Browse Source

tls: export TLSSocket

v0.11.4-release
Fedor Indutny 12 years ago
parent
commit
07fbb43d78
  1. 32
      doc/api/tls.markdown
  2. 14
      lib/_tls_wrap.js
  3. 1
      lib/tls.js

32
doc/api/tls.markdown

@ -329,6 +329,34 @@ Or
server.close();
});
## Class: tls.TLSSocket
Wrapper for instance of [net.Socket][], replaces internal socket read/write
routines to perform transparent encryption/decryption of incoming/outgoing data.
## new tls.TLSSocket(socket, options)
Construct a new TLSSocket object from existing TCP socket.
`socket` is an instance of [net.Socket][]
`options` is an object that might contain following properties:
- `credentials`: An optional credentials object from
`crypto.createCredentials( ... )`
- `isServer`: If true - TLS socket will be instantiated in server-mode
- `server`: An optional [net.Server][] instance
- `requestCert`: Optional, see [tls.createSecurePair][]
- `rejectUnauthorized`: Optional, see [tls.createSecurePair][]
- `NPNProtocols`: Optional, see [tls.createServer][]
- `SNICallback`: Optional, see [tls.createServer][]
## tls.createSecurePair([credentials], [isServer], [requestCert], [rejectUnauthorized])
Stability: 0 - Deprecated. Use tls.TLSSocket instead.
@ -572,7 +600,11 @@ The numeric representation of the local port.
[OpenSSL cipher list format documentation]: http://www.openssl.org/docs/apps/ciphers.html#CIPHER_LIST_FORMAT
[BEAST attacks]: http://blog.ivanristic.com/2011/10/mitigating-the-beast-attack-on-tls.html
[tls.createServer]: #tls_tls_createserver_options_secureconnectionlistener
[tls.createSecurePair]: #tls_tls_createsecurepair_credentials_isserver_requestcert_rejectunauthorized
[tls.TLSSocket]: #tls_class_tls_tlssocket
[net.Server]: net.html#net_class_net_server
[net.Socket]: net.html#net_class_net_socket
[net.Server.address()]: net.html#net_server_address
['secureConnect']: #tls_event_secureconnect
[secureConnection]: #tls_event_secureconnection

14
lib/_tls_wrap.js

@ -63,6 +63,7 @@ function onclienthello(hello) {
}
if (hello.sessionId.length <= 0 ||
this.server &&
!this.server.emit('resumeSession', hello.sessionId, callback)) {
callback(null, null);
}
@ -70,7 +71,8 @@ function onclienthello(hello) {
function onnewsession(key, session) {
this.server.emit('newSession', key, session);
if (this.server)
this.server.emit('newSession', key, session);
}
@ -103,6 +105,7 @@ function TLSSocket(socket, options) {
this._init();
}
util.inherits(TLSSocket, net.Socket);
exports.TLSSocket = TLSSocket;
TLSSocket.prototype._init = function() {
assert(this._handle);
@ -137,8 +140,9 @@ TLSSocket.prototype._init = function() {
this.ssl.lastHandshakeTime = 0;
this.ssl.handshakes = 0;
if (this.server.listeners('resumeSession').length > 0 ||
this.server.listeners('newSession').length > 0) {
if (this.server &&
(this.server.listeners('resumeSession').length > 0 ||
this.server.listeners('newSession').length > 0)) {
this.ssl.enableSessionCallbacks();
}
} else {
@ -164,7 +168,9 @@ TLSSocket.prototype._init = function() {
if (process.features.tls_sni &&
options.isServer &&
options.SNICallback && options.server._contexts.length) {
options.server &&
options.SNICallback &&
options.server._contexts.length) {
this.ssl.onsniselect = options.SNICallback;
}

1
lib/tls.js

@ -207,6 +207,7 @@ exports.parseCertString = function parseCertString(s) {
};
// Public API
exports.TLSSocket = require('_tls_wrap').TLSSocket;
exports.Server = require('_tls_wrap').Server;
exports.createServer = require('_tls_wrap').createServer;
exports.connect = require('_tls_wrap').connect;

Loading…
Cancel
Save