diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/node.cc | 7 | ||||
| -rw-r--r-- | src/node_constants.cc | 16 | ||||
| -rw-r--r-- | src/node_constants.h | 29 | ||||
| -rw-r--r-- | src/node_internals.h | 16 |
4 files changed, 68 insertions, 0 deletions
diff --git a/src/node.cc b/src/node.cc index ad9184e53c..a8723dc095 100644 --- a/src/node.cc +++ b/src/node.cc @@ -3111,6 +3111,9 @@ static void PrintHelp() { " --track-heap-objects track heap object allocations for heap " "snapshots\n" " --v8-options print v8 command line options\n" +#if HAVE_OPENSSL + " --tls-cipher-list=val use an alternative default TLS cipher list\n" +#endif #if defined(NODE_HAVE_I18N_SUPPORT) " --icu-data-dir=dir set ICU data load path to dir\n" " (overrides NODE_ICU_DATA)\n" @@ -3242,6 +3245,10 @@ static void ParseArgs(int* argc, } else if (strcmp(arg, "--v8-options") == 0) { new_v8_argv[new_v8_argc] = "--help"; new_v8_argc += 1; +#if HAVE_OPENSSL + } else if (strncmp(arg, "--tls-cipher-list=", 18) == 0) { + default_cipher_list = arg + 18; +#endif #if defined(NODE_HAVE_I18N_SUPPORT) } else if (strncmp(arg, "--icu-data-dir=", 15) == 0) { icu_data_dir = arg + 15; diff --git a/src/node_constants.cc b/src/node_constants.cc index ce715a3246..59dd11113e 100644 --- a/src/node_constants.cc +++ b/src/node_constants.cc @@ -24,6 +24,10 @@ namespace node { using v8::Handle; using v8::Object; +#if HAVE_OPENSSL +const char* default_cipher_list = DEFAULT_CIPHER_LIST_CORE; +#endif + void DefineErrnoConstants(Handle<Object> target) { #ifdef E2BIG NODE_DEFINE_CONSTANT(target, E2BIG); @@ -1108,6 +1112,17 @@ void DefineUVConstants(Handle<Object> target) { NODE_DEFINE_CONSTANT(target, UV_UDP_REUSEADDR); } +void DefineCryptoConstants(Handle<Object> target) { +#if HAVE_OPENSSL + NODE_DEFINE_STRING_CONSTANT(target, + "defaultCoreCipherList", + DEFAULT_CIPHER_LIST_CORE); + NODE_DEFINE_STRING_CONSTANT(target, + "defaultCipherList", + default_cipher_list); +#endif +} + void DefineConstants(Handle<Object> target) { DefineErrnoConstants(target); DefineWindowsErrorConstants(target); @@ -1115,6 +1130,7 @@ void DefineConstants(Handle<Object> target) { DefineOpenSSLConstants(target); DefineSystemConstants(target); DefineUVConstants(target); + DefineCryptoConstants(target); } } // namespace node diff --git a/src/node_constants.h b/src/node_constants.h index 8493d4d13b..45c991022e 100644 --- a/src/node_constants.h +++ b/src/node_constants.h @@ -4,7 +4,36 @@ #include "node.h" #include "v8.h" +#if HAVE_OPENSSL +#define DEFAULT_CIPHER_LIST_CORE "ECDHE-RSA-AES128-GCM-SHA256:" \ + "ECDHE-ECDSA-AES128-GCM-SHA256:" \ + "ECDHE-RSA-AES256-GCM-SHA384:" \ + "ECDHE-ECDSA-AES256-GCM-SHA384:" \ + "DHE-RSA-AES128-GCM-SHA256:" \ + "ECDHE-RSA-AES128-SHA256:" \ + "DHE-RSA-AES128-SHA256:" \ + "ECDHE-RSA-AES256-SHA384:" \ + "DHE-RSA-AES256-SHA384:" \ + "ECDHE-RSA-AES256-SHA256:" \ + "DHE-RSA-AES256-SHA256:" \ + "HIGH:" \ + "!aNULL:" \ + "!eNULL:" \ + "!EXPORT:" \ + "!DES:" \ + "!RC4:" \ + "!MD5:" \ + "!PSK:" \ + "!SRP:" \ + "!CAMELLIA" +#endif + namespace node { + +#if HAVE_OPENSSL +extern const char* default_cipher_list; +#endif + void DefineConstants(v8::Handle<v8::Object> target); } // namespace node diff --git a/src/node_internals.h b/src/node_internals.h index c68b7155b0..8f35433b2f 100644 --- a/src/node_internals.h +++ b/src/node_internals.h @@ -12,6 +12,22 @@ struct sockaddr; +// Variation on NODE_DEFINE_CONSTANT that sets a String value. +#define NODE_DEFINE_STRING_CONSTANT(target, name, constant) \ + do { \ + v8::Isolate* isolate = target->GetIsolate(); \ + v8::Local<v8::String> constant_name = \ + v8::String::NewFromUtf8(isolate, name); \ + v8::Local<v8::String> constant_value = \ + v8::String::NewFromUtf8(isolate, constant); \ + v8::PropertyAttribute constant_attributes = \ + static_cast<v8::PropertyAttribute>(v8::ReadOnly | v8::DontDelete); \ + target->ForceSet(isolate->GetCurrentContext(), \ + constant_name, \ + constant_value, \ + constant_attributes); \ + } while (0) + namespace node { // Forward declaration |