4 changed files with 53 additions and 22 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,3 @@
 SOURCES/compiler-rt-18.1.8.src.tar.xz
-SOURCES/go1.22.9-1-openssl-fips.tar.gz
-SOURCES/go1.22.9.tar.gz
+SOURCES/go1.22.5-1-openssl-fips.tar.gz
+SOURCES/go1.22.5.tar.gz
--- a/.golang.metadata
+++ b/.golang.metadata
@ -1,3 +1,3 @@
 6ecbfa5516b60adb4e4e60f991b0d8ddf5aab12a SOURCES/compiler-rt-18.1.8.src.tar.xz
-af6e318112b0e4fa6f42978d5c80e2c4fc5ca02c SOURCES/go1.22.9-1-openssl-fips.tar.gz
-3860690f8aee2de5da3cd46af6e84f4f94bfc5f0 SOURCES/go1.22.9.tar.gz
+aa46d1a360c3c9e85a2c5b75dfa927d3d4ccf016 SOURCES/go1.22.5-1-openssl-fips.tar.gz
+38de97e677498c347fb7350e40a5d61be29973f9 SOURCES/go1.22.5.tar.gz
--- a/SOURCES/fix-standard-crypto-panic.patch
+++ b/SOURCES/fix-standard-crypto-panic.patch
@ -0,0 +1,44 @@
+diff --git a/src/crypto/internal/backend/openssl.go b/src/crypto/internal/backend/openssl.go
+index 3d3a9a36ee..8dc2d46b52 100644
+--- a/src/crypto/internal/backend/openssl.go
+++ b/src/crypto/internal/backend/openssl.go
+@@ -25,6 +25,22 @@ var enabled bool
+ var knownVersions = [...]string{"3", "1.1", "11", "111", "1.0.2", "1.0.0", "10"}
+ 
+ func init() {
+	// 0: FIPS opt-out: abort the process if it is enabled and can't be disabled.
+	// 1: FIPS required: abort the process if it is not enabled and can't be enabled.
+	// other values: do not override OpenSSL configured FIPS mode.
+	var fips string
+	if v, ok := syscall.Getenv("GOLANG_FIPS"); ok {
+		fips = v
+	} else if hostFIPSModeEnabled() {
+		// System configuration can only force FIPS mode.
+		fips = "1"
+	}
+
+	// Use Go standard crypto, do not load openssl
+	if (fips != "1") {
+		return
+	}
+
+ 	version, _ := syscall.Getenv("GO_OPENSSL_VERSION_OVERRIDE")
+ 	if version == "" {
+ 		var fallbackVersion string
+@@ -49,16 +65,6 @@ func init() {
+ 	if err := openssl.Init(version); err != nil {
+ 		panic("opensslcrypto: can't initialize OpenSSL " + version + ": " + err.Error())
+ 	}
+-	// 0: FIPS opt-out: abort the process if it is enabled and can't be disabled.
+-	// 1: FIPS required: abort the process if it is not enabled and can't be enabled.
+-	// other values: do not override OpenSSL configured FIPS mode.
+-	var fips string
+-	if v, ok := syscall.Getenv("GOLANG_FIPS"); ok {
+-		fips = v
+-	} else if hostFIPSModeEnabled() {
+-		// System configuration can only force FIPS mode.
+-		fips = "1"
+-	}
+ 	switch fips {
+ 	case "0":
+ 		if openssl.FIPS() {
--- a/SPECS/golang.spec
+++ b/SPECS/golang.spec
@ -93,7 +93,7 @@
 %endif

 %global go_api 1.22
-%global go_version 1.22.9
+%global go_version 1.22.5
 %global version %{go_version}
 %global pkg_release 1

@ -154,6 +154,7 @@ Patch1939923:   skip_test_rhbz1939923.patch

 Patch4:		modify_go.env.patch
 Patch6:		skip_TestCrashDumpsAllThreads.patch
+Patch7:		fix-standard-crypto-panic.patch

 # Having documentation separate was broken
 Obsoletes:      %{name}-docs < 1.1-4
@ -583,23 +584,6 @@ cd ..
 %endif

 %changelog
-* Thu Nov 14 2024 David Benoit <dbenoit@redhat.com> - 1.22.9-2
- Fix sources
- Related: RHEL-67672
-
-* Thu Nov 14 2024 David Benoit <dbenoit@redhat.com> - 1.22.9-1
- Update to Go 1.22.9
- Resolves: RHEL-67672
-
-* Thu Oct 03 2024 Archana <aravinda@redhat.com> - 1.22.7-2
- Rebuilt to use right build target
- Related: RHEL-57867
-
-* Tue Sep 24 2024 David Benoit <dbenoit@redhat.com> - 1.22.7-1
- Update to Go 1.22.7
- Remove fix-standard-crypto-panic.patch (upstreamed)
- Resolves: RHEL-57867
-
 * Wed Aug 14 2024 David Benoit <dbenoit@redhat.com> - 1.22.5-2
 - Rebuild race detector archives from LLVM sources
 - Add golang-race subpackage
@ -709,6 +693,9 @@ cd ..
 - Rebase to Go 1.20.4
 - Resolves: rhbz#2204477

+* Fri Apr 14 2023 MSVSphere Packaging Team <packager@msvsphere.ru> - 1.20.3-1
+- Rebuilt for MSVSphere 9.2 beta
+
 * Tue Apr 11 2023 David Benoit <dbenoit@redhat.com> - 1.20.3-1
 - Rebase to Go 1.20.3
 - Remove race archives