src,lib: implement experimental DTLS API#63182
Closed
jasnell wants to merge 3 commits into
Closed
Conversation
Collaborator
|
Review requested:
|
nodejs-github-bot
added
lib / src
Member
Author
|
@nodejs/net |
jasnell
force-pushed
the
jasnell/dtls
branch
3 times, most recently
from
a09cc0b to
9bd9284
Compare
jasnell
added
net
This comment was marked as resolved.
This comment was marked as resolved.
jasnell
force-pushed
the
jasnell/dtls
branch
3 times, most recently
from
c33674f to
e1dc8db
Compare
This comment was marked as duplicate.
This comment was marked as duplicate.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
This comment was marked as outdated.
Decided to take a short break from the work on QUIC
to implement a DTLS API. Very experimental at this
point but the basic API is there (inspired by the
QUIC API work).
The implementation is based on OpenSSL's built-in
DTLS support and no other dependencies are required.
DTLS is a datagram-based version of TLS that is used
for things like WebRTC and CoAP. It provides similar
security guarantees as TLS but is designed to work over
UDP instead of TCP.
This shouldn't be considered ready for production
but it is a good starting point for experimentation
and feedback.
```bash
./configure --experimental-dtls
make -j{nproc}
./node --experimental-dtls my-dtls-app.js
```
Signed-off-by: James M Snell <jasnell@gmail.com>
Assisted-by: Opencode:Opus 4.6
This comment was marked as outdated.
This comment was marked as outdated.
Collaborator
mcollina
approved these changes
May 16, 2026
mcollina
left a comment
mcollina
left a comment
Member
There was a problem hiding this comment.
RSLGTM, the API makes sense.
Before enabling in the default build, make sure to have your agent do a pass in finding security bugs, as I don't want us to be spammed.
Qard
approved these changes
May 21, 2026
Member
Author
|
@nodejs ... per our new "large PR" rules. this needs an additional @nodejs/tsc sign off before it can land. |
RafaelGSS
approved these changes
May 21, 2026
RafaelGSS
left a comment
RafaelGSS
left a comment
Member
There was a problem hiding this comment.
I might have overlooked it, but I didn't see a test for expectsWarning from experimental usage. There's a warning, but no assertion to it (non-blocking tho)
jasnell
added a commit
that referenced
this pull request
May 21, 2026
Decided to take a short break from the work on QUIC
to implement a DTLS API. Very experimental at this
point but the basic API is there (inspired by the
QUIC API work).
The implementation is based on OpenSSL's built-in
DTLS support and no other dependencies are required.
DTLS is a datagram-based version of TLS that is used
for things like WebRTC and CoAP. It provides similar
security guarantees as TLS but is designed to work over
UDP instead of TCP.
This shouldn't be considered ready for production
but it is a good starting point for experimentation
and feedback.
```bash
./configure --experimental-dtls
make -j{nproc}
./node --experimental-dtls my-dtls-app.js
```
Signed-off-by: James M Snell <jasnell@gmail.com>
Assisted-by: Opencode:Opus 4.6
PR-URL: #63182
Fixes: #61630
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
Member
Author
|
Landed in 9c60b08...f835cc4 |
richardlau
added
the
semver-minor
araujogui
pushed a commit
to araujogui/node
that referenced
this pull request
May 26, 2026
Decided to take a short break from the work on QUIC
to implement a DTLS API. Very experimental at this
point but the basic API is there (inspired by the
QUIC API work).
The implementation is based on OpenSSL's built-in
DTLS support and no other dependencies are required.
DTLS is a datagram-based version of TLS that is used
for things like WebRTC and CoAP. It provides similar
security guarantees as TLS but is designed to work over
UDP instead of TCP.
This shouldn't be considered ready for production
but it is a good starting point for experimentation
and feedback.
```bash
./configure --experimental-dtls
make -j{nproc}
./node --experimental-dtls my-dtls-app.js
```
Signed-off-by: James M Snell <jasnell@gmail.com>
Assisted-by: Opencode:Opus 4.6
PR-URL: nodejs#63182
Fixes: nodejs#61630
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Stephen Belanger <admin@stephenbelanger.com>
Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
araujogui
pushed a commit
to araujogui/node
that referenced
this pull request
May 26, 2026
PR-URL: nodejs#63182 Fixes: nodejs#61630 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
araujogui
pushed a commit
to araujogui/node
that referenced
this pull request
May 26, 2026
PR-URL: nodejs#63182 Fixes: nodejs#61630 Reviewed-By: Matteo Collina <matteo.collina@gmail.com> Reviewed-By: Stephen Belanger <admin@stephenbelanger.com> Reviewed-By: Rafael Gonzaga <rafael.nunu@hotmail.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Decided to take a short break from the work on QUIC to implement a DTLS API, mostly just for the enjoyment of it. Very experimental at this point but the basic API is there (inspired by the QUIC API work).
The implementation is based on OpenSSL's built-in DTLS support and no other dependencies are required.
DTLS is a datagram-based version of TLS that is used for things like WebRTC and CoAP. It provides similar security guarantees as TLS but is designed to work over UDP instead of TCP.
This shouldn't be considered ready for production but it is a good starting point for experimentation and feedback.
./configure --experimental-dtls make -j{nproc} ./node --experimental-dtls my-dtls-app.jsFixes: #61630