tls: allow obvious key/passphrase combinations by sam-github · Pull Request #10294 · nodejs/node

sam-github · 2016-12-15T22:26:59Z

Checklist

make -j4 test (UNIX), or vcbuild test nosign (Windows) passes
tests and/or benchmarks are included
documentation is changed or added
commit message follows commit guidelines

Affected core subsystem(s)

tls

Description of change

Passphrase is now used whether keys are provided singly, in an array of
string/buffer, or an array of object, where it used to be ignored in
some argument combinations. Specifically, these now work as expected:

key: [encryptedPem],
passphrase: 'passphrase'

and

key: [{pem: encryptedPem}]
passphrase: 'passphrase'

and

key: [{pem: unencryptedPem}]

mscdex · 2016-12-15T23:01:19Z

CI: https://ci.nodejs.org/job/node-test-pull-request/5425/

Fishrock123 · 2016-12-16T14:58:46Z

Sounds like a feature add?

sam-github · 2016-12-16T18:17:45Z

/to @shigeki @indutny @bnoordhuis @silverwind @mscdex @silverwind

Yes, its semver-minor, I forgot the label.

Why does the nodejs-github-bot say not to land it on 7.x?

sam-github · 2016-12-16T18:22:44Z

I was told the dont-land label is just a bug in the bot, I removed it.

Fishrock123 · 2016-12-16T18:35:02Z

This doesn't land cleanly on v7.x. That is why the bot labeled it.

indutny

LGTM

bnoordhuis

LGTM with a comment.

bnoordhuis · 2016-12-19T12:00:26Z

test/parallel/test-tls-passphrase.js

Duplicate of the preceding test?

good catch, thank you.

Passphrase is now used whether keys are provided singly, in an array of string/buffer, or an array of object, where it used to be ignored in some argument combinations. Specifically, these now work as expected: key: [encryptedPem], passphrase: 'passphrase' and key: [{pem: encryptedPem}] passphrase: 'passphrase' and key: [{pem: unencryptedPem}]

Passphrase is now used whether keys are provided singly, in an array of string/buffer, or an array of object, where it used to be ignored in some argument combinations. Specifically, these now work as expected: key: [encryptedPem], passphrase: 'passphrase' and key: [{pem: encryptedPem}] passphrase: 'passphrase' and key: [{pem: unencryptedPem}] PR-URL: #10294 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

sam-github · 2016-12-19T21:49:25Z

Landed in 0b44384

Passphrase is now used whether keys are provided singly, in an array of string/buffer, or an array of object, where it used to be ignored in some argument combinations. Specifically, these now work as expected: key: [encryptedPem], passphrase: 'passphrase' and key: [{pem: encryptedPem}] passphrase: 'passphrase' and key: [{pem: unencryptedPem}] PR-URL: nodejs#10294 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

Notable changes: * buffer: - buffer.fill() now works properly for the UCS2 encoding on Big-Endian machines. (Anna Henningsen) nodejs#9837 * cluster: - disconnect() now returns a reference to the disconnected worker. (Sean Villars) nodejs#10019 * crypto: - The built-in list of Well-Known CAs (Certificate Authorities) can now be extended via a NODE_EXTRA_CA_CERTS environment variable. (Sam Roberts) nodejs#9139 * http: - Remove stale timeout listeners in order to prevent a memory leak when using keep alive. (Karl Böhlmark) nodejs#9440 * tls: - Allow obvious key/passphrase combinations. (Sam Roberts) nodejs#10294 * url: - Including base argument in URL.originFor() to meet specification compliance. (joyeecheung) nodejs#10021 - Improve URLSearchParams to meet specification compliance. (Timothy Gu) nodejs#9484 PR-URL: nodejs#10277

Passphrase is now used whether keys are provided singly, in an array of string/buffer, or an array of object, where it used to be ignored in some argument combinations. Specifically, these now work as expected: key: [encryptedPem], passphrase: 'passphrase' and key: [{pem: encryptedPem}] passphrase: 'passphrase' and key: [{pem: unencryptedPem}] PR-URL: #10294 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

Notable changes: * buffer: - buffer.fill() now works properly for the UCS2 encoding on Big-Endian machines. (Anna Henningsen) #9837 * cluster: - disconnect() now returns a reference to the disconnected worker. (Sean Villars) #10019 * crypto: - The built-in list of Well-Known CAs (Certificate Authorities) can now be extended via a NODE_EXTRA_CA_CERTS environment variable. (Sam Roberts) #9139 * http: - Remove stale timeout listeners in order to prevent a memory leak when using keep alive. (Karl Böhlmark) #9440 * tls: - Allow obvious key/passphrase combinations. (Sam Roberts) #10294 * url: - Including base argument in URL.originFor() to meet specification compliance. (joyeecheung) #10021 - Improve URLSearchParams to meet specification compliance. (Timothy Gu) #9484 PR-URL: #10277

Notable changes: * buffer: - buffer.fill() now works properly for the UCS2 encoding on Big-Endian machines. (Anna Henningsen) nodejs/node#9837 * cluster: - disconnect() now returns a reference to the disconnected worker. (Sean Villars) nodejs/node#10019 * crypto: - The built-in list of Well-Known CAs (Certificate Authorities) can now be extended via a NODE_EXTRA_CA_CERTS environment variable. (Sam Roberts) nodejs/node#9139 * http: - Remove stale timeout listeners in order to prevent a memory leak when using keep alive. (Karl Bohlmark) nodejs/node#9440 * tls: - Allow obvious key/passphrase combinations. (Sam Roberts) nodejs/node#10294 * url: - Including base argument in URL.originFor() to meet specification compliance. (joyeecheung) nodejs/node#10021 - Improve URLSearchParams to meet specification compliance. (Timothy Gu) nodejs/node#9484 PR-URL: nodejs/node#10277 Signed-off-by: Ilkka Myller <ilkka.myller@nodefield.com>

sam-github · 2017-01-25T18:58:06Z

@MylesBorins this should land on v6.x

Passphrase is now used whether keys are provided singly, in an array of string/buffer, or an array of object, where it used to be ignored in some argument combinations. Specifically, these now work as expected: key: [encryptedPem], passphrase: 'passphrase' and key: [{pem: encryptedPem}] passphrase: 'passphrase' and key: [{pem: unencryptedPem}] PR-URL: #10294 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

This LTS release comes with 126 commits. This includes 40 which are test related, 32 which are doc related, 12 which are build / tool related and 4 commits which are updates to dependencies. Notable Changes: * build: - support for building mips64el (nanxiongchao) #10991 * cluster: - disconnect() now returns a reference to the disconnected worker. (Sean Villars) #10019 * crypto: - ability to select cert store at runtime (Adam Majer) #8334 - Use system CAs instead of using bundled ones (Adam Majer) #8334 - The `Decipher` methods `setAuthTag()` and `setAAD` now return `this`. (Kirill Fomichev) #9398 - adding support for OPENSSL_CONF again (Sam Roberts) #11006 - make LazyTransform compabile with Streams1 (Matteo Collina) #12380 * deps: - upgrade libuv to 1.11.0 (cjihrig) #11094 - upgrade libuv to 1.10.2 (cjihrig) #10717 - upgrade libuv to 1.10.1 (cjihrig) #9647 - upgrade libuv to 1.10.0 (cjihrig) #9267 * dns: - Implemented `{ttl: true}` for `resolve4()` and `resolve6()` (Ben Noordhuis) #9296 * process: - add NODE_NO_WARNINGS environment variable (cjihrig) #10842 * readline: - add option to stop duplicates in history (Danny Nemer) #2982 * src: - support "--" after "-e" as end-of-options (John Barboza) #10651 * tls: - new tls.TLSSocket() supports sec ctx options (Sam Roberts) #11005 - Allow obvious key/passphrase combinations. (Sam Roberts) #10294 PR-URL: #13059

Passphrase is now used whether keys are provided singly, in an array of string/buffer, or an array of object, where it used to be ignored in some argument combinations. Specifically, these now work as expected: key: [encryptedPem], passphrase: 'passphrase' and key: [{pem: encryptedPem}] passphrase: 'passphrase' and key: [{pem: unencryptedPem}] PR-URL: nodejs/node#10294 Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>

