Hello community, here is the log from the commit of package nodejs for openSUSE:Factory checked in at 2016-09-07 11:46:45 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nodejs (Old) and /work/SRC/openSUSE:Factory/.nodejs.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "nodejs" Changes: -------- --- /work/SRC/openSUSE:Factory/nodejs/nodejs.changes 2016-08-22 10:07:24.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs.new/nodejs.changes 2016-09-07 11:46:48.000000000 +0200 @@ -1,0 +2,19 @@ +Thu Sep 1 15:04:21 UTC 2016 - adam.majer@suse.de + +- new upstream version 6.5.0 + * buffer: Fix regression introduced in v6.4.0 that prevented + .write() at buffer end + * deps: update V8 to 5.1.281.75 + * inspector: + + fix inspector hang while disconnecting + + add support for uncaught exception + * repl: Fix saving editor mode text in .save + * Revert "repl,util: insert carriage returns in output" + +------------------------------------------------------------------- +Wed Aug 31 11:10:16 UTC 2016 - adam.majer@suse.de + +- 8334.diff - https://github.com/nodejs/node/pull/8334 + * use system CA store instead of one provided by Node + +------------------------------------------------------------------- Old: ---- node-v6.4.0.tar.xz New: ---- 8334.diff node-v6.5.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nodejs.spec ++++++ --- /var/tmp/diff_new_pack.ksSKjG/_old 2016-09-07 11:46:49.000000000 +0200 +++ /var/tmp/diff_new_pack.ksSKjG/_new 2016-09-07 11:46:49.000000000 +0200 @@ -18,7 +18,7 @@ %define npm_version 3.10.3 Name: nodejs -Version: 6.4.0 +Version: 6.5.0 Release: 0 %if 0%{?suse_version} > 1320 || 0%{?sle_version} >= 120200 @@ -52,6 +52,7 @@ Source2: nodejs.keyring Source3: SHASUMS256.txt ## UPSTREAM PATCHES HERE, if any +Patch1: https://patch-diff.githubusercontent.com/raw/nodejs/node/pull/8334.diff ## Our patches Patch101: support-arm64-build.patch @@ -137,6 +138,7 @@ %prep echo "`grep node-v%{version}.tar.xz %{S:1} | head -n1 | cut -c1-64` %{S:0}" | sha256sum -c %setup -q -n node-v%{version} +%patch1 -p1 %patch101 -p1 %patch102 -p1 # we also need to search 64bit path @@ -177,7 +179,8 @@ %if %{with gdb} --gdb \ %endif - --without-dtrace + --without-dtrace \ + --use-system-ca-store make %{?_smp_mflags} ++++++ 8334.diff ++++++ Source: https://github.com/nodejs/node/pull/8334 Author: Adam Majer <amajer@suse.de> Summary: add option to use system CA store diff --git a/configure b/configure index 42dac5f..0dd5fd4 100755 --- a/configure +++ b/configure @@ -187,6 +187,11 @@ shared_optgroup.add_option('--shared-openssl-libpath', dest='shared_openssl_libpath', help='a directory to search for the shared OpenSSL DLLs') +shared_optgroup.add_option('--use-system-ca-store', + action='store_true', + dest='use_system_ca_store', + help='use system supplied Root CA store instead of bundled copy') + shared_optgroup.add_option('--shared-zlib', action='store_true', dest='shared_zlib', @@ -905,6 +910,8 @@ def