import UBI nodejs-24.18.0-1.module+el9.8.0+24456+b244c3b4
This commit is contained in:
parent
3d90012cc4
commit
b371729c75
6
.gitignore
vendored
6
.gitignore
vendored
@ -1,4 +1,4 @@
|
||||
SOURCES/icu4c-78.2-data-bin-b.zip
|
||||
SOURCES/icu4c-78.2-data-bin-l.zip
|
||||
SOURCES/node-v24.14.1-stripped.tar.gz
|
||||
SOURCES/icu4c-78.3-data-bin-b.zip
|
||||
SOURCES/icu4c-78.3-data-bin-l.zip
|
||||
SOURCES/node-v24.18.0-stripped.tar.gz
|
||||
SOURCES/packaging-scripts.tar.gz
|
||||
|
||||
@ -1,4 +1,4 @@
|
||||
7a91e81c4f2c8368d80285a5bbdfe278d68e4a84 SOURCES/icu4c-78.2-data-bin-b.zip
|
||||
b9f5918e2118ef8531b0ffc04b3d50e951e3a166 SOURCES/icu4c-78.2-data-bin-l.zip
|
||||
4b8d577fed40b7065f78da8d4257775cb9a56a35 SOURCES/node-v24.14.1-stripped.tar.gz
|
||||
2399006236317582f75d9525d5aa3b75fcd8a00d SOURCES/packaging-scripts.tar.gz
|
||||
0a91aee64ba400d52034769301104cc843474a22 SOURCES/icu4c-78.3-data-bin-b.zip
|
||||
913f6682015287483a035af160ea4d919c0a3ca5 SOURCES/icu4c-78.3-data-bin-l.zip
|
||||
da316582d493179edd255e531bf75e0b21e48512 SOURCES/node-v24.18.0-stripped.tar.gz
|
||||
eb3cf16f39f950f185ebf460a279bb27293dabe2 SOURCES/packaging-scripts.tar.gz
|
||||
|
||||
@ -1,530 +0,0 @@
|
||||
From 205baae16ff43539500a6f168d0d27e226bfc4f2 Mon Sep 17 00:00:00 2001
|
||||
From: rpm-build <rpm-build>
|
||||
Date: Wed, 25 Mar 2026 15:36:44 +0100
|
||||
Subject: [PATCH] downstream: update nghttp2 to 1.68.1
|
||||
|
||||
This is done out of sync with upstream node,
|
||||
in order to address CVE-2026-27135 in a timely manner.
|
||||
|
||||
Should be dropped once upstream addresses the CVE in their own way.
|
||||
|
||||
Signed-off-by: rpm-build <rpm-build>
|
||||
---
|
||||
.../nghttp2/lib/includes/nghttp2/nghttp2ver.h | 4 +-
|
||||
deps/nghttp2/lib/nghttp2_frame.c | 10 +
|
||||
deps/nghttp2/lib/nghttp2_int.h | 6 +-
|
||||
deps/nghttp2/lib/nghttp2_session.c | 206 ++++++++++--------
|
||||
4 files changed, 135 insertions(+), 91 deletions(-)
|
||||
|
||||
diff --git a/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h b/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
index 8dfe536..95acef2 100644
|
||||
--- a/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
+++ b/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
@@ -29,7 +29,7 @@
|
||||
* @macro
|
||||
* Version number of the nghttp2 library release
|
||||
*/
|
||||
-#define NGHTTP2_VERSION "1.68.0"
|
||||
+#define NGHTTP2_VERSION "1.68.1"
|
||||
|
||||
/**
|
||||
* @macro
|
||||
@@ -37,6 +37,6 @@
|
||||
* release. This is a 24 bit number with 8 bits for major number, 8 bits
|
||||
* for minor and 8 bits for patch. Version 1.2.3 becomes 0x010203.
