Skip to content

Commit

Permalink
crypto: remove root_cert_store from node_crypto.h
Browse files Browse the repository at this point in the history
root_cert_store is defined as extern in node_crypto.h but only used in
node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only
usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all
be accessing the same X509_STORE through the root_cert_store pointer as
far as I can tell. Am I missing something here?

This commit suggests removing it from the header and making it static
in node_crypto.cc.

PR-URL: #13194
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
  • Loading branch information
danbev authored and MylesBorins committed Aug 12, 2017
1 parent 9ca67e0 commit 5900ebe
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 5 deletions.
6 changes: 3 additions & 3 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -120,13 +120,13 @@ static X509_NAME *cnnic_ev_name =

static Mutex* mutexes;

const char* const root_certs[] = {
static const char* const root_certs[] = {
#include "node_root_certs.h" // NOLINT(build/include_order)
};

std::string extra_root_certs_file; // NOLINT(runtime/string)
static std::string extra_root_certs_file; // NOLINT(runtime/string)

X509_STORE* root_cert_store;
static X509_STORE* root_cert_store;

// Just to generate static methods
template class SSLWrap<TLSWrap>;
Expand Down
2 changes: 0 additions & 2 deletions src/node_crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -63,8 +63,6 @@ enum CheckResult {

extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);

extern X509_STORE* root_cert_store;

extern void UseExtraCaCerts(const std::string& file);

// Forward declaration
Expand Down

0 comments on commit 5900ebe

Please sign in to comment.