Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Panic on invalid SSL certificate #19520

Closed
yolio2003 opened this issue Jun 15, 2023 · 4 comments
Closed

Panic on invalid SSL certificate #19520

yolio2003 opened this issue Jun 15, 2023 · 4 comments
Labels
bug Something isn't working correctly good first issue Good for newcomers

Comments

@yolio2003
Copy link 

app.listen({
  port: 2003,
  secure: true,
  certFile: './local/ssl.crt',
  keyFile: './local/ssl.key',
})

Deno has panicked. This is a bug in Deno. Please report this
at https://github.com/denoland/deno/issues/new.
If you can reliably reproduce this panic, include the
reproduction steps and re-run with the RUST_BACKTRACE=1 env
var set and include the backtrace in your report.

Platform: macos aarch64
Version: 1.34.2
Args: ["/opt/homebrew/bin/deno", "run", "--allow-net", "--allow-read", "--allow-write", "--watch", "./local/index.ts"]

thread 'main' panicked at 'invalid key or certificate: General("invalid private key")', /private/tmp/deno-20230609-9231-3igdr4/deno/ext/net/ops_tls.rs:1060:6
stack backtrace:
   0: _rust_begin_unwind
   1: core::panicking::panic_fmt
   2: core::result::unwrap_failed
   3: deno_net::ops_tls::op_net_listen_tls::v8_func
   4: deno_net::ops_tls::op_net_listen_tls::v8_fn_ptr
note: Some details are omitted, run with `RUST_BACKTRACE=full` for a verbose backtrace.
@bartlomieju bartlomieju added bug Something isn't working correctly good first issue Good for newcomers labels Jun 15, 2023
@bartlomieju
Copy link
Member

We shouldn't panic in this case, but return a graceful error.

@bartlomieju bartlomieju changed the title face error when i want use https server. Panic on invalid SSL certificate Jun 15, 2023
@jakecorrenti
Copy link

I'll give this a shot

@tjcrowder tjcrowder mentioned this issue Jun 30, 2023
Open
@fbaltor
Copy link
Contributor

fbaltor commented Jul 18, 2023

Hey, @yolio2003, but what is this app in the code example? I couldn't find any listen methods with the mentioned signature in the Deno namespace or in the deno_std...

@0xIchigo 0xIchigo mentioned this issue Aug 14, 2023
Merged
mmastrac added a commit that referenced this issue Aug 15, 2023
@0xIchigo @mmastrac
fix(ext/net): implement a graceful error on an invalid SSL certificate (
ece2a3d 
#20157)

The goal of this PR is to address issue #19520 where Deno panics when
encountering an invalid SSL certificate.

This PR achieves that goal by removing an `.expect()` statement and
implementing a match statement on `tsl_config` (found in
[/ext/net/ops_tsl.rs](https://github.com/denoland/deno/blob/e071382768fa57b5288a6a5ba90e73bf5870b169/ext/net/ops_tls.rs#L1058))
to check whether the desired configuration is valid

---------

Co-authored-by: Matt Mastracci <[email protected]>
@0xIchigo
Copy link
Contributor

Fixed with PR #20157 🔥

littledivy pushed a commit to littledivy/deno that referenced this issue Aug 21, 2023
@0xIchigo @mmastrac @littledivy
fix(ext/net): implement a graceful error on an invalid SSL certificate (
9f761fa 
denoland#20157)

The goal of this PR is to address issue denoland#19520 where Deno panics when
encountering an invalid SSL certificate.

This PR achieves that goal by removing an `.expect()` statement and
implementing a match statement on `tsl_config` (found in
[/ext/net/ops_tsl.rs](https://github.com/denoland/deno/blob/e071382768fa57b5288a6a5ba90e73bf5870b169/ext/net/ops_tls.rs#L1058))
to check whether the desired configuration is valid

---------

Co-authored-by: Matt Mastracci <[email protected]>
littledivy pushed a commit that referenced this issue Aug 21, 2023
@0xIchigo @mmastrac @littledivy
fix(ext/net): implement a graceful error on an invalid SSL certificate (
4001fad 
#20157)

The goal of this PR is to address issue #19520 where Deno panics when
encountering an invalid SSL certificate.

This PR achieves that goal by removing an `.expect()` statement and
implementing a match statement on `tsl_config` (found in
[/ext/net/ops_tsl.rs](https://github.com/denoland/deno/blob/e071382768fa57b5288a6a5ba90e73bf5870b169/ext/net/ops_tls.rs#L1058))
to check whether the desired configuration is valid

---------

Co-authored-by: Matt Mastracci <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working correctly good first issue Good for newcomers
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@yolio2003 @fbaltor @bartlomieju @jakecorrenti @0xIchigo