0
0
mirror of https://github.com/nodejs/node.git synced 2024-12-01 16:10:02 +01:00
Commit Graph

167 Commits

Author SHA1 Message Date
Luigi Pinca
aaa7547e77 tls: make tls.connect() accept a timeout option
If specified, and only when a socket is created internally, the option
will make `socket.setTimeout()` to be called on the created socket with
the given timeout.

This is consistent with the `timeout` option of `net.connect()` and
prevents the `timeout` option of the `https.Agent` from being ignored
when a socket is created.

PR-URL: https://github.com/nodejs/node/pull/25517
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2019-01-20 14:56:35 +01:00
Sam Roberts
870186d69a doc: add metadata about ecdh curve options
- DEFAULT_ECDH_CURVE default changed to 'auto' for 10.0.0
- ecdhCurve parameter allowed multiple values and 'auto' from 9.0.0

PR-URL: https://github.com/nodejs/node/pull/25502
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2019-01-17 12:41:26 +01:00
Sam Roberts
66f45e7e5b doc: add TLSSocket.isSessionReused() docs
The API has existed forever and is used in our unit tests. It is
supported for TLS1.3 as well as 1.2 and useful for troubleshooting, so
it should be documented.

PR-URL: https://github.com/nodejs/node/pull/25423
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2019-01-14 15:34:53 -08:00
Sam Roberts
eaa1544d97 doc: describe TLS session resumption
PR-URL: https://github.com/nodejs/node/pull/25174
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-12-27 14:31:54 -08:00
Sam Roberts
b03ba38a57 doc: link and expand --tls-cipher-list docs
Link to the cli docs for --tls-cipher-list, and link to and mention that
NODE_OPTIONS can also be used.

PR-URL: https://github.com/nodejs/node/pull/25174
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-12-27 14:31:48 -08:00
Beth Griggs
74a1dfb56e
2018-12-18, Version 11.5.0 (Current)
Notable changes:

* **tls**:
  * support "BEGIN TRUSTED CERTIFICATE" for ca: (Sam Roberts)
    [#24733](https://github.com/nodejs/node/pull/24733)
* **util**:
  * add inspection getter option (Ruben Bridgewater)
    [#24852](https://github.com/nodejs/node/pull/24852)

PR-URL: https://github.com/nodejs/node/pull/25102
2018-12-18 18:36:17 +00:00
cjihrig
928f776385 doc: add missing pr-url
PR-URL: https://github.com/nodejs/node/pull/25091
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-12-17 11:29:35 -08:00
Sam Roberts
2e4a163012 tls: support "BEGIN TRUSTED CERTIFICATE" for ca:
Support the same PEM certificate formats for the ca: option to
tls.createSecureContext() that are supported by openssl when loading a
CAfile.

Fixes: https://github.com/nodejs/node/issues/24761

PR-URL: https://github.com/nodejs/node/pull/24733
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2018-12-11 15:28:58 -08:00
Sam Roberts
e5878eaf5e test: test TLS client authentication
TLS client authentication should be tested, including failure scenarios.

PR-URL: https://github.com/nodejs/node/pull/24733
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2018-12-11 15:28:54 -08:00
Ruben Bridgewater
bcef949c93
2018-12-07, Version 11.4.0 (Current)
Notable Changes:

* console,util:
  * `console` functions now handle symbols as defined in the spec.
    https://github.com/nodejs/node/pull/23708
  * The inspection `depth` default is now back at 2.
    https://github.com/nodejs/node/pull/24326
* dgram,net:
  * Added ipv6Only option for `net` and `dgram`.
    https://github.com/nodejs/node/pull/23798
* http:
  * Chosing between the http parser is now possible per runtime flag.
    https://github.com/nodejs/node/pull/24739
* readline:
  * The `readline` module now supports async iterators.
    https://github.com/nodejs/node/pull/23916
* repl:
  * The multiline history feature is removed.
    https://github.com/nodejs/node/pull/24804
* tls:
  * Added min/max protocol version options.
    https://github.com/nodejs/node/pull/24405
  * The X.509 public key info now includes the RSA bit size and the
    elliptic curve. https://github.com/nodejs/node/pull/24358
* url:
  * `pathToFileURL()` now supports LF, CR and TAB.
    https://github.com/nodejs/node/pull/23720
* Windows:
  * Tools are not installed using Boxstarter anymore.
    https://github.com/nodejs/node/pull/24677
  * The install-tools scripts or now included in the dist.
    https://github.com/nodejs/node/pull/24233
* Added new collaborator:
  * [antsmartian](https://github.com/antsmartian) - Anto Aravinth.
    https://github.com/nodejs/node/pull/24655

PR-URL: https://github.com/nodejs/node/pull/24854
2018-12-07 18:50:20 +01:00
Sam Roberts
5202b70fec doc: fix REPLACEME for tls min/max protocol option
Fill in correct pr-url: value in the YAML changelog that was missing
from f512f5ea. The stanza was also sorted in the wrong order, most
recent is supposed to be in the beginning of the changes, not the end.

PR-URL: https://github.com/nodejs/node/pull/24759
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2018-12-03 09:34:45 -08:00
Yusuke Kawasaki
83a7247f12 doc: remove duplicate whitespaces in doc/api
PR-URL: https://github.com/nodejs/node/pull/24628
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-11-24 11:30:04 +02:00
Sam Roberts
f512f5ea13 tls: add min/max protocol version options
The existing secureProtocol option only allows setting the allowed
protocol to a specific version, or setting it to "all supported
versions". It also used obscure strings based on OpenSSL C API
functions. Directly setting the min or max is easier to use and explain.

PR-URL: https://github.com/nodejs/node/pull/24405
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
2018-11-22 09:14:58 -08:00
Sam Roberts
67c092127e doc: minor cleanup of tls.getProtocol()
Improve markup and return value description.

PR-URL: https://github.com/nodejs/node/pull/24533
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-11-20 14:42:47 -08:00
Sam Roberts
0512d68e42 tls: include RSA bit size in X.509 public key info
For symmetricality with the EC public key info, and because its useful.

