From: koichik Date: Sun, 16 Oct 2011 07:31:41 +0000 (+0900) Subject: docs: improvement tls example X-Git-Tag: v0.5.10~41 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=cdec7e3ae50636b58210ec1fe43498390374655d;p=platform%2Fupstream%2Fnodejs.git docs: improvement tls example --- diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown index 3767a0e..4a49fe6 100644 --- a/doc/api/tls.markdown +++ b/doc/api/tls.markdown @@ -74,15 +74,20 @@ Here is a simple example echo server: var options = { key: fs.readFileSync('server-key.pem'), cert: fs.readFileSync('server-cert.pem'), + + // This is necessary only if using the client certificate authentication. requestCert: true, + + // This is necessary only if the client uses the self-signed certificate. ca: [ fs.readFileSync('client-cert.pem') ] }; - var server = tls.createServer(options, function (s) { + var server = tls.createServer(options, function(cleartextStream) { console.log('server connected', - s.authorized ? 'authorized' : 'not authorized'); - s.write("welcome!\n"); - s.pipe(s); + cleartextStream.authorized ? 'authorized' : 'unauthorized'); + cleartextStream.write("welcome!\n"); + cleartextStream.setEncoding('utf8'); + cleartextStream.pipe(cleartextStream); }); server.listen(8000, function() { console.log('server bound'); @@ -100,10 +105,10 @@ You can test this server by connecting to it with `openssl s_client`: Creates a new client connection to the given `port` and `host`. (If `host` defaults to `localhost`.) `options` should be an object which specifies - - `key`: A string or `Buffer` containing the private key of the server in + - `key`: A string or `Buffer` containing the private key of the client in PEM format. (Required) - - `cert`: A string or `Buffer` containing the certificate key of the server in + - `cert`: A string or `Buffer` containing the certificate key of the client in PEM format. - `ca`: An array of strings or `Buffer`s of trusted certificates. If this is @@ -111,9 +116,9 @@ defaults to `localhost`.) `options` should be an object which specifies These are used to authorize connections. - `NPNProtocols`: An array of string or `Buffer` containing supported NPN - protocols. `Buffer` should have following format: `0x05hello0x05world`, where - first byte is next protocol name's length. (Passing array should usually be - much simplier: `['hello', 'world']`.) + protocols. `Buffer` should have following format: `0x05hello0x05world`, + where first byte is next protocol name's length. (Passing array should + usually be much simplier: `['hello', 'world']`.) - `servername`: Servername for SNI (Server Name Indication) TLS extension. @@ -128,18 +133,26 @@ Here is an example of a client of echo server as described previously: var fs = require('fs'); var options = { + // These are necessary only if using the client certificate authentication key: fs.readFileSync('client-key.pem'), cert: fs.readFileSync('client-cert.pem'), + + // This is necessary only if the server uses the self-signed certificate ca: [ fs.readFileSync('server-cert.pem') ] }; - var client = tls.connect(8000, options, function() { + var cleartextStream = tls.connect(8000, options, function() { console.log('client connected', - client.authorized ? 'authorized' : 'not authorized'); - client.write("Hello, World!\n"); + cleartextStream.authorized ? 'authorized' : 'unauthorized'); + process.stdin.pipe(cleartextStream); + process.stdin.resume(); + }); + cleartextStream.setEncoding('utf8'); + cleartextStream.on('data', function(data) { + console.log(data); }); - client.on('data', function(data) { - console.log(data.toString()); + cleartextStream.on('end', function() { + server.close(); });