Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[WIP] tls: add server.sessionTimeout getter and setter. #34006

Closed
wants to merge 1 commit into from
Closed

[WIP] tls: add server.sessionTimeout getter and setter. #34006

wants to merge 1 commit into from

Conversation

mkrawczuk
Copy link
Contributor

This change enables dynamical change of tls.Server's session timeout. It is a follow-up to #33974.

I would like to ask for help and suggestions on writing appropriate tests for these methods. At first I wanted to count new and resumed sessions from the event callbacks, but it turned out they are not called when the client is using the session ticket feature.

@mkrawczuk
[WIP] tls: add server.sessionTimeout getter and setter.
ec4c5a9 
This change enables dynamical change of tls.Server's session timeout.

TODO:
* finish tests
* add doc
@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory. labels Jun 21, 2020
@mkrawczuk mkrawczuk marked this pull request as draft June 21, 2020 21:48
bnoordhuis
bnoordhuis reviewed Jun 23, 2020
View reviewed changes
Copy link
Member

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'd be okay with a test that tests types/ranges and verifies that setting the value is reflected by the getter.

Testing whether the session actually expires would be nice but I can see how it'd be complicated and not very reliable / timing sensitive.

src/node_crypto.cc
Comment on lines +1384 to +1385
long sessionTimeout = SSL_CTX_get_timeout(sc->ctx_.get());
args.GetReturnValue().Set(static_cast<uint32_t>(sessionTimeout));
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I recognize the same style issue exists in SetSessionTimeout() but...

Suggested change
long sessionTimeout = SSL_CTX_get_timeout(sc->ctx_.get());
args.GetReturnValue().Set(static_cast<uint32_t>(sessionTimeout));
long session_timeout = SSL_CTX_get_timeout(sc->ctx_.get());
args.GetReturnValue().Set(static_cast<uint32_t>(session_timeout));

(and I'm going to guess the first line needs a // NOLINT(runtime/int) to shut up cpplint)

test/parallel/test-tls-session-timeout.js
Comment on lines +1 to +21
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.

(not necessary in new test files)

@mkrawczuk mkrawczuk closed this Dec 16, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnoordhuis bnoordhuis bnoordhuis left review comments

Assignees
No one assigned
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. lib / src Issues and PRs related to general changes in the lib or src directory.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mkrawczuk @bnoordhuis @nodejs-github-bot