lukechilds/node - node - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Ben Noordhuis	4901353b98	crypto: use consistent variable names Code cleanup: don't call a Connection object `p` in some places, `c` in other places and `ss` in yet other places. Let's just call it `conn`. This also fixes about a million style errors in one fell swoop.	12 years ago
Fedor Indutny	8e28193cc2	tls_wrap: DRY ClientHelloParser Share ClientHelloParser code between `tls_wrap.cc` and `node_crypto.cc`. fix #5959	12 years ago
Ben Noordhuis	02cab97490	src: more lint after cpplint tightening Commit `847c6d9` adds a 'project headers before system headers' check to cpplint. Update the files in src/ to make the linter pass again.	12 years ago
Fedor Indutny	8e29ce9f13	src: lint c++ code	12 years ago
Ben Noordhuis	8111ca2f9f	src: const-ify variables in src/node_crypto* No functional changes, just some code tightening. Clean up some style inconsistencies while we are here.	12 years ago
Fedor Indutny	d62c2d975a	tls: share tls tickets key between cluster workers fix #5871	12 years ago
Ben Noordhuis	110a9cd8db	lib, src: upgrade after v8 api change This is a big commit that touches just about every file in the src/ directory. The V8 API has changed in significant ways. The most important changes are: * Binding functions take a const v8::FunctionCallbackInfo<T>& argument rather than a const v8::Arguments& argument. * Binding functions return void rather than v8::Handle<v8::Value>. The return value is returned with the args.GetReturnValue().Set() family of functions. * v8::Persistent<T> no longer derives from v8::Handle<T> and no longer allows you to directly dereference the object that the persistent handle points to. This means that the common pattern of caching oft-used JS values in a persistent handle no longer quite works, you first need to reconstruct a v8::Local<T> from the persistent handle with the Local<T>::New(isolate, persistent) factory method. A handful of (internal) convenience classes and functions have been added to make dealing with the new API a little easier. The most visible one is node::Cached<T>, which wraps a v8::Persistent<T> with some template sugar. It can hold arbitrary types but so far it's exclusively used for v8::Strings (which was by far the most commonly cached handle type.)	12 years ago
Fedor Indutny	212e9cd8c9	tls: session API returns	12 years ago
Fedor Indutny	fa170dd2b2	tls: ignore .shutdown() syscall error Quote from SSL_shutdown man page: The output of SSL_get_error(3) may be misleading, as an erroneous SSL_ERROR_SYSCALL may be flagged even though no error occurred. Also, handle all other errors to prevent assertion in `ClearError()`.	12 years ago
Trevor Norris	0a4ebc3d2c	src: replace Holder() with This() Switch to always use args.This() to retrieve object instance.	12 years ago
Ben Noordhuis	eeb4c3216d	crypto: remove unused ClientHelloParser field	12 years ago
Manav Rathi	d20576165a	tls: expose SSL_CTX_set_timeout via tls.createServer Add the `sessionTimeout` integral value to the list of options recognized by `tls.createServer`. This option will be useful for applications which need frequently establish short-lived TLS connections to the same endpoint. The TLS tickets RFC is an ideal option to reduce the socket setup overhead for such scenarios, but the default ticket timeout value (5 minutes) is too low to be useful.	12 years ago
Trevor Norris	0bba590283	bindings: update api All compile time warnings about using deprecated APIs have been suppressed by updating node's API. Though there are still many function calls that can accept Isolate, and still need to be updated. node_isolate had to be added as an extern variable in node.h and node_object_wrap.h Also a couple small fixes for Error handling. Before v8 3.16.6 the error stack message was lazily written when it was needed, which allowed you to change the message after instantiation. Then the stack would be written with the new message the first time it was accessed. Though that has changed. Now it creates the stack message on instantiation. So setting a different message afterwards won't be displayed. This is not a complete fix for the problem. Getting error without any message isn't very useful.	12 years ago
Fedor Indutny	7845918227	crypto: refactor crypto classes	12 years ago
Fedor Indutny	83d17e509f	crypto: merge Cipher and Decipher	12 years ago
