var assert = require('assert').ok;
var constants = require('constants');
+var Timer = process.binding('timer_wrap').Timer;
+
var DEFAULT_CIPHERS = 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:' + // TLS 1.2
'RC4:HIGH:!MD5:!aNULL:!EDH'; // TLS 1.0
};
-var debug;
-if (process.env.NODE_DEBUG && /tls/.test(process.env.NODE_DEBUG)) {
- debug = function(a) { console.error('TLS:', a); };
-} else {
- debug = function() { };
-}
-
+var debug = util.debuglog('tls');
var Connection = null;
try {
// Write current buffer now
var written;
if (this === this.pair.cleartext) {
- debug('cleartext.write called with ' + data.length + ' bytes');
+ debug('cleartext.write called with %d bytes', data.length);
written = this.pair.ssl.clearIn(data, 0, data.length);
} else {
- debug('encrypted.write called with ' + data.length + ' bytes');
+ debug('encrypted.write called with %d bytes', data.length);
written = this.pair.ssl.encIn(data, 0, data.length);
}
this._pendingCallback = cb;
if (this === this.pair.cleartext) {
- debug('cleartext.write queued with ' + data.length + ' bytes');
+ debug('cleartext.write queued with %d bytes', data.length);
} else {
- debug('encrypted.write queued with ' + data.length + ' bytes');
+ debug('encrypted.write queued with %d bytes', data.length);
}
};
var out;
if (this === this.pair.cleartext) {
- debug('cleartext.read called with ' + size + ' bytes');
+ debug('cleartext.read called with %d bytes', size);
out = this.pair.ssl.clearOut;
} else {
- debug('encrypted.read called with ' + size + ' bytes');
+ debug('encrypted.read called with %d bytes', size);
out = this.pair.ssl.encOut;
}
assert(bytesRead >= 0);
if (this === this.pair.cleartext) {
- debug('cleartext.read succeed with ' + bytesRead + ' bytes');
+ debug('cleartext.read succeed with %d bytes', bytesRead);
} else {
- debug('encrypted.read succeed with ' + bytesRead + ' bytes');
+ debug('encrypted.read succeed with %d bytes', bytesRead);
}
// Try writing pending data
return this.socket && this.socket.remotePort;
});
+
+CleartextStream.prototype.__defineGetter__('localAddress', function() {
+ return this.socket && this.socket.localAddress;
+});
+
+
+CleartextStream.prototype.__defineGetter__('localPort', function() {
+ return this.socket && this.socket.localPort;
+});
+
+
function EncryptedStream(pair, options) {
CryptoStream.call(this, pair, options);
}
var self = this;
var ssl = self.ssl;
- var now = Date.now();
+ var now = Timer.now();
assert(now >= ssl.lastHandshakeTime);
// - key. string.
// - cert: string.
// - ca: string or array of strings.
+// - sessionTimeout: integer.
//
// emit 'secureConnection'
// function (cleartextStream, encryptedStream) { }
throw new TypeError('handshakeTimeout must be a number');
}
+ if (self.sessionTimeout) {
+ sharedCreds.context.setSessionTimeout(self.sessionTimeout);
+ }
+
// constructor call
net.Server.call(this, function(socket) {
var creds = crypto.createCredentials(null, sharedCreds.context);
if (options.secureProtocol) this.secureProtocol = options.secureProtocol;
if (options.crl) this.crl = options.crl;
if (options.ciphers) this.ciphers = options.ciphers;
+ if (options.sessionTimeout) this.sessionTimeout = options.sessionTimeout;
var secureOptions = options.secureOptions || 0;
if (options.honorCipherOrder) {
secureOptions |= constants.SSL_OP_CIPHER_SERVER_PREFERENCE;