MCPcopy Index your code
hub / github.com/nodejs/node / onConnectSecure

Function onConnectSecure

lib/internal/tls/wrap.js:1753–1812  ·  view source on GitHub ↗
()

Source from the content-addressed store, hash-verified

1751}
1752
1753function onConnectSecure() {
1754 const options = this[kConnectOptions];
1755
1756 // Check the size of DHE parameter above minimum requirement
1757 // specified in options.
1758 const ekeyinfo = this.getEphemeralKeyInfo();
1759 if (ekeyinfo.type === 'DH' && ekeyinfo.size < options.minDHSize) {
1760 const err = new ERR_TLS_DH_PARAM_SIZE(ekeyinfo.size);
1761 debug('client emit:', err);
1762 this.emit('error', err);
1763 this.destroy();
1764 return;
1765 }
1766
1767 let verifyError = this._handle.verifyError();
1768
1769 // Verify that server's identity matches it's certificate's names
1770 // Unless server has resumed our existing session
1771 if (!verifyError && !this.isSessionReused()) {
1772 const cert = this.getPeerCertificate(true);
1773 verifyError = options.checkServerIdentity(
1774 getSessionServerIdentity(options),
1775 cert,
1776 );
1777 }
1778
1779 if (verifyError) {
1780 this.authorized = false;
1781 this.authorizationError = verifyError.code || verifyError.message;
1782
1783 // rejectUnauthorized property can be explicitly defined as `undefined`
1784 // causing the assignment to default value (`true`) fail. Before assigning
1785 // it to the tlssock connection options, explicitly check if it is false
1786 // and update rejectUnauthorized property. The property gets used by
1787 // TLSSocket connection handler to allow or reject connection if
1788 // unauthorized.
1789 // This check is potentially redundant, however it is better to keep it
1790 // in case the option object gets modified somewhere.
1791 if (options.rejectUnauthorized !== false) {
1792 this.destroy(verifyError);
1793 return;
1794 }
1795 debug('client emit secureConnect. rejectUnauthorized: %s, ' +
1796 'authorizationError: %s', options.rejectUnauthorized,
1797 this.authorizationError);
1798 } else {
1799 this.authorized = true;
1800 debug('client emit secureConnect. authorized:', this.authorized);
1801 }
1802 this.secureConnecting = false;
1803 this.emit('secureConnect');
1804
1805 this[kIsVerified] = true;
1806 const session = this[kPendingSession];
1807 this[kPendingSession] = null;
1808 if (session)
1809 this.emit('session', session);
1810

Callers

nothing calls this directly

Calls 5

getSessionServerIdentityFunction · 0.85
debugFunction · 0.50
emitMethod · 0.45
destroyMethod · 0.45
removeListenerMethod · 0.45

Tested by

no test coverage detected