daohualiuxiang
/
node
mirror of https://github.com/nodejs/node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
16,011 Commits
54 Branches
866 Tags
2 GiB
Commit Graph

8 Commits (81fef918d5a8a9aa297b78ade5e58d6caa3176e6)

Author SHA1 Message Date
Fedor Indutny 550c2638c0 tls: use `SSL_set_cert_cb` for async SNI/OCSP 
Do not enable ClientHello parser for async SNI/OCSP. Use new
OpenSSL-1.0.2's API `SSL_set_cert_cb` to pause the handshake process and
load the cert/OCSP response asynchronously. Hopefuly this will make
whole async SNI/OCSP process much faster and will eventually let us
remove the ClientHello parser itself (which is currently used only for
async session, see #1462 for the discussion of removing it).

NOTE: Ported our code to `SSL_CTX_add1_chain_cert` to use
`SSL_CTX_get0_chain_certs` in `CertCbDone`. Test provided for this
feature.

Fix: https://github.com/iojs/io.js/issues/1423
PR-URL: https://github.com/iojs/io.js/pull/1464
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
 2015-05-01 16:56:55 +02:00
Fedor Indutny b3ef289ffb tls: support OCSP on client and server 2014-04-18 02:21:16 +04:00
Erik Dubbelboer bb909ad642 tls: add ECDH ciphers support 
Switch test fixtures to 1024 bit keys.
 2013-10-30 08:34:47 +01:00
Ryan Dahl 2e40328c82 Extend OpenSSL expiration dates 2011-03-14 11:30:21 -07:00
Ryan Dahl 778fb859c6 New keys, agent1-cert.pem was expired 2011-02-09 18:30:47 -08:00
Ryan Dahl 907e569980 Fix expired keys 2011-01-10 16:30:26 -08:00
Ryan Dahl ee5366a410 Fix CNs for agent keys; can't be the same as CA's CN 
Also add makefile for easy tweaking.
 2010-12-07 16:36:10 -08:00
Ryan Dahl 5b8c62f7d1 Add broken, but detailed TLS verify test 
Plus a bunch of keys.
 2010-12-07 11:53:41 -08:00