lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
15658 Commits
131 Branches
446 Tags
325 MiB
Tree: 5e07bce166
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5e07bce166'
${ noResults }
node/src/node_crypto.h

733 lines
23 KiB
Raw Normal View History

Initial openssl support for net2
15 years ago
#ifndef SRC_NODE_CRYPTO_H_
#define SRC_NODE_CRYPTO_H_
src: add include guards to internal headers For consistency with the newly added src/base64.h header, check that NODE_WANT_INTERNALS is defined and set in internal headers. PR-URL: https://github.com/nodejs/node/pull/6948 Refs: https://github.com/nodejs/node/pull/6910 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Trevor Norris <trev.norris@gmail.com>
9 years ago
#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
core: use proper #include directives
13 years ago
#include "node.h"
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
#include "node_crypto_clienthello.h" // ClientHelloParser
#include "node_crypto_clienthello-inl.h"
src: more lint after cpplint tightening Commit 847c6d9 adds a 'project headers before system headers' check to cpplint. Update the files in src/ to make the linter pass again.
12 years ago
#include "node_buffer.h"
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now "remember" the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
#include "env.h"
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don't call MakeCallback.
11 years ago
#include "async-wrap.h"
#include "async-wrap-inl.h"
#include "base-object.h"
#include "base-object-inl.h"
src: remove ObjectWrap dependency from core Drop the ObjectWrap dependency in favor of an internal WeakObject class. Let's us stop worrying about API and ABI compatibility when making changes to the way node.js deals with weakly persistent handles internally.
12 years ago
core: use proper #include directives
13 years ago
#include "v8.h"
Initial openssl support for net2
15 years ago
#include <openssl/ssl.h>
crypto: introduce ECDH
11 years ago
#include <openssl/ec.h>
#include <openssl/ecdh.h>
crypto: introduce .setEngine(engine, [flags])
11 years ago
#ifndef OPENSSL_NO_ENGINE
# include <openssl/engine.h>
#endif // !OPENSSL_NO_ENGINE
Initial openssl support for net2
15 years ago
#include <openssl/err.h>
Moved Credentials into crypto module. Added node_crypto into crypto module
15 years ago
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/x509.h>
Added additional properties to getPeerCertificate, now includes subjectAltName, Exponent and Modulus (FOAF+SSL friendly). Patch written by Nathan, http://groups.google.com/group/nodejs/browse_thread/thread/1d42da4cb2e51536
14 years ago
#include <openssl/x509v3.h>
Moved Credentials into crypto module. Added node_crypto into crypto module
15 years ago
#include <openssl/hmac.h>
crypto: implement randomBytes() and pseudoRandomBytes()
14 years ago
#include <openssl/rand.h>
crypto: add PKCS12/PFX support Fixes #2845.
13 years ago
#include <openssl/pkcs12.h>
Moved Credentials into crypto module. Added node_crypto into crypto module
15 years ago
#define EVP_F_EVP_DECRYPTFINAL 101
tls: support OCSP on client and server
11 years ago
#if !defined(OPENSSL_NO_TLSEXT) && defined(SSL_CTX_set_tlsext_status_cb)
# define NODE__HAVE_TLSEXT_STATUS_CB
#endif // !defined(OPENSSL_NO_TLSEXT) && defined(SSL_CTX_set_tlsext_status_cb)
Initial openssl support for net2
15 years ago
namespace node {
Rename node::SecureStream to node::crypto::Connection node::SecureStream is definitely not a &#34;stream&#34; in the Node sense. Renaming it to avoid ambiguity. (Adding namespace to not confuse with some other Connection object.)
14 years ago
namespace crypto {
Initial openssl support for net2
15 years ago
tls_wrap: clear errors on return Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions. See: https://github.com/nodejs/node/issues/4485 PR-URL: https://github.com/nodejs/node/pull/4515 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
// Forcibly clear OpenSSL's error stack on return. This stops stale errors
// from popping up later in the lifecycle of crypto operations where they
// would cause spurious failures. It's a rather blunt method, though.
// ERR_clear_error() isn't necessarily cheap either.
struct ClearErrorOnReturn {
~ClearErrorOnReturn() { ERR_clear_error(); }
};
// Pop errors from OpenSSL's error stack that were added
// between when this was constructed and destructed.
struct MarkPopErrorOnReturn {
MarkPopErrorOnReturn() { ERR_set_mark(); }
~MarkPopErrorOnReturn() { ERR_pop_to_mark(); }
};
crypto: add cert check to CNNIC Whitelist When client connect to the server with certification issued by either CNNIC Root CA or CNNIC EV Root CA, check hash of server certification in the list of CNNICHashWhitelist.inc. If it&#39;s not, CERT_REVOKED error returns. See for details in https://blog.mozilla.org/security/2015/04/02/distrusting-new-cnnic-certificates/ PR-URL: https://github.com/nodejs/io.js/pull/1895 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
enum CheckResult {
CHECK_CERT_REVOKED = 0,
CHECK_OK = 1
};
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
extern int VerifyCallback(int preverify_ok, X509_STORE_CTX* ctx);
crypto: make root_cert_store variable extern Before this commit it was declared static (in a header file!), meaning it got duplicated in every file that includes it. A few duplicated pointers is not the end of the world but it introduces a lot of potential for confusion because root_cert_store in file A is not the root_cert_store in file B. Moral of the story: don&#39;t declare static variables in header files.
