(SB)

44
rhbz1952381.patch
View File

@ -1,5 +1,5 @@
diff --git a/src/crypto/internal/boring/aes.go b/src/crypto/internal/boring/aes.go
index 2ca64bf..8111b6d 100644
index 457decf..961795a 100644
--- a/src/crypto/internal/boring/aes.go
+++ b/src/crypto/internal/boring/aes.go
@@ -130,7 +130,11 @@ func (c *aesCipher) Decrypt(dst, src []byte) {
@ -15,7 +15,7 @@ index 2ca64bf..8111b6d 100644
outlen := C.int(0)
C._goboringcrypto_EVP_CipherUpdate(c.dec_ctx, (*C.uchar)(unsafe.Pointer(&dst[0])), &outlen, (*C.uchar)(unsafe.Pointer(&src[0])), C.int(aesBlockSize))
runtime.KeepAlive(c)
@@ -165,6 +169,11 @@ func (x *aesCBC) CryptBlocks(dst, src []byte) {
@@ -157,6 +161,11 @@ func (x *aesCBC) CryptBlocks(dst, src []byte) {
}
if len(src) > 0 {
outlen := C.int(0)
@ -108,7 +108,7 @@ index e7ae80c..45c856b 100644
type fail string
diff --git a/src/crypto/internal/boring/goopenssl.h b/src/crypto/internal/boring/goopenssl.h
index 3585458..0762c95 100644
index 745e8a4..284e845 100644
--- a/src/crypto/internal/boring/goopenssl.h
+++ b/src/crypto/internal/boring/goopenssl.h
@@ -14,6 +14,15 @@
@ -202,7 +202,7 @@ index 3585458..0762c95 100644
#include <openssl/rand.h>
@@ -716,6 +741,7 @@ static inline int
@@ -735,6 +759,7 @@ static inline int
_goboringcrypto_EVP_PKEY_CTX_set_signature_md(EVP_PKEY_CTX *ctx, const EVP_MD *md) {
return _goboringcrypto_EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_SIG, EVP_PKEY_CTRL_MD, 0, (void *)md);
}
@ -346,7 +346,7 @@ index ff5c439..6047d65 100644
return len(b), nil
}
diff --git a/src/crypto/internal/boring/rsa.go b/src/crypto/internal/boring/rsa.go
index 2eefc27..668c12f 100644
index 0223243..b72af0d 100644
--- a/src/crypto/internal/boring/rsa.go
+++ b/src/crypto/internal/boring/rsa.go
@@ -141,7 +141,7 @@ func setupRSA(withKey func(func(*C.GO_RSA) C.int) C.int,
@ -677,18 +677,10 @@ index 3dd1ec9..60c769c 100644
pub := &PublicKey{
E: 65537,
diff --git a/src/crypto/rsa/pss_test.go b/src/crypto/rsa/pss_test.go
index 497dd62..d83e7e0 100644
index 6a5a93f..2032b4b 100644
--- a/src/crypto/rsa/pss_test.go
+++ b/src/crypto/rsa/pss_test.go
@@ -10,6 +10,7 @@ import (
"compress/bzip2"
"crypto"
"crypto/rand"
+ "crypto/boring"
"crypto/sha1"
_ "crypto/sha256"
"encoding/hex"
@@ -131,7 +132,6 @@ func TestPSSGolden(t *testing.T) {
@@ -132,7 +132,6 @@ func TestPSSGolden(t *testing.T) {
opts := &PSSOptions{
SaltLength: PSSSaltLengthEqualsHash,
}
@ -696,7 +688,7 @@ index 497dd62..d83e7e0 100644
for marker := range values {
switch marker {
case newKeyMarker:
@@ -173,18 +173,13 @@ func TestPSSOpenSSL(t *testing.T) {
@@ -174,18 +173,13 @@ func TestPSSOpenSSL(t *testing.T) {
h.Write(hashed)
hashed = h.Sum(nil)
@ -718,7 +710,7 @@ index 497dd62..d83e7e0 100644
t.Error(err)
}
}
@@ -211,24 +206,47 @@ func TestPSSSigning(t *testing.T) {
@@ -212,24 +206,47 @@ func TestPSSSigning(t *testing.T) {
{8, 8, true},
}
@ -934,7 +926,7 @@ index d9693a7..cfe020e 100644
label := []byte(fmt.Sprintf("hi#%d", j))
enc, err := EncryptOAEP(sha256, rand.Reader, &priv.PublicKey, message.in, label)
diff --git a/src/crypto/tls/boring_test.go b/src/crypto/tls/boring_test.go
index 5485080..575b99f 100644
index 94a24ff..577bc73 100644
--- a/src/crypto/tls/boring_test.go
+++ b/src/crypto/tls/boring_test.go
@@ -26,7 +26,7 @@ import (
@ -964,7 +956,7 @@ index 5485080..575b99f 100644
serverConfig.Certificates = make([]Certificate, 1)
serverConfig.Certificates[0].Certificate = [][]byte{testECDSACertificate}
serverConfig.Certificates[0].PrivateKey = testECDSAPrivateKey
@@ -203,7 +203,7 @@ func TestBoringServerSignatureAndHash(t *testing.T) {
@@ -204,7 +204,7 @@ func TestBoringServerSignatureAndHash(t *testing.T) {
