Compare commits
6 Commits
c10-beta
...
c8-stream-
| Author | SHA1 | Date | |
|---|---|---|---|
| 745f380f85 | |||
| f65e7cb122 | |||
| a59e37d449 | |||
| c7130ae3e8 | |||
| 899e164860 | |||
| d6bb6b5a95 |
5
.gitignore
vendored
5
.gitignore
vendored
@ -1,2 +1,3 @@
|
||||
SOURCES/go1.21.13-4-openssl-fips.tar.gz
|
||||
SOURCES/go1.21.13.tar.gz
|
||||
SOURCES/compiler-rt-18.1.8.src.tar.xz
|
||||
SOURCES/go1.25.3-1-openssl-fips.tar.gz
|
||||
SOURCES/go1.25.3.tar.gz
|
||||
|
||||
@ -1,2 +1,3 @@
|
||||
cfcfc208c18ecffcebe3d6218537f495eb555395 SOURCES/go1.21.13-4-openssl-fips.tar.gz
|
||||
a6aa471b6f806146bbd4ffec11b70ca834421a2e SOURCES/go1.21.13.tar.gz
|
||||
6ecbfa5516b60adb4e4e60f991b0d8ddf5aab12a SOURCES/compiler-rt-18.1.8.src.tar.xz
|
||||
eb585257c57d2644a89c43d5fa277f78df3ab8c9 SOURCES/go1.25.3-1-openssl-fips.tar.gz
|
||||
22eae00c75c7739a710b07eb4d2a4e96c89c479e SOURCES/go1.25.3.tar.gz
|
||||
|
||||
@ -1,374 +0,0 @@
|
||||
diff --git a/src/crypto/boring/boring.go b/src/crypto/boring/boring.go
|
||||
index 47618fe..d93784d 100644
|
||||
--- a/src/crypto/boring/boring.go
|
||||
+++ b/src/crypto/boring/boring.go
|
||||
@@ -2,7 +2,7 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build boringcrypto
|
||||
+//go:build boringcrypto && !static
|
||||
|
||||
// Package boring exposes functions that are only available when building with
|
||||
// Go+BoringCrypto. This package is available on all targets as long as the
|
||||
diff --git a/src/crypto/internal/backend/nobackend.go b/src/crypto/internal/backend/nobackend.go
|
||||
index 33a53a8..f630ea5 100644
|
||||
--- a/src/crypto/internal/backend/nobackend.go
|
||||
+++ b/src/crypto/internal/backend/nobackend.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl
|
||||
-// +build !linux !cgo android cmd_go_bootstrap msan no_openssl
|
||||
+//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || static
|
||||
+// +build !linux !cgo android cmd_go_bootstrap msan no_openssl static
|
||||
|
||||
package backend
|
||||
|
||||
diff --git a/src/crypto/internal/backend/openssl.go b/src/crypto/internal/backend/openssl.go
|
||||
index 59370ec..eb81ef6 100644
|
||||
--- a/src/crypto/internal/backend/openssl.go
|
||||
+++ b/src/crypto/internal/backend/openssl.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && cgo && !android && !gocrypt && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,cgo,!android,!gocrypt,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && cgo && !android && !gocrypt && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,cgo,!android,!gocrypt,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
// Package openssl provides access to OpenSSLCrypto implementation functions.
|
||||
// Check the variable Enabled to find out whether OpenSSLCrypto is available.
|
||||
diff --git a/src/crypto/internal/boring/div_test.c b/src/crypto/internal/boring/div_test.c
|
||||
index f909cc9..8530533 100644
|
||||
--- a/src/crypto/internal/boring/div_test.c
|
||||
+++ b/src/crypto/internal/boring/div_test.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// Copyright 2022 The Go Authors. All rights reserved.
|
||||
+// +build !static
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
diff --git a/src/crypto/internal/boring/goboringcrypto.h b/src/crypto/internal/boring/goboringcrypto.h
|
||||
index 2b11049..dec1cb2 100644
|
||||
--- a/src/crypto/internal/boring/goboringcrypto.h
|
||||
+++ b/src/crypto/internal/boring/goboringcrypto.h
|
||||
@@ -1,4 +1,5 @@
|
||||
// Copyright 2017 The Go Authors. All rights reserved.
|
||||
+// +build !static
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
diff --git a/src/crypto/internal/boring/syso/syso.go b/src/crypto/internal/boring/syso/syso.go
|
||||
index b338754..db5ea1e 100644
|
||||
--- a/src/crypto/internal/boring/syso/syso.go
|
||||
+++ b/src/crypto/internal/boring/syso/syso.go
|
||||
@@ -2,7 +2,7 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build boringcrypto
|
||||
+//go:build boringcrypto && !static
|
||||
|
||||
// This package only exists with GOEXPERIMENT=boringcrypto.
