tls: fix negative sessionTimeout handling
For historical reasons, the second argument of SSL_CTX_set_timeout
is a signed integer, and Node.js has so far passed arbitrary (signed) int32_t
values. However, new versions of OpenSSL have changed the handling of negative values inside SSL_CTX_set_timeout
, and we should shield users of Node.js from both the old and the new behavior. Hence, reject any negative values by throwing an error from within createSecureContext
.