New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

crypto: remove root_cert_store from node_crypto.h #13194

Closed
wants to merge 2 commits into
base: master
from

Conversation

Projects
None yet
8 participants
@danbev
Member

danbev commented May 24, 2017

root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • commit message follows commit guidelines
Affected core subsystem(s)

crypto

crypto: remove root_cert_store from node_crypto.h
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.
@danbev

This comment has been minimized.

Show comment
Hide comment
@bnoordhuis

LGTM. Maybe make root_certs and extra_root_certs_file static while you are here.

@danbev

This comment has been minimized.

Show comment
Hide comment
@danbev

danbev May 24, 2017

Member

Maybe make root_certs and extra_root_certs_file static while you are here.

Sounds good, I'll do that.

Member

danbev commented May 24, 2017

Maybe make root_certs and extra_root_certs_file static while you are here.

Sounds good, I'll do that.

@danbev

This comment has been minimized.

Show comment
Hide comment
@mhdawson

LGTM

danbev added a commit to danbev/node that referenced this pull request May 26, 2017

crypto: remove root_cert_store from node_crypto.h
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

PR-URL: nodejs#13194
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
@danbev

This comment has been minimized.

Show comment
Hide comment
@danbev

danbev May 26, 2017

Member

Landed in 49e91e2

Member

danbev commented May 26, 2017

Landed in 49e91e2

@danbev danbev closed this May 26, 2017

@danbev danbev deleted the danbev:remove-extern-root_cert_store branch May 26, 2017

jasnell added a commit that referenced this pull request May 28, 2017

crypto: remove root_cert_store from node_crypto.h
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

PR-URL: #13194
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>

@jasnell jasnell referenced this pull request May 28, 2017

Closed

8.0.0 Release Proposal #12220

@gibfahn gibfahn referenced this pull request Jun 15, 2017

Closed

Auditing for 6.11.1 #230

2 of 3 tasks complete
@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins Jul 17, 2017

Member

This does not land cleanly in LTS. Please feel free to manually backport. Please also feel free to replace the backport request label with do-not-land if it shouldn't land

Member

MylesBorins commented Jul 17, 2017

This does not land cleanly in LTS. Please feel free to manually backport. Please also feel free to replace the backport request label with do-not-land if it shouldn't land

@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github

sam-github Jul 21, 2017

Member

It will land clean if #12788 is landed, I think they both should be, they are minor low-risk cleanups, and landing them will reduce future conflicts.

Member

sam-github commented Jul 21, 2017

It will land clean if #12788 is landed, I think they both should be, they are minor low-risk cleanups, and landing them will reduce future conflicts.

sam-github added a commit that referenced this pull request Jul 21, 2017

crypto: remove root_cert_store from node_crypto.h
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

PR-URL: #13194
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
@sam-github

This comment has been minimized.

Show comment
Hide comment
@sam-github

sam-github Jul 21, 2017

Member

landed on v6.x-staging, @nodejs/backporting

Member

sam-github commented Jul 21, 2017

landed on v6.x-staging, @nodejs/backporting

MylesBorins added a commit that referenced this pull request Aug 1, 2017

crypto: remove root_cert_store from node_crypto.h
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

PR-URL: #13194
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>

MylesBorins added a commit that referenced this pull request Aug 12, 2017

crypto: remove root_cert_store from node_crypto.h
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

PR-URL: #13194
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>

@MylesBorins MylesBorins referenced this pull request Aug 16, 2017

Merged

v6.11.3-proposal #14852

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment