crypto: use system CAs instead of bundled ones by AdamMajer · Pull Request #8334 · nodejs/node
added
c++
labels
Aug 30, 2016
jasnell
changed the title
Distro crypto
crypto: use system CAs instead of bundled ones
targos pushed a commit that referenced this pull request
Jan 28, 2017
PR-URL: #8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request
Jan 30, 2017
The pointer to std::vector is unnecessary, so replace it with standard instance. Also, make the for() loop more readable by using actual type instead of inferred - there is no readability benefit here from obfuscating the type. PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request
Jan 30, 2017
NodeJS can already use an external, shared OpenSSL library. This library knows where to look for OS managed certificates. Allow a compile-time option to use this CA store by default instead of using bundled certificates. In case when using bundled OpenSSL, the paths are also valid for majority of Linux systems without additional intervention. If this is not set, we can use SSL_CERT_DIR to point it to correct location. Fixes: nodejs#3159 PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request
Jan 30, 2017
PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request
Jan 30, 2017
The pointer to std::vector is unnecessary, so replace it with standard instance. Also, make the for() loop more readable by using actual type instead of inferred - there is no readability benefit here from obfuscating the type. PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request
Jan 30, 2017
NodeJS can already use an external, shared OpenSSL library. This library knows where to look for OS managed certificates. Allow a compile-time option to use this CA store by default instead of using bundled certificates. In case when using bundled OpenSSL, the paths are also valid for majority of Linux systems without additional intervention. If this is not set, we can use SSL_CERT_DIR to point it to correct location. Fixes: nodejs#3159 PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
italoacasas pushed a commit to italoacasas/node that referenced this pull request
Jan 30, 2017
PR-URL: nodejs#8334 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
evanlucas added a commit that referenced this pull request
Jan 31, 2017
Notable changes: * crypto: * ability to select cert store at runtime (Adam Majer) #8334 * Use system CAs instead of using bundled ones (Adam Majer) #8334 * deps: * upgrade npm to 4.1.2 (Kat Marchán) #11020 * upgrade openssl sources to 1.0.2k (Shigeki Ohtsu) #11021 * doc: add basic documentation for WHATWG URL API (James M Snell) #10620 * process: add NODE_NO_WARNINGS environment variable (cjihrig) #10842 * url: allow use of URL with http.request and https.request (James M Snell) #10638 PR-URL: #11062
evanlucas added a commit that referenced this pull request
Feb 1, 2017
Notable changes: * crypto: * ability to select cert store at runtime (Adam Majer) #8334 * Use system CAs instead of using bundled ones (Adam Majer) #8334 * deps: * upgrade npm to 4.1.2 (Kat Marchán) #11020 * upgrade openssl sources to 1.0.2k (Shigeki Ohtsu) #11021 * doc: add basic documentation for WHATWG URL API (James M Snell) #10620 * process: add NODE_NO_WARNINGS environment variable (cjihrig) #10842 * url: allow use of URL with http.request and https.request (James M Snell) #10638 PR-URL: #11062
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters