mirrors/meta-openembedded
1
0
Fork 0
mirror of https://github.com/openembedded/meta-openembedded.git synced 2026-06-03 14:19:52 +00:00
Code Issues Projects Releases Wiki Activity

nodejs: Upgrade to 16.14.0

Browse Source 
Remove two upstreamed patches.

Signed-off-by: Zoltán Böszörményi <zboszor@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Zoltán Böszörményi
2022-03-02 10:27:36 +01:00
committed by Khem Raj
parent b49effc439
commit f8a274732f
3 changed files with 2 additions and 207 deletions
Download Patch File Download Diff File Expand all files Collapse all files
meta-oe/recipes-devtools/nodejs/nodejs/0001-crypto-fix-build-without-scrypt.patch
-38
View File
@@ -1,38 +0,0 @@
From 048203c97009c907ff3891f6ffa8f375fcf1045c Mon Sep 17 00:00:00 2001
From: Martin Jansa <Martin.Jansa@gmail.com>
Date: Tue, 26 Oct 2021 08:34:39 -0700
Subject: [PATCH] crypto: fix build without scrypt
* add missing semicolon to fix:
In file included from ../src/node_crypto.h:47,
from ../src/node.cc:46:
../src/crypto/crypto_scrypt.h:80:2:
error: expected ';' after struct definition
80 | }
| ^
| ;
and fix typo in the comment
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Upstream-Status: Submitted [https://github.com/nodejs/node/pull/40613]
---
src/crypto/crypto_scrypt.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/crypto/crypto_scrypt.h b/src/crypto/crypto_scrypt.h
index 4ca888e31d..3d185637f4 100644
--- a/src/crypto/crypto_scrypt.h
+++ b/src/crypto/crypto_scrypt.h
@@ -77,8 +77,8 @@ struct ScryptJob {
static void Initialize(
Environment* env,
v8::Local<v8::Object> target) {}
-}
-#endif // !OPENSSL_NO_SCRIPT
+};
+#endif // !OPENSSL_NO_SCRYPT
} // namespace crypto
} // namespace node
meta-oe/recipes-devtools/nodejs/nodejs/0005-add-openssl-legacy-provider-option.patch
-165
View File
@@ -1,165 +0,0 @@
From 86d1c0cc6a5dcf57e413a1cc1c29203e87cf9a14 Mon Sep 17 00:00:00 2001
From: Daniel Bevenius <daniel.bevenius@gmail.com>
Date: Sat, 16 Oct 2021 08:50:16 +0200
Subject: [PATCH] src: add --openssl-legacy-provider option
This commit adds an option to Node.js named --openssl-legacy-provider
and if specified will load OpenSSL 3.0 Legacy provider.
$ ./node --help
...
--openssl-legacy-provider enable OpenSSL 3.0 legacy provider
Example usage:
$ ./node --openssl-legacy-provider -p 'crypto.createHash("md4")'
Hash {
_options: undefined,
[Symbol(kHandle)]: Hash {},
[Symbol(kState)]: { [Symbol(kFinalized)]: false }
}
Co-authored-by: Richard Lau <rlau@redhat.com>
Refs: https://github.com/nodejs/node/issues/40455
---
doc/api/cli.md | 10 ++++++++++
src/crypto/crypto_util.cc | 10 ++++++++++
src/node_options.cc | 10 ++++++++++
src/node_options.h | 7 +++++++
.../test-process-env-allowed-flags-are-documented.js | 5 +++++
5 files changed, 42 insertions(+)
diff --git a/doc/api/cli.md b/doc/api/cli.md
index 74057706bf8d..608b9cdeddf1 100644
--- a/doc/api/cli.md
+++ b/doc/api/cli.md
@@ -652,6 +652,14 @@ Load an OpenSSL configuration file on startup. Among other uses, this can be
used to enable FIPS-compliant crypto if Node.js is built
against FIPS-enabled OpenSSL.
