remove TLS config support again

resolves #160

History.md

@@ -5,6 +5,9 @@ v2.4.4 / 2016-12-19
   * Fix TTL value returned from server for records that never expire. [#156](https://github.com/aerospike/aerospike-client-nodejs/issues/156)
   * Add type checks for record keys and raise error when float keys are used. [#158](https://github.com/aerospike/aerospike-client-nodejs/issues/158)
 
+* **Updates**
+  * Remove non-functional TLS support for now. [#160](https://github.com/aerospike/aerospike-client-nodejs/issues/160)
+
 * **Documentation**
   * Mark LargeList functionality as deprectated. [#159](https://github.com/aerospike/aerospike-client-nodejs/issues/159)
 

lib/config.js

@@ -122,54 +122,6 @@ function Config (config) {
     this.port = config.port
   }
 
-  /**
-   * @name Config#tls
-   * @summary Configure Transport Layer Security (TLS) parameters for secure
-   * connections to the database cluster. TLS connections are not supported as
-   * of Aerospike Server v3.9 and depend on a future server release.
-   * @type {Object}
-   * @since v2.4
-   *
-   * @property {boolean} [enable=true] - Enable TLS for socket connections to
-   * cluster nodes. By default TLS is enabled only if the client configuration
-   * includes a <code>tls</code> section.
-   * @property {boolean} [encryptOnly=false] - Only encrypt connections; do not
-   * verify certificates. By default TLS will verify certificates.
-   * @property {string} [cafile] - Path to a trusted CA certificate file. By
-   * default TLS will use system standard trusted CA certificates.
-   * @property {string} [capath] - Path to a directory of trusted certificates.
-   * See the OpenSSL SSL_CTX_load_verify_locations manual page for more
-   * information about the format of the directory.
-   * @property {string} [protocol] - Specifies enabled protocols. The format is
-   * the same as Apache's SSLProtocol documented at
-   * https://httpd.apache.org/docs/current/mod/mod_ssl.html#sslprotocol. If not
-   * specified, the client will use "-all +TLSv1.2". If you are not sure what
-   * protocols to select this option is best left unspecified.
-   * @property {string} [cipherSuite] - Specifies enabled cipher suites. The
-   * format is the same as OpenSSL's Cipher List Format documented at
-   * https://www.openssl.org/docs/manmaster/apps/ciphers.html. If not specified
-   * the OpenSSL default cipher suite described in the ciphers documentation
-   * will be used. If you are not sure what cipher suite to select this option
-   * is best left unspecified.
-   * @property {boolean} [crlCheck=false] - Enable CRL checking for the
-   * certificate chain leaf certificate. An error occurs if a suitable CRL
-   * cannot be found. By default CRL checking is disabled.
-   * @property {boolean} [crlCheckAll=false] - Enable CRL checking for the
-   * entire certificate chain. An error occurs if a suitable CRL cannot be
-   * found. By default CRL checking is disabled.
-   * @property {string} [certBlacklist] - Path to a certificate blacklist file.
-   * The file should contain one line for each blacklisted certificate. Each
-   * line starts with the certificate serial number expressed in hex. Each
-   * entry may optionally specify the issuer name of the certificate. (Serial
-   * numbers are only required to be unique per issuer.) Example records:
-   * <code><br>867EC87482B2 /C=US/ST=CA/O=Acme/OU=Engineering/CN=Test Chain CA<br>
-   * E2D4B0E570F9EF8E885C065899886461</code>
-   *
-   */
-  if (typeof config.tls === 'object') {
-    this.tls = config.tls
-  }
-
   /**
    * @name Config#policies
    * @summaries Global client policies.

src/main/config.cc

@@ -90,73 +90,6 @@ int config_from_jsobject(as_config* config, Local<Object> configObj, const LogIn
 		return AS_NODE_PARAM_ERR;
 	}
 
