lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
11939 Commits
131 Branches
446 Tags
325 MiB
Tree: 0d39d35739
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '0d39d35739'
${ noResults }
node/src/tls_wrap.cc

908 lines
22 KiB
Raw Normal View History

tls_wrap: embed TLS encryption into streamwrap
12 years ago
#include "tls_wrap.h"
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
11 years ago
#include "async-wrap.h"
#include "async-wrap-inl.h"
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#include "node_buffer.h" // Buffer
#include "node_crypto.h" // SecureContext
#include "node_crypto_bio.h" // NodeBIO
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
#include "node_crypto_clienthello.h" // ClientHelloParser
#include "node_crypto_clienthello-inl.h"
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#include "node_wrap.h" // WithGenericStream
#include "node_counters.h"
src: centralize class wrap/unwrap While almost all cases were handled by simple WRAP/UNWRAP macros, this extends those to cover all known occurrences.
12 years ago
#include "node_internals.h"
stream_base: remove static JSMethod declarations Move JS methods to the stream_base-inl.h and thus define them on each use of `StreamBase::AddMethods`. Inline `AddMethods` itself, so that there won't be any need in a static declaration in stream_base.cc. NOTE: This basically allows using this API in user-land, though, some polishing is required before releasing it. PR-URL: https://github.com/iojs/io.js/pull/957 Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
10 years ago
#include "stream_base.h"
#include "stream_base-inl.h"
src: use function to get internal pointer Remove the NODE_{WRAP,UNWRAP} macros and instead use template functions.
11 years ago
#include "util.h"
#include "util-inl.h"
tls_wrap: embed TLS encryption into streamwrap
12 years ago
namespace node {
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
using crypto::SSLWrap;
src: fix up unused/unordered imports
12 years ago
using crypto::SecureContext;
tls_wrap: parse tls session ticket extension And, if present and non-empty, don't invoke `resumeSession` callback. fix #5872
12 years ago
using v8::Boolean;
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now "remember" the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
using v8::Context;
src: update to v8 3.24 APIs
11 years ago
using v8::EscapableHandleScope;
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo<T>& argument rather than a const v8::Arguments& argument. * Binding functions return void rather than v8::Handle<v8::Value>. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent<T> no longer derives from v8::Handle<T> and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local<T> from the persistent handle with the Local<T>::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached<T>, which wraps a v8::Persistent<T> with some template sugar. It can hold arbitrary types but so far it's exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
using v8::Exception;
using v8::Function;
using v8::FunctionCallbackInfo;
using v8::FunctionTemplate;
string_bytes: don't use named imports in header It imports the definition into every source file that includes string_bytes.h, as evidenced by the build suddenly breaking left and right because of missing Handle/Local/String/Value imports.
12 years ago
using v8::Handle;
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo<T>& argument rather than a const v8::Arguments& argument. * Binding functions return void rather than v8::Handle<v8::Value>. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent<T> no longer derives from v8::Handle<T> and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local<T> from the persistent handle with the Local<T>::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached<T>, which wraps a v8::Persistent<T> with some template sugar. It can hold arbitrary types but so far it's exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
using v8::Integer;
string_bytes: don't use named imports in header It imports the definition into every source file that includes string_bytes.h, as evidenced by the build suddenly breaking left and right because of missing Handle/Local/String/Value imports.
12 years ago
using v8::Local;
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo<T>& argument rather than a const v8::Arguments& argument. * Binding functions return void rather than v8::Handle<v8::Value>. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent<T> no longer derives from v8::Handle<T> and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local<T> from the persistent handle with the Local<T>::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached<T>, which wraps a v8::Persistent<T> with some template sugar. It can hold arbitrary types but so far it's exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
using v8::Null;
using v8::Object;
using v8::String;
using v8::Value;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv's stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris <trev.norris@gmail.com> Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
10 years ago
TLSWrap::TLSWrap(Environment* env,
Kind kind,
StreamBase* stream,
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
10 years ago
SecureContext* sc)
: SSLWrap<TLSWrap>(env, sc, kind),
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
StreamBase(env),
async_wrap: add provider types/pass to constructor These will be used to allow users to filter for which types of calls they wish their callbacks to run. Signed-off-by: Timothy J Fontaine &lt;tjfontaine@gmail.com&gt;
11 years ago
AsyncWrap(env,
env->tls_wrap_constructor_function()->NewInstance(),
AsyncWrap::PROVIDER_TLSWRAP),
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
sc_(sc),
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
stream_(stream),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
enc_in_(nullptr),
enc_out_(nullptr),
clear_in_(nullptr),
tls_wrap: embed TLS encryption into streamwrap
12 years ago
write_size_(0),
started_(false),
established_(false),
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
shutdown_(false),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
error_(nullptr),
tls: introduce asynchronous `newSession` fix #7105
11 years ago
cycle_depth_(0),
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
eof_(false) {
src: remove unnecessary template parameter The template class information is received via the type of the first argument. So there is no need to use Wrap&lt;T&gt;(handle). PR-URL: https://github.com/joyent/node/pull/8110 Signed-off-by: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-by: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-by: Alexis Campailla &lt;alexis@janeasystems.com&gt; Reviewed-by: Julien Gilli &lt;julien.gilli@joyent.com&gt;
10 years ago
node::Wrap(object(), this);
tls_wrap: ensure that TLSCallbacks are gc-able Call `MakeWeak()` to destruct TLSCallbacks when the js-object dies. fix #8416 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
MakeWeak(this);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: session API returns
12 years ago
// We've our own session callbacks
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
SSL_CTX_sess_set_get_cb(sc_->ctx_, SSLWrap<TLSWrap>::GetSessionCallback);
SSL_CTX_sess_set_new_cb(sc_->ctx_, SSLWrap<TLSWrap>::NewSessionCallback);
stream_->Consume();
stream_->set_after_write_cb(OnAfterWriteImpl, this);
stream_->set_alloc_cb(OnAllocImpl, this);
stream_->set_read_cb(OnReadImpl, this);
set_alloc_cb(OnAllocSelf, this);
set_read_cb(OnReadSelf, this);
tls: session API returns
12 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
InitSSL();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap::~TLSWrap() {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
enc_in_ = nullptr;
enc_out_ = nullptr;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
delete clear_in_;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
clear_in_ = nullptr;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
sc_ = nullptr;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: update to v8 3.24 APIs
11 years ago
sni_context_.Reset();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
ClearError();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::MakePending() {
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
write_item_queue_.MoveBack(&pending_write_items_);
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::InvokeQueued(int status) {
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (pending_write_items_.IsEmpty())
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
return false;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Process old queue
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
WriteItemList queue;
pending_write_items_.MoveBack(&queue);
while (WriteItem* wi = queue.PopFront()) {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wi->w_->Done(status);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
delete wi;
}
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
return true;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::NewSessionDoneCb() {
tls: introduce asynchronous `newSession` fix #7105
11 years ago
Cycle();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::InitSSL() {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Initialize SSL
crypto: remove NodeBIO::GetMethod() Remove NodeBIO::GetMethod() and replace calls to BIO_new() with calls to the new NodeBIO::New() function. This commit basically reshuffles some code in order to make it explicit that the NodeBIO BIO_METHOD is const.
12 years ago
enc_in_ = NodeBIO::New();
enc_out_ = NodeBIO::New();
node_crypto_bio: adjust external memory size Adjust V8&#39;s external memory size when allocating buffers for TLS data to ensure that V8 has enough information to trigger the GC at right time. PR-URL: https://github.com/iojs/io.js/pull/1085 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
NodeBIO::FromBIO(enc_in_)->AssignEnvironment(env());
NodeBIO::FromBIO(enc_out_)->AssignEnvironment(env());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_bio(ssl_, enc_in_, enc_out_);
// NOTE: This could be overriden in SetVerifyMode
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
SSL_set_verify(ssl_, SSL_VERIFY_NONE, crypto::VerifyCallback);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_MODE_RELEASE_BUFFERS
long mode = SSL_get_mode(ssl_);
SSL_set_mode(ssl_, mode | SSL_MODE_RELEASE_BUFFERS);
#endif // SSL_MODE_RELEASE_BUFFERS
SSL_set_app_data(ssl_, this);
SSL_set_info_callback(ssl_, SSLInfoCallback);
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
if (is_server()) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_CTX_set_tlsext_servername_callback(sc_->ctx_, SelectSNIContextCallback);
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
crypto: never store pointer to conn in SSL_CTX SSL_CTX is shared between multiple connections and is not a right place to store per-connection data. fix #8348 Reviewed-By: Trevor Norris
10 years ago
InitNPN(sc_);
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
SSL_set_cert_cb(ssl_, SSLWrap<TLSWrap>::SSLCertCallback, this);
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
if (is_server()) {
SSL_set_accept_state(ssl_);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
} else if (is_client()) {
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
// Enough space for server response (hello, cert)
NodeBIO::FromBIO(enc_in_)->set_initial(kInitialClientBufferLength);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_connect_state(ssl_);
} else {
// Unexpected
abort();
}
// Initialize ring for queud clear data
clear_in_ = new NodeBIO();
node_crypto_bio: adjust external memory size Adjust V8&#39;s external memory size when allocating buffers for TLS data to ensure that V8 has enough information to trigger the GC at right time. PR-URL: https://github.com/iojs/io.js/pull/1085 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
clear_in_->AssignEnvironment(env());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Wrap(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: remove `node_isolate` from source fix #6899
11 years ago
if (args.Length() < 1 || !args[0]->IsObject()) {
return env->ThrowTypeError(
"First argument should be a StreamWrap instance");
}
if (args.Length() < 2 || !args[1]->IsObject()) {
return env->ThrowTypeError(
"Second argument should be a SecureContext instance");
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (args.Length() < 3 || !args[2]->IsBoolean())
