Sync from SUSE:SLFO:Main go1.19-openssl revision cece5bfc3203de2b87f0184d3af72eb5
This commit is contained in:
commit
49cc6013c2
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
8
README.SUSE
Normal file
8
README.SUSE
Normal file
@ -0,0 +1,8 @@
|
||||
# Go Programming Language
|
||||
|
||||
OBS: https://build.opensuse.org/project/show/devel:languages:go
|
||||
|
||||
Maintainer: Jeff Kowalczyk
|
||||
|
||||
Wiki: http://en.opensuse.org/Go
|
||||
http://en.opensuse.org/openSUSE:Packaging_Go
|
7
_constraints
Normal file
7
_constraints
Normal file
@ -0,0 +1,7 @@
|
||||
<constraints>
|
||||
<hardware>
|
||||
<disk>
|
||||
<size unit="G">5</size>
|
||||
</disk>
|
||||
</hardware>
|
||||
</constraints>
|
15
_service
Normal file
15
_service
Normal file
@ -0,0 +1,15 @@
|
||||
<services>
|
||||
<service name="tar_scm" mode="disabled">
|
||||
<param name="url">https://github.com/llvm/llvm-project.git</param>
|
||||
<param name="scm">git</param>
|
||||
<param name="include">compiler-rt</param>
|
||||
<!-- [boo#1052528] Always make sure this is kept up to date with src/runtime/race/README. -->
|
||||
<param name="revision">127e59048cd3d8dbb80c14b3036918c114089529</param>
|
||||
<param name="versionformat">%H</param>
|
||||
<param name="filename">llvm</param>
|
||||
</service>
|
||||
<service name="recompress" mode="disabled">
|
||||
<param name="file">llvm-*.tar</param>
|
||||
<param name="compression">xz</param>
|
||||
</service>
|
||||
</services>
|
33
dont-force-gold-on-arm64.patch
Normal file
33
dont-force-gold-on-arm64.patch
Normal file
@ -0,0 +1,33 @@
|
||||
--- go/src/cmd/link/internal/ld/lib.go
|
||||
+++ go/src/cmd/link/internal/ld/lib.go
|
||||
@@ -1391,30 +1391,6 @@
|
||||
// Use lld to avoid errors from default linker (issue #38838)
|
||||
altLinker = "lld"
|
||||
}
|
||||
-
|
||||
- if ctxt.Arch.InFamily(sys.ARM, sys.ARM64) && buildcfg.GOOS == "linux" {
|
||||
- // On ARM, the GNU linker will generate COPY relocations
|
||||
- // even with -znocopyreloc set.
|
||||
- // https://sourceware.org/bugzilla/show_bug.cgi?id=19962
|
||||
- //
|
||||
- // On ARM64, the GNU linker will fail instead of
|
||||
- // generating COPY relocations.
|
||||
- //
|
||||
- // In both cases, switch to gold.
|
||||
- altLinker = "gold"
|
||||
-
|
||||
- // If gold is not installed, gcc will silently switch
|
||||
- // back to ld.bfd. So we parse the version information
|
||||
- // and provide a useful error if gold is missing.
|
||||
- name, args := flagExtld[0], flagExtld[1:]
|
||||
- args = append(args, "-fuse-ld=gold", "-Wl,--version")
|
||||
- cmd := exec.Command(name, args...)
|
||||
- if out, err := cmd.CombinedOutput(); err == nil {
|
||||
- if !bytes.Contains(out, []byte("GNU gold")) {
|
||||
- log.Fatalf("ARM external linker must be gold (issue #15696), but is not: %s", out)
|
||||
- }
|
||||
- }
|
||||
- }
|
||||
}
|
||||
if ctxt.Arch.Family == sys.ARM64 && buildcfg.GOOS == "freebsd" {
|
||||
// Switch to ld.bfd on freebsd/arm64.
|
79
gcc-go.patch
Normal file
79
gcc-go.patch
Normal file
@ -0,0 +1,79 @@
|
||||
Index: go/src/cmd/dist/buildtool.go
|
||||
===================================================================
|
||||
--- go.orig/src/cmd/dist/buildtool.go
|
||||
+++ go/src/cmd/dist/buildtool.go
|
||||
@@ -210,7 +210,7 @@
|
||||
// only applies to the final cmd/go binary, but that's OK: if this is Go 1.10
|
||||
// or later we don't need to disable inlining to work around bugs in the Go 1.4 compiler.
|
||||
cmd := []string{
|
||||
- pathf("%s/bin/go", goroot_bootstrap),
|
||||
+ pathf("%s/bin/go-$gcc_go_version", goroot_bootstrap),
|
||||
"install",
|
||||
"-gcflags=-l",
|
||||
"-tags=math_big_pure_go compiler_bootstrap purego",
|
||||
Index: go/src/make.bash
|
||||
===================================================================
|
||||
--- go.orig/src/make.bash
|
||||
+++ go/src/make.bash
|
||||
@@ -68,7 +68,7 @@
|
||||
# time goes when these scripts run.
|
||||
#
|
||||
# GOROOT_BOOTSTRAP: A working Go tree >= Go 1.4 for bootstrap.
|
||||
-# If $GOROOT_BOOTSTRAP/bin/go is missing, $(go env GOROOT) is
|
||||
+# If $GOROOT_BOOTSTRAP/bin/go-$gcc_go_version is missing, $(go env GOROOT) is
|
||||
# tried for all "go" in $PATH. $HOME/go1.4 by default.
|
||||
|
||||
set -e
|
||||
@@ -179,8 +179,8 @@
|
||||
fi
|
||||
fi
|
||||
done; unset IFS
|
||||
-if [ ! -x "$GOROOT_BOOTSTRAP/bin/go" ]; then
|
||||
- echo "ERROR: Cannot find $GOROOT_BOOTSTRAP/bin/go." >&2
|
||||
+if [ ! -x "$GOROOT_BOOTSTRAP/bin/go-$gcc_go_version" ]; then
|
||||
+ echo "ERROR: Cannot find $GOROOT_BOOTSTRAP/bin/go-$gcc_go_version." >&2
|
||||
echo "Set \$GOROOT_BOOTSTRAP to a working Go tree >= Go 1.4." >&2
|
||||
exit 1
|
||||
fi
|
||||
@@ -198,7 +198,7 @@
|
||||
exit 1
|
||||
fi
|
||||
rm -f cmd/dist/dist
|
||||
-GOROOT="$GOROOT_BOOTSTRAP" GOOS="" GOARCH="" GO111MODULE=off GOEXPERIMENT="" GOENV=off GOFLAGS="" "$GOROOT_BOOTSTRAP/bin/go" build -o cmd/dist/dist ./cmd/dist
|
||||
+GOROOT="$GOROOT_BOOTSTRAP" GOOS="" GOARCH="" GO111MODULE=off GOEXPERIMENT="" GOENV=off GOFLAGS="" "$GOROOT_BOOTSTRAP/bin/go-$gcc_go_version" build -o cmd/dist/dist ./cmd/dist
|
||||
|
||||
# -e doesn't propagate out of eval, so check success by hand.
|
||||
eval $(./cmd/dist/dist env -p || echo FAIL=true)
|
||||
Index: go/src/make.rc
|
||||
===================================================================
|
||||
--- go.orig/src/make.rc
|
||||
+++ go/src/make.rc
|
||||
@@ -57,7 +57,7 @@
|
||||
GOROOT_BOOTSTRAP = $home/$d
|
||||
}
|
||||
for(p in $path){
|
||||
- if(! test -x $GOROOT_BOOTSTRAP/bin/go){
|
||||
+ if(! test -x $GOROOT_BOOTSTRAP/bin/go-$gcc_go_version){
|
||||
if(go_exe = `{path=$p whatis go}){
|
||||
goroot = `{GOROOT='' $go_exe env GOROOT}
|
||||
if(! ~ $goroot $GOROOT){
|
||||
@@ -70,8 +70,8 @@
|
||||
}
|
||||
}
|
||||
}
|
||||
-if(! test -x $GOROOT_BOOTSTRAP/bin/go){
|
||||
- echo 'ERROR: Cannot find '$GOROOT_BOOTSTRAP'/bin/go.' >[1=2]
|
||||
+if(! test -x $GOROOT_BOOTSTRAP/bin/go-$gcc_go_version){
|
||||
+ echo 'ERROR: Cannot find '$GOROOT_BOOTSTRAP'/bin/go-$gcc_go_version.' >[1=2]
|
||||
echo 'Set $GOROOT_BOOTSTRAP to a working Go tree >= Go 1.4.' >[1=2]
|
||||
exit bootstrap
|
||||
}
|
||||
@@ -84,7 +84,7 @@
|
||||
echo 'Building Go cmd/dist using '^$GOROOT_BOOTSTRAP
|
||||
if(~ $#vflag 1)
|
||||
echo cmd/dist
|
||||
-GOROOT=$GOROOT_BOOTSTRAP GOOS='' GOARCH='' GOEXPERIMENT='' GO111MODULE=off GOENV=off GOFLAGS='' $GOROOT_BOOTSTRAP/bin/go build -o cmd/dist/dist ./cmd/dist
|
||||
+GOROOT=$GOROOT_BOOTSTRAP GOOS='' GOARCH='' GOEXPERIMENT='' GO111MODULE=off GOENV=off GOFLAGS='' $GOROOT_BOOTSTRAP/bin/go-$gcc_go_version build -o cmd/dist/dist ./cmd/dist
|
||||
|
||||
eval `{./cmd/dist/dist env -9}
|
||||
if(~ $#vflag 1)
|
9
go-rpmlintrc
Normal file
9
go-rpmlintrc
Normal file
@ -0,0 +1,9 @@
|
||||
addFilter("binaryinfo-readelf-failed") # go binaries are suposedly ELF-compliant
|
||||
addFilter("statically-linked-binary") # go doesn't yet support dynamic linking
|
||||
|
||||
# .syso files are special. Note that while they are architecture-dependent,
|
||||
# they are named to avoid conflicts (and we make sure of that in the RPM
|
||||
# through go_arch).
|
||||
addFilter("unstripped-binary-or-object.*\.syso$")
|
||||
addFilter("arch-dependent-file-in-usr-share.*\.syso$")
|
||||
addFilter("W: position-independent-executable-suggested")
|
1
go.gdbinit
Normal file
1
go.gdbinit
Normal file
@ -0,0 +1 @@
|
||||
add-auto-load-safe-path /usr/lib/go/$go_label/src/runtime/runtime-gdb.py
|
735
go1.19-openssl.changes
Normal file
735
go1.19-openssl.changes
Normal file
@ -0,0 +1,735 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 27 11:32:47 UTC 2024 - Dominique Leuenberger <dimstar@opensuse.org>
|
||||
|
||||
- Use %patch -P N instead of deprecated %patchN.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Sep 21 21:25:57 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.13.1 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.13-1-openssl-fips.
