1 files changed, 8 insertions, 2 deletions

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
index 7f5544b8f2..11ed4a3f19 100644
--- a/src/node_crypto.cc
+++ b/src/node_crypto.cc
@@ -756,6 +756,8 @@ static X509_STORE* NewRootCertStore() {
   if (*system_cert_path != '\0') {
     X509_STORE_load_locations(store, system_cert_path, nullptr);
   }
+  // TODO(addaleax): Replace `ssl_openssl_cert_store` with
+  // `per_process_opts->ssl_openssl_cert_store`.
   if (ssl_openssl_cert_store) {
     X509_STORE_set_default_paths(store);
   } else {
@@ -5094,14 +5096,14 @@ void InitCryptoOnce() {
   OPENSSL_no_config();
 
   // --openssl-config=...
-  if (!openssl_config.empty()) {
+  if (!per_process_opts->openssl_config.empty()) {
     OPENSSL_load_builtin_modules();
 #ifndef OPENSSL_NO_ENGINE
     ENGINE_load_builtin_engines();
 #endif
     ERR_clear_error();
     CONF_modules_load_file(
-        openssl_config.c_str(),
+        per_process_opts->openssl_config.c_str(),
         nullptr,
         CONF_MFLAGS_DEFAULT_SECTION);
     int err = ERR_get_error();
@@ -5119,6 +5121,9 @@ void InitCryptoOnce() {
 #ifdef NODE_FIPS_MODE
   /* Override FIPS settings in cnf file, if needed. */
   unsigned long err = 0;  // NOLINT(runtime/int)
+  // TODO(addaleax): Use commented part instead.
+  /*if (per_process_opts->enable_fips_crypto ||
+      per_process_opts->force_fips_crypto) {*/
   if (enable_fips_crypto || force_fips_crypto) {
     if (0 == FIPS_mode() && !FIPS_mode_set(1)) {
       err = ERR_get_error();
@@ -5181,6 +5186,7 @@ void GetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
 }
 
 void SetFipsCrypto(const FunctionCallbackInfo<Value>& args) {
+  // TODO(addaleax): Use options parser variables instead.
   CHECK(!force_fips_crypto);
   Environment* env = Environment::GetCurrent(args);
   const bool enabled = FIPS_mode();