crypto: remove root_cert_store from node_crypto.h

root_cert_store is defined as extern in node_crypto.h but only used in node_crypto.cc. It is then set using SSL_CTX_set_cert_store. The only usages of SSL_CTX_get_cert_store are in node_crypto.cc which would all be accessing the same X509_STORE through the root_cert_store pointer as far as I can tell. Am I missing something here? This commit suggests removing it from the header and making it static in node_crypto.cc. PR-URL: https://github.com/nodejs/node/pull/13194 Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
8 years ago · 5900ebe9e4
2 changed files with 3 additions and 5 deletions
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@ -120,13 +120,13 @@ static X509_NAME *cnnic_ev_name =

 static Mutex* mutexes;

-const char* const root_certs[] = {
+static const char* const root_certs[] = {
 #include "node_root_certs.h"  // NOLINT(build/include_order)
 };

-std::string extra_root_certs_file;  // NOLINT(runtime/string)
+static std::string extra_root_certs_file;  // NOLINT(runtime/string)

-X509_STORE* root_cert_store;
+static X509_STORE* root_cert_store;

 // Just to generate static methods
 template class SSLWrap<TLSWrap>;
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@ -63,8 +63,6 @@ enum CheckResult {

 extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);

-extern X509_STORE* root_cert_store;
-
 extern void UseExtraCaCerts(const std::string& file);

 // Forward declaration