diff options
| author | Sam Roberts <vieuxtech@gmail.com> | 2019-02-13 14:54:07 -0800 |
|---|---|---|
| committer | Michaƫl Zasso <targos@protonmail.com> | 2019-04-30 08:17:33 +0200 |
| commit | 30a72e8c7bbeb3f9b546978aa350cb17899f83a1 (patch) | |
| tree | 2745481ffa2f534f9d348ad800a224bf3002c63c /lib/_tls_wrap.js | |
| parent | 230a773e32d0269ad809be0a2418cae6a40be373 (diff) | |
| download | android-node-v8-30a72e8c7bbeb3f9b546978aa350cb17899f83a1.tar.gz android-node-v8-30a72e8c7bbeb3f9b546978aa350cb17899f83a1.tar.bz2 android-node-v8-30a72e8c7bbeb3f9b546978aa350cb17899f83a1.zip | |
tls: allow enabling the TLS debug trace
Enable the same trace output that the OpenSSL s_client and s_server
support with their `-trace` option. This is invaluable when debugging
reports of TLS bugs as well as when debugging the internal TLS
implementation.
See:
- https://github.com/nodejs/node/issues/25383
- https://github.com/nodejs/node/issues/17936
- https://github.com/postmanlabs/postman-app-support/issues/5918#issuecomment-465311423
PR-URL: https://github.com/nodejs/node/pull/27376
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Diffstat (limited to 'lib/_tls_wrap.js')
| -rw-r--r-- | lib/_tls_wrap.js | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index 0b844e6a82..b999c73329 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -63,6 +63,7 @@ const kErrorEmitted = Symbol('error-emitted'); const kHandshakeTimeout = Symbol('handshake-timeout'); const kRes = Symbol('res'); const kSNICallback = Symbol('snicallback'); +const kEnableTrace = Symbol('enableTrace'); const noop = () => {}; @@ -811,6 +812,7 @@ function makeSocketMethodProxy(name) { 'getSession', 'getTLSTicket', 'isSessionReused', + 'enableTrace', ].forEach((method) => { TLSSocket.prototype[method] = makeSocketMethodProxy(method); }); @@ -872,6 +874,8 @@ function tlsConnectionListener(rawSocket) { ALPNProtocols: this.ALPNProtocols, SNICallback: this[kSNICallback] || SNICallback }); + if (this[kEnableTrace] && socket._handle) + socket._handle.enableTrace(); socket.on('secure', onServerSocketSecure); @@ -992,6 +996,15 @@ function Server(options, listener) { if (listener) { this.on('secureConnection', listener); } + + const enableTrace = options.enableTrace; + if (enableTrace === true) + this[kEnableTrace] = true; + else if (enableTrace === false || enableTrace == null) + ; // Tracing explicitly disabled, or defaulting to disabled. + else + throw new ERR_INVALID_ARG_TYPE( + 'options.enableTrace', 'boolean', enableTrace); } Object.setPrototypeOf(Server.prototype, net.Server.prototype); |