test: add tests for invalid url deprecations and correct hostname checks

nodejs · Hackzzila · Apr 25, 2018 · Apr 25, 2018 · Apr 26, 2018 · Apr 27, 2018
commit 3b20da140479120a0d7947bcc0753b8e55de29c0
diff --git a/lib/tls.js b/lib/tls.js
@@ -193,8 +193,8 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
           if (!urlWarningEmitted && !process.noDeprecation) {
             urlWarningEmitted = true;
             process.emitWarning(
-              `The URL ${name.slice(4)} found in cert.subjectaltname ` +
-              'is not a valid URL, and is supported in the tls module ' +
+              `The URI ${name.slice(4)} found in cert.subjectaltname ` +
+              'is not a valid URI, and is supported in the tls module ' +
               'solely for compatibility.',
               'DeprecationWarning', 'DEP00XX');
           }

diff --git a/test/parallel/test-http-correct-hostname.js b/test/parallel/test-http-correct-hostname.js
@@ -0,0 +1,28 @@
+/* eslint-disable node-core/crypto-check */
+// Flags: --expose-internals
+'use strict';
+
+const common = require('../common');
+const assert = require('assert');
+
+const { outHeadersKey } = require('internal/http');
+
+const http = require('http');
+const modules = { http };
+
+if (common.hasCrypto) {
+  const https = require('https');
+  modules.https = https;
+}
+
+Object.keys(modules).forEach((module) => {
+  const doNotCall = common.mustNotCall(
+    `${module}.request should not connect to ${module}://example.com%60x.example.com`
+  );
+  const req = modules[module].request(`${module}://example.com%60x.example.com`, doNotCall);
+  assert.deepStrictEqual(req[outHeadersKey].host, [
+    'Host',
+    'example.com`x.example.com',
+  ]);
+  req.abort();
+});
diff --git a/test/parallel/test-http-deprecated-urls.js b/test/parallel/test-http-deprecated-urls.js
@@ -0,0 +1,33 @@
+/* eslint-disable node-core/crypto-check */
+
+'use strict';
+
+const common = require('../common');
+
+const http = require('http');
+const modules = { http };
+
+const deprecations = [
+  ['The provided URL http://[www.nodejs.org] is not a valid URL, and is supported ' +
+  'in the http module solely for compatibility.',
+   'DEP00XX'],
+];
+
+if (common.hasCrypto) {
+  const https = require('https');
+  modules.https = https;
+  deprecations.push(
+    ['The provided URL https://[www.nodejs.org] is not a valid URL, and is supported ' +
+    'in the https module solely for compatibility.',
+     'DEP00XX'],
+  );
+}
+
+common.expectWarning('DeprecationWarning', deprecations);
+
+Object.keys(modules).forEach((module) => {
+  const doNotCall = common.mustNotCall(
+    `${module}.request should not connect to ${module}://[www.nodejs.org]`
+  );
+  modules[module].request(`${module}://[www.nodejs.org]`, doNotCall).abort();
+});
diff --git a/test/parallel/test-tls-check-server-identity.js b/test/parallel/test-tls-check-server-identity.js
@@ -30,6 +30,13 @@ const util = require('util');
 
 const tls = require('tls');
 
+common.expectWarning('DeprecationWarning', [
+  ['The URI http://[a.b.a.com]/ found in cert.subjectaltname ' +
+  'is not a valid URI, and is supported in the tls module ' +
+  'solely for compatibility.',
+   'DEP00XX'],
+]);
+
 const tests = [
   // False-y values.
   {
@@ -218,6 +225,13 @@ const tests = [
     error: 'Host: a.b.a.com. is not in the cert\'s altnames: ' +
            'URI:http://*.b.a.com/'
   },
+  // Invalid URI
+  {
+    host: 'a.b.a.com', cert: {
+      subjectaltname: 'URI:http://[a.b.a.com]/',
+      subject: {}
+    }
+  },
   // IP addresses
   {
     host: 'a.b.a.com', cert: {