Skip to content

[v10.x backport] TLS1.3 (and dependent PRs) #27432

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
sam-github wants to merge 21 commits into from
Closed

[v10.x backport] TLS1.3 (and dependent PRs) #27432

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
a868ebe
deps: update OpenSSL upgrade process
sam-github Mar 1, 2019
c80bff3
deps: upgrade openssl sources to 1.1.1b
sam-github Apr 25, 2019
63aa831
deps: openssl-1.1.1b no longer packages .gitignore
sam-github Feb 26, 2019
1cea121
deps: add ARM64 Windows support in openssl
shigeki Feb 23, 2019
c2310c7
deps: add s390 asm rules for OpenSSL-1.1.1
shigeki Mar 7, 2018
f54db0b
deps: update archs files for OpenSSL-1.1.1b
sam-github Apr 25, 2019
f47e208
tls: support changing credentials dynamically
cjihrig Oct 13, 2018
5f5d3c9
tls: get the local certificate after tls handshake
sam-github Nov 8, 2018
4a82835
tls: fix initRead socket argument name
sam-github Dec 19, 2018
78b42fc
tls: do not confuse session and session ID
sam-github Dec 19, 2018
a6635b2
src: use consistent names for JSStream
sam-github Dec 19, 2018
ae7c74c
tls: remove unused ocsp extension parsing
sam-github Dec 19, 2018
6b327e5
src: in-source comments and minor TLS cleanups
sam-github Jan 16, 2019
2d25b65
tls: introduce client 'session' event
sam-github Jan 30, 2019
8c7406f
tls: do not free cert in `.getCertificate()`
addaleax Jan 14, 2019
38838af
src: remove unused TLWrap::EnableTrace()
sam-github Jan 31, 2019
d3c7020
src: organize TLSWrap declarations by parent
sam-github Jan 31, 2019
1c3c9f3
tls: don't shadow the tls global with a local
sam-github Jan 31, 2019
750b906
src: const_cast is necessary for 1.1.1, not 0.9.7
sam-github Jan 31, 2019
5febe41
src: refactor SSLError case statement
sam-github Jan 31, 2019
1f65f18
tls: support "BEGIN TRUSTED CERTIFICATE" for ca:
sam-github Nov 30, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
tls: do not confuse session and session ID 
session ID was named session in C++ and key in JS, Name them after what
they are, as the 'newSession' event docs do.

PR-URL: #25153
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
  • Loading branch information
@sam-github
sam-github committed Apr 29, 2019
commit 78b42fc0df364ec8f57f7e605cf9de8027962dad
4 changes: 2 additions & 2 deletions lib/_tls_wrap.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -214,7 +214,7 @@ function requestOCSPDone(socket) {
}


function onnewsession(key, session) {
function onnewsession(sessionId, session) {
const owner = this[owner_symbol];

if (!owner.server)
Expand All @@ -238,7 +238,7 @@ function onnewsession(key, session) {
};

owner._newSessionPending = true;
if (!owner.server.emit('newSession', key, session, done))
if (!owner.server.emit('newSession', sessionId, session, done))
done();
}

Expand Down
20 changes: 10 additions & 10 deletions src/node_crypto.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1462,20 +1462,20 @@ int SSLWrap<Base>::NewSessionCallback(SSL* s, SSL_SESSION* sess) {
return 0;

// Serialize session
Local<Object> buff = Buffer::New(env, size).ToLocalChecked();
unsigned char* serialized = reinterpret_cast<unsigned char*>(
Buffer::Data(buff));
memset(serialized, 0, size);
i2d_SSL_SESSION(sess, &serialized);
Local<Object> session = Buffer::New(env, size).ToLocalChecked();
unsigned char* session_data = reinterpret_cast<unsigned char*>(
Buffer::Data(session));
memset(session_data, 0, size);
i2d_SSL_SESSION(sess, &session_data);

unsigned int session_id_length;
const unsigned char* session_id = SSL_SESSION_get_id(sess,
&session_id_length);
Local<Object> session = Buffer::Copy(
const unsigned char* session_id_data = SSL_SESSION_get_id(sess,
&session_id_length);
Local<Object> session_id = Buffer::Copy(
env,
reinterpret_cast<const char*>(session_id),
reinterpret_cast<const char*>(session_id_data),
session_id_length).ToLocalChecked();
Local<Value> argv[] = { session, buff };
Local<Value> argv[] = { session_id, session };
w->new_session_wait_ = true;
w->MakeCallback(env->onnewsession_string(), arraysize(argv), argv);

Expand Down