|
||||
// It provides the actual syso file.
|
||||
diff --git a/src/crypto/tls/fipsonly/fipsonly.go b/src/crypto/tls/fipsonly/fipsonly.go
|
||||
index e5e4783..a0d9523 100644
|
||||
--- a/src/crypto/tls/fipsonly/fipsonly.go
|
||||
+++ b/src/crypto/tls/fipsonly/fipsonly.go
|
||||
@@ -2,7 +2,7 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build boringcrypto
|
||||
+//go:build boringcrypto && !static
|
||||
|
||||
// Package fipsonly restricts all TLS configuration to FIPS-approved settings.
|
||||
//
|
||||
diff --git a/src/crypto/tls/fipsonly/fipsonly_test.go b/src/crypto/tls/fipsonly/fipsonly_test.go
|
||||
index f8485dc..6563ac4 100644
|
||||
--- a/src/crypto/tls/fipsonly/fipsonly_test.go
|
||||
+++ b/src/crypto/tls/fipsonly/fipsonly_test.go
|
||||
@@ -2,7 +2,7 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build boringcrypto
|
||||
+//go:build boringcrypto && !static
|
||||
|
||||
package fipsonly
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/aes.go b/src/vendor/github.com/golang-fips/openssl/openssl/aes.go
|
||||
index 079fc3c..e826d0b 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/aes.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/aes.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/ecdh.go b/src/vendor/github.com/golang-fips/openssl/openssl/ecdh.go
|
||||
index 9537870..c491628 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/ecdh.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/ecdh.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/ecdsa.go b/src/vendor/github.com/golang-fips/openssl/openssl/ecdsa.go
|
||||
index 9f46388..87feb18 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/ecdsa.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/ecdsa.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/evp.go b/src/vendor/github.com/golang-fips/openssl/openssl/evp.go
|
||||
index 46d2bdd..34f4a43 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/evp.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/evp.go
|
||||
@@ -1,5 +1,5 @@
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
|
||||
index ac6c64f..5526db9 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
|
||||
@@ -1,4 +1,5 @@
|
||||
// Copyright 2017 The Go Authors. All rights reserved.
|
||||
+// +build !static
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
// +build linux
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/hkdf.go b/src/vendor/github.com/golang-fips/openssl/openssl/hkdf.go
|
||||
index 2e21224..83da261 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/hkdf.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/hkdf.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
|
||||
index 3af1924..57a525a 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/notboring.go b/src/vendor/github.com/golang-fips/openssl/openssl/notboring.go
|
||||
index 5093cde..0610495 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/notboring.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/notboring.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl
|
||||
-// +build !linux !cgo android cmd_go_bootstrap msan no_openssl
|
||||
+//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || static
|
||||
+// +build !linux !cgo android cmd_go_bootstrap msan no_openssl static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl.go b/src/vendor/github.com/golang-fips/openssl/openssl/openssl.go
|
||||
index 17a9034..db51ced 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_ecdsa_signature.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_ecdsa_signature.c
|
||||
index 7ce9833..fe66288 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_ecdsa_signature.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_ecdsa_signature.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// +build linux
|
||||
+// +build !static
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
// +build !cmd_go_bootstrap
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c
|
||||
index a45ed60..2b541fd 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_evp.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// +build linux
|
||||
+// +build !static
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
// +build !cmd_go_bootstrap
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_lock_setup.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_lock_setup.c
|
||||
index 49d40a7..3b3dbf8 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_lock_setup.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_lock_setup.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// +build linux
|
||||
+// +build !static
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
// +build !cmd_go_bootstrap
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_aead_gcm.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_aead_gcm.c
|
||||
index 7eb645e..1c3225a 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_aead_gcm.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_aead_gcm.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// This file contains a port of the BoringSSL AEAD interface.
|
||||
+// +build !static
|
||||
// +build linux
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ctr128.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ctr128.c
|
||||
index df4ebe3..876393b 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ctr128.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ctr128.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// +build linux
|
||||
+// +build !static
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
// +build !cmd_go_bootstrap
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c
|
||||
index 8205b04..dcd751d 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_ecdh.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// +build linux
|
||||
+// +build !static
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
// +build !cmd_go_bootstrap
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c
|
||||
index 2eedd5b..04510d3 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_evp_md5_sha1.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// This file contains a backport of the EVP_md5_sha1 method.
|
||||
+// +build !static
|
||||
// +build linux
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
|
||||
index a5996d6..2552081 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// This file contains HMAC portability wrappers.
|
||||
+// +build !static
|
||||
// +build linux
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_rsa.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_rsa.c
|
||||
index e214929..c9f6887 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_rsa.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_rsa.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// This file contains RSA portability wrappers.
