1berry/nodejs
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tls: migrate errors in _tls_wrap.js

Browse Source 
This migrates the old style error in _tls_wrap.js to
the new style error ERR_TLS_RENEGOTIATION_DISABLED.

Refs: https://github.com/nodejs/node/issues/17709

PR-URL: https://github.com/nodejs/node/pull/17792
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: Jon Moss <me@jonathanmoss.me>
Reviewed-By: Joyee Cheung <joyeec9h3@gmail.com>
This commit is contained in:
Mir Mufaqam Ali 2017-12-20 17:28:03 +05:30 committed by Joyee Cheung
parent 0b78895824
commit 79261f3003
No known key found for this signature in database
GPG Key ID: F586868AAD831D0C
4 changed files with 13 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
doc/api/errors.md
View File

@ -1513,6 +1513,11 @@ a hostname in the first parameter.
An excessive amount of TLS renegotiations is detected, which is a potential An excessive amount of TLS renegotiations is detected, which is a potential
vector for denial-of-service attacks. vector for denial-of-service attacks.
<a id="ERR_TLS_RENEGOTIATION_DISABLED"></a>
### ERR_TLS_RENEGOTIATION_DISABLED
An attempt was made to renegotiate TLS on a socket instance with TLS disabled.
<a id="ERR_TRANSFORM_ALREADY_TRANSFORMING"></a> <a id="ERR_TRANSFORM_ALREADY_TRANSFORMING"></a>
### ERR_TRANSFORM_ALREADY_TRANSFORMING ### ERR_TRANSFORM_ALREADY_TRANSFORMING

3
lib/_tls_wrap.js
View File

@ -70,8 +70,7 @@ function onhandshakestart() {
} }
if (owner[kDisableRenegotiation] && this.handshakes > 0) { if (owner[kDisableRenegotiation] && this.handshakes > 0) {
const err = new Error('TLS session renegotiation disabled for this socket'); owner._emitTLSError(new errors.Error('ERR_TLS_RENEGOTIATION_DISABLED'));
owner._emitTLSError(err);
} }
} }

2
lib/internal/errors.js
View File

@ -474,6 +474,8 @@ E('ERR_TLS_CERT_ALTNAME_INVALID',
'Hostname/IP does not match certificate\'s altnames: %s'); 'Hostname/IP does not match certificate\'s altnames: %s');
E('ERR_TLS_DH_PARAM_SIZE', 'DH parameter size %s is less than 2048'); E('ERR_TLS_DH_PARAM_SIZE', 'DH parameter size %s is less than 2048');
E('ERR_TLS_HANDSHAKE_TIMEOUT', 'TLS handshake timeout'); E('ERR_TLS_HANDSHAKE_TIMEOUT', 'TLS handshake timeout');
E('ERR_TLS_RENEGOTIATION_DISABLED',
'TLS session renegotiation disabled for this socket');
E('ERR_TLS_RENEGOTIATION_FAILED', 'Failed to renegotiate'); E('ERR_TLS_RENEGOTIATION_FAILED', 'Failed to renegotiate');
E('ERR_TLS_REQUIRED_SERVER_NAME', E('ERR_TLS_REQUIRED_SERVER_NAME',
'"servername" is required parameter for Server.addContext'); '"servername" is required parameter for Server.addContext');

8
test/parallel/test-tls-disable-renegotiation.js
View File

@ -17,9 +17,11 @@ const options = {
const server = tls.Server(options, common.mustCall((socket) => { const server = tls.Server(options, common.mustCall((socket) => {
socket.on('error', common.mustCall((err) => { socket.on('error', common.mustCall((err) => {
assert.strictEqual( common.expectsError({
err.message, type: Error,
'TLS session renegotiation disabled for this socket'); code: 'ERR_TLS_RENEGOTIATION_DISABLED',
message: 'TLS session renegotiation disabled for this socket'
})(err);
socket.destroy(); socket.destroy();
server.close(); server.close();
})); }));