Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade to openssl-1.0.2i v4.x #8719

Merged
merged 8 commits into from
Sep 22, 2016
Merged

Upgrade to openssl-1.0.2i v4.x #8719

merged 8 commits into from
Sep 22, 2016

Conversation

MylesBorins
Copy link
Contributor

@MylesBorins MylesBorins commented Sep 22, 2016
edited
Loading

Checklist
  • make -j4 test (UNIX), or vcbuild test nosign (Windows) passes
  • commit message follows commit guidelines
Affected core subsystem(s)

crypto, tls and https

Description of change
  • Upgrading openssl-1.0.2i by backporting patch's from master

Ref: #8714

ci: https://ci.nodejs.org/job/node-test-pull-request/4214/

CC: @indutny or @bnoordhuis or @shigeki

shigeki and others added 8 commits September 22, 2016 10:30
@shigeki
deps: upgrade openssl sources to 1.0.2i
e7fdace 
This replaces all sources of openssl-1.0.2i.tar.gz into
deps/openssl/openssl

PR-URL: nodejs#8714
Reviewed-By: Fedor Indutny <[email protected]>
@shigeki
deps: copy all openssl header files to include dir
cbed5e6 
All symlink files in `deps/openssl/openssl/include/openssl/`
are removed and replaced with real header files to avoid
issues on Windows. Two files of opensslconf.h in crypto and
include dir are replaced to refer config/opensslconf.h.

PR-URL: nodejs#8714
Reviewed-By: Fedor Indutny <[email protected]>
@indutny
deps: fix openssl assembly error on ia32 win32
19ae4e8 
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and
perhaps others) are requiring .686 .

Fixes: nodejs#589
PR-URL: nodejs#1389
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Shigeki Ohtsu <[email protected]>
deps: fix asm build error of openssl in x86_win32
01cf5b0 
See
https://mta.openssl.org/pipermail/openssl-dev/2015-February/000651.html

iojs needs to stop using masm and move to nasm or yasm on Win32.

Fixes: nodejs#589
PR-URL: nodejs#1389
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
openssl: fix keypress requirement in apps on win32
44e5776 
Reapply b910613 .

Fixes: nodejs#589
PR-URL: nodejs#1389
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
deps: add -no_rand_screen to openssl s_client
e8f29e2 
In openssl s_client on Windows, RAND_screen() is invoked to initialize
random state but it takes several seconds in each connection.
This added -no_rand_screen to openssl s_client on Windows to skip
RAND_screen() and gets a better performance in the unit test of
test-tls-server-verify.
Do not enable this except to use in the unit test.

Fixes: nodejs#1461
PR-URL: nodejs#1836
Reviewed-By: Ben Noordhuis <[email protected]>
@shigeki
deps: update openssl asm and asm_obsolete files
8f3d676 
Regenerate asm files with Makefile and CC=gcc and ASM=gcc where
gcc-5.4.0. Also asm files in asm_obsolete dir to support old compiler
and assembler are regenerated without CC and ASM envs.

PR-URL: nodejs#8714
Reviewed-By: Fedor Indutny <[email protected]>
@shigeki
test: remove openssl options of -no_<prot>
c7a601c 
openssl command does not allow to both "-ssl3" and "-no_tls1".
A protocol connecting to the server is only specified.

PR-URL: nodejs#8714
Reviewed-By: Fedor Indutny <[email protected]>
@MylesBorins MylesBorins added tls Issues and PRs related to the tls subsystem. crypto Issues and PRs related to the crypto subsystem. https Issues or PRs related to the https subsystem. v4.x labels Sep 22, 2016
@nodejs-github-bot nodejs-github-bot added openssl Issues and PRs related to the OpenSSL dependency. v4.x labels Sep 22, 2016
@shigeki
Copy link
Contributor

shigeki commented Sep 22, 2016

LGTM if CI is ok.

@mscdex mscdex removed crypto Issues and PRs related to the crypto subsystem. https Issues or PRs related to the https subsystem. tls Issues and PRs related to the tls subsystem. labels Sep 22, 2016
@MylesBorins
Copy link
Contributor Author

MylesBorins commented Sep 22, 2016
edited
Loading

@mhdawson can you look into the failures on AIX?

https://ci.nodejs.org/job/node-test-commit-aix/1022/nodes=aix61-ppc64/

edit: 2 of the three tests look infra related... re running tests on AIX to be safe

https://ci.nodejs.org/job/node-test-commit-aix/1025/

edit 2: failed again

running ci against v4.x to see if failures exist on entire release line
https://ci.nodejs.org/job/node-test-commit-aix/1030/

edit 3: these are known flaky's

merging

@MylesBorins
Copy link
Contributor Author

/cc @nodejs/build @nodejs/bots it looks like the failed tests were not updated here. Might be worth taking a look into

@MylesBorins MylesBorins merged commit c7a601c into nodejs:v4.x Sep 22, 2016
@mhdawson
Copy link
Member

AIX failures are marked as flaky and so are expected: These are the ones I saw:

not ok 510 parallel/test-https-connect-address-family
not ok 751 parallel/test-stdio-closed
not ok 869 parallel/test-tls-connect-address-family

I believe the connect-address-family ones are flaky on other platforms as well (something to do with IPV6 configuration I think)

@chorrell chorrell mentioned this pull request Sep 26, 2016
Closed
@MylesBorins MylesBorins deleted the openssl-1.0.2i-v4.x branch November 14, 2017 17:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@shigeki shigeki shigeki approved these changes

Assignees
No one assigned
Labels
openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@MylesBorins @shigeki @mhdawson @mscdex @nodejs-github-bot @indutny