Attachment #555902 for bug #670574

Lines 1043-1048 changes: Link Here

(-)a/doc/api/tls.md (+14 lines)
1043	pr-url: https://github.com/nodejs/node/pull/4099	1043	pr-url: https://github.com/nodejs/node/pull/4099
1044	description: The `ca` option can now be a single string containing multiple	1044	description: The `ca` option can now be a single string containing multiple
1045	CA certificates.	1045	CA certificates.
		1046	- version: XXX
		1047	pr-url: XXX
		1048	description: The `min_version` and `max_version` can be used to restrict
		1049	the allowed TLS protocol versions.
1046	-->	1050	-->
1047		1051
1048	* `options` {Object}	1052	* `options` {Object}
Lines 1103-1108 changes: Link Here
1103	passphrase: <string>]}`. The object form can only occur in an array.	1107	passphrase: <string>]}`. The object form can only occur in an array.
1104	`object.passphrase` is optional. Encrypted keys will be decrypted with	1108	`object.passphrase` is optional. Encrypted keys will be decrypted with
1105	`object.passphrase` if provided, or `options.passphrase` if it is not.	1109	`object.passphrase` if provided, or `options.passphrase` if it is not.
		1110	* `max_version`: Maximum TLS version to allow. One of `'TLSv1.3'`, `TLSv1.2'`,
		1111	`'TLSv1.1'`, or `'TLSv1'`. Optional, defaults to `'TLSv1.2'`. Note that
		1112	TLS1.3 is not currently supported, do not attempt to allow it. If
		1113	`secureProtocol` is used to select a specific protocol version,
		1114	`max_version` will be ignored.
		1115	* `min_version`: Minimum TLS version to allow. One of `'TLSv1.3'`, `TLSv1.2'`,
		1116	`'TLSv1.1'`, or `'TLSv1'`. Optional, defaults to `'TLSv1'`. Note that
		1117	TLS1.3 is not currently supported, do not attempt to allow it. If
		1118	`secureProtocol` is used to select a specific protocol version,
		1119	`min_version` will be ignored.
1106	* `passphrase` {string} Shared passphrase used for a single private key and/or	1120	* `passphrase` {string} Shared passphrase used for a single private key and/or
1107	a PFX.	1121	a PFX.
1108	* `pfx` {string\|string[]\|Buffer\|Buffer[]\|Object[]} PFX or PKCS12 encoded	1122	* `pfx` {string\|string[]\|Buffer\|Buffer[]\|Object[]} PFX or PKCS12 encoded




  ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED,
  ERR_INVALID_ARG_TYPE
} = require('internal/errors').codes;

const { SSL_OP_CIPHER_SERVER_PREFERENCE } = internalBinding('constants').crypto;

// Lazily loaded from internal/crypto/util.
let toBuf = null;


const { SecureContext: NativeSecureContext } = internalBinding('crypto');
function SecureContext(secureProtocol, secureOptions, context, min_version,
                       max_version) {
  if (!(this instanceof SecureContext)) {
    return new SecureContext(secureProtocol, secureOptions, context,
                             min_version, max_version);
  }

  if (context) {

    this.context = new NativeSecureContext();

    if (secureProtocol) {
      this.context.init(min_version, max_version, secureProtocol);
    } else {
      this.context.init(min_version, max_version);
    }
  }


  if (options.honorCipherOrder)
    secureOptions |= SSL_OP_CIPHER_SERVER_PREFERENCE;

  const c = new SecureContext(options.secureProtocol, secureOptions, context,
                              options.min_version || tls.DEFAULT_MIN_VERSION,
                              options.max_version || tls.DEFAULT_MAX_VERSION);
  var i;
  var val;


