Update lang/go to 1.5.3.

This is a security-related release, it fixes CVE-2015-8618 that was
partically patched in 1.5.2nb1.

See full release notes for a description:

https://groups.google.com/d/msg/golang-announce/MEATuOi_ei4/JsndUuZwEAAJ

5 files changed, 9 insertions, 219 deletions

diff --git a/lang/go/Makefile b/lang/go/Makefile
index aa4939d55a7..958cdc744c1 100644
--- a/lang/go/Makefile
+++ b/lang/go/Makefile
@@ -1,10 +1,9 @@
-# $NetBSD: Makefile,v 1.36 2015/12/22 20:44:40 bsiegert Exp $
+# $NetBSD: Makefile,v 1.37 2016/01/16 09:43:44 fhajny Exp $
 
 .include "version.mk"
 
 DISTNAME=	go${GO_VERSION}.src
 PKGNAME=	go-${GO_VERSION}
-PKGREVISION=	1
 CATEGORIES=	lang
 MASTER_SITES=	https://storage.googleapis.com/golang/
 
@@ -17,7 +16,7 @@ WRKSRC=		${WRKDIR}/go
 USE_TOOLS+=	bash:run perl:run pax
 
 # uses ulimit -T
-BUILD_DEPENDS+=	bash>=4.2nb3:../../shells/bash
+# BUILD_DEPENDS+=	bash>=4.2nb3:../../shells/bash
 
 # cgo compiles under TMPDIR
 TMPDIR?=	/tmp
diff --git a/lang/go/distinfo b/lang/go/distinfo
index 81bf66abaaf..c942f139455 100644
--- a/lang/go/distinfo
+++ b/lang/go/distinfo
@@ -1,12 +1,10 @@
-$NetBSD: distinfo,v 1.30 2015/12/22 20:44:40 bsiegert Exp $
+$NetBSD: distinfo,v 1.31 2016/01/16 09:43:44 fhajny Exp $
 
