Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

deps: update openssl to openssl1.1.1f #32583

Closed

Conversation

hassaanp
Copy link
Contributor

Checklist

This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl
 After an OpenSSL source update, all the config files need to be regenerated and
 comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit
@nodejs-github-bot nodejs-github-bot added the openssl Issues and PRs related to the OpenSSL dependency. label Mar 31, 2020
@hassaanp hassaanp changed the title Deps/update openssl to openssl1.1.1f deps: update openssl to openssl1.1.1f Mar 31, 2020
@nodejs-github-bot
Copy link
Collaborator

@sam-github
Copy link
Contributor

to: @nodejs/crypto cc: @nodejs/releasers

Copy link
Member

@tniessen tniessen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

RSLGTM. Not sure if anyone actually cross-checks this against OpenSSL releases?

@sam-github
Copy link
Contributor

Not sure if anyone actually cross-checks this against OpenSSL releases?

I did.

I'd like to fast-track this, it needs backporting to go out into next-week's releases, and as a routine update of a dep, I can't see what review is still necessary.

Can some folks thumbs-up the fast-tracking?

@sam-github sam-github added fast-track PRs that do not need to wait for 48 hours to land. lts-watch-v10.x labels Apr 1, 2020
@sam-github sam-github mentioned this pull request Apr 1, 2020
4 tasks
@sam-github
Copy link
Contributor

This cherry-picks clean onto 12.x, but needed a backport to 10.x: #32601

@tniessen
Copy link
Member

tniessen commented Apr 1, 2020

@sam-github Fast-tracking approved by @addaleax and myself.

sam-github pushed a commit that referenced this pull request Apr 1, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
sam-github pushed a commit that referenced this pull request Apr 1, 2020
 After an OpenSSL source update, all the config files need to be
 regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
@sam-github
Copy link
Contributor

Landed in 9d82c55..881c932

@sam-github sam-github closed this Apr 1, 2020
@sam-github sam-github deleted the deps/update-openssl-to-openssl1.1.1f branch April 1, 2020 21:15
@@ -11,15 +11,15 @@ L_BF_encrypt_begin:
movl 16(%esp),%ebp
pushl %esi
pushl %edi
# Load the 2 words
# Load the 2 words
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@mscdex I figured out why we are seeing this in the PR. It's because OpenSSL has trailing whitespace in its source, its emitted by the config process, but git node land strips it during landing. So, we always see the whitespace during PR diff, but it never hits the master, so then we see it again during the next PR. I'm not sure if that's a problem. I could PR some whitespace fixes up to openssl so that perhaps 1.1.1g wouldn't do this.

? Do you want to try reset the local master branch to upstream/master? Yes                      
⠇ Bringing upstream/master up to date...From github.com:nodejs/node                             
 * branch                    master     -> FETCH_HEAD                                           
✔  upstream/master is now up-to-date                                                            
✔  Downloaded patch to /home/sam/w/core/node/.ncu/32583/patch                                   
--------------------------------------------------------------------------------                
Applying: deps: upgrade openssl sources to 1.1.1f                                               
.git/rebase-apply/patch:542: trailing whitespace.                                               
            if(host == NULL || is_dNS_name(host))                                               
.git/rebase-apply/patch:551: trailing whitespace.                                               
 * Host dNS Name verifier: used for checking that the hostname is in dNS format                 
.git/rebase-apply/patch:935: trailing whitespace.                                               
         *                                                                                      
.git/rebase-apply/patch:944: trailing whitespace.                                               
         *                                                                                                                                                                                     
.git/rebase-apply/patch:1518: trailing whitespace.                                                                                                                                             
the given value.                                                                                
warning: squelched 10 whitespace errors                                                         
warning: 13 lines applied after fixing whitespace errors.                                       
Applying: deps: update archs files for OpenSSL-1.1.1f                                           
.git/rebase-apply/patch:326: trailing whitespace.                                               
        # Load the 2 words                                                                     
.git/rebase-apply/patch:335: trailing whitespace.                                               
        # Round 0                                                                              
.git/rebase-apply/patch:344: trailing whitespace.                                              
        # Round 1                                                                               
.git/rebase-apply/patch:353: trailing whitespace.                                              
        # Round 2                                                                              
.git/rebase-apply/patch:362: trailing whitespace.                                               
        # Round 3                                                                              
warning: squelched 2579 whitespace errors                                                       
warning: 2564 lines applied after fixing whitespace errors.                                                                                                                                    
   ✔  Patches applied                                                                                                                                                                          
There are 2 commits in the PR                                                                                                                                                                  
Please run the following commands to complete landing 

