tls: type checking on getCipherList, improve docs and test

Per Julian's feedback, add type and count checking on the input to getLegacyCiphers, fill out the docs to make behavior and type more explicit, expand the test cases to cover the additional failure cases.
nodejs · Apr 15, 2015 · 80a485d · 80a485d
1 parent 8496600
commit 80a485d
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 0 deletions.
diff --git a/doc/api/tls.markdown b/doc/api/tls.markdown
@@ -152,6 +152,8 @@ Currently, the values supported for the `enable-legacy-cipher-list` switch and
 
       ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH
 
+Note that the `--enable-legacy-cipher-list`, `NODE_LEGACY_CIPHER_LIST`, `--cipher-list` and `NODE_CIPHER_LIST` options are mutually exclusive. Only one should be used at a time. If multiple happen to be used, the `NODE_LEGACY_CIPHER_LIST` environment variable will take precedence, followed in order by the `NODE_CIPHER_LIST` environment variable, the `--enable-legacy-cipher-list` command line option, and finally the `--cipher-list` command line option.
+
 These legacy cipher suites are also made available for use via the
 `getLegacyCiphers()` method:
 
@@ -174,6 +176,12 @@ Example:
     console.log(ciphers); // ['AES128-SHA', 'AES256-SHA', ...]
 
 
+## tls.getLegacyCiphers(version)
+
+Returns a default cipher list used in a previous version of Node.js. The version parameter must be a string whose value identifies previous Node.js release version. The only value currently supported is `v0.10.38`.
+
+A TypeError will be thrown if: (a) the `version` is any type other than a string, (b) the `version` parameter is not specified, or (c) additional parameters are passed in. An Error will be thrown if the `version` parameter is passed in as a string but the value does not correlate to any known Node.js release for which a default cipher list is available.
+
 ## tls.createServer(options, [secureConnectionListener])
 
 Creates a new [tls.Server][].  The `connectionListener` argument is

diff --git a/src/node_crypto.cc b/src/node_crypto.cc
@@ -4199,6 +4199,10 @@ const char* ToCString(const node::Utf8Value& value) {
 
 Handle<Value> DefaultCiphers(const Arguments& args) {
   HandleScope scope;
+  unsigned int len = args.Length();
+  if (len != 1 || !args[0]->IsString()) {
+    return ThrowException(Exception::TypeError(String::New("A single string parameter is required")));
+  }
   node::Utf8Value key(args[0]);
   const char * list = legacy_cipher_list(ToCString(key));
   if (list != NULL) {

diff --git a/test/simple/test-tls-cipher-list.js b/test/simple/test-tls-cipher-list.js
@@ -69,5 +69,13 @@ doTest('ABC', 'ABC', 1); // test the --cipher-list switch
   doTest(tls.getLegacyCiphers(ver), ver, 3);
 });
 
+// invalid value
 assert.throws(function() {tls.getLegacyCiphers('foo');});
+// no parameters
+assert.throws(function() {tls.getLegacyCiphers();});
+// not a string parameter
+assert.throws(function() {tls.getLegacyCiphers(1);});
+// too many parameters
+assert.throws(function() {tls.getLegacyCiphers('abc', 'extra');});
+// ah, just right
 assert.doesNotThrow(function() {tls.getLegacyCiphers('v0.10.38');});