diff options
| author | Matt Mastracci <matthew@mastracci.com> | 2024-04-08 15:01:02 -0600 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-04-08 15:01:02 -0600 |
| commit | cb12a9350332860971387e3a1fb40dc77fa992d3 (patch) | |
| tree | 287def7ddad815423f8bc4196a76f9546940435d /ext/net/02_tls.js | |
| parent | 3826598974efd44c9d3da7694c0a325b011bc20a (diff) | |
refactor(ext/tls): use cppgc to deduplicate the tls key loading code (#23289)
Pass the certificates and key files as CPPGC objects.
Towards #23233
Diffstat (limited to 'ext/net/02_tls.js')
| -rw-r--r-- | ext/net/02_tls.js | 51 |
1 files changed, 49 insertions, 2 deletions
diff --git a/ext/net/02_tls.js b/ext/net/02_tls.js index 04b0a5850..8d43e8604 100644 --- a/ext/net/02_tls.js +++ b/ext/net/02_tls.js @@ -7,11 +7,15 @@ import { op_net_connect_tls, op_net_listen_tls, op_tls_handshake, + op_tls_key_null, + op_tls_key_static, + op_tls_key_static_from_file, op_tls_start, } from "ext:core/ops"; const { Number, ObjectDefineProperty, + ReflectHas, TypeError, } = primordials; @@ -91,9 +95,11 @@ async function connectTls({ } cert ??= certChain; key ??= privateKey; + const keyPair = loadTlsKeyPair(cert, undefined, key, undefined); const { 0: rid, 1: localAddr, 2: remoteAddr } = await op_net_connect_tls( { hostname, port }, { certFile, caCerts, cert, key, alpnProtocols }, + keyPair, ); localAddr.transport = "tcp"; remoteAddr.transport = "tcp"; @@ -131,6 +137,36 @@ class TlsListener extends Listener { } } +function hasTlsKeyPairOptions(options) { + return (ReflectHas(options, "cert") || ReflectHas(options, "key") || + ReflectHas(options, "certFile") || + ReflectHas(options, "keyFile")); +} + +function loadTlsKeyPair( + cert, + certFile, + key, + keyFile, +) { + if ((certFile !== undefined) ^ (keyFile !== undefined)) { + throw new TypeError( + "If certFile is specified, keyFile must also be specified", + ); + } + if ((cert !== undefined) ^ (key !== undefined)) { + throw new TypeError("If cert is specified, key must also be specified"); + } + + if (certFile !== undefined) { + return op_tls_key_static_from_file("Deno.listenTls", certFile, keyFile); + } else if (cert !== undefined) { + return op_tls_key_static(cert, key); + } else { + return op_tls_key_null(); + } +} + function listenTls({ port, cert, @@ -159,9 +195,12 @@ function listenTls({ "Pass the cert file contents to the `Deno.ListenTlsOptions.cert` option instead.", ); } + + const keyPair = loadTlsKeyPair(cert, certFile, key, keyFile); const { 0: rid, 1: localAddr } = op_net_listen_tls( { hostname, port: Number(port) }, - { cert, certFile, key, keyFile, alpnProtocols, reusePort }, + { alpnProtocols, reusePort }, + keyPair, ); return new TlsListener(rid, localAddr); } @@ -184,4 +223,12 @@ async function startTls( return new TlsConn(rid, remoteAddr, localAddr); } -export { connectTls, listenTls, startTls, TlsConn, TlsListener }; +export { + connectTls, + hasTlsKeyPairOptions, + listenTls, + loadTlsKeyPair, + startTls, + TlsConn, + TlsListener, +}; |