2 files changed, 6 insertions, 75 deletions
diff --git a/community/nodejs-current/APKBUILD b/community/nodejs-current/APKBUILD
index 1f46f7dd1f..c93f534849 100644
--- a/community/nodejs-current/APKBUILD
+++ b/community/nodejs-current/APKBUILD
@@ -2,8 +2,8 @@
 # Maintainer: Jose-Luis Rivas <ghostbar@riseup.net>
 pkgname=nodejs-current
 # The current stable version, i.e. non-LTS.
-pkgver=7.2.1
-pkgrel=2
+pkgver=7.5.0
+pkgrel=0
 pkgdesc="JavaScript runtime built on V8 engine - current stable version"
 url="http://nodejs.org/"
 arch="all"
@@ -17,16 +17,12 @@ subpackages="$pkgname-dev $pkgname-doc"
 provides="nodejs"
 replaces="nodejs nodejs-lts"  # nodejs-lts for backward compatibility
 source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz
-	use-system-ca-certs.patch
 	dont-run-gyp-files-for-bundled-deps.patch"
 builddir="$srcdir/node-v$pkgver"
 
 prepare() {
 	default_prepare || return 1
 
-	# Remove bundled CA certificates.
-	rm -f src/node_root_certs.h
-
 	# Remove bundled dependencies that we're not using.
 	rm -rf deps/http_parser deps/openssl deps/uv deps/zlib
 }
@@ -39,6 +35,7 @@ build() {
 		--shared-libuv \
 		--shared-openssl \
 		--shared-http-parser \
+    --openssl-use-def-ca-store \
 		|| return 1
 
 	# we need run mksnapshot at build time so paxmark it early
@@ -60,12 +57,9 @@ package() {
 	done
 }
 
-md5sums="20167fa2b3ef3e17430af4fae9a26427  node-v7.2.1.tar.gz
-a785f2e6018cdace456b0ab518474453  use-system-ca-certs.patch
+md5sums="8b648e7f83ec6f1aa52b3e3b87999761  node-v7.5.0.tar.gz
 5b1b27a33063602990f5495d3b01b587  dont-run-gyp-files-for-bundled-deps.patch"
-sha256sums="fd08b8ba43b0596a7160b09a37113ac03b4b0976ec7e48980b7b8c078aa51b02  node-v7.2.1.tar.gz
-e0384006b04fef35c2c5e65d0cde6aae7efbc314d38c3c9ade0ae599f2b77bc2  use-system-ca-certs.patch
+sha256sums="0da8e0288b5c0f136e650b7119219968720caf88b5a67ef0591555113f0844c2  node-v7.5.0.tar.gz
 6886ee83f76eb68dc948da844e548f060caf360ca039bb2c1ee7ea0cd2d8dbf3  dont-run-gyp-files-for-bundled-deps.patch"
-sha512sums="501f23cbe42bcb5eef785113d05b35e4507fb7e5b9ae474eeef2d9dd12270f08653493b5bc28306f2b3e0db54a3703ba6c3606de66ac8eeb0212670fe192b978  node-v7.2.1.tar.gz
-877669ed466606bc6afd67083d82b365a969b6626f4248a7f41249958a96e7bb6a6c656715c7b80e763bb53c6cf5789e604e15e05ff74f58e5441acc560350af  use-system-ca-certs.patch
+sha512sums="e5f1b37c5d313ca6cc91cb46f49443855d44718599543894f34aad6b921b9fbbc91b8bde720a2e6526d0cdb68ce77f74e1d770dec2b582ad964cd9d1d3c5bfbd  node-v7.5.0.tar.gz
 ba95f21b1e80717ef63941854e7ed412f64a91da068c0dbf0d6d9697333ee266c9f4cd7bf1a01111eeb28aa66adefd8a58cfb3e82debb84b43e35e9dc914dd36  dont-run-gyp-files-for-bundled-deps.patch"
diff --git a/community/nodejs-current/use-system-ca-certs.patch b/community/nodejs-current/use-system-ca-certs.patch
deleted file mode 100644
index 6e46c74b40..0000000000
--- a/community/nodejs-current/use-system-ca-certs.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From: Jakub Jirutka <jakub@jirutka.cz>
-Date: Sat, 26 Nov 2016 21:18:00 +0200
-Subject: Use system-provided CA certificates instead of bundled ones
-
---- a/src/node_crypto.cc
-+++ b/src/node_crypto.cc
-@@ -116,8 +116,8 @@
- 
- static Mutex* mutexes;
- 
--const char* const root_certs[] = {
--#include "node_root_certs.h"  // NOLINT(build/include_order)
-+const char* root_certs[] = {
-+  NULL
- };
- 
- X509_STORE* root_cert_store;
-@@ -688,25 +688,33 @@
- 
- 
- static X509_STORE* NewRootCertStore() {
-+  X509_STORE* store = X509_STORE_new();
-+
-   if (!root_certs_vector) {
-     root_certs_vector = new std::vector<X509*>;
- 
--    for (size_t i = 0; i < arraysize(root_certs); i++) {
--      BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i]));
--      X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr);
--      BIO_free(bp);
--
--      if (x509 == nullptr) {
--        // Parse errors from the built-in roots are fatal.
--        ABORT();
--        return nullptr;
--      }
-+    BIO* bio = BIO_new(BIO_s_file());
-+    if (bio == nullptr) {
-+      abort();
-+      return nullptr;
-+    }
-+
-+    if (BIO_read_filename(bio, "/etc/ssl/certs/ca-certificates.crt") == 1) {
-+      STACK_OF(X509_INFO)* certs = PEM_X509_INFO_read_bio(bio, nullptr, nullptr, nullptr);
- 
--      root_certs_vector->push_back(x509);
-+      for (int i = 0; i < sk_X509_INFO_num(certs); i++) {
-+        X509* cert = sk_X509_INFO_value(certs, i)->x509;
-+
-+        if (cert) {
-+          X509_up_ref(cert);
-+          root_certs_vector->push_back(cert);
-+        }
-+      }
-+      sk_X509_INFO_pop_free(certs, X509_INFO_free);
-     }
-+    BIO_free_all(bio);
-   }
- 
--  X509_STORE* store = X509_STORE_new();
-   for (auto& cert : *root_certs_vector) {
-     X509_up_ref(cert);
-     X509_STORE_add_cert(store, cert);