-	Local<Value> maybe_tls_config = configObj->Get(Nan::New("tls").ToLocalChecked());
-	if (maybe_tls_config->IsObject()) {
-		Local<Object> v8_tls_config = maybe_tls_config->ToObject();
-		config->tls.enable = true;
-
-		if ((rc = get_optional_bool_property(&config->tls.enable, NULL, v8_tls_config, "enable", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		}
-
-		if ((rc = get_optional_bool_property(&config->tls.encrypt_only, NULL, v8_tls_config, "encryptOnly", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		}
-
-		char* cafile;
-		if ((rc = get_optional_string_property(&cafile, &defined, v8_tls_config, "cafile", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		} else if (defined) {
-			strcpy(config->tls.cafile, cafile);
-		}
-
-		char* capath;
-		if ((rc = get_optional_string_property(&capath, &defined, v8_tls_config, "capath", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		} else if (defined) {
-			strcpy(config->tls.capath, capath);
-		}
-
-		char* protocol;
-		if ((rc = get_optional_string_property(&protocol, &defined, v8_tls_config, "protocol", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		} else if (defined) {
-			strcpy(config->tls.protocol, protocol);
-		}
-
-		char* cipher_suite;
-		if ((rc = get_optional_string_property(&cipher_suite, &defined, v8_tls_config, "cipherSuite", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		} else if (defined) {
-			strcpy(config->tls.cipher_suite, cipher_suite);
-		}
-
-		if ((rc = get_optional_bool_property(&config->tls.crl_check, NULL, v8_tls_config, "crlCheck", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		}
-
-		if ((rc = get_optional_bool_property(&config->tls.crl_check_all, NULL, v8_tls_config, "crlCheckAll", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		}
-
-		char* cert_blacklist;
-		if ((rc = get_optional_string_property(&cert_blacklist, &defined, v8_tls_config, "certBlacklist", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		} else if (defined) {
-			strcpy(config->tls.cert_blacklist, cert_blacklist);
-		}
-
-		if ((rc = get_optional_bool_property(&config->tls.log_session_info, NULL, v8_tls_config, "logSessionInfo", log)) != AS_NODE_PARAM_OK) {
-			return rc;
-		}
-
-	} else if (maybe_tls_config->IsUndefined()) {
-		// ignore
-	} else {
-		as_v8_error(log, "'tls' config must be an object");
-		return AS_NODE_PARAM_ERR;
-	}
-
 	if (configObj->Has(Nan::New("policies").ToLocalChecked())) {
 
 		Local<Value> policy_val = configObj->Get(Nan::New("policies").ToLocalChecked());

test/config.js

@@ -45,8 +45,7 @@ describe('Config', function () {
         user: 'admin',
         password: 'sekret',
         sharedMemory: { key: 1234 },
-        modlua: { systemPath: '/system/path', userPath: '/user/path' },
-        tls: { enable: true, encryptOnly: true }
+        modlua: { systemPath: '/system/path', userPath: '/user/path' }
       }
       var config = new Config(obj)
       expect(config).to.have.property('clusterName')
@@ -59,7 +58,6 @@ describe('Config', function () {
       expect(config).to.have.property('password')
       expect(config).to.have.property('sharedMemory')
       expect(config).to.have.property('modlua')
-      expect(config).to.have.property('tls')
     })
 
     it('rejects invalid config properties', function () {

test/key.js

@@ -110,24 +110,27 @@ describe('Key', function () {
     context('plain object keys (for backward compatibility)', function () {
       var client = helper.client
 
-      it('accepts plain objects as user keys', function () {
+      it('accepts plain objects as user keys', function (done) {
         var key = {ns: helper.namespace, set: helper.set, key: 1234}
         client.put(key, {foo: 'bar'}, function (err) {
-          expect(err.code).to.be(status.AEROSPIKE_ERR_PARAM_ERROR)
+          expect(err).to.not.be.ok()
+          done()
         })
       })
 
-      it('returns an error for an unsupported float user key', function () {
+      it('returns an error for an unsupported float user key', function (done) {
         var key = {ns: helper.namespace, set: helper.set, key: 3.1415}
         client.put(key, {foo: 'bar'}, function (err) {
-          expect(err.code).to.be(status.AEROSPIKE_ERR_PARAM_ERROR)
+          expect(err.code).to.be(status.AEROSPIKE_ERR_PARAM)
+          done()
         })
       })
 
-      it('returns an error for an invalid user key', function () {
-        var key = {ns: helper.namespace, set: helper.set, key: 'a_string'}
+      it('returns an error for an invalid user key', function (done) {
+        var key = {ns: helper.namespace, set: helper.set, key: {a: 1, b: 2, c: 3}}
         client.put(key, {foo: 'bar'}, function (err) {
-          expect(err.code).to.be.ok()
+          expect(err.code).to.be(status.AEROSPIKE_ERR_PARAM)
+          done()
         })
       })
     })