Skip to content

Commit

Permalink
feat(NODE-5287): deprecate ssl options (#3743)
Browse files Browse the repository at this point in the history
  • Loading branch information
durran authored Jun 27, 2023
1 parent 777d57b commit f9b5677
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 8 deletions.
15 changes: 14 additions & 1 deletion src/connection_string.ts
Original file line number Diff line number Diff line change
Expand Up @@ -1097,35 +1097,46 @@ export const OPTIONS = {
type: 'boolean'
},
sslCA: {
deprecated:
'sslCA is deprecated and will be removed in the next major version. Please use tlsCAFile instead.',
target: 'ca',
transform({ values: [value] }) {
return fs.readFileSync(String(value), { encoding: 'ascii' });
}
},
sslCRL: {
deprecated:
'sslCRL is deprecated and will be removed in the next major version. Please use tlsCertificateKeyFile instead.',
target: 'crl',
transform({ values: [value] }) {
return fs.readFileSync(String(value), { encoding: 'ascii' });
}
},
sslCert: {
deprecated:
'sslCert is deprecated and will be removed in the next major version. Please use tlsCertificateKeyFile instead.',
target: 'cert',
transform({ values: [value] }) {
return fs.readFileSync(String(value), { encoding: 'ascii' });
}
},
sslKey: {
deprecated:
'sslKey is deprecated and will be removed in the next major version. Please use tlsCertificateKeyFile instead.',
target: 'key',
transform({ values: [value] }) {
return fs.readFileSync(String(value), { encoding: 'ascii' });
}
},
sslPass: {
deprecated: true,
deprecated:
'sslPass is deprecated and will be removed in the next major version. Please use tlsCertificateKeyFilePassword instead.',
target: 'passphrase',
type: 'string'
},
sslValidate: {
deprecated:
'sslValidate is deprecated and will be removed in the next major version. Please use tlsAllowInvalidCertificates instead.',
target: 'rejectUnauthorized',
type: 'boolean'
},
Expand Down Expand Up @@ -1153,6 +1164,8 @@ export const OPTIONS = {
}
},
tlsCertificateFile: {
deprecated:
'tlsCertificateFile is deprecated and will be removed in the next major version. Please use tlsCertificateKeyFile instead.',
target: 'cert',
transform({ values: [value] }) {
return fs.readFileSync(String(value), { encoding: 'ascii' });
Expand Down
35 changes: 28 additions & 7 deletions src/mongo_client.ts
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,10 @@ export interface MongoClientOptions extends BSONSerializeOptions, SupportedNodeC
tls?: boolean;
/** A boolean to enable or disables TLS/SSL for the connection. (The ssl option is equivalent to the tls option.) */
ssl?: boolean;
/** Specifies the location of a local TLS Certificate */
/**
* Specifies the location of a local TLS Certificate
* @deprecated Will be removed in the next major version. Please use tlsCertificateKeyFile instead.
*/
tlsCertificateFile?: string;
/** Specifies the location of a local .pem file that contains either the client's TLS/SSL certificate and key or only the client's TLS/SSL key when tlsCertificateFile is used to provide the certificate. */
tlsCertificateKeyFile?: string;
Expand Down Expand Up @@ -208,17 +211,35 @@ export interface MongoClientOptions extends BSONSerializeOptions, SupportedNodeC
* @see https://www.mongodb.com/docs/manual/reference/write-concern/
*/
writeConcern?: WriteConcern | WriteConcernSettings;
/** Validate mongod server certificate against Certificate Authority */
/**
* Validate mongod server certificate against Certificate Authority
* @deprecated Will be removed in the next major version. Please use tlsAllowInvalidCertificates instead.
*/
sslValidate?: boolean;
/** SSL Certificate file path. */
/**
* SSL Certificate file path.
* @deprecated Will be removed in the next major version. Please use tlsCAFile instead.
*/
sslCA?: string;
/** SSL Certificate file path. */
/**
* SSL Certificate file path.
* @deprecated Will be removed in the next major version. Please use tlsCertificateKeyFile instead.
*/
sslCert?: string;
/** SSL Key file file path. */
/**
* SSL Key file file path.
* @deprecated Will be removed in the next major version. Please use tlsCertificateKeyFile instead.
*/
sslKey?: string;
/** SSL Certificate pass phrase. */
/**
* SSL Certificate pass phrase.
* @deprecated Will be removed in the next major version. Please use tlsCertificateKeyFilePassword instead.
*/
sslPass?: string;
/** SSL Certificate revocation list file path. */
/**
* SSL Certificate revocation list file path.
* @deprecated Will be removed in the next major version. Please use tlsCertificateKeyFile instead.
*/
sslCRL?: string;
/** TCP Connection no delay */
noDelay?: boolean;
Expand Down

0 comments on commit f9b5677

Please sign in to comment.