import UBI golang-1.23.9-1.module+el8.10.0+23162+9223a61a

.gitignore

@@ -1,2 +1,2 @@
-SOURCES/go1.19.13-2-openssl-fips.tar.gz
-SOURCES/go1.19.13.tar.gz
+SOURCES/go1.23.9-1-openssl-fips.tar.gz
+SOURCES/go1.23.9.tar.gz

.golang.metadata

@@ -1,2 +1,2 @@
-3335b6ee2baab3a616b7a969b62ac1c9ed136b74 SOURCES/go1.19.13-2-openssl-fips.tar.gz
-5627a7cd27f73a12c909dd818d310deda7146b86 SOURCES/go1.19.13.tar.gz
+f88e1a017f8abb82764e1340b858268b8beca1d8 SOURCES/go1.23.9-1-openssl-fips.tar.gz
+ac7c4463e6f0e61fceb6c4e73d7c7d9da61d6a5d SOURCES/go1.23.9.tar.gz

SOURCES/cmd-link-use-correct-path-for-dynamic-loader-on-ppc6.patch

@@ -1,53 +0,0 @@
-From 241192ecd31ca03a6f68fa7e55bb9f66040d3a2f Mon Sep 17 00:00:00 2001
-From: Lynn Boger <laboger@linux.vnet.ibm.com>
-Date: Thu, 14 Jul 2022 10:47:28 -0500
-Subject: [PATCH] cmd/link: use correct path for dynamic loader on ppc64le
-
-The setting of the path for the dynamic loader when building for
-linux/ppc64le ELF v2 was incorrectly set to the path for
-PPC64 ELF v1. This has not caused issues in the common cases
-because this string can be set based on the default GO_LDSO setting.
-It does result in an incorrect value when cross compiling binaries
-with -buildmode=pie.
-
-Updates #53813
-
-Change-Id: I84de1c97b42e0434760b76a57c5a05e055fbb730
----
- src/cmd/link/internal/ppc64/obj.go | 13 +++++++------
- 1 file changed, 7 insertions(+), 6 deletions(-)
-
-diff --git a/src/cmd/link/internal/ppc64/obj.go b/src/cmd/link/internal/ppc64/obj.go
-index b6d5ad92af..bca8fa9212 100644
---- a/src/cmd/link/internal/ppc64/obj.go
-+++ b/src/cmd/link/internal/ppc64/obj.go
-@@ -38,9 +38,12 @@ import (
- )
- 
- func Init() (*sys.Arch, ld.Arch) {
--	arch := sys.ArchPPC64
--	if buildcfg.GOARCH == "ppc64le" {
--		arch = sys.ArchPPC64LE
-+	arch := sys.ArchPPC64LE
-+	dynld := "/lib64/ld64.so.2"
-+
-+	if buildcfg.GOARCH == "ppc64" {
-+		arch = sys.ArchPPC64
-+		dynld = "/lib64/ld64.so.1"
- 	}
- 
- 	theArch := ld.Arch{
-@@ -64,9 +67,7 @@ func Init() (*sys.Arch, ld.Arch) {
- 		Machoreloc1:      machoreloc1,
- 		Xcoffreloc1:      xcoffreloc1,
- 
--		// TODO(austin): ABI v1 uses /usr/lib/ld.so.1,
--		Linuxdynld: "/lib64/ld64.so.1",
--
-+		Linuxdynld:     dynld,
- 		Freebsddynld:   "XXX",
- 		Openbsddynld:   "XXX",
- 		Netbsddynld:    "XXX",
--- 
-2.35.3
-

SOURCES/disable_static_tests_part1.patch

@@ -1,20 +1,35 @@
 diff --git a/src/crypto/internal/backend/nobackend.go b/src/crypto/internal/backend/nobackend.go
-index 5f258a2..5dbbc42 100644
+index 95c2cdc..88df624 100644
 --- a/src/crypto/internal/backend/nobackend.go
 +++ b/src/crypto/internal/backend/nobackend.go
 @@ -2,8 +2,8 @@
  // Use of this source code is governed by a BSD-style
  // license that can be found in the LICENSE file.
  