12 years ago
extern X509_STORE* root_cert_store;
Don&#39;t load root certs for each SSL context
14 years ago
tls: async session storage
13 years ago
// Forward declaration
class Connection;
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
class SecureContext : public BaseObject {
Initial openssl support for net2
15 years ago
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~SecureContext() override {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
FreeCTXMem();
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
SSL_CTX* ctx_;
tls: support OCSP on client and server
11 years ago
X509* cert_;
X509* issuer_;
Initial openssl support for net2
15 years ago
tls: async session storage
13 years ago
static const int kMaxSessionSize = 10 * 1024;
tls: introduce internal `onticketkeycallback` `enableTicketKeyCallback` and `onticketkeycallback` could be potentially used to renew the TLS Session Tickets before they expire. However this commit will introduce it only for private use yet, because we are not sure about the API, and already need this feature for testing. See: https://github.com/nodejs/io.js/issues/2304 PR-URL: https://github.com/nodejs/io.js/pull/2312 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
// See TicketKeyCallback
static const int kTicketKeyReturnIndex = 0;
static const int kTicketKeyHMACIndex = 1;
static const int kTicketKeyAESIndex = 2;
static const int kTicketKeyNameIndex = 3;
static const int kTicketKeyIVIndex = 4;
tls: session API returns
12 years ago
protected:
crypto: track external memory for SSL structures Ensure that GC kicks in at the right times and the RSS does not blow up. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
static const int64_t kExternalSize = sizeof(SSL_CTX);
tls: session API returns
12 years ago
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetCert(const v8::FunctionCallbackInfo<v8::Value>& args);
static void AddCACert(const v8::FunctionCallbackInfo<v8::Value>& args);
static void AddCRL(const v8::FunctionCallbackInfo<v8::Value>& args);
static void AddRootCerts(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetCiphers(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: add ECDH ciphers support Switch test fixtures to 1024 bit keys.
12 years ago
static void SetECDHCurve(const v8::FunctionCallbackInfo<v8::Value>& args);
tls, crypto: add DHE support In case of an invalid DH parameter file, it is sliently discarded. To use auto DH parameter in a server and DHE key length check in a client, we need to wait for the next release of OpenSSL-1.0.2. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
static void SetDHParam(const v8::FunctionCallbackInfo<v8::Value>& args);
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void SetOptions(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetSessionIdContext(
const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetSessionTimeout(
const v8::FunctionCallbackInfo<v8::Value>& args);
static void Close(const v8::FunctionCallbackInfo<v8::Value>& args);
static void LoadPKCS12(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: share tls tickets key between cluster workers fix #5871
12 years ago
static void GetTicketKeys(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetTicketKeys(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: zero SSL_CTX freelist for a singleUse socket When connecting to server with `keepAlive` turned off - make sure that the read/write buffers won&#39;t be kept in a single use SSL_CTX instance after the socket will be destroyed. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
static void SetFreeListLength(
const v8::FunctionCallbackInfo<v8::Value>& args);
tls: introduce internal `onticketkeycallback` `enableTicketKeyCallback` and `onticketkeycallback` could be potentially used to renew the TLS Session Tickets before they expire. However this commit will introduce it only for private use yet, because we are not sure about the API, and already need this feature for testing. See: https://github.com/nodejs/io.js/issues/2304 PR-URL: https://github.com/nodejs/io.js/pull/2312 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
static void EnableTicketKeyCallback(
const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: export externals to internal structs Export External getters for a internal structs: SSL, SSL_CTX.
11 years ago
static void CtxGetter(v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Value>& info);
Initial openssl support for net2
15 years ago
tls: support OCSP on client and server
11 years ago
template <bool primary>
static void GetCertificate(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: introduce internal `onticketkeycallback` `enableTicketKeyCallback` and `onticketkeycallback` could be potentially used to renew the TLS Session Tickets before they expire. However this commit will introduce it only for private use yet, because we are not sure about the API, and already need this feature for testing. See: https://github.com/nodejs/io.js/issues/2304 PR-URL: https://github.com/nodejs/io.js/pull/2312 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
static int TicketKeyCallback(SSL* ssl,
unsigned char* name,
unsigned char* iv,
EVP_CIPHER_CTX* ectx,
HMAC_CTX* hctx,
int enc);
src: remove ObjectWrap dependency from core Drop the ObjectWrap dependency in favor of an internal WeakObject class. Let&#39;s us stop worrying about API and ABI compatibility when making changes to the way node.js deals with weakly persistent handles internally.
