From f2c3b615ec3a500beb7ba272a4c2295dd2c187bc Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 19:48:58 -0500 Subject: [PATCH 01/47] Upgrade to Node.js 4.2.2 (LTS) --- .gitignore | 1 + nodejs-disable-gyp-deps.patch | 33 +- nodejs-revert-utf8-node.patch | 689 ---------------------------------- nodejs-revert-utf8-v8.patch | 91 ----- nodejs-use-system-certs.patch | 73 ++-- nodejs.spec | 81 ++-- sources | 2 +- 7 files changed, 113 insertions(+), 857 deletions(-) delete mode 100644 nodejs-revert-utf8-node.patch delete mode 100644 nodejs-revert-utf8-v8.patch diff --git a/.gitignore b/.gitignore index 27559e5..cca4b28 100644 --- a/.gitignore +++ b/.gitignore @@ -32,3 +32,4 @@ /node-v0.10.32-stripped.tar.gz /node-v0.10.33-stripped.tar.gz /node-v0.10.36-stripped.tar.gz +/node-v4.2.2-stripped.tar.gz diff --git a/nodejs-disable-gyp-deps.patch b/nodejs-disable-gyp-deps.patch index ae48d24..23fe9ee 100644 --- a/nodejs-disable-gyp-deps.patch +++ b/nodejs-disable-gyp-deps.patch @@ -1,26 +1,29 @@ -From 4464455834276c845a63fede515cb62655afb2da Mon Sep 17 00:00:00 2001 -From: "T.C. Hollingsworth" -Date: Tue, 12 Nov 2013 14:51:03 -0700 -Subject: [PATCH] disable running gyp files for bundled deps +From 34a6454fc02ae79362cc03f501bb08fb95495a1b Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Tue, 1 Dec 2015 16:35:29 -0500 +Subject: [PATCH 1/2] disable running gyp files for bundled deps -these aren't used in Fedora --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 8177017..81d150f 100644 +index 02619fac98ddd7bd90648f6493ccf49fcf22c47b..981c3ce4daa8724547979d7646117182399b22db 100644 --- a/Makefile +++ b/Makefile -@@ -43,7 +43,7 @@ node_g: config.gypi out/Makefile - ln -fs out/Debug/node $@ - endif +@@ -47,11 +47,11 @@ $(NODE_EXE): config.gypi out/Makefile --out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp deps/zlib/zlib.gyp deps/v8/build/common.gypi deps/v8/tools/gyp/v8.gyp node.gyp config.gypi -+out/Makefile: common.gypi node.gyp config.gypi - ifeq ($(USE_NINJA),1) - touch out/Makefile - $(PYTHON) tools/gyp_node.py -f ninja + $(NODE_G_EXE): config.gypi out/Makefile + $(MAKE) -C out BUILDTYPE=Debug V=$(V) + ln -fs out/Debug/$(NODE_EXE) $@ + +-out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp deps/zlib/zlib.gyp deps/v8/build/toolchain.gypi deps/v8/build/features.gypi deps/v8/tools/gyp/v8.gyp node.gyp config.gypi ++out/Makefile: common.gypi deps/v8/build/toolchain.gypi deps/v8/build/features.gypi deps/v8/tools/gyp/v8.gyp node.gyp config.gypi + $(PYTHON) tools/gyp_node.py -f make + + config.gypi: configure + if [ -f $@ ]; then + $(error Stale $@, please re-run ./configure) -- -1.8.4.2 +2.5.0 diff --git a/nodejs-revert-utf8-node.patch b/nodejs-revert-utf8-node.patch deleted file mode 100644 index a5a3d59..0000000 --- a/nodejs-revert-utf8-node.patch +++ /dev/null @@ -1,689 +0,0 @@ -From a9e60792a9c4044e29ec7bbb88419d9283044b86 Mon Sep 17 00:00:00 2001 -From: "T.C. Hollingsworth" -Date: Wed, 18 Jun 2014 23:19:19 -0700 -Subject: [PATCH] Revert "src: replace usage of String::Utf8Value" - -This reverts commit 535c7777ac674ba86cf93c44824e07b0e23ea8c4. ---- - src/cares_wrap.cc | 8 ++--- - src/fs_event_wrap.cc | 3 +- - src/node.cc | 42 +++++++++++++------------- - src/node_crypto.cc | 31 ++++++++++--------- - src/node_dtrace.cc | 6 ++-- - src/node_file.cc | 37 +++++++++++------------ - src/node_stat_watcher.cc | 3 +- - src/process_wrap.cc | 9 +++--- - src/udp_wrap.cc | 9 +++--- - src/util.h | 78 ------------------------------------------------ - 10 files changed, 68 insertions(+), 158 deletions(-) - delete mode 100644 src/util.h - -diff --git a/src/cares_wrap.cc b/src/cares_wrap.cc -index 321e144..b7ba828 100644 ---- a/src/cares_wrap.cc -+++ b/src/cares_wrap.cc -@@ -741,7 +739,7 @@ static Handle Query(const Arguments& args) { - // object reference, causing wrap->GetObject() to return undefined. - Local object = Local::New(wrap->GetObject()); - -- node::Utf8Value name(args[0]); -+ String::Utf8Value name(args[0]); - - int r = wrap->Send(*name); - if (r) { -@@ -770,7 +768,7 @@ static Handle QueryWithFamily(const Arguments& args) { - // object reference, causing wrap->GetObject() to return undefined. - Local object = Local::New(wrap->GetObject()); - -- node::Utf8Value name(args[0]); -+ String::Utf8Value name(args[0]); - int family = args[1]->Int32Value(); - - int r = wrap->Send(*name, family); -@@ -900,7 +898,7 @@ static Handle IsIP(const Arguments& args) { - static Handle GetAddrInfo(const Arguments& args) { - HandleScope scope; - -- node::Utf8Value hostname(args[0]); -+ String::Utf8Value hostname(args[0]); - - int fam = AF_UNSPEC; - if (args[1]->IsInt32()) { -diff --git a/src/fs_event_wrap.cc b/src/fs_event_wrap.cc -index fc54283..7e3eb8c 100644 ---- a/src/fs_event_wrap.cc -+++ b/src/fs_event_wrap.cc -@@ -21,7 +21,6 @@ - - #include "node.h" - #include "handle_wrap.h" --#include "util.h" - - #include - -@@ -98,7 +97,7 @@ Handle FSEventWrap::Start(const Arguments& args) { - return ThrowException(Exception::TypeError(String::New("Bad arguments"))); - } - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - int r = uv_fs_event_init(uv_default_loop(), &wrap->handle_, *path, OnEvent, 0); - if (r == 0) { -diff --git a/src/node.cc b/src/node.cc -index e9696cd..8257604 100644 ---- a/src/node.cc -+++ b/src/node.cc -@@ -1102,7 +1100,7 @@ enum encoding ParseEncoding(Handle encoding_v, enum encoding _default) { - - if (!encoding_v->IsString()) return _default; - -- node::Utf8Value encoding(encoding_v); -+ String::Utf8Value encoding(encoding_v); - - if (strcasecmp(*encoding, "utf8") == 0) { - return UTF8; -@@ -1202,12 +1200,12 @@ void DisplayExceptionLine (TryCatch &try_catch) { - - if (!message.IsEmpty()) { - // Print (filename):(line number): (message). -- node::Utf8Value filename(message->GetScriptResourceName()); -+ String::Utf8Value filename(message->GetScriptResourceName()); - const char* filename_string = *filename; - int linenum = message->GetLineNumber(); - fprintf(stderr, "%s:%i\n", filename_string, linenum); - // Print line of source code. -- node::Utf8Value sourceline(message->GetSourceLine()); -+ String::Utf8Value sourceline(message->GetSourceLine()); - const char* sourceline_string = *sourceline; - - // Because of how node modules work, all scripts are wrapped with a -@@ -1254,7 +1252,7 @@ static void ReportException(TryCatch &try_catch, bool show_line) { - - if (show_line) DisplayExceptionLine(try_catch); - -- node::Utf8Value trace(try_catch.StackTrace()); -+ String::Utf8Value trace(try_catch.StackTrace()); - - // range errors have a trace member set to undefined - if (trace.length() > 0 && !try_catch.StackTrace()->IsUndefined()) { -@@ -1269,11 +1267,11 @@ static void ReportException(TryCatch &try_catch, bool show_line) { - !(er->ToObject()->Get(String::New("name"))->IsUndefined()); - - if (isErrorObject) { -- node::Utf8Value name(er->ToObject()->Get(String::New("name"))); -+ String::Utf8Value name(er->ToObject()->Get(String::New("name"))); - fprintf(stderr, "%s: ", *name); - } - -- node::Utf8Value msg(!isErrorObject ? er -+ String::Utf8Value msg(!isErrorObject ? er - : er->ToObject()->Get(String::New("message"))); - fprintf(stderr, "%s\n", *msg); - } -@@ -1355,7 +1353,7 @@ static Handle Chdir(const Arguments& args) { - return ThrowException(Exception::Error(String::New("Bad argument."))); - } - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - uv_err_t r = uv_chdir(*path); - -@@ -1406,7 +1404,7 @@ static Handle Umask(const Arguments& args) { - oct = args[0]->Uint32Value(); - } else { - oct = 0; -- node::Utf8Value str(args[0]); -+ String::Utf8Value str(args[0]); - - // Parse the octal string. - for (int i = 0; i < str.length(); i++) { -@@ -1512,7 +1510,7 @@ static uid_t uid_by_name(Handle value) { - if (value->IsUint32()) { - return static_cast(value->Uint32Value()); - } else { -- node::Utf8Value name(value); -+ String::Utf8Value name(value); - return uid_by_name(*name); - } - } -@@ -1522,7 +1520,7 @@ static gid_t gid_by_name(Handle value) { - if (value->IsUint32()) { - return static_cast(value->Uint32Value()); - } else { -- node::Utf8Value name(value); -+ String::Utf8Value name(value); - return gid_by_name(*name); - } - } -@@ -1665,7 +1663,7 @@ static Handle InitGroups(const Arguments& args) { - return ThrowTypeError("argument 2 must be a number or a string"); - } - -- node::Utf8Value arg0(args[0]); -+ String::Utf8Value arg0(args[0]); - gid_t extra_group; - bool must_free; - char* user; -@@ -1826,7 +1824,7 @@ Handle DLOpen(const v8::Arguments& args) { - } - - Local module = args[0]->ToObject(); // Cast -- node::Utf8Value filename(args[1]); // Cast -+ String::Utf8Value filename(args[1]); // Cast - - if (exports_symbol.IsEmpty()) { - exports_symbol = NODE_PSYMBOL("exports"); -@@ -1842,7 +1840,7 @@ Handle DLOpen(const v8::Arguments& args) { - return ThrowException(Exception::Error(errmsg)); - } - -- node::Utf8Value path(args[1]); -+ String::Utf8Value path(args[1]); - base = *path; - - /* Find the shared library filename within the full path. */ -@@ -1961,7 +1959,7 @@ static Handle Binding(const Arguments& args) { - HandleScope scope; - - Local module = args[0]->ToString(); -- node::Utf8Value module_v(module); -+ String::Utf8Value module_v(module); - node_module_struct* modp; - - if (binding_cache.IsEmpty()) { -@@ -2020,7 +2018,7 @@ static void ProcessTitleSetter(Local property, - Local value, - const AccessorInfo& info) { - HandleScope scope; -- node::Utf8Value title(value); -+ String::Utf8Value title(value); - // TODO: protect with a lock - uv_set_process_title(*title); - } -@@ -2030,7 +2028,7 @@ static Handle EnvGetter(Local property, - const AccessorInfo& info) { - HandleScope scope; - #ifdef __POSIX__ -- node::Utf8Value key(property); -+ String::Utf8Value key(property); - const char* val = getenv(*key); - if (val) { - return scope.Close(String::New(val)); -@@ -2059,8 +2057,8 @@ static Handle EnvSetter(Local property, - const AccessorInfo& info) { - HandleScope scope; - #ifdef __POSIX__ -- node::Utf8Value key(property); -- node::Utf8Value val(value); -+ String::Utf8Value key(property); -+ String::Utf8Value val(value); - setenv(*key, *val, 1); - #else // _WIN32 - String::Value key(property); -@@ -2080,7 +2078,7 @@ static Handle EnvQuery(Local property, - const AccessorInfo& info) { - HandleScope scope; - #ifdef __POSIX__ -- node::Utf8Value key(property); -+ String::Utf8Value key(property); - if (getenv(*key)) { - return scope.Close(Integer::New(0)); - } -@@ -2108,7 +2106,7 @@ static Handle EnvDeleter(Local property, - const AccessorInfo& info) { - HandleScope scope; - #ifdef __POSIX__ -- node::Utf8Value key(property); -+ String::Utf8Value key(property); - if (!getenv(*key)) return False(); - unsetenv(*key); // can't check return value, it's void on some platforms - return True(); -diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index 46faba2..0ae1f8a 100644 ---- a/src/node_crypto.cc -+++ b/src/node_crypto.cc -@@ -242,7 +241,7 @@ Handle SecureContext::Init(const Arguments& args) { - OPENSSL_CONST SSL_METHOD *method = SSLv23_method(); - - if (args.Length() == 1 && args[0]->IsString()) { -- node::Utf8Value sslmethod(args[0]); -+ String::Utf8Value sslmethod(args[0]); - - if (strcmp(*sslmethod, "SSLv2_method") == 0) { - #ifndef OPENSSL_NO_SSL2 -@@ -362,7 +361,7 @@ static BIO* LoadBIO (Handle v) { - int r = -1; - - if (v->IsString()) { -- node::Utf8Value s(v); -+ String::Utf8Value s(v); - r = BIO_write(bio, *s, s.length()); - } else if (Buffer::HasInstance(v)) { - char* buffer_data = Buffer::Data(v); -@@ -414,7 +413,7 @@ Handle SecureContext::SetKey(const Arguments& args) { - BIO *bio = LoadBIO(args[0]); - if (!bio) return False(); - -- node::Utf8Value passphrase(args[1]); -+ String::Utf8Value passphrase(args[1]); - - EVP_PKEY* key = PEM_read_bio_PrivateKey(bio, NULL, NULL, - len == 1 ? NULL : *passphrase); -@@ -644,7 +643,7 @@ Handle SecureContext::SetCiphers(const Arguments& args) { - return ThrowException(Exception::TypeError(String::New("Bad parameter"))); - } - -- node::Utf8Value ciphers(args[0]); -+ String::Utf8Value ciphers(args[0]); - SSL_CTX_set_cipher_list(sc->ctx_, *ciphers); - - return True(); -@@ -673,7 +672,7 @@ Handle SecureContext::SetSessionIdContext(const Arguments& args) { - return ThrowException(Exception::TypeError(String::New("Bad parameter"))); - } - -- node::Utf8Value sessionIdContext(args[0]); -+ String::Utf8Value sessionIdContext(args[0]); - const unsigned char* sid_ctx = (const unsigned char*) *sessionIdContext; - unsigned int sid_ctx_len = sessionIdContext.length(); - -@@ -1281,7 +1280,7 @@ Handle Connection::New(const Arguments& args) { - if (is_server) { - SSL_CTX_set_tlsext_servername_callback(sc->ctx_, SelectSNIContextCallback_); - } else { -- node::Utf8Value servername(args[2]); -+ String::Utf8Value servername(args[2]); - SSL_set_tlsext_host_name(p->ssl_, *servername); - } - #endif -@@ -2234,7 +2233,7 @@ class Cipher : public ObjectWrap { - ssize_t key_written = DecodeWrite(key_buf, key_buf_len, args[1], BINARY); - assert(key_written == key_buf_len); - -- node::Utf8Value cipherType(args[0]); -+ String::Utf8Value cipherType(args[0]); - - bool r = cipher->CipherInit(*cipherType, key_buf, key_buf_len); - -@@ -2285,7 +2284,7 @@ class Cipher : public ObjectWrap { - ssize_t iv_written = DecodeWrite(iv_buf, iv_len, args[2], BINARY); - assert(iv_written == iv_len); - -- node::Utf8Value cipherType(args[0]); -+ String::Utf8Value cipherType(args[0]); - - bool r = cipher->CipherInitIv(*cipherType, key_buf,key_len,iv_buf,iv_len); - -@@ -2544,7 +2543,7 @@ class Decipher : public ObjectWrap { - ssize_t key_written = DecodeWrite(key_buf, key_len, args[1], BINARY); - assert(key_written == key_len); - -- node::Utf8Value cipherType(args[0]); -+ String::Utf8Value cipherType(args[0]); - - bool r = cipher->DecipherInit(*cipherType, key_buf,key_len); - -@@ -2595,7 +2594,7 @@ class Decipher : public ObjectWrap { - ssize_t iv_written = DecodeWrite(iv_buf, iv_len, args[2], BINARY); - assert(iv_written == iv_len); - -- node::Utf8Value cipherType(args[0]); -+ String::Utf8Value cipherType(args[0]); - - bool r = cipher->DecipherInitIv(*cipherType, key_buf,key_len,iv_buf,iv_len); - -@@ -2776,7 +2775,7 @@ class Hmac : public ObjectWrap { - return ThrowException(exception); - } - -- node::Utf8Value hashType(args[0]); -+ String::Utf8Value hashType(args[0]); - - bool r; - -@@ -2921,7 +2920,7 @@ class Hash : public ObjectWrap { - "Must give hashtype string as argument"))); - } - -- node::Utf8Value hashType(args[0]); -+ String::Utf8Value hashType(args[0]); - - Hash *hash = new Hash(); - if (!hash->HashInit(*hashType)) { -@@ -3095,7 +3094,7 @@ class Sign : public ObjectWrap { - "Must give signtype string as argument"))); - } - -- node::Utf8Value signType(args[0]); -+ String::Utf8Value signType(args[0]); - - bool r = sign->SignInit(*signType); - -@@ -3328,7 +3327,7 @@ class Verify : public ObjectWrap { - "Must give verifytype string as argument"))); - } - -- node::Utf8Value verifyType(args[0]); -+ String::Utf8Value verifyType(args[0]); - - bool r = verify->VerifyInit(*verifyType); - -@@ -3511,7 +3510,7 @@ class DiffieHellman : public ObjectWrap { - String::New("No group name given"))); - } - -- node::Utf8Value group_name(args[0]); -+ String::Utf8Value group_name(args[0]); - - modp_group* it = modp_groups; - -diff --git a/src/node_dtrace.cc b/src/node_dtrace.cc -index 0b2d0f4..4b851e3 100644 ---- a/src/node_dtrace.cc -+++ b/src/node_dtrace.cc -@@ -68,7 +66,7 @@ using namespace v8; - return (ThrowException(Exception::Error(String::New("expected " \ - "object for " #obj " to contain string member " #member)))); \ - } \ -- node::Utf8Value _##member(obj->Get(String::New(#member))); \ -+ String::Utf8Value _##member(obj->Get(String::New(#member))); \ - if ((*(const char **)valp = *_##member) == NULL) \ - *(const char **)valp = ""; - -@@ -243,7 +241,7 @@ Handle DTRACE_HTTP_SERVER_REQUEST(const Arguments& args) { - "object for request to contain string member headers")))); - - Local strfwdfor = headers->Get(String::New("x-forwarded-for")); -- node::Utf8Value fwdfor(strfwdfor); -+ String::Utf8Value fwdfor(strfwdfor); - - if (!strfwdfor->IsString() || (req.forwardedFor = *fwdfor) == NULL) - req.forwardedFor = const_cast(""); -diff --git a/src/node_file.cc b/src/node_file.cc -index 3c35e0b..f665b19 100644 ---- a/src/node_file.cc -+++ b/src/node_file.cc -@@ -404,7 +403,7 @@ static Handle Stat(const Arguments& args) { - if (args.Length() < 1) return TYPE_ERROR("path required"); - if (!args[0]->IsString()) return TYPE_ERROR("path must be a string"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - if (args[1]->IsFunction()) { - ASYNC_CALL(stat, args[1], *path) -@@ -421,7 +420,7 @@ static Handle LStat(const Arguments& args) { - if (args.Length() < 1) return TYPE_ERROR("path required"); - if (!args[0]->IsString()) return TYPE_ERROR("path must be a string"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - if (args[1]->IsFunction()) { - ASYNC_CALL(lstat, args[1], *path) -@@ -459,12 +458,12 @@ static Handle Symlink(const Arguments& args) { - if (!args[0]->IsString()) return TYPE_ERROR("dest path must be a string"); - if (!args[1]->IsString()) return TYPE_ERROR("src path must be a string"); - -- node::Utf8Value dest(args[0]); -- node::Utf8Value path(args[1]); -+ String::Utf8Value dest(args[0]); -+ String::Utf8Value path(args[1]); - int flags = 0; - - if (args[2]->IsString()) { -- node::Utf8Value mode(args[2]); -+ String::Utf8Value mode(args[2]); - if (strcmp(*mode, "dir") == 0) { - flags |= UV_FS_SYMLINK_DIR; - } else if (strcmp(*mode, "junction") == 0) { -@@ -492,8 +491,8 @@ static Handle Link(const Arguments& args) { - if (!args[0]->IsString()) return TYPE_ERROR("dest path must be a string"); - if (!args[1]->IsString()) return TYPE_ERROR("src path must be a string"); - -- node::Utf8Value orig_path(args[0]); -- node::Utf8Value new_path(args[1]); -+ String::Utf8Value orig_path(args[0]); -+ String::Utf8Value new_path(args[1]); - - if (args[2]->IsFunction()) { - ASYNC_DEST_CALL(link, args[2], *new_path, *orig_path, *new_path) -@@ -509,7 +508,7 @@ static Handle ReadLink(const Arguments& args) { - if (args.Length() < 1) return TYPE_ERROR("path required"); - if (!args[0]->IsString()) return TYPE_ERROR("path must be a string"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - if (args[1]->IsFunction()) { - ASYNC_CALL(readlink, args[1], *path) -@@ -528,8 +527,8 @@ static Handle Rename(const Arguments& args) { - if (!args[0]->IsString()) return TYPE_ERROR("old path must be a string"); - if (!args[1]->IsString()) return TYPE_ERROR("new path must be a string"); - -- node::Utf8Value old_path(args[0]); -- node::Utf8Value new_path(args[1]); -+ String::Utf8Value old_path(args[0]); -+ String::Utf8Value new_path(args[1]); - - if (args[2]->IsFunction()) { - ASYNC_DEST_CALL(rename, args[2], *new_path, *old_path, *new_path) -@@ -599,7 +598,7 @@ static Handle Unlink(const Arguments& args) { - if (args.Length() < 1) return TYPE_ERROR("path required"); - if (!args[0]->IsString()) return TYPE_ERROR("path must be a string"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - if (args[1]->IsFunction()) { - ASYNC_CALL(unlink, args[1], *path) -@@ -615,7 +614,7 @@ static Handle RMDir(const Arguments& args) { - if (args.Length() < 1) return TYPE_ERROR("path required"); - if (!args[0]->IsString()) return TYPE_ERROR("path must be a string"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - if (args[1]->IsFunction()) { - ASYNC_CALL(rmdir, args[1], *path) -@@ -632,7 +631,7 @@ static Handle MKDir(const Arguments& args) { - return THROW_BAD_ARGS; - } - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - int mode = static_cast(args[1]->Int32Value()); - - if (args[2]->IsFunction()) { -@@ -649,7 +648,7 @@ static Handle ReadDir(const Arguments& args) { - if (args.Length() < 1) return TYPE_ERROR("path required"); - if (!args[0]->IsString()) return TYPE_ERROR("path must be a string"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - - if (args[1]->IsFunction()) { - ASYNC_CALL(readdir, args[1], *path, 0 /*flags*/) -@@ -687,7 +686,7 @@ static Handle Open(const Arguments& args) { - if (!args[1]->IsInt32()) return TYPE_ERROR("flags must be an int"); - if (!args[2]->IsInt32()) return TYPE_ERROR("mode must be an int"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - int flags = args[1]->Int32Value(); - int mode = static_cast(args[2]->Int32Value()); - -@@ -827,7 +826,7 @@ static Handle Chmod(const Arguments& args) { - if(args.Length() < 2 || !args[0]->IsString() || !args[1]->IsInt32()) { - return THROW_BAD_ARGS; - } -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - int mode = static_cast(args[1]->Int32Value()); - - if(args[2]->IsFunction()) { -@@ -874,7 +873,7 @@ static Handle Chown(const Arguments& args) { - if (!args[1]->IsUint32()) return TYPE_ERROR("uid must be an unsigned int"); - if (!args[2]->IsUint32()) return TYPE_ERROR("gid must be an unsigned int"); - -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - uv_uid_t uid = static_cast(args[1]->Uint32Value()); - uv_gid_t gid = static_cast(args[2]->Uint32Value()); - -@@ -925,7 +924,7 @@ static Handle UTimes(const Arguments& args) { - if (!args[1]->IsNumber()) return TYPE_ERROR("atime must be a number"); - if (!args[2]->IsNumber()) return TYPE_ERROR("mtime must be a number"); - -- const node::Utf8Value path(args[0]); -+ const String::Utf8Value path(args[0]); - const double atime = static_cast(args[1]->NumberValue()); - const double mtime = static_cast(args[2]->NumberValue()); - -diff --git a/src/node_stat_watcher.cc b/src/node_stat_watcher.cc -index fd3e5d1..c3f668c 100644 ---- a/src/node_stat_watcher.cc -+++ b/src/node_stat_watcher.cc -@@ -105,7 +104,7 @@ Handle StatWatcher::Start(const Arguments& args) { - HandleScope scope; - - StatWatcher* wrap = ObjectWrap::Unwrap(args.Holder()); -- node::Utf8Value path(args[0]); -+ String::Utf8Value path(args[0]); - const bool persistent = args[1]->BooleanValue(); - const uint32_t interval = args[2]->Uint32Value(); - -diff --git a/src/process_wrap.cc b/src/process_wrap.cc -index ac63e4b..784300f 100644 ---- a/src/process_wrap.cc -+++ b/src/process_wrap.cc -@@ -188,7 +187,7 @@ class ProcessWrap : public HandleWrap { - - // options.file - Local file_v = js_options->Get(String::NewSymbol("file")); -- node::Utf8Value