Skip to content

build,deps,tools: prepare to update to OpenSSL 3.5 #58098

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 3 commits into from
Closed

build,deps,tools: prepare to update to OpenSSL 3.5 #58098

wants to merge 3 commits into from

Conversation

richardlau
Copy link
Member

This is a replacement for #57795. I'm opening a new PR as I had to revert #57835 to get the arch specific files (which run part of OpenSSL's build) to work.

  • 4568a35 test: prepare test-crypto-rsa-dsa for newer OpenSSL4568a35077a test: prepare test-crypto-rsa-dsa for newer OpenSSL is needed to pass tests -- the test was assuming OpenSSL 3.0 behaviour which has changed. I left both code paths in this commit so that tests will pass on it (and will pass on the later commit once OpenSSL 3.5 is introduced).
  • 155fd5b build,deps,tools: update to OpenSSL 3.5 -- this is the main update, including fixing up the perl scripts and Makefiles in deps/openssl/config for the new files in OpenSSL 3.5. I'm not wholly happy with the amount of places that need to be updated to add each newly introduced file but that's a possible later improvement (I'm not that familiar with Perl).

Note that this PR doesn't do the actual update -- I'm intending for that to be done via the updater workflow once this lands (otherwise this PR will have far too many changed files to be reviewable).

cc @nodejs/crypto

Running the automation to test: https://github.com/nodejs/node/actions/runs/14779389322/job/41494768590
Which is opening #58097

richardlau and others added 3 commits May 1, 2025 16:46
@richardlau
Revert "deps: delete OpenSSL demos, doc and test folders"
1952bcd 
This reverts commit dfaded8.
@richardlau
test: prepare test-crypto-rsa-dsa for newer OpenSSL
4568a35 
Update `parallel/test-crypto-rsa-dsa` to prepare for updating
`deps/openssl` to later versions of OpenSSL which support implicit
rejections with `RSA_PKCS1_PADDING`.
@targos @richardlau
build,deps,tools: update to OpenSSL 3.5
155fd5b 
Co-Authored-By: Richard Lau <rlau@redhat.com>
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. labels May 1, 2025
@richardlau
Copy link
Member Author

Note that this PR doesn't do the actual update -- I'm intending for that to be done via the updater workflow once this lands (otherwise this PR will have far too many changed files to be reviewable).

Hah, I forgot that the revert changes thousands of files. Should I open that separately to aid reviewing this PR?

@richardlau richardlau mentioned this pull request May 1, 2025
Open
@richardlau
Copy link
Member Author

Note that this PR doesn't do the actual update -- I'm intending for that to be done via the updater workflow once this lands (otherwise this PR will have far too many changed files to be reviewable).

Hah, I forgot that the revert changes thousands of files. Should I open that separately to aid reviewing this PR?

oh I have lint failures too so I'll have to update anyway. I'll rework this into two PRs.

@richardlau
Copy link
Member Author

Replaced by #58099 and #58100.

@richardlau richardlau closed this May 1, 2025
@richardlau richardlau deleted the openssl-3.5-test branch May 1, 2025 17:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@richardlau @nodejs-github-bot @targos