deps: update to openssl-3.0.1+quic #41177
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The `deps/openssl/config/generate_headers.pl` imports `Text::Template` but that Perl module is not present in the default Perl installation in the Dockerfile and needs to be explicitly installed.
|
Review requested:
|
nodejs-github-bot
added
needs-ci
github-actions
bot
removed
the
request-ci
This comment has been minimized.
This comment has been minimized.
|
Do we need to fast track this? I don't think we are in any hurry to get 17.x out today |
cjihrig
approved these changes
Dec 14, 2021
|
😞 We appear to be seeing the same I'm not seeing similar failures on either release line on Linux (and neither is our Jenkins CI). Anyone on macOS able to take a look? |
node:internal/crypto/util:111
throw new ERR_CRYPTO_ENGINE_UNKNOWN(id);
^
Error [ERR_CRYPTO_ENGINE_UNKNOWN]: Engine "/Users/iojs/build/workspace/node-test-commit-osx/nodes/osx1015/out/Release/libtest_crypto_engine.dylib" was not found
at new NodeError (node:internal/errors:371:5)
at Object.setEngine (node:internal/crypto/util:111:11)
at Object.<anonymous> (/Users/iojs/build/workspace/node-test-commit-osx/nodes/osx1015/test/parallel/test-crypto-engine.js:47:12)
at Module._compile (node:internal/modules/cjs/loader:1097:14)
at Object.Module._extensions..js (node:internal/modules/cjs/loader:1149:10)
at Module.load (node:internal/modules/cjs/loader:975:32)
at Function.Module._load (node:internal/modules/cjs/loader:822:12)
at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:81:12)
at node:internal/main/run_main_module:17:47 {
code: 'ERR_CRYPTO_ENGINE_UNKNOWN'
}
Node.js v18.0.0-preMaybe cc @RaisinTen who updated the |
|
I don't use macos but my best guess is that this is due to openssl/openssl#17073. We are probably (incorrectly) loading the engine twice and OpenSSL did not report that as an error before as far as I can tell. |
I think this is correct. test-macstadium-macos11:osx11 iojs$ ./out/Release/openssl-cli version
OpenSSL 3.0.0+quic 7 sep 2021 (Library: OpenSSL 3.0.0+quic 7 sep 2021)
test-macstadium-macos11:osx11 iojs$ ./out/Release/openssl-cli-3.0.1 version
OpenSSL 3.0.1+quic 14 Dec 2021 (Library: OpenSSL 3.0.1+quic 14 Dec 2021)
test-macstadium-macos11:osx11 iojs$OpenSSL 3.0.0, duplicate engines, no error ( test-macstadium-macos11:osx11 iojs$ ./out/Release/openssl-cli dgst -sha1 -engine /Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib -engine /Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib
Engine "libtest_crypto_engine" set.
Engine "libtest_crypto_engine" set.
SHA1(stdin)= da39a3ee5e6b4b0d3255bfef95601890afd80709
test-macstadium-macos11:osx11 iojs$OpenSSL 3.0.1 now throws an error for the same command: test-macstadium-macos11:osx11 iojs$ ./out/Release/openssl-cli-3.0.1 dgst -sha1 -engine /Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib -engine /Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib
Engine "libtest_crypto_engine" set.
Invalid engine "/Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib"
403DB30401000000:error:1300006D:engine routines:dynamic_load:init failed:../deps/openssl/openssl/crypto/engine/eng_dyn.c:494:
403DB30401000000:error:13000074:engine routines:ENGINE_by_id:no such engine:../deps/openssl/openssl/crypto/engine/eng_list.c:430:id=/Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib
403DB30401000000:error:1300006D:engine routines:dynamic_load:init failed:../deps/openssl/openssl/crypto/engine/eng_dyn.c:494:
SHA1(stdin)= da39a3ee5e6b4b0d3255bfef95601890afd80709
test-macstadium-macos11:osx11 iojs$It looks like it only objects with absolute paths. If the id is used for the second "duplicate" engine it still works: test-macstadium-macos11:osx11 iojs$ ./out/Release/openssl-cli-3.0.1 dgst -sha1 -engine /Users/iojs/build/workspace/node-test-commit-osx-arm/nodes/osx11/out/Release/libtest_crypto_engine.dylib -engine libtest_crypto_engine
Engine "libtest_crypto_engine" set.
