2 changed files with 171 additions and 175 deletions
--- a/SOURCES/skip-test-overlong-message.patch
+++ b/SOURCES/skip-test-overlong-message.patch
@ -0,0 +1,15 @@
 diff --git a/src/crypto/rsa/pkcs1v15_test.go b/src/crypto/rsa/pkcs1v15_test.go
 index 0853178e3a..16eb37734b 100644
 --- a/src/crypto/rsa/pkcs1v15_test.go
 +++ b/src/crypto/rsa/pkcs1v15_test.go
@@ -247,6 +247,10 @@ func TestVerifyPKCS1v15(t *testing.T) {
 }
 func TestOverlongMessagePKCS1v15(t *testing.T) {
 +	// OpenSSL now returns a random string instead of an error
 +	if boring.Enabled() {
 +		t.Skip("Not relevant in boring mode")
 +	}
 	ciphertext := decodeBase64("fjOVdirUzFoLlukv80dBllMLjXythIf22feqPrNo0YoIjzyzyoMFiLjAc/Y4krkeZ11XFThIrEvw\nkRiZcCq5ng==")
 	_, err := DecryptPKCS1v15(nil, rsaPrivateKey, ciphertext)
 	if err == nil {
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@ -69,7 +69,6 @@
 %global shared 0
 %endif
 # Pre build std lib with -race enabled
 # Disabled due to 1.20 new cache usage, see 1.20 upstream release notes
 %global race 0
@ -93,13 +92,13 @@
 %endif
 %global go_api 1.21
-%global go_version 1.21.9
+%global version 1.21.9
 %global version %{go_version}
 %global pkg_release 1
 Name:           golang
 Version:        %{version}
-Release:        2%{?dist}
+Release:        1%{?dist}
 Summary:        The Go Programming Language
 # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
 License:        BSD and Public Domain
@ -111,7 +110,7 @@ Source0:        https://github.com/golang/go/archive/refs/tags/go%{version}.tar.
 # located at https://github.com/golang-fips/openssl-fips,
 # And pre-genetated patches to set up the module for a given
 # Go release are located at https://github.com/golang-fips/go.
-Source1:	https://github.com/golang-fips/go/archive/refs/tags/go%{version}-%{pkg_release}-openssl-fips.tar.gz
+Source1:       https://github.com/golang-fips/go/archive/refs/tags/go%{version}-%{pkg_release}-openssl-fips.tar.gz
 # make possible to override default traceback level at build time by setting build tag rpm_crashtraceback
 Source2:        fedora.go
@ -144,11 +143,10 @@ Patch229:       fix-memleak-setupRSA.patch
 Patch1939923:   skip_test_rhbz1939923.patch
-# Disables libc static linking tests which
+Patch2:		disable_static_tests_part1.patch
-# are incompatible with dlopen in golang-fips
+Patch3:		disable_static_tests_part2.patch
-Patch2: 	disable_static_tests_part1.patch
+Patch4:		skip-test-overlong-message.patch
-Patch3: 	disable_static_tests_part2.patch
+Patch5:		modify_go.env.patch
 Patch4:		modify_go.env.patch
 # Having documentation separate was broken
 Obsoletes:      %{name}-docs < 1.1-4
@ -156,7 +154,7 @@ Obsoletes:      %{name}-docs < 1.1-4
 # RPM can't handle symlink -> dir with subpackages, so merge back
 Obsoletes:      %{name}-data < 1.1.1-4
-# We don't build golang-race anymore, rhbz#2230705
+# We don't build golang-race anymore, rhbz#2230599
 Obsoletes:      golang-race < 1.20.0
 # These are the only RHEL/Fedora architectures that we compile this package for
@ -239,16 +237,6 @@ Requires:       %{name} = %{version}-%{release}
 %{summary}
 %endif
 %package -n go-toolset
 Summary:        Package that installs go-toolset
 Requires:       %{name} = %{version}-%{release}
 %ifarch x86_64 aarch64 ppc64le
 Requires:       delve
 %endif
 %description -n go-toolset
 This is the main package for go-toolset.