|
||||
* Update to Go 1.19.13
|
||||
* run go mod tidy with local Go toolchain
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Sep 6 15:08:50 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.13 (released 2023-09-06) includes fixes to the go command,
|
||||
and the crypto/tls and net/http packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
* go#61197 cmd/go: extended forwards compatibility for Go
|
||||
* go#61825 net/http: go 1.20.6 host validation breaks setting Host to a unix socket address
|
||||
* go#61968 crypto/tls: add GODEBUG to control max RSA key size
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 5 19:12:05 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Add missing directory pprof html asset directory to package.
|
||||
Refs boo#1215090
|
||||
* src/cmd/vendor/github.com/google/pprof/internal/driver/html/
|
||||
dir containing html assets is present in upstream Go
|
||||
distribution but missing from SUSE go1.x packages
|
||||
* Go programs importing runtime/pprof may fail with error:
|
||||
/usr/lib64/go/1.21/src/cmd/vendor/github.com/google/pprof/internal/driver/webhtml.go
|
||||
pattern html: no matching files found
|
||||
* Reformat adjacent commment in spec file
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 11 18:49:02 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.12.1 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.12-1-openssl-fips.
|
||||
* Update to Go 1.19.12 and fix memory leak
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 1 20:35:02 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.12 (released 2023-08-01) includes a security fix to the
|
||||
crypto/tls package, as well as bug fixes to the assembler and the
|
||||
compiler.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2023-29409
|
||||
* go#61579 go#61460 boo#1213880 security: fix CVE-2023-29409 crypto/tls: restrict RSA keys in certificates to <= 8192 bits
|
||||
* go#61319 cmd/compile: ppc64le: sign extension issue in go 1.21rc2
|
||||
* go#61448 net: TestInterfaceArrivalAndDepartureZoneCache is broken on linux-arm64
|
||||
* go#61470 cmd/compile: failed to make Go on riscv64 CPU with numa
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 11 17:50:52 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.11 (released 2023-07-11) includes a security fix to the
|
||||
net/http package, as well as bug fixes to cgo, the cover tool,
|
||||
the go command, the runtime, and the go/printer package.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2023-29406
|
||||
* go#61075 go#60374 boo#1213229 security: fix CVE-2023-29406 net/http: insufficient sanitization of Host header
|
||||
* go#60351 cmd/go: go mod tidy introduces ambiguous imports in pruned modules
|
||||
* go#60637 cmd/pprof: skip TestDisasm flaky failures on linux/arm64
|
||||
* go#60697 cmd/go: go list fails with submodules which have test-only dependencies
|
||||
* go#60710 cmd/go: go list -export -e outputs errors to stderr and has non-zero exit code
|
||||
* go#60844 runtime: SIGSEGV in race + coverage mode
|
||||
* go#60948 runtime: goroutines that stop after calling runtime.RaceDisable break race detector
|
||||
* go#61054 runtime: TestWindowsStackMemory flakes on windows-386-2016
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 7 00:00:52 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.10.1 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.10-1-openssl-fips.
|
||||
* Update to Go 1.19.10
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 6 19:13:57 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.10 (released 2023-06-06) includes four security fixes to
|
||||
the cmd/go and runtime packages, as well as bug fixes to the
|
||||
compiler, the go command, and the runtime.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2023-29402 CVE-2023-29403 CVE-2023-29404 CVE-2023-29405
|
||||
* go#60515 go#60167 boo#1212073 security: fix CVE-2023-29402 cmd/go: cgo code injection
|
||||
* go#60517 go#60272 boo#1212074 security: fix CVE-2023-29403 runtime: unexpected behavior of setuid/setgid binaries
|
||||
* go#60511 go#60305 boo#1212075 security: fix CVE-2023-29404 cmd/go: improper sanitization of LDFLAGS
|
||||
* go#60513 go#60306 boo#1212076 security: fix CVE-2023-29405 cmd/go: improper sanitization of LDFLAGS
|
||||
* go#59974 cmd/compile: multiple memories live at block start
|
||||
* go#60000 cmd/go: missing checksums for dependencies of go get arguments and tests of external dependencies
|
||||
* go#60457 cmd/go: document GOROOT/bin/go PATH entry for go test and go generate
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 23 13:28:24 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.9.2 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.9-2-openssl-fips.
|
||||
* Fix TestEncryptOAEP and TLS failures in FIPS mode
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 16 17:20:44 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.9.1 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.9-1-openssl-fips.
|
||||
* Update to Go 1.19.9
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 3 23:07:16 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Revert re-enable binary stripping and debuginfo boo#1210938.
|
||||
go1.19 and earlier store pre-compiled packages in $GOROOT/pkg as
|
||||
Go .a files which are not ar archives. These .a are incorrectly
|
||||
passed to strip by brp-15-strip-debug. strip incorrectly modifies
|
||||
Go .a files rendering them invalid. Some Go applications fail to
|
||||
build with "reference to nonexistent package" errors.
|
||||
Refs boo#1210938 boo#1211073
|
||||
* go1.19 and earlier store pre-compiled packages for the standard
|
||||
library as .a files under pkg/GOARCH[_{dynlink,race}].
|
||||
* Go emitted .a files are a Go specific format, not ar archives.
|
||||
* go1.10+ stores recently built packages in build cache GOCACHE.
|
||||
These are separate from the installed packages in $GOROOT/pkg.
|
||||
* Go build cache objects use a different file format than Go .a.
|
||||
* go1.20+ switches to the GOCACHE for both recently built
|
||||
packages and the installed packages in $GOROOT/pkg.
|
||||
* Current versions of readelf detect Go .a files correctly, e.g.:
|
||||
readelf -d /usr/lib64/go/1.19/pkg/linux_amd64/bytes.a
|
||||
File: /usr/lib64/go/1.19/pkg/linux_amd64/bytes.a(__.PKGDEF )
|
||||
readelf: Error: This is a GO binary file - try using 'go tool objdump' or 'go tool nm'
|
||||
* binutils strip as of 2.40 detects Go .a files correctly, but
|
||||
incorrectly modifies the .a files altering path resulting in
|
||||
"reference to nonexistent package" errors.
|
||||
* brp_check_suse/brp-15-strip-debug passes files to strip based
|
||||
primarily on the file extension including .a.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 2 17:24:29 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.9 (released 2023-05-02) includes three security fixes to
|
||||
the html/template package, as well as bug fixes to the compiler,
|
||||
the runtime, and the crypto/tls and syscall packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2023-29400 CVE-2023-24540 CVE-2023-24539
|
||||
* go#59811 go#59720 boo#1211029 security: fix CVE-2023-24539 html/template: improper sanitization of CSS values
|
||||
* go#59813 go#59721 boo#1211030 security: fix CVE-2023-24540 html/template: improper handling of JavaScript whitespace
|
||||
* go#59815 go#59722 boo#1211031 security: fix CVE-2023-29400 html/template: improper handling of empty HTML attributes
|
||||
* go#59063 runtime: automatically bump RLIMIT_NOFILE on Unix
|
||||
* go#59158 cmd/compile: inlining function that references function literals generates bad code
|
||||
* go#59373 cmd/compile: encoding/binary.PutUint16 sometimes doesn't write
|
||||
* go#59539 crypto/tls: TLSv1.3 connection fails with invalid PSK binder
|
||||
* go#59579 cmd/compile: incorrect inline function variable
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 2 17:08:49 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Packaging revert go1.x Suggests go1.x-race boo#1210963
|
||||
* Upstream go binary distributions do include race detector .syso
|
||||
* Default Recommends for subpackages is best suited in this case
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 28 23:47:22 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Packaging improvements:
|
||||
* Re-enable binary stripping and debuginfo boo#1210938
|
||||
* go1.x Suggests go1.x-race do not install by default boo#1210963
|
||||
* Use Group: Development/Languages/Go instead of Other
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 14 23:41:22 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Build subpackage go1.1x-libstd compiled shared object libstd.so
|
||||
only on Tumbleweed at this time.
|
||||
Refs jsc#PED-1962
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 14 23:20:06 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Add subpackage go1.x-libstd for compiled shared object libstd.so.
|
||||
Refs jsc#PED-1962
|
||||
* Main go1.x package included libstd.so in previous versions
|
||||
* Split libstd.so into subpackage that can be installed standalone
|
||||
* Continues the slimming down of main go1.x package by 40 Mb
|
||||
* Experimental and not recommended for general use, Go currently has no ABI
|
||||
* Upstream Go has not committed to support buildmode=shared long-term
|
||||
* Do not use in packaging, build static single binaries (the default)
|
||||
* Upstream Go go1.x binary releases do not include libstd.so
|
||||
* go1.x Suggests go1.x-libstd so not installed by default Recommends
|
||||
* go1.x-libstd does not Require: go1.x so can install standalone
|
||||
* Provides go-libstd unversioned package name
|
||||
* Fix build step -buildmode=shared std to omit -linkshared
|
||||
- Packaging improvements:
|
||||
* go1.x Suggests go1.x-doc so not installed by default Recommends
|
||||
* Use Group: Development/Languages/Go instead of Other
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 14 23:06:51 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Improvements to go1.x packaging spec:
|
||||
* On Tumbleweed bootstrap with current default gcc13 and gccgo118
|
||||
* On SLE-12 aarch64 ppc64le ppc64 remove overrides to bootstrap
|
||||
using go1.x package (%bcond_without gccgo). This is no longer
|
||||
needed on current SLE-12:Update and removing will consolidate
|
||||
the build configurations used.
