diff options
| author | Tobias Nießen <tniessen@tnie.de> | 2020-07-12 22:40:54 +0200 |
|---|---|---|
| committer | Tobias Nießen <tniessen@tnie.de> | 2020-07-19 12:36:28 +0200 |
| commit | efd16672185e85611d995eec36474eaf1fed39cc (patch) | |
| tree | 3e44606aa4734a27a835ec837c2fdd3023efd42f | |
| parent | e3f8dc166a6969358821f3219bb7b2a709820887 (diff) | |
| download | node-new-efd16672185e85611d995eec36474eaf1fed39cc.tar.gz | |
src: avoid strcmp in SecureContext::Init
PR-URL: https://github.com/nodejs/node/pull/34329
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
| -rw-r--r-- | src/node_crypto.cc | 50 | ||||
| -rw-r--r-- | src/util.h | 4 |
2 files changed, 25 insertions, 29 deletions
diff --git a/src/node_crypto.cc b/src/node_crypto.cc index b95a1b8f3e..00f24cd9aa 100644 --- a/src/node_crypto.cc +++ b/src/node_crypto.cc @@ -572,73 +572,65 @@ void SecureContext::Init(const FunctionCallbackInfo<Value>& args) { // are still accepted. They are OpenSSL's way of saying that all known // protocols below TLS 1.3 are supported unless explicitly disabled (which // we do below for SSLv2 and SSLv3.) - if (strcmp(*sslmethod, "SSLv2_method") == 0) { + if (sslmethod == "SSLv2_method" || + sslmethod == "SSLv2_server_method" || + sslmethod == "SSLv2_client_method") { THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv2 methods disabled"); return; - } else if (strcmp(*sslmethod, "SSLv2_server_method") == 0) { - THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv2 methods disabled"); - return; - } else if (strcmp(*sslmethod, "SSLv2_client_method") == 0) { - THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv2 methods disabled"); - return; - } else if (strcmp(*sslmethod, "SSLv3_method") == 0) { - THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv3 methods disabled"); - return; - } else if (strcmp(*sslmethod, "SSLv3_server_method") == 0) { - THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv3 methods disabled"); - return; - } else if (strcmp(*sslmethod, "SSLv3_client_method") == 0) { + } else if (sslmethod == "SSLv3_method" || + sslmethod == "SSLv3_server_method" || + sslmethod == "SSLv3_client_method") { THROW_ERR_TLS_INVALID_PROTOCOL_METHOD(env, "SSLv3 methods disabled"); return; - } else if (strcmp(*sslmethod, "SSLv23_method") == 0) { + } else if (sslmethod == "SSLv23_method") { max_version = TLS1_2_VERSION; - } else if (strcmp(*sslmethod, "SSLv23_server_method") == 0) { + } else if (sslmethod == "SSLv23_server_method") { max_version = TLS1_2_VERSION; method = TLS_server_method(); - } else if (strcmp(*sslmethod, "SSLv23_client_method") == 0) { + } else if (sslmethod == "SSLv23_client_method") { max_version = TLS1_2_VERSION; method = TLS_client_method(); - } else if (strcmp(*sslmethod, "TLS_method") == 0) { + } else if (sslmethod == "TLS_method") { min_version = 0; max_version = MAX_SUPPORTED_VERSION; - } else if (strcmp(*sslmethod, "TLS_server_method") == 0) { + } else if (sslmethod == "TLS_server_method") { min_version = 0; max_version = MAX_SUPPORTED_VERSION; method = TLS_server_method(); - } else if (strcmp(*sslmethod, "TLS_client_method") == 0) { + } else if (sslmethod == "TLS_client_method") { min_version = 0; max_version = MAX_SUPPORTED_VERSION; method = TLS_client_method(); - } else if (strcmp(*sslmethod, "TLSv1_method") == 0) { + } else if (sslmethod == "TLSv1_method") { min_version = TLS1_VERSION; max_version = TLS1_VERSION; - } else if (strcmp(*sslmethod, "TLSv1_server_method") == 0) { + } else if (sslmethod == "TLSv1_server_method") { min_version = TLS1_VERSION; max_version = TLS1_VERSION; method = TLS_server_method(); - } else if (strcmp(*sslmethod, "TLSv1_client_method") == 0) { + } else if (sslmethod == "TLSv1_client_method") { min_version = TLS1_VERSION; max_version = TLS1_VERSION; method = TLS_client_method(); - } else if (strcmp(*sslmethod, "TLSv1_1_method") == 0) { + } else if (sslmethod == "TLSv1_1_method") { min_version = TLS1_1_VERSION; max_version = TLS1_1_VERSION; - } else if (strcmp(*sslmethod, "TLSv1_1_server_method") == 0) { + } else if (sslmethod == "TLSv1_1_server_method") { min_version = TLS1_1_VERSION; max_version = TLS1_1_VERSION; method = TLS_server_method(); - } else if (strcmp(*sslmethod, "TLSv1_1_client_method") == 0) { + } else if (sslmethod == "TLSv1_1_client_method") { min_version = TLS1_1_VERSION; max_version = TLS1_1_VERSION; method = TLS_client_method(); - } else if (strcmp(*sslmethod, "TLSv1_2_method") == 0) { + } else if (sslmethod == "TLSv1_2_method") { min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; - } else if (strcmp(*sslmethod, "TLSv1_2_server_method") == 0) { + } else if (sslmethod == "TLSv1_2_server_method") { min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; method = TLS_server_method(); - } else if (strcmp(*sslmethod, "TLSv1_2_client_method") == 0) { + } else if (sslmethod == "TLSv1_2_client_method") { min_version = TLS1_2_VERSION; max_version = TLS1_2_VERSION; method = TLS_client_method(); diff --git a/src/util.h b/src/util.h index 71f3886365..d3c5fdd74e 100644 --- a/src/util.h +++ b/src/util.h @@ -491,6 +491,10 @@ class Utf8Value : public MaybeStackBuffer<char> { explicit Utf8Value(v8::Isolate* isolate, v8::Local<v8::Value> value); inline std::string ToString() const { return std::string(out(), length()); } + + inline bool operator==(const char* a) const { + return strcmp(out(), a) == 0; + } }; class TwoByteValue : public MaybeStackBuffer<uint16_t> { |