Permalink
Browse files

Option to disable SSL v2

Fixes #880
1 parent b96ae66 commit f23c45f7f46143c225696b57422234d746698b73 @kapouer kapouer committed with ry Jun 3, 2011
Showing with 24 additions and 0 deletions.
  1. +12 −0 src/node_crypto.cc
  2. +12 −0 wscript
View
@@ -98,11 +98,23 @@ Handle<Value> SecureContext::Init(const Arguments& args) {
String::Utf8Value sslmethod(args[0]->ToString());
if (strcmp(*sslmethod, "SSLv2_method") == 0) {
+#ifndef OPENSSL_NO_SSL2
method = SSLv2_method();
+#else
+ return ThrowException(Exception::Error(String::New("SSLv2 methods disabled")));
+#endif
} else if (strcmp(*sslmethod, "SSLv2_server_method") == 0) {
+#ifndef OPENSSL_NO_SSL2
method = SSLv2_server_method();
+#else
+ return ThrowException(Exception::Error(String::New("SSLv2 methods disabled")));
+#endif
} else if (strcmp(*sslmethod, "SSLv2_client_method") == 0) {
+#ifndef OPENSSL_NO_SSL2
method = SSLv2_client_method();
+#else
+ return ThrowException(Exception::Error(String::New("SSLv2 methods disabled")));
+#endif
} else if (strcmp(*sslmethod, "SSLv3_method") == 0) {
method = SSLv3_method();
} else if (strcmp(*sslmethod, "SSLv3_server_method") == 0) {
View
@@ -143,6 +143,13 @@ def set_options(opt):
, dest='openssl_libpath'
)
+ opt.add_option( '--no-ssl2'
+ , action='store_true'
+ , default=False
+ , help="Disable OpenSSL v2"
+ , dest='openssl_nov2'
+ )
+
opt.add_option( '--gdb'
, action='store_true'
, default=False
@@ -279,6 +286,11 @@ def configure(conf):
if not Options.options.without_ssl:
# Don't override explicitly supplied openssl paths with pkg-config results.
explicit_openssl = o.openssl_includes or o.openssl_libpath
+
+ # Disable ssl v2 methods
+ if o.openssl_nov2:
+ conf.env.append_value("CPPFLAGS", "-DOPENSSL_NO_SSL2=1")
+
if not explicit_openssl and conf.check_cfg(package='openssl',
args='--cflags --libs',
uselib_store='OPENSSL'):

0 comments on commit f23c45f

Please sign in to comment.