daohualiuxiang/node - node - Gitea: Git with a cup of tea

Commit Graph

Author	SHA1	Message	Date
Ben Noordhuis	c1bf89df2e	doc: tls: ECDH ciphers are not supported	2013-06-27 01:37:39 +02:00
Daniel G. Taylor	30cb9fec91	tls: Add `secureProtocol` docs Add `secureProtocol` parameter docs to the tls.connect method.	2013-05-28 21:40:52 +02:00
Ben Noordhuis	cfd0dca9ae	crypto: make getCiphers() return non-SSL ciphers Commit `f53441a` added crypto.getCiphers() as a function that returns the names of SSL ciphers. Commit `14a6c4e` then added crypto.getHashes(), which returns the names of digest algorithms, but that creates a subtle inconsistency: the return values of crypto.getHashes() are valid arguments to crypto.createHash() but that is not true for crypto.getCiphers() - the returned values are only valid for SSL/TLS functions. Rectify that by adding tls.getCiphers() and making crypto.getCiphers() return proper cipher names.	2013-03-25 18:42:07 +01:00
Andy Burke	595b5974d7	Add bytesWritten to tls.CryptoStream This adds a proxy for bytesWritten to the tls.CryptoStream. This change makes the connection object more similar between HTTP and HTTPS requests in an effort to avoid confusion. See issue #4650 for more background information.	2013-01-24 16:48:49 -08:00
Fedor Indutny	82f1d340c1	tls: make slab buffer's size configurable see #4636	2013-01-24 08:47:07 -08:00
Ben Noordhuis	5b65638124	tls, https: add tls handshake timeout Don't allow connections to stall indefinitely if the SSL/TLS handshake does not complete. Adds a new tls.Server and https.Server configuration option, handshakeTimeout. Fixes #4355.	2012-12-06 17:39:24 +01:00
Nathan Rajlich	4b238b4c2a	Merge remote-tracking branch 'origin/v0.8' Conflicts: AUTHORS ChangeLog deps/uv/test/runner-win.c doc/api/process.markdown lib/repl.js src/node_crypto.cc src/node_version.h	2012-10-13 16:16:56 -07:00
Ben Noordhuis	0ad005852c	https: fix renegotation attack protection Listen for the 'clientError' event that is emitted when a renegotation attack is detected and close the connection. Fixes test/pummel/test-https-ci-reneg-attack.js	2012-10-09 16:38:00 +02:00
Andreas Madsen	be5a8e24c2	doc: consistent use of the callback argument	2012-10-08 22:58:11 +02:00
Ben Noordhuis	35607f3a2d	tls, https: validate server certificate by default This commit changes the default value of the rejectUnauthorized option from false to true. What that means is that tls.connect(), https.get() and https.request() will reject invalid server certificates from now on, including self-signed certificates. There is an escape hatch: if you set the NODE_TLS_REJECT_UNAUTHORIZED environment variable to the literal string "0", node.js reverts to its old behavior. Fixes #3949.	2012-09-15 00:19:06 +02:00
Fedor Indutny	8e0c830cd0	tls: async session storage	2012-09-05 02:01:54 +04:00
Ben Noordhuis	badbd1af27	tls: update default cipher list Update the default cipher list from RC4-SHA:AES128-SHA:AES256-SHA to ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH in order to mitigate BEAST attacks. The documentation suggested AES256-SHA but unfortunately that's a CBC cipher and therefore susceptible to attacks. Fixes #3900.	2012-08-21 22:27:13 +02:00
Ben Kelly	c6185c8484	doc: Improve cross-linking in API docs markdown Cross-link EventEmitter references in API docs to events.html Fix broken cross-reference links with wrong anchor names in API docs.	2012-06-15 09:44:37 -07:00
isaacs	5164ae3838	Merge remote-tracking branch 'ry/v0.6' into v0.6-merge Conflicts: ChangeLog deps/uv/include/uv-private/uv-unix.h deps/uv/src/unix/core.c deps/uv/src/unix/sunos.c deps/v8/src/runtime.cc doc/api/crypto.markdown lib/http.js src/node_version.h test/gc/test-http-client-timeout.js wscript	2012-05-15 11:37:34 -07:00
ssuda	fb7348ae06	crypto: add PKCS12/PFX support Fixes #2845.	2012-05-14 17:12:59 +02:00
Shigeki Ohtsu	0d13142332	tcp: make getsockname() return address family as string	2012-04-16 18:00:47 +02:00
Shigeki Ohtsu	75face6139	doc: fix TLS cipher names	2012-03-23 17:11:13 +01:00
Shigeki Ohtsu	2cf5f040a5	doc: add cleartextStream.getCipher() in tls	2012-03-23 17:09:50 +01:00
