crypto: add SecureContext.clearOptions() method

bnoordhuis · bnoordhuis · commit 6f8839d2ac36 · 2012-01-02T12:02:07.000+01:00
SecureContext.setOptions() is backed by SSL_CTX_set_options() which, contrary to
what the name suggests, is additive: it doesn't set options, it adds them to the
already active options.

Hence the need for SecureContext.clearOptions(), which lets you unset active
options.
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -166,6 +166,7 @@ void SecureContext::Initialize(Handle<Object> target) {
   NODE_SET_PROTOTYPE_METHOD(t, "addRootCerts", SecureContext::AddRootCerts);
   NODE_SET_PROTOTYPE_METHOD(t, "setCiphers", SecureContext::SetCiphers);
   NODE_SET_PROTOTYPE_METHOD(t, "setOptions", SecureContext::SetOptions);
+  NODE_SET_PROTOTYPE_METHOD(t, "clearOptions", SecureContext::ClearOptions);
   NODE_SET_PROTOTYPE_METHOD(t, "setSessionIdContext",
                                SecureContext::SetSessionIdContext);
   NODE_SET_PROTOTYPE_METHOD(t, "close", SecureContext::Close);
@@ -540,21 +541,23 @@ Handle<Value> SecureContext::SetCiphers(const Arguments& args) {
   return True();
 }
 
-Handle<Value> SecureContext::SetOptions(const Arguments& args) {
-  HandleScope scope;
-
-  SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());
-
-  if (args.Length() != 1 || !args[0]->IsUint32()) {
-    return ThrowException(Exception::TypeError(String::New("Bad parameter")));
+#define X(name, fn)                                                           \
+  Handle<Value> name(const Arguments& args) {                                 \
+    HandleScope scope;                                                        \
+    SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());     \
+    if (args.Length() != 1 || !args[0]->IsInt32()) {                          \
+      return ThrowException(                                                  \
+          Exception::TypeError(String::New("Bad parameter")));                \
+    }                                                                         \
+    fn(sc->ctx_, args[0]->Int32Value());                                      \
+    return True();                                                            \
   }
 
-  unsigned int opts = args[0]->Uint32Value();
-
-  SSL_CTX_set_options(sc->ctx_, opts);
+// can't use templates, SSL_CTX_set_options and SSL_CTX_clear_options are macros
+X(SecureContext::SetOptions,   SSL_CTX_set_options)
+X(SecureContext::ClearOptions, SSL_CTX_clear_options)
 
-  return True();
-}
+#undef X
 
 Handle<Value> SecureContext::SetSessionIdContext(const Arguments& args) {
   HandleScope scope;
diff --git a/src/node_crypto.h b/src/node_crypto.h
@@ -66,6 +66,7 @@ class SecureContext : ObjectWrap {
   static v8::Handle<v8::Value> AddRootCerts(const v8::Arguments& args);
   static v8::Handle<v8::Value> SetCiphers(const v8::Arguments& args);
   static v8::Handle<v8::Value> SetOptions(const v8::Arguments& args);
+  static v8::Handle<v8::Value> ClearOptions(const v8::Arguments& args);
   static v8::Handle<v8::Value> SetSessionIdContext(const v8::Arguments& args);
   static v8::Handle<v8::Value> Close(const v8::Arguments& args);
 
