Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NodeJS should not use openssl library default configuration (openssl_conf) or not read openssl.cnf at all #40366

Closed
jeffrson opened this issue Oct 7, 2021 · 5 comments
Labels
openssl Issues and PRs related to the OpenSSL dependency.

Comments

@jeffrson
Copy link

jeffrson commented Oct 7, 2021

Version

16.10.0, 14.18.0, 12.22.6 (and older)

Platform

Microsoft Windows NT 10.0.19043.0 x64

Subsystem

crypto

What steps will reproduce the bug?

  • have an environment variable pointing to a file openssl.cnf:
    export OPENSSL_CONF=`pwd`/openssl.cnf

  • put an invalid file there:

[default
  • try code like this (from ssh2)
var crypto = require('crypto');
var eddsaSupported = (function() {
  if (typeof crypto.sign === 'function'
      && typeof crypto.verify === 'function') {
    var key = '-----BEGIN PRIVATE KEY-----\r\nMC4CAQAwBQYDK2VwBCIEIHKj+sVa9WcD'
              + '/q2DJUJaf43Kptc8xYuUQA4bOFj9vC8T\r\n-----END PRIVATE KEY-----';
    var data = Buffer.from('a');
    var sig;
    var verified;
    try {
      sig = crypto.sign(null, data, key);
      verified = crypto.verify(null, data, key, sig);
    } catch (ex) {}
    return (Buffer.isBuffer(sig) && sig.length === 64 && verified === true);
  }

  return false;
})();

console.log(eddsaSupported)

How often does it reproduce? Is there a required condition?

always

What is the expected behavior?

Should output "true"

What do you see instead?

"false"
(true only for valid file content

[default]

)

Additional information

Well, actually I came here to suggest that NodeJS should use its "own" default section (see openssl_conf in https://www.openssl.org/docs/man1.1.1/man5/config.html). Now I would prefer that NodeJS isn't following env:OPENSSL_CONF and/or reading its target at all.

I had the default openssl.cnf from OpenSSL3 (even if NodeJS does not support it, this problem is completely unrelated).

The file contains these lines (among others):

openssl_conf = openssl_init

[openssl_init]
providers = provider_sect

[provider_sect]
default = default_sect

[default_sect]
#activate = 1

Now it seems, due to the environment variable (see step to reproduce above), NodeJS (or one of the libraries it uses) is reading openssl.cnf and via openssl_conf/openssl_init it tries to load a library "providers.dll" which fails because it is does not exist. Don't know what happens if it would be found. Maybe at least code in DLL Entrypoint is executed?

Failing to load "providers.dll" crypto.sign (see code snippet) failed.

According to OpenSSL documentation (https://www.openssl.org/docs/man1.1.1/man5/config.html), openssl_conf is used by the openssl utility, while other applications may (should!) use an alternative name.

So I suggest either use an application specific section name (nodejs_conf?) and be tolerant with format errors or disable reading of openssl.cnf at all. For the first, mistakes or unknown entries in openssl.cnf don't break NodeJS while it could be configured if necessary. But - can there be such need anyway?

I think it's a big problem that a rather unrelated file may break NodeJS execution (needless to mention it took me some time to figure this out...)

@Mesteery Mesteery added the openssl Issues and PRs related to the OpenSSL dependency. label Oct 7, 2021
@mhdawson
Copy link
Member

@danbev what is your take on this?

@danbev
Copy link
Contributor

danbev commented Oct 14, 2021

@mhdawson This is how it currently how it works using the environment variable OPENSSL_CONF or --openssl-config if set, and if there is an issue with the format of that file there should be an error message, something like:

$ cat out/Release/obj.target/deps/openssl/openssl2.cnf
[default
$ ./node --openssl-config=out/Release/obj.target/deps/openssl/openssl2.cnf -p 'crypto.createHash("md4")'
OPENSSL_CONF: 
openssl-config: out/Release/obj.target/deps/openssl/openssl2.cnf
OpenSSL configuration error:
808725745B7F0000:error:07000064:configuration file routines:def_load_bio:missing close square bracket:../deps/openssl/openssl/crypto/conf/conf_def.c:366:line 1

But if this is causing issues, which it obviously is and I'm sorry about that, I think we should look closer at how this is done and how it can be improved. I like the idea of using a specific section name for Node.js which I was not aware it was possible.

