isomorfeus-puppetmaster 0.5.5 → 0.5.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/isomorfeus/puppetmaster/console_message.rb +18 -18
- data/lib/isomorfeus/puppetmaster/cookie.rb +46 -46
- data/lib/isomorfeus/puppetmaster/driver/puppeteer.rb +413 -415
- data/lib/isomorfeus/puppetmaster/driver/puppeteer_document.rb +953 -953
- data/lib/isomorfeus/puppetmaster/driver/puppeteer_node.rb +851 -851
- data/lib/isomorfeus/puppetmaster/errors.rb +90 -90
- data/lib/isomorfeus/puppetmaster/iframe.rb +16 -16
- data/lib/isomorfeus/puppetmaster/node/content_editable.rb +17 -17
- data/lib/isomorfeus/puppetmaster/node/input.rb +20 -20
- data/lib/isomorfeus/puppetmaster/node/select.rb +35 -35
- data/lib/isomorfeus/puppetmaster/node.rb +279 -279
- data/lib/isomorfeus/puppetmaster/request.rb +16 -16
- data/lib/isomorfeus/puppetmaster/response.rb +25 -25
- data/lib/isomorfeus/puppetmaster/self_forwardable.rb +38 -38
- data/lib/isomorfeus/puppetmaster/version.rb +3 -3
- data/lib/isomorfeus/puppetmaster.rb +85 -85
- data/lib/isomorfeus-puppetmaster.rb +1 -0
- data/node_modules/.bin/extract-zip +12 -12
- data/node_modules/.bin/extract-zip.ps1 +28 -28
- data/node_modules/.bin/rimraf +12 -12
- data/node_modules/.bin/rimraf.ps1 +28 -28
- data/node_modules/.package-lock.json +530 -585
- data/node_modules/@types/node/LICENSE +21 -21
- data/node_modules/@types/node/assert/strict.d.ts +8 -8
- data/node_modules/@types/node/assert.d.ts +912 -912
- data/node_modules/@types/node/async_hooks.d.ts +497 -497
- data/node_modules/@types/node/buffer.d.ts +2142 -2142
- data/node_modules/@types/node/child_process.d.ts +1355 -1355
- data/node_modules/@types/node/cluster.d.ts +414 -414
- data/node_modules/@types/node/console.d.ts +407 -407
- data/node_modules/@types/node/constants.d.ts +18 -18
- data/node_modules/@types/node/crypto.d.ts +3224 -3224
- data/node_modules/@types/node/dgram.d.ts +545 -545
- data/node_modules/@types/node/diagnostics_channel.d.ts +128 -128
- data/node_modules/@types/node/dns/promises.d.ts +357 -357
- data/node_modules/@types/node/dns.d.ts +643 -643
- data/node_modules/@types/node/domain.d.ts +169 -169
- data/node_modules/@types/node/events.d.ts +623 -623
- data/node_modules/@types/node/fs/promises.d.ts +997 -997
- data/node_modules/@types/node/fs.d.ts +3723 -3723
- data/node_modules/@types/node/globals.d.ts +285 -285
- data/node_modules/@types/node/globals.global.d.ts +1 -1
- data/node_modules/@types/node/http.d.ts +1358 -1358
- data/node_modules/@types/node/http2.d.ts +2100 -2100
- data/node_modules/@types/node/https.d.ts +391 -391
- data/node_modules/@types/node/index.d.ts +131 -131
- data/node_modules/@types/node/inspector.d.ts +2738 -2738
- data/node_modules/@types/node/module.d.ts +114 -114
- data/node_modules/@types/node/net.d.ts +783 -783
- data/node_modules/@types/node/os.d.ts +455 -455
- data/node_modules/@types/node/package.json +229 -229
- data/node_modules/@types/node/path.d.ts +172 -172
- data/node_modules/@types/node/perf_hooks.d.ts +555 -555
- data/node_modules/@types/node/process.d.ts +1477 -1477
- data/node_modules/@types/node/punycode.d.ts +117 -117
- data/node_modules/@types/node/querystring.d.ts +131 -131
- data/node_modules/@types/node/readline.d.ts +542 -542
- data/node_modules/@types/node/repl.d.ts +424 -424
- data/node_modules/@types/node/stream/consumers.d.ts +24 -24
- data/node_modules/@types/node/stream/promises.d.ts +42 -42
- data/node_modules/@types/node/stream/web.d.ts +6 -6
- data/node_modules/@types/node/stream.d.ts +1181 -1181
- data/node_modules/@types/node/string_decoder.d.ts +67 -67
- data/node_modules/@types/node/timers/promises.d.ts +68 -68
- data/node_modules/@types/node/timers.d.ts +94 -94
- data/node_modules/@types/node/tls.d.ts +1019 -1019
- data/node_modules/@types/node/trace_events.d.ts +161 -161
- data/node_modules/@types/node/tty.d.ts +206 -206
- data/node_modules/@types/node/url.d.ts +798 -798
- data/node_modules/@types/node/util.d.ts +1556 -1556
- data/node_modules/@types/node/v8.d.ts +378 -378
- data/node_modules/@types/node/vm.d.ts +504 -504
- data/node_modules/@types/node/wasi.d.ts +153 -153
- data/node_modules/@types/node/worker_threads.d.ts +649 -649
- data/node_modules/@types/node/zlib.d.ts +517 -517
- data/node_modules/@types/yauzl/LICENSE +21 -21
- data/node_modules/@types/yauzl/index.d.ts +98 -98
- data/node_modules/@types/yauzl/package.json +26 -26
- data/node_modules/agent-base/README.md +145 -145
- data/node_modules/agent-base/dist/src/index.d.ts +78 -78
- data/node_modules/agent-base/dist/src/index.js +202 -202
- data/node_modules/agent-base/dist/src/promisify.d.ts +4 -4
- data/node_modules/agent-base/dist/src/promisify.js +17 -17
- data/node_modules/agent-base/package.json +64 -64
- data/node_modules/agent-base/src/index.ts +345 -345
- data/node_modules/agent-base/src/promisify.ts +33 -33
- data/node_modules/balanced-match/.github/FUNDING.yml +2 -2
- data/node_modules/balanced-match/LICENSE.md +21 -21
- data/node_modules/balanced-match/README.md +97 -97
- data/node_modules/balanced-match/index.js +62 -62
- data/node_modules/balanced-match/package.json +48 -48
- data/node_modules/base64-js/LICENSE +21 -21
- data/node_modules/base64-js/README.md +34 -34
- data/node_modules/base64-js/index.d.ts +3 -3
- data/node_modules/base64-js/index.js +150 -150
- data/node_modules/base64-js/package.json +47 -47
- data/node_modules/bl/.travis.yml +17 -17
- data/node_modules/bl/BufferList.js +396 -396
- data/node_modules/bl/LICENSE.md +13 -13
- data/node_modules/bl/README.md +247 -247
- data/node_modules/bl/bl.js +84 -84
- data/node_modules/bl/package.json +37 -37
- data/node_modules/bl/test/convert.js +21 -21
- data/node_modules/bl/test/indexOf.js +492 -492
- data/node_modules/bl/test/isBufferList.js +32 -32
- data/node_modules/bl/test/test.js +869 -869
- data/node_modules/brace-expansion/LICENSE +21 -21
- data/node_modules/brace-expansion/README.md +129 -129
- data/node_modules/brace-expansion/index.js +201 -201
- data/node_modules/brace-expansion/package.json +47 -47
- data/node_modules/buffer/AUTHORS.md +70 -70
- data/node_modules/buffer/LICENSE +21 -21
- data/node_modules/buffer/README.md +410 -410
- data/node_modules/buffer/index.d.ts +186 -186
- data/node_modules/buffer/index.js +1817 -1817
- data/node_modules/buffer/package.json +96 -96
- data/node_modules/buffer-crc32/LICENSE +19 -19
- data/node_modules/buffer-crc32/README.md +47 -47
- data/node_modules/buffer-crc32/index.js +111 -111
- data/node_modules/buffer-crc32/package.json +39 -39
- data/node_modules/chownr/LICENSE +15 -15
- data/node_modules/chownr/README.md +3 -3
- data/node_modules/chownr/chownr.js +167 -167
- data/node_modules/chownr/package.json +29 -29
- data/node_modules/concat-map/.travis.yml +4 -4
- data/node_modules/concat-map/LICENSE +18 -18
- data/node_modules/concat-map/README.markdown +62 -62
- data/node_modules/concat-map/example/map.js +6 -6
- data/node_modules/concat-map/index.js +13 -13
- data/node_modules/concat-map/package.json +43 -43
- data/node_modules/concat-map/test/map.js +39 -39
- data/node_modules/debug/LICENSE +19 -19
- data/node_modules/debug/README.md +455 -455
- data/node_modules/debug/package.json +59 -59
- data/node_modules/debug/src/browser.js +269 -269
- data/node_modules/debug/src/common.js +274 -274
- data/node_modules/debug/src/index.js +10 -10
- data/node_modules/debug/src/node.js +263 -263
- data/node_modules/devtools-protocol/LICENSE +27 -27
- data/node_modules/devtools-protocol/README.md +12 -12
- data/node_modules/devtools-protocol/json/browser_protocol.json +20985 -20640
- data/node_modules/devtools-protocol/json/js_protocol.json +3531 -3580
- data/node_modules/devtools-protocol/package.json +17 -18
- data/node_modules/devtools-protocol/pdl/browser_protocol.pdl +9849 -9637
- data/node_modules/devtools-protocol/pdl/js_protocol.pdl +1653 -1678
- data/node_modules/devtools-protocol/types/protocol-mapping.d.ts +4333 -4321
- data/node_modules/devtools-protocol/types/protocol-proxy-api.d.ts +3695 -3683
- data/node_modules/devtools-protocol/types/protocol.d.ts +15714 -15538
- data/node_modules/end-of-stream/LICENSE +20 -20
- data/node_modules/end-of-stream/README.md +54 -54
- data/node_modules/end-of-stream/index.js +94 -94
- data/node_modules/end-of-stream/package.json +37 -37
- data/node_modules/extract-zip/LICENSE +23 -23
- data/node_modules/extract-zip/cli.js +19 -19
- data/node_modules/extract-zip/index.d.ts +21 -21
- data/node_modules/extract-zip/index.js +173 -173
- data/node_modules/extract-zip/package.json +80 -80
- data/node_modules/extract-zip/readme.md +57 -57
- data/node_modules/fd-slicer/.npmignore +2 -2
- data/node_modules/fd-slicer/.travis.yml +7 -7
- data/node_modules/fd-slicer/CHANGELOG.md +49 -49
- data/node_modules/fd-slicer/LICENSE +21 -21
- data/node_modules/fd-slicer/README.md +199 -199
- data/node_modules/fd-slicer/index.js +296 -296
- data/node_modules/fd-slicer/package.json +36 -36
- data/node_modules/fd-slicer/test/test.js +350 -350
- data/node_modules/find-up/index.d.ts +137 -137
- data/node_modules/find-up/index.js +89 -89
- data/node_modules/find-up/license +9 -9
- data/node_modules/find-up/package.json +53 -53
- data/node_modules/find-up/readme.md +156 -156
- data/node_modules/fs-constants/LICENSE +21 -21
- data/node_modules/fs-constants/README.md +26 -26
- data/node_modules/fs-constants/browser.js +1 -1
- data/node_modules/fs-constants/index.js +1 -1
- data/node_modules/fs-constants/package.json +19 -19
- data/node_modules/fs.realpath/LICENSE +43 -43
- data/node_modules/fs.realpath/README.md +33 -33
- data/node_modules/fs.realpath/index.js +66 -66
- data/node_modules/fs.realpath/old.js +303 -303
- data/node_modules/fs.realpath/package.json +26 -26
- data/node_modules/get-stream/buffer-stream.js +52 -52
- data/node_modules/get-stream/index.d.ts +108 -108
- data/node_modules/get-stream/index.js +60 -60
- data/node_modules/get-stream/license +9 -9
- data/node_modules/get-stream/package.json +50 -50
- data/node_modules/get-stream/readme.md +124 -124
- data/node_modules/glob/LICENSE +21 -21
- data/node_modules/glob/README.md +375 -375
- data/node_modules/glob/changelog.md +67 -67
- data/node_modules/glob/common.js +234 -234
- data/node_modules/glob/glob.js +788 -788
- data/node_modules/glob/package.json +51 -51
- data/node_modules/glob/sync.js +484 -484
- data/node_modules/https-proxy-agent/README.md +137 -137
- data/node_modules/https-proxy-agent/dist/agent.d.ts +30 -30
- data/node_modules/https-proxy-agent/dist/agent.js +179 -179
- data/node_modules/https-proxy-agent/dist/index.d.ts +23 -23
- data/node_modules/https-proxy-agent/dist/index.js +13 -13
- data/node_modules/https-proxy-agent/dist/parse-proxy-response.d.ts +7 -7
- data/node_modules/https-proxy-agent/dist/parse-proxy-response.js +65 -65
- data/node_modules/https-proxy-agent/package.json +56 -56
- data/node_modules/ieee754/LICENSE +11 -11
- data/node_modules/ieee754/README.md +51 -51
- data/node_modules/ieee754/index.d.ts +9 -9
- data/node_modules/ieee754/index.js +85 -85
- data/node_modules/ieee754/package.json +52 -52
- data/node_modules/inflight/LICENSE +15 -15
- data/node_modules/inflight/README.md +37 -37
- data/node_modules/inflight/inflight.js +54 -54
- data/node_modules/inflight/package.json +29 -29
- data/node_modules/inherits/LICENSE +16 -16
- data/node_modules/inherits/README.md +42 -42
- data/node_modules/inherits/inherits.js +9 -9
- data/node_modules/inherits/inherits_browser.js +27 -27
- data/node_modules/inherits/package.json +29 -29
- data/node_modules/locate-path/index.d.ts +83 -83
- data/node_modules/locate-path/index.js +65 -65
- data/node_modules/locate-path/license +9 -9
- data/node_modules/locate-path/package.json +45 -45
- data/node_modules/locate-path/readme.md +122 -122
- data/node_modules/minimatch/LICENSE +15 -15
- data/node_modules/minimatch/README.md +209 -209
- data/node_modules/minimatch/minimatch.js +923 -923
- data/node_modules/minimatch/package.json +30 -30
- data/node_modules/mkdirp-classic/LICENSE +21 -21
- data/node_modules/mkdirp-classic/README.md +18 -18
- data/node_modules/mkdirp-classic/index.js +98 -98
- data/node_modules/mkdirp-classic/package.json +18 -18
- data/node_modules/ms/index.js +162 -162
- data/node_modules/ms/license.md +21 -21
- data/node_modules/ms/package.json +37 -37
- data/node_modules/ms/readme.md +60 -60
- data/node_modules/node-fetch/LICENSE.md +22 -22
- data/node_modules/node-fetch/README.md +590 -590
- data/node_modules/node-fetch/browser.js +24 -24
- data/node_modules/node-fetch/lib/index.es.js +1662 -1662
- data/node_modules/node-fetch/lib/index.js +1671 -1671
- data/node_modules/node-fetch/lib/index.mjs +1660 -1660
- data/node_modules/node-fetch/package.json +68 -68
- data/node_modules/once/LICENSE +15 -15
- data/node_modules/once/README.md +79 -79
- data/node_modules/once/once.js +42 -42
- data/node_modules/once/package.json +33 -33
- data/node_modules/p-limit/index.d.ts +38 -38
- data/node_modules/p-limit/index.js +57 -57
- data/node_modules/p-limit/license +9 -9
- data/node_modules/p-limit/package.json +52 -52
- data/node_modules/p-limit/readme.md +101 -101
- data/node_modules/p-locate/index.d.ts +64 -64
- data/node_modules/p-locate/index.js +52 -52
- data/node_modules/p-locate/license +9 -9
- data/node_modules/p-locate/package.json +53 -53
- data/node_modules/p-locate/readme.md +90 -90
- data/node_modules/p-try/index.d.ts +39 -39
- data/node_modules/p-try/index.js +9 -9
- data/node_modules/p-try/license +9 -9
- data/node_modules/p-try/package.json +42 -42
- data/node_modules/p-try/readme.md +58 -58
- data/node_modules/path-exists/index.d.ts +28 -28
- data/node_modules/path-exists/index.js +23 -23
- data/node_modules/path-exists/license +9 -9
- data/node_modules/path-exists/package.json +39 -39
- data/node_modules/path-exists/readme.md +52 -52
- data/node_modules/path-is-absolute/index.js +20 -20
- data/node_modules/path-is-absolute/license +21 -21
- data/node_modules/path-is-absolute/package.json +43 -43
- data/node_modules/path-is-absolute/readme.md +59 -59
- data/node_modules/pend/LICENSE +23 -23
- data/node_modules/pend/README.md +41 -41
- data/node_modules/pend/index.js +55 -55
- data/node_modules/pend/package.json +18 -18
- data/node_modules/pend/test.js +137 -137
- data/node_modules/pkg-dir/index.d.ts +44 -44
- data/node_modules/pkg-dir/index.js +17 -17
- data/node_modules/pkg-dir/license +9 -9
- data/node_modules/pkg-dir/package.json +56 -56
- data/node_modules/pkg-dir/readme.md +66 -66
- data/node_modules/progress/CHANGELOG.md +115 -115
- data/node_modules/progress/LICENSE +22 -22
- data/node_modules/progress/Makefile +8 -8
- data/node_modules/progress/Readme.md +146 -146
- data/node_modules/progress/index.js +1 -1
- data/node_modules/progress/lib/node-progress.js +236 -236
- data/node_modules/progress/package.json +26 -26
- data/node_modules/proxy-from-env/.eslintrc +29 -29
- data/node_modules/proxy-from-env/.travis.yml +10 -10
- data/node_modules/proxy-from-env/LICENSE +20 -20
- data/node_modules/proxy-from-env/README.md +131 -131
- data/node_modules/proxy-from-env/index.js +108 -108
- data/node_modules/proxy-from-env/package.json +34 -34
- data/node_modules/proxy-from-env/test.js +483 -483
- data/node_modules/pump/.travis.yml +5 -5
- data/node_modules/pump/LICENSE +20 -20
- data/node_modules/pump/README.md +65 -65
- data/node_modules/pump/index.js +82 -82
- data/node_modules/pump/package.json +24 -24
- data/node_modules/pump/test-browser.js +66 -66
- data/node_modules/pump/test-node.js +53 -53
- data/node_modules/puppeteer-core/CHANGELOG.md +319 -290
- data/node_modules/puppeteer-core/LICENSE +202 -202
- data/node_modules/puppeteer-core/README.md +481 -481
- data/node_modules/puppeteer-core/cjs-entry-core.js +29 -29
- data/node_modules/puppeteer-core/cjs-entry.js +29 -29
- data/node_modules/puppeteer-core/install.js +89 -89
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/api-docs-entry.d.ts +110 -110
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/api-docs-entry.js +80 -80
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Accessibility.d.ts +175 -175
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Accessibility.js +360 -360
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/AriaQueryHandler.d.ts +20 -20
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/AriaQueryHandler.js +84 -84
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/AriaQueryHandler.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Browser.d.ts +455 -455
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Browser.js +540 -540
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/BrowserConnector.d.ts +53 -53
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/BrowserConnector.js +97 -97
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/BrowserWebSocketTransport.d.ts +25 -25
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/BrowserWebSocketTransport.js +34 -34
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Connection.d.ts +135 -135
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Connection.js +298 -298
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/ConnectionTransport.d.ts +24 -24
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/ConnectionTransport.js +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/ConsoleMessage.d.ts +72 -72
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/ConsoleMessage.js +64 -64
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Coverage.d.ts +204 -204
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Coverage.js +335 -335
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/DOMWorld.d.ts +175 -175
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/DOMWorld.js +662 -662
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Debug.d.ts +52 -52
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Debug.js +81 -81
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/DeviceDescriptors.d.ts +40 -40
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/DeviceDescriptors.js +1070 -1070
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Dialog.d.ts +74 -74
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Dialog.js +97 -97
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/EmulationManager.d.ts +24 -24
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/EmulationManager.js +37 -37
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Errors.d.ts +50 -50
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Errors.js +56 -56
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/EvalTypes.d.ts +60 -60
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/EvalTypes.js +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/EventEmitter.d.ts +92 -92
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/EventEmitter.js +116 -116
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Events.d.ts +81 -81
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Events.js +86 -86
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/ExecutionContext.d.ts +193 -193
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/ExecutionContext.js +321 -321
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/FileChooser.d.ts +58 -58
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/FileChooser.js +71 -71
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/FrameManager.d.ts +744 -744
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/FrameManager.js +1047 -1047
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/FrameManager.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPRequest.d.ts +350 -345
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPRequest.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPRequest.js +549 -549
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPRequest.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPResponse.d.ts +134 -125
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPResponse.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPResponse.js +184 -164
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/HTTPResponse.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Input.d.ts +358 -358
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Input.js +543 -543
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/JSHandle.d.ts +490 -490
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/JSHandle.js +827 -827
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/LifecycleWatcher.d.ts +65 -65
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/LifecycleWatcher.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/LifecycleWatcher.js +149 -148
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/LifecycleWatcher.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/NetworkConditions.d.ts +26 -26
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/NetworkConditions.js +33 -33
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/NetworkManager.d.ts +126 -97
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/NetworkManager.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/NetworkManager.js +467 -342
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/NetworkManager.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/PDFOptions.d.ts +161 -161
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/PDFOptions.js +34 -34
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Page.d.ts +2055 -2055
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Page.js +2533 -2533
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Product.d.ts +20 -20
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Product.js +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Puppeteer.d.ts +159 -159
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Puppeteer.js +161 -161
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/PuppeteerViewport.d.ts +51 -51
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/PuppeteerViewport.js +2 -2
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/QueryHandler.d.ts +64 -64
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/QueryHandler.js +165 -165
