Add some verification code to tls.connect()

author Ryan Dahl <ry@tinyclouds.org>

Thu, 9 Dec 2010 10:35:16 +0000 (02:35 -0800)

committer Ryan Dahl <ry@tinyclouds.org>

Thu, 9 Dec 2010 10:46:57 +0000 (02:46 -0800)
author Ryan Dahl <ry@tinyclouds.org>
Thu, 9 Dec 2010 10:35:16 +0000 (02:35 -0800)
committer Ryan Dahl <ry@tinyclouds.org>
Thu, 9 Dec 2010 10:46:57 +0000 (02:46 -0800)
diff --git a/lib/tls.js b/lib/tls.js

index 45c0cde..b0af617 100644 (file)
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -608,14 +608,16 @@ exports.connect = function(port /* host, options, cb */) {
    socket.connect(port, host);
  
    pair.on('secure', function() {
-    console.log('client cleartext.getPeerCertificate(): %j',
-                cleartext.getPeerCertificate());
-    console.log('client cleartext.getCipher(): %j',
-                cleartext.getCipher());
+    var verifyError = pair._ssl.verifyError();
  
-    if (cb) {
-      cb(cleartext);
+    if (verifyError) {
+      cleartext.authorized = false;
+      cleartext.authorizationError = verifyError;
+    } else {
+      cleartext.authorized = true;
      }
+
+    if (cb) cb();
    });
  
    return cleartext;
diff --git a/test/disabled/tls-client.js b/test/disabled/tls-client.js

index a323c25..8383582 100644 (file)
--- a/test/disabled/tls-client.js
+++ b/test/disabled/tls-client.js
@@ -10,8 +10,12 @@ var options = {
  };
  
  
-var s = tls.connect(443, "google.com", options, function() {
-  console.error("CONNECTED");
+var s = tls.connect(443, "joyent.com", options, function() {
+  if (!s.authorized) {
+    console.error("CONNECTED: " +  s.authorizationError);
+    s.destroy();
+    return;
+  }
    s.pipe(process.stdout);
    process.openStdin().pipe(s);
  });
author	Ryan Dahl <ry@tinyclouds.org>
	Thu, 9 Dec 2010 10:35:16 +0000 (02:35 -0800)
committer	Ryan Dahl <ry@tinyclouds.org>
	Thu, 9 Dec 2010 10:46:57 +0000 (02:46 -0800)
lib/tls.js		patch \| blob \| history
test/disabled/tls-client.js		patch \| blob \| history