diff --git a/.gitignore b/.gitignore
index 0d134a169a535578f50be665b5570f9f59334b80..ceb3ab9772cdc18adb6ef1c11ae52170d4f0c895 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/go-go-1.15.14-1-openssl-fips.tar.gz
+SOURCES/go-go-1.16.7-1-openssl-fips.tar.gz
diff --git a/.golang.metadata b/.golang.metadata
index 2014281bcaded7448856d829b8eab16eecf3eb1e..413c971ec8474e83f12db9cc90e0a44aaf3e1386 100644
--- a/.golang.metadata
+++ b/.golang.metadata
@@ -1 +1 @@
-61bbdf11feebd9f91a69964bfd7a47ab885439b2 SOURCES/go-go-1.15.14-1-openssl-fips.tar.gz
+e693273f254789980a55720bd48ac8741d446f21 SOURCES/go-go-1.16.7-1-openssl-fips.tar.gz
diff --git a/SOURCES/net-http-graceful-shutdown.patch b/SOURCES/net-http-graceful-shutdown.patch
deleted file mode 100644
index 90dd711073b108d887dd314813fc020b0f61591b..0000000000000000000000000000000000000000
--- a/SOURCES/net-http-graceful-shutdown.patch
+++ /dev/null
@@ -1,157 +0,0 @@
-diff --git a/src/net/http/export_test.go b/src/net/http/export_test.go
-index 657ff9d..67a74ae 100644
---- a/src/net/http/export_test.go
-+++ b/src/net/http/export_test.go
-@@ -274,6 +274,17 @@ func (s *Server) ExportAllConnsIdle() bool {
- return true
- }
-
-+func (s *Server) ExportAllConnsByState() map[ConnState]int {
-+ states := map[ConnState]int{}
-+ s.mu.Lock()
-+ defer s.mu.Unlock()
-+ for c := range s.activeConn {
-+ st, _ := c.getState()
-+ states[st] += 1
-+ }
-+ return states
-+}
-+
- func (r *Request) WithT(t *testing.T) *Request {
- return r.WithContext(context.WithValue(r.Context(), tLogKey{}, t.Logf))
- }
-diff --git a/src/net/http/serve_test.go b/src/net/http/serve_test.go
-index 5f56932..806272b 100644
---- a/src/net/http/serve_test.go
-+++ b/src/net/http/serve_test.go
-@@ -5519,16 +5519,23 @@ func TestServerSetKeepAlivesEnabledClosesConns(t *testing.T) {
- }
- }
-
--func TestServerShutdown_h1(t *testing.T) { testServerShutdown(t, h1Mode) }
--func TestServerShutdown_h2(t *testing.T) { testServerShutdown(t, h2Mode) }
-+func TestServerShutdown_h1(t *testing.T) {
-+ testServerShutdown(t, h1Mode)
-+}
-+func TestServerShutdown_h2(t *testing.T) {
-+ testServerShutdown(t, h2Mode)
-+}
-
- func testServerShutdown(t *testing.T, h2 bool) {
- setParallel(t)
- defer afterTest(t)
- var doShutdown func() // set later
-+ var doStateCount func()
- var shutdownRes = make(chan error, 1)
-+ var statesRes = make(chan map[ConnState]int, 1)
- var gotOnShutdown = make(chan struct{}, 1)
- handler := HandlerFunc(func(w ResponseWriter, r *Request) {
-+ doStateCount()
- go doShutdown()
- // Shutdown is graceful, so it should not interrupt
- // this in-flight response. Add a tiny sleep here to
-@@ -5545,6 +5552,9 @@ func testServerShutdown(t *testing.T, h2 bool) {
- doShutdown = func() {
- shutdownRes <- cst.ts.Config.Shutdown(context.Background())
- }
-+ doStateCount = func() {
-+ statesRes <- cst.ts.Config.ExportAllConnsByState()
-+ }
- get(t, cst.c, cst.ts.URL) // calls t.Fail on failure
-
- if err := <-shutdownRes; err != nil {
-@@ -5556,6 +5566,10 @@ func testServerShutdown(t *testing.T, h2 bool) {
- t.Errorf("onShutdown callback not called, RegisterOnShutdown broken?")
