TLS connect: ECONNRESET #19456
Description
- Version: 8.9.1
- Platform: Linux TEST 4.13.0-37-generic rename node.js -> io.js #42~16.04.1-Ubuntu SMP Wed Mar 7 16:03:28 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
- Subsystem: tls
I'm attempting to create a "raw" TLS connection to a server such that I can obtain the certificate information. For the server in question, I always get ECONNRESET. However, I can openssl s_client -connect ip:port just fine.
To reproduce:
const tls = require('tls');
function main() {
const opts = {
port : 40050,
host : '10.30.3.190',
rejectUnauthorized : false,
};
const sock = tls.connect(opts, () => {
console.log(sock.getPeerCertificate());
});
sock.setEncoding('utf8');
sock.on('error', err => {
console.log('ERROR:');
console.log(err); // ECONNRESET
});
}
main();
Example with debug:
NET 6236: pipe false undefined
STREAM 6236: read 0
STREAM 6236: need readable false
STREAM 6236: length less than watermark true
STREAM 6236: do read
NET 6236: _read
NET 6236: _read wait for connection
NET 6236: afterConnect
TLS 6236: start
NET 6236: _read
NET 6236: Socket._read readStart
STREAM 6236: read 0
STREAM 6236: need readable true
STREAM 6236: length less than watermark true
STREAM 6236: reading or ended false
NET 6236: onread -4095
NET 6236: EOF
STREAM 6236: emitReadable null
STREAM 6236: emit readable
STREAM 6236: flow null
NET 6236: onSocketEnd ReadableState {
objectMode: false,
highWaterMark: 16384,
buffer: BufferList { head: null, tail: null, length: 0 },
length: 0,
pipes: null,
pipesCount: 0,
flowing: null,
ended: true,
endEmitted: false,
reading: false,
sync: false,
needReadable: false,
emittedReadable: true,
readableListening: false,
resumeScheduled: false,
destroyed: false,
defaultEncoding: 'utf8',
awaitDrain: 0,
readingMore: false,
decoder:
StringDecoder {
encoding: 'utf8',
fillLast: [Function: utf8FillLast],
lastNeed: 0,
lastTotal: 0,
lastChar: <Buffer 98 20 1c 02> },
encoding: 'utf8' }
STREAM 6236: read 0
NET 6236: onSocketFinish
NET 6236: oSF: ended, destroy ReadableState {
objectMode: false,
highWaterMark: 16384,
buffer: BufferList { head: null, tail: null, length: 0 },
length: 0,
pipes: null,
pipesCount: 0,
flowing: null,
ended: true,
endEmitted: false,
reading: false,
sync: false,
needReadable: false,
emittedReadable: true,
readableListening: false,
resumeScheduled: false,
destroyed: false,
defaultEncoding: 'utf8',
awaitDrain: 0,
readingMore: false,
decoder:
StringDecoder {
encoding: 'utf8',
fillLast: [Function: utf8FillLast],
lastNeed: 0,
lastTotal: 0,
lastChar: <Buffer 98 20 1c 02> },
encoding: 'utf8' }
NET 6236: destroy
NET 6236: close
NET 6236: close handle
ERROR:
{ Error: socket hang up
at TLSSocket.onHangUp (_tls_wrap.js:1135:19)
at Object.onceWrapper (events.js:313:30)
at emitNone (events.js:111:20)
at TLSSocket.emit (events.js:208:7)
at endReadableNT (_stream_readable.js:1056:12)
at _combinedTickCallback (internal/process/next_tick.js:138:11)
at process._tickCallback (internal/process/next_tick.js:180:9)
code: 'ECONNRESET',
path: undefined,
host: '10.30.3.190',
port: 40050,
localAddress: undefined }
NET 6236: emit close
One more tid-bit of information: Given the code above but with a different port/host (e.g. 443/www.google.com) works fine.