--//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl
--// +build !linux !cgo android cmd_go_bootstrap msan no_openssl
-+//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || static
-+// +build !linux !cgo android cmd_go_bootstrap msan no_openssl static
+-//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || purego
+-// +build !linux !cgo android cmd_go_bootstrap msan no_openssl purego
++//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || purego || static
++// +build !linux !cgo android cmd_go_bootstrap msan no_openssl purego static
  
  package backend
  
+diff --git a/src/crypto/internal/backend/openssl.go b/src/crypto/internal/backend/openssl.go
+index 297c3cb..1a4fa10 100644
+--- a/src/crypto/internal/backend/openssl.go
++++ b/src/crypto/internal/backend/openssl.go
+@@ -2,8 +2,8 @@
+ // Use of this source code is governed by a BSD-style
+ // license that can be found in the LICENSE file.
+ 
+-//go:build linux && cgo && !android && !gocrypt && !cmd_go_bootstrap && !msan && !no_openssl && !purego
+-// +build linux,cgo,!android,!gocrypt,!cmd_go_bootstrap,!msan,!no_openssl,!purego
++//go:build linux && cgo && !android && !gocrypt && !cmd_go_bootstrap && !msan && !no_openssl && !purego && !static
++// +build linux,cgo,!android,!gocrypt,!cmd_go_bootstrap,!msan,!no_openssl,!purego,!static
+ 
+ // Package openssl provides access to OpenSSLCrypto implementation functions.
+ // Check the variable Enabled to find out whether OpenSSLCrypto is available.
 diff --git a/src/crypto/internal/boring/goboringcrypto.h b/src/crypto/internal/boring/goboringcrypto.h
-index d6d99b1..f2fe332 100644
+index 2b11049..dec1cb2 100644
 --- a/src/crypto/internal/boring/goboringcrypto.h
 +++ b/src/crypto/internal/boring/goboringcrypto.h
 @@ -1,4 +1,5 @@
@@ -36,253 +51,13 @@ index b338754..db5ea1e 100644
  
  // This package only exists with GOEXPERIMENT=boringcrypto.
  // It provides the actual syso file.
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/aes.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/aes.go
-index 079fc3c..e826d0b 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/aes.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/aes.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdh.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdh.go
-index 0b61e79..94d0c98 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdh.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdh.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdsa.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdsa.go
-index afec529..d822152 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdsa.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/ecdsa.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h b/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h
-index 6d6a562..17cc314 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/goopenssl.h
+diff --git a/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h b/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h
+index e488bf2..e776aa4 100644
+--- a/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h
++++ b/src/vendor/github.com/golang-fips/openssl/v2/goopenssl.h
 @@ -1,4 +1,5 @@
- // Copyright 2017 The Go Authors. All rights reserved.
+ // This header file describes the OpenSSL ABI as built for use in Go.
 +// +build !static
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- // +build linux
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/hkdf.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/hkdf.go
-index ae40b93..17bc075 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/hkdf.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/hkdf.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
  
