Compare commits
6 Commits
Author | SHA1 | Date |
---|---|---|
Jakub Čajka | 4fce154566 | |
Jakub Čajka | fbbbf12bd3 | |
Jakub Čajka | 9285c4304e | |
Jakub Čajka | 6974f956bc | |
Jakub Čajka | 8a9e12846a | |
Jakub Čajka | ae693342f0 |
|
@ -37,3 +37,5 @@
|
|||
/go1.7.1.src.tar.gz
|
||||
/go1.7.3.src.tar.gz
|
||||
/go1.7.4.src.tar.gz
|
||||
/go1.7.5.src.tar.gz
|
||||
/go1.7.6.src.tar.gz
|
||||
|
|
|
@ -0,0 +1,83 @@
|
|||
From 94aba76639cf4d5e30975d846bb0368db8202269 Mon Sep 17 00:00:00 2001
|
||||
From: Monis Khan <mkhan@redhat.com>
|
||||
Date: Wed, 12 Apr 2017 16:00:58 -0400
|
||||
Subject: [PATCH] encoding/asn1: support 31 bit identifiers with OID
|
||||
|
||||
The current implementation uses a max of 28 bits when decoding an
|
||||
ObjectIdentifier. This change makes it so that an int64 is used to
|
||||
accumulate up to 35 bits. If the resulting data would not overflow
|
||||
an int32, it is used as an int. Thus up to 31 bits may be used to
|
||||
represent each subidentifier of an ObjectIdentifier.
|
||||
|
||||
Fixes #19933
|
||||
|
||||
Change-Id: I95d74b64b24cdb1339ff13421055bce61c80243c
|
||||
Reviewed-on: https://go-review.googlesource.com/40436
|
||||
Reviewed-by: Adam Langley <agl@golang.org>
|
||||
Run-TryBot: Adam Langley <agl@golang.org>
|
||||
---
|
||||
src/encoding/asn1/asn1.go | 15 ++++++++++++---
|
||||
src/encoding/asn1/asn1_test.go | 3 +++
|
||||
2 files changed, 15 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/encoding/asn1/asn1.go b/src/encoding/asn1/asn1.go
|
||||
index c2c0ee420ac..65f018d0148 100644
|
||||
--- a/src/encoding/asn1/asn1.go
|
||||
+++ b/src/encoding/asn1/asn1.go
|
||||
@@ -22,6 +22,7 @@ package asn1
|
||||
import (
|
||||
"errors"
|
||||
"fmt"
|
||||
+ "math"
|
||||
"math/big"
|
||||
"reflect"
|
||||
"strconv"
|
||||
@@ -293,16 +294,24 @@ type Flag bool
|
||||
// given byte slice. It returns the value and the new offset.
|
||||
func parseBase128Int(bytes []byte, initOffset int) (ret, offset int, err error) {
|
||||
offset = initOffset
|
||||
+ var ret64 int64
|
||||
for shifted := 0; offset < len(bytes); shifted++ {
|
||||
- if shifted == 4 {
|
||||
+ // 5 * 7 bits per byte == 35 bits of data
|
||||
+ // Thus the representation is either non-minimal or too large for an int32
|
||||
+ if shifted == 5 {
|
||||
err = StructuralError{"base 128 integer too large"}
|
||||
return
|
||||
}
|
||||
- ret <<= 7
|
||||
+ ret64 <<= 7
|
||||
b := bytes[offset]
|
||||
- ret |= int(b & 0x7f)
|
||||
+ ret64 |= int64(b & 0x7f)
|
||||
offset++
|
||||
if b&0x80 == 0 {
|
||||
+ ret = int(ret64)
|
||||
+ // Ensure that the returned value fits in an int on all platforms
|
||||
+ if ret64 > math.MaxInt32 {
|
||||
+ err = StructuralError{"base 128 integer too large"}
|
||||
+ }
|
||||
return
|
||||
}
|
||||
}
|
||||
diff --git a/src/encoding/asn1/asn1_test.go b/src/encoding/asn1/asn1_test.go
|
||||
index 9976656df89..2dd799f2362 100644
|
||||
--- a/src/encoding/asn1/asn1_test.go
|
||||
+++ b/src/encoding/asn1/asn1_test.go
|
||||
@@ -7,6 +7,7 @@ package asn1
|
||||
import (
|
||||
"bytes"
|
||||
"fmt"
|
||||
+ "math"
|
||||
"math/big"
|
||||
"reflect"
|
||||
"strings"
|
||||
@@ -386,6 +387,8 @@ var tagAndLengthData = []tagAndLengthTest{
|
||||
{[]byte{0xa0, 0x81, 0x7f}, false, tagAndLength{}},
|
||||
// Tag numbers which would overflow int32 are rejected. (The value below is 2^31.)
