Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(tls): custom in memory CA certificates #12219

Merged
merged 9 commits into from
Sep 30, 2021
Merged

feat(tls): custom in memory CA certificates #12219

merged 9 commits into from
Sep 30, 2021

Conversation

lucacasonato
Copy link
Member

This adds support for using in memory CA certificates for
Deno.startTLS, Deno.connectTLS and Deno.createHttpClient.

certFile is deprecated in startTls and connectTls, and removed
from Deno.createHttpClient.

Closes #11608.

@lucacasonato
feat(tls): custom in memory CA certificates
3d577a4 
This adds support for using in memory CA certificates for
`Deno.startTLS`, `Deno.connectTLS` and `Deno.createHttpClient`.

`certFile` is deprecated in `startTls` and `connectTls`, and removed
from `Deno.createHttpClient`.
@lucacasonato
Merge branch 'main' of github.com:denoland/deno into in_memory_tls
673e03e
@lucacasonato
lint
43be20d
@lucacasonato lucacasonato added this to the 1.15.0 milestone Sep 27, 2021
bnoordhuis
bnoordhuis approved these changes Sep 27, 2021
View reviewed changes
Copy link
Contributor

@bnoordhuis bnoordhuis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Not sure why cli/tests/testdata/045_programmatic_proxy_client.ts fails with Uncaught TypeError: Error parsing args: serde_v8 error: ExpectedArray.

serde_v8 bug? Does it expect an Option<Vec<String>>?

ext/fetch/lib.rs Outdated
ca_stores: Option<Vec<String>>,
ca_file: Option<String>,
ca_data: Option<ByteString>,
#[serde(default)]
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I admit I don't understand what this changes. It's also specified on the type.

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It should force caCerts: undefined to be deserialized as caCerts: []. Essentially use Default::default when the field is falsy or not present.

@lucacasonato lucacasonato merged commit 0d7a417 into denoland:main Sep 30, 2021
@lucacasonato lucacasonato deleted the in_memory_tls branch September 30, 2021 07:26
@kt3k kt3k mentioned this pull request Aug 23, 2022
Closed
14 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@bnoordhuis bnoordhuis bnoordhuis approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.15.0
Development

Successfully merging this pull request may close these issues.

Proposal: replace certFile in Deno.ConnectTlsOptions with caCerts
2 participants
@lucacasonato @bnoordhuis