lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Merge remote branch 'origin/v0.4' 

Conflicts:
	doc/api/tls.markdown
v0.7.4-release
Ryan Dahl 14 years ago
parent
d72c6940f8 9cd510846e
commit
8320af7ef3
4 changed files with 100 additions and 18 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      doc/api/buffers.markdown
  2. 16
      doc/api/fs.markdown
  3. 99
      doc/api/tls.markdown
  4. 1
      lib/http.js

2
doc/api/buffers.markdown
View File

@ -128,7 +128,7 @@ buffer object. It does not change when the contents of the buffer are changed.
### buffer.copy(targetBuffer, targetStart=0, sourceStart=0, sourceEnd=buffer.length) ### buffer.copy(targetBuffer, targetStart=0, sourceStart=0, sourceEnd=buffer.length)
Does a memcpy() between buffers. Does copy between buffers. The source and target regions can be overlapped.
Example: build two Buffers, then copy `buf1` from byte 16 through byte 19 Example: build two Buffers, then copy `buf1` from byte 16 through byte 19
into `buf2`, starting at the 8th byte in `buf2`. into `buf2`, starting at the 8th byte in `buf2`.

16
doc/api/fs.markdown
View File

@ -73,30 +73,30 @@ given to the completion callback.
Synchronous ftruncate(2). Synchronous ftruncate(2).
### fs.chown(path, mode, [callback]) ### fs.chown(path, uid, gid, [callback])
Asycnronous chown(2). No arguments other than a possible exception are given Asycnronous chown(2). No arguments other than a possible exception are given
to the completion callback. to the completion callback.
### fs.chownSync(path, mode) ### fs.chownSync(path, uid, gid)
Synchronous chown(2). Synchronous chown(2).
### fs.fchown(path, mode, [callback]) ### fs.fchown(path, uid, gid, [callback])
Asycnronous fchown(2). No arguments other than a possible exception are given Asycnronous fchown(2). No arguments other than a possible exception are given
to the completion callback. to the completion callback.
### fs.fchownSync(path, mode) ### fs.fchownSync(path, uid, gid)
Synchronous fchown(2). Synchronous fchown(2).
### fs.lchown(path, mode, [callback]) ### fs.lchown(path, uid, gid, [callback])
Asycnronous lchown(2). No arguments other than a possible exception are given Asycnronous lchown(2). No arguments other than a possible exception are given
to the completion callback. to the completion callback.
### fs.lchownSync(path, mode) ### fs.lchownSync(path, uid, gid)
Synchronous lchown(2). Synchronous lchown(2).
@ -409,7 +409,7 @@ value in milliseconds. The default is `{ persistent: true, interval: 0 }`.
The `listener` gets two arguments the current stat object and the previous The `listener` gets two arguments the current stat object and the previous
stat object: stat object:
fs.watchFile(f, function (curr, prev) { fs.watchFile('message.text', function (curr, prev) {
console.log('the current mtime is: ' + curr.mtime); console.log('the current mtime is: ' + curr.mtime);
console.log('the previous mtime was: ' + prev.mtime); console.log('the previous mtime was: ' + prev.mtime);
}); });
@ -417,7 +417,7 @@ stat object:
These stat objects are instances of `fs.Stat`. These stat objects are instances of `fs.Stat`.
If you want to be notified when the file was modified, not just accessed If you want to be notified when the file was modified, not just accessed
you need to compare `curr.mtime` and `prev.mtime. you need to compare `curr.mtime` and `prev.mtime`.
### fs.unwatchFile(filename) ### fs.unwatchFile(filename)