PR-URL: https://github.com/nodejs/node/pull/24358
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-11-20 13:21:08 -08:00
Sam Roberts
fe303b9b2d tls: include elliptic curve X.509 public key info
X.509 certs are provided to the user in a parsed object form by a number
of TLS APIs. Include public key info for elliptic curves as well, not
just RSA.
- pubkey: the public key
- bits: the strength of the curve
- asn1Curve: the ASN.1 OID for the curve
- nistCurve: the NIST nickname for the curve, if it has one

PR-URL: https://github.com/nodejs/node/pull/24358
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-11-20 13:21:08 -08:00
Sam Roberts
a856406c2d doc: describe certificate object properties
PR-URL: https://github.com/nodejs/node/pull/24358
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-11-20 13:15:50 -08:00
Sam Roberts
43273262e5 doc: describe secureProtocol and CLI interaction
Cross-reference the secureProtocol docs and the CLI docs for --tls-v1.0
and --tls-v1.1 and describe relationship. Make clear that --tls-v1.0
enables TLSv1.0 and TLSv1.1.

PR-URL: https://github.com/nodejs/node/pull/24386
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
2018-11-19 11:21:13 -08:00
Ruben Bridgewater
406d9caab5
2018-11-15, Version 11.2.0 (Current)
Notable changes:

* deps:
  * A new experimental HTTP parser (`llhttp`) is now supported.
    https://github.com/nodejs/node/pull/24059
* timers:
  * Fixed an issue that could cause setTimeout to stop working as
    expected. https://github.com/nodejs/node/pull/24322
* Windows
  * A crashing process will now show the names of stack frames if the
    node.pdb file is available.
    https://github.com/nodejs/node/pull/23822
  * Continued effort to improve the installer's new stage that installs
    native build tools.
    https://github.com/nodejs/node/pull/23987,
    https://github.com/nodejs/node/pull/24348
  * child_process:
    * On Windows the `windowsHide` option default was restored to
      `false`. This means `detached` child processes and GUI apps will
      once again start in a new window.
      https://github.com/nodejs/node/pull/24034
* Added new collaborators:
  * [oyyd](https://github.com/oyyd) - Ouyang Yadong.
    https://github.com/nodejs/node/pull/24300
  * [psmarshall](https://github.com/psmarshall) - Peter Marshall.
    https://github.com/nodejs/node/pull/24170
  * [shisama](https://github.com/shisama) - Masashi Hirano.
    https://github.com/nodejs/node/pull/24136

PR-URL: https://github.com/nodejs/node/pull/24350
2018-11-15 22:16:09 +01:00
Sam Roberts
db35fee1e1 tls: get the local certificate after tls handshake
Add an API to get the local certificate chosen during TLS handshake from
the SSL context.

Fix: https://github.com/nodejs/node/issues/24095

PR-URL: https://github.com/nodejs/node/pull/24261
Fixes: https://github.com/nodejs/node/issues/24095
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
2018-11-13 20:42:57 -08:00
Sam Roberts
7cd08eb100 doc: use real protocol names in ALPN example
PR-URL: https://github.com/nodejs/node/pull/24232
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-11-13 12:46:08 -08:00
Ben Noordhuis
60eca6a5d4
tls: disable TLS v1.0 and v1.1 by default
Refs: https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/

PR-URL: https://github.com/nodejs/node/pull/23814
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
2018-11-13 16:05:51 +01:00
Sam Roberts
05a11d1b64 doc: fix echo example programs
Adjust to work with self-signed certificates, and certificates that do
not name "localhost" as their host name.
Removed duplicate examples, they differed only by using `pfx`. Its not
necessary to show every option, and we don't, and the example wouldn't
work with most pfx anyway, since it didn't specify a password.

PR-URL: https://github.com/nodejs/node/pull/24235
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ujjwal Sharma <usharma1998@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
2018-11-13 05:41:33 +01:00
Sam Roberts
3833d69936 doc: fix some inconsistent use of hostname
host names are DNS names, host addresses are IP addresses, and `host`
arguments and options can be either.

PR-URL: https://github.com/nodejs/node/pull/24199
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2018-11-09 20:50:02 -08:00
Sam Roberts
27cdb36b10 doc: describe what tls servername is for
Docs should describe the purpose of the option.

PR-URL: https://github.com/nodejs/node/pull/24236
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2018-11-09 16:22:18 -08:00
Ouyang Yadong
5689d55392 doc: add types and their corresponding return values
This commit supplements some types and their corresponding return
values in docs, including `AsyncResource`, `DiffieHellman`,
`ECDH`, `https.Server`, `repl.REPLServer`.

PR-URL: https://github.com/nodejs/node/pull/23998
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2018-11-02 00:36:40 +02:00
James M Snell
3516052bee
2018-10-23, Version 11.0.0 (Current)
Notable changes:

* Build
  * FreeBSD 10 is no longer supported.[#22617](https://github.com/nodejs/node/pull/22617)
* `child_process`
  * The default value of the `windowsHide` option has been changed
    to `true`. [#21316](https://github.com/nodejs/node/pull/21316)
* `console`
  * `console.countReset()` will emit a warning if the timer
    being reset does not exist. [#21649](https://github.com/nodejs/node/pull/21649)
  * `console.time()` will no longer reset a timer if it already
    exists. [#20442](https://github.com/nodejs/node/pull/20442)
* Dependencies
  * V8 has been updated to 7.0.
    [#22754](https://github.com/nodejs/node/pull/22754)
* `fs`
  * The `fs.read()` method now requires a callback.
    [#22146](https://github.com/nodejs/node/pull/22146)
  * The previously deprecated `fs.SyncWriteStream` utility has been
    removed.[#20735](https://github.com/nodejs/node/pull/20735)
* `http`
  * The `http`, `https`, and `tls` modules now use the WHATWG URL parser
    by default. [#20270](https://github.com/nodejs/node/pull/20270)
* General
  * Use of `process.binding()` has been deprecated. Userland code using
    `process.binding()` should re-evaluate that use and begin migrating. If
    there are no supported API alternatives, please open an issue in the
    Node.js GitHub repository so that a suitable alternative may be discussed.
  * An experimental implementation of `queueMicrotask()` has been added.
    [#22951](https://github.com/nodejs/node/pull/22951)
* Internal
  * Windows performance-counter support has been removed.
    [#22485](https://github.com/nodejs/node/pull/22485)
  * The `--expose-http2` command-line option has been removed.
    [#20887](https://github.com/nodejs/node/pull/20887)
* Timers
  * Interval timers will be rescheduled even if previous interval threw
    an error. [#20002](https://github.com/nodejs/node/pull/20002)
* `util`
  * The WHATWG `TextEncoder` and `TextDecoder` are now globals.
    [#22281](https://github.com/nodejs/node/pull/22281)
  * `util.inspect()` output size is limited to 128 MB by default.
    [#22756](https://github.com/nodejs/node/pull/22756)
  * A runtime warning will be emitted when `NODE_DEBUG` is set for
    either `http` or `http2`. [#21914](https://github.com/nodejs/node/pull/21914)
2018-10-23 11:03:02 -07:00
James M Snell
d2fcd1dd39 doc: remove reference to sslv3 in tls.md
PR-URL: https://github.com/nodejs/node/pull/23745
Fixes: https://github.com/nodejs/node/issues/9822
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2018-10-22 05:29:51 +02:00
cjihrig
96a986d675
tls: support changing credentials dynamically
This commit adds a setSecureContext() method to TLS servers. In
order to maintain backwards compatibility, the method takes the
options needed to create a new SecureContext, rather than an
instance of SecureContext.

