1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-21 13:00:36 -05:00
A modern runtime for JavaScript and TypeScript. https://deno.com/
Find a file
Max Goodhart 2235a1a359
fix(node/tls): fix NotValidForName for host set via socket / servername (#21441)
This PR is an attempt to fix
https://github.com/denoland/deno/issues/20293, in which node modules
connecting to databases fail due to TLS errors. I ran into this
attempting to use
[node-postgres](https://github.com/brianc/node-postgres) to connect to a
[Neon](https://neon.tech) database.

Investigating via `--inspect-brk` led me to notice that the hostname
eventually passed to `Deno.startTls` was null. The hostname is
determined by the following code:


f6b889b432/ext/node/polyfills/_tls_wrap.ts (L87-L89)

This logic doesn't appear to be correct. I couldn't find reference to
`servername` existing on the `secureContext` in either Node's or Deno's
docs. There's a lot of scope here, and it's my first time reading
through this code, so I could be missing something!

Node uses [the following
logic](2e458d9736/lib/_tls_wrap.js (L1679-L1682)
) to determine the hostname for certificate validation:
 
```
    const hostname = options.servername ||
                   options.host ||
                   (options.socket && options.socket._host) ||
                   'localhost';
```

This PR updates the `TLSSocket` polyfill to use behave similarly (though
I omitted the default to `localhost` at the end; I'm not sure if
including it is necessary or correct). With this change, `node-postgres`
connects to my TLS endpoint successfully (aside: Neon requires SNI,
which also works as expected).

---

I tried to update the tests in
https://github.com/denoland/deno/blob/main/cli/tests/unit_node/tls_test.ts
to exercise this change, but the test fails for me on `main` on Linux. I
investigated briefly and noticed that the test fixture
`cli/tests/testdata/tls/localhost.crt` doesn't appear to include the
`subjectAltName` specified in `domains.txt`. I believe the certificate
isn't matching `localhost`, but that's where I ended investigating.
2023-12-08 03:53:36 +00:00
.cargo chore: Add a local-build.toml to make downstream packaging from sourc… (#20236) 2023-08-24 08:46:57 -06:00
.devcontainer fix(devcontainer): Add build deps and update extension in devcontainer (#20467) 2023-09-12 15:33:07 +00:00
.github chore: bump rust to 1.74.1 (#21499) 2023-12-07 22:10:32 +01:00
bench_util chore: forward v1.38.5 release commit to main (#21472) 2023-12-06 00:53:16 +00:00
cli fix: add more warnings when using sloppy imports (#21503) 2023-12-07 22:35:53 -05:00
ext fix(node/tls): fix NotValidForName for host set via socket / servername (#21441) 2023-12-08 03:53:36 +00:00
runtime refactor: pull 'core', 'internals', 'primordials' from ES module (#21462) 2023-12-07 14:21:01 +01:00
test_ffi chore: update std to 0.208.0 (#21318) 2023-12-02 03:20:06 +01:00
test_napi chore: update std to 0.208.0 (#21318) 2023-12-02 03:20:06 +01:00
test_util feat(unstable): kv.watch() (#21147) 2023-12-05 21:21:46 +08:00
tools feat(ext/web): add ImageData Web API (#21183) 2023-12-06 14:20:28 +01:00
.dlint.json chore: update dlint to v0.37.0 for GitHub Actions (#17295) 2023-01-16 17:17:18 +01:00
.dprint.json fix(fmt): remove trailing comma for single type param in default export in jsx (#21425) 2023-12-01 14:50:38 -05:00
.editorconfig editorconfig: Don't insert final newline in .out files (#1686) 2019-02-07 11:31:49 -05:00
.gitattributes fix(test): support typechecking docs with CRLF line endings (#12748) 2021-11-15 09:58:04 -05:00
.gitignore feat: Add "deno jupyter" subcommand (#20337) 2023-09-16 02:42:09 +02:00
.gitmodules chore: remove third_party submodule (#20201) 2023-08-19 09:56:12 +05:30
.rustfmt.toml chore: update copyright year to 2023 (#17247) 2023-01-02 21:00:42 +00:00
Cargo.lock chore: update deno_core (#21487) 2023-12-07 14:07:53 +01:00
Cargo.toml chore: update deno_core (#21487) 2023-12-07 14:07:53 +01:00
LICENSE.md chore: update copyright year to 2023 (#17247) 2023-01-02 21:00:42 +00:00
README.md chore: Fix typo in README (#21354) 2023-11-27 21:43:35 +00:00
Releases.md chore: forward v1.38.5 release commit to main (#21472) 2023-12-06 00:53:16 +00:00
rust-toolchain.toml chore: bump rust to 1.74.1 (#21499) 2023-12-07 22:10:32 +01:00

Deno

Twitter badge Discord badge YouTube badge

the deno mascot dinosaur standing in the rain

Deno (/ˈdiːnoʊ/, pronounced dee-no) is a JavaScript, TypeScript, and WebAssembly runtime with secure defaults and a great developer experience. It's built on V8, Rust, and Tokio.

Learn more about the Deno runtime in the documentation.

Installation

Install the Deno runtime on your system using one of the commands below. Note that there are a number of ways to install Deno - a comprehensive list of installation options can be found here.

Shell (Mac, Linux):

curl -fsSL https://deno.land/install.sh | sh

PowerShell (Windows):

irm https://deno.land/install.ps1 | iex

Homebrew (Mac):

brew install deno

Chocolatey (Windows):

choco install deno

Build and install from source

Complete instructions for building Deno from source can be found in the manual here.

Your first Deno program

Deno can be used for many different applications, but is most commonly used to build web servers. Create a file called server.ts and include the following TypeScript code:

Deno.serve((_req: Request) => {
  return new Response("Hello, world!");
});

Run your server with the following command:

deno run --allow-net server.ts

This should start a local web server on http://localhost:8000.

Learn more about writing and running Deno programs in the docs.

Additional resources

Contributing

We appreciate your help! To contribute, please read our contributing instructions.