github/node-v0.x-archive
1
1
Fork 0
mirror of https://github.com/nodejs/node-v0.x-archive.git synced 2026-04-28 03:01:10 -04:00
Code Issues Packages Projects Releases Wiki Activity
7,051 Commits 143 Branches 263 Tags
v0.8.17
Commit Graph

39 Commits

Author SHA1 Message Date
Ben Noordhuis
7dfa587d18 crypto, tls: make setSNICallback() compatible with domains 2012-09-03 23:33:02 +02:00
isaacs
5164ae3838 Merge remote-tracking branch 'ry/v0.6' into v0.6-merge 
Conflicts:
	ChangeLog
	deps/uv/include/uv-private/uv-unix.h
	deps/uv/src/unix/core.c
	deps/uv/src/unix/sunos.c
	deps/v8/src/runtime.cc
	doc/api/crypto.markdown
	lib/http.js
	src/node_version.h
	test/gc/test-http-client-timeout.js
	wscript
 2012-05-15 11:37:34 -07:00
ssuda
fb7348ae06 crypto: add PKCS12/PFX support 
Fixes #2845.
 2012-05-14 17:12:59 +02:00
Ben Noordhuis
ff4a9d381d core: use proper #include directives 2012-03-10 00:14:14 +01:00
Ben Noordhuis
3415427dbf tls: mitigate session renegotiation attacks 
The TLS protocol allows (and sometimes requires) clients to renegotiate the
session. However, renegotiation requires a disproportional amount of server-side
resources, particularly CPU time, which makes it a potential vector for
denial-of-service attacks.

To mitigate this issue, we keep track of and limit the number of renegotiation
requests over time, emitting an error if the threshold is exceeded.
 2012-02-16 18:15:21 +01:00
Ryan Dahl
be67fa7e09 Revert "crypto: add SecureContext.clearOptions() method" 
API addition needs to go in master. Also openssl-0.9.8k doesn't have
SSL_CTX_clear_options().

This reverts commit 6f8839d2ac.
 2012-01-06 12:01:58 -08:00
Ben Noordhuis
6f8839d2ac crypto: add SecureContext.clearOptions() method 
SecureContext.setOptions() is backed by SSL_CTX_set_options() which, contrary to
what the name suggests, is additive: it doesn't set options, it adds them to the
already active options.

Hence the need for SecureContext.clearOptions(), which lets you unset active
options.
 2012-01-02 12:02:07 +01:00
Bert Belder
189dd8f803 Fix line endings and trailing whitespace 2011-11-04 16:24:34 +01:00
koichik
19a855382c tls: requestCert unusable with Firefox and Chrome 
Fixes #1516.
 2011-10-15 00:54:46 +09:00
Ben Noordhuis
c4eaf7e5a9 crypto: implement randomBytes() and pseudoRandomBytes() 2011-09-27 20:27:53 +02:00
Sean Cunningham
eb99083d0b tls: add client-side session resumption support 2011-09-07 20:01:14 +02:00
Niclas Hoyer
7b2536a1a2 Added additional properties to getPeerCertificate, now includes subjectAltName, Exponent and Modulus (FOAF+SSL friendly). 
Patch written by Nathan,
http://groups.google.com/group/nodejs/browse_thread/thread/1d42da4cb2e51536
 2011-09-03 00:49:37 +09:00
Fedor Indutny
9010f5fbab Add support for TLS SNI 
Fixes #1411
 2011-07-29 16:57:28 -07:00
Fedor Indutny
759fb36df3 crypto: dispose persistent properties on class destruction 2011-07-28 15:16:04 +02:00
Fedor Indutny
c9b40da368 OpenSSL NPN in node.js 
closes #926.
 2011-04-19 11:32:26 -07:00
Theo Schlossnagle
2a88dd3bc1 TLS: Add secureOptions flag 
Also, secureOptions flag was added (and passed through) and allows
the context to have all supported SSL_OP_* set via createCredentials.
All SSL_OP_ flags (outside of ALL) have been added to constants.
 2011-04-13 18:25:33 -07:00
Ryan Dahl
5c35dff419 Don't load root certs for each SSL context 2011-03-31 23:40:19 -07:00
Ryan Dahl
55048cdf79 Update copyright headers 2011-03-14 17:37:05 -07:00
Theo Schlossnagle
01a864a29d TLS: CRL support 
Needs more tests.
 2011-02-10 00:49:15 -08:00
Ryan Dahl
56ab929c55 Remove unused parameter from crypto::Handle*Error 2011-02-09 01:30:31 -08:00
Ryan Dahl
519dc2c114 tls: split bio errors from ssl errors 2011-02-08 21:15:55 -08:00
Ryan Dahl
807fca6803 TLS: Set ssl.receivedShutdown after each read 
Closes GH-613.
 2011-02-01 14:40:17 -08:00
Ryan Dahl
2ff593ad23 TLS: better error reporting at binding layer 
Closes GH-612.
 2011-02-01 14:14:50 -08:00
Ryan Dahl
e3d1808ef0 Rename node::SecureStream to node::crypto::Connection 
node::SecureStream is definitely not a "stream" in the Node sense. Renaming
it to avoid ambiguity. (Adding namespace to not confuse with some other
Connection object.)
 2010-12-11 02:13:29 -08:00
Ryan Dahl
70baeba8a9 Add receivedShutdown() binding 2010-12-10 22:09:46 -08:00
Ryan Dahl
127f17a0ea Remove should_verify from C++ - to handle in JS land 2010-12-01 12:47:49 -08:00
Ryan Dahl
28a86c3e56 Remove unnecessary call to X509_STORE_free 2010-12-01 09:27:13 -08:00
Ryan Dahl
504a80dc6d Rename VerifyPeerError to VerifyError 2010-12-01 09:26:59 -08:00
Ryan Dahl
355936dcde Implement SecureContext destructor 2010-11-30 18:19:54 -08:00
Ryan Dahl
ea540c94f8 Better verify info 2010-11-30 18:19:54 -08:00
Ryan Dahl
4b947310b2 Move root certs out of JavaScript 2010-11-30 18:19:54 -08:00
Paul Querna
1ce4684a27 Centralize error handling in SecureStream 
and add a start method, to kick off SSL handshaking, without writing a zero
byte buffer
 2010-10-25 17:26:03 -07:00
Ryan Dahl
9911629de0 Fix style in node_crypto.cc 2010-09-28 19:17:09 -07:00
Ryan Dahl
163485c8aa Rename some SecureStream methods 2010-09-28 11:38:27 -07:00
Peter Griess
792c7caf40 Coverity fixes: src/node_crypto 2010-07-12 13:20:31 -07:00
Rhys Jones
afce4c3ae8 Added default CAs, updated openssl verify behaviour, added crypto and https documentation 2010-05-04 14:12:54 -07:00
Paulo Matias
430cfd1825 Read all records to always empty the OpenSSL reading buffer. 2010-05-03 16:11:42 -07:00
Rhys Jones
80174392bb Moved Credentials into crypto module. Added node_crypto into crypto module 2010-04-12 21:25:16 +01:00
Rhys Jones
fb3a9cd0d8 Initial openssl support for net2 2010-04-02 17:13:54 -07:00