diff options
| -rw-r--r-- | .azure-pipelines/ci.yml | 4 | ||||
| -rw-r--r-- | .azure-pipelines/pr.yml | 4 | ||||
| -rw-r--r-- | .github/workflows/build.yml | 6 | ||||
| -rw-r--r-- | Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch | 59 | ||||
| -rwxr-xr-x | Mac/BuildScript/build-installer.py | 7 | ||||
| -rw-r--r-- | Misc/NEWS.d/next/Build/2021-12-20-07-10-41.bpo-46106.5qcv3L.rst | 2 | ||||
| -rw-r--r-- | PCbuild/get_externals.bat | 4 | ||||
| -rw-r--r-- | PCbuild/python.props | 4 | ||||
| -rwxr-xr-x | Tools/ssl/multissltests.py | 2 |
9 files changed, 17 insertions, 75 deletions
diff --git a/.azure-pipelines/ci.yml b/.azure-pipelines/ci.yml index 2284a5f..25cc726 100644 --- a/.azure-pipelines/ci.yml +++ b/.azure-pipelines/ci.yml @@ -57,7 +57,7 @@ jobs: variables: testRunTitle: '$(build.sourceBranchName)-linux' testRunPlatform: linux - openssl_version: 1.1.1l + openssl_version: 1.1.1m steps: - template: ./posix-steps.yml @@ -83,7 +83,7 @@ jobs: variables: testRunTitle: '$(Build.SourceBranchName)-linux-coverage' testRunPlatform: linux-coverage - openssl_version: 1.1.1l + openssl_version: 1.1.1m steps: - template: ./posix-steps.yml diff --git a/.azure-pipelines/pr.yml b/.azure-pipelines/pr.yml index 1a3bf75..e2aae32 100644 --- a/.azure-pipelines/pr.yml +++ b/.azure-pipelines/pr.yml @@ -57,7 +57,7 @@ jobs: variables: testRunTitle: '$(system.pullRequest.TargetBranch)-linux' testRunPlatform: linux - openssl_version: 1.1.1l + openssl_version: 1.1.1m steps: - template: ./posix-steps.yml @@ -83,7 +83,7 @@ jobs: variables: testRunTitle: '$(Build.SourceBranchName)-linux-coverage' testRunPlatform: linux-coverage - openssl_version: 1.1.1l + openssl_version: 1.1.1m steps: - template: ./posix-steps.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e02e9ad..f220aaa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -163,7 +163,7 @@ jobs: needs: check_source if: needs.check_source.outputs.run_tests == 'true' env: - OPENSSL_VER: 1.1.1l + OPENSSL_VER: 1.1.1m PYTHONSTRICTEXTENSIONBUILD: 1 steps: - uses: actions/checkout@v2 @@ -222,7 +222,7 @@ jobs: strategy: fail-fast: false matrix: - openssl_ver: [1.1.1l, 3.0.1] + openssl_ver: [1.1.1m, 3.0.1] env: OPENSSL_VER: ${{ matrix.openssl_ver }} MULTISSL_DIR: ${{ github.workspace }}/multissl @@ -269,7 +269,7 @@ jobs: needs: check_source if: needs.check_source.outputs.run_tests == 'true' env: - OPENSSL_VER: 1.1.1l + OPENSSL_VER: 1.1.1m PYTHONSTRICTEXTENSIONBUILD: 1 ASAN_OPTIONS: detect_leaks=0:allocator_may_return_null=1:handle_segv=0 steps: diff --git a/Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch b/Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch deleted file mode 100644 index 51ccdc2..0000000 --- a/Mac/BuildScript/0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch +++ /dev/null @@ -1,59 +0,0 @@ -From cef404f1e7a598166cbc2fd2e0048f7e2d752ad5 Mon Sep 17 00:00:00 2001 -From: David Carlier <devnexen@gmail.com> -Date: Tue, 24 Aug 2021 22:40:14 +0100 -Subject: [PATCH] Darwin platform allows to build on releases before - Yosemite/ios 8. - -issue #16407 #16408 ---- - crypto/rand/rand_unix.c | 5 +---- - include/crypto/rand.h | 10 ++++++++++ - 2 files changed, 11 insertions(+), 4 deletions(-) - -diff --git a/crypto/rand/rand_unix.c b/crypto/rand/rand_unix.c -index 43f1069d15..0f4525106a 100644 ---- a/crypto/rand/rand_unix.c -+++ b/crypto/rand/rand_unix.c -@@ -34,9 +34,6 @@ - #if defined(__OpenBSD__) - # include <sys/param.h> - #endif --#if defined(__APPLE__) --# include <CommonCrypto/CommonRandom.h> --#endif - - #if defined(OPENSSL_SYS_UNIX) || defined(__DJGPP__) - # include <sys/types.h> -@@ -381,7 +378,7 @@ static ssize_t syscall_random(void *buf, size_t buflen) - if (errno != ENOSYS) - return -1; - } --# elif defined(__APPLE__) -+# elif defined(OPENSSL_APPLE_CRYPTO_RANDOM) - if (CCRandomGenerateBytes(buf, buflen) == kCCSuccess) - return (ssize_t)buflen; - -diff --git a/include/crypto/rand.h