Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

crypto changes to support pfx(p12) format for issue #2845 #2847

Closed
wants to merge 7 commits into from
Closed

crypto changes to support pfx(p12) format for issue #2845 #2847

wants to merge 7 commits into from

Conversation

ssuda
Copy link

@ssuda ssuda commented Feb 29, 2012

Added SecureContext::LoadPKCS12 to parse .pfx(p12) file
Exposed to sc.loadPKCS12
Changed crypto.createCredentials to support options.pfx

@ssuda
Copy link
Author

ssuda commented Feb 29, 2012

Changes for #2845


if (pkey) {
EVP_PKEY_free(pkey);
}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Don't free pkey and cert here if PKCS12_parse() returned an error. That function allocates memory for the key and the certificate and updates the pointers in the argument list. On error, it frees the memory but doesn't set the pointers to NULL. You'd be double-freeing them here.

@bnoordhuis
Copy link
Member

It's not quite there yet but it's a good start. Well done.

@ssuda
Copy link
Author

ssuda commented Mar 2, 2012

@bnoordhuis, Please review these changes.

pass = new char[passlen];
int pass_written = DecodeWrite(pass, passlen, args[1], BINARY);

pass[passlen] = '\0';
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Off-by-one error, pass[passlen] is outside the buffer.

@ssuda ssuda closed this Mar 2, 2012
mhdawson added a commit to ibmruntimes/node that referenced this pull request Oct 21, 2015
test-child-process-fork-regr-nodejsgh-2847 could fail depending
on timing and how messages were packed into tcp packets.
If all of the requests fit into one packet then the test
worked otherwise, otherwise errors could occur.  This PR
modifies the test to be tolerant while still validating that
some of the connection can be made succesfully

Reviewed-By: James M Snell <[email protected]>
PR-URL: nodejs/node#3459
mhdawson added a commit to ibmruntimes/node that referenced this pull request Nov 5, 2015
test-child-process-fork-regr-nodejsgh-2847 could fail depending
on timing and how messages were packed into tcp packets.
If all of the requests fit into one packet then the test
worked otherwise, otherwise errors could occur.  This PR
modifies the test to be tolerant while still validating that
some of the connection can be made succesfully

Reviewed-By: James M Snell <[email protected]>
PR-URL: nodejs/node#3459
mhdawson added a commit to ibmruntimes/node that referenced this pull request Nov 5, 2015
test-child-process-fork-regr-nodejsgh-2847 could fail depending
on timing and how messages were packed into tcp packets.
If all of the requests fit into one packet then the test
worked otherwise, otherwise errors could occur.  This PR
modifies the test to be tolerant while still validating that
some of the connection can be made succesfully

Reviewed-By: James M Snell <[email protected]>
PR-URL: nodejs/node#3459
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Jan 13, 2016
Windows would die with ECONNRESET most times when running
this particular test. This commit makes handling these errors
more tolerable.

PR-URL: nodejs/node#4442
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 15, 2016
Windows would die with ECONNRESET most times when running
this particular test. This commit makes handling these errors
more tolerable.

PR-URL: nodejs/node#4442
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 17, 2016
Windows would die with ECONNRESET most times when running
this particular test. This commit makes handling these errors
more tolerable.

PR-URL: nodejs/node#4442
Reviewed-By: Fedor Indutny <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 18, 2016
The test would sometimes time out on some platforms. Take the initial
version of the test and instead of sending 100 handles, just send 2.
It still fails when run with the code before the change was introduced
and passes afterwards.

Remove test from parallel.status.

PR-URL: nodejs/node#5121
Reviewed-By: Brian White <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 18, 2016
Windows is still sometimes failing with ECONNRESET. Bring back the
handling of this error as was initially introduced in PR nodejs#4442.

PR-URL: nodejs/node#5179
Reviewed-By: Rich Trott <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 18, 2016
The test would sometimes time out on some platforms. Take the initial
version of the test and instead of sending 100 handles, just send 2.
It still fails when run with the code before the change was introduced
and passes afterwards.

