Hello community, here is the log from the commit of package nodejs10 for openSUSE:Factory checked in at 2019-05-16 21:55:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/nodejs10 (Old) and /work/SRC/openSUSE:Factory/.nodejs10.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "nodejs10" Thu May 16 21:55:00 2019 rev:12 rq:701128 version:10.15.3 Changes: -------- --- /work/SRC/openSUSE:Factory/nodejs10/nodejs10.changes 2019-04-26 22:42:41.717697327 +0200 +++ /work/SRC/openSUSE:Factory/.nodejs10.new.5148/nodejs10.changes 2019-05-16 21:55:05.994912964 +0200 @@ -1,0 +2,6 @@ +Mon May 6 13:54:47 UTC 2019 - Adam Majer <[email protected]> + +- openssl_1_1_1.patch: backport fixes for OpenSSL 1.1.1 (bsc#1134208) +- Require user/group nobody for npm + +------------------------------------------------------------------- New: ---- openssl_1_1_1.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ nodejs10.spec ++++++ --- /var/tmp/diff_new_pack.YAkRcL/_old 2019-05-16 21:55:07.834912176 +0200 +++ /var/tmp/diff_new_pack.YAkRcL/_new 2019-05-16 21:55:07.838912173 +0200 @@ -31,11 +31,15 @@ %define node_version_number 10 +%if %node_version_number >= 12 +%define openssl_req_ver 1.1.1 +%else %if %node_version_number >= 10 %define openssl_req_ver 1.1.0 %else # node8 or older %define openssl_req_ver 1.0.2 %endif +%endif %bcond_with valgrind_tests @@ -118,6 +122,7 @@ Patch3: fix_ci_tests.patch Patch7: manual_configure.patch Patch11: valgrind_fixes.patch +Patch12: openssl_1_1_1.patch ## Patches specific to SUSE and openSUSE # PATCH-FIX-OPENSUSE -- set correct path for dtrace if it is built @@ -274,6 +279,10 @@ Provides: npm = %{version} Provides: npm(npm) = 6.4.1 %if 0%{?suse_version} >= 1500 +%if %{node_version_number} >= 10 +Requires: group(nobody) +Requires: user(nobody) +%endif Recommends: python2 %else Recommends: python @@ -313,6 +322,7 @@ %if 0%{with valgrind_tests} %patch11 -p1 %endif +%patch12 -p1 %patch101 -p1 %patch102 -p1 # Add check_output to configure script (not part of Python 2.6 in SLE11). ++++++ openssl_1_1_1.patch ++++++ commit 8dd8033519658bba2d7b776ec166f889a56bce31 Author: Shigeki Ohtsu <[email protected]> Date: Wed Sep 12 17:34:24 2018 +0900 tls: workaround handshakedone in renegotiation `SSL_CB_HANDSHAKE_START` and `SSL_CB_HANDSHAKE_DONE` are called sending HelloRequest in OpenSSL-1.1.1. We need to check whether this is in a renegotiation state or not. Backport-PR-URL: https://github.com/nodejs/node/pull/26270 PR-URL: https://github.com/nodejs/node/pull/25381 Reviewed-By: Daniel Bevenius <[email protected]> Reviewed-By: Shigeki Ohtsu <[email protected]> diff --git a/src/tls_wrap.cc b/src/tls_wrap.cc index b5eff38358..0ec66fc467 100644 --- a/src/tls_wrap.cc +++ b/src/tls_wrap.cc @@ -221,7 +221,10 @@ void TLSWrap::SSLInfoCallback(const SSL* ssl_, int where, int ret) { } } - if (where & SSL_CB_HANDSHAKE_DONE) { + // SSL_CB_HANDSHAKE_START and SSL_CB_HANDSHAKE_DONE are called + // sending HelloRequest in OpenSSL-1.1.1. + // We need to check whether this is in a renegotiation state or not. + if (where & SSL_CB_HANDSHAKE_DONE && !SSL_renegotiate_pending(ssl)) { c->established_ = true; Local<Value> callback = object->Get(env->onhandshakedone_string()); if (callback->IsFunction()) {
