aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--main/nodejs/APKBUILD23
-rw-r--r--main/nodejs/dont-run-gyp-files-for-bundled-deps.patch23
-rw-r--r--main/nodejs/use-system-ca-certs.patch90
3 files changed, 64 insertions, 72 deletions
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index efa15e52c7..292efebbcb 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -1,7 +1,8 @@
+# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Jose-Luis Rivas <ghostbar@riseup.net>
pkgname=nodejs
-pkgver=6.7.0
-pkgrel=1
+pkgver=7.2.0
+pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine"
url="http://nodejs.org/"
arch="all"
@@ -56,12 +57,12 @@ package() {
done
}
-md5sums="a42b7ab2bcf5f8d94a432163d90f3026 node-v6.7.0.tar.gz
-14ce8e0fb44d5bf75974026900e0d8c2 use-system-ca-certs.patch
-5d99a53ef07e15fe882d449ed995bd91 dont-run-gyp-files-for-bundled-deps.patch"
-sha256sums="02b8ee1719a11b9ab22bef9279519efaaf31dd0d39cba4c3a1176ccda400b8d6 node-v6.7.0.tar.gz
-fcd2becd2cb9a62537ae11f51f448fd1061aaae17835bb0f2d2aa71bdf9652c0 use-system-ca-certs.patch
-c20a62b9dd64591b91a0c1dae649ac04cf7aec402672b349f8daa04f2a08a77b dont-run-gyp-files-for-bundled-deps.patch"
-sha512sums="3cd095adc0866b780519006098b434e3b126f67a453e44863c773829de4ce29f573d13efa1c50af001009bdb433728309ef7109e144517ffc5dd5e3251b1f511 node-v6.7.0.tar.gz
-c540878495761f4c38f3cccd61da75fa5619637ba9887b7946964a7cef790178e26678fe0aabe400e32c8f0f65e97a519ceee1534bbf18a1a14bc6e9fe067637 use-system-ca-certs.patch
-a8be538158b7c96341a407acba30450ddc5c3ad764e7efe728d1ceff64efc3067b177855b9ef91b54400be6a02600d83da4c21a07ae9d7dc0774f92b2006ea8b dont-run-gyp-files-for-bundled-deps.patch"
+md5sums="ea2dd2de3e93b601f576bf24c1ab56ec node-v7.2.0.tar.gz
+a785f2e6018cdace456b0ab518474453 use-system-ca-certs.patch
+5b1b27a33063602990f5495d3b01b587 dont-run-gyp-files-for-bundled-deps.patch"
+sha256sums="c3f53a5d8cea145e25706bb21cdac62f1b3314db35785bcf468558a29cfc352f node-v7.2.0.tar.gz
+e0384006b04fef35c2c5e65d0cde6aae7efbc314d38c3c9ade0ae599f2b77bc2 use-system-ca-certs.patch
+6886ee83f76eb68dc948da844e548f060caf360ca039bb2c1ee7ea0cd2d8dbf3 dont-run-gyp-files-for-bundled-deps.patch"
+sha512sums="80a3eab891894064a7669ea08659eb2f675076476e5436b0a1b78f83ea0ebfcfd226dfe1847b5368a07a1f1bbe3038d3011013b3cbe8d8ed093ec7caa29c9603 node-v7.2.0.tar.gz
+877669ed466606bc6afd67083d82b365a969b6626f4248a7f41249958a96e7bb6a6c656715c7b80e763bb53c6cf5789e604e15e05ff74f58e5441acc560350af use-system-ca-certs.patch
+ba95f21b1e80717ef63941854e7ed412f64a91da068c0dbf0d6d9697333ee266c9f4cd7bf1a01111eeb28aa66adefd8a58cfb3e82debb84b43e35e9dc914dd36 dont-run-gyp-files-for-bundled-deps.patch"
diff --git a/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch b/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch
index d65b456aaf..ba521dc4fc 100644
--- a/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch
+++ b/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch
@@ -1,18 +1,21 @@
-From: Stephen Gallagher <sgallagh@redhat.com>
-Date: Tue, 1 Dec 2015 16:35:29 -0500
+From: Jakub Jirutka <jakub@jirutka.cz>
+Date: Sat, 26 Nov 2016 01:32:00 +0200
Subject: Disable running gyp files for bundled deps
+Author: Stephen Gallagher <sgallagh@redhat.com>
+
+Modified 2016-11-26 by Jakub Jirutka <jakub@jirutka.cz> to update for
+Node.js 7.2.0
+
--- a/Makefile
+++ b/Makefile
-@@ -70,7 +70,7 @@ $(NODE_G_EXE): config.gypi out/Makefile
+@@ -72,8 +72,7 @@
$(MAKE) -C out BUILDTYPE=Debug V=$(V)
ln -fs out/Debug/$(NODE_EXE) $@
--out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp deps/zlib/zlib.gyp deps/v8/build/toolchain.gypi deps/v8/build/features.gypi deps/v8/tools/gyp/v8.gyp node.gyp config.gypi
