Skip to content

[v11.x backport] src: add .code and SSL specific error properties #26953

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
sam-github wants to merge 3 commits into from
Closed

[v11.x backport] src: add .code and SSL specific error properties #26953

Show file tree
Hide file tree
Changes from 1 commit
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
84a1b18
tls: add code for ERR_TLS_INVALID_PROTOCOL_METHOD
sam-github Nov 20, 2018
71ca71a
tls: revert change to invalid protocol error type
sam-github Mar 28, 2019
24dbb96
src: add .code and SSL specific error properties
sam-github Mar 28, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
src: add .code and SSL specific error properties 
SSL errors have a long structured message, but lacked the standard .code
property which can be used for stable comparisons. Add a `code`
property, as well as the 3 string components of an SSL error: `reason`,
`library`, and `function`.

PR-URL: #25093
Reviewed-By: James M Snell <jasnell@gmail.com>
Reviewed-By: Daniel Bevenius <daniel.bevenius@gmail.com>
  • Loading branch information
@sam-github
sam-github committed Mar 28, 2019
commit 24dbb965c00f984ce90f0aa7b062966e34463bc3
4 changes: 3 additions & 1 deletion src/env.h
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -185,6 +185,7 @@ constexpr size_t kFsStatsBufferLength = kFsStatsFieldsNumber * 2;
V(fingerprint_string, "fingerprint") \
V(flags_string, "flags") \
V(fragment_string, "fragment") \
V(function_string, "function") \
V(get_data_clone_error_string, "_getDataCloneError") \
V(get_shared_array_buffer_id_string, "_getSharedArrayBufferId") \
V(gid_string, "gid") \
Expand All @@ -208,6 +209,7 @@ constexpr size_t kFsStatsBufferLength = kFsStatsFieldsNumber * 2;
V(issuercert_string, "issuerCertificate") \
V(kill_signal_string, "killSignal") \
V(kind_string, "kind") \
V(library_string, "library") \
V(mac_string, "mac") \
V(main_string, "main") \
V(max_buffer_string, "maxBuffer") \
Expand Down Expand Up @@ -318,7 +320,7 @@ constexpr size_t kFsStatsBufferLength = kFsStatsFieldsNumber * 2;
V(write_host_object_string, "_writeHostObject") \
V(write_queue_size_string, "writeQueueSize") \
V(x_forwarded_string, "x-forwarded-for") \
V(zero_return_string, "ZERO_RETURN")
V(zero_return_string, "ZERO_RETURN") \

#define ENVIRONMENT_STRONG_PERSISTENT_PROPERTIES(V) \
V(as_callback_data, v8::Object) \
Expand Down
37 changes: 36 additions & 1 deletion src/tls_wrap.cc
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ using v8::Exception;
using v8::Function;
using v8::FunctionCallbackInfo;
using v8::FunctionTemplate;
using v8::Isolate;
using v8::Local;
using v8::Object;
using v8::ReadOnly;
Expand Down Expand Up @@ -367,9 +368,43 @@ Local<Value> TLSWrap::GetSSLError(int status, int* err, std::string* msg) {
BUF_MEM* mem;
BIO_get_mem_ptr(bio, &mem);

Isolate* isolate = env()->isolate();
Local<Context> context = isolate->GetCurrentContext();

Local<String> message =
OneByteString(env()->isolate(), mem->data, mem->length);
OneByteString(isolate, mem->data, mem->length);
Local<Value> exception = Exception::Error(message);
Local<Object> obj = exception->ToObject(context).ToLocalChecked();

const char* ls = ERR_lib_error_string(ssl_err);
const char* fs = ERR_func_error_string(ssl_err);
const char* rs = ERR_reason_error_string(ssl_err);

if (ls != nullptr)
obj->Set(context, env()->library_string(),
OneByteString(isolate, ls)).FromJust();
if (fs != nullptr)
obj->Set(context, env()->function_string(),
OneByteString(isolate, fs)).FromJust();
if (rs != nullptr) {
obj->Set(context, env()->reason_string(),
OneByteString(isolate, rs)).FromJust();

// SSL has no API to recover the error name from the number, so we
// transform reason strings like "this error" to "ERR_SSL_THIS_ERROR",
// which ends up being close to the original error macro name.
std::string code(rs);

for (auto& c : code) {
if (c == ' ')
c = '_';
else
c = ::toupper(c);
}
obj->Set(context, env()->code_string(),
OneByteString(isolate, ("ERR_SSL_" + code).c_str()))
.FromJust();
}

if (msg != nullptr)
msg->assign(mem->data, mem->data + mem->length);
Expand Down
14 changes: 12 additions & 2 deletions test/parallel/test-tls-alert-handling.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ if (!common.hasCrypto)
if (!common.opensslCli)
common.skip('node compiled without OpenSSL CLI');

const assert = require('assert');
const net = require('net');
const tls = require('tls');
const fixtures = require('../common/fixtures');
Expand All @@ -29,7 +30,11 @@ const opts = {
const max_iter = 20;
let iter = 0;

const errorHandler = common.mustCall(() => {
const errorHandler = common.mustCall((err) => {
assert.strictEqual(err.code, 'ERR_SSL_WRONG_VERSION_NUMBER');
assert.strictEqual(err.library, 'SSL routines');
assert.strictEqual(err.function, 'ssl3_get_record');
assert.strictEqual(err.reason, 'wrong version number');
errorReceived = true;
if (canCloseServer())
server.close();
Expand Down Expand Up @@ -81,5 +86,10 @@ function sendBADTLSRecord() {
socket.end(BAD_RECORD);
});
}));
client.on('error', common.mustCall());
client.on('error', common.mustCall((err) => {
assert.strictEqual(err.code, 'ERR_SSL_TLSV1_ALERT_PROTOCOL_VERSION');
assert.strictEqual(err.library, 'SSL routines');
assert.strictEqual(err.function, 'ssl3_read_bytes');
assert.strictEqual(err.reason, 'tlsv1 alert protocol version');
}));
}