|
||||
{[]byte{0x1f, 0x88, 0x80, 0x80, 0x80, 0x00, 0x00}, false, tagAndLength{}},
|
||||
+ // Tag numbers that fit in an int32 are valid. (The value below is 2^31 - 1.)
|
||||
+ {[]byte{0x1f, 0x87, 0xFF, 0xFF, 0xFF, 0x7F, 0x00}, true, tagAndLength{tag: math.MaxInt32}},
|
||||
// Long tag number form may not be used for tags that fit in short form.
|
||||
{[]byte{0x1f, 0x1e, 0x00}, false, tagAndLength{}},
|
||||
}
|
|
@ -0,0 +1,127 @@
|
|||
diff -up go/src/cmd/go/get.go.cve go/src/cmd/go/get.go
|
||||
--- go/src/cmd/go/get.go.cve 2017-05-23 20:35:22.000000000 +0200
|
||||
+++ go/src/cmd/go/get.go 2017-10-10 10:25:24.485047705 +0200
|
||||
@@ -401,6 +401,11 @@ func downloadPackage(p *Package) error {
|
||||
p.build.PkgRoot = filepath.Join(list[0], "pkg")
|
||||
}
|
||||
root := filepath.Join(p.build.SrcRoot, filepath.FromSlash(rootPath))
|
||||
+
|
||||
+ if err := checkNestedVCS(vcs, root, p.build.SrcRoot); err != nil {
|
||||
+ return err
|
||||
+ }
|
||||
+
|
||||
// If we've considered this repository already, don't do it again.
|
||||
if downloadRootCache[root] {
|
||||
return nil
|
||||
diff -up go/src/cmd/go/go_test.go.cve go/src/cmd/go/go_test.go
|
||||
--- go/src/cmd/go/go_test.go.cve 2017-05-23 20:35:22.000000000 +0200
|
||||
+++ go/src/cmd/go/go_test.go 2017-10-10 10:25:24.485047705 +0200
|
||||
@@ -1235,6 +1235,25 @@ func TestGetGitDefaultBranch(t *testing.
|
||||
tg.grepStdout(`\* another-branch`, "not on correct default branch")
|
||||
}
|
||||
|
||||
+func TestAccidentalGitCheckout(t *testing.T) {
|
||||
+ testenv.MustHaveExternalNetwork(t)
|
||||
+ if _, err := exec.LookPath("git"); err != nil {
|
||||
+ t.Skip("skipping because git binary not found")
|
||||
+ }
|
||||
+
|
||||
+ tg := testgo(t)
|
||||
+ defer tg.cleanup()
|
||||
+ tg.parallel()
|
||||
+ tg.tempDir("src")
|
||||
+ tg.setenv("GOPATH", tg.path("."))
|
||||
+
|
||||
+ tg.runFail("get", "-u", "vcs-test.golang.org/go/test1-svn-git")
|
||||
+ tg.grepStderr("src[\\\\/]vcs-test.* uses git, but parent .*src[\\\\/]vcs-test.* uses svn", "get did not fail for right reason")
|
||||
+
|
||||
+ tg.runFail("get", "-u", "vcs-test.golang.org/go/test2-svn-git/test2main")
|
||||
+ tg.grepStderr("src[\\\\/]vcs-test.* uses git, but parent .*src[\\\\/]vcs-test.* uses svn", "get did not fail for right reason")
|
||||
+}
|
||||
+
|
||||
func TestErrorMessageForSyntaxErrorInTestGoFileSaysFAIL(t *testing.T) {
|
||||
tg := testgo(t)
|
||||
defer tg.cleanup()
|
||||
diff -up go/src/cmd/go/vcs.go.cve go/src/cmd/go/vcs.go
|
||||
--- go/src/cmd/go/vcs.go.cve 2017-05-23 20:35:22.000000000 +0200
|
||||
+++ go/src/cmd/go/vcs.go 2017-10-10 10:30:52.151621206 +0200
|
||||
@@ -479,11 +479,29 @@ func vcsFromDir(dir, srcRoot string) (vc
|
||||
return nil, "", fmt.Errorf("directory %q is outside source root %q", dir, srcRoot)
|
||||
}
|
||||
|
||||
+ var vcsRet *vcsCmd
|
||||
+ var rootRet string
|
||||
+
|
||||
origDir := dir
|
||||
for len(dir) > len(srcRoot) {
|
||||
for _, vcs := range vcsList {
|
||||
if fi, err := os.Stat(filepath.Join(dir, "."+vcs.cmd)); err == nil && fi.IsDir() {
|
||||
- return vcs, filepath.ToSlash(dir[len(srcRoot)+1:]), nil
|
||||
+ root := filepath.ToSlash(dir[len(srcRoot)+1:])
|
||||
+ // Record first VCS we find, but keep looking,
|
||||
+ // to detect mistakes like one kind of VCS inside another.