|
||||
* Change source URLs to go.dev as per Go upstream
|
||||
* On x86_64 export GOAMD64=v1 as per the current baseline.
|
||||
At this time forgo GOAMD64=v3 option for x86_64_v3 support.
|
||||
* On x86_64 %define go_amd64=v1 as current instruction baseline
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Apr 13 04:58:20 UTC 2023 - Martin Liška <mliska@suse.cz>
|
||||
|
||||
- Use gcc13 compiler for Tumbleweed.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 5 18:44:00 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.8.1 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.8-1-openssl-fips.
|
||||
* Update to Go 1.19.8
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 4 20:42:31 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.8 (released 2023-04-04) includes security fixes to the
|
||||
go/parser, html/template, mime/multipart, net/http, and
|
||||
net/textproto packages, as well as bug fixes to the linker, the
|
||||
runtime, and the time package.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2023-24534 CVE-2023-24536 CVE-2023-24537 CVE-2023-24538
|
||||
* go#59267 go#58975 boo#1210127 security: fix CVE-2023-24534 net/http, net/textproto: denial of service from excessive memory allocation
|
||||
* go#59269 go#59153 boo#1210128 security: fix CVE-2023-24536 net/http, net/textproto, mime/multipart: denial of service from excessive resource consumption
|
||||
* go#59273 go#59180 boo#1210129 security: fix CVE-2023-24537 go/parser: infinite loop in parsing
|
||||
* go#59271 go#59234 boo#1210130 security: fix CVE-2023-24538 html/template: backticks not treated as string delimiters
|
||||
* go#58937 cmd/go: timeout on darwin-amd64-race builder
|
||||
* go#58939 runtime/pprof: TestLabelSystemstack due to sample with no location
|
||||
* go#58941 internal/testpty: fails on some Linux machines due to incorrect error handling
|
||||
* go#59050 cmd/link: linker fails on linux/amd64 when gcc's lto options are used
|
||||
* go#59058 cmd/link/internal/arm: off-by-one error in trampoline phase call reachability calculation
|
||||
* go#59074 time: time zone lookup using extend string makes wrong start time for non-DST zones
|
||||
* go#59219 runtime: crash on linux-ppc64le
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 7 18:03:10 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.7 (released 2023-03-07) includes a security fix to the
|
||||
crypto/elliptic package, as well as bug fixes to the linker, the
|
||||
runtime, and the crypto/x509 and syscall packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2023-24532
|
||||
* go#58719 go#58647 boo#1209030 security: fix CVE-2023-24532 crypto/elliptic: specific unreduced P-256 scalars produce incorrect results
|
||||
* go#58441 runtime: some linkname signatures do not match
|
||||
* go#58502 cmd/link: relocation truncated to fit: R_ARM_CALL against `runtime.duffcopy'
|
||||
* go#58535 runtime: long latency of sweep assists
|
||||
* go#58716 net: TestTCPSelfConnect failures due to unexpected connections
|
||||
* go#58773 syscall: Environ uses an invalid unsafe.Pointer conversion on Windows
|
||||
* go#58810 crypto/x509: TestSystemVerify consistently failing
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 16 19:49:32 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Update to version 1.19.6.1 cut from the go1.19-openssl-fips
|
||||
branch at the revision tagged go1.19.6-1-openssl-fips.
|
||||
* Update to Go 1.19.6
|
||||
* Add Crypto TestConfig and fix TLSv1.3 Crashesn
|
||||
* Add gating.yml
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Feb 14 18:28:32 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.6 (released 2023-02-14) includes security fixes to the
|
||||
crypto/tls, mime/multipart, net/http, and path/filepath packages,
|
||||
as well as bug fixes to the go command, the linker, the runtime,
|
||||
and the crypto/x509, net/http, and time packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2022-41722 CVE-2022-41723 CVE-2022-41724 CVE-2022-41725
|
||||
* go#57275 boo#1208269 security: fix CVE-2022-41722
|
||||
* go#58355 boo#1208270 security: fix CVE-2022-41723
|
||||
* go#58358 boo#1208271 security: fix CVE-2022-41724
|
||||
* go#58362 boo#1208272 security: fix CVE-2022-41725
|
||||
* go#56154 net/http: bad handling of HEAD requests with a body
|
||||
* go#57635 crypto/x509: TestBoringAllowCert failures
|
||||
* go#57812 runtime: performance regression due to bad instruction used in morestack_noctxt for ppc64 in CL 425396
|
||||
* go#58118 time: update zoneinfo_abbrs on Windows
|
||||
* go#58223 cmd/link: .go.buildinfo is gc'ed by --gc-sections
|
||||
* go#58449 cmd/go/internal/modfetch: TestCodeRepo/gopkg.in_natefinch_lumberjack.v2/latest failing
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 10 22:13:49 UTC 2023 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.5 (released 2023-01-10) includes fixes to the compiler,
|
||||
the linker, and the crypto/x509, net/http, sync/atomic, and
|
||||
syscall packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
* go#57706 Misc/cgo: backport needed for dlltool fix
|
||||
* go#57556 crypto/x509: re-allow duplicate attributes in CSRs
|
||||
* go#57444 cmd/link: need to handle new-style LoongArch relocs
|
||||
* go#57427 crypto/x509: Verify on macOS does not return typed errors
|
||||
* go#57345 cmd/compile: the loong64 intrinsic for CompareAndSwapUint32 function needs to sign extend its "old" argument.
|
||||
* go#57339 syscall, internal/poll: accept4-to-accept fallback removal broke Go code on Synology DSM 6.2 ARM devices
|
||||
* go#57214 os: TestLstat failure on Linux Aarch64
|
||||
* go#57212 reflect: sort.SliceStable sorts incorrectly on arm64 with less function created with reflect.MakeFunc and slice of sufficient length
|
||||
* go#57124 sync/atomic: allow linked lists of atomic.Pointer
|
||||
* go#57100 cmd/compile: non-retpoline-compatible errors
|
||||
* go#57058 cmd/go: remove test dependency on gopkg.in service
|
||||
* go#57055 cmd/go: TestScript/version_buildvcs_git_gpg (if enabled) fails on linux longtest builders
|
||||
* go#56983 runtime: failure in TestRaiseException on windows-amd64-2012
|
||||
* go#56834 cmd/link/internal/ppc64: too-far trampoline is reused
|
||||
* go#56770 cmd/compile: walkConvInterface produces broken IR
|
||||
* go#56744 cmd/compile: internal compiler error: missing typecheck
|
||||
* go#56712 net: reenable TestLookupDotsWithRemoteSource and TestLookupGoogleSRV with a different target
|
||||
* go#56154 net/http: bad handling of HEAD requests with a body
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Dec 14 18:04:42 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Initial package go1.19-openssl version 1.19.4.1 cut from the
|
||||
go1.19-openssl-fips branch at the revision tagged
|
||||
go1.19.4-1-openssl-fips.
|
||||
Refs jsc#SLE-18320
|
||||
* Go upstream merged branch dev.boringcrypto in go1.19+.
|
||||
* In go1.x enable BoringCrypto via GOEXPERIMENT=boringcrypto.
|
||||
* In go1.x-openssl enable FIPS mode (or boring mode as the
|
||||
package is named) either via an environment variable
|
||||
GOLANG_FIPS=1 or by virtue of booting the host in FIPS mode.
|
||||
* When the operating system is operating in FIPS mode, Go
|
||||
applications which import crypto/tls/fipsonly limit operations
|
||||
to the FIPS ciphersuite.
|
||||
* go1.x-openssl is delivered as two large patches to go1.x
|
||||
applying necessary modifications from the golang-fips/go GitHub
|
||||
project for the Go crypto library to use OpenSSL as the
|
||||
external cryptographic library in a FIPS compliant way.
|
||||
* go1.x-openssl modifies the crypto/* packages to use OpenSSL for
|
||||
cryptographic operations.
|
||||
* go1.x-openssl uses dlopen() to call into OpenSSL.
|
||||
* SUSE RPM packaging introduces a fourth version digit go1.x.y.z
|
||||
corresponding to the golang-fips/go patchset tagged revision.
|
||||
* Patchset improvements can be updated independently of upstream
|
||||
Go maintenance releases.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 6 20:49:04 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.4 (released 2022-12-06) includes security fixes to the
|
||||
net/http and os packages, as well as bug fixes to the compiler,
|
||||
the runtime, and the crypto/x509, os/exec, and sync/atomic
|
||||
packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2022-41717 CVE-2022-41720
|
||||
* go#57009 boo#1206135 security: fix CVE-2022-41717 net/http: limit canonical header cache by bytes, not entries
|
||||
* go#57006 boo#1206134 security: fix CVE-2022-41720 os, net/http: avoid escapes from os.DirFS and http.Dir on Windows
|
||||
* go#56752 runtime,cmd/compile: apparent memory corruption in compress/flate
|
||||
* go#56710 net: builders failing TestLookupDotsWithRemoteSource and TestLookupGoogleSRV due to missing host for _xmpp-server._tcp.google.com
|
||||
* go#56672 crypto/tls: boringcrypto restricts RSA key sizes to 2048 and 3072
|
||||
* go#56638 sync/atomic: atomic.Pointer[T] can be misused with type conversions.
