doc: fix inconsistent documentation (host vs hostname)

Update reference to read `hostname` instead of `host` for consistency. Also update function signature to use `hostname` rather than `host` PR-URL: https://github.com/nodejs/node/pull/20933 Refs: https://github.com/nodejs/node/issues/20892 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
2018-05-24 14:14:27 +03:00 · 2018-05-24 14:14:27 +03:00 · 38c938aa90
commit 38c938aa90
parent 8055bdbbc9
3 changed files with 16 additions and 15 deletions
--- a/doc/api/deprecations.md
+++ b/doc/api/deprecations.md
@ -1061,7 +1061,7 @@ deprecated and support will be removed in the future.
 [`tls.SecureContext`]: tls.html#tls_tls_createsecurecontext_options
 [`tls.SecurePair`]: tls.html#tls_class_securepair
 [`tls.TLSSocket`]: tls.html#tls_class_tls_tlssocket
-[`tls.checkServerIdentity()`]: tls.html#tls_tls_checkserveridentity_host_cert
+[`tls.checkServerIdentity()`]: tls.html#tls_tls_checkserveridentity_hostname_cert
 [`tls.createSecureContext()`]: tls.html#tls_tls_createsecurecontext_options
 [`util._extend()`]: util.html#util_util_extend_target_source
 [`util.debug()`]: util.html#util_util_debug_string
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@ -358,7 +358,7 @@ added: v0.5.3
  `cert`, `ca`, etc).

 The `server.addContext()` method adds a secure context that will be used if
-the client request's SNI hostname matches the supplied `hostname` (or wildcard).
+the client request's SNI name matches the supplied `hostname` (or wildcard).

 ### server.address()
 <!-- YAML
@ -796,17 +796,17 @@ and their processing can be delayed due to packet loss or reordering. However,
 smaller fragments add extra TLS framing bytes and CPU overhead, which may
 decrease overall server throughput.

-## tls.checkServerIdentity(host, cert)
+## tls.checkServerIdentity(hostname, cert)
 <!-- YAML
 added: v0.8.4
 -->

-* `host` {string} The hostname to verify the certificate against
+* `hostname` {string} The hostname to verify the certificate against
 * `cert` {Object} An object representing the peer's certificate. The returned
  object has some properties corresponding to the fields of the certificate.
 * Returns: {Error|undefined}

-Verifies the certificate `cert` is issued to host `host`.
+Verifies the certificate `cert` is issued to `hostname`.

 Returns {Error} object, populating it with the reason, host, and cert on
 failure. On success, returns {undefined}.
--- a/lib/tls.js
+++ b/lib/tls.js
@ -161,14 +161,14 @@ function check(hostParts, pattern, wildcards) {
 }

 let urlWarningEmitted = false;
-exports.checkServerIdentity = function checkServerIdentity(host, cert) {
+exports.checkServerIdentity = function checkServerIdentity(hostname, cert) {
  const subject = cert.subject;
  const altNames = cert.subjectaltname;
  const dnsNames = [];
  const uriNames = [];
  const ips = [];

-  host = '' + host;
+  hostname = '' + hostname;

  if (altNames) {
    for (const name of altNames.split(', ')) {
@ -200,14 +200,14 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
  let valid = false;
  let reason = 'Unknown reason';

-  if (net.isIP(host)) {
-    valid = ips.includes(canonicalizeIP(host));
+  if (net.isIP(hostname)) {
+    valid = ips.includes(canonicalizeIP(hostname));
    if (!valid)
-      reason = `IP: ${host} is not in the cert's list: ${ips.join(', ')}`;
+      reason = `IP: ${hostname} is not in the cert's list: ${ips.join(', ')}`;
    // TODO(bnoordhuis) Also check URI SANs that are IP addresses.
  } else if (subject) {
-    host = unfqdn(host);  // Remove trailing dot for error messages.
-    const hostParts = splitHost(host);
+    hostname = unfqdn(hostname);  // Remove trailing dot for error messages.
+    const hostParts = splitHost(hostname);
    const wildcard = (pattern) => check(hostParts, pattern, true);
    const noWildcard = (pattern) => check(hostParts, pattern, false);

@ -221,11 +221,12 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
        valid = wildcard(cn);

      if (!valid)
-        reason = `Host: ${host}. is not cert's CN: ${cn}`;
+        reason = `Host: ${hostname}. is not cert's CN: ${cn}`;
    } else {
      valid = dnsNames.some(wildcard) || uriNames.some(noWildcard);
      if (!valid)
-        reason = `Host: ${host}. is not in the cert's altnames: ${altNames}`;
+        reason =
+          `Host: ${hostname}. is not in the cert's altnames: ${altNames}`;
    }
  } else {
    reason = 'Cert is empty';
@ -234,7 +235,7 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
  if (!valid) {
    const err = new ERR_TLS_CERT_ALTNAME_INVALID(reason);
    err.reason = reason;
-    err.host = host;
+    err.host = hostname;
    err.cert = cert;
    return err;
  }