From b4f8dac6abb01615fdb43e34f73f9962c65f756c Mon Sep 17 00:00:00 2001 From: Daniel Bevenius Date: Wed, 18 May 2022 10:36:18 +0200 Subject: [PATCH] src,doc,test: add --openssl-shared-config option This commit adds a new command line option named '--openssl-shared-config' intended to allow reverting to the old OpenSSL configuration behavior where Node.js would use the configuration section name (called appname in OpenSSL) 'openssl_conf' which could potentially be used my other applications.. PR-URL: https://github.com/nodejs/node/pull/43124 Refs: https://github.com/nodejs/node/issues/40366 Reviewed-By: James M Snell Reviewed-By: Rich Trott Reviewed-By: Rafael Gonzaga Reviewed-By: Beth Griggs Backport-PR-URL: https://github.com/nodejs/node/pull/43782 --- doc/api/cli.md | 16 ++++++++++++++++ src/node.cc | 6 ++++++ src/node_options.cc | 4 ++++ src/node_options.h | 1 + ...t-process-env-allowed-flags-are-documented.js | 1 + 5 files changed, 28 insertions(+) diff --git a/doc/api/cli.md b/doc/api/cli.md index ff5dff244e9b6d..e680b444d1babd 100644 --- a/doc/api/cli.md +++ b/doc/api/cli.md @@ -635,6 +635,21 @@ Load an OpenSSL configuration file on startup. Among other uses, this can be used to enable FIPS-compliant crypto if Node.js is built against FIPS-enabled OpenSSL. +### `--openssl-shared-config` + + + +Enable OpenSSL default configuration section, `openssl_conf` to be read from +the OpenSSL configuration file. The default configuration file is named +`openssl.cnf` but this can be changed using the environment variable +`OPENSSL_CONF`, or by using the command line option `--openssl-config`. +The location of the default OpenSSL configuration file depends on how OpenSSL +is being linked to Node.js. Sharing the OpenSSL configuration may have unwanted +implications and it is recommended to use a configuration section specific to +Node.js which is `nodejs_conf` and is default when this option is not used. + ### `--pending-deprecation`