diff --git a/doc/api/deprecations.md b/doc/api/deprecations.md index 6a2714befc140f..17df732ce4feec 100644 --- a/doc/api/deprecations.md +++ b/doc/api/deprecations.md @@ -634,6 +634,13 @@ Type: Runtime *Note*: change was made while `async_hooks` was an experimental API. + +### DEP0073: tls.parseCertString() + +Type: Runtime + +`tls.parseCertString()` was move to `internal/tls.js`. + [`Buffer.allocUnsafeSlow(size)`]: buffer.html#buffer_class_method_buffer_allocunsafeslow_size [`Buffer.from(array)`]: buffer.html#buffer_class_method_buffer_from_array [`Buffer.from(buffer)`]: buffer.html#buffer_class_method_buffer_from_buffer diff --git a/lib/_tls_common.js b/lib/_tls_common.js index afcc5bc5fa2f96..59ea0b58a3ff77 100644 --- a/lib/_tls_common.js +++ b/lib/_tls_common.js @@ -21,7 +21,7 @@ 'use strict'; -const tls = require('tls'); +const tls = require('internal/tls'); const SSL_OP_CIPHER_SERVER_PREFERENCE = process.binding('constants').crypto.SSL_OP_CIPHER_SERVER_PREFERENCE; diff --git a/lib/internal/tls.js b/lib/internal/tls.js new file mode 100644 index 00000000000000..a229291182fc6c --- /dev/null +++ b/lib/internal/tls.js @@ -0,0 +1,33 @@ +'use strict'; + +const DEFAULT_CIPHERS = process.binding('constants').crypto.defaultCipherList; +const DEFAULT_ECDH_CURVE = 'prime256v1'; + +// Example: +// C=US\nST=CA\nL=SF\nO=Joyent\nOU=Node.js\nCN=ca1\nemailAddress=ry@clouds.org +function parseCertString(s) { + var out = {}; + var parts = s.split('\n'); + for (var i = 0, len = parts.length; i < len; i++) { + var sepIndex = parts[i].indexOf('='); + if (sepIndex > 0) { + var key = parts[i].slice(0, sepIndex); + var value = parts[i].slice(sepIndex + 1); + if (key in out) { + if (!Array.isArray(out[key])) { + out[key] = [out[key]]; + } + out[key].push(value); + } else { + out[key] = value; + } + } + } + return out; +} + +module.exports = { + parseCertString, + DEFAULT_CIPHERS, + DEFAULT_ECDH_CURVE +}; diff --git a/lib/tls.js b/lib/tls.js index d89f241383d2e5..718c43aa728edd 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -24,6 +24,7 @@ const internalUtil = require('internal/util'); internalUtil.assertCrypto(); +const internalTLS = require('internal/tls'); const net = require('net'); const url = require('url'); const binding = process.binding('crypto'); @@ -39,10 +40,12 @@ exports.CLIENT_RENEG_WINDOW = 600; exports.SLAB_BUFFER_SIZE = 10 * 1024 * 1024; -exports.DEFAULT_CIPHERS = - process.binding('constants').crypto.defaultCipherList; - -exports.DEFAULT_ECDH_CURVE = 'prime256v1'; +[ 'DEFAULT_CIPHERS', 'DEFAULT_ECDH_CURVE' ].forEach((key) => { + Object.defineProperty(exports, key, { + get: () => { return internalTLS[key]; }, + set: (c) => { internalTLS[key] = c; } + }); +}); exports.getCiphers = internalUtil.cachedResult( () => internalUtil.filterDuplicateStrings(binding.getSSLCiphers(), true) @@ -228,28 +231,10 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) { } }; -// Example: -// C=US\nST=CA\nL=SF\nO=Joyent\nOU=Node.js\nCN=ca1\nemailAddress=ry@clouds.org -exports.parseCertString = function parseCertString(s) { - var out = {}; - var parts = s.split('\n'); - for (var i = 0, len = parts.length; i < len; i++) { - var sepIndex = parts[i].indexOf('='); - if (sepIndex > 0) { - var key = parts[i].slice(0, sepIndex); - var value = parts[i].slice(sepIndex + 1); - if (key in out) { - if (!Array.isArray(out[key])) { - out[key] = [out[key]]; - } - out[key].push(value); - } else { - out[key] = value; - } - } - } - return out; -}; +exports.parseCertString = internalUtil.deprecate( + internalTLS.parseCertString, + 'tls.parseCertString is deprecated', + 'DEP0073'); // Public API exports.createSecureContext = require('_tls_common').createSecureContext; diff --git a/node.gyp b/node.gyp index b0e4676a96e477..714965f872d9b7 100644 --- a/node.gyp +++ b/node.gyp @@ -100,6 +100,7 @@ 'lib/internal/repl.js', 'lib/internal/socket_list.js', 'lib/internal/test/unicode.js', + 'lib/internal/tls.js', 'lib/internal/url.js', 'lib/internal/util.js', 'lib/internal/v8_prof_polyfill.js', diff --git a/test/parallel/test-tls-parse-cert-string.js b/test/parallel/test-tls-parse-cert-string.js index 2e940805c0b958..904b9bd9b8570c 100644 --- a/test/parallel/test-tls-parse-cert-string.js +++ b/test/parallel/test-tls-parse-cert-string.js @@ -1,10 +1,12 @@ 'use strict'; + +// Flags: --expose_internals const common = require('../common'); if (!common.hasCrypto) common.skip('missing crypto'); const assert = require('assert'); -const tls = require('tls'); +const tls = require('internal/tls'); { const singles = 'C=US\nST=CA\nL=SF\nO=Node.js Foundation\nOU=Node.js\n' + @@ -36,3 +38,17 @@ const tls = require('tls'); const invalidOut = tls.parseCertString(invalid); assert.deepStrictEqual(invalidOut, {}); } + +{ + const regexp = new RegExp('^\\(node:\\d+\\) [DEP0073] DeprecationWarning: ' + + 'tls\\.parseCertString is deprecated$'); + + // test for deprecate message + common.hijackStderr(common.mustCall(function(data) { + assert.ok(regexp.test(data)); + common.restoreStderr(); + })); + + const ret = require('tls').parseCertString('foo=bar'); + assert.deepStrictEqual(ret, { foo: 'bar' }); +}