|
||||
*/
|
||||
-#define NGHTTP2_VERSION_NUM 0x014400
|
||||
+#define NGHTTP2_VERSION_NUM 0x014401
|
||||
|
||||
#endif /* NGHTTP2VER_H */
|
||||
diff --git a/deps/nghttp2/lib/nghttp2_frame.c b/deps/nghttp2/lib/nghttp2_frame.c
|
||||
index edc2aaa..264ae9d 100644
|
||||
--- a/deps/nghttp2/lib/nghttp2_frame.c
|
||||
+++ b/deps/nghttp2/lib/nghttp2_frame.c
|
||||
@@ -750,6 +750,16 @@ void nghttp2_frame_unpack_altsvc_payload(nghttp2_extension *frame,
|
||||
uint8_t *p;
|
||||
|
||||
altsvc = frame->payload;
|
||||
+
|
||||
+ if (payloadlen == 0) {
|
||||
+ altsvc->origin = NULL;
|
||||
+ altsvc->origin_len = 0;
|
||||
+ altsvc->field_value = NULL;
|
||||
+ altsvc->field_value_len = 0;
|
||||
+
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
p = payload;
|
||||
|
||||
altsvc->origin = p;
|
||||
diff --git a/deps/nghttp2/lib/nghttp2_int.h b/deps/nghttp2/lib/nghttp2_int.h
|
||||
index 4e3b268..d89cf15 100644
|
||||
--- a/deps/nghttp2/lib/nghttp2_int.h
|
||||
+++ b/deps/nghttp2/lib/nghttp2_int.h
|
||||
@@ -52,7 +52,11 @@ typedef enum {
|
||||
* Unlike NGHTTP2_ERR_IGN_HTTP_HEADER, this does not invoke
|
||||
* nghttp2_on_invalid_header_callback.
|
||||
*/
|
||||
- NGHTTP2_ERR_REMOVE_HTTP_HEADER = -106
|
||||
+ NGHTTP2_ERR_REMOVE_HTTP_HEADER = -106,
|
||||
+ /*
|
||||
+ * Cancel pushed stream.
|
||||
+ */
|
||||
+ NGHTTP2_ERR_PUSH_CANCEL = -107,
|
||||
} nghttp2_internal_error;
|
||||
|
||||
#endif /* !defined(NGHTTP2_INT_H) */
|
||||
diff --git a/deps/nghttp2/lib/nghttp2_session.c b/deps/nghttp2/lib/nghttp2_session.c
|
||||
index 97d7fda..0fbcc93 100644
|
||||
--- a/deps/nghttp2/lib/nghttp2_session.c
|
||||
+++ b/deps/nghttp2/lib/nghttp2_session.c
|
||||
@@ -3272,7 +3272,9 @@ static int session_call_on_invalid_header(nghttp2_session *session,
|
||||
session, frame, nv->name->base, nv->name->len, nv->value->base,
|
||||
nv->value->len, nv->flags, session->user_data);
|
||||
} else {
|
||||
- return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
+ /* If both callbacks are not set, the invalid field nv is
|
||||
+ ignored. */
|
||||
+ return 0;
|
||||
}
|
||||
|
||||
if (rv == NGHTTP2_ERR_PAUSE || rv == NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE) {
|
||||
@@ -3357,6 +3359,10 @@ static uint32_t get_error_code_from_lib_error_code(int lib_error_code) {
|
||||
case NGHTTP2_ERR_HTTP_HEADER:
|
||||
case NGHTTP2_ERR_HTTP_MESSAGING:
|
||||
return NGHTTP2_PROTOCOL_ERROR;
|
||||
+ case NGHTTP2_ERR_INTERNAL:
|
||||
+ return NGHTTP2_INTERNAL_ERROR;
|
||||
+ case NGHTTP2_ERR_PUSH_CANCEL:
|
||||
+ return NGHTTP2_CANCEL;
|
||||
default:
|
||||
return NGHTTP2_INTERNAL_ERROR;
|
||||
}
|
||||
@@ -3408,7 +3414,7 @@ static int session_handle_invalid_stream2(nghttp2_session *session,
|
||||
if (rv != 0) {
|
||||
return rv;
|
||||
}
|
||||
- if (session->callbacks.on_invalid_frame_recv_callback) {
|
||||
+ if (frame && session->callbacks.on_invalid_frame_recv_callback) {
|
||||
if (session->callbacks.on_invalid_frame_recv_callback(
|
||||
session, frame, lib_error_code, session->user_data) != 0) {
|
||||
return NGHTTP2_ERR_CALLBACK_FAILURE;
|
||||
@@ -3563,7 +3569,29 @@ static int inflate_header_block(nghttp2_session *session, nghttp2_frame *frame,
|
||||
|
||||
rv2 = session_call_on_invalid_header(session, frame, &nv);
|
||||
