From 6f8839d2ac362ced42235a34a023af5e2c656501 Mon Sep 17 00:00:00 2001
From: Ben Noordhuis <info@bnoordhuis.nl>
Date: Mon, 2 Jan 2012 12:02:05 +0100
Subject: [PATCH] crypto: add SecureContext.clearOptions() method

SecureContext.setOptions() is backed by SSL_CTX_set_options() which, contrary to
what the name suggests, is additive: it doesn't set options, it adds them to the
already active options.

Hence the need for SecureContext.clearOptions(), which lets you unset active
options.
---
 src/node_crypto.cc | 27 +++++++++++++++------------
 src/node_crypto.h  |  1 +
 2 files changed, 16 insertions(+), 12 deletions(-)

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 9f73df35caf..f3bff2ed04e 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -166,6 +166,7 @@ void SecureContext::Initialize(Handle<Object> target) {
   NODE_SET_PROTOTYPE_METHOD(t, "addRootCerts", SecureContext::AddRootCerts);
   NODE_SET_PROTOTYPE_METHOD(t, "setCiphers", SecureContext::SetCiphers);
   NODE_SET_PROTOTYPE_METHOD(t, "setOptions", SecureContext::SetOptions);
+  NODE_SET_PROTOTYPE_METHOD(t, "clearOptions", SecureContext::ClearOptions);
   NODE_SET_PROTOTYPE_METHOD(t, "setSessionIdContext",
                                SecureContext::SetSessionIdContext);
   NODE_SET_PROTOTYPE_METHOD(t, "close", SecureContext::Close);
@@ -540,21 +541,23 @@ Handle<Value> SecureContext::SetCiphers(const Arguments& args) {
   return True();
 }
 
-Handle<Value> SecureContext::SetOptions(const Arguments& args) {
-  HandleScope scope;
-
-  SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());
-
-  if (args.Length() != 1 || !args[0]->IsUint32()) {
-    return ThrowException(Exception::TypeError(String::New("Bad parameter")));
+#define X(name, fn)                                                           \
+  Handle<Value> name(const Arguments& args) {                                 \
+    HandleScope scope;                                                        \
+    SecureContext *sc = ObjectWrap::Unwrap<SecureContext>(args.Holder());     \
+    if (args.Length() != 1 || !args[0]->IsInt32()) {                          \
+      return ThrowException(                                                  \
+          Exception::TypeError(String::New("Bad parameter")));                \
+    }                                                                         \
+    fn(sc->ctx_, args[0]->Int32Value());                                      \
+    return True();                                                            \
   }
 
-  unsigned int opts = args[0]->Uint32Value();
+// can't use templates, SSL_CTX_set_options and SSL_CTX_clear_options are macros
+X(SecureContext::SetOptions,   SSL_CTX_set_options)
+X(SecureContext::ClearOptions, SSL_CTX_clear_options)
 
-  SSL_CTX_set_options(sc->ctx_, opts);
-
-  return True();
-}
+#undef X
 
 Handle<Value> SecureContext::SetSessionIdContext(const Arguments& args) {
   HandleScope scope;
diff --git a/src/node_crypto.h b/src/node_crypto.h
index 4cde964da46..58168e3df1f 100644
--- a/src/node_crypto.h
+++ b/src/node_crypto.h
@@ -66,6 +66,7 @@ class SecureContext : ObjectWrap {
   static v8::Handle<v8::Value> AddRootCerts(const v8::Arguments& args);
   static v8::Handle<v8::Value> SetCiphers(const v8::Arguments& args);
   static v8::Handle<v8::Value> SetOptions(const v8::Arguments& args);
+  static v8::Handle<v8::Value> ClearOptions(const v8::Arguments& args);
   static v8::Handle<v8::Value> SetSessionIdContext(const v8::Arguments& args);
   static v8::Handle<v8::Value> Close(const v8::Arguments& args);