 %prep
 %setup -q -n go-go%{version}
@ -381,7 +369,7 @@ pushd $RPM_BUILD_ROOT%{goroot}
        echo "%%{goroot}/$file" >> $shared_list
        echo "%%{golibdir}/$(basename $file)" >> $shared_list
    done
-
+    
    find pkg/*_dynlink/ -type d -printf '%%%dir %{goroot}/%p\n' >> $shared_list
    find pkg/*_dynlink/ ! -type d -printf '%{goroot}/%p\n' >> $shared_list
 %endif
@ -455,16 +443,18 @@ export GO_TEST_RUN=""
 %if %{fail_on_tests}
 # TestEd25519Vectors needs network connectivity but it should be cover by
 # this test https://pkgs.devel.redhat.com/cgit/tests/golang/tree/Regression/internal-testsuite/runtest.sh#n127
 ./run.bash --no-rebuild -v -v -v -k $GO_TEST_RUN
 # Run tests with FIPS enabled.
 export GOLANG_FIPS=1
 export OPENSSL_FORCE_FIPS_MODE=1
 pushd crypto
  # Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
-  go test -timeout 50m $(go list ./... | grep -v tls) -v
+  go test $(go list ./... | grep -v tls) -v
  # Check that signature functions have parity between boring and notboring
-  CGO_ENABLED=0 go test -timeout 50m $(go list ./... | grep -v tls) -v
+  CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
 popd
 # Run all FIPS specific TLS tests
 pushd crypto/tls
@ -527,93 +517,64 @@ cd ..
 %files -f go-shared.list shared
 %endif
 %files -n go-toolset
 %changelog
-* Mon Apr 15 2024 David Benoit <dbenoit@redhat.com> - 1.21.9-2
+* Fri Apr 12 2024 David Benoit <dbenoit@redhat.com> - 1.21.9-1
 - Rebuilt for z-stream
 - Related: RHEL-24312
 - Related: RHEL-28940
 * Fri Apr 5 2024 Archana Ravindar <aravinda@redhat.com> - 1.21.9-1
 - Fix CVE-2024-1394
 - Fix CVE-2023-45288
- Resolves RHEL-24312
+- Resolves: RHEL-31915
 - Resolves RHEL-28940
-* Fri Feb 09 2024 Alejandro Sáez <asm@redhat.com> - 1.21.7-1
+* Mon Apr 1 2024 Archana Ravindar <aravinda@redhat.com> - 1.21.7-2
 - Fix CVE-2024-1394
 - Resolves RHEL-24300
 * Tue Feb 13 2024 Alejandro Sáez <asm@redhat.com> - 1.21.7-1
 - Rebase to Go 1.21.7
 - Set GOTOOLCHAIN to local
 - Resolves: RHEL-24334
 - Resolves: RHEL-18364
 - Resolves: RHEL-18365
 * Thu Nov 30 2023 Alejandro Sáez <asm@redhat.com> - 1.21.4-2
 - Add release information
 - Set GOTOOLCHAIN to local
 - Skip TestOverlongMessagePKCS1v15
 - Resolves: RHEL-24082
 - Resolves: RHEL-18363
 - Resolves: RHEL-18382
-* Tue Nov 14 2023 Alejandro Sáez <asm@redhat.com> - 1.21.4-1
+* Wed Nov 08 2023 David Benoit <dbenoit@redhat.com> - 1.21.3-4
- Rebase to Go 1.21.4
+- Do not remove GOPROXY/GOSUMDB
- Resolves: RHEL-11871
+- Related: RHEL-12620
-* Wed Nov 08 2023 David Benoit <dbenoit@redhat.com> - 1.21.3-5
+* Thu Nov 02 2023 David Benoit <dbenoit@redhat.com> - 1.21.3-3
- Don't change GOPROXY/GOSUMDB
+- Fix go.env in Go 1.21
- Related: RHEL-12624
+- Related: RHEL-12620
-* Thu Nov 02 2023 David Benoit <dbenoit@redhat.com> - 1.21.3-4
+* Tue Oct 31 2023 Archana Ravindar <aravinda@redhat.com> - 1.21.3-2
- Fix missing go.env in Go 1.21
+- Rebase disable_static_tests_part2.patch to Go 1.21.3
 - Related: RHEL-12624
 * Tue Oct 31 2023 Archana Ravindar <aravinda@redhat.com> - 1.21.3-3
 - Add missing strict fips runtime detection patch
 - Temporarily disable FIPS tests on aarch64 due to builder kernel bugs
- Related: RHEL-12624
+- Remove fix-memory-leak patch as it is fixed upstream
-
+- Resolves: RHEL-12620
 * Wed Oct 25 2023 Archana Ravindar <aravinda@redhat.com> - 1.21.3-2
