Skip to content

deps: update OpenSSL 3.0.3+quic #42958

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 2 commits into from
Closed

deps: update OpenSSL 3.0.3+quic #42958

wants to merge 2 commits into from

Conversation

RafaelGSS
Copy link
Member

Updated OpenSSL dep to OpenSSL-3.0.3+quic using the maintenance guide.

Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-May/000223.html

RafaelGSS added 2 commits May 3, 2022 17:12
@RafaelGSS
deps: upgrade openssl sources to quictls/openssl-3.0.3
6ec8160 
This updates all sources in deps/openssl/openssl by:
    $ git clone [email protected]:quictls/openssl.git
    $ cd openssl
    $ cd ../node/deps/openssl
    $ rm -rf openssl
    $ cp -R ../../../openssl openssl
    $ rm -rf openssl/.git* openssl/.travis*
    $ git add --all openssl
    $ git commit openssl
@RafaelGSS
deps: update archs files for quictls/openssl-3.0.3+quic
f1a6ebf 
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
    $ make -C deps/openssl/config
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl
    $ git commit
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/gyp

@nodejs-github-bot nodejs-github-bot added dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. labels May 3, 2022
@BethGriggs BethGriggs added the request-ci Add this label to start a Jenkins CI on a PR. label May 4, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 4, 2022
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/43866/

@richardlau
Copy link
Member

I think this and #42978 will conflict as they both touch the generated archs files. I suspect (but am not certain) that 33bc537 may mean we can no longer cherry-pick the openssl archs updates from master cleanly onto v17.x.

@yanovich
Copy link

yanovich commented May 6, 2022

@RafaelGSS, the differences between archs are cosmetic, and can be easily handled by *.gypi files. Why not use plain openssl headers with some -D flags in respective *.gypi files?

I used this to compare archs against linux-x86_64:

list=`ls deps/openssl/config/archs`;\
 for a in $list; do\
   diff -aur deps/openssl/config/archs/linux-x86_64/no-asm/include\
             deps/openssl/config/archs/$a/no-asm/include;\
 done

@RafaelGSS
Copy link
Member Author

I think this and #42978 will conflict as they both touch the generated archs files. I suspect (but am not certain) that 33bc537 may mean we can no longer cherry-pick the openssl archs updates from master cleanly onto v17.x.

If #42978 lands first, I can recreate this one for master and another one for v17.x then. WDYT?

@richardlau
Copy link
Member

I think this and #42978 will conflict as they both touch the generated archs files. I suspect (but am not certain) that 33bc537 may mean we can no longer cherry-pick the openssl archs updates from master cleanly onto v17.x.

If #42978 lands first, I can recreate this one for master and another one for v17.x then. WDYT?

SGTM. I suggest when you update/recreate the one for master check if the commits would cherry-pick cleanly to v17.x-staging. If they do then we don't need a v17.x specific PR (we can cherry-pick once the one on master lands), otherwise if there are conflicts we'll need to open a v17.x specific PR.

@RafaelGSS
Copy link
Member Author

Closing in favor of: #43022

@RafaelGSS RafaelGSS closed this May 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BethGriggs BethGriggs BethGriggs approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@RafaelGSS @nodejs-github-bot @richardlau @yanovich @BethGriggs @juanarbol