### Event: 'newSession'
-`function (sessionId, sessionData) { }`
+`function (sessionId, sessionData, callback) { }`
Emitted on creation of TLS session. May be used to store sessions in external
-storage.
+storage. `callback` must be invoked eventually, otherwise no data will be
+sent or received from secure connection.
NOTE: adding this event listener will have an effect only on connections
established after addition of event listener.
function onnewsession(key, session) {
if (!this.server) return;
- this.server.emit('newSession', key, session);
+
+ var self = this;
+ var once = false;
+
+ self.server.emit('newSession', key, session, function() {
+ if (once)
+ return;
+ once = true;
+
+ if (self.ssl)
+ self.ssl.newSessionDone();
+ });
+}
+
+
+function onnewsessiondone() {
+ if (!this.server) return;
+
+ // Cycle through data
+ this.cleartext.read(0);
+ this.encrypted.read(0);
}
function onnewsession(key, session) {
- if (this.server)
- this.server.emit('newSession', key, session);
+ if (!this.server)
+ return;
+
+ var self = this;
+ var once = false;
+
+ this._newSessionPending = true;
+ this.server.emit('newSession', key, session, function() {
+ if (once)
+ return;
+ once = true;
+
+ self.ssl.newSessionDone();
+
+ self._newSessionPending = false;
+ if (self._securePending)
+ self._finishInit();
+ self._securePending = false;
+ });
}
this._tlsOptions = options;
this._secureEstablished = false;
+ this._securePending = false;
+ this._newSessionPending = false;
this._controlReleased = false;
this._SNICallback = null;
this.ssl = null;
};
TLSSocket.prototype._finishInit = function() {
+ // `newSession` callback wasn't called yet
+ if (this._newSessionPending) {
+ this._securePending = true;
+ return;
+ }
+
if (process.features.tls_npn) {
this.npnProtocol = this.ssl.getNegotiatedProtocol();
}
V(onhandshakestart_string, "onhandshakestart") \
V(onmessage_string, "onmessage") \
V(onnewsession_string, "onnewsession") \
+ V(onnewsessiondone_string, "onnewsessiondone") \
V(onread_string, "onread") \
V(onselect_string, "onselect") \
V(onsignal_string, "onsignal") \
NODE_SET_PROTOTYPE_METHOD(t, "renegotiate", Renegotiate);
NODE_SET_PROTOTYPE_METHOD(t, "shutdown", Shutdown);
NODE_SET_PROTOTYPE_METHOD(t, "getTLSTicket", GetTLSTicket);
+ NODE_SET_PROTOTYPE_METHOD(t, "newSessionDone", NewSessionDone);
#ifdef SSL_set_max_send_fragment
NODE_SET_PROTOTYPE_METHOD(t, "setMaxSendFragment", SetMaxSendFragment);
reinterpret_cast<char*>(sess->session_id),
sess->session_id_length);
Local<Value> argv[] = { session, buff };
+ w->new_session_wait_ = true;
w->MakeCallback(env->onnewsession_string(), ARRAY_SIZE(argv), argv);
return 0;
}
+template <class Base>
+void SSLWrap<Base>::NewSessionDone(const FunctionCallbackInfo<Value>& args) {
+ HandleScope scope(args.GetIsolate());
+
+ Base* w = Unwrap<Base>(args.This());
+ w->new_session_wait_ = false;
+ w->NewSessionDoneCb();
+}
+
+
#ifdef SSL_set_max_send_fragment
template <class Base>
void SSLWrap<Base>::SetMaxSendFragment(
}
+void Connection::NewSessionDoneCb() {
+ HandleScope scope(env()->isolate());
+
+ MakeCallback(env()->onnewsessiondone_string(), 0, NULL);
+}
+
+
void Connection::Initialize(Environment* env, Handle<Object> target) {
Local<FunctionTemplate> t = FunctionTemplate::New(Connection::New);
t->InstanceTemplate()->SetInternalFieldCount(1);
: env_(env),
kind_(kind),
next_sess_(NULL),
- session_callbacks_(false) {
+ session_callbacks_(false),
+ new_session_wait_(false) {
ssl_ = SSL_new(sc->ctx_);
assert(ssl_ != NULL);
}
inline void enable_session_callbacks() { session_callbacks_ = true; }
inline bool is_server() const { return kind_ == kServer; }
inline bool is_client() const { return kind_ == kClient; }
+ inline bool is_waiting_new_session() const { return new_session_wait_; }
protected:
static void InitNPN(SecureContext* sc, Base* base);
static void Renegotiate(const v8::FunctionCallbackInfo<v8::Value>& args);
static void Shutdown(const v8::FunctionCallbackInfo<v8::Value>& args);
static void GetTLSTicket(const v8::FunctionCallbackInfo<v8::Value>& args);
+ static void NewSessionDone(const v8::FunctionCallbackInfo<v8::Value>& args);
#ifdef SSL_set_max_send_fragment
static void SetMaxSendFragment(
SSL_SESSION* next_sess_;
SSL* ssl_;
bool session_callbacks_;
+ bool new_session_wait_;
ClientHelloParser hello_parser_;
#ifdef OPENSSL_NPN_NEGOTIATED
void ClearError();
void SetShutdownFlags();
+ void NewSessionDoneCb();
Connection(Environment* env,
v8::Local<v8::Object> wrap,
friend class ClientHelloParser;
friend class SecureContext;
+ friend class SSLWrap<Connection>;
};
class CipherBase : public BaseObject {
established_(false),
shutdown_(false),
error_(NULL),
+ cycle_depth_(0),
eof_(false) {
node::Wrap<TLSCallbacks>(object(), this);
}
+void TLSCallbacks::NewSessionDoneCb() {
+ Cycle();
+}
+
+
void TLSCallbacks::InitSSL() {
// Initialize SSL
enc_in_ = NodeBIO::New();
if (write_size_ != 0)
return;
+ // Wait for `newSession` callback to be invoked
+ if (is_waiting_new_session())
+ return;
+
// Split-off queue
if (established_ && !QUEUE_EMPTY(&write_item_queue_))
MakePending();
void ClearOut();
void MakePending();
bool InvokeQueued(int status);
+ void NewSessionDoneCb();
inline void Cycle() {
- ClearIn();
- ClearOut();
- EncOut();
+ // Prevent recursion
+ if (++cycle_depth_ > 1)
+ return;
+
+ for (; cycle_depth_ > 0; cycle_depth_--) {
+ ClearIn();
+ ClearOut();
+ EncOut();
+ }
}
v8::Local<v8::Value> GetSSLError(int status, int* err, const char** msg);
bool established_;
bool shutdown_;
const char* error_;
+ int cycle_depth_;
// If true - delivered EOF to the js-land, either after `close_notify`, or
// after the `UV_EOF` on socket.
static size_t error_off_;
static char error_buf_[1024];
+
+ friend class SSLWrap<TLSCallbacks>;
};
} // namespace node
++requestCount;
cleartext.end();
});
- server.on('newSession', function(id, data) {
- assert.ok(!session);
- session = {
- id: id,
- data: data
- };
+ server.on('newSession', function(id, data, cb) {
+ // Emulate asynchronous store
+ setTimeout(function() {
+ assert.ok(!session);
+ session = {
+ id: id,
+ data: data
+ };
+ cb();
+ }, 1000);
});
server.on('resumeSession', function(id, callback) {
++resumeCount;