tls: add unsupported renegotiation error

panva · aduh95 · commit 94e5f63b8386 · 2026-06-18T00:15:50.000+02:00
Map BoringSSL's native renegotiation failure to ERR_TLS_RENEGOTIATION_UNSUPPORTED when TLSSocket#renegotiate() is called. This avoids exposing an implementation-specific OpenSSL error when the TLS backend does not support caller-initiated renegotiation. Signed-off-by: Filip Skokan <panva.ip@gmail.com> PR-URL: #63161 Reviewed-By: Tim Perry <pimterry@gmail.com> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Yagiz Nizipli <yagiz@nizipli.com>
diff --git a/doc/api/errors.md b/doc/api/errors.md
@@ -3084,6 +3084,13 @@ Failed to set PSK identity hint. Hint may be too long.
 An attempt was made to renegotiate TLS on a socket instance with renegotiation
 disabled.
 
+<a id="ERR_TLS_RENEGOTIATION_UNSUPPORTED"></a>
+
+### `ERR_TLS_RENEGOTIATION_UNSUPPORTED`
+
+An attempt was made to renegotiate TLS, but the TLS implementation does not
+support caller-initiated renegotiation.
+
 <a id="ERR_TLS_REQUIRED_SERVER_NAME"></a>
 
 ### `ERR_TLS_REQUIRED_SERVER_NAME`
diff --git a/lib/internal/errors.js b/lib/internal/errors.js
@@ -1827,6 +1827,8 @@ E('ERR_TLS_PROTOCOL_VERSION_CONFLICT',
   'TLS protocol version %j conflicts with secureProtocol %j', TypeError);
 E('ERR_TLS_RENEGOTIATION_DISABLED',
   'TLS session renegotiation disabled for this socket', Error);
+E('ERR_TLS_RENEGOTIATION_UNSUPPORTED',
+  'TLS session renegotiation is unsupported by this TLS implementation', Error);
 
 // This should probably be a `TypeError`.
 E('ERR_TLS_REQUIRED_SERVER_NAME',
diff --git a/lib/internal/tls/wrap.js b/lib/internal/tls/wrap.js
@@ -72,6 +72,7 @@ const {
     ERR_TLS_INVALID_CONTEXT,
     ERR_TLS_INVALID_STATE,
     ERR_TLS_RENEGOTIATION_DISABLED,
+    ERR_TLS_RENEGOTIATION_UNSUPPORTED,
     ERR_TLS_REQUIRED_SERVER_NAME,
     ERR_TLS_SESSION_ATTACK,
     ERR_TLS_SNI_FROM_SERVER,
@@ -1092,8 +1093,13 @@ TLSSocket.prototype.renegotiate = function(options, callback) {
   try {
     this._handle.renegotiate();
   } catch (err) {
+    const isBoringSSLRenegotiationUnsupported =
+      process.features.openssl_is_boringssl &&
+      err?.code === 'ERR_SSL_FUNCTION_SHOULD_NOT_HAVE_BEEN_CALLED';
+    const error = isBoringSSLRenegotiationUnsupported ?
+      new ERR_TLS_RENEGOTIATION_UNSUPPORTED() : err;
     if (callback) {
-      process.nextTick(callback, err);
+      process.nextTick(callback, error);
     }
     return false;
   }
diff --git a/test/parallel/test-tls-client-renegotiation-13.js b/test/parallel/test-tls-client-renegotiation-13.js
@@ -32,14 +32,22 @@ connect({
   assert.strictEqual(client.getProtocol(), 'TLSv1.3');
 
   const ok = client.renegotiate({}, common.mustCall((err) => {
-    assert.throws(() => { throw err; }, {
-      message: hasOpenSSL3 ?
-        'error:0A00010A:SSL routines::wrong ssl version' :
-        'error:1420410A:SSL routines:SSL_renegotiate:wrong ssl version',
-      code: 'ERR_SSL_WRONG_SSL_VERSION',
-      library: 'SSL routines',
-      reason: 'wrong ssl version',
-    });
+    if (process.features.openssl_is_boringssl) {
+      assert.throws(() => { throw err; }, {
+        message: 'TLS session renegotiation is unsupported by this TLS ' +
+                 'implementation',
+        code: 'ERR_TLS_RENEGOTIATION_UNSUPPORTED',
+      });
+    } else {
+      assert.throws(() => { throw err; }, {
+        message: hasOpenSSL3 ?
+          'error:0A00010A:SSL routines::wrong ssl version' :
+          'error:1420410A:SSL routines:SSL_renegotiate:wrong ssl version',
+        code: 'ERR_SSL_WRONG_SSL_VERSION',
+        library: 'SSL routines',
+        reason: 'wrong ssl version',
+      });
+    }
     cleanup();
   }));
 