|
||||
+// +build !static
|
||||
// +build linux
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_stub_rand.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_stub_rand.c
|
||||
index 22bd865..b7aa26b 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_stub_rand.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_stub_rand.c
|
||||
@@ -1,4 +1,5 @@
|
||||
// +build linux
|
||||
+// +build !static
|
||||
// +build !android
|
||||
// +build !no_openssl
|
||||
// +build !cmd_go_bootstrap
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/rand.go b/src/vendor/github.com/golang-fips/openssl/openssl/rand.go
|
||||
index b3668b8..dcdae70 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/rand.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/rand.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/rsa.go b/src/vendor/github.com/golang-fips/openssl/openssl/rsa.go
|
||||
index 7870b93..564db24 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/rsa.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/rsa.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/sha.go b/src/vendor/github.com/golang-fips/openssl/openssl/sha.go
|
||||
index 0b55ced..57309c0 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/sha.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/sha.go
|
||||
@@ -2,8 +2,8 @@
|
||||
// Use of this source code is governed by a BSD-style
|
||||
// license that can be found in the LICENSE file.
|
||||
|
||||
-//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
|
||||
-// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
|
||||
+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
|
||||
+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
|
||||
|
||||
package openssl
|
||||
|
||||
@ -1,13 +0,0 @@
|
||||
diff --git a/src/cmd/dist/test.go b/src/cmd/dist/test.go
|
||||
index 36a20e8b2a..8c2dd1b44b 100644
|
||||
--- a/src/cmd/dist/test.go
|
||||
+++ b/src/cmd/dist/test.go
|
||||
@@ -1125,7 +1125,7 @@ func (t *tester) registerCgoTests(heading string) {
|
||||
} else {
|
||||
panic("unknown linkmode with static build: " + linkmode)
|
||||
}
|
||||
- gt.tags = append(gt.tags, "static")
|
||||
+ gt.tags = append(gt.tags, "static", "no_openssl")
|
||||
}
|
||||
gt.ldflags = strings.Join(ldflags, " ")
|
||||
|
||||
@ -1,92 +0,0 @@
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
|
||||
index ac6c64f86d..5213b841dc 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
|
||||
@@ -264,7 +264,7 @@ int _goboringcrypto_HMAC_Update(GO_HMAC_CTX *ctx,
|
||||
int _goboringcrypto_HMAC_CTX_reset(GO_HMAC_CTX *ctx);
|
||||
void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx);
|
||||
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
|
||||
- unsigned char *md, unsigned int *len);
|
||||
+ unsigned char *md, unsigned int len);
|
||||
|
||||
#include <openssl/evp.h>
|
||||
#include <openssl/aes.h>
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
|
||||
index 3af1924884..c76d6690aa 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
|
||||
@@ -121,7 +121,9 @@ func (h *boringHMAC) finalize() {
|
||||
|
||||
func (h *boringHMAC) Write(p []byte) (int, error) {
|
||||
if len(p) > 0 {
|
||||
- C._goboringcrypto_HMAC_Update(h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p)))
|
||||
+ if C._goboringcrypto_HMAC_Update(h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p))) == 0 {
|
||||
+ panic("boringcrypto: HMAC_Update failed")
|
||||
+ }
|
||||
}
|
||||
runtime.KeepAlive(h)
|
||||
return len(p), nil
|
||||
@@ -136,10 +138,12 @@ func (h *boringHMAC) BlockSize() int {
|
||||
}
|
||||
|
||||
func (h *boringHMAC) Sum(in []byte) []byte {
|
||||
+ size := h.Size()
|
||||
if h.sum == nil {
|
||||
- size := h.Size()
|
||||
h.sum = make([]byte, size)
|
||||
}
|
||||
- C._goboringcrypto_HMAC_Final(h.ctx, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), nil)
|
||||
+ if C._goboringcrypto_HMAC_Final(h.ctx, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), C.uint(size)) == 0 {
|
||||
+ panic("boringcrypto: HMAC_Final failed")
|
||||
+ }
|
||||
return append(in, h.sum...)