|
||||
+ if vcsRet == nil {
|
||||
+ vcsRet = vcs
|
||||
+ rootRet = root
|
||||
+ continue
|
||||
+ }
|
||||
+ // Allow .git inside .git, which can arise due to submodules.
|
||||
+ if vcsRet == vcs && vcs.cmd == "git" {
|
||||
+ continue
|
||||
+ }
|
||||
+ // Otherwise, we have one VCS inside a different VCS.
|
||||
+ return nil, "", fmt.Errorf("directory %q uses %s, but parent %q uses %s",
|
||||
+ filepath.Join(srcRoot, rootRet), vcsRet.cmd, filepath.Join(srcRoot, root), vcs.cmd)
|
||||
+
|
||||
}
|
||||
}
|
||||
|
||||
@@ -496,9 +514,48 @@ func vcsFromDir(dir, srcRoot string) (vc
|
||||
dir = ndir
|
||||
}
|
||||
|
||||
+ if vcsRet != nil {
|
||||
+ return vcsRet, rootRet, nil
|
||||
+ }
|
||||
+
|
||||
return nil, "", fmt.Errorf("directory %q is not using a known version control system", origDir)
|
||||
}
|
||||
|
||||
+// checkNestedVCS checks for an incorrectly-nested VCS-inside-VCS
|
||||
+// situation for dir, checking parents up until srcRoot.
|
||||
+func checkNestedVCS(vcs *vcsCmd, dir, srcRoot string) error {
|
||||
+ if len(dir) <= len(srcRoot) || dir[len(srcRoot)] != filepath.Separator {
|
||||
+ return fmt.Errorf("directory %q is outside source root %q", dir, srcRoot)
|
||||
+ }
|
||||
+
|
||||
+ otherDir := dir
|
||||
+ for len(otherDir) > len(srcRoot) {
|
||||
+ for _, otherVCS := range vcsList {
|
||||
+ if _, err := os.Stat(filepath.Join(dir, "."+otherVCS.cmd)); err == nil {
|
||||
+ // Allow expected vcs in original dir.
|
||||
+ if otherDir == dir && otherVCS == vcs {
|
||||
+ continue
|
||||
+ }
|
||||
+ // Allow .git inside .git, which can arise due to submodules.
|
||||
+ if otherVCS == vcs && vcs.cmd == "git" {
|
||||
+ continue
|
||||
+ }
|
||||
+ // Otherwise, we have one VCS inside a different VCS.
|
||||
+ return fmt.Errorf("directory %q uses %s, but parent %q uses %s", dir, vcs.cmd, otherDir, otherVCS.cmd)
|
||||
+ }
|
||||
+ }
|
||||
+ // Move to parent.
|
||||
+ newDir := filepath.Dir(otherDir)
|
||||
+ if len(newDir) >= len(otherDir) {
|
||||
+ // Shouldn't happen, but just in case, stop.
|
||||
+ break
|
||||
+ }
|
||||
+ otherDir = newDir
|
||||
+ }
|
||||
+
|
||||
+ return nil
|
||||
+}
|
||||
+
|
||||
// repoRoot represents a version control system, a repo, and a root of
|
||||
// where to put it on disk.
|
||||
type repoRoot struct {
|
|
@ -0,0 +1,144 @@
|
|||
From 4be3fc33ef512532b916aa14258087e89eb47347 Mon Sep 17 00:00:00 2001
|
||||
From: Russ Cox <rsc@golang.org>
|
||||
Date: Wed, 4 Oct 2017 13:24:49 -0400
|
||||
Subject: [PATCH] [release-branch.go1.8] net/smtp: fix PlainAuth to refuse to
|
||||
send passwords to non-TLS servers
|
||||
|
||||
PlainAuth originally refused to send passwords to non-TLS servers
|
||||
and was documented as such.
|
||||
|
||||
In 2013, issue #5184 was filed objecting to the TLS requirement,
|
||||
despite the fact that it is spelled out clearly in RFC 4954.