Fixes: https://github.com/nodejs/node/issues/4464
Refs: https://github.com/nodejs/node/issues/10349
Refs: https://github.com/nodejs/help/issues/603
Refs: https://github.com/nodejs/node/issues/15115
PR-URL: https://github.com/nodejs/node/pull/23644
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2018-10-21 09:32:45 -04:00
Сковорода Никита Андреевич
8d29569368 doc: wrap links in <>
This fixes links that were broken due to inclusion of the trailing dot.
Also simplifies a pair of occurances of []().

PR-URL: https://github.com/nodejs/node/pull/23359
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-10-15 05:51:18 +02:00
Sam Roberts
846cc7e498
doc: describe SNI host name format
Ref: https://github.com/nodejs/node/pull/23329

PR-URL: https://github.com/nodejs/node/pull/23357
Refs: https://github.com/nodejs/node/pull/23329
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-10-12 14:52:12 -07:00
Beni von Cheni
f5ab9d1765 tls: update test & docs for ArrayBuffer/DataView
In tls module, accept ArrayBuffer/DataView in place of isUint8Array in
the source code & related test code in "test-tls-basic-validations.js",
per the "tls" item in the checklist of the comment in #1826.

PR-URL: https://github.com/nodejs/node/pull/23210
Refs: https://github.com/nodejs/node/issues/1826
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Denys Otrishko <shishugi@gmail.com>
2018-10-08 08:29:33 +02:00
Ouyang Yadong
054481633a doc: fix code snippets in tls.md
Replace `server.close()` which don't exist in code snippets.

PR-URL: https://github.com/nodejs/node/pull/23239
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Denys Otrishko <shishugi@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-10-06 01:17:15 +03:00
Tobias Nießen
4da11f2dc5 tls: fix DEP0083 after upgrading to OpenSSL 1.1.0
Setting ecdhCurve to false is already unsupported, so the deprecation
should already be EOL. The test was skipped ever since we upgraded to
OpenSSL 1.1.0.

PR-URL: https://github.com/nodejs/node/pull/22953
Refs: https://github.com/nodejs/node/pull/16130
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2018-09-24 07:26:08 +02:00
Rich Trott
8452459ee6
doc: indicate createSecureContext arg is optional
The `options` argument to `tls.createSecureContext()` is optional.

Indicate this by using `[` and `]` in the function signature.

PR-URL: https://github.com/nodejs/node/pull/22545
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: George Adams <george.adams@uk.ibm.com>
2018-09-02 14:04:53 +02:00
Rich Trott
1672484b7e
doc: remove _optional_ designation for tls options
Options are, by definition, optional. Remove specification of some
options as "optional".

PR-URL: https://github.com/nodejs/node/pull/22545
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: George Adams <george.adams@uk.ibm.com>
2018-09-02 14:04:52 +02:00
Vse Mozhet Byt
1a25f9639a doc: remove redundant 'Example:' and similar notes
Some nits were also fixed in passing.

PR-URL: https://github.com/nodejs/node/pull/22537
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-08-29 16:53:03 +03:00
Vse Mozhet Byt
3ffbbd3eef doc: prevent some redirections
Replace some redirected URLs with the final ones.

PR-URL: https://github.com/nodejs/node/pull/21811
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2018-07-14 22:57:03 +03:00
Brian White
c267639daa
doc: clarify ciphers option format
PR-URL: https://github.com/nodejs/node/pull/21557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>
2018-07-03 16:30:17 -04:00
Rich Trott
25c92a9026 doc: alphabetize tls options
Alphabetize the lists of options for tls.createServer() and
tls.createSecureContext().

PR-URL: https://github.com/nodejs/node/pull/21139
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-06-06 21:07:53 -07:00
Rich Trott
1252907c6c doc: simplify deprecation language
Change instances of `foo has been deprecated` to `foo is deprecated` and
similar.

PR-URL: https://github.com/nodejs/node/pull/21136
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
2018-06-06 21:06:13 -07:00
Davis Okoth
38c938aa90
doc: fix inconsistent documentation (host vs hostname)
Update reference to read `hostname` instead of `host` for consistency.

Also update function signature to use `hostname` rather than `host`

PR-URL: https://github.com/nodejs/node/pull/20933
Refs: https://github.com/nodejs/node/issues/20892
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2018-06-01 11:10:50 +02:00
Vse Mozhet Byt
7588ceaf35 doc: add more missing backticks
Also, fix some other nits in passing
(formatting, punctuation, typos, redundancy, obsoleteness).

PR-URL: https://github.com/nodejs/node/pull/20438
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2018-05-03 02:12:07 +03:00
Vse Mozhet Byt
392d80a617 doc: add missing periods or colons
Some other formatting nits were fixed
and some superfluous descriptions were simplified in passing.

PR-URL: https://github.com/nodejs/node/pull/20401
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2018-05-02 06:17:08 +03:00
Vse Mozhet Byt
a3bd06a5e6 doc: remove redundant empty lines
PR-URL: https://github.com/nodejs/node/pull/20398
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2018-04-29 17:48:43 +03:00
Vse Mozhet Byt
9c8857d946 doc: add quotes for event names + fix similar nits
PR-URL: https://github.com/nodejs/node/pull/19915
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2018-04-11 21:42:38 -07:00
Vse Mozhet Byt
df5d41bf93 doc: add and unify even more return values
PR-URL: https://github.com/nodejs/node/pull/19955
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-04-12 03:18:01 +03:00
Vse Mozhet Byt
068c001dee doc: replace unneeded snake cases
PR-URL: https://github.com/nodejs/node/pull/19951
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yuta Hiroto <hello@hiroppy.me>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2018-04-12 03:12:10 +03:00
Shigeki Ohtsu
ae096ba27c doc: fix API descriptions for OpenSSL-1.1.0
Fixes: https://github.com/nodejs/node/issues/4270
PR-URL: https://github.com/nodejs/node/pull/19794
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Rod Vagg <rod@vagg.org>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
2018-04-10 06:45:45 +09:00
Vse Mozhet Byt
de0053cc32 doc: fix various nits
* Replace 2 hyphens (--) by spaced m-dashes (—) as per STYLE_GUIDE.md.
* Space infix operators.
* Unify quotes in inline code spans (use only single quotes).
* Unify `* Returns:` (eliminate deviations).
* Dedupe spaces.

