diff --git a/disable-tls13-fornow.patch b/disable-tls13-fornow.patch deleted file mode 100644 index e019ef4..0000000 --- a/disable-tls13-fornow.patch +++ /dev/null @@ -1,67 +0,0 @@ -diff --git a/src/crypto/tls/common.go b/src/crypto/tls/common.go -index ef0b385848..d888d1716f 100644 ---- a/src/crypto/tls/common.go -+++ b/src/crypto/tls/common.go -@@ -808,7 +808,7 @@ func (c *Config) supportedVersions(isClient bool) []uint16 { - if isClient && v < VersionTLS10 { - continue - } -- // TLS 1.3 is opt-out in Go 1.13. -+ // TLS 1.3 is opt-in in Go 1.12. - if v == VersionTLS13 && !isTLS13Supported() { - continue - } -@@ -823,11 +823,11 @@ var tls13Support struct { - cached bool - } - --// isTLS13Supported returns whether the program enabled TLS 1.3 by not opting --// out with GODEBUG=tls13=0. It's cached after the first execution. -+// isTLS13Supported returns whether the program opted into TLS 1.3 via -+// GODEBUG=tls13=1. It's cached after the first execution. - func isTLS13Supported() bool { - tls13Support.Do(func() { -- tls13Support.cached = goDebugString("tls13") != "0" -+ tls13Support.cached = goDebugString("tls13") == "1" - }) - return tls13Support.cached - } -diff --git a/src/crypto/tls/tls.go b/src/crypto/tls/tls.go -index ba6d5eba15..c42f909b93 100644 ---- a/src/crypto/tls/tls.go -+++ b/src/crypto/tls/tls.go -@@ -5,9 +5,14 @@ - // Package tls partially implements TLS 1.2, as specified in RFC 5246, - // and TLS 1.3, as specified in RFC 8446. - // --// TLS 1.3 is available on an opt-out basis in Go 1.13. To disable -+// TLS 1.3 is available only on an opt-in basis in Go 1.12. To enable - // it, set the GODEBUG environment variable (comma-separated key=value --// options) such that it includes "tls13=0". -+// options) such that it includes "tls13=1". To enable it from within -+// the process, set the environment variable before any use of TLS: -+// -+// func init() { -+// os.Setenv("GODEBUG", os.Getenv("GODEBUG")+",tls13=1") -+// } - package tls - - // BUG(agl): The crypto/tls package only implements some countermeasures -diff --git a/src/crypto/tls/tls_test.go b/src/crypto/tls/tls_test.go -index b68c074855..5003381c37 100644 ---- a/src/crypto/tls/tls_test.go -+++ b/src/crypto/tls/tls_test.go -@@ -23,6 +23,13 @@ import ( - "time" - ) - -+func init() { -+ // TLS 1.3 is opt-in for Go 1.12, but we want to run most tests with it enabled. -+ // TestTLS13Switch below tests the disabled behavior. See Issue 30055. -+ tls13Support.Do(func() {}) // defuse the sync.Once -+ tls13Support.cached = true -+} -+ - var rsaCertPEM = `-----BEGIN CERTIFICATE----- - MIIB0zCCAX2gAwIBAgIJAI/M7BYjwB+uMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV - BAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRlMSEwHwYDVQQKDBhJbnRlcm5ldCBX diff --git a/golang.spec b/golang.spec index 5876e1c..609d4d3 100644 --- a/golang.spec +++ b/golang.spec @@ -106,7 +106,7 @@ Name: golang Version: 1.13 -Release: 1%{?dist} +Release: 2%{?dist} Summary: The Go Programming Language # source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain License: BSD and Public Domain @@ -217,7 +217,6 @@ Requires: go-srpm-macros Patch1: 0001-Don-t-use-the-bundled-tzdata-at-runtime-except-for-t.patch Patch2: 0002-syscall-expose-IfInfomsg.X__ifi_pad-on-s390x.patch Patch3: 0003-cmd-go-disable-Google-s-proxy-and-sumdb.patch -Patch4: disable-tls13-fornow.patch # Having documentation separate was broken Obsoletes: %{name}-docs < 1.1-4 @@ -344,7 +343,6 @@ Requires: %{name} = %{version}-%{release} %patch1 -p1 %patch2 -p1 %patch3 -p1 -%patch4 -p1 cp %{SOURCE1} ./src/runtime/ @@ -583,6 +581,9 @@ fi %endif %changelog +* Thu Sep 05 2019 Jakub Čajka - 1.13-2 +- Back to go1.13 tls1.3 behavior + * Wed Sep 04 2019 Jakub Čajka - 1.13-1 - Rebase to go1.13