configure_openssl(o): o['variables']['node_use_openssl'] = b(not options.without_ssl) o['variables']['node_shared_openssl'] = b(options.shared_openssl) o['variables']['openssl_no_asm'] = 1 if options.openssl_no_asm else 0 + if options.use_system_ca_store: + o['defines'] += ['NODE_SYSTEM_CERT_STORE'] if options.openssl_fips: o['variables']['openssl_fips'] = options.openssl_fips fips_dir = os.path.join(root_dir, 'deps', 'openssl', 'fips') diff --git a/src/node_crypto.cc b/src/node_crypto.cc index 9cf216f..ec7f7d2 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -751,6 +751,23 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo<Value>& args) { CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { +#if defined(NODE_SYSTEM_CERT_STORE) + // *Assume* OpenSSL is setup correctly, which is the case + // for distribution supplied versions. + // + // If this does not work, define SSL_CERT_DIR environment + if (SSL_CTX_set_default_verify_paths(sc->ctx_)) { + root_cert_store = SSL_CTX_get_cert_store(sc->ctx_); + // root_cert_store created here is already assigned to the SSL_CTX + // so when it is assigned again below, the reference is dropped by 1 + // and then we will delete root store with the SSL_CTX deletion. + // Increase references to 2 to avoid this scenario. + CRYPTO_add(&root_cert_store->references, 1, CRYPTO_LOCK_X509_STORE); + } else { + // failed to load, default to nothing + root_cert_store = X509_STORE_new(); + } +#else /* Use supplied certificates */ root_cert_store = X509_STORE_new(); for (size_t i = 0; i < arraysize(root_certs); i++) { @@ -770,9 +787,12 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo<Value>& args) { BIO_free_all(bp); X509_free(x509); } +#endif // defined(USE_SYSTEM_CERTIFICATE_STORE) } sc->ca_store_ = root_cert_store; + // increment reference count so global store is not deleted along with CTX + CRYPTO_add(&root_cert_store->references, 1, CRYPTO_LOCK_X509_STORE); SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_); } diff --git a/src/node_crypto.h b/src/node_crypto.h index 24ac773..fd3e2ce 100644 --- a/src/node_crypto.h +++ b/src/node_crypto.h @@ -142,13 +142,6 @@ class SecureContext : public BaseObject { void FreeCTXMem() { if (ctx_) { env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize); - if (ctx_->cert_store == root_cert_store) { - // SSL_CTX_free() will attempt to free the cert_store as well. - // Since we want our root_cert_store to stay around forever - // we just clear the field. Hopefully OpenSSL will not modify this - // struct in future versions. - ctx_->cert_store = nullptr; - } SSL_CTX_free(ctx_); if (cert_ != nullptr) X509_free(cert_); ++++++ SHASUMS256.txt.asc ++++++ --- /var/tmp/diff_new_pack.ksSKjG/_old 2016-09-07 11:46:50.000000000 +0200 +++ /var/tmp/diff_new_pack.ksSKjG/_new 2016-09-07 11:46:50.000000000 +0200 @@ -1,59 +1,59 @@ -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 -4d04f11e12a360a0d5c6da5cd393fbe75a13f111a492c2a12185992b83542f9c