Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

[npn] OpenSSL NPN in node.js #926

Closed
wants to merge 2 commits into from
Closed

[npn] OpenSSL NPN in node.js #926

wants to merge 2 commits into from

Conversation

indutny
Copy link
Member

@indutny indutny commented Apr 14, 2011

Usage

var tls = require('tls');
var serverOptions = {
    key: ...,
    cert: ...,
    crl: ...,
    NPNProtocols: ['a/1', 'b/2', 'c/3']
};

tls.createServer(serverOptions, function(c) {
    c.npnProtocol // selected protocol by client or most wanted client protocol, if we have no matches
}).listen(port);

var clientOptions = {... all the same ...};
var client = tls.connect(port, 'localhost', clientOptions, function() {
    client.npnProtocol // selected protocol or false if server doesn't support any of requested
});

require('tls').NPN_ENABLED // 1 if node.js was compiled with new OpenSSL and false if not
process.binding('constants').NPN_ENABLED // equal to above

Test

test/simple/test-tls-npn-server-client.js

@ry
Copy link

ry commented Apr 19, 2011

So, I'm testing this with an old OpenSSL and I get

=== debug test-https-simple ===                                    
Path: simple/test-https-simple
executing "curl --insecure https://127.0.0.1:12346/"

tls.js:625
    this.npnProtocol = this._ssl.getNegotiatedProtocol();
                                 ^
TypeError: Object #<Connection> has no method 'getNegotiatedProtocol'
    at SecurePair._maybeInitFinished (tls.js:625:34)
    at CleartextStream._push (tls.js:285:17)
    at SecurePair._cycle (tls.js:599:20)
    at EncryptedStream.write (tls.js:125:13)
    at Socket.ondata (stream.js:40:26)
    at Socket.emit (events.js:64:17)
    at Socket._onReadable (net.js:679:14)
    at IOWatcher.onReadable [as callback] (net.js:177:10)

I realize you're targeting the latest OpenSSL - that's fine - but Node should still work on all non-NPN tests with an older OpenSSL.

@indutny
Copy link
Member Author

indutny commented Apr 19, 2011

5 minutes and I'll fix that ;)

@indutny
Copy link
Member Author

indutny commented Apr 19, 2011

Fixed.

indutny
indutny reviewed Apr 19, 2011
View reviewed changes
lib/tls.js
@@ -576,6 +610,10 @@ SecurePair.prototype._cycle = function(depth) {

SecurePair.prototype._maybeInitFinished = function() {
if (this._ssl && !this._secureEstablished && this._ssl.isInitFinished()) {
if (NPN_ENABLED) {
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If we'll have a conditions preprocessor for lib/*.js files, it can be fully excluded from tls.js builds on systems with default openssl lib

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i don't want to go crazy with the preprocessing. we only remove debug() and assert() - a simple conditional isn't bad.

@ry ry closed this in c9b40da Apr 19, 2011
@indutny
Copy link
Member Author

indutny commented Apr 20, 2011

Thank you!
Now I can continue developing SPDY server on node.js again!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@indutny @ry