Skip to content
Permalink
Browse files

tls: support `net.Server` options

Pass `tls.Server` constructor options to the parent constructor.

PR-URL: #27665
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
  • Loading branch information...
lpinca authored and Trott committed May 13, 2019
1 parent 7bdd8d6 commit 5112b3d9a6645b83b90b559cb388fa29ee61eb99
Showing with 70 additions and 1 deletion.
  1. +6 −0 doc/api/tls.md
  2. +1 −1 lib/_tls_wrap.js
  3. +63 −0 test/parallel/test-tls-server-parent-constructor-options.js
@@ -1485,6 +1485,10 @@ publicly trusted list of CAs as given in
<!-- YAML
added: v0.3.2
changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/27665
description: The `options` parameter now supports `net.createServer()`
options.
- version: v9.3.0
pr-url: https://github.com/nodejs/node/pull/14903
description: The `options` parameter can now include `clientCertEngine`.
@@ -1535,6 +1539,7 @@ changes:
data. See [Session Resumption][] for more information.
* ...: Any [`tls.createSecureContext()`][] option can be provided. For
servers, the identity options (`pfx` or `key`/`cert`) are usually required.
* ...: Any [`net.createServer()`][] option can be provided.
* `secureConnectionListener` {Function}
* Returns: {tls.Server}

@@ -1755,6 +1760,7 @@ where `secureSocket` has the same API as `pair.cleartext`.
[`NODE_OPTIONS`]: cli.html#cli_node_options_options
[`crypto.getCurves()`]: crypto.html#crypto_crypto_getcurves
[`dns.lookup()`]: dns.html#dns_dns_lookup_hostname_options_callback
[`net.createServer()`]: net.html#net_net_createserver_options_connectionlistener
[`net.Server.address()`]: net.html#net_server_address
[`net.Server`]: net.html#net_class_net_server
[`net.Socket`]: net.html#net_class_net_socket
@@ -1040,7 +1040,7 @@ function Server(options, listener) {
}

// constructor call
net.Server.call(this, tlsConnectionListener);
net.Server.call(this, options, tlsConnectionListener);

if (listener) {
this.on('secureConnection', listener);
@@ -0,0 +1,63 @@
'use strict';
const common = require('../common');

if (!common.hasCrypto)
common.skip('missing crypto');

// Test that `tls.Server` constructor options are passed to the parent
// constructor.

const assert = require('assert');
const fixtures = require('../common/fixtures');
const tls = require('tls');

const options = {
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem'),
};

{
const server = tls.createServer(options, common.mustCall((socket) => {
assert.strictEqual(socket.allowHalfOpen, false);
}));

assert.strictEqual(server.allowHalfOpen, false);

server.listen(0, common.mustCall(() => {
const socket = tls.connect({
port: server.address().port,
rejectUnauthorized: false
}, common.mustCall(() => {
socket.end();
}));

socket.on('close', () => {
server.close();
});
}));
}

{
const server = tls.createServer({
allowHalfOpen: true,
...options
}, common.mustCall((socket) => {
assert.strictEqual(socket.allowHalfOpen, true);
socket.on('end', socket.end);
}));

assert.strictEqual(server.allowHalfOpen, true);

server.listen(0, common.mustCall(() => {
const socket = tls.connect({
port: server.address().port,
rejectUnauthorized: false
}, common.mustCall(() => {
socket.end();
}));

socket.on('close', () => {
server.close();
});
}));
}

0 comments on commit 5112b3d

Please sign in to comment.
You can’t perform that action at this time.