Merge ~sergiodj/ubuntu/+source/nodejs:backport-openssl-legacy into ubuntu/+source/nodejs:ubuntu/devel
Status: | Needs review | ||||
---|---|---|---|---|---|
Proposed branch: | ~sergiodj/ubuntu/+source/nodejs:backport-openssl-legacy | ||||
Merge into: | ubuntu/+source/nodejs:ubuntu/devel | ||||
Diff against target: |
202 lines (+180/-0) 3 files modified
debian/changelog (+7/-0) debian/patches/series (+1/-0) debian/patches/v16.x-backport-src-add-openssl-legacy-provider-optio.patch (+172/-0) |
||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Athos Ribeiro (community) | Approve | ||
Gianfranco Costamagna | Pending | ||
Canonical Server packageset reviewers | Pending | ||
Review via email:
|
Description of the change
This MP adds support for the --openssl-
This is hopefully the end of a rabbit hole that I got myself into after starting investigating why glewlwyd was FTBFSing during the openldap-2.6 transition mass test rebuild.
As it turns out, glewlwyd's FTBFS isn't related to openldap. What happens is that, during its build phase, it invokes webpack, and the webpack version we carry on Kinetic doesn't support newer crypto hashes. This means that, when it runs, it failes with:
(cd webapp-src && webpack --config webpack.config.js)
node:internal/
this[kHandle] = new _Hash(algorithm, xofLen);
^
Error: error:0308010C:
at new Hash (node:internal/
at Object.createHash (node:crypto:
at module.exports (/usr/share/
at NormalModule.
at handleParseError (/usr/share/
at /usr/share/
at /usr/share/
at /usr/share/
at iterateNormalLo
at iterateNormalLo
at /usr/share/
at context.callback (/usr/share/
at /<<PKGBUILDDIR>
opensslErrorS
library: 'digital envelope routines',
reason: 'unsupported',
code: 'ERR_OSSL_
}
I opened a bug against glewlwyd here: bug #1974107.
Anyway, in order to make openssl happy we need to enable legacy cyphers before we run webpack. One of the ways to do it is by specifying the option --openssl-
I went ahead and backported the patch, which is relatively simple. There's a PPA with the proposed patch here:
https:/
There you will find a built version of glewlwyd as well.
dep8 tests are still running, I will update this MP once I have the results.
Adding a review spot for Gianfranco since he's been working on nodejs lately.