+### `--openssl-legacy-provider`
+<!-- YAML
+added: REPLACEME
+-->
+
+Enable OpenSSL 3.0 legacy provider. For more information please see
+[providers readme][].
+
### `--pending-deprecation`
<!-- YAML
added: v8.0.0
@@ -1444,6 +1452,7 @@ Node.js options that are allowed are:
* `--no-warnings`
* `--node-memory-debug`
* `--openssl-config`
+* `--openssl-legacy-provider`
* `--pending-deprecation`
* `--policy-integrity`
* `--preserve-symlinks-main`
@@ -1814,6 +1823,7 @@ $ node --max-old-space-size=1536 index.js
[emit_warning]: process.md#process_process_emitwarning_warning_type_code_ctor
[jitless]: https://v8.dev/blog/jitless
[libuv threadpool documentation]: https://docs.libuv.org/en/latest/threadpool.html
+[providers readme]: https://github.com/openssl/openssl/blob/openssl-3.0.0/README-PROVIDERS.md
[remote code execution]: https://www.owasp.org/index.php/Code_Injection
[timezone IDs]: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
[ways that `TZ` is handled in other environments]: https://www.gnu.org/software/libc/manual/html_node/TZ-Variable.html
diff --git a/src/crypto/crypto_util.cc b/src/crypto/crypto_util.cc
index 7e0c8ba3eb60..796ea3025e41 100644
--- a/src/crypto/crypto_util.cc
+++ b/src/crypto/crypto_util.cc
@@ -136,6 +136,16 @@ void InitCryptoOnce() {
}
#endif
+#if OPENSSL_VERSION_MAJOR >= 3
+ // --openssl-legacy-provider
+ if (per_process::cli_options->openssl_legacy_provider) {
+ OSSL_PROVIDER* legacy_provider = OSSL_PROVIDER_load(nullptr, "legacy");
+ if (legacy_provider == nullptr) {
+ fprintf(stderr, "Unable to load legacy provider.\n");
+ }
+ }
+#endif
+
OPENSSL_init_ssl(0, settings);
OPENSSL_INIT_free(settings);
settings = nullptr;
diff --git a/src/node_options.cc b/src/node_options.cc
index 00bdc6688a4c..3363860919a9 100644
--- a/src/node_options.cc
+++ b/src/node_options.cc
@@ -4,6 +4,9 @@
#include "env-inl.h"
#include "node_binding.h"
#include "node_internals.h"
+#if HAVE_OPENSSL
+#include "openssl/opensslv.h"
+#endif
#include <errno.h>
#include <sstream>
@@ -809,6 +812,13 @@ PerProcessOptionsParser::PerProcessOptionsParser(
&PerProcessOptions::secure_heap_min,
kAllowedInEnvironment);
#endif
+#if OPENSSL_VERSION_MAJOR >= 3
+ AddOption("--openssl-legacy-provider",
+ "enable OpenSSL 3.0 legacy provider",
+ &PerProcessOptions::openssl_legacy_provider,
+ kAllowedInEnvironment);
+
+#endif // OPENSSL_VERSION_MAJOR
AddOption("--use-largepages",
"Map the Node.js static code to large pages. Options are "
"'off' (the default value, meaning do not map), "
diff --git a/src/node_options.h b/src/node_options.h
index fd772478d04d..1c0e018ab16f 100644
--- a/src/node_options.h
+++ b/src/node_options.h
@@ -11,6 +11,10 @@
#include "node_mutex.h"
#include "util.h"
+#if HAVE_OPENSSL
+#include "openssl/opensslv.h"
+#endif
+
namespace node {
class HostPort {
@@ -251,6 +255,9 @@ class PerProcessOptions : public Options {
bool enable_fips_crypto = false;
bool force_fips_crypto = false;
#endif
+#if OPENSSL_VERSION_MAJOR >= 3
+ bool openssl_legacy_provider = false;
+#endif
// Per-process because reports can be triggered outside a known V8 context.
