mirrors/bun.sh
1
0
Fork 0
mirror of https://github.com/oven-sh/bun synced 2026-02-18 06:41:50 +00:00
Code Issues Packages Projects Releases Wiki Activity

pass openssl values in nativeland

Browse Source
This commit is contained in:
Alistair Smith
2025-05-07 23:23:44 -07:00
parent 5b767a9b25
commit 82a019a287
4 changed files with 17 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
packages/bun-usockets/src/crypto/openssl.c
View File

@@ -1167,25 +1167,14 @@ SSL_CTX *create_ssl_context_from_bun_options(
* buffer allocated in a different address */
SSL_CTX_set_mode(ssl_context, SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER);
if (options.min_tls_version > 0.0) {
unsigned min_version;
if (options.min_tls_version >= 1.3) min_version = TLS1_3_VERSION;
else if (options.min_tls_version >= 1.2) min_version = TLS1_2_VERSION;
else if (options.min_tls_version >= 1.1) min_version = TLS1_1_VERSION;
else if (options.min_tls_version >= 1.0) min_version = TLS1_VERSION;
else min_version = TLS1_VERSION;
SSL_CTX_set_min_proto_version(ssl_context, min_version);
if (options.min_tls_version) {
SSL_CTX_set_min_proto_version(ssl_context, options.min_tls_version);
} else {
SSL_CTX_set_min_proto_version(ssl_context, TLS1_2_VERSION);
}
if (options.max_tls_version > 0.0) {
unsigned max_version;
if (options.max_tls_version >= 1.3) max_version = TLS1_3_VERSION;
else if (options.max_tls_version >= 1.2) max_version = TLS1_2_VERSION;
else if (options.max_tls_version >= 1.1) max_version = TLS1_1_VERSION;
else max_version = TLS1_VERSION;
SSL_CTX_set_max_proto_version(ssl_context, max_version);
if (options.max_tls_version) {
SSL_CTX_set_max_proto_version(ssl_context, options.max_tls_version);
}
/* The following are helpers. You may easily implement whatever you want by

4
packages/bun-usockets/src/libusockets.h
View File

@@ -239,8 +239,8 @@ struct us_bun_socket_context_options_t {
int request_cert;
unsigned int client_renegotiation_limit;
unsigned int client_renegotiation_window;
double min_tls_version;
double max_tls_version;
unsigned int min_tls_version;
unsigned int max_tls_version;
};
/* Return 15-bit timestamp for this context */

15
src/bun.js/api/server.zig
View File

@@ -692,6 +692,7 @@ pub const ServerConfig = struct {
if (this.min_version != null) {
ctx_opts.min_tls_version = this.min_version.?;
}
if (this.max_version != null) {
ctx_opts.max_tls_version = this.max_version.?;
}
@@ -1052,15 +1053,17 @@ pub const ServerConfig = struct {
}
if (try obj.getTruthy(global, "minVersion")) |min_version| {
result.min_version = min_version.coerceToDouble(global);
defer result.min_version.deinit();
any = true;
if (min_version.isNumber()) {
result.min_version = @as(u16, @intCast(min_version.toInt32()));
any = true;
}
}
if (try obj.getTruthy(global, "maxVersion")) |max_version| {
result.max_version = max_version.coerceToDouble(global);
defer result.max_version.deinit();
any = true;
if (max_version.isNumber()) {
result.max_version = @as(u16, @intCast(max_version.toInt32()));
any = true;
}
}
if (try obj.getTruthy(global, "ciphers")) |ssl_ciphers| {

5
src/deps/uws.zig
View File

@@ -2541,9 +2541,8 @@ pub const us_bun_socket_context_options_t = extern struct {
request_cert: i32 = 0,
client_renegotiation_limit: u32 = 3,
client_renegotiation_window: u32 = 600,
min_tls_version: f64 = 0.0,
max_tls_version: f64 = 0.0,
min_tls_version: u16 = 0,
max_tls_version: u16 = 0,
};
pub const create_bun_socket_error_t = enum(c_int) {