diff options
author | Sam Roberts <vieuxtech@gmail.com> | 2019-06-02 18:11:48 +0200 |
---|---|---|
committer | Ruben Bridgewater <ruben@bridgewater.de> | 2019-06-17 11:58:26 +0200 |
commit | 574985cec8d96ee33be957f247941ad2c9e522bf (patch) | |
tree | 76f362d7bc75173ed329694ea61b750512ef39fd | |
parent | 7cb89819b5681b72c38ea1957c681243329b93fd (diff) | |
download | android-node-v8-574985cec8d96ee33be957f247941ad2c9e522bf.tar.gz android-node-v8-574985cec8d96ee33be957f247941ad2c9e522bf.tar.bz2 android-node-v8-574985cec8d96ee33be957f247941ad2c9e522bf.zip |
https: do not automatically use invalid servername
Stop automatically setting servername in https.request() if the target
host is specified with an IP address. Doing so is invalid, and triggers
a deprecation warning. It is still possible to send an IP address as a
servername if its required, but it needs to be explicity configured, it
won't happen automatically.
PR-URL: https://github.com/nodejs/node/pull/28209
Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Yongsheng Zhang <zyszys98@gmail.com>
Reviewed-By: Rich Trott <rtrott@gmail.com>
Reviewed-By: Ruben Bridgewater <ruben@bridgewater.de>
-rw-r--r-- | doc/api/https.md | 12 | ||||
-rw-r--r-- | lib/_http_agent.js | 3 | ||||
-rw-r--r-- | test/parallel/test-https-simple.js | 3 |
3 files changed, 16 insertions, 2 deletions
diff --git a/doc/api/https.md b/doc/api/https.md index 9b6ec83a6e..b544b420a1 100644 --- a/doc/api/https.md +++ b/doc/api/https.md @@ -24,7 +24,13 @@ An [`Agent`][] object for HTTPS similar to [`http.Agent`][]. See [`https.request()`][] for more information. ### new Agent([options]) - +<!-- YAML +changes: + - version: REPLACEME + pr-url: https://github.com/nodejs/node/pull/28209 + description: do not automatically set servername if the target host was + specified using an IP address. +--> * `options` {Object} Set of configurable options to set on the agent. Can have the same fields as for [`http.Agent(options)`][], and * `maxCachedSessions` {number} maximum number of TLS cached sessions. @@ -32,7 +38,9 @@ An [`Agent`][] object for HTTPS similar to [`http.Agent`][]. See * `servername` {string} the value of [Server Name Indication extension][sni wiki] to be sent to the server. Use empty string `''` to disable sending the extension. - **Default:** hostname or IP address of the target server. + **Default:** hostname of the target server, unless the target server + is specified using an IP address, in which case the default is `''` (no + extension). See [`Session Resumption`][] for infomation about TLS session reuse. diff --git a/lib/_http_agent.js b/lib/_http_agent.js index 12f8529c38..e1cfa6d7fc 100644 --- a/lib/_http_agent.js +++ b/lib/_http_agent.js @@ -256,6 +256,9 @@ function calculateServerName(options, req) { servername = hostHeader.split(':', 1)[0]; } } + // Don't implicitly set invalid (IP) servernames. + if (net.isIP(servername)) + servername = ''; return servername; } diff --git a/test/parallel/test-https-simple.js b/test/parallel/test-https-simple.js index b6a7c692eb..269db1655e 100644 --- a/test/parallel/test-https-simple.js +++ b/test/parallel/test-https-simple.js @@ -29,6 +29,9 @@ if (!common.hasCrypto) const assert = require('assert'); const https = require('https'); +// Assert that the IP-as-servername deprecation warning does not occur. +process.on('warning', common.mustNotCall()); + const options = { key: fixtures.readKey('agent1-key.pem'), cert: fixtures.readKey('agent1-cert.pem') |