feat: stabilize Deno.connectTls options and Deno.TlsConn.handshake (#…

…21889)
denoland · Jan 14, 2024 · f3bb0a1 · f3bb0a1
1 parent c2127a8
commit f3bb0a1
Show file tree

Hide file tree

Showing 3 changed files with 11 additions and 73 deletions.
diff --git a/cli/tsc/dts/lib.deno.unstable.d.ts b/cli/tsc/dts/lib.deno.unstable.d.ts
@@ -1173,70 +1173,6 @@ declare namespace Deno {
    */
   export function connect(options: UnixConnectOptions): Promise<UnixConn>;
 
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * @category Network
-   */
-  export interface ConnectTlsOptions {
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * PEM formatted client certificate chain.
-     */
-    certChain?: string;
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * PEM formatted (RSA or PKCS8) private key of client certificate.
-     */
-    privateKey?: string;
-  }
-
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * @category Network
-   */
-  export interface TlsHandshakeInfo {
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * Contains the ALPN protocol selected during negotiation with the server.
-     * If no ALPN protocol selected, returns `null`.
-     */
-    alpnProtocol: string | null;
-  }
-
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * @category Network
-   */
-  export interface TlsConn extends Conn {
-    /** **UNSTABLE**: New API, yet to be vetted.
-     *
-     * Runs the client or server handshake protocol to completion if that has
-     * not happened yet. Calling this method is optional; the TLS handshake
-     * will be completed automatically as soon as data is sent or received.
-     */
-    handshake(): Promise<TlsHandshakeInfo>;
-  }
-
-  /** **UNSTABLE**: New API, yet to be vetted.
-   *
-   * Create a TLS connection with an attached client certificate.
-   *
-   * ```ts
-   * const conn = await Deno.connectTls({
-   *   hostname: "deno.land",
-   *   port: 443,
-   *   certChain: "---- BEGIN CERTIFICATE ----\n ...",
-   *   privateKey: "---- BEGIN PRIVATE KEY ----\n ...",
-   * });
-   * ```
-   *
-   * Requires `allow-net` permission.
-   *
-   * @tags allow-net
-   * @category Network
-   */
-  export function connectTls(options: ConnectTlsOptions): Promise<TlsConn>;
-
   /** **UNSTABLE**: New API, yet to be vetted.
    *
    * Acquire an advisory file-system lock for the provided file.

diff --git a/ext/net/lib.deno_net.d.ts b/ext/net/lib.deno_net.d.ts
@@ -84,8 +84,13 @@ declare namespace Deno {
   }
 
   /** @category Network */
-  // deno-lint-ignore no-empty-interface
-  export interface TlsHandshakeInfo {}
+  export interface TlsHandshakeInfo {
+    /**
+     * Contains the ALPN protocol selected during negotiation with the server.
+     * If no ALPN protocol selected, returns `null`.
+     */
+    alpnProtocol: string | null;
+  }
 
   /** @category Network */
   export interface TlsConn extends Conn {
@@ -247,6 +252,10 @@ declare namespace Deno {
      * TLS handshake.
      */
     alpnProtocols?: string[];
+    /** PEM formatted client certificate chain. */
+    certChain?: string;
+    /** PEM formatted (RSA or PKCS8) private key of client certificate.  */
+    privateKey?: string;
   }
 
   /** Establishes a secure connection over TLS (transport layer security) using

diff --git a/ext/net/ops_tls.rs b/ext/net/ops_tls.rs
@@ -261,13 +261,6 @@ where
     .try_borrow::<UnsafelyIgnoreCertificateErrors>()
     .and_then(|it| it.0.clone());
 
-  if args.cert_chain.is_some() {
-    super::check_unstable(&state.borrow(), "ConnectTlsOptions.certChain");
-  }
-  if args.private_key.is_some() {
-    super::check_unstable(&state.borrow(), "ConnectTlsOptions.privateKey");
-  }
-
   {
     let mut s = state.borrow_mut();
     let permissions = s.borrow_mut::<NP>();