file(file_v->IsString() ? file_v : Local()); -+ String::Utf8Value file(file_v->IsString() ? file_v : Local()); - if (file.length() > 0) { - options.file = *file; - } else { -@@ -203,7 +202,7 @@ class ProcessWrap : public HandleWrap { - // Heap allocate to detect errors. +1 is for NULL. - options.args = new char*[argc + 1]; - for (int i = 0; i < argc; i++) { -- node::Utf8Value arg(js_argv->Get(i)); -+ String::Utf8Value arg(js_argv->Get(i)); - options.args[i] = strdup(*arg); - } - options.args[argc] = NULL; -@@ -211,7 +210,7 @@ class ProcessWrap : public HandleWrap { - - // options.cwd - Local cwd_v = js_options->Get(String::NewSymbol("cwd")); -- node::Utf8Value cwd(cwd_v->IsString() ? cwd_v : Local()); -+ String::Utf8Value cwd(cwd_v->IsString() ? cwd_v : Local()); - if (cwd.length() > 0) { - options.cwd = *cwd; - } -@@ -223,7 +222,7 @@ class ProcessWrap : public HandleWrap { - int envc = env->Length(); - options.env = new char*[envc + 1]; // Heap allocated to detect errors. - for (int i = 0; i < envc; i++) { -- node::Utf8Value pair(env->Get(i)); -+ String::Utf8Value pair(env->Get(i)); - options.env[i] = strdup(*pair); - } - options.env[envc] = NULL; -diff --git a/src/udp_wrap.cc b/src/udp_wrap.cc -index 31a4e78..b33f4e8 100644 ---- a/src/udp_wrap.cc -+++ b/src/udp_wrap.cc -@@ -161,7 +160,7 @@ Handle UDPWrap::DoBind(const Arguments& args, int family) { - // bind(ip, port, flags) - assert(args.Length() == 3); - -- node::Utf8Value address(args[0]); -+ String::Utf8Value address(args[0]); - const int port = args[1]->Uint32Value(); - const int flags = args[2]->Uint32Value(); - -@@ -220,8 +219,8 @@ Handle UDPWrap::SetMembership(const Arguments& args, - - assert(args.Length() == 2); - -- node::Utf8Value address(args[0]); -- node::Utf8Value iface(args[1]); -+ String::Utf8Value address(args[0]); -+ String::Utf8Value iface(args[1]); - - const char* iface_cstr = *iface; - if (args[1]->IsUndefined() || args[1]->IsNull()) { -@@ -272,7 +271,7 @@ Handle UDPWrap::DoSend(const Arguments& args, int family) { - length); - - const unsigned short port = args[3]->Uint32Value(); -- node::Utf8Value address(args[4]); -+ String::Utf8Value address(args[4]); - - switch (family) { - case AF_INET: -diff --git a/src/util.h b/src/util.h ---- a/src/util.h -+++ b/src/util.h -@@ -41,52 +41,6 @@ - obj->Set(domain_symbol, domain); - } - --class Utf8Value { -- public: -- explicit Utf8Value(v8::Handle value) -- : length_(0), str_(NULL) { -- if (value.IsEmpty()) -- return; -- -- v8::Local val_ = value->ToString(); -- -- // Allocate enough space to include the null terminator -- size_t len = StringBytes::StorageSize(val_, UTF8) + 1; -- -- char* str = static_cast(calloc(1, len)); -- -- int flags = WRITE_UTF8_FLAGS; -- flags |= ~v8::String::NO_NULL_TERMINATION; -- -- length_ = val_->WriteUtf8(str, -- len, -- 0, -- flags); -- -- str_ = reinterpret_cast(str); -- } -- -- ~Utf8Value() { -- free(str_); -- } -- -- char* operator*() { -- return str_; -- }; -- -- const char* operator*() const { -- return str_; -- }; -- -- size_t length() const { -- return length_; -- }; -- -- private: -- size_t length_; -- char* str_; --}; -- - } // namespace node - - #endif // SRC_UTIL_H_ --- -1.9.3 - diff --git a/nodejs-revert-utf8-v8.patch b/nodejs-revert-utf8-v8.patch deleted file mode 100644 index 6b16de6..0000000 --- a/nodejs-revert-utf8-v8.patch +++ /dev/null @@ -1,91 +0,0 @@ -From c7c934c66cd8712c9ff169f1ef4c5670d3ff99c8 Mon Sep 17 00:00:00 2001 -From: "T.C. Hollingsworth" -Date: Wed, 18 Jun 2014 23:09:03 -0700 -Subject: [PATCH] Revert "string_bytes: Guarantee valid utf-8 output" - -This reverts commit 0da4c671659cfbae12def127b2e94690b9d9b5e1. ---- - src/node.cc | 7 ------- - src/string_bytes.cc | 2 +- - src/string_bytes.h | 2 -- - test/simple/test-buffer.js | 12 ------------ - 4 files changed, 1 insertion(+), 22 deletions(-) - -diff --git a/src/node.cc b/src/node.cc -index 4223973..e9696cd 100644 ---- a/src/node.cc -+++ b/src/node.cc -@@ -180,9 +180,6 @@ static uv_async_t dispatch_debug_messages_async; - // Declared in node_internals.h - Isolate* node_isolate = NULL; - --int WRITE_UTF8_FLAGS = v8::String::HINT_MANY_WRITES_EXPECTED | -- v8::String::NO_NULL_TERMINATION; -- - static void Spin(uv_idle_t* handle, int status) { - assert((uv_idle_t*) handle == &tick_spinner); - assert(status == 0); -@@ -3077,11 +3074,6 @@ static char **copy_argv(int argc, char **argv) { - - - int Start(int argc, char *argv[]) { -- const char* replaceInvalid = getenv("NODE_INVALID_UTF8"); -- -- if (replaceInvalid == NULL) -- WRITE_UTF8_FLAGS |= String::REPLACE_INVALID_UTF8; -- - // Hack aroung with the argv pointer. Used for process.title = "blah". - argv = uv_setup_args(argc, argv); - -diff --git a/src/string_bytes.cc b/src/string_bytes.cc -index a7bab38..e4a34fe 100644 ---- a/src/string_bytes.cc -+++ b/src/string_bytes.cc -@@ -199,7 +199,7 @@ size_t StringBytes::Write(char* buf, - break; - - case UTF8: -- len = str->WriteUtf8(buf, buflen, chars_written, WRITE_UTF8_FLAGS); -+ len = str->WriteUtf8(buf, buflen, chars_written, flags); - break; - - case UCS2: -diff --git a/src/string_bytes.h b/src/string_bytes.h -index 31f04bb..8071a49 100644 ---- a/src/string_bytes.h -+++ b/src/string_bytes.h -@@ -29,8 +29,6 @@ - - namespace node { - --extern int WRITE_UTF8_FLAGS; -- - using v8::Handle; - using v8::Local; - using v8::String; -diff --git a/test/simple/test-buffer.js b/test/simple/test-buffer.js -index f8b2798..3026824 100644 ---- a/test/simple/test-buffer.js -+++ b/test/simple/test-buffer.js -@@ -791,18 +791,6 @@ assert.equal(buf[3], 0xFF); - assert.equal(buf[3], 0xFF); - }); - --// test unmatched surrogates not producing invalid utf8 output --// ef bf bd = utf-8 representation of unicode replacement character --// see https://codereview.chromium.org/121173009/ --buf = new Buffer('ab\ud800cd', 'utf8'); --assert.equal(buf[0], 0x61); --assert.equal(buf[1], 0x62); --assert.equal(buf[2], 0xef); --assert.equal(buf[3], 0xbf); --assert.equal(buf[4], 0xbd); --assert.equal(buf[5], 0x63); --assert.equal(buf[6], 0x64); -- - // test for buffer overrun - buf = new Buffer([0, 0, 0, 0, 0]); // length: 5 - var sub = buf.slice(0, 4); // length: 4 --- -1.9.3 - diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index fe2abab..344356f 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -1,45 +1,69 @@ -Description: do not bundle CA certificates, openssl on Debian have them - As a consequence, nodejs must depend on ca-certificates. +From 8bdb9e5d7dcde463d9664fc6a999c11a3048a673 Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Tue, 1 Dec 2015 16:29:07 -0500 +Subject: [PATCH 2/2] Do not bundle CA Certificates +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +CA Certificates are provided by Fedora. + Forwarded: need some feedback before submitting the matter upstream Author: Jérémy Lal Last-Update: 2014-03-02 Modified 2014-05-02 by T.C. Hollingsworth with the correct path for Fedora + +Modified 2015-12-01 by Stephen Gallagher to update for +Node.js 4.2 +--- + src/node_crypto.cc | 31 ++++++++----------------------- + 1 file changed, 8 insertions(+), 23 deletions(-) + +diff --git a/src/node_crypto.cc b/src/node_crypto.cc +index bd7314c9db902c59035b60ee5e2ebb4dc99a9a9f..ddc6f081136dd327e35d6326ba9835df7f834e70 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc -@@ -64,7 +64,6 @@ - namespace node { - - const char* root_certs[] = { --#include "node_root_certs.h" // NOLINT(build/include_order) - NULL +@@ -125,11 +125,11 @@ struct ClearErrorOnReturn { }; -@@ -561,32 +560,16 @@ - assert(sc->ca_store_ == NULL); + static uv_mutex_t* locks; + + const char* const root_certs[] = { +-#include "node_root_certs.h" // NOLINT(build/include_order) ++ NULL + }; + + X509_STORE* root_cert_store; + + // Just to generate static methods +@@ -715,36 +715,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { + (void) &clear_error_on_return; // Silence compiler warning. + + CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { - root_cert_store = X509_STORE_new(); - -- for (int i = 0; root_certs[i]; i++) { -- BIO *bp = BIO_new(BIO_s_mem()); +- for (size_t i = 0; i < ARRAY_SIZE(root_certs); i++) { +- BIO* bp = NodeBIO::New(); - - if (!BIO_write(bp, root_certs[i], strlen(root_certs[i]))) { -- BIO_free(bp); -- return False(); +- BIO_free_all(bp); +- return; - } - -- X509 *x509 = PEM_read_bio_X509(bp, NULL, NULL, NULL); +- X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr); - -- if (x509 == NULL) { -- BIO_free(bp); -- return False(); +- if (x509 == nullptr) { +- BIO_free_all(bp); +- return; - } - - X509_STORE_add_cert(root_cert_store, x509); - -- BIO_free(bp); +- BIO_free_all(bp); - X509_free(x509); + if (SSL_CTX_load_verify_locations(sc->ctx_, "/etc/pki/tls/certs/ca-bundle.crt", NULL) == 1) { + root_cert_store = SSL_CTX_get_cert_store(sc->ctx_); @@ -50,9 +74,14 @@ correct path for Fedora + } else { + SSL_CTX_set_cert_store(sc->ctx_, root_cert_store); } -- + sc->ca_store_ = root_cert_store; - SSL_CTX_set_cert_store(sc->ctx_, sc->ca_store_); - - return True(); } + + + void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { + SecureContext* sc = Unwrap(args.Holder()); +-- +2.5.0 + diff --git a/nodejs.spec b/nodejs.spec index 15c81db..5e02a86 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,6 +1,6 @@ Name: nodejs -Version: 0.10.36 -Release: 5%{?dist} +Version: 4.2.2 +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -28,30 +28,16 @@ Patch1: nodejs-disable-gyp-deps.patch # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch Patch2: nodejs-use-system-certs.patch -# The invalid UTF8 fix has been reverted since this breaks v8 API, which cannot -# be done in a stable distribution release. This build of nodejs will behave as -# if NODE_INVALID_UTF8 was set. For more information on the implications, see: -# http://blog.nodejs.org/2014/06/16/openssl-and-breaking-utf-8-change/ -Patch3: nodejs-revert-utf8-v8.patch -Patch4: nodejs-revert-utf8-node.patch +# V8 presently breaks ABI at least every x.y release while never bumping SONAME +%global v8_abi 4.6 -# V8 presently breaks ABI at least every x.y release while never bumping SONAME, -# so we need to be more explicit until spot fixes that -%global v8_ge 1:3.14.5.10-17 -%global v8_lt 1:3.15 -%global v8_abi 3.14 - -BuildRequires: v8-devel >= %{v8_ge} -BuildRequires: http-parser-devel >= 2.0 -BuildRequires: compat-libuv010-devel -BuildRequires: c-ares-devel +BuildRequires: python-devel +BuildRequires: libuv-devel >= 1.7.5 +BuildRequires: http-parser-devel >= 2.6 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.1 -Requires: v8%{?_isa} >= %{v8_ge} -Requires: v8%{?_isa} < %{v8_lt} - # we need the system certificate store when Patch2 is applied Requires: ca-certificates @@ -67,7 +53,7 @@ Provides: nodejs(engine) = %{version} # Node.js currently has a conflict with the 'node' package in Fedora # The ham-radio group has agreed to rename their binary for us, but # in the meantime, we're setting an explicit Conflicts: here -Conflicts: node <= 0.3.2-11 +Conflicts: node <= 0.3.2-12 # The punycode module was absorbed into the standard library in v0.6. # It still exists as a seperate package for the benefit of users of older @@ -79,6 +65,18 @@ Provides: nodejs-punycode = 1.3.1 Provides: npm(punycode) = 1.3.1 +# Node.js has forked c-ares from upstream in an incompatible way, so we need +# to carry the bundled version internally. +# See https://github.com/nodejs/node/commit/766d063e0578c0f7758c3a965c971763f43fec85 +Provides: bundled(c-ares) = 1.10.1 + +# Node.js is closely tied to the version of v8 that is used with it. It makes +# sense to use the bundled version because upstream consistently breaks ABI +# even in point releases. Node.js upstream has now removed the ability to build +# against a shared system version entirely. +# See https://github.com/nodejs/node/commit/d726a177ed59c37cf5306983ed00ecd858cfbbef +Provides: bundled(v8) = 4.6.85 + %description Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. @@ -90,8 +88,8 @@ real-time applications that run across distributed devices. Summary: JavaScript runtime - development headers Group: Development/Languages Requires: %{name}%{?_isa} == %{version}-%{release} -Requires: compat-libuv010-devel%{?_isa} http-parser-devel%{?_isa} v8-devel%{?_isa} -Requires: openssl-devel%{?_isa} c-ares-devel%{?_isa} zlib-devel%{?_isa} +Requires: libuv-devel%{?_isa} http-parser-devel%{?_isa} +Requires: openssl-devel%{?_isa} zlib-devel%{?_isa} Requires: nodejs-packaging %description devel @@ -109,17 +107,17 @@ The API documentation for the Node.js JavaScript runtime. %prep %setup -q -n node-v%{version} -# remove bundled dependencies +# remove bundled dependencies that we aren't building %patch1 -p1 -rm -rf deps +rm -rf deps/http_parser \ + deps/npm \ + deps/uv \ + deps/zlib # remove bundled CA certificates %patch2 -p1 rm -f src/node_root_certs.h -%patch3 -p1 -%patch4 -p1 - %build # build with debugging symbols and add defines from libuv (#892601) @@ -127,10 +125,8 @@ export CFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' ./configure --prefix=%{_prefix} \ - --shared-v8 \ --shared-openssl \ --shared-zlib \ - --shared-cares \ --shared-libuv \ --shared-libuv-libname=:libuv.so.0.10 \ --shared-libuv-includes=%{_includedir}/compat-libuv010 \ @@ -144,7 +140,7 @@ make BUILDTYPE=Debug %{?_smp_mflags} %install rm -rf %{buildroot} -./tools/install.py install %{buildroot} +./tools/install.py install %{buildroot} %{_prefix} # and remove dtrace file again rm -rf %{buildroot}/%{_prefix}/lib/dtrace @@ -172,36 +168,43 @@ chmod 0755 %{buildroot}%{_rpmconfigdir}/nodejs_native.req mkdir -p %{buildroot}%{_pkgdocdir}/html cp -pr doc/* %{buildroot}%{_pkgdocdir}/html rm -f %{buildroot}%{_pkgdocdir}/html/nodejs.1 -cp -p LICENSE %{buildroot}%{_pkgdocdir}/html -cp -p ChangeLog LICENSE README.md AUTHORS %{buildroot}%{_pkgdocdir} #node-gyp needs common.gypi too mkdir -p %{buildroot}%{_datadir}/node cp -p common.gypi %{buildroot}%{_datadir}/node +# Install the GDB init tool into the documentation directory +mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit + %files %{_bindir}/node %{_mandir}/man1/node.* %dir %{_prefix}/lib/node_modules %dir %{_datadir}/node +%dir %{_datadir}/systemtap +%dir %{_datadir}/systemtap/tapset +%{_datadir}/systemtap/tapset/node.stp %{_rpmconfigdir}/fileattrs/nodejs_native.attr %{_rpmconfigdir}/nodejs_native.req %dir %{_pkgdocdir} -%{_pkgdocdir}/ChangeLog -%{_pkgdocdir}/LICENSE -%{_pkgdocdir}/README.md -%{_pkgdocdir}/AUTHORS - +%license LICENSE +%doc AUTHORS CHANGELOG.md COLLABORATOR_GUIDE.md GOVERNANCE.md README.md +%doc ROADMAP.md WORKING_GROUPS.md + %files devel %{_bindir}/node_g %{_includedir}/node %{_datadir}/node/common.gypi +%{_pkgdocdir}/gdbinit %files docs %dir %{_pkgdocdir} %{_pkgdocdir}/html %changelog +* Tue Dec 01 2015 Stephen Gallagher 4.2.2-0.1 +- Upgrade to Node.js 4.2.2 (LTS) + * Wed Jun 17 2015 Fedora Release Engineering - 0.10.36-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild diff --git a/sources b/sources index e233927..78914f6 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f1a50d8a1f6e09659b5c2aad00867ae2 node-v0.10.36-stripped.tar.gz +32d052698f6059e64eee5f06532e27fd node-v4.2.2-stripped.tar.gz From 64bb83cc8dae22c49108e9ff5ed1d662d6fcc841 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 2 Dec 2015 09:45:45 -0500 Subject: [PATCH 02/47] Disable debug build for ARMv7 since it fails to build --- nodejs.spec | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 5e02a86..1442e06 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,6 +1,6 @@ Name: nodejs Version: 4.2.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -134,8 +134,14 @@ export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' --without-npm \ --without-dtrace +%ifnarch %{arm} # Setting BUILDTYPE=Debug builds both release and debug binaries make BUILDTYPE=Debug %{?_smp_mflags} +%else +# ARM builds currently break on the Debug builds, so we'll just +# build the standard runtime until that gets sorted out. +make BUILDTYPE=Release %{?_smp_mflags} +%endif %install rm -rf %{buildroot} @@ -148,8 +154,10 @@ rm -rf %{buildroot}/%{_prefix}/lib/dtrace # Set the binary permissions properly chmod 0755 %{buildroot}/%{_bindir}/node +%ifnarch %{arm} # Install the debug binary and set its permissions install -Dpm0755 out/Debug/node %{buildroot}/%{_bindir}/node_g +%endif # own the sitelib directory mkdir -p %{buildroot}%{_prefix}/lib/node_modules @@ -192,7 +200,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %doc ROADMAP.md WORKING_GROUPS.md %files devel +%ifnarch %{arm} %{_bindir}/node_g +%endif %{_includedir}/node %{_datadir}/node/common.gypi %{_pkgdocdir}/gdbinit @@ -202,7 +212,10 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog -* Tue Dec 01 2015 Stephen Gallagher 4.2.2-0.1 +* Wed Dec 02 2015 Stephen Gallagher 4.2.2-2 +- Disable debug build for ARMv7 since it fails to build + +* Tue Dec 01 2015 Stephen Gallagher 4.2.2-1 - Upgrade to Node.js 4.2.2 (LTS) * Wed Jun 17 2015 Fedora Release Engineering - 0.10.36-5 From a6133be8993b9c30a1f95cadfdea1b4c0e87a214 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 2 Dec 2015 11:22:31 -0500 Subject: [PATCH 03/47] Fix nodejs_abi version - Also ensure that we are building against the correct libuv --- nodejs.spec | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 1442e06..444a369 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,6 +1,6 @@ Name: nodejs Version: 4.2.2 -Release: 2%{?dist} +Release: 3%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -43,7 +43,7 @@ Requires: ca-certificates #we need ABI virtual provides where SONAMEs aren't enough/not present so deps #break when binary compatibility is broken -%global nodejs_abi 0.10 +%global nodejs_abi 4.2 Provides: nodejs(abi) = %{nodejs_abi} Provides: nodejs(v8-abi) = %{v8_abi} @@ -128,8 +128,6 @@ export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' --shared-openssl \ --shared-zlib \ --shared-libuv \ - --shared-libuv-libname=:libuv.so.0.10 \ - --shared-libuv-includes=%{_includedir}/compat-libuv010 \ --shared-http-parser \ --without-npm \ --without-dtrace @@ -212,6 +210,10 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Wed Dec 02 2015 Stephen Gallagher 4.2.2-3 +- Fix nodejs_abi version +- Also ensure that we are building against the correct libuv + * Wed Dec 02 2015 Stephen Gallagher 4.2.2-2 - Disable debug build for ARMv7 since it fails to build From 74d1356567b291f1df3895c9a15ee8cf9e01ffc5 Mon Sep 17 00:00:00 2001 From: Peter Robinson Date: Thu, 3 Dec 2015 03:37:09 +0000 Subject: [PATCH 04/47] Use nodejs_arches macro for arch definition (add aarch64 and power64 platforms) --- nodejs.spec | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 444a369..fd17b96 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,13 +1,12 @@ Name: nodejs Version: 4.2.2 -Release: 3%{?dist} +Release: 4%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages URL: http://nodejs.org/ -# Exclusive archs must match v8 -ExclusiveArch: %{ix86} x86_64 %{arm} +ExclusiveArch: %{nodejs_arches} # nodejs bundles openssl, but we use the system version in Fedora # because openssl contains prohibited code, we remove openssl completely from @@ -210,6 +209,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Wed Dec 2 2015 Peter Robinson 4.2.2-4 +- Use nodejs_arches macro for arch definition (add aarch64 and power64 platforms) + * Wed Dec 02 2015 Stephen Gallagher 4.2.2-3 - Fix nodejs_abi version - Also ensure that we are building against the correct libuv From 0b2b9b17d54bd1e8ff2c23346252742da3073d41 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 4 Dec 2015 08:25:35 -0500 Subject: [PATCH 05/47] New upstream security release 4.2.3 - https://github.com/nodejs/node/blob/v4.2.3/CHANGELOG.md - Fix incorrect v8 version --- .gitignore | 1 + nodejs.spec | 13 +++++++++---- sources | 2 +- 3 files changed, 11 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index cca4b28..68d500d 100644 --- a/.gitignore +++ b/.gitignore @@ -33,3 +33,4 @@ /node-v0.10.33-stripped.tar.gz /node-v0.10.36-stripped.tar.gz /node-v4.2.2-stripped.tar.gz +/node-v4.2.3-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index fd17b96..766c101 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,6 +1,6 @@ Name: nodejs -Version: 4.2.2 -Release: 4%{?dist} +Version: 4.2.3 +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -28,7 +28,7 @@ Patch1: nodejs-disable-gyp-deps.patch Patch2: nodejs-use-system-certs.patch # V8 presently breaks ABI at least every x.y release while never bumping SONAME -%global v8_abi 4.6 +%global v8_abi 4.5 BuildRequires: python-devel BuildRequires: libuv-devel >= 1.7.5 @@ -74,7 +74,7 @@ Provides: bundled(c-ares) = 1.10.1 # even in point releases. Node.js upstream has now removed the ability to build # against a shared system version entirely. # See https://github.com/nodejs/node/commit/d726a177ed59c37cf5306983ed00ecd858cfbbef -Provides: bundled(v8) = 4.6.85 +Provides: bundled(v8) = 4.5.103.35 %description Node.js is a platform built on Chrome's JavaScript runtime @@ -209,6 +209,11 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Fri Dec 04 2015 Stephen Gallagher 4.2.3-1 +- New upstream security release 4.2.3 +- https://github.com/nodejs/node/blob/v4.2.3/CHANGELOG.md +- Fix incorrect v8 version + * Wed Dec 2 2015 Peter Robinson 4.2.2-4 - Use nodejs_arches macro for arch definition (add aarch64 and power64 platforms) diff --git a/sources b/sources index 78914f6..20fa923 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -32d052698f6059e64eee5f06532e27fd node-v4.2.2-stripped.tar.gz +2dad5363627c0059ce262edb91157e2b node-v4.2.3-stripped.tar.gz From 34eeb41274450a3dfafb879e0002e2d98251052a Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 4 Dec 2015 11:31:37 -0500 Subject: [PATCH 06/47] Add %with_debug variable to spec file The debug build is not supported on all architectures. --- nodejs.spec | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 766c101..4c3e329 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,6 +1,14 @@ +%global with_debug 1 + +# ARM builds currently break on the Debug builds, so we'll just +# build the standard runtime until that gets sorted out. +%ifarch %{arm} aarch64 %{power64} +%global with_debug 0 +%endif + Name: nodejs Version: 4.2.3 -Release: 1%{?dist} +Release: 2%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -131,12 +139,10 @@ export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' --without-npm \ --without-dtrace -%ifnarch %{arm} +%if %{?with_debug} == 1 # Setting BUILDTYPE=Debug builds both release and debug binaries make BUILDTYPE=Debug %{?