daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,029 Commits
54 Branches
866 Tags
2 GiB
Commit Graph

17 Commits (58a612ea9d2ede45d138174987fd8fae37f5d5d3)

Author SHA1 Message Date
Fedor Indutny 687dfc9875 crypto: separate altname extensions with ", " 
In newly introduced `SafeX509ExtPrint` I forgot to insert separators
between extensions, which lead to the "DNS:...DNS:..." thing for npm.

Fix: iojs/io.js#105
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: https://github.com/iojs/io.js/pull/113.patch
 2014-12-11 00:07:58 +07:00
Fedor Indutny 1bb0aeb8f2 crypto: escape DNS altname 
Vulnerability credit goes to:

    Calvin Liang conradjliang@hotmail.com

Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
PR-URL: ...private
 2014-11-08 02:24:07 +03:00
Adam Lippai 11d57a535c tls: fix encoding in certificate-related functions 
Strings are treated as UTF8 instead of one-byte strings when
names are processed and when OpenSSL's ..._print functions are used.

This commit fixes simple/test-tls-peer-certificate-encoding test.

fix #8366
 2014-09-15 17:42:20 +04:00
Shigeki Ohtsu 0dfedb7127 tls, crypto: add DHE support 
In case of an invalid DH parameter file, it is sliently discarded. To
use auto DH parameter in a server and DHE key length check in a
client, we need to wait for the next release of OpenSSL-1.0.2.

Reviewed-By: Fedor Indutny <fedor@indutny.com>
 2014-08-29 00:36:48 +04:00
Fedor Indutny b3ef289ffb tls: support OCSP on client and server 2014-04-18 02:21:16 +04:00
Fedor Indutny cc4b6e6e58 crypto: clear error in GetPeerCertificate 
fix #6945
 2014-01-26 03:48:36 +04:00
Erik Dubbelboer bb909ad642 tls: add ECDH ciphers support 
Switch test fixtures to 1024 bit keys.
 2013-10-30 08:34:47 +01:00
Michael Thomas 4e4860579e test: rebuild keys without asking for password 2012-05-01 01:08:31 +02:00
Lal Jérémy ef046bf4f6 test: generate 1024-bit keys, pacify openssl 1.0.1 2012-03-22 23:35:22 +01:00
Ryan Dahl 2e40328c82 Extend OpenSSL expiration dates 2011-03-14 11:30:21 -07:00
Theo Schlossnagle 01a864a29d TLS: CRL support 
Needs more tests.
 2011-02-10 00:49:15 -08:00
Ryan Dahl 778fb859c6 New keys, agent1-cert.pem was expired 2011-02-09 18:30:47 -08:00
Greg Hughes 6c32e155d3 Add ext_key_usage to getPeerCertificate 2011-01-27 14:06:40 -08:00
Ryan Dahl 907e569980 Fix expired keys 2011-01-10 16:30:26 -08:00
Ryan Dahl 5d60b06b76 Add 'make test' to test/fixtures/keys/Makefile 2010-12-07 17:13:51 -08:00
Ryan Dahl ee5366a410 Fix CNs for agent keys; can't be the same as CA's CN 
Also add makefile for easy tweaking.
 2010-12-07 16:36:10 -08:00
Ryan Dahl 5b8c62f7d1 Add broken, but detailed TLS verify test 
Plus a bunch of keys.
 2010-12-07 11:53:41 -08:00