PR-URL: https://github.com/nodejs/node/pull/19743
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2018-04-04 13:45:39 +03:00
Vse Mozhet Byt
237cbe10fb doc,tools: formalize, unify, codify default values
PR-URL: https://github.com/nodejs/node/pull/19737
Reviewed-By: Gus Caplan <me@gus.host>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
2018-04-04 12:30:36 +03:00
Ben Noordhuis
5bfbe5ceae tls: drop NPN (next protocol negotiation) support
NPN has been superseded by ALPN.  Chrome and Firefox removed support for
NPN in 2016 and 2017 respectively to no ill effect.

Fixes: https://github.com/nodejs/node/issues/14602
PR-URL: https://github.com/nodejs/node/pull/19403
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-03-27 16:22:37 +02:00
Myles Borins
0fc3592255
2018-03-21, Version 9.9.0 (Current)
Notable changes:

* assert:
  - From now on all error messages produced by `assert` in strict mode
    will produce a error diff. (Ruben Bridgewater)
    https://github.com/nodejs/node/pull/17615
  - From now on it is possible to use a validation object in throws
    instead of the other possibilities. (Ruben Bridgewater)
    https://github.com/nodejs/node/pull/17584
* crypto:
  - allow passing null as IV unless required (Tobias Nießen)
    https://github.com/nodejs/node/pull/18644
* fs:
  - support as and as+ flags in stringToFlags() (Sarat Addepalli)
    https://github.com/nodejs/node/pull/18801
* tls:
  - expose Finished messages in TLSSocket (Anton Salikhmetov)
    https://github.com/nodejs/node/pull/19102
* tty:
  - Add getColorDepth function to determine if terminal supports colors
    (Ruben Bridgewater) https://github.com/nodejs/node/pull/17615
* util:
  - add util.inspect compact option (Ruben Bridgewater)
    https://github.com/nodejs/node/pull/17576
* **Added new collaborators**
  - [watson](https://github.com/watson) Thomas Watson

PR-URL: https://github.com/nodejs/node/pull/19428
2018-03-21 15:47:12 +00:00
Rich Trott
14809aaa98 doc: clarify default TLS handshake timeout
Because the `handshakeTimeout` is in milliseconds, use that unit of
measurement to express the default value.

PR-URL: https://github.com/nodejs/node/pull/19290
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-03-14 07:50:16 -07:00
Anton Salikhmetov
98a14e026b
tls: expose Finished messages in TLSSocket
Exposes SSL_get_finished and SSL_get_peer_finished routines in OpenSSL
as tlsSocket.getFinished and tlsSocket.getPeerFinished, respectively.

PR-URL: https://github.com/nodejs/node/pull/19102
Fixes: https://github.com/nodejs/node/issues/19055
Refs: https://github.com/ripple/rippled/issues/2413
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2018-03-11 18:29:18 +01:00
estrada9166
a29089d7c8
doc: add new documentation lint rule
Add 80 characters limit to docs.
Change docs to fit 80 characters per row.

PR-URL: https://github.com/nodejs/node/pull/18726
Fixes: https://github.com/nodejs/node/issues/18703
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
2018-02-23 16:26:29 +00:00
Hannes Magnusson
6aab9e1eed
crypto: add docs & tests for cert.pubkey & cert.fingerprint256
Include example on how to pin certificate and/or public key

PR-URL: https://github.com/nodejs/node/pull/17690
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2018-02-22 11:22:14 +01:00
James M Snell
d3569b623c
doc: remove **Note:** tags
Remove the various **Note:** prefixes throughout the docs.

PR-URL: https://github.com/nodejs/node/pull/18592
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
2018-02-08 11:57:14 -05:00
sreepurnajasti
c016cc2b17 doc: fix e.g., to e.g. in docs
PR-URL: https://github.com/nodejs/node/pull/18369
Fixes: https://github.com/nodejs/code-and-learn/issues/58
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2018-01-25 16:29:50 +02:00
Vse Mozhet Byt
11a1bc1136 doc: replace wrong U+00A0 by common spaces
PR-URL: https://github.com/nodejs/node/pull/17940
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
2018-01-02 01:58:15 +02:00
Myles Borins
a893e79a69
2017-12-12 Version 9.3.0 (Current)
Notable changes:

* async\_hooks:
  - add trace events to async_hooks (Andreas Madsen)
    https://github.com/nodejs/node/pull/15538
  - add provider types for net server (Andreas Madsen)
    https://github.com/nodejs/node/pull/17157
* console:
  - console.debug can now be used outside of the inspector
    (Benjamin Zaslavsky) https://github.com/nodejs/node/pull/17033
* deps:
  - upgrade libuv to 1.18.0 (cjihrig)
    https://github.com/nodejs/node/pull/17282
  - patch V8 to 6.2.414.46 (Myles Borins)
    https://github.com/nodejs/node/pull/17206
* module:
  - module.builtinModules will return a list of built in modules
    (Jon Moss) https://github.com/nodejs/node/pull/16386
* n-api:
  - add helper for addons to get the event loop (Anna Henningsen)
    https://github.com/nodejs/node/pull/17109
* process:
  - process.setUncaughtExceptionCaptureCallback can now be used to
    customize behavior for `--abort-on-uncaught-exception`
    (Anna Henningsen) https://github.com/nodejs/node/pull/17159
  - A signal handler is now able to receive the signal code that
    triggered the handler. (Robert Rossmann)
    https://github.com/nodejs/node/pull/15606
* src:
  - embedders can now use Node::CreatePlatform to create an instance of
    NodePlatform (Cheng Zhao)
    https://github.com/nodejs/node/pull/16981
* stream:
  - writable.writableHighWaterMark and readable.readableHighWaterMark
    will return the values the stream object was instantiated with
    (Calvin Metcalf) https://github.com/nodejs/node/pull/12860
* **Added new collaborators**
  * [maclover7](https://github.com/maclover7) Jon Moss
  * [guybedford](https://github.com/guybedford) Guy Bedford
  * [hashseed](https://github.com/hashseed) Yang Guo

PR-URL: https://github.com/nodejs/node/pull/17631
2017-12-12 15:59:29 -05:00
Myles Borins
dc925400d7
doc: fix link for https api change
The PR number included for this api addition was originally incorrect.