if (rv2 == NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE) {
|
||||
- rv = NGHTTP2_ERR_HTTP_HEADER;
|
||||
+ DEBUGF("recv: HTTP error: type=%u, id=%d, header %.*s: %.*s\n",
|
||||
+ frame->hd.type, frame->hd.stream_id, (int)nv.name->len,
|
||||
+ nv.name->base, (int)nv.value->len, nv.value->base);
|
||||
+
|
||||
+ rv = session_call_error_callback(
|
||||
+ session, NGHTTP2_ERR_HTTP_HEADER,
|
||||
+ "Invalid HTTP header field was received: frame type: "
|
||||
+ "%u, stream: %d, name: [%.*s], value: [%.*s]",
|
||||
+ frame->hd.type, frame->hd.stream_id, (int)nv.name->len,
|
||||
+ nv.name->base, (int)nv.value->len, nv.value->base);
|
||||
+
|
||||
+ if (nghttp2_is_fatal(rv)) {
|
||||
+ return rv;
|
||||
+ }
|
||||
+
|
||||
+ rv = session_handle_invalid_stream2(
|
||||
+ session, subject_stream->stream_id, frame,
|
||||
+ NGHTTP2_ERR_HTTP_HEADER);
|
||||
+ if (nghttp2_is_fatal(rv)) {
|
||||
+ return rv;
|
||||
+ }
|
||||
+
|
||||
+ return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
} else {
|
||||
if (rv2 != 0) {
|
||||
return rv2;
|
||||
@@ -3603,13 +3631,8 @@ static int inflate_header_block(nghttp2_session *session, nghttp2_frame *frame,
|
||||
return rv;
|
||||
}
|
||||
|
||||
- rv =
|
||||
- session_handle_invalid_stream2(session, subject_stream->stream_id,
|
||||
- frame, NGHTTP2_ERR_HTTP_HEADER);
|
||||
- if (nghttp2_is_fatal(rv)) {
|
||||
- return rv;
|
||||
- }
|
||||
- return NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE;
|
||||
+ return nghttp2_session_terminate_session(session,
|
||||
+ NGHTTP2_PROTOCOL_ERROR);
|
||||
}
|
||||
}
|
||||
if (rv == 0) {
|
||||
@@ -3722,27 +3745,7 @@ static int session_after_header_block_received(nghttp2_session *session) {
|
||||
}
|
||||
}
|
||||
if (rv != 0) {
|
||||
- int32_t stream_id;
|
||||
-
|
||||
- if (frame->hd.type == NGHTTP2_PUSH_PROMISE) {
|
||||
- stream_id = frame->push_promise.promised_stream_id;
|
||||
- } else {
|
||||
- stream_id = frame->hd.stream_id;
|
||||
- }
|
||||
-
|
||||
- rv = session_handle_invalid_stream2(session, stream_id, frame,
|
||||
- NGHTTP2_ERR_HTTP_MESSAGING);
|
||||
- if (nghttp2_is_fatal(rv)) {
|
||||
- return rv;
|
||||
- }
|
||||
-
|
||||
- if (frame->hd.type == NGHTTP2_HEADERS &&
|
||||
- (frame->hd.flags & NGHTTP2_FLAG_END_STREAM)) {
|
||||
- nghttp2_stream_shutdown(stream, NGHTTP2_SHUT_RD);
|
||||
- /* Don't call nghttp2_session_close_stream_if_shut_rdwr
|
||||
- because RST_STREAM has been submitted. */
|
||||
- }
|
||||
- return 0;
|
||||
+ return nghttp2_session_terminate_session(session, NGHTTP2_PROTOCOL_ERROR);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -4078,8 +4081,7 @@ static int update_remote_initial_window_size_func(void *entry, void *ptr) {
|
||||
rv = nghttp2_stream_update_remote_initial_window_size(
|
||||
stream, arg->new_window_size, arg->old_window_size);
|
||||
if (rv != 0) {
|
||||
- return nghttp2_session_add_rst_stream(arg->session, stream->stream_id,
|
||||
- NGHTTP2_FLOW_CONTROL_ERROR);
|
||||
+ return NGHTTP2_ERR_FLOW_CONTROL;
|
||||
}
|
||||
|
||||
/* If window size gets positive, push deferred DATA frame to
|
||||
@@ -4105,6 +4107,8 @@ static int update_remote_initial_window_size_func(void *entry, void *ptr) {
|
||||
*
|
||||
* NGHTTP2_ERR_NOMEM
|
||||
* Out of memory.
