1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: add highWaterMark option for connect

Browse Source 
PR-URL: https://github.com/nodejs/node/pull/32786
Fixes: https://github.com/nodejs/node/issues/32781
Reviewed-By: Zeyu Yang <himself65@outlook.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Andrey Pechkurov <apechkurov@gmail.com>
This commit is contained in:
rickyes 2020-04-12 02:07:35 +08:00 committed by Andrey Pechkurov
parent b37ec37210
commit 58682d823a
5 changed files with 132 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
doc/api/https.md
View File

@ -238,6 +238,9 @@ Global instance of [`https.Agent`][] for all HTTPS client requests.
<!-- YAML <!-- YAML
added: v0.3.6 added: v0.3.6
changes: changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/32786
description: The `highWaterMark` option is accepted now.
- version: v10.9.0 - version: v10.9.0
pr-url: https://github.com/nodejs/node/pull/21616 pr-url: https://github.com/nodejs/node/pull/21616
description: The `url` parameter can now be passed along with a separate description: The `url` parameter can now be passed along with a separate
@ -263,7 +266,8 @@ Makes a request to a secure web server.
The following additional `options` from [`tls.connect()`][] are also accepted: The following additional `options` from [`tls.connect()`][] are also accepted:
`ca`, `cert`, `ciphers`, `clientCertEngine`, `crl`, `dhparam`, `ecdhCurve`, `ca`, `cert`, `ciphers`, `clientCertEngine`, `crl`, `dhparam`, `ecdhCurve`,
`honorCipherOrder`, `key`, `passphrase`, `pfx`, `rejectUnauthorized`, `honorCipherOrder`, `key`, `passphrase`, `pfx`, `rejectUnauthorized`,
`secureOptions`, `secureProtocol`, `servername`, `sessionIdContext`. `secureOptions`, `secureProtocol`, `servername`, `sessionIdContext`,
`highWaterMark`.
`options` can be an object, a string, or a [`URL`][] object. If `options` is a `options` can be an object, a string, or a [`URL`][] object. If `options` is a
string, it is automatically parsed with [`new URL()`][]. If it is a [`URL`][] string, it is automatically parsed with [`new URL()`][]. If it is a [`URL`][]

5
doc/api/tls.md
View File

@ -1274,6 +1274,9 @@ being issued by trusted CA (`options.ca`).
<!-- YAML <!-- YAML
added: v0.11.3 added: v0.11.3
changes: changes:
- version: REPLACEME
pr-url: https://github.com/nodejs/node/pull/32786
description: The `highWaterMark` option is accepted now.
- version: v13.6.0 - version: v13.6.0
pr-url: https://github.com/nodejs/node/pull/23188 pr-url: https://github.com/nodejs/node/pull/23188
description: The `pskCallback` option is now supported. description: The `pskCallback` option is now supported.
@ -1370,6 +1373,8 @@ changes:
TLS connection. When a server offers a DH parameter with a size less TLS connection. When a server offers a DH parameter with a size less
than `minDHSize`, the TLS connection is destroyed and an error is thrown. than `minDHSize`, the TLS connection is destroyed and an error is thrown.
**Default:** `1024`. **Default:** `1024`.
* `highWaterMark`: {number} Consistent with the readable stream `highWaterMark` parameter.
**Default:** `16 * 1024`.
* `secureContext`: TLS context object created with * `secureContext`: TLS context object created with
[`tls.createSecureContext()`][]. If a `secureContext` is _not_ provided, one [`tls.createSecureContext()`][]. If a `secureContext` is _not_ provided, one
will be created by passing the entire `options` object to will be created by passing the entire `options` object to

