Ben Noordhuis
76ddf06f10
tls: don't use a timer to track renegotiations
...
It makes tls.createSecurePair(null, true) hang until the timer expires.
Using a timer here is silly. Use a timestamp instead.
2012-10-08 02:23:46 +02:00
isaacs
411d46087f
tls: lint
...
cc @indutny >_<
2012-09-25 11:09:39 -07:00
Fedor Indutny
7651228ab2
tls: use slab allocator
2012-09-25 08:37:08 -07:00
Ben Noordhuis
35607f3a2d
tls, https: validate server certificate by default
...
This commit changes the default value of the rejectUnauthorized option from
false to true.
What that means is that tls.connect(), https.get() and https.request() will
reject invalid server certificates from now on, including self-signed
certificates.
There is an escape hatch: if you set the NODE_TLS_REJECT_UNAUTHORIZED
environment variable to the literal string "0", node.js reverts to its
old behavior.
Fixes #3949 .
2012-09-15 00:19:06 +02:00
Fedor Indutny
8e0c830cd0
tls: async session storage
2012-09-05 02:01:54 +04:00
Ben Noordhuis
972cdf82f1
Merge remote-tracking branch 'origin/v0.8'
...
Conflicts:
deps/uv/include/uv.h
src/node_crypto.cc
2012-09-04 15:02:20 +02:00
Shigeki Ohtsu
f347077e78
tls: support unix domain socket/named pipe in tls.connect
2012-08-31 00:23:36 +02:00
Ben Noordhuis
8bec26122d
tls, https: throw exception on missing key/cert
...
Throw an exception in the tls.Server constructor when the options object
doesn't contain either a PFX or a key/certificate combo.
Said change exposed a bug in simple/test-tls-junk-closes-server. Addressed.
Fixes #3941 .
2012-08-29 22:53:07 +02:00
Bert Belder
bf16d9280e
Merge branch 'v0.8'
...
Conflicts:
ChangeLog
deps/openssl/openssl.gyp
src/node_version.h
2012-08-28 02:54:22 +02:00
isaacs
ee200942dd
lint
2012-08-22 11:03:14 -07:00
Ben Noordhuis
badbd1af27
tls: update default cipher list
...
Update the default cipher list from RC4-SHA:AES128-SHA:AES256-SHA
to ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
in order to mitigate BEAST attacks.
The documentation suggested AES256-SHA but unfortunately that's a CBC cipher
and therefore susceptible to attacks.
Fixes #3900 .
2012-08-21 22:27:13 +02:00
Ben Noordhuis
a177f55b0c
Merge remote-tracking branch 'origin/v0.8'
...
Conflicts:
ChangeLog
src/node_version.h
test/message/stdin_messages.out
tools/install.py
2012-08-17 13:05:20 +02:00
Ben Noordhuis
c492d43f48
tls: fix segfault in pummel/test-tls-ci-reneg-attack
...
Commit 4e5fe2d#3840 .
2012-08-13 18:10:26 +02:00
Ben Noordhuis
6b18e88b68
tls: handle multiple CN fields when verifying cert
...
Fixes #3861 .
2012-08-12 21:48:26 +02:00
Fedor Indutny
42c6952edb
tls: pass linting
2012-07-20 22:07:39 +04:00
Fedor Indutny
85185bbbaa
tls: pass linting
2012-07-20 22:07:16 +04:00
Fedor Indutny
92e7433ff9
tls: fix 'hostless' tls connection verification
...
And fix last failing tests
2012-07-20 21:48:59 +04:00
Fedor Indutny
50122fed8a
tls: fix 'hostless' tls connection verification
...
And fix last failing tests
2012-07-20 21:43:12 +04:00
Fedor Indutny
93d496a4ec
tls: revert accidental API change
...
socket.authorizationError should always be string. Also make sni test
pass.
2012-07-20 21:13:54 +04:00
Fedor Indutny
5950db197c
tls: revert accidental API change
...
socket.authorizationError should always be string. Also make sni test
pass.
2012-07-20 21:10:23 +04:00
Fedor Indutny
4aa09d1e0e
tls: localhost is valid against identity-check
2012-07-20 20:51:38 +04:00
Fedor Indutny
0cf235410d
tls: localhost is valid against identity-check
2012-07-20 20:47:05 +04:00
Fedor Indutny
eb2ca10462
tls: veryify server's identity
2012-07-20 01:49:31 +04:00
Fedor Indutny
8ba189b8d3
tls: veryify server's identity
2012-07-20 00:53:36 +04:00
isaacs
3ad07ed0b8
lint
2012-07-11 17:46:28 -07:00
isaacs
424cd5a020
Merge remote-tracking branch 'ry/v0.8' into v0.8-merge
...
