commit: 5b5b38fcf81b6764a5d00ad93b8fd2362a20079f
Author: Stefan Strogin <stefan.strogin <AT> gmail <DOT> com>
AuthorDate: Mon Mar 25 06:51:16 2019 +0000
Commit: Stefan Strogin <stefan.strogin <AT> gmail <DOT> com>
CommitDate: Mon Mar 25 06:51:16 2019 +0000
URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=5b5b38fc
net-libs/nodejs: drop old
Package-Manager: Portage-2.3.62, Repoman-2.3.12
Signed-off-by: Stefan Strogin <stefan.strogin <AT> gmail.com>
net-libs/nodejs/Manifest | 6 -
net-libs/nodejs/files/nodejs-4.6.1-libressl.patch | 587 ------------------
net-libs/nodejs/files/nodejs-8.1.0-libressl.patch | 697 ----------------------
net-libs/nodejs/files/nodejs-8.1.1-libressl.patch | 697 ----------------------
net-libs/nodejs/nodejs-4.6.1.ebuild | 147 -----
net-libs/nodejs/nodejs-6.9.4.ebuild | 195 ------
net-libs/nodejs/nodejs-7.10.0.ebuild | 197 ------
net-libs/nodejs/nodejs-8.1.0.ebuild | 195 ------
net-libs/nodejs/nodejs-8.1.1.ebuild | 195 ------
net-libs/nodejs/nodejs-9.11.2.ebuild | 205 -------
10 files changed, 3121 deletions(-)
diff --git a/net-libs/nodejs/Manifest b/net-libs/nodejs/Manifest
index 635871d..2488786 100644
--- a/net-libs/nodejs/Manifest
+++ b/net-libs/nodejs/Manifest
@@ -1,12 +1,6 @@
DIST node-v10.15.2.tar.xz 20232972 BLAKE2B
3ffaa0890ddec6b9d00a0b3f32fc62e55a665ea6faba6265df71be601f88a1c948011f908851f1cbb198974ca36f8626fa9a2b4b8827f0155e57ff48f3e25c10
SHA512
2d4ef4758d3a73a160b95249c7dce32307287ef84511f56c3077f18c0d87a53bb73b44dd86131a402c4e86686e5e7cb5aeedb2b075b8ab261fc43d5abbe70ce6
DIST node-v10.15.3.tar.xz 20262632 BLAKE2B
d65d4e274fa829be5cda1970b0ebe7081e8476334cb825e5727324c3202bc015f4ba39589608284d0f8c0b722079c06d1587de5299a3c81ccb7b0eacbdaccf84
SHA512
cf741f733af7a7e1fbd37b0f98110078494b4771dbdfccacfda95a5ea4cda6cdcea4f8d31dddcf27477213614e4ab6cf7d1a1f900cb92936333730737ac4f9e8
-DIST node-v4.6.1.tar.xz 13295568 SHA256
fe2a85df8758001878abb5bbaf17a6b6cdc12b3e465b1d3bace83b37fdf0345a SHA512
4eb2acbe13ee2373922420e3238be63d2108dacba640438bddbdea12ec2de9c655f33db611e4c0654b66bf4fdb844a7b6554a823aac73171b17599096856abdb
WHIRLPOOL
a6d21cce7ab8c430528682f78a6e6492f753c87949b7b1bdc15dc02911559cd89deb45329c2ba32da57b776dd4feaabec8a3e7a59a78094cfb079261b6475c76
DIST node-v6.11.5.tar.xz 15699404 SHA256
1c6de415216799fbaeca82304b3fef87accc7101ebf2ead7d5c545e0779e8aaf SHA512
62490725ef7957294c1bddf21ef0626c7472876791210168116501255ecee58457e9de9b044e10033706243299bbfd1495efeca169596fbf26f5eeba6d8fa4c9
WHIRLPOOL
6e572e34d473544624734a54243dc41101e91d045f2b9cedc0c1a65c90584deb163efb422a0c992689ef9878cc5b882758795ae4d902c1c5b20468d8fa2151da
-DIST node-v6.9.4.tar.xz 15519264 SHA256
c51d7c61db40455d57428abcadc7eb0f0a08a8878cb1d8ea3c1e211c54532c35 SHA512
86d3e2889031c2b50c021bd3fd63194c2c22c44291d51dff1b5e1652b01853c09d2880c2f58fdad062e3e2a3f637a3f0d78dac66b835b676790cf272e64f8dce
WHIRLPOOL
d1bcf488ed1aae7959303b988c9467fc5d0930166c7bfe0e441392763e19f788496971c07560a9f62586bbb2be7ce741ece8346140d665d29593b9b8f649b002
-DIST node-v7.10.0.tar.xz 16751724 SHA256
dc34dd15524ba821ffcae7b245eabe8631e2614d5e3cb8ff08fbfdadf5919f21 SHA512
d9bb8b4e17c41a9726bba0e32f0cbcdec9cde920457242a7170c8f8fe37aed21d77a0340b7b9bbca2e60cfe5a41da65f0ce7dc295b0a7a823c9e863bd232171b
WHIRLPOOL
f7cd2a6a4aa6a5dc6c5f59be6897c13f4bdd1230e1324d97704ed32efcc65685d0d5b180e0f0018f9564bd4f4e6df43c0b90a289d5e5a92937e60a13d0281bf3
-DIST node-v8.1.0.tar.xz 17723984 SHA256
f2ff20b69b782dee85e887ad06e830590b2250856f6df325ed15a368bb6777fc SHA512
d7de8e1000852c09b21c1fa9127d4946c0c85ee931ede703eeef41ff6da4b2a670c0b0dfc5f3f174064ef990fb9ac31c0150639bb1811ae7a04888cab07892d8
WHIRLPOOL
587796efac95d098a539c4d500bc8a8a61d5b0845f258b42bd356ffe225149a409c3f37a5989b4ecfa143f4d640647e4a4fb5decabbd27727c09335d1f973f3b
-DIST node-v8.1.1.tar.xz 17732728 SHA256
7b0d176dc4a1db37789e009825ba03d2e3f834227e5efd296167e7ef6b287847 SHA512
2248e8c53e795023e37a3275b062dab0df76df2a41d9a4efdcd246c8cd4d2e585539448022ef9a8e2d2ea641e18abf9a753e2b86ab9a6d1d283948b175a868e0
WHIRLPOOL
ca8c5d2f72c0bd3eac675011a8494794eb535de6537f38f7222e3d0812c095b99e6cb821c342b3a5483fd5076d6924d8083501c2dbb57a8a0c6b9a07509a6fec
DIST node-v8.12.0.tar.xz 18310452 BLAKE2B
79634fc57cd76a97e72bab4be37da91d5eff4d13cdaa2b48e83f013885fa3590ba4a28378baf036ed26b7304bf234753d1d4014f72571496f5bb6cd5b221e5f0
SHA512
665d2dba287d78bcd723d7b4d00a6897fb996f4aa69a541e010a3dfeb2614257892117fcce7123966b1ecaddc9269a6667e0e262df693baea1f476c96de55c42
DIST node-v8.13.0.tar.xz 18477528 BLAKE2B
6b4e1c0c881395a194799743cdb9cf186a4b168ae3a8c74267f64b0d89c88dae525d56cb45f3a55f7fea3fd0f1c814dbb88c28d9f49c9af66ea0bbe9d68460d4
SHA512
1e4bf25cd177fb4c3cfd787388acaf5832d92220ed294853d09e95dda14021359c620b42a77de8307929add1f49e47da905689b67d290648a20b6e0b3500514f
DIST node-v8.15.0.tar.xz 18499412 BLAKE2B
bba68517358cea14e9ba7c0c14b3f30caa00e358ff79d0602a1a71c9dd80334800ea2fd12086c5bee47cc23b9debe2cb0e36650f6be02e20615047a971297c54
SHA512
9a3d54ee9e22919ab425532ea64336b1dee0ae3ce4afd4eaacc109a2c2d34c98ea8188acd436c55a5dbba30fb4f95f8fcc9000ea60a81224d09b90d2f493cefd
-DIST node-v9.11.2.tar.xz 18507832 BLAKE2B
f5ef210632065f2c99dbe3fd210fa832bdd09670dd8bd736dce2c7ab2fc87c3a717cda11c2a09c325b25a72d99431cbc79c0ee7c202ece5fc41786f1f0aa68e4
SHA512
ca49a1f3aaa8b25faa62c411a96551c8977bb43a22f8f171f27d3585306f379b6a12e55e60ddca04a6f2f8c62a1b3fed9e66c02898d80bf7ca59278536e04c13
diff --git a/net-libs/nodejs/files/nodejs-4.6.1-libressl.patch
b/net-libs/nodejs/files/nodejs-4.6.1-libressl.patch
deleted file mode 100644
index 6cdb715..0000000
--- a/net-libs/nodejs/files/nodejs-4.6.1-libressl.patch
+++ /dev/null
@@ -1,587 +0,0 @@
-diff -Naur node-v4.6.1.orig/lib/_tls_wrap.js node-v4.6.1/lib/_tls_wrap.js
---- node-v4.6.1.orig/lib/_tls_wrap.js 2017-04-12 12:40:43.517228944 -0700
-+++ node-v4.6.1/lib/_tls_wrap.js 2017-04-12 12:49:51.155877106 -0700
-@@ -165,30 +165,33 @@
- if (err)
- return self.destroy(err);
-
-- self._handle.endParser();
-- });
--}
--
--
--function oncertcb(info) {
-- var self = this;
-- var servername = info.servername;
--
-- loadSNI(self, servername, function(err, ctx) {
-- if (err)
-- return self.destroy(err);
-- requestOCSP(self, info, ctx, function(err) {
-+ // Servername came from SSL session
-+ // NOTE: TLS Session ticket doesn't include servername information
-+ //
-+ // Another note, From RFC3546:
-+ //
-+ // If, on the other hand, the older
-+ // session is resumed, then the server MUST ignore extensions appearing
-+ // in the client hello, and send a server hello containing no
-+ // extensions; in this case the extension functionality negotiated
-+ // during the original session initiation is applied to the resumed
-+ // session.
-+ //
-+ // Therefore we should account session loading when dealing with
servername
-+ var servername = session && session.servername || hello.servername;
-+ loadSNI(self, servername, function(err, ctx) {
- if (err)
- return self.destroy(err);
-
-- if (!self._handle)
-- return self.destroy(new Error('Socket is closed'));
-+ requestOCSP(self, info, ctx, function(err) {
-+ if (err)
-+ return self.destroy(err);
-+
-+ if (!self._handle)
-+ return self.destroy(new Error('Socket is closed'));
-
-- try {
-- self._handle.certCbDone();
-- } catch (e) {
-- self.destroy(e);
-- }
-+ self._handle.endParser();
-+ });
- });
- });
- }
-@@ -410,18 +413,15 @@
- ssl.onhandshakestart = () => onhandshakestart.call(this);
- ssl.onhandshakedone = () => onhandshakedone.call(this);
- ssl.onclienthello = (hello) => onclienthello.call(this, hello);
-- ssl.oncertcb = (info) => oncertcb.call(this, info);
- ssl.onnewsession = (key, session) => onnewsession.call(this, key,
session);
- ssl.lastHandshakeTime = 0;
- ssl.handshakes = 0;
-
-- if (this.server) {
-- if (this.server.listenerCount('resumeSession') > 0 ||
-- this.server.listenerCount('newSession') > 0) {
-- ssl.enableSessionCallbacks();
-- }
-- if (this.server.listenerCount('OCSPRequest') > 0)
-- ssl.enableCertCb();
-+ if (this.server &&
-+ (this.server.listenerCount('resumeSession') > 0 ||
-+ this.server.listenerCount('newSession') > 0 ||
-+ this.server.listenerCount('OCSPRequest') > 0)) {
-+ ssl.enableSessionCallbacks();
- }
- } else {
- ssl.onhandshakestart = function() {};
-@@ -463,7 +463,7 @@
- options.server._contexts.length)) {
- assert(typeof options.SNICallback === 'function');
- this._SNICallback = options.SNICallback;
-- ssl.enableCertCb();
-+ ssl.enableHelloParser();
- }
-
- if (process.features.tls_npn && options.NPNProtocols)
-diff -Naur node-v4.6.1.orig/src/env.h node-v4.6.1/src/env.h
---- node-v4.6.1.orig/src/env.h 2017-04-12 12:40:43.536229174 -0700
-+++ node-v4.6.1/src/env.h 2017-04-12 12:50:02.055009418 -0700
-@@ -57,7 +57,6 @@
- V(bytes_read_string, "bytesRead")
\
- V(callback_string, "callback")
\
- V(change_string, "change")
\
-- V(oncertcb_string, "oncertcb")
\
- V(onclose_string, "_onclose")
\
- V(code_string, "code")
\
- V(compare_string, "compare")
\
-diff -Naur node-v4.6.1.orig/src/node_crypto.cc node-v4.6.1/src/node_crypto.cc
---- node-v4.6.1.orig/src/node_crypto.cc 2017-04-12 12:40:43.541229235
-0700
-+++ node-v4.6.1/src/node_crypto.cc 2017-04-12 12:52:59.371161636 -0700
-@@ -160,8 +160,6 @@
- #endif
-
- template void SSLWrap<TLSWrap>::DestroySSL();
--template int SSLWrap<TLSWrap>::SSLCertCallback(SSL* s, void* arg);
--template void SSLWrap<TLSWrap>::WaitForCertCb(CertCb cb, void* arg);
-
-
- static void crypto_threadid_cb(CRYPTO_THREADID* tid) {
-@@ -525,8 +523,7 @@
- for (int i = 0; i < sk_X509_num(extra_certs); i++) {
- X509* ca = sk_X509_value(extra_certs, i);
-
-- // NOTE: Increments reference count on `ca`
-- r = SSL_CTX_add1_chain_cert(ctx, ca);
-+ r = SSL_CTX_add_extra_chain_cert(ctx, ca);
-
- if (!r) {
- ret = 0;
-@@ -1051,7 +1048,7 @@
- void SecureContext::SetFreeListLength(const FunctionCallbackInfo<Value>&
args) {
- SecureContext* wrap = Unwrap<SecureContext>(args.Holder());
-
-- wrap->ctx_->freelist_max_len = args[0]->Int32Value();
-+ // wrap->ctx_->freelist_max_len = args[0]->Int32Value();
- }
-
-
-@@ -1188,7 +1185,6 @@
- env->SetProtoMethod(t, "verifyError", VerifyError);
- env->SetProtoMethod(t, "getCurrentCipher", GetCurrentCipher);
- env->SetProtoMethod(t, "endParser", EndParser);
-- env->SetProtoMethod(t, "certCbDone", CertCbDone);
- env->SetProtoMethod(t, "renegotiate", Renegotiate);
- env->SetProtoMethod(t, "shutdownSSL", Shutdown);
- env->SetProtoMethod(t, "getTLSTicket", GetTLSTicket);
-@@ -2079,129 +2075,6 @@
-
-
- template <class Base>
--void SSLWrap<Base>::WaitForCertCb(CertCb cb, void* arg) {
-- cert_cb_ = cb;
-- cert_cb_arg_ = arg;
--}
--
--
--template <class Base>
--int SSLWrap<Base>::SSLCertCallback(SSL* s, void* arg) {
-- Base* w = static_cast<Base*>(SSL_get_app_data(s));
--
-- if (!w->is_server())
-- return 1;
--
-- if (!w->is_waiting_cert_cb())
-- return 1;
--
-- if (w->cert_cb_running_)
-- return -1;
--
-- Environment* env = w->env();
-- HandleScope handle_scope(env->isolate());
-- Context::Scope context_scope(env->context());
-- w->cert_cb_running_ = true;
--
-- Local<Object> info = Object::New(env->isolate());
--
-- SSL_SESSION* sess = SSL_get_session(s);
-- if (sess != nullptr) {
-- if (sess->tlsext_hostname == nullptr) {
-- info->Set(env->servername_string(), String::Empty(env->isolate()));
-- } else {
-- Local<String> servername = OneByteString(env->isolate(),
-- sess->tlsext_hostname,
-- strlen(sess->tlsext_hostname));
-- info->Set(env->servername_string(), servername);
-- }
-- info->Set(env->tls_ticket_string(),
-- Boolean::New(env->isolate(), sess->tlsext_ticklen != 0));
-- }
--
-- bool ocsp = false;
--#ifdef NODE__HAVE_TLSEXT_STATUS_CB
-- ocsp = s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp;
--#endif
--
-- info->Set(env->ocsp_request_string(), Boolean::New(env->isolate(), ocsp));
--
-- Local<Value> argv[] = { info };
-- w->MakeCallback(env->oncertcb_string(), arraysize(argv), argv);
--
-- if (!w->cert_cb_running_)
-- return 1;
--
-- // Performing async action, wait...