- }
-
-+ if states := <-statesRes; states[StateActive] != 1 {
-+ t.Errorf("connection in wrong state, %v", states)
-+ }
-+
- res, err := cst.c.Get(cst.ts.URL)
- if err == nil {
- res.Body.Close()
-diff --git a/src/net/http/server.go b/src/net/http/server.go
-index d41b5f6..14a6336 100644
---- a/src/net/http/server.go
-+++ b/src/net/http/server.go
-@@ -324,7 +324,7 @@ func (c *conn) hijackLocked() (rwc net.Conn, buf *bufio.ReadWriter, err error) {
- return nil, nil, fmt.Errorf("unexpected Peek failure reading buffered byte: %v", err)
- }
- }
-- c.setState(rwc, StateHijacked)
-+ c.setState(rwc, StateHijacked, runHooks)
- return
- }
-
-@@ -1737,7 +1737,12 @@ func validNextProto(proto string) bool {
- return true
- }
-
--func (c *conn) setState(nc net.Conn, state ConnState) {
-+const (
-+ runHooks = true
-+ skipHooks = false
-+)
-+
-+func (c *conn) setState(nc net.Conn, state ConnState, runHook bool) {
- srv := c.server
- switch state {
- case StateNew:
-@@ -1750,6 +1755,9 @@ func (c *conn) setState(nc net.Conn, state ConnState) {
- }
- packedState := uint64(time.Now().Unix()<<8) | uint64(state)
- atomic.StoreUint64(&c.curState.atomic, packedState)
-+ if !runHook {
-+ return
-+ }
- if hook := srv.ConnState; hook != nil {
- hook(nc, state)
- }
-@@ -1803,7 +1811,7 @@ func (c *conn) serve(ctx context.Context) {
- }
- if !c.hijacked() {
- c.close()
-- c.setState(c.rwc, StateClosed)
-+ c.setState(c.rwc, StateClosed, runHooks)
- }
- }()
-
-@@ -1831,6 +1839,10 @@ func (c *conn) serve(ctx context.Context) {
- if proto := c.tlsState.NegotiatedProtocol; validNextProto(proto) {
- if fn := c.server.TLSNextProto[proto]; fn != nil {
- h := initALPNRequest{ctx, tlsConn, serverHandler{c.server}}
-+ // Mark freshly created HTTP/2 as active and prevent any server state hooks
-+ // from being run on these connections. This prevents closeIdleConns from
-+ // closing such connections. See issue https://golang.org/issue/39776.
-+ c.setState(c.rwc, StateActive, skipHooks)
- fn(c.server, tlsConn, h)
- }
- return
-@@ -1851,7 +1863,7 @@ func (c *conn) serve(ctx context.Context) {
- w, err := c.readRequest(ctx)
- if c.r.remain != c.server.initialReadLimitSize() {
- // If we read any bytes off the wire, we're active.
