[PATCH] lib: add TLSSocket default error handler

This prevents the server from crashing due to an unhandled rejection
when a TLSSocket connection is abruptly destroyed during initialization
and the user has not attached an error handler to the socket.
e.g:

```js
const server = http2.createSecureServer({ ... })
server.on('secureConnection', socket => {
  socket.on('error', err => {
    console.log(err)
  })
})
```

PR-URL: https://github.com/nodejs-private/node-private/pull/797
Fixes: https://github.com/nodejs/node/issues/44751
Refs: https://hackerone.com/bugs?subject=nodejs&report_id=3262404
Reviewed-By: Matteo Collina <matteo.collina@gmail.com>
Reviewed-By: Anna Henningsen <anna@addaleax.net>
CVE-ID: CVE-2025-59465

Gbp-Pq: Topic sec
Gbp-Pq: Name 34-lib-add-tlssocket-default-error-handler.patch

diff --git a/lib/_tls_wrap.js b/lib/_tls_wrap.js
index c3e48a6cbc81aefb29fc8bb81c7a97789bac50fc..d9c7e32174d5580d5a94de4ab6d3671caf4dc01d 100644 (file)
--- a/lib/_tls_wrap.js
+++ b/lib/_tls_wrap.js
@@ -1268,6 +1268,7 @@ function tlsConnectionListener(rawSocket) {
   socket[kErrorEmitted] = false;
   socket.on('close', onSocketClose);
   socket.on('_tlsError', onSocketTLSError);
+  socket.on('error', onSocketTLSError);
 }
 
 // AUTHENTICATION MODES