development/deno
development/deno
1
0
Fork 0
mirror of https://github.com/denoland/deno synced 2024-08-27 12:00:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

refactor: set removal version for Deno.ListenTlsOptions.certFile, Deno.ListenTlsOptions.keyFile and Deno.ConnectTlsOptions.certFile (#22026)

Browse source 
This change:
1. Sets the removal version for `Deno.ListenTlsOptions.certFile`,
`Deno.ListenTlsOptions.keyFile` and `Deno.ConnectTlsOptions.certFile`
for Deno v2, in favour of the `cert`, `key` and `caCerts` options,
respectively.
2. Replaces use of the deprecated options with the new recommended
options.

Towards #22021
This commit is contained in:
Asher Gomez 2024-01-24 03:35:23 +11:00 committed by GitHub
parent b0febea47f
commit 18a235e608
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 64 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
cli/tests/testdata/cert/listen_tls_alpn.ts vendored
View file

@ -1,7 +1,7 @@
const listener = Deno.listenTls({
port: Number(Deno.args[0]),
certFile: "./tls/localhost.crt",
keyFile: "./tls/localhost.key",
cert: Deno.readTextFileSync("./tls/localhost.crt"),
key: Deno.readTextFileSync("./tls/localhost.key"),
alpnProtocols: ["h2", "http/1.1", "foobar"],
});

4
cli/tests/testdata/cert/listen_tls_alpn_fail.ts vendored
View file

@ -2,8 +2,8 @@ import { assertRejects } from "../../../../test_util/std/assert/mod.ts";
const listener = Deno.listenTls({
port: Number(Deno.args[0]),
certFile: "./tls/localhost.crt",
keyFile: "./tls/localhost.key",
cert: Deno.readTextFileSync("./tls/localhost.crt"),
key: Deno.readTextFileSync("./tls/localhost.key"),
alpnProtocols: ["h2", "http/1.1", "foobar"],
});

4
cli/tests/testdata/run/tls_connecttls.js vendored
View file

@ -12,8 +12,8 @@ const port = 3505;
const listener = Deno.listenTls({
hostname,
port,
certFile: "./tls/localhost.crt",
keyFile: "./tls/localhost.key",
cert: Deno.readTextFileSync("./tls/localhost.crt"),
key: Deno.readTextFileSync("./tls/localhost.key"),
});
const response = encoder.encode(

4
cli/tests/testdata/run/tls_starttls.js vendored
View file

@ -13,8 +13,8 @@ const port = 3504;
const listener = Deno.listenTls({
hostname,
port,
certFile: "./tls/localhost.crt",
keyFile: "./tls/localhost.key",
cert: Deno.readTextFileSync("./tls/localhost.crt"),
key: Deno.readTextFileSync("./tls/localhost.key"),
});
const response = encoder.encode(

12
cli/tests/unit/http_test.ts
View file

@ -326,8 +326,8 @@ Deno.test(
const listener = Deno.listenTls({
hostname,
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.crt"),
key: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.key"),
});
const conn = await listener.accept();
const httpConn = Deno.serveHttp(conn);
@ -2294,8 +2294,8 @@ Deno.test(
const listener = Deno.listenTls({
hostname,
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
});
const caCerts = [
@ -2600,8 +2600,8 @@ for (const compression of [true, false]) {
const listener = Deno.listenTls({
hostname,
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
alpnProtocols: ["h2"],
});
const server = httpServerWithErrorBody(listener, compression);