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowTypeError("Third argument should be boolean");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Local<Object> stream_obj = args[0].As<Object>();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
Local<Object> sc = args[1].As<Object>();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Kind kind = args[2]->IsTrue() ? SSLWrap<TLSWrap>::kServer :
SSLWrap<TLSWrap>::kClient;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
StreamBase* stream = nullptr;
WITH_GENERIC_STREAM(env, stream_obj, {
stream = wrap;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
});
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
CHECK_NE(stream, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
TLSWrap* res = new TLSWrap(env, kind, stream, Unwrap<SecureContext>(sc));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
args.GetReturnValue().Set(res->object());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Receive(const FunctionCallbackInfo<Value>& args) {
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls: process accumulated input When creating TLSSocket on top of the regular socket that already contains some received data, `_tls_wrap.js` should try to write all that data to the internal `SSL*` instance. fix #6940
11 years ago
CHECK(Buffer::HasInstance(args[0]));
char* data = Buffer::Data(args[0]);
size_t len = Buffer::Length(args[0]);
uv_buf_t buf;
// Copy given buffer entirely or partiall if handle becomes closed
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
while (len > 0 && wrap->IsAlive() && !wrap->IsClosing()) {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->stream_->OnAlloc(len, &buf);
tls: process accumulated input When creating TLSSocket on top of the regular socket that already contains some received data, `_tls_wrap.js` should try to write all that data to the internal `SSL*` instance. fix #6940
11 years ago
size_t copy = buf.len > len ? len : buf.len;
memcpy(buf.base, data, copy);
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
buf.len = copy;
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->stream_->OnRead(buf.len, &buf);
tls: process accumulated input When creating TLSSocket on top of the regular socket that already contains some received data, `_tls_wrap.js` should try to write all that data to the internal `SSL*` instance. fix #6940
11 years ago
data += copy;
len -= copy;
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Start(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (wrap->started_)
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowError("Already started.");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
wrap->started_ = true;
// Send ClientHello handshake
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(wrap->is_client());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
wrap->ClearOut();
wrap->EncOut();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::SSLInfoCallback(const SSL* ssl_, int where, int ret) {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
if (!(where & (SSL_CB_HANDSHAKE_START | SSL_CB_HANDSHAKE_DONE)))
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Be compatible with older versions of OpenSSL. SSL_get_app_data() wants
// a non-const SSL* in OpenSSL <= 0.9.7e.
SSL* ssl = const_cast<SSL*>(ssl_);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* c = static_cast<TLSWrap*>(SSL_get_app_data(ssl));
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Environment* env = c->env();
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
11 years ago
Local<Object> object = c->object();
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (where & SSL_CB_HANDSHAKE_START) {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Local<Value> callback = object->Get(env->onhandshakestart_string());
if (callback->IsFunction()) {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
c->MakeCallback(callback.As<Function>(), 0, nullptr);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (where & SSL_CB_HANDSHAKE_DONE) {
c->established_ = true;
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Local<Value> callback = object->Get(env->onhandshakedone_string());
if (callback->IsFunction()) {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
c->MakeCallback(callback.As<Function>(), 0, nullptr);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::EncOut() {
tls: session API returns
12 years ago
// Ignore cycling data if ClientHello wasn't yet parsed
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded())
tls: session API returns
12 years ago
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Write in progress
if (write_size_ != 0)
return;
tls: introduce asynchronous `newSession` fix #7105
11 years ago
// Wait for `newSession` callback to be invoked
if (is_waiting_new_session())
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Split-off queue
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (established_ && !write_item_queue_.IsEmpty())
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
MakePending();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// No data to write
if (BIO_pending(enc_out_) == 0) {
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
if (clear_in_->Length() == 0)
InvokeQueued(0);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
}
tls_wrap: use writev when possible Try writing multiple chunks from NodeBIO if possible.
11 years ago
char* data[kSimultaneousBufferCount];
size_t size[ARRAY_SIZE(data)];
size_t count = ARRAY_SIZE(data);
write_size_ = NodeBIO::FromBIO(enc_out_)->PeekMultiple(data, size, &count);
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(write_size_ != 0 && count != 0);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Local<Object> req_wrap_obj =
env()->write_wrap_constructor_function()->NewInstance();
stream_base: WriteWrap::New/::Dispose Encapsulate allocation/disposal of `WriteWrap` instances into the `WriteWrap` class itself. PR-URL: https://github.com/iojs/io.js/pull/1090 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
WriteWrap* write_req = WriteWrap::New(env(),
req_wrap_obj,
this,
EncOutCb);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
tls_wrap: use writev when possible Try writing multiple chunks from NodeBIO if possible.