|
||||
}
|
||||
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
|
||||
index d26ce90c82..f7dabb25e0 100644
|
||||
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
|
||||
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
|
||||
@@ -115,10 +115,10 @@ void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx)
|
||||
}
|
||||
|
||||
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
|
||||
- unsigned char *md, unsigned int *len)
|
||||
+ unsigned char *md, unsigned int len)
|
||||
{
|
||||
EVP_MD_CTX *mdctx = NULL;
|
||||
- size_t slen;
|
||||
+ size_t slen = len;
|
||||
int ret = 0;
|
||||
|
||||
mdctx = _goboringcrypto_EVP_MD_CTX_create();
|
||||
@@ -128,9 +128,10 @@ int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
|
||||
if (_goboringcrypto_internal_EVP_MD_CTX_copy_ex(mdctx, ctx->mdctx) != 1)
|
||||
goto err;
|
||||
|
||||
- ret = _goboringcrypto_EVP_DigestSignFinal(mdctx, md, &slen);
|
||||
- if (ret == 1 && len)
|
||||
- *len = slen;
|
||||
+ if (_goboringcrypto_EVP_DigestSignFinal(mdctx, md, &slen) != 1)
|
||||
+ goto err;
|
||||
+
|
||||
+ ret = 1;
|
||||
|
||||
err:
|
||||
_goboringcrypto_EVP_MD_CTX_free(mdctx);
|
||||
@@ -219,7 +220,7 @@ void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx)
|
||||
}
|
||||
|
||||
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
|
||||
- unsigned char *md, unsigned int *len)
|
||||
+ unsigned char *md, unsigned int len)
|
||||
{
|
||||
HMAC_CTX hctx;
|
||||
int ret;
|
||||
@@ -228,7 +229,7 @@ int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
|
||||
if (ret != 1)
|
||||
return ret;
|
||||
|
||||
- ret = _goboringcrypto_internal_HMAC_Final(&hctx, md, len);
|
||||
+ ret = _goboringcrypto_internal_HMAC_Final(&hctx, md, &len);
|
||||
_goboringcrypto_internal_HMAC_CTX_cleanup(&hctx);
|
||||
return ret;
|
||||
}
|
||||
@ -1,5 +1,9 @@
|
||||
//go:build rpm_crashtraceback
|
||||
// +build rpm_crashtraceback
|
||||
|
||||
// Copyright 2017 The Fedora Project Contributors. All rights reserved.
|
||||
// Use of this source code is governed by the MIT license.
|
||||
|
||||
package runtime
|
||||
|
||||
func init() {
|
||||
|
||||
42
SOURCES/revert_dwarf5.patch
Normal file
42
SOURCES/revert_dwarf5.patch
Normal file
@ -0,0 +1,42 @@
|
||||
From e90ae9076a108b83c645814f75a574c14a5a4b98 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
|
||||
Date: Wed, 27 Aug 2025 16:18:09 +0200
|
||||
Subject: [PATCH] Revert DWARF5 as default, use DWARF4
|
||||
|
||||
---
|
||||
src/internal/buildcfg/exp.go | 13 +------------
|
||||
1 file changed, 1 insertion(+), 12 deletions(-)
|
||||
|
||||
diff --git a/src/internal/buildcfg/exp.go b/src/internal/buildcfg/exp.go
|
||||
index 689ca8ce58..b2ea97481b 100644
|
||||
--- a/src/internal/buildcfg/exp.go
|
||||
+++ b/src/internal/buildcfg/exp.go
|
||||
@@ -67,24 +67,13 @@ func ParseGOEXPERIMENT(goos, goarch, goexp string) (*ExperimentFlags, error) {
|
||||
regabiSupported = true
|
||||
}
|
||||
|
||||
- // Older versions (anything before V16) of dsymutil don't handle
|
||||
- // the .debug_rnglists section in DWARF5. See
|
||||
- // https://github.com/golang/go/issues/26379#issuecomment-2677068742
|
||||
- // for more context. This disables all DWARF5 on mac, which is not
|
||||
- // ideal (would be better to disable just for cases where we know
|
||||
- // the build will use external linking). In the GOOS=aix case, the
|
||||
- // XCOFF format (as far as can be determined) doesn't seem to
|
||||
- // support the necessary section subtypes for DWARF-specific
|
||||
- // things like .debug_addr (needed for DWARF 5).
|
||||
- dwarf5Supported := (goos != "darwin" && goos != "ios" && goos != "aix")
|
||||
-
|
||||
baseline := goexperiment.Flags{
|
||||
RegabiWrappers: regabiSupported,
|
||||
RegabiArgs: regabiSupported,
|
||||
AliasTypeParams: true,
|
||||
SwissMap: true,
|
||||
SyncHashTrieMap: true,
|
||||
- Dwarf5: dwarf5Supported,
|
||||
+ Dwarf5: false,
|
||||
}
|
||||
|
||||
// Start with the statically enabled set of experiments.