|
||||
+ * NGHTTP2_ERR_FLOW_CONTROL
|
||||
+ * Window size gets out of range.
|
||||
*/
|
||||
static int
|
||||
session_update_remote_initial_window_size(nghttp2_session *session,
|
||||
@@ -4128,8 +4132,7 @@ static int update_local_initial_window_size_func(void *entry, void *ptr) {
|
||||
rv = nghttp2_stream_update_local_initial_window_size(
|
||||
stream, arg->new_window_size, arg->old_window_size);
|
||||
if (rv != 0) {
|
||||
- return nghttp2_session_add_rst_stream(arg->session, stream->stream_id,
|
||||
- NGHTTP2_FLOW_CONTROL_ERROR);
|
||||
+ return NGHTTP2_ERR_FLOW_CONTROL;
|
||||
}
|
||||
|
||||
if (stream->window_update_queued) {
|
||||
@@ -4163,6 +4166,8 @@ static int update_local_initial_window_size_func(void *entry, void *ptr) {
|
||||
*
|
||||
* NGHTTP2_ERR_NOMEM
|
||||
* Out of memory.
|
||||
+ * NGHTTP2_ERR_FLOW_CONTROL
|
||||
+ * Window size gets out of range.
|
||||
*/
|
||||
static int
|
||||
session_update_local_initial_window_size(nghttp2_session *session,
|
||||
@@ -4549,9 +4554,9 @@ int nghttp2_session_on_push_promise_received(nghttp2_session *session,
|
||||
session->max_incoming_reserved_streams) {
|
||||
/* Currently, client does not retain closed stream, so we don't
|
||||
check NGHTTP2_SHUT_RD condition here. */
|
||||
-
|
||||
- rv = nghttp2_session_add_rst_stream(
|
||||
- session, frame->push_promise.promised_stream_id, NGHTTP2_CANCEL);
|
||||
+ rv = session_handle_invalid_stream2(session,
|
||||
+ frame->push_promise.promised_stream_id,
|
||||
+ NULL, NGHTTP2_ERR_PUSH_CANCEL);
|
||||
if (rv != 0) {
|
||||
return rv;
|
||||
}
|
||||
@@ -4708,8 +4713,9 @@ static int session_on_stream_window_update_received(nghttp2_session *session,
|
||||
}
|
||||
if (NGHTTP2_MAX_WINDOW_SIZE - frame->window_update.window_size_increment <
|
||||
stream->remote_window_size) {
|
||||
- return session_handle_invalid_stream(session, frame,
|
||||
- NGHTTP2_ERR_FLOW_CONTROL);
|
||||
+ return session_handle_invalid_connection(
|
||||
+ session, frame, NGHTTP2_ERR_FLOW_CONTROL,
|
||||
+ "WINDOW_UPDATE: window size overflow");
|
||||
}
|
||||
stream->remote_window_size += frame->window_update.window_size_increment;
|
||||
|
||||
@@ -4939,16 +4945,7 @@ int nghttp2_session_on_data_received(nghttp2_session *session,
|
||||
if (session_enforce_http_messaging(session) &&
|
||||
(frame->hd.flags & NGHTTP2_FLAG_END_STREAM)) {
|
||||
if (nghttp2_http_on_remote_end_stream(stream) != 0) {
|
||||
- rv = nghttp2_session_add_rst_stream(session, stream->stream_id,
|
||||
- NGHTTP2_PROTOCOL_ERROR);
|
||||
- if (nghttp2_is_fatal(rv)) {
|
||||
- return rv;
|
||||
- }
|
||||
-
|
||||
- nghttp2_stream_shutdown(stream, NGHTTP2_SHUT_RD);
|
||||
- /* Don't call nghttp2_session_close_stream_if_shut_rdwr because
|
||||
- RST_STREAM has been submitted. */
|
||||
- return 0;
|
||||
+ return nghttp2_session_terminate_session(session, NGHTTP2_PROTOCOL_ERROR);
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5006,8 +5003,8 @@ int nghttp2_session_update_recv_stream_window_size(nghttp2_session *session,
|
||||
rv = adjust_recv_window_size(&stream->recv_window_size, delta_size,
|
||||
stream->local_window_size);
|
||||
if (rv != 0) {
|
||||
- return nghttp2_session_add_rst_stream(session, stream->stream_id,
|
||||
- NGHTTP2_FLOW_CONTROL_ERROR);
|
||||
+ return nghttp2_session_terminate_session(session,
|
||||
+ NGHTTP2_FLOW_CONTROL_ERROR);