-- return -1;
--}
--
--
--template <class Base>
--void SSLWrap<Base>::CertCbDone(const FunctionCallbackInfo<Value>& args) {
-- Base* w = Unwrap<Base>(args.Holder());
-- Environment* env = w->env();
--
-- CHECK(w->is_waiting_cert_cb() && w->cert_cb_running_);
--
-- Local<Object> object = w->object();
-- Local<Value> ctx = object->Get(env->sni_context_string());
-- Local<FunctionTemplate> cons = env->secure_context_constructor_template();
--
-- // Not an object, probably undefined or null
-- if (!ctx->IsObject())
-- goto fire_cb;
--
-- if (cons->HasInstance(ctx)) {
-- SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>());
-- w->sni_context_.Reset();
-- w->sni_context_.Reset(env->isolate(), ctx);
--
-- int rv;
--
-- // NOTE: reference count is not increased by this API methods
-- X509* x509 = SSL_CTX_get0_certificate(sc->ctx_);
-- EVP_PKEY* pkey = SSL_CTX_get0_privatekey(sc->ctx_);
-- STACK_OF(X509)* chain;
--
-- rv = SSL_CTX_get0_chain_certs(sc->ctx_, &chain);
-- if (rv)
-- rv = SSL_use_certificate(w->ssl_, x509);
-- if (rv)
-- rv = SSL_use_PrivateKey(w->ssl_, pkey);
-- if (rv && chain != nullptr)
-- rv = SSL_set1_chain(w->ssl_, chain);
-- if (rv)
-- rv = w->SetCACerts(sc);
-- if (!rv) {
-- unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
-- if (!err)
-- return env->ThrowError("CertCbDone");
-- return ThrowCryptoError(env, err);
-- }
-- } else {
-- // Failure: incorrect SNI context object
-- Local<Value> err = Exception::TypeError(env->sni_context_err_string());
-- w->MakeCallback(env->onerror_string(), 1, &err);
-- return;
-- }
--
-- fire_cb:
-- CertCb cb;
-- void* arg;
--
-- cb = w->cert_cb_;
-- arg = w->cert_cb_arg_;
--
-- w->cert_cb_running_ = false;
-- w->cert_cb_ = nullptr;
-- w->cert_cb_arg_ = nullptr;
--
-- cb(arg);
--}
--
--
--template <class Base>
- void SSLWrap<Base>::SSLGetter(Local<String> property,
- const PropertyCallbackInfo<Value>& info) {
- SSL* ssl = Unwrap<Base>(info.This())->ssl_;
-@@ -2232,10 +2105,6 @@
-
- template <class Base>
- int SSLWrap<Base>::SetCACerts(SecureContext* sc) {
-- int err = SSL_set1_verify_cert_store(ssl_,
SSL_CTX_get_cert_store(sc->ctx_));
-- if (err != 1)
-- return err;
--
- STACK_OF(X509_NAME)* list = SSL_dup_CA_list(
- SSL_CTX_get_client_CA_list(sc->ctx_));
-
-@@ -2329,10 +2198,6 @@
- DEBUG_PRINT("[%p] SSL: %s want read\n", ssl_, func);
- return 0;
-
-- } else if (err == SSL_ERROR_WANT_X509_LOOKUP) {
-- DEBUG_PRINT("[%p] SSL: %s want x509 lookup\n", ssl_, func);
-- return 0;
--
- } else if (err == SSL_ERROR_ZERO_RETURN) {
- HandleScope scope(ssl_env()->isolate());
-
-@@ -2513,7 +2378,7 @@
- SSL* ssl = static_cast<SSL*>(
- X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
-
-- if (SSL_is_server(ssl))
-+ if (ssl->server)
- return 1;
-
- // Client needs to check if the server cert is listed in the
-@@ -2540,7 +2405,7 @@
-
- // Call the SNI callback and use its return value as context
- if (!conn->sniObject_.IsEmpty()) {
-- conn->sni_context_.Reset();
-+ conn->sniContext_.Reset();
-
- Local<Object> sni_obj = PersistentToLocal(env->isolate(),
- conn->sniObject_);
-@@ -2556,7 +2421,7 @@
- Local<FunctionTemplate> secure_context_constructor_template =
- env->secure_context_constructor_template();
- if (secure_context_constructor_template->HasInstance(ret)) {
-- conn->sni_context_.Reset(env->isolate(), ret);
-+ conn->sniContext_.Reset(env->isolate(), ret);
- SecureContext* sc = Unwrap<SecureContext>(ret.As<Object>());
- conn->SetSNIContext(sc);
- } else {
-@@ -2594,8 +2459,6 @@
-
- InitNPN(sc);
-
-- SSL_set_cert_cb(conn->ssl_, SSLWrap<Connection>::SSLCertCallback, conn);
--
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- if (is_server) {
- SSL_CTX_set_tlsext_servername_callback(sc->ctx_,
SelectSNIContextCallback_);
-diff -Naur node-v4.6.1.orig/src/node_crypto.h node-v4.6.1/src/node_crypto.h
---- node-v4.6.1.orig/src/node_crypto.h 2017-04-12 12:40:43.541229235 -0700
-+++ node-v4.6.1/src/node_crypto.h 2017-04-12 12:55:08.867710808 -0700
-@@ -179,10 +179,7 @@
- kind_(kind),
- next_sess_(nullptr),
- session_callbacks_(false),
-- new_session_wait_(false),
-- cert_cb_(nullptr),
-- cert_cb_arg_(nullptr),
-- cert_cb_running_(false) {
-+ new_session_wait_(false) {
- ssl_ = SSL_new(sc->ctx_);
- env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
- CHECK_NE(ssl_, nullptr);
-@@ -199,9 +196,6 @@
- npn_protos_.Reset();
- selected_npn_proto_.Reset();
- #endif
--#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-- sni_context_.Reset();
--#endif
- #ifdef NODE__HAVE_TLSEXT_STATUS_CB
- ocsp_response_.Reset();
- #endif // NODE__HAVE_TLSEXT_STATUS_CB
-@@ -212,11 +206,8 @@
- inline bool is_server() const { return kind_ == kServer; }
- inline bool is_client() const { return kind_ == kClient; }
- inline bool is_waiting_new_session() const { return new_session_wait_; }
-- inline bool is_waiting_cert_cb() const { return cert_cb_ != nullptr; }
-
- protected:
-- typedef void (*CertCb)(void* arg);
--
- // Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
- // some for buffers.
- // NOTE: Actually it is much more than this
-@@ -244,7 +235,6 @@
- static void VerifyError(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void GetCurrentCipher(const v8::FunctionCallbackInfo<v8::Value>&
args);
- static void EndParser(const v8::FunctionCallbackInfo<v8::Value>& args);
-- static void CertCbDone(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void Renegotiate(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void Shutdown(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void GetTLSTicket(const v8::FunctionCallbackInfo<v8::Value>& args);
-@@ -273,12 +263,10 @@
- void* arg);
- #endif // OPENSSL_NPN_NEGOTIATED
- static int TLSExtStatusCallback(SSL* s, void* arg);
-- static int SSLCertCallback(SSL* s, void* arg);
- static void SSLGetter(v8::Local<v8::String> property,
- const v8::PropertyCallbackInfo<v8::Value>& info);
-
- void DestroySSL();
-- void WaitForCertCb(CertCb cb, void* arg);
- void SetSNIContext(SecureContext* sc);
- int SetCACerts(SecureContext* sc);
-
-@@ -293,11 +281,6 @@
- bool session_callbacks_;
- bool new_session_wait_;
-
-- // SSL_set_cert_cb
-- CertCb cert_cb_;
-- void* cert_cb_arg_;
-- bool cert_cb_running_;
--
- ClientHelloParser hello_parser_;
-
- #ifdef NODE__HAVE_TLSEXT_STATUS_CB
-@@ -309,10 +292,6 @@
- v8::Persistent<v8::Value> selected_npn_proto_;
- #endif // OPENSSL_NPN_NEGOTIATED
-
--#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-- v8::Persistent<v8::Value> sni_context_;
--#endif
--
- friend class SecureContext;
- };
-
-@@ -324,6 +303,7 @@
- ~Connection() override {
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- sniObject_.Reset();
-+ sniContext_.Reset();
- servername_.Reset();
- #endif
- }
-@@ -338,6 +318,7 @@
-
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- v8::Persistent<v8::Object> sniObject_;
-+ v8::Persistent<v8::Value> sniContext_;
- v8::Persistent<v8::String> servername_;
- #endif
-
-diff -Naur node-v4.6.1.orig/src/tls_wrap.cc node-v4.6.1/src/tls_wrap.cc
---- node-v4.6.1.orig/src/tls_wrap.cc 2017-04-12 12:40:43.557229429 -0700
-+++ node-v4.6.1/src/tls_wrap.cc 2017-04-12 13:36:49.323009154 -0700
-@@ -141,8 +141,6 @@
-
- InitNPN(sc_);
-
-- SSL_set_cert_cb(ssl_, SSLWrap<TLSWrap>::SSLCertCallback, this);
--
- if (is_server()) {
- SSL_set_accept_state(ssl_);
- } else if (is_client()) {
-@@ -353,7 +351,6 @@
- case SSL_ERROR_NONE:
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_WRITE:
-- case SSL_ERROR_WANT_X509_LOOKUP:
- break;
- case SSL_ERROR_ZERO_RETURN:
- return scope.Escape(env()->zero_return_string());
-@@ -769,6 +766,11 @@
- "EnableSessionCallbacks after destroySSL");
- }
- wrap->enable_session_callbacks();
-+ EnableHelloParser(args);
-+}
-+
-+void TLSWrap::EnableHelloParser(const FunctionCallbackInfo<Value>& args) {
-+ TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
- NodeBIO::FromBIO(wrap->enc_in_)->set_initial(kMaxHelloLength);
- wrap->hello_parser_.Start(SSLWrap<TLSWrap>::OnClientHello,
- OnClientHelloParseEnd,
-@@ -793,12 +795,6 @@
- }
-
-
--void TLSWrap::EnableCertCb(const FunctionCallbackInfo<Value>& args) {
-- TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
-- wrap->WaitForCertCb(OnClientHelloParseEnd, wrap);
--}
--
--
- void TLSWrap::OnClientHelloParseEnd(void* arg) {
- TLSWrap* c = static_cast<TLSWrap*>(arg);
- c->Cycle();
-@@ -896,8 +892,8 @@
- env->SetProtoMethod(t, "start", Start);
- env->SetProtoMethod(t, "setVerifyMode", SetVerifyMode);
- env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
-+ env->SetProtoMethod(t, "enableHelloParser", EnableHelloParser);
- env->SetProtoMethod(t, "destroySSL", DestroySSL);
-- env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
-
- StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
- SSLWrap<TLSWrap>::AddMethods(env, t);
-diff -Naur node-v4.6.1.orig/src/tls_wrap.h node-v4.6.1/src/tls_wrap.h
---- node-v4.6.1.orig/src/tls_wrap.h 2017-04-12 12:40:43.558229441 -0700
-+++ node-v4.6.1/src/tls_wrap.h 2017-04-12 13:35:51.214213644 -0700
-@@ -132,7 +132,7 @@
- static void SetVerifyMode(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void EnableSessionCallbacks(
- const v8::FunctionCallbackInfo<v8::Value>& args);
-- static void EnableCertCb(
-+ static void EnableHelloParser(
- const v8::FunctionCallbackInfo<v8::Value>& args);
- static void DestroySSL(const v8::FunctionCallbackInfo<v8::Value>& args);
-
-@@ -160,6 +160,10 @@
- // If true - delivered EOF to the js-land, either after `close_notify`, or
- // after the `UV_EOF` on socket.
- bool eof_;
-+
-+#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-+ v8::Persistent<v8::Value> sni_context_;
-+#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- };
-
- } // namespace node
-diff -Naur node-v4.6.1.orig/test/parallel/test-tls-cnnic-whitelist.js
node-v4.6.1/test/parallel/test-tls-cnnic-whitelist.js
---- node-v4.6.1.orig/test/parallel/test-tls-cnnic-whitelist.js 2017-04-12
12:40:43.865233168 -0700
-+++ node-v4.6.1/test/parallel/test-tls-cnnic-whitelist.js 2017-04-12
12:58:14.901936343 -0700
-@@ -53,7 +53,9 @@
- port: undefined,
- rejectUnauthorized: true
- },
-- errorCode: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
-+ // LibreSSL returns CERT_UNTRUSTED in this case, OpenSSL
UNABLE_TO_GET_ISSUER_CERT_LOCALLY.
-+ errorCode: 'CERT_UNTRUSTED'
-+ // errorCode: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
- }
- ];
-
-diff -Naur node-v4.6.1.orig/test/parallel/test-tls-sni-server-client.js
node-v4.6.1/test/parallel/test-tls-sni-server-client.js
---- node-v4.6.1.orig/test/parallel/test-tls-sni-server-client.js
2017-04-12 12:40:43.878233326 -0700
-+++ node-v4.6.1/test/parallel/test-tls-sni-server-client.js 2017-04-12
13:00:18.804418594 -0700
-@@ -36,39 +36,37 @@
- 'asterisk.test.com': {
- key: loadPEM('agent3-key'),
- cert: loadPEM('agent3-cert')
-- },
-- 'chain.example.com': {
-- key: loadPEM('agent6-key'),
-- // NOTE: Contains ca3 chain cert
-- cert: loadPEM('agent6-cert')
- }
- };
-
- var clientsOptions = [{
- port: undefined,
-+ key: loadPEM('agent1-key'),
-+ cert: loadPEM('agent1-cert'),
- ca: [loadPEM('ca1-cert')],
- servername: 'a.example.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent2-key'),
-+ cert: loadPEM('agent2-cert'),
- ca: [loadPEM('ca2-cert')],
- servername: 'b.test.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent2-key'),
-+ cert: loadPEM('agent2-cert'),
- ca: [loadPEM('ca2-cert')],
- servername: 'a.b.test.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent3-key'),
-+ cert: loadPEM('agent3-cert'),
- ca: [loadPEM('ca1-cert')],
- servername: 'c.wrong.com',
- rejectUnauthorized: false
--}, {
-- port: undefined,
-- ca: [loadPEM('ca1-cert')],
-- servername: 'chain.example.com',
-- rejectUnauthorized: false
- }];
-
- const serverResults = [];
-@@ -80,7 +78,6 @@
-
- server.addContext('a.example.com', SNIContexts['a.example.com']);
- server.addContext('*.test.com', SNIContexts['asterisk.test.com']);
--server.addContext('chain.example.com', SNIContexts['chain.example.com']);
-
- server.listen(0, startTest);
-
-@@ -109,8 +106,7 @@
-
- process.on('exit', function() {
- assert.deepEqual(serverResults, [
-- 'a.example.com', 'b.test.com', 'a.b.test.com', 'c.wrong.com',
-- 'chain.example.com'
-+ 'a.example.com', 'b.test.com', 'a.b.test.com', 'c.wrong.com'
- ]);
-- assert.deepEqual(clientResults, [true, true, false, false, true]);
-+ assert.deepEqual(clientResults, [true, true, false, false]);
- });
diff --git a/net-libs/nodejs/files/nodejs-8.1.0-libressl.patch
b/net-libs/nodejs/files/nodejs-8.1.0-libressl.patch
deleted file mode 100644
index 31493be..0000000
--- a/net-libs/nodejs/files/nodejs-8.1.0-libressl.patch
+++ /dev/null
@@ -1,697 +0,0 @@
-diff -Naur node-v4.6.1.orig/lib/_tls_wrap.js node-v4.6.1/lib/_tls_wrap.js
---- node-v4.6.1.orig/lib/_tls_wrap.js 2017-04-12 12:40:43.517228944 -0700
-+++ node-v4.6.1/lib/_tls_wrap.js 2017-04-12 12:49:51.155877106 -0700
-@@ -165,30 +165,33 @@
- if (err)
- return self.destroy(err);
-
-- self._handle.endParser();
-- });
--}
--
--
--function oncertcb(info) {
-- var self = this;
-- var servername = info.servername;
--
-- loadSNI(self, servername, function(err, ctx) {
-- if (err)
-- return self.destroy(err);
-- requestOCSP(self, info, ctx, function(err) {
-+ // Servername came from SSL session
-+ // NOTE: TLS Session ticket doesn't include servername information
-+ //
-+ // Another note, From RFC3546:
-+ //
-+ // If, on the other hand, the older
-+ // session is resumed, then the server MUST ignore extensions appearing
-+ // in the client hello, and send a server hello containing no
-+ // extensions; in this case the extension functionality negotiated
-+ // during the original session initiation is applied to the resumed
-+ // session.
