feat: stabilize Deno.connectTls options and Deno.TlsConn.handshake (#21889)

2024-08-27 12:00:17 +00:00 · 2024-01-14 18:06:26 +01:00 · 2024-01-14 18:06:26 +01:00 · f3bb0a1a0e
parent c2127a86cb
commit f3bb0a1a0e
3 changed files with 11 additions and 73 deletions
--- a/cli/tsc/dts/lib.deno.unstable.d.ts
+++ b/cli/tsc/dts/lib.deno.unstable.d.ts
@ -1173,70 +1173,6 @@ declare namespace Deno {
   */
  export function connect(options: UnixConnectOptions): Promise<UnixConn>;

-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * @category Network
-   */
-  export interface ConnectTlsOptions {
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * PEM formatted client certificate chain.
-     */
-    certChain?: string;
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * PEM formatted (RSA or PKCS8) private key of client certificate.
-     */
-    privateKey?: string;
-  }
-
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * @category Network
-   */
-  export interface TlsHandshakeInfo {
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * Contains the ALPN protocol selected during negotiation with the server.
-     * If no ALPN protocol selected, returns `null`.
-     */
-    alpnProtocol: string | null;
-  }
-
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * @category Network
-   */
-  export interface TlsConn extends Conn {
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * Runs the client or server handshake protocol to completion if that has
-     * not happened yet. Calling this method is optional; the TLS handshake
-     * will be completed automatically as soon as data is sent or received.
-     */
-    handshake(): Promise<TlsHandshakeInfo>;
-  }
-
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * Create a TLS connection with an attached client certificate.
-   *
-   * ```ts
-   * const conn = await Deno.connectTls({
-   *   hostname: "deno.land",
-   *   port: 443,
-   *   certChain: "---- BEGIN CERTIFICATE ----\n ...",
-   *   privateKey: "---- BEGIN PRIVATE KEY ----\n ...",
-   * });
-   * ```
-   *
-   * Requires `allow-net` permission.
-   *
-   * @tags allow-net
-   * @category Network
-   */
-  export function connectTls(options: ConnectTlsOptions): Promise<TlsConn>;
-
  /** **UNSTABLE**: New API, yet to be vetted.
   *
   * Acquire an advisory file-system lock for the provided file.
--- a/ext/net/lib.deno_net.d.ts
+++ b/ext/net/lib.deno_net.d.ts
@ -84,8 +84,13 @@ declare namespace Deno {
  }

  /** @category Network */
-  // deno-lint-ignore no-empty-interface
-  export interface TlsHandshakeInfo {}
+  export interface TlsHandshakeInfo {
+    /**
+     * Contains the ALPN protocol selected during negotiation with the server.
+     * If no ALPN protocol selected, returns `null`.
+     */
+    alpnProtocol: string | null;
+  }

  /** @category Network */
  export interface TlsConn extends Conn {
@ -247,6 +252,10 @@ declare namespace Deno {
     * TLS handshake.
     */
    alpnProtocols?: string[];
+    /** PEM formatted client certificate chain. */
+    certChain?: string;
+    /** PEM formatted (RSA or PKCS8) private key of client certificate.  */
+    privateKey?: string;
  }

  /** Establishes a secure connection over TLS (transport layer security) using
--- a/ext/net/ops_tls.rs
+++ b/ext/net/ops_tls.rs
@ -261,13 +261,6 @@ where
    .try_borrow::<UnsafelyIgnoreCertificateErrors>()
    .and_then(|it| it.0.clone());

-  if args.cert_chain.is_some() {
-    super::check_unstable(&state.borrow(), "ConnectTlsOptions.certChain");
-  }
-  if args.private_key.is_some() {
-    super::check_unstable(&state.borrow(), "ConnectTlsOptions.privateKey");
-  }
-
  {
    let mut s = state.borrow_mut();
    let permissions = s.borrow_mut::<NP>();