 - Rebase disable_static_tests_part2.patch to Go 1.21.3
 - Related: RHEL-12624
 * Fri Oct 20 2023 Archana Ravindar <aravinda@redhat.com> - 1.21.3-1
- Rebase to Go 1.21.3
+- Rebase Go to 1.21.3
- Resolves: RHEL-12624
+- Resolves: RHEL-12620
-* Wed Sep 27 2023 Alejandro Sáez <asm@redhat.com> - 1.20.8-1
+* Mon Aug 14 2023 Alejandro Sáez <asm@redhat.com> - 1.20.6-2
 - Rebase to Go 1.20.8
 - Remove fix-memory-leak-evp-sign-verify.patch as it is already included in the source
 - Resolves: RHEL-2775
 * Mon Aug 14 2023 Alejandro Sáez <asm@redhat.com> - 1.20.6-5
 - Retire golang-race package
- Resolves: rhbz#2230705
+- Resolves: rhbz#2230599
-* Tue Jul 18 2023 Alejandro Sáez <asm@redhat.com> - 1.20.6-1
+* Tue Jul 25 2023 Alejandro Sáez <asm@redhat.com> - 1.20.6-1
 - Rebase to Go 1.20.6
- Change to autopatch
+- Resolves: rhbz#2217596
 - Resolves: rhbz#2222313
 * Fri Jun 23 2023 Alejandro Sáez <asm@redhat.com> - 1.20.4-3
 - Increase the timeout in the tests
 - Related: rhbz#2204477
 * Fri Jun 09 2023 Carl George <carl@redhat.com> - 1.20.4-2
 - Add go-toolset subpackage to ensure golang and go-toolset are published together
 - Resolves: rhbz#2117248
 * Mon May 29 2023 Alejandro Sáez <asm@redhat.com> - 1.20.4-1
 - Rebase to Go 1.20.4
- Resolves: rhbz#2204477
+- Resolves: rhbz#2204474
 * Tue Apr 11 2023 David Benoit <dbenoit@redhat.com> - 1.20.3-1
 - Rebase to Go 1.20.3
 - Remove race archives
- Update static test patches
+- Update static tests patches
- Resolves: rhbz#2185259
+- Resolves: rhbz#2185260
-* Wed Mar 01 2023 David Benoit <dbenoit@redhat.com> - 1.19.6-1
+* Tue Jan 3 2023 David Benoit <dbenoit@redhat.com> - 1.19.4-2
- Rebase to Go 1.19.6
+- Fix memory leaks in EVP_{sign,verify}_raw
- Resolves: rhbz#2174429
+- Resolves: rhbz#2132767
 - Fix memory leak
 - Resolves: rhbz#2157602
 - Enable tests in check phase
 * Wed Dec 21 2022 David Benoit <dbenoit@redhat.com> - 1.19.4-1
 - Rebase to Go 1.19.4
@ -621,130 +582,150 @@ cd ..
 - Remove defunct patches
 - Remove downstream generated FIPS mode patches
 - Add golang-fips/go as the source for FIPS mode patches
- Resolves: rhbz#2144539
+- Resolves: rhbz#2144542
-* Wed Nov 30 2022 David Benoit <dbenoit@redhat.com> - 1.19.2-2
+* Mon Oct 17 2022 David Benoit <dbenoit@redhat.com> - 1.19.2-4
- Fix endian issue in FIPS mode
+- Enable big endian support in FIPS mode
- Resolves: rhbz#1966992
+- Resolves: rhbz#1969844
-* Fri Oct 21 2022 David Benoit <dbenoit@redhat.com> - 1.19.2-1
+* Mon Oct 17 2022 David Benoit <dbenoit@redhat.com> - 1.19.2-3
- Update go to version 1.19.2
+- Restore old HashSign/HashVerify API
- Resolves: rhbz#2134407
+- Resolves: rhbz#2132730
 * Mon Oct 17 2022 David Benoit <dbenoit@redhat.com> - 1.19.2-2
 - Add support for 4096 bit keys in x509
 - Resolves: rhbz#2132694
 * Thu Oct 13 2022 David Benoit <dbenoit@redhat.com> - 1.19.2-1
 - Rebase to Go 1.19.2
 - Resolves: rhbz#2132730
 * Wed Sep 14 2022 David Benoit <dbenoit@redhat.com> - 1.19.1-2
 - Rebase to Go 1.19.1
- Temporarily disable crypto tests
+- Resolves: rhbz#2131026
 - Resolves: rhbz#2131028
-* Wed Aug 10 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-2
+* Wed Aug 03 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-2
- Update to Go 1.18.4
+- Adds patch for PIE mode issues on PPC64LE
- Resolves: rhbz#2109180
+- Resolves: rhbz#2111593