PR-URL: https://github.com/nodejs/node/pull/17630
Refs: https://github.com/nodejs/node/pull/14903
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
2017-12-12 17:04:48 -02:00
Anna Henningsen
93656f4366
doc,test: mention Duplex support for TLS
Document and test the existing support for generic Duplex streams
in the TLS module.

PR-URL: https://github.com/nodejs/node/pull/17599
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2017-12-12 12:46:21 -02:00
Rich Trott
7f70a2a9ef doc: use serial comma in tls.md
PR-URL: https://github.com/nodejs/node/pull/17464
Reviewed-By: Gireesh Punathil <gpunathi@in.ibm.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-12-05 19:50:36 -08:00
Rich Trott
ff9a6bc1f3 doc: add missing serial commas
PR-URL: https://github.com/nodejs/node/pull/17384
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Richard Lau <riclau@uk.ibm.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2017-12-01 14:46:36 -08:00
Hannes Magnusson
df63e53458
doc: document tls.checkServerIdentity
The funciton was added in eb2ca10462

PR-URL: https://github.com/nodejs/node/pull/17203
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
2017-12-01 20:44:52 +01:00
Hannes Magnusson
da429c3d20
doc: improve checkServerIdentity docs
PR-URL: https://github.com/nodejs/node/pull/17203
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
2017-12-01 20:44:49 +01:00
Hativ
af78840b19
tls: set ecdhCurve default to 'auto'
For best out-of-the-box compatibility there should not be one default
`ecdhCurve` for the tls client, OpenSSL should choose them
automatically.

See https://wiki.openssl.org/index.php/Manual:SSL_CTX_set1_curves(3)

PR-URL: https://github.com/nodejs/node/pull/16853
Refs: https://github.com/nodejs/node/issues/16196
Refs: https://github.com/nodejs/node/issues/1495
Refs: https://github.com/nodejs/node/pull/15206
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2017-11-29 00:43:05 +01:00
Ronald Eddy Jr
7ab784000a
doc: update http URLs to https in doc/api
PR-URL: https://github.com/nodejs/node/pull/17263
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Myles Borins <myles.borins@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Anatoli Papirovski <apapirovski@mac.com>
2017-11-23 16:06:35 -05:00
Rich Trott
de917f8e81 doc: add clientCertEngine to docs
Added `clientCertEngine` option to `https` and `tls` docs.
2017-11-11 13:35:23 -08:00
David Benjamin
5fe81c8aff crypto: hard-code tlsSocket.getCipher().version
This aligns the documentation with reality. This API never did what Node
claims it did.

The SSL_CIPHER_get_version function just isn't useful. In OpenSSL 1.0.2,
it always returned the string "TLSv1/SSLv3" for anything but SSLv2
ciphers, which Node does not support. Note how test-tls-multi-pfx.js
claims that ECDHE-ECDSA-AES256-GCM-SHA384 was added in TLSv1/SSLv3 which
is not true. That cipher is new as of TLS 1.2. The OpenSSL 1.0.2
implementation is:

char *SSL_CIPHER_get_version(const SSL_CIPHER *c)
{
    int i;

    if (c == NULL)
        return ("(NONE)");
    i = (int)(c->id >> 24L);
    if (i == 3)
        return ("TLSv1/SSLv3");
    else if (i == 2)
        return ("SSLv2");
    else
        return ("unknown");
}

In OpenSSL 1.1.0, SSL_CIPHER_get_version changed to actually behave as
Node documented it, but this changes the semantics of the function and
breaks tests. The cipher's minimum protocol version is not a useful
notion to return to the caller here, so just hardcode the string at
"TLSv1/SSLv3" and document it as legacy.

PR-URL: https://github.com/nodejs/node/pull/16130
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Rod Vagg <rod@vagg.org>
2017-11-11 20:42:49 +11:00
Martin Michaelis
278f653512
doc: fix inconsistent server.listen documentation
The `net`, `tls`, `http` and `https` module have the same
`server.listen()` method, but have a different documenation.
Changed to a consistent link to the documentation of the `net` module.

PR-URL: https://github.com/nodejs/node/pull/16020
Reviewed-By: Bryan English <bryan@bryanenglish.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-10-19 02:26:01 -02:00
kohta ito
95c8503d88 doc: fix typo in tls.md
PR-URL: https://github.com/nodejs/node/pull/15738
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
Reviewed-By: Vse Mozhet Byt <vsemozhetbyt@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2017-10-02 19:20:10 +03:00
Roga Pria Sembada
873e5bd0b4 crypto: support multiple ECDH curves and auto
Using SSL_CTX_set1_curves_list() (OpenSSL 1.0.2+), this allows to set
colon separated ECDH curve names in SecureContext's ecdhCurve option.
The option can also be set to "auto" to select the curve automatically
from list built in OpenSSL by enabling SSL_CTX_set_ecdh_auto()
(OpenSSL 1.0.2+).

PR-URL: https://github.com/nodejs/node/pull/15206
Ref: https://github.com/nodejs/node/issues/15054
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2017-09-20 01:16:28 -07:00
Yury Popov
372dc86af5
tls: multiple PFX in createSecureContext
Add support for multiple PFX files in tls.createSecureContext.
Also added support for object-style PFX pass.

PR-URL: https://github.com/nodejs/node/pull/14793
Fixes: https://github.com/nodejs/node/issues/14756
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2017-09-07 21:48:46 -03:00
Chris Young
cacce304cb doc: add links to alternative versions of doc
Each page of the API documentation should have links to other versions
of the same page. This will make it easier to switch between the current
"live" release at nodejs.org and LTS versions.

