PR-URL: https://github.com/nodejs/node/pull/57335
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/55184
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/54336
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/51614
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/50411
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/46401
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config clean
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
CVE-ID: CVE-2022-3602, CVE-2022-3786
PR-URL: https://github.com/nodejs/node/pull/45286
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config clean
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git commit
PR-URL: https://github.com/nodejs/node/pull/43735
Fixes: https://github.com/nodejs/node/issues/43667
Reviewed-By: Richard Lau <rlau@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ find archs \( -name \*.s \) -exec rm "{}" \;
Edit deps/openssl/openssl/crypto/perlasm/x86asm.pl changing #ifdef
to %ifdef to make it compatible to nasm on windows 32.
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/43693
This commit removes the header template files opensslconf.h as it is not
a generated header anymore (configuration.h is the generated header
now).
The motivation for this is that not using opensslconf.h from the OpenSSL
include directory means an addon that includes openssl/ssl.h will get
the following error:
~/.cache/node-gyp/17.8.0/include/node/openssl/macros.h:148:4: error:
compatibility level"
148 | # error "The requested API level higher than the configured
API compatibility level"
For more details please see #40575.
PR-URL: https://github.com/nodejs/node/pull/43035
Fixes: https://github.com/nodejs/node/issues/40575
Reviewed-By: Michael Dawson <midawson@redhat.com>
OpenSSL 3.0 has a number of header files that are generated, and
currently these headers are copied into the architecture specific
directories. This is done for each asm type, 'asm', 'asm_avx2', and
'no-asm' which has takes up quite a lot of disk space and also becomes
an issue with the headers.tar file which has increased due to this.
This commit adds copies the headers to a common directory for the
architecture, for example with linux-x86_64 there will be a directory
named deps/openssl/config/archs/linux-x86_64/common/include where the
headers will be copied (into subdirectories 'openssl' and 'crypto'.
And in the original locations a header file with the same name will be
generated which points (includes) the common header file.
PR-URL: https://github.com/nodejs/node/pull/42616
Fixes: https://github.com/nodejs/node/issues/42081
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
PR-URL: https://github.com/nodejs/node/pull/42356
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000217.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
I added support for x32 back in 2014 but it's been in a state of
disrepair ever since, not in the least because it was never a fully
supported architecture in upstream V8.
V8 dropped x32 support entirely in or around 2018 so the removal from
Node's build system is long overdue.
Refs: https://github.com/nodejs/node/issues/40576
PR-URL: https://github.com/nodejs/node/pull/41905
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Jiawen Geng <technicalcute@gmail.com>
Reviewed-By: Gerhard Stöbich <deb2001-github@yahoo.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Currently using the --openssl-is-fips configuration option in
combination with --ninja is broken.
This commit fixes two issues, one being an issue with the linker/version
script path variable. The second is that the locations of built
artifacts that differ for ninja and make.
ninja:
$ ./configure --openssl-is-fips --ninja
$ ninja -C out/Release
$ ./node --enable-fips -p 'crypto.getFips()'
1
make:
$ ./configure --openssl-is-fips
$ make -j8
$ ./node --enable-fips -p 'crypto.getFips()'
1
PR-URL: https://github.com/nodejs/node/pull/40518
Refs: https://github.com/nodejs/node/issues/40509
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
This commit add the missing legacy provider source code which is
requried for statically linking the OpenSSL legacy provider.
Co-authored-by: Richard Lau <rlau@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/40478
Refs: https://github.com/nodejs/node/issues/40455
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
This pull request updates the OpenSSL version that is statically
linked with Node.js from OpenSSl 1.1.1 to quictls OpenSSL 3.0.0+quic.
This pull request will replace the OpenSSL version that is currently
in the deps directory and when performing a normal build
OpenSSL 3.0+quic will be statically linked to the Node.js executable.
We will still be able to dynamically link to OpenSSL 1.1.1 and we have
a CI job which dynamically links to OpenSSL 1.1.1 which is run for
every pull request to make sure that we maintain backward compatibility.
PR-URL: https://github.com/nodejs/node/pull/38512
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/39867
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/37412
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/36520
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
This adds the required files for supporting openssl
on arm64.
This uses the same configuration that can be found in
https://github.com/openssl/openssl/pull/12369 to generate the required
files.
PR-URL: https://github.com/nodejs/node/pull/34238
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ash Cripps <ashley.cripps@ibm.com>
This adds a new make target to generate platform dependent
files for openssl on non-linux machines. The scripts we currently
have in place require linux. This adds a Dockerfile that installs
the necessary dependencies to be able to generate these files.
Previously, it was necessary to run `make -C deps/openssl/config`
on a linux machine. Now, as long as docker is installed and in
your `PATH`, it is possible to run `make gen-openssl`.
PR-URL: https://github.com/nodejs/node/pull/34642
Reviewed-By: James M Snell <jasnell@gmail.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/32379
Reviewed-By: Anna Henningsen <anna@addaleax.net>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ cd deps/openssl/config
$ make
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/32971
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
After an OpenSSL source update, all the config files need to be
regenerated and comitted by:
$ cd deps/openssl/config
$ make
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/include/crypto/bn_conf.h
$ git add deps/openssl/openssl/include/crypto/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
After an OpenSSL source update, all the config files need to be
regenerated and comitted by:
$ cd deps/openssl/config
$ make
$ git add deps/openssl/config/archs
$ git add deps/openssl/include
PR-URL: https://github.com/nodejs/node/pull/32328
Fixes: https://github.com/nodejs/node/issues/32210
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
The scripts used by make were modified to correctly reference the source
files that were originially in crypto/include/internal, but got moved to
include/crypto. The base path has been left unaltered since that would
require too many changes
PR-URL: https://github.com/nodejs/node/pull/32328
Fixes: https://github.com/nodejs/node/issues/32210
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
The maintainenance guides are mostly in doc/guides-maintaining-*.md, so
move the OpenSSL one there, too.
PR-URL: https://github.com/nodejs/node/pull/32209
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
After an OpenSSL source update, all the config files need to be
regenerated and comitted by:
$ cd deps/openssl/config
$ make
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl/crypto/include/internal/bn_conf.h
$ git add deps/openssl/openssl/crypto/include/internal/dso_conf.h
$ git add deps/openssl/openssl/include/openssl/opensslconf.h
$ git commit
PR-URL: https://github.com/nodejs/node/pull/29550
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Add BSD-x86 to the list of arches and regenerate everything.
Everything in deps/openssl/config/archs/BSD-x86 is auto-generated,
everything else is manual edits to include the right files in the
right places.
I cheated a little: I didn't check in changes to files for other arches
because they contained mostly churn (updated buildstamps and such.)
Fixes: https://github.com/nodejs/node/issues/20326
PR-URL: https://github.com/nodejs/node/pull/28806
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
