New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: multiple PFX support in createSecureContext #14793

Closed
wants to merge 7 commits into
base: master
from

Conversation

Projects
None yet
10 participants
@djphoenix
Contributor

djphoenix commented Aug 12, 2017

Fixes: #14756

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines
Affected core subsystem(s)

tls

@Trott Trott added the semver-minor label Aug 13, 2017

@jasnell

This comment has been minimized.

Show comment
Hide comment
@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Aug 23, 2017

Contributor

Fixed FIPS failure (actually bad fixture). @jasnell another try?

Contributor

djphoenix commented Aug 23, 2017

Fixed FIPS failure (actually bad fixture). @jasnell another try?

@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Aug 28, 2017

Contributor

ping?

Contributor

djphoenix commented Aug 28, 2017

ping?

@jasnell

This comment has been minimized.

Show comment
Hide comment
@jasnell
Member

jasnell commented Aug 29, 2017

Show outdated Hide outdated lib/_tls_common.js
Show outdated Hide outdated doc/api/tls.md
@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Aug 29, 2017

Contributor

@jasnell CI failures seems like unrelated to changes.

Contributor

djphoenix commented Aug 29, 2017

@jasnell CI failures seems like unrelated to changes.

@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Aug 29, 2017

Contributor

@BridgeAR fixed your picks. @jasnell seems like it's ready for another CI.

Contributor

djphoenix commented Aug 29, 2017

@BridgeAR fixed your picks. @jasnell seems like it's ready for another CI.

@jasnell

This comment has been minimized.

Show comment
Hide comment
Member

jasnell commented Aug 29, 2017

@jasnell jasnell requested review from indutny and shigeki Aug 29, 2017

@indutny

LGTM, if it works.

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny
Member

indutny commented Aug 31, 2017

djphoenix added some commits Aug 12, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

Fixes: #14756
@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Sep 1, 2017

Contributor

Rebased changes to resolve conflicts. @jasnell @indutny @BridgeAR take a look again.

Contributor

djphoenix commented Sep 1, 2017

Rebased changes to resolve conflicts. @jasnell @indutny @BridgeAR take a look again.

@BridgeAR

Still LGTM

@BridgeAR

This comment has been minimized.

Show comment
Hide comment
Member

BridgeAR commented Sep 4, 2017

@jasnell

jasnell approved these changes Sep 5, 2017

@indutny

indutny approved these changes Sep 5, 2017

LGTM

@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Sep 6, 2017

Contributor

Still waiting for @shigeki and @bnoordhuis

Contributor

djphoenix commented Sep 6, 2017

Still waiting for @shigeki and @bnoordhuis

@BridgeAR

This comment has been minimized.

Show comment
Hide comment
@BridgeAR

BridgeAR Sep 8, 2017

Member

Landed in 372dc86

Member

BridgeAR commented Sep 8, 2017

Landed in 372dc86

@BridgeAR BridgeAR closed this Sep 8, 2017

BridgeAR added a commit that referenced this pull request Sep 8, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: #14793
Fixes: #14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins Sep 10, 2017

Member

@BridgeAR it seems like @djphoenix was still waiting for a review from @shigeki and @bnoordhuis. Was there a reason it landed before?

Member

MylesBorins commented Sep 10, 2017

@BridgeAR it seems like @djphoenix was still waiting for a review from @shigeki and @bnoordhuis. Was there a reason it landed before?

@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins Sep 10, 2017

Member

Also fwiw I've landed this on v8.x-staging and it is on track to be released in the next 8.x release. Just wanted to confirm that this should be released before doing so

Member

MylesBorins commented Sep 10, 2017

Also fwiw I've landed this on v8.x-staging and it is on track to be released in the next 8.x release. Just wanted to confirm that this should be released before doing so

MylesBorins added a commit that referenced this pull request Sep 10, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: #14793
Fixes: #14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

@MylesBorins MylesBorins referenced this pull request Sep 10, 2017

Merged

v8.5.0 proposal #15308

@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Sep 11, 2017

Contributor

@djphoenix was still waiting for a review

@MylesBorins not me, but @indutny tagged them before, so I pinged also. Not blocking for me (and for @BridgeAR also as I see).

Contributor

djphoenix commented Sep 11, 2017

@djphoenix was still waiting for a review

@MylesBorins not me, but @indutny tagged them before, so I pinged also. Not blocking for me (and for @BridgeAR also as I see).

@BridgeAR

This comment has been minimized.

Show comment
Hide comment
@BridgeAR

BridgeAR Sep 11, 2017

Member

@MylesBorins to me it looked like a trivial change that was good to go and there was no response since the review request for a week. And as it did not come from @djphoenix it felt more like a "nice to have" in this case. So I went ahead and landed it.

Member

BridgeAR commented Sep 11, 2017

@MylesBorins to me it looked like a trivial change that was good to go and there was no response since the review request for a week. And as it did not come from @djphoenix it felt more like a "nice to have" in this case. So I went ahead and landed it.