|
||||
}
|
||||
/* We don't have to send WINDOW_UPDATE if the data received is the
|
||||
last chunk in the incoming stream. */
|
||||
@@ -5469,6 +5466,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
busy = 1;
|
||||
|
||||
rv = session_on_data_received_fail_fast(session);
|
||||
+ if (nghttp2_is_fatal(rv)) {
|
||||
+ return rv;
|
||||
+ }
|
||||
+
|
||||
if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
return (nghttp2_ssize)inlen;
|
||||
}
|
||||
@@ -5489,10 +5490,6 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
break;
|
||||
}
|
||||
|
||||
- if (nghttp2_is_fatal(rv)) {
|
||||
- return rv;
|
||||
- }
|
||||
-
|
||||
rv = inbound_frame_handle_pad(iframe, &iframe->frame.hd);
|
||||
if (rv < 0) {
|
||||
rv = nghttp2_session_terminate_session_with_reason(
|
||||
@@ -5576,6 +5573,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
on_begin_frame_called = 1;
|
||||
|
||||
rv = session_process_headers_frame(session);
|
||||
@@ -5590,8 +5591,8 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
}
|
||||
|
||||
if (rv == NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE) {
|
||||
- rv = nghttp2_session_add_rst_stream(
|
||||
- session, iframe->frame.hd.stream_id, NGHTTP2_INTERNAL_ERROR);
|
||||
+ rv = session_handle_invalid_stream2(
|
||||
+ session, iframe->frame.hd.stream_id, NULL, NGHTTP2_ERR_INTERNAL);
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
@@ -6044,6 +6045,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
+
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
}
|
||||
}
|
||||
|
||||
@@ -6107,8 +6112,8 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
}
|
||||
|
||||
if (rv == NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE) {
|
||||
- rv = nghttp2_session_add_rst_stream(
|
||||
- session, iframe->frame.hd.stream_id, NGHTTP2_INTERNAL_ERROR);
|
||||
+ rv = session_handle_invalid_stream2(
|
||||
+ session, iframe->frame.hd.stream_id, NULL, NGHTTP2_ERR_INTERNAL);
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
@@ -6191,9 +6196,9 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
}
|
||||
|
||||
if (rv == NGHTTP2_ERR_TEMPORAL_CALLBACK_FAILURE) {
|
||||
- rv = nghttp2_session_add_rst_stream(
|
||||
- session, iframe->frame.push_promise.promised_stream_id,
|
||||
- NGHTTP2_INTERNAL_ERROR);
|
||||
+ rv = session_handle_invalid_stream2(
|
||||
+ session, iframe->frame.push_promise.promised_stream_id, NULL,
|
||||
+ NGHTTP2_ERR_INTERNAL);
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
@@ -6296,6 +6301,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
session_inbound_frame_reset(session);
|
||||
|
||||
break;
|
||||
@@ -6371,12 +6380,12 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
iframe->payloadleft -= hd_proclen;
|
||||
|
||||
/* Use promised stream ID for PUSH_PROMISE */
|
||||
- rv = nghttp2_session_add_rst_stream(
|
||||
+ rv = session_handle_invalid_stream2(
|
||||
session,
|
||||
iframe->frame.hd.type == NGHTTP2_PUSH_PROMISE
|
||||
? iframe->frame.push_promise.promised_stream_id
|
||||
: iframe->frame.hd.stream_id,
|
||||
- NGHTTP2_INTERNAL_ERROR);
|
||||
+ NULL, NGHTTP2_ERR_INTERNAL);
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
@@ -6423,6 +6432,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
+
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
}
|
||||
session_inbound_frame_reset(session);
|
||||