|
||||
The only possibly legitimate use case raised was using PLAIN auth
|
||||
for connections to localhost, and the suggested fix was to let the
|
||||
server decide: if it advertises that PLAIN auth is OK, believe it.
|
||||
That approach was adopted in CL 8279043 and released in Go 1.1.
|
||||
|
||||
Unfortunately, this is exactly wrong. The whole point of the TLS
|
||||
requirement is to make sure not to send the password to the wrong
|
||||
server or to a man-in-the-middle. Instead of implementing this rule,
|
||||
CL 8279043 blindly trusts the server, so that if a man-in-the-middle
|
||||
says "it's OK, you can send me your password," PlainAuth does.
|
||||
And the documentation was not updated to reflect any of this.
|
||||
|
||||
This CL restores the original TLS check, as required by RFC 4954
|
||||
and as promised in the documentation for PlainAuth.
|
||||
It then carves out a documented exception for connections made
|
||||
to localhost (defined as "localhost", "127.0.0.1", or "::1").
|
||||
|
||||
Cherry-pick of CL 68170.
|
||||
|
||||
Change-Id: I1d3729bbd33aa2f11a03f4c000e6bb473164957b
|
||||
Reviewed-on: https://go-review.googlesource.com/68023
|
||||
Run-TryBot: Russ Cox <rsc@golang.org>
|
||||
Reviewed-by: Chris Broadfoot <cbro@golang.org>
|
||||
---
|
||||
src/net/smtp/auth.go | 33 ++++++++++++++++++---------------
|
||||
src/net/smtp/smtp_test.go | 32 ++++++++++++++++++++++----------
|
||||
2 files changed, 40 insertions(+), 25 deletions(-)
|
||||
|
||||
diff --git a/src/net/smtp/auth.go b/src/net/smtp/auth.go
|
||||
index 3f1339ebc56..fd1a472f930 100644
|
||||
--- a/src/net/smtp/auth.go
|
||||
+++ b/src/net/smtp/auth.go
|
||||
@@ -44,26 +44,29 @@ type plainAuth struct {
|
||||
}
|
||||
|
||||
// PlainAuth returns an Auth that implements the PLAIN authentication
|
||||
-// mechanism as defined in RFC 4616.
|
||||
-// The returned Auth uses the given username and password to authenticate
|
||||
-// on TLS connections to host and act as identity. Usually identity will be
|
||||
-// left blank to act as username.
|
||||
+// mechanism as defined in RFC 4616. The returned Auth uses the given
|
||||
+// username and password to authenticate to host and act as identity.
|
||||
+// Usually identity should be the empty string, to act as username.
|
||||
+//
|
||||
+// PlainAuth will only send the credentials if the connection is using TLS
|
||||
+// or is connected to localhost. Otherwise authentication will fail with an
|
||||
+// error, without sending the credentials.
|
||||
func PlainAuth(identity, username, password, host string) Auth {
|
||||
return &plainAuth{identity, username, password, host}
|
||||
}
|
||||
|
||||
+func isLocalhost(name string) bool {
|
||||
+ return name == "localhost" || name == "127.0.0.1" || name == "::1"
|
||||
+}
|
||||
+
|
||||
func (a *plainAuth) Start(server *ServerInfo) (string, []byte, error) {
|
||||
- if !server.TLS {
|
||||
- advertised := false
|
||||
- for _, mechanism := range server.Auth {
|
||||
- if mechanism == "PLAIN" {
|
||||
- advertised = true
|
||||
- break
|
||||
- }
|
||||
- }
|
||||
- if !advertised {
|
||||
- return "", nil, errors.New("unencrypted connection")
|
||||
- }
|
||||
+ // Must have TLS, or else localhost server.
|
||||
+ // Note: If TLS is not true, then we can't trust ANYTHING in ServerInfo.
|
||||
+ // In particular, it doesn't matter if the server advertises PLAIN auth.
|
||||
+ // That might just be the attacker saying
|
||||
+ // "it's ok, you can trust me with your password."