|
||||
* go#56636 runtime: traceback stuck in runtime.systemstack
|
||||
* go#56557 cmd/compile: some x/sys versions no longer build due to "go:linkname must refer to declared function or variable"
|
||||
* go#56551 os/exec: Plan 9 build has been broken by a Windows security fix (also breaks 1.19.3 and 1.18.8)
|
||||
* go#56438 crypto/x509: respect GODEBUG changes during program lifetime
|
||||
* go#56397 runtime: on linux/PPC64, usleep computes incorrect tv_nsec parameter
|
||||
* go#56360 cmd/compile: panic: offset too large
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 1 17:18:30 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.3 (released 2022-11-01) includes security fixes to the
|
||||
os/exec and syscall packages, as well as bug fixes to the
|
||||
compiler and the runtime.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2022-41716
|
||||
* go#56328 boo#1204941 security: fix CVE-2022-41716 syscall, os/exec: unsanitized NUL in environment variables
|
||||
* go#56309 runtime: "runtime·lock: lock count" fatal error when cgo is enabled
|
||||
* go#56168 cmd/compile: libFuzzer instrumentation fakePC overflow on 386 arch
|
||||
* go#56106 internal/fuzz: array literal initialization causes ICE "unhandled stmt ASOP" while fuzzing
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Oct 4 18:21:57 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.2 (released 2022-10-04) includes security fixes to the
|
||||
archive/tar, net/http/httputil, and regexp packages, as well as
|
||||
bug fixes to the compiler, the linker, the runtime, and the
|
||||
go/types package.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2022-41715 CVE-2022-2879 CVE-2022-2880
|
||||
* go#55951 boo#1204023 security: fix CVE-2022-41715 regexp/syntax: limit memory used by parsing regexps
|
||||
* go#55926 boo#1204024 security: fix CVE-2022-2879 archive/tar: unbounded memory consumption when reading headers
|
||||
* go#55843 boo#1204025 security: fix CVE-2022-2880 net/http/httputil: ReverseProxy should not forward unparseable query parameters
|
||||
* go#55270 cmd/compile: internal compiler error: method Len on *uint8 not found
|
||||
* go#55152 cmd/compile: typebits.Set: invalid initial alignment: type Peer has alignment 8, but offset is 4
|
||||
* go#55149 go/types: no way to construct the signature of append(s, "string"...) via the API
|
||||
* go#55124 fatal error: bulkBarrierPreWrite: unaligned arguments (go 1.19.1, looks like regression)
|
||||
* go#55114 cmd/link: new darwin linker warning on -pagezero_size and -no_pie deprecation
|
||||
* go#54917 cmd/compile: Value live at entry
|
||||
* go#54764 runtime/cgo(.text): unknown symbol __stack_chk_fail_local in pcrel (regression in 1.19 when building for i686)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Sep 6 19:24:28 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19.1 (released 2022-09-06) includes security fixes to the
|
||||
net/http and net/url packages, as well as bug fixes to the
|
||||
compiler, the go command, the pprof command, the linker, the
|
||||
runtime, and the crypto/tls and crypto/x509 packages.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
CVE-2022-27664 CVE-2022-32190
|
||||
* go#54376 bsc#1203185 CVE-2022-27664 net/http: handle server errors after sending GOAWAY
|
||||
* go#54635 bsc#1203186 CVE-2022-32190 net/url: JoinPath doesn't strip relative path components in all circumstances
|
||||
* go#54736 cmd/go: cannot find package when importing dependencies with the unix build constraint
|
||||
* go#54734 cmd/go: git fetch errors dropped when producing pseudo-versions for commits
|
||||
* go#54726 cmd/compile: compile failed with "Value live at entry"
|
||||
* go#54697 cmd/compile: ICE at composite literal assignment with alignment > PtrSize
|
||||
* go#54675 runtime: morestack_noctxt missing SPWRITE, causes "traceback stuck" assert
|
||||
* go#54665 runtime: segfault running ppc64/linux binaries with kernel 5.18
|
||||
* go#54660 cmd/go: go test -race does not set implicit race build tag
|
||||
* go#54643 crypto/tls: support ECDHE key exchanges when ec_point_formats is missing in ClientHello extension
|
||||
* go#54637 cmd/go: data race in TestScript
|
||||
* go#54633 cmd/go/internal/modfetch/codehost: racing writes to Origin fields
|
||||
* go#54629 cmd/compile: miscompilation of partially-overlapping array assignments
|
||||
* go#54420 cmd/pprof: graphviz node names are funny with generics
|
||||
* go#54406 cmd/link: trampoline insertion breaks DWARF Line Program Table output on Darwin/ARM64
|
||||
* go#54309 cmd/compile: internal compiler error: panic: runtime error: invalid memory address or nil pointer dereference
|
||||
* go#54295 crypto/x509: panics on invalid curve instead of returning error
|
||||
* go#54243 cmd/compile: internal compiler error when compiling code with unbound method of generic type
|
||||
* go#54239 misc/cgo: TestSignalForwardingExternal sometimes fails with wrong signal SIGINT
|
||||
* go#54235 cmd/compile: internal compiler error of atomic type and offsetof
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 22 20:44:19 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Define go_bootstrap_version go1.16 without suse_version checks
|
||||
- Simplify conditional gcc_go_version 12 on Tumbleweed, 11 elsewhere
|
||||
- Add _constraints for worker disk space 5G needed by SLE-15 x86_64
|
||||
- SLE-12 s390x use bcond_without gccgo to bootstrap using gcc11go
|
||||
* Workaround for SLE-12 s390x build error while writing linker data:
|
||||
bad carrier sym for symbol crypto/internal/nistec.p256OrdMul.args_stackmap
|
||||
created by cmd/link/internal/ld.writeBlocks
|
||||
/usr/lib64/go/1.19/src/cmd/link/internal/ld/data.go:958
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 19 17:53:40 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
- Bootstrap using go1.16 on SLE-15 and newer. go1.16 is
|
||||
bootstrapped using gcc-go 11 or 12. This allows dropping older
|
||||
versions of Go from Factory.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 9 05:56:23 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Rebase gcc-go.patch onto upstream changes in go/src/make.bash and
|
||||
go/src/make.rc. Used for SLE-12 go bootstrap builds with gcc8.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 2 17:19:11 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19 (released 2022-08-02) is a major release of Go.
|
||||
go1.19.x minor releases will be provided through August 2023.
|
||||
https://github.com/golang/go/wiki/Go-Release-Cycle
|
||||
go1.19 arrives five months after go1.18. Most of its changes are
|
||||
in the implementation of the toolchain, runtime, and libraries.
|
||||
As always, the release maintains the Go 1 promise of
|
||||
compatibility. We expect almost all Go programs to continue to
|
||||
compile and run as before.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
* See release notes https://golang.org/doc/go1.19. Excerpts
|
||||
relevant to OBS environment and for SUSE/openSUSE follow:
|
||||
* There is only one small change to the language, a very small
|
||||
correction to the scope of type parameters in method
|
||||
declarations. Existing programs are unaffected.
|
||||
* The Go memory model has been revised to align Go with the
|
||||
memory model used by C, C++, Java, JavaScript, Rust, and
|
||||
Swift. Go only provides sequentially consistent atomics, not
|
||||
any of the more relaxed forms found in other languages. Along
|
||||
with the memory model update, Go 1.19 introduces new types in
|
||||
the sync/atomic package that make it easier to use atomic
|
||||
values, such as atomic.Int64 and atomic.Pointer[T].
|
||||
* go1.19 adds support for the Loongson 64-bit architecture
|
||||
LoongArch on Linux (GOOS=linux, GOARCH=loong64). The ABI
|
||||
implemented is LP64D. Minimum kernel version supported is 5.19.
|
||||
* The riscv64 port now supports passing function arguments and
|
||||
result using registers. Benchmarking shows typical performance
|
||||
improvements of 10% or more on riscv64.
|
||||
* Go 1.19 adds support for links, lists, and clearer headings in
|
||||
doc comments. As part of this change, gofmt now reformats doc
|
||||
comments to make their rendered meaning clearer. See "Go Doc
|
||||
Comments" for syntax details and descriptions of common
|
||||
mistakes now highlighted by gofmt. As another part of this
|
||||
change, the new package go/doc/comment provides parsing and
|
||||
reformatting of doc comments as well as support for rendering
|
||||
them to HTML, Markdown, and text.
|
||||
* The new build constraint "unix" is now recognized in //go:build
|
||||
lines. The constraint is satisfied if the target operating
|
||||
system, also known as GOOS, is a Unix or Unix-like system. For
|
||||
the 1.19 release it is satisfied if GOOS is one of aix,
|
||||
android, darwin, dragonfly, freebsd, hurd, illumos, ios, linux,
|
||||
netbsd, openbsd, or solaris. In future releases the unix
|
||||
constraint may match additional newly supported operating
|
||||
systems.
|
||||
* The -trimpath flag, if set, is now included in the build
|
||||
settings stamped into Go binaries by go build, and can be
|
||||
examined using go version -m or debug.ReadBuildInfo.
|
||||
* go generate now sets the GOROOT environment variable explicitly
|
||||
in the generator's environment, so that generators can locate
|
||||
the correct GOROOT even if built with -trimpath.
|
||||
* go test and go generate now place GOROOT/bin at the beginning
|
||||
of the PATH used for the subprocess, so tests and generators
|
||||
that execute the go command will resolve it to same GOROOT.
|
||||
* go env now quotes entries that contain spaces in the
|
||||
CGO_CFLAGS, CGO_CPPFLAGS, CGO_CXXFLAGS, CGO_FFLAGS,
|
||||
CGO_LDFLAGS, and GOGCCFLAGS variables it reports.