12 years ago
SecureContext(Environment* env, v8::Local<v8::Object> wrap)
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
: BaseObject(env, wrap),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
ctx_(nullptr),
cert_(nullptr),
issuer_(nullptr) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<SecureContext>(this);
crypto: track external memory for SSL structures Ensure that GC kicks in at the right times and the RSS does not blow up. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
env->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
Initial openssl support for net2
15 years ago
}
Don&#39;t load root certs for each SSL context
14 years ago
void FreeCTXMem() {
crypto: fix handling of root_cert_store. SecureContext::AddRootCerts only parses the root certificates once and keeps the result in root_cert_store, a global X509_STORE. This change addresses the following issues: 1. SecureContext::AddCACert would add certificates to whatever X509_STORE was being used, even if that happened to be root_cert_store. Thus adding a CA certificate to a SecureContext would also cause it to be included in unrelated SecureContexts. 2. AddCRL would crash if neither AddRootCerts nor AddCACert had been called first. 3. Calling AddCACert without calling AddRootCerts first, and with an input that didn&#39;t contain any certificates, would leak an X509_STORE. 4. AddCRL would add the CRL to whatever X509_STORE was being used. Thus, like AddCACert, unrelated SecureContext objects could be affected. The following, non-obvious behaviour remains: calling AddRootCerts doesn&#39;t /add/ them, rather it sets the CA certs to be the root set and overrides any previous CA certificates. Points 1–3 are probably unimportant because the SecureContext is typically configured by `createSecureContext` in `lib/_tls_common.js`. This function either calls AddCACert or AddRootCerts and only calls AddCRL after setting up CA certificates. Point four could still apply in the unlikely case that someone configures a CRL without explicitly configuring the CAs. PR-URL: https://github.com/nodejs/node/pull/9409 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-By: Shigeki Ohtsu &lt;ohtsu@ohtsu.org&gt;
8 years ago
if (!ctx_) {
return;
Implement SecureContext destructor
14 years ago
}
crypto: fix handling of root_cert_store. SecureContext::AddRootCerts only parses the root certificates once and keeps the result in root_cert_store, a global X509_STORE. This change addresses the following issues: 1. SecureContext::AddCACert would add certificates to whatever X509_STORE was being used, even if that happened to be root_cert_store. Thus adding a CA certificate to a SecureContext would also cause it to be included in unrelated SecureContexts. 2. AddCRL would crash if neither AddRootCerts nor AddCACert had been called first. 3. Calling AddCACert without calling AddRootCerts first, and with an input that didn&#39;t contain any certificates, would leak an X509_STORE. 4. AddCRL would add the CRL to whatever X509_STORE was being used. Thus, like AddCACert, unrelated SecureContext objects could be affected. The following, non-obvious behaviour remains: calling AddRootCerts doesn&#39;t /add/ them, rather it sets the CA certs to be the root set and overrides any previous CA certificates. Points 1–3 are probably unimportant because the SecureContext is typically configured by `createSecureContext` in `lib/_tls_common.js`. This function either calls AddCACert or AddRootCerts and only calls AddCRL after setting up CA certificates. Point four could still apply in the unlikely case that someone configures a CRL without explicitly configuring the CAs. PR-URL: https://github.com/nodejs/node/pull/9409 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-By: Shigeki Ohtsu &lt;ohtsu@ohtsu.org&gt;
8 years ago
env()->isolate()->AdjustAmountOfExternalAllocatedMemory(-kExternalSize);
SSL_CTX_free(ctx_);
if (cert_ != nullptr)
X509_free(cert_);
if (issuer_ != nullptr)
X509_free(issuer_);
ctx_ = nullptr;
cert_ = nullptr;
issuer_ = nullptr;
Initial openssl support for net2
15 years ago
}
};
src: add comments about implicit dependencies
11 years ago
// SSLWrap implicitly depends on the inheriting class' handle having an
// internal pointer to the Base class.
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
template <class Base>
class SSLWrap {
public:
enum Kind {
kClient,
kServer
};
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
SSLWrap(Environment* env, SecureContext* sc, Kind kind)
cpplint: disallow comma-first in C++
12 years ago
: env_(env),
kind_(kind),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
next_sess_(nullptr),
tls: introduce asynchronous `newSession` fix #7105
11 years ago
session_callbacks_(false),
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
new_session_wait_(false),
cert_cb_(nullptr),
cert_cb_arg_(nullptr),
cert_cb_running_(false) {
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
ssl_ = SSL_new(sc->ctx_);
crypto: track external memory for SSL structures Ensure that GC kicks in at the right times and the RSS does not blow up. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
env_->isolate()->AdjustAmountOfExternalAllocatedMemory(kExternalSize);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
CHECK_NE(ssl_, nullptr);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
}
src: mark SSLWrap destructor as virtual Like the previous commit but this time for the SSLWrap destructor.
10 years ago
virtual ~SSLWrap() {
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
DestroySSL();
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (next_sess_ != nullptr) {
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
SSL_SESSION_free(next_sess_);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
next_sess_ = nullptr;
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
}
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
sni_context_.Reset();
#endif
tls, crypto: add ALPN Support ALPN is added to tls according to RFC7301, which supersedes NPN. When the server receives both NPN and ALPN extensions from the client, ALPN takes precedence over NPN and the server does not send NPN extension to the client. alpnProtocol in TLSSocket always returns false when no selected protocol exists by ALPN. In https server, http/1.1 token is always set when no options.ALPNProtocols exists. PR-URL: https://github.com/nodejs/node/pull/2564 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
tls: support OCSP on client and server
11 years ago
#ifdef NODE__HAVE_TLSEXT_STATUS_CB
ocsp_response_.Reset();
src: lint after OCSP commits
11 years ago
#endif // NODE__HAVE_TLSEXT_STATUS_CB
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
}
inline SSL* ssl() const { return ssl_; }
inline void enable_session_callbacks() { session_callbacks_ = true; }
inline bool is_server() const { return kind_ == kServer; }
inline bool is_client() const { return kind_ == kClient; }
tls: introduce asynchronous `newSession` fix #7105
11 years ago
inline bool is_waiting_new_session() const { return new_session_wait_; }
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
inline bool is_waiting_cert_cb() const { return cert_cb_ != nullptr; }
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
protected:
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
typedef void (*CertCb)(void* arg);
crypto: track external memory for SSL structures Ensure that GC kicks in at the right times and the RSS does not blow up. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
// Size allocated by OpenSSL: one for SSL structure, one for SSL3_STATE and
// some for buffers.
