-
Notifications
You must be signed in to change notification settings - Fork 7.3k
Conversation
This just replaces all sources of openssl-1.0.1p.tar.gz into deps/openssl/openssl.
All symlink files in `deps/openssl/openssl/include/openssl/` are removed and replaced with real header files to avoid issues on Windows.
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]>
Correction. Alt cert patches were not back ported to Node so that only v0.10.39 and v0.12.6 have the vulnerability of CVE-2015-1793. |
@shigeki Thank you so much! CI for v0.10 and v0.12 is available here: http://jenkins.nodejs.org/. Tests for this PR are running across all supported platform for UNIX and Windows. In the meantime I'll run the tests in |
LGTM, landing soon and starting the release process for v0.10.40 asap. @joyent/node-tsc Sounds good? |
Also /cc @joyent/node-collaborators |
@shigeki shigeki/node@ba97685 has the following commit message:
but it seems like it's a combination of replacing symlinks with "indirect" header files (already committed in v0.10 as ee95454) and #25582. So the issue on Windows is already fixed in v0.10 prior to this PR, as a result we should probably reword the commit included in this PR to match the one in #25582. Or am I missing something? |
@misterdjules 0de721a changes "indirect" header files into symlinks which are included in the original source distribution and ba97685 replaces symlinks with real header files. This PR show the combination of the two commits so that you would see "indirect" header files are changed into real files. |
@shigeki Ok, sounds good, thank you for the clarification! |
This just replaces all sources of openssl-1.0.1p.tar.gz into deps/openssl/openssl. PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
All symlink files in `deps/openssl/openssl/include/openssl/` are removed and replaced with real header files to avoid issues on Windows. PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
This just replaces all sources of openssl-1.0.1p.tar.gz into deps/openssl/openssl. PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
All symlink files in `deps/openssl/openssl/include/openssl/` are removed and replaced with real header files to avoid issues on Windows. PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613792dac946b295855963869933a9089044 PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: #9451 PR-URL: nodejs/node-v0.x-archive#9451 Reviewed-By: Julien Gilli <[email protected]> PR: #25523 PR-URL: nodejs/node-v0.x-archive#25523 Reviewed-By: Julien Gilli <[email protected]> PR: #25654 PR-URL: nodejs/node-v0.x-archive#25654 Reviewed-By: Julien Gilli <[email protected]>
This just replaces all sources of openssl-1.0.1p.tar.gz into deps/openssl/openssl. PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
All symlink files in `deps/openssl/openssl/include/openssl/` are removed and replaced with real header files to avoid issues on Windows. PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
sha256-x86_64.pl does not exist in the origin openssl distribution. It was copied from sha512-x86_64.pl and both sha256/sha512 scripts were modified so as to generates only one asm file specified as its key hash length. PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
`x86masm.pl` was mistakenly using .486 instruction set, why `cpuid` (and perhaps others) are requiring .686 . PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
reapply b910613 PR: nodejs#9451 PR-URL: nodejs#9451 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25523 PR-URL: nodejs#25523 Reviewed-By: Julien Gilli <[email protected]> PR: nodejs#25654 PR-URL: nodejs#25654 Reviewed-By: Julien Gilli <[email protected]>
TLS client of node-v0.10/0.12 prior this release has a vulnerability of Alternative chains certificate forgery (CVE-2015-1793) . See https://www.openssl.org/news/secadv_20150709.txt .
Note that this includes the fix of #25582. Automating this is a future plan.
I did
make test
andmake test-internet
on my local Linux and they are fine except one test of debugger-client . I tried to run CI but https://jenkins.nodejs.org is down now. Do we use CI of https://jenkins-iojs.nodesource.com/ now? I could not find CI for node-v0.10.x there.