-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
src: only initialize openssl once #29999
Conversation
I've added a |
Is there anyone we should ping from Electron in case this affects their use of BoringSSL? |
@danbev @codebytere This affects OpenSSL initialization, you might want to take a look. |
cc @davidben for potential ideas :) |
Stub versions of those functions in BoringSSL would be just fine. We only add compatibility functions as we need them and this is the first time I've ever seen anyone use If it's off in a corner, clearly a no-op, and doesn't affect anything else, we generally just freely add compatibility functions. |
We would, of course, ignore whatever config file you pass in, but that's totally self-consistent. BoringSSL has zero config file options so we vacuously "parse" the file. :-) |
I don't mind 1b8d782d58 if its going to be a while before BoringSSL implements the compat APIs. @codebytere What's your preference? |
1b8d782
to
21859d4
Compare
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: nodejs#29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html
21859d4
to
12cbdcb
Compare
@sam-github i can handle this on the BoringSSL side, so all clear 🚀 ty for tagging me in! |
Failing test |
@nodejs/modules-active-members Any comment on above? Is that test flaky? It doesn't have any crypto dependency I can think of, am I missing something? |
FTR:
|
It's probably some interaction between ccache and #29974 landing on master (Travis runs on Edit: and everything now passed 🎉. |
Resume failed on test.parallel/test-worker-prof in windows, @nodejs/platform-windows @nodejs/workers Trying again. |
Landed in 8425183 |
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: #29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html PR-URL: #29999 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: #29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html PR-URL: #29999 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: #29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html PR-URL: #29999 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: #29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html PR-URL: #29999 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: #29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html PR-URL: #29999 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of initialization wrappers were being called, many deprecated, and many calling each other internally already. Compatibility is unnecessary in 12.x and later, which support only OpenSSL 1.1.1, and the multiple calls cause the configuration file to be loaded multiple times. Fixes: #29702 See: - https://mta.openssl.org/pipermail/openssl-users/2019-October/011303.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_ssl.html - https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_init_crypto.html PR-URL: #29999 Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Shelley Vohr <codebytere@gmail.com>
For compatibility with OpenSSL 1.1.0 and 1.0.1 a series of
initialization wrappers were being called, many deprecated, and many
calling each other internally already. Compatibility is unnecessary in
12.x and later, which support only OpenSSL 1.1.1, and the multiple calls
cause the configuration file to be loaded multiple times.
Fixes: #29702
See:
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passes