|
||||
* go list -json now accepts a comma-separated list of JSON fields
|
||||
to populate. If a list is specified, the JSON output will
|
||||
include only those fields, and go list may avoid work to
|
||||
compute fields that are not included. In some cases, this may
|
||||
suppress errors that would otherwise be reported.
|
||||
* The go command now caches information necessary to load some
|
||||
modules, which should result in a speed-up of some go list
|
||||
invocations.
|
||||
* The vet checker "errorsas" now reports when errors.As is called
|
||||
with a second argument of type *error, a common mistake.
|
||||
* The runtime now includes support for a soft memory limit. This
|
||||
memory limit includes the Go heap and all other memory managed
|
||||
by the runtime, and excludes external memory sources such as
|
||||
mappings of the binary itself, memory managed in other
|
||||
languages, and memory held by the operating system on behalf of
|
||||
the Go program. This limit may be managed via
|
||||
runtime/debug.SetMemoryLimit or the equivalent GOMEMLIMIT
|
||||
environment variable. The limit works in conjunction with
|
||||
runtime/debug.SetGCPercent / GOGC, and will be respected even
|
||||
if GOGC=off, allowing Go programs to always make maximal use of
|
||||
their memory limit, improving resource efficiency in some
|
||||
cases.
|
||||
* In order to limit the effects of GC thrashing when the
|
||||
program's live heap size approaches the soft memory limit, the
|
||||
Go runtime also attempts to limit total GC CPU utilization to
|
||||
50%, excluding idle time, choosing to use more memory over
|
||||
preventing application progress. In practice, we expect this
|
||||
limit to only play a role in exceptional cases, and the new
|
||||
runtime metric /gc/limiter/last-enabled:gc-cycle reports when
|
||||
this last occurred.
|
||||
* The runtime now schedules many fewer GC worker goroutines on
|
||||
idle operating system threads when the application is idle
|
||||
enough to force a periodic GC cycle.
|
||||
* The runtime will now allocate initial goroutine stacks based on
|
||||
the historic average stack usage of goroutines. This avoids
|
||||
some of the early stack growth and copying needed in the
|
||||
average case in exchange for at most 2x wasted space on
|
||||
below-average goroutines.
|
||||
* On Unix operating systems, Go programs that import package os
|
||||
now automatically increase the open file limit (RLIMIT_NOFILE)
|
||||
to the maximum allowed value; that is, they change the soft
|
||||
limit to match the hard limit. This corrects artificially low
|
||||
limits set on some systems for compatibility with very old C
|
||||
programs using the select system call. Go programs are not
|
||||
helped by that limit, and instead even simple programs like
|
||||
gofmt often ran out of file descriptors on such systems when
|
||||
processing many files in parallel. One impact of this change is
|
||||
that Go programs that in turn execute very old C programs in
|
||||
child processes may run those programs with too high a
|
||||
limit. This can be corrected by setting the hard limit before
|
||||
invoking the Go program.
|
||||
* Unrecoverable fatal errors (such as concurrent map writes, or
|
||||
unlock of unlocked mutexes) now print a simpler traceback
|
||||
excluding runtime metadata (equivalent to a fatal panic) unless
|
||||
GOTRACEBACK=system or crash. Runtime-internal fatal error
|
||||
tracebacks always include full metadata regardless of the value
|
||||
of GOTRACEBACK
|
||||
* Support for debugger-injected function calls has been added on
|
||||
ARM64, enabling users to call functions from their binary in an
|
||||
interactive debugging session when using a debugger that is
|
||||
updated to make use of this functionality.
|
||||
* The address sanitizer support added in Go 1.18 now handles
|
||||
function arguments and global variables more precisely.
|
||||
* The compiler now uses a jump table to implement large integer
|
||||
and string switch statements. Performance improvements for the
|
||||
switch statement vary but can be on the order of 20%
|
||||
faster. (GOARCH=amd64 and GOARCH=arm64 only)
|
||||
* The Go compiler now requires the -p=importpath flag to build a
|
||||
linkable object file. This is already supplied by the go
|
||||
command and by Bazel. Any other build systems that invoke the
|
||||
Go compiler directly will need to make sure they pass this flag
|
||||
as well.
|
||||
* The Go compiler no longer accepts the -importmap flag. Build
|
||||
systems that invoke the Go compiler directly must use the
|
||||
-importcfg flag instead.
|
||||
* Like the compiler, the assembler now requires the -p=importpath
|
||||
flag to build a linkable object file. This is already supplied
|
||||
by the go command. Any other build systems that invoke the Go
|
||||
assembler directly will need to make sure they pass this flag
|
||||
as well.
|
||||
* Command and LookPath no longer allow results from a PATH search
|
||||
to be found relative to the current directory. This removes a
|
||||
common source of security problems but may also break existing
|
||||
programs that depend on using, say, exec.Command("prog") to run
|
||||
a binary named prog (or, on Windows, prog.exe) in the current
|
||||
directory. See the os/exec package documentation for
|
||||
information about how best to update such programs.
|
||||
* On Windows, Command and LookPath now respect the
|
||||
NoDefaultCurrentDirectoryInExePath environment variable, making
|
||||
it possible to disable the default implicit search of “.” in
|
||||
PATH lookups on Windows systems.
|
||||
* crypto/elliptic: Operating on invalid curve points (those for
|
||||
which the IsOnCurve method returns false, and which are never
|
||||
returned by Unmarshal or by a Curve method operating on a valid
|
||||
point) has always been undefined behavior and can lead to key
|
||||
recovery attacks. If an invalid point is supplied to Marshal,
|
||||
MarshalCompressed, Add, Double, or ScalarMult, they will now
|
||||
panic. ScalarBaseMult operations on the P224, P384, and P521
|
||||
curves are now up to three times faster, leading to similar
|
||||
speedups in some ECDSA operations. The generic (not platform
|
||||
optimized) P256 implementation was replaced with one derived
|
||||
from a formally verified model; this might lead to significant
|
||||
slowdowns on 32-bit platforms.
|
||||
* crypto/rand: Read no longer buffers random data obtained from
|
||||
the operating system between calls. Applications that perform
|
||||
many small reads at high frequency might choose to wrap Reader
|
||||
in a bufio.Reader for performance reasons, taking care to use
|
||||
io.ReadFull to ensure no partial reads occur. The Prime
|
||||
implementation was changed to use only rejection sampling,
|
||||
which removes a bias when generating small primes in
|
||||
non-cryptographic contexts, removes one possible minor timing
|
||||
leak, and better aligns the behavior with BoringSSL, all while
|
||||
simplifying the implementation. The change does produce
|
||||
different outputs for a given random source stream compared to
|
||||
the previous implementation, which can break tests written
|
||||
expecting specific results from specific deterministic random
|
||||
sources. To help prevent such problems in the future, the
|
||||
implementation is now intentionally non-deterministic with
|
||||
respect to the input stream.
|
||||
* crypto/tls: The GODEBUG option tls10default=1 has been
|
||||
removed. It is still possible to enable TLS 1.0 client-side by
|
||||
setting Config.MinVersion. The TLS server and client now reject
|
||||
duplicate extensions in TLS handshakes, as required by RFC
|
||||
5246, Section 7.4.1.4 and RFC 8446, Section 4.2.
|
||||
* crypto/x509: CreateCertificate no longer supports creating
|
||||
certificates with SignatureAlgorithm set to
|
||||
MD5WithRSA. CreateCertificate no longer accepts negative serial
|
||||
numbers. CreateCertificate will not emit an empty SEQUENCE
|
||||
anymore when the produced certificate has no
|
||||
extensions. ParseCertificate and ParseCertificateRequest now
|
||||
reject certificates and CSRs which contain duplicate
|
||||
extensions. The new CertPool.Clone and CertPool.Equal methods
|
||||
allow cloning a CertPool and checking the equivalence of two
|
||||
CertPools respectively. The new function ParseRevocationList
|
||||
provides a faster, safer to use CRL parser which returns a
|
||||
RevocationList. Parsing a CRL also populates the new
|
||||
RevocationList fields RawIssuer, Signature, AuthorityKeyId, and
|
||||
Extensions, which are ignored by CreateRevocationList. The new
|
||||
method RevocationList.CheckSignatureFrom checks that the
|
||||
signature on a CRL is a valid signature from a Certificate. The
|
||||
ParseCRL and ParseDERCRL functions are now deprecated in favor
|
||||
of ParseRevocationList. The Certificate.CheckCRLSignature
|
||||
method is deprecated in favor of
|
||||
RevocationList.CheckSignatureFrom. The path builder of
|
||||
Certificate.Verify was overhauled and should now produce better
|
||||
chains and/or be more efficient in complicated scenarios. Name
|
||||
constraints are now also enforced on non-leaf certificates.
|
||||
* crypto/x509/pkix: The types CertificateList and
|
||||
TBSCertificateList have been deprecated. The new crypto/x509
|
||||
CRL functionality should be used instead.
|
||||
* debug/elf: The new EM_LOONGARCH and R_LARCH_* constants support
|
||||
the loong64 port.
|
||||
* debug/pe: The new File.COFFSymbolReadSectionDefAux method,
|
||||
which returns a COFFSymbolAuxFormat5, provides access to COMDAT
|
||||
information in PE file sections. These are supported by new
|
||||
IMAGE_COMDAT_* and IMAGE_SCN_* constants.
|
||||
* runtime: The GOROOT function now returns the empty string
|
||||
(instead of "go") when the binary was built with the -trimpath
|
||||
flag set and the GOROOT variable is not set in the process
|
||||
environment.
|
||||
* runtime/metrics: The new /sched/gomaxprocs:threads metric
|
||||
reports the current runtime.GOMAXPROCS value. The new
|
||||
/cgo/go-to-c-calls:calls metric reports the total number of
|
||||
calls made from Go to C. This metric is identical to the
|
||||
runtime.NumCgoCall function. The new
|
||||
/gc/limiter/last-enabled:gc-cycle metric reports the last GC
|
||||
cycle when the GC CPU limiter was enabled. See the runtime
|
||||
notes for details about the GC CPU limiter.
