Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

crypto: remove OPENSSL_FIPS guard for OpenSSL 3 #48392

Merged
merged 1 commit into from
Jun 12, 2023
Merged

crypto: remove OPENSSL_FIPS guard for OpenSSL 3 #48392

merged 1 commit into from
Jun 12, 2023

Conversation

richardlau
Copy link
Member

The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier than 3.0.

Removing the guard for OpenSSL 3 fixes parallel/test-crypto-fips when run with a FIPS enabled OpenSSL 3 configuration.

Refs: #48379

cc @nodejs/crypto

Test failure on main (9dc2d1b)

13:27:29 not ok 640 parallel/test-crypto-fips
13:27:29   ---
13:27:29   duration_ms: 303.07300
13:27:29   severity: fail
13:27:29   exitcode: 1
13:27:29   stack: |-
13:27:29     Spawned child [pid:2304732] with cmd 'process.versions' expect "OpenSSL error when trying to enable FIPS:" with args '--enable-fips' OPENSSL_CONF="/opt/openssl-3.0.8-fips/ssl/openssl.cnf"
13:27:29     node:assert:125
13:27:29       throw new AssertionError(obj);
13:27:29       ^
13:27:29     
13:27:29     AssertionError [ERR_ASSERTION]: Expected "actual" to be strictly unequal to: 0
13:27:29         at responseHandler (/home/iojs/build/workspace/richardlau-node-test-commit-linux-containered/test/parallel/test-crypto-fips.js:48:12)
13:27:29         at testHelper (/home/iojs/build/workspace/richardlau-node-test-commit-linux-containered/test/parallel/test-crypto-fips.js:61:3)
13:27:29         at Object.<anonymous> (/home/iojs/build/workspace/richardlau-node-test-commit-linux-containered/test/parallel/test-crypto-fips.js:65:1)
13:27:29         at Module._compile (node:internal/modules/cjs/loader:1255:14)
13:27:29         at Module._extensions..js (node:internal/modules/cjs/loader:1309:10)
13:27:29         at Module.load (node:internal/modules/cjs/loader:1113:32)
13:27:29         at Module._load (node:internal/modules/cjs/loader:960:12)
13:27:29         at Function.executeUserEntryPoint [as runMain] (node:internal/modules/run_main:83:12)
13:27:29         at node:internal/main/run_main_module:23:47 {
13:27:29       generatedMessage: true,
13:27:29       code: 'ERR_ASSERTION',
13:27:29       actual: 0,
13:27:29       expected: 0,
13:27:29       operator: 'notStrictEqual'
13:27:29     }
13:27:29     
13:27:29     Node.js v21.0.0-pre
13:27:29   ...

Passing with this PR (84a33d6)

15:39:50 ok 638 parallel/test-crypto-fips
15:39:50   ---
15:39:50   duration_ms: 752.46200
15:39:50   ...

@richardlau
crypto: remove OPENSSL_FIPS guard for OpenSSL 3
84a33d6 
The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier
than 3.0.

Removing the guard for OpenSSL 3 fixes `parallel/test-crypto-fips`
when run with a FIPS enabled OpenSSL 3 configuration.
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. crypto Issues and PRs related to the crypto subsystem. needs-ci PRs that need a full CI run. labels Jun 8, 2023
@richardlau richardlau added request-ci Add this label to start a Jenkins CI on a PR. and removed crypto Issues and PRs related to the crypto subsystem. c++ Issues and PRs that require attention from people who are familiar with C++. needs-ci PRs that need a full CI run. labels Jun 8, 2023
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Jun 8, 2023
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/52165/

@richardlau richardlau mentioned this pull request Jun 8, 2023
Open
@nodejs-github-bot

This comment was marked as outdated.

# to view
@nodejs-github-bot

This comment was marked as outdated.

# to view
@nodejs-github-bot

This comment was marked as outdated.

# to view
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/52173/

@github-actions github-actions bot mentioned this pull request Jun 9, 2023
Open
24 tasks
@richardlau richardlau added crypto Issues and PRs related to the crypto subsystem. author ready PRs that have at least one approval, no pending requests for changes, and a CI started. labels Jun 9, 2023
This was referenced Jun 10, 2023
Open
Open
Open
mhdawson
mhdawson approved these changes Jun 12, 2023
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@richardlau richardlau added the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 12, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Jun 12, 2023
@nodejs-github-bot nodejs-github-bot merged commit 8d651ce into nodejs:main Jun 12, 2023
@nodejs-github-bot
Copy link
Collaborator

Landed in 8d651ce

This was referenced Jun 13, 2023
Open
Open
@github-actions github-actions bot mentioned this pull request Jun 15, 2023
Open
22 tasks
RafaelGSS pushed a commit that referenced this pull request Jul 3, 2023
@richardlau @RafaelGSS
crypto: remove OPENSSL_FIPS guard for OpenSSL 3
89aaf16 
The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier
than 3.0.

Removing the guard for OpenSSL 3 fixes `parallel/test-crypto-fips`
when run with a FIPS enabled OpenSSL 3 configuration.

PR-URL: #48392
Refs: #48379
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
@RafaelGSS RafaelGSS mentioned this pull request Jul 3, 2023
Merged
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@richardlau @Ceres6
crypto: remove OPENSSL_FIPS guard for OpenSSL 3
2cd03a4 
The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier
than 3.0.

Removing the guard for OpenSSL 3 fixes `parallel/test-crypto-fips`
when run with a FIPS enabled OpenSSL 3 configuration.

PR-URL: nodejs#48392
Refs: nodejs#48379
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
Ceres6 pushed a commit to Ceres6/node that referenced this pull request Aug 14, 2023
@richardlau @Ceres6
crypto: remove OPENSSL_FIPS guard for OpenSSL 3
dcdf4cb 
The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier
than 3.0.

Removing the guard for OpenSSL 3 fixes `parallel/test-crypto-fips`
when run with a FIPS enabled OpenSSL 3 configuration.

PR-URL: nodejs#48392
Refs: nodejs#48379
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
ruyadorno pushed a commit that referenced this pull request Sep 8, 2023
@richardlau @ruyadorno
crypto: remove OPENSSL_FIPS guard for OpenSSL 3
aa08460 
The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier
than 3.0.

Removing the guard for OpenSSL 3 fixes `parallel/test-crypto-fips`
when run with a FIPS enabled OpenSSL 3 configuration.

PR-URL: #48392
Refs: #48379
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
@ruyadorno ruyadorno mentioned this pull request Sep 8, 2023
Merged
ruyadorno pushed a commit that referenced this pull request Sep 13, 2023
@richardlau @ruyadorno
crypto: remove OPENSSL_FIPS guard for OpenSSL 3
b2bc839 
The OPENSSL_FIPS guard is only needed for versions of OpenSSL earlier
than 3.0.

Removing the guard for OpenSSL 3 fixes `parallel/test-crypto-fips`
when run with a FIPS enabled OpenSSL 3 configuration.

PR-URL: #48392
Refs: #48379
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <midawson@redhat.com>
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@lpinca lpinca lpinca approved these changes

@mhdawson mhdawson mhdawson approved these changes

Assignees
No one assigned
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. crypto Issues and PRs related to the crypto subsystem.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@richardlau @nodejs-github-bot @lpinca @mhdawson