New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: introduce `secureContext` for `tls.connect` #4246

Closed
wants to merge 1 commit into
base: master
from

Conversation

Projects
None yet
5 participants
@indutny
Member

indutny commented Dec 11, 2015

Add secureContext option to tls.connect. It is useful for caching
client certificates, key, and CA certificates.

cc @nodejs/crypto

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.
@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Dec 11, 2015

Member

the next step would probably be adding secureContext caching to https.Agent

Member

indutny commented Dec 11, 2015

the next step would probably be adding secureContext caching to https.Agent

@jasnell

This comment has been minimized.

Show comment
Hide comment
@jasnell

jasnell Dec 11, 2015

Member

LGTM

Member

jasnell commented Dec 11, 2015

LGTM

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Dec 12, 2015

Member

Thank you!

Member

indutny commented Dec 12, 2015

Thank you!

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Dec 12, 2015

Member

Landed in c5b4f6b, thanks again!

Member

indutny commented Dec 12, 2015

Landed in c5b4f6b, thanks again!

@indutny indutny closed this Dec 12, 2015

@indutny indutny deleted the indutny:feature/tls-connect-secure-context branch Dec 12, 2015

indutny added a commit that referenced this pull request Dec 12, 2015

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.

PR-URL: #4246
Reviewed-By: James M Snell <jasnell@gmail.com>
@tlivings

This comment has been minimized.

Show comment
Hide comment
@tlivings

tlivings Dec 12, 2015

Contributor

This is so exciting.

Contributor

tlivings commented Dec 12, 2015

This is so exciting.

indutny added a commit that referenced this pull request Dec 15, 2015

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.

PR-URL: #4246
Reviewed-By: James M Snell <jasnell@gmail.com>

AdriVanHoudt added a commit to AdriVanHoudt/node that referenced this pull request Dec 17, 2015

jasnell added a commit that referenced this pull request Dec 24, 2015

doc: improve grammar in tls docs
Fix: #4246
PR-URL: #4315
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>

Fishrock123 added a commit to Fishrock123/node that referenced this pull request Jan 6, 2016

doc: improve grammar in tls docs
Fix: nodejs#4246
PR-URL: nodejs#4315
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>

scovetta pushed a commit to scovetta/node that referenced this pull request Apr 2, 2016

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.

PR-URL: nodejs#4246
Reviewed-By: James M Snell <jasnell@gmail.com>

scovetta pushed a commit to scovetta/node that referenced this pull request Apr 2, 2016

doc: improve grammar in tls docs
Fix: nodejs#4246
PR-URL: nodejs#4315
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Fedor Indutny <fedor@indutny.com>
@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Sep 27, 2016

Member

@thealphanerd can we backport it to v4? Or is it too late?

Member

indutny commented Sep 27, 2016

@thealphanerd can we backport it to v4? Or is it too late?

@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins Sep 27, 2016

Member

@indutny I've added this to the LTS agenda and we can discuss having this added in a future minor release of v4. It will be important to collect some information about why this is important to be in v4

Member

MylesBorins commented Sep 27, 2016

@indutny I've added this to the LTS agenda and we can discuss having this added in a future minor release of v4. It will be important to collect some information about why this is important to be in v4

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Sep 27, 2016

Member

Thanks!

Member

indutny commented Sep 27, 2016

Thanks!

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Sep 27, 2016

Member

@thealphanerd this is pretty important for PayPal, since it will save tons of CPU and memory.

Member

indutny commented Sep 27, 2016

@thealphanerd this is pretty important for PayPal, since it will save tons of CPU and memory.

@tlivings

This comment has been minimized.

Show comment
Hide comment
@tlivings

tlivings Sep 27, 2016

Contributor

Yes - we will be on node 4 for at least 6 more months and TLS performance is critical.

Contributor

tlivings commented Sep 27, 2016

Yes - we will be on node 4 for at least 6 more months and TLS performance is critical.

@ChALkeR

This comment has been minimized.

Show comment
Hide comment
@ChALkeR

ChALkeR Sep 27, 2016

Member

Looks like a clean and purely additive change to me, so +1 for backporting in the next semver-minor if that feature is wanted in v4.x.

Member

ChALkeR commented Sep 27, 2016

Looks like a clean and purely additive change to me, so +1 for backporting in the next semver-minor if that feature is wanted in v4.x.

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Sep 27, 2016

Member

+1 from me, if it matters 💃

Member

indutny commented Sep 27, 2016

+1 from me, if it matters 💃

@MylesBorins

This comment has been minimized.

Show comment
Hide comment
@MylesBorins

MylesBorins Oct 3, 2016

Member

the LTS working group has discussed this change and agreed to land it in an upcoming v4.x release

@indutny do you want to take the lead on the backport?

