[v16.x] deps: update openssl to OpenSSL 1.1.1n#42352
Closed
Uh oh!
There was an error while loading. Please reload this page.
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
nodejs-github-bot added dependencies 
richardlau approved these changes Mar 15, 2022
hassaanp changed the title hassaanp changed the title 
danielleadams approved these changes Mar 16, 2022
Contributor
aduh95 commented Mar 16, 2022
This needs a rebase to fix the self-signed certificate test failure. |
Member
mhdawson commented Mar 16, 2022
@hassaanp I think this needs a rebase with only the OpenSSL commits showing as new, versus including a merge commit as it currently is. |
This comment was marked as outdated.
This comment was marked as outdated.
This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1n+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit
hassaanpforce-pushed the deps/update-openssl-to-openssl1.1.1n-v16.x branch from 0940cf4 to 390b462Compare
Collaborator
nodejs-github-bot commented Mar 17, 2022
Member
mhdawson commented Mar 17, 2022
Member
@danielleadams if you are going to do build you should be able to cherry pick d37dceb it seemed to apply cleanly to me against 16 |
ContributorAuthor
hassaanp commented Mar 17, 2022
@mhdawson i have cherry picked the patch to the PR |
richardlau added request-ci Collaborator
CI: |
richardlau added the fast-track 
Contributor
Fast-track has been requested by @richardlau. Please 👍 to approve. |
Collaborator
CI: https://ci.nodejs.org/job/node-test-pull-request/43088/ (EDIT: wrong commit again, maybe due to GitHub outage?) |
github-actionsbot removed the request-ci Collaborator
nodejs-github-bot commented Mar 17, 2022
Collaborator
nodejs-github-bot commented Mar 17, 2022
Member
richardlau commented Mar 17, 2022
Jenkins is refusing to build against the correct commit... and I think the problem may be on GitHub's side: instead of a661347 😕. |
Last OpenSSL 3 update changes behaviour back to be closer to that of OpenSSL 1.1.1. Remove some instances where we expected different errors from OpenSSL 3 versus OpenSSL 1.1.1. Signed-off-by: Michael Dawson <[email protected]>
richardlauforce-pushed the deps/update-openssl-to-openssl1.1.1n-v16.x branch from a661347 to bac3d3aCompareCollaborator
nodejs-github-bot commented Mar 17, 2022
Member
richardlau commented Mar 17, 2022
I repicked d37dceb and forced pushed which has made |
richardlau approved these changes Mar 17, 2022
Collaborator
nodejs-github-bot commented Mar 17, 2022
Collaborator
nodejs-github-bot commented Mar 17, 2022
Member
richardlau commented Mar 17, 2022
Landed in e10e4fd...c533b43. |
richardlau pushed a commit that referenced this pull request Mar 17, 2022
This updates all sources in deps/openssl/openssl by: $ git clone https://github.com/quictls/openssl $ cd openssl $ git checkout OpenSSL_1_1_1n+quic $ cd ../node/deps/openssl $ rm -rf openssl $ cp -R ../openssl openssl $ rm -rf openssl/.git* openssl/.travis* $ git add --all openssl $ git commit openssl PR-URL: #42352 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Danielle Adams <[email protected]>
richardlau pushed a commit that referenced this pull request Mar 17, 2022
After an OpenSSL source update, all the config files need to be regenerated and committed by: $ make -C deps/openssl/config $ git add deps/openssl/config/archs $ git add deps/openssl/openssl/include/crypto/bn_conf.h $ git add deps/openssl/openssl/include/crypto/dso_conf.h $ git add deps/openssl/openssl/include/openssl/opensslconf.h $ git commit PR-URL: #42352 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Danielle Adams <[email protected]>
richardlau pushed a commit that referenced this pull request Mar 17, 2022
Last OpenSSL 3 update changes behaviour back to be closer to that of OpenSSL 1.1.1. Remove some instances where we expected different errors from OpenSSL 3 versus OpenSSL 1.1.1. Signed-off-by: Michael Dawson <[email protected]> PR-URL: #42352 Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html Reviewed-By: Richard Lau <[email protected]> Reviewed-By: Danielle Adams <[email protected]>
Merged
This was referenced Mar 18, 2022
26 tasks
Sign up for freeto join this conversation on GitHub. Already have an account? Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Updated openssl dep to openssl1.1.1n+quic using the maintenance guide.
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000218.html