Lines 911-916 Server.prototype.setSecureContext = function(options) { Link Here

(-)a/lib/_tls_wrap.js (+14 lines)
911	else	911	else
912	this.ca = undefined;	912	this.ca = undefined;
913		913
		914	if (options.min_version)
		915	this.min_version = options.min_version;
		916	else
		917	this.min_version = undefined;
		918
		919	if (options.max_version)
		920	this.max_version = options.max_version;
		921	else
		922	this.max_version = undefined;
		923
914	if (options.secureProtocol)	924	if (options.secureProtocol)
915	this.secureProtocol = options.secureProtocol;	925	this.secureProtocol = options.secureProtocol;
916	else	926	else
Lines 967-972 Server.prototype.setSecureContext = function(options) { Link Here
967	ciphers: this.ciphers,	977	ciphers: this.ciphers,
968	ecdhCurve: this.ecdhCurve,	978	ecdhCurve: this.ecdhCurve,
969	dhparam: this.dhparam,	979	dhparam: this.dhparam,
		980	min_version: this.min_version,
		981	max_version: this.max_version,
970	secureProtocol: this.secureProtocol,	982	secureProtocol: this.secureProtocol,
971	secureOptions: this.secureOptions,	983	secureOptions: this.secureOptions,
972	honorCipherOrder: this.honorCipherOrder,	984	honorCipherOrder: this.honorCipherOrder,
Lines 1019-1024 Server.prototype.setOptions = function(options) { Link Here
1019	if (options.clientCertEngine)	1031	if (options.clientCertEngine)
1020	this.clientCertEngine = options.clientCertEngine;	1032	this.clientCertEngine = options.clientCertEngine;
1021	if (options.ca) this.ca = options.ca;	1033	if (options.ca) this.ca = options.ca;
		1034	if (options.min_version) this.min_version = options.min_version;
		1035	if (options.max_version) this.max_version = options.max_version;
1022	if (options.secureProtocol) this.secureProtocol = options.secureProtocol;	1036	if (options.secureProtocol) this.secureProtocol = options.secureProtocol;
1023	if (options.crl) this.crl = options.crl;	1037	if (options.crl) this.crl = options.crl;
1024	if (options.ciphers) this.ciphers = options.ciphers;	1038	if (options.ciphers) this.ciphers = options.ciphers;

Lines 186-191 Agent.prototype.getName = function getName(options) { Link Here

(-)a/lib/https.js (+8 lines)
186	if (options.servername && options.servername !== options.host)	186	if (options.servername && options.servername !== options.host)
187	name += options.servername;	187	name += options.servername;
188		188
		189	name += ':';
		190	if (options.min_version)
		191	name += options.min_version;
		192
		193	name += ':';
		194	if (options.max_version)
		195	name += options.max_version;
		196
189	name += ':';	197	name += ':';
190	if (options.secureProtocol)	198	if (options.secureProtocol)
191	name += options.secureProtocol;	199	name += options.secureProtocol;

Lines 53-58 exports.DEFAULT_CIPHERS = Link Here

(-)a/lib/tls.js (+7 lines)
53		53
54	exports.DEFAULT_ECDH_CURVE = 'auto';	54	exports.DEFAULT_ECDH_CURVE = 'auto';
55		55
		56	// Disable TLS1.3 by default. The only reason for enabling it for now is to work
		57	// on fixing cipher suite incompatibilities with TLS1.2 that prevent node from
		58	// working with TLS1.3 in OpenSSL 1.1.1.
		59	exports.DEFAULT_MAX_VERSION = 'TLSv1.2';
		60
		61	exports.DEFAULT_MIN_VERSION = 'TLSv1';
		62
56	exports.getCiphers = internalUtil.cachedResult(	63	exports.getCiphers = internalUtil.cachedResult(
57	() => internalUtil.filterDuplicateStrings(binding.getSSLCiphers(), true)	64	() => internalUtil.filterDuplicateStrings(binding.getSSLCiphers(), true)
58	);	65	);




