Skip to content

Commit

Permalink
tls: doc-only deprecate new TLSSocket constructor
Browse files Browse the repository at this point in the history
Fixes: nodejs#10555
Refs: nodejs#10846

The `new tls.TLSSocket()` constructor does not set up all of the
necessary lifecycle management or event handlers necessary for
proper use. The `tls.connect()` method really should be the way
that all `tls.TLSSocket()` instances are created. This commit
begins the eventual phasing out of the `new tls.TLSSocket()`
constructor with a doc-only deprecation.

Signed-off-by: James M Snell <jasnell@gmail.com>
  • Loading branch information
jasnell committed Dec 31, 2020
1 parent 51b4367 commit d7e5b45
Show file tree
Hide file tree
Showing 2 changed files with 25 additions and 6 deletions.
17 changes: 15 additions & 2 deletions doc/api/deprecations.md
Original file line number Diff line number Diff line change
Expand Up @@ -881,7 +881,7 @@ changes:
Type: End-of-Life

The [`tls.CryptoStream`][] class was removed. Please use
[`tls.TLSSocket`][] instead.
[`tls.connect()`][] instead.

### DEP0043: `tls.SecurePair`
<!-- YAML
Expand All @@ -908,7 +908,7 @@ changes:
Type: Documentation-only

The [`tls.SecurePair`][] class is deprecated. Please use
[`tls.TLSSocket`][] instead.
[`tls.connect()`][] instead.

### DEP0044: `util.isArray()`
<!-- YAML
Expand Down Expand Up @@ -2699,6 +2699,18 @@ resolutions not in `node_modules`. This means there will not be deprecation
warnings for `"exports"` in dependencies. With `--pending-deprecation`, a
runtime warning results no matter where the `"exports"` usage occurs.

### DEP0XXX: `new tls.TLSSocket(socket[, options])`
<!-- YAML
added: REPLACEME
-->

Type: Documentation-only

The preferred method for creating [`tls.TLSSocket`][] instances is to use the
[`tls.connect()`][] API. While using `new tls.TLSSocket()` will create the
socket, the various mechanisms for managing the lifetime of the underlying
socket and for validating the peer certificate and identity are not configured.

[Legacy URL API]: url.md#url_legacy_url_api
[NIST SP 800-38D]: https://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-38d.pdf
[RFC 6066]: https://tools.ietf.org/html/rfc6066#section-3
Expand Down Expand Up @@ -2787,6 +2799,7 @@ runtime warning results no matter where the `"exports"` usage occurs.
[`tls.SecurePair`]: tls.md#tls_class_tls_securepair
[`tls.TLSSocket`]: tls.md#tls_class_tls_tlssocket
[`tls.checkServerIdentity()`]: tls.md#tls_tls_checkserveridentity_hostname_cert
[`tls.connect()`]: tls.md#tls_tls_connect_options_callback
[`tls.createSecureContext()`]: tls.md#tls_tls_createsecurecontext_options
[`url.format()`]: url.md#url_url_format_urlobject
[`url.parse()`]: url.md#url_url_parse_urlstring_parsequerystring_slashesdenotehost
Expand Down
14 changes: 10 additions & 4 deletions doc/api/tls.md
Original file line number Diff line number Diff line change
Expand Up @@ -376,7 +376,7 @@ added: v0.3.4
deprecated: v0.11.3
-->

> Stability: 0 - Deprecated: Use [`tls.TLSSocket`][] instead.
> Stability: 0 - Deprecated: Use [`tls.connect()`][] instead.
The `tls.CryptoStream` class represents a stream of encrypted data. This class
is deprecated and should no longer be used.
Expand All @@ -397,7 +397,7 @@ added: v0.3.2
deprecated: v0.11.3
-->

> Stability: 0 - Deprecated: Use [`tls.TLSSocket`][] instead.
> Stability: 0 - Deprecated: Use [`tls.connect()`][] instead.
Returned by [`tls.createSecurePair()`][].

Expand Down Expand Up @@ -714,6 +714,10 @@ connection is open.
<!-- YAML
added: v0.11.4
changes:
- version: REPLACEME
pr-url: REPLACEME
description: The new tls.TLSSocket() constructor is deprecated
in docs only.
- version: v12.2.0
pr-url: https://github.com/nodejs/node/pull/27497
description: The `enableTrace` option is now supported.
Expand All @@ -722,6 +726,8 @@ changes:
description: ALPN options are supported now.
-->

> Stability: 0 - Deprecated: Use [`tls.connect()`][] instead.
* `socket` {net.Socket|stream.Duplex}
On the server side, any `Duplex` stream. On the client side, any
instance of [`net.Socket`][] (for generic `Duplex` stream support
Expand Down Expand Up @@ -1736,7 +1742,7 @@ changes:
description: ALPN options are supported now.
-->

> Stability: 0 - Deprecated: Use [`tls.TLSSocket`][] instead.
> Stability: 0 - Deprecated: Use [`tls.connect()`][] instead.
* `context` {Object} A secure context object as returned by
`tls.createSecureContext()`
Expand Down Expand Up @@ -1784,7 +1790,7 @@ socket.pipe(pair.encrypted);
can be replaced by:

```js
secureSocket = tls.TLSSocket(socket, options);
secureSocket = tls.connect({ socket, ...options });
```

where `secureSocket` has the same API as `pair.cleartext`.
Expand Down

0 comments on commit d7e5b45

Please sign in to comment.