-+ //
-+ // Therefore we should account session loading when dealing with
servername
-+ var servername = session && session.servername || hello.servername;
-+ loadSNI(self, servername, function(err, ctx) {
- if (err)
- return self.destroy(err);
-
-- if (!self._handle)
-- return self.destroy(new Error('Socket is closed'));
-+ requestOCSP(self, info, ctx, function(err) {
-+ if (err)
-+ return self.destroy(err);
-+
-+ if (!self._handle)
-+ return self.destroy(new Error('Socket is closed'));
-
-- try {
-- self._handle.certCbDone();
-- } catch (e) {
-- self.destroy(e);
-- }
-+ self._handle.endParser();
-+ });
- });
- });
- }
-@@ -410,18 +413,15 @@
- ssl.onhandshakestart = () => onhandshakestart.call(this);
- ssl.onhandshakedone = () => onhandshakedone.call(this);
- ssl.onclienthello = (hello) => onclienthello.call(this, hello);
-- ssl.oncertcb = (info) => oncertcb.call(this, info);
- ssl.onnewsession = (key, session) => onnewsession.call(this, key,
session);
- ssl.lastHandshakeTime = 0;
- ssl.handshakes = 0;
-
-- if (this.server) {
-- if (this.server.listenerCount('resumeSession') > 0 ||
-- this.server.listenerCount('newSession') > 0) {
-- ssl.enableSessionCallbacks();
-- }
-- if (this.server.listenerCount('OCSPRequest') > 0)
-- ssl.enableCertCb();
-+ if (this.server &&
-+ (this.server.listenerCount('resumeSession') > 0 ||
-+ this.server.listenerCount('newSession') > 0 ||
-+ this.server.listenerCount('OCSPRequest') > 0)) {
-+ ssl.enableSessionCallbacks();
- }
- } else {
- ssl.onhandshakestart = function() {};
-@@ -463,7 +463,7 @@
- options.server._contexts.length)) {
- assert(typeof options.SNICallback === 'function');
- this._SNICallback = options.SNICallback;
-- ssl.enableCertCb();
-+ ssl.enableHelloParser();
- }
-
- if (process.features.tls_npn && options.NPNProtocols)
-diff -Naur node-v4.6.1.orig/src/env.h node-v4.6.1/src/env.h
---- node-v4.6.1.orig/src/env.h 2017-04-12 12:40:43.536229174 -0700
-+++ node-v4.6.1/src/env.h 2017-04-12 12:50:02.055009418 -0700
-@@ -57,7 +57,6 @@
- V(bytes_read_string, "bytesRead")
\
- V(callback_string, "callback")
\
- V(change_string, "change")
\
-- V(oncertcb_string, "oncertcb")
\
- V(onclose_string, "_onclose")
\
- V(code_string, "code")
\
- V(compare_string, "compare")
\
-diff -Naur node-v4.6.1.orig/src/node.cc node-v4.6.1/src/node.cc
---- node-v4.6.1.orig/src/node.cc 2017-06-08 05:31:34.000000000 -0500
-+++ node-v4.6.1/src/node.cc 2017-06-30 10:26:59.945166636 -0500
-@@ -202,7 +202,7 @@
- false;
- #endif
-
--# if NODE_FIPS_MODE
-+# if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- // used by crypto module
- bool enable_fips_crypto = false;
- bool force_fips_crypto = false;
-@@ -3676,7 +3676,7 @@
- " (default)"
- #endif
- "\n"
--#if NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- " --enable-fips enable FIPS crypto at startup\n"
- " --force-fips force FIPS crypto (cannot be
disabled)\n"
- #endif /* NODE_FIPS_MODE */
-@@ -3926,7 +3926,7 @@
- } else if (strncmp(arg, "--use-bundled-ca", 16) == 0) {
- use_bundled_ca = true;
- ssl_openssl_cert_store = false;
--#if NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- } else if (strcmp(arg, "--enable-fips") == 0) {
- enable_fips_crypto = true;
- } else if (strcmp(arg, "--force-fips") == 0) {
-@@ -4624,7 +4624,7 @@
- if (SafeGetenv("NODE_EXTRA_CA_CERTS", &extra_ca_certs))
- crypto::UseExtraCaCerts(extra_ca_certs);
- }
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- // In the case of FIPS builds we should make sure
- // the random source is properly initialized first.
- OPENSSL_init();
-diff -Naur node-v4.6.1.orig/src/node_crypto.cc node-v4.6.1/src/node_crypto.cc
---- node-v4.6.1.orig/src/node_crypto.cc 2017-04-12 12:40:43.541229235
-0700
-+++ node-v4.6.1/src/node_crypto.cc 2017-04-12 12:52:59.371161636 -0700
-@@ -160,8 +160,6 @@
- #endif
-
- template void SSLWrap<TLSWrap>::DestroySSL();
--template int SSLWrap<TLSWrap>::SSLCertCallback(SSL* s, void* arg);
--template void SSLWrap<TLSWrap>::WaitForCertCb(CertCb cb, void* arg);
-
-
- static void crypto_threadid_cb(CRYPTO_THREADID* tid) {
-@@ -525,8 +523,7 @@
- for (int i = 0; i < sk_X509_num(extra_certs); i++) {
- X509* ca = sk_X509_value(extra_certs, i);
-
-- // NOTE: Increments reference count on `ca`
-- r = SSL_CTX_add1_chain_cert(ctx, ca);
-+ r = SSL_CTX_add_extra_chain_cert(ctx, ca);
-
- if (!r) {
- ret = 0;
-@@ -717,7 +717,7 @@
- }
-
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(OPENSSL_IS_BORINGSSL))
|| defined(LIBRESSL_VERSION_NUMBER)
- // This section contains OpenSSL 1.1.0 functions reimplemented for OpenSSL
- // 1.0.2 so that the following code can be written without lots of #if lines.
-
-@@ -725,11 +725,12 @@
- CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
- return 1;
- }
--
-+#if !defined(LIBRESSL_VERSION_NUMBER)
- static int X509_up_ref(X509* cert) {
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
- return 1;
- }
-+#endif
- #endif // OPENSSL_VERSION_NUMBER < 0x10100000L && !OPENSSL_IS_BORINGSSL
-
-
-@@ -1194,7 +1194,7 @@
- SecureContext* wrap;
- ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
-
-- wrap->ctx_->freelist_max_len = args[0]->Int32Value();
-+ //wrap->ctx_->freelist_max_len = args[0]->Int32Value();
- #endif
- }
-
-@@ -1188,7 +1185,6 @@
- env->SetProtoMethod(t, "verifyError", VerifyError);
- env->SetProtoMethod(t, "getCurrentCipher", GetCurrentCipher);
- env->SetProtoMethod(t, "endParser", EndParser);
-- env->SetProtoMethod(t, "certCbDone", CertCbDone);
- env->SetProtoMethod(t, "renegotiate", Renegotiate);
- env->SetProtoMethod(t, "shutdownSSL", Shutdown);
- env->SetProtoMethod(t, "getTLSTicket", GetTLSTicket);
-@@ -2411,126 +2411,6 @@
-
-
- template <class Base>
--void SSLWrap<Base>::WaitForCertCb(CertCb cb, void* arg) {
-- cert_cb_ = cb;
-- cert_cb_arg_ = arg;
--}
--
--
--template <class Base>
--int SSLWrap<Base>::SSLCertCallback(SSL* s, void* arg) {
-- Base* w = static_cast<Base*>(SSL_get_app_data(s));
--
-- if (!w->is_server())
-- return 1;
--
-- if (!w->is_waiting_cert_cb())
-- return 1;
--
-- if (w->cert_cb_running_)
-- return -1;
--
-- Environment* env = w->env();
-- HandleScope handle_scope(env->isolate());
-- Context::Scope context_scope(env->context());
-- w->cert_cb_running_ = true;
--
-- Local<Object> info = Object::New(env->isolate());
--
-- const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
-- if (servername == nullptr) {
-- info->Set(env->servername_string(), String::Empty(env->isolate()));
-- } else {
-- Local<String> str = OneByteString(env->isolate(), servername,
-- strlen(servername));
-- info->Set(env->servername_string(), str);
-- }
--
-- bool ocsp = false;
--#ifdef NODE__HAVE_TLSEXT_STATUS_CB
-- ocsp = s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp;
--#endif
--
-- info->Set(env->ocsp_request_string(), Boolean::New(env->isolate(), ocsp));
--
-- Local<Value> argv[] = { info };
-- w->MakeCallback(env->oncertcb_string(), arraysize(argv), argv);
--
-- if (!w->cert_cb_running_)
-- return 1;
--
-- // Performing async action, wait...
-- return -1;
--}
--
--
--template <class Base>
--void SSLWrap<Base>::CertCbDone(const FunctionCallbackInfo<Value>& args) {
-- Base* w;
-- ASSIGN_OR_RETURN_UNWRAP(&w, args.Holder());
-- Environment* env = w->env();
--
-- CHECK(w->is_waiting_cert_cb() && w->cert_cb_running_);
--
-- Local<Object> object = w->object();
-- Local<Value> ctx = object->Get(env->sni_context_string());
-- Local<FunctionTemplate> cons = env->secure_context_constructor_template();
--
-- // Not an object, probably undefined or null
-- if (!ctx->IsObject())
-- goto fire_cb;
--
-- if (cons->HasInstance(ctx)) {
-- SecureContext* sc;
-- ASSIGN_OR_RETURN_UNWRAP(&sc, ctx.As<Object>());
-- w->sni_context_.Reset();
-- w->sni_context_.Reset(env->isolate(), ctx);
--
-- int rv;
--
-- // NOTE: reference count is not increased by this API methods
-- X509* x509 = SSL_CTX_get0_certificate(sc->ctx_);
-- EVP_PKEY* pkey = SSL_CTX_get0_privatekey(sc->ctx_);
-- STACK_OF(X509)* chain;
--
-- rv = SSL_CTX_get0_chain_certs(sc->ctx_, &chain);
-- if (rv)
-- rv = SSL_use_certificate(w->ssl_, x509);
-- if (rv)
-- rv = SSL_use_PrivateKey(w->ssl_, pkey);
-- if (rv && chain != nullptr)
-- rv = SSL_set1_chain(w->ssl_, chain);
-- if (rv)
-- rv = w->SetCACerts(sc);
-- if (!rv) {
-- unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
-- if (!err)
-- return env->ThrowError("CertCbDone");
-- return ThrowCryptoError(env, err);
-- }
-- } else {
-- // Failure: incorrect SNI context object
-- Local<Value> err = Exception::TypeError(env->sni_context_err_string());
-- w->MakeCallback(env->onerror_string(), 1, &err);
-- return;
-- }
--
-- fire_cb:
-- CertCb cb;
-- void* arg;
--
-- cb = w->cert_cb_;
-- arg = w->cert_cb_arg_;
--
-- w->cert_cb_running_ = false;
-- w->cert_cb_ = nullptr;
-- w->cert_cb_arg_ = nullptr;
--
-- cb(arg);
--}
--
--
--template <class Base>
- void SSLWrap<Base>::SSLGetter(Local<String> property,
- const PropertyCallbackInfo<Value>& info) {
- Base* base;
-@@ -2232,10 +2105,6 @@
-
- template <class Base>
- int SSLWrap<Base>::SetCACerts(SecureContext* sc) {
-- int err = SSL_set1_verify_cert_store(ssl_,
SSL_CTX_get_cert_store(sc->ctx_));
-- if (err != 1)
-- return err;
--
- STACK_OF(X509_NAME)* list = SSL_dup_CA_list(
- SSL_CTX_get_client_CA_list(sc->ctx_));
-
-@@ -2329,10 +2198,6 @@
- DEBUG_PRINT("[%p] SSL: %s want read\n", ssl_, func);
- return 0;
-
-- } else if (err == SSL_ERROR_WANT_X509_LOOKUP) {
-- DEBUG_PRINT("[%p] SSL: %s want x509 lookup\n", ssl_, func);
-- return 0;
--
- } else if (err == SSL_ERROR_ZERO_RETURN) {
- HandleScope scope(ssl_env()->isolate());
-
-@@ -2875,7 +2755,8 @@
- SSL* ssl = static_cast<SSL*>(
- X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
-
-- if (SSL_is_server(ssl))
-+ //if (SSL_is_server(ssl))
-+ if(ssl->server)
- return CHECK_OK;
-
- // Client needs to check if the server cert is listed in the
-@@ -2540,7 +2405,7 @@
-
- // Call the SNI callback and use its return value as context
- if (!conn->sniObject_.IsEmpty()) {
-- conn->sni_context_.Reset();
-+ conn->sniContext_.Reset();
-
- Local<Object> sni_obj = PersistentToLocal(env->isolate(),
- conn->sniObject_);
-@@ -2918,7 +2799,7 @@
- Local<FunctionTemplate> secure_context_constructor_template =
- env->secure_context_constructor_template();
- if (secure_context_constructor_template->HasInstance(ret)) {
-- conn->sni_context_.Reset(env->isolate(), ret);
-+ conn->sniContext_.Reset(env->isolate(), ret);
- SecureContext* sc;
- ASSIGN_OR_RETURN_UNWRAP(&sc, ret.As<Object>(), SSL_TLSEXT_ERR_NOACK);
- conn->SetSNIContext(sc);
-@@ -2594,8 +2459,6 @@
-
- InitNPN(sc);
-
-- SSL_set_cert_cb(conn->ssl_, SSLWrap<Connection>::SSLCertCallback, conn);
--
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- if (is_server) {
- SSL_CTX_set_tlsext_servername_callback(sc->ctx_,
SelectSNIContextCallback_);
-@@ -3335,7 +3335,7 @@
- int key_buf_len) {
- HandleScope scope(env()->isolate());
-
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- if (FIPS_mode()) {
- return env()->ThrowError(
- "crypto.createCipher() is not supported in FIPS mode.");
-@@ -4185,7 +4185,7 @@
- if (pkey == nullptr || 0 != ERR_peek_error())
- goto exit;
-
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- /* Validate DSA2 parameters from FIPS 186-4 */
- if (FIPS_mode() && EVP_PKEY_DSA == pkey->type) {
- size_t L = BN_num_bits(pkey->pkey.dsa->p);
-@@ -6132,7 +6132,7 @@
- CRYPTO_set_locking_callback(crypto_lock_cb);
- CRYPTO_THREADID_set_callback(crypto_threadid_cb);
-
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- /* Override FIPS settings in cnf file, if needed. */
- unsigned long err = 0; // NOLINT(runtime/int)
- if (enable_fips_crypto || force_fips_crypto) {
-@@ -6201,16 +6201,20 @@
- #endif // !OPENSSL_NO_ENGINE
-
- void GetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- if (FIPS_mode()) {
- args.GetReturnValue().Set(1);
- } else {
- args.GetReturnValue().Set(0);
- }
-+#else
-+ args.GetReturnValue().Set(0);
-+#endif
- }
-
- void SetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
- Environment* env = Environment::GetCurrent(args);
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- bool mode = args[0]->BooleanValue();
- if (force_fips_crypto) {
- return env->ThrowError(
-diff -Naur node-v4.6.1.orig/src/node_crypto.h node-v4.6.1/src/node_crypto.h
---- node-v4.6.1.orig/src/node_crypto.h 2017-04-12 12:40:43.541229235 -0700
-+++ node-v4.6.1/src/node_crypto.h 2017-04-12 12:55:08.867710808 -0700
-@@ -179,10 +179,7 @@
- kind_(kind),
- next_sess_(nullptr),
- session_callbacks_(false),
-- new_session_wait_(false),
-- cert_cb_(nullptr),
-- cert_cb_arg_(nullptr),
-- cert_cb_running_(false) {
-+ new_session_wait_(false) {
- ssl_ = SSL_new(sc->ctx_);
- env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
- CHECK_NE(ssl_, nullptr);
-@@ -200,9 +200,6 @@
- next_sess_ = nullptr;
- }
-
--#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-- sni_context_.Reset();
--#endif
-
- #ifdef NODE__HAVE_TLSEXT_STATUS_CB
- ocsp_response_.Reset();
-@@ -212,11 +206,8 @@
- inline bool is_server() const { return kind_ == kServer; }
- inline bool is_client() const { return kind_ == kClient; }
- inline bool is_waiting_new_session() const { return new_session_wait_; }
-- inline bool is_waiting_cert_cb() const { return cert_cb_ != nullptr; }
-
- protected:
-- typedef void (*CertCb)(void* arg);
--
- // Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
- // some for buffers.