}


int string_to_tls_protocol(const char* version_str) {
  int version;

  if (strcmp(version_str, "TLSv1.3") == 0) {
    version = TLS1_3_VERSION;
  } else if (strcmp(version_str, "TLSv1.2") == 0) {
    version = TLS1_2_VERSION;
  } else if (strcmp(version_str, "TLSv1.1") == 0) {
    version = TLS1_1_VERSION;
  } else if (strcmp(version_str, "TLSv1") == 0) {
    version = TLS1_VERSION;
  } else {
    version = 0;
  }
  return version;
}


void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
  SecureContext* sc;
  ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());


  int min_version = 0;
  int max_version = 0;

  if (args[0]->IsString()) {
    const node::Utf8Value min(env->isolate(), args[0]);
    min_version = string_to_tls_protocol(*min);
  }

  if (args[1]->IsString()) {
    const node::Utf8Value max(env->isolate(), args[1]);
    max_version = string_to_tls_protocol(*max);
  }

  const SSL_METHOD* method = TLS_method();

  if (args.Length() == 3 && args[2]->IsString()) {
    const node::Utf8Value sslmethod(env->isolate(), args[2]);

    // Note that SSLv2 and SSLv3 are disallowed but SSLv23_method and friends
    // are still accepted.  They are OpenSSL's way of saying that all known

Lines 222-228 void TLSWrap::SSLInfoCallback(const SSL* ssl_, int where, int ret) { Link Here

(-)a/src/tls_wrap.cc (-1 / +4 lines)
222	}	222	}
223	}	223	}
224		224
225	if (where & SSL_CB_HANDSHAKE_DONE) {	225	// SSL_CB_HANDSHAKE_START and SSL_CB_HANDSHAKE_DONE are called
		226	// sending HelloRequest in OpenSSL-1.1.1.
		227	// We need to check whether this is in a renegotiation state or not.
		228	if (where & SSL_CB_HANDSHAKE_DONE && !SSL_renegotiate_pending(ssl)) {
226	Local<Value> callback;	229	Local<Value> callback;
227		230
228	c->established_ = true;	231	c->established_ = true;

Lines 12-18 const agent = new https.Agent(); Link Here

(-)a/test/parallel/test-https-agent-getname.js (-2 / +2 lines)
12	// empty options	12	// empty options
13	assert.strictEqual(	13	assert.strictEqual(
14	agent.getName({}),	14	agent.getName({}),
15	'localhost:::::::::::::::::'	15	'localhost:::::::::::::::::::'
16	);	16	);
17		17
18	// pass all options arguments	18	// pass all options arguments
Lines 39-43 const options = { Link Here
39	assert.strictEqual(	39	assert.strictEqual(
40	agent.getName(options),	40	agent.getName(options),
41	'0.0.0.0:443:192.168.1.1:ca:cert::ciphers:key:pfx:false:localhost:' +	41	'0.0.0.0:443:192.168.1.1:ca:cert::ciphers:key:pfx:false:localhost:' +
42	'secureProtocol:c,r,l:false:ecdhCurve:dhparam:0:sessionIdContext'	42	'::secureProtocol:c,r,l:false:ecdhCurve:dhparam:0:sessionIdContext'
43	);	43	);




  rejectUnauthorized: true
}, function(c) {
}).listen(0, common.mustCall(function() {
  const client = tls.connect({
    port: this.address().port,
    ciphers: 'RC4'
  }, common.mustNotCall());
  client.on('error', common.mustCall((err) => {
    assert(/No ciphers/.test(err.message));
    server.close();
  }));
}));




'use strict';
const common = require('../common');

if (!common.hasCrypto)
  common.skip('missing crypto');

const assert = require('assert');
const tls = require('tls');
const fixtures = require('../common/fixtures');

{
  const options = {
    key: fixtures.readKey('agent2-key.pem'),
    cert: fixtures.readKey('agent2-cert.pem'),
    ciphers: 'aes256-sha'
  };
  assert.throws(() => tls.createServer(options, common.mustNotCall()),
                /no cipher match/i);
  options.ciphers = 'FOOBARBAZ';
  assert.throws(() => tls.createServer(options, common.mustNotCall()),
                /no cipher match/i);
}




  const cert = fixtures.readSync('test_cert.pem');
  const key = fixtures.readSync('test_key.pem');

  const client = tls.connect({
    cert: cert,
    key: key,
    port: common.PORT,
    ciphers: 'rick-128-roll'
  }, common.mustNotCall());
  client.on('error', common.mustCall((err) => {
    assert.strictEqual(err.code, 'ECONNREFUSED');
  }));
}

Return to bug 670574

Lines 391-396 void SecureContext::New(const FunctionCallbackInfo<Value>& args) { Link Here

(-)a/src/node_crypto.cc (-2 / +31 lines)
391	}	391	}
392		392
393		393
		394	int string_to_tls_protocol(const char* version_str) {
		395	int version;
		396
		397	if (strcmp(version_str, "TLSv1.3") == 0) {
		398	version = TLS1_3_VERSION;
		399	} else if (strcmp(version_str, "TLSv1.2") == 0) {
		400	version = TLS1_2_VERSION;
		401	} else if (strcmp(version_str, "TLSv1.1") == 0) {
		402	version = TLS1_1_VERSION;
		403	} else if (strcmp(version_str, "TLSv1") == 0) {
		404	version = TLS1_VERSION;
		405	} else {
		406	version = 0;
		407	}
		408	return version;
		409	}
		410
		411
394	void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {	412	void SecureContext::Init(const FunctionCallbackInfo<Value>& args) {
395	SecureContext* sc;	413	SecureContext* sc;
396	ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());	414	ASSIGN_OR_RETURN_UNWRAP(&sc, args.Holder());
Lines 398-407 void SecureContext::Init(const FunctionCallbackInfo<Value>& args) { Link Here
398		416
399	int min_version = 0;	417	int min_version = 0;
400	int max_version = 0;	418	int max_version = 0;
		419
		420	if (args[0]->IsString()) {
		421	const node::Utf8Value min(env->isolate(), args[0]);
		422	min_version = string_to_tls_protocol(*min);
		423	}
		424
		425	if (args[1]->IsString()) {
		426	const node::Utf8Value max(env->isolate(), args[1]);
		427	max_version = string_to_tls_protocol(*max);
		428	}
		429
401	const SSL_METHOD* method = TLS_method();	430	const SSL_METHOD* method = TLS_method();
402		431
403	if (args.Length() == 1 && args[0]->IsString()) {	432	if (args.Length() == 3 && args[2]->IsString()) {
404	const node::Utf8Value sslmethod(env->isolate(), args[0]);	433	const node::Utf8Value sslmethod(env->isolate(), args[2]);
405		434
406	// Note that SSLv2 and SSLv3 are disallowed but SSLv23_method and friends	435	// Note that SSLv2 and SSLv3 are disallowed but SSLv23_method and friends
407	// are still accepted. They are OpenSSL's way of saying that all known	436	// are still accepted. They are OpenSSL's way of saying that all known