11 years ago
uv_buf_t buf[ARRAY_SIZE(data)];
for (size_t i = 0; i < count; i++)
buf[i] = uv_buf_init(data[i], size[i]);
tls: fix leak on `DoWrite()` errors It is very unlikely to happen, but still the write request should be disposed in case of immediate failure. PR-URL: https://github.com/iojs/io.js/pull/1154 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
int err = stream_->DoWrite(write_req, buf, count, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Ignore errors, this should be already handled in js
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
if (err) {
tls: fix leak on `DoWrite()` errors It is very unlikely to happen, but still the write request should be disposed in case of immediate failure. PR-URL: https://github.com/iojs/io.js/pull/1154 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
write_req->Dispose();
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
InvokeQueued(err);
} else {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
NODE_COUNT_NET_BYTES_SENT(write_size_);
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::EncOutCb(WriteWrap* req_wrap, int status) {
TLSWrap* wrap = req_wrap->wrap()->Cast<TLSWrap>();
stream_base: WriteWrap::New/::Dispose Encapsulate allocation/disposal of `WriteWrap` instances into the `WriteWrap` class itself. PR-URL: https://github.com/iojs/io.js/pull/1090 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
req_wrap->Dispose();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
_stream_wrap: prevent use after free in TLS Queued write requests should be invoked on handle close, otherwise the &#34;consumer&#34; might be already destroyed when the write callbacks of the &#34;consumed&#34; handle will be invoked. Same applies to the shutdown requests. Make sure to &#34;move&#34; away socket from server to not break the `connections` counter in `net.js`. Otherwise it might not call `close` callback, or call it too early. Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1910 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
// We should not be getting here after `DestroySSL`, because all queued writes
// must be invoked with UV_ECANCELED
CHECK_NE(wrap->ssl_, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Handle error
if (status) {
// Ignore errors after shutdown
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
if (wrap->shutdown_)
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
// Notify about error
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->InvokeQueued(status);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
}
// Commit
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
NodeBIO::FromBIO(wrap->enc_out_)->Read(nullptr, wrap->write_size_);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
// Ensure that the progress will be made and `InvokeQueued` will be called.
wrap->ClearIn();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Try writing more data
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->write_size_ = 0;
wrap->EncOut();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Local<Value> TLSWrap::GetSSLError(int status, int* err, const char** msg) {
src: update to v8 3.24 APIs
11 years ago
EscapableHandleScope scope(env()->isolate());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: fix error cb when fatal TLS Alert recvd SSL_read() returns 0 when fatal TLS Alert is received. Fix to invoke ssl error callback in this case. PR-URL: https://github.com/nodejs/io.js/pull/1661 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
// ssl_ is already destroyed in reading EOF by close notify alert.
if (ssl_ == nullptr)
return Local<Value>();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
*err = SSL_get_error(ssl_, status);
switch (*err) {
src: lint c++ code
12 years ago
case SSL_ERROR_NONE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
case SSL_ERROR_WANT_X509_LOOKUP:
src: lint c++ code
12 years ago
break;
case SSL_ERROR_ZERO_RETURN:
src: update to v8 3.24 APIs
11 years ago
return scope.Escape(env()->zero_return_string());
src: lint c++ code
12 years ago
break;
default:
{
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(*err == SSL_ERROR_SSL || *err == SSL_ERROR_SYSCALL);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
BIO* bio = BIO_new(BIO_s_mem());
ERR_print_errors(bio);
BUF_MEM* mem;
BIO_get_mem_ptr(bio, &mem);
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
src: use v8::String::NewFrom*() functions * Change calls to String::New() and String::NewSymbol() to their respective one-byte, two-byte and UTF-8 counterparts. * Add a FIXED_ONE_BYTE_STRING macro that takes a string literal and turns it into a v8::Local&lt;v8::String&gt;. * Add helper functions that make v8::String::NewFromOneByte() easier to work with. Said function expects a `const uint8_t*` but almost every call site deals with `const char*` or `const unsigned char*`. Helps us avoid doing reinterpret_casts all over the place. * Code that handles file system paths keeps using UTF-8 for backwards compatibility reasons. At least now the use of UTF-8 is explicit. * Remove v8::String::NewSymbol() entirely. Almost all call sites were effectively minor de-optimizations. If you create a string only once, there is no point in making it a symbol. If you are create the same string repeatedly, it should probably be cached in a persistent handle.