|
||||
--
|
||||
2.51.0
|
||||
|
||||
27
SOURCES/skip_TestCrashDumpsAllThreads.patch
Normal file
27
SOURCES/skip_TestCrashDumpsAllThreads.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From fdcaf4e6876cfd910c3da672564be4a6e829047c Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
|
||||
Date: Wed, 27 Mar 2024 17:15:48 +0100
|
||||
Subject: [PATCH] Skip TestCrashDumpsAllThreads
|
||||
|
||||
---
|
||||
src/runtime/crash_unix_test.go | 4 ++++
|
||||
1 file changed, 4 insertions(+)
|
||||
|
||||
diff --git a/src/runtime/crash_unix_test.go b/src/runtime/crash_unix_test.go
|
||||
index 123a462423..a0034d6455 100644
|
||||
--- a/src/runtime/crash_unix_test.go
|
||||
+++ b/src/runtime/crash_unix_test.go
|
||||
@@ -74,6 +74,10 @@ func TestCrashDumpsAllThreads(t *testing.T) {
|
||||
t.Skip("skipping; SIGQUIT is blocked, see golang.org/issue/19196")
|
||||
}
|
||||
|
||||
+ if runtime.GOOS == "linux" && runtime.GOARCH == "s390x" {
|
||||
+ t.Skip("skipping; frequent TestCrashDumpsAllThreads failures on linux/s390x, see golang.org/issue/64650")
|
||||
+ }
|
||||
+
|
||||
testenv.MustHaveGoBuild(t)
|
||||
|
||||
if strings.Contains(os.Getenv("GOFLAGS"), "mayMoreStackPreempt") {
|
||||
--
|
||||
2.44.0
|
||||
|
||||
@ -69,6 +69,7 @@
|
||||
%global shared 0
|
||||
%endif
|
||||
|
||||
# Pre build std lib with -race enabled
|
||||
# Disabled due to 1.20 new cache usage, see 1.20 upstream release notes
|
||||
%global race 0
|
||||
|
||||
@ -91,14 +92,17 @@
|
||||
%global gohostarch s390x
|
||||
%endif
|
||||
|
||||
%global go_api 1.21
|
||||
%global version 1.21.13
|
||||
%global pkg_release 4
|
||||
%global go_api 1.25
|
||||
%global go_version 1.25.3
|
||||
%global version %{go_version}
|
||||
%global pkg_release 1
|
||||
|
||||
# LLVM compiler-rt version for race detector
|
||||
%global llvm_compiler_rt_version 18.1.8
|
||||
|
||||
Name: golang
|
||||
Version: %{version}
|
||||
Release: 3%{?dist}
|
||||
|
||||
Release: 2%{?dist}
|
||||
Summary: The Go Programming Language
|
||||
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
|
||||
License: BSD and Public Domain
|
||||
@ -110,9 +114,10 @@ Source0: https://github.com/golang/go/archive/refs/tags/go%{version}.tar.
|
||||
# located at https://github.com/golang-fips/openssl-fips,
|
||||
# And pre-genetated patches to set up the module for a given
|
||||
# Go release are located at https://github.com/golang-fips/go.
|
||||
Source1: https://github.com/golang-fips/go/archive/refs/tags/go%{version}-%{pkg_release}-openssl-fips.tar.gz
|
||||
Source1: https://github.com/golang-fips/go/archive/refs/tags/go%{version}-%{pkg_release}-openssl-fips.tar.gz
|
||||
# make possible to override default traceback level at build time by setting build tag rpm_crashtraceback
|
||||
Source2: fedora.go
|
||||
Source3: https://github.com/llvm/llvm-project/releases/download/llvmorg-%{llvm_compiler_rt_version}/compiler-rt-%{llvm_compiler_rt_version}.src.tar.xz
|
||||
|
||||
# The compiler is written in Go. Needs go(1.4+) compiler for build.
|
||||
# Actual Go based bootstrap compiler provided by above source.
|
||||
@ -131,9 +136,14 @@ BuildRequires: openssl-devel
|
||||
# for tests
|
||||
BuildRequires: pcre-devel, glibc-static, perl
|
||||
|
||||
# Necessary for building llvm address sanitizer for Go race detector
|
||||
BuildRequires: libstdc++-devel
|
||||
BuildRequires: clang
|
||||
|
||||
Provides: go = %{version}-%{release}
|
||||
Requires: %{name}-bin = %{version}-%{release}
|
||||
Requires: %{name}-src = %{version}-%{release}
|
||||
Requires: %{name}-race = %{version}-%{release}
|
||||
Requires: openssl-devel
|
||||
Requires: diffutils
|
||||
|
||||
@ -142,11 +152,10 @@ Patch221: fix_TestScript_list_std.patch
|
||||
|
||||
Patch1939923: skip_test_rhbz1939923.patch
|
||||
|
||||
Patch2: disable_static_tests_part1.patch
|
||||
Patch3: disable_static_tests_part2.patch
|
||||
Patch5: modify_go.env.patch
|
||||
|
||||
Patch231: evp-digest-sign-final.patch
|
||||
Patch4: modify_go.env.patch
|
||||
Patch6: skip_TestCrashDumpsAllThreads.patch
|
||||
# Related: https://sourceware.org/bugzilla/show_bug.cgi?id=33204
|
||||
Patch7: revert_dwarf5.patch
|
||||
|
||||
# Having documentation separate was broken
|
||||
Obsoletes: %{name}-docs < 1.1-4
|
||||
@ -154,9 +163,6 @@ Obsoletes: %{name}-docs < 1.1-4
|
||||
# RPM can't handle symlink -> dir with subpackages, so merge back
|
||||
Obsoletes: %{name}-data < 1.1.1-4
|
||||
|
||||
# We don't build golang-race anymore, rhbz#2230599
|
||||
Obsoletes: golang-race < 1.20.0
|
||||
|
||||
# These are the only RHEL/Fedora architectures that we compile this package for
|
||||
ExclusiveArch: %{golang_arches}
|
||||
|
||||
@ -227,15 +233,23 @@ Summary: Golang shared object libraries
|
||||
%{summary}.
