Skip to content

doc: update instructions for openssl updates #42353

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
mhdawson wants to merge 9 commits into from
Closed

doc: update instructions for openssl updates #42353

Changes from 1 commit
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
d49349b
doc: update instructions for openssl updates
mhdawson Mar 15, 2022
3c02585
Update doc/contributing/maintaining-openssl.md
mhdawson Mar 15, 2022
98ef750
Update doc/contributing/maintaining-openssl.md
mhdawson Mar 15, 2022
aacc6db
Update doc/contributing/maintaining-openssl.md
mhdawson Mar 15, 2022
fed3e3a
squash address comments
mhdawson Mar 16, 2022
ffa837f
squash:fixup
mhdawson Mar 16, 2022
4fc48ea
Update doc/contributing/maintaining-openssl.md
mhdawson Mar 16, 2022
fe64c39
Update doc/contributing/maintaining-openssl.md
mhdawson Mar 16, 2022
3c31d65
Update doc/contributing/maintaining-openssl.md
mhdawson Mar 16, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
squash address comments
  • Loading branch information
@mhdawson
mhdawson authored Mar 16, 2022
commit fed3e3a70e6b99eb89e25e50e9df577cc65e1277
22 changes: 18 additions & 4 deletions doc/contributing/maintaining-openssl.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,7 @@ This updates all sources in deps/openssl/openssl by:
$ git commit openssl
```

### OpenSSL 3.0.0
### OpenSSL 3.0.x

```console
% git clone https://github.com/quictls/openssl
Expand All @@ -106,14 +106,15 @@ This updates all sources in deps/openssl/openssl by:
```

```text
deps: upgrade openssl sources to quictls/openssl-3.0.0-alpha-16
deps: upgrade openssl sources to quictls/openssl-3.0.2

This updates all sources in deps/openssl/openssl by:
$ git clone [email protected]:quictls/openssl.git
$ cd openssl
$ git checkout openssl-3.0.2+quic
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ cp -R ../../../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
Expand Down Expand Up @@ -154,6 +155,8 @@ please ask @shigeki for details.
Update all architecture dependent files. Do not forget to git add or remove
files if they are changed before committing:

### OpenSSL 1.1.1

```console
% git add deps/openssl/config/archs
% git add deps/openssl/openssl/include/crypto/bn_conf.h
Expand All @@ -162,6 +165,16 @@ files if they are changed before committing:
% git commit
```

### OpenSSL 3.0.x

```console
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
Copy link
Member Author

@mhdawson mhdawson Mar 16, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@richard this matches what is in the commit comments below and looks like what we have done. It is probably also related to #42081 as git add deps/openssl/openssl adds all of the headers under openssl/openssl/include versus the selective ones that were added for OpenSSL 1.1.1.

I don't think we want to change right now as we get releases out, but worth looking to see if possibly we can revert to adding just those three, find out why more were needed and possibly ask @danbev when he gets back.

Copy link
Member Author

@mhdawson mhdawson Mar 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Actually I take that back since I guess the the examples were only showing the git adds that were necessary for a particular commit as opposed to what needs to be done in general. Therefore, it likely is not related to #42081 after all.

Copy link
Member

@richardlau richardlau Mar 16, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

FWIW AFAICT the big difference between OpenSSL 1.1.1 and 3.0.x in Node.js is the deps/openssl/config/archs -- there's many more files in OpenSSL 3.0.x under there (see description in #42081) and a preliminary glance suggested a lot of duplication between the archs.

$ git add deps/openssl/config
$ git commit
```

The commit message can be written as (with the openssl version set
to the relevant value):

Expand All @@ -180,7 +193,7 @@ to the relevant value):
$ git commit
```

### OpenSSL 3.0.0
### OpenSSL 3.0.x

```text
deps: update archs files for quictls/openssl-3.0.0-alpha-16
Expand All @@ -190,6 +203,7 @@ regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git add deps/openssl/config
$ git commit
```

Expand Down