-- c.setState(c.rwc, StateActive)
-+ c.setState(c.rwc, StateActive, runHooks)
- }
- if err != nil {
- const errorHeaders = "\r\nContent-Type: text/plain; charset=utf-8\r\nConnection: close\r\n\r\n"
-@@ -1934,7 +1946,7 @@ func (c *conn) serve(ctx context.Context) {
- }
- return
- }
-- c.setState(c.rwc, StateIdle)
-+ c.setState(c.rwc, StateIdle, runHooks)
- c.curReq.Store((*response)(nil))
-
- if !w.conn.server.doKeepAlives() {
-@@ -2965,7 +2977,7 @@ func (srv *Server) Serve(l net.Listener) error {
- }
- tempDelay = 0
- c := srv.newConn(rw)
-- c.setState(c.rwc, StateNew) // before Serve can return
-+ c.setState(c.rwc, StateNew, runHooks) // before Serve can return
- go c.serve(connCtx)
- }
- }
diff --git a/SOURCES/reject-leading-zeros.patch b/SOURCES/reject-leading-zeros.patch
index 58dfc5b77adfff505a199010253ff575ec63d464..24fa6c851769abc304bcc7d254030a42959e05e4 100644
--- a/SOURCES/reject-leading-zeros.patch
+++ b/SOURCES/reject-leading-zeros.patch
@@ -1,12 +1,11 @@
-diff --git a/doc/go1.15.html b/doc/go1.15.html
-index c9997c0..c2315f1 100644
---- a/doc/go1.15.html
-+++ b/doc/go1.15.html
-@@ -795,6 +795,15 @@ Do not send CLs removing the interior tags from such phrases.
- The new <a href="/pkg/net/#Resolver.LookupIP"><code>Resolver.LookupIP</code></a>
- method supports IP lookups that are both network-specific and accept a context.
+diff --git a/doc/go1.16.html b/doc/go1.16.html
+index 0beb62d..fc6b668 100644
+--- a/doc/go1.16.html
++++ b/doc/go1.16.html
+@@ -891,6 +891,14 @@ func TestFoo(t *testing.T) {
+ is missing; this is common on musl-based systems and makes
+ Go programs match the behavior of C programs on those systems.
</p>
-+
+ <p><!-- CL325829 -->
+ The <a href="/pkg/net/#ParseIP"><code>ParseIP</code></a> and <a href="/pkg/net/#ParseCIDR"><code>ParseCIDR</code></a>
+ functions now reject IPv4 addresses which contain decimal components with leading zeros.
@@ -16,7 +15,7 @@ index c9997c0..c2315f1 100644
+ it is advisable to always re-encoded values after validation, which avoids this class of parser misalignment issues.
+ </p>
</dd>
- </dl>
+ </dl><!-- net -->
diff --git a/src/net/hosts_test.go b/src/net/hosts_test.go
index f850e2f..19c4399 100644
diff --git a/SOURCES/skip_test_rhbz1939923.patch b/SOURCES/skip_test_rhbz1939923.patch
new file mode 100644
index 0000000000000000000000000000000000000000..80302d09405fedb227a0bce5e2d84f5c7c30f50c
--- /dev/null
+++ b/SOURCES/skip_test_rhbz1939923.patch
@@ -0,0 +1,12 @@
+diff --git a/src/crypto/x509/x509_test.go b/src/crypto/x509/x509_test.go
+index 51dda16815..2d1e1b1e6e 100644
+--- a/src/crypto/x509/x509_test.go
++++ b/src/crypto/x509/x509_test.go
+@@ -2880,6 +2880,7 @@ func (bs *brokenSigner) Sign(_ io.Reader, _ []byte, _ crypto.SignerOpts) ([]byte
+ }
+
+ func TestCreateCertificateBrokenSigner(t *testing.T) {
++ t.Skip("TODO Fix me: rhbz#1939923")
+ template := &Certificate{
+ SerialNumber: big.NewInt(10),
+ DNSNames: []string{"example.com"},
diff --git a/SOURCES/x-text-infinite-loop.patch b/SOURCES/x-text-infinite-loop.patch
deleted file mode 100644
index ee4fb0f5dbb95623931e5428529ed7fd857df534..0000000000000000000000000000000000000000
--- a/SOURCES/x-text-infinite-loop.patch
+++ /dev/null
@@ -1,24 +0,0 @@
-diff --git a/src/vendor/golang.org/x/text/transform/transform.go b/src/vendor/golang.org/x/text/transform/transform.go
-index 520b9ad..48ec64b 100644
---- a/src/vendor/golang.org/x/text/transform/transform.go
-+++ b/src/vendor/golang.org/x/text/transform/transform.go
-@@ -648,7 +648,8 @@ func String(t Transformer, s string) (result string, n int, err error) {
- // Transform the remaining input, growing dst and src buffers as necessary.