12 years ago
Local<String> message =
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
OneByteString(env()->isolate(), mem->data, mem->length);
src: use v8::String::NewFrom*() functions * Change calls to String::New() and String::NewSymbol() to their respective one-byte, two-byte and UTF-8 counterparts. * Add a FIXED_ONE_BYTE_STRING macro that takes a string literal and turns it into a v8::Local&lt;v8::String&gt;. * Add helper functions that make v8::String::NewFromOneByte() easier to work with. Said function expects a `const uint8_t*` but almost every call site deals with `const char*` or `const unsigned char*`. Helps us avoid doing reinterpret_casts all over the place. * Code that handles file system paths keeps using UTF-8 for backwards compatibility reasons. At least now the use of UTF-8 is explicit. * Remove v8::String::NewSymbol() entirely. Almost all call sites were effectively minor de-optimizations. If you create a string only once, there is no point in making it a symbol. If you are create the same string repeatedly, it should probably be cached in a persistent handle.
12 years ago
Local<Value> exception = Exception::Error(message);
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (msg != nullptr) {
CHECK_EQ(*msg, nullptr);
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
char* const buf = new char[mem->length + 1];
memcpy(buf, mem->data, mem->length);
buf[mem->length] = '\0';
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
*msg = buf;
}
tls_wrap: fix BIO leak on SSL error Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
BIO_free_all(bio);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: update to v8 3.24 APIs
11 years ago
return scope.Escape(exception);
src: lint c++ code
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
return Local<Value>();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::ClearOut() {
tls: session API returns
12 years ago
// Ignore cycling data if ClientHello wasn't yet parsed
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded())
tls: session API returns
12 years ago
return;
tls_wrap: ignore ZERO_RETURN after close_notify Do not call SSL_read() and ignore ZERO_RETURN if the connection was shutdown and there could not be any reads. Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; PR-URL: https://github.com/joyent/node/pull/8519
10 years ago
// No reads after EOF
if (eof_)
return;
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
char out[kClearOutChunkSize];
int read;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
for (;;) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
read = SSL_read(ssl_, out, sizeof(out));
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
if (read <= 0)
break;
while (read > 0) {
int avail = read;
uv_buf_t buf;
OnAlloc(avail, &buf);
if (static_cast<int>(buf.len) < avail)
avail = buf.len;
memcpy(buf.base, out, avail);
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
OnRead(avail, &buf);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
read -= avail;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
int flags = SSL_get_shutdown(ssl_);
if (!eof_ && flags & SSL_RECEIVED_SHUTDOWN) {
eof_ = true;
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
OnRead(UV_EOF, nullptr);
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
}
tls_wrap: fix error cb when fatal TLS Alert recvd SSL_read() returns 0 when fatal TLS Alert is received. Fix to invoke ssl error callback in this case. PR-URL: https://github.com/nodejs/io.js/pull/1661 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
// We need to check whether an error occurred or the connection was
// shutdown cleanly (SSL_ERROR_ZERO_RETURN) even when read == 0.
// See iojs#1642 and SSL_read(3SSL) for details.
if (read <= 0) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int err;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
Local<Value> arg = GetSSLError(read, &err, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: ignore ZERO_RETURN after close_notify Do not call SSL_read() and ignore ZERO_RETURN if the connection was shutdown and there could not be any reads. Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; PR-URL: https://github.com/joyent/node/pull/8519
10 years ago
// Ignore ZERO_RETURN after EOF, it is basically not a error
if (err == SSL_ERROR_ZERO_RETURN && eof_)
return;
domain: use AsyncListener API The domain module has been switched over to use the domain module API as much as currently possible. There are still some hooks in the EventEmitter, but hopefully we can remove those in the future.
11 years ago
if (!arg.IsEmpty()) {
tls: fix to send TLS Alert before socket destroyed When TLS Alert is occured in handshake, ClearOut only write it into wbio and does not flush to socket. TLS Alert should be written to socket with EncOut before socket is destroyed within its error callback. Signed-off-by: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
// When TLS Alert are stored in wbio,
// it should be flushed to socket before destroyed.
if (BIO_pending(enc_out_) != 0)
EncOut();
domain: use AsyncListener API The domain module has been switched over to use the domain module API as much as currently possible. There are still some hooks in the EventEmitter, but hopefully we can remove those in the future.
11 years ago
MakeCallback(env()->onerror_string(), 1, &arg);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::ClearIn() {
tls: session API returns
12 years ago
// Ignore cycling data if ClientHello wasn't yet parsed
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded())
tls: session API returns
12 years ago
return false;
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return false;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int written = 0;
while (clear_in_->Length() > 0) {
size_t avail = 0;
char* data = clear_in_->Peek(&avail);
written = SSL_write(ssl_, data, avail);
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(written == -1 || written == static_cast<int>(avail));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (written == -1)
break;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
clear_in_->Read(nullptr, avail);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
// All written
if (clear_in_->Length() == 0) {
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK_GE(written, 0);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return true;
}
// Error or partial write
int err;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
Local<Value> arg = GetSSLError(written, &err, &error_);
domain: use AsyncListener API The domain module has been switched over to use the domain module API as much as currently possible. There are still some hooks in the EventEmitter, but hopefully we can remove those in the future.