4
lib/_tls_wrap.js
View File

@ -498,7 +498,8 @@ function TLSSocket(socket, opts) {
handle: this._wrapHandle(wrap), handle: this._wrapHandle(wrap),
allowHalfOpen: socket ? socket.allowHalfOpen : tlsOptions.allowHalfOpen, allowHalfOpen: socket ? socket.allowHalfOpen : tlsOptions.allowHalfOpen,
pauseOnCreate: tlsOptions.pauseOnConnect, pauseOnCreate: tlsOptions.pauseOnConnect,
manualStart: true manualStart: true,
highWaterMark: tlsOptions.highWaterMark,
}); });
// Proxy for API compatibility // Proxy for API compatibility
@ -1577,6 +1578,7 @@ exports.connect = function connect(...args) {
requestOCSP: options.requestOCSP, requestOCSP: options.requestOCSP,
enableTrace: options.enableTrace, enableTrace: options.enableTrace,
pskCallback: options.pskCallback, pskCallback: options.pskCallback,
highWaterMark: options.highWaterMark,
}); });
tlssock[kConnectOptions] = options; tlssock[kConnectOptions] = options;

66
test/parallel/test-https-hwm.js Normal file
View File

@ -0,0 +1,66 @@
'use strict';
// Test https highWaterMark
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const https = require('https');
const fixtures = require('../common/fixtures');
let counter = 0;
function loadCallback(highWaterMark) {
return common.mustCall(function(res) {
assert.strictEqual(highWaterMark, res.readableHighWaterMark);
counter--;
console.log('back from https request. ',
`highWaterMark = ${res.readableHighWaterMark}`);
if (counter === 0) {
httpsServer.close();
console.log('ok');
}
res.resume();
});
}
// create server
const httpsServer = https.createServer({
key: fixtures.readKey('agent1-key.pem'),
cert: fixtures.readKey('agent1-cert.pem')
}, common.mustCall(function(req, res) {
res.writeHead(200, {});
res.end('ok');
}, 3)).listen(0, common.mustCall(function(err) {
console.log(`test https server listening on port ${this.address().port}`);
assert.ifError(err);
https.request({
method: 'GET',
path: `/${counter++}`,
host: 'localhost',
port: this.address().port,
rejectUnauthorized: false,
highWaterMark: 128000,
}, loadCallback(128000)).on('error', common.mustNotCall()).end();
https.request({
method: 'GET',
path: `/${counter++}`,
host: 'localhost',
port: this.address().port,
rejectUnauthorized: false,
highWaterMark: 0,
}, loadCallback(0)).on('error', common.mustNotCall()).end();
https.request({
method: 'GET',
path: `/${counter++}`,
host: 'localhost',
port: this.address().port,
rejectUnauthorized: false,
highWaterMark: undefined,
}, loadCallback(16 * 1024)).on('error', common.mustNotCall()).end();
}));

53
test/parallel/test-tls-connect-hwm-option.js Normal file
View File

@ -0,0 +1,53 @@
'use strict';
const common = require('../common');
if (!common.hasCrypto)
common.skip('missing crypto');
const assert = require('assert');
const tls = require('tls');
const fixtures = require('../common/fixtures');
const pem = (n) => fixtures.readKey(`${n}.pem`);
let clients = 0;
const server = tls.createServer({
key: pem('agent1-key'),
cert: pem('agent1-cert')
}, common.mustCall(() => {
if (--clients === 0)
server.close();
}, 3));
server.listen(0, common.mustCall(() => {
clients++;
const highBob = tls.connect({
port: server.address().port,
rejectUnauthorized: false,
highWaterMark: 128000,
}, common.mustCall(() => {
assert.strictEqual(highBob.readableHighWaterMark, 128000);
highBob.end();
}));
clients++;
const defaultHighBob = tls.connect({
port: server.address().port,
rejectUnauthorized: false,
highWaterMark: undefined,
}, common.mustCall(() => {
assert.strictEqual(defaultHighBob.readableHighWaterMark, 16 * 1024);
defaultHighBob.end();
}));
clients++;
const zeroHighBob = tls.connect({
port: server.address().port,
rejectUnauthorized: false,
highWaterMark: 0,
}, common.mustCall(() => {
assert.strictEqual(zeroHighBob.readableHighWaterMark, 0);
zeroHighBob.end();
}));
}));