From b6204466c1209de5a0794c475096429fdb457a16 Mon Sep 17 00:00:00 2001 From: Ned Deily <nad@python.org> Date: Tue, 15 Mar 2022 15:30:49 -0400 Subject: [PATCH] bpo-47024: Update Windows builds and macOS installer build to use OpenSSL 1.1.1n. (GH-31911) --- .azure-pipelines/ci.yml | 4 ++-- .azure-pipelines/pr.yml | 4 ++-- .github/workflows/build.yml | 2 +- .github/workflows/coverage.yml | 2 +- Mac/BuildScript/build-installer.py | 6 +++--- .../next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst | 1 + PCbuild/get_externals.bat | 4 ++-- PCbuild/python.props | 4 ++-- Tools/ssl/multissltests.py | 2 +- 9 files changed, 15 insertions(+), 14 deletions(-) create mode 100644 Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst diff --git a/.azure-pipelines/ci.yml b/.azure-pipelines/ci.yml index b9070a4e00a..eaaa88c9634 100644 --- a/.azure-pipelines/ci.yml +++ b/.azure-pipelines/ci.yml @@ -61,7 +61,7 @@ jobs: variables: testRunTitle: '$(build.sourceBranchName)-linux' testRunPlatform: linux - openssl_version: 1.1.1g + openssl_version: 1.1.1n steps: - template: ./posix-steps.yml @@ -118,7 +118,7 @@ jobs: variables: testRunTitle: '$(Build.SourceBranchName)-linux-coverage' testRunPlatform: linux-coverage - openssl_version: 1.1.1g + openssl_version: 1.1.1n steps: - template: ./posix-steps.yml diff --git a/.azure-pipelines/pr.yml b/.azure-pipelines/pr.yml index 026e2835596..7f01f8b25c2 100644 --- a/.azure-pipelines/pr.yml +++ b/.azure-pipelines/pr.yml @@ -61,7 +61,7 @@ jobs: variables: testRunTitle: '$(system.pullRequest.TargetBranch)-linux' testRunPlatform: linux - openssl_version: 1.1.1g + openssl_version: 1.1.1n steps: - template: ./posix-steps.yml @@ -118,7 +118,7 @@ jobs: variables: testRunTitle: '$(Build.SourceBranchName)-linux-coverage' testRunPlatform: linux-coverage - openssl_version: 1.1.1g + openssl_version: 1.1.1n steps: - template: ./posix-steps.yml diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 4678b2d1187..530eba70b5b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -77,7 +77,7 @@ jobs: needs: check_source if: needs.check_source.outputs.run_tests == 'true' env: - OPENSSL_VER: 1.1.1f + OPENSSL_VER: 1.1.1n steps: - uses: actions/checkout@v2 - name: Install Dependencies diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml index bfb077b2994..762cdb5ab21 100644 --- a/.github/workflows/coverage.yml +++ b/.github/workflows/coverage.yml @@ -23,7 +23,7 @@ jobs: name: 'Ubuntu (Coverage)' runs-on: ubuntu-latest env: - OPENSSL_VER: 1.1.1f + OPENSSL_VER: 1.1.1n steps: - uses: actions/checkout@v2 - name: Install Dependencies diff --git a/Mac/BuildScript/build-installer.py b/Mac/BuildScript/build-installer.py index 4fab4882efa..76078dcd22c 100755 --- a/Mac/BuildScript/build-installer.py +++ b/Mac/BuildScript/build-installer.py @@ -209,9 +209,9 @@ def library_recipes(): result.extend([ dict( - name="OpenSSL 1.1.1g", - url="https://www.openssl.org/source/openssl-1.1.1g.tar.gz", - checksum='76766e98997660138cdaf13a187bd234', + name="OpenSSL 1.1.1n", + url="https://www.openssl.org/source/openssl-1.1.1n.tar.gz", + checksum='2aad5635f9bb338bc2c6b7d19cbc9676', buildrecipe=build_universal_openssl, configure=None, install=None, diff --git a/Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst b/Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst new file mode 100644 index 00000000000..235ece3c3d2 --- /dev/null +++ b/Misc/NEWS.d/next/Build/2022-03-15-11-53-10.bpo-47024.p3PjRy.rst @@ -0,0 +1 @@ +Update Windows builds and macOS installer build to use OpenSSL 1.1.1n. diff --git a/PCbuild/get_externals.bat b/PCbuild/get_externals.bat index 9c7f81542ed..677a6a41ab6 100644 --- a/PCbuild/get_externals.bat +++ b/PCbuild/get_externals.bat @@ -49,7 +49,7 @@ echo.Fetching external libraries... set libraries= set libraries=%libraries% bzip2-1.0.8 -if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1g +if NOT "%IncludeSSLSrc%"=="false" set libraries=%libraries% openssl-1.1.1n set libraries=%libraries% sqlite-3.31.1.0 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tcl-core-8.6.9.0 if NOT "%IncludeTkinterSrc%"=="false" set libraries=%libraries% tk-8.6.9.0 @@ -72,7 +72,7 @@ for %%e in (%libraries%) do ( echo.Fetching external binaries... set binaries= -if NOT "%IncludeSSL%"=="false" set binaries=%binaries% openssl-bin-1.1.1g +if NOT "%IncludeSSL%"=="false" set binaries=%binaries% openssl-bin-1.1.1n if NOT "%IncludeTkinter%"=="false" set binaries=%binaries% tcltk-8.6.9.0 if NOT "%IncludeSSLSrc%"=="false" set binaries=%binaries% nasm-2.11.06 diff --git a/PCbuild/python.props b/PCbuild/python.props index d3ad12c7283..296bfd637bf 100644 --- a/PCbuild/python.props +++ b/PCbuild/python.props @@ -49,8 +49,8 @@ <sqlite3Dir>$(ExternalsDir)sqlite-3.31.1.0\</sqlite3Dir> <bz2Dir>$(ExternalsDir)bzip2-1.0.8\</bz2Dir> <lzmaDir>$(ExternalsDir)xz-5.2.2\</lzmaDir> - <opensslDir>$(ExternalsDir)openssl-1.1.1g\</opensslDir> - <opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1g\$(ArchName)\</opensslOutDir> + <opensslDir>$(ExternalsDir)openssl-1.1.1n\</opensslDir> + <opensslOutDir>$(ExternalsDir)openssl-bin-1.1.1n\$(ArchName)\</opensslOutDir> <opensslIncludeDir>$(opensslOutDir)include</opensslIncludeDir> <nasmDir>$(ExternalsDir)\nasm-2.11.06\</nasmDir> <zlibDir>$(ExternalsDir)\zlib-1.2.11\</zlibDir> diff --git a/Tools/ssl/multissltests.py b/Tools/ssl/multissltests.py index 3818165a836..dc74f8d401e 100755 --- a/Tools/ssl/multissltests.py +++ b/Tools/ssl/multissltests.py @@ -48,7 +48,7 @@ ] OPENSSL_RECENT_VERSIONS = [ - "1.1.1g", + "1.1.1n", # "3.0.0-alpha2" ] -- GitLab