sam-github pushed a commit to sam-github/node that referenced this pull request Apr 1, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: nodejs#32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
sam-github pushed a commit to sam-github/node that referenced this pull request Apr 1, 2020
 After an OpenSSL source update, all the config files need to be
 regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: nodejs#32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
BethGriggs pushed a commit that referenced this pull request Apr 7, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
BethGriggs pushed a commit that referenced this pull request Apr 7, 2020
 After an OpenSSL source update, all the config files need to be
 regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this pull request Apr 12, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this pull request Apr 12, 2020
 After an OpenSSL source update, all the config files need to be
 regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
sam-github pushed a commit to sam-github/node that referenced this pull request Apr 21, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: nodejs#32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
@targos
Copy link
Member

targos commented Apr 22, 2020

@sam-github now that #32983 is open, should we skip this PR in v12.x ?

@sam-github sam-github mentioned this pull request Apr 22, 2020
4 tasks
@sam-github
Copy link
Contributor

I updated the description of #32983, that PR contains both

I don't know if you work by PR, or by commit. And maybe its not helpful that I opened #32983, if cherrypicking #32583 first, then #32971 on top of it works for you, then you don't need a backport, and can close #32983

I opened the "backport" PR so that I can do a CI, and to ensure it gets noticed. Maybe I should not?

@targos
Copy link
Member

targos commented Apr 22, 2020

if #32971 lands cleanly on top of this, then yeah, we can close #32983.

I opened the "backport" PR so that I can do a CI, and to ensure it gets noticed. Maybe I should not?

No problem. It served it's goal (I noticed it, which made me ask about this one 😄)

targos pushed a commit that referenced this pull request Apr 22, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos pushed a commit that referenced this pull request Apr 22, 2020
 After an OpenSSL source update, all the config files need to be
 regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
targos added a commit that referenced this pull request Apr 24, 2020
Notable changes:

Dependencies:
  * Updated OpenSSL to 1.1.1f.
    #32583
  * Updated c-ares to 1.16.0.
    #32246
  * Updated experimental uvwasi to 0.0.6.
    #32309
ESM (experimental):
  * Additional warnings are no longer printed for modules that use
    conditional exports or package name self resolution.
    #31845

PR-URL: #33009
targos added a commit that referenced this pull request Apr 27, 2020
Notable changes:

Dependencies:
  * Updated OpenSSL to 1.1.1f.
    #32583
  * Updated c-ares to 1.16.0.
    #32246
  * Updated experimental uvwasi to 0.0.6.
    #32309
ESM (experimental):
  * Additional warnings are no longer printed for modules that use
    conditional exports or package name self resolution.
    #31845

PR-URL: #33009
richardlau pushed a commit to sam-github/node that referenced this pull request Jul 1, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: nodejs#32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
richardlau pushed a commit that referenced this pull request Jul 1, 2020
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

Backport-PR-URL: #32982
PR-URL: #32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
@richardlau richardlau mentioned this pull request Jul 2, 2020
4 tasks
abhishekumar-tyagi pushed a commit to abhishekumar-tyagi/node that referenced this pull request May 5, 2024
This updates all sources in deps/openssl/openssl by:
    $ cd deps/openssl/
    $ rm -rf openssl
    $ tar zxf ~/tmp/openssl-1.1.1f.tar.gz
    $ mv openssl-1.1.0h openssl
    $ git add --all openssl
    $ git commit openssl

PR-URL: nodejs/node#32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
abhishekumar-tyagi pushed a commit to abhishekumar-tyagi/node that referenced this pull request May 5, 2024
 After an OpenSSL source update, all the config files need to be
 regenerated and comitted by:
    $ cd deps/openssl/config
    $ make
    $ git add deps/openssl/config/archs
    $ git add deps/openssl/openssl/include/crypto/bn_conf.h
    $ git add deps/openssl/openssl/include/crypto/dso_conf.h
    $ git add deps/openssl/openssl/include/openssl/opensslconf.h
    $ git commit

PR-URL: nodejs/node#32583
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
fast-track PRs that do not need to wait for 48 hours to land. openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

update openssl 1.1.1f (across all release lines)
8 participants