From af6a2339c56e89d7cf999cd64a69842a531c05dc Mon Sep 17 00:00:00 2001 From: Fedor Indutny Date: Wed, 21 Aug 2013 15:58:33 +0400 Subject: [PATCH] tls: fix assertion when ssl is destroyed at read `maybeInitFinished()` can emit the 'secure' event which in turn destroys the connection in case of authentication failure and sets `this.pair.ssl` to `null`. If such condition appeared after non-empty read - loop will continue and `clearOut` will be called on `null` object instead of `crypto::Connection` instance. Resulting in the following assertion: ERROR: Error: Hostname/IP doesn't match certificate's altnames Assertion failed: handle->InternalFieldCount() > 0 fix #5756 --- lib/tls.js | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/lib/tls.js b/lib/tls.js index 0907b290f32..ea3d2e43104 100644 --- a/lib/tls.js +++ b/lib/tls.js @@ -461,7 +461,14 @@ CryptoStream.prototype._read = function read(size) { // Get NPN and Server name when ready this.pair.maybeInitFinished(); - } while (read > 0 && !this._buffer.isFull && bytesRead < size); + + // `maybeInitFinished()` can emit the 'secure' event which + // in turn destroys the connection in case of authentication + // failure and sets `this.pair.ssl` to `null`. + } while (read > 0 && + !this._buffer.isFull && + bytesRead < size && + this.pair.ssl !== null); // Create new buffer if previous was filled up var pool = this._buffer.pool;