Ben,
On Thursday, November 22, 2012 5:13:23 PM UTC, Steve Freegard wrote:
Ok - I tried various options OR'd together to no avail, so finally decided
> to hack this in rather than to rebuild Node on this box just to see if it
> cured the problem:
>
> if (!options) options = {};
> options.secureOptions = 2147483648;
> var sslcontext = crypto.createCredentials(options);
>
> Unfortunately - I'm still seeing the error:
>
> client co9ehsobe002.messaging.microsoft.com [207.46.163.25] connection
> error: Error: 3075274448:error:06065064:digital envelope
> routines:EVP_DecryptFinal_ex:bad
> decrypt:../deps/openssl/openssl/crypto/evp/evp_enc.c:467:#0123075274448:error:06065064:digital
>
> envelope routines:EVP_DecryptFinal_ex:bad
> decrypt:../deps/openssl/openssl/crypto/evp/evp_enc.c:467:
>
> Is there anything else I can try?
>
>
Replying to myself - I've been looking through Node's lib/crypto.js and
lib/tls.js and I think I can see why this wasn't effective for me.
Here's the relevant code from
Haraka: https://github.com/baudehlo/Haraka/blob/master/tls_socket.js#L186
I've modified that to look like this:
if (!options) options = {};
options.secureOptions = 2147483648;
var sslcontext = crypto.createCredentials(options);
var pair = tls.createSecurePair(sslcontext, true, true, false);
However looking at lib/tls.js - tls.createSecurePair creates a SecurePair
object but does not allow for 'options' to be passed in. It also does not
copy any relevant options from the 'credentials' object, so it appears not
to be possible for me to pass secureOptions to it like this which looks to
be why your suggested fix did not work.
I therefore propose the following changes which would not break the
existing API:
https://github.com/smfreegard/node/commit/ea8d14b7388cf559cd4e340d8c88f3e92efed9dc
That would then allow me to avoid calling createCredentials() directly and
pass all the necessary options through to both.
Kind regards,
Steve.
--
Job Board: http://jobs.nodejs.org/
Posting guidelines:
https://github.com/joyent/node/wiki/Mailing-List-Posting-Guidelines
You received this message because you are subscribed to the Google
Groups "nodejs" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/nodejs?hl=en?hl=en