|
||||
* runtime/pprof: Stop-the-world pause times have been
|
||||
significantly reduced when collecting goroutine profiles,
|
||||
reducing the overall latency impact to the application. MaxRSS
|
||||
is now reported in heap profiles for all Unix operating systems
|
||||
(it was previously only reported for GOOS=android, darwin, ios,
|
||||
and linux).
|
||||
* runtime/race: The race detector has been upgraded to use thread
|
||||
sanitizer version v3 on all supported platforms except
|
||||
windows/amd64 and openbsd/amd64, which remain on v2. Compared
|
||||
to v2, it is now typically 1.5x to 2x faster, uses half as much
|
||||
memory, and it supports an unlimited number of goroutines. On
|
||||
Linux, the race detector now requires at least glibc version
|
||||
2.17 and GNU binutils 2.26. The race detector is now supported
|
||||
on GOARCH=s390x. Race detector support for openbsd/amd64 has
|
||||
been removed from thread sanitizer upstream, so it is unlikely
|
||||
to ever be updated from v2.
|
||||
* runtime/trace: When tracing and the CPU profiler are enabled
|
||||
simultaneously, the execution trace includes CPU profile
|
||||
samples as instantaneous events.
|
||||
* syscall: On PowerPC (GOARCH=ppc64, ppc64le), Syscall, Syscall6,
|
||||
RawSyscall, and RawSyscall6 now always return 0 for return
|
||||
value r2 instead of an undefined value. On AIX and Solaris,
|
||||
Getrusage is now defined.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 12 23:39:16 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19rc2 (released 2022-07-12) is a release candidate version of
|
||||
go1.19 cut from the master branch at the revision tagged
|
||||
go1.19rc2.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 6 21:40:49 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19rc1 (released 2022-07-06) is a release candidate version of
|
||||
go1.19 cut from the master branch at the revision tagged
|
||||
go1.19rc1.
|
||||
Refs boo#1200441 go1.19 release tracking
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 14 20:00:43 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- Trace viewer html and javascript files moved from misc/trace in
|
||||
previous versions to src/cmd/trace/static in go1.19.
|
||||
* Added files with mode 0644:
|
||||
/usr/share/go/1.19/src/cmd/trace/static
|
||||
/usr/share/go/1.19/src/cmd/trace/static/README.md
|
||||
/usr/share/go/1.19/src/cmd/trace/static/trace_viewer_full.html
|
||||
/usr/share/go/1.19/src/cmd/trace/static/webcomponents.min.js
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jun 10 20:39:05 UTC 2022 - Jeff Kowalczyk <jkowalczyk@suse.com>
|
||||
|
||||
- go1.19beta1 (released 2022-06-10) is a beta version of go1.19 cut
|
||||
from the master branch at the revision tagged go1.19beta1.
|
||||
Refs boo#1200441 go1.19 release tracking
|
494
go1.19-openssl.spec
Normal file
494
go1.19-openssl.spec
Normal file
@ -0,0 +1,494 @@
|
||||
#
|
||||
# spec file for package go1.19-openssl
|
||||
#
|
||||
# Copyright (c) 2023 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
# upon. The license for this file, and modifications and additions to the
|
||||
# file, is the same license as for the pristine package itself (unless the
|
||||
# license for the pristine package is not an Open Source License, in which
|
||||
# case the license is the MIT License). An "Open Source License" is a
|
||||
# license that conforms to the Open Source Definition (Version 1.9)
|
||||
# published by the Open Source Initiative.
|
||||
|
||||
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||
#
|
||||
# nodebuginfo
|
||||
|
||||
|
||||
# strip will cause Go's .a archives to become invalid because strip appears to
|
||||
# reassemble the archive incorrectly. This is a known issue upstream
|
||||
# (https://github.com/golang/go/issues/17890), but we have to deal with it in
|
||||
# the meantime.
|
||||
%undefine _build_create_debug
|
||||
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true NO_BRP_AR=true
|
||||
|
||||
# Specify Go toolchain version used to bootstrap this package's Go toolchain
|
||||
# go_bootstrap_version bootstrap go toolchain with specific existing go1.x package
|
||||
# gcc_go_version bootstrap go toolchain with specific version of gcc-go
|
||||
%if 0%{?suse_version} > 1500
|
||||
# openSUSE Tumbleweed
|
||||
# Usually ahead of bootstrap version specified by upstream Go
|
||||
# Use Tumbleweed default gccgo and N-1 go1.x for testing
|
||||
%define gcc_go_version 13
|
||||
%define go_bootstrap_version go1.18
|
||||
%else
|
||||
# Use gccgo and go1.x specified by upstream Go
|
||||
%define gcc_go_version 11
|
||||
%define go_bootstrap_version go1.17
|
||||
%endif
|
||||
|
||||
# Bootstrap go toolchain using existing go package go_bootstrap_version
|
||||
# To bootstrap using gccgo use '--with gccgo'
|
||||
%bcond_with gccgo
|
||||
|
||||
# gccgo on ppc64le with default PIE enabled fails with:
|
||||
# error while loading shared libraries:
|
||||
# R_PPC64_ADDR16_HA re10143fb0c for symbol `' out of range
|
||||
# track https://github.com/golang/go/issues/28531
|
||||
# linuxppc-dev discussion:
|
||||
# "PIE binaries are no longer mapped below 4 GiB on ppc64le"
|
||||
# https://lists.ozlabs.org/pipermail/linuxppc-dev/2018-November/180862.html
|
||||
%ifarch ppc64le
|
||||
#!BuildIgnore: gcc-PIE
|
||||
%endif
|
||||
|
||||
# Build go-race only on platforms where C++14 is supported (SLE-15)
|
||||
%if 0%{?suse_version} >= 1500 || 0%{?sle_version} >= 150000
|
||||
%define tsan_arch x86_64 aarch64 s390x ppc64le
|
||||
%else
|
||||
# Cannot use {nil} here (ifarch doesn't like it) so just make up a fake
|
||||
# architecture that no build will ever match.
|
||||
%define tsan_arch openSUSE_FAKE_ARCH
|
||||
%endif
|
||||
|
||||
# Go has precompiled versions of LLVM's compiler-rt inside their source code.
|
||||
# We cannot ship pre-compiled binaries so we have to recompile said source,
|
||||
# however they vendor specific commits from upstream. This value comes from
|
||||
# src/runtime/race/README (and we verify that it matches in check).
|
||||
#
|
||||
# In order to update the TSAN version, modify _service. See boo#1052528 for
|
||||
# more details.
|
||||
%ifarch x86_64 %{?x86_64}
|
||||
%define tsan_commit 127e59048cd3d8dbb80c14b3036918c114089529
|
||||
%else
|
||||
%define tsan_commit 41cb504b7c4b18ac15830107431a0c1eec73a6b2
|
||||
%endif
|
||||
|
||||
# go_api is the major version of Go.
|
||||
# Used by go1.x packages and go metapackage for:
|
||||
# RPM Provides: golang(API), RPM Requires: and rpm_vercmp
|
||||
# as well as derived variables such as go_label.
|
||||
%define go_api 1.19
|
||||
|
||||
# go_label is the configurable Go toolchain directory name.
|
||||
# Used for packaging multiple Go toolchains with the same go_api.
|
||||
# go_label should be defined as go_api with optional suffix, e.g.
|
||||
# go_api or go_api-foo
|
||||
%define go_label %{go_api}-openssl
|
||||
|
||||
# shared library support
|
||||
%if "%{rpm_vercmp %{go_api} 1.5}" > "0"