// NOTE: Actually it is much more than this
static const int64_t kExternalSize =
sizeof(SSL) + sizeof(SSL3_STATE) + 42 * 1024;
crypto: never store pointer to conn in SSL_CTX SSL_CTX is shared between multiple connections and is not a right place to store per-connection data. fix #8348 Reviewed-By: Trevor Norris
11 years ago
static void InitNPN(SecureContext* sc);
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void AddMethods(Environment* env, v8::Local<v8::FunctionTemplate> t);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
static SSL_SESSION* GetSessionCallback(SSL* s,
unsigned char* key,
int len,
int* copy);
static int NewSessionCallback(SSL* s, SSL_SESSION* sess);
static void OnClientHello(void* arg,
const ClientHelloParser::ClientHello& hello);
static void GetPeerCertificate(
const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetSession(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetSession(const v8::FunctionCallbackInfo<v8::Value>& args);
static void LoadSession(const v8::FunctionCallbackInfo<v8::Value>& args);
static void IsSessionReused(const v8::FunctionCallbackInfo<v8::Value>& args);
static void IsInitFinished(const v8::FunctionCallbackInfo<v8::Value>& args);
static void VerifyError(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetCurrentCipher(const v8::FunctionCallbackInfo<v8::Value>& args);
static void EndParser(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
static void CertCbDone(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: socket.renegotiate(options, callback) This utility function allows renegotiaion of secure connection after establishing it. fix #2496
12 years ago
static void Renegotiate(const v8::FunctionCallbackInfo<v8::Value>& args);
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
static void Shutdown(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: more session configuration options, methods Introduce `ticketKeys` server option, `session` client option, `getSession()` and `getTLSTicket()` methods. fix #7032
11 years ago
static void GetTLSTicket(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: introduce asynchronous `newSession` fix #7105
11 years ago
static void NewSessionDone(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: support OCSP on client and server
11 years ago
static void SetOCSPResponse(const v8::FunctionCallbackInfo<v8::Value>& args);
static void RequestOCSP(const v8::FunctionCallbackInfo<v8::Value>& args);
tls: add TLSSocket.getEphemeralKeyInfo() Returns an object representing a type, name and size of an ephemeral key exchange in a client connection. Currently only DHE and ECHE are supported. This api only works on on a client connection. When it is called on a server connection, null is returned. When its key exchange is not ephemeral, an empty object is returned. PR-URL: https://github.com/nodejs/node/pull/1831 Reviewed-By: indutny - Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: bnoordhuis - Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void GetEphemeralKeyInfo(
const v8::FunctionCallbackInfo<v8::Value>& args);
tls: add getProtocol() to TLS sockets This commit adds a new method for TLS sockets that returns the negotiated protocol version. PR-URL: https://github.com/nodejs/node/pull/4995 Reviewed-By: Sakthipriyan Vairamani &lt;thechargingvolcano@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt;
9 years ago
static void GetProtocol(const v8::FunctionCallbackInfo<v8::Value>& args);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
lib: introduce `.setMaxSendFragment(size)` fix #6889
11 years ago
#ifdef SSL_set_max_send_fragment
static void SetMaxSendFragment(
const v8::FunctionCallbackInfo<v8::Value>& args);
#endif // SSL_set_max_send_fragment
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
#ifdef OPENSSL_NPN_NEGOTIATED
static void GetNegotiatedProto(
const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetNPNProtocols(const v8::FunctionCallbackInfo<v8::Value>& args);
static int AdvertiseNextProtoCallback(SSL* s,
const unsigned char** data,
unsigned int* len,
void* arg);
static int SelectNextProtoCallback(SSL* s,
unsigned char** out,
unsigned char* outlen,
const unsigned char* in,
unsigned int inlen,
void* arg);
#endif // OPENSSL_NPN_NEGOTIATED
tls, crypto: add ALPN Support ALPN is added to tls according to RFC7301, which supersedes NPN. When the server receives both NPN and ALPN extensions from the client, ALPN takes precedence over NPN and the server does not send NPN extension to the client. alpnProtocol in TLSSocket always returns false when no selected protocol exists by ALPN. In https server, http/1.1 token is always set when no options.ALPNProtocols exists. PR-URL: https://github.com/nodejs/node/pull/2564 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void GetALPNNegotiatedProto(
const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetALPNProtocols(const v8::FunctionCallbackInfo<v8::Value>& args);
static int SelectALPNCallback(SSL* s,
const unsigned char** out,
unsigned char* outlen,
const unsigned char* in,
unsigned int inlen,
void* arg);
tls: support OCSP on client and server
11 years ago
static int TLSExtStatusCallback(SSL* s, void* arg);
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
static int SSLCertCallback(SSL* s, void* arg);
crypto: export externals to internal structs Export External getters for a internal structs: SSL, SSL_CTX.