|
||||
+ if !server.TLS && !isLocalhost(server.Name) {
|
||||
+ return "", nil, errors.New("unencrypted connection")
|
||||
}
|
||||
if server.Name != a.host {
|
||||
return "", nil, errors.New("wrong host name")
|
||||
diff --git a/src/net/smtp/smtp_test.go b/src/net/smtp/smtp_test.go
|
||||
index c48fae6d5ac..15eaca524be 100644
|
||||
--- a/src/net/smtp/smtp_test.go
|
||||
+++ b/src/net/smtp/smtp_test.go
|
||||
@@ -60,29 +60,41 @@ testLoop:
|
||||
}
|
||||
|
||||
func TestAuthPlain(t *testing.T) {
|
||||
- auth := PlainAuth("foo", "bar", "baz", "servername")
|
||||
|
||||
tests := []struct {
|
||||
- server *ServerInfo
|
||||
- err string
|
||||
+ authName string
|
||||
+ server *ServerInfo
|
||||
+ err string
|
||||
}{
|
||||
{
|
||||
- server: &ServerInfo{Name: "servername", TLS: true},
|
||||
+ authName: "servername",
|
||||
+ server: &ServerInfo{Name: "servername", TLS: true},
|
||||
},
|
||||
{
|
||||
- // Okay; explicitly advertised by server.
|
||||
- server: &ServerInfo{Name: "servername", Auth: []string{"PLAIN"}},
|
||||
+ // OK to use PlainAuth on localhost without TLS
|
||||
+ authName: "localhost",
|
||||
+ server: &ServerInfo{Name: "localhost", TLS: false},
|
||||
},
|
||||
{
|
||||
- server: &ServerInfo{Name: "servername", Auth: []string{"CRAM-MD5"}},
|
||||
- err: "unencrypted connection",
|
||||
+ // NOT OK on non-localhost, even if server says PLAIN is OK.
|
||||
+ // (We don't know that the server is the real server.)
|
||||
+ authName: "servername",
|
||||
+ server: &ServerInfo{Name: "servername", Auth: []string{"PLAIN"}},
|
||||
+ err: "unencrypted connection",
|
||||
},
|
||||
{
|
||||
- server: &ServerInfo{Name: "attacker", TLS: true},
|
||||
- err: "wrong host name",
|
||||
+ authName: "servername",
|
||||
+ server: &ServerInfo{Name: "servername", Auth: []string{"CRAM-MD5"}},
|
||||
+ err: "unencrypted connection",
|
||||
+ },
|
||||
+ {
|
||||
+ authName: "servername",
|
||||
+ server: &ServerInfo{Name: "attacker", TLS: true},
|
||||
+ err: "wrong host name",
|
||||
},
|
||||
}
|
||||
for i, tt := range tests {
|
||||
+ auth := PlainAuth("foo", "bar", "baz", tt.authName)
|
||||
_, _, err := auth.Start(tt.server)
|
||||
got := ""
|
||||
if err != nil {
|
85
golang.spec
85
golang.spec
|
@ -48,7 +48,7 @@
|
|||
%endif
|
||||
|
||||
# Controls what ever we fail on failed tests
|
||||
%ifarch %{ix86} x86_64 %{arm} aarch64 %{power64}
|
||||
%ifarch %{ix86} x86_64 %{arm} aarch64 ppc64le
|
||||
%global fail_on_tests 1
|
||||
%else
|
||||
%global fail_on_tests 0
|
||||
|
@ -61,6 +61,13 @@
|
|||
%global shared 0
|
||||
%endif
|
||||
|
||||
# Pre build std lib with -race enabled
|
||||
%ifarch x86_64
|
||||
%global race 1
|
||||
%else
|
||||
%global race 0
|
||||
%endif
|
||||
|
||||
# Fedora GOROOT
|
||||
%global goroot /usr/lib/%{name}
|
||||
|
||||
|
@ -87,11 +94,11 @@
|
|||
%endif
|
||||
|
||||
%global go_api 1.7
|
||||
%global go_version 1.7.4
|
||||
%global go_version 1.7.6
|
||||
|
||||
Name: golang
|
||||
Version: 1.7.4
|
||||
Release: 2%{?dist}
|
||||
Version: 1.7.6
|
||||
Release: 3%{?dist}
|
||||
Summary: The Go Programming Language
|
||||
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
|
||||
License: BSD and Public Domain
|
||||
|
@ -134,12 +141,17 @@ Patch215: ./go1.5-zoneinfo_testing_only.patch
|
|||
Patch216: ppc64x-overflow-1.patch
|
||||
Patch217: ppc64x-overflow-2.patch
|
||||
|
||||
# Fix for https://github.com/golang/go/issues/17276
|
||||
Patch218: tzdata-fix.patch
|
||||
|
||||
# Proposed patch by mmunday https://golang.org/cl/35262
|
||||
Patch219: s390x-expose-IfInfomsg-X__ifi_pad.patch
|
||||
|
||||
Patch220: tzdata-fix.patch
|
||||
|
||||
# https://github.com/golang/go/commit/94aba76639cf4d5e30975d846bb0368db8202269
|
||||
Patch221: 31bit-OID-asn1.patch
|
||||
|
||||
Patch222: CVE-2017-15041.patch
|
||||
Patch223: CVE-2017-15042.patch
|
||||
|
||||
# Having documentation separate was broken
|
||||
Obsoletes: %{name}-docs < 1.1-4
|
||||
|
||||
|
@ -248,6 +260,17 @@ Summary: Golang shared object libraries
|
|||
%{summary}.