Engine "libtest_crypto_engine" set.
SHA1(stdin)= da39a3ee5e6b4b0d3255bfef95601890afd80709
test-macstadium-macos11:osx11 iojs$ |
richardlau
force-pushed
the
openssl3.0.1+quic
branch
from
429ee17
to
3af0b32
Compare
richardlau
added
request-ci
This comment has been minimized.
This comment has been minimized.
|
We should fix this eventually. The fact that this only fails on macOS probably means that we are are not doing things properly on other platforms either. Could you add a TODO comment in the test file and/or in the C++ source code? |
Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay).
This updates all sources in deps/openssl/openssl by:
$ git clone git@github.com:quictls/openssl.git
$ cd openssl
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
richardlau
force-pushed
the
openssl3.0.1+quic
branch
from
3af0b32
to
d9275b9
Compare
This comment has been minimized.
This comment has been minimized.
richardlau
added
author ready
nodejs-github-bot
pushed a commit
that referenced
this pull request
Dec 16, 2021
The `deps/openssl/config/generate_headers.pl` imports `Text::Template` but that Perl module is not present in the default Perl installation in the Dockerfile and needs to be explicitly installed. PR-URL: #41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
nodejs-github-bot
pushed a commit
that referenced
this pull request
Dec 16, 2021
Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay). PR-URL: #41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
nodejs-github-bot
pushed a commit
that referenced
this pull request
Dec 16, 2021
This updates all sources in deps/openssl/openssl by:
$ git clone git@github.com:quictls/openssl.git
$ cd openssl
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: #41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
nodejs-github-bot
pushed a commit
that referenced
this pull request
Dec 16, 2021
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
PR-URL: #41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 16, 2021
The `deps/openssl/config/generate_headers.pl` imports `Text::Template` but that Perl module is not present in the default Perl installation in the Dockerfile and needs to be explicitly installed. PR-URL: #41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 16, 2021
Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay). PR-URL: #41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 16, 2021
This updates all sources in deps/openssl/openssl by:
$ git clone git@github.com:quictls/openssl.git
$ cd openssl
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: #41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 16, 2021
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
PR-URL: #41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
added a commit
that referenced
this pull request
Dec 16, 2021
OpenSSL-3.0.1: OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richarad Lau #41177 Other Notable Changes: * lib: * make AbortSignal cloneable/transferable (James M Snell) #41050 * deps: * upgrade npm to 8.3.0 (npm team) #41127 * doc: * add @bnb as a collaborator (Tierney Cyren) #41100 * process: * add `getActiveResourcesInfo()` (Darshan Sen) #40813 * timers: * add experimental scheduler api (James M Snell) #40909 PR-URL: #41167
danielleadams
added a commit
that referenced
this pull request
Dec 16, 2021
OpenSSL-3.0.1: OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau #41177 Other Notable Changes: * lib: * make AbortSignal cloneable/transferable (James M Snell) #41050 * deps: * upgrade npm to 8.3.0 (npm team) #41127 * doc: * add @bnb as a collaborator (Tierney Cyren) #41100 * process: * add `getActiveResourcesInfo()` (Darshan Sen) #40813 * timers: * add experimental scheduler api (James M Snell) #40909 PR-URL: #41167
danielleadams
added a commit
that referenced
this pull request
Dec 16, 2021
OpenSSL-3.0.1: OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau #41177 Other Notable Changes: * lib: * make AbortSignal cloneable/transferable (James M Snell) #41050 * deps: * upgrade npm to 8.3.0 (npm team) #41127 * doc: * add @bnb as a collaborator (Tierney Cyren) #41100 * process: * add `getActiveResourcesInfo()` (Darshan Sen) #40813 * timers: * add experimental scheduler api (James M Snell) #40909 PR-URL: #41167
22 tasks
danielleadams
pushed a commit
that referenced
this pull request
Dec 17, 2021
The `deps/openssl/config/generate_headers.pl` imports `Text::Template` but that Perl module is not present in the default Perl installation in the Dockerfile and needs to be explicitly installed. PR-URL: #41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 17, 2021
Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay). PR-URL: #41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 17, 2021
This updates all sources in deps/openssl/openssl by:
$ git clone git@github.com:quictls/openssl.git
$ cd openssl
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: #41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
pushed a commit
that referenced
this pull request
Dec 17, 2021
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
PR-URL: #41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
danielleadams
added a commit
that referenced
this pull request
Dec 17, 2021
OpenSSL-3.0.1: OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau #41177 Other Notable Changes: * lib: * make AbortSignal cloneable/transferable (James M Snell) #41050 * deps: * upgrade npm to 8.3.0 (npm team) #41127 * doc: * add @bnb as a collaborator (Tierney Cyren) #41100 * process: * add `getActiveResourcesInfo()` (Darshan Sen) #40813 * timers: * add experimental scheduler api (James M Snell) #40909 PR-URL: #41167
danielleadams
added a commit
that referenced
this pull request
Dec 17, 2021
OpenSSL-3.0.1: OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau #41177 Other Notable Changes: * lib: * make AbortSignal cloneable/transferable (James M Snell) #41050 * deps: * upgrade npm to 8.3.0 (npm team) #41127 * doc: * add @bnb as a collaborator (Tierney Cyren) #41100 * process: * add `getActiveResourcesInfo()` (Darshan Sen) #40813 * timers: * add experimental scheduler api (James M Snell) #40909 PR-URL: #41167
This was referenced Dec 18, 2021
Linkgoron
pushed a commit
to Linkgoron/node
that referenced
this pull request
Jan 31, 2022
The `deps/openssl/config/generate_headers.pl` imports `Text::Template` but that Perl module is not present in the default Perl installation in the Dockerfile and needs to be explicitly installed. PR-URL: nodejs#41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Linkgoron
pushed a commit
to Linkgoron/node
that referenced
this pull request
Jan 31, 2022
Newer versions of OpenSSL now throws an error if an engine is loaded twice by its absolute path (a second load by its id appears to be okay). PR-URL: nodejs#41177 Refs: quictls/openssl#69 Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html Reviewed-By: Danielle Adams <adamzdanielle@gmail.com> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Linkgoron
pushed a commit
to Linkgoron/node
that referenced
this pull request
Jan 31, 2022
This updates all sources in deps/openssl/openssl by:
$ git clone git@github.com:quictls/openssl.git
$ cd openssl
$ cd ../node/deps/openssl
$ rm -rf openssl
$ cp -R ../openssl openssl
$ rm -rf openssl/.git* openssl/.travis*
$ git add --all openssl
$ git commit openssl
PR-URL: nodejs#41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Linkgoron
pushed a commit
to Linkgoron/node
that referenced
this pull request
Jan 31, 2022
After an OpenSSL source update, all the config files need to be
regenerated and committed by:
$ make -C deps/openssl/config
$ git add deps/openssl/config/archs
$ git add deps/openssl/openssl
$ git commit
PR-URL: nodejs#41177
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Reviewed-By: Danielle Adams <adamzdanielle@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Derek Lewis <DerekNonGeneric@inf.is>
Linkgoron
pushed a commit
to Linkgoron/node
that referenced
this pull request
Jan 31, 2022
OpenSSL-3.0.1: OpenSSL-3.0.1 contains a fix for CVE-2021-4044: Invalid handling of X509_verify_cert() internal errors in libssl (Moderate). This is a vulnerability in OpenSSL that may be exploited through Node.js. More information can be read here: https://www.openssl.org/news/secadv/20211214.txt. Contributed by Richard Lau nodejs#41177 Other Notable Changes: * lib: * make AbortSignal cloneable/transferable (James M Snell) nodejs#41050 * deps: * upgrade npm to 8.3.0 (npm team) nodejs#41127 * doc: * add @bnb as a collaborator (Tierney Cyren) nodejs#41100 * process: * add `getActiveResourcesInfo()` (Darshan Sen) nodejs#40813 * timers: * add experimental scheduler api (James M Snell) nodejs#40909 PR-URL: nodejs#41167
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Refs: quictls/openssl#69
Refs: https://mta.openssl.org/pipermail/openssl-announce/2021-December/000212.html
Updated as per https://github.com/nodejs/node/blob/master/doc/guides/maintaining-openssl.md. This took longer than expected because it turned out the Dockerfile was missing a Perl module used by
deps/openssl/config/generate_headers.pl(which only exists in the Node.js versions where we build with OpenSSL 3).cc @danielleadams