_smp_mflags} %else -# ARM builds currently break on the Debug builds, so we'll just -# build the standard runtime until that gets sorted out. make BUILDTYPE=Release %{?_smp_mflags} %endif @@ -151,7 +157,7 @@ rm -rf %{buildroot}/%{_prefix}/lib/dtrace # Set the binary permissions properly chmod 0755 %{buildroot}/%{_bindir}/node -%ifnarch %{arm} +%if %{?with_debug} == 1 # Install the debug binary and set its permissions install -Dpm0755 out/Debug/node %{buildroot}/%{_bindir}/node_g %endif @@ -197,7 +203,7 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %doc ROADMAP.md WORKING_GROUPS.md %files devel -%ifnarch %{arm} +%if %{?with_debug} == 1 %{_bindir}/node_g %endif %{_includedir}/node @@ -209,6 +215,10 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Fri Dec 04 2015 Stephen Gallagher 4.2.3-2 +- Add %%with_debug variable to spec file + The debug build is not supported on all architectures. + * Fri Dec 04 2015 Stephen Gallagher 4.2.3-1 - New upstream security release 4.2.3 - https://github.com/nodejs/node/blob/v4.2.3/CHANGELOG.md From 54b36861f75dc32ea667311a9ba8bbfbeaaeaa55 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 13 Jan 2016 10:09:41 -0500 Subject: [PATCH 07/47] New upstream bugfix release 4.2.4 - https://github.com/nodejs/node/blob/v4.2.3/CHANGELOG.md --- .gitignore | 1 + nodejs-disable-gyp-deps.patch | 4 ++-- nodejs-use-system-certs.patch | 8 ++++---- nodejs.spec | 8 ++++++-- sources | 2 +- 5 files changed, 14 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 68d500d..c073935 100644 --- a/.gitignore +++ b/.gitignore @@ -34,3 +34,4 @@ /node-v0.10.36-stripped.tar.gz /node-v4.2.2-stripped.tar.gz /node-v4.2.3-stripped.tar.gz +/node-v4.2.4-stripped.tar.gz diff --git a/nodejs-disable-gyp-deps.patch b/nodejs-disable-gyp-deps.patch index 23fe9ee..676b360 100644 --- a/nodejs-disable-gyp-deps.patch +++ b/nodejs-disable-gyp-deps.patch @@ -1,4 +1,4 @@ -From 34a6454fc02ae79362cc03f501bb08fb95495a1b Mon Sep 17 00:00:00 2001 +From e23b2803b886fb6d001ebcc70aa29713561f316f Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:35:29 -0500 Subject: [PATCH 1/2] disable running gyp files for bundled deps @@ -25,5 +25,5 @@ index 02619fac98ddd7bd90648f6493ccf49fcf22c47b..981c3ce4daa8724547979d7646117182 if [ -f $@ ]; then $(error Stale $@, please re-run ./configure) -- -2.5.0 +2.7.0 diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index 344356f..4e68fc6 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -1,4 +1,4 @@ -From 8bdb9e5d7dcde463d9664fc6a999c11a3048a673 Mon Sep 17 00:00:00 2001 +From 515a1619d3b13a7af52d58dee9a43b981e45c2bb Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:29:07 -0500 Subject: [PATCH 2/2] Do not bundle CA Certificates @@ -22,7 +22,7 @@ Node.js 4.2 1 file changed, 8 insertions(+), 23 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index bd7314c9db902c59035b60ee5e2ebb4dc99a9a9f..ddc6f081136dd327e35d6326ba9835df7f834e70 100644 +index b03e6444ff8a3b4209d1e7806380e80566da243c..331c155aebfa0a42277dbe48e03a0b866b98bd06 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -125,11 +125,11 @@ struct ClearErrorOnReturn { @@ -38,7 +38,7 @@ index bd7314c9db902c59035b60ee5e2ebb4dc99a9a9f..ddc6f081136dd327e35d6326ba9835df X509_STORE* root_cert_store; // Just to generate static methods -@@ -715,36 +715,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { +@@ -704,36 +704,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { (void) &clear_error_on_return; // Silence compiler warning. CHECK_EQ(sc->ca_store_, nullptr); @@ -83,5 +83,5 @@ index bd7314c9db902c59035b60ee5e2ebb4dc99a9a9f..ddc6f081136dd327e35d6326ba9835df void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { SecureContext* sc = Unwrap(args.Holder()); -- -2.5.0 +2.7.0 diff --git a/nodejs.spec b/nodejs.spec index 4c3e329..2408ad2 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -7,8 +7,8 @@ %endif Name: nodejs -Version: 4.2.3 -Release: 2%{?dist} +Version: 4.2.4 +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -215,6 +215,10 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Wed Jan 13 2016 Stephen Gallagher - 4.2.4-1 +- New upstream bugfix release 4.2.4 +- https://github.com/nodejs/node/blob/v4.2.3/CHANGELOG.md + * Fri Dec 04 2015 Stephen Gallagher 4.2.3-2 - Add %%with_debug variable to spec file The debug build is not supported on all architectures. diff --git a/sources b/sources index 20fa923..eb3803c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -2dad5363627c0059ce262edb91157e2b node-v4.2.3-stripped.tar.gz +12d2042dd79c39c5365e36d55527542e node-v4.2.4-stripped.tar.gz From 52decf43f41739d09e39c45fe573fe2c8cfb2ded Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 18 Jan 2016 14:02:29 -0500 Subject: [PATCH 08/47] Fix Provides: for punycode --- nodejs.spec | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 2408ad2..de00920 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,7 +8,7 @@ Name: nodejs Version: 4.2.4 -Release: 1%{?dist} +Release: 2%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -43,7 +43,7 @@ BuildRequires: libuv-devel >= 1.7.5 BuildRequires: http-parser-devel >= 2.6 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support -BuildRequires: openssl-devel >= 1:1.0.1 +BuildRequires: openssl-devel >= 1:1.0.2 # we need the system certificate store when Patch2 is applied Requires: ca-certificates @@ -68,8 +68,8 @@ Conflicts: node <= 0.3.2-12 # we don't need the seperate nodejs-punycode package, so we Provide it here so # dependent packages don't need to override the dependency generator. # See also: RHBZ#11511811 -Provides: nodejs-punycode = 1.3.1 -Provides: npm(punycode) = 1.3.1 +Provides: nodejs-punycode = 1.3.2 +Provides: npm(punycode) = 1.3.2 # Node.js has forked c-ares from upstream in an incompatible way, so we need @@ -215,6 +215,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Mon Jan 18 2016 Stephen Gallagher - 4.2.4-2 +- Fix Provides: for punycode + * Wed Jan 13 2016 Stephen Gallagher - 4.2.4-1 - New upstream bugfix release 4.2.4 - https://github.com/nodejs/node/blob/v4.2.3/CHANGELOG.md From 61bfbbdc789117a238d23555ef4b6f2a9f4a0121 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 19 Jan 2016 08:36:53 -0500 Subject: [PATCH 09/47] Force a dependency on the correct version of libuv --- nodejs.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index de00920..762166f 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,7 +8,7 @@ Name: nodejs Version: 4.2.4 -Release: 2%{?dist} +Release: 3%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -40,6 +40,7 @@ Patch2: nodejs-use-system-certs.patch BuildRequires: python-devel BuildRequires: libuv-devel >= 1.7.5 +Requires: libuv >= 1.7.5 BuildRequires: http-parser-devel >= 2.6 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support @@ -215,6 +216,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Tue Jan 19 2016 Stephen Gallagher - 4.2.4-3 +- Force a dependency on the correct version of libuv + * Mon Jan 18 2016 Stephen Gallagher - 4.2.4-2 - Fix Provides: for punycode From d9467351a35e925de0ded669c16fc7c5b441a9cf Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 19 Jan 2016 12:21:54 -0500 Subject: [PATCH 10/47] Force a depdendency on the correct version of http-parser --- nodejs.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index 762166f..a671388 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,7 +8,7 @@ Name: nodejs Version: 4.2.4 -Release: 3%{?dist} +Release: 4%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -42,6 +42,7 @@ BuildRequires: python-devel BuildRequires: libuv-devel >= 1.7.5 Requires: libuv >= 1.7.5 BuildRequires: http-parser-devel >= 2.6 +Requires: http-parser >= 2.6 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.2 @@ -216,6 +217,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Tue Jan 19 2016 Stephen Gallagher - 4.2.4-4 +- Force a depdendency on the correct version of http-parser + * Tue Jan 19 2016 Stephen Gallagher - 4.2.4-3 - Force a dependency on the correct version of libuv From 3b104874f3ba180702e69950c7e7f18d073b3d61 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 4 Feb 2016 09:24:55 +0000 Subject: [PATCH 11/47] - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild --- nodejs.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index a671388..4251dc5 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,7 +8,7 @@ Name: nodejs Version: 4.2.4 -Release: 4%{?dist} +Release: 5%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -217,6 +217,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Thu Feb 04 2016 Fedora Release Engineering - 4.2.4-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + * Tue Jan 19 2016 Stephen Gallagher - 4.2.4-4 - Force a depdendency on the correct version of http-parser From b68d4ecbf76e8aabfcfde8a45562cd9065eb71a0 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 9 Feb 2016 07:19:24 +0000 Subject: [PATCH 12/47] Update to 4.2.6 upstream release --- .gitignore | 1 + nodejs-disable-gyp-deps.patch | 12 ++++-------- nodejs-use-system-certs.patch | 18 +++++------------- nodejs.spec | 7 +++++-- sources | 2 +- 5 files changed, 16 insertions(+), 24 deletions(-) diff --git a/.gitignore b/.gitignore index c073935..0934c0b 100644 --- a/.gitignore +++ b/.gitignore @@ -35,3 +35,4 @@ /node-v4.2.2-stripped.tar.gz /node-v4.2.3-stripped.tar.gz /node-v4.2.4-stripped.tar.gz +/node-v4.2.6-stripped.tar.gz diff --git a/nodejs-disable-gyp-deps.patch b/nodejs-disable-gyp-deps.patch index 676b360..91f0f09 100644 --- a/nodejs-disable-gyp-deps.patch +++ b/nodejs-disable-gyp-deps.patch @@ -1,4 +1,4 @@ -From e23b2803b886fb6d001ebcc70aa29713561f316f Mon Sep 17 00:00:00 2001 +From 8a53e16138f7fa4371eebde91d3bf216285e75a0 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:35:29 -0500 Subject: [PATCH 1/2] disable running gyp files for bundled deps @@ -8,12 +8,10 @@ Subject: [PATCH 1/2] disable running gyp files for bundled deps 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 02619fac98ddd7bd90648f6493ccf49fcf22c47b..981c3ce4daa8724547979d7646117182399b22db 100644 +index 94eb419..a2b682b 100644 --- a/Makefile +++ b/Makefile -@@ -47,11 +47,11 @@ $(NODE_EXE): config.gypi out/Makefile - - $(NODE_G_EXE): config.gypi out/Makefile +@@ -49,7 +49,7 @@ $(NODE_G_EXE): config.gypi out/Makefile $(MAKE) -C out BUILDTYPE=Debug V=$(V) ln -fs out/Debug/$(NODE_EXE) $@ @@ -22,8 +20,6 @@ index 02619fac98ddd7bd90648f6493ccf49fcf22c47b..981c3ce4daa8724547979d7646117182 $(PYTHON) tools/gyp_node.py -f make config.gypi: configure - if [ -f $@ ]; then - $(error Stale $@, please re-run ./configure) -- -2.7.0 +2.5.0 diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index 4e68fc6..c273884 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -1,4 +1,4 @@ -From 515a1619d3b13a7af52d58dee9a43b981e45c2bb Mon Sep 17 00:00:00 2001 +From 58c110a74377171587a6ef28a6d5dff1f29a7d52 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:29:07 -0500 Subject: [PATCH 2/2] Do not bundle CA Certificates @@ -22,12 +22,10 @@ Node.js 4.2 1 file changed, 8 insertions(+), 23 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index b03e6444ff8a3b4209d1e7806380e80566da243c..331c155aebfa0a42277dbe48e03a0b866b98bd06 100644 +index 7911ce9..60516ad 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc -@@ -125,11 +125,11 @@ struct ClearErrorOnReturn { - }; - +@@ -119,7 +119,7 @@ static X509_NAME *cnnic_ev_name = static uv_mutex_t* locks; const char* const root_certs[] = { @@ -36,11 +34,7 @@ index b03e6444ff8a3b4209d1e7806380e80566da243c..331c155aebfa0a42277dbe48e03a0b86 }; X509_STORE* root_cert_store; - - // Just to generate static methods -@@ -704,36 +704,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { - (void) &clear_error_on_return; // Silence compiler warning. - +@@ -763,32 +763,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { @@ -80,8 +74,6 @@ index b03e6444ff8a3b4209d1e7806380e80566da243c..331c155aebfa0a42277dbe48e03a0b86 } - void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { - SecureContext* sc = Unwrap(args.Holder()); -- -2.7.0 +2.5.0 diff --git a/nodejs.spec b/nodejs.spec index 4251dc5..ad1b5d2 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -7,8 +7,8 @@ %endif Name: nodejs -Version: 4.2.4 -Release: 5%{?dist} +Version: 4.2.6 +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -217,6 +217,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Tue Feb 9 2016 Tom Hughes - 4.2.6-1 +- Update to 4.2.6 upstream release + * Thu Feb 04 2016 Fedora Release Engineering - 4.2.4-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild diff --git a/sources b/sources index eb3803c..8e2d5d2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -12d2042dd79c39c5365e36d55527542e node-v4.2.4-stripped.tar.gz +23a29533052de7204adba545ab64928f node-v4.2.6-stripped.tar.gz From 55352656f04411f9301a5fa1b06fb0a34ced8706 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 9 Feb 2016 20:18:29 -0500 Subject: [PATCH 13/47] Update to 4.3.0 upstream LTS release - https://github.com/nodejs/node/blob/v4.3.0/CHANGELOG.md - Switch to the bundled http-parser - Build with -fno-delete-pointer-null-checks for GCC 6 --- .gitignore | 1 + nodejs.spec | 24 ++++++++++++++++-------- sources | 2 +- 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/.gitignore b/.gitignore index 0934c0b..4bd6efa 100644 --- a/.gitignore +++ b/.gitignore @@ -36,3 +36,4 @@ /node-v4.2.3-stripped.tar.gz /node-v4.2.4-stripped.tar.gz /node-v4.2.6-stripped.tar.gz +/node-v4.3.0-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index ad1b5d2..8445cca 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -7,7 +7,7 @@ %endif Name: nodejs -Version: 4.2.6 +Version: 4.3.0 Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD @@ -41,8 +41,6 @@ Patch2: nodejs-use-system-certs.patch BuildRequires: python-devel BuildRequires: libuv-devel >= 1.7.5 Requires: libuv >= 1.7.5 -BuildRequires: http-parser-devel >= 2.6 -Requires: http-parser >= 2.6 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.2 @@ -86,6 +84,10 @@ Provides: bundled(c-ares) = 1.10.1 # See https://github.com/nodejs/node/commit/d726a177ed59c37cf5306983ed00ecd858cfbbef Provides: bundled(v8) = 4.5.103.35 +# Node.js and http-parser share an upstream. The http-parser upstream does not +# do releases often and is almost always far behind the bundled version +Provides: bundled(http-parser) = 2.5.1 + %description Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. @@ -118,8 +120,7 @@ The API documentation for the Node.js JavaScript runtime. # remove bundled dependencies that we aren't building %patch1 -p1 -rm -rf deps/http_parser \ - deps/npm \ +rm -rf deps/npm \ deps/uv \ deps/zlib @@ -130,14 +131,15 @@ rm -f src/node_root_certs.h %build # build with debugging symbols and add defines from libuv (#892601) -export CFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' -export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64' +# Node's v8 breaks with GCC 8 because of incorrect usage of methods on +# NULL objects. We need to pass -fno-delete-null-pointer-checks +export CFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-delete-null-pointer-checks' +export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-delete-null-pointer-checks' ./configure --prefix=%{_prefix} \ --shared-openssl \ --shared-zlib \ --shared-libuv \ - --shared-http-parser \ --without-npm \ --without-dtrace @@ -217,6 +219,12 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Tue Feb 09 2016 Stephen Gallagher - 4.3.0-1 +- Update to 4.3.0 upstream LTS release +- https://github.com/nodejs/node/blob/v4.3.0/CHANGELOG.md +- Switch to the bundled http-parser +- Build with -fno-delete-pointer-null-checks for GCC 6 + * Tue Feb 9 2016 Tom Hughes - 4.2.6-1 - Update to 4.2.6 upstream release diff --git a/sources b/sources index 8e2d5d2..2f4acd5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -23a29533052de7204adba545ab64928f node-v4.2.6-stripped.tar.gz +675b21f124d85b42391e581d0071d92c node-v4.3.0-stripped.tar.gz From 6b9e50424cdaa5b57b5786a0800742173380c4f9 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 10 Feb 2016 10:12:55 -0500 Subject: [PATCH 14/47] Fix nodejs-abi to be 4.3 - Clean up bundled versions in spec file --- nodejs.spec | 43 ++++++++++++++++++++++++++++++++++--------- 1 file changed, 34 insertions(+), 9 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 8445cca..d917c3c 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -6,9 +6,34 @@ %global with_debug 0 %endif +# == Node.js Version == +%global nodejs_major 4 +%global nodejs_minor 3 +%global nodejs_patch 0 +%global nodejs_abi %{nodejs_major}.%{nodejs_minor} + +# == Bundled Dependency Versions == +# v8 - from deps/v8/include/v8-version.h +%global v8_major 4 +%global v8_minor 5 +%global v8_build 103 +%global v8_patch 35 +# V8 presently breaks ABI at least every x.y release while never bumping SONAME +%global v8_abi %{v8_major}.%{v8_minor} + +# c-ares - from deps/cares/include/ares_version.h +%global c_ares_major 1 +%global c_ares_minor 10 +%global c_ares_patch 1 + +# http-parser - from deps/http-parser/http_parser.h +%global http_parser_major 2 +%global http_parser_minor 5 +%global http_parser_patch 1 + Name: nodejs -Version: 4.3.0 -Release: 1%{?dist} +Version: %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} +Release: 2%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -35,9 +60,6 @@ Patch1: nodejs-disable-gyp-deps.patch # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch Patch2: nodejs-use-system-certs.patch -# V8 presently breaks ABI at least every x.y release while never bumping SONAME -%global v8_abi 4.5 - BuildRequires: python-devel BuildRequires: libuv-devel >= 1.7.5 Requires: libuv >= 1.7.5 @@ -50,7 +72,6 @@ Requires: ca-certificates #we need ABI virtual provides where SONAMEs aren't enough/not present so deps #break when binary compatibility is broken -%global nodejs_abi 4.2 Provides: nodejs(abi) = %{nodejs_abi} Provides: nodejs(v8-abi) = %{v8_abi} @@ -75,18 +96,18 @@ Provides: npm(punycode) = 1.3.2 # Node.js has forked c-ares from upstream in an incompatible way, so we need # to carry the bundled version internally. # See https://github.com/nodejs/node/commit/766d063e0578c0f7758c3a965c971763f43fec85 -Provides: bundled(c-ares) = 1.10.1 +Provides: bundled(c-ares) = %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch} # Node.js is closely tied to the version of v8 that is used with it. It makes # sense to use the bundled version because upstream consistently breaks ABI # even in point releases. Node.js upstream has now removed the ability to build # against a shared system version entirely. # See https://github.com/nodejs/node/commit/d726a177ed59c37cf5306983ed00ecd858cfbbef -Provides: bundled(v8) = 4.5.103.35 +Provides: bundled(v8) = %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} # Node.js and http-parser share an upstream. The http-parser upstream does not # do releases often and is almost always far behind the bundled version -Provides: bundled(http-parser) = 2.5.1 +Provides: bundled(http-parser) = %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} %description Node.js is a platform built on Chrome's JavaScript runtime @@ -219,6 +240,10 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Wed Feb 10 2016 Stephen Gallagher - 4.3.0-2 +- Fix nodejs-abi to be 4.3 +- Clean up bundled versions in spec file + * Tue Feb 09 2016 Stephen Gallagher - 4.3.0-1 - Update to 4.3.0 upstream LTS release - https://github.com/nodejs/node/blob/v4.3.0/CHANGELOG.md From 282860bb046db241d227bda6eb5c45e272129964 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Wed, 10 Feb 2016 19:02:50 +0000 Subject: [PATCH 15/47] Verify that the built node reports the exepcted versions --- nodejs.spec | 27 ++++++++++++++++++++++----- 1 file changed, 22 insertions(+), 5 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index d917c3c..6cec534 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -11,6 +11,7 @@ %global nodejs_minor 3 %global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} +%global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} # == Bundled Dependency Versions == # v8 - from deps/v8/include/v8-version.h @@ -20,20 +21,23 @@ %global v8_patch 35 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} +%global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} # c-ares - from deps/cares/include/ares_version.h %global c_ares_major 1 %global c_ares_minor 10 %global c_ares_patch 1 +%global c_ares_version %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch} # http-parser - from deps/http-parser/http_parser.h %global http_parser_major 2 %global http_parser_minor 5 %global http_parser_patch 1 +%global http_parser_version %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} Name: nodejs -Version: %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} -Release: 2%{?dist} +Version: %{nodejs_version} +Release: 3%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -96,18 +100,18 @@ Provides: npm(punycode) = 1.3.2 # Node.js has forked c-ares from upstream in an incompatible way, so we need # to carry the bundled version internally. # See https://github.com/nodejs/node/commit/766d063e0578c0f7758c3a965c971763f43fec85 -Provides: bundled(c-ares) = %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch} +Provides: bundled(c-ares) = %{c_ares_version} # Node.js is closely tied to the version of v8 that is used with it. It makes # sense to use the bundled version because upstream consistently breaks ABI # even in point releases. Node.js upstream has now removed the ability to build # against a shared system version entirely. # See https://github.com/nodejs/node/commit/d726a177ed59c37cf5306983ed00ecd858cfbbef -Provides: bundled(v8) = %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} +Provides: bundled(v8) = %{v8_version} # Node.js and http-parser share an upstream. The http-parser upstream does not # do releases often and is almost always far behind the bundled version -Provides: bundled(http-parser) = %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} +Provides: bundled(http-parser) = %{http_parser_version} %description Node.js is a platform built on Chrome's JavaScript runtime @@ -171,6 +175,7 @@ make BUILDTYPE=Debug %{?