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/hmac.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/hmac.go
-index 6f00177..f466b18 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/hmac.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/hmac.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/notboring.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/notboring.go
-index 7c0b5d6..262af07 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/notboring.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/notboring.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl
--// +build !linux !cgo android cmd_go_bootstrap msan no_openssl
-+//go:build !linux || !cgo || android || cmd_go_bootstrap || msan || no_openssl || static
-+// +build !linux !cgo android cmd_go_bootstrap msan no_openssl static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl.go
-index d49194d..ff15054 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_ecdsa_signature.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_ecdsa_signature.c
-index 2349db1..57fbb04 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_ecdsa_signature.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_ecdsa_signature.c
-@@ -1,4 +1,5 @@
- // +build linux
-+// +build !static
- // +build !android
- // +build !no_openssl
- // +build !cmd_go_bootstrap
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_evp.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_evp.c
-index 4379019..5034c46 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_evp.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_evp.c
-@@ -1,4 +1,5 @@
- // +build linux
-+// +build !static
- // +build !android
- // +build !no_openssl
- // +build !cmd_go_bootstrap
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_lock_setup.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_lock_setup.c
-index 49d40a7..3b3dbf8 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_lock_setup.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_lock_setup.c
-@@ -1,4 +1,5 @@
- // +build linux
-+// +build !static
- // +build !android
- // +build !no_openssl
- // +build !cmd_go_bootstrap
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_aead_gcm.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_aead_gcm.c
-index 7eb645e..1c3225a 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_aead_gcm.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_aead_gcm.c
-@@ -1,4 +1,5 @@
- // This file contains a port of the BoringSSL AEAD interface.
-+// +build !static
- // +build linux
- // +build !android
- // +build !no_openssl
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_ctr128.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_ctr128.c
-index df4ebe3..876393b 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_ctr128.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_ctr128.c
-@@ -1,4 +1,5 @@
- // +build linux
-+// +build !static
- // +build !android
- // +build !no_openssl
- // +build !cmd_go_bootstrap
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_evp_md5_sha1.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_evp_md5_sha1.c
-index 2eedd5b..04510d3 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_evp_md5_sha1.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_evp_md5_sha1.c
-@@ -1,4 +1,5 @@
- // This file contains a backport of the EVP_md5_sha1 method.
-+// +build !static
- // +build linux
- // +build !android
- // +build !no_openssl
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_hmac.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_hmac.c
-index 362d9e5..bebafef 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_hmac.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_hmac.c
-@@ -1,4 +1,5 @@
- // This file contains HMAC portability wrappers.
-+// +build !static
- // +build linux
- // +build !android
- // +build !no_openssl
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_rsa.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_rsa.c
-index 2824147..8bc1d85 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_rsa.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_port_rsa.c
-@@ -1,4 +1,5 @@
- // This file contains RSA portability wrappers.
-+// +build !static
- // +build linux
- // +build !android
- // +build !no_openssl
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_stub_rand.c b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_stub_rand.c
-index 22bd865..b7aa26b 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_stub_rand.c
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/openssl_stub_rand.c
-@@ -1,4 +1,5 @@
- // +build linux
-+// +build !static
- // +build !android
- // +build !no_openssl
- // +build !cmd_go_bootstrap
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/rand.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/rand.go
-index b3668b8..dcdae70 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/rand.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/rand.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/rsa.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/rsa.go
-index 915c840..8623d9d 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/rsa.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/rsa.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
- 
-diff --git a/src/vendor/github.com/golang-fips/openssl-fips/openssl/sha.go b/src/vendor/github.com/golang-fips/openssl-fips/openssl/sha.go
-index 0b55ced..57309c0 100644
---- a/src/vendor/github.com/golang-fips/openssl-fips/openssl/sha.go
-+++ b/src/vendor/github.com/golang-fips/openssl-fips/openssl/sha.go
-@@ -2,8 +2,8 @@
- // Use of this source code is governed by a BSD-style
- // license that can be found in the LICENSE file.
- 
--//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl
--// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl
-+//go:build linux && !android && !cmd_go_bootstrap && !msan && !no_openssl && !static
-+// +build linux,!android,!cmd_go_bootstrap,!msan,!no_openssl,!static
- 
- package openssl
+ #include <stdlib.h> // size_t
  