- // NOTE: Actually it is much more than this
-@@ -244,7 +235,6 @@
- static void VerifyError(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void GetCurrentCipher(const v8::FunctionCallbackInfo<v8::Value>&
args);
- static void EndParser(const v8::FunctionCallbackInfo<v8::Value>& args);
-- static void CertCbDone(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void Renegotiate(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void Shutdown(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void GetTLSTicket(const v8::FunctionCallbackInfo<v8::Value>& args);
-@@ -273,12 +263,10 @@
- void* arg);
- #endif // OPENSSL_NPN_NEGOTIATED
- static int TLSExtStatusCallback(SSL* s, void* arg);
-- static int SSLCertCallback(SSL* s, void* arg);
- static void SSLGetter(v8::Local<v8::String> property,
- const v8::PropertyCallbackInfo<v8::Value>& info);
-
- void DestroySSL();
-- void WaitForCertCb(CertCb cb, void* arg);
- void SetSNIContext(SecureContext* sc);
- int SetCACerts(SecureContext* sc);
-
-@@ -293,11 +281,6 @@
- bool session_callbacks_;
- bool new_session_wait_;
-
-- // SSL_set_cert_cb
-- CertCb cert_cb_;
-- void* cert_cb_arg_;
-- bool cert_cb_running_;
--
- ClientHelloParser hello_parser_;
-
- #ifdef NODE__HAVE_TLSEXT_STATUS_CB
-@@ -309,10 +292,6 @@
- v8::Persistent<v8::Value> selected_npn_proto_;
- #endif // OPENSSL_NPN_NEGOTIATED
-
--#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-- v8::Persistent<v8::Value> sni_context_;
--#endif
--
- friend class SecureContext;
- };
-
-@@ -324,6 +303,7 @@
- ~Connection() override {
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- sniObject_.Reset();
-+ sniContext_.Reset();
- servername_.Reset();
- #endif
- }
-@@ -338,6 +318,7 @@
-
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- v8::Persistent<v8::Object> sniObject_;
-+ v8::Persistent<v8::Value> sniContext_;
- v8::Persistent<v8::String> servername_;
- #endif
-
-diff -Naur node-v4.6.1.orig/src/tls_wrap.cc node-v4.6.1/src/tls_wrap.cc
---- node-v4.6.1.orig/src/tls_wrap.cc 2017-04-12 12:40:43.557229429 -0700
-+++ node-v4.6.1/src/tls_wrap.cc 2017-04-12 13:36:49.323009154 -0700
-@@ -141,8 +141,6 @@
-
- InitNPN(sc_);
-
-- SSL_set_cert_cb(ssl_, SSLWrap<TLSWrap>::SSLCertCallback, this);
--
- if (is_server()) {
- SSL_set_accept_state(ssl_);
- } else if (is_client()) {
-@@ -353,7 +351,6 @@
- case SSL_ERROR_NONE:
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_WRITE:
-- case SSL_ERROR_WANT_X509_LOOKUP:
- break;
- case SSL_ERROR_ZERO_RETURN:
- return scope.Escape(env()->zero_return_string());
-@@ -769,6 +766,11 @@
- "EnableSessionCallbacks after destroySSL");
- }
- wrap->enable_session_callbacks();
-+ EnableHelloParser(args);
-+}
-+
-+void TLSWrap::EnableHelloParser(const FunctionCallbackInfo<Value>& args) {
-+ TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
- NodeBIO::FromBIO(wrap->enc_in_)->set_initial(kMaxHelloLength);
- wrap->hello_parser_.Start(SSLWrap<TLSWrap>::OnClientHello,
- OnClientHelloParseEnd,
-@@ -833,13 +833,6 @@
- }
-
-
--void TLSWrap::EnableCertCb(const FunctionCallbackInfo<Value>& args) {
-- TLSWrap* wrap;
-- ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
-- wrap->WaitForCertCb(OnClientHelloParseEnd, wrap);
--}
--
--
- void TLSWrap::OnClientHelloParseEnd(void* arg) {
- TLSWrap* c = static_cast<TLSWrap*>(arg);
- c->Cycle();
-@@ -896,8 +892,8 @@
- env->SetProtoMethod(t, "start", Start);
- env->SetProtoMethod(t, "setVerifyMode", SetVerifyMode);
- env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
-+ env->SetProtoMethod(t, "enableHelloParser", EnableHelloParser);
- env->SetProtoMethod(t, "destroySSL", DestroySSL);
-- env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
-
- StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
- SSLWrap<TLSWrap>::AddMethods(env, t);
-diff -Naur node-v4.6.1.orig/src/tls_wrap.h node-v4.6.1/src/tls_wrap.h
---- node-v4.6.1.orig/src/tls_wrap.h 2017-04-12 12:40:43.558229441 -0700
-+++ node-v4.6.1/src/tls_wrap.h 2017-04-12 13:35:51.214213644 -0700
-@@ -132,7 +132,7 @@
- static void SetVerifyMode(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void EnableSessionCallbacks(
- const v8::FunctionCallbackInfo<v8::Value>& args);
-- static void EnableCertCb(
-+ static void EnableHelloParser(
- const v8::FunctionCallbackInfo<v8::Value>& args);
- static void DestroySSL(const v8::FunctionCallbackInfo<v8::Value>& args);
-
-@@ -160,6 +160,10 @@
- // If true - delivered EOF to the js-land, either after `close_notify`, or
- // after the `UV_EOF` on socket.
- bool eof_;
-+
-+#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-+ v8::Persistent<v8::Value> sni_context_;
-+#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- };
-
- } // namespace node
-diff -Naur node-v4.6.1.orig/test/parallel/test-tls-cnnic-whitelist.js
node-v4.6.1/test/parallel/test-tls-cnnic-whitelist.js
---- node-v4.6.1.orig/test/parallel/test-tls-cnnic-whitelist.js 2017-04-12
12:40:43.865233168 -0700
-+++ node-v4.6.1/test/parallel/test-tls-cnnic-whitelist.js 2017-04-12
12:58:14.901936343 -0700
-@@ -53,7 +53,9 @@
- port: undefined,
- rejectUnauthorized: true
- },
-- errorCode: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
-+ // LibreSSL returns CERT_UNTRUSTED in this case, OpenSSL
UNABLE_TO_GET_ISSUER_CERT_LOCALLY.
-+ errorCode: 'CERT_UNTRUSTED'
-+ // errorCode: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
- }
- ];
-
-diff -Naur node-v4.6.1.orig/test/parallel/test-tls-sni-server-client.js
node-v4.6.1/test/parallel/test-tls-sni-server-client.js
---- node-v4.6.1.orig/test/parallel/test-tls-sni-server-client.js
2017-04-12 12:40:43.878233326 -0700
-+++ node-v4.6.1/test/parallel/test-tls-sni-server-client.js 2017-04-12
13:00:18.804418594 -0700
-@@ -56,39 +56,37 @@
- 'asterisk.test.com': {
- key: loadPEM('agent3-key'),
- cert: loadPEM('agent3-cert')
-- },
-- 'chain.example.com': {
-- key: loadPEM('agent6-key'),
-- // NOTE: Contains ca3 chain cert
-- cert: loadPEM('agent6-cert')
- }
- };
-
- const clientsOptions = [{
- port: undefined,
-+ key: loadPEM('agent1-key'),
-+ cert: loadPEM('agent1-cert'),
- ca: [loadPEM('ca1-cert')],
- servername: 'a.example.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent2-key'),
-+ cert: loadPEM('agent2-cert'),
- ca: [loadPEM('ca2-cert')],
- servername: 'b.test.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent2-key'),
-+ cert: loadPEM('agent2-cert'),
- ca: [loadPEM('ca2-cert')],
- servername: 'a.b.test.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent3-key'),
-+ cert: loadPEM('agent3-cert'),
- ca: [loadPEM('ca1-cert')],
- servername: 'c.wrong.com',
- rejectUnauthorized: false
--}, {
-- port: undefined,
-- ca: [loadPEM('ca1-cert')],
-- servername: 'chain.example.com',
-- rejectUnauthorized: false
- }];
-
- const serverResults = [];
-@@ -80,7 +78,6 @@
-
- server.addContext('a.example.com', SNIContexts['a.example.com']);
- server.addContext('*.test.com', SNIContexts['asterisk.test.com']);
--server.addContext('chain.example.com', SNIContexts['chain.example.com']);
-
- server.listen(0, startTest);
-
-@@ -128,8 +126,7 @@
-
- process.on('exit', function() {
- assert.deepStrictEqual(serverResults, [
-- 'a.example.com', 'b.test.com', 'a.b.test.com', 'c.wrong.com',
-- 'chain.example.com'
-+ 'a.example.com', 'b.test.com', 'a.b.test.com', 'c.wrong.com'
- ]);
-- assert.deepStrictEqual(clientResults, [true, true, false, false, true]);
-+ assert.deepStrictEqual(clientResults, [true, true, false, false]);
- });
diff --git a/net-libs/nodejs/files/nodejs-8.1.1-libressl.patch
b/net-libs/nodejs/files/nodejs-8.1.1-libressl.patch
deleted file mode 100644
index 31493be..0000000
--- a/net-libs/nodejs/files/nodejs-8.1.1-libressl.patch
+++ /dev/null
@@ -1,697 +0,0 @@
-diff -Naur node-v4.6.1.orig/lib/_tls_wrap.js node-v4.6.1/lib/_tls_wrap.js
---- node-v4.6.1.orig/lib/_tls_wrap.js 2017-04-12 12:40:43.517228944 -0700
-+++ node-v4.6.1/lib/_tls_wrap.js 2017-04-12 12:49:51.155877106 -0700
-@@ -165,30 +165,33 @@
- if (err)
- return self.destroy(err);
-
-- self._handle.endParser();
-- });
--}
--
--
--function oncertcb(info) {
-- var self = this;
-- var servername = info.servername;
--
-- loadSNI(self, servername, function(err, ctx) {
-- if (err)
-- return self.destroy(err);
-- requestOCSP(self, info, ctx, function(err) {
-+ // Servername came from SSL session
-+ // NOTE: TLS Session ticket doesn't include servername information
-+ //
-+ // Another note, From RFC3546:
-+ //
-+ // If, on the other hand, the older
-+ // session is resumed, then the server MUST ignore extensions appearing
-+ // in the client hello, and send a server hello containing no
-+ // extensions; in this case the extension functionality negotiated
-+ // during the original session initiation is applied to the resumed
-+ // session.
-+ //
-+ // Therefore we should account session loading when dealing with
servername
-+ var servername = session && session.servername || hello.servername;
-+ loadSNI(self, servername, function(err, ctx) {
- if (err)
- return self.destroy(err);
-
-- if (!self._handle)
-- return self.destroy(new Error('Socket is closed'));
-+ requestOCSP(self, info, ctx, function(err) {
-+ if (err)
-+ return self.destroy(err);
-+
-+ if (!self._handle)
-+ return self.destroy(new Error('Socket is closed'));
-
-- try {
-- self._handle.certCbDone();
-- } catch (e) {
-- self.destroy(e);
-- }
-+ self._handle.endParser();
-+ });
- });
- });
- }
-@@ -410,18 +413,15 @@
- ssl.onhandshakestart = () => onhandshakestart.call(this);
- ssl.onhandshakedone = () => onhandshakedone.call(this);
- ssl.onclienthello = (hello) => onclienthello.call(this, hello);
-- ssl.oncertcb = (info) => oncertcb.call(this, info);
- ssl.onnewsession = (key, session) => onnewsession.call(this, key,
session);
- ssl.lastHandshakeTime = 0;
- ssl.handshakes = 0;
-
-- if (this.server) {
-- if (this.server.listenerCount('resumeSession') > 0 ||
-- this.server.listenerCount('newSession') > 0) {
-- ssl.enableSessionCallbacks();
-- }
-- if (this.server.listenerCount('OCSPRequest') > 0)
-- ssl.enableCertCb();
-+ if (this.server &&
-+ (this.server.listenerCount('resumeSession') > 0 ||
-+ this.server.listenerCount('newSession') > 0 ||
-+ this.server.listenerCount('OCSPRequest') > 0)) {
-+ ssl.enableSessionCallbacks();
- }
- } else {
- ssl.onhandshakestart = function() {};
-@@ -463,7 +463,7 @@
- options.server._contexts.length)) {
- assert(typeof options.SNICallback === 'function');
- this._SNICallback = options.SNICallback;
-- ssl.enableCertCb();
-+ ssl.enableHelloParser();
- }
-
- if (process.features.tls_npn && options.NPNProtocols)
-diff -Naur node-v4.6.1.orig/src/env.h node-v4.6.1/src/env.h
---- node-v4.6.1.orig/src/env.h 2017-04-12 12:40:43.536229174 -0700
-+++ node-v4.6.1/src/env.h 2017-04-12 12:50:02.055009418 -0700
-@@ -57,7 +57,6 @@
- V(bytes_read_string, "bytesRead")
\
- V(callback_string, "callback")
\
- V(change_string, "change")
\
-- V(oncertcb_string, "oncertcb")
\
- V(onclose_string, "_onclose")
\
- V(code_string, "code")
\
- V(compare_string, "compare")
\
-diff -Naur node-v4.6.1.orig/src/node.cc node-v4.6.1/src/node.cc
---- node-v4.6.1.orig/src/node.cc 2017-06-08 05:31:34.000000000 -0500
-+++ node-v4.6.1/src/node.cc 2017-06-30 10:26:59.945166636 -0500
-@@ -202,7 +202,7 @@
- false;
- #endif
-
--# if NODE_FIPS_MODE
-+# if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- // used by crypto module
- bool enable_fips_crypto = false;
- bool force_fips_crypto = false;
-@@ -3676,7 +3676,7 @@
- " (default)"
- #endif
- "\n"
--#if NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- " --enable-fips enable FIPS crypto at startup\n"
- " --force-fips force FIPS crypto (cannot be
disabled)\n"
- #endif /* NODE_FIPS_MODE */
-@@ -3926,7 +3926,7 @@
- } else if (strncmp(arg, "--use-bundled-ca", 16) == 0) {
- use_bundled_ca = true;
- ssl_openssl_cert_store = false;
--#if NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- } else if (strcmp(arg, "--enable-fips") == 0) {
- enable_fips_crypto = true;
- } else if (strcmp(arg, "--force-fips") == 0) {
-@@ -4624,7 +4624,7 @@
- if (SafeGetenv("NODE_EXTRA_CA_CERTS", &extra_ca_certs))
- crypto::UseExtraCaCerts(extra_ca_certs);
- }
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- // In the case of FIPS builds we should make sure
- // the random source is properly initialized first.
- OPENSSL_init();
-diff -Naur node-v4.6.1.orig/src/node_crypto.cc node-v4.6.1/src/node_crypto.cc
---- node-v4.6.1.orig/src/node_crypto.cc 2017-04-12 12:40:43.541229235
-0700
-+++ node-v4.6.1/src/node_crypto.cc 2017-04-12 12:52:59.371161636 -0700
-@@ -160,8 +160,6 @@
- #endif
-
- template void SSLWrap<TLSWrap>::DestroySSL();
--template int SSLWrap<TLSWrap>::SSLCertCallback(SSL* s, void* arg);
--template void SSLWrap<TLSWrap>::WaitForCertCb(CertCb cb, void* arg);
-
-
- static void crypto_threadid_cb(CRYPTO_THREADID* tid) {
-@@ -525,8 +523,7 @@
- for (int i = 0; i < sk_X509_num(extra_certs); i++) {
- X509* ca = sk_X509_value(extra_certs, i);
-
-- // NOTE: Increments reference count on `ca`
-- r = SSL_CTX_add1_chain_cert(ctx, ca);
-+ r = SSL_CTX_add_extra_chain_cert(ctx, ca);
-
- if (!r) {
- ret = 0;
-@@ -717,7 +717,7 @@
- }
-
-
--#if OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(OPENSSL_IS_BORINGSSL)
-+#if (OPENSSL_VERSION_NUMBER < 0x10100000L && !defined(OPENSSL_IS_BORINGSSL))
|| defined(LIBRESSL_VERSION_NUMBER)
- // This section contains OpenSSL 1.1.0 functions reimplemented for OpenSSL
- // 1.0.2 so that the following code can be written without lots of #if lines.