|
||||
%endif
|
||||
|
||||
%if %{race}
|
||||
%package race
|
||||
Summary: Golang std library with -race enabled
|
||||
%package -n go-toolset
|
||||
Summary: Package that installs go-toolset
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
%ifarch x86_64 aarch64 ppc64le
|
||||
Requires: delve
|
||||
%endif
|
||||
|
||||
%description -n go-toolset
|
||||
This is the main package for go-toolset.
|
||||
|
||||
|
||||
%package race
|
||||
Summary: Race detetector library object files.
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
|
||||
%description race
|
||||
%{summary}
|
||||
%endif
|
||||
Binary library objects for Go's race detector.
|
||||
|
||||
%prep
|
||||
%setup -q -n go-go%{version}
|
||||
@ -246,8 +260,8 @@ popd
|
||||
patch_dir="../go-go%{version}-%{pkg_release}-openssl-fips/patches"
|
||||
# Add --no-backup-if-mismatch option to avoid creating .orig temp files
|
||||
for p in "$patch_dir"/*.patch; do
|
||||
echo "Applying $p"
|
||||
patch -p1 --no-backup-if-mismatch < $p
|
||||
echo "Applying $p"
|
||||
patch --no-backup-if-mismatch -p1 < $p
|
||||
done
|
||||
|
||||
# Configure crypto tests
|
||||
@ -261,6 +275,11 @@ popd
|
||||
sed -i '1s/$/ (%{?rhel:Red Hat} %{version}-%{release})/' VERSION
|
||||
|
||||
cp %{SOURCE2} ./src/runtime/
|
||||
# Delete the bundled race detector objects.
|
||||
find ./src/runtime/race/ -name "race_*.syso" -exec rm {} \;
|
||||
|
||||
# Delete the boring binary blob. We use the system OpenSSL instead.
|
||||
rm -rf src/crypto/internal/boring/syso
|
||||
|
||||
%build
|
||||
set -xe
|
||||
@ -269,6 +288,40 @@ uname -a
|
||||
cat /proc/cpuinfo
|
||||
cat /proc/meminfo
|
||||
|
||||
# Build race detector .syso's from llvm sources
|
||||
# The race detector requests a -fno-exceptions build.
|
||||
%global tsan_buildflags %(rpm -D 'toolchain clang' -E '%{optflags}' | sed 's/-fexceptions//')
|
||||
%global tsan_optflag -O1
|
||||
mkdir ../llvm
|
||||
|
||||
tar -xf %{SOURCE3} -C ../llvm
|
||||
tsan_go_dir="../llvm/compiler-rt-%{llvm_compiler_rt_version}.src/lib/tsan/go"
