- Version: 6.7.0 - 7.5.0 (at least)
- Platform: All? tested on MacOS / Linux
- Subsystem: TLS
The documentation for the checkServerIdentity function at https://nodejs.org/api/tls.html#tls_tls_connect_options_callback
states that the provided function "should throw an error if verification fails. "
However, the implementation (https://github.com/nodejs/node/blob/master/lib/_tls_wrap.js#L1083) expects a truthy value returned from the function as the error, and has no try / catch logic to catch an error if thrown, with the result that if the checkServerIdentity function throws an error the whole process will likely exit. Either the docs or the implementation should be corrected to reflect the intended behavior.
The documentation for the
checkServerIdentityfunction at https://nodejs.org/api/tls.html#tls_tls_connect_options_callbackstates that the provided function "should throw an error if verification fails. "
However, the implementation (https://github.com/nodejs/node/blob/master/lib/_tls_wrap.js#L1083) expects a truthy value returned from the function as the error, and has no try / catch logic to catch an error if thrown, with the result that if the
checkServerIdentityfunction throws an error the whole process will likely exit. Either the docs or the implementation should be corrected to reflect the intended behavior.