node-v6.4.0-darwin-x64.tar.gz -ffbb7c4f65a262bb682d60b04ad822f195e90c263d4a13ce27d59d84067e1269 node-v6.4.0-darwin-x64.tar.xz -6e094188a1c6dda967d160a92ec55ff9b46120a2207291eb067404dbf9cbd6c6 node-v6.4.0-headers.tar.gz -e6eff7186e51a9defa51088bb53a32e7f821000b4879ee5bb2c1c0eda9feb979 node-v6.4.0-headers.tar.xz -42493fcd0266949b219bb4a0f36e1e765f266aed104c594cff012b906dcc53c1 node-v6.4.0-linux-arm64.tar.gz -8c7bfba97061f15d567a5e5725ebeb795192a055074d7266d9de36a8acb3ab9a node-v6.4.0-linux-arm64.tar.xz -94e97543f4f32f6b8368d37c6ea8eebcbf43dd2fa170e02166d9887646d42ec4 node-v6.4.0-linux-armv6l.tar.gz -b55b65a1918b321ead91af1ae9b50517ad8bed5358a9efcdaa18019c6e73f41e node-v6.4.0-linux-armv6l.tar.xz -51fddefc79a2e8303b975345eea10128a2180a3f40c06238c77daa3c0009b8c4 node-v6.4.0-linux-armv7l.tar.gz -48b9db9e41d7832afeafb48a0b95b11ec736ac881a60742b82819bdefe1ea48e node-v6.4.0-linux-armv7l.tar.xz -9e28554ec3f4f18d675d952f00f1f06535254c9513b5cde3d6f9241be4ef063a node-v6.4.0-linux-ppc64le.tar.gz -7d2a0e86ffeace9e1650255fc88637518666ed4a983bf39a68fedddb800cbcb1 node-v6.4.0-linux-ppc64le.tar.xz -43b3091418816b3576b48d6a462bc96eec1d2cb107164631d8b5887a597b1992 node-v6.4.0-linux-ppc64.tar.gz -b3259edbdeb88773799b3b5fdd34e8e58741cf2ab15528f5d0a6600102c9df92 node-v6.4.0-linux-ppc64.tar.xz -990636e44b9f7a270cf82f988e5faecb5850fcda9580da65e5721b90ed3dddb2 node-v6.4.0-linux-x64.tar.gz -54ecdb5578cac005ef179f07d421e70bd8a966bc50b5a319188a7b36cf3e441c node-v6.4.0-linux-x64.tar.xz -3630f172fee9c30ef95df3972ae9b2b234273ad504f245e0db363797fa2c08f4 node-v6.4.0-linux-x86.tar.gz -26d8de42de0599d33e893522f9ca389eacc6afc2c28f3fdd91505c3ceafed0d0 node-v6.4.0-linux-x86.tar.xz -4d27bd28de1b5cfdc1305915855d6024ac9e2b16bc443829ff93b796a880a3aa node-v6.4.0.pkg -16f316b4195f480a0b318c27c30d84f60f9a0cf567b4f083aad0db733a64aaec node-v6.4.0-sunos-x64.tar.gz -87933629f7e4897abf388ee40a5d077791238cd0d93994d106c063a4a56e1df3 node-v6.4.0-sunos-x64.tar.xz -96b24de07ad692e74a8543df3e965bb9ee337130a5c2cf2531c6290e934cda54 node-v6.4.0-sunos-x86.tar.gz -e26276a5f9798a421b17abfc530273edf8e70e3fd07c85024229b4a137ec6c1b node-v6.4.0-sunos-x86.tar.xz -a58c930618cf5b0862aa329a626e850519036acfcd746983010c9946df1797d0 node-v6.4.0.tar.gz -49b6882db88a9b08939b1d06e4e926bec0d6f4f67eee3bdb475e3487c6bd7dac node-v6.4.0.tar.xz -3dd69f45fba97337f57481cb167696822b5d2657740fc6eff2cfea1a017a546f node-v6.4.0-win-x64.7z -bb994370e43c1539e11588a86e69064459141b6984b705f1c79a1a13181193b9 node-v6.4.0-win-x64.zip -765cc4330e5efbbd099d095430ad945fc150b90f888fb77f33f72ad2b2e0693e node-v6.4.0-win-x86.7z -5709ddfb479522632f9f1246f1e328a22341e61b44174d60e63996f558a5453d node-v6.4.0-win-x86.zip -c2f9970ff7402078f4210f981f96672c28bba018b4390517cbc4a1a785a4b7b7 node-v6.4.0-x64.msi -35df69a68e14e9029589b22d79211c4b73cdf70a6df42777ad86e1e5b0fb759a node-v6.4.0-x86.msi -150ea62e87a087390172aa0e97030658faf5622c2ade2c7ee12acc8d336c40e3 win-x64/node.exe -479666193acab8c4e730e9a8a2d4754353b0d7d72f653f971b749ce74ed2c722 