mirror of
https://github.com/oven-sh/bun
synced 2026-02-09 10:28:47 +00:00
48ff4f6752
Fixes #16254 When using mTLS (mutual TLS) with Node.js-compatible HTTPS servers, `req.socket.authorized` was always `undefined` instead of a boolean, preventing proper client certificate authentication. This change: - Adds the `authorized` getter to `JSNodeHTTPServerSocketPrototype.cpp` to expose it to JavaScript - Updates `JSNodeHTTPServerSocket::isAuthorized()` to query the TLS verification status directly from OpenSSL via `us_socket_verify_error()` - Updates `HttpContext.h` to set `isAuthorized` based on both handshake success AND certificate verification (verify_error.error == 0) - Adds the `authorized` getter to `NodeHTTPServerSocket` in `_http_server.ts` and `FakeSocket` for completeness - Adds the `authorizationError` property to both socket types The `authorized` property now correctly returns: - `true` when `requestCert: true` and the client certificate is valid - `false` when no client certificate is provided or verification fails Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>