lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
17841 Commits
131 Branches
446 Tags
325 MiB
Tree: 6cc63797bc
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '6cc63797bc'
${ noResults }
node/src/tls_wrap.cc

970 lines
25 KiB
Raw Normal View History

meta: restore original copyright header A prior io.js era commit inappropriately removed the original copyright statements from the source. This restores those in any files still remaining from that edit. Ref: https://github.com/nodejs/TSC/issues/174 Ref: https://github.com/nodejs/node/pull/10599 PR-URL: https://github.com/nodejs/node/pull/10155 Note: This PR was required, reviewed-by and approved by the Node.js Foundation Legal Committee and the TSC. There is no `Approved-By:` meta data.
8 years ago
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#include "tls_wrap.h"
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
11 years ago
#include "async-wrap.h"
#include "async-wrap-inl.h"
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#include "node_buffer.h" // Buffer
#include "node_crypto.h" // SecureContext
#include "node_crypto_bio.h" // NodeBIO
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
#include "node_crypto_clienthello.h" // ClientHelloParser
#include "node_crypto_clienthello-inl.h"
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#include "node_counters.h"
src: centralize class wrap/unwrap While almost all cases were handled by simple WRAP/UNWRAP macros, this extends those to cover all known occurrences.
12 years ago
#include "node_internals.h"
stream_base: remove static JSMethod declarations Move JS methods to the stream_base-inl.h and thus define them on each use of `StreamBase::AddMethods`. Inline `AddMethods` itself, so that there won't be any need in a static declaration in stream_base.cc. NOTE: This basically allows using this API in user-land, though, some polishing is required before releasing it. PR-URL: https://github.com/iojs/io.js/pull/957 Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
10 years ago
#include "stream_base.h"
#include "stream_base-inl.h"
src: use function to get internal pointer Remove the NODE_{WRAP,UNWRAP} macros and instead use template functions.
11 years ago
#include "util.h"
#include "util-inl.h"
tls_wrap: embed TLS encryption into streamwrap
12 years ago
namespace node {
src: fix up unused/unordered imports
12 years ago
using crypto::SecureContext;
src: fix check-imports.py linter errors This patch fixes all the linter errors. PR-URL: https://github.com/nodejs/node/pull/6105 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com>
9 years ago
using crypto::SSLWrap;
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now "remember" the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
using v8::Context;
src: update to v8 3.24 APIs
11 years ago
using v8::EscapableHandleScope;
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo<T>& argument rather than a const v8::Arguments& argument. * Binding functions return void rather than v8::Handle<v8::Value>. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent<T> no longer derives from v8::Handle<T> and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local<T> from the persistent handle with the Local<T>::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached<T>, which wraps a v8::Persistent<T> with some template sugar. It can hold arbitrary types but so far it's exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
using v8::Exception;
using v8::Function;
using v8::FunctionCallbackInfo;
using v8::FunctionTemplate;
string_bytes: don't use named imports in header It imports the definition into every source file that includes string_bytes.h, as evidenced by the build suddenly breaking left and right because of missing Handle/Local/String/Value imports.
12 years ago
using v8::Local;
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo<T>& argument rather than a const v8::Arguments& argument. * Binding functions return void rather than v8::Handle<v8::Value>. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent<T> no longer derives from v8::Handle<T> and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local<T> from the persistent handle with the Local<T>::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached<T>, which wraps a v8::Persistent<T> with some template sugar. It can hold arbitrary types but so far it's exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
using v8::Object;
using v8::String;
using v8::Value;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv's stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris <trev.norris@gmail.com> Reviewed-By: Chris Dickinson <christopher.s.dickinson@gmail.com>
10 years ago
TLSWrap::TLSWrap(Environment* env,
Kind kind,
StreamBase* stream,
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
10 years ago
SecureContext* sc)
tls_wrap: inherit from the `AsyncWrap` first `WrapperInfo` casts pointer in JS object's internal field to `AsyncWrap`. This approach fails miserably for `TLSWrap` because it was inhereted from the `StreamBase` first, creating different kind of `vtable` for the whole class. Reorder parent classes to put `AsyncWrap` first. Fix: https://github.com/nodejs/node/issues/4250 PR-URL: https://github.com/nodejs/node/pull/4268 Reviewed-By: James M Snell <jasnell@gmail.com>
9 years ago
: AsyncWrap(env,
src: fix NewInstance deprecation warnings PR-URL: https://github.com/nodejs/node/pull/4722 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Ali Ijaz Sheikh <ofrobots@google.com>
9 years ago
env->tls_wrap_constructor_function()
->NewInstance(env->context()).ToLocalChecked(),
async_wrap: add provider types/pass to constructor These will be used to allow users to filter for which types of calls they wish their callbacks to run. Signed-off-by: Timothy J Fontaine <tjfontaine@gmail.com>
11 years ago
AsyncWrap::PROVIDER_TLSWRAP),
tls_wrap: inherit from the `AsyncWrap` first `WrapperInfo` casts pointer in JS object's internal field to `AsyncWrap`. This approach fails miserably for `TLSWrap` because it was inhereted from the `StreamBase` first, creating different kind of `vtable` for the whole class. Reorder parent classes to put `AsyncWrap` first. Fix: https://github.com/nodejs/node/issues/4250 PR-URL: https://github.com/nodejs/node/pull/4268 Reviewed-By: James M Snell <jasnell@gmail.com>
9 years ago
SSLWrap<TLSWrap>(env, sc, kind),
StreamBase(env),
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
sc_(sc),
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
stream_(stream),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
enc_in_(nullptr),
enc_out_(nullptr),
clear_in_(nullptr),
tls_wrap: embed TLS encryption into streamwrap
12 years ago
write_size_(0),
started_(false),
established_(false),
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
shutdown_(false),
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
error_(nullptr),
tls: introduce asynchronous `newSession` fix #7105
11 years ago
cycle_depth_(0),
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
eof_(false) {
src: remove unnecessary template parameter The template class information is received via the type of the first argument. So there is no need to use Wrap&lt;T&gt;(handle). PR-URL: https://github.com/joyent/node/pull/8110 Signed-off-by: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-by: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-by: Alexis Campailla &lt;alexis@janeasystems.com&gt; Reviewed-by: Julien Gilli &lt;julien.gilli@joyent.com&gt;
10 years ago
node::Wrap(object(), this);
tls_wrap: ensure that TLSCallbacks are gc-able Call `MakeWeak()` to destruct TLSCallbacks when the js-object dies. fix #8416 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
MakeWeak(this);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
// sc comes from an Unwrap. Make sure it was assigned.
CHECK_NE(sc, nullptr);
tls: session API returns
12 years ago
// We've our own session callbacks
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
SSL_CTX_sess_set_get_cb(sc_->ctx_, SSLWrap<TLSWrap>::GetSessionCallback);
SSL_CTX_sess_set_new_cb(sc_->ctx_, SSLWrap<TLSWrap>::NewSessionCallback);
stream_->Consume();
stream_base: various improvements Expose and use in TLSWrap an `v8::External` wrap of the `StreamBase*` pointer instead of guessing the ancestor C++ class in `node_wrap.h`. Make use of `StreamBase::Callback` structure for storing/passing both callback and context in a single object. Introduce `GetObject()` for future user-land usage, when a child class is not going to be inherited from AsyncWrap. PR-URL: https://github.com/nodejs/node/pull/2351 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
stream_->set_after_write_cb({ OnAfterWriteImpl, this });
stream_->set_alloc_cb({ OnAllocImpl, this });
stream_->set_read_cb({ OnReadImpl, this });
stream_base,tls_wrap: notify on destruct The TLSWrap constructor is passed a StreamBase* which it stores as TLSWrap::stream_, and is used to receive/send data along the pipeline (e.g. tls -&gt; tcp). Problem is the lifetime of the instance that stream_ points to is independent of the lifetime of the TLSWrap instance. So it&#39;s possible for stream_ to be delete&#39;d while the TLSWrap instance is still alive, allowing potential access to a then invalid pointer. Fix by having the StreamBase destructor null out TLSWrap::stream_; allowing all TLSWrap methods that rely on stream_ to do a check to see if it&#39;s available. While the test provided is fixed by this commit, it was also previously fixed by 478fabf. Regardless, leave the test in for better testing. PR-URL: https://github.com/nodejs/node/pull/11947 Reviewed-By: Franziska Hinkelmann &lt;franziska.hinkelmann@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
8 years ago
stream_->set_destruct_cb({ OnDestructImpl, this });
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
stream_base: various improvements Expose and use in TLSWrap an `v8::External` wrap of the `StreamBase*` pointer instead of guessing the ancestor C++ class in `node_wrap.h`. Make use of `StreamBase::Callback` structure for storing/passing both callback and context in a single object. Introduce `GetObject()` for future user-land usage, when a child class is not going to be inherited from AsyncWrap. PR-URL: https://github.com/nodejs/node/pull/2351 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
set_alloc_cb({ OnAllocSelf, this });
set_read_cb({ OnReadSelf, this });
tls: session API returns
12 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
InitSSL();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap::~TLSWrap() {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
enc_in_ = nullptr;
enc_out_ = nullptr;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
delete clear_in_;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
clear_in_ = nullptr;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
sc_ = nullptr;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: update to v8 3.24 APIs
11 years ago
sni_context_.Reset();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
ClearError();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::MakePending() {
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
write_item_queue_.MoveBack(&pending_write_items_);
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
}
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
bool TLSWrap::InvokeQueued(int status, const char* error_str) {
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (pending_write_items_.IsEmpty())
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
return false;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Process old queue
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
WriteItemList queue;
pending_write_items_.MoveBack(&queue);
while (WriteItem* wi = queue.PopFront()) {
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
wi->w_->Done(status, error_str);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
delete wi;
}
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
return true;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::NewSessionDoneCb() {
tls: introduce asynchronous `newSession` fix #7105
11 years ago
Cycle();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::InitSSL() {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Initialize SSL
crypto: remove NodeBIO::GetMethod() Remove NodeBIO::GetMethod() and replace calls to BIO_new() with calls to the new NodeBIO::New() function. This commit basically reshuffles some code in order to make it explicit that the NodeBIO BIO_METHOD is const.
12 years ago
enc_in_ = NodeBIO::New();
enc_out_ = NodeBIO::New();
node_crypto_bio: adjust external memory size Adjust V8&#39;s external memory size when allocating buffers for TLS data to ensure that V8 has enough information to trigger the GC at right time. PR-URL: https://github.com/iojs/io.js/pull/1085 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
NodeBIO::FromBIO(enc_in_)->AssignEnvironment(env());
NodeBIO::FromBIO(enc_out_)->AssignEnvironment(env());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_bio(ssl_, enc_in_, enc_out_);
benchmark,build,doc,lib,src,test: correct typos PR-URL: https://github.com/nodejs/node/pull/11189 Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Michael Dawson &lt;michael_dawson@ca.ibm.com&gt; Reviewed-By: Sakthipriyan Vairamani &lt;thechargingvolcano@gmail.com&gt;
8 years ago
// NOTE: This could be overridden in SetVerifyMode
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
SSL_set_verify(ssl_, SSL_VERIFY_NONE, crypto::VerifyCallback);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_MODE_RELEASE_BUFFERS
src: fix runtime/int cpplint warnings PR-URL: https://github.com/nodejs/node/pull/7462 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
9 years ago
long mode = SSL_get_mode(ssl_); // NOLINT(runtime/int)
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_mode(ssl_, mode | SSL_MODE_RELEASE_BUFFERS);
#endif // SSL_MODE_RELEASE_BUFFERS
SSL_set_app_data(ssl_, this);
SSL_set_info_callback(ssl_, SSLInfoCallback);
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
if (is_server()) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_CTX_set_tlsext_servername_callback(sc_->ctx_, SelectSNIContextCallback);
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
crypto: never store pointer to conn in SSL_CTX SSL_CTX is shared between multiple connections and is not a right place to store per-connection data. fix #8348 Reviewed-By: Trevor Norris
10 years ago
InitNPN(sc_);
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
SSL_set_cert_cb(ssl_, SSLWrap<TLSWrap>::SSLCertCallback, this);
Merge branch &#39;v0.10&#39; Conflicts: src/node_crypto.cc src/node_crypto.h
11 years ago
if (is_server()) {
SSL_set_accept_state(ssl_);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
} else if (is_client()) {
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
// Enough space for server response (hello, cert)
NodeBIO::FromBIO(enc_in_)->set_initial(kInitialClientBufferLength);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_connect_state(ssl_);
} else {
// Unexpected
src: Add ABORT macro Windows 8+ compiled in Release mode exits with code 0xC0000409 when abort() is called. This prevents us from being able to reliably verify an abort exit code (3) on windows. PR-URL: https://github.com/nodejs/node/pull/2776 Reviewed-By: Sakthipriyan Vairamani &lt;thechargingvolcano@gmail.com&gt; Reviewed-By: Colin Ihrig &lt;cjihrig@gmail.com&gt; Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt; Reviewed-by: Trevor Norris &lt;trev.norris@gmail.com&gt;
9 years ago
ABORT();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
// Initialize ring for queud clear data
clear_in_ = new NodeBIO();
node_crypto_bio: adjust external memory size Adjust V8&#39;s external memory size when allocating buffers for TLS data to ensure that V8 has enough information to trigger the GC at right time. PR-URL: https://github.com/iojs/io.js/pull/1085 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
clear_in_->AssignEnvironment(env());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Wrap(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: remove `node_isolate` from source fix #6899
11 years ago
if (args.Length() < 1 || !args[0]->IsObject()) {
return env->ThrowTypeError(
"First argument should be a StreamWrap instance");
}
if (args.Length() < 2 || !args[1]->IsObject()) {
return env->ThrowTypeError(
"Second argument should be a SecureContext instance");
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (args.Length() < 3 || !args[2]->IsBoolean())
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowTypeError("Third argument should be boolean");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: various improvements Expose and use in TLSWrap an `v8::External` wrap of the `StreamBase*` pointer instead of guessing the ancestor C++ class in `node_wrap.h`. Make use of `StreamBase::Callback` structure for storing/passing both callback and context in a single object. Introduce `GetObject()` for future user-land usage, when a child class is not going to be inherited from AsyncWrap. PR-URL: https://github.com/nodejs/node/pull/2351 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
Local<External> stream_obj = args[0].As<External>();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
Local<Object> sc = args[1].As<Object>();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Kind kind = args[2]->IsTrue() ? SSLWrap<TLSWrap>::kServer :
SSLWrap<TLSWrap>::kClient;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: various improvements Expose and use in TLSWrap an `v8::External` wrap of the `StreamBase*` pointer instead of guessing the ancestor C++ class in `node_wrap.h`. Make use of `StreamBase::Callback` structure for storing/passing both callback and context in a single object. Introduce `GetObject()` for future user-land usage, when a child class is not going to be inherited from AsyncWrap. PR-URL: https://github.com/nodejs/node/pull/2351 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
StreamBase* stream = static_cast<StreamBase*>(stream_obj->Value());
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
CHECK_NE(stream, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
TLSWrap* res = new TLSWrap(env, kind, stream, Unwrap<SecureContext>(sc));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: do not hold persistent ref to parent Hold non-persistent reference in JS, rather than in C++ to avoid cycles. PR-URL: https://github.com/iojs/io.js/pull/1078 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
args.GetReturnValue().Set(res->object());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Receive(const FunctionCallbackInfo<Value>& args) {
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls: process accumulated input When creating TLSSocket on top of the regular socket that already contains some received data, `_tls_wrap.js` should try to write all that data to the internal `SSL*` instance. fix #6940
11 years ago
CHECK(Buffer::HasInstance(args[0]));
char* data = Buffer::Data(args[0]);
size_t len = Buffer::Length(args[0]);
uv_buf_t buf;
// Copy given buffer entirely or partiall if handle becomes closed
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
while (len > 0 && wrap->IsAlive() && !wrap->IsClosing()) {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->stream_->OnAlloc(len, &buf);
tls: process accumulated input When creating TLSSocket on top of the regular socket that already contains some received data, `_tls_wrap.js` should try to write all that data to the internal `SSL*` instance. fix #6940
11 years ago
size_t copy = buf.len > len ? len : buf.len;
memcpy(buf.base, data, copy);
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
buf.len = copy;
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->stream_->OnRead(buf.len, &buf);
tls: process accumulated input When creating TLSSocket on top of the regular socket that already contains some received data, `_tls_wrap.js` should try to write all that data to the internal `SSL*` instance. fix #6940
11 years ago
data += copy;
len -= copy;
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::Start(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (wrap->started_)
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowError("Already started.");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
wrap->started_ = true;
// Send ClientHello handshake
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(wrap->is_client());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
wrap->ClearOut();
wrap->EncOut();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::SSLInfoCallback(const SSL* ssl_, int where, int ret) {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
if (!(where & (SSL_CB_HANDSHAKE_START | SSL_CB_HANDSHAKE_DONE)))
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Be compatible with older versions of OpenSSL. SSL_get_app_data() wants
// a non-const SSL* in OpenSSL <= 0.9.7e.