SOURCES/disable_static_tests_part2.patch

@@ -1,36 +1,13 @@
 diff --git a/src/cmd/dist/test.go b/src/cmd/dist/test.go
-index da5b179..6a772df 100644
+index 36a20e8b2a..8c2dd1b44b 100644
 --- a/src/cmd/dist/test.go
 +++ b/src/cmd/dist/test.go
-@@ -1247,18 +1247,20 @@ func (t *tester) cgoTest(dt *distTest) error {
- 				fmt.Println("No support for static linking found (lacks libc.a?), skip cgo static linking test.")
+@@ -1125,7 +1125,7 @@ func (t *tester) registerCgoTests(heading string) {
  			} else {
- 				if goos != "android" {
--					t.addCmd(dt, "misc/cgo/testtls", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, ".")
-+					t.addCmd(dt, "misc/cgo/testtls", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, "-tags=no_openssl")
- 				}
- 				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), ".")
- 				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-ldflags", `-linkmode=external`, ".")
- 				if goos != "android" {
--					t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, ".")
-+					t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, "-tags=no_openssl")
-+					/*
- 					t.addCmd(dt, "misc/cgo/test", t.goTest(), "-tags=static", "-ldflags", `-linkmode=external -extldflags "-static -pthread"`, ".")
- 					// -static in CGO_LDFLAGS triggers a different code path
- 					// than -static in -extldflags, so test both.
- 					// See issue #16651.
- 					cmd := t.addCmd(dt, "misc/cgo/test", t.goTest(), "-tags=static", ".")
- 					setEnv(cmd, "CGO_LDFLAGS", "-static -pthread")
-+					*/
- 				}
- 			}
- 
-@@ -1268,7 +1270,7 @@ func (t *tester) cgoTest(dt *distTest) error {
- 					t.addCmd(dt, "misc/cgo/test", t.goTest(), "-buildmode=pie", "-ldflags=-linkmode=internal", "-tags=internal,internal_pie", ".")
- 				}
- 				t.addCmd(dt, "misc/cgo/testtls", t.goTest(), "-buildmode=pie", ".")
--				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-buildmode=pie", ".")
-+				t.addCmd(dt, "misc/cgo/nocgo", t.goTest(), "-buildmode=pie", "-tags=no_openssl")
+ 				panic("unknown linkmode with static build: " + linkmode)
  			}
+-			gt.tags = append(gt.tags, "static")
++			gt.tags = append(gt.tags, "static", "no_openssl")
  		}
- 	}
+ 		gt.ldflags = strings.Join(ldflags, " ")
+ 

SOURCES/modify_go.env.patch

@@ -0,0 +1,22 @@
+From eab9004c072200e58df83ab94678bda1faa7b229 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
+Date: Fri, 9 Feb 2024 20:06:16 +0100
+Subject: [PATCH] Set GOTOOLCHAIN to local
+
+---
+ go.env | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/go.env b/go.env
+index 6ff2b921d4..e87f6e7b6d 100644
+--- a/go.env
++++ b/go.env
+@@ -9,4 +9,4 @@ GOSUMDB=sum.golang.org
+ 
+ # Automatically download newer toolchains as directed by go.mod files.
+ # See https://go.dev/doc/toolchain for details.
+-GOTOOLCHAIN=auto
++GOTOOLCHAIN=local
+-- 
+2.43.0
+

SOURCES/skip_TestCrashDumpsAllThreads.patch

@@ -0,0 +1,27 @@
+From fdcaf4e6876cfd910c3da672564be4a6e829047c Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Alejandro=20S=C3=A1ez?= <asm@redhat.com>
+Date: Wed, 27 Mar 2024 17:15:48 +0100
+Subject: [PATCH] Skip TestCrashDumpsAllThreads
+
+---
+ src/runtime/crash_unix_test.go | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/src/runtime/crash_unix_test.go b/src/runtime/crash_unix_test.go
+index 123a462423..a0034d6455 100644
+--- a/src/runtime/crash_unix_test.go
++++ b/src/runtime/crash_unix_test.go
+@@ -74,6 +74,10 @@ func TestCrashDumpsAllThreads(t *testing.T) {
+ 		t.Skip("skipping; SIGQUIT is blocked, see golang.org/issue/19196")
+ 	}
+ 
++	if runtime.GOOS == "linux" && runtime.GOARCH == "s390x" {
++		t.Skip("skipping; frequent TestCrashDumpsAllThreads failures on linux/s390x, see golang.org/issue/64650")
++	}
++
+ 	testenv.MustHaveGoBuild(t)
+ 
+ 	if strings.Contains(os.Getenv("GOFLAGS"), "mayMoreStackPreempt") {
+-- 
+2.44.0
+

SPECS/golang.spec

@@ -56,7 +56,7 @@
 %endif
 
 # Controls what ever we fail on failed tests
-%ifarch x86_64 %{arm} aarch64 ppc64le s390x
+%ifarch x86_64 %{arm} ppc64le s390x
 %global fail_on_tests 1
 %else
 %global fail_on_tests 0
@@ -69,12 +69,8 @@
 %global shared 0
 %endif
 
-# Pre build std lib with -race enabled
-%ifarch x86_64
-%global race 1
-%else
+# Disabled due to 1.20 new cache usage, see 1.20 upstream release notes
 %global race 0
-%endif
 
 %ifarch x86_64
 %global gohostarch  amd64
@@ -95,13 +91,14 @@
 %global gohostarch  s390x
 %endif
 