- for {
- n := copy(src, s[pSrc:])
-- nDst, nSrc, err := t.Transform(dst[pDst:], src[:n], pSrc+n == len(s))
-+ atEOF := pSrc+n == len(s)
-+ nDst, nSrc, err := t.Transform(dst[pDst:], src[:n], atEOF)
- pDst += nDst
- pSrc += nSrc
-
-@@ -659,6 +660,9 @@ func String(t Transformer, s string) (result string, n int, err error) {
- dst = grow(dst, pDst)
- }
- } else if err == ErrShortSrc {
-+ if atEOF {
-+ return string(dst[:pDst]), pSrc, err
-+ }
- if nSrc == 0 {
- src = grow(src, 0)
- }
diff --git a/SPECS/golang.spec b/SPECS/golang.spec
index 47e184e4a0ef85189f62eb584d6ad7e8edd9f457..d266a66c004b5cfd242973f69a142bc9492737d8 100644
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@@ -95,13 +95,13 @@
%global gohostarch s390x
%endif
-%global go_api 1.15
-%global go_version 1.15.14
+%global go_api 1.16
+%global go_version 1.16.7
%global pkg_release 1
Name: golang
Version: %{go_version}
-Release: 2%{?dist}
+Release: 1%{?dist}
Summary: The Go Programming Language
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
License: BSD and Public Domain
@@ -135,37 +135,22 @@ Requires: diffutils
# we had been just removing the zoneinfo.zip, but that caused tests to fail for users that
# later run `go test -a std`. This makes it only use the zoneinfo.zip where needed in tests.
-Patch215: ./go1.5-zoneinfo_testing_only.patch
+Patch215: go1.5-zoneinfo_testing_only.patch
# Proposed patch by jcajka https://golang.org/cl/86541
-Patch221: fix_TestScript_list_std.patch
-
-# It seems this patch will be included in Go 1.14.5
-# https://github.com/golang/go/issues/39991
-# https://go-review.googlesource.com/c/go/+/240917
-#Patch240917: ppc64le_fix_missing_deferreturn.patch
+Patch221: fix_TestScript_list_std.patch
# Add an env var to optionally trigger a warning in x509 when
# Common Name is used as hostname
# rhbz#1889437
-Patch223: golang-1.15-warnCN.patch
-
-# Gracefully shut down http2 connections
-# https://go-review.googlesource.com/c/go/+/240278
-# rhbz#1888673
-Patch224: net-http-graceful-shutdown.patch
-
-# Prevent transform from entering infinite loop.
-# We're just picking the change from transform.go
-# because the encoding module is not included
-# as a vendor dependency.
-# https://go-review.googlesource.com/c/text/+/238238
-Patch225: x-text-infinite-loop.patch
+Patch223: golang-1.15-warnCN.patch
# Fix incorrect parsing of extraneous zeros in net/ip
-# https://bugzilla.redhat.com/show_bug.cgi?id=1994010
+# https://bugzilla.redhat.com/show_bug.cgi?id=1993316
# https://go-review.googlesource.com/c/go/+/325829
-Patch1994010: reject-leading-zeros.patch
+Patch1993316: reject-leading-zeros.patch
+
+Patch1939923: skip_test_rhbz1939923.patch
# Fix FIPS mode memory leaks
Patch1951877: fix-crypto-memory-leaks.patch
@@ -263,18 +248,15 @@ Requires: %{name} = %{version}-%{release}
%patch221 -p1
-#%patch240917 -p1
-
%patch223 -p1
-%patch224 -p1
-
-%patch225 -p1
+%patch1939923 -p1
-%patch1994010 -p1
+%patch1993316 -p1
%patch1951877 -p1
+
cp %{SOURCE1} ./src/runtime/
%build
@@ -541,39 +523,52 @@ cd ..
%endif
%changelog
-* Wed Sep 8 2021 David Benoit <dbenoit@redhat.com> - 1.15.14-2
-- Revert to Go 1.15.14
-- Related: rhbz#1995126
-- Reverts: rhbz#1994087
-
-* Tue Aug 17 2021 David Benoit <dbenoit@redhat.com> - 1.15.15-1
-- Rebase to Go 1.15.15
-- Resolves: rhbz#1994087
+* Tue Aug 17 2021 David Benoit <dbenoit@redhat.com> - 1.16.7-1
+- Rebase to Go 1.16.7
+- Resolves: rhbz#1994079
- Add reject leading zeros patch
-- Resolves: rhbz#1994010
-
-* Thu Jul 15 2021 David Benoit <dbenoit@redhat.com> - 1.15.14-1
-- Rebase to go-1.15.14-1-openssl-fips
-- Resolves: rhbz#1982287
-- Addresses CVE-2021-34558
+- Resolves: rhbz#1993314
-* Mon Jul 05 2021 Alejandro Sáez <asm@redhat.com> - 1.15.13-4
-- Related: rhbz#1978567
+* Wed Jul 21 2021 Derek Parker <deparker@redhat.com> - 1.16.6-2
+- Fix TestBoringServerCurves failure when run by itself
+- Resolves: rhbz#1976168
-* Thu Jun 17 2021 David Benoit <dbenoit@redhat.com> - 1.15.13-3
-- Fix zero-sized memory leak
-- Resolves: rhbz#1969700
-
-* Tue Jun 08 2021 David Benoit <dbenoit@redhat.com> - 1.15.13-2
-- Resolves: rhbz#1969700
-
-* Mon Jun 07 2021 Alejandro Sáez <asm@redhat.com> - 1.15.13-1
-- Rebase to 1.15.13
-- Related: rhbz#1967698
+* Thu Jul 15 2021 David Benoit <dbenoit@redhat.com> - 1.16.6-1
+- Rebase to go-1.16.6-1-openssl-fips
+- Resolves: rhbz#1982281
+- Addresses CVE-2021-34558
-* Thu Jun 03 2021 Alejandro Sáez <asm@redhat.com> - 1.15.12-1
-- Rebase to 1.15.12
-- Related: rhbz#1967698
+* Tue Jul 06 2021 Alejandro Sáez <asm@redhat.com> - 1.16.5-1
+- Rebase to 1.16.5
+- Removes rhbz#1955032 patch, it's already included in this release
+- Removes rhbz#1956891 patch, it's already included in this release
+- Related: rhbz#1979677
+- Related: rhbz#1968738
+- Related: rhbz#1972420
+
+* Thu Jun 17 2021 David Benoit <dbenoit@redhat.com> - 1.16.4-3
+- Fix zero-size allocation memory leak.
+- Related: rhbz#1951877
+
+* Tue Jun 08 2021 David Benoit <dbenoit@redhat.com> - 1.16.4-2
+- Resolves: rhbz#1951877
+
+* Mon May 24 2021 Alejandro Sáez <asm@redhat.com> - 1.16.4-1
+- Rebase to go-1.16.4-1-openssl-fips
+
+* Tue May 04 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-3
+- Resolves: rhbz#1956891
+
+* Thu Apr 29 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-2
+- Resolves: rhbz#1955032
+
+* Wed Mar 17 2021 Alejandro Sáez <asm@redhat.com> - 1.16.1-1
+- Rebase to go-1.16.1-2-openssl-fips
+- Resolves: rhbz#1938071
+- Adds a workaround for rhbz#1939923
+- Removes Patch224, it's on upstream -> rhbz#1888673
+- Removes Patch225, it's on upstream -> https://go-review.googlesource.com/c/text/+/238238
+- Removes old patches for cleaning purposes
* Fri Jan 22 2021 David Benoit <dbenoit@redhat.com> - 1.15.7-1
- Rebase to 1.15.7