Member

MylesBorins commented Oct 3, 2016

the LTS working group has discussed this change and agreed to land it in an upcoming v4.x release

@indutny do you want to take the lead on the backport?

@indutny

This comment has been minimized.

Show comment
Hide comment
@indutny

indutny Oct 4, 2016

Member

@thealphanerd absolutely, should I open PR for v4.x-staging?

Member

indutny commented Oct 4, 2016

@thealphanerd absolutely, should I open PR for v4.x-staging?

@indutny indutny referenced this pull request Oct 6, 2016

Closed

tls: introduce `secureContext` for `tls.connect` #8959

4 of 4 tasks complete

@MylesBorins MylesBorins added this to the v4.7.0 milestone Oct 24, 2016

indutny added a commit to indutny/io.js that referenced this pull request Oct 24, 2016

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.

PR-URL: nodejs#4246
Reviewed-By: James M Snell <jasnell@gmail.com>

indutny added a commit that referenced this pull request Oct 27, 2016

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.

PR-URL: #4246
Reviewed-By: James M Snell <jasnell@gmail.com>

MylesBorins added a commit that referenced this pull request Nov 8, 2016

tls: introduce `secureContext` for `tls.connect`
Add `secureContext` option to `tls.connect`. It is useful for caching
client certificates, key, and CA certificates.

PR-URL: #4246
Reviewed-By: James M Snell <jasnell@gmail.com>

@MylesBorins MylesBorins removed this from the 4.7.0 milestone Nov 14, 2016

@MylesBorins MylesBorins referenced this pull request Nov 22, 2016

Merged

v4.7.0 proposal #9736

MylesBorins added a commit that referenced this pull request Dec 6, 2016

2016-12-06, Version 4.7.0 'Argon' (LTS)
This LTS release comes with 108 commits. This includes 30 which are doc
related, 28 which are test related, 16 which are build / tool related,
and 4 commits which are updates to dependencies.

Notable Changes:

The SEMVER-MINOR changes include:

* build:
  - export openssl symbols on Windows making it possible to build
    addons linked against the bundled version of openssl (Alex Hultman)
    #7576
* debugger:
  - make listen address configurable in the debugger server
    (Ben Noordhuis) #3316
* dgram:
  - generalized send queue to handle close fixing a potential throw
    when dgram socket is closed in the listening event handler.
    (Matteo Collina) #7066
* http:
  - Introduce the 451 status code "Unavailable For Legal Reasons"
    (Max Barinov) #4377
* tls:
  - introduce `secureContext` for `tls.connect` which is useful for
    caching client certificates, key, and CA certificates.
    (Fedor Indutny) #4246

Notable SEMVER-PATCH changes include:

* build:
  - introduce the configure --shared option for embedders (sxa555)
    #6994
* gtest:
  - the test reporter now outputs tap comments as yamlish
    (Johan Bergström) #9262
* src:
  - node no longer aborts when c-ares initialization fails
    (Ben Noordhuis) #8710
* tls:
  - fix memory leak when writing data to TLSWrap instance during
    handshake (Fedor Indutny)
    #9586

PR-URL: #9736

MylesBorins added a commit that referenced this pull request Dec 6, 2016

2016-12-06, Version 4.7.0 'Argon' (LTS)
This LTS release comes with 108 commits. This includes 30 which are doc
related, 28 which are test related, 16 which are build / tool related,
and 4 commits which are updates to dependencies.

Notable Changes:

The SEMVER-MINOR changes include:

* build:
  - export openssl symbols on Windows making it possible to build
    addons linked against the bundled version of openssl (Alex Hultman)
    #7576
* debugger:
  - make listen address configurable in the debugger server
    (Ben Noordhuis) #3316
* dgram:
  - generalized send queue to handle close fixing a potential throw
    when dgram socket is closed in the listening event handler.
    (Matteo Collina) #7066
* http:
  - Introduce the 451 status code "Unavailable For Legal Reasons"
    (Max Barinov) #4377
* tls:
  - introduce `secureContext` for `tls.connect` which is useful for
    caching client certificates, key, and CA certificates.
    (Fedor Indutny) #4246

Notable SEMVER-PATCH changes include:

* build:
  - introduce the configure --shared option for embedders (sxa555)
    #6994
* gtest:
  - the test reporter now outputs tap comments as yamlish
    (Johan Bergström) #9262
* src:
  - node no longer aborts when c-ares initialization fails
    (Ben Noordhuis) #8710
* tls:
  - fix memory leak when writing data to TLSWrap instance during
    handshake (Fedor Indutny)
    #9586

PR-URL: #9736

MylesBorins added a commit that referenced this pull request Dec 6, 2016

2016-12-06, Version 4.7.0 'Argon' (LTS)
This LTS release comes with 108 commits. This includes 30 which are doc
related, 28 which are test related, 16 which are build / tool related,
and 4 commits which are updates to dependencies.