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/SecurityDetails.d.ts +60 -60
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/SecurityDetails.js +76 -76
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Target.d.ts +100 -100
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Target.js +145 -145
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/TaskQueue.d.ts +20 -20
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/TaskQueue.js +29 -29
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/TimeoutSettings.d.ts +27 -27
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/TimeoutSettings.js +47 -47
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Tracing.d.ts +46 -46
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/Tracing.js +109 -109
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/USKeyboardLayout.d.ts +39 -39
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/USKeyboardLayout.js +406 -406
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/WebWorker.d.ts +98 -98
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/WebWorker.js +112 -112
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/assert.d.ts +22 -22
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/assert.js +33 -33
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/fetch.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/fetch.js +43 -43
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/helper.d.ts +84 -84
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/common/helper.js +327 -327
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/environment.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/environment.js +19 -19
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/global.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/global.js +2 -2
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/initialize-node.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/initialize-node.js +44 -44
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/initialize-web.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/initialize-web.js +26 -26
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/BrowserFetcher.d.ts +133 -133
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/BrowserFetcher.js +500 -500
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/BrowserRunner.d.ts +40 -39
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/BrowserRunner.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/BrowserRunner.js +256 -230
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/BrowserRunner.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/LaunchOptions.d.ts +134 -134
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/LaunchOptions.js +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/Launcher.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/Launcher.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/Launcher.js +655 -588
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/Launcher.js.map +1 -1
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/NodeWebSocketTransport.d.ts +26 -26
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/NodeWebSocketTransport.js +47 -47
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/PipeTransport.d.ts +29 -29
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/PipeTransport.js +64 -64
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/Puppeteer.d.ts +153 -153
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/Puppeteer.js +188 -188
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/install.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node/install.js +173 -173
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node-puppeteer-core.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node-puppeteer-core.js +24 -24
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/node.js +23 -23
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/revisions.d.ts +21 -21
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/revisions.js +22 -22
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/web.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/cjs/puppeteer/web.js +23 -23
- data/node_modules/puppeteer-core/lib/cjs/vendor/mitt/src/index.d.ts +27 -27
- data/node_modules/puppeteer-core/lib/cjs/vendor/mitt/src/index.js +56 -56
- data/node_modules/puppeteer-core/lib/esm/puppeteer/api-docs-entry.d.ts +110 -110
- data/node_modules/puppeteer-core/lib/esm/puppeteer/api-docs-entry.js +80 -80
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Accessibility.d.ts +175 -175
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Accessibility.js +356 -356
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/AriaQueryHandler.d.ts +20 -20
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/AriaQueryHandler.js +81 -81
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/AriaQueryHandler.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Browser.d.ts +455 -455
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Browser.js +535 -535
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/BrowserConnector.d.ts +53 -53
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/BrowserConnector.js +74 -74
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/BrowserWebSocketTransport.d.ts +25 -25
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/BrowserWebSocketTransport.js +30 -30
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Connection.d.ts +135 -135
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Connection.js +293 -293
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/ConnectionTransport.d.ts +24 -24
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/ConnectionTransport.js +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/ConsoleMessage.d.ts +72 -72
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/ConsoleMessage.js +60 -60
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Coverage.d.ts +204 -204
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Coverage.js +329 -329
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/DOMWorld.d.ts +175 -175
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/DOMWorld.js +657 -657
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Debug.d.ts +52 -52
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Debug.js +77 -77
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/DeviceDescriptors.d.ts +40 -40
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/DeviceDescriptors.js +1067 -1067
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Dialog.d.ts +74 -74
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Dialog.js +93 -93
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/EmulationManager.d.ts +24 -24
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/EmulationManager.js +33 -33
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Errors.d.ts +50 -50
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Errors.js +50 -50
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/EvalTypes.d.ts +60 -60
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/EvalTypes.js +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/EventEmitter.d.ts +92 -92
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/EventEmitter.js +109 -109
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Events.d.ts +81 -81
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Events.js +83 -83
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/ExecutionContext.d.ts +193 -193
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/ExecutionContext.js +317 -317
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/FileChooser.d.ts +58 -58
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/FileChooser.js +67 -67
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/FrameManager.d.ts +744 -744
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/FrameManager.js +1042 -1042
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/FrameManager.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPRequest.d.ts +350 -345
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPRequest.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPRequest.js +545 -545
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPRequest.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPResponse.d.ts +134 -125
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPResponse.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPResponse.js +180 -160
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/HTTPResponse.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Input.d.ts +358 -358
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Input.js +537 -537
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/JSHandle.d.ts +490 -490
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/JSHandle.js +802 -802
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/LifecycleWatcher.d.ts +65 -65
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/LifecycleWatcher.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/LifecycleWatcher.js +145 -144
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/LifecycleWatcher.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/NetworkConditions.d.ts +26 -26
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/NetworkConditions.js +30 -30
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/NetworkManager.d.ts +126 -97
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/NetworkManager.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/NetworkManager.js +463 -338
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/NetworkManager.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/PDFOptions.d.ts +161 -161
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/PDFOptions.js +31 -31
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Page.d.ts +2055 -2055
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Page.js +2529 -2529
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Product.d.ts +20 -20
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Product.js +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Puppeteer.d.ts +159 -159
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Puppeteer.js +157 -157
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/PuppeteerViewport.d.ts +51 -51
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/PuppeteerViewport.js +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/QueryHandler.d.ts +64 -64
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/QueryHandler.js +157 -157
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/SecurityDetails.d.ts +60 -60
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/SecurityDetails.js +72 -72
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Target.d.ts +100 -100
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Target.js +141 -141
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/TaskQueue.d.ts +20 -20
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/TaskQueue.js +25 -25
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/TimeoutSettings.d.ts +27 -27
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/TimeoutSettings.js +43 -43
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Tracing.d.ts +46 -46
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/Tracing.js +105 -105
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/USKeyboardLayout.d.ts +39 -39
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/USKeyboardLayout.js +403 -403
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/WebWorker.d.ts +98 -98
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/WebWorker.js +108 -108
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/assert.d.ts +22 -22
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/assert.js +28 -28
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/fetch.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/fetch.js +20 -20
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/helper.d.ts +84 -84
- data/node_modules/puppeteer-core/lib/esm/puppeteer/common/helper.js +305 -305
- data/node_modules/puppeteer-core/lib/esm/puppeteer/environment.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/environment.js +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/global.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/global.js +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/initialize-node.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/esm/puppeteer/initialize-node.js +37 -37
- data/node_modules/puppeteer-core/lib/esm/puppeteer/initialize-web.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/esm/puppeteer/initialize-web.js +22 -22
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/BrowserFetcher.d.ts +133 -133
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/BrowserFetcher.js +474 -474
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/BrowserRunner.d.ts +40 -39
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/BrowserRunner.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/BrowserRunner.js +230 -204
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/BrowserRunner.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/LaunchOptions.d.ts +134 -134
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/LaunchOptions.js +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/Launcher.d.ts +16 -16
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/Launcher.d.ts.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/Launcher.js +633 -566
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/Launcher.js.map +1 -1
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/NodeWebSocketTransport.d.ts +26 -26
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/NodeWebSocketTransport.js +40 -40
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/PipeTransport.d.ts +29 -29
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/PipeTransport.js +60 -60
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/Puppeteer.d.ts +153 -153
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/Puppeteer.js +181 -181
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/install.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node/install.js +165 -165
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node-puppeteer-core.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node-puppeteer-core.js +22 -22
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/esm/puppeteer/node.js +21 -21
- data/node_modules/puppeteer-core/lib/esm/puppeteer/revisions.d.ts +21 -21
- data/node_modules/puppeteer-core/lib/esm/puppeteer/revisions.js +19 -19
- data/node_modules/puppeteer-core/lib/esm/puppeteer/web.d.ts +17 -17
- data/node_modules/puppeteer-core/lib/esm/puppeteer/web.js +21 -21
- data/node_modules/puppeteer-core/lib/esm/vendor/mitt/src/index.d.ts +27 -27
- data/node_modules/puppeteer-core/lib/esm/vendor/mitt/src/index.js +53 -53
- data/node_modules/puppeteer-core/lib/types.d.ts +67 -25
- data/node_modules/puppeteer-core/package.json +115 -115
- data/node_modules/puppeteer-core/typescript-if-required.js +61 -61
- data/node_modules/readable-stream/CONTRIBUTING.md +38 -38
- data/node_modules/readable-stream/GOVERNANCE.md +136 -136
- data/node_modules/readable-stream/LICENSE +47 -47
- data/node_modules/readable-stream/README.md +106 -106
- data/node_modules/readable-stream/errors-browser.js +127 -127
- data/node_modules/readable-stream/errors.js +116 -116
- data/node_modules/readable-stream/experimentalWarning.js +17 -17
- data/node_modules/readable-stream/lib/_stream_duplex.js +138 -138
- data/node_modules/readable-stream/lib/_stream_passthrough.js +38 -38
- data/node_modules/readable-stream/lib/_stream_readable.js +1123 -1123
- data/node_modules/readable-stream/lib/_stream_transform.js +200 -200
- data/node_modules/readable-stream/lib/_stream_writable.js +696 -696
- data/node_modules/readable-stream/lib/internal/streams/async_iterator.js +206 -206
- data/node_modules/readable-stream/lib/internal/streams/buffer_list.js +209 -209
- data/node_modules/readable-stream/lib/internal/streams/destroy.js +104 -104
- data/node_modules/readable-stream/lib/internal/streams/end-of-stream.js +103 -103
- data/node_modules/readable-stream/lib/internal/streams/from-browser.js +3 -3
- data/node_modules/readable-stream/lib/internal/streams/from.js +63 -63
- data/node_modules/readable-stream/lib/internal/streams/pipeline.js +96 -96
- data/node_modules/readable-stream/lib/internal/streams/state.js +26 -26
- data/node_modules/readable-stream/lib/internal/streams/stream-browser.js +1 -1
- data/node_modules/readable-stream/lib/internal/streams/stream.js +1 -1
- data/node_modules/readable-stream/package.json +68 -68
- data/node_modules/readable-stream/readable-browser.js +9 -9
- data/node_modules/readable-stream/readable.js +16 -16
- data/node_modules/rimraf/CHANGELOG.md +65 -65
- data/node_modules/rimraf/LICENSE +15 -15
- data/node_modules/rimraf/README.md +101 -101
- data/node_modules/rimraf/bin.js +68 -68
- data/node_modules/rimraf/package.json +32 -32
- data/node_modules/rimraf/rimraf.js +360 -360
- data/node_modules/safe-buffer/LICENSE +21 -21
- data/node_modules/safe-buffer/README.md +584 -584
- data/node_modules/safe-buffer/index.d.ts +186 -186
- data/node_modules/safe-buffer/index.js +65 -65
- data/node_modules/safe-buffer/package.json +51 -51
- data/node_modules/string_decoder/LICENSE +48 -48
- data/node_modules/string_decoder/README.md +47 -47
- data/node_modules/string_decoder/lib/string_decoder.js +295 -295
- data/node_modules/string_decoder/package.json +34 -34
- data/node_modules/tar-fs/.travis.yml +6 -6
- data/node_modules/tar-fs/LICENSE +20 -20
- data/node_modules/tar-fs/README.md +165 -165
- data/node_modules/tar-fs/index.js +351 -351
- data/node_modules/tar-fs/package.json +41 -41
- data/node_modules/tar-fs/test/fixtures/a/hello.txt +1 -1
- data/node_modules/tar-fs/test/fixtures/b/a/test.txt +1 -1
- data/node_modules/tar-fs/test/index.js +346 -346
- data/node_modules/tar-stream/LICENSE +20 -20
- data/node_modules/tar-stream/README.md +168 -168
- data/node_modules/tar-stream/extract.js +257 -257
- data/node_modules/tar-stream/headers.js +295 -295
- data/node_modules/tar-stream/index.js +2 -2
- data/node_modules/tar-stream/pack.js +255 -255
- data/node_modules/tar-stream/package.json +58 -58
- data/node_modules/tar-stream/sandbox.js +11 -11
- data/node_modules/through/.travis.yml +5 -5
- data/node_modules/through/LICENSE.APACHE2 +15 -15
- data/node_modules/through/LICENSE.MIT +24 -24
- data/node_modules/through/index.js +108 -108
- data/node_modules/through/package.json +36 -36
- data/node_modules/through/readme.markdown +64 -64
- data/node_modules/through/test/async.js +28 -28
- data/node_modules/through/test/auto-destroy.js +30 -30
- data/node_modules/through/test/buffering.js +71 -71
- data/node_modules/through/test/end.js +45 -45
- data/node_modules/through/test/index.js +133 -133
- data/node_modules/tr46/.npmignore +4 -4
- data/node_modules/tr46/index.js +193 -193
- data/node_modules/tr46/package.json +31 -31
- data/node_modules/unbzip2-stream/LICENSE +24 -24
- data/node_modules/unbzip2-stream/README.md +59 -59
- data/node_modules/unbzip2-stream/dist/unbzip2-stream.min.js +1 -1
- data/node_modules/unbzip2-stream/index.js +93 -93
- data/node_modules/unbzip2-stream/lib/bit_iterator.js +39 -39
- data/node_modules/unbzip2-stream/lib/bzip2.js +365 -365
- data/node_modules/unbzip2-stream/package.json +51 -51
- data/node_modules/util-deprecate/History.md +16 -16
- data/node_modules/util-deprecate/LICENSE +24 -24
- data/node_modules/util-deprecate/README.md +53 -53
- data/node_modules/util-deprecate/browser.js +67 -67
- data/node_modules/util-deprecate/node.js +6 -6
- data/node_modules/util-deprecate/package.json +27 -27
- data/node_modules/webidl-conversions/LICENSE.md +12 -12
- data/node_modules/webidl-conversions/README.md +53 -53
- data/node_modules/webidl-conversions/lib/index.js +189 -189
- data/node_modules/webidl-conversions/package.json +23 -23
- data/node_modules/whatwg-url/LICENSE.txt +21 -21
- data/node_modules/whatwg-url/README.md +67 -67
- data/node_modules/whatwg-url/lib/URL-impl.js +200 -200
- data/node_modules/whatwg-url/lib/URL.js +196 -196
- data/node_modules/whatwg-url/lib/public-api.js +11 -11
- data/node_modules/whatwg-url/lib/utils.js +20 -20
- data/node_modules/whatwg-url/package.json +32 -32
- data/node_modules/wrappy/LICENSE +15 -15
- data/node_modules/wrappy/README.md +36 -36
- data/node_modules/wrappy/package.json +29 -29
- data/node_modules/wrappy/wrappy.js +33 -33
- data/node_modules/ws/LICENSE +19 -19
- data/node_modules/ws/README.md +493 -493
- data/node_modules/ws/browser.js +8 -8
- data/node_modules/ws/index.js +13 -13
- data/node_modules/ws/lib/buffer-util.js +126 -126
- data/node_modules/ws/lib/constants.js +12 -12
- data/node_modules/ws/lib/event-target.js +266 -266
- data/node_modules/ws/lib/extension.js +203 -203
- data/node_modules/ws/lib/limiter.js +55 -55
- data/node_modules/ws/lib/permessage-deflate.js +511 -511
- data/node_modules/ws/lib/receiver.js +612 -612
- data/node_modules/ws/lib/sender.js +422 -422
- data/node_modules/ws/lib/stream.js +180 -180
- data/node_modules/ws/lib/subprotocol.js +62 -62
- data/node_modules/ws/lib/validation.js +124 -124
- data/node_modules/ws/lib/websocket-server.js +485 -485
- data/node_modules/ws/lib/websocket.js +1149 -1149
- data/node_modules/ws/package.json +61 -61
- data/node_modules/ws/wrapper.mjs +8 -8
- data/node_modules/yauzl/LICENSE +21 -21
- data/node_modules/yauzl/README.md +658 -658
- data/node_modules/yauzl/index.js +796 -796
- data/node_modules/yauzl/package.json +40 -40
- data/package.json +1 -1
- metadata +23 -25
- data/node_modules/devtools-protocol/changelog.md +0 -10491
- data/node_modules/devtools-protocol/externs/protocol_externs.js +0 -9734
@@ -1,1019 +1,1019 @@
|
|
1
|
-
/**
|
2
|
-
* The `tls` module provides an implementation of the Transport Layer Security
|
3
|
-
* (TLS) and Secure Socket Layer (SSL) protocols that is built on top of OpenSSL.
|
4
|
-
* The module can be accessed using:
|
5
|
-
*
|
6
|
-
* ```js
|
7
|
-
* const tls = require('tls');
|
8
|
-
* ```
|
9
|
-
* @see [source](https://github.com/nodejs/node/blob/v16.7.0/lib/tls.js)
|
10
|
-
*/
|
11
|
-
declare module 'tls' {
|
12
|
-
import { X509Certificate } from 'node:crypto';
|
13
|
-
import * as net from 'node:net';
|
14
|
-
const CLIENT_RENEG_LIMIT: number;
|
15
|
-
const CLIENT_RENEG_WINDOW: number;
|
16
|
-
interface Certificate {
|
17
|
-
/**
|
18
|
-
* Country code.
|
19
|
-
*/
|
20
|
-
C: string;
|
21
|
-
/**
|
22
|
-
* Street.
|
23
|
-
*/
|
24
|
-
ST: string;
|
25
|
-
/**
|
26
|
-
* Locality.
|
27
|
-
*/
|
28
|
-
L: string;
|
29
|
-
/**
|
30
|
-
* Organization.
|
31
|
-
*/
|
32
|
-
O: string;
|
33
|
-
/**
|
34
|
-
* Organizational unit.
|
35
|
-
*/
|
36
|
-
OU: string;
|
37
|
-
/**
|
38
|
-
* Common name.
|
39
|
-
*/
|
40
|
-
CN: string;
|
41
|
-
}
|
42
|
-
interface PeerCertificate {
|
43
|
-
subject: Certificate;
|
44
|
-
issuer: Certificate;
|
45
|
-
subjectaltname: string;
|
46
|
-
infoAccess: NodeJS.Dict<string[]>;
|
47
|
-
modulus: string;
|
48
|
-
exponent: string;
|
49
|
-
valid_from: string;
|
50
|
-
valid_to: string;
|
51
|
-
fingerprint: string;
|
52
|
-
fingerprint256: string;
|
53
|
-
ext_key_usage: string[];
|
54
|
-
serialNumber: string;
|
55
|
-
raw: Buffer;
|
56
|
-
}
|
57
|
-
interface DetailedPeerCertificate extends PeerCertificate {
|
58
|
-
issuerCertificate: DetailedPeerCertificate;
|
59
|
-
}
|
60
|
-
interface CipherNameAndProtocol {
|
61
|
-
/**
|
62
|
-
* The cipher name.
|
63
|
-
*/
|
64
|
-
name: string;
|
65
|
-
/**
|
66
|
-
* SSL/TLS protocol version.
|
67
|
-
*/
|
68
|
-
version: string;
|
69
|
-
/**
|
70
|
-
* IETF name for the cipher suite.
|
71
|
-
*/
|
72
|
-
standardName: string;
|
73
|
-
}
|
74
|
-
interface EphemeralKeyInfo {
|
75
|
-
/**
|
76
|
-
* The supported types are 'DH' and 'ECDH'.
|
77
|
-
*/
|
78
|
-
type: string;
|
79
|
-
/**
|
80
|
-
* The name property is available only when type is 'ECDH'.
|
81
|
-
*/
|
82
|
-
name?: string | undefined;
|
83
|
-
/**
|
84
|
-
* The size of parameter of an ephemeral key exchange.
|
85
|
-
*/
|
86
|
-
size: number;
|
87
|
-
}
|
88
|
-
interface KeyObject {
|
89
|
-
/**
|
90
|
-
* Private keys in PEM format.
|
91
|
-
*/
|
92
|
-
pem: string | Buffer;
|
93
|
-
/**
|
94
|
-
* Optional passphrase.
|
95
|
-
*/
|
96
|
-
passphrase?: string | undefined;
|
97
|
-
}
|
98
|
-
interface PxfObject {
|
99
|
-
/**
|
100
|
-
* PFX or PKCS12 encoded private key and certificate chain.
|
101
|
-
*/
|
102
|
-
buf: string | Buffer;
|
103
|
-
/**
|
104
|
-
* Optional passphrase.
|
105
|
-
*/
|
106
|
-
passphrase?: string | undefined;
|
107
|
-
}
|
108
|
-
interface TLSSocketOptions extends SecureContextOptions, CommonConnectionOptions {
|
109
|
-
/**
|
110
|
-
* If true the TLS socket will be instantiated in server-mode.
|
111
|
-
* Defaults to false.
|
112
|
-
*/
|
113
|
-
isServer?: boolean | undefined;
|
114
|
-
/**
|
115
|
-
* An optional net.Server instance.
|
116
|
-
*/
|
117
|
-
server?: net.Server | undefined;
|
118
|
-
/**
|
119
|
-
* An optional Buffer instance containing a TLS session.
|
120
|
-
*/
|
121
|
-
session?: Buffer | undefined;
|
122
|
-
/**
|
123
|
-
* If true, specifies that the OCSP status request extension will be
|
124
|
-
* added to the client hello and an 'OCSPResponse' event will be
|
125
|
-
* emitted on the socket before establishing a secure communication
|
126
|
-
*/
|
127
|
-
requestOCSP?: boolean | undefined;
|
128
|
-
}
|
129
|
-
/**
|
130
|
-
* Performs transparent encryption of written data and all required TLS
|
131
|
-
* negotiation.
|
132
|
-
*
|
133
|
-
* Instances of `tls.TLSSocket` implement the duplex `Stream` interface.
|
134
|
-
*
|
135
|
-
* Methods that return TLS connection metadata (e.g.{@link TLSSocket.getPeerCertificate} will only return data while the
|
136
|
-
* connection is open.
|
137
|
-
* @since v0.11.4
|
138
|
-
*/
|
139
|
-
class TLSSocket extends net.Socket {
|
140
|
-
/**
|
141
|
-
* Construct a new tls.TLSSocket object from an existing TCP socket.
|
142
|
-
*/
|
143
|
-
constructor(socket: net.Socket, options?: TLSSocketOptions);
|
144
|
-
/**
|
145
|
-
* Returns `true` if the peer certificate was signed by one of the CAs specified
|
146
|
-
* when creating the `tls.TLSSocket` instance, otherwise `false`.
|
147
|
-
* @since v0.11.4
|
148
|
-
*/
|
149
|
-
authorized: boolean;
|
150
|
-
/**
|
151
|
-
* Returns the reason why the peer's certificate was not been verified. This
|
152
|
-
* property is set only when `tlsSocket.authorized === false`.
|
153
|
-
* @since v0.11.4
|
154
|
-
*/
|
155
|
-
authorizationError: Error;
|
156
|
-
/**
|
157
|
-
* Always returns `true`. This may be used to distinguish TLS sockets from regular`net.Socket` instances.
|
158
|
-
* @since v0.11.4
|
159
|
-
*/
|
160
|
-
encrypted: boolean;
|
161
|
-
/**
|
162
|
-
* String containing the selected ALPN protocol.
|
163
|
-
* Before a handshake has completed, this value is always null.
|
164
|
-
* When a handshake is completed but not ALPN protocol was selected, tlsSocket.alpnProtocol equals false.
|
165
|
-
*/
|
166
|
-
alpnProtocol: string | false | null;
|
167
|
-
/**
|
168
|
-
* Returns an object representing the local certificate. The returned object has
|
169
|
-
* some properties corresponding to the fields of the certificate.
|
170
|
-
*
|
171
|
-
* See {@link TLSSocket.getPeerCertificate} for an example of the certificate
|
172
|
-
* structure.
|
173
|
-
*
|
174
|
-
* If there is no local certificate, an empty object will be returned. If the
|
175
|
-
* socket has been destroyed, `null` will be returned.
|
176
|
-
* @since v11.2.0
|
177
|
-
*/
|
178
|
-
getCertificate(): PeerCertificate | object | null;
|
179
|
-
/**
|
180
|
-
* Returns an object containing information on the negotiated cipher suite.
|
181
|
-
*
|
182
|
-
* For example:
|
183
|
-
*
|
184
|
-
* ```json
|
185
|
-
* {
|
186
|
-
* "name": "AES128-SHA256",
|
187
|
-
* "standardName": "TLS_RSA_WITH_AES_128_CBC_SHA256",
|
188
|
-
* "version": "TLSv1.2"
|
189
|
-
* }
|
190
|
-
* ```
|
191
|
-
*
|
192
|
-
* See[SSL\_CIPHER\_get\_name](https://www.openssl.org/docs/man1.1.1/man3/SSL_CIPHER_get_name.html)for more information.
|
193
|
-
* @since v0.11.4
|
194
|
-
*/
|
195
|
-
getCipher(): CipherNameAndProtocol;
|
196
|
-
/**
|
197
|
-
* Returns an object representing the type, name, and size of parameter of
|
198
|
-
* an ephemeral key exchange in `perfect forward secrecy` on a client
|
199
|
-
* connection. It returns an empty object when the key exchange is not
|
200
|
-
* ephemeral. As this is only supported on a client socket; `null` is returned
|
201
|
-
* if called on a server socket. The supported types are `'DH'` and `'ECDH'`. The`name` property is available only when type is `'ECDH'`.
|
202
|
-
*
|
203
|
-
* For example: `{ type: 'ECDH', name: 'prime256v1', size: 256 }`.
|
204
|
-
* @since v5.0.0
|
205
|
-
*/
|
206
|
-
getEphemeralKeyInfo(): EphemeralKeyInfo | object | null;
|
207
|
-
/**
|
208
|
-
* As the `Finished` messages are message digests of the complete handshake
|
209
|
-
* (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
|
210
|
-
* be used for external authentication procedures when the authentication
|
211
|
-
* provided by SSL/TLS is not desired or is not enough.
|
212
|
-
*
|
213
|
-
* Corresponds to the `SSL_get_finished` routine in OpenSSL and may be used
|
214
|
-
* to implement the `tls-unique` channel binding from [RFC 5929](https://tools.ietf.org/html/rfc5929).
|
215
|
-
* @since v9.9.0
|
216
|
-
* @return The latest `Finished` message that has been sent to the socket as part of a SSL/TLS handshake, or `undefined` if no `Finished` message has been sent yet.
|
217
|
-
*/
|
218
|
-
getFinished(): Buffer | undefined;
|
219
|
-
/**
|
220
|
-
* Returns an object representing the peer's certificate. If the peer does not
|
221
|
-
* provide a certificate, an empty object will be returned. If the socket has been
|
222
|
-
* destroyed, `null` will be returned.
|
223
|
-
*
|
224
|
-
* If the full certificate chain was requested, each certificate will include an`issuerCertificate` property containing an object representing its issuer's
|
225
|
-
* certificate.
|
226
|
-
* @since v0.11.4
|
227
|
-
* @param detailed Include the full certificate chain if `true`, otherwise include just the peer's certificate.
|
228
|
-
* @return A certificate object.
|
229
|
-
*/
|
230
|
-
getPeerCertificate(detailed: true): DetailedPeerCertificate;
|
231
|
-
getPeerCertificate(detailed?: false): PeerCertificate;
|
232
|
-
getPeerCertificate(detailed?: boolean): PeerCertificate | DetailedPeerCertificate;
|
233
|
-
/**
|
234
|
-
* As the `Finished` messages are message digests of the complete handshake
|
235
|
-
* (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
|
236
|
-
* be used for external authentication procedures when the authentication
|
237
|
-
* provided by SSL/TLS is not desired or is not enough.
|
238
|
-
*
|
239
|
-
* Corresponds to the `SSL_get_peer_finished` routine in OpenSSL and may be used
|
240
|
-
* to implement the `tls-unique` channel binding from [RFC 5929](https://tools.ietf.org/html/rfc5929).
|
241
|
-
* @since v9.9.0
|
242
|
-
* @return The latest `Finished` message that is expected or has actually been received from the socket as part of a SSL/TLS handshake, or `undefined` if there is no `Finished` message so
|
243
|
-
* far.
|
244
|
-
*/
|
245
|
-
getPeerFinished(): Buffer | undefined;
|
246
|
-
/**
|
247
|
-
* Returns a string containing the negotiated SSL/TLS protocol version of the
|
248
|
-
* current connection. The value `'unknown'` will be returned for connected
|
249
|
-
* sockets that have not completed the handshaking process. The value `null` will
|
250
|
-
* be returned for server sockets or disconnected client sockets.
|
251
|
-
*
|
252
|
-
* Protocol versions are:
|
253
|
-
*
|
254
|
-
* * `'SSLv3'`
|
255
|
-
* * `'TLSv1'`
|
256
|
-
* * `'TLSv1.1'`
|
257
|
-
* * `'TLSv1.2'`
|
258
|
-
* * `'TLSv1.3'`
|
259
|
-
*
|
260
|
-
* See the OpenSSL [`SSL_get_version`](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_version.html) documentation for more information.
|
261
|
-
* @since v5.7.0
|
262
|
-
*/
|
263
|
-
getProtocol(): string | null;
|
264
|
-
/**
|
265
|
-
* Returns the TLS session data or `undefined` if no session was
|
266
|
-
* negotiated. On the client, the data can be provided to the `session` option of {@link connect} to resume the connection. On the server, it may be useful
|
267
|
-
* for debugging.
|
268
|
-
*
|
269
|
-
* See `Session Resumption` for more information.
|
270
|
-
*
|
271
|
-
* Note: `getSession()` works only for TLSv1.2 and below. For TLSv1.3, applications
|
272
|
-
* must use the `'session'` event (it also works for TLSv1.2 and below).
|
273
|
-
* @since v0.11.4
|
274
|
-
*/
|
275
|
-
getSession(): Buffer | undefined;
|
276
|
-
/**
|
277
|
-
* See[SSL\_get\_shared\_sigalgs](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_shared_sigalgs.html)for more information.
|
278
|
-
* @since v12.11.0
|
279
|
-
* @return List of signature algorithms shared between the server and the client in the order of decreasing preference.
|
280
|
-
*/
|
281
|
-
getSharedSigalgs(): string[];
|
282
|
-
/**
|
283
|
-
* For a client, returns the TLS session ticket if one is available, or`undefined`. For a server, always returns `undefined`.
|
284
|
-
*
|
285
|
-
* It may be useful for debugging.
|
286
|
-
*
|
287
|
-
* See `Session Resumption` for more information.
|
288
|
-
* @since v0.11.4
|
289
|
-
*/
|
290
|
-
getTLSTicket(): Buffer | undefined;
|
291
|
-
/**
|
292
|
-
* See `Session Resumption` for more information.
|
293
|
-
* @since v0.5.6
|
294
|
-
* @return `true` if the session was reused, `false` otherwise.
|
295
|
-
*/
|
296
|
-
isSessionReused(): boolean;
|
297
|
-
/**
|
298
|
-
* The `tlsSocket.renegotiate()` method initiates a TLS renegotiation process.
|
299
|
-
* Upon completion, the `callback` function will be passed a single argument
|
300
|
-
* that is either an `Error` (if the request failed) or `null`.
|
301
|
-
*
|
302
|
-
* This method can be used to request a peer's certificate after the secure
|
303
|
-
* connection has been established.
|
304
|
-
*
|
305
|
-
* When running as the server, the socket will be destroyed with an error after`handshakeTimeout` timeout.
|
306
|
-
*
|
307
|
-
* For TLSv1.3, renegotiation cannot be initiated, it is not supported by the
|
308
|
-
* protocol.
|
309
|
-
* @since v0.11.8
|
310
|
-
* @param callback If `renegotiate()` returned `true`, callback is attached once to the `'secure'` event. If `renegotiate()` returned `false`, `callback` will be called in the next tick with
|
311
|
-
* an error, unless the `tlsSocket` has been destroyed, in which case `callback` will not be called at all.
|
312
|
-
* @return `true` if renegotiation was initiated, `false` otherwise.
|
313
|
-
*/
|
314
|
-
renegotiate(
|
315
|
-
options: {
|
316
|
-
rejectUnauthorized?: boolean | undefined;
|
317
|
-
requestCert?: boolean | undefined;
|
318
|
-
},
|
319
|
-
callback: (err: Error | null) => void
|
320
|
-
): undefined | boolean;
|
321
|
-
/**
|
322
|
-
* The `tlsSocket.setMaxSendFragment()` method sets the maximum TLS fragment size.
|
323
|
-
* Returns `true` if setting the limit succeeded; `false` otherwise.
|
324
|
-
*
|
325
|
-
* Smaller fragment sizes decrease the buffering latency on the client: larger
|
326
|
-
* fragments are buffered by the TLS layer until the entire fragment is received
|
327
|
-
* and its integrity is verified; large fragments can span multiple roundtrips
|
328
|
-
* and their processing can be delayed due to packet loss or reordering. However,
|
329
|
-
* smaller fragments add extra TLS framing bytes and CPU overhead, which may
|
330
|
-
* decrease overall server throughput.
|
331
|
-
* @since v0.11.11
|
332
|
-
* @param [size=16384] The maximum TLS fragment size. The maximum value is `16384`.
|
333
|
-
*/
|
334
|
-
setMaxSendFragment(size: number): boolean;
|
335
|
-
/**
|
336
|
-
* Disables TLS renegotiation for this `TLSSocket` instance. Once called, attempts
|
337
|
-
* to renegotiate will trigger an `'error'` event on the `TLSSocket`.
|
338
|
-
* @since v8.4.0
|
339
|
-
*/
|
340
|
-
disableRenegotiation(): void;
|
341
|
-
/**
|
342
|
-
* When enabled, TLS packet trace information is written to `stderr`. This can be
|
343
|
-
* used to debug TLS connection problems.
|
344
|
-
*
|
345
|
-
* Note: The format of the output is identical to the output of `openssl s_client -trace` or `openssl s_server -trace`. While it is produced by OpenSSL's`SSL_trace()` function, the format is
|
346
|
-
* undocumented, can change without notice,
|
347
|
-
* and should not be relied on.
|
348
|
-
* @since v12.2.0
|
349
|
-
*/
|
350
|
-
enableTrace(): void;
|
351
|
-
/**
|
352
|
-
* Returns the peer certificate as an `X509Certificate` object.
|
353
|
-
*
|
354
|
-
* If there is no peer certificate, or the socket has been destroyed,`undefined` will be returned.
|
355
|
-
* @since v15.9.0
|
356
|
-
*/
|
357
|
-
getPeerX509Certificate(): X509Certificate | undefined;
|
358
|
-
/**
|
359
|
-
* Returns the local certificate as an `X509Certificate` object.
|
360
|
-
*
|
361
|
-
* If there is no local certificate, or the socket has been destroyed,`undefined` will be returned.
|
362
|
-
* @since v15.9.0
|
363
|
-
*/
|
364
|
-
getX509Certificate(): X509Certificate | undefined;
|
365
|
-
/**
|
366
|
-
* Keying material is used for validations to prevent different kind of attacks in
|
367
|
-
* network protocols, for example in the specifications of IEEE 802.1X.
|
368
|
-
*
|
369
|
-
* Example
|
370
|
-
*
|
371
|
-
* ```js
|
372
|
-
* const keyingMaterial = tlsSocket.exportKeyingMaterial(
|
373
|
-
* 128,
|
374
|
-
* 'client finished');
|
375
|
-
*
|
376
|
-
*
|
377
|
-
* Example return value of keyingMaterial:
|
378
|
-
* <Buffer 76 26 af 99 c5 56 8e 42 09 91 ef 9f 93 cb ad 6c 7b 65 f8 53 f1 d8 d9
|
379
|
-
* 12 5a 33 b8 b5 25 df 7b 37 9f e0 e2 4f b8 67 83 a3 2f cd 5d 41 42 4c 91
|
380
|
-
* 74 ef 2c ... 78 more bytes>
|
381
|
-
*
|
382
|
-
* ```
|
383
|
-
*
|
384
|
-
* See the OpenSSL [`SSL_export_keying_material`](https://www.openssl.org/docs/man1.1.1/man3/SSL_export_keying_material.html) documentation for more
|
385
|
-
* information.
