Skip to content

Commit

Permalink
Update to OpenSSL 3.4.0 (#640)
Browse files Browse the repository at this point in the history
  • Loading branch information
alex authored Nov 27, 2024
1 parent 77c544f commit f351549
Show file tree
Hide file tree
Showing 4 changed files with 2 additions and 58 deletions.
1 change: 0 additions & 1 deletion cryptography-linux/Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ RUN \
COPY --from=staticnodejs /out/ /staticnode/
ADD install_openssl.sh /root/install_openssl.sh
ADD openssl-version.sh /root/openssl-version.sh
ADD list-util-pairs-25367.patch /root/list-util-pairs-25367.patch
RUN ./install_openssl.sh

RUN curl https://sh.rustup.rs -sSf | sh -s -- -y --default-toolchain stable --profile minimal
Expand Down
4 changes: 0 additions & 4 deletions cryptography-linux/install_openssl.sh
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,6 @@ curl -#LO "${OPENSSL_URL}/${OPENSSL_VERSION}/${OPENSSL_VERSION}.tar.gz"
echo "${OPENSSL_SHA256} ${OPENSSL_VERSION}.tar.gz" | sha256sum -c -
tar zxf ${OPENSSL_VERSION}.tar.gz
pushd ${OPENSSL_VERSION}
# Patch to work around OpenSSL 3.3.2 requiring a newer perl than manylinux2014
if [ -f /etc/redhat-release ] && grep -q "CentOS Linux release 7" /etc/redhat-release; then
git apply ../list-util-pairs-25367.patch
fi
./config $OPENSSL_BUILD_FLAGS --prefix=/opt/pyca/cryptography/openssl --openssldir=/opt/pyca/cryptography/openssl
make depend
make -j4
Expand Down
51 changes: 0 additions & 51 deletions cryptography-linux/list-util-pairs-25367.patch

This file was deleted.

4 changes: 2 additions & 2 deletions cryptography-linux/openssl-version.sh
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
export OPENSSL_VERSION="openssl-3.3.2"
export OPENSSL_SHA256="2e8a40b01979afe8be0bbfb3de5dc1c6709fedb46d6c89c10da114ab5fc3d281"
export OPENSSL_VERSION="openssl-3.4.0"
export OPENSSL_SHA256="e15dda82fe2fe8139dc2ac21a36d4ca01d5313c75f99f46c4e8a27709b7294bf"
# We need a base set of flags because on Windows using MSVC
# enable-ec_nistp_64_gcc_128 doesn't work since there's no 128-bit type
export OPENSSL_BUILD_FLAGS_WINDOWS="no-ssl3 no-ssl3-method no-zlib no-shared no-module no-comp no-dynamic-engine no-apps no-docs no-sm2-precomp no-atexit"
Expand Down

0 comments on commit f351549

Please sign in to comment.