Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

doc: remove useless SSL_OP_* options #46954

Conversation

tniessen
Copy link
Member

@tniessen tniessen commented Mar 4, 2023

These 14 options do not have any effect in any supported version of OpenSSL.

These 14 options do not have any effect in any supported version of
OpenSSL.
@tniessen tniessen added tls Issues and PRs related to the tls subsystem. crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations. openssl Issues and PRs related to the OpenSSL dependency. labels Mar 4, 2023
tniessen added a commit to tniessen/node that referenced this pull request Mar 4, 2023
This option does not have any effect in any supported OpenSSL version.

Refs: nodejs#46954
@panva panva added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. labels Mar 5, 2023
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label Mar 6, 2023
@nodejs-github-bot nodejs-github-bot merged commit db81af6 into nodejs:main Mar 6, 2023
@nodejs-github-bot
Copy link
Collaborator

Landed in db81af6

tniessen added a commit to tniessen/openssl that referenced this pull request Mar 6, 2023
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954
tniessen added a commit that referenced this pull request Mar 9, 2023
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
targos pushed a commit that referenced this pull request Mar 13, 2023
These 14 options do not have any effect in any supported version of
OpenSSL.

PR-URL: #46954
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
targos pushed a commit that referenced this pull request Mar 13, 2023
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
tniessen added a commit to tniessen/node that referenced this pull request Mar 13, 2023
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: nodejs#46954
Refs: openssl/openssl#20443
nodejs-github-bot pushed a commit that referenced this pull request Mar 13, 2023
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: #46954
Refs: openssl/openssl#20443
PR-URL: #47066
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Yagiz Nizipli <[email protected]>
tniessen added a commit to tniessen/node that referenced this pull request Mar 13, 2023
None of these constants have any effect in recent OpenSSL versions, not
even in Node.js release lines that still use OpenSSL 1.1.1.

It is likely rare that these options are still used (intentionally), and
removing them is unlikely to break any existing applications. These
constants can only be passed to the secureOptions option of
tls.createSecureContext() and related APIs, and a value of undefined
will be ignored. Similarly, if a bitwise combination of multiple options
is used, undefined constants will not change the behavior because
(a | undefined | b) === a | b for (small non-negative) integers a and b.

Refs: nodejs#46954
Refs: nodejs#47066
tniessen added a commit to tniessen/node that referenced this pull request Mar 13, 2023
None of these constants have any effect in recent OpenSSL versions, not
even in Node.js release lines that still use OpenSSL 1.1.1.

It is likely rare that these options are still used (intentionally), and
removing them is unlikely to break any existing applications. These
constants can only be passed to the secureOptions option of
tls.createSecureContext() and related APIs, and a value of undefined
will be ignored. Similarly, if a bitwise combination of multiple options
is used, undefined constants will not change the behavior because
(a | undefined | b) === (a | b) for (small) integers a and b.

Refs: nodejs#46954
Refs: nodejs#47066
targos pushed a commit that referenced this pull request Mar 14, 2023
These 14 options do not have any effect in any supported version of
OpenSSL.

PR-URL: #46954
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
targos pushed a commit that referenced this pull request Mar 14, 2023
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
targos pushed a commit that referenced this pull request Mar 14, 2023
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: #46954
Refs: openssl/openssl#20443
PR-URL: #47066
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Yagiz Nizipli <[email protected]>
openssl-machine pushed a commit to openssl/openssl that referenced this pull request Mar 14, 2023
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954

Reviewed-by: Matt Caswell <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
(Merged from #20443)
openssl-machine pushed a commit to openssl/openssl that referenced this pull request Mar 14, 2023
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954

Reviewed-by: Matt Caswell <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
(Merged from #20443)

(cherry picked from commit fe52208)
openssl-machine pushed a commit to openssl/openssl that referenced this pull request Mar 14, 2023
SSL_OP_NETSCAPE_CA_DN_BUG became obsolete in 3c33c6f and
support for SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG was removed by
7a4dadc. The definitions are still listed under "OBSOLETE
OPTIONS retained for compatibility" in ssl.h.in, so this commit adds
them to the list of obsolete options in doc/man3.

Refs: nodejs/node#46954

Reviewed-by: Matt Caswell <[email protected]>
Reviewed-by: Paul Dale <[email protected]>
(Merged from #20443)

(cherry picked from commit fe52208)
nodejs-github-bot pushed a commit that referenced this pull request Mar 21, 2023
None of these constants have any effect in recent OpenSSL versions, not
even in Node.js release lines that still use OpenSSL 1.1.1.

It is likely rare that these options are still used (intentionally), and
removing them is unlikely to break any existing applications. These
constants can only be passed to the secureOptions option of
tls.createSecureContext() and related APIs, and a value of undefined
will be ignored. Similarly, if a bitwise combination of multiple options
is used, undefined constants will not change the behavior because
(a | undefined | b) === (a | b) for (small) integers a and b.

Refs: #46954
Refs: #47066
PR-URL: #47073
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Michaël Zasso <[email protected]>
danielleadams pushed a commit that referenced this pull request Apr 11, 2023
These 14 options do not have any effect in any supported version of
OpenSSL.

PR-URL: #46954
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
danielleadams pushed a commit that referenced this pull request Apr 11, 2023
This option does not have any effect in any supported OpenSSL version.

Refs: #46954
PR-URL: #46955
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
danielleadams pushed a commit that referenced this pull request Apr 11, 2023
I missed these two in db81af6 because I
went by OpenSSL's list of obsolete flags, which turned out to be
incomplete. See openssl/openssl#20443.

Refs: #46954
Refs: openssl/openssl#20443
PR-URL: #47066
Reviewed-By: Filip Skokan <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
Reviewed-By: Yagiz Nizipli <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
author ready PRs that have at least one approval, no pending requests for changes, and a CI started. crypto Issues and PRs related to the crypto subsystem. doc Issues and PRs related to the documentations. openssl Issues and PRs related to the OpenSSL dependency. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

7 participants