From 7656d58eed6524a5b1750fb0be86e67d338d7f90 Mon Sep 17 00:00:00 2001 From: Sam Roberts Date: Wed, 30 Jan 2019 12:18:04 -0800 Subject: [PATCH] tls: introduce client 'session' event OpenSSL has supported async notification of sessions and tickets since 1.1.0 using SSL_CTX_sess_set_new_cb(), for all versions of TLS. Using the async API is optional for TLS1.2 and below, but for TLS1.3 it will be mandatory. Future-proof applications should start to use async notification immediately. In the future, for TLS1.3, applications that don't use the async API will silently, but gracefully, fail to resume sessions and instead do a full handshake. See: https://wiki.openssl.org/index.php/TLS1.3#Sessions PR-URL: https://github.com/nodejs/node/pull/25831 Reviewed-By: Anna Henningsen Reviewed-By: Fedor Indutny --- doc/api/tls.md | 49 +++++++++++++++++-- lib/_tls_wrap.js | 21 ++++++++ lib/https.js | 24 ++++----- src/node_crypto.cc | 6 ++- src/tls_wrap.cc | 5 ++ test/parallel/test-https-client-resume.js | 27 +++++----- .../test-tls-async-cb-after-socket-end.js | 10 +++- test/parallel/test-tls-client-resume.js | 42 +++++++++------- test/parallel/test-tls-ticket-cluster.js | 3 +- test/parallel/test-tls-ticket.js | 10 ++++ 10 files changed, 148 insertions(+), 49 deletions(-) diff --git a/doc/api/tls.md b/doc/api/tls.md index 10300182e2e07a..0e8eb30cef0c41 100644 --- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -152,9 +152,9 @@ will create a new session. See [RFC 2246][] for more information, page 23 and Resumption using session identifiers is supported by most web browsers when making HTTPS requests. -For Node.js, clients must call [`tls.TLSSocket.getSession()`][] after the -[`'secureConnect'`][] event to get the session data, and provide the data to the -`session` option of [`tls.connect()`][] to reuse the session. Servers must +For Node.js, clients wait for the [`'session'`][] event to get the session data, +and provide the data to the `session` option of a subsequent [`tls.connect()`][] +to reuse the session. Servers must implement handlers for the [`'newSession'`][] and [`'resumeSession'`][] events to save and restore the session data using the session ID as the lookup key to reuse sessions. To reuse sessions across load balancers or cluster workers, @@ -614,6 +614,45 @@ determine if the server certificate was signed by one of the specified CAs. If `tlsSocket.alpnProtocol` property can be checked to determine the negotiated protocol. +### Event: 'session' + + +* `session` {Buffer} + +The `'session'` event is emitted on a client `tls.TLSSocket` when a new session +or TLS ticket is available. This may or may not be before the handshake is +complete, depending on the TLS protocol version that was negotiated. The event +is not emitted on the server, or if a new session was not created, for example, +when the connection was resumed. For some TLS protocol versions the event may be +emitted multiple times, in which case all the sessions can be used for +resumption. + +On the client, the `session` can be provided to the `session` option of +[`tls.connect()`][] to resume the connection. + +See [Session Resumption][] for more information. + +Note: For TLS1.2 and below, [`tls.TLSSocket.getSession()`][] can be called once +the handshake is complete. For TLS1.3, only ticket based resumption is allowed +by the protocol, multiple tickets are sent, and the tickets aren't sent until +later, after the handshake completes, so it is necessary to wait for the +`'session'` event to get a resumable session. Future-proof applications are +recommended to use the `'session'` event instead of `getSession()` to ensure +they will work for all TLS protocol versions. Applications that only expect to +get or use 1 session should listen for this event only once: + +```js +tlsSocket.once('session', (session) => { + // The session can be used immediately or later. + tls.connect({ + session: session, + // Other connect options... + }); +}); +``` + ### tlsSocket.address()