tls: use validateFunction for options.checkServerIdentity

If user uses invalid type for `options.checkServerIdentity` in tls.connect(), it's not internal issue of Node.js. So validateFunction() is more proper than assert(). Fixes: https://github.com/nodejs/node/issues/49839 PR-URL: https://github.com/nodejs/node/pull/49896 Reviewed-By: Antoine du Hamel <duhamelantoine1995@gmail.com> Reviewed-By: Tobias Nießen <tniessen@tnie.de>
2023-10-01 07:38:10 +09:00 · 2023-10-01 07:38:10 +09:00 · 092fb9f541
commit 092fb9f541
parent e6e320ecc7
2 changed files with 10 additions and 1 deletions
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@ -1738,7 +1738,7 @@ exports.connect = function connect(...args) {
  if (!options.keepAlive)
    options.singleUse = true;

-  assert(typeof options.checkServerIdentity === 'function');
+  validateFunction(options.checkServerIdentity, 'options.checkServerIdentity');
  assert(typeof options.minDHSize === 'number',
         'options.minDHSize is not a number: ' + options.minDHSize);
  assert(options.minDHSize > 0,
--- a/test/parallel/test-tls-basic-validations.js
+++ b/test/parallel/test-tls-basic-validations.js
@ -135,3 +135,12 @@ assert.throws(() => { tls.createSecureContext({ maxVersion: 'fhqwhgads' }); },
                code: 'ERR_TLS_INVALID_PROTOCOL_VERSION',
                name: 'TypeError'
              });
+
+for (const checkServerIdentity of [undefined, null, 1, true]) {
+  assert.throws(() => {
+    tls.connect({ checkServerIdentity });
+  }, {
+    code: 'ERR_INVALID_ARG_TYPE',
+    name: 'TypeError',
+  });
+}