@ac-essentials/misc-util
    Preparing search index...

    Class TlsSocket

    Base class for stream-oriented client sockets.

    This abstraction wraps a net.Socket instance and exposes:

    It is intentionally transport-agnostic: it does not assume a particular address family or protocol. Concrete subclasses such as TcpClient add protocol-specific concerns (for example InetEndpoint accessors, TCP keep-alive configuration, or DNS resolution events) on top of this base.

    Unless explicitly documented otherwise, methods mirror the semantics of their underlying net.Socket counterparts.

    Hierarchy (View Summary)

    Index

    Constructors

    constructor

    Properties

    handledErrorEvents sock

    Accessors

    alpnProtocol authorizationError authorized bytesRead bytesWritten closed connecting destroyed encrypted stream timeout

    Methods

    destroy disableRenegotiation dispatch enableTrace end exportKeyingMaterial getCertificate getCipher getEphemeralKeyInfo getFinished getPeerCertificate getPeerFinished getPeerX509Certificate getProtocol getSession getSharedSigalgs getTicket getX509Certificate isSessionReused isSubscribed ref renegotiate setKeyCert setMaxSendFragment setupEventForwarding subscribe unref unsubscribe wait write from

    Constructors

    Properties

    handledErrorEvents: Set<Error> = ...
    sock: TLSSocket

    The underlying Node.js socket.

    Accessors

    • get stream(): Duplex

      Underlying duplex stream for reading and writing data.

      This is the wrapped net.Socket instance and can be passed directly to APIs that expect a Node.js stream.

      Returns Duplex

    • get timeout(): number | null

      Current inactivity timeout in milliseconds, or null if disabled.

      Returns number | null

    • set timeout(timeout: number | null): void

      Updates the inactivity timeout for the socket.

      When set to a positive number, the socket emits a "timeout" event if no I/O activity occurs within the given number of milliseconds. A value of 0 or null disables the timeout entirely.

      Parameters

      • timeout: number | null

      Returns void

    Methods

    • Dispatches an event to all listeners for the given event name.

      Type Parameters

      • K extends
            | (keyof StreamSocketEvents)
            | "session"
            | "secureConnect"
            | "ocspResponse"
            | "keylog"

      Parameters

      Returns void

    • Half-closes the socket, optionally waiting for a full close.

      If waitForClose is omitted or false, the promise resolves once the local side has finished sending data and the FIN has been queued. When waitForClose is true, the promise resolves only after the remote side has also closed and the "close" event has fired.

      Parameters

      • Optionaloptions: { waitForClose?: boolean }

        Optional settings for ending the socket.

      Returns Promise<void>

      A promise that resolves once the socket has ended.

    • Type Parameters

      • T extends boolean | undefined
      • R = T extends true ? DetailedPeerCertificate : PeerCertificate

      Parameters

      • Optionaldetailed: T

      Returns R

    • Parameters

      • options: { rejectUnauthorized?: boolean; requestCert?: boolean }

      Returns Promise<void>

    • Wait for the next occurrence of a specific event, optionally matching a predicate.

      This is a convenience method that subscribes to the dispatcher, waits for the next event that matches the predicate (if provided), and then unsubscribes automatically.

      Type Parameters

      • K extends
            | (keyof StreamSocketEvents)
            | "session"
            | "secureConnect"
            | "ocspResponse"
            | "keylog"

      Parameters

      Returns Promise<TlsSocketEvents[K]>

      A promise that resolves with the event arguments as an array.

    • Creates a new StreamSocket instance.

      Parameters

      • stream: Duplex
      • Optionaloptions: {
            ALPNProtocols?: readonly string[] | ArrayBufferView<ArrayBufferLike>;
            enableTrace?: boolean;
            rejectUnauthorized?: boolean;
            requestCert?: boolean;
            requestOCSP?: boolean;
            secureContext?: SecureContext;
            session?: Buffer<ArrayBufferLike>;
            SNICallback?: (
                servername: string,
                cb: (err: Error | null, ctx?: SecureContext) => void,
            ) => void;
        }

        Options for creating the underlying Node.js socket.

        • OptionalALPNProtocols?: readonly string[] | ArrayBufferView<ArrayBufferLike>

          An array of strings or a Buffer naming possible ALPN protocols. (Protocols should be ordered by their priority.)

        • OptionalenableTrace?: boolean

          When enabled, TLS packet trace information is written to stderr. This can be used to debug TLS connection problems.

          false
        • OptionalrejectUnauthorized?: boolean

          If true the server will reject any connection which is not authorized with the list of supplied CAs. This option only has an effect if requestCert is true.

          true
        • OptionalrequestCert?: boolean

          If true the server will request a certificate from clients that connect and attempt to verify that certificate. Defaults to false.

        • OptionalrequestOCSP?: boolean

          If true, specifies that the OCSP status request extension will be added to the client hello and an 'OCSPResponse' event will be emitted on the socket before establishing a secure communication

        • OptionalsecureContext?: SecureContext

          An optional TLS context object from tls.createSecureContext()

        • Optionalsession?: Buffer<ArrayBufferLike>

          An optional Buffer instance containing a TLS session.

        • OptionalSNICallback?: (
              servername: string,
              cb: (err: Error | null, ctx?: SecureContext) => void,
          ) => void

          SNICallback(servername, cb) A function that will be called if the client supports SNI TLS extension. Two arguments will be passed when called: servername and cb. SNICallback should invoke cb(null, ctx), where ctx is a SecureContext instance. (tls.createSecureContext(...) can be used to get a proper SecureContext.) If SNICallback wasn't provided the default callback with high-level API will be used (see below).

      Returns TlsSocket

      A new StreamSocket instance.

    Settings

    Member Visibility

    On This Page

    Constructors
    Properties
    Accessors
    Methods