-SHA1 (go1.5.2.src.tar.gz) = c7d78ba4df574b5f9a9bb5d17505f40c4d89b81c
-RMD160 (go1.5.2.src.tar.gz) = 38aec8e0f7f93c4616db58ccfc6152b3b35bbd08
-SHA512 (go1.5.2.src.tar.gz) = 7323ca7845fa4cb03d36240d759b542b142db331953f08bf8220d02465fc434478be3cb1abab52e180f29326379eab518e7b793c70c7cb440c1ab885d36bdfb8
-Size (go1.5.2.src.tar.gz) = 12056199 bytes
+SHA1 (go1.5.3.src.tar.gz) = c17563a84df8aefb6a1e703a42f1e2842615e4a6
+RMD160 (go1.5.3.src.tar.gz) = fa1fc2af054371d766523c310eee3b3204de63b3
+SHA512 (go1.5.3.src.tar.gz) = b348832ea7cb095cf793960cf9f4da5e9f6ca8de7b5262bb819de97efea4835643e30a18efd4a82d01ea3854a1905af9e134271716c4b68c9d2a8f6e15f65ff0
+Size (go1.5.3.src.tar.gz) = 12057623 bytes
 SHA1 (patch-lib_time_update.bash) = bcf565b97ae7898a9e5cef7686fe42c69bc0bba1
 SHA1 (patch-misc_io_clangwrap.sh) = cd91c47ba0fe7b6eb8009dd261c0c26c7d581c29
 SHA1 (patch-src_cmd_go_pkg.go) = ccc470577951bd00741c39229599c0c06be52d0a
-SHA1 (patch-src_math_big_nat.go) = 3043a3883c6dbb5d4b75a07cb18effea5069ea74
-SHA1 (patch-src_math_big_nat_test.go) = c64bdd6b7ec1d28c0af4f7cf92a40d6f8262d346
 SHA1 (patch-src_syscall_syscall__solaris.go) = 436371947897dcba574a6dfecc6bbcd04f6e25b2
diff --git a/lang/go/patches/patch-src_math_big_nat.go b/lang/go/patches/patch-src_math_big_nat.go
deleted file mode 100644
index ca272a5b6a5..00000000000
--- a/lang/go/patches/patch-src_math_big_nat.go
+++ /dev/null
@@ -1,63 +0,0 @@
-$NetBSD: patch-src_math_big_nat.go,v 1.1 2015/12/22 20:44:40 bsiegert Exp $
-
-From 4306352182bf94f86f0cfc6a8b0ed461cbf1d82c Mon Sep 17 00:00:00 2001
-From: Russ Cox <rsc@golang.org>
-Date: Wed, 09 Dec 2015 11:49:53 -0500
-Subject: [PATCH] math/big: fix carry propagation in Int.Exp Montgomery code
-
-Fixes #13515.
-
-Change-Id: I7dd5fbc816e5ea135f7d81f6735e7601f636fe4f
-Reviewed-on: https://go-review.googlesource.com/17672
-Reviewed-by: Robert Griesemer <gri@golang.org>
----
-
-diff --git a/src/math/big/nat.go b/src/math/big/nat.go
-index f0a8339..e60318d 100644
---- src/math/big/nat.go
-+++ src/math/big/nat.go
-@@ -196,23 +196,36 @@
- 	}
- }
- 
--// montgomery computes x*y*2^(-n*_W) mod m,
--// assuming k = -1/m mod 2^_W.
-+// montgomery computes z mod m = x*y*2**(-n*_W) mod m,
-+// assuming k = -1/m mod 2**_W.
- // z is used for storing the result which is returned;
- // z must not alias x, y or m.
-+// See Gueron, "Efficient Software Implementations of Modular Exponentiation".
-+// https://eprint.iacr.org/2011/239.pdf
-+// In the terminology of that paper, this is an "Almost Montgomery Multiplication":
-+// x and y are required to satisfy 0 <= z < 2**(n*_W) and then the result
-+// z is guaranteed to satisfy 0 <= z < 2**(n*_W), but it may not be < m.
- func (z nat) montgomery(x, y, m nat, k Word, n int) nat {
--	var c1, c2 Word
-+	// This code assumes x, y, m are all the same length, n.
-+	// (required by addMulVVW and the for loop).
-+	// It also assumes that x, y are already reduced mod m,
-+	// or else the result will not be properly reduced.
-+	if len(x) != n || len(y) != n || len(m) != n {
-+		panic("math/big: mismatched montgomery number lengths")
-+	}
-+	var c1, c2, c3 Word
- 	z = z.make(n)
- 	z.clear()
- 	for i := 0; i < n; i++ {
- 		d := y[i]
--		c1 += addMulVVW(z, x, d)
-+		c2 = addMulVVW(z, x, d)
- 		t := z[0] * k
--		c2 = addMulVVW(z, m, t)
--
-+		c3 = addMulVVW(z, m, t)
- 		copy(z, z[1:])
--		z[n-1] = c1 + c2
--		if z[n-1] < c1 {
-+		cx := c1 + c2
-+		cy := cx + c3
-+		z[n-1] = cy
-+		if cx < c2 || cy < c3 {
- 			c1 = 1
- 		} else {
- 			c1 = 0
diff --git a/lang/go/patches/patch-src_math_big_nat_test.go b/lang/go/patches/patch-src_math_big_nat_test.go
deleted file mode 100644
index d92d8870f20..00000000000
--- a/lang/go/patches/patch-src_math_big_nat_test.go
+++ /dev/null
@@ -1,144 +0,0 @@
-$NetBSD: patch-src_math_big_nat_test.go,v 1.1 2015/12/22 20:44:40 bsiegert Exp $
-
-From 4306352182bf94f86f0cfc6a8b0ed461cbf1d82c Mon Sep 17 00:00:00 2001
-From: Russ Cox <rsc@golang.org>
-Date: Wed, 09 Dec 2015 11:49:53 -0500
-Subject: [PATCH] math/big: fix carry propagation in Int.Exp Montgomery code
-
-Fixes #13515.
-
-Change-Id: I7dd5fbc816e5ea135f7d81f6735e7601f636fe4f
-Reviewed-on: https://go-review.googlesource.com/17672
-Reviewed-by: Robert Griesemer <gri@golang.org>
----
-
-diff --git a/src/math/big/nat_test.go b/src/math/big/nat_test.go
-index 3eefffc..56b62d2 100644
---- src/math/big/nat_test.go.orig	2015-12-03 00:53:01.000000000 +0000
-+++ src/math/big/nat_test.go
-@@ -341,25 +341,57 @@ var montgomeryTests = []struct {
