[v16.x] update to openssl-1.1.1m+quic by richardlau · Pull Request #41175 · nodejs/node

richardlau · 2021-12-14T21:14:47Z

Refs: quictls/openssl#68
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html

Updated as per https://github.com/nodejs/node/blob/v16.x-staging/doc/guides/maintaining-openssl.md

tniessen

RSLGTM

richardlau · 2021-12-14T22:57:09Z

Looks like test.parallel/test-crypto-engine is failing on macOS 😞:
e.g. https://ci.nodejs.org/job/node-test-commit-osx/nodes=osx1015/43113/testReport/junit/(root)/test/parallel_test_crypto_engine/

node:internal/crypto/util:111
    throw new ERR_CRYPTO_ENGINE_UNKNOWN(id);
    ^

Error [ERR_CRYPTO_ENGINE_UNKNOWN]: Engine "/Users/iojs/build/workspace/node-test-commit-osx/nodes/osx1015/out/Release/libtest_crypto_engine.dylib" was not found
    at new NodeError (node:internal/errors:371:5)
    at Object.setEngine (node:internal/crypto/util:111:11)
    at Object.<anonymous> (/Users/iojs/build/workspace/node-test-commit-osx/nodes/osx1015/test/parallel/test-crypto-engine.js:47:12)
    at Module._compile (node:internal/modules/cjs/loader:1101:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:17:47 {
  code: 'ERR_CRYPTO_ENGINE_UNKNOWN'
}

richardlau · 2021-12-15T00:05:38Z

Looks like test.parallel/test-crypto-engine is failing on macOS 😞: e.g. https://ci.nodejs.org/job/node-test-commit-osx/nodes=osx1015/43113/testReport/junit/(root)/test/parallel_test_crypto_engine/

node:internal/crypto/util:111
    throw new ERR_CRYPTO_ENGINE_UNKNOWN(id);
    ^

Error [ERR_CRYPTO_ENGINE_UNKNOWN]: Engine "/Users/iojs/build/workspace/node-test-commit-osx/nodes/osx1015/out/Release/libtest_crypto_engine.dylib" was not found
    at new NodeError (node:internal/errors:371:5)
    at Object.setEngine (node:internal/crypto/util:111:11)
    at Object.<anonymous> (/Users/iojs/build/workspace/node-test-commit-osx/nodes/osx1015/test/parallel/test-crypto-engine.js:47:12)
    at Module._compile (node:internal/modules/cjs/loader:1101:14)
    at Object.Module._extensions..js (node:internal/modules/cjs/loader:1153:10)
    at Module.load (node:internal/modules/cjs/loader:981:32)
    at Function.Module._load (node:internal/modules/cjs/loader:822:12)
    at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
    at node:internal/main/run_main_module:17:47 {
  code: 'ERR_CRYPTO_ENGINE_UNKNOWN'
}

Line 47 is the second of

node/test/parallel/test-crypto-engine.js

Lines 46 to 47 in 7b112d9

    
           crypto.setEngine(enginePath); 
        
           crypto.setEngine(enginePath);

There is reference to fixes in openssl-1.1.1m with dynamic engines in the changelog:

node/deps/openssl/openssl/CHANGES

Lines 10 to 12 in 603bcaa

    
           Changes between 1.1.1l and 1.1.1m [14 Dec 2021] 
        
            *) Avoid loading of a dynamic engine twice.

mcollina

lgtm

richardlau · 2021-12-15T19:17:10Z

Pulled over the same test fix from #41177.

nodejs-github-bot · 2022-01-13T16:37:09Z

CI: https://ci.nodejs.org/job/node-test-pull-request/41850/

richardlau · 2022-01-13T16:47:16Z

Rebased onto current v16.x-staging.

nodejs-github-bot · 2022-01-13T17:02:19Z

CI: https://ci.nodejs.org/job/node-test-pull-request/41851/

nodejs-github-bot · 2022-01-13T20:10:10Z

CI: https://ci.nodejs.org/job/node-test-pull-request/41858/

nodejs-github-bot · 2022-01-14T00:08:35Z

CI: https://ci.nodejs.org/job/node-test-pull-request/41862/

nodejs-github-bot · 2022-01-14T19:21:17Z

CI: https://ci.nodejs.org/job/node-test-pull-request/41884/

mhdawson

Rubber Stamp LGTM

Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay). PR-URL: nodejs#41175 Refs: quictls/openssl#68 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Michael Dawson <midawson@redhat.com>

