foster/deno
0
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-03-03 17:34:47 -05:00
Code Issues Packages 1 Wiki Activity

refactor: set removal version for Deno.ListenTlsOptions.certFile, Deno.ListenTlsOptions.keyFile and Deno.ConnectTlsOptions.certFile (#22026)

Browse source 
This change:
1. Sets the removal version for `Deno.ListenTlsOptions.certFile`,
`Deno.ListenTlsOptions.keyFile` and `Deno.ConnectTlsOptions.certFile`
for Deno v2, in favour of the `cert`, `key` and `caCerts` options,
respectively.
2. Replaces use of the deprecated options with the new recommended
options.

Towards #22021
This commit is contained in:
Asher Gomez 2024-01-24 03:35:23 +11:00 committed by GitHub
parent b0febea47f
commit 18a235e608
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 64 additions and 34 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
cli/tests/testdata/cert/listen_tls_alpn.ts vendored
View file

@ -1,7 +1,7 @@
const listener = Deno.listenTls({ const listener = Deno.listenTls({
port: Number(Deno.args[0]), port: Number(Deno.args[0]),
certFile: "./tls/localhost.crt", cert: Deno.readTextFileSync("./tls/localhost.crt"),
keyFile: "./tls/localhost.key", key: Deno.readTextFileSync("./tls/localhost.key"),
alpnProtocols: ["h2", "http/1.1", "foobar"], alpnProtocols: ["h2", "http/1.1", "foobar"],
}); });

4
cli/tests/testdata/cert/listen_tls_alpn_fail.ts vendored
View file

@ -2,8 +2,8 @@ import { assertRejects } from "../../../../test_util/std/assert/mod.ts";
const listener = Deno.listenTls({ const listener = Deno.listenTls({
port: Number(Deno.args[0]), port: Number(Deno.args[0]),
certFile: "./tls/localhost.crt", cert: Deno.readTextFileSync("./tls/localhost.crt"),
keyFile: "./tls/localhost.key", key: Deno.readTextFileSync("./tls/localhost.key"),
alpnProtocols: ["h2", "http/1.1", "foobar"], alpnProtocols: ["h2", "http/1.1", "foobar"],
}); });

4
cli/tests/testdata/run/tls_connecttls.js vendored
View file

@ -12,8 +12,8 @@ const port = 3505;
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "./tls/localhost.crt", cert: Deno.readTextFileSync("./tls/localhost.crt"),
keyFile: "./tls/localhost.key", key: Deno.readTextFileSync("./tls/localhost.key"),
}); });
const response = encoder.encode( const response = encoder.encode(

4
cli/tests/testdata/run/tls_starttls.js vendored
View file

@ -13,8 +13,8 @@ const port = 3504;
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "./tls/localhost.crt", cert: Deno.readTextFileSync("./tls/localhost.crt"),
keyFile: "./tls/localhost.key", key: Deno.readTextFileSync("./tls/localhost.key"),
}); });
const response = encoder.encode( const response = encoder.encode(

12
cli/tests/unit/http_test.ts
View file

@ -326,8 +326,8 @@ Deno.test(
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.key"),
}); });
const conn = await listener.accept(); const conn = await listener.accept();
const httpConn = Deno.serveHttp(conn); const httpConn = Deno.serveHttp(conn);
@ -2294,8 +2294,8 @@ Deno.test(
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
}); });
const caCerts = [ const caCerts = [
@ -2600,8 +2600,8 @@ for (const compression of [true, false]) {
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
alpnProtocols: ["h2"], alpnProtocols: ["h2"],
}); });
const server = httpServerWithErrorBody(listener, compression); const server = httpServerWithErrorBody(listener, compression);

28
cli/tests/unit/tls_test.ts
View file

@ -183,8 +183,8 @@ Deno.test(
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
}); });
const response = encoder.encode( const response = encoder.encode(
@ -296,8 +296,8 @@ async function tlsPair(): Promise<[Deno.Conn, Deno.Conn]> {
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname: "localhost", hostname: "localhost",
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
}); });
const acceptPromise = listener.accept(); const acceptPromise = listener.accept();
@ -320,8 +320,8 @@ async function tlsAlpn(
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname: "localhost", hostname: "localhost",
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
alpnProtocols: ["deno", "rocks"], alpnProtocols: ["deno", "rocks"],
}); });
@ -725,8 +725,8 @@ async function tlsWithTcpFailureTestImpl(
const tlsListener = Deno.listenTls({ const tlsListener = Deno.listenTls({
hostname: "localhost", hostname: "localhost",
port: tlsPort, port: tlsPort,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
}); });
const tcpPort = getPort(); const tcpPort = getPort();
@ -1019,8 +1019,8 @@ function createHttpsListener(port: number): Deno.Listener {
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname: "localhost", hostname: "localhost",
port, port,
certFile: "./cli/tests/testdata/tls/localhost.crt", cert: Deno.readTextFileSync("./cli/tests/testdata/tls/localhost.crt"),
keyFile: "./cli/tests/testdata/tls/localhost.key", key: Deno.readTextFileSync("./cli/tests/testdata/tls/localhost.key"),
}); });
serve(listener); serve(listener);
@ -1285,8 +1285,8 @@ Deno.test(
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: await Deno.readTextFile("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: await Deno.readTextFile("cli/tests/testdata/tls/localhost.key"),
}); });
const acceptPromise = listener.accept(); const acceptPromise = listener.accept();
const connectPromise = Deno.connectTls({ const connectPromise = Deno.connectTls({
@ -1354,8 +1354,8 @@ Deno.test(
const listener = Deno.listenTls({ const listener = Deno.listenTls({
hostname, hostname,
port, port,
certFile: "cli/tests/testdata/tls/localhost.crt", cert: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.crt"),
keyFile: "cli/tests/testdata/tls/localhost.key", key: Deno.readTextFileSync("cli/tests/testdata/tls/localhost.key"),
}); });
for await (const conn of listener) { for await (const conn of listener) {
for (let i = 0; i < 10; i++) { for (let i = 0; i < 10; i++) {

