Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

doc: remove useless SSL_OP_* options #46954

Merged
merged 1 commit into from
Mar 6, 2023
Merged

doc: remove useless SSL_OP_* options #46954

merged 1 commit into from
Mar 6, 2023

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Mar 4, 2023

These 14 options do not have any effect in any supported version of OpenSSL.

@tniessen
doc: remove useless SSL_OP_* options
36cc44f 
These 14 options do not have any effect in any supported version of
OpenSSL.
@tniessen tniessen added tls Issues and PRs related to the tls subsystem. crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations. openssl Issues and PRs related to the OpenSSL dependency. labels Mar 4, 2023
tniessen added a commit to tniessen/node that referenced this pull request Mar 4, 2023
@tniessen
src: remove use of SSL_OP_SINGLE_DH_USE
1332e1e 
This option does not have any effect in any supported OpenSSL version.

Refs: nodejs#46954
@tniessen tniessen mentioned this pull request Mar 4, 2023
Closed
@panva panva added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. labels Mar 5, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Mar 6, 2023
@nodejs-github-bot nodejs-github-bot merged commit db81af6 into nodejs:main Mar 6, 2023
@nodejs-github-bot
Copy link
Collaborator

Landed in db81af6

tniessen added a commit to tniessen/openssl that referenced this pull request Mar 6, 2023
@tniessen
Document remaining obsolete SSL_OP_NETSCAPE_*_BUG
738ae66 
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954
@tniessen tniessen mentioned this pull request Mar 6, 2023
Closed
1 task
tniessen added a commit that referenced this pull request Mar 9, 2023
@tniessen
src: remove use of SSL_OP_SINGLE_DH_USE
ef454c8 
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
targos pushed a commit that referenced this pull request Mar 13, 2023
@tniessen @targos
doc: remove useless SSL_OP_* options
6fa00bc 
These 14 options do not have any effect in any supported version of
OpenSSL.

PR-URL: #46954
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
targos pushed a commit that referenced this pull request Mar 13, 2023
@tniessen @targos
src: remove use of SSL_OP_SINGLE_DH_USE
9b7d39f 
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
tniessen added a commit to tniessen/node that referenced this pull request Mar 13, 2023
@tniessen
doc: remove remaining SSL_OP_NETSCAPE_*_BUG
6cc9306 
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: nodejs#46954
Refs: openssl/openssl#20443
@tniessen tniessen mentioned this pull request Mar 13, 2023
Merged
nodejs-github-bot pushed a commit that referenced this pull request Mar 13, 2023
@tniessen
doc: remove remaining SSL_OP_NETSCAPE_*_BUG
51380f2 
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: #46954
Refs: openssl/openssl#20443
PR-URL: #47066
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
tniessen added a commit to tniessen/node that referenced this pull request Mar 13, 2023
@tniessen
crypto: remove obsolete SSL_OP_* constants
b9880b7 
None of these constants have any effect in recent OpenSSL versions, not
even in Node.js release lines that still use OpenSSL 1.1.1.

It is likely rare that these options are still used (intentionally), and
removing them is unlikely to break any existing applications. These
constants can only be passed to the secureOptions option of
tls.createSecureContext() and related APIs, and a value of undefined
will be ignored. Similarly, if a bitwise combination of multiple options
is used, undefined constants will not change the behavior because
(a | undefined | b) === a | b for (small non-negative) integers a and b.

Refs: nodejs#46954
Refs: nodejs#47066
tniessen added a commit to tniessen/node that referenced this pull request Mar 13, 2023
@tniessen
crypto: remove obsolete SSL_OP_* constants
2a48afb 
None of these constants have any effect in recent OpenSSL versions, not
even in Node.js release lines that still use OpenSSL 1.1.1.

It is likely rare that these options are still used (intentionally), and
removing them is unlikely to break any existing applications. These
constants can only be passed to the secureOptions option of
tls.createSecureContext() and related APIs, and a value of undefined
will be ignored. Similarly, if a bitwise combination of multiple options
is used, undefined constants will not change the behavior because
(a | undefined | b) === (a | b) for (small) integers a and b.