Conflicts:
src/node_version.h
2012-07-11 17:38:11 -07:00
Jonas Westerlund
4cfdc57712
Inline timeout function, avoiding declaration in conditional
...
Moving it out would require an anonymous function, or bind(), anyway.
Luckily It's a tiny function. Fixes crash in strict mode.
2012-07-06 19:28:35 -07:00
Fedor Indutny
f210530f46
tls: use slab allocator
2012-07-05 16:06:33 -04:00
Ben Noordhuis
ff552ddbaa
tls: fix off-by-one error in renegotiation check
...
Make CLIENT_RENEG_LIMIT inclusive instead of exclusive, i.e. a limit of 2
means the peer can renegotiate twice, not just once.
Update pummel/test-tls-ci-reneg-attack accordingly and make it less timing
sensitive (and run faster) while we're at it.
2012-06-18 04:31:40 +02:00
Andreas Madsen
1e0ce5d1bd
domain: the EventEmitter constructor is now always called in nodecore
2012-06-15 09:49:05 -07:00
isaacs
9611354f08
lint
2012-05-15 13:03:43 -07:00
isaacs
5164ae3838
Merge remote-tracking branch 'ry/v0.6' into v0.6-merge
...
Conflicts:
ChangeLog
deps/uv/include/uv-private/uv-unix.h
deps/uv/src/unix/core.c
deps/uv/src/unix/sunos.c
deps/v8/src/runtime.cc
doc/api/crypto.markdown
lib/http.js
src/node_version.h
test/gc/test-http-client-timeout.js
wscript
2012-05-15 11:37:34 -07:00
ssuda
fb7348ae06
crypto: add PKCS12/PFX support
...
Fixes #2845 .
2012-05-14 17:12:59 +02:00
fukayatsu
0f95a93a2c
tls: remove duplicate line
2012-04-16 21:38:26 +02:00
Yosef Dinerstein
d7c96cf289
tls: reduce memory overhead, reuse buffer
...
Instead of allocating a new 64KB buffer each time when checking if there is
something to transform, continue to use the same buffer. Once the buffer is
exhausted, allocate a new buffer. This solves the problem of huge allocations
when small fragments of data are processed, but will also continue to work
well with big pieces of data.
2012-03-29 17:17:15 +02:00
Shigeki Ohtsu
e1199fa335
tls: fix CryptoStream.setKeepAlive()
2012-03-23 00:20:46 +01:00
ssuda
9b672bcaa2
tls: parsing multiple values of a key in ssl certificate
...
Fixes #2864 .
2012-03-10 23:43:16 +09:00
Dmitry Nizovtsev
1e9bcf26ce
net, http, https: add localAddress option
...
Binds to a local address before making the outgoing connection.
2012-03-06 13:35:49 +01:00
isaacs
959a19e118
lint
2012-03-03 23:48:57 -08:00
Jimb Esser
78db18739a
tls: proxy set(Timeout|NoDelay|KeepAlive) methods
...
- fix crash calling ClientRequest::setKeepAlive if the underlying request is
HTTPS.
- fix discarding of callback parameter when calling ClientRequest::setTimeout on
HTTPS requests.
- fix discarding of noDelay parameter when calling ClientRequest::setNoDelay on
HTTPS requests.
2012-03-03 00:28:43 +01:00
Blake Miner
7343f8e776
tls: add honorCipherOrder option to tls.createServer()
...
Documented how to mitigate BEAST attacks.
2012-02-29 02:16:08 +01:00
Maciej Małecki
da908364a8
tls http https: don't pollute user's options object
2012-02-20 21:58:00 +01:00
isaacs
0cdf85e28d
Lint all the JavaScripts.
2012-02-18 15:34:57 -08:00
isaacs
31721da4b1
Merge remote-tracking branch 'ry/v0.6' into v0.6-merge
...
Conflicts:
AUTHORS
ChangeLog
Makefile
doc/about/index.html
doc/api/tls.markdown
doc/community/index.html
doc/index.html
doc/logos/index.html
doc/template.html
lib/http.js
lib/tls.js
src/node_version.h
src/platform_win32.cc
test/simple/test-tls-connect-given-socket.js
2012-02-18 09:46:58 -08:00
Ben Noordhuis
3415427dbf
tls: mitigate session renegotiation attacks
...
