Skip to content

deps: update OpenSSL 3.0.3+quic#42958

Closed
RafaelGSS wants to merge 2 commits intonodejs:masterfrom
RafaelGSS:deps/update-openssl-3-0-3
Closed

deps: update OpenSSL 3.0.3+quic#42958
RafaelGSS wants to merge 2 commits intonodejs:masterfrom
RafaelGSS:deps/update-openssl-3-0-3

Conversation

@RafaelGSS
Copy link
Member

@RafaelGSS RafaelGSS commented May 3, 2022

Updated OpenSSL dep to OpenSSL-3.0.3+quic using the maintenance guide.

Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-May/000223.html

RafaelGSS added 2 commits May 3, 2022 17:12
@RafaelGSS
deps: upgrade openssl sources to quictls/openssl-3.0.3
6ec8160 
This updates all sources in deps/openssl/openssl by:
    $ git clone git@github.com:quictls/openssl.git
    $ cd openssl
    $ cd ../node/deps/openssl
    $ rm -rf openssl
    $ cp -R ../../../openssl openssl
    $ rm -rf openssl/.git* openssl/.travis*
    $ git add --all openssl
    $ git commit openssl
@RafaelGSS
deps: update archs files for quictls/openssl-3.0.3+quic
f1a6ebf 
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
    $ make -C deps/openssl/config
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl
    $ git commit
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 3, 2022

Review requested:

  • @nodejs/gyp

@nodejs-github-bot nodejs-github-bot added dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. labels May 3, 2022
@BethGriggs BethGriggs added the request-ci Add this label to start a Jenkins CI on a PR. label May 4, 2022
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 4, 2022
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 4, 2022

CI: https://ci.nodejs.org/job/node-test-pull-request/43866/

@richardlau
Copy link
Member

richardlau commented May 6, 2022

I think this and #42978 will conflict as they both touch the generated archs files. I suspect (but am not certain) that 33bc537 may mean we can no longer cherry-pick the openssl archs updates from master cleanly onto v17.x.

@yanovich
Copy link

yanovich commented May 6, 2022

@RafaelGSS, the differences between archs are cosmetic, and can be easily handled by *.gypi files. Why not use plain openssl headers with some -D flags in respective *.gypi files?

I used this to compare archs against linux-x86_64:

list=`ls deps/openssl/config/archs`;\
 for a in $list; do\
   diff -aur deps/openssl/config/archs/linux-x86_64/no-asm/include\
             deps/openssl/config/archs/$a/no-asm/include;\
 done

@RafaelGSS
Copy link
Member Author

RafaelGSS commented May 6, 2022

I think this and #42978 will conflict as they both touch the generated archs files. I suspect (but am not certain) that 33bc537 may mean we can no longer cherry-pick the openssl archs updates from master cleanly onto v17.x.

If #42978 lands first, I can recreate this one for master and another one for v17.x then. WDYT?

@richardlau
Copy link
Member

richardlau commented May 7, 2022

I think this and #42978 will conflict as they both touch the generated archs files. I suspect (but am not certain) that 33bc537 may mean we can no longer cherry-pick the openssl archs updates from master cleanly onto v17.x.

If #42978 lands first, I can recreate this one for master and another one for v17.x then. WDYT?

SGTM. I suggest when you update/recreate the one for master check if the commits would cherry-pick cleanly to v17.x-staging. If they do then we don't need a v17.x specific PR (we can cherry-pick once the one on master lands), otherwise if there are conflicts we'll need to open a v17.x specific PR.

@RafaelGSS
Copy link
Member Author

RafaelGSS commented May 9, 2022

Closing in favor of: #43022

@RafaelGSS RafaelGSS closed this May 9, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@BethGriggs BethGriggs BethGriggs approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@RafaelGSS @nodejs-github-bot @richardlau @yanovich @BethGriggs @juanarbol