Browse Source

tls: add `options` argument to createSecurePair

Helps in implementation of #6204, where some options passed to
`createSecurePair()` are ignored before this patch.

These options are very helpful if someone wants to pass
`options.servername` or `options.SNICallback` to securepair.

PR-URL: https://github.com/nodejs/node/pull/2441
Reviewed-By: Fedor Indutny <fedor@indutny.com>
process-exit-stdio-flushing
Коренберг Марк 10 years ago
committed by Fedor Indutny
parent
commit
d8db75730f
  1. 4
      doc/api/tls.markdown
  2. 6
      lib/_tls_legacy.js
  3. BIN
      test/fixtures/google_ssl_hello.bin
  4. 27
      test/parallel/test-tls-securepair-fiftharg.js

4
doc/api/tls.markdown

@ -511,7 +511,7 @@ publicly trusted list of CAs as given in
<http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt>.
## tls.createSecurePair([context][, isServer][, requestCert][, rejectUnauthorized])
## tls.createSecurePair([context][, isServer][, requestCert][, rejectUnauthorized][, options])
Creates a new secure pair object with two streams, one of which reads/writes
encrypted data, and one reads/writes cleartext data.
@ -530,6 +530,8 @@ and the cleartext one is used as a replacement for the initial encrypted stream.
automatically reject clients with invalid certificates. Only applies to
servers with `requestCert` enabled.
- `options`: An object with common SSL options. See [tls.TLSSocket][].
`tls.createSecurePair()` returns a SecurePair object with `cleartext` and
`encrypted` stream properties.

6
lib/_tls_legacy.js

@ -761,11 +761,13 @@ function securePairNT(self, options) {
exports.createSecurePair = function(context,
isServer,
requestCert,
rejectUnauthorized) {
rejectUnauthorized,
options) {
var pair = new SecurePair(context,
isServer,
requestCert,
rejectUnauthorized);
rejectUnauthorized,
options);
return pair;
};

BIN
test/fixtures/google_ssl_hello.bin

Binary file not shown.

27
test/parallel/test-tls-securepair-fiftharg.js

@ -0,0 +1,27 @@
'use strict';
const common = require('../common');
const assert = require('assert');
const fs = require('fs');
const tls = require('tls');
const sslcontext = tls.createSecureContext({
cert: fs.readFileSync(common.fixturesDir + '/test_cert.pem'),
key: fs.readFileSync(common.fixturesDir + '/test_key.pem')
});
var catchedServername;
const pair = tls.createSecurePair(sslcontext, true, false, false, {
SNICallback: common.mustCall(function(servername, cb) {
catchedServername = servername;
})
});
// captured traffic from browser's request to https://www.google.com
const sslHello = fs.readFileSync(common.fixturesDir + '/google_ssl_hello.bin');
pair.encrypted.write(sslHello);
process.on('exit', function() {
assert.strictEqual('www.google.com', catchedServername);
});
Loading…
Cancel
Save