Open richardlau opened 3 weeks ago
richardlau
commented
2 weeks ago FWIW I've added testing against OpenSSl 3.2 to my copy of node-test-commit-linux-containered: richardlau-node-test-commit-linux-containered
e.g. https://ci.nodejs.org/job/richardlau-node-test-commit-linux-containered/nodes=ubuntu2204_sharedlibs_openssl32_x64/26/consoleFull which is showing the current test failures with main when linked against OpenSSL 3.2.2.
richardlau
commented
2 weeks ago In terms of updating what is included in Node.js, for now we want to stay on the LTS version of OpenSSL (3.0) for as long as possible. OpenSSL have not yet decided/announced what the next LTS version of OpenSSL will be. Making sure Node.js can build and execute tests successfully on later OpenSSL versions should hopefully ease the migration when it is eventually time.
mhdawson
commented
6 days ago For those that want to help move it forward, you can run this job to confirm if you have fixed one of the tests - https://ci.nodejs.org/job/richardlau-node-test-commit-linux-containered/
A number of Node.js tests fail when Node.js is compiled dynamically linked against OpenSSL 3.2 (tested with OpenSSL 3.2.2). i.e.
Full tap results: https://gist.github.com/richardlau/ce642daf2ffd581755232a924f9f8f63
Failures:
out/Release/node /home/nodejs/node/test/parallel/test-crypto-dh.jshttps://github.com/nodejs/node/pull/53503out/Release/node /home/nodejs/node/test/parallel/test-http2-https-fallback.jsAlso fails with OpenSSL 3.0.14 https://github.com/nodejs/node/pull/53373out/Release/node /home/nodejs/node/test/parallel/test-http2-server-unknown-protocol.jsAlso fails with OpenSSL 3.0.14 https://github.com/nodejs/node/pull/53373out/Release/node /home/nodejs/node/test/parallel/test-https-client-checkServerIdentity.jsout/Release/node /home/nodejs/node/test/parallel/test-https-strict.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-alert-handling.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-cert-regression.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-client-getephemeralkeyinfo.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-alpn-server-client.jsAlso fails with OpenSSL 3.0.14 https://github.com/nodejs/node/pull/53373out/Release/node /home/nodejs/node/test/parallel/test-tls-client-mindhsize.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-client-renegotiation-13.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-client-auth.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-client-verify.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-empty-sni-context.jshttps://github.com/nodejs/node/pull/53384out/Release/node --no-warnings /home/nodejs/node/test/parallel/test-tls-dhe.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-getcipher.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-junk-server.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-multiple-cas-as-string.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-peer-certificate-encoding.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-multi-key.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-psk-circuit.jshttps://github.com/nodejs/node/pull/53384out/Release/node /home/nodejs/node/test/parallel/test-tls-sni-server-client.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-set-ciphers.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-sni-option.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-server-verify.jsout/Release/node /home/nodejs/node/test/parallel/test-tls-junk-closes-server.jsalso reported in https://github.com/nodejs/node/issues/52482In our Jenkins CI we currently test in node-test-commit-linux-containered Node.js dynamically linked against OpenSSL 3.0 and 3.1. Addressing the above test failures would be required before we can add testing against OpenSSL 3.2 to the CI.