PR-URL: https://github.com/nodejs/node/pull/10958
Fixes: https://github.com/nodejs/node/issues/10726
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Evan Lucas <evanlucas@me.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
2017-08-28 11:17:08 +02:00
Anna Henningsen
1fe0741e50 2017-08-15, Version 8.4.0 (Current)
Notable changes

* **HTTP2**
  * Experimental support for the built-in `http2` has been added via the
    `--expose-http2` flag.
    [#14239](https://github.com/nodejs/node/pull/14239)

* **Inspector**
  * `require()` is available in the inspector console now.
    [#8837](https://github.com/nodejs/node/pull/8837)
  * Multiple contexts, as created by the `vm` module, are supported now.
    [#14465](https://github.com/nodejs/node/pull/14465)

* **N-API**
  * New APIs for creating number values have been introduced.
    [#14573](https://github.com/nodejs/node/pull/14573)

* **Stream**
  * For `Duplex` streams, the high water mark option can now be set
    independently for the readable and the writable side.
    [#14636](https://github.com/nodejs/node/pull/14636)

* **Util**
  * `util.format` now supports the `%o` and `%O` specifiers for printing
    objects.
    [#14558](https://github.com/nodejs/node/pull/14558)

PR-URL: https://github.com/nodejs/node/pull/14811
2017-08-15 15:05:22 -05:00
James M Snell
b1909d3a70 tls: add tlsSocket.disableRenegotiation()
Allows TLS renegotiation to be disabled per `TLSSocket` instance.
Per HTTP/2, TLS renegotiation is forbidden after the initial
connection prefix is exchanged.

PR-URL: https://github.com/nodejs/node/pull/14239
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
2017-08-04 12:55:30 -07:00
Tobias Nießen
e318c8a97a doc: fix minor issues reported in #9538
oath.md: make order of properties consistent
tls.md: remove spaces in getPeerCertificate signature
tls.md: add deprecation notice to server.connections
http.md: fix signature of request.end
crypto.md: change crypto parameters to camelCase
vm.md: add missing apostrophe
vm.md: fix signature of vm.runInNewContext
zlib.md: improve description of zlib.createXYZ

PR-URL: https://github.com/nodejs/node/pull/13491
Ref: https://github.com/nodejs/node/issues/9538
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2017-06-14 00:18:59 +02:00
Tarun
597ba1580a
doc: corrects reference to tlsClientError
After the renaming of `clientError` in TLS to `tlsClientError` in
https://github.com/nodejs/node/commit/1ab6b21360d97719b3101153fb164c0c3eddf08,
the docs inconsistently referred the error as `clientError`, which is now
corrected.

Fixes: https://github.com/nodejs/node/issues/13417
PR-URL: https://github.com/nodejs/node/pull/13533
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
2017-06-08 14:41:37 +02:00
Paul Bininda
7637347ae6 doc: add missing backticks to doc/api/tls.md
PR-URL: https://github.com/nodejs/node/pull/13394
Fixes: https://github.com/nodejs/node/issues/13382
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Jeremiah Senkpiel <fishrock123@rocketmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
2017-06-04 18:45:02 -04:00
James M Snell
43e4efdf21 2017-05-30, Version 8.0.0 (Current)
* **Async Hooks**
  * The `async_hooks` module has landed in core
    [[`4a7233c178`](https://github.com/nodejs/node/commit/4a7233c178)]
    [#12892](https://github.com/nodejs/node/pull/12892).

* **Buffer**
  * Using the `--pending-deprecation` flag will cause Node.js to emit a
    deprecation warning when using `new Buffer(num)` or `Buffer(num)`.
    [[`d2d32ea5a2`](https://github.com/nodejs/node/commit/d2d32ea5a2)]
    [#11968](https://github.com/nodejs/node/pull/11968).
  * `new Buffer(num)` and `Buffer(num)` will zero-fill new `Buffer` instances
    [[`7eb1b4658e`](https://github.com/nodejs/node/commit/7eb1b4658e)]
    [#12141](https://github.com/nodejs/node/pull/12141).
  * Many `Buffer` methods now accept `Uint8Array` as input
    [[`beca3244e2`](https://github.com/nodejs/node/commit/beca3244e2)]
    [#10236](https://github.com/nodejs/node/pull/10236).

* **Child Process**
  * Argument and kill signal validations have been improved
    [[`97a77288ce`](https://github.com/nodejs/node/commit/97a77288ce)]
    [#12348](https://github.com/nodejs/node/pull/12348),
    [[`d75fdd96aa`](https://github.com/nodejs/node/commit/d75fdd96aa)]
    [#10423](https://github.com/nodejs/node/pull/10423).
  * Child Process methods accept `Uint8Array` as input
    [[`627ecee9ed`](https://github.com/nodejs/node/commit/627ecee9ed)]
    [#10653](https://github.com/nodejs/node/pull/10653).

* **Console**
  * Error events emitted when using `console` methods are now supressed.
    [[`f18e08d820`](https://github.com/nodejs/node/commit/f18e08d820)]
    [#9744](https://github.com/nodejs/node/pull/9744).

* **Dependencies**
  * The npm client has been updated to 5.0.0
    [[`3c3b36af0f`](https://github.com/nodejs/node/commit/3c3b36af0f)]
    [#12936](https://github.com/nodejs/node/pull/12936).
  * V8 has been updated to 5.8 with forward ABI stability to 6.0
    [[`60d1aac8d2`](https://github.com/nodejs/node/commit/60d1aac8d2)]
    [#12784](https://github.com/nodejs/node/pull/12784).

* **Domains**
  * Native `Promise` instances are now `Domain` aware
    [[`84dabe8373`](https://github.com/nodejs/node/commit/84dabe8373)]
    [#12489](https://github.com/nodejs/node/pull/12489).

* **Errors**
  * We have started assigning static error codes to errors generated by Node.js.
    This has been done through multiple commits and is still a work in
    progress.

* **File System**
  * The utility class `fs.SyncWriteStream` has been deprecated
    [[`7a55e34ef4`](https://github.com/nodejs/node/commit/7a55e34ef4)]
    [#10467](https://github.com/nodejs/node/pull/10467).
  * The deprecated `fs.read()` string interface has been removed
    [[`3c2a9361ff`](https://github.com/nodejs/node/commit/3c2a9361ff)]
    [#9683](https://github.com/nodejs/node/pull/9683).

* **HTTP**
  * Improved support for userland implemented Agents
    [[`90403dd1d0`](https://github.com/nodejs/node/commit/90403dd1d0)]
    [#11567](https://github.com/nodejs/node/pull/11567).
  * Outgoing Cookie headers are concatenated into a single string
    [[`d3480776c7`](https://github.com/nodejs/node/commit/d3480776c7)]
    [#11259](https://github.com/nodejs/node/pull/11259).
  * The `httpResponse.writeHeader()` method has been deprecated
    [[`fb71ba4921`](https://github.com/nodejs/node/commit/fb71ba4921)]
    [#11355](https://github.com/nodejs/node/pull/11355).
  * New methods for accessing HTTP headers have been added to `OutgoingMessage`
    [[`3e6f1032a4`](https://github.com/nodejs/node/commit/3e6f1032a4)]
    [#10805](https://github.com/nodejs/node/pull/10805).

