Skip to content
This repository was archived by the owner on Apr 22, 2023. It is now read-only.

Commit 6c8593d

Browse files
tjfontainetjfontaine
committed
crypto: move disaling SSLv2/3 into JavaScript
1 parent 226c986 commit 6c8593d

File tree

2 files changed

+22
-12
lines changed

2 files changed

+22
-12
lines changed

lib/crypto.js

Lines changed: 18 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,8 @@ try {
3737
var crypto = false;
3838
}
3939

40+
var constants = process.binding('constants');
41+
4042
var stream = require('stream');
4143
var util = require('util');
4244

@@ -57,6 +59,8 @@ function toBuf(str, encoding) {
5759
var assert = require('assert');
5860
var StringDecoder = require('string_decoder').StringDecoder;
5961

62+
var CONTEXT_DEFAULT_OPTIONS = undefined;
63+
6064
function Credentials(secureProtocol, flags, context) {
6165
if (!(this instanceof Credentials)) {
6266
return new Credentials(secureProtocol, flags, context);
@@ -78,7 +82,20 @@ function Credentials(secureProtocol, flags, context) {
7882
}
7983
}
8084

81-
if (flags) this.context.setOptions(flags);
85+
if (CONTEXT_DEFAULT_OPTIONS === undefined) {
86+
CONTEXT_DEFAULT_OPTIONS = 0;
87+
88+
if (!binding.SSL3_ENABLE)
89+
CONTEXT_DEFAULT_OPTIONS |= constants.SSL_OP_NO_SSLv3;
90+
91+
if (!binding.SSL2_ENABLE)
92+
CONTEXT_DEFAULT_OPTIONS |= constants.SSL_OP_NO_SSLv2;
93+
}
94+
95+
if (flags === undefined)
96+
flags = CONTEXT_DEFAULT_OPTIONS;
97+
98+
this.context.setOptions(flags);
8299
}
83100

84101
exports.Credentials = Credentials;

src/node_crypto.cc

Lines changed: 4 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -335,16 +335,6 @@ Handle<Value> SecureContext::Init(const Arguments& args) {
335335
SSL_CTX_sess_set_get_cb(sc->ctx_, GetSessionCallback);
336336
SSL_CTX_sess_set_new_cb(sc->ctx_, NewSessionCallback);
337337

338-
int options = 0;
339-
340-
if (!SSL2_ENABLE)
341-
options |= SSL_OP_NO_SSLv2;
342-
343-
if (!SSL3_ENABLE)
344-
options |= SSL_OP_NO_SSLv3;
345-
346-
SSL_CTX_set_options(sc->ctx_, options);
347-
348338
sc->ca_store_ = NULL;
349339
return True();
350340
}
@@ -705,7 +695,7 @@ Handle<Value> SecureContext::SetOptions(const Arguments& args) {
705695

706696
SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());
707697

708-
if (args.Length() != 1 || !args[0]->IntegerValue()) {
698+
if (args.Length() != 1 && !args[0]->IsUint32()) {
709699
return ThrowException(Exception::TypeError(String::New("Bad parameter")));
710700
}
711701

@@ -4295,6 +4285,9 @@ void InitCrypto(Handle<Object> target) {
42954285
name_symbol = NODE_PSYMBOL("name");
42964286
version_symbol = NODE_PSYMBOL("version");
42974287
ext_key_usage_symbol = NODE_PSYMBOL("ext_key_usage");
4288+
4289+
NODE_DEFINE_CONSTANT(target, SSL3_ENABLE);
4290+
NODE_DEFINE_CONSTANT(target, SSL2_ENABLE);
42984291
}
42994292

43004293
} // namespace crypto

0 commit comments

Comments
 (0)