Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

tls: throw when unable to set ciphers #21557

Merged
merged 0 commits into from Jul 3, 2018

Conversation

Projects
None yet
7 participants
@mscdex
Copy link
Contributor

commented Jun 27, 2018

This PR both clarifies the ciphers option for tls connections and makes tls.createSecureContext() throw (with an OpenSSL error message) if ciphers is not acceptable.

It may be worth mimicking this same behavior for other setter functions. While most others at least throw a generic error (while SetCiphers() silently ignored the return value when setting ciphers), I think tweaking those to include the OpenSSL error may be more helpful.

CI: https://ci.nodejs.org/job/node-test-pull-request/15648/

Checklist
  • make -j4 test (UNIX), or vcbuild test (Windows) passes
  • tests and/or benchmarks are included
  • documentation is changed or added
  • commit message follows commit guidelines

@mscdex mscdex removed the crypto label Jun 27, 2018

@mscdex mscdex force-pushed the mscdex:tls-throw-error-set-ciphers branch from 7c7709e to bfbeb1d Jun 27, 2018

@mscdex mscdex changed the title Tls throw error set ciphers tls: throw when unable to set ciphers Jun 27, 2018

if (!err) {
return env->ThrowError("Failed to set ciphers");
}
return ThrowCryptoError(env, err);

This comment has been minimized.

Copy link
@bnoordhuis

bnoordhuis Jun 27, 2018

Member

I realise this is an existing pattern but you can just return ThrowCryptoError(env, err, "Failed to set ciphers"); - it will use the message when err == 0. Either way is fine though, it's the kind of cleanup that can wait for another PR.

@mscdex

This comment has been minimized.

Copy link
Contributor Author

commented Jun 29, 2018

@mscdex mscdex added the tsc-review label Jun 29, 2018

@mcollina
Copy link
Member

left a comment

lgtm

@mscdex mscdex force-pushed the mscdex:tls-throw-error-set-ciphers branch from bfbeb1d to 132a188 Jul 3, 2018

mscdex added a commit to mscdex/io.js that referenced this pull request Jul 3, 2018

doc: clarify ciphers option format
PR-URL: nodejs#21557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

mscdex added a commit to mscdex/io.js that referenced this pull request Jul 3, 2018

tls: throw error on bad ciphers option
PR-URL: nodejs#21557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>

@mscdex mscdex removed the tsc-review label Jul 3, 2018

@mscdex

This comment has been minimized.

Copy link
Contributor Author

commented Jul 3, 2018

@mscdex mscdex closed this Jul 3, 2018

@mscdex mscdex force-pushed the mscdex:tls-throw-error-set-ciphers branch from 132a188 to a15ea5d Jul 3, 2018

mscdex added a commit to mscdex/io.js that referenced this pull request Jul 3, 2018

doc: clarify ciphers option format
PR-URL: nodejs#21557
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Tiancheng "Timothy" Gu <timothygu99@gmail.com>

@mscdex mscdex merged commit a15ea5d into nodejs:master Jul 3, 2018

1 check passed

Travis CI - Branch Build Passed
Details

@mscdex mscdex deleted the mscdex:tls-throw-error-set-ciphers branch Jul 3, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.