Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
G
golang
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Iterations
Wiki
Requirements
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Locked files
Build
Pipelines
Jobs
Pipeline schedules
Test cases
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Code review analytics
Issue analytics
Insights
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
staging
src-rhel
rpms
golang
Commits
f1e3a5c6
Commit
f1e3a5c6
authored
5 months ago
by
importbot
Browse files
Options
Downloads
Patches
Plain Diff
import golang-1.21.13-4.el9_4
parent
da0bc1d4
No related branches found
Branches containing commit
Tags
imports/c9/golang-1.21.13-4.el9_4
Tags containing commit
No related merge requests found
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
.golang.checksum
+1
-1
1 addition, 1 deletion
.golang.checksum
SOURCES/evp-digest-sign-final.patch
+92
-0
92 additions, 0 deletions
SOURCES/evp-digest-sign-final.patch
SPECS/golang.spec
+6
-1
6 additions, 1 deletion
SPECS/golang.spec
with
99 additions
and
2 deletions
.golang.checksum
+
1
−
1
View file @
f1e3a5c6
9034104ce76d82ed6f7616d19fe6a393d4a774680c041def6cd265eb12df87b8
dd184f8fe4b74345e3bc544d2016b90d7f0269b2c7658a385e1779f15df24422
This diff is collapsed.
Click to expand it.
SOURCES/evp-digest-sign-final.patch
0 → 100644
+
92
−
0
View file @
f1e3a5c6
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
index ac6c64f86d..5213b841dc 100644
--- a/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/goopenssl.h
@@ -264,7 +264,7 @@
int _goboringcrypto_HMAC_Update(GO_HMAC_CTX *ctx,
int _goboringcrypto_HMAC_CTX_reset(GO_HMAC_CTX *ctx);
void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx);
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
- unsigned char *md, unsigned int *len);
+ unsigned char *md, unsigned int len);
#include <openssl/evp.h>
#include <openssl/aes.h>
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
index 3af1924884..c76d6690aa 100644
--- a/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/hmac.go
@@ -121,7 +121,9 @@
func (h *boringHMAC) finalize() {
func (h *boringHMAC) Write(p []byte) (int, error) {
if len(p) > 0 {
- C._goboringcrypto_HMAC_Update(h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p)))
+ if C._goboringcrypto_HMAC_Update(h.ctx, (*C.uint8_t)(unsafe.Pointer(&p[0])), C.size_t(len(p))) == 0 {
+ panic("boringcrypto: HMAC_Update failed")
+ }
}
runtime.KeepAlive(h)
return len(p), nil
@@ -136,10 +138,12 @@
func (h *boringHMAC) BlockSize() int {
}
func (h *boringHMAC) Sum(in []byte) []byte {
+ size := h.Size()
if h.sum == nil {
- size := h.Size()
h.sum = make([]byte, size)
}
- C._goboringcrypto_HMAC_Final(h.ctx, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), nil)
+ if C._goboringcrypto_HMAC_Final(h.ctx, (*C.uint8_t)(unsafe.Pointer(&h.sum[0])), C.uint(size)) == 0 {
+ panic("boringcrypto: HMAC_Final failed")
+ }
return append(in, h.sum...)
}
diff --git a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
index d26ce90c82..f7dabb25e0 100644
--- a/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
+++ b/src/vendor/github.com/golang-fips/openssl/openssl/openssl_port_hmac.c
@@ -115,10 +115,10 @@
void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx)
}
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
- unsigned char *md, unsigned int *len)
+ unsigned char *md, unsigned int len)
{
EVP_MD_CTX *mdctx = NULL;
- size_t slen;
+ size_t slen = len;
int ret = 0;
mdctx = _goboringcrypto_EVP_MD_CTX_create();
@@ -128,9 +128,10 @@
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
if (_goboringcrypto_internal_EVP_MD_CTX_copy_ex(mdctx, ctx->mdctx) != 1)
goto err;
- ret = _goboringcrypto_EVP_DigestSignFinal(mdctx, md, &slen);
- if (ret == 1 && len)
- *len = slen;
+ if (_goboringcrypto_EVP_DigestSignFinal(mdctx, md, &slen) != 1)
+ goto err;
+
+ ret = 1;
err:
_goboringcrypto_EVP_MD_CTX_free(mdctx);
@@ -219,7 +220,7 @@
void _goboringcrypto_HMAC_CTX_free(GO_HMAC_CTX *ctx)
}
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
- unsigned char *md, unsigned int *len)
+ unsigned char *md, unsigned int len)
{
HMAC_CTX hctx;
int ret;
@@ -228,7 +229,7 @@
int _goboringcrypto_HMAC_Final(GO_HMAC_CTX *ctx,
if (ret != 1)
return ret;
- ret = _goboringcrypto_internal_HMAC_Final(&hctx, md, len);
+ ret = _goboringcrypto_internal_HMAC_Final(&hctx, md, &len);
_goboringcrypto_internal_HMAC_CTX_cleanup(&hctx);
return ret;
}
This diff is collapsed.
Click to expand it.
SPECS/golang.spec
+
6
−
1
View file @
f1e3a5c6
...
...
@@ -99,7 +99,7 @@
Name: golang
Version: %{version}
Release:
3
%{?dist}
Release:
4
%{?dist}
Summary: The Go Programming Language
# source tree includes several copies of Mark.Twain-Tom.Sawyer.txt under Public Domain
License: BSD and Public Domain
...
...
@@ -141,6 +141,7 @@ Requires: diffutils
# Proposed patch by jcajka https://golang.org/cl/86541
Patch221: fix_TestScript_list_std.patch
Patch230: update-api-openssl3.patch
Patch231: evp-digest-sign-final.patch
Patch1939923: skip_test_rhbz1939923.patch
...
...
@@ -534,6 +535,10 @@ cd ..
%files -n go-toolset
%changelog
* Tue Oct 01 2024 David Benoit <dbenoit@redhat.com> - 1.21.13-4
- Fix CVE-2024-9355
- Resolves: RHEL-61046
* Tue Sep 17 2024 David Benoit <dbenoit@redhat.com> - 1.21.13-3
- Related: RHEL-58226
...
...
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment