From 881aafabd60b4643319aed1b37f4a5e2ec0fde5e Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Sat, 30 Nov 2019 19:18:01 -0800 Subject: [PATCH 1/3] doc: clarify text about using 'session' event for compatibility --- doc/api/tls.md | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/doc/api/tls.md b/doc/api/tls.md index 3fd8e8cb494de7..a38a6aa8db1264 100644 --- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -726,14 +726,12 @@ On the client, the `session` can be provided to the `session` option of See [Session Resumption][] for more information. -Note: For TLSv1.2 and below, [`tls.TLSSocket.getSession()`][] can be called once -the handshake is complete. For TLSv1.3, only ticket based resumption is allowed -by the protocol, multiple tickets are sent, and the tickets aren't sent until -later, after the handshake completes, so it is necessary to wait for the -`'session'` event to get a resumable session. Applications are -recommended to use the `'session'` event instead of `getSession()` to ensure -they will work for all TLS protocol versions. Applications that only expect to -get or use 1 session should listen for this event only once: +For TLSv1.3, it is necessary to wait for the 'session' event to get a resumable +session. This is because only ticket-based resumption is allowed by the +protocol. Tickets aren't sent until after the handshake completes. Applications +should use the 'session' event instead of [`tls.TLSSocket.getSession()`][] to +ensure they work for all TLS versions. Applications that only expect to get or +use 1 session should listen for this event only once: ```js tlsSocket.once('session', (session) => { From 07b44e2eff1ab072bcc98d83b17f47009d05e51b Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Mon, 2 Dec 2019 21:42:09 -0800 Subject: [PATCH 2/3] fixup! doc: clarify text about using 'session' event for compatibility --- doc/api/tls.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/api/tls.md b/doc/api/tls.md index a38a6aa8db1264..1b261468745ffe 100644 --- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -729,7 +729,7 @@ See [Session Resumption][] for more information. For TLSv1.3, it is necessary to wait for the 'session' event to get a resumable session. This is because only ticket-based resumption is allowed by the protocol. Tickets aren't sent until after the handshake completes. Applications -should use the 'session' event instead of [`tls.TLSSocket.getSession()`][] to +should use the `'session'` event instead of [`tls.TLSSocket.getSession()`][] to ensure they work for all TLS versions. Applications that only expect to get or use 1 session should listen for this event only once: From c2f51a787e33334e44592d06d18fd9f44788c447 Mon Sep 17 00:00:00 2001 From: Rich Trott Date: Tue, 3 Dec 2019 11:18:14 -0800 Subject: [PATCH 3/3] fixup! fixup! doc: clarify text about using 'session' event for compatibility --- doc/api/tls.md | 14 ++++++++------ 1 file changed, 8 insertions(+), 6 deletions(-) diff --git a/doc/api/tls.md b/doc/api/tls.md index 1b261468745ffe..8fa601096bc779 100644 --- a/doc/api/tls.md +++ b/doc/api/tls.md @@ -726,12 +726,14 @@ On the client, the `session` can be provided to the `session` option of See [Session Resumption][] for more information. -For TLSv1.3, it is necessary to wait for the 'session' event to get a resumable -session. This is because only ticket-based resumption is allowed by the -protocol. Tickets aren't sent until after the handshake completes. Applications -should use the `'session'` event instead of [`tls.TLSSocket.getSession()`][] to -ensure they work for all TLS versions. Applications that only expect to get or -use 1 session should listen for this event only once: +For TLSv1.2 and below, [`tls.TLSSocket.getSession()`][] can be called once +the handshake is complete. For TLSv1.3, only ticket-based resumption is allowed +by the protocol, multiple tickets are sent, and the tickets aren't sent until +after the handshake completes. So it is necessary to wait for the +`'session'` event to get a resumable session. Applications +should use the `'session'` event instead of `getSession()` to ensure +they will work for all TLS versions. Applications that only expect to +get or use one session should listen for this event only once: ```js tlsSocket.once('session', (session) => {