Skip to content

Commit

Permalink
src: improve SSL version extraction logic
Browse files Browse the repository at this point in the history
The openssl version as defined in ssl libraries is complex.
The current logic to extract the major.minor.patch format
uses C semantics to loop through the text and search for
specific patterns. Use C++ string to tidy it up.

PR-URL: nodejs#23050
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
  • Loading branch information
gireeshpunathil authored and addaleax committed Oct 12, 2018
1 parent 82ea705 commit d3d6cd3
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 38 deletions.
43 changes: 5 additions & 38 deletions src/node.cc
Original file line number Diff line number Diff line change
Expand Up @@ -232,24 +232,7 @@ class NodeTraceStateObserver :
trace_process->SetString("napi", node_napi_version);

#if HAVE_OPENSSL
// Stupid code to slice out the version string.
{ // NOLINT(whitespace/braces)
size_t i, j, k;
int c;
for (i = j = 0, k = sizeof(OPENSSL_VERSION_TEXT) - 1; i < k; ++i) {
c = OPENSSL_VERSION_TEXT[i];
if ('0' <= c && c <= '9') {
for (j = i + 1; j < k; ++j) {
c = OPENSSL_VERSION_TEXT[j];
if (c == ' ')
break;
}
break;
}
}
trace_process->SetString("openssl",
std::string(&OPENSSL_VERSION_TEXT[i], j - i));
}
trace_process->SetString("openssl", crypto::GetOpenSSLVersion());
#endif
trace_process->EndDictionary();

Expand Down Expand Up @@ -1762,26 +1745,10 @@ void SetupProcessObject(Environment* env,
FIXED_ONE_BYTE_STRING(env->isolate(), node_napi_version));

#if HAVE_OPENSSL
// Stupid code to slice out the version string.
{ // NOLINT(whitespace/braces)
size_t i, j, k;
int c;
for (i = j = 0, k = sizeof(OPENSSL_VERSION_TEXT) - 1; i < k; ++i) {
c = OPENSSL_VERSION_TEXT[i];
if ('0' <= c && c <= '9') {
for (j = i + 1; j < k; ++j) {
c = OPENSSL_VERSION_TEXT[j];
if (c == ' ')
break;
}
break;
}
}
READONLY_PROPERTY(
versions,
"openssl",
OneByteString(env->isolate(), &OPENSSL_VERSION_TEXT[i], j - i));
}
READONLY_PROPERTY(
versions,
"openssl",
OneByteString(env->isolate(), crypto::GetOpenSSLVersion().c_str()));
#endif

// process.arch
Expand Down
15 changes: 15 additions & 0 deletions src/node_crypto.cc
Original file line number Diff line number Diff line change
Expand Up @@ -5734,6 +5734,21 @@ void Initialize(Local<Object> target,
#endif // OPENSSL_NO_SCRYPT
}

constexpr int search(const char* s, int n, int c) {
return *s == c ? n : search(s + 1, n + 1, c);
}

std::string GetOpenSSLVersion() {
// sample openssl version string format
// for reference: "OpenSSL 1.1.0i 14 Aug 2018"
char buf[128];
const int start = search(OPENSSL_VERSION_TEXT, 0, ' ') + 1;
const int end = search(OPENSSL_VERSION_TEXT + start, start, ' ') + 1;
const int len = end - start;
snprintf(buf, len, "%.*s\n", len, &OPENSSL_VERSION_TEXT[start]);
return std::string(buf);
}

} // namespace crypto
} // namespace node

Expand Down
1 change: 1 addition & 0 deletions src/node_crypto.h
Original file line number Diff line number Diff line change
Expand Up @@ -93,6 +93,7 @@ extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);
extern void UseExtraCaCerts(const std::string& file);

void InitCryptoOnce();
std::string GetOpenSSLVersion();

class SecureContext : public BaseObject {
public:
Expand Down

0 comments on commit d3d6cd3

Please sign in to comment.