summaryrefslogtreecommitdiff
path: root/runtime/ops/tls.rs
diff options
context:
space:
mode:
Diffstat (limited to 'runtime/ops/tls.rs')
-rw-r--r--runtime/ops/tls.rs21
1 files changed, 11 insertions, 10 deletions
diff --git a/runtime/ops/tls.rs b/runtime/ops/tls.rs
index 10293cf92..0dbf35cc4 100644
--- a/runtime/ops/tls.rs
+++ b/runtime/ops/tls.rs
@@ -13,6 +13,7 @@ use deno_core::error::bad_resource;
use deno_core::error::bad_resource_id;
use deno_core::error::custom_error;
use deno_core::error::generic_error;
+use deno_core::error::invalid_hostname;
use deno_core::error::AnyError;
use deno_core::AsyncRefCell;
use deno_core::CancelHandle;
@@ -139,8 +140,8 @@ async fn op_start_tls(
}
let tls_connector = TlsConnector::from(Arc::new(config));
- let dnsname = DNSNameRef::try_from_ascii_str(&domain)
- .map_err(|_| generic_error("Invalid DNS lookup"))?;
+ let dnsname = DNSNameRef::try_from_ascii_str(domain)
+ .map_err(|_| invalid_hostname(domain))?;
let tls_stream = tls_connector.connect(dnsname, tcp_stream).await?;
let rid = {
@@ -169,20 +170,22 @@ async fn op_connect_tls(
) -> Result<OpConn, AnyError> {
assert_eq!(args.transport, "tcp");
+ let mut domain = args.hostname.as_str();
+ if domain.is_empty() {
+ domain = "localhost";
+ }
{
let mut s = state.borrow_mut();
let permissions = s.borrow_mut::<Permissions>();
- permissions.net.check(&(&args.hostname, Some(args.port)))?;
+ permissions.net.check(&(domain, Some(args.port)))?;
if let Some(path) = &args.cert_file {
permissions.read.check(Path::new(&path))?;
}
}
- let mut domain = args.hostname.as_str();
- if domain.is_empty() {
- domain = "localhost";
- }
- let addr = resolve_addr(&args.hostname, args.port)
+ let dnsname = DNSNameRef::try_from_ascii_str(domain)
+ .map_err(|_| invalid_hostname(domain))?;
+ let addr = resolve_addr(domain, args.port)
.await?
.next()
.ok_or_else(|| generic_error("No resolved address found"))?;
@@ -200,8 +203,6 @@ async fn op_connect_tls(
config.root_store.add_pem_file(reader).unwrap();
}
let tls_connector = TlsConnector::from(Arc::new(config));
- let dnsname = DNSNameRef::try_from_ascii_str(&domain)
- .map_err(|_| generic_error("Invalid DNS lookup"))?;
let tls_stream = tls_connector.connect(dnsname, tcp_stream).await?;
let rid = {
let mut state_ = state.borrow_mut();
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-31 06:52:15 +0000