-
Bug
-
Resolution: Unresolved
-
Undefined
-
rhel-9.7
-
None
-
golang-1.24.3-3.el9
-
No
-
Moderate
-
rhel-pt-go
-
ssg_platform_tools
-
None
-
False
-
False
-
-
None
-
None
-
Pass
-
Automated
-
Unspecified
-
Unspecified
-
Unspecified
-
None
The net/http tests from rhel-9.7 golang-1.24.3-1.el9 internal testsuite fail when using GOLANG_FIPS=1:
[root@vm-10-0-186-254 ~]# cd /usr/lib/golang/src/net/http
[root@vm-10-0-186-254 http]# GOLANG_FIPS=1 go test -count=1
--- FAIL: TestTransportBodyAltRewind (0.00s)
transport_internal_test.go:220: EOF
transport_internal_test.go:267: Post "https://example.org/": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
2025/05/22 15:06:37 http: TLS handshake error from 127.0.0.1:35752: EOF
--- FAIL: TestNextProtoUpgrade (0.00s)
alpn_test.go:49: Get "https://127.0.0.1:38825": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
--- FAIL: TestClient (0.00s)
--- FAIL: TestClient/h2 (0.00s)
client_test.go:75: Get "https://127.0.0.1:34639": crypto/ecdh: use of X25519 is not allowed in FIPS 140-only mode
clientserver_test.go:282: server log: http: TLS handshake error from 127.0.0.1:46028: EOF
(...)
The failures are not reproducible when running without GOLANG_FIPS=1.
Please provide the package NVR for which the bug is seen:
golang-1.24.3-1.el9
Steps to reproduce
- cd /usr/lib/golang/src/net/http
- GOLANG_FIPS=1 go test -count=1
- links to
-
RHSA-2025:150489
golang bug fix and enhancement update