-%global go_api 1.19
-%global version 1.19.13
-%global pkg_release 2
+%global go_api 1.23
+%global version 1.23.9
+%global pkg_release 1
 
 Name:           golang
 Version:        %{version}
 Release:        1%{?dist}
+
 Summary:        The Go Programming Language
 # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
 License:        BSD and Public Domain
@@ -140,16 +137,15 @@ Requires:       %{name}-src = %{version}-%{release}
 Requires:       openssl-devel
 Requires:       diffutils
 
-
 # Proposed patch by jcajka https://golang.org/cl/86541
 Patch221:       fix_TestScript_list_std.patch
 
 Patch1939923:   skip_test_rhbz1939923.patch
 
-Patch2: 	disable_static_tests_part1.patch
-Patch3: 	disable_static_tests_part2.patch
-
-Patch227: cmd-link-use-correct-path-for-dynamic-loader-on-ppc6.patch
+Patch2:		disable_static_tests_part1.patch
+Patch3:		disable_static_tests_part2.patch
+Patch5:		modify_go.env.patch
+Patch7:		skip_TestCrashDumpsAllThreads.patch
 
 # Having documentation separate was broken
 Obsoletes:      %{name}-docs < 1.1-4
@@ -157,6 +153,9 @@ Obsoletes:      %{name}-docs < 1.1-4
 # RPM can't handle symlink -> dir with subpackages, so merge back
 Obsoletes:      %{name}-data < 1.1.1-4
 
+# We don't build golang-race anymore, rhbz#2230599
+Obsoletes:      golang-race < 1.20.0
+
 # These are the only RHEL/Fedora architectures that we compile this package for
 ExclusiveArch:  %{golang_arches}
 
@@ -243,10 +242,12 @@ Requires:       %{name} = %{version}-%{release}
 pushd ..
 tar -xf %{SOURCE1}
 popd
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/000-initial-setup.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/001-initial-openssl-for-fips.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/002-strict-fips-runtime-detection.patch
-patch -p1 < ../go-go%{version}-%{pkg_release}-openssl-fips/patches/003-h2-bundle-fix-CVE-2023-39325.patch
+patch_dir="../go-go%{version}-%{pkg_release}-openssl-fips/patches"
+# Add --no-backup-if-mismatch option to avoid creating .orig temp files
+for p in "$patch_dir"/*.patch; do
+	echo "Applying $p"
+	patch -p1 --no-backup-if-mismatch < $p
+done
 
 # Configure crypto tests
 pushd ../go-go%{version}-%{pkg_release}-openssl-fips
@@ -254,13 +255,11 @@ ln -s ../go-go%{version} go
 ./scripts/configure-crypto-tests.sh
 popd
 
-%patch2 -p1
-%patch3 -p1
+%autopatch -p1
 
-%patch221 -p1
-
-%patch1939923 -p1
-%patch227 -p1
+sed -i '1s/$/ (%{?rhel:Red Hat} %{version}-%{release})/' VERSION
+# Delete the boring binary blob.  We use the system OpenSSL instead.
+rm -rf src/crypto/internal/boring/syso
 
 cp %{SOURCE2} ./src/runtime/
 
@@ -331,7 +330,7 @@ rm -rf pkg/bootstrap/bin
 
 # install everything into libdir (until symlink problems are fixed)
 # https://code.google.com/p/go/issues/detail?id=5830
-cp -apv api bin doc lib pkg src misc test VERSION \
+cp -apv api bin doc lib pkg src misc test go.env VERSION \
    $RPM_BUILD_ROOT%{goroot}
 
 # bz1099206
@@ -344,12 +343,11 @@ cwd=$(pwd)
 src_list=$cwd/go-src.list
 pkg_list=$cwd/go-pkg.list
 shared_list=$cwd/go-shared.list
-race_list=$cwd/go-race.list
 misc_list=$cwd/go-misc.list
 docs_list=$cwd/go-docs.list
 tests_list=$cwd/go-tests.list
-rm -f $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list
-touch $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list
+rm -f $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list
+touch $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list
 pushd $RPM_BUILD_ROOT%{goroot}
     find src/ -type d -a \( ! -name testdata -a ! -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $src_list
     find src/ ! -type d -a \( ! -ipath '*/testdata/*' -a ! -name '*_test*.go' \) -printf '%{goroot}/%p\n' >> $src_list
@@ -380,13 +378,6 @@ pushd $RPM_BUILD_ROOT%{goroot}
     find pkg/*_dynlink/ ! -type d -printf '%{goroot}/%p\n' >> $shared_list
 %endif
 
