Fix tls.createSecurePair deprecation warning
#738
Conversation
|
A few additional notes - I'm not happy about forking Once we drop support for Node.js 6.x, we can switch over to the original |
thanks 
|
Four years, Is it finally time for the depreciation warning to be depreciated, hold me boys.. It's happening 💯 |
|
How is this coming along? |
|
@arthurschreiber Are there any updates to share on this? When can we expect this to be merged? |
src/message-io.js
Outdated
|
|
||
| // Verify that server's identity matches it's certificate's names |
There was a problem hiding this comment.
By switching to tls.connect, we no longer need to perform server verification ourselves, and can instead make use of the rejectUnauthorized option. 🎉
| // data once we attach a `data` listener. But on Node <= 0.10.x, this is not | ||
| // the case. We need to kick the cleartext stream once to get the | ||
| // encrypted end of the secure pair to emit the TLS handshake data. | ||
| this.securePair.cleartext.write(''); |
There was a problem hiding this comment.
By switching to tls.connect, we no longer need to "kick" the secure socket to start performing the handshake - it's all handled automatically. 👍 (Also, the comment here was severely out-of-date. 🤷♂️)
arthurschreiber
force-pushed
the
arthur/fix-deprecation-warning
branch
from
d4097fc to
23e5bcd
Compare
This ensures we actually always perform a proper tls connection setup - and that errors are handled correctly.
arthurschreiber
force-pushed
the
arthur/fix-deprecation-warning
branch
from
23e5bcd to
0979ff9
Compare
|
@arthurschreiber Legendary. |
|
@LiamDotPro I know, right? 😅 |
This is based on the great work done by @joux3 over in #689. 🙇
I forked
duplexpairinto anative-duplexpair, a version that uses theDuplexstream exposed by Node.js' built-instreammodule, instead of thereadable-streammodule. This solves an issue where theduplexpairusage on Node.JS versions before the 8.x line would cause a crash.