-
Notifications
You must be signed in to change notification settings - Fork 30k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
crypto: remove root_cert_store from node_crypto.h #13194
Conversation
root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Maybe make root_certs
and extra_root_certs_file
static while you are here.
Sounds good, I'll do that. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc. PR-URL: nodejs#13194 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Landed in 49e91e2 |
root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc. PR-URL: #13194 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
This does not land cleanly in LTS. Please feel free to manually backport. Please also feel free to replace the backport request label with do-not-land if it shouldn't land |
It will land clean if #12788 is landed, I think they both should be, they are minor low-risk cleanups, and landing them will reduce future conflicts. |
root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc. PR-URL: #13194 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
landed on v6.x-staging, @nodejs/backporting |
root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc. PR-URL: #13194 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc. PR-URL: #13194 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?
This commit suggests removing it from the header and making it static
in node_crypto.cc.
Checklist
make -j4 test
(UNIX), orvcbuild test
(Windows) passesAffected core subsystem(s)
crypto