From 543a9a0d4ddbe0acc1bd5a4f782e1c06bbafefe5 Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Sun, 11 Apr 2021 07:30:50 -0700 Subject: [PATCH 1/3] test: fix test-https-agent-additional-options.js `value` was always being assigned to an `undefined` property of an Array. Thus, the assertions that depended on `value` being defined were never being checked. Assign `value` the correct...er...value. --- test/parallel/test-https-agent-additional-options.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/parallel/test-https-agent-additional-options.js b/test/parallel/test-https-agent-additional-options.js index c92b17641d0b58..b596fdcc169d55 100644 --- a/test/parallel/test-https-agent-additional-options.js +++ b/test/parallel/test-https-agent-additional-options.js @@ -63,8 +63,8 @@ function variations(iter, port, cb) { server.close(); } else { // Save `value` for check the next time. - value = next.value.val; const [key, val] = next.value; + value = val; https.get({ ...getBaseOptions(port), [key]: val }, variations(iter, port, cb)); } From 74d62ff7530188beaed0fe1c12eb171a90eec66f Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Sun, 11 Apr 2021 07:34:20 -0700 Subject: [PATCH 2/3] test add tests for missing https agent options Add test that minVersion and maxVersion options are accepted. This should complete coverage for lib/https.js. Refs: https://codecov.io/gh/nodejs/node/src/ec0dcd720e10831b3e783b415c5dc011ed5be2f8/lib/https.js --- test/parallel/test-https-agent-additional-options.js | 2 ++ 1 file changed, 2 insertions(+) diff --git a/test/parallel/test-https-agent-additional-options.js b/test/parallel/test-https-agent-additional-options.js index b596fdcc169d55..543ee176fb6af3 100644 --- a/test/parallel/test-https-agent-additional-options.js +++ b/test/parallel/test-https-agent-additional-options.js @@ -36,6 +36,8 @@ const updatedValues = new Map([ ['dhparam', fixtures.readKey('dh2048.pem')], ['ecdhCurve', 'secp384r1'], ['honorCipherOrder', true], + ['minVersion', 'TLSv1.1'], + ['maxVersion', 'TLSv1.3'], ['secureOptions', crypto.constants.SSL_OP_CIPHER_SERVER_PREFERENCE], ['secureProtocol', 'TLSv1_1_method'], ['sessionIdContext', 'sessionIdContext'], From 55bada0072e62233570164a85aa6f3b442dbd23c Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Sun, 11 Apr 2021 07:38:14 -0700 Subject: [PATCH 3/3] doc: revise TLS minVersion/maxVersion text Minor changes mostly to improve compliance with our style guide. --- doc/api/tls.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/doc/api/tls.md b/doc/api/tls.md index 6ccfb6ca2fd7a5..6df8dc42fb58dd 100644 --- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -1738,12 +1738,12 @@ changes: private key in different ways. * `maxVersion` {string} Optionally set the maximum TLS version to allow. One of `'TLSv1.3'`, `'TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified - along with the `secureProtocol` option, use one or the other. + along with the `secureProtocol` option; use one or the other. **Default:** [`tls.DEFAULT_MAX_VERSION`][]. * `minVersion` {string} Optionally set the minimum TLS version to allow. One of `'TLSv1.3'`, `'TLSv1.2'`, `'TLSv1.1'`, or `'TLSv1'`. Cannot be specified - along with the `secureProtocol` option, use one or the other. It is not - recommended to use less than TLSv1.2, but it may be required for + along with the `secureProtocol` option; use one or the other. Avoid + setting to less than TLSv1.2, but it may be required for interoperability. **Default:** [`tls.DEFAULT_MIN_VERSION`][]. * `passphrase` {string} Shared passphrase used for a single private key and/or