-+out/Makefile: common.gypi deps/v8/build/toolchain.gypi deps/v8/build/features.gypi deps/v8/tools/gyp/v8.gyp node.gyp config.gypi
+-out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp \
+- deps/zlib/zlib.gyp deps/v8/gypfiles/toolchain.gypi \
++out/Makefile: common.gypi deps/v8/gypfiles/toolchain.gypi \
+ deps/v8/gypfiles/features.gypi deps/v8/src/v8.gyp node.gyp \
+ config.gypi
$(PYTHON) tools/gyp_node.py -f make
-
- config.gypi: configure
---
-2.9.0
-
diff --git a/main/nodejs/use-system-ca-certs.patch b/main/nodejs/use-system-ca-certs.patch
index 014b1cedf1..6e46c74b40 100644
--- a/main/nodejs/use-system-ca-certs.patch
+++ b/main/nodejs/use-system-ca-certs.patch
@@ -1,28 +1,10 @@
From: Jakub Jirutka <jakub@jirutka.cz>
-Date: Sat, 26 Nov 2016 01:32:00 +0200
+Date: Sat, 26 Nov 2016 21:18:00 +0200
Subject: Use system-provided CA certificates instead of bundled ones
-Forwarded: need some feedback before submitting the matter upstream
-Author: Jérémy Lal <kapouer@melix.org>
-Last-Update: 2014-03-02
-
-Modified 2014-05-02 by T.C. Hollingsworth <tchollingsworth@gmail.com> with the
-correct path for Fedora
-
-Modified 2015-12-01 by Stephen Gallagher <sgallagh@redhat.com> to update for
-Node.js 4.2
-
-Modified 2016-03-04 by Stephen Gallagher <sgallagh@redhat.com> to update for
-Node.js 5.4.1
-
-Modified 2016-07-26 by Haikel Guemar <hguemar@fedoraproject.org> to update for
-Node.js 4.4.7
-
-Modified 2016-11-26 by Jakub Jirutka <jakub@jirutka.cz> for Alpine Linux
-
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
-@@ -192,8 +192,8 @@ static X509_NAME *cnnic_ev_name =
+@@ -116,8 +116,8 @@
static Mutex* mutexes;
@@ -33,43 +15,49 @@ Modified 2016-11-26 by Jakub Jirutka <jakub@jirutka.cz> for Alpine Linux
};
X509_STORE* root_cert_store;
-@@ -847,29 +847,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo<Value>& args) {
- CHECK_EQ(sc->ca_store_, nullptr);
+@@ -688,25 +688,33 @@
+
+
+ static X509_STORE* NewRootCertStore() {
++ X509_STORE* store = X509_STORE_new();
++
+ if (!root_certs_vector) {
+ root_certs_vector = new std::vector<X509*>;
- if (!root_cert_store) {
-- root_cert_store = X509_STORE_new();
--
- for (size_t i = 0; i < arraysize(root_certs); i++) {
- BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i]));
-- if (bp == nullptr) {
-- return;
-- }
--
- X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr);
+- BIO_free(bp);
+-
- if (x509 == nullptr) {
-- BIO_free_all(bp);
-- return;
+- // Parse errors from the built-in roots are fatal.
+- ABORT();
+- return nullptr;
- }
--
-- X509_STORE_add_cert(root_cert_store, x509);
--
-- BIO_free_all(bp);
-- X509_free(x509);
-+ if (SSL_CTX_load_verify_locations(sc->ctx_, "/etc/ssl/certs/ca-certificates.crt", NULL) == 1) {
-+ root_cert_store = SSL_CTX_get_cert_store(sc->ctx_);
-+ } else {
-+ // empty store
-+ root_cert_store = X509_STORE_new();
++ BIO* bio = BIO_new(BIO_s_file());
++ if (bio == nullptr) {
++ abort();
++ return nullptr;
++ }
++
++ if (BIO_read_filename(bio, "/etc/ssl/certs/ca-certificates.crt") == 1) {
++ STACK_OF(X509_INFO)* certs = PEM_X509_INFO_read_bio(bio, nullptr, nullptr, nullptr);
+
+- root_certs_vector->push_back(x509);
++ for (int i = 0; i < sk_X509_INFO_num(certs); i++) {
++ X509* cert = sk_X509_INFO_value(certs, i)->x509;
++
++ if (cert) {
++ X509_up_ref(cert);
++ root_certs_vector->push_back(cert);
++ }
++ }
++ sk_X509_INFO_pop_free(certs, X509_INFO_free);
}
-+ } else {
-+ SSL_CTX_set_cert_store(sc->ctx_, root_cert_store);
++ BIO_free_all(bio);
}
- sc->ca_store_ = root_cert_store;
-- SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_);
- }
-
-
---
-2.9.0
-
+- X509_STORE* store = X509_STORE_new();
+ for (auto& cert : *root_certs_vector) {
+ X509_up_ref(cert);
+ X509_STORE_add_cert(store, cert);