win-x64/node.lib -e82cc3aa5820bd76c6829839dd602ca77814cd0870b21557ab5fa991d36085f6 win-x64/node_pdb.7z -8d133f15030a453b14dd96166d7d63da79c6c143c3d4f190cd5bbb3110ef8db1 win-x64/node_pdb.zip -2401cead2af0d68f3d7aa7b65f57d0a512aa825e2c3cd8e02ac8ec208ee4f5e6 win-x86/node.exe -6bc07f4adfc312e538fe1ce0ca9d59da1f299a11e20ad2daf4f114f6dd196a78 win-x86/node.lib -2ffc4b2ddf0efd32e6fe75ceda06baec12e8e183c9d2da09f63e6c7a90964144 win-x86/node_pdb.7z -eee8297bec4cb4ac5be35a9dacc08a45491a596229a802d5d1083ed5256f3097 win-x86/node_pdb.zip +352cee438dc55942aebac054e8a2e14b6784056c66465105e2b3bfc55832927f node-v6.5.0-darwin-x64.tar.gz +ab34b3f0eb4cf8015f66c6301462ab45b0438a7603f8917d0de2e530499251df node-v6.5.0-darwin-x64.tar.xz +e69e5cfbd610a624161ed2f7c11ea61c4ea7187dc42bca1dedc434da1901f4c8 node-v6.5.0-headers.tar.gz +e5cf641c8180c5156ca3d64ef4fc1f9ba74b36418e7132067bc22f71391fed28 node-v6.5.0-headers.tar.xz +e3d208d3b054301e2bd572d71c7c325ddc0a7e4c2cc4278053e2375e841f6d99 node-v6.5.0-linux-arm64.tar.gz +d6480ab5bcfd124f471c7b535e6c2211addfc4f8c0dfa3d8777452f766c3f6ab node-v6.5.0-linux-arm64.tar.xz +fff3d363117b8c9beff3c4a89fd48d51dfd55b9dc2e9c2957be79a3c20bd570f node-v6.5.0-linux-armv6l.tar.gz +9925f224715bd1473eaee3d2167c3c4bd4da9bbb7ff04b4f458b06ffce9e19ca node-v6.5.0-linux-armv6l.tar.xz +ea03725d8cee9528d75fdb2060f62ce96a719bc0f5f35f5ad2dd982bb09c1429 node-v6.5.0-linux-armv7l.tar.gz +b667b914cfe46116a32fe9a369409282c48a0831542381f6d256be4200f824c8 node-v6.5.0-linux-armv7l.tar.xz +36c7e7449db335a591fc55b77d7eab13576a296ec3be5ea557c8e7a54c061928 node-v6.5.0-linux-ppc64le.tar.gz +52ad6d5030be62ac6072d08e0ee8fa25e50c3295107e1ff34abd3d31b1d67db4 node-v6.5.0-linux-ppc64le.tar.xz +0330b57d8161d06d68b5d86b8b8a924f48c7266a70816c2c1d306196246cea21 node-v6.5.0-linux-ppc64.tar.gz +6f93a0756a2036da183320d8dd1abc8ffd908b6d2258aa1e4d47dd12ba49816d node-v6.5.0-linux-ppc64.tar.xz +575638830e4ba11c5afba5c222934bc5e338e74df2f27ca09bad09014b4aa415 node-v6.5.0-linux-x64.tar.gz +8737539ff6e9341add78bf2e72932d62e8d830fc59449f97350dc60cc7c19805 node-v6.5.0-linux-x64.tar.xz +12d5b79b8b914c2439b6aa542b47f28c0d6dc9c5438eeda629f26021eb839dac node-v6.5.0-linux-x86.tar.gz +192c71b5d821471b424846eb1fa1ce40432b5e7e4afc3e5d07d9a91bf264923f node-v6.5.0-linux-x86.tar.xz +bc79776fa04870cbdb3cc874d91b22c506caa6fc218cdcf1e2538e3de2248957 node-v6.5.0.pkg +71ae256a6bd8bb8c7e1af88ec4702022eecf911cea786e6dac21b25bc5f1ece7 node-v6.5.0-sunos-x64.tar.gz +fa8efe91f25084bce9a2dd3205fb7ced930dd0dc4175e98079098c23945c5bf8 node-v6.5.0-sunos-x64.tar.xz +e1ce32adfd7e205ed949f0a372bd75d1bbb404274de667e30ef2a99386f30a71 node-v6.5.0-sunos-x86.tar.gz +ddd7fbeafdf1e64d94d682a042c2a5bda079341d0a040b2df43d9ec960d35634 node-v6.5.0-sunos-x86.tar.xz +d7742558bb3331e41510d6e6f1f7b13c0527aecc00a63c3e05fcfd44427ff778 node-v6.5.0.tar.gz +ddf2056a9164c723db707b6c016f9e617f17166298dc88c5a7cb1d7d5ddb1290 node-v6.5.0.tar.xz +e00570c8e40b8d0564c5735554a5c5128d1c442e08d16539cb9b26bee2aae632 node-v6.5.0-win-x64.7z +0c0962800916c7104ce6643302b2592172183d76e34997823be3978b5ee34cf2 node-v6.5.0-win-x64.zip +979bce12ca20761b5c13af8a0d30da65432878014d787e9c3487e2ae97d8becd node-v6.5.0-win-x86.7z +36f2aa668018db296fafa7e6b330a32124145e54254403e63fa5efb44c9b900f node-v6.5.0-win-x86.zip +2a269b0b9fee2c502d4a81168f12315e9d55396641522249931f0f88e02638c4 node-v6.5.0-x64.msi +93db364a5f519e8a29bb2279b470da7708f3869bcb4f8d597121f58f12f9b0fc node-v6.5.0-x86.msi +fa8e6336dec13f79341b0b69430f96372eb44fce4cdc451aa7fb6d3c9783cf42 win-x64/node.exe +ee4e1a0d686ec4db73f2b3798cb8e5896945fc8f45b3693d83898df3ebebc857 win-x64/node.lib +d055f32f2fbd020c4142319668a5d4bbbc68a6a4eeb2e0f2decd44c1f11925e9 win-x64/node_pdb.7z +bd5d83ed60b9bc68c42a006443f1b33e61a41f9ffacc7822d540305101e3d4f1 win-x64/node_pdb.zip +a808a2322508e6f629426c7d7267710577113918f8c156534a7611df3f4e35e1 win-x86/node.exe +f8269a2e0d2e05380b8f94686504b9e7eefbc91db6379839d24a02b8d0ecc30d win-x86/node.lib +a7fffce30ed9442997b9f3f19a5c482594fddb9f2ddf8e1250b918146b939d35 win-x86/node_pdb.7z +2ba0106d5c7bb82560846b90f0826f3bc605157680d83afe34ec8e3c635c95a5 win-x86/node_pdb.zip -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org -iQIcBAEBCgAGBQJXsyeVAAoJEHQ0OQvb6bnFc0QP/irn694UVjab4jILQeeFQNT1 -BzoCPcm7MN75dxMGu/2tzpnkEyQLTlqb69Ikhixy7edqzpI3oj8X7TRdduSkZgwD -/JzwbKSoXcUHdqNBbyuGq0AWfG03/VqJJ1V5fSmKDETdPAvqwKdedwMD+geXKlZw -0NcMpa4qtIq+5waVeQOUyEpDS8UpveZDlb8Ih1q6cddhiBmu0QvxmUB7ehXc2n6p -B/MQAaUKurYpz2m+HQI5M7G6htDFWNomAXoMgBnjdn3Sj2e+32QwvhYleVR4pIGW -wjXhkbIRyIiHUwTq1clBWWovFW1wx/nvYHSAonNFfab1SwRUIyMEAcgyLDLBXaE7 -HKpqrdsSA2AwqwIE/5lKOZMPX7SrPGUzMvgRT0X3lfg2MxDGYwxP+w5dudM8v4r9 -TX5IP1SiSykf5/EwcH0DLRFkATo5gBGEh2DnV37zv8aSgeCqAG1Yq4O5PLPIBHfk -vK0r9r7G2o5Hq0fsQC7nuf3vAuImc64p2RHvGRkPKJQcFfo6RBFtBd/0+AAgPg2p -ywk4HRP1vj3WxzrN4MIj3K8Id36NwGu9fFZHwTuzyHXkGsxMlVHLCT9Lh4g5o7if -bh4i/AnZJYUzrqyQ/7wpbKrRIwpQl99SGii2ZNjajDCp/bT8xM6czKTRV3A4npjH -GKimGdNeYQ7iUigdekY7 -=nn+Y +iQIcBAEBCgAGBQJXxD66AAoJELY7U1pMIGypRpMP/Rgy2gvIoYJ1MilGjR/ygZd0 +2u+5noks4NMcRl+e1NGAJNez7zPmnxW+3icarhPhwFxP6XSYLTIMlQKf6VR5yIRW +utwpDonxOd+xL5elhfsLx2bPdHVE/L2mIZbIlHgoBdXBo1YdBlXCxi1U31JMG8u3 +ckrG9o5IP69zuWA+M4D0yEu3K+6TeWPksVPQMNKJU9S+sLgbgkZN1BMgsG+JHz4/ +/5t6fOhf8mbYYas8BXY/jTvrLAGn3/BQDHh553Ap/0gQd66k1dAY0jmhyVsssrqg +C4AnBiCc55fy4zQYR47i4DhYiJ06SQZk+woCpfaLfWrb5rqsyW8Fy7D4AdFOJMcP +EqDkUnMbYwnPYtKatXRT+NUXtMXYzSIDQAQo1N9E4nsVKkR+Ka1GC6d3lRUPYD1K +xL4FEsL8aCd0mxkRikzd31no+NgzkORqRuK46tFAfbBykJR9E30lN6cx7gQWuiNM ++EfKkc4EvKMamvhzOC8okDCsY+v/M2aVL/vVOB7SlTQeTmB8nWFtr5i7BUk7zgLC +NLETY0k+DRWqhPa8L6xlCacPcji9zad3wHOcty3dMTtEv8chjHtMpoGsWKFwlYPA +yG1irBagemHetAEbzdFEDJQFlt+/IxrIpOLHjkH6BZ7bkvunMmbF3QxNFKGfm7ZS +iIPARMq27v97O038HKlq +=qM+Q -----END PGP SIGNATURE----- ++++++ node-v6.4.0.tar.xz -> node-v6.5.0.tar.xz ++++++ /work/SRC/openSUSE:Factory/nodejs/node-v6.4.0.tar.xz /work/SRC/openSUSE:Factory/.nodejs.new/node-v6.5.0.tar.xz differ: char 26, line 1