|
386
|
-
* @since v13.10.0, v12.17.0
|
387
|
-
* @param length number of bytes to retrieve from keying material
|
388
|
-
* @param label an application specific label, typically this will be a value from the [IANA Exporter Label
|
389
|
-
* Registry](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels).
|
390
|
-
* @param context Optionally provide a context.
|
391
|
-
* @return requested bytes of the keying material
|
392
|
-
*/
|
393
|
-
exportKeyingMaterial(length: number, label: string, context: Buffer): Buffer;
|
394
|
-
addListener(event: string, listener: (...args: any[]) => void): this;
|
395
|
-
addListener(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
396
|
-
addListener(event: 'secureConnect', listener: () => void): this;
|
397
|
-
addListener(event: 'session', listener: (session: Buffer) => void): this;
|
398
|
-
addListener(event: 'keylog', listener: (line: Buffer) => void): this;
|
399
|
-
emit(event: string | symbol, ...args: any[]): boolean;
|
400
|
-
emit(event: 'OCSPResponse', response: Buffer): boolean;
|
401
|
-
emit(event: 'secureConnect'): boolean;
|
402
|
-
emit(event: 'session', session: Buffer): boolean;
|
403
|
-
emit(event: 'keylog', line: Buffer): boolean;
|
404
|
-
on(event: string, listener: (...args: any[]) => void): this;
|
405
|
-
on(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
406
|
-
on(event: 'secureConnect', listener: () => void): this;
|
407
|
-
on(event: 'session', listener: (session: Buffer) => void): this;
|
408
|
-
on(event: 'keylog', listener: (line: Buffer) => void): this;
|
409
|
-
once(event: string, listener: (...args: any[]) => void): this;
|
410
|
-
once(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
411
|
-
once(event: 'secureConnect', listener: () => void): this;
|
412
|
-
once(event: 'session', listener: (session: Buffer) => void): this;
|
413
|
-
once(event: 'keylog', listener: (line: Buffer) => void): this;
|
414
|
-
prependListener(event: string, listener: (...args: any[]) => void): this;
|
415
|
-
prependListener(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
416
|
-
prependListener(event: 'secureConnect', listener: () => void): this;
|
417
|
-
prependListener(event: 'session', listener: (session: Buffer) => void): this;
|
418
|
-
prependListener(event: 'keylog', listener: (line: Buffer) => void): this;
|
419
|
-
prependOnceListener(event: string, listener: (...args: any[]) => void): this;
|
420
|
-
prependOnceListener(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
421
|
-
prependOnceListener(event: 'secureConnect', listener: () => void): this;
|
422
|
-
prependOnceListener(event: 'session', listener: (session: Buffer) => void): this;
|
423
|
-
prependOnceListener(event: 'keylog', listener: (line: Buffer) => void): this;
|
424
|
-
}
|
425
|
-
interface CommonConnectionOptions {
|
426
|
-
/**
|
427
|
-
* An optional TLS context object from tls.createSecureContext()
|
428
|
-
*/
|
429
|
-
secureContext?: SecureContext | undefined;
|
430
|
-
/**
|
431
|
-
* When enabled, TLS packet trace information is written to `stderr`. This can be
|
432
|
-
* used to debug TLS connection problems.
|
433
|
-
* @default false
|
434
|
-
*/
|
435
|
-
enableTrace?: boolean | undefined;
|
436
|
-
/**
|
437
|
-
* If true the server will request a certificate from clients that
|
438
|
-
* connect and attempt to verify that certificate. Defaults to
|
439
|
-
* false.
|
440
|
-
*/
|
441
|
-
requestCert?: boolean | undefined;
|
442
|
-
/**
|
443
|
-
* An array of strings or a Buffer naming possible ALPN protocols.
|
444
|
-
* (Protocols should be ordered by their priority.)
|
445
|
-
*/
|
446
|
-
ALPNProtocols?: string[] | Uint8Array[] | Uint8Array | undefined;
|
447
|
-
/**
|
448
|
-
* SNICallback(servername, cb) <Function> A function that will be
|
449
|
-
* called if the client supports SNI TLS extension. Two arguments
|
450
|
-
* will be passed when called: servername and cb. SNICallback should
|
451
|
-
* invoke cb(null, ctx), where ctx is a SecureContext instance.
|
452
|
-
* (tls.createSecureContext(...) can be used to get a proper
|
453
|
-
* SecureContext.) If SNICallback wasn't provided the default callback
|
454
|
-
* with high-level API will be used (see below).
|
455
|
-
*/
|
456
|
-
SNICallback?: ((servername: string, cb: (err: Error | null, ctx?: SecureContext) => void) => void) | undefined;
|
457
|
-
/**
|
458
|
-
* If true the server will reject any connection which is not
|
459
|
-
* authorized with the list of supplied CAs. This option only has an
|
460
|
-
* effect if requestCert is true.
|
461
|
-
* @default true
|
462
|
-
*/
|
463
|
-
rejectUnauthorized?: boolean | undefined;
|
464
|
-
}
|
465
|
-
interface TlsOptions extends SecureContextOptions, CommonConnectionOptions, net.ServerOpts {
|
466
|
-
/**
|
467
|
-
* Abort the connection if the SSL/TLS handshake does not finish in the
|
468
|
-
* specified number of milliseconds. A 'tlsClientError' is emitted on
|
469
|
-
* the tls.Server object whenever a handshake times out. Default:
|
470
|
-
* 120000 (120 seconds).
|
471
|
-
*/
|
472
|
-
handshakeTimeout?: number | undefined;
|
473
|
-
/**
|
474
|
-
* The number of seconds after which a TLS session created by the
|
475
|
-
* server will no longer be resumable. See Session Resumption for more
|
476
|
-
* information. Default: 300.
|
477
|
-
*/
|
478
|
-
sessionTimeout?: number | undefined;
|
479
|
-
/**
|
480
|
-
* 48-bytes of cryptographically strong pseudo-random data.
|
481
|
-
*/
|
482
|
-
ticketKeys?: Buffer | undefined;
|
483
|
-
/**
|
484
|
-
*
|
485
|
-
* @param socket
|
486
|
-
* @param identity identity parameter sent from the client.
|
487
|
-
* @return pre-shared key that must either be
|
488
|
-
* a buffer or `null` to stop the negotiation process. Returned PSK must be
|
489
|
-
* compatible with the selected cipher's digest.
|
490
|
-
*
|
491
|
-
* When negotiating TLS-PSK (pre-shared keys), this function is called
|
492
|
-
* with the identity provided by the client.
|
493
|
-
* If the return value is `null` the negotiation process will stop and an
|
494
|
-
* "unknown_psk_identity" alert message will be sent to the other party.
|
495
|
-
* If the server wishes to hide the fact that the PSK identity was not known,
|
496
|
-
* the callback must provide some random data as `psk` to make the connection
|
497
|
-
* fail with "decrypt_error" before negotiation is finished.
|
498
|
-
* PSK ciphers are disabled by default, and using TLS-PSK thus
|
499
|
-
* requires explicitly specifying a cipher suite with the `ciphers` option.
|
500
|
-
* More information can be found in the RFC 4279.
|
501
|
-
*/
|
502
|
-
pskCallback?(socket: TLSSocket, identity: string): DataView | NodeJS.TypedArray | null;
|
503
|
-
/**
|
504
|
-
* hint to send to a client to help
|
505
|
-
* with selecting the identity during TLS-PSK negotiation. Will be ignored
|
506
|
-
* in TLS 1.3. Upon failing to set pskIdentityHint `tlsClientError` will be
|
507
|
-
* emitted with `ERR_TLS_PSK_SET_IDENTIY_HINT_FAILED` code.
|
508
|
-
*/
|
509
|
-
pskIdentityHint?: string | undefined;
|
510
|
-
}
|
511
|
-
interface PSKCallbackNegotation {
|
512
|
-
psk: DataView | NodeJS.TypedArray;
|
513
|
-
identity: string;
|
514
|
-
}
|
515
|
-
interface ConnectionOptions extends SecureContextOptions, CommonConnectionOptions {
|
516
|
-
host?: string | undefined;
|
517
|
-
port?: number | undefined;
|
518
|
-
path?: string | undefined; // Creates unix socket connection to path. If this option is specified, `host` and `port` are ignored.
|
519
|
-
socket?: net.Socket | undefined; // Establish secure connection on a given socket rather than creating a new socket
|
520
|
-
checkServerIdentity?: typeof checkServerIdentity | undefined;
|
521
|
-
servername?: string | undefined; // SNI TLS Extension
|
522
|
-
session?: Buffer | undefined;
|
523
|
-
minDHSize?: number | undefined;
|
524
|
-
lookup?: net.LookupFunction | undefined;
|
525
|
-
timeout?: number | undefined;
|
526
|
-
/**
|
527
|
-
* When negotiating TLS-PSK (pre-shared keys), this function is called
|
528
|
-
* with optional identity `hint` provided by the server or `null`
|
529
|
-
* in case of TLS 1.3 where `hint` was removed.
|
530
|
-
* It will be necessary to provide a custom `tls.checkServerIdentity()`
|
531
|
-
* for the connection as the default one will try to check hostname/IP
|
532
|
-
* of the server against the certificate but that's not applicable for PSK
|
533
|
-
* because there won't be a certificate present.
|
534
|
-
* More information can be found in the RFC 4279.
|
535
|
-
*
|
536
|
-
* @param hint message sent from the server to help client
|
537
|
-
* decide which identity to use during negotiation.
|
538
|
-
* Always `null` if TLS 1.3 is used.
|
539
|
-
* @returns Return `null` to stop the negotiation process. `psk` must be
|
540
|
-
* compatible with the selected cipher's digest.
|
541
|
-
* `identity` must use UTF-8 encoding.
|
542
|
-
*/
|
543
|
-
pskCallback?(hint: string | null): PSKCallbackNegotation | null;
|
544
|
-
}
|
545
|
-
/**
|
546
|
-
* Accepts encrypted connections using TLS or SSL.
|
547
|
-
* @since v0.3.2
|
548
|
-
*/
|
549
|
-
class Server extends net.Server {
|
550
|
-
constructor(secureConnectionListener?: (socket: TLSSocket) => void);
|
551
|
-
constructor(options: TlsOptions, secureConnectionListener?: (socket: TLSSocket) => void);
|
552
|
-
/**
|
553
|
-
* The `server.addContext()` method adds a secure context that will be used if
|
554
|
-
* the client request's SNI name matches the supplied `hostname` (or wildcard).
|
555
|
-
*
|
556
|
-
* When there are multiple matching contexts, the most recently added one is
|
557
|
-
* used.
|
558
|
-
* @since v0.5.3
|
559
|
-
* @param hostname A SNI host name or wildcard (e.g. `'*'`)
|
560
|
-
* @param context An object containing any of the possible properties from the {@link createSecureContext} `options` arguments (e.g. `key`, `cert`, `ca`, etc).
|
561
|
-
*/
|
562
|
-
addContext(hostname: string, context: SecureContextOptions): void;
|
563
|
-
/**
|
564
|
-
* Returns the session ticket keys.
|
565
|
-
*
|
566
|
-
* See `Session Resumption` for more information.
|
567
|
-
* @since v3.0.0
|
568
|
-
* @return A 48-byte buffer containing the session ticket keys.
|
569
|
-
*/
|
570
|
-
getTicketKeys(): Buffer;
|
571
|
-
/**
|
572
|
-
* The `server.setSecureContext()` method replaces the secure context of an
|
573
|
-
* existing server. Existing connections to the server are not interrupted.
|
574
|
-
* @since v11.0.0
|
575
|
-
* @param options An object containing any of the possible properties from the {@link createSecureContext} `options` arguments (e.g. `key`, `cert`, `ca`, etc).
|
576
|
-
*/
|
577
|
-
setSecureContext(options: SecureContextOptions): void;
|
578
|
-
/**
|
579
|
-
* Sets the session ticket keys.
|
580
|
-
*
|
581
|
-
* Changes to the ticket keys are effective only for future server connections.
|
582
|
-
* Existing or currently pending server connections will use the previous keys.
|
583
|
-
*
|
584
|
-
* See `Session Resumption` for more information.
|
585
|
-
* @since v3.0.0
|
586
|
-
* @param keys A 48-byte buffer containing the session ticket keys.
|
587
|
-
*/
|
588
|
-
setTicketKeys(keys: Buffer): void;
|
589
|
-
/**
|
590
|
-
* events.EventEmitter
|
591
|
-
* 1. tlsClientError
|
592
|
-
* 2. newSession
|
593
|
-
* 3. OCSPRequest
|
594
|
-
* 4. resumeSession
|
595
|
-
* 5. secureConnection
|
596
|
-
* 6. keylog
|
597
|
-
*/
|
598
|
-
addListener(event: string, listener: (...args: any[]) => void): this;
|
599
|
-
addListener(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
600
|
-
addListener(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
601
|
-
addListener(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
602
|
-
addListener(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
603
|
-
addListener(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
604
|
-
addListener(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
605
|
-
emit(event: string | symbol, ...args: any[]): boolean;
|
606
|
-
emit(event: 'tlsClientError', err: Error, tlsSocket: TLSSocket): boolean;
|
607
|
-
emit(event: 'newSession', sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void): boolean;
|
608
|
-
emit(event: 'OCSPRequest', certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void): boolean;
|
609
|
-
emit(event: 'resumeSession', sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void): boolean;
|
610
|
-
emit(event: 'secureConnection', tlsSocket: TLSSocket): boolean;
|
611
|
-
emit(event: 'keylog', line: Buffer, tlsSocket: TLSSocket): boolean;
|
612
|
-
on(event: string, listener: (...args: any[]) => void): this;
|
613
|
-
on(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
614
|
-
on(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
615
|
-
on(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
616
|
-
on(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
617
|
-
on(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
618
|
-
on(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
619
|
-
once(event: string, listener: (...args: any[]) => void): this;
|
620
|
-
once(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
621
|
-
once(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
622
|
-
once(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
623
|
-
once(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
624
|
-
once(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
625
|
-
once(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
626
|
-
prependListener(event: string, listener: (...args: any[]) => void): this;
|
627
|
-
prependListener(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
628
|
-
prependListener(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
629
|
-
prependListener(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
630
|
-
prependListener(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
631
|
-
prependListener(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
632
|
-
prependListener(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
633
|
-
prependOnceListener(event: string, listener: (...args: any[]) => void): this;
|
634
|
-
prependOnceListener(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
635
|
-
prependOnceListener(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
636
|
-
prependOnceListener(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
637
|
-
prependOnceListener(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
638
|
-
prependOnceListener(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
639
|
-
prependOnceListener(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
640
|
-
}
|
641
|
-
/**
|
642
|
-
* @deprecated since v0.11.3 Use `tls.TLSSocket` instead.
|
643
|
-
*/
|
644
|
-
interface SecurePair {
|
645
|
-
encrypted: TLSSocket;
|
646
|
-
cleartext: TLSSocket;
|
647
|
-
}
|
648
|
-
type SecureVersion = 'TLSv1.3' | 'TLSv1.2' | 'TLSv1.1' | 'TLSv1';
|
649
|
-
interface SecureContextOptions {
|
650
|
-
/**
|
651
|
-
* Optionally override the trusted CA certificates. Default is to trust
|
652
|
-
* the well-known CAs curated by Mozilla. Mozilla's CAs are completely
|
653
|
-
* replaced when CAs are explicitly specified using this option.
|
654
|
-
*/
|
655
|
-
ca?: string | Buffer | Array<string | Buffer> | undefined;
|
656
|
-
/**
|
657
|
-
* Cert chains in PEM format. One cert chain should be provided per
|
658
|
-
* private key. Each cert chain should consist of the PEM formatted
|
659
|
-
* certificate for a provided private key, followed by the PEM
|
660
|
-
* formatted intermediate certificates (if any), in order, and not
|
661
|
-
* including the root CA (the root CA must be pre-known to the peer,
|
662
|
-
* see ca). When providing multiple cert chains, they do not have to
|
663
|
-
* be in the same order as their private keys in key. If the
|
664
|
-
* intermediate certificates are not provided, the peer will not be
|
665
|
-
* able to validate the certificate, and the handshake will fail.
|
666
|
-
*/
|
667
|
-
cert?: string | Buffer | Array<string | Buffer> | undefined;
|
668
|
-
/**
|
669
|
-
* Colon-separated list of supported signature algorithms. The list
|
670
|
-
* can contain digest algorithms (SHA256, MD5 etc.), public key
|
671
|
-
* algorithms (RSA-PSS, ECDSA etc.), combination of both (e.g
|
672
|
-
* 'RSA+SHA384') or TLS v1.3 scheme names (e.g. rsa_pss_pss_sha512).
|
673
|
-
*/
|
674
|
-
sigalgs?: string | undefined;
|
675
|
-
/**
|
676
|
-
* Cipher suite specification, replacing the default. For more
|
677
|
-
* information, see modifying the default cipher suite. Permitted
|
678
|
-
* ciphers can be obtained via tls.getCiphers(). Cipher names must be
|
679
|
-
* uppercased in order for OpenSSL to accept them.
|
680
|
-
*/
|
681
|
-
ciphers?: string | undefined;
|
682
|
-
/**
|
683
|
-
* Name of an OpenSSL engine which can provide the client certificate.
|
684
|
-
*/
|
685
|
-
clientCertEngine?: string | undefined;
|
686
|
-
/**
|
687
|
-
* PEM formatted CRLs (Certificate Revocation Lists).
|
688
|
-
*/
|
689
|
-
crl?: string | Buffer | Array<string | Buffer> | undefined;
|
690
|
-
/**
|
691
|
-
* Diffie Hellman parameters, required for Perfect Forward Secrecy. Use
|
692
|
-
* openssl dhparam to create the parameters. The key length must be
|
693
|
-
* greater than or equal to 1024 bits or else an error will be thrown.
|
694
|
-
* Although 1024 bits is permissible, use 2048 bits or larger for
|
695
|
-
* stronger security. If omitted or invalid, the parameters are
|
696
|
-
* silently discarded and DHE ciphers will not be available.
|
697
|
-
*/
|
698
|
-
dhparam?: string | Buffer | undefined;
|
699
|
-
/**
|
700
|
-
* A string describing a named curve or a colon separated list of curve
|
701
|
-
* NIDs or names, for example P-521:P-384:P-256, to use for ECDH key
|
702
|
-
* agreement. Set to auto to select the curve automatically. Use
|
703
|
-
* crypto.getCurves() to obtain a list of available curve names. On
|
704
|
-
* recent releases, openssl ecparam -list_curves will also display the
|
705
|
-
* name and description of each available elliptic curve. Default:
|
706
|
-
* tls.DEFAULT_ECDH_CURVE.
