From 05de01d707cd9a80f34da23445f507f5f2e2c277 Mon Sep 17 00:00:00 2001 From: Ben Noordhuis Date: Mon, 21 Nov 2011 13:58:30 +0100 Subject: [PATCH] tls: expose more openssl SSL context options --- src/node_constants.cc | 156 ++++++++++++++++++++++++------------------ 1 file changed, 88 insertions(+), 68 deletions(-) diff --git a/src/node_constants.cc b/src/node_constants.cc index 1b884b30941..e924f9ed149 100644 --- a/src/node_constants.cc +++ b/src/node_constants.cc @@ -853,40 +853,80 @@ void DefineConstants(Handle target) { // OpenSSL SSL context options -#ifdef SSL_OP_NO_QUERY_MTU - NODE_DEFINE_CONSTANT(target, SSL_OP_NO_QUERY_MTU); +#ifdef SSL_OP_ALL + NODE_DEFINE_CONSTANT(target, SSL_OP_ALL); #endif -#ifdef SSL_OP_COOKIE_EXCHANGE - NODE_DEFINE_CONSTANT(target, SSL_OP_COOKIE_EXCHANGE); -#endif - -#ifdef SSL_OP_NO_TICKET - NODE_DEFINE_CONSTANT(target, SSL_OP_NO_TICKET); -#endif - -#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION - NODE_DEFINE_CONSTANT(target, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); -#endif - -#ifdef SSL_OP_SINGLE_ECDH_USE - NODE_DEFINE_CONSTANT(target, SSL_OP_SINGLE_ECDH_USE); -#endif - -#ifdef SSL_OP_SINGLE_DH_USE - NODE_DEFINE_CONSTANT(target, SSL_OP_SINGLE_DH_USE); -#endif - -#ifdef SSL_OP_EPHEMERAL_RSA - NODE_DEFINE_CONSTANT(target, SSL_OP_EPHEMERAL_RSA); +#ifdef SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION + NODE_DEFINE_CONSTANT(target, SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION); #endif #ifdef SSL_OP_CIPHER_SERVER_PREFERENCE NODE_DEFINE_CONSTANT(target, SSL_OP_CIPHER_SERVER_PREFERENCE); #endif -#ifdef SSL_OP_TLS_ROLLBACK_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_TLS_ROLLBACK_BUG); +#ifdef SSL_OP_CISCO_ANYCONNECT + NODE_DEFINE_CONSTANT(target, SSL_OP_CISCO_ANYCONNECT); +#endif + +#ifdef SSL_OP_COOKIE_EXCHANGE + NODE_DEFINE_CONSTANT(target, SSL_OP_COOKIE_EXCHANGE); +#endif + +#ifdef SSL_OP_CRYPTOPRO_TLSEXT_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_CRYPTOPRO_TLSEXT_BUG); +#endif + +#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS + NODE_DEFINE_CONSTANT(target, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); +#endif + +#ifdef SSL_OP_EPHEMERAL_RSA + NODE_DEFINE_CONSTANT(target, SSL_OP_EPHEMERAL_RSA); +#endif + +#ifdef SSL_OP_LEGACY_SERVER_CONNECT + NODE_DEFINE_CONSTANT(target, SSL_OP_LEGACY_SERVER_CONNECT); +#endif + +#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER + NODE_DEFINE_CONSTANT(target, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER); +#endif + +#ifdef SSL_OP_MICROSOFT_SESS_ID_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_MICROSOFT_SESS_ID_BUG); +#endif + +#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING + NODE_DEFINE_CONSTANT(target, SSL_OP_MSIE_SSLV2_RSA_PADDING); +#endif + +#ifdef SSL_OP_NETSCAPE_CA_DN_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_CA_DN_BUG); +#endif + +#ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_CHALLENGE_BUG); +#endif + +#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); +#endif + +#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG); +#endif + +#ifdef SSL_OP_NO_COMPRESSION + NODE_DEFINE_CONSTANT(target, SSL_OP_NO_COMPRESSION); +#endif + +#ifdef SSL_OP_NO_QUERY_MTU + NODE_DEFINE_CONSTANT(target, SSL_OP_NO_QUERY_MTU); +#endif + +#ifdef SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION + NODE_DEFINE_CONSTANT(target, SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION); #endif #ifdef SSL_OP_NO_SSLv2 @@ -897,10 +937,22 @@ void DefineConstants(Handle target) { NODE_DEFINE_CONSTANT(target, SSL_OP_NO_SSLv3); #endif +#ifdef SSL_OP_NO_TICKET + NODE_DEFINE_CONSTANT(target, SSL_OP_NO_TICKET); +#endif + #ifdef SSL_OP_NO_TLSv1 NODE_DEFINE_CONSTANT(target, SSL_OP_NO_TLSv1); #endif +#ifdef SSL_OP_NO_TLSv1_1 + NODE_DEFINE_CONSTANT(target, SSL_OP_NO_TLSv1_1); +#endif + +#ifdef SSL_OP_NO_TLSv1_2 + NODE_DEFINE_CONSTANT(target, SSL_OP_NO_TLSv1_2); +#endif + #ifdef SSL_OP_PKCS1_CHECK_1 NODE_DEFINE_CONSTANT(target, SSL_OP_PKCS1_CHECK_1); #endif @@ -909,64 +961,32 @@ void DefineConstants(Handle target) { NODE_DEFINE_CONSTANT(target, SSL_OP_PKCS1_CHECK_2); #endif -#ifdef SSL_OP_NETSCAPE_CA_DN_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_CA_DN_BUG); +#ifdef SSL_OP_SINGLE_DH_USE + NODE_DEFINE_CONSTANT(target, SSL_OP_SINGLE_DH_USE); #endif -#ifdef SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG); -#endif - -#ifdef SSL_OP_CRYPTOPRO_TLSEXT_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_CRYPTOPRO_TLSEXT_BUG); -#endif - -#ifdef SSL_OP_MICROSOFT_SESS_ID_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_MICROSOFT_SESS_ID_BUG); -#endif - -#ifdef SSL_OP_NETSCAPE_CHALLENGE_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_CHALLENGE_BUG); -#endif - -#ifdef SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG); -#endif - -#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG); -#endif - -#ifdef SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER - NODE_DEFINE_CONSTANT(target, SSL_OP_MICROSOFT_BIG_SSLV3_BUFFER); -#endif - -#ifdef SSL_OP_MSIE_SSLV2_RSA_PADDING - NODE_DEFINE_CONSTANT(target, SSL_OP_MSIE_SSLV2_RSA_PADDING); +#ifdef SSL_OP_SINGLE_ECDH_USE + NODE_DEFINE_CONSTANT(target, SSL_OP_SINGLE_ECDH_USE); #endif #ifdef SSL_OP_SSLEAY_080_CLIENT_DH_BUG NODE_DEFINE_CONSTANT(target, SSL_OP_SSLEAY_080_CLIENT_DH_BUG); #endif -#ifdef SSL_OP_TLS_D5_BUG - NODE_DEFINE_CONSTANT(target, SSL_OP_TLS_D5_BUG); +#ifdef SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_SSLREF2_REUSE_CERT_TYPE_BUG); #endif #ifdef SSL_OP_TLS_BLOCK_PADDING_BUG NODE_DEFINE_CONSTANT(target, SSL_OP_TLS_BLOCK_PADDING_BUG); #endif -#ifdef SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS - NODE_DEFINE_CONSTANT(target, SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS); +#ifdef SSL_OP_TLS_D5_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_TLS_D5_BUG); #endif -#ifdef SSL_OP_ALL - NODE_DEFINE_CONSTANT(target, SSL_OP_ALL); -#endif - -#ifdef SSL_OP_LEGACY_SERVER_CONNECT - NODE_DEFINE_CONSTANT(target, SSL_OP_LEGACY_SERVER_CONNECT); +#ifdef SSL_OP_TLS_ROLLBACK_BUG + NODE_DEFINE_CONSTANT(target, SSL_OP_TLS_ROLLBACK_BUG); #endif #ifdef OPENSSL_NPN_NEGOTIATED