Skip to content

[v10.x] doc: describe tls.DEFAULT_MIN_VERSION/_MAX_VERSION #28827

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
ckarande wants to merge 2 commits into from
Closed

[v10.x] doc: describe tls.DEFAULT_MIN_VERSION/_MAX_VERSION #28827

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e3ebd51
doc: describe tls.DEFAULT_MIN_VERSION/_MAX_VERSION
ckarande Jul 23, 2019
c5a360b
doc: fix the links tls default version sections
ckarande Jul 24, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions doc/api/cli.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -773,6 +773,8 @@ greater than `4` (its current default value). For more information, see the
[`Buffer`]: buffer.html#buffer_class_buffer
[`SlowBuffer`]: buffer.html#buffer_class_slowbuffer
[`process.setUncaughtExceptionCaptureCallback()`]: process.html#process_process_setuncaughtexceptioncapturecallback_fn
[`tls.DEFAULT_MAX_VERSION`]: tls.html#tls_tls_default_max_version
[`tls.DEFAULT_MIN_VERSION`]: tls.html#tls_tls_default_min_version
Copy link
Copy Markdown
Member

@addaleax addaleax Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I feel like these should be added to the other file?

Copy link
Copy Markdown
Contributor Author

@ckarande ckarande Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I back-ported this commit from cli.md to 10.x. However, if it is needed in other file (tls.md) I can certainly move/add it there. Do you have any suggestions on where to include it in the tls.md.

Copy link
Copy Markdown
Contributor Author

@ckarande ckarande Jul 24, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On further analysis I realized as the cli options (--tls-max-vXX, --tls-min-vXX) are not supported in v10, there are no corresponding sections for command line option in this file. So these changes do not need to be back ported. I will revert these lines. Thanks.

[Chrome DevTools Protocol]: https://chromedevtools.github.io/devtools-protocol/
[REPL]: repl.html
[ScriptCoverage]: https://chromedevtools.github.io/devtools-protocol/tot/Profiler#type-ScriptCoverage
Expand Down
24 changes: 22 additions & 2 deletions doc/api/tls.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1198,12 +1198,12 @@ changes:
`object.passphrase` if provided, or `options.passphrase` if it is not.
* `maxVersion` {string} Optionally set the maximum TLS version to allow. One
of `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
`secureProtocol` option, use one or the other. **Default:** `'TLSv1.2'`.
`secureProtocol` option, use one or the other. **Default:** [`tls.DEFAULT_MAX_VERSION`][].
Copy link
Copy Markdown
Member

@addaleax addaleax Jul 23, 2019

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I’d expect the linter to complain about the line length here, so:

Suggested change
`secureProtocol` option, use one or the other. **Default:** [`tls.DEFAULT_MAX_VERSION`][].
`secureProtocol` option, use one or the other.
**Default:** [`tls.DEFAULT_MAX_VERSION`][].

* `minVersion` {string} Optionally set the minimum TLS version to allow. One
of `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified along with the
`secureProtocol` option, use one or the other. It is not recommended to use
less than TLSv1.2, but it may be required for interoperability.
**Default:** `'TLSv1'`.
**Default:** [`tls.DEFAULT_MIN_VERSION`][].
* `passphrase` {string} Shared passphrase used for a single private key and/or
a PFX.
* `pfx` {string|string[]|Buffer|Buffer[]|Object[]} PFX or PKCS12 encoded
Expand Down Expand Up @@ -1359,6 +1359,26 @@ The default curve name to use for ECDH key agreement in a tls server. The
default value is `'auto'`. See [`tls.createSecureContext()`] for further
information.

## tls.DEFAULT_MAX_VERSION
<!-- YAML
added: v10.6.0
-->

* {string} The default value of the `maxVersion` option of
[`tls.createSecureContext()`][]. It can be assigned any of the supported TLS
protocol versions, `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`.
**Default:** `'TLSv1.2'`.

## tls.DEFAULT_MIN_VERSION
<!-- YAML
added: v10.6.0
-->

* {string} The default value of the `minVersion` option of
[`tls.createSecureContext()`][]. It can be assigned any of the supported TLS
protocol versions, `TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`.
**Default:** `'TLSv1'`.

## Deprecated APIs

### Class: CryptoStream
Expand Down