Your message dated Wed, 01 Jan 2025 14:45:18 +0000
with message-id <e1tszyi-00bcf3...@fasolo.debian.org>
and subject line Bug#1091807: fixed in nodejs 20.18.1+dfsg-2
has caused the Debian Bug report #1091807,
regarding nodejs: FTBFS against OpenSSL 3.4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1091807: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1091807
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: nodejs
Version: 20.18.1+dfsg-1
Severity: important
Tags: sid patch
control: affects -1 src:openssl
User: pkg-openssl-de...@lists.alioth.debian.org
Usertags: openssl-3.4
The packages FTBFS against OpenSSL 3.4. One test fails due to a change
in the error code, two fail because the hash shake128 and shake256 have
no longer a default hash length.
I made something for the error change and disable the shake* tests,
there is an upstream (node) bug open regarding this. I am attaching two
patches, their description has a bit more information.
Sebastian
>From 2cbcd876e05864d6c81227cc22171e6f6b97a1d2 Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
Date: Tue, 31 Dec 2024 16:44:17 +0100
Subject: [PATCH 1/2] test: update error code in tls-psk-circuit for for
OpenSSL 3.4
Update parallel/test-tls-psk-circuit.js to account for error code
changes in OpenSSL 3.4 and probably later.
https://github.com/nodejs/node/pull/56420
Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
---
test/common/index.js | 4 ++++
test/parallel/test-tls-psk-circuit.js | 5 +++--
2 files changed, 7 insertions(+), 2 deletions(-)
diff --git a/test/common/index.js b/test/common/index.js
index dd8e3cedb9aec..7c062109af6eb 100644
--- a/test/common/index.js
+++ b/test/common/index.js
@@ -1021,6 +1021,10 @@ const common = {
return hasOpenSSL(3, 2);
},
+ get hasOpenSSL34() {
+ return hasOpenSSL(3, 4);
+ },
+
get inFreeBSDJail() {
if (inFreeBSDJail !== null) return inFreeBSDJail;
diff --git a/test/parallel/test-tls-psk-circuit.js b/test/parallel/test-tls-psk-circuit.js
index 2b49161df8326..491eaecd4b4ed 100644
--- a/test/parallel/test-tls-psk-circuit.js
+++ b/test/parallel/test-tls-psk-circuit.js
@@ -66,7 +66,8 @@ const expectedHandshakeErr = common.hasOpenSSL32 ?
'ERR_SSL_SSL/TLS_ALERT_HANDSHAKE_FAILURE' : 'ERR_SSL_SSLV3_ALERT_HANDSHAKE_FAILURE';
test({ psk: USERS.UserB, identity: 'UserC' }, {}, expectedHandshakeErr);
// Recognized user but incorrect secret should fail handshake
-const expectedIllegalParameterErr = common.hasOpenSSL32 ?
- 'ERR_SSL_SSL/TLS_ALERT_ILLEGAL_PARAMETER' : 'ERR_SSL_SSLV3_ALERT_ILLEGAL_PARAMETER';
+const expectedIllegalParameterErr = common.hasOpenSSL34 ? 'ERR_SSL_TLSV1_ALERT_DECRYPT_ERROR' :
+ common.hasOpenSSL32 ?
+ 'ERR_SSL_SSL/TLS_ALERT_ILLEGAL_PARAMETER' : 'ERR_SSL_SSLV3_ALERT_ILLEGAL_PARAMETER';
test({ psk: USERS.UserA, identity: 'UserB' }, {}, expectedIllegalParameterErr);
test({ psk: USERS.UserB, identity: 'UserB' });
--
2.45.2
>From d598fa8b3129870d323fbaa889ab389d28526a1b Mon Sep 17 00:00:00 2001
From: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
Date: Tue, 31 Dec 2024 17:23:35 +0100
Subject: [PATCH 2/2] test: Skip shake* tests on OpenSSL 3.4
shake* requires a length to be set.
Skip the tests for now.
=> https://github.com/nodejs/node/issues/56159
=> https://github.com/openssl/openssl/commit/b911fef216d1386210ec24e201d54d709528abb4
Signed-off-by: Sebastian Andrzej Siewior <sebast...@breakpoint.cc>
---
test/parallel/test-crypto-hash.js | 3 +++
test/parallel/test-crypto-oneshot-hash.js | 3 +++
2 files changed, 6 insertions(+)
diff --git a/test/parallel/test-crypto-hash.js b/test/parallel/test-crypto-hash.js
index af2146982c7a3..aa29d8df20c50 100644
--- a/test/parallel/test-crypto-hash.js
+++ b/test/parallel/test-crypto-hash.js
@@ -182,6 +182,8 @@ assert.throws(
// Test XOF hash functions and the outputLength option.
{
+ // Skip shake XOF due to length requirement.