_smp_mflags} make BUILDTYPE=Release %{?_smp_mflags} %endif + %install rm -rf %{buildroot} @@ -212,6 +217,15 @@ cp -p common.gypi %{buildroot}%{_datadir}/node # Install the GDB init tool into the documentation directory mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit + +%check +# Fail the build if the versions don't match +%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.node, '%{nodejs_version}')" +%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.v8, '%{v8_version}')" +%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.ares.replace(/-DEV$/, ''), '%{c_ares_version}')" +%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.http_parser, '%{http_parser_version}')" + + %files %{_bindir}/node %{_mandir}/man1/node.* @@ -240,6 +254,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Wed Feb 10 2016 Tom Hughes - 4.3.0-3 +- Verify that the built node reports the exepcted versions + * Wed Feb 10 2016 Stephen Gallagher - 4.3.0-2 - Fix nodejs-abi to be 4.3 - Clean up bundled versions in spec file From c5341695ebfcd060593000167fb73b231054eed1 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 10 Feb 2016 14:05:57 -0500 Subject: [PATCH 16/47] Drop unneeded dep on http-parser-devel --- nodejs.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 6cec534..b049686 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -124,8 +124,9 @@ real-time applications that run across distributed devices. Summary: JavaScript runtime - development headers Group: Development/Languages Requires: %{name}%{?_isa} == %{version}-%{release} -Requires: libuv-devel%{?_isa} http-parser-devel%{?_isa} -Requires: openssl-devel%{?_isa} zlib-devel%{?_isa} +Requires: libuv-devel%{?_isa} +Requires: openssl-devel%{?_isa} +Requires: zlib-devel%{?_isa} Requires: nodejs-packaging %description devel @@ -256,6 +257,7 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %changelog * Wed Feb 10 2016 Tom Hughes - 4.3.0-3 - Verify that the built node reports the exepcted versions +- Drop unneeded dep on http-parser-devel * Wed Feb 10 2016 Stephen Gallagher - 4.3.0-2 - Fix nodejs-abi to be 4.3 From 4a94b49f0171a8a37181e700deb91a01692d0012 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 10 Feb 2016 14:31:40 -0500 Subject: [PATCH 17/47] Add version checks for punycode --- nodejs.spec | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index b049686..4d887f9 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -35,6 +35,13 @@ %global http_parser_patch 1 %global http_parser_version %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} +# punycode - from lib/punycode.js +# Note: this was merged into the mainline since 0.6.x +%global punycode_major 1 +%global punycode_minor 3 +%global punycode_patch 2 +%global punycode_version %{punycode_major}.%{punycode_minor}.%{punycode_patch} + Name: nodejs Version: %{nodejs_version} Release: 3%{?dist} @@ -93,8 +100,8 @@ Conflicts: node <= 0.3.2-12 # we don't need the seperate nodejs-punycode package, so we Provide it here so # dependent packages don't need to override the dependency generator. # See also: RHBZ#11511811 -Provides: nodejs-punycode = 1.3.2 -Provides: npm(punycode) = 1.3.2 +Provides: nodejs-punycode = %{punycode_version} +Provides: npm(punycode) = %{punycode_version} # Node.js has forked c-ares from upstream in an incompatible way, so we need @@ -226,6 +233,8 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.ares.replace(/-DEV$/, ''), '%{c_ares_version}')" %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.http_parser, '%{http_parser_version}')" +# Ensure we have punycode and that the version matches +%{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')" %files %{_bindir}/node @@ -256,8 +265,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %changelog * Wed Feb 10 2016 Tom Hughes - 4.3.0-3 -- Verify that the built node reports the exepcted versions +- Verify that the built node reports the expected versions - Drop unneeded dep on http-parser-devel +- Add version check for punycode * Wed Feb 10 2016 Stephen Gallagher - 4.3.0-2 - Fix nodejs-abi to be 4.3 From c7bce4c5ec00bef5d4bb87f21c3d5cd1e902d6c6 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 23 Feb 2016 12:32:20 +0000 Subject: [PATCH 18/47] Update to 4.3.1 upstream LTS release --- .gitignore | 1 + nodejs.spec | 9 ++++++--- sources | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 4bd6efa..e38429c 100644 --- a/.gitignore +++ b/.gitignore @@ -37,3 +37,4 @@ /node-v4.2.4-stripped.tar.gz /node-v4.2.6-stripped.tar.gz /node-v4.3.0-stripped.tar.gz +/node-v4.3.1-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 4d887f9..6fee5bd 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -9,7 +9,7 @@ # == Node.js Version == %global nodejs_major 4 %global nodejs_minor 3 -%global nodejs_patch 0 +%global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -32,7 +32,7 @@ # http-parser - from deps/http-parser/http_parser.h %global http_parser_major 2 %global http_parser_minor 5 -%global http_parser_patch 1 +%global http_parser_patch 2 %global http_parser_version %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} # punycode - from lib/punycode.js @@ -44,7 +44,7 @@ Name: nodejs Version: %{nodejs_version} -Release: 3%{?dist} +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -264,6 +264,9 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Tue Feb 23 2016 Tom Hughes - 4.3.1-1 +- Update to 4.3.1 upstream LTS release + * Wed Feb 10 2016 Tom Hughes - 4.3.0-3 - Verify that the built node reports the expected versions - Drop unneeded dep on http-parser-devel diff --git a/sources b/sources index 2f4acd5..a5c6c2e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -675b21f124d85b42391e581d0071d92c node-v4.3.0-stripped.tar.gz +0bda97bcbe9e93d11a85d6433d07bc9e node-v4.3.1-stripped.tar.gz From 2a3d08c9638ade156dbc3b8f42ac6900ee807052 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 23 Mar 2016 10:12:03 -0400 Subject: [PATCH 19/47] Update to 4.4.1 upstream LTS release --- .gitignore | 1 + nodejs-disable-gyp-deps.patch | 12 ++++++++---- nodejs-use-system-certs.patch | 32 ++++++++++++++++++++------------ nodejs.spec | 9 +++++++-- sources | 2 +- 5 files changed, 37 insertions(+), 19 deletions(-) diff --git a/.gitignore b/.gitignore index e38429c..06b6843 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,4 @@ /node-v4.2.6-stripped.tar.gz /node-v4.3.0-stripped.tar.gz /node-v4.3.1-stripped.tar.gz +/node-v4.4.1-stripped.tar.gz diff --git a/nodejs-disable-gyp-deps.patch b/nodejs-disable-gyp-deps.patch index 91f0f09..2743f4c 100644 --- a/nodejs-disable-gyp-deps.patch +++ b/nodejs-disable-gyp-deps.patch @@ -1,4 +1,4 @@ -From 8a53e16138f7fa4371eebde91d3bf216285e75a0 Mon Sep 17 00:00:00 2001 +From 08ee9476e138421b5f6c4fd928986b125fb82634 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:35:29 -0500 Subject: [PATCH 1/2] disable running gyp files for bundled deps @@ -8,10 +8,12 @@ Subject: [PATCH 1/2] disable running gyp files for bundled deps 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 94eb419..a2b682b 100644 +index ff0098b70d7b2c2b76c6456534013d186ad44f0f..df64f3a90ecf57fb58963b717647d69ffa4fb391 100644 --- a/Makefile +++ b/Makefile -@@ -49,7 +49,7 @@ $(NODE_G_EXE): config.gypi out/Makefile +@@ -47,11 +47,11 @@ $(NODE_EXE): config.gypi out/Makefile + + $(NODE_G_EXE): config.gypi out/Makefile $(MAKE) -C out BUILDTYPE=Debug V=$(V) ln -fs out/Debug/$(NODE_EXE) $@ @@ -20,6 +22,8 @@ index 94eb419..a2b682b 100644 $(PYTHON) tools/gyp_node.py -f make config.gypi: configure + if [ -f $@ ]; then + $(error Stale $@, please re-run ./configure) -- -2.5.0 +2.7.3 diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index c273884..3ea5b9e 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -1,4 +1,4 @@ -From 58c110a74377171587a6ef28a6d5dff1f29a7d52 Mon Sep 17 00:00:00 2001 +From e51cf2ad2627af02e88df48287fe510e885ba1dc Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:29:07 -0500 Subject: [PATCH 2/2] Do not bundle CA Certificates @@ -17,15 +17,20 @@ correct path for Fedora Modified 2015-12-01 by Stephen Gallagher to update for Node.js 4.2 + +Modified 2016-03-04 by Stephen Gallagher to update for +Node.js 5.4.1 --- - src/node_crypto.cc | 31 ++++++++----------------------- - 1 file changed, 8 insertions(+), 23 deletions(-) + src/node_crypto.cc | 28 ++++++++-------------------- + 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index 7911ce9..60516ad 100644 +index 382a42f22727f878b9bf55459e0e3835ac885159..ee90a0fbce017a5af56e10f3f416f86bd27a9d66 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc -@@ -119,7 +119,7 @@ static X509_NAME *cnnic_ev_name = +@@ -119,11 +119,11 @@ static X509_NAME *cnnic_ev_name = + sizeof(CNNIC_EV_ROOT_CA_SUBJECT_DATA)-1); + static uv_mutex_t* locks; const char* const root_certs[] = { @@ -34,22 +39,23 @@ index 7911ce9..60516ad 100644 }; X509_STORE* root_cert_store; -@@ -763,32 +763,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { + + // Just to generate static methods +@@ -756,33 +756,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { + (void) &clear_error_on_return; // Silence compiler warning. + CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { - root_cert_store = X509_STORE_new(); - - for (size_t i = 0; i < ARRAY_SIZE(root_certs); i++) { -- BIO* bp = NodeBIO::New(); -- -- if (!BIO_write(bp, root_certs[i], strlen(root_certs[i]))) { -- BIO_free_all(bp); +- BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i])); +- if (bp == nullptr) { - return; - } - - X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr); -- - if (x509 == nullptr) { - BIO_free_all(bp); - return; @@ -74,6 +80,8 @@ index 7911ce9..60516ad 100644 } + void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { + SecureContext* sc = Unwrap(args.Holder()); -- -2.5.0 +2.7.3 diff --git a/nodejs.spec b/nodejs.spec index 6fee5bd..82ae8d8 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,7 +8,7 @@ # == Node.js Version == %global nodejs_major 4 -%global nodejs_minor 3 +%global nodejs_minor 4 %global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -84,6 +84,7 @@ Requires: ca-certificates #we need ABI virtual provides where SONAMEs aren't enough/not present so deps #break when binary compatibility is broken Provides: nodejs(abi) = %{nodejs_abi} +Provides: nodejs(abi%{nodejs_major}) = %{nodejs_abi} Provides: nodejs(v8-abi) = %{v8_abi} #this corresponds to the "engine" requirement in package.json @@ -208,7 +209,7 @@ mkdir -p %{buildroot}%{_prefix}/lib/node_modules install -Dpm0644 %{SOURCE7} %{buildroot}%{_rpmconfigdir}/fileattrs/nodejs_native.attr cat << EOF > %{buildroot}%{_rpmconfigdir}/nodejs_native.req #!/bin/sh -echo 'nodejs(abi) = %nodejs_abi' +echo 'nodejs(abi%{nodejs_major}) >= %nodejs_abi' echo 'nodejs(v8-abi) = %v8_abi' EOF chmod 0755 %{buildroot}%{_rpmconfigdir}/nodejs_native.req @@ -264,6 +265,10 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_pkgdocdir}/html %changelog +* Wed Mar 23 2016 Stephen Gallagher - 4.4.1-1 +- Update to 4.4.1 upstream LTS release +- Add more versatile ABI checking + * Tue Feb 23 2016 Tom Hughes - 4.3.1-1 - Update to 4.3.1 upstream LTS release diff --git a/sources b/sources index a5c6c2e..da4bdf3 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -0bda97bcbe9e93d11a85d6433d07bc9e node-v4.3.1-stripped.tar.gz +531aa89a87526745fc3e9268fc4efea5 node-v4.4.1-stripped.tar.gz From 0227455ec2f6d0f16b90b0d530b2e56aed1c5b88 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 4 Mar 2016 12:25:36 -0500 Subject: [PATCH 20/47] Update to latest stable release (5.9.1) --- .gitignore | 4 ++ nodejs-disable-gyp-deps.patch | 12 +++-- nodejs-use-system-certs.patch | 32 +++++++----- nodejs.spec | 98 +++++++++++++++++++++++++++++------ sources | 2 +- 5 files changed, 114 insertions(+), 34 deletions(-) diff --git a/.gitignore b/.gitignore index e38429c..1e59282 100644 --- a/.gitignore +++ b/.gitignore @@ -38,3 +38,7 @@ /node-v4.2.6-stripped.tar.gz /node-v4.3.0-stripped.tar.gz /node-v4.3.1-stripped.tar.gz +/node-v5.7.1-stripped.tar.gz +/node-v5.8.0-stripped.tar.gz +/node-v5.9.0.tar.gz +/node-v5.9.1-stripped.tar.gz diff --git a/nodejs-disable-gyp-deps.patch b/nodejs-disable-gyp-deps.patch index 91f0f09..f1526c0 100644 --- a/nodejs-disable-gyp-deps.patch +++ b/nodejs-disable-gyp-deps.patch @@ -1,4 +1,4 @@ -From 8a53e16138f7fa4371eebde91d3bf216285e75a0 Mon Sep 17 00:00:00 2001 +From 9ed79cf3212bf7bba43c2a7f313628092c43daf5 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:35:29 -0500 Subject: [PATCH 1/2] disable running gyp files for bundled deps @@ -8,10 +8,12 @@ Subject: [PATCH 1/2] disable running gyp files for bundled deps 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 94eb419..a2b682b 100644 +index 4962bd4e47e447840cc9890ce465b786bb77ba26..30fa7fb2f621a320706a076724250421da373d1f 100644 --- a/Makefile +++ b/Makefile -@@ -49,7 +49,7 @@ $(NODE_G_EXE): config.gypi out/Makefile +@@ -65,11 +65,11 @@ $(NODE_EXE): config.gypi out/Makefile + + $(NODE_G_EXE): config.gypi out/Makefile $(MAKE) -C out BUILDTYPE=Debug V=$(V) ln -fs out/Debug/$(NODE_EXE) $@ @@ -20,6 +22,8 @@ index 94eb419..a2b682b 100644 $(PYTHON) tools/gyp_node.py -f make config.gypi: configure + if [ -f $@ ]; then + $(error Stale $@, please re-run ./configure) -- -2.5.0 +2.7.2 diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index c273884..e14347c 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -1,4 +1,4 @@ -From 58c110a74377171587a6ef28a6d5dff1f29a7d52 Mon Sep 17 00:00:00 2001 +From e0aac817a87c927f70a6f8edb63a4103a4109dfc Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:29:07 -0500 Subject: [PATCH 2/2] Do not bundle CA Certificates @@ -17,15 +17,20 @@ correct path for Fedora Modified 2015-12-01 by Stephen Gallagher to update for Node.js 4.2 + +Modified 2016-03-04 by Stephen Gallagher to update for +Node.js 5.7.1 --- - src/node_crypto.cc | 31 ++++++++----------------------- - 1 file changed, 8 insertions(+), 23 deletions(-) + src/node_crypto.cc | 28 ++++++++-------------------- + 1 file changed, 8 insertions(+), 20 deletions(-) diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index 7911ce9..60516ad 100644 +index acd83e9f2f41ade75ee9a3c8061acfa8b3dbf0f4..70ffe035f8be24b2eb6daf71185649d8ae7d579f 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc -@@ -119,7 +119,7 @@ static X509_NAME *cnnic_ev_name = +@@ -119,11 +119,11 @@ static X509_NAME *cnnic_ev_name = + sizeof(CNNIC_EV_ROOT_CA_SUBJECT_DATA)-1); + static uv_mutex_t* locks; const char* const root_certs[] = { @@ -34,22 +39,23 @@ index 7911ce9..60516ad 100644 }; X509_STORE* root_cert_store; -@@ -763,32 +763,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { + + // Just to generate static methods +@@ -748,33 +748,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { + (void) &clear_error_on_return; // Silence compiler warning. + CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { - root_cert_store = X509_STORE_new(); - - for (size_t i = 0; i < ARRAY_SIZE(root_certs); i++) { -- BIO* bp = NodeBIO::New(); -- -- if (!BIO_write(bp, root_certs[i], strlen(root_certs[i]))) { -- BIO_free_all(bp); +- BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i])); +- if (bp == nullptr) { - return; - } - - X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr); -- - if (x509 == nullptr) { - BIO_free_all(bp); - return; @@ -74,6 +80,8 @@ index 7911ce9..60516ad 100644 } + void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { + SecureContext* sc = Unwrap(args.Holder()); -- -2.5.0 +2.7.2 diff --git a/nodejs.spec b/nodejs.spec index 6fee5bd..b1d05b5 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -7,8 +7,8 @@ %endif # == Node.js Version == -%global nodejs_major 4 -%global nodejs_minor 3 +%global nodejs_major 5 +%global nodejs_minor 9 %global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -16,9 +16,9 @@ # == Bundled Dependency Versions == # v8 - from deps/v8/include/v8-version.h %global v8_major 4 -%global v8_minor 5 -%global v8_build 103 -%global v8_patch 35 +%global v8_minor 6 +%global v8_build 85 +%global v8_patch 31 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -29,9 +29,9 @@ %global c_ares_patch 1 %global c_ares_version %{c_ares_major}.%{c_ares_minor}.%{c_ares_patch} -# http-parser - from deps/http-parser/http_parser.h +# http-parser - from deps/http_parser/http_parser.h %global http_parser_major 2 -%global http_parser_minor 5 +%global http_parser_minor 6 %global http_parser_patch 2 %global http_parser_version %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} @@ -42,9 +42,20 @@ %global punycode_patch 2 %global punycode_version %{punycode_major}.%{punycode_minor}.%{punycode_patch} +# npm - from deps/npm/package.json +%global npm_major 3 +%global npm_minor 7 +%global npm_patch 3 +%global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} + +# Filter out the NPM bundled dependencies so we aren't providing them +%global __provides_exclude_from ^%{_prefix}/lib/node_modules/npm/.*$ +%global __requires_exclude_from ^%{_prefix}/lib/node_modules/npm/.*$ + + Name: nodejs Version: %{nodejs_version} -Release: 1%{?dist} +Release: 0%{?dist}.20 Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -72,8 +83,8 @@ Patch1: nodejs-disable-gyp-deps.patch Patch2: nodejs-use-system-certs.patch BuildRequires: python-devel -BuildRequires: libuv-devel >= 1.7.5 -Requires: libuv >= 1.7.5 +BuildRequires: libuv-devel >= 1.8.0 +Requires: libuv >= 1.8.0 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.2 @@ -84,6 +95,7 @@ Requires: ca-certificates #we need ABI virtual provides where SONAMEs aren't enough/not present so deps #break when binary compatibility is broken Provides: nodejs(abi) = %{nodejs_abi} +Provides: nodejs(abi%{nodejs_major}) = %{nodejs_abi} Provides: nodejs(v8-abi) = %{v8_abi} #this corresponds to the "engine" requirement in package.json @@ -120,6 +132,13 @@ Provides: bundled(v8) = %{v8_version} # do releases often and is almost always far behind the bundled version Provides: bundled(http-parser) = %{http_parser_version} +# We used to ship npm separately, but it is so tightly integrated with Node.js +# (and expected to be present on all Node.js systems) that we ship it bundled +# now. +Provides: npm = %{npm_version} +Provides: npm(npm) = %{npm_version} +Obsoletes: npm < 3.5.4-6 + %description Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. @@ -144,6 +163,12 @@ Summary: Node.js API documentation Group: Documentation BuildArch: noarch +# We don't require that the main package be installed to +# use the docs, but if it is installed, make sure the +# version always matches +Conflicts: %{name} > %{version}-%{release} +Conflicts: %{name} < %{version}-%{release} + %description docs The API documentation for the Node.js JavaScript runtime. @@ -153,8 +178,7 @@ The API documentation for the Node.js JavaScript runtime. # remove bundled dependencies that we aren't building %patch1 -p1 -rm -rf deps/npm \ - deps/uv \ +rm -rf deps/uv \ deps/zlib # remove bundled CA certificates @@ -173,7 +197,6 @@ export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno- --shared-openssl \ --shared-zlib \ --shared-libuv \ - --without-npm \ --without-dtrace %if %{?with_debug} == 1 @@ -208,7 +231,7 @@ mkdir -p %{buildroot}%{_prefix}/lib/node_modules install -Dpm0644 %{SOURCE7} %{buildroot}%{_rpmconfigdir}/fileattrs/nodejs_native.attr cat << EOF > %{buildroot}%{_rpmconfigdir}/nodejs_native.req #!/bin/sh -echo 'nodejs(abi) = %nodejs_abi' +echo 'nodejs(abi%{nodejs_major}) >= %nodejs_abi' echo 'nodejs(v8-abi) = %v8_abi' EOF chmod 0755 %{buildroot}%{_rpmconfigdir}/nodejs_native.req @@ -225,6 +248,38 @@ cp -p common.gypi %{buildroot}%{_datadir}/node # Install the GDB init tool into the documentation directory mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit +# Since the old version of NPM was unbundled, there are a lot of symlinks in +# it's node_modules directory. We need to keep these as symlinks to ensure we +# can backtrack on this if we decide to. + +# Rename the npm node_modules directory to node_modules.bundled +mv %{buildroot}/%{_prefix}/lib/node_modules/npm/node_modules \ + %{buildroot}/%{_prefix}/lib/node_modules/npm/node_modules.bundled + +# Recreate all the symlinks +mkdir -p %{buildroot}/%{_prefix}/lib/node_modules/npm/node_modules +FILES=%{buildroot}/%{_prefix}/lib/node_modules/npm/node_modules.bundled/* +for f in $FILES +do + module=`basename $f` + ln -s ../node_modules.bundled/$module %{buildroot}%{_prefix}/lib/node_modules/npm/node_modules/$module +done + +# install NPM docs to mandir +mkdir -p %{buildroot}%{_mandir} \ + %{buildroot}%{_pkgdocdir}/npm + +cp -pr deps/npm/man/* %{buildroot}%{_mandir}/ +rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/man +ln -sf %{_mandir} %{buildroot}%{_prefix}/lib/node_modules/npm/man + +# Install Markdown and HTML documentation to %{_pkgdocdir} +cp -pr deps/npm/html deps/npm/doc %{buildroot}%{_pkgdocdir}/npm/ +rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/html \ + %{buildroot}%{_prefix}/lib/node_modules/npm/doc + +ln -sf %{_pkgdocdir} %{buildroot}%{_prefix}/lib/node_modules/npm/html +ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %check # Fail the build if the versions don't match @@ -238,7 +293,6 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %files %{_bindir}/node -%{_mandir}/man1/node.