|
||||
%if %{with gccgo}
|
||||
%define with_shared 1
|
||||
%else
|
||||
%ifarch %ix86 %arm x86_64 aarch64
|
||||
%define with_shared 1
|
||||
%else
|
||||
%define with_shared 0
|
||||
%endif
|
||||
%endif
|
||||
%else
|
||||
%define with_shared 0
|
||||
%endif
|
||||
%ifarch ppc64
|
||||
%define with_shared 0
|
||||
%endif
|
||||
# setup go_arch (BSD-like scheme)
|
||||
%ifarch %ix86
|
||||
%define go_arch 386
|
||||
%endif
|
||||
%ifarch x86_64
|
||||
%define go_arch amd64
|
||||
# set GOAMD64 consistently
|
||||
%define go_amd64 v1
|
||||
%endif
|
||||
%ifarch aarch64
|
||||
%define go_arch arm64
|
||||
%endif
|
||||
%ifarch %arm
|
||||
%define go_arch arm
|
||||
%endif
|
||||
%ifarch ppc64
|
||||
%define go_arch ppc64
|
||||
%endif
|
||||
%ifarch ppc64le
|
||||
%define go_arch ppc64le
|
||||
%endif
|
||||
%ifarch s390x
|
||||
%define go_arch s390x
|
||||
%endif
|
||||
%ifarch riscv64
|
||||
%define go_arch riscv64
|
||||
%endif
|
||||
|
||||
Name: go1.19-openssl
|
||||
Version: 1.19.13.1
|
||||
# # Drop our added final dot and digit to define upstream version
|
||||
%define shortversion 1.19.13
|
||||
Release: 0
|
||||
Summary: A compiled, garbage-collected, concurrent programming language
|
||||
License: BSD-3-Clause
|
||||
Group: Development/Languages/Go
|
||||
URL: https://go.dev/
|
||||
Source: https://go.dev/dl/go%{shortversion}.src.tar.gz
|
||||
Source1: go-rpmlintrc
|
||||
Source4: README.SUSE
|
||||
Source6: go.gdbinit
|
||||
Source10: go%{version}-openssl.src.tar.gz
|
||||
# We have to compile TSAN ourselves. boo#1052528
|
||||
# Preferred form when all arches share llvm race version
|
||||
# Source100: llvm-%{tsan_commit}.tar.xz
|
||||
Source100: llvm-127e59048cd3d8dbb80c14b3036918c114089529.tar.xz
|
||||
Source101: llvm-41cb504b7c4b18ac15830107431a0c1eec73a6b2.tar.xz
|
||||
# PATCH-FIX-OPENSUSE: https://go-review.googlesource.com/c/go/+/391115
|
||||
Patch7: dont-force-gold-on-arm64.patch
|
||||
# PATCH-FIX-UPSTREAM marguerite@opensuse.org - find /usr/bin/go-8 when bootstrapping with gcc8-go
|
||||
Patch8: gcc-go.patch
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
# boostrap
|
||||
%if %{with gccgo}
|
||||
BuildRequires: gcc%{gcc_go_version}-go
|
||||
%else
|
||||
# no gcc-go
|
||||
BuildRequires: %{go_bootstrap_version}
|
||||
%endif
|
||||
BuildRequires: fdupes
|
||||
Suggests: %{name}-doc = %{version}
|
||||
%if 0%{?suse_version} > 1500
|
||||
# openSUSE Tumbleweed
|
||||
Suggests: %{name}-libstd = %{version}
|
||||
%endif
|
||||
%ifarch %{tsan_arch}
|
||||
# Needed to compile compiler-rt/TSAN.
|
||||
BuildRequires: gcc-c++
|
||||
%endif
|
||||
#BNC#818502 debug edit tool of rpm fails on i586 builds
|
||||
BuildRequires: rpm >= 4.11.1
|
||||
Requires(post): update-alternatives
|
||||
Requires(postun):update-alternatives
|
||||
Requires: gcc
|
||||
BuildRequires: libopenssl-devel
|
||||
Requires: libopenssl-devel
|
||||
Provides: go = %{version}
|
||||
Provides: go-devel = go%{version}
|
||||
Provides: go-devel-static = go%{version}
|
||||
Provides: golang(API) = %{go_api}
|
||||
Obsoletes: go-devel < go%{version}
|
||||
# go-vim/emacs were separate projects starting from 1.4
|
||||
Obsoletes: go-emacs <= 1.3.3
|
||||
Obsoletes: go-vim <= 1.3.3
|
||||
ExclusiveArch: %ix86 x86_64 %arm aarch64 ppc64 ppc64le s390x riscv64
|
||||
|
||||
%description
|
||||
Go is an expressive, concurrent, garbage collected systems programming language
|
||||
that is type safe and memory safe. It has pointers but no pointer arithmetic.
|
||||
Go has fast builds, clean syntax, garbage collection, methods for any type, and
|
||||
run-time reflection. It feels like a dynamic language but has the speed and
|
||||
safety of a static language.
|
||||
|
||||
%package doc
|
||||
Summary: Go documentation
|
||||
Group: Documentation/Other
|
||||
Provides: go-doc = %{version}
|
||||
|
||||
%description doc
|
||||
Go examples and documentation.
|
||||
|
||||
%ifarch %{tsan_arch}
|
||||
# boo#1052528
|
||||
%package race
|
||||
Summary: Go runtime race detector
|
||||
Group: Development/Languages/Go
|
||||
URL: https://compiler-rt.llvm.org/
|
||||
Requires: %{name} = %{version}
|
||||
Supplements: %{name} = %{version}
|
||||
ExclusiveArch: %{tsan_arch}
|
||||
|
||||
%description race
|
||||
Go runtime race detector libraries. Install this package if you wish to use the
|
||||
-race option, in order to detect race conditions present in your Go programs.
|
||||
%endif
|
||||
|
||||
%if %{with_shared}
|
||||
%if 0%{?suse_version} > 1500
|
||||
# openSUSE Tumbleweed
|
||||
%package libstd
|
||||
Summary: Go compiled shared library libstd.so
|
||||
Group: Development/Languages/Go
|
||||
Provides: go-libstd = %{version}
|
||||
|
||||
%description libstd
|
||||
Go standard library compiled to a dynamically loadable shared object libstd.so
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%prep
|
||||
%ifarch %{tsan_arch}
|
||||
# compiler-rt (from LLVM)
|
||||
%ifarch x86_64
|
||||
%setup -q -T -b 100 -n llvm-%{tsan_commit}
|
||||
%else
|
||||
%setup -q -T -b 101 -n llvm-%{tsan_commit}
|
||||
%endif
|
||||
%endif
|
||||
|
||||
# go
|
||||
%setup -q -n go
|
||||
# Write go version into VERSION file in go source top level directory.
|
||||
# Needed for go build scripts to operate without assuming .git/ present.
|
||||
echo -n "go%{version}" > %{_builddir}/go/VERSION
|
||||
%patch -P 7 -p1
|
||||
%if %{with gccgo}
|
||||
# Currently gcc-go does not manage an update-alternatives entry and will
|
||||
# never be symlinked as "go", even if gcc-go is the only installed go toolchain.
|
||||
# Patch go bootstrap scripts to find hardcoded go-(gcc-go-version) e.g. go-8
|
||||
# Substitute defined gcc_go_version into gcc-go.patch
|
||||
sed -i "s/\$gcc_go_version/%{gcc_go_version}/" $RPM_SOURCE_DIR/gcc-go.patch
|
||||
%patch -P 8 -p1
|
||||
%endif
|
||||
|
||||
cp %{SOURCE4} .
|
||||
|
||||
# Apply golang-fips OpenSSL patch set to upstream go1.x sources
|
||||
%setup -q -D -T -b 10 -n go
|
||||
patch -p1 <patches/000-initial-setup.patch
|
||||
patch -p1 <patches/001-initial-openssl-for-fips.patch
|
||||
|
||||
%build
|
||||
# Remove the pre-included .sysos, to avoid shipping things we didn't compile
|
||||
# (which is against the openSUSE guidelines for packaging).
|
||||
# FIPS: retain boringcrypto .syso for now, not in use case for FIPS mode
|
||||
# go/src/crypto/internal/boring/nboringcrypto/goboringcrypto_linux_amd64.syso
|
||||
find . -type f -name '*.syso' ! -name '*boring*.syso' -print -delete
|
||||
# TODO: Rebuild using
|
||||
# BuildRequire: boringssl-devel
|
||||
# GO_LDFLAGS pkg-config(libboringssl1) (spelling TBD)
|
||||
# boringssl packages are currently present in Factory, not in SLE
|
||||
|
||||
# First, compile LLVM's TSAN, and replace the built-in with it. We can only do
|
||||
# this for amd64.
|
||||
%ifarch %{tsan_arch}
|
||||
TSAN_DIR="../llvm-%{tsan_commit}/compiler-rt/lib/tsan/go"
|
||||
pushd "$TSAN_DIR"
|
||||
./buildgo.sh
|
||||
popd
|
||||
cp -v "$TSAN_DIR/race_linux_%{go_arch}.syso" src/runtime/race/
|
||||
%endif
|
||||
|
||||
# Now, compile Go.
|
||||
%if %{with gccgo}
|
||||
export GOROOT_BOOTSTRAP=%{_prefix}
|
||||
%else
|
||||
export GOROOT_BOOTSTRAP=%{_libdir}/%{go_bootstrap_version}
|
||||
%endif
|
||||
# Ensure ARM arch is set properly - boo#1169832
|
||||
%ifarch armv6l armv6hl
|
||||
export GOARCH=arm
|
||||
export GOARM=6
|
||||
%endif
|
||||
%ifarch armv7l armv7hl
|
||||
export GOARCH=arm
|
||||
export GOARM=7
|
||||
%endif
|
||||
%ifarch x86_64 %{?x86_64}
|
||||
# use the baseline defined above. Other option is GOAMD64=v3 for x86_64_v3 support
|
||||
export GOAMD64=%go_amd64
|
||||
%endif
|
||||
export GOROOT="`pwd`"
|
||||
export GOROOT_FINAL=%{_libdir}/go/%{go_label}
|
||||
export GOBIN="$GOROOT/bin"
|
||||
mkdir -p "$GOBIN"
|
||||
cd src
|
||||
HOST_EXTRA_CFLAGS="%{optflags} -Wno-error" ./make.bash -v
|
||||
|
||||
cd ../
|
||||
%ifarch %{tsan_arch}
|
||||
# Install TSAN-friendly version of the std libraries.
|
||||
bin/go install -race std
|
||||
%endif
|
||||
|
||||
%if %{with_shared}
|
||||
%if 0%{?suse_version} > 1500
|
||||
# openSUSE Tumbleweed
|
||||
# Compile Go standard library as a dynamically loaded shared object libstd.so
|
||||
# for inclusion in a subpackage which can be installed standalone.
|
||||
# Upstream Go binary releases do not ship a compiled libstd.so.
|
||||
# Standard practice is to build Go binaries as a single executable.
|
||||
# Upstream Go discussed removing this feature, opted to fix current support:
|
||||
# Relevant upstream comments on: https://github.com/golang/go/issues/47788
|
||||
#
|
||||
# -buildmode=shared
|
||||
# Combine all the listed non-main packages into a single shared
|
||||
# library that will be used when building with the -linkshared
|
||||
# option. Packages named main are ignored.
|
||||
#
|
||||
# -linkshared
|
||||
# build code that will be linked against shared libraries previously
|
||||
# created with -buildmode=shared.
|
||||
bin/go install -buildmode=shared std
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%check
|
||||
%ifarch %{tsan_arch}
|
||||
# Make sure that we have the right TSAN checked out.
|
||||
grep "^race_linux_%{go_arch}.syso built with LLVM %{tsan_commit}" src/runtime/race/README
|
||||
%endif
|
||||
|
||||
%install
|
||||
export GOROOT="%{buildroot}%{_libdir}/go/%{go_label}"
