From 5138992f3c275a1bab1593c7468c08f1f24e96bb Mon Sep 17 00:00:00 2001
From: Ryan Dahl <ry@tinyclouds.org>
Date: Thu, 9 Dec 2010 02:35:16 -0800
Subject: [PATCH] Add some verification code to tls.connect()

---
 lib/tls.js                  | 14 ++++++++------
 test/disabled/tls-client.js |  8 ++++++--
 2 files changed, 14 insertions(+), 8 deletions(-)

diff --git a/lib/tls.js b/lib/tls.js
index 45c0cde..b0af617 100644
--- a/lib/tls.js
+++ b/lib/tls.js
@@ -608,14 +608,16 @@ exports.connect = function(port /* host, options, cb */) {
   socket.connect(port, host);
 
   pair.on('secure', function() {
-    console.log('client cleartext.getPeerCertificate(): %j',
-                cleartext.getPeerCertificate());
-    console.log('client cleartext.getCipher(): %j',
-                cleartext.getCipher());
+    var verifyError = pair._ssl.verifyError();
 
-    if (cb) {
-      cb(cleartext);
+    if (verifyError) {
+      cleartext.authorized = false;
+      cleartext.authorizationError = verifyError;
+    } else {
+      cleartext.authorized = true;
     }
+
+    if (cb) cb();
   });
 
   return cleartext;
diff --git a/test/disabled/tls-client.js b/test/disabled/tls-client.js
index a323c25..8383582 100644
--- a/test/disabled/tls-client.js
+++ b/test/disabled/tls-client.js
@@ -10,8 +10,12 @@ var options = {
 };
 
 
-var s = tls.connect(443, "google.com", options, function() {
-  console.error("CONNECTED");
+var s = tls.connect(443, "joyent.com", options, function() {
+  if (!s.authorized) {
+    console.error("CONNECTED: " +  s.authorizationError);
+    s.destroy();
+    return;
+  }
   s.pipe(process.stdout);
   process.openStdin().pipe(s);
 });
-- 
2.7.4