iojs: update to 2.3.4.

2015-07-10 07:51:47 +02:00 · 2015-07-10 07:51:47 +02:00 · ecbebed7ef
parent 4d7d303677
commit ecbebed7ef
3 changed files with 3 additions and 90 deletions
--- a/srcpkgs/iojs/patches/X509_verify_cert.patch
+++ b/srcpkgs/iojs/patches/X509_verify_cert.patch
@ -1,75 +0,0 @@
--- deps/openssl/openssl/crypto/x509/x509_vfy.c
-+++ deps/openssl/openssl/crypto/x509/x509_vfy.c
-@@ -193,6 +193,14 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
-         X509err(X509_F_X509_VERIFY_CERT, X509_R_NO_CERT_SET_FOR_US_TO_VERIFY);
-         return -1;
-     }
-+    if (ctx->chain != NULL) {
-+        /*
-+         * This X509_STORE_CTX has already been used to verify a cert. We
-+         * cannot do another one.
-+         */
-+        X509err(X509_F_X509_VERIFY_CERT, ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);
-+        return -1;
-+    }
- 
-     cb = ctx->verify_cb;
- 
-@@ -200,15 +208,13 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
-      * first we make sure the chain we are going to build is present and that
-      * the first entry is in place
-      */
-    if (ctx->chain == NULL) {
-        if (((ctx->chain = sk_X509_new_null()) == NULL) ||
-            (!sk_X509_push(ctx->chain, ctx->cert))) {
-            X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-            goto end;
-        }
-        CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
-        ctx->last_untrusted = 1;
-+    if (((ctx->chain = sk_X509_new_null()) == NULL) ||
-+        (!sk_X509_push(ctx->chain, ctx->cert))) {
-+        X509err(X509_F_X509_VERIFY_CERT, ERR_R_MALLOC_FAILURE);
-+        goto end;
-     }
-+    CRYPTO_add(&ctx->cert->references, 1, CRYPTO_LOCK_X509);
-+    ctx->last_untrusted = 1;
- 
-     /* We use a temporary STACK so we can chop and hack at it */
-     if (ctx->untrusted != NULL
--- deps/openssl/openssl/doc/crypto/X509_STORE_CTX_new.pod
-+++ deps/openssl/openssl/doc/crypto/X509_STORE_CTX_new.pod
-@@ -40,10 +40,15 @@ is no longer valid.
- If B<ctx> is NULL nothing is done.
- 
- X509_STORE_CTX_init() sets up B<ctx> for a subsequent verification operation.
-The trusted certificate store is set to B<store>, the end entity certificate
-to be verified is set to B<x509> and a set of additional certificates (which
-will be untrusted but may be used to build the chain) in B<chain>. Any or
-all of the B<store>, B<x509> and B<chain> parameters can be B<NULL>.
-+It must be called before each call to X509_verify_cert(), i.e. a B<ctx> is only
-+good for one call to X509_verify_cert(); if you want to verify a second
-+certificate with the same B<ctx> then you must call X509_XTORE_CTX_cleanup()
-+and then X509_STORE_CTX_init() again before the second call to
-+X509_verify_cert(). The trusted certificate store is set to B<store>, the end
-+entity certificate to be verified is set to B<x509> and a set of additional
-+certificates (which will be untrusted but may be used to build the chain) in
-+B<chain>. Any or all of the B<store>, B<x509> and B<chain> parameters can be
-+B<NULL>.
- 
- X509_STORE_CTX_trusted_stack() sets the set of trusted certificates of B<ctx>
- to B<sk>. This is an alternative way of specifying trusted certificates 
-diff --git a/doc/crypto/X509_verify_cert.pod b/doc/crypto/X509_verify_cert.pod
-index e5cfc6f..48055b0 100644
--- deps/openssl/openssl/doc/crypto/X509_verify_cert.pod
-+++ deps/openssl/openssl/doc/crypto/X509_verify_cert.pod
-@@ -32,7 +32,8 @@ OpenSSL internally for certificate validation, in both the S/MIME and
- SSL/TLS code.
- 
- The negative return value from X509_verify_cert() can only occur if no
-certificate is set in B<ctx> (due to a programming error) or if a retry
-+certificate is set in B<ctx> (due to a programming error); if X509_verify_cert()
-+twice without reinitialising B<ctx> in between; or if a retry
- operation is requested during internal lookups (which never happens with
- standard lookup methods). It is however recommended that application check
- for <= 0 return value on error.
--- a/srcpkgs/iojs/patches/alternate_chains_certificate_forgery.patch
+++ b/srcpkgs/iojs/patches/alternate_chains_certificate_forgery.patch
@ -1,12 +0,0 @@
--- deps/openssl/openssl/crypto/x509/x509_vfy.c
-+++ deps/openssl/openssl/crypto/x509/x509_vfy.c
-@@ -392,8 +392,8 @@ int X509_verify_cert(X509_STORE_CTX *ctx)
-                         xtmp = sk_X509_pop(ctx->chain);
-                         X509_free(xtmp);
-                         num--;
-                        ctx->last_untrusted--;
-                     }
-+                    ctx->last_untrusted = sk_X509_num(ctx->chain);
-                     retry = 1;
-                     break;
-                 }
--- a/srcpkgs/iojs/template
+++ b/srcpkgs/iojs/template
@ -1,7 +1,7 @@
 # Template file for 'iojs'
 pkgname=iojs
-version=2.3.3
-revision=2
+version=2.3.4
+revision=1
 wrksrc=iojs-v${version}
 hostmakedepends="pkg-config python"
 makedepends="zlib-devel python-devel
@ -13,7 +13,7 @@ maintainer="Enno Boland <gottox@voidlinux.eu>"
 license="MIT"
 homepage="http://iojs.org/"
 distfiles="${homepage}/dist/v${version}/${pkgname}-v${version}.tar.gz"
-checksum=0384ea20739124c27dc9b47b8079f0c75efb33c7011c45f02243e9a015f8cd89
+checksum=18aeb8ad79b549f45caf6e4baa421046a0cd8f60102ac0986f19b19174962cc1
 provides="nodejs-0.12.1_1"
 conflicts="nodejs>=0"
 build_options="ssl libuv http_parser"