11 years ago
if (!arg.IsEmpty()) {
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
MakePending();
if (!InvokeQueued(UV_EPROTO))
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
ClearError();
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
clear_in_->Reset();
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return false;
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void* TLSWrap::Cast() {
return reinterpret_cast<void*>(this);
}
AsyncWrap* TLSWrap::GetAsyncWrap() {
return static_cast<AsyncWrap*>(this);
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::IsIPCPipe() {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->IsIPCPipe();
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::GetFD() {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->GetFD();
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::IsAlive() {
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
return ssl_ != nullptr && stream_->IsAlive();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::IsClosing() {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->IsClosing();
}
int TLSWrap::ReadStart() {
return stream_->ReadStart();
}
int TLSWrap::ReadStop() {
return stream_->ReadStop();
}
const char* TLSWrap::Error() const {
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
return error_;
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::ClearError() {
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
delete[] error_;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
error_ = nullptr;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::DoWrite(WriteWrap* w,
uv_buf_t* bufs,
size_t count,
uv_stream_t* send_handle) {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
CHECK_EQ(send_handle, nullptr);
tls: prevent use-after-free * Destroy `SSL*` and friends on a next tick to make sure that we are not doing it in one of the OpenSSL callbacks * Add more checks to the C++ methods that might be invoked during destructor&#39;s pending queue cleanup Fix: https://github.com/joyent/node/issues/8780 Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
CHECK_NE(ssl_, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
bool empty = true;
// Empty writes should not go through encryption process
size_t i;
for (i = 0; i < count; i++)
if (bufs[i].len > 0) {
empty = false;
break;
}
if (empty) {
ClearOut();
// However if there any data that should be written to socket,
// callback should not be invoked immediately
if (BIO_pending(enc_out_) == 0)
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->DoWrite(w, bufs, count, send_handle);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
tls_wrap: fix small obvious memory leak Signed-off-by: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
// Queue callback to execute it on next tick
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
write_item_queue_.PushBack(new WriteItem(w));
stream_base: dispatch reqs in the stream impl Dispatch requests in the implementation of the stream, not in the code creating these requests. The requests might be piled up and invoked internally in the implementation, so it should know better when it is the time to dispatch them. In fact, TLS was doing exactly this thing which led us to... Fix: https://github.com/iojs/io.js/issues/1512 PR-URL: https://github.com/iojs/io.js/pull/1563 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
w->Dispatched();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Write queued data
if (empty) {
EncOut();
return 0;
}
// Process enqueued data first
if (!ClearIn()) {
// If there're still data to process - enqueue current one
for (i = 0; i < count; i++)
clear_in_->Write(bufs[i].base, bufs[i].len);
return 0;
}
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return UV_EPROTO;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int written = 0;
for (i = 0; i < count; i++) {
written = SSL_write(ssl_, bufs[i].base, bufs[i].len);
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(written == -1 || written == static_cast<int>(bufs[i].len));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (written == -1)
break;
}
if (i != count) {
int err;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
Local<Value> arg = GetSSLError(written, &err, &error_);
if (!arg.IsEmpty())
return UV_EPROTO;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// No errors, queue rest
for (; i < count; i++)
clear_in_->Write(bufs[i].base, bufs[i].len);
}
// Try writing data immediately
EncOut();
return 0;
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnAfterWriteImpl(WriteWrap* w, void* ctx) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Intentionally empty
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnAllocImpl(size_t suggested_size, uv_buf_t* buf, void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
tls: prevent use-after-free * Destroy `SSL*` and friends on a next tick to make sure that we are not doing it in one of the OpenSSL callbacks * Add more checks to the C++ methods that might be invoked during destructor&#39;s pending queue cleanup Fix: https://github.com/joyent/node/issues/8780 Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (wrap->ssl_ == nullptr) {
*buf = uv_buf_init(nullptr, 0);
return;
}
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
size_t size = 0;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
buf->base = NodeBIO::FromBIO(wrap->enc_in_)->PeekWritable(&size);
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
buf->len = size;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnReadImpl(ssize_t nread,
const uv_buf_t* buf,
uv_handle_type pending,
void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
wrap->DoRead(nread, buf, pending);
}
void TLSWrap::OnAllocSelf(size_t suggested_size, uv_buf_t* buf, void* ctx) {
buf->base = static_cast<char*>(malloc(suggested_size));
CHECK_NE(buf->base, nullptr);
buf->len = suggested_size;
}
void TLSWrap::OnReadSelf(ssize_t nread,
const uv_buf_t* buf,
uv_handle_type pending,
void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
Local<Object> buf_obj;
if (buf != nullptr)
