Revert upstream change that is incompatible with OpenSSL 1.0.1
Fixes: rhbz#1436445
This commit is contained in:
parent
41af04f2a3
commit
9f1c95f794
30
EPEL01-openssl101-compat.patch
Normal file
30
EPEL01-openssl101-compat.patch
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
diff -ru a/src/node_crypto.cc b/src/node_crypto.cc
|
||||||
|
--- a/src/node_crypto.cc 2017-03-31 22:39:56.483283868 +0200
|
||||||
|
+++ b/src/node_crypto.cc 2017-03-31 22:45:36.250267750 +0200
|
||||||
|
@@ -851,8 +851,6 @@
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
- // Increment reference count so global store is not deleted along with CTX.
|
||||||
|
- X509_STORE_up_ref(root_cert_store);
|
||||||
|
SSL_CTX_set_cert_store(sc->ctx_, root_cert_store);
|
||||||
|
}
|
||||||
|
|
||||||
|
diff -ru a/src/node_crypto.h b/src/node_crypto.h
|
||||||
|
--- a/src/node_crypto.h 2017-03-21 20:43:33.000000000 +0100
|
||||||
|
+++ b/src/node_crypto.h 2017-03-31 22:43:15.548183432 +0200
|
||||||
|
@@ -145,6 +145,13 @@
|
||||||
|
}
|
||||||
|
|
||||||
|
env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
|
||||||
|
+ if (ctx_->cert_store == root_cert_store) {
|
||||||
|
+ // SSL_CTX_free() will attempt to free the cert_store as well.
|
||||||
|
+ // Since we want our root_cert_store to stay around forever
|
||||||
|
+ // we just clear the field. Hopefully OpenSSL will not modify this
|
||||||
|
+ // struct in future versions.
|
||||||
|
+ ctx_->cert_store = nullptr;
|
||||||
|
+ }
|
||||||
|
SSL_CTX_free(ctx_);
|
||||||
|
if (cert_ != nullptr)
|
||||||
|
X509_free(cert_);
|
||||||
|
|
11
nodejs.spec
11
nodejs.spec
@ -19,7 +19,7 @@
|
|||||||
%global nodejs_patch 1
|
%global nodejs_patch 1
|
||||||
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
|
%global nodejs_abi %{nodejs_major}.%{nodejs_minor}
|
||||||
%global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}
|
%global nodejs_version %{nodejs_major}.%{nodejs_minor}.%{nodejs_patch}
|
||||||
%global nodejs_release 1
|
%global nodejs_release 2
|
||||||
|
|
||||||
# == Bundled Dependency Versions ==
|
# == Bundled Dependency Versions ==
|
||||||
# v8 - from deps/v8/include/v8-version.h
|
# v8 - from deps/v8/include/v8-version.h
|
||||||
@ -105,6 +105,10 @@ Patch3: 0003-crypto-Use-system-CAs-instead-of-using-bundled-ones.patch
|
|||||||
# https://github.com/nodejs/node/issues/10388#issuecomment-283120731
|
# https://github.com/nodejs/node/issues/10388#issuecomment-283120731
|
||||||
Patch4: 0004-Fix-compatibility-with-GCC-7.patch
|
Patch4: 0004-Fix-compatibility-with-GCC-7.patch
|
||||||
|
|
||||||
|
# RHEL 7 still uses OpenSSL 1.0.1 for now, and it segfaults on SSL
|
||||||
|
# Revert this upstream patch until RHEL 7 upgrades to 1.0.2
|
||||||
|
Patch5: EPEL01-openssl101-compat.patch
|
||||||
|
|
||||||
BuildRequires: python-devel
|
BuildRequires: python-devel
|
||||||
BuildRequires: libuv-devel >= 1:1.9.1
|
BuildRequires: libuv-devel >= 1:1.9.1
|
||||||
Requires: libuv >= 1:1.9.1
|
Requires: libuv >= 1:1.9.1
|
||||||
@ -252,6 +256,7 @@ rm -rf deps/icu-small \
|
|||||||
|
|
||||||
%if 0%{?epel}
|
%if 0%{?epel}
|
||||||
%patch2 -p1
|
%patch2 -p1
|
||||||
|
%patch5 -p1
|
||||||
%endif
|
%endif
|
||||||
|
|
||||||
|
|
||||||
@ -414,6 +419,10 @@ NODE_PATH=%{buildroot}%{_prefix}/lib/node_modules %{buildroot}/%{_bindir}/node -
|
|||||||
%{_pkgdocdir}/npm/doc
|
%{_pkgdocdir}/npm/doc
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Apr 03 2017 Stephen Gallagher <sgallagh@redhat.com> - 1:6.10.1-2
|
||||||
|
- Revert upstream change that is incompatible with OpenSSL 1.0.1
|
||||||
|
- Fixes: rhbz#1436445
|
||||||
|
|
||||||
* Wed Mar 22 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:6.10.1-1
|
* Wed Mar 22 2017 Zuzana Svetlikova <zsvetlik@redhat.com> - 1:6.10.1-1
|
||||||
- Update to 6.10.1
|
- Update to 6.10.1
|
||||||
- remove small-icu from deps
|
- remove small-icu from deps
|
||||||
|
Loading…
Reference in New Issue
Block a user