lukechilds
/
node
mirror of https://github.com/lukechilds/node.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

tls: migrate tls.js to use internal/errors.js 

Migrate tls.js to use internal/errors.js as per
https://github.com/nodejs/node/issues/11273

PR-URL: https://github.com/nodejs/node/pull/13994
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
v6
Michael Dawson 7 years ago
parent
f406a7ebae
commit
3ccfeb483d
7 changed files with 18 additions and 19 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      lib/internal/errors.js
  2. 4
      lib/tls.js
  3. 17
      test/parallel/test-https-strict.js
  4. 6
      test/parallel/test-internal-errors.js
  5. 3
      test/parallel/test-tls-client-verify.js
  6. 3
      test/parallel/test-tls-sni-option.js
  7. 2
      test/parallel/test-tls-sni-server-client.js

2
lib/internal/errors.js
View File

@ -174,6 +174,8 @@ E('ERR_SOCKET_DGRAM_NOT_RUNNING', 'Not running');
E('ERR_STDERR_CLOSE', 'process.stderr cannot be closed');
E('ERR_STDOUT_CLOSE', 'process.stdout cannot be closed');
E('ERR_STREAM_WRAP', 'Stream has StringDecoder set or is in objectMode');
E('ERR_TLS_CERT_ALTNAME_INVALID',
'Hostname/IP does not match certificate\'s altnames: %s');
E('ERR_TRANSFORM_ALREADY_TRANSFORMING',
'Calling transform done when still transforming');
E('ERR_TRANSFORM_WITH_LENGTH_0',

4
lib/tls.js
View File

@ -21,6 +21,7 @@
'use strict';
const errors = require('internal/errors');
const internalUtil = require('internal/util');
internalUtil.assertCrypto();
@ -219,8 +220,7 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
}
if (!valid) {
const err = new Error(
`Hostname/IP doesn't match certificate's altnames: "${reason}"`);
const err = new errors.Error('ERR_TLS_CERT_ALTNAME_INVALID', reason);
err.reason = reason;
err.host = host;
err.cert = cert;

17
test/parallel/test-https-strict.js
View File

@ -170,13 +170,9 @@ function allListening() {
// server1: host 'agent1', signed by ca1
makeReq('/inv1', port1, 'UNABLE_TO_VERIFY_LEAF_SIGNATURE');
makeReq('/inv1-ca1', port1,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent1"',
makeReq('/inv1-ca1', port1, 'ERR_TLS_CERT_ALTNAME_INVALID',
null, ca1);
makeReq('/inv1-ca1ca2', port1,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent1"',
makeReq('/inv1-ca1ca2', port1, 'ERR_TLS_CERT_ALTNAME_INVALID',
null, [ca1, ca2]);
makeReq('/val1-ca1', port1, null, 'agent1', ca1);
makeReq('/val1-ca1ca2', port1, null, 'agent1', [ca1, ca2]);
@ -193,13 +189,8 @@ function allListening() {
// server3: host 'agent3', signed by ca2
makeReq('/inv3', port3, 'UNABLE_TO_VERIFY_LEAF_SIGNATURE');
makeReq('/inv3-ca2', port3,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent3"',
null, ca2);
makeReq('/inv3-ca1ca2', port3,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent3"',
makeReq('/inv3-ca2', port3, 'ERR_TLS_CERT_ALTNAME_INVALID', null, ca2);
makeReq('/inv3-ca1ca2', port3, 'ERR_TLS_CERT_ALTNAME_INVALID',
null, [ca1, ca2]);
makeReq('/val3-ca2', port3, null, 'agent3', ca2);
makeReq('/val3-ca1ca2', port3, null, 'agent3', [ca1, ca2]);

6
test/parallel/test-internal-errors.js
View File

@ -229,3 +229,9 @@ assert.throws(
code: 'ERR_ASSERTION',
message: /^At least one arg needs to be specified$/
}));
// Test ERR_TLS_CERT_ALTNAME_INVALID
assert.strictEqual(
errors.message('ERR_TLS_CERT_ALTNAME_INVALID', ['altname']),
'Hostname/IP does not match certificate\'s altnames: altname');

3
test/parallel/test-tls-client-verify.js
View File

@ -29,7 +29,6 @@ const fs = require('fs');
const path = require('path');
const tls = require('tls');
const hosterr = /Hostname\/IP doesn't match certificate's altnames/;
const testCases =
[{ ca: ['ca1-cert'],
key: 'agent2-key',
@ -101,7 +100,7 @@ function testServers(index, servers, clientOptions, cb) {
clientOptions.port = this.address().port;
const client = tls.connect(clientOptions, common.mustCall(function() {
const authorized = client.authorized ||
hosterr.test(client.authorizationError);
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID');
console.error(`expected: ${ok} authed: ${authorized}`);

3
test/parallel/test-tls-sni-option.js
View File

@ -141,7 +141,8 @@ function startTest() {
options.port = server.address().port;
const client = tls.connect(options, function() {
clientResults.push(
/Hostname\/IP doesn't/.test(client.authorizationError || ''));
client.authorizationError &&
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID'));
client.destroy();
next();

2
test/parallel/test-tls-sni-server-client.js
View File

@ -113,7 +113,7 @@ function startTest() {
const client = tls.connect(options, function() {
clientResults.push(
client.authorizationError &&
/Hostname\/IP doesn't/.test(client.authorizationError));
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID'));
client.destroy();
// Continue

Write Preview
Loading…
Cancel
Save