1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: support net.Server options

Browse Source 
Pass `tls.Server` constructor options to the parent constructor.

PR-URL: https://github.com/nodejs/node/pull/27665
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
This commit is contained in:
Luigi Pinca 2019-05-13 09:07:56 +02:00 committed by Rich Trott
parent 7bdd8d6e98
commit 5112b3d9a6
3 changed files with 70 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/api/tls.md
View File

@ -1485,6 +1485,10 @@ publicly trusted list of CAs as given in
<!-- YAML <!-- YAML
added: v0.3.2 added: v0.3.2
changes: changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/27665
description: The `options` parameter now supports `net.createServer()`
options.
- version: v9.3.0 - version: v9.3.0
pr-url: https://github.com/nodejs/node/pull/14903 pr-url: https://github.com/nodejs/node/pull/14903
description: The `options` parameter can now include `clientCertEngine`. description: The `options` parameter can now include `clientCertEngine`.
@ -1535,6 +1539,7 @@ changes:
data. See [Session Resumption][] for more information. data. See [Session Resumption][] for more information.
* ...: Any [`tls.createSecureContext()`][] option can be provided. For * ...: Any [`tls.createSecureContext()`][] option can be provided. For
servers, the identity options (`pfx` or `key`/`cert`) are usually required. servers, the identity options (`pfx` or `key`/`cert`) are usually required.
* ...: Any [`net.createServer()`][] option can be provided.
* `secureConnectionListener` {Function} * `secureConnectionListener` {Function}
* Returns: {tls.Server} * Returns: {tls.Server}
@ -1755,6 +1760,7 @@ where `secureSocket` has the same API as `pair.cleartext`.
[`NODE_OPTIONS`]: cli.html#cli_node_options_options [`NODE_OPTIONS`]: cli.html#cli_node_options_options
[`crypto.getCurves()`]: crypto.html#crypto_crypto_getcurves [`crypto.getCurves()`]: crypto.html#crypto_crypto_getcurves
[`dns.lookup()`]: dns.html#dns_dns_lookup_hostname_options_callback [`dns.lookup()`]: dns.html#dns_dns_lookup_hostname_options_callback
[`net.createServer()`]: net.html#net_net_createserver_options_connectionlistener
[`net.Server.address()`]: net.html#net_server_address [`net.Server.address()`]: net.html#net_server_address
[`net.Server`]: net.html#net_class_net_server [`net.Server`]: net.html#net_class_net_server
[`net.Socket`]: net.html#net_class_net_socket [`net.Socket`]: net.html#net_class_net_socket

2
lib/_tls_wrap.js
View File

@ -1040,7 +1040,7 @@ function Server(options, listener) {
} }
// constructor call // constructor call
net.Server.call(this, tlsConnectionListener); net.Server.call(this, options, tlsConnectionListener);
if (listener) { if (listener) {
this.on('secureConnection', listener); this.on('secureConnection', listener);

63
test/parallel/test-tls-server-parent-constructor-options.js Normal file
View File

@ -0,0 +1,63 @@
'use strict';
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
// Test that `tls.Server` constructor options are passed to the parent
// constructor.
const assert = require('assert');
const fixtures = require('../common/fixtures');
const tls = require('tls');
const options = {
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem'),
};
{
const server = tls.createServer(options, common.mustCall((socket) => {
assert.strictEqual(socket.allowHalfOpen, false);
}));
assert.strictEqual(server.allowHalfOpen, false);
server.listen(0, common.mustCall(() => {
const socket = tls.connect({
port: server.address().port,
rejectUnauthorized: false
}, common.mustCall(() => {
socket.end();
}));
socket.on('close', () => {
server.close();
});
}));
}
{
const server = tls.createServer({
allowHalfOpen: true,
...options
}, common.mustCall((socket) => {
assert.strictEqual(socket.allowHalfOpen, true);
socket.on('end', socket.end);
}));
assert.strictEqual(server.allowHalfOpen, true);
server.listen(0, common.mustCall(() => {
const socket = tls.connect({
port: server.address().port,
rejectUnauthorized: false
}, common.mustCall(() => {
socket.end();
}));
socket.on('close', () => {
server.close();
});
}));
}