The TLS protocol allows (and sometimes requires) clients to renegotiate the
session. However, renegotiation requires a disproportional amount of server-side
resources, particularly CPU time, which makes it a potential vector for
denial-of-service attacks.
To mitigate this issue, we keep track of and limit the number of renegotiation
requests over time, emitting an error if the threshold is exceeded.
2012-02-16 18:15:21 +01:00
koichik
b19b8836c3
tls: Allow establishing secure connection on the existing socket
2012-02-14 11:53:05 -08:00
Ben Noordhuis
e806ad39d0
net, tls, http: remove socket.ondrain
...
Replace the ondrain hack with a regular 'drain' listener. Speeds up the
bytes/1024 http benchmark by about 1.2%.
2012-01-24 15:57:50 +01:00
Fedor Indutny
667aae596c
Merge branch 'v0.6'
...
Conflicts:
ChangeLog
doc/template.html
lib/cluster.js
lib/http.js
lib/tls.js
src/node.h
src/node_version.h
test/simple/test-cluster-kill-workers.js
2012-01-24 00:30:28 +06:00
koichik
534df2f8d2
tls: fix double 'error' events on HTTPS Requests
...
Fixes #2549 .
2012-01-17 17:09:27 +01:00
koichik
c1a63a9e90
tls: Allow establishing secure connection on the existing socket
...
This is necessary to use SSL over HTTP tunnels.
Refs #2259 , #2474 .
Fixes #2489 .
2012-01-09 02:31:46 +01:00
Maciej Małecki
4b4d059791
tls: make tls.connect accept port and host in options
...
Previous API used form:
tls.connect(443, "google.com", options, ...)
now it's replaced with:
tls.connect({port: 443, host: "google.com", ...}, ...)
It simplifies argument parsing in `tls.connect` and makes the API
consistent with other parts.
Fixes #1983 .
2012-01-08 11:12:56 +01:00
koichik
b962ff35dd
tls: fix test-https-client-reject fails
...
Fixes #2417 .
2011-12-27 17:33:23 +09:00
Ryan Dahl
f7f8af8420
Merge remote branch 'origin/v0.6'
...
Conflicts:
Makefile
lib/_debugger.js
2011-12-21 12:17:23 -08:00
koichik
07c27e040e
tls: Fix node swallows openssl error on request
...
Fixes #2308 .
Fixes #2246 .
2011-12-21 19:48:15 +01:00
Ben Noordhuis
7a7f1062bf
tls: remove duplicate assignment
2011-12-21 15:01:07 +01:00
koichik
f8c335d0ca
tls: enable rejectUnauthorized option to client
...
Fiexes #2247 .
2011-12-07 22:47:06 +09:00
koichik
5451ba3aa8
tls: fix https with fs.openReadStream hangs
...
Fixes #2185 .
Fixes #2198 .
2011-11-27 16:31:45 +09:00
Ben Noordhuis
5e3b0095de
tls: make cipher list configurable
...
options.ciphers existed but didn't work, the cipher list was effectively
hard-coded to RC4-SHA:AES128-SHA:AES256-SHA.
Fixes #2066 .
2011-11-17 00:01:41 +01:00
koichik
f53d092a2a
tls, https: add passphrase option
...
Fixes #1925 .
2011-10-31 17:36:43 +09:00
koichik
cbcaeedba9
tls: add address(), remoteAddress/remotePort
...
Fixes #758 .
Fixes #1055 .
2011-10-27 00:28:16 +09:00
koichik
0e8a55d2a2
tls: does not emit 'end' from EncryptedStream
...
de091684cdf9d4#1936 .
2011-10-27 00:18:29 +09:00
Ryan Dahl
493d3b9f7c
Merge remote branch 'origin/v0.4'
...
Conflicts:
ChangeLog
Makefile
deps/libev/wscript
doc/index.html
doc/template.html
lib/net.js
src/node_version.h
src/platform_cygwin.cc
test/pummel/test-net-write-callbacks.js
test/simple/test-buffer.js
2011-10-21 18:02:30 -07:00
Ryan Dahl
de09168e5a
Emit 'end' from crypto streams on close
...
Fixes test/simple/test-tls-peer-certificate.js on Windows
Patch from bnoordhuis.