* **Lib**
  * All deprecation messages have been assigned static identifiers
    [[`5de3cf099c`](https://github.com/nodejs/node/commit/5de3cf099c)]
    [#10116](https://github.com/nodejs/node/pull/10116).
  * The legacy `linkedlist` module has been removed
    [[`84a23391f6`](https://github.com/nodejs/node/commit/84a23391f6)]
    [#12113](https://github.com/nodejs/node/pull/12113).

* **N-API**
  * Experimental support for the new N-API API has been added
    [[`56e881d0b0`](https://github.com/nodejs/node/commit/56e881d0b0)]
    [#11975](https://github.com/nodejs/node/pull/11975).

* **Process**
  * Process warning output can be redirected to a file using the
    `--redirect-warnings` command-line argument
    [[`03e89b3ff2`](https://github.com/nodejs/node/commit/03e89b3ff2)]
    [#10116](https://github.com/nodejs/node/pull/10116).
  * Process warnings may now include additional detail
    [[`dd20e68b0f`](https://github.com/nodejs/node/commit/dd20e68b0f)]
    [#12725](https://github.com/nodejs/node/pull/12725).

* **REPL**
  * REPL magic mode has been deprecated
    [[`3f27f02da0`](https://github.com/nodejs/node/commit/3f27f02da0)]
    [#11599](https://github.com/nodejs/node/pull/11599).

* **Src**
  * `NODE_MODULE_VERSION` has been updated to 57
    (https://github.com/nodejs/node/commit/ec7cbaf266)]
    [#12995](https://github.com/nodejs/node/pull/12995).
  * Add `--pending-deprecation` command-line argument and
    `NODE_PENDING_DEPRECATION` environment variable
    [[`a16b570f8c`](https://github.com/nodejs/node/commit/a16b570f8c)]
    [#11968](https://github.com/nodejs/node/pull/11968).
  * The `--debug` command-line argument has been deprecated. Note that
    using `--debug` will enable the *new* Inspector-based debug protocol
    as the legacy Debugger protocol previously used by Node.js has been
    removed. [[`010f864426`](https://github.com/nodejs/node/commit/010f864426)]
    [#12949](https://github.com/nodejs/node/pull/12949).
  * Throw when the `-c` and `-e` command-line arguments are used at the same
    time [[`a5f91ab230`](https://github.com/nodejs/node/commit/a5f91ab230)]
    [#11689](https://github.com/nodejs/node/pull/11689).
  * Throw when the `--use-bundled-ca` and `--use-openssl-ca` command-line
    arguments are used at the same time.
    [[`8a7db9d4b5`](https://github.com/nodejs/node/commit/8a7db9d4b5)]
    [#12087](https://github.com/nodejs/node/pull/12087).

* **Stream**
  * `Stream` now supports `destroy()` and `_destroy()` APIs
    [[`b6e1d22fa6`](https://github.com/nodejs/node/commit/b6e1d22fa6)]
    [#12925](https://github.com/nodejs/node/pull/12925).
  * `Stream` now supports the `_final()` API
    [[`07c7f198db`](https://github.com/nodejs/node/commit/07c7f198db)]
    [#12828](https://github.com/nodejs/node/pull/12828).

* **TLS**
  * The `rejectUnauthorized` option now defaults to `true`
    [[`348cc80a3c`](https://github.com/nodejs/node/commit/348cc80a3c)]
    [#5923](https://github.com/nodejs/node/pull/5923).
  * The `tls.createSecurePair()` API now emits a runtime deprecation
    [[`a2ae08999b`](https://github.com/nodejs/node/commit/a2ae08999b)]
    [#11349](https://github.com/nodejs/node/pull/11349).
  * A runtime deprecation will now be emitted when `dhparam` is less than
    2048 bits [[`d523eb9c40`](https://github.com/nodejs/node/commit/d523eb9c40)]
    [#11447](https://github.com/nodejs/node/pull/11447).

* **URL**
  * The WHATWG URL implementation is now a fully-supported Node.js API
    [[`d080ead0f9`](https://github.com/nodejs/node/commit/d080ead0f9)]
    [#12710](https://github.com/nodejs/node/pull/12710).

* **Util**
  * `Symbol` keys are now displayed by default when using `util.inspect()`
    [[`5bfd13b81e`](https://github.com/nodejs/node/commit/5bfd13b81e)]
    [#9726](https://github.com/nodejs/node/pull/9726).
  * `toJSON` errors will be thrown when formatting `%j`
    [[`455e6f1dd8`](https://github.com/nodejs/node/commit/455e6f1dd8)]
    [#11708](https://github.com/nodejs/node/pull/11708).
  * Convert `inspect.styles` and `inspect.colors` to prototype-less objects
    [[`aab0d202f8`](https://github.com/nodejs/node/commit/aab0d202f8)]
    [#11624](https://github.com/nodejs/node/pull/11624).
  * The new `util.promisify()` API has been added
    [[`99da8e8e02`](https://github.com/nodejs/node/commit/99da8e8e02)]
    [#12442](https://github.com/nodejs/node/pull/12442).

* **Zlib**
  * Support `Uint8Array` in Zlib convenience methods
    [[`91383e47fd`](https://github.com/nodejs/node/commit/91383e47fd)]
    [#12001](https://github.com/nodejs/node/pull/12001).
  * Zlib errors now use `RangeError` and `TypeError` consistently
    [[`b514bd231e`](https://github.com/nodejs/node/commit/b514bd231e)]
    [#11391](https://github.com/nodejs/node/pull/11391).
2017-05-30 10:58:31 -07:00
Michael Dawson
5b50501395 doc: make spelling of behavior consistent
In the api docs there were some instances of behaviour
and many more with behavior.  I was asked as part of a review
on a different PR which one to use and went with behavior
to be consistent with the majority.

Our style guide states that American English spelling is preferred.

PR-URL: https://github.com/nodejs/node/pull/13245
Reviewed-By: Alexey Orlenko <eaglexrlnk@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Michaël Zasso <targos@protonmail.com>
Reviewed-By: Kunal Pathak <kunal.pathak@microsoft.com>
2017-05-28 10:54:10 +02:00
Alexey Orlenko
2af49b6c89 doc: make the style of notes consistent
Make the style of "Note:" paragraphs consistent and document the
guidelines in `doc/STYLE_GUIDE.md`.

PR-URL: https://github.com/nodejs/node/pull/13133
Fixes: https://github.com/nodejs/node/issues/13131
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Daijiro Wachi <daijiro.wachi@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
2017-05-25 18:49:41 -04:00
Fedor Indutny
e600fbe576 tls: accept lookup option for tls.connect()
`net.connect()` and consequently `http.Agent` support custom DNS
`lookup` option. However, as we move to `https.Agent` - this option no
longer works because it is not proxied by `tls.connect`.

