grpc
/
grpc-node
mirror of https://github.com/grpc/grpc-node.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

grpc-js: Don't check authorized when rejectUnauthorized is false

This commit is contained in:
Michael Lumish 2025-03-20 17:17:17 -07:00
parent 5572bbd432
commit 18fddad85e
2 changed files with 11 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
packages/grpc-js/src/channel-credentials.ts
View File

@ -268,7 +268,7 @@ class SecureConnectorImpl implements SecureConnector {
};
return new Promise<SecureConnectResult>((resolve, reject) => {
const tlsSocket = tlsConnect(tlsConnectOptions, () => {
if (!tlsSocket.authorized) {
if ((this.connectionOptions.rejectUnauthorized ?? true) && !tlsSocket.authorized) {
reject(tlsSocket.authorizationError);
return;
}
@ -364,7 +364,7 @@ class CertificateProviderChannelCredentialsImpl extends ChannelCredentials {
const tlsSocket = tlsConnect(tlsConnectOptions, () => {
tlsSocket.removeListener('close', closeCallback);
tlsSocket.removeListener('error', errorCallback);
if (!tlsSocket.authorized) {
if ((this.parent.verifyOptions.rejectUnauthorized ?? true) && !tlsSocket.authorized) {
reject(tlsSocket.authorizationError);
return;
}

9
packages/grpc-js/test/test-channel-credentials.ts
View File

@ -218,6 +218,15 @@ describe('ChannelCredentials usage', () => {
}
);
});
it('Should accept self-signed certs with acceptUnauthorized', done => {
const client = new echoService(`localhost:${portNum}`, grpc.credentials.createSsl(null, null, null, {rejectUnauthorized: false}));
client.echo({ value: 'test value', value2: 3 }, (error: ServiceError | null, response: any) => {
client.close();
assert.ifError(error);
assert.deepStrictEqual(response, { value: 'test value', value2: 3 });
done();
});
});
});
describe('Channel credentials mtls', () => {