-%if %{race}
-
-    find pkg/*_race/ -type d -printf '%%%dir %{goroot}/%p\n' >> $race_list
-    find pkg/*_race/ ! -type d -printf '%{goroot}/%p\n' >> $race_list
-
-%endif
-
     find test/ -type d -printf '%%%dir %{goroot}/%p\n' >> $tests_list
     find test/ ! -type d -printf '%{goroot}/%p\n' >> $tests_list
     find src/ -type d -a \( -name testdata -o -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $tests_list
@@ -463,11 +454,12 @@ export GO_TEST_RUN=""
 
 # Run tests with FIPS enabled.
 export GOLANG_FIPS=1
+export OPENSSL_FORCE_FIPS_MODE=1
 pushd crypto
   # Run all crypto tests but skip TLS, we will run FIPS specific TLS tests later
-  go test $(go list ./... | grep -v tls) -v
+  go test -timeout 50m $(go list ./... | grep -v tls) -v
   # Check that signature functions have parity between boring and notboring
-  CGO_ENABLED=0 go test $(go list ./... | grep -v tls) -v
+  CGO_ENABLED=0 go test -timeout 50m $(go list ./... | grep -v tls) -v
 popd
 # Run all FIPS specific TLS tests
 pushd crypto/tls
@@ -524,38 +516,123 @@ cd ..
 %files -f go-pkg.list bin
 %{_bindir}/go
 %{_bindir}/gofmt
+%{goroot}/go.env
 
 %if %{shared}
 %files -f go-shared.list shared
 %endif
 
-%if %{race}
-%files -f go-race.list race
-%endif
-
 %changelog
-* Thu Oct 12 2023 David Benoit <dbenoit@redhat.com> - 1.19.13-1
-- Fix CVE-2023-39325
-- Resolves: RHEL-12618
+* Mon Jun 02 2025 Alejandro Sáez <asm@redhat.com> - 1.23.9-1
+- Update to Go 1.23.9
+- Resolves: RHEL-94636
 
-* Wed Aug 30 2023 David Benoit <dbenoit@redhat.com> - 1.19.12-1
-- Update to Go 1.19.12
-- Midstream patches
-- Resolves: rhbz#2223641
+* Thu Mar 13 2025 David Benoit <dbenoit@redhat.com> - 1.23.6-1
+- Update to Go 1.23.6
+- Resolves: RHEL-83824
 
-* Tue Jun 6 2023 David Benoit <dbenoit@redhat.com> - 1.19.10-1
-- Update to Go 1.19.10
-- Resolves: rhbz#2217623
-- Resolves: rhbz#2217609
-- Resolves: rhbz#2217581
+* Tue Jan 21 2025 Archana <aravinda@redhat.com> - 1.22.11-1
+- Rebase to Go1.22.11 to pick up fixes for CVE 2024-45341 and 2024-45336
+- Fix test failures with expired certificates
+- Resolves: RHEL-73752
 
-* Wed May 17 2023 Alejandro Sáez <asm@redhat.com> - 1.19.9-1
-- Rebase to Go 1.19.9
-- Resolves: rhbz#2204473
+* Fri Dec 13 2024 Alejandro Sáez <asm@redhat.com> - 1.22.9-2
+- Remove bundled boringcrypto blob
+- Resolves: RHEL-54338
 
