golang binary missing vendored openssl fips patches. #186
Description
I am building golang v1.22.0 in fips mode on linux by applying patches provided by this repo.
RUN git clone https://github.com/golang-fips/go.git golang-fips && cd golang-fips && ./scripts/full-initialize-repo.sh go$GOLANG_VER && cd go/src && ./make.bash --no-clean
But when i run go tool , I dont see vendored openssl code inside them.
go tool nm /golang-fips/go/bin/go | grep -i openssl
go tool nm /golang-fips/go/bin/go | grep -i fips
f8f270 D crypto/internal/boring/fipstls.required
f15d30 D crypto/tls.defaultCipherSuitesFIPS
f15e30 D crypto/tls.defaultFIPSCipherSuitesTLS13
f15d10 D crypto/tls.defaultFIPSCurvePreferences
f15d50 D crypto/tls.fipsSupportedSignatureAlgorithms
Previous go version i built (go v1.20.12) used to show all vendored openssl-fips cgo symbols.
go tool nm /bin/go | grep -i DLOPEN_OPENSSL
97d370 T _cgo_b68ed06c1ed7_Cfunc__goboringcrypto_DLOPEN_OPENSSL
5e3ce0 t vendor/github.com/golang-fips/openssl-fips/openssl._Cfunc__goboringcrypto_DLOPEN_OPENSSL.abi0
1067e28 d vendor/github.com/golang-fips/openssl-fips/openssl._cgo_b68ed06c1ed7_Cfunc__goboringcrypto_DLOPEN_OPENSSL
Am i missing some recent configuration change that is required ?
go env | grep GOEXPERIMENT
GOEXPERIMENT="strictfipsruntime"
env |grep FIPS
GOLANG_FIPS=1
go env | grep CGO_ENABLED
CGO_ENABLED="1"