|
||||
%endif
|
||||
|
||||
%if %{race}
|
||||
%package race
|
||||
Summary: Golang std library with -race enabled
|
||||
%{?scl:Requires: %scl_runtime}
|
||||
|
||||
Requires: %{name} = %{version}-%{release}
|
||||
|
||||
%description race
|
||||
%{summary}
|
||||
%endif
|
||||
|
||||
%prep
|
||||
%setup -q -n go
|
||||
|
||||
|
@ -265,10 +288,14 @@ Summary: Golang shared object libraries
|
|||
%patch216 -p1
|
||||
%patch217 -p1
|
||||
|
||||
%patch218 -p1
|
||||
|
||||
%patch219 -p1
|
||||
|
||||
%patch220 -p1
|
||||
%patch221 -p1
|
||||
|
||||
%patch222 -p1
|
||||
%patch223 -p1
|
||||
|
||||
%build
|
||||
# print out system information
|
||||
uname -a
|
||||
|
@ -310,6 +337,10 @@ popd
|
|||
GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -buildmode=shared std
|
||||
%endif
|
||||
|
||||
%if %{race}
|
||||
GOROOT=$(pwd) PATH=$(pwd)/bin:$PATH go install -race std
|
||||
%endif
|
||||
|
||||
%install
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
|
@ -332,11 +363,12 @@ cwd=$(pwd)
|
|||
src_list=$cwd/go-src.list
|
||||
pkg_list=$cwd/go-pkg.list
|
||||
shared_list=$cwd/go-shared.list
|
||||
race_list=$cwd/go-race.list
|
||||
misc_list=$cwd/go-misc.list
|
||||
docs_list=$cwd/go-docs.list
|
||||
tests_list=$cwd/go-tests.list
|
||||
rm -f $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list
|
||||
touch $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list
|
||||
rm -f $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list
|
||||
touch $src_list $pkg_list $docs_list $misc_list $tests_list $shared_list $race_list
|
||||
pushd $RPM_BUILD_ROOT%{goroot}
|
||||
find src/ -type d -a \( ! -name testdata -a ! -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $src_list
|
||||
find src/ ! -type d -a \( ! -ipath '*/testdata/*' -a ! -name '*_test*.go' \) -printf '%{goroot}/%p\n' >> $src_list
|
||||
|
@ -367,6 +399,13 @@ pushd $RPM_BUILD_ROOT%{goroot}
|
|||
find pkg/*_dynlink/ ! -type d -printf '%{goroot}/%p\n' >> $shared_list
|
||||
%endif
|
||||
|
||||
%if %{race}
|
||||
|
||||
find pkg/*_race/ -type d -printf '%%%dir %{goroot}/%p\n' >> $race_list
|
||||
find pkg/*_race/ ! -type d -printf '%{goroot}/%p\n' >> $race_list
|
||||
|
||||
%endif
|
||||
|
||||
find test/ -type d -printf '%%%dir %{goroot}/%p\n' >> $tests_list
|
||||
find test/ ! -type d -printf '%{goroot}/%p\n' >> $tests_list
|
||||
find src/ -type d -a \( -name testdata -o -ipath '*/testdata/*' \) -printf '%%%dir %{goroot}/%p\n' >> $tests_list
|
||||
|
@ -484,7 +523,31 @@ fi
|
|||
%files -f go-shared.list shared
|
||||
%endif
|
||||
|
||||
%if %{race}
|
||||
%files -f go-race.list race
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Tue Oct 10 2017 Jakub Čajka <jcajka@redhat.com> - 1.7.6-3
|
||||
- fix CVE-2017-15041 and CVE-2017-15042
|
||||
|
||||
* Thu Jun 29 2017 Jakub Čajka <jcajka@redhat.com> - 1.7.6-2
|
||||
- add race subpackage
|
||||
|
||||
* Fri Jun 02 2017 Jakub Čajka <jcajka@redhat.com> - 1.7.6-1
|
||||
- bump to 1.7.6
|
||||
- fix CVE-2017-8932
|
||||
- add support for 31 OID in asn1
|
||||
- Resolves: BZ#1455191
|
||||
|
||||
* Thu Mar 16 2017 Jakub Čajka <jcajka@redhat.com> - 1.7.5-2
|
||||