isaacs	1d5b6f26fe	Merge remote-tracking branch 'ry/v0.6' into v0.6-merge Conflicts: ChangeLog Makefile deps/npm/AUTHORS deps/npm/html/api/bin.html deps/npm/html/api/bugs.html deps/npm/html/api/commands.html deps/npm/html/api/config.html deps/npm/html/api/deprecate.html deps/npm/html/api/docs.html deps/npm/html/api/edit.html deps/npm/html/api/explore.html deps/npm/html/api/help-search.html deps/npm/html/api/init.html deps/npm/html/api/install.html deps/npm/html/api/link.html deps/npm/html/api/load.html deps/npm/html/api/ls.html deps/npm/html/api/npm.html deps/npm/html/api/outdated.html deps/npm/html/api/owner.html deps/npm/html/api/pack.html deps/npm/html/api/prefix.html deps/npm/html/api/prune.html deps/npm/html/api/publish.html deps/npm/html/api/rebuild.html deps/npm/html/api/restart.html deps/npm/html/api/root.html deps/npm/html/api/run-script.html deps/npm/html/api/search.html deps/npm/html/api/shrinkwrap.html deps/npm/html/api/start.html deps/npm/html/api/stop.html deps/npm/html/api/submodule.html deps/npm/html/api/tag.html deps/npm/html/api/test.html deps/npm/html/api/uninstall.html deps/npm/html/api/unpublish.html deps/npm/html/api/update.html deps/npm/html/api/version.html deps/npm/html/api/view.html deps/npm/html/api/whoami.html deps/npm/html/doc/README.html deps/npm/html/doc/adduser.html deps/npm/html/doc/bin.html deps/npm/html/doc/bugs.html deps/npm/html/doc/build.html deps/npm/html/doc/bundle.html deps/npm/html/doc/cache.html deps/npm/html/doc/changelog.html deps/npm/html/doc/coding-style.html deps/npm/html/doc/completion.html deps/npm/html/doc/config.html deps/npm/html/doc/deprecate.html deps/npm/html/doc/developers.html deps/npm/html/doc/disputes.html deps/npm/html/doc/docs.html deps/npm/html/doc/edit.html deps/npm/html/doc/explore.html deps/npm/html/doc/faq.html deps/npm/html/doc/folders.html deps/npm/html/doc/help-search.html deps/npm/html/doc/help.html deps/npm/html/doc/index.html deps/npm/html/doc/init.html deps/npm/html/doc/install.html deps/npm/html/doc/json.html deps/npm/html/doc/link.html deps/npm/html/doc/list.html deps/npm/html/doc/npm.html deps/npm/html/doc/outdated.html deps/npm/html/doc/owner.html deps/npm/html/doc/pack.html deps/npm/html/doc/prefix.html deps/npm/html/doc/prune.html deps/npm/html/doc/publish.html deps/npm/html/doc/rebuild.html deps/npm/html/doc/registry.html deps/npm/html/doc/removing-npm.html deps/npm/html/doc/restart.html deps/npm/html/doc/root.html deps/npm/html/doc/run-script.html deps/npm/html/doc/scripts.html deps/npm/html/doc/search.html deps/npm/html/doc/semver.html deps/npm/html/doc/shrinkwrap.html deps/npm/html/doc/star.html deps/npm/html/doc/start.html deps/npm/html/doc/stop.html deps/npm/html/doc/submodule.html deps/npm/html/doc/tag.html deps/npm/html/doc/test.html deps/npm/html/doc/uninstall.html deps/npm/html/doc/unpublish.html deps/npm/html/doc/update.html deps/npm/html/doc/version.html deps/npm/html/doc/view.html deps/npm/html/doc/whoami.html deps/npm/lib/install.js deps/npm/lib/ls.js deps/npm/man/man1/npm.1 deps/npm/man/man1/shrinkwrap.1 deps/npm/man/man3/npm.3 deps/npm/man/man3/shrinkwrap.3 deps/npm/node_modules/request/main.js deps/npm/node_modules/request/package.json deps/npm/package.json deps/uv/src/unix/core.c deps/v8/src/conversions-inl.h deps/v8/src/elements.cc deps/v8/src/version.cc doc/about/index.html doc/api/assert.markdown doc/api/child_process.markdown doc/api/cluster.markdown doc/api/crypto.markdown doc/api/debugger.markdown doc/api/dgram.markdown doc/api/dns.markdown doc/api/documentation.markdown doc/api/events.markdown doc/api/fs.markdown doc/api/globals.markdown doc/api/http.markdown doc/api/https.markdown doc/api/modules.markdown doc/api/net.markdown doc/api/os.markdown doc/api/path.markdown doc/api/process.markdown doc/api/querystring.markdown doc/api/readline.markdown doc/api/stdio.markdown doc/api/stream.markdown doc/api/timers.markdown doc/api/tls.markdown doc/api/tty.markdown doc/api/url.markdown doc/api/util.markdown doc/api/vm.markdown doc/api/zlib.markdown doc/api_assets/style.css doc/community/index.html doc/index.html doc/logos/index.html doc/template.html src/node_version.h tools/doc/html.js tools/gyp/test/mac/app-bundle/empty.c	2012-03-03 23:38:52 -08:00