+ if (!common.hasOpenSSL34) {
// Default outputLengths.
assert.strictEqual(crypto.createHash('shake128').digest('hex'),
'7f9c2ba4e88f827d616045507605853e');
@@ -195,6 +197,7 @@ assert.throws(
.digest('hex'),
'46b9dd2b0ba88d13233b3feb743eeb24' +
'3fcd52ea62b81b82b50c27646ed5762f');
+ }
// Short outputLengths.
assert.strictEqual(crypto.createHash('shake128', { outputLength: 0 })
diff --git a/test/parallel/test-crypto-oneshot-hash.js b/test/parallel/test-crypto-oneshot-hash.js
index 56b4c04a65a1c..80cbe7e589b22 100644
--- a/test/parallel/test-crypto-oneshot-hash.js
+++ b/test/parallel/test-crypto-oneshot-hash.js
@@ -31,6 +31,9 @@ const methods = crypto.getHashes();
const input = fs.readFileSync(fixtures.path('utf8_test_text.txt'));
for (const method of methods) {
+ // Skip shake XOF due to length requirement.
+ if (common.hasOpenSSL34 && (method === 'shake128') || (method === 'shake256'))
+ continue;
for (const outputEncoding of ['buffer', 'hex', 'base64', undefined]) {
const oldDigest = crypto.createHash(method).update(input).digest(outputEncoding || 'hex');
const digestFromBuffer = crypto.hash(method, input, outputEncoding);
--
2.45.2
--- End Message ---
--- Begin Message ---
Source: nodejs
Source-Version: 20.18.1+dfsg-2
Done: Jérémy Lal <kapo...@melix.org>
We believe that the bug you reported is fixed in the latest version of
nodejs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1091...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jérémy Lal <kapo...@melix.org> (supplier of updated nodejs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Wed, 01 Jan 2025 14:34:52 +0100
Source: nodejs
Architecture: source
Version: 20.18.1+dfsg-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Javascript Maintainers
<pkg-javascript-de...@alioth-lists.debian.net>
Changed-By: Jérémy Lal <kapo...@melix.org>
Closes: 1091807
Changes:
nodejs (20.18.1+dfsg-2) unstable; urgency=medium
.
* Depends node-corepack
* Two patches to make some tests pass with openssl 3.4
Closes: #1091807.
Checksums-Sha1:
2223e9769786f6bfa34fb2d9113b8e2c9d05c864 4377 nodejs_20.18.1+dfsg-2.dsc
6695325c83609e96863cc0dda3e469202ec1669e 159660
nodejs_20.18.1+dfsg-2.debian.tar.xz
45a8f439a5e4e7b82ee8e9578a7d440ca81898cd 11732
nodejs_20.18.1+dfsg-2_source.buildinfo
Checksums-Sha256:
8ed840346bb55ac986329ff1f2129a923a6eea995d5f6f4ce46764a8a40b0369 4377
nodejs_20.18.1+dfsg-2.dsc
1a571097bc46993f1a87f243b5b2d85baceeeede66bfb8c47bcbd1e886d3ba88 159660
nodejs_20.18.1+dfsg-2.debian.tar.xz
43fe6d53fa734cd52e8acc2a67b3e5cbb2b17bc73224c3cba410098eb3ce4b59 11732
nodejs_20.18.1+dfsg-2_source.buildinfo
Files:
b98dba51b83b179f0988afd5df89a555 4377 javascript optional
nodejs_20.18.1+dfsg-2.dsc
1bbb425d7b1d56859dcb5712177d18fa 159660 javascript optional
nodejs_20.18.1+dfsg-2.debian.tar.xz
85e3412d658362317df1bb50312d6ba3 11732 javascript optional
nodejs_20.18.1+dfsg-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJGBAEBCAAwFiEEA8Tnq7iA9SQwbkgVZhHAXt0583QFAmd1RJsSHGthcG91ZXJA
bWVsaXgub3JnAAoJEGYRwF7dOfN0B6IQAL5AHhAgv06Q5oJIYADoH83FbbKY65u4
6cQKQ1oTPD/d36LMMeZsfEvsObu1vecJnNzqYJy8bL+S8azOa1aaabpo7uvbxxip
fwloYXcZ1dg1Q/8Xobv9/tLNTvCouSj8cjneWtJewFIvRTzI89/1Ne0EAracN6P6
rQWenO8nl1rgq6IwenAXqqwAy8Na7faok1cQHpUfQkB13BYNU1g8mqZasgASElYL
jyfnOveo3fD8oqCCFXlJyHDnTLLPpF1I7O27zZsVuvB7Dt7O+OljbW1INqnJ0HiG
CenovygFpaAOCSMlJ7x2Sc+dLLnz/f0x/WzKGQKFW+aReqIeUdtJSMCdQYS29Yjq
Y7OvJm+Z+xNAyHvMzn9rnHLo19pjZELUJ83nnA3qG32ntqTqhkMPO8nwhd0lHEr3
lqkLhAIajUjjxSykV9gvgcjiQBU9BKPuC78hdoCbqySiG/KPXyhdoeJOC9f3LeSc
TRMh0oSkyfzBNN2MzFVagB/sTs3JYCcJI9LDvVWbfz87f6ZwvBP2u28w0lMOpsgu
17VoYC1tUUkNTOVijT/A07e2OLhP0Ai+GL1CJFCOEWncIw3bvSkArMo7y5aIlQzu
Hul4RitEhdT4Gog3h4AQ8+r7ezilv7GqnaA8nS6xXTc5LJSRuMf9rOc9v8kRZQak
yD0BnO4sfMJy
=IJtB
-----END PGP SIGNATURE-----
pgpuaccbiiYep.pgp
Description: PGP signature
--- End Message ---