|
707
|
-
*/
|
708
|
-
ecdhCurve?: string | undefined;
|
709
|
-
/**
|
710
|
-
* Attempt to use the server's cipher suite preferences instead of the
|
711
|
-
* client's. When true, causes SSL_OP_CIPHER_SERVER_PREFERENCE to be
|
712
|
-
* set in secureOptions
|
713
|
-
*/
|
714
|
-
honorCipherOrder?: boolean | undefined;
|
715
|
-
/**
|
716
|
-
* Private keys in PEM format. PEM allows the option of private keys
|
717
|
-
* being encrypted. Encrypted keys will be decrypted with
|
718
|
-
* options.passphrase. Multiple keys using different algorithms can be
|
719
|
-
* provided either as an array of unencrypted key strings or buffers,
|
720
|
-
* or an array of objects in the form {pem: <string|buffer>[,
|
721
|
-
* passphrase: <string>]}. The object form can only occur in an array.
|
722
|
-
* object.passphrase is optional. Encrypted keys will be decrypted with
|
723
|
-
* object.passphrase if provided, or options.passphrase if it is not.
|
724
|
-
*/
|
725
|
-
key?: string | Buffer | Array<Buffer | KeyObject> | undefined;
|
726
|
-
/**
|
727
|
-
* Name of an OpenSSL engine to get private key from. Should be used
|
728
|
-
* together with privateKeyIdentifier.
|
729
|
-
*/
|
730
|
-
privateKeyEngine?: string | undefined;
|
731
|
-
/**
|
732
|
-
* Identifier of a private key managed by an OpenSSL engine. Should be
|
733
|
-
* used together with privateKeyEngine. Should not be set together with
|
734
|
-
* key, because both options define a private key in different ways.
|
735
|
-
*/
|
736
|
-
privateKeyIdentifier?: string | undefined;
|
737
|
-
/**
|
738
|
-
* Optionally set the maximum TLS version to allow. One
|
739
|
-
* of `'TLSv1.3'`, `'TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
|
740
|
-
* `secureProtocol` option, use one or the other.
|
741
|
-
* **Default:** `'TLSv1.3'`, unless changed using CLI options. Using
|
742
|
-
* `--tls-max-v1.2` sets the default to `'TLSv1.2'`. Using `--tls-max-v1.3` sets the default to
|
743
|
-
* `'TLSv1.3'`. If multiple of the options are provided, the highest maximum is used.
|
744
|
-
*/
|
745
|
-
maxVersion?: SecureVersion | undefined;
|
746
|
-
/**
|
747
|
-
* Optionally set the minimum TLS version to allow. One
|
748
|
-
* of `'TLSv1.3'`, `'TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
|
749
|
-
* `secureProtocol` option, use one or the other. It is not recommended to use
|
750
|
-
* less than TLSv1.2, but it may be required for interoperability.
|
751
|
-
* **Default:** `'TLSv1.2'`, unless changed using CLI options. Using
|
752
|
-
* `--tls-v1.0` sets the default to `'TLSv1'`. Using `--tls-v1.1` sets the default to
|
753
|
-
* `'TLSv1.1'`. Using `--tls-min-v1.3` sets the default to
|
754
|
-
* 'TLSv1.3'. If multiple of the options are provided, the lowest minimum is used.
|
755
|
-
*/
|
756
|
-
minVersion?: SecureVersion | undefined;
|
757
|
-
/**
|
758
|
-
* Shared passphrase used for a single private key and/or a PFX.
|
759
|
-
*/
|
760
|
-
passphrase?: string | undefined;
|
761
|
-
/**
|
762
|
-
* PFX or PKCS12 encoded private key and certificate chain. pfx is an
|
763
|
-
* alternative to providing key and cert individually. PFX is usually
|
764
|
-
* encrypted, if it is, passphrase will be used to decrypt it. Multiple
|
765
|
-
* PFX can be provided either as an array of unencrypted PFX buffers,
|
766
|
-
* or an array of objects in the form {buf: <string|buffer>[,
|
767
|
-
* passphrase: <string>]}. The object form can only occur in an array.
|
768
|
-
* object.passphrase is optional. Encrypted PFX will be decrypted with
|
769
|
-
* object.passphrase if provided, or options.passphrase if it is not.
|
770
|
-
*/
|
771
|
-
pfx?: string | Buffer | Array<string | Buffer | PxfObject> | undefined;
|
772
|
-
/**
|
773
|
-
* Optionally affect the OpenSSL protocol behavior, which is not
|
774
|
-
* usually necessary. This should be used carefully if at all! Value is
|
775
|
-
* a numeric bitmask of the SSL_OP_* options from OpenSSL Options
|
776
|
-
*/
|
777
|
-
secureOptions?: number | undefined; // Value is a numeric bitmask of the `SSL_OP_*` options
|
778
|
-
/**
|
779
|
-
* Legacy mechanism to select the TLS protocol version to use, it does
|
780
|
-
* not support independent control of the minimum and maximum version,
|
781
|
-
* and does not support limiting the protocol to TLSv1.3. Use
|
782
|
-
* minVersion and maxVersion instead. The possible values are listed as
|
783
|
-
* SSL_METHODS, use the function names as strings. For example, use
|
784
|
-
* 'TLSv1_1_method' to force TLS version 1.1, or 'TLS_method' to allow
|
785
|
-
* any TLS protocol version up to TLSv1.3. It is not recommended to use
|
786
|
-
* TLS versions less than 1.2, but it may be required for
|
787
|
-
* interoperability. Default: none, see minVersion.
|
788
|
-
*/
|
789
|
-
secureProtocol?: string | undefined;
|
790
|
-
/**
|
791
|
-
* Opaque identifier used by servers to ensure session state is not
|
792
|
-
* shared between applications. Unused by clients.
|
793
|
-
*/
|
794
|
-
sessionIdContext?: string | undefined;
|
795
|
-
/**
|
796
|
-
* 48-bytes of cryptographically strong pseudo-random data.
|
797
|
-
* See Session Resumption for more information.
|
798
|
-
*/
|
799
|
-
ticketKeys?: Buffer | undefined;
|
800
|
-
/**
|
801
|
-
* The number of seconds after which a TLS session created by the
|
802
|
-
* server will no longer be resumable. See Session Resumption for more
|
803
|
-
* information. Default: 300.
|
804
|
-
*/
|
805
|
-
sessionTimeout?: number | undefined;
|
806
|
-
}
|
807
|
-
interface SecureContext {
|
808
|
-
context: any;
|
809
|
-
}
|
810
|
-
/**
|
811
|
-
* Verifies the certificate `cert` is issued to `hostname`.
|
812
|
-
*
|
813
|
-
* Returns [<Error>](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error) object, populating it with `reason`, `host`, and `cert` on
|
814
|
-
* failure. On success, returns [<undefined>](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type).
|
815
|
-
*
|
816
|
-
* This function can be overwritten by providing alternative function as part of
|
817
|
-
* the `options.checkServerIdentity` option passed to `tls.connect()`. The
|
818
|
-
* overwriting function can call `tls.checkServerIdentity()` of course, to augment
|
819
|
-
* the checks done with additional verification.
|
820
|
-
*
|
821
|
-
* This function is only called if the certificate passed all other checks, such as
|
822
|
-
* being issued by trusted CA (`options.ca`).
|
823
|
-
* @since v0.8.4
|
824
|
-
* @param hostname The host name or IP address to verify the certificate against.
|
825
|
-
* @param cert A `certificate object` representing the peer's certificate.
|
826
|
-
*/
|
827
|
-
function checkServerIdentity(hostname: string, cert: PeerCertificate): Error | undefined;
|
828
|
-
/**
|
829
|
-
* Creates a new {@link Server}. The `secureConnectionListener`, if provided, is
|
830
|
-
* automatically set as a listener for the `'secureConnection'` event.
|
831
|
-
*
|
832
|
-
* The `ticketKeys` options is automatically shared between `cluster` module
|
833
|
-
* workers.
|
834
|
-
*
|
835
|
-
* The following illustrates a simple echo server:
|
836
|
-
*
|
837
|
-
* ```js
|
838
|
-
* const tls = require('tls');
|
839
|
-
* const fs = require('fs');
|
840
|
-
*
|
841
|
-
* const options = {
|
842
|
-
* key: fs.readFileSync('server-key.pem'),
|
843
|
-
* cert: fs.readFileSync('server-cert.pem'),
|
844
|
-
*
|
845
|
-
* // This is necessary only if using client certificate authentication.
|
846
|
-
* requestCert: true,
|
847
|
-
*
|
848
|
-
* // This is necessary only if the client uses a self-signed certificate.
|
849
|
-
* ca: [ fs.readFileSync('client-cert.pem') ]
|
850
|
-
* };
|
851
|
-
*
|
852
|
-
* const server = tls.createServer(options, (socket) => {
|
853
|
-
* console.log('server connected',
|
854
|
-
* socket.authorized ? 'authorized' : 'unauthorized');
|
855
|
-
* socket.write('welcome!\n');
|
856
|
-
* socket.setEncoding('utf8');
|
857
|
-
* socket.pipe(socket);
|
858
|
-
* });
|
859
|
-
* server.listen(8000, () => {
|
860
|
-
* console.log('server bound');
|
861
|
-
* });
|
862
|
-
* ```
|
863
|
-
*
|
864
|
-
* The server can be tested by connecting to it using the example client from {@link connect}.
|
865
|
-
* @since v0.3.2
|
866
|
-
*/
|
867
|
-
function createServer(secureConnectionListener?: (socket: TLSSocket) => void): Server;
|
868
|
-
function createServer(options: TlsOptions, secureConnectionListener?: (socket: TLSSocket) => void): Server;
|
869
|
-
/**
|
870
|
-
* The `callback` function, if specified, will be added as a listener for the `'secureConnect'` event.
|
871
|
-
*
|
872
|
-
* `tls.connect()` returns a {@link TLSSocket} object.
|
873
|
-
*
|
874
|
-
* Unlike the `https` API, `tls.connect()` does not enable the
|
875
|
-
* SNI (Server Name Indication) extension by default, which may cause some
|
876
|
-
* servers to return an incorrect certificate or reject the connection
|
877
|
-
* altogether. To enable SNI, set the `servername` option in addition
|
878
|
-
* to `host`.
|
879
|
-
*
|
880
|
-
* The following illustrates a client for the echo server example from {@link createServer}:
|
881
|
-
*
|
882
|
-
* ```js
|
883
|
-
* // Assumes an echo server that is listening on port 8000.
|
884
|
-
* const tls = require('tls');
|
885
|
-
* const fs = require('fs');
|
886
|
-
*
|
887
|
-
* const options = {
|
888
|
-
* // Necessary only if the server requires client certificate authentication.
|
889
|
-
* key: fs.readFileSync('client-key.pem'),
|
890
|
-
* cert: fs.readFileSync('client-cert.pem'),
|
891
|
-
*
|
892
|
-
* // Necessary only if the server uses a self-signed certificate.
|
893
|
-
* ca: [ fs.readFileSync('server-cert.pem') ],
|
894
|
-
*
|
895
|
-
* // Necessary only if the server's cert isn't for "localhost".
|
896
|
-
* checkServerIdentity: () => { return null; },
|
897
|
-
* };
|
898
|
-
*
|
899
|
-
* const socket = tls.connect(8000, options, () => {
|
900
|
-
* console.log('client connected',
|
901
|
-
* socket.authorized ? 'authorized' : 'unauthorized');
|
902
|
-
* process.stdin.pipe(socket);
|
903
|
-
* process.stdin.resume();
|
904
|
-
* });
|
905
|
-
* socket.setEncoding('utf8');
|
906
|
-
* socket.on('data', (data) => {
|
907
|
-
* console.log(data);
|
908
|
-
* });
|
909
|
-
* socket.on('end', () => {
|
910
|
-
* console.log('server ends connection');
|
911
|
-
* });
|
912
|
-
* ```
|
913
|
-
* @since v0.11.3
|
914
|
-
*/
|
915
|
-
function connect(options: ConnectionOptions, secureConnectListener?: () => void): TLSSocket;
|
916
|
-
function connect(port: number, host?: string, options?: ConnectionOptions, secureConnectListener?: () => void): TLSSocket;
|
917
|
-
function connect(port: number, options?: ConnectionOptions, secureConnectListener?: () => void): TLSSocket;
|
918
|
-
/**
|
919
|
-
* Creates a new secure pair object with two streams, one of which reads and writes
|
920
|
-
* the encrypted data and the other of which reads and writes the cleartext data.
|
921
|
-
* Generally, the encrypted stream is piped to/from an incoming encrypted data
|
922
|
-
* stream and the cleartext one is used as a replacement for the initial encrypted
|
923
|
-
* stream.
|
924
|
-
*
|
925
|
-
* `tls.createSecurePair()` returns a `tls.SecurePair` object with `cleartext` and`encrypted` stream properties.
|
926
|
-
*
|
927
|
-
* Using `cleartext` has the same API as {@link TLSSocket}.
|
928
|
-
*
|
929
|
-
* The `tls.createSecurePair()` method is now deprecated in favor of`tls.TLSSocket()`. For example, the code:
|
930
|
-
*
|
931
|
-
* ```js
|
932
|
-
* pair = tls.createSecurePair(// ... );
|
933
|
-
* pair.encrypted.pipe(socket);
|
934
|
-
* socket.pipe(pair.encrypted);
|
935
|
-
* ```
|
936
|
-
*
|
937
|
-
* can be replaced by:
|
938
|
-
*
|
939
|
-
* ```js
|
940
|
-
* secureSocket = tls.TLSSocket(socket, options);
|
941
|
-
* ```
|
942
|
-
*
|
943
|
-
* where `secureSocket` has the same API as `pair.cleartext`.
|
944
|
-
* @since v0.3.2
|
945
|
-
* @deprecated Since v0.11.3 - Use {@link TLSSocket} instead.
|
946
|
-
* @param context A secure context object as returned by `tls.createSecureContext()`
|
947
|
-
* @param isServer `true` to specify that this TLS connection should be opened as a server.
|
948
|
-
* @param requestCert `true` to specify whether a server should request a certificate from a connecting client. Only applies when `isServer` is `true`.
|
949
|
-
* @param rejectUnauthorized If not `false` a server automatically reject clients with invalid certificates. Only applies when `isServer` is `true`.
|
950
|
-
*/
|
951
|
-
function createSecurePair(context?: SecureContext, isServer?: boolean, requestCert?: boolean, rejectUnauthorized?: boolean): SecurePair;
|
952
|
-
/**
|
953
|
-
* {@link createServer} sets the default value of the `honorCipherOrder` option
|
954
|
-
* to `true`, other APIs that create secure contexts leave it unset.
|
955
|
-
*
|
956
|
-
* {@link createServer} uses a 128 bit truncated SHA1 hash value generated
|
957
|
-
* from `process.argv` as the default value of the `sessionIdContext` option, other
|
958
|
-
* APIs that create secure contexts have no default value.
|
959
|
-
*
|
960
|
-
* The `tls.createSecureContext()` method creates a `SecureContext` object. It is
|
961
|
-
* usable as an argument to several `tls` APIs, such as {@link createServer} and `server.addContext()`, but has no public methods.
|
962
|
-
*
|
963
|
-
* A key is _required_ for ciphers that use certificates. Either `key` or`pfx` can be used to provide it.
|
964
|
-
*
|
965
|
-
* If the `ca` option is not given, then Node.js will default to using[Mozilla's publicly trusted list of
|
966
|
-
* CAs](https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt).
|
967
|
-
* @since v0.11.13
|
968
|
-
*/
|
969
|
-
function createSecureContext(options?: SecureContextOptions): SecureContext;
|
970
|
-
/**
|
971
|
-
* Returns an array with the names of the supported TLS ciphers. The names are
|
972
|
-
* lower-case for historical reasons, but must be uppercased to be used in
|
973
|
-
* the `ciphers` option of {@link createSecureContext}.
|
974
|
-
*
|
975
|
-
* Cipher names that start with `'tls_'` are for TLSv1.3, all the others are for
|
976
|
-
* TLSv1.2 and below.
|
977
|
-
*
|
978
|
-
* ```js
|
979
|
-
* console.log(tls.getCiphers()); // ['aes128-gcm-sha256', 'aes128-sha', ...]
|
980
|
-
* ```
|
981
|
-
* @since v0.10.2
|
982
|
-
*/
|
983
|
-
function getCiphers(): string[];
|
984
|
-
/**
|
985
|
-
* The default curve name to use for ECDH key agreement in a tls server.
|
986
|
-
* The default value is 'auto'. See tls.createSecureContext() for further
|
987
|
-
* information.
|
988
|
-
*/
|
989
|
-
let DEFAULT_ECDH_CURVE: string;
|
990
|
-
/**
|
991
|
-
* The default value of the maxVersion option of
|
992
|
-
* tls.createSecureContext(). It can be assigned any of the supported TLS
|
993
|
-
* protocol versions, 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'. Default:
|
994
|
-
* 'TLSv1.3', unless changed using CLI options. Using --tls-max-v1.2 sets
|
995
|
-
* the default to 'TLSv1.2'. Using --tls-max-v1.3 sets the default to
|
996
|
-
* 'TLSv1.3'. If multiple of the options are provided, the highest maximum
|
997
|
-
* is used.
|
998
|
-
*/
|
999
|
-
let DEFAULT_MAX_VERSION: SecureVersion;
|
1000
|
-
/**
|
1001
|
-
* The default value of the minVersion option of tls.createSecureContext().
|
1002
|
-
* It can be assigned any of the supported TLS protocol versions,
|
1003
|
-
* 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'. Default: 'TLSv1.2', unless
|
1004
|
-
* changed using CLI options. Using --tls-min-v1.0 sets the default to
|
1005
|
-
* 'TLSv1'. Using --tls-min-v1.1 sets the default to 'TLSv1.1'. Using
|
1006
|
-
* --tls-min-v1.3 sets the default to 'TLSv1.3'. If multiple of the options
|
1007
|
-
* are provided, the lowest minimum is used.
|
1008
|
-
*/
|
1009
|
-
let DEFAULT_MIN_VERSION: SecureVersion;
|
1010
|
-
/**
|
1011
|
-
* An immutable array of strings representing the root certificates (in PEM
|
1012
|
-
* format) used for verifying peer certificates. This is the default value
|
1013
|
-
* of the ca option to tls.createSecureContext().
|
1014
|
-
*/
|
1015
|
-
const rootCertificates: ReadonlyArray<string>;
|
1016
|
-
}
|
1017
|
-
declare module 'node:tls' {
|
1018
|
-
export * from 'tls';
|
1019
|
-
}
|
1
|
+
/**
|
2
|
+
* The `tls` module provides an implementation of the Transport Layer Security
|
3
|
+
* (TLS) and Secure Socket Layer (SSL) protocols that is built on top of OpenSSL.
|
4
|
+
* The module can be accessed using:
|
5
|
+
*
|
6
|
+
* ```js
|
7
|
+
* const tls = require('tls');
|
8
|
+
* ```
|
9
|
+
* @see [source](https://github.com/nodejs/node/blob/v16.7.0/lib/tls.js)
|
10
|
+
*/
|
11
|
+
declare module 'tls' {
|
12
|
+
import { X509Certificate } from 'node:crypto';
|
13
|
+
import * as net from 'node:net';
|
14
|
+
const CLIENT_RENEG_LIMIT: number;
|
15
|
+
const CLIENT_RENEG_WINDOW: number;
|
16
|
+
interface Certificate {
|
17
|
+
/**
|
18
|
+
* Country code.