Lines 28-43 const { Link Here

(-)a/lib/_tls_common.js (-6 / +10 lines)
28	ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED,	28	ERR_CRYPTO_CUSTOM_ENGINE_NOT_SUPPORTED,
29	ERR_INVALID_ARG_TYPE	29	ERR_INVALID_ARG_TYPE
30	} = require('internal/errors').codes;	30	} = require('internal/errors').codes;
31
32	const { SSL_OP_CIPHER_SERVER_PREFERENCE } = internalBinding('constants').crypto;	31	const { SSL_OP_CIPHER_SERVER_PREFERENCE } = internalBinding('constants').crypto;
33		32
34	// Lazily loaded from internal/crypto/util.	33	// Lazily loaded from internal/crypto/util.
35	let toBuf = null;	34	let toBuf = null;
36		35
		36
37	const { SecureContext: NativeSecureContext } = internalBinding('crypto');	37	const { SecureContext: NativeSecureContext } = internalBinding('crypto');
38	function SecureContext(secureProtocol, secureOptions, context) {	38	function SecureContext(secureProtocol, secureOptions, context, min_version,
		39	max_version) {
39	if (!(this instanceof SecureContext)) {	40	if (!(this instanceof SecureContext)) {
40	return new SecureContext(secureProtocol, secureOptions, context);	41	return new SecureContext(secureProtocol, secureOptions, context,
		42	min_version, max_version);
41	}	43	}
42		44
43	if (context) {	45	if (context) {
Lines 46-54 function SecureContext(secureProtocol, secureOptions, context) { Link Here
46	this.context = new NativeSecureContext();	48	this.context = new NativeSecureContext();
47		49
48	if (secureProtocol) {	50	if (secureProtocol) {
49	this.context.init(secureProtocol);	51	this.context.init(min_version, max_version, secureProtocol);
50	} else {	52	} else {
51	this.context.init();	53	this.context.init(min_version, max_version);
52	}	54	}
53	}	55	}
54		56
Lines 75-81 exports.createSecureContext = function createSecureContext(options, context) { Link Here
75	if (options.honorCipherOrder)	77	if (options.honorCipherOrder)
76	secureOptions \|= SSL_OP_CIPHER_SERVER_PREFERENCE;	78	secureOptions \|= SSL_OP_CIPHER_SERVER_PREFERENCE;
77		79
78	const c = new SecureContext(options.secureProtocol, secureOptions, context);	80	const c = new SecureContext(options.secureProtocol, secureOptions, context,
		81	options.min_version \|\| tls.DEFAULT_MIN_VERSION,
		82	options.max_version \|\| tls.DEFAULT_MAX_VERSION);
79	var i;	83	var i;
80	var val;	84	var val;
81		85

Lines 16-27 const server = tls.createServer({ Link Here

(-)a/test/parallel/test-tls-handshake-error.js (-8 / +8 lines)
16	rejectUnauthorized: true	16	rejectUnauthorized: true
17	}, function(c) {	17	}, function(c) {
18	}).listen(0, common.mustCall(function() {	18	}).listen(0, common.mustCall(function() {
19	assert.throws(() => {	19	const client = tls.connect({
20	tls.connect({	20	port: this.address().port,
21	port: this.address().port,	21	ciphers: 'RC4'
22	ciphers: 'RC4'	22	}, common.mustNotCall());
23	}, common.mustNotCall());	23	client.on('error', common.mustCall((err) => {
24	}, /no cipher match/i);	24	assert(/No ciphers/.test(err.message));
25		25	server.close();
26	server.close();	26	}));
27	}));	27	}));

Lines 1-22 Link Here

(-)a/test/parallel/test-tls-set-ciphers-error.js (-22 lines)
1	'use strict';
2	const common = require('../common');
3
4	if (!common.hasCrypto)
5	common.skip('missing crypto');
6
7	const assert = require('assert');
8	const tls = require('tls');
9	const fixtures = require('../common/fixtures');
10
11	{
12	const options = {
13	key: fixtures.readKey('agent2-key.pem'),
14	cert: fixtures.readKey('agent2-cert.pem'),
15	ciphers: 'aes256-sha'
16	};
17	assert.throws(() => tls.createServer(options, common.mustNotCall()),
18	/no cipher match/i);
19	options.ciphers = 'FOOBARBAZ';
20	assert.throws(() => tls.createServer(options, common.mustNotCall()),
21	/no cipher match/i);
22	}

Lines 50-61 const tls = require('tls'); Link Here

(-)a/test/sequential/test-tls-connect.js (-8 / +9 lines)
50	const cert = fixtures.readSync('test_cert.pem');	50	const cert = fixtures.readSync('test_cert.pem');
51	const key = fixtures.readSync('test_key.pem');	51	const key = fixtures.readSync('test_key.pem');
52		52
53	assert.throws(() => {	53	const client = tls.connect({
54	tls.connect({	54	cert: cert,
55	cert: cert,	55	key: key,
56	key: key,	56	port: common.PORT,
57	port: common.PORT,	57	ciphers: 'rick-128-roll'
58	ciphers: 'rick-128-roll'	58	}, common.mustNotCall());
59	}, common.mustNotCall());	59	client.on('error', common.mustCall((err) => {
60	}, /no cipher match/i);	60	assert.strictEqual(err.code, 'ECONNREFUSED');
		61	}));
61	}	62	}