src: rename Buffer::Use() to Buffer::New() Fixes: https://github.com/nodejs/node/issues/2308 PR-URL: https://github.com/nodejs/node/pull/2352 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
buf_obj = Buffer::New(wrap->env(), buf->base, buf->len).ToLocalChecked();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->EmitData(nread, buf_obj, Local<Object>());
}
void TLSWrap::DoRead(ssize_t nread,
const uv_buf_t* buf,
uv_handle_type pending) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (nread < 0) {
// Error should be emitted only after all data was read
ClearOut();
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
// Ignore EOF if received close_notify
if (nread == UV_EOF) {
if (eof_)
return;
eof_ = true;
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
OnRead(nread, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
}
// Only client connections can receive data
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr) {
OnRead(UV_EPROTO, nullptr);
return;
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Commit read data
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
NodeBIO* enc_in = NodeBIO::FromBIO(enc_in_);
enc_in->Commit(nread);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: session API returns
12 years ago
// Parse ClientHello first
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded()) {
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
size_t avail = 0;
uint8_t* data = reinterpret_cast<uint8_t*>(enc_in->Peek(&avail));
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
CHECK(avail == 0 || data != nullptr);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
return hello_parser_.Parse(data, avail);
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
}
tls: session API returns
12 years ago
// Cycle OpenSSL's state
Cycle();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::DoShutdown(ShutdownWrap* req_wrap) {
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ != nullptr && SSL_shutdown(ssl_) == 0)
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_shutdown(ssl_);
shutdown_ = true;
EncOut();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->DoShutdown(req_wrap);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::SetVerifyMode(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (args.Length() < 2 || !args[0]->IsBoolean() || !args[1]->IsBoolean())
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowTypeError("Bad arguments, expected two booleans");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (wrap->ssl_ == nullptr)
return env->ThrowTypeError("SetVerifyMode after destroySSL");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int verify_mode;
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (wrap->is_server()) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
bool request_cert = args[0]->IsTrue();
if (!request_cert) {
// Note reject_unauthorized ignored.
verify_mode = SSL_VERIFY_NONE;
} else {
bool reject_unauthorized = args[1]->IsTrue();
verify_mode = SSL_VERIFY_PEER;
cpplint: disallow if one-liners
11 years ago
if (reject_unauthorized)
verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
} else {
// Note request_cert and reject_unauthorized are ignored for clients.
verify_mode = SSL_VERIFY_NONE;
}
// Always allow a connection. We'll reject in javascript.
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
SSL_set_verify(wrap->ssl_, verify_mode, crypto::VerifyCallback);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::EnableSessionCallbacks(
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
const FunctionCallbackInfo<Value>& args) {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls: prevent use-after-free * Destroy `SSL*` and friends on a next tick to make sure that we are not doing it in one of the OpenSSL callbacks * Add more checks to the C++ methods that might be invoked during destructor&#39;s pending queue cleanup Fix: https://github.com/joyent/node/issues/8780 Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (wrap->ssl_ == nullptr) {
return wrap->env()->ThrowTypeError(
"EnableSessionCallbacks after destroySSL");
}
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
wrap->enable_session_callbacks();
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
NodeBIO::FromBIO(wrap->enc_in_)->set_initial(kMaxHelloLength);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->hello_parser_.Start(SSLWrap<TLSWrap>::OnClientHello,
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
OnClientHelloParseEnd,
wrap);
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
}
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
void TLSWrap::DestroySSL(const FunctionCallbackInfo<Value>& args) {
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls_wrap: invoke queued callbacks in DestroySSL PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
// Move all writes to pending
wrap->MakePending();
// And destroy
wrap->InvokeQueued(UV_ECANCELED);
// Destroy the SSL structure and friends
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
wrap->SSLWrap<TLSWrap>::DestroySSL();
tls_wrap: invoke queued callbacks in DestroySSL PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
delete wrap->clear_in_;
wrap->clear_in_ = nullptr;
}
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
void TLSWrap::EnableCertCb(const FunctionCallbackInfo<Value>& args) {
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
wrap->WaitForCertCb(OnClientHelloParseEnd, wrap);
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnClientHelloParseEnd(void* arg) {
TLSWrap* c = static_cast<TLSWrap*>(arg);
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
c->Cycle();
tls: session API returns
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::GetServername(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
CHECK_NE(wrap->ssl_, nullptr);
tls: asynchronous SNICallback Make ClientHelloParser handle SNI extension, and extend `_tls_wrap.js` to support loading SNI Context from both hello, and resumed session. fix #5967
12 years ago
const char* servername = SSL_get_servername(wrap->ssl_,
TLSEXT_NAMETYPE_host_name);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (servername != nullptr) {
src: remove `node_isolate` from source fix #6899
