Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: use SSL_get_peer_tmp_key #53366

Merged
merged 1 commit into from
Jun 13, 2024

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Jun 6, 2024

Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement for SSL_get_server_tmp_key. While the old function name still exists as an alias, it does not accurately reflect the function's behavior (anymore). Hence, use the new function name here.

@tniessen tniessen added tls Issues and PRs related to the tls subsystem. openssl Issues and PRs related to the OpenSSL dependency. labels Jun 6, 2024
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Jun 6, 2024
@pimterry pimterry added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 6, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 6, 2024
@nodejs-github-bot

This comment was marked as outdated.

@tniessen tniessen force-pushed the ssl-get-peer-tmp-key branch from 935360e to 95420da Compare June 6, 2024 15:07
@tniessen tniessen added the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Jun 6, 2024
@panva panva added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 6, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 6, 2024
@nodejs-github-bot
Copy link
Collaborator

@tniessen
Copy link
Member Author

tniessen commented Jun 6, 2024

Windows CI is failing because... Windows.

2024-06-06T15:25:23.0802199Z D:\a\node\node\deps\v8\src\compiler\turboshaft\opmasks.h(150,75): error C2100: you cannot dereference an operand of type 'v8::internal::compiler::turboshaft::WordRepresentation' [D:\a\node\node\tools\v8_gypfiles\v8_turboshaft.vcxproj]
2024-06-06T15:25:23.2734105Z D:\a\node\node\deps\v8\src\compiler\turboshaft\opmasks.h(136,15): fatal  error C1907: unable to recover from previous error(s); stopping compilation [D:\a\node\node\tools\v8_gypfiles\v8_turboshaft.vcxproj]
2024-06-06T15:25:23.2738599Z D:\a\node\node\deps\v8\src\compiler\turboshaft\representations.h(457,49): message : while evaluating constexpr function 'v8::internal::compiler::turboshaft::WordRepresentation::value' [D:\a\node\node\tools\v8_gypfiles\v8_turboshaft.vcxproj]
2024-06-06T15:25:23.2743220Z D:\a\node\node\deps\v8\src\compiler\turboshaft\opmasks.h(150,75): message : while evaluating constexpr function 'v8::internal::compiler::turboshaft::WordRepresentation::operator v8::internal::compiler::turboshaft::WordRepresentation::Enum' [D:\a\node\node\tools\v8_gypfiles\v8_turboshaft.vcxproj]
2024-06-06T15:25:23.2746822Z   INTERNAL COMPILER ERROR in 'C:\Program Files\Microsoft Visual Studio\2022\Enterprise\VC\Tools\MSVC\14.40.33807\bin\HostX64\x64\CL.exe'
2024-06-06T15:25:23.2748408Z       Please choose the Technical Support command on the Visual C++
2024-06-06T15:25:23.2749476Z       Help menu, or open the Technical Support help file for more information

Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement
for SSL_get_server_tmp_key. While the old function name still exists as
an alias, it does not accurately reflect the function's behavior
(anymore). Hence, use the new function name here.
@tniessen tniessen force-pushed the ssl-get-peer-tmp-key branch from 95420da to 80105b0 Compare June 7, 2024 19:47
@tniessen tniessen added the request-ci Add this label to start a Jenkins CI on a PR. label Jun 7, 2024
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 7, 2024
@nodejs-github-bot

This comment has been minimized.

@tniessen tniessen removed the author ready PRs that have at least one approval, no pending requests for changes, and a CI started. label Jun 7, 2024
@nodejs-github-bot

This comment was marked as outdated.

@nodejs-github-bot
Copy link
Collaborator

@tniessen tniessen added the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 13, 2024
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 13, 2024
@nodejs-github-bot nodejs-github-bot added the commit-queue-failed An error occurred while landing this pull request using GitHub Actions. label Jun 13, 2024
@nodejs-github-bot
Copy link
Collaborator