- 		"0xffffffffffffffffffffffffffffffffffffffffffffffffe",
- 		"0xffffffffffffffffffffffffffffffffffffffffffffffffe",
- 		"0xfffffffffffffffffffffffffffffffffffffffffffffffff",
--		0x0000000000000000,
--		"0xffffffffffffffffffffffffffffffffffffffffff",
--		"0xffffffffffffffffffffffffffffffffff",
-+		1,
-+		"0x1000000000000000000000000000000000000000000",
-+		"0x10000000000000000000000000000000000",
- 	},
- 	{
--		"0x0000000080000000",
--		"0x00000000ffffffff",
-+		"0x000000000ffffff5",
-+		"0x000000000ffffff0",
- 		"0x0000000010000001",
- 		0xff0000000fffffff,
--		"0x0000000088000000",
--		"0x0000000007800001",
-+		"0x000000000bfffff4",
-+		"0x0000000003400001",
-+	},
-+	{
-+		"0x0000000080000000",
-+		"0x00000000ffffffff",
-+		"0x1000000000000001",
-+		0xfffffffffffffff,
-+		"0x0800000008000001",
-+		"0x0800000008000001",
-+	},
-+	{
-+		"0x0000000080000000",
-+		"0x0000000080000000",
-+		"0xffffffff00000001",
-+		0xfffffffeffffffff,
-+		"0xbfffffff40000001",
-+		"0xbfffffff40000001",
-+	},
-+	{
-+		"0x0000000080000000",
-+		"0x0000000080000000",
-+		"0x00ffffff00000001",
-+		0xfffffeffffffff,
-+		"0xbfffff40000001",
-+		"0xbfffff40000001",
- 	},
- 	{
--		"0xffffffffffffffffffffffffffffffff00000000000022222223333333333444444444",
--		"0xffffffffffffffffffffffffffffffff999999999999999aaabbbbbbbbcccccccccccc",
-+		"0x0000000080000000",
-+		"0x0000000080000000",
-+		"0x0000ffff00000001",
-+		0xfffeffffffff,
-+		"0xbfff40000001",
-+		"0xbfff40000001",
-+	},
-+	{
-+		"0x3321ffffffffffffffffffffffffffff00000000000022222623333333332bbbb888c0",
-+		"0x3321ffffffffffffffffffffffffffff00000000000022222623333333332bbbb888c0",
- 		"0x33377fffffffffffffffffffffffffffffffffffffffffffff0000000000022222eee1",
- 		0xdecc8f1249812adf,
--		"0x22bb05b6d95eaaeca2bb7c05e51f807bce9064b5fbad177161695e4558f9474e91cd79",
--		"0x14beb58d230f85b6d95eaaeca2bb7c05e51f807bce9064b5fb45669afa695f228e48cd",
-+		"0x04eb0e11d72329dc0915f86784820fc403275bf2f6620a20e0dd344c5cd0875e50deb5",
-+		"0x0d7144739a7d8e11d72329dc0915f86784820fc403275bf2f61ed96f35dd34dbb3d6a0",
- 	},
- 	{
- 		"0x10000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffffffffffffffffffffffffffff00000000000022222223333333333444444444",
-@@ -372,10 +404,27 @@ var montgomeryTests = []struct {
- }
- 
- func TestMontgomery(t *testing.T) {
-+	one := NewInt(1)
-+	_B := new(Int).Lsh(one, _W)
- 	for i, test := range montgomeryTests {
- 		x := natFromString(test.x)
- 		y := natFromString(test.y)
- 		m := natFromString(test.m)
-+		for len(x) < len(m) {
-+			x = append(x, 0)
-+		}
-+		for len(y) < len(m) {
-+			y = append(y, 0)
-+		}
-+
-+		if x.cmp(m) > 0 {
-+			_, r := nat(nil).div(nil, x, m)
-+			t.Errorf("#%d: x > m (%s > %s; use %s)", i, x.decimalString(), m.decimalString(), r.decimalString())
-+		}
-+		if y.cmp(m) > 0 {
-+			_, r := nat(nil).div(nil, x, m)
-+			t.Errorf("#%d: y > m (%s > %s; use %s)", i, y.decimalString(), m.decimalString(), r.decimalString())
-+		}
- 
- 		var out nat
- 		if _W == 32 {
-@@ -384,7 +433,27 @@ func TestMontgomery(t *testing.T) {
- 			out = natFromString(test.out64)
- 		}
- 
--		k0 := Word(test.k0 & _M) // mask k0 to ensure that it fits for 32-bit systems.
-+		// t.Logf("#%d: len=%d\n", i, len(m))
-+
-+		// check output in table
-+		xi := &Int{abs: x}
-+		yi := &Int{abs: y}
-+		mi := &Int{abs: m}
-+		p := new(Int).Mod(new(Int).Mul(xi, new(Int).Mul(yi, new(Int).ModInverse(new(Int).Lsh(one, uint(len(m))*_W), mi))), mi)
-+		if out.cmp(p.abs.norm()) != 0 {
-+			t.Errorf("#%d: out in table=%s, computed=%s", i, out.decimalString(), p.abs.norm().decimalString())
-+		}
-+
-+		// check k0 in table
-+		k := new(Int).Mod(&Int{abs: m}, _B)
-+		k = new(Int).Sub(_B, k)
-+		k = new(Int).Mod(k, _B)
-+		k0 := Word(new(Int).ModInverse(k, _B).Uint64())
-+		if k0 != Word(test.k0) {
-+			t.Errorf("#%d: k0 in table=%#x, computed=%#x\n", i, test.k0, k0)
-+		}
-+
-+		// check montgomery with correct k0 produces correct output
- 		z := nat(nil).montgomery(x, y, m, k0, len(m))
- 		z = z.norm()
- 		if z.cmp(out) != 0 {
diff --git a/lang/go/version.mk b/lang/go/version.mk
index ef974da46ca..6e041ad9e44 100644
--- a/lang/go/version.mk
+++ b/lang/go/version.mk
@@ -1,8 +1,8 @@
-# $NetBSD: version.mk,v 1.10 2015/12/10 20:04:54 bsiegert Exp $
+# $NetBSD: version.mk,v 1.11 2016/01/16 09:43:44 fhajny Exp $
 
 .include "../../mk/bsd.prefs.mk"
 
-GO_VERSION=	1.5.2
+GO_VERSION=	1.5.3
 GO14_VERSION=	1.4.3
 
 ONLY_FOR_PLATFORM=	*-*-i386 *-*-x86_64 *-*-evbarm