From 342dd00ffffc45243fcde46e813eed8ad2c32474 Mon Sep 17 00:00:00 2001
From: Zuzana Svetlikova <zsvetlik@redhat.com>
Date: Tue, 6 Dec 2022 12:35:48 +0100
Subject: [PATCH] Add back lib and v8-devel subpackages These were previously
 removed in error. Related: rhbz#2121126

Record already fixed CVE
Resolves: CVE-2021-44906
---
 nodejs.spec | 89 +++++++++++++++++++++++++++++++++++++++++++++++++----
 1 file changed, 83 insertions(+), 6 deletions(-)

diff --git a/nodejs.spec b/nodejs.spec
index 66eed79..fadf6bb 100644
--- a/nodejs.spec
+++ b/nodejs.spec
@@ -30,7 +30,7 @@
 # This is used by both the nodejs package and the npm subpackage that
 # has a separate version - the name is special so that rpmdev-bumpspec
 # will bump this rather than adding .1 to the end.
-%global baserelease 1
+%global baserelease 2
 
 %{?!_pkgdocdir:%global _pkgdocdir %{_docdir}/%{name}-%{version}}
 
@@ -227,6 +227,8 @@ Requires: openssl >= %{openssl_minimum}
 # we need the system certificate store
 Requires: ca-certificates
 
+Requires: nodejs-libs%{?_isa} = %{nodejs_epoch}:%{version}-%{release}
+
 # Pull in the full-icu data by default
 Recommends: nodejs-full-i18n%{?_isa} = %{nodejs_epoch}:%{version}-%{release}
 
@@ -312,6 +314,29 @@ Requires: libuv-devel%{?_isa}
 Development headers for the Node.js JavaScript runtime.
 
 
+%package libs
+Summary: Node.js and v8 libraries
+
+# Compatibility for obsolete v8 package
+%if 0%{?__isa_bits} == 64
+Provides: libv8.so.%{v8_major}()(64bit)
+Provides: libv8_libbase.so.%{v8_major}()(64bit)
+Provides: libv8_libplatform.so.%{v8_major}()(64bit)
+%else
+# 32-bits
+Provides: libv8.so.%{v8_major}
+Provides: libv8_libbase.so.%{v8_major}
+Provides: libv8_libplatform.so.%{v8_major}
+%endif
+
+Provides: v8 = %{v8_epoch}:%{v8_version}-%{nodejs_release}%{?dist}
+Provides: v8%{?_isa} = %{v8_epoch}:%{v8_version}-%{nodejs_release}%{?dist}
+Obsoletes: v8 < 1:6.7.17-10
+
+%description libs
+Libraries to support Node.js and provide stable v8 interfaces.
+
+
 %package full-i18n
 Summary: Non-English locale data for Node.js
 Requires: %{name}%{?_isa} = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist}
@@ -321,6 +346,17 @@ Optional data files to provide full-icu support for Node.js. Remove this
 package to save space if non-English locales are not needed.
 
 
+%package -n v8-devel
+Summary: v8 - development headers
+Epoch: %{v8_epoch}
+Version: %{v8_version}
+Release: %{v8_release}%{?dist}
+Requires: %{name}-devel%{?_isa} = %{nodejs_epoch}:%{nodejs_version}-%{nodejs_release}%{?dist}
+
+%description -n v8-devel
+Development headers for the v8 runtime.
+
+
 %package -n npm
 Summary: Node.js Package Manager
 Epoch: %{npm_epoch}
@@ -408,6 +444,8 @@ export CFLAGS="%{optflags} ${extra_cflags[*]}" CXXFLAGS="%{optflags} ${extra_cfl
 export LDFLAGS="%{build_ldflags}"
 
 %{__python3} configure.py --prefix=%{_prefix} \
+           --shared \
+           --libdir=%{_lib} \
            --shared-openssl \
            --shared-zlib \
            --shared-brotli \
@@ -461,6 +499,20 @@ rm -rf %{buildroot}
 chmod 0755 %{buildroot}/%{_bindir}/node
 chrpath --delete %{buildroot}%{_bindir}/node
 