Commit Queue failed
- Loading data for nodejs/node/pull/53366
✔  Done loading data for nodejs/node/pull/53366
----------------------------------- PR info ------------------------------------
Title      tls: use SSL_get_peer_tmp_key (#53366)
   ⚠  Could not retrieve the email or name of the PR author's from user's GitHub profile!
Branch     tniessen:ssl-get-peer-tmp-key -> nodejs:main
Labels     tls, crypto, c++, openssl, needs-ci
Commits    1
 - tls: use SSL_get_peer_tmp_key
Committers 1
 - Tobias Nießen 
PR-URL: https://github.com/nodejs/node/pull/53366
Reviewed-By: Filip Skokan 
Reviewed-By: Tim Perry 
Reviewed-By: Richard Lau 
Reviewed-By: Luigi Pinca 
Reviewed-By: Yagiz Nizipli 
------------------------------ Generated metadata ------------------------------
PR-URL: https://github.com/nodejs/node/pull/53366
Reviewed-By: Filip Skokan 
Reviewed-By: Tim Perry 
Reviewed-By: Richard Lau 
Reviewed-By: Luigi Pinca 
Reviewed-By: Yagiz Nizipli 
--------------------------------------------------------------------------------
   ⚠  Commits were pushed since the last approving review:
   ⚠  - tls: use SSL_get_peer_tmp_key
   ℹ  This PR was created on Thu, 06 Jun 2024 14:41:06 GMT
   ✔  Approvals: 5
   ✔  - Filip Skokan (@panva): https://github.com/nodejs/node/pull/53366#pullrequestreview-2102193493
   ✔  - Tim Perry (@pimterry): https://github.com/nodejs/node/pull/53366#pullrequestreview-2102209818
   ✔  - Richard Lau (@richardlau) (TSC): https://github.com/nodejs/node/pull/53366#pullrequestreview-2102272801
   ✔  - Luigi Pinca (@lpinca): https://github.com/nodejs/node/pull/53366#pullrequestreview-2103101790
   ✔  - Yagiz Nizipli (@anonrig): https://github.com/nodejs/node/pull/53366#pullrequestreview-2103961048
   ✔  Last GitHub CI successful
   ℹ  Last Full PR CI on 2024-06-10T21:32:13Z: https://ci.nodejs.org/job/node-test-pull-request/59718/
- Querying data for job/node-test-pull-request/59718/
   ✔  Last Jenkins CI successful
--------------------------------------------------------------------------------
   ✔  Aborted `git node land` session in /home/runner/work/node/node/.ncu
https://github.com/nodejs/node/actions/runs/9501496421

@richardlau richardlau added commit-queue Add this label to land a pull request using GitHub Actions. and removed commit-queue-failed An error occurred while landing this pull request using GitHub Actions. labels Jun 13, 2024
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 13, 2024
@nodejs-github-bot nodejs-github-bot merged commit 786464d into nodejs:main Jun 13, 2024
60 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in 786464d

targos pushed a commit that referenced this pull request Jun 20, 2024
Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement
for SSL_get_server_tmp_key. While the old function name still exists as
an alias, it does not accurately reflect the function's behavior
(anymore). Hence, use the new function name here.

PR-URL: #53366
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
sophoniie pushed a commit to sophoniie/node that referenced this pull request Jun 20, 2024
Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement
for SSL_get_server_tmp_key. While the old function name still exists as
an alias, it does not accurately reflect the function's behavior
(anymore). Hence, use the new function name here.

PR-URL: nodejs#53366
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
bmeck pushed a commit to bmeck/node that referenced this pull request Jun 22, 2024
Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement
for SSL_get_server_tmp_key. While the old function name still exists as
an alias, it does not accurately reflect the function's behavior
(anymore). Hence, use the new function name here.

PR-URL: nodejs#53366
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
marco-ippolito pushed a commit that referenced this pull request Jul 19, 2024
Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement
for SSL_get_server_tmp_key. While the old function name still exists as
an alias, it does not accurately reflect the function's behavior
(anymore). Hence, use the new function name here.

PR-URL: #53366
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
marco-ippolito pushed a commit that referenced this pull request Jul 19, 2024
Both OpenSSL 1.1.1 and 3.x support SSL_get_peer_tmp_key as a replacement
for SSL_get_server_tmp_key. While the old function name still exists as
an alias, it does not accurately reflect the function's behavior
(anymore). Hence, use the new function name here.

PR-URL: #53366
Reviewed-By: Filip Skokan <panva.ip@gmail.com>
Reviewed-By: Tim Perry <pimterry@gmail.com>
Reviewed-By: Richard Lau <rlau@redhat.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Yagiz Nizipli <yagiz.nizipli@sentry.io>
codebytere added a commit to electron/electron that referenced this pull request Jul 25, 2024
codebytere added a commit to electron/electron that referenced this pull request Jul 26, 2024
jkleinsc pushed a commit to electron/electron that referenced this pull request Jul 26, 2024
* chore: bump node in DEPS to v20.16.0

* test: skip unstable shadow realm gc tests

nodejs/node#52855

* test: extend env for `test-node-output-errors`

nodejs/node#53535

* src: fix typo in env.cc

nodejs/node#53418

* src: reset `process.versions` during pre-execution

nodejs/node#53444

* chore: fixup patch indices

* src,permission: --allow-wasi & prevent WASI exec

nodejs/node#53124

* tls: use SSL_get_peer_tmp_key

nodejs/node#53366

* deps: update c-ares to 1.29.0

nodejs/node#53155

* src: account for OpenSSL unexpected version

* crypto: fix propagation of "memory limit exceeded"

nodejs/node#53300

* process: add process.getBuiltinModule(id)

nodejs/node#52762

* windows 32bit: config change callback needs to be stdcall

c-ares/c-ares@8f265c9

* fix: building with UNICODE

c-ares/c-ares#802

---------

Co-authored-by: electron-roller[bot] <84116207+electron-roller[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
Co-authored-by: Keeley Hammond <khammond@slack-corp.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. openssl Issues and PRs related to the OpenSSL dependency. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants