49 lines
1.7 KiB
Diff
49 lines
1.7 KiB
Diff
Source: https://github.com/nodejs/node/pull/8334
|
|
Author: Adam Majer <amajer@suse.de>
|
|
Summary: add option to use system CA store
|
|
|
|
Index: node-v4.8.1/configure
|
|
===================================================================
|
|
--- node-v4.8.1.orig/configure
|
|
+++ node-v4.8.1/configure
|
|
@@ -148,6 +148,11 @@ parser.add_option("--openssl-no-asm",
|
|
dest="openssl_no_asm",
|
|
help="Do not build optimized assembly for OpenSSL")
|
|
|
|
+parser.add_option('--openssl-use-def-ca-store',
|
|
+ action='store_true',
|
|
+ dest='use_openssl_ca_store',
|
|
+ help='Use OpenSSL supplied CA store instead of compiled-in Mozilla CA copy.')
|
|
+
|
|
parser.add_option('--openssl-fips',
|
|
action='store',
|
|
dest='openssl_fips',
|
|
@@ -905,6 +910,8 @@ def configure_openssl(o):
|
|
o['variables']['node_use_openssl'] = b(not options.without_ssl)
|
|
o['variables']['node_shared_openssl'] = b(options.shared_openssl)
|
|
o['variables']['openssl_no_asm'] = 1 if options.openssl_no_asm else 0
|
|
+ if options.use_openssl_ca_store:
|
|
+ o['defines'] += ['NODE_OPENSSL_CERT_STORE']
|
|
if options.openssl_fips:
|
|
o['variables']['openssl_fips'] = options.openssl_fips
|
|
fips_dir = os.path.join(root_dir, 'deps', 'openssl', 'fips')
|
|
Index: node-v4.8.1/src/node_crypto.cc
|
|
===================================================================
|
|
--- node-v4.8.1.orig/src/node_crypto.cc
|
|
+++ node-v4.8.1/src/node_crypto.cc
|
|
@@ -725,10 +725,14 @@ static X509_STORE* NewRootCertStore() {
|
|
}
|
|
|
|
X509_STORE* store = X509_STORE_new();
|
|
+#if defined(NODE_OPENSSL_CERT_STORE)
|
|
+ X509_STORE_set_default_paths(store);
|
|
+#else
|
|
for (auto& cert : *root_certs_vector) {
|
|
X509_up_ref(cert);
|
|
X509_STORE_add_cert(store, cert);
|
|
}
|
|
+#endif
|
|
|
|
return store;
|
|
}
|