-
Notifications
You must be signed in to change notification settings - Fork 30.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tls: add min/max protocol version options
The existing secureProtocol option only allows setting the allowed protocol to a specific version, or setting it to "all supported versions". It also used obscure strings based on OpenSSL C API functions. Directly setting the min or max is easier to use and explain. PR-URL: #24405 Reviewed-By: Refael Ackermann <refack@gmail.com> Reviewed-By: Rod Vagg <rod@vagg.org>
- Loading branch information
1 parent
160ac0f
commit f512f5e
Showing
14 changed files
with
327 additions
and
45 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
// Flags: --tls-v1.0 --tls-v1.1 | ||
'use strict'; | ||
const common = require('../common'); | ||
if (!common.hasCrypto) common.skip('missing crypto'); | ||
|
||
// Check that `node --tls-v1.0` is supported, and overrides --tls-v1.1. | ||
|
||
const assert = require('assert'); | ||
const tls = require('tls'); | ||
|
||
assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.2'); | ||
assert.strictEqual(tls.DEFAULT_MIN_VERSION, 'TLSv1'); | ||
|
||
// Check the min-max version protocol versions against these CLI settings. | ||
require('./test-tls-min-max-version.js'); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,15 @@ | ||
// Flags: --tls-v1.1 | ||
'use strict'; | ||
const common = require('../common'); | ||
if (!common.hasCrypto) common.skip('missing crypto'); | ||
|
||
// Check that node `--tls-v1.1` is supported. | ||
|
||
const assert = require('assert'); | ||
const tls = require('tls'); | ||
|
||
assert.strictEqual(tls.DEFAULT_MAX_VERSION, 'TLSv1.2'); | ||
assert.strictEqual(tls.DEFAULT_MIN_VERSION, 'TLSv1.1'); | ||
|
||
// Check the min-max version protocol versions against these CLI settings. | ||
require('./test-tls-min-max-version.js'); |
Oops, something went wrong.