11 years ago
static void SSLGetter(v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Value>& info);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
void DestroySSL();
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
void WaitForCertCb(CertCb cb, void* arg);
tls: copy client CAs and cert store on CertCb Copy client CA certs and cert store when asynchronously selecting `SecureContext` during `SNICallback`. We already copy private key, certificate, and certificate chain, but the client CA certs were missing. Fix: #2772 PR-URL: https://github.com/nodejs/node/pull/3537 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
void SetSNIContext(SecureContext* sc);
int SetCACerts(SecureContext* sc);
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
12 years ago
inline Environment* ssl_env() const {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
return env_;
}
Environment* const env_;
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
Kind kind_;
SSL_SESSION* next_sess_;
SSL* ssl_;
bool session_callbacks_;
tls: introduce asynchronous `newSession` fix #7105
11 years ago
bool new_session_wait_;
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
// SSL_set_cert_cb
CertCb cert_cb_;
void* cert_cb_arg_;
bool cert_cb_running_;
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
ClientHelloParser hello_parser_;
tls: support OCSP on client and server
11 years ago
#ifdef NODE__HAVE_TLSEXT_STATUS_CB
v8::Persistent<v8::Object> ocsp_response_;
#endif // NODE__HAVE_TLSEXT_STATUS_CB
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
v8::Persistent<v8::Value> sni_context_;
#endif
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
friend class SecureContext;
};
src: add comments about implicit dependencies
11 years ago
// Connection inherits from AsyncWrap because SSLWrap makes calls to
// MakeCallback, but SSLWrap doesn't store the handle itself. Instead it
// assumes that any args.This() called will be the handle from Connection.
src: inherit first from AsyncWrap To make sure casting a class of multiple inheritance from a void* to AsyncWrap succeeds make AsyncWrap the first inherited class. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
class Connection : public AsyncWrap, public SSLWrap<Connection> {
Initial openssl support for net2
15 years ago
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~Connection() override {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: update to v8 3.24 APIs
11 years ago
sniObject_.Reset();
servername_.Reset();
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
#endif
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: make NewSessionDoneCb public Generic friend classes do not work well with old compiler versions (and MSVC).
11 years ago
void NewSessionDoneCb();
Initial openssl support for net2
15 years ago
OpenSSL NPN in node.js closes #926.
14 years ago
#ifdef OPENSSL_NPN_NEGOTIATED
v8::Persistent<v8::Object> npnProtos_;
v8::Persistent<v8::Value> selectedNPNProto_;
#endif
Add support for TLS SNI Fixes #1411
14 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
crypto, tls: make setSNICallback() compatible with domains
13 years ago
v8::Persistent<v8::Object> sniObject_;
Add support for TLS SNI Fixes #1411
14 years ago
v8::Persistent<v8::String> servername_;
#endif
async-wrap: add provider id and object info cb Re-add the wrapper class id to AsyncWrap instances so they can be tracked directly in a heapdump. Previously the class id was given without setting the heap dump wrapper class info provider. Causing a segfault when a heapdump was taken. This has been added, and the label_ set to the given provider name so each instance can be identified. The id will not be set of the passed object has no internal field count. As the class pointer cannot be retrieved from the object. In order to properly report the allocated size of each class, the new pure virtual method self_size() has been introduces. PR-URL: https://github.com/nodejs/io.js/pull/1896 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
size_t self_size() const override { return sizeof(*this); }
Initial openssl support for net2
15 years ago
protected:
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void EncIn(const v8::FunctionCallbackInfo<v8::Value>& args);
static void ClearOut(const v8::FunctionCallbackInfo<v8::Value>& args);
static void ClearPending(const v8::FunctionCallbackInfo<v8::Value>& args);
static void EncPending(const v8::FunctionCallbackInfo<v8::Value>& args);
static void EncOut(const v8::FunctionCallbackInfo<v8::Value>& args);
static void ClearIn(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Start(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Close(const v8::FunctionCallbackInfo<v8::Value>& args);
Initial openssl support for net2
15 years ago
Add support for TLS SNI Fixes #1411
14 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
// SNI
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void GetServername(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetSNICallback(const v8::FunctionCallbackInfo<v8::Value>& args);
static int SelectSNIContextCallback_(SSL* s, int* ad, void* arg);
Add support for TLS SNI Fixes #1411
14 years ago
#endif
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
static void OnClientHelloParseEnd(void* arg);
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
int HandleBIOError(BIO* bio, const char* func, int rv);
crypto: fix ssl error handling Make HandleSSLError() correctly process a zero status code: sometimes it indicates an error and sometimes it doesn&#39;t.
12 years ago
enum ZeroStatus {
kZeroIsNotAnError,
kZeroIsAnError
};
tls: ignore .shutdown() syscall error Quote from SSL_shutdown man page: The output of SSL_get_error(3) may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. Also, handle all other errors to prevent assertion in `ClearError()`.
12 years ago
enum SyscallStatus {
kIgnoreSyscall,
kSyscallError
};
int HandleSSLError(const char* func, int rv, ZeroStatus zs, SyscallStatus ss);
Remove unused parameter from crypto::Handle*Error
14 years ago
TLS: better error reporting at binding layer Closes GH-612.
14 years ago
void ClearError();
TLS: Set ssl.receivedShutdown after each read Closes GH-613.
14 years ago
void SetShutdownFlags();
TLS: better error reporting at binding layer Closes GH-612.
14 years ago
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Connection(Environment* env,
src: remove ObjectWrap dependency from core Drop the ObjectWrap dependency in favor of an internal WeakObject class. Let&#39;s us stop worrying about API and ABI compatibility when making changes to the way node.js deals with weakly persistent handles internally.
12 years ago
v8::Local<v8::Object> wrap,
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
SecureContext* sc,
SSLWrap<Connection>::Kind kind)
src: inherit first from AsyncWrap To make sure casting a class of multiple inheritance from a void* to AsyncWrap succeeds make AsyncWrap the first inherited class. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
: AsyncWrap(env, wrap, AsyncWrap::PROVIDER_CRYPTO),
SSLWrap<Connection>(env, sc, kind),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
bio_read_(nullptr),
bio_write_(nullptr),
cpplint: disallow comma-first in C++
12 years ago
hello_offset_(0) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<Connection>(this);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
hello_parser_.Start(SSLWrap<Connection>::OnClientHello,
OnClientHelloParseEnd,
this);
enable_session_callbacks();
Initial openssl support for net2
15 years ago
}
private:
tls: mitigate session renegotiation attacks The TLS protocol allows (and sometimes requires) clients to renegotiate the session. However, renegotiation requires a disproportional amount of server-side resources, particularly CPU time, which makes it a potential vector for denial-of-service attacks. To mitigate this issue, we keep track of and limit the number of renegotiation requests over time, emitting an error if the threshold is exceeded.
13 years ago
static void SSLInfoCallback(const SSL *ssl, int where, int ret);
Fix style in node_crypto.cc
15 years ago
BIO *bio_read_;
BIO *bio_write_;
tls: async session storage
13 years ago
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
uint8_t hello_data_[18432];
size_t hello_offset_;
tls: async session storage
13 years ago
friend class ClientHelloParser;
friend class SecureContext;
Initial openssl support for net2
15 years ago
};
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
class CipherBase : public BaseObject {
crypto: split crypto classes
12 years ago
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~CipherBase() override {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
if (!initialised_)
return;
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
delete[] auth_tag_;
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
EVP_CIPHER_CTX_cleanup(&ctx_);
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: split crypto classes
12 years ago
protected:
crypto: merge Cipher and Decipher
12 years ago
enum CipherKind {
kCipher,
kDecipher
};
crypto: split crypto classes
12 years ago
src: const-ify variables in src/node_crypto* No functional changes, just some code tightening. Clean up some style inconsistencies while we are here.
12 years ago
void Init(const char* cipher_type, const char* key_buf, int key_buf_len);
void InitIv(const char* cipher_type,
const char* key,
int key_len,
const char* iv,
int iv_len);
bool Update(const char* data, int len, unsigned char** out, int* out_len);
crypto: merge Cipher and Decipher
12 years ago
bool Final(unsigned char** out, int *out_len);
bool SetAutoPadding(bool auto_padding);
crypto: split crypto classes
12 years ago
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
bool IsAuthenticatedMode() const;
bool GetAuthTag(char** out, unsigned int* out_len) const;
bool SetAuthTag(const char* data, unsigned int len);
crypto: allow setting add&#39;l authenticated data
11 years ago
bool SetAAD(const char* data, unsigned int len);
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Init(const v8::FunctionCallbackInfo<v8::Value>& args);
static void InitIv(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Update(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Final(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetAutoPadding(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: split crypto classes
12 years ago
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
static void GetAuthTag(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetAuthTag(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: allow setting add&#39;l authenticated data
11 years ago
static void SetAAD(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
12 years ago
CipherBase(Environment* env,
src: remove ObjectWrap dependency from core Drop the ObjectWrap dependency in favor of an internal WeakObject class. Let&#39;s us stop worrying about API and ABI compatibility when making changes to the way node.js deals with weakly persistent handles internally.
12 years ago
v8::Local<v8::Object> wrap,
CipherKind kind)
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
: BaseObject(env, wrap),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
cipher_(nullptr),
cpplint: disallow comma-first in C++
12 years ago
initialised_(false),
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
kind_(kind),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
auth_tag_(nullptr),
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
auth_tag_len_(0) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<CipherBase>(this);
crypto: split crypto classes
12 years ago
}
private:
crypto: merge Cipher and Decipher
12 years ago
EVP_CIPHER_CTX ctx_; /* coverity[member_decl] */
const EVP_CIPHER* cipher_; /* coverity[member_decl] */
crypto: split crypto classes
12 years ago
bool initialised_;
crypto: merge Cipher and Decipher
12 years ago
CipherKind kind_;
crypto: support GCM authenticated encryption mode. This adds two new member functions getAuthTag and setAuthTag that are useful for AES-GCM encryption modes. Use getAuthTag after Cipheriv.final, transmit the tag along with the data and use Decipheriv.setAuthTag to have the encrypted data verified.
11 years ago
char* auth_tag_;
unsigned int auth_tag_len_;
crypto: split crypto classes
12 years ago
};
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
class Hmac : public BaseObject {
crypto: split crypto classes
12 years ago
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~Hmac() override {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
if (!initialised_)
return;
HMAC_CTX_cleanup(&ctx_);
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: split crypto classes
12 years ago
protected:
src: const-ify variables in src/node_crypto* No functional changes, just some code tightening. Clean up some style inconsistencies while we are here.
12 years ago
void HmacInit(const char* hash_type, const char* key, int key_len);
bool HmacUpdate(const char* data, int len);
crypto: refactor crypto classes
12 years ago
bool HmacDigest(unsigned char** md_value, unsigned int* md_len);
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void HmacInit(const v8::FunctionCallbackInfo<v8::Value>& args);
static void HmacUpdate(const v8::FunctionCallbackInfo<v8::Value>& args);
static void HmacDigest(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: split crypto classes
12 years ago
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
12 years ago
Hmac(Environment* env, v8::Local<v8::Object> wrap)
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
: BaseObject(env, wrap),
cpplint: disallow comma-first in C++
12 years ago
initialised_(false) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<Hmac>(this);
crypto: split crypto classes
12 years ago
}
private:
crypto: refactor crypto classes
12 years ago
HMAC_CTX ctx_; /* coverity[member_decl] */
crypto: split crypto classes
12 years ago
bool initialised_;
};
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
class Hash : public BaseObject {
crypto: split crypto classes
12 years ago
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~Hash() override {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
if (!initialised_)
return;
EVP_MD_CTX_cleanup(&mdctx_);
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: split crypto classes
12 years ago
src: const-ify variables in src/node_crypto* No functional changes, just some code tightening. Clean up some style inconsistencies while we are here.