-* Wed Mar 01 2023 David Benoit <dbenoit@redhat.com> - 1.19.6-1
-- Rebase to Go 1.19.6
-- Resolves: rhbz#2174430
+* Thu Nov 14 2024 David Benoit <dbenoit@redhat.com> - 1.22.9-1
+- Update to Go 1.22.9
+- Resolves: RHEL-67668
+
+* Mon Sep 16 2024 David Benoit <dbenoit@redhat.com> - 1.22.7-1
+- Update to Go 1.22.7
+- Resolves: RHEL-58223
+- Resolves: RHEL-57961
+- Resolves: RHEL-57847
+- Resolves: RHEL-57860
+
+* Fri Sep 06 2024 Archana <aravinda@redhat.com> - 1.22.5-3
+- Update fix that loads Openssl in FIPS mode if fips==1
+- Related: RHEL-52485
+
+* Mon Sep 02 2024 Archana <aravinda@redhat.com> - 1.22.5-2
+- Include fix that loads Openssl only in FIPS mode to avoid panic
+- Resolves: RHEL-52485
+
+* Fri Jul 12 2024 Archana <aravinda@redhat.com> - 1.22.5-1
+- Rebase to Go1.22.5 to fix CVE-2024-24791
+- Resolves: RHEL-46972
+
+* Fri Jun 07 2024 Archana <aravinda@redhat.com> - 1.22.4-1
+- Addresses CVEs-2024-24789 and CVE-2024-24790
+- Resolves: RHEL-40157
+
+* Thu May 30 2024 Derek Parker <deparker@redhat.com> - 1.22.3-3
+- Update openssl backend
+- Resolves: RHEL-36102
+
+* Thu May 23 2024 Derek Parker <deparker@redhat.com> - 1.22.3-2
+- Restore HashSign / HashVerify API
+- Resolves: RHEL-35884
+
+* Thu May 23 2024 David Benoit <dbenoit@redhat.com> - 1.22.3-1
+- Update to Go 1.22.3
+- Resolves: RHEL-35884
+- Resolves: RHEL-35075
+- Resolves: RHEL-35632
+- Resolves: RHEL-35901
+
+* Thu May 02 2024 Alejandro Sáez <asm@redhat.com> - 1.22.2-1
+- Rebase to 1.22.2
+- Re-enable CGO
+- Skip TestCrashDumpsAllThreads
+- Resolves: RHEL-33157
+
+* Tue Feb 13 2024 Alejandro Sáez <asm@redhat.com> - 1.21.7-1
+- Rebase to Go 1.21.7
+- Add release information
+- Set GOTOOLCHAIN to local
+- Skip TestOverlongMessagePKCS1v15
+- Resolves: RHEL-24082
+- Resolves: RHEL-18363
+- Resolves: RHEL-18382
+
+* Wed Nov 08 2023 David Benoit <dbenoit@redhat.com> - 1.21.3-4
+- Do not remove GOPROXY/GOSUMDB
+- Related: RHEL-12620
+
+* Thu Nov 02 2023 David Benoit <dbenoit@redhat.com> - 1.21.3-3
+- Fix go.env in Go 1.21
+- Related: RHEL-12620
+
+* Tue Oct 31 2023 Archana Ravindar <aravinda@redhat.com> - 1.21.3-2
+- Rebase disable_static_tests_part2.patch to Go 1.21.3
+- Add missing strict fips runtime detection patch
+- Temporarily disable FIPS tests on aarch64 due to builder kernel bugs
+- Remove fix-memory-leak patch as it is fixed upstream
+- Resolves: RHEL-12620
+
+* Fri Oct 20 2023 Archana Ravindar <aravinda@redhat.com> - 1.21.3-1
+- Rebase Go to 1.21.3
+- Resolves: RHEL-12620
+
+* Mon Aug 14 2023 Alejandro Sáez <asm@redhat.com> - 1.20.6-2
+- Retire golang-race package
+- Resolves: rhbz#2230599
+
+* Tue Jul 25 2023 Alejandro Sáez <asm@redhat.com> - 1.20.6-1
+- Rebase to Go 1.20.6
+- Resolves: rhbz#2217596
+
+* Mon May 29 2023 Alejandro Sáez <asm@redhat.com> - 1.20.4-1
+- Rebase to Go 1.20.4
+- Resolves: rhbz#2204474
+
+* Tue Apr 11 2023 David Benoit <dbenoit@redhat.com> - 1.20.3-1
+- Rebase to Go 1.20.3
+- Remove race archives
+- Update static tests patches
+- Resolves: rhbz#2185260
 
 * Tue Jan 3 2023 David Benoit <dbenoit@redhat.com> - 1.19.4-2
 - Fix memory leaks in EVP_{sign,verify}_raw