- disable failure in tests on ppc64
|
||||
- include fix for tzdata-2017a
|
||||
|
||||
* Fri Jan 27 2017 Jakub Čajka <jcajka@redhat.com> - 1.7.5-1
|
||||
- bump to go1.7.5
|
||||
- Resolves: BZ#1417002
|
||||
|
||||
* Fri Jan 20 2017 Jakub Čajka <jcajka@redhat.com> - 1.7.4-2
|
||||
- Resolves: BZ#1404679
|
||||
- expose IfInfomsg.X__ifi_pad on s390x
|
||||
|
|
2
sources
2
sources
|
@ -1 +1 @@
|
|||
49c1076428a5d3b5ad7ac65233fcca2f go1.7.4.src.tar.gz
|
||||
SHA512 (go1.7.6.src.tar.gz) = b01846bfb17bf91a9c493c4d6c43bbe7e17270b9e8a229a2be4032b78ef9395f5512917ea9faab74a120c755bbd53bbd816b033caadcbb7679e91702b37f8c7f
|
||||
|
|
113
tzdata-fix.patch
113
tzdata-fix.patch
|
@ -1,34 +1,97 @@
|
|||
From c5434f2973a87acff76bac359236e690d632ce95 Mon Sep 17 00:00:00 2001
|
||||
From 8890527476e25747f063377d637b106db0008329 Mon Sep 17 00:00:00 2001
|
||||
From: Alberto Donizetti <alb.donizetti@gmail.com>
|
||||
Date: Thu, 29 Sep 2016 13:59:10 +0200
|
||||
Subject: [PATCH] time: update test for tzdata-2016g
|
||||
Date: Thu, 9 Mar 2017 13:20:54 +0100
|
||||
Subject: [PATCH] [release-branch.go1.8] time: make the ParseInLocation test
|
||||
more robust
|
||||
|
||||
Fixes #17276
|
||||
The tzdata 2017a update (2017-02-28) changed the abbreviation of the
|
||||
Asia/Baghdad time zone (used in TestParseInLocation) from 'AST' to the
|
||||
numeric '+03'.
|
||||
|
||||
Change-Id: I0188cf9bc5fdb48c71ad929cc54206d03e0b96e4
|
||||
Reviewed-on: https://go-review.googlesource.com/29995
|
||||
Reviewed-by: Brad Fitzpatrick <bradfitz@golang.org>
|
||||
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
|
||||
Update the test so that it skips the checks if we're using a recent
|
||||
tzdata release.
|
||||
|
||||
Fixes #19457
|
||||
|
||||
Change-Id: I45d705a5520743a611bdd194dc8f8d618679980c
|
||||
Reviewed-on: https://go-review.googlesource.com/37964
|
||||
Reviewed-by: Ian Lance Taylor <iant@golang.org>
|
||||
Run-TryBot: Ian Lance Taylor <iant@golang.org>
|
||||
TryBot-Result: Gobot Gobot <gobot@golang.org>
|
||||
(cherry picked from commit 91563ced5897faf729a34be7081568efcfedda31)
|
||||
Reviewed-on: https://go-review.googlesource.com/37991
|
||||
Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
|
||||
---
|
||||
src/time/time_test.go | 7 +++++--
|
||||
1 file changed, 5 insertions(+), 2 deletions(-)
|
||||
src/time/format_test.go | 41 +++++++++++++++++++++++++++++++----------
|
||||
1 file changed, 31 insertions(+), 10 deletions(-)
|
||||
|
||||
diff --git a/src/time/time_test.go b/src/time/time_test.go
|
||||
index 68236fd..2e47d08 100644
|
||||
--- a/src/time/time_test.go
|
||||
+++ b/src/time/time_test.go
|
||||
@@ -943,8 +943,11 @@ func TestLoadFixed(t *testing.T) {
|
||||
// but Go and most other systems use "east is positive".
|
||||
// So GMT+1 corresponds to -3600 in the Go zone, not +3600.
|
||||
name, offset := Now().In(loc).Zone()
|
||||
- if name != "GMT+1" || offset != -1*60*60 {
|
||||
- t.Errorf("Now().In(loc).Zone() = %q, %d, want %q, %d", name, offset, "GMT+1", -1*60*60)
|
||||
+ // The zone abbreviation is "-01" since tzdata-2016g, and "GMT+1"
|
||||
+ // on earlier versions; we accept both. (Issue #17276).