 - Deprecates keys smaller than 2048 bits in TestDecryptOAEP in boring mode
-* Fri Aug 05 2022 Alejandro Sáez <asm@redhat.com> - 1.18.4-1
+* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.18.4-1
- Update to Go 1.18.4
+- Update Go to version 1.18.4
- Resolves: rhbz#2109180
+- Resolves: rhbz#2109179
-* Fri Jun 10 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-2
+* Wed Jul 20 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-3
- Update deprecated openssl algorithms patch
+- Clean up dist-git patches
- Rebuild against openssl-3.0.1-33
+- Resolves: rhbz#2109175
 - Resolves: rhbz#2092136
 - Related: rhbz#2092016
-* Mon May 02 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-1
+* Thu Jul 07 2022 Alejandro Sáez <asm@redhat.com> - 1.18.2-2
- Rebase to Go 1.18.2
+- Bump up release version
- Move to github.com/golang-fips/go
+- Related: rhbz#2075162
 - Resolves: rhbz#2075169
 - Resolves: rhbz#2060769
 - Resolves: rhbz#2067531
 - Resolves: rhbz#2067536
 - Resolves: rhbz#2067552
 - Resolves: rhbz#2025637
-* Mon Dec 13 2021 Alejandro Sáez <asm@redhat.com> - 1.17.5-1
+* Thu Jun 16 2022 David Benoit <dbenoit@redhat.com> - 1.18.2-1
 - Update to Go 1.18.2
 - Related: rhbz#2075162
 * Mon Apr 18 2022 David Benoit <dbenoit@redhat.com> - 1.18.0-2
 - Enable SHA1 in some contexts
 - Related: rhbz#2075162
 * Wed Apr 13 2022 David Benoit <dbenoit@redhat.com> - 1.18.0-1
 - Update Go to 1.18.0
 - Resolves: rhbz#2075162
 * Thu Feb 17 2022 David Benoit <dbenoit@redhat.com> - 1.17.7-1
 - Rebase to Go 1.17.7
 - Remove fips memory leak patch (fixed in tree)
 - Resolves: rhbz#2015930
 * Fri Dec 10 2021 David Benoit <dbenoit@redhat.com> - 1.17.5-1
 - Rebase to Go 1.17.5
 - Remove vdso_s390x_gettime patch
 - Resolves: rhbz#2031112
 - Related: rhbz#2028570
 * Fri Dec 03 2021 David Benoit <dbenoit@redhat.com> - 1.17.4-1
 - Rebase Go to 1.17.4
 - Add remove_waitgroup_misuse_tests patch
- Add remove_ed25519vectors_test.patch
+- Related: rhbz#2014088
- Remove FIPS checks to avoid issues in the CI
+- Resolves: rhbz#2028570
- Related: rhbz#2031116
+- Resolves: rhbz#2022828
- Resolves: rhbz#2022829
+- Resolves: rhbz#2024686
- Resolves: rhbz#2024687
+- Resolves: rhbz#2028662
 - Resolves: rhbz#2030851
 - Resolves: rhbz#2031253
-* Wed Nov 03 2021 Alejandro Sáez <asm@redhat.com> - 1.17.2-1
+* Wed Oct 27 2021 Alejandro Sáez <asm@redhat.com> - 1.17.2-2
 - Resolves: rhbz#2014704
 * Tue Oct 12 2021 Alejandro Sáez <asm@redhat.com> - 1.17.2-1
 - Rebase to Go 1.17.2
- Related: rhbz#2014087
+- Related: rhbz#2014088
 - Remove golang-1.15-warnCN.patch
 - Remove reject-leading-zeros.patch
 - Remove favicon.ico and robots.txt references
- Exclude TestEd25519Vectors test
+- Exclude TestEd25519Vectors test 
 - Update patch rhbz1952381
 - Remove rhbz1904567 patch
 - Remove rhbz1939923 patch
-* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 1.16.6-4
+* Tue Aug 17 2021 David Benoit <dbenoit@redhat.com> - 1.16.7-1
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Rebase to Go 1.16.7
-  Related: rhbz#1991688
+- Resolves: rhbz#1994079
 - Add reject leading zeros patch
 - Resolves: rhbz#1993314
-* Wed Aug 4 2021 Derek Parker <deparker@redhat.com> - 1.16.6-3
+* Wed Jul 21 2021 Derek Parker <deparker@redhat.com> - 1.16.6-2
- Include ppc64le VDSO segfault backport fix
+- Fix TestBoringServerCurves failure when run by itself
- Resolves: rhbz#1966622
