Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls: move getAllowUnauthorized to internal/options #32917

Closed
wants to merge 1 commit into from
Closed

tls: move getAllowUnauthorized to internal/options #32917

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
17 changes: 5 additions & 12 deletions lib/_tls_wrap.js
View file
Open in desktop
Expand Up @@ -70,7 +70,10 @@ const {
ERR_TLS_INVALID_STATE
} = codes;
const { onpskexchange: kOnPskExchange } = internalBinding('symbols');
const { getOptionValue } = require('internal/options');
const {
getOptionValue,
getAllowUnauthorized,
} = require('internal/options');
const {
validateString,
validateBuffer,
Expand Down Expand Up @@ -1533,22 +1536,12 @@ function onConnectEnd() {
}
}

let warnOnAllowUnauthorized = true;

// Arguments: [port,] [host,] [options,] [cb]
exports.connect = function connect(...args) {
args = normalizeConnectArgs(args);
let options = args[0];
const cb = args[1];
const allowUnauthorized = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0';

if (allowUnauthorized && warnOnAllowUnauthorized) {
warnOnAllowUnauthorized = false;
process.emitWarning('Setting the NODE_TLS_REJECT_UNAUTHORIZED ' +
'environment variable to \'0\' makes TLS connections ' +
'and HTTPS requests insecure by disabling ' +
'certificate verification.');
}
const allowUnauthorized = getAllowUnauthorized();

options = {
rejectUnauthorized: !allowUnauthorized,
Expand Down
19 changes: 18 additions & 1 deletion lib/internal/options.js
View file
Open in desktop
Expand Up @@ -3,6 +3,8 @@
const { getOptions } = internalBinding('options');
const { options, aliases } = getOptions();

let warnOnAllowUnauthorized = true;

function getOptionValue(option) {
const result = options.get(option);
if (!result) {
Expand All @@ -11,8 +13,23 @@ function getOptionValue(option) {
return result.value;
}

function getAllowUnauthorized() {
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Non-blocking nit: IMO the name isn't ideal since it also conditionally prints a warning. Unfortunately, an alternative name isn't coming to mind right away.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can rename later if one comes to mind

const allowUnauthorized = process.env.NODE_TLS_REJECT_UNAUTHORIZED === '0';

if (allowUnauthorized && warnOnAllowUnauthorized) {
warnOnAllowUnauthorized = false;
process.emitWarning(
'Setting the NODE_TLS_REJECT_UNAUTHORIZED ' +
'environment variable to \'0\' makes TLS connections ' +
'and HTTPS requests insecure by disabling ' +
'certificate verification.');
}
return allowUnauthorized;
}

module.exports = {
options,
aliases,
getOptionValue
getOptionValue,
getAllowUnauthorized,
};