|
@ -257,6 +257,7 @@ var securePool = null; |
|
|
function allocNewSecurePool () { |
|
|
function allocNewSecurePool () { |
|
|
securePool = new Buffer(40*1024); |
|
|
securePool = new Buffer(40*1024); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
var emptyBuffer = null; |
|
|
var emptyBuffer = null; |
|
|
function allocEmptyBuffer () { |
|
|
function allocEmptyBuffer () { |
|
|
emptyBuffer = new Buffer(1); |
|
|
emptyBuffer = new Buffer(1); |
|
@ -295,8 +296,10 @@ function initStream (self) { |
|
|
if (!securePool) allocNewSecurePool(); |
|
|
if (!securePool) allocNewSecurePool(); |
|
|
secureBytesRead = read(self.fd, securePool, 0, securePool.length); |
|
|
secureBytesRead = read(self.fd, securePool, 0, securePool.length); |
|
|
self.secureStream.readInject(securePool, 0, secureBytesRead); |
|
|
self.secureStream.readInject(securePool, 0, secureBytesRead); |
|
|
bytesRead = self.secureStream.readExtract(pool, pool.used, pool.length - pool.used); |
|
|
bytesRead = self.secureStream.readExtract(pool, |
|
|
if(!self.secureEstablished) { |
|
|
pool.used, |
|
|
|
|
|
pool.length - pool.used); |
|
|
|
|
|
if (!self.secureEstablished) { |
|
|
if (self.secureStream.isInitFinished()) { |
|
|
if (self.secureStream.isInitFinished()) { |
|
|
self.secureEstablished = true; |
|
|
self.secureEstablished = true; |
|
|
if (self._events && self._events['secure']) self.emit('secure'); |
|
|
if (self._events && self._events['secure']) self.emit('secure'); |
|
@ -319,13 +322,16 @@ function initStream (self) { |
|
|
|
|
|
|
|
|
//debug('bytesRead ' + bytesRead + '\n');
|
|
|
//debug('bytesRead ' + bytesRead + '\n');
|
|
|
|
|
|
|
|
|
if (self.secure && bytesRead == 0 && secureBytesRead >0){ |
|
|
if (self.secure && bytesRead == 0 && secureBytesRead > 0){ |
|
|
// Deal with SSL handshake
|
|
|
// Deal with SSL handshake
|
|
|
if (self.server) { |
|
|
if (self.server) { |
|
|
self._checkForSecureHandshake(); |
|
|
self._checkForSecureHandshake(); |
|
|
} else { |
|
|
} else { |
|
|
if (self.secureEstablised) self.flush(); |
|
|
if (self.secureEstablised) { |
|
|
else self._checkForSecureHandshake(); |
|
|
self.flush(); |
|
|
|
|
|
} else { |
|
|
|
|
|
self._checkForSecureHandshake(); |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
} else if (bytesRead === 0) { |
|
|
} else if (bytesRead === 0) { |
|
|
self.readable = false; |
|
|
self.readable = false; |
|
@ -434,16 +440,16 @@ Stream.prototype.setSecure = function(credentials) { |
|
|
} else { |
|
|
} else { |
|
|
this.credentials = credentials; |
|
|
this.credentials = credentials; |
|
|
} |
|
|
} |
|
|
this.secureStream = new SecureStream(this.credentials.context, this.server?1:0); |
|
|
|
|
|
|
|
|
this.secureStream = new SecureStream(this.credentials.context, this.server ? 1 : 0); |
|
|
|
|
|
|
|
|
if (!this.server) { |
|
|
if (!this.server) { |
|
|
// If client, trigger handshake
|
|
|
// If client, trigger handshake
|
|
|
this._checkForSecureHandshake(); |
|
|
this._checkForSecureHandshake(); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype.verifyPeer = function() { |
|
|
Stream.prototype.verifyPeer = function() { |
|
|
if (!this.secure) { |
|
|
if (!this.secure) { |
|
|
throw new Error('Stream is not a secure stream.'); |
|
|
throw new Error('Stream is not a secure stream.'); |
|
@ -451,12 +457,14 @@ Stream.prototype.verifyPeer = function() { |
|
|
return this.secureStream.verifyPeer(this.credentials.context); |
|
|
return this.secureStream.verifyPeer(this.credentials.context); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype._checkForSecureHandshake = function() { |
|
|
Stream.prototype._checkForSecureHandshake = function() { |
|
|
// Do an empty write to see if we need to write out as part of handshake
|
|
|
// Do an empty write to see if we need to write out as part of handshake
|
|
|
if (!emptyBuffer) allocEmptyBuffer(); |
|
|
if (!emptyBuffer) allocEmptyBuffer(); |
|
|
this.write(emptyBuffer); |
|
|
this.write(emptyBuffer); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype.getPeerCertificate = function(credentials) { |
|
|
Stream.prototype.getPeerCertificate = function(credentials) { |
|
|
if (!this.secure) { |
|
|
if (!this.secure) { |
|
|
throw new Error('Stream is not a secure stream.'); |
|
|
throw new Error('Stream is not a secure stream.'); |
|
@ -464,6 +472,7 @@ Stream.prototype.getPeerCertificate = function(credentials) { |
|
|
return this.secureStream.getPeerCertificate(); |
|
|
return this.secureStream.getPeerCertificate(); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype.getCipher = function() { |
|
|
Stream.prototype.getCipher = function() { |
|
|
if (!this.secure) { |
|
|
if (!this.secure) { |
|
|
throw new Error('Stream is not a secure stream.'); |
|
|
throw new Error('Stream is not a secure stream.'); |
|
@ -535,7 +544,8 @@ Stream.prototype._shutdownSecure = function () { |
|
|
var secureLen = this.secureStream.writeExtract(securePool, 0, securePool.length); |
|
|
var secureLen = this.secureStream.writeExtract(securePool, 0, securePool.length); |
|
|
try { |
|
|
try { |
|
|
var secureBytesWritten = write(this.fd, securePool, 0, secureLen); |
|
|
var secureBytesWritten = write(this.fd, securePool, 0, secureLen); |
|
|
} catch (e) {} |
|
|
} catch (e) { |
|
|
|
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
// Directly writes the data to socket.
|
|
|
// Directly writes the data to socket.
|
|
@ -552,10 +562,10 @@ Stream.prototype._writeOut = function (data, encoding) { |
|
|
else throw new Error('Stream is not writable'); |
|
|
else throw new Error('Stream is not writable'); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
var buffer, off, len; |
|
|
var buffer, off, len; |
|
|
var bytesWritten, charsWritten; |
|
|
var bytesWritten, charsWritten; |
|
|
var queuedData = false; |
|
|
var queuedData = false; |
|
|
|
|
|
|
|
|
if (typeof data != 'string') { |
|
|
if (typeof data != 'string') { |
|
|
// 'data' is a buffer, ignore 'encoding'
|
|
|
// 'data' is a buffer, ignore 'encoding'
|
|
|
buffer = data; |
|
|
buffer = data; |
|
|