Nodejs/node
1
0
Fork 0
mirror of https://github.com/nodejs/node.git synced 2024-11-21 10:59:27 +00:00
Code Issues Actions 25 Packages Projects Releases Wiki Activity

tls: move getAllowUnauthorized to internal/options

Browse Source 
Make it so that the allow unauthorized warning can be easily reused
by the QUIC impl once that lands.

Extracted from https://github.com/nodejs/node/pull/32379

Signed-off-by: James M Snell <jasnell@gmail.com>

PR-URL: https://github.com/nodejs/node/pull/32917
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
This commit is contained in:
James M Snell 2020-04-18 11:25:04 -07:00
parent 91ca22106c
commit 14aa313186
No known key found for this signature in database
GPG Key ID: 7341B15C070877AC
2 changed files with 23 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
lib/_tls_wrap.js
View File

@ -70,7 +70,10 @@ const {
ERR_TLS_INVALID_STATE
} = codes;
const { onpskexchange: kOnPskExchange } = internalBinding('symbols');
const { getOptionValue } = require('internal/options');
const {
getOptionValue,
getAllowUnauthorized,
} = require('internal/options');
const {
validateString,
validateBuffer,
@ -1533,22 +1536,12 @@ function onConnectEnd() {
}
}
let warnOnAllowUnauthorized = true;
// Arguments: [port,] [host,] [options,] [cb]
exports.connect = function connect(...args) {
args = normalizeConnectArgs(args);
let options = args[0];
const cb = args[1];
const allowUnauthorized = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0';
if (allowUnauthorized && warnOnAllowUnauthorized) {
warnOnAllowUnauthorized = false;
process.emitWarning('Setting the NODE_TLS_REJECT_UNAUTHORIZED ' +
'environment variable to \'0\' makes TLS connections ' +
'and HTTPS requests insecure by disabling ' +
'certificate verification.');
}
const allowUnauthorized = getAllowUnauthorized();
options = {
rejectUnauthorized: !allowUnauthorized,

19
lib/internal/options.js
View File

@ -3,6 +3,8 @@
const { getOptions } = internalBinding('options');
const { options, aliases } = getOptions();
let warnOnAllowUnauthorized = true;
function getOptionValue(option) {
const result = options.get(option);
if (!result) {
@ -11,8 +13,23 @@ function getOptionValue(option) {
return result.value;
}
function getAllowUnauthorized() {
const allowUnauthorized = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0';
if (allowUnauthorized && warnOnAllowUnauthorized) {
warnOnAllowUnauthorized = false;
process.emitWarning(
'Setting the NODE_TLS_REJECT_UNAUTHORIZED ' +
'environment variable to \'0\' makes TLS connections ' +
'and HTTPS requests insecure by disabling ' +
'certificate verification.');
}
return allowUnauthorized;
}
module.exports = {
options,
aliases,
getOptionValue
getOptionValue,
getAllowUnauthorized,
};