Skip to content

Commit

Permalink
tls: replace forEach with for
Browse files Browse the repository at this point in the history
PR-URL: nodejs/node#15053
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
  • Loading branch information
mscdex authored and addaleax committed Sep 5, 2017
1 parent 298110e commit 9966422
Showing 1 changed file with 34 additions and 25 deletions.
59 changes: 34 additions & 25 deletions lib/_tls_common.js
Original file line number Diff line number Diff line change
Expand Up @@ -73,50 +73,60 @@ exports.createSecureContext = function createSecureContext(options, context) {

var c = new SecureContext(options.secureProtocol, secureOptions, context);
var i;
var val;

if (context) return c;

// NOTE: It's important to add CA before the cert to be able to load
// cert's issuer in C++ code.
if (options.ca) {
if (Array.isArray(options.ca)) {
options.ca.forEach((ca) => {
validateKeyCert(ca, 'ca');
c.context.addCACert(ca);
});
var ca = options.ca;
if (ca !== undefined) {
if (Array.isArray(ca)) {
for (i = 0; i < ca.length; ++i) {
val = ca[i];
validateKeyCert(val, 'ca');
c.context.addCACert(val);
}
} else {
validateKeyCert(options.ca, 'ca');
c.context.addCACert(options.ca);
validateKeyCert(ca, 'ca');
c.context.addCACert(ca);
}
} else {
c.context.addRootCerts();
}

if (options.cert) {
if (Array.isArray(options.cert)) {
options.cert.forEach((cert) => {
validateKeyCert(cert, 'cert');
c.context.setCert(cert);
});
var cert = options.cert;
if (cert !== undefined) {
if (Array.isArray(cert)) {
for (i = 0; i < cert.length; ++i) {
val = cert[i];
validateKeyCert(val, 'cert');
c.context.setCert(val);
}
} else {
validateKeyCert(options.cert, 'cert');
c.context.setCert(options.cert);
validateKeyCert(cert, 'cert');
c.context.setCert(cert);
}
}

// NOTE: It is important to set the key after the cert.
// `ssl_set_pkey` returns `0` when the key does not match the cert, but
// `ssl_set_cert` returns `1` and nullifies the key in the SSL structure
// which leads to the crash later on.
if (options.key) {
if (Array.isArray(options.key)) {
options.key.forEach((k) => {
validateKeyCert(k.pem || k, 'key');
c.context.setKey(k.pem || k, k.passphrase || options.passphrase);
});
var key = options.key;
var passphrase = options.passphrase;
if (key !== undefined) {
if (Array.isArray(key)) {
for (i = 0; i < key.length; ++i) {
val = key[i];
// eslint-disable-next-line eqeqeq
const pem = (val != undefined && val.pem !== undefined ? val.pem : val);
validateKeyCert(pem, 'key');
c.context.setKey(pem, val.passphrase || passphrase);
}
} else {
validateKeyCert(options.key, 'key');
c.context.setKey(options.key, options.passphrase);
validateKeyCert(key, 'key');
c.context.setKey(key, passphrase);
}
}

Expand Down Expand Up @@ -152,7 +162,6 @@ exports.createSecureContext = function createSecureContext(options, context) {

if (options.pfx) {
var pfx = options.pfx;
var passphrase = options.passphrase;

if (!crypto)
crypto = require('crypto');
Expand Down

0 comments on commit 9966422

Please sign in to comment.