From 50122fed8ae29c982fa4c806136c4b24dd2de382 Mon Sep 17 00:00:00 2001 From: Fedor Indutny Date: Fri, 20 Jul 2012 21:43:12 +0400 Subject: [PATCH] tls: fix 'hostless' tls connection verification And fix last failing tests --- lib/tls.js | 2 +- test/simple/test-tls-client-verify.js | 7 +++++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/lib/tls.js b/lib/tls.js index 584ee0a5b9..089ad9bab9 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -1208,7 +1208,7 @@ exports.connect = function(/* [port, host], options, cb */) { var sslcontext = crypto.createCredentials(options); convertNPNProtocols(options.NPNProtocols, this); - var hostname = options.servername || options.host, + var hostname = options.servername || options.host || 'localhost', pair = new SecurePair(sslcontext, false, true, options.rejectUnauthorized === true ? true : false, { diff --git a/test/simple/test-tls-client-verify.js b/test/simple/test-tls-client-verify.js index 4e5c4abfbf..9b1083f064 100644 --- a/test/simple/test-tls-client-verify.js +++ b/test/simple/test-tls-client-verify.js @@ -25,6 +25,7 @@ if (!process.versions.openssl) { } +var hosterr = 'Hostname/IP doesn\'t match certificate\'s altnames'; var testCases = [{ ca: ['ca1-cert'], key: 'agent2-key', @@ -101,10 +102,12 @@ function testServers(index, servers, clientOptions, cb) { console.error('connecting...'); var client = tls.connect(clientOptions, function() { + var authorized = client.authorized || + client.authorizationError === hosterr; - console.error('expected: ' + ok + ' authed: ' + client.authorized); + console.error('expected: ' + ok + ' authed: ' + authorized); - assert.equal(ok, client.authorized); + assert.equal(ok, authorized); server.close(); });