Fix server identity check

sidorares · Oct 19, 2023 · 31fa834 · 31fa834
1 parent fa47d0b
commit 31fa834
Showing 1 changed file with 7 additions and 12 deletions.
diff --git a/lib/connection.js b/lib/connection.js
@@ -365,19 +365,14 @@ class Connection extends EventEmitter {
       secureContext,
       isServer: false,
       socket: this.stream,
-      servername
-    }, () => {
-      secureEstablished = true;
-      if (rejectUnauthorized) {
-        if (typeof servername === 'string' && verifyIdentity) {
-          const cert = secureSocket.getPeerCertificate(true);
-          const serverIdentityCheckError = Tls.checkServerIdentity(servername, cert);
-          if (serverIdentityCheckError) {
-            onSecure(serverIdentityCheckError);
-            return;
-          }
+      servername,
+      checkServerIdentity: (servername, cert) => {
+        if (rejectUnauthorized && typeof servername === 'string' && verifyIdentity) {
+          return Tls.checkServerIdentity(servername, cert);
         }
       }
+    }, () => {
+      secureEstablished = true;
       onSecure();
     });
     // error handler for secure socket
@@ -408,7 +403,7 @@ class Connection extends EventEmitter {
     err.code = code || 'PROTOCOL_ERROR';
     this.emit('error', err);
   }
-  
+
   get fatalError() {
     return this._fatalError;
   }