* %dir %{_prefix}/lib/node_modules %dir %{_datadir}/node %dir %{_datadir}/systemtap @@ -246,11 +300,15 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %{_datadir}/systemtap/tapset/node.stp %{_rpmconfigdir}/fileattrs/nodejs_native.attr %{_rpmconfigdir}/nodejs_native.req -%dir %{_pkgdocdir} %license LICENSE %doc AUTHORS CHANGELOG.md COLLABORATOR_GUIDE.md GOVERNANCE.md README.md %doc ROADMAP.md WORKING_GROUPS.md - +%{_prefix}/lib/node_modules/npm +%ghost %{_sysconfdir}/npmrc +%ghost %{_sysconfdir}/npmignore +%{_bindir}/npm +%{_mandir}/man*/* + %files devel %if %{?with_debug} == 1 %{_bindir}/node_g @@ -262,8 +320,14 @@ mv %{buildroot}/%{_datadir}/doc/node/gdbinit %{buildroot}/%{_pkgdocdir}/gdbinit %files docs %dir %{_pkgdocdir} %{_pkgdocdir}/html +%{_pkgdocdir}/npm/html +%{_pkgdocdir}/npm/doc %changelog +* Wed Mar 23 2016 Stephen Gallagher - 5.9.1-1 +- Update to latest stable release (5.9.1) +- Bundle npm (3.7.3) + * Tue Feb 23 2016 Tom Hughes - 4.3.1-1 - Update to 4.3.1 upstream LTS release diff --git a/sources b/sources index a5c6c2e..00338d5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -0bda97bcbe9e93d11a85d6433d07bc9e node-v4.3.1-stripped.tar.gz +f71057ca5993899b569a75e891e7f871 node-v5.9.1-stripped.tar.gz From 3e0de4b030467b3c54d1ab2287d02785cfe6f74b Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 1 Apr 2016 09:52:11 -0400 Subject: [PATCH 21/47] Update to latest security release (5.10.0) - Update bundled npm to 3.8.3 - Fixes serious man-in-the-middle vulnerability with npm --- .gitignore | 1 + nodejs.spec | 11 ++++++++--- sources | 2 +- 3 files changed, 10 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 1e59282..0d9f26f 100644 --- a/.gitignore +++ b/.gitignore @@ -42,3 +42,4 @@ /node-v5.8.0-stripped.tar.gz /node-v5.9.0.tar.gz /node-v5.9.1-stripped.tar.gz +/node-v5.10.0-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 1a93be4..3799237 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,8 +8,8 @@ # == Node.js Version == %global nodejs_major 5 -%global nodejs_minor 9 -%global nodejs_patch 1 +%global nodejs_minor 10 +%global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -44,7 +44,7 @@ # npm - from deps/npm/package.json %global npm_major 3 -%global npm_minor 7 +%global npm_minor 8 %global npm_patch 3 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} @@ -324,6 +324,11 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Fri Apr 01 2016 Stephen Gallagher - %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}-1 +- Update to latest security release (5.10.0) +- Update bundled npm to 3.8.3 +- Fixes serious man-in-the-middle vulnerability with npm + * Wed Mar 23 2016 Stephen Gallagher - 5.9.1-1 - Update to latest stable release (5.9.1) - Bundle npm (3.7.3) diff --git a/sources b/sources index 00338d5..f16b7f0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f71057ca5993899b569a75e891e7f871 node-v5.9.1-stripped.tar.gz +4a2dbe52e4e1975a4b4a26f9af3acf11 node-v5.10.0-stripped.tar.gz From b4761abbbaf80bc1bdd027fbfd7f301e760dce48 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 11 Apr 2016 08:43:59 -0400 Subject: [PATCH 22/47] Update to latest stable release 5.10.1 - https://github.com/nodejs/node/blob/v5.10.1/CHANGELOG.md --- .gitignore | 1 + nodejs.spec | 8 ++++++-- sources | 2 +- 3 files changed, 8 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 0d9f26f..11e0f75 100644 --- a/.gitignore +++ b/.gitignore @@ -43,3 +43,4 @@ /node-v5.9.0.tar.gz /node-v5.9.1-stripped.tar.gz /node-v5.10.0-stripped.tar.gz +/node-v5.10.1-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 3799237..1f98949 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -9,7 +9,7 @@ # == Node.js Version == %global nodejs_major 5 %global nodejs_minor 10 -%global nodejs_patch 0 +%global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -324,7 +324,11 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog -* Fri Apr 01 2016 Stephen Gallagher - %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}-1 +* Mon Apr 11 2016 Stephen Gallagher - 5.10.0-1 +- Update to latest stable release 5.10.1 +- https://github.com/nodejs/node/blob/v5.10.1/CHANGELOG.md + +* Fri Apr 01 2016 Stephen Gallagher - 5.10.0-1 - Update to latest security release (5.10.0) - Update bundled npm to 3.8.3 - Fixes serious man-in-the-middle vulnerability with npm diff --git a/sources b/sources index f16b7f0..47ed98a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -4a2dbe52e4e1975a4b4a26f9af3acf11 node-v5.10.0-stripped.tar.gz +adbe74296188f8b441c5d644058ea732 node-v5.10.1-stripped.tar.gz From 6e360a8b50797404ca053131d8491d0147016327 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 25 Apr 2016 14:20:21 -0400 Subject: [PATCH 23/47] Update to latest stable release 5.11.0 - https://github.com/nodejs/node/blob/v5.11.0/CHANGELOG.md --- .gitignore | 1 + nodejs-use-system-certs.patch | 25 +++++++++---------------- nodejs.spec | 14 +++++++++----- sources | 2 +- 4 files changed, 20 insertions(+), 22 deletions(-) diff --git a/.gitignore b/.gitignore index 11e0f75..04cb2d4 100644 --- a/.gitignore +++ b/.gitignore @@ -44,3 +44,4 @@ /node-v5.9.1-stripped.tar.gz /node-v5.10.0-stripped.tar.gz /node-v5.10.1-stripped.tar.gz +/node-v5.11.0-stripped.tar.gz diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index e14347c..5fd3d8b 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -20,17 +20,15 @@ Node.js 4.2 Modified 2016-03-04 by Stephen Gallagher to update for Node.js 5.7.1 ---- - src/node_crypto.cc | 28 ++++++++-------------------- - 1 file changed, 8 insertions(+), 20 deletions(-) +Modified 2016-04-25 by Joseph Wang to update for +Node.js 5.11.0 +--- diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index acd83e9f2f41ade75ee9a3c8061acfa8b3dbf0f4..70ffe035f8be24b2eb6daf71185649d8ae7d579f 100644 +index 989110c..a55b69d 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc -@@ -119,11 +119,11 @@ static X509_NAME *cnnic_ev_name = - sizeof(CNNIC_EV_ROOT_CA_SUBJECT_DATA)-1); - +@@ -121,7 +121,7 @@ static X509_NAME *cnnic_ev_name = static uv_mutex_t* locks; const char* const root_certs[] = { @@ -39,17 +37,13 @@ index acd83e9f2f41ade75ee9a3c8061acfa8b3dbf0f4..70ffe035f8be24b2eb6daf71185649d8 }; X509_STORE* root_cert_store; - - // Just to generate static methods -@@ -748,33 +748,21 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { - (void) &clear_error_on_return; // Silence compiler warning. - +@@ -750,29 +750,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { - root_cert_store = X509_STORE_new(); - -- for (size_t i = 0; i < ARRAY_SIZE(root_certs); i++) { +- for (size_t i = 0; i < arraysize(root_certs); i++) { - BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i])); - if (bp == nullptr) { - return; @@ -72,7 +66,7 @@ index acd83e9f2f41ade75ee9a3c8061acfa8b3dbf0f4..70ffe035f8be24b2eb6daf71185649d8 + root_cert_store = X509_STORE_new(); } + } else { -+ SSL_CTX_set_cert_store(sc->ctx_, root_cert_store); ++ SSL_CTX_set_cert_store(sc->ctx_, root_cert_store); } sc->ca_store_ = root_cert_store; @@ -80,8 +74,7 @@ index acd83e9f2f41ade75ee9a3c8061acfa8b3dbf0f4..70ffe035f8be24b2eb6daf71185649d8 } - void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { - SecureContext* sc = Unwrap(args.Holder()); + -- 2.7.2 diff --git a/nodejs.spec b/nodejs.spec index 1f98949..252ae26 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -8,8 +8,8 @@ # == Node.js Version == %global nodejs_major 5 -%global nodejs_minor 10 -%global nodejs_patch 1 +%global nodejs_minor 11 +%global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -31,8 +31,8 @@ # http-parser - from deps/http_parser/http_parser.h %global http_parser_major 2 -%global http_parser_minor 6 -%global http_parser_patch 2 +%global http_parser_minor 7 +%global http_parser_patch 0 %global http_parser_version %{http_parser_major}.%{http_parser_minor}.%{http_parser_patch} # punycode - from lib/punycode.js @@ -45,7 +45,7 @@ # npm - from deps/npm/package.json %global npm_major 3 %global npm_minor 8 -%global npm_patch 3 +%global npm_patch 6 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} # Filter out the NPM bundled dependencies so we aren't providing them @@ -324,6 +324,10 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Mon Apr 25 2016 Stephen Gallagher - %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}-1 +- Update to latest stable release 5.11.0 +- https://github.com/nodejs/node/blob/v5.11.0/CHANGELOG.md + * Mon Apr 11 2016 Stephen Gallagher - 5.10.0-1 - Update to latest stable release 5.10.1 - https://github.com/nodejs/node/blob/v5.10.1/CHANGELOG.md diff --git a/sources b/sources index 47ed98a..5938ef0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -adbe74296188f8b441c5d644058ea732 node-v5.10.1-stripped.tar.gz +d1aad83be4b8e26ab4d99b6d3c6d3e15 node-v5.11.0-stripped.tar.gz From ea7437c7e8651d9af44b0d848668d1f0e72e1878 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 25 Apr 2016 14:21:27 -0400 Subject: [PATCH 24/47] Fix changelog --- nodejs.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index 252ae26..6fa95cc 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -324,7 +324,7 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog -* Mon Apr 25 2016 Stephen Gallagher - %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}-1 +* Mon Apr 25 2016 Stephen Gallagher - 5.11.0-1 - Update to latest stable release 5.11.0 - https://github.com/nodejs/node/blob/v5.11.0/CHANGELOG.md From 00c66ed4912400e9c47cd53562147d96e5d2c343 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Thu, 28 Apr 2016 08:37:29 -0400 Subject: [PATCH 25/47] Add epoch and rebuild to preserve upgrade path --- nodejs.spec | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 6fa95cc..d19074b 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -54,8 +54,9 @@ Name: nodejs +Epoch: 1 Version: %{nodejs_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -135,9 +136,9 @@ Provides: bundled(http-parser) = %{http_parser_version} # We used to ship npm separately, but it is so tightly integrated with Node.js # (and expected to be present on all Node.js systems) that we ship it bundled # now. -Provides: npm = %{npm_version} -Provides: npm(npm) = %{npm_version} -Obsoletes: npm < 3.5.4-6 +Provides: npm = %{epoch}:%{npm_version} +Provides: npm(npm) = %{epoch}:%{npm_version} +Obsoletes: npm < 0:3.5.4-6 %description Node.js is a platform built on Chrome's JavaScript runtime @@ -149,7 +150,7 @@ real-time applications that run across distributed devices. %package devel Summary: JavaScript runtime - development headers Group: Development/Languages -Requires: %{name}%{?_isa} == %{version}-%{release} +Requires: %{name}%{?_isa} == %{epoch}:%{version}-%{release} Requires: libuv-devel%{?_isa} Requires: openssl-devel%{?_isa} Requires: zlib-devel%{?_isa} @@ -166,8 +167,8 @@ BuildArch: noarch # We don't require that the main package be installed to # use the docs, but if it is installed, make sure the # version always matches -Conflicts: %{name} > %{version}-%{release} -Conflicts: %{name} < %{version}-%{release} +Conflicts: %{name} > %{epoch}:%{version}-%{release} +Conflicts: %{name} < %{epoch}:%{version}-%{release} %description docs The API documentation for the Node.js JavaScript runtime. @@ -324,6 +325,9 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Thu Apr 28 2016 Stephen Gallagher - 1:5.11.0-2 +- Add epoch and rebuild to preserve upgrade path + * Mon Apr 25 2016 Stephen Gallagher - 5.11.0-1 - Update to latest stable release 5.11.0 - https://github.com/nodejs/node/blob/v5.11.0/CHANGELOG.md From bdc896c6d1fae99fe3fca184115f53f1f4b70b43 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 2 May 2016 09:16:15 -0400 Subject: [PATCH 26/47] Drop the epoch on the virtual provides for npm --- nodejs.spec | 15 ++++++++++++--- 1 file changed, 12 insertions(+), 3 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index d19074b..de874ea 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -56,7 +56,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} -Release: 2%{?dist} +Release: 3%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -136,9 +136,13 @@ Provides: bundled(http-parser) = %{http_parser_version} # We used to ship npm separately, but it is so tightly integrated with Node.js # (and expected to be present on all Node.js systems) that we ship it bundled # now. -Provides: npm = %{epoch}:%{npm_version} -Provides: npm(npm) = %{epoch}:%{npm_version} Obsoletes: npm < 0:3.5.4-6 +Provides: npm = %{epoch}:%{npm_version} + +# Do not add epoch to the virtual NPM provides or it will break +# the automatic dependency-generation script. +Provides: npm(npm) = %{npm_version} + %description Node.js is a platform built on Chrome's JavaScript runtime @@ -282,6 +286,7 @@ rm -rf %{buildroot}%{_prefix}/lib/node_modules/npm/html \ ln -sf %{_pkgdocdir} %{buildroot}%{_prefix}/lib/node_modules/npm/html ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc + %check # Fail the build if the versions don't match %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.node, '%{nodejs_version}')" @@ -310,6 +315,7 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_bindir}/npm %{_mandir}/man*/* + %files devel %if %{?with_debug} == 1 %{_bindir}/node_g @@ -325,6 +331,9 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Tue May 03 2016 Stephen Gallagher - 1:5.11.0-3 +- Drop the epoch on the virtual provides for npm + * Thu Apr 28 2016 Stephen Gallagher - 1:5.11.0-2 - Add epoch and rebuild to preserve upgrade path From 86719465d66b2f9bcff9ff4845d647633a322a67 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 9 May 2016 08:39:49 -0400 Subject: [PATCH 27/47] Update to latest stable release 6.1.0 - https://github.com/nodejs/node/blob/v6.1.0/CHANGELOG.md --- .gitignore | 1 + nodejs.spec | 26 +++++++++++++++++--------- sources | 2 +- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/.gitignore b/.gitignore index 04cb2d4..95f8637 100644 --- a/.gitignore +++ b/.gitignore @@ -45,3 +45,4 @@ /node-v5.10.0-stripped.tar.gz /node-v5.10.1-stripped.tar.gz /node-v5.11.0-stripped.tar.gz +/node-v6.1.0-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index de874ea..bb08461 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -7,18 +7,22 @@ %endif # == Node.js Version == -%global nodejs_major 5 -%global nodejs_minor 11 +# Note: Fedora should only ship LTS versions of Node.js (currently expected +# to be major versions with even numbers). The odd-numbered versions are new +# feature releases that are only supported for nine months, which is shorter +# than a Fedora release lifecycle. +%global nodejs_major 6 +%global nodejs_minor 1 %global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} # == Bundled Dependency Versions == # v8 - from deps/v8/include/v8-version.h -%global v8_major 4 -%global v8_minor 6 -%global v8_build 85 -%global v8_patch 31 +%global v8_major 5 +%global v8_minor 0 +%global v8_build 71 +%global v8_patch 35 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -56,7 +60,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} -Release: 3%{?dist} +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -84,8 +88,8 @@ Patch1: nodejs-disable-gyp-deps.patch Patch2: nodejs-use-system-certs.patch BuildRequires: python-devel -BuildRequires: libuv-devel >= 1.8.0 -Requires: libuv >= 1.8.0 +BuildRequires: libuv-devel >= 1.9.0 +Requires: libuv >= 1.9.0 BuildRequires: zlib-devel # Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.2 @@ -331,6 +335,10 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Mon May 09 2016 Stephen Gallagher - 1:6.1.0-1 +- Update to latest stable release 6.1.0 +- https://github.com/nodejs/node/blob/v6.1.0/CHANGELOG.md + * Tue May 03 2016 Stephen Gallagher - 1:5.11.0-3 - Drop the epoch on the virtual provides for npm diff --git a/sources b/sources index 5938ef0..42181b0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -d1aad83be4b8e26ab4d99b6d3c6d3e15 node-v5.11.0-stripped.tar.gz +6a3cd9d9db224a3ca52fa95205c315af node-v6.1.0-stripped.tar.gz From dda0d8b328a9e880f06842f8d42b9f352d097717 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 18 May 2016 08:29:25 -0400 Subject: [PATCH 28/47] Update to latest stable release 6.2.0 - https://github.com/nodejs/node/blob/v6.2.0/doc/changelogs/CHANGELOG_V6.md#6.2.0 --- .gitignore | 1 + nodejs.spec | 10 +++++++--- sources | 2 +- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index 95f8637..10af8ab 100644 --- a/.gitignore +++ b/.gitignore @@ -46,3 +46,4 @@ /node-v5.10.1-stripped.tar.gz /node-v5.11.0-stripped.tar.gz /node-v6.1.0-stripped.tar.gz +/node-v6.2.0-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index bb08461..79101ee 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -12,7 +12,7 @@ # feature releases that are only supported for nine months, which is shorter # than a Fedora release lifecycle. %global nodejs_major 6 -%global nodejs_minor 1 +%global nodejs_minor 2 %global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -22,7 +22,7 @@ %global v8_major 5 %global v8_minor 0 %global v8_build 71 -%global v8_patch 35 +%global v8_patch 47 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -49,7 +49,7 @@ # npm - from deps/npm/package.json %global npm_major 3 %global npm_minor 8 -%global npm_patch 6 +%global npm_patch 9 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} # Filter out the NPM bundled dependencies so we aren't providing them @@ -335,6 +335,10 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Wed May 18 2016 Stephen Gallagher - 1:6.2.0-1 +- Update to latest stable release 6.2.0 +- https://github.com/nodejs/node/blob/v6.2.0/doc/changelogs/CHANGELOG_V6.md#6.2.0 + * Mon May 09 2016 Stephen Gallagher - 1:6.1.0-1 - Update to latest stable release 6.1.0 - https://github.com/nodejs/node/blob/v6.1.0/CHANGELOG.md diff --git a/sources b/sources index 42181b0..5d9cc1c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -6a3cd9d9db224a3ca52fa95205c315af node-v6.1.0-stripped.tar.gz +ec22375b409798bfb30129522674bbc9 node-v6.2.0-stripped.tar.gz From 13b34f8544adc9c0cfb708f521301d050e1160cb Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Tue, 7 Jun 2016 18:38:42 +0100 Subject: [PATCH 29/47] Update to latest stable release 6.2.1 --- .gitignore | 1 + nodejs.spec | 11 +++++++---- sources | 2 +- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 10af8ab..53a73a8 100644 --- a/.gitignore +++ b/.gitignore @@ -47,3 +47,4 @@ /node-v5.11.0-stripped.tar.gz /node-v6.1.0-stripped.tar.gz /node-v6.2.0-stripped.tar.gz +/node-v6.2.1-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 79101ee..05532d4 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -13,7 +13,7 @@ # than a Fedora release lifecycle. %global nodejs_major 6 %global nodejs_minor 2 -%global nodejs_patch 0 +%global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -22,7 +22,7 @@ %global v8_major 5 %global v8_minor 0 %global v8_build 71 -%global v8_patch 47 +%global v8_patch 52 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -48,8 +48,8 @@ # npm - from deps/npm/package.json %global npm_major 3 -%global npm_minor 8 -%global npm_patch 9 +%global npm_minor 9 +%global npm_patch 3 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} # Filter out the NPM bundled dependencies so we aren't providing them @@ -335,6 +335,9 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Tue Jun 7 2016 Tom Hughes - 1:6.2.1-1 +- Update to latest stable release 6.2.1 + * Wed May 18 2016 Stephen Gallagher - 1:6.2.0-1 - Update to latest stable release 6.2.0 - https://github.com/nodejs/node/blob/v6.2.0/doc/changelogs/CHANGELOG_V6.md#6.2.0 diff --git a/sources b/sources index 5d9cc1c..16d1626 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ec22375b409798bfb30129522674bbc9 node-v6.2.0-stripped.tar.gz +564714a8c2883684bca67c5b13ee9c13 node-v6.2.1-stripped.tar.gz From a51d9b439e0995876196f2ba55dcca4cf4ed7892 Mon Sep 17 00:00:00 2001 From: Tom Hughes Date: Sat, 18 Jun 2016 10:26:18 +0100 Subject: [PATCH 30/47] Update to latest stable release 6.2.2 --- .gitignore | 1 + nodejs.spec | 11 +++++++++-- sources | 2 +- 3 files changed, 11 insertions(+), 3 deletions(-) diff --git a/.gitignore b/.gitignore index 53a73a8..e7d7fce 100644 --- a/.gitignore +++ b/.gitignore @@ -48,3 +48,4 @@ /node-v6.1.0-stripped.tar.gz /node-v6.2.0-stripped.tar.gz /node-v6.2.1-stripped.tar.gz +/node-v6.2.2-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 05532d4..8071e4e 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -13,7 +13,7 @@ # than a Fedora release lifecycle. %global nodejs_major 6 %global nodejs_minor 2 -%global nodejs_patch 1 +%global nodejs_patch 2 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -49,7 +49,7 @@ # npm - from deps/npm/package.json %global npm_major 3 %global npm_minor 9 -%global npm_patch 3 +%global npm_patch 5 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} # Filter out the NPM bundled dependencies so we aren't providing them @@ -301,6 +301,9 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc # Ensure we have punycode and that the version matches %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')" +# Ensure we have npm and that the version matches +NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"npm\").version, '%{npm_version}')" + %files %{_bindir}/node %dir %{_prefix}/lib/node_modules @@ -335,6 +338,10 @@ ln -sf %{_pkgdocdir}/npm/html %{buildroot}%{_prefix}/lib/node_modules/npm/doc %{_pkgdocdir}/npm/doc %changelog +* Sat Jun 18 2016 Tom Hughes - 1:6.2.2-1 +- Update to latest stable release 6.2.2 +- Add check on npm version + * Tue Jun 7 2016 Tom Hughes - 1:6.2.1-1 - Update to latest stable release 6.2.1 diff --git a/sources b/sources index 16d1626..c5b8b0e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -564714a8c2883684bca67c5b13ee9c13 node-v6.2.1-stripped.tar.gz +c1821b44925235698f2f61607c945895 node-v6.2.2-stripped.tar.gz From 1bf1b27726c9293f99fa47aa8ac8f96c7da5514b Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Sun, 10 Jul 2016 20:03:45 +0200 Subject: [PATCH 31/47] Update to 6.3.0 --- .gitignore | 1 + nodejs-use-system-certs.patch | 27 ++++++++++++--------------- nodejs.spec | 22 +++++++++++++++------- sources | 2 +- 4 files changed, 29 insertions(+), 23 deletions(-) diff --git a/.gitignore b/.gitignore index e7d7fce..7a5a1b1 100644 --- a/.gitignore +++ b/.gitignore @@ -49,3 +49,4 @@ /node-v6.2.0-stripped.tar.gz /node-v6.2.1-stripped.tar.gz /node-v6.2.2-stripped.tar.gz +/node-v6.3.0-stripped.tar.gz diff --git a/nodejs-use-system-certs.patch b/nodejs-use-system-certs.patch index 5fd3d8b..68ca37b 100644 --- a/nodejs-use-system-certs.patch +++ b/nodejs-use-system-certs.patch @@ -1,4 +1,4 @@ -From e0aac817a87c927f70a6f8edb63a4103a4109dfc Mon Sep 17 00:00:00 2001 +From e51cf2ad2627af02e88df48287fe510e885ba1dc Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:29:07 -0500 Subject: [PATCH 2/2] Do not bundle CA Certificates @@ -9,7 +9,7 @@ Content-Transfer-Encoding: 8bit CA Certificates are provided by Fedora. Forwarded: need some feedback before submitting the matter upstream -Author: Jérémy Lal +Author: J?r?my Lal Last-Update: 2014-03-02 Modified 2014-05-02 by T.C. Hollingsworth with the @@ -23,21 +23,22 @@ Node.js 5.7.1 Modified 2016-04-25 by Joseph Wang to update for Node.js 5.11.0 ---- -diff --git a/src/node_crypto.cc b/src/node_crypto.cc -index 989110c..a55b69d 100644 ---- a/src/node_crypto.cc -+++ b/src/node_crypto.cc -@@ -121,7 +121,7 @@ static X509_NAME *cnnic_ev_name = - static uv_mutex_t* locks; + +Modified 2016-07-10 by Zuzana Svetlikova to update for +Node.js 6.3.0 + +--- node/src/node_crypto.cc 2016-07-10 19:03:17.184502913 +0200 ++++ node_crypto.cc 2016-07-10 18:56:28.956440528 +0200 +@@ -118,7 +118,7 @@ + static Mutex* mutexes; const char* const root_certs[] = { -#include "node_root_certs.h" // NOLINT(build/include_order) -+ NULL ++ NULL }; X509_STORE* root_cert_store; -@@ -750,29 +750,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { +@@ -752,29 +752,17 @@ CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { @@ -74,7 +75,3 @@ index 989110c..a55b69d 100644 } - --- -2.7.2 - diff --git a/nodejs.spec b/nodejs.spec index 8071e4e..87b8972 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -12,8 +12,8 @@ # feature releases that are only supported for nine months, which is shorter # than a Fedora release lifecycle. %global nodejs_major 6 -%global nodejs_minor 2 -%global nodejs_patch 2 +%global nodejs_minor 3 +%global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -41,15 +41,15 @@ # punycode - from lib/punycode.js # Note: this was merged into the mainline since 0.6.x -%global punycode_major 1 -%global punycode_minor 3 -%global punycode_patch 2 +%global punycode_major 2 +%global punycode_minor 0 +%global punycode_patch 0 %global punycode_version %{punycode_major}.