Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: add --tls-min-v1.2 CLI switch #27520

Closed
wants to merge 1 commit into from

Conversation

sam-github
Copy link
Contributor

Switch added in v11.x, add it to master/12.x for consistency and
compatibility.

See: #26951, commit bf2c283

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@nodejs-github-bot
Copy link
Collaborator

@nodejs-github-bot nodejs-github-bot added c++ Issues and PRs that require attention from people who are familiar with C++. tls Issues and PRs related to the tls subsystem. labels May 1, 2019
@sam-github
Copy link
Contributor Author

/to @nodejs/crypto @nodejs/lts

@@ -586,6 +586,15 @@ added: v12.0.0
Set default [`tls.DEFAULT_MIN_VERSION`][] to 'TLSv1.1'. Use for compatibility
with old TLS clients or servers.

### `--tls-min-v1.2`
<!-- YAML
added: REPLACEME
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will the REPLACEME value be the wrong version given that this has already landed in earlier versions? Should we put the actual 11.x version here now?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

REPLACEME values are only accurate on the release branch they land in (last time I checked).

assert.strictEqual(tls.DEFAULT_MIN_VERSION, 'TLSv1.2');

// Check the min-max version protocol versions against these CLI settings.
require('./test-tls-min-max-version.js');
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

As with the other PR, totally not blocking, but using require() to load another test file does give me pause...

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note that it is the same pattern as the other 4 or 5 tests of TLS CLI options.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I agree with @Trott that this does not seem ideal. I would move the test-tls-min-max-version.js file into the fixtures folder and require that instead.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can see the argument for it not being a fixture. It's test code, not a fixture loaded by a test. And so we want it linted and so on....

Maybe there's some way to abstract it into common? That's probably more trouble than it's worth.

Anyway, it gives me pause when I see it, but I'm OK with it, especially since it's the way it's already being done....

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(I am going to spend half a second wondering if it should be a fixture every single time I come across it though. 😀)

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot

This comment has been minimized.

Switch added in v11.x, add it to master/12.x for consistency and
compatibility.

See: nodejs#26951, commit bf2c283
@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot

This comment has been minimized.

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented May 5, 2019

@Trott
Copy link
Member

Trott commented May 5, 2019

Landed in 3d98051

@Trott Trott closed this May 5, 2019
Trott pushed a commit to Trott/io.js that referenced this pull request May 5, 2019
Switch added in v11.x, add it to master/12.x for consistency and
compatibility.

See: nodejs#26951, commit bf2c283

PR-URL: nodejs#27520
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Сковорода Никита Андреевич <[email protected]>
targos pushed a commit that referenced this pull request May 6, 2019
Switch added in v11.x, add it to master/12.x for consistency and
compatibility.

See: #26951, commit bf2c283

PR-URL: #27520
Reviewed-By: Anna Henningsen <[email protected]>
Reviewed-By: Colin Ihrig <[email protected]>
Reviewed-By: Ben Noordhuis <[email protected]>
Reviewed-By: Rich Trott <[email protected]>
Reviewed-By: Tobias Nießen <[email protected]>
Reviewed-By: Сковорода Никита Андреевич <[email protected]>
@targos targos added the semver-minor PRs that contain new features and should be released in the next minor version. label May 6, 2019
@targos targos mentioned this pull request May 6, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
c++ Issues and PRs that require attention from people who are familiar with C++. semver-minor PRs that contain new features and should be released in the next minor version. tls Issues and PRs related to the tls subsystem.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

10 participants