From d50e8d8af9d6a7779ff1fb296d1d1f67ce121d7d Mon Sep 17 00:00:00 2001
From: Sam Roberts <vieuxtech@gmail.com>
Date: Mon, 21 Nov 2016 13:50:02 -0800
Subject: [PATCH] tls: document and test option-less createServer

Either the options or the listener argument to tls.createServer() was
optional, but not both. This makes no sense, so align the argument
checking and documentation with net.createServer(), which accepts the
same option sequence, and which tls.createServer() is modelled on.

PR-URL: https://github.com/nodejs/node/pull/9800
Reviewed-By: Roman Reiss <me@silverwind.io>
Reviewed-By: Michael Dawson <michael_dawson@ca.ibm.com>
---
 doc/api/tls.md                             |  2 +-
 lib/_tls_wrap.js                           | 17 +++++++++--------
 test/parallel/test-tls-no-cert-required.js | 19 +++++++++++++++++--
 3 files changed, 27 insertions(+), 11 deletions(-)

diff --git a/doc/api/tls.md b/doc/api/tls.md
index 488337a0764e4c..eeeb07069dcbbe 100644
--- a/doc/api/tls.md
+++ b/doc/api/tls.md
@@ -948,7 +948,7 @@ publicly trusted list of CAs as given in
 <http://mxr.mozilla.org/mozilla/source/security/nss/lib/ckfw/builtins/certdata.txt>.
 
 
-## tls.createServer(options[, secureConnectionListener])
+## tls.createServer([options][, secureConnectionListener])
 <!-- YAML
 added: v0.3.2
 -->
diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index c3ed32ada52c46..cf40618aa32b3d 100644
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -745,18 +745,19 @@ TLSSocket.prototype.getProtocol = function() {
 //   "PATH_LENGTH_EXCEEDED", "INVALID_PURPOSE" "CERT_UNTRUSTED",
 //   "CERT_REJECTED"
 //
-function Server(/* [options], listener */) {
-  var options, listener;
+function Server(options, listener) {
+  if (!(this instanceof Server))
+    return new Server(options, listener);
 
-  if (arguments[0] !== null && typeof arguments[0] === 'object') {
-    options = arguments[0];
-    listener = arguments[1];
-  } else if (typeof arguments[0] === 'function') {
+  if (typeof options === 'function') {
+    listener = options;
     options = {};
-    listener = arguments[0];
+  } else if (options == null || typeof options === 'object') {
+    options = options || {};
+  } else {
+    throw new TypeError('options must be an object');
   }
 
-  if (!(this instanceof Server)) return new Server(options, listener);
 
   this._contexts = [];
 
diff --git a/test/parallel/test-tls-no-cert-required.js b/test/parallel/test-tls-no-cert-required.js
index de723e73e8a335..8d907d9f8a4e06 100644
--- a/test/parallel/test-tls-no-cert-required.js
+++ b/test/parallel/test-tls-no-cert-required.js
@@ -1,4 +1,5 @@
 'use strict';
+var assert = require('assert');
 var common = require('../common');
 
 if (!common.hasCrypto) {
@@ -10,6 +11,20 @@ var tls = require('tls');
 // Omitting the cert or pfx option to tls.createServer() should not throw.
 // AECDH-NULL-SHA is a no-authentication/no-encryption cipher and hence
 // doesn't need a certificate.
-tls.createServer({ ciphers: 'AECDH-NULL-SHA' }).listen(0, function() {
+tls.createServer({ ciphers: 'AECDH-NULL-SHA' })
+  .listen(0, common.mustCall(close));
+
+tls.createServer(assert.fail)
+  .listen(0, common.mustCall(close));
+
+tls.createServer({})
+  .listen(0, common.mustCall(close));
+
+assert.throws(() => tls.createServer('this is not valid'), TypeError);
+
+tls.createServer()
+  .listen(0, common.mustCall(close));
+
+function close() {
   this.close();
-});
+}