|
19
|
+
*/
|
20
|
+
C: string;
|
21
|
+
/**
|
22
|
+
* Street.
|
23
|
+
*/
|
24
|
+
ST: string;
|
25
|
+
/**
|
26
|
+
* Locality.
|
27
|
+
*/
|
28
|
+
L: string;
|
29
|
+
/**
|
30
|
+
* Organization.
|
31
|
+
*/
|
32
|
+
O: string;
|
33
|
+
/**
|
34
|
+
* Organizational unit.
|
35
|
+
*/
|
36
|
+
OU: string;
|
37
|
+
/**
|
38
|
+
* Common name.
|
39
|
+
*/
|
40
|
+
CN: string;
|
41
|
+
}
|
42
|
+
interface PeerCertificate {
|
43
|
+
subject: Certificate;
|
44
|
+
issuer: Certificate;
|
45
|
+
subjectaltname: string;
|
46
|
+
infoAccess: NodeJS.Dict<string[]>;
|
47
|
+
modulus: string;
|
48
|
+
exponent: string;
|
49
|
+
valid_from: string;
|
50
|
+
valid_to: string;
|
51
|
+
fingerprint: string;
|
52
|
+
fingerprint256: string;
|
53
|
+
ext_key_usage: string[];
|
54
|
+
serialNumber: string;
|
55
|
+
raw: Buffer;
|
56
|
+
}
|
57
|
+
interface DetailedPeerCertificate extends PeerCertificate {
|
58
|
+
issuerCertificate: DetailedPeerCertificate;
|
59
|
+
}
|
60
|
+
interface CipherNameAndProtocol {
|
61
|
+
/**
|
62
|
+
* The cipher name.
|
63
|
+
*/
|
64
|
+
name: string;
|
65
|
+
/**
|
66
|
+
* SSL/TLS protocol version.
|
67
|
+
*/
|
68
|
+
version: string;
|
69
|
+
/**
|
70
|
+
* IETF name for the cipher suite.
|
71
|
+
*/
|
72
|
+
standardName: string;
|
73
|
+
}
|
74
|
+
interface EphemeralKeyInfo {
|
75
|
+
/**
|
76
|
+
* The supported types are 'DH' and 'ECDH'.
|
77
|
+
*/
|
78
|
+
type: string;
|
79
|
+
/**
|
80
|
+
* The name property is available only when type is 'ECDH'.
|
81
|
+
*/
|
82
|
+
name?: string | undefined;
|
83
|
+
/**
|
84
|
+
* The size of parameter of an ephemeral key exchange.
|
85
|
+
*/
|
86
|
+
size: number;
|
87
|
+
}
|
88
|
+
interface KeyObject {
|
89
|
+
/**
|
90
|
+
* Private keys in PEM format.
|
91
|
+
*/
|
92
|
+
pem: string | Buffer;
|
93
|
+
/**
|
94
|
+
* Optional passphrase.
|
95
|
+
*/
|
96
|
+
passphrase?: string | undefined;
|
97
|
+
}
|
98
|
+
interface PxfObject {
|
99
|
+
/**
|
100
|
+
* PFX or PKCS12 encoded private key and certificate chain.
|
101
|
+
*/
|
102
|
+
buf: string | Buffer;
|
103
|
+
/**
|
104
|
+
* Optional passphrase.
|
105
|
+
*/
|
106
|
+
passphrase?: string | undefined;
|
107
|
+
}
|
108
|
+
interface TLSSocketOptions extends SecureContextOptions, CommonConnectionOptions {
|
109
|
+
/**
|
110
|
+
* If true the TLS socket will be instantiated in server-mode.
|
111
|
+
* Defaults to false.
|
112
|
+
*/
|
113
|
+
isServer?: boolean | undefined;
|
114
|
+
/**
|
115
|
+
* An optional net.Server instance.
|
116
|
+
*/
|
117
|
+
server?: net.Server | undefined;
|
118
|
+
/**
|
119
|
+
* An optional Buffer instance containing a TLS session.
|
120
|
+
*/
|
121
|
+
session?: Buffer | undefined;
|
122
|
+
/**
|
123
|
+
* If true, specifies that the OCSP status request extension will be
|
124
|
+
* added to the client hello and an 'OCSPResponse' event will be
|
125
|
+
* emitted on the socket before establishing a secure communication
|
126
|
+
*/
|
127
|
+
requestOCSP?: boolean | undefined;
|
128
|
+
}
|
129
|
+
/**
|
130
|
+
* Performs transparent encryption of written data and all required TLS
|
131
|
+
* negotiation.
|
132
|
+
*
|
133
|
+
* Instances of `tls.TLSSocket` implement the duplex `Stream` interface.
|
134
|
+
*
|
135
|
+
* Methods that return TLS connection metadata (e.g.{@link TLSSocket.getPeerCertificate} will only return data while the
|
136
|
+
* connection is open.
|
137
|
+
* @since v0.11.4
|
138
|
+
*/
|
139
|
+
class TLSSocket extends net.Socket {
|
140
|
+
/**
|
141
|
+
* Construct a new tls.TLSSocket object from an existing TCP socket.
|
142
|
+
*/
|
143
|
+
constructor(socket: net.Socket, options?: TLSSocketOptions);
|
144
|
+
/**
|
145
|
+
* Returns `true` if the peer certificate was signed by one of the CAs specified
|
146
|
+
* when creating the `tls.TLSSocket` instance, otherwise `false`.
|
147
|
+
* @since v0.11.4
|
148
|
+
*/
|
149
|
+
authorized: boolean;
|
150
|
+
/**
|
151
|
+
* Returns the reason why the peer's certificate was not been verified. This
|
152
|
+
* property is set only when `tlsSocket.authorized === false`.
|
153
|
+
* @since v0.11.4
|
154
|
+
*/
|
155
|
+
authorizationError: Error;
|
156
|
+
/**
|
157
|
+
* Always returns `true`. This may be used to distinguish TLS sockets from regular`net.Socket` instances.
|
158
|
+
* @since v0.11.4
|
159
|
+
*/
|
160
|
+
encrypted: boolean;
|
161
|
+
/**
|
162
|
+
* String containing the selected ALPN protocol.
|
163
|
+
* Before a handshake has completed, this value is always null.
|
164
|
+
* When a handshake is completed but not ALPN protocol was selected, tlsSocket.alpnProtocol equals false.
|
165
|
+
*/
|
166
|
+
alpnProtocol: string | false | null;
|
167
|
+
/**
|
168
|
+
* Returns an object representing the local certificate. The returned object has
|
169
|
+
* some properties corresponding to the fields of the certificate.
|
170
|
+
*
|
171
|
+
* See {@link TLSSocket.getPeerCertificate} for an example of the certificate
|
172
|
+
* structure.
|
173
|
+
*
|
174
|
+
* If there is no local certificate, an empty object will be returned. If the
|
175
|
+
* socket has been destroyed, `null` will be returned.
|
176
|
+
* @since v11.2.0
|
177
|
+
*/
|
178
|
+
getCertificate(): PeerCertificate | object | null;
|
179
|
+
/**
|
180
|
+
* Returns an object containing information on the negotiated cipher suite.
|
181
|
+
*
|
182
|
+
* For example:
|
183
|
+
*
|
184
|
+
* ```json
|
185
|
+
* {
|
186
|
+
* "name": "AES128-SHA256",
|
187
|
+
* "standardName": "TLS_RSA_WITH_AES_128_CBC_SHA256",
|
188
|
+
* "version": "TLSv1.2"
|
189
|
+
* }
|
190
|
+
* ```
|
191
|
+
*
|
192
|
+
* See[SSL\_CIPHER\_get\_name](https://www.openssl.org/docs/man1.1.1/man3/SSL_CIPHER_get_name.html)for more information.
|
193
|
+
* @since v0.11.4
|
194
|
+
*/
|
195
|
+
getCipher(): CipherNameAndProtocol;
|
196
|
+
/**
|
197
|
+
* Returns an object representing the type, name, and size of parameter of
|
198
|
+
* an ephemeral key exchange in `perfect forward secrecy` on a client
|
199
|
+
* connection. It returns an empty object when the key exchange is not
|
200
|
+
* ephemeral. As this is only supported on a client socket; `null` is returned
|
201
|
+
* if called on a server socket. The supported types are `'DH'` and `'ECDH'`. The`name` property is available only when type is `'ECDH'`.
|
202
|
+
*
|
203
|
+
* For example: `{ type: 'ECDH', name: 'prime256v1', size: 256 }`.
|
204
|
+
* @since v5.0.0
|
205
|
+
*/
|
206
|
+
getEphemeralKeyInfo(): EphemeralKeyInfo | object | null;
|
207
|
+
/**
|
208
|
+
* As the `Finished` messages are message digests of the complete handshake
|
209
|
+
* (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
|
210
|
+
* be used for external authentication procedures when the authentication
|
211
|
+
* provided by SSL/TLS is not desired or is not enough.
|
212
|
+
*
|
213
|
+
* Corresponds to the `SSL_get_finished` routine in OpenSSL and may be used
|
214
|
+
* to implement the `tls-unique` channel binding from [RFC 5929](https://tools.ietf.org/html/rfc5929).
|
215
|
+
* @since v9.9.0
|
216
|
+
* @return The latest `Finished` message that has been sent to the socket as part of a SSL/TLS handshake, or `undefined` if no `Finished` message has been sent yet.
|
217
|
+
*/
|
218
|
+
getFinished(): Buffer | undefined;
|
219
|
+
/**
|
220
|
+
* Returns an object representing the peer's certificate. If the peer does not
|
221
|
+
* provide a certificate, an empty object will be returned. If the socket has been
|
222
|
+
* destroyed, `null` will be returned.
|
223
|
+
*
|
224
|
+
* If the full certificate chain was requested, each certificate will include an`issuerCertificate` property containing an object representing its issuer's
|
225
|
+
* certificate.
|
226
|
+
* @since v0.11.4
|
227
|
+
* @param detailed Include the full certificate chain if `true`, otherwise include just the peer's certificate.
|
228
|
+
* @return A certificate object.
|
229
|
+
*/
|
230
|
+
getPeerCertificate(detailed: true): DetailedPeerCertificate;
|
231
|
+
getPeerCertificate(detailed?: false): PeerCertificate;
|
232
|
+
getPeerCertificate(detailed?: boolean): PeerCertificate | DetailedPeerCertificate;
|
233
|
+
/**
|
234
|
+
* As the `Finished` messages are message digests of the complete handshake
|
235
|
+
* (with a total of 192 bits for TLS 1.0 and more for SSL 3.0), they can
|
236
|
+
* be used for external authentication procedures when the authentication
|
237
|
+
* provided by SSL/TLS is not desired or is not enough.
|
238
|
+
*
|
239
|
+
* Corresponds to the `SSL_get_peer_finished` routine in OpenSSL and may be used
|
240
|
+
* to implement the `tls-unique` channel binding from [RFC 5929](https://tools.ietf.org/html/rfc5929).
|
241
|
+
* @since v9.9.0
|
242
|
+
* @return The latest `Finished` message that is expected or has actually been received from the socket as part of a SSL/TLS handshake, or `undefined` if there is no `Finished` message so
|
243
|
+
* far.
|
244
|
+
*/
|
245
|
+
getPeerFinished(): Buffer | undefined;
|
246
|
+
/**
|
247
|
+
* Returns a string containing the negotiated SSL/TLS protocol version of the
|
248
|
+
* current connection. The value `'unknown'` will be returned for connected
|
249
|
+
* sockets that have not completed the handshaking process. The value `null` will
|
250
|
+
* be returned for server sockets or disconnected client sockets.
|
251
|
+
*
|
252
|
+
* Protocol versions are:
|
253
|
+
*
|
254
|
+
* * `'SSLv3'`
|
255
|
+
* * `'TLSv1'`
|
256
|
+
* * `'TLSv1.1'`
|
257
|
+
* * `'TLSv1.2'`
|
258
|
+
* * `'TLSv1.3'`
|
259
|
+
*
|
260
|
+
* See the OpenSSL [`SSL_get_version`](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_version.html) documentation for more information.
|
261
|
+
* @since v5.7.0
|
262
|
+
*/
|
263
|
+
getProtocol(): string | null;
|
264
|
+
/**
|
265
|
+
* Returns the TLS session data or `undefined` if no session was
|
266
|
+
* negotiated. On the client, the data can be provided to the `session` option of {@link connect} to resume the connection. On the server, it may be useful
|
267
|
+
* for debugging.
|
268
|
+
*
|
269
|
+
* See `Session Resumption` for more information.
|
270
|
+
*
|
271
|
+
* Note: `getSession()` works only for TLSv1.2 and below. For TLSv1.3, applications
|
272
|
+
* must use the `'session'` event (it also works for TLSv1.2 and below).
|
273
|
+
* @since v0.11.4
|
274
|
+
*/
|
275
|
+
getSession(): Buffer | undefined;
|
276
|
+
/**
|
277
|
+
* See[SSL\_get\_shared\_sigalgs](https://www.openssl.org/docs/man1.1.1/man3/SSL_get_shared_sigalgs.html)for more information.
|
278
|
+
* @since v12.11.0
|
279
|
+
* @return List of signature algorithms shared between the server and the client in the order of decreasing preference.
|
280
|
+
*/
|
281
|
+
getSharedSigalgs(): string[];
|
282
|
+
/**
|
283
|
+
* For a client, returns the TLS session ticket if one is available, or`undefined`. For a server, always returns `undefined`.
|
284
|
+
*
|
285
|
+
* It may be useful for debugging.
|
286
|
+
*
|
287
|
+
* See `Session Resumption` for more information.
|
288
|
+
* @since v0.11.4
|
289
|
+
*/
|
290
|
+
getTLSTicket(): Buffer | undefined;
|
291
|
+
/**
|
292
|
+
* See `Session Resumption` for more information.
|
293
|
+
* @since v0.5.6
|
294
|
+
* @return `true` if the session was reused, `false` otherwise.
|
295
|
+
*/
|
296
|
+
isSessionReused(): boolean;
|
297
|
+
/**
|
298
|
+
* The `tlsSocket.renegotiate()` method initiates a TLS renegotiation process.
|
299
|
+
* Upon completion, the `callback` function will be passed a single argument
|
300
|
+
* that is either an `Error` (if the request failed) or `null`.
|
301
|
+
*
|
302
|
+
* This method can be used to request a peer's certificate after the secure
|
303
|
+
* connection has been established.
|
304
|
+
*
|
305
|
+
* When running as the server, the socket will be destroyed with an error after`handshakeTimeout` timeout.
|
306
|
+
*
|
307
|
+
* For TLSv1.3, renegotiation cannot be initiated, it is not supported by the
|
308
|
+
* protocol.
|
309
|
+
* @since v0.11.8
|
310
|
+
* @param callback If `renegotiate()` returned `true`, callback is attached once to the `'secure'` event. If `renegotiate()` returned `false`, `callback` will be called in the next tick with
|
311
|
+
* an error, unless the `tlsSocket` has been destroyed, in which case `callback` will not be called at all.
|
312
|
+
* @return `true` if renegotiation was initiated, `false` otherwise.
|
313
|
+
*/
|
314
|
+
renegotiate(
|
315
|
+
options: {
|
316
|
+
rejectUnauthorized?: boolean | undefined;
|
317
|
+
requestCert?: boolean | undefined;
|
318
|
+
},
|
319
|
+
callback: (err: Error | null) => void
|
320
|
+
): undefined | boolean;
|
321
|
+
/**
|
322
|
+
* The `tlsSocket.setMaxSendFragment()` method sets the maximum TLS fragment size.
|
323
|
+
* Returns `true` if setting the limit succeeded; `false` otherwise.
|
324
|
+
*
|
325
|
+
* Smaller fragment sizes decrease the buffering latency on the client: larger
|
326
|
+
* fragments are buffered by the TLS layer until the entire fragment is received
|
327
|
+
* and its integrity is verified; large fragments can span multiple roundtrips
|
328
|
+
* and their processing can be delayed due to packet loss or reordering. However,
|
329
|
+
* smaller fragments add extra TLS framing bytes and CPU overhead, which may
|
330
|
+
* decrease overall server throughput.
|
331
|
+
* @since v0.11.11
|
332
|
+
* @param [size=16384] The maximum TLS fragment size. The maximum value is `16384`.
|
333
|
+
*/
|
334
|
+
setMaxSendFragment(size: number): boolean;
|
335
|
+
/**
|
336
|
+
* Disables TLS renegotiation for this `TLSSocket` instance. Once called, attempts
|
337
|
+
* to renegotiate will trigger an `'error'` event on the `TLSSocket`.
|
338
|
+
* @since v8.4.0
|
339
|
+
*/
|
340
|
+
disableRenegotiation(): void;
|
341
|
+
/**
|
342
|
+
* When enabled, TLS packet trace information is written to `stderr`. This can be
|
343
|
+
* used to debug TLS connection problems.
|
344
|
+
*
|
345
|
+
* Note: The format of the output is identical to the output of `openssl s_client -trace` or `openssl s_server -trace`. While it is produced by OpenSSL's`SSL_trace()` function, the format is
|
346
|
+
* undocumented, can change without notice,
|
347
|
+
* and should not be relied on.
|
348
|
+
* @since v12.2.0
|
349
|
+
*/
|
350
|
+
enableTrace(): void;
|
351
|
+
/**
|
352
|
+
* Returns the peer certificate as an `X509Certificate` object.
|
353
|
+
*
|
354
|
+
* If there is no peer certificate, or the socket has been destroyed,`undefined` will be returned.
|
355
|
+
* @since v15.9.0
|
356
|
+
*/
|
357
|
+
getPeerX509Certificate(): X509Certificate | undefined;
|
358
|
+
/**
|
359
|
+
* Returns the local certificate as an `X509Certificate` object.
|
360
|
+
*
|
361
|
+
* If there is no local certificate, or the socket has been destroyed,`undefined` will be returned.
|
362
|
+
* @since v15.9.0
|
363
|
+
*/
|
364
|
+
getX509Certificate(): X509Certificate | undefined;
|
365
|
+
/**
|
366
|
+
* Keying material is used for validations to prevent different kind of attacks in
|
367
|
+
* network protocols, for example in the specifications of IEEE 802.1X.
|
368
|
+
*
|
369
|
+
* Example
|
370
|
+
*
|
371
|
+
* ```js
|
372
|
+
* const keyingMaterial = tlsSocket.exportKeyingMaterial(
|
373
|
+
* 128,
|
374
|
+
* 'client finished');
|
375
|
+
*
|
376
|
+
*
|
377
|
+
* Example return value of keyingMaterial:
|
378
|
+
* <Buffer 76 26 af 99 c5 56 8e 42 09 91 ef 9f 93 cb ad 6c 7b 65 f8 53 f1 d8 d9
|
379
|
+
* 12 5a 33 b8 b5 25 df 7b 37 9f e0 e2 4f b8 67 83 a3 2f cd 5d 41 42 4c 91
|
380
|
+
* 74 ef 2c ... 78 more bytes>
|
381
|
+
*
|
382
|
+
* ```
|
383
|
+
*
|
384
|
+
* See the OpenSSL [`SSL_export_keying_material`](https://www.openssl.org/docs/man1.1.1/man3/SSL_export_keying_material.html) documentation for more
|
385
|
+
* information.
