Permalink
Browse files

tls: migrate tls.js to use internal/errors.js

Migrate tls.js to use internal/errors.js as per
#11273

PR-URL: #13994
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Refael Ackermann <refack@gmail.com>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
  • Loading branch information...
mhdawson committed Jun 29, 2017
1 parent f406a7e commit 3ccfeb483df5a6402da9b40346a7eb33cfb4b70a
View
@@ -174,6 +174,8 @@ E('ERR_SOCKET_DGRAM_NOT_RUNNING', 'Not running');
E('ERR_STDERR_CLOSE', 'process.stderr cannot be closed');
E('ERR_STDOUT_CLOSE', 'process.stdout cannot be closed');
E('ERR_STREAM_WRAP', 'Stream has StringDecoder set or is in objectMode');
E('ERR_TLS_CERT_ALTNAME_INVALID',
'Hostname/IP does not match certificate\'s altnames: %s');
E('ERR_TRANSFORM_ALREADY_TRANSFORMING',
'Calling transform done when still transforming');
E('ERR_TRANSFORM_WITH_LENGTH_0',
View
@@ -21,6 +21,7 @@
'use strict';
const errors = require('internal/errors');
const internalUtil = require('internal/util');
internalUtil.assertCrypto();
@@ -219,8 +220,7 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
}
if (!valid) {
const err = new Error(
`Hostname/IP doesn't match certificate's altnames: "${reason}"`);
const err = new errors.Error('ERR_TLS_CERT_ALTNAME_INVALID', reason);
err.reason = reason;
err.host = host;
err.cert = cert;
@@ -170,13 +170,9 @@ function allListening() {
// server1: host 'agent1', signed by ca1
makeReq('/inv1', port1, 'UNABLE_TO_VERIFY_LEAF_SIGNATURE');
makeReq('/inv1-ca1', port1,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent1"',
makeReq('/inv1-ca1', port1, 'ERR_TLS_CERT_ALTNAME_INVALID',
null, ca1);
makeReq('/inv1-ca1ca2', port1,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent1"',
makeReq('/inv1-ca1ca2', port1, 'ERR_TLS_CERT_ALTNAME_INVALID',
null, [ca1, ca2]);
makeReq('/val1-ca1', port1, null, 'agent1', ca1);
makeReq('/val1-ca1ca2', port1, null, 'agent1', [ca1, ca2]);
@@ -193,13 +189,8 @@ function allListening() {
// server3: host 'agent3', signed by ca2
makeReq('/inv3', port3, 'UNABLE_TO_VERIFY_LEAF_SIGNATURE');
makeReq('/inv3-ca2', port3,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent3"',
null, ca2);
makeReq('/inv3-ca1ca2', port3,
'Hostname/IP doesn\'t match certificate\'s altnames: ' +
'"Host: localhost. is not cert\'s CN: agent3"',
makeReq('/inv3-ca2', port3, 'ERR_TLS_CERT_ALTNAME_INVALID', null, ca2);
makeReq('/inv3-ca1ca2', port3, 'ERR_TLS_CERT_ALTNAME_INVALID',
null, [ca1, ca2]);
makeReq('/val3-ca2', port3, null, 'agent3', ca2);
makeReq('/val3-ca1ca2', port3, null, 'agent3', [ca1, ca2]);
@@ -229,3 +229,9 @@ assert.throws(
code: 'ERR_ASSERTION',
message: /^At least one arg needs to be specified$/
}));
// Test ERR_TLS_CERT_ALTNAME_INVALID
assert.strictEqual(
errors.message('ERR_TLS_CERT_ALTNAME_INVALID', ['altname']),
'Hostname/IP does not match certificate\'s altnames: altname');
@@ -29,7 +29,6 @@ const fs = require('fs');
const path = require('path');
const tls = require('tls');
const hosterr = /Hostname\/IP doesn't match certificate's altnames/;
const testCases =
[{ ca: ['ca1-cert'],
key: 'agent2-key',
@@ -101,7 +100,7 @@ function testServers(index, servers, clientOptions, cb) {
clientOptions.port = this.address().port;
const client = tls.connect(clientOptions, common.mustCall(function() {
const authorized = client.authorized ||
hosterr.test(client.authorizationError);
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID');
console.error(`expected: ${ok} authed: ${authorized}`);
@@ -141,7 +141,8 @@ function startTest() {
options.port = server.address().port;
const client = tls.connect(options, function() {
clientResults.push(
/Hostname\/IP doesn't/.test(client.authorizationError || ''));
client.authorizationError &&
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID'));
client.destroy();
next();
@@ -113,7 +113,7 @@ function startTest() {
const client = tls.connect(options, function() {
clientResults.push(
client.authorizationError &&
/Hostname\/IP doesn't/.test(client.authorizationError));
(client.authorizationError === 'ERR_TLS_CERT_ALTNAME_INVALID'));
client.destroy();
// Continue

0 comments on commit 3ccfeb4

Please sign in to comment.