Fix this inconsistency by passing it down to `net.connect`.

PR-URL: https://github.com/nodejs/node/pull/12839
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2017-05-15 17:25:44 -04:00
Sam Roberts
ea1b8a5cbc doc: sort bottom-of-file markdown links
PR-URL: https://github.com/nodejs/node/pull/12726
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
2017-05-08 09:30:55 -07:00
Vse Mozhet Byt
b6d293d215 doc: prepare js code for eslint-plugin-markdown
This is an initial step to eliminate most of parsing errors.

PR-URL: https://github.com/nodejs/node/pull/12563
Refs: https://github.com/nodejs/node/pull/12557#issuecomment-296015032
Reviewed-By: Teddy Katz <teddy.katz@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Timothy Gu <timothygu99@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Yuta Hiroto <hello@about-hiroppy.com>
2017-04-25 00:05:33 +03:00
Anna Henningsen
c3efe72669
tls: support Uint8Arrays for protocol list buffers
PR-URL: https://github.com/nodejs/node/pull/11984
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2017-03-27 02:08:49 +02:00
ghaiklor
348cc80a3c tls: make rejectUnauthorized default to true
rejectUnauthorized used to be false when the property was undefined or
null, quietly allowing client connections for which certificates have
been requested (requestCert is true) even when the client certificate
was not authorized (signed by a trusted CA). Change this so
rejectUnauthorized is always true unless it is explicitly set to false.

PR-URL: https://github.com/nodejs/node/pull/5923
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
2017-03-23 13:27:56 -07:00
Anna Henningsen
0dc6ff70d2
doc: add changelogs for tls
PR-URL: https://github.com/nodejs/node/pull/11489
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
2017-02-24 02:06:31 +01:00
Vse Mozhet Byt
52b253677a doc: fix sorting in API references
PR-URL: https://github.com/nodejs/node/pull/11331
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Sam Roberts <vieuxtech@gmail.com>
2017-02-20 13:11:11 -08:00
Sam Roberts
4e6efc1dec tls: new tls.TLSSocket() supports sec ctx options
Add support to new tls.TLSSocket() to create a SecureContext object with
all its supported options, in the same way they are supported for all
the other APIs that need SecureContext objects.

Fix: https://github.com/nodejs/node/issues/10538
PR-URL: https://github.com/nodejs/node/pull/11005
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
2017-02-20 08:01:07 -08:00
Sam Roberts
124d155f5e doc: DEFAULT_ECDH_CURVE was added in 0.11.13
Document this with the YAML meta-data.

PR-URL: https://github.com/nodejs/node/pull/10983
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2017-01-25 09:32:13 -08:00
Sam Roberts
84a23c7205 doc,test: tls .ca option supports multi-PEM files
PR-URL: https://github.com/nodejs/node/pull/10389
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
2017-01-12 11:10:46 -08:00
Sam Roberts
f9665280a4 doc: use correct tls certificate property name
Docs referred to an `issuer` property being optionally present, when it
should have referred to the `issuerCertificate` property.

PR-URL: https://github.com/nodejs/node/pull/10389
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Gibson Fahnestock <gibfahn@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
2017-01-12 11:10:32 -08:00
Sam Roberts
c1b12a2896 doc: new TLSSocket has no secure context options
Unlike all the other tls APIs, if any secure context configuration is
required, the caller is responsible for creating the context.

Corrects a doc regression introduced in caa7fa982a.

PR-URL: https://github.com/nodejs/node/pull/10545
Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
2017-01-06 09:46:52 -08:00
Sam Roberts
97ab4b2998 doc: add tls.DEFAULT_ECDH_CURVE
A user can change the default curve for ECDH key agreement by
using tls.DEFAULT_ECDH_CURVE.

PR-URL: https://github.com/nodejs/node/pull/10264
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Shigeki Ohtsu <ohtsu@iij.ad.jp>
2016-12-27 13:56:51 -08:00
Sam Roberts
7b924f1713 doc: fix typo in ecdhCurve, a tls property name
Addresses comment after PR #6933 merged.

https://github.com/nodejs/node/pull/6933#pullrequestreview-13318708

PR-URL: https://github.com/nodejs/node/pull/10345
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Italo A. Casas <me@italoacasas.com>
2016-12-20 06:29:37 -08:00
Sam Roberts
0b44384561 tls: allow obvious key/passphrase combinations
Passphrase is now used whether keys are provided singly, in an array of
string/buffer, or an array of object, where it used to be ignored in
some argument combinations. Specifically, these now work as expected:

  key: [encryptedPem],
  passphrase: 'passphrase'

and

  key: [{pem: encryptedPem}]
  passphrase: 'passphrase'

and

  key: [{pem: unencryptedPem}]

PR-URL: https://github.com/nodejs/node/pull/10294
Reviewed-By: Fedor Indutny <fedor.indutny@gmail.com>
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
2016-12-19 13:42:56 -08:00
Sam Roberts
caa7fa982a doc: rework tls for accuracy and clarity
Document all TLSSocket options:

- All the secure context options are valid options
  to a secureContext
- isServer modifies the default value of requestCert

Describe all tls.connect() variants:

- tls.connect(path) was undocumented
- tls.connect(port) was underdocumented, and its relationship to
  tls.connect(options) was obscure

Socket passed to tls.connect is user managed:

- Replace https://github.com/nodejs/node/pull/8996

Add documentation to:

- describe and add tests for the pfx and key variants, and describe how
  and when passphrase is used.
- describe tls cert and ca options
- describe buffer forms of tls crl option
- describe tls cipher option and defaults
- fix link to Crypto Constants
- describe that honorCipherOrder sets SSL_OP_CIPHER_SERVER_PREFERENCE.
- describe tls ecdhCurve/dhparam options
- describe tls secureProtocol option
- describe tls secureOptions
- describe tls sessionIdContext

De-deduplicate secure context docs:

The secure context options were documented 4 times, making it difficult
to understand where the options come from, where they are supported,
and under what conditions they are used.

The multiple copies were inconsistent and contradictory in their
descriptions of the options, and also inconsistent in whether the
options would be documented at all.

Cut through this gordian knot by linking all APIs that use the
secureContext options to the single source of truth about the options.

PR-URL: https://github.com/nodejs/node/pull/9800
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
2016-12-12 08:15:58 -08:00