@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins Sep 11, 2017

Member
Member

MylesBorins commented Sep 11, 2017

MylesBorins added a commit that referenced this pull request Sep 11, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: #14793
Fixes: #14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Sep 11, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: #14793
Fixes: #14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

@djphoenix djphoenix deleted the djphoenix:tls-multi-pfx branch Sep 11, 2017

MylesBorins added a commit that referenced this pull request Sep 12, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: #14793
Fixes: #14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Sep 12, 2017

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  #14875

* console:
  * Implement minimal `console.group()`.
  #14910

* deps:
  * upgrade libuv to 1.14.1
    #14866
  * update nghttp2 to v1.25.0
    #14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    #14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    #15034

* inspector:
  * Enable async stack traces
    #13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    #14369

* napi:
  * implement promise
    #14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    #14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    #14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

PR-URL: #15308

MylesBorins added a commit that referenced this pull request Sep 12, 2017

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  #14875

* console:
  * Implement minimal `console.group()`.
  #14910

* deps:
  * upgrade libuv to 1.14.1
    #14866
  * update nghttp2 to v1.25.0
    #14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    #14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    #15034

* inspector:
  * Enable async stack traces
    #13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    #14369

* napi:
  * implement promise
    #14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    #14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    #14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

PR-URL: #15308

MylesBorins added a commit that referenced this pull request Sep 12, 2017

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  #14875

* console:
  * Implement minimal `console.group()`.
  #14910

* deps:
  * upgrade libuv to 1.14.1
    #14866
  * update nghttp2 to v1.25.0
    #14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    #14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    #15034

* inspector:
  * Enable async stack traces
    #13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    #14369

* napi:
  * implement promise
    #14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    #14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    #14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

PR-URL: #15308

MylesBorins added a commit that referenced this pull request Sep 12, 2017

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  #14875

* console:
  * Implement minimal `console.group()`.
  #14910

* deps:
  * upgrade libuv to 1.14.1
    #14866
  * update nghttp2 to v1.25.0
    #14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    #14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    #15034

* inspector:
  * Enable async stack traces
    #13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    #14369

* napi:
  * implement promise
    #14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    #14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    #14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

PR-URL: #15308

addaleax added a commit to addaleax/node that referenced this pull request Sep 13, 2017

tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: nodejs#14793
Fixes: nodejs#14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

addaleax added a commit to addaleax/node that referenced this pull request Sep 13, 2017

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  nodejs#14875

* console:
  * Implement minimal `console.group()`.
  nodejs#14910

* deps:
  * upgrade libuv to 1.14.1
    nodejs#14866
  * update nghttp2 to v1.25.0
    nodejs#14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    nodejs#14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    nodejs#15034

* inspector:
  * Enable async stack traces
    nodejs#13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    nodejs#14369

* napi:
  * implement promise
    nodejs#14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    nodejs#14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    nodejs#14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](nodejs#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

PR-URL: nodejs#15308
@gibfahn

This comment has been minimized.

Show comment
Hide comment
@gibfahn

gibfahn Jan 15, 2018

Member

Release team were -1 on landing on v6.x, if you disagree let us know.

Member

gibfahn commented Jan 15, 2018

Release team were -1 on landing on v6.x, if you disagree let us know.

@djphoenix

This comment has been minimized.

Show comment
Hide comment
@djphoenix

djphoenix Jan 16, 2018

Contributor

@gibfahn I’m not sure, so let NodeJS team decide. For me it’s enough to have this feature in latest versions.

Contributor

djphoenix commented Jan 16, 2018

@gibfahn I’m not sure, so let NodeJS team decide. For me it’s enough to have this feature in latest versions.

gabrielschulhof added a commit to gabrielschulhof/node that referenced this pull request Mar 12, 2018

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  nodejs#14875

* console:
  * Implement minimal `console.group()`.
  nodejs#14910

* deps:
  * upgrade libuv to 1.14.1
    nodejs#14866
  * update nghttp2 to v1.25.0
    nodejs#14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    nodejs#14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    nodejs#15034

* inspector:
  * Enable async stack traces
    nodejs#13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    nodejs#14369

* napi:
  * implement promise
    nodejs#14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    nodejs#14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    nodejs#14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](nodejs#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

This applies parts of a10856a that are
relevant to N-API.

PR-URL: nodejs#15308

gabrielschulhof added a commit to gabrielschulhof/node that referenced this pull request Mar 15, 2018

2017-09-12, Version 8.5.0 (Current)
Notable Changes

* build:
  * Snapshots are now re-enabled in V8
  nodejs#14875

* console:
  * Implement minimal `console.group()`.
  nodejs#14910

* deps:
  * upgrade libuv to 1.14.1
    nodejs#14866
  * update nghttp2 to v1.25.0
    nodejs#14955

* dns:
  * Add `verbatim` option to dns.lookup(). When true, results from the
    DNS resolver are passed on as-is, without the reshuffling that
    Node.js otherwise does that puts IPv4 addresses before IPv6
    addresses.
    nodejs#14731

* fs:
  * add fs.copyFile and fs.copyFileSync which allows for more efficient
    copying of files.
    nodejs#15034

* inspector:
  * Enable async stack traces
    nodejs#13870

* module:
  * Add support for ESM. This is currently behind the
    `--experimental-modules` flag and requires the .mjs extension.
    `node --experimental-modules index.mjs`
    nodejs#14369

* napi:
  * implement promise
    nodejs#14365

* os:
  * Add support for CIDR notation to the output of the
    networkInterfaces() method.
    nodejs#14307

* perf_hooks:
  * An initial implementation of the Performance Timing API for
    Node.js. This is the same Performance Timing API implemented by
    modern browsers with a number of Node.js specific properties. The
    User Timing mark() and measure() APIs are implemented, as is a
    Node.js specific flavor of the Frame Timing for measuring event
    loop duration.
    nodejs#14680

* tls:
  * multiple PFX in createSecureContext
    [#14793](nodejs#14793)

* Added new collaborators:
  * BridgeAR – Ruben Bridgewater

This applies parts of a10856a that are
relevant to N-API.

PR-URL: nodejs#15308
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment