diff --git a/lib/_stream_writable.js b/lib/_stream_writable.js index 276b001874..c004b37158 100644 --- a/lib/_stream_writable.js +++ b/lib/_stream_writable.js @@ -115,6 +115,9 @@ function WritableState(options, stream) { // emit prefinish if the only thing we're waiting for is _write cbs // This is relevant for synchronous Transform streams this.prefinished = false; + + // Internal, used in net.js and _tls_wrap.js + this._errorEmitted = false; } function Writable(options) { @@ -272,6 +275,7 @@ function onwriteError(stream, state, sync, er, cb) { } stream.emit('error', er); + stream._errorEmitted = true; } function onwriteStateUpdate(state) { diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index d40b55e6ef..df68d2bedc 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -235,6 +235,10 @@ TLSSocket.prototype._init = function(socket) { } this.ssl.onerror = function(err) { + if (self._errorEmitted) + return; + self._errorEmitted = true; + // Destroy socket if error happened before handshake's finish if (!this._secureEstablished) { self._tlsError(err); @@ -549,9 +553,22 @@ function Server(/* [options], listener */) { self.emit('secureConnection', socket); }); + var errorEmitted = false; + socket.on('close', function() { + // Emit ECONNRESET + if (!socket._controlReleased && !errorEmitted) { + errorEmitted = true; + var connReset = new Error('socket hang up'); + connReset.code = 'ECONNRESET'; + self.emit('clientError', connReset, socket); + } + }); + socket.on('_tlsError', function(err) { - if (!socket._controlReleased) + if (!socket._controlReleased && !errorEmitted) { + errorEmitted = true; self.emit('clientError', err, socket); + } }); }); diff --git a/lib/net.js b/lib/net.js index 3804d622b9..38d90925b1 100644 --- a/lib/net.js +++ b/lib/net.js @@ -113,7 +113,6 @@ exports._normalizeConnectArgs = normalizeConnectArgs; // called when creating new Socket, or when re-using a closed Socket function initSocketHandle(self) { self.destroyed = false; - self.errorEmitted = false; self.bytesRead = 0; self._bytesDispatched = 0; @@ -429,11 +428,11 @@ Socket.prototype._destroy = function(exception, cb) { function fireErrorCallbacks() { if (cb) cb(exception); - if (exception && !self.errorEmitted) { + if (exception && !self._errorEmitted) { process.nextTick(function() { self.emit('error', exception); }); - self.errorEmitted = true; + self._errorEmitted = true; } }; diff --git a/test/simple/test-tls-econnreset.js b/test/simple/test-tls-econnreset.js new file mode 100644 index 0000000000..88afcdfbb5 --- /dev/null +++ b/test/simple/test-tls-econnreset.js @@ -0,0 +1,94 @@ +// Copyright Joyent, Inc. and other Node contributors. +// +// Permission is hereby granted, free of charge, to any person obtaining a +// copy of this software and associated documentation files (the +// "Software"), to deal in the Software without restriction, including +// without limitation the rights to use, copy, modify, merge, publish, +// distribute, sublicense, and/or sell copies of the Software, and to permit +// persons to whom the Software is furnished to do so, subject to the +// following conditions: +// +// The above copyright notice and this permission notice shall be included +// in all copies or substantial portions of the Software. +// +// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN +// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, +// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR +// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE +// USE OR OTHER DEALINGS IN THE SOFTWARE. + +if (!process.versions.openssl) { + console.error('Skipping because node compiled without OpenSSL.'); + process.exit(0); +} + +var common = require('../common'); +var assert = require('assert'); +var tls = require('tls'); + +var cacert = '-----BEGIN CERTIFICATE-----\n' + + 'MIIBxTCCAX8CAnXnMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNVBAYTAlVTMQswCQYD\n' + + 'VQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQU3Ryb25n\n' + + 'TG9vcCwgSW5jLjESMBAGA1UECxMJU3Ryb25nT3BzMRowGAYDVQQDExFjYS5zdHJv\n' + + 'bmdsb29wLmNvbTAeFw0xNDAxMTcyMjE1MDdaFw00MTA2MDMyMjE1MDdaMH0xCzAJ\n' + + 'BgNVBAYTAlVTMQswCQYDVQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZ\n' + + 'MBcGA1UEChMQU3Ryb25nTG9vcCwgSW5jLjESMBAGA1UECxMJU3Ryb25nT3BzMRow\n' + + 'GAYDVQQDExFjYS5zdHJvbmdsb29wLmNvbTBMMA0GCSqGSIb3DQEBAQUAAzsAMDgC\n' + + 'MQDKbQ6rIR5t1q1v4Ha36jrq0IkyUohy9EYNvLnXUly1PGqxby0ILlAVJ8JawpY9\n' + + 'AVkCAwEAATANBgkqhkiG9w0BAQUFAAMxALA1uS4CqQXRSAyYTfio5oyLGz71a+NM\n' + + '+0AFLBwh5AQjhGd0FcenU4OfHxyDEOJT/Q==\n' + + '-----END CERTIFICATE-----\n'; + +var cert = '-----BEGIN CERTIFICATE-----\n' + + 'MIIBfDCCATYCAgQaMA0GCSqGSIb3DQEBBQUAMH0xCzAJBgNVBAYTAlVTMQswCQYD\n' + + 'VQQIEwJDQTEWMBQGA1UEBxMNU2FuIEZyYW5jaXNjbzEZMBcGA1UEChMQU3Ryb25n\n' + + 'TG9vcCwgSW5jLjESMBAGA1UECxMJU3Ryb25nT3BzMRowGAYDVQQDExFjYS5zdHJv\n' + + 'bmdsb29wLmNvbTAeFw0xNDAxMTcyMjE1MDdaFw00MTA2MDMyMjE1MDdaMBkxFzAV\n' + + 'BgNVBAMTDnN0cm9uZ2xvb3AuY29tMEwwDQYJKoZIhvcNAQEBBQADOwAwOAIxAMfk\n' + + 'I0LWU15pPUwIQNMnRVhhOibi0TQmAau8FBtgwEfGK01WpfGUaJr1a41K8Uq7xwID\n' + + 'AQABoxkwFzAVBgNVHREEDjAMhwQAAAAAhwR/AAABMA0GCSqGSIb3DQEBBQUAAzEA\n' + + 'cGpYrhkrb7mIh9DNhV0qp7pGjqBzlHqB7KQXw2luLDp//6dyHBMexDCQznkhZKRU\n' + + '-----END CERTIFICATE-----\n'; + +var key = '-----BEGIN RSA PRIVATE KEY-----\n' + + 'MIH0AgEAAjEAx+QjQtZTXmk9TAhA0ydFWGE6JuLRNCYBq7wUG2DAR8YrTVal8ZRo\n' + + 'mvVrjUrxSrvHAgMBAAECMBCGccvSwC2r8Z9Zh1JtirQVxaL1WWpAQfmVwLe0bAgg\n' + + '/JWMU/6hS36TsYyZMxwswQIZAPTAfht/zDLb7Hwgu2twsS1Ra9w/yyvtlwIZANET\n' + + '26votwJAHK1yUrZGA5nnp5qcmQ/JUQIZAII5YV/UUZvF9D/fUplJ7puENPWNY9bN\n' + + 'pQIZAMMwxuS3XiO7two2sQF6W+JTYyX1DPCwAQIZAOYg1TvEGT38k8e8jygv8E8w\n' + + 'YqrWTeQFNQ==\n' + + '-----END RSA PRIVATE KEY-----\n'; + +var ca = [ cert, cacert ]; + +var clientError = null; +var connectError = null; + +var server = tls.createServer({ ca: ca, cert: cert, key: key }, function(conn) { + throw 'unreachable'; +}).on('clientError', function(err, conn) { + assert(!clientError && conn); + clientError = err; +}).listen(common.PORT, function() { + var options = { + ciphers: 'AES128-GCM-SHA256', + port: common.PORT, + ca: ca + }; + tls.connect(options).on('error', function(err) { + assert(!connectError); + + connectError = err; + this.destroy(); + server.close(); + }); +}); + +process.on('exit', function() { + assert(clientError); + assert(connectError); + assert(/socket hang up/.test(clientError.message)); + assert(/ECONNRESET/.test(clientError.code)); +});