23
ext/net/02_tls.js
View file

@ -1,6 +1,6 @@
// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license. // Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.
import { core, primordials } from "ext:core/mod.js"; import { core, internals, primordials } from "ext:core/mod.js";
const { const {
op_net_accept_tls, op_net_accept_tls,
op_net_connect_tls, op_net_connect_tls,
@ -39,6 +39,13 @@ async function connectTls({
privateKey = undefined, privateKey = undefined,
alpnProtocols = undefined, alpnProtocols = undefined,
}) { }) {
if (certFile !== undefined) {
internals.warnOnDeprecatedApi(
"Deno.ConnectTlsOptions.certFile",
new Error().stack,
"Pass the cert file contents to the `Deno.ConnectTlsOptions.certChain` option instead.",
);
}
if (transport !== "tcp") { if (transport !== "tcp") {
throw new TypeError(`Unsupported transport: '${transport}'`); throw new TypeError(`Unsupported transport: '${transport}'`);
} }
@ -76,6 +83,20 @@ function listenTls({
if (transport !== "tcp") { if (transport !== "tcp") {
throw new TypeError(`Unsupported transport: '${transport}'`); throw new TypeError(`Unsupported transport: '${transport}'`);
} }
if (keyFile !== undefined) {
internals.warnOnDeprecatedApi(
"Deno.ListenTlsOptions.keyFile",
new Error().stack,
"Pass the key file contents to the `Deno.ListenTlsOptions.key` option instead.",
);
}
if (certFile !== undefined) {
internals.warnOnDeprecatedApi(
"Deno.ListenTlsOptions.certFile",
new Error().stack,
"Pass the cert file contents to the `Deno.ListenTlsOptions.cert` option instead.",
);
}
const { 0: rid, 1: localAddr } = op_net_listen_tls( const { 0: rid, 1: localAddr } = op_net_listen_tls(
{ hostname, port: Number(port) }, { hostname, port: Number(port) },
{ cert, certFile, key, keyFile, alpnProtocols, reusePort }, { cert, certFile, key, keyFile, alpnProtocols, reusePort },

19
ext/net/lib.deno_net.d.ts vendored
View file

@ -174,13 +174,17 @@ declare namespace Deno {
* `--allow-read`. * `--allow-read`.
* *
* @tags allow-read * @tags allow-read
* @deprecated This option is deprecated and will be removed in Deno 2.0. * @deprecated Pass the certificate file contents directly to the
* {@linkcode Deno.ListenTlsOptions.cert} option instead. This option will
* be removed in Deno 2.0.
*/ */
certFile?: string; certFile?: string;
/** Server private key file. Requires `--allow-read`. /** Server private key file. Requires `--allow-read`.
* *
* @tags allow-read * @tags allow-read
* @deprecated This option is deprecated and will be removed in Deno 2.0. * @deprecated Pass the key file contents directly to the
* {@linkcode Deno.ListenTlsOptions.key} option instead. This option will
* be removed in Deno 2.0.
*/ */
keyFile?: string; keyFile?: string;
@ -197,7 +201,11 @@ declare namespace Deno {
* security). * security).
* *
* ```ts * ```ts
* const lstnr = Deno.listenTls({ port: 443, certFile: "./server.crt", keyFile: "./server.key" }); * using listener = Deno.listenTls({
* port: 443,
* cert: Deno.readTextFileSync("./server.crt"),
* key: Deno.readTextFileSync("./server.key"),
* });
* ``` * ```
* *
* Requires `allow-net` permission. * Requires `allow-net` permission.
@ -289,8 +297,9 @@ declare namespace Deno {
/** /**
* Server certificate file. * Server certificate file.
* *
* @deprecated This option is deprecated and will be removed in a future * @deprecated Pass the cert file contents directly to the
* release. * {@linkcode Deno.ConnectTlsOptions.caCerts} option instead. This option
* will be removed in Deno 2.0.
*/ */
certFile?: string; certFile?: string;
/** A list of root certificates that will be used in addition to the /** A list of root certificates that will be used in addition to the