diff options
| -rw-r--r-- | cli/tests/unit/tls_test.ts | 2 | ||||
| -rw-r--r-- | core/error.rs | 4 | ||||
| -rw-r--r-- | op_crates/websocket/lib.rs | 5 | ||||
| -rw-r--r-- | runtime/ops/tls.rs | 21 |
4 files changed, 19 insertions, 13 deletions
diff --git a/cli/tests/unit/tls_test.ts b/cli/tests/unit/tls_test.ts index fa869037e..0528c8043 100644 --- a/cli/tests/unit/tls_test.ts +++ b/cli/tests/unit/tls_test.ts @@ -32,7 +32,7 @@ unitTest( await assertThrowsAsync(async () => { await Deno.connectTls({ hostname: "127.0.0.1", port: 3567 }); - }, Error); + }, TypeError); listener.close(); }, diff --git a/core/error.rs b/core/error.rs index a269d637f..65e2e8da4 100644 --- a/core/error.rs +++ b/core/error.rs @@ -36,6 +36,10 @@ pub fn type_error(message: impl Into<Cow<'static, str>>) -> AnyError { custom_error("TypeError", message) } +pub fn invalid_hostname(hostname: &str) -> AnyError { + type_error(format!("Invalid hostname: '{}'", hostname)) +} + pub fn uri_error(message: impl Into<Cow<'static, str>>) -> AnyError { custom_error("URIError", message) } diff --git a/op_crates/websocket/lib.rs b/op_crates/websocket/lib.rs index daf61a908..a2454b8e3 100644 --- a/op_crates/websocket/lib.rs +++ b/op_crates/websocket/lib.rs @@ -1,6 +1,7 @@ // Copyright 2018-2021 the Deno authors. All rights reserved. MIT license. use deno_core::error::bad_resource_id; +use deno_core::error::invalid_hostname; use deno_core::error::null_opbuf; use deno_core::error::type_error; use deno_core::error::AnyError; @@ -175,8 +176,8 @@ where } let tls_connector = TlsConnector::from(Arc::new(config)); - let dnsname = - DNSNameRef::try_from_ascii_str(&domain).expect("Invalid DNS lookup"); + let dnsname = DNSNameRef::try_from_ascii_str(domain) + .map_err(|_| invalid_hostname(domain))?; let tls_socket = tls_connector.connect(dnsname, tcp_socket).await?; MaybeTlsStream::Rustls(tls_socket) } diff --git a/runtime/ops/tls.rs b/runtime/ops/tls.rs index 10293cf92..0dbf35cc4 100644 --- a/runtime/ops/tls.rs +++ b/runtime/ops/tls.rs @@ -13,6 +13,7 @@ use deno_core::error::bad_resource; use deno_core::error::bad_resource_id; use deno_core::error::custom_error; use deno_core::error::generic_error; +use deno_core::error::invalid_hostname; use deno_core::error::AnyError; use deno_core::AsyncRefCell; use deno_core::CancelHandle; @@ -139,8 +140,8 @@ async fn op_start_tls( } let tls_connector = TlsConnector::from(Arc::new(config)); - let dnsname = DNSNameRef::try_from_ascii_str(&domain) - .map_err(|_| generic_error("Invalid DNS lookup"))?; + let dnsname = DNSNameRef::try_from_ascii_str(domain) + .map_err(|_| invalid_hostname(domain))?; let tls_stream = tls_connector.connect(dnsname, tcp_stream).await?; let rid = { @@ -169,20 +170,22 @@ async fn op_connect_tls( ) -> Result<OpConn, AnyError> { assert_eq!(args.transport, "tcp"); + let mut domain = args.hostname.as_str(); + if domain.is_empty() { + domain = "localhost"; + } { let mut s = state.borrow_mut(); let permissions = s.borrow_mut::<Permissions>(); - permissions.net.check(&(&args.hostname, Some(args.port)))?; + permissions.net.check(&(domain, Some(args.port)))?; if let Some(path) = &args.cert_file { permissions.read.check(Path::new(&path))?; } } - let mut domain = args.hostname.as_str(); - if domain.is_empty() { - domain = "localhost"; - } - let addr = resolve_addr(&args.hostname, args.port) + let dnsname = DNSNameRef::try_from_ascii_str(domain) + .map_err(|_| invalid_hostname(domain))?; + let addr = resolve_addr(domain, args.port) .await? .next() .ok_or_else(|| generic_error("No resolved address found"))?; @@ -200,8 +203,6 @@ async fn op_connect_tls( config.root_store.add_pem_file(reader).unwrap(); } let tls_connector = TlsConnector::from(Arc::new(config)); - let dnsname = DNSNameRef::try_from_ascii_str(&domain) - .map_err(|_| generic_error("Invalid DNS lookup"))?; let tls_stream = tls_connector.connect(dnsname, tcp_stream).await?; let rid = { let mut state_ = state.borrow_mut(); |