2022-11-24 12:43:36 +00:00
|
|
|
#!/bin/sh
|
|
|
|
set -e
|
|
|
|
# Shell script to update OpenSSL in the source tree to a specific version
|
2023-05-27 16:58:28 +00:00
|
|
|
# Based on https://github.com/nodejs/node/blob/main/doc/contributing/maintaining/maintaining-openssl.md
|
2022-11-24 12:43:36 +00:00
|
|
|
|
|
|
|
cleanup() {
|
|
|
|
EXIT_CODE=$?
|
|
|
|
[ -d "$WORKSPACE" ] && rm -rf "$WORKSPACE"
|
|
|
|
exit $EXIT_CODE
|
|
|
|
}
|
|
|
|
|
2024-01-07 09:07:11 +00:00
|
|
|
download() {
|
|
|
|
LATEST_TAG_NAME="$("$NODE" --input-type=module <<'EOF'
|
2023-06-19 12:53:09 +00:00
|
|
|
const res = await fetch('https://api.github.com/repos/quictls/openssl/git/matching-refs/tags/openssl-3.0');
|
|
|
|
if (!res.ok) throw new Error(`FetchError: ${res.status} ${res.statusText}`, { cause: res });
|
|
|
|
const releases = await res.json()
|
|
|
|
const latest = releases.findLast(({ ref }) => ref.includes('quic'));
|
2024-01-07 09:07:11 +00:00
|
|
|
if(!latest) throw new Error(`Could not find latest release`);
|
2023-06-19 12:53:09 +00:00
|
|
|
console.log(latest.ref.replace('refs/tags/',''));
|
|
|
|
EOF
|
|
|
|
)"
|
2024-01-07 09:07:11 +00:00
|
|
|
NEW_VERSION=$(echo "$LATEST_TAG_NAME" | sed 's/openssl-//;s/-/+/g')
|
2023-06-19 12:53:09 +00:00
|
|
|
|
2024-01-07 09:07:11 +00:00
|
|
|
case "$NEW_VERSION" in
|
|
|
|
*quic1) NEW_VERSION_NO_RELEASE="${NEW_VERSION%1}" ;;
|
|
|
|
*) NEW_VERSION_NO_RELEASE="$NEW_VERSION" ;;
|
2023-06-19 12:53:09 +00:00
|
|
|
esac
|
|
|
|
VERSION_H="./deps/openssl/config/archs/linux-x86_64/asm/include/openssl/opensslv.h"
|
|
|
|
CURRENT_VERSION=$(grep "OPENSSL_FULL_VERSION_STR" $VERSION_H | sed -n "s/^.*VERSION_STR \"\(.*\)\"/\1/p")
|
|
|
|
# This function exit with 0 if new version and current version are the same
|
2024-01-07 09:07:11 +00:00
|
|
|
compare_dependency_version "openssl" "$NEW_VERSION_NO_RELEASE" "$CURRENT_VERSION"
|
2023-06-06 09:07:34 +00:00
|
|
|
|
2023-06-19 12:53:09 +00:00
|
|
|
echo "Making temporary workspace..."
|
|
|
|
|
|
|
|
WORKSPACE=$(mktemp -d 2> /dev/null || mktemp -d -t 'tmp')
|
|
|
|
|
|
|
|
cd "$WORKSPACE"
|
|
|
|
echo "Fetching OpenSSL source archive..."
|
|
|
|
|
|
|
|
OPENSSL_TARBALL="openssl.tar.gz"
|
|
|
|
|
2024-01-07 09:07:11 +00:00
|
|
|
curl -sL -o "$OPENSSL_TARBALL" "https://api.github.com/repos/quictls/openssl/tarball/$LATEST_TAG_NAME"
|
2023-06-19 12:53:09 +00:00
|
|
|
|
|
|
|
log_and_verify_sha256sum "openssl" "$OPENSSL_TARBALL"
|
|
|
|
|
|
|
|
gzip -dc "$OPENSSL_TARBALL" | tar xf -
|
|
|
|
|
|
|
|
rm "$OPENSSL_TARBALL"
|
|
|
|
mv quictls-openssl-* openssl
|
|
|
|
echo "Replacing existing OpenSSL..."
|
|
|
|
rm -rf "$DEPS_DIR/openssl/openssl"
|
|
|
|
mv "$WORKSPACE/openssl" "$DEPS_DIR/openssl/"
|
|
|
|
|
2022-11-24 12:43:36 +00:00
|
|
|
echo "All done!"