Fedor Indutny	a15cc93ae3	crypto: split crypto classes	12 years ago
Sergey Kholodilov	019ad346e0	crypto: fix ssl error handling Make HandleSSLError() correctly process a zero status code: sometimes it indicates an error and sometimes it doesn't.	12 years ago
Fedor Indutny	8e0c830cd0	tls: async session storage	13 years ago
Ben Noordhuis	7dfa587d18	crypto, tls: make setSNICallback() compatible with domains	13 years ago
Ben Noordhuis	eef57dddf4	core: use proper #include directives	13 years ago
ssuda	fb7348ae06	crypto: add PKCS12/PFX support Fixes #2845.	13 years ago
Ben Noordhuis	ff4a9d381d	core: use proper #include directives	13 years ago
Ben Noordhuis	3415427dbf	tls: mitigate session renegotiation attacks The TLS protocol allows (and sometimes requires) clients to renegotiate the session. However, renegotiation requires a disproportional amount of server-side resources, particularly CPU time, which makes it a potential vector for denial-of-service attacks. To mitigate this issue, we keep track of and limit the number of renegotiation requests over time, emitting an error if the threshold is exceeded.	13 years ago
Ryan Dahl	be67fa7e09	Revert "crypto: add SecureContext.clearOptions() method" API addition needs to go in master. Also openssl-0.9.8k doesn't have SSL_CTX_clear_options(). This reverts commit `6f8839d2ac`.	13 years ago
Ben Noordhuis	6f8839d2ac	crypto: add SecureContext.clearOptions() method SecureContext.setOptions() is backed by SSL_CTX_set_options() which, contrary to what the name suggests, is additive: it doesn't set options, it adds them to the already active options. Hence the need for SecureContext.clearOptions(), which lets you unset active options.	13 years ago
Bert Belder	189dd8f803	Fix line endings and trailing whitespace	13 years ago
koichik	19a855382c	tls: requestCert unusable with Firefox and Chrome Fixes #1516.	13 years ago
Ben Noordhuis	c4eaf7e5a9	crypto: implement randomBytes() and pseudoRandomBytes()	13 years ago
Sean Cunningham	eb99083d0b	tls: add client-side session resumption support	14 years ago
Niclas Hoyer	7b2536a1a2	Added additional properties to getPeerCertificate, now includes subjectAltName, Exponent and Modulus (FOAF+SSL friendly). Patch written by Nathan, http://groups.google.com/group/nodejs/browse_thread/thread/1d42da4cb2e51536	14 years ago
Fedor Indutny	9010f5fbab	Add support for TLS SNI Fixes #1411	14 years ago
Fedor Indutny	759fb36df3	crypto: dispose persistent properties on class destruction	14 years ago
Fedor Indutny	c9b40da368	OpenSSL NPN in node.js closes #926.	14 years ago
Theo Schlossnagle	2a88dd3bc1	TLS: Add secureOptions flag Also, secureOptions flag was added (and passed through) and allows the context to have all supported SSL_OP_* set via createCredentials. All SSL_OP_ flags (outside of ALL) have been added to constants.	14 years ago
Ryan Dahl	5c35dff419	Don't load root certs for each SSL context	14 years ago
Ryan Dahl	55048cdf79	Update copyright headers	14 years ago
Theo Schlossnagle	01a864a29d	TLS: CRL support Needs more tests.	14 years ago
Ryan Dahl	56ab929c55	Remove unused parameter from crypto::Handle*Error	14 years ago
Ryan Dahl	519dc2c114	tls: split bio errors from ssl errors	14 years ago
Ryan Dahl	807fca6803	TLS: Set ssl.receivedShutdown after each read Closes GH-613.	14 years ago
Ryan Dahl	2ff593ad23	TLS: better error reporting at binding layer Closes GH-612.	14 years ago
Ryan Dahl	e3d1808ef0	Rename node::SecureStream to node::crypto::Connection node::SecureStream is definitely not a "stream" in the Node sense. Renaming it to avoid ambiguity. (Adding namespace to not confuse with some other Connection object.)	14 years ago
Ryan Dahl	70baeba8a9	Add receivedShutdown() binding	14 years ago
Ryan Dahl	127f17a0ea	Remove should_verify from C++ - to handle in JS land	14 years ago
Ryan Dahl	28a86c3e56	Remove unnecessary call to X509_STORE_free	14 years ago
Ryan Dahl	504a80dc6d	Rename VerifyPeerError to VerifyError	14 years ago
Ryan Dahl	355936dcde	Implement SecureContext destructor	14 years ago
Ryan Dahl	ea540c94f8	Better verify info	14 years ago
Ryan Dahl	4b947310b2	Move root certs out of JavaScript	14 years ago
Paul Querna	1ce4684a27	Centralize error handling in SecureStream and add a start method, to kick off SSL handshaking, without writing a zero byte buffer	14 years ago

1 2

59 Commits (4901353b982ddbe2820a69c5f7a7abf9f7d6374d)