|
386
|
+
* @since v13.10.0, v12.17.0
|
387
|
+
* @param length number of bytes to retrieve from keying material
|
388
|
+
* @param label an application specific label, typically this will be a value from the [IANA Exporter Label
|
389
|
+
* Registry](https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#exporter-labels).
|
390
|
+
* @param context Optionally provide a context.
|
391
|
+
* @return requested bytes of the keying material
|
392
|
+
*/
|
393
|
+
exportKeyingMaterial(length: number, label: string, context: Buffer): Buffer;
|
394
|
+
addListener(event: string, listener: (...args: any[]) => void): this;
|
395
|
+
addListener(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
396
|
+
addListener(event: 'secureConnect', listener: () => void): this;
|
397
|
+
addListener(event: 'session', listener: (session: Buffer) => void): this;
|
398
|
+
addListener(event: 'keylog', listener: (line: Buffer) => void): this;
|
399
|
+
emit(event: string | symbol, ...args: any[]): boolean;
|
400
|
+
emit(event: 'OCSPResponse', response: Buffer): boolean;
|
401
|
+
emit(event: 'secureConnect'): boolean;
|
402
|
+
emit(event: 'session', session: Buffer): boolean;
|
403
|
+
emit(event: 'keylog', line: Buffer): boolean;
|
404
|
+
on(event: string, listener: (...args: any[]) => void): this;
|
405
|
+
on(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
406
|
+
on(event: 'secureConnect', listener: () => void): this;
|
407
|
+
on(event: 'session', listener: (session: Buffer) => void): this;
|
408
|
+
on(event: 'keylog', listener: (line: Buffer) => void): this;
|
409
|
+
once(event: string, listener: (...args: any[]) => void): this;
|
410
|
+
once(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
411
|
+
once(event: 'secureConnect', listener: () => void): this;
|
412
|
+
once(event: 'session', listener: (session: Buffer) => void): this;
|
413
|
+
once(event: 'keylog', listener: (line: Buffer) => void): this;
|
414
|
+
prependListener(event: string, listener: (...args: any[]) => void): this;
|
415
|
+
prependListener(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
416
|
+
prependListener(event: 'secureConnect', listener: () => void): this;
|
417
|
+
prependListener(event: 'session', listener: (session: Buffer) => void): this;
|
418
|
+
prependListener(event: 'keylog', listener: (line: Buffer) => void): this;
|
419
|
+
prependOnceListener(event: string, listener: (...args: any[]) => void): this;
|
420
|
+
prependOnceListener(event: 'OCSPResponse', listener: (response: Buffer) => void): this;
|
421
|
+
prependOnceListener(event: 'secureConnect', listener: () => void): this;
|
422
|
+
prependOnceListener(event: 'session', listener: (session: Buffer) => void): this;
|
423
|
+
prependOnceListener(event: 'keylog', listener: (line: Buffer) => void): this;
|
424
|
+
}
|
425
|
+
interface CommonConnectionOptions {
|
426
|
+
/**
|
427
|
+
* An optional TLS context object from tls.createSecureContext()
|
428
|
+
*/
|
429
|
+
secureContext?: SecureContext | undefined;
|
430
|
+
/**
|
431
|
+
* When enabled, TLS packet trace information is written to `stderr`. This can be
|
432
|
+
* used to debug TLS connection problems.
|
433
|
+
* @default false
|
434
|
+
*/
|
435
|
+
enableTrace?: boolean | undefined;
|
436
|
+
/**
|
437
|
+
* If true the server will request a certificate from clients that
|
438
|
+
* connect and attempt to verify that certificate. Defaults to
|
439
|
+
* false.
|
440
|
+
*/
|
441
|
+
requestCert?: boolean | undefined;
|
442
|
+
/**
|
443
|
+
* An array of strings or a Buffer naming possible ALPN protocols.
|
444
|
+
* (Protocols should be ordered by their priority.)
|
445
|
+
*/
|
446
|
+
ALPNProtocols?: string[] | Uint8Array[] | Uint8Array | undefined;
|
447
|
+
/**
|
448
|
+
* SNICallback(servername, cb) <Function> A function that will be
|
449
|
+
* called if the client supports SNI TLS extension. Two arguments
|
450
|
+
* will be passed when called: servername and cb. SNICallback should
|
451
|
+
* invoke cb(null, ctx), where ctx is a SecureContext instance.
|
452
|
+
* (tls.createSecureContext(...) can be used to get a proper
|
453
|
+
* SecureContext.) If SNICallback wasn't provided the default callback
|
454
|
+
* with high-level API will be used (see below).
|
455
|
+
*/
|
456
|
+
SNICallback?: ((servername: string, cb: (err: Error | null, ctx?: SecureContext) => void) => void) | undefined;
|
457
|
+
/**
|
458
|
+
* If true the server will reject any connection which is not
|
459
|
+
* authorized with the list of supplied CAs. This option only has an
|
460
|
+
* effect if requestCert is true.
|
461
|
+
* @default true
|
462
|
+
*/
|
463
|
+
rejectUnauthorized?: boolean | undefined;
|
464
|
+
}
|
465
|
+
interface TlsOptions extends SecureContextOptions, CommonConnectionOptions, net.ServerOpts {
|
466
|
+
/**
|
467
|
+
* Abort the connection if the SSL/TLS handshake does not finish in the
|
468
|
+
* specified number of milliseconds. A 'tlsClientError' is emitted on
|
469
|
+
* the tls.Server object whenever a handshake times out. Default:
|
470
|
+
* 120000 (120 seconds).
|
471
|
+
*/
|
472
|
+
handshakeTimeout?: number | undefined;
|
473
|
+
/**
|
474
|
+
* The number of seconds after which a TLS session created by the
|
475
|
+
* server will no longer be resumable. See Session Resumption for more
|
476
|
+
* information. Default: 300.
|
477
|
+
*/
|
478
|
+
sessionTimeout?: number | undefined;
|
479
|
+
/**
|
480
|
+
* 48-bytes of cryptographically strong pseudo-random data.
|
481
|
+
*/
|
482
|
+
ticketKeys?: Buffer | undefined;
|
483
|
+
/**
|
484
|
+
*
|
485
|
+
* @param socket
|
486
|
+
* @param identity identity parameter sent from the client.
|
487
|
+
* @return pre-shared key that must either be
|
488
|
+
* a buffer or `null` to stop the negotiation process. Returned PSK must be
|
489
|
+
* compatible with the selected cipher's digest.
|
490
|
+
*
|
491
|
+
* When negotiating TLS-PSK (pre-shared keys), this function is called
|
492
|
+
* with the identity provided by the client.
|
493
|
+
* If the return value is `null` the negotiation process will stop and an
|
494
|
+
* "unknown_psk_identity" alert message will be sent to the other party.
|
495
|
+
* If the server wishes to hide the fact that the PSK identity was not known,
|
496
|
+
* the callback must provide some random data as `psk` to make the connection
|
497
|
+
* fail with "decrypt_error" before negotiation is finished.
|
498
|
+
* PSK ciphers are disabled by default, and using TLS-PSK thus
|
499
|
+
* requires explicitly specifying a cipher suite with the `ciphers` option.
|
500
|
+
* More information can be found in the RFC 4279.
|
501
|
+
*/
|
502
|
+
pskCallback?(socket: TLSSocket, identity: string): DataView | NodeJS.TypedArray | null;
|
503
|
+
/**
|
504
|
+
* hint to send to a client to help
|
505
|
+
* with selecting the identity during TLS-PSK negotiation. Will be ignored
|
506
|
+
* in TLS 1.3. Upon failing to set pskIdentityHint `tlsClientError` will be
|
507
|
+
* emitted with `ERR_TLS_PSK_SET_IDENTIY_HINT_FAILED` code.
|
508
|
+
*/
|
509
|
+
pskIdentityHint?: string | undefined;
|
510
|
+
}
|
511
|
+
interface PSKCallbackNegotation {
|
512
|
+
psk: DataView | NodeJS.TypedArray;
|
513
|
+
identity: string;
|
514
|
+
}
|
515
|
+
interface ConnectionOptions extends SecureContextOptions, CommonConnectionOptions {
|
516
|
+
host?: string | undefined;
|
517
|
+
port?: number | undefined;
|
518
|
+
path?: string | undefined; // Creates unix socket connection to path. If this option is specified, `host` and `port` are ignored.
|
519
|
+
socket?: net.Socket | undefined; // Establish secure connection on a given socket rather than creating a new socket
|
520
|
+
checkServerIdentity?: typeof checkServerIdentity | undefined;
|
521
|
+
servername?: string | undefined; // SNI TLS Extension
|
522
|
+
session?: Buffer | undefined;
|
523
|
+
minDHSize?: number | undefined;
|
524
|
+
lookup?: net.LookupFunction | undefined;
|
525
|
+
timeout?: number | undefined;
|
526
|
+
/**
|
527
|
+
* When negotiating TLS-PSK (pre-shared keys), this function is called
|
528
|
+
* with optional identity `hint` provided by the server or `null`
|
529
|
+
* in case of TLS 1.3 where `hint` was removed.
|
530
|
+
* It will be necessary to provide a custom `tls.checkServerIdentity()`
|
531
|
+
* for the connection as the default one will try to check hostname/IP
|
532
|
+
* of the server against the certificate but that's not applicable for PSK
|
533
|
+
* because there won't be a certificate present.
|
534
|
+
* More information can be found in the RFC 4279.
|
535
|
+
*
|
536
|
+
* @param hint message sent from the server to help client
|
537
|
+
* decide which identity to use during negotiation.
|
538
|
+
* Always `null` if TLS 1.3 is used.
|
539
|
+
* @returns Return `null` to stop the negotiation process. `psk` must be
|
540
|
+
* compatible with the selected cipher's digest.
|
541
|
+
* `identity` must use UTF-8 encoding.
|
542
|
+
*/
|
543
|
+
pskCallback?(hint: string | null): PSKCallbackNegotation | null;
|
544
|
+
}
|
545
|
+
/**
|
546
|
+
* Accepts encrypted connections using TLS or SSL.
|
547
|
+
* @since v0.3.2
|
548
|
+
*/
|
549
|
+
class Server extends net.Server {
|
550
|
+
constructor(secureConnectionListener?: (socket: TLSSocket) => void);
|
551
|
+
constructor(options: TlsOptions, secureConnectionListener?: (socket: TLSSocket) => void);
|
552
|
+
/**
|
553
|
+
* The `server.addContext()` method adds a secure context that will be used if
|
554
|
+
* the client request's SNI name matches the supplied `hostname` (or wildcard).
|
555
|
+
*
|
556
|
+
* When there are multiple matching contexts, the most recently added one is
|
557
|
+
* used.
|
558
|
+
* @since v0.5.3
|
559
|
+
* @param hostname A SNI host name or wildcard (e.g. `'*'`)
|
560
|
+
* @param context An object containing any of the possible properties from the {@link createSecureContext} `options` arguments (e.g. `key`, `cert`, `ca`, etc).
|
561
|
+
*/
|
562
|
+
addContext(hostname: string, context: SecureContextOptions): void;
|
563
|
+
/**
|
564
|
+
* Returns the session ticket keys.
|
565
|
+
*
|
566
|
+
* See `Session Resumption` for more information.
|
567
|
+
* @since v3.0.0
|
568
|
+
* @return A 48-byte buffer containing the session ticket keys.
|
569
|
+
*/
|
570
|
+
getTicketKeys(): Buffer;
|
571
|
+
/**
|
572
|
+
* The `server.setSecureContext()` method replaces the secure context of an
|
573
|
+
* existing server. Existing connections to the server are not interrupted.
|
574
|
+
* @since v11.0.0
|
575
|
+
* @param options An object containing any of the possible properties from the {@link createSecureContext} `options` arguments (e.g. `key`, `cert`, `ca`, etc).
|
576
|
+
*/
|
577
|
+
setSecureContext(options: SecureContextOptions): void;
|
578
|
+
/**
|
579
|
+
* Sets the session ticket keys.
|
580
|
+
*
|
581
|
+
* Changes to the ticket keys are effective only for future server connections.
|
582
|
+
* Existing or currently pending server connections will use the previous keys.
|
583
|
+
*
|
584
|
+
* See `Session Resumption` for more information.
|
585
|
+
* @since v3.0.0
|
586
|
+
* @param keys A 48-byte buffer containing the session ticket keys.
|
587
|
+
*/
|
588
|
+
setTicketKeys(keys: Buffer): void;
|
589
|
+
/**
|
590
|
+
* events.EventEmitter
|
591
|
+
* 1. tlsClientError
|
592
|
+
* 2. newSession
|
593
|
+
* 3. OCSPRequest
|
594
|
+
* 4. resumeSession
|
595
|
+
* 5. secureConnection
|
596
|
+
* 6. keylog
|
597
|
+
*/
|
598
|
+
addListener(event: string, listener: (...args: any[]) => void): this;
|
599
|
+
addListener(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
600
|
+
addListener(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
601
|
+
addListener(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
602
|
+
addListener(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
603
|
+
addListener(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
604
|
+
addListener(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
605
|
+
emit(event: string | symbol, ...args: any[]): boolean;
|
606
|
+
emit(event: 'tlsClientError', err: Error, tlsSocket: TLSSocket): boolean;
|
607
|
+
emit(event: 'newSession', sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void): boolean;
|
608
|
+
emit(event: 'OCSPRequest', certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void): boolean;
|
609
|
+
emit(event: 'resumeSession', sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void): boolean;
|
610
|
+
emit(event: 'secureConnection', tlsSocket: TLSSocket): boolean;
|
611
|
+
emit(event: 'keylog', line: Buffer, tlsSocket: TLSSocket): boolean;
|
612
|
+
on(event: string, listener: (...args: any[]) => void): this;
|
613
|
+
on(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
614
|
+
on(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
615
|
+
on(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
616
|
+
on(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
617
|
+
on(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
618
|
+
on(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
619
|
+
once(event: string, listener: (...args: any[]) => void): this;
|
620
|
+
once(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
621
|
+
once(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
622
|
+
once(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
623
|
+
once(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
624
|
+
once(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
625
|
+
once(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
626
|
+
prependListener(event: string, listener: (...args: any[]) => void): this;
|
627
|
+
prependListener(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
628
|
+
prependListener(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
629
|
+
prependListener(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
630
|
+
prependListener(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
631
|
+
prependListener(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
632
|
+
prependListener(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
633
|
+
prependOnceListener(event: string, listener: (...args: any[]) => void): this;
|
634
|
+
prependOnceListener(event: 'tlsClientError', listener: (err: Error, tlsSocket: TLSSocket) => void): this;
|
635
|
+
prependOnceListener(event: 'newSession', listener: (sessionId: Buffer, sessionData: Buffer, callback: (err: Error, resp: Buffer) => void) => void): this;
|
636
|
+
prependOnceListener(event: 'OCSPRequest', listener: (certificate: Buffer, issuer: Buffer, callback: (err: Error | null, resp: Buffer) => void) => void): this;
|
637
|
+
prependOnceListener(event: 'resumeSession', listener: (sessionId: Buffer, callback: (err: Error, sessionData: Buffer) => void) => void): this;
|
638
|
+
prependOnceListener(event: 'secureConnection', listener: (tlsSocket: TLSSocket) => void): this;
|
639
|
+
prependOnceListener(event: 'keylog', listener: (line: Buffer, tlsSocket: TLSSocket) => void): this;
|
640
|
+
}
|
641
|
+
/**
|
642
|
+
* @deprecated since v0.11.3 Use `tls.TLSSocket` instead.
|
643
|
+
*/
|
644
|
+
interface SecurePair {
|
645
|
+
encrypted: TLSSocket;
|
646
|
+
cleartext: TLSSocket;
|
647
|
+
}
|
648
|
+
type SecureVersion = 'TLSv1.3' | 'TLSv1.2' | 'TLSv1.1' | 'TLSv1';
|
649
|
+
interface SecureContextOptions {
|
650
|
+
/**
|
651
|
+
* Optionally override the trusted CA certificates. Default is to trust
|
652
|
+
* the well-known CAs curated by Mozilla. Mozilla's CAs are completely
|
653
|
+
* replaced when CAs are explicitly specified using this option.
|
654
|
+
*/
|
655
|
+
ca?: string | Buffer | Array<string | Buffer> | undefined;
|
656
|
+
/**
|
657
|
+
* Cert chains in PEM format. One cert chain should be provided per
|
658
|
+
* private key. Each cert chain should consist of the PEM formatted
|
659
|
+
* certificate for a provided private key, followed by the PEM
|
660
|
+
* formatted intermediate certificates (if any), in order, and not
|
661
|
+
* including the root CA (the root CA must be pre-known to the peer,
|
662
|
+
* see ca). When providing multiple cert chains, they do not have to
|
663
|
+
* be in the same order as their private keys in key. If the
|
664
|
+
* intermediate certificates are not provided, the peer will not be
|
665
|
+
* able to validate the certificate, and the handshake will fail.
|
666
|
+
*/
|
667
|
+
cert?: string | Buffer | Array<string | Buffer> | undefined;
|
668
|
+
/**
|
669
|
+
* Colon-separated list of supported signature algorithms. The list
|
670
|
+
* can contain digest algorithms (SHA256, MD5 etc.), public key
|
671
|
+
* algorithms (RSA-PSS, ECDSA etc.), combination of both (e.g
|
672
|
+
* 'RSA+SHA384') or TLS v1.3 scheme names (e.g. rsa_pss_pss_sha512).
|
673
|
+
*/
|
674
|
+
sigalgs?: string | undefined;
|
675
|
+
/**
|
676
|
+
* Cipher suite specification, replacing the default. For more
|
677
|
+
* information, see modifying the default cipher suite. Permitted
|
678
|
+
* ciphers can be obtained via tls.getCiphers(). Cipher names must be
|
679
|
+
* uppercased in order for OpenSSL to accept them.
|
680
|
+
*/
|
681
|
+
ciphers?: string | undefined;
|
682
|
+
/**
|
683
|
+
* Name of an OpenSSL engine which can provide the client certificate.
|
684
|
+
*/
|
685
|
+
clientCertEngine?: string | undefined;
|
686
|
+
/**
|
687
|
+
* PEM formatted CRLs (Certificate Revocation Lists).
|
688
|
+
*/
|
689
|
+
crl?: string | Buffer | Array<string | Buffer> | undefined;
|
690
|
+
/**
|
691
|
+
* Diffie Hellman parameters, required for Perfect Forward Secrecy. Use
|
692
|
+
* openssl dhparam to create the parameters. The key length must be
|
693
|
+
* greater than or equal to 1024 bits or else an error will be thrown.
|
694
|
+
* Although 1024 bits is permissible, use 2048 bits or larger for
|
695
|
+
* stronger security. If omitted or invalid, the parameters are
|
696
|
+
* silently discarded and DHE ciphers will not be available.