12 years ago
bool HashInit(const char* hash_type);
bool HashUpdate(const char* data, int len);
crypto: split crypto classes
12 years ago
protected:
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void HashUpdate(const v8::FunctionCallbackInfo<v8::Value>& args);
static void HashDigest(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: split crypto classes
12 years ago
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
12 years ago
Hash(Environment* env, v8::Local<v8::Object> wrap)
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
: BaseObject(env, wrap),
cpplint: disallow comma-first in C++
12 years ago
initialised_(false) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<Hash>(this);
crypto: split crypto classes
12 years ago
}
private:
crypto: refactor crypto classes
12 years ago
EVP_MD_CTX mdctx_; /* coverity[member_decl] */
crypto: split crypto classes
12 years ago
bool initialised_;
crypto: better error message for createHash calling digest or update on a hash object after digest has been called now gives a topical error message instead of an error message saying that the hash failed to initialize. PR-URL: https://github.com/nodejs/node/pull/6042 Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt;
9 years ago
bool finalized_;
crypto: split crypto classes
12 years ago
};
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
class SignBase : public BaseObject {
crypto: split crypto classes
12 years ago
public:
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
typedef enum {
kSignOk,
kSignUnknownDigest,
kSignInit,
kSignNotInitialised,
kSignUpdate,
kSignPrivateKey,
kSignPublicKey
} Error;
SignBase(Environment* env, v8::Local<v8::Object> wrap)
: BaseObject(env, wrap),
initialised_(false) {
}
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~SignBase() override {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
if (!initialised_)
return;
EVP_MD_CTX_cleanup(&mdctx_);
}
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
protected:
src: remove `node_isolate` from source fix #6899
11 years ago
void CheckThrow(Error error);
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
EVP_MD_CTX mdctx_; /* coverity[member_decl] */
bool initialised_;
};
class Sign : public SignBase {
public:
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: split crypto classes
12 years ago
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
Error SignInit(const char* sign_type);
Error SignUpdate(const char* data, int len);
Error SignFinal(const char* key_pem,
int key_pem_len,
const char* passphrase,
unsigned char** sig,
unsigned int *sig_len);
crypto: split crypto classes
12 years ago
protected:
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SignInit(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SignUpdate(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SignFinal(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: split crypto classes
12 years ago
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
Sign(Environment* env, v8::Local<v8::Object> wrap) : SignBase(env, wrap) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<Sign>(this);
crypto: split crypto classes
12 years ago
}
};
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
class Verify : public SignBase {
crypto: split crypto classes
12 years ago
public:
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: split crypto classes
12 years ago
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
Error VerifyInit(const char* verify_type);
Error VerifyUpdate(const char* data, int len);
Error VerifyFinal(const char* key_pem,
int key_pem_len,
const char* sig,
int siglen,
bool* verify_result);
crypto: split crypto classes
12 years ago
protected:
src: lint c++ code
12 years ago
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void VerifyInit(const v8::FunctionCallbackInfo<v8::Value>& args);
static void VerifyUpdate(const v8::FunctionCallbackInfo<v8::Value>& args);
static void VerifyFinal(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: split crypto classes
12 years ago
crypto: throw only in direct C++ methods Do not throw in internal C++ methods, that clobbers logic and may lead to the situations, where both exception was thrown and the value was returned (via `args.GetReturnValue().Set()`). That doesn&#39;t play nicely with v8. fix #6912
11 years ago
Verify(Environment* env, v8::Local<v8::Object> wrap) : SignBase(env, wrap) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<Verify>(this);
crypto: split crypto classes
12 years ago
}
};
crypto: add RSA encryption Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
class PublicKeyCipher {
public:
typedef int (*EVP_PKEY_cipher_init_t)(EVP_PKEY_CTX *ctx);
typedef int (*EVP_PKEY_cipher_t)(EVP_PKEY_CTX *ctx,
unsigned char *out, size_t *outlen,
const unsigned char *in, size_t inlen);
enum Operation {
crypto: implement privateEncrypt/publicDecrypt PR-URL: https://github.com/iojs/io.js/pull/625 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Fix iojs/io.js#477
10 years ago
kPublic,
kPrivate
crypto: add RSA encryption Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
};
template <Operation operation,
EVP_PKEY_cipher_init_t EVP_PKEY_cipher_init,
EVP_PKEY_cipher_t EVP_PKEY_cipher>
static bool Cipher(const char* key_pem,
int key_pem_len,
const char* passphrase,
crypto: allow padding in RSA methods Reviewed-By: Trevor Norris &lt;trevnorris@gmail.com&gt;
11 years ago
int padding,
crypto: add RSA encryption Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
const unsigned char* data,
int len,
unsigned char** out,
size_t* out_len);
template <Operation operation,
EVP_PKEY_cipher_init_t EVP_PKEY_cipher_init,
EVP_PKEY_cipher_t EVP_PKEY_cipher>
static void Cipher(const v8::FunctionCallbackInfo<v8::Value>& args);
};
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
class DiffieHellman : public BaseObject {
crypto: split crypto classes
12 years ago
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~DiffieHellman() override {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (dh != nullptr) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
DH_free(dh);
}
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: split crypto classes
12 years ago
crypto: allow custom generator for DiffieHellman
11 years ago
bool Init(int primeLength, int g);
bool Init(const char* p, int p_len, int g);
src: const-ify variables in src/node_crypto* No functional changes, just some code tightening. Clean up some style inconsistencies while we are here.