b/include/crypto/rand.h -index 5350d3a931..674f840fd1 100644 ---- a/include/crypto/rand.h -+++ b/include/crypto/rand.h -@@ -20,6 +20,16 @@ - - # include <openssl/rand.h> - -+# if defined(__APPLE__) && !defined(OPENSSL_NO_APPLE_CRYPTO_RANDOM) -+# include <Availability.h> -+# if (defined(__MAC_OS_X_VERSION_MIN_REQUIRED) && __MAC_OS_X_VERSION_MIN_REQUIRED >= 101000) || \ -+ (defined(__IPHONE_OS_VERSION_MIN_REQUIRED) && __IPHONE_OS_VERSION_MIN_REQUIRED >= 80000) -+# define OPENSSL_APPLE_CRYPTO_RANDOM 1 -+# include <CommonCrypto/CommonCryptoError.h> -+# include <CommonCrypto/CommonRandom.h> -+# endif -+# endif -+ - /* forward declaration */ - typedef struct rand_pool_st RAND_POOL; - --- -2.33.0 - diff --git a/Mac/BuildScript/build-installer.py b/Mac/BuildScript/build-installer.py index 5365f62..0f8924b 100755 --- a/Mac/BuildScript/build-installer.py +++ b/Mac/BuildScript/build-installer.py @@ -246,10 +246,9 @@ def library_recipes(): result.extend([ dict( - name="OpenSSL 1.1.1l", - url="https://www.openssl.org/source/openssl-1.1.1l.tar.gz", - checksum='ac0d4387f3ba0ad741b0580dd45f6ff3', - patches=['0001-Darwin-platform-allows-to-build-on-releases-before-Y.patch'], + name="OpenSSL 1.1.1m", + url="https://www.openssl.org/source/openssl-1.1.1m.tar.gz", + checksum='8ec70f665c145c3103f6e330f538a9db', buildrecipe=build_universal_openssl, configure=None, install=None, diff --git a/Misc/NEWS.d/next/Build/2021-12-20-07-10-41.bpo-46106.5qcv3L.rst b/Misc/NEWS.d/next/Build/2021-12-20-07-10-41.bpo-46106.5qcv3L.rst new file mode 100644 index 0000000..d3e25f7 --- /dev/null +++ b/Misc/NEWS.d/next/Build/2021-12-20-07-10-41.bpo-46106.5qcv3L.rst @@ -0,0 +1,2 @@ +Updated OpenSSL to 1.1.1m in Windows builds, macOS installer builds, and CI. +Patch by Kumar Aditya.
\ No newline at end of file diff --git a/PCbuild/get_externals.bat b/PCbuild/get_externals.bat index 207f91b..7126d8a 100644 --- a/PCbuild/get_externals.bat +++ b/PCbuild/get_externals.bat @@ -53,7 +53,7 @@ echo.Fetching external libraries... set libraries= set libraries=%libraries% bzip2-1.0.6 if NOT "%IncludeLibffiSrc%"=="false" set libraries=%libraries% libffi-3.4.2 -if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1l +if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1m set libraries=%libraries% sqlite-3.36.0.0 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.12.0 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tk-8.6.12.0 @@ -77,7 +77,7 @@ echo.Fetching external binaries... set binaries= if NOT "%IncludeLibffi%"=="false" set binaries=%binaries% libffi-3.4.2 -if NOT "%IncludeSSL%"=="false" set binaries=%binaries% openssl-bin-1.1.1l +if NOT "%IncludeSSL%"=="false" set binaries=%binaries% openssl-bin-1.1.1m if NOT "%IncludeTkinter%"=="false" set binaries=%binaries% tcltk-8.6.12.0 if NOT "%IncludeSSLSrc%"=="false" set binaries=%binaries% nasm-2.11.06 diff --git a/PCbuild/python.props b/PCbuild/python.props index ce86076..7082788 100644 --- a/PCbuild/python.props +++ b/PCbuild/python.props @@ -67,8 +67,8 @@ <libffiDir>$(ExternalsDir)libffi-3.4.2\</libffiDir> <libffiOutDir>$(ExternalsDir)libffi-3.4.2\$(ArchName)\</libffiOutDir> <libffiIncludeDir>$(libffiOutDir)include</libffiIncludeDir> - <opensslDir>$(ExternalsDir)openssl-1.1.1l\</opensslDir> - <opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1l\$(ArchName)\</opensslOutDir> + <opensslDir>$(ExternalsDir)openssl-1.1.1m\</opensslDir> + <opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1m\$(ArchName)\</opensslOutDir> <opensslIncludeDir>$(opensslOutDir)include</opensslIncludeDir> <nasmDir>$(ExternalsDir)\nasm-2.11.06\</nasmDir> <zlibDir>$(ExternalsDir)\zlib-1.2.11\</zlibDir> diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py index 8fe5b5d..a41cabf 100755 --- a/Tools/ssl/multissltests.py +++ b/Tools/ssl/multissltests.py @@ -47,7 +47,7 @@ OPENSSL_OLD_VERSIONS = [ ] OPENSSL_RECENT_VERSIONS = [ - "1.1.1l", + "1.1.1m", "3.0.1" ] |