-
Notifications
You must be signed in to change notification settings - Fork 29.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[v16.x] update to openssl-1.1.1m+quic #41175
[v16.x] update to openssl-1.1.1m+quic #41175
Conversation
This comment has been minimized.
This comment has been minimized.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
RSLGTM
Looks like test.parallel/test-crypto-engine is failing on macOS 😞:
|
Line 47 is the second of node/test/parallel/test-crypto-engine.js Lines 46 to 47 in 7b112d9
There is reference to fixes in openssl-1.1.1m with dynamic engines in the changelog: node/deps/openssl/openssl/CHANGES Lines 10 to 12 in 603bcaa
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
lgtm
603bcaa
to
a6d890f
Compare
This comment has been minimized.
This comment has been minimized.
Pulled over the same test fix from #41177. |
This comment has been minimized.
This comment has been minimized.
f668e82
to
95c19c3
Compare
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
This comment has been minimized.
a6d890f
to
ef1eaad
Compare
Rebased onto current |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Rubber Stamp LGTM
Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay). PR-URL: nodejs#41175 Refs: quictls/openssl#68 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Michael Dawson <midawson@redhat.com>
This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1m+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: nodejs#41175 Refs: quictls/openssl#68 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Michael Dawson <midawson@redhat.com>
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: nodejs#41175 Refs: quictls/openssl#68 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is> Reviewed-By: Michael Dawson <midawson@redhat.com>
ef1eaad
to
0466400
Compare
Landed in f4493c1...0466400. |
Refs: quictls/openssl#68
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Updated as per https://github.com/nodejs/node/blob/v16.x-staging/doc/guides/maintaining-openssl.md