|
||||
@@ -6598,6 +6611,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
+
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
} else {
|
||||
iframe->state = NGHTTP2_IB_IGN_HEADER_BLOCK;
|
||||
}
|
||||
@@ -6648,6 +6665,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
+
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
}
|
||||
|
||||
busy = 1;
|
||||
@@ -6720,6 +6741,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
data_readlen =
|
||||
inbound_frame_effective_readlen(iframe, iframe->payloadleft, readlen);
|
||||
|
||||
@@ -6749,41 +6774,30 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
if (data_readlen > 0) {
|
||||
if (session_enforce_http_messaging(session)) {
|
||||
if (nghttp2_http_on_data_chunk(stream, (size_t)data_readlen) != 0) {
|
||||
- if (session->opt_flags & NGHTTP2_OPTMASK_NO_AUTO_WINDOW_UPDATE) {
|
||||
- /* Consume all data for connection immediately here */
|
||||
- rv = session_update_connection_consumed_size(
|
||||
- session, (size_t)data_readlen);
|
||||
-
|
||||
- if (nghttp2_is_fatal(rv)) {
|
||||
- return rv;
|
||||
- }
|
||||
-
|
||||
- if (iframe->state == NGHTTP2_IB_IGN_DATA) {
|
||||
- return (nghttp2_ssize)inlen;
|
||||
- }
|
||||
- }
|
||||
-
|
||||
- rv = nghttp2_session_add_rst_stream(
|
||||
- session, iframe->frame.hd.stream_id, NGHTTP2_PROTOCOL_ERROR);
|
||||
+ rv = nghttp2_session_terminate_session(session,
|
||||
+ NGHTTP2_PROTOCOL_ERROR);
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return rv;
|
||||
}
|
||||
- busy = 1;
|
||||
- iframe->state = NGHTTP2_IB_IGN_DATA;
|
||||
- break;
|
||||
+
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
}
|
||||
}
|
||||
if (session->callbacks.on_data_chunk_recv_callback) {
|
||||
rv = session->callbacks.on_data_chunk_recv_callback(
|
||||
session, iframe->frame.hd.flags, iframe->frame.hd.stream_id,
|
||||
in - readlen, (size_t)data_readlen, session->user_data);
|
||||
- if (rv == NGHTTP2_ERR_PAUSE) {
|
||||
- return (nghttp2_ssize)(in - first);
|
||||
- }
|
||||
-
|
||||
if (nghttp2_is_fatal(rv)) {
|
||||
return NGHTTP2_ERR_CALLBACK_FAILURE;
|
||||
}
|
||||
+
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
+ if (rv == NGHTTP2_ERR_PAUSE) {
|
||||
+ return (nghttp2_ssize)(in - first);
|
||||
+ }
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -6797,6 +6811,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
session_inbound_frame_reset(session);
|
||||
|
||||
break;
|
||||
@@ -6863,6 +6881,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
if (rv != 0) {
|
||||
busy = 1;
|
||||
|
||||
@@ -6881,6 +6903,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
session_inbound_frame_reset(session);
|
||||
|
||||
break;
|
||||
@@ -6909,6 +6935,10 @@ nghttp2_ssize nghttp2_session_mem_recv2(nghttp2_session *session,
|
||||
return rv;
|
||||
}
|
||||
|
||||
+ if (iframe->state == NGHTTP2_IB_IGN_ALL) {
|
||||
+ return (nghttp2_ssize)inlen;
|
||||
+ }
|
||||
+
|
||||
session_inbound_frame_reset(session);
|
||||
|
||||
break;
|
||||
--
|
||||
2.53.0
|
||||
|
||||
@ -2,7 +2,7 @@
|
||||
## (rpmautospec version 0.6.5)
|
||||
## RPMAUTOSPEC: autorelease, autochangelog
|
||||
%define autorelease(e:s:pb:n) %{?-p:0.}%{lua:
|
||||
release_number = 2;
|
||||
release_number = 1;
|
||||
base_release_number = tonumber(rpm.expand("%{?-b*}%{!?-b:1}"));
|
||||
print(release_number + base_release_number - 1);