See also 75a0cf970f
2011-10-21 13:16:41 -07:00
koichik
68cc173c6d
tls: The TLS API is inconsistent with the TCP API
...
Add 'secureConnect' event to tls.CleartextStream.
Fixes #1467 .
2011-10-15 19:27:21 +09:00
koichik
19a855382c
tls: requestCert unusable with Firefox and Chrome
...
Fixes #1516 .
2011-10-15 00:54:46 +09:00
koichik
4cdf9d4158
tls: Improve TLS flow control
...
Fixes #1775 .
2011-09-30 15:44:45 +09:00
Ben Noordhuis
243c218c7a
tls: remove superfluous setOptions() call
2011-09-19 16:28:22 +02:00
Sean Cunningham
eb99083d0b
tls: add client-side session resumption support
2011-09-07 20:01:14 +02:00
koichik
6f60683802
tls: x509 certificate subject parsing fail
...
Fixes #1568 .
2011-08-31 03:47:23 +09:00
Fedor Indutny
942f8b5afb
Add NPN and SNI documentation.
...
Fixes #1420 .
Fixes #1426 .
2011-08-10 09:44:35 -07:00
Fedor Indutny
9010f5fbab
Add support for TLS SNI
...
Fixes #1411
2011-07-29 16:57:28 -07:00
Robert Mustacchi
de0b8d601c
jslint cleanup: path.js, readline.js, repl.js, tls.js, tty_win32.js, url.js
2011-07-29 11:58:02 -07:00
Ryan Dahl
041c983290
Merge branch 'v0.4'
...
Conflicts:
deps/libev/wscript
doc/api/modules.markdown
2011-07-14 15:52:08 -07:00
Stefan Rusu
901ebed8ff
Fixes #1304 . The Connection instance may be destroyed by abort() when process.nextTick is executed.
2011-07-15 00:32:46 +09:00
Ryan Dahl
59274e8a33
Merge branch 'v0.4'
...
Conflicts:
lib/crypto.js
lib/tls.js
2011-05-20 10:29:16 -07:00
Ryan Dahl
9c7f89bf56
CryptoStream.prototype.readyState shoudn't reference fd
...
Fixes #1069
2011-05-20 10:20:22 -07:00
Fedor Indutny
21724ecaec
Share SSL context between server connections
...
Fixes #1073 .
2011-05-19 14:45:42 -07:00
Ryan Dahl
85bc8d02fa
Merge branch 'v0.4'
...
Conflicts:
src/node_crypto.cc
2011-05-16 19:29:02 -07:00
Felix Geisendörfer
1fde5f51b4
Make https 'timeout' events bubble up
...
Also adds a test case for it.
2011-05-14 13:38:04 -07:00
isaacs
205b9beb6b
Merge branch 'v0.4'
...
Conflicts:
lib/tls.js
lib/url.js
src/node_version.h
test/simple/test-buffer.js
test/simple/test-url.js
2011-05-07 20:38:32 -07:00
Ryan Dahl
55bff5bab9
TLS: simplify logic
2011-05-06 17:06:36 -07:00
Ryan Dahl
75a0cf970f
cleartextstream.destroy() should destroy socket.
...
This fixes a critical bug see in MJR's production. Very difficult to build a
test case. Sometimes HTTPS server gets sockets that are hanging in a
half-duplex state.
2011-05-02 15:03:50 -07:00
Fedor Indutny
c9b40da368
OpenSSL NPN in node.js
...
closes #926 .
2011-04-19 11:32:26 -07:00
Ryan Dahl
9e6498d5fa
Merge branch 'v0.4'
...
Conflicts:
src/node_version.h
2011-04-18 18:58:16 -07:00
Ryan Dahl
bb621f7c2e
CryptoStream.write returns false when queue > 128kb
...
Previously the return value of write was dependent on if it was paused or
not which was causing a strange error demoed in the previous commit.
Fixes #892
2011-04-13 20:32:46 -07:00
Ryan Dahl
050bbf0bc4
TLS use RC4-SHA by default
2011-04-13 18:43:08 -07:00
Theo Schlossnagle
d6f5b8a2a6
allow setting of ciphers in credentials
...
fixes #873
2011-04-13 18:35:39 -07:00
Theo Schlossnagle
2a88dd3bc1
TLS: Add secureOptions flag
...