-
-@@ -725,11 +725,12 @@
- CRYPTO_add(&store->references, 1, CRYPTO_LOCK_X509_STORE);
- return 1;
- }
--
-+#if !defined(LIBRESSL_VERSION_NUMBER)
- static int X509_up_ref(X509* cert) {
- CRYPTO_add(&cert->references, 1, CRYPTO_LOCK_X509);
- return 1;
- }
-+#endif
- #endif // OPENSSL_VERSION_NUMBER < 0x10100000L && !OPENSSL_IS_BORINGSSL
-
-
-@@ -1194,7 +1194,7 @@
- SecureContext* wrap;
- ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
-
-- wrap->ctx_->freelist_max_len = args[0]->Int32Value();
-+ //wrap->ctx_->freelist_max_len = args[0]->Int32Value();
- #endif
- }
-
-@@ -1188,7 +1185,6 @@
- env->SetProtoMethod(t, "verifyError", VerifyError);
- env->SetProtoMethod(t, "getCurrentCipher", GetCurrentCipher);
- env->SetProtoMethod(t, "endParser", EndParser);
-- env->SetProtoMethod(t, "certCbDone", CertCbDone);
- env->SetProtoMethod(t, "renegotiate", Renegotiate);
- env->SetProtoMethod(t, "shutdownSSL", Shutdown);
- env->SetProtoMethod(t, "getTLSTicket", GetTLSTicket);
-@@ -2411,126 +2411,6 @@
-
-
- template <class Base>
--void SSLWrap<Base>::WaitForCertCb(CertCb cb, void* arg) {
-- cert_cb_ = cb;
-- cert_cb_arg_ = arg;
--}
--
--
--template <class Base>
--int SSLWrap<Base>::SSLCertCallback(SSL* s, void* arg) {
-- Base* w = static_cast<Base*>(SSL_get_app_data(s));
--
-- if (!w->is_server())
-- return 1;
--
-- if (!w->is_waiting_cert_cb())
-- return 1;
--
-- if (w->cert_cb_running_)
-- return -1;
--
-- Environment* env = w->env();
-- HandleScope handle_scope(env->isolate());
-- Context::Scope context_scope(env->context());
-- w->cert_cb_running_ = true;
--
-- Local<Object> info = Object::New(env->isolate());
--
-- const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
-- if (servername == nullptr) {
-- info->Set(env->servername_string(), String::Empty(env->isolate()));
-- } else {
-- Local<String> str = OneByteString(env->isolate(), servername,
-- strlen(servername));
-- info->Set(env->servername_string(), str);
-- }
--
-- bool ocsp = false;
--#ifdef NODE__HAVE_TLSEXT_STATUS_CB
-- ocsp = s->tlsext_status_type == TLSEXT_STATUSTYPE_ocsp;
--#endif
--
-- info->Set(env->ocsp_request_string(), Boolean::New(env->isolate(), ocsp));
--
-- Local<Value> argv[] = { info };
-- w->MakeCallback(env->oncertcb_string(), arraysize(argv), argv);
--
-- if (!w->cert_cb_running_)
-- return 1;
--
-- // Performing async action, wait...
-- return -1;
--}
--
--
--template <class Base>
--void SSLWrap<Base>::CertCbDone(const FunctionCallbackInfo<Value>& args) {
-- Base* w;
-- ASSIGN_OR_RETURN_UNWRAP(&w, args.Holder());
-- Environment* env = w->env();
--
-- CHECK(w->is_waiting_cert_cb() && w->cert_cb_running_);
--
-- Local<Object> object = w->object();
-- Local<Value> ctx = object->Get(env->sni_context_string());
-- Local<FunctionTemplate> cons = env->secure_context_constructor_template();
--
-- // Not an object, probably undefined or null
-- if (!ctx->IsObject())
-- goto fire_cb;
--
-- if (cons->HasInstance(ctx)) {
-- SecureContext* sc;
-- ASSIGN_OR_RETURN_UNWRAP(&sc, ctx.As<Object>());
-- w->sni_context_.Reset();
-- w->sni_context_.Reset(env->isolate(), ctx);
--
-- int rv;
--
-- // NOTE: reference count is not increased by this API methods
-- X509* x509 = SSL_CTX_get0_certificate(sc->ctx_);
-- EVP_PKEY* pkey = SSL_CTX_get0_privatekey(sc->ctx_);
-- STACK_OF(X509)* chain;
--
-- rv = SSL_CTX_get0_chain_certs(sc->ctx_, &chain);
-- if (rv)
-- rv = SSL_use_certificate(w->ssl_, x509);
-- if (rv)
-- rv = SSL_use_PrivateKey(w->ssl_, pkey);
-- if (rv && chain != nullptr)
-- rv = SSL_set1_chain(w->ssl_, chain);
-- if (rv)
-- rv = w->SetCACerts(sc);
-- if (!rv) {
-- unsigned long err = ERR_get_error(); // NOLINT(runtime/int)
-- if (!err)
-- return env->ThrowError("CertCbDone");
-- return ThrowCryptoError(env, err);
-- }
-- } else {
-- // Failure: incorrect SNI context object
-- Local<Value> err = Exception::TypeError(env->sni_context_err_string());
-- w->MakeCallback(env->onerror_string(), 1, &err);
-- return;
-- }
--
-- fire_cb:
-- CertCb cb;
-- void* arg;
--
-- cb = w->cert_cb_;
-- arg = w->cert_cb_arg_;
--
-- w->cert_cb_running_ = false;
-- w->cert_cb_ = nullptr;
-- w->cert_cb_arg_ = nullptr;
--
-- cb(arg);
--}
--
--
--template <class Base>
- void SSLWrap<Base>::SSLGetter(Local<String> property,
- const PropertyCallbackInfo<Value>& info) {
- Base* base;
-@@ -2232,10 +2105,6 @@
-
- template <class Base>
- int SSLWrap<Base>::SetCACerts(SecureContext* sc) {
-- int err = SSL_set1_verify_cert_store(ssl_,
SSL_CTX_get_cert_store(sc->ctx_));
-- if (err != 1)
-- return err;
--
- STACK_OF(X509_NAME)* list = SSL_dup_CA_list(
- SSL_CTX_get_client_CA_list(sc->ctx_));
-
-@@ -2329,10 +2198,6 @@
- DEBUG_PRINT("[%p] SSL: %s want read\n", ssl_, func);
- return 0;
-
-- } else if (err == SSL_ERROR_WANT_X509_LOOKUP) {
-- DEBUG_PRINT("[%p] SSL: %s want x509 lookup\n", ssl_, func);
-- return 0;
--
- } else if (err == SSL_ERROR_ZERO_RETURN) {
- HandleScope scope(ssl_env()->isolate());
-
-@@ -2875,7 +2755,8 @@
- SSL* ssl = static_cast<SSL*>(
- X509_STORE_CTX_get_ex_data(ctx, SSL_get_ex_data_X509_STORE_CTX_idx()));
-
-- if (SSL_is_server(ssl))
-+ //if (SSL_is_server(ssl))
-+ if(ssl->server)
- return CHECK_OK;
-
- // Client needs to check if the server cert is listed in the
-@@ -2540,7 +2405,7 @@
-
- // Call the SNI callback and use its return value as context
- if (!conn->sniObject_.IsEmpty()) {
-- conn->sni_context_.Reset();
-+ conn->sniContext_.Reset();
-
- Local<Object> sni_obj = PersistentToLocal(env->isolate(),
- conn->sniObject_);
-@@ -2918,7 +2799,7 @@
- Local<FunctionTemplate> secure_context_constructor_template =
- env->secure_context_constructor_template();
- if (secure_context_constructor_template->HasInstance(ret)) {
-- conn->sni_context_.Reset(env->isolate(), ret);
-+ conn->sniContext_.Reset(env->isolate(), ret);
- SecureContext* sc;
- ASSIGN_OR_RETURN_UNWRAP(&sc, ret.As<Object>(), SSL_TLSEXT_ERR_NOACK);
- conn->SetSNIContext(sc);
-@@ -2594,8 +2459,6 @@
-
- InitNPN(sc);
-
-- SSL_set_cert_cb(conn->ssl_, SSLWrap<Connection>::SSLCertCallback, conn);
--
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- if (is_server) {
- SSL_CTX_set_tlsext_servername_callback(sc->ctx_,
SelectSNIContextCallback_);
-@@ -3335,7 +3335,7 @@
- int key_buf_len) {
- HandleScope scope(env()->isolate());
-
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- if (FIPS_mode()) {
- return env()->ThrowError(
- "crypto.createCipher() is not supported in FIPS mode.");
-@@ -4185,7 +4185,7 @@
- if (pkey == nullptr || 0 != ERR_peek_error())
- goto exit;
-
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- /* Validate DSA2 parameters from FIPS 186-4 */
- if (FIPS_mode() && EVP_PKEY_DSA == pkey->type) {
- size_t L = BN_num_bits(pkey->pkey.dsa->p);
-@@ -6132,7 +6132,7 @@
- CRYPTO_set_locking_callback(crypto_lock_cb);
- CRYPTO_THREADID_set_callback(crypto_threadid_cb);
-
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- /* Override FIPS settings in cnf file, if needed. */
- unsigned long err = 0; // NOLINT(runtime/int)
- if (enable_fips_crypto || force_fips_crypto) {
-@@ -6201,16 +6201,20 @@
- #endif // !OPENSSL_NO_ENGINE
-
- void GetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- if (FIPS_mode()) {
- args.GetReturnValue().Set(1);
- } else {
- args.GetReturnValue().Set(0);
- }
-+#else
-+ args.GetReturnValue().Set(0);
-+#endif
- }
-
- void SetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
- Environment* env = Environment::GetCurrent(args);
--#ifdef NODE_FIPS_MODE
-+#if NODE_FIPS_MODE && !defined(LIBRESSL_VERSION_NUMBER)
- bool mode = args[0]->BooleanValue();
- if (force_fips_crypto) {
- return env->ThrowError(
-diff -Naur node-v4.6.1.orig/src/node_crypto.h node-v4.6.1/src/node_crypto.h
---- node-v4.6.1.orig/src/node_crypto.h 2017-04-12 12:40:43.541229235 -0700
-+++ node-v4.6.1/src/node_crypto.h 2017-04-12 12:55:08.867710808 -0700
-@@ -179,10 +179,7 @@
- kind_(kind),
- next_sess_(nullptr),
- session_callbacks_(false),
-- new_session_wait_(false),
-- cert_cb_(nullptr),
-- cert_cb_arg_(nullptr),
-- cert_cb_running_(false) {
-+ new_session_wait_(false) {
- ssl_ = SSL_new(sc->ctx_);
- env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
- CHECK_NE(ssl_, nullptr);
-@@ -200,9 +200,6 @@
- next_sess_ = nullptr;
- }
-
--#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-- sni_context_.Reset();
--#endif
-
- #ifdef NODE__HAVE_TLSEXT_STATUS_CB
- ocsp_response_.Reset();
-@@ -212,11 +206,8 @@
- inline bool is_server() const { return kind_ == kServer; }
- inline bool is_client() const { return kind_ == kClient; }
- inline bool is_waiting_new_session() const { return new_session_wait_; }
-- inline bool is_waiting_cert_cb() const { return cert_cb_ != nullptr; }
-
- protected:
-- typedef void (*CertCb)(void* arg);
--
- // Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
- // some for buffers.
- // NOTE: Actually it is much more than this
-@@ -244,7 +235,6 @@
- static void VerifyError(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void GetCurrentCipher(const v8::FunctionCallbackInfo<v8::Value>&
args);
- static void EndParser(const v8::FunctionCallbackInfo<v8::Value>& args);
-- static void CertCbDone(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void Renegotiate(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void Shutdown(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void GetTLSTicket(const v8::FunctionCallbackInfo<v8::Value>& args);
-@@ -273,12 +263,10 @@
- void* arg);
- #endif // OPENSSL_NPN_NEGOTIATED
- static int TLSExtStatusCallback(SSL* s, void* arg);
-- static int SSLCertCallback(SSL* s, void* arg);
- static void SSLGetter(v8::Local<v8::String> property,
- const v8::PropertyCallbackInfo<v8::Value>& info);
-
- void DestroySSL();
-- void WaitForCertCb(CertCb cb, void* arg);
- void SetSNIContext(SecureContext* sc);
- int SetCACerts(SecureContext* sc);
-
-@@ -293,11 +281,6 @@
- bool session_callbacks_;
- bool new_session_wait_;
-
-- // SSL_set_cert_cb
-- CertCb cert_cb_;
-- void* cert_cb_arg_;
-- bool cert_cb_running_;
--
- ClientHelloParser hello_parser_;
-
- #ifdef NODE__HAVE_TLSEXT_STATUS_CB
-@@ -309,10 +292,6 @@
- v8::Persistent<v8::Value> selected_npn_proto_;
- #endif // OPENSSL_NPN_NEGOTIATED
-
--#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-- v8::Persistent<v8::Value> sni_context_;
--#endif
--
- friend class SecureContext;
- };
-
-@@ -324,6 +303,7 @@
- ~Connection() override {
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- sniObject_.Reset();
-+ sniContext_.Reset();
- servername_.Reset();
- #endif
- }
-@@ -338,6 +318,7 @@
-
- #ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- v8::Persistent<v8::Object> sniObject_;
-+ v8::Persistent<v8::Value> sniContext_;
- v8::Persistent<v8::String> servername_;
- #endif
-
-diff -Naur node-v4.6.1.orig/src/tls_wrap.cc node-v4.6.1/src/tls_wrap.cc
---- node-v4.6.1.orig/src/tls_wrap.cc 2017-04-12 12:40:43.557229429 -0700
-+++ node-v4.6.1/src/tls_wrap.cc 2017-04-12 13:36:49.323009154 -0700
-@@ -141,8 +141,6 @@
-
- InitNPN(sc_);
-
-- SSL_set_cert_cb(ssl_, SSLWrap<TLSWrap>::SSLCertCallback, this);
--
- if (is_server()) {
- SSL_set_accept_state(ssl_);
- } else if (is_client()) {
-@@ -353,7 +351,6 @@
- case SSL_ERROR_NONE:
- case SSL_ERROR_WANT_READ:
- case SSL_ERROR_WANT_WRITE:
-- case SSL_ERROR_WANT_X509_LOOKUP:
- break;
- case SSL_ERROR_ZERO_RETURN:
- return scope.Escape(env()->zero_return_string());
-@@ -769,6 +766,11 @@
- "EnableSessionCallbacks after destroySSL");
- }
- wrap->enable_session_callbacks();
-+ EnableHelloParser(args);
-+}
-+
-+void TLSWrap::EnableHelloParser(const FunctionCallbackInfo<Value>& args) {
-+ TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
- NodeBIO::FromBIO(wrap->enc_in_)->set_initial(kMaxHelloLength);
- wrap->hello_parser_.Start(SSLWrap<TLSWrap>::OnClientHello,
- OnClientHelloParseEnd,
-@@ -833,13 +833,6 @@
- }
-
-
--void TLSWrap::EnableCertCb(const FunctionCallbackInfo<Value>& args) {
-- TLSWrap* wrap;
-- ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
-- wrap->WaitForCertCb(OnClientHelloParseEnd, wrap);
--}
--
--
- void TLSWrap::OnClientHelloParseEnd(void* arg) {
- TLSWrap* c = static_cast<TLSWrap*>(arg);
- c->Cycle();
-@@ -896,8 +892,8 @@
- env->SetProtoMethod(t, "start", Start);
- env->SetProtoMethod(t, "setVerifyMode", SetVerifyMode);
- env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
-+ env->SetProtoMethod(t, "enableHelloParser", EnableHelloParser);
- env->SetProtoMethod(t, "destroySSL", DestroySSL);
-- env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
-
- StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
- SSLWrap<TLSWrap>::AddMethods(env, t);
-diff -Naur node-v4.6.1.orig/src/tls_wrap.h node-v4.6.1/src/tls_wrap.h
---- node-v4.6.1.orig/src/tls_wrap.h 2017-04-12 12:40:43.558229441 -0700
-+++ node-v4.6.1/src/tls_wrap.h 2017-04-12 13:35:51.214213644 -0700
-@@ -132,7 +132,7 @@
- static void SetVerifyMode(const v8::FunctionCallbackInfo<v8::Value>& args);
- static void EnableSessionCallbacks(
- const v8::FunctionCallbackInfo<v8::Value>& args);
-- static void EnableCertCb(
-+ static void EnableHelloParser(
- const v8::FunctionCallbackInfo<v8::Value>& args);
- static void DestroySSL(const v8::FunctionCallbackInfo<v8::Value>& args);
-
-@@ -160,6 +160,10 @@
- // If true - delivered EOF to the js-land, either after `close_notify`, or
- // after the `UV_EOF` on socket.
- bool eof_;
-+
-+#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
-+ v8::Persistent<v8::Value> sni_context_;
-+#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
- };
-
- } // namespace node
-diff -Naur node-v4.6.1.orig/test/parallel/test-tls-cnnic-whitelist.js
node-v4.6.1/test/parallel/test-tls-cnnic-whitelist.js
---- node-v4.6.1.orig/test/parallel/test-tls-cnnic-whitelist.js 2017-04-12
12:40:43.865233168 -0700
-+++ node-v4.6.1/test/parallel/test-tls-cnnic-whitelist.js 2017-04-12
12:58:14.901936343 -0700
-@@ -53,7 +53,9 @@
- port: undefined,
- rejectUnauthorized: true
- },
-- errorCode: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
-+ // LibreSSL returns CERT_UNTRUSTED in this case, OpenSSL
UNABLE_TO_GET_ISSUER_CERT_LOCALLY.