%{punycode_minor}.%{punycode_patch} # npm - from deps/npm/package.json %global npm_major 3 -%global npm_minor 9 -%global npm_patch 5 +%global npm_minor 10 +%global npm_patch 3 %global npm_version %{npm_major}.%{npm_minor}.%{npm_patch} # Filter out the NPM bundled dependencies so we aren't providing them @@ -91,6 +91,8 @@ BuildRequires: python-devel BuildRequires: libuv-devel >= 1.9.0 Requires: libuv >= 1.9.0 BuildRequires: zlib-devel +BuildRequires: gcc >= 4.8.0 +BuildRequires: gcc-c++ >= 4.8.0 # Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.2 @@ -338,6 +340,12 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Sun Jul 10 2016 Zuzana Svetlikova - 1:6.3.0-1 +- Update node to 6.3.0 +- update punycode to 2.0.0 +- add gcc and gcc-c++ as build dependencies +- modified system-certs patch + * Sat Jun 18 2016 Tom Hughes - 1:6.2.2-1 - Update to latest stable release 6.2.2 - Add check on npm version diff --git a/sources b/sources index c5b8b0e..ae332a5 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c1821b44925235698f2f61607c945895 node-v6.2.2-stripped.tar.gz +581470dcb25b5b5a689ddc76055eeabd node-v6.3.0-stripped.tar.gz From e2a3ffce8ca2622bc1648f521cb4f28041861eba Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Tue, 12 Jul 2016 10:48:26 +0200 Subject: [PATCH 32/47] Patch node.gyp --- nodejs.spec | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index 87b8972..a902dff 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -60,7 +60,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} -Release: 1%{?dist} +Release: 2%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -87,6 +87,11 @@ Patch1: nodejs-disable-gyp-deps.patch # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch Patch2: nodejs-use-system-certs.patch +# build fails at configure when we build it with shared libraries, +# so we need to patch node.gyp too +# this patch might be redundant in another release, since it seems to work with current upstream master +Patch3: nodejs-fix-nodegyp.patch + BuildRequires: python-devel BuildRequires: libuv-devel >= 1.9.0 Requires: libuv >= 1.9.0 @@ -196,6 +201,7 @@ rm -rf deps/uv \ %patch2 -p1 rm -f src/node_root_certs.h +%patch3 -p1 %build # build with debugging symbols and add defines from libuv (#892601) @@ -340,6 +346,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Tue Jul 12 2016 Zuzana Svetlikova - 1:6.3.0-2 +- Patch node.gyp to fix failing ./configure + * Sun Jul 10 2016 Zuzana Svetlikova - 1:6.3.0-1 - Update node to 6.3.0 - update punycode to 2.0.0 From 83372470853d04c0c36f4be7f9c44939f9f566df Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Tue, 12 Jul 2016 10:49:19 +0200 Subject: [PATCH 33/47] Add patch --- nodejs-fix-nodegyp.patch | 12 ++++++++++++ 1 file changed, 12 insertions(+) create mode 100644 nodejs-fix-nodegyp.patch diff --git a/nodejs-fix-nodegyp.patch b/nodejs-fix-nodegyp.patch new file mode 100644 index 0000000..3289565 --- /dev/null +++ b/nodejs-fix-nodegyp.patch @@ -0,0 +1,12 @@ +--- node/node.gyp 2016-07-11 16:30:06.367883998 +0200 ++++ node.gyp 2016-07-11 16:35:38.803059930 +0200 +@@ -831,9 +831,7 @@ + 'conditions': [ + ['v8_inspector=="true"', { + 'dependencies': [ +- 'deps/openssl/openssl.gyp:openssl', + 'deps/http_parser/http_parser.gyp:http_parser', +- 'deps/uv/uv.gyp:libuv' + ], + 'sources': [ + 'src/inspector_socket.cc', From 128eb9674d3fa65e85dfe27419f9bcc47fb9d726 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 18 Jul 2016 16:38:50 -0400 Subject: [PATCH 34/47] Fix epoch version dependency on libuv --- nodejs.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index a902dff..25e8426 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -60,7 +60,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} -Release: 2%{?dist} +Release: 3%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -93,8 +93,8 @@ Patch2: nodejs-use-system-certs.patch Patch3: nodejs-fix-nodegyp.patch BuildRequires: python-devel -BuildRequires: libuv-devel >= 1.9.0 -Requires: libuv >= 1.9.0 +BuildRequires: libuv-devel >= 1:1.9.1 +Requires: libuv >= 1:1.9.1 BuildRequires: zlib-devel BuildRequires: gcc >= 4.8.0 BuildRequires: gcc-c++ >= 4.8.0 @@ -346,6 +346,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Mon Jul 18 2016 Stephen Gallagher - 1:6.3.0-3 +- Fix epoch version dependency on libuv + * Tue Jul 12 2016 Zuzana Svetlikova - 1:6.3.0-2 - Patch node.gyp to fix failing ./configure From 69cb3cf333da6705dd0061fab459884b38a94ffd Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Mon, 25 Jul 2016 08:50:06 +0200 Subject: [PATCH 35/47] Update to 6.3.1 --- .gitignore | 1 + nodejs.spec | 16 ++++++++++------ sources | 2 +- 3 files changed, 12 insertions(+), 7 deletions(-) diff --git a/.gitignore b/.gitignore index 7a5a1b1..84de027 100644 --- a/.gitignore +++ b/.gitignore @@ -50,3 +50,4 @@ /node-v6.2.1-stripped.tar.gz /node-v6.2.2-stripped.tar.gz /node-v6.3.0-stripped.tar.gz +/node-v6.3.1-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index 25e8426..13703bf 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -13,7 +13,7 @@ # than a Fedora release lifecycle. %global nodejs_major 6 %global nodejs_minor 3 -%global nodejs_patch 0 +%global nodejs_patch 1 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -22,7 +22,7 @@ %global v8_major 5 %global v8_minor 0 %global v8_build 71 -%global v8_patch 52 +%global v8_patch 57 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -60,7 +60,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} -Release: 3%{?dist} +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -87,10 +87,10 @@ Patch1: nodejs-disable-gyp-deps.patch # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch Patch2: nodejs-use-system-certs.patch -# build fails at configure when we build it with shared libraries, +# build fails at configure when we build node v6.3.0 with shared libraries, # so we need to patch node.gyp too # this patch might be redundant in another release, since it seems to work with current upstream master -Patch3: nodejs-fix-nodegyp.patch +#Patch3: nodejs-fix-nodegyp.patch BuildRequires: python-devel BuildRequires: libuv-devel >= 1:1.9.1 @@ -201,7 +201,7 @@ rm -rf deps/uv \ %patch2 -p1 rm -f src/node_root_certs.h -%patch3 -p1 +#%patch3 -p1 %build # build with debugging symbols and add defines from libuv (#892601) @@ -346,6 +346,10 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Mon Jul 25 2016 Zuzana Svetlikova - 1:6.3.1-1 +- Update to 6.3.1 +- comment out %%patch3 + * Mon Jul 18 2016 Stephen Gallagher - 1:6.3.0-3 - Fix epoch version dependency on libuv diff --git a/sources b/sources index ae332a5..4cd663c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -581470dcb25b5b5a689ddc76055eeabd node-v6.3.0-stripped.tar.gz +676f94f9f3dcb702071b5057074a3cb8 node-v6.3.1-stripped.tar.gz From 4ae4aa6572a9f7e2b4f09f489fb84f8e7330c6bd Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 10 Aug 2016 09:08:48 -0400 Subject: [PATCH 36/47] Split npm into a subpackage --- nodejs.spec | 58 +++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 41 insertions(+), 17 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 13703bf..f6c4c6b 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -47,6 +47,7 @@ %global punycode_version %{punycode_major}.%{punycode_minor}.%{punycode_patch} # npm - from deps/npm/package.json +%global npm_epoch 1 %global npm_major 3 %global npm_minor 10 %global npm_patch 3 @@ -60,7 +61,8 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} -Release: 1%{?dist} +# Keep this release > 100 for F25+ due to a complicated npm upgrade bug +Release: 100%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -71,7 +73,7 @@ ExclusiveArch: %{nodejs_arches} # nodejs bundles openssl, but we use the system version in Fedora # because openssl contains prohibited code, we remove openssl completely from # the tarball, using the script in Source100 -Source0: node-v%{version}-stripped.tar.gz +Source0: node-v%{nodejs_version}-stripped.tar.gz Source100: %{name}-tarball.sh # The native module Requires generator remains in the nodejs SRPM, so it knows @@ -111,7 +113,7 @@ Provides: nodejs(abi%{nodejs_major}) = %{nodejs_abi} Provides: nodejs(v8-abi) = %{v8_abi} #this corresponds to the "engine" requirement in package.json -Provides: nodejs(engine) = %{version} +Provides: nodejs(engine) = %{nodejs_version} # Node.js currently has a conflict with the 'node' package in Fedora # The ham-radio group has agreed to rename their binary for us, but @@ -144,15 +146,9 @@ Provides: bundled(v8) = %{v8_version} # do releases often and is almost always far behind the bundled version Provides: bundled(http-parser) = %{http_parser_version} -# We used to ship npm separately, but it is so tightly integrated with Node.js -# (and expected to be present on all Node.js systems) that we ship it bundled -# now. -Obsoletes: npm < 0:3.5.4-6 -Provides: npm = %{epoch}:%{npm_version} - -# Do not add epoch to the virtual NPM provides or it will break -# the automatic dependency-generation script. -Provides: npm(npm) = %{npm_version} +# Make sure we keep NPM up to date when we update Node.js +Recommends: npm = %{npm_epoch}:%{npm_version} +Conflicts: npm < %{npm_epoch}:%{npm_version} %description @@ -165,7 +161,7 @@ real-time applications that run across distributed devices. %package devel Summary: JavaScript runtime - development headers Group: Development/Languages -Requires: %{name}%{?_isa} == %{epoch}:%{version}-%{release} +Requires: %{name}%{?_isa} = %{epoch}:%{nodejs_version}-%{release} Requires: libuv-devel%{?_isa} Requires: openssl-devel%{?_isa} Requires: zlib-devel%{?_isa} @@ -174,6 +170,26 @@ Requires: nodejs-packaging %description devel Development headers for the Node.js JavaScript runtime. +%package -n npm +Summary: Node.js Package Manager +Epoch: %{npm_epoch} +Version: %{npm_version} + +# We used to ship npm separately, but it is so tightly integrated with Node.js +# (and expected to be present on all Node.js systems) that we ship it bundled +# now. +Obsoletes: npm < 0:3.5.4-6 +Provides: npm = %{npm_epoch}:%{npm_version} +Requires: nodejs = %{epoch}:%{nodejs_version}-%{release} + +# Do not add epoch to the virtual NPM provides or it will break +# the automatic dependency-generation script. +Provides: npm(npm) = %{npm_version} + +%description -n npm +npm is a package manager for node.js. You can use it to install and publish +your node programs. It manages dependencies and does other cool stuff. + %package docs Summary: Node.js API documentation Group: Documentation @@ -182,15 +198,15 @@ BuildArch: noarch # We don't require that the main package be installed to # use the docs, but if it is installed, make sure the # version always matches -Conflicts: %{name} > %{epoch}:%{version}-%{release} -Conflicts: %{name} < %{epoch}:%{version}-%{release} +Conflicts: %{name} > %{epoch}:%{nodejs_version}-%{release} +Conflicts: %{name} < %{epoch}:%{nodejs_version}-%{release} %description docs The API documentation for the Node.js JavaScript runtime. %prep -%setup -q -n node-v%{version} +%setup -q -n node-v%{nodejs_version} # remove bundled dependencies that we aren't building %patch1 -p1 @@ -205,7 +221,7 @@ rm -f src/node_root_certs.h %build # build with debugging symbols and add defines from libuv (#892601) -# Node's v8 breaks with GCC 8 because of incorrect usage of methods on +# Node's v8 breaks with GCC 6 because of incorrect usage of methods on # NULL objects. We need to pass -fno-delete-null-pointer-checks export CFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-delete-null-pointer-checks' export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-delete-null-pointer-checks' @@ -339,6 +355,11 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_datadir}/node/common.gypi %{_pkgdocdir}/gdbinit + +%files -n npm +%{_bindir}/npm + + %files docs %dir %{_pkgdocdir} %{_pkgdocdir}/html @@ -346,6 +367,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Thu Aug 04 2016 Stephen Gallagher - 1:6.3.1-100 +- Split npm into a subpackage + * Mon Jul 25 2016 Zuzana Svetlikova - 1:6.3.1-1 - Update to 6.3.1 - comment out %%patch3 From 95b8d391e867be3581d867003322f41d3ba073ba Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Wed, 10 Aug 2016 14:10:54 -0400 Subject: [PATCH 37/47] Remove npm binary from main package --- nodejs.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index f6c4c6b..31bec09 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -343,7 +343,6 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_prefix}/lib/node_modules/npm %ghost %{_sysconfdir}/npmrc %ghost %{_sysconfdir}/npmignore -%{_bindir}/npm %{_mandir}/man*/* From d27b8e5edb24518fb5d801f4e4e7edad75325ffb Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Fri, 12 Aug 2016 17:26:06 +0200 Subject: [PATCH 38/47] Reminder to unbundle punycode later --- nodejs.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/nodejs.spec b/nodejs.spec index 31bec09..9e8911e 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -126,6 +126,9 @@ Conflicts: node <= 0.3.2-12 # we don't need the seperate nodejs-punycode package, so we Provide it here so # dependent packages don't need to override the dependency generator. # See also: RHBZ#11511811 +# UPDATE: punycode will be deprecated and so we should unbundle it in Node v8 +# and use upstream module instead +# https://github.com/nodejs/node/commit/29e49fc286080215031a81effbd59eac092fff2f Provides: nodejs-punycode = %{punycode_version} Provides: npm(punycode) = %{punycode_version} From 3bb56860534bc65dd9f072ddf093f72bdfd7bbef Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 16 Aug 2016 13:49:57 -0400 Subject: [PATCH 39/47] Build Node.js with internationalization support --- nodejs.spec | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 9e8911e..dca7ba8 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -62,7 +62,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 100%{?dist} +Release: 101%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -97,6 +97,7 @@ Patch2: nodejs-use-system-certs.patch BuildRequires: python-devel BuildRequires: libuv-devel >= 1:1.9.1 Requires: libuv >= 1:1.9.1 +BuildRequires: libicu-devel BuildRequires: zlib-devel BuildRequires: gcc >= 4.8.0 BuildRequires: gcc-c++ >= 4.8.0 @@ -233,7 +234,8 @@ export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno- --shared-openssl \ --shared-zlib \ --shared-libuv \ - --without-dtrace + --without-dtrace \ + --with-intl=system-icu %if %{?with_debug} == 1 # Setting BUILDTYPE=Debug builds both release and debug binaries @@ -369,6 +371,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Tue Aug 16 2016 Stephen Gallagher - 1:6.3.1-101 +- Build Node.js with internationalization support + * Thu Aug 04 2016 Stephen Gallagher - 1:6.3.1-100 - Split npm into a subpackage From 58fd6a2fd60f7e56bc4af6b7106af00d8e2e7f5e Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Thu, 18 Aug 2016 13:10:32 +0200 Subject: [PATCH 40/47] Update to 6.4.0 --- .gitignore | 1 + nodejs.spec | 12 ++++++++---- sources | 2 +- 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/.gitignore b/.gitignore index 84de027..d4a213c 100644 --- a/.gitignore +++ b/.gitignore @@ -51,3 +51,4 @@ /node-v6.2.2-stripped.tar.gz /node-v6.3.0-stripped.tar.gz /node-v6.3.1-stripped.tar.gz +/node-v6.4.0-stripped.tar.gz diff --git a/nodejs.spec b/nodejs.spec index dca7ba8..0b315da 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -12,8 +12,8 @@ # feature releases that are only supported for nine months, which is shorter # than a Fedora release lifecycle. %global nodejs_major 6 -%global nodejs_minor 3 -%global nodejs_patch 1 +%global nodejs_minor 4 +%global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -22,7 +22,7 @@ %global v8_major 5 %global v8_minor 0 %global v8_build 71 -%global v8_patch 57 +%global v8_patch 60 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -41,6 +41,7 @@ # punycode - from lib/punycode.js # Note: this was merged into the mainline since 0.6.x +# Note: this will be unmerged in v7 or v8 %global punycode_major 2 %global punycode_minor 0 %global punycode_patch 0 @@ -62,7 +63,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 101%{?dist} +Release: 1%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -371,6 +372,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Thu Aug 18 2016 Zuzana Svetlikova - 1:6.4.0-1 +- Update to 6.4.0 + * Tue Aug 16 2016 Stephen Gallagher - 1:6.3.1-101 - Build Node.js with internationalization support diff --git a/sources b/sources index 4cd663c..3991a87 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -676f94f9f3dcb702071b5057074a3cb8 node-v6.3.1-stripped.tar.gz +f1a51f14113d15f78c669f2975baec80 node-v6.4.0-stripped.tar.gz From e36e4ee84bffe080ee56f0f8abe36a297fb70f3b Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Mon, 22 Aug 2016 10:04:44 +0200 Subject: [PATCH 41/47] Bump Release to 101 to fix broken npm dependency --- nodejs.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/nodejs.spec b/nodejs.spec index 0b315da..9020c94 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -63,7 +63,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 1%{?dist} +Release: 101%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -372,6 +372,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Mon Aug 22 2016 Zuzana Svetlikova - 1:6.4.0-101 +- Bump release to 101 to fix broken npm dependency + * Thu Aug 18 2016 Zuzana Svetlikova - 1:6.4.0-1 - Update to 6.4.0 From 68898f84c9c85a9351d8e654a3ff02cbcbc7bdaa Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Mon, 22 Aug 2016 12:30:58 +0200 Subject: [PATCH 42/47] Bump to 102 --- nodejs.spec | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 9020c94..3e53323 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -63,7 +63,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 101%{?dist} +Release: 102%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -372,8 +372,8 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog -* Mon Aug 22 2016 Zuzana Svetlikova - 1:6.4.0-101 -- Bump release to 101 to fix broken npm dependency +* Mon Aug 22 2016 Zuzana Svetlikova - 1:6.4.0-102 +- Bump release to 102 to fix broken npm dependency * Thu Aug 18 2016 Zuzana Svetlikova - 1:6.4.0-1 - Update to 6.4.0 From 2b252644fbfb632ae541984cb66b3ecad66373fb Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Mon, 29 Aug 2016 17:07:57 +0200 Subject: [PATCH 43/47] Update sources file --- .gitignore | 1 + sources | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index d4a213c..cec6734 100644 --- a/.gitignore +++ b/.gitignore @@ -52,3 +52,4 @@ /node-v6.3.0-stripped.tar.gz /node-v6.3.1-stripped.tar.gz /node-v6.4.0-stripped.tar.gz +/node-v6.5.0-stripped.tar.gz diff --git a/sources b/sources index 3991a87..7a5ef30 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -f1a51f14113d15f78c669f2975baec80 node-v6.4.0-stripped.tar.gz +563d1513c33a047f0b5bb8bd82d8663f node-v6.5.0-stripped.tar.gz From 86c043c7a109f17cea5e2e7b3ad56c5535bab73f Mon Sep 17 00:00:00 2001 From: Zuzana Svetlikova Date: Mon, 29 Aug 2016 17:14:02 +0200 Subject: [PATCH 44/47] Update to 6.5.0 --- nodejs.spec | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) diff --git a/nodejs.spec b/nodejs.spec index 3e53323..4ad2912 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -12,7 +12,7 @@ # feature releases that are only supported for nine months, which is shorter # than a Fedora release lifecycle. %global nodejs_major 6 -%global nodejs_minor 4 +%global nodejs_minor 5 %global nodejs_patch 0 %global nodejs_abi %{nodejs_major}.%{nodejs_minor} %global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch} @@ -20,9 +20,9 @@ # == Bundled Dependency Versions == # v8 - from deps/v8/include/v8-version.h %global v8_major 5 -%global v8_minor 0 -%global v8_build 71 -%global v8_patch 60 +%global v8_minor 1 +%global v8_build 281 +%global v8_patch 81 # V8 presently breaks ABI at least every x.y release while never bumping SONAME %global v8_abi %{v8_major}.%{v8_minor} %global v8_version %{v8_major}.%{v8_minor}.%{v8_build}.