Skip to content

tls: forward keepAlive, keepAliveInitialDelay, noDelay to socket#62004

Open
tadjik1 wants to merge 1 commit intonodejs:mainfrom
tadjik1:fix/tls-connect-keepalive-nodelay
Open

tls: forward keepAlive, keepAliveInitialDelay, noDelay to socket#62004
tadjik1 wants to merge 1 commit intonodejs:mainfrom
tadjik1:fix/tls-connect-keepalive-nodelay

Conversation

@tadjik1
Copy link
Contributor

@tadjik1 tadjik1 commented Feb 26, 2026
edited
Loading

Summary

tls.connect() silently ignores keepAlive, keepAliveInitialDelay, and noDelay options. The documentation states it accepts any socket.connect() option, and net.createConnection() with the same options works correctly.

This forwards the options through both points so net.Socket's constructor stores them on the internal symbols (kSetNoDelay, kSetKeepAlive, kSetKeepAliveInitialDelay), which afterConnect() then applies to the handle.

Fixes: #62003

I believe this is a good candidate for backport, as it fixes a silent options-dropping bug in tls.connect() that affects keepAlive/noDelay behavior (in particular with AWS Lambda on 20.x runtime).

@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Feb 26, 2026

Review requested:

  • @nodejs/crypto
  • @nodejs/net

@nodejs-github-bot nodejs-github-bot added needs-ci PRs that need a full CI run. tls Issues and PRs related to the tls subsystem. labels Feb 26, 2026
mcollina
mcollina approved these changes Feb 26, 2026
View reviewed changes
Copy link
Member

@mcollina mcollina left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Renegade334
Renegade334 reviewed Feb 26, 2026
View reviewed changes
test/parallel/test-tls-connect-keepalive-nodelay.js Outdated
Comment on lines 19 to 25
// Retrieve internal symbols used by net.Socket to store socket options.
const symbols = Object.getOwnPropertySymbols(new net.Socket());
const kSetNoDelay = symbols.find((s) => s.toString() === 'Symbol(kSetNoDelay)');
const kSetKeepAlive =
symbols.find((s) => s.toString() === 'Symbol(kSetKeepAlive)');
const kSetKeepAliveInitialDelay =
symbols.find((s) => s.toString() === 'Symbol(kSetKeepAliveInitialDelay)');
Copy link
Member

@Renegade334 Renegade334 Feb 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is it worth just moving the symbols to internal/net so that we can access them for testing?

Copy link
Contributor Author

@tadjik1 tadjik1 Feb 26, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks @Renegade334, good idea. Moved those 3 Symbols to internal/net and replaced this part of the test with simple import.

@codecov
Copy link

codecov bot commented Feb 26, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 89.73%. Comparing base (abddfc9) to head (a373f56).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main   #62004   +/-   ##
=======================================
  Coverage   89.72%   89.73%           
=======================================
  Files         676      676           
  Lines      205988   205997    +9     
  Branches    39490    39487    -3     
=======================================
+ Hits       184830   184846   +16     
- Misses      13295    13298    +3     
+ Partials     7863     7853   -10
Files with missing lines Coverage Δ
lib/internal/net.js 100.00% <100.00%> (ø)
lib/internal/tls/wrap.js 95.06% <100.00%> (+0.01%) ⬆️
lib/net.js 94.51% <100.00%> (ø)

... and 24 files with indirect coverage changes

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@tadjik1 tadjik1 mentioned this pull request Feb 26, 2026
Open
5 tasks
@Renegade334
Copy link
Member

Renegade334 commented Feb 26, 2026

Salient flake? https://github.com/nodejs/node/actions/runs/22445069433/job/64998729324#step:8:1

@tadjik1
Copy link
Contributor Author

tadjik1 commented Feb 26, 2026
edited
Loading

It seems like pre-existing flake, I see this test (test-https-autoselectfamily-slow-timeout) failed before as well: https://github.com/nodejs/node/actions/workflows/test-internet.yml.
This run from December 31st last year, as an example: https://github.com/nodejs/node/actions/runs/20609120439/job/59190442091

10ms for the timeout is probably too sensitive to CI network.

addaleax
addaleax approved these changes Feb 26, 2026
View reviewed changes
Copy link
Member

@addaleax addaleax left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

Can the commit message be updated with the context from the PR description? Rebasing/amending commits is fine 🙂

@tadjik1
tls: forward keepAlive, keepAliveInitialDelay, noDelay to socket
a373f56 
`tls.connect()` silently ignores `keepAlive`, `keepAliveInitialDelay`,
and `noDelay` options. The documentation states it accepts any
`socket.connect()` option, and `net.createConnection()` with the same
options works correctly.

Forward the options through both code paths so `net.Socket`'s
constructor stores them on the internal symbols (`kSetNoDelay`,
`kSetKeepAlive`, `kSetKeepAliveInitialDelay`), which `afterConnect()`
then applies to the handle.

Fixes: nodejs#62003
@tadjik1 tadjik1 force-pushed the fix/tls-connect-keepalive-nodelay branch from e4c82ea to a373f56 Compare February 26, 2026 15:22
addaleax
addaleax approved these changes Feb 26, 2026
View reviewed changes
Copy link
Member

@addaleax addaleax left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

(in the interest of full disclosure: @tadjik1 is a coworker of mine)

@addaleax addaleax added author ready PRs that have at least one approval, no pending requests for changes, and a CI started. request-ci Add this label to start a Jenkins CI on a PR. labels Feb 26, 2026
@github-actions github-actions bot removed the request-ci Add this label to start a Jenkins CI on a PR. label Feb 26, 2026
@nodejs-github-bot
Copy link
Collaborator

nodejs-github-bot commented Feb 26, 2026

CI: https://ci.nodejs.org/job/node-test-pull-request/71469/

@addaleax addaleax added the commit-queue Add this label to land a pull request using GitHub Actions. label Feb 26, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mcollina mcollina mcollina approved these changes

@addaleax addaleax addaleax approved these changes

@Renegade334 Renegade334 Renegade334 approved these changes

Assignees

No one assigned

Labels

author ready PRs that have at least one approval, no pending requests for changes, and a CI started. commit-queue Add this label to land a pull request using GitHub Actions. needs-ci PRs that need a full CI run. tls Issues and PRs related to the tls subsystem.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

tls: tls.connect() silently ignores keepAlive, keepAliveInitialDelay, and noDelay options

5 participants

@tadjik1 @nodejs-github-bot @Renegade334 @mcollina @addaleax