From 78845c5791216edd116a18ab711cba7dd9608fba Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Feb 04 2020 23:14:21 +0000
Subject: import containernetworking-plugins-0.8.3-4.module+el8.1.1+5259+bcdd613a


---

diff --git a/.containernetworking-plugins.metadata b/.containernetworking-plugins.metadata
index 049b7c4..6b9039c 100644
--- a/.containernetworking-plugins.metadata
+++ b/.containernetworking-plugins.metadata
@@ -1 +1 @@
-b574080f86ef426a169014f5fc6008b280514de0 SOURCES/plugins-fe60fcd.tar.gz
+78fc72f4a51634078171068805db4e4b245c6af9 SOURCES/plugins-d5efdfe.tar.gz
diff --git a/.gitignore b/.gitignore
index 9848234..84edb48 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-SOURCES/plugins-fe60fcd.tar.gz
+SOURCES/plugins-d5efdfe.tar.gz
diff --git a/SOURCES/remove-existsErr-workaround.patch b/SOURCES/remove-existsErr-workaround.patch
deleted file mode 100644
index 55e8670..0000000
--- a/SOURCES/remove-existsErr-workaround.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-commit a5f18ede385f8f348d876635c8483640d6446d65
-Author: Michael Cambria <mcambria@redhat.com>
-Date:   Mon Jun 24 16:11:51 2019 -0400
-
-    Remove iptables mode dependent existsErr code work-around.
-    iptables fixed in iptables-1.8.1
-    commit c19fa5833a0bc0eb787799634bd26dea91fcdca1
-
-diff -up plugins-fe60fcddb897079746ec1523fd1837ab05b1e689/vendor/github.com/coreos/go-iptables/iptables/iptables.go.orig plugins-fe60fcddb897079746ec1523fd1837ab05b1e689/vendor/github.com/coreos/go-iptables/iptables/iptables.go
---- plugins-fe60fcddb897079746ec1523fd1837ab05b1e689/vendor/github.com/coreos/go-iptables/iptables/iptables.go.orig	2019-05-29 18:30:15.000000000 +0200
-+++ plugins-fe60fcddb897079746ec1523fd1837ab05b1e689/vendor/github.com/coreos/go-iptables/iptables/iptables.go	2019-07-31 09:24:30.070738570 +0200
-@@ -302,18 +302,13 @@ func (ipt *IPTables) NewChain(table, cha
- 	return ipt.run("-t", table, "-N", chain)
- }
- 
-+const existsErr = 1
-+
- // ClearChain flushed (deletes all rules) in the specified table/chain.
- // If the chain does not exist, a new one will be created
- func (ipt *IPTables) ClearChain(table, chain string) error {
- 	err := ipt.NewChain(table, chain)
- 
--	// the exit code for "this table already exists" is different for
--	// different iptables modes
--	existsErr := 1
--	if ipt.mode == "nf_tables" {
--		existsErr = 4
--	}
--
- 	eerr, eok := err.(*Error)
- 	switch {
- 	case err == nil:
diff --git a/SPECS/containernetworking-plugins.spec b/SPECS/containernetworking-plugins.spec
index f8e1ed2..ff11ffa 100644
--- a/SPECS/containernetworking-plugins.spec
+++ b/SPECS/containernetworking-plugins.spec
@@ -10,7 +10,7 @@
 
 %if ! 0%{?gobuild:1}
 %define gobuild(o:) \
-go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**};
+go build -buildmode pie -compiler gc -tags="rpm_crashtraceback no_openssl ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**};
 %define gotest(o:) go test
 %endif
 
@@ -21,22 +21,18 @@ go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -
 # https://github.com/containernetworking/plugins
 %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo}
 %global import_path %{provider_prefix}
-%global commit fe60fcddb897079746ec1523fd1837ab05b1e689
+%global commit d5efdfe1f6d6e8e9e9494e3f43be54f76c0f8fd6
 %global shortcommit %(c=%{commit}; echo ${c:0:7})
 
 Name: containernetworking-plugins
-Version: 0.8.1
-Release: 3%{?dist}
+Version: 0.8.3
+Release: 4%{?dist}
 Summary: CNI network plugins
 License: ASL 2.0
 URL: https://%{provider_prefix}
 Source0: https://%{provider_prefix}/archive/%{commit}/%{repo}-%{shortcommit}.tar.gz
-# https://github.com/coreos/go-iptables/pull/62/commits/a5f18ede385f8f348d876635c8483640d6446d65
-# resolves https://bugzilla.redhat.com/show_bug.cgi?id=1627561
-Patch0: remove-existsErr-workaround.patch
 ExcludeArch: ppc64 i686
-# If go_compiler is not set to 1, there is no virtual provide. Use golang instead.
-BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang}
+BuildRequires: golang >= 1.12.12-4
 BuildRequires: git
 BuildRequires: go-md2man
 Provides: containernetworking-cni = %{version}-%{release}
@@ -62,6 +58,7 @@ if [ ! -h gopath/src/${REPO_PATH} ]; then
 fi
 
 export GOPATH=$(pwd)/gopath
+export GO111MODULE=off
 mkdir -p $(pwd)/bin
 
 echo "Building plugins"
@@ -124,9 +121,21 @@ export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
 %{_libexecdir}/cni/*
 
 %changelog
-* Mon Nov 25 2019 Jindrich Novy <jnovy@redhat.com> - 0.8.1-3
-- rebuild to address CVE-2019-9514 and CVE-2019-9512
-- Resolves: #1766318, #1766217
+* Thu Dec 12 2019 Jindrich Novy <jnovy@redhat.com> - 0.8.3-4
+- compile with no_openssl
+- Related: RHELPLAN-25138
+
+* Wed Dec 11 2019 Jindrich Novy <jnovy@redhat.com> - 0.8.3-3
+- compile in FIPS mode
+- Related: RHELPLAN-25138
+
+* Mon Dec 09 2019 Jindrich Novy <jnovy@redhat.com> - 0.8.3-2
+- be sure to use golang >= 1.12.12-4
+- Related: RHELPLAN-25138
+
+* Thu Dec 05 2019 Jindrich Novy <jnovy@redhat.com> - 0.8.3-1
+- update to 0.8.3
+- Related: RHELPLAN-25138
 
 * Thu Aug 01 2019 Jindrich Novy <jnovy@redhat.com> - 0.8.1-2
 - backport https://github.com/coreos/go-iptables/pull/62