Also, secureOptions flag was added (and passed through) and allows
the context to have all supported SSL_OP_* set via createCredentials.
All SSL_OP_ flags (outside of ALL) have been added to constants.
2011-04-13 18:25:33 -07:00
Theo Schlossnagle
d0e84b0088
Pass secureProtocol through on tls.Server creation
...
The secureProtocol option to building the SSL context was not being properly
passed through in the credentials in the tls code. This is fixed.
2011-04-13 17:49:50 -07:00
Ryan Dahl
c0b461d9a1
Increase TLS pool size for perf increase
2011-03-28 17:37:14 -07:00
Ryan Dahl
7e28630f5e
Fix GH-820. CryptoStream.end shouldn't throw if not writable
...
This matches the behavior of net.Socket
2011-03-21 14:36:49 -07:00
Ryan Dahl
55048cdf79
Update copyright headers
2011-03-14 17:37:05 -07:00
Theo Schlossnagle
e3925b741c
TLS: Finer locks on _cycle.
...
Data being sent out of order.
2011-03-14 12:05:25 -07:00
Ryan Dahl
62f06fb885
CryptoStream.prototype.destroySoon shouldn't die if not writable
2011-03-09 10:53:06 -08:00
Ryan Dahl
a2f498a5ef
Revert "Add extra debug print statement to tls.js"
...
This reverts commit 340291c085
2011-02-24 15:59:40 -08:00
Ryan Dahl
340291c085
Add extra debug print statement to tls.js
2011-02-23 16:38:30 -08:00
Ryan Dahl
ab144f4843
Add TODO item
2011-02-23 04:43:13 -08:00
Ryan Dahl
c2a62951f6
TLS sockets should not be writable after 'end'
...
Closes GH-694.
2011-02-19 18:25:15 -08:00
Ryan Dahl
19b4c27ebf
TLS: Make _cycle reentrant.
2011-02-16 18:10:53 -08:00
Ryan Dahl
c365f56061
https was missing 'end' event sometimes
...
Closes GH-671.
2011-02-15 17:13:53 -08:00
Theo Schlossnagle
01a864a29d
TLS: CRL support
...
Needs more tests.
2011-02-10 00:49:15 -08:00
Ryan Dahl
dafd6d9137
TLS: Don't give up if you can't write 0 bytes
2011-02-09 13:27:23 -08:00
Ryan Dahl
a48a075535
better debug messages in net and tls
2011-02-09 10:23:26 -08:00
Ryan Dahl
9de5043b50
tls: only emit data after 'secure' event
2011-02-08 17:29:33 -08:00
Ryan Dahl
448e0f4394
tls fixes
2011-02-07 21:11:43 -08:00
Ryan Dahl
f6e5b8986f
Clean up
2011-02-03 12:28:20 -08:00
Ryan Dahl
97f7c06451
TLS: fix throttling
...
Re-enable test-https-large-response.js
Closes GH-614.
2011-02-03 12:20:19 -08:00
Ryan Dahl
3e58696c07
TLS: Simplify error handling
2011-02-02 15:39:03 -08:00
Ryan Dahl
41b4ec7952
TLS: flush buffer before destroy
...
Also disable test-https-large-response.js. Covered by
test/simple/test-tls-throttle.js
2011-02-02 15:34:21 -08:00
Ryan Dahl
e6f14d6df5
(suck, blow) -> (pull, push)
2011-02-02 14:51:53 -08:00
Ryan Dahl
2ff593ad23
TLS: better error reporting at binding layer
...
Closes GH-612.
2011-02-01 14:14:50 -08:00
Ryan Dahl
3e5b568504
TLS: Add _pendingBytes()
2011-01-31 17:29:11 -08:00
Ryan Dahl
45b30a879b
tls: superficial clean up
2011-01-31 16:37:29 -08:00
Ryan Dahl
df5d5d6342
Fix option parsing in tls.connect()
2011-01-27 19:25:08 -08:00
Ryan Dahl
bfb6a67d60
Another fix for process.assert
2011-01-27 16:59:28 -08:00
Ryan Dahl
9e976abad9
lint
2011-01-24 10:55:30 -08:00
Alexis Sellier
66b418d6f3
make 'readyState' available to CryptoStream
2011-01-18 22:22:50 -08:00
Ryan Dahl
2f6cb66009
Add setEncoding to CryptoStream
2011-01-18 18:30:12 -08:00
Ryan Dahl
4d0416caf6
Add setNoDelay to cryptostream
2011-01-18 17:56:52 -08:00
Ryan Dahl
2e76cd382f
TLS: Forward errors to cleartext
...
But only after control has been inverted.
2011-01-07 10:58:13 -08:00
Ryan Dahl
5a05992155
Lint
2011-01-06 16:06:27 -08:00
Ryan Dahl
2957382991
Implement new stream method, destroySoon
...
Still missing on fs.WriteStream
2011-01-04 11:22:19 -08:00
Ryan Dahl
94f8368cf9
First pass at new https server
2011-01-03 15:51:05 -08:00
Ryan Dahl
e4dd5cd6fd
NODE_DEBUG uses strings instead of bitflags
2011-01-03 15:41:58 -08:00
Ryan Dahl
8db0bbe0dc
Add callback to CryptoStream.write
2010-12-20 11:08:51 -08:00
Ryan Dahl
41d73e02a2
cleartext.socket always exists
2010-12-18 16:38:32 -08:00
Ryan Dahl
bb27885251
TLS: check we're not disconnected before Cleartext blow
2010-12-18 15:34:10 -08:00
Ryan Dahl
3cf2cbf904
Parse issuer and subject from CryptoStream.getPeerCertificate
2010-12-18 11:26:54 -08:00
Ryan Dahl
a59483bd1d
TLS: server should die on junk
2010-12-11 02:45:38 -08:00
Ryan Dahl
e3d1808ef0
Rename node::SecureStream to node::crypto::Connection
...
node::SecureStream is definitely not a "stream" in the Node sense. Renaming
it to avoid ambiguity. (Adding namespace to not confuse with some other
Connection object.)
2010-12-11 02:13:29 -08:00
Ryan Dahl
6636bfaa0a
TLS: Simplify code from suck and blow
2010-12-11 01:42:55 -08:00
Ryan Dahl
66767edf12
Add CryptoStream.destroy()
2010-12-11 01:21:25 -08:00
Ryan Dahl
953561ab06
Factor out CryptoStream.end; support data on end()
2010-12-11 01:18:45 -08:00
Ryan Dahl
dc65cbd2e9
Factor out some _cycle functionality into Cleartext and EncrypteStreams
2010-12-10 22:29:46 -08:00
Ryan Dahl
70baeba8a9
Add receivedShutdown() binding
2010-12-10 22:09:46 -08:00
Ryan Dahl
d4f1ab00d2
Add EncryptedStream and CleartextStream classes
...
Towards half-closed secure sockets.
2010-12-10 18:25:23 -08:00
Ryan Dahl
c444293be9
Start a simple TLS client verification test
2010-12-10 18:02:58 -08:00
Ryan Dahl
5138992f3c
Add some verification code to tls.connect()
2010-12-09 02:46:57 -08:00
Ryan Dahl
a473b8dafb
Move getPeerCertificate and getCipher to CryptoStream
2010-12-09 02:31:22 -08:00
Ryan Dahl
2ca63c8f79
Initial implementation of tls.connect()
...
Seems to work checkout test/disabled/tls-client.js
Type "GET /" after connected.
2010-12-09 00:38:12 -08:00
Ryan Dahl
137c361517
pair.cleartext, pair.encrypted now instances of tls.CryptoStream
2010-12-09 00:10:27 -08:00
Ryan Dahl
0ea0b921b7
TLS: emit 'secureConnection' instead of two events
2010-12-08 12:05:19 -08:00
Ryan Dahl
a952231640
remove old todo
2010-12-08 11:55:13 -08:00
Ryan Dahl
13b14300b9
TLS: emit 'end' on both streams
2010-12-08 11:51:41 -08:00
Ryan Dahl
a0c55dfe09
TLS: don't use events when control hasn't been inverted
2010-12-08 11:46:19 -08:00
Ryan Dahl
0ec57ea34c
Some TLS clean ups
2010-12-08 11:27:17 -08:00
Ryan Dahl
5b8c62f7d1
Add broken, but detailed TLS verify test
...
Plus a bunch of keys.
2010-12-07 11:53:41 -08:00
Ryan Dahl
0b0faceb19
Move securepair stuff into tls.js
2010-12-05 18:19:18 -08:00
Ryan Dahl
5bca100afe
Server must not request cert.
2010-12-05 18:13:20 -08:00
Ryan Dahl
dd53ceebe4
lint
2010-12-01 20:59:06 -08:00