@mhdawson
Copy link
Member

I think we should look closer at how this is done and how it can be improved.
+1

@Felipevillajr
Copy link

found this when I was searching for a fix to my npm issue.

https://stackoverflow.com/questions/70159252/npm-not-working-openssl-configuration-error-windows10x64

currently don't know enough about the OpenSSL config set up and how it relates to node or npm. Think you may be correct in your assertion that it should use it own native command since in my comp it seems to be looking for files in postgres, which I do not have installed currently. Could it have been me updating to the newest node? sry if this is off topic.

danbev added a commit to danbev/node that referenced this issue May 17, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

Refs: nodejs#40366
danbev added a commit to danbev/node that referenced this issue May 18, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

Refs: nodejs#40366
danbev added a commit to danbev/node that referenced this issue May 30, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

Refs: nodejs#40366
danbev added a commit to danbev/node that referenced this issue May 31, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

Refs: nodejs#40366
danbev added a commit that referenced this issue May 31, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: #43124
Refs: #40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danbev added a commit that referenced this issue May 31, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: #43124
Refs: #40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
@danbev
Copy link
Contributor

danbev commented May 31, 2022

Closing this as I believe #43124 has dealt with this issue.

@danbev danbev closed this as completed May 31, 2022
F3n67u pushed a commit to F3n67u/node that referenced this issue Jun 1, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
F3n67u pushed a commit to F3n67u/node that referenced this issue Jun 1, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
italojs pushed a commit to italojs/node that referenced this issue Jun 6, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
italojs pushed a commit to italojs/node that referenced this issue Jun 6, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danielleadams pushed a commit that referenced this issue Jun 11, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: #43124
Refs: #40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danielleadams pushed a commit that referenced this issue Jun 11, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: #43124
Refs: #40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jun 22, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jun 22, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danbev added a commit to danbev/node that referenced this issue Jun 23, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danbev added a commit to danbev/node that referenced this issue Jun 23, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danbev added a commit to danbev/node that referenced this issue Jun 23, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
danbev added a commit to danbev/node that referenced this issue Jun 27, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 11, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Backport-PR-URL: nodejs#43124
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 11, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Backport-PR-URL: nodejs#43782
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 11, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Backport-PR-URL: nodejs#43782
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 11, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 12, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 13, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Backport-PR-URL: nodejs#43782
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 18, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit to RafaelGSS/node that referenced this issue Jul 18, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs#43124
Refs: nodejs#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Backport-PR: nodejs#43892
targos pushed a commit that referenced this issue Jul 20, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: #43124
Backport-PR-URL: #43892
Refs: #40366
Refs: nodejs/nodejs.org#4713
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
RafaelGSS pushed a commit that referenced this issue Jul 21, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: #43124
Refs: #40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Backport-PR-URL: #43782

Refs: nodejs/nodejs.org#4713
Reviewed-By: Matteo Collina <[email protected]>
Reviewed-By: Richard Lau <[email protected]>
targos pushed a commit that referenced this issue Jul 31, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: #43124
Backport-PR-URL: #43892
Refs: #40366
Refs: nodejs/nodejs.org#4713
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
guangwong pushed a commit to noslate-project/node that referenced this issue Oct 10, 2022
This commit adds the setting of an appname (configuration section
name), 'nodejs_conf', to be used when reading OpenSSL configuration
files.

The motivation for this is that currently the default OpenSSL
configuration, 'openssl_conf', element will be used which may be
undesirable as it might configure OpenSSL in unwanted ways. With this
commit it is still possible to use a default openssl.cnf file but the
only section that Node.js will read from is a section named
'nodejs_conf'.

PR-URL: nodejs/node#43124
Backport-PR-URL: nodejs/node#43545
Refs: nodejs/node#40366
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
guangwong pushed a commit to noslate-project/node that referenced this issue Oct 10, 2022
This commit adds a new command line option named
'--openssl-shared-config' intended to allow reverting to the old OpenSSL
configuration behavior where Node.js would use the configuration section
name (called appname in OpenSSL) 'openssl_conf' which could potentially
be used my other applications..

PR-URL: nodejs/node#43124
Backport-PR-URL: nodejs/node#43892
Refs: nodejs/node#40366
Refs: nodejs/nodejs.org#4713
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Rafael Gonzaga <[email protected]>
Reviewed-By: Beth Griggs <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
openssl Issues and PRs related to the OpenSSL dependency.
Projects
None yet
Development

No branches or pull requests

5 participants