SSL* ssl = const_cast<SSL*>(ssl_);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
TLSWrap* c = static_cast<TLSWrap*>(SSL_get_app_data(ssl));
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Environment* env = c->env();
async-wrap: integrate with WeakObject Making WeakObject inherit from AsyncWrap allows us to peak into almost all the MakeCallback calls in Node internals.
11 years ago
Local<Object> object = c->object();
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (where & SSL_CB_HANDSHAKE_START) {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Local<Value> callback = object->Get(env->onhandshakestart_string());
if (callback->IsFunction()) {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
c->MakeCallback(callback.As<Function>(), 0, nullptr);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (where & SSL_CB_HANDSHAKE_DONE) {
c->established_ = true;
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Local<Value> callback = object->Get(env->onhandshakedone_string());
if (callback->IsFunction()) {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
c->MakeCallback(callback.As<Function>(), 0, nullptr);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::EncOut() {
tls: session API returns
12 years ago
// Ignore cycling data if ClientHello wasn't yet parsed
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded())
tls: session API returns
12 years ago
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Write in progress
if (write_size_ != 0)
return;
tls: introduce asynchronous `newSession` fix #7105
11 years ago
// Wait for `newSession` callback to be invoked
if (is_waiting_new_session())
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Split-off queue
src: switch from QUEUE to intrusive list This commit also breaks up req_wrap.h into req-wrap.h and req-wrap-inl.h to work around a circular dependency issue in env.h. PR-URL: https://github.com/iojs/io.js/pull/667 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (established_ && !write_item_queue_.IsEmpty())
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
MakePending();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// No data to write
if (BIO_pending(enc_out_) == 0) {
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
if (clear_in_->Length() == 0)
InvokeQueued(0);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
}
tls_wrap: use writev when possible Try writing multiple chunks from NodeBIO if possible.
11 years ago
char* data[kSimultaneousBufferCount];
src: replace ARRAY_SIZE with typesafe arraysize To prevent `ARRAY_SIZE(&amp;arg)` (i.e., taking the array size of a pointer) from happening again. PR-URL: https://github.com/nodejs/node/pull/5969 Reviewed-By: Colin Ihrig &lt;cjihrig@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt;
9 years ago
size_t size[arraysize(data)];
size_t count = arraysize(data);
tls_wrap: use writev when possible Try writing multiple chunks from NodeBIO if possible.
11 years ago
write_size_ = NodeBIO::FromBIO(enc_out_)->PeekMultiple(data, size, &count);
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(write_size_ != 0 && count != 0);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Local<Object> req_wrap_obj =
src: fix NewInstance deprecation warnings PR-URL: https://github.com/nodejs/node/pull/4722 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Ali Ijaz Sheikh &lt;ofrobots@google.com&gt;
9 years ago
env()->write_wrap_constructor_function()
->NewInstance(env()->context()).ToLocalChecked();
stream_base: WriteWrap::New/::Dispose Encapsulate allocation/disposal of `WriteWrap` instances into the `WriteWrap` class itself. PR-URL: https://github.com/iojs/io.js/pull/1090 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
WriteWrap* write_req = WriteWrap::New(env(),
req_wrap_obj,
this,
EncOutCb);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
src: replace ARRAY_SIZE with typesafe arraysize To prevent `ARRAY_SIZE(&amp;arg)` (i.e., taking the array size of a pointer) from happening again. PR-URL: https://github.com/nodejs/node/pull/5969 Reviewed-By: Colin Ihrig &lt;cjihrig@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt;
9 years ago
uv_buf_t buf[arraysize(data)];
tls_wrap: use writev when possible Try writing multiple chunks from NodeBIO if possible.
11 years ago
for (size_t i = 0; i < count; i++)
buf[i] = uv_buf_init(data[i], size[i]);
tls: fix leak on `DoWrite()` errors It is very unlikely to happen, but still the write request should be disposed in case of immediate failure. PR-URL: https://github.com/iojs/io.js/pull/1154 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
int err = stream_->DoWrite(write_req, buf, count, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Ignore errors, this should be already handled in js
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
if (err) {
tls: fix leak on `DoWrite()` errors It is very unlikely to happen, but still the write request should be disposed in case of immediate failure. PR-URL: https://github.com/iojs/io.js/pull/1154 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
write_req->Dispose();
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
InvokeQueued(err);
} else {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
NODE_COUNT_NET_BYTES_SENT(write_size_);
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::EncOutCb(WriteWrap* req_wrap, int status) {
TLSWrap* wrap = req_wrap->wrap()->Cast<TLSWrap>();
stream_base: WriteWrap::New/::Dispose Encapsulate allocation/disposal of `WriteWrap` instances into the `WriteWrap` class itself. PR-URL: https://github.com/iojs/io.js/pull/1090 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
req_wrap->Dispose();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
_stream_wrap: prevent use after free in TLS Queued write requests should be invoked on handle close, otherwise the &#34;consumer&#34; might be already destroyed when the write callbacks of the &#34;consumed&#34; handle will be invoked. Same applies to the shutdown requests. Make sure to &#34;move&#34; away socket from server to not break the `connections` counter in `net.js`. Otherwise it might not call `close` callback, or call it too early. Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1910 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
// We should not be getting here after `DestroySSL`, because all queued writes
// must be invoked with UV_ECANCELED
CHECK_NE(wrap->ssl_, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Handle error
if (status) {
// Ignore errors after shutdown
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
if (wrap->shutdown_)
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
// Notify about error
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->InvokeQueued(status);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
}
// Commit
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
NodeBIO::FromBIO(wrap->enc_out_)->Read(nullptr, wrap->write_size_);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: fix this incredibly stupid leak Always call `Done` on the WriteWrap, and ensure that `EncOut` will consume all data in clear_in_ and invoke queued callbacks. Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
// Ensure that the progress will be made and `InvokeQueued` will be called.
wrap->ClearIn();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Try writing more data
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->write_size_ = 0;
wrap->EncOut();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
Local<Value> TLSWrap::GetSSLError(int status, int* err, const char** msg) {
src: update to v8 3.24 APIs
11 years ago
EscapableHandleScope scope(env()->isolate());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: fix error cb when fatal TLS Alert recvd SSL_read() returns 0 when fatal TLS Alert is received. Fix to invoke ssl error callback in this case. PR-URL: https://github.com/nodejs/io.js/pull/1661 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
// ssl_ is already destroyed in reading EOF by close notify alert.
if (ssl_ == nullptr)
return Local<Value>();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
*err = SSL_get_error(ssl_, status);
switch (*err) {
src: lint c++ code
12 years ago
case SSL_ERROR_NONE:
case SSL_ERROR_WANT_READ:
case SSL_ERROR_WANT_WRITE:
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
case SSL_ERROR_WANT_X509_LOOKUP:
src: lint c++ code
12 years ago
break;
case SSL_ERROR_ZERO_RETURN:
src: update to v8 3.24 APIs
11 years ago
return scope.Escape(env()->zero_return_string());
src: lint c++ code
12 years ago
break;
default:
{
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(*err == SSL_ERROR_SSL || *err == SSL_ERROR_SYSCALL);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
BIO* bio = BIO_new(BIO_s_mem());
ERR_print_errors(bio);
BUF_MEM* mem;
BIO_get_mem_ptr(bio, &mem);
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
src: use v8::String::NewFrom*() functions * Change calls to String::New() and String::NewSymbol() to their respective one-byte, two-byte and UTF-8 counterparts. * Add a FIXED_ONE_BYTE_STRING macro that takes a string literal and turns it into a v8::Local&lt;v8::String&gt;. * Add helper functions that make v8::String::NewFromOneByte() easier to work with. Said function expects a `const uint8_t*` but almost every call site deals with `const char*` or `const unsigned char*`. Helps us avoid doing reinterpret_casts all over the place. * Code that handles file system paths keeps using UTF-8 for backwards compatibility reasons. At least now the use of UTF-8 is explicit. * Remove v8::String::NewSymbol() entirely. Almost all call sites were effectively minor de-optimizations. If you create a string only once, there is no point in making it a symbol. If you are create the same string repeatedly, it should probably be cached in a persistent handle.
