tls: make rejectUnauthorized default to true

rejectUnauthorized used to be false when the property was undefined or null, quietly allowing client connections for which certificates have been requested (requestCert is true) even when the client certificate was not authorized (signed by a trusted CA). Change this so rejectUnauthorized is always true unless it is explicitly set to false. PR-URL: https://github.com/nodejs/node/pull/5923 Reviewed-By: Sam Roberts <vieuxtech@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Colin Ihrig <cjihrig@gmail.com>
author: ghaiklor <ghaiklor@gmail.com> 2016-03-27 16:09:08 +0300
committer: Sam Roberts <vieuxtech@gmail.com> 2017-03-23 13:27:56 -0700
commit: 348cc80a3cbf0f4271ed30418c6ed661bdeede7b (patch)
tree: bea162fc8348e8812d9fec540c3f9bea8013c5ee /test/parallel/test-https-foafssl.js
parent: ee19e2923acc806fc37cabceb03460fb88c95def (diff)
download: node-new-348cc80a3cbf0f4271ed30418c6ed661bdeede7b.tar.gz
1 files changed, 2 insertions, 1 deletions
diff --git a/test/parallel/test-https-foafssl.js b/test/parallel/test-https-foafssl.js
index 8b711b81fe..661b196152 100644
--- a/test/parallel/test-https-foafssl.js
+++ b/test/parallel/test-https-foafssl.js
@@ -42,7 +42,8 @@ const https = require('https');
 const options = {
   key: fs.readFileSync(common.fixturesDir + '/agent.key'),
   cert: fs.readFileSync(common.fixturesDir + '/agent.crt'),
-  requestCert: true
+  requestCert: true,
+  rejectUnauthorized: false
 };
 
 const modulus = 'A6F44A9C25791431214F5C87AF9E040177A8BB89AC803F7E09BBC3A5519F' +
author	ghaiklor <ghaiklor@gmail.com>	2016-03-27 16:09:08 +0300
committer	Sam Roberts <vieuxtech@gmail.com>	2017-03-23 13:27:56 -0700
commit	348cc80a3cbf0f4271ed30418c6ed661bdeede7b (patch)
tree	bea162fc8348e8812d9fec540c3f9bea8013c5ee /test/parallel/test-https-foafssl.js
parent	ee19e2923acc806fc37cabceb03460fb88c95def (diff)
download	node-new-348cc80a3cbf0f4271ed30418c6ed661bdeede7b.tar.gz