tools: switch back to official OpenSSL #57301
Conversation
Change `tools/dep_updaters/update-openssl.sh` to fetch updates from official OpenSSL.
|
Review requested:
|
Draft PR (I've started a CI on it): #57302 |
|
As an aside, FWIW now that #57225 has landed, I'm planning on adding node-test-commit-linux-quic to the regular CI for pull requests to ensure we don't regress the (non-default) quic support. I'll wait a few days to allow PR's to pick up the #57225 fix. |
|
Do you have a timeline on when we will be able to start early test builds with OpenSSL 3.5? |
On this, the QUIC implementation will be updated to rely entirely on either the OpenSSL 3.5 APIs or the BoringSSL APIs (for Electron), assuming the current implementation can be made to work with the new 3.5 APIs at all. In the next week or two I plan on switching the current implementation away from quictls and onto the version of BoringSSL used by electron. Mentioning this because I don't want you to waste effort trying to preserve anything with quictls. |
I posted an update with the OpenSSL 3.5 roadmap in #57281 (comment). An alpha release is scheduled for next week (11 March) and I can aim to have something in the CI (Node.js built against a shared OpenSSL) with that (and the beta when that is out).
Okay thanks, that helps. I'll not bother with node-test-commit-linux-quic then. |
richardlau
added
the
commit-queue
nodejs-github-bot
removed
the
commit-queue
|
Landed in 2bf0bd2 |
Change
tools/dep_updaters/update-openssl.shto fetch updates fromofficial OpenSSL.
Refs: #57142
I was intending to test this in https://github.com/nodejs/node-auto-test but ran into some sort of branch protection rule that prevented me from pushing to main there.
I'll open another draft PR with the results of running the update script locally so we can test CI with the resultant replaced
deps/openssl.