12 years ago
Local<String> message =
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
OneByteString(env()->isolate(), mem->data, mem->length);
src: use v8::String::NewFrom*() functions * Change calls to String::New() and String::NewSymbol() to their respective one-byte, two-byte and UTF-8 counterparts. * Add a FIXED_ONE_BYTE_STRING macro that takes a string literal and turns it into a v8::Local&lt;v8::String&gt;. * Add helper functions that make v8::String::NewFromOneByte() easier to work with. Said function expects a `const uint8_t*` but almost every call site deals with `const char*` or `const unsigned char*`. Helps us avoid doing reinterpret_casts all over the place. * Code that handles file system paths keeps using UTF-8 for backwards compatibility reasons. At least now the use of UTF-8 is explicit. * Remove v8::String::NewSymbol() entirely. Almost all call sites were effectively minor de-optimizations. If you create a string only once, there is no point in making it a symbol. If you are create the same string repeatedly, it should probably be cached in a persistent handle.
12 years ago
Local<Value> exception = Exception::Error(message);
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (msg != nullptr) {
CHECK_EQ(*msg, nullptr);
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
char* const buf = new char[mem->length + 1];
memcpy(buf, mem->data, mem->length);
buf[mem->length] = '\0';
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
*msg = buf;
}
tls_wrap: fix BIO leak on SSL error Fix: https://github.com/iojs/io.js/issues/1075 PR-URL: https://github.com/iojs/io.js/pull/1244 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
BIO_free_all(bio);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: update to v8 3.24 APIs
11 years ago
return scope.Escape(exception);
src: lint c++ code
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
return Local<Value>();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::ClearOut() {
tls: session API returns
12 years ago
// Ignore cycling data if ClientHello wasn't yet parsed
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded())
tls: session API returns
12 years ago
return;
tls_wrap: ignore ZERO_RETURN after close_notify Do not call SSL_read() and ignore ZERO_RETURN if the connection was shutdown and there could not be any reads. Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; PR-URL: https://github.com/joyent/node/pull/8519
10 years ago
// No reads after EOF
if (eof_)
return;
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: clear errors on return Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions. See: https://github.com/nodejs/node/issues/4485 PR-URL: https://github.com/nodejs/node/pull/4515 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
crypto::MarkPopErrorOnReturn mark_pop_error_on_return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
char out[kClearOutChunkSize];
int read;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
for (;;) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
read = SSL_read(ssl_, out, sizeof(out));
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
if (read <= 0)
break;
tls_wrap: slice buffer properly in `ClearOut` Fix incorrect slicing of cleartext buffer in `TLSWrap::ClearOut`. Fix: https://github.com/nodejs/node/issues/4161 PR-URL: https://github.com/nodejs/node/pull/4184 Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt;
9 years ago
char* current = out;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
while (read > 0) {
int avail = read;
uv_buf_t buf;
OnAlloc(avail, &buf);
if (static_cast<int>(buf.len) < avail)
avail = buf.len;
tls_wrap: slice buffer properly in `ClearOut` Fix incorrect slicing of cleartext buffer in `TLSWrap::ClearOut`. Fix: https://github.com/nodejs/node/issues/4161 PR-URL: https://github.com/nodejs/node/pull/4184 Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt;
9 years ago
memcpy(buf.base, current, avail);
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
OnRead(avail, &buf);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
tls: fix segfault on destroy after partial read OnRead() calls into JS land which can result in the SSL context object being destroyed on return. Check that `ssl_ != nullptr` afterwards. Fixes: https://github.com/nodejs/node/issues/11885 PR-URL: https://github.com/nodejs/node/pull/11898 Reviewed-By: Colin Ihrig &lt;cjihrig@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt;
8 years ago
// Caveat emptor: OnRead() calls into JS land which can result in
// the SSL context object being destroyed. We have to carefully
// check that ssl_ != nullptr afterwards.
if (ssl_ == nullptr)
return;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
read -= avail;
tls_wrap: slice buffer properly in `ClearOut` Fix incorrect slicing of cleartext buffer in `TLSWrap::ClearOut`. Fix: https://github.com/nodejs/node/issues/4161 PR-URL: https://github.com/nodejs/node/pull/4184 Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt;
9 years ago
current += avail;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
int flags = SSL_get_shutdown(ssl_);
if (!eof_ && flags & SSL_RECEIVED_SHUTDOWN) {
eof_ = true;
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
OnRead(UV_EOF, nullptr);
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
}
tls_wrap: fix error cb when fatal TLS Alert recvd SSL_read() returns 0 when fatal TLS Alert is received. Fix to invoke ssl error callback in this case. PR-URL: https://github.com/nodejs/io.js/pull/1661 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
// We need to check whether an error occurred or the connection was
// shutdown cleanly (SSL_ERROR_ZERO_RETURN) even when read == 0.
node: rename from io.js to node This commit replaces instances of io.js with Node.js, based on the recent convergence. There are some remaining instances of io.js, related to build and the installer. Fixes: https://github.com/nodejs/node/issues/2361 PR-URL: https://github.com/nodejs/node/pull/2367 Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: João Reis &lt;reis@janeasystems.com&gt;
10 years ago
// See node#1642 and SSL_read(3SSL) for details.
tls_wrap: fix error cb when fatal TLS Alert recvd SSL_read() returns 0 when fatal TLS Alert is received. Fix to invoke ssl error callback in this case. PR-URL: https://github.com/nodejs/io.js/pull/1661 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
if (read <= 0) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int err;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
Local<Value> arg = GetSSLError(read, &err, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: ignore ZERO_RETURN after close_notify Do not call SSL_read() and ignore ZERO_RETURN if the connection was shutdown and there could not be any reads. Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; PR-URL: https://github.com/joyent/node/pull/8519
10 years ago
// Ignore ZERO_RETURN after EOF, it is basically not a error
if (err == SSL_ERROR_ZERO_RETURN && eof_)
return;
domain: use AsyncListener API The domain module has been switched over to use the domain module API as much as currently possible. There are still some hooks in the EventEmitter, but hopefully we can remove those in the future.
11 years ago
if (!arg.IsEmpty()) {
tls: fix to send TLS Alert before socket destroyed When TLS Alert is occured in handshake, ClearOut only write it into wbio and does not flush to socket. TLS Alert should be written to socket with EncOut before socket is destroyed within its error callback. Signed-off-by: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
// When TLS Alert are stored in wbio,
// it should be flushed to socket before destroyed.
if (BIO_pending(enc_out_) != 0)
EncOut();
domain: use AsyncListener API The domain module has been switched over to use the domain module API as much as currently possible. There are still some hooks in the EventEmitter, but hopefully we can remove those in the future.
11 years ago
MakeCallback(env()->onerror_string(), 1, &arg);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::ClearIn() {
tls: session API returns
12 years ago
// Ignore cycling data if ClientHello wasn't yet parsed
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded())
tls: session API returns
12 years ago
return false;
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr)
return false;
tls_wrap: clear errors on return Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions. See: https://github.com/nodejs/node/issues/4485 PR-URL: https://github.com/nodejs/node/pull/4515 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
crypto::MarkPopErrorOnReturn mark_pop_error_on_return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int written = 0;
while (clear_in_->Length() > 0) {
size_t avail = 0;
char* data = clear_in_->Peek(&avail);
written = SSL_write(ssl_, data, avail);
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(written == -1 || written == static_cast<int>(avail));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (written == -1)
break;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
clear_in_->Read(nullptr, avail);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
// All written
if (clear_in_->Length() == 0) {
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK_GE(written, 0);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return true;
}
// Error or partial write
int err;
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
const char* error_str = nullptr;
Local<Value> arg = GetSSLError(written, &err, &error_str);
domain: use AsyncListener API The domain module has been switched over to use the domain module API as much as currently possible. There are still some hooks in the EventEmitter, but hopefully we can remove those in the future.
11 years ago
if (!arg.IsEmpty()) {
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
MakePending();
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
InvokeQueued(UV_EPROTO, error_str);
delete[] error_str;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
clear_in_->Reset();
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return false;
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void* TLSWrap::Cast() {
return reinterpret_cast<void*>(this);
}
AsyncWrap* TLSWrap::GetAsyncWrap() {
return static_cast<AsyncWrap*>(this);
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::IsIPCPipe() {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->IsIPCPipe();
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::GetFD() {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->GetFD();
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::IsAlive() {
tls: keep track of stream that is closed TLSWrap object keeps a pointer reference to the underlying TCPWrap object. This TCPWrap object could be closed and deleted by the event-loop which leaves us with a dangling pointer. So the TLSWrap object needs to track the &#34;close&#34; event on the TCPWrap object. PR-URL: https://github.com/nodejs/node/pull/11776 Reviewed-By: Fedor Indutny &lt;fedor.indutny@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Brian White &lt;mscdex@mscdex.net&gt;
8 years ago
return ssl_ != nullptr && stream_ != nullptr && stream_->IsAlive();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
bool TLSWrap::IsClosing() {
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->IsClosing();
}
int TLSWrap::ReadStart() {
return stream_->ReadStart();
}
int TLSWrap::ReadStop() {
return stream_->ReadStop();
}
const char* TLSWrap::Error() const {
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
return error_;
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::ClearError() {
src: remove static variables from tls_wrap Remove the error message globals. More prep work for multi-isolate support. Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; PR-URL: https://github.com/node-forward/node/pull/58
10 years ago
delete[] error_;
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
error_ = nullptr;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::DoWrite(WriteWrap* w,
uv_buf_t* bufs,
size_t count,
uv_stream_t* send_handle) {
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
CHECK_EQ(send_handle, nullptr);
tls: prevent use-after-free * Destroy `SSL*` and friends on a next tick to make sure that we are not doing it in one of the OpenSSL callbacks * Add more checks to the C++ methods that might be invoked during destructor&#39;s pending queue cleanup Fix: https://github.com/joyent/node/issues/8780 Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
CHECK_NE(ssl_, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
bool empty = true;
// Empty writes should not go through encryption process
size_t i;
for (i = 0; i < count; i++)
if (bufs[i].len > 0) {
empty = false;
break;
}
if (empty) {
ClearOut();
doc: fix comments in tls_wrap.cc and _http_client.js fixed grammatically wrong expressions to make it clear Reviewed By: James M Snell &lt;jasnell@gmail.com&gt; PR-URL: https://github.com/nodejs/node/pull/2490 PR-URL: https://github.com/nodejs/node/pull/2489
10 years ago
// However, if there is any data that should be written to the socket,
// the callback should not be invoked immediately
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (BIO_pending(enc_out_) == 0)
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->DoWrite(w, bufs, count, send_handle);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
tls_wrap: fix small obvious memory leak Signed-off-by: Fedor Indutny &lt;fedor@indutny.com&gt;
11 years ago
// Queue callback to execute it on next tick
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
write_item_queue_.PushBack(new WriteItem(w));
stream_base: dispatch reqs in the stream impl Dispatch requests in the implementation of the stream, not in the code creating these requests. The requests might be piled up and invoked internally in the implementation, so it should know better when it is the time to dispatch them. In fact, TLS was doing exactly this thing which led us to... Fix: https://github.com/iojs/io.js/issues/1512 PR-URL: https://github.com/iojs/io.js/pull/1563 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
w->Dispatched();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Write queued data
if (empty) {
EncOut();
return 0;
}
// Process enqueued data first
if (!ClearIn()) {
// If there're still data to process - enqueue current one
for (i = 0; i < count; i++)
clear_in_->Write(bufs[i].base, bufs[i].len);
return 0;
}
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
if (ssl_ == nullptr) {
ClearError();
static char msg[] = "Write after DestroySSL";
char* tmp = new char[sizeof(msg)];
memcpy(tmp, msg, sizeof(msg));
error_ = tmp;
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
return UV_EPROTO;
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
}
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
tls_wrap: clear errors on return Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions. See: https://github.com/nodejs/node/issues/4485 PR-URL: https://github.com/nodejs/node/pull/4515 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
crypto::MarkPopErrorOnReturn mark_pop_error_on_return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int written = 0;
for (i = 0; i < count; i++) {
written = SSL_write(ssl_, bufs[i].base, bufs[i].len);
src: replace assert() with CHECK() Mechanically replace assert() statements with UNREACHABLE(), CHECK(), or CHECK_{EQ,NE,LT,GT,LE,GE}() statements. The exceptions are src/node.h and src/node_object_wrap.h because they are public headers. PR-URL: https://github.com/node-forward/node/pull/16 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
CHECK(written == -1 || written == static_cast<int>(bufs[i].len));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (written == -1)
break;
}
if (i != count) {
int err;
tls_wrap: propagate errors to write callbacks fix #6903
11 years ago
Local<Value> arg = GetSSLError(written, &err, &error_);
if (!arg.IsEmpty())
return UV_EPROTO;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// No errors, queue rest
for (; i < count; i++)
clear_in_->Write(bufs[i].base, bufs[i].len);
}
// Try writing data immediately
EncOut();
return 0;
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnAfterWriteImpl(WriteWrap* w, void* ctx) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Intentionally empty
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnAllocImpl(size_t suggested_size, uv_buf_t* buf, void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
tls: prevent use-after-free * Destroy `SSL*` and friends on a next tick to make sure that we are not doing it in one of the OpenSSL callbacks * Add more checks to the C++ methods that might be invoked during destructor&#39;s pending queue cleanup Fix: https://github.com/joyent/node/issues/8780 Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (wrap->ssl_ == nullptr) {
*buf = uv_buf_init(nullptr, 0);
return;
}
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
size_t size = 0;
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
buf->base = NodeBIO::FromBIO(wrap->enc_in_)->PeekWritable(&size);
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
buf->len = size;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnReadImpl(ssize_t nread,
const uv_buf_t* buf,
uv_handle_type pending,
void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
wrap->DoRead(nread, buf, pending);
}
stream_base,tls_wrap: notify on destruct The TLSWrap constructor is passed a StreamBase* which it stores as TLSWrap::stream_, and is used to receive/send data along the pipeline (e.g. tls -&gt; tcp). Problem is the lifetime of the instance that stream_ points to is independent of the lifetime of the TLSWrap instance. So it&#39;s possible for stream_ to be delete&#39;d while the TLSWrap instance is still alive, allowing potential access to a then invalid pointer. Fix by having the StreamBase destructor null out TLSWrap::stream_; allowing all TLSWrap methods that rely on stream_ to do a check to see if it&#39;s available. While the test provided is fixed by this commit, it was also previously fixed by 478fabf. Regardless, leave the test in for better testing. PR-URL: https://github.com/nodejs/node/pull/11947 Reviewed-By: Franziska Hinkelmann &lt;franziska.hinkelmann@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
8 years ago
void TLSWrap::OnDestructImpl(void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
wrap->clear_stream();
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnAllocSelf(size_t suggested_size, uv_buf_t* buf, void* ctx) {
src: pass desired return type to allocators Pass the desired return type directly to the allocation functions, so that the resulting `static_cast` from `void*` becomes unneccessary and the return type can be use as a reasonable default value for the `size` parameter. PR-URL: https://github.com/nodejs/node/pull/8482 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Michael Dawson &lt;michael_dawson@ca.ibm.com&gt; Reviewed-By: Ilkka Myller &lt;ilkka.myller@nodefield.com&gt;
8 years ago
buf->base = node::Malloc(suggested_size);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
buf->len = suggested_size;
}
void TLSWrap::OnReadSelf(ssize_t nread,
const uv_buf_t* buf,
uv_handle_type pending,
void* ctx) {
TLSWrap* wrap = static_cast<TLSWrap*>(ctx);
Local<Object> buf_obj;
if (buf != nullptr)
src: rename Buffer::Use() to Buffer::New() Fixes: https://github.com/nodejs/node/issues/2308 PR-URL: https://github.com/nodejs/node/pull/2352 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