%{v8_patch} @@ -63,7 +63,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 102%{?dist} +Release: 103%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -372,6 +372,9 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Mon Aug 29 2016 Zuzana Svetlikova - 1:6.5.0-103 +- Update to 6.5.0 + * Mon Aug 22 2016 Zuzana Svetlikova - 1:6.4.0-102 - Bump release to 102 to fix broken npm dependency From b9ddd6c483c9033f2c2c898a7ba89a2fa0521a1c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Thu, 8 Sep 2016 08:45:11 -0400 Subject: [PATCH 45/47] Prepare for EPEL 7 uplift - Use %{?epel} tag to maintain a single specfile - Relax openssl requirement to 1.0.1+ for EPEL 7 - Don't use weak dependencies in EPEL --- 0001-Use-Fedora-OpenSSL-build-flags.patch | 76 +++++++++++++++++++++++ nodejs-openssl-fix-no-srp.patch | 23 +++++++ nodejs-tarball.sh | 36 +++++++++-- nodejs.spec | 53 +++++++++++++--- 4 files changed, 177 insertions(+), 11 deletions(-) create mode 100644 0001-Use-Fedora-OpenSSL-build-flags.patch create mode 100644 nodejs-openssl-fix-no-srp.patch diff --git a/0001-Use-Fedora-OpenSSL-build-flags.patch b/0001-Use-Fedora-OpenSSL-build-flags.patch new file mode 100644 index 0000000..61e9740 --- /dev/null +++ b/0001-Use-Fedora-OpenSSL-build-flags.patch @@ -0,0 +1,76 @@ +From 6ecf32b36eab498da24a5e23d08713e19ab341a5 Mon Sep 17 00:00:00 2001 +From: Stephen Gallagher +Date: Thu, 8 Sep 2016 12:54:20 -0400 +Subject: [PATCH] Use Fedora OpenSSL build flags + +--- + deps/openssl/config/Makefile | 5 ++++- + deps/openssl/openssl.gypi | 9 ++++++--- + 2 files changed, 10 insertions(+), 4 deletions(-) + +diff --git a/deps/openssl/config/Makefile b/deps/openssl/config/Makefile +index c8155b16d8dcfbc7ade7cd463248236d989b0599..7a319fd13b06b0520b3e118691381f27fdccf1a0 100644 +--- a/deps/openssl/config/Makefile ++++ b/deps/openssl/config/Makefile +@@ -1,8 +1,11 @@ + PERL = perl + CONFIGURE = ./Configure +-COPT = no-shared no-symlinks ++COPT = no-shared no-symlinks \ ++ zlib sctp enable-camellia enable-seed enable-tlsext enable-rfc3779 \ ++ enable-cms enable-md2 enable-rc5 \ ++ no-mdc2 no-ec2m no-gost no-srp + + ARCHS = aix-gcc aix64-gcc BSD-x86 BSD-x86_64 VC-WIN32 \ + VC-WIN64A darwin64-x86_64-cc darwin-i386-cc linux-aarch64 \ + linux-armv4 linux-elf linux-x32 linux-x86_64 linux-ppc \ + linux-ppc64 linux32-s390x linux64-s390x solaris-x86-gcc \ +diff --git a/deps/openssl/openssl.gypi b/deps/openssl/openssl.gypi +index 3620e45c41074647ef54f040a539c0d1c4f9b7d9..549e87348fb8c929f80ffd651df1bf6591b071d2 100644 +--- a/deps/openssl/openssl.gypi ++++ b/deps/openssl/openssl.gypi +@@ -383,11 +383,10 @@ + 'openssl/crypto/evp/m_dss1.c', + 'openssl/crypto/evp/m_ecdsa.c', + 'openssl/crypto/evp/m_md2.c', + 'openssl/crypto/evp/m_md4.c', + 'openssl/crypto/evp/m_md5.c', +- 'openssl/crypto/evp/m_mdc2.c', + 'openssl/crypto/evp/m_null.c', + 'openssl/crypto/evp/m_ripemd.c', + 'openssl/crypto/evp/m_sha.c', + 'openssl/crypto/evp/m_sha1.c', + 'openssl/crypto/evp/m_sigver.c', +@@ -420,12 +419,10 @@ + 'openssl/crypto/lhash/lhash.c', + 'openssl/crypto/md4/md4_dgst.c', + 'openssl/crypto/md4/md4_one.c', + 'openssl/crypto/md5/md5_dgst.c', + 'openssl/crypto/md5/md5_one.c', +- 'openssl/crypto/mdc2/mdc2_one.c', +- 'openssl/crypto/mdc2/mdc2dgst.c', + 'openssl/crypto/mem.c', + 'openssl/crypto/mem_dbg.c', + 'openssl/crypto/modes/cbc128.c', + 'openssl/crypto/modes/ccm128.c', + 'openssl/crypto/modes/cfb128.c', +@@ -1261,10 +1258,16 @@ + # Heartbeat is a TLS extension, that couldn't be turned off or + # asked to be not advertised. Unfortunately this is unacceptable for + # Microsoft's IIS, which seems to be ignoring whole ClientHello after + # seeing this extension. + 'OPENSSL_NO_HEARTBEATS', ++ ++ # Taken from Fedora package: ++ 'OPENSSL_NO_SRP', ++ 'OPENSSL_NO_GOST', ++ 'OPENSSL_NO_MDC2', ++ 'OPENSSL_NO_EC2M', + ], + 'openssl_default_defines_win': [ + 'MK1MF_BUILD', + 'WIN32_LEAN_AND_MEAN', + 'OPENSSL_SYSNAME_WIN32', +-- +2.7.4 + diff --git a/nodejs-openssl-fix-no-srp.patch b/nodejs-openssl-fix-no-srp.patch new file mode 100644 index 0000000..50f1227 --- /dev/null +++ b/nodejs-openssl-fix-no-srp.patch @@ -0,0 +1,23 @@ +From 249270c8047486892b64a169ff16567b506ec1cb Mon Sep 17 00:00:00 2001 +From: Richard Levitte +Date: Fri, 22 Jul 2016 21:48:05 +0200 +Subject: [PATCH] Correct misspelt OPENSSL_NO_SRP + +RT#4619 +--- + ssl/statem/statem_clnt.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c +index b0f508c..5fb0080 100644 +--- a/ssl/statem/statem_clnt.c ++++ b/ssl/statem/statem_clnt.c +@@ -2451,7 +2451,7 @@ static int tls_construct_cke_gost(SSL *s, unsigned char **p, int *len, int *al) + + static int tls_construct_cke_srp(SSL *s, unsigned char **p, int *len, int *al) + { +-#ifndef OPENSSL_NO_SRT ++#ifndef OPENSSL_NO_SRP + if (s->srp_ctx.A != NULL) { + /* send off the data */ + *len = BN_num_bytes(s->srp_ctx.A); diff --git a/nodejs-tarball.sh b/nodejs-tarball.sh index e7e9613..947f7d6 100755 --- a/nodejs-tarball.sh +++ b/nodejs-tarball.sh @@ -1,7 +1,35 @@ #!/bin/sh - +SCRIPTROOT=$(pwd) version=$(rpm -q --specfile --qf='%{version}\n' nodejs.spec | head -n1) -wget http://nodejs.org/dist/v${version}/node-v${version}.tar.gz + +if [ ! -e node-v${version}.tar.gz ]; then + wget http://nodejs.org/dist/v${version}/node-v${version}.tar.gz +fi + tar -zxf node-v${version}.tar.gz -rm -rf node-v${version}/deps/openssl -tar -zcf node-v${version}-stripped.tar.gz node-v${version} +rm -rf node-v${version}/deps/openssl/openssl + +rm -rf openssl +fedpkg clone -a openssl +pushd openssl +fedpkg prep +openssl_version=$(rpm -q --specfile --qf='%{version}\n' openssl.spec | head -n1) + +pushd openssl-${openssl_version} +git init +git add . +git commit -m "Initial commit" --no-gpg-sign +./config +pushd include/openssl +#../../../../copy_symlink.sh *.h +popd # include/openssl + +git add include/ crypto/opensslconf.h +git commit -m "Include headers" --no-gpg-sign +git clean -f +popd # openssl-${openssl_version} + +popd # openssl +mv openssl/openssl-${openssl_version} node-v${version}/deps/openssl/openssl + +tar -zcf node-v${version}-hobbled.tar.gz node-v${version} diff --git a/nodejs.spec b/nodejs.spec index 4ad2912..b2f68a9 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -63,7 +63,9 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 103%{?dist} +# Always increase this release, never reset it to 1 until and unless we +# bump epoch again +Release: 103%{?dist}.8 Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -72,9 +74,9 @@ URL: http://nodejs.org/ ExclusiveArch: %{nodejs_arches} # nodejs bundles openssl, but we use the system version in Fedora -# because openssl contains prohibited code, we remove openssl completely from -# the tarball, using the script in Source100 -Source0: node-v%{nodejs_version}-stripped.tar.gz +# because openssl contains prohibited code, we replace the bundled copy in the +# tarball with the current latest Fedora version, using the script in Source100 +Source0: node-v%{nodejs_version}-hobbled.tar.gz Source100: %{name}-tarball.sh # The native module Requires generator remains in the nodejs SRPM, so it knows @@ -90,6 +92,9 @@ Patch1: nodejs-disable-gyp-deps.patch # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch Patch2: nodejs-use-system-certs.patch +# When building against the bundled OpenSSL, use the same flags as Fedora would +Patch3: 0001-Use-Fedora-OpenSSL-build-flags.patch + # build fails at configure when we build node v6.3.0 with shared libraries, # so we need to patch node.gyp too # this patch might be redundant in another release, since it seems to work with current upstream master @@ -102,8 +107,14 @@ BuildRequires: libicu-devel BuildRequires: zlib-devel BuildRequires: gcc >= 4.8.0 BuildRequires: gcc-c++ >= 4.8.0 -# Node.js requires some features from openssl 1.0.1 for SPDY support + +%if 0%{?fedora} +# Node.js requires some features from openssl 1.0.2 BuildRequires: openssl-devel >= 1:1.0.2 +%else +# EPEL currently builds with the OpenSSL pulled from Fedora and +# copied into the buildroot +%endif # we need the system certificate store when Patch2 is applied Requires: ca-certificates @@ -152,10 +163,21 @@ Provides: bundled(v8) = %{v8_version} Provides: bundled(http-parser) = %{http_parser_version} # Make sure we keep NPM up to date when we update Node.js +%if 0%{?rhel} +Requires: npm = %{npm_epoch}:%{npm_version} +%else Recommends: npm = %{npm_epoch}:%{npm_version} +%endif + Conflicts: npm < %{npm_epoch}:%{npm_version} +# On EPEL, we don't yet have a sufficiently-new version of OpenSSL, so +# we have to carry it bundled +%if 0%{?rhel} +Provides: bundled(openssl) = 1.0.2h +%endif + %description Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. @@ -218,11 +240,23 @@ The API documentation for the Node.js JavaScript runtime. rm -rf deps/uv \ deps/zlib +%if 0%{?rhel} +# On RHEL, we need to build the bundled (hobbled) OpenSSL +pushd deps/openssl/openssl +#./config +popd +%else +# On Fedora, we link with the system version, so completely +# delete the bundled openssl to be certain it doesn't get used. +rm -rf deps/openssl +%global CONFIGURE_OPENSSL --shared-openssl +%endif + # remove bundled CA certificates %patch2 -p1 rm -f src/node_root_certs.h -#%patch3 -p1 +%patch3 -p1 %build # build with debugging symbols and add defines from libuv (#892601) @@ -232,7 +266,7 @@ export CFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-de export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-delete-null-pointer-checks' ./configure --prefix=%{_prefix} \ - --shared-openssl \ + %{?CONFIGURE_OPENSSL} \ --shared-zlib \ --shared-libuv \ --without-dtrace \ @@ -372,6 +406,11 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Thu Sep 08 2016 Stephen Gallagher - 1:6.%.0-104 +- Prepare for EPEL 7 uplift +- Use %%{?epel} tag to maintain a single specfile +- Don't use weak dependencies in EPEL + * Mon Aug 29 2016 Zuzana Svetlikova - 1:6.5.0-103 - Update to 6.5.0 From 74b97c6ec143919db0031a8d30f543f21b9a6f0c Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Fri, 9 Sep 2016 08:16:32 -0400 Subject: [PATCH 46/47] Revert "Prepare for EPEL 7 uplift" This reverts commit b9ddd6c483c9033f2c2c898a7ba89a2fa0521a1c. This was pushed accidentally --- 0001-Use-Fedora-OpenSSL-build-flags.patch | 76 ----------------------- nodejs-openssl-fix-no-srp.patch | 23 ------- nodejs-tarball.sh | 36 ++--------- nodejs.spec | 53 +++------------- 4 files changed, 11 insertions(+), 177 deletions(-) delete mode 100644 0001-Use-Fedora-OpenSSL-build-flags.patch delete mode 100644 nodejs-openssl-fix-no-srp.patch diff --git a/0001-Use-Fedora-OpenSSL-build-flags.patch b/0001-Use-Fedora-OpenSSL-build-flags.patch deleted file mode 100644 index 61e9740..0000000 --- a/0001-Use-Fedora-OpenSSL-build-flags.patch +++ /dev/null @@ -1,76 +0,0 @@ -From 6ecf32b36eab498da24a5e23d08713e19ab341a5 Mon Sep 17 00:00:00 2001 -From: Stephen Gallagher -Date: Thu, 8 Sep 2016 12:54:20 -0400 -Subject: [PATCH] Use Fedora OpenSSL build flags - ---- - deps/openssl/config/Makefile | 5 ++++- - deps/openssl/openssl.gypi | 9 ++++++--- - 2 files changed, 10 insertions(+), 4 deletions(-) - -diff --git a/deps/openssl/config/Makefile b/deps/openssl/config/Makefile -index c8155b16d8dcfbc7ade7cd463248236d989b0599..7a319fd13b06b0520b3e118691381f27fdccf1a0 100644 ---- a/deps/openssl/config/Makefile -+++ b/deps/openssl/config/Makefile -@@ -1,8 +1,11 @@ - PERL = perl - CONFIGURE = ./Configure --COPT = no-shared no-symlinks -+COPT = no-shared no-symlinks \ -+ zlib sctp enable-camellia enable-seed enable-tlsext enable-rfc3779 \ -+ enable-cms enable-md2 enable-rc5 \ -+ no-mdc2 no-ec2m no-gost no-srp - - ARCHS = aix-gcc aix64-gcc BSD-x86 BSD-x86_64 VC-WIN32 \ - VC-WIN64A darwin64-x86_64-cc darwin-i386-cc linux-aarch64 \ - linux-armv4 linux-elf linux-x32 linux-x86_64 linux-ppc \ - linux-ppc64 linux32-s390x linux64-s390x solaris-x86-gcc \ -diff --git a/deps/openssl/openssl.gypi b/deps/openssl/openssl.gypi -index 3620e45c41074647ef54f040a539c0d1c4f9b7d9..549e87348fb8c929f80ffd651df1bf6591b071d2 100644 ---- a/deps/openssl/openssl.gypi -+++ b/deps/openssl/openssl.gypi -@@ -383,11 +383,10 @@ - 'openssl/crypto/evp/m_dss1.c', - 'openssl/crypto/evp/m_ecdsa.c', - 'openssl/crypto/evp/m_md2.c', - 'openssl/crypto/evp/m_md4.c', - 'openssl/crypto/evp/m_md5.c', -- 'openssl/crypto/evp/m_mdc2.c', - 'openssl/crypto/evp/m_null.c', - 'openssl/crypto/evp/m_ripemd.c', - 'openssl/crypto/evp/m_sha.c', - 'openssl/crypto/evp/m_sha1.c', - 'openssl/crypto/evp/m_sigver.c', -@@ -420,12 +419,10 @@ - 'openssl/crypto/lhash/lhash.c', - 'openssl/crypto/md4/md4_dgst.c', - 'openssl/crypto/md4/md4_one.c', - 'openssl/crypto/md5/md5_dgst.c', - 'openssl/crypto/md5/md5_one.c', -- 'openssl/crypto/mdc2/mdc2_one.c', -- 'openssl/crypto/mdc2/mdc2dgst.c', - 'openssl/crypto/mem.c', - 'openssl/crypto/mem_dbg.c', - 'openssl/crypto/modes/cbc128.c', - 'openssl/crypto/modes/ccm128.c', - 'openssl/crypto/modes/cfb128.c', -@@ -1261,10 +1258,16 @@ - # Heartbeat is a TLS extension, that couldn't be turned off or - # asked to be not advertised. Unfortunately this is unacceptable for - # Microsoft's IIS, which seems to be ignoring whole ClientHello after - # seeing this extension. - 'OPENSSL_NO_HEARTBEATS', -+ -+ # Taken from Fedora package: -+ 'OPENSSL_NO_SRP', -+ 'OPENSSL_NO_GOST', -+ 'OPENSSL_NO_MDC2', -+ 'OPENSSL_NO_EC2M', - ], - 'openssl_default_defines_win': [ - 'MK1MF_BUILD', - 'WIN32_LEAN_AND_MEAN', - 'OPENSSL_SYSNAME_WIN32', --- -2.7.4 - diff --git a/nodejs-openssl-fix-no-srp.patch b/nodejs-openssl-fix-no-srp.patch deleted file mode 100644 index 50f1227..0000000 --- a/nodejs-openssl-fix-no-srp.patch +++ /dev/null @@ -1,23 +0,0 @@ -From 249270c8047486892b64a169ff16567b506ec1cb Mon Sep 17 00:00:00 2001 -From: Richard Levitte -Date: Fri, 22 Jul 2016 21:48:05 +0200 -Subject: [PATCH] Correct misspelt OPENSSL_NO_SRP - -RT#4619 ---- - ssl/statem/statem_clnt.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/ssl/statem/statem_clnt.c b/ssl/statem/statem_clnt.c -index b0f508c..5fb0080 100644 ---- a/ssl/statem/statem_clnt.c -+++ b/ssl/statem/statem_clnt.c -@@ -2451,7 +2451,7 @@ static int tls_construct_cke_gost(SSL *s, unsigned char **p, int *len, int *al) - - static int tls_construct_cke_srp(SSL *s, unsigned char **p, int *len, int *al) - { --#ifndef OPENSSL_NO_SRT -+#ifndef OPENSSL_NO_SRP - if (s->srp_ctx.A != NULL) { - /* send off the data */ - *len = BN_num_bytes(s->srp_ctx.A); diff --git a/nodejs-tarball.sh b/nodejs-tarball.sh index 947f7d6..e7e9613 100755 --- a/nodejs-tarball.sh +++ b/nodejs-tarball.sh @@ -1,35 +1,7 @@ #!/bin/sh -SCRIPTROOT=$(pwd) + version=$(rpm -q --specfile --qf='%{version}\n' nodejs.spec | head -n1) - -if [ ! -e node-v${version}.tar.gz ]; then - wget http://nodejs.org/dist/v${version}/node-v${version}.tar.gz -fi - +wget http://nodejs.org/dist/v${version}/node-v${version}.tar.gz tar -zxf node-v${version}.tar.gz -rm -rf node-v${version}/deps/openssl/openssl - -rm -rf openssl -fedpkg clone -a openssl -pushd openssl -fedpkg prep -openssl_version=$(rpm -q --specfile --qf='%{version}\n' openssl.spec | head -n1) - -pushd openssl-${openssl_version} -git init -git add . -git commit -m "Initial commit" --no-gpg-sign -./config -pushd include/openssl -#../../../../copy_symlink.sh *.h -popd # include/openssl - -git add include/ crypto/opensslconf.h -git commit -m "Include headers" --no-gpg-sign -git clean -f -popd # openssl-${openssl_version} - -popd # openssl -mv openssl/openssl-${openssl_version} node-v${version}/deps/openssl/openssl - -tar -zcf node-v${version}-hobbled.tar.gz node-v${version} +rm -rf node-v${version}/deps/openssl +tar -zcf node-v${version}-stripped.tar.gz node-v${version} diff --git a/nodejs.spec b/nodejs.spec index b2f68a9..4ad2912 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -63,9 +63,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -# Always increase this release, never reset it to 1 until and unless we -# bump epoch again -Release: 103%{?dist}.8 +Release: 103%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -74,9 +72,9 @@ URL: http://nodejs.org/ ExclusiveArch: %{nodejs_arches} # nodejs bundles openssl, but we use the system version in Fedora -# because openssl contains prohibited code, we replace the bundled copy in the -# tarball with the current latest Fedora version, using the script in Source100 -Source0: node-v%{nodejs_version}-hobbled.tar.gz +# because openssl contains prohibited code, we remove openssl completely from +# the tarball, using the script in Source100 +Source0: node-v%{nodejs_version}-stripped.tar.gz Source100: %{name}-tarball.sh # The native module Requires generator remains in the nodejs SRPM, so it knows @@ -92,9 +90,6 @@ Patch1: nodejs-disable-gyp-deps.patch # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch Patch2: nodejs-use-system-certs.patch -# When building against the bundled OpenSSL, use the same flags as Fedora would -Patch3: 0001-Use-Fedora-OpenSSL-build-flags.patch - # build fails at configure when we build node v6.3.0 with shared libraries, # so we need to patch node.gyp too # this patch might be redundant in another release, since it seems to work with current upstream master @@ -107,14 +102,8 @@ BuildRequires: libicu-devel BuildRequires: zlib-devel BuildRequires: gcc >= 4.8.0 BuildRequires: gcc-c++ >= 4.8.0 - -%if 0%{?fedora} -# Node.js requires some features from openssl 1.0.2 +# Node.js requires some features from openssl 1.0.1 for SPDY support BuildRequires: openssl-devel >= 1:1.0.2 -%else -# EPEL currently builds with the OpenSSL pulled from Fedora and -# copied into the buildroot -%endif # we need the system certificate store when Patch2 is applied Requires: ca-certificates @@ -163,21 +152,10 @@ Provides: bundled(v8) = %{v8_version} Provides: bundled(http-parser) = %{http_parser_version} # Make sure we keep NPM up to date when we update Node.js -%if 0%{?rhel} -Requires: npm = %{npm_epoch}:%{npm_version} -%else Recommends: npm = %{npm_epoch}:%{npm_version} -%endif - Conflicts: npm < %{npm_epoch}:%{npm_version} -# On EPEL, we don't yet have a sufficiently-new version of OpenSSL, so -# we have to carry it bundled -%if 0%{?rhel} -Provides: bundled(openssl) = 1.0.2h -%endif - %description Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. @@ -240,23 +218,11 @@ The API documentation for the Node.js JavaScript runtime. rm -rf deps/uv \ deps/zlib -%if 0%{?rhel} -# On RHEL, we need to build the bundled (hobbled) OpenSSL -pushd deps/openssl/openssl -#./config -popd -%else -# On Fedora, we link with the system version, so completely -# delete the bundled openssl to be certain it doesn't get used. -rm -rf deps/openssl -%global CONFIGURE_OPENSSL --shared-openssl -%endif - # remove bundled CA certificates %patch2 -p1 rm -f src/node_root_certs.h -%patch3 -p1 +#%patch3 -p1 %build # build with debugging symbols and add defines from libuv (#892601) @@ -266,7 +232,7 @@ export CFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-de export CXXFLAGS='%{optflags} -g -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fno-delete-null-pointer-checks' ./configure --prefix=%{_prefix} \ - %{?CONFIGURE_OPENSSL} \ + --shared-openssl \ --shared-zlib \ --shared-libuv \ --without-dtrace \ @@ -406,11 +372,6 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog -* Thu Sep 08 2016 Stephen Gallagher - 1:6.%.0-104 -- Prepare for EPEL 7 uplift -- Use %%{?epel} tag to maintain a single specfile -- Don't use weak dependencies in EPEL - * Mon Aug 29 2016 Zuzana Svetlikova - 1:6.5.0-103 - Update to 6.5.0 From 5d0271a5297c526a0442dce181b9f94351753228 Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Mon, 12 Sep 2016 14:21:14 -0400 Subject: [PATCH 47/47] Prepare for EPEL 7 uplift - Use %{?epel} tag to maintain a single specfile - Relax openssl requirement to 1.0.1+ for EPEL 7 - Don't use weak dependencies in EPEL - Update v8_abi processing to avoid extra rebuilds of dependents --- ...e-running-gyp-files-for-bundled-deps.patch | 14 +- 0002-Use-openssl-1.0.1.patch | 524 ++++++++++++++++++ ...