Notable Changes:

The SEMVER-MINOR changes include:

* build:
  - export openssl symbols on Windows making it possible to build
    addons linked against the bundled version of openssl (Alex Hultman)
    #7576
* debugger:
  - make listen address configurable in the debugger server
    (Ben Noordhuis) #3316
* dgram:
  - generalized send queue to handle close fixing a potential throw
    when dgram socket is closed in the listening event handler.
    (Matteo Collina) #7066
* http:
  - Introduce the 451 status code "Unavailable For Legal Reasons"
    (Max Barinov) #4377
* tls:
  - introduce `secureContext` for `tls.connect` which is useful for
    caching client certificates, key, and CA certificates.
    (Fedor Indutny) #4246

Notable SEMVER-PATCH changes include:

* build:
  - introduce the configure --shared option for embedders (sxa555)
    #6994
* gtest:
  - the test reporter now outputs tap comments as yamlish
    (Johan Bergström) #9262
* src:
  - node no longer aborts when c-ares initialization fails
    (Ben Noordhuis) #8710
* tls:
  - fix memory leak when writing data to TLSWrap instance during
    handshake (Fedor Indutny)
    #9586

PR-URL: #9736

imyller added a commit to imyller/meta-nodejs that referenced this pull request Dec 7, 2016

2016-12-06, Version 4.7.0 'Argon' (LTS)
    This LTS release comes with 108 commits. This includes 30 which are doc
    related, 28 which are test related, 16 which are build / tool related,
    and 4 commits which are updates to dependencies.

    Notable Changes:

    The SEMVER-MINOR changes include:

    * build:
      - export openssl symbols on Windows making it possible to build
        addons linked against the bundled version of openssl (Alex Hultman)
        nodejs/node#7576
    * debugger:
      - make listen address configurable in the debugger server
        (Ben Noordhuis) nodejs/node#3316
    * dgram:
      - generalized send queue to handle close fixing a potential throw
        when dgram socket is closed in the listening event handler.
        (Matteo Collina) nodejs/node#7066
    * http:
      - Introduce the 451 status code "Unavailable For Legal Reasons"
        (Max Barinov) nodejs/node#4377
    * tls:
      - introduce `secureContext` for `tls.connect` which is useful for
        caching client certificates, key, and CA certificates.
        (Fedor Indutny) nodejs/node#4246

    Notable SEMVER-PATCH changes include:

    * build:
      - introduce the configure --shared option for embedders (sxa555)
        nodejs/node#6994
    * gtest:
      - the test reporter now outputs tap comments as yamlish
        (Johan Bergstrom) nodejs/node#9262
    * src:
      - node no longer aborts when c-ares initialization fails
        (Ben Noordhuis) nodejs/node#8710
    * tls:
      - fix memory leak when writing data to TLSWrap instance during
        handshake (Fedor Indutny)
        nodejs/node#9586

    PR-URL: nodejs/node#9736

Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>

imyller added a commit to imyller/meta-nodejs that referenced this pull request Dec 7, 2016

2016-12-06, Version 4.7.0 'Argon' (LTS)
    This LTS release comes with 108 commits. This includes 30 which are doc
    related, 28 which are test related, 16 which are build / tool related,
    and 4 commits which are updates to dependencies.

    Notable Changes:

    The SEMVER-MINOR changes include:

    * build:
      - export openssl symbols on Windows making it possible to build
        addons linked against the bundled version of openssl (Alex Hultman)
        nodejs/node#7576
    * debugger:
      - make listen address configurable in the debugger server
        (Ben Noordhuis) nodejs/node#3316
    * dgram:
      - generalized send queue to handle close fixing a potential throw
        when dgram socket is closed in the listening event handler.
        (Matteo Collina) nodejs/node#7066
    * http:
      - Introduce the 451 status code "Unavailable For Legal Reasons"
        (Max Barinov) nodejs/node#4377
    * tls:
      - introduce `secureContext` for `tls.connect` which is useful for
        caching client certificates, key, and CA certificates.
        (Fedor Indutny) nodejs/node#4246

    Notable SEMVER-PATCH changes include:

    * build:
      - introduce the configure --shared option for embedders (sxa555)
        nodejs/node#6994
    * gtest:
      - the test reporter now outputs tap comments as yamlish
        (Johan Bergstrom) nodejs/node#9262
    * src:
      - node no longer aborts when c-ares initialization fails
        (Ben Noordhuis) nodejs/node#8710
    * tls:
      - fix memory leak when writing data to TLSWrap instance during
        handshake (Fedor Indutny)
        nodejs/node#9586

    PR-URL: nodejs/node#9736

Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment