daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
8,156 Commits
52 Branches
862 Tags
1.9 GiB
Commit Graph

4 Commits (808b7ada07dfcf293ec40900240329efa7dc841c)

Author SHA1 Message Date
Ben Noordhuis 14a4245051 net: don't suppress ECONNRESET 
Let ECONNRESET network errors bubble up so clients can detect them.

Commit c4454d2e suppressed and turned them into regular end-of-stream
events to fix the then-failing simple/test-regress-GH-1531 test. See
also issue #1571 for (scant) details.

It turns out that special handling is no longer necessary. Remove the
special casing and let the error bubble up naturally.

pummel/test-https-ci-reneg-attack and pummel/test-tls-ci-reneg-attack
are updated because they expected an EPIPE error code that is now an
ECONNRESET. Suppression of the ECONNRESET prevented the test from
detecting that the connection has been severed whereupon the next
write would fail with an EPIPE.

Fixes #1776.
 2013-02-11 12:31:21 -08:00
Ben Noordhuis ff552ddbaa tls: fix off-by-one error in renegotiation check 
Make CLIENT_RENEG_LIMIT inclusive instead of exclusive, i.e. a limit of 2
means the peer can renegotiate twice, not just once.

Update pummel/test-tls-ci-reneg-attack accordingly and make it less timing
sensitive (and run faster) while we're at it.
 2012-06-18 04:31:40 +02:00
isaacs 0cdf85e28d Lint all the JavaScripts. 2012-02-18 15:34:57 -08:00
Ben Noordhuis 3415427dbf tls: mitigate session renegotiation attacks 
The TLS protocol allows (and sometimes requires) clients to renegotiate the
session. However, renegotiation requires a disproportional amount of server-side
resources, particularly CPU time, which makes it a potential vector for
denial-of-service attacks.

To mitigate this issue, we keep track of and limit the number of renegotiation
requests over time, emitting an error if the threshold is exceeded.
 2012-02-16 18:15:21 +01:00