0
0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
nodejs/deps/openssl
Daniel Bevenius f5a5df4802 src,deps,build,test: add OpenSSL config appname
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: https://github.com/nodejs/node/pull/43124
Refs: https://github.com/nodejs/node/issues/40366
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Reviewed-By: Beth Griggs <bgriggs@redhat.com>
2022-05-31 13:41:30 +02:00
..
config deps: regenerate OpenSSL archs files 2022-05-30 08:18:27 +02:00
openssl deps: update archs files for quictls/openssl-3.0.3+quic 2022-05-12 09:15:23 -03:00
.gitignore
nodejs-openssl.cnf src,deps,build,test: add OpenSSL config appname 2022-05-31 13:41:30 +02:00
openssl_asm_avx2.gypi
openssl_asm.gypi
openssl_common.gypi
openssl_no_asm.gypi
openssl-cl_asm_avx2.gypi
openssl-cl_asm.gypi
openssl-cl_no_asm.gypi
openssl-cli.gypi
openssl-fips_asm_avx2.gypi
openssl-fips_asm.gypi
openssl-fips_no_asm.gypi
openssl.gyp
openssl.gypi
README.md

This has a new binding scheme in building OpenSSL-3.0.0 library with Node.js. OpenSSL-3.0.0 uses a new build system with Perl for various supported platforms. See openssl/Configurations/README and openssl/Configurations/README-design.md in the OpenSSL source for details.

In order to build OpenSSL library without Perl in the build of Node.js for various supported platforms, platform dependent files (e.g. asm and header files ) are pre-generated and stored into the config/archs directory.

  • config/Makefile and config/generate_gypi.pl

    Makefile has supported platform list and generates and copies platform dependent files (e.g. asm files) into arch directory with generate_gypi.pl. Platform dependent gypi files are also created obtaining build information from configdata.pm that is generated with Configure in the OpenSSL build system.

    For Windows, Configure generates makefile that is only available to nmake command. config/Makefile_VC-WIN32 and config/Makefile_VC-WIN64A are made by hand for the use of GNU make. If makefile rules or targets are changed in the version up of OpenSSL, they should be also updated.

  • gyp and gypi files (openssl*.{gyp,gypi})

    openssl.gyp has two targets of openssl and openssl-cli referred from node.gyp. They include asm and no_asm gypi files with arch dependent gypi according to its build options and platforms. The gyp data which is common with asm and no_asm are stored in openssl_common.gypi.

  • header files (config/*.{h,h.tmpl})

    bn_conf.h, dso_conf.h and opensslconf.h are platform dependent in the OpenSSL sources. They are replaced with config/*.h.tmpl files to include the file in the ../../../config/ and referred to each arch file that depends on asm and no-asm option. These headers are generated by the make target generate_headers.

Supported architectures for use of ASM

Here is a list of supported architectures for use of ASM in OpenSSL.

--dest-os --dest-cpu OpenSSL target arch CI
aix ppc64 aix64-gcc o
linux ia32 linux-elf o
linux x32 linux-x32 -
linux x64 linux-x86_64 o
linux arm linux-armv4 o
linux arm64 linux-aarch64 o
linux ppc64(*1) linux-ppc64le o
linux s390 linux32-s390x o
linux s390x linux64-s390x o
mac ia32 darwin-i386-cc -
mac x64 darwin64-x86-cc o
win ia32 VC-WIN32 -
win x64 VC-WIN64A o
solaris ia32 solaris-x86-gcc o
solaris x64 solaris64-x86_64-gcc o
freebsd ia32 BSD-x86 -
freebsd x64 BSD-x86_64 o
openbsd ia32 BSD-x86 -
openbsd x64 BSD-x86_64 -
others others linux-elf -

(*1: This needs to be configured with the variable of node_byteorder: little)

These are listed in config/Makefile. Please refer config/opensslconf_asm.h for details.

To remove or add an architecture the templates need to be updated for which there are two:

  • include_asm.h.tmpl
  • include_no-asm.h.tmpl

Remove the architecture in question from these files and then run:

$ make generate-headers

Also remove the architecture from the list of supported ASM architectures in README.md

Upgrading OpenSSL

Please refer to maintaining-openssl.