mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2025-08-06 13:57:14 +02:00
Code Issues Packages Projects Releases Wiki Activity
44473e348f
aports/community/nodejs-current/use-system-ca-certs.patch
Jakub Jirutka 308944d90d main/nodejs: rename to nodejs-current and move to community 
Odd-numbered versions, like this one (v7), are supported by upstream
only for 9 months. When a new odd-numbered major release is cut, the
previous even-numbered major version transitions to the Long Term
Support plan (LTS).

Packages in Alpine stable must be supported for 2 years, so we should
keep only LTS version in the stable. Therefore this package is renamed
to nodejs-current and moved to the community repository. The nodejs-lts
package is going to be renamed to nodejs.

See https://github.com/nodejs/LTS#lts-schedule
2016-11-27 14:10:03 +01:00

64 lines
1.7 KiB
Diff
Raw Blame History

From: Jakub Jirutka <jakub@jirutka.cz>
Date: Sat, 26 Nov 2016 21:18:00 +0200
Subject: Use system-provided CA certificates instead of bundled ones
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -116,8 +116,8 @@
static Mutex* mutexes;
-const char* const root_certs[] = {
-#include "node_root_certs.h" // NOLINT(build/include_order)
+const char* root_certs[] = {
+ NULL
};
X509_STORE* root_cert_store;
@@ -688,25 +688,33 @@
static X509_STORE* NewRootCertStore() {
+ X509_STORE* store = X509_STORE_new();
+
if (!root_certs_vector) {
root_certs_vector = new std::vector<X509*>;
- for (size_t i = 0; i < arraysize(root_certs); i++) {
- BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i]));
- X509 *x509 = PEM_read_bio_X509(bp, nullptr, CryptoPemCallback, nullptr);
- BIO_free(bp);
-
- if (x509 == nullptr) {
- // Parse errors from the built-in roots are fatal.
- ABORT();
- return nullptr;
- }
+ BIO* bio = BIO_new(BIO_s_file());
+ if (bio == nullptr) {
+ abort();
+ return nullptr;
+ }
+
+ if (BIO_read_filename(bio, "/etc/ssl/certs/ca-certificates.crt") == 1) {
+ STACK_OF(X509_INFO)* certs = PEM_X509_INFO_read_bio(bio, nullptr, nullptr, nullptr);
- root_certs_vector->push_back(x509);
+ for (int i = 0; i < sk_X509_INFO_num(certs); i++) {
+ X509* cert = sk_X509_INFO_value(certs, i)->x509;
+
+ if (cert) {
+ X509_up_ref(cert);
+ root_certs_vector->push_back(cert);
+ }
+ }
+ sk_X509_INFO_pop_free(certs, X509_INFO_free);
}
+ BIO_free_all(bio);
}
- X509_STORE* store = X509_STORE_new();
for (auto& cert : *root_certs_vector) {
X509_up_ref(cert);
X509_STORE_add_cert(store, cert);
Reference in New Issue View Git Blame Copy Permalink