Browse Source

Option to disable SSL v2

Fixes #880
v0.7.4-release
Jérémy Lal 14 years ago
committed by Ryan Dahl
parent
commit
f23c45f7f4
  1. 12
      src/node_crypto.cc
  2. 12
      wscript

12
src/node_crypto.cc

@ -98,11 +98,23 @@ Handle<Value> SecureContext::Init(const Arguments& args) {
String::Utf8Value sslmethod(args[0]->ToString()); String::Utf8Value sslmethod(args[0]->ToString());
if (strcmp(*sslmethod, "SSLv2_method") == 0) { if (strcmp(*sslmethod, "SSLv2_method") == 0) {
#ifndef OPENSSL_NO_SSL2
method = SSLv2_method(); method = SSLv2_method();
#else
return ThrowException(Exception::Error(String::New("SSLv2 methods disabled")));
#endif
} else if (strcmp(*sslmethod, "SSLv2_server_method") == 0) { } else if (strcmp(*sslmethod, "SSLv2_server_method") == 0) {
#ifndef OPENSSL_NO_SSL2
method = SSLv2_server_method(); method = SSLv2_server_method();
#else
return ThrowException(Exception::Error(String::New("SSLv2 methods disabled")));
#endif
} else if (strcmp(*sslmethod, "SSLv2_client_method") == 0) { } else if (strcmp(*sslmethod, "SSLv2_client_method") == 0) {
#ifndef OPENSSL_NO_SSL2
method = SSLv2_client_method(); method = SSLv2_client_method();
#else
return ThrowException(Exception::Error(String::New("SSLv2 methods disabled")));
#endif
} else if (strcmp(*sslmethod, "SSLv3_method") == 0) { } else if (strcmp(*sslmethod, "SSLv3_method") == 0) {
method = SSLv3_method(); method = SSLv3_method();
} else if (strcmp(*sslmethod, "SSLv3_server_method") == 0) { } else if (strcmp(*sslmethod, "SSLv3_server_method") == 0) {

12
wscript

@ -143,6 +143,13 @@ def set_options(opt):
, dest='openssl_libpath' , dest='openssl_libpath'
) )
opt.add_option( '--no-ssl2'
, action='store_true'
, default=False
, help="Disable OpenSSL v2"
, dest='openssl_nov2'
)
opt.add_option( '--gdb' opt.add_option( '--gdb'
, action='store_true' , action='store_true'
, default=False , default=False
@ -279,6 +286,11 @@ def configure(conf):
if not Options.options.without_ssl: if not Options.options.without_ssl:
# Don't override explicitly supplied openssl paths with pkg-config results. # Don't override explicitly supplied openssl paths with pkg-config results.
explicit_openssl = o.openssl_includes or o.openssl_libpath explicit_openssl = o.openssl_includes or o.openssl_libpath
# Disable ssl v2 methods
if o.openssl_nov2:
conf.env.append_value("CPPFLAGS", "-DOPENSSL_NO_SSL2=1")
if not explicit_openssl and conf.check_cfg(package='openssl', if not explicit_openssl and conf.check_cfg(package='openssl',
args='--cflags --libs', args='--cflags --libs',
uselib_store='OPENSSL'): uselib_store='OPENSSL'):

Loading…
Cancel
Save