From ece2a3de5b19588160634452638aa656218853c5 Mon Sep 17 00:00:00 2001
From: Evan <96965321+0xIchigo@users.noreply.github.com>
Date: Mon, 14 Aug 2023 20:11:12 -0400
Subject: fix(ext/net): implement a graceful error on an invalid SSL
 certificate (#20157)

The goal of this PR is to address issue #19520 where Deno panics when
encountering an invalid SSL certificate.

This PR achieves that goal by removing an `.expect()` statement and
implementing a match statement on `tsl_config` (found in
[/ext/net/ops_tsl.rs](https://github.com/denoland/deno/blob/e071382768fa57b5288a6a5ba90e73bf5870b169/ext/net/ops_tls.rs#L1058))
to check whether the desired configuration is valid

---------

Co-authored-by: Matt Mastracci <matthew@mastracci.com>
---
 ext/net/ops_tls.rs | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'ext/net')

diff --git a/ext/net/ops_tls.rs b/ext/net/ops_tls.rs
index ac9c80f7a..7b1cb4e0a 100644
--- a/ext/net/ops_tls.rs
+++ b/ext/net/ops_tls.rs
@@ -1055,7 +1055,13 @@ where
     .with_safe_defaults()
     .with_no_client_auth()
     .with_single_cert(cert_chain, key_der)
-    .expect("invalid key or certificate");
+    .map_err(|e| {
+      custom_error(
+        "InvalidData",
+        format!("Error creating TLS certificate: {:?}", e),
+      )
+    })?;
+
   if let Some(alpn_protocols) = args.alpn_protocols {
     tls_config.alpn_protocols =
       alpn_protocols.into_iter().map(|s| s.into_bytes()).collect();
-- 
cgit v1.2.3