-+ errorCode: 'CERT_UNTRUSTED'
-+ // errorCode: 'UNABLE_TO_GET_ISSUER_CERT_LOCALLY'
- }
- ];
-
-diff -Naur node-v4.6.1.orig/test/parallel/test-tls-sni-server-client.js
node-v4.6.1/test/parallel/test-tls-sni-server-client.js
---- node-v4.6.1.orig/test/parallel/test-tls-sni-server-client.js
2017-04-12 12:40:43.878233326 -0700
-+++ node-v4.6.1/test/parallel/test-tls-sni-server-client.js 2017-04-12
13:00:18.804418594 -0700
-@@ -56,39 +56,37 @@
- 'asterisk.test.com': {
- key: loadPEM('agent3-key'),
- cert: loadPEM('agent3-cert')
-- },
-- 'chain.example.com': {
-- key: loadPEM('agent6-key'),
-- // NOTE: Contains ca3 chain cert
-- cert: loadPEM('agent6-cert')
- }
- };
-
- const clientsOptions = [{
- port: undefined,
-+ key: loadPEM('agent1-key'),
-+ cert: loadPEM('agent1-cert'),
- ca: [loadPEM('ca1-cert')],
- servername: 'a.example.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent2-key'),
-+ cert: loadPEM('agent2-cert'),
- ca: [loadPEM('ca2-cert')],
- servername: 'b.test.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent2-key'),
-+ cert: loadPEM('agent2-cert'),
- ca: [loadPEM('ca2-cert')],
- servername: 'a.b.test.com',
- rejectUnauthorized: false
- }, {
- port: undefined,
-+ key: loadPEM('agent3-key'),
-+ cert: loadPEM('agent3-cert'),
- ca: [loadPEM('ca1-cert')],
- servername: 'c.wrong.com',
- rejectUnauthorized: false
--}, {
-- port: undefined,
-- ca: [loadPEM('ca1-cert')],
-- servername: 'chain.example.com',
-- rejectUnauthorized: false
- }];
-
- const serverResults = [];
-@@ -80,7 +78,6 @@
-
- server.addContext('a.example.com', SNIContexts['a.example.com']);
- server.addContext('*.test.com', SNIContexts['asterisk.test.com']);
--server.addContext('chain.example.com', SNIContexts['chain.example.com']);
-
- server.listen(0, startTest);
-
-@@ -128,8 +126,7 @@
-
- process.on('exit', function() {
- assert.deepStrictEqual(serverResults, [
-- 'a.example.com', 'b.test.com', 'a.b.test.com', 'c.wrong.com',
-- 'chain.example.com'
-+ 'a.example.com', 'b.test.com', 'a.b.test.com', 'c.wrong.com'
- ]);
-- assert.deepStrictEqual(clientResults, [true, true, false, false, true]);
-+ assert.deepStrictEqual(clientResults, [true, true, false, false]);
- });
diff --git a/net-libs/nodejs/nodejs-4.6.1.ebuild
b/net-libs/nodejs/nodejs-4.6.1.ebuild
deleted file mode 100644
index bf49ae0..0000000
--- a/net-libs/nodejs/nodejs-4.6.1.ebuild
+++ /dev/null
@@ -1,147 +0,0 @@
-# Copyright 1999-2016 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=5
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="threads"
-
-inherit flag-o-matic pax-utils python-single-r1 toolchain-funcs
-
-DESCRIPTION="A JavaScript runtime built on Chrome's V8 JavaScript engine"
-HOMEPAGE="https://nodejs.org/";
-SRC_URI="https://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz";
-
-LICENSE="Apache-1.1 Apache-2.0 BSD BSD-2 MIT"
-SLOT="0"
-KEYWORDS="amd64 ~arm ~arm64 ~ppc64 x86 ~x64-macos"
-IUSE="cpu_flags_x86_sse2 debug icu libressl +npm snapshot +ssl test"
-
-RDEPEND="icu? ( >=dev-libs/icu-55:= )
- npm? ( ${PYTHON_DEPS} )
- >=net-libs/http-parser-2.5.2:=
- >=dev-libs/libuv-1.8.0:=
- !libressl? ( >=dev-libs/openssl-1.0.2g:0=[-bindist] )
- libressl? ( dev-libs/libressl:0= )
- sys-libs/zlib"
-DEPEND="${RDEPEND}
- ${PYTHON_DEPS}
- test? ( net-misc/curl )"
-
-S="${WORKDIR}/node-v${PV}"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}"
-
-pkg_pretend() {
- (use x86 && ! use cpu_flags_x86_sse2) && \
- die "Your CPU doesn't support the required SSE2 instruction."
-
- ( [[ ${MERGE_TYPE} != "binary" ]] && ! test-flag-CXX -std=c++11 ) && \
- die "Your compiler doesn't support C++11. Use GCC 4.8, Clang
3.3 or newer."
-}
-
-src_prepare() {
- tc-export CC CXX PKG_CONFIG
- export V=1 # Verbose build
- export BUILDTYPE=Release
-
- # fix compilation on Darwin
- # https://code.google.com/p/gyp/issues/detail?id=260
- sed -i -e "/append('-arch/d" tools/gyp/pylib/gyp/xcode_emulation.py ||
die
-
- # make sure we use python2.* while using gyp
- sed -i -e "s/python/${EPYTHON}/" deps/npm/node_modules/node-gyp/gyp/gyp
|| die
- sed -i -e "s/|| 'python'/|| '${EPYTHON}'/"
deps/npm/node_modules/node-gyp/lib/configure.js || die
-
- # less verbose install output (stating the same as portage, basically)
- sed -i -e "/print/d" tools/install.py || die
-
- # proper libdir, hat tip @ryanpcmcquen
https://github.com/iojs/io.js/issues/504
- local LIBDIR=$(get_libdir)
- sed -i -e "s|lib/|${LIBDIR}/|g" tools/install.py || die
- sed -i -e "s/'lib'/'${LIBDIR}'/" lib/module.js || die
- sed -i -e "s|\"lib\"|\"${LIBDIR}\"|" deps/npm/lib/npm.js || die
-
- # Avoid a test that I've only been able to reproduce from emerge. It
doesnt
- # seem sandbox related either (invoking it from a sandbox works fine).
- # The issue is that no stdin handle is openened when asked for one.
- # It doesn't really belong upstream , so it'll just be removed until
someone
- # with more gentoo-knowledge than me (jbergstroem) figures it out.
- rm test/parallel/test-stdout-close-unref.js || die
-
- # debug builds. change install path, remove optimisations and override
buildtype
- if use debug; then
- sed -i -e "s|out/Release/|out/Debug/|g" tools/install.py || die
- BUILDTYPE=Debug
- fi
-
- # Fix for LibreSSL
- epatch "${FILESDIR}"/${P}-libressl.patch
-
- epatch_user
-}
-
-src_configure() {
- local myarch=""
- local myconf+=( --shared-openssl --shared-libuv --shared-http-parser
--shared-zlib )
- use npm || myconf+=( --without-npm )
- use icu && myconf+=( --with-intl=system-icu )
- use snapshot && myconf+=( --with-snapshot )
- use ssl || myconf+=( --without-ssl )
- use debug && myconf+=( --debug )
-
- case ${ABI} in
- amd64) myarch="x64";;
- arm) myarch="arm";;
- arm64) myarch="arm64";;
- ppc64) myarch="ppc64";;
- x32) myarch="x32";;
- x86) myarch="ia32";;
- *) die "Unrecognized ARCH ${ARCH}";;
- esac
-
- GYP_DEFINES="linux_use_gold_flags=0
- linux_use_bundled_binutils=0
- linux_use_bundled_gold=0" \
- "${PYTHON}" configure \
- --prefix="${EPREFIX}"/usr \
- --dest-cpu=${myarch} \
- --without-dtrace \
- "${myconf[@]}" || die
-}
-
-src_compile() {
- emake -C out mksnapshot
- pax-mark m "out/${BUILDTYPE}/mksnapshot"
- emake -C out
-}
-
-src_install() {
- local LIBDIR="${ED}/usr/$(get_libdir)"
- emake install DESTDIR="${ED}" PREFIX=/usr
- if use npm; then
- dodoc -r "${LIBDIR}"/node_modules/npm/html
- rm -rf "${LIBDIR}"/node_modules/npm/{doc,html} || die
- find "${LIBDIR}"/node_modules -type f -name "LICENSE*" -or
-name "LICENCE*" -delete || die
- fi
-
- # set up a symlink structure that npm expects..
- dodir /usr/include/node/deps/{v8,uv}
- dosym . /usr/include/node/src
- for var in deps/{uv,v8}/include; do
- dosym ../.. /usr/include/node/${var}
- done
-
- pax-mark -m "${ED}"/usr/bin/node
-}
-
-src_test() {
- out/${BUILDTYPE}/cctest || die
- "${PYTHON}" tools/test.py --mode=${BUILDTYPE,,} -J message parallel
sequential || die
-}
-
-pkg_postinst() {
- einfo "When using node-gyp to install native modules, you can avoid"
- einfo "having to download the full tarball by doing the following:"
- einfo ""
- einfo "node-gyp --nodedir /usr/include/node <command>"
-}
diff --git a/net-libs/nodejs/nodejs-6.9.4.ebuild
b/net-libs/nodejs/nodejs-6.9.4.ebuild
deleted file mode 100644
index eecaeb7..0000000
--- a/net-libs/nodejs/nodejs-6.9.4.ebuild
+++ /dev/null
@@ -1,195 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="threads"
-
-inherit bash-completion-r1 eutils flag-o-matic pax-utils python-single-r1
toolchain-funcs
-
-DESCRIPTION="A JavaScript runtime built on Chrome's V8 JavaScript engine"
-HOMEPAGE="https://nodejs.org/";
-SRC_URI="https://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz";
-
-LICENSE="Apache-1.1 Apache-2.0 BSD BSD-2 MIT"
-SLOT="0"
-KEYWORDS="amd64 arm ~arm64 ppc ppc64 x86 ~amd64-linux ~x64-macos"
-IUSE="bundled-ssl cpu_flags_x86_sse2 debug doc icu libressl +npm +snapshot
+ssl test"
-
-RDEPEND="icu? ( >=dev-libs/icu-56:= )
- npm? ( ${PYTHON_DEPS} )
- >=net-libs/http-parser-2.6.2:=
- >=dev-libs/libuv-1.9.0:=
- !bundled-ssl? ( >=dev-libs/openssl-1.0.2g:0=[-bindist] )
- sys-libs/zlib"
-DEPEND="${RDEPEND}
- ${PYTHON_DEPS}
- test? ( net-misc/curl )"
-
-S="${WORKDIR}/node-v${PV}"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- libressl? ( bundled-ssl )
- bundled-ssl? ( ssl )"
-
-PATCHES=(
- "${FILESDIR}"/gentoo-global-npm-config.patch
-)
-
-pkg_pretend() {
- (use x86 && ! use cpu_flags_x86_sse2) && \
- die "Your CPU doesn't support the required SSE2 instruction."
-
- ( [[ ${MERGE_TYPE} != "binary" ]] && ! test-flag-CXX -std=c++11 ) && \
- die "Your compiler doesn't support C++11. Use GCC 4.8, Clang
3.3 or newer."
-}
-
-src_prepare() {
- tc-export CC CXX PKG_CONFIG
- export V=1
- export BUILDTYPE=Release
-
- # fix compilation on Darwin
- # https://code.google.com/p/gyp/issues/detail?id=260
- sed -i -e "/append('-arch/d" tools/gyp/pylib/gyp/xcode_emulation.py ||
die
-
- # make sure we use python2.* while using gyp
- sed -i -e "s/python/${EPYTHON}/" deps/npm/node_modules/node-gyp/gyp/gyp
|| die
- sed -i -e "s/|| 'python'/|| '${EPYTHON}'/"
deps/npm/node_modules/node-gyp/lib/configure.js || die
-
- # less verbose install output (stating the same as portage, basically)
- sed -i -e "/print/d" tools/install.py || die
-
- # proper libdir, hat tip @ryanpcmcquen
https://github.com/iojs/io.js/issues/504
- local LIBDIR=$(get_libdir)
- sed -i -e "s|lib/|${LIBDIR}/|g" tools/install.py || die
- sed -i -e "s/'lib'/'${LIBDIR}'/" lib/module.js || die
- sed -i -e "s|\"lib\"|\"${LIBDIR}\"|" deps/npm/lib/npm.js || die
-
- # Avoid writing a depfile, not useful
- sed -i -e "/DEPFLAGS =/d" tools/gyp/pylib/gyp/generator/make.py || die
-
- # Avoid a test that I've only been able to reproduce from emerge. It
doesnt
- # seem sandbox related either (invoking it from a sandbox works fine).
- # The issue is that no stdin handle is openened when asked for one.
- # It doesn't really belong upstream , so it'll just be removed until
someone
- # with more gentoo-knowledge than me (jbergstroem) figures it out.
- rm test/parallel/test-stdout-close-unref.js || die
-
- # debug builds. change install path, remove optimisations and override
buildtype
- if use debug; then
- sed -i -e "s|out/Release/|out/Debug/|g" tools/install.py || die
- BUILDTYPE=Debug
- fi
-
- default
-}
-
-src_configure() {
- local myarch=""
- local myconf=( --shared-libuv --shared-http-parser --shared-zlib )
- use npm || myconf+=( --without-npm )
- use icu && myconf+=( --with-intl=system-icu )
- use snapshot && myconf+=( --with-snapshot )
- use bundled-ssl || myconf+=( --shared-openssl )
- use ssl || myconf+=( --without-ssl )
- use debug && myconf+=( --debug )
-
- case ${ABI} in
- amd64) myarch="x64";;
- arm) myarch="arm";;
- arm64) myarch="arm64";;
- ppc64) myarch="ppc64";;
- x32) myarch="x32";;
- x86) myarch="ia32";;
- *) myarch="${ABI}";;
- esac
-
- GYP_DEFINES="linux_use_gold_flags=0
- linux_use_bundled_binutils=0
- linux_use_bundled_gold=0" \
- "${PYTHON}" configure \
- --prefix="${EPREFIX}"/usr \
- --dest-cpu=${myarch} \
- --without-dtrace \
- "${myconf[@]}" || die
-}
-
-src_compile() {
- emake -C out mksnapshot
- pax-mark m "out/${BUILDTYPE}/mksnapshot"
- emake -C out
-}
-
-src_install() {
- local LIBDIR="${ED}/usr/$(get_libdir)"
- emake install DESTDIR="${D}"
- pax-mark -m "${ED}"usr/bin/node
-
- # set up a symlink structure that node-gyp expects..
- dodir /usr/include/node/deps/{v8,uv}
- dosym . /usr/include/node/src
- for var in deps/{uv,v8}/include; do
- dosym ../.. /usr/include/node/${var}
- done
-
- if use doc; then
- # Patch docs to make them offline readable
- for i in `grep -rl 'fonts.googleapis.com'
"${S}"/out/doc/api/*`; do
- sed -i '/fonts.googleapis.com/ d' $i;
- done
- # Install docs!
- dohtml -r "${S}"/doc/*
- fi
-
- if use npm; then
- dodir /etc/npm
-
- # Install bash completion for `npm`
- # We need to temporarily replace default config path since
- # npm otherwise tries to write outside of the sandbox
- local
npm_config="usr/$(get_libdir)/node_modules/npm/lib/config/core.js"
- sed -i -e "s|'/etc'|'${ED}/etc'|g" "${ED}/${npm_config}" || die
- local tmp_npm_completion_file="$(emktemp)"
- "${ED}/usr/bin/npm" completion > "${tmp_npm_completion_file}"
- newbashcomp "${tmp_npm_completion_file}" npm
- sed -i -e "s|'${ED}/etc'|'/etc'|g" "${ED}/${npm_config}" || die
-
- # Move man pages
- doman "${LIBDIR}"/node_modules/npm/man/man{1,5,7}/*
-
- # Clean up
- rm "${LIBDIR}"/node_modules/npm/{.mailmap,.npmignore,Makefile}
|| die
- rm -rf "${LIBDIR}"/node_modules/npm/{doc,html,man} || die
-
- local find_exp="-or -name"
- local find_name=()
- for match in "AUTHORS*" "CHANGELOG*" "CONTRIBUT*" "README*" \
- ".travis.yml" ".eslint*" ".wercker.yml" ".npmignore" \
- "*.md" "*.markdown" "*.bat" "*.cmd"; do
- find_name+=( ${find_exp} "${match}" )
- done
-
- # Remove various development and/or inappropriate files and
- # useless docs of dependend packages.
- find "${LIBDIR}"/node_modules \
- \( -type d -name examples \) -or \( -type f \( \
- -iname "LICEN?E*" \
- "${find_name[@]}" \
- \) \) -exec rm -rf "{}" \;
- fi
-}
-
-src_test() {
- out/${BUILDTYPE}/cctest || die
- "${PYTHON}" tools/test.py --mode=${BUILDTYPE,,} -J message parallel
sequential || die
-}
-
-pkg_postinst() {
- einfo "The global npm config lives in /etc/npm. This deviates slightly"
- einfo "from upstream which otherwise would have it live in /usr/etc/."
