Since the `PRODUCT_DIR_ABS` gyp variable is meant to be used
in a C string in the OpenSSL config, provide a version of it
that actually provides it in a way that is always usable as a
C string. Otherwise, unescaped characters in the path can mess
with the string definitions; for example, building in paths
on Windows whose directories start with valid or invalid escape
sequences (e.g.: `C:\...\x61foobar\...` or `C:\...\456789\...`)
can result in failing builds or incorrect paths provided to
OpenSSL.
PR-URL: https://github.com/nodejs/node/pull/56111
Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/55184
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/55184
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/54336
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/54336
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
- Set the clang variable in `config.gypi` so it depends on compiler
checks made by the configure script.
- Replace gyp conditions with `llvm_version` and "0.0" with conditions
that use the `clang` variable.
- Always use `clang==1` or `clang==0` in gyp conditions
PR-URL: https://github.com/nodejs/node/pull/52873
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
Should use `current_cpu` instead of `target_cpu` in GN build files,
otherwise the host build may use wrong configs when doing cross
compilation.
PR-URL: https://github.com/nodejs/node/pull/51903
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/51614
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/51614
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/50411
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/50411
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/48402
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Marco Ippolito <marcoippolito54@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Mohammed Keyvanzadeh <mohammadkeyvanzade94@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/46401
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Don't link intermediate executables with LTO in order to speed up
overall build time.
Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
PR-URL: https://github.com/nodejs/node/pull/47313
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Original commit message:
rsa: add msvc intrinsic for non x64 platforms
_umul128() is x86_64 (x64) only, while __umulh() works everywhere, but
doesn't generate optimal code on x64
Refs: https://github.com/openssl/openssl/pull/20244
PR-URL: https://github.com/nodejs/node/pull/46570
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config clean
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
CVE-ID: CVE-2022-3602, CVE-2022-3786
PR-URL: https://github.com/nodejs/node/pull/45286
- Restore the location were the OpenSSL config file is
loaded by default on MacOS back to where it was on earlier versions
- Remove warnings about OPENSSLDIR being multiply defined
Signed-off-by: Michael Dawson <mdawson@devrus.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
PR-URL: https://github.com/nodejs-private/node-private/pull/345
CVE-ID: CVE-2022-32222
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config clean
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git commit
PR-URL: https://github.com/nodejs/node/pull/43735
Fixes: https://github.com/nodejs/node/issues/43667
Reviewed-By: Richard Lau <rlau@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ find archs \( -name \*.s \) -exec rm "{}" \;
Edit deps/openssl/openssl/crypto/perlasm/x86asm.pl changing #ifdef
to %ifdef to make it compatible to nasm on windows 32.
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: https://github.com/nodejs/node/pull/43693
Update default openssl.cnf directory on linux to be consistent with
older versions
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: RafaelGSS <rafael.nunu@hotmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
PR-URL: https://github.com/nodejs-private/node-private/pull/335
CVE-ID: CVE-2022-32222
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.
The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.
PR-URL: https://github.com/nodejs/node/pull/43124
Refs: https://github.com/nodejs/node/issues/40366
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
This commit removes the header template files opensslconf.h as it is not
a generated header anymore (configuration.h is the generated header
now).
The motivation for this is that not using opensslconf.h from the OpenSSL
include directory means an addon that includes openssl/ssl.h will get
the following error:
~/.cache/node-gyp/17.8.0/include/node/openssl/macros.h:148:4: error:
compatibility level"
148 | # error "The requested API level higher than the configured
API compatibility level"
For more details please see #40575.
PR-URL: https://github.com/nodejs/node/pull/43035
Fixes: https://github.com/nodejs/node/issues/40575
Reviewed-By: Michael Dawson <midawson@redhat.com>
OpenSSL 3.0 has a number of header files that are generated, and
currently these headers are copied into the architecture specific
directories. This is done for each asm type, 'asm', 'asm_avx2', and
'no-asm' which has takes up quite a lot of disk space and also becomes
an issue with the headers.tar file which has increased due to this.
This commit adds copies the headers to a common directory for the
architecture, for example with linux-x86_64 there will be a directory
named deps/openssl/config/archs/linux-x86_64/common/include where the
headers will be copied (into subdirectories 'openssl' and 'crypto'.
And in the original locations a header file with the same name will be
generated which points (includes) the common header file.
PR-URL: https://github.com/nodejs/node/pull/42616
Fixes: https://github.com/nodejs/node/issues/42081
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
PR-URL: https://github.com/nodejs/node/pull/42356
Refs: https://mta.openssl.org/pipermail/openssl-announce/2022-March/000217.html
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com>
Reviewed-By: Darshan Sen <raisinten@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Anna Henningsen
Node.js GitHub Bot
Michaël Zasso
Cheng Zhao
Richard Lau
Shi Pujin
Andrea Fassina
Konstantin Demin
RafaelGSS
Michael Dawson
Daniel Bevenius
Hassaan Pasha