Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

tls: make 'createSecureContext' honor more options. #33974

Closed
wants to merge 1 commit into from
Closed

tls: make 'createSecureContext' honor more options. #33974

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
5 changes: 5 additions & 0 deletions doc/api/tls.md
View file
Open in desktop
Expand Up @@ -1622,6 +1622,11 @@ changes:
**Default:** none, see `minVersion`.
* `sessionIdContext` {string} Opaque identifier used by servers to ensure
session state is not shared between applications. Unused by clients.
* `ticketKeys`: {Buffer} 48-bytes of cryptographically strong pseudo-random
data. See [Session Resumption][] for more information.
* `sessionTimeout` {number} The number of seconds after which a TLS session
created by the server will no longer be resumable. See
[Session Resumption][] for more information. **Default:** `300`.

[`tls.createServer()`][] sets the default value of the `honorCipherOrder` option
to `true`, other APIs that create secure contexts leave it unset.
Expand Down
8 changes: 8 additions & 0 deletions lib/_tls_common.js
View file
Open in desktop
Expand Up @@ -294,6 +294,14 @@ exports.createSecureContext = function createSecureContext(options) {
options.clientCertEngine);
}

if (options.ticketKeys) {
c.context.setTicketKeys(options.ticketKeys);
}

if (options.sessionTimeout) {
c.context.setSessionTimeout(options.sessionTimeout);
}

return c;
};

Expand Down
18 changes: 9 additions & 9 deletions lib/_tls_wrap.js
View file
Open in desktop
Expand Up @@ -1315,6 +1315,12 @@ Server.prototype.setSecureContext = function(options) {
.slice(0, 32);
}

if (options.sessionTimeout)
this.sessionTimeout = options.sessionTimeout;

if (options.ticketKeys)
this.ticketKeys = options.ticketKeys;

this._sharedCreds = tls.createSecureContext({
pfx: this.pfx,
key: this.key,
Expand All @@ -1332,16 +1338,10 @@ Server.prototype.setSecureContext = function(options) {
secureOptions: this.secureOptions,
honorCipherOrder: this.honorCipherOrder,
crl: this.crl,
sessionIdContext: this.sessionIdContext
sessionIdContext: this.sessionIdContext,
ticketKeys: this.ticketKeys,
sessionTimeout: this.sessionTimeout
});

if (this.sessionTimeout)
this._sharedCreds.context.setSessionTimeout(this.sessionTimeout);

if (options.ticketKeys) {
this.ticketKeys = options.ticketKeys;
this.setTicketKeys(this.ticketKeys);
}
};


Expand Down