Ryan Dahl
6312e889b1
Drain OpenSSL error queue? Addresses #1719
13 years ago
Ben Noordhuis
638773628c
tls: new[] instead of malloc() in Connection::GetSession()
14 years ago
Sean Cunningham
eb99083d0b
tls: add client-side session resumption support
14 years ago
koichik
28a908471d
crypto: Fix BIO's usage.
Fixes #1612 .
Fixes #1296 .
14 years ago
Ben Noordhuis
5ded5e274f
crypto: use X509_get_ext_by_NID(NID_subject_alt_name)
14 years ago
Niclas Hoyer
7b2536a1a2
Added additional properties to getPeerCertificate, now includes subjectAltName, Exponent and Modulus (FOAF+SSL friendly).
Patch written by Nathan,
http://groups.google.com/group/nodejs/browse_thread/thread/1d42da4cb2e51536
14 years ago
Ryan Dahl
84cf0c5280
crypto: set data before sending to thread pool
fixes test-crypto
14 years ago
Ryan Dahl
21cc4c4985
Upgrade libuv to ea4271f
Required adding uv_default_loop() in many places.
14 years ago
koichik
6f60683802
tls: x509 certificate subject parsing fail
Fixes #1568 .
14 years ago
Igor Zinkovsky
bce41fac94
Use new uv_fs_ apis
This will cause master to be unstable for a while as we replace existing eio
calls with uv_fs calls.
14 years ago
Peter Bright
0110c90382
Upgrade to 0.9.8r.
Build in Win32.
14 years ago
Bert Belder
9728723508
node_crypto: interface with libuv, not libev
14 years ago
Glen Low
04122ad2d3
crypto: PBKDF2 function from OpenSSL
14 years ago
Tom Hughes
421b6e89aa
crypto: fix incorrect ssl shutdown check
14 years ago
Tom Hughes
94db871ecf
crypto: fix incorrect ssl shutdown check
14 years ago
Fedor Indutny
9010f5fbab
Add support for TLS SNI
Fixes #1411
14 years ago
SAWADA Tadashi
d3a84bea7b
Fix crypto encryption/decryption with Base64.
Fixes #738 .
Fixes #1205 .
14 years ago
Stefan Bühler
db993956d6
Fix crypto hmac to accept binary keys + add test cases from rfc 2202 and 4231
Fixes #324 .
Fixes #1027 .
Instead of converting buffers to strings and back again to char array
directly use the buffer data in hmac_init (same as in hmac_update).
14 years ago
SAWADA Tadashi
e357acc55b
Fix crypto encryption/decryption with Base64.
Fixes #738 .
Fixes #1205 .
14 years ago
Ben Noordhuis
6f0740e67b
crypto: check for SSL_COMP_get_compression_methods()
Function was named SSL_COMP_get_compression_method() (singular)
in OpenSSL 0.9.7 and older.
Fixes #1242 .
14 years ago
Mark Cavage
7c51275bce
Cleanup crypto verify to not print unnecessary errors
14 years ago
Mark Cavage
88552c51ae
Support for signature verification with RSA/DSA public keys
Fixes #1166 .
14 years ago
Ryan Dahl
1d7a46a588
Disabling SSL compression is dependent on OpenSSL version 0.9.8
Fixes #1087 .
14 years ago
Jérémy Lal
f23c45f7f4
Option to disable SSL v2
Fixes #880
14 years ago
Ben Noordhuis
eb4c9ed881
Fix resource leaks in node_crypto.cc
Fixes #1097 .
14 years ago
Ryan Dahl
e83c6959db
Disable compression with OpenSSL.
This improves memory and speed. Users may apply compression in "userland"
above the CryptoStream layer if they desire.
14 years ago
Håvard Stranden
9f0b1a9bc6
Add Diffie-Hellman support to crypto module
Fixes #573
14 years ago
Fedor Indutny
c9b40da368
OpenSSL NPN in node.js
closes #926 .
14 years ago
Theo Schlossnagle
2a88dd3bc1
TLS: Add secureOptions flag
Also, secureOptions flag was added (and passed through) and allows
the context to have all supported SSL_OP_* set via createCredentials.
All SSL_OP_ flags (outside of ALL) have been added to constants.
14 years ago
Ryan Dahl
a7254f3df9
Revert "Disable compression with OpenSSL."
This reverts commit 362785f704
.
14 years ago
Ryan Dahl
362785f704
Disable compression with OpenSSL.
This improves memory and speed. Users may apply compression in "userland"
above the CryptoStream layer if they desire.
14 years ago
Ryan Dahl
5c35dff419
Don't load root certs for each SSL context
14 years ago
Ryan Dahl
55048cdf79
Update copyright headers
14 years ago
Felix Geisendörfer
9d4c5a12f4
Crypto update should only accept strings / buffers
I have seen a lot of people trying to pass objects to crypto's update
functions, assuming that it would somehow serialize the object before
hashing.
In reality, the object was converted to '[object Object]' which was
then hashed, without any error message showing.
This patch modifies the DecodeBytes function (used exclusively by
crypto at this point) to complain when receiving anything but a
string or buffer.
Overall this should be a less-suprising, more robust behavior.
14 years ago
Theo Schlossnagle
2a61e1cd49
without this the server will not advertise support for client certs
Closes GH-774.
14 years ago
Theo Schlossnagle
01a864a29d
TLS: CRL support
Needs more tests.
14 years ago
Ryan Dahl
8cd07bb273
TLS: handle cert chains
14 years ago
Ryan Dahl
56ab929c55
Remove unused parameter from crypto::Handle*Error
14 years ago
Ryan Dahl
519dc2c114
tls: split bio errors from ssl errors
14 years ago
Ryan Dahl
448e0f4394
tls fixes
14 years ago
Ryan Dahl
807fca6803
TLS: Set ssl.receivedShutdown after each read
Closes GH-613.
14 years ago
Ryan Dahl
2ff593ad23
TLS: better error reporting at binding layer
Closes GH-612.
14 years ago
Greg Hughes
1a5e513084
Fix style issues with ext_key_usage patch
Closes GH-586.
14 years ago
Greg Hughes
6c32e155d3
Add ext_key_usage to getPeerCertificate
14 years ago
Tom Hughes
54b1f8028a
Free (ref-counted) private key.
14 years ago
Tom Hughes
b38f4712c4
Fix memory leak in node_crypto.cc.
Both HexDecode and unbase64 allocate buffers, which weren't being freed.
14 years ago
Ryan Dahl
e3d1808ef0
Rename node::SecureStream to node::crypto::Connection
node::SecureStream is definitely not a "stream" in the Node sense. Renaming
it to avoid ambiguity. (Adding namespace to not confuse with some other
Connection object.)
14 years ago
Ryan Dahl
70baeba8a9
Add receivedShutdown() binding
14 years ago
Ryan Dahl
dac4d486ec
Accept Buffers as well as strings for addCert, addKey
14 years ago
Ryan Dahl
6bc9b2ef92
clients without certs are unauthed.
14 years ago