diff options
author | Daniel Bevenius <daniel.bevenius@gmail.com> | 2021-04-14 12:19:54 +0300 |
---|---|---|
committer | Daniel Bevenius <daniel.bevenius@gmail.com> | 2021-10-11 07:28:08 +0300 |
commit | 66da32c045035cf2710a48773dc6f55f00e20c40 (patch) | |
tree | 5476a5263442f875b4117c2e57d795105e63a02c /configure.py | |
parent | 49b7ec96a431a3e0ba0989d6b41db813aefe878a (diff) |
deps,test,src,doc,tools: update to OpenSSL 3.0
This pull request updates the OpenSSL version that is statically
linked with Node.js from OpenSSl 1.1.1 to quictls OpenSSL 3.0.0+quic.
This pull request will replace the OpenSSL version that is currently
in the deps directory and when performing a normal build
OpenSSL 3.0+quic will be statically linked to the Node.js executable.
We will still be able to dynamically link to OpenSSL 1.1.1 and we have
a CI job which dynamically links to OpenSSL 1.1.1 which is run for
every pull request to make sure that we maintain backward compatibility.
PR-URL: https://github.com/nodejs/node/pull/38512
Reviewed-By: Michael Dawson <midawson@redhat.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Diffstat (limited to 'configure.py')
-rwxr-xr-x | configure.py | 36 |
1 files changed, 11 insertions, 25 deletions
diff --git a/configure.py b/configure.py index 6efb98c2316..a879a9661d6 100755 --- a/configure.py +++ b/configure.py @@ -195,11 +195,6 @@ parser.add_argument("--openssl-no-asm", default=None, help="Do not build optimized assembly for OpenSSL") -parser.add_argument('--openssl-fips', - action='store', - dest='openssl_fips', - help='Build OpenSSL using FIPS canister .o file in supplied folder') - parser.add_argument('--openssl-is-fips', action='store_true', dest='openssl_is_fips', @@ -1414,8 +1409,7 @@ def configure_openssl(o): variables['node_shared_ngtcp2'] = b(options.shared_ngtcp2) variables['node_shared_nghttp3'] = b(options.shared_nghttp3) variables['openssl_is_fips'] = b(options.openssl_is_fips) - variables['openssl_fips'] = '' - variables['openssl_quic'] = b(True) + variables['node_fipsinstall'] = b(False) if options.openssl_no_asm: variables['openssl_no_asm'] = 1 @@ -1427,8 +1421,8 @@ def configure_openssl(o): without_ssl_error('--shared-openssl') if options.openssl_no_asm: without_ssl_error('--openssl-no-asm') - if options.openssl_fips: - without_ssl_error('--openssl-fips') + if options.openssl_is_fips: + without_ssl_error('--openssl-is-fips') if options.openssl_default_cipher_list: without_ssl_error('--openssl-default-cipher-list') return @@ -1468,17 +1462,18 @@ def configure_openssl(o): if options.openssl_no_asm and options.shared_openssl: error('--openssl-no-asm is incompatible with --shared-openssl') - if options.openssl_fips or options.openssl_fips == '': - error('FIPS is not supported in this version of Node.js') - if options.openssl_is_fips and not options.shared_openssl: - error('--openssl-is-fips is only available with --shared-openssl') - - if options.openssl_is_fips: o['defines'] += ['OPENSSL_FIPS'] + variables['node_fipsinstall'] = b(True) if options.shared_openssl: - variables['openssl_quic'] = b(getsharedopensslhasquic.get_has_quic(options.__dict__['shared_openssl_includes'])) + has_quic = getsharedopensslhasquic.get_has_quic(options.__dict__['shared_openssl_includes']) + else: + has_quic = getsharedopensslhasquic.get_has_quic('deps/openssl/openssl/include') + + variables['openssl_quic'] = b(has_quic) + if has_quic: + o['defines'] += ['NODE_OPENSSL_HAS_QUIC'] configure_library('openssl', o) @@ -1927,15 +1922,6 @@ variables = output['variables'] del output['variables'] variables['is_debug'] = B(options.debug) -# make_global_settings for special FIPS linking -# should not be used to compile modules in node-gyp -config_fips = { 'make_global_settings' : [] } -if 'make_fips_settings' in output: - config_fips['make_global_settings'] = output['make_fips_settings'] - del output['make_fips_settings'] - write('config_fips.gypi', do_not_edit + - pprint.pformat(config_fips, indent=2) + '\n') - # make_global_settings should be a root level element too if 'make_global_settings' in output: make_global_settings = output['make_global_settings'] |