Skip to content

crypto: handle missing OPENSSL_TLS_SECURITY_LEVEL #58103

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
May 12, 2025
Merged

crypto: handle missing OPENSSL_TLS_SECURITY_LEVEL #58103

merged 1 commit into from
May 12, 2025

Conversation

codebytere
Copy link
Member

@codebytere codebytere commented May 1, 2025
edited
Loading

OPENSSL_TLS_SECURITY_LEVEL isn't defined at all in BoringSSL and will cause compilation failures.

Ref #57323
Ref #56601

See boringssl search results

@codebytere codebytere requested a review from jasnell May 1, 2025 17:51
@nodejs-github-bot
Copy link
Collaborator

Review requested:

  • @nodejs/crypto
  • @nodejs/security-wg

@nodejs-github-bot nodejs-github-bot added dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run. labels May 1, 2025
@codebytere codebytere requested a review from mhdawson May 1, 2025 17:52
mhdawson
mhdawson approved these changes May 1, 2025
View reviewed changes
Copy link
Member

@mhdawson mhdawson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@codebytere codebytere added the request-ci Add this label to start a Jenkins CI on a PR. label May 2, 2025
@codebytere codebytere mentioned this pull request May 2, 2025
Merged
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label May 2, 2025
@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/66544/

@tniessen
Copy link
Member

tniessen commented May 2, 2025

FWIW, the default value is only 1 for OpenSSL < 3.2. On systems that compile and link against OpenSSL >= 3.2, the default value is already 2. That being said, I assume BoringSSL is still targeting OpenSSL 1.0.2/1.1.0/1.1.1 instead of 3.x, so assuming the pre-3.2 default seems reasonable.

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/66621/

@nodejs-github-bot
Copy link
Collaborator

CI: https://ci.nodejs.org/job/node-test-pull-request/66766/

@richardlau richardlau added the commit-queue Add this label to land a pull request using GitHub Actions. label May 12, 2025
@nodejs-github-bot nodejs-github-bot removed the commit-queue Add this label to land a pull request using GitHub Actions. label May 12, 2025
@nodejs-github-bot nodejs-github-bot merged commit f56590e into nodejs:main May 12, 2025
66 checks passed
@nodejs-github-bot
Copy link
Collaborator

Landed in f56590e

targos pushed a commit that referenced this pull request May 16, 2025
@codebytere @targos
crypto: handle missing OPENSSL_TLS_SECURITY_LEVEL
a896eff 
PR-URL: #58103
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
@github-actions github-actions bot mentioned this pull request May 20, 2025
Merged
@aduh95 aduh95 added the backport-requested-v22.x PRs awaiting manual backport to the v22.x-staging branch. label Jun 10, 2025
@aduh95
Copy link
Contributor

aduh95 commented Jun 10, 2025

This does not land cleanly on v22.x-staging

npaun pushed a commit to npaun/ncrypto that referenced this pull request Sep 18, 2025
@codebytere @npaun
crypto: handle missing OPENSSL_TLS_SECURITY_LEVEL
41d3814 
PR-URL: nodejs/node#58103
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
npaun pushed a commit to npaun/ncrypto that referenced this pull request Sep 18, 2025
@codebytere @npaun
crypto: handle missing OPENSSL_TLS_SECURITY_LEVEL
a836bcd 
PR-URL: nodejs/node#58103
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Luigi Pinca <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jasnell jasnell jasnell approved these changes

@lpinca lpinca lpinca approved these changes

@mhdawson mhdawson mhdawson approved these changes

@RafaelGSS RafaelGSS RafaelGSS approved these changes

Assignees
No one assigned
Labels
backport-requested-v22.x PRs awaiting manual backport to the v22.x-staging branch. dependencies Pull requests that update a dependency file. needs-ci PRs that need a full CI run.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
9 participants
@codebytere @nodejs-github-bot @tniessen @aduh95 @jasnell @lpinca @mhdawson @RafaelGSS @richardlau