Cypherpunks repositories - gostls13.git/commit

author	Russ Cox <rsc@golang.org>
	Thu, 14 Nov 2024 19:09:54 +0000 (14:09 -0500)
committer	Gopher Robot <gobot@golang.org>
	Tue, 19 Nov 2024 21:52:28 +0000 (21:52 +0000)
commit	9935dd99da40eea305685a32dbaebc4b9273593b
tree	c4c26b60efb07cf241aa66c1714d71e22fed7182	tree
parent	d13e6d0b089b72d666d0dd46f4965660ab10b712	commit \| diff

cmd/go: add basic GOFIPS140 support

GOFIPS140 does two things: (1) control whether to build binaries that
run in FIPS-140 mode by default, and (2) control which version of the
crypto/internal/fips source tree to use during a build.

This CL implements part (1). It recognizes the GOFIPS140 settings
"off" and "latest" and uses them to set the default GODEBUG=fips140
setting to "off" or "on" accordingly.

The documentation for GOFIPS140 is in a follow-up CL.

See cmd/go/internal/fips/fips.go for an overview.

For #70200.

Change-Id: I045f8ae0f19778a1e72a5cd2b6a7b0c88934fc30
Reviewed-on: https://go-review.googlesource.com/c/go/+/629198
Auto-Submit: Russ Cox <rsc@golang.org>
Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>

src/cmd/go/internal/cfg/cfg.go		diff \| blob \| history
src/cmd/go/internal/envcmd/env.go		diff \| blob \| history
src/cmd/go/internal/fips/fips.go	[new file with mode: 0644]	blob
src/cmd/go/internal/load/godebug.go		diff \| blob \| history
src/cmd/go/internal/load/pkg.go		diff \| blob \| history
src/cmd/go/internal/modload/init.go		diff \| blob \| history
src/cmd/go/internal/work/buildid.go		diff \| blob \| history
src/cmd/go/internal/work/gc.go		diff \| blob \| history
src/cmd/go/testdata/script/fips.txt	[new file with mode: 0644]	blob