buf_obj = Buffer::New(wrap->env(), buf->base, buf->len).ToLocalChecked();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->EmitData(nread, buf_obj, Local<Object>());
}
void TLSWrap::DoRead(ssize_t nread,
const uv_buf_t* buf,
uv_handle_type pending) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (nread < 0) {
// Error should be emitted only after all data was read
ClearOut();
Merge branch &#39;v0.10&#39; Conflicts: lib/tls.js src/node_crypto.cc src/node_crypto.h
11 years ago
// Ignore EOF if received close_notify
if (nread == UV_EOF) {
if (eof_)
return;
eof_ = true;
}
streams: introduce StreamWrap and JSStream Introduce a way to wrap plain-js `stream.Duplex` streams into C++ StreamBase&#39;s child class. With such method at hand it is now possible to pass `stream.Duplex` instance as a `socket` parameter to `tls.connect()`. PR-URL: https://github.com/iojs/io.js/pull/926 Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
OnRead(nread, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return;
}
// Only client connections can receive data
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ == nullptr) {
OnRead(UV_EPROTO, nullptr);
return;
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
// Commit read data
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
NodeBIO* enc_in = NodeBIO::FromBIO(enc_in_);
enc_in->Commit(nread);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: session API returns
12 years ago
// Parse ClientHello first
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!hello_parser_.IsEnded()) {
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
size_t avail = 0;
uint8_t* data = reinterpret_cast<uint8_t*>(enc_in->Peek(&avail));
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
CHECK(avail == 0 || data != nullptr);
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
return hello_parser_.Parse(data, avail);
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
}
tls: session API returns
12 years ago
// Cycle OpenSSL's state
Cycle();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::DoShutdown(ShutdownWrap* req_wrap) {
tls_wrap: clear errors on return Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions. See: https://github.com/nodejs/node/issues/4485 PR-URL: https://github.com/nodejs/node/pull/4515 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
crypto::MarkPopErrorOnReturn mark_pop_error_on_return;
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (ssl_ != nullptr && SSL_shutdown(ssl_) == 0)
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_shutdown(ssl_);
tls_wrap: clear errors on return Adopt `MarkPopErrorOnReturn` from `node_crypto.cc`, and use it to clear errors after `SSL_read`/`SSL_write`/`SSL_shutdown` functions. See: https://github.com/nodejs/node/issues/4485 PR-URL: https://github.com/nodejs/node/pull/4515 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
tls_wrap: embed TLS encryption into streamwrap
12 years ago
shutdown_ = true;
EncOut();
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
return stream_->DoShutdown(req_wrap);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::SetVerifyMode(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (args.Length() < 2 || !args[0]->IsBoolean() || !args[1]->IsBoolean())
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowTypeError("Bad arguments, expected two booleans");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
if (wrap->ssl_ == nullptr)
return env->ThrowTypeError("SetVerifyMode after destroySSL");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
int verify_mode;
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (wrap->is_server()) {
tls_wrap: embed TLS encryption into streamwrap
12 years ago
bool request_cert = args[0]->IsTrue();
if (!request_cert) {
// Note reject_unauthorized ignored.
verify_mode = SSL_VERIFY_NONE;
} else {
bool reject_unauthorized = args[1]->IsTrue();
verify_mode = SSL_VERIFY_PEER;
cpplint: disallow if one-liners
11 years ago
if (reject_unauthorized)
verify_mode |= SSL_VERIFY_FAIL_IF_NO_PEER_CERT;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
} else {
// Note request_cert and reject_unauthorized are ignored for clients.
verify_mode = SSL_VERIFY_NONE;
}
// Always allow a connection. We'll reject in javascript.
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
SSL_set_verify(wrap->ssl_, verify_mode, crypto::VerifyCallback);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::EnableSessionCallbacks(
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
const FunctionCallbackInfo<Value>& args) {
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls: prevent use-after-free * Destroy `SSL*` and friends on a next tick to make sure that we are not doing it in one of the OpenSSL callbacks * Add more checks to the C++ methods that might be invoked during destructor&#39;s pending queue cleanup Fix: https://github.com/joyent/node/issues/8780 Fix: https://github.com/iojs/io.js/issues/1696 PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
if (wrap->ssl_ == nullptr) {
return wrap->env()->ThrowTypeError(
"EnableSessionCallbacks after destroySSL");
}
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
wrap->enable_session_callbacks();
crypto: lower RSS usage for TLSCallbacks Don&#39;t allocate any BIO buffers initially, do this on a first read from the TCP connection. Allocate different amount of data for initial read and for consequent reads: small buffer for hello+certificate, big buffer for better throughput. see #8416
10 years ago
NodeBIO::FromBIO(wrap->enc_in_)->set_initial(kMaxHelloLength);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
wrap->hello_parser_.Start(SSLWrap<TLSWrap>::OnClientHello,
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
OnClientHelloParseEnd,
wrap);
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
}
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
void TLSWrap::DestroySSL(const FunctionCallbackInfo<Value>& args) {
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls_wrap: invoke queued callbacks in DestroySSL PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
// Move all writes to pending
wrap->MakePending();
// And destroy
tls_wrap: reach error reporting for UV_EPROTO Do not swallow error details when reporting UV_EPROTO asynchronously, and when creating artificial errors. Fix: #3692 PR-URL: https://github.com/nodejs/node/pull/4885 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
wrap->InvokeQueued(UV_ECANCELED, "Canceled because of SSL destruction");
tls_wrap: invoke queued callbacks in DestroySSL PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
// Destroy the SSL structure and friends
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
wrap->SSLWrap<TLSWrap>::DestroySSL();
tls_wrap: invoke queued callbacks in DestroySSL PR-URL: https://github.com/nodejs/io.js/pull/1702 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
delete wrap->clear_in_;
wrap->clear_in_ = nullptr;
}
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
void TLSWrap::EnableCertCb(const FunctionCallbackInfo<Value>& args) {
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
wrap->WaitForCertCb(OnClientHelloParseEnd, wrap);
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::OnClientHelloParseEnd(void* arg) {
TLSWrap* c = static_cast<TLSWrap*>(arg);
tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959
12 years ago
c->Cycle();
tls: session API returns
12 years ago
}
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::GetServername(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
CHECK_NE(wrap->ssl_, nullptr);
tls: asynchronous SNICallback Make ClientHelloParser handle SNI extension, and extend `_tls_wrap.js` to support loading SNI Context from both hello, and resumed session. fix #5967
12 years ago
const char* servername = SSL_get_servername(wrap->ssl_,
TLSEXT_NAMETYPE_host_name);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (servername != nullptr) {
src: remove `node_isolate` from source fix #6899
11 years ago
args.GetReturnValue().Set(OneByteString(env->isolate(), servername));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
} else {
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
args.GetReturnValue().Set(false);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
void TLSWrap::SetServername(const FunctionCallbackInfo<Value>& args) {
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
Environment* env = Environment::GetCurrent(args);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
TLSWrap* wrap;
ASSIGN_OR_RETURN_UNWRAP(&wrap, args.Holder());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (args.Length() < 1 || !args[0]->IsString())
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowTypeError("First argument should be a string");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
if (wrap->started_)
src: remove `node_isolate` from source fix #6899
11 years ago
return env->ThrowError("Already started.");
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls, crypto: deduplicate code Commit 03e008d introduced src/tls_wrap.cc and src/tls_wrap.h but said files copied on the order of 1 kLoC from src/node_crypto.cc and src/node_crypto.h. This commit undoes some of the duplication. Fixes #6024.
12 years ago
if (!wrap->is_client())
lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo&lt;T&gt;&amp; argument rather than a const v8::Arguments&amp; argument. * Binding functions return void rather than v8::Handle&lt;v8::Value&gt;. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent&lt;T&gt; no longer derives from v8::Handle&lt;T&gt; and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local&lt;T&gt; from the persistent handle with the Local&lt;T&gt;::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached&lt;T&gt;, which wraps a v8::Persistent&lt;T&gt; with some template sugar. It can hold arbitrary types but so far it&#39;s exclusively used for v8::Strings (which was by far the most commonly cached handle type.)