|
697
|
+
*/
|
698
|
+
dhparam?: string | Buffer | undefined;
|
699
|
+
/**
|
700
|
+
* A string describing a named curve or a colon separated list of curve
|
701
|
+
* NIDs or names, for example P-521:P-384:P-256, to use for ECDH key
|
702
|
+
* agreement. Set to auto to select the curve automatically. Use
|
703
|
+
* crypto.getCurves() to obtain a list of available curve names. On
|
704
|
+
* recent releases, openssl ecparam -list_curves will also display the
|
705
|
+
* name and description of each available elliptic curve. Default:
|
706
|
+
* tls.DEFAULT_ECDH_CURVE.
|
707
|
+
*/
|
708
|
+
ecdhCurve?: string | undefined;
|
709
|
+
/**
|
710
|
+
* Attempt to use the server's cipher suite preferences instead of the
|
711
|
+
* client's. When true, causes SSL_OP_CIPHER_SERVER_PREFERENCE to be
|
712
|
+
* set in secureOptions
|
713
|
+
*/
|
714
|
+
honorCipherOrder?: boolean | undefined;
|
715
|
+
/**
|
716
|
+
* Private keys in PEM format. PEM allows the option of private keys
|
717
|
+
* being encrypted. Encrypted keys will be decrypted with
|
718
|
+
* options.passphrase. Multiple keys using different algorithms can be
|
719
|
+
* provided either as an array of unencrypted key strings or buffers,
|
720
|
+
* or an array of objects in the form {pem: <string|buffer>[,
|
721
|
+
* passphrase: <string>]}. The object form can only occur in an array.
|
722
|
+
* object.passphrase is optional. Encrypted keys will be decrypted with
|
723
|
+
* object.passphrase if provided, or options.passphrase if it is not.
|
724
|
+
*/
|
725
|
+
key?: string | Buffer | Array<Buffer | KeyObject> | undefined;
|
726
|
+
/**
|
727
|
+
* Name of an OpenSSL engine to get private key from. Should be used
|
728
|
+
* together with privateKeyIdentifier.
|
729
|
+
*/
|
730
|
+
privateKeyEngine?: string | undefined;
|
731
|
+
/**
|
732
|
+
* Identifier of a private key managed by an OpenSSL engine. Should be
|
733
|
+
* used together with privateKeyEngine. Should not be set together with
|
734
|
+
* key, because both options define a private key in different ways.
|
735
|
+
*/
|
736
|
+
privateKeyIdentifier?: string | undefined;
|
737
|
+
/**
|
738
|
+
* Optionally set the maximum TLS version to allow. One
|
739
|
+
* of `'TLSv1.3'`, `'TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
|
740
|
+
* `secureProtocol` option, use one or the other.
|
741
|
+
* **Default:** `'TLSv1.3'`, unless changed using CLI options. Using
|
742
|
+
* `--tls-max-v1.2` sets the default to `'TLSv1.2'`. Using `--tls-max-v1.3` sets the default to
|
743
|
+
* `'TLSv1.3'`. If multiple of the options are provided, the highest maximum is used.
|
744
|
+
*/
|
745
|
+
maxVersion?: SecureVersion | undefined;
|
746
|
+
/**
|
747
|
+
* Optionally set the minimum TLS version to allow. One
|
748
|
+
* of `'TLSv1.3'`, `'TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
|
749
|
+
* `secureProtocol` option, use one or the other. It is not recommended to use
|
750
|
+
* less than TLSv1.2, but it may be required for interoperability.
|
751
|
+
* **Default:** `'TLSv1.2'`, unless changed using CLI options. Using
|
752
|
+
* `--tls-v1.0` sets the default to `'TLSv1'`. Using `--tls-v1.1` sets the default to
|
753
|
+
* `'TLSv1.1'`. Using `--tls-min-v1.3` sets the default to
|
754
|
+
* 'TLSv1.3'. If multiple of the options are provided, the lowest minimum is used.
|
755
|
+
*/
|
756
|
+
minVersion?: SecureVersion | undefined;
|
757
|
+
/**
|
758
|
+
* Shared passphrase used for a single private key and/or a PFX.
|
759
|
+
*/
|
760
|
+
passphrase?: string | undefined;
|
761
|
+
/**
|
762
|
+
* PFX or PKCS12 encoded private key and certificate chain. pfx is an
|
763
|
+
* alternative to providing key and cert individually. PFX is usually
|
764
|
+
* encrypted, if it is, passphrase will be used to decrypt it. Multiple
|
765
|
+
* PFX can be provided either as an array of unencrypted PFX buffers,
|
766
|
+
* or an array of objects in the form {buf: <string|buffer>[,
|
767
|
+
* passphrase: <string>]}. The object form can only occur in an array.
|
768
|
+
* object.passphrase is optional. Encrypted PFX will be decrypted with
|
769
|
+
* object.passphrase if provided, or options.passphrase if it is not.
|
770
|
+
*/
|
771
|
+
pfx?: string | Buffer | Array<string | Buffer | PxfObject> | undefined;
|
772
|
+
/**
|
773
|
+
* Optionally affect the OpenSSL protocol behavior, which is not
|
774
|
+
* usually necessary. This should be used carefully if at all! Value is
|
775
|
+
* a numeric bitmask of the SSL_OP_* options from OpenSSL Options
|
776
|
+
*/
|
777
|
+
secureOptions?: number | undefined; // Value is a numeric bitmask of the `SSL_OP_*` options
|
778
|
+
/**
|
779
|
+
* Legacy mechanism to select the TLS protocol version to use, it does
|
780
|
+
* not support independent control of the minimum and maximum version,
|
781
|
+
* and does not support limiting the protocol to TLSv1.3. Use
|
782
|
+
* minVersion and maxVersion instead. The possible values are listed as
|
783
|
+
* SSL_METHODS, use the function names as strings. For example, use
|
784
|
+
* 'TLSv1_1_method' to force TLS version 1.1, or 'TLS_method' to allow
|
785
|
+
* any TLS protocol version up to TLSv1.3. It is not recommended to use
|
786
|
+
* TLS versions less than 1.2, but it may be required for
|
787
|
+
* interoperability. Default: none, see minVersion.
|
788
|
+
*/
|
789
|
+
secureProtocol?: string | undefined;
|
790
|
+
/**
|
791
|
+
* Opaque identifier used by servers to ensure session state is not
|
792
|
+
* shared between applications. Unused by clients.
|
793
|
+
*/
|
794
|
+
sessionIdContext?: string | undefined;
|
795
|
+
/**
|
796
|
+
* 48-bytes of cryptographically strong pseudo-random data.
|
797
|
+
* See Session Resumption for more information.
|
798
|
+
*/
|
799
|
+
ticketKeys?: Buffer | undefined;
|
800
|
+
/**
|
801
|
+
* The number of seconds after which a TLS session created by the
|
802
|
+
* server will no longer be resumable. See Session Resumption for more
|
803
|
+
* information. Default: 300.
|
804
|
+
*/
|
805
|
+
sessionTimeout?: number | undefined;
|
806
|
+
}
|
807
|
+
interface SecureContext {
|
808
|
+
context: any;
|
809
|
+
}
|
810
|
+
/**
|
811
|
+
* Verifies the certificate `cert` is issued to `hostname`.
|
812
|
+
*
|
813
|
+
* Returns [<Error>](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/Error) object, populating it with `reason`, `host`, and `cert` on
|
814
|
+
* failure. On success, returns [<undefined>](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Data_structures#Undefined_type).
|
815
|
+
*
|
816
|
+
* This function can be overwritten by providing alternative function as part of
|
817
|
+
* the `options.checkServerIdentity` option passed to `tls.connect()`. The
|
818
|
+
* overwriting function can call `tls.checkServerIdentity()` of course, to augment
|
819
|
+
* the checks done with additional verification.
|
820
|
+
*
|
821
|
+
* This function is only called if the certificate passed all other checks, such as
|
822
|
+
* being issued by trusted CA (`options.ca`).
|
823
|
+
* @since v0.8.4
|
824
|
+
* @param hostname The host name or IP address to verify the certificate against.
|
825
|
+
* @param cert A `certificate object` representing the peer's certificate.
|
826
|
+
*/
|
827
|
+
function checkServerIdentity(hostname: string, cert: PeerCertificate): Error | undefined;
|
828
|
+
/**
|
829
|
+
* Creates a new {@link Server}. The `secureConnectionListener`, if provided, is
|
830
|
+
* automatically set as a listener for the `'secureConnection'` event.
|
831
|
+
*
|
832
|
+
* The `ticketKeys` options is automatically shared between `cluster` module
|
833
|
+
* workers.
|
834
|
+
*
|
835
|
+
* The following illustrates a simple echo server:
|
836
|
+
*
|
837
|
+
* ```js
|
838
|
+
* const tls = require('tls');
|
839
|
+
* const fs = require('fs');
|
840
|
+
*
|
841
|
+
* const options = {
|
842
|
+
* key: fs.readFileSync('server-key.pem'),
|
843
|
+
* cert: fs.readFileSync('server-cert.pem'),
|
844
|
+
*
|
845
|
+
* // This is necessary only if using client certificate authentication.
|
846
|
+
* requestCert: true,
|
847
|
+
*
|
848
|
+
* // This is necessary only if the client uses a self-signed certificate.
|
849
|
+
* ca: [ fs.readFileSync('client-cert.pem') ]
|
850
|
+
* };
|
851
|
+
*
|
852
|
+
* const server = tls.createServer(options, (socket) => {
|
853
|
+
* console.log('server connected',
|
854
|
+
* socket.authorized ? 'authorized' : 'unauthorized');
|
855
|
+
* socket.write('welcome!\n');
|
856
|
+
* socket.setEncoding('utf8');
|
857
|
+
* socket.pipe(socket);
|
858
|
+
* });
|
859
|
+
* server.listen(8000, () => {
|
860
|
+
* console.log('server bound');
|
861
|
+
* });
|
862
|
+
* ```
|
863
|
+
*
|
864
|
+
* The server can be tested by connecting to it using the example client from {@link connect}.
|
865
|
+
* @since v0.3.2
|
866
|
+
*/
|
867
|
+
function createServer(secureConnectionListener?: (socket: TLSSocket) => void): Server;
|
868
|
+
function createServer(options: TlsOptions, secureConnectionListener?: (socket: TLSSocket) => void): Server;
|
869
|
+
/**
|
870
|
+
* The `callback` function, if specified, will be added as a listener for the `'secureConnect'` event.
|
871
|
+
*
|
872
|
+
* `tls.connect()` returns a {@link TLSSocket} object.
|
873
|
+
*
|
874
|
+
* Unlike the `https` API, `tls.connect()` does not enable the
|
875
|
+
* SNI (Server Name Indication) extension by default, which may cause some
|
876
|
+
* servers to return an incorrect certificate or reject the connection
|
877
|
+
* altogether. To enable SNI, set the `servername` option in addition
|
878
|
+
* to `host`.
|
879
|
+
*
|
880
|
+
* The following illustrates a client for the echo server example from {@link createServer}:
|
881
|
+
*
|
882
|
+
* ```js
|
883
|
+
* // Assumes an echo server that is listening on port 8000.
|
884
|
+
* const tls = require('tls');
|
885
|
+
* const fs = require('fs');
|
886
|
+
*
|
887
|
+
* const options = {
|
888
|
+
* // Necessary only if the server requires client certificate authentication.
|
889
|
+
* key: fs.readFileSync('client-key.pem'),
|
890
|
+
* cert: fs.readFileSync('client-cert.pem'),
|
891
|
+
*
|
892
|
+
* // Necessary only if the server uses a self-signed certificate.
|
893
|
+
* ca: [ fs.readFileSync('server-cert.pem') ],
|
894
|
+
*
|
895
|
+
* // Necessary only if the server's cert isn't for "localhost".
|
896
|
+
* checkServerIdentity: () => { return null; },
|
897
|
+
* };
|
898
|
+
*
|
899
|
+
* const socket = tls.connect(8000, options, () => {
|
900
|
+
* console.log('client connected',
|
901
|
+
* socket.authorized ? 'authorized' : 'unauthorized');
|
902
|
+
* process.stdin.pipe(socket);
|
903
|
+
* process.stdin.resume();
|
904
|
+
* });
|
905
|
+
* socket.setEncoding('utf8');
|
906
|
+
* socket.on('data', (data) => {
|
907
|
+
* console.log(data);
|
908
|
+
* });
|
909
|
+
* socket.on('end', () => {
|
910
|
+
* console.log('server ends connection');
|
911
|
+
* });
|
912
|
+
* ```
|
913
|
+
* @since v0.11.3
|
914
|
+
*/
|
915
|
+
function connect(options: ConnectionOptions, secureConnectListener?: () => void): TLSSocket;
|
916
|
+
function connect(port: number, host?: string, options?: ConnectionOptions, secureConnectListener?: () => void): TLSSocket;
|
917
|
+
function connect(port: number, options?: ConnectionOptions, secureConnectListener?: () => void): TLSSocket;
|
918
|
+
/**
|
919
|
+
* Creates a new secure pair object with two streams, one of which reads and writes
|
920
|
+
* the encrypted data and the other of which reads and writes the cleartext data.
|
921
|
+
* Generally, the encrypted stream is piped to/from an incoming encrypted data
|
922
|
+
* stream and the cleartext one is used as a replacement for the initial encrypted
|
923
|
+
* stream.
|
924
|
+
*
|
925
|
+
* `tls.createSecurePair()` returns a `tls.SecurePair` object with `cleartext` and`encrypted` stream properties.
|
926
|
+
*
|
927
|
+
* Using `cleartext` has the same API as {@link TLSSocket}.
|
928
|
+
*
|
929
|
+
* The `tls.createSecurePair()` method is now deprecated in favor of`tls.TLSSocket()`. For example, the code:
|
930
|
+
*
|
931
|
+
* ```js
|
932
|
+
* pair = tls.createSecurePair(// ... );
|
933
|
+
* pair.encrypted.pipe(socket);
|
934
|
+
* socket.pipe(pair.encrypted);
|
935
|
+
* ```
|
936
|
+
*
|
937
|
+
* can be replaced by:
|
938
|
+
*
|
939
|
+
* ```js
|
940
|
+
* secureSocket = tls.TLSSocket(socket, options);
|
941
|
+
* ```
|
942
|
+
*
|
943
|
+
* where `secureSocket` has the same API as `pair.cleartext`.
|
944
|
+
* @since v0.3.2
|
945
|
+
* @deprecated Since v0.11.3 - Use {@link TLSSocket} instead.
|
946
|
+
* @param context A secure context object as returned by `tls.createSecureContext()`
|
947
|
+
* @param isServer `true` to specify that this TLS connection should be opened as a server.
|
948
|
+
* @param requestCert `true` to specify whether a server should request a certificate from a connecting client. Only applies when `isServer` is `true`.
|
949
|
+
* @param rejectUnauthorized If not `false` a server automatically reject clients with invalid certificates. Only applies when `isServer` is `true`.
|
950
|
+
*/
|
951
|
+
function createSecurePair(context?: SecureContext, isServer?: boolean, requestCert?: boolean, rejectUnauthorized?: boolean): SecurePair;
|
952
|
+
/**
|
953
|
+
* {@link createServer} sets the default value of the `honorCipherOrder` option
|
954
|
+
* to `true`, other APIs that create secure contexts leave it unset.
|
955
|
+
*
|
956
|
+
* {@link createServer} uses a 128 bit truncated SHA1 hash value generated
|
957
|
+
* from `process.argv` as the default value of the `sessionIdContext` option, other
|
958
|
+
* APIs that create secure contexts have no default value.
|
959
|
+
*
|
960
|
+
* The `tls.createSecureContext()` method creates a `SecureContext` object. It is
|
961
|
+
* usable as an argument to several `tls` APIs, such as {@link createServer} and `server.addContext()`, but has no public methods.
|
962
|
+
*
|
963
|
+
* A key is _required_ for ciphers that use certificates. Either `key` or`pfx` can be used to provide it.
|
964
|
+
*
|
965
|
+
* If the `ca` option is not given, then Node.js will default to using[Mozilla's publicly trusted list of
|
966
|
+
* CAs](https://hg.mozilla.org/mozilla-central/raw-file/tip/security/nss/lib/ckfw/builtins/certdata.txt).
|
967
|
+
* @since v0.11.13
|
968
|
+
*/
|
969
|
+
function createSecureContext(options?: SecureContextOptions): SecureContext;
|
970
|
+
/**
|
971
|
+
* Returns an array with the names of the supported TLS ciphers. The names are
|
972
|
+
* lower-case for historical reasons, but must be uppercased to be used in
|
973
|
+
* the `ciphers` option of {@link createSecureContext}.
|
974
|
+
*
|
975
|
+
* Cipher names that start with `'tls_'` are for TLSv1.3, all the others are for
|
976
|
+
* TLSv1.2 and below.
|
977
|
+
*
|
978
|
+
* ```js
|
979
|
+
* console.log(tls.getCiphers()); // ['aes128-gcm-sha256', 'aes128-sha', ...]
|
980
|
+
* ```
|
981
|
+
* @since v0.10.2
|
982
|
+
*/
|
983
|
+
function getCiphers(): string[];
|
984
|
+
/**
|
985
|
+
* The default curve name to use for ECDH key agreement in a tls server.
|
986
|
+
* The default value is 'auto'. See tls.createSecureContext() for further
|
987
|
+
* information.
|
988
|
+
*/
|
989
|
+
let DEFAULT_ECDH_CURVE: string;
|
990
|
+
/**
|
991
|
+
* The default value of the maxVersion option of
|
992
|
+
* tls.createSecureContext(). It can be assigned any of the supported TLS
|
993
|
+
* protocol versions, 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'. Default:
|
994
|
+
* 'TLSv1.3', unless changed using CLI options. Using --tls-max-v1.2 sets
|
995
|
+
* the default to 'TLSv1.2'. Using --tls-max-v1.3 sets the default to
|
996
|
+
* 'TLSv1.3'. If multiple of the options are provided, the highest maximum
|
997
|
+
* is used.
|
998
|
+
*/
|
999
|
+
let DEFAULT_MAX_VERSION: SecureVersion;
|
1000
|
+
/**
|
1001
|
+
* The default value of the minVersion option of tls.createSecureContext().
|
1002
|
+
* It can be assigned any of the supported TLS protocol versions,
|
1003
|
+
* 'TLSv1.3', 'TLSv1.2', 'TLSv1.1', or 'TLSv1'. Default: 'TLSv1.2', unless
|
1004
|
+
* changed using CLI options. Using --tls-min-v1.0 sets the default to
|
1005
|
+
* 'TLSv1'. Using --tls-min-v1.1 sets the default to 'TLSv1.1'. Using
|
1006
|
+
* --tls-min-v1.3 sets the default to 'TLSv1.3'. If multiple of the options
|
1007
|
+
* are provided, the lowest minimum is used.
|
1008
|
+
*/
|
1009
|
+
let DEFAULT_MIN_VERSION: SecureVersion;
|
1010
|
+
/**
|
1011
|
+
* An immutable array of strings representing the root certificates (in PEM
|
1012
|
+
* format) used for verifying peer certificates. This is the default value
|
1013
|
+
* of the ca option to tls.createSecureContext().
|
1014
|
+
*/
|
1015
|
+
const rootCertificates: ReadonlyArray<string>;
|
1016
|
+
}
|
1017
|
+
declare module 'node:tls' {
|
1018
|
+
export * from 'tls';
|
1019
|
+
}
|