isaacs	2d44dcc8be	doc: Add stability indicators to documentation	2012-03-03 17:03:52 -08:00
isaacs	7bfa5cf284	s/streams/stream/	2012-02-29 16:04:55 -08:00
isaacs	c0446edcc2	doc refactor: tls	2012-02-29 16:04:54 -08:00
Blake Miner	7343f8e776	tls: add `honorCipherOrder` option to tls.createServer() Documented how to mitigate BEAST attacks.	2012-02-29 02:16:08 +01:00
isaacs	f9df88c6da	s/streams/stream/	2012-02-27 11:18:10 -08:00
isaacs	c9b35b9923	doc refactor: tls	2012-02-27 11:14:37 -08:00
koichik	2f5e084147	docs: remove duplicate option of tls.connect()	2012-02-25 23:07:30 +09:00
isaacs	31721da4b1	Merge remote-tracking branch 'ry/v0.6' into v0.6-merge Conflicts: AUTHORS ChangeLog Makefile doc/about/index.html doc/api/tls.markdown doc/community/index.html doc/index.html doc/logos/index.html doc/template.html lib/http.js lib/tls.js src/node_version.h src/platform_win32.cc test/simple/test-tls-connect-given-socket.js	2012-02-18 09:46:58 -08:00
Ben Noordhuis	23c4278e06	docs: fix tls markdown	2012-02-17 23:58:42 +01:00
Ben Noordhuis	3415427dbf	tls: mitigate session renegotiation attacks The TLS protocol allows (and sometimes requires) clients to renegotiate the session. However, renegotiation requires a disproportional amount of server-side resources, particularly CPU time, which makes it a potential vector for denial-of-service attacks. To mitigate this issue, we keep track of and limit the number of renegotiation requests over time, emitting an error if the threshold is exceeded.	2012-02-16 18:15:21 +01:00
koichik	ef50bd2e54	docs: removed unnecessary STARTTLS section	2012-02-17 02:10:59 +09:00
koichik	b19b8836c3	tls: Allow establishing secure connection on the existing socket	2012-02-14 11:53:05 -08:00
Ben Noordhuis	8a6576f764	Merge remote-tracking branch 'origin/v0.6' Conflicts: common.gypi	2012-02-12 16:12:26 +01:00
Ben Noordhuis	38eec57aef	docs: document tls/crypto `ciphers` option Hitherto undocumented option that lets the user select the list of ciphers to use or exclude in a SSL/TLS session.	2012-02-09 17:16:46 +01:00
Ryan Dahl	8b28d599a7	Merge remote branch 'origin/v0.6' Conflicts: Makefile configure src/node_version.h	2012-01-09 11:20:22 -08:00
koichik	c1a63a9e90	tls: Allow establishing secure connection on the existing socket This is necessary to use SSL over HTTP tunnels. Refs #2259, #2474. Fixes #2489.	2012-01-09 02:31:46 +01:00
Maciej Małecki	0321adbcf4	tls doc: update docs to reflect API change Refs #1983.	2012-01-08 11:13:36 +01:00
koichik	57653added	docs: small changes.	2012-01-07 06:44:35 +01:00
Ryan Dahl	f7f8af8420	Merge remote branch 'origin/v0.6' Conflicts: Makefile lib/_debugger.js	2011-12-21 12:17:23 -08:00
koichik	07c27e040e	tls: Fix node swallows openssl error on request Fixes #2308. Fixes #2246.	2011-12-21 19:48:15 +01:00
koichik	f8c335d0ca	tls: enable rejectUnauthorized option to client Fiexes #2247.	2011-12-07 22:47:06 +09:00
kyle@dontkry.com	34f34e4411	docs: fix typo Fixes #2193.	2011-11-27 01:45:27 +09:00
koichik	f53d092a2a	tls, https: add passphrase option Fixes #1925.	2011-10-31 17:36:43 +09:00
koichik	cbcaeedba9	tls: add address(), remoteAddress/remotePort Fixes #758. Fixes #1055.	2011-10-27 00:28:16 +09:00
koichik	00aa8935d7	docs: improvement fs, http and https	2011-10-22 23:40:15 +09:00
koichik	cdec7e3ae5	docs: improvement tls example	2011-10-16 16:50:16 +09:00
koichik	86a67f15a0	docs: add example of tls	2011-10-16 01:26:38 +09:00
koichik	68cc173c6d	tls: The TLS API is inconsistent with the TCP API Add 'secureConnect' event to tls.CleartextStream. Fixes #1467.	2011-10-15 19:27:21 +09:00
koichik	19a855382c	tls: requestCert unusable with Firefox and Chrome Fixes #1516.	2011-10-15 00:54:46 +09:00
Logan Smyth	bc0a552a84	docs: Fix merge error in tls docs Fixes #1648.	2011-09-05 00:48:35 +09:00
Ryan Dahl	8320af7ef3	Merge remote branch 'origin/v0.4' Conflicts: doc/api/tls.markdown	2011-08-17 13:25:44 -07:00

1 2

60 Commits (c1bf89df2e93c72f7dd22a8399d6f8734888916d)