12 years ago
return;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
CHECK_NE(wrap->ssl_, nullptr);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: pass Isolate to node::Utf8Value constructor Initial attempt to remove all uses of Isolate::GetCurrent(). Still exists a few locations, but this works out a heavy usage. PR-URL: https://github.com/iojs/io.js/pull/244 Reviewed-by: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
node::Utf8Value servername(env->isolate(), args[0].As<String>());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
SSL_set_tlsext_host_name(wrap->ssl_, *servername);
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
}
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
int TLSWrap::SelectSNIContextCallback(SSL* s, int* ad, void* arg) {
TLSWrap* p = static_cast<TLSWrap*>(SSL_get_app_data(s));
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Environment* env = p->env();
tls_wrap: embed TLS encryption into streamwrap
12 years ago
const char* servername = SSL_get_servername(s, TLSEXT_NAMETYPE_host_name);
src: replace NULL with nullptr Now that we are building with C++11 features enabled, replace use of NULL with nullptr. The benefit of using nullptr is that it can never be confused for an integral type because it does not support implicit conversions to integral types except boolean - unlike NULL, which is defined as a literal `0`.
10 years ago
if (servername == nullptr)
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
return SSL_TLSEXT_ERR_OK;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
// Call the SNI callback and use its return value as context
Local<Object> object = p->object();
Local<Value> ctx = object->Get(env->sni_context_string());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
// Not an object, probably undefined or null
if (!ctx->IsObject())
return SSL_TLSEXT_ERR_NOACK;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
Local<FunctionTemplate> cons = env->secure_context_constructor_template();
if (!cons->HasInstance(ctx)) {
// Failure: incorrect SNI context object
Local<Value> err = Exception::TypeError(env->sni_context_err_string());
p->MakeCallback(env->onerror_string(), 1, &err);
return SSL_TLSEXT_ERR_NOACK;
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
src: update to v8 3.24 APIs
11 years ago
p->sni_context_.Reset();
src: remove `node_isolate` from source fix #6899
11 years ago
p->sni_context_.Reset(env->isolate(), ctx);
tls: fix crash in SNICallback `tls_wrap.cc` was crashing in an `Unwrap` call, when non `SecureContext` object was passed to it. Check that the passed object is a `SecureContext` instance before unwrapping it. fix #7008
11 years ago
SecureContext* sc = Unwrap<SecureContext>(ctx.As<Object>());
src: no abort from getter if object isn&#39;t wrapped v8::Object::GetAlignedPointerFromInternalField() returns a random value if Wrap() hasn&#39;t been run on the object handle. Causing v8 to abort if certain getters are accessed. It&#39;s possible to access these getters and functions during class construction through the AsyncWrap init() callback, and also possible in a subset of those scenarios while running the persistent handle visitor. Mitigate this issue by manually setting the internal aligned pointer field to nullptr in the BaseObject constructor and add necessary logic to return appropriate values when nullptr is encountered. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
CHECK_NE(sc, nullptr);
tls: copy client CAs and cert store on CertCb Copy client CA certs and cert store when asynchronously selecting `SecureContext` during `SNICallback`. We already copy private key, certificate, and certificate chain, but the client CA certs were missing. Fix: #2772 PR-URL: https://github.com/nodejs/node/pull/3537 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
9 years ago
p->SetSNIContext(sc);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
return SSL_TLSEXT_ERR_OK;
}
#endif // SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: replace usage of v8::Handle with v8::Local v8::Handle is deprecated: https://codereview.chromium.org/1224623004 PR-URL: https://github.com/nodejs/io.js/pull/2202 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt;
10 years ago
void TLSWrap::Initialize(Local<Object> target,
Local<Value> unused,
Local<Context> context) {
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
Environment* env = Environment::GetCurrent(context);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
env->SetMethod(target, "wrap", TLSWrap::Wrap);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls_wrap: do not abort on new TLSWrap() Though the TLSWrap constructor is only called via TLSWrap::Wrap() (i.e. tls_wrap.wrap()) internally, it is still exposed to JS. Don&#39;t allow the application to abort by inspecting the instance before it has been wrap&#39;d by another handle. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
auto constructor = [](const FunctionCallbackInfo<Value>& args) {
src: check IsConstructCall in TLSWrap constructor Currently it is possible to call TLSWrap() without using new and the following error message: FATAL ERROR: v8::Object::SetAlignedPointerInInternalField() Internal field out of bounds 1: node::Abort() [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 2: node::OnFatalError(char const*, char const*) [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 3: v8::Utils::ReportApiFailure(char const*, char const*) [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 4: v8::Utils::ApiCheck(bool, char const*, char const*) [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 5: v8::InternalFieldOK(v8::internal::Handle&lt;v8::internal::JSReceiver&gt;, int, char const*) [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 6: v8::Object::SetAlignedPointerInInternalField(int, void*) [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 7: node::TLSWrap::Initialize(v8::Local&lt;v8::Object&gt;, v8::Local&lt;v8::Value&gt;, v8::Local&lt;v8::Context&gt;)::$_0::operator()(v8::FunctionCallbackInfo&lt;v8::Value&gt; const&amp;) const [/Users/danielbevenius/work/nodejs/node/out/Debug/node] This commit adds a IsConstructCall check which will produce the following error message: /Users/danielbevenius/work/nodejs/node/out/Debug/node[2212]: ../src/tls_wrap.cc:936:auto node::TLSWrap::Initialize(Local&lt;v8::Object&gt;, Local&lt;v8::Value&gt;, Local&lt;v8::Context&gt;)::(anonymous class)::operator()(const FunctionCallbackInfo&lt;v8::Value&gt; &amp;) const: Assertion `args.IsConstructCall()&#39; failed. 1: node::Abort() [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 2: node::Assert(char const* const (*) [4]) [/Users/danielbevenius/work/nodejs/node/out/Debug/node] 3: node::TLSWrap::Initialize(v8::Local&lt;v8::Object&gt;, v8::Local&lt;v8::Value&gt;, v8::Local&lt;v8::Context&gt;)::$_0::operator()(v8::FunctionCallbackInfo&lt;v8::Value&gt; const&amp;) const [/Users/danielbevenius/work/nodejs/node/out/Debug/node] PR-URL: https://github.com/nodejs/node/pull/13097 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt; Reviewed-By: Colin Ihrig &lt;cjihrig@gmail.com&gt;
8 years ago
CHECK(args.IsConstructCall());
tls_wrap: do not abort on new TLSWrap() Though the TLSWrap constructor is only called via TLSWrap::Wrap() (i.e. tls_wrap.wrap()) internally, it is still exposed to JS. Don&#39;t allow the application to abort by inspecting the instance before it has been wrap&#39;d by another handle. PR-URL: https://github.com/nodejs/node/pull/6184 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt;
9 years ago
args.This()->SetAlignedPointerInInternalField(0, nullptr);
};
auto t = env->NewFunctionTemplate(constructor);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
t->InstanceTemplate()->SetInternalFieldCount(1);
src: remove `node_isolate` from source fix #6899
11 years ago
t->SetClassName(FIXED_ONE_BYTE_STRING(env->isolate(), "TLSWrap"));
tls_wrap: embed TLS encryption into streamwrap
12 years ago