12 years ago
bool Init(const char* p, int p_len, const char* g, int g_len);
crypto: split crypto classes
12 years ago
protected:
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
static void DiffieHellmanGroup(
const v8::FunctionCallbackInfo<v8::Value>& args);
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GenerateKeys(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetPrime(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetGenerator(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetPublicKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetPrivateKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void ComputeSecret(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetPublicKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetPrivateKey(const v8::FunctionCallbackInfo<v8::Value>& args);
crypto: allow custom generator for DiffieHellman
11 years ago
static void VerifyErrorGetter(
v8::Local<v8::String> property,
const v8::PropertyCallbackInfo<v8::Value>& args);
crypto: split crypto classes
12 years ago
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
12 years ago
DiffieHellman(Environment* env, v8::Local<v8::Object> wrap)
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
: BaseObject(env, wrap),
cpplint: disallow comma-first in C++
12 years ago
initialised_(false),
crypto: allow custom generator for DiffieHellman
11 years ago
verifyError_(0),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
dh(nullptr) {
base-object: add BaseObject BaseObject is a class that just handles the Persistent handle attached to the class instance. This also removed WeakObject. Reordering the inheritance chain helps prevent unneeded calls on instances that don&#39;t call MakeCallback.
11 years ago
MakeWeak<DiffieHellman>(this);
crypto: split crypto classes
12 years ago
}
private:
bool VerifyContext();
bool initialised_;
crypto: allow custom generator for DiffieHellman
11 years ago
int verifyError_;
crypto: split crypto classes
12 years ago
DH* dh;
};
crypto: introduce ECDH
11 years ago
class ECDH : public BaseObject {
public:
src: mark more destructors with override keyword The previous commits fixed oversights in destructors that should have been marked virtual but weren&#39;t. This commit marks destructors from derived classes with the override keyword.
10 years ago
~ECDH() override {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (key_ != nullptr)
crypto: introduce ECDH
11 years ago
EC_KEY_free(key_);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
key_ = nullptr;
group_ = nullptr;
crypto: introduce ECDH
11 years ago
}
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
static void Initialize(Environment* env, v8::Local<v8::Object> target);
crypto: introduce ECDH
11 years ago
protected:
ECDH(Environment* env, v8::Local<v8::Object> wrap, EC_KEY* key)
: BaseObject(env, wrap),
key_(key),
group_(EC_KEY_get0_group(key_)) {
MakeWeak<ECDH>(this);
src: add ASSERT_EQ style macros Add ASSERT counterparts to the CHECK_EQ/CHECK_NE/etc. family of macros. PR-URL: https://github.com/iojs/io.js/pull/529 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
ASSERT_NE(group_, nullptr);
crypto: introduce ECDH
11 years ago
}
static void New(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GenerateKeys(const v8::FunctionCallbackInfo<v8::Value>& args);
static void ComputeSecret(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetPrivateKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetPrivateKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetPublicKey(const v8::FunctionCallbackInfo<v8::Value>& args);
static void SetPublicKey(const v8::FunctionCallbackInfo<v8::Value>& args);
EC_POINT* BufferToPoint(char* data, size_t len);
crypto: simplify using pre-existing keys with ECDH These changes simplify using ECDH with private keys that are not dynamically generated with ECDH.generateKeys. Support for computing the public key corresponding to the given private key was added. Validity checks to reduce the possibility of computing a weak or invalid shared secret were also added. Finally, ECDH.setPublicKey was softly deprecated. PR-URL: https://github.com/nodejs/node/pull/3511 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
9 years ago
bool IsKeyPairValid();
bool IsKeyValidForCurve(const BIGNUM* private_key);
crypto: introduce ECDH
11 years ago
EC_KEY* key_;
const EC_GROUP* group_;
};
src: seed V8&#39;s random number generator at startup The default entropy source is /dev/urandom on UNIX platforms, which is okay but we can do better by seeding it from OpenSSL&#39;s entropy pool. On Windows we can certainly do better; on that platform, V8 seeds the random number generator using only the current system time. Fixes #6250.
12 years ago
bool EntropySource(unsigned char* buffer, size_t length);
crypto: introduce .setEngine(engine, [flags])
11 years ago
#ifndef OPENSSL_NO_ENGINE
void SetEngine(const v8::FunctionCallbackInfo<v8::Value>& args);
#endif // !OPENSSL_NO_ENGINE
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
void InitCrypto(v8::Local<v8::Object> target);
Rename node::SecureStream to node::crypto::Connection node::SecureStream is definitely not a &#34;stream&#34; in the Node sense. Renaming it to avoid ambiguity. (Adding namespace to not confuse with some other Connection object.)
14 years ago
} // namespace crypto
} // namespace node
Initial openssl support for net2
15 years ago
src: add include guards to internal headers For consistency with the newly added src/base64.h header, check that NODE_WANT_INTERNALS is defined and set in internal headers. PR-URL: https://github.com/nodejs/node/pull/6948 Refs: https://github.com/nodejs/node/pull/6910 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
9 years ago
#endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
Initial openssl support for net2
15 years ago
#endif // SRC_NODE_CRYPTO_H_