Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Commit 9f9355d

Browse filesBrowse files
davisokothtargos
davisokoth
authored and
targos
committed
doc: fix inconsistent documentation (host vs hostname)
Update reference to read `hostname` instead of `host` for consistency. Also update function signature to use `hostname` rather than `host` PR-URL: #20933 Refs: #20892 Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com> Reviewed-By: Anatoli Papirovski <apapirovski@mac.com> Reviewed-By: Trivikram Kamat <trivikr.dev@gmail.com> Reviewed-By: Luigi Pinca <luigipinca@gmail.com> Backport-PR-URL: #21172
1 parent ba17c9e commit 9f9355d
Copy full SHA for 9f9355d

File tree

Expand file treeCollapse file tree

2 files changed

+15
-14
lines changed
Open diff view settings
Filter options
Expand file treeCollapse file tree

2 files changed

+15
-14
lines changed
Open diff view settings
Collapse file

‎doc/api/tls.md‎

Copy file name to clipboardExpand all lines: doc/api/tls.md
+4-4Lines changed: 4 additions & 4 deletions
  • Display the source diff
  • Display the rich diff
Original file line numberDiff line numberDiff line change
@@ -358,7 +358,7 @@ added: v0.5.3
358358
`cert`, `ca`, etc).
359359

360360
The `server.addContext()` method adds a secure context that will be used if
361-
the client request's SNI hostname matches the supplied `hostname` (or wildcard).
361+
the client request's SNI name matches the supplied `hostname` (or wildcard).
362362

363363
### server.address()
364364
<!-- YAML
@@ -796,17 +796,17 @@ and their processing can be delayed due to packet loss or reordering. However,
796796
smaller fragments add extra TLS framing bytes and CPU overhead, which may
797797
decrease overall server throughput.
798798

799-
## tls.checkServerIdentity(host, cert)
799+
## tls.checkServerIdentity(hostname, cert)
800800
<!-- YAML
801801
added: v0.8.4
802802
-->
803803

804-
* `host` {string} The hostname to verify the certificate against
804+
* `hostname` {string} The hostname to verify the certificate against
805805
* `cert` {Object} An object representing the peer's certificate. The returned
806806
object has some properties corresponding to the fields of the certificate.
807807
* Returns: {Error|undefined}
808808

809-
Verifies the certificate `cert` is issued to host `host`.
809+
Verifies the certificate `cert` is issued to `hostname`.
810810

811811
Returns {Error} object, populating it with the reason, host, and cert on
812812
failure. On success, returns {undefined}.
Collapse file

‎lib/tls.js‎

Copy file name to clipboardExpand all lines: lib/tls.js
+11-10Lines changed: 11 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -169,14 +169,14 @@ function check(hostParts, pattern, wildcards) {
169169
return true;
170170
}
171171

172-
exports.checkServerIdentity = function checkServerIdentity(host, cert) {
172+
exports.checkServerIdentity = function checkServerIdentity(hostname, cert) {
173173
const subject = cert.subject;
174174
const altNames = cert.subjectaltname;
175175
const dnsNames = [];
176176
const uriNames = [];
177177
const ips = [];
178178

179-
host = '' + host;
179+
hostname = '' + hostname;
180180

181181
if (altNames) {
182182
for (const name of altNames.split(', ')) {
@@ -194,14 +194,14 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
194194
let valid = false;
195195
let reason = 'Unknown reason';
196196

197-
if (net.isIP(host)) {
198-
valid = ips.includes(canonicalizeIP(host));
197+
if (net.isIP(hostname)) {
198+
valid = ips.includes(canonicalizeIP(hostname));
199199
if (!valid)
200-
reason = `IP: ${host} is not in the cert's list: ${ips.join(', ')}`;
200+
reason = `IP: ${hostname} is not in the cert's list: ${ips.join(', ')}`;
201201
// TODO(bnoordhuis) Also check URI SANs that are IP addresses.
202202
} else if (subject) {
203-
host = unfqdn(host); // Remove trailing dot for error messages.
204-
const hostParts = splitHost(host);
203+
hostname = unfqdn(hostname); // Remove trailing dot for error messages.
204+
const hostParts = splitHost(hostname);
205205
const wildcard = (pattern) => check(hostParts, pattern, true);
206206
const noWildcard = (pattern) => check(hostParts, pattern, false);
207207

@@ -215,11 +215,12 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
215215
valid = wildcard(cn);
216216

217217
if (!valid)
218-
reason = `Host: ${host}. is not cert's CN: ${cn}`;
218+
reason = `Host: ${hostname}. is not cert's CN: ${cn}`;
219219
} else {
220220
valid = dnsNames.some(wildcard) || uriNames.some(noWildcard);
221221
if (!valid)
222-
reason = `Host: ${host}. is not in the cert's altnames: ${altNames}`;
222+
reason =
223+
`Host: ${hostname}. is not in the cert's altnames: ${altNames}`;
223224
}
224225
} else {
225226
reason = 'Cert is empty';
@@ -228,7 +229,7 @@ exports.checkServerIdentity = function checkServerIdentity(host, cert) {
228229
if (!valid) {
229230
const err = new ERR_TLS_CERT_ALTNAME_INVALID(reason);
230231
err.reason = reason;
231-
err.host = host;
232+
err.host = hostname;
232233
err.cert = cert;
233234
return err;
234235
}

0 commit comments

Comments
0 (0)
Morty Proxy This is a proxified and sanitized view of the page, visit original site.