|
|
@ -52,9 +52,9 @@ var END_OF_FILE = 42; |
|
|
|
try { |
|
|
|
var SecureContext = process.binding('crypto').SecureContext; |
|
|
|
var SecureStream = process.binding('crypto').SecureStream; |
|
|
|
var have_crypto = true; |
|
|
|
var haveCrypto = true; |
|
|
|
} catch (e) { |
|
|
|
var have_crypto = false; |
|
|
|
var haveCrypto = false; |
|
|
|
} |
|
|
|
|
|
|
|
// IDLE TIMEOUTS
|
|
|
@ -221,14 +221,14 @@ var ioWatchers = new FreeList("iowatcher", 100, function () { |
|
|
|
|
|
|
|
exports.isIP = binding.isIP; |
|
|
|
|
|
|
|
exports.isIPv4 = function(input) { |
|
|
|
exports.isIPv4 = function (input) { |
|
|
|
if (binding.isIP(input) === 4) { |
|
|
|
return true; |
|
|
|
} |
|
|
|
return false; |
|
|
|
}; |
|
|
|
|
|
|
|
exports.isIPv6 = function(input) { |
|
|
|
exports.isIPv6 = function (input) { |
|
|
|
if (binding.isIP(input) === 6) { |
|
|
|
return true; |
|
|
|
} |
|
|
@ -272,7 +272,7 @@ function setImplmentationMethods (self) { |
|
|
|
}; |
|
|
|
|
|
|
|
if (self.type == 'unix') { |
|
|
|
self._writeImpl = function(buf, off, len, fd, flags) { |
|
|
|
self._writeImpl = function (buf, off, len, fd, flags) { |
|
|
|
// Detect and disallow zero-byte writes wth an attached file
|
|
|
|
// descriptor. This is an implementation limitation of sendmsg(2).
|
|
|
|
if (fd && noData(buf, off, len)) { |
|
|
@ -282,7 +282,7 @@ function setImplmentationMethods (self) { |
|
|
|
return sendMsg(self.fd, buf, off, len, fd, flags); |
|
|
|
}; |
|
|
|
|
|
|
|
self._readImpl = function(buf, off, len, calledByIOWatcher) { |
|
|
|
self._readImpl = function (buf, off, len, calledByIOWatcher) { |
|
|
|
var bytesRead = recvMsg(self.fd, buf, off, len); |
|
|
|
|
|
|
|
// Do not emit this in the same stack, otherwise we risk corrupting our
|
|
|
@ -296,7 +296,7 @@ function setImplmentationMethods (self) { |
|
|
|
if (recvMsg.fd !== null) { |
|
|
|
(function () { |
|
|
|
var fd = recvMsg.fd; |
|
|
|
process.nextTick(function() { |
|
|
|
process.nextTick(function () { |
|
|
|
self.emit('fd', fd); |
|
|
|
}); |
|
|
|
})(); |
|
|
@ -305,7 +305,7 @@ function setImplmentationMethods (self) { |
|
|
|
return bytesRead; |
|
|
|
}; |
|
|
|
} else { |
|
|
|
self._writeImpl = function(buf, off, len, fd, flags) { |
|
|
|
self._writeImpl = function (buf, off, len, fd, flags) { |
|
|
|
// XXX: TLS support requires that 0-byte writes get processed
|
|
|
|
// by the kernel for some reason. Otherwise, we'd just
|
|
|
|
// fast-path return here.
|
|
|
@ -315,18 +315,18 @@ function setImplmentationMethods (self) { |
|
|
|
return write(self.fd, buf, off, len); |
|
|
|
}; |
|
|
|
|
|
|
|
self._readImpl = function(buf, off, len, calledByIOWatcher) { |
|
|
|
self._readImpl = function (buf, off, len, calledByIOWatcher) { |
|
|
|
return read(self.fd, buf, off, len); |
|
|
|
}; |
|
|
|
} |
|
|
|
|
|
|
|
self._shutdownImpl = function() { |
|
|
|
self._shutdownImpl = function () { |
|
|
|
shutdown(self.fd, 'write') |
|
|
|
}; |
|
|
|
|
|
|
|
if (self.secure) { |
|
|
|
var oldWrite = self._writeImpl; |
|
|
|
self._writeImpl = function(buf, off, len, fd, flags) { |
|
|
|
self._writeImpl = function (buf, off, len, fd, flags) { |
|
|
|
assert(buf); |
|
|
|
assert(self.secure); |
|
|
|
|
|
|
@ -336,9 +336,9 @@ function setImplmentationMethods (self) { |
|
|
|
allocNewSecurePool(); |
|
|
|
} |
|
|
|
|
|
|
|
var secureLen = self.secureStream.writeExtract( |
|
|
|
securePool, 0, securePool.length |
|
|
|
); |
|
|
|
var secureLen = self.secureStream.writeExtract(securePool, |
|
|
|
0, |
|
|
|
securePool.length); |
|
|
|
|
|
|
|
if (secureLen == -1) { |
|
|
|
// Check our read again for secure handshake
|
|
|
@ -359,7 +359,7 @@ function setImplmentationMethods (self) { |
|
|
|
}; |
|
|
|
|
|
|
|
var oldRead = self._readImpl; |
|
|
|
self._readImpl = function(buf, off, len, calledByIOWatcher) { |
|
|
|
self._readImpl = function (buf, off, len, calledByIOWatcher) { |
|
|
|
assert(self.secure); |
|
|
|
|
|
|
|
var bytesRead = 0; |
|
|
@ -376,12 +376,10 @@ function setImplmentationMethods (self) { |
|
|
|
|
|
|
|
var chunkBytes; |
|
|
|
do { |
|
|
|
chunkBytes = self.secureStream.readExtract( |
|
|
|
pool, |
|
|
|
chunkBytes = |
|
|
|
self.secureStream.readExtract(pool, |
|
|
|
pool.used + bytesRead, |
|
|
|
pool.length - pool.used - bytesRead |
|
|
|
); |
|
|
|
|
|
|
|
pool.length - pool.used - bytesRead); |
|
|
|
bytesRead += chunkBytes; |
|
|
|
} while ((chunkBytes > 0) && (pool.used + bytesRead < pool.length)); |
|
|
|
|
|
|
@ -391,8 +389,7 @@ function setImplmentationMethods (self) { |
|
|
|
|
|
|
|
if (self.secureStream.readPending()) { |
|
|
|
process.nextTick(function () { |
|
|
|
if(self._readWatcher) |
|
|
|
self._readWatcher.callback(); |
|
|
|
if (self._readWatcher) self._readWatcher.callback(); |
|
|
|
}); |
|
|
|
} |
|
|
|
|
|
|
@ -430,7 +427,7 @@ function setImplmentationMethods (self) { |
|
|
|
}; |
|
|
|
|
|
|
|
var oldShutdown = self._shutdownImpl; |
|
|
|
self._shutdownImpl = function() { |
|
|
|
self._shutdownImpl = function () { |
|
|
|
self.secureStream.shutdown(); |
|
|
|
|
|
|
|
if (!securePool) { |
|
|
@ -466,7 +463,10 @@ function initStream (self) { |
|
|
|
var bytesRead; |
|
|
|
|
|
|
|
try { |
|
|
|
bytesRead = self._readImpl(pool, pool.used, pool.length - pool.used, (arguments.length > 0)); |
|
|
|
bytesRead = self._readImpl(pool, |
|
|
|
pool.used, |
|
|
|
pool.length - pool.used, |
|
|
|
(arguments.length > 0)); |
|
|
|
} catch (e) { |
|
|
|
self.destroy(e); |
|
|
|
return; |
|
|
@ -544,8 +544,8 @@ function Stream (fd, type) { |
|
|
|
sys.inherits(Stream, events.EventEmitter); |
|
|
|
exports.Stream = Stream; |
|
|
|
|
|
|
|
Stream.prototype.setSecure = function(credentials) { |
|
|
|
if (!have_crypto) { |
|
|
|
Stream.prototype.setSecure = function (credentials) { |
|
|
|
if (!haveCrypto) { |
|
|
|
throw new Error('node.js not compiled with openssl crypto support.'); |
|
|
|
} |
|
|
|
var crypto= require("crypto"); |
|
|
@ -558,10 +558,12 @@ Stream.prototype.setSecure = function(credentials) { |
|
|
|
this.credentials = credentials; |
|
|
|
} |
|
|
|
if (!this.server) { |
|
|
|
// For clients, we will always have either a given ca list or the default one;
|
|
|
|
// For clients, we will always have either a given ca list or the default on
|
|
|
|
this.credentials.shouldVerify = true; |
|
|
|
} |
|
|
|
this.secureStream = new SecureStream(this.credentials.context, this.server ? 1 : 0, this.credentials.shouldVerify ? 1 : 0); |
|
|
|
this.secureStream = new SecureStream(this.credentials.context, |
|
|
|
this.server ? 1 : 0, |
|
|
|
this.credentials.shouldVerify ? 1 : 0); |
|
|
|
|
|
|
|
setImplmentationMethods(this); |
|
|
|
|
|
|
@ -572,7 +574,7 @@ Stream.prototype.setSecure = function(credentials) { |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype.verifyPeer = function() { |
|
|
|
Stream.prototype.verifyPeer = function () { |
|
|
|
if (!this.secure) { |
|
|
|
throw new Error('Stream is not a secure stream.'); |
|
|
|
} |
|
|
@ -580,7 +582,7 @@ Stream.prototype.verifyPeer = function() { |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype._checkForSecureHandshake = function() { |
|
|
|
Stream.prototype._checkForSecureHandshake = function () { |
|
|
|
if (!this.writable) { |
|
|
|
return; |
|
|
|
} |
|
|
@ -591,7 +593,7 @@ Stream.prototype._checkForSecureHandshake = function() { |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype.getPeerCertificate = function(credentials) { |
|
|
|
Stream.prototype.getPeerCertificate = function (credentials) { |
|
|
|
if (!this.secure) { |
|
|
|
throw new Error('Stream is not a secure stream.'); |
|
|
|
} |
|
|
@ -599,7 +601,7 @@ Stream.prototype.getPeerCertificate = function(credentials) { |
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
Stream.prototype.getCipher = function() { |
|
|
|
Stream.prototype.getCipher = function () { |
|
|
|
if (!this.secure) { |
|
|
|
throw new Error('Stream is not a secure stream.'); |
|
|
|
} |
|
|
|