99
doc/api/tls.markdown
View File

@ -49,12 +49,12 @@ defaults to `localhost`.) `options` should be an object which specifies
- `servername`: Servername for SNI (Server Name Indication) TLS extension. - `servername`: Servername for SNI (Server Name Indication) TLS extension.
`tls.connect()` returns a cleartext `CryptoStream` object. `tls.connect()` returns a [CleartextStream](#tls.CleartextStream) object.
After the TLS/SSL handshake the `callback` is called. The `callback` will be After the TLS/SSL handshake the `callback` is called. The `callback` will be
called no matter if the server's certificate was authorized or not. It is up called no matter if the server's certificate was authorized or not. It is up
to the user to test `s.authorized` to see if the server certificate was to the user to test `s.authorized` to see if the server certificate was signed
signed by one of the specified CAs. If `s.authorized === false` then the error by one of the specified CAs. If `s.authorized === false` then the error
can be found in `s.authorizationError`. Also if NPN was used - you can check can be found in `s.authorizationError`. Also if NPN was used - you can check
`s.npnProtocol` for negotiated protocol. `s.npnProtocol` for negotiated protocol.
@ -64,11 +64,13 @@ can be found in `s.authorizationError`. Also if NPN was used - you can check
In the v0.4 branch no function exists for starting a TLS session on an In the v0.4 branch no function exists for starting a TLS session on an
already existing TCP connection. This is possible it just requires a bit of already existing TCP connection. This is possible it just requires a bit of
work. The technique is to use `tls.createSecurePair()` which returns two work. The technique is to use `tls.createSecurePair()` which returns two
streams: an encrypted stream and a plaintext stream. The encrypted stream is then streams: an encrypted stream and a cleartext stream. The encrypted stream is
piped to the socket, the plaintext stream is what the user interacts with thereafter. then piped to the socket, the cleartext stream is what the user interacts with
thereafter.
[Here is some code that does it.](http://gist.github.com/848444) [Here is some code that does it.](http://gist.github.com/848444)
<<<<<<< HEAD
### NPN and SNI ### NPN and SNI
NPN (Next Protocol Negotitation) and SNI (Server Name Indication) are TLS NPN (Next Protocol Negotitation) and SNI (Server Name Indication) are TLS
@ -77,7 +79,38 @@ handshake extensions allowing you:
* NPN - to use one TLS server for multiple protocols (HTTP, SPDY) * NPN - to use one TLS server for multiple protocols (HTTP, SPDY)
* SNI - to use one TLS server for multiple hostnames with different SSL * SNI - to use one TLS server for multiple hostnames with different SSL
certificates. certificates.
=======
### pair = tls.createSecurePair([credentials], [isServer], [requestCert], [rejectUnauthorized])
Creates a new secure pair object with two streams, one of which reads/writes
encrypted data, and one reads/writes cleartext data.
Generally the encrypted one is piped to/from an incoming encrypted data stream,
and the cleartext one is used as a replacement for the initial encrypted stream.
>>>>>>> origin/v0.4
- `credentials`: A credentials object from crypto.createCredentials( ... )
- `isServer`: A boolean indicating whether this tls connection should be
opened as a server or a client.
- `requestCert`: A boolean indicating whether a server should request a
certificate from a connecting client. Only applies to server connections.
- `rejectUnauthorized`: A boolean indicating whether a server should
automatically reject clients with invalid certificates. Only applies to
servers with `requestCert` enabled.
`tls.createSecurePair()` returns a SecurePair object with
[cleartext](#tls.CleartextStream) and `encrypted` stream properties.
#### Event: 'secure'
The event is emitted from the SecurePair once the pair has successfully
established a secure connection.
Similarly to the checking for the server 'secureConnection' event,
pair.cleartext.authorized should be checked to confirm whether the certificate
used properly authorized.
### tls.Server ### tls.Server
@ -146,8 +179,9 @@ has these possibilities:
`function (cleartextStream) {}` `function (cleartextStream) {}`
This event is emitted after a new connection has been successfully This event is emitted after a new connection has been successfully
handshaked. The argument is a duplex instance of `stream.Stream`. It has all handshaked. The argument is a instance of
the common stream methods and events. [CleartextStream](#tls.CleartextStream). It has all the common stream methods
and events.
`cleartextStream.authorized` is a boolean value which indicates if the `cleartextStream.authorized` is a boolean value which indicates if the
client has verified by one of the supplied certificate authorities for the client has verified by one of the supplied certificate authorities for the
@ -186,8 +220,57 @@ matching passed `hostname` (wildcards can be used). `credentials` can contain
#### server.maxConnections #### server.maxConnections
Set this property to reject connections when the server's connection count gets high. Set this property to reject connections when the server's connection count
gets high.
#### server.connections #### server.connections
The number of concurrent connections on the server. The number of concurrent connections on the server.
### tls.CleartextStream
This is a stream on top of the *Encrypted* stream that makes it possible to
read/write an encrypted data as a cleartext data.
This instance implements a duplex [Stream](streams.html#streams) interfaces.
It has all the common stream methods and events.
#### cleartextStream.authorized
A boolean that is `true` if the peer certificate was signed by one of the
specified CAs, otherwise `false`
#### cleartextStream.authorizationError
The reason why the peer's certificate has not been verified. This property
becomes available only when `cleartextStream.authorized === false`.
#### cleartextStream.getPeerCertificate()
Returns an object representing the peer's certicicate. The returned object has
some properties corresponding to the field of the certificate.
Example:
{ subject:
{ C: 'UK',
ST: 'Acknack Ltd',
L: 'Rhys Jones',
O: 'node.js',
OU: 'Test TLS Certificate',
CN: 'localhost' },
issuer:
{ C: 'UK',
ST: 'Acknack Ltd',
L: 'Rhys Jones',
O: 'node.js',
OU: 'Test TLS Certificate',
CN: 'localhost' },
valid_from: 'Nov 11 09:52:22 2009 GMT',
valid_to: 'Nov 6 09:52:22 2029 GMT',
fingerprint: '2A:7A:C2:DD:E5:F9:CC:53:72:35:99:7A:02:5A:71:38:52:EC:8A:DF' }
If the peer does not provide a certificate, it returns `null` or an empty
object.

1
lib/http.js
View File

@ -609,7 +609,6 @@ OutgoingMessage.prototype.write = function(chunk, encoding) {
if (typeof(chunk) === 'string') { if (typeof(chunk) === 'string') {
len = Buffer.byteLength(chunk, encoding); len = Buffer.byteLength(chunk, encoding);
var chunk = len.toString(16) + CRLF + chunk + CRLF; var chunk = len.toString(16) + CRLF + chunk + CRLF;
debug('string chunk = ' + util.inspect(chunk));
ret = this._send(chunk, encoding); ret = this._send(chunk, encoding);
} else { } else {
// buffer // buffer

Write Preview
Loading…
Cancel
Save