From f429fe1b88db3463957058ec8975d3365fc3fefa Mon Sep 17 00:00:00 2001
From: James M Snell <jasnell@gmail.com>
Date: Tue, 8 Mar 2016 15:31:31 -0800
Subject: [PATCH] crypto: fail early when loading crypto without openssl

Fail early in require('crypto'), require('tls'),
require('https'), etc when crypto is not available
(rather than depending on an internal try/catch).

Add documentation for detecting when crypto is not available.

PR-URL: https://github.com/nodejs/node/pull/5611
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
---
 doc/api/crypto.markdown | 15 +++++++++++++++
 lib/_tls_legacy.js      |  9 +++------
 lib/_tls_wrap.js        |  2 ++
 lib/crypto.js           | 22 ++++++++++------------
 lib/https.js            |  2 ++
 lib/internal/util.js    |  6 ++++++
 lib/tls.js              |  2 ++
 7 files changed, 40 insertions(+), 18 deletions(-)

diff --git a/doc/api/crypto.markdown b/doc/api/crypto.markdown
index b7ed471969a0d1..2287e49635c8f0 100644
--- a/doc/api/crypto.markdown
+++ b/doc/api/crypto.markdown
@@ -19,6 +19,21 @@ console.log(hash);
   //   c0fa1bc00531bd78ef38c628449c5102aeabd49b5dc3a2a516ea6ea959d6658e
 ```
 
+## Determining if crypto support is unavailable
+
+It is possible for Node.js to be built without including support for the
+`crypto` module. In such cases, calling `require('crypto')` will result in an
+error being thrown.
+
+```js
+var crypto;
+try {
+  crypto = require('crypto');
+} catch (err) {
+  console.log('crypto support is disabled!');
+}
+```
+
 ## Class: Certificate
 
 SPKAC is a Certificate Signing Request mechanism originally implemented by
diff --git a/lib/_tls_legacy.js b/lib/_tls_legacy.js
index bc293f04178d70..456679ff0d2aa4 100644
--- a/lib/_tls_legacy.js
+++ b/lib/_tls_legacy.js
@@ -1,5 +1,7 @@
 'use strict';
 
+require('internal/util').assertCrypto(exports);
+
 const assert = require('assert');
 const EventEmitter = require('events');
 const stream = require('stream');
@@ -9,12 +11,7 @@ const common = require('_tls_common');
 const debug = util.debuglog('tls-legacy');
 const Buffer = require('buffer').Buffer;
 const Timer = process.binding('timer_wrap').Timer;
-var Connection = null;
-try {
-  Connection = process.binding('crypto').Connection;
-} catch (e) {
-  throw new Error('Node.js is not compiled with openssl crypto support');
-}
+const Connection = process.binding('crypto').Connection;
 
 function SlabBuffer() {
   this.create();
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index 0f52363e10354d..b7aa265dae4fc2 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -1,5 +1,7 @@
 'use strict';
 
+require('internal/util').assertCrypto(exports);
+
 const assert = require('assert');
 const crypto = require('crypto');
 const net = require('net');
diff --git a/lib/crypto.js b/lib/crypto.js
index 3e440a61fcd710..534ff03917354b 100644
--- a/lib/crypto.js
+++ b/lib/crypto.js
@@ -3,25 +3,23 @@
 
 'use strict';
 
+const internalUtil = require('internal/util');
+internalUtil.assertCrypto(exports);
+
 exports.DEFAULT_ENCODING = 'buffer';
 
-try {
-  var binding = process.binding('crypto');
-  var randomBytes = binding.randomBytes;
-  var getCiphers = binding.getCiphers;
-  var getHashes = binding.getHashes;
-  var getCurves = binding.getCurves;
-  var getFipsCrypto = binding.getFipsCrypto;
-  var setFipsCrypto = binding.setFipsCrypto;
-} catch (e) {
-  throw new Error('Node.js is not compiled with openssl crypto support');
-}
+const binding = process.binding('crypto');
+const randomBytes = binding.randomBytes;
+const getCiphers = binding.getCiphers;
+const getHashes = binding.getHashes;
+const getCurves = binding.getCurves;
+const getFipsCrypto = binding.getFipsCrypto;
+const setFipsCrypto = binding.setFipsCrypto;
 
 const Buffer = require('buffer').Buffer;
 const constants = require('constants');
 const stream = require('stream');
 const util = require('util');
-const internalUtil = require('internal/util');
 const LazyTransform = require('internal/streams/lazy_transform');
 
 const DH_GENERATOR = 2;
diff --git a/lib/https.js b/lib/https.js
index c1d1a51dabd6cc..b8969b68452451 100644
--- a/lib/https.js
+++ b/lib/https.js
@@ -1,5 +1,7 @@
 'use strict';
 
+require('internal/util').assertCrypto(exports);
+
 const tls = require('tls');
 const url = require('url');
 const http = require('http');
diff --git a/lib/internal/util.js b/lib/internal/util.js
index 21aafff21824b3..a9e77c658fc6ae 100644
--- a/lib/internal/util.js
+++ b/lib/internal/util.js
@@ -96,3 +96,9 @@ exports.isError = function isError(e) {
 exports.objectToString = function objectToString(o) {
   return Object.prototype.toString.call(o);
 };
+
+const noCrypto = !process.versions.openssl;
+exports.assertCrypto = function(exports) {
+  if (noCrypto)
+    throw new Error('Node.js is not compiled with openssl crypto support');
+};
diff --git a/lib/tls.js b/lib/tls.js
index 808f8d417a99a5..8699207a24a586 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -1,5 +1,7 @@
 'use strict';
 
+require('internal/util').assertCrypto(exports);
+
 const net = require('net');
 const url = require('url');
 const binding = process.binding('crypto');