async_wrap,src: add GetAsyncId() method Allow handles to retrieve their own uid&#39;s by adding a new method on the FunctionTemplates. Implementation of these into all other classes will come in a future commit. Add the method AsyncWrap::GetAsyncId() to all inheriting class objects so the uid of the handle can be retrieved from JS. In all applicable locations, run ClearWrap() on the object holding the pointer so that it never points to invalid memory and make sure Wrap() is always run so the class pointer is correctly attached to the object and can be retrieved so GetAsyncId() can be run. In many places a class instance was not removing its own pointer from object() in the destructor. This left an invalid pointer in the JS object that could cause the application to segfault under certain conditions. Remove ClearWrap() from ReqWrap for continuity. The ReqWrap constructor was not the one to call Wrap(), so it shouldn&#39;t be the one to call ClearWrap(). Wrap() has been added to all constructors that inherit from AsyncWrap. Normally it&#39;s the child most class. Except in the case of HandleWrap. Which must be the constructor that runs Wrap() because the class pointer is retrieved for certain calls and because other child classes have multiple inheritance to pointer to the HandleWrap needs to be stored. ClearWrap() has been placed in all FunctionTemplate constructors so that no random values are returned when running getAsyncId(). ClearWrap() has also been placed in all class destructors, except in those that use MakeWeak() because the destructor will run during GC. Making the object() inaccessible. It could be simplified to where AsyncWrap sets the internal pointer, then if an inheriting class needs one of it&#39;s own it could set it again. But the inverse would need to be true also, where AsyncWrap then also runs ClearWeak. Unforunately because some of the handles are cleaned up during GC that&#39;s impossible. Also in the case of ReqWrap it runs Reset() in the destructor, making the object() inaccessible. Meaning, ClearWrap() must be run by the class that runs Wrap(). There&#39;s currently no generalized way of taking care of this across all instances of AsyncWrap. I&#39;d prefer that there be checks in there for these things, but haven&#39;t found a way to place them that wouldn&#39;t be just as unreliable. Add test that checks all resources that can run getAsyncId(). Would like a way to enforce that any new classes that can also run getAsyncId() are tested, but don&#39;t have one. PR-URL: https://github.com/nodejs/node/pull/12892 Ref: https://github.com/nodejs/node/pull/11883 Ref: https://github.com/nodejs/node/pull/8531 Reviewed-By: Andreas Madsen &lt;amwebdk@gmail.com&gt; Reviewed-By: Anna Henningsen &lt;anna@addaleax.net&gt; Reviewed-By: Sam Roberts &lt;vieuxtech@gmail.com&gt; Reviewed-By: Matteo Collina &lt;matteo.collina@gmail.com&gt; Reviewed-By: Refael Ackermann &lt;refack@gmail.com&gt; Reviewed-By: James M Snell &lt;jasnell@gmail.com&gt; Reviewed-By: Jeremiah Senkpiel &lt;fishrock123@rocketmail.com&gt;
8 years ago
env->SetProtoMethod(t, "getAsyncId", AsyncWrap::GetAsyncId);
async_wrap: add `asyncReset` to `TLSWrap` When using an Agent for HTTPS, `TLSSocket`s are reused and need to have the ability to `asyncReset` from JS. PR-URL: https://github.com/nodejs/node/pull/13092 Fixes: https://github.com/nodejs/node/issues/13045 Reviewed-By: Andreas Madsen &lt;amwebdk@gmail.com&gt; Reviewed-By: Colin Ihrig &lt;cjihrig@gmail.com&gt; Reviewed-By: Matteo Collina &lt;matteo.collina@gmail.com&gt;
8 years ago
env->SetProtoMethod(t, "asyncReset", AsyncWrap::AsyncReset);
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
env->SetProtoMethod(t, "receive", Receive);
env->SetProtoMethod(t, "start", Start);
env->SetProtoMethod(t, "setVerifyMode", SetVerifyMode);
env->SetProtoMethod(t, "enableSessionCallbacks", EnableSessionCallbacks);
tls: destroy SSL once it is out of use Do not keep SSL structure in memory once socket is closed. This should lower the memory usage in many cases. Fix: https://github.com/iojs/io.js/issues/1522 PR-URL: https://github.com/iojs/io.js/pull/1529 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
env->SetProtoMethod(t, "destroySSL", DestroySSL);
tls: use `SSL_set_cert_cb` for async SNI/OCSP Do not enable ClientHello parser for async SNI/OCSP. Use new OpenSSL-1.0.2&#39;s API `SSL_set_cert_cb` to pause the handshake process and load the cert/OCSP response asynchronously. Hopefuly this will make whole async SNI/OCSP process much faster and will eventually let us remove the ClientHello parser itself (which is currently used only for async session, see #1462 for the discussion of removing it). NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use `SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this feature. Fix: https://github.com/iojs/io.js/issues/1423 PR-URL: https://github.com/iojs/io.js/pull/1464 Reviewed-By: Shigeki Ohtsu &lt;ohtsu@iij.ad.jp&gt;
10 years ago
env->SetProtoMethod(t, "enableCertCb", EnableCertCb);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
tls: re-enable `.writev()` on TLSWrap Fix the `parallel/test-tls-over-http-tunnel.js` on Windows by re-enabling the accidentally disabled `.writev()` method on TLSWrap. It appears that there is some subtle issue with shutdown timing and it manifests itself when the chunks are written in separate packets. This leads to concurrent `shutdown`/`destroy`, which breaks the test. PR-URL: https://github.com/iojs/io.js/pull/1155 Reviewed-By: Bert Belder &lt;bertbelder@gmail.com&gt;
10 years ago
StreamBase::AddMethods<TLSWrap>(env, t, StreamBase::kFlagHasWritev);
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
SSLWrap<TLSWrap>::AddMethods(env, t);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#ifdef SSL_CTRL_SET_TLSEXT_SERVERNAME_CB
src: attach env directly to api functions Attach the per-context execution environment directly to API functions. Rationale: * Gets node one step closer to multi-isolate readiness. * Avoids multi-context confusion, e.g. when the caller and callee live in different contexts. * Avoids expensive calls to pthread_getspecific() on platforms where V8 does not know how to use the thread-local storage directly. (Linux, the BSDs.) PR-URL: https://github.com/node-forward/node/pull/18 Reviewed-By: Fedor Indutny &lt;fedor@indutny.com&gt;
10 years ago
env->SetProtoMethod(t, "getServername", GetServername);
env->SetProtoMethod(t, "setServername", SetServername);
tls_wrap: embed TLS encryption into streamwrap
12 years ago
#endif // SSL_CRT_SET_TLSEXT_SERVERNAME_CB
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
env->set_tls_wrap_constructor_template(t);
src: add multi-context support This commit makes it possible to use multiple V8 execution contexts within a single event loop. Put another way, handle and request wrap objects now &#34;remember&#34; the context they belong to and switch back to that context when the time comes to call into JS land. This could have been done in a quick and hacky way by calling v8::Object::GetCreationContext() on the wrap object right before making a callback but that leaves a fairly wide margin for bugs. Instead, we make the context explicit through a new Environment class that encapsulates everything (or almost everything) that belongs to the context. Variables that used to be a static or a global are now members of the aforementioned class. An additional benefit is that this approach should make it relatively straightforward to add full isolate support in due course. There is no JavaScript API yet but that will be added in the near future. This work was graciously sponsored by GitHub, Inc.
12 years ago
env->set_tls_wrap_constructor_function(t->GetFunction());
tls_wrap: proxy handle methods in prototype Set proxied methods wrappers in `TLSWrap` prototype instead of doing it on every socket allocation. Should speed up things a bit and will certainly make heapsnapshot less verbose. PR-URL: https://github.com/iojs/io.js/pull/1108 Reviewed-By: Ben Noordhuis &lt;info@bnoordhuis.nl&gt; Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt;
10 years ago
target->Set(FIXED_ONE_BYTE_STRING(env->isolate(), "TLSWrap"),
t->GetFunction());
tls_wrap: embed TLS encryption into streamwrap
12 years ago
}
} // namespace node
stream_base: introduce StreamBase StreamBase is an improved way to write C++ streams. The class itself is for separting `StreamWrap` (with the methods like `.writeAsciiString`, `.writeBuffer`, `.writev`, etc) from the `HandleWrap` class, making possible to write abstract C++ streams that are not bound to any uv socket. The following methods are important part of the abstraction (which mimics libuv&#39;s stream API): * Events: * `OnAlloc(size_t size, uv_buf_t*)` * `OnRead(ssize_t nread, const uv_buf_t*, uv_handle_type pending)` * `OnAfterWrite(WriteWrap*)` * Wrappers: * `DoShutdown(ShutdownWrap*)` * `DoTryWrite(uv_buf_t** bufs, size_t* count)` * `DoWrite(WriteWrap*, uv_buf_t*, size_t count, uv_stream_t* handle)` * `Error()` * `ClearError()` The implementation should provide all of these methods, thus providing the access to the underlying resource (be it uv handle, TLS socket, or anything else). A C++ stream may consume the input of another stream by replacing the event callbacks and proxying the writes. This kind of API is actually used now for the TLSWrap implementation, making it possible to wrap TLS stream into another TLS stream. Thus legacy API calls are no longer required in `_tls_wrap.js`. PR-URL: https://github.com/iojs/io.js/pull/840 Reviewed-By: Trevor Norris &lt;trev.norris@gmail.com&gt; Reviewed-By: Chris Dickinson &lt;christopher.s.dickinson@gmail.com&gt;
10 years ago
NODE_MODULE_CONTEXT_AWARE_BUILTIN(tls_wrap, node::TLSWrap::Initialize)