|
||||
|
||||
# The script uses uname -a and grep to set the GOARCH. This
|
||||
# is unreliable and can get the wrong architecture in
|
||||
# circumstances like cross-architecture emulation. We fix it
|
||||
# by just reading GOARCH directly from Go.
|
||||
export GOARCH=$(go env GOARCH)
|
||||
|
||||
%ifarch x86_64
|
||||
pushd "${tsan_go_dir}"
|
||||
CFLAGS="%{tsan_buildflags} %{tsan_optflag}" CC=clang GOAMD64=v3 ./buildgo.sh
|
||||
popd
|
||||
cp "${tsan_go_dir}"/race_linux_amd64.syso ./src/runtime/race/internal/amd64v3/race_linux.syso
|
||||
|
||||
pushd "${tsan_go_dir}"
|
||||
CFLAGS="%{tsan_buildflags} %{tsan_optflag}" CC=clang GOAMD64=v1 ./buildgo.sh
|
||||
popd
|
||||
cp "${tsan_go_dir}"/race_linux_amd64.syso ./src/runtime/race/internal/amd64v1/race_linux.syso
|
||||
|
||||
%else
|
||||
pushd "${tsan_go_dir}"
|
||||
CFLAGS="%{tsan_buildflags} %{tsan_optflag}" CC=clang ./buildgo.sh
|
||||
popd
|
||||
cp "${tsan_go_dir}"/race_linux_%{gohostarch}.syso ./src/runtime/race/race_linux_%{gohostarch}.syso
|
||||
%endif
|
||||
|
||||
|
||||
# bootstrap compiler GOROOT
|
||||
%if !%{golang_bootstrap}
|
||||
export GOROOT_BOOTSTRAP=/
|
||||
@ -372,7 +425,7 @@ pushd $RPM_BUILD_ROOT%{goroot}
|
||||
echo "%%{goroot}/$file" >> $shared_list
|
||||
echo "%%{golibdir}/$(basename $file)" >> $shared_list
|
||||
done
|
||||
|
||||
|
||||
find pkg/*_dynlink/ -type d -printf '%%%dir %{goroot}/%p\n' >> $shared_list
|
||||
find pkg/*_dynlink/ ! -type d -printf '%{goroot}/%p\n' >> $shared_list
|
||||
%endif
|
||||
@ -446,18 +499,16 @@ export GO_TEST_RUN=""
|
||||
|
||||
%if %{fail_on_tests}
|
||||
|
||||
# TestEd25519Vectors needs network connectivity but it should be cover by
|
||||
# this test https://pkgs.devel.redhat.com/cgit/tests/golang/tree/Regression/internal-testsuite/runtest.sh#n127
|
||||
|
||||
./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
|
||||
|
||||
# Run tests with FIPS enabled.
|
||||
export GOLANG_FIPS=1
|
||||
export OPENSSL_FORCE_FIPS_MODE=1
|
||||
pushd crypto
|
||||
# Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
|
||||
go test $(go list ./... | grep -v tls) -v
|
||||
go test -timeout 50m $(go list ./... | grep -v tls) -v -skip="TestEd25519Vectors|TestACVP"
|
||||
# Check that signature functions have parity between boring and notboring
|
||||
CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
|
||||
CGO_ENABLED=0 go test -timeout 50m $(go list ./... | grep -v tls) -v -skip="TestEd25519Vectors|TestACVP"
|
||||
popd
|
||||
# Run all FIPS specific TLS tests
|
||||
pushd crypto/tls
|
||||
@ -502,8 +553,13 @@ cd ..
|
||||
# prelink blacklist
|
||||
%{_sysconfdir}/prelink.conf.d
|
||||
|
||||
|
||||
%files -f go-src.list src
|
||||
%ifarch x86_64
|
||||
%exclude %{goroot}/src/runtime/race/internal/amd64v1/race_linux.syso
|
||||
%exclude %{goroot}/src/runtime/race/internal/amd64v3/race_linux.syso
|
||||
%else
|
||||
%exclude %{goroot}/src/runtime/race/race_linux_%{gohostarch}.syso
|
||||
%endif
|
||||
|
||||
%files -f go-docs.list docs
|
||||
|
||||
@ -520,38 +576,95 @@ cd ..
|
||||
%files -f go-shared.list shared
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Oct 01 2024 David Benoit <dbenoit@redhat.com> - 1.21.13-3
|
||||
- Add evp-digest-sign-final.patch
|
||||
- Resolves: RHEL-61109
|
||||
%files -n go-toolset
|
||||
|
||||
* Mon Sep 16 2024 David Benoit <dbenoit@redhat.com> - 1.21.13-2
|
||||
- Rebuild Go with CVE Fixes
|
||||
- Remove fix-memleak-setupRSA.patch (exists upstream)
|
||||
%files race
|
||||
%ifarch x86_64
|
||||
%{goroot}/src/runtime/race/internal/amd64v1/race_linux.syso
|
||||
%{goroot}/src/runtime/race/internal/amd64v3/race_linux.syso
|
||||
%else
|
||||
%{goroot}/src/runtime/race/race_linux_%{gohostarch}.syso
