Skip to content
This repository has been archived by the owner on Apr 22, 2023. It is now read-only.

Commit

Permalink
tls: Fix node swallows openssl error on request
Browse files Browse the repository at this point in the history
Fixes #2308.
Fixes #2246.
  • Loading branch information
koichik committed Dec 17, 2011
1 parent c4d2244 commit 29b1fdd
Show file tree
Hide file tree
Showing 4 changed files with 147 additions and 0 deletions.
8 changes: 8 additions & 0 deletions doc/api/tls.markdown
Original file line number Diff line number Diff line change
Expand Up @@ -237,6 +237,14 @@ server, you unauthorized connections may be accepted.
SNI.


### Event: 'clientError'

`function (exception) { }`

When a client connection emits an 'error' event before secure connection is
established - it will be forwarded here.


#### server.listen(port, [host], [callback])

Begin accepting connections on the specified `port` and `host`. If the
Expand Down
15 changes: 15 additions & 0 deletions lib/tls.js
Original file line number Diff line number Diff line change
Expand Up @@ -721,6 +721,7 @@ SecurePair.prototype.maybeInitFinished = function() {

SecurePair.prototype.destroy = function() {
var self = this;
var error = this.ssl.error;

if (!this._doneFlag) {
this._doneFlag = true;
Expand All @@ -736,6 +737,14 @@ SecurePair.prototype.destroy = function() {
self.encrypted.emit('close');
self.cleartext.emit('close');
});

if (!this._secureEstablished) {
if (!error) {
error = new Error('socket hang up');
error.code = 'ECONNRESET';
}
this.emit('error', error);
}
}
};

Expand Down Expand Up @@ -905,6 +914,9 @@ function Server(/* [options], listener */) {
}
}
});
pair.on('error', function(err) {
self.emit('clientError', err);
});
});

if (listener) {
Expand Down Expand Up @@ -1054,6 +1066,9 @@ exports.connect = function(port /* host, options, cb */) {

cleartext.emit('secureConnect');
});
pair.on('error', function(err) {
cleartext.emit('error', err);
});

cleartext._controlReleased = true;
return cleartext;
Expand Down
62 changes: 62 additions & 0 deletions test/simple/test-https-invalid-key.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.

if (!process.versions.openssl) {
console.error('Skipping because node compiled without OpenSSL.');
process.exit(0);
}

var common = require('../common');
var assert = require('assert');
var https = require('https');
var fs = require('fs');
var path = require('path');

var options = {
key: fs.readFileSync(path.join(common.fixturesDir, 'keys/agent1-key.pem')),
cert: fs.readFileSync(path.join(common.fixturesDir, 'test_cert.pem'))
};
var serverErrorHappened = false;
var clientErrorHappened = false;

var server = https.Server(options, function(req, res) {
assert(false);
});
server.on('clientError', function(err) {
serverErrorHappened = true;
common.debug('Server: ' + err);
server.close();
});

server.listen(common.PORT, function() {
var req = https.get({port: common.PORT}, function(res) {
assert(false);
});
req.on('error', function(err) {
clientErrorHappened = true;
common.debug('Client: ' + err);
});
});

process.on('exit', function() {
assert(serverErrorHappened);
assert(clientErrorHappened);
});
62 changes: 62 additions & 0 deletions test/simple/test-tls-invalid-key.js
Original file line number Diff line number Diff line change
@@ -0,0 +1,62 @@
// Copyright Joyent, Inc. and other Node contributors.
//
// Permission is hereby granted, free of charge, to any person obtaining a
// copy of this software and associated documentation files (the
// "Software"), to deal in the Software without restriction, including
// without limitation the rights to use, copy, modify, merge, publish,
// distribute, sublicense, and/or sell copies of the Software, and to permit
// persons to whom the Software is furnished to do so, subject to the
// following conditions:
//
// The above copyright notice and this permission notice shall be included
// in all copies or substantial portions of the Software.
//
// THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
// OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
// MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN
// NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM,
// DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
// OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE
// USE OR OTHER DEALINGS IN THE SOFTWARE.

if (!process.versions.openssl) {
console.error('Skipping because node compiled without OpenSSL.');
process.exit(0);
}

var common = require('../common');
var assert = require('assert');
var tls = require('tls');
var fs = require('fs');
var path = require('path');

var options = {
key: fs.readFileSync(path.join(common.fixturesDir, 'keys/agent1-key.pem')),
cert: fs.readFileSync(path.join(common.fixturesDir, 'test_cert.pem'))
};
var serverErrorHappened = false;
var clientErrorHappened = false;

var server = tls.Server(options, function(socket) {
assert(false);
});
server.on('clientError', function(err) {
serverErrorHappened = true;
common.debug('Server: ' + err);
server.close();
});

server.listen(common.PORT, function() {
var client = tls.connect(common.PORT, function() {
assert(false);
});
client.on('error', function(err) {
clientErrorHappened = true;
common.debug('Client: ' + err);
});
});

process.on('exit', function() {
assert(serverErrorHappened);
assert(clientErrorHappened);
});

0 comments on commit 29b1fdd

Please sign in to comment.