diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD index db2f0af2a8e3..2ff044f7d45c 100644 --- a/main/nodejs/APKBUILD +++ b/main/nodejs/APKBUILD @@ -7,7 +7,7 @@ pkgname=nodejs # Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)! # Odd-numbered versions are supported only for 9 months by upstream. -pkgver=6.10.3 +pkgver=6.11.0 pkgrel=0 pkgdesc="JavaScript runtime built on V8 engine - LTS version" url="http://nodejs.org/" @@ -22,7 +22,6 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-npm::noarch" provides="nodejs-lts=$pkgver" # for backward compatibility replaces="nodejs-current nodejs-lts" # nodejs-lts for backward compatibility source="https://nodejs.org/dist/v$pkgver/node-v$pkgver.tar.gz - use-system-ca-certs.patch dont-run-gyp-files-for-bundled-deps.patch ppc-fix-musl-mcontext.patch" builddir="$srcdir/node-v$pkgver" @@ -98,7 +97,6 @@ npm() { mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/ } -sha512sums="1aa4b2984893375c9fad675f629a1a1131e1e06778abe92a99ebd472f681e372432c7ff08dfe282848bf2b324cb5cc757dde42523016a16a527360083499c718 node-v6.10.3.tar.gz -316a09f697e244c48d4dcf26ca2bb7e2441fc01ed61ad6b987e24741f93cfcf29f2e6de736ab9e4c014355cd14dd63ae7de1f8c28b5274e3225b1b3412db11d4 use-system-ca-certs.patch +sha512sums="a298232f6393735f2d459eb23f78089dd7eb1bae4907dfe61b286ceb8f93d3131c2dd45f09643089d00e2a4bef0f35739c9c8984f88b34c0ab515793f38eda46 node-v6.11.0.tar.gz a8be538158b7c96341a407acba30450ddc5c3ad764e7efe728d1ceff64efc3067b177855b9ef91b54400be6a02600d83da4c21a07ae9d7dc0774f92b2006ea8b dont-run-gyp-files-for-bundled-deps.patch 54a96cdc103bdffa9ba5283f59c64a35774e272f3a944d6475e3f669f95f7d75bcca6db3b12b9af76ea463f531763105aeabb302872652ced6a2bcb66f1eace0 ppc-fix-musl-mcontext.patch" diff --git a/main/nodejs/use-system-ca-certs.patch b/main/nodejs/use-system-ca-certs.patch deleted file mode 100644 index 7bcde3bbdd8a..000000000000 --- a/main/nodejs/use-system-ca-certs.patch +++ /dev/null @@ -1,86 +0,0 @@ -From f1a0660b9186c3f4d55d7c07219126e199c787f9 Mon Sep 17 00:00:00 2001 -From: Adam Majer -Date: Wed, 21 Dec 2016 11:16:38 +0100 -Subject: [PATCH] crypto: Use system CAs instead of using bundled ones - -NodeJS can already use an external, shared OpenSSL library. This -library knows where to look for OS managed certificates. Allow -a compile-time option to use this CA store by default instead of -using bundled certificates. - -In case when using bundled OpenSSL, the paths are also valid for -majority of Linux systems without additional intervention. If -this is not set, we can use SSL_CERT_DIR to point it to correct -location. - -Fixes: https://github.com/nodejs/node/issues/3159 -PR-URL: https://github.com/nodejs/node/pull/8334 -Reviewed-By: Sam Roberts -Reviewed-By: James M Snell -Reviewed-By: Fedor Indutny - -Source: http://pkgs.fedoraproject.org/cgit/rpms/nodejs.git/tree/0003-crypto-Use-system-CAs-instead-of-using-bundled-ones.patch ---- - configure | 7 +++++++ - src/node_crypto.cc | 4 ++++ - 2 files changed, 11 insertions(+) - -diff --git a/configure b/configure -index 821b8771bc8909d8453bc31e3c8d8dc65368c0e4..e64bad9a030693b726e0974f48aefa6e1ad87723 100755 ---- a/configure -+++ b/configure -@@ -142,10 +142,15 @@ parser.add_option("--openssl-no-asm", - parser.add_option('--openssl-fips', - action='store', - dest='openssl_fips', - help='Build OpenSSL using FIPS canister .o file in supplied folder') - -+parser.add_option('--openssl-use-def-ca-store', -+ action='store_true', -+ dest='use_openssl_ca_store', -+ help='Use OpenSSL supplied CA store instead of compiled-in Mozilla CA copy.') -+ - shared_optgroup.add_option('--shared-http-parser', - action='store_true', - dest='shared_http_parser', - help='link to a shared http_parser DLL instead of static linking') - -@@ -937,10 +942,12 @@ def configure_v8(o): - - def configure_openssl(o): - o['variables']['node_use_openssl'] = b(not options.without_ssl) - o['variables']['node_shared_openssl'] = b(options.shared_openssl) - o['variables']['openssl_no_asm'] = 1 if options.openssl_no_asm else 0 -+ if options.use_openssl_ca_store: -+ o['defines'] += ['NODE_OPENSSL_CERT_STORE'] - if options.openssl_fips: - o['variables']['openssl_fips'] = options.openssl_fips - fips_dir = os.path.join(root_dir, 'deps', 'openssl', 'fips') - fips_ld = os.path.abspath(os.path.join(fips_dir, 'fipsld')) - o['make_fips_settings'] = [ -diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index c5630f30d0bef75ced53b36062bb1f0324dbdb9d..873b37d71b51aa62c8ebd56ea5b182567675e2dd 100644 ---- a/src/node_crypto.cc -+++ b/src/node_crypto.cc -@@ -803,14 +803,18 @@ static X509_STORE* NewRootCertStore() { - root_certs_vector->push_back(x509); - } - } - - X509_STORE* store = X509_STORE_new(); -+#if defined(NODE_OPENSSL_CERT_STORE) -+ X509_STORE_set_default_paths(store); -+#else - for (auto& cert : *root_certs_vector) { - X509_up_ref(cert); - X509_STORE_add_cert(store, cert); - } -+#endif - - return store; - } - - --- -2.12.0 -