From 29bbabdaf66525c7bcf061704257cdf41b6dc562 Mon Sep 17 00:00:00 2001 From: Adam Majer Date: Thu, 4 Aug 2022 01:46:23 +0200 Subject: [PATCH] doc: clarify tls.tlsSocket.getCipher().version The getCipher() returns a tuple that includes protocol version string. This string refers to the minimum protocol version string, as per documentation. What is missing is a reference to the documentation where to get the negotiated cipher for the socket connection and a clearer example. Fixes: https://github.com/nodejs/node/issues/43406 PR-URL: https://github.com/nodejs/node/pull/44086 Reviewed-By: Luigi Pinca Reviewed-By: Ben Noordhuis --- doc/api/tls.md | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/doc/api/tls.md b/doc/api/tls.md index aa08ec62e948d6..1d4db99a11bf22 100644 --- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -1098,17 +1098,17 @@ changes: * `name` {string} OpenSSL name for the cipher suite. * `standardName` {string} IETF name for the cipher suite. * `version` {string} The minimum TLS protocol version supported by this cipher - suite. + suite. For the actual negotiated protocol, see [`tls.TLSSocket.getProtocol()`][]. Returns an object containing information on the negotiated cipher suite. -For example: +For example, a TLSv1.2 protocol with AES256-SHA cipher: ```json { - "name": "AES128-SHA256", - "standardName": "TLS_RSA_WITH_AES_128_CBC_SHA256", - "version": "TLSv1.2" + "name": "AES256-SHA", + "standardName": "TLS_RSA_WITH_AES_256_CBC_SHA", + "version": "SSLv3" } ``` @@ -2258,6 +2258,7 @@ added: v11.4.0 [`tls.Server`]: #class-tlsserver [`tls.TLSSocket.enableTrace()`]: #tlssocketenabletrace [`tls.TLSSocket.getPeerCertificate()`]: #tlssocketgetpeercertificatedetailed +[`tls.TLSSocket.getProtocol()`]: #tlssocketgetprotocol [`tls.TLSSocket.getSession()`]: #tlssocketgetsession [`tls.TLSSocket.getTLSTicket()`]: #tlssocketgettlsticket [`tls.TLSSocket`]: #class-tlstlssocket