|
||||
|
||||
# locations for third party libraries, see README-openSUSE for info about locations.
|
||||
install -d %{buildroot}%{_datadir}/go/%{go_label}/contrib
|
||||
install -d $GOROOT/contrib/pkg/linux_%{go_arch}
|
||||
ln -s %{_libdir}/go/%{go_label}/contrib/pkg/ %{buildroot}%{_datadir}/go/%{go_label}/contrib/pkg
|
||||
install -d %{buildroot}%{_datadir}/go/%{go_label}/contrib/cmd
|
||||
install -d %{buildroot}%{_datadir}/go/%{go_label}/contrib/src
|
||||
ln -s %{_datadir}/go/%{go_label}/contrib/src/ %{buildroot}%{_libdir}/go/%{go_label}/contrib/src
|
||||
install -Dm644 README.SUSE $GOROOT/contrib/
|
||||
ln -s %{_libdir}/go/%{go_label}/contrib/README.SUSE %{buildroot}%{_datadir}/go/%{go_label}/contrib/README.SUSE
|
||||
|
||||
# source files for go install, godoc, etc
|
||||
install -d %{buildroot}%{_datadir}/go/%{go_label}
|
||||
for ext in *.{go,c,h,s,S,py,syso,bin}; do
|
||||
find src -name ${ext} -exec install -Dm644 \{\} %{buildroot}%{_datadir}/go/%{go_label}/\{\} \;
|
||||
done
|
||||
# executable bash scripts called by go tool, etc
|
||||
find src -name "*.bash" -exec install -Dm655 \{\} %{buildroot}%{_datadir}/go/%{go_label}/\{\} \;
|
||||
# Trace viewer html and javascript files moved from misc/trace in
|
||||
# previous versions to src/cmd/trace/static in go1.19.
|
||||
# static contains pprof trace viewer html javascript and markdown
|
||||
install -d %{buildroot}%{_datadir}/go/%{go_label}/src/cmd/trace/static
|
||||
install -Dm644 src/cmd/trace/static/* %{buildroot}%{_datadir}/go/%{go_label}/src/cmd/trace/static
|
||||
# pprof viewer html templates are needed for import runtime/pprof
|
||||
install -d %{buildroot}%{_datadir}/go/%{go_label}/src/cmd/vendor/github.com/google/pprof/internal/driver/html
|
||||
install -Dm644 src/cmd/vendor/github.com/google/pprof/internal/driver/html/* %{buildroot}%{_datadir}/go/%{go_label}/src/cmd/vendor/github.com/google/pprof/internal/driver/html
|
||||
|
||||
mkdir -p $GOROOT/src
|
||||
for i in $(ls %{buildroot}/usr/share/go/%{go_label}/src);do
|
||||
ln -s /usr/share/go/%{go_label}/src/$i $GOROOT/src/$i
|
||||
done
|
||||
# add lib files that are needed (such as the timezone database).
|
||||
install -d $GOROOT/lib
|
||||
find lib -type f -exec install -D -m644 {} $GOROOT/{} \;
|
||||
|
||||
# copy document templates, packages, obj libs and command utilities
|
||||
mkdir -p $GOROOT/bin
|
||||
# remove bootstrap
|
||||
rm -rf pkg/bootstrap
|
||||
mv pkg $GOROOT
|
||||
mv bin/* $GOROOT/bin
|
||||
# add wasm (Web Assembly) boo#1139210
|
||||
mkdir -p $GOROOT/misc/wasm
|
||||
mv misc/wasm/* $GOROOT/misc/wasm
|
||||
rm -f %{buildroot}%{_bindir}/{hgpatch,quietgcc}
|
||||
|
||||
# gdbinit
|
||||
install -Dm644 %{SOURCE6} $GOROOT/bin/gdbinit.d/go.gdb
|
||||
%if "%{_lib}" == "lib64"
|
||||
sed -i "s/lib/lib64/" $GOROOT/bin/gdbinit.d/go.gdb
|
||||
sed -i "s/\$go_label/%{go_label}/" $GOROOT/bin/gdbinit.d/go.gdb
|
||||
%endif
|
||||
|
||||
# update-alternatives
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/alternatives
|
||||
mkdir -p %{buildroot}%{_bindir}
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/profile.d
|
||||
mkdir -p %{buildroot}%{_sysconfdir}/gdbinit.d
|
||||
touch %{buildroot}%{_sysconfdir}/alternatives/{go,gofmt,go.gdb}
|
||||
ln -sf %{_sysconfdir}/alternatives/go %{buildroot}%{_bindir}/go
|
||||
ln -sf %{_sysconfdir}/alternatives/gofmt %{buildroot}%{_bindir}/gofmt
|
||||
ln -sf %{_sysconfdir}/alternatives/go.gdb %{buildroot}%{_sysconfdir}/gdbinit.d/go.gdb
|
||||
|
||||
# documentation and examples
|
||||
# fix documetation permissions (rpmlint warning)
|
||||
find doc/ misc/ -type f -exec chmod 0644 '{}' +
|
||||
# remove unwanted arch-dependant binaries (rpmlint warning)
|
||||
rm -rf misc/cgo/test/{_*,*.o,*.out,*.6,*.8}
|
||||
# prepare go-doc
|
||||
mkdir -p %{buildroot}%{_docdir}/go/%{go_label}
|
||||
cp -r CONTRIBUTING.md LICENSE PATENTS README.md README.OpenSSL README.SUSE %{buildroot}%{_docdir}/go/%{go_label}
|
||||
cp -r doc/* %{buildroot}%{_docdir}/go/%{go_label}
|
||||
|
||||
%fdupes -s %{buildroot}%{_prefix}
|
||||
|
||||
%post
|
||||
|
||||
update-alternatives \
|
||||
--install %{_bindir}/go go %{_libdir}/go/%{go_label}/bin/go $((20+$(echo %{go_label} | cut -d. -f2))) \
|
||||
--slave %{_bindir}/gofmt gofmt %{_libdir}/go/%{go_label}/bin/gofmt \
|
||||
--slave %{_sysconfdir}/gdbinit.d/go.gdb go.gdb %{_libdir}/go/%{go_label}/bin/gdbinit.d/go.gdb
|
||||
|
||||
%postun
|
||||
if [ $1 -eq 0 ] ; then
|
||||
update-alternatives --remove go %{_libdir}/go/%{go_label}/bin/go
|
||||
fi
|
||||
|
||||
%files
|
||||
%{_bindir}/go
|
||||
%{_bindir}/gofmt
|
||||
%dir %{_libdir}/go
|
||||
%{_libdir}/go/%{go_label}
|
||||
%dir %{_datadir}/go
|
||||
%{_datadir}/go/%{go_label}
|
||||
%dir %{_sysconfdir}/gdbinit.d/
|
||||
%config %{_sysconfdir}/gdbinit.d/go.gdb
|
||||
%ghost %{_sysconfdir}/alternatives/go
|
||||
%ghost %{_sysconfdir}/alternatives/gofmt
|
||||
%ghost %{_sysconfdir}/alternatives/go.gdb
|
||||
%dir %{_docdir}/go
|
||||
%dir %{_docdir}/go/%{go_label}
|
||||
%doc %{_docdir}/go/%{go_label}/CONTRIBUTING.md
|
||||
%doc %{_docdir}/go/%{go_label}/PATENTS
|
||||
%doc %{_docdir}/go/%{go_label}/README.md
|
||||
%doc %{_docdir}/go/%{go_label}/README.SUSE
|
||||
%doc %{_docdir}/go/%{go_label}/README.OpenSSL
|
||||
%if 0%{?suse_version} < 1500
|
||||
%doc %{_docdir}/go/%{go_label}/LICENSE
|
||||
%else
|
||||
%license %{_docdir}/go/%{go_label}/LICENSE
|
||||
%endif
|
||||
|
||||
# We don't include TSAN in the main Go package.
|
||||
%ifarch %{tsan_arch}
|
||||
%exclude %{_datadir}/go/%{go_label}/src/runtime/race/race_linux_%{go_arch}.syso
|
||||
%endif
|
||||
|
||||
# We don't include libstd.so in the main Go package.
|
||||
%if %{with_shared}
|
||||
%if 0%{?suse_version} > 1500
|
||||
# openSUSE Tumbleweed
|
||||
# ./go/1.19/pkg/linux_amd64_dynlink/libstd.so
|
||||
%exclude %{_libdir}/go/%{go_label}/pkg/linux_%{go_arch}_dynlink/libstd.so
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%files doc
|
||||
%doc %{_docdir}/go/%{go_label}/*.html
|
||||
|
||||
%ifarch %{tsan_arch}
|
||||
%files race
|
||||
%{_datadir}/go/%{go_label}/src/runtime/race/race_linux_%{go_arch}.syso
|
||||
%endif
|
||||
|
||||
%if %{with_shared}
|
||||
%if 0%{?suse_version} > 1500
|
||||
# openSUSE Tumbleweed
|
||||
%files libstd
|
||||
%{_libdir}/go/%{go_label}/pkg/linux_%{go_arch}_dynlink/libstd.so
|
||||
%endif
|
||||
%endif
|
||||
|
||||
%changelog
|
BIN
go1.19.13.1-openssl.src.tar.gz
(Stored with Git LFS)
Normal file
BIN
go1.19.13.1-openssl.src.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
go1.19.13.src.tar.gz
(Stored with Git LFS)
Normal file
BIN
go1.19.13.src.tar.gz
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
llvm-127e59048cd3d8dbb80c14b3036918c114089529.tar.xz
(Stored with Git LFS)
Normal file
BIN
llvm-127e59048cd3d8dbb80c14b3036918c114089529.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
llvm-41cb504b7c4b18ac15830107431a0c1eec73a6b2.tar.xz
(Stored with Git LFS)
Normal file
BIN
llvm-41cb504b7c4b18ac15830107431a0c1eec73a6b2.tar.xz
(Stored with Git LFS)
Normal file
Binary file not shown.
Loading…
Reference in New Issue
Block a user