|
||||
}%{?-e:.%{-e*}}%{?-s:.%{-s*}}%{!?-n:%{?dist}}
|
||||
@ -13,50 +13,50 @@
|
||||
%{load:%{_sourcedir}/nodejs.srpm.macros}
|
||||
|
||||
# === Versions of any software shipped in the main nodejs tarball
|
||||
%nodejs_define_version node 1:24.14.1-%{autorelease} -p
|
||||
%nodejs_define_version node 1:24.18.0-%{autorelease} -p
|
||||
|
||||
# The following ones are generated via script;
|
||||
# expect anything between the markers to be overwritten on any update.
|
||||
|
||||
# BEGIN automatic-version-macros # DO NOT REMOVE THIS LINE!
|
||||
# Version from node-v24.14.1/src/node_version.h
|
||||
# Version from node-v24.18.0/src/node_version.h
|
||||
%global node_soversion 137
|
||||
|
||||
# Version from node-v24.14.1/deps/ada/ada.h
|
||||
%nodejs_define_version ada 3.4.2
|
||||
# Version from node-v24.14.1/deps/brotli/c/common/version.h
|
||||
# Version from node-v24.18.0/deps/ada/ada.h
|
||||
%nodejs_define_version ada 3.4.4
|
||||
# Version from node-v24.18.0/deps/brotli/c/common/version.h
|
||||
%nodejs_define_version brotli 1.2.0
|
||||
# Version from node-v24.14.1/deps/cares/include/ares_version.h
|
||||
# Version from node-v24.18.0/deps/cares/include/ares_version.h
|
||||
%nodejs_define_version c_ares 1.34.6
|
||||
# Version from node-v24.14.1/deps/histogram/include/hdr/hdr_histogram_version.h
|
||||
# Version from node-v24.18.0/deps/histogram/include/hdr/hdr_histogram_version.h
|
||||
%nodejs_define_version histogram 0.11.9
|
||||
# Version from node-v24.14.1/tools/icu/current_ver.dep
|
||||
%nodejs_define_version icu 78.2 -p
|
||||
# Version from node-v24.14.1/deps/uv/include/uv/version.h
|
||||
%nodejs_define_version libuv 1.51.0
|
||||
# Version from node-v24.14.1/deps/llhttp/include/llhttp.h
|
||||
%nodejs_define_version llhttp 9.3.0
|
||||
# Version from node-v24.14.1/deps/merve/merve.h
|
||||
%nodejs_define_version merve 1.0.0
|
||||
# Version from node-v24.14.1/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
%nodejs_define_version nghttp2 1.68.1
|
||||
# Version from node-v24.14.1/deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
|
||||
%nodejs_define_version nghttp3 1.6.0
|
||||
# Version from node-v24.14.1/deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
|
||||
%nodejs_define_version ngtcp2 1.11.0
|
||||
# Version from node-v24.14.1/lib/punycode.js
|
||||
# Version from node-v24.18.0/tools/icu/current_ver.dep
|
||||
%nodejs_define_version icu 78.3 -p
|
||||
# Version from node-v24.18.0/deps/uv/include/uv/version.h
|
||||
%nodejs_define_version libuv 1.52.1
|
||||
# Version from node-v24.18.0/deps/llhttp/include/llhttp.h
|
||||
%nodejs_define_version llhttp 9.4.2
|
||||
# Version from node-v24.18.0/deps/merve/merve.h
|
||||
%nodejs_define_version merve 1.2.2
|
||||
# Version from node-v24.18.0/deps/nghttp2/lib/includes/nghttp2/nghttp2ver.h
|
||||
%nodejs_define_version nghttp2 1.69.0
|
||||
# Version from node-v24.18.0/deps/ngtcp2/nghttp3/lib/includes/nghttp3/version.h
|
||||
%nodejs_define_version nghttp3 1.14.0
|
||||
# Version from node-v24.18.0/deps/ngtcp2/ngtcp2/lib/includes/ngtcp2/version.h
|
||||
%nodejs_define_version ngtcp2 1.15.1
|
||||
# Version from node-v24.18.0/lib/punycode.js
|