Refs: nodejs#46954
Refs: nodejs#47066
@tniessen tniessen mentioned this pull request Mar 13, 2023
Merged
targos pushed a commit that referenced this pull request Mar 14, 2023
@tniessen @targos
doc: remove useless SSL_OP_* options
f903ea5 
These 14 options do not have any effect in any supported version of
OpenSSL.

PR-URL: #46954
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
targos pushed a commit that referenced this pull request Mar 14, 2023
@tniessen @targos
src: remove use of SSL_OP_SINGLE_DH_USE
b051ac7 
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
targos pushed a commit that referenced this pull request Mar 14, 2023
@tniessen @targos
doc: remove remaining SSL_OP_NETSCAPE_*_BUG
c310a32 
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: #46954
Refs: openssl/openssl#20443
PR-URL: #47066
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
@targos targos mentioned this pull request Mar 14, 2023
Merged
openssl-machine pushed a commit to openssl/openssl that referenced this pull request Mar 14, 2023
@tniessen @paulidale
Document remaining obsolete SSL_OP_NETSCAPE_*_BUG
fe52208 
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from #20443)
openssl-machine pushed a commit to openssl/openssl that referenced this pull request Mar 14, 2023
@tniessen @paulidale
Document remaining obsolete SSL_OP_NETSCAPE_*_BUG
f0ea7a5 
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from #20443)

(cherry picked from commit fe52208)
openssl-machine pushed a commit to openssl/openssl that referenced this pull request Mar 14, 2023
@tniessen @paulidale
Document remaining obsolete SSL_OP_NETSCAPE_*_BUG
ce31a7c 
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954

Reviewed-by: Matt Caswell <matt@openssl.org>
Reviewed-by: Paul Dale <pauli@openssl.org>
(Merged from #20443)

(cherry picked from commit fe52208)
nodejs-github-bot pushed a commit that referenced this pull request Mar 21, 2023
@tniessen
crypto: remove obsolete SSL_OP_* constants
1640aeb 
None of these constants have any effect in recent OpenSSL versions, not
even in Node.js release lines that still use OpenSSL 1.1.1.

It is likely rare that these options are still used (intentionally), and
removing them is unlikely to break any existing applications. These
constants can only be passed to the secureOptions option of
tls.createSecureContext() and related APIs, and a value of undefined
will be ignored. Similarly, if a bitwise combination of multiple options
is used, undefined constants will not change the behavior because
(a | undefined | b) === (a | b) for (small) integers a and b.

Refs: #46954
Refs: #47066
PR-URL: #47073
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
danielleadams pushed a commit that referenced this pull request Apr 11, 2023
@tniessen @danielleadams
doc: remove useless SSL_OP_* options
257c5ac 
These 14 options do not have any effect in any supported version of
OpenSSL.

PR-URL: #46954
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
danielleadams pushed a commit that referenced this pull request Apr 11, 2023
@tniessen @danielleadams
src: remove use of SSL_OP_SINGLE_DH_USE
a4a433f 
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
danielleadams pushed a commit that referenced this pull request Apr 11, 2023
@tniessen @danielleadams
doc: remove remaining SSL_OP_NETSCAPE_*_BUG
e435199 
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: #46954
Refs: openssl/openssl#20443
PR-URL: #47066
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
@danielleadams danielleadams mentioned this pull request Apr 11, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@aymen94 aymen94 aymen94 approved these changes

@cjihrig cjihrig cjihrig approved these changes

@lpinca lpinca lpinca approved these changes

@bnoordhuis bnoordhuis bnoordhuis approved these changes

@panva panva panva approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations. openssl Issues and PRs related to the OpenSSL dependency. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@tniessen @nodejs-github-bot @panva @bnoordhuis @lpinca @cjihrig @aymen94