for _, sigHash := range defaultSupportedSignatureAlgorithms {
t.Run(fmt.Sprintf("%#x", sigHash), func(t *testing.T) {
@ -973,7 +965,7 @@ index 5485080..575b99f 100644
serverConfig.Certificates = make([]Certificate, 1)
testingOnlyForceClientHelloSignatureAlgorithms = []SignatureScheme{sigHash}
@@ -262,7 +262,7 @@ func TestBoringClientHello(t *testing.T) {
@@ -263,7 +263,7 @@ func TestBoringClientHello(t *testing.T) {
defer c.Close()
defer s.Close()
@ -982,7 +974,7 @@ index 5485080..575b99f 100644
// All sorts of traps for the client to avoid.
clientConfig.MinVersion = VersionSSL30
clientConfig.MaxVersion = VersionTLS13
@@ -336,12 +336,12 @@ func TestBoringCertAlgs(t *testing.T) {
@@ -337,12 +337,12 @@ func TestBoringCertAlgs(t *testing.T) {
// client verifying server cert
testServerCert := func(t *testing.T, desc string, pool *x509.CertPool, key interface{}, list [][]byte, ok bool) {
@ -997,7 +989,7 @@ index 5485080..575b99f 100644
serverConfig.Certificates = []Certificate{{Certificate: list, PrivateKey: key}}
serverConfig.BuildNameToCertificate()
@@ -364,11 +364,11 @@ func TestBoringCertAlgs(t *testing.T) {
@@ -365,11 +365,11 @@ func TestBoringCertAlgs(t *testing.T) {
// server verifying client cert
testClientCert := func(t *testing.T, desc string, pool *x509.CertPool, key interface{}, list [][]byte, ok bool) {
@ -1011,7 +1003,7 @@ index 5485080..575b99f 100644
serverConfig.ClientCAs = pool
serverConfig.ClientAuth = RequireAndVerifyClientCert
@@ -393,8 +393,13 @@ func TestBoringCertAlgs(t *testing.T) {
@@ -394,8 +394,13 @@ func TestBoringCertAlgs(t *testing.T) {
// exhaustive test with computed answers.
r1pool := x509.NewCertPool()
r1pool.AddCert(R1.cert)
@ -1027,7 +1019,7 @@ index 5485080..575b99f 100644
fipstls.Force()
testServerCert(t, "basic (fips)", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, false)
testClientCert(t, "basic (fips, client cert)", r1pool, L2_I.key, [][]byte{L2_I.der, I_R1.der}, false)
@@ -457,6 +462,10 @@ func TestBoringCertAlgs(t *testing.T) {
@@ -458,6 +463,10 @@ func TestBoringCertAlgs(t *testing.T) {
addRoot(r&1, R1)
addRoot(r&2, R2)
rootName = rootName[1:] // strip leading comma
@ -1038,7 +1030,7 @@ index 5485080..575b99f 100644
testServerCert(t, listName+"->"+rootName[1:], pool, leaf.key, list, shouldVerify)
testClientCert(t, listName+"->"+rootName[1:]+"(client cert)", pool, leaf.key, list, shouldVerify)
fipstls.Force()
@@ -576,6 +585,16 @@ var (
@@ -577,6 +586,16 @@ var (
testRSA2048PrivateKey *rsa.PrivateKey
)
@ -1056,7 +1048,7 @@ index 5485080..575b99f 100644
block, _ := pem.Decode([]byte(`
-----BEGIN CERTIFICATE-----
diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
index 51dda16..31723b6 100644
index a4053ab..aff4ff2 100644
--- a/src/crypto/x509/x509_test.go
+++ b/src/crypto/x509/x509_test.go
@@ -151,6 +151,7 @@ func TestPKIXMismatchPublicKeyFormat(t *testing.T) {

4
sources
View File

@ -1,3 +1 @@
SHA512 (go-go-1.16.4-1-openssl-fips.tar.gz) = c99957801440519fa5145a6901fd513baa087584a7d51c726e2ac61094cf65e81798b2773c4a74fa7e904934452709a97c91e3d9cd1695b8537e4858e15b5e47
SHA512 (go-go-1.16.6-2-openssl-fips.tar.gz) = 8398c1860c7277ac61a7957fe702f0d869d291b45f08e031364c35a68319d25cbef62755c1dc790d24d080017163e469251e0fb70e68d1cbd04390b9a6c540dd
SHA512 (go-go-1.16.6-3-openssl-fips.tar.gz) = 2cf8da0ba5c35e5d319c15505a146e00a256233b9f3a2f5bd88e9524a738d7a8ed1bbeeaaa01e3a9e0fce3b24b326e10171c1e588dfbd87959ff29abf2a68dc2
SHA512 (go-go-1.17.2-1-openssl-fips.tar.gz) = dc0ff0b9cc85ec874bf48f42b61d8394ae16787d708c4b2255115d0f8d99bcc4ad2684392f79001a10dab803e6b7f7fee961ece415ad20176eab61bc7d9ee788