+- Resolves: rhbz#1976168
-* Mon Aug 2 2021 Derek Parker <deparker@redhat.com> - 1.16.6-2
+* Thu Jul 15 2021 David Benoit <dbenoit@redhat.com> - 1.16.6-1
- Bump release
+- Rebase to go-1.16.6-1-openssl-fips
- Resolves: rhbz#1904567
+- Resolves: rhbz#1982281
 - Addresses CVE-2021-34558
-* Mon Aug 2 2021 Derek Parker <deparker@redhat.com> - 1.16.6-2
+* Tue Jul 06 2021 Alejandro Sáez <asm@redhat.com> - 1.16.5-1
- Backport fix allowing LTO to be enabled on cgo sources
+- Rebase to 1.16.5
- Resolves: rhbz#1904567
+- Removes rhbz#1955032 patch, it's already included in this release
 - Removes rhbz#1956891 patch, it's already included in this release
 - Related: rhbz#1979677
 - Related: rhbz#1968738
 - Related: rhbz#1972420
-* Tue Jul 20 2021 Derek Parker <deparker@redhat.com> - 1.16.6-1
+* Thu Jun 17 2021 David Benoit <dbenoit@redhat.com> - 1.16.4-3
- Rebase to 1.16.6
+- Fix zero-size allocation memory leak.
- Resolves: rhbz#1984124
+- Related: rhbz#1951877
 - Replace symbols no longer present in OpenSSL 3.0 ABI
 - Resolves: rhbz#1984110
 - Fix TestBoringServerCurves failing when ran by itself
 - Resolves: rhbz#1977914
-* Tue Jun 22 2021 Mohan Boddu <mboddu@redhat.com> - 1.16.4-3
+* Tue Jun 08 2021 David Benoit <dbenoit@redhat.com> - 1.16.4-2
- Rebuilt for RHEL 9 BETA for openssl 3.0
+- Resolves: rhbz#1951877
  Related: rhbz#1971065
-* Fri May 28 2021 David Benoit <dbenoit@redhat.com> - 1.16.4-2
+* Mon May 24 2021 Alejandro Sáez <asm@redhat.com> - 1.16.4-1
- Port to OpenSSL 3.0
+- Rebase to go-1.16.4-1-openssl-fips
 - Resolves: rhbz#1952381
-* Fri May 14 2021 Alejandro Sáez <asm@redhat.com> - 1.16.4-1
+* Tue May 04 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-3
- Rebase to 1.16.4
+- Resolves: rhbz#1956891
 - Resolves: rhbz#1955035
 - Resolves: rhbz#1957961
-* Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1.16.1-3
+* Thu Apr 29 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-2
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
+- Resolves: rhbz#1955032
-* Tue Mar 30 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-2
+* Wed Mar 17 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-1
 - Rebase to go-1.16.1-2-openssl-fips
 - Resolves: rhbz#1922455
 * Tue Mar 30 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-1
 - Rebase to go-1.16.1-2-openssl-fips
 - Resolves: rhbz#1938071
 - Adds a workaround for rhbz#1939923
 - Removes Patch224, it's on upstream -> rhbz#1888673
 - Removes Patch225, it's on upstream -> https://go-review.googlesource.com/c/text/+/238238
 - Removes old patches for cleaning purposes
 - Related: rhbz#1942898
 * Fri Jan 22 2021 David Benoit <dbenoit@redhat.com> - 1.15.7-1
 - Rebase to 1.15.7
- Resolves: rhbz#1892207
+- Resolves: rhbz#1870531
- Resolves: rhbz#1918755
+- Resolves: rhbz#1919261
 * Tue Nov 24 2020 David Benoit <dbenoit@redhat.com> - 1.15.5-1
 - Rebase to 1.15.5
- Resolves: rhbz#1899184
+- Resolves: rhbz#1898652
- Resolves: rhbz#1899185
+- Resolves: rhbz#1898660
- Resolves: rhbz#1899186
+- Resolves: rhbz#1898649
-* Thu Nov 12 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-2
+* Mon Nov 16 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-2
 - fix typo in patch file name
 - Related: rhbz#1881539
 * Thu Nov 12 2020 David Benoit <dbenoit@redhat.com> - 1.15.3-1
 - Rebase to 1.15.3
 - fix x/text infinite loop
 - Resolves: rhbz#1881539