1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: support enableTrace in TLSSocket()

Browse Source 
This commit adds the enableTrace option to the TLSSocket
constructor. It also plumbs the option through other relevant
APIs.

PR-URL: https://github.com/nodejs/node/pull/27497
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
This commit is contained in:
cjihrig 2019-04-30 11:46:56 -04:00
parent b233d028b3
commit c6a2fdf3aa
No known key found for this signature in database
GPG Key ID: 7434390BDBE9B9C5
2 changed files with 23 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/api/tls.md
View File

@ -586,6 +586,9 @@ connection is open.
<!-- YAML <!-- YAML
added: v0.11.4 added: v0.11.4
changes: changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/27497
description: The `enableTrace` option is now supported.
- version: v5.0.0 - version: v5.0.0
pr-url: https://github.com/nodejs/node/pull/2564 pr-url: https://github.com/nodejs/node/pull/2564
description: ALPN options are supported now. description: ALPN options are supported now.
@ -596,6 +599,7 @@ changes:
instance of [`net.Socket`][] (for generic `Duplex` stream support instance of [`net.Socket`][] (for generic `Duplex` stream support
on the client side, [`tls.connect()`][] must be used). on the client side, [`tls.connect()`][] must be used).
* `options` {Object} * `options` {Object}
* `enableTrace`: See [`tls.createServer()`][]
* `isServer`: The SSL/TLS protocol is asymmetrical, TLSSockets must know if * `isServer`: The SSL/TLS protocol is asymmetrical, TLSSockets must know if
they are to behave as a server or a client. If `true` the TLS socket will be they are to behave as a server or a client. If `true` the TLS socket will be
instantiated as a server. **Default:** `false`. instantiated as a server. **Default:** `false`.
@ -1125,6 +1129,9 @@ being issued by trusted CA (`options.ca`).
<!-- YAML <!-- YAML
added: v0.11.3 added: v0.11.3
changes: changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/27497
description: The `enableTrace` option is now supported.
- version: v11.8.0 - version: v11.8.0
pr-url: https://github.com/nodejs/node/pull/25517 pr-url: https://github.com/nodejs/node/pull/25517
description: The `timeout` option is supported now. description: The `timeout` option is supported now.
@ -1144,6 +1151,7 @@ changes:
--> -->
* `options` {Object} * `options` {Object}
* `enableTrace`: See [`tls.createServer()`][]
* `host` {string} Host the client should connect to. **Default:** * `host` {string} Host the client should connect to. **Default:**
`'localhost'`. `'localhost'`.
* `port` {number} Port the client should connect to. * `port` {number} Port the client should connect to.
@ -1647,6 +1655,7 @@ changes:
* `rejectUnauthorized` {boolean} If not `false` a server automatically reject * `rejectUnauthorized` {boolean} If not `false` a server automatically reject
clients with invalid certificates. Only applies when `isServer` is `true`. clients with invalid certificates. Only applies when `isServer` is `true`.
* `options` * `options`
* `enableTrace`: See [`tls.createServer()`][]
* `secureContext`: A TLS context object from [`tls.createSecureContext()`][] * `secureContext`: A TLS context object from [`tls.createSecureContext()`][]
* `isServer`: If `true` the TLS socket will be instantiated in server-mode. * `isServer`: If `true` the TLS socket will be instantiated in server-mode.
**Default:** `false`. **Default:** `false`.

25
lib/_tls_wrap.js
View File

@ -343,6 +343,12 @@ function initRead(tlsSocket, socket) {
function TLSSocket(socket, opts) { function TLSSocket(socket, opts) {
const tlsOptions = { ...opts }; const tlsOptions = { ...opts };
const enableTrace = tlsOptions.enableTrace;
if (typeof enableTrace !== 'boolean' && enableTrace != null) {
throw new ERR_INVALID_ARG_TYPE(
'options.enableTrace', 'boolean', enableTrace);
}
if (tlsOptions.ALPNProtocols) if (tlsOptions.ALPNProtocols)
tls.convertALPNProtocols(tlsOptions.ALPNProtocols, tlsOptions); tls.convertALPNProtocols(tlsOptions.ALPNProtocols, tlsOptions);
@ -397,6 +403,9 @@ function TLSSocket(socket, opts) {
this.readable = true; this.readable = true;
this.writable = true; this.writable = true;
if (enableTrace && this._handle)
this._handle.enableTrace();
// Read on next tick so the caller has a chance to setup listeners // Read on next tick so the caller has a chance to setup listeners
process.nextTick(initRead, this, socket); process.nextTick(initRead, this, socket);
} }
@ -872,10 +881,9 @@ function tlsConnectionListener(rawSocket) {
rejectUnauthorized: this.rejectUnauthorized, rejectUnauthorized: this.rejectUnauthorized,
handshakeTimeout: this[kHandshakeTimeout], handshakeTimeout: this[kHandshakeTimeout],
ALPNProtocols: this.ALPNProtocols, ALPNProtocols: this.ALPNProtocols,
SNICallback: this[kSNICallback] || SNICallback SNICallback: this[kSNICallback] || SNICallback,
enableTrace: this[kEnableTrace]
}); });
if (this[kEnableTrace] && socket._handle)
socket._handle.enableTrace();
socket.on('secure', onServerSocketSecure); socket.on('secure', onServerSocketSecure);
@ -997,13 +1005,7 @@ function Server(options, listener) {
this.on('secureConnection', listener); this.on('secureConnection', listener);
} }
const enableTrace = options.enableTrace; this[kEnableTrace] = options.enableTrace;
if (typeof enableTrace === 'boolean') {
this[kEnableTrace] = enableTrace;
} else if (enableTrace != null) {
throw new ERR_INVALID_ARG_TYPE(
'options.enableTrace', 'boolean', enableTrace);
}
} }
Object.setPrototypeOf(Server.prototype, net.Server.prototype); Object.setPrototypeOf(Server.prototype, net.Server.prototype);
@ -1364,7 +1366,8 @@ exports.connect = function connect(...args) {
rejectUnauthorized: options.rejectUnauthorized !== false, rejectUnauthorized: options.rejectUnauthorized !== false,
session: options.session, session: options.session,
ALPNProtocols: options.ALPNProtocols, ALPNProtocols: options.ALPNProtocols,
requestOCSP: options.requestOCSP requestOCSP: options.requestOCSP,
enableTrace: options.enableTrace
}); });
tlssock[kConnectOptions] = options; tlssock[kConnectOptions] = options;