From b31196f60656fa19c737fb015c94de19ac43dc85 Mon Sep 17 00:00:00 2001 From: Jose-Luis Rivas Date: Thu, 9 Feb 2017 02:00:36 +0000 Subject: community/nodejs-current: upgrade to v7.5.0 No need for the use-system-ca-certs.patch since it's already merged into upstream. Removing the bundled certs from source makes it unbuildable and there's no need to remove it from source. --- community/nodejs-current/use-system-ca-certs.patch | 63 ---------------------- 1 file changed, 63 deletions(-) delete mode 100644 community/nodejs-current/use-system-ca-certs.patch (limited to 'community/nodejs-current/use-system-ca-certs.patch') diff --git a/community/nodejs-current/use-system-ca-certs.patch b/community/nodejs-current/use-system-ca-certs.patch deleted file mode 100644 index 6e46c74b40..0000000000 --- a/community/nodejs-current/use-system-ca-certs.patch +++ /dev/null @@ -1,63 +0,0 @@ -From: Jakub Jirutka -Date: Sat, 26 Nov 2016 21:18:00 +0200 -Subject: Use system-provided CA certificates instead of bundled ones - ---- a/src/node_crypto.cc -+++ b/src/node_crypto.cc -@@ -116,8 +116,8 @@ - - static Mutex* mutexes; - --const char* const root_certs[] = { --#include "node_root_certs.h" // NOLINT(build/include_order) -+const char* root_certs[] = { -+ NULL - }; - - X509_STORE* root_cert_store; -@@ -688,25 +688,33 @@ - - - static X509_STORE* NewRootCertStore() { -+ X509_STORE* store = X509_STORE_new(); -+ - if (!root_certs_vector) { - root_certs_vector = new std::vector; - -- for (size_t i = 0; i < arraysize(root_certs); i++) { -- BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i])); -- X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr); -- BIO_free(bp); -- -- if (x509 == nullptr) { -- // Parse errors from the built-in roots are fatal. -- ABORT(); -- return nullptr; -- } -+ BIO* bio = BIO_new(BIO_s_file()); -+ if (bio == nullptr) { -+ abort(); -+ return nullptr; -+ } -+ -+ if (BIO_read_filename(bio, "/etc/ssl/certs/ca-certificates.crt") == 1) { -+ STACK_OF(X509_INFO)* certs = PEM_X509_INFO_read_bio(bio, nullptr, nullptr, nullptr); - -- root_certs_vector->push_back(x509); -+ for (int i = 0; i < sk_X509_INFO_num(certs); i++) { -+ X509* cert = sk_X509_INFO_value(certs, i)->x509; -+ -+ if (cert) { -+ X509_up_ref(cert); -+ root_certs_vector->push_back(cert); -+ } -+ } -+ sk_X509_INFO_pop_free(certs, X509_INFO_free); - } -+ BIO_free_all(bio); - } - -- X509_STORE* store = X509_STORE_new(); - for (auto& cert : *root_certs_vector) { - X509_up_ref(cert); - X509_STORE_add_cert(store, cert); -- cgit v1.2.3