undici icon indicating copy to clipboard operation
undici copied to clipboard

Published 20 hours ago verified publisher icon nodejs

Filter tls options

Open ronag opened this issue 4 years ago • 6 comments

Determine which tls options actually make sense to forward to tls.connect and throw if any other is provided (e.g. allowHalfOpen).

ronag avatar Jun 28 '20 16:06 ronag

@delvedor Would you mind looking at this? I would like to move the tls options out on root instead of making it possible to pass anything in an nested options object and surprise us.

ronag avatar Aug 24 '20 12:08 ronag

Other than "pass anything in an nested options object and surprise us.", what problems do you foresee here?

delvedor avatar Aug 26 '20 13:08 delvedor

what problems do you foresee here?

It's a bit unclear what option exactly we support or not.

ronag avatar Aug 26 '20 13:08 ronag

Since we are passing those opts to the core tls library, all of them? I fear I'm missing something 🤔

delvedor avatar Aug 26 '20 14:08 delvedor

Since we are passing those opts to the core tls library, all of them? I fear I'm missing something 🤔

We don't support all of them: https://nodejs.org/api/tls.html#tls_new_tls_tlssocket_socket_options. Some of them don't make any sense in our context.

I think rejectUnauthorized is the only relevant one. But I don't have a good understanding of all of the existing options.

ronag avatar Aug 26 '20 14:08 ronag

Let's keep them for know. When and if it will become a problem, we will have more context to make this decision :)

delvedor avatar Aug 26 '20 14:08 delvedor