tls: TLSSocket emits 'error' on handshake failure

Removes branch that would make TLSSocket emit '_tlsError' event if error occured on handshake and control was not released, as it was never happening. Added test for tls.Server to ensure it still emits 'tlsClientError' as expected. Note that 'tlsClientError' does not exist in the v4.x branch so this back-port emits 'clientError' instead. See also pull request #4557. Fixes: #8803 PR-URL: #8805 Refs: #4557 Reviewed-By: Matteo Collina <[email protected]> Reviewed-By: Fedor Indutny <[email protected]>

Author: lekoder

lib/_tls_wrap.js

@@ -463,7 +463,9 @@ TLSSocket.prototype._init = function(socket, wrap){
 
 // Destroy socket if error happened before handshake's finish
 if(!self._secureEstablished){
-self.destroy(self._tlsError(err));
+// When handshake fails control is not yet released,
+// so self._tlsError will return null instead of actual error
+self.destroy(err);
 }elseif(options.isServer&&
 rejectUnauthorized&&
 /peerdidnotreturnacertificate/.test(err.message)){

test/parallel/test-tls-server-failed-handshake-emits-clienterror.js

@@ -0,0 +1,36 @@
+'use strict';
+constcommon=require('../common');
+
+if(!common.hasCrypto){
+common.skip('missing crypto');
+return;
+}
+consttls=require('tls');
+constnet=require('net');
+constassert=require('assert');
+
+constbonkers=Buffer.alloc(1024,42);
+
+letclientErrorEmited=false;
+
+constserver=tls.createServer({})
+.listen(0,function(){
+constc=net.connect({port: this.address().port},function(){
+c.write(bonkers);
+});
+
+}).on('clientError',function(e){
+clientErrorEmited=true;
+assert.ok(einstanceofError,
+'Instance of Error should be passed to error handler');
+assert.ok(e.message.match(
+/SSLroutines:SSL23_GET_CLIENT_HELLO:unknownprotocol/),
+'Expecting SSL unknown protocol');
+});
+
+setTimeout(function(){
+server.close();
+
+assert.ok(clientErrorEmited,'clientError should be emited');
+
+},common.platformTimeout(200));

test/parallel/test-tls-socket-failed-handshake-emits-error.js

@@ -0,0 +1,38 @@
+'use strict';
+constcommon=require('../common');
+
+if(!common.hasCrypto){
+common.skip('missing crypto');
+return;
+}
+consttls=require('tls');
+constnet=require('net');
+constassert=require('assert');
+
+constbonkers=Buffer.alloc(1024,42);
+
+constserver=net.createServer(function(c){
+setTimeout(function(){
+consts=newtls.TLSSocket(c,{
+isServer: true,
+server: server
+});
+
+s.on('error',common.mustCall(function(e){
+assert.ok(einstanceofError,
+'Instance of Error should be passed to error handler');
+assert.ok(e.message.match(
+/SSLroutines:SSL23_GET_CLIENT_HELLO:unknownprotocol/),
+'Expecting SSL unknown protocol');
+}));
+
+s.on('close',function(){
+server.close();
+s.destroy();
+});
+},common.platformTimeout(200));
+}).listen(0,function(){
+constc=net.connect({port: this.address().port},function(){
+c.write(bonkers);
+});
+});