11 years ago
args.GetReturnValue().Set(OneByteString(env->isolate(), servername));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
} else {
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
args.GetReturnValue().Set(false);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::SetServername(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* wrap = Unwrap<TLSWrap>(args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (args.Length() < 1 || !args[0]->IsString())
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowTypeError("First argument should be a string");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (wrap->started_)
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowError("Already started.");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!wrap->is_client())
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
CHECK_NE(wrap->ssl_, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: pass Isolate to node::Utf8Value constructor Initial attempt to remove all uses of Isolate::GetCurrent(). Still exists a few locations, but this works out a heavy usage. PR-URL: https://github.com/iojs/io.js/pull/244 Reviewed-by: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
node::Utf8Value servername(env->isolate(), args[0].As<String>());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_tlsext_host_name(wrap->ssl_, *servername);
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::SelectSNIContextCallback(SSL* s, int* ad, void* arg) {
TLSWrap* p = static_cast<TLSWrap*>(SSL_get_app_data(s));
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Environment* env = p->env();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (servername == nullptr)
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
return SSL_TLSEXT_ERR_OK;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
// Call the SNI callback and use its return value as context
Local<Object> object = p->object();
Local<Value> ctx = object->Get(env->sni_context_string());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
// Not an object, probably undefined or null
if (!ctx->IsObject())
return SSL_TLSEXT_ERR_NOACK;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
Local<FunctionTemplate> cons = env->secure_context_constructor_template();
if (!cons->HasInstance(ctx)) {
// Failure: incorrect SNI context object
Local<Value> err = Exception::TypeError(env->sni_context_err_string());
p->MakeCallback(env->onerror_string(), 1, &err);
return SSL_TLSEXT_ERR_NOACK;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
src: update to v8 3.24 APIs
11 years ago
p->sni_context_.Reset();
src: remove `node_isolate` from source fix #6899
11 years ago
p->sni_context_.Reset(env->isolate(), ctx);
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>());
crypto: never store pointer to conn in SSL_CTX SSL_CTX is shared between multiple connections and is not a right place to store per-connection data. fix #8348 Reviewed-By: Trevor Norris
10 years ago
InitNPN(sc);
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
SSL_set_SSL_CTX(s, sc->ctx_);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return SSL_TLSEXT_ERR_OK;
}
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Initialize(Handle<Object> target,
tls_wrap: proxy handle methods in prototype Set proxied methods wrappers in `TLSWrap` prototype instead of doing it on every socket allocation. Should speed up things a bit and will certainly make heapsnapshot less verbose. PR-URL: https://github.com/iojs/io.js/pull/1108 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
Handle<Value> unused,
Handle<Context> context) {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Environment* env = Environment::GetCurrent(context);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
env->SetMethod(target, "wrap", TLSWrap::Wrap);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: update to v8 3.24 APIs
11 years ago
Local<FunctionTemplate> t = FunctionTemplate::New(env->isolate());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
t->InstanceTemplate()->SetInternalFieldCount(1);
src: remove `node_isolate` from source fix #6899
11 years ago
t->SetClassName(FIXED_ONE_BYTE_STRING(env->isolate(), "TLSWrap"));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
env->SetProtoMethod(t, "receive", Receive);
env->SetProtoMethod(t, "start", Start);
env->SetProtoMethod(t, "setVerifyMode", SetVerifyMode);
env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
env->SetProtoMethod(t, "destroySSL", DestroySSL);
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: re-enable `.writev()` on TLSWrap Fix the `parallel/test-tls-over-http-tunnel.js` on Windows by re-enabling the accidentally disabled `.writev()` method on TLSWrap. It appears that there is some subtle issue with shutdown timing and it manifests itself when the chunks are written in separate packets. This leads to concurrent `shutdown`/`destroy`, which breaks the test. PR-URL: https://github.com/iojs/io.js/pull/1155 Reviewed-By: Bert Belder &lt;bertbelder@gmail.com&gt;
10 years ago
StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
SSLWrap<TLSWrap>::AddMethods(env, t);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
env->SetProtoMethod(t, "getServername", GetServername);
env->SetProtoMethod(t, "setServername", SetServername);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#endif // SSL_CRT_SET_TLSEXT_SERVERNAME_CB
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
env->set_tls_wrap_constructor_template(t);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
env->set_tls_wrap_constructor_function(t->GetFunction());
tls_wrap: proxy handle methods in prototype Set proxied methods wrappers in `TLSWrap` prototype instead of doing it on every socket allocation. Should speed up things a bit and will certainly make heapsnapshot less verbose. PR-URL: https://github.com/iojs/io.js/pull/1108 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "TLSWrap"),
t->GetFunction());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
} // namespace node
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
NODE_MODULE_CONTEXT_AWARE_BUILTIN(tls_wrap, node::TLSWrap::Initialize)