[v16.x] src: add --openssl-legacy-provider option (!42972) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/danbev/backport-40478-to-v16.x into v16.x-staging May 05, 2022

This commit adds an option to Node.js named --openssl-legacy-provider and if specified will load OpenSSL 3.0 Legacy provider when dynamically linking Node.js v16.x with OpenSSL 3.0.

Building:
$ ./configure --shared-openssl \
 --shared-openssl-libpath=/path/openssl_quic-3.0/lib64 \
 --shared-openssl-includes=/path/openssl_quic-3.0/include \
 --shared-openssl-libname=crypto,ssl
$ make -j8

Verify option is available:

$ ./node --help
...
--openssl-legacy-provider  enable OpenSSL 3.0 legacy provider

Usage:

$ export LD_LIBRARY_PATH=/path/openssl_quic-3.0/lib64
$ export OPENSSL_MODULES=/path/openssl_quic-3.0/lib64/ossl-modules/
$ export OPENSSL_CONF=/path/openssl_quic-3.0/ssl/openssl.cnf
$ ./node --openssl-legacy-provider  -p 'crypto.createHash("md4")'
Hash {
  _options: undefined,
  [Symbol(kHandle)]: Hash {},
  [Symbol(kState)]: { [Symbol(kFinalized)]: false }
}

Fixes: https://github.com/nodejs/node/issues/40948

Refs: https://github.com/nodejs/node/issues/40455 PR-URL: https://github.com/nodejs/node/pull/40478 Reviewed-By: Richard Lau rlau@redhat.com Reviewed-By: Tobias Nießen tniessen@tnie.de

Admin message

Admin message

[v16.x] src: add --openssl-legacy-provider option

Merge request reports