Revert "src: exclude node_root_certs when use-def-ca-store"

This reverts commit be98f26. The above commit prevented the functionality of --use-bundled-ca if Node has been built using --openssl-use-def-ca-store, since there will be no bundled ca included and no way to use them. I only noticed this when trying to add // Flags: --use-bundled-ca to test-tls-ccnic-whitelist.js to force it to use the bundled ca and allow the test to pass. PR-URL: nodejs#12391 Reviewed-By: Ben Noordhuis <[email protected]> Reviewed-By: Colin Ihrig <[email protected]> Reviewed-By: Sam Roberts <[email protected]> Reviewed-By: James M Snell <[email protected]>
danbev · Apr 15, 2017 · e1d1487 · e1d1487
1 parent c05e5bf
commit e1d1487
Showing 1 changed file with 0 additions and 4 deletions.
diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -143,11 +143,9 @@ static X509_NAME *cnnic_ev_name =
 
 static Mutex* mutexes;
 
-#if !defined(NODE_OPENSSL_CERT_STORE)
 const char* const root_certs[] = {
 #include "node_root_certs.h"  // NOLINT(build/include_order)
 };
-#endif
 
 std::string extra_root_certs_file;  // NOLINT(runtime/string)
 
@@ -722,7 +720,6 @@ static int X509_up_ref(X509* cert) {
 
 
 static X509_STORE* NewRootCertStore() {
-#if !defined(NODE_OPENSSL_CERT_STORE)
   if (root_certs_vector.empty()) {
     for (size_t i = 0; i < arraysize(root_certs); i++) {
       BIO* bp = NodeBIO::NewFixed(root_certs[i], strlen(root_certs[i]));
@@ -735,7 +732,6 @@ static X509_STORE* NewRootCertStore() {
       root_certs_vector.push_back(x509);
     }
   }
-#endif
 
   X509_STORE* store = X509_STORE_new();
   if (ssl_openssl_cert_store) {