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Oct 29 2025 David Benoit <dbenoit@redhat.com> - 1.25.3-1
|
||||
- Update to Go 1.25.3 (sync from CentOS Stream 9)
|
||||
- Build go-toolset as a subpackage
|
||||
- Preserve GOAMD64=v1 for RHEL 8
|
||||
- Resolves: RHEL-121223
|
||||
|
||||
* Wed Aug 13 2025 David Benoit <dbenoit@redhat.com> - 1.24.6-1
|
||||
- Update to Go 1.24.6 (fips-1)
|
||||
- Resolves: RHEL-106455
|
||||
|
||||
* Tue Jul 01 2025 David Benoit <dbenoit@redhat.com> - 1.24.4-1
|
||||
- Update to Go 1.24.4 (fips-1)
|
||||
- Resolves: RHEL-85264
|
||||
|
||||
* Mon Jun 02 2025 Alejandro Sáez <asm@redhat.com> - 1.23.9-1
|
||||
- Update to Go 1.23.9
|
||||
- Resolves: RHEL-94636
|
||||
|
||||
* Thu Mar 13 2025 David Benoit <dbenoit@redhat.com> - 1.23.6-1
|
||||
- Update to Go 1.23.6
|
||||
- Resolves: RHEL-83824
|
||||
|
||||
* Tue Jan 21 2025 Archana <aravinda@redhat.com> - 1.22.11-1
|
||||
- Rebase to Go1.22.11 to pick up fixes for CVE 2024-45341 and 2024-45336
|
||||
- Fix test failures with expired certificates
|
||||
- Resolves: RHEL-73752
|
||||
|
||||
* Fri Dec 13 2024 Alejandro Sáez <asm@redhat.com> - 1.22.9-2
|
||||
- Remove bundled boringcrypto blob
|
||||
- Resolves: RHEL-54338
|
||||
|
||||
* Thu Nov 14 2024 David Benoit <dbenoit@redhat.com> - 1.22.9-1
|
||||
- Update to Go 1.22.9
|
||||
- Resolves: RHEL-67668
|
||||
|
||||
* Mon Sep 16 2024 David Benoit <dbenoit@redhat.com> - 1.22.7-1
|
||||
- Update to Go 1.22.7
|
||||
- Resolves: RHEL-58223
|
||||
- Resolves: RHEL-57961
|
||||
- Resolves: RHEL-57847
|
||||
- Resolves: RHEL-57860
|
||||
|
||||
* Wed Aug 21 2024 Archana <aravinda@redhat.com> - 1.21.13-1
|
||||
- Update to Go1.21.13 to fix CVE-2024-24791
|
||||
- Resolves: RHEL-47198
|
||||
* Fri Sep 06 2024 Archana <aravinda@redhat.com> - 1.22.5-3
|
||||
- Update fix that loads Openssl in FIPS mode if fips==1
|
||||
- Related: RHEL-52485
|
||||
|
||||
* Wed Jun 12 2024 Archana Ravindar <aravinda@redhat.com> - 1.21.11-1
|
||||
- Update to Go1.21.11 to address CVE-2024-24789 and CVE-2024-24790
|
||||
- Resolves: RHEL-40274
|
||||
* Mon Sep 02 2024 Archana <aravinda@redhat.com> - 1.22.5-2
|
||||
- Include fix that loads Openssl only in FIPS mode to avoid panic
|
||||
- Resolves: RHEL-52485
|
||||
|
||||
* Thu May 23 2024 David Benoit <dbenoit@redhat.com> - 1.21.10
|
||||
- Update to Go 1.21.10
|
||||
- Resolves: RHEL-36993
|
||||
* Fri Jul 12 2024 Archana <aravinda@redhat.com> - 1.22.5-1
|
||||
- Rebase to Go1.22.5 to fix CVE-2024-24791
|
||||
- Resolves: RHEL-46972
|
||||
|
||||
* Fri Apr 12 2024 David Benoit <dbenoit@redhat.com> - 1.21.9-1
|
||||
- Fix CVE-2023-45288
|
||||
- Resolves: RHEL-31915
|
||||
* Fri Jun 07 2024 Archana <aravinda@redhat.com> - 1.22.4-1
|
||||
- Addresses CVEs-2024-24789 and CVE-2024-24790
|
||||
- Resolves: RHEL-40157
|
||||
|
||||
* Mon Apr 1 2024 Archana Ravindar <aravinda@redhat.com> - 1.21.7-2
|
||||
- Fix CVE-2024-1394
|
||||
- Resolves RHEL-24300
|
||||
* Thu May 30 2024 Derek Parker <deparker@redhat.com> - 1.22.3-3
|
||||
- Update openssl backend
|
||||
- Resolves: RHEL-36102
|
||||
|
||||
* Thu May 23 2024 Derek Parker <deparker@redhat.com> - 1.22.3-2
|
||||
- Restore HashSign / HashVerify API
|
||||
- Resolves: RHEL-35884
|
||||
|
||||
* Thu May 23 2024 David Benoit <dbenoit@redhat.com> - 1.22.3-1
|
||||
- Update to Go 1.22.3
|
||||
- Resolves: RHEL-35884
|
||||
- Resolves: RHEL-35075
|
||||
- Resolves: RHEL-35632
|
||||
- Resolves: RHEL-35901
|
||||
|
||||
* Thu May 02 2024 Alejandro Sáez <asm@redhat.com> - 1.22.2-1
|
||||
- Rebase to 1.22.2
|
||||
- Re-enable CGO
|
||||
- Skip TestCrashDumpsAllThreads
|
||||
- Resolves: RHEL-33157
|
||||
|
||||
* Tue Feb 13 2024 Alejandro Sáez <asm@redhat.com> - 1.21.7-1
|
||||
- Rebase to Go 1.21.7
|
||||
|
||||
Loading…
Reference in New Issue
Block a user