+# Install library symlink
+ln -s libnode.so.%{nodejs_soversion} %{buildroot}%{_libdir}/libnode.so
+
+# Install v8 compatibility symlinks
+for header in %{buildroot}%{_includedir}/node/libplatform %{buildroot}%{_includedir}/node/v8*.h; do
+    header=$(basename ${header})
+    ln -s ./node/${header} %{buildroot}%{_includedir}/${header}
+done
+ln -s ./node/cppgc %{buildroot}%{_includedir}/cppgc
+for soname in libv8 libv8_libbase libv8_libplatform; do
+    ln -s libnode.so.%{nodejs_soversion} %{buildroot}%{_libdir}/${soname}.so
+    ln -s libnode.so.%{nodejs_soversion} %{buildroot}%{_libdir}/${soname}.so.%{v8_major}
+done
+
 # own the sitelib directory
 mkdir -p %{buildroot}%{_prefix}/lib/node_modules
 
@@ -533,15 +585,15 @@ install -Dpm0644 -t %{buildroot}%{icudatadir} deps/icu/source/converted/*
 
 %check
 # Fail the build if the versions don't match
-%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.node, '%{nodejs_version}')"
-%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.v8.replace(/-node\.\d+$/, ''), '%{v8_version}')"
-%{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.ares.replace(/-DEV$/, ''), '%{c_ares_version}')"
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.node, '%{nodejs_version}')"
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.v8.replace(/-node\.\d+$/, ''), '%{v8_version}')"
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require('assert').equal(process.versions.ares.replace(/-DEV$/, ''), '%{c_ares_version}')"
 
 # Ensure we have punycode and that the version matches
-%{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')"
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(require(\"punycode\").version, '%{punycode_version}')"
 
 # Ensure we have npm and that the version matches
-NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules %{buildroot}/%{_bindir}/node -e "require(\"assert\").equal(JSON.parse(require(\"fs\").readFileSync(\"%{buildroot}%{_prefix}/lib/node_modules/npm/package.json\")).version, '%{npm_version}')"
+LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}%{_bindir}/node %{buildroot}%{_bindir}/npm version --json |jq -e '.npm == "%{npm_version}"'
 
 # Make sure i18n support is working
 NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules:%{buildroot}%{_prefix}/lib/node_modules/npm/node_modules LD_LIBRARY_PATH=%{buildroot}%{_libdir} %{buildroot}/%{_bindir}/node --icu-data-dir=%{buildroot}%{icudatadir} %{SOURCE2}
@@ -587,6 +639,7 @@ end
 
 %files devel
 %{_includedir}/node
+%{_libdir}/libnode.so
 %{_datadir}/node/common.gypi
 %{_pkgdocdir}/gdbinit
 
@@ -596,6 +649,24 @@ end
 %{icudatadir}/icudt%{icu_major}*.dat
 
 
+%files libs
+%license LICENSE
+%{_libdir}/libnode.so.%{nodejs_soversion}
+%{_libdir}/libv8.so.%{v8_major}
+%{_libdir}/libv8_libbase.so.%{v8_major}
+%{_libdir}/libv8_libplatform.so.%{v8_major}
+%dir %{nodejs_datadir}/
+
+
+%files -n v8-devel
+%{_includedir}/libplatform
+%{_includedir}/v8*.h
+%{_includedir}/cppgc
+%{_libdir}/libv8.so
+%{_libdir}/libv8_libbase.so
+%{_libdir}/libv8_libplatform.so
+
+
 %files -n npm
 %{_bindir}/npm
 %{_bindir}/npx
@@ -632,6 +703,12 @@ end
 
 
 %changelog
+* Mon Dec 05 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.18.1-2
+- Add back libs and v8-devel subpackages
+- Related: RHBZ#2121126
+- Record previously fixed CVE
+- Resolves: CVE-2021-44906
+
 * Wed Nov 16 2022 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:16.18.1-1
 - Rebase + CVEs
 - Resolves: #2142808