tls: support enableTrace in TLSSocket()

This commit adds the enableTrace option to the TLSSocket constructor. It also plumbs the option through other relevant APIs. PR-URL: https://github.com/nodejs/node/pull/27497 Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Richard Lau <riclau@uk.ibm.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
2019-04-30 11:46:56 -04:00 · 2019-04-30 11:46:56 -04:00 · c6a2fdf3aa
commit c6a2fdf3aa
parent b233d028b3
2 changed files with 23 additions and 11 deletions
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@ -586,6 +586,9 @@ connection is open.
 <!-- YAML
 added: v0.11.4
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/27497
+    description: The `enableTrace` option is now supported.
  - version: v5.0.0
    pr-url: https://github.com/nodejs/node/pull/2564
    description: ALPN options are supported now.
@ -596,6 +599,7 @@ changes:
  instance of [`net.Socket`][] (for generic `Duplex` stream support
  on the client side, [`tls.connect()`][] must be used).
 * `options` {Object}
+  * `enableTrace`: See [`tls.createServer()`][]
  * `isServer`: The SSL/TLS protocol is asymmetrical, TLSSockets must know if
    they are to behave as a server or a client. If `true` the TLS socket will be
    instantiated as a server. **Default:** `false`.
@ -1125,6 +1129,9 @@ being issued by trusted CA (`options.ca`).
 <!-- YAML
 added: v0.11.3
 changes:
+  - version: REPLACEME
+    pr-url: https://github.com/nodejs/node/pull/27497
+    description: The `enableTrace` option is now supported.
  - version: v11.8.0
    pr-url: https://github.com/nodejs/node/pull/25517
    description: The `timeout` option is supported now.
@ -1144,6 +1151,7 @@ changes:
 -->

 * `options` {Object}
+  * `enableTrace`: See [`tls.createServer()`][]
  * `host` {string} Host the client should connect to. **Default:**
    `'localhost'`.
  * `port` {number} Port the client should connect to.
@ -1647,6 +1655,7 @@ changes:
 * `rejectUnauthorized` {boolean} If not `false` a server automatically reject
  clients with invalid certificates. Only applies when `isServer` is `true`.
 * `options`
+  * `enableTrace`: See [`tls.createServer()`][]
  * `secureContext`: A TLS context object from [`tls.createSecureContext()`][]
  * `isServer`: If `true` the TLS socket will be instantiated in server-mode.
    **Default:** `false`.
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@ -343,6 +343,12 @@ function initRead(tlsSocket, socket) {

 function TLSSocket(socket, opts) {
  const tlsOptions = { ...opts };
+  const enableTrace = tlsOptions.enableTrace;
+
+  if (typeof enableTrace !== 'boolean' && enableTrace != null) {
+    throw new ERR_INVALID_ARG_TYPE(
+      'options.enableTrace', 'boolean', enableTrace);
+  }

  if (tlsOptions.ALPNProtocols)
    tls.convertALPNProtocols(tlsOptions.ALPNProtocols, tlsOptions);
@ -397,6 +403,9 @@ function TLSSocket(socket, opts) {
  this.readable = true;
  this.writable = true;

+  if (enableTrace && this._handle)
+    this._handle.enableTrace();
+
  // Read on next tick so the caller has a chance to setup listeners
  process.nextTick(initRead, this, socket);
 }
@ -872,10 +881,9 @@ function tlsConnectionListener(rawSocket) {
    rejectUnauthorized: this.rejectUnauthorized,
    handshakeTimeout: this[kHandshakeTimeout],
    ALPNProtocols: this.ALPNProtocols,
-    SNICallback: this[kSNICallback] || SNICallback
+    SNICallback: this[kSNICallback] || SNICallback,
+    enableTrace: this[kEnableTrace]
  });
-  if (this[kEnableTrace] && socket._handle)
-    socket._handle.enableTrace();

  socket.on('secure', onServerSocketSecure);

@ -997,13 +1005,7 @@ function Server(options, listener) {
    this.on('secureConnection', listener);
  }

-  const enableTrace = options.enableTrace;
-  if (typeof enableTrace === 'boolean') {
-    this[kEnableTrace] = enableTrace;
-  } else if (enableTrace != null) {
-    throw new ERR_INVALID_ARG_TYPE(
-      'options.enableTrace', 'boolean', enableTrace);
-  }
+  this[kEnableTrace] = options.enableTrace;
 }

 Object.setPrototypeOf(Server.prototype, net.Server.prototype);
@ -1364,7 +1366,8 @@ exports.connect = function connect(...args) {
    rejectUnauthorized: options.rejectUnauthorized !== false,
    session: options.session,
    ALPNProtocols: options.ALPNProtocols,
-    requestOCSP: options.requestOCSP
+    requestOCSP: options.requestOCSP,
+    enableTrace: options.enableTrace
  });

  tlssock[kConnectOptions] = options;