28
cli/tests/unit/tls_test.ts
View file

@ -183,8 +183,8 @@ Deno.test(
const listener = Deno.listenTls({
hostname,
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
});
const response = encoder.encode(
@ -296,8 +296,8 @@ async function tlsPair(): Promise<[Deno.Conn, Deno.Conn]> {
const listener = Deno.listenTls({
hostname: "localhost",
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
});
const acceptPromise = listener.accept();
@ -320,8 +320,8 @@ async function tlsAlpn(
const listener = Deno.listenTls({
hostname: "localhost",
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
alpnProtocols: ["deno", "rocks"],
});
@ -725,8 +725,8 @@ async function tlsWithTcpFailureTestImpl(
const tlsListener = Deno.listenTls({
hostname: "localhost",
port: tlsPort,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
});
const tcpPort = getPort();
@ -1019,8 +1019,8 @@ function createHttpsListener(port: number): Deno.Listener {
const listener = Deno.listenTls({
hostname: "localhost",
port,
certFile: "./cli/tests/testdata/tls/localhost.crt",
keyFile: "./cli/tests/testdata/tls/localhost.key",
cert: Deno.readTextFileSync("./cli/tests/testdata/tls/localhost.crt"),
key: Deno.readTextFileSync("./cli/tests/testdata/tls/localhost.key"),
});
serve(listener);
@ -1285,8 +1285,8 @@ Deno.test(
const listener = Deno.listenTls({
hostname,
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
});
const acceptPromise = listener.accept();
const connectPromise = Deno.connectTls({
@ -1354,8 +1354,8 @@ Deno.test(
const listener = Deno.listenTls({
hostname,
port,
certFile: "cli/tests/testdata/tls/localhost.crt",
keyFile: "cli/tests/testdata/tls/localhost.key",
cert: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.crt"),
key: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.key"),
});
for await (const conn of listener) {
for (let i = 0; i < 10; i++) {

23
ext/net/02_tls.js
View file

@ -1,6 +1,6 @@
// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
import { core, primordials } from "ext:core/mod.js";
import { core, internals, primordials } from "ext:core/mod.js";
const {
op_net_accept_tls,
op_net_connect_tls,
@ -39,6 +39,13 @@ async function connectTls({
privateKey = undefined,
alpnProtocols = undefined,
}) {
if (certFile !== undefined) {
internals.warnOnDeprecatedApi(
"Deno.ConnectTlsOptions.certFile",
new Error().stack,
"Pass the cert file contents to the `Deno.ConnectTlsOptions.certChain` option instead.",
);
}
if (transport !== "tcp") {
throw new TypeError(`Unsupported transport: '${transport}'`);
}
@ -76,6 +83,20 @@ function listenTls({
if (transport !== "tcp") {
throw new TypeError(`Unsupported transport: '${transport}'`);
}
if (keyFile !== undefined) {
internals.warnOnDeprecatedApi(
"Deno.ListenTlsOptions.keyFile",
new Error().stack,
"Pass the key file contents to the `Deno.ListenTlsOptions.key` option instead.",
);
}
if (certFile !== undefined) {
internals.warnOnDeprecatedApi(
"Deno.ListenTlsOptions.certFile",
new Error().stack,
"Pass the cert file contents to the `Deno.ListenTlsOptions.cert` option instead.",
);
}
const { 0: rid, 1: localAddr } = op_net_listen_tls(
{ hostname, port: Number(port) },
{ cert, certFile, key, keyFile, alpnProtocols, reusePort },

19
ext/net/lib.deno_net.d.ts vendored
View file

@ -174,13 +174,17 @@ declare namespace Deno {
* `--allow-read`.
*
* @tags allow-read
* @deprecated This option is deprecated and will be removed in Deno 2.0.
* @deprecated Pass the certificate file contents directly to the
* {@linkcode Deno.ListenTlsOptions.cert} option instead. This option will
* be removed in Deno 2.0.
*/
certFile?: string;
/** Server private key file. Requires `--allow-read`.
*
* @tags allow-read
* @deprecated This option is deprecated and will be removed in Deno 2.0.
* @deprecated Pass the key file contents directly to the
* {@linkcode Deno.ListenTlsOptions.key} option instead. This option will
* be removed in Deno 2.0.
*/
keyFile?: string;
@ -197,7 +201,11 @@ declare namespace Deno {
* security).
*
* ```ts
* const lstnr = Deno.listenTls({ port: 443, certFile: "./server.crt", keyFile: "./server.key" });
* using listener = Deno.listenTls({
* port: 443,
* cert: Deno.readTextFileSync("./server.crt"),
* key: Deno.readTextFileSync("./server.key"),
* });
* ```
*
* Requires `allow-net` permission.
@ -289,8 +297,9 @@ declare namespace Deno {
/**
* Server certificate file.
*
* @deprecated This option is deprecated and will be removed in a future
* release.
* @deprecated Pass the cert file contents directly to the
* {@linkcode Deno.ConnectTlsOptions.caCerts} option instead. This option
* will be removed in Deno 2.0.
*/
certFile?: string;
/** A list of root certificates that will be used in addition to the