Fix make serverName mandatory and check for empty serverName.

2019-10-16 09:07:46 +03:00 · 2019-10-16 09:07:46 +03:00 · d008fa2087
parent a92ad6d2d2
commit d008fa2087
2 changed files with 6 additions and 17 deletions
--- a/chronos/streams/tlsstream.nim
+++ b/chronos/streams/tlsstream.nim
@ -113,20 +113,6 @@ template newTLSStreamProtocolError[T](message: T): ref Exception =
 proc raiseTLSStreamProtoError*[T](message: T) =
  raise newTLSStreamProtocolError(message)

-# proc getStringState*(state: cuint): string =
-#   var n = newSeq[string]()
-#   if (state and SSL_CLOSED) == SSL_CLOSED:
-#     n.add("Closed")
-#   if (state and SSL_SENDREC) == SSL_SENDREC:
-#     n.add("SendRec")
-#   if (state and SSL_RECVREC) == SSL_RECVREC:
-#     n.add("RecvRec")
-#   if (state and SSL_SENDAPP) == SSL_SENDAPP:
-#     n.add("SendApp")
-#   if (state and SSL_RECVAPP) == SSL_RECVAPP:
-#     n.add("RecvApp")
-#   result = "{" & n.join(", ") & "} number (" & $state & ")"
-
 proc tlsWriteLoop(stream: AsyncStreamWriter) {.async.} =
  var wstream = cast[TLSStreamWriter](stream)
  var engine: ptr SslEngineContext
@ -314,7 +300,7 @@ proc getSignerAlgo(xc: X509Certificate): int =

 proc newTLSClientAsyncStream*(rsource: AsyncStreamReader,
                              wsource: AsyncStreamWriter,
-                              serverName: string = "",
+                              serverName: string,
                              bufferSize = SSL_BUFSIZE_BIDI,
                              minVersion = TLSVersion.TLS11,
                              maxVersion = TLSVersion.TLS12,
@ -374,6 +360,9 @@ proc newTLSClientAsyncStream*(rsource: AsyncStreamReader,
    if err == 0:
      raise newException(TLSStreamError, "Could not initialize TLS layer")
  else:
+    if len(serverName) == 0:
+      raise newException(TLSStreamError, "serverName must not be empty string")
+
    let err = sslClientReset(addr result.ccontext, serverName, 0)
    if err == 0:
      raise newException(TLSStreamError, "Could not initialize TLS layer")
--- a/tests/testasyncstream.nim
+++ b/tests/testasyncstream.nim
@ -634,8 +634,8 @@ suite "TLSStream test suite":
    var creader = newAsyncStreamReader(conn)
    var cwriter = newAsyncStreamWriter(conn)
    # We are using self-signed certificate
-    var cstream = newTLSClientAsyncStream(creader, cwriter,
-                                          flags = {NoVerifyHost})
+    let flags = {NoVerifyHost, NoVerifyServerName}
+    var cstream = newTLSClientAsyncStream(creader, cwriter, "", flags = flags)
    let res = await cstream.reader.readLine()
    await cstream.reader.closeWait()
    await cstream.writer.closeWait()