This repository has been archived by the owner. It is now read-only.
Permalink
Browse files

tls: async session storage

  • Loading branch information...
indutny committed Jul 7, 2012
1 parent 790d651 commit 8e0c830cd0038577e36456d3e027a4150d68c933
Showing with 392 additions and 12 deletions.
  1. +19 −0 doc/api/tls.markdown
  2. +39 −3 lib/tls.js
  3. +243 −7 src/node_crypto.cc
  4. +70 −1 src/node_crypto.h
  5. +21 −1 test/simple/test-tls-session-cache.js
View
@@ -373,6 +373,25 @@ When a client connection emits an 'error' event before secure connection is
established - it will be forwarded here.
+### Event: 'newSession'
+
+`function (sessionId, sessionData) { }`
+
+Emitted on creation of TLS session. May be used to store sessions in external
+storage.
+
+
+### Event: 'resumeSession'
+
+`function (sessionId, callback) { }`
+
+Emitted when client wants to resume previous TLS session. Event listener may
+perform lookup in external storage using given `sessionId`, and invoke
+`callback(null, sessionData)` once finished. If session can't be resumed
+(i.e. doesn't exist in storage) one may call `callback(null, null)`. Calling
+`callback(err)` will terminate incoming connection and destroy socket.
+
+
### server.listen(port, [host], [callback])
Begin accepting connections on the specified `port` and `host`. If the
View
@@ -725,6 +725,37 @@ function onhandshakedone() {
debug('onhandshakedone');
}
+function onclienthello(hello) {
+ var self = this,
+ once = false;
+
+ this.encrypted.pause();
+ this.cleartext.pause();
+ function callback(err, session) {
+ if (once) return;
+ once = true;
+
+ if (err) return self.socket.destroy(err);
+
+ self.ssl.loadSession(session);
+
+ self.encrypted.resume();
+ self.cleartext.resume();
+ }
+
+ if (hello.sessionId.length <= 0 ||
+ !this.server ||
+ !this.server.emit('resumeSession', hello.sessionId, callback)) {
+ callback(null, null);
+ }
+}
+
+
+function onnewsession(key, session) {
+ if (!this.server) return;
+ this.server.emit('newSession', key, session);
+}
+
/**
* Provides a pair of streams to do encrypted communication.
@@ -746,6 +777,7 @@ function SecurePair(credentials, isServer, requestCert, rejectUnauthorized,
events.EventEmitter.call(this);
+ this.server = options.server;
this._secureEstablished = false;
this._isServer = isServer ? true : false;
this._encWriteState = true;
@@ -768,13 +800,16 @@ function SecurePair(credentials, isServer, requestCert, rejectUnauthorized,
this._requestCert = requestCert ? true : false;
this.ssl = new Connection(this.credentials.context,
- this._isServer ? true : false,
- this._isServer ? this._requestCert : options.servername,
- this._rejectUnauthorized);
+ this._isServer ? true : false,
+ this._isServer ? this._requestCert :
+ options.servername,
+ this._rejectUnauthorized);
if (this._isServer) {
this.ssl.onhandshakestart = onhandshakestart.bind(this);
this.ssl.onhandshakedone = onhandshakedone.bind(this);
+ this.ssl.onclienthello = onclienthello.bind(this);
+ this.ssl.onnewsession = onnewsession.bind(this);
this.ssl.handshakes = 0;
this.ssl.timer = null;
}
@@ -1084,6 +1119,7 @@ function Server(/* [options], listener */) {
self.requestCert,
self.rejectUnauthorized,
{
+ server: self,
NPNProtocols: self.NPNProtocols,
SNICallback: self.SNICallback
});
Oops, something went wrong.

0 comments on commit 8e0c830

Please sign in to comment.