- einfo ""
- einfo "Protip: When using node-gyp to install native modules, you can"
- einfo "avoid having to download extras by doing the following:"
- einfo "$ node-gyp --nodedir /usr/include/node <command>"
-}
diff --git a/net-libs/nodejs/nodejs-7.10.0.ebuild
b/net-libs/nodejs/nodejs-7.10.0.ebuild
deleted file mode 100644
index 2272fcf..0000000
--- a/net-libs/nodejs/nodejs-7.10.0.ebuild
+++ /dev/null
@@ -1,197 +0,0 @@
-# Copyright 1999-2017 Gentoo Foundation
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-RESTRICT="test"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="threads"
-
-inherit bash-completion-r1 eutils flag-o-matic pax-utils python-single-r1
toolchain-funcs
-
-DESCRIPTION="A JavaScript runtime built on Chrome's V8 JavaScript engine"
-HOMEPAGE="https://nodejs.org/";
-SRC_URI="https://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz";
-
-LICENSE="Apache-1.1 Apache-2.0 BSD BSD-2 MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~amd64-linux ~x64-macos"
-IUSE="bundled-ssl cpu_flags_x86_sse2 debug doc icu libressl +npm +snapshot
+ssl systemtap test"
-
-RDEPEND="icu? ( >=dev-libs/icu-56:= )
- npm? ( ${PYTHON_DEPS} )
- >=net-libs/http-parser-2.6.2:=
- >=dev-libs/libuv-1.11.0:=
- !bundled-ssl? ( >=dev-libs/openssl-1.0.2g:0=[-bindist] )
- sys-libs/zlib"
-DEPEND="${RDEPEND}
- ${PYTHON_DEPS}
- systemtap? ( dev-util/systemtap )
- test? ( net-misc/curl )"
-
-S="${WORKDIR}/node-v${PV}"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}
- libressl? ( bundled-ssl )
- bundled-ssl? ( ssl )"
-
-PATCHES=(
- "${FILESDIR}"/gentoo-global-npm-config.patch
-)
-
-pkg_pretend() {
- (use x86 && ! use cpu_flags_x86_sse2) && \
- die "Your CPU doesn't support the required SSE2 instruction."
-
- ( [[ ${MERGE_TYPE} != "binary" ]] && ! test-flag-CXX -std=c++11 ) && \
- die "Your compiler doesn't support C++11. Use GCC 4.8, Clang
3.3 or newer."
-}
-
-src_prepare() {
- tc-export CC CXX PKG_CONFIG
- export V=1
- export BUILDTYPE=Release
-
- # fix compilation on Darwin
- # https://code.google.com/p/gyp/issues/detail?id=260
- sed -i -e "/append('-arch/d" tools/gyp/pylib/gyp/xcode_emulation.py ||
die
-
- # make sure we use python2.* while using gyp
- sed -i -e "s/python/${EPYTHON}/" deps/npm/node_modules/node-gyp/gyp/gyp
|| die
- sed -i -e "s/|| 'python'/|| '${EPYTHON}'/"
deps/npm/node_modules/node-gyp/lib/configure.js || die
-
- # less verbose install output (stating the same as portage, basically)
- sed -i -e "/print/d" tools/install.py || die
-
- # proper libdir, hat tip @ryanpcmcquen
https://github.com/iojs/io.js/issues/504
- local LIBDIR=$(get_libdir)
- sed -i -e "s|lib/|${LIBDIR}/|g" tools/install.py || die
- sed -i -e "s/'lib'/'${LIBDIR}'/" lib/module.js || die
- sed -i -e "s|\"lib\"|\"${LIBDIR}\"|" deps/npm/lib/npm.js || die
-
- # Avoid writing a depfile, not useful
- sed -i -e "/DEPFLAGS =/d" tools/gyp/pylib/gyp/generator/make.py || die
-
- # Avoid a test that I've only been able to reproduce from emerge. It
doesnt
- # seem sandbox related either (invoking it from a sandbox works fine).
- # The issue is that no stdin handle is openened when asked for one.
- # It doesn't really belong upstream , so it'll just be removed until
someone
- # with more gentoo-knowledge than me (jbergstroem) figures it out.
- rm test/parallel/test-stdout-close-unref.js || die
-
- # debug builds. change install path, remove optimisations and override
buildtype
- if use debug; then
- sed -i -e "s|out/Release/|out/Debug/|g" tools/install.py || die
- BUILDTYPE=Debug
- fi
-
- default
-}
-
-src_configure() {
- local myarch=""
- local myconf=( --shared-libuv --shared-http-parser --shared-zlib )
- use npm || myconf+=( --without-npm )
- use icu && myconf+=( --with-intl=system-icu )
- use snapshot && myconf+=( --with-snapshot )
- use bundled-ssl || myconf+=( --shared-openssl )
- use ssl || myconf+=( --without-ssl )
- use debug && myconf+=( --debug )
-
- case ${ABI} in
- amd64) myarch="x64";;
- arm) myarch="arm";;
- arm64) myarch="arm64";;
- ppc64) myarch="ppc64";;
- x32) myarch="x32";;
- x86) myarch="ia32";;
- *) myarch="${ABI}";;
- esac
-
- GYP_DEFINES="linux_use_gold_flags=0
- linux_use_bundled_binutils=0
- linux_use_bundled_gold=0" \
- "${PYTHON}" configure \
- --prefix="${EPREFIX}"/usr \
- --dest-cpu=${myarch} \
- $(use_with systemtap dtrace) \
- "${myconf[@]}" || die
-}
-
-src_compile() {
- emake -C out mksnapshot
- pax-mark m "out/${BUILDTYPE}/mksnapshot"
- emake -C out
-}
-
-src_install() {
- local LIBDIR="${ED}/usr/$(get_libdir)"
- emake install DESTDIR="${D}"
- pax-mark -m "${ED}"usr/bin/node
-
- # set up a symlink structure that node-gyp expects..
- dodir /usr/include/node/deps/{v8,uv}
- dosym . /usr/include/node/src
- for var in deps/{uv,v8}/include; do
- dosym ../.. /usr/include/node/${var}
- done
-
- if use doc; then
- # Patch docs to make them offline readable
- for i in `grep -rl 'fonts.googleapis.com'
"${S}"/out/doc/api/*`; do
- sed -i '/fonts.googleapis.com/ d' $i;
- done
- # Install docs!
- dohtml -r "${S}"/doc/*
- fi
-
- if use npm; then
- dodir /etc/npm
-
- # Install bash completion for `npm`
- # We need to temporarily replace default config path since
- # npm otherwise tries to write outside of the sandbox
- local
npm_config="usr/$(get_libdir)/node_modules/npm/lib/config/core.js"
- sed -i -e "s|'/etc'|'${ED}/etc'|g" "${ED}/${npm_config}" || die
- local tmp_npm_completion_file="$(emktemp)"
- "${ED}/usr/bin/npm" completion > "${tmp_npm_completion_file}"
- newbashcomp "${tmp_npm_completion_file}" npm
- sed -i -e "s|'${ED}/etc'|'/etc'|g" "${ED}/${npm_config}" || die
-
- # Move man pages
- doman "${LIBDIR}"/node_modules/npm/man/man{1,5,7}/*
-
- # Clean up
- rm "${LIBDIR}"/node_modules/npm/{.mailmap,.npmignore,Makefile}
|| die
- rm -rf "${LIBDIR}"/node_modules/npm/{doc,html,man} || die
-
- local find_exp="-or -name"
- local find_name=()
- for match in "AUTHORS*" "CHANGELOG*" "CONTRIBUT*" "README*" \
- ".travis.yml" ".eslint*" ".wercker.yml" ".npmignore" \
- "*.md" "*.markdown" "*.bat" "*.cmd"; do
- find_name+=( ${find_exp} "${match}" )
- done
-
- # Remove various development and/or inappropriate files and
- # useless docs of dependend packages.
- find "${LIBDIR}"/node_modules \
- \( -type d -name examples \) -or \( -type f \( \
- -iname "LICEN?E*" \
- "${find_name[@]}" \
- \) \) -exec rm -rf "{}" \;
- fi
-}
-
-src_test() {
- out/${BUILDTYPE}/cctest || die
- "${PYTHON}" tools/test.py --mode=${BUILDTYPE,,} -J message parallel
sequential || die
-}
-
-pkg_postinst() {
- einfo "The global npm config lives in /etc/npm. This deviates slightly"
- einfo "from upstream which otherwise would have it live in /usr/etc/."
- einfo ""
- einfo "Protip: When using node-gyp to install native modules, you can"
- einfo "avoid having to download extras by doing the following:"
- einfo "$ node-gyp --nodedir /usr/include/node <command>"
-}
diff --git a/net-libs/nodejs/nodejs-8.1.0.ebuild
b/net-libs/nodejs/nodejs-8.1.0.ebuild
deleted file mode 100644
index b6471d4..0000000
--- a/net-libs/nodejs/nodejs-8.1.0.ebuild
+++ /dev/null
@@ -1,195 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-RESTRICT="test"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="threads"
-
-inherit bash-completion-r1 eutils flag-o-matic pax-utils python-single-r1
toolchain-funcs
-
-DESCRIPTION="A JavaScript runtime built on Chrome's V8 JavaScript engine"
-HOMEPAGE="https://nodejs.org/";
-SRC_URI="https://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz";
-
-LICENSE="Apache-1.1 Apache-2.0 BSD BSD-2 MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~amd64-linux ~x64-macos"
-IUSE="cpu_flags_x86_sse2 debug doc icu +npm +snapshot +ssl systemtap test"
-
-RDEPEND="icu? ( >=dev-libs/icu-56:= )
- npm? ( ${PYTHON_DEPS} )
- >=net-libs/http-parser-2.6.2:=
- >=dev-libs/libuv-1.11.0:=
- dev-libs/libressl
- sys-libs/zlib"
-DEPEND="${RDEPEND}
- ${PYTHON_DEPS}
- systemtap? ( dev-util/systemtap )
- test? ( net-misc/curl )"
-
-S="${WORKDIR}/node-v${PV}"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}"
-
-PATCHES=(
- "${FILESDIR}"/gentoo-global-npm-config.patch
- "${FILESDIR}"/nodejs-8.1.0-libressl.patch
-)
-
-pkg_pretend() {
- (use x86 && ! use cpu_flags_x86_sse2) && \
- die "Your CPU doesn't support the required SSE2 instruction."
-
- ( [[ ${MERGE_TYPE} != "binary" ]] && ! test-flag-CXX -std=c++11 ) && \
- die "Your compiler doesn't support C++11. Use GCC 4.8, Clang
3.3 or newer."
-}
-
-src_prepare() {
- tc-export CC CXX PKG_CONFIG
- export V=1
- export BUILDTYPE=Release
-
- # fix compilation on Darwin
- # https://code.google.com/p/gyp/issues/detail?id=260
- sed -i -e "/append('-arch/d" tools/gyp/pylib/gyp/xcode_emulation.py ||
die
-
- # make sure we use python2.* while using gyp
- sed -i -e "s/python/${EPYTHON}/" deps/npm/node_modules/node-gyp/gyp/gyp
|| die
- sed -i -e "s/|| 'python'/|| '${EPYTHON}'/"
deps/npm/node_modules/node-gyp/lib/configure.js || die
-
- # less verbose install output (stating the same as portage, basically)
- sed -i -e "/print/d" tools/install.py || die
-
- # proper libdir, hat tip @ryanpcmcquen
https://github.com/iojs/io.js/issues/504
- local LIBDIR=$(get_libdir)
- sed -i -e "s|lib/|${LIBDIR}/|g" tools/install.py || die
- sed -i -e "s/'lib'/'${LIBDIR}'/" lib/module.js || die
- sed -i -e "s|\"lib\"|\"${LIBDIR}\"|" deps/npm/lib/npm.js || die
-
- # Avoid writing a depfile, not useful
- sed -i -e "/DEPFLAGS =/d" tools/gyp/pylib/gyp/generator/make.py || die
-
- # Avoid a test that I've only been able to reproduce from emerge. It
doesnt
- # seem sandbox related either (invoking it from a sandbox works fine).
- # The issue is that no stdin handle is openened when asked for one.
- # It doesn't really belong upstream , so it'll just be removed until
someone
- # with more gentoo-knowledge than me (jbergstroem) figures it out.
- rm test/parallel/test-stdout-close-unref.js || die
-
- # debug builds. change install path, remove optimisations and override
buildtype
- if use debug; then
- sed -i -e "s|out/Release/|out/Debug/|g" tools/install.py || die
- BUILDTYPE=Debug
- fi
-
- default
-}
-
-src_configure() {
- local myarch=""
- local myconf=( --shared-openssl --shared-libuv --shared-http-parser
--shared-zlib )
- use npm || myconf+=( --without-npm )
- use icu && myconf+=( --with-intl=system-icu )
- use snapshot && myconf+=( --with-snapshot )
- use ssl || myconf+=( --without-ssl )
- use debug && myconf+=( --debug )
-
- case ${ABI} in
- amd64) myarch="x64";;
- arm) myarch="arm";;
- arm64) myarch="arm64";;
- ppc64) myarch="ppc64";;
- x32) myarch="x32";;
- x86) myarch="ia32";;
- *) myarch="${ABI}";;
- esac
-
- GYP_DEFINES="linux_use_gold_flags=0
- linux_use_bundled_binutils=0
- linux_use_bundled_gold=0" \
- "${PYTHON}" configure \
- --prefix="${EPREFIX}"/usr \
- --dest-cpu=${myarch} \
- $(use_with systemtap dtrace) \
- "${myconf[@]}" || die
-}
-
-src_compile() {
- emake -C out mksnapshot
- pax-mark m "out/${BUILDTYPE}/mksnapshot"
- emake -C out
-}
-
-src_install() {
- local LIBDIR="${ED}/usr/$(get_libdir)"
- emake install DESTDIR="${D}"
- pax-mark -m "${ED}"usr/bin/node
-
- # set up a symlink structure that node-gyp expects..
- dodir /usr/include/node/deps/{v8,uv}
- dosym . /usr/include/node/src
- for var in deps/{uv,v8}/include; do
- dosym ../.. /usr/include/node/${var}
- done
-
- if use doc; then
- # Patch docs to make them offline readable
- for i in `grep -rl 'fonts.googleapis.com'
"${S}"/out/doc/api/*`; do
- sed -i '/fonts.googleapis.com/ d' $i;
- done
- # Install docs!
- dohtml -r "${S}"/doc/*
- fi
-
- if use npm; then
- dodir /etc/npm
-
- # Install bash completion for `npm`
- # We need to temporarily replace default config path since
- # npm otherwise tries to write outside of the sandbox
- local
npm_config="usr/$(get_libdir)/node_modules/npm/lib/config/core.js"
- sed -i -e "s|'/etc'|'${ED}/etc'|g" "${ED}/${npm_config}" || die
- local tmp_npm_completion_file="$(emktemp)"
- "${ED}/usr/bin/npm" completion > "${tmp_npm_completion_file}"
- newbashcomp "${tmp_npm_completion_file}" npm
- sed -i -e "s|'${ED}/etc'|'/etc'|g" "${ED}/${npm_config}" || die
-
- # Move man pages
- doman "${LIBDIR}"/node_modules/npm/man/man{1,5,7}/*
-
- # Clean up
- rm "${LIBDIR}"/node_modules/npm/{.mailmap,.npmignore,Makefile}
|| die
- rm -rf "${LIBDIR}"/node_modules/npm/{doc,html,man} || die
-
- local find_exp="-or -name"
- local find_name=()
- for match in "AUTHORS*" "CHANGELOG*" "CONTRIBUT*" "README*" \
- ".travis.yml" ".eslint*" ".wercker.yml" ".npmignore" \
- "*.md" "*.markdown" "*.bat" "*.cmd"; do
- find_name+=( ${find_exp} "${match}" )
- done
-
- # Remove various development and/or inappropriate files and
- # useless docs of dependend packages.
- find "${LIBDIR}"/node_modules \
- \( -type d -name examples \) -or \( -type f \( \
- -iname "LICEN?E*" \
- "${find_name[@]}" \
- \) \) -exec rm -rf "{}" \;
- fi
-}
-
-src_test() {
- out/${BUILDTYPE}/cctest || die
- "${PYTHON}" tools/test.py --mode=${BUILDTYPE,,} -J message parallel
sequential || die
-}
-
-pkg_postinst() {
- einfo "The global npm config lives in /etc/npm. This deviates slightly"
- einfo "from upstream which otherwise would have it live in /usr/etc/."
