Skip to content

Commit a83096a

Browse files
gireeshpunathiljasnell
authored andcommitted
src: improve SSL version extraction logic
The openssl version as defined in ssl libraries is complex. The current logic to extract the major.minor.patch format uses C semantics to loop through the text and search for specific patterns. Use C++ string to tidy it up. PR-URL: #23050 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: Colin Ihrig <cjihrig@gmail.com> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
1 parent 3663fc8 commit a83096a

File tree

3 files changed

+21
-38
lines changed

3 files changed

+21
-38
lines changed

src/node.cc

+5-38
Original file line numberDiff line numberDiff line change
@@ -232,24 +232,7 @@ class NodeTraceStateObserver :
232232
trace_process->SetString("napi", node_napi_version);
233233

234234
#if HAVE_OPENSSL
235-
// Stupid code to slice out the version string.
236-
{ // NOLINT(whitespace/braces)
237-
size_t i, j, k;
238-
int c;
239-
for (i = j = 0, k = sizeof(OPENSSL_VERSION_TEXT) - 1; i < k; ++i) {
240-
c = OPENSSL_VERSION_TEXT[i];
241-
if ('0' <= c && c <= '9') {
242-
for (j = i + 1; j < k; ++j) {
243-
c = OPENSSL_VERSION_TEXT[j];
244-
if (c == ' ')
245-
break;
246-
}
247-
break;
248-
}
249-
}
250-
trace_process->SetString("openssl",
251-
std::string(&OPENSSL_VERSION_TEXT[i], j - i));
252-
}
235+
trace_process->SetString("openssl", crypto::GetOpenSSLVersion());
253236
#endif
254237
trace_process->EndDictionary();
255238

@@ -1762,26 +1745,10 @@ void SetupProcessObject(Environment* env,
17621745
FIXED_ONE_BYTE_STRING(env->isolate(), node_napi_version));
17631746

17641747
#if HAVE_OPENSSL
1765-
// Stupid code to slice out the version string.
1766-
{ // NOLINT(whitespace/braces)
1767-
size_t i, j, k;
1768-
int c;
1769-
for (i = j = 0, k = sizeof(OPENSSL_VERSION_TEXT) - 1; i < k; ++i) {
1770-
c = OPENSSL_VERSION_TEXT[i];
1771-
if ('0' <= c && c <= '9') {
1772-
for (j = i + 1; j < k; ++j) {
1773-
c = OPENSSL_VERSION_TEXT[j];
1774-
if (c == ' ')
1775-
break;
1776-
}
1777-
break;
1778-
}
1779-
}
1780-
READONLY_PROPERTY(
1781-
versions,
1782-
"openssl",
1783-
OneByteString(env->isolate(), &OPENSSL_VERSION_TEXT[i], j - i));
1784-
}
1748+
READONLY_PROPERTY(
1749+
versions,
1750+
"openssl",
1751+
OneByteString(env->isolate(), crypto::GetOpenSSLVersion().c_str()));
17851752
#endif
17861753

17871754
// process.arch

src/node_crypto.cc

+15
Original file line numberDiff line numberDiff line change
@@ -5734,6 +5734,21 @@ void Initialize(Local<Object> target,
57345734
#endif // OPENSSL_NO_SCRYPT
57355735
}
57365736

5737+
constexpr int search(const char* s, int n, int c) {
5738+
return *s == c ? n : search(s + 1, n + 1, c);
5739+
}
5740+
5741+
std::string GetOpenSSLVersion() {
5742+
// sample openssl version string format
5743+
// for reference: "OpenSSL 1.1.0i 14 Aug 2018"
5744+
char buf[128];
5745+
const int start = search(OPENSSL_VERSION_TEXT, 0, ' ') + 1;
5746+
const int end = search(OPENSSL_VERSION_TEXT + start, start, ' ') + 1;
5747+
const int len = end - start;
5748+
snprintf(buf, len, "%.*s\n", len, &OPENSSL_VERSION_TEXT[start]);
5749+
return std::string(buf);
5750+
}
5751+
57375752
} // namespace crypto
57385753
} // namespace node
57395754

src/node_crypto.h

+1
Original file line numberDiff line numberDiff line change
@@ -93,6 +93,7 @@ extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);
9393
extern void UseExtraCaCerts(const std::string& file);
9494

9595
void InitCryptoOnce();
96+
std::string GetOpenSSLVersion();
9697

9798
class SecureContext : public BaseObject {
9899
public:

0 commit comments

Comments
 (0)