This LTS release comes with 126 commits. This includes 40 which are test related, 32 which are doc related, 12 which are build / tool related and 4 commits which are updates to dependencies. Notable Changes: * build: - support for building mips64el (nanxiongchao) nodejs/node#10991 * cluster: - disconnect() now returns a reference to the disconnected worker. (Sean Villars) nodejs/node#10019 * crypto: - ability to select cert store at runtime (Adam Majer) nodejs/node#8334 - Use system CAs instead of using bundled ones (Adam Majer) nodejs/node#8334 - The `Decipher` methods `setAuthTag()` and `setAAD` now return `this`. (Kirill Fomichev) nodejs/node#9398 - adding support for OPENSSL_CONF again (Sam Roberts) nodejs/node#11006 - make LazyTransform compabile with Streams1 (Matteo Collina) nodejs/node#12380 * deps: - upgrade libuv to 1.11.0 (cjihrig) nodejs/node#11094 - upgrade libuv to 1.10.2 (cjihrig) nodejs/node#10717 - upgrade libuv to 1.10.1 (cjihrig) nodejs/node#9647 - upgrade libuv to 1.10.0 (cjihrig) nodejs/node#9267 * dns: - Implemented `{ttl: true}` for `resolve4()` and `resolve6()` (Ben Noordhuis) nodejs/node#9296 * process: - add NODE_NO_WARNINGS environment variable (cjihrig) nodejs/node#10842 * readline: - add option to stop duplicates in history (Danny Nemer) nodejs/node#2982 * src: - support "--" after "-e" as end-of-options (John Barboza) nodejs/node#10651 * tls: - new tls.TLSSocket() supports sec ctx options (Sam Roberts) nodejs/node#11005 - Allow obvious key/passphrase combinations. (Sam Roberts) nodejs/node#10294 PR-URL: nodejs/node#13059

sam-github added the tls Issues and PRs related to the tls subsystem. label Dec 15, 2016

nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. tls Issues and PRs related to the tls subsystem. dont-land-on-v7.x labels Dec 15, 2016

Fishrock123 added the semver-minor PRs that contain new features and should be released in the next minor version. label Dec 16, 2016

sam-github removed the dont-land-on-v7.x label Dec 16, 2016

Fishrock123 added the dont-land-on-v7.x label Dec 16, 2016

indutny approved these changes Dec 16, 2016

View reviewed changes

bnoordhuis approved these changes Dec 19, 2016

View reviewed changes

gibfahn mentioned this pull request Dec 19, 2016

Clarify dont-land-on labels #10336

Closed

sam-github removed the dont-land-on-v7.x label Dec 19, 2016

sam-github force-pushed the complete-key-passphrase-support branch from 84ba0f1 to 73ad15a Compare December 19, 2016 21:42

nodejs-github-bot added the dont-land-on-v7.x label Dec 19, 2016

sam-github removed the dont-land-on-v7.x label Dec 19, 2016

sam-github closed this Dec 19, 2016

sam-github deleted the complete-key-passphrase-support branch December 19, 2016 21:49

italoacasas mentioned this pull request Dec 20, 2016

v7.3.0 proposal #10277

Merged

sam-github added lts-watch-v4.x labels Jan 16, 2017

gibfahn mentioned this pull request Mar 17, 2017

Potential Semver Minor Backports nodejs/Release#188

Closed

31 tasks

MylesBorins added land-on-v6.x and removed lts-watch-v4.x labels May 16, 2017

MylesBorins mentioned this pull request May 23, 2017

v6.11.0 proposal #13059

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

tls: allow obvious key/passphrase combinations#10294

tls: allow obvious key/passphrase combinations#10294
sam-github wants to merge 1 commit intonodejs:masterfrom
sam-github:complete-key-passphrase-support

sam-github commented Dec 15, 2016

Uh oh!

mscdex commented Dec 15, 2016

Uh oh!

Fishrock123 commented Dec 16, 2016

Uh oh!

sam-github commented Dec 16, 2016

Uh oh!

sam-github commented Dec 16, 2016

Uh oh!

Fishrock123 commented Dec 16, 2016

Uh oh!

indutny left a comment

Uh oh!

bnoordhuis left a comment

Uh oh!

bnoordhuis Dec 19, 2016

Uh oh!

sam-github Dec 19, 2016

Uh oh!

sam-github commented Dec 19, 2016

Uh oh!

sam-github commented Jan 25, 2017

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants

Uh oh!

Conversation

sam-github commented Dec 15, 2016

Checklist

Affected core subsystem(s)

Description of change

Uh oh!

mscdex commented Dec 15, 2016

Uh oh!

Fishrock123 commented Dec 16, 2016

Uh oh!

sam-github commented Dec 16, 2016

Uh oh!

sam-github commented Dec 16, 2016

Uh oh!

Fishrock123 commented Dec 16, 2016

Uh oh!

indutny left a comment

Choose a reason for hiding this comment

Uh oh!

bnoordhuis left a comment

Choose a reason for hiding this comment

Uh oh!

bnoordhuis Dec 19, 2016

Choose a reason for hiding this comment

Uh oh!

sam-github Dec 19, 2016

Choose a reason for hiding this comment

Uh oh!

sam-github commented Dec 19, 2016

Uh oh!

sam-github commented Jan 25, 2017

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

7 participants