-Certificates-are-provided-by-Fedora.patch | 45 +- nodejs-fix-nodegyp.patch | 12 - nodejs.spec | 45 +- 5 files changed, 585 insertions(+), 55 deletions(-) rename nodejs-disable-gyp-deps.patch => 0001-disable-running-gyp-files-for-bundled-deps.patch (63%) create mode 100644 0002-Use-openssl-1.0.1.patch rename nodejs-use-system-certs.patch => 0003-CA-Certificates-are-provided-by-Fedora.patch (62%) delete mode 100644 nodejs-fix-nodegyp.patch diff --git a/nodejs-disable-gyp-deps.patch b/0001-disable-running-gyp-files-for-bundled-deps.patch similarity index 63% rename from nodejs-disable-gyp-deps.patch rename to 0001-disable-running-gyp-files-for-bundled-deps.patch index f1526c0..4e46de4 100644 --- a/nodejs-disable-gyp-deps.patch +++ b/0001-disable-running-gyp-files-for-bundled-deps.patch @@ -1,19 +1,17 @@ -From 9ed79cf3212bf7bba43c2a7f313628092c43daf5 Mon Sep 17 00:00:00 2001 +From da4ed485ddd52cd156406f939225146e8539cabb Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 1 Dec 2015 16:35:29 -0500 -Subject: [PATCH 1/2] disable running gyp files for bundled deps +Subject: [PATCH 1/3] disable running gyp files for bundled deps --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile -index 4962bd4e47e447840cc9890ce465b786bb77ba26..30fa7fb2f621a320706a076724250421da373d1f 100644 +index a8870a5..f7fc4a9 100644 --- a/Makefile +++ b/Makefile -@@ -65,11 +65,11 @@ $(NODE_EXE): config.gypi out/Makefile - - $(NODE_G_EXE): config.gypi out/Makefile +@@ -70,7 +70,7 @@ $(NODE_G_EXE): config.gypi out/Makefile $(MAKE) -C out BUILDTYPE=Debug V=$(V) ln -fs out/Debug/$(NODE_EXE) $@ @@ -22,8 +20,6 @@ index 4962bd4e47e447840cc9890ce465b786bb77ba26..30fa7fb2f621a320706a076724250421 $(PYTHON) tools/gyp_node.py -f make config.gypi: configure - if [ -f $@ ]; then - $(error Stale $@, please re-run ./configure) -- -2.7.2 +2.9.0 diff --git a/0002-Use-openssl-1.0.1.patch b/0002-Use-openssl-1.0.1.patch new file mode 100644 index 0000000..700e8fc --- /dev/null +++ b/0002-Use-openssl-1.0.1.patch @@ -0,0 +1,524 @@ +From 6cf8243a70e26843c7770f7b29b1a33b822d1c26 Mon Sep 17 00:00:00 2001 +From: Haikel Guemar +Date: Tue, 26 Jul 2016 22:50:22 +0200 +Subject: [PATCH 2/3] Use openssl 1.0.1 + +Based on Solaris patches from upstream #2783 +https://github.com/nodejs/node/issues/2783 +--- + doc/api/tls.md | 6 ++ + src/node_constants.cc | 5 ++ + src/node_crypto.cc | 201 ++++++++++++++++++++++++++++++++++++++++++++++---- + src/node_crypto.h | 16 ++++ + src/tls_wrap.cc | 8 ++ + 5 files changed, 223 insertions(+), 13 deletions(-) + +diff --git a/doc/api/tls.md b/doc/api/tls.md +index 7feaff2..97ad7a5 100644 +--- a/doc/api/tls.md ++++ b/doc/api/tls.md +@@ -114,6 +114,12 @@ handshake extensions: + * SNI - Allows the use of one TLS server for multiple hostnames with different + SSL certificates. + ++ **NOTE**: dueto a design flaw in node **SNI cannot be ++ used on the server side**, even so all parameters in related functions are ++ accepted for compatibility reasons. And thus the related events will not ++ fire unless one aranges this explicitly. This may change, when the OS ++ provides OpenSSL v1.0.2 or better and node gets linked to this version. ++ + *Note*: Use of ALPN is recommended over NPN. The NPN extension has never been + formally defined or documented and generally not recommended for use. + +diff --git a/src/node_constants.cc b/src/node_constants.cc +index 2e6be8d..239eadb 100644 +--- a/src/node_constants.cc ++++ b/src/node_constants.cc +@@ -14,7 +14,10 @@ + #include + + #if HAVE_OPENSSL ++# include ++# ifndef OPENSSL_NO_EC + # include ++# endif + # include + # ifndef OPENSSL_NO_ENGINE + # include +@@ -976,12 +979,14 @@ void DefineOpenSSLConstants(Local target) { + + #if HAVE_OPENSSL + // NOTE: These are not defines ++# ifndef OPENSSL_NO_EC + NODE_DEFINE_CONSTANT(target, POINT_CONVERSION_COMPRESSED); + + NODE_DEFINE_CONSTANT(target, POINT_CONVERSION_UNCOMPRESSED); + + NODE_DEFINE_CONSTANT(target, POINT_CONVERSION_HYBRID); + #endif ++#endif + } + + void DefineSystemConstants(Local target) { +diff --git a/src/node_crypto.cc b/src/node_crypto.cc +index 9cf216f..888a0f8 100644 +--- a/src/node_crypto.cc ++++ b/src/node_crypto.cc +@@ -24,6 +24,82 @@ + #include + #include + ++#ifndef SSL_get_server_tmp_key ++/* ++ 1.0.2 SSL_get_server_tmp_key(s, pk) "backport". BAD HACK!!! ++ NOTE: This imports "foreign" knowledge and thus will break, when SESS_CERT ++ or CERT_PKEY change, which is definitely the case for the later for ++ all OpenSSL lib vers != 1.0.1. So don't try to bind to something else! ++ */ ++# define SSL_PKEY_NUM 8 ++typedef struct cert_pkey_st { ++ X509 *x509; ++ EVP_PKEY *privatekey; ++ /* Digest to use when signing */ ++ const EVP_MD *digest; ++} CERT_PKEY; ++ ++typedef struct sess_cert_st { ++ STACK_OF(X509) *cert_chain; /* as received from peer (not for SSL2) */ ++ /* The 'peer_...' members are used only by clients. */ ++ int peer_cert_type; ++ CERT_PKEY *peer_key; /* points to an element of peer_pkeys (never ++ * NULL!) */ ++ CERT_PKEY peer_pkeys[SSL_PKEY_NUM]; ++ /* ++ * Obviously we don't have the private keys of these, so maybe we ++ * shouldn't even use the CERT_PKEY type here. ++ */ ++# ifndef OPENSSL_NO_RSA ++ RSA *peer_rsa_tmp; /* not used for SSL 2 */ ++# endif ++# ifndef OPENSSL_NO_DH ++ DH *peer_dh_tmp; /* not used for SSL 2 */ ++# endif ++# ifndef OPENSSL_NO_ECDH ++ EC_KEY *peer_ecdh_tmp; ++# endif ++ int references; /* actually always 1 at the moment */ ++} SESS_CERT; ++ ++static long SSL_get_server_tmp_key(SSL *s, void *parg) { ++ if (s->server || !s->session || !s->session->sess_cert) ++ return 0; ++ else { ++ SESS_CERT *sc; ++ EVP_PKEY *ptmp; ++ int rv = 0; ++ sc = s->session->sess_cert; ++#if !defined(OPENSSL_NO_RSA) && !defined(OPENSSL_NO_DH) && !defined(OPENSSL_NO_EC) && !defined(OPENSSL_NO_ECDH) ++ if (!sc->peer_rsa_tmp && !sc->peer_dh_tmp && !sc->peer_ecdh_tmp) ++ return 0; ++#endif ++ ptmp = EVP_PKEY_new(); ++ if (!ptmp) ++ return 0; ++ if (0) ; ++#ifndef OPENSSL_NO_RSA ++ else if (sc->peer_rsa_tmp) ++ rv = EVP_PKEY_set1_RSA(ptmp, sc->peer_rsa_tmp); ++#endif ++#ifndef OPENSSL_NO_DH ++ else if (sc->peer_dh_tmp) ++ rv = EVP_PKEY_set1_DH(ptmp, sc->peer_dh_tmp); ++#endif ++#ifndef OPENSSL_NO_ECDH ++ else if (sc->peer_ecdh_tmp) ++ rv = EVP_PKEY_set1_EC_KEY(ptmp, sc->peer_ecdh_tmp); ++#endif ++ if (rv) { ++ *(EVP_PKEY **)parg = ptmp; ++ return 1; ++ } ++ EVP_PKEY_free(ptmp); ++ return 0; ++ } ++} ++#endif /* SSL_get_server_tmp_key */ ++ + #define THROW_AND_RETURN_IF_NOT_STRING_OR_BUFFER(val, prefix) \ + do { \ + if (!Buffer::HasInstance(val) && !val->IsString()) { \ +@@ -160,7 +236,11 @@ template int SSLWrap::TLSExtStatusCallback(SSL* s, void* arg); + #endif + + template void SSLWrap::DestroySSL(); ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + template int SSLWrap::SSLCertCallback(SSL* s, void* arg); ++#else ++template int SSLWrap::SSLCertCallback(SSL* s, X509 **x509, EVP_PKEY **pkey); ++#endif + template void SSLWrap::WaitForCertCb(CertCb cb, void* arg); + + #ifdef TLSEXT_TYPE_application_layer_protocol_negotiation +@@ -280,8 +360,12 @@ void SecureContext::Initialize(Environment* env, Local target) { + env->SetProtoMethod(t, "addCRL", SecureContext::AddCRL); + env->SetProtoMethod(t, "addRootCerts", SecureContext::AddRootCerts); + env->SetProtoMethod(t, "setCiphers", SecureContext::SetCiphers); ++#ifndef OPENSSL_NO_ECDH + env->SetProtoMethod(t, "setECDHCurve", SecureContext::SetECDHCurve); ++#endif ++#ifndef OPENSSL_NO_DH + env->SetProtoMethod(t, "setDHParam", SecureContext::SetDHParam); ++#endif + env->SetProtoMethod(t, "setOptions", SecureContext::SetOptions); + env->SetProtoMethod(t, "setSessionIdContext", + SecureContext::SetSessionIdContext); +@@ -515,8 +599,20 @@ int SSL_CTX_use_certificate_chain(SSL_CTX* ctx, + for (int i = 0; i < sk_X509_num(extra_certs); i++) { + X509* ca = sk_X509_value(extra_certs, i); + +- // NOTE: Increments reference count on `ca` +- r = SSL_CTX_add1_chain_cert(ctx, ca); ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++ // If ctx->cert->key != NULL create ctx->cert->key->chain if not ++ // already there, push 'ca' to this chain and finally increment the ca ++ // reference count by 1 (this is the diff between *_add1_* and *_add0_* ++ // - the later increments by 0 ;-)) and return 1. Otherwise or if ++ // something fails in between, return 0. ++ r = SSL_CTX_add1_chain_cert(ctx, ca); ++#else ++ // Create ctx->extra_certs if not already there, just push 'ca' to this ++ // chain and return 1. If something fails, return 0. ++ // NOTE: 1.0.1- does not support multiple certs having its own chain in ++ // a single context. There is just one: extra_chain! ++ r = SSL_CTX_add_extra_chain_cert(ctx, ca); ++#endif + + if (!r) { + ret = 0; +@@ -795,6 +891,7 @@ void SecureContext::SetCiphers(const FunctionCallbackInfo& args) { + } + + ++#ifndef OPENSSL_NO_ECDH + void SecureContext::SetECDHCurve(const FunctionCallbackInfo& args) { + SecureContext* sc; + ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder()); +@@ -822,8 +919,10 @@ void SecureContext::SetECDHCurve(const FunctionCallbackInfo& args) { + + EC_KEY_free(ecdh); + } ++#endif + + ++#ifndef OPENSSL_NO_DH + void SecureContext::SetDHParam(const FunctionCallbackInfo& args) { + SecureContext* sc; + ASSIGN_OR_RETURN_UNWRAP(&sc, args.This()); +@@ -862,6 +961,7 @@ void SecureContext::SetDHParam(const FunctionCallbackInfo& args) { + if (!r) + return env->ThrowTypeError("Error setting temp DH parameter"); + } ++#endif + + + void SecureContext::SetOptions(const FunctionCallbackInfo& args) { +@@ -1872,6 +1972,7 @@ void SSLWrap::GetEphemeralKeyInfo( + info->Set(env->size_string(), + Integer::New(env->isolate(), EVP_PKEY_bits(key))); + break; ++#ifndef OPENSSL_NO_ECDH + case EVP_PKEY_EC: + { + EC_KEY* ec = EVP_PKEY_get1_EC_KEY(key); +@@ -1884,6 +1985,7 @@ void SSLWrap::GetEphemeralKeyInfo( + info->Set(env->size_string(), + Integer::New(env->isolate(), EVP_PKEY_bits(key))); + } ++#endif + } + EVP_PKEY_free(key); + } +@@ -2301,7 +2403,12 @@ void SSLWrap::WaitForCertCb(CertCb cb, void* arg) { + + + template ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + int SSLWrap::SSLCertCallback(SSL* s, void* arg) { ++#else ++/* NOTE: For now this callback gets usually never called dueto design flaws */ ++int SSLWrap::SSLCertCallback(SSL* s, X509 **x509, EVP_PKEY **pkey) { ++#endif + Base* w = static_cast(SSL_get_app_data(s)); + + if (!w->is_server()) +@@ -2375,19 +2482,53 @@ void SSLWrap::CertCbDone(const FunctionCallbackInfo& args) { + w->sni_context_.Reset(env->isolate(), ctx); + + int rv; ++ X509* x509; ++ EVP_PKEY* pkey; ++ STACK_OF(X509)* chain; + + // NOTE: reference count is not increased by this API methods +- X509* x509 = SSL_CTX_get0_certificate(sc->ctx_); +- EVP_PKEY* pkey = SSL_CTX_get0_privatekey(sc->ctx_); +- STACK_OF(X509)* chain; ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++ x509 = SSL_CTX_get0_certificate(sc->ctx_); ++ pkey = SSL_CTX_get0_privatekey(sc->ctx_); ++ rv = SSL_CTX_get0_chain_certs(sc->ctx_, &chain); ++#else ++ SSL *ssl = SSL_new(sc->ctx_); ++ rv = SSL_CTX_get_extra_chain_certs(sc->ctx_, &chain); ++ if (ssl) { ++ SSL_set_connect_state(ssl); /* just cleanup/reset state - cheap */ ++ x509 = SSL_get_certificate(ssl); ++ SSL_free(ssl); ++ } else { ++ x509 = NULL; ++ pkey = NULL; ++ } ++#endif + +- rv = SSL_CTX_get0_chain_certs(sc->ctx_, &chain); +- if (rv) +- rv = SSL_use_certificate(w->ssl_, x509); +- if (rv) +- rv = SSL_use_PrivateKey(w->ssl_, pkey); +- if (rv && chain != nullptr) +- rv = SSL_set1_chain(w->ssl_, chain); ++ if (rv) ++ rv = SSL_use_certificate(w->ssl_, x509); ++ if (rv) ++ rv = SSL_use_PrivateKey(w->ssl_, pkey); ++ if (rv && chain != nullptr) { ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L ++ // replaces w->ssl_->cert->key->chain with a copy of the given chain, ++ // which is allowed to be NULL ++ rv = SSL_set1_chain(w->ssl_, chain); ++#else ++ // just replace the extra chain with the given chain - 1.0.1- does not ++ // support chain per cert ++ SSL_CTX_clear_extra_chain_certs(w->ssl_->ctx); ++ if (chain != NULL) { ++ int i; ++ SSL_CTX* ctx = w->ssl_->ctx; ++ for (i = 0; i < sk_X509_num(chain); i++) { ++ // can't do anything: however others might be ok and still ++ // satisfy requirements ++ SSL_CTX_add_extra_chain_cert(ctx, sk_X509_value(chain,i)); ++ } ++ } ++ rv = 1; ++#endif ++ } + if (rv) + rv = w->SetCACerts(sc); + if (!rv) { +@@ -2451,10 +2592,14 @@ void SSLWrap::SetSNIContext(SecureContext* sc) { + + template + int SSLWrap::SetCACerts(SecureContext* sc) { ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + int err = SSL_set1_verify_cert_store(ssl_, SSL_CTX_get_cert_store(sc->ctx_)); + if (err != 1) + return err; +- ++#else ++ // there is no ssl_->cert->verify_store in <= 1.0.1. So no need to: free the ++ // old store, set the new one to it and increment its ref count. ++#endif + STACK_OF(X509_NAME)* list = SSL_dup_CA_list( + SSL_CTX_get_client_CA_list(sc->ctx_)); + +@@ -2732,7 +2877,11 @@ inline int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx) { + SSL* ssl = static_cast( + X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx())); + ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + if (SSL_is_server(ssl)) ++#else ++ if (ssl->server) ++#endif + return 1; + + // Client needs to check if the server cert is listed in the +@@ -2815,7 +2964,21 @@ void Connection::New(const FunctionCallbackInfo& args) { + + InitNPN(sc); + ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + SSL_set_cert_cb(conn->ssl_, SSLWrap::SSLCertCallback, conn); ++#else ++ /* 1.0.1 and less have no general cert callback. The closest for a client is ++ SSL_CTX_set_client_cert_cb(conn->ssl_->ctx, SSLWrap::SSLCertCallback); ++ but on the client it is not needed/used by this implementation. Since this ++ the SSLCertCallback actually calls lib/_tls_wrap.js:oncertcb(), which in ++ turn loadSNI() and this the actual SNICallback of the JSON object, sets ++ the context and finally requestOCSP() and certCbDone(). Not sure, why ++ the SNICallback of the JSON object, doesn't get invoked via ++ SelectSNIContextCallback_() - design flaw because lets do 2 things at once ++ (i.e. do SNICallback and attach the certs ca chain), however, this means ++ no server side support for the SNI TLS/OCSP_state extension anymore. ++ */ ++#endif + + #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB + if (is_server) { +@@ -4404,6 +4567,7 @@ void PublicKeyCipher::Cipher(const FunctionCallbackInfo& args) { + } + + ++#ifndef OPENSSL_NO_DH + void DiffieHellman::Initialize(Environment* env, Local target) { + Local t = env->NewFunctionTemplate(New); + +@@ -4805,8 +4969,10 @@ bool DiffieHellman::VerifyContext() { + verifyError_ = codes; + return true; + } ++#endif + + ++#ifndef OPENSSL_NO_ECDH + void ECDH::Initialize(Environment* env, Local target) { + HandleScope scope(env->isolate()); + +@@ -5034,6 +5200,7 @@ void ECDH::SetPrivateKey(const FunctionCallbackInfo& args) { + + EC_POINT_free(pub); + } ++#endif + + + void ECDH::SetPublicKey(const FunctionCallbackInfo& args) { +@@ -5587,6 +5754,7 @@ void GetHashes(const FunctionCallbackInfo& args) { + } + + ++# ifndef OPENSSL_NO_EC + void GetCurves(const FunctionCallbackInfo& args) { + Environment* env = Environment::GetCurrent(args); + const size_t num_curves = EC_get_builtin_curves(nullptr, 0); +@@ -5611,6 +5779,7 @@ void GetCurves(const FunctionCallbackInfo& args) { + + args.GetReturnValue().Set(arr); + } ++#endif + + + bool VerifySpkac(const char* data, unsigned int len) { +@@ -5886,8 +6055,12 @@ void InitCrypto(Local target, + SecureContext::Initialize(env, target); + Connection::Initialize(env, target); + CipherBase::Initialize(env, target); ++# ifndef OPENSSL_NO_EC + DiffieHellman::Initialize(env, target); ++#endif ++#ifndef OPENSSL_NO_ECDH + ECDH::Initialize(env, target); ++#endif + Hmac::Initialize(env, target); + Hash::Initialize(env, target); + Sign::Initialize(env, target); +@@ -5906,7 +6079,9 @@ void InitCrypto(Local target, + env->SetMethod(target, "getSSLCiphers", GetSSLCiphers); + env->SetMethod(target, "getCiphers", GetCiphers); + env->SetMethod(target, "getHashes", GetHashes); ++# ifndef OPENSSL_NO_EC + env->SetMethod(target, "getCurves", GetCurves); ++#endif + env->SetMethod(target, "publicEncrypt", + PublicKeyCipher::Cipher ++# ifndef OPENSSL_NO_EC + #include ++# endif ++# ifndef OPENSSL_NO_ECDH + #include ++# endif + #ifndef OPENSSL_NO_ENGINE + # include + #endif // !OPENSSL_NO_ENGINE +@@ -101,8 +105,12 @@ class SecureContext : public BaseObject { + static void AddCRL(const v8::FunctionCallbackInfo& args); + static void AddRootCerts(const v8::FunctionCallbackInfo& args); + static void SetCiphers(const v8::FunctionCallbackInfo& args); ++#ifndef OPENSSL_NO_ECDH + static void SetECDHCurve(const v8::FunctionCallbackInfo& args); ++#endif ++# ifndef OPENSSL_NO_DH + static void SetDHParam(const v8::FunctionCallbackInfo& args); ++#endif + static void SetOptions(const v8::FunctionCallbackInfo& args); + static void SetSessionIdContext( + const v8::FunctionCallbackInfo& args); +@@ -283,7 +291,11 @@ class SSLWrap { + unsigned int inlen, + void* arg); + static int TLSExtStatusCallback(SSL* s, void* arg); ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + static int SSLCertCallback(SSL* s, void* arg); ++#else ++ static int SSLCertCallback(SSL* s, X509 **x509, EVP_PKEY **pkey); ++#endif + static void SSLGetter(v8::Local property, + const v8::PropertyCallbackInfo& info); + +@@ -645,6 +657,7 @@ class PublicKeyCipher { + static void Cipher(const v8::FunctionCallbackInfo& args); + }; + ++#ifndef OPENSSL_NO_DH + class DiffieHellman : public BaseObject { + public: + ~DiffieHellman() override { +@@ -690,7 +703,9 @@ class DiffieHellman : public BaseObject { + int verifyError_; + DH* dh; + }; ++#endif + ++# ifndef OPENSSL_NO_ECDH + class ECDH : public BaseObject { + public: + ~ECDH() override { +@@ -727,6 +742,7 @@ class ECDH : public BaseObject { + EC_KEY* key_; + const EC_GROUP* group_; + }; ++#endif + + bool EntropySource(unsigned char* buffer, size_t length); + #ifndef OPENSSL_NO_ENGINE +diff --git a/src/tls_wrap.cc b/src/tls_wrap.cc +index 7c5df11..3e06621 100644 +--- a/src/tls_wrap.cc ++++ b/src/tls_wrap.cc +@@ -142,7 +142,15 @@ void TLSWrap::InitSSL() { + + InitNPN(sc_); + ++#if OPENSSL_VERSION_NUMBER >= 0x10002000L + SSL_set_cert_cb(ssl_, SSLWrap::SSLCertCallback, this); ++#else ++ /* 1.0.1 and less have at most for the client side the function ++ SSL_CTX_set_client_cert_cb(ssl_->ctx, SSLWrap::SSLCertCallback); ++ but on the client it is not needed/used by this implementation. ++ For more info see comments in src/node_crypto.cc Connection::New(). ++ */ ++#endif + + if (is_server()) { + SSL_set_accept_state(ssl_); +-- +2.9.0 + diff --git a/nodejs-use-system-certs.patch b/0003-CA-Certificates-are-provided-by-Fedora.patch similarity index 62% rename from nodejs-use-system-certs.patch rename to 0003-CA-Certificates-are-provided-by-Fedora.patch index 68ca37b..1c82a0f 100644 --- a/nodejs-use-system-certs.patch +++ b/0003-CA-Certificates-are-provided-by-Fedora.patch @@ -1,15 +1,13 @@ -From e51cf2ad2627af02e88df48287fe510e885ba1dc Mon Sep 17 00:00:00 2001 -From: Stephen Gallagher -Date: Tue, 1 Dec 2015 16:29:07 -0500 -Subject: [PATCH 2/2] Do not bundle CA Certificates +From 08305ba6b7fddab1f35c59dc82a3c6b11ceceae3 Mon Sep 17 00:00:00 2001 +From: Haikel Guemar +Date: Tue, 26 Jul 2016 22:00:25 +0200 +Subject: [PATCH 3/3] CA Certificates are provided by Fedora. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit -CA Certificates are provided by Fedora. - Forwarded: need some feedback before submitting the matter upstream -Author: J?r?my Lal +Author: Jérémy Lal Last-Update: 2014-03-02 Modified 2014-05-02 by T.C. Hollingsworth with the @@ -19,26 +17,30 @@ Modified 2015-12-01 by Stephen Gallagher to update for Node.js 4.2 Modified 2016-03-04 by Stephen Gallagher to update for -Node.js 5.7.1 +Node.js 5.4.1 -Modified 2016-04-25 by Joseph Wang to update for -Node.js 5.11.0 +Modified 2016-07-26 by Haikel Guemar to update for +Node.js 4.4.7 +--- + src/node_crypto.cc | 30 +++++++++--------------------- + 1 file changed, 9 insertions(+), 21 deletions(-) -Modified 2016-07-10 by Zuzana Svetlikova to update for -Node.js 6.3.0 - ---- node/src/node_crypto.cc 2016-07-10 19:03:17.184502913 +0200 -+++ node_crypto.cc 2016-07-10 18:56:28.956440528 +0200 -@@ -118,7 +118,7 @@ +diff --git a/src/node_crypto.cc b/src/node_crypto.cc +index 888a0f8..3feff0e 100644 +--- a/src/node_crypto.cc ++++ b/src/node_crypto.cc +@@ -192,8 +192,8 @@ static X509_NAME *cnnic_ev_name = + static Mutex* mutexes; - const char* const root_certs[] = { +-const char* const root_certs[] = { -#include "node_root_certs.h" // NOLINT(build/include_order) -+ NULL ++const char* root_certs[] = { ++ NULL }; X509_STORE* root_cert_store; -@@ -752,29 +752,17 @@ +@@ -847,29 +847,17 @@ void SecureContext::AddRootCerts(const FunctionCallbackInfo& args) { CHECK_EQ(sc->ca_store_, nullptr); if (!root_cert_store) { @@ -67,7 +69,7 @@ Node.js 6.3.0 + root_cert_store = X509_STORE_new(); } + } else { -+ SSL_CTX_set_cert_store(sc->ctx_, root_cert_store); ++ SSL_CTX_set_cert_store(sc->ctx_, root_cert_store); } sc->ca_store_ = root_cert_store; @@ -75,3 +77,6 @@ Node.js 6.3.0 } +-- +2.9.0 + diff --git a/nodejs-fix-nodegyp.patch b/nodejs-fix-nodegyp.patch deleted file mode 100644 index 3289565..0000000 --- a/nodejs-fix-nodegyp.patch +++ /dev/null @@ -1,12 +0,0 @@ ---- node/node.gyp 2016-07-11 16:30:06.367883998 +0200 -+++ node.gyp 2016-07-11 16:35:38.803059930 +0200 -@@ -831,9 +831,7 @@ - 'conditions': [ - ['v8_inspector=="true"', { - 'dependencies': [ -- 'deps/openssl/openssl.gyp:openssl', - 'deps/http_parser/http_parser.gyp:http_parser', -- 'deps/uv/uv.gyp:libuv' - ], - 'sources': [ - 'src/inspector_socket.cc', diff --git a/nodejs.spec b/nodejs.spec index 4ad2912..ab15908 100644 --- a/nodejs.spec +++ b/nodejs.spec @@ -1,5 +1,7 @@ %global with_debug 1 +%{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}} + # ARM builds currently break on the Debug builds, so we'll just # build the standard runtime until that gets sorted out. %ifarch %{arm} aarch64 %{power64} @@ -63,7 +65,7 @@ Name: nodejs Epoch: 1 Version: %{nodejs_version} # Keep this release > 100 for F25+ due to a complicated npm upgrade bug -Release: 103%{?dist} +Release: 104%{?dist} Summary: JavaScript runtime License: MIT and ASL 2.0 and ISC and BSD Group: Development/Languages @@ -83,17 +85,15 @@ Source100: %{name}-tarball.sh Source7: nodejs_native.attr # Disable running gyp on bundled deps we don't use -Patch1: nodejs-disable-gyp-deps.patch +Patch1: 0001-disable-running-gyp-files-for-bundled-deps.patch + +# EPEL only has OpenSSL 1.0.1, so we need to carry a patch on that platform +Patch2: 0002-Use-openssl-1.0.1.patch # use system certificates instead of the bundled ones # modified version of Debian patch: # http://patch-tracker.debian.org/patch/series/view/nodejs/0.10.26~dfsg1-1/2014_donotinclude_root_certs.patch -Patch2: nodejs-use-system-certs.patch - -# build fails at configure when we build node v6.3.0 with shared libraries, -# so we need to patch node.gyp too -# this patch might be redundant in another release, since it seems to work with current upstream master -#Patch3: nodejs-fix-nodegyp.patch +Patch3: 0003-CA-Certificates-are-provided-by-Fedora.patch BuildRequires: python-devel BuildRequires: libuv-devel >= 1:1.9.1 @@ -102,8 +102,12 @@ BuildRequires: libicu-devel BuildRequires: zlib-devel BuildRequires: gcc >= 4.8.0 BuildRequires: gcc-c++ >= 4.8.0 -# Node.js requires some features from openssl 1.0.1 for SPDY support + +%if 0%{?epel} +BuildRequires: openssl-devel >= 1:1.0.1 +%else BuildRequires: openssl-devel >= 1:1.0.2 +%endif # we need the system certificate store when Patch2 is applied Requires: ca-certificates @@ -113,6 +117,7 @@ Requires: ca-certificates Provides: nodejs(abi) = %{nodejs_abi} Provides: nodejs(abi%{nodejs_major}) = %{nodejs_abi} Provides: nodejs(v8-abi) = %{v8_abi} +Provides: nodejs(v8-abi%{v8_major}) = %{v8_abi} #this corresponds to the "engine" requirement in package.json Provides: nodejs(engine) = %{nodejs_version} @@ -152,8 +157,13 @@ Provides: bundled(v8) = %{v8_version} Provides: bundled(http-parser) = %{http_parser_version} # Make sure we keep NPM up to date when we update Node.js -Recommends: npm = %{npm_epoch}:%{npm_version} -Conflicts: npm < %{npm_epoch}:%{npm_version} +%if 0%{?epel} +# EPEL doesn't support Recommends, so make it strict +Requires: npm = %{npm_epoch}:%{npm_version}-%{release} +%else +Recommends: npm = %{npm_epoch}:%{npm_version}-%{release} +Conflicts: npm < %{npm_epoch}:%{npm_version}-%{release} +%endif %description @@ -219,10 +229,13 @@ rm -rf deps/uv \ deps/zlib # remove bundled CA certificates -%patch2 -p1 rm -f src/node_root_certs.h +%patch3 -p1 + +%if 0%{?epel} +%patch2 -p1 +%endif -#%patch3 -p1 %build # build with debugging symbols and add defines from libuv (#892601) @@ -271,7 +284,7 @@ install -Dpm0644 %{SOURCE7} %{buildroot}%{_rpmconfigdir}/fileattrs/nodejs_native cat << EOF > %{buildroot}%{_rpmconfigdir}/nodejs_native.req #!/bin/sh echo 'nodejs(abi%{nodejs_major}) >= %nodejs_abi' -echo 'nodejs(v8-abi) = %v8_abi' +echo 'nodejs(v8-abi%{v8_major}) >= %v8_abi' EOF chmod 0755 %{buildroot}%{_rpmconfigdir}/nodejs_native.req @@ -372,6 +385,10 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node - %{_pkgdocdir}/npm/doc %changelog +* Mon Sep 12 2016 Stephen Gallagher - 1:6.5.0-104 +- Add support for building on EPEL 7 against OpenSSL 1.0.1 +- Modify v8_abi autorequires to avoid unnecessary rebuilds + * Mon Aug 29 2016 Zuzana Svetlikova - 1:6.5.0-103 - Update to 6.5.0