Permalink
Browse files

binding: context.setCiphers(), default ciphers

  • Loading branch information...
1 parent 90725a0 commit d1c573d4355bd3bdbfd3efc3c88c57703353afa3 @indutny committed Jan 5, 2013
Showing with 27 additions and 5 deletions.
  1. +4 −0 lib/tlsnappy/api.js
  2. +22 −5 src/tlsnappy.cc
  3. +1 −0 src/tlsnappy.h
View
@@ -5,6 +5,9 @@ var tlsnappy = require('../tlsnappy'),
http = require('http'),
Stream = require('stream').Stream;
+var DEFAULT_CIPHERS = 'ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:' + // TLS 1.2
+ 'RC4:HIGH:!MD5:!aNULL:!EDH'; // TLS 1.0
+
// Convert protocols array into valid OpenSSL protocols list
// ("\x06spdy/2\x08http/1.1\x08http/1.0")
function convertNPNProtocols(NPNProtocols) {
@@ -47,6 +50,7 @@ function Server(options, listener) {
var context = new tlsnappy.binding.Context();
if (options.key) context.setKey(options.key);
if (options.cert) context.setCert(options.cert);
+ context.setCiphers(options.ciphers || DEFAULT_CIPHERS);
if (npn) context.setNPN(npn);
this.contexts.push(context);
View
@@ -252,7 +252,7 @@ BIO* LoadBIO(Handle<Value> v) {
Handle<Value> Context::SetNPN(const Arguments& args) {
HandleScope scope;
- if (args.Length() < 1 ||!Buffer::HasInstance(args[0])) {
+ if (args.Length() < 1 || !Buffer::HasInstance(args[0])) {
return ThrowException(String::New("First argument should be Buffer"));
}
@@ -274,10 +274,26 @@ Handle<Value> Context::SetNPN(const Arguments& args) {
}
+Handle<Value> Context::SetCiphers(const Arguments& args) {
+ HandleScope scope;
+
+ if (args.Length() < 1 || !args[0]->IsString()) {
+ return ThrowException(String::New("First argument should be String"));
+ }
+
+ String::Utf8Value str(args[0]);
+
+ Context* ctx = ObjectWrap::Unwrap<Context>(args.This());
+ SSL_CTX_set_cipher_list(ctx->ctx_, *str);
+
+ return Null();
+}
+
+
Handle<Value> Context::SetKey(const Arguments& args) {
HandleScope scope;
- if (args.Length() < 1 ||!Buffer::HasInstance(args[0])) {
+ if (args.Length() < 1 || !Buffer::HasInstance(args[0])) {
return ThrowException(String::New("First argument should be Buffer"));
}
@@ -382,7 +398,7 @@ Handle<Value> Context::SetCert(const Arguments& args) {
HandleScope scope;
Context* ctx = ObjectWrap::Unwrap<Context>(args.This());
- if (args.Length() < 1 ||!Buffer::HasInstance(args[0])) {
+ if (args.Length() < 1 || !Buffer::HasInstance(args[0])) {
return ThrowException(String::New("First argument should be Buffer"));
}
@@ -529,7 +545,7 @@ Handle<Value> Socket::ClearOut(const Arguments& args) {
HandleScope scope;
Socket* s = ObjectWrap::Unwrap<Socket>(args.This());
- if (args.Length() < 1 ||!Buffer::HasInstance(args[0])) {
+ if (args.Length() < 1 || !Buffer::HasInstance(args[0])) {
return ThrowException(String::New("First argument should be Buffer"));
}
@@ -555,7 +571,7 @@ Handle<Value> Socket::EncOut(const Arguments& args) {
HandleScope scope;
Socket* s = ObjectWrap::Unwrap<Socket>(args.This());
- if (args.Length() < 1 ||!Buffer::HasInstance(args[0])) {
+ if (args.Length() < 1 || !Buffer::HasInstance(args[0])) {
return ThrowException(String::New("First argument should be Buffer"));
}
@@ -831,6 +847,7 @@ void Context::Init(Handle<Object> target) {
NODE_SET_PROTOTYPE_METHOD(t, "setKey", Context::SetKey);
NODE_SET_PROTOTYPE_METHOD(t, "setCert", Context::SetCert);
NODE_SET_PROTOTYPE_METHOD(t, "setNPN", Context::SetNPN);
+ NODE_SET_PROTOTYPE_METHOD(t, "setCiphers", Context::SetCiphers);
target->Set(String::NewSymbol("Context"), t->GetFunction());
}
View
@@ -38,6 +38,7 @@ class Context : public ObjectWrap {
static Handle<Value> SetKey(const Arguments& args);
static Handle<Value> SetCert(const Arguments& args);
static Handle<Value> SetNPN(const Arguments& args);
+ static Handle<Value> SetCiphers(const Arguments& args);
static int Advertise(SSL *s,
const unsigned char **data,

0 comments on commit d1c573d

Please sign in to comment.