- einfo ""
- einfo "Protip: When using node-gyp to install native modules, you can"
- einfo "avoid having to download extras by doing the following:"
- einfo "$ node-gyp --nodedir /usr/include/node <command>"
-}
diff --git a/net-libs/nodejs/nodejs-8.1.1.ebuild
b/net-libs/nodejs/nodejs-8.1.1.ebuild
deleted file mode 100644
index b6471d4..0000000
--- a/net-libs/nodejs/nodejs-8.1.1.ebuild
+++ /dev/null
@@ -1,195 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-RESTRICT="test"
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="threads"
-
-inherit bash-completion-r1 eutils flag-o-matic pax-utils python-single-r1
toolchain-funcs
-
-DESCRIPTION="A JavaScript runtime built on Chrome's V8 JavaScript engine"
-HOMEPAGE="https://nodejs.org/";
-SRC_URI="https://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz";
-
-LICENSE="Apache-1.1 Apache-2.0 BSD BSD-2 MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~amd64-linux ~x64-macos"
-IUSE="cpu_flags_x86_sse2 debug doc icu +npm +snapshot +ssl systemtap test"
-
-RDEPEND="icu? ( >=dev-libs/icu-56:= )
- npm? ( ${PYTHON_DEPS} )
- >=net-libs/http-parser-2.6.2:=
- >=dev-libs/libuv-1.11.0:=
- dev-libs/libressl
- sys-libs/zlib"
-DEPEND="${RDEPEND}
- ${PYTHON_DEPS}
- systemtap? ( dev-util/systemtap )
- test? ( net-misc/curl )"
-
-S="${WORKDIR}/node-v${PV}"
-REQUIRED_USE="${PYTHON_REQUIRED_USE}"
-
-PATCHES=(
- "${FILESDIR}"/gentoo-global-npm-config.patch
- "${FILESDIR}"/nodejs-8.1.0-libressl.patch
-)
-
-pkg_pretend() {
- (use x86 && ! use cpu_flags_x86_sse2) && \
- die "Your CPU doesn't support the required SSE2 instruction."
-
- ( [[ ${MERGE_TYPE} != "binary" ]] && ! test-flag-CXX -std=c++11 ) && \
- die "Your compiler doesn't support C++11. Use GCC 4.8, Clang
3.3 or newer."
-}
-
-src_prepare() {
- tc-export CC CXX PKG_CONFIG
- export V=1
- export BUILDTYPE=Release
-
- # fix compilation on Darwin
- # https://code.google.com/p/gyp/issues/detail?id=260
- sed -i -e "/append('-arch/d" tools/gyp/pylib/gyp/xcode_emulation.py ||
die
-
- # make sure we use python2.* while using gyp
- sed -i -e "s/python/${EPYTHON}/" deps/npm/node_modules/node-gyp/gyp/gyp
|| die
- sed -i -e "s/|| 'python'/|| '${EPYTHON}'/"
deps/npm/node_modules/node-gyp/lib/configure.js || die
-
- # less verbose install output (stating the same as portage, basically)
- sed -i -e "/print/d" tools/install.py || die
-
- # proper libdir, hat tip @ryanpcmcquen
https://github.com/iojs/io.js/issues/504
- local LIBDIR=$(get_libdir)
- sed -i -e "s|lib/|${LIBDIR}/|g" tools/install.py || die
- sed -i -e "s/'lib'/'${LIBDIR}'/" lib/module.js || die
- sed -i -e "s|\"lib\"|\"${LIBDIR}\"|" deps/npm/lib/npm.js || die
-
- # Avoid writing a depfile, not useful
- sed -i -e "/DEPFLAGS =/d" tools/gyp/pylib/gyp/generator/make.py || die
-
- # Avoid a test that I've only been able to reproduce from emerge. It
doesnt
- # seem sandbox related either (invoking it from a sandbox works fine).
- # The issue is that no stdin handle is openened when asked for one.
- # It doesn't really belong upstream , so it'll just be removed until
someone
- # with more gentoo-knowledge than me (jbergstroem) figures it out.
- rm test/parallel/test-stdout-close-unref.js || die
-
- # debug builds. change install path, remove optimisations and override
buildtype
- if use debug; then
- sed -i -e "s|out/Release/|out/Debug/|g" tools/install.py || die
- BUILDTYPE=Debug
- fi
-
- default
-}
-
-src_configure() {
- local myarch=""
- local myconf=( --shared-openssl --shared-libuv --shared-http-parser
--shared-zlib )
- use npm || myconf+=( --without-npm )
- use icu && myconf+=( --with-intl=system-icu )
- use snapshot && myconf+=( --with-snapshot )
- use ssl || myconf+=( --without-ssl )
- use debug && myconf+=( --debug )
-
- case ${ABI} in
- amd64) myarch="x64";;
- arm) myarch="arm";;
- arm64) myarch="arm64";;
- ppc64) myarch="ppc64";;
- x32) myarch="x32";;
- x86) myarch="ia32";;
- *) myarch="${ABI}";;
- esac
-
- GYP_DEFINES="linux_use_gold_flags=0
- linux_use_bundled_binutils=0
- linux_use_bundled_gold=0" \
- "${PYTHON}" configure \
- --prefix="${EPREFIX}"/usr \
- --dest-cpu=${myarch} \
- $(use_with systemtap dtrace) \
- "${myconf[@]}" || die
-}
-
-src_compile() {
- emake -C out mksnapshot
- pax-mark m "out/${BUILDTYPE}/mksnapshot"
- emake -C out
-}
-
-src_install() {
- local LIBDIR="${ED}/usr/$(get_libdir)"
- emake install DESTDIR="${D}"
- pax-mark -m "${ED}"usr/bin/node
-
- # set up a symlink structure that node-gyp expects..
- dodir /usr/include/node/deps/{v8,uv}
- dosym . /usr/include/node/src
- for var in deps/{uv,v8}/include; do
- dosym ../.. /usr/include/node/${var}
- done
-
- if use doc; then
- # Patch docs to make them offline readable
- for i in `grep -rl 'fonts.googleapis.com'
"${S}"/out/doc/api/*`; do
- sed -i '/fonts.googleapis.com/ d' $i;
- done
- # Install docs!
- dohtml -r "${S}"/doc/*
- fi
-
- if use npm; then
- dodir /etc/npm
-
- # Install bash completion for `npm`
- # We need to temporarily replace default config path since
- # npm otherwise tries to write outside of the sandbox
- local
npm_config="usr/$(get_libdir)/node_modules/npm/lib/config/core.js"
- sed -i -e "s|'/etc'|'${ED}/etc'|g" "${ED}/${npm_config}" || die
- local tmp_npm_completion_file="$(emktemp)"
- "${ED}/usr/bin/npm" completion > "${tmp_npm_completion_file}"
- newbashcomp "${tmp_npm_completion_file}" npm
- sed -i -e "s|'${ED}/etc'|'/etc'|g" "${ED}/${npm_config}" || die
-
- # Move man pages
- doman "${LIBDIR}"/node_modules/npm/man/man{1,5,7}/*
-
- # Clean up
- rm "${LIBDIR}"/node_modules/npm/{.mailmap,.npmignore,Makefile}
|| die
- rm -rf "${LIBDIR}"/node_modules/npm/{doc,html,man} || die
-
- local find_exp="-or -name"
- local find_name=()
- for match in "AUTHORS*" "CHANGELOG*" "CONTRIBUT*" "README*" \
- ".travis.yml" ".eslint*" ".wercker.yml" ".npmignore" \
- "*.md" "*.markdown" "*.bat" "*.cmd"; do
- find_name+=( ${find_exp} "${match}" )
- done
-
- # Remove various development and/or inappropriate files and
- # useless docs of dependend packages.
- find "${LIBDIR}"/node_modules \
- \( -type d -name examples \) -or \( -type f \( \
- -iname "LICEN?E*" \
- "${find_name[@]}" \
- \) \) -exec rm -rf "{}" \;
- fi
-}
-
-src_test() {
- out/${BUILDTYPE}/cctest || die
- "${PYTHON}" tools/test.py --mode=${BUILDTYPE,,} -J message parallel
sequential || die
-}
-
-pkg_postinst() {
- einfo "The global npm config lives in /etc/npm. This deviates slightly"
- einfo "from upstream which otherwise would have it live in /usr/etc/."
- einfo ""
- einfo "Protip: When using node-gyp to install native modules, you can"
- einfo "avoid having to download extras by doing the following:"
- einfo "$ node-gyp --nodedir /usr/include/node <command>"
-}
diff --git a/net-libs/nodejs/nodejs-9.11.2.ebuild
b/net-libs/nodejs/nodejs-9.11.2.ebuild
deleted file mode 100644
index 7c3a2f4..0000000
--- a/net-libs/nodejs/nodejs-9.11.2.ebuild
+++ /dev/null
@@ -1,205 +0,0 @@
-# Copyright 1999-2018 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-EAPI=6
-
-PYTHON_COMPAT=( python2_7 )
-PYTHON_REQ_USE="threads"
-
-inherit bash-completion-r1 eutils flag-o-matic pax-utils python-single-r1
toolchain-funcs
-
-DESCRIPTION="A JavaScript runtime built on Chrome's V8 JavaScript engine"
-HOMEPAGE="https://nodejs.org/";
-SRC_URI="https://nodejs.org/dist/v${PV}/node-v${PV}.tar.xz";
-
-LICENSE="Apache-1.1 Apache-2.0 BSD BSD-2 MIT"
-SLOT="0"
-KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~x86 ~amd64-linux ~x64-macos"
-IUSE="bundled-ssl cpu_flags_x86_sse2 debug doc icu inspector libressl +npm
+snapshot +ssl systemtap test"
-REQUIRED_USE="
- ${PYTHON_REQUIRED_USE}
- inspector? ( icu ssl )
- npm? ( ssl )
- libressl? ( bundled-ssl )
- bundled-ssl? ( ssl )
-"
-
-RDEPEND="
- >=dev-libs/libuv-1.19.2:=
- >=net-libs/http-parser-2.8.0:=
- >=net-libs/nghttp2-1.32.0
- sys-libs/zlib
- icu? ( >=dev-libs/icu-61.1:= )
- ssl? (
- !bundled-ssl? ( >=dev-libs/openssl-1.0.2n:0=[-bindist] )
- )
-"
-DEPEND="
- ${RDEPEND}
- ${PYTHON_DEPS}
- systemtap? ( dev-util/systemtap )
- test? ( net-misc/curl )
-"
-S="${WORKDIR}/node-v${PV}"
-PATCHES=(
- "${FILESDIR}"/gentoo-global-npm-config.patch
-)
-
-pkg_pretend() {
- (use x86 && ! use cpu_flags_x86_sse2) && \
- die "Your CPU doesn't support the required SSE2 instruction."
-
- ( [[ ${MERGE_TYPE} != "binary" ]] && ! test-flag-CXX -std=c++11 ) && \
- die "Your compiler doesn't support C++11. Use GCC 4.8, Clang
3.3 or newer."
-}
-
-src_prepare() {
- tc-export CC CXX PKG_CONFIG
- export V=1
- export BUILDTYPE=Release
-
- # fix compilation on Darwin
- # https://code.google.com/p/gyp/issues/detail?id=260
- sed -i -e "/append('-arch/d" tools/gyp/pylib/gyp/xcode_emulation.py ||
die
-
- # make sure we use python2.* while using gyp
- sed -i -e "s/python/${EPYTHON}/" deps/npm/node_modules/node-gyp/gyp/gyp
|| die
- sed -i -e "s/|| 'python2'/|| '${EPYTHON}'/"
deps/npm/node_modules/node-gyp/lib/configure.js || die
-
- # less verbose install output (stating the same as portage, basically)
- sed -i -e "/print/d" tools/install.py || die
-
- # proper libdir, hat tip @ryanpcmcquen
https://github.com/iojs/io.js/issues/504
- local LIBDIR=$(get_libdir)
- sed -i -e "s|lib/|${LIBDIR}/|g" tools/install.py || die
- sed -i -e "s/'lib'/'${LIBDIR}'/" lib/module.js deps/npm/lib/npm.js ||
die
-
- # Avoid writing a depfile, not useful
- sed -i -e "/DEPFLAGS =/d" tools/gyp/pylib/gyp/generator/make.py || die
-
- sed -i -e "/'-O3'/d" common.gypi deps/v8/gypfiles/toolchain.gypi || die
-
- # Avoid a test that I've only been able to reproduce from emerge. It
doesnt
- # seem sandbox related either (invoking it from a sandbox works fine).
- # The issue is that no stdin handle is openened when asked for one.
- # It doesn't really belong upstream , so it'll just be removed until
someone
- # with more gentoo-knowledge than me (jbergstroem) figures it out.
- rm test/parallel/test-stdout-close-unref.js || die
-
- # debug builds. change install path, remove optimisations and override
buildtype
- if use debug; then
- sed -i -e "s|out/Release/|out/Debug/|g" tools/install.py || die
- BUILDTYPE=Debug
- fi
-
- default
-}
-
-src_configure() {
- local myconf=( --shared-http-parser --shared-libuv --shared-nghttp2
--shared-zlib )
- use debug && myconf+=( --debug )
- use icu && myconf+=( --with-intl=system-icu ) || myconf+=(
--with-intl=none )
- use inspector || myconf+=( --without-inspector )
- use npm || myconf+=( --without-npm )
- use snapshot && myconf+=( --with-snapshot )
- use ssl && ( use bundled-ssl || myconf+=( --shared-openssl ) ) ||
myconf+=( --without-ssl )
-
- local myarch=""
- case ${ABI} in
- amd64) myarch="x64";;
- arm) myarch="arm";;
- arm64) myarch="arm64";;
- ppc64) myarch="ppc64";;
- x32) myarch="x32";;
- x86) myarch="ia32";;
- *) myarch="${ABI}";;
- esac
-
- GYP_DEFINES="linux_use_gold_flags=0
- linux_use_bundled_binutils=0
- linux_use_bundled_gold=0" \
- "${PYTHON}" configure \
- --prefix="${EPREFIX}"/usr \
- --dest-cpu=${myarch} \
- $(use_with systemtap dtrace) \
- "${myconf[@]}" || die
-}
-
-src_compile() {
- emake -C out mksnapshot
- pax-mark m "out/${BUILDTYPE}/mksnapshot"
- emake -C out
-}
-
-src_install() {
- local LIBDIR="${ED}/usr/$(get_libdir)"
- emake install DESTDIR="${D}"
- pax-mark -m "${ED}"usr/bin/node
-
- # set up a symlink structure that node-gyp expects..
- dodir /usr/include/node/deps/{v8,uv}
- dosym . /usr/include/node/src
- for var in deps/{uv,v8}/include; do
- dosym ../.. /usr/include/node/${var}
- done
-
- if use doc; then
- # Patch docs to make them offline readable
- for i in `grep -rl 'fonts.googleapis.com'
"${S}"/out/doc/api/*`; do
- sed -i '/fonts.googleapis.com/ d' $i;
- done
- # Install docs!
- dohtml -r "${S}"/doc/*
- fi
-
- if use npm; then
- dodir /etc/npm
-
- # Install bash completion for `npm`
- # We need to temporarily replace default config path since
- # npm otherwise tries to write outside of the sandbox
- local
npm_config="usr/$(get_libdir)/node_modules/npm/lib/config/core.js"
- sed -i -e "s|'/etc'|'${ED}/etc'|g" "${ED}/${npm_config}" || die
- local tmp_npm_completion_file="$(emktemp)"
- "${ED}/usr/bin/npm" completion > "${tmp_npm_completion_file}"
- newbashcomp "${tmp_npm_completion_file}" npm
- sed -i -e "s|'${ED}/etc'|'/etc'|g" "${ED}/${npm_config}" || die
-
- # Move man pages
- doman "${LIBDIR}"/node_modules/npm/man/man{1,5,7}/*
-
- # Clean up
- rm "${LIBDIR}"/node_modules/npm/{.mailmap,.npmignore,Makefile}
|| die
- rm -rf "${LIBDIR}"/node_modules/npm/{doc,html,man} || die
-
- local find_exp="-or -name"
- local find_name=()
- for match in "AUTHORS*" "CHANGELOG*" "CONTRIBUT*" "README*" \
- ".travis.yml" ".eslint*" ".wercker.yml" ".npmignore" \
- "*.md" "*.markdown" "*.bat" "*.cmd"; do
- find_name+=( ${find_exp} "${match}" )
- done
-
- # Remove various development and/or inappropriate files and
- # useless docs of dependend packages.
- find "${LIBDIR}"/node_modules \
- \( -type d -name examples \) -or \( -type f \( \
- -iname "LICEN?E*" \
- "${find_name[@]}" \
- \) \) -exec rm -rf "{}" \;
- fi
-}
-
-src_test() {
- out/${BUILDTYPE}/cctest || die
- "${PYTHON}" tools/test.py --mode=${BUILDTYPE,,} -J message parallel
sequential || die
-}
-
-pkg_postinst() {
- einfo "The global npm config lives in /etc/npm. This deviates slightly"
- einfo "from upstream which otherwise would have it live in /usr/etc/."
- einfo ""
- einfo "Protip: When using node-gyp to install native modules, you can"
- einfo "avoid having to download extras by doing the following:"
- einfo "$ node-gyp --nodedir /usr/include/node <command>"
-}