|
||||
+ if !(name == "GMT+1" || name == "-01") || offset != -1*60*60 {
|
||||
+ t.Errorf("Now().In(loc).Zone() = %q, %d, want %q or %q, %d",
|
||||
+ name, offset, "GMT+1", "-01", -1*60*60)
|
||||
diff --git a/src/time/format_test.go b/src/time/format_test.go
|
||||
index 219c2ca..d0013bc 100644
|
||||
--- a/src/time/format_test.go
|
||||
+++ b/src/time/format_test.go
|
||||
@@ -245,27 +245,45 @@ func TestParseDayOutOfRange(t *testing.T) {
|
||||
}
|
||||
}
|
||||
|
||||
+// TestParseInLocation checks that the Parse and ParseInLocation
|
||||
+// functions do not get confused by the fact that AST (Arabia Standard
|
||||
+// Time) and AST (Atlantic Standard Time) are different time zones,
|
||||
+// even though they have the same abbreviation.
|
||||
+//
|
||||
+// ICANN has been slowly phasing out invented abbreviation in favor of
|
||||
+// numeric time zones (for example, the Asia/Baghdad time zone
|
||||
+// abbreviation got changed from AST to +03 in the 2017a tzdata
|
||||
+// release); but we still want to make sure that the time package does
|
||||
+// not get confused on systems with slightly older tzdata packages.
|
||||
func TestParseInLocation(t *testing.T) {
|
||||
- // Check that Parse (and ParseInLocation) understand that
|
||||
- // Feb 01 AST (Arabia Standard Time) and Feb 01 AST (Atlantic Standard Time)
|
||||
- // are in different time zones even though both are called AST
|
||||
|
||||
baghdad, err := LoadLocation("Asia/Baghdad")
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
- t1, err := ParseInLocation("Jan 02 2006 MST", "Feb 01 2013 AST", baghdad)
|
||||
+ var t1, t2 Time
|
||||
+
|
||||
+ t1, err = ParseInLocation("Jan 02 2006 MST", "Feb 01 2013 AST", baghdad)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
}
|
||||
- t2 := Date(2013, February, 1, 00, 00, 00, 0, baghdad)
|
||||
- if t1 != t2 {
|
||||
- t.Fatalf("ParseInLocation(Feb 01 2013 AST, Baghdad) = %v, want %v", t1, t2)
|
||||
- }
|
||||
+
|
||||
_, offset := t1.Zone()
|
||||
- if offset != 3*60*60 {
|
||||
- t.Fatalf("ParseInLocation(Feb 01 2013 AST, Baghdad).Zone = _, %d, want _, %d", offset, 3*60*60)
|
||||
+
|
||||
+ // A zero offset means that ParseInLocation did not recognize the
|
||||
+ // 'AST' abbreviation as matching the current location (Baghdad,
|
||||
+ // where we'd expect a +03 hrs offset); likely because we're using
|
||||
+ // a recent tzdata release (2017a or newer).
|
||||
+ // If it happens, skip the Baghdad test.
|
||||
+ if offset != 0 {
|
||||
+ t2 = Date(2013, February, 1, 00, 00, 00, 0, baghdad)
|
||||
+ if t1 != t2 {
|
||||
+ t.Fatalf("ParseInLocation(Feb 01 2013 AST, Baghdad) = %v, want %v", t1, t2)
|
||||
+ }
|
||||
+ if offset != 3*60*60 {
|
||||
+ t.Fatalf("ParseInLocation(Feb 01 2013 AST, Baghdad).Zone = _, %d, want _, %d", offset, 3*60*60)
|
||||
+ }
|
||||
}
|
||||
|
||||
blancSablon, err := LoadLocation("America/Blanc-Sablon")
|
||||
@@ -273,6 +291,9 @@ func TestParseInLocation(t *testing.T) {
|
||||
t.Fatal(err)
|
||||
}
|
||||
|
||||
+ // In this case 'AST' means 'Atlantic Standard Time', and we
|
||||
+ // expect the abbreviation to correctly match the american
|
||||
+ // location.
|
||||
t1, err = ParseInLocation("Jan 02 2006 MST", "Feb 01 2013 AST", blancSablon)
|
||||
if err != nil {
|
||||
t.Fatal(err)
|
||||
|
|
Loading…
Reference in New Issue