bool report_on_fatalerror = false;
diff --git a/test/parallel/test-process-env-allowed-flags-are-documented.js b/test/parallel/test-process-env-allowed-flags-are-documented.js
index 64626b71f019..8a4e35997907 100644
--- a/test/parallel/test-process-env-allowed-flags-are-documented.js
+++ b/test/parallel/test-process-env-allowed-flags-are-documented.js
@@ -40,6 +40,10 @@ for (const line of [...nodeOptionsLines, ...v8OptionsLines]) {
}
}
+if (!common.hasOpenSSL3) {
+ documented.delete('--openssl-legacy-provider');
+}
+
// Filter out options that are conditionally present.
const conditionalOpts = [
{
@@ -47,6 +51,7 @@ const conditionalOpts = [
filter: (opt) => {
return [
'--openssl-config',
+ common.hasOpenSSL3 ? '--openssl-legacy-provider' : '',
'--tls-cipher-list',
'--use-bundled-ca',
'--use-openssl-ca',
meta-oe/recipes-devtools/nodejs/nodejs_16.11.1.bb → meta-oe/recipes-devtools/nodejs/nodejs_16.14.0.bb
+2 -4
View File
@@ -1,7 +1,7 @@
DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript" DESCRIPTION = "nodeJS Evented I/O for V8 JavaScript"
HOMEPAGE = "http://nodejs.org" HOMEPAGE = "http://nodejs.org"
LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0" LICENSE = "MIT & ISC & BSD-2-Clause & BSD-3-Clause & Artistic-2.0"
LIC_FILES_CHKSUM = "file://LICENSE;md5=12f6b053282af96a218353ae7aff7cd8" LIC_FILES_CHKSUM = "file://LICENSE;md5=6ba5b21ac7a505195ca69344d3d7a94a"
DEPENDS = "openssl" DEPENDS = "openssl"
DEPENDS:append:class-target = " qemu-native" DEPENDS:append:class-target = " qemu-native"
@@ -20,12 +20,10 @@ SRC_URI = "http://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz \
file://0001-Disable-running-gyp-files-for-bundled-deps.patch \ file://0001-Disable-running-gyp-files-for-bundled-deps.patch \
file://0002-Install-both-binaries-and-use-libdir.patch \ file://0002-Install-both-binaries-and-use-libdir.patch \
file://0004-v8-don-t-override-ARM-CFLAGS.patch \ file://0004-v8-don-t-override-ARM-CFLAGS.patch \
file://0005-add-openssl-legacy-provider-option.patch \
file://big-endian.patch \ file://big-endian.patch \
file://mips-less-memory.patch \ file://mips-less-memory.patch \
file://system-c-ares.patch \ file://system-c-ares.patch \
file://0001-liftoff-Correct-function-signatures.patch \ file://0001-liftoff-Correct-function-signatures.patch \
file://0001-crypto-fix-build-without-scrypt.patch \
" "
SRC_URI:append:class-target = " \ SRC_URI:append:class-target = " \
file://0002-Using-native-binaries.patch \ file://0002-Using-native-binaries.patch \
@@ -36,7 +34,7 @@ SRC_URI:append:toolchain-clang:x86 = " \
SRC_URI:append:toolchain-clang:powerpc64le = " \ SRC_URI:append:toolchain-clang:powerpc64le = " \
file://0001-ppc64-Do-not-use-mminimal-toc-with-clang.patch \ file://0001-ppc64-Do-not-use-mminimal-toc-with-clang.patch \
" "
SRC_URI[sha256sum] = "67587f4de25e30a9cc0b51a6033eca3bc82d7b4e0d79bb84a265e88f76ab6278" SRC_URI[sha256sum] = "05eb64193e391fa8a2c159c0f60c171824715165f80c67fcab9dbc944e30c623"
S = "${WORKDIR}/node-v${PV}" S = "${WORKDIR}/node-v${PV}"