Openssl clientcertengine support2
This is an attempt to finish https://github.com/nodejs/node/pull/6569 which stalled. First commit is a squashed commit mostly of work done by @joelostrowski with their authorship preserved.
Original PR description:
Added an option 'clientCertEngine' to tls.createSecureContext which gets wired up to OpenSSL function SSL_CTX_set_client_cert_engine. The option is passed through from https.request as well. This allows using a custom OpenSSL engine to provide the client certificate.
PTAL @bnoordhuis @indutny PTAL @sam-github at the doc changes and anything else you want
@danbev If you have time to look to make sure there aren't any "NOOOOO, this will fail if compiled without OpenSSL!!!!" problems that are super-obvious, that would be great. The stuff in test/addons/openssl-client-cert-engine
seems like it needs a common.hasCrypto()
check, no? Anything else anywhere in the code that looks like it might be problematic?
Marking as in progress
because I can't get the test addon to compile on MacOS. Can someone help me make sense of this output from make test-addons
?
Checklist
-
make -j4 test
(UNIX), orvcbuild test
(Windows) passes -
tests and/or benchmarks are included -
documentation is changed or added -
commit message follows commit guidelines
Affected core subsystem(s)
tls http crypto