diff options
author | Rodger Combs <rodger.combs@gmail.com> | 2018-01-12 17:36:21 -0600 |
---|---|---|
committer | Ouyang Yadong <oyydoibh@gmail.com> | 2018-11-15 23:30:13 +0800 |
commit | 9b2ffff62cdbfe6ab538e87aafa5828bfbaaa196 (patch) | |
tree | 278f2cbe5e77c6527bea6d3332671704fed933d1 /lib/_tls_wrap.js | |
parent | c347e77647ed7c25d2eba4860ce62dbddaa46307 (diff) | |
download | android-node-v8-9b2ffff62cdbfe6ab538e87aafa5828bfbaaa196.tar.gz android-node-v8-9b2ffff62cdbfe6ab538e87aafa5828bfbaaa196.tar.bz2 android-node-v8-9b2ffff62cdbfe6ab538e87aafa5828bfbaaa196.zip |
tls: emit a warning when servername is an IP address
Setting the TLS ServerName to an IP address is not permitted by
RFC6066. This will be ignored in a future version.
Refs: https://github.com/nodejs/node/pull/18127
PR-URL: https://github.com/nodejs/node/pull/23329
Fixes: https://github.com/nodejs/node/issues/18071
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Luigi Pinca <luigipinca@gmail.com>
Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com>
Reviewed-By: Sakthipriyan Vairamani <thechargingvolcano@gmail.com>
Diffstat (limited to 'lib/_tls_wrap.js')
-rw-r--r-- | lib/_tls_wrap.js | 14 |
1 files changed, 13 insertions, 1 deletions
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js index 2e32366028..0cd500617f 100644 --- a/lib/_tls_wrap.js +++ b/lib/_tls_wrap.js @@ -59,6 +59,8 @@ const kSNICallback = Symbol('snicallback'); const noop = () => {}; +let ipServernameWarned = false; + function onhandshakestart(now) { debug('onhandshakestart'); @@ -1240,8 +1242,18 @@ exports.connect = function connect(...args) { if (options.session) socket.setSession(options.session); - if (options.servername) + if (options.servername) { + if (!ipServernameWarned && net.isIP(options.servername)) { + process.emitWarning( + 'Setting the TLS ServerName to an IP address is not permitted by ' + + 'RFC 6066. This will be ignored in a future version.', + 'DeprecationWarning', + 'DEP0123' + ); + ipServernameWarned = true; + } socket.setServername(options.servername); + } if (options.socket) socket._start(); |