nodejs/EPEL01-openssl101-compat.patch
2017-04-03 13:37:43 -04:00

30 lines
1.1 KiB
Diff

diff -ru a/src/node_crypto.cc b/src/node_crypto.cc
--- a/src/node_crypto.cc 2017-03-31 22:39:56.483283868 +0200
+++ b/src/node_crypto.cc 2017-03-31 22:45:36.250267750 +0200
@@ -851,8 +851,6 @@
}
}
- // Increment reference count so global store is not deleted along with CTX.
- X509_STORE_up_ref(root_cert_store);
SSL_CTX_set_cert_store(sc->ctx_, root_cert_store);
}
diff -ru a/src/node_crypto.h b/src/node_crypto.h
--- a/src/node_crypto.h 2017-03-21 20:43:33.000000000 +0100
+++ b/src/node_crypto.h 2017-03-31 22:43:15.548183432 +0200
@@ -145,6 +145,13 @@
}
env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
+ if (ctx_->cert_store == root_cert_store) {
+ // SSL_CTX_free() will attempt to free the cert_store as well.
+ // Since we want our root_cert_store to stay around forever
+ // we just clear the field. Hopefully OpenSSL will not modify this
+ // struct in future versions.
+ ctx_->cert_store = nullptr;
+ }
SSL_CTX_free(ctx_);
if (cert_ != nullptr)
X509_free(cert_);