mirror of https://github.com/lukechilds/node.git
Browse Source
Move `createCredentials` to `tls` module and rename it to `createSecureContext`. Make it use default values from `tls` module: `DEFAULT_CIPHERS` and `DEFAULT_ECDH_CURVE`. fix #7249v0.11.13-release
Fedor Indutny
11 years ago
committed by
Fedor Indutny
17 changed files with 222 additions and 163 deletions
@ -0,0 +1,128 @@ |
|||
// Copyright Joyent, Inc. and other Node contributors.
|
|||
//
|
|||
// Permission is hereby granted, free of charge, to any person obtaining a
|
|||
// copy of this software and associated documentation files (the
|
|||
// "Software"), to deal in the Software without restriction, including
|
|||
// without limitation the rights to use, copy, modify, merge, publish,
|
|||
// distribute, sublicense, and/or sell copies of the Software, and to permit
|
|||
// persons to whom the Software is furnished to do so, subject to the
|
|||
// following conditions:
|
|||
//
|
|||
// The above copyright notice and this permission notice shall be included
|
|||
// in all copies or substantial portions of the Software.
|
|||
//
|
|||
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
|
|||
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
|
|||
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
|
|||
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
|
|||
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
|
|||
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
|
|||
// USE OR OTHER DEALINGS IN THE SOFTWARE.
|
|||
|
|||
var util = require('util'); |
|||
var tls = require('tls'); |
|||
|
|||
// Lazily loaded
|
|||
var crypto = null; |
|||
|
|||
var binding = process.binding('crypto'); |
|||
var NativeSecureContext = binding.SecureContext; |
|||
|
|||
function SecureContext(secureProtocol, flags, context) { |
|||
if (!(this instanceof SecureContext)) { |
|||
return new SecureContext(secureProtocol, flags, context); |
|||
} |
|||
|
|||
if (context) { |
|||
this.context = context; |
|||
} else { |
|||
this.context = new NativeSecureContext(); |
|||
|
|||
if (secureProtocol) { |
|||
this.context.init(secureProtocol); |
|||
} else { |
|||
this.context.init(); |
|||
} |
|||
} |
|||
|
|||
if (flags) this.context.setOptions(flags); |
|||
} |
|||
|
|||
exports.SecureContext = SecureContext; |
|||
|
|||
|
|||
exports.createSecureContext = function createSecureContext(options, context) { |
|||
if (!options) options = {}; |
|||
|
|||
var c = new SecureContext(options.secureProtocol, |
|||
options.secureOptions, |
|||
context); |
|||
|
|||
if (context) return c; |
|||
|
|||
if (options.key) { |
|||
if (options.passphrase) { |
|||
c.context.setKey(options.key, options.passphrase); |
|||
} else { |
|||
c.context.setKey(options.key); |
|||
} |
|||
} |
|||
|
|||
if (options.cert) c.context.setCert(options.cert); |
|||
|
|||
if (options.ciphers) |
|||
c.context.setCiphers(options.ciphers); |
|||
else |
|||
c.context.setCiphers(tls.DEFAULT_CIPHERS); |
|||
|
|||
if (util.isUndefined(options.ecdhCurve)) |
|||
c.context.setECDHCurve(tls.DEFAULT_ECDH_CURVE); |
|||
else if (options.ecdhCurve) |
|||
c.context.setECDHCurve(options.ecdhCurve); |
|||
|
|||
if (options.ca) { |
|||
if (util.isArray(options.ca)) { |
|||
for (var i = 0, len = options.ca.length; i < len; i++) { |
|||
c.context.addCACert(options.ca[i]); |
|||
} |
|||
} else { |
|||
c.context.addCACert(options.ca); |
|||
} |
|||
} else { |
|||
c.context.addRootCerts(); |
|||
} |
|||
|
|||
if (options.crl) { |
|||
if (util.isArray(options.crl)) { |
|||
for (var i = 0, len = options.crl.length; i < len; i++) { |
|||
c.context.addCRL(options.crl[i]); |
|||
} |
|||
} else { |
|||
c.context.addCRL(options.crl); |
|||
} |
|||
} |
|||
|
|||
if (options.sessionIdContext) { |
|||
c.context.setSessionIdContext(options.sessionIdContext); |
|||
} |
|||
|
|||
if (options.pfx) { |
|||
var pfx = options.pfx; |
|||
var passphrase = options.passphrase; |
|||
|
|||
if (!crypto) |
|||
crypto = require('crypto'); |
|||
|
|||
pfx = crypto._toBuf(pfx); |
|||
if (passphrase) |
|||
passphrase = crypto._toBuf(passphrase); |
|||
|
|||
if (passphrase) { |
|||
c.context.loadPKCS12(pfx, passphrase); |
|||
} else { |
|||
c.context.loadPKCS12(pfx); |
|||
} |
|||
} |
|||
|
|||
return c; |
|||
}; |
Loading…
Reference in new issue