This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1m+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: nodejs#41175 Refs: quictls/openssl#68 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Michael Dawson <midawson@redhat.com>

After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: nodejs#41175 Refs: quictls/openssl#68 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Michael Dawson <midawson@redhat.com>

richardlau · 2022-01-17T12:57:01Z

Landed in f4493c1...0466400.

nodejs-github-bot added needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. v16.x labels Dec 14, 2021

This comment has been minimized.

Sign in to view

tniessen approved these changes Dec 14, 2021

View reviewed changes

richardlau changed the title ~~[v16.x] update to openssl1.1.1m+quic~~ [v16.x] update to openssl-1.1.1m+quic Dec 14, 2021

richardlau mentioned this pull request Dec 15, 2021

deps: update to openssl-3.0.1+quic #41177

Closed

mcollina approved these changes Dec 15, 2021

View reviewed changes

richardlau force-pushed the v16.x-openssl1.1.1m+quic branch from 603bcaa to a6d890f Compare December 15, 2021 19:15

This comment has been minimized.

Sign in to view

richardlau added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Dec 15, 2021

DerekNonGeneric approved these changes Jan 10, 2022

View reviewed changes

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jan 10, 2022

danielleadams force-pushed the v16.x-staging branch 2 times, most recently from f668e82 to 95c19c3 Compare January 10, 2022 23:09

richardlau added the request-ci Add this label to start a Jenkins CI on a PR. label Jan 12, 2022

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jan 12, 2022

This comment has been minimized.

Sign in to view

github-actions bot mentioned this pull request Jan 13, 2022

CI Reliability 2022-01-13 nodejs/reliability#172

Open

18 tasks

This comment has been minimized.

Sign in to view

richardlau force-pushed the v16.x-openssl1.1.1m+quic branch from a6d890f to ef1eaad Compare January 13, 2022 16:46

richardlau added the request-ci Add this label to start a Jenkins CI on a PR. label Jan 13, 2022

github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jan 13, 2022

github-actions bot mentioned this pull request Jan 14, 2022

CI Reliability 2022-01-14 nodejs/reliability#173

Open

22 tasks

mhdawson approved these changes Jan 14, 2022

View reviewed changes

github-actions bot mentioned this pull request Jan 15, 2022

CI Reliability 2022-01-15 nodejs/reliability#174

Open

26 tasks

richardlau added 3 commits January 17, 2022 07:51

richardlau force-pushed the v16.x-openssl1.1.1m+quic branch from ef1eaad to 0466400 Compare January 17, 2022 12:56

richardlau merged commit 0466400 into nodejs:v16.x-staging Jan 17, 2022

richardlau deleted the v16.x-openssl1.1.1m+quic branch January 17, 2022 12:57

danielleadams mentioned this pull request Feb 1, 2022

v16.14.0 proposal #41804

Merged

Uh oh!

Conversation

richardlau commented Dec 14, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

This comment has been minimized.

tniessen left a comment

Choose a reason for hiding this comment

Uh oh!

richardlau commented Dec 14, 2021

Uh oh!

richardlau commented Dec 15, 2021 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

mcollina left a comment

Choose a reason for hiding this comment

Uh oh!

This comment has been minimized.

richardlau commented Dec 15, 2021

Uh oh!

This comment has been minimized.

This comment has been minimized.

This comment has been minimized.

This comment has been minimized.

nodejs-github-bot commented Jan 13, 2022

Uh oh!

richardlau commented Jan 13, 2022

Uh oh!

nodejs-github-bot commented Jan 13, 2022

Uh oh!

nodejs-github-bot commented Jan 13, 2022

Uh oh!

nodejs-github-bot commented Jan 14, 2022

Uh oh!

nodejs-github-bot commented Jan 14, 2022

Uh oh!

mhdawson left a comment

Choose a reason for hiding this comment

Uh oh!

richardlau commented Jan 17, 2022

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

6 participants

richardlau commented Dec 14, 2021 •

edited

Loading

richardlau commented Dec 15, 2021 •

edited

Loading