|
|
|
|
echo ""
|
|
|
|
echo "Please git add openssl, and commit the new version:"
|
|
|
|
echo ""
|
|
|
|
echo "$ git add -A deps/openssl/openssl"
|
2024-01-07 09:07:11 +00:00
|
|
|
echo "$ git commit -m \"deps: upgrade openssl sources to quictls/openssl-$NEW_VERSION\""
|
2022-11-24 12:43:36 +00:00
|
|
|
echo ""
|
2023-06-19 12:53:09 +00:00
|
|
|
# The last line of the script should always print the new version,
|
|
|
|
# as we need to add it to $GITHUB_ENV variable.
|
2024-01-07 09:07:11 +00:00
|
|
|
echo "NEW_VERSION=$NEW_VERSION"
|
2022-11-24 12:43:36 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
regenerate() {
|
|
|
|
command -v perl >/dev/null 2>&1 || { echo >&2 "Error: 'Perl' required but not installed."; exit 1; }
|
|
|
|
command -v nasm >/dev/null 2>&1 || { echo >&2 "Error: 'nasm' required but not installed."; exit 1; }
|
|
|
|
command -v as >/dev/null 2>&1 || { echo >&2 "Error: 'GNU as' required but not installed."; exit 1; }
|
|
|
|
perl -e "use Text::Template">/dev/null 2>&1 || { echo >&2 "Error: 'Text::Template' Perl module required but not installed."; exit 1; }
|
|
|
|
|
|
|
|
echo "Regenerating platform-dependent files..."
|
|
|
|
|
|
|
|
make -C "$DEPS_DIR/openssl/config" clean
|
|
|
|
# Needed for compatibility with nasm on 32-bit Windows
|
2023-05-27 16:58:28 +00:00
|
|
|
# See https://github.com/nodejs/node/blob/main/doc/contributing/maintaining/maintaining-openssl.md#2-execute-make-in-depsopensslconfig-directory
|
2022-11-24 12:43:36 +00:00
|
|
|
sed -i 's/#ifdef/%ifdef/g' "$DEPS_DIR/openssl/openssl/crypto/perlasm/x86asm.pl"
|
|
|
|
sed -i 's/#endif/%endif/g' "$DEPS_DIR/openssl/openssl/crypto/perlasm/x86asm.pl"
|
|
|
|
make -C "$DEPS_DIR/openssl/config"
|
|
|
|
|
|
|
|
echo "All done!"
|
|
|
|
echo ""
|
|
|
|
echo "Please commit the regenerated files:"
|
|
|
|
echo ""
|
|
|
|
echo "$ git add -A deps/openssl/config/archs deps/openssl/openssl"
|
|
|
|
echo "$ git commit -m \"deps: update archs files for openssl\""
|
|
|
|
echo ""
|
|
|
|
}
|
|
|
|
|
|
|
|
help() {
|
|
|
|
echo "Shell script to update OpenSSL in the source tree to a specific version"
|
|
|
|
echo "Sub-commands:"
|
|
|
|
printf "%-23s %s\n" "help" "show help menu and commands"
|
|
|
|
printf "%-23s %s\n" "download" "download and replace OpenSSL source code with new version"
|
|
|
|
printf "%-23s %s\n" "regenerate" "regenerate platform-specific files"
|
|
|
|
echo ""
|
|
|
|
exit "${1:-0}"
|
|
|
|
}
|
|
|
|
|
|
|
|
main() {
|
|
|
|
if [ ${#} -eq 0 ]; then
|
|
|
|
help 0
|
|
|
|
fi
|
|
|
|
|
|
|
|
trap cleanup INT TERM EXIT
|
|
|
|
|
|
|
|
BASE_DIR=$(cd "$(dirname "$0")/../.." && pwd)
|
|
|
|
DEPS_DIR="$BASE_DIR/deps"
|
|
|
|
|
2023-06-19 12:53:09 +00:00
|
|
|
[ -z "$NODE" ] && NODE="$BASE_DIR/out/Release/node"
|
|
|
|
[ -x "$NODE" ] || NODE=$(command -v node)
|
|
|
|
|
|
|
|
# shellcheck disable=SC1091
|
|
|
|
. "$BASE_DIR/tools/dep_updaters/utils.sh"
|
|
|
|
|
2022-11-24 12:43:36 +00:00
|
|
|
case ${1} in
|
2024-01-07 09:07:11 +00:00
|
|
|
help | regenerate | download )
|
2022-11-24 12:43:36 +00:00
|
|
|
$1 "${2}"
|
|
|
|
;;
|
|
|
|
* )
|
|
|
|
echo "unknown command: $1"
|
|
|
|
help 1
|
2024-03-30 15:23:30 +00:00
|
|
|
|
|
|
|
# shellcheck disable=SC2317
|
2022-11-24 12:43:36 +00:00
|
|
|
exit 1
|
|
|
|
;;
|
|
|
|
esac
|
|
|
|
}
|
|
|
|
|
|
|
|
main "$@"
|