chore: various BoringSSL/OpenSSL upstreams

codebytere · codebytere · commit 736a876ba623 · 2021-07-14T11:00:38.000-07:00
- nodejs/node#39136 - nodejs/node#39138 - nodejs/node#39054
diff --git a/patches/node/fix_crypto_tests_to_run_with_bssl.patch b/patches/node/fix_crypto_tests_to_run_with_bssl.patch
@@ -428,19 +428,6 @@ index cae9301517c37c7e90292d71fe5a6086cf55e0be..b9bc86e4d8b897cec583dea16f64f680
    };
  }
  
-diff --git a/test/parallel/test-crypto-ecdh-convert-key.js b/test/parallel/test-crypto-ecdh-convert-key.js
-index f4d5a651ed6b888d3527a462ab5fccee58ea48b6..c0046099df9ec0c7a33ed9baa2127da849871001 100644
---- a/test/parallel/test-crypto-ecdh-convert-key.js
-+++ b/test/parallel/test-crypto-ecdh-convert-key.js
-@@ -117,7 +117,7 @@ if (getCurves().includes('secp256k1')) {
-   // rather than Node's generic error message.
-   const badKey = 'f'.repeat(128);
-   assert.throws(
--    () => ECDH.convertKey(badKey, 'secp256k1', 'hex', 'hex', 'compressed'),
-+    () => ECDH.convertKey(badKey, 'secp521r1', 'hex', 'hex', 'compressed'),
-     /Failed to convert Buffer to EC_POINT/);
- 
-   // Next statement should not throw an exception.
 diff --git a/test/parallel/test-crypto-getcipherinfo.js b/test/parallel/test-crypto-getcipherinfo.js
 index 98d2a52eceac4bc564fd2878f77b50c336a67a66..bcb2de6e354c26816000f2400d9c1d46de01888a 100644
 --- a/test/parallel/test-crypto-getcipherinfo.js
diff --git a/patches/node/fix_handle_boringssl_and_openssl_incompatibilities.patch b/patches/node/fix_handle_boringssl_and_openssl_incompatibilities.patch
@@ -186,19 +186,6 @@ index 271db427fa8539feb30c1712574976fb1f623e91..b2b6af1f9e6db54bdff0be7a567255f4
    if (EVP_PKEY_paramgen(param_ctx.get(), &raw_params) <= 0)
      return EVPKeyCtxPointer();
  
-diff --git a/src/crypto/crypto_ec.cc b/src/crypto/crypto_ec.cc
-index ea4c70ad5d8c844860ba3480fc7ef4205f0a3cdc..cdf8dd47d6e2a5894066cec01fbe347af079ec22 100644
---- a/src/crypto/crypto_ec.cc
-+++ b/src/crypto/crypto_ec.cc
-@@ -314,7 +314,7 @@ void ECDH::SetPrivateKey(const FunctionCallbackInfo<Value>& args) {
-     return THROW_ERR_CRYPTO_OPERATION_FAILED(env,
-         "Failed to set generated public key");
- 
--  EC_KEY_copy(ecdh->key_.get(), new_key.get());
-+  ecdh->key_.reset(EC_KEY_dup(new_key.get()));
-   ecdh->group_ = EC_KEY_get0_group(ecdh->key_.get());
- }
- 
 diff --git a/src/crypto/crypto_hkdf.cc b/src/crypto/crypto_hkdf.cc
 index 0aa96ada47abe4b66fb616c665101278bbe0afb6..1e9a4863c5faea5f6b275483ca16f3a6e8dac25b 100644
 --- a/src/crypto/crypto_hkdf.cc
@@ -251,22 +238,6 @@ diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
 index 13c40dcb757661220288465c39101de0b4018e90..7d1d4400319292a8ddf3afe013b5678f84c25576 100644
 --- a/src/crypto/crypto_util.cc
 +++ b/src/crypto/crypto_util.cc
-@@ -139,7 +139,6 @@ void InitCryptoOnce() {
-   OPENSSL_init_ssl(0, settings);
-   OPENSSL_INIT_free(settings);
-   settings = nullptr;
--#endif
- 
- #ifndef _WIN32
-   if (per_process::cli_options->secure_heap != 0) {
-@@ -160,6 +159,7 @@ void InitCryptoOnce() {
-   }
- #endif
- 
-+#endif
-   // Turn off compression. Saves memory and protects against CRIME attacks.
-   // No-op with OPENSSL_NO_COMP builds of OpenSSL.
-   sk_SSL_COMP_zero(SSL_COMP_get_compression_methods());
 @@ -490,24 +490,14 @@ Maybe<bool> Decorate(Environment* env, Local<Object> obj,
      V(BIO)                                                                    \
      V(PKCS7)                                                                  \
@@ -337,19 +308,6 @@ index ac95612a0b1a856d7fe07efde59786e811f1b98d..aa62753d7c929027f5265fa4330b0429
  #include <openssl/rsa.h>
  #include <openssl/dsa.h>
  #include <openssl/ssl.h>
-diff --git a/src/node.cc b/src/node.cc
-index c9d491f01651ef57fb793dda108469cb7ddccc5c..6a55535b5c6ef72b1cdb366299840a2e78643911 100644
---- a/src/node.cc
-+++ b/src/node.cc
-@@ -1035,7 +1035,7 @@ InitializationResult InitializeOncePerProcess(
-   }
- 
-   if (init_flags & kInitOpenSSL) {
--#if HAVE_OPENSSL
-+#if HAVE_OPENSSL && !defined(OPENSSL_IS_BORINGSSL)
-     {
-       std::string extra_ca_certs;
-       if (credentials::SafeGetenv("NODE_EXTRA_CA_CERTS", &extra_ca_certs))
 diff --git a/src/node_metadata.h b/src/node_metadata.h
 index 4486d5af2c1622c7c8f44401dc3ebb986d8e3c2e..db1769f1b3f1617ed8dbbea57b5e324183b42be2 100644
 --- a/src/node_metadata.h