Remove test from parallel.status.

PR-URL: nodejs/node#5121
Reviewed-By: Brian White <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 18, 2016
Windows is still sometimes failing with ECONNRESET. Bring back the
handling of this error as was initially introduced in PR nodejs#4442.

PR-URL: nodejs/node#5179
Reviewed-By: Rich Trott <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 18, 2016
The test would sometimes time out on some platforms. Take the initial
version of the test and instead of sending 100 handles, just send 2.
It still fails when run with the code before the change was introduced
and passes afterwards.

Remove test from parallel.status.

PR-URL: nodejs/node#5121
Reviewed-By: Brian White <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Feb 18, 2016
Windows is still sometimes failing with ECONNRESET. Bring back the
handling of this error as was initially introduced in PR nodejs#4442.

PR-URL: nodejs/node#5179
Reviewed-By: Rich Trott <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Mar 4, 2016
The test is still failing sometimes because when trying to establish the
second connection, the server is already closed. Bring back the code
that handled this case and was removed in the last refactoring of the
test. Also ignore the errors that might happen when sending the second
handle to the worker because it may already have exited.

PR-URL: nodejs/node#5422
Reviewed-By: Rich Trott <[email protected]>
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Mar 9, 2016
The test would sometimes time out on some platforms. Take the initial
version of the test and instead of sending 100 handles, just send 2.
It still fails when run with the code before the change was introduced
and passes afterwards.

Remove test from parallel.status.

PR-URL: nodejs/node#5121
Reviewed-By: Brian White <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Michael Dawson <[email protected]>
Fixes: nodejs/node#3635
richardlau pushed a commit to ibmruntimes/node that referenced this pull request Mar 9, 2016
Windows is still sometimes failing with ECONNRESET. Bring back the
handling of this error as was initially introduced in PR nodejs#4442.

PR-URL: nodejs/node#5179
Reviewed-By: Rich Trott <[email protected]>
Fixes: nodejs/node#3635
gibfahn pushed a commit to ibmruntimes/node that referenced this pull request Mar 23, 2016
The test is still failing sometimes because when trying to establish the
second connection, the server is already closed. Bring back the code
that handled this case and was removed in the last refactoring of the
test. Also ignore the errors that might happen when sending the second
handle to the worker because it may already have exited.

PR-URL: nodejs/node#5422
Reviewed-By: Rich Trott <[email protected]>
gibfahn pushed a commit to ibmruntimes/node that referenced this pull request Oct 12, 2016
It's not guaranteed that the first socket that tries to connect is the
first that succeeds so the rest of assumptions made in the test are not
correct.
Fix it by making sure the second socket does not try to connect until
the first has succeeded.
The IPC channel can already be closed when sending the second socket. It
should be allowed.
Also, don't start sending messages until the worker is online.

Fixes: nodejs/node#8950
PR-URL: nodejs/node#8954
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Brian White <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
kaiquewdev pushed a commit to kaiquewdev/node that referenced this pull request Nov 26, 2016
It's not guaranteed that the first socket that tries to connect is the
first that succeeds so the rest of assumptions made in the test are not
correct.
Fix it by making sure the second socket does not try to connect until
the first has succeeded.
The IPC channel can already be closed when sending the second socket. It
should be allowed.
Also, don't start sending messages until the worker is online.

Fixes: nodejs/node#8950
PR-URL: nodejs/node#8954
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Brian White <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
BethGriggs pushed a commit to ibmruntimes/node that referenced this pull request Dec 7, 2016
It's not guaranteed that the first socket that tries to connect is the
first that succeeds so the rest of assumptions made in the test are not
correct.
Fix it by making sure the second socket does not try to connect until
the first has succeeded.
The IPC channel can already be closed when sending the second socket. It
should be allowed.
Also, don't start sending messages until the worker is online.

Fixes: nodejs/node#8950
PR-URL: nodejs/node#8954
Reviewed-By: Michael Dawson <[email protected]>
Reviewed-By: Brian White <[email protected]>
Reviewed-By: James M Snell <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants