See https://github.com/golang/go/issues/70200#issuecomment-
2468562595,
GOFIPS140 value when building the toolchain (off when not set)
is the default value for GOFIPS140,
it is buildcfg.defaultGOFIPS140,
export as buildcfg.DefaultGOFIPS140 that can be used in the cmd/go.
For #70200
Change-Id: I5a4873a718eeefda8e65bfab51d9d3d5ad2c21b6
Reviewed-on: https://go-review.googlesource.com/c/go/+/629996
Reviewed-by: Michael Matloob <matloob@golang.org>
LUCI-TryBot-Result: Go LUCI <golang-scoped@luci-project-accounts.iam.gserviceaccount.com>
Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
Reviewed-by: Filippo Valsorda <filippo@golang.org>
fmt.Fprintf(&buf, "const version = `%s`\n", findgoversion())
fmt.Fprintf(&buf, "const defaultGOOS = runtime.GOOS\n")
fmt.Fprintf(&buf, "const defaultGOARCH = runtime.GOARCH\n")
- fmt.Fprintf(&buf, "const defaultGOFIPS140 = `%s`\n", gofips140)
+ fmt.Fprintf(&buf, "const DefaultGOFIPS140 = `%s`\n", gofips140)
writefile(buf.String(), file, writeSkipSame)
}
GORISCV64, goRISCV64Changed = EnvOrAndChanged("GORISCV64", buildcfg.DefaultGORISCV64)
GOWASM, goWASMChanged = EnvOrAndChanged("GOWASM", fmt.Sprint(buildcfg.GOWASM))
- GOFIPS140, GOFIPS140Changed = EnvOrAndChanged("GOFIPS140", buildcfg.GOFIPS140)
+ GOFIPS140, GOFIPS140Changed = EnvOrAndChanged("GOFIPS140", buildcfg.DefaultGOFIPS140)
GOPROXY, GOPROXYChanged = EnvOrAndChanged("GOPROXY", "")
GOSUMDB, GOSUMDBChanged = EnvOrAndChanged("GOSUMDB", "")
GOPRIVATE = Getenv("GOPRIVATE")
env GO111MODULE=auto
env CGO_CFLAGS=nodefault
env CGO_CPPFLAGS=nodefault
+env GOFIPS140=latest
go env -changed
# linux output like GOTOOLCHAIN='local'
stdout 'GO111MODULE=''?auto''?'
stdout 'CGO_CFLAGS=''?nodefault''?'
stdout 'CGO_CPPFLAGS=''?nodefault''?'
+stdout 'GOFIPS140=''?latest''?'
go env -changed -json
stdout '"GOTOOLCHAIN": "local"'
stdout '"GO111MODULE": "auto"'
stdout '"CGO_CFLAGS": "nodefault"'
stdout '"CGO_CPPFLAGS": "nodefault"'
+stdout '"GOFIPS140": "latest"'
[GOOS:windows] env GOOS=linux
[!GOOS:windows] env GOOS=windows
-- a/go.env --
GOPROXY=s
GOAMD64=v1
+GOFIPS140=off
-- b/go.env --
GOTOOLCHAIN=local
}
func gofips140() string {
- v := envOr("GOFIPS140", defaultGOFIPS140)
+ v := envOr("GOFIPS140", DefaultGOFIPS140)
switch v {
case "off", "latest", "inprocess", "certified":
return v
return v
}
Error = fmt.Errorf("invalid GOFIPS140: must be off, latest, inprocess, certified, or vX.Y.Z")
- return defaultGOFIPS140
+ return DefaultGOFIPS140
}
// isFIPSVersion reports whether v is a valid FIPS version,