mirrors/electron
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions 1

feat: support NODE_EXTRA_CA_CERTS (#41822)

Browse source 
* feat: support NODE_EXTRA_CA_CERTS

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: allow disabling NODE_EXTRA_CA_CERTS

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: call base::Environment::UnSetVar

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* docs: link to fuses from env vars

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* chore: update patch to match upstream

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* docs: note enabled by default

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

* Update environment-variables.md

Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>

Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>

---------

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: Shelley Vohr <shelley.vohr@gmail.com>
This commit is contained in:
trop[bot] 2024-04-15 12:22:39 -07:00 committed by GitHub
parent cf1087badd
commit c37c7fd3c4
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 57 additions and 9 deletions
Download patch file Download diff file Expand all files Collapse all files

2
patches/node/feat_optionally_prevent_calling_v8_enablewebassemblytraphandler.patch
View file

@ -10,7 +10,7 @@ already been called.
This should be upstreamed.
diff --git a/src/node.cc b/src/node.cc
index 524f80ee69ee5248e045a2b61faf5610c9ba4285..971668792eabe5be299849b5a3fd8a2790a2210a 100644
index 1d77a8b31cb0bfbeeeac594b6e1ac7dd303c902d..dadddf33527beebfcde12214da4084badbd27af1 100644
--- a/src/node.cc
+++ b/src/node.cc
@@ -605,6 +605,7 @@ static void PlatformInit(ProcessInitializationFlags::Flags flags) {

30
patches/node/fix_handle_boringssl_and_openssl_incompatibilities.patch
View file

@ -373,6 +373,36 @@ index 5734d8fdc5505e1586f571c19b840bd56e9c9f1f..3034b114e081e2b32dd5b71653927a41
}
} // namespace
diff --git a/src/node.cc b/src/node.cc
index 524f80ee69ee5248e045a2b61faf5610c9ba4285..1d77a8b31cb0bfbeeeac594b6e1ac7dd303c902d 100644
--- a/src/node.cc
+++ b/src/node.cc
@@ -1027,7 +1027,8 @@ InitializeOncePerProcessInternal(const std::vector<std::string>& args,
}
if (!(flags & ProcessInitializationFlags::kNoInitOpenSSL)) {
-#if HAVE_OPENSSL && !defined(OPENSSL_IS_BORINGSSL)
+#if HAVE_OPENSSL
+#if !defined(OPENSSL_IS_BORINGSSL)
auto GetOpenSSLErrorString = []() -> std::string {
std::string ret;
ERR_print_errors_cb(
@@ -1127,13 +1128,13 @@ InitializeOncePerProcessInternal(const std::vector<std::string>& args,
CHECK(crypto::CSPRNG(buffer, length).is_ok());
return true;
});
-
+#endif // !defined(OPENSSL_IS_BORINGSSL)
{
std::string extra_ca_certs;
if (credentials::SafeGetenv("NODE_EXTRA_CA_CERTS", &extra_ca_certs))
crypto::UseExtraCaCerts(extra_ca_certs);
}
-#endif // HAVE_OPENSSL && !defined(OPENSSL_IS_BORINGSSL)
+#endif // HAVE_OPENSSL
}
if (!(flags & ProcessInitializationFlags::kNoInitializeNodeV8Platform)) {
diff --git a/src/node_metadata.cc b/src/node_metadata.cc
index b88cfb98e75aca426224e19376b3ff4c23b92e53..b66f4e2b5cbd8f36af42f82a8921207302360e39 100644
--- a/src/node_metadata.cc