||||
%nodejs_define_version nodejs-punycode 2.1.0
|
||||
# Version from node-v24.14.1/deps/undici/src/package.json
|
||||
%nodejs_define_version nodejs-undici 7.24.4
|
||||
# Version from node-v24.14.1/deps/npm/package.json
|
||||
%nodejs_define_version npm 1:11.11.0
|
||||
# Version from node-v24.14.1/deps/sqlite/sqlite3.h
|
||||
%nodejs_define_version sqlite 3.51.2
|
||||
# Version from node-v24.14.1/deps/uvwasi/include/uvwasi.h
|
||||
# Version from node-v24.18.0/deps/undici/src/package.json
|
||||
%nodejs_define_version nodejs-undici 7.28.0
|
||||
# Version from node-v24.18.0/deps/npm/package.json
|
||||
%nodejs_define_version npm 1:11.16.0
|
||||
# Version from node-v24.18.0/deps/sqlite/sqlite3.h
|
||||
%nodejs_define_version sqlite 3.53.1
|
||||
# Version from node-v24.18.0/deps/uvwasi/include/uvwasi.h
|
||||
%nodejs_define_version uvwasi 0.0.23
|
||||
# Version from node-v24.14.1/deps/v8/include/v8-version.h
|
||||
# Version from node-v24.18.0/deps/v8/include/v8-version.h
|
||||
%nodejs_define_version v8 3:13.6.233.17 -p
|
||||
# Version from node-v24.14.1/deps/zlib/zlib.h
|
||||
# Version from node-v24.18.0/deps/zlib/zlib.h
|
||||
%nodejs_define_version zlib 1.3.1
|
||||
# END automatic-version-macros # DO NOT REMOVE THIS LINE!
|
||||
|
||||
@ -163,7 +163,6 @@ Source101: nodejs.srpm.macros
|
||||
%patchlist
|
||||
0001-Remove-unused-OpenSSL-config.patch
|
||||
0001-fips-disable-options.patch
|
||||
0003-downstream-update-nghttp2-to-1.68.1.patch
|
||||
|
||||
%description
|
||||
Node.js is a platform built on Chrome's JavaScript runtime
|
||||
@ -541,23 +540,26 @@ bash '%{SOURCE10}' "${RPM_BUILD_ROOT}%{_bindir}/node" test/ '%{SOURCE11}'
|
||||
|
||||
%changelog
|
||||
## START: Generated by rpmautospec
|
||||
* Thu Apr 02 2026 Jan Staněk <jstanek@redhat.com> - 1:24.14.1-2
|
||||
* Fri Jun 26 2026 tjuhasz <tjuhasz@redhat.com> - 1:24.18.0-1
|
||||
- Update to version 24.18.0
|
||||
|
||||
* Wed Apr 01 2026 Jan Staněk <jstanek@redhat.com> - 1:24.14.1-2
|
||||
- Update bundled nghttp2 to 1.68.1
|
||||
|
||||
* Thu Apr 02 2026 Jan Staněk <jstanek@redhat.com> - 1:24.14.1-1
|
||||
* Wed Apr 01 2026 Jan Staněk <jstanek@redhat.com> - 1:24.14.1-1
|
||||
- Update to version 24.14.1
|
||||
|
||||
* Fri Jan 16 2026 tjuhasz <tjuhasz@redhat.com> - 1:24.13.0-1
|
||||
* Tue Jan 13 2026 tjuhasz <tjuhasz@redhat.com> - 1:24.13.0-1
|
||||
- Update to version 24.13.0
|
||||
|
||||
* Thu Nov 27 2025 tjuhasz <tjuhasz@redhat.com> - 1:24.11.1-2
|
||||
* Wed Nov 26 2025 tjuhasz <tjuhasz@redhat.com> - 1:24.11.1-2
|
||||
- Disable test-tls-session-cache.js as its not currently compatiable with
|
||||
RHEL environment
|
||||
|
||||
* Thu Nov 27 2025 tjuhasz <tjuhasz@redhat.com> - 1:24.11.1-1
|
||||
* Wed Nov 12 2025 tjuhasz <tjuhasz@redhat.com> - 1:24.11.1-1
|
||||
- Update to version 24.11.1
|
||||
|
||||
* Tue Sep 02 2025 tjuhasz <tjuhasz@redhat.com> - 1:24.4.1-7
|
||||
* Mon Oct 06 2025 tjuhasz <tjuhasz@redhat.com> - 1:24.4.1-7
|
||||
- Add patch to prevent fips usage segfault
|
||||
|
||||
* Thu Aug 21 2025 Jan Staněk <jstanek@redhat.com> - 1:24.4.1-6
|
||||
|
||||
Loading…
Reference in New Issue
Block a user